Adding upstream version 1:4.5.upstream/1%4.5upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

10550 files changed, 693257 insertions, 0 deletions

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..80cc16c
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,50 @@
+*~
+lib*.a
+*.o
+*.lo
+*.la
+*.gmo
+.deps
+.libs
+
+*.patch
+*.rej
+*.orig
+
+Makefile
+Makefile.in
+
+/ABOUT-NLS
+/aclocal.m4
+/autom4te.cache
+/compile
+/config.cache
+/config.guess
+/config.h
+/config.h.in
+/config.log
+/config.rpath
+/config.status
+/config.sub
+/configure
+/depcomp
+/install-sh
+/libtool
+/ltmain.sh
+/m4
+/missing
+/stamp-h1
+/ylwrap
+
+/po/*.header
+/po/*.sed
+/po/*.sin
+/po/Makefile.in.in
+/po/Makevars.template
+/po/POTFILES
+/po/Rules-quot
+/po/stamp-po
+
+/shadow.spec
+/shadow-*.tar.*
+/libmisc/getdate.c
diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 0000000..4fe0ad2
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,20 @@
+sudo: false
+
+language: c
+
+compiler:
+  - gcc
+  - clang
+
+addons:
+  apt:
+    packages:
+      - autopoint
+      - xsltproc
+
+script:
+ - ./autogen.sh --without-selinux --disable-man
+ - grep ENABLE_ config.status
+ - make
+
+# vim:et:ts=2:sw=2
diff --git a/COPYING b/COPYING
new file mode 100644
index 0000000..88bd403
--- /dev/null
+++ b/COPYING
@@ -0,0 +1,118 @@
+NOTE:
+  This license has been obsoleted by the change to the BSD-style copyright.
+  You may continue to use this license if you wish, but you are under no
+  obligation to do so.
+
+(*
+This document is freely plagiarised from the 'Artistic Licence',
+distributed as part of the Perl v4.0 kit by Larry Wall, which is
+available from most major archive sites.  I stole it from CrackLib.
+
+	$Id$
+*)
+
+This documents purpose is to state the conditions under which this
+Package (See definition below) viz: "Shadow", the Shadow Password Suite
+which is held by Julianne Frances Haugh, may be copied, such that the
+copyright holder maintains some semblance of artistic control over the
+development of the package, while giving the users of the package the
+right to use and distribute the Package in a more-or-less customary
+fashion, plus the right to make reasonable modifications. 
+
+So there.
+
+***************************************************************************
+
+Definitions:
+
+
+A "Package" refers to the collection of files distributed by the
+Copyright Holder, and derivatives of that collection of files created
+through textual modification, or segments thereof. 
+
+"Standard Version" refers to such a Package if it has not been modified,
+or has been modified in accordance with the wishes of the Copyright
+Holder.
+
+"Copyright Holder" is whoever is named in the copyright or copyrights
+for the package.
+
+"You" is you, if you're thinking about copying or distributing this
+Package.
+
+"Reasonable copying fee" is whatever you can justify on the basis of
+media cost, duplication charges, time of people involved, and so on.
+(You will not be required to justify it to the Copyright Holder, but
+only to the computing community at large as a market that must bear the
+fee.)
+
+"Freely Available" means that no fee is charged for the item itself,
+though there may be fees involved in handling the item.  It also means
+that recipients of the item may redistribute it under the same
+conditions they received it.
+
+
+1.  You may make and give away verbatim copies of the source form of the
+Standard Version of this Package without restriction, provided that you
+duplicate all of the original copyright notices and associated
+disclaimers.
+
+2.  You may apply bug fixes, portability fixes and other modifications
+derived from the Public Domain or from the Copyright Holder.  A Package
+modified in such a way shall still be considered the Standard Version.
+
+3.  You may otherwise modify your copy of this Package in any way,
+provided that you insert a prominent notice in each changed file stating
+how and when AND WHY you changed that file, and provided that you do at
+least ONE of the following:
+
+a) place your modifications in the Public Domain or otherwise make them
+Freely Available, such as by posting said modifications to Usenet or an
+equivalent medium, or placing the modifications on a major archive site
+such as uunet.uu.net, or by allowing the Copyright Holder to include
+your modifications in the Standard Version of the Package.
+
+b) use the modified Package only within your corporation or organization.
+
+c) rename any non-standard executables so the names do not conflict with
+standard executables, which must also be provided, and provide separate
+documentation for each non-standard executable that clearly documents
+how it differs from the Standard Version.
+
+d) make other distribution arrangements with the Copyright Holder.
+
+4.  You may distribute the programs of this Package in object code or
+executable form, provided that you do at least ONE of the following:
+
+a) distribute a Standard Version of the executables and library files,
+together with instructions (in the manual page or equivalent) on where
+to get the Standard Version.
+
+b) accompany the distribution with the machine-readable source of the
+Package with your modifications.
+
+c) accompany any non-standard executables with their corresponding
+Standard Version executables, giving the non-standard executables
+non-standard names, and clearly documenting the differences in manual
+pages (or equivalent), together with instructions on where to get the
+Standard Version.
+
+d) make other distribution arrangements with the Copyright Holder.
+
+5.  You may charge a reasonable copying fee for any distribution of this
+Package.  You may charge any fee you choose for support of this Package. 
+YOU MAY NOT CHARGE A FEE FOR THIS PACKAGE ITSELF.  However, you may
+distribute this Package in aggregate with other (possibly commercial)
+programs as part of a larger (possibly commercial) software distribution
+provided that YOU DO NOT ADVERTISE this package as a product of your
+own. 
+
+6.  The name of the Copyright Holder may not be used to endorse or
+promote products derived from this software without specific prior
+written permission.
+
+7.  THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED
+WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
+MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+
+				The End
diff --git a/ChangeLog b/ChangeLog
new file mode 100644
index 0000000..f05a303
--- /dev/null
+++ b/ChangeLog
@@ -0,0 +1,15162 @@
+2016-05-17  Serge Hallyn <serge@hallyn.com>
+
+	* Release 4.5
+
+2016-05-17  Serge Hallyn <serge@hallyn.com>
+
+	* Patch from Tobias Stoeckmann fixing regression in previous CVE fix
+	  preventing SIGTERM to su from being propagated to the job.
+	* Patch from Chris Lamb making sp_lstchg shadow field reproducible.
+	* Merge Russian translation updates from Yuri Kozlov
+	* Fix missing close of subuid file on error
+
+2016-02-23  Serge Hallyn <serge@hallyn.com>
+
+	* Merge patch by Tobias Stoeckmann <tobias@stoeckmann.org> to fix
+	  the equivalent of util-linux CVE-2017-2616.
+
+2016-02-08  Serge Hallyn <serge@hallyn.com>
+
+	* Update Kazakh translations
+	* Consult configuration before calculating subuids
+	* Remove misplaced semicolon
+
+2016-01-29  Serge Hallyn <serge@hallyn.com>
+
+	* Patch from Fedora to improve performance with SSSD, Winbind,
+	  or nss_ldap. (Tomas Mraz)
+	* Make sure knowndef_table is NULL-terminated.  (Bernhard Rosenkränzer)
+
+2016-12-21  Serge Hallyn <serge@hallyn.com>
+
+	* Drop leading underscore from _COMMONIO_H and _SHADOWIO_H
+	* Fix readability in usermod error messages.
+	* Reset user in tallylog
+	* Add audit support to su
+
+2016-12-02  Serge Hallyn <serge@hallyn.com>
+
+	* changes since 4.4
+	  - Use sizeof rather than hardcoding snprintf args
+	  - Fix useradd improper default loading
+	  - Update Vietnamese translations
+	  - Update Polish translations
+	  - Remove non-POSIX chmod option in Makefile
+	  - Fix suidubins assignments
+	  - Fix --add-subuids etc spelling in manpages
+	  - Audit homedir ownership change.
+	  - Print error on selinux file context update failure
+	  - Keep original file perms when creating a backup
+
+	* (henceforth we'll update Changelog with each commit
+	  and proper credit)
+
+2016-12-02  Serge Hallyn <serge@hallyn.com>
+
+	* Changes since 4.2.1:
+	  - Documentation, error report and translations updates
+	  - Replace path_max with 32
+	  - User namespace support fixes/updates including:
+	    - Correct sanity checks in newXidmap
+	    - Fix building without subuid support
+	    - Add /etc/subuid support for UID matching
+	    - Support subuid for nonlocal users
+	    - Default to 65536 subuid allocations
+	    - Respect -r
+	    - Check for range overflows
+	  - Add tests from svn tree
+	  - Use AC_CHECK_SIZEOF for uid_t size checks
+	  - Accomodate missing /etc and login.defs
+	  - Support FORCE_SHADOW
+	  - Be more robust in hostile environment
+	  - Allow removing a primary group
+	  - Clear passwords on __pw_dup errors
+	  - Memory leak fix in commonio_update and get_map_ranges
+	  - Fix resource leak in syslog_sg
+	  - Fix user busy error at userdel
+	  - Support set/clear lastlog record via lastlog command
+	  - Add --no-create-home as longopt for -M
+	  - Fix signal races
+	  - Reduce syslog priority of common usage events
+
+2013-08-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/vipw.c: After waitpid(), use errno only if waitpid returned
+	-1. Debian#688260
+	* src/vipw.c: Likewise for system().
+
+2013-08-23  victory  <victory.deb@gmail.com>
+
+	* po/ja.po: Updated to 558t
+
+2013-08-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/shadow-man-pages.pot: Regenerated.
+	* man/po/*.po: Updated PO files.
+
+2013-08-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/newgrp.1.xml: Fix encoding.
+	* man/sg.1.xml: Likewise.
+
+2013-08-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/da.po: Unfuzzy according to previous change.
+	* man/po/de.po: Likewise.
+	* man/po/fr.po: Likewise.
+	* man/po/it.po: Likewise.
+	* man/po/pl.po: Likewise.
+	* man/po/ru.po: Likewise.
+	* man/po/sv.po: Likewise.
+	* man/po/zh_CN.po: Likewise.
+
+2013-08-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/chage.1.xml: Add a non breaking space between options and
+	their parameter because xml2po removes those spaces. Alioth#314401
+	* man/chfn.1.xml: Likewise.
+	* man/chgpasswd.8.xml: Likewise.
+	* man/chpasswd.8.xml: Likewise.
+	* man/chsh.1.xml: Likewise.
+	* man/faillog.8.xml: Likewise.
+	* man/gpasswd.1.xml: Likewise.
+	* man/groupadd.8.xml: Likewise.
+	* man/groupdel.8.xml: Likewise.
+	* man/groupmems.8.xml: Likewise.
+	* man/groupmod.8.xml: Likewise.
+	* man/grpck.8.xml: Likewise.
+	* man/lastlog.8.xml: Likewise.
+	* man/newusers.8.xml: Likewise.
+	* man/passwd.1.xml: Likewise.
+	* man/pwck.8.xml: Likewise.
+	* man/pwconv.8.xml: Likewise.
+	* man/su.1.xml: Likewise.
+	* man/useradd.8.xml: Likewise.
+	* man/userdel.8.xml: Likewise.
+	* man/usermod.8.xml: Likewise.
+	* man/vipw.8.xml: Likewise.
+
+2013-08-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/shadow-man-pages.pot: Regenerated.
+	* man/po/*.po: Updated PO files.
+
+2013-08-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/de.po: Fix encoding.
+
+2013-08-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/subordinateio.c (subordinate_next): Fix return value.
+
+2013-08-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/idmapping.c: Include <stdio.h> needed for fprintf() and
+	stderr.
+
+2013-08-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.d/SUB_GID_COUNT.xml: Document newusers behavior
+	when the user already have subordinate group IDs.
+	* man/login.defs.d/SUB_UID_COUNT.xml: Likewise.
+	* man/login.defs.d/SUB_GID_COUNT.xml: Fix typo (MAX<->MIN).
+	* man/login.defs.d/SUB_UID_COUNT.xml: Likewise.
+
+2013-08-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Check early if /etc/subuid (/etc/subgid) exists
+	when option -v/-V (-w/-W) are provided. 
+
+2013-08-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Fix parse of ranges. The hyphen might be followed
+	by a negative integer.
+
+2013-08-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/subordinateio.c (find_free_range): max is allowed for new
+	ranges.
+
+2013-08-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/find_new_sub_gids.c: Remove dead code.
+	find_new_sub_gids() is always called with *range_count set to 0.
+	It's more difficult to keep the subordinate GIDs and UIDs
+	synchronized, than for the user's UID/GId because the count of
+	subordinate IDs may differ.
+	* libmisc/find_new_sub_uids.c: Likewise.
+	* lib/subordinateio.h, lib/subordinateio.c: Remove APIs that are
+	no more needed: is_sub_uid_range_free(), is_sub_gid_range_free(),
+	is_range_free().
+
+2013-08-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: Check if sizeof uid_t and gid_t is larger than 32
+	bit to support subordinate IDs.
+
+2013-08-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/subordinateio.c: Avoid dead branches.
+	* lib/subordinateio.c: Add schematics with ranges to help reviews.
+	* lib/subordinateio.c: Avoid implicit conversion of pointers and
+	integers to booleans.
+	* lib/subordinateio.c: Added brackets.
+
+2013-08-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/vipw.c: Fail in case arguments are provided after options.
+	Debian#677812
+
+2013-08-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/subordinateio.c: Fix count for ranges truncated in
+	remove_range().
+
+2013-08-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: Terminate the child (if needed) before closing the PAM
+	session. This is probably more correct, and avoid reporting
+	termination from signals possibly sent by PAM modules (e.g. former
+	versions of pam_systemd). Debian#670132
+
+2013-08-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: When a SIGTSTP is caught, reset caught to 0. There is
+	no need to kill the child in such case after su is resumed. This
+	remove the "Session terminated, terminating shell...
+	...terminated." messages in such case.
+
+2013-08-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/newgidmap.1.xml: Document the checks performed before
+	setting the mapping in /proc.
+	* man/newuidmap.1.xml: Likewise.
+
+2013-08-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/idmapping.h: Document what the upper and lower fields
+	are in struct map_range.
+	* man/newgidmap.1.xml: Document when the gid, gidlower and count
+	argument are.
+	* man/newuidmap.1.xml: Likewise for uid, uidlower and count.
+
+2013-08-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/salt.c (shadow_random): Use long instead of size_t.
+	Compatibility with size_t is easier to check since it's used for
+	smaller numbers (salt size).
+
+2013-08-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/groupmem.c: Add splint annotations. The added memset makes
+	splint think data was allocated.
+	* lib/pwmem.c: Likewise.
+	* lib/sgroupio.c: Likewise.
+	* lib/shadowmem.c: Likewise.
+
+2013-08-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.d/SUB_GID_COUNT.xml: Document that the behavior
+	of useradd and newusers depends on the existence of /etc/subgid.
+	* man/login.defs.d/SUB_UID_COUNT.xml: Likewise for /etc/subuid.
+
+2013-08-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Change message in case of find_new_sub_uids /
+	find_new_sub_gids failure. This complements the messages already
+	provided by these APIs.
+
+2013-08-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/subordinateio.c: Fix handling of boundaries.
+	* libmisc/find_new_sub_uids.c: Likewise.
+	* libmisc/find_new_sub_gids.c: Likewise.
+
+2013-08-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/subordinateio.c: Fix removal of ranges. The database needs
+	to be marked as changed or commonio_close will discard any change.
+
+2013-08-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/newusers.8.xml: Include documentation of SUB_GID_MIN,
+	SUB_GID_MAX, SUB_GID_COUNT, SUB_UID_MIN, SUB_UID_MAX,
+	SUB_UID_COUNT.
+	* man/useradd.8.xml: Likewise.
+	* man/usermod.8.xml: Likewise.
+	* man/newusers.8.xml: Document usage of /etc/subgid /etc/subuid.
+	* man/useradd.8.xml: Likewise.
+	* man/userdel.8.xml: Likewise.
+	* man/usermod.8.xml: Likewise.
+	* man/newusers.8.xml: Add references to subgid(5) and subuid(5).
+	* man/useradd.8.xml: Likewise.
+	* man/userdel.8.xml: Likewise.
+	* man/subgid.5.xml: Sort references alphabetically.
+	* man/subuid.5.xml: Likewise.
+	* man/subgid.5.xml: Add references to newusers(8), useradd(8),
+	userdel(8), usermod(8), user_namespaces(7).
+	* man/subuid.5.xml: Likewise.
+
+2013-08-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/newgidmap.1.xml: Sort references alphabetically.
+	* man/newuidmap.1.xml: Likewise.
+
+2013-08-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: Add configure options --enable-subordinate-ids /
+	--disable-subordinate-ids. Enabled by default.
+	* lib/prototypes.h: Include <config.h> before using its macros.
+	* lib/commonio.h, lib/commonio.c: Define commonio_append only when
+	ENABLE_SUBIDS is defined.
+	* lib/prototypes.h, libmisc/find_new_sub_gids.c,
+	libmisc/find_new_sub_uids.c: Likewise.
+	* lib/subordinateio.h, lib/subordinateio.c: Likewise.
+	* libmisc/user_busy.c: Only check if subordinate IDs are in use if
+	ENABLE_SUBIDS is defined.
+	* src/Makefile.am: Create newgidmap and newuidmap only if
+	ENABLE_SUBIDS is defined.
+	* src/newusers.c: Check for ENABLE_SUBIDS to enable support for
+	subordinate IDs.
+	* src/useradd.c: Likewise.
+	* src/userdel.c: Likewise.
+	* src/usermod.c: Likewise.
+	* man/Makefile.am: Install man1/newgidmap.1, man1/newuidmap.1,
+	man5/subgid.5, and man5/subuid.5 only if ENABLE_SUBIDS is defined.
+	* man/fr/Makefile.am: Install man1/newgidmap.1, man1/newuidmap.1,
+	man5/subgid.5, and man5/subuid.5 (not translated yet).
+	* man/generate_mans.mak: Add xsltproc conditionals
+	subids/no_subids.
+	* man/login.defs.d/SUB_GID_COUNT.xml: Add dependency on subids
+	condition.
+	* man/login.defs.d/SUB_UID_COUNT.xml: Likewise.
+	* man/usermod.8.xml: Document options for subordinate IDs and
+	reference subgid(5) / subuid(5) depending on the subids condition.
+
+2013-08-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/salt.c: Remove unused variable.
+
+2013-08-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/utmp.c: Add include files needed for getaddrinfo().
+	See Alioth#314271
+
+2013-08-07  Mike Frysinger  <vapier@gentoo.org>
+
+	* configure.in: Check at configure time whether libc supports
+	ruserok (support dropped by newer C libraries).
+
+2013-08-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/usermod.8.xml: Fix typos and wording.
+	* man/usermod.8.xml: Add references to subgid(5) and subuid(5).
+
+2013-08-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/find_new_sub_gids.c: Fix wording: secondary ->
+	subordinate.
+	* libmisc/find_new_sub_uids.c: Likewise.
+
+2013-08-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/find_new_sub_gids.c: Remove duplicate check (duplicate
+	at least in its intent).
+	* libmisc/find_new_sub_uids.c: Likewise.
+
+2013-08-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Fix typos.
+
+2013-08-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/subgid.5.xml: Reorder words.
+	* man/subuid.5.xml: Likewise.
+
+2013-08-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/subgid.5.xml: Fix typos.
+	* man/subuid.5.xml: Likewise.
+	* man/subgid.5.xml: Fix copy-paste errors from subuid.5.xml.
+
+2013-08-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/newgidmap.1.xml: Remove copy-pasted NOTE.
+	* man/newuidmap.1.xml: Likewise.
+
+2013-08-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/subordinateio.c: Remove unused variables.
+
+2013-08-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.d/SUB_GID_COUNT.xml: Fix typo.
+	* man/login.defs.d/SUB_UID_COUNT.xml: Likewise.
+	* man/login.defs.d/SUB_UID_COUNT.xml: Fix copy-paste issue from
+	SUB_GID_COUNT.
+	* man/newgidmap.1.xml: Fix Typo.
+	* src/useradd.c: Fix typos.
+	* lib/subordinateio.c: Fix typos.
+
+2013-08-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Fix Debian bug #675824
+	* lib/groupmem.c (__gr_dup): Support libc which define other
+	fields in struct group.
+	* lib/pwmem.c: Likewise for struct passwd.
+	* lib/shadowmem.c: Likewise for struct spwd.
+	* lib/sgroupio.c: Apply same logic, even if this structure is
+	defined internally.
+
+2013-08-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/groupio.c: Revert change from 2013-07-29. The length of the
+	concatenated 2 lines was correct.
+
+2013-08-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/salt.c: random() max value is 2^31-1 (same as RAND_MAX
+	on GNU). As it is not clear whether on some systems the max value
+	can exceed this number and whether some systems have max values
+	which would be lower, we take this into account when defining the
+	salt size and number of rounds for SHA encrypted passwords. Higher
+	values are favored.
+
+2013-08-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/su.1.xml: With getopt, '-' does not need to be the last
+	option, but it is recommended for portability.
+	Closes https://bugs.launchpad.net/bugs/1100775
+
+2013-08-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS: Add NEWS entries.
+
+2013-08-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/da.po: Fix translation (--home became --home-dir).
+	* man/po/de.po: Likewise.
+	* man/po/fr.po: Likewise.
+	* man/po/pl.po: Likewise.
+	* man/po/ru.po: Likewise.
+	* man/po/sv.po: Likewise.
+
+2013-08-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/groupio.c (merge_group_entries): Do not allocate more than
+	necessary (sizeof char* instead of char).
+	Thanks for Tomáš Mráz (alioth#313962)
+	* lib/groupio.c (merge_group_entries): Document that new_members
+	is correctly NULL terminated. (alioth:#313940)
+
+2013-08-03  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* Changelog: Update documentation of 2013-07-28  mancha entry.
+	* lib/prototypes.h, lib/encrypt.c: Update splint marker,
+	pw_encrypt can return NULL.
+	* lib/encrypt.c: Fix outdated statement on GNU crypt.
+	* src/chgpasswd.c: Improve diagnostic to user when pw_encrypt
+	fails and use fail_exit() instead of exit().
+	* src/chpasswd.c: Likewise.
+	* src/newusers.c: Likewise.
+	* src/passwd.c: Likewise when new password is encrypted.
+	* src/newgrp.c: Improve diagnostic to user and syslog when
+	pw_encrypt fails.  Do not apply 1s penalty as this is not an
+	invalid password issue.
+	* src/passwd.c: Likewise when password is checked.
+
+2013-08-02  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/setupenv.c: xstrdup the static char* temp_pw_dir /
+	temp_pw_shell. That way we can continue to use pw_free() without
+	segving. Thanks to Serge Hallyn for the patch.
+	* libmisc/setupenv.c: Free pw_dir and pw_shell before reallocating
+	them.
+
+2013-08-01  Yuri Kozlov  <yuray@komyakino.ru>
+
+        * po/ru.po: completed translation
+	  Closes: Debian#718356
+
+2013-07-29  Michael Scherer <misc-guest@alioth.debian.org>
+
+        * libmisc/root_flag.c: use chdir() before calling chroot() to
+	  avoid potential security issue (see
+	  http://www.bpfh.net/simes/computing/chroot-break.html)
+	  Closes: alioth#313962
+
+2013-07-29  Christian Perrier  <christian@perrier.eu.org>
+
+        * man/useradd.xml: use "--home-dir" instead of "--home"
+	  Fix translations too.
+	  Thanks to Ville Skyttä
+	  Closes: alioth#313880
+
+2013-07-29  Ville Skyttä  <scop-guest@alioth.debian.org>
+
+        * man/ja/man8/groupmod.8: Syntax fix
+	  Closes: alioth#313785
+
+2013-07-29  Brad Hubbard  <badone-guest@alioth.debian.org>
+
+	* lib/groupio.c: add newline char when two lines
+	are concatenated
+	Closes: alioth#313942
+	* lib/groupio.c: fix uninitialised memory in
+	merge_group_entries causes segfault in useradd by changing
+	a call to malloc to a call to calloc
+	Closes: alioth:#313940
+
+2013-07-28  Guido Trentalancia  <guido@trentalancia.com>
+
+        * etc/login.defs: fix typographic errors and use a better format
+	  Closes: Debian#685415
+
+2013-07-28  Simon Brandmair  <sbrandmair@gmx.net>
+
+        * man/po/de.po: translation completed : 1203 translated messages
+	  Closes: Debian#679152
+
+2013-07-28  mancha  <mancha1@hush.com>
+
+	* lib/encrypt.c (pw_encrypt): crypt() in glibc/eglibc 2.17 now
+	fails if passed a salt that violates specs. On Linux, crypt() also
+	fails with DES/MD5 salts in FIPS140 mode. Rather than exit() on
+	NULL returns we send them back to the caller for appropriate
+	handling (instead of exiting).  Closes: alioth#314234
+	* lib/pwauth.c: Handle NULL return from pw_crypt(), return non
+	zero (as in case of failure).
+	* libmisc/valid.c: Likewise.
+	* src/chgpasswd.c: Handle NULL return from pw_crypt(), report
+	crypt error to stderr and exit.
+	* src/chpasswd.c: Likewise.
+	* src/gpasswd.c: Likewise.
+	* src/newusers.c: Likewise.
+	* src/passwd.c: Likewise when new password is encrypted.
+	* src/newgrp.c: Handle NULL return from pw_crypt(), report crypt
+	error to stderr and syslog and return to report unchanged
+	password.
+	* src/passwd.c: Likewise when password is checked.
+
+2013-07-28  Christian Perrier  <christian@perrier.eu.org>
+
+	* configure.in: Prepare for next point release 4.2.
+	* if using the static char* for pw_dir, strdup it so
+	  pw_free() can be used. (Closes: Debian#691459, alioth#313957) 
+	* Kill the child process group, rather than just the 
+	  immediate child; this is needed now that su no
+	  longer starts a controlling terminal when not running an
+	  interactive shell (closes: Debian#713979)
+	  Thansk to Colin Watson for the patch.
+
+2012-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS: Set release date.
+	* man/po/shadow-man-pages.pot: Regenerated.
+	* man/po/*.po: Updated PO files.
+
+2012-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/*.xml: Add author based on copyright statement.
+	* man/<ll>/*.[1358], man/<ll>/man[1358]/*.[1358],
+	man/<ll>/Makefile.am: Sort manpages per section as the generated
+	manpages.
+
+2012-05-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+	* po/*.po, man/po/*.po: Updated PO files.
+
+2012-05-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/Makefile.am, man/generate_mans.mak: Update clean targets,
+	due to the generation in separate sub folders.
+
+2012-05-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/su.1.xml: Document author to avoid warnings during
+	generation. This needs to be rolled out to other manpages.
+	* man/generate_mans.mak: Do not add a AUTHOR section in the man
+	pages.
+
+2012-05-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: non PAM enabled versions: do not fail if su is called
+	without a controlling terminal. Ignore ENXIO errors when opening
+	/dev/tty.
+
+2012-05-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Cleanup, return code 13 no more used.
+	* man/useradd.8.xml: Document return code 14, and remove return
+	code 13.
+
+2012-05-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, man/generate_mans.mak: Generate manpages in man1, man3,
+	man5, man8 subdirectories. This fix the generation of .so links
+	which did not point to a path relative to the top-level manual
+	hierarchy.
+	* man/generate_mans.mak: Update man paths accordingly.
+	* man/Makefile.am: Likewise.
+	* man/da/Makefile.am: Likewise.
+	* man/de/Makefile.am: Likewise.
+	* man/fr/Makefile.am: Likewise.
+	* man/it/Makefile.am: Likewise.
+	* man/pl/Makefile.am: Likewise.
+	* man/ru/Makefile.am: Likewise.
+	* man/sv/Makefile.am: Likewise.
+	* man/zh_CN/Makefile.am: Likewise.
+
+2012-05-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: Prepare for next point release 4.1.5.1.
+
+2012-05-19  Nitin A Kamble  <nitin.a.kamble@intel.com>
+
+	* configure.in: Remove deprecated AM_C_PROTOTYPES (no more
+	supported in automake 1.12).
+
+2012-05-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Keep the default file as much as possible to
+	avoid issue in case of crash. Use link instead of rename.
+
+2012-05-18  Peter Vrabec  <pvrabec@redhat.com>
+
+	* lib/commonio.c: Fix labeling of /etc/{passwd,shadow,group,gshadow}.
+	It will basically label them with same context as
+	/etc/{passwd+,shadow+,group+,gshadow+}
+
+2012-05-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwunconv.c: Do not check spw_close() return value (file is
+	opened readonly).
+	* src/grpunconv.c: Do not check sgr_close() return value (file is
+	opened readonly).
+
+2012-05-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/userdel.c: Fix segfault when userdel removes the
+	user's group.
+
+2012-05-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/login.c: Log in utmp / utmpx / wtmp also when PAM is
+	enabled. This is not done by pam_lastlog. This was broken on
+	2011-07-23.
+	* NEWS, libmisc/utmp.c: Do not log in wtmp when PAM is enabled.
+	This is done by pam_lastlog.
+
+2012-05-17  Christian Perrier  <bubulle@Êebian.org>
+
+	* man/po/fr.po: French translation of manpages completed
+
+2012-05-17  Simon Brandmair  <sbrandmair@gmx.net>
+
+	* man/po/de.po: German translation of manpages completed
+
+2012-02-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS: New placeholder for the next release (4.1.5.1 expected)
+
+2012-04-15  Robert Luberda  <robert@debian.org>
+
+	* man/po/pl.po: Complete translation of logoutd(8) in Polish.
+
+2012-02-13  Mike Frysinger  <vapier@gentoo.org>
+
+	* src/passwd.c: (non PAM flavour) Report permission denied when
+	access to /etc/shadow fails with EACCES.
+
+2012-02-13  Mike Frysinger  <vapier@gentoo.org>
+
+	* lib/nscd.c: Add missing newline to error message.
+	* lib/nscd.c: If nscd is installed but not in use, then running
+	`nscd -i` will exit(1). We shouldn't warn in this case since this
+	is not abnormal behavior.
+
+2012-02-13  Mike Frysinger  <vapier@gentoo.org>
+
+	* man/.gitignore: Add generate_mans.deps
+
+2012-02-13  Mike Frysinger  <vapier@gentoo.org>
+
+	* man/grpck.8.xml: Relocate space.
+
+2012-02-13  Mike Frysinger  <vapier@gentoo.org>
+
+	* libmisc/copydir.c: Add missing #include <stdarg.h>
+
+2012-02-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS: Set release date.
+
+2012-02-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+	* po/*.po, man/po/*.po: Updated PO files.
+
+2012-02-11  Giuseppe Sacco  <eppesuig@debian.org>
+
+	* man/po/it.po: Updated after review.
+
+2012-02-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/it/Makefile.am: Activate all manpages.
+	* man/po/it.po: Fix formal issues (end of lines).
+
+2012-02-11  Giuseppe Sacco  <eppesuig@debian.org>
+
+	* man/po/it.po: Updated to 1173t.
+
+2012-01-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/useradd.8.xml, man/su.1.xml, man/po/da.po, man/po/ru.po,
+	man/po/fr.po, man/po/de.po, man/po/sv.po, man/po/pl.po,
+	man/po/it.po, man/po/shadow-man-pages.pot, man/po/zh_CN.po: Fix
+	two typos. Thanks to Giuseppe Sacco. Unfuzzy translations
+	* po/kk.po, po/nb.po, po/el.po, po/ca.po, po/ja.po: Re-generate.
+	* man/login.defs.d/ENV_PATH.xml, man/login.defs.d/ENV_SUPATH.xml:
+	Fix typo.
+
+2012-01-28  Innocent De Marchi  <tangram.peces@gmail.com>
+
+	* po/ca.po: Updated to 557t.
+
+2012-01-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, configure.in, man/da/Makefile.am, man/Makefile.am: Build
+	manpages with more than 50% translated messages.
+	* man/fr/Makefile.am: Add missing manpages: chgpasswd.8,
+	groupmems.8, nologin.8, sulogin.8.
+	* man/de/Makefile.am: Add missing manpages: chage.1, chgpasswd.8,
+	chpasswd.8, expiry.1, faillog.5, faillog.8, getspnam.3, gpasswd.1,
+	groupadd.8, groupdel.8, groupmems.8, groupmod.8, grpck.8,
+	grpconv.8, grpunconv.8, gshadow.5, lastlog.8, login.defs.5,
+	logoutd.8, newusers.8, nologin.8, pwck.8, pwconv.8, pwunconv.8,
+	sg.1, shadow.3, shadow.5, suauth.5, useradd.8, userdel.8,
+	usermod.8, limits.5, login.access.5, porttime.5, id.1, sulogin.8
+	* man/zh_CN/Makefile.am: Add missing manpages: chgpasswd.8,
+	groupmems.8, nologin.8, sulogin.8
+	* man/pl/Makefile.am, man/sv/Makefile.am, man/it/Makefile.am:
+	Translate only manpages with more than 50% translated messages.
+	* man/po/da.po: Do not translate names of manpages (newusers,
+	limits, groups)
+
+2012-01-28  Yuri Kozlov  <yuray@komyakino.ru>
+
+	* man/po/ru.po: Updated to 1173t.
+
+2012-01-27  Thomas Blein  <tblein@tblein.eu>
+
+	* po/fr.po: Updated to 557t.
+	* man/po/fr.po: Updated to 1173t.
+
+2012-01-26  Joe Hansen  <joedalton2@yahoo.dk>
+
+	* po/da.po: Updated to 557t.
+	* man/po/da.po: Updated to 294t879u.
+
+2012-01-23  Thomas Vasileiou  <thomas-v@wildmail.com>
+
+	* po/el.po: Updated to 553t.
+
+2012-01-22  Baurzhan Muftakhidinov  <baurthefirst@gmail.com>
+
+	* po/kk.po: Updated to 557t.
+
+2012-01-21  Miguel Figueiredo  <elmig@debianpt.org>
+
+	* po/pt.po: Updated to 557t.
+
+2012-01-19  Holger Wansing  <linux@wansing-online.de> 
+
+	* po/de.po: Updated to 557t.
+
+2012-01-18  Bjørn Steensrud  <bjornst@skogkatt.homelinux.org>
+
+	* po/nb.po: Updated to 557t. Thanks also to Hans Fredrik Nordhaug.
+
+2012-01-16  NAKANO Takeo  <nakano@webmasters.gr.jp>
+
+	* po/ja.po: Updated to 557t
+
+2012-01-16  Simon Brandmair  <sbrandmair@gmx.net>
+
+	* man/po/de.po: Updated to 1173t.
+
+2012-01-14  YunQiang Su  <wzssyqa@gmail.com>
+
+	* po/zh_CN.po: Updated to 551t2f4u
+	* man/po/zh_CN.po: Updated to 1026t15f132u
+
+2012-01-09  Yuri Kozlov  <yuray@komyakino.ru>
+
+	* po/ru.po: Updated to 557t.
+
+2012-01-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+	* po/*.po, man/po/*.po: Updated PO files.
+
+2012-01-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h: Cleanup.
+	* lib/selinux.c, lib/semanage.c: prototypes.h was not included.
+
+2011-12-09  Peter Vrabec  <pvrabec@redhat.com>
+
+	* lib/prototypes.h, lib/Makefile.am, po/POTFILES.in,
+	libmisc/copydir.c, lib/selinux.c: Move set_selinux_file_context()
+	and reset_selinux_file_context() from libmisc/copydir.c to
+	lib/selinux.c.
+	* lib/commonio.c: Use set_selinux_file_context() and
+	reset_selinux_file_context() instead of using the existing
+	database SELinux context to set the context for the newly created
+	files.
+
+2011-12-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/vipw.c: Do not use a hardcoded program name in the usage
+	message.
+
+2011-12-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/ca.po, po/cs.po, po/da.po, po/de.po, po/es.po, po/eu.po,
+	po/fr.po, po/ja.po, po/kk.po, po/pt.po, po/pt_BR.po, po/ru.po,
+	po/sk.po, po/sv.po, po/vi.po, po/zh_CN.po: Quick unfuzzy.
+
+2011-12-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newusers.c, src/chpasswd.c, src/chgpasswd.c: Harmonize
+	usage messages.
+
+2011-12-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/Makefile.am, lib/prototypes.h, lib/selinux.c,
+	lib/semanage.c, po/POTFILES.in: Move lib/selinux.c to
+	lib/semanage.c.
+
+2011-11-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c, man/usermod.8.xml: usermod -Z "" removes the
+	SELinux user mapping for the modified user.
+	* src/useradd.c: Zflg is #defined as user_selinux non empty.
+
+2011-11-21  Peter Vrabec  <pvrabec@redhat.com>
+
+	* libmisc/copydir.c: Ignore errors to copy ACLs if the operation
+	is not supported.
+
+2011-11-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/root_flag.c, src/gpasswd.c, src/chsh.c: Add splint
+	annotations.
+	* src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c:
+	Ignore return value of spw_rewind, pw_rewind, sgr_rewind, and
+	gr_rewind.
+	* lib/commonio.h: Both head and tail cannot be owned. Set tail as
+	dependent.
+	* src/expiry.c: Ignore return value of expire ().
+	* src/expiry.c: The catch_signals function does not use its sig
+	parameter.
+	* src/userdel.c: Last audit_logger parameter is a
+	shadow_audit_result, use SHADOW_AUDIT_FAILURE instead of 0.
+	* lib/selinux.c: vasprintf requires _GNU_SOURCE to be defined
+	before including stdio.h.
+	* src/chage.c: Cast 3rd date_to_str parameter to a time_t
+	* src/passwd.c: Add missing cast.
+	* lib/commonio.c: Avoid multiple statements per line.
+	* lib/commonio.c: Ignore fclose return value when the file was
+	open read only or was not changed, or if an error is already
+	reported.
+
+2011-11-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/faillog.c: The fail_max field is a short, use a short also
+	for the max argument of setmax / setmax_one.
+	* src/faillog.c: Fail with an error message when faillog fails to
+	write to the faillog database.
+
+2011-11-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/gpasswd.1.xml: Document the difference between the -r and -R
+	options.
+
+2011-11-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/useradd.8.xml, man/groupadd.8.xml, man/usermod.8.xml,
+	man/groupmod.8.xml: Avoid hardcoded values, and reference instead
+	the configuration options (e.g. UID_MIN)
+	* man/groupmod.8.xml, man/usermod.8.xml: Add missing reference to
+	login.defs
+	* man/login.defs.d/UID_MAX.xml, man/login.defs.d/SYS_UID_MAX.xml,
+	man/login.defs.d/GID_MAX.xml, man/login.defs.d/SYS_GID_MAX.xml:
+	Document the default values.
+
+2011-11-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c: Change of group password enforces gshadow
+	password. Set /etc/group password to "x".
+
+2011-11-16  Peter Vrabec  <pvrabec@redhat.com>
+
+	* NEWS, src/userdel.c, man/userdel.8.xml: Add option -Z/--selinux-user.
+	* libmisc/system.c, lib/prototypes.h, libmisc/Makefile.am: Removed
+	safe_system().
+	* lib/selinux.c, po/POTFILES.in, lib/prototypes.h,
+	lib/Makefile.am: Added helper functions for semanage.
+	* NEWS, README, src/useradd.c, src/usermod.c, src/userdel.c,
+	configure.in: Use libsemanage instead of semanage.
+
+2011-11-16  Peter Vrabec  <pvrabec@redhat.com>
+
+	* src/Makefile.am: useradd may need the LIBATTR library.
+
+2011-11-16  Peter Vrabec  <pvrabec@redhat.com>
+
+	* libmisc/copydir.c: Ignore perm_copy_file() errors with errno set
+	to ENOTSUP.
+
+2011-11-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Compilation fix when SHADOWGRP is not enabled.
+	* libmisc/root_flag.c: Add missing #include <stdio.h>
+
+2011-11-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+	* po/*.po, man/po/*.po: Updated PO files.
+
+2011-11-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chage.c, src/chfn.c, src/chgpasswd.c, src/chpasswd.c,
+	src/chsh.c, src/groupadd.c, src/groupdel.c, src/groupmems.c,
+	src/groupmod.c, src/newusers.c, src/useradd.c, src/userdel.c,
+	src/usermod.c: Provide the PAM error
+	message instead of our own, and log error to syslog.
+	* src/groupmems.c: Exit with exit rather than fail_exit in usage().
+	* src/newusers.c: Check the number of arguments.
+	* src/newusers.c: Do not create the home directory when it is not
+	changed.
+	* src/useradd.c: Set the group password to "!" rather "x" if there
+	are no gshadow file.
+
+2011-11-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwck.c: Removed pw_opened.
+	* src/pwck.c: optind cannot be greater than argc.
+	* src/pwck.c: If spw_opened, then is_shadow is implicitly set.
+	* src/pwck.c: Do not report passwd entry without x password and a
+	shadow entry in --quiet mode (no interaction with the caller)
+	* src/pwck.c: Do not check if the last password change is in the
+	future if the time is set to 0.
+
+2011-11-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/root_flag.c: Drop privileges before changing root. The
+	--root option should not be used by regular users for suid utils.
+	* libmisc/root_flag.c: Improve error messages.
+
+2011-11-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwck.c: Compile fix for TCB.
+
+2011-11-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/copydir.c: Avoid conflict with glibc. Rename error to
+	error_acl.
+
+2011-11-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/newusers.8.xml: Document the optional file argument.
+	* man/newusers.8.xml: Fix the documentation of the inputs' format.
+
+2011-11-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/groupmod.8.xml: Document that the primary group of users may
+	be changed by groupmod -g.
+
+2011-11-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newusers.c, man/newusers.8.xml: Add --root option.
+
+2011-11-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/vipw.c: Remove unused variable a.
+
+2011-11-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/generate_mans.mak: The xml-config files do not depend on the
+	Makefile.
+
+2011-10-31  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chage.c, src/chgpasswd.c, src/chpasswd.c, src/chsh.c,
+	src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c,
+	src/groupmems.c, src/groupmod.c, src/grpconv.c, src/grpunconv.c,
+	src/lastlog.c, src/newusers.c, src/passwd.c, src/pwconv.c,
+	src/pwunconv.c, src/su.c, src/useradd.c, src/userdel.c,
+	src/usermod.c, src/vipw.c: Align and sort options.
+
+2011-10-31  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/pwck.c, man/pwck.8.xm, src/grpck.c, man/grpck.8.xml:
+	Add --root option.
+
+2011-10-31  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/limits.5.xml, libmisc/limits.c: Sort limit identifiers.
+	* libmisc/limits.c: Fix support for the K limit identifier.
+	* libmisc/limits.c: Add missing default limit for L and U.
+
+2011-10-31  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwck.c, man/pwck.8.xml: Add support for long options.
+	* src/pwck.c, man/pwck.8.xml: Add -h/--help option
+	* src/grpck.c, man/grpck.8.xml: Add support for long options.
+	* src/grpck.c, man/grpck.8.xml: Add -h/--help option
+
+2011-10-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/expiry.c, man/expiry.1.xml: Add support for long options.
+	* src/expiry.c, man/expiry.1.xml: Add -h/--help option
+
+2011-10-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chfn.c, man/chfn.1.xml: Add support for long options.
+	* src/chfn.c, man/chfn.1.xml: Add -u/--help option
+	* NEWS, src/chfn.c, man/chfn.1.xml: Add --root option.
+
+2011-10-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/vipw.c, man/vipw.8.xml: Add --root option.
+
+2011-10-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/faillog.c, man/faillog.8.xml: Add --root option.
+	* NEWS, src/lastlog.c, man/lastlog.8.xml: Likewise.
+	* src/faillog.c: Add Prog variable, and prefix error messages with
+	Prog rather than "faillog".
+	* src/lastlog.c: Likewise.
+	* src/lastlog.c: Split usage in smaller messages.
+
+2011-10-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/chage.c, man/chage.1.xml: Add --root option. Open
+	audit and syslog after the potential chroot. chage's usage split
+	in smaller messages.
+
+2011-10-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: re-indent.
+	* src/login.c: Fix support for sub-logins.
+
+2011-10-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/faillog.c, src/chage.c, src/newusers.c, src/su.c: The getopt
+	index of long options is not used.
+
+2011-10-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h, libmisc/Makefile.am, libmisc/root_flag.c,
+	po/POTFILES.in: Add process_root_flag() to process the --root
+	option and chroot so that the chroot config is used and changes
+	are applied to the chroot.
+	* NEWS, src/useradd.c, man/useradd.8.xml: Add --root option. Open
+	audit after the potential chroot.
+	* NEWS, src/userdel.c, man/userdel.8.xml: Add --root option. Open
+	audit and syslog after the potential chroot. userdel's usage split
+	in smaller messages.
+	* NEWS, src/usermod.c, man/usermod.8.xml: Likewise
+	* NEWS, src/groupadd.c, man/groupadd.8.xml: Add --root option. Open
+	audit and syslog after the potential chroot.
+	* src/groupadd.c: Check atexit failures.
+	* src/groupadd.c: Return E_SUCCESS instead of exit'ing at the end
+	of main().
+	* NEWS, src/groupadd.c, man/groupadd.8.xml: Add --root option. Open
+	audit and syslog after the potential chroot.
+	* src/groupmod.c: The getopt index of long options is not used.
+	* src/groupdel.c: Add process_flags().
+	* src/groupdel.c, man/groupdel.8.xml: Add --help option.
+	* NEWS, src/groupdel.c, man/groupdel.8.xml: Add --root option. Open
+	audit and syslog after the potential chroot.
+	* src/groupdel.c: Check atexit failures.
+	* NEWS, src/pwconv.c, src/pwunconv.c, src/grpconv.c,
+	src/grpunconv.c, man/pwconv.8.xml: Add --root option.
+	* src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c:
+	Add --help option.
+	* src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c:
+	Add process_flags() and usage().
+	* NEWS, src/chpasswd.c, man/chpasswd.8.xml, src/chgpasswd.c,
+	man/chgpasswd.8.xml: Add --root option.
+	* src/chpasswd.c, src/chgpasswd.c: The getopt index of long
+	options is not used.
+	* NEWS, src/passwd.c, man/passwd.1.xml: Add --root option.
+	passwd's usage split in smaller messages.
+	* src/passwd.c: Call sanitize_env() before setting the locales.
+	* NEWS, src/groupmems.c, man/groupmems.8.xml: Add --root option.
+	Open syslog after the potential chroot.
+	* src/groupmems.c: The getopt index of long options is not used.
+	* NEWS, src/chsh.c, man/chsh.1.xml: Add --root option.
+	chsh's usage split in smaller messages.
+	* src/chsh.c: The getopt index of long options is not used.
+	* NEWS, src/gpasswd.c, man/gpasswd.1.xml: Add --root option.
+	* src/gpasswd.c: The getopt index of long options is not used.
+
+2011-10-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/ja/Makefile.am, man/fr/Makefile.am, man/ru/Makefile.am,
+	man/sv/Makefile.am, man/pl/Makefile.am, man/zh_CN/Makefile.am,
+	man/it/Makefile.am, man/Makefile.am: Include man_nopam in
+	EXTRA_DIST only when USE_PAM (they are already in man_MANS
+	otherwise).
+
+2011-10-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/su.1.xml: Document that su -c does not providea controlling
+	terminal.
+
+2011-10-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newusers.c: Fix typo.
+	* src/useradd.c: Likewise.
+	* lib/nscd.c: Remove unused variable.
+	* lib/prototypes.h, libmisc/cleanup.c, lib/spawn.c, src/chage.c:
+	Add splint annotations.
+	* src/sulogin.c (main): env is only used when USE_PAM is not set.
+
+2011-10-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.d/LOGIN_STRING.xml: Fix typo.
+
+2011-09-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes, libmisc/basename.c (Basename): Input is a
+	constant string.
+	* lib/prototypes.h, lib/spawn.h, lib/spawn.c, src/userdel.c,
+	lib/nscd.c, lib/Makefile.am: Delete spawn.h. Move from spawn.h to
+	prototypes.h.
+	* src/userdel.c: Remove unused variables.
+	* lib/nscd.c: Remove unused header files.
+	* lib/nscd.c: Add the program name to error messages.
+	* lib/nscd.c: Indicate when nscd does not terminate normally (signal).
+	* lib/spawn.c: Updated header.
+	* lib/spawn.c: Flush stdout and stderr to avoid inheriting from
+	ongoing buffers.
+	* lib/spawn.c: Avoid implicit conversion of pointer to boolean.
+	* lib/spawn.c: Replace perror by a complete message.
+	* lib/spawn.c: Continue to wait for the child if another child
+	terminates.
+	* lib/prototypes.h: The name field from cleanup_info_mod is a
+	constant string. (username).
+
+2011-09-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/cleanup.c: Spawn children should no trigger cleanup
+	actions. Make sure only the parent (initial caller) perform the
+	cleanup actions.
+
+2011-09-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/salt.c (SHA_salt_rounds): It is statically ensured that
+	the format fits in rounds_prefix.
+	* libmisc/loginprompt.c: Likewise.
+
+2011-09-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/grpconv.c: Fail if not called correctly.
+	* src/grpconv.c: At the end of main, the passwd and shadow files
+	are locked. No need to check before unlocking. No need to set the
+	lock as false neither since there cannot be anymore failures.
+
+2011-09-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chage.c: EPOCH is not needed, it's converted to -1 by
+	strtoday(). But we need to support "-1" specifically.
+	* src/chage.c: Fix usage: LOGIN is mandatory.
+	* src/chage.c: Display disabled expiry or last change as "-1"
+	instead of 1969-12-31. 1969-12-31 is still supported as input from
+	the user.
+	* src/chage.c: Exit cleanly with fail_exit() (lock files were not
+	removed).
+
+2011-09-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Remove def_file. It was always set to
+	USER_DEFAULTS_FILE.
+	* src/useradd.c: Fix cut&paste issue causing bad warning when
+	the useradd.default file contains an invalid INACTIVE= value.
+	* src/useradd.c: Added missing end of line for rename errors.
+	* src/useradd.c: Added -D synopsis to the usage message.
+	* src/useradd.c: Do not scale_age(-1), just use -1.
+	* src/useradd.c: Added FIXME to be fixed later.
+	* src/useradd.c: Allow -e -1 when there is no shadow file.
+	* src/useradd.c: Fail, but do not print the usage message when the
+	-e argument is not valid.
+	* src/useradd.c: No need to check for oflg since uflg is
+	already checked.
+
+2011-09-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: Too much const were added on 2011-08-15. pw in
+	save_caller_context() is allocated and freed.
+	* src/su.c: Added missing #endif indication
+	* src/su.c (save_caller_context): password only needed if
+	SU_ACCESS and !USE_PAM.
+
+2011-09-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: date_to_str() is always called with negativ set
+	to "never", remove this argument.
+	* src/usermod.c: Added missing cast for gr_free argument.
+
+2011-09-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwconv.c: Fail if not called correctly.
+	* src/pwconv.c: At the end of main, the passwd and shadow files
+	are locked. No need to check before unlocking.
+
+2011-09-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newusers.c: Initially set the passwd's password to '*'
+	instead of 'x'. Only when it is confirmed that a shadow entry is
+	(will be) added, set the passwd's password to 'x'.
+	* src/newusers.c: An invalid line is an error. A failure needs to
+	be reported.
+
+2011-09-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c: Remove log_gpasswd_success_gshadow(). Writing in
+	gshadow is the last sub-task.
+
+2011-09-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chsh.c: No needto remove lines tarting with '#' from
+	/etc/shells. This is already done by getusershell() and these
+	shell would fail the access(X_OK) test.
+
+2011-09-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/generate_mans.mak: Fix the generation of translated man
+	pages. xml2po removed the comment from empty headers and the
+	config was no more inserted.
+
+2011-09-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/chage.1.xml: The LOGIN argument is not optional.
+	* man/login.defs.d/QUOTAS_ENAB.xml: Document the dependency
+	between /etc/limits and QUOTAS_ENAB.
+
+2011-08-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/POTFILES.in: Added lib/spawn.c.
+
+2011-08-20  Jonathan Nieder  <jrnieder@gmail.com>
+
+	* lib/Makefile.am: Added lib/spawn.c and lib/spawn.h.
+	* lib/nscd.c, lib/spawn.c, lib/spawn.h: It is not possible to
+	differentiate between an nscd failure, and a failure to execute
+	due to no nscd with posix_spawn. Use our own run_command routine.
+	* src/userdel.c: Use run_command()
+
+2011-08-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmod.c: Ignore return value from snprintf.
+	* src/groupmod.c: Add static qualifier to the cleanup structures.
+	* src/groupmod.c: Check atexit failures.
+
+2011-08-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Do not assign static to NULL.
+	* src/usermod.c (date_to_str): buf needs to be unique (e.g.
+	independent from negativ), and is an out buffer.
+	* src/usermod.c: Ignore return value from snprintf, and force
+	nul-termination of buffer.
+	* src/usermod.c: Improve memory management.
+	* src/usermod.c: An audit bloc was not reachable, moved above on
+	success to move the home directory.
+	* src/usermod.c: Ignore close() return value for the mailbox
+	(opened read only).
+
+2011-08-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: Added const modifiers.
+	* lib/prototypes: Synchronize splint annotations.
+
+2011-08-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: Add splint annotations.
+	* src/su.c: Set caller_on_console as boolean.
+	* src/su.c: Ignore return value from fputs (usage) / puts (prompt).
+	* src/su.c: Improved memory management.
+
+2011-08-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chgpasswd.c, src/chpasswd.c, src/newusers.c: Replace cflg by
+	a test on crypt_method.
+
+2011-08-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/chowndir.c: Add splint annotations.
+	* src/chgpasswd.c: Likewise.
+	* src/chpasswd.c: Likewise.
+	* src/newusers.c: Likewise.
+	* libmisc/salt.c, lib/prototypes.h (crypt_make_salt): Likewise.
+
+2011-08-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/gshadow_.h: Fix typo in comment.
+
+2011-08-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h, libmisc/getgr_nam_gid.c: getgr_nam_gid()
+	returns an allocated structure.
+
+2011-08-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: Add annotations to indicate that su_failure() does
+	not return.
+
+2011-07-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: Display PID as unsigned long.
+
+2011-07-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Remove unused Zflg.
+
+2011-07-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chgpasswd.c: Fix typo sp -> sg. sg_namp -> sg_name
+	* src/chgpasswd.c: Always update the group file when SHADOWGRP is
+	not enabled.
+
+2011-07-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newgrp.c: Fix typo in notreached annotation.
+
+2011-07-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Add annotations to indicate that fail_exit() does
+	not return.
+	* src/usermod.c: Fix typo in notreached annotation.
+
+2011-07-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/find_new_uid.c: free (used_uids) on return.
+	* libmisc/find_new_gid.c: free (used_gids) on return.
+
+2011-07-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: Fix NIS commit from 2011-07-14.
+
+2011-07-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/chpasswd.c: Create a shadow entry if the password is
+	set to 'x' in passwd and there are no entry in shadow for the
+	user.
+	* NEWS, src/chgpasswd.c: Create a gshadow entry if the password is 
+	set to 'x' in group and there are no entry in gshadow for the 
+	group.
+
+2011-07-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwunconv.c: Exit after printing usage when arguments or
+	options are provided.
+	* src/pwunconv.c: Re-indent.
+	* src/pwunconv.c: Open the shadow file read only.
+	* src/grpunconv.c: Exit after printing usage when arguments or
+	options are provided.
+	* src/grpunconv.c: Open the gshadow file read only.
+
+2011-07-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chgpasswd.c: Fix typo.
+
+2011-07-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/login.c: Do not log in utmp / utmpx / wtmp when PAM is
+	enabled. This is already done by pam_lastlog. Note that
+	pam_lastlog can only log the parent PID, not the PID of the
+	process forked by login.
+
+2011-07-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chpasswd.c: Add annotations to indicate that usage() does
+	not return.
+	* src/chpasswd.c: Reindent.
+	* src/chpasswd.c: Remove dead code. No need to set crypt_method
+	to NULL when it is already NULL. sflg is only set if crypt_method
+	is not NULL.
+
+2011-07-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/lastlog.c: Add annotations to indicate that usage() does not
+	return.
+
+2011-07-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/faillog.c: Add annotations to indicate that usage() does not
+	return.
+	* src/faillog.c: Fix message: this is faillog, not lastlog.
+	* src/faillog.c: Check that there are no extra arguments after
+	parsing the options.
+
+2011-07-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chgpasswd.c: Add annotations to indicate that usage() does
+	not return.
+	* src/chgpasswd.c: Split usage in smaller parts. Those parts are
+	already translated for chpasswd. Usage is now closer to
+	chpasswd's.
+	* src/chgpasswd.c: Remove dead code. No need to set crypt_method
+	to NULL when it is already NULL. sflg is only set if crypt_method
+	is not NULL.
+
+2011-07-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/expiry.c: Remove dead code.
+	* src/expiry.c: Improve comments.
+
+2011-07-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/grpck.c: Added comments.
+	* src/grpck.c: Avoid implicit conversion of pointer to boolean.
+	* src/grpck.c: Remove dead code. argc cannot be lower than optind.
+	Avoid checking twice in a row for NULL != list[i].
+
+2011-07-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Fail in case of
+	invalid configuration. 
+	* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Updated
+	comments.
+	* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Be more strict
+	on the loop stop conditions. Stop if we passed the limit, even if
+	the limit itself was never noticed.
+
+2011-07-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/fr.po: Fix some spacing issues due to configuration
+	variants.
+
+2011-07-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/passwd.c: Overflow when computing the number of days based
+	on the scaling. Use of long long needed.
+
+2011-07-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, lib/commonio.h, lib/commonio.c: Additional messages to
+	indicate why locking failed.
+	* NEWS, lib/commonio.c: Fix the sort algorithm in case of NIS. NIS
+	entries were dropped.
+	* lib/commonio.c: NIS entries can start by '+' or '-'.
+
+2011-07-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/groupmod.c: When the gshadow file exists but there are
+	no gshadow entries, an entry is created if the password is changed
+	and group requires a shadow entry.
+
+2011-07-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Fix typo in comment.
+	* src/usermod.c (move_home): It is always an error to use -m if
+	the new home directory already exist (independently from the
+	existence of the old home directory did not exist)
+	* src/usermod.c (process_flags): Report usage if no options are
+	provided. Update the error message.
+	* src/usermod.c (process_flags): Check option compatibility and
+	dependency before options are discarded when no changes are
+	requested.
+	* src/usermod.c (process_flags): Check for oflg is not needed to
+	check if changes are needed.
+	* src/usermod.c: usage() does not return. Add annotations.
+	* src/usermod.c (update_gshadow): is_member was computed twice.
+	* src/usermod.c (update_group, update_gshadow): Reduce complexity
+	and document checks. Some checks were always true/false within
+	their call context.
+	* NEWS, src/usermod.c; man/usermod.8.xml: When the shadow file
+	exists but there are no shadow entries, an entry has to be created
+	if the password is changed and passwd requires a shadow entry, or
+	if aging features are used (-e or -f). Document this and also that
+	-e and -f require a shadow file.
+	* man/usermod.8.xml: Document behavior of an empty EXPIRE_DATE.
+	* man/usermod.8.xml: Document that the mail spool might have to be
+	renamed (as for the homedir)
+	* src/usermod.c (new_pwent): Document that pw_locate will not fail
+	because getpwnam returned successfully.
+	* src/usermod.c (process_flags): Do not display the usage in case
+	of an invalid -f value (similar to -e).
+	* src/usermod.c (process_flags): Indicate that the user name is
+	invalid, instead of just a 'field'.
+
+2011-07-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupadd.c: Fix typo in comment.
+	* src/userdel.c: Fix typo from 2011-06-04. Report failure on the
+	mailfile instead of user_home.
+	* lib/fields.c: Fixed typo from 2010-02-15. field instead of cp
+	ought to be checked.
+	* src/vipw.c: Use Prog instead of progname. This is needed since
+	Prog is used in the library.
+	* configure.in: Fix typo. libcrack default is 'no'.
+	* src/groupmod.c: Avoid implicit conversion of pointer to boolean.
+	* src/groupmod.c: osgrp can be set only if pflg || nflg. No need
+	to check for pflg || nflg again
+
+2011-07-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/*.xml, man/config.xml.in: Add source and version
+	information. This reduce the amount of warnings during the
+	manpages generation.
+
+2011-06-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/passwd.1.xml: Added reference to chpasswd(8).
+	* man/po/ru.po: Add space between option and argument.
+
+2011-06-16  Francisco Javier Cuadrado  <fcocuadrado@gmail.com>
+
+	* po/es.po: Spanish translation
+
+2011-06-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/isexpired.c: Added parenthesis.
+	* libmisc/env.c: Added comments.
+	* libmisc/env.c: Avoid implicit conversion of pointer to boolean.
+
+2011-06-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: environ is provided by <unistd.h>.
+	* src/su.c: Added function prototypes.
+	* src/su.c: Rename shellstr parameter to shellname to avoid
+	collision with static variable.
+	* NEWS, src/su.c: Added support for PAM modules which change
+	PAM_USER.
+
+2011-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c (prepare_pam_close_session): Extract the creation of a
+	child and listening for signal in the parent from run_shell().
+	prepare_pam_close_session() is now executed before the creation of
+	the pam session and before the UID is changed. This allows to
+	close the session as root.
+	* src/su.c: Also drop the controlling terminal when PAM is not
+	used.
+	* src/su.c: Remove run_shell().
+	* src/su.c: After prepare_pam_close_session() there is no need to
+	close the session in the child. Added pam_setcred to
+	prepare_pam_close_session().
+
+2011-06-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c (save_caller_context): Extract from main() the code
+	used to save the caller's context.
+	* src/su.c: Split check_perms() in to a PAM (check_perms_pam) and
+	a non-PAM (check_perms_nopam) version.
+	* src/su.c: Cleanup check_perms_nopam().
+	* src/su.c: Merge environment setting blocks after the creation of
+	the session.
+	* src/su.c: Close the password databases together with syslog.
+	* src/su.c: Extract command line processing from main().
+	* src/su.c: Extract export of environment from main().
+
+2011-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: Group some of the environment processing blocks. The
+	definition of shellstr, PATH and IFS is not influenced (getenv,
+	getdef, restricted_shell) by and does not influence (addenv does
+	not change environ) the authentication. And the authentication
+	did not overwrite those definitions. This will ease an extraction
+	from the big main() function.
+	* src/su.c: Move definition of change_environment and shellstr
+	after the switch to the final subsystem. The previous architecture
+	forced to always change the environment (the shell starts with a
+	'*' and was thus restricted, and change_environment could not be
+	reset to false).
+	* src/su.c: No need to change the user's shell in case of
+	subsystem root. Update the comments.
+	* src/su.c: Define shellstr before the environment so that
+	restricted_shell is called only once. This will allow moving the
+	environment definition after the switch to the new user.
+	* src/su.c: Extract the authentication from the main function.
+	* lib/prototypes.h, src/suauth.c, src/su.c (check_su_auth): Do not
+	use the pwent global variable to communicate between APIs of
+	different files. Added boolean parameter su_to_root to
+	check_su_auth().
+	* src/su.c (check_perms): Return the passwd entry of the finally
+	authenticated user. Remove usage of the pwent variable.
+	* src/su.c: The password of the caller is the one from the
+	spwd structure only if the passwd's password is 'x'.
+	* src/su.c: Cleanup local variables.
+
+2011-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: Updating pwent after expire() is not useful. Only the
+	password information may have changed and they are not used
+	anymore afterwards.
+	* src/su.c: No need to call expire() if there are no shadow entry.
+	No need to convert a passwd entry into an spwd entry in that case.
+
+2011-06-12  Thomas Blein  <tblein@tblein.eu>
+
+	* man/po/fr.po: French manpages translation
+
+2011-06-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/su.c: Do not forward the controlling terminal to
+	commands executed with -c. This prevents tty hijacking which could
+	lead to execution with the caller's privileges. This required to
+	forward signals from the terminal (SIGINT, SIGQUIT, SIGTSTP) to
+	the executed command.
+
+2011-06-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/userdel.c: Do not remove a group with the same name as
+	the user (usergroup) if this group isn't the user's primary group.
+
+2011-06-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/userdel.c: Check the existence of the user's mail
+	spool before trying to remove it. If it does not exist, a warning
+	is issued, but no failure.
+
+2011-06-03  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/sulogin.c: Added Prog, needed because of the last xmalloc()
+	change.
+
+2011-06-03  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/zh_CN/, man/zh_CN/Makefile.am: Added directory, and zh_CN
+	Makefile.
+	* man/Makefile.am: Build zh_CN pages.
+	* man/generate_translations.mak: Add config.xml to CLEANFILES.
+	* man/po/zh_CN.po: limits, groups, faillog, expiry should not be
+	translated (command name, file name), also this broke the build
+	system as they are used to derive manpage names.
+
+2011-06-02  Peter Vrabec  <pvrabec@redhat.com>
+
+	* src/lastlog.c, src/faillog.c: Fix underflows causing wrong entry
+	to be displayed.
+
+2011-06-02  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/xmalloc.c: Harmonize message.
+
+2011-06-02  Peter Vrabec  <pvrabec@redhat.com>
+
+	* libmisc/find_new_uid.c, libmisc/find_new_gid.c: Add missing
+	memory allocation check.
+
+2011-06-02  Cal Peake  <cp@absolutedigital.net>
+
+	* NEWS, libmisc/addgrps.c: Fix allocator loop. Continue to
+	getgroups() when getgroups fails (-1) with errno==EINVAL.
+
+2011-06-01  Simon Brandmair  <sbrandmair@gmx.net>
+
+	* man/newusers.8.xml, man/suauth.5.xml, man/suauth.5.xml,
+	  man/logoutd.8.xml, man/chgpasswd.8.xml, man/groups.1.xml,
+	  man/faillog.5.xml, man/login.defs.d/MD5_CRYPT_ENAB.xml,
+	  man/login.defs.d/DEFAULT_HOME.xml,
+	  man/login.defs.d/LOGIN_RETRIES.xml,
+	  man/login.defs.d/MD5_CRYPT_ENAB.xml,
+	  man/login.defs.d/PORTTIME_CHECKS_ENAB.xml, 
+	  man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml:
+	  Fix typos
+	* man/po/de.po: German translation of manpages completed
+
+2011-05-23  Innocent De Marchi  <tangram.peces@gmail.com>
+
+	* po/ca.po: Catalan translation completed
+
+2011-04-22  Miguel Figueiredo  <elmig@debianpt.org>
+
+	* po/pt.po: Portuguese translation completed
+
+2011-04-22  Thomas Blein  <tblein@tblein.eu>
+
+	* po/fr.po: French translation completed
+
+2011-04-16  Holger Wansing  <linux@wansing-online.de>
+
+	* po/de.po: German translation completed
+
+2011-04-15  Fred Maranhão  <fred.maranhao@gmail.com>
+
+	* po/pt_BR.po: Brazilian Portuguese translation completed
+
+2011-04-10  Yuri Kozlov  <yuray@komyakino.ru>
+
+	* po/ru.po: Russian translation completed
+
+2011-04-07  Daniel Nylander  <po@danielnylander.se>
+
+	* po/sv.po: Swedish translation completed
+
+2011-04-07  Joe Dalton  <joedalton2@yahoo.dk>
+
+	* po/da.po: Danish translation completed
+
+2011-04-05  Timur Birsh  <taem@linukz.org>
+
+	* po/kk.po: Kazakh translation completed
+
+2011-04-05  NAKANO Takeo  <nakano@st.seikei.ac.jp>
+
+	* po/ja.po: Japanese translation completed
+
+2011-03-30  YunQiang Su  <wzssyqa@gmail.com>
+
+	* man/po/zh_CN.po: convert Simplified Chinese translation 
+	  of manpages to gettext
+	* po/zh_CN.po: Simplified Chinese translation completed
+
+2010-02-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/ru/Makefile.am: Remove double inclusion of $(man_nopam)
+
+2010-02-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/user_busy.c, src/userdel.c, src/usermod.c: Warn in
+	user_busy() rather than in src/userdel.c or src/usermod.c to
+	provide more accurate failure cause (user is logged in or user
+	still executes processes).
+
+2010-02-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/groupio.c, lib/sgroupio.c, lib/shadowio.c, lib/pwio.c: Check
+	entry validity before commits to databases.
+	* libmisc/fields.c, libmisc/Makefile.am, lib/fields.c,
+	lib/Makefile.am, po/POTFILES.in: fields.c moved from libmisc to
+	lib.
+	* lib/fields.c: Fail if input pointer is NULL.
+
+2010-02-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/chfn.c, src/chsh.c: Fix CVE-2011-0721: forbid \n in
+	gecos or shell.
+
+2011-02-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* autogen.sh: Restore original autoreconf (see 2010-08-29's change
+	for autogen.sh)
+	* configure.in, man/po/Makefile.in.in, man/po/Makefile.in:
+	Makefile.in.in replaced by Makefile.in to avoid config.status
+	issues when there are multiple po directories.
+	* man/po/LINGUAS: Adapted to above change.
+	* man/po/POTFILES.in, man/po/XMLFILES: POTFILES.in replaced by
+	XMLFILES.
+	* man/Makefile.am: generate_mans.deps shall be included by make,
+	not automake.
+
+2010-11-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, libmisc/console.c: Fix CONSOLE parser. This caused login
+	to hang when CONSOLE was configured with a colon separated list of
+	TTYs.  See http://bugs.gentoo.org/show_bug.cgi?id=324419
+
+2010-09-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Integrate review comments from Julien Cristau
+	* libmisc/copydir.c: Missing parenthesis in comment.
+	* libmisc/chowndir.c: Fixed memory leak on failed realloc().
+	* libmisc/chowndir.c: Make sure the buffer for the path is large
+	enough.
+	* libmisc/remove_tree.c: Remove check for NULL before free().
+
+2010-08-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/fr.po: Fix 2 fuzzy strings.
+
+2010-08-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/usermod.c: Accept options in any order (username not
+	necessarily at the end)
+
+2010-08-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* autogen.sh: Expand autoreconf to avoid running autopoint.
+
+2010-08-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+	* po/*.po, man/po/*.po: Updated PO files.
+
+2010-08-28  Brian M. Carlson  <sandals@crustytoothpaste.ath.cx>
+
+	* man/chsh.1.xml: Fix comma splice.
+
+2010-08-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/protoypes.h, libmisc/copydir.c, src/useradd.c:
+	selinux_file_context renamed set_selinux_file_context.
+	* lib/protoypes.h, libmisc/copydir.c, src/useradd.c:
+	Added reset_selinux_file_context.
+	* src/useradd.c: Check the return value of
+	set_selinux_file_context and reset_selinux_file_context.
+	* libmisc/copydir.c: Check the return value of
+	reset_selinux_file_context.
+
+2010-08-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: Fix handling of environment variables when
+	the environment is not changed. In particular, this makes su
+	behave as documented regarding PATH and IFS (i.e. they are reset)
+	when -p is provided.
+
+2010-08-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/su.1.xml: Fix typo.
+
+2010-08-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c,
+	src/newusers.c, src/pwconv.c, src/chpasswd.c, src/logoutd.c,
+	src/chfn.c, src/groupmems.c, src/usermod.c, src/pwunconv.c,
+	src/expiry.c, src/groupdel.c, src/chgpasswd.c, src/useradd.c,
+	src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c, src/chage.c,
+	src/groupadd.c, src/login.c, src/grpconv.c, src/groups.c,
+	src/grpunconv.c, src/chsh.c: Prog changed to a constant string.
+
+2010-08-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/limits.c: Avoid implicit conversion of integer to
+	boolean.
+	* libmisc/basename.c: Avoid implicit conversion of pointer to
+	boolean.
+	* libmisc/basename.c, lib/prototypes.h (Basename): Return a
+	constant string.
+	* libmisc/basename.c, libmisc/obscure.c, lib/prototypes.h,
+	libmisc/xmalloc.c, libmisc/getdate.h, libmisc/system.c,
+	libmisc/getgr_nam_gid.c, libmisc/failure.c, libmisc/valid.c: Add
+	splint annotations.
+	* libmisc/chowndir.c: Avoid memory leak.
+	* libmisc/chowndir.c: Do not check *printf/*puts return value.
+	* libmisc/chowntty.c: Avoid implicit conversion between integer
+	types.
+	* libmisc/obscure.c: Return a bool when possible instead of int.
+	* libmisc/shell.c: Do not check *printf/*puts return value.
+	* libmisc/shell.c: Do not check execle return value.
+	* libmisc/setupenv.c: Avoid implicit conversion between integer
+	types.
+	* libmisc/xmalloc.c: size should not be zero to avoid returning
+	NULL pointers.
+	* libmisc/hushed.c: Do not check *printf/*puts return value.
+	* libmisc/system.c: Avoid implicit conversion of integer to
+	boolean. safe_system last argument is a boolean.
+	* libmisc/system.c: Check return value of dup2.
+	* libmisc/system.c: Do not check *printf/*puts return value.
+	* libmisc/system.c: Do not check execve return value. 
+	* libmisc/salt.c: Do not check *printf/*puts return value.
+	* libmisc/loginprompt.c: Do not check gethostname return value.
+	* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not check
+	gr_rewind/pw_rewind return value.
+	* libmisc/ttytype.c: Limit the number of parsed characters in the
+	sscanf format.
+	* libmisc/ttytype.c: Test if a type was really read.
+	* libmisc/sub.c: Do not check *printf/*puts return value.
+	* libmisc/sub.c: Avoid implicit conversion of integer to boolean.
+	* src/userdel.c: Fix typo in comment.
+	* src/userdel.c: Avoid implicit conversion of boolean to integer.
+	* src/userdel.c: safe_system last argument is a boolean.
+	* src/newusers.c: Avoid implicit conversion of boolean to integer.
+	* src/newusers.c: Avoid implicit conversion of integer to boolean.
+	* src/usermod.c: Add brackets.
+	* src/usermod.c: Avoid implicit conversion of characters or
+	integers to booleans.
+	* src/vipw.c: Avoid implicit conversion of integer to boolean.
+	* src/su.c: Avoid implicit conversion of integer to boolean.
+	* src/su.c: Add brackets.
+	* src/useradd.c: Avoid implicit conversion of characters or
+	integers to booleans.
+
+2010-08-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/obscure.c, lib/prototypes.h (obscure): Return a bool
+	instead of an int.
+	* libmisc/obscure.c, libmisc/tz.c, src/passwd.c, lib/encrypt.c,
+	libmisc/copydir.c, lib/prototypes.h: Add splint annotations.
+	* libmisc/tz.c: Fix some const issues.
+	* libmisc/tz.c: Avoid multi-statements lines.
+	* libmisc/tz.c: Add brackets.
+	* libmisc/copydir.c: Do not check *printf/*puts return value.
+	* libmisc/copydir.c: Fail if we cannot set or reset the SELinux
+	fscreate context.
+	* libmisc/copydir.c: Use xmalloc instead of malloc.
+	* libmisc/copydir.c: Do not check lutimes return value
+	* src/vipw.c: Avoid implicit conversion of integer to boolean.
+	* src/su.c (iswheel): Return a bool instead of an int.
+	* src/passwd.c: Remove insert_crypt_passwd(). Use xstrdup instead.
+	* src/passwd.c: Return constant strings when sufficient.
+	* src/passwd.c: Do not check *printf/*puts return value.
+	* src/passwd.c: Avoid implicit conversion of character to boolean.
+	* src/passwd.c: Do not check sleep return value.
+	* src/sulogin.c: Do not check *printf/*puts return value.
+	* lib/encrypt.c: Do not check fprintf return value.
+
+2010-08-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/passwd.c: Fix a const issue.
+	* src/passwd.c: Avoid multi-statements lines.
+	* src/sulogin.c: Fix a const issue.
+
+2010-08-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/copydir.c, lib/prototypes.h: Caller can choose not to
+	copy the extended attributes (the SELinux context is hence reset)
+	* src/usermod.c: Copy the extended attributes.
+	* src/useradd.c: Only reset the SELinux context.
+
+2010-08-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: Fixed typo.
+
+2010-08-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/console.c, libmisc/motd.c, libmisc/setupenv.c,
+	libmisc/sulog.c, libmisc/hushed.c, libmisc/failure.c,
+	libmisc/loginprompt.c, libmisc/ttytype.c, libmisc/obscure.c,
+	libmisc/pam_pass_non_interractive.c, src/userdel.c, src/login.c,
+	lib/commonio.c, lib/commonio.h, libmisc/setugid.c,
+	libmisc/setupenv.c: Fix some const issues.
+	* libmisc/motd.c: Avoid multi-statements lines.
+	* libmisc/motd.c: Support long MOTD_FILE.
+	* libmisc/list.c, lib/prototypes.h: Revert previous change.
+	dup_list and is_on_list are used with members as defined for the
+	group structure, and thus even if the list is not modified, the
+	list elements cannot be constant strings.
+	* libmisc/system.c: Avoid C++ comments.
+	* src/vipw.c: WITH_TCB cannot be tested inside a gettextized
+	string. Split the Usage string.
+	* lib/commonio.h: Re-indent.
+
+2010-08-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/audit_help.c (audit_logger):pgname is not used. We let
+	audit find out the name of the program.
+	* libmisc/audit_help.c: Re-indent.
+
+2010-08-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/groupio.c: Avoid implicit conversion from signed to unsigned.
+
+2010-08-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: Make sure there are no NULL pointer dereference.
+
+2010-08-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/remove_tree.c: Ignore snprintf return value.
+
+2010-08-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h, libmisc/list.c: dup_list() and is_on_list() do
+	not change the members of the list they receive. Added const
+	qualifiers.
+
+2010-08-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Re-indent.
+
+2010-08-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: Avoid multi-statements lines.
+
+2010-08-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/fr.po: Fix a typo.
+
+2010-06-24  Baurzhan Muftakhidinov  <baurthefirst@gmail.com>
+
+	* NEWS, po/kk.po: Updated Kazakh translation.
+
+2010-04-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/fr.po: Fix some typos. Minor updates: 886t70f187u.
+
+2010-04-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+	* po/*.po, man/po/*.po: Updated PO files.
+
+2010-04-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/newusers.8.xml, man/useradd.8.xml, man/groupadd.8.xml,
+	man/login.defs.d/UMASK.xml, man/login.defs.d/CREATE_HOME.xml,
+	man/login.defs.d/LOGIN_RETRIES.xml: Fix typos: choosen, overriden,
+	bahavior.
+
+2010-04-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/usermod.8.xml: Document changes of ownerships.
+
+2010-04-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/vipw.8.xml: Fix formatting typo.
+	* man/vipw.8.xml: Document the login.defs parameters only when tcb
+	is enabled.
+
+2010-04-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: spool is a constant string.
+	* src/useradd.c: Set the new copy_tree's paramater 'copy_root' to false 
+
+2010-04-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: move_home() is only called if mflg is set.
+	* src/usermod.c: Fail is -m is provided but the old home directory
+	is not a directory.
+	* src/usermod.c: Use the previous improvement of copy_tree to
+	provide better error diagnosis.
+	* src/usermod.c: When rename() is used, also change the ownership.
+	* src/usermod.c: Do not change the ownership of the root directory
+	twice.
+	* src/usermod.c: When -u is provided, only change the ownership of
+	the home directory if it is a directory.
+	* src/usermod.c: Also change ownerships when -g is used.
+
+2010-04-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h, libmisc/copydir.c: Add the old UID and GID to
+	copy_tree to detect when ownership shall be changed.
+	* libmisc/copydir.c: Document the behavior when the IDs are set to
+	-1.
+	* lib/prototypes.h, libmisc/copydir.c (copy_tree): Add parameter
+	copy_root.
+	* libmisc/copydir.c: error() and ctx can be static.
+	* libmisc/copydir.c (copy_hardlink): Remove parameter src.
+
+2010-04-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/chowndir.c: Dynamically allocate memory to support
+	path longer than 1024 characters.
+	* libmisc/chowndir.c: Fix typos in documentation.
+	* libmisc/chowndir.c: Support and document the behavior when a old
+	or new ID is set to -1.
+	* libmisc/chowndir.c: Improved error detection when chown fails.
+	* libmisc/chowndir.c: Harmonize error handling strategy when an
+	error occurs: stop changing ownership as soon as an error was
+	detected.
+
+2010-04-03  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/hu/passwd.5: Fix formatting typo.
+	* man/id/login.1: Likewise.
+
+2010-03-31  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/vipw.8.xml: When TCB is enabled, vipw uses login.defs.
+
+2010-03-31  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, libmisc/copydir.c: When a hardlink is detected, the
+	original hardlink should not be removed.
+
+2010-03-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/POTFILES.in, libmisc/Makefile.am, lib/prototypes.h,
+	libmisc/remove_tree.c, libmisc/copydir.c: Split remove_tree()
+	outside of copydir.c to avoid linking against libacl or libattr.
+
+2010-03-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: shell's name must be -su when a su fakes a login.
+
+2010-03-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, configure.in, libmisc/copydir.c, man/useradd.8.xml,
+	man/usermod.8.xml, src/Makefile.am: Added support for ACLs and
+	Extended Attributes.
+
+2010-03-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/copydir.c: Document the sections closed by #endif
+
+2010-03-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/vipw.8.xml: Add section ENVIRONMENT.
+
+2010-03-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* etc/login.defs: Updated description of UMASK to indicate its
+	usage by pam_umask.
+	* man/login.defs.d/UMASK.xml: Likewise.
+
+2010-03-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.1.xml: login does not check for new mails in PAM
+	enabled versions. This is done by pam_mail.
+
+2010-03-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/chpasswd.c, man/chpasswd.8.xml, man/login.defs.5.xml:
+	PAM enabled versions: restore the -e option to allow restoring
+	passwords without knowing those passwords. Restore together the -m
+	and -c options.
+
+2010-03-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c, src/vipw.c, src/newgrp.c: When the child is
+	interrupted, stop ourself with a SIGSTOP signal.
+
+2010-03-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newgrp.c: Limit the scope of variable pid.
+	* src/login_nopam.c: Limit the scope of variables end, lineno, i,
+	str_len.
+	* src/logoutd.c: Limit the scope of variable c.
+	* src/vipw.c: Re-indent.
+	* src/vipw.c: Close the file after the creation of the backup.
+	* src/useradd.c (set_default): Close input file on failure.
+	* src/useradd.c: Limit the scope of variables spool, file, fd, gr,
+	gid, mode.
+	* src/passwd.c: Limit the scope of variables last and ok.
+	* src/chage.c: Fix typo (non breaking space).
+	* src/login.c: Limit the scope of variables erasechar killchar, c,
+	failed.
+	* src/groups.c: Limit the scope of variable ngroups, pri_grp, i.
+	* src/id.c: Limit the scope of variable i.
+
+2010-03-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/utent.c (getutline): Remove getutline(). This function is
+	no more used.
+	* lib/groupmem.c: Limit the scope of variable i.
+	* lib/shadow.c: Avoid implicit conversion of pointers and integers
+	to booleans.
+	* lib/shadow.c: Added brackets.
+	* libmisc/limits.c: Limit the scope of variable tmpmask.
+	* libmisc/copydir.c: Close opened file on failure.
+	* libmisc/loginprompt.c: Limit the scope of variable envc.
+	* libmisc/find_new_uid.c, libmisc/find_new_gid.c: Limit the scope
+	of variable id.
+
+2010-03-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Detect some
+	misconfigurations of UID_MIN, UID_MAX, SYS_UID_MIN, SYS_UID_MAX (and
+	the GID equivalents)
+
+2010-03-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, configure.in: Next version will be 4.1.5.
+	* po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+	* po/*.po, man/po/*.po: Updated PO files.
+
+2010-03-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/limits.c: Re-indent to make pmccabe happy.
+
+2010-03-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/generate_translations.mak, man/generate_mans.mak: Fix
+	distcheck. All manpages generation code shall be enclosed in
+	ENABLE_REGENERATE_MAN conditions.
+
+2010-03-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/useradd.8.xml: Do not document the features which are not
+	working.
+	* man/useradd.8.xml: Fix typo: -u was meant instead of -o.
+	* man/useradd.8.xml: Document that the default behavior depends on
+	CREATE_HOME.
+
+2010-03-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/groupio.c: Fix memory management insplit_groups().
+
+2010-03-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/strtoday.c: Empty dates indicate a disabled date, this is
+	not an error.
+
+2010-03-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c, lib/commonio.c, po/POTFILES.in: Fix typos.
+	* libmisc/limits.c: Removed unused variable.
+
+2010-03-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: Stop sorting entries when we reach the first
+	NIS line.
+
+2010-03-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chsh.c: Even for root, warn if an invalid shell is
+	specified. Alioth#311305
+
+2010-03-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/limits.5.xml: Document the selection of the limits when
+	multiple lines match the user.
+
+2010-03-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/limits.c: Re-indent.
+	* libmisc/limits.c: Reformat the documentation. Avoid personal
+	comments.
+	* man/limits.5.xml: Document the new features.
+
+2010-03-18  Thomas Orgis  <thomas@orgis.org>
+
+	* NEWS, libmisc/limits.c: Fix parsing of limits.
+	* NEWS, libmisc/limits.c: Add support for infinite limits.
+	* NEWS, libmisc/limits.c: Add support for @group syntax.
+
+2010-03-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/tcbfuncs.h: Re-indent.
+	* lib/tcbfuncs.h: Explicitly indicate function taking a void
+	parameter.
+
+2010-03-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: When exiting because of a failure, warn if an
+	home directory created, but cannot be removed.
+
+2010-03-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/chowndir.c: Re-indent.
+	* libmisc/chowndir.c: Avoid assignment in comparisons.
+	* libmisc/chowndir.c: Added brackets and parenthesis.
+
+2010-03-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/strtoday.c: Add support for numerical dates, assuming
+	they are already specified in number of days since Epoch. Return
+	-2 in case of errors to support the specification of -1.
+	* src/usermod.c, src/useradd.c: Adapt to the new error value of
+	strtoday().
+	* src/chage.c:  Remove isnum(). Adapt to the new error value of
+	strtoday(). Support for numerical dates is moved to strtoday().
+
+2010-03-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/fr.po: Harmonize name of parameters.
+
+2010-03-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS: Indicate which tools support TCB.
+
+2010-03-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwck.c: Unlock the password and shadow files when there is a
+	failure to prepare the update in memory.
+
+2010-03-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwck.c: Only log to SYSLOG when acting on system files.
+
+2010-03-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwck.c: Document the sections closed by #endif
+	* src/pwck.c, man/pwck.8.xml: No alternative shadow file can be
+	given when USE_TCB is enabled.
+	* src/pwck.c: Remove the -s option from the usage when USE_TCB is
+	enabled. The option is still supported, but has no effect, as
+	documented in the manpage.
+
+2010-03-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwck.c: Do not use pwd_file and spw_file. Always use the
+	dbname() functions.
+
+2010-03-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwck.c: Re-indent.
+
+2010-03-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c, src/usermod.c, src/vipw.c, src/useradd.c,
+	src/pwck.c, src/chage.c, lib/shadowio.c: Explicitly use the
+	SHADOWTCB_FAILURE return code instead of 0 or implicit conversion
+	to booleans.
+
+2010-03-18  Paweł Hajdan, Jr.  <phajdan.jr@gentoo.org>
+
+	* src/pwck.c: Add support for TCB.
+	* src/pwck.c: Use spw_dbname() instead of spw_file since TCB
+	changes from a file to another depending on the user. Also use
+	pw_dbname() for consistency.
+
+2010-03-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/faillog.c: Re-indent.
+
+2010-03-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/tcbfuncs.h: Added type shadowtcb_status.
+	* lib/tcbfuncs.h, lib/tcbfuncs.c: Return a shadowtcb_status
+	instead of an int.
+	* lib/tcbfuncs.c: Do not return in OUT_OF_MEMORY.
+	* lib/tcbfuncs.c: Only FreeBSD specify that the returned buffer is
+	NULL in case of failure. The return value of asprintf shall be
+	checked.
+	* lib/tcbfuncs.c: Avoid implicit conversion of pointers or
+	integers to booleans.
+	* lib/tcbfuncs.c: Avoid assignments in comparisons.
+	* lib/tcbfuncs.c: Do not free path before its last use.
+	* lib/tcbfuncs.c: Include shadowio.h, needed for the
+	spw_setdbname's prototype.
+	* lib/tcbfuncs.c: Ignore fflush() return value.
+	* lib/tcbfuncs.c: Avoid implicit signed to unsigned conversions.
+	* lib/tcbfuncs.c: Avoid integer to char conversions.
+	* lib/tcbfuncs.c: Include prototypes.h for the definition of Prog.
+	* lib/tcbfuncs.c: Removed dead return.
+	* lib/tcbfuncs.c: move_dir() and shadowtcb_move() need a non NULL
+	stored_tcb_user.
+	* lib/tcbfuncs.c: Avoid implicit int to mode_t conversion.
+	* lib/tcbfuncs.c: Added brackets and parenthesis.
+	* lib/tcbfuncs.c: Re-indent.
+
+2010-03-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: Avoid implicit conversion of pointers to
+	booleans.
+	* lib/commonio.c: Ignore the return value of close when a
+	failure is reported.
+
+2010-03-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/faillog.8.xml: Document the behavior in display mode of the
+	-a option.
+	* NEWS, man/faillog.8.xml, src/faillog.c: Extend the -a option to
+	the non-display mode. This changes the default behavior of the -l,
+	-m, -r, -t options when -a is not specified (restrict to existing
+	users).
+
+2010-03-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/chage.1.xml, man/login.defs.5.xml, man/pwck.8.xml,
+	man/pwconv.8.xml, man/useradd.8.xml, man/userdel.8.xml,
+	man/usermod.8.xml, man/vipw.8.xml: Document the usage of the
+	TCB_AUTH_GROUP, TCB_SYMLINKS, and USE_TCB configuration
+	parameters.
+	* man/pwconv.8.xml, man/pwck.8.xml: Document the behavior when
+	USE_TCB is enabled.
+
+2010-03-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/POTFILES.in, lib/tcbfuncs.c: Add more strings for
+	translation.
+	* lib/tcbfuncs.c: Indicate the name of the program in error
+	messages. Avoid perror.
+	* src/useradd.c: Re-indent.
+	* src/useradd.c: Add more strings for translation. Indicate the
+	name of the program in error messages.
+	* src/userdel.c: Re-indent.
+	* src/userdel.c: Add more strings for translation. Indicate the
+	name of the program in error messages.
+
+2010-03-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: user_newname and user_newid cannot be used to
+	test if the username or ID is changed. lflg and uflg should be
+	used instead.
+
+2010-03-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c: Avoid perror. Give more verbose warnings.
+
+2010-03-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/Makefile.am: Indicate that man/generate_mans.deps is
+	generated.
+
+2010-03-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: Re-indent.
+	* lib/commonio.c: Document the sections closed by #endif
+	* lib/commonio.c: Added brackets.
+	* lib/commonio.c: Avoid implicit conversion of integer to
+	booleans.
+
+2010-03-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c: Re-indent.
+	* src/userdel.c: Added brackets.
+	* src/userdel.c: Avoid implicit conversion of pointers to
+	booleans.
+
+2010-03-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/shadowio.c: Re-indent.
+	* lib/shadowio.c: Added brackets and parenthesis.
+	* lib/shadowio.c: Document the sections closed by #endif
+	* lib/shadowio.c: Avoid negation of comparisons.
+	* lib/shadowio.c: Avoid implicit conversion of integer to booleans
+	and booleans to integers.
+
+2010-03-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Re-indent.
+	* src/useradd.c: Added brackets.
+	* src/useradd.c: Avoid implicit conversion of integers to
+	booleans.
+	* src/useradd.c: Harmonize error messages.
+
+2010-03-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/vipw.c: Document the sections closed by #endif
+	* src/vipw.c: Avoid implicit conversion of pointers or integers to
+	booleans.
+	* src/vipw.c: Added brackets and parenthesis.
+	* src/vipw.c: Limit the definition of some variables and macros to
+	the WITH_TCB scope.
+	* src/vipw.c: Avoid assignment in comparisons.
+	* src/vipw.c: Replace PASSWD_FILE (resp. GROUP_FILE and
+	SGROUP_FILE) by pw_dbname () (resp. gr_dbname () and sgr_dbname ()).
+	This is more consistent with the shadow file handling and may be
+	useful to allow edition of another partition's files.
+
+
+2010-03-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Re-indent.
+	* src/usermod.c: Avoid implicit conversion of pointers to
+	booleans.
+	* src/usermod.c: Added parenthesis.
+
+2010-03-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwunconv.c: Only check USE_TCB if configured WITH_TCB.
+
+2010-03-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c: Re-indent.
+	* src/userdel.c: Avoid implicit conversion of pointers to
+	booleans.
+	* src/userdel.c: Document the sections closed by #endif
+
+2010-03-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwconv.c: Only check USE_TCB if configured WITH_TCB.
+
+2010-03-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/copydir.c: Added parenthesis.
+
+2010-02-14  Michael Bunk  <mb@computer-leipzig.com>
+
+	* NEWS, lib/gshadow.c: Fix parsing of gshadow entries.
+
+2010-01-30  Paweł Hajdan, Jr.  <phajdan.jr@gentoo.org>
+
+	* NEWS: Add support for TCB.
+	* lib/tcbfuncs.h, lib/tcbfuncs.c, lib/Makefile.am: New library to
+	support TCB.
+	* lib/prototypes, libmisc/copydir.c (remove_tree): Add boolean
+	parameter remove_root.
+	* configure.in: Add conditional WITH_TCB.
+	* src/userdel.c, src/usermod.c: Add support for TCB. Update call to
+	remove_tree().
+	* src/pwconv.c, src/pwunconv.c: Should not be used with TCB enabled.
+	* src/vipw.c: Add support for TCB. Update call to remove_tree().
+	* src/useradd.c: Add support for TCB. Open the shadow file outside
+	of open_files().
+	* src/chage.c: Add support for TCB.
+	* src/Makefile.am: Install passwd sgid shadow when TCB is enabled.
+	* lib/getdefs.c, man/vipw.8.xml, man/login.defs.5.xml,
+	man/login.defs/TCB_AUTH_GROUP.xml, man/login.defs/USE_TCB.xml,
+	man/login.defs/TCB_SYMLINKS.xml, man/generate_mans.mak,
+	man/generate_mans.deps, man/Makefile.am: New configuration
+	parameters: TCB_AUTH_GROUP, TCB_SYMLINKS, USE_TCB.
+	* lib/shadowio.c, lib/commonio.c: Add support for TCB.
+
+2010-01-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/env.c: Fix sanitize_env() noslash support. This fixes
+	Alioth#311740.
+
+2010-01-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: Do not sanitize the environment. This breaks
+	--preserve-environment. This sanitation was disabled on Debian
+	since quite some time with no reported issues, and sanitize_env()
+	documentation agrees that it should be useless as all modern
+	Unixes will handle setuid executables properly. This fixes
+	Alioth#312287.
+
+2010-01-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/setupenv.c: Fix typo from 2009-11-01.
+
+2010-01-24  Paweł Hajdan, Jr.  <phajdan.jr@gentoo.org>
+
+	* configure.in: Add support for TCB in configure.in. Actual TCB
+	support will follow.
+
+2009-11-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/groupmod.c: Fixed groupmod when configured with
+	--enable-account-tools-setuid.
+
+2009-11-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, man/login.defs.d/ENV_SUPATH.xml, libmisc/setupenv.c:
+	Harmonize other paths and documentation with previous
+	change.
+
+2009-11-01  Michel Hermier  <michel.hermier@gmail.com>
+
+	* src/su.c: Set the default ENV_SUPATH to
+	/sbin:/bin:/usr/sbin:/usr/bin (i.e. PATH when no ENV_SUPATH is
+	specified).
+
+2009-10-15  Thorsten Kukuk  <kukuk@suse.de>
+
+	* src/faillog.c, man/faillog.8.xml: Harmonize long option in code
+	and documentation. Use --lock-secs instead of --lock-time.
+
+2009-10-05  Miroslav Kure  <kurem@upcase.inf.upol.cz>
+
+	* po/cs.po: updated to 412t
+
+2009-09-29  Clytie Siddall  <clytie@riverland.net.au>
+
+	* po/vi.po: updated to 412t
+
+2009-09-27  Miroslav Kure  <kurem@upcase.inf.upol.cz>
+
+	* po/cs.po: updated to 411t1f
+
+2009-09-24  Christian Perrier  <bubulle@debian.org>
+
+	* man/po/fr.po: Updated French translation to 835t99f165
+
+2009-09-24  Clytie Siddall  <clytie@riverland.net.au>
+
+	* po/vi.po: updated to 348t30f34u
+
+2009-09-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: Avoid pre-decrement operator (--n). Add some
+	comments.
+	* libmisc/cleanup.c: Fix off by one in an assertion.
+
+2009-09-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: Fix indentation.
+	* src/su.c: Add more messages for translation.
+	* src/su.c: Ignore kill() return value when sending the TERM
+	signal. If it fails, a KILL should be sent anyway.
+
+2009-09-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/su.c: When su receives a signal, wait for the child to
+	terminate (after sending a SIGTERM), and kill it only if it did
+	not terminate by itself. No delay will be enforced if the child
+	cooperates. See http://bugs.gentoo.org/282094
+	* NEWS, man/su.1.xml: Document su's exit values.
+
+2009-09-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: The default value for the CREATE_MAIL_SPOOL
+	variable (i.e. if CREATE_MAIL_SPOOL= is specified without any
+	values) is "no", not DCREATE_MAIL_SPOOL ("CREATE_MAIL_SPOOL=").
+
+2009-09-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Avoid redefinition of SHELL. Use DSHELL instead.
+	For consistency, change HOME, INACT, EXPIRE, SKEL, and
+	CREATE_MAIL_SPOOL to DHOME, DINACT, DEXPIRE, DSKEL, and
+	DCREATE_MAIL_SPOOL.
+
+2009-09-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newusers.c: Prefer #ifdef over #if.
+
+2009-09-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: We do not use SETPGRP_VOID, and already assume
+	that setpgrp has a void argument. Remove AC_FUNC_SETPGRP to ease
+	cross compiling.
+
+2009-09-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/generate_translations.mak, man/generate_mans.mak,
+	po/Makefile.in.in: Removing and restoring the config.xml file
+	broke parallel builds. Build the manpages based on *.xml-config
+	files instead of *.xml files.  The *.xml do not include config.xml
+	anymore, which permits to run xml2po without needing to remove
+	config.xml. The config.xml is restored in the *.xml-config files.
+	* man/groupadd.8.xml: Implementation of the above.
+	* man/generate_mans.deps: Updated dependencies
+
+2009-09-07  Steve Grubb  <sgrubb@redhat.com>
+
+	* libmisc/limits.c: Fix the format to match the unsigned long
+	variable in argument.
+	* libmisc/utmp.c: Fix tests. tmptty is a variable stack. ut_host
+	is an array of the ut structure. None of them can be NULL.
+
+2009-09-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/shadowmem.c: Only copy the required fields of the struct
+	spwd. (start with the primitive types)
+	* lib/shadowmem.c: Avoid memzero() on a possibly NULL pointer.
+	* lib/groupmem.c: Only copy the required fields of the struct
+	group. (start with the primitive types)
+	* lib/groupmem.c: Avoid memzero() on a possibly NULL pointer.
+	* lib/groupmem.c: Free gr_mem in addition to its elements.
+	* lib/sgroupio.c: The struct sgrp has no primitive types to be
+	copied initially.
+	* lib/sgroupio.c: Avoid memzero() on a possibly NULL pointer.
+	* lib/sgroupio.c: Free sg_mem and sg_add in addition to their
+	elements.
+	* lib/pwmem.c: Only copy the required fields of the struct
+	passwd. (start with the primitive types)
+
+2009-09-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/sgroupio.h: Harmonize splint annotations of sgr_locate()
+	prototype with the one used in its definition.
+
+2009-09-07  Steve Grubb  <sgrubb@redhat.com>
+
+	* libmisc/copydir.c, lib/shadowmem.c, lib/groupmem.c, lib/pwmem.c:
+	Fix some memory leaks.
+
+2009-09-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c, src/lastlog.c, src/gpasswd.c, src/newusers.c,
+	src/chpasswd.c, src/groupmems.c, src/usermod.c, src/chgpasswd.c,
+	src/vipw.c, src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c,
+	src/groupadd.c, src/chage.c, src/faillog.c, src/chsh.c: Use
+	booleans for tests.
+	* src/userdel.c, src/gpasswd.c, src/groupmems.c, src/usermod.c,
+	src/groupmod.c, src/passwd.c: Use a break even after usage().
+
+2009-09-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c, src/groupmems.c: Split the groupmems and gpasswd
+	Usage string. It was changed anyway to add the --help option.
+
+2009-09-05  Mike Frysinger  <vapier@gentoo.org>
+
+	* NEWS, src/userdel.c, src/lastlog.c, src/gpasswd.c,
+	src/newusers.c, src/chpasswd.c, src/groupmems.c, src/usermod.c,
+	src/chgpasswd.c, src/vipw.c, src/su.c, src/useradd.c,
+	src/groupmod.c, src/passwd.c, src/groupadd.c, src/chage.c,
+	src/faillog.c, src/chsh.c: If someone uses the -h/--help options,
+	the usage should not go to stderr nor should the utility exit with
+	non-zero status. All of the shadow utils do just this
+	unfortunately, so convert them over to sanity.
+	* man/groupmems.8.xml, man/gpasswd.1.xml: Added option -h/--help.
+
+2009-09-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Fixed wrong format string.
+	* lib/gshadow.c: Removed declaration of unused variable.
+
+2009-08-30  Mike Frysinger  <vapier@gentoo.org>
+
+	* man/generate_mans.mak, man/generate_translations.mak: Provide an
+	useful error message when --enable-man is not enabled and the
+	translated manpages are not generated.
+
+2009-08-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.d/ENCRYPT_METHOD.xml: Avoid using sub-lists. They
+	break the groff formatting.
+
+2009-07-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/fr.po: Fix typos, based on reviews by the Debian French
+	translation team.
+
+2009-07-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, configure.in: Prepare for the next release 4.1.4.2.
+	* po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+	* po/*.po, man/po/*.po: Updated PO files.
+
+2009-07-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: Fixed definition of the SHELL configuration.
+
+2009-07-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* etc/login.defs: SYS_GID_MIN /SYS_UID_MIN changed from 100 to
+	101. GID 100 seems to be used statically.
+
+2009-07-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/shell.c, src/su.c: Execute the scripts with "sh -"
+	rather than "sh".
+
+2009-07-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in, libmisc/shell.c, libmisc/setupenv.c, src/newgrp.c,
+	src/su.c: Let the system shell be configurable.
+
+2009-07-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/su.c, libmisc/shell.c: Added support for shells being a
+	shell script without a shebang.
+
+2009-07-19  Jean-Louis Dupond  <info@dupondje.be>
+
+	* po/nl.po: Fix obvious mistake in Dutch translation.
+
+2009-07-18  Peter Vrabec  <pvrabec@redhat.com>
+
+	* NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not use
+	getpwent / getgrent for system accounts. Trying the low-IDs with
+	getpwuid / getgrgid should be more efficient on LDAP configured
+	systems with many accounts.
+	* NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Since
+	system accounts are allocated from SYS_?ID_MIN to SYS_?ID_MAX in
+	reverse order, accounts are packed close to SYS_?ID_MAX if
+	SYS_?ID_MIN is already used but there are still dome gaps.
+
+2009-07-05  Piarres Beobide  <pi+debian@beobide.net>
+
+	* po/eu.po: Updated Basque translation.
+
+2009-06-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/fi/Makefile.am: Stop distributing the Finnish translation of
+	passwd.1 (outdated).
+
+2009-06-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/pwck.8.xml: The shadow file is optional.
+	* man/pwck.8.xml: Updated description of the checks. Added
+	description of the shadow checks.
+	* man/pwck.8.xml: Updated description of the checks.
+
+2009-06-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/fr.po: Fixed typo (forunis)
+
+2009-06-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/fputsx.c: Compare the result of fgets() with the provided
+	buffer instead of NULL.
+
+2009-06-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/gshadow.c: Removed limitation on the length of the gshadow
+	lines.
+	* lib/gshadow.c: Compare the result of fgetsx() with the provided
+	buffer instead of NULL.
+
+2009-06-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetgrnam.c,
+	libmisc/xgetpwuid.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c: Do
+	not limit the size of the buffer to hold the group or user
+	structure. It used to be limited to 16k, which caused issues with
+	groups having many users.
+
+2009-06-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c, man/su.1.xml: The default behavior (without -p or
+	--login) is to copy most of the environment variables. Revert a
+	previous change and update the documentation.
+
+2009-06-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/passwd.5.xml, man/shadow.5.xml: Document the passwd- and
+	shadow- files.
+
+2009-06-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/su.c: Preserve the DISPLAY and XAUTHORITY environment
+	variables, even with --login. This was not the case before in the
+	PAM version.
+
+2009-06-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c, src/groupmod.c, src/groupadd.c, src/faillog.c:
+	Fix typos. Take this opportunity to split the usage messages into
+	smaller messages (one per option).
+	* src/pwck.c: Fix typo.
+
+2009-06-05  Petri Koistinen  <petri.koistinen@iki.fi>
+
+	* man/passwd.1.xml: The short option for --mindays is -n, not -m.
+
+2009-06-04  Mike Frysinger  <vapier@gentoo.org>
+
+	* .gitignore, man/.gitignore, src/.gitignore: Added .gitignore
+	files.
+
+2009-06-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/su.1.xml: Use <option> for the login.defs options.
+	* man/su.1.xml: Improve the documentation of the su behavior
+	regarding environment variables.
+	* man/su.1.xml: Document that the login.defs file is used.
+
+2009-06-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.1.xml: Document that the login.defs file is used.
+
+2009-06-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.d/ENVIRON_FILE.xml: Document the format for
+	comments.
+
+2009-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/gpasswd.1.xml: Ease the translation of the refpurpose.
+	* man/gpasswd.1.xml: Fix typo, shorten sentences.
+
+2009-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/pwck.8.xml, man/grpck.8.xml: Move the SEE ALSO section at
+	the end.
+
+2009-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/vipw.c: Make sure opened files are closed.
+
+2009-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/chpasswd.8.xml, man/grpck.8.xml, man/newgrp.1.xml,
+	man/passwd.1.xml, man/sg.1.xml: Avoid a spurious comma.
+
+2009-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS: New placeholder for the next release.
+
+2009-05-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/fr.po: Updated French translation.
+
+2009-05-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS: Prepare the next release.
+	* po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+	* po/*.po, man/po/*.po: Updated PO files.
+
+2009-05-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/passwd.1.xml: passwd -u does not reset the expiry field.
+
+2009-05-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/fr.po: Updated some strings.
+
+2009-05-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newgrp.c: Return the exit status of the child. Thanks
+	to Lionel Elie Mamane.
+
+2009-05-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Added warnings for absolute symlinks which could
+	be broken by rename().
+
+2009-05-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/userdel.c: Report errors to remove the user's mailbox.
+	* NEWS, src/userdel.c: When USERGROUPS_ENAB is enabled, remove the
+	user's group when the user was the only member. This is still not
+	complete, as the user could have been specified twice in the
+	members.
+	* NEWS, src/userdel.c: Do not fail when -r is used and the home
+	directory does not exist.
+
+2009-05-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/copydir.c: Added warning for relative symlinks.
+	* libmisc/copydir.c (remove_tree): There is no need to check if
+	the root argument exist. opendir() will report this.
+
+2009-05-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/faillog.8.xml: Minor updates.
+
+2009-05-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/faillog.5.xml: Split a long paragraph. Typo fixes.
+
+2009-05-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/gpasswd.1.xml: Minor updates.
+
+2009-05-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/gshadow.5.xml: Updated documentation.
+
+2009-05-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/usermod.8.xml, man/userdel.8.xml, man/useradd.8.xml:
+	Harmonize formatting of login.defs and default/useradd variables.
+	Use an <option> tag.
+	* man/usermod.8.xml: Added reference to gshadow(5).
+	* man/login.defs.d/USERDEL_CMD.xml: Shorten the lines of the
+	USERDEL_CMD example.
+
+2009-05-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: Use a boolean instead of 0.
+
+2009-05-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/usermod.8.xml: Fixed typos.
+
+2009-05-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: Next version will be 4.1.4.1.
+
+2009-05-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/newusers.8.xml: Added notes regarding the ownership of
+	files.
+
+2009-05-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/groupmod.8.xml: Split the -g option description into smaller
+	paragraphs.
+
+2009-05-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/usermod.8.xml: Ownership of the mailbox is also changed with
+	the -u option.
+
+2009-05-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/useradd.8.xml: When no passwords are provided, the password
+	is disabled, not the account.
+
+2009-05-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/newusers.8.xml, man/chpasswd.8.xml, man/useradd.8.xml,
+	man/groupadd.8.xml, man/usermod.8.xml, man/chgpasswd.8.xml,
+	man/groupmod.8.xml: Added warning: passwords set with these tools
+	may not respect the password policy.
+
+2009-05-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/groupadd.8.xml: Fixed formatting issue.
+
+2009-05-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/userdel.8.xml: Added warning for files that could remain
+	owner by the removed user.
+
+2009-05-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/useradd.8.xml: Fix formatting typo.
+
+2009-05-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/groupdel.8.xml: Move the warning on filesystems checks to
+	the CAVEAT section.
+
+2009-05-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.d/GID_MAX.xml: Fixed typo. useradd was specified
+	twice.
+
+2009-05-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/groupadd.8.xml, man/useradd.8.xml: names may also contain
+	digits.
+
+2009-05-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/shadow.5.xml: What is important in shadow is not the
+	encryption, but that the file is not world readable.
+
+2009-05-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/fr.po: Updated French translation. Thanks to ABBAS
+	Belkacem for the login.defs update.
+
+2009-05-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/usermod.8.xml: Split the CAVEAT section in paragraphs.
+	Updated information on the user_busy check.
+
+2009-05-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/userdel.8.xml: Document that -f may force the deletion of a
+	busy user.
+
+2009-05-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/usermod.c: Check if the user is busy when the user's
+	UID, name or home directory is changed.
+
+2009-05-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c, libmisc/user_busy.c, libmisc/Makefile.am,
+	lib/prototypes.h: Move user_busy() to libmisc/user_busy.c.
+	* NEWS, libmisc/user_busy.c: On Linux, do not check if an user is
+	logged in with utmp, but check if the user is running some
+	processes. If not on Linux, continue to search for an utmp record,
+	but make sure the process recorded in the utmp entry is still
+	running.
+
+2009-05-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/usermod.8.xml: Document the -m/--move-home option.
+
+2009-05-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c (user_busy): Check if the process registered in
+	utmp is still running. This avoids rejecting the removal of an
+	user when UTMP was not updated and indicate that the user is still
+	logged in.
+
+2009-05-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, libmisc/console.c (console): Remove the leading /dev/ from
+	the tty before comparing with the lines specified by CONSOLE.
+	* src/su.c: Do not remove the /dev/ prefix since it is done by
+	console().
+
+2009-05-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.d/CONSOLE.xml: Document the format of the CONSOLE
+	file.
+
+2009-05-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/login.c: Fix failure of non PAM enabled versions when
+	an empty username is entered after a first prompt.
+
+2009-05-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/passwd.c: Added missing end of line at the end of success
+	messages.
+
+2009-05-16  sacha  <sachall@infonie.fr>
+
+	* po/fr.po: Fixed typo in the vipw usage string.
+
+2009-05-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/shell.c: Removed invalid code that executed the user's
+	shell as a shell script when the direct execution of the user's
+	shell failed with ENOEXEC and the user's shell has a shebang. The
+	interpreter might not be the right one.  Executing the user's
+	shell with sh -c might be better, but I'm not sure we should try
+	harder when there is a failure. Note: the removed code was only
+	included #ifndef __linux__.
+
+2009-05-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/userdel.8.xml: The USERGROUPS_ENAB group may not be removed
+	when the group is used by other users, not the user.
+
+2009-05-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c, man/login.defs.d/USERDEL_CMD.xml: Move the
+	USERDEL_CMD script example from the source code to the
+	documentation.
+
+2009-05-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/newusers.8.xml: PAM enabled version: describe how passwords
+	are updated and how newusers behave in case of error.
+
+2009-05-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, configure.in: New release will be 4.1.4.
+	* po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+	* po/*.po, man/po/*.po: Updated PO files.
+
+2009-05-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/copydir.c: Added prototype of readlink_malloc(), and
+	readlink_malloc() changed to static.
+
+2009-05-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: Avoid redeclaration of root_pw.
+
+2009-05-10  NAKANO Takeo  <nakano@webmasters.gr.jp>
+
+	* po/ja.po: Updated Japanese translation.
+
+2009-05-10  Jean-Luc Coulon (f5ibh)  <jean-luc.coulon@wanadoo.fr>
+
+	* po/fr.po: Updated French translation.
+
+2009-05-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: Avoid PATH_MAX. On glibc, we can use realpath
+	with a NULL argument.
+	* src/useradd.c: Replace PATH_MAX by a fixed constant. The buffer
+	was not meant as a storage for a path.
+	* src/useradd.c, src/newusers.c, src/chpasswd.c: Better detection
+	of fgets errors. Lines shall end with a \n, unless we reached the
+	end of file.
+	* libmisc/copydir.c: Avoid PATH_MAX. Support file paths with any
+	length. Added readlink_malloc().
+
+2009-05-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwck.c: Warn if an user has an entry in passwd and shadow,
+	and the password field in passwd is not 'x'.
+	* src/grpck.c: Warn if a group has an entry in group and gshadow,
+	and the password field in group is not 'x'.
+
+2009-05-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.d/ENCRYPT_METHOD.xml,
+	man/login.defs.d/MD5_CRYPT_ENAB.xml,
+	man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml: Updated note for PAM
+	enabled versions. These variables are only used for group
+	passwords in this case.
+
+2009-05-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/chpasswd.8.xml: Sorted options alphabetically.
+
+2009-05-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newusers.c, src/Makefile.am: Added support for
+	changing the passwords with PAM.
+	* src/newusers.c: Split the usage string in smaller parts to
+	allow enabling single parts.
+	* man/newusers.8.xml: Indicate the options and configuration
+	variables valid for PAM and non-PAM versions.
+	* man/newusers.8.xml: Added pointer to /etc/pam.d/chpasswd.
+
+2009-05-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c: Remove duplicate definitions of exit codes.
+
+2009-05-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/non_interactive_pam_conv.c,
+	libmisc/pam_pass_non_interractive.c, libmisc/Makefile.am: Renamed.
+	* libmisc/pam_pass_non_interractive.c, lib/prototypes.h:
+	non_interactive_password and non_interactive_pam_conv do not need
+	to be externally visible.
+	* libmisc/pam_pass_non_interractive.c: Added declaration of
+	ni_conv.
+	* libmisc/pam_pass_non_interractive.c: Only compile ifdef USE_PAM.
+	* libmisc/pam_pass_non_interractive.c, lib/prototypes.h:
+	Added do_pam_passwd_non_interractive().
+	* src/chpasswd.c: Use do_pam_passwd_non_interractive().
+
+2009-05-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/pam_pass.c: Removed comment regarding pam_misc. This is
+	checked by configure.in.
+
+2009-05-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.5.xml: PAM enabled chpasswd do not use any
+	configuration variable from login.defs.
+
+2009-05-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/passwd.1.xml: Differentiate the files used for PAM and
+	non-PAM versions.
+
+2009-05-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/chpasswd.8.xml: Describe how chpasswd behaves in case of error.
+	* man/chpasswd.8.xml: Describe the PAM enabled chpasswd behavior.
+	* man/chpasswd.8.xml: Differentiate the files and configurations
+	used for PAM and non-PAM versions.
+
+2009-05-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: failcount does not need to be signed.
+
+2009-05-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/Makefile.am: PAM enabled chpasswd now needs to be linked to
+	the PAM library, even if --enable-account-tools-setuid is not
+	used.
+
+2009-05-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chpasswd.c: Added the line number when an error is reported
+	instead of only the username.
+	* src/chpasswd.c: PAM enabled chpasswd may change the password
+	database (for the user where the password update succeeded) even
+	if there were a failure for one user. Do not indicate that changes
+	were ignored.
+
+2009-05-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/passwd.c: Exit immediately when unlocking a password would
+	result in a passwordless account. This avoid printing a success
+	message after the warning.
+
+2009-05-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/nologin.c: Include <stdlib.h> to get EXIT_FAILURE.
+
+2009-05-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, configure.in: Fix build failure on non-PAM enabled system
+	when --without-pam is not specified.
+
+2009-04-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: Ignore the return values of fclose() and
+	unlink() in case of failure of fopen_set_perms() or
+	create_backup().
+	* lib/commonio.c: Should the backup file be unlink'ed in case of
+	failure of create_backup()?
+
+2009-04-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/getulong.c: Added splint annotations.
+
+2009-04-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newgrp.c, src/chfn.c, src/groupmems.c, src/usermod.c,
+	src/userdel.c, src/chpasswd.c, src/grpck.c, src/gpasswd.c,
+	src/groupdel.c, src/chgpasswd.c, src/vipw.c, src/useradd.c,
+	src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c,
+	src/groupadd.c, src/chage.c, src/login.c, src/faillog.c,
+	src/sulogin.c, src/chsh.c, src/pwconv.c: Added splint annotations.
+	* src/userdel.c, src/pwconv.c, src/lastlog.c, src/grpck.c,
+	src/vipw.c, src/groupmod.c, src/passwd.c, src/pwck.c, src/login.c,
+	src/sulogin.c, src/usermod.c: Use return instead of exit at the
+	end of main().
+	* src/gpasswd.c, src/passwd.c, src/faillog.c: Use the exitcodes.h
+	exit codes.
+	* src/chpasswd.c: Added missing ||.
+	* src/nologin.c: Do not include exitcodes.h.
+	* src/nologin.c: Added brackets.
+	* src/nologin.c: Avoid assignments in comparisons.
+
+2009-04-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/getgr_nam_gid.c, lib/get_gid.c, lib/get_pid.c,
+	lib/get_uid.c: Added splint annotations.
+
+2009-04-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/exitcodes.h: Define E_SUCCESS as EXIT_SUCCESS. Added FIXMEs.
+	* libmisc/chowntty.c, libmisc/rlogin.c, libmisc/sub.c,
+	src/newusers.c, libmisc/sulog.c, libmisc/system.c, src/logoutd.c,
+	src/groups.c, src/id.c, lib/encrypt.c, libmisc/audit_help.c,
+	libmisc/limits.c: Return EXIT_FAILURE instead of 1, and
+	EXIT_SUCCESS instead of 0.
+	* libmisc/audit_help.c: Replace an fprintf() by fputs().
+	* libmisc/audit_help.c: Remove documentation of the audit_logger
+	returned values. The function returns void.
+	* libmisc/system.c: Only return status if waitpid succeeded.
+	Return -1 otherwise.
+
+2009-04-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/chpasswd.c: Added support for changing the passwords
+	with PAM.
+	* src/chpasswd.c: Split the usage string in smaller parts to
+	allow enabling single parts.
+	* src/chpasswd.c: Do not set a global lock on the password files.
+	This is done by PAM each time a password is updated.
+
+2009-04-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/defines.h: Include <utmpx.h> and <utmp.h> to define
+	USER_NAME_MAX_LENGTH.
+
+2009-04-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Change a snprintf() to strncpy(). There are no
+	format.
+
+2009-04-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/passwd.c: Harmonize status report at the end of passwd.
+	Prefix the messages with "passwd: ", only indicate a password
+	change if the password was actually changed, and password
+	properties changed otherwise.
+
+2009-04-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chgpasswd.c, src/newusers.c: There is no need to test for 0
+	after getopt_long. No options have flag != NULL.
+
+2009-04-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h: Replace #if by #ifdef
+	* libmisc/Makefile.am, lib/prototypes.h,
+	libmisc/non_interactive_pam_conv.c: Added
+	non_interactive_pam_conv() and non_interactive_password.
+
+2009-04-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/utmp.c, src/userdel.c, src/logoutd.c: Replace #if by #ifdef
+
+2009-04-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/vipw.c: Harmonize messages.
+
+2009-04-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/lastlog.c: Replace atoi() by getulong().
+
+2009-04-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/failure.h: Replace HAVE_UTMPX_H by USE_UTMPX.
+
+2009-04-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/rlogin.c: Replace atoi() by getulong().
+
+2009-04-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/failure.c: Replace HAVE_UTMPX_H by USE_UTMPX.
+
+2009-04-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/chkname.c: Do not include <utmp.h> and <utmpx.h>. There
+	are no more needed.
+
+2009-04-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/limits.c: Replace strtol() by getlong().
+	* libmisc/limits.c: Replace HAVE_UTMPX_H by USE_UTMPX.
+
+2009-04-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/groupmod.8.xml, man/usermod.8.xml, man/groupadd.8.xml,
+	man/useradd.8.xml: Added note to warn about insecurity in using
+	--password.
+	* man/groupmod.8.xml: Removed not regarding default if --password
+	is not used. This was a cut&paste from groupadd.8.xml.
+	* man/passwd.1.xml: Split some paragraphs.
+	* man/passwd.1.xml: Recommend other encryption methods than DES.
+
+2009-04-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Move update_utmp() after the PID or session ID
+	changed in order to get more accurate data in UTMP. This also
+	fixes "exec login" when login in installed setuid.
+
+2009-04-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Reuse a string and avoid an untranslated message
+	"Login incorrect".
+
+2009-04-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Replace HAVE_UTMPX_H by USE_UTMPX.
+	* src/login.c: Avoid name clash between global variables and the
+	update_utmp() arguments.
+
+2009-04-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupadd.c, lib/commonio.c, lib/groupio.c: Added missing
+	include of <assert.h>
+
+2009-04-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h: Replace HAVE_UTMPX_H by USE_UTMPX.
+	* lib/prototypes.h, libmisc/log.c: Added splint annotations.
+	* libmisc/log.c: Added SYSLOG warning when lseek fails (should not
+	happen).
+
+2009-04-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/mail.c, libmisc/copydir.c: Added missing include of
+	<assert.h>
+
+2009-04-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/env.c: Added assertions on the snprintf results.
+
+2009-04-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, configure.in: Added configure option --enable-utmpx,
+	disabled by default. This defines USE_UTMPX, which should be used
+	instead of HAVE_UTMPX_H.
+	* libmisc/utmp.c: Replace HAVE_UTMPX_H by USE_UTMPX.
+	* libmisc/utmp.c: Removed old comment on HAVE_STRUCT_UTMP_UT_ID
+	and UTMPX support.
+
+2009-04-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/fr.po: Fix typo.
+
+2009-04-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newgrp.c: Close the databases before changing the UDI and
+	GID.
+
+2009-04-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/myname.c: Updated splint annotations.
+
+2009-04-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: Added splint annotations.
+	* lib/commonio.c: old_context should be local to commonio_close(),
+	not global.
+
+2009-04-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/passwd.c: Do not freecon strings duplicated with strdup.
+	Also avoid allocation of memory.
+	* src/passwd.c: Use SYSLOG instead of syslog.
+
+2009-04-25  Miroslav Kure  <kurem@upcase.inf.upol.cz>
+
+	* po/cs.po: Updated to 352T7f8u
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.h, lib/commonio.c: Added splint annotations.
+	* lib/commonio.c: Do not assumes eptr is always notnull.
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, po/pt.po: Updated Portuguese translation.
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/copydir.c: Added splint annotations.
+	* libmisc/copydir.c: Added assert to help splint.
+	* libmisc/copydir.c: Free allocated structures in cas of failure.
+	* libmisc/copydir.c: Avoid implicit conversion of pointers to
+	booleans.
+	* libmisc/copydir.c: Use buffers of size PATH_MAX instead of 1024
+	for filenames.
+	* libmisc/copydir.c: Use fchmod and fchown to change the mode of
+	the opened file.
+	* libmisc/copydir.c: Indicate the mode to open(), even if we chmod
+	later.
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h: Added prototypes of getulong() and get_pid().
+	* lib/prototypes.h: Added splint annotations.
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: Use get_pid() instead of strtol.
+	* lib/commonio.c: Replace an int by a size_t.
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.h: Added splint annotations.
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/sgroupio.c: Free allocated structures on failure.
+	* lib/sgroupio.c: Added splint annotations.
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/Makefile.am, lib/get_pid.c, lib/getulong.c: Added get_pid()
+	and getulong().
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/getlong.c: Do not check for NULL string but empty string.
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/groupio.c: Updated splint annotations.
+	* lib/groupio.c: Added assert to help splint.
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Check assumptions on snprintf().
+	* src/useradd.c: Replace peror by an strerror and avoid an
+	intermediate buffer.
+	* src/useradd.c: Save errno between the failure and the report by
+	perror/strerror.
+	* src/useradd.c: Prefer xmalloc to malloc.
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/lastlog.c: Remove function calls from within assert().
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/obscure.c: Change some int to size_t.
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/console.c: Use a less disturbing construct for splint.
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/limits.c: Parse the limits, umask, nice, maxlogin, file
+	limit with getlog() / getulong(). This also means, in case of
+	non-PAM enabled systems, that the umask specified on the GECOS
+	fields should start with a 0 if specified in octal. (it used to be
+	force to octal). Do the appropriate cast and range checking.
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/salt.c: In case gettimeofday() fails, get some entropy
+	from the PID.
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/setupenv.c: Prefer snprintf to sprintf, even if a small
+	context indicates no issues.
+	* libmisc/setupenv.c: Avoid implicit conversion of pointers to
+	booleans.
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/loginprompt.c: Prefer snprintf to sprintf, even if a
+	small context indicates no issues.
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/faillog.c: Remove function calls from within assert().
+
+2009-04-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/mail.c: Ignore the return value of puts().
+	* libmisc/mail.c: Prefer snprintf to sprintf, even if a small
+	context indicates no issues.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c, lib/commonio.h, lib/groupio.c, lib/groupio.h,
+	lib/pwio.c, lib/pwio.h, lib/shadowio.c, lib/shadowio.h: Added
+	splint annotations. The *_locate() and *_next() functions
+	currently return an observer. As the structure are often modified
+	by the caller, it could maybe be changed to exposed later. (and
+	non-const)
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/pwauth.c: Use a boolean for wipe_clear_pass and use_skey.
+	* lib/pwauth.c: Added splint annotations.
+	* lib/pwauth.c: Added brackets and parenthesis.
+	* lib/pwauth.c: Avoid assignments in comparisons.
+	* lib/pwauth.c: Avoid implicit conversion of pointers or
+	characters to booleans.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmod.c: Cast ID to ulongs and use ulong formats for IDs.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newgrp.c: Added splint annotations.
+	* src/newgrp.c: audit_buf is only used in newgrp. Make it static.
+	* src/newgrp.c: Ignore the return value of fputs().
+	* src/newgrp.c: Use exit(EXIT_FAILURE) instead of exit(1).
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/pwdcheck.c (passwd_check): The progname is not used.
+	* libmisc/pwdcheck.c: Ignore the return value of sleep().
+	* libmisc/pwdcheck.c: Use exit(EXIT_FAILURE) instead of exit(1).
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/setupenv.c: Avoid assignments in comparisons.
+	* libmisc/setupenv.c: Added brackets and parenthesis.
+	* libmisc/setupenv.c: Ignore the return value of fclose (file
+	opened read-only)
+	* libmisc/setupenv.c: Ignore the return value of puts().
+	* libmisc/setupenv.c: Avoid implicit conversion of pointers to
+	booleans.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/find_new_gid.c, libmisc/find_new_uid.c,
+	libmisc/isexpired.c, src/groupadd.c, lib/pwauth.h, lib/groupmem.c,
+	lib/shadowmem.c, lib/pwmem.c, lib/prototypes.h: Added splint
+	annotations.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/loginprompt.c: Use exit(EXIT_FAILURE) instead of
+	exit(1).
+	* libmisc/loginprompt.c: Avoid implicit conversion of pointers to
+	booleans.
+	* libmisc/loginprompt.c: Ignore return value of putc().
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/env.c, libmisc/age.c: Added splint annotations.
+	* libmisc/age.c: Added brackets and parenthesis.
+	* libmisc/age.c: Ignore the return value of fclose (file opened
+	read-only)
+	* libmisc/age.c: Ignore puts() return value.
+	* libmisc/age.c: Use exit(EXIT_FAILURE) instead of exit(1).
+	* libmisc/age.c: Avoid assignments in comparisons.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/fputsx.c, lib/gshadow.c, lib/commonio.h: Added splint
+	annotations.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/get_gid.c: gidstr should not be NULL, but the check was
+	meant to make sure it is not empty.
+	* lib/get_uid.c: Likewise.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/getdef.c: Added splint annotations.
+	* lib/getdef.c: Ignore fputs() return value.
+	* lib/getdef.c: Use EXIT_FAILURE / EXIT_SUCCESS for exit()
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/faillog.c: Added splint annotations.
+	* src/faillog.c: Cast ID to ulongs and use ulong formats for IDs.
+	* src/faillog.c: Ignore fflush() return value.
+	* src/faillog.c: Added parenthesis.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/grpck.c: Ignore puts return value.
+	* src/grpck.c: Avoid variable format string.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/lastlog.c: Use EXIT_FAILURE / EXIT_SUCCESS for exit()
+	* src/lastlog.c: Added splint annotations.
+	* src/lastlog.c: Avoid global pwent.
+	* src/lastlog.c: Cast ID to ulongs and use ulong formats for IDs.
+	* src/lastlog.c: Avoid assignment in comparisons.
+	* src/lastlog.c: Ignore fclose() return value since the file is
+	only opened for reading.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newgrp.c: Added assertion to guide splint (and me).
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/find_new_gid.c: Use booleans instead of char fo
+	used_gids.
+	* libmisc/find_new_gid.c: Use getdef_ulong and cast to git_t to
+	get GID values.
+	* libmisc/find_new_gid.c: Use UL as a prefix for ulong values.
+	* libmisc/find_new_uid.c: Likewise.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/yesno.c: Ignore the return value of puts.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/age.c: Use exit(EXIT_FAILURE) instead of exit(1).
+	* libmisc/age.c: The return value of execl() is not used.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/xgetXXbyYY.c, libmisc/myname.c, libmisc/getgr_nam_gid.c,
+	libmisc/salt.c, libmisc/list.c, libmisc/cleanup.c, src/login.c,
+	lib/getdef.h, lib/groupio.c, lib/getlong.c, lib/gshadow_.h,
+	lib/sgroupio.c, lib/shadowio.c, lib/pwio.c, lib/commonio.h,
+	lib/fputsx.c, lib/prototypes.h: Added splint annotations.
+	* lib/groupio.c: Avoid implicit conversion of pointers to
+	booleans.
+	* lib/groupio.c: Free allocated buffers in case of failure.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/defines.h: Added splint definitions to replace <locale.h>
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/utmp.c, libmisc/age.c, libmisc/shell.c, lib/groupio.c,
+	lib/groupio.h, lib/sgroupio.c, lib/sgroupio.h, lib/shadowio.c,
+	lib/pwio.c, lib/commonio.c, lib/shadowio.h, lib/pwio.h,
+	lib/commonio.h, lib/prototypes.h: Added splint annotations.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/utmp.c: Only set ut_time and ut_tv if gettimeofday()
+	succeeds.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/utmp.c: Fix the check for empty host in prepare_utmp()
+	and prepare_utmpx().
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/utmp.c: The ut argument of prepare_utmp() and
+	prepare_utmpx () might be NULL. ut_id needs to be forged in that
+	case.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/utmp.c: Removed old documentation of setutmp().
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/utmp.c: Use xmalloc() rather than malloc().
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/utmp.c: The name returned by ttyame() needs to be copied
+	locally.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Added assert()s for NULL (or ! NULL) username, and
+	pwd. This helps splint.
+	* src/login.c: Added splint annotations.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: After login_prompt(), do not check for unset
+	username, but for empty username.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/defines.h: Define USER_NAME_MAX_LENGTH, based on utmp and
+	default to 32.
+	* libmisc/chkname.c: Use USER_NAME_MAX_LENGTH.
+	* src/login.c: Use USER_NAME_MAX_LENGTH instead of the default 32.
+	username also needs to be bigger than USER_NAME_MAX_LENGTH because
+	it has to be nul-terminated.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Use xmalloc() instead of malloc().
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Ignore the return value of puts(), fputs(),
+	strftime().
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: timeout, delay, and retries should be unsigned.
+	* src/login.c: Ignore the return value of alarm() and sleep().
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: If we cannot get the terminal configuration, do not
+	change the terminal configuration. setup_tty() is just a best
+	effort configuration of the terminal.
+	* src/login.c: Ignore failures when setting the terminal
+	configuration.
+	* src/login.c: Fail if the ERASECHAR or KILLCHAR configurations
+	are not compatible with a cc_t type.
+
+2009-04-22  Paul Szabo  <psz@maths.usyd.edu.au>
+
+	* src/login.c: utent might be NULL after get_current_utmp().
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Removed temp_shell. No more used.
+	* src/login.c: lastlog is only used #ifndef USE_PAM
+	* src/login.c: Rename lastlog to ll to avoid name clash with the
+	lastlog type.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Added update_utmp() to group the prepare_utmp and
+	setutmp (and the utmpx versions).
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Do not include netdb.h. gethostbyname() is no more
+	called from within login.c. Also UT_ADDR does not exist anymore.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Check if login is run with effective root
+	privileges. This should be more helpful to users than a failure to
+	find an utmp entry or failure to access a file.
+
+2009-04-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/utmp.c: Reworked. Get rid of Linux specific stuff. Get rid
+	of global utent/utxent variables. Only reuse the ut_id and maybe
+	the ut_host fields from utmp.
+	* lib/prototypes.h, libmisc/utmp.c: Removed checkutmp(),
+	setutmp(), setutmpx().
+	* lib/prototypes.h, libmisc/utmp.c: Added get_current_utmp(),
+	prepare_utmp(), prepare_utmpx(), setutmp(), setutmpx().
+	* libmisc/utmp.c (is_my_tty): Only compare the name of the utmp
+	line with ttyname(). (No stat of the two terminals to compare the
+	devices).
+	* libmisc/utmp.c: Use getaddrinfo() to get the address of the
+	host.
+	* configure.in: Check for getaddrinfo().
+	* configure.in: Use AC_CHECK_MEMBERS to check for the existence of
+	fields in the utmp/utmpx structures.
+	* configure.in: Reject systems with utmpx support but no ut_id
+	field in utmp. This could be fixed later if needed.
+	* src/login.c: Use the new utmp functions. This also simplifies
+	the failtmp() handling.
+	* src/login.c: passwd_free() renamed to pw_free() and
+	shadow_free() renamed to spw_free()
+
+2009-04-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, configure.in: Enable --enable-account-tools-setuid by
+	default for PAM builds, as it used to be before the introduction
+	of this option.
+
+2009-04-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* etc/pam.d/Makefile.am: Distribute all pam.d files, even if
+	ACCT_TOOLS_SETUID is not enabled.
+
+2009-04-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/shadowmem.c: Added spw_free().
+	* lib/shadowio.c: Use spw_free() for shadow_free().
+	* lib/groupmem.c: Added gr_free().
+	* lib/groupio.c: Use gr_free() for group_free().
+	* lib/pwmem.c: Include define.h before prototypes.h
+	* lib/pwmem.c: Added pw_free().
+	* lib/pwio.c: Use pw_free() for passwd_free().
+	* lib/sgroupio.c: Added sgr_free().
+	* lib/sgroupio.c: Use sgr_free() for gshadow_free().
+	* lib/prototypes.h: Added gr_free(), pw_free(), sgr_free(),
+	spw_free().
+
+2009-04-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/shell.c: Add brackets and parenthesis.
+	* libmisc/shell.c: Avoid assignments in comparisons.
+	* libmisc/shell.c: Re-indent.
+
+2009-04-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/defines.h: Added MIN and MAX macros.
+	* libmisc/salt.c: Removed MIN and MAX macros.
+
+2009-04-20  Sven Joachim  <svenjoac@gmx.de>
+
+	* NEWS, src/lastlog.c: Fix regression causing empty reports.
+	Get the size of the file before printing the entries.
+
+2009-04-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Get rid of pwent. pwd is sufficient as long as it
+	is always coming from xgetpwnam. There is no need to copy pwd to
+	pwent, this was not a good idea anyway as the strings from pwd
+	were not duplicated.
+	* src/login.c: Always free the pwd and spwd structure when we
+	retrieve a new one. This will clear the password of the previous
+	user from the memory.
+	* src/login.c: user_passwd is used to keep point to the password
+	of the user being authenticated.
+	* src/login.c: (non PAM) Fail if the user's entry cannot be found
+	after the user updated her password (if expire() requested an
+	update).
+	* src/login.c: If the user does not exist on the system, there is
+	no need to build a pwd structure (with shell).
+
+2009-04-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: ttytype already checks for TTYTYPE_FILE and TERM.
+	Just call ttytype.
+
+2009-04-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Open the PAM session before pam_setcred and before
+	initgroups. This is more consistent with rfc86.0.
+
+2009-04-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Added helper functions get_pam_user() and
+	get_failent_user().
+
+2009-04-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Added parameter to check_nologin. This will help
+	getting rid of the global pwent variable.
+
+2009-04-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Added comments.
+	* src/login.c: Close the user and group files before dropping root
+	privileges.
+
+2009-04-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: We do not need to keep the old umask. Discard the
+	umask() return value.
+
+2009-04-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/hushed.c, lib/prototypes.h, src/login.c: Change the
+	hushed() prototype to take a username instead of a passwd
+	structure in argument. The passwd entry is retrieved withing
+	hushed().
+
+2009-04-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/setugid.c: Updated comments.
+
+2009-04-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/failure.h, libmisc/failure.c, src/login.c: Added
+	username as first parameter of failtmp to avoid issues with
+	non-null terminated ut_user, unavailability of ut_user, incomplete
+	username (that should not happen currently).
+
+2009-04-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/ttytype.c: Add brackets and parenthesis.
+	* libmisc/ttytype.c: Avoid assignments in comparisons.
+
+2009-04-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/pwio.c, lib/shadowio.c, lib/groupio.c, lib/sgroupio.c: Fill
+	the password fields with zeros before they are freed.
+
+2009-04-19  Changwoo Ryu  <cwryu@debian.org>
+
+	* po/ko.po: Updated Korean translation.
+
+2009-04-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/login.c: Also check if the authentication token of the
+	user has to be updated in case the user was already authenticated.
+
+2009-04-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: fflg is already restricted to root. Move
+	pam_acct_mgmt(), in case of fflg, earlier. This is equivalent and
+	simplifies the code.
+
+2009-04-19  Paul Szabo  <psz@maths.usyd.edu.au>
+
+	* libmisc/utmp.c: Always call endutent or endutxent when setutent
+	or setutxent were used.
+
+2009-04-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Added comment to make sure PAM_RHOST or PAM_TTY do
+	not get set to unsanitized values.
+
+2009-04-17  Paul Szabo  <psz@maths.usyd.edu.au>
+
+	* NEWS, src/login.c: Do not trust the current utmp entry's ut_line
+	to set PAM_TTY.
+	* libmisc/utmp.c: Do not trust the current utmp entry's ut_line.
+	Always set ut_line based on ttyname(0).
+
+2009-04-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+	* po/*.po, man/po/*.po: Updated PO files.
+	* configure.in: Updated version number.
+
+2009-04-15  Peter Vrabec  <pvrabec@redhat.com>
+
+	* NEWS, src/userdel.c: Fixed SE Linux support. semanage should be
+	called at the end.
+	* src/useradd.c: Always call selinux_update_mapping() (i.e.
+	semanage), not only when -Z is used.
+
+2009-04-15  Peter Vrabec  <pvrabec@redhat.com>
+
+	* NEWS, srclib/getlong.c: Fix parsing of octal numbers.
+
+2009-04-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/login.c: Fix segfault when no user is provided on the
+	command line.
+
+2009-04-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* README, libmisc/system.c: Was contributed by Dan Walsh.
+
+2009-04-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEW, src/vipw.c: SE Linux: Set the default context to the
+	context of the file being edited. This ensures that the backup
+	file inherit from the file's context.
+
+2009-04-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/usermod.8.xml: There are no default values for --inactive
+	and --gid. If the options are no provided, the original values are
+	not changed.
+
+2009-04-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
+	* po/*.po, man/po/*.po: Updated PO files.
+
+2009-04-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: If there are no root account, or if the root account
+	has an UID != 0, default to the first UID 0 account.
+
+2009-04-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Restore the echoctl, echoke, onclr flags to the
+	terminal termio flags. Reset echoprt, noflsh, tostop. This
+	behavior seems to have change by mistake in earlier releases
+	(4.0.8, for no obvious reason).
+
+2009-04-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Fix the count of failures before login exits in
+	case of PAM enabled configurations.
+
+2009-04-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/passwd.1.xml: Document that passwd uses PAM to authenticate
+	and change passwords on PAM-enabled builds.
+
+2009-04-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newusers.c: Add more information to the mkdir and chown
+	failure messages.
+
+2009-04-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/fr.po: Updated some login.defs entries. Thanks to
+	Belkacem Abbas.
+
+2009-04-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.d/MAX_MEMBERS_PER_GROUP.xml,
+	man/login.defs.d/CONSOLE_GROUPS.xml: Fix typos.
+
+2009-04-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/es/Makefile.am: Disable the distribution of Spanish
+	manpages. They are outdated. Please contact
+	pkg-shadow-devel@lists.alioth.debian.org if you wish to provide
+	updates.
+
+2009-04-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c, src/useraddd.c: Fix the usage string so that it
+	does not change depending on the configure option. Use a format.
+
+2009-04-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c: Fix the usage of the unused macro.
+
+2009-04-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h, libmisc/age.c, src/expiry.c, src/login.c: A
+	shadow entry is now sufficient for agecheck. Remove the first
+	passwd entry parameter.
+
+2009-04-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c, src/usermod.c: Only call selinux_update_mapping()
+	if Zflg is set.
+	* src/userdel.c: Rename argv to args to avoid nameclash with the
+	main() parameters.
+
+2009-04-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/getgr_nam_gid.c: Added support for NULL argument.
+	* libmisc/chowntty.c: Reuse getgr_nam_gid(), and get rid of atol().
+
+2009-04-11  Peter Vrabec  <pvrabec@redhat.com>
+
+	* libmisc/find_new_gid.c, libmisc/find_new_uid.c: For system
+	accounts, return the first unused ID, starting from the max value.
+	This could be useful later to increase the static IDs range.
+
+2009-04-11  Peter Vrabec  <pvrabec@redhat.com>
+
+	* NEWS, src/useradd.c, man/useradd.8.xml: add -Z option to map
+	SELinux user for user's login.
+	* NEWS, src/usermod.c, man/usermod.8.xml: Likewise.
+	* libmisc/system.c, libmisc/Makefile.am, lib/prototypes.h: Added
+	safe_system(). Used to run semanage.
+	* lib/prototypes.h, libmisc/copydir.c: Make a
+	selinux_file_context() an extern function.
+	* libmisc/copydir.c: Reset SELinux to create files with default
+	contexts at the end of copy_tree().
+	* NEWS, src/userdel.c: Delete the SELinux user mapping for user's
+	login.
+
+2009-04-11  Peter Vrabec  <pvrabec@redhat.com>
+
+	* src/useradd.c (get_defaults): Close the default file after the
+	default values were read.
+
+2009-04-11  Christian Perrier  <bubulle@debian.org>
+
+	* po/sk.po: Slovak translation updated. Thanks to Ivan Masár
+
+2009-04-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/Makefile.am, lib/prototypes.h: Added sgetspent.c.
+
+2009-04-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/POTFILES.in: Added missing files. Sorted.
+
+2009-04-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/getdef.c: Use getlong instead of strtol/strtoul.
+	* libmisc/getlong, lib/getlong.c, libmisc/Makefile.am,
+	lib/Makefile.am: getlong.c moved from libmisc/ to lib/.
+
+2009-04-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/shadow.c: Replace strtol() by getlong(). Also detect more
+	issues in a numerical shadow entry field.
+
+2009-04-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/sgetspent.c: Only compile ifndef HAVE_SGETSPENT
+
+2009-04-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/sgetspent.c: Replace strtol() by getlong(). Also detect more
+	issues in a numerical shadow entry field.
+
+2009-04-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chage.c: More strtol() replaced by getlong().
+	* src/chage.c: expdays renamed to expdate. It is a date, even if
+	expressed in a number of days since Jan 1, 1970.
+	* src/chage.c: Likewise: lastday renamed to lstchgdate. Also fix
+	the --lastday documentation.
+
+2009-04-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h: pwd_to_spwd() should be declared if USE_PAM is
+	NOT defined.
+
+2009-04-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/passwd.c: Replace getnumber() by getlong(). This permits to
+	get rid of another strtol().
+
+2009-04-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/getlong.c: Include both <stdlib.h> and <errno.h> needed
+	for strtol and errno, and do not include "defines.h" (not needed).
+
+2009-04-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c, src/usermod.c, libmisc/getgr_nam_gid.c,
+	libmisc/Makefile.am, lib/prototypes.h: Moved getgr_nam_gid() from
+	src/useradd.c and src/usermod.c to libmisc/getgr_nam_gid.c.
+
+2009-04-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Re-indent.
+	* src/useradd.c: Use getlong instead of get_number.
+	* src/useradd.c: Get rid of strtol.
+	* src/useradd.c: Provide better warning in case a default GROUP or
+	INACTIVE value is not valid in /etc/default/useradd.
+
+2009-04-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Re-indent.
+	* src/usermod.c: Specifying a inactivity value < -1 is not valid.
+
+2009-04-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: Prepare the next 4.1.3 release.
+	* po/*.po, man/po/*.po: Updated PO files.
+
+2009-04-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h, libmisc/addgrps.c: restrict add_groups() to
+	ifndef USE_PAM.
+	* lib/prototypes.h: Remove the declaration of add_cons_grps(). The
+	function does not exist.
+	* libmisc/setugid.c libmisc/age.c (setup_uid_gid): is_console is
+	never set ifndef USE_PAM. Change the prototype of setup_uid_gid()
+	when USE_PAM is not defined. This permits to remove add_groups
+	from PAM builds.  setup_uid_gid is already subject to
+	HAVE_INITGROUPS.
+	* libmisc/pwd2spwd.c (pwd_to_spwd): pwd_to_spwd() is not used in
+	PAM builds.
+
+2009-04-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/passwd.c: do_update_age is only used ifndef USE_PAM. Make it
+	more explicit.
+
+2009-04-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Set errno to 0 before calling strtol.
+
+2009-04-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/isexpired.c: If there are no shadow entry, there is no
+	need to convert the password entry to a shadow entry. The password
+	is valid.
+
+2009-04-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/usermod.8.xml: Split some paragraphs into smaller units.
+
+2009-04-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/shadow.5.xml: Rewrote to mention the meaning of special
+	values.
+
+2009-04-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/pwd2spwd.c, src/chpasswd.c, src/newusers.c,
+	src/passwd.c, src/pwck.c, src/pwconv.c, src/useradd.c,
+	src/usermod.c: On Jan 01, 1970, do not set the sp_lstchg field to
+	0 (which means that the password shall be changed during the next
+	login), but use -1 (password aging disabled).
+	* src/passwd.c: Do not check sp_min if sp_lstchg is null or -1.
+
+2009-04-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chage.c: When no shadow entry exist, the default sp_lstchg
+	value should be -1 (no aging) rather than 0 (password must be
+	changed).
+	* src/chage.c: For password expiration and inactivity, indicate
+	that the password must be changed when sp_lstchg is null rather
+	than indicating that expiration and inactivity are not enabled.
+
+2009-04-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/isexpired.c: Document the isexpired return value.
+
+2009-04-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/age.c: Return a specific message when sp_lstchg is null.
+
+2009-03-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/sgetpwent.c, lib/sgetgrent.c: Use get_uid and get_gid to
+	validate the UIDs or GIDs instead of atoi/strtol.
+
+2009-03-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/get_gid.c, libmisc/get_uid.c, libmisc/Makefile.am,
+	lib/get_gid.c, lib/get_uid.c, lib/Makefile.am: get_uid.c and
+	get_gid.c moved from libmisc/ to lib/.
+
+2009-03-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/grpck.c (check_members): When a member is removed, do not
+	increase the index.
+	* src/grpck.c: Fix typo in messages and comments.
+
+2009-03-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: Call fsync before closing the backup file. This
+	ensures that the backup file is flushed to the storage medium.
+	* src/useradd.c: Likewise for the default file, faillog, lastlog,
+	and mail spool.
+	* src/usermod.c: Likewise for the faillog and lastlog file.
+	* src/vipw.c: Likewise for the backup file.
+	* libmisc/sulog.c: Likewise for the su log.
+
+2009-03-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmod.c: Embed gshadow related cleanup in #ifdef
+	SHADOWGRP.
+
+2009-03-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: get_number() replaced by getlong().
+	* src/usermod.c: When the user is renamed, make sure we do not
+	override an user with the same name (in passwd or shadow).
+
+2009-03-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c: log_gpasswd_success_gshadow is in the cleanup
+	stack only when the shadow group file is present.
+
+2009-03-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/userdel.c: Make sure the user exists in the shadow
+	database before calling spw_remove().
+	* NEWS, src/userdel.c: When the user's group is removed, make sure
+	the group is in the gshadow database before calling sgr_remove().
+	* src/userdel.c: Improve warning's wording.
+
+2009-03-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/cleanup.c: Fix del_cleanup. The arguments were not
+	desynchronized with the cleanup functions.
+	* libmisc/cleanup.c: cleanup_function_args is an array of void
+	pointer, not strings.
+
+2009-03-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/find_new_gid.c: Fix find_new_gid() the current group
+	database was not taken into account.
+
+2009-03-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/addgrps.c: Fix compilation warnings.
+
+2009-03-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/Makefile.in.in: xml2po cannot exclude one entity for
+	expansion. Make sure config.xml does not exist when the POT file
+	is created in order to keep the configurations in the POT file
+	* man/generate_translations.mak: make sure config.xml does not
+	exist neither when the translated XML is generated. Add the
+	missing %config; (strip out by xml2po). and make sure config.xml
+	is present when the translated manpage is generated.
+	* man/generate_mans.mak: config.xml is needed for the generation
+	of manpages (already in the .deps for the English manpages, but
+	needed for the translations).
+	* man/Makefile.am: Added missing CREATE_HOME.xml.
+
+2009-03-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* etc/login.defs: Added note for PAM enabled configurations.
+
+2009-03-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/Makefile.am: Compute the dependencies for building the
+	manpages.
+	* man/generate_mans.deps: Added Makefile dependency rules.
+
+2009-03-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/addgrps.c: Fix warnings.
+
+2009-03-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/fr.po: Added missing space.
+
+2009-03-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/lastlog.8.xml: Document that there might be entries, for
+	deleted users, that are not displayed.
+
+2009-03-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/chgpasswd.8.xml, man/chpasswd.8.xml: Fix the man page in
+	case SHA crypt is not supported.
+
+2009-03-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/vipw.8.xml: MAX_MEMBERS_PER_GROUP is not used by vipw and
+	vigr.
+
+2009-03-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.5.xml: Indicate that sg uses the same variables
+	as newgrp.
+	* man/login.defs.5.xml: vipw does not use any variable.
+	* man/login.defs.5.xml: In PAM enabled configurations, login still
+	uses some login.defs variables.
+
+2009-03-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/usermod.8.xml: use a <replaceable> instead of a
+	<emphasis remap='I'>.
+
+2009-03-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/newusers.8.xml: Document the behavior of newusers for each
+	field.
+	* man/newusers.8.xml: Do not add the note on PAM on non-PAM
+	enabled configurations.
+
+2009-03-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newusers.c: Make sure the SHA related variables are not
+	compiled when disabled at configuration time.
+	* src/newusers.c: Added FIXME
+	* src/chpasswd.c: Make sure the SHA related variables is not
+	compiled when disabled at configuration time.
+	* src/chgpasswd.c: Make sure the SHA related variables is not
+	compiled when disabled at configuration time.
+	* src/chgpasswd.c: Fix the test for getlong() failure.
+	* src/useradd.c, man/useradd.8.xml: Added long name for the -l
+	option: --no-log-init.
+	* src/faillog.c: Added support for the specification of a range of
+	users with -u.
+	* src/faillog.c: Do not call print_one() for users which do not
+	exist.
+	* src/faillog.c: Make sure the user's entry is not outside the
+	faillog file and initialize the faillog structure in that case.
+	* src/faillog.c: Move print_one() closer to print().
+	* src/faillog.c: reset(), setmax(), set_locktime() can also change
+	entries of user which do not exist.
+	* src/faillog.c: reset(), setmax() and set_locktime() shall not
+	create entries for users which have no entries if the value has to
+	be set to 0.
+	* src/faillog.c: reset(), setmax() and set_locktime(): better
+	handling of users whose entry is outside the faillog file.
+	* src/faillog.c: Improved option handling. Options can now be
+	specified in any order.
+	* src/faillog.c: Improved warnings when options are not
+	compatible or when the faillog cannot be open with the right mode.
+	* src/faillog.c: Only fstat the faillog file once.
+	* man/faillog.8.xml: Improved documentation.
+
+2009-03-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c: Remove the documentation of options from the
+	main() documentation. It will always be outdated here.
+
+2009-03-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/lastlog.c: lastlog variable renamed to ll to avoid name
+	clash with the structure.
+	* src/lastlog.c: check the offset in print_one() so that it is
+	used for the display of one entry or a set of entries.
+	* src/lastlog.c: Do not loop over the whole user database when -u
+	is used with a single user.
+	* src/lastlog.c: Check the size of the lastlog file so that we
+	can identify failures to read.
+
+2009-03-13  Mike Frysinger  <vapier@gentoo.org>
+
+	* libmisc/salt.c: Removed l64a prototype. The libc declaration is
+	non static, but the internal definition is static.
+
+2009-03-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c: log_gpasswd_success_gshadow only exists ifdef
+	SHADOWGRP.
+
+2009-03-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/getlong.c: Make sure the getlong argument is not empty.
+	* libmisc/get_gid.c, libmisc/get_uid.c, libmisc/Makefile.am,
+	lib/prototypes.h: Added get_uid() and get_gid() to parse user and
+	group IDs.
+	* NEWS, src/grpck.c, src/pwck.c: Issue a warning if an ID is set
+	to -1.
+	* NEWS, src/newusers.c, src/usermod.c, src/useradd.c,
+	src/groupmod.c, src/groupadd.c: Make sure no user or group are
+	created with an ID set to -1.
+
+2009-03-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* contrib/adduser-old.c, contrib/adduser.c: Do not use the target
+	of snprintf in one of the format's parameters.
+
+2009-03-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/groupmems.8.xml: groupmems does not create new user.
+
+2009-03-03  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, po/LINGUAS, po/kk.po: Added Kazakh translation. Thanks to
+	Timur Birsh <taem@linukz.org>.
+
+2009-02-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Avoid calling
+	getgrent()/getpwent() after they return NULL. This caused LDAP to
+	return at the beginning of the group/user entries.
+
+2009-01-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/nologin.8.xml: Fix typo (HYSTORY -> HISTORY).
+
+2009-01-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/gpasswd.c: Only report success to audit and syslog
+	when the changes are committed to the system. Do not log failure
+	for on-memory changes to audit or syslog. Make sure failures and
+	inconsistencies will be reported in case of unexpected failures
+	(e.g. malloc failures). Only specify an audit message if it is not
+	implicitly implied by the type argument. Removed fail_exit
+	(replaced by atexit(do_cleanups)). Log failures in case of
+	permission denied.
+
+2009-01-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.d/UMASK.xml: Indicate how UMASK is used and
+	limitations.
+	* man/limits.5.xml: Remove space before an end of tag.
+	* man/useradd.8.xml, man/login.defs.d/CREATE_HOME.xml,
+	man/login.defs.5.xml: Document the CREATE_HOME variable.
+	* etc/login.defs: Improve the documentation of UMASK.
+
+2009-01-06  Sebastian Rick Rijkers  <srrijkers@gmail.com>
+
+	* NEWS, src/su.c: Preserve COLORTERM in addition to TERM when su
+	is called with the -l option.
+
+2008-12-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/chkname.c: Use a bool when possible instead of integers.
+	* libmisc/chkname.c: Add brackets and parenthesis.
+
+2008-12-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/groupadd.8.xml, configure.in, man/config.xml.in: Use the
+	real group name length limit in the documentation.
+
+2008-12-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/Makefile.am: Only link with the needed library. When
+	compiled with PAM support, chfn, chsh, login, newgrp, passwd, and
+	su do not need the libcrypt library.
+
+2008-12-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/cleanup_group.c: Fix compilation when compiled without
+	shadow group support.
+
+2008-12-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupdel.c: Remove the fail_exit () declaration.
+
+2008-12-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c: Fix the support for usernames with arbitrary
+	length.
+
+2008-12-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupadd.c, src/groupdel.c, src/groupmod.c: Re-indent.
+	* src/groupmod.c: Do not add the command synopsis to the main ()
+	documentation. This avoids outdated information.
+	* libmisc/chkname.c: Remove outdated comments.
+
+2008-12-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/audit_help.c: Added audit_logger_message() to log
+	messages not related to an account.
+	* lib/prototypes.h, libmisc/cleanup.c, libmisc/cleanup_group.c,
+	libmisc/cleanup_user.c, libmisc/Makefile.am: Added stack of
+	cleanup functions to be executed on exit.
+	* NEWS, src/groupadd.c, src/groupdel.c, src/groupmod.c: Only
+	report success to audit and syslog when the changes are committed
+	to the system. Do not log failure for on-memory changes to audit
+	or syslog. Make sure failures and inconsistencies will be reported
+	in case of unexpected failures (e.g. malloc failures). Only
+	specify an audit message if it is not implicitly implied by the
+	type argument. Removed fail_exit (replaced by atexit(do_cleanups)).
+
+2008-12-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/gpasswd.c: Added support usernames with arbitrary
+	length.
+
+2008-11-27  Mike Frysinger  <vapier@gentoo.org>
+
+	* configure.in: Fix the "$enable_acct_tools_setuid" = "yes" test.
+
+2008-11-27  Mike Frysinger  <vapier@gentoo.org>
+
+	* NEWS, configure.in, libmisc/chkname.c: make group max length a
+	configure option.  The configure behavior encoded is:
+	<no option> -> default of 16 (like today);
+	--with-group-name-max-length -> default of 16;
+	--without-group-name-max-length -> no max length;
+	--with-group-name-max-length=n > max is set to n.
+
+2008-11-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: (!USE_PAM) Provide visible information indicating that
+	su was denied.
+
+2008-11-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/su.1.xml: Fix the su synopsis. username is referenced in the
+	manpage, not LOGIN.
+	* man/ja/login.1: Fix the path of the utmp and wtmp files.
+
+2008-11-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/chowntty.c: Improve the logs for fchown and fchmod
+	failures.
+	* libmisc/chowntty.c: Only closelog() when failure cause an exit.
+
+2008-11-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, libmisc/chowntty.c: Fix a race condition that could lead to
+	gaining ownership or changing mode of arbitrary files.
+	* NEWS, libmisc/chowntty.c, libmisc/utmp.c: is_my_tty() moved from
+	utmp.c to chowntty.c. checkutmp() now only uses an existing utmp
+	entry if the pid matches and ut_line matches with the current tty.
+	This fixes a possible DOS when entries can be forged in the utmp
+	file.
+	* libmisc/chowntty.c, src/login.c, lib/prototypes.h: Remove the
+	tty argument from chown_tty. chown_tty always changes stdin and
+	does not need this argument anymore.
+
+2008-10-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/gshadow.5.xml, man/shadow.5.xml, man/passwd.5.xml,
+	man/grpck.8.xml: Sorted SEE ALSO references.
+	* man/gshadow.5.xml: Added reference to grpck(8) and grpconv(8).
+	* man/pwck.8.xml: Added reference to grpck(8).
+	* man/shadow.5.xml: Added reference to pwck(8).
+	* man/passwd.5.xml: Added reference to pwck(8).
+	* man/grpck.8.xml: Added reference to pwck(8).
+
+2008-10-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/*.xml, man/login.defs.d/*.xml: Added copyright and licence
+	header.
+
+2008-09-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Always check the return value of the pam_* APIs.
+
+2008-09-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Use a dynamic buffer for usernames.
+	* src/login.c: Copy the name of the user authenticated by PAM to
+	username. This simplify later logging (avoid USE_PAM
+	conditional).
+	* src/login.c: Check that no username is specified with -r.
+	* src/login.c: Make sure a username is specified with -f.
+	* src/login.c: Explicitly tag the end of the #ifdef RLOGIN
+	sections.
+	* src/login.c: Erase the username later since it it used for the
+	fake password check (in case of empty password).
+	* src/login.c, man/login.1.xml: the username is not an optional
+	parameter of -f. Fix the getopt optstring, remove the parsing of
+	username in the -f processing block, and remove unnecessary checks
+	(username cannot be parsed twice anymore), better documentation of
+	the synopsis.
+
+2008-09-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Existence of pam_user was already checked. pwd was
+	already copied to pwent. Remove duplicated code.
+
+2008-09-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: check_flags() renamed process_flags(). All flag
+	processing blocs moved to process_flags().
+
+2008-09-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/logoutd.c, src/userdel.c: Re-indent. This helps pmccabe.
+
+2008-09-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Add missing closing }. This was probably never
+	noticed because UT_ADDR is never defined.
+	* src/login.c: Re-indent.
+
+2008-09-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Do not mix USE_PAM and !USE_PAM code.
+
+2008-09-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Use failent_user to log to audit. username is the
+	caller, not the user login tries to authenticate.
+	* src/login.c: Use pwd->pw_name instead of pwd->pw_uid. This might
+	be more precise (name must be unique, uid might not be).
+
+2008-09-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/passwd.1.xml: passwd cannot change the full name of the
+	user, the user's login shell; but it can change the account or
+	password validity period. Thanks to Reuben Thomas.
+
+2008-09-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Added missing declaration of Mflg.
+	* src/pwck.c: Only unlock files if they were locked before (e.g.
+	not in read-only mode).
+	* src/pwck.c: Quote the username in error messages (harmonization
+	with other messages).
+	* libmisc/find_new_gid.c: Fixed typo (s/grp->gr_gid/group_id/).
+	* libmisc/find_new_gid.c: Likewise.
+
+2008-09-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/setugid.c, src/login_nopam.c, src/suauth.c,
+	lib/getdef.c: Replace the %m format string by strerror(). This
+	avoids errno to be reset between the system call error and the
+	report function.
+
+2008-09-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: Ignore the return value of umask() when the mask
+	is set to the old value.
+
+2008-09-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, etc/login.defs: New CREATE_HOME variable to tell useradd
+	to create a home directory for new users.
+	* src/useradd.c, man/useradd.8.xml: New -M/--no-create-home option
+	and CREATE_HOME usage. System accounts are not impacted by
+	CREATE_HOME.
+	* man/useradd.8.xml: Indicate that a new group is created by
+	default.
+	* src/useradd.c: Removed TODO item (moved to the TODO file).
+
+2008-09-11  Miroslav Kuře  <kurem@debian.cz>
+
+	* po/cs.po: Updated Czech translation.
+
+2008-09-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.d/USERGROUPS_ENAB.xml: Fix typo: new <para> tag
+	before the previous one is closed. This caused a missng
+	explanation for USERGROUPS_ENAB.
+
+2008-09-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/groupadd.8.xml: Remove the list of (short) options from the
+	SYNOPSIS. Replaced with [options] for consistency with other tools
+	and maintainability.
+
+2008-09-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	From RedHat's patch shadow-4.1.2-sysAccountDownhill.patch
+	Thanks to Peter Vrabec.
+	* NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Build an
+	index of used IDs to avoid a database request for each id in the
+	allowed range (when the highest allowed ID is already used).
+	This speedups the addition of users or groups when the highest
+	allowed ID is already used. The additional memory usage of the
+	tools should be acceptable when UID_MAX/SYS_UID_MAX are set to a
+	reasonable number.
+
+2008-09-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: Fix the dependency of ACCT_TOOLS_SETUID on
+	USE_PAM. Build failed with --without-libpam.
+
+2008-09-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/copydir.c, configure.in: Check for the presence of
+	st_mtim and st_mtimensec, as for st_atim and st_atimensec.
+	* libmisc/copydir.c: Call utimes() after closing the file.
+
+2008-09-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c: Document the long options in the usage.
+
+2008-09-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS: Added configure --enable-account-tools-setuid (default) /
+	--disable-account-tools-setuid options. This permits to disable
+	the PAM authentication of the caller for chage, chgpasswd,
+	chpasswd, groupadd, groupdel, groupmod, newusers, useradd,
+	userdel, and usermod.  This authentication is not necessary when
+	these tools are not installed setuid root.
+	* configure.in: Added option --enable-account-tools-setuid to
+	enable/disable the usage of PAM to authenticate the callers of
+	account management tools: chage, chgpasswd, chpasswd, groupadd,
+	groupdel, groupmod, useradd, userdel, usermod.
+	* src/Makefile.am: Do not link the above tools with libpam if
+	account-tools-setuid is disabled.
+	* src/userdel.c, src/newusers.c, src/chpasswd.c, src/usermod.c,
+	src/groupdel.c, src/chgpasswd.c, src/useradd.c, src/groupmod.c,
+	src/groupadd.c, src/chage.c: Implement ACCT_TOOLS_SETUID
+	(--enable-account-tools-setuid).
+	* etc/pam.d/Makefile.am: Install the pam service file for the
+	above tools only when needed.
+
+2008-09-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/tz.c: tz() is only used when USE_PAM is not defined.
+	* lib/prototypes.h: Indicate functions whose presence depends on
+	the USE_PAM flag.
+
+2008-09-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Call open_files() and close_files().
+	* src/groupmems.c: Always call check_perms(), which takes care of
+	checking if --list is used.
+
+2008-09-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/obscure.c: Compare characters to '\0', not NULL.
+
+2008-09-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/defines.h: Do not include <config.h>. This complicate
+	undefining some configuration macros when the file is included
+	multiple times.
+	* libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
+	libmisc/xgetgrgid.c, libmisc/xgetgrnam.c, libmisc/xgetspnam.c:
+	Include <config.h> from teh compiled C file, not the included
+	getXXbyYY.c.
+
+2008-09-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c, src/newusers.c, src/chpasswd.c, src/chfn.c,
+	src/groupmems.c, src/usermod.c, src/groupdel.c, src/chgpasswd.c,
+	src/useradd.c, src/groupmod.c, src/groupadd.c, src/chage.c,
+	src/chsh.c: Simplify the PAM error handling. Do not keep the pamh
+	handle, but terminate the PAM transaction as soon as possible if
+	there are no PAM session opened. If the username cannot be
+	determined, report it as such (not a PAM authentication failure).
+	* src/useradd.c, src/userdel.c, src/usermod.c: It is no more
+	needed to initialize retval to PAM_SUCCESS.
+
+2008-09-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c,
+	src/newusers.c, src/pwconv.c, src/chpasswd.c, src/logoutd.c,
+	src/chfn.c, src/groupmems.c, src/usermod.c, src/pwunconv.c,
+	src/expiry.c, src/groupdel.c, src/chgpasswd.c, src/useradd.c,
+	src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c,
+	src/groupadd.c, src/chage.c, src/login.c, src/grpconv.c,
+	src/groups.c, src/grpunconv.c, src/chsh.c: Prog is now global (not
+	static to the file) so that it can be used by the helper functions
+	of libmisc.
+	* lib/prototypes.h: Added extern char *Prog.
+	* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Indicate the
+	program name with the warning.
+
+2008-09-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: Check if AUDIT_ADD_USER, AUDIT_DEL_USER,
+	AUDIT_ADD_GROUP, and AUDIT_DEL_GROUP are defined in <libaudit.h>.
+
+2008-09-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Fix comment of lflg: it is also used for faillog.
+
+2008-09-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/groupmems.c, man/groupmems.8.xml: Document the long
+	options.
+
+2008-09-03  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h, libmisc/audit_help.c: Define new type
+	shadow_audit_result for the result argument of audit_logger().
+	This permits stronger type checking and a better readability of
+	the results (SHADOW_AUDIT_FAILURE/SHADOW_AUDIT_SUCCESS constants).
+	* src/groupadd.c, src/groupdel.c, src/useradd.c, src/userdel.c:
+	Use the SHADOW_AUDIT_FAILURE/SHADOW_AUDIT_SUCCESS results instead
+	of 0 or 1 in audit_logger().
+
+2008-09-03  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c: Log failures to remove the mailbox to syslog and
+	audit.
+	* src/userdel.c: Log successful removal of home directory to audit
+	only in case of success.
+	* src/userdel.c: Move the audit log of failure to remove the home
+	directory before the call to function that may exit.
+	* src/userdel.c: Document that errors is only used to count errors
+	during the removal of the home directory.
+
+2008-09-03  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Log errors to syslog in grp_update() since
+	changes have started to be reported to syslog.
+	* src/userdel.c: Fix some result parameters sent to
+	audit_logger().
+
+2008-09-02  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS: Following changes from a patch contributed by Steve Grubb
+	<sgrubb@redhat.com>
+	* src/groupadd.c: Log to audit with type AUDIT_ADD_GROUP instead
+	of AUDIT_USER_CHAUTHTOK.
+	* src/groupdel.c: Log to audit with type AUDIT_DEL_GROUP instead 
+	of AUDIT_USER_CHAUTHTOK.
+	* src/useradd.c: Log to audit with type AUDIT_ADD_USER /
+	AUDIT_ADD_GROUP / AUDIT_USYS_CONFIG instead of
+	AUDIT_USER_CHAUTHTOK.
+	* src/useradd.c: Add missing logs to audit.
+	* src/userdel.c: Log to audit with type AUDIT_DEL_USER /
+	AUDIT_DEL_GROUP instead of AUDIT_USER_CHAUTHTOK.
+	* src/userdel.c: Add missing logs to audit.
+
+2008-08-31  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Remove duplicated gr_open().
+
+2008-08-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/useradd.8.xml: Document the /etc/default/useradd variables.
+	* man/useradd.8.xml: Fix the documentation of the GROUP variable
+	(and -g/--gid option).
+	* man/useradd.8.xml: Document that -o is only valid with -u
+
+2008-08-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* shadow.spec.in: Fix the source (new FTP).
+
+2008-08-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: Add brackets and parenthesis.
+	* src/su.c: Avoid implicit conversion of pointers to booleans.
+
+2008-08-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/list.c: Remove historical comment.
+	* libmisc/list.c: Added assertions for non NULL parameters.
+
+2008-08-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwconv.c, src/pwunconv.c: Fail if unexpected parameters are
+	provided.
+
+2008-08-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/passwd.c: Add brackets and parenthesis.
+	* src/passwd.c: Avoid implicit conversion of pointers to booleans.
+	* src/passwd.c: Avoid assignments in comparisons.
+
+2008-08-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/groupmems.c, man/groupmems.8.xml: Added support for
+	shadow groups.
+	* src/groupmems.c: Use fail_exit() instead of exit().
+
+2008-08-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: The grp structure returned by gr_locate is a
+	const. Duplicate this structure before working on it.
+	* src/groupmems.c: Do not fail and do not display warnings if a
+	close failure happens with the --list option. (Files are opened
+	read-only).
+	* src/groupmems.c: Avoid mixed declarations and code.
+
+2008-08-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c: Replace the 'valid' variable by is_valid to avoid
+	clashes with the valid() function.
+
+2008-08-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/obscure.c: Add brackets and parenthesis.
+	* libmisc/obscure.c: Avoid implicit conversion of pointers / chars to
+	booleans.
+	* libmisc/obscure.c: Simplify the list of if.
+
+2008-08-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/passwd.c: Fix a typo in the Usage string.
+
+2008-08-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/grpconv.c, src/groups.c: Name the parameters in the
+	prototypes of the static functions.
+	* src/grpconv.c, src/grpunconv.c, src/logoutd.c: Fail if
+	unexpected parameters are provided.
+	* src/grpconv.c, src/grpunconv.c: Indicate that argc is not used
+	in the no SHADOWGRP version.
+
+2008-08-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chgpasswd.c, src/chpasswd.c: Removed variable ok, which is
+	no more used.
+
+2008-08-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chage.c: Fix the format for long integers (from %ul to %lu).
+
+2008-08-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/utmp.c: Mark the line and host arguments of setutmp() as
+	not used in the __linux__ version.
+
+2008-08-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/nscd.c: Avoid redefinition of _GNU_SOURCE.
+
+2008-08-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: Indentation fix.
+	* configure.in, src/login.c: Do not use HAVE_PAM_FAIL_DELAY, but
+	HAS_PAM_FAIL_DELAY, to avoid a redefinition with Linux PAM.
+
+2008-08-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Added functions add_user(), remove_user(), and
+	purge_members() to ease the support of gshadow.
+
+2008-08-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/expiry.c: Use Basename for Prog.
+	* src/expiry.c: Added missing OPENLOG.
+
+2008-08-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/nscd.c: Make sure the file is not empty when configured
+	without nscd support.
+
+2008-08-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: Remove the USE_NSCD AM_CONDITIONAL (USE_NSCD is
+	not used in any Makefile.am).
+	* configure.in: Make sure posix_spawn is present when configured
+	with nscd support.
+
+2008-08-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/groupmem.c, lib/pwmem.c, lib/shadowmem.c: Added brackets and
+	parenthesis.
+	* lib/groupmem.c, lib/pwmem.c, lib/shadowmem.c: Avoid assignments
+	in comparisons.
+
+2008-08-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/mail.c: Added brackets and parenthesis.
+	* libmisc/mail.c: Avoid assignments in comparisons.
+
+2008-08-26  Tobias Poschwatta  <tp@fonz.de>
+
+	* NEWS: Added support for uclibc.
+	* configure.in, libmisc/copydir.c: futimes() and lutimes() are not
+	standard. Check if they are implemented before using them. Do not
+	set the time of links if lutimes() does not exist, and use
+	utimes() as a replacement for futimes().
+	* configure.in, lib/nscd.h, lib/nscd.c: Added --with-nscd and
+	--without-nscd flags to support systems without nscd.
+	* lib/groupio.h, lib/prototypes.h, lib/pwio.h, lib/sgetgrent.c:
+	Include <sys/types.h> before <pwd.h> and <grp.h>. It is necessary
+	for the definition of uid_t and gid_t.
+	* lib/pwmem.c: do not include <pwd.h>, "pwio.h" is sufficient
+	here.
+	* configure.in: Check if the stat structure has a st_atim or
+	st_atimensec field.
+	* libmisc/copydir.c: Conditionally use the stat's st_atim and
+	st_atimensec fields.
+
+2008-08-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Handle the options alphabetically.
+
+2008-08-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: When removing an user, check if deluser is on
+	the list, not adduser. This fixes a segmentation fault for every
+	call of groupmems -d.
+	* libmisc/list.c: Add assertions to help identifying these issues.
+	* libmisc/list.c: Avoid implicit conversion of pointers to
+	booleans.
+
+2008-08-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/groupmems.c: Use the "groupmems" PAM service name
+	instead of "groupmod".
+
+2008-08-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chfn.c: Merge some translated messages.
+	* src/groupmems.c, src/groupadd.c, src/gpasswd.c, src/chsh.c,
+	src/chfn.c: Harmonize *_update() failure messages.
+	* src/groupmems.c: Harmonize gr_close() failure messages.
+	* src/newgrp.c: Harmonize "unknown GID" messages.
+	* src/newusers.c: Move the pwd declaration to a inner block scope.
+
+2008-08-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Harmonize some error messages.
+	* src/userdel.c: Add log to syslog when the mail file could not be
+	removed.
+	* src/userdel.c: Give more context an error message (merge with
+	perror()).
+	* src/usermod.c: Harmonize some error messages.
+
+2008-08-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Check the return value of gr_update().
+	* src/chage.c, src/chfn.c, src/chgpasswd.c, src/chpasswd.c,
+	src/chsh.c, src/gpasswd.c, src/groupadd.c, src/groupmems.c,
+	src/groupmod.c, src/grpck.c, src/grpconv.c, src/grpunconv.c,
+	src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c,
+	src/useradd.c, src/userdel.c, src/usermod.c: Harmonize the error
+	message sent to stderr in case of *_update () failure.
+	* src/chage.c, src/chsh.c, src/groupadd.c, src/passwd.c: Do not
+	log to syslog when pw_update() or spw_update() fail.
+	* src/newusers.c: Do not log specific error message to stderr when
+	sgr_update() fails.
+	* src/pwconv.c: Remove duplicated definition of Prog.
+
+2008-08-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chfn.c, src/chsh.c, src/expiry.c, src/gpasswd.c,
+	src/newgrp.c, src/passwd.c, src/su.c: Use the same stderr and
+	syslog warnings when the username cannot be determined.
+	* src/newgrp.c: Reuse the same stderr message for groups which do
+	not exist in the system.
+
+2008-08-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Log errors while *_close to syslog.
+
+2008-08-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/grpconv.c: Use Basename for the definition of Prog. Prog
+	needs a file visibility.
+	* src/grpunconv.c: Likewise.
+
+2008-08-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chfn.c: Do not exit on pw_unlock failures.
+	* src/grpconv.c, src/grpunconv.c, src/pwconv.c, src/pwunconv.c,
+	src/vipw.c: Open syslog with the right identification name.
+	* src/vipw.c: Log unlock errors to syslog.
+	* src/vipw.c: Log edits to syslog.
+	* src/chage.c, src/chfn.c, src/chsh.c, src/gpasswd.c,
+	src/groupadd.c, src/groupdel.c, src/groupmod.c, src/grpconv.c,
+	src/grpunconv.c, src/passwd.c, src/pwck.c, src/pwunconv.c,
+	src/useradd.c, src/usermod.c: Harmonize the syslog levels. Failure
+	to close or unlock are errors. Failure to open files are warnings.
+
+2008-08-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newusers.c: Open syslog with the right identification name.
+	* src/newusers.c: Mark the files as locked only if they are really
+	locked (i.e. if shadow is not enabled, the files are not locked).
+
+2008-08-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/gpasswd.c: Use getopt_long instead of getopt. Added
+	support for long options --add (-a), --delete (-d),
+	--remove-password (-r), --restrict (-R), --administrators (-A),
+	and --members (-M) 
+	* man/gpasswd.1.xml: Document the new long options.
+	* src/gpasswd.c: The sgrp structure is only used if SHADOWGRP is
+	defined.
+
+2008-08-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/grpck.c: Added function fail_exit(). Check failure to unlock
+	files. Report errors to stderr and syslog, but continue.
+	* src/grpconv.c: Check failure to unlock files. Report errors to
+	stderr and syslog, but continue.
+
+2008-08-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/passwd.c: Check failure to unlock files. Report errors to
+	stderr and syslog, but continue.
+
+2008-08-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chfn.c, src/chgpasswd.c, src/chpasswd.c, src/gpasswd.c,
+	src/groupadd.c, src/groupdel.c, src/groupmems.c, src/groupmod.c,
+	src/grpconv.c, src/grpunconv.c, src/newusers.c, src/pwconv.c,
+	src/pwunconv.c, src/useradd.c, src/userdel.c: Harmonize the name
+	of the variables keeping the lock status, to match the shadow
+	library prefixes.
+
+2008-08-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chage.c, src/chgpasswd.c, src/chpasswd.c, src/chsh.c,
+	src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmems.c,
+	src/groupmod.c, src/grpck.c, src/grpconv.c, src/grpunconv.c,
+	src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c,
+	src/pwunconv.c, src/useradd.c, src/userdel.c, src/usermod.c: In
+	case of a lock failure, indicate to the user that she can try
+	again later. Do not log to syslog.
+
+2008-08-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/passwd.c: For compatibility with other passwd version,
+	the --lock an --unlock options do not lock or unlock the user
+	account anymore.  They only lock or unlock the user's password.
+	* man/passwd.1.xml: Document above change. Document how an account
+	can be locked and what a password lock means.
+
+2008-08-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/groupadd.8.xml: Fix the regular expression for group policy.
+	The final $ character is optional.
+	* man/groupadd.8.xml: Likewise.
+	* man/groupadd.8.xml: Indicate the maximum size of usernames.
+
+2008-08-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/pl.po: Fix typo in the Polish translation (see
+	http://bugs.debian.org/491460)
+
+2008-08-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/pl/Makefile.am: Do not build the Polish translation of
+	login.1 and su.1 (not enough translated). See
+	http://bugs.debian.org/491460
+
+2008-08-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/shadow.5.xml: Fix typo. The password must be changed before
+	the maximum number of days, not after.
+
+2008-08-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Harmonize the unlock failure messages.
+
+2008-08-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwck.c: Added fail_exit().
+	* src/pwck.c: Report failure to unlock files to stderr and
+	syslog.
+	* src/pwck.c: Report failure to sort to stderr, and exit with
+	E_CANTSORT.
+	* man/pwck.8.xml: Document return code 6 (E_CANTSORT).
+
+2008-08-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/vipw.c: Report failures to remove files to stderr.
+	* src/vipw.c: Report failures to unlock files to stderr.
+
+2008-08-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/groupmems.c: Added syslog support.
+	* src/groupmems.c: members() renamed display_members() to
+	avoid name clash with its members argument.
+	* src/groupmems.c: Report failure to unlock to syslog.
+	* src/groupmems.c: Harmonize error messages.
+	* src/groupmems.c: Report failures to write the new group file to
+	syslog (gr_close() failure).
+	* src/groupmems.c: Don't use fail_exit for non-failure exit.
+
+2008-08-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chsh.c: Added fail_exit().
+	* src/chsh.c: Use fail_exit() instead of exit(), this avoid
+	calling closelog() every times.
+	* src/chsh.c: Ignore the return value or pam_end().
+	* src/chsh.c: Simplify the PAM error handling.
+	* src/chsh.c: Report failure to unlock files to stderr and
+	syslog.
+
+2008-08-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chpasswd.c: Added fail_exit().
+	* src/chpasswd.c: Added support for syslog.
+	* src/chpasswd.c: Report failure to unlock files to stderr and
+	syslog.
+	* src/chpasswd.c: Simplify the PAM error handling.
+	* src/chpasswd.c: Report failure during *_close() to syslog.
+	* src/chpasswd.c: Ignore the return value or pam_end().
+
+2008-08-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chgpasswd.c: Added fail_exit().
+	* src/chgpasswd.c: Added support for syslog.
+	* src/chgpasswd.c: Report failure to unlock files to stderr and
+	syslog.
+	* src/chgpasswd.c: Simplify the PAM error handling.
+	* src/chgpasswd.c: Report failure during *_close() to syslog.
+	* src/chgpasswd.c: Ignore the return value or pam_end().
+
+2008-08-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c: Report failure to remove entries from group or
+	gshadow to stderr.
+	* src/userdel.c: Fail in case of failure during the write of a
+	user or group database. Report errors to syslog.
+	* src/userdel.c: Do not unlock non locked files.
+	* src/userdel.c: Report failure to unlock the passwd or shadow
+	file to stderr and syslog.
+
+2008-08-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwunconv.c: Report failure to unlock the passwd or shadow
+	file to stderr and syslog.
+
+2008-08-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Report failure to unlock files to stderr and
+	syslog.
+
+2008-08-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newusers.c: Report failure to unlock files to stderr and
+	syslog.
+	* src/newusers.c: In case of error when files are open or closed,
+	indicate the failing file.
+	* src/newusers.c: Do not try to unlock the files manually since
+	this is done in fail_exit.
+
+2008-08-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chage.c: Report failure to unlock the passwd or shadow file
+	to stderr and syslog.
+
+2008-08-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwconv.c: Report failure to unlock the passwd or shadow file
+	to stderr and syslog.
+	* src/pwconv.c: Report failure to chmod the backup file.
+
+2008-08-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/grpunconv.c: Report failure to unlock the group or gshadow
+	files to stderr and syslog.
+
+2008-08-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chfn.c: Added fail_exit(). Check if the passwd file is
+	locked. Report failures to unlock to stderr and syslog.
+	* src/chfn.c: Is case of failure, use fail_exit() rather than
+	exit().
+	* src/chfn.c: Ignore the return value of pam_end().
+
+2008-08-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/groupio.c, lib/groupio.h, lib/pwio.c, lib/pwio.h,
+	lib/sgroupio.c, lib/sgroupio.h, lib/shadowio.c, lib/shadowio.h:
+	Added *_dbname() functions to retrieve the name of the databases.
+	* lib/groupio.c, lib/groupio.h, lib/pwio.c, lib/pwio.h,
+	lib/sgroupio.c, lib/sgroupio.h, lib/shadowio.c, lib/shadowio.h:
+	*_name() functions renamed *setname().
+	* src/grpck.c, src/pwck.c: Likewise.
+	* lib/groupio.h, lib/pwio.h, lib/sgroupio.h, lib/shadowio.h: Added
+	the name of the arguments to the prototypes.
+	* src/chage, src/chfn.c, src/chgpasswd.c, src/chpasswd.c,
+	src/chsh.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c,
+	src/groupmod.c, src/grpck.c, src/grpconv.c, src/grpunconv.c,
+	src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c,
+	src/pwunconv.c, src/useradd.c, src/userdel.c, src/usermod.c:
+	Harmonize the error & syslog messages in case of failure of the
+	*_lock(), *_open(), *_close(), *_unlock(), *_remove() functions.
+	* src/chgpasswd.c, src/chpasswd.c, src/usermod.c: Avoid
+	capitalized messages.
+	* src/chpasswd.c, src/useradd.c, src/usermod.c: Harmonize messages
+	in case of inexistent entries.
+	* src/usermod.c:  Harmonize messages in case of already existing
+	entries.
+	* src/newusers.c, src/useradd.c: Simplify PAM error handling.
+	* src/useradd.c: Report failures to unlock files (stderr, syslog,
+	and audit). But do not fail (continue).
+	* src/useradd.c (open_files): Do not report to syslog & audit
+	failures to lock or open the databases. This might be harmless,
+	and the logs were not already informed that a change was
+	requested.
+	* src/usermod.c: It's not the account which is unlocked, but its
+	password.
+
+2008-08-02  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupadd.c: Harmonize error & syslog messages.
+	* src/groupadd.c: Add logging to syslog & audit on lock/unlock
+	failures.
+	* src/groupadd.c: Only call gr_unlock() and sgr_unlock() in the
+	group or gshadow files were previously locked.
+	* src/groupadd.c: Make sure failures are reported to syslog/audit
+	after the change is mentioned.
+	* src/groupmod.c: Harmonize error & syslog messages.
+	* src/groupmod.c: Add logging to syslog & audit on lock/unlock
+	failures.
+	* src/groupmod.c: Make sure issues are reported to syslog or audit
+	after the change is mentioned.
+	* src/groupdel.c: Harmonize error & syslog messages.
+	* src/groupdel.c: Add logging to syslog & audit on lock/unlock
+	failures.
+	* src/groupdel.c: Only call gr_unlock() and sgr_unlock() in the
+	group or gshadow files were previously locked.
+	* src/groupdel.c: Simplify the handling of PAM errors.
+
+2008-08-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c: Harmonize error & syslog messages.
+	* src/gpasswd.c: Warn and log to syslog and audit when group or
+	gshadow cannot be unlocked, but do not fail.
+
+2008-08-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chfn.c, src/chsh.c, src/groupdel.c, src/groupmems.c,
+	src/groupmod.c, src/grpck.c, src/login.c, src/logoutd.c,
+	src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c,
+	src/suauth.c, src/useradd.c, src/userdel.c, src/usermod.c,
+	src/vipw.c: Complete the switch from the `' quotation style to ''.
+	Do it also in SYSLOG messages. Quote some parameters. All this
+	permits to merge some messages.
+
+2008-07-30  Lukáš Kuklínek  <lkukline@redhat.com>
+
+	* src/groupmems.c: Only check if the adduser user exists when an
+	user is specified with -a.
+
+2008-07-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Fix the groupmems' usage message. The -D option
+	is in fact -p.
+
+2008-07-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Replace an if test by an else.
+
+2008-07-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Ignore the return value of fputs().
+
+2008-07-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c (whoami): Make sure usr and grp are not NULL
+	before dereferencing them.
+
+2008-07-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Use xstrdup() rather than strdup().
+
+2008-07-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Add parenthesis.
+	* src/groupmems.c: Avoid implicit conversion of pointers / chars to
+	booleans.
+
+2008-07-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/groupmems.c: Allow everybody to list the users of a group.
+	This information is publicly available in /etc/group.
+	* NEWS, src/groupmems.c: Open /etc/group read only for the -l option.
+
+2008-07-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/groupmems.8.xml: Sort options alphabetically.
+
+2008-07-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c (check_perms): Simplify. Always call pam_end()
+	at the end of the authentication.
+
+2008-07-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Add fail_exit() to remove the group lock file
+	in case of failure. Replace the calls to exit() by fail_exit().
+
+2008-07-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Reduce the number of checks. Isolate the
+	parameters setting and permissions checking.
+
+2008-07-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Add functions process_flags() and check_perms()
+	from code of main().
+	* src/groupmems.c: Harmonize the failure message in case of PAM
+	failure with the other programs.
+
+2008-07-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Remove isgroup(), which always returns TRUE.
+
+2008-07-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Reuse the functions from libmisc/list.c to deal
+	with user lists. addtogroup() was broken when realloc() move the
+	memory area.
+	* src/groupmems.c: Report failures with the name of the program.
+
+2008-07-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: EXIT_READ_GROUP changed to EXIT_INVALID_GROUP.
+	* src/groupmems.c: EXIT_INVALID_USERNAME changed to EXIT_INVALID_USER.
+
+2008-07-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Really use booleans.
+	* src/groupmems.c: Change isroot() to a macro that returns a
+	boolean.
+
+2008-07-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/defines.h: Make sure the booleans are defined before using
+	them.
+
+2008-07-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Added Prog global variable to indicate the name
+	of the program in error messages.
+
+2008-07-22  Lukáš Kuklínek  <lkukline@redhat.com>
+
+	* NEWS, src/groupmems.c: Check if the user added to group actually
+	exist. RedHat bug #455603
+	* NEWS, src/groupmems.c: Check if the group exists in the group
+	local database (/etc/group). RedHat bug #456088
+
+2008-07-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h: Fix getrange prototype.
+
+2008-07-21  Seraphim Mellos  <mellos@ceid.upatras.gr>
+
+	* README, NEWS, configure.in, lib/pam_defs.h, src/login.c: Add
+	support for OpenPAM.
+
+2008-07-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chage.c: Ignore the return value of pam_end() before exiting.
+	* src/chage.c: Ignore return values of strftime(), snprintf(),
+	puts(), printf(), and fputs().
+	* src/chage.c: Check the return value of asctime().
+
+2008-07-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/gshadow.c: Avoid assignments in comparison.
+
+2008-07-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* ChangeLog, NEWS, src/login.c: Re-inject the changes from 4.1.2.1.
+
+2008-07-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Do not call usr_update() if it will have no
+	effects. This avoid checking if the user exists in the local passwd
+	file if not necessary, and thus allow to add LDAP users to local
+	groups. (The user is already checked against the system
+	configuration with getpwnam()). Thanks to Dan Kopecek.
+
+2008-07-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Split update_files() into update_lastlog() and
+	update_faillog(). Report errors (but don't fail) if the file
+	exist, but open(), lseek(), read(), write(), or close() fails.
+	* src/usermod.c: Add brackets and parenthesis.
+	* src/usermod.c: Ignore the return value of pam_end() before
+	exiting.
+	* src/usermod.c: Ignore the return value of strftime(),
+	snprintf(), and puts().
+	* src/usermod.c: Check the return value of gmtime() and asctime(),
+	and output the raw time_t on failures.
+
+2008-07-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/setugid.c: Add brackets.
+
+2008-06-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/env.c: Avoid implicit conversion of pointers / chars to
+	booleans.
+	* libmisc/env.c: Add brackets and parenthesis.
+	* libmisc/env.c: Ignore the return value of puts() and fputs().
+	* libmisc/env.c: Avoid multi-statements lines.
+
+2008-06-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/utmp.c: Avoid implicit conversion of pointers / chars to
+	booleans.
+	* libmisc/utmp.c: Add brackets and parenthesis.
+	* libmisc/utmp.c: Exit with the EXIT_FAILURE status code in case
+	of failure.
+	* libmisc/utmp.c: Avoid assignments in comparisons.
+	* lib/prototypes.h, libmisc/utmp.c: Change setutmp()'s prototype
+	to return an int because pututline() and pututxline() may fail.
+
+2008-06-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/audit_help.c: Added one string for translation.
+	* po/POTFILES.in: Added libmisc/audit_help.c,
+	libmisc/find_new_gid.c, libmisc/find_new_uid.c, libmisc/getlong.c,
+	libmisc/getrange.c, libmisc/xgetXXbyYY.c, and libmisc/yesno.c.
+	Removed libmisc/find_new_ids.c
+
+2008-06-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: If the faillog file exist, warn in case of
+	failure when open(), lssek(), write() or close() fails when the
+	new user's faillog entry is reset.
+	* src/useradd.c: Ditto for the lastlog entry.
+
+2008-06-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/limits.c: Add brackets and parenthesis.
+	* libmisc/limits.c: Avoid implicit conversion of pointers /
+	integers to booleans.
+	* libmisc/limits.c: Ignore the return value of umask(). We will
+	never return to the original umask.
+	* libmisc/limits.c: Avoid multi-statements lines.
+	* libmisc/limits.c: Added default to a switch(). Report invalid
+	limit strings to syslog.
+	* libmisc/limits.c: Ignore the return value of fclose().
+	/etc/limits is open read-only.
+	* libmisc/limits.c: Ignore the return value of fputs() and
+	sleep().
+	* libmisc/limits.c: Check the return value of nice() and
+	set_filesize_limit(), and report errors to syslog.
+
+2008-06-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/ulimit.c, lib/prototypes.h: Return failures of
+	set_filesize_limit(). Change the prototype to return an int
+	instead of void.
+
+2008-06-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/failure.c: Try to close the open file if a failure
+	occured during lseek(), read() or write().
+
+2008-06-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/log.c: Check return values. If lseek() failed, avoid
+	reading or writing at an unspecified location. Log to syslog in
+	case of failure.
+	* libmisc/log.c: Use the right casts.
+
+2008-06-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/find_new_ids.c, libmisc/find_new_gid.c,
+	libmisc/find_new_uid.c, libmisc/Makefile.am, lib/prototypes.h:
+	Split find_new_ids.c into find_new_gid.c and find_new_uid.c to
+	ease the description of login.defs variables in the different
+	tools.
+
+2008-06-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/failure.c: Ignore the return value of strftime() and
+	printf().
+	* libmisc/failure.c: Fix syslog call. The UID is not available.
+	User the username specified in the utmp/utmpx entry.
+
+2008-06-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/defines.h: Avoid implicit conversion of pointers to
+	booleans.
+	* lib/defines.h: Ignore return values of setlocale() except the
+	first call.
+	* lib/defines.h: Fix a splint observer warning by using an
+	intermediate variable (old_locale).
+
+2008-06-15  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/failure.c: Check return values. If lseek() failed, avoid
+	reading or writing at an unspecified location. Log to syslog in
+	case of failure when reading a faillog entry or writing in
+	faillog or btmp.
+	* libmisc/failure.c: Check if the file exist before opening it.
+	* libmisc/failure.c: Log failures of open() and close() when
+	necessary.
+
+2008-06-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h: Add the getrange() prototype.
+	* lib/prototypes.h: Fix the valid_field() prototype (does not
+	return an bool).
+	* lib/prototypes.h: Fix the valid() prototype (it does return a
+	bool).
+
+2008-06-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/getdef.c: Fix the getdef_ulong() prototype.
+	* lib/getdef.h: Fix the getdef_ulong() prototype.
+
+2008-06-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/lastlog.c: Use getrange to parse the range of users.
+	* src/lastlog.c: umin and umax do not need to be signed long. Use
+	an unsigned long which might be needed to parse a GID or UID. Add
+	the has_umin and has_umax to replace the -1 values.
+	* src/lastlog.c: Cast dates to time_t.
+	* src/lastlog.c: Prefix lastlog errors with "lastlog: ".
+
+2008-06-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/getlong.c: Reset errno before calling strtol().
+	Otherwise, errno could be already set to ERANGE.
+
+2008-06-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/Makefile.am, libmisc/getrange.c: Added function to parse
+	a range (useful for lastlog).
+
+2008-06-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chsh.c: <signal.h> is not needed.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h: Define AUDIT_NO_ID to (unsigned int) -1. This
+	value should be used when the ID should not be considered.
+	* lib/prototypes.h: Fix the prototype of do_rlogin() according to
+	earlier changes.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/shadow.c: Use SHADOW_SP_FLAG_UNSET for the initial
+	value of spwd.sp_flag.
+	* lib/shadow.c: Add brackets.
+	* lib/shadow.c: Avoid implicit conversion of pointers to
+	booleans.
+	* lib/shadow.c: The size argument of fgets is an int, not a
+	size_t.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: len should be typed ssize_t as it is the return
+	of read(), and is compared to 0. Cast to size_t when necessary.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/find_new_ids.c: Use getdef_ulong to retrieve UIDs/GIDs
+	from login.defs. Type constants to long integers.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/gshadow.c: Use a bool when possible instead of int integers.
+	* lib/gshadow.c: Remove __setsgNIS() -never used).
+	* lib/gshadow.c: Avoid multi-statements lines.
+	* lib/gshadow.c: Avoid assignments in comparisons.
+	* lib/gshadow.c: ptr[nelem] is a string. Initialize it to NULL
+	instead of '\0'.
+	* lib/gshadow.c: Add brackets and parenthesis.
+	* lib/gshadow.c: The size argument of strncpy is a size_t and the
+	size argument of fgets is an int.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/groupio.c: Add brackets.
+	* lib/groupio.c: Make sure malloc receives a size_t.
+	* lib/groupio.c: Avoid multi-statements lines.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/sgetspent.c: Use SHADOW_SP_FLAG_UNSET for the initial
+	value of spwd.sp_flag.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/getdef.h, lib/getdef.c: Add getdef_ulong().
+	* lib/getdef.c: Added TODOs because of lack of error checking.
+	* lib/getdef.c: The size argument of fgets is an int, not a
+	size_t.
+	* lib/getdef.c: Avoid multi-statements lines.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/id.c: Make sure malloc receives a size_t.
+	* src/id.c: Use a %lu format and cast group and user IDs to
+	unsigned long integers.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/sulogin.c: Ignore the return value of signal().
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groups.c: sys_ngroups is only used when HAVE_GETGROUPS is
+	defined.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/faillog.c: Ignore return value of time() when use with a
+	non NULL argument.
+	* src/faillog.c: Use a %lu format and cast number of days to
+	unsigned long integers.
+	* src/faillog.c: Cast dates to time_t.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Ignore the return value of signal().
+	* src/login.c: Use a %lu format and cast group and user IDs to
+	unsigned long integers.
+	* src/login.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chage.c: Add the arguments' names in the functions
+	prototypes.
+	* src/chage.c: The ID argument of audit_logger is an unsigned
+	int. Use AUDIT_NO_ID instead of -1.
+	* src/chage.c: print_date() received a time_t.
+	* src/chage.c: Use SHADOW_SP_FLAG_UNSET for the initial
+	value of spwent.sp_flag.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupadd.c: The ID argument of audit_logger is an unsigned
+	int. Use AUDIT_NO_ID instead of -1.
+	* src/groupadd.c: Cast the parsed GID/UID to a gid_t/uid_t.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwck.c: Use a %lu format and cast group and user IDs to
+	unsigned long integers.
+	* src/pwck.c: Cast number of days to a long integer.
+	* src/pwck.c: Use the SCALE macro instead of (24L * 3600L)
+	for the values to be set in /etc/shadow.
+	* src/pwck.c: Use SHADOW_SP_FLAG_UNSET for the initial
+	value of spent.sp_flag.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/passwd.c: Ignore return value of time() when use with a
+	non NULL argument.
+	* src/passwd.c: Cast number of days to a long integer.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmod.c: The ID argument of audit_logger is an unsigned
+	int. Use AUDIT_NO_ID instead of -1.
+	* src/groupmod.c:  Use a %lu format and cast group and user IDs to
+	unsigned long integers.
+	* src/groupmod.c: Cast the parsed GID/UID to a gid_t/uid_t.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: The ID argument of audit_logger is an unsigned
+	int. Use AUDIT_NO_ID instead of -1.
+	* src/useradd.c: Cast the parsed GID/UID to a gid_t/uid_t.
+	* src/useradd.c: The size argument of fgets is an int, not a
+	size_t.
+	* src/useradd.c: Cast number of days to a long integer.
+	* src/useradd.c: Use SHADOW_SP_FLAG_UNSET for the initial
+	value of spent.sp_flag.
+	* src/useradd.c: Use a %lu format and cast group and user IDs to
+	unsigned long integers.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: fork() and waitpid() return a pid_t, not an int.
+	* src/su.c: Add brackets and parenthesis.
+	* src/su.c: Ignore the return value of signal().
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupdel.c: The ID argument of audit_logger is an unsigned
+	int. Use AUDIT_NO_ID instead of -1.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/expiry.c: Ignore the return value of signal().
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newusers.c: Fix the check for GID/UID validity.
+	* src/newusers.c: Comment why we use both getgrgid() and
+	gr_locate_gid().
+	* src/newusers.c: Cast the parsed GID/UID to a gid_t/uid_t.
+	* src/newusers.c: Cast the number of days to a long integer.
+	* src/newusers.c: Use SHADOW_SP_FLAG_UNSET for the initial
+	value of spent.sp_flag.
+	* src/newusers.c: The size argument of fgets is an int, not a
+	size_t.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Cast dates to time_t, and number of days to a
+	long integer.
+	* src/usermod.c: Cast UIDs and GIDs to uid_t and gid_t after
+	checking the ranges.
+	* src/usermod.c: The ID argument of audit_logger is an unsigned
+	int.
+	* src/usermod.c: read() returns a ssize_t.
+	* src/usermod.c: Cast the return value of malloc and make sure it
+	receives a size_t.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/logoutd.c: Ignore return value of time() when use with a
+	non NULL argument.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwconv.c: Use SHADOW_SP_FLAG_UNSET for the initial
+	value of sp.sp_flag.
+	* src/pwconv.c: Cast number of days to a long integer.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c: The ID argument of audit_logger is an unsigned
+	int.
+	* src/gpasswd.c: Ignore the return value of signal(). The signal
+	handlers are only changed for the last steps of gpasswd, and there
+	is no need to restore them.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c: The ID argument of audit_logger is an unsigned
+	int.
+	* src/userdel.c: fork() and wait() return a pid_t, not an int.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newgrp.c: Use a %lu format and cast group and user IDs to
+	unsigned long integers.
+	* src/newgrp.c: The ID argument of audit_logger is an unsigned
+	int.
+	* src/newgrp.c: Ignore the return value of signal() (the signal
+	handlers are assumed to be the default one and are restored
+	later).
+	* src/newgrp.c: Do not checl if a pid_t is < 0, check if equal
+	to (pid_t)-1.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/isexpired.c: Cast number of days to a long integer.
+	* libmisc/isexpired.c: Add brackets and parenthesis.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/copydir.c: Do not specify a size of arrays in the
+	prototypes.
+	* libmisc/copydir.c: Use a size_t for the length of strings.
+	* libmisc/copydir.c: Cast the return value of malloc().
+	* libmisc/copydir.c: The size argument of write() is a size_t.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/pwd2spwd.c: Cast number of days to a long integer.
+	* libmisc/pwd2spwd.c: Use SHADOW_SP_FLAG_UNSET for the initial
+	value of sp.sp_flag.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/defines.h: Include <config.h> since it uses the macro that
+	might be defined in this header file.
+	* lib/defines.h: Prefer checking if HAVE_LOCALE_H or ENABLE_NLS
+	are defined (rather than set to non 0).
+	* lib/defines.h: The dummy implementations of bindtextdomain() and
+	textdomain() should return a pointer. Return NULL instead of
+	/* empty */
+	* lib/defines.h: Define SHADOW_SP_FLAG_UNSET, to be used for the
+	initialization of sp_flag field of the shadow structures.
+	* lib/defines.h: Define LC_ALL, needed even if HAVE_LOCALE_H is
+	not defined.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/sulog.c: Ignore the return value of umask() when the
+	mask is restored.
+	* libmisc/sulog.c: Add brackets.
+	* libmisc/sulog.c: Ignore return value of time() when use with a
+	non NULL argument.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/log.c: Avoid assignments in comparisons.
+	* libmisc/log.c: Add brackets and parenthesis.
+	* libmisc/log.c: read() returns a ssize_t (note size_t).
+	* libmisc/log.c: Avoid implicit conversion of pointers to
+	booleans.
+	* libmisc/log.c: Ignore return value of time() when use with a
+	non NULL argument.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/strtoday.c: Avoid implicit conversion of pointers to
+	booleans.
+	* libmisc/strtoday.c: Add brackets and parenthesis.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/salt.c: Use a size_t for the size of strings instead of
+	unsigned int.
+	* libmisc/salt.c: Add brackets and parenthesis.
+	* libmisc/salt.c: Avoid assignments in comparisons.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/age.c: fork() and wait() return a pid_t, not an int.
+	* libmisc/age.c: Avoid implicit conversion of pointers to
+	booleans.
+	* libmisc/age.c: Avoid assignments in comparisons.
+	* libmisc/age.c: Ignore the return value of printf(), puts(),
+	fputs() and fflush().
+	* libmisc/age.c: Add brackets and parenthesis.
+	* libmisc/age.c: Cast the return value of time() to long and
+	converted to a date.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/rlogin.c: The size argument of read() is a size_t.
+	Propagate this time to the callers (the get_remote_string() and
+	do_rlogin() functions).
+	* libmisc/rlogin.c: Add brackets and parenthesis.
+	* libmisc/rlogin.c: Avoid multi-statements lines.
+	* libmisc/rlogin.c: Avoid assignments in comparisons.
+	* libmisc/rlogin.c: Avoid implicit conversion of pointers to
+	booleans.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/failure.c: Avoid assignments in comparisons.
+	* libmisc/failure.c: read() returns a ssize_t.
+	* libmisc/failure.c: Add brackets and parenthesis.
+	* libmisc/failure.c: Ignore return value of time() when use with a
+	non NULL argument.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/chowntty.c: Avoid assignments in comparisons.
+	* libmisc/chowntty.c: Avoid implicit conversion of pointers to
+	booleans.
+	* libmisc/chowntty.c: Add brackets and parenthesis.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/audit_help.c: Add brackets.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/addgrps.c: Avoid implicit conversion of pointers to
+	booleans.
+	* libmisc/addgrps.c: Add brackets.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/utmp.c: Avoid implicit conversion of pointers to
+	booleans.
+
+2008-06-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/console.c, libmisc/hushed.c, libmisc/yesno.c,
+	libmisc/loginprompt.c, libmisc/ttytype.c, libmisc/tz.c,
+	src/login_nopam.c, src/chpasswd.c, src/chgpasswd.c, lib/port.c:
+	The size argument of fgets is an int, not a size_t.
+	* libmisc/loginprompt.c: Ignore the return value from signal()
+	when the signal handlers are restored.
+	* src/chpasswd.c: Cast the return value of time() to a long
+	integer.
+	* src/chpasswd.c: Use the SCALE macro instead of (24L * 3600L)
+	for the values to be set in /etc/shadow.
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwck.c: Use a bool when possible instead of int integers.
+	* src/pwck.c: Avoid implicit conversion of integers to booleans.
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: Use a bool when possible instead of int integers.
+	* src/su.c: Add brackets and parenthesis.
+	* src/su.c: Avoid implicit conversion of pointers / integers
+	/ chars to booleans.
+	* src/su.c: Ignore the return value of pam_end() before
+	exiting.
+	* src/su.c: Avoid assignments in comparisons.
+	* src/su.c: Avoid multi-statements lines.
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h, libmisc/valid.c: Change the prototype of
+	valid() to return a bool.
+	* libmisc/valid.c: Add parenthesis.
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: Add brackets and parenthesis.
+	* lib/commonio.c: Check the result of fgets().
+	* lib/commonio.c: Avoid implicit conversion of pointers to
+	booleans.
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h: Fix the prototypes to match earlier changes.
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/nscd.c: Include defines.h.
+	* lib/nscd.c: Always warn when the nscd cache cannot be flushed.
+	* lib/nscd.c: Avoid assignments in comparisons.
+	* lib/nscd.c: Ignore the return value of fputs() when printing
+	errors.
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/port.c: Add brackets and parenthesis.
+	* lib/port.c: Change isttytime() prototype to return a bool.
+	* lib/port.c: Ignore the return value of fclose () (file open
+	read-only).
+	* lib/port.c: Avoid multi-statements lines.
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/id.c: Ignore the return value of fputs(), puts(), putchar(),
+	and printf().
+	* src/id.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/id.c: Add brackets and parenthesis.
+	* src/id.c: Avoid implicit conversion of pointers / integers
+	to booleans.
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chsh.c: Use a bool when possible instead of int integers.
+	* src/chsh.c: restricted_shell() renamed is_restricted_shell().
+	check_shell() renamed shell_is_listed().
+	* src/chsh.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/chsh.c: Avoid implicit conversion of pointers / integers
+	to booleans.
+	* src/chsh.c: Ignore the return value of pam_end() before
+	exiting.
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/grpunconv.c: Use a bool when possible instead of int
+	integers.
+	* src/grpunconv.c: Add brackets and parenthesis.
+	* src/grpunconv.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/grpunconv.c: Avoid implicit conversion of pointers / integers
+	to booleans.
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/sulogin.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/sulogin.c: Avoid implicit conversion of pointers / integers
+	/ chars to booleans.
+	* src/sulogin.c: Avoid assignments in comparisons.
+	* src/sulogin.c: Ignore the return value of alarm().
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groups.c: Use a bool when possible instead of int integers.
+	* src/groups.c: Add brackets and parenthesis.
+	* src/groups.c: Avoid implicit conversion of pointers / integers
+	to booleans.
+	* src/groups.c: Avoid assignments in comparisons.
+	* src/groups.c: Ignore the return value of putchar(), printf()
+	* src/groups.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/grpconv.c: Use a bool when possible instead of int integers.
+	* src/grpconv.c: Add brackets and parenthesis.
+	* src/grpconv.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/grpconv.c: Avoid implicit conversion of pointers / integers
+	to booleans.
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/faillog.c: Use a bool when possible instead of int integers.
+	* src/faillog.c: Avoid implicit conversion of pointers / integers
+	/ chars to booleans.
+	* src/faillog.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/faillog.c: Add brackets and parenthesis.
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Avoid multi-statements lines.
+	* src/login.c: Ignore the return value of pam_end() before
+	exiting.
+	* src/login.c: Use a bool when possible instead of int integers.
+	* src/login.c: Add brackets and parenthesis.
+	* src/login.c: Ignore the return values of fflush(), putchar(), puts().
+	* src/login.c: Ignore the return value of fclose() for read-only
+	files.
+	* src/login.c: Avoid assignments in comparisons.
+	* src/login.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/login.c: Avoid implicit conversion of pointers / integers
+	/ chars to booleans.
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chage.c: Use a bool when possible instead of int integers.
+	* src/chage.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupadd.c: Use a bool when possible instead of int
+	integers.
+	* src/groupadd.c: Add brackets and parenthesis.
+	* src/groupadd.c: Avoid implicit conversion of pointers / integers
+	/ chars to booleans.
+	* src/groupadd.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/groupadd.c: Ignore the return value of pam_end() before
+	exiting.
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwck.c: Use a bool when possible instead of int integers.
+	* src/pwck.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/passwd.c: Use a bool when possible instead of int integers.
+	* src/passwd.c: Avoid assignments in comparisons.
+	* src/passwd.c: Add brackets and parenthesis.
+	* src/passwd.c: Avoid implicit conversion of pointers / integers /
+	chars to booleans.
+	* src/passwd.c: Move the "context_t c" declaration at the
+	beginning check_selinux_access.
+	* src/passwd.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+
+2008-06-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmod.c: Use a bool when possible instead of int
+	integers.
+	* src/groupmod.c: Avoid assignments in comparisons.
+	* src/groupmod.c: Add brackets and parenthesis.
+	* src/groupmod.c: Avoid implicit conversion of pointers / integers
+	/ chars to booleans.
+	* src/groupmod.c: Use a %lu format to print GIDs, and cast the GID
+	to (unsigned long int).
+	* src/groupmod.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/groupmod.c: Ignore the return value of pam_end() before
+	exiting.
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/su.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Use a bool when possible instead of int integers.
+	* src/useradd.c: Avoid implicit conversion of pointers / integers
+	/ chars to booleans.
+	* src/useradd.c: Add brackets and parenthesis.
+	* src/useradd.c: Avoid assignments in comparisons.
+	* src/useradd.c: Ignore the return value of fclose() for read-only
+	files.
+	* src/useradd.c: Ignore the return value of fflush() before
+	closing the files.
+	* src/useradd.c: Avoid multi-statements lines.
+	* src/useradd.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/useradd.c: Ignore the return value of pam_end() before
+	exiting.
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/vipw.c: Use a bool when possible instead of int integers.
+	* src/vipw.c: Ignore the return value of umask(), when the mask is
+	set again to the old value.
+	* src/vipw.c: Avoid implicit conversion of pointers / integers to
+	booleans.
+	* src/vipw.c: Add brackets and parenthesis.
+	* src/vipw.c: Avoid assignments in comparisons.
+	* src/vipw.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/vipw.c: Add missing termination of the longopts parameter
+	for getopt_long().
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chgpasswd.c: Use a bool when possible instead of int
+	integers.
+	* src/chgpasswd.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/chgpasswd.c: Avoid implicit conversion of integers to
+	booleans.
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupdel.c: Use a bool when possible instead of int
+	integers.
+	* src/groupdel.c: Avoid implicit conversion of pointers / integers to
+	booleans.
+	* src/groupdel.c: Avoid assignments in comparisons.
+	* src/groupdel.c: Ignore the return value of pam_end() before
+	exiting.
+	* src/groupdel.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/expiry.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/expiry.c: Add brackets and parenthesis.
+	* src/expiry.c: Avoid assignments in comparisons.
+	* src/expiry.c: Avoid implicit conversion of pointers to booleans.
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwunconv.c: Use a bool when possible instead of int
+	integers.
+	* src/pwunconv.c: Add brackets and parenthesis.
+	* src/pwunconv.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/pwunconv.c: Avoid implicit conversion of pointers / integers
+	/ chars to booleans.
+	* src/pwunconv.c: Avoid assignments in comparisons.
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Use a bool when possible instead of int integers.
+	* src/usermod.c: Add brackets and parenthesis.
+	* src/usermod.c: Avoid implicit conversion of pointers / integers
+	/ chars to booleans.
+	* src/usermod.c: Avoid assignments in comparisons.
+	* src/usermod.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/usermod.c: Ignore the return value of pam_end() before
+	exiting.
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmems.c: Move the declaration of option_index and
+	long_options before the blocks of code.
+	* src/groupmems.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/groupmems.c: Ignore the return value of pam_end() before
+	exiting.
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chfn.c: Use a bool when possible instead of int integers.
+	* src/chfn.c: Avoid implicit conversion of integers / chars to
+	booleans.
+	* src/chfn.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/logoutd.c: Use a bool when possible instead of int integers.
+	* src/logoutd.c: Avoid implicit conversion of pointers / integers
+	/ chars to booleans.
+	* src/logoutd.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/logoutd.c: Add brackets and parenthesis.
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chpasswd.c: Use a bool when possible instead of int
+	integers.
+	* src/chpasswd.c: Avoid implicit conversion of pointers / integers
+	/ chars to booleans.
+	* src/chpasswd.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwconv.c: Use a bool when possible instead of int integers.
+	* src/pwconv.c: Add brackets and parenthesis.
+	* src/pwconv.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/pwconv.c: Avoid implicit conversion of pointers / integers /
+	chars to booleans.
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newusers.c: Implement the -r, --system option.
+	* src/newusers.c: Use a bool when possible instead of int
+	integers.
+	* src/newusers.c: Avoid implicit conversion of pointers / integers
+	/ chars to booleans.
+	* src/newusers.c: Ignore the return value of pam_end() before
+	exiting.
+	* src/newusers.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/newusers.c: Avoid multi-statements lines.
+	* src/newusers.c: Add brackets and parenthesis.
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c: Use a bool when possible instead of int integers.
+	* src/gpasswd.c: Avoid implicit conversion of pointers / integers
+	/ chars to booleans.
+	* src/gpasswd.c: Ignore the return value of putchar() and fflush()
+	before exiting.
+	* src/gpasswd.c: check_list() renamed is_valid_user_list(), and
+	return a bool.
+	* src/gpasswd.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/grpck.c: Use a bool when possible instead of int integers.
+	* src/grpck.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/lastlog.c: Use a bool when possible instead of int integers.
+	* src/lastlog.c: Avoid implicit conversion of pointers / integers
+	/ chars to booleans.
+	* src/lastlog.c: Add brackets and parenthesis.
+	* src/lastlog.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c: Use a bool for the is_shadow_pwd, is_shadow_grp,
+	deleted_user_group, was_member, was_admin, and the
+	options' flags.
+	* src/userdel.c: Change path_prefix() prototype to return a bool.
+	* src/userdel.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/userdel.c: Ignore the return value from pam_end() since we
+	are exiting anyway just afterwards.
+	* src/userdel.c: Avoid implicit conversion of pointers /
+	integers / chars to booleans.
+	* src/userdel.c: Add brackets and parenthesis.
+	* src/userdel.c: Avoid assignments in comparisons.
+	* src/userdel.c: Do not ignore the return value of the *_unlock()
+	functions.
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login_nopam.c: Do not use the YES and NO macros. Use the
+	booleans true and false instead. Change the prototypes of
+	list_match(), user_match(), from_match(), and string_match()
+	accordingly. Also use booleans internally.
+	* src/login_nopam.c: Add brackets and parenthesis.
+	* src/login_nopam.c: Avoid implicit conversion of pointers /
+	integers / chars to booleans.
+	* src/login_nopam.c: Avoid assignments in comparisons.
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newgrp.c: Use a bool for is_newgrp, notfound, needspasswd,
+	initflag, and cflag.
+	* src/newgrp.c: Add brackets and parenthesis.
+	* src/newgrp.c: Avoid implicit conversion of pointers / integers /
+	chars to booleans.
+	* src/newgrp.c: Avoid multi-statements lines.
+	* src/newgrp.c: Ignore return value of setlocale(),
+	bindtextdomain(), and textdomain().
+	* src/newgrp.c: Avoid assignments in comparisons.
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/list.c: Change is_on_list() prototype to return a bool.
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/find_new_ids.c: Change find_new_uid() and find_new_gid()
+	prototypes to use a bool for their first argument (sys_user /
+	sys_group).
+
+2008-06-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/console.c: Change is_listed() prototype to return a bool.
+	The default parameter should also be a bool.
+	* libmisc/console.c: Add brackets and parenthesis.
+	* libmisc/console.c: Avoid assignments in comparisons.
+	* libmisc/console.c: Change console() prototype to return a bool.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/sgetspent.c: Add brackets and parenthesis.
+	* lib/sgetspent.c: Avoid assignments in comparisons.
+	* lib/sgetspent.c: Avoid implicit conversion of pointers / chars
+	to booleans.
+	* lib/sgetspent.c: Avoid multi-statements lines.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/sgetpwent.c: Avoid implicit conversion of pointers / chars to
+	booleans.
+	* lib/sgetpwent.c: Add brackets and parenthesis.
+	* lib/sgetpwent.c: Return NULL instead of 0.
+	* lib/sgetpwent.c: Do not check twice if fields[2] and fields[3]
+	are not empty.
+	* lib/sgetpwent.c: Avoid assignments in comparisons.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/getdate.y: abbrev is a bool.
+	* libmisc/getdate.y: Avoid implicit conversion of pointers / chars /
+	integers to booleans.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h: Fix prototypes according to earlier changes
+	(usage of the bool type).
+	* lib/prototypes.h: Add the arguments' name to the prototypes.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/groupio.h: Add protection against multiple inclusions.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/pwio.h: Add protection against multiple inclusions.
+	* lib/pwio.c: The changed, isopen, locked, and readonly fields
+	of the db are booleans.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/shadowio.h, lib/shadowio.c: spw_file_present returns a bool.
+	* lib/shadowio.h: Add protection against multiple inclusions.
+	* lib/shadowio.c: The changed, isopen, locked, and readonly fields
+	of the db are booleans.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/sgroupio.c: Avoid assignments in comparisons.
+	* lib/sgroupio.c: Add brackets.
+	* lib/sgroupio.c: Avoid implicit conversion of pointers / integers
+	to booleans.
+	* lib/sgroupio.c: The changed, isopen, locked, and readonly fields
+	of the db are booleans.
+	* lib/sgroupio.h, lib/sgroupio.c: sgr_file_present returns a bool.
+	* lib/sgroupio.h: Add protection against multiple inclusions.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/gshadow.c: nis_used and nis_bound are booleans.
+	* lib/gshadow.c: Avoid implicit conversion of pointers / integers
+	to booleans.
+	* lib/gshadow.c: Avoid assignments in comparisons.
+	* lib/gshadow.c: Add brackets.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/groupio.c: The changed, isopen, locked, and readonly fields
+	of the db are booleans.
+	* lib/groupio.h: Add protection against multiple inclusion.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/sgetgrent.c: Avoid implicit conversion of pointers / chars
+	to booleans.
+	* lib/sgetgrent.c: Avoid assignments in comparisons.
+	* lib/sgetgrent.c: Add brackets.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/encrypt.c: Avoid implicit conversion of pointers to
+	booleans.
+	* lib/encrypt.c: Add parenthesis.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/port.c: Avoid implicit conversion of pointers / integers /
+	chars to booleans.
+	* lib/port.c: Avoid multiple statement on the same line.
+	* lib/port.c: Add brackets and parenthesis.
+	* lib/port.c: Avoid assignments in comparisons.
+	* lib/port.c: Fix typo comparision -> comparison (in comment).
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/fputsx.c: Add brackets.
+	* lib/fputsx.c: Avoid assignments in comparisons.
+	* lib/fputsx.c: Avoid implicit conversion of pointers / integers /
+	chars to booleans.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.h: commonio_entry.changed, commonio_db.changed,
+	commonio_db.isopen, commonio_db.locked, and commonio_db.readonly
+	are no booleans.
+	* lib/commonio.h: Include defines.h to get the definition of bool.
+	* lib/commonio.h: commonio_present returns a bool
+	* lib/commonio.c: Implement above changes.
+	* lib/commonio.c: add argument names in prototypes.
+	* lib/commonio.c: name_is_nis returns a bool.
+	* lib/commonio.c: nscd_need_reload is a bool.
+	* lib/commonio.c: Improve types (use size_t / pid_t when needed
+	instead of int).
+	* lib/commonio.c: Avoid assignments in comparisons.
+	* lib/commonio.c: Add brackets and parenthesis.
+	* lib/commonio.c: Avoid implicit conversion of pointers / integers
+	to booleans
+	* lib/commonio.c: The return values of utime is not checked on
+	purpose.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/isexpired.c: ARGSUSED is no more needed (shadow is
+	always supported).
+	* libmisc/isexpired.c: Avoid implicit conversion of pointers to
+	booleans.
+	* libmisc/isexpired.c: Add brackets and parenthesis.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/sulog.c (sulog): The success argument is a bool.
+	* libmisc/sulog.c: The return values of fflush is not checked on
+	purpose.
+	* libmisc/sulog.c: Indicate that some return values should be
+	checked.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/ttytype.c: Avoid implicit conversion of pointers /
+	integers to booleans.
+	* libmisc/ttytype.c: Avoid assignments in comparisons.
+	* libmisc/ttytype.c: Add brackets and parenthesis.
+	* libmisc/ttytype.c: The return values of fclose is not checked on
+	purpose.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/mail.c: Avoid implicit conversion of pointers to
+	booleans.
+	* libmisc/mail.c: Avoid assignments in comparisons.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/loginprompt.c: Avoid implicit conversion of pointers /
+	chars to booleans.
+	* libmisc/loginprompt.c: Add brackets.
+	* libmisc/loginprompt.c: Avoid assignments in comparisons.
+	* libmisc/loginprompt.c: The return values of fclose and fflush
+	are not checked on purpose.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/setupenv.c: Avoid implicit conversion of chars to
+	booleans.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/copydir.c: selinux_checked, selinux_enabled, and set_orig
+	are now booleans.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/setugid.c (setup_uid_gid): The is_console argument is now
+	a bool.
+	* libmisc/setugid.c: Avoid implicit conversion of integers /
+	pointers to booleans.
+	* libmisc/setugid.c: Add brackets.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/pam_pass.c (do_pam_passwd): The silent and
+	change_expired are no booleans instead of int.
+	* libmisc/pam_pass.c: The return value of pam_end is not checked
+	on purpose.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/getlong.c: Avoid implicit conversion of pointers / chars
+	to booleans.
+	* libmisc/getlong.c: Add brackets.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/valid.c: Avoid implicit conversion of pointers / chars
+	to booleans.
+	* libmisc/valid.c: Add brackets.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/yesno.c: yes_or_no returns a bool instead of int.
+	* libmisc/yesno.c: Avoid implicit conversion of pointers to
+	booleans.
+	* libmisc/yesno.c: The return value of fflush is not checked
+	on purpose.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/age.c: Avoid implicit conversion of integers to
+	booleans.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/rlogin.c: Avoid assignments in comparisons.
+	* libmisc/rlogin.c: Avoid implicit conversion of integers to
+	booleans.
+	* libmisc/rlogin.c: Add brackets.
+
+2008-05-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/failure.c (failcheck): The failed argument is a bool.
+	* libmisc/failure.h: Likewise.
+	* libmisc/failure.c (too_many_failures): too_many_failures returns
+	a bool.
+	* libmisc/failure.c: Add notes about unchecked return values.
+	* libmisc/failure.c: Avoid assignments in comparisons.
+	* libmisc/failure.c: Add brackets.
+
+2008-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/myname.c: Avoid assignments in comparisons.
+	* libmisc/myname.c: Avoid implicit conversion of pointers / chars
+	to booleans.
+	* libmisc/myname.c: Add brackets.
+
+2008-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/utmp.c (checkutmp): Change picky argument's type to
+	bool.
+	* libmisc/utmp.c: Use bool when possible (found_utmpx,
+	found_utmp).
+	* libmisc/utmp.c: Add note about unchecked return values.
+
+2008-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/addgrps.c: Change type of added to bool.
+	* libmisc/addgrps.c: Avoid implicit conversion of pointers to
+	booleans.
+
+2008-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/hushed.c: hushed returns a bool instead of int.
+	* libmisc/hushed.c: Avoid assignments in comparisons.
+	* libmisc/hushed.c (hushed): Change type of found to bool.
+	* libmisc/hushed.c: Add brackets.
+	* libmisc/hushed.c: Always check if the user or the shell is in
+	the file. Do not check the first character of the line first. This
+	is simpler and match better with the HUSHLOGIN_FILE documentation.
+
+2008-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/getdef.h, lib/getdef.c: getdef_bool returns a bool instead
+	of int.
+	* lib/getdef.c: Change typo of def_loaded to bool.
+	* lib/getdef.c: Add brackets.
+	* lib/getdef.c: Avoid assignments in comparisons.
+
+2008-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/chowntty.c: is_my_tty returns a bool.
+	* libmisc/chowntty.c: Avoid implicit conversion of integers to
+	booleans.
+	* libmisc/chowntty.c: Add brackets.
+
+2008-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/chowndir.c: Avoid assignment in comparisons, implicit
+	comparison of integers to booleans.
+	* libmisc/chowndir.c: The return value of closedir is not checked
+	on purpose.
+	* libmisc/chowndir.c: Add brackets.
+
+2008-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/chkname.h, libmisc/chkname.c: check_group_name (resp.
+	check_user_name) renamed to is_valid_user_name (resp.
+	is_valid_group_name). is_valid_user_name and is_valid_group_name
+	return a bool.
+	* src/grpck.c, src/newusers.c, src/usermod.c, src/useradd.c,
+	src/groupmod.c, src/pwck.c, src/groupadd.c: Use is_valid_user_name
+	and is_valid_group_name, following above change.
+	* libmisc/chkname.c: Avoid implicit conversion of chars to
+	booleans. Add brackets and parenthesis.
+
+2008-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/xmalloc.c: Avoid implicit conversion of integers /
+	pointers to booleans.
+	* libmisc/xgetXXbyYY.c: Likewise.
+
+2008-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in, lib/defines.h: Allow usage of booleans in the
+	source.
+
+2008-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: Allow --disable-man and --enable-man=no.
+
+2008-06-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Prepare the 4.1.2.1 release
+	* NEWS: set the release date.
+	* man/po/*.po, po/*.po: Updated PO files.
+	* configure.in: Set the version to 4.1.2.1.
+
+2008-06-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/login.c: Fix an "audit log injection" vulnerability in
+	login. This is similar to CVE-2008-1926 (util-linux-ng's login).
+	This vulnerability makes it easier for attackers to hide
+	activities by modifying portions of log events, e.g. by appending
+	an addr= statement to the login name.
+	* lib/prototypes.h: Added definition of AUDIT_NO_ID.
+
+2008-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Prepare the 4.1.2 release
+	* NEWS: set the release date.
+	* man/po/*.po, po/*.po: Updated PO files.
+	* configure.in: Set the version to 4.1.2.
+
+2008-05-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/Makevars, man/po/Makefile.in.in: Run msgmerge with
+	--previous. (This requires gettext >= 0.16)
+
+2008-05-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/copydir.c (remove_tree): As we always use remove_tree
+	followed by rmdir to remove the directory itself, delete also the
+	root directory in remove_tree.
+	* src/userdel.c, src/usermod.c: Do not call rmdir after
+	remove_tree.
+
+2008-05-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/copydir.c (remove_tree): Make sure unlink is successful
+	when removing files.
+
+2008-05-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/pwdcheck.c: Simply passwd_check since it's never used
+	when configured with PAM support.
+
+2008-05-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Fix compiler warnings:
+	* libmisc/audit_help.c: Include prototypes.h to get the prototype
+	of audit_help_open.
+	* libmisc/salt.c: Use booleans instead of negating integers.
+	* src/passwd.c: Declare the check_selinux_access prototype and
+	avoid name clashes (change_user -> changed_user; change_uid ->
+	changed_uid; access -> requested_access)
+	* libmisc/list.c: Avoid assignments in comparisons, assignments
+	with post increments (x++), use of integers as booleans, and
+	explicitly mark blocks with brackets.
+	* libmisc/fields.c: Likewise.
+	* libmisc/copydir.c: Likewise.
+	* libmisc/fields.c: Add comments.
+	* libmisc/copydir.c: Mark function whose return value is not
+	checked as such.
+
+2008-05-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/pam_pass.c: Use fputs rather than fprintf for constant
+	strings.
+
+2008-05-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.1.xml: Indicate that login should be executed with
+	"exec login" if called from a shell.
+
+2008-05-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/passwd.1.xml: Remove the advices for the choice of a good
+	password (they are debatable). Point to
+	http://en.wikipedia.org/wiki/Password_strength instead.
+
+2008-05-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, libmisc/salt.c (SHA_salt_size): Seed the RNG, and fix a
+	overflow. These caused the SHA salt size to always be 8 bytes,
+	instead of being in the 8-16 range. Thanks to Peter Vrabec
+	pvrabec@redhat.com for noticing.
+	* NEWS, libmisc/salt.c (SHA_salt_rounds): Seed the RNG with
+	seedRNG instead of srand, and fix the same overflow. This caused
+	the number of rounds to always be the smallest one.
+
+2008-05-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/newusers.8.xml man/groupmems.8.xml man/groupdel.8.xml
+	man/useradd.8.xml man/groupadd.8.xml man/newgrp.1.xml man/sg.1.xml
+	man/chgpasswd.8.xml man/groupmod.8.xml: Tag the section which
+	require --enable-shadowgrp accordingly.
+
+2008-05-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.5.xml: SHA_CRYPT_MAX_ROUNDS and
+	SHA_CRYPT_MIN_ROUNDS can only exist if configured with
+	--with-sha-crypt.
+
+2008-05-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, man/useradd.8.xml: Document the -k, --skel option, and
+	update the -m, --create-home documentation.
+
+2008-05-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/useradd.8.xml: Sort options.
+
+2008-05-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/getdef.c: SHA_CRYPT_MAX_ROUNDS and SHA_CRYPT_MIN_ROUNDS can
+	only exist if configured with --with-sha-crypt.
+	* man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml: Likewise.
+
+2008-05-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/salt.c: Document the section closed by #endif
+
+2008-05-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Fix formatting.
+
+2008-05-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, man/useradd.8.xml: Document the -r, --system option.
+	* NEWS, man/groupadd.8.xml: Document the -r, --system option.
+	* NEWS, man/newusers.8.xml: Document the -r, --system option.
+	* NEWS, man/newusers.8.xml: Document the -c, --crypt-method and
+	-s, --sha-rounds options.
+
+2008-05-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Import Debian patch 487_passwd_chauthtok_failed_message
+	* libmisc/pam_pass.c: Be more verbose and indicate that the
+	password was not changed when pam_chauthtok fails (in addition to
+	the PAM error, which may not be comprehensible for the users).
+
+2008-05-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Import Debian patch 434_login_stop_checking_args_after--
+	* NEWS, src/login.c (check_flags): Stop checking the arguments
+	after --. The later options will be sent to the shell, and do not
+	need to be checked.
+
+2008-05-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/vipw.c, src/su.c, src/newgrp.c: Harmonize the children's
+	SIGSTOP handling. Raise the signal which stopped the child instead
+	of always SIGSTOP.
+
+2008-05-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Import Debian patch 406_vipw_resume_properly.
+	Thanks to Dean Gaudet.
+	* NEWS, src/vipw.c: Resume properly after ^Z.
+
+2008-04-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/getdef.c, lib/lockpw.c, lib/utent.c, lib/sgetgrent.c,
+	lib/getdef.h, lib/pwauth.c, lib/sgetspent.c, lib/pwauth.h,
+	lib/port.c, lib/encrypt.c, lib/groupio.c, lib/shadowmem.c,
+	lib/port.h, lib/groupio.h, lib/groupmem.c, lib/exitcodes.h,
+	lib/gshadow.c, lib/gshadow_.h, lib/sgroupio.c, lib/sgroupio.h,
+	lib/shadowio.c, lib/pwio.c, lib/sgetpwent.c, lib/commonio.c,
+	lib/faillog.h, lib/shadowio.h, lib/pwio.h, lib/pam_defs.h,
+	lib/pwmem.c, lib/commonio.h, lib/shadow.c, lib/fputsx.c,
+	lib/prototypes.h, libmisc/xmalloc.c, libmisc/limits.c,
+	libmisc/entry.c, libmisc/console.c, libmisc/ulimit.c,
+	libmisc/xgetXXbyYY.c, libmisc/chkname.c, libmisc/pwd2spwd.c,
+	libmisc/xgetpwnam.c, libmisc/basename.c, libmisc/chkname.h,
+	libmisc/chowndir.c, libmisc/audit_help.c, libmisc/chowntty.c,
+	libmisc/hushed.c, libmisc/xgetpwuid.c, libmisc/getdate.h,
+	libmisc/addgrps.c, libmisc/xgetgrgid.c, libmisc/utmp.c,
+	libmisc/myname.c, libmisc/failure.c, libmisc/find_new_ids.c,
+	libmisc/env.c, libmisc/rlogin.c, libmisc/age.c, libmisc/failure.h,
+	libmisc/xgetgrnam.c, libmisc/yesno.c, libmisc/valid.c,
+	libmisc/getlong.c, libmisc/obscure.c, libmisc/pam_pass.c,
+	libmisc/motd.c, libmisc/salt.c, libmisc/setugid.c,
+	libmisc/fields.c, libmisc/xgetspnam.c, libmisc/shell.c,
+	libmisc/copydir.c, libmisc/setupenv.c, libmisc/strtoday.c,
+	libmisc/loginprompt.c, libmisc/list.c, libmisc/pwd_init.c,
+	libmisc/log.c, libmisc/mail.c, libmisc/ttytype.c,
+	libmisc/pwdcheck.c, libmisc/sub.c, libmisc/sulog.c,
+	libmisc/isexpired.c, libmisc/tz.c, src/newgrp.c, src/userdel.c,
+	src/lastlog.c, src/grpck.c, src/gpasswd.c, src/newusers.c,
+	src/pwconv.c, src/chpasswd.c, src/logoutd.c, src/chfn.c,
+	src/groupmems.c, src/usermod.c, src/pwunconv.c, src/expiry.c,
+	src/groupdel.c, src/chgpasswd.c, src/vipw.c, src/useradd.c,
+	src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c,
+	src/groupadd.c, src/nologin.c, src/chage.c, src/login.c,
+	src/suauth.c, src/faillog.c, src/grpconv.c, src/groups.c,
+	src/sulogin.c, src/grpunconv.c, src/chsh.c, src/id.c: Make sure
+	every source files are distributed with a copyright and license.
+	Files with no license use the default 3-clauses BSD license. The
+	copyright were mostly not recorded; they were updated according to
+	the Changelog. "Julianne Frances Haugh and contributors" changed
+	to "copyright holders and contributors".
+
+2008-04-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, libmisc/sulog.c: If the SULOG_FILE does not exist when an
+	su session is logged, make sure the file is created with group
+	root, instead of using the group of the caller.
+
+2008-04-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, libmisc/fields.c, src/chfn.c, man/chfn.1.xml: Allow
+	non-US-ASCII characters in the GECOS fields ("name", "room
+	number", and "other info" fields).
+
+2008-04-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newgrp.c: Fix compilation failure when compiled with
+	audit support. Thanks to Mike Frysinger for reporting it.
+
+2008-04-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Ensure that getpwent() is used in setpwent(), getpwent(),
+	endpwend() sequences (ditto for getgrent(), getspent(), and
+	getsgent()). The only real (minor) issue was in login, which kept
+	the passwd file open.
+	* libmisc/entry.c: Remove unneeded setspent() and endspent() (only
+	getspnam is called in the middle).
+	* libmisc/find_new_ids.c: Make sure to close the password and
+	group files with endpwent() and endgrent().
+	* libmisc/pwdcheck.c: Remove unneeded endspent() (only getspnam()
+	is called before).
+	* src/lastlog.c, src/passwd.c, src/groupmod.c, src/faillog.c,
+	src/groups.c: Make sure to close
+	the password file with endpwent().
+	* src/login.c: Remove unneeded setpwent() (only xgetpwnam is
+	called before).
+	* src/login.c, src/newgrp.c: Fix typos in comments.
+
+2008-04-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, configure.in: Fix the detection of the audit, pam, and
+	selinux. Fail if the feature is requested but the library (or
+	header file) could not be found. If nothing is specified, enable
+	the feature only if we can find the library (or header file).
+	* configure.in: Document --with-selinux as "yes if found" rather
+	than "autodetected" for consistency with other options.
+
+2008-04-04  Mark Rosenstand  <mark@borkware.net>
+
+	* NEWS, etc/pam.d/Makefile.am: Add chfn, chsh, and userdel to
+	$(pamd_files). Remove the duplicate useradd. And sort
+	alphabetically.
+
+2008-04-04  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS: Prepare next release, 4.1.2.
+
+2008-04-02  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, configure.in: Prepare release 4.1.1
+	* NEWS: Fix the release date of 4.1.0. Was in 2007, not 2008.
+
+2008-04-02  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/fr.po: Update according to the file under review.
+	Thanks to Jean-Luc Coulon.
+
+2008-04-01  Holger Wansing  <linux@wansing-online.de>
+
+	* po/de.po: updated to 431t
+
+2008-03-31  Piarres Beobide  <pi+debian@beobide.net>
+
+	* po/eu.po: updated to 431t
+
+2008-03-30  Leandro Azevedo  <leorock182@gmail.com>
+
+	* po/pt_BR.po: updated to 360t71f
+
+2008-03-30  Mehmet Türker <mturker@innova.com.tr>
+
+	* po/tr.po: updated to 431t
+
+2008-03-30  Clytie Siddall  <clytie@riverland.net.au>
+
+	* po/vi.po: updated to 431t
+
+2008-03-30  Daniel Nylander  <yeager@ubuntu.com>
+
+	* po/sv.po: updated to 431t
+
+2008-03-29  helix84 <helix84@centrum.sk>
+
+	* po/sk.po: updated to 431t
+
+2008-03-27  Danilo Piazzalunga  <danilopiazza@gmail.com>
+
+	* po/it.po: updated to 431t
+
+2008-03-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* TODO: Added entries regarding SE Linux.
+
+2008-03-26  Russell Coker  <russell@coker.com.au>
+
+	* src/passwd.c, NEWS: Make SE Linux tests more strict, when the
+	real UID is 0 SE Linux checks will be performed.
+
+2008-03-24  Yuri Kozlov  <kozlov.y@gmail.com>
+
+	* po/ru.po: updated to 431t
+
+2008-03-23  Miguel Figueiredo  <elmig@debianpt.org>
+
+	* po/pt.po: updated to 431t
+
+2008-03-21  Changwoo Ryu  <cwryu@debian.org>
+
+	* po/ko.po: updated to 431t
+
+2008-03-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.5.xml: Fix manpages generation. The SYS_GID_MAX
+	and SYS_UID_MAX entities were not defined.
+
+2008-03-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/faillog.c: Fix minor compilation warning (assignment used as
+	a comparison).
+
+2008-03-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h, src/login.c: login_access() is used in
+	src/login.c, and defined in src/login_nopam.c (which lacks a
+	prototype). Move its prototype from src/login.c to
+	lib/prototypes.h.
+
+2008-03-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c, src/groupmod.c: Compilation fix. gshadow_locked
+	should only be used if SHADOWGRP is defined.
+
+2008-03-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/grpck.c: Fix some warnings. compare_members_lists() is only
+	used if SHADOWGRP is defined.
+
+2008-03-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/groupmod.c: Make sure the passwd, group, and gshadow
+	files are unlocked on exit. Unlock locked files in fail_exit().
+	Prefer fail_exit() over exit().
+	* NEWS, src/groupmod.c: When the GID of a group is changed, update
+	also the GID of the passwd entries of the users whose primary
+	group is the group being modified.
+
+2008-03-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c (commonio_remove): Fail when the name to be
+	removed is used by different entries (like commonio_update does).
+	* NEWS: This fix the behavior of groupdel when the system is not
+	configured to support split group but different group entries
+	have the name of the group to be deleted.
+
+2008-03-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/useradd.c: Make sure the passwd, group, shadow, and
+	gshadow files are unlocked on exit. Unlock locked files in
+	fail_exit(). Prefer fail_exit() over exit().
+
+2008-03-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/groupdel.c: Make sure the group, and gshadow files are
+	unlocked on exit. Add function fail_exit(). Use fail_exit()
+	instead of exit().
+	* src/groupdel.c: Fail immediately instead of increasing errors.
+	Better handling of error cases, like locked group or gshadow file.
+
+2008-03-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newusers.c: Make sure the passwd, group, shadow, and
+	gshadow files are unlocked on exit. Add function fail_exit(). Use
+	fail_exit() instead of exit().
+
+2008-03-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/gpasswd.c: Make sure the group and gshadow files are
+	unlocked on exit. Add function fail_exit(). Use fail_exit()
+	instead of exit().
+
+2008-03-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/groupdel.c: Do not rewrite the group and gshadow file
+	in case of error.
+
+2008-03-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupdel.c: Do not log that the group was deleted if an
+	error occurred.
+
+2008-03-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/groupdel.c: Do not raise an error if the group does
+	not exist in the gshadow file.
+
+2008-03-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* etc/login.defs: Document MAX_MEMBERS_PER_GROUP.
+
+2008-03-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newgrp.c: Add missing end of line in message.
+	* src/newgrp.c: Add audit events for the authentication
+	(AUDIT_GRP_AUTH). Thansk to Peter Vrabec.
+
+2008-03-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/faillog.c: Only reset the entries of existing users
+	with faillog -r (not all numeric IDs starting from 0). Thanks to
+	Peter Vrabec.
+
+2008-03-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwunconv.c: Fix typo. One "can't open" message is a "can't
+	lock".
+
+2008-02-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c: When a password is moved to the gshadow file, use
+	"x" instead of "!" to indicate that the password is shadowed
+	(consistency with grpconv).
+
+2008-02-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS: Fix failures when the gshadow file is not present. Thanks
+	to Christian Henz (http://bugs.debian.org/467488)
+	* src/gpasswd.c (get_group): Do not fail if gshadow is not present. Just use
+	the group file and set the grent structure
+	* src/gpasswd.c (check_perms): The permissions should be checked
+	using both the gshadow and group file. Add a <struct group *>
+	parameter, and check if the gshadow file exists (is_shadowgrp).
+	* src/gpasswd.c (main): Do not use sgent.sg_mem or sgent.sg_adm if
+	the gshadow file is not present (sgent is not initialized in that
+	case). The fields of sgent can be set, but not used.
+
+2008-02-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c: Fix typo in comment.
+	* src/gpasswd.c: Move comment regarding FIRST_MEMBER_IS_ADMIN to
+	where it belongs.
+	* src/gpasswd.c: Indicate the end of the #ifdef FIRST_MEMBER_IS_ADMIN
+	section.
+
+2008-02-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/Makefile.in.in: Use --previous when merging PO files of
+	the manpages.
+
+2008-02-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.d/SYS_UID_MAX.xml, man/login.defs.d/SYS_GID_MAX.xml:
+	Document new variables.
+	* man/newusers.8.xml, man/login.defs.5.xml,
+	man/login.defs.d/GID_MAX.xml, man/login.defs.d/UID_MAX.xml:
+	newusers uses now the GID_MAX, GID_MIN, UID_MAX, UID_MIN,
+	SYS_GID_MAX, SYS_GID_MIN, SYS_UID_MAX, and SYS_UID_MIN variables.
+	* man/groupadd.8.xml, man/login.defs.5.xml: groupadd uses now the
+	SYS_GID_MAX, and SYS_GID_MIN variables.
+	* man/login.defs.5.xml: useradd uses now the SYS_GID_MAX,
+	SYS_GID_MIN, SYS_UID_MAX, and SYS_UID_MIN variables.
+	* man/Makefile.am: Add the new XML documentation files to EXTRA_DIST.
+
+2008-02-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/getdef.c: Added missing SYS_GID_MAX, SYS_GID_MIN,
+	SYS_UID_MAX, and SYS_UID_MIN.
+
+2008-02-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/useradd.c, man/useradd.8.xml: Added options
+	--user-group (-U, Uflg) and --no-user-group (-N, Nflg) to replace
+	nflg.
+	* man/login.defs.d/USERGROUPS_ENAB.xml: useradd now also uses
+	USERGROUPS_ENAB.
+
+2008-02-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupmod.c: Add missing 'p' to the getopt_long's optstring.
+
+2008-02-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupadd.c: Add missing 'p' to the getopt_long's optstring.
+	* src/groupadd.c: Fix --non-unique's has_arg field to no_argument
+	instead of required_argument.
+	* src/groupadd.c: Add missing -p, --password description to the
+	Usage message.
+
+2008-02-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, etc/login.defs: Set GID_MIN to the same value as UID_MIN
+	by default (1000).
+	* NEWS, etc/login.defs: Added variables SYS_UID_MIN (100),
+	SYS_UID_MAX (999), SYS_GID_MIN (100), SYS_GID_MAX (999) for system
+	accounts.
+	* libmisc/find_new_ids.c: Added support for system accounts in
+	find_new_uid() and find_new_gid().
+	* NEWS, src/newusers.c, src/useradd.c, src/groupadd.c: Added new
+	option -r, --system for system accounts in useradd, groupadd, and
+	newusers.
+
+2008-02-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/groupmems.c: Fix buffer overflow when adding an user
+	to a group. Thanks to Peter Vrabec.
+
+2008-02-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, etc/useradd: Change the default HOME directory in
+	/etc/default/useradd according FHS (/home instead of /home/users).
+	This fixes Alioth's bug #310559. Thanks to Dale E. Edmons.
+
+2008-02-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newgrp.c: Use the correct AUDIT_CHGRP_ID event instead of
+	AUDIT_USER_START, when changing the user space group ID with
+	newgrp or sg. Thanks to sgrubb@redhat.com for the patch.
+
+2008-02-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Reset oflg with uflg if the new UID is equal to
+	the old one.
+	* src/usermod.c: Reset mflg with dflg if the new home directory is
+	the same as the old one.
+
+2008-02-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/usermod.c: Fix the handling of -a when a user is being
+	renamed (with -l). The new name of the user was used for the new
+	supplementary groups, but not in the existing ones.
+
+2008-02-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newusers.c: Set the shadow's password instead of the
+	passwd's password. Fix wrong cut&paste.
+
+2008-02-03  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Use a function to convert the dates from
+	/etc/shadow to human readable dates.
+	* src/usermod.c: Really log the expiration date change as human
+	readable strings instead of integers.
+	* src/usermod.c: No need to check audit_fd, audit_logger() will
+	take care of this.
+
+2008-02-03  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Do not translate the fromhost variable. It is
+	always used for syslog messages.
+
+2008-02-03  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, lib/defines.h: Switch to the C locale before sending
+	messages to syslog. The messages sent by shadow were not
+	translated, but error messages from PAM returned by pam_strerror()
+	were translated in the users's locale.
+
+2008-02-03  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS: newusers will behave more like useradd.
+	* src/newusers.c: The user's ID must be found before the group ID
+	to mimic useradd's behavior choices of UID and GID.
+	* src/newusers.c: Reuse the generic find_new_uid() and
+	find_new_gid() functions. This permits to respect the
+	UID_MIN/UID_MAX and GID_MIN/GID_MAX variables, should 
+	* src/newusers.c: Check if the user or group exist using the
+	external databases (with the libc getpwnam/getgrnam functions).
+	Refuse to update an user which exist in an external database but
+	does not exist in the local database.
+	* src/newusers.c: Check the usernames and groupnames with
+	check_user_name() and check_group_name()
+	* src/newusers.c: Use isdigit() for readability.
+	* src/newusers.c: Check if numerical IDs are valid (no remaining
+	chars).
+
+2008-02-03  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newusers.c: Fix the support for the NONE crypt method.
+
+2008-02-03  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newusers.c: Fix shadow group support (the list of admins was
+	not defined; it is now set to an empty list).
+
+2008-02-03  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, libmisc/salt.c: Do not seed the random number generator
+	each time, and use the time in microseconds to avoid having the
+	same salt for different passwords generated in the same second.
+	This permits to avoid using the same salt for different passwords
+	in newusers.
+
+2008-02-03  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/pwio.c, lib/pwio.h: New function to find an user by
+	its UID on the local database.
+	* lib/groupio.c, lib/groupio.h: New function to find a group by
+	its GID on the local database.
+	* libmisc/find_new_ids.c, lib/prototypes.h: Add new generic
+	functions to find the next user or group ID available:
+	find_new_uid() and find_new_gid(). They work the same way as the
+	functions with the same name of useradd or groupadd, except that
+	they check in the local database to make sure an ID was not
+	reserved in an uncommitted change (this is needed to be used in
+	newusers), they report a status instead of calling exit(), and
+	they can receive a preferred ID. They should later support system
+	IDs. This should be a little bit slower, but not too much (if the
+	database is not open the checks against the local database will
+	exit immediately, and if it is already open, all the checks will be
+	done regarding the data in memory).
+	* po/POTFILES.in: The new libmisc/find_new_ids.c file contains
+	translatable strings.
+	* libmisc/Makefile.am: Add libmisc/find_new_ids.c to the sources
+	of the libmisc library.
+	* src/useradd.c, src/groupadd.c: Use the find_new_uid() and
+	find_new_gid() from the library instead of the local functions.
+
+2008-02-02  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/*.po: Updated PO files.
+	* libmisc/age.c, libmisc/yesno.c, src/lastlog.c, src/grpck.c,
+	src/chfn.c, src/passwd.c, src/chage.c, src/login.c, src/sulogin.c,
+	src/chsh.c: Fix call to puts (remove end of line, or use fputs).
+	* po/*.po: Unfuzzy PO files according to above change.
+
+2008-01-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Fix build failures with --disable-shadowgrp. Thanks to Jürgen
+	Daubert for the patch.
+	* libmisc/salt.c: Include <stdio.h>, needed for stderr and printf
+	functions.
+	* lib/encrypt.c: Include <stdio.h>, needed for perror, stderr and
+	printf functions
+	* src/usermod.c: sgr_locked exists only if SHADOWGRP is defined.
+	* src/chgpasswd.c: Only check is the gshadow file exists if
+	SHADOWGRP is defined.
+
+2008-01-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/gpasswd.c, src/chfn.c, src/chage.c, src/chsh.c, src/grpck.c,
+	src/vipw.c, src/pwck.c, src/sulogin.c, src/newgrp.c,
+	src/userdel.c, src/lastlog.c, src/groupmems.c, src/usermod.c,
+	src/expiry.c, src/groupdel.c, src/useradd.c, src/su.c,
+	src/groupmod.c, src/passwd.c, src/groupadd.c, src/login.c,
+	src/suauth.c, src/faillog.c, src/id.c, libmisc/limits.c,
+	libmisc/addgrps.c, libmisc/env.c, libmisc/age.c, libmisc/yesno.c,
+	lib/getdef.c: Replace printf by puts for fixed strings. This would
+	avoid issues caused by formats introduced in translated strings.
+
+2008-01-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Strings improvement s/can't get unique/no more
+	available/.
+
+2008-01-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/usermod.c: Check that the new fields set with -u, -s,
+	-l, -g, -f, -e, -d, and -c differ from the old ones. If a
+	requested new value is equal to the old one, no changes will
+	be performed for that field. If no fields are changed, usermod
+	will exist successfully with a warning. This avoids logging
+	changes to syslog when there are actually no changes.
+
+2008-01-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Always define user_newcomment, user_newshell,
+	user_newexpire, and user_newinactive. It is more simple to always
+	have user_<x> as the old field, and user_new<x> as the new field
+	(even if the field did not change) instead of changing the
+	algorithm depending on WITH_AUDIT.
+
+2008-01-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: user_newname can only be used in WITH_AUDIT code
+	or when lflg is set. This issue was introduced in the code
+	refactoring of usermod.
+
+2008-01-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupadd.c: Fix typo in comment: s/find_new_uid/find_new_gid/
+
+2008-01-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: s/gid/GID/ in message string.
+	* src/useradd.c: Set this string for translation.
+
+2008-01-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/grpck.8.xml: Fix typo. Remove "the" from "All entries in the
+	<filename></filename> are checked [...]"
+	* man/grpck.8.xml: Conditionally include the parts mentioning the
+	gshadow file (based on SHADOWGRP).
+	* man/grpck.8.xml: Add reference to the gshadow(5) manpage
+	(conditionally included).
+
+2008-01-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/grpck.8.xml, man/pwck.8.xml: Indicate that the shadow
+	parameter is optional (i.e. a passwd file can be specified without
+	a shadow file, and the group file can be specified without the
+	gshadow file).
+
+2008-01-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/grpck.8.xml: Document the options with a list of options,
+	as in the pwck(8) manpage.
+
+2008-01-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newgrp.c: Fix segfault when an user returns to an
+	unknown GID (either the user was deleted during the user's newgrp
+	session or the user's passwd entry referenced an invalid group).
+	Add a syslog warning in that case.
+	* src/newgrp.c: Add an end of line when reporting an invalid
+	password.
+
+2008-01-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/useradd.c: Fix the handling of the --defaults option
+	(it required an argument, but should behave as -D)
+	* NEWS, man/useradd.8.xml: Document the --defaults option, which
+	was already described in the useradd's Usage information.
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/passwd.c: Avoid setting the password to a const empty
+	string, but set the first char to \0. This avoids a warning.
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/salt.c: Add prototype for l64a(), gensalt(),
+	SHA_salt_size(), and SHA_salt_rounds().
+	* libmisc/salt.c: l64a() and gensalt() are static.
+	* libmisc/salt.c: The `meth' parameter of crypt_make_salt() is a
+	const. (ditto for the method variable).
+	* libmisc/salt.c: SHA_salt_rounds returns a const string.
+	* libmisc/salt.c: Avoid warnings with cast of random() to double.
+	* libmisc/salt.c: Replace rand() by random().
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/Makefile.am: Do not link libshadow.la with the intl, crypt,
+	skey and md libraries...
+	* src/Makefile.am: ...Specify for each binary which library is
+	required. skey and md are required for the binaries with
+	authentication of the user (chfn, chsh, login, passwd, su). intl
+	is required for all. mcrypt is required for user (chfn, chsh,
+	login, passwd, su, sulogin) and group (newgrp, gpasswd)
+	authentication and for the creation of passwords (chpasswd,
+	chgpasswd, gpasswd, newusers, passwd).
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/nscd.c, lib/nscd.h: Set the service parameter of
+	nscd_flush_cache() to const. This avoids a lot of warnings.
+	* lib/nscd.c: Include "nscd.h" to avoid inconsistent prototypes.
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/encrypt.c: Set the method string as a constant string.
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/port.c: Assume <errno.h> declares errno.
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/fr.po: Fix typo: s/rend compte indiqué/rend le compte
+	indiqué/
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/suauth.c: Remove prototype of check_su_auth(). It is
+	redundant with prototypes.h.
+	* src/suauth.c: isgrp() is static.
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/obscure.c: Tag the `old' parameter of palindrome(),
+	similar(), and simple() as unused.
+	* libmisc/loginprompt.c: Tag the `sig' parameter of login_exit()
+	as unused.
+	* src/expiry.c: Tag the `sig' parameter of catch_signals() as
+	unused.
+	* src/su.c: Tag the `sig' parameter of catch_signals() as unused.
+	* src/su.c: Add int parameter to the prototype of oldsig().
+	* src/login.c: Tag the `sig' parameter of alarm_handler() as
+	unused.
+	* src/sulogin.c: Tag the `sig' parameter of catch_signals() as
+	unused.
+	* libmisc/getdate.y: Tag the `string' parameter of yyerror() as
+	unused.
+	* libmisc/getdate.y: The string provided to yyerror() is const.
+	* libmisc/getdate.y: Fix the prototypes of yylex() and yyerror().
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/defines.h: Remove teh macro definition of SETXXENT_TYPE,
+	SETXXENT_RET, and SETXXENT_TEST. They were used by the now
+	removed pwent.c and grent.c.
+	* lib/defines.h: Remove the definition of PASSWD_PAG_FILE,
+	GROUP_PAG_FILE, SHADOW_PAG_FILE, and SGROUP_PAG_FILE. They are
+	never used.
+	* lib/defines.h: Don't include "snprintf.h". The file does not
+	exist in shadow.
+	* lib/defines.h: Add new macro unused to tag unused parameters.
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c, src/groupmems.c: Assume optarg and optind are
+	declared in <getopt.h>.
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Remove the pw_name argument of new_pw_passwd. Use
+	the user_newname global variable instead. This avoid using a
+	parameter with the same name as a function.
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newgrp.c: Removed unused gid parameter of syslog_sg().
+	* src/newgrp.c: The loginname and tty buffers are never changed.
+	Add the const qualifier.
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chpasswd.c, src/chgpasswd.c: The crypt_method string always
+	points to a constant string. Add the const qualifier.
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwunconv.c: Remove prototype of l64a() (not used in
+	pwunconv).
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login_nopam.c: Use an ANSI prototype for resolve_hostname()
+	instead of K&R prototype.
+	* src/login_nopam.c: Fix the prototypes of list_match(),
+	user_match(), from_match(), string_match(). There were no
+	parameters in the prototypes.
+	* src/login_nopam.c: Fix the prototypes of the function parameter
+	match_fn of list_match().
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/copydir.c: Remove the src parameter of copy_special().
+	The entry's information are taken from the stat structure.
+
+2008-01-06  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/console.c, libmisc/ulimit.c, lib/sgetgrent.c,
+	lib/sgetpwent.c: Include "prototypes.h" to make
+	sure the exported prototypes are the ones used for the definition
+	of functions.
+	* lib/prototypes.h: Added prototypes for __gr_del_entry(),
+	__gr_get_db(), __gr_get_head(), __gr_set_changed(), __gr_dup(),
+	__pw_del_entry(), __pw_get_db(), __pw_get_head(), __pw_dup(),
+	sgetgrent(), sgetpwent(), __sgr_del_entry(), __sgr_dup(),
+	__sgr_get_head(), __sgr_set_changed(), __spw_get_head(),
+	__spw_del_entry(), __spw_dup().
+	* lib/prototypes.h: Removed prototype for is_listed().
+	* lib/prototypes.h: Added name of the check_su_auth()'s parameters.
+	* lib/groupio.h: Removed prototypes for __gr_dup() and
+	__gr_set_changed().
+	* lib/sgroupio.c: Removed prototypes for putsgent(), sgetsgent(),
+	and __gr_get_db().
+	* lib/sgroupio.h: Removed prototypes for __sgr_dup() and
+	__sgr_set_changed().
+	* lib/shadowio.c: Removed prototype for __pw_get_db().
+	* lib/pwio.c: Removed prototype for sgetpwent() and putpwent().
+	* lib/shadowio.h: Removed prototypes for __spw_dup() and
+	__spw_set_changed().
+	* lib/pwio.h: Removed prototypes for __pw_dup() and
+	__pw_set_changed().
+	* lib/commonio.h: Add protection against multiple inclusions.
+	* lib/prototypes.h: Include commonio.h (needed for the
+	__xx_del_entry() functions).
+	* src/grpck.c: Remove prototypes for __gr_del_entry(),
+	__gr_get_head(), __sgr_del_entry(), and __sgr_get_head().
+	* src/pwck.c: Remove prototypes for __pw_del_entry(),
+	__pw_get_head(), __spw_del_entry(), and __spw_get_head().
+	* lib/groupio.c: Remove prototype for sgetgrent().
+	* lib/groupio.c: Add the name of the parameters for
+	merge_group_entries() and split_groups().
+	* lib/groupio.h: Remove prototypes for __gr_dup() and
+	__gr_set_changed().
+
+2008-01-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/groupadd.8.xml, man/groupmod.8.xml: Add documentation for
+	the new --password options.
+
+2008-01-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Fix find_new_gid() prototype. Add a void
+	parameter.
+
+2008-01-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h: Add the dolastlog() prototype.
+	* lib/prototypes.h: Typo: login.c -> loginprompt.c
+	* src/login.c: Remove declaration of dolastlog().
+	* lib/prototypes.h: Include <lastlog.h> for the declaration of
+	struct lastlog.
+	* lib/prototypes.h: Remove old comments in the header.
+
+2008-01-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/pwdcheck.c: Do not include <pwd.h>. Include <shadow.h>
+	and "pwauth.h" only when compiled without PAM support.
+	* src/chfn.c, src/chsh.c: Do not include <shadow.h>
+	* lib/commonio.c: Do not include <shadow.h>. Do not include
+	<pwd.h>. Include "nscd.h" instead of <nscd.h>.
+
+2008-01-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: Do not check if shadow.h exist, but make sure it
+	exists.
+	* libmisc/pwdcheck.c, src/chfn.c, src/chsh.c, lib/defines.h,
+	lib/shadowmem.c, lib/shadowio.c, lib/commonio.c:
+	HAVE_SHADOW_H is no more needed (shadow.h should always exist).
+
+2008-01-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/groupio.c: Remove prototype of putgrent(), add parameter's
+	name of sgetgrent().
+	* lib/prototypes.h: Fix the do_pam_passwd() prototype (it returns
+	void).
+
+2008-01-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/groupmod.c, src/groupadd.c: Add option --password to
+	groupadd and groupmod (similar to useradd and usermod).
+
+2008-01-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h: grent.c does not exist anymore. Remove the
+	putgrent prototype.
+	* lib/prototypes.h: "shadowio.h" was included for the definition
+	of the spwd structure. Replace this include by <shadow.h>
+	* libmisc/xmalloc.c, libmisc/utmp.c, libmisc/strtoday.c,
+	libmisc/pwd_init.c, libmisc/tz.c, lib/port.c, lib/fputsx.c,
+	libmisc/pam_pass.c, libmisc/log.c: Include "prototypes.h" to make
+	sure the exported prototypes are the ones used for the definition
+	of functions.
+	* libmisc/console.c: Define is_listed() as static and add its
+	prototype.
+	* libmisc/xgetXXbyYY.c, libmisc/yesno.c: Include config.h as a
+	system include, as recommended by the autoconf documentation.
+	* src/chage.c: Define isnum() as static and add its prototype.
+	* libmisc/xgetspnam.c: Add missing include "shadowio.h". (This was
+	OK as long as prototypes.h included this file.)
+	* src/nologin.c: Make a proper prototype for the main() function
+	declaration. (add void)
+	* src/login.c: login_prompt is the name of a function, use
+	loginprompt for the internal variable.
+	* src/chsh.c: loginsh is a global variable, use newshell for the
+	update_shell()'s parameter.
+	* lib/gshadow.c: The prototypes of fgetsx() and fputsx() are
+	already defined in prototypes.h. Remove the declaration of these
+	functions.
+	* lib/gshdow.c: list() is an external function. DO not shadow it
+	with a static function. The internal list() was renamed
+	build_list().
+	* lib/commonio.c: stat shadows another stat variable. Remove this
+	variable, and directly check the result of getfscreatecon().
+	* libmisc/utmp.c: Remove the declaration of getutent(),
+	getutline(), setutent(), and endutent() which are declared in
+	<utmp.h>
+
+2008-01-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newgrp.c: Remove duplicate logging to syslog.
+
+2008-01-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newgrp.c: Avoid assignments in conditionals.
+	* src/newgrp.c: Split check_perms(), syslog_sg() out of main().
+
+2008-01-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/shadow.c: Avoid assignments in conditionals.
+
+2008-01-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/groupio.c (split_groups): Test the pointer returned by malloc.
+
+2008-01-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c: Document add_one_entry_nis(), write_all(),
+	commonio_remove(), commonio_locate(), and commonio_rewind().
+
+2008-01-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwck.c: Avoid implicit brackets.
+	* src/pwck.c: Avoid implicit conversions to booleans.
+
+2008-01-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/grpck.c: Avoid implicit brackets.
+	* src/grpck.c: Avoid implicit conversions to booleans.
+
+2008-01-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS: No functional changes were introduced by the previous pwck
+	and grpck changes, except for the following bug fix: no syslog
+	logging if a passwd or group file was specified on the command
+	line without a shadowed database file, even if the system shadowed
+	database was changed).
+
+2008-01-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwck.c: Fix typos in comments (gshadow/shadow).
+
+2008-01-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/pwck.c: Split process_flags(), open_files(), close_files()
+	check_pw_file(), and check_spw_file() out of main(). New global
+	variables is_shadow, sort_mode, use_system_pw_file, and
+	use_system_spw_file.
+
+2008-01-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/xgetXXbyYY.c: De-comment code (duplicate the entry when
+	the _R function is not present on the system).
+
+2008-01-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/lastlog.c: Remove statbuf, not used.
+	* src/lastlog.c: Fix types, cast umin and umax to uid_t.
+	* src/lastlog.c: (option -u) user needs to be a signed long, not
+	uid_t (to accept rangees like -<uid>
+
+2008-01-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Avoid ?: construct without the middle term.
+
+2008-01-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/copydir.c, src/usermod.c, lib/prototypes.h: The uid and
+	gid parameters can be set to -1 to indicate that the original
+	owners must be kept. Change the types from uid_t/gid_t to a
+	long int (signed).
+	* libmisc/copydir.c: Change the copy_entry(), copy_dir(),
+	copy_symlink(), copy_special(), and copy_file() prototypes
+	accordingly.
+	* lib/prototypes.h: Add the parameters' name for the
+	libmisc/copydir.c functions.
+
+2008-01-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/limits.c, libmisc/obscure.c, src/login_nopam.c,
+	lib/pwauth.c: Avoid empty file when USE_PAM is set.
+	* libmisc/audit_help.c: Avoid empty file when WITH_AUDIT is not set.
+	* src/login_nopam.c: Fix warnings: resolve_hostname takes and
+	returns a constant string.
+
+2008-01-01  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/grpck.c: Split process_flags(), open_files(), and
+	close_files() out of main(). New global variables is_shadow,
+	sort_mode, use_system_grp_file, and use_system_sgr_file.
+	* src/grpck.c: Split check_grp_file() and check_sgr_file() out of
+	main().
+	* src/grpck.c: Split check_members() and compare_members_lists()
+	out of check_grp_file() and check_sgr_file().
+
+2007-12-31  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/Makefile.in.in: If remove-potcdate.sin does not exist,
+	use the one from teh po directory (it is not installed
+	automatically by autopoint.
+
+2007-12-31  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.h: Fix the type of the bitfields in the commonio_entry
+	and commonio_db structures to unsigned int (instead of int).
+
+2007-12-31  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chsh.c: Split process_flags(), check_perms(), and update_shell()
+	out of main().
+	* src/chsh.c: Before pam_end(), the return value of the previous
+	pam API was already checked. No need to validate it again.
+	* src/chsh.c: Avoid implicit brackets.
+	* src/chsh.c: Avoid assignments in comparisons.
+
+2007-12-31  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chfn.c: New function: process_flags() split out of main().
+	The flags variables are now global.
+	* src/chfn.c: New functions: check_perms(), update_gecos(),
+	get_old_fields(), and check_fields() split out of main().
+	* src/chfn.c: Before pam_end(), the return value of the previous
+	pam API was already checked. No need to validate it again.
+	* src/chfn.c: Avoid implicit brackets.
+	* src/chfn.c: Document may_change_field().
+	* src/chfn.c: Avoid implicit conversions to booleans.
+	* src/chfn.c: Avoid assignments in comparisons.
+
+2007-12-31  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newusers.c: Compilation fix for PAM support (pamh needs to be
+	global since the function split).
+	* src/chpasswd.c: Likewise.
+	* src/chgpasswd.c: Likewise.
+	* src/chpasswd.c: Avoid implicit conversions to booleans.
+
+2007-12-31  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chage.c: Fix typo: s/maximim/maximum/
+	* src/chage.c: New function: fail_exit(). Change most of the exit()
+	to a fail_exit, which makes sure the files are unlocked (new global
+	variables: pw_locked, spw_locked), the PAM transaction is ended, and
+	the failure is logged to libaudit (use a global user_name and user_uid
+	for logging).
+	* src/chage.c: Compilation fix for PAM support (pamh needs to be
+	global since the function split).
+	* src/chage.c: Document process_flags(), check_flags(), check_perms(),
+	open_files(), and close_files().
+	* src/chage.c: Split update_age() and get_defaults() out of main()
+	* src/chage.c: Drop the privileges just after opening the files.
+	* src/chage.c: Do not log to audit only if the user has an entry in
+	the shadow file.
+	* NEWS, src/chage.c (open_files): Also open the password file for
+	writing. This fix chage when the user only has a password entry (and
+	no shadow entries).
+	* src/chage.c (get_defaults): Use default values that don't change the
+	behavior of the account for the fields that are not specified when the
+	user has no shadow entry.
+
+2007-12-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupadd.c: Compilation fix for PAM support (pamh needs to be
+	global since the function split).
+	* src/groupadd.c: End the PAM transaction in fail_exit().
+	* src/groupadd.c: Document check_flags().
+
+2007-12-30  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/vipw.c: Compilation fix for non-gshadow support.
+
+2007-12-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newusers.c: Added support for gshadow.
+
+2007-12-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newusers.c: Do not add the new user to the group's
+	members, because the group is already the primary group of the new
+	user.
+
+2007-12-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	newusers cleanups
+	* src/newusers.c: main() split in new functions: process_flags(),
+	check_flags(), check_perms(), open_files(), and close_files().
+	* src/newusers.c: Before pam_end(), the return value of the previous
+	pam API was already checked. No need to validate it again.
+	* src/newusers.c: Avoid implicit brackets.
+	* src/newusers.c: Avoid assignments in comparisons.
+	* src/newusers.c: Avoid variables with the name of a type.
+
+2007-12-29  Nicolas François  <nicolas.francois@centraliens.net>
+
+	chage cleanups
+	* src/chage.c: Before pam_end(), the return value of the previous
+	pam API was already checked. No need to validate it again.
+	* src/chage.c: main() split in new functions: process_flags(),
+	check_flags(), check_perms(), open_files(), and close_files().
+	* src/chage.c: Avoid using a variable with the same name as a type.
+	* src/chage.c: Remove dead code. It was probably put here to add more
+	information to the audit_logger.
+	* src/chage.c: Avoid implicit brackets.
+	* src/chage.c: Avoid implicit conversion to booleans.
+	* src/chage.c: Avoid assignments in comparisons.
+
+2007-12-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Same changes for chgpasswd:
+	* src/chgpasswd.c: Before pam_end(), the return value of the previous
+	pam API was already checked. No need to validate it again.
+	* src/chgpasswd.c: main() split in process_flags(), check_flags(),
+	check_perms(), open_files(), and close_files().
+	* src/chgpasswd.c: Avoid assignments in comparisons.
+	* src/chgpasswd.c: Avoid implicit brackets.
+	* src/chgpasswd.c: Fix comments to match chgpasswd (group instead of
+	user's passwords are changed).
+
+2007-12-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chpasswd.c: Before pam_end(), the return value of the previous
+	pam API was already checked. No need to validate it again.
+	* src/chpasswd.c: New functions: process_flags(), check_flags(),
+	check_perms(). Split out of main().
+	* src/chpasswd.c: Other new functions: open_files(), close_files().
+	This force flushing the password database after the password file is
+	unlocked.
+	* src/chpasswd.c: Avoid assignments in comparisons.
+	* src/chpasswd.c: Avoid implicit brackets.
+
+2007-12-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/groupadd.c (find_new_gid): A group with the specified name
+	cannot exist at that time. Remove the check.
+	* src/groupadd.c (find_new_gid): If oflg is set, gflg is also set.
+	Use (!gflg), which is clearer than (!gflg || !oflg).
+	* src/groupadd.c (find_new_gid): find_new_gid is never called when an
+	GID is specified with -g. Simplify find_new_gid accordingly.
+	* src/groupadd.c (process_flags): prefer fail_exit to exit. This avoid
+	an explicit call to audit_logger().
+	* src/groupadd.c (main): Before pam_end(), the return value of the
+	previous pam API was already checked. No need to validate it again.
+	* src/groupadd.c (main, check_perms): New function check_perms().
+	Split the validation of the user's permissions out of main()
+
+2007-12-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	src/groupadd.c cleanup
+	* src/groupadd.c (fail_exit): When compiled without AUDIT support, if
+	the return code was E_SUCCESS, fail_exit() wouldn't have exited. Fix
+	the scope of #idef WITH_AUDIT.
+	* src/groupadd.c: Avoid implicit brackets.
+	* src/groupadd.c: Split the processing and checking of options out of
+	main() (process_flags).
+	* src/groupadd.c: New function check_flags(). Split the validation of
+	options and arguments out of process_flags.
+	* src/groupadd.c: Add the parameters' names in the prototypes.
+
+2007-12-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	libmisc/copydir.c cleanup
+	* libmisc/copydir.c: Split copy_tree() in more maintainable functions:
+	copy_entry(), copy_dir(), copy_symlink(), copy_hardlink(),
+	copy_special(), and copy_file().
+	* libmisc/copydir.c: -1 is used to indicate an error, directly set err
+	to -1, instead of incrementing it, and checking if not nul at the
+	end.
+	* libmisc/copydir.c: Avoid assignments in comparisons.
+	* libmisc/copydir.c: Document selinux_file_context.
+	* libmisc/copydir.c: Avoid implicit brackets.
+	* libmisc/copydir.c: Avoid implicit conversions to booleans.
+
+2007-12-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	gpasswd cleanup
+	* src/gpasswd.c: Add argument name to the internal function
+	prototypes.
+	* src/gpasswd.c: Document global variables.
+	* src/gpasswd.c: New function: process_flags(). Split the processing
+	of options out of main().
+	* src/gpasswd.c: New functions: open_files(), close_files(),
+	update_group(). Split out from main() to simplify this (too) big
+	function.
+	* src/gpasswd.c: New functions: check_perms(), get_group(),
+	change_passwd(), check_flags(). Split out of main() to simplify main().
+	* src/gpasswd.c: Avoid implicit brackets.
+	* src/gpasswd.c: Avoid assignments in comparisons.
+	* src/gpasswd.c: Avoid implicit conversions to booleans.
+
+2007-12-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Merge Debian's patch 462_warn_to_edit_shadow
+	* NEW, src/vipw.c: Recommend editing the shadowed (resp. regular) file
+	if the regular (resp. shadowed) file was edited.
+
+2007-12-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Merge Debian's patch 451_login_PATH
+	* NEWS, libmisc/setupenv.c: Export PATH according to ENV_PATH and
+	ENV_SUPATH, as for su. This impacts login.
+	* man/login.1.xml: PATH and SUPATH are now used both when PAM support
+	is disabled and enabled.
+
+2007-12-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Merge Debian's patch 496_login_init_session
+	* src/login.c, src/sulogin.c: If started as init, start a new session.
+
+2007-12-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Merge Debian's patch 408_passwd_check_arguments
+	* NEWS, src/passwd.c: Make sure that no more than one username
+	argument was provided.
+
+2007-12-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Merge Debian's patch 412_lastlog_-u_numerical_range
+	* NEWS, src/lastlog.c, man/lastlog.8.xml: Accept numerical user, or
+	ranges with the -u option.
+
+2007-12-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Merge Debian's patch 466_fflush-prompt
+	* libmisc/Makefile.am, lib/prototypes.h, libmisc/yesno.c, src/grpck.c,
+	src/pwck.c: move yes_or_no() from grpck/pwck to a separate
+	libmisc/yesno.c (with a read_only argument).
+	* libmisc/fields.c, libmisc/yesno.c: Make sure stdout is flushed before
+	reading the user's answer.
+
+2007-12-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Merge Debian's patch 480_getopt_args_reorder
+	* NEWS, src/su.c: su's arguments are now reordered.
+
+2007-12-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Merge RedHat's patch shadow-4.0.18.1-mtime.patch:
+	* NEWS: Document that usermod will now preserve user's file modification
+	and access time.
+	* libmisc/copydir.c: Preserve the access and modification time of copied
+	files. This is important for usermod. This will also impact useradd, for
+	the skeleton files, but this is not important.
+	* libmisc/copydir.c: Stop and return an error if a file could not be
+	closed after during a copy.
+
+2007-12-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Cleanups:
+	* src/useradd.c (find_new_gid): Check that gflg is not set (assert).
+	* src/useradd.c (find_new_gid): Do not check the group name uniqueness
+	(already checked in main).
+	* src/useradd.c (find_new_gid): Avoid a "continue" in the loop.
+	* src/useradd.c (find_new_gid): Remove irrelevant comments.
+	* src/useradd.c (find_new_gid): Fix the function definition's comment.
+
+2007-12-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Merge RedHat's patch shadow-4.0.18.1-findNewUidOnce.patch:
+	* src/useradd.c (usr_update): Do not call find_new_uid(). The UID was
+	already either specified or found by another call to find_new_uid().
+	* src/useradd.c (find_new_uid): Always start with uid_min (find_new_uid()
+	is never called when user_id was already specified).
+	* src/useradd.c (find_new_uid): Fix the comments (find_new_uid() is not
+	called when the UID is specified (uflg)).
+	* src/useradd.c (main): Only call find_new_uid() if (!oflg) and (!uflg).
+	If uflg is set (but not oflg), check the UID uniqueness.
+	* src/useradd.c (find_new_uid): Don't check the uid and user name
+	uniqueness in find_new_uid(). The user name uniqueness is already checked
+	during the parameter validation. UID uniqueness is also checked (see
+	above).
+	* src/useradd.c (find_new_uid): Don't check uflg in find_new_uid().
+	* src/useradd.c (find_new_uid): Make sure that find_new_uid() is not
+	called when uflg is set (assert).
+
+2007-12-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Merge RedHat's patch shadow-4.1.0-lOption.patch
+	* NEWS, src/useradd.c, man/useradd.8.xml: Add option -l to avoid adding
+	the user to the lastlog and faillog databases.
+
+2007-12-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c, src/groupadd.c: NO_GETPWENT is no more supported. Remove
+	associated chunks of code.
+
+2007-12-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/groupadd.8.xml: Document the long options (--force, --gid, --key,
+	--non-unique).
+
+2007-12-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Merge RedHat's patch shadow-4.0.3-noinst.patch
+	* NEWS, lib/Makefile.am: Do not install the shadow library per default.
+	lib_LTLIBRARIES changed to noinst_LTLIBRARIES.
+
+2007-12-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, configure.in: Prepare the 4.1.0 release.
+
+2007-12-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/chgpasswd.c: Use chgpasswd PAM policy file instead of
+	chpasswd's one.
+
+2007-12-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/pwconv.8.xml: Fix typos.
+	* man/chpasswd.8.xml, man/chgpasswd.8.xml: Document the NONE crypt
+	method.
+	* man/login.defs.d/MAIL_DIR.xml: Add comment regarding useradd not
+	using MAIL_FILE.
+	* man/login.defs.d/ERASECHAR.xml, man/login.defs.d/KILLCHAR.xml,
+	man/login.defs.d/CONSOLE_GROUPS.xml, man/login.defs.d/ENV_HZ.xml,
+	man/login.defs.d/ENV_PATH.xml, man/login.defs.d/ENV_SUPATH.xml:
+	These variables are also used by some tools when compiled with PAM
+	support.
+	* man/login.defs.d/ENV_HZ.xml: Add note that it is only used by
+	sulogin when compiled with PAM support.
+	* man/login.defs.d/ENV_SUPATH.xml: Typos: ENV_PATH -> ENV_SUPATH,
+	and mention sbin in the path.
+	* man/login.defs.d/LOGIN_STRING.xml: Fix typo: confition ->
+	condition.
+	* man/sg.1.xml: Add CONFIGURATION section (SYSLOG_SG_ENAB).
+	* man/su.1.xml: ENV_HZ, LOGIN_STRING, MAIL_DIR, USERGROUPS_ENAB
+	are only used when su is compiled without PAM support.
+	* man/login.defs.5.xml: Added variables: OBSCURE_CHECKS_ENAB
+	PASS_ALWAYS_WARN PASS_CHANGE_TRIES SULOG_FILE SU_NAME
+	SU_WHEEL_ONLY SYSLOG_SG_ENAB SYSLOG_SU_ENAB.
+	* man/login.defs.5.xml: ENVIRON_FILE is only used when compiled
+	without PAM support.
+	* man/login.defs.5.xml: sulogin uses variables even when compiled
+	with PAM support.
+	* man/login.1.xml: ENV_HZ ENV_PATH ENV_SUPATH MAIL_DIR UMASK are
+	only used when login is not compiled with PAM support.
+
+2007-12-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Make sure is_console is only defined when USE_PAM
+	is not defined.
+
+2007-12-09  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/pwd2spwd.c: Fix time() prototype.
+
+2007-12-08  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.d/CONSOLE_GROUPS.xml,
+	man/login.defs.d/CONSOLE.xml, man/login.defs.d/DEFAULT_HOME.xml,
+	man/login.defs.d/ENV_HZ.xml, man/login.defs.d/ENVIRON_FILE.xml,
+	man/login.defs.d/ENV_PATH.xml, man/login.defs.d/ENV_SUPATH.xml,
+	man/login.defs.d/ENV_TZ.xml, man/login.defs.d/ERASECHAR.xml,
+	man/login.defs.d/FAIL_DELAY.xml,
+	man/login.defs.d/FAILLOG_ENAB.xml,
+	man/login.defs.d/FAKE_SHELL.xml, man/login.defs.d/FTMP_FILE.xml,
+	man/login.defs.d/HUSHLOGIN_FILE.xml,
+	man/login.defs.d/ISSUE_FILE.xml, man/login.defs.d/KILLCHAR.xml,
+	man/login.defs.d/LASTLOG_ENAB.xml, man/login.defs.d/LOGIN_RETRIES.xml,
+	man/login.defs.d/LOGIN_TIMEOUT.xml, man/login.defs.d/LOG_OK_LOGINS.xml,
+	man/login.defs.d/LOG_UNKFAIL_ENAB.xml,
+	man/login.defs.d/MAIL_CHECK_ENAB.xml, man/login.defs.d/MOTD_FILE.xml,
+	man/login.defs.d/NOLOGINS_FILE.xml,
+	man/login.defs.d/OBSCURE_CHECKS_ENAB.xml,
+	man/login.defs.d/PASS_ALWAYS_WARN.xml,
+	man/login.defs.d/PASS_CHANGE_TRIES.xml,
+	man/login.defs.d/PASS_MAX_LEN.xml,
+	man/login.defs.d/PORTTIME_CHECKS_ENAB.xml,
+	man/login.defs.d/QUOTAS_ENAB.xml, man/login.defs.d/SULOG_FILE.xml,
+	man/login.defs.d/SU_NAME.xml, man/login.defs.d/SU_WHEEL_ONLY.xml,
+	man/login.defs.d/SYSLOG_SG_ENAB.xml,
+	man/login.defs.d/SYSLOG_SU_ENAB.xml,
+	man/login.defs.d/TTYGROUP.xml, man/login.defs.d/TTYTYPE_FILE.xml,
+	man/login.defs.d/ULIMIT.xml, man/login.defs.d/USERGROUPS_ENAB.xml:
+	New documentation of login.defs variables.
+	* man/login.defs.d/MAIL_DIR.xml: Updated. It now contains the
+	MAIL_FILE documentation.
+	* man/login.defs.d/LOGIN_STRING.xml: Updated. Mentions %s.
+	* man/pwconv.8.xml, man/groupmems.8.xml, man/groupdel.8.xml,
+	man/useradd.8.xml, man/pwck.8.xml, man/groupadd.8.xml,
+	man/sulogin.8.xml, man/newgrp.1.xml, man/usermod.8.xml,
+	man/su.1.xml, man/vipw.8.xml, man/passwd.1.xml,
+	man/groupmod.8.xml, man/login.1.xml, man/userdel.8.xml,
+	man/grpck.8.xml: Added CONFIGURATION section.
+	* man/generate_mans.mak: The generations of manpages depends on
+	the variables from the Makefiles. Add the dependency on Makefile.
+	* man/login.defs.5.xml: New login.defs variable documented.
+	* man/Makefile.am: Added XML variable documentation to the
+	distributed files.
+
+2007-12-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/gshadow.5.xml: Fix the newgrp section in the gshadow.5
+	manpage. Thanks to Andre Majorel <aym-naibed@teaser.fr>.
+
+2007-11-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/Makefile.am: Added the login.defs variables description to
+	the man's EXTRA_DIST.
+
+2007-11-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/chfn.1.xml: Uses CHFN_AUTH, CHFN_RESTRICT, LOGIN_STRING.
+	* man/chgpasswd.8.xml: Uses ENCRYPT_METHOD, MAX_MEMBERS_PER_GROUP,
+	MD5_CRYPT_ENAB, SHA_CRYPT_MIN_ROUNDS (SHA_CRYPT_MAX_ROUNDS).
+	* man/chpasswd.8.xml: Switch to using entities for ENCRYPT_METHOD,
+	MD5_CRYPT_ENAB, SHA_CRYPT_MIN_ROUNDS (SHA_CRYPT_MAX_ROUNDS).
+	* man/chsh.1.xml: Uses CHSH_AUTH, LOGIN_STRING.
+	* man/expiry.1.xml: Does not use any login.defs parameter.
+	* man/gpasswd.1.xml: Uses ENCRYPT_METHOD, MAX_MEMBERS_PER_GROUP,
+	MD5_CRYPT_ENAB, SHA_CRYPT_MIN_ROUNDS.
+	* man/login.defs.5.xml: Added CHSH_AUTH.
+	* man/login.defs.5.xml: Cross reference -> cross references.
+	* man/login.defs.5.xml: chfn only uses CHFN_AUTH when no_pam.
+	* man/login.defs.5.xml: chsh uses CHSH_AUTH, not CHFN_AUTH.
+	* man/login.defs.d/CHSH_AUTH.xml: Added.
+	* man/login.defs.5.xml: chsh uses parameters only when no_pam.
+	* man/login.defs.5.xml: expiry does not use CONSOLE_GROUPS, even
+	if linked in the binary.
+	* man/newusers.8.xml: Uses ENCRYPT_METHOD, MAX_MEMBERS_PER_GROUP,
+	MD5_CRYPT_ENAB, PASS_MAX_DAYS, PASS_MIN_DAYS, PASS_WARN_AGE,
+	SHA_CRYPT_MIN_ROUNDS, UMASK.
+
+2007-11-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/generate_translations.mak, man/po/Makefile.in.in: Add
+	--expand-all-entities to the call to xml2po to avoid translating
+	the external entities separately.
+
+2007-11-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.d/, man/login.defs.d/CHFN_RESTRICT.xml,
+	man/login.defs.d/MAIL_DIR.xml, man/login.defs.d/PASS_MAX_DAYS.xml,
+	man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml,
+	man/login.defs.d/CHFN_AUTH.xml, man/login.defs.d/MD5_CRYPT_ENAB.xml,
+	man/login.defs.d/PASS_WARN_AGE.xml, ·man/login.defs.d/UMASK.xml,
+	man/login.defs.d/PASS_MIN_DAYS.xml, man/login.defs.d/UID_MAX.xml,
+	man/login.defs.d/LOGIN_STRING.xml, man/login.defs.d/GID_MAX.xml,
+	man/login.defs.d/ENCRYPT_METHOD.xml, man/login.defs.d/USERDEL_CMD.xml,
+	man/login.defs.d/MAX_MEMBERS_PER_GROUP.xml, man/login.defs.5.xml:
+	Put each variable description in an external entities. This will permit
+	to reference them in the various utils manpages.
+	* man/login.defs.5.xml: Describe the usage of variables by each
+	tools when compiled without PAM support.
+
+2007-11-26  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/stats: Do not generate gmo files.
+
+2007-11-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/po/LINGUAS: Added missing LINGUAS.
+	* man/po/de.po, man/po/fr.po, man/po/it.po, man/po/pl.po,
+	man/po/ru.po, man/po/sv.po: Updated.
+
+2007-11-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in, man/po/Makefile.in.in, man/po/Makevars,
+	man/po/POTFILES.in, man/Makefile.am: Generate the PO files for the
+	manpages in the man/po directory (instead of man/<lang>). Use a
+	Makefile.in.in based on gettext's one. This ensure that the PO are
+	generated before being used in the <lang> directories.
+	* man/generate_mans.mak, man/generate_translations.mak,
+	man/Makefile.am: New makefile for the generation of manpages from
+	XML (generate_mans.mak). This avoid duplicate chunks in
+	generate_translations.mak and Makefile.am
+	* man/de/de.po, man/fr/fr.po, man/it/it.po, man/pl/pl.po,
+	man/ru/ru.po, man/sv/sv.po: Moved to...
+	* man/po/de.po, man/po/fr.po, man/po/it.po, man/po/pl.po,
+	man/po/ru.po, man/po/sv.po: ... here.
+
+2007-11-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c, src/lastlog.c, src/newusers.c, src/chpasswd.c,
+	src/usermod.c, src/chgpasswd.c, src/vipw.c, src/useradd.c,
+	src/su.c, src/groupmod.c, src/passwd.c, src/groupadd.c,
+	src/chage.c, src/faillog.c, src/chsh.c: Do not use tabulations in
+	Usage strings.
+	* po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po,
+	po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/hu.po, po/id.po,
+	po/it.po, po/ja.po, po/nb.po, po/pl.po, po/pt_BR.po, po/pt.po,
+	po/ro.po, po/ru.po, po/sk.po, po/sv.po, po/tl.po, po/tr.po,
+	po/uk.po, po/vi.po: Unfuzzy previous changes.
+	* po/bs.po, po/he.po, po/nn.po, po/sq.po: No Usage string
+	translated. Just updated PO.
+	* po/dz.po, po/km.po, po/ko.po, po/ne.po, po/nl.po, po/zh_CN.po,
+	po/zh_TW.po: It would be too error prone for me to unfuzzy these
+	ones. Updated PO. (km and ne should be reviewed: options are
+	translated).
+
+2007-11-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/ne.po, po/bs.po, po/cs.po, po/pt_BR.po, po/km.po, po/es.po,
+	po/eu.po, po/ko.po, po/hu.po, po/sk.po, po/vi.po, po/uk.po,
+	po/ro.po, po/sq.po, po/ru.po, po/id.po, po/nb.po, po/el.po,
+	po/gl.po, po/fr.po, po/nl.po, po/pl.po, po/nn.po, po/it.po,
+	po/dz.po, po/tl.po, po/pt.po, po/ca.po, po/da.po, po/tr.po,
+	po/sv.po, po/de.po, po/ja.po, po/zh_TW.po, po/he.po, po/fi.po,
+	po/zh_CN.po: Run "make update-po" in the po directory.
+
+2007-11-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: New configure option: --with-sha-crypt enabled by
+	default. Keeping the feature enabled is safe. Disabling it permits
+	to disable the references to the SHA256 and SHA512 password
+	encryption algorithms from the usage help and manuals (in addition
+	to the support for these algorithms in the code).
+	* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
+	src/chpasswd.c, src/chgpasswd.c, src/passwd.c: ENCRYPT_METHOD is
+	always supported in login.defs. Remove the ENCRYPTMETHOD_SELECT
+	preprocessor condition.
+	* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
+	src/chpasswd.c, src/chgpasswd.c, src/passwd.c: Disable SHA256 and
+	SHA512 if USE_SHA_CRYPT is not defined (this corresponds to a
+	subset of the ENCRYPTMETHOD_SELECT sections).
+
+2007-11-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/encrypt.c: If we requested a non DES encryption, make sure
+	crypt returned a encrypted password longer than 13 chars. This
+	protects against the GNU crypt() which does not return NULL if the
+	algorithm is not supported, and return a DES encrypted password.
+
+2007-11-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/groupio.c: Add missing #include "getdef.h"
+
+2007-11-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newusers.c: Provide the crypt method to all the
+	crypt_make_salt invocations.
+	* src/newusers.c: Tag the ENCRYPTMETHOD_SELECT dependent code
+	accordingly.
+
+2007-11-24  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/salt.c: Make sure method is not NULL, defaulting to DES.
+	Thanks to Dan Kopecek <dkopecek@redhat.com>.
+	* src/chpasswd.c, src/chgpasswd.c: Do not use DES by default, but
+	the system default define in /Etc/login.defs. Thanks to Dan
+	Kopecek <dkopecek@redhat.com>.
+	* NEWS, man/chpasswd.8.xml, man/chgpasswd.8.xml: Do not mention
+	DES as the default algorithm.
+	* src/chpasswd.c, src/chgpasswd.c: Tag the ENCRYPTMETHOD_SELECT
+	dependent code accordingly.
+
+2007-11-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/salt.c: Move the srandom call to gensalt.
+	* libmisc/salt.c (gensalt): Replace the test on salt_size by an
+	assert.
+
+2007-11-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Patch contributed by Dan Kopecek <dkopecek@redhat.com>
+	* src/chpasswd.c, src/chgpasswd.c, src/newusers.c: Fix compilation
+	when ENCRYPTMETHOD_SELECT is not defined.
+	* libmisc/salt.c (MAGNUM): The nul char was put on (array)[2]
+	instead of (array)[3].
+	* libmisc/salt.c: MAGNUM should be defined even if
+	ENCRYPTMETHOD_SELECT is not defined.
+	* libmisc/salt.c: Use random instead of rand.
+	* libmisc/salt.c (gensalt): New function to generate a salt
+	(instead of using gettimeofday).
+
+2007-11-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newusers.c: New options -c/--crypt-method
+	-s/--sha-rounds.
+
+2007-11-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chpasswd.c: Added crypt method: NONE.
+	* src/chpasswd.c: Added --sha-rounds to the usage().
+	* libmisc/Makefile.am, libmisc/getlong.c, src/chgpasswd.c,
+	src/chpasswd.c, lib/prototypes.h: New getlong function. Replace
+	chpasswd's and chgpasswd's getnumber.
+
+2007-11-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/groupio.c: Removed unused variable 'member'.
+
+2007-11-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/chpasswd.8.xml: Document the variables used by chpasswd.
+	The definitions are copied from login.defs. I should try to use a
+	less error prone process for this.
+
+2007-11-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/login.defs.5.xml: Use <replaceable> for the values set by
+	users. (was sometimes <emphasis remap='I'>)
+	* man/login.defs.5.xml: Use <option> vor the variable names. This
+	makes the manpage much more readable.
+	* man/login.defs.5.xml (ENCRYPT_METHOD, MD5_CRYPT_ENAB,
+	SHA_CRYPT_MIN_ROUNDS, SHA_CRYPT_MAX_ROUNDS): Mention that command
+	line option may supersede the system setting.
+	* man/login.defs.5.xml: Document the variables used by chpasswd
+	and chgpasswd.
+
+2007-11-23  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/shadowmem.c, lib/groupmem.c, lib/pwmem.c:
+	svn propset svn:keywords Id
+
+2007-11-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, lib/getdef.c, man/login.defs.5.xml: New login.defs
+	variable: MAX_MEMBERS_PER_GROUP. Used for the split groups support.
+	* lib/commonio.c, lib/commonio.h: Add an open_hook and close_hook
+	operation. They are called after the database is actually opened
+	and parse, or before it is closed.
+	* lib/groupio.c: Add an open_hook to merge split groups, and an
+	close group to split groups if MAX_MEMBERS_PER_GROUP is set.
+	This fixes gpasswd and chgpasswd when split groups are used.
+	* lib/sgroupio.c, lib/shadowio.c, lib/pwio.c: No open or close
+	hooks for these databases. (unsure about what should be the gshadow
+	behavior for split groups)
+
+2007-11-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/gpasswd.c: Read the group and shadow groups using
+	gr_locate and sgr_locate. gpasswd write in the file database. Thus
+	it should read information from the file database, not using
+	getgrnam. The change to sgr_locate is just for consistency. This
+	requires opening the group databases (read only) using
+	gr_open/sgr_open.
+
+2007-11-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: SHADOWGRP added to AM_CONDITIONAL for the
+	generation of manpages.
+	* man/generate_translations.mak: Added pam/no_pam condition (like
+	in man/Makefile.am).
+	* man/Makefile.am, man/generate_translations.mak: Added
+	gshadow/no_gshadow condition.
+	* man/gpasswd.1.xml: Use the gshadow/no_gshadow condition to
+	change the manpage depending on the shadow group support.
+	* NEWS: Indicate that manpages should be re-generated if configure
+	option are changed, due to conditions.
+
+2007-11-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/ru.po: Updated to 399t. Thanks to Yuri Kozlov <kozlov.y@gmail.com>.
+	* man/po/ru.po: Updated to 757t. Thanks also to Yuri Kozlov
+	<kozlov.y@gmail.com>.
+
+2007-11-22  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/Makefile.am: Add support for conditionally including
+	paragraphs. (e.g. to support the documentation of PAM and !PAM
+	features).
+
+2007-11-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/newusers.8.xml: Added /etc/gshadow, /etc/group, /etc/shadow,
+	and /etc/passwd to section FILES.
+	* man/newusers.8.xml: Mentions that PAM is not used to set the
+	passwords.
+	* man/chpasswd.8.xml: Added section FILES (/etc/passwd,
+	/etc/shadow, /etc/login.defs).
+	* man/chpasswd.8.xml: Use the same paragraph as in newusers.8.xml
+	to indicate that PAM is not used.
+	* man/chgpasswd.8.xml: Added section FILES (/etc/group,
+	/etc/gshadow, /etc/login.defs).
+
+2007-11-21  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newusers.c: Try harder to get the GID equal to the UID.
+	This was not the case when the GID is not specified, and a GID
+	exist with an ID higher than the all the UIDs.
+	* src/newusers.c: Typo in comment: contrained -> constrained.
+
+2007-11-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chgpasswd.c: If the shadow group file is not present, do not
+	try to locate the group entry from /etc/gshadow, and set the
+	password in /etc/group.
+
+2007-11-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/obscure.c, libmisc/salt.c, src/passwd.c: Match DES, MD5,
+	SHA256, and SHA512 exactly (not only the first 3/6 chars).
+	* libmisc/salt.c (SHA_salt_rounds): Set rounds to the specified
+	prefered_rounds value, if specified.
+	* src/gpasswd.c, libmisc/salt.c: Fix compilation warnings (use
+	size_t for lengths).
+	* src/chpasswd.c, src/chgpasswd.c: Add missing parenthesis.
+
+2007-11-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/sv, man/de, man/fr, man/pl, man/ru, man/it: Ignore the
+	generated manpages. Add *.[1358] to the svn:ignore property.
+
+2007-11-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/chgpasswd.c, src/chpasswd.c: The -c, -e, and -m options are
+	exclusives.
+
+2007-11-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/chpasswd.8.xml, man/chgpasswd.8.xml: Document how the
+	encryption algorithm is chosen for the passwords. Document the new
+	-c and -s options. Add a reference to login.defs(5).
+	* man/login.defs.5.xml: Document the ENCRYPT_METHOD,
+	MD5_CRYPT_ENAB, SHA_CRYPT_MIN_ROUNDS, and SHA_CRYPT_MAX_ROUNDS
+	variables.
+	* etc/login.defs: Indicate that MD5_CRYPT_ENAB is deprecated.
+	Document the relationship with PAM for MD5_CRYPT_ENAB and
+	ENCRYPT_METHOD.
+
+2007-11-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/passwd.c: Increase the size of crypt_passwd from 128 to 256
+	to avoid overflow in case of SHA512 (161 should be sufficient).
+
+2007-11-20  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h, libmisc/salt.c: Add parameters to
+	crypt_make_salt to force the crypt method and number of rounds.
+	* libmisc/salt.c: Add parameter to SHA_salt_rounds to force the
+	number of rounds.
+	* libmisc/salt.c, lib/getdef.c: ENCRYPT_METHOD and MD5_CRYPT_ENAB
+	are needed also when USE_PAM (e.g. for chpasswd).
+	* src/passwd.c, src/newusers.c, src/gpasswd.c: Use the new
+	crypt_make_salt prototype
+	* src/chpasswd.c, src/chgpasswd.c: Add option -c, --crypt-method
+	and -s, --sha-rounds to specify the crypt method and number of
+	rounds in case of one of the SHA methods. The new prototype of
+	crypt_make_salt simplifies the handling of -m, --md5.
+
+2007-11-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/salt.c: The salt has a random size (between 8 and 16
+	bytes).
+	* lib/getdef.c, etc/login.defs: Add definitions for
+	SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS.
+	* libmisc/salt.c: Use SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS
+	to add a random number of rounds if needed.
+
+2007-11-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/salt.c (MAGNUM): Terminate the array with nul (the array
+	is then used with strcat).
+	* libmisc/salt.c (crypt_make_salt): Initialize result[0] to nul at
+	the beginning (was not initialized when USE_PAM).
+	* libmisc/salt.c (crypt_make_salt): Check that ENCRYPT_METHOD is a
+	valid crypt method.
+
+2007-11-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, libmisc/obscure.c, libmisc/salt.c, src/passwd.c,
+	lib/getdef.c, etc/login.defs: Add support for SHA256 and SHA512
+	encrypt methods. Apply RedHat's patch shadow-4.0.18.1-sha256.patch.
+	Thanks to Peter Vrabec. Hardly no changes except re-indent and
+	changes related to recent modifications (max_salt_len in
+	crypt_make_salt). Changes in lib/defines.h not applied (definition
+	of ENCRYPTMETHOD_SELECT). I will add a configure check or flag.
+
+2007-11-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/de/Makefile.am: Add su.1 to the generated manpages.
+	* man/fr/Makefile.am: Add id.1 to EXTRA_DIST. It will be
+	generated.
+	* man/pl/Makefile.am: Add groupmems.8 to the generated manpages.
+	* man/it/Makefile.am: Add logoutd.8 to EXTRA_DIST. It will be
+	generated.
+	* man/de/su.1, man/fr/id.1, man/pl/groupmems.8, man/it/logoutd.8:
+	Removed, since auto-generated.
+
+2007-11-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Fix some compilation warnings:
+	* src/login.c: "dereferencing type-punned pointer will break
+	strict-aliasing rules", add a variable indirection: ptr_pam_user.
+	* lib/commonio.c: do not initialize the sb stat structure.
+	* lib/pwio.c, lib/shadowio.c, lib/sgroupio.c, lib/groupio.c:
+	initialize the security context if WITH_SELINUX.
+	* lib/nscd.c: The service argument is not const (used in the exec*
+	parameters). This matches with the prototype definition.
+	* src/groupmems.c: Avoid ++i when i is also used in the same line.
+	* src/newusers.c: i is positive every time it is compared. Add
+	cast to unsigned int.
+	* src/nologin.c: Use a main() prototype with no arguments.
+	* libmisc/getdate.y: Initialize the type and value fields of the
+	terminating entry for each TABLE.
+	* libmisc/tz.c: Use "TZ=CST6CDT" as the default timezone.
+
+2007-11-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/pl/Makefile.am: Add getspnam.3 to EXTRA_DIST since it is
+	generated with shadow.3.
+	* man/generate_translations.mak: Clean all the manpages, based on
+	$(EXTRA_DIST), not $(man_MANS).
+
+2007-11-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/sv/getspnam.3, man/sv/faillog.5, man/sv/faillog.8,
+	man/sv/grpconv.8, man/sv/chsh.1, man/sv/shadow.3,
+	man/sv/grpunconv.8, man/sv/shadow.5, man/sv/newgrp.1,
+	man/sv/limits.5, man/sv/gpasswd.1, man/sv/sg.1, man/sv/userdel.8,
+	man/sv/lastlog.8, man/sv/login.access.5, man/sv/grpck.8,
+	man/sv/chfn.1, man/sv/expiry.1, man/sv/newusers.8,
+	man/sv/chpasswd.8, man/sv/pwconv.8, man/sv/logoutd.8,
+	man/sv/groupmems.8, man/sv/usermod.8, man/sv/pwunconv.8,
+	man/sv/su.1, man/sv/groupdel.8, man/sv/chgpasswd.8,
+	man/sv/login.defs.5, man/sv/vipw.8, man/sv/useradd.8,
+	man/sv/gshadow.5, man/sv/passwd.1, man/sv/groupmod.8,
+	man/sv/passwd.5, man/sv/chage.1, man/sv/porttime.5,
+	man/sv/login.1, man/sv/pwck.8, man/sv/nologin.8,
+	man/sv/groupadd.8, man/sv/suauth.5, man/sv/vigr.8,
+	man/sv/groups.1, man/de/passwd.1, man/de/newgrp.1, man/de/chsh.1,
+	man/de/passwd.5, man/de/login.1, man/de/vipw.8, man/de/chfn.1,
+	man/de/vigr.8, man/de/groups.1, man/fr/getspnam.3,
+	man/fr/faillog.5, man/fr/faillog.8, man/fr/grpconv.8,
+	man/fr/chsh.1, man/fr/shadow.3, man/fr/grpunconv.8,
+	man/fr/shadow.5, man/fr/newgrp.1, man/fr/limits.5,
+	man/fr/gpasswd.1, man/fr/sg.1, man/fr/userdel.8,
+	man/fr/login.access.5, man/fr/lastlog.8, man/fr/grpck.8,
+	man/fr/chfn.1, man/fr/expiry.1, man/fr/newusers.8,
+	man/fr/chpasswd.8, man/fr/pwconv.8, man/fr/logoutd.8,
+	man/fr/usermod.8, man/fr/pwunconv.8, man/fr/su.1,
+	man/fr/groupdel.8, man/fr/login.defs.5, man/fr/vipw.8,
+	man/fr/useradd.8, man/fr/gshadow.5, man/fr/passwd.1,
+	man/fr/groupmod.8, man/fr/passwd.5, man/fr/porttime.5,
+	man/fr/chage.1, man/fr/login.1, man/fr/pwck.8, man/fr/groupadd.8,
+	man/fr/suauth.5, man/fr/vigr.8, man/fr/groups.1, man/pl/faillog.5,
+	man/pl/faillog.8, man/pl/chsh.1, man/pl/grpconv.8,
+	man/pl/grpunconv.8, man/pl/shadow.5, man/pl/newgrp.1,
+	man/pl/limits.5, man/pl/gpasswd.1, man/pl/sg.1, man/pl/userdel.8,
+	man/pl/login.access.5, man/pl/lastlog.8, man/pl/grpck.8,
+	man/pl/chfn.1, man/pl/expiry.1, man/pl/newusers.8,
+	man/pl/pwconv.8, man/pl/chpasswd.8, man/pl/logoutd.8,
+	man/pl/usermod.8, man/pl/pwunconv.8, man/pl/su.1,
+	man/pl/groupdel.8, man/pl/vipw.8, man/pl/login.defs.5,
+	man/pl/useradd.8, man/pl/passwd.1, man/pl/groupmod.8,
+	man/pl/passwd.5, man/pl/porttime.5, man/pl/chage.1,
+	man/pl/login.1, man/pl/pwck.8, man/pl/groupadd.8, man/pl/suauth.5,
+	man/pl/vigr.8, man/pl/groups.1, man/ru/getspnam.3,
+	man/ru/faillog.5, man/ru/faillog.8, man/ru/grpconv.8,
+	man/ru/chsh.1, man/ru/shadow.3, man/ru/grpunconv.8,
+	man/ru/shadow.5, man/ru/newgrp.1, man/ru/limits.5,
+	man/ru/gpasswd.1, man/ru/sg.1, man/ru/userdel.8,
+	man/ru/login.access.5, man/ru/lastlog.8, man/ru/grpck.8,
+	man/ru/chfn.1, man/ru/expiry.1, man/ru/newusers.8,
+	man/ru/chpasswd.8, man/ru/pwconv.8, man/ru/logoutd.8,
+	man/ru/groupmems.8, man/ru/usermod.8, man/ru/pwunconv.8,
+	man/ru/su.1, man/ru/groupdel.8, man/ru/chgpasswd.8,
+	man/ru/login.defs.5, man/ru/vipw.8, man/ru/useradd.8,
+	man/ru/gshadow.5, man/ru/passwd.1, man/ru/groupmod.8,
+	man/ru/passwd.5, man/ru/chage.1, man/ru/porttime.5,
+	man/ru/login.1, man/ru/pwck.8, man/ru/nologin.8,
+	man/ru/groupadd.8, man/ru/suauth.5, man/ru/vigr.8,
+	man/ru/groups.1, man/it/getspnam.3, man/it/faillog.5,
+	man/it/faillog.8, man/it/grpconv.8, man/it/chsh.1,
+	man/it/shadow.3, man/it/grpunconv.8, man/it/shadow.5,
+	man/it/newgrp.1, man/it/gpasswd.1, man/it/sg.1, man/it/userdel.8,
+	man/it/lastlog.8, man/it/grpck.8, man/it/chfn.1, man/it/expiry.1,
+	man/it/newusers.8, man/it/chpasswd.8, man/it/pwconv.8,
+	man/it/usermod.8, man/it/pwunconv.8, man/it/su.1,
+	man/it/groupdel.8, man/it/vipw.8, man/it/useradd.8,
+	man/it/passwd.1, man/it/groupmod.8, man/it/passwd.5,
+	man/it/porttime.5, man/it/chage.1, man/it/login.1, man/it/pwck.8,
+	man/it/groupadd.8, man/it/vigr.8, man/it/groups.1,
+	man/pl/shadow.3, man/pl/sulogin.8, man/pl/id.1, man/ru/sulogin.8,
+	man/ru/id.1, man/it/id.1: Remove generated translated manpages.
+	They are still distributed with the shadow tarballs.
+
+2007-11-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/pl/chgpassw.8: Remove chgpassw.8 since the real manpage
+	should be named chgpasswd.8.
+
+2007-11-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/vigr.8.xml: Remove file. The vigr man page is generated from
+	the vipw XML file.
+
+2007-11-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/prototypes.h, configure.in, libmisc/Makefile.am,
+	libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
+	libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
+	Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
+	xgetgrgid(), and xgetspnam(). They allocate memory for the
+	returned structure and are more robust to successive calls. They
+	are implemented with the libc's getxxyyy_r() functions if
+	available.
+	* NEWS, libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
+	libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
+	libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c, src/login.c,
+	src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
+	src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
+	src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
+	src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
+	src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
+	src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
+	usage of one of the getpwnam(), getpwuid(), getgrnam(),
+	getgrgid(), and getspnam() functions. It was noticed on
+	http://bugs.debian.org/341230 that chfn and chsh use a passwd
+	structure after calling a pam function, which result in using
+	information from the passwd structure requested by pam, not the
+	original one. It is much easier to use the new xget... functions
+	to avoid these issues. I've checked which call to the original
+	get... functions could be left (reducing the scope of the
+	structure if possible), and I've left comments to ease future
+	reviews (e.g. /* local, no need for xgetpwnam */).
+	Note: the getpwent/getgrent calls should probably be checked also.
+	* src/groupdel.c, src/expiry.c: Fix typos in comments.
+	* src/groupmod.c: Re-indent.
+	* lib/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
+	lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
+	functions (used by the xget... functions) from the <xx>io.c files
+	to the new <xx>mem.c files. This avoid linking some utils against
+	the SELinux library.
+
+2007-11-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/pl/pl.po: Fix typo: chgpassw -> chgpasswd.
+	* man/pl/Makefile.am: Fix typo: chgpassw -> chgpasswd.
+	* man/de/de.po: groups shall not be translated (for command,
+	refname, or refentrytitle).
+
+2007-11-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Fix typo introduced while fixing
+	http://bugs.debian.org/451521 (compile fix).
+
+2007-11-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/Makefile.am: Fix typo: EXTRA_DOST -> EXTRA_DIST.
+
+2007-11-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login_nopam.c: Fix a typo in a comment.
+
+2007-11-18  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Do not document the behavior compared to old
+	versions.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/usermod.8.xml: Document the differences between locking an
+	account and locking a password.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/usermod.c: Refuse to unlock an account when it would
+	result in a passwordless account.  Based on Openwall's patch
+	shadow-4.0.4.1-owl-usermod-unlock.diff.
+	* NEWS, src/passwd.c: Likewise.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c (path_prefix): Make sure that the prefix is the
+	name of a directory (not only the beginning of a directory).
+	Openwall patch shadow-4.0.4.1-owl-userdel-path_prefix.diff.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newgrp.c: Do not give an indication that the group has no
+	password.
+	* src/newgrp.c: Do not only bail on syslog if the password is not
+	valid. Also give an indication to the user on stderr.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Fixes from Openwall patch shadow-4.0.4.1-owl-chage-drop-priv.diff:
+	* src/chage.c: Remove cleanup(). pw_lock is never called. Replace
+	cleanup(2) by spw_unlock and remove the calls to cleanup(1).
+	* src/chage.c: Remove variable pwrw. It is always set to 0. The
+	password database is always read only.
+	* src/chage.c: Make chage -l also drop the saved GID.
+	* src/chage.c: Prefer setregid/setreuid to setgid/setuid.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	Fixes from Openwall patch shadow-4.0.4.1-alt-man.diff:
+	* man/useradd.8.xml: Indicate that the NIS caveats is also valid
+	for any external database as LDAP.
+	* man/groupadd.8.xml: Likewise.
+	* man/groupadd.8.xml: Reorder and reformat the caveats bullets.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS: Applied Debian patch 409_man_generate_from_PO to
+	automatically generate the translated manpages from the POs.
+	* man/Makefile.am: Replace the individual rules for the generation
+	of the manpages (from XML) by a generic Makefile rule an
+	dependencies for the linked manpages.
+	* man/generate_translations.mak: Generic rules for all the
+	generated translated manpages (if ENABLE_REGENERATE_MAN).
+	* man/Makefile.am: Removed rules for all the generated translated
+	manpages.
+	* man/sv/Makefile.am, man/de/Makefile.am, man/fr/Makefile.am,
+	man/pl/Makefile.am, man/ru/Makefile.am, man/it/Makefile.am:
+	Include generate_translations.mak to handle the generated
+	translations (XML and roff files).
+	* man/Makefile.am: Translated XML files moved from the CLEANFILES
+	variable of man/Makefile.am to the various languages Makefiles.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/chpasswd.8.xml: Document that chpasswd does not use PAM to
+	update the passwords. This fixes http://bugs.debian.org/396726.
+	Debian patch 411_chpasswd_document_no_pam.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/su.c: Avoid terminating the PAM library in the forked
+	child.  This is done later in the parent after closing the PAM
+	session. This fixes http://bugs.debian.org/412061.
+	Debian patch 405_su_no_pam_end_before_exec.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/newgrp.1.xml: Mention sg in the newgrp manpage.
+	This fixes http://bugs.debian.org/396690.
+	Debian patch 410_newgrp_man_mention_sg.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/passwd.c: Fix typo: the warndays option was called warning.
+	This is now warndays, as documented in the manpage and usage.
+	This fixes http://bugs.debian.org/445481.
+	Debian patch 417_passwd_warndays.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/pwck.c: Remove the preprocessor check SHADOWPWD. The
+	variable is no more defined (and always assumed).
+	Debian patch 493_pwck_no_SHADOWPWD.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/passwd.c, man/passwd.1.xml: -l/-u options: edit the
+	shadow account expiry field *in addition* to editing the password
+	field.  This fixes http://bugs.debian.org/389183.
+	Debian patch 494_passwd_lock.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newgrp.c: Do not request a password when a user uses
+	newgrp to switch to her primary group.
+	This fixes http://bugs.debian.org/396691.
+	Debian patch 497_newgrp_primary_group.
+	* src/newgrp.c: Remove a comment which states otherwise.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Log an error if the password entry could not be
+	found (respect LOG_UNKFAIL_ENAB to avoid logging a password). This
+	fixes the Debian bug http://bugs.debian.org/451521
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/useradd.8.xml: -b documenation: Use the same notation for
+	the -d argument as in the -d documentation.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Allow the -b option even without the -D option.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Use the same error message for the below errors.
+	(option working ONLY if another is specified).
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Make usermod -o and -u work independently of the
+	argument order.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Validate that two of the -L, -p, and -U options
+	are not used at the same time after the parsing of options. -U
+	used to be allowed after -p or -L, but not before.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c: Make usermod -d and -m work independently of the
+	argument order. Thanks to Justin Pryzby <jpryzby+d@quoininc.com>
+	for the patch. This fixes http://bugs.debian.org/451518.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, lib/nscd.c: Execute nscd -i instead of using the private
+	glibc socket to flush the nscd tables. This comes from the RedHat
+	patch shadow-4.0.16-nscd.c.
+	* lib/commonio.c: Forbid inheritance of the passwd and group files
+	to the spawed processes (like nscd). This comes from the RedHat
+	patch shadow-4.0.17-notInheritFd.patch.
+	* lib/nscd.h: Update header.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/usermod.c (fail_exit): Add static variables pw_locked,
+	spw_locked, gr_locked, and sgr_locked to indicate which files must
+	be unlocked.
+	* src/usermod.c (open_files, close_files): Open and close the
+	group files as well as the passwd files. This permit to check if
+	the group files modification are allowed before writing the passwd
+	files.
+	* src/usermod.c (grp_update, update_gshadow, update_group): Do not
+	return a status code, but call fail_exit() in case of error. The
+	group files are no more opened and closed in update_gshadow() and
+	update_group().
+	* src/usermod.c (main): move the call to grp_update between
+	open_files and close_files.
+	* src/usermod.c: Differentiate failure to add a group entry and
+	failure to add a shadow group entry.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c: Differentiate failure to update a group entry and
+	failure to update a shadow group entry.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/userdel.c, src/usermod.c, src/useradd.c: Inform the user if
+	out of memory while updating a group database.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/usermod.c: Update the group database before flushing
+	the nscd caches.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/userdel.c: Abort if an error is found while updating the
+	user or group database. No changes will be written in the
+	databases.
+
+2007-11-17  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: It is no more needed to check that the user's
+	groups are specified only once in the group file. This is checked
+	by gr_update().
+
+2007-11-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* lib/commonio.c (next_entry_by_name): New function.
+	* NEWS, lib/commonio.c (commonio_update): When an entry is updated, make
+	sure that there are no other entry with the same name. This fixes
+	an infinite loop in userdel and usermod when an (erroneous) group
+	file contains two entries with the same name.
+	(https://bugzilla.redhat.com/show_bug.cgi?id=240915)
+
+2007-11-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/salt.c: Make sure the salt string is terminated at the
+	right place (either 8th, or 11th position).
+	* NEWS, src/chgpasswd.c, src/chpasswd.c: The protocol + salt does
+	not need 15 chars. No need for a temporary buffer.
+	This change the fix committed on 2007-11-10. The salt provided to
+	pw_encrypt could have been too long.
+
+2007-11-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/fr/fr.po: Fix typo: missing / in <placeholder-1/>. This
+	caused the gpasswd title to be incomplete in the French manpage.
+
+2007-11-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: Check if the l64a function exists instead of a64l
+	which we do not use.
+	* libmisc/salt.c: Add support for uClibc with no l64a().
+
+2007-11-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: Check if the netdb.h header file and the innetgr
+	function exist.
+	* src/login_nopam.c, NEWS: Add support for systems with no
+	innetgr().  On those systems, username with an @ will be treated
+	like any other username (i.e. lookup in the local database for an
+	user with an @). Thanks to Mike Frysinger for the patch.
+
+2007-11-16  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/useradd.c: Indentation fix.
+
+2007-11-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/newgrp.c, NEWS: Declare the child and pid variable at the
+	beginning of a block. This fixes a compilation issue with gcc 2.95.
+	The intent is the same as Gentoo's patch shadow-4.0.12-gcc2.patch.
+
+2007-11-14  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/Makefile, NEWS: Add a suidperms variable. This should ease
+	the change of permission of suid binaries for distributors (not
+	recommended).
+
+2007-11-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* ./, libmisc/, src/, contrib/, doc/, lib/, man/, man/sv/,
+	man/de/, man/ja/, man/fi/, man/pt_BR/, man/fr/, man/pl/, man/hu/,
+	man/tr/, man/ru/, man/zh_TW/, man/id/, man/zh_CN/, man/cs/,
+	man/es/, man/ko/, man/it/, etc/, etc/pam.d/, po/: Restore the
+	ignore patterns from the previous repository.
+
+	* libmisc/*.c, libmisc/*.h, libmisc/getdate.y, shadow.spec.in,
+	src/*.c, contrib/groupmems.shar, contrib/pwdauth.c,
+	doc/README.platforms, doc/WISHLIST, doc/console.c.spec.txt,
+	lib/*.c, lib/*.h, COPYING, man/*.xml, man/sv/*.[1358],
+	man/de/*.[1358], man/ja/*.[1358], man/fi/*.[1358],
+	man/fr/*.[1358], man/pt_BR/*.[1358], man/pl/*.[1358],
+	man/hu/*.[1358], man/tr/*.[1358], man/ru/*.[1358],
+	man/zh_TW/*.[1358], man/id/*.[1358], man/zh_CN/*.[1358],
+	man/cs/*.[1358], man/es/*.[1358], man/ko/*.[1358],
+	man/it/*.[1358], etc/login.access, etc/login.defs, NEWS: Added the
+	subversion svn:keywords property (Id) for proper identification.
+
+2007-11-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/sv/sv.po, man/de/de.po, man/fr/fr.po, man/pl/pl.po,
+	man/ru/ru.po, man/it/it.po: Run "make update-po" in the man
+	directory.
+
+	* po/ne.po, po/bs.po, po/cs.po, po/pt_BR.po, po/km.po, po/es.po,
+	po/eu.po, po/ko.po, po/hu.po, po/sk.po, po/vi.po, po/uk.po,
+	po/ro.po, po/sq.po, po/ru.po, po/id.po, po/nb.po, po/el.po,
+	po/gl.po, po/fr.po, po/nl.po, po/pl.po, po/nn.po, po/it.po,
+	po/dz.po, po/tl.po, po/pt.po, po/ca.po, po/da.po, po/tr.po,
+	po/sv.po, po/de.po, po/ja.po, po/zh_TW.po, po/he.po, po/fi.po,
+	po/zh_CN.po: Run "make update-po" in the po directory.
+
+2007-11-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/newgrp.c: Don't ask for a password if there are no
+	group passwords. Just directly give up. This comes from the
+	Fedora's patch shadow-4.0.13-newgrpPwd.patch, and seems to be the
+	only part with an effect.
+
+2007-11-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/chgpasswd.c, src/chpasswd.c: Fix chpasswd and
+	chgpasswd stack overflow. Based on Fedora's
+	shadow-4.0.18.1-overflow.patch.
+
+2007-11-10  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/useradd.c: Allow non numerical group identifier to be
+	specified with useradd's -g option. Applied Debian patch
+	397_non_numerical_identifier. Thanks also to Greg Schafer
+	<gschafer@zip.com.au>.
+
+2007-10-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* configure.in: Prepare the next release: 4.0.18.2. The gettext
+	version used for the configuration will be 0.16.
+
+2007-10-28  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* po/ja.po: Remove a plural form. nplurals=1 for japanese.
+	Moreover, msgstr[0] was identical to msgstr[1].
+
+2007-10-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/limits.c, man/limits.5.xml, etc/limits: Apply patch sent
+	by Justin Bronder <jsbronder@gmail.com>. See Debian bug #442334.
+	This adds support to 2 new resource limits: max nice value, and
+	max real time priority. This is only used when shadow is not
+	compiled with PAM support.
+
+2007-10-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/gpasswd.1.xml: Describe the options separately in the
+	OPTIONS section. Simplify the synopsis.
+
+2007-10-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* README, po/Makevars: Update contact information.
+
+2007-10-27  Christian Perrier  <bubulle@debian.org
+
+	* src/newgrp.c,	src/passwd.c, src/su.c:
+	No longer 'apologize' to users when they use incorrect passwords
+	Remove "Sorry" from programs display
+	Imported from Debian's patch 413_no-sorry-in-passwd and
+	102_de-fix-sorry
+	* man/fr/fr.po: fix translation errors. Imported from Debian's
+	patch 201_fix_man_su_fr and 416_man-fr_newgrp
+	* man/it/it.po, man/Makefile.am, man/it/Makefile.am:
+	Use gettext for the Italian man pages translation. Imported from
+	Debian's patch 202_it_man_uses_gettext. Thanks to Giuseppe
+	Sacco who contributed the Italian translation.
+	* man/de/de.po: (nearly) complete German translation of man pages
+	Imported from Debian's patch 203_de-man-update. Thanks to 
+	Simon Brandmair
+	* src/usermod.c: Clarify the online help of usermod for "-a"
+	Imported from Debian's patch 402-clarify_usermod_usage
+	* man/shadow.5.xml: fix spelling error. Imported from Debian's
+	patch 433_shadow.5-typo_312430
+	* src/su.c: Be up front on the origin of su and mention the GNU
+	origin. Imported from Debian's patch 438_su_GNU_origin
+
+2007-10-27  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, po/zh_CN.po: Updated Chinese translation. Imported from
+	Debian's patch 105_zh_CN. Thanks to Ming Hua for the update.
+
+2007-10-13  Tommi Vainikainen  <thv+debian@iki.fi>
+
+	* NEWS, po/fi.po: Updated Finish translation (400t).
+
+2007-10-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/su.c: If compiled without PAM support, enforce the
+	limits from /etc/limits when one of the -, -l, or --login options
+	is set, even if called by root. Thanks to Justin Bronder.
+
+2007-10-07  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, Changelog: Convert the Changelog and NEWS files to UTF-8
+	(it was partially ISO-8859-2).
+
+2007-02-01  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, man/groupadd.8.xml, man/groupmod.8.xml, man/login.1.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml:
+	groupadd.8, groupmod.8, login.1, useradd.8, userdel.8, usermod.8: grammar
+	mistakes and other correctstions (by Schulenberg <bensberg@justemail.net>).
+
+2007-01-16  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, src/usermod.c:
+	fixed handle -a option in usermod (by Benno Schulenberg <bensberg@justemail.net>).
+
+2006-12-15  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/sv/sv.po:
+	more UTF8 fixe (by Mikael Magnusson <mikma@users.sourceforge.net>).
+
+	* man/sv/sv.po:
+	UTF8 fixes (by Mikael Magnusson <mikma@users.sourceforge.net>).
+
+2006-11-19  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/Makefile.am, man/pl/chgpassw.8, man/pl/chpasswd.8, man/pl/pl.po:
+	translation chpasswd.8 and chgpassw.8 finished.
+
+2006-11-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/pl.po: resolve fuzzy entries.
+
+	* contrib/adduser.c, contrib/groupmems.shar, po/it.po, src/groupmems.c, src/usermod.c, man/chfn.1.xml, man/chsh.1.xml, man/de/de.po, man/fr/fr.po, man/groupmems.8.xml, man/passwd.1.xml, man/pl/pl.po, man/ru/ru.po, man/shadow.3.xml, man/su.1.xml, man/sv/sv.po:
+	spelling fixes 's/super user/superuser/' (by Benno Schulenberg <bensberg@justemail.net>).
+
+	* man/sv/sv.po, man/de/de.po, man/fr/fr.po, man/pl/pl.po, man/ru/ru.po:
+	run "make update-po".
+
+	* man/newusers.8.xml, man/su.1.xml:
+	fixed wrong word, a few typos, some grammar mistakes, and puts in a comma here
+	and there for clarity (by Benno Schulenberg <bensberg@justemail.net>).
+
+	* man/pl/groupmod.8, man/pl/chage.1, man/pl/chsh.1, man/pl/lastlog.8, man/pl/vipw.8:
+	regenerated.
+
+	* man/de/de.po: run "make update-po".
+
+	* man/Makefile.am:
+	added de to LINGUAS but man/de/de.po still need many work.
+
+2006-11-04  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/useradd.c: indent code.
+
+	* NEWS, src/useradd.c:
+	improved auditing support (https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=211659).
+
+2006-11-03  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/dz.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/km.po, po/ko.po, po/nb.po, po/ne.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po:
+	run "make update-po".
+
+	* NEWS, po/nl.po:
+	updated (by cobaco (aka Bart Cornelis) <cobaco@skolelinux.no>).
+
+	* man/fr/fr.po, man/pl/pl.po, man/ru/ru.po, man/sv/sv.po:
+	"make update-po".
+
+2006-11-02  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/su.1.xml:
+	added sg(1) to the SEE ALSO section (Debian Bug#396690).
+
+2006-10-30  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/newusers.8.xml: clarify pw_gid fileld content description.
+
+	* man/it/Makefile.am, man/sv/Makefile.am:
+	s/man_nonpam/man_nopam/ (merged 498_man_nonpam_undefined Debian patch).
+
+	* po/nl.po:
+	fixed https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=212892
+
+2006-10-28  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/newusers.8.xml: there is no pw_age fileld in passwd.
+
+	* man/fr/fr.po:
+	Fix an error in the passwd.1 French translation (fixed Debian bug #395537).
+
+	* man/chfn.1.xml, man/chgpasswd.8.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/fr/fr.po, man/gpasswd.1.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/id.1.xml, man/login.1.xml, man/newgrp.1.xml, man/newusers.8.xml, man/nologin.8.xml, man/passwd.1.xml, man/pl/pl.po, man/pwck.8.xml, man/pwconv.8.xml, man/su.1.xml, man/sulogin.8.xml, man/sv/sv.po, man/vipw.8.xml:
+	cleanups on begin DESCRIPTION section.
+
+	* man/pl/pl.po: typos.
+
+2006-10-13  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/pl.po: cleanups.
+
+2006-10-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/pl.po: more translations.
+
+	* NEWS:
+	UTF-8 corrections (by Benno Schulenberg <bensberg@justemail.net>).
+
+2006-10-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/groupdel.8.xml: added description for exit code 6.
+
+2006-08-16  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/de/de.po: copy & paste some msgid to msgstr.
+
+	* man/de/de.po:
+	kill some fuzzy (by Nicolas François <nicolas.francois@centraliens.net>).
+
+2006-08-15  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/fr/fr.po, man/pl/pl.po, man/ru/ru.po, man/sv/sv.po, man/passwd.1.xml:
+	s/change password/password change/ in passwd(1) (by Simon Brandmair <sbrandmair@gmx.net>).
+
+	* man/de/de.po:
+	initial version based on partial translations only for passwd(1) by
+	Simon Brandmair <sbrandmair@gmx.net>.
+
+	* NEWS, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/useradd.c, src/userdel.c, src/usermod.c:
+	flush nscd cashes after close /etc/{group,passwd} files.
+
+2006-08-14  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/tl.po: updated (by Eric Pareja <xenos@upm.edu.ph>).
+
+2006-08-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/ja.po: updated (by Takeo Nakano <nakano@webmasters.gr.jp>).
+
+2006-08-03  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/fr/Makefile.am:
+	removed whitespaces following trailing backslashes.
+
+	* NEWS, configure.in: release 4.0.18.1.
+
+	* man/Makefile.am, man/fr/Makefile.am, man/it/Makefile.am, man/ja/Makefile.am, man/pl/Makefile.am, man/ru/Makefile.am, man/sv/Makefile.am, NEWS:
+	fixed missing man pages in dist tar ball necessary on build when PAM is disabled.
+
+	* NEWS, src/groupmems.c:
+	fixed groupmems compilation when PAM is disabled (by Johannes Winkelmann <jw@smts.ch>).
+
+	* configure.in:
+	typo s/followig/following/ (by Johannes Winkelmann <jw@smts.ch>).
+
+2006-08-01  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: release date corrected.
+
+	* NEWS, src/su.c:
+	fixed set enviroment too early when using PAM, so move it to !USE_PAM
+	(patch submitted by Mike Frysinger <vapier@gentoo.org>).
+
+2006-07-30  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/fr/chage.1, man/fr/chfn.1, man/fr/chpasswd.8, man/fr/chsh.1, man/fr/expiry.1, man/fr/faillog.5, man/fr/faillog.8, man/fr/gpasswd.1, man/fr/groupadd.8, man/fr/groupdel.8, man/fr/groupmod.8, man/fr/groups.1, man/fr/grpck.8, man/fr/gshadow.5, man/fr/lastlog.8, man/fr/limits.5, man/fr/login.1, man/fr/login.access.5, man/fr/login.defs.5, man/fr/logoutd.8, man/fr/newgrp.1, man/fr/newusers.8, man/fr/passwd.1, man/fr/passwd.5, man/fr/porttime.5, man/fr/pwck.8, man/fr/pwconv.8, man/fr/sg.1, man/fr/shadow.3, man/fr/shadow.5, man/fr/su.1, man/fr/suauth.5, man/fr/useradd.8, man/fr/userdel.8, man/fr/usermod.8, man/fr/vipw.8, NEWS:
+	fr man pages are now up to date.
+
+	* man/fr/fr.po:
+	more updates for 4.0.18 (by Nicolas François <nicolas.francois@centraliens.net>).
+
+	* man/fr/fr.po:
+	updated for 4.0.18 (by Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>).
+
+2006-07-28  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/dz.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/km.po, po/ko.po, po/nb.po, po/ne.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po:
+	updated.
+
+	* src/useradd.c, src/usermod.c:
+	fixed UID/GID overflow (fixed http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198920).
+	Fixed expiredate/inactive/mindays/warndays/maxdays overflow (simillar to RH#198920).
+
+	* src/passwd.c:
+	fixed inactive/mindays/warndays/maxdays overflow (similar to RH#198920).
+
+	* src/groupadd.c, src/groupmod.c:
+	fixed GID overflow (fixed http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198920).
+
+2006-07-27  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/.cvsignore: groupmems added.
+
+2006-07-24  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/fr.po:
+	updated for 4.0.18 (by ean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>).
+
+	* po/uk.po: break lines longer than 80 cols and add missing \n.
+
+	* po/uk.po:
+	updated for 4.0.18 (by Eugeniy Meshcheryakov <eugen@univ.kiev.ua>).
+
+	* man/pl/pl.po, man/ru/ru.po, man/sv/sv.po, man/chgpasswd.8.xml, man/chpasswd.8.xml, man/fr/fr.po:
+	s/instead DES/instead of DES/
+
+	* NEWS: sv man pages are partially translated.
+
+2006-07-23  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/groupmems.c: fix compilation warnings.
+
+	* po/ko.po: use \t.
+
+	* po/nl.po: break lines longer than 80 cols and add missing \n.
+
+2006-07-22  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/ru/faillog.5: regenerated.
+
+	* po/ko.po: updated for 4.0.18 (by Changwoo Ryu <cwryu@debian.org>).
+
+2006-07-20  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/faillog.5.xml, man/fr/fr.po, man/pl/pl.po, man/ru/ru.po, man/sv/sv.po:
+	added <refmiscinfo class="sectdesc"> tag for faillog.5.xml.
+
+	* man/sv/Attic/grupper.1: removed.
+
+	* man/sv/Makefile.am, man/sv/chage.1, man/sv/chfn.1, man/sv/chgpasswd.8, man/sv/chpasswd.8, man/sv/chsh.1, man/sv/expiry.1, man/sv/faillog.5, man/sv/faillog.8, man/sv/gpasswd.1, man/sv/groupadd.8, man/sv/groupdel.8, man/sv/groupmems.8, man/sv/groupmod.8, man/sv/groups.1, man/sv/grpck.8, man/sv/gshadow.5, man/sv/lastlog.8, man/sv/limits.5, man/sv/login.1, man/sv/login.access.5, man/sv/login.defs.5, man/sv/logoutd.8, man/sv/newgrp.1, man/sv/newusers.8, man/sv/nologin.8, man/sv/passwd.1, man/sv/passwd.5, man/sv/porttime.5, man/sv/pwck.8, man/sv/pwconv.8, man/sv/sg.1, man/sv/shadow.3, man/sv/shadow.5, man/sv/su.1, man/sv/suauth.5, man/sv/sv.po, man/sv/useradd.8, man/sv/userdel.8, man/sv/usermod.8, man/sv/vipw.8:
+	corrected text charset and other minor cleanups (by Daniel Nylander <info@danielnylander.se>).
+
+	* po/tr.po: break lines longer than 80 cols.
+
+	* po/tr.po:
+	updated for 4.0.18 (by Mehmet TURKER <mturker@innova.com.tr>).
+
+	* configure.in, man/Makefile.am, man/sv/Makefile.am:
+	fixes for "make {dist|distchec}" and sv man pages.
+
+	* man/sv/Attic/grupper.1, man/sv/groupmems.8, man/sv/groupmod.8, man/sv/grpck.8, man/sv/grpconv.8, man/sv/grpunconv.8, man/sv/gshadow.5, man/sv/lastlog.8, man/sv/limits.5, man/sv/login.1, man/sv/login.access.5, man/sv/login.defs.5, man/sv/logoutd.8, man/sv/newgrp.1, man/sv/newusers.8, man/sv/nologin.8, man/sv/passwd.1, man/sv/passwd.5, man/sv/porttime.5, man/sv/pwck.8, man/sv/pwconv.8, man/sv/pwunconv.8, man/sv/sg.1, man/sv/shadow.3, man/sv/shadow.5, man/sv/su.1, man/sv/suauth.5, man/sv/sv.po, man/sv/useradd.8, man/sv/userdel.8, man/sv/usermod.8, man/sv/vigr.8, man/sv/vipw.8, NEWS, man/Makefile.am, man/sv/Makefile.am, man/sv/chage.1, man/sv/chfn.1, man/sv/chgpasswd.8, man/sv/chpasswd.8, man/sv/chsh.1, man/sv/expiry.1, man/sv/faillog.5, man/sv/faillog.8, man/sv/getspnam.3, man/sv/gpasswd.1, man/sv/groupadd.8, man/sv/groupdel.8:
+	full sv man pages set added (by Daniel Nylander <info@danielnylander.se>).
+	This man pages are translated using new XML/xml2po/gettext infrastructure.
+
+	* po/pl.po: updated for 4.0.18.
+
+2006-07-19  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/pt.po:
+	updated for 4.0.18 (by Miguel Figueiredo <mfigueiredo@gmail.com>).
+
+	* po/gl.po, NEWS:
+	updated for 4.0.18 (by Jacobo Tarrio <jacobo@tarrio.org>).
+
+	* NEWS, po/eu.po:
+	updated for 4.0.18 (by Piarres Beobide <pi@beobide.net>).
+
+	* man/ru/chsh.1, man/ru/faillog.5, man/ru/groupmems.8, man/ru/groupmod.8, man/ru/ru.po, man/ru/su.1, man/ru/useradd.8, man/ru/usermod.8, man/ru/vipw.8, NEWS, po/ru.po:
+	updated for 4.0.18 (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+	* po/vi.po, NEWS:
+	updated for 4.0.18 (by Clytie Siddall <clytie@riverland.net.au>).
+
+	* NEWS, po/cs.po:
+	updated for 4.0.18 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+	* NEWS, po/sv.po:
+	updated for 4.0.18 (by Daniel Nylander <info@danielnylander.se>).
+
+	* NEWS, po/ca.po:
+	updated for 4.0.18 (by Guillem Jover <guillem@debian.org>).
+
+2006-07-18  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/hu.po: cleanups.
+
+	* NEWS, po/da.po:
+	updated for 4.0.18 (by Claus Hindsgaul <claus.hindsgaul@gmail.com>).
+
+	* po/hu.po, NEWS: updated for 4.0.18 (by SZERV�C Attila <sas@321.hu>).
+
+	* NEWS: typos.
+
+	* man/ru/ru.po, man/fr/fr.po, man/pl/pl.po: run "make update-po".
+
+	* man/su.1.xml: fixes in <refsynopsisdiv>.
+
+	* src/groupmems.c: indent soutrce code.
+
+	* src/groupmems.c: use shadow Copyright.
+
+	* po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/km.po, po/ko.po, po/nb.po, po/ne.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/POTFILES.in, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/dz.po, po/el.po:
+	added src/groupmems.c to POTFILES.in.
+
+	* NEWS, etc/pam.d/Makefile.am, etc/pam.d/groupmems, man/Makefile.am, man/groupmems.8.xml, src/Makefile.am, src/groupmems.c:
+	groupmems rewrited for use PAM and getopt_long() nad now it is enabled
+	for build and install (patch by George Kraft <gk4@swbell.net>).
+
+	* NEWS, configure.in: start prepare for 4.0.18.
+
+2006-07-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/dz.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/km.po, po/ko.po, po/nb.po, po/ne.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po:
+	run "make update-po" and some cleanups (added missing \n and use tabs instead spaces).
+
+	* src/su.c: s#[login]#[LOGIN]# in help message.
+
+	* man/useradd.8.xml:
+	added missing --<foo> long options names in "Changing the default values" section.
+
+	* po/tr.po: updated (by Murat Åženel <muratasenel@gmail.com>).
+
+2006-07-16  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/fr/fr.po, man/pl/pl.po, man/ru/ru.po: updated.
+
+	* man/useradd.8.xml: added newusers(8) to SEE ALSO section.
+
+	* etc/login.defs:
+	removed GETPASS_ASTERISKS (patch by Mike Frysinger <vapier@gentoo.org>).
+
+2006-07-15  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, man/pl/chsh.1, man/pl/pl.po: pl chage(1): translation finished.
+
+	* NEWS:
+	s#fix by Mike Frysinger <vapier@gentoo.org>)#(patch by Ulrich Mueller <ulm@kph.uni-mainz.de>; http://bugs.gentoo.org/139966#
+
+	* NEWS, configure.in:
+	S/Key: removed assign getpass() to libshadow_getpass() on autoconf level
+	(fix by Mike Frysinger <vapier@gentoo.org>).
+
+2006-07-14  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/vipw.8.xml: make options <replaceable> in SYNOPSIS.
+
+	* po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/dz.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/km.po, po/ko.po, po/nb.po, po/ne.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/groupadd.c:
+	s/group/GROUP/ in groupadd help message.
+
+	* src/su.c (main):
+	move **envcp declaration to #ifdef USE_PAM (fixed warning about unused
+	variable when shadow is builded with PAM didabled).
+
+	* man/pl/pl.po, NEWS, man/pl/chage.1: pl chage(1) translation finished.
+
+	* man/fr/fr.po, man/pl/pl.po, man/ru/ru.po: updated.
+
+	* man/chsh.1.xml: updated after rewrite chsh for use getopt_long().
+
+	* po/pl.po: kill fuzzy.
+
+2006-07-13  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/chsh.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/dz.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/km.po, po/ko.po, po/nb.po, po/ne.po:
+	one \t more in help message.
+
+	* po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/km.po, po/ko.po, po/nb.po, po/ne.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/dz.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po:
+	updated.
+
+	* NEWS, src/chsh.c: chsh rewrited for use getopt_long().
+
+2006-07-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/groupmod.8, man/pl/pl.po: finish translation groupmod(8).
+
+	* man/fr/fr.po, man/groupmod.8.xml, man/pl/groupmod.8, man/pl/pl.po, man/ru/ru.po:
+	cleanups in groupmod(8).
+
+	* man/fr/fr.po, man/pl/pl.po, man/ru/ru.po, man/usermod.8.xml, src/usermod.c, NEWS:
+	back to previouse usermod -a option sematics and clarify -a behavior
+	on documentation level (by Greg Schafer <gschafer@zip.com.au>).
+
+	* man/fr/fr.po, man/groupmod.8.xml, man/pl/pl.po, man/ru/ru.po:
+	updated groupmod man page.
+
+2006-07-11  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/groupmod.c: too many \t in help message.
+
+	* man/ru/chage.1, man/ru/passwd.1, man/ru/ru.po, man/chage.1.xml, man/fr/fr.po, man/passwd.1.xml, man/pl/pl.po:
+	updated.
+
+	* po/nb.po, po/ne.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/dz.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/km.po, po/ko.po:
+	run "make update-po".
+
+	* src/groupmod.c: cleunps in help message.
+
+	* src/chage.c: s/user/\[LOGIN\]/ in help message.
+
+	* src/passwd.c: s/\[login\]/\[LOGIN\]/ in help message.
+
+	* NEWS, src/groupmod.c: groupmod rewrited for use getopt_log().
+
+2006-07-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/sv.po:
+	added missing \n in help messages and few other minor cleanups.
+
+	* NEWS, po/sv.po:
+	updated for 4.0.17 (by Daniel Nylander <info@danielnylander.se>).
+
+	* NEWS: 4.0.17 release date i 10-07-2006.
+
+	* NEWS, libmisc/copydir.c:
+	fixed segfault usermod/userdel on remove home directory when it can't
+	be removed; for example when it is /dev/null (fixed http://bugs.gentoo.org/139148).
+
+	* src/login.c, src/logoutd.c, src/userdel.c, libmisc/limits.c:
+	remove USER_PROCESS conditionsi (code simplifications).
+
+2006-07-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/km.po: kill all fuzzy (Sokhem <khoemsokhem@khmeros.info>).
+
+2006-07-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/de.po: kill fuzzy (by Holger Wansing <linux@wansing-online.de>).
+
+2006-07-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Makefile.am: removed duplicated all target.
+
+	* NEWS, po/LINGUAS, po/ne.po:
+	new Nepali translation (by Paras Pradhan <pradhanparas@gmail.com>).
+
+	* NEWS, po/LINGUAS, po/dz.po: new Dzongkha translation.
+
+	* NEWS, po/de.po:
+	updated for 4.0.17 (by Holger Wansing <linux@wansing-online.de>).
+
+	* NEWS, po/nl.po:
+	updated for 4.0.17 (by "cobaco (aka Bart Cornelis)" <cobaco@skolelinux.no>)
+
+2006-06-25  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/ko.po: cleanups (by darehanl <darehanl@gmail.com>).
+
+	* src/usermod.c: fixes in getopt_long() optstring: s/a/a:/ and added h.
+
+	* src/faillog.c:
+	fixed long_options[] entries: s/no_argument/required_argument/ for lock-secs,
+	maximum, time and user options.
+
+	* NEWS, configure.in:
+	improved SELinux detection on autoconf level (based on patch by
+	Dan Yefimov <dan@D00M.lightwave.net.ru>).
+
+	* po/ro.po, NEWS:
+	updated for 4.0.17 (by Sorin Batariuc <sorin@bonbon.net>).
+
+2006-06-24  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: cleanups.
+
+	* man/pl/pl.po: more translations for chage(1).
+
+	* TODO: remove done things.
+
+	* NEWS, lib/Attic/getpass.c, lib/Makefile.am, lib/getdef.c, lib/pwauth.c, po/POTFILES.in:
+	removed using private implementatuon getpass() libc function (now getpass() is
+	used also when S/KEY support is enabled).
+
+	* NEWS, src/Makefile.am: move nologin do $(sbindir).
+
+	* man/pl/pl.po: more work.
+
+	* man/pl/pl.po: more translations.
+
+	* po/pl.po: s/KEY=VALUE/KLUCZ=WARTOŚĆ/
+
+	* po/pl.po: s/SEC/SEK/
+
+	* src/chpasswd.c: added missing #include "exitcodes.h".
+
+	* src/chpasswd.c: s/exit (1)/exit (E_USAGE)/
+
+	* man/Makefile.am:
+	move all current i18n man pages automation inside "if ENABLE_REGENERATE_MAN .. endif".
+
+	* man/Makefile.am:
+	add an error message so people don't have to go digging through
+	source to find out what's up (by Mike Frysinger <vapier@gentoo.org>).
+
+	* NEWS, man/ru/chage.1, man/ru/chfn.1, man/ru/chgpasswd.8, man/ru/chpasswd.8, man/ru/chsh.1, man/ru/expiry.1, man/ru/faillog.5, man/ru/faillog.8, man/ru/gpasswd.1, man/ru/groupadd.8, man/ru/groupdel.8, man/ru/groupmems.8, man/ru/groupmod.8, man/ru/groups.1, man/ru/grpck.8, man/ru/gshadow.5, man/ru/lastlog.8, man/ru/limits.5, man/ru/login.1, man/ru/login.access.5, man/ru/login.defs.5, man/ru/logoutd.8, man/ru/newgrp.1, man/ru/newusers.8, man/ru/nologin.8, man/ru/passwd.1, man/ru/passwd.5, man/ru/porttime.5, man/ru/pwck.8, man/ru/pwconv.8, man/ru/ru.po, man/ru/sg.1, man/ru/shadow.3, man/ru/shadow.5, man/ru/su.1, man/ru/suauth.5, man/ru/useradd.8, man/ru/userdel.8, man/ru/usermod.8, man/ru/vipw.8:
+	updated ru man pages (regenerated from man/ru/ru.po -> man/ru/*xml -> roff).
+
+	* NEWS, po/ru.po:
+	updated for 4.0.17 (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+	* NEWS, po/LINGUAS, po/km.po:
+	new km translation (Sokhem <khoemsokhem@khmeros.info>).
+
+	* po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, src/groupadd.c:
+	cleanups in groupadd help message.
+
+	* NEWS, po/nb.po:
+	updated for 4.0.17 (by Bjørn Steensrud <bjornst@powertech.no>).
+
+	* NEWS, po/da.po:
+	updated for 4.0.17 (by Claus Hindsgaul <claus.hindsgaul@gmail.com>).
+
+	* po/pl.po:
+	s/twóş/twĂłrz/ (fix by Michał �omnicki <michal.lomnicki@gmail.com>).
+
+	* NEWS, po/pt.po:
+	updated for 4.0.17 (by Miguel Figueiredo <mfigueiredo@gmail.com>).
+
+	* NEWS, po/vi.po:
+	updated for 4.0.17 (by Clytie Siddall <clytie@riverland.net.au>).
+
+	* NEWS, po/cs.po:
+	updated for 4.0.17 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+	* po/eu.po, po/fr.po, po/gl.po, po/pl.po:
+	Project-Id-Version: shadow 4.0.17
+
+	* NEWS, po/sk.po:
+	updated for 4.0.17 (by Peter Mann <Peter.Mann@tuke.sk>).
+
+	* NEWS, po/ko.po:
+	updated for 4.0.17 (by Changwoo Ryu <cwryu@debian.org>).
+
+2006-06-22  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, configure.in: schedule release 40.17 on 26-06-2006.
+
+	* src/useradd.c:
+	adjust last fix for leave some fix mail spool creation after rewrite internal
+	configuration API.
+
+	* src/useradd.c, NEWS:
+	fixed mail spool file creation (bug cached by Frans Pop <elendil@planet.nl>,
+	fixed http://bugs.debian.org/374705).
+
+2006-06-20  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/chage.c, src/chgpasswd.c, src/chpasswd.c, src/faillog.c, src/groupadd.c, src/lastlog.c, src/passwd.c, src/su.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c:
+	better looking help messages output. Added one empty line at end of help message.
+
+	* po/ru.po, po/sk.po, po/sv.po, po/tl.po, po/uk.po, po/ro.po, po/pt_BR.po:
+	break help messages lines before col 80.
+
+	* man/pl/pl.po: more work on usermod.
+
+	* po/pl.po: cleanups.
+
+2006-06-19  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/vipw.8:
+	regenerated using fixed DocBook XSL Stylesheets v1.70.1 (I must submit my
+	fixes common/pl.xml do DocBook XSL Stylesheets mantainer).
+
+	* man/fr/fr.po, man/ru/ru.po: updated.
+
+	* man/pl/lastlog.8, man/pl/pl.po: finish translate lastlog(8).
+
+	* man/lastlog.8.xml: improved NOTE section content.
+
+	* po/pl.po: iprove lastlog help message.
+
+	* man/fr/fr.po, man/lastlog.8.xml, man/pl/pl.po, man/ru/ru.po:
+	Better lastlog short description. Now it is:
+	lastlog - reports the most recent login of all users or of a given user
+
+	* man/Makefile.am, man/fr/fr.po, man/lastlog.8.xml, man/pl/pl.po, man/ru/ru.po:
+	Fixed CAVEATS section (what the hell is mmdf ? :)
+
+	* man/ru/ru.po, NEWS, man/faillog.5.xml, man/fr/fr.po, man/pl/pl.po:
+	added missing information about fail_locktime element of faillog struct
+	in faillog(5) man page (by Thorsten Kukuk <kukuk@suse.de>).
+
+2006-06-16  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/ru/chage.1, man/ru/chfn.1, man/ru/chgpasswd.8, man/ru/chpasswd.8, man/ru/chsh.1, man/ru/expiry.1, man/ru/faillog.5, man/ru/faillog.8, man/ru/gpasswd.1, man/ru/groupadd.8, man/ru/groupdel.8, man/ru/groupmems.8, man/ru/groupmod.8, man/ru/groups.1, man/ru/grpck.8, man/ru/gshadow.5, man/ru/lastlog.8, man/ru/limits.5, man/ru/login.1, man/ru/login.access.5, man/ru/login.defs.5, man/ru/logoutd.8, man/ru/newgrp.1, man/ru/newusers.8, man/ru/nologin.8, man/ru/passwd.1, man/ru/passwd.5, man/ru/porttime.5, man/ru/pwck.8, man/ru/pwconv.8, man/ru/sg.1, man/ru/shadow.3, man/ru/shadow.5, man/ru/su.1, man/ru/suauth.5, man/ru/useradd.8, man/ru/userdel.8, man/ru/usermod.8, man/ru/vipw.8:
+	fully regenerated man pages.
+
+	* man/Makefile.am:
+	hack for generate translated xml files with lang="<lang> in <refentry> tag.
+	Now is possible testing correctnes of XSLT sheets languages definition.
+
+2006-06-13  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/eu.po: updated (by Piarres Beobide <pi@beobide.net>).
+
+2006-06-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/zh_TW.po, po/da.po, po/el.po, po/es.po, po/eu.po, po/id.po, po/ja.po, po/ko.po, po/nb.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/tr.po, po/uk.po, po/zh_CN.po:
+	s/ \\n"/\\n"/ in translated strings.
+
+	* man/pl/pl.po: more translations for usermod.
+
+	* man/fr/fr.po, man/pl/pl.po, man/ru/ru.po, man/usermod.8.xml:
+	added <command> tags for at and crontab.
+
+	* man/fr/fr.po, man/pl/pl.po, man/ru/ru.po, man/usermod.8.xml:
+	remove /etc/login.defs from FILES section.
+
+	* po/gl.po: updated (by Jacobo Tarrio <jtarrio@trasno.net>).
+
+	* po/fr.po: updated (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+	* po/pl.po:
+	updated usermod help message and fixed few other things introduced during
+	copy&paset from useradd help message.
+
+	* po/vi.po, po/zh_CN.po, po/zh_TW.po, src/usermod.c, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/bs.po:
+	fixes in help message:
+	s/login/LOGIN/
+	s/new login directory/new home directory/
+	s/new initial login group/new primary group/
+	s/tlist of supplementary/new tlist of supplementary/
+	s/LOGIN/NEW_LOGIN/
+
+	* po/da.po, po/id.po, po/nb.po, po/nl.po, po/pl.po, po/pt.po, po/ro.po, po/sk.po, po/sv.po:
+	cleanups in usermod help message.
+
+	* po/es.po, po/eu.po, po/fi.po, po/tl.po: cleanups.
+
+	* po/nb.po, po/nl.po, po/pt.po, po/uk.po, po/cs.po, po/el.po, po/eu.po, po/fi.po, po/hu.po:
+	s/\\\t /\\\t/
+
+2006-06-11  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, configure.in, man/Makefile.am:
+	reverte using docbook.sourceforge.net in XSLT url.
+
+	* po/pl.po: cleanups.
+
+2006-06-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Makefile.am:
+	improved gen-xmls target: now this target generates only missing xml files.
+
+2006-06-04  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/sk.po:
+	updated for 4.0.16 (by Peter Mann <Peter.Mann@tuke.sk>).
+
+	* NEWS, po/es.po:
+	updated for 4.0.16 (by Ruben Porras <nahoo82@gmail.com>).
+
+	* NEWS, po/fi.po:
+	updated for 4.0.16 (by Tommi Vainikainen <thv+debian@iki.fi>).
+
+	* NEWS, man/cs/Makefile.am, man/cs/groupmems.8, man/cs/groupmod.8, man/cs/grpck.8, man/cs/gshadow.5:
+	new cs man pages: groupmems(8), groupmod(8), grpck(8), gshadow(5)
+	(by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+	* NEWS, po/cs.po:
+	updated for 4.0.16 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+2006-06-01  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, configure.in, man/Makefile.am:
+	regenerate roff man pages using docbook-style-xsl-1.70.1.
+	This version uses new base URL: http://docbook.sf.net/release/xsl/current/
+
+	* man/.cvsignore: shadow-man-pages.pot added.
+
+	* man/Makefile.am:
+	added temporary gen-xmls targed and dependencies beetwen .pot and .po files.
+
+	* man/chgpasswd.8.xml: removed <!DOCTYPE> tag (isn't neccessary).
+
+2006-05-31  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/pl.po: chage(1) translation.
+
+	* man/pl/Attic/chage.1.xml: removed.
+
+	* man/chage.1.xml, man/fr/fr.po, man/pl/pl.po, man/ru/ru.po:
+	chage requires shadow access and can't work without this.
+
+	* po/da.po:
+	updated for 4.0.16 (by Claus Hindsgaul <claus.hindsgaul@gmail.com>).
+
+	* po/pl.po: s/_DAYS/_DNI/
+
+2006-05-30  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: s/OWL/Owl/
+
+	* NEWS: new release date for 4.0.16 is 05-06-2006.
+
+	* NEWS: fixed last usermod changes comment. Current is:
+	better fix for old CERT VU#312962 (which was fixed in shadow 4.0.8):
+	fixed forgoten checking of the return value from fchown() before
+	proceeding with the fchmod() (based on Owl patch prepared by
+	Rafal Wojtczuk <nergal@owl.openwall.com>)
+
+	* src/useradd.c (create_mail):
+	move checking create_mail_spool is "yes" on top function.
+
+	* man/pl/pl.po: cleanups.
+
+	* po/fr.po:
+	plugged fuzzy (by Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>).
+
+	* po/fr.po:
+	updated (by Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>).
+
+2006-05-29  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Makefile.am:
+	simplifications in update-po target and fixes in dist-po-files target.
+
+	* NEWS, po/eu.po:
+	updated for 4.0.16 (by Piarres Beobide <pi@beobide.net>).
+
+2006-05-28  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/ru/ru.po, NEWS, man/chfn.1.xml, man/faillog.8.xml, man/fr/fr.po, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupmems.8.xml, man/limits.5.xml, man/login.1.xml, man/login.defs.5.xml, man/newgrp.1.xml, man/passwd.1.xml, man/passwd.5.xml, man/pl/pl.po, man/su.1.xml:
+	bunch of cleanups in chfn(1), faillog(8), gpasswd(1), groupadd(8),
+	groupmems(8), limits(5), login(1), login.defs(5), newgrp(1), passwd(1),
+	passwd(5) and su(1) (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+	* man/Makefile.am, man/ru/ru.po: added ru to LINGUAS.
+
+	* po/ru.po: updated for 4.0.16 (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+2006-05-27  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/fr/fr.po, man/pl/pl.po, man/chage.1.xml, man/passwd.1.xml:
+	s/-n/-m/ in passwd(1). Improved -m, --mindays description in chage(1) and passwd(1).
+	More pl translations.
+
+	* po/vi.po: updated (by Clytie Siddall <clytie@riverland.net.au>).
+
+	* NEWS, po/hu.po:
+	updated for 4.0.16 (by Gabor Kelemen <kelemeng@gnome.hu>).
+
+2006-05-25  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/cs/Makefile.am, man/it/Makefile.am, man/ru/Makefile.am:
+	id and sulogin executables are not installed by "make install",
+	but a few translated man pages are still installed.
+	(patch by Lasse Collin <lasse.collin@tukaani.org>)
+
+2006-05-22  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/vi.po:
+	updates for 4.0.16 (by Clytie Siddall <clytie@riverland.net.au>).
+
+	* po/gl.po: updated for 4.0.16 (by Jacobo Tarrio <jtarrio@debian.org>).
+
+2006-05-20  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/pl.po: more cleanups.
+
+	* po/fr.po:
+	updated for 4.0.16 (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+	* man/chage.1.xml, man/chfn.1.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/fr/fr.po, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/login.1.xml, man/login.access.5.xml, man/logoutd.8.xml, man/newgrp.1.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/pl/pl.po, man/pl/vipw.8, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/sg.1.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml:
+	use common style in FILES sections.
+
+	* man/fr/fr.po, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/id.1.xml, man/limits.5.xml, man/login.access.5.xml, man/pl/pl.po, man/suauth.5.xml, man/userdel.8.xml, man/usermod.8.xml, man/faillog.5.xml:
+	begin <refpurpose> text from lowercase.
+
+	* man/fr/fr.po, man/pl/pl.po, man/pwconv.8.xml, man/vipw.8.xml:
+	remove "." from <refpurpose>.
+
+	* po/pl.po: cleanups.
+
+	* po/pl.po: typo.
+
+	* man/pl/.cvsignore, man/pt_BR/.cvsignore, man/ru/.cvsignore, man/tr/.cvsignore, man/zh_CN/.cvsignore, man/zh_TW/.cvsignore, man/cs/.cvsignore, man/de/.cvsignore, man/es/.cvsignore, man/fi/.cvsignore, man/fr/.cvsignore, man/hu/.cvsignore, man/id/.cvsignore, man/it/.cvsignore, man/ja/.cvsignore, man/ko/.cvsignore:
+	*.xml added.
+
+	* man/cs/.cvsignore, man/de/.cvsignore, man/es/.cvsignore, man/fi/.cvsignore, man/fr/.cvsignore, man/hu/.cvsignore, man/id/.cvsignore, man/it/.cvsignore, man/ja/.cvsignore, man/ko/.cvsignore, man/pl/.cvsignore, man/pt_BR/.cvsignore, man/ru/.cvsignore, man/tr/.cvsignore, man/zh_CN/.cvsignore, man/zh_TW/.cvsignore, man/.cvsignore:
+	.xml2po.mo added.
+
+	* NEWS, man/pl/vipw.8: update pl vipw(8) man page.
+
+	* src/useradd.c: s/mailbox/mailbox file/
+
+	* man/pl/pl.po: seems vipw finished.
+
+	* man/fr/fr.po, man/vipw.8.xml: s/Quiet mode database./Quiet mode./
+
+	* man/pl/pl.po: more entries.
+
+	* po/vi.po, po/zh_CN.po, po/zh_TW.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po:
+	/mailbox/mailbox file/
+
+	* man/pl/pl.po: fill few entries.
+
+	* man/Makefile.am: fixes in dist-po-files target.
+
+	* man/Makefile.am: pl added to Linguas. Some mprovements.
+
+	* man/fr/fr.po:
+	initial version based on ond version submited by Christian Perrier <bubulle@debian.org>.
+
+	* man/pl/pl.po: initial version.
+
+	* man/Makefile.am:
+	implemet update-po target and dist, dist-check hooks for put .po and
+	.pot files in dist tar ball.
+
+	* src/chgpasswd.c:
+	reverte struct group newgr declaration but use them only conditionaly (#ifndef SHADOWGRP).
+
+2006-05-19  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, configure.in: schedule release 4.0.16 to 29.05.06.
+
+	* po/pl.po: updated.
+
+	* po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po:
+	run "make update-po".
+
+	* NEWS, src/useradd.c:
+	fixed userdel CERT VU#312962: fixed forgoten checking of the return
+	value from fchown() before proceeding with the fchmod() (prepared
+	based on OWL fix submited by Solar Designer <solar@openwall.com>),
+	Use in userdel login.defs::MAIL_DIR instead hardcoded /var/mail on created
+	mailbox path (based on OWL fixes submited by Solar Designer <solar@openwall.com>).
+
+2006-05-15  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/.cvsignore: added *.[1358]
+
+	* NEWS, man/ru/Makefile.am, man/ru/chgpasswd.8:
+	added chgpasswd(8) ru man page (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+	* po/gl.po: updated (by Jacobo Tarrio <jtarrio@debian.org>).
+
+	* NEWS, man/ru/login.defs.5, man/ru/passwd.1, man/ru/userdel.8, man/ru/usermod.8:
+	updated ru login.defs(5), passwd(1), userdel(8), usermod(8) man pages
+	(by Yuri Kozlov <kozlov.y@gmail.com>).
+
+	* NEWS, po/ru.po: updated (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+	* NEWS, po/pt.po: updated (by Miguel Figueiredo <elmig@debianpt.org>).
+
+2006-05-13  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, man/Makefile.am, man/ja/Attic/pw_auth.3, man/ja/Makefile.am, man/pl/Attic/pw_auth.3, man/pl/Makefile.am, man/ru/Attic/pw_auth.3, man/ru/Makefile.am:
+	pw_auth(3) man page removed (outdated).
+
+	* man/Makefile.am, man/fr/Makefile.am, man/it/Makefile.am, man/ja/Makefile.am, man/pl/Makefile.am, man/ru/Makefile.am, NEWS, autogen.sh:
+	install limits(5), login.access(5) and porttime(5) man pages only when
+	shadow is builded with PAM support disabled.
+
+	* NEWS: cleanups.
+
+	* autogen.sh:
+	by default in development enviroment use CFLAGS="-O2 -Wall".
+
+	* src/chgpasswd.c (main): remove two unused variables (newgr and now).
+
+	* src/userdel.c (main): removed unused arg variable.
+
+	* libmisc/setupenv.c (setup_env):
+	move *cp varable to #ifndef PAM part (fixed compilation
+	warning about unused variable).
+
+	* lib/getdef.c: now GETPASS_ASTERISKS is SKEY #define dependent.
+
+	* configure.in, NEWS, lib/Attic/getpass.c, lib/pwauth.c:
+	by default do not use libshadow_getpass() as getpass() replacemement.
+	Use libshadow_getpass() only when S/KEY support is enabled.
+	Current glibc getpass() handles correctly longer than 8 characters
+	passwords and libshadow_getpass() is used only because libc getpass()
+	do not handles password prompting with echo enabled.
+
+	* src/sulogin.c: break long line.
+
+	* lib/pwauth.c:
+	added #include <unistd.h> and remove localy defined getpass() prototype.
+
+2006-05-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Makefile.am: removed dupplicated sulogin.8.xml from EXTRA_DIST.
+
+	* man/Attic/pw_auth.3.xml, man/Makefile.am: remove pw_auth(3) man page.
+
+	* NEWS, lib/getdef.c: move login.defs::MD5_CRYPT_ENAB to non-PAM part.
+
+	* po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/userdel.c, po/bs.po:
+	typo (s/removel/removal/)
+
+2006-05-11  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/userdel.8.xml:
+	updated (after add getopt_log() support for userdel).
+
+	* po/pl.po: updated.
+
+	* po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/userdel.c, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po:
+	userdel rewrited for use getopt_log().
+
+	* po/pl.po: cleanups.
+
+	* etc/pam.d/Makefile.am, etc/pam.d/chgpasswd: new file.
+
+2006-05-09  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/da.po:
+	updated (by Claus Hindsgaul <claus.hindsgaul@gmail.com>).
+
+2006-05-08  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/sv.po: updated (by Daniel Nylander <yeager@lidkoping.net>).
+
+	* NEWS, configure.in, etc/Makefile.am, etc/pam.d/Makefile.am:
+	install default/template configuration files:
+	- if shadow is configured with use PAM install /etc/pam.d/* files,
+	- if shadow do not uses PAM install /etc/{limits,login.acces} files,
+	- install /etc/login.defs and /etc/default/useradd files.
+
+	COMMENT: it is possible to extend this for install above files for specified
+	distribution. For example: if exist /etc/fedora-release install Fedora specyfic
+	default configuration files and this files can be distributed in dist tar ball.
+
+	* NEWS, po/gl.po: updated (by Jacobo Tarrio <jtarrio@trasno.net>).
+
+2006-05-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/fr.po:
+	updated (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+	* NEWS, lib/commonio.c:
+	fixed handle relative symlinks too in lib/commonio.c (merge patch from Fedora).
+
+	* NEWS, lib/nscd.c: properly notify nscd to flush its cache
+	(https://bugzilla.redhat.com/bugzilla/186803).
+
+	* NEWS, libmisc/copydir.c (copy_tree):
+	fixes for verify return values mkdir() and chown()
+	on copy files (merge 482_libmisc_copydir_check_return_values Debian patch).
+
+	* po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/chfn.c, src/chsh.c, src/grpck.c, src/login.c, src/pwck.c, src/useradd.c, src/usermod.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po:
+	use '%s' cytation instead `%s'.
+
+	* NEWS, src/su.c:
+	reverte http://bugs.debian.org/276419 (this is Debian specyfic).
+
+	* libmisc/setupenv.c, libmisc/sub.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/chfn.c:
+	use '%s' cytation instead \"%s\".
+
+	* po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, src/grpck.c:
+	typo.
+
+	* po/pl.po: updated.
+
+	* NEWS, libmisc/setupenv.c (setup_env):
+	export MAIL only when MAIL_CHECK_ENAB is enabled
+	(Mike Frysinger <vapier@gentoo.org>).
+
+	* po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/hu.po, po/id.po, po/it.po, src/grpck.c, src/pwck.c:
+	warn when the members of a group differ in /etc/groups and /etc/gshadow
+	(fixed http://bugs.debian.org/75181).
+
+	* NEWS, src/su.c:
+	concatenate the non-su arguments and provide them to the shell with
+	the -c option (fixes for http://bugs.debian.org/317264 and
+	http://bugs.debian.org/276419).
+
+2006-05-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, man/passwd.1.xml:
+	better document how password strength is checked (fixed http://bugs.debian.org/115380).
+
+2006-04-28  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, man/usermod.8.xml:
+	added missing -a option description (by Christian Perrier <bubulle@debian.org>).
+
+2006-04-24  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, man/hu/chsh.1, man/hu/login.1, man/hu/newgrp.1:
+	fixed typos (by Koblinger Egmont <egmont@uhulinux.hu>).
+
+2006-04-16  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/LINGUAS, po/hu.po:
+	new hu translation (by SZERV�C Attila <sas@321.hu>).
+
+2006-04-08  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/userdel.8.xml:
+	minior fixes for the note under the -f option (Mike Frysinger <vapier@gentoo.org>).
+
+2006-04-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/id.po: updatd (by Parlin Imanuel <pimanuel@gmail.com>).
+
+2006-04-01  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/su.c: indent code.
+
+	* NEWS, src/su.c:
+	fixed exit with a status 0 when the invoked command is terminated
+	by a signal which was not catched
+	(fixed by Eero Häkkinen <eero17@bigfoot.com>)
+
+	* README:
+	simple patch to fixup grammar and Gentoo distfile URL (by Mike Frysinger <vapier@gentoo.org>).
+
+2006-03-31  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/pw_auth.3.xml, man/chage.1.xml, man/chfn.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newgrp.1.xml, man/newusers.8.xml, man/nologin.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/sg.1.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml:
+	removed <!DOCTYPE> tag (require strict DocBook XML V4.3//EN DTD isn't neccessary).
+
+	* NEWS, src/login.c:
+	cancel login timeout after authentication so that patient people
+	timing out on network directory services can log in with local
+	accounts (http://bugs.debian.org/107148).
+
+	* man/fr/login.defs.5, man/ja/login.defs.5, man/pl/useradd.8, man/ru/login.defs.5:
+	remove CREATE_HOME.
+
+	* NEWS, man/login.defs.5.xml:
+	CREATE_HOME is not supported by useradd (patch by Mike Frysinger <vapier@gentoo.org>).
+
+2006-03-29  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/nl.po:
+	s/wachtwoord is mes succes aangepast/wachtwoord is met succes aangepast/
+	(typo reported by Wim De Smet <wdesmet@yucom.be>).
+
+2006-03-26  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/passwd.c:
+	removed GPASSWD_PROGRAM, CHFN_PROGRAM CHFN_PROGRAM #defines (not used now).
+
+	* NEWS, man/Makefile.am, man/chgpasswd.8.xml:
+	chgpasswd(8): new man page.
+
+2006-03-24  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/vigr.8, man/Attic/vipw.8, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/getspnam.3, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/grpconv.8, man/Attic/grpunconv.8, man/Attic/gshadow.5, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/nologin.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/pwunconv.8, man/Attic/sg.1, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8:
+	remove english roff man pages from repo.
+
+2006-03-23  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, src/chgpasswd.c:
+	fixes for build correctly with --disable-shadowgrp
+	(patch by Johannes Winkelmann <jw@tks6.net>)
+
+2006-03-22  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/chage.1: fixed typo.
+
+2006-03-13  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/it.po:
+	updated for 4.0.15 (by Danilo Piazzalunga <danilopiazza@gmail.com>).
+
+2006-03-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/nb.po:
+	updated for 4.0.15 (by Bjørn Steensrud <bjornst@powertech.no>).
+
+	* po/pt.po:
+	updated for 4.0.15 (by Miguel Figueiredo <mfigueiredo@gmail.com>).
+
+	* man/Makefile.am, NEWS, configure.in:
+	do not install translated man pages if shadow is configured with --disable-nls
+	(based patch submited by Mike Frysinger <vapier@gentoo.org>).
+
+	* NEWS, po/pt_BR.po:
+	updated for 4.0.15 (by Andre Luis Lopes <andrelop@debian.org>).
+
+	* po/fr.po:
+	updated for 4.0.15 (by Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>).
+
+2006-03-11  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, configure.in, lib/pwauth.c:
+	added fixes for detect BSD's S/Key with updated the skeychallenge() function
+	for take a fourth argument in case BSD version
+	(patch submited by Mike Frysinger <vapier@gentoo.org>)
+
+	* README: added paragragraph about S/Key support.
+
+	* po/sk.po: updated for 4.0.15 (by Peter Mann <Peter.Mann@tuke.sk>).
+
+	* NEWS: newgrp: do not link with libselinux.
+
+	* NEWS, po/zh_CN.po:
+	updated for 4.0.15 (by Carlos Z.F. Liu <carlosliu@users.sourceforge.net>).
+
+	* po/ru.po: updated for 4.0.15 (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+	* src/Makefile.am:
+	removed $(LIBSELINUX) from newgrp_LDADD (newgrp does not need to be linked
+	with SELinux libraries).
+
+	* man/ru/Attic/pw_auth.3, man/ru/chsh.1, man/ru/expiry.1, man/ru/faillog.5, man/ru/faillog.8, man/ru/gpasswd.1, man/ru/groupadd.8, man/ru/groupdel.8, man/ru/groupmems.8, man/ru/groupmod.8, man/ru/groups.1, man/ru/grpck.8, man/ru/gshadow.5, man/ru/id.1, man/ru/lastlog.8, man/ru/limits.5, man/ru/login.1, man/ru/login.access.5, man/ru/login.defs.5, man/ru/logoutd.8, man/ru/newgrp.1, man/ru/newusers.8, man/ru/nologin.8, man/ru/passwd.1, man/ru/passwd.5, man/ru/porttime.5, man/ru/pwck.8, man/ru/pwconv.8, man/ru/sg.1, man/ru/shadow.3, man/ru/shadow.5, man/ru/su.1, man/ru/suauth.5, man/ru/sulogin.8, man/ru/useradd.8, man/ru/userdel.8, man/ru/usermod.8, man/ru/vipw.8, NEWS, man/ru/Makefile.am, man/ru/chage.1, man/ru/chfn.1, man/ru/chpasswd.8:
+	ru man pages: added new nologin(8) and updated all other man pages
+	(by Yuri Kozlov <kozlov.y@gmail.com>).
+
+2006-03-09  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/nl.po:
+	updated for 4.0.15 (by cobaco (aka Bart Cornelis) <cobaco@linux.be>).
+
+	* po/vi.po:
+	updated for 4.0.15 (by Clytie Siddall <clytie@riverland.net.au>).
+
+	* po/sv.po:
+	updated for 4.0.15 (by Daniel Nylander <po@danielnylander.se>).
+
+2006-03-08  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/eu.po: updated for 4.0.15 (by pi <pi@beobide.net>).
+
+	* po/ro.po: cleanups.
+
+	* NEWS, po/tl.po:
+	updated for 4.0.15 (by Eric Pareja <xenos@upm.edu.ph>).
+
+	* po/ro.po: updated for 4.0.15 (by Sorin B. <sorin@bonbon.net>).
+
+	* NEWS, po/es.po:
+	updated for 4.0.15 (by Ruben Porras <nahoo82@gmail.com>).
+
+2006-03-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/da.po:
+	updated for 4.0.15 (by Claus Hindsgaul <claus.hindsgaul@gmail.com>).
+
+	* NEWS, man/fi/chsh.1, man/fi/su.1:
+	update fi chsh(1), su(1) man pages generated from XML files
+	(Tommi Vainikainen <thv+debian@iki.fi>).
+
+	* NEWS, po/fi.po:
+	updated for 4.0.15 (by Tommi Vainikainen <thv+debian@iki.fi>).
+
+	* NEWS, po/cs.po:
+	updated for 4.0.15 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+	* NEWS, man/cs/Makefile.am, man/cs/expiry.1, man/cs/faillog.5, man/cs/faillog.8, man/cs/gpasswd.1, man/cs/groupadd.8, man/cs/groupdel.8, man/cs/logoutd.8, man/cs/nologin.8, man/cs/vipw.8:
+	added new cs man pages: expiry(1), faillog(5), faillog(8), gpasswd(1),
+	groupadd(8), groupdel(8), logoutd(8), nologin(8), vipw(8).
+
+	* NEWS: typo.
+
+	* src/useradd.c, NEWS, lib/getdef.h, man/Attic/login.defs.5, man/login.defs.5.xml, src/login.c, src/newusers.c:
+	default UMASK if not specified in login.defs is 022.
+
+2006-03-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/pl.po: updated for 4.0.15.
+
+	* NEWS, po/gl.po:
+	updated for 4.0.15 (by Jacobo Tarrio <jtarrio@trasno.net>).
+
+	* NEWS, configure.in: schedule release 4.0.15 to 13-03-2006.
+
+2006-03-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: typo (s/onas Meurer/Jonas Meurer/)
+
+	* src/.cvsignore: added chgpasswd.
+
+	* po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/Makefile.am, src/chgpasswd.c, NEWS, po/POTFILES.in, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po:
+	chgpasswd: new tool (by Jonas Meurer <mejo@debian.org>).
+
+	* src/lastlog.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po:
+	s/Unexpected/unexpected/
+
+	* po/fr.po, po/gl.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/lastlog.c, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po:
+	print the usage and exit if an additional argument is profided to
+	lastlog (merge 488_laslog_verify_arguments Debian patch).
+
+2006-03-02  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/chpasswd.8, man/chpasswd.8.xml:
+	fixed CAVEATS section (by Justin Pryzby <justinpryzby@users.sourceforge.net>)
+
+2006-02-28  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/passwd.1, man/passwd.1.xml:
+	fixed SYNOPSIS section (http://bugs.debian.org/352136).
+
+2006-02-23  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/ro.po: updated (by Sorin Batariuc <sorin@bonbon.net>).
+
+2006-02-21  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, lib/Makefile.am, src/Makefile.am:
+	login, nologin, su: do not link with libselinux
+	(merge 490_link_selinux_only_when_needed Debian patch).
+
+	* NEWS, src/chage.c, src/chfn.c, src/chsh.c, src/passwd.c:
+	fixed confusing error message if /proc is not mounted
+	(http://bugs.debian.org/352494
+	patch Nicolas François <nicolas.francois@centraliens.net>)
+
+	* po/ro.po:
+	updated (commited http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=347755).
+
+	* NEWS, po/ca.po: updated (by Jordi Mallach <jordi@debian.org>).
+
+2006-02-20  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/gpasswd.1.xml, man/passwd.1.xml, man/passwd.5.xml, man/pwck.8.xml, man/sg.1.xml, man/useradd.8.xml:
+	cleanups.
+
+	* po/gl.po: updated (Jacobo Tarrio <jtarrio@trasno.net>).
+
+	* NEWS, po/pt.po:
+	updated (by Miguel Figueiredo <mfigueiredo@gmail.com>).
+
+2006-02-15  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/it.po:
+	update (by Danilo Piazzalunga <danilopiazza@gmail.com>).
+
+	* po/vi.po: update (by Clytie Siddall <clytie@riverland.net.au>).
+
+	* po/sv.po: updated (by Daniel Nylander <yeager@lidkoping.net>).
+
+2006-02-09  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/fr.po: updated (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+	* po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po:
+	run "make update-po".
+
+	* po/pl.po: updated.
+
+	* po/sk.po: updated (by Peter Mann <Peter.Mann@tuke.sk>).
+
+	* po/eu.po: update (by ^pi^ <pi@beobide.net>).
+
+2006-02-08  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, src/login.c:
+	merge 433_login_more_LOG_UNKFAIL_ENAB Debian patch:
+	- TOO MANY LOGIN... logged if PAM_MAXTRIES or failcount >= retries
+	  (was onl test PAM_MAXTRIES),
+	- print to stderr (in addition to syslog) in case of maximum number of
+	  tries exceeded,
+	- always prints the number of tries in the syslog entry.
+	- add special handling for PAM_ABORT
+	- add an entry to failog, as when USE_PAM is not defined. (#53164)
+	- changed pam_end to PAM_END. This is certainly was a mistake.
+	  PAM_END is pam_close_seesion + pam_end. Here, the session is still not
+	  open, we don't have to close it.
+	- a HAVE_PAM_FAIL_DELAY is missing
+
+	* po/ro.po: kill one fuzzy.
+
+	* po/ro.po, NEWS: updated (by Sorin B. <sorin@bonbon.net>).
+
+	* src/gpasswd.c: s/die/catch_signals/
+
+	* src/expiry.c, src/sulogin.c: s/catch/catch_signals/
+
+	* src/su.c: /su_catch_sig/chatch_signals/
+
+2006-02-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/id.c, src/groups.c, libmisc/getdate.y: lint code using CC=g++.
+
+	* NEWS, src/su.c:
+	fixed pam session support (patch from Topi Miettinen; fixed #57526, #55873,
+	#57532 Debian bugs).
+
+	* NEWS:
+	fixed pam session support (patch from Topi Miettinen; fixed #57526,
+	#55873, #57532 Debian bugs).
+
+	* NEWS, src/userdel.c:
+	user's group is already removed by update_groups(). remove_group()
+	is not needed (bug introduced in 4.0.14 on merge FC fixes). Fixed by Nicolas
+	François <nicolas.francois@centraliens.net>
+
+	* NEWS, src/useradd.c: allways remove group and gshadow databases lock,
+	Fixed by Nicolas François <nicolas.francois@centraliens.net>
+	(http://bugs.debian.org/348250)
+
+	* NEWS, src/userdel.c: fixed excess audit_logger() argument.
+
+	* NEWS, lib/prototypes.h:
+	corrected prototypes in lib/prototypes.h (thre is no audit_help_log(); added
+	audit_logger() prototype).
+
+	* src/login.c: fixed missing ";" in declaration.
+
+	* man/Attic/limits.5, man/limits.5.xml:
+	fixed example limits string (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+2006-02-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/chage.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/gl.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po:
+	added missing \n on display password status if password must be chaged.
+
+2006-02-04  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/useradd.c, NEWS:
+	fixed allow non-unique UID (http://bugs.debian.org/351281).
+
+2006-02-01  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/cs.po: updated (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+2006-01-27  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/vi.po:
+	updated (by Clytie Siddall <clytie@riverland.net.au>).
+
+2006-01-26  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/fr.po:
+	typo (fixed by Christian Perrier <bubulle@kheops.frmug.org>).
+
+	* po/sk.po: updated (by Peter Mann <Peter.Mann@tuke.sk>).
+
+2006-01-25  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/grpck.8, man/pl/login.defs.5, man/pl/passwd.1, man/pl/pwck.8, man/de/passwd.1, man/es/login.1, man/es/vipw.8, man/fi/passwd.1, man/hu/passwd.1, man/id/login.1, man/it/grpck.8, man/it/pwck.8, man/ja/grpck.8, man/ja/passwd.1, man/ja/pwck.8, man/ko/login.1, man/ko/su.1:
+	fixes some issues that cause warnings when the manpages are
+	displayed (by Nicolas François <nicolas.francois@centraliens.net>).
+
+2006-01-23  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/eu.po: updated (by pi <pi@beobide.net>).
+
+	* libmisc/addgrps.c, libmisc/xmalloc.c, src/groups.c:
+	fixes after linting code using CC=g++: cast {m,re}alloc() return value to
+	proper type.
+
+2006-01-22  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/chage.1, man/Attic/passwd.5, man/Attic/su.1, man/Attic/useradd.8, man/chage.1.xml, man/passwd.5.xml, man/su.1.xml, man/useradd.8.xml:
+	uniformity and grammar fixes (by Christine Spang <spangarang@twcny.rr.com>).
+
+	* NEWS, po/ru.po: updated (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+2006-01-20  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/fr.po, NEWS:
+	updated (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+2006-01-18  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, libmisc/setupenv.c, src/chage.c, src/chsh.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, src/login.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/usermod.c, src/vipw.c:
+	variouse code cleanups for make possible compilation of shadow with
+	-Wall -Werror (by Alexander Gattin <xrgtn@yandex.ru>).
+
+	* libmisc/age.c, libmisc/shell.c, src/login.c, src/newgrp.c, src/su.c, src/sulogin.c, src/userdel.c, NEWS, lib/prototypes.h:
+	move exit() outside libmisc/shell.c::shell() for handle shell() errors
+	on higher level (now is better visable where some programs exit with 126 and
+	127 exit codes); added new shell() parameter (char *const envp[]) which allow
+	fix preserving enviloment in su on using -p.
+	(patch by Alexander Gattin <xrgtn@yandex.ru>)
+
+	* NEWS, po/el.po:
+	updated (by Konstantinos Margaritis <markos@debian.org>).
+
+2006-01-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* lib/exitcodes.h: new #defines:
+	#define E_CMD_NOEXEC           126     /* can't run command/shell */
+	#define E_CMD_NOTFOUND         127     /* can't find command/shell to run */
+
+2006-01-16  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/passwd.1, man/passwd.1.xml:
+	fixes after reviewed for grammatical and other small errors that detract from the
+	polish of the content to native English speakers.
+	I also went ahead and changed all gender references to be a consistent
+	"his/her" (or equivalent) - the original had a mix of just "his", just
+	"her", and occasionally "his/her".
+	(by Christine Spang <spangarang@twcny.rr.com>).
+
+	* po/it.po: updated (by Danilo Piazzalunga <danilopiazza@gmail.com>).
+
+2006-01-14  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: updated.
+
+	* libmisc/shell.c: remove DEBUG code.
+
+	* po/LINGUAS, po/gl.po, NEWS:
+	added new gl translation (by Jacobo Tarrio <jtarrio@trasno.net>).
+
+2006-01-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/eu.po: small update (by pi <pi@beobide.net>).
+
+2006-01-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/su.c: fixed compilation error.
+
+2006-01-08  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/sv.po: updated (by Daniel Nylander <yeager@lidkoping.net>)
+	http://bugs.debian.org/346449
+
+2006-01-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, man/Attic/useradd.8, man/useradd.8.xml:
+	better document useradd -d option: will not add the user's home directory
+	if it does not already exist (http://bugs.debian.org/154996)
+
+	* man/Attic/su.1, man/su.1.xml, po/zh_CN.po, po/zh_TW.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, src/su.c:
+	added handle -c,--command option for GNU su compliance (merge
+	437_su_-c_option Debian Patch).
+
+	* man/Attic/login.1, man/Attic/passwd.1, man/Attic/su.1, man/login.1.xml, man/passwd.1.xml, man/su.1.xml:
+	man pages cleanups.
+	(http://bugs.debian.org/341489)
+
+	* NEWS, man/Attic/nologin.8, man/Makefile.am, man/nologin.8.xml:
+	nologin(8) man pages added (merge 478_nologin.8.xml Debian patch).
+
+	* po/sk.po: updated (by Peter Mann <Peter.Mann@tuke.sk>)
+	http://bugs.debian.org/346376
+
+2006-01-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/id.po: updated (by Parlin Imanuel <parlin_i@yahoo.com>)
+	http://bugs.debian.org/345514
+
+	* NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/login.c:
+	added translate login prompt string (suggested by Evgeniy Dushistov).
+
+2006-01-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, configure.in: start work on 4.1.0.
+
+	* po/sv.po: updated (by Daniel Nylander <yeager@lidkoping.net>).
+	http://bugs.debian.org/346017
+
+2006-01-03  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: correct 4.0.14 release date (03-01-2006).
+
+	* src/Makefile.am: reverte install nologin in sbindir and use usbindir.
+
+	* po/POTFILES.in: removed src/chsh_chkshell.c.
+
+	* lib/prototypes.h: remove grdbm.c prototypes.
+
+	* lib/prototypes.h, src/Attic/chsh_chkshell.c, src/Makefile.am, src/chsh.c:
+	move check_shell() from src/chsh_chkshell.c to src/chsh.c.
+
+	* configure.in:
+	s/libpam_misc is missing/libpam_misc is missing for enable PAM support/
+
+2006-01-02  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* etc/pam.d/.cvsignore: added.
+
+	* src/su.c: indent code.
+
+	* src/su.c:
+	without it, $(su - user -c "echo \$SHELL") wont return the good value, but
+	$(su user -c "echo \$SHELL") will.
+	I think LOGNAME can also be set (this is done in setup_env, in the
+	fakelogin case).
+	(by Nicolas François <nicolas.francois@centraliens.net>)
+
+	* src/su.c:
+	simplifies how -p is handled (at least for its documentation).
+	(by Nicolas François <nicolas.francois@centraliens.net>)
+
+	* src/su.c: fixes "su - -- root" or "su - root -- -c" (it is needed if
+	the second patch is applied).
+	(by Nicolas François <nicolas.francois@centraliens.net>)
+
+	* src/su.c:
+	This second patch changes the way options are handled by getopt. Once a
+	non-su option is found, the getopt processing is stopped.
+	Whithout this patch, "su root -c ls" won't work (getopt will complain that
+	-c is not an su option).
+	(by Nicolas François <nicolas.francois@centraliens.net>).
+
+	* etc/pam.d/chage, etc/pam.d/chfn, etc/pam.d/chpasswd, etc/pam.d/chsh, etc/pam.d/groupadd, etc/pam.d/groupdel, etc/pam.d/groupmod, etc/pam.d/login, etc/pam.d/newusers, etc/pam.d/passwd, etc/pam.d/su, etc/pam.d/useradd, etc/pam.d/userdel, etc/pam.d/usermod:
+	prepare for use on Fedora Core.
+
+	* po/cs.po, po/pl.po: run "make update-po".
+
+	* src/Makefile.am: move nologin to sbindir.
+
+	* man/Attic/groupadd.8, man/groupadd.8.xml: s/gid/GID/
+
+	* man/Attic/lastlog.8, man/Attic/useradd.8, man/lastlog.8.xml, man/useradd.8.xml:
+	s/uid/UID/
+
+2005-12-30  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/tl.po: updated for 4.0.14 (by Eric Pareja <xenos@upm.edu.ph>).
+
+2005-12-27  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/ca.po:
+	updated for 4.0.14 (by Guillem Jover <guillem@debian.org>).
+
+2005-12-24  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/el.po:
+	updated for 4.0.14 (by Konstantinos Margaritis <markos@debian.org>).
+
+2005-12-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* doc/.cvsignore, etc/.cvsignore, lib/.cvsignore, po/.cvsignore, src/.cvsignore, .cvsignore, contrib/.cvsignore:
+	added a lot of generated files they are not listed in .cvsignore files
+	(by Danilo Piazzalunga <danilopiazza@gmail.com>).
+
+	* src/su.c:
+	fixed some comments and replace getuid() by !amroot. This removes a system
+	call and may be more readable (Nicolas François <nicolas.francois@centraliens.net>).
+
+	* man/Attic/su.1, man/su.1.xml:
+	added forgoten the SHELL argument description (by Nicolas François <nicolas.francois@centraliens.net>).
+
+	* man/Attic/useradd.8, man/useradd.8.xml:
+	s/group/user/ (cached by Nicolas François).
+
+2005-12-16  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/ko/vigr.8: added.
+
+	* po/it.po:
+	updated for 4.0.14 (by Danilo Piazzalunga <danilopiazza@gmail.com>).
+
+2005-12-15  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/pt.po:
+	updated for 4.0.14 (by Miguel Figueiredo <mfigueiredo@gmail.com>).
+
+	* src/useradd.c:
+	s/grp_update/grp_add/ in comment (by Nicolas François <nicolas.francois@centraliens.net>).
+
+	* man/Attic/login.1, man/login.1.xml:
+	added use <envar></envar> tags instead <emphasis></emphasis>.
+
+	* man/Attic/su.1, man/su.1.xml: added use <envar></envar>.
+
+	* man/Attic/su.1, man/su.1.xml:
+	updated man page after change su for use getopt_long()
+	(by Nicolas François <nicolas.francois@centraliens.net>)
+
+2005-12-14  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/fi.po:
+	updated for 4.0.14 (by Tommi Vainikainen <thv+debian@iki.fi>).
+
+	* po/ru.po: updated for 4.0.14 (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+	* man/ru/login.1, man/ru/passwd.1, man/ru/pwck.8, man/ru/vipw.8:
+	updated (by Yuri Kozlov <kozlov.y@gmail.com>_.
+
+	* doc/Attic/README.linux, doc/Makefile.am: removed.
+
+	* README, doc/Attic/README.linux:
+	move contributors list from doc/README.linux to README.
+
+	* doc/Attic/LSM, doc/Attic/README, doc/Makefile.am:
+	removed (outdated content).
+
+	* NEWS, po/cs.po:
+	updated cs.po for 4.0.14 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+	* po/pl.po: updated.
+
+	* po/fr.po:
+	kill one fuzzy (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+	* NEWS, po/da.po:
+	updated da.po for 4.0.14 (by Claus Hindsgaul <claus_h@image.dk>).
+
+	* po/eu.po: updated for 4.0.14 (by pi <pi@beobide.net>).
+
+	* NEWS, po/vi.po:
+	updated vi.po fo 4.0.14 (by Clytie Siddall <clytie@riverland.net.au>).
+
+2005-12-13  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: set release day for 4.0.14 to 19-12-2005.
+
+	* src/login.c:
+	removed #include "libaudit.h" (it is conditionaly included in "defines.h").
+
+	* src/su.c:
+	replaced "shell" by "shellstr". "shell" is also the name of a function.
+	(Nicolas François <nicolas.francois@centraliens.net>).
+
+	* src/vipw.c: - added missing break in case 'q'.
+
+	* NEWS, man/es/Makefile.am, man/es/vigr.8, man/es/vipw.8, man/hu/Makefile.am, man/hu/lastlog.8, man/ko/Makefile.am, man/ko/vipw.8, man/zh_CN/Makefile.am, man/zh_CN/su.1, man/zh_TW/Makefile.am, man/zh_TW/chpasswd.8, man/zh_TW/su.1:
+	added es, ko vigr(8) and vipw(8), hu lastlog(8), ko vipw(8), zh_CN su(1),
+	zh_TW chpasswd(8) and su(1),
+
+2005-12-11  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* doc/Attic/LICENSE, doc/Makefile.am, COPYING:
+	move doc/LICENSE to COPYING.
+
+	* doc/WISHLIST: remove some outdated/finished things.
+
+	* doc/Attic/README.nls, doc/Attic/README.pam, doc/Makefile.am: removed.
+
+2005-12-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po:
+	run "make update-po" (merge changes in su messages).
+
+	* NEWS, src/su.c:
+	added handle -s/--shell, -m/-p/preserve-environment options like GNU su
+	(based on patches from Debian submited by
+	Nicolas François <nicolas.francois@centraliens.net>)
+
+	* NEWS: updated.
+
+	* src/su.c:
+	added handle -s/--shell option like in GNU su (based on Debian patch sublmited
+	by Nicolas François <nicolas.francois@centraliens.net>).
+
+	* src/su.c:
+	make -, -l , --login option as no_argument (based on fix by Nicolas François).
+
+	* po/it.po:
+	cosmetic fixes (by Danilo Piazzalunga <danilopiazza@gmail.com>).
+
+2005-12-09  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/es/Makefile.am: s/patches/passwd/
+
+2005-12-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, configure.in, man/Makefile.am, man/tr/.cvsignore, man/tr/Makefile.am, man/tr/chage.1, man/tr/chfn.1, man/tr/groupadd.8, man/tr/groupdel.8, man/tr/groupmod.8, man/tr/login.1, man/tr/passwd.1, man/tr/passwd.5, man/tr/shadow.5, man/tr/su.1, man/tr/useradd.8, man/tr/userdel.8, man/tr/usermod.8:
+	added tr man pages.
+
+	* man/pt_BR/Makefile.am, man/pt_BR/passwd.5, man/zh_CN/Makefile.am, man/zh_CN/passwd.5, man/zh_TW/Makefile.am, man/zh_TW/passwd.5, NEWS, man/es/Makefile.am, man/es/passwd.5, man/hu/Makefile.am, man/hu/passwd.5:
+	added es, hu, pt_BR, zh_CN zh_TW translations passwd(5).
+
+	* man/Attic/id.1, man/Attic/pw_auth.3, man/Attic/sulogin.8:
+	regenerated.
+
+	* man/ko/Makefile.am: added su.1 to man_MANS.
+
+	* man/Makefile.am: reverte incorrect commit.
+
+	* man/Attic/pwconv.8, man/Attic/shadow.3, man/Attic/vipw.8, man/Makefile.am, man/fr/Makefile.am, man/fr/chage.1, man/fr/chfn.1, man/fr/chpasswd.8, man/fr/chsh.1, man/fr/expiry.1, man/fr/faillog.5, man/fr/faillog.8, man/fr/getspnam.3, man/fr/gpasswd.1, man/fr/groupadd.8, man/fr/groupdel.8, man/fr/groupmod.8, man/fr/groups.1, man/fr/grpck.8, man/fr/grpconv.8, man/fr/grpunconv.8, man/fr/gshadow.5, man/fr/lastlog.8, man/fr/limits.5, man/fr/login.1, man/fr/login.access.5, man/fr/login.defs.5, man/fr/logoutd.8, man/fr/newgrp.1, man/fr/newusers.8, man/fr/passwd.1, man/fr/passwd.5, man/fr/porttime.5, man/fr/pwck.8, man/fr/pwconv.8, man/fr/pwunconv.8, man/fr/sg.1, man/fr/shadow.3, man/fr/shadow.5, man/fr/su.1, man/fr/suauth.5, man/fr/useradd.8, man/fr/userdel.8, man/fr/usermod.8, man/fr/vigr.8, man/fr/vipw.8, NEWS:
+	added full set (up to date) fr man pages (by Nicolas François <nicolas.francois@centraliens.net>).
+
+2005-12-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/ca.po, po/cs.po, po/da.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/it.po, po/nl.po, po/ro.po, po/sk.po, po/sv.po:
+	cleanups.
+
+	* src/groupadd.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po:
+	s/--force /--force/
+
+	* po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/useradd.c:
+	s/--skel SKEL_DIR /--skel SKEL_DIR/
+
+	* po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/passwd.c, po/bs.po, po/ca.po, po/cs.po, po/da.po:
+	s/--delete /--delete/
+
+	* NEWS, po/ru.po:
+	updated ru translatios for 4.0.14 (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+	* po/eu.po: finish update for 4.0.14 (by pi <pi@beobide.net>).
+
+	* po/it.po:
+	updated for 4.0.14 (by Danilo Piazzalunga <danilopiazza@gmail.com>).
+
+2005-12-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/fr.po: updated (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+	* NEWS, po/eu.po: Basque translation updated (by pi <pi@beobide.net>).
+
+	* po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/su.c, src/usermod.c, po/bs.po:
+	s/LOGIN/login/ in usage() output.
+
+2005-12-03  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/vipw.c, NEWS, man/Attic/vipw.8, man/vipw.8.xml, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po:
+	rewrited vipw for use getopt_long().
+
+	* man/Attic/passwd.1, man/passwd.1.xml: cleanups.
+
+	* man/ko/Makefile.am: commented newgrp.1 (must be updated).
+
+2005-12-02  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Makefile.am: update-po target added.
+
+	* man/Attic/pwck.8, man/pwck.8.xml: document -q option.
+
+	* NEWS, lib/getdef.c:
+	$MAIL_FILE is used in userdel and usermod, $MD5_CRYPT_ENAB
+	is used by crypt_make_salt, which is used by chpasswd, gpasswd and newusers.
+	Both variables moved to PAM not dependent (447_missing_login.defs_variables
+	Debian patch).
+
+	* NEWS, src/su.c:
+	export $USER and $SHELL as well as $HOME (http://bugs.debian.org/11003 and
+	http://bugs.debian.org/11189).
+
+	* NEWS, man/Attic/login.1, man/login.1.xml:
+	document how to initiate a trusted path on linux
+	(http://bugs.debian.org/305600).
+
+	* NEWS, src/chage.c:
+	fix chage display when the last change field is set to 0.
+	This is consistent with PAM (merge 427_chage_expiry_0 Debian patch).
+
+2005-12-01  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* configure.in: added man/fi/Makefile to AC_CONFIG_FILES().
+
+	* man/zh_TW/chfn.1, man/zh_TW/chsh.1, man/zh_TW/groupadd.8, man/zh_TW/groupdel.8, man/zh_TW/groupmod.8, man/zh_TW/newgrp.1, man/zh_TW/useradd.8, man/zh_TW/userdel.8, man/zh_TW/usermod.8, man/pt_BR/gpasswd.1, man/pt_BR/groupadd.8, man/pt_BR/groupdel.8, man/pt_BR/groupmod.8, man/pt_BR/shadow.5, man/ru/Attic/pw_auth.3, man/ru/chage.1, man/ru/chfn.1, man/ru/chpasswd.8, man/ru/chsh.1, man/ru/expiry.1, man/ru/faillog.5, man/ru/faillog.8, man/ru/gpasswd.1, man/ru/groupadd.8, man/ru/groupdel.8, man/ru/groupmems.8, man/ru/groupmod.8, man/ru/groups.1, man/ru/grpck.8, man/ru/gshadow.5, man/ru/id.1, man/ru/lastlog.8, man/ru/limits.5, man/ru/login.1, man/ru/login.access.5, man/ru/login.defs.5, man/ru/logoutd.8, man/ru/newgrp.1, man/ru/newusers.8, man/ru/passwd.1, man/ru/passwd.5, man/ru/porttime.5, man/ru/pwck.8, man/ru/pwconv.8, man/ru/sg.1, man/ru/shadow.3, man/ru/shadow.5, man/ru/su.1, man/ru/suauth.5, man/ru/sulogin.8, man/ru/useradd.8, man/ru/userdel.8, man/ru/usermod.8, man/ru/vipw.8, man/zh_CN/chfn.1, man/zh_CN/chpasswd.8, man/zh_CN/chsh.1, man/zh_CN/groupadd.8, man/zh_CN/groupdel.8, man/zh_CN/groupmod.8, man/zh_CN/newgrp.1, man/zh_CN/useradd.8, man/zh_CN/userdel.8, man/zh_CN/usermod.8, man/ko/chfn.1, man/ko/chsh.1, man/ko/groups.1, man/ko/id.1, man/ko/login.1, man/ko/newgrp.1, man/ko/passwd.5, man/ko/su.1, man/pl/Attic/pw_auth.3, man/pl/chage.1, man/pl/chfn.1, man/pl/chpasswd.8, man/pl/chsh.1, man/pl/expiry.1, man/pl/faillog.5, man/pl/faillog.8, man/pl/gpasswd.1, man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmems.8, man/pl/groupmod.8, man/pl/groups.1, man/pl/grpck.8, man/pl/id.1, man/pl/lastlog.8, man/pl/limits.5, man/pl/login.1, man/pl/login.access.5, man/pl/login.defs.5, man/pl/logoutd.8, man/pl/newgrp.1, man/pl/newusers.8, man/pl/passwd.1, man/pl/passwd.5, man/pl/porttime.5, man/pl/pwck.8, man/pl/pwconv.8, man/pl/shadow.3, man/pl/shadow.5, man/pl/su.1, man/pl/suauth.5, man/pl/sulogin.8, man/pl/useradd.8, man/pl/userdel.8, man/pl/usermod.8, man/pl/vipw.8, man/it/chage.1, man/it/chfn.1, man/it/chpasswd.8, man/it/chsh.1, man/it/expiry.1, man/it/faillog.5, man/it/faillog.8, man/it/gpasswd.1, man/it/groupadd.8, man/it/groupdel.8, man/it/groupmod.8, man/it/groups.1, man/it/grpck.8, man/it/id.1, man/it/lastlog.8, man/it/login.1, man/it/newgrp.1, man/it/newusers.8, man/it/passwd.1, man/it/passwd.5, man/it/porttime.5, man/it/pwck.8, man/it/pwconv.8, man/it/shadow.3, man/it/shadow.5, man/it/su.1, man/it/useradd.8, man/it/userdel.8, man/it/usermod.8, man/ja/Attic/pw_auth.3, man/ja/chage.1, man/ja/chfn.1, man/ja/chpasswd.8, man/ja/chsh.1, man/ja/expiry.1, man/ja/faillog.5, man/ja/faillog.8, man/ja/gpasswd.1, man/ja/groupadd.8, man/ja/groupdel.8, man/ja/groupmod.8, man/ja/groups.1, man/ja/grpck.8, man/ja/id.1, man/ja/lastlog.8, man/ja/limits.5, man/ja/login.1, man/ja/login.access.5, man/ja/login.defs.5, man/ja/logoutd.8, man/ja/newgrp.1, man/ja/newusers.8, man/ja/passwd.1, man/ja/passwd.5, man/ja/porttime.5, man/ja/pwck.8, man/ja/pwconv.8, man/ja/shadow.3, man/ja/shadow.5, man/ja/su.1, man/ja/suauth.5, man/ja/sulogin.8, man/ja/useradd.8, man/ja/userdel.8, man/ja/usermod.8, man/ja/vipw.8, man/de/chfn.1, man/de/chsh.1, man/de/groups.1, man/de/login.1, man/de/newgrp.1, man/de/passwd.1, man/de/passwd.5, man/de/su.1, man/de/vipw.8, man/es/login.1, man/es/newgrp.1, man/es/passwd.1, man/es/su.1, man/fi/chfn.1, man/fi/chsh.1, man/fi/passwd.1, man/fr/chage.1, man/fr/chpasswd.8, man/fr/chsh.1, man/fr/faillog.5, man/fr/gpasswd.1, man/fr/groups.1, man/fr/id.1, man/fr/newgrp.1, man/fr/passwd.1, man/fr/passwd.5, man/fr/shadow.5, man/fr/su.1, man/fr/useradd.8, man/fr/userdel.8, man/fr/usermod.8, man/hu/chfn.1, man/hu/chsh.1, man/hu/gpasswd.1, man/hu/groups.1, man/hu/id.1, man/hu/login.1, man/hu/newgrp.1, man/hu/passwd.1, man/hu/su.1, NEWS, man/cs/groups.1, man/cs/id.1, man/cs/lastlog.8, man/cs/passwd.5, man/cs/shadow.5, man/cs/su.1:
+	convert all translated man pages to UFT-8.
+
+	* NEWS, src/userdel.c:
+	fix incorrect audit record in userdel (https://bugzilla.redhat.com/bugzilla/174392).
+
+	* po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, src/passwd.c:
+	s/--all /--all/
+
+	* po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po:
+	update by some informations about translators (by Christian Perrier) and run "make update-po".
+
+2005-11-30  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, src/su.c:
+	if an password is expired, su should propose to change this password
+	(fixed http://bugs.debian.org/321384).
+
+	* src/Makefile.am, src/login.c, NEWS:
+	added auditing support (based on Fedora patch for login from util-linux).
+
+	* src/useradd.c: remove use rflg.
+
+	* man/ru/Makefile.am: typo.
+
+	* po/pl.po: partialy updated.
+
+	* po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po:
+	run "make update-po".
+
+	* NEWS, src/useradd.c: merge PUG fixes from RedHat patch.
+
+2005-11-29  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/it.po:
+	updated (by Danilo Piazzalunga <danilopiazza@gmail.com>).
+
+	* man/ru/pwconv.8, man/ru/pwunconv.8, man/ru/sg.1, man/ru/shadow.3, man/ru/shadow.5, man/ru/su.1, man/ru/suauth.5, man/ru/sulogin.8, man/ru/useradd.8, man/ru/userdel.8, man/ru/usermod.8, man/ru/vigr.8, man/ru/vipw.8, NEWS, man/ru/Attic/pw_auth.3, man/ru/Makefile.am, man/ru/chage.1, man/ru/chfn.1, man/ru/chpasswd.8, man/ru/chsh.1, man/ru/expiry.1, man/ru/faillog.5, man/ru/faillog.8, man/ru/getspnam.3, man/ru/gpasswd.1, man/ru/groupadd.8, man/ru/groupdel.8, man/ru/groupmems.8, man/ru/groupmod.8, man/ru/groups.1, man/ru/grpck.8, man/ru/grpconv.8, man/ru/grpunconv.8, man/ru/gshadow.5, man/ru/id.1, man/ru/lastlog.8, man/ru/limits.5, man/ru/login.1, man/ru/login.access.5, man/ru/login.defs.5, man/ru/logoutd.8, man/ru/newgrp.1, man/ru/newusers.8, man/ru/passwd.1, man/ru/passwd.5, man/ru/porttime.5, man/ru/pwck.8:
+	added full set of ru man pages (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+2005-11-25  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, src/Makefile.am, src/nologin.c: added nologin program.
+
+	* NEWS, src/su.c: rewrited for use getopt_long().
+
+2005-11-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/zh_CN.po: updated (by Ming Hua <minghua@rice.edu>).
+
+2005-11-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/usermod.8, man/usermod.8.xml:
+	rewrited for document long options.
+
+	* NEWS, src/vipw.c:
+	added a "quiet" mode (http://bugs.debian.org/190252.
+
+	* po/de.po:
+	fixed wrong translation in german po file (http://bugs.debian.org/338373
+	by Nico Golde <nico@ngolde.de>).
+
+	* NEWS, man/Makefile.am, man/fi/.cvsignore, man/fi/Makefile.am, man/fi/chfn.1, man/fi/chsh.1, man/fi/passwd.1, man/fi/su.1:
+	added fi chfn(1), chsh(1), passwd(1), su(1).
+
+	* NEWS, man/it/Makefile.am, man/it/newusers.8: added it newusers(8).
+
+	* NEWS, po/fr.po:
+	updated (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+2005-11-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, src/Makefile.am, src/newgrp.c:
+	added auditing support for newgrp (by Steve Grubb <sgrubb@redhat.com>).
+
+	* NEWS, configure.in, libmisc/audit_help.c:
+	switch over to a new logging function (by Steve Grubb <sgrubb@redhat.com>).
+
+	* README: typo.
+
+2005-11-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/ru.po: updated (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+2005-11-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* configure.in:
+	s/logdir/shadow_cv_logdir/ fix wrong var name (by Mike Frysinger <vapier@gentoo.org>).
+
+	* man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3.xml, man/Attic/pwck.8, man/Attic/sg.1, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/sg.1.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, README, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/gshadow.5, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/newgrp.1, man/chage.1.xml, man/chfn.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newgrp.1.xml:
+	move information about all shadow man pages authors from man pages to README file.
+
+	* src/userdel.c: added two new error messages to translated phrases.
+
+	* NEWS, src/userdel.c:
+	remove the user's group unless it is not really a user-private group
+	(based on FC patch).
+
+2005-11-04  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/usermod.c: fix long name options name in long_options[].
+
+2005-11-02  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/userdel.c: indent source code.
+
+	* NEWS, src/userdel.c:
+	make the userdel -f option force the removal of the user's group (even if it
+	is the primary group of another user)
+	(merge 453_userdel_-f_removes_group Debian patch),
+
+	* NEWS, man/Attic/login.1, man/login.1.xml:
+	better explain the respective roles of login, init and getty with regards
+	to the utmp file (merge 440_manpages-login.1 Debian patch).
+
+	* man/Attic/userdel.8, man/userdel.8.xml:
+	aphabetic order options description.
+
+	* NEWS, man/Attic/userdel.8, man/userdel.8.xml:
+	document the -f option; document the group removal behavior (merge
+	455_userdel.8.xml Debian patch).
+
+	* NEWS, man/Attic/groupadd.8, man/Attic/useradd.8, man/groupadd.8.xml, man/useradd.8.xml:
+	document that useradd/groupadd refuse adding entries already in an
+	external database (http://bugs.debian.org/282184).
+
+	* NEWS, libmisc/sulog.c:
+	log in successful/failed su through syslog (http://bugs.debian.org/190215).
+
+	* NEWS, man/it/groupdel.8, man/it/passwd.1, man/it/pwconv.8, man/it/useradd.8, man/it/userdel.8, man/it/usermod.8:
+	updated it groupdel(8), passwd(1), pwconv(8), useradd(8), userdel(8), usermod(8) man pages
+	(merge 205_it-manpages Debian patch).
+
+	* man/pt_BR/gpasswd.1: merge 204_pt_BR-manpages Debian patch.
+
+2005-10-31  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/porttime.5, man/Attic/pwck.8, man/Attic/shadow.3, man/porttime.5.xml, man/pwck.8.xml:
+	improvements by Yuri Kozlov <kozlov.y@gmail.com>.
+
+	* NEWS, po/tl.po: updated (by Eric Pareja <xenos@upm.edu.ph>).
+
+	* po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/su.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po:
+	remove "." from su message.
+
+	* po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po:
+	"make update-po".
+
+	* src/usermod.c: cleanups in usage() output.
+
+	* src/usermod.c: indent code.
+
+	* NEWS, src/usermod.c:
+	rewrited for use getopt_long() (Christian Perrier <bubulle@kheops.frmug.org>).
+
+2005-10-24  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/uk.po: updated (by Eugeniy Meshcheryakov <eugen@univ.kiev.ua>).
+
+2005-10-20  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/faillog.5, man/Attic/groupmems.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/chpasswd.8.xml, man/groupmems.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/Attic/chpasswd.8:
+	bunch of cleanups (Yuri Kozlov <kozlov.y@gmail.com>).
+
+2005-10-19  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/userdel.c, src/usermod.c, lib/pam_defs.h, libmisc/pam_pass.c, libmisc/pwdcheck.c, src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/login.c, src/newusers.c, src/su.c, src/useradd.c:
+	Simplifications: move all per shadow tool declared struct pam_conv conv
+	from src/*c to lib/pam_defs.h. #include "pam_defs.h" instead <security/pam_appl.h>
+	and <security/pam_misc.h>.
+	Patch partialy based on openpam fixes by Rob Holland <rob@inversepath.com>.
+
+	* NEWS, lib/commonio.c:
+	fixed grpck segmentation fault on using -s when /etc/gshadow is empty (fix by
+	Tomasz Lemiech <szpajder@staszic.waw.pl>).
+
+2005-10-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/faillog.5, man/faillog.5.xml:
+	typos (by A Costa <agcosta@gis.net>).
+
+2005-10-16  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/chage.1, man/Attic/chpasswd.8, man/chage.1.xml, man/chpasswd.8.xml:
+	typos (by A Costa <agcosta@gis.net>).
+
+	* NEWS, po/sv.po: updated (by Daniel Nylander <yeager@lidkoping.net>).
+
+2005-10-13  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/de/newgrp.1, man/es/Makefile.am, man/es/newgrp.1, man/zh_CN/Makefile.am, man/zh_CN/newgrp.1, man/zh_TW/Makefile.am, man/zh_TW/newgrp.1, NEWS, man/de/Makefile.am:
+	newgrp(1): added de, es, zh_CN, zh_TW translations.
+
+2005-10-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/gpasswd.1, man/gpasswd.1.xml:
+	move "Notes about group passwords" section from passwd man page.
+
+	* src/passwd.c, NEWS, man/Attic/passwd.1, man/passwd.1.xml:
+	remove handle -f, -g and -s options in passwd.
+
+	* man/userdel.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/logoutd.8.xml, man/newgrp.1.xml, man/newusers.8.xml, man/pwconv.8.xml, man/sg.1.xml:
+	use locase in <refentrytitle>.
+
+	* man/Attic/pw_auth.3, man/Attic/pw_auth.3.xml, man/Attic/shadow.3, man/shadow.3.xml:
+	added refmiscinfo class="sectdesc">Library Calls</refmiscinfo> in <refmeta>.
+
+	* man/Attic/pwconv.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/vipw.8, man/newusers.8.xml, man/pwconv.8.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml, man/Attic/chpasswd.8, man/Attic/faillog.8, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/grpck.8, man/Attic/lastlog.8, man/Attic/logoutd.8, man/Attic/newusers.8, man/chpasswd.8.xml, man/faillog.8.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/grpck.8.xml, man/lastlog.8.xml, man/logoutd.8.xml:
+	added <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+	in <refmeta>.
+
+	* man/Attic/login.defs.5, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/shadow.5, man/Attic/suauth.5, man/login.defs.5.xml, man/passwd.5.xml, man/porttime.5.xml, man/shadow.5.xml, man/suauth.5.xml, man/Attic/login.access.5, man/limits.5.xml, man/login.access.5.xml, man/Attic/faillog.5, man/Attic/gshadow.5, man/Attic/limits.5, man/faillog.5.xml, man/gshadow.5.xml:
+	added <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+	in <refmeta>.
+
+	* man/Attic/pwconv.8, man/Attic/suauth.5, man/Attic/vipw.8, man/pwconv.8.xml, man/suauth.5.xml, man/vipw.8.xml:
+	remove <refentryinfo><date></date></refentryinfo> and <refmiscinfo class='date'> tags.
+
+	* man/Attic/newgrp.1, man/Attic/sg.1, man/newgrp.1.xml, man/sg.1.xml:
+	added <refmiscinfo class="sectdesc">User Commands</refmiscinfo> tag.
+
+2005-10-11  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, configure.in: start work on 4.0.14.
+
+2005-10-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: move release 4.0.13 date to 10-10-2005.
+
+	* NEWS:  added infor about removed duplicated pam_start() in chage.
+
+	* NEWS: updated.
+
+	* man/Makefile.am: added sg.1.xml to man_XMANS.
+
+	* man/Attic/chage.1, man/chage.1.xml:
+	cleanups (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+	* man/Attic/newgrp.1, man/newgrp.1.xml:
+	use <filename> in few more places.
+
+	* man/Attic/newgrp.1, man/newgrp.1.xml:
+	better newgrp description (http://bugs.debian.org/325558).
+
+2005-10-04  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/chpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/newusers.c, src/useradd.c, src/userdel.c, src/usermod.c:
+	remove using pam_chauthtok().
+
+	* src/chsh.c: finish PAM support using pam_start() & co.
+
+	* src/chage.c: remove using pam_chauthtok() on finish chage.
+
+	* src/chfn.c:
+	use E_NOPERM in more places. remove using pam_chauthtok() on finish chfn.
+
+	* src/chfn.c: cleanups.
+
+	* src/chage.c:
+	removed duplicaded not moved PAM code) was introduced during merge
+	shadow-4.0.4.1-owl-pam-auth.diff patch).
+
+	* src/chfn.c: finish PAM support.
+
+2005-10-03  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/chfn.1, man/Attic/chsh.1, man/chfn.1.xml, man/chsh.1.xml:
+	cleanups (by  Alexander Gattin <xrgtn@yandex.ru>).
+
+2005-10-02  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, src/userdel.c:
+	userdel should not remove the group which is primary for someone else (fix
+	by Nicolas François <nicolas.francois@centraliens.net> http://bugs.debian.org/295416)
+
+2005-10-01  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/vipw.8.xml, man/Attic/chage.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/faillog.8, man/Attic/grpck.8, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/Attic/passwd.1, man/Attic/porttime.5, man/Attic/pw_auth.3.xml, man/Attic/shadow.3, man/Attic/su.1, man/Attic/suauth.5, man/chage.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/faillog.8.xml, man/groupmems.8.xml, man/grpck.8.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/passwd.1.xml, man/porttime.5.xml, man/shadow.3.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml:
+	s/<emphasis remap='B'>/<emphasis>/
+
+	* man/Attic/sg.1, man/sg.1.xml: use <command> instead <emphasis>.
+
+	* man/newgrp.1.xml, man/sg.1.xml, man/chage.1.xml, man/chsh.1.xml, man/login.defs.5.xml:
+	s/\.  /\. /
+
+	* man/Attic/shadow.5, man/shadow.5.xml:
+	better document "!" and "*" fields in /etc/shadow
+	(based on 441_manpages-shadow.5 patch from Debian).
+
+	* man/Attic/newgrp.1, man/newgrp.1.xml:
+	SHADOWPWD was removed (always enabled)
+	(based on 446_newgrp.1_no_SHADOWPWD patch from Debian).
+
+	* po/ru.po: updated for 4.0.13 (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+2005-09-30  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: cleanups.
+
+	* man/Attic/vipw.8, man/vipw.8.xml, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/expiry.1, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/gshadow.5, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pw_auth.3.xml, man/Attic/pwck.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/chage.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newgrp.1.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml:
+	next round of cleanups.
+
+	* man/Makefile.am: added rules for id.1, pw_auth.3 and sulogin.8.
+
+	* libmisc/setupenv.c:
+	during the changes on libmisc/setupenv.c, a piece of code was moved
+	without its comment (merge 449_comment_missplaced Debian patch).
+
+2005-09-29  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/chfn.1, man/Attic/chsh.1, man/Attic/groupadd.8, man/Attic/newusers.8, man/Attic/pwconv.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/chfn.1.xml, man/chsh.1.xml, man/groupadd.8.xml, man/newusers.8.xml, man/pwconv.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, NEWS:
+	added missing references to /etc/login.defs and login.defs(5)
+	(Christian Perrier <bubulle@kheops.frmug.org>).
+
+2005-09-28  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: s/XSL/XSLT/
+
+	* po/pl.po: few updates.
+
+	* man/Attic/passwd.1, man/passwd.1.xml:
+	-i option description is back (lost on rewrite and pointed by
+	Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+	* po/cs.po:
+	updated for 4.0.13 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+2005-09-27  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: updated.
+
+	* configure.in: fixes for correct handle --with{,out}-<feature>.
+
+	* configure.in:
+	use @<:@ @:>@ instead ( ) inside AC_HELP_STRING() and s/feactures/features/
+	(based on fixes by Mike Frysinger <vapier@gentoo.org>).
+
+	* po/da.po: updated for 4.0.13 (by Claus Hindsgaul <claus_h@image.dk>).
+
+	* po/es.po: updated for 4.0.13 (by Ruben Porras <nahoo@inicia.es>).
+
+2005-09-26  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, libmisc/failure.c:
+	use "%c" in strftime() output (based on patch from
+	http://bugs.debian.org/89902 by Christian Perrier <bubulle@debian.org>)
+
+	* man/Attic/getspnam.3, man/Attic/shadow.3, man/shadow.3.xml:
+	added <refname>getspnam</refname> to <refnamediv>.
+
+	* man/Attic/sg.1, man/sg.1.xml: fixed <cmdsynopsis>.
+
+	* man/Attic/sg.1, man/Makefile.am, man/sg.1.xml:
+	added separated sg(1) man page.
+
+2005-09-24  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* lib/commonio.c, NEWS:
+	don't assume selinux is enabled if is_selinux_enabled() returns -1
+	(merge isSelinuxEnabled FC patch by Jeremy Katz <katzj@redhat.com>).
+
+	* po/ro.po: updated (by Sorin Batariuc <sorin@bonbon.net>).
+
+2005-09-21  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: schedule release 4.0.13 to 03-10-2005.
+
+2005-09-20  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/gshadow.5, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/vipw.8:
+	regenerate all roff man pages using DocBook XSL Stylesheets 1.69.1.
+
+	* man/logoutd.8.xml: fixed id inside <refentry>.
+
+	* man/login.1.xml, man/logoutd.8.xml, man/newgrp.1.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/chage.1.xml, man/chfn.1.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml:
+	added missing <para></para> inside <listitem> tags for pass correctly xmllint.
+
+	* man/Attic/login.access.5, man/login.access.5.xml:
+	rewrited FILES section.
+
+	* man/login.access.5.xml: cleanups.
+
+2005-09-15  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, man/Attic/passwd.5, man/passwd.5.xml:
+	rewrited based on work by Greg Wooledge <greg@wooledge.org>
+	http://bugs.debian.org/328113
+
+2005-09-13  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/ro.po: updates (by Sorin Batariuc <sorin@bonbon.net>).
+
+2005-09-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/expiry.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/groups.c, src/grpck.c, src/id.c, src/login.c, src/login_nopam.c, src/logoutd.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/suauth.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c:
+	remove empty lines after comment.
+
+	* src/useradd.c: group all #include.
+
+	* po/fr.po:
+	updated (by Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>).
+
+2005-09-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/gpasswd.c: remove exit(1) after failure().
+
+	* src/usermod.c: consolidate few #ifdef WITH_AUDIT .. #endif sections.
+
+2005-09-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/Makefile.am: added missing $(LDADD) in gpasswd_LDADD.
+
+	* NEWS, libmisc/limits.c:
+	fixed setup max address space limits (added missing break statement in case)
+	spoted by Lasse Collin <lasse.collin@tukaani.org>
+	(fix for non-PAM case)
+
+	* configure.in: try find and use by default feactures:
+	with_audit="yes"
+	with_libcrack="no"
+	with_libpam="yes"
+	with_libskey="no"
+	with_selinux="yes"
+	Report on finish also S/Key and CrackLib support.
+
+	* configure.in: cleanups.
+
+	* src/Makefile.am: sort *_LDADD.
+
+	* src/Makefile.am: added missing gpasswd_LDADD = $(LIBAUDIT).
+
+	* src/groupadd.c, src/groupdel.c, src/groupmod.c, src/useradd.c, src/userdel.c, src/usermod.c, lib/defines.h, lib/prototypes.h, src/chage.c, src/gpasswd.c:
+	indent code.
+
+	* libmisc/Makefile.am: sort libmisc_a_SOURCES elements.
+
+	* libmisc/audit_help.c: added shadow copyright text and indent file.
+
+	* libmisc/audit_help.c:
+	patr of auditing support not added on commiting audit changes.
+
+	* src/Makefile.am: s/AUDIT/LIBAUDIT/
+
+	* configure.in: added reporting on finish is auditing is enabled.
+	Change to use shared libaudit. Aded missing AC_SUBST(LIBAUDIT).
+	Break some to log lines.
+
+	* src/Makefile.am, src/chage.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/useradd.c, src/userdel.c, src/usermod.c, NEWS, configure.in, lib/defines.h, lib/prototypes.h, libmisc/Makefile.am:
+	auditing support added. Patch prepared by Peter Vrabec
+	<pvrabec@redhat.com> basing on work by Steve Grubb from
+	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159215 Now auditing
+	support have commands: chage, gpasswd, groupadd, groupdel, groupmod,
+	useradd, userdel, usermod.
+
+	* po/pt.po: finish update (by Christian Perrier <bubulle@debian.org>).
+
+2005-09-04  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/pt.po, NEWS: updated (by Miguel Figueiredo <elmig@debianpt.org>).
+
+2005-09-03  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/passwd.c:
+	fix warning (initialization makes pointer from integer without a cast) in
+	long_options[] entry.
+
+	* po/fr.po, NEWS:
+	partialy updated (by Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>).
+
+2005-09-02  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/chage.c: indent source sode.
+
+	* src/chage.c, src/chfn.c, src/chsh.c, src/passwd.c, NEWS:
+	change to use new selinux API for selinux_check_passwd_access()
+	(patch from Fedora by Dan Walsh <dwalsh@redhat.com>).
+
+2005-09-01  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/newgrp.1, man/newgrp.1.xml: finished rewrite.
+
+	* etc/login.defs: moved from login.defs.linux.
+
+	* src/login_nopam.c: use #ident.
+
+	* etc/Attic/login.defs.hurd, etc/Attic/login.defs.linux, etc/Makefile.am:
+	remove login.defs.hurd and login.defs.linux.
+
+	* src/groupadd.c, src/useradd.c:
+	as same as in man pages to useradd and groupadd change to 1000 default
+	GID_MIN and UID_MIN (if not found in login.defs).
+
+	* etc/login.defs: s/chkpasswd/chpasswd/
+
+2005-08-31  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Makefile.am, man/chsh.1.xml, man/limits.5.xml, man/login.access.5.xml, man/newgrp.1.xml, man/newusers.8.xml:
+	fixed id= in <refentry>.
+
+	* man/Attic/gpasswd.1, man/gpasswd.1.xml:
+	fixed refentry id (must be 'gpasswd.1').
+
+	* man/Makefile.am, man/newgrp.1.xml:
+	raw version converted from roff using doclifter.
+
+	* lib/exitcodes.h: new exit codes:
+	#define E_PASSWD_NOTFOUND       14      /* not found password file */
+	#define E_GROUP_NOTFOUND        16      /* not found group file */
+	#define E_GSHADOW_NOTFOUND      17      /* not found shadow group file */
+
+	* man/Attic/chage.1, man/chage.1.xml, lib/exitcodes.h:
+	change to 15 (from 14) exit code in chage when shadow not found.
+
+	* src/Attic/chsh_chkshell.c, src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/expiry.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/groups.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, src/id.c, src/lastlog.c, src/login.c, src/login_nopam.c, src/logoutd.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c, libmisc/pwd_init.c, libmisc/pwdcheck.c, libmisc/rlogin.c, libmisc/salt.c, libmisc/setugid.c, libmisc/setupenv.c, libmisc/shell.c, libmisc/strtoday.c, libmisc/sub.c, libmisc/sulog.c, libmisc/ttytype.c, libmisc/tz.c, libmisc/ulimit.c, libmisc/utmp.c, libmisc/valid.c, libmisc/xmalloc.c, libmisc/addgrps.c, libmisc/age.c, libmisc/basename.c, libmisc/chkname.c, libmisc/chowndir.c, libmisc/chowntty.c, libmisc/console.c, libmisc/copydir.c, libmisc/entry.c, libmisc/env.c, libmisc/failure.c, libmisc/fields.c, libmisc/hushed.c, libmisc/isexpired.c, libmisc/limits.c, libmisc/list.c, libmisc/log.c, libmisc/loginprompt.c, libmisc/mail.c, libmisc/motd.c, libmisc/myname.c, libmisc/obscure.c, libmisc/pam_pass.c, libmisc/pwd2spwd.c, NEWS, lib/Attic/getpass.c, lib/Attic/rcsid.h, lib/Makefile.am, lib/commonio.c, lib/encrypt.c, lib/fputsx.c, lib/getdef.c, lib/groupio.c, lib/gshadow.c, lib/lockpw.c, lib/port.c, lib/pwauth.c, lib/pwio.c, lib/sgetgrent.c, lib/sgetpwent.c, lib/sgetspent.c, lib/sgroupio.c, lib/shadow.c, lib/shadowio.c:
+	use #ident preprocesor directive istead RCID macro with content similar
+	to example described in ident(1) man page (modern compilers like latest GCC
+	removes not used functions by global optimization).
+	So "ident /usr/bin/passwd" will show again some useable informations.
+
+	* man/Makefile.am: added support for regenerate roff files from XML.
+	Added depeing shadow-man-pages.pot on $(man_XMANS).
+
+2005-08-30  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/login.1, man/login.1.xml, NEWS:
+	added securetty(5) to SEE ALSO section (fixed Debian bug http://bugs.debian.org/325773).
+
+	* po/pl.po: more updates.
+
+	* configure.in:
+	typo in handle --with-selinux. Fixes in xsltproc detection.
+
+	* autogen.sh:
+	added --enable-man and --enable-maintainer-mode to configure options.
+
+	* man/Attic/chage.1, man/chage.1.xml, NEWS:
+	added EXIT VALUES section (by Nicolas François <nicolas.francois@centraliens.net>).
+
+	* man/Attic/passwd.1, man/passwd.1.xml:
+	remove "Password expiry information" section (all options are described now
+	in OPTIONS section). Describe -a and -k options.
+
+	* NEWS, src/su.c:
+	fixed twice copy enviroment which causes auth problems (bug was introduced in 4.0.12;
+	fix by Nicolas François <nicolas.francois@centraliens.net>).
+
+	* src/passwd.c, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po:
+	s/Incorrect password for `%s'/Incorrect password for %s/ (one phrase for translate less).
+
+	* src/login.c, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po:
+	s/login: failure forking: %s/%s: failure forking: %s/ (one phrase for translate less).
+
+	* po/pl.po: partialy updated.
+
+2005-08-29  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* lib/exitcodes.h, src/chage.c:
+	s/E_NOT_SHADOWED/E_SHADOW_NOTFOUND/ and change value of this exit code to 14.
+
+	* NEWS, lib/exitcodes.h, src/chage.c:
+	differentiate the different failure causes by the exit value
+	This will permit to adduser Debian script to detect if chage failed because the
+	system doesn't have shadowed passwords (fix for http://bugs.debian.org/317012)
+	Plain merge 443_chage_exit_values Debian patch.
+
+	* man/Attic/pw_auth.3.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml, man/chage.1.xml, man/chfn.1.xml:
+	use tabs in indentation (~10KB less in all xml files).
+
+	* po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po:
+	run "make update-po" and remove obsoleted strings.
+
+	* src/expiry.c, src/login.c: remove #if 0 .. #endif code.
+
+	* src/login.c: remove #if 1 .. #endif.
+
+	* libmisc/obscure.c, libmisc/utmp.c, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, src/chage.c, src/login.c, src/logoutd.c, src/newgrp.c, src/su.c, src/useradd.c, NEWS:
+	merge 010_more-i18ned-messages Debian patch which adds i18n support for few more messages
+	(orginaly patch was prepared by Guillem Jover <guillem@debian.org>).
+
+	* man/id/chsh.1:
+	fix .SH (fix merged from 207_id-manpages debian patch).
+
+2005-08-28  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* acinclude.m4: add aclocal macros (based on acinclude.m4 from glib):
+	JH_PATH_XML_CATALOG: checks the location of the XML Catalog,
+	JH_CHECK_XML_CATALOG: checks if a particular URI appears in the XML catalog.
+
+	* man/Attic/useradd.8, man/useradd.8.xml:
+	cleanups in "Changing the default values" section.
+
+	* man/useradd.8.xml:
+	replace <emphasis remap='I'></emphasis> by <replaceable></replaceable>.
+	Other minor cleanups.
+
+	* configure.in:
+	fixed missing )] in AC_ARG_WITH(skey, ..) (thank for fix to Yuri Kozlov <kozlov.y@gmail.com>).
+
+	* man/Attic/chsh.1, man/Attic/faillog.5, man/Attic/gshadow.5, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pw_auth.3.xml, man/Attic/shadow.3, man/Attic/suauth.5, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/chsh.1.xml, man/faillog.8.xml, man/groupadd.8.xml, man/gshadow.5.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/porttime.5.xml, man/shadow.3.xml, man/suauth.5.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml:
+	typos, and change some arguments so they do not match the name of a
+	command (fixes by Nicolas François <nicolas.francois@centraliens.net>).
+
+	* NEWS, libmisc/chkname.c, man/Attic/groupadd.8, man/Attic/useradd.8, man/groupadd.8.xml, man/useradd.8.xml:
+	fix regular expression describing alloved login/group names (pointed
+	by Nicolas François <nicolas.francois@centraliens.net>)
+	(correct is [a-z_][a-z0-9_-]*[$]).
+
+	* man/Attic/useradd.8, man/useradd.8.xml:
+	remove "Creating New Users" section and merge this directly in DESCRIPTION.
+	Add <option></option> for -o in EXIT VALUES section.
+
+	* po/ru.po, NEWS:
+	update ru translations (by Yuri Kozlov <kozlov.y@gmail.com>).
+
+2005-08-27  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/passwd.1, man/passwd.1.xml:
+	removed "Account maintenance" section.
+
+	* man/Attic/passwd.1, man/passwd.1.xml: partialy done rewrite.
+
+	* po/ro.po:
+	some fixes after review of the translation (by Sorin Batariuc <sorin@bonbon.net>).
+
+	* man/Attic/lastlog.8, man/lastlog.8.xml:
+	s/Print help message and exit./Display help message and exit./
+
+	* man/Attic/chage.1, man/chage.1.xml: document -h,--help option.
+
+	* man/Attic/groupadd.8, man/groupadd.8.xml:
+	document -h,--help option. added <option></option> for -o in EXIT VALUES.
+	Cleanups in SYNOPSIS section.
+
+	* man/Attic/chage.1, man/Attic/faillog.8, man/chage.1.xml, man/faillog.8.xml:
+	replace <emphasis remap='I'></emphasis> by <replaceable></replaceable>.
+
+	* man/Attic/lastlog.8, man/lastlog.8.xml:
+	document new -b,--before option.
+
+	* po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/it.po, po/ja.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/el.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, src/lastlog.c:
+	s/lastlog results/lastlog records/ in lastlog usage output.
+
+	* man/Attic/lastlog.8, man/lastlog.8.xml:
+	add "" aroud <command></command>.
+
+	* po/vi.po, po/zh_CN.po, po/zh_TW.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, src/lastlog.c:
+	alphabetic order options in lastlog usage output. Run "make -C po update-po".
+
+	* src/lastlog.c, NEWS:
+	added handle -b option which allow print only lastlog records older than
+	specified DAYS (fix by <miles@lubin.us>).
+
+	* libmisc/salt.c, NEWS:
+	fixed for use login.defs::MD5_CRYPT_ENAB only if PAM support
+	is disabled (fix by John Gatewood Ham <zappaman@buraphalinux.org>).
+
+2005-08-25  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* configure.in:
+	use AC_HELP_STRING() in AC_ARG_ENABLE() and AC_ARG_WITH().
+	Exit with error message if configure was runed --with-selinux
+	and libselinux not found.
+
+2005-08-24  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* libmisc/chkname.c, NEWS, man/Attic/groupadd.8, man/Attic/useradd.8, man/groupadd.8.xml, man/useradd.8.xml:
+	documents in CAVEATS section the limitations shadow places on user and
+	group names (fix by Mike Frysinger <vapier@gentoo.org>).
+
+	* src/passwd.c, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po:
+	added missing -i, --inactive in usage() output.
+
+2005-08-23  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, src/passwd.c, NEWS:
+	passwd rewrited for use getopt_long().
+
+	* man/Attic/chage.1, man/chage.1.xml: /warndays/--warndays/
+
+	* man/Attic/pw_auth.3.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml, man/chage.1.xml, man/chfn.1.xml, man/chpasswd.8.xml, man/chsh.1.xml:
+	remove trailing spaces.
+
+	* src/lastlog.c, src/login.c, src/logoutd.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c, src/suauth.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c, src/Attic/chsh_chkshell.c, src/chpasswd.c, src/chsh.c, src/expiry.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmems.c, src/groupmod.c, src/groups.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, src/id.c:
+	reorder #includes, indentations and minor cleanups.
+
+	* src/newgrp.c: indent code.
+
+	* NEWS, src/newgrp.c:
+	when newgrp process sits between parent and child shells, it should
+	propagate STOPs from child to parent and CONTs from parent to child,
+	otherwise e.g. bash's "suspend" command won't work.
+	Fixed Debian http://bugs.debian.org/314727
+
+2005-08-22  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* configure.in: typo.
+
+	* configure.in:
+	add display short summary information on finish autoconf script.
+
+	* NEWS, configure.in: start work on 4.0.13.
+
+2005-08-21  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/ru.po: updated for 4.0.12 (by Yuri Kozlov <yuray@id.ru>).
+
+	* NEWS, po/sk.po:
+	updated for 4.0.12 (by Peter Mann <Peter.Mann@tuke.sk>).
+
+2005-08-20  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/nl.po, NEWS:
+	updated for 4.0.12 (by cobaco (aka Bart Cornelis) <cobaco@linux.be>).
+
+2005-08-19  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/fi.po:
+	updated for 4.0.12 (by Tommi Vainikainen <thv+debian@iki.fi>).
+
+	* NEWS, po/de.po:
+	updated for 4.0.12 (by Frank Schmid <frank@cs-schmid.de>).
+
+	* po/pt.po, NEWS:
+	updated for 4.0.12 (by Miguel Figueiredo <elmig@debianpt.org>).
+
+2005-08-11  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/cs.po:
+	updated for 4.0.12 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+	* src/chpasswd.c, src/groupdel.c, src/newusers.c, src/useradd.c, src/userdel.c, src/usermod.c:
+	remove duplicated #include <pwd.h>.
+
+	* po/pl.po: finished update for 4.0.12.
+
+	* src/useradd.c, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po:
+	s/Not copying any file into it./Not copying any file from skel directory into it./
+
+	* src/useradd.c, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po:
+	break warning message longer than 80 characters.
+
+	* po/pl.po: updated.
+
+	* src/groupadd.c, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po:
+	fixed missing \n in usage() output.
+
+	* lib/getdef.c, src/login.c, src/newgrp.c, NEWS:
+	remove using login.defs::CLOSE_SESSIONS variable and allways close PAM session.
+
+2005-08-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, configure.in:
+	realy enable shadow group support by default (pointed by
+	Greg Schafer <gschafer@zip.com.au> and Peter Vrabec <pvrabec@redhat.com>).
+	Indentations in --help output.
+
+	* man/Attic/chage.1, man/chage.1.xml:
+	s/occurrence/occurence/ (334_chage.1-typo Debian patch).
+
+	* man/Attic/chfn.1, man/chfn.1.xml:
+	s/may only change may only change/may only change/ (based on 336_chfn.1 Debian patch).
+
+	* man/it/Makefile.am: cleanups (443_man_it_Makefile.am Debian patch).
+
+	* man/Attic/userdel.8, man/userdel.8.xml: s/an NIS client/a NIS client/
+
+	* man/Attic/useradd.8, man/useradd.8.xml: s/an NIS group/a NIS group/
+
+	* man/Attic/lastlog.8, man/lastlog.8.xml:
+	s/you have an high UID/you have a high UID/
+
+	* man/Attic/lastlog.8, man/lastlog.8.xml:
+	added missing <para></para> in AUTHORS section (cached by Nicolas).
+
+	* po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po:
+	run "make update-po".
+
+	* po/POTFILES.in: added missing libmisc/pwdcheck.c. Sorted.
+
+2005-08-09  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: s/22-07-2005/22-08-2005/
+
+	* NEWS: schedule release 4.0.12 in 22-07-2005.
+
+	* libmisc/setupenv.c, man/pl/login.defs.5, NEWS, etc/Attic/login.defs.hurd, etc/Attic/login.defs.linux, lib/getdef.c:
+	removed handle login.defs::QMAIL_DIR variable.
+
+	* libmisc/chowntty.c, NEWS:
+	allow regular user to login on read-only root file system (not only for root).
+	Patch by Nicolas François <nicolas.francois@centraliens.net>
+	Fix for http://bugs.debian.org/52069
+
+	* NEWS, man/Attic/usermod.8, man/usermod.8.xml:
+	give the correct range for system users: 0-999 instead of 0-99
+	(http://bugs.debian.org/286258)
+
+	* man/Attic/chage.1, man/chage.1.xml: s/an password/a password/
+
+	* man/Attic/chage.1, man/chage.1.xml, src/chage.c, NEWS:
+	another maxdays fix based on 427_chage_expiry_0 Debian patch
+	(fix for http://bugs.debian.org/78961).
+	Better description -1 value passed in -E, -I and -M options.
+
+	* src/gpasswd.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, NEWS:
+	added flushing group nscd cache on exit.
+
+	* src/pwck.c, src/pwconv.c, NEWS:
+	added flushing passwd nscd cache on exit.
+
+	* NEWS, src/usermod.c:
+	fixed handle -p option (patch by Peter Vrabec <pvrabec@redhat.com>).
+	Indented.
+
+	* man/Attic/chage.1, man/chage.1.xml, NEWS, src/chage.c:
+	use -1 as value for disable password inactivity.
+	Patch by Peter Vrabec <pvrabec@redhat.com> which fixes:
+	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=109499
+	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=137498
+
+2005-08-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/useradd.c, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po:
+	do not copy files from skel directory if home directory exist and write
+	warning message about not copying skel files.
+	Patch by Peter Vrabec <pvrabec@redhat.com> which fixes:
+	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=143150
+	https://bugzilla.redhat.com/beta/show_bug.cgi?id=158574
+	https://bugzilla.redhat.com/beta/show_bug.cgi?id=80242
+
+	* po/pl.po: updated.
+
+2005-08-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/useradd.c:
+	s/spoll/spool/ (spoted by Nicolas François <nicolas.francois@centraliens.net>).
+
+2005-08-04  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, src/su.c:
+	ignore SIGINT while authenticating. A ^C could defeat the waiting
+	period and permit brute-force attacks (fixed http://bugs.debian.org/288827).
+
+2005-08-03  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* lib/defines.h, NEWS, configure.in:
+	added require ngettext (added [need-ngettext] to AM_GNU_GETTEXT() parameters)
+	and stub prototype for ngettext() in lib/prototypes.h (neccessary if shadow
+	compiled with disabled NLS support)
+	Based on fixes by Martin Schlemmer <azarah@nosferatu.za.org>.
+
+	* src/faillog.c: start using exitcodes.h.
+
+	* NEWS, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/gshadow.5, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/vipw.8, man/logoutd.8.xml, man/shadow.3.xml, man/sulogin.8.xml:
+	regenerate all roff man pages using DocBook XSL Stylesheets 1.69.0.
+
+	* src/chage.c, src/chpasswd.c, src/newusers.c, src/passwd.c, src/pwunconv.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c, NEWS:
+	remove flushing shadow nscd cache (nscd do not caches shadow map).
+
+2005-08-02  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/groupadd.c, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, NEWS:
+	rewrited groupadd for use getopt_long().
+
+	* src/chage.c: indent.
+
+	* NEWS, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/userdel.c:
+	do OPENLOG() before pam_start().
+
+	* NEWS, src/groupadd.c: fixed double OPENLOG().
+
+	* src/passwd.c, src/vipw.c, src/userdel.c: reorder nscd_flush_cache().
+
+	* src/chfn.c, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po:
+	cleanups in printf() translated messages for make translators work easier.
+
+	* NEWS, src/chage.c: added flushing NSS shadow map on exit.
+
+	* po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, src/useradd.c:
+	s/the the/the/
+
+	* po/POTFILES.in: removed lib/{grpack,gspack,pwpack,sppack}.c.
+
+	* NEWS, src/newusers.c:
+	added flushing NSS passwd, shadow and group maps.
+
+	* NEWS, src/chpasswd.c, src/useradd.c:
+	added flushing NSS shadow map on exit.
+
+	* lib/prototypes.h: removed outdated prototypes for lib/gsdbm.c.
+
+	* NEWS, lib/Attic/grpack.c, lib/Attic/gspack.c, lib/Attic/pwpack.c, lib/Attic/sppack.c, lib/Makefile.am, lib/prototypes.h:
+	remove lib/{grpack,gspack,pwpack,sppack}.c and prototypes from lib/prototypes.h (outdated).
+
+	* lib/prototypes.h: removed outdated prototypes from lib/pwdbm.c.
+
+2005-07-31  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, src/usermod.c: added flushing NSS shadow map.
+
+2005-07-29  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/chage.1, man/chage.1.xml:
+	typo (s/passwordchanges/password changes/).
+
+2005-07-27  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* lib/getdef.c, src/su.c:
+	ENV_SUPATH and ENV_PATH must be used independently to PAM.
+
+	* lib/exitcodes.h: added E_BAD_ARG.
+
+	* src/gpasswd.c: start use exitcodes.h.
+
+	* lib/getdef.c: remove ENV_ROOTPATH def_table[] (not used).
+
+2005-07-24  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/chsh.c: start use exitcodes.h.
+
+2005-07-23  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/Makevars, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po:
+	added --no-location to po/Makevars::XGETTEXT_OPTIONS: shorter .po files.
+
+	* NEWS, src/grpck.c, src/pwck.c:
+	pwck: now pwck OPENLOG with correct name ("pwck" instead "pwsk"),
+	pwck, grpck: replace all puts() with printf() - it fixes problems with extra blank
+	lines printed in some messages
+	(fixes by Alexander Gattin <arg@online.com.ua>)
+
+2005-07-22  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/Makevars: added:
+	MSGID_BUGS_ADDRESS = kloczek@pld.org.pl
+
+2005-07-21  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/chfn.c: start use #include "exitcodes.h",
+
+	* lib/exitcodes.h: cleanups.
+
+	* lib/Makefile.am, lib/exitcodes.h, src/chage.c:
+	start separate all E_* exit codes to lib/exitcodes.h.
+
+	* src/passwd.c, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po:
+	use separated message "Password set to expire." instead "Password changed."
+	on "passwd -e" (fix by Christian Perrier <bubulle@debian.org>).
+
+	* NEWS, po/fr.po:
+	updated (by Jean-Luc Coulon (f5ibh) <jean-luc.coulon@wanadoo.fr>).
+
+	* NEWS, configure.in: start work on 4.0.12.
+
+2005-07-20  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, NEWS, configure.in, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po:
+	4.0.11.1 will be released tmorrow (21-07-2005).
+
+	* configure.in, NEWS:
+	fixed configure.in: now is possible build shadow with enabled/disabled shadow group
+	support (thanks for report symptoms of the bug to Greg Schafer <gschafer@zip.com.au>).
+
+	* po/sv.po, NEWS: update finished (by Per Olofsson <pelle@dsv.su.se>)
+
+	* po/sv.po: partialy updated (by Per Olofsson <pelle@dsv.su.se>).
+
+2005-07-19  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, configure.in: start work on 4.0.12.
+
+2005-07-18  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* libmisc/sub.c:
+	fixed compilation warning about incompatible implicit declaration of built-in
+	function printf: added "#include <stdio.h>".
+
+	* src/groupadd.c:
+	move #ifdef USE_PAM .. #endif #includes outside #ifdef SHADOWGRP .. #endif.
+
+	* libmisc/pwdcheck.c:
+	added missing "#include <stdio.h>" (fix compilation with PAM disabled).
+
+	* po/ro.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/pl.po, po/pt_BR.po, po/nl.po, po/nn.po, po/nb.po, po/ko.po, po/ja.po, po/it.po, po/he.po, po/id.po, po/fr.po, po/bs.po, po/ca.po, po/da.po, po/el.po, po/es.po, po/eu.po, po/fi.po:
+	run "make update-po".
+
+	* src/su.c:
+	move declaration of pamh nad caught variables to #ifdef USE_PAM .. #endif.
+
+	* po/pl.po, NEWS: updated pl translation.
+
+2005-07-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/sk.po:
+	updated for 4.0.11 (by Peter Mann <Peter.Mann@tuke.sk>).
+
+2005-07-16  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/cs.po:
+	updated for 4.0.11 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+2005-07-15  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/de.po, NEWS:
+	updated for 4.0.11 (by Frank Schmid <frank@cs-schmid.de>).
+
+2005-07-14  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/pt.po:
+	updated for 4.0.11 (by Miguel Figueiredo <elmig@debianpt.org>).
+
+2005-07-13  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/stats: reorder gsub().
+
+	* po/ru.po: cleanups.
+
+	* po/ru.po, NEWS:
+	updated for 4.0.11 (by Yuri Kozlov <yucoz@yandex.ru>).
+
+2005-07-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* lib/getdef.c:
+	move MAIL_DIR variable from def_table[] to part independent to USE_PAM
+	(still used in userdel/usermod).
+
+	* NEWS, man/Attic/pwck.8, man/pwck.8.xml:
+	document -q option (based on Debian patch for fix http://bugs.debian.org/309408)
+	Rewrited OPTIONS section and better SYNOPSIS.
+
+	* NEWS, po/da.po:
+	- updated for 4.0.11 (by Claus Hindsgaul <claus_h@image.dk>).
+
+	* NEWS, src/su.c:
+	ignore SIGINT while authenticating. A ^C could defeat the waiting period and
+	permit brute-force attacks. Also ignore SIGQUIT.
+	Fixed: http://bugs.debian.org/52372 and http://bugs.debian.org/288827
+
+	* po/fi.po, NEWS:
+	- updated for 4.0.11 (by Tommi Vainikainen <thv+debian@iki.fi>).
+
+	* po/ro.po: - updated Project-Id-Version field.
+
+	* NEWS, po/ro.po:
+	- updated for 4.0.11 (by Sorin B. <sorin@bonbon.net>).
+
+2005-07-11  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, man/Attic/lastlog.8, man/lastlog.8.xml:
+	document that lastlog is a sparse file, and don't need to be rotated.
+	http://bugs.debian.org/219321
+
+	* src/chage.c: use E_USAGE=2 as usage() exit code.
+
+	* NEWS, po/es.po:
+	updated for 4.0.11 (by Ruben Porras <nahoo82@telefonica.net>).
+
+	* src/useradd.c: cleanups in usage() oyput.
+
+	* po/zh_TW.po, po/vi.po, po/zh_CN.po, po/uk.po, po/tl.po, po/tr.po, po/sv.po, po/sq.po, po/sk.po, po/ro.po, po/ru.po, po/pt.po, po/pt_BR.po, po/pl.po, po/nb.po, po/nl.po, po/nn.po, po/ko.po, po/it.po, po/ja.po, po/he.po, po/id.po, po/fr.po, po/eu.po, po/fi.po, po/es.po, po/da.po, po/de.po, po/el.po, po/bs.po, po/ca.po, po/cs.po:
+	cleanups in usage() output.
+
+	* NEWS: release 4.0.11 is sheduled to 18-06-2005.
+
+2005-07-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/login.1, man/login.1.xml, NEWS:
+	better explain the respective roles of login, init and getty with regards
+	to the utmp file (based on 441_manpages-shadow.5 Debian patch)
+
+	* man/Attic/su.1, man/groupdel.8.xml, man/su.1.xml, man/Attic/groupdel.8:
+	s/presense/presence/; s/filesystem/file system/
+	(sed on 440_manpages-login.1 Debian patch)
+
+	* man/pl/Attic/shadowconfig.8, man/pl/Makefile.am, man/ja/Attic/shadowconfig.8, man/ja/Makefile.am, man/it/Attic/shadowconfig.8, man/Attic/shadowconfig.8, man/Attic/shadowconfig.8.xml, man/Makefile.am, NEWS:
+	removed shadowconfig(8) man page (will be maintained in Debian shadow pkg repository).
+
+	* man/it/sg.1: added.
+
+	* man/it/Makefile.am: more files in man_MANS.
+
+	* man/it/Makefile.am: move pwunconv.8 to man_MANS.
+
+	* man/useradd.8.xml, man/Attic/useradd.8:
+	updated after rewrite for for getopt_long() in useradd (-D and -k options
+	idescription must be finished).
+
+	* src/useradd.c, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, NEWS:
+	rewrited for use getopt_long().
+
+	* po/stats: more gsub().
+
+2005-07-08  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/newgrp.c:
+	indent source code and use fix for handle splitted groups unconditionaly.
+
+	* lib/nscd.c: indent.
+
+	* NEWS, src/newgrp.c:
+	add fix for handle splitted NIS groups: extends the functionality that,
+	if the requested group is given, all groups of the same GID are tested for
+	membership of the requesting user.
+	(fix by Christian Mudra <C.Mudra@science-computing.de>
+
+	* lib/nscd.c, NEWS:
+	for some reason doing the INVALIDATE call with two write()'s fails.
+	Do one writev() call instead. http://bugs.gentoo.org/show_bug.cgi?id=80413
+	(submited by Martin Schlemmer <azarah@gentoo.org>)
+
+	* NEWS, lib/nscd.c:
+	merge nscd-socket-path patch from Fedora: newer glibc's have a different nscd socket
+	location (/var/run/nscd/socket instead /var/run/.nscd_socket).
+
+2005-07-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/stats: improved.
+
+	* man/Attic/groupadd.8, man/groupadd.8.xml, NEWS:
+	document -o option in groupadd(8).
+
+	* configure.in: s/'"$<foo>" != "no"'/'"$<foo>" = "yes"'/
+
+	* NEWS, configure.in, lib/Makefile.am, lib/pwauth.c:
+	S/Key support is back.
+
+	* po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po:
+	run "make update-po".
+
+	* po/pl.po: updated.
+
+	* src/useradd.c: s,key=value,KEY=VALUE,
+
+	* src/groupadd.c, NEWS, man/Attic/groupadd.8, man/groupadd.8.xml:
+	change -O option to -K and document it in man page.
+
+	* man/Attic/useradd.8, man/useradd.8.xml, src/useradd.c:
+	s/NAME=VALUE/KEY=VALUE/; s/key=value/KEY=VALUE/
+
+	* src/chfn.c, src/groupadd.c, src/groupmems.c, src/login.c, src/passwd.c, src/vipw.c:
+	sort cases in switch (flag) {}.
+
+	* src/gpasswd.c, src/groupadd.c, src/groupmems.c, src/groupmod.c, src/passwd.c, src/useradd.c, src/usermod.c:
+	sort getopt() optstring.
+
+	* src/useradd.c:
+	remove A: from getopt() optstring (the same bug as in usermod).
+
+	* src/usermod.c:
+	remove A: from getopt() optstring (it was for handle AUTH_METHODS code but now
+	it is not used option). Catched by Thorsten Kukuk <kukuk@suse.de>.
+
+	* src/usermod.c, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po:
+	indent source code. Added usermod error message about -a option usage to translated messages.
+
+	* po/POTFILES.in: mistake s,chage_chkshell.c,chsh_chkshell.c,
+
+	* po/POTFILES.in: s,libmisc/chkshell.c,src/chage_chkshell.c,
+
+	* man/Attic/usermod.8, man/usermod.8.xml, src/usermod.c, NEWS:
+	added -a option. This flag can only be used in conjunction with the -G
+	option. It cause usermod to append user to the current supplementary group list.
+	(patch by Peter Vrabec <pvrabec@redhat.com>)
+
+	* libmisc/Attic/chkshell.c, libmisc/Makefile.am, src/Attic/chsh_chkshell.c, src/Makefile.am:
+	move libmisc/chkshell.c to src/chsh_chkshell.c. check_shell() is used only by chsh.
+
+2005-07-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* Attic/acconfig.h, NEWS, configure.in:
+	finish move all autoheader templates from acconfig.h to configure.in.
+
+	* src/chage.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, NEWS:
+	added missing \n in chage error messages.
+
+	* po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/bs.po:
+	run "make update-po".
+
+	* src/usermod.c: move all #include in one place.
+
+	* src/useradd.c: s/-O/-K/
+
+	* man/Attic/useradd.8, man/useradd.8.xml:
+	cleanups in Note: in -K description.
+
+	* NEWS, man/Attic/useradd.8, man/useradd.8.xml, src/useradd.c:
+	change -O option to -K and document it in man page.
+
+	* man/Attic/useradd.8, man/useradd.8.xml:
+	added separated <cmdsynopsis></cmdsynopsis> for -D description and remove using </srb> tags from
+	<refsynopsisdiv id='synopsis'>.
+
+	* src/login.c:
+	replace #ifdef USE_PAM .. #endif #ifndef USE_PAN .. #endif by
+	#ifdef USE_PAM .. #else .. #endif.
+
+	* src/su.c: conditiona code reorganization.
+
+	* src/login.c: remove one #ifndef USE_PAM .. #endif.
+
+	* libmisc/setupenv.c: move setup $MAIL to !USE_PAM.
+
+	* libmisc/setupenv.c, src/su.c:
+	consolidate two sections of code #ifndef USE_PAM to one.
+
+	* src/su.c, src/sulogin.c, libmisc/setupenv.c, libmisc/tz.c, src/login.c, NEWS:
+	fixed erroneous warning messages about some login.defs variables when used with PAM
+	(fix by DJ Lucas <dj@linuxfromscratch.org>)
+
+2005-07-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* configure.in, libmisc/getdate.y, libmisc/utmp.c, src/logoutd.c:
+	remove non-USG code.
+
+	* Attic/acconfig.h, configure.in:
+	start moving all autoheader templates from acconfig.h to configure.in.
+
+	* configure.in: remove not used AC_DEFINE(HAVE_LIBCRYPT).
+
+	* Attic/acconfig.h, NEWS, configure.in:
+	stop with error message if crypt() not found. Remove --with{,out}-libcrypt switch.
+
+	* src/login.c: fixed use SYSLOG macro.
+
+2005-07-02  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/login_nopam.c: fixed use SYSLOG macro.
+
+2005-07-01  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, src/login.c:
+	setup limits and umask (using login.defs ULIMITS and UMASK variables) only when
+	PAM support is disabled (it is task for pam_limits and pam_umask modules).
+
+2005-06-30  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/sulogin.c, src/login.c, src/login_nopam.c, NEWS:
+	use SYSLOG macro instead syslog() which saves the locale, sets the locale to C,
+	sends the message and restores the locale (fix by Nicolas François <nicolas.francois@centraliens.net>).
+
+	* NEWS, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/userdel.8, man/Attic/usermod.8, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmod.8.xml, man/userdel.8.xml, man/usermod.8.xml:
+	in SEE ALLSO section added refer to gpasswd(8)
+	(suggested by Mike Frysinger <vapier@gentoo.org>)
+
+	* NEWS, configure.in: start work on 4.0.11.
+
+2005-06-28  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: +1 day release 4.0.10 date.
+
+	* po/pl.po: kill fuzzy.
+
+	* po/de.po: partial update by Frank Schmid <frank@cs-schmid.de>.
+
+2005-06-25  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/ca.po: run "make update-po".
+
+	* po/sk.po: updated sk translation by Peter Mann <Peter.Mann@tuke.sk>.
+
+2005-06-22  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: typo.
+
+2005-06-21  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/pl.po: typo.
+
+	* po/pl.po: updated for 4.0.10.
+
+	* po/ru.po, NEWS: updated ru translation by maintainer.
+
+	* NEWS: added past releases dates. Cleanups.
+
+	* man/Attic/shadowconfig.8: merge version generated from XML file.
+
+	* po/ca.po, po/cs.po, po/da.po, po/fi.po, NEWS:
+	translations updated by maintainers.
+
+2005-06-20  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/chage.c, po/zh_TW.po, po/vi.po, po/zh_CN.po, po/tl.po, po/tr.po, po/uk.po, po/sk.po, po/sq.po, po/sv.po, po/ro.po, po/ru.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/eu.po, po/fi.po, po/fr.po, po/de.po, po/el.po, po/es.po, po/ca.po, po/cs.po, po/da.po, po/bs.po (usage):
+	s/EXPIRE/EXPIRE_DATE/.
+
+	* po/pl.po: start update for 4.0.10.
+
+	* src/usermod.c, src/useradd.c, src/userdel.c, src/id.c, src/newgrp.c, src/su.c, po/zh_TW.po, po/zh_CN.po, po/vi.po, po/uk.po, po/tr.po, po/tl.po, po/sv.po, po/sq.po, po/sk.po, po/ru.po, po/pt_BR.po, po/ro.po, po/pt.po, po/pl.po, po/nn.po, po/nl.po, po/nb.po, po/ko.po, po/ja.po, po/it.po, po/id.po, po/he.po, po/fr.po, po/eu.po, po/fi.po, po/es.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po:
+	s/uid/UID/ in all commnets and messages.
+
+	* libmisc/failure.c, libmisc/limits.c, lib/pwio.c:
+	s/uid/UID/ in comments.
+
+	* src/usermod.c, src/useradd.c, src/groupadd.c, src/groupmod.c, src/id.c, src/newgrp.c, po/zh_TW.po, po/zh_CN.po, po/vi.po, po/uk.po, po/tr.po, po/tl.po, po/sv.po, po/sq.po, po/sk.po, po/ru.po, po/ro.po, po/pt_BR.po, po/pt.po, po/pl.po, po/nn.po, po/nl.po, po/nb.po, po/ko.po, po/ja.po, po/it.po, po/he.po, po/id.po, po/fr.po, po/fi.po, po/eu.po, po/es.po, po/el.po, po/da.po, po/de.po, po/cs.po, po/bs.po, po/ca.po, libmisc/limits.c, lib/groupio.c:
+	s/gid/GID/ in all comments and messages.
+
+	* src/gpasswd.c, src/login.c, src/passwd.c, src/chage.c, src/chfn.c, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po:
+	one message in i18n messages less: use in all places "Permission denied" instead
+	"permission denied".
+
+	* libmisc/getdate.y:
+	remove extern for gmtime(), localtime() and mktime() and instead add #include <time.h>.
+
+	* libmisc/entry.c: removed extern for fgetpwent().
+
+	* NEWS, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/gshadow.5, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/login.1, man/Attic/login.defs.5, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/pw_auth.3, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/vipw.8:
+	now most of the man pages now are generated from XML files so in case any submiting
+	any chages to this resources please make diff fies to XML files.
+
+	* man/Attic/pw_auth.3.xml: cleanups.
+
+	* man/grpck.8.xml, man/passwd.1.xml:
+	correctly code EXIT VALUES section using <variablelist>. Cleanups.
+
+	* man/shadow.3.xml: cleanups.
+
+2005-06-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/ja/Attic/mkpasswd.8, man/ja/Makefile.am, man/pl/Attic/mkpasswd.8, man/pl/Makefile.am:
+	remove ja and pl mkpasswd.8 man pages.
+
+2005-06-16  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pwck.8.xml, man/useradd.8.xml, man/userdel.8.xml:
+	correctly code EXIT VALUES section.
+
+	* Attic/acconfig.h: removed DES_RPC and OPIE templates.
+
+	* src/Attic/mkpasswd.c, src/Makefile.am, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, NEWS, man/Attic/mkpasswd.8, man/Attic/mkpasswd.8.xml, man/Makefile.am, po/POTFILES.in, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po:
+	removed mkpasswd.
+
+	* man/Makefile.am: do not install mkpasswd(8) man page.
+
+	* src/Makefile.am: move mkpasswd.c to EXTRA_DIST.
+
+	* man/passwd.5.xml:
+	use <itemizedlist mark='bullet'> for describe passwd fields. Remove outdated
+	information about additional fields in comment field. Cleanups.
+
+	* man/newusers.8.xml: cleanups.
+
+	* man/gshadow.5.xml:
+	use <itemizedlist mark='bullet'> for gshadow fields desscription.
+
+	* man/shadow.5.xml: cleanups.
+
+	* man/shadow.5.xml:
+	use <itemizedlist mark='bullet'> for describe shadow fields.
+
+	* man/Attic/pw_auth.3.xml: cleanups.
+
+	* man/Attic/pw_auth.3.xml: use correct <refname>.
+
+	* man/Attic/pw_auth.3.xml: cleanups.
+
+	* man/groupdel.8.xml, man/groupmod.8.xml:
+	correctly code EXIT VALUES section.
+
+	* man/groupadd.8.xml: cleanups.
+
+	* man/Attic/mkpasswd.8.xml: added missing <variablelist> tag.
+
+	* man/usermod.8.xml: cleanups.
+
+	* man/usermod.8.xml: remove <sbr/> tags from SYNOPSIS section.
+
+	* man/faillog.8.xml: cleanups.
+
+	* man/faillog.5.xml:
+	put struct faillog definition in <programlisting></programlisting>.
+
+	* man/chsh.1.xml, man/chpasswd.8.xml: cleanups.
+
+	* man/groupadd.8.xml:
+	seems I found good way for code EXIT VALUES section.
+
+	* man/shadow.3.xml:
+	put meanings of each field spwd struct in <itemizedlist mark='bullet'>.
+
+	* man/shadow.3.xml:
+	place definition of struct spwd in <programlisting></programlisting>.
+
+	* NEWS, src/userdel.c:
+	userdel now deletes user groups from /etc/gshdow as well as /etc/group.
+	Fix by Nicolas François <nicolas.francois@centraliens.net>.
+	http://bugs.debian.org/99442
+
+	* src/usermod.c, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, NEWS, po/bs.po, po/ca.po, po/cs.po:
+	fixed bug in usermod ad run "make -C po update-po".
+	When relocating a user's home directory, don't fail and remove the new
+	home directory if we can't remove the old home directory for some
+	reason; the results can be spectularly poort if, for instance, only
+	the rmdir() fails. Patch prepared by Timo Lindfors <lindi-spamtrap@newmail.com>.
+	http://bugs.debian.org/166369
+
+2005-06-15  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/login.c: indent.
+
+	* man/Attic/pw_auth.3.xml, man/Attic/shadowconfig.8.xml, man/chage.1.xml, man/faillog.8.xml, man/groupmems.8.xml, man/gshadow.5.xml, man/login.1.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml:
+	cleanups.
+
+2005-06-14  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/chage.1.xml, man/chfn.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/faillog.5.xml:
+	cleanups.
+
+	* man/login.1.xml: rewrited FILES section.
+
+	* man/id.1.xml, man/lastlog.8.xml, man/gshadow.5.xml: cleanups.
+
+	* man/groups.1.xml: typos.
+
+	* man/chfn.1.xml, man/expiry.1.xml, man/gpasswd.1.xml: cleanups.
+
+2005-06-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS:
+	last patch for UTMPX was submited by by Nicolas François <nicolas.francois@centraliens.net>
+
+	* libmisc/failure.c, libmisc/failure.h, NEWS:
+	use also UTMPX API instead UTMP on failure (login was by affected this when shadow
+	was builded without PAM support).
+
+	* NEWS, src/login.c:
+	the PAM session needs to be closed as root, thus before change_uid()
+	http://bugs.debian.org/53570 http://bugs.debian.org/195048 http://bugs.debian.org/211884
+
+	* man/Attic/passwd.1, man/passwd.1.xml:
+	s/compatiblity/compatibility/ (fix by Christian Perrier <bubulle@kheops.frmug.org>).
+
+2005-06-09  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, man/Attic/chfn.1, man/chfn.1.xml:
+	give more details about the influence of login.defs on what's allowed to
+	users (based on Debian patches).
+
+	* NEWS, src/su.c:
+	fix syslogs to be less ambiguous. Use old:new format instead of old-new
+	because '-' can appear in usernames.
+	http://bugs.debian.org/213592
+
+	* NEWS, src/login.c:
+	made login's -f option also able to use the username after -- if none
+	was passed as it's optarg
+	http://bugs.debian.org/53702
+
+	* po/POTFILES.in, NEWS, libmisc/Attic/setup.c, libmisc/Makefile.am:
+	not used now (removed).
+
+	* man/Attic/usermod.8, man/usermod.8.xml:
+	s/inactive_time/inactive_days/ in -f parameter in SYNOPSIS (fix by Christian
+	Perrier <bubulle@debian.org>).
+
+2005-06-08  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/grpck.8, man/grpck.8.xml:
+	typo: s/incorrectable/uncorrectable/ (by A Costa <agcosta@gis.net>).
+
+	* man/Attic/gshadow.5, man/gshadow.5.xml:
+	typos: s/folowing/following/; s/encryped/encrypted/; s/supercedes/supersedes/
+	(by A Costa <agcosta@gis.net>).
+
+	* man/Attic/shadow.5, man/shadow.5.xml:
+	typos: s/encryped/encrypted/; s/supercedes/supersedes/
+	(by A Costa <agcosta@gis.net>)
+
+2005-06-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/login.c, NEWS:
+	check for hushed login and pass PAM_SILENT if true.
+	http://bugs.debian.org/48002
+
+	* src/login.c, NEWS:
+	fixed loggin of username on succesful login (was using the normal username,
+	when it should have used pam_user) http://bugs.debian.org/47819
+
+2005-06-02  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/zh_TW.po: updated (by Tetralet <tetralet@pchome.com.tw>).
+
+	* NEWS, po/ca.po: updated (by Guillem Jover <guillem@debian.org>).
+
+	* man/de/passwd.1:
+	added small comment with marker usefull for translators.
+
+2005-05-25  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/Attic/mkpasswd.c, src/chpasswd.c, src/faillog.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/su.c, src/useradd.c, src/userdel.c, src/usermod.c, lib/encrypt.c, lib/getdef.c, lib/gshadow.c, lib/pwauth.h, lib/shadow.c, libmisc/failure.c, libmisc/isexpired.c, libmisc/salt.c:
+	indent all.
+
+	* src/chage.c, src/chpasswd.c, src/expiry.c, src/login.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, lib/Attic/sppack.c, lib/defines.h, lib/lockpw.c, lib/prototypes.h, lib/sgetspent.c, lib/shadow.c, lib/shadowio.c, libmisc/age.c, libmisc/entry.c, libmisc/isexpired.c, libmisc/pwd2spwd.c, libmisc/pwdcheck.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, Attic/acconfig.h, NEWS, configure.in:
+	remove using SHADOWPWD #define so now shadow is allways builded with shadow
+	password support.
+
+2005-05-24  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/chage.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, NEWS, man/Attic/chage.1, man/chage.1.xml:
+	rewrite for use getopt_long().
+
+2005-05-23  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, configure.in: start working on 4.0.10.
+
+	* man/Makefile.am: remove shadow-man-pages.pot target from all.
+
+2005-05-19  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* lib/encrypt.c, NEWS:
+	fixed passwd segfault in non-PAM connfiguration (submited by Greg Schafer <gschafer@zip.com.au>).
+
+	* po/sv.po: upsdate (by Christian Perrier <bubulle@debian.org>).
+
+	* NEWS, src/newgrp.c:
+	fixed NULL pointer dereference - getlogin() and ttyname() can
+	return NULL which is not checked (http://bugs.debian.org/162303).
+
+	* man/Attic/su.1, man/pwconv.8.xml, man/su.1.xml, man/Attic/pwconv.8:
+	fixed typo (s,similiar,similar,).
+
+2005-05-14  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/ro.po: updated by Sorin B. <sorin@bonbon.net>.
+
+	* po/ru.po, NEWS: updated by yu-koz <yu-koz@yandex.ru>.
+
+2005-05-13  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/ro.po: few updates by Sorin Batariuc <sorin@bonbon.net>.
+
+2005-05-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/ru.po: updated (by Yuri Kozlov <yuray@id.ru>).
+
+2005-05-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/vi.po:
+	completed translations for HEAD (by Clytie Siddall <clytie@riverland.net.au>).
+
+2005-05-09  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/LINGUAS, po/vi.po: added new vi translation.
+
+	* NEWS, lib/getdef.c:
+	leaves the table as it is, and changes from the binary search to
+	a sequential one (fix by Lucas Correia Villa Real <lucasvr@gobolinux.org>).
+
+	* man/Attic/passwd.1, man/passwd.1.xml:
+	make bold passwd and chfn commands.
+
+2005-04-28  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/usermod.8.xml, man/vipw.8.xml: cleanups.
+
+2005-04-27  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/shadowconfig.8.xml, man/gpasswd.1.xml, man/groups.1.xml, man/grpck.8.xml, man/login.defs.5.xml, man/passwd.1.xml, man/pwck.8.xml, man/sulogin.8.xml, man/useradd.8.xml:
+	replace <emphasis remap='B'></emphasis> by <command></command>.
+
+	* po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, src/lastlog.c:
+	fixed lastlog --help message (s,--login,--user,) http://bugs.debian.org/249611
+
+	* man/Attic/mkpasswd.8.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml:
+	use <varlistentry></varlistentry> in FILES section. Cleanups.
+
+	* man/expiry.1.xml, man/chsh.1.xml, man/chpasswd.8.xml, man/chfn.1.xml, man/porttime.5.xml, man/Attic/pw_auth.3.xml:
+	cleanups.
+
+	* man/Attic/vipw.8, man/vipw.8.xml:
+	small fix: s,vi,vi(1), (reported by Helge Kreutzmann <kreutzm@itp.uni-hannover.de> in
+	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=260636).
+	s,VISUAL,$VISUAL; s,EDITOR,$EDITOR,
+
+2005-04-26  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/login.1.xml: fixed bold (use <command></command>). Cleanups.
+
+	* man/Attic/login.1: fixed typo in bold.
+
+	* man/chage.1.xml: fixed italic. Cleanups.
+
+	* man/Attic/chage.1: fixed typo in italic.
+
+	* man/login.defs.5.xml:
+	fixed italic (use <filename></filename> istead italic). Cleanups.
+
+	* man/Attic/login.defs.5: fixed typo in italic.
+
+	* man/vipw.8.xml: fixed italic (use <filename></filename>).
+
+	* man/Attic/vipw.8: typo in italic.
+
+	* man/Makefile.am:
+	added target for generate shadow-man-pages.pot. List all now useable xml files
+	in man_XMANS variable.
+
+	* man/pwconv.8.xml:
+	fixed bold. Use in more places <command></command> istead bold.
+
+	* man/Attic/login.defs.5: typo in bold.
+
+	* man/su.1.xml:
+	removed comment. Use <variablelist></variablelist> in Files secstion.
+	Fixed bold.
+
+	* man/Attic/pwconv.8, man/Attic/su.1: typo in bold.
+
+2005-04-25  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, configure.in: start work on 4.0.9.
+
+	* po/nl.po: kill fuzzy.
+
+	* man/Attic/chage.1:
+	reverte last commit (by mistake commited experimental version generated from XML file).
+
+	* NEWS, po/nl.po:
+	updated for 4.0.8 (by "cobaco (aka Bart Cornelis)" <cobaco@linux.be>).
+
+	* po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po:
+	two typos (s,specyfied,specified,; s,maiximum,maximum,).
+
+	* NEWS, po/sk.po:
+	updated for 4.0.8 (by Peter Mann <Peter.Mann@tuke.sk>).
+
+	* src/lastlog.c: typo (s,specyfied,specified,)
+
+	* src/faillog.c: typo (s,maiximum,maximum,).
+
+2005-04-22  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/chage.1.xml, man/chfn.1.xml, man/chsh.1.xml, man/expiry.1.xml, man/gpasswd.1.xml, man/groups.1.xml, man/id.1.xml, man/login.1.xml, man/passwd.1.xml, man/su.1.xml:
+	added <refmiscinfo class="sectdesc">User Commands</refmiscinfo> in <refmeta></refmeta>.
+
+	* man/Attic/mkpasswd.8.xml, man/Attic/pw_auth.3.xml, man/Attic/shadowconfig.8.xml, man/chfn.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/vigr.8.xml:
+	Use encoding="UTF-8" and DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN".
+
+	* man/userdel.8.xml, man/usermod.8.xml, man/vigr.8.xml, man/vipw.8.xml, man/Attic/mkpasswd.8.xml, man/Attic/pw_auth.3.xml, man/Attic/shadowconfig.8.xml, man/chage.1.xml, man/chfn.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml:
+	better formation using "xmlindent -l 80 -d 2".
+
+2005-04-21  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/it/Attic/shadowconfig.8, man/it/chsh.1, man/it/expiry.1, man/it/faillog.5, man/it/faillog.8, man/it/getspnam.3, man/it/groups.1, man/it/grpck.8, man/it/grpconv.8, man/it/grpunconv.8, man/it/id.1, man/it/lastlog.8, man/it/login.1, man/it/logoutd.8, man/it/newgrp.1, man/it/porttime.5, man/it/pwck.8, man/it/shadow.3, man/it/shadow.5, man/it/su.1, man/it/vipw.8, NEWS, man/it/Makefile.am, man/it/chage.1, man/it/chfn.1, man/it/chpasswd.8:
+	updated it man pages: chfn.1, chsh.1, groups.1, grpck.8, grpconv.8, grpunconv.8,
+	id.1, lastlog.8, login.1, newgrp.1, pwunconv.8, shadow.5, vigr.8, vipw.8.
+	new it man pages: chage.1, chpasswd.8, expiry.1, faillog.5, faillog.8,
+	getspnam.3, logoutd.8, porttime.5, pwck.8, shadow.3, shadowconfig.8, su.1.
+	(by Danilo Piazzalunga <danilopiazza@libero.it>)
+
+	* po/uk.po:
+	cleanups in plural forms (by Roman Festchook <roma@polesye.net>).
+
+	* man/Attic/chage.1, man/Attic/mkpasswd.8.xml, man/Attic/pw_auth.3.xml, man/Attic/shadowconfig.8.xml, man/chfn.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml:
+	reformated using xemacs.
+
+2005-04-20  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/fr.po, NEWS:
+	updated for 4.0.8 (by Christian Perrier <bubulle@kheops.frmug.org>).
+
+	* NEWS, po/eu.po: updated for 4.0.8 (by ^pi^ <piarres@gmail.com>).
+
+	* NEWS, po/uk.po:
+	updated for 4.0.8 (by Roman Festchook <roma@polesye.net>).
+
+	* po/cs.po:
+	updated for 4.0.8 (by Miroslav Kure <kurem@upcase.inf.upol.cz>).
+
+	* po/da.po, NEWS:
+	updated for 4.0.8 (by Claus Hindsgaul <claus_h@image.dk>).
+
+	* po/ko.po, NEWS:
+	updated for 4.0.8 (by Changwoo Ryu <cwryu@debian.org>).
+
+	* po/fi.po: kill one fuzzy (by Tommi Vainikainen <thv+debian@iki.fi>).
+
+2005-04-19  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/chpasswd.8.xml: Rewrited by hand & xemacs.
+
+	* man/chfn.1.xml: cleanups in <refentry> tag.
+
+	* man/chfn.1.xml: Rewrited by hand & xemacs.
+
+	* NEWS, po/pt.po:
+	updated for 4.0.8 (by Miguel Figueiredo <elmig@debianpt.org>).
+
+	* po/es.po, NEWS: updated (by Ruben Porras <nahoo@inicia.es>).
+
+2005-04-18  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/useradd.8:
+	fixed typos in useadd syntax (in SYNOPSIS section) catched using doclifter.
+
+	* man/Attic/mkpasswd.8.xml, man/Attic/pw_auth.3.xml, man/Attic/shadowconfig.8.xml, man/chfn.1.xml, man/chpasswd.8.xml, man/chsh.1.xml, man/expiry.1.xml, man/faillog.5.xml, man/faillog.8.xml, man/getspnam.3.xml, man/gpasswd.1.xml, man/groupadd.8.xml, man/groupdel.8.xml, man/groupmems.8.xml, man/groupmod.8.xml, man/groups.1.xml, man/grpck.8.xml, man/grpconv.8.xml, man/grpunconv.8.xml, man/gshadow.5.xml, man/id.1.xml, man/lastlog.8.xml, man/limits.5.xml, man/login.1.xml, man/login.access.5.xml, man/login.defs.5.xml, man/logoutd.8.xml, man/newusers.8.xml, man/passwd.1.xml, man/passwd.5.xml, man/porttime.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/pwunconv.8.xml, man/sg.1.xml, man/shadow.3.xml, man/shadow.5.xml, man/su.1.xml, man/suauth.5.xml, man/sulogin.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vigr.8.xml, man/vipw.8.xml:
+	raw version converted using doclifter.
+
+	* configure.in: remove handle --with-lib{opie,skey}.
+
+	* man/de/chsh.1:
+	synced with english version (by Simon Brandmair <sbrandmair@gmx.net>).
+
+	* man/Attic/usermod.8: improved -o description.
+
+	* man/de/passwd.1:
+	added translation EXIT VALUES section (by Simon Brandmair <sbrandmair@gmx.net>).
+
+	* NEWS, po/it.po:
+	updated it translation (by Danilo Piazzalunga <danilopiazza@libero.it>).
+
+2005-04-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po:
+	cleanups.
+
+	* po/pl.po: updated.
+
+	* src/usermod.c:
+	use the same error message ("%s: PAM authentication failed\n") on fail
+	authentication as in other tools.
+
+	* po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po:
+	run "make update-po".
+
+	* src/login.c, src/login_nopam.c:
+	fixed build with disabled PAM support: move bad_time_notify() and check_nologin()
+	back to src/login.c but use this functions #ifndef USE_PAM.
+
+	* NEWS, lib/Makefile.am, lib/pwauth.c:
+	remove not working OPIE and SKEY support.
+
+	* configure.in: typo (s,SELinuux,SELinux,).
+
+	* NEWS: typos.
+
+	* NEWS: chage, useradd, usermod: reduce multiple OPENLOG() calls.
+
+	* src/useradd.c, src/usermod.c: fix multiple OPENLOG() calls.
+
+	* src/chage.c: cleanups.
+
+	* src/chage.c: fix multiple OPENLOG() calls.
+
+	* src/chage.c:
+	use E_SUCCESS/E_NOPERM #defines instead 0/1 in exit() arguments.
+
+2005-04-15  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/passwd.c:
+	adjust also syslog message on usage -S option without permission.
+	Consolidate SELinix and non-SELinux code.
+
+	* po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, NEWS, src/passwd.c:
+	fix #61313 Debian bug: "passwd -S root" (as a normal user) should not
+	display "You may not change the password for root.
+
+	* NEWS, man/Attic/passwd.1:
+	fix #160477 Debian bug: improve -S output description.
+
+	* man/de/passwd.1:
+	new translation by Simon Brandmair <sbrandmair@gmx.net> with merged all
+	changes between revision 1.2 a 1.5.
+
+2005-04-14  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/passwd.1, man/pl/passwd.1: bold passwd and chage commands.
+
+	* NEWS, src/vipw.c:
+	fixed race condition in vipw (Debian #242407 bug; fix by Alexander Gattin
+	<arg@online.com.ua>).
+
+	* man/pl/Attic/chage.1.xml, man/pl/chage.1:
+	synced with english version.
+
+	* man/Attic/chage.1, man/chage.1.xml:
+	add info about what mean -1 passed n expiredate parameter (based on #304542
+	Debian bug; submited by Federico Grau <grauf@rfa.org>).
+
+2005-04-13  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/fi.po, NEWS:
+	updated translation (by Tommi Vainikainen <tvainikan@cc.hut.fi>).
+
+	* man/hu/passwd.1, man/it/passwd.1, man/ja/passwd.1, man/pl/passwd.1, man/Attic/passwd.1, man/de/passwd.1, man/es/passwd.1:
+	cleanups and unifications in SEE ALSO section.
+
+2005-04-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* configure.in:
+	Info documentation says about AC_GNU_SOURCE: "should be called before any
+	macros that run the C compiler". So move this macro on top configure.in for
+	avoid autoconf warnings.
+
+	* configure.in:
+	AC_SYS_LARGEFILE() performs checking is fseeko() is avalaible so "fseeko" can
+	be removed from AC_CHECK_FUNCS() parameters.
+
+	* NEWS, configure.in: Remove using AC_PROG_GCC_TRADITIONAL macro.
+	Add using AC_GNU_SOURCE macro for kill compilation warnings about implicit
+	declaration of function `fseeko'.
+
+	* po/cs.po: killed fuzzy (by Miroslav Kure <kurem@debian.cz>).
+
+	* man/ja/newgrp.1, man/pl/newgrp.1, NEWS, man/Attic/newgrp.1, man/hu/newgrp.1:
+	newgrp uses /bin/sh (not bash).
+
+	* man/Attic/gpasswd.1, man/Attic/groupdel.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/id.1, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/pwck.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8:
+	describe /etc/group in FILES section as "group account information".
+
+	* man/Attic/grpck.8:
+	describe /etc/passwd in FILES section as "user account information".
+
+	* po/stats: small script for generate translations statistics.
+
+	* NEWS, po/cs.po: Updated by Miroslav Kure <kurem@debian.cz>.
+
+	* man/chage.1.xml, man/Attic/chage.1, man/Attic/expiry.1, man/Attic/login.1, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/passwd.1, man/Attic/pwck.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/sulogin.8:
+	describe /etc/shadow in FILES section as "secure user account information".
+
+	* man/Attic/newgrp.1:
+	Reformated paragraph. s,Bourne shell,\fBbash\fR shell,
+
+	* NEWS, man/Attic/newgrp.1:
+	fix #251926, #166173, #113191 Debian bugs: explain why editing /etc/group
+	(without gshadow) doesn't permit to use newgrp.
+
+	* po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po:
+	added/fixed Plural-Forms: header entries. Run "make update-po".
+
+	* po/pl.po:
+	added Plural-Forms: header entry and updated for last change in
+	libmisc/failure.c.
+
+	* libmisc/failure.c:
+	break message text with failure login since last login.
+
+	* libmisc/failure.c:
+	Use ngettext instead of string concatenation and static number of cases.
+	Patch by Tommi Vainikainen <tvainika@cc.hut.fi>.
+
+2005-04-11  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/cs.po:
+	new translation maintainer: Miroslav Kure <kurem@debian.cz>.
+
+2005-04-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/pl.po: updated for 4.0.8.
+
+2005-04-09  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, src/faillog.c:
+	changed faillog records display format for allow fit in 80 columns all
+	faillog atributies.
+
+	* po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po:
+	run "make update-po". Updated pl.po.
+
+	* src/faillog.c (usage): typo (s,IDAYS,DAYS,).
+
+	* man/Attic/faillog.8, NEWS:
+	updated after rewrite faillog command for use getopt_long().
+
+	* src/faillog.c:
+	Add handle -h,--help option. Show in usage output information about
+	-t,--time option. Remove handle -p option.
+
+	* po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po:
+	run "make update-po".
+
+	* po/POTFILES.in: updated.
+
+	* man/Attic/gpasswd.1: typo (s,fB,\fB,).
+
+2005-04-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, man/ja/login.1:
+	updated ja man page for Debian #95213 bug (by Kenshi Muto <kmuto@debian.org>).
+
+	* src/chage.c, src/chfn.c, src/chsh.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/grpck.c, src/passwd.c, src/pwck.c, src/useradd.c, src/userdel.c, src/usermod.c, NEWS, lib/Attic/grdbm.c, lib/Attic/gsdbm.c, lib/Attic/pwdbm.c, lib/Attic/spdbm.c, lib/Makefile.am, lib/gshadow.c, lib/shadow.c:
+	next round of cleanups: removed NDBM code (unused).
+
+	* src/login.c: consilidate some !USE_PAM lines.
+
+	* src/login.c, src/login_nopam.c:
+	move bad_time_notify() and check_nologin() to src/login_nopam.c.
+
+	* lib/prototypes.h: remove not used login_desrpc() prototype.
+
+	* lib/Attic/rad64.c, lib/encrypt.c, lib/prototypes.h, lib/Makefile.am:
+	remove lib/rad64 with not used c64i() and i64c() functions.
+
+	* lib/encrypt.c:
+	remove "#ifdef SW_CRYPT .. #endif" and "#ifdef DOUBLESIZE .. #endif" unused code.
+
+	* lib/encrypt.c: remove "#ifdef MD5_CRYPT .. #endif" unused code.
+
+	* libmisc/salt.c:
+	remove prototypes for *l64a() and add #include <stdlib.h>. Remove unused
+	now code (old style random salt generator).
+
+	* src/chage.c: cleanups.
+
+	* src/chpasswd.c:
+	remove prototypes for *l64a() and add #include <stdlib.h>.
+
+	* src/login.c: remove login_fbtab() prototype.
+
+	* src/chage.c:
+	remove prototypes for a64l() and *l64a() and add #include <stdlib.h>.
+
+2005-04-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/ru/passwd.5, man/zh_CN/chfn.1, man/zh_CN/chpasswd.8, man/zh_CN/chsh.1, man/zh_CN/groupadd.8, man/zh_CN/groupdel.8, man/zh_CN/groupmod.8, man/zh_CN/useradd.8, man/zh_CN/userdel.8, man/zh_CN/usermod.8, man/zh_TW/chfn.1, man/zh_TW/chsh.1, man/zh_TW/groupadd.8, man/zh_TW/groupdel.8, man/zh_TW/groupmod.8, man/zh_TW/useradd.8, man/zh_TW/userdel.8, man/zh_TW/usermod.8, man/ko/chfn.1, man/ko/chsh.1, man/ko/groups.1, man/ko/id.1, man/ko/login.1, man/ko/passwd.5, man/ko/su.1, man/pt_BR/gpasswd.1, man/pt_BR/groupadd.8, man/pt_BR/groupdel.8, man/pt_BR/groupmod.8, man/pt_BR/shadow.5, man/ja/Attic/mkpasswd.8, man/ja/Attic/pw_auth.3, man/ja/chage.1, man/ja/chfn.1, man/ja/chpasswd.8, man/ja/chsh.1, man/ja/expiry.1, man/ja/faillog.8, man/ja/gpasswd.1, man/ja/groupadd.8, man/ja/groupmod.8, man/ja/groups.1, man/ja/grpck.8, man/ja/id.1, man/ja/lastlog.8, man/ja/limits.5, man/ja/login.1, man/ja/login.access.5, man/ja/login.defs.5, man/ja/newgrp.1, man/ja/passwd.1, man/ja/porttime.5, man/ja/pwck.8, man/ja/shadow.3, man/ja/su.1, man/ja/suauth.5, man/ja/sulogin.8, man/ja/useradd.8, man/ja/userdel.8, man/ja/usermod.8, man/ja/vipw.8, man/hu/chfn.1, man/hu/chsh.1, man/hu/gpasswd.1, man/hu/groups.1, man/hu/id.1, man/hu/login.1, man/hu/newgrp.1, man/hu/passwd.1, man/hu/su.1, man/id/chsh.1, man/id/login.1, man/id/useradd.8, man/it/chfn.1, man/it/chsh.1, man/it/gpasswd.1, man/it/groupadd.8, man/it/groupdel.8, man/it/groupmod.8, man/it/groups.1, man/it/grpck.8, man/it/id.1, man/it/lastlog.8, man/it/login.1, man/it/passwd.5, man/it/shadow.5, man/it/useradd.8, man/it/userdel.8, man/it/usermod.8, man/it/vipw.8, man/de/chfn.1, man/de/chsh.1, man/de/login.1, man/de/passwd.1, man/de/passwd.5, man/de/su.1, man/de/vipw.8, man/es/login.1, man/es/passwd.1, man/es/su.1, man/fr/chage.1, man/fr/chpasswd.8, man/fr/chsh.1, man/fr/faillog.5, man/fr/gpasswd.1, man/fr/groups.1, man/fr/id.1, man/fr/passwd.1, man/fr/passwd.5, man/fr/shadow.5, man/fr/su.1, man/fr/useradd.8, man/fr/userdel.8, man/fr/usermod.8, man/cs/groups.1, man/cs/id.1, man/cs/lastlog.8, man/cs/passwd.5, man/cs/shadow.5, man/cs/su.1, man/pl/Attic/mkpasswd.8, man/pl/Attic/pw_auth.3, man/pl/Attic/shadowconfig.8, man/pl/chage.1, man/pl/chfn.1, man/pl/chpasswd.8, man/pl/chsh.1, man/pl/expiry.1, man/pl/faillog.5, man/pl/faillog.8, man/pl/gpasswd.1, man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmems.8, man/pl/groupmod.8, man/pl/groups.1, man/pl/grpck.8, man/pl/id.1, man/pl/lastlog.8, man/pl/limits.5, man/pl/login.1, man/pl/login.access.5, man/pl/login.defs.5, man/pl/logoutd.8, man/pl/newgrp.1, man/pl/newusers.8, man/pl/passwd.1, man/pl/passwd.5, man/pl/porttime.5, man/pl/pwck.8, man/pl/pwconv.8, man/pl/shadow.3, man/pl/shadow.5, man/pl/su.1, man/pl/suauth.5, man/pl/sulogin.8, man/pl/useradd.8, man/pl/userdel.8, man/pl/vipw.8, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/expiry.1, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/grpck.8, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.defs.5, man/Attic/newgrp.1, man/Attic/passwd.1, man/Attic/porttime.5, man/Attic/pwck.8, man/Attic/shadow.3, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/usermod.8, man/Attic/vipw.8:
+	more replaces "-" by "\-" (s,\\-,-,g; s,-,\\-,g).
+
+	* man/pl/usermod.8: finish sync with english version.
+
+	* man/hu/login.1, man/pl/login.1, NEWS, man/Attic/login.1, man/de/login.1:
+	removed fragment about abilities pass enviroment variables in login prompt.
+
+	* man/Attic/gpasswd.1, man/Attic/newgrp.1:
+	fixes by Nicolas Nicolas François <nicolas.francois@centraliens.net> (not all
+	commited).
+
+2005-04-02  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pwck.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/vipw.8, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/gshadow.5, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/limits.5:
+	replace all "-" by "\-" (s,\\-,-,; s,-,\\-,).
+
+	* man/cs/groups.1: cleanups.
+
+	* NEWS, src/su.c:
+	fixed use of SU_WHEEL_ONLY in su. Now su realy is avalaible for wheel group
+	members. Thanks to Mike Frysinger <vapier@gentoo.org> for report:
+	http://bugs.gentoo.org/show_bug.cgi?id=80345
+
+	* man/pl/Attic/chage.1.xml:
+	converted from roff using doclifter. Rewrited by hand. Probably will be
+	removed after prepare infrastructure for translate man pages using gettext
+	but temporary I need this for some experiments.
+
+	* src/login.c: remove unused #ifded LOGIN_FBTAB .. #endif code.
+
+	* configure.in, libmisc/Attic/login_access.c, libmisc/Makefile.am, src/Makefile.am, src/login.c, src/login_nopam.c:
+	move libmisc/login_access.c to src/login_mopam.c.
+	Remove using LOGIN_ACCESS #define. Now LOGIN_ACCESS is equal to !USE_PAM.
+	In src/login_nopam.c will be cumulated non-PAM specyfic login code.
+
+	* src/lastlog.c, src/login.c, src/useradd.c, src/usermod.c, libmisc/log.c:
+	cleanups: remove using #include "lastlog_.h".
+
+	* src/login.c: fixed build with PAM support disabled.
+
+	* src/login.c: remove "#ifdef HUP_MESG_FILE .. #endif" code.
+
+	* src/login.c: reindent using -l80.
+
+	* man/Attic/chage.1, man/chage.1.xml:
+	s/chage/chage command/ in DESCRIPTION.
+
+	* man/chage.1.xml:
+	converted from roff using doclifter. Rewrited by hand.
+
+	* man/Attic/chage.1, man/Attic/chfn.1, man/Attic/faillog.8, man/Attic/groupmod.8, man/Attic/pwconv.8, man/Attic/useradd.8, man/Attic/usermod.8:
+	cleanups.
+
+	* man/Attic/pwconv.8: fixed typo: s,fI,\fI,
+
+	* po/POTFILES.in: remove libmisc/login_{desrpc,krb}.c.
+
+	* lib/getdef.c, libmisc/Attic/login_desrpc.c, libmisc/Attic/login_krb.c, libmisc/Makefile.am, src/login.c, NEWS, autogen.sh, configure.in:
+	drop never finished kerberos and des_rpc support.
+
+	* man/it/chfn.1: cleanups.
+
+2005-04-01  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, configure.in:
+	fixed UTMP path detection (by Kelledin <kelledin@users.sf.net>).
+
+	* man/fr/chsh.1: typo.
+
+	* man/de/Makefile.am, man/de/passwd.5:
+	imported from Deutscher manpages.
+
+	* man/cs/Makefile.am, man/cs/groups.1, man/cs/lastlog.8, man/cs/su.1:
+	new files imported from Czech man-pages.
+
+	* man/pl/faillog.8, man/pl/groupmems.8, man/pl/id.1, man/pt_BR/groupadd.8, man/pt_BR/groupmod.8, man/zh_CN/groupadd.8, man/zh_CN/groupmod.8, man/zh_CN/useradd.8, man/zh_CN/usermod.8, man/zh_TW/groupadd.8, man/zh_TW/groupmod.8, man/zh_TW/useradd.8, man/zh_TW/usermod.8, man/fr/chage.1, man/fr/chpasswd.8, man/fr/passwd.1, man/hu/chsh.1, man/it/groupadd.8, man/it/groupmod.8, man/it/usermod.8, man/ja/chage.1, man/ja/chfn.1, man/ja/chsh.1, man/ja/gpasswd.1, man/ja/groupadd.8, man/ja/groupmod.8, man/ja/login.1, man/ja/passwd.1, man/ja/useradd.8, man/ja/usermod.8, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chsh.1, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/id.1, man/Attic/login.1, man/Attic/passwd.1, man/Attic/useradd.8, man/de/chfn.1, man/de/chsh.1, man/de/login.1, man/de/passwd.1:
+	cleanups: aded missing \fR.
+
+	* man/Attic/gpasswd.1, man/Attic/gshadow.5, man/Makefile.am, NEWS:
+	added new file (by Nicolas Nicolas François <nicolas.francois@centraliens.net>).
+
+2005-03-31  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/chage.1, man/pl/chfn.1, man/pl/chsh.1, man/pl/gpasswd.1:
+	added missing \fR.
+
+	* man/pl/groupmod.8: typo: s,\fI,\fR,
+
+	* man/pl/login.1, man/pl/passwd.1: cleanups: aded missing \fR.
+
+	* man/pl/sulogin.8: cleanups.
+
+	* man/pl/useradd.8: cleanups: aded missing \fR.
+
+	* man/pl/usermod.8: partialy synced with english version.
+
+	* man/Attic/usermod.8: typo.
+
+	* NEWS, man/Attic/usermod.8:
+	fixed #302388 Debian bug: added separated -o option description.
+
+	* lib/getdef.c:
+	FAILLOG_ENAB, LOGIN_STRING moved to code "#ifndef USE_PAM" dependent.
+
+	* lib/pwauth.c, lib/pwauth.h: enable pw_auth() only #ifndef USE_PAM.
+
+	* src/userdel.c, src/usermod.c, src/vipw.c, src/Attic/mkpasswd.c, src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/expiry.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmems.c, src/groupmod.c, src/groups.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, src/logoutd.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/suauth.c, src/sulogin.c, src/useradd.c, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, libmisc/Attic/login_access.c, libmisc/Attic/login_krb.c, libmisc/addgrps.c, libmisc/age.c, libmisc/chkname.h, libmisc/chowndir.c, libmisc/chowntty.c, libmisc/copydir.c, libmisc/env.c, libmisc/failure.c, libmisc/failure.h, libmisc/getdate.h, libmisc/hushed.c, libmisc/isexpired.c, libmisc/limits.c, libmisc/loginprompt.c, libmisc/motd.c, libmisc/pam_pass.c, libmisc/pwdcheck.c, libmisc/rlogin.c, libmisc/setugid.c, libmisc/setupenv.c, libmisc/shell.c, libmisc/strtoday.c, libmisc/sulog.c, libmisc/ttytype.c, libmisc/utmp.c, libmisc/xmalloc.c, NEWS, lib/Attic/getpass.c, lib/Attic/grdbm.c, lib/Attic/grpack.c, lib/Attic/gsdbm.c, lib/Attic/gspack.c, lib/Attic/pwdbm.c, lib/Attic/pwpack.c, lib/Attic/rad64.c, lib/Attic/rcsid.h, lib/Attic/spdbm.c, lib/Attic/sppack.c, lib/commonio.c, lib/commonio.h, lib/defines.h, lib/encrypt.c, lib/faillog.h, lib/fputsx.c, lib/getdef.c, lib/getdef.h, lib/groupio.c, lib/groupio.h, lib/gshadow.c, lib/gshadow_.h, lib/lockpw.c, lib/port.c, lib/port.h, lib/prototypes.h, lib/pwauth.c, lib/pwauth.h, lib/pwio.c, lib/pwio.h, lib/sgetgrent.c, lib/sgetpwent.c, lib/sgetspent.c, lib/sgroupio.c, lib/sgroupio.h, lib/shadow.c, lib/shadowio.c, lib/shadowio.h, lib/utent.c:
+	reindent all source code using -l80.
+
+	* libmisc/.indent.pro, src/.indent.pro, lib/.indent.pro: -l80 added.
+
+	* lib/gshadow.c, NEWS:
+	rewrited group count to dynamic (by John Newbigin <jnewbigin@ict.swin.edu.au >).
+
+	* po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po:
+	run "make update-po".
+
+	* src/login.c: use allways "\n%s login: " login prompt.
+
+	* src/login.c: removed radius support (even not compiles).
+
+	* doc/Attic/README.mirrors, doc/Makefile.am: removed.
+
+	* src/userdel.c (update_user): removed next redundant closing }.
+
+	* src/userdel.c: remove using unused NO_REMOVE_MAILBOX #define.
+
+	* src/userdel.c (update_user): removed redundant closing }.
+
+2005-03-30  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* lib/getdef.c:
+	move PASS_MAX_DAYS, PASS_MIN_DAYS and PASS_WARN_AGE to part PAM not dependent
+	(used in useradd, pwconv).
+
+	* configure.in, src/Makefile.am:
+	move define LOCALEDIR using AC_DEFINE_UNQUOTED() to src/Makefile.am::AM_CPPFLAGS.
+
+	* man/Attic/pwconv.8: typo in bold.
+
+	* doc/Attic/INSTALL: removed.
+
+	* doc/Attic/README.sun4, doc/Makefile.am: removed outdated README.sun4.
+
+2005-03-24  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/pl.po: put mine data in Last-Translator: field.
+
+	* src/newusers.c:
+	use the same as in useradd default UMASK (022 instead 077) if diffrent not
+	defined in login.defs.
+
+	* NEWS, libmisc/copydir.c:
+	added SELinux changes (based on Fedora patch).
+
+	* NEWS: typo.
+
+	* man/Attic/login.defs.5: typo in bold.
+
+	* src/chfn.c, src/chsh.c, lib/getdef.c:
+	move CHFN_AUTH, CHSH_AUTH variables from login.defs to part !USE_PAM dependent.
+	Use "auth required pam_unix.so" in /etc/pam.d/{chfn,chsh} for force enter password
+	on use chfn/chsh.
+
+	* lib/getdef.c: added CHSH_AUTH variable in def_table[] table.
+
+	* src/chsh.c: s/CHFN_AUTH/CHSH_AUTH/
+
+	* man/Attic/shadow.5, man/Attic/passwd.5:
+	add more accurate information about what contains field with encrypted password in
+	each passwd/shadow line (reported by Mike Brodbelt).
+
+	* autogen.sh: reorder.
+
+	* lib/getdef.c:
+	CRACKLIB_DICTPATH, ENV_HZ, ENV_PATH, ENV_ROOTPATH, ENV_SUPATH, ENV_TZ,
+	ENVIRON_FILE, FTMP_FILE, ISSUE_FILE, LASTLOG_ENAB, MAIL_CHECK_ENAB, MAIL_DIR,
+	MAIL_FILE, MD5_CRYPT_ENAB, MOTD_FILE, NOLOGINS_FILE, OBSCURE_CHECKS_ENAB,
+	PASS_ALWAYS_WARN, PASS_CHANGE_TRIES, PASS_MAX_DAYS, PASS_MAX_LEN, PASS_MIN_DAYS,
+	PASS_MIN_LEN, PASS_WARN_AGE, PORTTIME_CHECKS_ENAB, SU_WHEEL_ONLY, QMAIL_DIR,
+	QUOTAS_ENAB, ULIMIT variables moved to code "#ifndef USE_PAM" dependent.
+
+	* configure.in:
+	fix importand typo: added missing ",". Now LOGIN_ACCESS realy is defined only
+	when PAM is not enabled.
+
+	* libmisc/obscure.c, libmisc/limits.c:
+	all functions from this file are "#ifndef USE_PAM" dependent.
+
+	* libmisc/setugid.c (change_uid):
+	removed dead code depndent on "#ifdef BSD".
+
+	* libmisc/ttytype.c (ttytype):
+	removed dead code depend on "defined(SUN) || defined(BSD) || defined(SUN4)".
+
+	* src/login.c (setup_tty): remove dead code.
+
+	* libmisc/rlogin.c:
+	fix compilation warning: replace #include <unistd.h> by #include <netdb.h>
+	where ruserok() is declared.
+
+2005-03-23  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/pl.po: kill one fuzzy entry.
+
+2005-03-09  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, libmisc/log.c:
+	fixed create lastlog entry fo users never loged in on non-PAM
+	variant of login (fix by <oracular@ziplip.com>).
+
+2005-03-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, etc/Attic/login.defs.linux, etc/login.defs, lib/getdef.c, man/pl/login.defs.5:
+	remove handle login.defs::NOLOGIN_STR (never used).
+
+2005-02-25  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/shadow.5:
+	added missing '\&' in line starting with '\.', which causes groff to skip
+	it entirely (fix submited by Danilo Piazzalunga <danilopiazza@libero.it>).
+
+	* TODO: cleanups.
+
+2005-02-23  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/useradd.c, NEWS:
+	useradd: fixes a potential security problem when mailbox is created in
+	useradd.
+	Patch and comment by Koblinger Egmont <egmont@uhulinux.hu>:
+	Only two arguments are passed to the open() call though it expects three
+	because O_CREAT is present. Hence the permission of the file first becomes
+	some random garbage found on the stack, and an attacker can perhaps open
+	this file and hold it open for reading or writing before the proper
+	fchmod() is executed. (Actually, we could also pass the final "mode" to
+	the open() call and then save the consequent fchmod().)
+
+2005-02-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/LINGUAS, po/tl.po:
+	added tl translation (fron Debian resources).
+
+2005-02-14  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, src/chage.c, src/chfn.c, src/chsh.c, src/passwd.c:
+	SELinux changes: added changes in chage, chfn, chsh, passwd for allow
+	construct more grained user password/accuunt properties on SELinux
+	policies level. Patch originally based on RH changes (submited by Chris
+	PeBenito <pebenito@gentoo.org>)
+
+2005-02-09  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/fr.po, NEWS:
+	updated translation (by Jean-Luc Coulon <jean-luc.coulon@wanadoo.fr>) from
+	Debian resources.
+
+2005-01-26  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, configure.in: open work on 4.0.8.
+
+2005-01-24  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po:
+	"make update-po".
+
+2005-01-21  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, po/it.po:
+	updated it translations (by Danilo Piazzalunga <danilopiazza@libero.it>).
+
+2005-01-20  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* libmisc/rlogin.c: remove ruserok() prototyle and #include <unistd.h>.
+
+	* lib/getdef.c: remove strtol() prototype (it comes with <stdlib.h>).
+
+	* po/da.po, po/es.po, po/nl.po, po/pl.po, po/pt.po:
+	"Project-Id-Version: shadow 4.0.7".
+
+	* NEWS, po/fi.po:
+	updated fi translation (by Tommi Vainikainen <thv+debian@iki.fi>).
+
+2005-01-18  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/da.po, po/es.po, po/pl.po, po/pt.po: kill fuzzy entries.
+
+	* po/nl.po, NEWS:
+	updated nl translations (by cobaco (aka Bart Cornelis)" <cobaco@linux.be>).
+
+	* lib/Makefile.am (libshadow_la_LIBADD): removed snprintf.h.
+
+	* NEWS, po/LINGUAS, po/zh_TW.po:
+	added zh_TW translation (from Debian resources).
+
+	* po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po:
+	"make update-po".
+
+	* src/Attic/mkpasswd.c, src/passwd.c, src/userdel.c, src/chage.c, src/chfn.c, src/chsh.c, src/gpasswd.c, src/groups.c, src/login.c:
+	"less means better" added fixes which makes english texts more consistent
+	especially with capitalization issues. Based on fixes by Tommi Vainikainen
+	<thv+debian@iki.fi> (make all text begining from lower case .. not upper).
+	This patch cuts i18n entries in each po/*po file from 420 to 402.
+
+2005-01-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: added pt to updated translations.
+
+	* lib/defines.h: reverte last change (mistake).
+
+	* po/pt.po:
+	updated translation by Miguel Figueiredo <elmig@debianpt.org>.
+
+2005-01-16  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: typo.
+
+	* NEWS: update da, es and pl (100%) translations.
+
+	* po/pl.po: finish translations.
+
+	* po/da.po: updated translations by Claus Hindsgaul <claus_h@image.dk>.
+
+	* NEWS, TODO: Typos found by Claus Hindsgaul <claus_h@image.dk>.
+
+	* po/es.po: Updates from Ruben Porras <nahoo@inicia.es>.
+
+	* lib/defines.h: - remove usong shadow_.h.
+
+	* po/pl.po: kill fuzzy.
+
+	* NEWS, lib/Attic/grent.c, lib/Attic/lastlog_.h, lib/Attic/md5.c, lib/Attic/md5.h, lib/Attic/md5crypt.c, lib/Attic/mkdir.c, lib/Attic/putgrent.c, lib/Attic/putpwent.c, lib/Attic/putspent.c, lib/Attic/pwent.c, lib/Attic/rename.c, lib/Attic/rmdir.c, lib/Attic/shadow_.h, lib/Attic/snprintf.c, lib/Attic/snprintf.h, lib/Attic/strcasecmp.c, lib/Attic/strdup.c, lib/Attic/strerror.c, lib/Attic/strstr.c, lib/Makefile.am:
+	remove unused now files in lib/ directory.
+
+	* po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/POTFILES.in, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po:
+	Now correctly shadow passes "make distcheck".
+
+	* NEWS: typo.
+
+2005-01-02  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/faillog.c, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, NEWS:
+	switch faillog ro use getopt_long().
+
+	* etc/pam.d/su: aded line with "session required pam_env.so".
+
+2004-12-30  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/de/Makefile.am, man/de/vigr.8, man/de/vipw.8, NEWS:
+	added de vigr(8), vipw(8) man pages (from Debian resources).
+
+2004-12-29  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/LINGUAS, po/ro.po, po/sq.po, NEWS:
+	added ro, sq translations (from Debian resources).
+
+2004-12-20  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* configure.in:
+	added checing is fseeko() function is avalaibabe in system: added fseeko to
+	AC_CHECK_FUNCS parameters.
+
+	* lib/Makefile.am:
+	fixed warning message about incorrect try linking non-PIC code with shared
+	library: removed $(top_builddir)/libmisc/libmisc.a from libshadow_la_LIBADD.
+
+	* NEWS:
+	- final entry about fixed large file support in lastlog and faillog.
+
+	* src/vipw.c, lib/Attic/pwent.c, lib/Attic/grent.c:
+	use fseeko() instead fseek(). This not realuy neccessary because in this
+	cases fseek() was used for move to begin of file. This only for minimize
+	external functions count.
+
+	* src/faillog.c:
+	fixes for allow operate on large files by faillog: use fseeko() instead
+	fseek().
+
+	* src/lastlog.c:
+	fixes for allow operate lastlog on large files: use fseeko() instead fseek()
+	and do not casrt file offsets to unsigned long (based on large-file patch
+	from FC).
+
+	* src/faillog.c: fixed typo in usage().
+
+2004-12-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/newgrp.1: fixed typo in bold macro.
+
+2004-12-13  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/chpasswd.8: remove bold from NAZWA section.
+
+2004-12-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/faillog.c: remove using Prog variable.
+
+	* configure.in, NEWS:
+	fixed large file support: added AC_SYS_LARGEFILE macro to autoconf.
+
+	* man/Attic/groupmod.8, man/pl/groupmod.8: separate OPTIONS section.
+
+	* man/pl/chpasswd.8: sync with english version.
+
+	* man/Attic/chpasswd.8:
+	bold "chpasswd" command name in CAVEATS section.
+
+	* man/Attic/chpasswd.8: s/protect/protected/
+
+	* man/pl/lastlog.8: cleanups.
+
+	* man/Attic/chpasswd.8, man/Attic/lastlog.8, man/Attic/newusers.8:
+	remove bold from NAME section.
+
+	* man/it/groupadd.8, man/it/useradd.8: separate OPZIONI section.
+
+	* man/pl/groupmems.8: fixes in OPCJE section.
+
+	* man/Attic/chpasswd.8: more cleanups.
+
+2004-12-11  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/chage.1, man/Attic/chfn.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/login.1, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.5, man/Attic/pw_auth.3, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/shadowconfig.8, man/Attic/suauth.5, man/Attic/useradd.8:
+	Fixed varoiuse typos and misspeling based partialy on patch from Bug#141322
+	from Debian (submited by Christian Perrier <bubulle@debian.org>).
+
+	* man/Attic/chpasswd.8: more cleanups.
+
+	* man/pl/faillog.8, man/Attic/faillog.8, man/ja/faillog.8:
+	remove from OPTIONS section information about avalaibability on some systems
+	faillog database in other location thad listed in FILES section.
+
+	* man/Attic/chpasswd.8: updated.
+
+	* man/fr/faillog.5:
+	fixed FICHIERS secttion: corrected change to italic on /var/log/faillog.
+
+	* src/faillog.c:
+	move main() to the end of file and reorder rest functions. Now declararion
+	finction prototypes can be removed.
+
+2004-12-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: updated.
+
+	* man/pl/lastlog.8: synced with current english version.
+
+	* man/Attic/lastlog.8: use the same style as in chpasswd(8).
+
+	* po/uk.po, po/zh_CN.po, po/tr.po, po/sv.po, po/ru.po, po/sk.po, po/pt_BR.po, po/pt.po, po/pl.po, po/nn.po, po/nl.po, po/nb.po, po/ko.po, po/ja.po, po/he.po, po/id.po, po/it.po, po/fi.po, po/fr.po, po/es.po, po/eu.po, po/el.po, po/da.po, po/de.po, po/cs.po, po/ca.po, po/bs.po:
+	"make update-po" after rewrite lastlog.
+
+	* src/lastlog.c: Rewrite for use the same style as in chpasswd.c.
+	Move open lastlog file after commadline option parsing so now --help option
+	can be used by user without read access to lastlog file.
+
+	* src/chpasswd.c:
+	s/display this help and exit/display this help message and exit/ in ussage()
+	output.
+
+	* po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po:
+	"make update-po".
+
+	* src/chpasswd.c:
+	Added handle -h|--help option. Improved and updated ussage() output.
+
+2004-12-09  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/tr.po, po/uk.po, po/zh_CN.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/da.po, po/de.po, po/el.po, po/bs.po, po/ca.po, po/cs.po:
+	"make update-po" and resolve fuzzy with last change in src/chpasswd.c.
+
+	* src/chpasswd.c, NEWS:
+	switch chpasswd to use getopt_long() and adds a --md5 option
+	(by Ian Gulliver <ian@penguinhosting.net>).
+
+	* NEWS, configure.in: start work on 4.0.7.
+
+2004-11-09  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: cleanups.
+
+	* po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/bs.po, po/ca.po, po/cs.po, po/da.po:
+	removed not used translations.
+
+	* NEWS, src/su.c:
+	fix adding of pam_env env variables to enviroment (Martin Schlemmer <azarah@nosferatu.za.org>).
+
+	* NEWS, configure.in:
+	fixed filling MAIL_SPOOL_DIR and MAIL_SPOOL_FILE variables which was allways
+	empty (Gregorio Guidi <g.guidi@sns.it>)
+
+	* NEWS: updated.
+
+	* src/useradd.c, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po:
+	do not translate variable names from /etc/default/useradd during "useradd -D".
+
+2004-11-04  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/zh_CN/groupadd.8, man/zh_CN/groupmod.8, man/zh_CN/useradd.8, man/zh_CN/usermod.8, man/zh_TW/groupadd.8, man/zh_TW/groupmod.8, man/zh_TW/useradd.8, man/zh_TW/usermod.8, man/it/groupadd.8, man/it/groupmod.8, man/it/useradd.8, man/it/usermod.8, man/ja/groupadd.8, man/ja/groupmod.8, man/ja/useradd.8, man/ja/usermod.8, man/pl/groupadd.8, man/pl/groupmod.8, man/pl/useradd.8, man/pl/usermod.8, man/pt_BR/groupadd.8, man/pt_BR/groupmod.8, man/Attic/groupadd.8, man/Attic/groupmod.8, man/Attic/useradd.8, man/fr/useradd.8, man/fr/usermod.8, man/id/useradd.8:
+	correction: groups/users with gid/uid 0 and 999 are reserved for system accounts.
+
+	* man/zh_CN/groupmod.8, man/zh_CN/useradd.8, man/zh_CN/usermod.8, man/zh_TW/groupmod.8, man/zh_TW/useradd.8, man/zh_TW/usermod.8, man/id/useradd.8, man/it/groupadd.8, man/it/groupmod.8, man/it/useradd.8, man/it/usermod.8, man/ja/groupadd.8, man/ja/groupmod.8, man/ja/useradd.8, man/ja/usermod.8, man/pl/groupadd.8, man/pl/groupmod.8, man/pl/useradd.8, man/pl/usermod.8, man/pt_BR/groupmod.8, man/Attic/groupadd.8, man/Attic/groupmod.8, man/Attic/useradd.8, man/fr/useradd.8, man/fr/usermod.8:
+	zgroups/users with gid/uid 0 and 499 are typically reserved for system accounts.
+
+2004-11-02  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/Attic/mkpasswd.8, man/pl/chage.1, man/pl/chsh.1, man/pl/faillog.8, man/pl/groupadd.8, man/pl/groupmems.8, man/pl/groupmod.8, man/pl/lastlog.8, man/pl/useradd.8, man/pl/userdel.8, man/pl/usermod.8, man/Attic/chage.1, man/Attic/chsh.1, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupmems.8, man/Attic/lastlog.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8:
+	separated OPTIONS section.
+
+	* lib/commonio.c: reverte last change.
+
+	* libmisc/pwdcheck.c:
+	one word fix .. ommited "else" was removed. Now security bug which allow
+	unauthorized account properties modification is realy closed.
+
+2004-10-29  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* lib/commonio.c:
+	add matchpathcon to create the files correctly when they do not exist (based
+	on patch from FC).
+
+	* man/Attic/passwd.1: fixed two typos ("/" in incorrect place).
+
+2004-10-27  Andrzej Krzysztofowicz  <ankry@pld.org.pl>
+
+	* etc/pam.d/useradd: - added header
+
+	* etc/pam.d/chfn, etc/pam.d/chsh, etc/pam.d/userdel: - fixed header
+
+2004-10-27  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* etc/pam.d/chfn, etc/pam.d/chsh, etc/pam.d/userdel:
+	added missing template/example PAM service config files for chfn, chsh, userdel.
+
+	* NEWS, configure.in: start 4.0.6.
+
+2004-10-26  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/Attic/adduser.8, man/pl/Makefile.am, man/Attic/adduser.8, man/Makefile.am, man/fr/Attic/adduser.8, man/fr/Makefile.am, man/id/Attic/adduser.8, man/id/Makefile.am, man/it/Attic/adduser.8, man/it/Makefile.am, man/ja/Attic/adduser.8, man/ja/Makefile.am, NEWS:
+	remove adduser(8) roff include man page to useradd(8).
+
+	* lib/Makefile.am: more fixes for non-inst libmisc.
+
+	* libmisc/Makefile.am, src/Makefile.am, NEWS:
+	change libmisc to private static library.
+
+	* etc/pam.d/Makefile.am: typo.
+
+2004-10-24  Andrzej Krzysztofowicz  <ankry@pld.org.pl>
+
+	* po/pl.po: - more translation/formatting fixes
+
+	* po/pl.po: - updated translation
+
+	* po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/bs.po:
+	- make update-po, updated usage() translation
+
+	* src/useradd.c: - syntax fix for useradd in usage()
+
+	* po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po:
+	- usage() formatting and other fixes
+
+	* po/fi.po: - proper UTF
+
+	* po/pl.po: - pl translation fixes/updates by Jakub Bogusz
+
+2004-10-24  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* etc/pam.d/chage, etc/pam.d/chpasswd, etc/pam.d/groupadd, etc/pam.d/groupdel, etc/pam.d/groupmod, etc/pam.d/newusers, etc/pam.d/useradd, etc/pam.d/usermod:
+	use default path to PAM modules.
+
+	* etc/pam.d/Attic/shadow, etc/pam.d/Makefile.am, etc/pam.d/chage, etc/pam.d/chpasswd, etc/pam.d/groupadd, etc/pam.d/groupdel, etc/pam.d/groupmod, etc/pam.d/login, etc/pam.d/newusers, etc/pam.d/usermod:
+	Remove shadow PAM config file. Added PAM config files for: chage, chpasswd,
+	groupadd, groupdel, groupmod, login, newusers.
+
+	* po/zh_CN.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/tr.po, po/uk.po:
+	"make update-po".
+
+	* configure.in: reverte previous incorrect commit.
+
+	* NEWS, src/su.c:
+	add pam_open_session() support. If builded without PAM support
+	propagate $DISPLAY and $XAUTHORITY enviroment variables.
+	Based on http://www.gentoo.org/cgi-bin/viewcvs.cgi/sys-apps/shadow/files/shadow-4.0.4.1-su-pam_open_session.patch?rev=1.1
+
+2004-10-23  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* configure.in: cleanups.
+
+	* lib/defines.h:
+	define syslog() depending on ENABLE_NLS (not on HAVE_SETLOCALE).
+
+2004-10-23  Andrzej Krzysztofowicz  <ankry@pld.org.pl>
+
+	* man/fr/Makefile.am: - killed non-existent manpage
+
+2004-10-18  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* libmisc/copydir.c, NEWS:
+	when placing symlinks into /etc/skel copy_tree of libmisc/copydir.c will
+	properly create the symlink in the destination directory but not change the
+	ownership to the target user/group. This makes httpd Option
+	SymlinkIfOwnerMatch break for default weg pages including symlinks placed
+	into /etc/skel/public_html for example.
+	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=66819
+
+2004-10-11  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/Makefile.am:
+	seems I foud CorrectWay(tm) for add some symlinks on install target.
+
+	* po/pl.po: more fixes.
+
+	* po/pl.po: added missing \n.
+
+	* src/chage.c, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, NEWS, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po:
+	more verbose/human readable -l output. This output is much more beter for
+	send directly via email for each users as message with account status (for
+	example as message with warning about account/password expiration).
+
+	* configure.in: start prepare for 4.0.5.
+
+	* src/Makefile.am, libmisc/Makefile.am, lib/Makefile.am, configure.in:
+	move LOCALEDIR to autoheader variables. Remove redefining DEFS in
+	Makefile.am (not neccessary now).
+
+	* src/chage.c, src/chpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/grpck.c, src/logoutd.c, src/newusers.c, src/pwck.c, src/useradd.c, src/userdel.c, src/usermod.c, NEWS:
+	applied OWL shadow-4.0.4.1-owl-pam-auth.diff patch by Solar Designer
+	<solar@openwall.com>:
+	  Moved the PAM authentication in user management commands after
+	  command-line parsing, made it use separate service names for each command.
+	  Use constant strings rather than argv[0] for syslog ident in the user
+	  management commands.
+
+	* man/Attic/useradd.8:
+	reword the useradd manpage a little to make it more clear. Fix from:
+	http://www.gentoo.org/cgi-bin/viewcvs.cgi/sys-apps/shadow/files/shadow-4.0.4.1-useradd-manpage-update.patch?rev=1.1
+
+	* configure.in: added libselinux detection.
+
+	* lib/Makefile.am, lib/commonio.c, lib/commonio.h, NEWS, autogen.sh, configure.in:
+	added SELinux support (basing on patch from Gentoo).
+
+	* man/fr/Makefile.am (man_MANS): added getspnam.3.
+
+2004-10-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, src/groupadd.c, src/groupmod.c:
+	English grammar fix: s/is a not a valid group name/is not a valid group name/
+	(pointed by Mike Frysinger <vapier@gentoo.org>).
+
+2004-10-08  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, src/userdel.c:
+	When removing a user with userdel, userdel always exits 1 (fixed).
+	Based on http://bugs.gentoo.org/show_bug.cgi?id=66687.
+
+2004-08-21  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* configure.in:
+	Use AC_SEARCH_LIBS() for inet_ntoa(), socket(), gethostbyname() probing (instead AC_CHECK_FUNC()).
+
+2004-08-18  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Makefile.am: shadow(3) man page moved to man_MANS.
+
+	* libmisc/ttytype.c: Removed getenv() prototype (it is in <stdlib.h>).
+
+	* src/Attic/mkpasswd.c:
+	Removed fgetsx() prototype (it is in lib/prototypes.h).
+
+	* man/it/vigr.8: Fixed typo (s/wipw/vipw/).
+
+2004-08-09  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: Typo.
+
+	* po/tr.po, po/uk.po, po/zh_CN.po, po/bs.po, po/cs.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po, po/ja.po, po/ko.po, po/nb.po, po/nn.po, po/pl.po, po/pt.po, po/ru.po, po/sk.po, po/sv.po:
+	Run "make update-po".
+
+	* po/ca.po, po/da.po, po/nl.po, po/pt_BR.po: Converted to UTF-8.
+
+	* po/LINGUAS: Typo.
+
+	* po/nb.po, po/nl.po, po/nn.po, po/pt.po, po/pt_BR.po, po/tr.po, po/zh_CN.po, NEWS, po/LINGUAS, po/bs.po, po/ca.po, po/da.po, po/eu.po, po/he.po, po/id.po:
+	New translations: bs, ca, da, eu, he, id, nb, nl, nn, pt, pt_BR, tr,
+	zh_CN (stolen froM Debian)
+
+	* man/Attic/grpck.8, man/Attic/mkpasswd.8, man/Attic/pwck.8, man/pl/Attic/mkpasswd.8, man/pl/grpck.8, man/pl/pwck.8:
+	Corrected section number.
+
+2004-08-04  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/zh_TW/chfn.1, man/zh_TW/chsh.1, man/zh_TW/groupadd.8, man/id/chsh.1, man/id/login.1, man/it/chfn.1, man/pl/chage.1, man/pl/groupadd.8, man/pl/groupmems.8, man/pl/lastlog.8, man/pl/login.1, man/pt_BR/groupadd.8, man/zh_CN/chfn.1, man/zh_CN/chsh.1, man/de/login.1, man/de/su.1, man/fr/chsh.1, man/fr/passwd.1, man/fr/usermod.8, man/hu/chfn.1, man/Attic/chage.1, man/Attic/groupadd.8, man/Attic/groupmems.8, man/Attic/lastlog.8, man/Attic/login.1, man/Attic/usermod.8:
+	Options description in alphabetical order.
+
+	* NEWS, src/login.c:
+	Applied 036_pam_access_with_preauth.patch Debian patch submited by Bjorn
+	Torkelsson <Bjorn.Torkelsson@hpc2n.umu.se>: add support for PAM account
+	management to restrict access using pam_access when login is invoked with -f.
+
+2004-06-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/getspnam.3: added roff link to shadow(3).
+
+	* man/Makefile.am (man_MANS): added getspnam.3.
+
+2004-06-03  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, lib/commonio.c, lib/getdef.c, src/vipw.c:
+	Applied OWL shadow-4.0.4.1-owl-check-reads.diff patch by Solar Designer.
+	Add checking for read errors in commonio and vipw/vigr (not doing so could
+	result in data loss when the records are written back).
+
+	* NEWS: Add note about apply shadow-4.0.4.1-owl-tmp.diff OWL patch.
+
+	* src/useradd.c, configure.in:
+	Remove looking for mkstemp() prototype and allways use mkstemp() (removed
+	using mktemp if mkstemp() not found).
+	Partialy based on tmp OWL patch by Solar Designer <solar@openwall.com>.
+
+	* NEWS, libmisc/pwdcheck.c:
+	Fixed securirty bug which allow unauthorized account properties modification.
+	Affected tools: chfn and chsh.
+	Bug was discovered by Martin Schulze <joey@infodrom.org>.
+
+2004-05-28  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: typo.
+
+	* NEWS, po/LINGUAS, po/it.po:
+	added it translation (by Danilo Piazzalunga <danilopiazza@libero.it>).
+
+2004-05-18  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: typos.
+
+	* po/sk.po: updated (by Peter Mann <Peter.Mann@tuke.sk>).
+
+2004-05-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/sk.po: run "make update-po".
+
+	* NEWS, po/LINGUAS, po/sk.po:
+	added sk translation (by Mann <Peter.Mann@tuke.sk>, submited by Christian
+	Perrier <bubulle@kheops.frmug.org>).
+
+2004-05-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* configure.in:
+	Use autoconf cache variables for file and directory location tests (by
+	Maciej W. Rozycki  <macro@ds2.pg.gda.pl>).
+
+2004-05-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/passwd.5:
+	Correct path directory delimiters (by Maciej W. Rozycki <macro@ds2.pg.gda.pl>).
+
+	* libmisc/xmalloc.c (malloc):
+	Remove the declaration (by Maciej W. Rozycki <macro@ds2.pg.gda.pl>).
+
+2004-04-28  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/login.c, NEWS:
+	Fixed handle -f option: now it works correctly without specify "-h
+	<host>" if open login session localy is required (thanks for help
+	investigate bug for Krzysztof Kotlenga).
+
+	* po/es.po: Updated (by Ruben Porras <nahoo82@telefonica.net>).
+
+2004-04-23  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/cs.po, po/de.po, po/el.po, po/fi.po, po/fr.po, po/ja.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+	Run "update-po".
+
+2004-04-22  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/es.po: Updated to current (by run "update-po").
+
+	* po/es.po: Converted to utf-8.
+
+	* po/LINGUAS: Added es.
+
+	* po/es.po, NEWS:
+	Added es translation (by Ruben Porras <nahoo82@telefonica.net>).
+
+2004-04-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/ko.po, NEWS:
+	Updated ko translations (by Changwoo Ryu <cwryu@debian.org>).
+
+2004-04-02  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/fi.po: iconv -f iso8859-9 -t utf8
+
+2004-03-29  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* libmisc/age.c:
+	Use endsgent() conditionaly depending on SHADOWGRP (fix submited by Gabor Z.
+	Papp <gzp@papp.hu>).
+
+	* po/LINGUAS, po/fi.po, NEWS:
+	Added fi translation (by Tommi Vainikainen <thv@iki.fi>).
+
+	* README: Fixed shadow and shadow-commit lists on-line archives URLs.
+
+2004-01-14  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, configure.in, man/fr/Makefile.am, man/hu/Makefile.am, man/it/Makefile.am:
+	New version 4.0.4.1
+	bug fixes in automake files for generate correct tar ball on "make dist":
+	added midsiing "EXTRA_DIST = $(man_MANS)" in man/*/Makefile.am.
+
+	* man/ko/Makefile.am: New version 4.0.4.1
+	bug fixes in automake files for generate correct tar ball on "make dist":
+	added missing "EXTRA_DIST = $(man_MANS)" in man/*/Makefile.am.
+
+	* man/de/Makefile.am, man/es/Makefile.am: New version 4.0.4.1
+	bug fixes in automake files for generate correct tar ball on "make dist":
+	added midsiing "EXTRA_DIST = $(man_MANS)" in man/*/Makefile.am.
+
+	* configure.in: Fixed checking is avalaible st_rdev in struct stat.
+
+2004-01-13  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/pl.po: Typo.
+
+	* man/pl/useradd.8: Cleanups in SYNOPSIS.
+
+2004-01-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/pl.po: Cleanups.
+
+2004-01-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* configure.in: Cleanups after autoupdate.
+
+2004-01-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/groupadd.c, po/sv.po, po/uk.po, po/ru.po, po/ko.po, po/pl.po, po/fr.po, po/ja.po, po/el.po, po/cs.po, po/de.po, man/zh_TW/groupadd.8, man/zh_CN/groupadd.8, man/pt_BR/groupadd.8, man/pl/groupadd.8, man/ja/groupadd.8, man/it/groupadd.8, man/Attic/groupadd.8, NEWS:
+	Added missing information about -f options in groupadd usage mesage (document
+	this also in man page).
+
+2003-12-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* lib/Attic/lastlog_.h, libmisc/log.c, libmisc/utmp.c, src/lastlog.c, src/login.c:
+	More time() or gettimeofday() prevention overwrite memory on 64bit arch
+	(partialy based on patch from MDK).
+
+	* po/sv.po, po/uk.po, po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po:
+	Post remove TCFS support "make update-po".
+
+	* man/Makefile.am: Removed getspnam.3 from EXTRA_DIST.
+
+	* po/POTFILES.in: Removed lib/tcfsio.c.
+
+	* lib/Attic/tcfsio.c, lib/Attic/tcfsio.h, lib/Makefile.am, src/passwd.c, src/userdel.c, NEWS, configure.in, doc/Attic/README.pam:
+	Removed TCFS support (tcfs is dead).
+
+	* configure.in:
+	Added using AM_MAINTAINER_MODE. AC_INIT without parameters.
+
+	* Attic/acconfig.h, configure.in:
+	Cleanups on autoheadres level: use AC_DEFINE(VAR, VAL, [Comment]) for
+	USE_PAM, HAVE_TCFS and TCFS_GDBM_SUPPORT.
+
+	* src/newusers.c, src/useradd.c, Attic/acconfig.h, autogen.sh, lib/Attic/pwpack.c, NEWS:
+	Remove all old BSD_QUOTA dependent code.
+
+2003-12-16  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* lib/Makefile.am, libmisc/Makefile.am, src/Makefile.am:
+	Removed -I$(top_srcdir) from INCLUDES (isn't neccessary becaus this is in
+	DEFAULT_INCLUDES) - slightly shorter compile output.
+
+	* Makefile.am, configure.in:
+	Added using AM_GNU_GETTEXT([external]) - removed intl SUBDIRS.
+	Added locale.h to AC_CHECK_HEADERS() - lib/defines.h have part which depends
+	on HAVE_LOCALE_H.
+
+	* lib/nscd.h: Added missing newline at end of file.
+
+	* Attic/acconfig.h: Remove unused (#un)defines.
+
+	* autogen.sh: Typo.
+
+	* autogen.sh: Much more simpler script - use autoreconf.
+
+	* po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+	"make update-po".
+
+2003-12-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/LINGUAS: Languages list for gettext 1.12.x.
+
+2003-10-26  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/pl.po: Kill fuzzy entries.
+
+2003-10-21  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/usermod.8:
+	Typo: missing "." on end of sentence (submited by Stepan Kasal <kasal@ucw.cz>).
+
+2003-09-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po, po/cs.po, po/de.po, po/el.po, NEWS:
+	convert all po/*.po files to utf-8.
+
+2003-09-05  Andrzej Krzysztofowicz  <ankry@pld.org.pl>
+
+	* po/ru.po: - fixed header
+
+2003-07-29  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/pl.po, po/ru.po, po/sv.po, po/uk.po, libmisc/pam_pass.c, po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po:
+	Otput "passwd: password updated successfully\n" message on successfull
+	password change (based on Debian changes).
+
+	* src/newgrp.c: Remove work around for unsecure gettext.
+
+2003-06-30  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/useradd.c, src/usermod.c:
+	Added initializing memory in variables when get_groups() function is not called,
+	and memory allocated for user_groups is not initialized (in both useradd and
+	usermod when -G options is used and in usermod when -l option is used).
+	That causing segfaults sometimes.
+	This fix is importand but not critical because usermod and usermod aren't suid
+	root.
+	Problem reported and fixed by Alexey Voinov <voins@altlinux.ru>.
+
+2003-06-19  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/login.1: Fixed FILES section.
+
+	* src/chfn.c, src/chpasswd.c, src/chsh.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/grpconv.c, src/grpunconv.c, src/id.c, src/login.c, src/logoutd.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/suauth.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c:
+	Indented.
+
+	* src/chage.c: Move *flg variables to global.
+
+	* Attic/acconfig.h: Comment for USG.
+
+2003-05-14  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/de/chfn.1, man/de/login.1:
+	Fixed section name (s/NAME/BEZEICHNUNG/).
+
+	* man/de/chfn.1, man/de/chsh.1: Sync FILES section with en version.
+
+	* man/Attic/login.1: Typo (s/avr/var/).
+
+	* man/de/login.1: Sync FILES section with en man version.
+
+	* man/de/chfn.1, man/de/chsh.1, man/de/login.1: Remove ^M from EOL.
+
+	* man/de/login.1, man/de/Makefile.am, man/de/chfn.1, man/de/chsh.1, NEWS:
+	Next round updates from Josef Spillner <josef@ggzgamingzone.org>: update
+	chsh(1), login(1) and added new chfn(1) german man pages.
+
+	* NEWS: Added info about remove d_passwd(5), dialups(5) man pags.
+
+2003-05-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, TODO, src/chfn.c, src/chpasswd.c, src/chsh.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/passwd.c, src/pwunconv.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c:
+	One TODO entry gone: fix nscd flushing databases on change (use
+	per service flushing method instead HUPing nscd process).
+
+	* lib/Makefile.am, lib/commonio.c, lib/nscd.c, lib/nscd.h, libmisc/Attic/nscd.c, libmisc/Attic/nscd.h, libmisc/Makefile.am:
+	Move nscd.{c,h} from libmisc/ to lib/.
+	Fix warning about implicit declaration of function `nscd_flush_cache' in lib/commonio.c.
+
+	* lib/pwauth.h: Fix pw_auth() prototype.
+
+	* libmisc/Attic/nscd.c, libmisc/Attic/nscd.h, libmisc/Makefile.am:
+	Added header file for nscd communication functions.
+
+	* libmisc/chkname.c (good_name):
+	fixed warning about comparison between pointer and integer.
+
+	* po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+	"make update-po".
+
+	* src/useradd.c (main):
+	chain create_mail() and small fix in usage message.
+
+	* src/userdel.c: Removed AUTH_METHODS code.
+
+	* lib/pwauth.c: Fixed pw_auth() prototype.
+
+	* src/sulogin.c, src/usermod.c: Removed AUTH_METHODS code.
+
+	* po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+	"make update-po".
+
+	* src/useradd.c: Indent.
+
+	* man/ja/Attic/pwauth.8, man/ja/Makefile.am, man/pl/Attic/pwauth.8, man/pl/Makefile.am, src/passwd.c, src/useradd.c, NEWS, lib/pwauth.c, man/Attic/pwauth.8, man/Makefile.am:
+	Cleanups continuations: removed old AUTH_METHODS dependent code,
+	removed also pwauth(8) man page.
+
+	* man/pl/Makefile.am (man_MANS): remove d_passwd.5 man page.
+
+	* src/useradd.c, src/usermod.c, po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+	Cleanups in usage messages.
+
+	* src/newgrp.c: Cleanups in comments.
+
+	* po/uk.po, po/sv.po, po/ru.po, po/pl.po, po/ko.po, po/ja.po, po/fr.po, po/el.po, po/de.po, po/cs.po:
+	"make update-po".
+
+	* lib/getdef.c (main): remove gettextize error messages from test code.
+
+	* NEWS: Cleanups.
+
+2003-05-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/useradd.c, man/pl/useradd.8, po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po, NEWS, TODO, etc/useradd, man/Attic/useradd.8:
+	Added handle by useradd /etc/defaults/useradd::CREATE_MAIL_SPOOL={yes|no}.
+	Now on adding user account can be added also created empty user mail
+	spool. Curent code handle only mailbox.
+	TODO: add handle create user mail spool in maildir format.
+
+	* TODO: Typo.
+
+	* src/chage.c (usage): fix missing ")".
+	(main): updated commented description.
+
+	* src/useradd.c: Indent.
+
+	* man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8:
+	Minor cleanups.
+
+	* man/Attic/chage.1, man/pl/chage.1:
+	Rewrite for use claissic list form options descriptions.
+
+	* man/pl/groupadd.8:
+	s/Polecenie groupadd posiada opcje:/Polecenie groupadd posiada następujące opcje:/
+
+	* TODO: ALL:
+	move base passwd/shadow/group/gshadow operation to module for allow write
+	diffrent backend modules for db, NIS, LDAP and others. Default backend it
+	will be choose depending on /etc/nsswitch.conf and allow overrride this by
+	-r <repository> options (where the <repository> can be file, db, nis
+	nisplus, ldap .. like on /etc/nsswitch.conf in service column).
+	passwd have old piece of code with handling -r option and it will be good
+	finish this and propagate on other shadow tools for allow operate on other
+	user databases by well known tools.
+
+	useradd:
+	add handle /etc/defaults/useradd::CREATE_MAIL_SPOOL={yes,no} for allow
+	create empty mail spool for added user.
+
+	* man/pl/Attic/d_passwd.5, man/pl/Attic/dialups.5: Removed.
+
+	* man/Attic/groupmems.8: Close few \fB by add \fR.
+
+	* man/Attic/groupadd.8, man/Attic/groupmems.8: Minor cleanups.
+
+2003-05-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/grpconv.c, src/grpunconv.c, src/pwconv.c, src/pwunconv.c:
+	Move non-SHADOWPWD stub code to end of file (like in chage.c) and do not use
+	gettextized message.
+
+	* po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+	"make update-po".
+
+	* src/chage.c, NEWS:
+	Now all code depend on SHADOWPWD. If shadow will not be configured on
+	autoconf level for using shadow possword chage is olny stub which informs
+	"chage not configured for shadow password support."
+
+	* man/it/Makefile.am: Removed EXTRA_DIST (not neccessary).
+
+	* man/es/Makefile.am: Removed groups.1 (doen't exist es groups(1)).
+
+	* man/de/Makefile.am (man_MANS): added login.1.
+
+	* man/de/Makefile.am: Removed EXTRA_DIST (isn't neccessary now).
+
+	* man/hu/Makefile.am, man/ja/Makefile.am, man/ko/Makefile.am, man/pl/Makefile.am, man/de/Makefile.am, man/fr/Makefile.am, NEWS, man/Makefile.am:
+	Install groups(1) man page (moved from EXTRA_DIST to man_MANS).
+
+	* po/.cvsignore:
+	Added files generated by gettextize from gettext 0.11.5.
+
+	* po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+	Updated after removing dialup tools.
+
+	* po/POTFILES.in: Removed lib/{dialchk,dialup}.c and src/dpasswd.c.
+
+2003-05-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* libmisc/shell.c (shell): do not gettexitize DEBUG message.
+
+	* src/chsh.c, src/grpconv.c, src/login.c, src/logoutd.c, src/sulogin.c, src/vipw.c, libmisc/Attic/login_access.c, libmisc/getdate.y, libmisc/limits.c, libmisc/obscure.c, libmisc/setupenv.c, lib/Attic/getpass.c, lib/pwauth.c:
+	Removed "#if 0 .. #endif" dead code.
+
+	* libmisc/utmp.c: Fixed unterminated #if.
+
+	* libmisc/Attic/login_access.c (resolve_hostname):
+	cleanup: removed #if 1 .. #endif.
+
+	* libmisc/.cvsignore: Added getdate.c.
+
+	* libmisc/Attic/getdate.c:
+	Removed - this file is generated by bison/yacc.
+
+	* configure.in:
+	Change file name passwd in AC_INIT argument from lib/dialchk.c to src/passwd.c.
+
+	* src/su.c:
+	Removed dead code (#if 0 .. #endif) with call motd() and mailcheck()
+	(was commnted because GNU su doesn't do this).
+
+2003-05-04  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/Attic/dpasswd.c, src/login.c, src/Makefile.am, man/pl/Attic/dpasswd.8, man/pl/Makefile.am, man/ja/Attic/dpasswd.8, man/ja/Makefile.am, man/Attic/dpasswd.8, man/Makefile.am, lib/Attic/dialchk.c, lib/Attic/dialchk.h, lib/Attic/dialup.c, lib/Attic/dialup.h, lib/Makefile.am, lib/getdef.c, etc/Attic/login.defs.linux, etc/login.defs, NEWS:
+	Removed old dpasswd and DIALUPS_CHECK_ENAB login.defs handling code from login.
+
+	* doc/Attic/ANNOUNCE, doc/Makefile.am, NEWS: Removed old doc/ANNOUNCE.
+
+	* src/login.c, lib/getdef.c, etc/Attic/login.defs.linux, NEWS:
+	Remove NO_PASSWORD_CONSOLE code.
+
+2003-05-03  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* libmisc/pwd2spwd.c, libmisc/utmp.c, libmisc/entry.c, libmisc/isexpired.c, lib/sgetspent.c, lib/shadow.c, lib/Attic/putpwent.c, lib/Attic/pwent.c, lib/Attic/pwpack.c, lib/defines.h, lib/pwio.c, lib/sgetpwent.c, Attic/acconfig.h, configure.in:
+	Remove old SVR4, ATT_AGE, ATT_COMMENT dependent code.
+
+	* src/chage.c:
+	Remove some ageing code which was not used if SHADOWPWD isn't defined.
+	Now handling mindays, maxdays and lastday also depends on SHADOWPWD.
+
+2003-05-01  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/dpasswd.8, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pwauth.8, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/shadowconfig.8, man/Attic/su.1, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/vipw.8:
+	Reformated.
+
+	* etc/login.defs:
+	Use FHS 2.x compliant paths to lastlog, sulog, mail spool and also change
+	ENV_SUPATH to PATH=/sbin:/bin:/usr/sbin:/usr/bin and
+	ENV_PATH to PATH=/bin:/usr/bin
+
+	* old/Attic/Makefile.am, old/Attic/Makefile.linux, old/Attic/Makefile.sun4, old/Attic/Makefile.svr4, old/Attic/Makefile.xenix, old/Attic/config.h.linux, old/Attic/config.h.sun4, old/Attic/config.h.svr4, old/Attic/config.h.xenix, old/Attic/orig-config.h, old/Attic/pwconv-old.8, old/Attic/pwconv-old.c, old/Attic/pwconv.8, old/Attic/pwd.h.m4, old/Attic/pwunconv-old.8, old/Attic/pwunconv-old.c, old/Attic/pwunconv.8, old/Attic/scologin.c, old/Attic/vipw.8:
+	Removed old stuff.
+
+2003-04-30  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/pl.po, po/ru.po, po/sv.po, po/uk.po, po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po:
+	make update-po
+
+	* src/su.c: Remove not mached #endif after removing ATT_AGE code.
+
+	* man/ko/passwd.5: Remove ^M from end of line.
+
+	* src/chage.c, src/chpasswd.c, src/login.c, src/newusers.c, src/passwd.c, src/pwunconv.c, src/su.c, src/useradd.c, Attic/acconfig.h, NEWS, configure.in:
+	Removed old ATT_AGE (account ageing in passwd file) dependent code.
+
+	* po/pl.po: Fix chage and lastlog messages.
+
+2003-04-29  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* libmisc/limits.c, src/logoutd.c:
+	More utmp/utmpx fixes: use endutend() or endutxend() depending on HAVE_UTMPX_H.
+
+	* po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+	Run "make update-po" after remove SVR4 code and fix duplicated entries in sv.po.
+
+	* NEWS, src/login.c, src/logoutd.c, src/useradd.c:
+	Remove old SVR4 and SVR4_SI86_EUA dependent code from login, useradd and
+	logoutd.
+
+2003-04-28  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/usermod.8: Remove "OD T�UMACZA" section.
+
+	* man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmod.8, man/pl/grpck.8, man/pl/passwd.1, man/pl/pwck.8, man/pl/useradd.8, man/pl/userdel.8, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/grpck.8, man/Attic/passwd.1, man/Attic/pwck.8, man/Attic/useradd.8, man/Attic/userdel.8:
+	Added EXIT VALUES section with full description exit codes.
+
+	* src/groupadd.c: Typo (s/nut/not/).
+
+	* man/Attic/shadowconfig.8: Merge changes from Debian.
+
+	* NEWS, man/Attic/passwd.5:
+	Remove text about password aging from passwd(5) (based on Debian changes).
+
+	* po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po, src/lastlog.c, man/Attic/lastlog.8, man/it/lastlog.8, man/ja/lastlog.8, man/pl/lastlog.8:
+	More unification in lastlog command syntax.
+
+	* man/Attic/lastlog.8, man/it/lastlog.8, man/ja/lastlog.8, man/pl/lastlog.8:
+	Unifications in SYNOPSIS.
+
+	* man/it/gpasswd.1, man/it/groupadd.8, man/it/groupdel.8, man/it/groupmod.8, man/it/grpck.8, man/it/lastlog.8, man/it/useradd.8, man/it/userdel.8, man/it/usermod.8:
+	Remove ^M from end of line.
+
+	* man/Attic/gpasswd.1, man/Attic/groupadd.8:
+	Indentation in FILES section.
+
+	* src/pwconv.c, src/useradd.c, src/userdel.c:
+	s/bad command syntax/invalid command syntax/
+
+	* src/userdel.c:
+	Indent by hand (seems indent have problems with complex conditions).
+
+	* man/ru/Makefile.am: man_MANS: s#passwd.1#passwd.5#
+
+	* po/pl.po: s/nie mogę/nie można/
+
+	* po/fr.po: Emoticon removed.
+
+	* NEWS, configure.in, man/Makefile.am, man/ru/.cvsignore, man/ru/Makefile.am, man/ru/passwd.5:
+	Added ru passwd(1) man page from KSI resources.
+
+	* man/zh_CN/Makefile.am, man/zh_CN/chfn.1, man/zh_CN/chsh.1, man/zh_TW/Makefile.am, man/zh_TW/chfn.1, man/zh_TW/chsh.1, man/ja/Attic/dpasswd.8, man/ja/Attic/mkpasswd.8, man/ja/Attic/pw_auth.3, man/ja/Attic/pwauth.8, man/ja/Attic/shadowconfig.8, man/ja/Makefile.am, man/ja/chage.1, man/ja/chfn.1, man/ja/chpasswd.8, man/ja/chsh.1, man/ja/expiry.1, man/ja/faillog.5, man/ja/faillog.8, man/ja/gpasswd.1, man/ja/groupadd.8, man/ja/groupdel.8, man/ja/groupmod.8, man/ja/groups.1, man/ja/grpck.8, man/ja/id.1, man/ja/lastlog.8, man/ja/limits.5, man/ja/login.1, man/ja/login.access.5, man/ja/login.defs.5, man/ja/logoutd.8, man/ja/newgrp.1, man/ja/newusers.8, man/ja/passwd.1, man/ja/passwd.5, man/ja/porttime.5, man/ja/pwck.8, man/ja/pwconv.8, man/ja/shadow.3, man/ja/shadow.5, man/ja/su.1, man/ja/suauth.5, man/ja/sulogin.8, man/ja/useradd.8, man/ja/userdel.8, man/ja/usermod.8, man/ja/vipw.8, NEWS, man/cs/Makefile.am, man/cs/id.1:
+	Added chch(1), chfn(1) man pages from chinese man pages translation
+	project.
+	Added id(1) man page czech man pages translation project.
+	Updated ja man pages and added expiry(1).
+
+	* man/hu/groups.1, man/hu/login.1:
+	Remove info about $HOME/.profile from FILES section (this does not depends
+	stricte on shadow).
+
+	* configure.in, man/Makefile.am, man/es/Makefile.am:
+	Added es man pages to ac/am suit.
+
+	* man/es/.cvsignore, man/hu/.cvsignore, man/pt_BR/.cvsignore, man/zh_CN/.cvsignore, man/zh_TW/.cvsignore:
+	Added .cvsignore files.
+
+	* man/hu/Makefile.am, man/hu/su.1:
+	Added su(1) man page from hungarian man pages translation project.
+
+2003-04-26  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: Ready for gettext 0.11.5, automake 1.7.4, autoconf 2.57.
+	Many cleanups and unifications in man pages.
+
+	* man/pt_BR/gpasswd.1, man/pt_BR/groupadd.8, man/pt_BR/groupdel.8, man/pt_BR/groupmod.8, man/pt_BR/shadow.5, man/zh_CN/chpasswd.8, man/zh_CN/groupadd.8, man/zh_CN/groupdel.8, man/zh_CN/groupmod.8, man/zh_CN/useradd.8, man/zh_CN/userdel.8, man/zh_CN/usermod.8, man/zh_TW/groupadd.8, man/zh_TW/groupdel.8, man/zh_TW/groupmod.8, man/zh_TW/useradd.8, man/zh_TW/userdel.8, man/zh_TW/usermod.8, man/ko/login.1, man/ko/su.1, man/pl/chage.1, man/pl/chfn.1, man/pl/chsh.1, man/pl/expiry.1, man/pl/gpasswd.1, man/pl/groupmems.8, man/pl/groups.1, man/pl/id.1, man/pl/lastlog.8, man/pl/login.1, man/pl/newgrp.1, man/pl/passwd.1, man/pl/su.1, man/pl/sulogin.8, man/pl/useradd.8, man/pl/usermod.8, man/ja/Attic/mkpasswd.8, man/ja/chage.1, man/ja/chfn.1, man/ja/chsh.1, man/ja/faillog.5, man/ja/faillog.8, man/ja/gpasswd.1, man/ja/groupadd.8, man/ja/groupdel.8, man/ja/groupmod.8, man/ja/groups.1, man/ja/grpck.8, man/ja/id.1, man/ja/lastlog.8, man/ja/limits.5, man/ja/login.1, man/ja/login.access.5, man/ja/logoutd.8, man/ja/newgrp.1, man/ja/passwd.1, man/ja/passwd.5, man/ja/porttime.5, man/ja/pwck.8, man/ja/shadow.3, man/ja/shadow.5, man/ja/su.1, man/ja/suauth.5, man/ja/sulogin.8, man/ja/useradd.8, man/ja/userdel.8, man/ja/usermod.8, man/hu/chsh.1, man/hu/gpasswd.1, man/hu/groups.1, man/hu/login.1, man/hu/newgrp.1, man/hu/passwd.1, man/it/gpasswd.1, man/it/groupadd.8, man/it/groupdel.8, man/it/groupmod.8, man/it/grpck.8, man/it/lastlog.8, man/it/shadow.5, man/it/useradd.8, man/it/userdel.8, man/it/usermod.8, man/cs/shadow.5, man/es/su.1, man/fr/chage.1, man/fr/faillog.5, man/fr/gpasswd.1, man/fr/shadow.5, man/fr/su.1, man/fr/userdel.8, man/fr/usermod.8, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chsh.1, man/Attic/dpasswd.8, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/Attic/logoutd.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pwck.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8:
+	Fixes: correct utmp/wtmp paths.
+	Unifications: bold commnanda and italify other file names.
+	Other minor changes and cleanups and unifications.
+
+	* libmisc/limits.c: More utmpx/utmp fixes.
+
+	* src/chpasswd.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmems.c, src/groupmod.c, src/id.c, src/login.c, src/newgrp.c, src/passwd.c, src/useradd.c, src/userdel.c, src/usermod.c, po/cs.po, po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po, po/sv.po, po/uk.po:
+	Usage help message unification (s/usage:/Usage:/).
+
+	* TODO: Missing "are".
+
+	* src/logoutd.c, src/userdel.c, NEWS:
+	Handle also utmpx if avalaile in userdel and logoutd.
+
+2003-04-25  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/sulogin.c: Remove unused utent declaration.
+
+	* src/sulogin.c, src/login.c:
+	Remove #include <utmp.h> and <utmpx.h>. This comes with #include "prototypes.h".
+
+	* lib/prototypes.h:
+	"#include <utmp.h>" or "#include <utmpx.h>" depending on HAVE_UTMPX_H.
+
+	* libmisc/failure.c:
+	Remove "#include <utmp.h>" (this is included in failure.h).
+
+	* configure.in:
+	On detect mail spool directory location try first /var/mail.
+
+2003-04-22  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* libmisc/Attic/getdate.c, libmisc/Attic/login_access.c, libmisc/Attic/login_desrpc.c, libmisc/Attic/login_krb.c, libmisc/Attic/nscd.c, libmisc/Attic/setup.c, libmisc/entry.c, libmisc/env.c, libmisc/failure.c, libmisc/fields.c, libmisc/hushed.c, libmisc/isexpired.c, libmisc/limits.c, libmisc/list.c, libmisc/log.c, libmisc/loginprompt.c, libmisc/mail.c, libmisc/motd.c, libmisc/myname.c, libmisc/obscure.c, libmisc/pam_pass.c, libmisc/pwd2spwd.c, libmisc/pwd_init.c, libmisc/pwdcheck.c, libmisc/rlogin.c, libmisc/salt.c, libmisc/setugid.c, libmisc/setupenv.c, libmisc/shell.c, libmisc/strtoday.c, libmisc/sub.c, libmisc/sulog.c, libmisc/ttytype.c, libmisc/tz.c, libmisc/ulimit.c, libmisc/utmp.c, libmisc/valid.c, libmisc/xmalloc.c, libmisc/Attic/chkshell.c, libmisc/addgrps.c, libmisc/age.c, libmisc/basename.c, libmisc/chkname.c, libmisc/chowndir.c, libmisc/chowntty.c, libmisc/console.c, libmisc/copydir.c:
+	Indent all using current .indent.pro settings.
+
+	* po/Makevars: New file neccessary for gettext >=0.11.5.
+
+	* man/Makefile.am: Removed getspnam.3 from man_MANS (dos not exist).
+
+	* po/de.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/ru.po:
+	Fixes after filtering gettext 0.11.5 (missing headers elements, inforrect
+	format strings).
+
+2003-04-21  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, man/de/passwd.1:
+	updated german passwd(1) man page (by Josef Spillner <josef@ggzgamingzone.org>)
+
+2003-03-12  Andrzej Krzysztofowicz  <ankry@pld.org.pl>
+
+	* po/pl.po: - updated; terminology unification
+
+2003-02-28  Paweł Gołaszewski  <blues@pld.org.pl>
+
+	* etc/login.defs: - missing "MD5_CRYPT_ENAB  yes" added
+
+2003-01-20  Andrzej Krzysztofowicz  <ankry@pld.org.pl>
+
+	* configure.in: - added Makefiles for man/zh_{CN,TW}
+
+	* man/Makefile.am, man/zh_CN/Makefile.am, man/zh_CN/chpasswd.8, man/zh_CN/groupadd.8, man/zh_CN/groupdel.8, man/zh_CN/groupmod.8, man/zh_CN/useradd.8, man/zh_CN/userdel.8, man/zh_CN/usermod.8, man/zh_TW/Makefile.am, man/zh_TW/groupadd.8, man/zh_TW/groupdel.8, man/zh_TW/groupmod.8, man/zh_TW/useradd.8, man/zh_TW/userdel.8, man/zh_TW/usermod.8:
+	- added zh man pages from MDK (2 x 6) and from cman (1)
+
+2003-01-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/ja/shadow.3, man/pl/shadow.3, man/Attic/shadow.3:
+	sync spwd structure declaration with current glibc declaration (tahnks for
+	point this bug to Michael Kerrisk <michael.kerrisk@gmx.net>).
+
+	* man/pl/faillog.5: s/konsolÄ™/terminal/
+
+2002-12-29  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/Makefile.am: typo (s/EXTRA_DOST/EXTRA_DIST/).
+
+2002-10-14  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/Makefile.am:
+	fixed making vigr symlink to vipw (not vipw to vigr) in install-exec-hook (fix submited by
+	Dimitar Zhekov <jimmy@is-vn.bg>).
+
+	* debian/Attic/login.copyright, debian/Attic/login.postinst, debian/Attic/login.postrm, debian/Attic/login.preinst, debian/Attic/login.prerm, debian/Attic/logoutd.init, debian/Attic/passwd.conffiles, debian/Attic/passwd.copyright, debian/Attic/passwd.cron, debian/Attic/passwd.init, debian/Attic/passwd.postinst, debian/Attic/passwd.postrm, debian/Attic/porttime, debian/Attic/rules, debian/Attic/secure-su.README, debian/Attic/secure-su.conffiles, debian/Attic/secure-su.copyright, debian/Attic/secure-su.postrm, debian/Attic/secure-su.preinst, debian/Attic/securetty, debian/Attic/shadowconfig.sh, debian/Attic/Makefile.am, debian/Attic/changelog, debian/Attic/checksums, debian/Attic/control, debian/Attic/control.gnu, debian/Attic/control.linux, debian/Attic/login.conffiles, Makefile.am, configure.in:
+	removed debian directory.
+
+2002-10-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, src/newgrp.c:
+	Use CLOSE_SESSIONS depending code only when USE_PAM.
+	The problem was reported by Mattias Webjorn Eriksson using Slackware
+	8.1 and reproduced it using slackware-current (9.0beta) (fix submited by
+	Simon Williams <simon@no-dns-yet.org.uk>).
+
+2002-10-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/ja/login.1, man/ja/logoutd.8, man/pl/login.1, man/pl/logoutd.8, man/Attic/login.1, man/Attic/logoutd.8, man/hu/login.1:
+	changed utmp and wtmp files paths (s#/etc/utmp/#/var/run/utmp#; s#/etc/wtmp#/var/log/wtmp#)
+
+	* po/ru.po, configure.in: added ru translation (from KSI resources).
+
+2002-09-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, libmisc/failure.c:
+	libbmisc/failure.c (too_many_failures): incorrect if() condition in non-PAM
+	dependent code in fail login handling (fixed by Krzysztof Oledzki <ole@ans.pl>).
+
+2002-08-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/useradd.8, man/Attic/useradd.8, NEWS:
+	document useradd and groupadd -M option in en and pl man pages
+	(by Jakub Mikusek <mick3y@o.k.pl>).
+
+	* configure.in: start prepare 4.0.4.
+
+2002-03-18  Andrzej Krzysztofowicz  <ankry@pld.org.pl>
+
+	* man/ja/Attic/dpasswd.8, man/ja/Attic/shadowconfig.8, man/ja/chpasswd.8, man/ja/faillog.8, man/ja/groupadd.8, man/ja/groupdel.8, man/ja/groupmod.8, man/ja/id.1, man/ja/lastlog.8, man/ja/login.defs.5, man/ja/newusers.8, man/ja/su.1, man/ja/useradd.8, man/ja/userdel.8, man/ja/usermod.8, man/ja/vipw.8:
+	- updated to man-pages-ja-20020315 (except cvs tags)
+
+2002-03-15  Andrzej Krzysztofowicz  <ankry@pld.org.pl>
+
+	* TODO: - remove already done pl man updates from the list
+
+2002-03-13  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/ko/.cvsignore, man/ko/Makefile.am, man/ko/chfn.1, man/ko/chsh.1, man/ko/groups.1, man/ko/id.1, man/ko/login.1, man/ko/newgrp.1, man/ko/passwd.5, man/ko/su.1:
+	added ko man pages.
+
+	* man/de/.cvsignore, man/de/Makefile.am:
+	automake files for de man pages.
+
+	* TODO: updated.
+
+	* man/it/.cvsignore, man/it/Makefile.am, man/id/.cvsignore, man/id/Attic/adduser.8, man/id/Makefile.am, man/id/useradd.8, man/Makefile.am, man/cs/.cvsignore, man/cs/Makefile.am, man/fr/.cvsignore, man/fr/Makefile.am, configure.in, NEWS:
+	added cs, de, fr, id, it, ko man pages to ac/am.
+
+2002-03-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/sv.po, po/uk.po, po/cs.po, po/de.po, po/el.po:
+	"make update-po"
+
+	* po/de.po, NEWS, configure.in:
+	added de translation (by Frank Schmid <frank@cs-schmid.de>).
+
+	* NEWS: added info about Solar patch for man pages.
+
+2002-03-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/it/usermod.8, man/it/vigr.8, man/it/vipw.8, man/it/Attic/adduser.8, man/it/chfn.1, man/it/chsh.1, man/it/gpasswd.1, man/it/groupadd.8, man/it/groupdel.8, man/it/groupmod.8, man/it/groups.1, man/it/grpck.8, man/it/grpconv.8, man/it/grpunconv.8, man/it/id.1, man/it/lastlog.8, man/it/login.1, man/it/newgrp.1, man/it/passwd.1, man/it/passwd.5, man/it/pwconv.8, man/it/pwunconv.8, man/it/shadow.5, man/it/useradd.8, man/it/userdel.8, man/id/Attic/adduser.8, man/id/chsh.1, man/id/login.1, man/fr/Attic/adduser.8, man/fr/chage.1, man/fr/chpasswd.8, man/fr/chsh.1, man/fr/faillog.5, man/fr/gpasswd.1, man/fr/groups.1, man/fr/id.1, man/fr/newgrp.1, man/fr/passwd.1, man/fr/passwd.5, man/fr/shadow.5, man/fr/su.1, man/fr/useradd.8, man/fr/userdel.8, man/fr/usermod.8, man/es/login.1, man/es/passwd.1, man/es/su.1, man/de/chsh.1, man/de/groups.1, man/de/login.1, man/de/passwd.1, man/de/su.1, man/cs/passwd.5, man/cs/shadow.5:
+	added some raw cs, de, es, fr, id, it man pages from national
+	man pages translation projects (all man pages not yet added to Makefile.am
+	files because all need some work).
+
+	* man/hu/chfn.1, man/hu/id.1:
+	added id(1) chfn(1) from hu man pages translation project (it need some work
+	because this documents describes GNU version id and chfn from util-linux).
+
+	* man/hu/Makefile.am, man/hu/login.1:
+	added login(1) man page from hu man pages translation project.
+
+	* po/POTFILES.in: updated (suath.c moved to src/).
+
+	* src/Makefile.am: added su_SOURCES with "su.c suauth.c".
+
+	* libmisc/Makefile.am:
+	remove suauth.c from libmisc_la_SOURCES (varialbles and functions from
+	this file are usesd only in su).
+
+	* libmisc/Attic/suauth.c, src/suauth.c: move suauth.c o src/.
+
+	* libmisc/Attic/suauth.c:
+	move "struct passwd pwent" outside #ifdef SU_ACCESS.
+
+2002-03-09  Andrzej Krzysztofowicz  <ankry@pld.org.pl>
+
+	* man/pl/chage.1, man/pl/chfn.1, man/pl/chsh.1, man/pl/expiry.1, man/pl/gpasswd.1, man/pl/groups.1, man/pl/id.1, man/pl/login.1, man/pl/newgrp.1, man/pl/passwd.1, man/pl/su.1:
+	- sync with en versions
+
+	* man/Attic/login.1, man/Attic/newgrp.1, man/Attic/passwd.1, man/Attic/su.1, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chsh.1, man/Attic/expiry.1, man/Attic/gpasswd.1, man/Attic/groups.1, man/Attic/id.1:
+	- update to chage.1; formatting/typo fixes
+
+2002-03-09  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/uk.po, po/ko.po, po/pl.po, po/sv.po, po/ja.po, po/cs.po, po/el.po, po/fr.po:
+	"make update-po"
+
+2002-03-09  Andrzej Krzysztofowicz  <ankry@pld.org.pl>
+
+	* man/pt_BR/groupadd.8, man/pt_BR/groupdel.8, man/pt_BR/groupmod.8, man/pt_BR/shadow.5, man/pl/userdel.8, man/pl/usermod.8, man/pl/sulogin.8, man/pl/useradd.8, man/pl/pwconv.8, man/pl/su.1, man/pl/Attic/mkpasswd.8, man/pl/Attic/pwauth.8, man/pl/newgrp.1, man/pl/passwd.5, man/pl/login.defs.5, man/pl/chpasswd.8, man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmems.8, man/pl/groupmod.8, man/pl/groups.1, man/pl/grpck.8, man/pl/id.1, man/pl/login.1, man/hu/groups.1, man/hu/newgrp.1, man/ja/Attic/mkpasswd.8, man/ja/Attic/pw_auth.3, man/ja/Attic/pwauth.8, man/ja/groupadd.8, man/ja/groupdel.8, man/ja/groupmod.8, man/ja/groups.1, man/ja/grpck.8, man/ja/id.1, man/ja/lastlog.8, man/ja/login.1, man/ja/login.defs.5, man/ja/newgrp.1, man/ja/passwd.5, man/ja/pwck.8, man/ja/shadow.5, man/ja/su.1, man/ja/sulogin.8, man/ja/useradd.8, man/ja/userdel.8, man/ja/usermod.8, man/ja/vipw.8, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmems.8, man/Attic/groupmod.8:
+	- further "SEE ALSO" references sorting
+
+2002-03-08  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/shadow.5, man/Attic/su.1, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/vipw.8, man/Attic/chpasswd.8, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/login.1, man/Attic/login.defs.5, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.5, man/Attic/pw_auth.3, man/Attic/pwauth.8, man/Makefile.am:
+	merged shadow-4.0.0-owl-man.patch by Solar Designer <solar@openwall.com>.
+
+	* NEWS: updated for 4.0.3.
+
+	* libmisc/Attic/suauth.c, libmisc/utmp.c, src/login.c, src/su.c:
+	swapped utent dnd pwent efinition/extern and now shadow source can be configured
+	--with-shared (fix by Dimitar Zhekov <jimmy@is-vn.bg>).
+
+2002-03-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* configure.in: start prepare 4.0.3.
+
+	* src/Makefile.am:
+	use ln -sf instead ln -s in install-exec-hok (fix pointed by Dimitar Zhekov
+	<jimmy@is-vn.bg>).
+
+2002-03-02  Andrzej Krzysztofowicz  <ankry@pld.org.pl>
+
+	* man/pl/passwd.1: sync with en version
+
+	* man/Attic/passwd.1: - they -> his/her, user's
+	- typos
+	- fix sentence about "writing down"
+
+	* man/Attic/passwd.1: relocation by NAKANO Takeo
+
+2002-02-28  Andrzej Krzysztofowicz  <ankry@pld.org.pl>
+
+	* man/hu/passwd.1: missing "-"
+
+	* man/ja/Attic/shadowconfig.8, man/ja/passwd.5, man/ja/shadow.5:
+	- updated to man-pages-ja-20020215
+
+2002-02-23  Andrzej Krzysztofowicz  <ankry@pld.org.pl>
+
+	* po/cs.po, po/fr.po, po/pl.po, po/sv.po, po/uk.po, man/pl/useradd.8:
+	- typos in pl/useradd.8; commented out unsupported -r option description
+	- useradd "usage" formatting fixes
+	- fix translation in uk.po
+
+2002-02-18  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* configure.in: release 4.0.2.
+
+2002-02-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* Attic/shadow-utils.spec.in, Makefile.am, configure.in, shadow.spec.in:
+	rename spec file s/shadow-utils.spec/shadow.spec/
+
+	* po/cs.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/sv.po, po/uk.po:
+	update-po before release.
+
+	* po/ko.po, po/pl.po: cleanups.
+
+2002-02-01  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/Attic/adduser.8, man/pl/grpconv.8, man/pl/grpunconv.8, man/pl/pwunconv.8, man/pl/sg.1, man/pl/vigr.8, man/ja/Attic/adduser.8, man/ja/grpconv.8, man/ja/grpunconv.8, man/ja/pwunconv.8, man/ja/sg.1, man/ja/vigr.8, man/hu/sg.1, man/Attic/adduser.8, man/Attic/grpconv.8, man/Attic/grpunconv.8, man/Attic/pwunconv.8, man/Attic/sg.1, man/Attic/vigr.8:
+	placa ".so man<level>/<man_page>.<level>" in roff .so includes (seems some
+	man page viewers do not handles correctly man documents without subdirectory
+	name in roff .so incude).
+
+2002-01-31  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/sv.po, po/uk.po, po/cs.po, po/el.po, NEWS:
+	resolve many fuzzy translations also all this which may cause problems on
+	displaing long uid/gid.
+
+	* src/id.c, po/ko.po, po/pl.po, po/sv.po, po/uk.po, po/cs.po, po/el.po, po/fr.po, po/ja.po:
+	drop translate some messages in id output (about {,e}{u,g}id).
+
+2002-01-19  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* README: s#password: cvs#password: [empty password]#
+
+2002-01-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: two new entries.
+
+	* libmisc/chkname.c (good_name):
+	allow usernames ending with "$" for allow create machine
+	acounts for samba (thanks for point this problem in 4.0.1 by
+	Jerome Borsboom <borsboom@tch.fgg.eur.nl>).
+
+	* src/pwck.c, src/useradd.c, po/pl.po, po/sv.po, po/uk.po, po/cs.po, po/el.po, po/fr.po, po/ja.po, po/ko.po:
+	s/invalid user name `%s'/invalid user name '%s'/
+
+2002-01-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* configure.in:
+	fix in libpam_misc detection (removed one "," AC_CHECK_LIB()).
+	Thanks to Silvan Minghetti for report this.
+
+2002-01-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: start prepare to 4.0.2.
+
+	* po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/sv.po, po/uk.po, po/cs.po:
+	updated.
+
+	* configure.in: It is good time to release 4.0.1.
+
+	* libmisc/.indent.pro, lib/.indent.pro: added -pcs option.
+
+	* TODO: some things goes out other in.
+
+	* src/newgrp.c, NEWS:
+	added ability to log session closes in newgrp (look at long nice comments
+	inside source code :_) by Joseph Parmelee <jparmele@wildbear.com>.
+
+	* src/groupadd.c, src/useradd.c:
+	next part fixes for handle long UID/GID (by Thorsten Kukuk <kukuk@suse.de>).
+
+	* lib/getdef.c, lib/getdef.h:
+	adeded getdef_unum(): get unsigned numerical value from table of
+	definitions (Thorsten Kukuk <kukuk@suse.de>).
+
+	* NEWS: updated.
+
+	* libmisc/isexpired.c:
+	remove "#if defined(SHADOWPWD)" (not removed during remove AGING).
+
+	* etc/Makefile.am: useradd config file added to EXTRA_DIST.
+
+2002-01-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/sv.po, po/uk.po, po/cs.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po:
+	update.
+
+	* src/pwck.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c, src/.indent.pro, src/Attic/dpasswd.c, src/Attic/mkpasswd.c, src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/expiry.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupmems.c, src/groupmod.c, src/groups.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, src/id.c, src/lastlog.c, src/login.c, src/logoutd.c, src/newgrp.c, src/newusers.c, src/passwd.c:
+	Add -pcs to .indent.pro file and reindent all code.
+	Remove "\n" from all SYSLOG() messages.
+
+	* NEWS: s/SuSe/SuSE/
+
+2001-12-22  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/useradd.8, man/Attic/useradd.8: documment -o option.
+
+	* man/pl/usermod.8, man/pl/chfn.1, man/pl/chsh.1, man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmod.8, man/pl/groups.1, man/pl/id.1, man/pl/login.1, man/pl/newgrp.1, man/pl/passwd.1, man/pl/su.1, man/pl/useradd.8, man/pl/userdel.8:
+	correct package name (s/shadow-password/shadow/).
+
+	* src/chage.c, src/expiry.c, src/login.c, src/passwd.c, src/su.c, libmisc/age.c, libmisc/isexpired.c, NEWS, configure.in:
+	Finish integrate AGING code into SHADOWPW.
+	Remove handle old HAVE_USERSEC_H code.
+
+	* po/uk.po: typo.
+
+	* man/pl/passwd.1, man/ja/passwd.1, man/Attic/chpasswd.8, man/Attic/dpasswd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1:
+	cleanups.
+
+	* src/Attic/dpasswd.c, src/Attic/mkpasswd.c, src/expiry.c, src/grpck.c, src/id.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/chfn.c, src/chsh.c, po/ja.po, po/ko.po, po/pl.po, po/sv.po, po/uk.po, po/cs.po, po/el.po, po/fr.po, man/Attic/useradd.8:
+	standarize usage messages syntax.
+
+	* man/pl/useradd.8, man/pl/usermod.8, man/pl/vipw.8, man/pl/userdel.8:
+	removed duplicated man page text.
+
+	* src/chage.c, po/ja.po, po/ko.po, po/pl.po, po/sv.po, po/uk.po, po/cs.po, po/el.po, po/fr.po:
+	standarize usage meissages syntax.
+
+	* src/chage.c, NEWS (main):
+	merge part Solar shadow-4.0.0-owl-pam-auth.diff patch with reorder
+	nitialize PAM and checkin is chage is runed by root or not - now chage can be
+	runed from non-root account for checking by user own accout information.
+
+	* src/pwck.c: indent source.
+
+	* src/pwck.c (main): remove old work around for Slackware bug.
+
+2001-12-20  Andrzej Krzysztofowicz  <ankry@pld.org.pl>
+
+	* man/ja/Attic/adduser.8, man/ja/Makefile.am, man/ja/limits.5, man/ja/pwconv.8:
+	- updated to man-pages-ja-20011215
+
+2001-11-19  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/grpck.c:
+	remove check for a Slackware bug (make sure GID is not -1; it was special
+	meaning for some syscalls).
+
+	* src/newgrp.c, src/pwck.c, src/su.c, src/useradd.c, src/usermod.c, src/groupadd.c, src/groupmod.c, src/id.c, NEWS:
+	fixes for handle/print correctly 32bit uid/gid (Thorsten Kukuk <kukuk@suse.de>).
+
+	* src/chage.c: - break usage vomment line.
+
+	* lib/defines.h:
+	removed bunch spaces on end line in conditionale #include <errno.h>
+	which in some cases dissallow compile correctly shadow (thanks for
+	Silvan Minghetti <bullet@users.sourceforge.net>).
+
+2001-11-17  Michał Moskal  <malekith@pld.org.pl>
+
+	* NEWS:
+	- mention fix for SEGV when using pwck -s on /etc/passwd file with
+	  empty lines in it
+
+	* lib/commonio.c:
+	- installed fix for SEGV when using pwck -s on /etc/passwd file with
+	  empty lines in it
+
+2001-11-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* libmisc/chkname.c, NEWS:
+	next merge from Solar patches (shadow-4.0.0-owl-check_names.diff) but only
+	part this patch with checking login name matching; checking is login
+	string isn't longer than possible probably it will be good prepare using
+	_POSIX_LOGIN_NAME_MAX from <bits/posix1_lim.h>
+
+2001-11-16  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: typos.
+
+	* NEWS: added info about new hu man pages.
+
+	* NEWS: updated.
+
+2001-11-16  Andrzej Krzysztofowicz  <ankry@pld.org.pl>
+
+	* man/ja/Attic/pw_auth.3, man/ja/Attic/pwauth.8, man/ja/passwd.5, man/ja/porttime.5, man/ja/pwck.8, man/ja/shadow.3, man/ja/shadow.5, man/ja/su.1, man/ja/suauth.5, man/ja/sulogin.8, man/ja/userdel.8, man/ja/usermod.8, man/ja/Attic/dpasswd.8, man/ja/Attic/mkpasswd.8, man/ja/Makefile.am, man/ja/chage.1, man/ja/chfn.1, man/ja/chpasswd.8, man/ja/chsh.1, man/ja/faillog.5, man/ja/faillog.8, man/ja/gpasswd.1, man/ja/groupadd.8, man/ja/groupdel.8, man/ja/groupmod.8, man/ja/grpck.8, man/ja/lastlog.8, man/ja/login.1, man/ja/login.access.5, man/ja/login.defs.5, man/ja/logoutd.8, man/ja/newgrp.1, man/ja/passwd.1:
+	- updated to man-pages-ja-20011115.tar.gz
+
+	* man/ja/groups.1: 3c26de91cfd359c0b7c36ca3cd3e170d  groups.1
+
+	* man/ja/grpconv.8: 402190c04b8df45e20afd01e3acd0da4  grpconv.8
+
+	* man/ja/grpunconv.8: 402190c04b8df45e20afd01e3acd0da4  grpunconv.8
+
+	* man/ja/id.1: 3edc687b1c09bbdd170553f326a71711  id.1
+
+	* man/ja/newusers.8: c2ecaa6ddffe07de2c39be3aefb5bcae  newusers.8
+
+	* man/ja/pwunconv.8: 402190c04b8df45e20afd01e3acd0da4  pwunconv.8
+
+	* man/ja/Attic/shadowconfig.8:
+	f79300c0db64fd961443177c88605087  shadowconfig.8
+
+	* man/ja/useradd.8: 3333b9a2e5a388a472fb05106d65a596  useradd.8
+
+	* man/ja/vigr.8: 42825938683e54e391897ea100001af1  vigr.8
+
+	* man/ja/vipw.8: 0cb8db0f1f19de7690f0ef9baeceb919  vipw.8
+
+2001-11-16  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* lib/Attic/getpass.c:
+	one fix warning from Solar shadow-4.0.0-owl-warnings.diff.
+
+	* src/chage.c, lib/defines.h:
+	move "#include <errno.h>" to /lib/defines.h.
+
+	* configure.in: added AC_CHECK_HEADERS(errno.h)
+
+	* src/chage.c: apply shadow-4.0.0-owl-chage-drop-priv.diff and
+	shadow-4.0.0-owl-chage-ro-no-lock.diff by Solar Designer <solar@openwall.com>.
+	Added locks which are needed when doing r/w accesses, not when running as root.
+	If root does read-only, there's no lock needed. Added missing
+	"#include <errno.h>" for above.
+
+2001-11-14  Andrzej Krzysztofowicz  <ankry@pld.org.pl>
+
+	* configure.in: - added hu directory antry
+
+	* man/Makefile.am: - groups.1 moved to EXTRA_DIST
+	- added hu directory entry
+
+	* man/ja/Makefile.am: - sorted
+	- shadow.3 moved to EXTRA_DIST
+
+	* man/pl/Makefile.am: - sorted
+	- added entries for new pages
+	- EXTRA_DIST synced with man/Makefile.am
+
+	* man/hu/Makefile.am, man/hu/chsh.1, man/hu/gpasswd.1, man/hu/groups.1, man/hu/newgrp.1, man/hu/passwd.1, man/hu/sg.1:
+	- man pages from Debian
+
+	* man/Attic/groupmems.8: - typo
+
+	* man/pl/expiry.1, man/pl/groupmems.8: - translated pages
+
+2001-11-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* libmisc/Makefile.am:
+	fix building with cracklib enabled: $(LIBCRACK) added to libmisc_la_LIBADD.
+
+	* src/useradd.c: typo.
+
+2001-11-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/Attic/dpasswd.c, src/gpasswd.c, src/groupadd.c, src/groupmod.c, src/grpck.c, src/lastlog.c, src/login.c, src/passwd.c, src/pwck.c, src/userdel.c, src/usermod.c, src/chage.c, src/chfn.c, src/chsh.c, libmisc/utmp.c:
+	removed prototypes which are defined in libc header files
+	(Thorsten Kukuk <kukuk@suse.de>).
+
+	* libmisc/Attic/nscd.c, libmisc/Makefile.am, lib/commonio.c:
+	implemetn better reloading the nscd cache (per NSS map)
+	by Thorsten Kukuk <kukuk@suse.de>
+
+	* src/login.c, libmisc/setupenv.c:
+	fixed warnings "not used but defined" on compile using gcc 3.0.x
+	by bulletpr00ph <bullet@users.sourceforge.net>.
+
+2001-10-24  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: New entries for 4.0.1.
+
+	* po/pl.po: few more pl translations.
+
+	* po/cs.po, po/el.po, po/fr.po, po/ja.po, po/ko.po, po/pl.po, po/sv.po, po/uk.po:
+	"make update-po".
+
+	* po/ja.po, po/ko.po, configure.in:
+	added ja, ko translations found in SuSe.
+
+2001-10-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/useradd.c: sort alphabetically *flg variables.
+
+	* debian/Attic/Makefile.am, debian/Attic/tar.c: removed.
+
+2001-10-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/ja/Makefile.am, man/ja/sg.1, man/pl/Makefile.am, man/pl/sg.1, man/pl/vigr.8, man/Attic/sg.1, man/Attic/vigr.8, man/Makefile.am:
+	added vigr(1) man page as roff .so link to vipw(1),                                                                             - added sg(1) man page as roff .so link to newgrp(1).
+
+	* src/Makefile.am:
+	added install symlinks newgrp -> sg, vipw -> vigr in install-exec-hook target.
+
+2001-10-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* lib/Makefile.am (libshadow_la_SOURCES):
+	reverte last change and added rcsid.h,
+	(EXTRA_DIST): added missing "\".
+
+	* src/Makefile.am: (DEFS):
+	- fix -DLOCALEDIR in DEFS,
+	- added -DHAVE_CONFIG_H,
+	- removed @DEFS@.
+
+	* lib/Makefile.am:
+	added missing shadow_.h file to libshadow_la_SOURCES.
+
+2001-09-08  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* Makefile.am (AUTOMAKE_OPTIONS):
+	version changed to 1.5 and added dist-bzip2.
+
+	* lib/Makefile.am, libmisc/Makefile.am, src/Makefile.am:
+	add .indent.pro to EXTRA_DIST.
+
+	* etc/Makefile.am, etc/useradd: add example /etc/defaults/useradd.
+
+2001-09-07  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* TODO: last touch.
+
+	* TODO: more TODO.
+
+	* lib/commonio.c, NEWS:
+	Fix bug discovered and fixed by Marcel Ritter <Marcel.Ritter@rrze.uni-erlangen.de>
+	Due to a big buffer size in lib/commonio.c this error does only appear
+	if a line gets longer than 4096 bytes (there are probably very few people
+	stumbling across this).
+	Ths bug can be exposed by trashing /etc/groups file using useradd with script:
+		#!/bin/sh
+		typeset -i NUM
+		NUM=0
+		groupadd demogroup
+		while [ $NUM -le 1000 ]; do
+		   useradd -g demogroup -G demogroup -p "NONE" user$NUM
+		   NUM=$NUM+1
+		done
+
+2001-09-01  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/groups.c, src/id.c, src/newgrp.c, src/useradd.c, src/usermod.c, libmisc/addgrps.c, NEWS:
+	remove limit 32 to groups per user (the same user can belong to
+	more than 32 groups) by use sysconf(_SC_NGROUPS_MAX) instead constant
+	NGROUPS_MAX (patch by Radu Constantin Rendec <radu.rendec@ines.ro>)
+	NOTE: it probably need testing on other system for add some conditionals
+	for using sysconf(_SC_NGROUPS_MAX) or NGROUPS_MAX constant.
+
+2001-08-31  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* etc/pam.d/Makefile.am, etc/pam.d/useradd: added file for useradd.
+
+2001-08-24  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/useradd.c (set_defaults):
+	handle correctly error open/create useradd default config
+	filei (based on orginal post to bugtraq).
+
+	* TODO: documment in pt_BR, ja man pages -s {pw,grp}ck option.
+
+	* libmisc/sulog.c, NEWS:
+	remove limit to 6 chars logged tty name (apply 012_libmisc_sulog.c.diff Debian
+	patch).
+
+	* man/pl/Attic/shadowconfig.8, man/Attic/shadowconfig.8:
+	- aply 021_man_shadowconfig_usr_doc.diff debian patch.
+
+	* src/Makefile.am, lib/Makefile.am:
+	use $(top_builddir) in .la files paths (for allow correct compile if
+	$(top_builddir) isn't the same as $(top_srcdir)).
+
+	* po/.cvsignore, po/Attic/ChangeLog: removed ChangeLog.
+
+2001-08-18  Michał Moskal  <malekith@pld.org.pl>
+
+	* src/grpck.c: - fixed getopt() call, thnx to arekm
+
+2001-08-15  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: - include last changes to list changes in version 4.0.0.
+
+2001-08-14  Michał Moskal  <malekith@pld.org.pl>
+
+	* NEWS: - mention new -s options
+
+	* man/pl/grpck.8, man/pl/pwck.8, man/Attic/grpck.8, man/Attic/pwck.8:
+	- documented new -s options
+
+	* src/grpck.c, src/pwck.c: - added -s option to sort output files
+
+	* lib/groupio.c, lib/groupio.h, lib/pwio.c, lib/pwio.h, lib/sgroupio.c, lib/sgroupio.h, lib/shadowio.c, lib/shadowio.h:
+	- added pw_sort, gr_sort, sgr_sort and spw_sort functions
+
+	* lib/commonio.c, lib/commonio.h:
+	- added commonio_sort{,_wrt} functions
+
+2001-08-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/Attic/ChangeLog, po/uk.po, configure.in:
+	added uk translation (Roman Festchook <roma@polesye.net>).
+
+	* src/logoutd.c (mani):
+	s/ut->ut_libe/ut->ut_user/ on prepare strin with user name for syslog
+	line (reported by Roman Festchook <roma@polesye.net>).
+
+2001-07-27  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* Attic/acconfig.h: - added missing USG.
+
+2001-07-04  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* lib/commonio.c:
+	fix buffer overflow (not a security hole) in commonio_setname
+
+2001-06-28  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS: entry about dropping support one argument pam_strerror().
+
+	* libmisc/pam_pass.c, src/login.c, src/su.c, Attic/acconfig.h, configure.in, lib/defines.h, lib/pam_defs.h:
+	drop detecting is pam_strerror() need one or two arguments. Instead using
+	PAM_STRERROR() macro use directly pam_strerror() function with two arguments.
+	pam_strerror() with one argument is obsoleted.
+
+	* configure.in:
+	pass display error message if libpam_misc not found in correct argument
+	AC_CHECK_LIB().
+
+	* configure.in:
+	added checking for libpam_misc if libpam found and if libpam_misc is avalaible
+	add them to $LIBPAM. Othervise exit fron autoconf script with error message.
+	Now shadow compiles if pam support is enabled.
+
+2001-06-28  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* libmisc/copydir.c: fix overwriting existing file (add O_TRUNC)
+
+2001-06-23  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* configure.in: remove intl/po2tbl.sed from AC_OUTPUT().
+
+	* configure.in:
+	removed add md5.o md5crypt.o conditionaly to $LIBOBJS (this is obsoleted).
+	In current version ndling md5 functionality is included conditionaly
+	inside md5.c and md5crypt.c source files.
+
+	* lib/Attic/md5.c: added comments for #endif.
+
+	* configure.in: also do not use SU_ACCESS when PAM is used.
+
+	* configure.in:
+	- check pam directly by AC_CHECK_LIB() (PAM from PLD is now fixed an also other
+	  PAM implementation must be fixed for this method checkin is libpam is avalaible;
+	  sorry .. no way this is plain linking procedure bug),
+	- use AC_DEFINE(LOGIN_ACCES) only when PAM isn't used.
+
+2001-06-23  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* src/Makefile.am:
+	add LDADD for groupmod and usermod, as they use PAM too
+
+	* src/login.c, src/su.c: fix uninitialized variable failcount
+	skip '*' in pw_shell for subsystem root
+
+2001-06-23  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/login.c: use "extern int login_access()" only if !USE_PAM.
+
+	* src/Makefile.am:
+	added LDADD rules for programs which uses PAM and cracklib.
+
+2001-06-23  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* libmisc/chowntty.c:
+	allow root login even on read-only root filesystem
+
+	* libmisc/Makefile.am: add -DHAVE_CONFIG_H to DEFS
+
+2001-06-23  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* autogen.sh: run configure by default with --disable-desrpc,
+	fix: --with-libpam (not --with-pam).
+
+2001-06-23  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* libmisc/chowntty.c:
+	libmisc/chowntty.c (chown_tty): move perror() before syslog() call
+	which might change errno.
+
+	* man/pl/login.defs.5, man/Attic/login.defs.5:
+	(UMASK): Default value is 077, not 0 - see NEWS for shadow-3.3.2-951106.
+
+2001-06-23  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* NEWS, configure.in: prepare for release 4.0.0 version.
+
+	* configure.in: remove commented line.
+
+2001-06-16  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/pl.po: fixed charset (must be iso-8859-2).
+
+	* man/Makefile.am, man/ja/.cvsignore, man/ja/Attic/dpasswd.8, man/ja/Attic/mkpasswd.8, man/ja/Attic/pw_auth.3, man/ja/Attic/pwauth.8, man/ja/Makefile.am, man/ja/chage.1, man/ja/chfn.1, man/ja/chpasswd.8, man/ja/chsh.1, man/ja/faillog.5, man/ja/faillog.8, man/ja/gpasswd.1, man/ja/groupadd.8, man/ja/groupdel.8, man/ja/groupmod.8, man/ja/grpck.8, man/ja/lastlog.8, man/ja/login.1, man/ja/login.access.5, man/ja/login.defs.5, man/ja/logoutd.8, man/ja/newgrp.1, man/ja/passwd.1, man/ja/passwd.5, man/ja/porttime.5, man/ja/pwck.8, man/ja/pwconv.8, man/ja/shadow.3, man/ja/shadow.5, man/ja/su.1, man/ja/suauth.5, man/ja/sulogin.8, man/ja/userdel.8, man/ja/usermod.8, configure.in, NEWS:
+	added ja man pages.
+
+2001-05-30  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/Attic/shadowconfig.sh, src/Makefile.am, debian/Attic/Makefile.am, debian/Attic/shadowconfig.sh:
+	move shadowconfig.sh to debian/
+
+	* src/Makefile.am: added missing -I${top_srcdir} to INCLUDES.
+
+	* lib/Makefile.am: empty DEFS and INCLUDES="-I$(top_srcdir)".
+
+	* libmisc/Makefile.am:
+	empty DEFS and INCLUDES="-I$(top_srcdir) -I$(top_srcdir)/lib".
+
+2001-03-05  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/.indent.pro, lib/.indent.pro, libmisc/.indent.pro:
+	directory indent config file is -kr -i8 -bad (indent open this file and
+	read options if options not specyfied in commnad line).
+
+	* autogen.sh (conf_flags): added --with-pam.
+
+	* NEWS: start complette next release information.
+
+2001-02-04  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* shlib/Attic/Makefile.am, shlib/Attic/Makefile.in.saved: - removed.
+
+	* src/Makefile.am, libmisc/Makefile.am, lib/Makefile.am:
+	Rewrited automake suit for building lib, libmisc and src (now this look much
+	better). Also for all is now used libtool in proper way.
+
+	* configure.in:
+	- added useing AM_DISABLE_SHARED, AM_ENABLE_STATIC for disable compile shared
+	  libraries and enable static,
+	- some cosmetics.
+
+	* Makefile.am (SUBDIRS): reorder libmisc must be before lib.
+
+2001-02-01  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pt_BR/Makefile.am: - added man_MANS to EXTRA_DIST.
+
+2001-01-31  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/Makefile.am, man/pt_BR/Makefile.am, man/pt_BR/gpasswd.1, man/pt_BR/groupadd.8, man/pt_BR/groupdel.8, man/pt_BR/groupmod.8, man/pt_BR/shadow.5, configure.in:
+	include pt_BR man pages for gpasswd(1), groupadd(1), groupdel(8),
+	groupmod(8), shadow(5).
+
+2001-01-27  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* TODO: - updated.
+
+	* man/pl/Attic/dpasswd.8, man/pl/chage.1, man/pl/chfn.1, man/pl/chpasswd.8, man/pl/chsh.1, man/pl/faillog.5, man/pl/faillog.8, man/pl/gpasswd.1, man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmod.8, man/pl/groups.1, man/pl/grpck.8, man/pl/id.1, man/pl/lastlog.8, man/pl/login.1, man/pl/newgrp.1, man/pl/newusers.8, man/pl/passwd.1, man/pl/su.1, man/pl/useradd.8, man/pl/userdel.8, man/pl/vipw.8, man/Attic/dpasswd.8, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/su.1, man/Attic/useradd.8, man/Attic/usermod.8, man/Attic/vipw.8:
+	many small cleanups, fixes also removed commented obsoleted texts.
+
+2001-01-25  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* autogen.sh: add to conf_flags --disable-shared.
+
+	* man/pl/Attic/d_passwd.5, man/pl/Attic/dialups.5, man/pl/Attic/dpasswd.8, man/pl/Attic/mkpasswd.8, man/pl/Attic/pw_auth.3, man/pl/Attic/pwauth.8, man/pl/Attic/shadowconfig.8, man/pl/chage.1, man/pl/chfn.1, man/pl/chpasswd.8, man/pl/chsh.1, man/pl/faillog.5, man/pl/faillog.8, man/pl/gpasswd.1, man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmod.8, man/pl/groups.1, man/pl/grpck.8, man/pl/id.1, man/pl/lastlog.8, man/pl/limits.5, man/pl/login.1, man/pl/login.access.5, man/pl/login.defs.5, man/pl/logoutd.8, man/pl/newgrp.1, man/pl/newusers.8, man/pl/passwd.1, man/pl/passwd.5, man/pl/porttime.5, man/pl/pwck.8, man/pl/pwconv.8, man/pl/shadow.3, man/pl/shadow.5, man/pl/su.1, man/pl/suauth.5, man/pl/sulogin.8, man/pl/useradd.8, man/pl/userdel.8, man/pl/usermod.8, man/pl/vipw.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pwauth.8, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/shadowconfig.8, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/vipw.8, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/dpasswd.8, man/Attic/expiry.1, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmems.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/limits.5, man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/logoutd.8:
+	put or move to top cemmented Id cvs keyword,
+	(passwd.1): documment -e option (patch from Debian),
+	(userdel.1): remove commented obsoleted options.
+
+	* man/Makefile.am:
+	put all files in man_MANS and EXTRA_DIST in alphabethic order.
+
+	* src/chpasswd.c, src/pwunconv.c:
+	remove from comments program description and history logs.
+
+	* src/Makefile.am: move groups to bin_PROGRAMS.
+
+2000-12-19  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/su.c: Based on Debian modyfications:
+	(main): #endif /* USE_PAM */ #ifdef USE_PAM replaced by #else,
+	(main): removed some dead code (scoped by #if 0 .. #endif).
+	(main): call to re-establish SIGINT to right place.
+
+	* man/pl/passwd.1: Removed SEE ALSO to shadow(3) and passwd(3).
+
+	* man/pl/shadow.5, man/Attic/shadow.5: Removed SEE ALSO to shadow(3).
+
+	* man/Attic/passwd.1:
+	Removed SEE ALSO to passwd(3) and commented shadow(3).
+
+2000-12-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/useradd.c (main):
+	use "useradd" instead "shadow in pam_start() parameters - this
+	allow use separated pam config file for useradd (for example for allow
+	specified non-root user for add user).
+
+2000-11-29  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* TODO: remove write expiry(1) man page.
+
+	* man/Attic/expiry.1, man/Makefile.am:
+	added expiry(1) man page from Debian.
+
+	* man/pl/lastlog.8, man/Attic/lastlog.8:
+	updated man pages for whole dispaly syntax.
+
+	* src/lastlog.c (main): fixed command line syntax description.
+
+	* src/lastlog.c (main):
+	display correctly and full current commnad line lastlog syntax
+	and also output this string using gettext.
+
+	* src/lastlog.c (main):
+	merge src_lastlogin.c patch from debian with use getopt_long()
+	instead getopt() for add handling --help, --user, --time switches and
+	dipslay useage message on -h, --help and as default action.
+
+2000-11-17  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* src/groupmems.c, po/el.po, po/fr.po, po/pl.po, po/sv.po, po/POTFILES.in, po/cs.po:
+	added i18n support for src/groupmems.c.
+
+	* src/useradd.c:
+	* (set_defaults): use mkstemp() if avalaible. Othereise use mktemp().
+
+	* configure.in: * added checking for mkstemp().
+
+	* src/useradd.c: * (set_defaults): use mkstemp() instead mktemp(),
+	* (mani): fix compilation error in previouse RH patch (removed using nflg).
+
+2000-11-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* TODO: - groupmems need some work on add PAM and i18n support.
+
+	* src/groupmems.c, man/Attic/groupmems.8:
+	Added raw version groupmems program for administer members of a user's
+	primary group. groupmems was written by George Kraft IV <gk4@us.ibm.com>
+	and this tool have BSD license.
+
+	* src/Attic/patchlevel.h, src/Makefile.am:
+	patchlevel.h, Makefile.am: removed patchlevel.h file,
+	Makefile.am: removed bindir, sbindir (this comes with autoconf).
+
+2000-11-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* TODO: - write expire man page.
+
+2000-10-16  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* old/Attic/pwconv-old.8, old/Attic/pwconv.8, old/Attic/pwunconv-old.8, old/Attic/pwunconv.8, man/pl/Attic/mkpasswd.8, man/pl/Attic/pw_auth.3, man/pl/Attic/pwauth.8, man/pl/login.defs.5, man/pl/logoutd.8, man/pl/newgrp.1, man/pl/newusers.8, man/pl/passwd.1, man/pl/porttime.5, man/pl/pwck.8, man/pl/shadow.3, man/pl/su.1, man/pl/sulogin.8, man/pl/useradd.8, man/pl/userdel.8, man/pl/usermod.8, man/pl/Attic/dpasswd.8, man/pl/chage.1, man/pl/chfn.1, man/pl/chpasswd.8, man/pl/chsh.1, man/pl/faillog.5, man/pl/faillog.8, man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmod.8, man/pl/groups.1, man/pl/grpck.8, man/pl/id.1, man/pl/lastlog.8, man/pl/login.1, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/dpasswd.8, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/login.1, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pwauth.8, man/Attic/pwck.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, debian/Attic/login.copyright, debian/Attic/passwd.copyright, debian/Attic/secure-su.copyright, doc/Attic/ANNOUNCE, doc/Attic/LSM, doc/Attic/README, doc/Attic/README.linux:
+	Julianne F. Haugh new contact adress.
+
+	* NEWS: - summary chanfes for 20001016.
+
+	* doc/Attic/README.shadow-paper, doc/Makefile.am:
+	- removed outdated README.shadow-paper.
+
+	* configure.in: - release 20001016.
+
+2000-10-15  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/Makefile.am, man/Makefile.am: fixes in man/{,po}/Makefile.am:
+	- $(man_MANS) added to EXTRA_DISTS,
+	- do not install by default groups.1, id.1, pw_auth.3, shadow.3, pwauth.8,
+	  sulogin.8, dpasswd.8 (moved to EXTRA_DISTS),
+
+2000-10-15  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* lib/commonio.c (reload_nscd): Disable for now because not every
+	version of nscd can handle it, unless ENABLE_NSCD_SIGHUP defined.
+
+2000-10-15  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* libmisc/pwdcheck.c, libmisc/Makefile.am: - added missing pwdcheck.c.
+
+	* configure.in: - removed old/Makefile from AC_OUTPUT list.
+
+2000-10-12  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* README: - fixed information about RO cvs access.
+
+	* NEWS: - summary changes description for shadow-20001012.
+
+	* configure.in: - release changed to 20001012.
+
+	* etc/Makefile.am: - removed shells and suauth from EXTRA_DIST.
+
+	* doc/Makefile.am: - removed README.debian from EXTRA_DIST.
+
+	* libmisc/Makefile.am: - removed pwdcheck.c from libmisc_a_SOURCES.
+
+	* debian/Attic/Makefile.am: - removed FILES from EXTRA_DIST.
+
+	* contrib/Makefile.am: - s/udbachk.v012.tgz/udbachk.tgz/
+
+	* doc/Makefile.am: - removed CHANGES (this file was moved to ../NEWS).
+
+2000-10-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/Attic/ChangeLog: - add empty file (gettext requires this).
+
+2000-10-10  Arkadiusz Miśkiewicz  <misiek@pld.org.pl>
+
+	* README: typos fixed
+
+2000-10-10  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* Makefile.am: - added shadow-utils.spec.in to EXTR_DIST.
+
+	* redhat/Attic/shadow-utils.spec.in: - obsoleted.
+
+	* Attic/stamp-h.in: - removed (this file is autogenerated by autoconf).
+
+	* po/pl.po, po/sv.po, po/cs.po, po/el.po, po/fr.po:
+	- update before release.
+
+	* doc/Attic/LSM: - new maintainer and new primary site.
+
+	* Makefile.am: - README added to EXTRA_DIST.
+
+	* README: - added README with all shadow sites and resources details.
+
+	* Attic/shadow-utils.spec.in: - partialy rewrited.
+
+	* configure.in: - change version to 20001010.
+
+	* Makefile.am: - added NEWS to EXTRA_DIST.
+
+	* Makefile.am, TODO: - added TODO.
+
+	* doc/Attic/CHANGES, NEWS: - rename doc/CHANGES -> NEWS.
+
+2000-10-09  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* redhat/Attic/Makefile.am, redhat/Attic/README, redhat/Attic/shadow-970616-fix.patch, redhat/Attic/shadow-970616-glibc.patch, redhat/Attic/shadow-970616-rh.patch, redhat/Attic/shadow-970616-utuser.patch, redhat/Attic/shadow-970616.login.defs, redhat/Attic/shadow-970616.useradd, redhat/Attic/shadow-utils-970616.spec, Attic/shadow-utils.spec.in, Makefile.am, configure.in:
+	- remove redhat/ directory with obsoleted files.
+
+	* po/.cvsignore, src/.cvsignore, man/.cvsignore, man/pl/.cvsignore, .cvsignore, libmisc/.cvsignore:
+	- shut up cvs.
+
+	* man/Makefile.am: - removed redundant ${man_MANS} from EXTRA_DIST.
+
+	* src/useradd.c:
+	- fix a security bug (adduser could overwrite previously existing
+	  groups (shadow-19990827-group.patch from RH),
+
+	* po/cs.po, po/el.po, po/fr.po, po/pl.po, po/sv.po:
+	- "make updated-po".
+
+	* man/pl/Makefile.am, man/pl/grpconv.8, man/pl/grpunconv.8, man/pl/pwunconv.8, man/Attic/grpconv.8, man/Attic/grpunconv.8, man/Attic/pwunconv.8, man/Makefile.am:
+	- added man pages for grpconv(8), grpunconv(8), pwunconv(8) (.so link to
+	  pwconv(8))
+
+	* man/pl/Attic/adduser.8, man/pl/Makefile.am, man/Attic/adduser.8, man/Makefile.am:
+	- added man page for adduser(8) (.so link to useradd(8)).
+
+	* po/Attic/doit:
+	- removed (in po/Makefile.in.in exist special update-po target).
+
+	* etc/pam.d/passwd, etc/pam.d/su: - cosmetics.
+
+	* etc/pam.d/Attic/shadow: - sample PAM config file for shadow utils.
+
+	* etc/pam.d/Makefile.am: - added shadow to EXTRA_DIST
+
+	* src/chpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/newusers.c, src/useradd.c, src/userdel.c, src/usermod.c:
+	- bind to shadow PAM file instead userdb (mainly PAMimication all shadow
+	  utils is used for proper updating db files but in real this can be used
+	  for perform many other tasks).
+
+	* src/Makefile.am: - added linking with @LIBPAM@ all PAMified tools.
+
+	* src/chpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/newusers.c, src/useradd.c, src/userdel.c, src/usermod.c:
+	- added PAM support (bind to common "userdb" PAM authentication description
+	  file).
+
+	* src/chage.c: - added PAM support.
+
+2000-10-06  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* autogen.sh:
+	- added autogen.sh script which prepare raw source code from cvs to use.
+
+2000-10-04  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* man/pl/useradd.8, man/pl/userdel.8, man/pl/usermod.8, man/pl/vipw.8:
+	- merged changes from PTM.
+
+	* man/pl/Makefile.am:
+	- simplified: use only man_MANS and remaped $(mandir) variable.
+
+2000-09-27  Tomasz KÅ‚oczko  <kloczek@pld.org.pl>
+
+	* po/cs.po, configure.in:
+	- added cs translation (Jiri Pavlovsky <Jiri.Pavlovsky@ff.cuni.cz>).
+
+2000-09-05  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* man/pl/sulogin.8, man/pl/vipw.8, po/el.po, po/fr.po, po/pl.po, po/sv.po, man/pl/Attic/d_passwd.5, man/pl/Attic/dialups.5, man/pl/Attic/dpasswd.8, man/pl/Attic/mkpasswd.8, man/pl/Attic/pw_auth.3, man/pl/Attic/pwauth.8, man/pl/Attic/shadowconfig.8, man/pl/chage.1, man/pl/chfn.1, man/pl/chpasswd.8, man/pl/chsh.1, man/pl/faillog.5, man/pl/faillog.8, man/pl/gpasswd.1, man/pl/groups.1, man/pl/grpck.8, man/pl/id.1, man/pl/lastlog.8, man/pl/limits.5, man/pl/login.1, man/pl/login.access.5, man/pl/login.defs.5, man/pl/logoutd.8, man/pl/newgrp.1, man/pl/newusers.8, man/pl/passwd.1, man/pl/passwd.5, man/pl/porttime.5, man/pl/pwck.8, man/pl/pwconv.8, man/pl/shadow.3, man/pl/shadow.5, man/pl/su.1, man/pl/suauth.5:
+	*** empty log message ***
+
+2000-09-02  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* src/groupmod.c, src/grpck.c, src/login.c, src/logoutd.c, src/newgrp.c, src/passwd.c, src/pwck.c, src/su.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/usermod.c, lib/commonio.h, lib/defines.h, lib/groupio.c, lib/pwio.c, lib/sgroupio.c, lib/shadowio.c, man/Attic/usermod.8, po/el.po, po/fr.po, po/pl.po, po/sv.po, redhat/Attic/shadow-utils.spec.in, src/Attic/dpasswd.c, src/chage.c, src/chfn.c, src/chsh.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, configure.in, debian/Attic/rules, doc/Attic/CHANGES, doc/Attic/LSM, lib/commonio.c:
+	*** empty log message ***
+
+2000-08-26  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* contrib/Makefile.am, contrib/groupmems.shar, doc/Attic/LSM, po/el.po, po/fr.po, po/pl.po, po/sv.po, doc/Attic/README.mirrors, src/vipw.c, src/Attic/dpasswd.c, src/Attic/mkpasswd.c, src/Makefile.am, src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/expiry.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/groups.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, src/id.c, src/lastlog.c, src/login.c, src/logoutd.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/usermod.c, lib/Attic/dialchk.h, lib/Attic/dialup.h, lib/Attic/rad64.c, lib/Attic/tcfsio.h, lib/Makefile.am, lib/commonio.c, lib/commonio.h, lib/defines.h, lib/encrypt.c, lib/getdef.c, lib/getdef.h, lib/groupio.c, lib/groupio.h, lib/prototypes.h, lib/pwauth.c, lib/pwio.c, lib/pwio.h, lib/sgroupio.c, lib/sgroupio.h, lib/shadowio.h, libmisc/Attic/suauth.c, libmisc/chkname.h, libmisc/chowndir.c, libmisc/copydir.c, libmisc/entry.c, libmisc/failure.h, libmisc/getdate.h, libmisc/hushed.c, libmisc/loginprompt.c, libmisc/setupenv.c, libmisc/sulog.c, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/dpasswd.8, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/login.1, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pwauth.8, man/Attic/pwck.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Makefile.am, man/pl/Makefile.am, man/pl/groupadd.8, man/pl/groupdel.8, man/pl/groupmod.8, man/pl/useradd.8, man/pl/userdel.8, man/pl/usermod.8, etc/Attic/login.defs.hurd, etc/Attic/login.defs.linux, doc/Attic/ANNOUNCE, doc/Attic/CHANGES, doc/Attic/README, doc/Attic/README.linux, doc/Attic/README.pam, doc/WISHLIST, debian/Attic/login.copyright, debian/Attic/passwd.copyright, debian/Attic/secure-su.copyright, Attic/mkinstalldirs, configure.in, Makefile.am:
+	*** empty log message ***
+
+1999-08-27  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* doc/Attic/LSM, po/el.po, po/fr.po, po/pl.po, po/sv.po, debian/Attic/passwd.postinst, lib/Attic/dialchk.c, lib/Attic/getpass.c, lib/getdef.c, lib/pwauth.c, libmisc/limits.c, libmisc/rlogin.c, man/Attic/limits.5, man/Attic/newgrp.1, src/Attic/dpasswd.c, src/chage.c, src/gpasswd.c, src/login.c, src/logoutd.c, src/newgrp.c, src/passwd.c, src/sulogin.c, Attic/acconfig.h, configure.in, debian/Attic/Makefile.am, debian/Attic/changelog, debian/Attic/control.gnu, debian/Attic/control.linux, debian/Attic/login.postrm, debian/Attic/logoutd, debian/Attic/logoutd.init, debian/Attic/passwd.conffiles, debian/Attic/passwd.cron, debian/Attic/passwd.init, debian/Attic/passwd.postrm, debian/Attic/rules, doc/Attic/CHANGES, doc/Attic/README.mirrors, doc/WISHLIST, etc/Attic/login.defs.hurd, etc/Attic/login.defs.linux, etc/Makefile.am, lib/defines.h:
+	*** empty log message ***
+
+1999-07-09  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* configure.in, contrib/Makefile.am, debian/Attic/changelog, doc/Attic/CHANGES, doc/Attic/LSM, doc/WISHLIST, lib/Attic/strcasecmp.c, lib/prototypes.h, libmisc/Makefile.am, man/Attic/faillog.8, po/el.po, po/pl.po, src/Makefile.am, src/chfn.c, src/chsh.c, src/faillog.c, src/groupmod.c, src/grpconv.c, src/grpunconv.c, src/newgrp.c, src/passwd.c, src/vipw.c:
+	*** empty log message ***
+
+1999-06-07  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* redhat/Attic/shadow-utils.spec.in, src/Attic/dpasswd.c, src/Attic/mkpasswd.c, src/Makefile.am, src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/expiry.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/groups.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, src/id.c, src/lastlog.c, src/login.c, src/logoutd.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/usermod.c, contrib/Makefile.am, contrib/README, contrib/udbachk.tgz, debian/Attic/changelog, debian/Attic/rules, doc/Attic/CHANGES, doc/Attic/LSM, doc/Attic/README.linux, doc/Attic/README.mirrors, doc/README.platforms, doc/WISHLIST, lib/Attic/getpass.c, lib/Attic/rcsid.h, lib/Makefile.am, lib/fputsx.c, lib/pam_defs.h, lib/prototypes.h, libmisc/Attic/login_desrpc.c, libmisc/pam_pass.c, libmisc/utmp.c, man/Attic/login.1, po/el.po, po/pl.po, Attic/acconfig.h, configure.in:
+	*** empty log message ***
+
+1999-03-07  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* po/pl.po, po/el.po, doc/Attic/LSM, src/useradd.c, src/su.c, src/pwconv.c, src/pwck.c, src/passwd.c, src/newusers.c, src/newgrp.c, src/logoutd.c, src/login.c, src/grpconv.c, src/grpck.c, src/groupadd.c, src/gpasswd.c, src/Attic/dpasswd.c, src/chfn.c, src/chage.c, man/Attic/usermod.8, man/Attic/useradd.8, man/Attic/limits.5, man/Attic/chage.1, libmisc/valid.c, libmisc/sub.c, libmisc/strtoday.c, libmisc/setupenv.c, libmisc/obscure.c, libmisc/limits.c, libmisc/env.c, lib/Attic/snprintf.h, lib/getdef.c, lib/encrypt.c, lib/defines.h, etc/Attic/login.defs.linux, doc/WISHLIST, doc/Attic/README.nls, doc/Attic/README.pam, doc/README.platforms, doc/Attic/README.mirrors, doc/Attic/README.linux, doc/Makefile.am, doc/Attic/CHANGES, debian/Attic/tar.c, debian/Attic/rules, debian/Attic/logoutd, debian/Attic/control, debian/Attic/changelog, configure.in:
+	*** empty log message ***
+
+1998-12-28  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* src/usermod.c, src/userdel.c, src/useradd.c, src/sulogin.c, src/su.c, src/pwunconv.c, src/pwconv.c, src/pwck.c, src/passwd.c, src/newusers.c, src/newgrp.c, src/Attic/mkpasswd.c, src/logoutd.c, src/login.c, src/lastlog.c, src/id.c, src/grpunconv.c, src/grpconv.c, src/grpck.c, src/groups.c, src/groupmod.c, src/groupdel.c, src/groupadd.c, src/gpasswd.c, src/faillog.c, src/expiry.c, src/Attic/dpasswd.c, src/chsh.c, src/chpasswd.c, src/chfn.c, src/chage.c, po/Attic/doit, po/POTFILES.in, po/el.po, src/Makefile.am, man/Attic/usermod.8, man/Attic/userdel.8, man/Attic/useradd.8, man/Attic/sulogin.8, man/Attic/su.1, man/Attic/shadow.5, man/Attic/shadow.3, man/Attic/pwck.8, man/Attic/pwauth.8, man/Attic/pw_auth.3, man/Attic/porttime.5, man/Attic/passwd.5, man/Attic/passwd.1, man/Attic/newusers.8, man/Attic/newgrp.1, man/Attic/mkpasswd.8, man/Attic/logoutd.8, man/Attic/login.defs.5, man/Attic/login.1, man/Attic/lastlog.8, man/Attic/id.1, man/Attic/grpck.8, man/Attic/groups.1, man/Attic/groupmod.8, man/Attic/groupdel.8, man/Attic/groupadd.8, man/Attic/faillog.8, man/Attic/faillog.5, man/Attic/dpasswd.8, man/Attic/chsh.1, man/Attic/chpasswd.8, man/Attic/chfn.1, man/Attic/chage.1, libmisc/xmalloc.c, libmisc/sub.c, libmisc/Attic/suauth.c, libmisc/shell.c, libmisc/setupenv.c, libmisc/pam_pass.c, libmisc/obscure.c, libmisc/mail.c, libmisc/Attic/login_desrpc.c, libmisc/limits.c, libmisc/failure.c, libmisc/env.c, libmisc/console.c, libmisc/chowntty.c, libmisc/age.c, libmisc/addgrps.c, libmisc/Makefile.am, lib/Attic/strerror.c, lib/pwauth.c, lib/prototypes.h, lib/Attic/getpass.c, lib/getdef.c, lib/Attic/dialchk.c, lib/defines.h, lib/Makefile.am, doc/WISHLIST, doc/README.platforms, doc/Attic/README.mirrors, doc/Attic/README.linux, doc/Attic/README, doc/Attic/LSM, doc/Attic/CHANGES, debian/Attic/secure-su.copyright, debian/Attic/passwd.copyright, debian/Attic/login.copyright, debian/Attic/control, debian/Attic/changelog, configure.in, Attic/acconfig.h, Makefile.am:
+	*** empty log message ***
+
+1998-07-24  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* src/passwd.c, src/su.c, src/userdel.c, src/Makefile.am, src/chage.c, src/faillog.c, src/login.c, lib/Attic/tcfsio.c, lib/Attic/tcfsio.h, lib/pwauth.c, libmisc/chowntty.c, libmisc/pam_pass.c, libmisc/setugid.c, etc/pam.d/passwd, etc/pam.d/su, lib/Makefile.am, lib/commonio.c, lib/defines.h, lib/prototypes.h, doc/Attic/README.linux, doc/Attic/README.mirrors, doc/Makefile.am, doc/README.platforms, doc/WISHLIST, etc/Makefile.am, etc/pam.d/Makefile.am, doc/Attic/CHANGES, debian/Attic/changelog, configure.in, Attic/acconfig.h:
+	*** empty log message ***
+
+1998-06-26  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* src/passwd.c, src/usermod.c, man/Attic/faillog.8, man/Attic/pwconv.8, src/logoutd.c, lib/Attic/getpass.c, libmisc/copydir.c, doc/Attic/README.linux, doc/Attic/README.mirrors, doc/WISHLIST, lib/commonio.c, debian/Attic/changelog, doc/Attic/CHANGES, configure.in:
+	*** empty log message ***
+
+1998-05-29  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* man/Attic/lastlog.8, man/Attic/login.1, src/usermod.c, doc/Attic/CHANGES, doc/Attic/README.linux, etc/Attic/login.defs.linux, lib/defines.h, debian/Attic/changelog, debian/Attic/login.copyright, debian/Attic/login.postinst, debian/Attic/passwd.copyright, debian/Attic/rules, debian/Attic/secure-su.copyright, configure.in, contrib/Makefile.am, contrib/shadow-anonftp.patch:
+	*** empty log message ***
+
+1998-04-16  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* src/useradd.c, src/userdel.c, src/usermod.c, src/passwd.c, src/sulogin.c, src/groupdel.c, src/login.c, src/logoutd.c, src/newgrp.c, src/Attic/dpasswd.c, src/chage.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, redhat/Attic/shadow-970616-rh.patch, redhat/Attic/shadow-970616-utuser.patch, redhat/Attic/shadow-970616.login.defs, redhat/Attic/shadow-970616.useradd, redhat/Attic/shadow-utils-970616.spec, src/Makefile.am, libmisc/utmp.c, redhat/Attic/Makefile.am, redhat/Attic/README, redhat/Attic/shadow-970616-fix.patch, redhat/Attic/shadow-970616-glibc.patch, libmisc/Attic/login_desrpc.c, libmisc/limits.c, libmisc/log.c, libmisc/loginprompt.c, libmisc/obscure.c, libmisc/strtoday.c, libmisc/chkname.c, libmisc/chowndir.c, libmisc/copydir.c, libmisc/failure.c, lib/Attic/dialchk.c, lib/Attic/pwpack.c, lib/defines.h, lib/pwauth.c, doc/Attic/CHANGES, doc/Attic/README.linux, doc/WISHLIST, doc/cracklib26.diff, lib/commonio.c, Attic/acconfig.h, configure.in, debian/Attic/tar.c:
+	*** empty log message ***
+
+1998-04-02  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* src/groupmod.c, libmisc/sulog.c, lib/sgetspent.c, lib/sgetpwent.c, lib/sgetgrent.c, lib/Attic/putgrent.c, lib/gshadow.c, lib/getdef.c, lib/fputsx.c, lib/commonio.c, doc/Attic/README.linux, doc/Attic/README.mirrors, doc/Attic/CHANGES, configure.in:
+	*** empty log message ***
+
+1998-01-30  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* Attic/install-sh, src/userdel.c, src/usermod.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/useradd.c, src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c, src/groupmod.c, src/login.c, src/logoutd.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/expiry.c, redhat/Attic/README, redhat/Attic/shadow-utils.spec.in, src/Makefile.am, src/chage.c, man/Attic/login.defs.5, man/Attic/useradd.8, man/Attic/usermod.8, redhat/Attic/Makefile.am, libmisc/pam_pass.c, libmisc/strtoday.c, libmisc/tz.c, libmisc/Attic/login_access.c, libmisc/Attic/login_desrpc.c, libmisc/Attic/login_krb.c, libmisc/obscure.c, libmisc/age.c, libmisc/env.c, libmisc/limits.c, lib/Attic/strstr.c, lib/shadow.c, lib/shadowio.c, lib/shadowio.h, lib/utent.c, lib/Attic/rmdir.c, lib/pwio.c, lib/pwio.h, lib/sgetspent.c, lib/sgroupio.c, lib/Attic/mkdir.c, lib/Attic/putgrent.c, lib/prototypes.h, lib/pwauth.c, lib/Attic/md5crypt.c, lib/Attic/getpass.c, lib/groupio.c, lib/gshadow.c, lib/lockpw.c, lib/commonio.h, lib/defines.h, lib/encrypt.c, lib/getdef.c, lib/getdef.h, doc/Attic/README.mirrors, doc/Attic/automake-1.0.diff, doc/WISHLIST, lib/Makefile.am, lib/commonio.c, doc/Attic/ANNOUNCE, doc/Attic/CHANGES, doc/Attic/README.linux, doc/Makefile.am, doc/README.limits, debian/Attic/Makefile.am, debian/Attic/changelog, debian/Attic/login.copyright, debian/Attic/rules, Attic/mkinstalldirs, Attic/shadow-utils.spec, contrib/README, Attic/acconfig.h, Attic/aclocal.m4, configure.in, Makefile.am:
+	*** empty log message ***
+
+1998-01-25  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* Attic/acconfig.h: *** empty log message ***
+
+1997-12-14  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* doc/Attic/CHANGES, debian/Attic/checksums, debian/Attic/rules, debian/Attic/Makefile.am, src/Makefile.am, src/userdel.c, src/usermod.c, src/pwck.c, src/useradd.c, src/Attic/mkpasswd.c, src/gpasswd.c, src/grpck.c, src/login.c, src/chage.c, src/chfn.c, src/chsh.c, man/Attic/shadowconfig.8, man/Attic/vipw.8, old/Attic/Makefile.am, old/Attic/pwunconv.8, man/Attic/login.defs.5, man/Attic/pwconv.8, man/Attic/pwunconv.8, man/Makefile.am, libmisc/limits.c, libmisc/rlogin.c, lib/Attic/pwdbm.c, lib/Attic/pwent.c, lib/prototypes.h, lib/shadow.c, doc/Attic/LSM, doc/WISHLIST, etc/limits, lib/Attic/grent.c, Attic/shadow-utils.spec, debian/Attic/changelog, configure.in:
+	*** empty log message ***
+
+1997-12-08  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* src/userdel.c, src/usermod.c, src/Attic/shadowconfig.sh, src/su.c, src/sulogin.c, src/useradd.c, src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c, src/newgrp.c, src/newusers.c, src/Attic/mkpasswd.c, src/logoutd.c, src/grpconv.c, src/grpunconv.c, src/id.c, src/lastlog.c, src/login.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/groups.c, src/grpck.c, src/Attic/dpasswd.c, src/chsh.c, src/expiry.c, src/faillog.c, src/gpasswd.c, src/Makefile.am, src/chage.c, src/chfn.c, src/chpasswd.c, old/Attic/Makefile.am, old/Attic/pwconv.8, old/Attic/vipw.8, man/Attic/limits.5, man/Attic/pwconv.8, man/Attic/shadowconfig.8, man/Attic/vipw.8, man/Makefile.am, libmisc/tz.c, libmisc/ulimit.c, libmisc/utmp.c, libmisc/valid.c, libmisc/xmalloc.c, libmisc/Attic/suauth.c, libmisc/strtoday.c, libmisc/sub.c, libmisc/sulog.c, libmisc/ttytype.c, libmisc/Attic/setup.c, libmisc/salt.c, libmisc/setugid.c, libmisc/setupenv.c, libmisc/shell.c, libmisc/rlogin.c, libmisc/motd.c, libmisc/myname.c, libmisc/obscure.c, libmisc/pam_pass.c, libmisc/pwd2spwd.c, libmisc/pwd_init.c, libmisc/Attic/login_access.c, libmisc/Attic/login_desrpc.c, libmisc/Attic/login_krb.c, libmisc/loginprompt.c, libmisc/mail.c, libmisc/hushed.c, libmisc/isexpired.c, libmisc/limits.c, libmisc/list.c, libmisc/log.c, libmisc/Attic/getdate.c, libmisc/failure.h, libmisc/fields.c, libmisc/getdate.h, libmisc/getdate.y, libmisc/entry.c, libmisc/env.c, libmisc/failure.c, libmisc/chowndir.c, libmisc/chowntty.c, libmisc/console.c, libmisc/copydir.c, libmisc/Attic/chkshell.c, libmisc/age.c, libmisc/basename.c, libmisc/chkname.c, libmisc/chkname.h, lib/Attic/strdup.c, lib/Attic/strerror.c, lib/Attic/strstr.c, lib/utent.c, libmisc/Makefile.am, libmisc/addgrps.c, lib/Attic/spdbm.c, lib/Attic/sppack.c, lib/sgroupio.c, lib/shadow.c, lib/shadowio.c, lib/Attic/rename.c, lib/Attic/rmdir.c, lib/sgetgrent.c, lib/sgetpwent.c, lib/sgetspent.c, lib/Attic/rad64.c, lib/Attic/pwdbm.c, lib/Attic/pwent.c, lib/Attic/pwpack.c, lib/pwauth.c, lib/pwio.c, lib/Attic/mkdir.c, lib/Attic/putgrent.c, lib/Attic/putpwent.c, lib/Attic/putspent.c, lib/port.c, lib/prototypes.h, lib/Attic/gsdbm.c, lib/Attic/gspack.c, lib/Attic/md5.c, lib/Attic/md5crypt.c, lib/gshadow.c, lib/lockpw.c, lib/Attic/grdbm.c, lib/Attic/grent.c, lib/Attic/grpack.c, lib/groupio.c, lib/Attic/getpass.c, lib/Attic/dialup.c, lib/encrypt.c, lib/fputsx.c, lib/getdef.c, lib/Attic/dialchk.c, lib/Attic/dialchk.h, lib/commonio.c, lib/commonio.h, lib/defines.h, doc/Attic/automake-1.0.diff, etc/Attic/login.defs.linux, etc/limits, lib/Makefile.am, doc/Attic/CHANGES, doc/Attic/README.linux, doc/Attic/README.mirrors, doc/WISHLIST, debian/Attic/login.conffiles, debian/Attic/login.postinst, debian/Attic/passwd.postinst, debian/Attic/porttime, debian/Attic/rules, debian/Attic/secure-su.README, debian/Attic/securetty, contrib/pwdauth.c, debian/Attic/changelog, debian/Attic/control, Attic/acconfig.h, Attic/aclocal.m4, Attic/shadow-utils.spec, configure.in, Makefile.am:
+	*** empty log message ***
+
+1997-10-01  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* debian/Attic/changelog, src/chpasswd.c, libmisc/Attic/login_access.c, lib/commonio.h, lib/sgroupio.c, lib/shadowio.c, etc/Attic/login.defs.linux, doc/Attic/CHANGES, doc/Attic/LSM, doc/Attic/README.mirrors, doc/WISHLIST, Attic/shadow-utils.spec:
+	*** empty log message ***
+
+1997-09-30  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* src/useradd.c, src/userdel.c, src/usermod.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/newusers.c, src/passwd.c, src/pwck.c, src/grpck.c, src/grpconv.c, src/grpunconv.c, src/login.c, src/groupmod.c, src/Attic/dpasswd.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/Makefile.am, old/Attic/install-sh, old/Attic/pwconv-old.8, old/Attic/pwunconv-old.8, old/Attic/Makefile.am, man/Attic/pwconv.8, man/Attic/pwunconv.8, libmisc/setugid.c, libmisc/shell.c, libmisc/utmp.c, libmisc/mail.c, libmisc/obscure.c, libmisc/pam_pass.c, libmisc/salt.c, libmisc/Attic/login_access.c, libmisc/isexpired.c, libmisc/env.c, libmisc/fields.c, libmisc/addgrps.c, libmisc/chowndir.c, libmisc/chowntty.c, libmisc/console.c, libmisc/copydir.c, lib/Attic/strerror.c, lib/Attic/snprintf.c, lib/Attic/snprintf.h, lib/sgroupio.c, lib/sgroupio.h, lib/shadowio.c, lib/shadowio.h, lib/Attic/putgrent.c, lib/Attic/pwent.c, lib/pwauth.c, lib/Attic/getpass.c, lib/Attic/grent.c, lib/prototypes.h, lib/commonio.c, lib/commonio.h, lib/defines.h, lib/encrypt.c, lib/getdef.c, lib/Makefile.am, etc/Attic/login.defs.linux, doc/Attic/README.linux, doc/Attic/README.mirrors, doc/WISHLIST, doc/Attic/CHANGES, doc/Attic/LSM, doc/Makefile.am, debian/Attic/rules, debian/Attic/changelog, contrib/adduser.c, configure.in, Attic/acconfig.h:
+	*** empty log message ***
+
+1997-09-29  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* man/Attic/chpasswd.8, man/Attic/pwconv.8, man/Attic/pwunconv.8, man/Attic/su.1, man/Makefile.am:
+	*** empty log message ***
+
+1997-06-16  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* doc/Attic/console.c.spec, doc/Makefile.am, doc/WISHLIST, doc/console.c.spec.txt, doc/Attic/CHANGES, debian/Attic/changelog, src/Attic/shadowconfig.sh, redhat/Attic/Makefile.am, redhat/Attic/README, redhat/Attic/shadow-970502-config.patch, redhat/Attic/shadow-utils.spec, doc/Attic/README.mirrors, doc/Attic/README.shadow-paper, doc/Attic/README.linux, debian/Attic/login.copyright, debian/Attic/passwd.copyright, debian/Attic/secure-su.copyright, Attic/shadow-utils.spec, Makefile.am, configure.in:
+	*** empty log message ***
+
+1997-06-01  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* debian/Attic/changelog, src/userdel.c, src/usermod.c, src/pwck.c, src/pwunconv.c, src/useradd.c, src/grpunconv.c, src/newusers.c, src/passwd.c, src/expiry.c, src/grpconv.c, src/chage.c, src/chfn.c, src/chpasswd.c, src/chsh.c, src/Makefile.am, redhat/Attic/Makefile.am, redhat/Attic/README, redhat/Attic/shadow-970502-config.patch, redhat/Attic/shadow-utils.spec, libmisc/mail.c, libmisc/Attic/login_desrpc.c, lib/pwio.h, lib/shadowio.c, lib/shadowio.h, lib/prototypes.h, lib/pwauth.c, lib/pwio.c, lib/commonio.c, lib/defines.h, doc/Attic/README.linux, doc/WISHLIST, doc/Attic/CHANGES, doc/Attic/INSTALL, Attic/install-sh, Attic/mkinstalldirs, Attic/acconfig.h, Makefile.am, configure.in:
+	*** empty log message ***
+
+1997-05-02  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* src/Attic/shadowconfig.sh, src/Makefile.am, man/Makefile.am, libmisc/mail.c, libmisc/salt.c, lib/sgroupio.c, lib/shadowio.c, lib/groupio.c, lib/pwio.c, etc/Makefile.am, doc/WISHLIST, doc/Attic/CHANGES, debian/Attic/shadowconfig, debian/Attic/Makefile.am, debian/Attic/changelog, debian/Attic/control, debian/Attic/rules, configure.in, Attic/configure, shlib/Attic/Makefile.in, man/Attic/Makefile.in, libmisc/Attic/Makefile.in, lib/Attic/Makefile.in, etc/Attic/Makefile.in, doc/Attic/Makefile.in, contrib/Attic/Makefile.in, Attic/Makefile.in, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/shadow.5, man/Attic/su.1, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/pw_auth.3, man/Attic/pwauth.8, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/pwunconv.8, man/Attic/shadow.3, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/limits.5, man/Attic/login.1, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/dpasswd.8, libmisc/valid.c, libmisc/sulog.c, libmisc/ttytype.c, libmisc/tz.c, libmisc/utmp.c, libmisc/Attic/setup.c, libmisc/setupenv.c, libmisc/shell.c, libmisc/strtoday.c, libmisc/sub.c, libmisc/setugid.c, libmisc/obscure.c, libmisc/pwd2spwd.c, libmisc/rlogin.c, libmisc/Attic/login_access.c, libmisc/loginprompt.c, libmisc/motd.c, libmisc/hushed.c, libmisc/isexpired.c, libmisc/limits.c, libmisc/list.c, libmisc/log.c, libmisc/copydir.c, libmisc/entry.c, libmisc/env.c, libmisc/failure.c, libmisc/fields.c, libmisc/age.c, libmisc/chowndir.c, libmisc/chowntty.c, libmisc/console.c, lib/utent.c, lib/Attic/shadow_.h, lib/Attic/spdbm.c, lib/Attic/sppack.c, lib/Attic/strstr.c, lib/shadow.c, lib/sgetpwent.c, lib/sgetspent.c, lib/Attic/pwpack.c, lib/Attic/rad64.c, lib/Attic/rename.c, lib/Attic/rmdir.c, lib/sgetgrent.c, lib/Attic/pwdbm.c, lib/Attic/pwent.c, lib/pwauth.h, lib/Attic/putgrent.c, lib/Attic/putpwent.c, lib/Attic/putspent.c, lib/port.h, lib/pwauth.c, lib/Attic/lastlog_.h, lib/Attic/mkdir.c, lib/lockpw.c, lib/port.c, lib/Attic/grpack.c, lib/Attic/gsdbm.c, lib/Attic/gspack.c, lib/gshadow.c, lib/gshadow_.h, lib/Attic/getpass.c, lib/Attic/grdbm.c, lib/Attic/grent.c, lib/getdef.c, lib/Attic/dialup.h, lib/encrypt.c, lib/faillog.h, lib/fputsx.c, lib/Attic/dialchk.c, lib/Attic/dialup.c, lib/commonio.c, lib/defines.h, etc/Attic/login.defs.linux, etc/login.defs, doc/Attic/README.linux, doc/Attic/LICENSE, doc/Attic/README, doc/Makefile.am, doc/HOWTO, doc/Attic/ANNOUNCE, debian/Attic/secure-su.README, debian/Attic/secure-su.conffiles, debian/Attic/secure-su.copyright, debian/Attic/secure-su.postrm, debian/Attic/secure-su.preinst, debian/Attic/securetty, debian/Attic/passwd.conffiles, debian/Attic/passwd.copyright, debian/Attic/passwd.postinst, debian/Attic/porttime, debian/Attic/login.conffiles, debian/Attic/login.copyright, debian/Attic/login.postinst, debian/Attic/login.postrm, debian/Attic/login.preinst, debian/Attic/login.prerm, debian/Attic/logoutd, Attic/acconfig.h, Attic/config.h.in, Makefile.am, old/Attic/Makefile.in, old/Attic/scologin.c, old/Attic/orig-config.h, old/Attic/pwconv-old.c, old/Attic/pwd.h.m4, old/Attic/pwunconv-old.c, old/Attic/config.h.sun4, old/Attic/config.h.svr4, old/Attic/config.h.xenix, old/Attic/config.h.linux, old/Attic/Makefile.sun4, old/Attic/Makefile.svr4, old/Attic/Makefile.xenix, old/Attic/Makefile.am, old/Attic/Makefile.linux, src/Attic/Makefile.in, src/pwconv.c, src/userdel.c, src/usermod.c, src/useradd.c, src/su.c, src/sulogin.c, src/Attic/pwconv5.c, src/Attic/scologin.c, src/pwck.c, src/pwunconv.c, src/Attic/patchlevel.h, src/newusers.c, src/passwd.c, src/Attic/mkpasswd.c, src/logoutd.c, src/newgrp.c, src/grpunconv.c, src/id.c, src/lastlog.c, src/login.c, src/grpck.c, src/grpconv.c, src/groupdel.c, src/groupmod.c, src/groups.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/Attic/dpasswd.c, src/chsh.c, src/expiry.c, src/chfn.c, src/chpasswd.c, src/chage.c:
+	*** empty log message ***
+
+1997-02-11  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* src/groupadd.c, src/useradd.c, libmisc/setupenv.c, lib/sgroupio.c, lib/shadowio.c, lib/groupio.c, lib/pwio.c, lib/Makefile.am, lib/commonio.c, doc/Attic/CHANGES, doc/HOWTO, README, configure.in:
+	*** empty log message ***
+
+1997-01-08  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* src/groupadd.c, lib/commonio.c, README, src/useradd.c, src/userdel.c, src/usermod.c, src/Attic/pwconv5.c, src/pwconv.c, src/su.c, src/passwd.c, src/pwck.c, src/grpunconv.c, src/login.c, src/logoutd.c, src/newgrp.c, src/grpck.c, src/grpconv.c, src/faillog.c, src/gpasswd.c, src/groupmod.c, src/chage.c, src/chfn.c, src/chsh.c, src/expiry.c, libmisc/ttytype.c, libmisc/utmp.c, libmisc/Attic/suauth.c, libmisc/strtoday.c, libmisc/shell.c, libmisc/failure.c, libmisc/log.c, libmisc/loginprompt.c, libmisc/myname.c, lib/shadowio.h, libmisc/Makefile.am, libmisc/chkname.c, lib/sgetpwent.c, lib/sgroupio.c, lib/sgroupio.h, lib/shadow.c, lib/shadowio.c, lib/Attic/pwent.c, lib/pwio.c, lib/pwio.h, lib/Attic/putgrent.c, lib/groupio.c, lib/groupio.h, lib/gshadow.c, lib/prototypes.h, lib/defines.h, lib/faillog.h, lib/getdef.c, doc/Attic/README.linux, doc/WISHLIST, etc/Attic/login.defs.linux, lib/Makefile.am, doc/Attic/CHANGES, doc/HOWTO, Attic/acconfig.h, configure.in:
+	*** empty log message ***
+
+1996-10-27  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* src/usermod.c, src/grpck.c, src/useradd.c, src/userdel.c, src/chsh.c, src/gpasswd.c, libmisc/isexpired.c, libmisc/limits.c, lib/sgroupio.c, lib/shadowio.c, lib/commonio.c, lib/groupio.c, lib/pwio.c, doc/Attic/CHANGES, doc/Attic/README.linux, doc/WISHLIST, Attic/configure, configure.in:
+	*** empty log message ***
+
+1996-09-25  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* src/usermod.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/su.c, src/Attic/pwconv5.c, src/newgrp.c, src/passwd.c, src/pwck.c, src/grpck.c, src/login.c, src/logoutd.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/chfn.c, src/chsh.c, src/chage.c, libmisc/strtoday.c, libmisc/env.c, libmisc/fields.c, libmisc/isexpired.c, libmisc/setupenv.c, lib/Attic/rad64.c, lib/getdef.c, lib/prototypes.h, lib/defines.h, etc/Attic/login.defs.linux, doc/Attic/README.linux, doc/WISHLIST, doc/Attic/CHANGES, Attic/configure, configure.in, Attic/config.h.in:
+	*** empty log message ***
+
+1996-09-20  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* src/usermod.c, src/su.c, src/sulogin.c, src/useradd.c, src/userdel.c, src/newusers.c, src/passwd.c, src/pwck.c, src/grpck.c, src/login.c, src/logoutd.c, src/newgrp.c, src/groupdel.c, src/groupmod.c, src/Attic/dpasswd.c, src/chsh.c, src/gpasswd.c, src/groupadd.c, src/Attic/Makefile.in, src/chage.c, src/chfn.c, src/Makefile.am, libmisc/Attic/suauth.c, libmisc/shell.c, libmisc/sub.c, libmisc/ttytype.c, libmisc/env.c, libmisc/setugid.c, libmisc/setupenv.c, libmisc/chowntty.c, lib/prototypes.h, lib/getdef.c, doc/Attic/CHANGES, doc/WISHLIST:
+	*** empty log message ***
+
+1996-09-10  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* src/su.c, src/sulogin.c, src/usermod.c, src/logoutd.c, src/newgrp.c, src/passwd.c, src/pwconv.c, src/Attic/Makefile.in, src/chfn.c, src/chsh.c, src/grpunconv.c, src/login.c, src/Makefile.am, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/pw_auth.3, man/Attic/pwauth.8, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/pwunconv.8, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/login.1, man/Attic/login.access.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/dpasswd.8, man/Attic/faillog.5, libmisc/isexpired.c, libmisc/obscure.c, libmisc/setupenv.c, libmisc/utmp.c, libmisc/age.c, lib/Attic/getpass.c, lib/defines.h, lib/getdef.c, etc/Attic/login.defs.linux, etc/limits, etc/login.access, doc/Attic/CHANGES, doc/Attic/README.linux, doc/WISHLIST, contrib/Attic/Makefile.in, contrib/Makefile.am, Attic/configure, configure.in:
+	*** empty log message ***
+
+1996-08-10  Marek Michałkiewicz  <marekm@pld.org.pl>
+
+	* old/Attic/Makefile.am, old/Attic/Makefile.linux, old/Attic/Makefile.sun4, old/Attic/Makefile.svr4, old/Attic/Makefile.xenix, old/Attic/config.h.linux, old/Attic/config.h.sun4, old/Attic/config.h.svr4, old/Attic/config.h.xenix, old/Attic/install-sh, old/Attic/orig-config.h, old/Attic/pwd.h.m4, shlib/Attic/Makefile.am, shlib/Attic/Makefile.in, shlib/Attic/Makefile.in.saved:
+	New file.
+
+	* contrib/adduser-old.c, contrib/adduser.sh, contrib/adduser2.sh, contrib/atudel:
+	960810 - first version under cvs
+
+	* contrib/Attic/Makefile.in, contrib/Makefile.am, contrib/README, contrib/adduser.c, contrib/pwdauth.c, doc/Attic/ANNOUNCE, doc/Attic/CHANGES, doc/Attic/LICENSE, doc/Attic/Makefile.in, doc/Attic/README, doc/Attic/README.linux, doc/Attic/README.sun4, doc/Attic/automake-1.0.diff, doc/Attic/console.c.spec, doc/HOWTO, doc/Makefile.am, doc/README.limits, doc/WISHLIST, etc/Attic/Makefile.in, etc/Attic/login.defs.linux, etc/Makefile.am, etc/login.access, etc/login.defs, old/Attic/Makefile.in, src/Attic/patchlevel.h, src/Attic/pwconv5.c, src/Attic/scologin.c, src/chage.c, src/chfn.c, src/chsh.c, src/expiry.c, src/gpasswd.c, src/groups.c, src/grpconv.c, src/id.c, src/login.c, src/newgrp.c, src/passwd.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/sulogin.c, lib/Attic/dialup.h, lib/Attic/grdbm.c, lib/Attic/grent.c, lib/Attic/grpack.c, lib/Attic/gsdbm.c, lib/Attic/gspack.c, lib/Attic/lastlog_.h, lib/Attic/md5.c, lib/Attic/md5.h, lib/Attic/md5crypt.c, lib/Attic/mkdir.c, lib/Attic/putgrent.c, lib/Attic/putpwent.c, lib/Attic/putspent.c, lib/Attic/pwdbm.c, lib/Attic/pwent.c, lib/Attic/pwpack.c, lib/Attic/rcsid.h, lib/Attic/rename.c, lib/Attic/rmdir.c, lib/Attic/shadow_.h, lib/Attic/spdbm.c, lib/Attic/sppack.c, lib/Attic/strdup.c, lib/Attic/strstr.c, lib/defines.h, lib/faillog.h, lib/getdef.h, lib/groupio.h, lib/gshadow_.h, lib/port.h, lib/prototypes.h, lib/pwauth.h, lib/pwio.h, lib/sgetgrent.c, lib/sgetpwent.c, lib/sgetspent.c, lib/sgroupio.h, lib/shadow.c, lib/shadowio.c, lib/shadowio.h, lib/utent.c, src/Attic/Makefile.in, src/Attic/dpasswd.c, src/Attic/mkpasswd.c, src/Makefile.am, src/chpasswd.c, src/faillog.c, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/grpck.c, src/lastlog.c, src/logoutd.c, src/newusers.c, src/pwck.c, src/useradd.c, src/userdel.c, src/usermod.c, lib/Attic/Makefile.in, lib/Attic/dialchk.c, lib/Attic/dialup.c, lib/Attic/getpass.c, lib/Attic/rad64.c, lib/Makefile.am, lib/commonio.c, lib/encrypt.c, lib/fputsx.c, lib/getdef.c, lib/groupio.c, lib/gshadow.c, lib/lockpw.c, lib/port.c, lib/pwauth.c, lib/pwio.c, lib/sgroupio.c, libmisc/Attic/login_access.c, libmisc/Attic/login_desrpc.c, libmisc/Attic/login_krb.c, libmisc/Attic/setup.c, libmisc/Attic/suauth.c, libmisc/age.c, libmisc/basename.c, libmisc/chkname.c, libmisc/chowndir.c, libmisc/chowntty.c, libmisc/console.c, libmisc/copydir.c, libmisc/entry.c, libmisc/env.c, libmisc/failure.c, libmisc/fields.c, libmisc/hushed.c, libmisc/isexpired.c, libmisc/limits.c, libmisc/list.c, libmisc/log.c, libmisc/loginprompt.c, libmisc/mail.c, libmisc/motd.c, libmisc/obscure.c, libmisc/pwd2spwd.c, libmisc/rlogin.c, libmisc/salt.c, libmisc/setugid.c, libmisc/setupenv.c, libmisc/shell.c, libmisc/strtoday.c, libmisc/sub.c, libmisc/sulog.c, libmisc/ttytype.c, libmisc/tz.c, libmisc/ulimit.c, libmisc/utmp.c, libmisc/valid.c, libmisc/xmalloc.c, man/Attic/Makefile.in, man/Attic/chage.1, man/Attic/chfn.1, man/Attic/chpasswd.8, man/Attic/chsh.1, man/Attic/dpasswd.8, man/Attic/faillog.5, man/Attic/faillog.8, man/Attic/gpasswd.1, man/Attic/groupadd.8, man/Attic/groupdel.8, man/Attic/groupmod.8, man/Attic/groups.1, man/Attic/grpck.8, man/Attic/id.1, man/Attic/lastlog.8, man/Attic/login.1, man/Attic/login.access.5, man/Attic/login.defs.5, man/Attic/logoutd.8, man/Attic/mkpasswd.8, man/Attic/newgrp.1, man/Attic/newusers.8, man/Attic/passwd.1, man/Attic/passwd.5, man/Attic/porttime.5, man/Attic/pw_auth.3, man/Attic/pwauth.8, man/Attic/pwck.8, man/Attic/pwconv.8, man/Attic/pwunconv.8, man/Attic/shadow.3, man/Attic/shadow.5, man/Attic/su.1, man/Attic/suauth.5, man/Attic/sulogin.8, man/Attic/useradd.8, man/Attic/userdel.8, man/Attic/usermod.8, man/Makefile.am, Attic/Makefile.in, Attic/acconfig.h, Attic/aclocal.m4, Attic/config.h.in, Attic/configure, Attic/install-sh, Attic/mkinstalldirs, Attic/stamp-h.in, Makefile.am, README, configure.in, libmisc/Attic/Makefile.in, libmisc/Makefile.am, libmisc/addgrps.c:
+	New file.
+
diff --git a/Makefile.am b/Makefile.am
new file mode 100644
index 0000000..8851f5d
--- /dev/null
+++ b/Makefile.am
@@ -0,0 +1,6 @@
+## Process this file with automake to produce Makefile.in
+
+EXTRA_DIST = NEWS README TODO shadow.spec.in
+
+SUBDIRS = po man libmisc lib src \
+	contrib doc etc
diff --git a/NEWS b/NEWS
new file mode 100644
index 0000000..21557ed
--- /dev/null
+++ b/NEWS
@@ -0,0 +1,2166 @@
+$Id$
+
+shadow-4.1.5.1 -> shadow-4.2					UNRELEASED
+
+*** general
+  * Handle libc whose crypt() returns NULL when passed a salt that
+    violates specs or system requirements (e.g. FIPS140). This is needed
+    with glibc/eglibc 2.17 for tools checking passwords (passwd (non PAM
+    enabled) or newgrp), and for tools generating encrypted passwords
+    (chgpasswd, chpasswd, or gpasswd when non PAM enabled or when a fixed
+    crypt method is requested on the command line, and newusers, or passwd
+    in their non PAM enabled versions)
+  * Fix segfault when reading groups split on multiple lines. This impacts
+    most user/group management tools when MAX_MEMBERS_PER_GROUP is set.
+
+- su
+  * When su receives a signal (SIGTERM, or SIGINT/SIGQUIT in non
+    interactive mode), kill the child process group, rather than just the 
+    immediate child.
+  * Fix segmentation faults for users without a proper home or shell in
+    their passwd entries.
+
+- login
+  * Fix segmentation faults for users without a proper home or shell in
+    their passwd entries.
+
+*** documentation
+  * Fixed useradd man page (--home-dir option, instead of --home).
+
+*** translation
+  * Updated Russian translation.
+  * Updated German man pages translation.
+  * Fixed gshadow Japanese man page translation.
+
+shadow-4.1.5 -> shadow-4.1.5.1					2012-05-25
+
+- login
+  * Log into utmp(x) when PAM is enabled, but do not log into wtmp.
+    This complete pam_lastlog which logs into wtmp and in into utmp(x).
+- su
+  * non PAM enabled versions: do not fail if su is called without a
+    controlling terminal.
+- userdel
+  * Fix segfault when userdel removes the user's group.
+
+*** documentation
+  * .so links now point to paths relative to the top-level manual hierarchy
+
+*** translation
+  * Updated French man pages translation.
+  * Updated German man pages translation.
+  * Updated Polish man pages translation. (logoutd.8)
+
+shadow-4.1.4.3 -> shadow-4.1.5					2012-02-12
+
+*** security
+  * su -c could be abused by the executed command to invoke commands with
+    the caller privileges. See below. (CVE-2005-4890)
+
+*** general
+  * report usage error to stderr, but report usage help to stdout (and return
+    zero) when explicitly requested (e.g. with --help).
+  * initial support for tcb (http://openwall.com/tcb/) for useradd,
+    userdel, usermod, chage, pwck, vipw.
+  * Added support for ACLs and Extended Attributes in useradd and usermod.
+    Support shall be enabled with the new --with-acl or --with-attr
+    configure options.
+  * Added diagnosis for lock failures.
+  * use libsemanage instead of the semanage tool.
+
+- chage
+  * Add --root option.
+- chfn
+  * Add --root option.
+- chgpasswd
+  * When the gshadow file exists but there are no gshadow entries, an entry
+    is created if the password is changed and group requires a
+    shadow entry.
+  * Add --root option.
+- chpasswd
+  * PAM enabled versions: restore the -e option to allow restoring
+    passwords without knowing those passwords. Restore together the -m
+    and -c options. (These options were removed in shadow-4.1.4 on PAM
+    enabled versions)
+  * When the shadow file exists but there are no shadow entries, an entry
+    is created if the password is changed and passwd requires a
+    shadow entry.
+  * Add --root option.
+- chsh
+  * Add --root option.
+- faillog
+  * The -l, -m, -r, -t options only act on the existing users, unless -a is
+    specified.
+  * Add --root option.
+- gpasswd
+  * Add --root option.
+- groupadd
+  * Add --root option.
+- groupdel
+  * Add --root option.
+- groupmems
+  * Fix parsing of gshadow entries.
+  * Add --root option.
+- groupmod
+  * Fixed groupmod when configured with --enable-account-tools-setuid.
+  * When the gshadow file exists but there are no gshadow entries, an entry
+    is created if the password is changed and group requires a
+    shadow entry.
+  * Add --root option.
+- grpck
+  * Add --root option.
+  * NIS entries were dropped by -s (sort).
+- grpconv
+  * Add --root option.
+- grpunconv
+  * Add --root option.
+- lastlog
+  * Add --root option.
+- login
+  * Fixed limits support (non PAM enabled versions only)
+  * Added support for infinite limits and group based limits (non PAM
+    enabled versions only)
+  * Fixed infinite loop when CONSOLE is configured with a colon-separated
+    list of TTYs.
+  * Fixed warning and support for CONSOLE_GROUPS for users member of more
+    than 16 groups.
+  * Do not log into utmp(x) or wtmp when PAM is enabled. This is done by
+    pam_lastlog.
+- newgrp, sg
+  * Fix parsing of gshadow entries.
+- newusers
+  * Add --root option.
+- passwd
+  * Add --root option.
+- pwpck
+  * NIS entries were dropped by -s (sort).
+  * Add --root option.
+- pwconv
+  * Add --root option.
+- pwunconv
+  * Add --root option.
+- useradd
+  * If the skeleton directory contained hardlinked files, copies of the
+    hardlink were removed from the skeleton directory.
+  * Add --root option.
+- userdel
+  * Check the existence of the user's mail spool before trying to remove
+    it. If it does not exist, a warning is issued, but no failure.
+  * Do not remove a group with the same name as the user (usergroup) if
+    this group isn't the user's primary group.
+  * Add --root option.
+  * Add --selinux-user option.
+- usermod
+  * Accept options in any order (username not necessarily at the end)
+  * When the shadow file exists but there are no shadow entries, an entry
+    is created if the password is changed and passwd requires a
+    shadow entry, or if aging features are used (-e or -f).
+  * Add --root option.
+- su
+  * Document the su exit values.
+  * When su receives a signal, wait for the child to terminate (after
+    sending a SIGTERM), and kill it only if it did not terminate by itself.
+    No delay will be enforced if the child cooperates.
+  * Default ENV_SUPATH is /sbin:/bin:/usr/sbin:/usr/bin
+  * Fixed infinite loop when CONSOLE is configured with a colon-separated
+    list of TTYs.
+  * Fixed warning and support for CONSOLE_GROUPS for users member of more
+    than 16 groups.
+  * Do not forward the controlling terminal to commands executed with -c.
+    This prevents tty hijacking which could lead to execution with the
+    caller's privileges.
+  * Close PAM sessions as root. This will be more friendly to PAM modules
+    like pam_mount or pam_systemd.
+  * Added support for PAM modules which change PAM_USER.
+
+*** translation
+  * Updated Brazilian Portuguese translation.
+  * Updated Catalan translation.
+  * Updated Czech translation.
+  * Updated Danish translation.
+  * New Danish man pages translation.
+  * Updated French translation.
+  * Updated French man pages translation.
+  * Updated German translation.
+  * Updated German man pages translation.
+  * Updated Greek translation.
+  * Updated Italian man pages translation.
+  * Updated Japanese translation.
+  * Updated Kazakh translation.
+  * Updated Norwegian Bokmål translation.
+  * Updated Portuguese translation.
+  * Updated Russian translation.
+  * Updated Simplified Chinese translation.
+  * Updated Simplified Chinese man pages translation.
+  * Updated Swedish translation.
+  * Updated Vietnamese translation.
+
+shadow-4.1.4.2 -> shadow-4.1.4.3						2011-02-15
+
+*** security
+- CVE-2011-0721: An insufficient input sanitation in chfn can be exploited
+  to create users or groups in a NIS environment.
+
+shadow-4.1.4.1 -> shadow-4.1.4.2					2009-07-24
+
+- general
+  * Improved support for large groups (impacts most user/group management
+    tools).
+
+- addition of system users or groups
+  * Speed improvement. This should be noticeable in case of LDAP configured
+    systems. This should impact useradd, groupadd, and newusers
+  * Since system accounts are allocated from SYS_?ID_MIN to SYS_?ID_MAX in
+    reverse order, accounts are packed close to SYS_?ID_MAX if SYS_?ID_MIN
+    is already used but there are still dome gaps.
+
+- login
+  * Add support for shells being a shell script without a shebang.
+- su
+  * Preserve the DISPLAY and XAUTHORITY environment variables. This was
+    only the case in the non PAM enabled versions.
+  * Add support for shells being a shell script without a shebang.
+
+*** translation
+  * The Finnish translation of passwd(1) was outdated and is no more
+    distributed.
+
+shadow-4.1.4 -> shadow-4.1.4.1						2009-05-22
+
+- login
+  * Fix failures with empty usernames on non PAM versions.
+  * Fix CONSOLE (securetty) support on non PAM versions.
+- newgrp
+  * Return the exit status of the child.
+- userdel
+  * On Linux, do not check if an user is logged in with utmp, but check if
+    the user is running some processes.
+  * If not on Linux, continue to search for an utmp record, but make sure
+    the process recorded in the utmp entry is still running.
+  * Report failures to remove the user's mailbox
+  * When USERGROUPS_ENAB is enabled, remove the user's group when the
+    user was the only member.
+  * Do not fail when -r is used and the home directory does not exist.
+- usermod
+  * Check if the user is busy when the user's UID, name or home directory
+    is changed.
+
+shadow-4.1.3.1 -> shadow-4.1.4						2009-05-10
+
+- packaging
+  * Enable --enable-account-tools-setuid by default for PAM builds.
+  * Add configure option --enable-utmpx, disabled by default to mimic
+    the previous behavior on Linux (where utmp and utmpx are identical).
+  * Fix build failure on non-PAM systems when --without-pam is not
+    specified.
+
+- chpasswd
+  * Change the passwords using PAM. This permits to define the password
+    policy in a central place. The -c/--crypt-method, -e/--encrypted,
+    -m/--md5 and -s/--sha-rounds options are no more supported on PAM
+    enabled systems.
+- grpck
+  * Warn if a group has an entry in group and gshadow, and the password
+    field in group is not 'x'.
+- login
+  * Do not trust the current utmp entry's ut_line to set PAM_TTY. This could
+    lead to DOS attacks.
+  * (PAM) Even if the user was already authenticated (-f flag), ask the
+    user to update his authentication token if needed.
+- lastlog
+  * Fix regression causing empty reports.
+- newusers
+  * Change the passwords using PAM. This permits to define the password
+    policy in a central place. The -c/--crypt-method and -s/--sha-rounds
+    options are no more supported on PAM enabled systems.
+- pwck
+  * Warn if an user has an entry in passwd and shadow, and the password
+    field in passwd is not 'x'.
+
+*** translation
+ - Updated Czech translation
+ - Updated French translation
+ - Updated German translation
+ - Updated Japanese translation
+ - Updated Korean translation
+ - Updated Portuguese translation
+ - Updated Russian translation
+
+shadow-4.1.3 -> shadow-4.1.3.1						2009-04-15
+
+*** security:
+- Due to bad parsing of octal permissions, the permissions on tty (login)
+  but also UMASK were set wrongly (and weirdly). Only shadow-4.1.3 was
+  affected.
+
+*** general
+- login
+  * Fix regression when no user is specified on the command line.
+- userdel
+  * Fixed SE Linux support
+- vipw
+  * SE Linux: Set the default context to the context of the file being
+    edited. This ensures that the backup file inherit from the file's
+    context.
+
+*** translation
+ - Updated Norwegian Bokmål translation
+
+shadow-4.1.2.2 -> shadow-4.1.3						2009-04-12
+
+*** general:
+- packaging
+  * Fixed support for OpenPAM.
+  * Fixed support for uclibc.
+  * Added configure --enable-account-tools-setuid (default) /
+    --disable-account-tools-setuid options. This permits to disable the
+    PAM authentication of the caller for chage, chgpasswd, chpasswd,
+    groupadd, groupdel, groupmod, newusers, useradd, userdel, and usermod.
+    This authentication is not necessary when these tools are not
+    installed setuid root.
+  * Added configure --with-group-name-max-length (default) /
+    --without-group-name-max-length options. This permits to configure the maximum length allowed for group names:
+      <no option> -> default of 16 (like today)
+      --with-group-name-max-length -> default of 16
+      --without-group-name-max-length -> no max length
+      --with-group-name-max-length=n > max is set to n
+    No sanity checking is performed on n so people could do
+    something neat like --with-group-name-max-length=MAX_INT
+- addition of users or groups
+  * Speed improvement in case UID_MAX/SYS_UID_MAX/GID_MAX/SYS_GID_MAX is
+    used for an user/group. This should be noticeable in case of LDAP
+    configured systems. This should impact useradd, groupadd, and newusers
+- error handling improvement
+  * Make sure errors and incomplete changes are reported to syslog and
+    audit in case of unexpected failures.
+  * Report system inconsistencies to syslog and audit.
+  * Only report success to syslog and audit if the changes are really
+    performed in the system databases.
+    This is still not complete.
+- /etc/login.defs
+  * New CREATE_HOME variable to tell useradd to create a home directory by
+    default.
+- Translations
+  * New Kazakh translation.
+  * Spanish manpages are no more distributed. They are outdated. Please
+    contact pkg-shadow-devel@lists.alioth.debian.org if you wish to
+    provide updates.
+
+- faillog
+  * Accept users specified as a numerical UID, or ranges of users (-user,
+    user-, user1-user2).
+  * -l, -m, and -r now apply not only to existing users, but to all the
+    specified UIDs.
+  * Options can be specified in any order.
+- gpasswd
+  * Added support for long options --add (-a), --delete (-d),
+    --remove-password (-r), --restrict (-R), --administrators (-A), and
+    --members (-M).
+  * Added support for usernames with arbitrary length.
+  * audit logging improvements.
+  * error handling improvement (see above).
+  * Log permission denied to syslog and audit.
+- groupadd
+  * audit logging improvements.
+  * error handling improvement (see above).
+  * Speedup (see "addition of users or groups" above).
+  * do not create groups with GID set to (gid_t)-1.
+  * Allocate system group GIDs in reverse order. This could be useful
+    later to increase the static IDs range.
+- groupdel
+  * audit logging improvements.
+  * error handling improvement (see above).
+- groupmems
+  * Check if user exist before they are added to groups.
+  * Avoid segfault in case the specified group does not exist in /etc/group.
+  * Everybody is allowed to list the users of a group.
+  * /etc/group is open readonly when one just wants to list the users of a
+    group.
+  * Added syslog support.
+  * Use the groupmems PAM service name instead of groupmod.
+  * Fix segmentation faults when adding or removing users from a group.
+  * Added support for shadow groups.
+  * Added support long options --add (-a), --delete (-d), --purge (-p),
+    --list (-l), --group (-g).
+- groupmod
+  * audit logging improvements.
+  * error handling improvement (see above).
+  * do not create groups with GID set to (gid_t)-1.
+- grpck
+  * warn for groups with GID set to (gid_t)-1.
+- login
+  * Restore the echoctl, echoke, onclr flags to the terminal termio flags.
+    Reset echoprt, noflsh, tostop. This behavior seems to have change by
+    mistake in earlier releases (4.0.8, for no obvious reason).
+- newusers
+  * Implement the -r, --system option.
+  * Speedup (see "addition of users or groups" above).
+  * do not create users with UID set to (gid_t)-1.
+  * do not create groups with GID set to (gid_t)-1.
+  * Allocate system account UIDs/GIDs in reverse order. This could be useful
+    later to increase the static IDs range.
+- passwd
+  * For compatibility with other passwd version, the --lock an --unlock
+    options do not lock or unlock the user account anymore.  They only
+    lock or unlock the user's password.
+- pwck
+  * warn for users with UID set to (uid_t)-1.
+- su
+  * Preserve COLORTERM in addition to TERM when su is called with the -l
+    option.
+- useradd
+  * audit logging improvements.
+  * Speedup (see "addition of users or groups" above).
+  * See CREATE_HOME above.
+  * New -M/--no-create-home option to disable CREATE_HOME.
+  * do not create users with UID set to (gid_t)-1.
+  * Added -Z option to map SELinux user for user's login.
+  * Allocate system user UIDs in reverse order. This could be useful
+    later to increase the static IDs range.
+- userdel
+  * audit logging improvements.
+  * Do not fail if the removed user is not in the shadow database.
+  * When the user's group shall be removed, do not fail if this group is
+    not in the gshadow file.
+  * Delete the SELinux user mapping for user's login.
+- usermod
+  * Allow adding LDAP users (or any user not present in the local passwd
+    file) to local groups
+  * do not create users with UID set to (gid_t)-1.
+  * Added -Z option to map SELinux user for user's login.
+
+shadow-4.1.2.1 -> shadow-4.1.2.2					23-11-2008
+
+*** security
+- Fix a race condition in login that could lead to gaining ownership or
+  changing mode of arbitrary files.
+- Fix a possible login DOS, which could be caused by injecting forged
+  entries in utmp.
+
+shadow-4.1.2 -> shadow-4.1.2.1						26-06-2008
+
+*** security
+- Fix an "audit log injection" vulnerability in login.
+  This vulnerability makes it easier for attackers to hide activities by
+  modifying portions of log events, e.g. by appending an addr= statement
+  to the login name.
+
+shadow-4.1.1 -> shadow-4.1.2						25-05-2008
+
+*** security:
+- generation of SHA encrypted passwords (chpasswd, gpasswd, newusers,
+  chgpasswd; and also passwd if configured without PAM support).
+  The number of rounds and number of salt bytes was fixed to their lower
+  allowed values (resp. configurable and 8), hence voiding some of the
+  advantages of this encryption method. Dictionary attacks with
+  precomputed tables were easier than expected, but still harder than with
+  the MD5 (or DES) methods.
+
+*** general:
+- packaging
+  * Distribute the chfn, chsh, and userdel PAM configuration file.
+  * Fix the detection of the audit, pam, and selinux library and header
+    file; and fail if the feature is requested but not present on the
+    system.
+  * Fix build failure when configured with audit support.
+- chfn
+  * Allow non-US-ASCII characters in the GECOS fields ("name", "room
+    number", and "other info" fields).
+- login
+  * Do not fail if a shell option, specified after --, has more than 2
+    letters.
+- su
+  * If the SULOG_FILE does not exist when an su session is logged, make
+    sure the file is created with group root, instead of using the group
+    of the caller.
+- vipw
+  * Resume properly after ^Z.
+
+*** documentation:
+- Document the -r, --system option in the useradd, groupadd, and newusers
+  manpages.
+- Document the -c, --crypt-method and -s, --sha-rounds options in the
+  newusers manpage.
+- Document the -k, --skel option in the useradd manpage.
+- Tag the section which require --enable-shadowgrp or --with-sha-crypt
+  accordingly.
+
+shadow-4.1.0 -> shadow-4.1.1						02-04-2008
+
+*** general:
+- security
+  * Do not seed the random number generator each time, and use the time in
+    microseconds to avoid having the same salt for different passwords
+    generated in the same second.
+- packaging
+  * Do not install the shadow library per default.
+- general
+  * Do not translate the messages sent to syslog. This avoids logging
+    PAM error messages in the users's locale.
+- etc/login.defs
+  * Set GID_MIN to the same value as UID_MIN by default (1000).
+  * Added variables SYS_UID_MIN (100), SYS_UID_MAX (999), SYS_GID_MIN (100),
+    SYS_GID_MAX (999) for system accounts.
+- etc/useradd
+  * /etc/default/useradd now defines HOME as /home to match FHS.
+- chage
+  * Fix bug which forbid to set the aging information of an account with a
+    passwd entry, but no shadow entry.
+- faillog
+  * faillog -r now only reset the entries of existing users. This makes
+    faillog faster.
+- gpasswd
+  * Fix failures when the gshadow file is not present.
+  * When a password is moved to the gshadow file, use "x" instead of "!"
+    to indicate that the password is shadowed (consistency with grpconv).
+  * Make sure the group and gshadow files are unlocked on exit.
+- groupadd
+  * New option -p/--password to specify an encrypted password.
+  * New option -r, --system for system accounts.
+- groupdel
+  * Do not fail if the group does not exist in the gshadow file.
+  * Do not rewrite the group or gshadow file in case of error.
+  * Make sure the group and gshadow files are unlocked on exit.
+  * Fail if the system is not configured to support split groups and
+    different group entries have the name of the group to be deleted.
+- groupmems
+  * Fix buffer overflow when adding an user to a group. Thanks to Peter Vrabec.
+- groupmod
+  * New option -p/--password to specify an encrypted password.
+  * Make sure the group and gshadow files are unlocked on exit.
+  * When the GID of a group is changed, update also the GID of the passwd
+    entries of the users whose primary group is the group being modified.
+- grpck
+  * Fix logging of changes to syslog when a group file is provided,
+    without a gshadow file.
+- lastlog
+  * Accept users specified as a numerical UID, or ranges of users (-user,
+    user-, user1-user2).
+- login
+  * Use PATH and SUPATH to set the PATH environment variable, even when
+    support for PAM is enabled.
+  * If started as init, start a new session.
+- newgrp
+  * Fix segfault when an user returns to an unknown GID (either the user
+    was deleted during the user's newgrp session or the user's passwd
+    entry referenced an invalid group). Add a syslog warning in that case.
+  * Use the correct AUDIT_CHGRP_ID event instead of AUDIT_USER_START, when
+    changing the user space group ID with newgrp or sg.
+- newusers
+  * The new users are no more added to the list of members of their groups
+    because the membership is already set by their primary group.
+  * Added support for gshadow.
+  * Avoid using the same salt for different passwords.
+  * Fix support for the NONE crypt method.
+  * newusers will behave more like useradd regarding the choice of UID or
+    GID or regarding the validity of user and group names.
+  * New option -r, --system for system accounts.
+  * Make sure the passwd, group, shadow, and gshadow files are unlocked on
+    exit.
+- passwd
+  * Make sure that no more than one username argument was provided.
+  * Make SE Linux tests more strict, when the real UID is 0 SE Linux
+    checks will be performed.
+- pwck
+  * Fix logging of changes to syslog when a passwd file is provided,
+    without a shadow file.
+- su
+  * su's arguments are now reordered. If needed, use -- to separate su's
+    options from the shell's options.
+- sulogin
+  * If started as init, start a new session.
+- useradd
+  * New option -l to avoid adding the user to the lastlog and faillog databases.
+  * Fix the handling of the --defaults option (it required an argument,
+    but should behave as -D)
+  * Document the --defaults option, which was already described in the
+    useradd's Usage information.
+  * New option -r, --system for system accounts.
+  * New options -U, --user-group and -N, --no-user-group. These options
+    should replace nflg from the previous versions. Please set any -n
+    option to deprecated because its meaning differs from one distribution
+    to the other.
+  * Make sure the passwd, group, shadow, and gshadow files are unlocked on
+    exit.
+- usermod
+  * Keep the access and modification time of files when moving an user's home
+    directory.
+  * Check that the new fields set with -u, -s, -l, -g, -f, -e, -d, and -c
+    differ from the old ones. If a requested new value is equal to the old
+    one, no changes will be performed for that field. If no fields are
+    changed, usermod will exist successfully with a warning. This avoids
+    logging changes to syslog when there are actually no changes.
+  * Fix the handling of -a when a user is being renamed (with -l)
+- vipw/vigr
+  * Recommend editing the shadowed (resp. regular) file if the regular (resp.
+    shadowed) file was edited.
+
+shadow-4.0.18.2 -> shadow-4.1.0						09-12-2007
+
+*** security:
+- chgpasswd
+  When compiled with PAM support, it used the chpasswd policy file instead
+  of the chgpasswd policy file. If an administrator added some restriction
+  to the chgpasswd policy file, they were not taken into account.
+
+*** general:
+- Add support for SHA256 and SHA512 encrypt methods (supported by new
+  libc).
+- useradd: Allow non numerical group identifier to be specified with
+  useradd's -g option.
+- chgpasswd, chpasswd: Fix chpasswd and chgpasswd stack overflow.
+- newgrp: Do not give an indication that the group has no password. Ask
+  for the password, as if there were a password.
+- The permissions of the suid binaries is now configurable in
+  src/Makefile.am. Note that changing the permissions is not recommended.
+- newgrp.c: Declare the child and pid variable at the beginning of a block.
+  This fixes a compilation issue with gcc 2.95.
+- login_nopam: Add support for systems with no innetgr().  On those
+  systems, username with an @ will be treated like any other username
+  (i.e. lookup in the local database for an user with an @). Thanks to
+  Mike Frysinger for the patch.
+- Add support for uClibc with no l64a().
+- userdel, usermod: Fix infinite loop caused by erroneous group file
+  containing two entries with the same name. (The fix strategy differs
+  from 
+  (https://bugzilla.redhat.com/show_bug.cgi?id=240915)
+- userdel: Abort if an error is detected while updating the passwd or group
+  databases. The passwd or group files will not be written.
+- usermod: Update the group database before flushing the nscd caches.
+- usermod: Make sure the group modifications will be allowed before
+  writing the passwd files.
+- Flush the nscd tables using nscd -i instead of the private glibc socket.
+- usermod: Make usermod options independent of the argument order.
+- newgrp: Do not request a password when a user uses newgrp to switch to
+  her primary group.
+- passwd: -l/-u options: edit the shadow account expiry field *in
+  addition* to editing the password field.
+- pwck: Remove the SHADOWPWD preprocessor check. Some check for /etc/shadow
+  were always missing.
+- su: Avoid terminating the PAM library in the forked child. This is done
+  later in the parent after closing the PAM session.
+- userdel: Fix the homedir prefix checking.
+- passwd, usermod: Refuse to unlock an account when it would result in a
+  passwordless account.
+- Full review of the usage of getpwnam(), getpwuid(), getgrnam(),
+  getgrgid(), and getspnam(). There should be no functional changes.
+- gpasswd: Only read information from the local file group database. It
+  writes the changes in /etc/group and/or /etc/gshadow, but used to read
+  information from getgrnam (hence possibly from another group database).
+- New login.defs variable: MAX_MEMBERS_PER_GROUP. It should provide a
+  better support for split groups. Be careful when using this variable:
+  not all tools support well split groups (in or out of the shadow
+  tool suite). It fixes gpasswd and chgpasswd when split groups are used.
+- Use MD5_CRYPT_ENAB, ENCRYPT_METHOD, SHA_CRYPT_MIN_ROUNDS, and
+  SHA_CRYPT_MAX_ROUNDS to define the default encryption algorithm for the
+  passwords.
+- chpaswd, chgpasswd, newusers: New options -c/--crypt-method and
+  -s/--sha-rounds to supersede the system default encryption algorithm.
+- chpaswd, chgpasswd, newusers: DES is no more the default algorithm. They
+  will respect the system default configured in /etc/login.defs
+
+*** documentation:
+- Generate the translated manpages from PO at build time.
+- The generated manpages will change depending on the configure options.
+  If you use different options than the one used for the distributed
+  archive, you should re-generate the manpages.
+- login.defs should now describe all the variables.
+- The tools' documentation details the login.defs variables they use.
+
+shadow-4.0.18.1 -> shadow-4.0.18.2					28-10-2007
+
+*** general:
+- usermod: fixed handle -a option (by Benno Schulenberg
+  <bensberg@justemail.net>),
+- useradd: improved auditing support
+  (https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=211659),
+- groupadd, groupdel, groupmod, useradd, userdel, usermod: flush nscd cashes
+  after close /etc/{group,passwd} files,
+- su: If compiled without PAM support, enforce the limits from /etc/limits
+  when one of the -, -l, or --login options is set, even if called by root.
+- limits: Support for 2 new resource limits: max nice value, and max real
+  time priority. The resource limits are not used when compiled with PAM.
+*** documentation:
+- updated translations: fi, ja, nl, tl, zh_CN.
+- groupadd.8, groupmod.8, login.1, useradd.8, userdel.8, usermod.8: grammar
+  mistakes and other corrections (by Schulenberg <bensberg@justemail.net>),
+
+shadow-4.0.18 -> shadow-4.0.18.1					03-08-2006
+
+*** general:
+- groupmems: fixed compilation when PAM is disabled
+  (by Johannes Winkelmann <jw@smts.ch>),
+- fixed missing man pages in dist tar ball necessary on build when
+  PAM is disabled.
+
+shadow-4.0.17 -> shadow-4.0.18						01-08-2006
+
+*** general:
+- su: fixed set enviroment too early when using PAM, so move it to !USE_PAM
+  (patch submitted by Mike Frysinger <vapier@gentoo.org>),
+- groupadd, groupmod, useradd, usermod: fixed UID/GID overflow (fixed
+  http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198920)
+- passwd, useradd, usermod: fixed inactive/mindays/warndays/maxdays overflow
+  (simillar to RH#198920),
+- groupmems: rewrited for use PAM and getopt_long() and now it is enabled
+  for build and install (patch by George Kraft <gk4@swbell.net>),
+- S/Key: removed assign getpass() to libshadow_getpass() on autoconf level
+  (patch by Ulrich Mueller <ulm@kph.uni-mainz.de>; http://bugs.gentoo.org/139966),
+- usermod: back to previous -a option semantics and clarify -a behavior
+  on documentation level (by Greg Schafer <gschafer@zip.com.au>),
+- chsh, groupmod: rewrited for use getopt_long().
+- updated translations: ca, cs, da, eu, fr, gl, hu, ko, pl, pt, ru, sv, tr, uk, vi.
+*** documentation:
+- fr and ru man pages are up to date,
+- partially translated sv man pages set added
+  (by Daniel Nylander <info@danielnylander.se>),
+- pl chage(1), chsh(1), groupmod(8): translation finished.
+
+shadow-4.0.16 -> shadow-4.0.17						10-07-2006
+
+*** general:
+- userdel, usermod: fixed segfault on remove home directory when it can't
+  be removed; for example when it is /dev/null (fixed http://bugs.gentoo.org/139148),
+- improved SELinux detection on autoconf level (based on patch by
+  Dan Yefimov <dan@D00M.lightwave.net.ru>),
+- removed using private implementation getpass() libc function
+  (now getpass() is used also when S/KEY support is enabled),
+- move nologin do $(sbindir),
+- useradd: fixed mail spool file creation (bug cached by Frans Pop
+  <elendil@planet.nl>;
+  fixed http://bugs.debian.org/374705),
+- updated translations: cs, da, de, ko, nb, nl, pt, ro, ru, sk, sv, vi,
+- new translations: dz, km, ne.
+*** documentation:
+- ru man pages up to date,
+- lastlog(8): updated pl translation,
+- faillog(5): added missing information about fail_locktime element of
+  faillog struct (by Thorsten Kukuk <kukuk@suse.de>),
+- updated translations: eu, fr, pl.
+- reverted using docbook.sourceforge.net in XSL url.
+
+shadow-4.0.15 -> shadow-4.0.16						05-06-2006
+
+*** general:
+- userdel: better fix for old CERT VU#312962 (which was fixed in shadow 4.0.8):
+  fixed forgoten checking of the return value from fchown() before
+  proceeding with the fchmod() (based on Owl patch prepared by
+  Rafal Wojtczuk <nergal@owl.openwall.com>),
+- userdel: use login.defs::MAIL_DIR instead hardcoded /var/mail in created
+  mailbox path (based on Owl fixes submited
+  by Solar Designer <solar@openwall.com>),
+- by default do not use libshadow_getpass() as getpass() replacemement.
+  Use libshadow_getpass() only when S/KEY support is enabled.
+  Current glibc getpass() handles correctly longer than 8 characters
+  passwords and libshadow_getpass() is used only because libc getpass()
+  do not handles password prompting with echo enabled,
+- move login.defs::MD5_CRYPT_ENAB to non-PAM part,
+- userdel: rewrited for use getopt_log(),
+- install default/template configuration files:
+-- if shadow is configured with use PAM install /etc/pam.d/* files,
+-- if shadow do not uses PAM install /etc/{limits,login.acces} files,
+-- install /etc/login.defs and /etc/default/useradd files,
+- fixed handle relative symlinks too in lib/commonio.c
+  (merge patch from Fedora),
+- properly notify nscd to flush its cache
+  (https://bugzilla.redhat.com/bugzilla/186803),
+- useradd, usermod: fixes for verify return values mkdir() and chown()
+  on copy files (merge 482_libmisc_copydir_check_return_values Debian
+  patch),
+- login, su (non-PAM variant): export MAIL only when MAIL_CHECK_ENAB
+  is enabled (Mike Frysinger <vapier@gentoo.org>),
+- pgck, grpck: warn when the members of a group differ in /etc/groups
+  and /etc/gshadow (fixed http://bugs.debian.org/75181),
+- su: fixed exit with a status 0 when the invoked command is terminated
+  by a signal which was not catched
+  (fixed by Eero Häkkinen <eero17@bigfoot.com>),
+- login: cancel login timeout after authentication so that patient people
+  timing out on network directory services can log in with local
+  accounts (http://bugs.debian.org/107148),
+- chgpasswd: fixes for build correctly with --disable-shadowgrp
+  (patch by Johannes Winkelmann <jw@tks6.net>).
+- updated translations: cs, da, es, eu, fi, fr, gl, hu, id, pt, ru, sk, sv, vi.
+- new translations: hu.
+*** documentation:
+- new cs man pages: groupmems(8), groupmod(8), grpck(8), gshadow(5)
+  (by Miroslav Kure <kurem@upcase.inf.upol.cz>),
+- regenerate roff man pages using docbook-style-xsl-1.70.1,
+- bunch of cleanups in chfn(1), faillog(8), gpasswd(1), groupadd(8),
+  groupmems(8), limits(5), login(1), login.defs(5), newgrp(1), passwd(1),
+  passwd(5) and su(1) (by Yuri Kozlov <kozlov.y@gmail.com>),
+- update pl vipw(8) man page,
+- added chgpasswd(8) ru man page,
+- updated ru login.defs(5), passwd(1), userdel(8), usermod(8) man pages,
+- pw_auth(3) man page removed (outdated),
+- install limits(5), login.access(5) and porttime(5) man pages only when
+  shadow is builded with PAM support disabled,
+- passwd(1): better document how password strength is checked
+  (fixed http://bugs.debian.org/115380),
+- usermod(8): added missing -a option description
+  (by Christian Perrier <bubulle@debian.org>),
+- hu chsh(1), lugin(1), newgrp(1): fixed typos
+  (by Koblinger Egmont <egmont@uhulinux.hu>),
+- login.defs(5): remove information about CREATE_HOME (patch by
+  Mike Frysinger <vapier@gentoo.org>),
+- chgpasswd(8): new man page.
+
+shadow-4.0.14 -> shadow-4.0.15						13-03-2006
+
+*** general:
+- do not install translated man pages if shadow is configured with
+  --disable-nls
+  (based patch submited by Mike Frysinger <vapier@gentoo.org>),
+- added fixes for detect BSD's S/Key with updated the skeychallenge()
+  function for take a fourth argument in case BSD version (patch submited by
+  Mike Frysinger <vapier@gentoo.org>),
+- login: default UMASK if not specified in login.defs is 022 (pointed by
+  Peter Vrabec <pvrabec@redhat.com>),
+- chgpasswd: new tool (by Jonas Meurer <mejo@debian.org>),
+- lastlog: print the usage and exit if an additional argument is profided to
+  lastlog (merge 488_laslog_verify_arguments Debian patch),
+- login, newgrp, nologin, su: do not link with libselinux (merge
+  490_link_selinux_only_when_needed Debian patch),
+- chage, chfn, chsh, passwd: fixed confusing error message if /proc is not
+  mounted (http://bugs.debian.org/352494 patch Nicolas François
+  <nicolas.francois@centraliens.net>),
+- login (merge 433_login_more_LOG_UNKFAIL_ENAB Debian patch):
+  - TOO MANY LOGIN... logged if PAM_MAXTRIES or failcount >= retries (was
+    onl test PAM_MAXTRIES),
+  - print to stderr (in addition to syslog) in case of maximum number of
+    tries exceeded,
+  - always prints the number of tries in the syslog entry.
+  - add special handling for PAM_ABORT
+  - add an entry to failog, as when USE_PAM is not defined. (#53164)
+  - changed pam_end to PAM_END. This is certainly was a mistake.  PAM_END is
+    pam_close_seesion + pam_end. Here, the session is still not open, we
+    don't have to close it.
+  - a HAVE_PAM_FAIL_DELAY is missing,
+- su: fixed pam session support (patch from Topi Miettinen; fixed #57526,
+  #55873, 57532 Debian bugs),
+- userdel: user's group is already removed by update_groups().
+  remove_group() is not needed (bug introduced in 4.0.14 on merge FC fixes).
+  Fixed by Nicolas François <nicolas.francois@centraliens.net>,
+- useradd: allways remove group and gshadow databases lock, Fixed by Nicolas
+  François <nicolas.francois@centraliens.net>
+  (http://bugs.debian.org/348250)
+- auditing fixes:
+  - corrected prototypes in lib/prototypes.h (thre is no audit_help_log();
+    added audit_logger() prototype),
+  - useradd: fixed excess audit_logger() argument,
+- chage: added missing \n on display password status if password must be
+  chaged,
+- useradd: fixed allow non-unique UID (http://bugs.debian.org/351281),
+- variouse code cleanups for make possible compilation of shadow with -Wall
+  -Werror (by Alexander Gattin <xrgtn@yandex.ru>),
+- su: move exit() outside libmisc/shell.c::shell() for handle shell() errors
+  on higher level (now is better visable where some programs exit with 126
+  and 127 exit codes); added new shell() parameter (char *const envp[])
+  which allow fix preserving enviloment in su on using -p, (patch by
+  Alexander Gattin <xrgtn@yandex.ru>),
+- su: added handle -c,--command option for GNU su compliance (merge
+  437_su_-c_option Debian patch),
+- login: added translate login prompt string (suggested by Evgeniy
+  Dushistov),
+- updated translations: ca, cs, da, el, es, eu, gl, fi, fr, it, nb, nl, pt,
+  pt_BR, ro, ru, sk, sv, tl, vi, zh_CN,
+- new translations: gl.
+*** documentation:
+- ru man pages: added new nologin(8) and updated all other man pages (by
+  Yuri Kozlov <kozlov.y@gmail.com>),
+- chsh(1), su(1): update fi translations generated from XML files
+  (Tommi Vainikainen <thv+debian@iki.fi>),
+- expiry(1), faillog(5), faillog(8), gpasswd(1), groupadd(8), groupdel(8),
+  logoutd(8), nologin(8), vipw(8): added new cs man pages, (by Miroslav Kure
+  <kurem@upcase.inf.upol.cz>)
+- login.defs(5): default UMASK if not specified in login.defs is 022
+  (pointed by Peter Vrabec <pvrabec@redhat.com>),
+- useradd(8): better document that -d will not add the user's home directory
+  if it does not already exist (http://bugs.debian.org/154996),
+- nologin(8) man pages added (merge 478_nologin.8.xml Debian patch).
+
+shadow-4.0.13 -> shadow-4.0.14						03-01-2006
+
+*** general:
+- fixes in handling login.defs: $MAIL_FILE is used in userdel and usermod,
+  $MD5_CRYPT_ENAB is used by crypt_make_salt, which is used by chpasswd,
+  gpasswd and newusers.
+  Both variables moved to PAM not dependent (447_missing_login.defs_variables
+  Debian patch),
+- chage: fix chage display when the last change field is set to 0.
+  This is consistent with PAM (merge 427_chage_expiry_0 Debian patch),
+- su: if an password is expired, su should propose to change this password
+  (fixed http://bugs.debian.org/321384),
+- login: added auditing support (based on Fedora patch for login from util-linux),
+- useradd: merge PUG fixes from RedHat patch,
+- nologin: new program,
+- vipw: added a "quiet" mode (http://bugs.debian.org/190252),
+- newgrp: added auditing support (by Steve Grubb <sgrubb@redhat.com>),
+- switch over to a new logging function (by Steve Grubb <sgrubb@redhat.com>),
+- userdel: fix incorrect audit record in userdel
+  (https://bugzilla.redhat.com/bugzilla/174392),
+- userdel: remove the user's group unless it is not really a user-private group
+  for better PUG support (based on FC patch),
+- userdel: make the -f option force the removal of the user's group (even if it
+  is the primary group of another user)
+  (merge 453_userdel_-f_removes_group Debian patch),
+- usermod: rewrited for use getopt_long() (Christian Perrier <bubulle@kheops.frmug.org>),
+- grpck: fixed segmentation fault on using -s when /etc/gshadow is empty (fix by
+  Tomasz Lemiech <szpajder@staszic.waw.pl>),
+- passwd: remove handle -f, -g and -s options.
+- added handle -s/--shell, -m/-p/preserve-environment options like GNU su
+  (based on patches from Debian submited by
+  Nicolas François <nicolas.francois@centraliens.net>)
+- su: export $USER and $SHELL as well as $HOME (http://bugs.debian.org/11003 and
+  http://bugs.debian.org/11189),
+- su, vipw: rewrited for use getopt_long(),
+- su: log successful/failed through syslog (http://bugs.debian.org/190215),
+- updated translations: ca, cs, da, eu, fi, fr, it, pl, pt, ru, sv, tl, vi,
+- new translations: gl.
+*** documentation:
+- added es, ko vigr(8) and vipw(8), hu lastlog(8), ko vipw(8), zh_CN su(1),
+  zh_TW chpasswd(8) and su(1),
+- added tr man pages: chage(1), chfn(1), groupadd(8), groupdel(8), groupmod(8),
+  login(1), passwd(1), passwd(5), shadow(5), su(1) useradd(8), userdel(8),
+  usermod(8),
+- passwd5): added es, hu, pt_BR, zh_CN zh_TW translations,
+- added full set (up to date) fr man pages
+  (by Nicolas François <nicolas.francois@centraliens.net>),
+- pwck(1): document -q option,
+- WARNING: all translated man pages are now in UFT-8,
+- added full set of ru man pages (by Yuri Kozlov <kozlov.y@gmail.com>),
+- login(1): better explain the respective roles of login, init and getty with regards
+  to the utmp file (merge 440_manpages-login.1 Debian patch),
+- login(1): document how to initiate a trusted path on linux
+  (http://bugs.debian.org/305600),
+- userdel(8): document the -f option; document the group removal behavior (merge
+  455_userdel.8.xml Debian patch),
+- groupadd(8), useradd(8): document that useradd/groupadd refuse adding entries already in an
+  external database (http://bugs.debian.org/282184),
+- updated it groupdel(8), passwd(1), pwconv(8), useradd(8), userdel(8), usermod(8) man pages
+  (merge 205_it-manpages Debian patch),
+- added fi chfn(1), chsh(1), passwd(1), su(1),
+- newusers(8): added it translation,
+- newgrp(1): added de, es, zh_CN, zh_TW translations.
+
+shadow-4.0.12 -> shadow-4.0.13						10-10-2005
+
+*** general:
+- chage: removed duplicated pam_start(),
+- chfn, chsh: finished PAM support usin pam_start() and co.,
+- userdel: userdel should not remove the group which is primary for someone else
+  (fix by Nicolas François <nicolas.francois@centraliens.net>
+  http://bugs.debian.org/295416),
+- login: use "%c" in strftime() output (based on patch from
+  http://bugs.debian.org/89902 by Christian Perrier <bubulle@debian.org>),
+- fixedlib/commonio.c: don't assume selinux is enabled if is_selinux_enabled()
+  returns -1 (merge isSelinuxEnabled FC patch by Jeremy Katz <katzj@redhat.com>),
+- login, su (non-PAM case): fixed setup max address space limits (added missing break
+  statement in case) spoted by Lasse Collin <lasse.collin@tukaani.org>,
+- auditing support added. Patch prepared by Peter Vrabec <pvrabec@redhat.com> basing
+  on work by Steve Grubb from http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159215
+  Now auditing support have commands: chage, gpasswd, groupadd, groupdel, groupmod,
+  useradd, userdel, usermod.
+- chage, chfn, chsh, passwd: change to use new selinux API for
+  selinux_check_passwd_access() (patch from Fedora by Dan Walsh <dwalsh@redhat.com>),
+- use #ident preprocesor directive istead RCID macro with content similar
+  to example described in ident(1) man page (modern compilers like latest GCC
+  removes not used functions by global optimization).
+  So "ident /usr/bin/passwd" will show again some useable informations
+- su: fixed twice copy enviroment which causes auth problems
+  (bug was introduced in 4.0.12; fix by Nicolas François <nicolas.francois@centraliens.net>),
+- chage: differentiate the different failure causes by the exit value
+  This will permit to adduser Debian script to detect if chage failed because the
+  system doesn't have shadowed passwords (fix for http://bugs.debian.org/317012),
+- merge 010_more-i18ned-messages Debian patch which adds i18n support for few
+  more messages (orginaly patch was prepared by Guillem Jover <guillem@debian.org>),
+- lastlog: added handle -b option which allow print only lastlog records older than
+  specified DAYS (fix by <miles@lubin.us>),
+- chpasswd, gpasswd, newusers: fixed libmisc/salt.c for use login.defs::MD5_CRYPT_ENAB
+  only if PAM support is disabled (fix by John Gatewood Ham <zappaman@buraphalinux.org>),
+- passwd: rewrited for use getopt_long(),
+- newgrp: when newgrp process sits between parent and child shells, it should
+  propagate STOPs from child to parent and CONTs from parent to child,
+  otherwise e.g. bash's "suspend" command won't work
+  Fixed Debian http://bugs.debian.org/314727
+- updated translations: da, es, fr, pt, ro, ru.
+*** documentation:
+- chsh(1), groupadd(8), newusers(8), pwconv(8), useradd(8), userdel(8), usermod(8):
+  added missing references to /etc/login.defs and login.defs(5)
+  (Christian Perrier <bubulle@kheops.frmug.org>),
+- passwd(5): rewrited based on work by Greg Wooledge <greg@wooledge.org>
+  http://bugs.debian.org/328113
+- login(1): added securetty(5) to SEE ALSO section
+  (fixed Debian bug http://bugs.debian.org/325773),
+- groupadd(8), useradd(8): fix regular expression describing alloved login/group
+  names (pointed by Nicolas François <nicolas.francois@centraliens.net>)
+  (correct is [a-z_][a-z0-9_-]*[$]),
+- groupadd(8), useradd(8): documents in CAVEATS section the limitations shadow
+  places on user and group names (fix by Mike Frysinger <vapier@gentoo.org>).
+- chage(1), groupadd(8): document -h,--help option.
+
+shadow-4.0.11.1 -> shadow-4.0.12					22-08-2005
+
+*** general:
+- newgrp, login: remove using login.defs::CLOSE_SESSIONS variable and allways 
+  close PAM session,
+- fixed configure.in: realy enable shadow group support by default (pointed by 
+  Greg Schafer <gschafer@zip.com.au> and Peter Vrabec <pvrabec@redhat.com>),
+- login.defs: removed handle QMAIL_DIR variable,
+- login: allow regular user to login on read-only root file system (not only for root)
+  Patch by Nicolas François <nicolas.francois@centraliens.net>
+  Fix for http://bugs.debian.org/52069
+- gpasswd, grpck, grpconv, grpuconv: added flushing group nscd cache,
+- pwck, pwconv: added flushing passwd nscd cache,
+- usermod: fixed handle -p option (patch by Peter Vrabec <pvrabec@redhat.com>),
+- chage: use -1 as value for disable password inactivity, expiration date and
+  checking an password validation.
+  Based on patch by Peter Vrabec <pvrabec@redhat.com> which fixes:
+  https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=109499
+  https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=137498
+  and on 427_chage_expiry_0 Debian patch (fix for http://bugs.debian.org/78961)
+- useradd: do not copy files from skel directory if home directory exist and write
+  warning message about not copying skel files
+  Patch by Peter Vrabec <pvrabec@redhat.com> which fixes:
+  https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=143150
+  https://bugzilla.redhat.com/beta/show_bug.cgi?id=158574
+  https://bugzilla.redhat.com/beta/show_bug.cgi?id=80242
+- su: ignore SIGINT while authenticating. A ^C could defeat the waiting
+  period and permit brute-force attacks (fixed http://bugs.debian.org/288827),
+- uClibc fixes (by Martin Schlemmer <azarah@nosferatu.za.org>):
+  added require ngettext (added [need-ngettext] to AM_GNU_GETTEXT() parameters)
+  and stub prototype for ngettext() in lib/prototypes.h (neccessary if shadow
+  compiled with disabled NLS support)
+- groupadd: rewrited for use getopt_long(),
+- groupadd, groupdel, groupmod, userdel: do OPENLOG() before pam_start(),
+- groupadd: fixed double OPENLOG(),
+- removed lib/{grpack,gspack,pwpack,sppack}.c and prototypes from lib/prototypes.h
+  (outdated),
+- newusers: added flushing passwd and group nscd caches,
+- passwd, pwunconv, userdel, vipw: remove flushing shadow nscd cache (nscd do not caches
+  shadow map),
+- pwck: now pwck OPENLOG with correct name ("pwck" instead "pwsk")
+  (fix by Alexander Gattin <arg@online.com.ua>),
+- pwck, grpck: replace all puts() with printf() - it fixes problems with extra blank
+  lines printed in some messages
+  (fix by Alexander Gattin <arg@online.com.ua>),
+- passwd: use separated message "Password set to expire." instead "Password changed."
+  on "passwd -e" (fix by Christian Perrier <bubulle@debian.org),
+- updated translations: cs, de, fi, fr, nl, pl, pt, ru, sk.
+*** documentation:
+- regenerate all roff man pages using DocBook XSLT Stylesheets 1.69.1,
+- usermod(8): give the correct range for system users (0-999 instead of 0-99),
+  (http://bugs.debian.org/286258)
+- chage(8): better description -1 value passwd in -E, -I and -M options,
+- regenerate all roff man pages using DocBook XSLT Stylesheets 1.69.0.
+
+shadow-4.0.11 -> shadow-4.0.11.1					21-07-2005
+
+*** general:
+- fixed configure.in: now is possible build shadow with enabled/disabled shadow group
+  support (thanks for report symptoms of the bug to Greg Schafer <gschafer@zip.com.au>),
+- updated translations: sv.
+
+shadow-4.0.10 -> shadow-4.0.11						18-07-2005
+
+*** general:
+- su: ignore SIGINT while authenticating. A ^C could defeat the waiting period and
+  permit brute-force attacks. Also ignore SIGQUIT.
+  Fixed: http://bugs.debian.org/52372 and http://bugs.debian.org/288827
+- useradd: rewrited for use getopt_long(),
+- newgrp: add fix for handle splitted NIS groups: extends the functionality that,
+  if the requested group is given, all groups of the same GID are tested for
+  membership of the requesting user.
+  (fix by Christian Mudra <C.Mudra@science-computing.de>)
+- fix nscd_flush_cache(): for some reason doing the INVALIDATE call with two
+  write()'s fails. Do one writev() call instead.
+  http://bugs.gentoo.org/show_bug.cgi?id=80413
+  (submited by Martin Schlemmer <azarah@gentoo.org>)
+- merge nscd-socket-path patch from Fedora: newer glibc's have a different nscd socket
+  location (/var/run/nscd/socket instead /var/run/.nscd_socket),
+- S/Key support is back,
+- usermod: added -a option. This flag can only be used in conjunction with the -G
+  option. It cause usermod to append user to the current supplementary group list.
+  (patch by Peter Vrabec <pvrabec@redhat.com>) 
+- chage: added missing \n in error messages,
+- useradd, groupadd: change -O option to -K and document it in man page,
+- su, sulogin, login: fixed erroneous warning messages when used with PAM about some
+  login.defs variables (fix by DJ Lucas <dj@linuxfromscratch.org>),
+- autoconf:
+-- stop with error message if crypt() not found,
+-- remove --with{,out}-libcrypt switch,
+-- move all autoheader templates from acconfig.h to configure.in,
+- login: setup limits and umask (using login.defs ULIMITS and UMASK variables) only when
+  PAM support is disabled (it is task for pam_limits and pam_umask modules),
+- sulogin, login: use SYSLOG macro instead syslog() which saves the locale, sets the
+  locale to C, sends the message and restores the locale
+  (fix by Nicolas François <nicolas.francois@centraliens.net>).
+- updated translations: cs, da, de, es, fi, pl, pt, ro, ru, sk.
+*** documentation:
+- pwck(8): document -q option (based on Debian patch for fix http://bugs.debian.org/309408)
+- pwck(8): rewrited OPTIONS section and better SYNOPSIS,
+- lastlog(8): document that lastlog is a sparse file, and don't need to be rotated
+  http://bugs.debian.org/219321
+- login(8): better explain the respective roles of login, init and getty with regards
+  to the utmp file (based on 441_manpages-shadow.5 Debian patch),
+- shadowconfig(8): removed (will be maintained in Debian shadow pkg repository),
+- groupadd(8): document -o option,
+- in SEE ALLSO section in groupadd(8), groupdel(8), groupmod(8), userdel(8), usermod(8)
+  added refer to gpasswd(8) (suggested by Mike Frysinger <vapier@gentoo.org>).
+
+shadow-4.0.9 -> shadow-4.0.10						28-06-2005
+
+*** general:
+- mkpasswd: removed,
+- userdel: now deletes user groups from /etc/gshdow as well as /etc/group.
+  Fix by Nicolas François <nicolas.francois@centraliens.net>.
+  http://bugs.debian.org/99442
+- usermod: when relocating a user's home directory, don't fail and remove the new
+  home directory if we can't remove the old home directory for some
+  reason; the results can be spectularly poort if, for instance, only
+  the rmdir() fails. Patch prepared by Timo Lindfors <lindi-spamtrap@newmail.com>.
+  http://bugs.debian.org/166369
+- su: fix syslogs to be less ambiguous. Use old:new format instead of old-new
+  because '-' can appear in usernames
+  http://bugs.debian.org/213592
+- removed not used now libmisc/setup.c,
+- login: use also UTMPX API instead UTMP on failure (login was affected for this
+  when shadow was builded without PAM support)
+  patch by Nicolas François <nicolas.francois@centraliens.net>
+- login: the PAM session needs to be closed as root, thus before change_uid()
+  http://bugs.debian.org/53570 http://bugs.debian.org/195048 http://bugs.debian.org/211884
+- login: made login's -f option also able to use the username after -- if none
+  was passed as it's optarg
+  http://bugs.debian.org/53702 
+- login: check for hushed login and pass PAM_SILENT if true,
+  http://bugs.debian.org/48002
+- login: fixed username on succesful login (was using the normal username,
+  when it should have used pam_user) http://bugs.debian.org/47819
+- remove using SHADOWPWD #define so now shadow is allways builded with shadow
+  passwowd support,
+- chage: rewrited for use getopt_long(),
+- updated translations: ca, cs, da, fi, pl, ru, zh_TW.
+*** documentation:
+- most of the man pages now are generated from XML files so in case submiting any
+  chages to this resources please make diff to XML files,
+- chfn: give more details about the influence of login.defs on what's allowed to
+  users.
+
+shadow-4.0.8 -> shadow-4.0.9						23-05-2005
+
+*** general:
+- passwd: fixed segfault in non-PAM connfiguration
+  (submited by Greg Schafer <gschafer@zip.com.au>),
+- newgrp: fixed NULL pointer dereference - getlogin() and ttyname() can
+  return NULL which is not checked (http://bugs.debian.org/162303),
+- updated translations: ro, ru,
+- added new translations: vi,
+- lib/getdef.c: leaves the table as it is, and changes from the binary search to
+  a sequential one (Lucas Correia Villa Real <lucasvr@gobolinux.org>),
+- lastlog: fixed --help message (s,--login,--user,) http://bugs.debian.org/249611.
+
+shadow-4.0.7 -> shadow-4.0.8						26-04-2005
+
+*** general:
+- remove not working OPIE and SKEY support,
+- chage, useradd, usermod: reduce multiple OPENLOG() calls,
+- passwd: fix #61313 Debian bug: "passwd -S root" (as a normal user) should not
+  display "You may not change the password for root.",
+- vipw: fixed race condition (Debian #242407 bug; fix by Alexander Gattin
+  <arg@online.com.ua>),
+- configure.in: add using AC_GNU_SOURCE macro for kill compilation warnings about
+  implicit declaration of function `fseeko',
+- faillog: changed faillog record display format for allow fit in 80 columns all
+  faillog atributies,
+- removed NDBM code (unused),
+- fixed use of SU_WHEEL_ONLY in su. Now su realy is avalaible for wheel group
+  members. Thanks to Mike Frysinger <vapier@gentoo.org> for report:
+  http://bugs.gentoo.org/show_bug.cgi?id=80345
+- drop never finished kerberos and des_rpc support (for kerberos support back firs
+  must be prepared modularization),
+- fixed UTMP path detection (by Kelledin <kelledin@users.sf.net>),
+- useradd: rewrited group count to dynamic (by John Newbigin
+  <jnewbigin@ict.swin.edu.au>),
+- login: fixed create lastlog entry fo users never loged in on non-PAM
+  variant of login (fix by <oracular@ziplip.com>),
+- remove handle login.defs::NOLOGIN_STR (never used),
+- useradd: fixes a potential security problem when mailbox is created in
+  useradd.
+  Patch and comment by Koblinger Egmont <egmont@uhulinux.hu>:
+  Only two arguments are passed to the open() call though it expects three
+  because O_CREAT is present. Hence the permission of the file first becomes
+  some random garbage found on the stack, and an attacker can perhaps open
+  this file and hold it open for reading or writing before the proper
+  fchmod() is executed. (Actually, we could also pass the final "mode" to
+  the open() call and then save the consequent fchmod().)
+- SELinux changes: added changes in chage, chfn, chsh, passwd for allow
+  construct more grained user password/accuunt properties on SELinux
+  policies level. Patch originally based on RH changes (submited by Chris
+  PeBenito <pebenito@gentoo.org>),
+- added SELinux changes: in libmisc/copydir.c (based on Fedora patch),
+- updated translations: cs, da, es, eu, fi, fr, it, ko, nl, pl, pt, sk, uk,
+- added new translations: tl,
+- reindent all source code using -l80,
+*** documentation:
+- it man pages (by Danilo Piazzalunga <danilopiazza@libero.it>):
+-- updated: chfn.1, chsh.1, groups.1, grpck.8, grpconv.8,
+   grpunconv.8, id.1, lastlog.8, login.1, newgrp.1, pwunconv.8, shadow.5,
+   vigr.8, vipw.8,
+-- new: chage.1, chpasswd.8, expiry.1, faillog.5, faillog.8, getspnam.3,
+   logoutd.8, porttime.5, pwck.8, shadow.3, shadowconfig.8, su.1,
+- passwd(1): fix #160477 Debian bug: improve -S output description,
+- newgrp(1): fix #251926, #166173, #113191 Debian bugs: explain why editing /etc/group   
+  (without gshadow) doesn't permit to use newgrp,
+- newgrp(1): newgrp uses /bin/sh (not bash),
+- faillog(8): updated after rewrited faillog command for use getopt_long(),
+- login(1): removed fragment about abilities pass enviroment variables in login prompt,
+- gshadow(5): new file (by Nicolas Nicolas François <nicolas.francois@centraliens.net>),
+- usermod(8): fixed #302388 Debian bug: added separated -o option description,
+
+shadow-4.0.6 -> shadow-4.0.7						26-01-2005
+
+- updated translations: da, es, fi, it, nl, pl, pt,
+- added zh_TW translation (from Debian resources),
+- remove unused now files in lib/ directory,
+- switch faillog to use getopt_long(),
+- added de vigr(8), vipw(8) man pages (from Debian resources),
+- added ro, sq translations (from Debian resources),
+- fixed large file support in lastlog and faillog:
+-- added AC_SYS_LARGEFILE macro to autoconf,
+-- use fseeko() instead fseek() and remove casting file offsets to unsigned
+   long.
+- lastlog:
+-- rewrited source code using the same style as in chpasswd.c,
+-- open lastlog file after finish parse comman line optiomns
+   (now --help otput can be displayd for users without lastlog
+   file read permission),
+-- cleanups in lastlog(8) man page using the same style as in
+   chpasswd(8).
+- chpasswd:
+-- switch chpasswd to use getopt_long() and adds a --md5 option
+   (by Ian Gulliver <ian@penguinhosting.net>),
+-- rewrited chpasswd(8) man page.  
+
+shadow-4.0.5 -> shadow-4.0.6						08-11-2004
+
+- su: fixed adding of pam_env env variables to enviroment
+  (Martin Schlemmer <azarah@nosferatu.za.org>),
+- autoconf: fixed filling MAIL_SPOOL_DIR and MAIL_SPOOL_FILE variables
+  which was allways empty (Gregorio Guidi <g.guidi@sns.it>),
+- realuy closse security bug in libmisc/pwdcheck.c,
+- added missing template/example PAM service config files for chfn, chsh and
+  userdel,
+- do not translate variable names from /etc/default/useradd during
+  "useradd -D".
+
+shadow-4.0.4.1 -> shadow-4.0.5						27-10-2004
+
+- change libmisc to private static library,
+- added SELinux support (basing on patch from Gentoo),
+- chage: more verbose/human readable -l output. This output is much more
+  beter for send directly via email for each users as message with account
+  status (for example as message with warning about account/password expiration),
+- login: fixed handle -f option: now it works correctly without specify "-h
+  <host>" if open login session localy is required (thanks for help
+  investigate bug for Krzysztof Kotlenga),
+- userdel: when removing a user with userdel, userdel was always exits with 1 (fixed).
+  Based on http://bugs.gentoo.org/show_bug.cgi?id=66687,
+- useradd: added handle /etc/defaults/useradd::CREATE_MAIL_SPOOL={yes|no}.
+  Now on adding user account can be also created empty user mail spool.
+  Curent code handle only mailbox.
+  TODO: add handle create user mail spool in maildir format.
+- useradd: when placing symlinks into /etc/skel copy_tree of
+  libmisc/copydir.c will properly create the symlink in the destination
+  directory but not change the ownership to the target user/group. This
+  makes httpd Option SymlinkIfOwnerMatch break for default weg pages
+  including symlinks placed into /etc/skel/public_html for example.
+  http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=66819
+- su: add pam_open_session() support. If builded without PAM support
+  propagate $DISPLAY and $XAUTHORITY enviroment variables.
+  Based on http://www.gentoo.org/cgi-bin/viewcvs.cgi/sys-apps/shadow/files/shadow-4.0.4.1-su-pam_open_session.patch?rev=1.1
+- applied 036_pam_access_with_preauth.patch Debian patch submited by Bjorn
+  Torkelsson <Bjorn.Torkelsson@hpc2n.umu.se>: add support for PAM account
+  management to restrict access using pam_access when login is invoked with -f.
+- applied Owl patches by Solar Designer <solar@openwall.com>:
+  shadow-4.0.4.1-owl-pam-auth.diff:
+    Moved the PAM authentication in user management commands after
+    command-line parsing, made it use separate service names for each command.
+    Use constant strings rather than argv[0] for syslog ident in the user
+    management commands,
+  shadow-4.0.4.1-owl-tmp.diff:
+    Remove using mktemp() if mkstemp() prototype not found (use allways mkstemp()),
+  shadow-4.0.4.1-owl-check-reads.diff:
+    Add checking for read errors in commonio and vipw/vigr (not doing so could
+    result in data loss when the records are written back),
+- fixed securirty bug in libmisc/pwdcheck.c which allow unauthorized
+  account properties modification.
+  Affected tools: chfn and chsh.
+  Bug was discovered by Martin Schulze <joey@infodrom.org>.
+- added it translation (by Danilo Piazzalunga <danilopiazza@libero.it>),
+- added sk translation (by Peter Mann <Peter.Mann@tuke.sk>, submited by Christian
+  Perrier <bubulle@kheops.frmug.org>),
+- added es translation (by Ruben Porras <nahoo82@telefonica.net>),
+- updated ko translation (by Changwoo Ryu <cwryu@debian.org>),
+- added fi translation (by Tommi Vainikainen <thv@iki.fi>),
+- new translations: bs, ca, da, eu, he, id, nb, nl, nn, pt, pt_BR, tr,
+  zh_CN (stolen from Debian),
+- remove adduser(8) roff include man page to useradd(8).
+
+shadow-4.0.4 => shadow-4.0.4.1						14-01-2004
+- bug fixes in automake files for generate correct tar ball on "make dist":
+  added mising "EXTRA_DIST = $(man_MANS)" in man/*/Makefile.am.
+
+shadow-4.0.3 => shadow-4.0.4						14-01-2004	
+
+*** general:
+- added missing information about -f options in groupadd usage mesage
+  (document this also in man page),
+- removed TCFS support (tcfs is dead),
+- convert all po/*.po files to utf-8,
+- one TODO entry gone: fix nscd flushing databases on change (use
+  per service flushing method instead HUPing nscd process),
+- removed old AUTH_METHODS dependent code,
+- chage: now all code depend on SHADOWPWD. If shadow will not be configured
+  on autoconf level for using shadow possword chage is olny stub which
+  informs "chage not configured for shadow password support."
+- dpasswd: removed,
+- login: remove handle login.defs::DIALUPS_CHECK_ENAB code,
+- login: remove handle login.defs::NO_PASSWORD_CONSOLE code,
+- ALL tools, libraries: remove old SVR4, SVR4_SI86_EUA BSD_QUOTA and ATT_AGE
+  dependent code,
+- ALL: ready for gettext 0.11.5, automake 1.7.4, autoconf 2.57,
+- logoutd, userd: handle also utmpx if avalaile,
+- newgrp: fix for non-PAM version
+  Use CLOSE_SESSIONS depending code only when USE_PAM.
+  The problem was reported by Mattias Webjorn Eriksson using Slackware
+  8.1 and reproduced it using slackware-current (9.0beta) (fix submited by
+  Simon Williams <simon@no-dns-yet.org.uk>),
+- fix in too_many_failures() function: incorrect if() condition in non-PAM
+  dependent code in fail login handling (fixed by Krzysztof
+  Oledzki <ole@ans.pl>),
+*** documentation:
+- install groups(1) man page (moved from EXTRA_DIST to man_MANS),
+- removed pwauth(8), d_passwd(5), dialups(5) man pages,
+- remove text about password aging from passwd(5) (based on Debian changes),
+- document useradd and groupadd -M option in en and pl man pages
+  (by Jakub Mikusek <mick3y@o.k.pl>).
+- added ru passwd(1) man page from KSI resources,
+- added es man pages found in Conectiva distribution resources,
+- added chch(1), chfn(1) man pages from chinese man pages translation
+  project,
+- added id(1) man page czech man pages translation project,
+- updated ja man pages and added expiry(1),
+- removed old doc/ANNOUNCE,
+- updated german passwd(1), chsh(1) and login(1) man page and added chfn(1)
+  (by Josef Spillner <josef@ggzgamingzone.org>),
+- many other cleanups and unifications in man pages.
+
+shadow-4.0.2 => shadow-4.0.3						 13-03-2002
+
+- added variouse cs, de, fr, id, it, ko man pages found mainly in national
+  man pages translations projects (this documents are not synced with
+  current en version but you know .. "Documentations is lik sex. When it is
+  good it very very good. Whet it is bad it is better than nothing."). Any
+  changes for syncing this are welcome and for anyone who will want maintain
+  this documents directly I can give cvs write access to project resources.
+- added new de translation (by Frank Schmid <frank@cs-schmid.de>).
+- fixed building --with-shared: swapped utent (in src/login.c and
+  libmisc/utmp.c) and pwent (in libmisc/suauth.c and src/su.c)
+  definition/extern (by Dimitar Zhekov <jimmy@is-vn.bg>).
+- minor changes and updates in man pages (also merged
+  shadow-4.0.0-owl-man.patch by Solar Designer <solar@openwall.com>).
+
+shadow-4.0.1 => shadow-4.0.2						 17-02-2002
+
+- resolve many fuzzy translations also all this which may cause problems on
+  displaing long uid/gid,
+- allow use "$" on ending in cereated by useradd usermname accounts for allow
+  create machine acounts for samba (thanks to Jerome Borsboom
+  <borsboom@tch.fgg.eur.nl> for point this problem in 4.0.1),
+- fix small but ugly bug in configure.in in libpam_mics library detection.
+
+shadow-4.0.0 => shadow-4.0.1
+
+- added ability to log session closes in newgrp
+  (Joseph Parmelee <jparmele@wildbear.com>),
+- add -pcs to .indent.pro file and reindent all code in src/,
+- remove "\n" from all SYSLOG() messages,
+- finish integrate AGING code into SHADOWPW,
+- remove handle old HAVE_USERSEC_H code,
+- updated ja and added hu man pages,
+- applied patches by Solar Designer <solar@openwall.com>:
+  shadow-4.0.0-owl-chage-drop-priv.diffd
+  shadow-4.0.0-owl-chage-ro-no-lock.diff:
+    Added locks which are needed when doing r/w accesses, not when running
+    as root.  If root does read-only, there's no lock needed. Added missing
+    "#include <errno.h>" for above (me).
+  shadow-4.0.0-owl-warnings.diff
+    Olny one fix from this patch was aplayd because other was fixed few days
+    before :)
+  shadow-4.0.0-owl-check_names.diff
+    Merge only prat this patch with checking login name matching; checking
+    is login string isn't longer than possible it will be good prepare using
+    probably _POSIX_LOGIN_NAME_MAX from <bits/posix1_lim.h>,
+  shadow-4.0.0-owl-chage-drop-priv.diff
+  shadow-4.0.0-owl-pam-auth.diff
+    Merge part with reorder initialize PAM and checkin is chage is runed by
+    root or not - now chage can be runed from non-root account for checking
+    by user own account information (if PAM enabled).
+- fixes for handle/print correctly 32bit uid/gid (Thorsten Kukuk <kukuk@suse.de>),
+- implemented functions for better reloading the nscd cache (per NSS map)
+  (Thorsten Kukuk <kukuk@suse.de>),
+- fixed warnings "not used but defined" on compile using gcc 3.0.x 
+  (bulletpr00ph <bullet@users.sourceforge.net>),
+- added ja, ko translations found in SuSE,
+- added symlinks: newgrp -> sg, vipw -> vigr,
+- added vigr(1) man page as roff .so link to vipw(1),
+- added sg(1) man page as roff .so link to newgrp(1),
+- installed fix for SEGV when using pwck -s on /etc/passwd file with
+  empty lines in it.
+  
+shadow-20001016 => shadow-4.0.0						 06-01-2002
+
+- fix bug discovered and fixed by Marcel Ritter
+  <Marcel.Ritter@rrze.uni-erlangen.de>
+  Due to a big buffer size in lib/commonio.c this error does only appear
+  if a line gets longer than 4096 bytes (there are probably very few people
+  stumbling across this).
+  Ths bug can be exposed by trashing /etc/groups file using useradd with script:
+	#!/bin/sh
+	typeset -i NUM
+	NUM=0
+	groupadd demogroup
+	while [ $NUM -le 1000 ]; do
+	   useradd -g demogroup -G demogroup -p "NONE" user$NUM
+	   NUM=$NUM+1
+	done
+- remove limit 32 to groups per user by (the same user can belong to
+  more than 32 groups) by use sysconf(_SC_NGROUPS_MAX) instead constant
+  NGROUPS_MAX (patch by Radu Constantin Rendec <radu.rendec@ines.ro>)
+  NOTE: it probably need testing on other system for add
+  some condition for using sysconf(_SC_NGROUPS_MAX) or NGROUPS_MAX constant,
+- added -s option to {pw,grp}ck to sort checked files by UID/GID,
+- drop detecting is pam_strerror() need one or two arguments. Instead using
+  PAM_STRERROR() macro use directly pam_strerror() function with two
+  arguments. pam_strerror() with one argument is obsoleted,
+- adde ja man pages (probably some man pages need update),
+- much better automake support,
+- added pt_BR man pages for gpasswd(1), groupadd(8), groupdel(8),
+  groupmod(8), shadow(5) (man pages for other nations also are welcome),
+- mamny small fixes and updates nad improvements in man pages,
+- aplayed Debian patch to man pages for shadowconfig,
+- remove limit to 6 chars logged tty name (012_libmisc_sulog.c.diff Debian
+  patch).
+
+shadow-20001012 -> shadow-20001016:
+- conditionaly disabled body reload_nscd() because not every
+  version of nscd can handle it (this can be enabled by define
+  ENABLE_NSCD_SIGHUP) (Marek Michałkiewicz  <marekm@linux.org.pl>)
+- fixes on autoconf/automake level for dist target,
+- Julianne F. Haugh new contact adress.
+
+shadow-20000902 => shadow-20001012
+
+- removed /redhat directory with obsoleted files (partialy rewrited spec
+  file is now in root directory),
+- aplayed shadow-19990827-group.patch patch from RH wich prevents adduser
+  overwrite previously existing groups in adduser,
+- added PAM support for chage (bind to "chage" PAM config file) also
+  added PAM support for all other small tools like chpasswd, groupadd,
+  groupdel, groupmod, newusers, useradd, userdel, usermod (bind to common 
+  "shadow" PAM config file) - this modificaytions mainly based on
+  modifications prepared by Janek Rękojarski <baggins@pld.org.pl>,
+- many small fixes and improvments in automake (mow "make dist"
+  works correctly),
+- added cs translation (Jiri Pavlovsky <Jiri.Pavlovsky@ff.cuni.cz>).
+
+shadow-20000826 => shadow-20000902
+
+This is probably the last release from me.
+Tomasz Kloczko <kloczek@rudy.mif.pg.gda.pl> is the new maintainer.
+Good luck!
+
+(I'm still interested to know what is going on with this package,
+which is fairly important to many Linux distributions, so please
+Cc: marekm@linux.org.pl in any related discussions - just don't
+expect me to respond quickly...)
+
+Previous warning still applies - be careful!
+
+- applied some of the Red Hat patches (revised slightly), thanks to
+  Bernhard Rosenkraenzer <bero@redhat.de>: fix for truncated long
+  lines (>8K) in /etc/group, send SIGHUP to nscd (caching daemon
+  in glibc 2.1.x) after changing anything, add usermod -L and -U
+  options, remove LOG_CONS from openlog(), chage -d and -E handles
+  dates in yyyy-mm-dd format ('/' is not required)
+- various cleanups
+
+shadow-19990827 => shadow-20000826
+
+WARNING: this release is not tested (other than that it compiles for me),
+please be careful.  Previous release was a year ago, so it is really time
+to release something and start looking for a new, better maintainer...
+(I've been extremely busy recently.  Credit for most of the real work,
+such as complete PAM support, should go to Ben Collins <bcollins@debian.org>
+who maintains this package for Debian.)
+
+- merged most of the changes from Debian (not all of them yet, PAM support
+  should be complete but is not tested - need to upgrade to potato first)
+- added Polish translations of manual pages from PLD
+- change sulog() to not depend on global variables oldname, name
+- try to not follow symbolic links when deleting files recursively
+  in userdel (still not perfect, safest to do it in single user mode)
+- removed workarounds for ancient (pre-ANSI) C compilers - use gcc!
+  (a few ANSI C constructs were used already, and no one complained)
+- updated author's e-mail address (jfh@bga.com -> jfh@austin.ibm.com)
+
+shadow-19990709 => shadow-19990827
+
+- upgrade to autoconf-2.13, automake-1.4, libtool-1.3.3
+- i18n: added French translation by Vincent Renardias <vincent@ldsol.com>
+- i18n: added Swedish translation by Kristoffer Brånemyr <ztion@swipnet.se>
+- logoutd no longer reads /etc/logoutd.mesg at startup - instead, read
+  it when sending to luser's tty (no need to reload with SIGHUP)
+- added support for "usergroups" feature often found in Linux distributions
+  (if USERGROUPS_ENAB in login.defs set to "yes", uid != 0, uid == gid, and
+  username == groupname, then set umask to 002 instead of 022)
+- Debian: pwck and grpck are now run from a daily cron job (root will
+  receive an e-mail if something is wrong), and at system startup
+- added support for setting umask in /etc/limits
+- when using OPIE, re-prompt with echo on after empty password was entered
+- GETPASS_ASTERISKS now run time configurable (login.defs)
+- getpass() now uses stdin and stderr (not stdout) if it can't open /dev/tty
+- getpass() allows all input to be erased using Control-U, and beeps when
+  too many characters are entered
+- removed obsolete sgtty support, in 1999 everyone should have termios :)
+- Debian: tar wrapper no longer needed to build packages as non-root user
+  (install libtricks, and use "dpkg-buildpackage -rfakeroot" instead)
+- Debian: changes for GNU Hurd by Marcus Brinkmann <brinkmd@debian.org>:
+  dpkg-architecture, cross compilation, only build passwd, add
+  etc/login.defs.hurd conffile, conditionalize CBAUD
+- newgrp sets $HOME before running the new shell
+- both "sg group command" (usage message) and "sg group -c command"
+  (man page) work, updated both the usage message and the man page :)
+- i18n: added missing _() for some translatable strings
+
+shadow-19990607 => shadow-19990709
+
+- added PAM support to chfn and chsh (thanks to Thorsten Kukuk)
+- fixed a bug in newgrp if the user is in >= 17 groups
+- added @LIBSKEY@ to LDADD for all programs (for some reason,
+  almost all programs need it if skey/opie support is enabled)
+- changed grpconv/grpunconv to compile with --disable-shadowgrp
+- changed faillog to do something (assume -p) with no options specified
+- updated version of the udbachk passwd/shadow/group file integrity
+  checker (contrib/udbachk.v012.tgz)
+
+shadow-19990307 => shadow-19990607
+
+- upgraded to libtool-1.2, latest config.{guess,sub}
+- added missing #include "defines.h" in libmisc/login_desrpc.c - thanks
+  to almost everyone for reporting it :-)
+- moved PAM-related defines to pam_defs.h
+- added some braces to if/else to avoid egcs warnings
+- started adding PAM support to login (based on util-linux, not finished yet)
+- changed "!" to "x" for pw_passwd in src/newusers.c
+- a few more Y2K fixes
+- added contrib/udbachk.tgz (passwd/shadow/group file integrity checker),
+  thanks to Sami Kerola
+- Debian: made /etc/{limits,login.access,login.defs,porttime,securetty}
+  files all mode 0600 (Bug#38729 - login: /etc/limits is world readable)
+- updated mailing list information (moved again, now hosted by SuSE),
+  updated README.mirrors, other minor documentation updates
+- made getpass work with redirected stdin
+- new readpass echoing asterisks disabled by default by popular demand
+  (can be enabled at compile time: ./configure --enable-readpass)
+- the random number of asterisks in readpass is now more random
+  (random number generator initialization was missing)
+- commented out --enable-md5crypt (obsolete) in configure.in
+- when checking for libskey, link with -lcrypt if libcrypt is available
+  (otherwise the configure test for libskey fails - libskey needs libcrypt)
+- added Package/Version ident strings (so you can use the RCS "ident"
+  command to check any binary, which version of shadow it comes from)
+
+shadow-981228 => shadow-19990307
+
+- added support for setting process priority in /etc/limits
+- i18n: updated Greek translation
+- i18n: added Polish translation by Arkadiusz Miskiewicz
+- documented the -p option in useradd.8 and usermod.8 man pages
+- some "const" gcc warning fixes
+- attempt to fix lib/snprintf.c compilation problems
+- added restart/reload/force-reload to /etc/init.d/logoutd (found by lintian)
+- always require password for root logins (even with NO_PASSWORD_CONSOLE)
+- workaround for RedHat's CREATE_HOME feature in /etc/login.defs
+- changed to Y2K compatible version numbering
+- more Y2K fixes, use the ISO 8601 date format (yyyy-mm-dd) for default
+  values of user-entered dates (you can still enter dates in any format
+  supported by GNU date)
+- oops, added doc/README.nls to list of files to distribute
+- added missing sanitize_env() call to src/login.c
+- debian/rules installs /bin/login non-setuid by default, just in case...
+- build Debian packages with cracklib support (depends on cracklib-runtime)
+
+shadow-980724 => shadow-981228
+
+- login now clears the username in argv[] (in case someone types the
+  password instead of username, by mistake)
+- i18n support, Greek translation (Nikos Mavroyanopoulos), see README.nls
+- updated author's e-mail address (jfh@tab.com -> jfh@bga.com)
+- new getpass() replacement that displays *'s (Pavel Machek)
+- no password required when logging in from ttys listed under
+  NO_PASSWORD_CONSOLE in login.defs (Pavel Machek)
+- fixed limits code so RLIMIT_AS should work
+- upgraded to Debian 2.0
+- built a new machine (P2 350MHz, 64MB RAM) so the thing can be compiled
+  in reasonable time again
+- upgraded to automake-1.3, libtool-1.0h (also new config.guess and
+  config.sub that work on i686)
+- usermod fixed to handle group names starting with digits (not recommended)
+
+shadow-980626 => shadow-980724
+
+- security: login no longer gives you a root shell if setgid()
+  or initgroups() or setuid() fails for any reason, discovered
+  by Ted Hickman <thickman@sy.net>
+- remove libshadow.so -> libshadow.so.x.x symlink after install
+- a few int -> uid_t type cleanups
+- fail immediately (don't retry) in *_lock() if euid != 0
+- added sample PAM config files etc/pam.d/{passwd,su}
+- preliminary PAM support in su (untested - use at your own risk,
+  comments and patches welcome!)
+- cleanup and more comments in OPIE code (Algis Rudys)
+- added support for TCFS (Transparent Cryptographic File System)
+  (use ./configure --with-libtcfs, see http://tcfs.dia.unisa.it/
+  for more info), thanks to Aniello Del Sorbo
+
+shadow-980529 => shadow-980626
+
+- fixed bug in commonio_lock() (infinite recursion if lckpwdf() not
+  used and database cannot be locked), thanks to Jonathan Hankins
+- fixed bug in copy_tree() (NUL-terminate readlink() results),
+  thanks to Lutz Schwalowsky
+- no need to press Enter after Ctrl-C to interrupt password prompt
+- removed a few harmless gcc warnings
+- secure RPC login disabled if <rpc/key_prot.h> not found (glibc 2.0)
+- faillog.8: changed /usr/adm -> /var/log
+- pwconv.8: documented that it may fail on invalid password files
+
+shadow-980417 => shadow-980529
+
+- fixed "interesting" strzero() bug introduced by me in 980417:
+  strzero(cp) didn't work as intended (the macro used a local
+  variable called "cp" - oops...); Leonard N. Zubkoff was the
+  first person to report it - thanks!
+- fixed usermod -e to accept empty argument (like useradd),
+  thanks to Martin Bene
+- several changes from Debian 980403-0.2, see debian/changelog
+- added contrib/shadow-anonftp.patch (not yet merged, sorry...)
+  thanks to Calle Karlsson
+
+shadow-980403 => shadow-980417
+
+- fixed login session limits (again - broken since 980130)
+- more symbolic constants for exit status values
+- fixed logoutd to work with 8-character usernames in utmp
+  (no room for terminating NUL!)
+- various fixes to make the code more glibc2-friendly
+- updated doc/cracklib26.diff (fix for empty gecos, etc.)
+- updated the files in redhat/ from shadow-utils-970616-11.src.rpm
+  (RH 5.0 updates)
+
+shadow-980130 => shadow-980403
+
+- security: su now creates the sulog file (if enabled and doesn't
+  already exist) with umask 077
+- hopefully removed arbitrary group size limits (not yet for
+  shadow groups though - sgetsgent() still needs a rewrite,
+  but I don't want to delay this release any longer...)
+- fixed NULL dereference in groupmod -n
+
+shadow-971215 => shadow-980130
+
+- Debian binary packages can be built without root privileges
+  (tar wrapper - debian/tar.c)
+- new subdir "redhat" (needs more work, see redhat/README)
+- in several places, exit(127) if exec fails with ENOENT, and
+  exit(126) on other errors (as in ksh and bash)
+- renamed getpass() and md5_crypt() to libshadow_* to avoid name
+  conflicts with libc functions - md5_crypt() is also in libcrypt.a
+  on Linux/PPC, thanks to Anton Gluck <gluc@midway.uchicago.edu>
+- handle crypt() returning NULL (possible according to Single Unix
+  Spec) more gracefully (exit instead of SIGSEGV)
+- fixed bug in putgrent() that showed up when realloc() moved the
+  buffer while expanding it, thanks to Floody <flood@evcom.net>
+- fixed bug in login session limits (with a limit set to N logins,
+  only N-1 logins were allowed), thanks to Floody <flood@evcom.net>
+- upgraded to libtool-1.0h (now recognizes GNU ld on Debian 1.3.1)
+- newer config.guess and config.sub (should work on x86 for x > 5)
+- removed doc/automake-1.0.diff (obsoleted by automake-1.2)
+- added doc/cracklib26.diff (some patches for cracklib-2.6)
+- documented more (not all yet) login.defs(5) settings
+- replaced more exit status numeric values with #defines
+- shadow-utils.spec now generated from shadow-utils.spec.in
+  (so I don't have to edit version numbers for every new release)
+- groupadd -f option, based on RedHat's shadow-utils-970616-9 patch
+  ("force" - exit(0) if the group already exists); other RedHat-
+  specific options not added yet (best done in a perl script that
+  runs useradd/usermod/groupadd - see Debian's adduser-3.x)
+- added -O option (override login.defs values) to useradd and groupadd
+- if usermod can't update the group file(s), exit(10) but update the
+  password file(s) anyway (as documented by Solaris man page)
+- useradd should no longer set sp_expire to the current date (oops)
+- configure.in: added --enable-desrpc, check for gethostbyname in libc
+  before trying libnsl (necessary for Solaris; not for Linux or Irix,
+  even though libnsl may be present), fixed pw_age/pw_comment/pw_quota
+  detection, setpgrp vs. setpgid, other minor tweaks
+- various */Makefile.am tweaks
+- login.defs: added FAKE_SHELL - program to run instead of the login
+  shell, with the real shell in argv[0] (Frank Denis)
+- login.defs: ignore case in yes/no settings
+- more E_* defines instead of hardcoded numbers for exit()
+- added sanitize_env() for setuid programs
+- login_desrpc() checks for getnetname() errors
+- new password is not "too similar" if it is long enough
+- replacement strstr() was static, no one noticed :-)
+- {pw,spw}_lock() and {pw,spw}_unlock() track the lock count and call
+  lckpwdf() and ulckpwdf() as needed, *_lock_first() hack removed
+- login sets $REMOTEHOST for remote logins
+- added newgrp -l option (Single Unix Spec, same as "-")
+- EXPERIMENTAL shared lib support using libtool (libshadow.so saves about
+  200K of disk space on Linux/x86), enabled by default if supported by
+  the system, use ./configure --disable-shared if it causes any problems.
+  Warning: libshadow.so is intended for internal use by this package
+  only - binary compatibility with future releases is not guaranteed.
+  There should be no need to link any other programs with libshadow.so -
+  the libshadow.so -> libshadow.so.x.x symlink is unnecessary.
+- pam_strerror() takes one or two arguments, depending on the Linux-PAM
+  version (!) - added check to configure; fixed do_pam_passwd prototype
+- libmisc/login_access.c should compile on Linux/PPC and Solaris
+- added information about the new ftp site to doc/README.mirrors
+
+shadow-971001 => shadow-971215
+
+- added workaround for NYS libc 5.3.12 (RedHat 4.2) bug to grpck
+- updated the RPM .spec file
+- renamed rlogin() to do_rlogin() to avoid Linux/PPC build problem
+  (glibc defines something else named "rlogin" in utmpbits.h ?)
+- added MD5 checksums in Debian packages
+- added -p and -g options to vipw (edit the password or group file
+  respectively, regardless of the command name in argv[0])
+- removed old DBM support (NDBM code is still there)
+- fixed a bug in gpasswd: current username was incorrectly identified as
+  "root" because of setuid(0) done too early.  It may be a security hole
+  when using shadow groups - if "root" is listed as a group administrator,
+  any user can add/remove members in that group.  Thanks to Jesse Thilo.
+- gpasswd now logs which user (root or group admin) made the changes
+- passwd now uses $PATH to search for the chfn, chsh, gpasswd commands
+- newgrp and add_groups() allocate supplementary group lists dynamically
+- moved check_shell() from src/chsh.c to libmisc/chkshell.c
+- CHFN_RESTRICT in login.defs can now specify exactly which fields may be
+  changed by regular users (any combination of letters "frwh")
+- fixed contrib/pwdauth.c segfault with non-existent usernames
+- minor change in lib/getdef.c to handle quotes better (Juergen Heinzl)
+- new date parsing code (from GNU date) used by useradd, usermod, chage
+- upgraded to automake-1.2, added libtool-0.7 (no libshadow.so yet)
+- converted code to ANSI C, added ansi2knr (untested - use gcc!)
+- fixed useradd -G segfault (one '*' that shouldn't be there)
+- allow 8-bit characters in chfn
+- added support for RLIMIT_AS (max address space) in libmisc/limits.c
+- changed the handling of NIS plus entries in password files
+- some more tweaking in various debian/* files
+- logoutd uses getutent() instead of reading utmp file directly
+- fixed lckpwdf() called twice (and failing) when changing password
+  if the user is not listed in /etc/shadow (Mike Pakovic)
+- erase and kill characters left unchanged if not defined in login.defs
+
+shadow-970616 => shadow-971001
+
+- Debian: mkpasswd no longer installed (dbm files not supported)
+- chpasswd checks for shadow/non-shadow at run time, too
+- added chpasswd -e (input file with encrypted passwords) - Jay Soffian
+- changed libmisc/login_access.c as suggested by Dave Hagewood
+- replaced sprintf() with snprintf() in several places
+- added lib/snprintf.[ch] (from XFree86) for systems without snprintf()
+- minor tweaks in contrib/adduser.c (/usr/local -> /usr)
+- non-root users can only run su with a terminal on stdin
+- temporarily disabled DES_RPC because getsecretkey() causes login to hang
+  for 5 minutes on at least one RH 4.0 system.  Not sure if this is a bug
+  in libc, or system misconfiguration.  Needs further investigation.
+- check for strerror() and -lrpcsvc (should compile on SunOS again)
+- fixed free() called twice in libmisc/mail.c
+- added information about mirror sites (doc/README.mirrors)
+- updated pwconv.8 and pwunconv.8 man pages
+- "make install" now installs pwconv, pwunconv, grpconv, grpunconv
+- pwauth.8 no longer installed (AUTH_METHODS not supported by default)
+- corrected su.1 man page ($SHELL not used)
+- no need for --with-md5crypt if the MD5-based crypt() is already in libc
+  (or another library specified in /etc/ld.so.preload - Linux ld.so 1.8.0+)
+- cleaned up PASS_MAX in getpass() (127 always assumed)
+- default editor for vipw changed from /bin/ae to a real editor :)
+
+shadow-970601 => shadow-970616
+
+- fixed execlp call (missing NULL) in src/vipw.c
+- vipw now preserves permissions on edited files
+- commented out the xdm-shadow hack in shadowconfig
+- improved RedHat spec file (Timo Karjalainen)
+- updated mailing list information
+- added information about the shadow paper (doc/README.shadow-paper)
+- renamed doc/console.c.spec (confused RPM)
+
+shadow-970502-2 => shadow-970601
+
+- fixed a typo in libmisc/mail.c causing login to segfault
+  if MAIL_CHECK_ENAB=yes (sorry!)
+- patches for OPIE support (Algis Rudys) (untested)
+- programs that modify /etc/passwd or /etc/shadow will use
+  lckpwdf() if available
+- now compiles with PAM support! (still untested)
+- cosmetic error message changes (prefixed by argv[0]:)
+
+shadow-970216 => shadow-970502-2
+
+- shadow group support fixes (grpconv didn't work - for some
+  reason, putsgent() returns 1 instead of 0 on success;
+  now -1 = failure, anything else = success)
+- upgraded to autoconf-2.12
+- pwconv and pwunconv now follow other UN*X systems and SVID3
+  (modify files in place), original versions moved to "old"
+- scologin.c moved to "old" (it was only for SCO Xenix) so
+  people stop sending patches for scologin.c gcc warnings :)
+- don't use the MD5* functions in libmisc/salt.c (glibc has
+  the new md5 crypt(), but no <md5.h> and MD5* functions!)
+- support for MkLinux, Solaris, JIS, Qmail (Frank Denis)
+- "passwd -S -a" now really works
+- support for Debian, vipw, a few fixes (Guy Maor)
+- src/login.c radius bug fix (Rafal Maszkowski)
+- ISSUE_FILE_ENAB -> ISSUE_FILE in the sample /etc/login.defs
+- fixes for glibc and DES_RPC (Thorsten Kukuk)
+- limits.5 man page (Luca Berra)
+- expiry will work setgid shadow too, removed euid 0 check
+- added check for a64l() to configure (glibc)
+
+shadow-961025 => shadow-970216
+
+- major rewrite of *io.c (no more 4 copies of almost identical code)
+- use fsync() (if available) instead of sync() when updating password files
+- use fchmod() and fchown() if available
+- keep the NIS "plus on a line by itself" entries at end of passwd/group
+- configure checks location of passwd/chfn/chsh programs (/usr/bin or /bin)
+- passwd -S -a: list information about all users (root only)
+- passwd -k: change only expired passwords
+- passwd -q: quiet mode
+- first attempt at PAM support in passwd
+- passwd updates the non-shadow password if /etc/shadow exists but the
+  user has no shadow password
+- passwd logs who changed the password, added hook to allow non-root
+  administrators who can change passwords (not implemented yet)
+- su sets $HOME even without the "-" option (suggested by Joey Hess)
+- added -p (set encrypted password) option to useradd and usermod
+  (idea from hpux10 - undocumented option used internally by SAM)
+- useradd -D -e does the right thing (set default expiration date)
+- USERDEL_CMD in login.defs instead of hardcoded {ATRM,CRONTAB}_COMMAND
+  because there are just too many systems that need different commands
+- removed #ifdef FAILLOG_LOCKTIME (now always enabled), warning: the
+  faillog file format has been changed (somewhere between 960129 and
+  960810), please truncate the old file (if any) to zero length
+- ISSUE_FILE (may be different from /etc/issue) instead of ISSUE_FILE_ENAB
+- wtmp, lastlog, faillog file location guessed by configure
+- separate checks for invalid user and group names, max username length
+  based on struct utmp (it's not always 8 characters)
+- pwck and grpck now check for invalid user/group names
+- pwck -q (quiet, report only serious problems) option added
+- separate cleaner sgetpwent() without the NIS magic
+- NIS entries ignored (never changed) by *io.c, pwck, grpck
+- various code cleanups
+- new get_my_pwent() function for getting my own username, uid etc.
+- faillog opens the file read-write if possible (even if not root)
+- passwd -S allowed for normal users (for their own uid only)
+- handle the case of login denied to passwordless accounts better
+  ("Login incorrect" without "Password:" prompt looks strange)
+- corrected author information and removed a copyright restriction
+
+shadow-960925 => shadow-961025
+
+- fixed a few typos in shadow group code
+- don't check for names starting with 'r' to determine if the shell
+  is restricted, use /etc/shells instead (for the "rc" shell)
+- removed extra definition of LASTLOG_FILE in configure.in
+- expiry no longer segfaults if no /etc/shadow
+- userdel -r "can't remove mailbox" warning no longer printed on success
+- useradd exit codes changed to match hpux10 man page
+- fixed possible fd leak etc. in file locking code (lib/commonio.c)
+
+shadow-960920 => shadow-960925
+
+- bug fixes to the new environment code using malloc
+- use hardcoded names instead of basename(argv[0]) for openlog() in programs
+  that users can run (chage, chfn, chsh, gpasswd, login, newgrp, passwd, su)
+- small fix to isexpired(), and use it in passwd as well
+- use strftime() and strptime() if available
+- added chmod 600 /etc/passwd- at the end of pwconv5 (backup file may
+  contain encrypted passwords!)
+- pass size to change_field (chage, chfn, chsh) instead of assuming BUFSIZ
+  (nothing bad happened yet, just a cleanup)
+- gpasswd should work with both shadow and non-shadow group passwords
+- detect unsupported options if no shadow (gpasswd, useradd, usermod)
+- passwd -e for sunos4 (ATT_AGE), untested
+- read environment from file (ENVIRON_FILE in login.defs), idea from ssh
+- small fix to l64a()
+- passwd prints a message after password successfully changed (for things
+  like poppassd which run passwd and expect some output)
+- passwd logs if password was changed by root (as opposed to a luser)
+- passwd uses current uid if no username argument and getlogin() fails
+
+shadow-960910 => shadow-960920
+
+- use malloc for environment variables, no more MAXENV (Juergen Heinzl)
+- newusers should work with both shadow and non-shadow passwords
+  (still left to do: chpasswd, gpasswd)
+- login-static no longer compiled by default
+- more SYSLOG() macros
+
+shadow-960810 => shadow-960910
+
+- updated README.linux to point to the new ftp site
+- chfn and chsh optionally (CHFN_AUTH) prompt for password like util-linux
+- man pages now closer to LDP standards (Ivan Nejgebauer)
+- newgrp uses SYSLOG_SG_ENAB (not SU) as in the /etc/login.defs comments
+- obscure.c fixed to compile with HAVE_LIBCRACK
+- cosmetic message changes in age.c
+- utmp open error check fixed in utmp.c
+- grpunconv added (Michael Meskes)
+- login reports invalid login time, not "Login incorrect" (Ivan Nejgebauer)
+- logoutd sets OPOST before writing to the tty (Ivan Nejgebauer)
+- sulogin: don't use syslog(), other minor changes (Ivan Nejgebauer)
+- passwords can be changed if sp_max == -1 (now considered infinity)
+- usermod: don't use sizeof(struct lastlog) when writing to faillog (ugh)
+- started replacing lots of #ifdef USE_SYSLOG with cleaner macros
+- contrib/rpasswd.c added (Joshua Cowan)
+- PASS_MAX is 127 with MD5_CRYPT (not just for Linux - sunos4 too...)
+- workarounds for a RedHat NYS libc getspnam() bug (if /etc/shadow
+  doesn't exist, it succeeds and returns sp_lstchg==0 instead of -1).
+
+shadow-960129 => shadow-960810
+
+- automake, configure checks for libcrypt and libcrack (Janos Farkas)
+- added --enable-shadowgrp to configure (shadow groups disabled by default)
+- should compile on SunOS 4.1.x - but it does NOT mean that it works :-)
+- login sets HUSHLOGIN=TRUE or FALSE (for shell startup scripts etc.)
+- hopefully removed all the rcsid warnings
+- contrib/atudel perl script to remove at jobs (thanks to Brian Gaeke)
+- resource limits (Cristian Gafton)
+- workaround for buggy init/getty(?) leaving junk in ut_host on RedHat
+- more fixes in man pages
+- pwck and grpck no longer suggest to run mkpasswd if *DBM not compiled in
+- most programs (groupadd, groupdel, groupmod, grpck, login, passwd, pwck,
+  su, useradd, userdel, usermod) should now work with both shadow and
+  non-shadow passwords/groups (check for /etc/shadow and /etc/gshadow at
+  run time); a few programs still left to do
+- mailbox mv/chown/rm in usermod/userdel (suggested by Cristian Gafton)
+- new contrib/adduser.c from Chris Evans
+- lots of other minor changes
+- source tree reorganization, GNU autoconf, portability cleanups
+- basename() renamed to Basename() to avoid name space confusion
+- new programs to create /etc/shadow and /etc/gshadow: pwconv5, grpconv
+- newgrp cleanup and a few fixes
+- useradd uses PASS_MAX_DAYS, PASS_MIN_DAYS and PASS_WARN_AGE
+- don't make the first group member the group admin by default
+  (define FIRST_MEMBER_IS_ADMIN to get the old gpasswd behaviour)
+- password aging constants, NGROUPS_MAX and syslog stuff in only one
+  place (defines.h) instead of repeating it in all source files...
+- added userdel -r safety check (refuse to remove the home directory
+  if it would result in removing some other user's home directory)
+- usermod -u now correctly checks for non-unique uid (unless -o)
+- sync() after updating password files, just to be more safe
+- "make install" should install /etc/login.defs if it doesn't exist
+- new option to control what happens if we can't cd to the home directory
+  (DEFAULT_HOME in /etc/login.defs)
+- enter the home directory as the user, not as root (for NFS etc.)
+- added check for Slackware bugs (nobody UID -1) in pwck and grpck
+- new CONSOLE_GROUPS feature (thanks to pacman@tardis.mars.net), it is
+  possible to add specified groups (floppy etc.) for console logins
+- new faillog feature: lock account for specified (per-user) time since
+  the last failure after exceeding the failure limit
+- new man pages (gpasswd.1, login.access.5, suauth.5)
+- fixes in man pages, renamed *.4 to *.5
+- new "contrib" directory (two adduser programs)
+- changed some "system" to "feature" #ifdefs (autoconf someday...)
+- sulogin no longer requires to be run from init, should work from rc
+  scripts too
+- changes to prevent unshadowing with libc SHADOW_COMPAT (get info
+  using xx_locate(), modify it and call xx_update(), don't write back
+  anything returned by getpwnam() etc.)
+- stupid bug fixed in lastlog.c
+- don't move non-directories in "usermod -m"
+- don't log unknown usernames (passwords mistyped for usernames) (lmain.c)
+- macros to get around ancient compilers which don't like prototypes
+- make more use of "const" (not everywhere yet)
+- added #ifdef AUTH_METHODS - very few people use administrator defined
+  authentication methods because many programs are not aware of them;
+  not supporting them makes the code simpler
+- new "save" and "restore" Makefile targets, thanks to Rafal Maszkowski
+- sgetgrent() in libshadow.a is optional, some versions of libc have it,
+  see HAVE_SGETGRENT in config.h (grent.c)
+- don't use continued lines in /etc/group, the standard getgr*() functions
+  don't support that (grent.c)
+- removed the third main() argument (according to libc docs, not allowed by
+  POSIX.1 - use environ instead) (lmain.c, smain.c, newgrp.c, sulogin.c)
+- login access control (lmain.c, login_access.c)
+- added copyright notice to login_access.c (from logdaemon-5.0)
+- detailed su access control (smain.c, suauth.c) - thanks to Chris Evans
+- added closelog() in su before executing the shell (smain.c)
+- getting current user name changed (smain.c)
+- "x" instead of "*" in pw_passwd, consistent with pwconv (useradd.c)
+- getpass() shouldn't return NULL except on errors (getpass.c)
+- moved isexpired() to isexpired.c (now part of libshadow.a) from age.c
+- SunOS4-like passwd -e (force change on next login) (isexpired.c, passwd.c)
+- can use shadow support in new versions of Linux libc instead of libshadow.a,
+  see HAVE_SHADOWPWD, HAVE_SHADOWGRP in config.h.linux (shadow.c, gshadow.c)
+- "no shadow password" not logged, the same /bin/login should work with both
+  shadow and non-shadow passwords (lmain.c)
+- some cleanup in various places (lmain.c, passwd.c)
+- new program to verify username/password pairs, for xlock etc.; it is not
+  installed by default, read the comments first (pwdauth.c)
+- authentication programs run with empty environment for safety (pwauth.c)
+- added missing fstat error checks (faillog.c, lastlog.c, setup.c, *io.c)
+- common code separated from *io.c (commonio.c)
+- ownership and permissions on password files are now preserved (we may try
+  to make more use of setgid and setuid non-root programs in the future)
+- added (untested) MD5-based crypt() from FreeBSD (md5crypt.c), see
+  MD5_CRYPT in config.h.linux and MD5_CRYPT_ENAB in login.defs.linux
+- termios/termio/sgtty macros cleaned up a bit
+
+shadow-951218 => shadow-960129
+
+Emergency bug fix release - no new features since 951218.  There are many
+new changes, but this bug really can't wait until they are tested.
+
+Probably all previous versions of the shadow suite have a serious bug which
+makes it possible to overwrite the stack by entering very long username at
+the login prompt.  This can give root access to any remote user!
+
+Changed the maximum size in login.c from BUFSIZ (1024) to 32 (to match
+size of the array in lmain.c).  Aaargh!!!
+
+shadow-951203 => shadow-951218
+
+Changes:
+- Linux utmp handling fixes (utmp.c)
+- last failure date printing fixes (failure.c)
+- minor fix to compile with USE_CRACKLIB (obscure.c)
+- eliminated the use of snprintf (env.c, lmain.c, login.c, shell.c, smain.c)
+- basename.c added, replacing duplicated code in various places
+- "su -" runs the shell with '-' in argv[0] again (smain.c)
+- removing at/cron jobs cleaned up (userdel.c)
+- /etc/gshadow should not be world-readable (sgroupio.c)
+- if fflush() failed, files were not closed (*io.c)
+- login prompt is now "hostname login: " on Linux (lmain.c, login.c)
+- "save" and "restore" targets commented out (don't work) (Makefile.linux)
+- some minor cleanups for gcc -Wall (unused variables etc.)
+- removed README.FIRST (copyrights are OK now)
+- updated ANNOUNCE, README.linux, WISHLIST
+- as suggested, converted to RCS
+
+shadow-3.3.2-951127 => shadow-951203-jfh
+
+Changes:
+- Added the BSD-style copyright to all of the files.  Any files with the
+  old copyright have multiple copyright holders and need to be cleanroomed
+  to produce BSD-style copyrightable files, or I need to get the consent
+  of the others to change the copyright.
+- Changed the ANNOUNCE file to not refer to the README.FIRST file.  Now
+  that all of the files should have the correct copyright there is no need
+  to refer to that e-mail message.
+- Changes SCCS strings to "%W% %U% %G%".  Marek needs to either convert to
+  RCS or check into SCCS and then checkout.  I'd suggest using RCS ;-)
+
+  jfh@rpp386.cactus.org
+
+shadow-3.3.2-951106 => shadow-951127
+
+Note: for now this code only supports Linux.  All the #ifdef's are there
+(and will be; support for at least SunOS 4.1.x would be nice) but:
+- I had to fix some potential security problems resulting from sloppy
+  coding (no bounds checking), and it was easier for me to use snprintf()
+  (not available on many systems, unfortunately), I'll fix that later.
+  Old versions of Linux libc don't have snprintf() either, and the one
+  in libbsd.a ignores the max size - don't use it!  (libc-4.6.27 is OK)
+- I am lazy and only updated Makefile.linux and config.h.linux this time
+- I don't have root access to non-Linux systems (this means no testing)
+- this code needs some major reorganization, which will (hopefully)
+  make porting easier
+
+Changes:
+- some code cleanup, prototypes.h, defines.h, Makefile and config.h changes
+- login can be statically linked (not that I think it's a good idea, better
+  fix the telnetd, but paranoid people will like it :-)
+- login is installed non-setuid by default
+- check for NULL from getpass()
+- wipe cleartext password from getpass() when no longer needed (pwauth.c)
+- use standard "Password: " prompt by default (pwauth.c)
+- hopefully fixed bogus sigaction() stuff (Linux only) (getpass.c)
+- oops, setrlimit wants bytes, ulimit wants 512-byte units (lmain.c)
+- Linux has <lastlog.h>
+- print ll_host on Linux too (lmain.c)
+- size checking in various places (setuid root programs, argh!)
+- preserve TERM from getty (lmain.c)
+- don't ignore SIGHUP (lmain.c)
+- :%s/setenv/set_env/g (setenv(3) conflict) (env.c, lmain.c, login.c)
+- remove LD_xxx (env.c)
+- use bzero() instead of memset() for BSD portability and less #ifdef's
+  (if the system has no bzero(), implement it as a macro using memset())
+- the above fixes wrong order of memset() parameters (log.c)
+- use getutent/pututline instead of doing it by hand (utmp.c)
+- added the new settings to login.defs.linux
+- added login_access.c to the distribution (not used yet)
+
+==========
+
+shadow-3.3.2 => shadow-3.3.2-951106
+
+- added dummy pad.c and #ifdef'ed out references to pad_auth (pwauth.c)
+- malloc/strdup error checking, hopefully no more core dumps...
+- define HAVE_RLIMIT instead of HAVE_ULIMIT for Linux (config.h.linux)
+- changed pathnames on Linux to conform to new FSSTND (/var/log etc.)
+- larger buffer for cipher, for md5 crypt() if and when (encrypt.c, passwd.c)
+- use POSIX termios whenever possible on Linux
+- list.c, removed add_list/del_list from gpmain.c, user{add,del,mod}.c
+- strtoday.c, removed duplicates from chage.c, useradd.c, usermod.c
+- login -h only for root (lmain.c)
+- login -r not needed for Linux (lmain.c)
+- sample login.defs modified for Linux (login.defs.linux)
+- swapped chfn USAGE and ADMUSAGE (chfn.c)
+- added -u to passwd usage (passwd.c)
+- no #! check necessary for Linux (shell.c)
+- define OLD_CRON for some old incompatible Linux distributions (userdel.c)
+- PASS_MAX is now 127 (not 8) for Linux (getpass.c)
+- LOGIN_RETRIES, LOGIN_TIMEOUT, PASS_CHANGE_TRIES are no longer compiled in,
+  can now be set in login.defs, old values are used as defaults (lmain.c)
+- unique uid/gid selection now more robust (useradd.c, groupadd.c)
+- UID_MIN, UID_MAX, GID_MIN, GID_MAX in login.defs (useradd.c, groupadd.c)
+- CRACKLIB_DICTPATH no longer compiled in, can be set in login.defs (passwd.c)
+- PASS_ALWAYS_WARN: warn about weak passwords even for root (passwd.c)
+- PASS_MAX_LEN, check truncated passwords again (obscure.c)
+- check for weak passwords too if previous password was empty (obscure.c)
+- CHFN_RESTRICT: don't let users change their full names (chfn.c)
+- Linux has getusershell(), use it (chsh.c)
+- check if the new shell is executable by the user (chsh.c)
+- sleep before printing "Login incorrect", not the other way around (lmain.c)
+- don't be picky about utmp only if any of -rfh flags given (lmain.c)
+- do "wheel group" more like BSD does (smain.c)
+- use getlogin() in su (smain.c)
+- UMASK from login.defs defaults to 077, not 0 (lmain.c, newusers.c)
+- #undef HAS_ATRM for Linux until atrm can do what we need (config.h.linux)
+- Linux has most commands in /usr/bin, not /bin (age.c, passwd.c, userdel.c)
+- ULIMIT from login.defs works on systems using setrlimit() too (lmain.c)
+- LOGIN_STRING should work now (pwauth.c, getdef.c)
+- kludge to avoid conflict with Linux <shadow.h> (gshadow.h)
+- mv Makefile Makefile.xenix ; mv config.h config.h.xenix - so that they are
+  not lost when you copy the right ones to Makefile and config.h
+
+==========
+
+shadow-3.3.2
+
+Original version, received directly from the author.
diff --git a/README b/README
new file mode 100644
index 0000000..09f2393
--- /dev/null
+++ b/README
@@ -0,0 +1,122 @@
+Shadow SITES
+============
+
+Homepage
+	http://pkg-shadow.alioth.debian.org/
+
+FTP site
+	ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow
+
+SVN repository
+	anonymous read only access: svn://svn.debian.org/pkg-shadow/upstream
+
+SVN web interface
+	http://svn.debian.org/wsvn/pkg-shadow/upstream
+	or
+	http://svn.debian.org/viewsvn/pkg-shadow/upstream
+
+Mailing lists
+	for general discuss: pkg-shadow-devel@lists.alioth.debian.org
+	commit list: pkg-shadow-commits@lists.alioth.debian.org
+
+Mailing lists subscription
+	http://lists.alioth.debian.org/mailman/listinfo/pkg-shadow-devel
+	http://lists.alioth.debian.org/mailman/listinfo/pkg-shadow-commits
+
+Mailing lists archives:
+	http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/
+	http://lists.alioth.debian.org/pipermail/pkg-shadow-commits/
+
+S/Key support:
+	Shadow can be built with S/Key support using the S/Key package from:
+
+	http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libskey/
+	or
+	http://gentoo.osuosl.org/distfiles/skey-1.1.5.tar.bz2
+
+Authors and contributors
+========================
+
+Thanks to at least the following people for sending patches, bug
+reports and various comments.  This list may be incomplete, I received
+a lot of mail...
+
+
+Adam Rudnicki <adam@v-lo.krakow.pl>
+Alan Curry <pacman@tardis.mars.net>
+Alexander O. Yuriev <alex@bach.cis.temple.edu>
+Algis Rudys <arudys@rice.edu>
+Andreas Jaeger <aj@arthur.rhein-neckar.de>
+Aniello Del Sorbo <anidel@edu-gw.dia.unisa.it>
+Anton Gluck <gluc@midway.uchicago.edu>
+Arkadiusz Miskiewicz <misiek@pld.org.pl>
+Ben Collins <bcollins@debian.org>
+Brian R. Gaeke <brg@dgate.org>
+Calle Karlsson <ckn@kash.se>
+Chip Rosenthal <chip@unicom.com>
+Chris Evans <lady0110@sable.ox.ac.uk>
+Cristian Gafton <gafton@sorosis.ro>
+Dan Walsh <dwalsh@redhat.com>
+Darcy Boese <possum@chardonnay.niagara.com>
+Dave Hagewood <admin@arrowweb.com>
+David A. Holland <dholland@hcs.harvard.edu>
+David Frey <David.Frey@lugs.ch>
+Ed Carp <ecarp@netcom.com>
+Floody <flood@evcom.net>
+Frank Denis <j@4u.net>
+George Kraft IV <gk4@us.ibm.com>
+Greg Mortensen <loki@world.std.com>
+Guido van Rooij
+Guy Maor <maor@debian.org>
+Hrvoje Dogan <hdogan@bjesomar.srce.hr>
+Jakub Hrozek <jhrozek@redhat.com>
+Janos Farkas <chexum@bankinf.banki.hu>
+Jay Soffian <jay@lw.net>
+Jesse Thilo <Jesse.Thilo@pobox.com>
+Joey Hess <joey@kite.ml.org>
+John Adelsberger <jja@umr.edu>
+Jonathan Hankins <jhankins@mailserv.homewood.k12.al.us>
+Jon Lewis <jlewis@lewis.org>
+Joshua Cowan <jcowan@hermit.reslife.okstate.edu>
+Judd Bourgeois <shagboy@bluesky.net>
+Juergen Heinzl <unicorn@noris.net>
+Juha Virtanen <jiivee@iki.fi>
+Julian Pidancet <julian.pidancet@gmail.com>
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
+Leonard N. Zubkoff <lnz@dandelion.com>
+Luca Berra <bluca@www.polimi.it>
+Lukáš Kuklínek <lkukline@redhat.com>
+Lutz Schwalowsky <schwalow@mineralogie.uni-hamburg.de>
+Marc Ewing <marc@redhat.com>
+Martin Bene <mb@sime.com>
+Martin Mares <mj@gts.cz>
+Michael Meskes <meskes@topsystem.de>
+Michael Talbot-Wilson <mike@calypso.bns.com.au>
+Mike Frysinger <vapier@gentoo.org>
+Mike Pakovic <mpakovic@users.southeast.net>
+Nicolas François <nicolas.francois@centraliens.net>
+Nikos Mavroyanopoulos <nmav@i-net.paiko.gr>
+Pavel Machek <pavel@bug.ucw.cz>
+Peter Vrabec <pvrabec@redhat.com>
+Phillip Street
+Rafał Maszkowski <rzm@icm.edu.pl>
+Rani Chouha <ranibey@smartec.com>
+Sami Kerola <kerolasa@rocketmail.com>
+Scott Garman <scott.a.garman@intel.com>
+Sebastian Rick Rijkers <srrijkers@gmail.com>
+Seraphim Mellos <mellos@ceid.upatras.gr>
+Shane Watts <shane@nexus.mlckew.edu.au>
+Steve M. Robbins <steve@nyongwa.montreal.qc.ca>
+Thorsten Kukuk <kukuk@suse.de>
+Tim Hockin <thockin@eagle.ais.net>
+Timo Karjalainen <timok@iki.fi>
+Ulisses Alonso Camaro <ulisses@pusa.eleinf.uv.es>
+Werner Fink <werner@suse.de>
+
+Maintainers
+===========
+
+Tomasz KÅ‚oczko <kloczek@pld.org.pl> (2000-2007)
+Nicolas François <nicolas.francois@centraliens.net> (2007-2014)
+Serge E. Hallyn <serge@hallyn.com> (2014-now)
+
diff --git a/TODO b/TODO
new file mode 100644
index 0000000..5cfa252
--- /dev/null
+++ b/TODO
@@ -0,0 +1,127 @@
+ * Create a common usage function that'd take the array of     
+   long options and an array of descriptions and output that so things would
+   be standardized across the utils.
+   Usage strings should be normalized and split first.
+   Investigate optparse.
+
+
+/etc/default/useradd
+ * GROUP=1000 should accept a group name.
+
+Check when RLOGIN is enabled if ruserok() exists
+
+Move selinux_file_context out of libmisc/copydir.c
+
+Review hardcoded root account?
+
+review all call to strto
+
+libmisc/cleanup_user.c
+	cleanup needed (cleanup_report_add_user* not used)
+
+
+libxcrypt support
+ * http://wiki.linuxfromscratch.org/patches/browser/trunk/shadow/shadow-4.0.18.1-owl_blowfish-1.patch
+
+implement getlong, getulong.
+	avoid atoi, atol, atoul, strtol, strtoul, ...
+
+manpages: comment the RLOGIN parts
+
+Replace build_list (in lib/gshadow.c) and list (in lib/sgetgrent.c) by
+comma_to_list()
+
+Revert the modified files if all files could not be changed.
+  * or warn and indicate which files were modified and which were not.
+  * check the order the files are modified.
+
+report nscd_flush_cache failures?
+call nscd from the programs or from lib (commonio?)
+
+PAM: check if a non-interactive conversation function could be used to set
+the password in chpasswd and newusers
+
+WITH_SELINUX
+  - review all tools to check that the strategies are consistent
+
+chage, chfn, chsh: same change needed as in passwd.
+  - probably need moving check_selinux_access to a separate file.
+
+testsuite
+ - newgrp
+   - test with unknown user's GID
+
+newusers
+ - add logging to SYSLOG & AUDIT
+ - use CREATE_HOME
+ - Add a -Z option (see useradd / usermod)
+
+Document when/where option appeared, document whether an option is standard
+or not.
+
+Check all the expiry semantics
+
+ALL:
+- move base passwd/shadow/group/gshadow operation to module for allow write
+  different backend modules for db, NIS, LDAP and others. Default backend it
+  will be goot if will be chosen depending on /etc/nsswitch.conf and allow
+  override this by -r <repository> options (where the <repository> can be
+  file, db, nis nisplus, ldap .. like on /etc/nsswitch.conf in service column).
+  passwd have old piece of code with handling -r option and it will be good
+  finish this and propagate on other shadow tools for allow operate on other
+  user databases by well known tools.
+- Protect against signals. Register do_cleanups in a signal handler.
+
+- login.defs
+  - generate depending on configuration
+
+- useradd:
+  - add handle create user mail spool in maildir format.
+  - Add support for -k in -D mode
+  - Add support for -K in -D mode
+  - Add option to create or not the mail spool (and set the default in -D
+    mode)
+  - Change -l to reset the entry if an entry was already there
+  - set the mask in mkdir?
+
+- userdel:
+  - add backup option for the removal of user resources,
+  - user_busy: check that the user is not running any processes.
+  - missing "deleting group" FAILED
+  - home dir removed, but userdel may fail and may leave the user
+    => warning needed
+
+- usermod
+  - add an option equivalent to useradd's -l (only when uid is changed)
+  - the mode of new home directories should be set according to the
+    original mode. Does copy_tree does this?
+  - user renamed, order is not kept in /etc/group (see
+    47_usermod-l_no_shadow_file). This is a problem when the first user is
+    considered as the admin.
+  - see mail "user ID change" on  April, 15
+    + fix call to chown (combination of -m and -u/-g)
+    + add tests
+
+- passwd:
+  - check combination of options (e.g. -u/-l)
+  - when -u refuse to unlock because it would create an empty password, it
+    should not display "Password changed."
+    exit instead?
+
+- newgrp: check the USE_PAM section.
+
+- pwck
+  - Add check to move passwd passwords to shadow if there is a shadow
+    entry (with a password).
+  - Add check to move passwd passwords to shadow if there is a shadow
+    file.
+  - Support an alternative /etc/tcb directory as second parameter.
+  - add options -g / -G to specify alternative group / gshadow files
+
+- su
+  - add a login.defs configuration parameter to add variables to keep in
+    the environment with "su -l" (TERM/TERMCOLOR/...)
+
+- vipw
+  - set ACLs and XATTRs on the temporary file (and backups?)
+  - vipw + selinux -> use lib/selinux.c
diff --git a/acinclude.m4 b/acinclude.m4
new file mode 100644
index 0000000..dd01f16
--- /dev/null
+++ b/acinclude.m4
@@ -0,0 +1,54 @@
+# Checks the location of the XML Catalog
+# Usage:
+#   JH_PATH_XML_CATALOG([ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND])
+# Defines XMLCATALOG and XML_CATALOG_FILE substitutions
+AC_DEFUN([JH_PATH_XML_CATALOG],
+[
+  # check for the presence of the XML catalog
+  AC_ARG_WITH([xml-catalog],
+              AC_HELP_STRING([--with-xml-catalog=CATALOG],
+                             [path to xml catalog to use]),,
+              [with_xml_catalog=/etc/xml/catalog])
+  jh_found_xmlcatalog=true
+  XML_CATALOG_FILE="$with_xml_catalog"
+  AC_SUBST([XML_CATALOG_FILE])
+  AC_MSG_CHECKING([for XML catalog ($XML_CATALOG_FILE)])
+  if test -f "$XML_CATALOG_FILE"; then
+    AC_MSG_RESULT([found])
+  else
+    jh_found_xmlcatalog=false
+    AC_MSG_RESULT([not found])
+  fi
+
+  # check for the xmlcatalog program
+  AC_PATH_PROG(XMLCATALOG, xmlcatalog, no)
+  if test "x$XMLCATALOG" = xno; then
+    jh_found_xmlcatalog=false
+  fi
+
+  if $jh_found_xmlcatalog; then
+    ifelse([$1],,[:],[$1])
+  else
+    ifelse([$2],,[AC_MSG_ERROR([could not find XML catalog])],[$2])
+  fi
+])
+
+# Checks if a particular URI appears in the XML catalog
+# Usage:
+#   JH_CHECK_XML_CATALOG(URI, [FRIENDLY-NAME], [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND])
+AC_DEFUN([JH_CHECK_XML_CATALOG],
+[
+  AC_REQUIRE([JH_PATH_XML_CATALOG],[JH_PATH_XML_CATALOG(,[:])])dnl
+  AC_MSG_CHECKING([for ifelse([$2],,[$1],[$2]) in XML catalog])
+  if $jh_found_xmlcatalog && \
+     AC_RUN_LOG([$XMLCATALOG --noout "$XML_CATALOG_FILE" "$1" >&2]); then
+    AC_MSG_RESULT([found])
+    ifelse([$3],,,[$3
+])dnl
+  else
+    AC_MSG_RESULT([not found])
+    ifelse([$4],,
+       [AC_MSG_ERROR([could not find ifelse([$2],,[$1],[$2]) in XML catalog])],
+       [$4])
+  fi
+])
diff --git a/autogen.sh b/autogen.sh
new file mode 100755
index 0000000..336463c
--- /dev/null
+++ b/autogen.sh
@@ -0,0 +1,12 @@
+#! /bin/sh
+
+autoreconf -v -f --install || exit 1
+
+./configure \
+	CFLAGS="-O2 -Wall" \
+	--enable-man \
+	--enable-maintainer-mode \
+	--disable-shared \
+	--without-libpam \
+	--with-selinux \
+	"$@"
diff --git a/configure.ac b/configure.ac
new file mode 100644
index 0000000..2dcf966
--- /dev/null
+++ b/configure.ac
@@ -0,0 +1,682 @@
+dnl Process this file with autoconf to produce a configure script.
+AC_PREREQ([2.64])
+AC_INIT([shadow], [4.5], [pkg-shadow-devel@lists.alioth.debian.org], [],
+	[https://github.com/shadow-maint/shadow])
+AM_INIT_AUTOMAKE([1.11 foreign dist-xz])
+AM_SILENT_RULES([yes])
+AC_CONFIG_HEADERS([config.h])
+
+dnl Some hacks...
+test "$prefix" = "NONE" && prefix="/usr"
+test "$prefix" = "/usr" && exec_prefix=""
+
+AC_GNU_SOURCE
+
+AM_DISABLE_SHARED
+AM_ENABLE_STATIC
+
+AM_MAINTAINER_MODE
+
+dnl Checks for programs.
+AC_PROG_CC
+AC_ISC_POSIX
+AC_PROG_LN_S
+AC_PROG_YACC
+AM_PROG_LIBTOOL
+
+dnl Checks for libraries.
+
+dnl Checks for header files.
+AC_HEADER_DIRENT
+AC_HEADER_STDC
+AC_HEADER_SYS_WAIT
+AC_HEADER_STDBOOL
+
+AC_CHECK_HEADERS(errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \
+	utmpx.h termios.h termio.h sgtty.h sys/ioctl.h syslog.h paths.h \
+	utime.h ulimit.h sys/resource.h gshadow.h lastlog.h \
+	locale.h rpc/key_prot.h netdb.h acl/libacl.h attr/libattr.h \
+	attr/error_context.h)
+
+dnl shadow now uses the libc's shadow implementation
+AC_CHECK_HEADER([shadow.h],,[AC_MSG_ERROR([You need a libc with shadow.h])])
+
+AC_CHECK_FUNCS(l64a fchmod fchown fsync futimes getgroups gethostname getspnam \
+	gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \
+	lutimes memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \
+	getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r getaddrinfo \
+	ruserok)
+AC_SYS_LARGEFILE
+
+dnl Checks for typedefs, structures, and compiler characteristics.
+AC_C_CONST
+AC_TYPE_UID_T
+AC_TYPE_OFF_T
+AC_TYPE_PID_T
+AC_TYPE_MODE_T
+AC_HEADER_STAT
+AC_CHECK_MEMBERS([struct stat.st_rdev])
+AC_CHECK_MEMBERS([struct stat.st_atim])
+AC_CHECK_MEMBERS([struct stat.st_atimensec])
+AC_CHECK_MEMBERS([struct stat.st_mtim])
+AC_CHECK_MEMBERS([struct stat.st_mtimensec])
+AC_HEADER_TIME
+AC_STRUCT_TM
+
+AC_CHECK_MEMBERS([struct utmp.ut_type,
+                  struct utmp.ut_id,
+                  struct utmp.ut_name,
+                  struct utmp.ut_user,
+                  struct utmp.ut_host,
+                  struct utmp.ut_syslen,
+                  struct utmp.ut_addr,
+                  struct utmp.ut_addr_v6,
+                  struct utmp.ut_time,
+                  struct utmp.ut_xtime,
+                  struct utmp.ut_tv],,,[[#include <utmp.h>]])
+dnl There are dependencies:
+dnl If UTMPX has to be used, the utmp structure shall have a ut_id field.
+if test "$ac_cv_header_utmpx_h" = "yes" &&
+   test "$ac_cv_member_struct_utmp_ut_id" != "yes"; then
+	AC_MSG_ERROR(Systems with UTMPX and no ut_id field in the utmp structure are not supported)
+fi
+
+AC_CHECK_MEMBERS([struct utmpx.ut_name,
+                  struct utmpx.ut_host,
+                  struct utmpx.ut_syslen,
+                  struct utmpx.ut_addr,
+                  struct utmpx.ut_addr_v6,
+                  struct utmpx.ut_time,
+                  struct utmpx.ut_xtime],,,[[#include <utmpx.h>]])
+
+if test "$ac_cv_header_lastlog_h" = "yes"; then
+	AC_CACHE_CHECK(for ll_host in struct lastlog,
+		ac_cv_struct_lastlog_ll_host,
+		AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <lastlog.h>],
+					[struct lastlog ll; char *cp = ll.ll_host;]
+				)],
+			[ac_cv_struct_lastlog_ll_host=yes],
+			[ac_cv_struct_lastlog_ll_host=no]
+		)
+	)
+
+	if test "$ac_cv_struct_lastlog_ll_host" = "yes"; then
+		AC_DEFINE(HAVE_LL_HOST, 1,
+			[Define if struct lastlog has ll_host])
+	fi
+fi
+
+dnl Checks for library functions.
+AC_TYPE_GETGROUPS
+AC_TYPE_SIGNAL
+AC_FUNC_UTIME_NULL
+AC_FUNC_STRFTIME
+AC_REPLACE_FUNCS(mkdir putgrent putpwent putspent rename rmdir)
+AC_REPLACE_FUNCS(sgetgrent sgetpwent sgetspent)
+AC_REPLACE_FUNCS(snprintf strcasecmp strdup strerror strstr)
+
+AC_CHECK_FUNC(setpgrp)
+
+if test "$ac_cv_header_shadow_h" = "yes"; then
+	AC_CACHE_CHECK(for working shadow group support,
+		ac_cv_libc_shadowgrp,
+		AC_RUN_IFELSE([AC_LANG_SOURCE([
+				#include <shadow.h>
+				main()
+				{
+					struct sgrp *sg = sgetsgent("test:x::");
+					/* NYS libc on Red Hat 3.0.3 has broken shadow group support */
+					return !sg || !sg->sg_adm || !sg->sg_mem;
+				}]
+			)],
+			[ac_cv_libc_shadowgrp=yes],
+			[ac_cv_libc_shadowgrp=no],
+			[ac_cv_libc_shadowgrp=no]
+		)
+	)
+
+	if test "$ac_cv_libc_shadowgrp" = "yes"; then
+		AC_DEFINE(HAVE_SHADOWGRP, 1, [Have working shadow group support in libc])
+	fi
+fi
+
+AC_CACHE_CHECK([location of shared mail directory], shadow_cv_maildir,
+[for shadow_cv_maildir in /var/mail /var/spool/mail /usr/spool/mail /usr/mail none; do
+	if test -d $shadow_cv_maildir; then
+		break
+	fi
+done])
+if test $shadow_cv_maildir != none; then
+	AC_DEFINE_UNQUOTED(MAIL_SPOOL_DIR, "$shadow_cv_maildir",
+		[Location of system mail spool directory.])
+fi
+
+AC_CACHE_CHECK([location of user mail file], shadow_cv_mailfile,
+[for shadow_cv_mailfile in Mailbox mailbox Mail mail .mail none; do
+	if test -f $HOME/$shadow_cv_mailfile; then
+		break
+	fi
+done])
+if test $shadow_cv_mailfile != none; then
+	AC_DEFINE_UNQUOTED(MAIL_SPOOL_FILE, "$shadow_cv_mailfile",
+		[Name of user's mail spool file if stored in user's home directory.])
+fi
+
+AC_CACHE_CHECK([location of utmp], shadow_cv_utmpdir,
+[for shadow_cv_utmpdir in /var/run /var/adm /usr/adm /etc none; do
+	if test -f $shadow_cv_utmpdir/utmp; then
+		break
+	fi
+done])
+if test "$shadow_cv_utmpdir" = "none"; then
+	AC_MSG_WARN(utmp file not found)
+fi
+AC_DEFINE_UNQUOTED(_UTMP_FILE, "$shadow_cv_utmpdir/utmp",
+	[Path for utmp file.])
+
+AC_CACHE_CHECK([location of faillog/lastlog/wtmp], shadow_cv_logdir,
+[for shadow_cv_logdir in /var/log /var/adm /usr/adm /etc; do
+	if test -d $shadow_cv_logdir; then
+		break
+	fi
+done])
+AC_DEFINE_UNQUOTED(_WTMP_FILE, "$shadow_cv_logdir/wtmp",
+	[Path for wtmp file.])
+AC_DEFINE_UNQUOTED(LASTLOG_FILE, "$shadow_cv_logdir/lastlog",
+	[Path for lastlog file.])
+AC_DEFINE_UNQUOTED(FAILLOG_FILE, "$shadow_cv_logdir/faillog",
+	[Path for faillog file.])
+
+AC_CACHE_CHECK([location of the passwd program], shadow_cv_passwd_dir,
+[if test -f /usr/bin/passwd; then
+	shadow_cv_passwd_dir=/usr/bin
+else
+	shadow_cv_passwd_dir=/bin
+fi])
+AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd",
+	[Path to passwd program.])
+
+dnl XXX - quick hack, should disappear before anyone notices :).
+AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().])
+if test "$ac_cv_func_ruserok" = "yes"; then
+	AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.])
+	AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).])
+fi
+
+AC_ARG_ENABLE(shadowgrp,
+	[AC_HELP_STRING([--enable-shadowgrp], [enable shadow group support @<:@default=yes@:>@])],
+	[case "${enableval}" in
+	 yes) enable_shadowgrp="yes" ;;
+	  no) enable_shadowgrp="no" ;;
+	   *) AC_MSG_ERROR(bad value ${enableval} for --enable-shadowgrp) ;;
+	 esac],
+	[enable_shadowgrp="yes"]
+)
+
+AC_ARG_ENABLE(man,
+	[AC_HELP_STRING([--enable-man],
+		[regenerate roff man pages from Docbook @<:@default=no@:>@])],
+	[enable_man="${enableval}"],
+	[enable_man="no"]
+)
+
+AC_ARG_ENABLE(account-tools-setuid,
+	[AC_HELP_STRING([--enable-account-tools-setuid],
+		[Install the user and group management tools setuid and authenticate the callers. This requires --with-pam.])],
+	[case "${enableval}" in
+	 yes) enable_acct_tools_setuid="yes" ;;
+	  no) enable_acct_tools_setuid="no" ;;
+	   *) AC_MSG_ERROR(bad value ${enableval} for --enable-account-tools-setuid)
+	   ;;
+	 esac],
+	[enable_acct_tools_setuid="maybe"]
+)
+
+AC_ARG_ENABLE(utmpx,
+	[AC_HELP_STRING([--enable-utmpx],
+	                [enable loggin in utmpx / wtmpx @<:@default=no@:>@])],
+	[case "${enableval}" in
+	 yes) enable_utmpx="yes" ;;
+	  no) enable_utmpx="no" ;;
+	   *) AC_MSG_ERROR(bad value ${enableval} for --enable-utmpx) ;;
+	 esac],
+	[enable_utmpx="no"]
+)
+
+AC_ARG_ENABLE(subordinate-ids,
+	[AC_HELP_STRING([--enable-subordinate-ids],
+		[support subordinate ids @<:@default=yes@:>@])],
+	[enable_subids="${enableval}"],
+	[enable_subids="maybe"]
+)
+
+AC_ARG_WITH(audit, 
+	[AC_HELP_STRING([--with-audit], [use auditing support @<:@default=yes if found@:>@])],
+	[with_audit=$withval], [with_audit=maybe])
+AC_ARG_WITH(libpam,
+	[AC_HELP_STRING([--with-libpam], [use libpam for PAM support @<:@default=yes if found@:>@])],
+	[with_libpam=$withval], [with_libpam=maybe])
+AC_ARG_WITH(selinux,
+	[AC_HELP_STRING([--with-selinux], [use SELinux support @<:@default=yes if found@:>@])],
+	[with_selinux=$withval], [with_selinux=maybe])
+AC_ARG_WITH(acl,
+	[AC_HELP_STRING([--with-acl], [use ACL support @<:@default=yes if found@:>@])],
+	[with_acl=$withval], [with_acl=maybe])
+AC_ARG_WITH(attr,
+	[AC_HELP_STRING([--with-attr], [use Extended Attribute support @<:@default=yes if found@:>@])],
+	[with_attr=$withval], [with_attr=maybe])
+AC_ARG_WITH(skey,
+	[AC_HELP_STRING([--with-skey], [use S/Key support @<:@default=no@:>@])],
+	[with_skey=$withval], [with_skey=no])
+AC_ARG_WITH(tcb,
+	[AC_HELP_STRING([--with-tcb], [use tcb support (incomplete) @<:@default=yes if found@:>@])],
+	[with_tcb=$withval], [with_tcb=maybe])
+AC_ARG_WITH(libcrack,
+	[AC_HELP_STRING([--with-libcrack], [use libcrack @<:@default=no@:>@])],
+	[with_libcrack=$withval], [with_libcrack=no])
+AC_ARG_WITH(sha-crypt,
+	[AC_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])],
+	[with_sha_crypt=$withval], [with_sha_crypt=yes])
+AC_ARG_WITH(nscd,
+	[AC_HELP_STRING([--with-nscd], [enable support for nscd @<:@default=yes@:>@])],
+	[with_nscd=$withval], [with_nscd=yes])
+AC_ARG_WITH(group-name-max-length,
+	[AC_HELP_STRING([--with-group-name-max-length], [set max group name length @<:@default=16@:>@])],
+	[with_group_name_max_length=$withval], [with_group_name_max_length=yes])
+
+if test "$with_group_name_max_length" = "no" ; then
+	with_group_name_max_length=0
+elif test "$with_group_name_max_length" = "yes" ; then
+	with_group_name_max_length=16
+fi
+AC_DEFINE_UNQUOTED(GROUP_NAME_MAX_LENGTH, $with_group_name_max_length, [max group name length])
+AC_SUBST(GROUP_NAME_MAX_LENGTH)
+GROUP_NAME_MAX_LENGTH="$with_group_name_max_length"
+
+AM_CONDITIONAL(USE_SHA_CRYPT, test "x$with_sha_crypt" = "xyes")
+if test "$with_sha_crypt" = "yes"; then
+	AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms])
+fi
+
+if test "$with_nscd" = "yes"; then
+	AC_CHECK_FUNC(posix_spawn,
+	              [AC_DEFINE(USE_NSCD, 1, [Define to support flushing of nscd caches])],
+	              [AC_MSG_ERROR([posix_spawn is needed for nscd support])])
+fi
+
+dnl Check for some functions in libc first, only if not found check for
+dnl other libraries.  This should prevent linking libnsl if not really
+dnl needed (Linux glibc, Irix), but still link it if needed (Solaris).
+
+AC_SEARCH_LIBS(inet_ntoa, inet)
+AC_SEARCH_LIBS(socket, socket)
+AC_SEARCH_LIBS(gethostbyname, nsl)
+
+if test "$enable_shadowgrp" = "yes"; then
+	AC_DEFINE(SHADOWGRP, 1, [Define to support the shadow group file.])
+fi
+AM_CONDITIONAL(SHADOWGRP, test "x$enable_shadowgrp" = "xyes")
+
+if test "$enable_man" = "yes"; then
+	dnl
+	dnl Check for xsltproc
+	dnl
+	AC_PATH_PROG([XSLTPROC], [xsltproc])
+	if test -z "$XSLTPROC"; then
+		enable_man=no
+	fi
+
+	dnl check for DocBook DTD and stylesheets in the local catalog.
+	JH_CHECK_XML_CATALOG([-//OASIS//DTD DocBook XML V4.1.2//EN],
+		[DocBook XML DTD V4.1.2], [], enable_man=no)
+	JH_CHECK_XML_CATALOG([http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl],
+		[DocBook XSL Stylesheets >= 1.70.1], [], enable_man=no)
+fi
+AM_CONDITIONAL(ENABLE_REGENERATE_MAN, test "x$enable_man" != "xno")
+
+if test "$enable_subids" != "no"; then
+	dnl
+	dnl FIXME: check if 32 bit UIDs/GIDs are supported by libc
+	dnl
+	AC_CHECK_SIZEOF([uid_t],, [#include "sys/types.h"])
+	AC_CHECK_SIZEOF([gid_t],, [#include "sys/types.h"])
+
+	if test "$ac_cv_sizeof_uid_t" -ge 4 && test "$ac_cv_sizeof_gid_t" -ge 4; then
+		AC_DEFINE(ENABLE_SUBIDS, 1, [Define to support the subordinate IDs.])
+		enable_subids="yes"
+	else
+		if test "x$enable_subids" = "xyes"; then
+			AC_MSG_ERROR([Cannot enable support the subordinate IDs on systems where gid_t or uid_t has less than 32 bits])
+		fi
+		enable_subids="no"
+	fi
+fi
+AM_CONDITIONAL(ENABLE_SUBIDS, test "x$enable_subids" != "xno")
+
+AC_SUBST(LIBCRYPT)
+AC_CHECK_LIB(crypt, crypt, [LIBCRYPT=-lcrypt],
+	[AC_MSG_ERROR([crypt() not found])])
+
+AC_SUBST(LIBACL)
+if test "$with_acl" != "no"; then
+	AC_CHECK_HEADERS(acl/libacl.h attr/error_context.h, [acl_header="yes"], [acl_header="no"])
+	if test "$acl_header$with_acl" = "noyes" ; then
+		AC_MSG_ERROR([acl/libacl.h or attr/error_context.h is missing])
+	elif test "$acl_header" = "yes" ; then
+		AC_CHECK_LIB(acl, perm_copy_file,
+		             [AC_CHECK_LIB(acl, perm_copy_fd,
+		                           [acl_lib="yes"],
+		                           [acl_lib="no"])],
+		             [acl_lib="no"])
+		if test "$acl_lib$with_acl" = "noyes" ; then
+			AC_MSG_ERROR([libacl not found])
+		elif test "$acl_lib" = "no" ; then
+			with_acl="no"
+		else
+			AC_DEFINE(WITH_ACL, 1,
+			          [Build shadow with ACL support])
+			LIBACL="-lacl"
+			with_acl="yes"
+		fi
+	else
+		with_acl="no"
+	fi
+fi
+
+AC_SUBST(LIBATTR)
+if test "$with_attr" != "no"; then
+	AC_CHECK_HEADERS(attr/libattr.h attr/error_context.h, [attr_header="yes"], [attr_header="no"])
+	if test "$attr_header$with_attr" = "noyes" ; then
+		AC_MSG_ERROR([attr/libattr.h or attr/error_context.h is missing])
+	elif test "$attr_header" = "yes" ; then
+		AC_CHECK_LIB(attr, attr_copy_file,
+		             [AC_CHECK_LIB(attr, attr_copy_fd,
+		                           [attr_lib="yes"],
+		                           [attr_lib="no"])],
+		             [attr_lib="no"])
+		if test "$attr_lib$with_attr" = "noyes" ; then
+			AC_MSG_ERROR([libattr not found])
+		elif test "$attr_lib" = "no" ; then
+			with_attr="no"
+		else
+			AC_DEFINE(WITH_ATTR, 1,
+			          [Build shadow with Extended Attributes support])
+			LIBATTR="-lattr"
+			with_attr="yes"
+		fi
+	else
+		with_attr="no"
+	fi
+fi
+
+AC_SUBST(LIBAUDIT)
+if test "$with_audit" != "no"; then
+	AC_CHECK_HEADER(libaudit.h, [audit_header="yes"], [audit_header="no"])
+	if test "$audit_header$with_audit" = "noyes" ; then
+		AC_MSG_ERROR([libaudit.h is missing])
+	elif test "$audit_header" = "yes"; then
+		AC_CHECK_DECL(AUDIT_ADD_USER,,[audit_header="no"],[#include <libaudit.h>])
+		AC_CHECK_DECL(AUDIT_DEL_USER,,[audit_header="no"],[#include <libaudit.h>])
+		AC_CHECK_DECL(AUDIT_ADD_GROUP,,[audit_header="no"],[#include <libaudit.h>])
+		AC_CHECK_DECL(AUDIT_DEL_GROUP,,[audit_header="no"],[#include <libaudit.h>])
+		if test "$audit_header$with_audit" = "noyes" ; then
+			AC_MSG_ERROR([AUDIT_ADD_USER AUDIT_DEL_USER AUDIT_ADD_GROUP or AUDIT_DEL_GROUP missing from libaudit.h])
+		fi
+	fi
+	if test "$audit_header" = "yes"; then
+		AC_CHECK_LIB(audit, audit_log_acct_message,
+		             [audit_lib="yes"], [audit_lib="no"])
+		if test "$audit_lib$with_audit" = "noyes" ; then
+			AC_MSG_ERROR([libaudit not found])
+		elif test "$audit_lib" = "no" ; then
+			with_audit="no"
+		else
+			AC_DEFINE(WITH_AUDIT, 1,
+			          [Define if you want to enable Audit messages])
+			LIBAUDIT="-laudit"
+			with_audit="yes"
+		fi
+	else
+		with_audit="no"
+	fi
+fi
+
+AC_SUBST(LIBCRACK)
+if test "$with_libcrack" = "yes"; then
+	echo "checking cracklib flavour, don't be surprised by the results"
+	AC_CHECK_LIB(crack, FascistCheck,
+		[LIBCRACK=-lcrack AC_DEFINE(HAVE_LIBCRACK, 1, [Defined if you have libcrack.])])
+	AC_CHECK_LIB(crack, FascistHistory,
+		AC_DEFINE(HAVE_LIBCRACK_HIST, 1, [Defined if you have the ts&szs cracklib.]))
+	AC_CHECK_LIB(crack, FascistHistoryPw,
+		AC_DEFINE(HAVE_LIBCRACK_PW, 1, [Defined if it includes *Pw functions.]))
+fi
+
+AC_SUBST(LIBSELINUX)
+AC_SUBST(LIBSEMANAGE)
+if test "$with_selinux" != "no"; then
+	AC_CHECK_HEADERS(selinux/selinux.h, [selinux_header="yes"], [selinux_header="no"])
+	if test "$selinux_header$with_selinux" = "noyes" ; then
+		AC_MSG_ERROR([selinux/selinux.h is missing])
+	fi
+
+	AC_CHECK_HEADERS(semanage/semanage.h, [semanage_header="yes"], [semanage_header="no"])
+	if test "$semanage_header$with_selinux" = "noyes" ; then
+		AC_MSG_ERROR([semanage/semanage.h is missing])
+	fi
+
+	if test "$selinux_header$semanage_header" = "yesyes" ; then
+		AC_CHECK_LIB(selinux, is_selinux_enabled, [selinux_lib="yes"], [selinux_lib="no"])
+		if test "$selinux_lib$with_selinux" = "noyes" ; then
+			AC_MSG_ERROR([libselinux not found])
+		fi
+
+		AC_CHECK_LIB(semanage, semanage_connect, [semanage_lib="yes"], [semanage_lib="no"])
+		if test "$semanage_lib$with_selinux" = "noyes" ; then
+			AC_MSG_ERROR([libsemanage not found])
+		fi
+
+		if test "$selinux_lib$semanage_lib" == "yesyes" ; then
+			AC_DEFINE(WITH_SELINUX, 1,
+			          [Build shadow with SELinux support])
+			LIBSELINUX="-lselinux"
+			LIBSEMANAGE="-lsemanage"
+			with_selinux="yes"
+		else
+			with_selinux="no"
+		fi
+	else
+		with_selinux="no"
+	fi
+fi
+
+AC_SUBST(LIBTCB)
+if test "$with_tcb" != "no"; then
+	AC_CHECK_HEADERS(tcb.h, [tcb_header="yes"], [tcb_header="no"])
+	if test "$tcb_header$with_tcb" = "noyes" ; then
+		AC_MSG_ERROR([tcb.h is missing])
+	elif test "$tcb_header" = "yes" ; then
+		AC_CHECK_LIB(tcb, tcb_is_suspect, [tcb_lib="yes"], [tcb_lib="no"])
+		if test "$tcb_lib$with_tcb" = "noyes" ; then
+			AC_MSG_ERROR([libtcb not found])
+		elif test "$tcb_lib" = "no" ; then
+			with_tcb="no"
+		else
+			AC_DEFINE(WITH_TCB, 1, [Build shadow with tcb support (incomplete)])
+			LIBTCB="-ltcb"
+			with_tcb="yes"
+		fi
+	else
+		with_tcb="no"
+	fi
+fi
+AM_CONDITIONAL(WITH_TCB, test x$with_tcb = xyes)
+
+AC_SUBST(LIBPAM)
+if test "$with_libpam" != "no"; then
+	AC_CHECK_LIB(pam, pam_start,
+	             [pam_lib="yes"], [pam_lib="no"])
+	if test "$pam_lib$with_libpam" = "noyes" ; then
+		AC_MSG_ERROR(libpam not found)
+	fi
+
+	LIBPAM="-lpam"
+	pam_conv_function="no"
+
+	AC_CHECK_LIB(pam, openpam_ttyconv,
+	             [pam_conv_function="openpam_ttyconv"],
+	             AC_CHECK_LIB(pam_misc, misc_conv,
+	                          [pam_conv_function="misc_conv"; LIBPAM="$LIBPAM -lpam_misc"])
+	            )
+
+	if test "$pam_conv_function$with_libpam" = "noyes" ; then
+		AC_MSG_ERROR(PAM conversation function not found)
+	fi
+
+	pam_headers_found=no
+	AC_CHECK_HEADERS( [security/openpam.h security/pam_misc.h],
+	                 [ pam_headers_found=yes ; break ], [],
+	                 [ #include <security/pam_appl.h> ] )
+	if test "$pam_headers_found$with_libpam" = "noyes" ; then
+	                AC_MSG_ERROR(PAM headers not found)
+	fi
+
+
+	if test "$pam_lib$pam_headers_found" = "yesyes" -a "$pam_conv_function" != "no" ; then
+		with_libpam="yes"
+	else
+		with_libpam="no"
+		unset LIBPAM
+	fi
+fi
+dnl Now with_libpam is either yes or no
+if test "$with_libpam" = "yes"; then
+	AC_CHECK_DECLS([PAM_ESTABLISH_CRED,
+	                PAM_DELETE_CRED,
+	                PAM_NEW_AUTHTOK_REQD,
+	                PAM_DATA_SILENT],
+	               [], [], [#include <security/pam_appl.h>])
+
+
+	save_libs=$LIBS
+	LIBS="$LIBS $LIBPAM"
+	# We do not use AC_CHECK_FUNCS to avoid duplicated definition with
+	# Linux PAM.
+	AC_CHECK_FUNC(pam_fail_delay, [AC_DEFINE(HAS_PAM_FAIL_DELAY, 1, [Define to 1 if you have the declaration of 'pam_fail_delay'])])
+	LIBS=$save_libs
+
+	AC_DEFINE(USE_PAM, 1, [Define to support Pluggable Authentication Modules])
+	AC_DEFINE_UNQUOTED(SHADOW_PAM_CONVERSATION, [$pam_conv_function],[PAM converstation to use])
+	AM_CONDITIONAL(USE_PAM, [true])
+
+	AC_MSG_CHECKING(use login and su access checking if PAM not used)
+	AC_MSG_RESULT(no)
+else
+	AC_DEFINE(SU_ACCESS, 1, [Define to support /etc/suauth su access control.])
+	AM_CONDITIONAL(USE_PAM, [false])
+	AC_MSG_CHECKING(use login and su access checking if PAM not used)
+	AC_MSG_RESULT(yes)
+fi
+
+if test "$enable_acct_tools_setuid" != "no"; then
+	if test "$with_libpam" != "yes"; then
+		if test "$enable_acct_tools_setuid" = "yes"; then
+			AC_MSG_ERROR(PAM support is required for --enable-account-tools-setuid)
+		else
+			enable_acct_tools_setuid="no"
+		fi
+	else
+		enable_acct_tools_setuid="yes"
+	fi
+	if test "$enable_acct_tools_setuid" = "yes"; then
+		AC_DEFINE(ACCT_TOOLS_SETUID,
+		          1,
+		          [Define if account management tools should be installed setuid and authenticate the callers])
+	fi
+fi
+AM_CONDITIONAL(ACCT_TOOLS_SETUID, test "x$enable_acct_tools_setuid" = "xyes")
+
+AC_SUBST(LIBSKEY)
+AC_SUBST(LIBMD)
+if test "$with_skey" = "yes"; then
+	AC_CHECK_LIB(md, MD5Init, [LIBMD=-lmd])
+	AC_CHECK_LIB(skey, skeychallenge, [LIBSKEY=-lskey],
+		[AC_MSG_ERROR([liskey missing. You can download S/Key source code from http://rsync1.it.gentoo.org/gentoo/distfiles/skey-1.1.5.tar.bz2])])
+	AC_DEFINE(SKEY, 1, [Define to support S/Key logins.])
+	AC_TRY_COMPILE([
+		#include <stdio.h>
+		#include <skey.h>
+	],[
+		skeychallenge((void*)0, (void*)0, (void*)0, 0);
+	],[AC_DEFINE(SKEY_BSD_STYLE, 1, [Define to support newer BSD S/Key API])])
+fi
+
+if test "$enable_utmpx" = "yes"; then
+	if test "$ac_cv_header_utmpx_h" != "yes"; then
+		AC_MSG_ERROR([The utmpx.h header file is required for utmpx support.])
+	fi
+	AC_DEFINE(USE_UTMPX,
+	          1,
+	          [Define if utmpx should be used])
+fi
+
+AC_DEFINE_UNQUOTED(SHELL, ["$SHELL"], [The default shell.])
+
+AM_GNU_GETTEXT_VERSION(0.16)
+AM_GNU_GETTEXT([external], [need-ngettext])
+AM_CONDITIONAL(USE_NLS, test "x$USE_NLS" = "xyes")
+
+AC_CONFIG_FILES([
+	Makefile
+	po/Makefile.in
+	doc/Makefile
+	man/Makefile
+	man/config.xml
+	man/po/Makefile
+	man/cs/Makefile
+	man/da/Makefile
+	man/de/Makefile
+	man/es/Makefile
+	man/fi/Makefile
+	man/fr/Makefile
+	man/hu/Makefile
+	man/id/Makefile
+	man/it/Makefile
+	man/ja/Makefile
+	man/ko/Makefile
+	man/pl/Makefile
+	man/pt_BR/Makefile
+	man/ru/Makefile
+	man/sv/Makefile
+	man/tr/Makefile
+	man/zh_CN/Makefile
+	man/zh_TW/Makefile
+	libmisc/Makefile
+	lib/Makefile
+	src/Makefile
+	contrib/Makefile
+	etc/Makefile
+	etc/pam.d/Makefile
+	shadow.spec
+])
+AC_OUTPUT
+
+echo
+echo "shadow will be compiled with the following features:"
+echo
+echo "	auditing support:		$with_audit"
+echo "	CrackLib support:		$with_libcrack"
+echo "	PAM support:			$with_libpam"
+if test "$with_libpam" = "yes"; then
+echo "	suid account management tools:	$enable_acct_tools_setuid"
+fi
+echo "	SELinux support:		$with_selinux"
+echo "	ACL support:			$with_acl"
+echo "	Extended Attributes support:	$with_attr"
+echo "	tcb support (incomplete):	$with_tcb"
+echo "	shadow group support:		$enable_shadowgrp"
+echo "	S/Key support:			$with_skey"
+echo "	SHA passwords encryption:	$with_sha_crypt"
+echo "	nscd support:			$with_nscd"
+echo "	subordinate IDs support:	$enable_subids"
+echo
diff --git a/contrib/Makefile.am b/contrib/Makefile.am
new file mode 100644
index 0000000..2c3160e
--- /dev/null
+++ b/contrib/Makefile.am
@@ -0,0 +1,6 @@
+# This is a dummy Makefile.am to get automake work flawlessly,
+# and also cooperate to make a distribution for `make dist'
+
+EXTRA_DIST = README adduser.c adduser-old.c adduser.sh adduser2.sh \
+ atudel groupmems.shar pwdauth.c shadow-anonftp.patch \
+ udbachk.tgz
diff --git a/contrib/README b/contrib/README
new file mode 100644
index 0000000..c4d1bc0
--- /dev/null
+++ b/contrib/README
@@ -0,0 +1,10 @@
+People keep sending various adduser programs and scripts...  They are
+all in this directory.  I haven't tested them, use at your own risk.
+Anyway, the best one I've seen so far is adduser-3.x from Debian.
+
+atudel is a perl script to remove at jobs owned by the specified user
+(atrm in at-2.9 for Linux can't do that).
+
+udbachk.tgz is a passwd/group/shadow file integrity checker.
+
+--marekm
diff --git a/contrib/adduser-old.c b/contrib/adduser-old.c
new file mode 100644
index 0000000..0b2080e
--- /dev/null
+++ b/contrib/adduser-old.c
@@ -0,0 +1,300 @@
+/****
+** 03/17/96
+** hacked a bit more, removed unused code, cleaned up for gcc -Wall.
+** --marekm
+**
+** 02/26/96
+** modified to call shadow utils (useradd,chage,passwd) on shadowed 
+** systems - Cristian Gafton, gafton@sorosis.ro
+**
+** 6/27/95
+** shadow-adduser 1.4:
+**
+** now it copies the /etc/skel dir into the person's dir, 
+** makes the mail folders, changed some defaults and made a 'make 
+** install' just for the hell of it.
+**
+** Greg Gallagher
+** CIN.Net
+**
+** 1/28/95
+** shadow-adduser 1.3:
+** 
+** Basically a bug-fix on my additions in 1.2.  Thanx to Terry Stewart 
+** (stew@texas.net) for pointing out one of the many idiotic bugs I introduced.
+** It was such a stupid bug that I would have never seen it myself.
+**
+**                                Brandon
+*****
+** 01/27/95
+** 
+** shadow-adduser 1.2:
+** I took the C source from adduser-shadow (credits are below) and made
+** it a little more worthwhile.  Many small changes... Here's
+** the ones I can remember:
+** 
+** Removed support for non-shadowed systems (if you don't have shadow,
+**     use the original adduser, don't get this shadow version!)
+** Added support for the correct /etc/shadow fields (Min days before
+**     password change, max days before password change, Warning days,
+**     and how many days from expiry date does the account go invalid)
+**     The previous version just left all of those fields blank.
+**     There is still one field left (expiry date for the account, period)
+**     which I have left blank because I do not use it and didn't want to
+**     spend any more time on this.  I'm sure someone will put it in and
+**     tack another plethora of credits on here. :)
+** Added in the password date field, which should always reflect the last
+**     date the password was changed, for expiry purposes.  "passwd" always
+**     updates this field, so the adduser program should set it up right
+**     initially (or a user could keep thier initial password forever ;)
+**     The number is in days since Jan 1st, 1970.
+**
+**                       Have fun with it, and someone please make
+**                       a real version(this is still just a hack)
+**                       for us all to use (and Email it to me???)
+**
+**                               Brandon
+**                                  photon@usis.com
+**
+***** 
+** adduser 1.0: add a new user account (For systems not using shadow)
+** With a nice little interface and a will to do all the work for you.
+**
+** Craig Hagan
+** hagan@opine.cs.umass.edu
+**
+** Modified to really work, look clean, and find unused uid by Chris Cappuccio
+** chris@slinky.cs.umass.edu
+**
+*****
+**
+** 01/19/95
+**
+** FURTHER modifications to enable shadow passwd support (kludged, but
+** no more so than the original)  by Dan Crowson - dcrowson@mo.net
+**
+** Search on DAN for all changes...
+**
+*****
+**
+** cc -O -o adduser adduser.c
+** Use gcc if you have it... (political reasons beyond my control) (chris)
+**
+** I've gotten this program to work with success under Linux (without
+** shadow) and SunOS 4.1.3. I would assume it should work pretty well
+** on any system that uses no shadow. (chris)
+**
+** If you have no crypt() then try
+** cc -DNO_CRYPT -O -o adduser adduser.c xfdes.c
+** I'm not sure how login operates with no crypt()... I guess
+** the same way we're doing it here.
+*/
+
+#include <pwd.h>
+#include <grp.h>
+#include <ctype.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <time.h>
+#include <sys/types.h>
+#include <sys/timeb.h>
+#include <sys/time.h>
+#include <sys/stat.h>
+
+#define DEFAULT_SHELL	"/bin/bash"  /* because BASH is your friend */
+#define DEFAULT_HOME	"/home"
+#define USERADD_PATH	"/usr/sbin/useradd"
+#define CHAGE_PATH	"/usr/sbin/chage"
+#define PASSWD_PATH	"/usr/bin/passwd"
+#define DEFAULT_GROUP	100
+
+#define DEFAULT_MAX_PASS 60
+#define DEFAULT_WARN_PASS 10
+/* if you use this feature, you will get a lot of complaints from users
+   who rarely use their accounts :)  (something like 3 months would be
+   more reasonable)  --marekm */
+#define DEFAULT_USER_DIE /* 10 */ 0
+
+void main()
+{
+	char foo[32];			
+	char uname[9],person[32],dir[32],shell[32];
+	unsigned int group,min_pass,max_pass,warn_pass,user_die;
+	/* the group and uid of the new user */
+	int bad=0,done=0,correct=0,gets_warning=0;
+	char cmd[255];
+	struct group *grp;
+	
+	/* flags, in order:
+	* bad to see if the username is in /etc/passwd, or if strange stuff has
+	* been typed if the user might be put in group 0
+	* done allows the program to exit when a user has been added
+	* correct loops until a password is found that isn't in /etc/passwd
+	* gets_warning allows the fflush to be skipped for the first gets
+	* so that output is still legible
+	*/
+
+	/* The real program starts HERE! */
+  
+	if(geteuid()!=0)
+	{
+		printf("It seems you don't have access to add a new user.  Try\n");
+		printf("logging in as root or su root to gain super-user access.\n");
+		exit(1);
+	}
+  
+	/* Sanity checks
+	*/
+	
+	if (!(grp=getgrgid(DEFAULT_GROUP))){
+		printf("Error: the default group %d does not exist on this system!\n",
+				DEFAULT_GROUP);
+		printf("adduser must be recompiled.\n");
+		exit(1);
+	}; 
+ 
+	while(!correct) {		/* loop until a "good" uname is chosen */
+		while(!done) {
+			printf("\nLogin to add (^C to quit): ");
+			if(gets_warning)	/* if the warning was already shown */
+				fflush(stdout);	/* fflush stdout, otherwise set the flag */
+			else
+				gets_warning=1;
+
+			gets(uname);
+			if(!strlen(uname)) {
+				printf("Empty input.\n");
+				done=0;
+				continue;
+			};
+
+			/* what I saw here before made me think maybe I was running DOS */
+			/* might this be a solution? (chris) */
+			if (getpwnam(uname) != NULL) {
+				printf("That name is in use, choose another.\n");
+				done=0;
+			} else
+				done=1;
+		}; /* done, we have a valid new user name */
+		
+		/* all set, get the rest of the stuff */
+		printf("\nEditing information for new user [%s]\n",uname);
+  
+		printf("\nFull Name [%s]: ",uname);
+		gets(person);
+		if (!strlen(person)) {
+			bzero(person,sizeof(person));
+			strcpy(person,uname);
+		};
+      
+		do {
+			bad=0; 
+			printf("GID [%d]: ",DEFAULT_GROUP);
+			gets(foo);
+			if (!strlen(foo))
+				group=DEFAULT_GROUP;
+			else
+				if (isdigit (*foo)) {
+					group = atoi(foo);
+					if (! (grp = getgrgid (group))) {
+						printf("unknown gid %s\n",foo);
+						group=DEFAULT_GROUP;
+						bad=1;
+					};
+			} else
+				if ((grp = getgrnam (foo)))
+					group = grp->gr_gid;
+				else {
+					printf("unknown group %s\n",foo);
+					group=DEFAULT_GROUP;
+					bad=1;
+				}
+			if (group==0){	/* You're not allowed to make root group users! */
+				printf("Creation of root group users not allowed (must be done by hand)\n");
+				group=DEFAULT_GROUP;
+				bad=1;
+			};
+		} while(bad);
+
+
+		fflush(stdin);
+      
+		printf("\nIf home dir ends with a / then [%s] will be appended to it\n",uname);
+		printf("Home Directory [%s/%s]: ",DEFAULT_HOME,uname);
+		fflush(stdout);
+		gets(dir);
+		if (!strlen(dir)) { /* hit return */
+			sprintf(dir,"%s/%s",DEFAULT_HOME,uname);
+			fflush(stdin);
+		} else
+			if (dir[strlen(dir)-1]=='/')
+				sprintf(dir+strlen(dir),"%s",uname);
+
+		printf("\nShell [%s]: ",DEFAULT_SHELL);
+		fflush(stdout);
+		gets(shell);
+		if (!strlen(shell))
+			sprintf(shell,"%s",DEFAULT_SHELL);
+      
+		printf("\nMin. Password Change Days [0]: ");
+		gets(foo);
+		min_pass=atoi(foo);
+            
+		printf("Max. Password Change Days [%d]: ",DEFAULT_MAX_PASS);
+		gets(foo);
+		if (strlen(foo) > 1)
+			max_pass = atoi(foo);
+		else
+			max_pass = DEFAULT_MAX_PASS;
+            
+		printf("Password Warning Days [%d]: ",DEFAULT_WARN_PASS);
+		gets(foo);
+		warn_pass = atoi(foo);
+		if (warn_pass==0)
+			warn_pass = DEFAULT_WARN_PASS;
+            
+		printf("Days after Password Expiry for Account Locking [%d]: ",DEFAULT_USER_DIE);
+		gets(foo);
+		user_die = atoi(foo);
+		if (user_die == 0)
+			user_die = DEFAULT_USER_DIE;
+      
+		printf("\nInformation for new user [%s] [%s]:\n",uname,person);
+		printf("Home directory: [%s] Shell: [%s]\n",dir,shell);
+		printf("GID: [%d]\n",group);
+		printf("MinPass: [%d] MaxPass: [%d] WarnPass: [%d] UserExpire: [%d]\n",
+				min_pass,max_pass,warn_pass,user_die);
+		printf("\nIs this correct? [y/N]: ");
+		fflush(stdout);
+		gets(foo);
+
+		done=bad=correct=(foo[0]=='y'||foo[0]=='Y');
+
+		if(bad!=1)
+			printf("\nUser [%s] not added\n",uname);
+    }
+
+	bzero(cmd,sizeof(cmd));
+	sprintf(cmd,"%s -g %d -d %s -s %s -c \"%s\" -m -k /etc/skel %s",
+			USERADD_PATH,group,dir,shell,person,uname);
+	printf("Calling useradd to add new user:\n%s\n",cmd);  
+	if(system(cmd)){
+		printf("User add failed!\n");
+		exit(errno);
+	};
+	bzero(cmd,sizeof(cmd));
+	sprintf(cmd,"%s -m %d -M %d -W %d -I %d %s", CHAGE_PATH,
+			min_pass,max_pass,warn_pass,user_die,uname);
+	printf("%s\n",cmd);
+	if(system(cmd)){
+		printf("There was an error setting password expire values\n");
+		exit(errno);
+	};
+	bzero(cmd,sizeof(cmd));
+	sprintf(cmd,"%s %s",PASSWD_PATH,uname);
+	system(cmd);
+	printf("\nDone.\n");
+}
+
diff --git a/contrib/adduser.c b/contrib/adduser.c
new file mode 100644
index 0000000..88596b0
--- /dev/null
+++ b/contrib/adduser.c
@@ -0,0 +1,502 @@
+/****
+** 04/21/96
+** hacked even more, replaced gets() with something slightly harder to buffer
+** overflow. Added support for setting a default quota on new account, with
+** edquota -p. Other cleanups for security, I let some users run adduser suid
+** root to add new accounts. (overflow checks, clobber environment, valid 
+** shell checks, restrictions on gid + home dir settings).
+
+** Added max. username length. Used syslog() a bit for important events. 
+** Support to immediately expire account with passwd -e.
+
+** Called it version 2.0! Because I felt like it!
+
+** -- Chris, chris@ferret.lmh.ox.ac.uk
+
+** 03/17/96
+** hacked a bit more, removed unused code, cleaned up for gcc -Wall.
+** --marekm
+**
+** 02/26/96
+** modified to call shadow utils (useradd,chage,passwd) on shadowed 
+** systems - Cristian Gafton, gafton@sorosis.ro
+**
+** 6/27/95
+** shadow-adduser 1.4:
+**
+** now it copies the /etc/skel dir into the person's dir, 
+** makes the mail folders, changed some defaults and made a 'make 
+** install' just for the hell of it.
+**
+** Greg Gallagher
+** CIN.Net
+**
+** 1/28/95
+** shadow-adduser 1.3:
+** 
+** Basically a bug-fix on my additions in 1.2.  Thanx to Terry Stewart 
+** (stew@texas.net) for pointing out one of the many idiotic bugs I introduced.
+** It was such a stupid bug that I would have never seen it myself.
+**
+**                                Brandon
+*****
+** 01/27/95
+** 
+** shadow-adduser 1.2:
+** I took the C source from adduser-shadow (credits are below) and made
+** it a little more worthwhile.  Many small changes... Here's
+** the ones I can remember:
+** 
+** Removed support for non-shadowed systems (if you don't have shadow,
+**     use the original adduser, don't get this shadow version!)
+** Added support for the correct /etc/shadow fields (Min days before
+**     password change, max days before password change, Warning days,
+**     and how many days from expiry date does the account go invalid)
+**     The previous version just left all of those fields blank.
+**     There is still one field left (expiry date for the account, period)
+**     which I have left blank because I do not use it and didn't want to
+**     spend any more time on this.  I'm sure someone will put it in and
+**     tack another plethora of credits on here. :)
+** Added in the password date field, which should always reflect the last
+**     date the password was changed, for expiry purposes.  "passwd" always
+**     updates this field, so the adduser program should set it up right
+**     initially (or a user could keep thier initial password forever ;)
+**     The number is in days since Jan 1st, 1970.
+**
+**                       Have fun with it, and someone please make
+**                       a real version(this is still just a hack)
+**                       for us all to use (and Email it to me???)
+**
+**                               Brandon
+**                                  photon@usis.com
+**
+***** 
+** adduser 1.0: add a new user account (For systems not using shadow)
+** With a nice little interface and a will to do all the work for you.
+**
+** Craig Hagan
+** hagan@opine.cs.umass.edu
+**
+** Modified to really work, look clean, and find unused uid by Chris Cappuccio
+** chris@slinky.cs.umass.edu
+**
+*****
+**
+** 01/19/95
+**
+** FURTHER modifications to enable shadow passwd support (kludged, but
+** no more so than the original)  by Dan Crowson - dcrowson@mo.net
+**
+** Search on DAN for all changes...
+**
+*****
+**
+** cc -O -o adduser adduser.c
+** Use gcc if you have it... (political reasons beyond my control) (chris)
+**
+** I've gotten this program to work with success under Linux (without
+** shadow) and SunOS 4.1.3. I would assume it should work pretty well
+** on any system that uses no shadow. (chris)
+**
+** If you have no crypt() then try
+** cc -DNO_CRYPT -O -o adduser adduser.c xfdes.c
+** I'm not sure how login operates with no crypt()... I guess
+** the same way we're doing it here.
+*/
+
+#include <unistd.h>
+#include <stdlib.h>
+#include <pwd.h>
+#include <grp.h>
+#include <ctype.h>
+#include <stdio.h>
+#include <string.h>
+#include <time.h>
+#include <sys/types.h>
+#include <sys/timeb.h>
+#include <sys/time.h>
+#include <sys/stat.h>
+#include <syslog.h>
+
+#define IMMEDIATE_CHANGE	/* Expire newly created password, must be changed
+				 * immediately upon next login */
+#define HAVE_QUOTAS		/* Obvious */
+#define EXPIRE_VALS_SET		/* If defined, 'normal' users can't change 
+				 * password expiry values (if running suid root) */
+
+#define HAVE_GETUSERSHELL	/* FIXME: Isn't this defined in config.h too? */
+#define LOGGING			/* If we want to log various things to syslog */
+#define MAX_USRNAME  8		/* Longer usernames seem to work on my system....
+				 * But they're probably a poor idea */
+
+
+#define DEFAULT_SHELL	"/bin/bash"	/* because BASH is your friend */
+#define DEFAULT_HOME	"/home"
+#define USERADD_PATH	"/usr/sbin/useradd"
+#define CHAGE_PATH	"/usr/bin/chage"
+#define PASSWD_PATH	"/usr/bin/passwd"
+#define EDQUOTA_PATH	"/usr/sbin/edquota"
+#define QUOTA_DEFAULT	"defuser"
+#define DEFAULT_GROUP	100
+
+#define DEFAULT_MIN_PASS 0
+#define DEFAULT_MAX_PASS 100
+#define DEFAULT_WARN_PASS 14
+#define DEFAULT_USER_DIE 366
+
+void safeget (char *, int);
+
+void 
+main (void)
+{
+  char foo[32];
+  char usrname[32], person[32], dir[32], shell[32];
+  unsigned int group, min_pass, max_pass, warn_pass, user_die;
+  /* the group and uid of the new user */
+  int bad = 0, done = 0, correct = 0, olduid;
+  char cmd[255];
+  struct group *grp;
+
+  /* flags, in order:
+   * bad to see if the username is in /etc/passwd, or if strange stuff has
+   * been typed if the user might be put in group 0
+   * done allows the program to exit when a user has been added
+   * correct loops until a username is found that isn't in /etc/passwd
+   */
+
+  /* The real program starts HERE! */
+
+  if (geteuid () != 0)
+    {
+      printf ("It seems you don't have access to add a new user.  Try\n");
+      printf ("logging in as root or su root to gain superuser access.\n");
+      exit (1);
+    }
+
+  /* Sanity checks
+   */
+
+#ifdef LOGGING
+  openlog ("adduser", LOG_PID | LOG_CONS | LOG_NOWAIT, LOG_AUTH);
+  syslog (LOG_INFO, "invoked by user %s\n", getpwuid (getuid ())->pw_name);
+#endif
+
+  if (!(grp = getgrgid (DEFAULT_GROUP)))
+    {
+      printf ("Error: the default group %d does not exist on this system!\n",
+	      DEFAULT_GROUP);
+      printf ("adduser must be recompiled.\n");
+#ifdef LOGGING
+      syslog (LOG_ERR, "warning: failed. no such default group\n");
+      closelog ();
+#endif
+      exit (1);
+    };
+
+  while (!correct)
+    {				/* loop until a "good" usrname is chosen */
+      while (!done)
+	{
+	  printf ("\nLogin to add (^C to quit): ");
+	  fflush (stdout);
+
+	  safeget (usrname, sizeof (usrname));
+
+	  if (!strlen (usrname))
+	    {
+	      printf ("Empty input.\n");
+	      done = 0;
+	      continue;
+	    };
+
+	  /* what I saw here before made me think maybe I was running DOS */
+	  /* might this be a solution? (chris) */
+	  if (strlen (usrname) > MAX_USRNAME)
+	    {
+	      printf ("That name is longer than the maximum of %d characters. Choose another.\n", MAX_USRNAME);
+	      done = 0;
+	    }
+	  else if (getpwnam (usrname) != NULL)
+	    {
+	      printf ("That name is in use, choose another.\n");
+	      done = 0;
+	    }
+	  else if (strchr (usrname, ' ') != NULL)
+	    {
+	      printf ("No spaces in username!!\n");
+	      done = 0;
+	    }
+	  else
+	    done = 1;
+	};			/* done, we have a valid new user name */
+
+      /* all set, get the rest of the stuff */
+      printf ("\nEditing information for new user [%s]\n", usrname);
+
+      printf ("\nFull Name [%s]: ", usrname);
+      fflush (stdout);
+      safeget (person, sizeof (person));
+      if (!strlen (person))
+	{
+	  bzero (person, sizeof (person));
+	  strcpy (person, usrname);
+	};
+
+      if (getuid () == 0)
+	{
+	  do
+	    {
+	      bad = 0;
+	      printf ("GID [%d]: ", DEFAULT_GROUP);
+	      fflush (stdout);
+	      safeget (foo, sizeof (foo));
+	      if (!strlen (foo))
+		group = DEFAULT_GROUP;
+	      else if (isdigit (*foo))
+		{
+		  group = atoi (foo);
+		  if (!(grp = getgrgid (group)))
+		    {
+		      printf ("unknown gid %s\n", foo);
+		      group = DEFAULT_GROUP;
+		      bad = 1;
+		    };
+		}
+	      else if ((grp = getgrnam (foo)))
+		group = grp->gr_gid;
+	      else
+		{
+		  printf ("unknown group %s\n", foo);
+		  group = DEFAULT_GROUP;
+		  bad = 1;
+		}
+	      if (group == 0)
+		{		/* You're not allowed to make root group users! */
+		  printf ("Creation of root group users not allowed (must be done by hand)\n");
+		  group = DEFAULT_GROUP;
+		  bad = 1;
+		};
+	    }
+	  while (bad);
+	}
+      else
+	{
+	  printf ("Group will be default of: %d\n", DEFAULT_GROUP);
+	  group = DEFAULT_GROUP;
+	}
+
+      if (getuid () == 0)
+	{
+	  printf ("\nIf home dir ends with a / then '%s' will be appended to it\n", usrname);
+	  printf ("Home Directory [%s/%s]: ", DEFAULT_HOME, usrname);
+	  fflush (stdout);
+	  safeget (dir, sizeof (dir));
+	  if (!strlen (dir))
+	    {			/* hit return */
+	      sprintf (dir, "%s/%s", DEFAULT_HOME, usrname);
+	    }
+	  else if (dir[strlen (dir) - 1] == '/')
+	    sprintf (dir+strlen(dir), "%s", usrname);
+	}
+      else
+	{
+	  printf ("\nHome directory will be %s/%s\n", DEFAULT_HOME, usrname);
+	  sprintf (dir, "%s/%s", DEFAULT_HOME, usrname);
+	}
+
+      printf ("\nShell [%s]: ", DEFAULT_SHELL);
+      fflush (stdout);
+      safeget (shell, sizeof (shell));
+      if (!strlen (shell))
+	sprintf (shell, "%s", DEFAULT_SHELL);
+      else
+	{
+	  char *sh;
+	  int ok = 0;
+#ifdef HAVE_GETUSERSHELL
+	  setusershell ();
+	  while ((sh = getusershell ()) != NULL)
+	    if (!strcmp (shell, sh))
+	      ok = 1;
+	  endusershell ();
+#endif
+	  if (!ok)
+	    {
+	      if (getuid () == 0)
+		printf ("Warning: root allowed non standard shell\n");
+	      else
+		{
+		  printf ("Shell NOT in /etc/shells, DEFAULT used\n");
+		  sprintf (shell, "%s", DEFAULT_SHELL);
+		}
+	    }
+	}
+
+#ifdef EXPIRE_VALS_SET
+      if (getuid () == 0)
+	{
+#endif
+	  printf ("\nMin. Password Change Days [%d]: ", DEFAULT_MIN_PASS);
+	  fflush (stdout);
+	  safeget (foo, sizeof (foo));
+	  if (strlen (foo) > 1)
+	    min_pass = DEFAULT_MIN_PASS;
+	  else
+	    min_pass = atoi (foo);
+
+	  printf ("Max. Password Change Days [%d]: ", DEFAULT_MAX_PASS);
+	  fflush (stdout);
+	  safeget (foo, sizeof (foo));
+	  if (strlen (foo) > 1)
+	    max_pass = atoi (foo);
+	  else
+	    max_pass = DEFAULT_MAX_PASS;
+
+	  printf ("Password Warning Days [%d]: ", DEFAULT_WARN_PASS);
+	  fflush (stdout);
+	  safeget (foo, sizeof (foo));
+	  warn_pass = atoi (foo);
+	  if (warn_pass == 0)
+
+	    warn_pass = DEFAULT_WARN_PASS;
+
+	  printf ("Days after Password Expiry for Account Locking [%d]: ", DEFAULT_USER_DIE);
+	  fflush (stdout);
+	  safeget (foo, sizeof (foo));
+	  user_die = atoi (foo);
+	  if (user_die == 0)
+	    user_die = DEFAULT_USER_DIE;
+
+#ifdef EXPIRE_VALS_SET
+	}
+      else
+	{
+	  printf ("\nSorry, account expiry values are set.\n");
+	  user_die = DEFAULT_USER_DIE;
+	  warn_pass = DEFAULT_WARN_PASS;
+	  max_pass = DEFAULT_MAX_PASS;
+	  min_pass = DEFAULT_MIN_PASS;
+	}
+#endif
+
+      printf ("\nInformation for new user [%s] [%s]:\n", usrname, person);
+      printf ("Home directory: [%s] Shell: [%s]\n", dir, shell);
+      printf ("GID: [%d]\n", group);
+      printf ("MinPass: [%d] MaxPass: [%d] WarnPass: [%d] UserExpire: [%d]\n",
+	      min_pass, max_pass, warn_pass, user_die);
+      printf ("\nIs this correct? [y/N]: ");
+      fflush (stdout);
+      safeget (foo, sizeof (foo));
+
+      done = bad = correct = (foo[0] == 'y' || foo[0] == 'Y');
+
+      if (bad != 1)
+	printf ("\nUser [%s] not added\n", usrname);
+    }
+
+  /* Clobber the environment, I run this suid root sometimes to let 
+   * non root privileged accounts add users --chris */
+
+  *environ = NULL;
+
+  bzero (cmd, sizeof (cmd));
+  sprintf (cmd, "%s -g %d -d %s -s %s -c \"%s\" -m -k /etc/skel %s",
+	   USERADD_PATH, group, dir, shell, person, usrname);
+  printf ("Calling useradd to add new user:\n%s\n", cmd);
+  if (system (cmd))
+    {
+      printf ("User add failed!\n");
+#ifdef LOGGING
+      syslog (LOG_ERR, "could not add new user\n");
+      closelog ();
+#endif
+      exit (errno);
+    };
+
+  olduid = getuid ();	/* chage, passwd, edquota etc. require ruid = root
+			 */
+  setuid (0);
+
+  bzero (cmd, sizeof (cmd));
+
+  /* Chage runs suid root. => we need ruid root to run it with
+   * anything other than chage -l
+   */
+
+  sprintf (cmd, "%s -m %d -M %d -W %d -I %d %s", CHAGE_PATH,
+	   min_pass, max_pass, warn_pass, user_die, usrname);
+  printf ("%s\n", cmd);
+  if (system (cmd))
+    {
+      printf ("There was an error setting password expire values\n");
+#ifdef LOGGING
+      syslog (LOG_ERR, "password expire values could not be set\n");
+#endif
+    };
+
+  /* I want to add a user completely with one easy command --chris */
+
+#ifdef HAVE_QUOTAS
+  bzero (cmd, sizeof (cmd));
+  sprintf (cmd, "%s -p %s -u %s", EDQUOTA_PATH, QUOTA_DEFAULT, usrname);
+  printf ("%s\n", cmd);
+  if (system (cmd))
+    {
+      printf ("\nWarning: error setting quota\n");
+#ifdef LOGGING
+      syslog (LOG_ERR, "warning: account created but NO quotas set!\n");
+#endif /* LOGGING */
+    }
+  else
+    printf ("\nDefault quota set.\n");
+#endif /* HAVE_QUOTAS */
+
+  bzero (cmd, sizeof (cmd));
+  sprintf (cmd, "%s %s", PASSWD_PATH, usrname);
+  if (system (cmd))
+    {
+      printf ("\nWarning: error setting password\n");
+#ifdef LOGGING
+      syslog (LOG_ERR, "warning: password set failed!\n");
+#endif
+    }
+#ifdef IMMEDIATE_CHANGE
+  bzero (cmd, sizeof (cmd));
+  sprintf (cmd, "%s -e %s", PASSWD_PATH, usrname);
+  if (system (cmd))
+    {
+      printf ("\nWarning: error expiring password\n");
+#ifdef LOGGING
+      syslog (LOG_ERR, "warning: password expire failed!\n");
+#endif /* LOGGING */
+    }
+#endif /* IMMEDIATE_CHANGE */
+
+  setuid (olduid);
+
+#ifdef LOGGING
+  closelog ();
+#endif
+
+  printf ("\nDone.\n");
+}
+
+void 
+safeget (char *buf, int maxlen)
+{
+  int c, i = 0, bad = 0;
+  char *bstart = buf;
+  while ((c = getc (stdin)) != EOF && (c != '\n') && (++i < maxlen))
+    {
+      bad = (!isalnum (c) && (c != '_') && (c != ' '));
+      *(buf++) = (char) c;
+    }
+  *buf = '\0';
+
+  if (bad)
+    {
+      printf ("\nString contained banned character. Please stick to alphanumerics.\n");
+      *bstart = '\0';
+    }
+}
+
diff --git a/contrib/adduser.sh b/contrib/adduser.sh
new file mode 100755
index 0000000..0efb27a
--- /dev/null
+++ b/contrib/adduser.sh
@@ -0,0 +1,90 @@
+#!/bin/sh
+# adduser script for use with shadow passwords and useradd command.
+# by Hrvoje Dogan <hdogan@student.math.hr>, Dec 1995.
+
+echo -n "Login name for new user []:"
+read LOGIN
+if [ -z $LOGIN ]
+then echo "Come on, man, you can't leave the login field empty...";exit
+fi
+echo
+echo -n "User id for $LOGIN [ defaults to next available]:"
+read ID
+GUID="-u $ID"
+if [ -z $ID ] 
+then GUID=""
+fi
+
+echo
+echo -n "Initial group for $LOGIN [users]:"
+read GID
+GGID="-g $GID"
+if [ -z $GID ]
+then GGID=""
+fi
+
+echo
+echo -n "Additional groups for $LOGIN []:"
+read AGID
+GAGID="-G $AGID"
+if [ -z $AGID ]
+then GAGID=""
+fi
+
+echo
+echo -n "$LOGIN's home directory [/home/$LOGIN]:"
+read HME
+GHME="-d $HME"
+if [ -z $HME ]
+then GHME=""
+fi
+
+echo
+echo -n "$LOGIN's shell [/bin/bash]:"
+read SHL
+GSHL="-s $SHL"
+if [ -z $SHL ]
+then GSHL=""
+fi
+
+echo
+echo -n "$LOGIN's account expiry date (MM/DD/YY) []:"
+read EXP
+GEXP="-e $EXP"
+if [ -z $EXP ]
+then GEXP=""
+fi
+echo
+echo OK, I'm about to make a new account. Here's what you entered so far:
+echo New login name: $LOGIN
+if [ -z $GUID ] 
+then echo New UID: [Next available]
+else echo New UID: $UID
+fi
+if [ -z $GGID ]
+then echo Initial group: users
+else echo Initial group: $GID
+fi
+if [ -z $GAGID ]
+then echo Additional groups: [none]
+else echo Additional groups: $AGID
+fi
+if [ -z $GHME ]
+then echo Home directory: /home/$LOGIN
+else echo Home directory: $HME
+fi
+if [ -z $GSHL ]
+then echo Shell: /bin/bash
+else echo Shell: $SHL
+fi
+if [ -z $GEXP ]
+then echo Expiry date: [no expiration]
+else echo Expiry date: $EXP
+fi
+echo "This is it... if you want to bail out, you'd better do it now."
+read FOO
+echo Making new account...
+/usr/sbin/useradd $GHME -m $GEXP $GGID $GAGID $GSHL $GUID $LOGIN
+/usr/bin/chfn $LOGIN
+/usr/bin/passwd $LOGIN
+echo "Done..."
diff --git a/contrib/adduser2.sh b/contrib/adduser2.sh
new file mode 100755
index 0000000..a2b36b2
--- /dev/null
+++ b/contrib/adduser2.sh
@@ -0,0 +1,743 @@
+#!/bin/bash
+#
+#  adduser			Interactive user adding program.
+#
+#  Copyright (C) 1996		Petri Mattila, Prihateam Networks
+#				petri@prihateam.fi
+#	
+#  This program is free software; you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation; either version 2, or (at your option)
+#  any later version.
+#
+# Changes:
+#	220496	v0.01	Initial version
+#	230496	v0.02	More checks, embolden summary
+#	240496		Even more checks
+#	250496 		Help with ?
+#	040596	v0.03	Cleanups
+#	050596	v0.04	Bug fixes, expire date checks
+#	070596	v0.05	Iso-latin-1 names
+#
+
+## Defaults
+
+# default groups
+def_group="users"
+def_other_groups=""
+
+# default home directory
+def_home_dir=/home/users
+
+# default shell
+def_shell=/bin/tcsh
+
+# Defaul expiration date (mm/dd/yy)
+def_expire=""
+
+# default dates
+def_pwd_min=0
+def_pwd_max=90
+def_pwd_warn=14
+def_pwd_iact=14
+
+
+# possible UIDs
+uid_low=1000
+uid_high=64000
+
+# skel directory
+skel=/etc/skel
+
+# default mode for home directory
+def_mode=711
+
+# Regex, that the login name must meet, only ANSI characters
+login_regex='^[0-9a-zA-Z_-]*$'
+
+# Regex, that the user name must meet
+# ANSI version
+##name_regex='^[0-9a-zA-Z_-\ ]*$'
+# ISO-LATIN-1 version
+name_regex='^[0-9a-zA-ZÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖÙÚÛÜÝÞßàáâãäåæçèéêëìíîïðñòóôõöùúûüýþÿ_-\ ]*$'
+
+# set PATH
+export PATH="/bin:/sbin:/usr/bin:/usr/sbin"
+
+# Some special characters
+case "$TERM" in
+   vt*|ansi*|con*|xterm*|linux*)
+	S=''	# start embolden
+	E=''	# end embolden
+	;;
+   *)	
+	S=''
+	E=''
+	;;
+esac
+
+
+## Functions
+
+check_root() {
+	if test "$EUID" -ne 0
+	then
+		echo "You must be root to run this program."
+		exit 1
+	fi
+}
+
+check_user() {
+	local usr pwd uid gid name home sh
+
+	cat /etc/passwd | (
+		while IFS=":" read usr pwd uid gid name home sh
+		do
+			if test "$1" = "${usr}"
+			then
+				return 1
+			fi
+		done
+		return 0
+	)
+}
+
+check_group() {
+	local read grp pwd gid members
+
+	cat /etc/group | (
+		while IFS=":" read grp pwd gid members
+		do
+			if test "$1" = "${grp}"
+			then
+				return 1
+			fi
+		done
+		return 0
+	)
+}
+
+check_other_groups() {
+	local grp check IFS
+
+	check="$1"
+	IFS=","
+
+	set ${check}
+	for grp
+	do
+		if check_group "${grp}"
+		then
+			echo "Group ${grp} does not exist."
+			return 1
+		fi
+	done
+	return 0
+}		
+
+check_uid() {
+	local usr pwd uid gid name home sh
+	
+	cat /etc/passwd | (
+		while IFS=":" read usr pwd uid gid name home sh
+		do
+			if test "$1" = "${uid}"
+			then
+				return 1
+			fi
+		done
+		return 0
+	)
+}
+
+read_yn() {
+	local ans ynd
+	
+	ynd="$1"
+	
+	while :
+	do
+		read ans	
+		case "${ans}" in
+		      "") return ${ynd} ;;
+		    [nN]) return 1 ;;
+		    [yY]) return 0 ;;
+		       *) echo -n "Y or N, please ? " ;;
+		esac
+	done
+}
+
+read_login() {
+	echo
+	while :
+	do
+		echo -n "Login: ${def_login:+[${def_login}] }"
+		read login
+		
+		if test "${login}" = '?'
+		then
+			less /etc/passwd
+			echo
+			continue
+		fi
+
+		if test -z "${login}" -a -n "${def_login}"
+		then
+			login="${def_login}"
+			echo "Using ${login}"
+			return
+		fi
+		
+		if test "${#login}" -gt 8
+		then
+			echo "Login must be at most 8 characters long"
+			continue
+		fi
+		
+		if test "${#login}" -lt 2
+		then
+			echo "Login must be at least 2 characters long"
+			continue
+		fi
+		
+		if ! expr "${login}" : "${login_regex}" &> /dev/null
+		then
+			echo "Please use letters, numbers and special characters _-,."
+			continue
+		fi
+		
+		if ! check_user "${login}"
+		then
+			echo "Username ${login} is already in use"
+			continue
+		fi
+		
+		def_login="${login}"
+		return
+	done
+}
+
+read_name () {
+	echo
+	while :
+	do
+		echo -n "Real name: ${def_name:+[${def_name}] }"
+		read name
+		
+		if test "${name}" = '?'
+		then
+			less /etc/passwd
+			echo
+			continue
+		fi
+
+		if test -z "${name}" -a -n "${def_name}"
+		then
+			name="${def_name}"
+			echo "Using ${name}"
+		fi
+
+		if test "${#name}" -gt 32
+		then
+			echo "Name should be at most 32 characters long"
+			continue
+		fi
+
+		if ! expr "${name}" : "${name_regex}" &> /dev/null
+		then
+			echo "Please use letters, numbers, spaces and special characters ,._-"
+			continue
+		fi
+		
+		def_name="${name}"
+		return
+	done
+}
+
+read_home() {
+	local x
+	
+	echo
+	while :
+	do
+		echo -n "Home Directory: [${def_home_dir}/${login}] "
+		read home
+		
+		if test -z "${home}"
+		then
+			home="${def_home_dir}/${login}"
+			echo "Using ${home}"
+		fi
+		
+		if ! expr "${home}" : '^[0-9a-zA-Z,._-\/]*$' &> /dev/null
+		then
+			echo "Please use letters, numbers, spaces and special characters ,._-/"
+			continue
+		fi
+		
+		x="$(basename ${home})"
+		if test "${x}" != "${login}"
+		then
+			echo "Warning: you are about to use different login name and home directory."
+		fi
+		
+		x="$(dirname ${home})"
+		if ! test -d "${x}"
+		then
+			echo "Directory ${x} does not exist."
+			echo "If you still want to use it, please make it manually."
+			continue
+		fi
+		
+		def_home_dir="${x}"
+		return
+	done
+}
+
+read_shell () {
+	local x
+
+	echo
+	while :
+	do
+		echo -n "Shell: [${def_shell}] "
+		read shell
+		
+		if test -z "${shell}"
+		then
+			shell="${def_shell}"
+			echo "Using ${shell}"
+		fi
+		
+		for x in $(cat /etc/shells)
+		do
+			if test "${x}" = "${shell}"
+			then
+				def_shell="${shell}"
+				return
+			fi
+		done
+
+		echo "Possible shells are:"
+		cat /etc/shells
+	done
+}
+
+read_group () {
+	echo
+	while :
+	do
+		echo -n "Group: [${def_group}] "
+		read group
+		
+		if test -z "${group}"
+		then
+			group="${def_group}"
+			echo "Using ${group}"
+		fi
+		
+		if test "${group}" = '?'
+		then
+			less /etc/group
+			echo
+			continue
+		fi
+
+		if check_group "${group}"
+		then
+			echo "Group ${group} does not exist."
+			continue
+		fi
+		
+		def_group="${group}"
+		return
+	done
+}
+
+read_other_groups () {
+	echo
+	while :
+	do
+		echo -n "Other groups: [${def_og:-none}] "
+		read other_groups
+		
+		if test "${other_groups}" = '?'
+		then
+			less /etc/group
+			echo
+			continue
+		fi
+
+		if test -z "${other_groups}"
+		then
+			if test -n "${def_og}"
+			then
+				other_groups="${def_og}"
+				echo "Using ${other_groups}"
+			else	
+				echo "No other groups"
+				return
+			fi
+		fi
+		
+		
+		if ! check_other_groups "${other_groups}"
+		then
+			continue
+		fi
+		
+		def_og="${other_groups}"
+		return
+	done
+}
+
+read_uid () {
+	echo
+	while :
+	do
+		echo -n "uid: [first free] "
+		read uid
+			
+		if test -z "${uid}"
+		then
+			echo "Using first free UID."
+			return
+		fi
+		
+		if test "${uid}" = '?'
+		then
+			less /etc/passwd
+			echo
+			continue
+		fi
+
+		if ! expr "${uid}" : '^[0-9]+$' &> /dev/null
+		then
+			echo "Please use numbers only."
+			continue
+		fi
+		if test "${uid}" -lt "${uid_low}"
+		then
+			echo "UID must be greater than ${uid_low}"
+			continue
+		fi
+		if test "${uid}" -gt "${uid_high}"
+		then
+			echo "UID must be smaller than ${uid_high}"
+			continue
+		fi
+		if ! check_uid "${uid}"
+		then
+			echo "UID ${uid} is already in use"
+			continue
+		fi
+		
+		return
+	done
+}
+
+read_max_valid_days() {
+	echo
+	while :
+	do
+		echo -en "Maximum days between password changes: [${def_pwd_max}] "
+		read max_days
+		
+		if test -z "${max_days}"
+		then
+			max_days="${def_pwd_max}"
+			echo "Using ${max_days}"
+			return
+		fi
+		
+		if ! expr "${max_days}" : '^[0-9]+$' &> /dev/null
+		then
+			echo "Please use numbers only."
+			continue
+		fi
+		if test "${max_days}" -lt 7
+		then
+			echo "Warning: you are using a value shorter than a week."
+		fi
+		
+		def_pwd_max="${max_days}"
+		return	
+	done
+}
+
+read_min_valid_days() {
+	echo
+	while :
+	do
+		echo -en "Minimum days between password changes: [${def_pwd_min}] "
+		read min_days
+		
+		if test -z "${min_days}"
+		then
+			min_days="${def_pwd_min}"
+			echo "Using ${min_days}"
+			return
+		fi
+		
+		if ! expr "${min_days}" : '^[0-9]+$' &> /dev/null
+		then
+			echo "Please use numbers only."
+			continue
+		fi
+		if test "${min_days}" -gt 7
+		then
+			echo "Warning: you are using a value longer than a week."
+		fi
+		
+		def_pwd_min="${min_days}"
+		return	
+	done
+}
+
+read_warning_days() {
+	echo
+	while :
+	do
+		echo -en "Number of warning days before password expires: [${def_pwd_warn}] "
+		read warn_days
+		
+		if test -z "${warn_days}"
+		then
+			warn_days="${def_pwd_warn}"
+			echo "Using ${warn_days}"
+		fi
+
+		if ! expr "${warn_days}" : '^[0-9]+$' &> /dev/null
+		then
+			echo "Please use numbers only."
+			continue
+		fi
+		if test "${warn_days}" -gt 14
+		then
+			echo "Warning: you are using a value longer than two week."
+		fi
+		
+		def_pwd_warn="${warn_days}"
+		return	
+	done
+}
+
+
+read_inactive_days() {
+	echo
+	while :
+	do
+		echo -en "Number of usable days after expiration: [${def_pwd_iact}] "
+		read iact_days
+		
+		if test -z "${iact_days}"
+		then
+			iact_days="${def_pwd_iact}"
+			echo "Using ${iact_days}"
+			return
+		fi
+		if ! expr "${iact_days}" : '^[0-9]+$' &> /dev/null
+		then
+			echo "Please use numbers only."
+			continue
+		fi
+		if test "${iact_days}" -gt 14
+		then
+			echo "Warning: you are using a value that is more than two weeks."
+		fi
+		
+		def_pwd_iact="${iact_days}"
+		return	
+	done
+}
+
+read_expire_date() {
+	local ans
+	
+	echo
+	while :
+	do
+		echo -en "Expire date of this account (mm/dd/yy): [${def_expire:-never}] "
+		read ans
+		
+		if test -z "${ans}"
+		then
+			if test -z "${def_expire}"
+			then
+				ans="never"
+			else
+				ans="${def_expire}"
+				echo "Using ${def_expire}"
+			fi
+		fi
+		
+		if test "${ans}" = "never"
+		then
+			echo "Account will never expire."
+			def_expire=""
+			expire=""
+			return
+		fi
+
+		if ! expr "${ans}" : '^[0-9][0-9]/[0-9][0-9]/[0-9][0-9]$' &> /dev/null
+		then
+			echo "Please use format mm/dd/yy"
+			continue
+		fi
+		
+		if ! expire_date="$(date -d ${ans} '+%A, %B %d %Y')"
+		then
+			continue
+		fi
+		
+		def_expire="${expire}"
+		return	
+	done
+}
+
+read_passwd_yn() {
+	echo -en "\nDo you want to set password [Y/n] ? "
+	if read_yn 0
+	then
+		set_pwd="YES"
+	else
+		set_pwd=""
+	fi
+}
+
+
+print_values() {
+
+clear
+cat << EOM
+
+Login:        ${S}${login}${E}
+Group:        ${S}${group}${E}
+Other groups: ${S}${other_groups:-[none]}${E}
+
+Real Name:    ${S}${name}${E}
+
+uid:          ${S}${uid:-[first free]}${E}
+home:         ${S}${home}${E}
+shell:        ${S}${shell}${E}
+
+Account expiration date:                   ${S}${expire_date:-never}${E}
+Minimum days between password changes:     ${S}${min_days}${E}
+Maximum days between password changes:     ${S}${max_days}${E}
+Number of usable days after expiration:    ${S}${iact_days}${E}
+Number of warning days before expiration:  ${S}${warn_days}${E}
+
+${S}${set_pwd:+Set password for this account.}${E}
+
+EOM
+}
+
+set_user() {
+	if ! useradd \
+		-c "${name}" \
+		-d "${home}" \
+		-g "${group}" \
+		-s "${shell}" \
+		${expire:+-e ${expire}} \
+		${uid:+-u ${uid}} \
+		${other_groups:+-G ${other_groups}} \
+		${login}
+	then
+		echo "Error ($?) in useradd...exiting..."
+		exit 1
+	fi
+}
+
+set_aging() {
+	if ! passwd \
+		-x ${max_days} \
+		-n ${min_days} \
+		-w ${warn_days} \
+		-i ${iact_days} \
+		${login}
+	then
+		echo "Error ($?) in setting password aging...exiting..." 
+		exit 1
+	fi
+}
+
+set_password() {
+	if test -n "${set_pwd}"
+	then
+		echo
+		passwd ${login}
+		echo
+	fi
+}	
+
+set_system() {
+	if test -d "${home}"
+	then
+		echo "Directory ${home} already exists."
+		echo "Skeleton files not copied."
+		return
+	fi
+	
+	echo -n "Copying skeleton files..."
+	( 
+	  mkdir ${home}
+	  cd ${skel} && cp -af . ${home}
+	  chmod ${def_mode} ${home}
+	  chown -R ${login}:${group} ${home}
+	)
+	echo "done."
+
+	## Add your own stuff here:
+	echo -n "Setting up other files..."
+	(
+	  mailbox="/var/spool/mail/${login}"
+	  touch ${mailbox}
+	  chown "${login}:mail" ${mailbox}
+	  chmod 600 ${mailbox}
+	)
+	echo "done."
+}
+
+
+read_values() {
+	clear
+	echo -e "\nPlease answer the following questions about the new user to be added."
+	
+	while :
+	do
+		read_login
+		read_name
+		read_group
+		read_other_groups
+		read_home
+		read_shell
+		read_uid
+		read_expire_date
+		read_max_valid_days
+		read_min_valid_days
+		read_warning_days
+		read_inactive_days
+		read_passwd_yn
+
+		print_values
+		
+		echo -n "Is this correct [N/y] ? "
+		read_yn 1 && return
+	done
+}
+
+
+main() {
+	check_root
+	read_values
+	set_user
+	set_aging
+	set_system
+	set_password
+}
+
+
+## Run it 8-)
+main
+
+# End.
diff --git a/contrib/atudel b/contrib/atudel
new file mode 100755
index 0000000..0ca8783
--- /dev/null
+++ b/contrib/atudel
@@ -0,0 +1,85 @@
+#!/usr/bin/perl
+#
+# Copyright (c) 1996 Brian R. Gaeke
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+# 3. All advertising materials mentioning features or use of this software
+#    must display the following acknowledgement:
+#    This product includes software developed by Brian R. Gaeke.
+# 4. The name of the author, Brian R. Gaeke, may not be used to endorse
+#    or promote products derived from this software without specific
+#    prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY BRIAN R. GAEKE ``AS IS'' AND ANY EXPRESS
+# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED.  IN NO EVENT SHALL BRIAN R. GAEKE BE LIABLE FOR ANY DIRECT,
+# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
+# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+#
+# Additionally:
+#
+# This software is provided without support and without any obligation
+# on the part of Brian R. Gaeke to assist in its use, correction,
+# modification or enhancement.
+#
+#######################################################################
+#
+# this is atudel, version 2, by Brian R. Gaeke <brg@dgate.org>
+#
+
+require "getopts.pl";
+&Getopts('v');
+$username = shift(@ARGV);
+&usage unless $username;
+
+sub usage
+{
+	print STDERR "atudel - remove all at jobs owned by a user\n";
+	print STDERR "usage: $0 [-v] username\n";
+	exit(1);
+}
+
+# odd. unless getpwnam($uname) doesn't seem to work for $uname eq "root" on
+# my linux system. but this does.
+die "user $username does not exist; stopping"
+	unless defined(getpwnam($username));
+
+print "searching for at jobs owned by user $username ..." if $opt_v;
+
+chdir "/var/spool/atjobs" ||
+	die "can't chdir to /var/spool/atjobs: $!\nstopping";
+opendir(DIR,".") || die "can't opendir(/var/spool/atjobs): $!\nstopping";
+@files = grep(!/^\./,grep(-f,readdir(DIR)));
+closedir DIR;
+
+foreach $x (@files)
+{
+	$owner = (getpwuid((stat($x))[4]))[0];
+	push(@nuke_bait,$x) if $owner eq $username;
+}
+
+if (@nuke_bait)
+{
+	print "removed jobIDs: @{nuke_bait}.\n" if $opt_v;
+	unlink @nuke_bait;
+}
+elsif ($opt_v)
+{
+	print "\n";
+}
+
+exit 0;
diff --git a/contrib/groupmems.shar b/contrib/groupmems.shar
new file mode 100644
index 0000000..b2d2547
--- /dev/null
+++ b/contrib/groupmems.shar
@@ -0,0 +1,546 @@
+#!/bin/sh
+# This is a shell archive (produced by GNU sharutils 4.2.1).
+# To extract the files from this archive, save it to some FILE, remove
+# everything before the `!/bin/sh' line above, then type `sh FILE'.
+#
+# Made on 2000-05-25 14:41 CDT by <gk4@gnu.austin.ibm.com>.
+# Source directory was `/home/gk4/src/groupmem'.
+#
+# Existing files will *not* be overwritten unless `-c' is specified.
+#
+# This shar contains:
+# length mode       name
+# ------ ---------- ------------------------------------------
+#   1960 -rw-r--r-- Makefile
+#   6348 -rw-r--r-- groupmems.c
+#   3372 -rw------- groupmems.8
+#
+save_IFS="${IFS}"
+IFS="${IFS}:"
+gettext_dir=FAILED
+locale_dir=FAILED
+first_param="$1"
+for dir in $PATH
+do
+  if test "$gettext_dir" = FAILED && test -f $dir/gettext \
+     && ($dir/gettext --version >/dev/null 2>&1)
+  then
+    set `$dir/gettext --version 2>&1`
+    if test "$3" = GNU
+    then
+      gettext_dir=$dir
+    fi
+  fi
+  if test "$locale_dir" = FAILED && test -f $dir/shar \
+     && ($dir/shar --print-text-domain-dir >/dev/null 2>&1)
+  then
+    locale_dir=`$dir/shar --print-text-domain-dir`
+  fi
+done
+IFS="$save_IFS"
+if test "$locale_dir" = FAILED || test "$gettext_dir" = FAILED
+then
+  echo=echo
+else
+  TEXTDOMAINDIR=$locale_dir
+  export TEXTDOMAINDIR
+  TEXTDOMAIN=sharutils
+  export TEXTDOMAIN
+  echo="$gettext_dir/gettext -s"
+fi
+if touch -am -t 200112312359.59 $$.touch >/dev/null 2>&1 && test ! -f 200112312359.59 -a -f $$.touch; then
+  shar_touch='touch -am -t $1$2$3$4$5$6.$7 "$8"'
+elif touch -am 123123592001.59 $$.touch >/dev/null 2>&1 && test ! -f 123123592001.59 -a ! -f 123123592001.5 -a -f $$.touch; then
+  shar_touch='touch -am $3$4$5$6$1$2.$7 "$8"'
+elif touch -am 1231235901 $$.touch >/dev/null 2>&1 && test ! -f 1231235901 -a -f $$.touch; then
+  shar_touch='touch -am $3$4$5$6$2 "$8"'
+else
+  shar_touch=:
+  echo
+  $echo 'WARNING: not restoring timestamps.  Consider getting and'
+  $echo "installing GNU \`touch', distributed in GNU File Utilities..."
+  echo
+fi
+rm -f 200112312359.59 123123592001.59 123123592001.5 1231235901 $$.touch
+#
+if mkdir _sh10937; then
+  $echo 'x -' 'creating lock directory'
+else
+  $echo 'failed to create lock directory'
+  exit 1
+fi
+# ============= Makefile ==============
+if test -f 'Makefile' && test "$first_param" != -c; then
+  $echo 'x -' SKIPPING 'Makefile' '(file already exists)'
+else
+  $echo 'x -' extracting 'Makefile' '(text)'
+  sed 's/^X//' << 'SHAR_EOF' > 'Makefile' &&
+/*
+# Copyright 2000, International Business Machines, Inc.
+# All rights reserved.
+#
+# original author: George Kraft IV, gk4@us.ibm.com
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+# 3. Neither the name of International Business Machines, Inc., nor the 
+#    names of its contributors may be used to endorse or promote products 
+#    derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY INTERNATIONAL BUSINESS MACHINES, INC. AND
+# CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, 
+# BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
+# FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL 
+# INTERNATIONAL BUSINESS MACHINES, INC. OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+# 
+X
+all: groupmems
+X
+groupmems: groupmems.c
+X	cc -g -o groupmems groupmems.c -L. -lshadow
+X
+install: groupmems
+X	-/usr/sbin/groupadd groups
+X	install -o root -g groups -m 4770 groupmems /usr/bin
+X
+install.man: groupmems.8
+X	install -o root -g root -m 644 groupmems.8 /usr/man/man8
+X
+SHAR_EOF
+  (set 20 00 05 25 14 40 28 'Makefile'; eval "$shar_touch") &&
+  chmod 0644 'Makefile' ||
+  $echo 'restore of' 'Makefile' 'failed'
+  if ( md5sum --help 2>&1 | grep 'sage: md5sum \[' ) >/dev/null 2>&1 \
+  && ( md5sum --version 2>&1 | grep -v 'textutils 1.12' ) >/dev/null; then
+    md5sum -c << SHAR_EOF >/dev/null 2>&1 \
+    || $echo 'Makefile:' 'MD5 check failed'
+b46cf7ef8d59149093c011ced3f3103c  Makefile
+SHAR_EOF
+  else
+    shar_count="`LC_ALL= LC_CTYPE= LANG= wc -c < 'Makefile'`"
+    test 1960 -eq "$shar_count" ||
+    $echo 'Makefile:' 'original size' '1960,' 'current size' "$shar_count!"
+  fi
+fi
+# ============= groupmems.c ==============
+if test -f 'groupmems.c' && test "$first_param" != -c; then
+  $echo 'x -' SKIPPING 'groupmems.c' '(file already exists)'
+else
+  $echo 'x -' extracting 'groupmems.c' '(text)'
+  sed 's/^X//' << 'SHAR_EOF' > 'groupmems.c' &&
+/*
+X * Copyright 2000, International Business Machines, Inc.
+X * All rights reserved.
+X *
+X * original author: George Kraft IV, gk4@us.ibm.com
+X *
+X * Redistribution and use in source and binary forms, with or without
+X * modification, are permitted provided that the following conditions
+X * are met:
+X *
+X * 1. Redistributions of source code must retain the above copyright
+X *    notice, this list of conditions and the following disclaimer.
+X * 2. Redistributions in binary form must reproduce the above copyright
+X *    notice, this list of conditions and the following disclaimer in the
+X *    documentation and/or other materials provided with the distribution.
+X * 3. Neither the name of International Business Machines, Inc., nor the 
+X *    names of its contributors may be used to endorse or promote products 
+X *    derived from this software without specific prior written permission.
+X *
+X * THIS SOFTWARE IS PROVIDED BY INTERNATIONAL BUSINESS MACHINES, INC. AND
+X * CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, 
+X * BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
+X * FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL 
+X * INTERNATIONAL BUSINESS MACHINES, INC. OR CONTRIBUTORS BE LIABLE
+X * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+X * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+X * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+X * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+X * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+X * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+X * SUCH DAMAGE.
+X */
+/*
+**
+**	Utility "groupmem" adds and deletes members from a user's group.
+**	
+**	Setup (as "root"):
+**	
+**		groupadd -r groups 
+**		chmod 2770 groupmems
+**		chown root.groups groupmems
+**		groupmems -g groups -a gk4
+**	
+**	Usage (as "gk4"):
+**	
+**		groupmems -a olive
+**		groupmems -a jordan
+**		groupmems -a meghan
+**		groupmems -a morgan
+**		groupmems -a jake
+**		groupmems -l 
+**		groupmems -d jake
+**		groupmems -l 
+*/
+X
+#include <stdio.h>
+#include <pwd.h>
+#include <grp.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include "defines.h"
+#include "groupio.h"
+X
+/* Exit Status Values */
+X
+#define EXIT_SUCCESS		0	/* success */
+#define EXIT_USAGE		1	/* invalid command syntax */
+#define EXIT_GROUP_FILE		2	/* group file access problems */
+#define EXIT_NOT_ROOT		3	/* not superuser  */
+#define EXIT_NOT_EROOT		4	/* not effective superuser  */
+#define EXIT_NOT_PRIMARY	5	/* not primary owner of group  */
+#define EXIT_NOT_MEMBER		6	/* member of group does not exist */
+#define EXIT_MEMBER_EXISTS	7	/* member of group already exists */
+X
+#define TRUE 1
+#define FALSE 0
+X
+/* Globals */
+X
+extern int optind;
+extern char *optarg;
+static char *adduser = NULL;
+static char *deluser = NULL;
+static char *thisgroup = NULL;
+static int purge = FALSE;
+static int list = FALSE;
+static int exclusive = 0;
+X
+static int isroot(void) {
+X	return getuid() ? FALSE : TRUE;
+}
+X
+static int isgroup(void) {
+X	gid_t g = getgid();
+X	struct group *grp = getgrgid(g);
+X
+X	return TRUE;
+}
+X
+static char *whoami(void) {
+X	struct group *grp = getgrgid(getgid());
+X	struct passwd *usr = getpwuid(getuid());
+X
+X	if (0 == strcmp(usr->pw_name, grp->gr_name)) {
+X		return (char *)strdup(usr->pw_name);
+X	} else {
+X		return NULL;
+X	} 
+}
+X
+static void
+addtogroup(char *user, char **members) {
+X	int i;
+X	char **pmembers;
+X
+X	for (i = 0; NULL != members[i]; i++ ) {
+X		if (0 == strcmp(user, members[i])) {
+X			fprintf(stderr, "Member already exists\n");
+X			exit(EXIT_MEMBER_EXISTS);
+X		}
+X	}
+X
+X	if (0 == i) {
+X		pmembers = (char **)calloc(2, sizeof(char *));
+X	} else {
+X		pmembers = (char **)realloc(members, sizeof(char *)*(i+1));
+X	}
+X
+X	*members = *pmembers;
+X	members[i] = user;
+X	members[i+1] = NULL;
+}
+X
+static void
+rmfromgroup(char *user, char **members) {
+X	int i;
+X	int found = FALSE;
+X
+X	i = 0;
+X	while (!found && NULL != members[i]) {
+X		if (0 == strcmp(user, members[i])) {
+X			found = TRUE;
+X		} else {
+X			i++;
+X		}
+X	}
+X
+X	while (found && NULL != members[i]) {
+X		members[i] = members[++i];
+X	}
+X
+X	if (!found) {
+X		fprintf(stderr, "Member to remove could not be found\n");
+X		exit(EXIT_NOT_MEMBER);
+X	}
+}
+X
+static void
+nomembers(char **members) {
+X	int i;
+X
+X	for (i = 0; NULL != members[i]; i++ ) {
+X		members[i] = NULL;
+X	}
+}
+X
+static void
+members(char **members) {
+X	int i;
+X
+X	for (i = 0; NULL != members[i]; i++ ) {
+X		printf("%s ", members[i]);
+X
+X		if (NULL == members[i+1]) {
+X			printf("\n");
+X		} else {
+X			printf(" ");
+X		}
+X	}
+}
+X
+static void usage(void) {
+X	fprintf(stderr, "usage: groupmems -a username | -d username | -D | -l [-g groupname]\n");
+X	exit(EXIT_USAGE);
+}
+X
+main(int argc, char **argv) {
+X	int arg, i;
+X	char *name;
+X	struct group *grp;
+X
+X	while ((arg = getopt(argc, argv, "a:d:g:Dl")) != EOF) {
+X		switch (arg) {
+X		case 'a':
+X			adduser = strdup(optarg);
+X			++exclusive;
+X			break;
+X		case 'd':
+X			deluser = strdup(optarg);
+X			++exclusive;
+X			break;
+X		case 'g':
+X			thisgroup = strdup(optarg);
+X			break;
+X		case 'D':
+X			purge = TRUE;
+X			++exclusive;
+X			break;
+X		case 'l':
+X			list = TRUE;
+X			++exclusive;
+X			break;
+X		default:
+X			usage();
+X		}
+X	}
+X
+X	if (exclusive > 1 || optind < argc) {
+X		usage();
+X	}
+X
+X	if (!isroot() && NULL != thisgroup) {
+X		fprintf(stderr, "Only root can add members to different groups\n");
+X		exit(EXIT_NOT_ROOT);
+X	} else if (isroot() && NULL != thisgroup) {
+X		name = thisgroup;
+X	} else if (!isgroup()) {
+X		fprintf(stderr, "Group access is required\n");
+X		exit(EXIT_NOT_EROOT);
+X	} else if (NULL == (name = whoami())) {
+X		fprintf(stderr, "Not primary owner of current group\n");
+X		exit(EXIT_NOT_PRIMARY);
+X	}
+X
+X	if (!gr_lock()) {
+X		fprintf(stderr, "Unable to lock group file\n");
+X		exit(EXIT_GROUP_FILE);
+X	}
+X
+X	if (!gr_open(O_RDWR)) {
+X		fprintf(stderr, "Unable to open group file\n");
+X		exit(EXIT_GROUP_FILE);
+X	}
+X
+X	grp = (struct group *)gr_locate(name);
+X
+X	if (NULL != adduser) {
+X		addtogroup(adduser, grp->gr_mem);
+X		gr_update(grp);
+X	} else if (NULL != deluser) {
+X		rmfromgroup(deluser, grp->gr_mem);
+X		gr_update(grp);
+X	} else if (purge) {
+X		nomembers(grp->gr_mem);
+X		gr_update(grp);
+X	} else if (list) {
+X		members(grp->gr_mem);
+X	}
+X
+X	if (!gr_close()) {
+X		fprintf(stderr, "Cannot close group file\n");
+X		exit(EXIT_GROUP_FILE);
+X	}
+X
+X	gr_unlock();
+X
+X	exit(EXIT_SUCCESS);
+}
+X
+/* EOF */
+SHAR_EOF
+  (set 20 00 05 25 14 36 38 'groupmems.c'; eval "$shar_touch") &&
+  chmod 0644 'groupmems.c' ||
+  $echo 'restore of' 'groupmems.c' 'failed'
+  if ( md5sum --help 2>&1 | grep 'sage: md5sum \[' ) >/dev/null 2>&1 \
+  && ( md5sum --version 2>&1 | grep -v 'textutils 1.12' ) >/dev/null; then
+    md5sum -c << SHAR_EOF >/dev/null 2>&1 \
+    || $echo 'groupmems.c:' 'MD5 check failed'
+f0dd68f8d762d89d24d3ce1f4141f981  groupmems.c
+SHAR_EOF
+  else
+    shar_count="`LC_ALL= LC_CTYPE= LANG= wc -c < 'groupmems.c'`"
+    test 6348 -eq "$shar_count" ||
+    $echo 'groupmems.c:' 'original size' '6348,' 'current size' "$shar_count!"
+  fi
+fi
+# ============= groupmems.8 ==============
+if test -f 'groupmems.8' && test "$first_param" != -c; then
+  $echo 'x -' SKIPPING 'groupmems.8' '(file already exists)'
+else
+  $echo 'x -' extracting 'groupmems.8' '(text)'
+  sed 's/^X//' << 'SHAR_EOF' > 'groupmems.8' &&
+X.\"
+X.\" Copyright 2000, International Business Machines, Inc.
+X.\" All rights reserved.
+X.\"
+X.\" original author: George Kraft IV, gk4@us.ibm.com
+X.\"
+X.\" Redistribution and use in source and binary forms, with or without
+X.\" modification, are permitted provided that the following conditions
+X.\" are met:
+X.\"
+X.\" 1. Redistributions of source code must retain the above copyright
+X.\"    notice, this list of conditions and the following disclaimer.
+X.\" 2. Redistributions in binary form must reproduce the above copyright
+X.\"    notice, this list of conditions and the following disclaimer in the
+X.\"    documentation and/or other materials provided with the distribution.
+X.\" 3. Neither the name of International Business Machines, Inc., nor the 
+X.\"    names of its contributors may be used to endorse or promote products 
+X.\"    derived from this software without specific prior written permission.
+X.\"
+X.\" THIS SOFTWARE IS PROVIDED BY INTERNATIONAL BUSINESS MACHINES, INC. AND
+X.\" CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, 
+X.\" BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
+X.\" FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL 
+X.\" INTERNATIONAL BUSINESS MACHINES, INC. OR CONTRIBUTORS BE LIABLE
+X.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+X.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+X.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+X.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+X.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+X.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+X.\" SUCH DAMAGE.
+X.\"
+X.\" $Id$
+X.\"
+X.TH GROUPMEMS 8
+X.SH NAME
+groupmems \- Administer members of a user's primary group
+X.SH SYNOPSIS
+X.B groupmems
+\fB-a\fI user_name \fR |
+\fB-d\fI user_name \fR |
+\fB-l\fR |
+\fB-D\fR |
+[\fB-g\fI group_name \fR]
+X.SH DESCRIPTION
+The \fBgroupmems\fR utility allows a user to administer his/her own
+group membership list without the requirement of superuser privileges.
+The \fBgroupmems\fR utility is for systems that configure its users to
+be in their own name sake primary group (i.e., guest / guest).
+X.P
+Only the superuser, as administrator, can use \fBgroupmems\fR to alter
+the memberships of other groups.
+X.IP "\fB-a \fIuser_name\fR"
+Add a new user to the group membership list.
+X.IP "\fB-d \fIuser_name\fR"
+Delete a user from the group membership list.
+X.IP "\fB-l\fR"
+List the group membership list.
+X.IP "\fB-D\fR"
+Delete all users from the group membership list.
+X.IP "\fB-g \fIgroup_name\fR"
+The superuser can specify which group membership list to modify.
+X.SH SETUP
+The \fBgroupmems\fR executable should be in mode \fB2770\fR as user \fBroot\fR
+and in group \fBgroups\fR.   The system administrator can add users to
+group groups to allow or disallow them using the  \fBgroupmems\fR utility
+to manager their own group membership list.
+X.P
+X     $ groupadd -r groups
+X.br
+X     $ chmod 2770 groupmems
+X.br
+X     $ chown root.groups groupmems
+X.br
+X     $ groupmems -g groups -a gk4
+X.SH FILES
+/etc/group
+X.br
+/etc/gshadow
+X.SH SEE ALSO
+X.BR chfn (1),
+X.BR chsh (1),
+X.BR useradd (8),
+X.BR userdel (8),
+X.BR usermod (8),
+X.BR passwd (1),
+X.BR groupadd (8),
+X.BR groupdel (8)
+X.SH AUTHOR
+George Kraft IV (gk4@us.ibm.com)
+X.\" EOF
+SHAR_EOF
+  (set 20 00 05 25 14 38 23 'groupmems.8'; eval "$shar_touch") &&
+  chmod 0600 'groupmems.8' ||
+  $echo 'restore of' 'groupmems.8' 'failed'
+  if ( md5sum --help 2>&1 | grep 'sage: md5sum \[' ) >/dev/null 2>&1 \
+  && ( md5sum --version 2>&1 | grep -v 'textutils 1.12' ) >/dev/null; then
+    md5sum -c << SHAR_EOF >/dev/null 2>&1 \
+    || $echo 'groupmems.8:' 'MD5 check failed'
+181e6cd3a3c9d3df320197fa2cde2b4a  groupmems.8
+SHAR_EOF
+  else
+    shar_count="`LC_ALL= LC_CTYPE= LANG= wc -c < 'groupmems.8'`"
+    test 3372 -eq "$shar_count" ||
+    $echo 'groupmems.8:' 'original size' '3372,' 'current size' "$shar_count!"
+  fi
+fi
+rm -fr _sh10937
+exit 0
diff --git a/contrib/pwdauth.c b/contrib/pwdauth.c
new file mode 100644
index 0000000..ca15495
--- /dev/null
+++ b/contrib/pwdauth.c
@@ -0,0 +1,308 @@
+/*
+ * pwdauth.c - program to verify a given username/password pair.
+ *
+ * Run it with username in argv[1] (may be omitted - default is the
+ * current user), and send it the password over a pipe on stdin.
+ * Exit status: 0 - correct password, 1 - wrong password, >1 - other
+ * errors.  For use with shadow passwords, this program should be
+ * installed setuid root.
+ *
+ * This can be used, for example, by xlock - you don't have to install
+ * this large and complex (== possibly insecure) program setuid root,
+ * just modify it to run this simple program to do the authentication.
+ *
+ * Recent versions (xlockmore-3.9) are cleaner, and drop privileges as
+ * soon as possible after getting the user's encrypted password.
+ * Using this program probably doesn't make it more secure, and has one
+ * disadvantage: since we don't get the encrypted user's password at
+ * startup (but at the time the user is authenticated), it is not clear
+ * how we should handle errors (like getpwnam() returning NULL).
+ * - fail the authentication?  Problem: no way to unlock (other than kill
+ *   the process from somewhere else) if the NIS server stops responding.
+ * - succeed and unlock?  Problem: it's too easy to unlock by unplugging
+ *   the box from the network and waiting until NIS times out...
+ *
+ * This program is Copyright (C) 1996 Marek Michalkiewicz
+ * <marekm@i17linuxb.ists.pwr.wroc.pl>.
+ *
+ * It may be used and distributed freely for any purposes.  There is no
+ * warranty - use at your own risk.  I am not liable for any damages etc.
+ * If you improve it, please send me your changes.
+ */
+
+static char rcsid[] = "$Id$";
+
+/*
+ * Define USE_SYSLOG to use syslog() to log successful and failed
+ * authentication.  This should be safe even if your system has
+ * the infamous syslog buffer overrun security problem...
+ */
+#define USE_SYSLOG
+
+/*
+ * Define HAVE_GETSPNAM to get shadow passwords using getspnam().
+ * Some systems don't have getspnam(), but getpwnam() returns
+ * encrypted passwords only if running as root.
+ *
+ * According to the xlock source (not tested, except Linux) -
+ * define: Linux, Solaris 2.x, SVR4, ...
+ * undef: HP-UX with Secured Passwords, FreeBSD, NetBSD, QNX.
+ * Known not supported (yet): Ultrix, OSF/1, SCO.
+ */
+#define HAVE_GETSPNAM
+
+/*
+ * Define HAVE_PW_ENCRYPT to use pw_encrypt() instead of crypt().
+ * pw_encrypt() is like the standard crypt(), except that it may
+ * support better password hashing algorithms.
+ *
+ * Define if linking with libshadow.a from the shadow password
+ * suite (Linux, SunOS 4.x?).
+ */
+#undef HAVE_PW_ENCRYPT
+
+/*
+ * Define HAVE_AUTH_METHODS to support the shadow suite specific
+ * extension: the encrypted password field contains a list of
+ * administrator defined authentication methods, separated by
+ * semicolons.  This program only supports the standard password
+ * authentication method (a string that doesn't start with '@').
+ */
+#undef HAVE_AUTH_METHODS
+
+/*
+ * FAIL_DELAY - number of seconds to sleep before exiting if the
+ * password was wrong, to slow down password guessing attempts.
+ */
+#define FAIL_DELAY 2
+
+/* No user-serviceable parts below :-).  */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <unistd.h>
+#include <pwd.h>
+
+#ifdef USE_SYSLOG
+#include <syslog.h>
+#ifndef LOG_AUTHPRIV
+#define LOG_AUTHPRIV LOG_AUTH
+#endif
+#endif
+
+#ifdef HAVE_GETSPNAM
+#include <shadow.h>
+#endif
+
+#ifdef HAVE_PW_ENCRYPT
+extern char *pw_encrypt();
+#define crypt pw_encrypt
+#endif
+
+/*
+ * Read the password (one line) from fp.  We don't turn off echo
+ * because we expect input from a pipe.
+ */
+static char *
+get_line(fp)
+	FILE *fp;
+{
+	static char buf[128];
+	char *cp;
+	int ch;
+
+	cp = buf;
+	while ((ch = getc(fp)) != EOF && ch != '\0' && ch != '\n') {
+		if (cp >= buf + sizeof buf - 1)
+			break;
+		*cp++ = ch;
+	}
+	*cp = '\0';
+	return buf;
+}
+
+/*
+ * Get the password file entry for the current user.  If the name
+ * returned by getlogin() is correct (matches the current real uid),
+ * return the entry for that user.  Otherwise, return the entry (if
+ * any) matching the current real uid.  Return NULL on failure.
+ */
+static struct passwd *
+get_my_pwent()
+{
+	uid_t uid = getuid();
+	char *name = getlogin();
+
+	if (name && *name) {
+		struct passwd *pw = getpwnam(name);
+
+		if (pw && pw->pw_uid == uid)
+			return pw;
+	}
+	return getpwuid(uid);
+}
+
+/*
+ * Verify the password.  The system-dependent shadow support is here.
+ */
+static int
+password_auth_ok(pw, pass)
+	const struct passwd *pw;
+	const char *pass;
+{
+	int result;
+	char *cp;
+#ifdef HAVE_AUTH_METHODS
+	char *buf;
+#endif
+#ifdef HAVE_GETSPNAM
+	struct spwd *sp;
+#endif
+
+	if (pw) {
+#ifdef HAVE_GETSPNAM
+		sp = getspnam(pw->pw_name);
+		if (sp)
+			cp = sp->sp_pwdp;
+		else
+#endif
+			cp = pw->pw_passwd;
+	} else
+		cp = "xx";
+
+#ifdef HAVE_AUTH_METHODS
+	buf = strdup(cp);  /* will be modified by strtok() */
+	if (!buf) {
+		fprintf(stderr, "Out of memory.\n");
+		exit(13);
+	}
+	cp = strtok(buf, ";");
+	while (cp && *cp == '@')
+		cp = strtok(NULL, ";");
+
+	/* fail if no password authentication for this user */
+	if (!cp)
+		cp = "xx";
+#endif
+
+	if (*pass || *cp)
+		result = (strcmp(crypt(pass, cp), cp) == 0);
+	else
+		result = 1;  /* user with no password */
+
+#ifdef HAVE_AUTH_METHODS
+	free(buf);
+#endif
+	return result;
+}
+
+/*
+ * Main program.
+ */
+int
+main(argc, argv)
+	int argc;
+	char **argv;
+{
+	struct passwd *pw;
+	char *pass, *name;
+	char myname[32];
+
+#ifdef USE_SYSLOG
+	openlog("pwdauth", LOG_PID | LOG_CONS, LOG_AUTHPRIV);
+#endif
+	pw = get_my_pwent();
+	if (!pw) {
+#ifdef USE_SYSLOG
+		syslog(LOG_ERR, "can't get login name for uid %d.\n",
+		       (int) getuid());
+#endif
+		fprintf(stderr, "Who are you?\n");
+		exit(2);
+	}
+	strncpy(myname, pw->pw_name, sizeof myname - 1);
+	myname[sizeof myname - 1] = '\0';
+	name = myname;
+
+	if (argc > 1) {
+		name = argv[1];
+		pw = getpwnam(name);
+	}
+
+	pass = get_line(stdin);
+	if (password_auth_ok(pw, pass)) {
+#ifdef USE_SYSLOG
+		syslog(pw->pw_uid ? LOG_INFO : LOG_NOTICE,
+		       "user `%s' entered correct password for `%.32s'.\n",
+		       myname, name);
+#endif
+		exit(0);
+	}
+#ifdef USE_SYSLOG
+	/* be careful not to overrun the syslog buffer */
+	syslog((!pw || pw->pw_uid) ? LOG_NOTICE : LOG_WARNING,
+	       "user `%s' entered incorrect password for `%.32s'.\n",
+	       myname, name);
+#endif
+#ifdef FAIL_DELAY
+	sleep(FAIL_DELAY);
+#endif
+	fprintf(stderr, "Wrong password.\n");
+	exit(1);
+}
+
+#if 0
+/*
+ * You can use code similar to the following to run this program.
+ * Return values: >=0 - program exit status (use the <sys/wait.h>
+ * macros to get the exit code, it is shifted left by 8 bits),
+ * -1 - check errno.
+ */
+int
+verify_password(const char *username, const char *password)
+{
+	int pipe_fd[2];
+	int pid, wpid, status;
+
+	if (pipe(pipe_fd))
+		return -1;
+	
+	if ((pid = fork()) == 0) {
+		char *arg[3];
+		char *env[1];
+
+		/* child */
+		close(pipe_fd[1]);
+		if (pipe_fd[0] != 0) {
+			if (dup2(pipe_fd[0], 0) != 0)
+				_exit(127);
+			close(pipe_fd[0]);
+		}
+		arg[0] = "/usr/bin/pwdauth";
+		arg[1] = username;
+		arg[2] = NULL;
+		env[0] = NULL;
+		execve(arg[0], arg, env);
+		_exit(127);
+	} else if (pid == -1) {
+		/* error */
+		close(pipe_fd[0]);
+		close(pipe_fd[1]);
+		return -1;
+	}
+	/* parent */
+	close(pipe_fd[0]);
+	write(pipe_fd[1], password, strlen(password));
+	write(pipe_fd[1], "\n", 1);
+	close(pipe_fd[1]);
+
+	while ((wpid = wait(&status)) != pid) {
+		if (wpid == -1)
+			return -1;
+	}
+	return status;
+}
+#endif
diff --git a/contrib/shadow-anonftp.patch b/contrib/shadow-anonftp.patch
new file mode 100644
index 0000000..6938fe4
--- /dev/null
+++ b/contrib/shadow-anonftp.patch
@@ -0,0 +1,147 @@
+Hello Marek,
+
+I have created a diffile against the 980403 release that adds
+functionality to newusers for automatic handling of users with only
+anonomous ftp login (using the guestgroup feature in ftpaccess, which
+means that the users home directory looks like '/home/user/./'). It also
+adds a commandline argument to specify an initial directory structure
+for such users, with a tarball normally containing the bin,lib,etc
+directories used in the chrooted environment.
+
+I am using it to automatically create chunks of users with only ftp
+access for a webserver.
+
+I have tried to follow your coding standards and I believe it is bug
+free but.. well, who knows. :) It's not much code however.
+
+I hope you find it useful. Do what you like with it, feel free to ask if
+anything is unclear.
+
+Best rgds,
+  Calle Karlsson
+  ckn@kash.se
+
+diff -uNr shadow-980403.orig/src/newusers.c shadow-980403/src/newusers.c
+--- shadow-980403.orig/src/newusers.c	Fri Jan 30 00:22:43 1998
++++ shadow-980403/src/newusers.c	Fri Apr 17 16:55:33 1998
+@@ -76,11 +76,35 @@
+ static void
+ usage(void)
+ {
+-	fprintf(stderr, "Usage: %s [ input ]\n", Prog);
++	fprintf (stderr, "Usage: %s [-p prototype tarfile] [ input ]\n", Prog);
++	fprintf (stderr, "The prototype tarfile is only used for users\n");
++	fprintf (stderr, "marked as anonymous ftp users. It must be a full pathname.\n");
+ 	exit(1);
+ }
+ 
+ /*
++ * createuserdir - create a directory and chmod it
++ */
++
++static int
++createuserdir (char * dir, int uid, int gid, int line)
++{
++	if (mkdir (dir, 0777 & ~getdef_num("UMASK", 077))) {
++		fprintf (stderr, "%s: line %d: mkdir %s failed\n",
++			 Prog, line, dir);
++		return -1;
++	}
++
++	if (chown (dir, uid, gid)) {
++		fprintf (stderr, "%s: line %d: chown %s failed\n",
++			 Prog, line, dir);
++		return -1;
++	}
++
++	return 0;
++}
++
++/*
+  * add_group - create a new group or add a user to an existing group
+  */
+ 
+@@ -328,6 +352,8 @@
+ main(int argc, char **argv)
+ {
+ 	char	buf[BUFSIZ];
++	char	anonproto[BUFSIZ];
++	int	flag;
+ 	char	*fields[8];
+ 	int	nfields;
+ 	char	*cp;
+@@ -340,12 +366,23 @@
+ 
+ 	Prog = Basename(argv[0]);
+ 
+-	if (argc > 1 && argv[1][0] == '-')
+-		usage ();
++	* anonproto = '\0';
++
++	while ((flag = getopt (argc, argv, "p:h")) != EOF) {
++		switch (flag) {
++		case 'p':
++			STRFCPY(anonproto, optarg);
++			break;
++		case 'h':
++		default:
++			usage ();
++			break;
++		}
++	}
+ 
+-	if (argc == 2) {
+-		if (! freopen (argv[1], "r", stdin)) {
+-			snprintf(buf, sizeof buf, "%s: %s", Prog, argv[1]);
++	if (optind < argc) {
++		if (! freopen (argv[optind], "r", stdin)) {
++			snprintf(buf, sizeof buf, "%s: %s", Prog, argv[optind]);
+ 			perror (buf);
+ 			exit (1);
+ 		}
+@@ -499,15 +536,36 @@
+ 		if (fields[6][0])
+ 			newpw.pw_shell = fields[6];
+ 
+-		if (newpw.pw_dir[0] && access(newpw.pw_dir, F_OK)) {
+-			if (mkdir (newpw.pw_dir,
+-					0777 & ~getdef_num("UMASK", 077)))
+-				fprintf (stderr, "%s: line %d: mkdir failed\n",
+-					Prog, line);
+-			else if (chown (newpw.pw_dir,
+-					newpw.pw_uid, newpw.pw_gid))
+-				fprintf (stderr, "%s: line %d: chown failed\n",
+-					Prog, line);
++		if (newpw.pw_dir[0]) {
++		        char * userdir = strdup (newpw.pw_dir);
++			char * anonpart;
++			int rc;
++
++			if ((anonpart = strstr (userdir, "/./"))) {
++			        * anonpart = '\0';
++				anonpart += 2;
++			}
++			
++			if (access(userdir, F_OK))
++				rc = createuserdir (userdir, newpw.pw_uid, newpw.pw_gid, line);
++			else
++				rc = 0;
++
++			if (rc == 0 && anonpart) {
++				if (* anonproto) {
++					char cmdbuf [BUFSIZ];
++					snprintf(cmdbuf, sizeof cmdbuf,
++						 "cd %s; tar xf %s",
++						 userdir, anonproto);
++					system (cmdbuf);
++				}
++				if (strlen (anonpart) > 1) {
++					strcat (userdir, anonpart);
++					if (access (userdir, F_OK))
++						createuserdir (userdir, newpw.pw_uid, newpw.pw_gid, line);
++				}
++			}
++			free (userdir);
+ 		}
+ 
+ 		/*
diff --git a/contrib/udbachk.tgz b/contrib/udbachk.tgz
new file mode 100644
index 0000000..605ad63
--- /dev/null
+++ b/contrib/udbachk.tgz
diff --git a/doc/HOWTO b/doc/HOWTO
new file mode 100644
index 0000000..01a90ed
--- /dev/null
+++ b/doc/HOWTO
@@ -0,0 +1,1918 @@
+[ Note: the installation instructions in this document are somewhat
+  out of date - the package now uses GNU autoconf and is configured
+  just like most GNU packages: run ./configure then make.  --marekm ]
+
+  Linux Shadow Password HOWTO
+  Michael H. Jackson, mhjack@tscnet.com
+  v1.3, 3 April 1996
+
+  This document aims to describe how to obtain, install, and configure
+  the Linux password Shadow Suite. It also discusses obtaining, and
+  reinstalling other software and network daemons that require access to
+  user passwords.  This other software is not actually part of the
+  Shadow Suite, but these programs will need to be recompiled to support
+  the Shadow Suite.  This document also contains a programming example
+  for adding shadow support to a program.  Answers to some of the more
+  frequently asked questions are included near the end of this document.
+
+  1.  Introduction.
+
+  This is the Linux Shadow-Password-HOWTO.  This document describes why
+  and how to add shadow password support on a Linux system.  Some
+  examples of how to use some of the Shadow Suite's features is also
+  included.
+
+  When installing the Shadow Suite and when using many of the utility
+  programs, you must be logged in as root.  When installing the Shadow
+  Suite you will be making changes to system software, and it is highly
+  recommended that you make backup copies of programs as indicated.  I
+  also recommend that you read and understand all the instructions
+  before you begin.
+
+  1.1.  Changes from the previous release.
+
+  Additions:
+          Added a sub-section on why you might not want to install shadow
+          Added a sub-section on updating the xdm program
+          Added a section on how to put Shadow Suite features to work
+          Added a section containing frequently asked questions
+
+  Corrections/Updates:
+          Corrected html references on Sunsite
+          Corrected section on wu-ftp to reflect adding -lshadow to the Makefile
+          Corrected minor spelling and verbiage errors
+          Changed section on wu-ftpd to support ELF
+          Updated to reflect security problems in various login programs
+          Updated to recommend the Linux Shadow Suite by Marek Michalkiewicz
+
+  1.2.  New versions of this document.
+
+  The latest released version of this document can always be retrieved
+  by anonymous FTP from:
+
+  sunsite.unc.edu
+
+  /pub/Linux/docs/HOWTO/Shadow-Password-HOWTO
+
+  or:
+
+  /pub/Linux/docs/HOWTO/other-formats/Shadow-Password-HOWTO{-html.tar,ps,dvi}.gz
+
+  or via the World Wide Web from the Linux Documentation Project Web
+  Server <http://sunsite.unc.edu/mdw/linux.html>, at page: Shadow-
+  Password-HOWTO <http://sunsite.unc.edu/linux/HOWTO/Shadow-Password-
+  HOWTO.html> or directly from me, <mhjack@tscnet.com>. It will also be
+  posted to the newsgroup: comp.os.linux.answers
+
+  This document is now packaged with the Shadow-YYDDMM packages.
+
+  1.3.  Feedback.
+
+  Please send any comments, updates, or suggestions to me: Michael H.
+  Jackson <mhjack@tscnet.com>  The sooner I get feedback, the sooner I
+  can update and correct this document.  If you find any problems with
+  it, please mail me directly as I very rarely stay up-to-date on the
+  newsgroups.
+
+  2.  Why shadow your passwd file?
+
+  By default, most current Linux distributions do not contain the Shadow
+  Suite installed.  This includes Slackware 2.3, Slackware 3.0, and
+  other popular distributions.  One of the reasons for this is that the
+  copyright notices in the original Shadow Suite were not clear on
+  redistribution if a fee was charged.  Linux uses a GNU Copyright
+  (sometimes refereed to as a Copyleft) that allows people to package it
+  into a convenient package (like a CD-ROM distribution) and charge a
+  fee for it.
+
+  The current maintainer of the Shadow Suite, Marek Michalkiewicz
+  <marekm@i17linuxb.ists.pwr.wroc.pl> received the source code from the
+  original author under a BSD style copyright that allowed
+  redistribution.   Now that the copyright issues are resolved, it is
+  expected that future distributions will contain password shadowing by
+  default.  Until then, you will need to install it yourself.
+
+  If you installed your distribution from a CD-ROM, you may find that,
+  even though the distribution did not have the Shadow Suite installed,
+  some of the files you need to install the Shadow Suite may be on the
+  CD-ROM.
+
+  However, Shadow Suite versions 3.3.1, 3.3.1-2, and shadow-mk all have
+  security problems with their login program and several other suid root
+  programs that came with them, and should no longer be used.
+
+  All of the necessary files may be obtained via anonymous FTP or
+  through the World Wide Web.
+
+  On a Linux system without the Shadow Suite installed, user information
+  including passwords is stored in the /etc/passwd file.  The password
+  is stored in an encrypted format.  If you ask a cryptography expert,
+  however, he or she will tell you that the password is actually in an
+  encoded rather than encrypted format because when using crypt(3), the
+  text is set to null and the password is the key.  Therefore, from here
+  on, I will use the term encoded in this document.
+
+  The algorithm used to encode the password field is technically
+  referred to as a one way hash function.  This is an algorithm that is
+  easy to compute in one direction, but very difficult to calculate in
+  the reverse direction.  More about the actual algorithm used can be
+  found in section 2.4 or your crypt(3) manual page.
+
+  When a user picks or is assigned a password, it is encoded with a
+  randomly generated value called the salt.  This means that any
+  particular password could be stored in 4096 different ways.  The salt
+  value is then stored with the encoded password.
+
+  When a user logs in and supplies a password, the salt is first
+  retrieved from the stored encoded password.  Then the supplied
+  password is encoded with the salt value, and then compared with the
+  encoded password.  If there is a match, then the user is
+  authenticated.
+
+  It is computationally difficult (but not impossible) to take a
+  randomly encoded password and recover the original password.  However,
+  on any system with more than just a few users, at least some of the
+  passwords will be common words (or simple variations of common words).
+
+  System crackers know all this, and will simply encrypt a dictionary of
+  words and common passwords using all possible 4096 salt values.  Then
+  they will compare the encoded passwords in your /etc/passwd file with
+  their database.  Once they have found a match, they have the password
+  for another account.  This is referred to as a dictionary attack, and
+  is one of the most common methods for gaining or expanding
+  unauthorized access to a system.
+
+  If you think about it, an 8 character password encodes to 4096 * 13
+  character strings.  So a dictionary of say 400,000 common words,
+  names, passwords, and simple variations would easily fit on a 4GB hard
+  drive.  The attacker need only sort them, and then check for matches.
+  Since a 4GB hard drive can be had for under $1000.00, this is well
+  within the means of most system crackers.
+
+  Also, if a cracker obtains your /etc/passwd file first, they only need
+  to encode the dictionary with the salt values actually contained in
+  your /etc/passwd file.  This method is usable by your average teenager
+  with a couple of hundred spare Megabytes and a 486 class computer.
+
+  Even without lots of drive space, utilities like crack(1) can usually
+  break at least a couple of passwords on a system with enough users
+  (assuming the users of the system are allowed to pick their own
+  passwords).
+
+  The /etc/passwd file also contains information like user ID's and
+  group ID's that are used by many system programs.  Therefore, the
+  /etc/passwd file must remain world readable.  If you were to change
+  the /etc/passwd file so that nobody can read it, the first thing that
+  you would notice is that the ls -l command now displays user ID's
+  instead of names!
+
+  The Shadow Suite solves the problem by relocating the passwords to
+  another file (usually /etc/shadow).  The /etc/shadow file is set so
+  that it cannot be read by just anyone.  Only root will be able to read
+  and write to the /etc/shadow file.  Some programs (like xlock) don't
+  need to be able to change passwords, they only need to be able to
+  verify them.  These programs can either be run suid root or you can
+  set up a group shadow that is allowed read only access to the
+  /etc/shadow file.  Then the program can be run sgid shadow.
+
+  By moving the passwords to the /etc/shadow file, we are effectively
+  keeping the attacker from having access to the encoded passwords with
+  which to perform a dictionary attack.
+
+  Additionally, the Shadow Suite adds lots of other nice features:
+
+  ·  A configuration file to set login defaults (/etc/login.defs)
+
+  ·  Utilities for adding, modifying, and deleting user accounts and
+     groups
+
+  ·  Password aging and expiration
+
+  ·  Account expiration and locking
+
+  ·  Shadowed group passwords (optional)
+
+  ·  Double length passwords (16 character passwords) NOT RECOMMENDED
+
+  ·  Better control over user's password selection
+
+  ·  Dial-up passwords
+
+  ·  Secondary authentication programs NOT RECOMMENDED
+
+  Installing the Shadow Suite contributes toward a more secure system,
+  but there are many other things that can also be done to improve the
+  security of a Linux system, and there will eventually be a series of
+  Linux Security HOWTO's that will discuss other security measures and
+  related issues.
+
+  For current information on other Linux security issues, including
+  warnings on known vulnerabilities see the Linux Security home page.
+  <http://bach.cis.temple.edu/linux/linux-security/>
+
+  2.1.  Why you might NOT want to shadow your passwd file.
+
+  There are a few circumstances and configurations in which installing
+  the Shadow Suite would NOT be a good idea:
+
+  ·  The machine does not contain user accounts.
+
+  ·  Your machine is running on a LAN and is using NIS (Network
+     Information Services) to get or supply user names and passwords to
+     other machines on the network.  (This can actually be done, but is
+     beyond the scope of this document, and really won't increase
+     security much anyway)
+
+  ·  Your machine is being used by terminal servers to verify users via
+     NFS (Network File System), NIS, or some other method.
+
+  ·  Your machine runs other software that validates users, and there is
+     no shadow version available, and you don't have the source code.
+
+  2.2.  Format of the /etc/passwd file
+
+  A non-shadowed /etc/passwd file has the following format:
+
+       username:passwd:UID:GID:full_name:directory:shell
+
+  Where:
+
+     username
+        The user (login) name
+
+     passwd
+        The encoded password
+
+     UID
+        Numerical user ID
+
+     GID
+        Numerical default group ID
+
+     full_name
+        The user's full name - Actually this field is called the GECOS
+        (General Electric Comprehensive Operating System) field and can
+        store information other than just the full name.  The Shadow
+        commands and manual pages refer to this field as the comment
+        field.
+
+     directory
+        User's home directory (Full pathname)
+
+     shell
+        User's login shell (Full Pathname)
+
+  For example:
+
+       username:Npge08pfz4wuk:503:100:Full Name:/home/username:/bin/sh
+
+  Where Np is the salt and ge08pfz4wuk is the encoded password.  The
+  encoded salt/password could just as easily have been kbeMVnZM0oL7I and
+  the two are exactly the same password.  There are 4096 possible encod­
+  ings for the same password.  (The example password in this case is
+  'password', a really bad password).
+
+  Once the shadow suite is installed, the /etc/passwd file would instead
+  contain:
+
+       username:x:503:100:Full Name:/home/username:/bin/sh
+
+  The x in the second field in this case is now just a place holder.
+  The format of the /etc/passwd file really didn't change, it just no
+  longer contains the encoded password.  This means that any program
+  that reads the /etc/passwd file but does not actually need to verify
+  passwords will still operate correctly.
+
+  The passwords are now relocated to the shadow file (usually
+  /etc/shadow file).
+
+  2.3.  Format of the shadow file
+
+  The /etc/shadow file contains the following information:
+
+       username:passwd:last:may:must:warn:expire:disable:reserved
+
+  Where:
+
+     username
+        The User Name
+
+     passwd
+        The Encoded password
+     last
+        Days since Jan 1, 1970 that password was last changed
+
+     may
+        Days before password may be changed
+
+     must
+        Days after which password must be changed
+
+     warn
+        Days before password is to expire that user is warned
+
+     expire
+        Days after password expires that account is disabled
+
+     disable
+        Days since Jan 1, 1970 that account is disabled
+
+     reserved
+        A reserved field
+
+  The previous example might then be:
+
+       username:Npge08pfz4wuk:9479:0:10000::::
+
+  2.4.  Review of crypt(3).
+
+  From the crypt(3) manual page:
+
+  "crypt is the password encryption function.  It is based on the Data
+  Encryption Standard algorithm with variations intended (among other
+  things) to discourage use of hardware implementations of a key search.
+
+  The key is a user's typed password.  The encoded string is all NULLs
+
+  The salt is a two-character string chosen from the set a-zA-Z0-9./.
+  This string is used to perturb the algorithm in one of 4096 different
+  ways.
+
+  By taking the lowest 7 bits of each character of the key, a 56-bit key
+  is obtained.  This 56-bit key is used to encrypt repeatedly a constant
+  string (usually a string consisting of all zeros).  The returned value
+  points to the encrypted password, a series of 13 printable ASCII
+  characters (the first two characters represent the salt itself).  The
+  return value points to static data whose content is overwritten by
+  each call.
+
+  Warning: The key space consists of 2**56 equal 7.2e16 possible values.
+  Exhaustive searches of this key space are possible using massively
+  parallel computers.  Software, such as crack(1), is available which
+  will search the portion of this key space that is generally used by
+  humans for passwords.  Hence, password selection should, at minimum,
+  avoid common words and names.  The use of a passwd(1) program that
+  checks for crackable passwords during the selection process is
+  recommended.
+
+  The DES algorithm itself has a few quirks which make the use of the
+  crypt(3) interface a very poor choice for anything other than password
+  authentication.  If you are planning on using the crypt(3) interface
+  for a cryptography project, don't do it: get a good book on encryption
+  and one of the widely available DES libraries."
+
+  Most Shadow Suites contain code for doubling the length of the
+  password to 16 characters.  Experts in des recommend against this, as
+  the encoding is simply applied first to the left half and then to the
+  right half of the longer password.  Because of the way crypt works,
+  this may make for a less secure encoded password then if double length
+  passwords were not used in the first place.  Additionally, it is less
+  likely that a user will be able to remember a 16 character password.
+
+  There is development work under way that would allow the
+  authentication algorithm to be replaced with something more secure and
+  with support for longer passwords (specifically the MD5 algorithm) and
+  retain compatibility with the crypt method.
+
+  If you are looking for a good book on encryption, I recommend:
+
+          "Applied Cryptography: Protocols, Algorithms, and Source Code in C"
+          by Bruce Schneier <schneier@chinet.com>
+          ISBN: 0-471-59756-2
+
+  3.  Getting the Shadow Suite.
+
+  3.1.  History of the Shadow Suite for Linux
+
+  DO NOT USE THE PACKAGES IN THIS SECTION, THEY HAVE SECURITY PROBLEMS
+
+  The original Shadow Suite was written by Julianne F. Haugh
+
+  There are several versions that have been used on Linux systems:
+
+  ·  shadow-3.3.1 is the original.
+
+  ·  shadow-3.3.1-2 is Linux specific patch made by Florian La Roche
+     <flla@stud.uni-sb.de> and contains some further enhancements.
+
+  ·  shadow-mk was specifically packaged for Linux.
+
+  The shadow-mk package contains the shadow-3.3.1 package distributed by
+  Julianne F. Haugh with the shadow-3.3.1-2 patch installed, a few fixes
+  made by Mohan Kokal <magnus@texas.net> that make installation a lot
+  easier, a patch by Joseph R.M. Zbiciak for login1.c (login.secure)
+  that eliminates the -f, -h security holes in /bin/login, and some
+  other miscellaneous patches.
+
+  The shadow.mk package was the previously recommended package, but
+  should be replaced due to a security problem with the login program.
+
+  There are security problems with Shadow versions 3.3.1, 3.3.1-2, and
+  shadow-mk involving the login program.  This login bug involves not
+  checking the length of a login name.  This causes the buffer to
+  overflow causing crashes or worse.  It has been rumored that this
+  buffer overflow can allow someone with an account on the system to use
+  this bug and the shared libraries to gain root access.  I won't
+  discuss exactly how this is possible because there are a lot of Linux
+  systems that are affected, but systems with these Shadow Suites
+  installed, and most pre-ELF distributions without the Shadow Suite are
+  vulnerable!
+
+  For more information on this and other Linux security issues, see the
+  Linux Security home page (Shared Libraries and login Program
+  Vulnerability) <http://bach.cis.temple.edu/linux/linux-security/Linux-
+  Security-FAQ/Linux-telnetd.html>
+
+  3.2.  Where to get the Shadow Suite.
+
+  The only recommended Shadow Suite is still in BETA testing, however
+  the latest versions are safe in a production environment and don't
+  contain a vulnerable login program.
+
+  The package uses the following naming convention:
+
+       shadow-YYMMDD.tar.gz
+
+  where YYMMDD is the issue date of the Suite.
+
+  This version will eventually be Version 3.3.3 when it is released from
+  Beta testing, and is maintained by Marek Michalkiewicz
+  <marekm@i17linuxb.ists.pwr.wroc.pl>.  It's available as: shadow-
+  current.tar.gz
+  <ftp://i17linuxb.ists.pwr.wroc.pl/pub/linux/shadow/shadow-
+  current.tar.gz>.
+
+  The following mirror sites have also been established:
+
+  ·  ftp://ftp.icm.edu.pl/pub/Linux/shadow/shadow-current.tar.gz
+
+  ·  ftp://iguana.hut.fi/pub/linux/shadow/shadow-current.tar.gz
+
+  ·  ftp://ftp.cin.net/usr/ggallag/shadow/shadow-current.tar.gz
+
+  ·  ftp://ftp.netural.com/pub/linux/shadow/shadow-current.tar.gz
+
+  You should use the currently available version.
+
+  You should NOT use a version older than shadow-960129 as they also
+  have the login security problem discussed above.
+
+  When this document refers to the Shadow Suite I am referring to the
+  this package.  It is assumed that this is the package that you are
+  using.
+
+  For reference, I used shadow-960129 to make these installation
+  instructions.
+
+  If you were previously using shadow-mk, you should upgrade to this
+  version and rebuild everything that you originally compiled.
+
+  3.3.  What is included with the Shadow Suite.
+
+  The Shadow Suite contains replacement programs for:
+
+  su, login, passwd, newgrp, chfn, chsh, and id
+
+  The package also contains the new programs:
+
+  chage, newusers, dpasswd, gpasswd, useradd, userdel, usermod,
+  groupadd, groupdel, groupmod, groups, pwck, grpck, lastlog, pwconv,
+  and pwunconv
+
+  Additionally, the library: libshadow.a is included for writing and/or
+  compiling programs that need to access user passwords.
+
+  Also, manual pages for the programs are also included.
+
+  There is also a configuration file for the login program which will be
+  installed as /etc/login.defs.
+
+  4.  Compiling the programs.
+
+  4.1.  Unpacking the archive.
+
+  The first step after retrieving the package is unpacking it.  The
+  package is in the tar (tape archive) format and compressed using gzip,
+  so first move it to /usr/src, then type:
+
+       tar -xzvf shadow-current.tar.gz
+
+  This will unpack it into the directory: /usr/src/shadow-YYMMDD
+
+  4.2.  Configuring with the config.h file
+
+  The first thing that you need to do is to copy over the Makefile and
+  the config.h file:
+
+       cd /usr/src/shadow-YYMMDD
+       cp Makefile.linux Makefile
+       cp config.h.linux config.h
+
+  You should then take a look at the config.h file.  This file contains
+  definitions for some of the configuration options.  If you are using
+  the recommended package, I recommend that you disable group shadow
+  support for your first time around.
+
+  By default shadowed group passwords are enabled.  To disable these
+  edit the config.h file, and change the #define SHADOWGRP to #undef
+  SHADOWGRP. I recommend that you disable them to start with, and then
+  if you really want group passwords and group administrators that you
+  enable it later and recompile.  If you leave it enabled, you must
+  create the file /etc/gshadow.
+
+  Enabling the long passwords option is NOT recommended as discussed
+  above.
+
+  Do NOT change the setting: #undef AUTOSHADOW
+
+  The AUTOSHADOW option was originally designed so that programs that
+  were shadow ignorant would still function.  This sounds good in
+  theory, but does not work correctly.  If you enable this option, and
+  the program runs as root, it may call getpwnam() as root, and later
+  write the modified entry back to the /etc/passwd file (with the no-
+  longer-shadowed password).  Such programs include chfn and chsh.  (You
+  can't get around this by swapping real and effective uid before
+  calling getpwnam() because root may use chfn and chsh too.)
+
+  The same warning is also valid if you are building libc, it has a
+  SHADOW_COMPAT option which does the same thing.  It should NOT be
+  used!  If you start getting encoded passwords back in your /etc/passwd
+  file, this is the problem.
+
+  If you are using a libc version prior to 4.6.27, you will need to make
+  a couple more changes to config.h and the Makefile.  To config.h edit
+  and change:
+
+       #define HAVE_BASENAME
+
+  to:
+
+       #undef HAVE_BASENAME
+
+  And then in the Makefile, change:
+
+       SOBJS = smain.o env.o entry.o susetup.o shell.o \
+               sub.o mail.o motd.o sulog.o age.o tz.o hushed.o
+
+       SSRCS = smain.c env.c entry.c setup.c shell.c \
+               pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \
+               tz.c hushed.c
+
+       SOBJS = smain.o env.o entry.o susetup.o shell.o \
+               sub.o mail.o motd.o sulog.o age.o tz.o hushed.o basename.o
+
+       SSRCS = smain.c env.c entry.c setup.c shell.c \
+               pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \
+               tz.c hushed.c basename.c
+
+  These changes add the code contained in basename.c which is contained
+  in libc 4.6.27 and later.
+
+  4.3.  Making backup copies of your original programs.
+
+  It would also be a good idea to track down and make backup copies of
+  the programs that the shadow suite will replace.  On a Slackware 3.0
+  system these are:
+
+  ·  /bin/su
+
+  ·  /bin/login
+
+  ·  /usr/bin/passwd
+
+  ·  /usr/bin/newgrp
+
+  ·  /usr/bin/chfn
+
+  ·  /usr/bin/chsh
+
+  ·  /usr/bin/id
+
+  The BETA package has a save target in the Makefile, but it's commented
+  out because different distributions place the programs in different
+  places.
+
+  You should also make a backup copy of your /etc/passwd file, but be
+  careful to name it something else if you place it in the same
+  directory so you don't overwrite the passwd command.
+
+  4.4.  Running make
+
+  You need to be logged as root to do most of the installation.
+
+  Run make to compile the executables in the package:
+
+       make all
+
+  You may see the warning: rcsid defined but not used.  This is fine, it
+  just happens because the author is using a version control package.
+
+  5.  Installing
+
+  5.1.  Have a boot disk handy in case you break anything.
+
+  If something goes terribly wrong, it would be handy to have a boot
+  disk.  If you have a boot/root combination from your installation,
+  that will work, otherwise see the Bootdisk-HOWTO
+  <http://sunsite.unc.edu/mdw/HOWTO/Bootdisk-HOWTO.html>, which
+  describes how to make a bootable disk.
+
+  5.2.  Removing duplicate man pages
+
+  You should also move the manual pages that are about to be replaced.
+  Even if you are brave enough install the Shadow Suite without making
+  backups, you will still want to remove the old manual pages.  The new
+  manual pages won't normally overwrite the old ones because the old
+  ones are probably compressed.
+
+  You can use a combination of: man -aW command and locate command to
+  locate the manual pages that need to be (re)moved.  It's generally
+  easier to figure out which are the older pages before you run make
+  install.
+
+  If you are using the Slackware 3.0 distribution, then the manual pages
+  you want to remove are:
+
+  ·  /usr/man/man1/chfn.1.gz
+
+  ·  /usr/man/man1/chsh.1.gz
+
+  ·  /usr/man/man1/id.1.gz
+
+  ·  /usr/man/man1/login.1.gz
+
+  ·  /usr/man/man1/passwd.1.gz
+
+  ·  /usr/man/man1/su.1.gz
+
+  ·  /usr/man/man5/passwd.5.gz
+
+  There may also be man pages of the same name in the /var/man/cat[1-9]
+  subdirectories that should also be deleted.
+
+  5.3.  Running make install
+
+  You are now ready to type: (do this as root)
+
+       make install
+
+  This will install the new and replacement programs and fix-up the file
+  permissions.  It will also install the man pages.
+
+  This also takes care of installing the Shadow Suite include files in
+  the correct places in /usr/include/shadow.
+
+  Using the BETA package you must manually copy the file login.defs to
+  the /etc subdirectory and make sure that only root can make changes to
+  it.
+
+       cp login.defs /etc
+       chmod 700 /etc/login.defs
+
+  This file is the configuration file for the login program.  You should
+  review and make changes to this file for your particular system.  This
+  is where you decide which tty's root can login from, and set other
+  security policy settings (like password expiration defaults).
+
+  5.4.  Running pwconv
+
+  The next step is to run pwconv.  This must also be done as root, and
+  is best done from the /etc subdirectory:
+
+       cd /etc
+       /usr/sbin/pwconv
+
+  pwconv takes your /etc/passwd file and strips out the fields to create
+  two files: /etc/npasswd and /etc/nshadow.
+
+  A pwunconv program is also provided if you need to make a normal
+  /etc/passwd file out of an /etc/passwd and /etc/shadow combination.
+
+  5.5.  Renaming npasswd and nshadow
+
+  Now that you have run pwconv you have created the files /etc/npasswd
+  and /etc/nshadow.  These need to be copied over to /etc/passwd and
+  /etc/shadow.  We also want to make a backup copy of the original
+  /etc/passwd file, and make sure only root can read it.  We'll put the
+  backup in root's home directory:
+
+       cd /etc
+       cp passwd ~passwd
+       chmod 600 ~passwd
+       mv npasswd passwd
+       mv nshadow shadow
+
+  You should also ensure that the file ownerships and permissions are
+  correct.  If you are going to be using X-Windows, the xlock and xdm
+  programs need to be able to read the shadow file (but not write it).
+
+  There are two ways that this can be done.  You can set xlock to suid
+  root (xdm is usually run as root anyway).  Or you can make the shadow
+  file owned by root with a group of shadow, but before you do this,
+  make sure that you have a shadow group (look in /etc/group).  None of
+  the users on the system should actually be in the shadow group.
+
+       chown root.root passwd
+       chown root.shadow shadow
+       chmod 0644 passwd
+       chmod 0640 shadow
+
+  Your system now has the password file shadowed.  You should now pop
+  over to another virtual terminal and verify that you can login.
+
+  Really, do this now!
+
+  If you can't, then something is wrong!  To get back to a non-shadowed
+  state, do the following the following:
+
+       cd /etc
+       cp ~passwd passwd
+       chmod 644 passwd
+
+  You would then restore the files that you saved earlier to their
+  proper locations.
+
+  6.  Other programs you may need to upgrade or patch
+
+  Even though the shadow suite contains replacement programs for most
+  programs that need to access passwords, there are a few additional
+  programs on most systems that require access to passwords.
+
+  If you are running a Debian Distribution (or even if you are not), you
+  can obtain Debian sources for the programs that need to be rebuild
+  from: ftp://ftp.debian.org/debian/stable/source/
+
+  The remainder of this section discusses how to upgrade adduser,
+  wu_ftpd, ftpd, pop3d, xlock, xdm and sudo so that they support the
+  shadow suite.
+
+  See the section ``Adding Shadow Support to a C program'' for a
+  discussion on how to put shadow support into any other program that
+  needs it (although the program must then be run SUID root or SGID
+  shadow to be able to actually access the shadow file).
+
+  6.1.  Slackware adduser program
+
+  Slackware distributions (and possibly some others) contain a
+  interactive program for adding users called /sbin/adduser.  A shadow
+  version of this program can be obtained from
+  ftp://sunsite.unc.edu/pub/Linux/
+  system/Admin/accounts/adduser.shadow-1.4.tar.gz.
+
+  I would encourage you to use the programs that are supplied with the
+  Shadow Suite (useradd, usermod, and userdel) instead of the slackware
+  adduser program.  They take a little time to learn how to use, but
+  it's well worth the effort because you have much more control and they
+  perform proper file locking on the /etc/passwd and /etc/shadow file
+  (adduser doesn't).
+
+  See the section on ``Putting the Shadow Suite to use'' for more
+  information.
+
+  But if you gotta have it, here is what you do:
+
+       tar -xzvf adduser.shadow-1.4.tar.gz
+       cd adduser
+       make clean
+       make adduser
+       chmod 700 adduser
+       cp adduser /sbin
+
+  6.2.  The wu_ftpd Server
+
+  Most Linux systems some with the wu_ftpd server.  If your distribution
+  does not come with shadow installed, then your wu_ftpd will not be
+  compiled for shadow.  wu_ftpd is launched from inetd/tcpd as a root
+  process.  If you are running an old wu_ftpd daemon, you will want to
+  upgrade it anyway because older ones had a bug that would allow the
+  root account to be compromised (For more info see the Linux security
+  home page <http://bach.cis.temple.edu/linux/linux-security/Linux-
+  Security-FAQ/Linux-wu.ftpd-2.4-Update.html>).
+
+  Fortunately, you only need to get the source code and recompile it
+  with shadow enabled.
+
+  If you are not running an ELF system, The wu_ftp server can be found
+  on Sunsite as wu-ftp-2.4-fixed.tar.gz
+  <ftp://sunsite.unc.edu/pub/Linux/system/Network/file-transfer/wu-
+  ftpd-2.4-fixed.tar.gz>
+
+  Once you retrieve the server, put it in /usr/src, then type:
+
+  cd /usr/src
+  tar -xzvf wu-ftpd-2.4-fixed.tar.gz
+  cd wu-ftpd-2.4-fixed
+  cp ./src/config/config.lnx.shadow ./src/config/config.lnx
+
+  Then edit ./src/makefiles/Makefile.lnx, and change the line:
+
+       LIBES    = -lbsd -support
+
+  to:
+
+       LIBES    = -lbsd -support -lshadow
+
+  Now you are ready to run the build script and install:
+
+       cd /usr/src/wu-ftpd-2.4-fixed
+       /usr/src/wu-ftp-2.4.fixed/build lnx
+       cp /usr/sbin/wu.ftpd /usr/sbin/wu.ftpd.old
+       cp ./bin/ftpd /usr/sbin/wu.ftpd
+
+  This uses the Linux shadow configuration file, compiles and installs
+  the server.
+
+  On my Slackware 2.3 system I also had to do the following before
+  running build:
+
+       cd /usr/include/netinet
+       ln -s in_systm.h in_system.h
+       cd -
+
+  Problems have been reported compiling this package under ELF systems,
+  but the Beta version of the next release works fine.  It can be found
+  as wu-ftp-2.4.2-beta-10.tar.gz
+  <ftp://tscnet.com/pub/linux/network/ftp/wu-ftpd-2.4.2-beta-10.tar.gz>
+
+  Once you retrieve the server, put it in /usr/src, then type:
+
+       cd /usr/src
+       tar -xzvf wu-ftpd-2.4.2-beta-9.tar.gz
+       cd wu-ftpd-beta-9
+       cd ./src/config
+
+  Then edit config.lnx, and change:
+
+       #undef SHADOW.PASSWORD
+
+  to:
+
+       #define SHADOW.PASSWORD
+
+  Then,
+
+       cd ../Makefiles
+
+  and edit the file Makefile.lnx and change:
+
+       LIBES = -lsupport -lbsd # -lshadow
+
+  to:
+
+       LIBES = -lsupport -lbsd -lshadow
+
+  Then build and install:
+
+       cd ..
+       build lnx
+       cp /usr/sbin/wu.ftpd /usr/sbin/wu.ftpd.old
+       cp ./bin/ftpd /usr/sbin/wu.ftpd
+
+  Note that you should check your /etc/inetd.conf file to make sure that
+  this is where your wu.ftpd server really lives.  It has been reported
+  that some distributions place the server daemons in different places,
+  and then wu.ftpd in particular may be named something else.
+
+  6.3.  Standard ftpd
+
+  If you are running the standard ftpd server, I would recommend that
+  you upgrade to the wu_ftpd server.  Aside from the known bug discussed
+  above, it's generally thought to be more secure.
+
+  If you insist on the standard one, or you need NIS support, Sunsite
+  has ftpd-shadow-nis.tgz
+  <ftp://sunsite.unc.edu/pub/Linux/system/Network/file-transfer/ftpd-
+  shadow-nis.tgz>
+
+  6.4.  pop3d (Post Office Protocol 3)
+
+  If you need to support the third Post Office Protocol (POP3), you will
+  need to recompile a pop3d program.  pop3d is normally run by
+  inetd/tcpd as root.
+
+  There are two versions available from Sunsite:
+  pop3d-1.00.4.linux.shadow.tar.gz
+  <ftp://sunsite.unc.edu/pub/Linux/system/Mail/pop/pop3d-1.00.4.linux.shadow.tar.gz>
+  and pop3d+shadow+elf.tar.gz
+  <ftp://sunsite.unc.edu/pub/Linux/system/Mail/pop/pop3d+shadow+elf.tar.gz>
+
+  Both of these are fairly straight forward to install.
+
+  6.5.  xlock
+
+  If you install the shadow suite, and then run X Windows System and
+  lock the screen without upgrading your xlock, you will have to use
+  CNTL-ALT-Fx to switch to another tty, login, and kill the xlock
+  process (or use CNTL-ALT-BS to kill the X server).  Fortunately it's
+  fairly easy to upgrade your xlock program.
+
+  If you are running XFree86 Versions 3.x.x, you are probably using
+  xlockmore (which is a great screen-saver in addition to a lock).  This
+  package supports shadow with a recompile.  If you have an older xlock,
+  I recommend that you upgrade to this one.
+
+  xlockmore-3.5.tgz is available at:
+  <ftp://sunsite.unc.edu/pub/Linux/X11/xutils/screensavers/xlockmore-3.7.tgz>
+
+  Basically, this is what you need to do:
+
+  Get the xlockmore-3.7.tgz file and put it in /usr/src unpack it:
+
+       tar -xzvf xlockmore-3.7.tgz
+
+  Edit the file: /usr/X11R6/lib/X11/config/linux.cf, and change the
+  line:
+
+       #define HasShadowPasswd    NO
+
+       to
+
+       #define HasShadowPasswd    YES
+
+  Then build the executables:
+
+       cd /usr/src/xlockmore
+       xmkmf
+       make depend
+       make
+
+  Then move everything into place and update file ownerships and
+  permissions:
+
+       cp xlock /usr/X11R6/bin/
+       cp XLock /var/X11R6/lib/app-defaults/
+       chown root.shadow /usr/X11R6/bin/xlock
+       chmod 2755 /usr/X11R6/bin/xlock
+       chown root.shadow /etc/shadow
+       chmod 640 /etc/shadow
+
+  Your xlock will now work correctly.
+
+  6.6.  xdm
+
+  xdm is a program that presents a login screen for X-Windows.  Some
+  systems start xdm when the system is told to goto a specified run
+  level (see /etc/inittab.
+
+  With the Shadow Suite install, xdm will need to be updated.
+  Fortunately it's fairly easy to upgrade your xdm program.
+
+  xdm.tar.gz is available at:
+  <ftp://sunsite.unc.edu/pub/Linux/X11/xutils/xdm.tar.gz>
+
+  Get the xdm.tar.gz file and put it in /usr/src, then to unpack it:
+
+       tar -xzvf xdm.tar.gz
+
+  Edit the file: /usr/X11R6/lib/X11/config/linux.cf, and change the
+  line:
+
+       #define HasShadowPasswd    NO
+
+       to
+
+       #define HasShadowPasswd    YES
+
+  Then build the executables:
+
+       cd /usr/src/xdm
+       xmkmf
+       make depend
+       make
+
+  Then move everything into place:
+
+  cp xdm /usr/X11R6/bin/
+
+  xdm is run as root so you don't need to change it file permissions.
+
+  6.7.  sudo
+
+  The program sudo allows a system administrator to let users run
+  programs that would normally require root access.  This is handy
+  because it lets the administrator limit access to the root account
+  itself while still allowing users to do things like mounting drives.
+
+  sudo needs to read passwords because it verifies the users password
+  when it's invoked.  sudo already runs SUID root, so accessing the
+  /etc/shadow file is not a problem.
+
+  sudo for the shadow suite, is available as at:
+  <ftp://sunsite.unc.edu/pub/Linux/system/Admin/sudo-1.2-shadow.tgz>
+
+  Warning: When you install sudo your /etc/sudoers file will be replaced
+  with a default one, so you need to make a backup of it if you have
+  added anything to the default one.  (you could also edit the Makefile
+  and remove the line that copies the default file to /etc).
+
+  The package is already setup for shadow, so all that's required is to
+  recompile the package (put it in /usr/src):
+
+       cd /usr/src
+       tar -xzvf sudo-1.2-shadow.tgz
+       cd sudo-1.2-shadow
+       make all
+       make install
+
+  6.8.  imapd (E-Mail pine package)
+
+  imapd is an e-mail server similar to pop3d.  imapd comes with the Pine
+  E-mail package.  The documentation that comes with the package states
+  that the default for Linux systems is to include support for shadow.
+  However, I have found that this is not true.  Furthermore, the build
+  script / Makefile combination on this package is makes it very
+  difficult to add the libshadow.a library at compile time, so I was
+  unable to add shadow support for imapd.
+
+  If anyone has this figured out, please E-mail me, and I'll include the
+  solution here.
+
+  6.9.  pppd (Point-to-Point Protocol Server)
+
+  The pppd server can be setup to use several types of authentication:
+  Password Authentication Protocol (PAP) and Cryptographic Handshake
+  Authentication Protocol (CHAP).  The pppd server usually reads the
+  password strings that it uses from /etc/ppp/chap-secrets and/or
+  /etc/ppp/pap-secrets.  If you are using this default behavior of pppd,
+  it is not necessary to reinstall pppd.
+
+  pppd also allows you to use the login parameter (either on the command
+  line, or in the configuration or options file).  If the login option
+  is given, then pppd will use the /etc/passwd file for the username and
+  passwords for the PAP.  This, of course, will no longer work now that
+  our password file is shadowed.  For pppd-1.2.1d this requires adding
+  code for shadow support.
+
+  The example given in the next section is adding shadow support to
+  pppd-1.2.1d (an older version of pppd).
+
+  pppd-2.2.0 already contains shadow support.
+
+  7.  Putting the Shadow Suite to use.
+
+  This section discusses some of the things that you will want to know
+  now that you have the Shadow Suite installed on your system.  More
+  information is contained in the manual pages for each command.
+
+  7.1.  Adding, Modifying, and deleting users
+
+  The Shadow Suite added the following command line oriented commands
+  for adding, modifying, and deleting users.  You may also have
+  installed the adduser program.
+
+  7.1.1.  useradd
+
+  The useradd command can be used to add users to the system.  You also
+  invoke this command to change the default settings.
+
+  The first thing that you should do is to examine the default settings
+  and make changes specific to your system:
+
+       useradd -D
+
+  ______________________________________________________________________
+  GROUP=1
+  HOME=/home
+  INACTIVE=0
+  EXPIRE=0
+  SHELL=
+  SKEL=/etc/skel
+  ______________________________________________________________________
+
+  The defaults are probably not what you want, so if you started adding
+  users now you would have to specify all the information for each user.
+  However, we can and should change the default values.
+
+  On my system:
+
+  ·  I want the default group to be 100
+
+  ·  I want passwords to expire every 60 days
+
+  ·  I don't want to lock an account because the password is expired
+
+  ·  I want to default shell to be /bin/bash
+
+     To make these changes I would use:
+
+       useradd -D -g100 -e60 -f0 -s/bin/bash
+
+  Now running useradd -D will give:
+
+  ______________________________________________________________________
+  GROUP=100
+  HOME=/home
+  INACTIVE=0
+  EXPIRE=60
+  SHELL=/bin/bash
+  SKEL=/etc/skel
+  ______________________________________________________________________
+
+  Just in case you wanted to know, these defaults are stored in the file
+  /etc/default/useradd.
+
+  Now you can use useradd to add users to the system.  For example, to
+  add the user fred, using the defaults, you would use the following:
+
+       useradd -m -c "Fred Flintstone" fred
+
+  This will create the following entry in the /etc/passwd file:
+
+       fred:*:505:100:Fred Flintstone:/home/fred:/bin/bash
+
+  And the following entry in the /etc/shadow file:
+
+       fred:!:0:0:60:0:0:0:0
+
+  fred's home directory will be created and the contents of /etc/skel
+  will be copied there because of the -m switch.
+
+  Also, since we did not specify a UID, the next available one was used.
+
+  fred's account is created, but fred still won't be able to login until
+  we unlock the account.  We do this by changing the password.
+
+       passwd fred
+
+  ______________________________________________________________________
+  Changing password for fred
+  Enter the new password (minimum of 5 characters)
+  Please use a combination of upper and lower case letters and numbers.
+  New Password: *******
+  Re-enter new password: *******
+  ______________________________________________________________________
+
+  Now the /etc/shadow will contain:
+
+       fred:J0C.WDR1amIt6:9559:0:60:0:0:0:0
+
+  And fred will now be able to login and use the system.  The nice thing
+  about useradd and the other programs that come with the Shadow Suite
+  is that they make changes to the /etc/passwd and /etc/shadow files
+  atomically.  So if you are adding a user, and another user is changing
+  their password at the same time, both operations will be performed
+  correctly.
+
+  You should use the supplied commands rather than directly editing
+  /etc/passwd and /etc/shadow.  If you were editing the /etc/shadow
+  file, and a user were to change his password while you are editing,
+  and then you were to save the file you were editing, the user's
+  password change would be lost.
+
+  Here is a small interactive script that adds users using useradd and
+  passwd:
+
+  ______________________________________________________________________
+  #!/bin/bash
+  #
+  # /sbin/newuser - A script to add users to the system using the Shadow
+  #                 Suite's useradd and passwd commands.
+  #
+  # Written my Mike Jackson <mhjack@tscnet.com> as an example for the Linux
+  # Shadow Password Howto.  Permission to use and modify is expressly granted.
+  #
+  # This could be modified to show the defaults and allow modification similar
+  # to the Slackware Adduser program.  It could also be modified to disallow
+  # stupid entries.  (i.e. better error checking).
+  #
+  ##
+  #  Defaults for the useradd command
+  ##
+  GROUP=100        # Default Group
+  HOME=/home       # Home directory location (/home/username)
+  SKEL=/etc/skel   # Skeleton Directory
+  INACTIVE=0       # Days after password expires to disable account (0=never)
+  EXPIRE=60        # Days that a passwords lasts
+  SHELL=/bin/bash  # Default Shell (full path)
+  ##
+  #  Defaults for the passwd command
+  ##
+  PASSMIN=0        # Days between password changes
+  PASSWARN=14      # Days before password expires that a warning is given
+  ##
+  #  Ensure that root is running the script.
+  ##
+  WHOAMI=`/usr/bin/whoami`
+  if [ $WHOAMI != "root" ]; then
+          echo "You must be root to add news users!"
+          exit 1
+  fi
+  ##
+  #  Ask for username and fullname.
+  ##
+  echo ""
+  echo -n "Username: "
+  read USERNAME
+  echo -n "Full name: "
+  read FULLNAME
+  #
+  echo "Adding user: $USERNAME."
+  #
+  # Note that the "" around $FULLNAME is required because this field is
+  # almost always going to contain at least on space, and without the "'s
+  # the useradd command would think that you we moving on to the next
+  # parameter when it reached the SPACE character.
+  #
+  /usr/sbin/useradd -c"$FULLNAME" -d$HOME/$USERNAME -e$EXPIRE \
+          -f$INACTIVE -g$GROUP -m -k$SKEL -s$SHELL $USERNAME
+  ##
+  #  Set password defaults
+  ##
+  /bin/passwd -n $PASSMIN -w $PASSWARN $USERNAME >/dev/null 2>&1
+  ##
+  #  Let the passwd command actually ask for password (twice)
+  ##
+  /bin/passwd $USERNAME
+  ##
+  #  Show what was done.
+  ##
+  echo ""
+  echo "Entry from /etc/passwd:"
+  echo -n "   "
+  grep "$USERNAME:" /etc/passwd
+  echo "Entry from /etc/shadow:"
+  echo -n "   "
+  grep "$USERNAME:" /etc/shadow
+  echo "Summary output of the passwd command:"
+  echo -n "   "
+  passwd -S $USERNAME
+  echo ""
+  ______________________________________________________________________
+
+  Using a script to add new users is really much more preferable than
+  editing the /etc/passwd or /etc/shadow files directly or using a
+  program like the Slackware adduser program.  Feel free to use and
+  modify this script for your particular system.
+
+  For more information on the useradd see the online manual page.
+
+  7.1.2.  usermod
+
+  The usermod program is used to modify the information on a user.  The
+  switches are similar to the useradd program.
+
+  Let's say that you want to change fred's shell, you would do the
+  following:
+
+       usermod -s /bin/tcsh fred
+
+  Now fred's /etc/passwd file entry would be change to this:
+
+       fred:*:505:100:Fred Flintstone:/home/fred:/bin/tcsh
+
+  Let's make fred's account expire on 09/15/97:
+
+       usermod -e 09/15/97 fred
+
+  Now fred's entry in /etc/shadow becomes:
+
+       fred:J0C.WDR1amIt6:9559:0:60:0:0:10119:0
+
+  For more information on the usermod command see the online manual
+  page.
+
+  7.1.3.  userdel
+
+  userdel does just what you would expect, it deletes the user's
+  account.  You simply use:
+
+       userdel -r username
+
+  The -r causes all files in the user's home directory to be removed
+  along with the home directory itself.  Files located in other file
+  system will have to be searched for and deleted manually.
+
+  If you want to simply lock the account rather than delete it, use the
+  passwd command instead.
+
+  7.2.  The passwd command and passwd aging.
+
+  The passwd command has the obvious use of changing passwords.
+  Additionally, it is used by the root user to:
+
+  ·  Lock and unlock accounts (-l and -u)
+
+  ·  Set the maximum number of days that a password remains valid (-x)
+
+  ·  Set the minimum days between password changes (-n)
+
+  ·  Sets the number of days of warning that a password is about to
+     expire (-w)
+
+  ·  Sets the number of days after the password expires before the
+     account is locked (-i)
+
+  ·  Allow viewing of account information in a clearer format (-S)
+
+  For example, let look again at fred
+
+       passwd -S fred
+       fred P 03/04/96 0 60 0 0
+
+  This means that fred's password is valid, it was last changed on
+  03/04/96, it can be changed at any time, it expires after 60 days,
+  fred will not be warned, and and the account won't be disabled when
+  the password expires.
+
+  This simply means that if fred logs in after the password expires, he
+  will be prompted for a new password at login.
+
+  If we decide that we want to warn fred 14 days before his password
+  expires and make his account inactive 14 days after he lets it expire,
+  we would need to do the following:
+
+       passwd -w14 -i14 fred
+
+  Now fred is changed to:
+       fred P 03/04/96 0 60 14 14
+
+  For more information on the passwd command see the online manual page.
+
+  7.3.  The login.defs file.
+
+  The file /etc/login is the configuration file for the login program
+  and also for the Shadow Suite as a whole.
+
+  /etc/login contains settings from what the prompts will look like to
+  what the default expiration will be when a user changes his password.
+
+  The /etc/login.defs file is quite well documented just by the comments
+  that are contained within it.  However, there are a few things to
+  note:
+
+  ·  It contains flags that can be turned on or off that determine the
+     amount of logging that takes place.
+
+  ·  It contains pointers to other configuration files.
+
+  ·  It contains defaults assignments for things like password aging.
+
+  From the above list you can see that this is a rather important file,
+  and you should make sure that it is present, and that the settings are
+  what you desire for your system.
+
+  7.4.  Group passwords.
+
+  The /etc/groups file may contain passwords that permit a user to
+  become a member of a particular group.  This function is enabled if
+  you define the constant SHADOWGRP in the /usr/src/shadow-
+  YYMMDD/config.h file.
+
+  If you define this constant and then compile, you must create an
+  /etc/gshadow file to hold the group passwords and the group
+  administrator information.
+
+  When you created the /etc/shadow, you used a program called pwconv,
+  there no equivalent program to create the /etc/gshadow file, but it
+  really doesn't matter, it takes care of itself.
+
+  To create the initial /etc/gshadow file do the following:
+
+       touch /etc/gshadow
+       chown root.root /etc/gshadow
+       chmod 700 /etc/gshadow
+
+  Once you create new groups, they will be added to the /etc/group and
+  the /etc/gshadow files.  If you modify a group by adding or removing
+  users or changing the group password, the /etc/gshadow file will be
+  changed.
+
+  The programs groups, groupadd, groupmod, and groupdel are provided as
+  part of the Shadow Suite to modify groups.
+
+  The format of the /etc/group file is as follows:
+
+       groupname:!:GID:member,member,...
+
+  Where:
+
+     groupname
+        The name of the group
+
+     !  The field that normally holds the password, but that is now
+        relocated to the /etc/gshadow file.
+
+     GID
+        The numerical group ID number
+
+     member
+        List of group members
+
+  The format of the /etc/gshadow file is as follows:
+
+       groupname:password:admin,admin,...:member,member,...
+
+  Where:
+
+     groupname
+        The name of the group
+
+     password
+        The encoded group password.
+
+     admin
+        List of group administrators
+
+     member
+        List of group members
+
+  The command gpasswd is used only for adding or removing administrators
+  and members to or from a group.  root or someone in the list of
+  administrators may add or remove group members.
+
+  The groups password can be changed using the passwd command by root or
+  anyone listed as an administrator for the group.
+
+  Despite the fact that there is not currently a manual page for
+  gpasswd, typing gpasswd without any parameters gives a listing of
+  options.  It's fairly easy to grasp how it all works once you
+  understand the file formats and the concepts.
+
+  7.5.  Consistency checking programs
+
+  7.5.1.  pwck
+
+  The program pwck is provided to provide a consistency check on the
+  /etc/passwd and /etc/shadow files.  It will check each username and
+  verify that it has the following:
+
+  ·  the correct number of fields
+
+  ·  unique user name
+
+  ·  valid user and group identifier
+
+  ·  valid primary group
+
+  ·  valid home directory
+
+  ·  valid login shell
+
+  It will also warn of any account that has no password.
+
+  It's a good idea to run pwck after installing the Shadow Suite.  It's
+  also a good idea to run it periodically, perhaps weekly or monthly.
+  If you use the -r option, you can use cron to run it on a regular
+  basis and have the report mailed to you.
+
+  7.5.2.  grpck
+
+  grpck is the consistency checking program for the /etc/group and
+  /etc/gshadow files.  It performs the following checks:
+
+  ·  the correct number of fields
+
+  ·  unique group name
+
+  ·  valid list of members and administrators
+
+  It also has the -r option for automated reports.
+
+  7.6.  Dial-up passwords.
+
+  Dial-up passwords are another optional line of defense for systems
+  that allow dial-in access.  If you have a system that allows many
+  people to connect locally or via a network, but you want to limit who
+  can dial in and connect, then dial-up passwords are for you.  To
+  enable dial-up passwords, you must edit the file /etc/login.defs and
+  ensure that DIALUPS_CHECK_ENAB is set to yes.
+
+  Two files contain the dial-up information, /etc/dialups which contains
+  the ttys (one per line, with the leading "/dev/" removed).  If a tty
+  is listed then dial-up checks are performed.
+
+  The second file is the /etc/d_passwd file.  This file contains the
+  fully qualified path name of a shell, followed by an optional
+  password.
+
+  If a user logs into a line that is listed in /etc/dialups, and his
+  shell is listed in the file /etc/d_passwd he will be allowed access
+  only by suppling the correct password.
+
+  Another useful purpose for using dial-up passwords might be to setup a
+  line that only allows a certain type of connect (perhaps a PPP or UUCP
+  connection).  If a user tries to get another type of connection (i.e.
+  a list of shells), he must know a password to use the line.
+
+  Before you can use the dial-up feature, you must create the files.
+
+  The command dpasswd is provided to assign passwords to the shells in
+  the /etc/d_passwd file.  See the manual page for more information.
+  8.  Adding shadow support to a C program
+
+  Adding shadow support to a program is actually fairly straightforward.
+  The only problem is that the program must be run by root (or SUID
+  root) in order for the the program to be able to access the
+  /etc/shadow file.
+
+  This presents one big problem: very careful programming practices must
+  be followed when creating SUID programs.  For instance, if a program
+  has a shell escape, this must not occur as root if the program is SUID
+  root.
+
+  For adding shadow support to a program so that it can check passwords,
+  but otherwise does need to run as root, it's a lot safer to run the
+  program SUID shadow instead.  The xlock program is an example of this.
+
+  In the example given below, pppd-1.2.1d already runs SUID as root, so
+  adding shadow support should not make the program any more vulnerable.
+
+  8.1.  Header files
+
+  The header files should reside in /usr/include/shadow.  There should
+  also be a /usr/include/shadow.h, but it will be a symbolic link to
+  /usr/include/shadow/shadow.h.
+
+  To add shadow support to a program, you need to include the header
+  files:
+
+  #include <shadow/shadow.h>
+  #include <shadow/pwauth.h>
+
+  It might be a good idea to use compiler directives to conditionally
+  compile the shadow code (I do in the example below).
+
+  8.2.  libshadow.a library
+
+  When you installed the Shadow Suite the libshadow.a file was created
+  and installed in /usr/lib.
+
+  When compiling shadow support into a program, the linker needs to be
+  told to include the libshadow.a library into the link.
+
+  This is done by:
+
+       gcc program.c -o program -lshadow
+
+  However, as we will see in the example below, most large programs use
+  a Makefile, and usually have a variable called LIBS=... that we will
+  modify.
+
+  8.3.  Shadow Structure
+
+  The libshadow.a library uses a structure called spwd for the
+  information it retrieves from the /etc/shadow file.  This is the
+  definition of the spwd structure from the /usr/include/shadow/shadow.h
+  header file:
+
+  ______________________________________________________________________
+  struct spwd
+  {
+    char *sp_namp;                /* login name */
+    char *sp_pwdp;                /* encrypted password */
+    sptime sp_lstchg;             /* date of last change */
+    sptime sp_min;                /* minimum number of days between changes */
+    sptime sp_max;                /* maximum number of days between changes */
+    sptime sp_warn;               /* number of days of warning before password
+                                     expires */
+    sptime sp_inact;              /* number of days after password expires
+                                     until the account becomes unusable. */
+    sptime sp_expire;             /* days since 1/1/70 until account expires
+  */
+    unsigned long sp_flag;        /* reserved for future use */
+  };
+  ______________________________________________________________________
+
+  The Shadow Suite can put things into the sp_pwdp field besides just
+  the encoded passwd.  The password field could contain:
+
+       username:Npge08pfz4wuk;@/sbin/extra:9479:0:10000::::
+
+  This means that in addition to the password, the program /sbin/extra
+  should be called for further authentication.  The program called will
+  get passed the username and a switch that indicates why it's being
+  called.  See the file /usr/include/shadow/pwauth.h and the source code
+  for pwauth.c for more information.
+
+  What this means is that we should use the function pwauth to perform
+  the actual authentication, as it will take care of the secondary
+  authentication as well.  The example below does this.
+
+  The author of the Shadow Suite indicates that since most programs in
+  existence don't do this, and that it may be removed or changed in
+  future versions of the Shadow Suite.
+
+  8.4.  Shadow Functions
+
+  The shadow.h file also contains the function prototypes for the
+  functions contained in the libshadow.a library:
+
+  ______________________________________________________________________
+  extern void setspent __P ((void));
+  extern void endspent __P ((void));
+  extern struct spwd *sgetspent __P ((__const char *__string));
+  extern struct spwd *fgetspent __P ((FILE *__fp));
+  extern struct spwd *getspent __P ((void));
+  extern struct spwd *getspnam __P ((__const char *__name));
+  extern int putspent __P ((__const struct spwd *__sp, FILE *__fp));
+  ______________________________________________________________________
+
+  The function that we are going to use in the example is: getspnam
+  which will retrieve for us a spwd structure for the supplied name.
+
+  8.5.  Example
+
+  This is an example of adding shadow support to a program that needs
+  it, but does not have it by default.
+
+  This example uses the Point-to-Point Protocol Server (pppd-1.2.1d),
+  which has a mode in which it performs PAP authentication using user
+  names and passwords from the /etc/passwd file instead of the PAP or
+  CHAP files.  You would not need to add this code to pppd-2.2.0 because
+  it's already there.
+
+  This feature of pppd probably isn't used very much, but if you
+  installed the Shadow Suite, it won't work anymore because the
+  passwords are no longer stored in /etc/passwd.
+
+  The code for authenticating users under pppd-1.2.1d is located in the
+  /usr/src/pppd-1.2.1d/pppd/auth.c file.
+
+  The following code needs to be added to the top of the file where all
+  the other #include directives are.  We have surrounded the #includes
+  with conditional directives (i.e. only include if we are compiling for
+  shadow support).
+
+  ______________________________________________________________________
+  #ifdef HAS_SHADOW
+  #include <shadow.h>
+  #include <shadow/pwauth.h>
+  #endif
+  ______________________________________________________________________
+
+  The next thing to do is to modify the actual code.  We are still
+  making changes to the auth.c file.
+
+  Function auth.c before modifications:
+
+  ______________________________________________________________________
+  /*
+   * login - Check the user name and password against the system
+   * password database, and login the user if OK.
+   *
+   * returns:
+   *      UPAP_AUTHNAK: Login failed.
+   *      UPAP_AUTHACK: Login succeeded.
+   * In either case, msg points to an appropriate message.
+   */
+  static int
+  login(user, passwd, msg, msglen)
+      char *user;
+      char *passwd;
+      char **msg;
+      int *msglen;
+  {
+      struct passwd *pw;
+      char *epasswd;
+      char *tty;
+
+      if ((pw = getpwnam(user)) == NULL) {
+          return (UPAP_AUTHNAK);
+      }
+       /*
+       * XXX If no passwd, let them login without one.
+       */
+      if (pw->pw_passwd == '\0') {
+          return (UPAP_AUTHACK);
+      }
+
+      epasswd = crypt(passwd, pw->pw_passwd);
+      if (strcmp(epasswd, pw->pw_passwd)) {
+          return (UPAP_AUTHNAK);
+      }
+
+      syslog(LOG_INFO, "user %s logged in", user);
+
+      /*
+       * Write a wtmp entry for this user.
+       */
+      tty = strrchr(devname, '/');
+      if (tty == NULL)
+          tty = devname;
+      else
+          tty++;
+      logwtmp(tty, user, "");             /* Add wtmp login entry */
+      logged_in = TRUE;
+
+      return (UPAP_AUTHACK);
+  }
+  ______________________________________________________________________
+
+  The user's password is placed into pw->pw_passwd, so all we really
+  need to do is add the function getspnam.  This will put the password
+  into spwd->sp_pwdp.
+
+  We will add the function pwauth to perform the actual authentication.
+  This will automatically perform secondary authentication if the shadow
+  file is setup for it.
+
+  Function auth.c after modifications to support shadow:
+
+  ______________________________________________________________________
+  /*
+   * login - Check the user name and password against the system
+   * password database, and login the user if OK.
+   *
+   * This function has been modified to support the Linux Shadow Password
+   * Suite if USE_SHADOW is defined.
+   *
+   * returns:
+   *      UPAP_AUTHNAK: Login failed.
+   *      UPAP_AUTHACK: Login succeeded.
+   * In either case, msg points to an appropriate message.
+   */
+  static int
+  login(user, passwd, msg, msglen)
+      char *user;
+      char *passwd;
+      char **msg;
+      int *msglen;
+  {
+      struct passwd *pw;
+      char *epasswd;
+      char *tty;
+
+  #ifdef USE_SHADOW
+      struct spwd *spwd;
+      struct spwd *getspnam();
+  #endif
+
+      if ((pw = getpwnam(user)) == NULL) {
+          return (UPAP_AUTHNAK);
+      }
+
+  #ifdef USE_SHADOW
+          spwd = getspnam(user);
+          if (spwd)
+                  pw->pw_passwd = spwd->sp-pwdp;
+  #endif
+
+       /*
+       * XXX If no passwd, let NOT them login without one.
+       */
+      if (pw->pw_passwd == '\0') {
+          return (UPAP_AUTHNAK);
+      }
+  #ifdef HAS_SHADOW
+      if ((pw->pw_passwd && pw->pw_passwd[0] == '@'
+           && pw_auth (pw->pw_passwd+1, pw->pw_name, PW_LOGIN, NULL))
+          || !valid (passwd, pw)) {
+          return (UPAP_AUTHNAK);
+      }
+  #else
+      epasswd = crypt(passwd, pw->pw_passwd);
+      if (strcmp(epasswd, pw->pw_passwd)) {
+          return (UPAP_AUTHNAK);
+      }
+  #endif
+
+      syslog(LOG_INFO, "user %s logged in", user);
+
+      /*
+       * Write a wtmp entry for this user.
+       */
+      tty = strrchr(devname, '/');
+      if (tty == NULL)
+          tty = devname;
+      else
+          tty++;
+      logwtmp(tty, user, "");             /* Add wtmp login entry */
+      logged_in = TRUE;
+
+      return (UPAP_AUTHACK);
+  }
+  ______________________________________________________________________
+
+  Careful examination will reveal that we made another change as well.
+  The original version allowed access (returned UPAP_AUTHACK if there
+  was NO password in the /etc/passwd file.  This is not good, because a
+  common use of this login feature is to use one account to allow access
+  to the PPP process and then check the username and password supplied
+  by PAP with the username in the /etc/passwd file and the password in
+  the /etc/shadow file.
+
+  So if we had set the original version up to run as the shell for a
+  user i.e.  ppp, then anyone could get a ppp connection by setting
+  their PAP to user ppp and a password of null.
+
+  We fixed this also by returning UPAP_AUTHNAK instead of UPAP_AUTHACK
+  if the password field was empty.
+
+  Interestingly enough, pppd-2.2.0 has the same problem.
+
+  Next we need to modify the Makefile so that two things occur:
+  USE_SHADOW must be defined, and libshadow.a needs to be added to the
+  linking process.
+
+  Edit the Makefile, and add:
+
+       LIBS = -lshadow
+
+  Then we find the line:
+
+       COMPILE_FLAGS = -I.. -D_linux_=1 -DGIDSET_TYPE=gid_t
+
+  And change it to:
+
+       COMPILE_FLAGS = -I.. -D_linux_=1 -DGIDSET_TYPE=gid_t -DUSE_SHADOW
+
+  Now make and install.
+
+  9.  Frequently Asked Questions.
+
+  Q: I used to control which tty's root could log into using the file
+  /etc/securettys, but it doesn't seem to work anymore, what's going on?
+
+  A: The file /etc/securettys does absolutely nothing now that the
+  Shadow Suite is installed.  The tty's that root can use are now
+  located in the login configuration file /etc/login.defs.  The entry in
+  this file may point to another file.
+
+  Q: I installed the Shadow Suite, but now I can't login, what did I
+  miss?
+
+  A: You probably installed the Shadow programs, but didn't run pwconv
+  or you forgot to copy /etc/npasswd to /etc/passwd and /etc/nshadow to
+  /etc/shadow.  Also, you may need to copy login.defs to /etc.
+
+  Q: In the section on xlock, it said to change the group ownership of
+  the /etc/shadow file to shadow.  I don't have a shadow group, what do
+  I do?
+
+  A: You can add one.  Simply edit the /etc/group file, and insert a
+  line for the shadow group.  You need to ensure that the group number
+  is not used by another group, and you need to insert it before the
+  nogroup entry.  Or you can simply suid xlock to root.
+
+  Q: Is there a mailing list for the Linux Shadow Password Suite?
+
+  A: Yes, but it's for the development and beta testing of the next
+  Shadow Suite for Linux.  You can get added to the list by mailing to:
+  shadow-list-request@neptune.cin.net with a subject of: subscribe.  The
+  list is actually for discussions of the Linux shadow-YYMMSS series of
+  releases.  You should join if you want to get involved in further
+  development or if you install the Suite on your system and want to get
+  information on newer releases.
+
+  Q: I installed the Shadow Suite, but when I use the userdel command, I
+  get "userdel: cannot open shadow group file", what did I do wrong?
+
+  A: You compiled the Shadow Suite with the SHADOWGRP option enabled,
+  but you don't have an /etc/gshadow file.  You need to either edit the
+  config.h file and recompile, or create an /etc/group file.  See the
+  section on shadow groups.
+
+  Q: I installed the Shadow Suite but now I'm getting encoded passwords
+  back in my /etc/passwd file, what's wrong?
+
+  A: You either enabled the AUTOSHADOW option in the Shadow config.h
+  file, or your libc was compiled with the SAHDOW_COMPAT option.  You
+  need to determine which is the problem, and recompile.
+
+  10.  Copyright Message.
+
+  The Linux Shadow Password HOWTO is Copyright (c) 1996 Michael H.
+  Jackson.
+
+  Permission is granted to make and distribute verbatim copies of this
+  document provided the copyright notice and this permission notice are
+  preserved on all copies.
+
+  Permission is granted to copy and distribute modified versions of this
+  document under the conditions for verbatim copies above, provided a
+  notice clearly stating that the document is a modified version is also
+  included in the modified document.
+
+  Permission is granted to copy and distribute translations of this
+  document into another language, under the conditions specified above
+  for modified versions.
+
+  Permission is granted to convert this document into another media
+  under the conditions specified above for modified versions provided
+  the requirement to acknowledge the source document is fulfilled by
+  inclusion of an obvious reference to the source document in the new
+  media. Where there is any doubt as to what defines 'obvious' the
+  copyright owner reserves the right to decide.
+
+  11.  Miscellaneous and Acknowledgments.
+
+  The code examples for auth.c are taken from pppd-1.2.1d and
+  ppp-2.1.0e, Copyright (c) 1993 and The Australian National University
+  and Copyright (c) 1989 Carnegie Mellon University.
+
+  Thanks to Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl> for
+  writing and maintaining the Shadow Suite for Linux, and for his review
+  and comments on this document.
+
+  Thanks to Ron Tidd <rtidd@tscnet.com> for his helpful review and
+  testing.
+
+  Thanks to everyone who has sent me feedback to help improve this
+  document.
+
+  Please, if you have any comments or suggestions then mail them to me.
+
+  regards
+
+  Michael H. Jackson <mhjack@tscnet.com>
+
diff --git a/doc/Makefile.am b/doc/Makefile.am
new file mode 100644
index 0000000..85f2248
--- /dev/null
+++ b/doc/Makefile.am
@@ -0,0 +1,5 @@
+# This is a dummy Makefile.am to get automake work flawlessly,
+# and also cooperate to make a distribution for `make dist'
+
+EXTRA_DIST = HOWTO README.limits \
+    README.platforms WISHLIST console.c.spec.txt cracklib26.diff
diff --git a/doc/README.limits b/doc/README.limits
new file mode 100644
index 0000000..6551ad7
--- /dev/null
+++ b/doc/README.limits
@@ -0,0 +1,66 @@
+
+ABOUT shadow-login limits:
+
+This code is merged into shadow login program from the original LShell 2.01
+written by Joel Katz. The port and some additional features have been added
+by Cristian Gafton (gafton@sorosis.ro).
+
+
+Changes:
+	- 96/04/16
+		- {spaces,tabs} allowed within limits string
+		- Warn via syslog multiple default limits
+		- added few paragraphs to the login man page
+	- 96/04/14
+		- code merged into lmain.c --cristiang
+
+TODO:	- support groups in the limits file
+	  (only usernames are supported at this momment :-( )
+
+Setting user limits for shadow login program
+
+First, make a root-only-readable file (/etc/limits by default or LIMITS_FILE
+defined config.h) that describes the resource limits you wish to impose. By
+default no quotas are imposed on 'root'. In fact, there is no way to impose
+limits via this procedure to root-equiv accounts (accounts with UID 0).
+
+Each line describes a limit for a user in the form:
+
+	user LIMITS_STRING
+
+The LIMITS_STRING is a string of a concatenated list of resource limits.
+Each limit consists of a letter identifier followed by a numerical limit.
+The valid identifiers are:
+
+	A: max address space (KB)
+	C: max core file size (KB)
+	D: max data size (KB)
+	F: maximum filesize (KB)
+	M: max locked-in-memory address space (KB)
+	N: max number of open files
+	R: max resident set size (KB)
+	S: max stack size (KB)
+	T: max CPU time (MIN)
+	U: max number of processes
+	L: max number of logins for this user
+
+For example, L2D2048N5 is a valid LIMITS_STRING. For reading convenience,
+the following entries are equivalent:
+
+username L2D2048N5
+username L2 D2048 N5
+
+Be aware that after <username> the rest of the line is considered a limit
+string, thus comments are not allowed. A invalid limits string will be
+rejected (not considered) by the login program.
+
+The default entry is denoted by username '*'. If you have multiple 'default'
+entries in your LIMITS_FILE, then the last one will be used as the default
+entry.
+
+To completely disable limits for a user, a single dash (-) will do.
+
+Also, please note that all limit settings are set PER LOGIN.  They are
+not global, nor are they permanent.  Perhaps global limits will come, but
+for now this will have to do ;)
+
diff --git a/doc/README.platforms b/doc/README.platforms
new file mode 100644
index 0000000..295d125
--- /dev/null
+++ b/doc/README.platforms
@@ -0,0 +1,33 @@
+# $Id$
+#
+# This is the current (still incomplete) list of platforms this
+# package has been verified to work on.  Additions (preferably
+# in the format as described below) are welcome.  Thanks!
+# 
+# V: last version reported to work
+# H: host type
+# L: Linux libc version
+# D: Linux distribution, or other OS name and version
+# C: changes (if any)
+# R: reported by
+
+V: 980529
+H: sparc-unknown-linux-gnu
+L: glibc-2.0.7
+D: Ultrapenguin-1.0.9
+C: had to explicitly disable desrpc.
+R: Bjorn Christianson <bjorn@cascade.psychology.mcmaster.ca>
+
+V: 980724
+H: i486-pc-linux-gnulibc1
+L: libc-5.4.33
+D: Debian-1.3.1.r6
+C: none (use dpkg-buildpackage)
+R: Marek Michalkiewicz <marekm@linux.org.pl>
+
+V: current
+H: i686-pc-linux-gnu
+L: glibc-2.0.7.19981211
+D: Debian-2.1
+C: none (use dpkg-buildpackage)
+R: Marek Michalkiewicz <marekm@linux.org.pl>
diff --git a/doc/WISHLIST b/doc/WISHLIST
new file mode 100644
index 0000000..61390bd
--- /dev/null
+++ b/doc/WISHLIST
@@ -0,0 +1,40 @@
+$Id$
+
+This is my wishlist for the shadow suite, in no particular order.  Feel
+free to do anything from this list and mail me the diffs :-).
+
+Patches in diff -u format, against the latest version (sometimes in the
+"beta" directory) are preferred and make my job easier.  Please, no
+MIME, base64, quoted-printable, or HTML.  For very big patches, or if
+your mailer can corrupt them, please use gzip and uuencode.  Thanks!
+
+New ideas to add to this list are welcome, too.  --marekm
+
+- fix all the bugs, of course
+- implement "su only" accounts (no logins, only su from other account)
+- rewrite getdef.c to be more general? (no hardcoded names)
+- patch for rlogind/telnetd to create utmp entry and fill in ut_addr
+- option to specify encrypted password in passwd (for yppasswdd, so it
+  doesn't need to know about shadow/non-shadow); should probably use a pipe
+  (less insecure than command line arguments)
+- add support for changing NIS passwords
+- add option to check passwords by piping them to external programs
+- add functionality of the contrib/rpasswd.c wrapper to passwd
+- option to generate pronounceable passwords (like on SCO), external program?
+- poppassd (remote password change for eudora etc.)
+- add support for passwd/shadow db files (glibc)
+- vipw: check password files for errors after editing
+- add "maximum time users allowed to stay logged in" limit option to logoutd
+- handle quotes in /etc/environment like the shell does (but sshd doesn't...)
+- better utmpx support (logoutd, ...)
+- better OPIE support (report number of logins left, etc.)
+- new option for /etc/suauth: don't load user's environment (force "su -")
+  suggested by Ulisses Alonso Camaro
+- find out why recent releases won't compile on Solaris
+- newusers should be able to copy /etc/skel to the new home directory
+  (like useradd)
+- add directories where other packages can add hooks for package-specific
+  per-user configuration, to be executed with run-parts. Some hooks should
+  be executed at package install time for existing users, likewise for
+  package removal and possibly modification.  (Debian Bug#36019)
+
diff --git a/doc/console.c.spec.txt b/doc/console.c.spec.txt
new file mode 100644
index 0000000..b7c0d0d
--- /dev/null
+++ b/doc/console.c.spec.txt
@@ -0,0 +1,36 @@
+$Id$
+
+Specification for console.c source file --
+
+input values --
+	tty -- character pointer to device name with leading "/dev/"
+	       removed.
+
+return values --
+	0 -- false
+	1 -- true
+
+int console (char * tty)
+	if "CONSOLE" string value is not present in login.defs
+		return true
+
+	if the first character of "CONSOLE" string value is not "/"
+		treat the string as a ":" delimited list of device
+		names and search for the value of tty in that
+		tokenized list.
+
+		if a match is found
+			return true
+
+		return false
+
+	if the file named by "CONSOLE" cannot be opened
+		return true
+
+	scan the file looking for a match between the input line
+	and the value of tty
+
+	if a match is found
+		return true
+
+	return false
diff --git a/doc/cracklib26.diff b/doc/cracklib26.diff
new file mode 100644
index 0000000..09160b8
--- /dev/null
+++ b/doc/cracklib26.diff
@@ -0,0 +1,340 @@
+diff -ur orig/cracklib26_small/cracklib/fascist.c cracklib26_small/cracklib/fascist.c
+--- orig/cracklib26_small/cracklib/fascist.c	Mon Dec 15 02:56:55 1997
++++ cracklib26_small/cracklib/fascist.c	Sat Apr  4 22:14:45 1998
+@@ -12,6 +12,7 @@
+ #include <ctype.h>
+ #include <sys/types.h>
+ #include <pwd.h>
++#include <string.h>
+ 
+ #define ISSKIP(x) (isspace(x) || ispunct(x))
+ 
+@@ -460,28 +461,27 @@
+ }
+ 
+ char *
+-FascistGecos(password, uid)
++FascistGecosPw(password, pwd)
+     char *password;
+-    int uid;
++    struct passwd *pwd;
+ {
+     int i;
+     int j;
+     int wc;
+     char *ptr;
+-    struct passwd *pwp;
+     char gbuffer[STRINGSIZE];
+     char tbuffer[STRINGSIZE];
+     char *uwords[STRINGSIZE];
+     char longbuffer[STRINGSIZE * 2];
+ 
+-    if (!(pwp = getpwuid(uid)))
++    if (!pwd)
+     {
+ 	return ("you are not registered in the password file");
+     }
+ 
+     /* lets get really paranoid and assume a dangerously long gecos entry */
+ 
+-    strncpy(tbuffer, pwp->pw_name, STRINGSIZE);
++    strncpy(tbuffer, pwd->pw_name, STRINGSIZE);
+     tbuffer[STRINGSIZE-1] = '\0';
+     if (GTry(tbuffer, password))
+     {
+@@ -490,12 +490,13 @@
+ 
+     /* it never used to be that you got passwd strings > 1024 chars, but now... */
+ 
+-    strncpy(tbuffer, pwp->pw_gecos, STRINGSIZE);
++    strncpy(tbuffer, pwd->pw_gecos, STRINGSIZE);
+     tbuffer[STRINGSIZE-1] = '\0';
+     strcpy(gbuffer, Lowercase(tbuffer));
+ 
+     wc = 0;
+     ptr = gbuffer;
++    uwords[0] = (char *) 0;
+ 
+     while (*ptr)
+     {
+@@ -530,6 +531,8 @@
+ 	    *(ptr++) = '\0';
+ 	}
+     }
++    if (!uwords[0])
++	return ((char *) 0);  /* empty gecos */
+ #ifdef DEBUG
+     for (i = 0; uwords[i]; i++)
+     {
+@@ -586,9 +589,10 @@
+ }
+ 
+ char *
+-FascistLook(pwp, instring)
++FascistLookPw(pwp, instring, pwd)
+     PWDICT *pwp;
+     char *instring;
++    struct passwd *pwd;
+ {
+     int i;
+     char *ptr;
+@@ -667,7 +671,7 @@
+ 	return ("it looks like a National Insurance number.");
+     }
+ 
+-    if (ptr = FascistGecos(password, getuid()))
++    if (ptr = FascistGecosPw(password, pwd ? pwd : getpwuid(getuid())))
+     {
+ 	return (ptr);
+     }
+@@ -715,9 +719,10 @@
+ }
+ 
+ char *
+-FascistCheck(password, path)
++FascistCheckPw(password, path, pwd)
+     char *password;
+     char *path;
++    struct passwd *pwd;
+ {
+     static char lastpath[STRINGSIZE];
+     static PWDICT *pwp;
+@@ -750,5 +755,29 @@
+ 	strncpy(lastpath, path, STRINGSIZE);
+     }
+ 
+-    return (FascistLook(pwp, pwtrunced));
++    return (FascistLookPw(pwp, pwtrunced, pwd));
++}
++
++char *
++FascistGecos(password, uid)
++    char *password;
++    int uid;
++{
++    return (FascistGecosPw(password, getpwuid(uid)));
++}
++
++char *
++FascistLook(pwp, instring)
++    PWDICT *pwp;
++    char *instring;
++{
++    return (FascistLookPw(pwp, instring, (char *) 0));
++}
++
++char *
++FascistCheck(password, path)
++    char *password;
++    char *path;
++{
++    return (FascistCheckPw(password, path, (char *) 0));
+ }
+diff -ur orig/cracklib26_small/cracklib/packer.h cracklib26_small/cracklib/packer.h
+--- orig/cracklib26_small/cracklib/packer.h	Mon Dec 15 00:09:30 1997
++++ cracklib26_small/cracklib/packer.h	Sat Jan 10 22:13:46 1998
+@@ -34,6 +34,7 @@
+     FILE *dfp;
+     FILE *wfp;
+ 
++    int canfree;
+     int32 flags;
+ #define PFOR_WRITE	0x0001
+ #define PFOR_FLUSH	0x0002
+diff -ur orig/cracklib26_small/cracklib/packlib.c cracklib26_small/cracklib/packlib.c
+--- orig/cracklib26_small/cracklib/packlib.c	Fri Jul  9 22:22:58 1993
++++ cracklib26_small/cracklib/packlib.c	Sat Jan 10 22:28:49 1998
+@@ -16,7 +16,7 @@
+     char *mode;
+ {
+     int32 i;
+-    static PWDICT pdesc;
++    PWDICT *pdesc;
+     char iname[STRINGSIZE];
+     char dname[STRINGSIZE];
+     char wname[STRINGSIZE];
+@@ -25,92 +25,94 @@
+     FILE *ifp;
+     FILE *wfp;
+ 
+-    if (pdesc.header.pih_magic == PIH_MAGIC)
+-    {
+-	fprintf(stderr, "%s: another dictionary already open\n", prefix);
++    if ((pdesc = (PWDICT *) malloc(sizeof(PWDICT))) == 0)
+ 	return ((PWDICT *) 0);
+-    }
+ 
+-    memset(&pdesc, '\0', sizeof(pdesc));
++    memset(pdesc, '\0', sizeof(*pdesc));
+ 
+     sprintf(iname, "%s.pwi", prefix);
+     sprintf(dname, "%s.pwd", prefix);
+     sprintf(wname, "%s.hwm", prefix);
+ 
+-    if (!(pdesc.dfp = fopen(dname, mode)))
++    if (!(pdesc->dfp = fopen(dname, mode)))
+     {
+ 	perror(dname);
++	free(pdesc);
+ 	return ((PWDICT *) 0);
+     }
+ 
+-    if (!(pdesc.ifp = fopen(iname, mode)))
++    if (!(pdesc->ifp = fopen(iname, mode)))
+     {
+-	fclose(pdesc.dfp);
++	fclose(pdesc->dfp);
+ 	perror(iname);
++	free(pdesc);
+ 	return ((PWDICT *) 0);
+     }
+ 
+-    if (pdesc.wfp = fopen(wname, mode))
++    if (pdesc->wfp = fopen(wname, mode))
+     {
+-	pdesc.flags |= PFOR_USEHWMS;
++	pdesc->flags |= PFOR_USEHWMS;
+     }
+ 
+-    ifp = pdesc.ifp;
+-    dfp = pdesc.dfp;
+-    wfp = pdesc.wfp;
++    ifp = pdesc->ifp;
++    dfp = pdesc->dfp;
++    wfp = pdesc->wfp;
+ 
+     if (mode[0] == 'w')
+     {
+-	pdesc.flags |= PFOR_WRITE;
+-	pdesc.header.pih_magic = PIH_MAGIC;
+-	pdesc.header.pih_blocklen = NUMWORDS;
+-	pdesc.header.pih_numwords = 0;
++	pdesc->flags |= PFOR_WRITE;
++	pdesc->header.pih_magic = PIH_MAGIC;
++	pdesc->header.pih_blocklen = NUMWORDS;
++	pdesc->header.pih_numwords = 0;
+ 
+-	fwrite((char *) &pdesc.header, sizeof(pdesc.header), 1, ifp);
++	fwrite((char *) &pdesc->header, sizeof(pdesc->header), 1, ifp);
+     } else
+     {
+-	pdesc.flags &= ~PFOR_WRITE;
++	pdesc->flags &= ~PFOR_WRITE;
+ 
+-	if (!fread((char *) &pdesc.header, sizeof(pdesc.header), 1, ifp))
++	if (!fread((char *) &pdesc->header, sizeof(pdesc->header), 1, ifp))
+ 	{
+ 	    fprintf(stderr, "%s: error reading header\n", prefix);
+ 
+-	    pdesc.header.pih_magic = 0;
++	    pdesc->header.pih_magic = 0;
+ 	    fclose(ifp);
+ 	    fclose(dfp);
++	    free(pdesc);
+ 	    return ((PWDICT *) 0);
+ 	}
+ 
+-	if (pdesc.header.pih_magic != PIH_MAGIC)
++	if (pdesc->header.pih_magic != PIH_MAGIC)
+ 	{
+ 	    fprintf(stderr, "%s: magic mismatch\n", prefix);
+ 
+-	    pdesc.header.pih_magic = 0;
++	    pdesc->header.pih_magic = 0;
+ 	    fclose(ifp);
+ 	    fclose(dfp);
++	    free(pdesc);
+ 	    return ((PWDICT *) 0);
+ 	}
+ 
+-	if (pdesc.header.pih_blocklen != NUMWORDS)
++	if (pdesc->header.pih_blocklen != NUMWORDS)
+ 	{
+ 	    fprintf(stderr, "%s: size mismatch\n", prefix);
+ 
+-	    pdesc.header.pih_magic = 0;
++	    pdesc->header.pih_magic = 0;
+ 	    fclose(ifp);
+ 	    fclose(dfp);
++	    free(pdesc);
+ 	    return ((PWDICT *) 0);
+ 	}
+ 
+-	if (pdesc.flags & PFOR_USEHWMS)
++	if (pdesc->flags & PFOR_USEHWMS)
+ 	{
+-	    if (fread(pdesc.hwms, 1, sizeof(pdesc.hwms), wfp) != sizeof(pdesc.hwms))
++	    if (fread(pdesc->hwms, 1, sizeof(pdesc->hwms), wfp) != sizeof(pdesc->hwms))
+ 	    {
+-		pdesc.flags &= ~PFOR_USEHWMS;
++		pdesc->flags &= ~PFOR_USEHWMS;
+ 	    }
+ 	}
+     }
+-
+-    return (&pdesc);
++    pdesc->canfree = 1;
++    return (pdesc);
+ }
+ 
+ int
+@@ -159,8 +161,13 @@
+ 
+     fclose(pwp->ifp);
+     fclose(pwp->dfp);
++    if (pwp->wfp)
++	fclose(pwp->wfp);
+ 
+-    pwp->header.pih_magic = 0;
++    if (pwp->canfree)
++	free(pwp);
++    else
++	pwp->header.pih_magic = 0;
+ 
+     return (0);
+ }
+@@ -307,6 +314,11 @@
+     register char *this;
+     int idx;
+ 
++/*
++ * comment in npasswd-2.0beta4 says this:
++ * This does not work under all circumstances, so don't bother
++ */
++#if 0
+     if (pwp->flags & PFOR_USEHWMS)
+     {
+ 	idx = string[0] & 0xff;
+@@ -317,6 +329,10 @@
+     	lwm = 0;
+     	hwm = PW_WORDS(pwp) - 1;
+     }
++#else
++    lwm = 0;
++    hwm = PW_WORDS(pwp);
++#endif
+ 
+ #ifdef DEBUG
+     printf("---- %lu, %lu ----\n", lwm, hwm);
+diff -ur orig/cracklib26_small/util/mkdict cracklib26_small/util/mkdict
+--- orig/cracklib26_small/util/mkdict	Fri Jul  9 22:23:03 1993
++++ cracklib26_small/util/mkdict	Sat Apr  4 22:31:45 1998
+@@ -14,9 +14,16 @@
+ SORT="sort"
+ ###SORT="sort -T /tmp"
+ 
+-cat $* |
++### Use zcat to read compressed (as well as uncompressed) dictionaries.
++### Compressed dictionaries can save quite a lot of disk space.
++
++CAT="gzip -cdf"
++###CAT="zcat"
++###CAT="cat"
++
++$CAT $* |
+ 	tr '[A-Z]' '[a-z]' |
+-	tr -cd '[\012a-z0-9]' |
++	tr -cd '\012[a-z][0-9]' |
+ 	$SORT |
+ 	uniq |
+ 	grep -v '^#' |
diff --git a/etc/Makefile.am b/etc/Makefile.am
new file mode 100644
index 0000000..cc31c60
--- /dev/null
+++ b/etc/Makefile.am
@@ -0,0 +1,24 @@
+# This is a dummy Makefile.am to get automake work flawlessly,
+# and also cooperate to make a distribution for `make dist'
+
+sysconf_DATA = login.defs
+
+defaultdir = $(sysconfdir)/default
+default_DATA = \
+	useradd
+
+nonpam_files = \
+	limits \
+	login.access
+
+if !USE_PAM
+nonpamdir = $(sysconfdir)
+nonpam_DATA = $(nonpam_files)
+endif
+
+EXTRA_DIST = \
+	$(nonpam_files) \
+	$(sysconf_DATA) \
+	$(default_DATA)
+
+SUBDIRS = pam.d
diff --git a/etc/limits b/etc/limits
new file mode 100644
index 0000000..d39f2d5
--- /dev/null
+++ b/etc/limits
@@ -0,0 +1,30 @@
+# /etc/limits contains user resource limits.
+# See limits(5).
+#
+# Format:
+# <username> <limits-string>
+#
+# default entry is '*' for username
+#
+# Valid flags are:
+# A: max address space (KB)
+# C: max core file size (KB)
+# D: max data size (KB)
+# F: maximum filesize (KB)
+# M: max locked-in-memory address space (KB) [only for root on Linux 2.0.x]
+# N: max number of open files
+# R: max resident set size (KB) [no effect on Linux 2.0.x]
+# S: max stack size (KB)
+# T: max CPU time (MIN)
+# U: max number of processes
+# L: max number of logins for this user
+# I: max nice value (0..39 translates to 20..-19)
+# O: max real time priority (0..MAX_RT_PRIO)
+#
+# Examples:
+# the default entry
+#* L2 D6144 R2048 S2048 U32 N32 F16384 T5 C0 I20 O0
+# another way of suspending a user login
+#guest   L0
+# this account has no limits
+#sysadm  -
diff --git a/etc/login.access b/etc/login.access
new file mode 100644
index 0000000..3ed3688
--- /dev/null
+++ b/etc/login.access
@@ -0,0 +1,54 @@
+# $Id$
+#
+# Login access control table.
+# 
+# When someone logs in, the table is scanned for the first entry that
+# matches the (user, host) combination, or, in case of non-networked
+# logins, the first entry that matches the (user, tty) combination.  The
+# permissions field of that table entry determines whether the login will 
+# be accepted or refused.
+# 
+# Format of the login access control table is three fields separated by a
+# ":" character:
+# 
+# 	permission : users : origins
+# 
+# The first field should be a "+" (access granted) or "-" (access denied)
+# character. 
+#
+# The second field should be a list of one or more login names, group
+# names, or ALL (always matches). A pattern of the form user@host is
+# matched when the login name matches the "user" part, and when the
+# "host" part matches the local machine name.
+#
+# The third field should be a list of one or more tty names (for
+# non-networked logins), host names, domain names (begin with "."), host
+# addresses, internet network numbers (end with "."), ALL (always
+# matches) or LOCAL (matches any string that does not contain a "."
+# character).
+#
+# If you run NIS you can use @netgroupname in host or user patterns; this
+# even works for @usergroup@@hostgroup patterns. Weird.
+#
+# The EXCEPT operator makes it possible to write very compact rules.
+#
+# The group file is searched only when a name does not match that of the
+# logged-in user. Only groups are matched in which users are explicitly
+# listed: the program does not look at a user's primary group id value.
+#
+##############################################################################
+# 
+# Disallow console logins to all but a few accounts.
+#
+#-:ALL EXCEPT wheel shutdown sync:console
+#
+# Disallow non-local logins to privileged accounts (group wheel).
+#
+#-:wheel:ALL EXCEPT LOCAL .win.tue.nl
+#
+# Some accounts are not allowed to login from anywhere:
+#
+#-:wsbscaro wsbsecr wsbspac wsbsym wscosor wstaiwde:ALL
+#
+# All other accounts are allowed to login from anywhere.
+#
diff --git a/etc/login.defs b/etc/login.defs
new file mode 100644
index 0000000..ca660a9
--- /dev/null
+++ b/etc/login.defs
@@ -0,0 +1,400 @@
+#
+# /etc/login.defs - Configuration control definitions for the shadow package.
+#
+#	$Id$
+#
+
+#
+# Delay in seconds before being allowed another attempt after a login failure
+# Note: When PAM is used, some modules may enforce a minimum delay (e.g.
+#       pam_unix(8) enforces a 2s delay)
+#
+FAIL_DELAY		3
+
+#
+# Enable logging and display of /var/log/faillog login(1) failure info.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login(1) failures are recorded.
+#
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable logging and display of /var/log/lastlog login(1) time info.
+#
+LASTLOG_ENAB		yes
+
+#
+# Enable checking and display of mailbox status upon login.
+#
+# Disable if the shell startup files already check for mail
+# ("mailx -e" or equivalent).
+#
+MAIL_CHECK_ENAB		yes
+
+#
+# Enable additional checks upon password changes.
+#
+OBSCURE_CHECKS_ENAB	yes
+
+#
+# Enable checking of time restrictions specified in /etc/porttime.
+#
+PORTTIME_CHECKS_ENAB	yes
+
+#
+# Enable setting of ulimit, umask, and niceness from passwd(5) gecos field.
+#
+QUOTAS_ENAB		yes
+
+#
+# Enable "syslog" logging of su(1) activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp(1) and sg(1).
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# from these devices.
+#
+CONSOLE		/etc/securetty
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# If defined, all su(1) activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, ":" delimited list of "message of the day" files to
+# be displayed upon login.
+#
+MOTD_FILE	/etc/motd
+#MOTD_FILE	/etc/motd:/usr/lib/news/news-motd
+
+#
+# If defined, this file will be output before each login(1) prompt.
+#
+#ISSUE_FILE	/etc/issue
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format similar to "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login(1) failures will be logged here in a utmp format.
+# last(1), when invoked as lastb(1), will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, name of file whose presence will inhibit non-root
+# logins.  The content of this file should be a message indicating
+# why logins are inhibited.
+#
+NOLOGINS_FILE	/etc/nologin
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then ps(1) will display the
+# command as "-su".  If not defined, then ps(1) will display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# *REQUIRED*
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define both, MAIL_DIR takes precedence.
+#
+MAIL_DIR	/var/spool/mail
+#MAIL_FILE	.mail
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# If defined, either a TZ environment parameter spec or the
+# fully-rooted pathname of a file containing such a spec.
+#
+#ENV_TZ		TZ=CST6CDT
+#ENV_TZ		/etc/tzname
+
+#
+# If defined, an HZ environment parameter spec.
+#
+# for Linux/x86
+ENV_HZ		HZ=100
+# For Linux/Alpha...
+#ENV_HZ		HZ=1024
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/sbin:/bin:/usr/sbin:/usr/bin
+ENV_PATH	PATH=/bin:/usr/bin
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a write(1) program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP as the number of such group
+# and TTYPERM as 0620.  Otherwise leave TTYGROUP commented out and
+# set TTYPERM to either 622 or 600.
+#
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	ULIMIT		Default "ulimit" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# The ULIMIT is used only if the system supports it.
+# (now it works with setrlimit too; ulimit is in 512-byte units)
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+#ULIMIT		2097152
+
+# Default initial "umask" value used by login(1) on non-PAM enabled systems.
+# Default "umask" value for pam_umask(8) on PAM enabled systems.
+# UMASK is also used by useradd(8) and newusers(8) to set the mode for new
+# home directories.
+# 022 is the default value, but 027, or even 077, could be considered
+# for increased privacy. There is no One True Answer here: each sysadmin
+# must make up his/her mind.
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_MIN_LEN	Minimum acceptable password length.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_MIN_LEN	5
+PASS_WARN_AGE	7
+
+#
+# If "yes", the user must be listed as a member of the first gid 0 group
+# in /etc/group (called "root" on most Linux systems) to be able to "su"
+# to uid 0 accounts.  If the group doesn't exist or is empty, no one
+# will be able to "su" to uid 0.
+#
+SU_WHEEL_ONLY	no
+
+#
+# If compiled with cracklib support, sets the path to the dictionaries
+#
+CRACKLIB_DICTPATH	/var/cache/cracklib/cracklib_dict
+
+#
+# Min/max values for automatic uid selection in useradd(8)
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+SYS_UID_MIN		  101
+SYS_UID_MAX		  999
+# Extra per user uids
+SUB_UID_MIN		   100000
+SUB_UID_MAX		600100000
+SUB_UID_COUNT		    65536
+
+#
+# Min/max values for automatic gid selection in groupadd(8)
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+SYS_GID_MIN		  101
+SYS_GID_MAX		  999
+# Extra per user group ids
+SUB_GID_MIN		   100000
+SUB_GID_MAX		600100000
+SUB_GID_COUNT		    65536
+
+#
+# Max number of login(1) retries if password is bad
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login(1)
+#
+LOGIN_TIMEOUT		60
+
+#
+# Maximum number of attempts to change password if rejected (too easy)
+#
+PASS_CHANGE_TRIES	5
+
+#
+# Warn about weak passwords (but still allow them) if you are root.
+#
+PASS_ALWAYS_WARN	yes
+
+#
+# Number of significant characters in the password for crypt().
+# Default is 8, don't change unless your crypt() is better.
+# Ignored if MD5_CRYPT_ENAB set to "yes".
+#
+#PASS_MAX_LEN		8
+
+#
+# Require password before chfn(1)/chsh(1) can make any changes.
+#
+CHFN_AUTH		yes
+
+#
+# Which fields may be changed by regular users using chfn(1) - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Password prompt (%s will be replaced by user name).
+#
+# XXX - it doesn't work correctly yet, for now leave it commented out
+# to use the default which is just "Password: ".
+#LOGIN_STRING		"%s's Password: "
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# Note: If you use PAM, it is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD instead.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# Only works if compiled with ENCRYPTMETHOD_SELECT defined:
+# If set to MD5, MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: If you use PAM, it is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute-force the password.
+# However, more CPU resources will be needed to authenticate users if
+# this value is increased.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be within the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in from the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in from the console.
+# How to do it is left as an exercise for the reader...
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default is no.
+#
+DEFAULT_HOME	yes
+
+#
+# If this file exists and is readable, login environment will be
+# read from it.  Every line should be in the form name=value.
+#
+ENVIRON_FILE	/etc/environment
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# Enable setting of the umask group bits to be the same as owner bits
+# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
+# the same as gid, and username is the same as the primary group name.
+#
+# This also enables userdel(8) to remove user groups if no members exist.
+#
+USERGROUPS_ENAB yes
+
+#
+# If set to a non-zero number, the shadow utilities will make sure that
+# groups never have more than this number of users on one line.
+# This permits to support split groups (groups split into multiple lines,
+# with the same group ID, to avoid limitation of the line length in the
+# group file).
+#
+# 0 is the default value and disables this feature.
+#
+#MAX_MEMBERS_PER_GROUP	0
+
+#
+# If useradd(8) should create home directories for users by default (non
+# system users only).
+# This option is overridden with the -M or -m flags on the useradd(8)
+# command-line.
+#
+#CREATE_HOME     yes
+
+#
+# Force use shadow, even if shadow passwd & shadow group files are
+# missing.
+#
+#FORCE_SHADOW    yes
diff --git a/etc/pam.d/Makefile.am b/etc/pam.d/Makefile.am
new file mode 100644
index 0000000..d967eb9
--- /dev/null
+++ b/etc/pam.d/Makefile.am
@@ -0,0 +1,32 @@
+# This is a dummy Makefile.am to get automake work flawlessly,
+# and also cooperate to make a distribution for `make dist'
+
+pamd_files = \
+	chfn \
+	chsh \
+	groupmems \
+	login \
+	passwd \
+	su
+
+pamd_acct_tools_files = \
+	chage \
+	chgpasswd \
+	chpasswd \
+	groupadd \
+	groupdel \
+	groupmod \
+	newusers \
+	useradd \
+	userdel \
+	usermod
+
+if USE_PAM
+pamddir = $(sysconfdir)/pam.d
+pamd_DATA = $(pamd_files)
+if ACCT_TOOLS_SETUID
+pamd_DATA += $(pamd_acct_tools_files)
+endif
+endif
+
+EXTRA_DIST = $(pamd_files) $(pamd_acct_tools_files)
diff --git a/etc/pam.d/chage b/etc/pam.d/chage
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/chage
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+account		required	pam_permit.so
+password	include		system-auth
diff --git a/etc/pam.d/chfn b/etc/pam.d/chfn
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/chfn
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+account		required	pam_permit.so
+password	include		system-auth
diff --git a/etc/pam.d/chgpasswd b/etc/pam.d/chgpasswd
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/chgpasswd
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+account		required	pam_permit.so
+password	include		system-auth
diff --git a/etc/pam.d/chpasswd b/etc/pam.d/chpasswd
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/chpasswd
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+account		required	pam_permit.so
+password	include		system-auth
diff --git a/etc/pam.d/chsh b/etc/pam.d/chsh
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/chsh
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+account		required	pam_permit.so
+password	include		system-auth
diff --git a/etc/pam.d/groupadd b/etc/pam.d/groupadd
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/groupadd
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+account		required	pam_permit.so
+password	include		system-auth
diff --git a/etc/pam.d/groupdel b/etc/pam.d/groupdel
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/groupdel
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+account		required	pam_permit.so
+password	include		system-auth
diff --git a/etc/pam.d/groupmems b/etc/pam.d/groupmems
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/groupmems
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+account		required	pam_permit.so
+password	include		system-auth
diff --git a/etc/pam.d/groupmod b/etc/pam.d/groupmod
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/groupmod
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+account		required	pam_permit.so
+password	include		system-auth
diff --git a/etc/pam.d/login b/etc/pam.d/login
new file mode 100644
index 0000000..5a64806
--- /dev/null
+++ b/etc/pam.d/login
@@ -0,0 +1,11 @@
+#%PAM-1.0
+auth		required	pam_securetty.so
+auth		include		system-auth
+account		required	pam_nologin.so
+account		include		system-auth
+password	include		system-auth
+session		required	pam_selinux.so close
+session		include		system-auth
+session		required	pam_loginuid.so
+session		optional	pam_console.so
+session		required	pam_selinux.so open
diff --git a/etc/pam.d/newusers b/etc/pam.d/newusers
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/newusers
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+account		required	pam_permit.so
+password	include		system-auth
diff --git a/etc/pam.d/passwd b/etc/pam.d/passwd
new file mode 100644
index 0000000..731c0d3
--- /dev/null
+++ b/etc/pam.d/passwd
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth		include		system-auth
+account		include		system-auth
+password	include		system-auth
diff --git a/etc/pam.d/su b/etc/pam.d/su
new file mode 100644
index 0000000..7ef7134
--- /dev/null
+++ b/etc/pam.d/su
@@ -0,0 +1,13 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+# Uncomment the following line to implicitly trust users in the "wheel" group.
+#auth		sufficient	pam_wheel.so trust use_uid
+# Uncomment the following line to require a user to be in the "wheel" group.
+auth		required	pam_wheel.so use_uid
+auth		include		system-auth
+account		include		system-auth
+password	include		system-auth
+session		required	pam_selinux.so close
+session		include		system-auth
+session		required	pam_selinux.so open multiple
+session		optional	pam_xauth.so
diff --git a/etc/pam.d/useradd b/etc/pam.d/useradd
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/useradd
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+account		required	pam_permit.so
+password	include		system-auth
diff --git a/etc/pam.d/userdel b/etc/pam.d/userdel
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/userdel
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+account		required	pam_permit.so
+password	include		system-auth
diff --git a/etc/pam.d/usermod b/etc/pam.d/usermod
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/etc/pam.d/usermod
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+account		required	pam_permit.so
+password	include		system-auth
diff --git a/etc/useradd b/etc/useradd
new file mode 100644
index 0000000..b77dd85
--- /dev/null
+++ b/etc/useradd
@@ -0,0 +1,8 @@
+# useradd defaults file
+GROUP=1000
+HOME=/home
+INACTIVE=-1
+EXPIRE=
+SHELL=/bin/bash
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=yes
diff --git a/lib/.indent.pro b/lib/.indent.pro
new file mode 100644
index 0000000..fe572bb
--- /dev/null
+++ b/lib/.indent.pro
@@ -0,0 +1,5 @@
+-kr
+-i8
+-bad
+-pcs
+-l80
diff --git a/lib/Makefile.am b/lib/Makefile.am
new file mode 100644
index 0000000..6db86cd
--- /dev/null
+++ b/lib/Makefile.am
@@ -0,0 +1,69 @@
+
+AUTOMAKE_OPTIONS = 1.0 foreign
+
+DEFS = 
+
+noinst_LTLIBRARIES = libshadow.la
+
+libshadow_la_LDFLAGS = -version-info 0:0:0
+
+libshadow_la_SOURCES = \
+	commonio.c \
+	commonio.h \
+	defines.h \
+	encrypt.c \
+	exitcodes.h \
+	faillog.h \
+	fields.c \
+	fputsx.c \
+	getdef.c \
+	getdef.h \
+	get_gid.c \
+	getlong.c \
+	get_pid.c \
+	get_uid.c \
+	getulong.c \
+	groupio.c \
+	groupmem.c \
+	groupio.h \
+	gshadow.c \
+	lockpw.c \
+	nscd.c \
+	nscd.h \
+	pam_defs.h \
+	port.c \
+	port.h \
+	prototypes.h \
+	pwauth.c \
+	pwauth.h \
+	pwio.c \
+	pwio.h \
+	pwmem.c \
+	subordinateio.h \
+	subordinateio.c \
+	selinux.c \
+	semanage.c \
+	sgetgrent.c \
+	sgetpwent.c \
+	sgetspent.c \
+	sgroupio.c \
+	sgroupio.h\
+	shadow.c \
+	shadowio.c \
+	shadowio.h \
+	shadowmem.c \
+	spawn.c \
+	utent.c
+
+if WITH_TCB
+libshadow_la_SOURCES += tcbfuncs.c tcbfuncs.h
+endif
+
+# These files are unneeded for some reason, listed in
+# order of appearance:
+#
+# sources for dbm support (not yet used)
+
+EXTRA_DIST = \
+	.indent.pro \
+	gshadow_.h
diff --git a/lib/commonio.c b/lib/commonio.c
new file mode 100644
index 0000000..31edbaa
--- /dev/null
+++ b/lib/commonio.c
@@ -0,0 +1,1271 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2001, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "defines.h"
+#include <assert.h>
+#include <sys/stat.h>
+#include <stdlib.h>
+#include <limits.h>
+#include <utime.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <stdio.h>
+#include <signal.h>
+#include "nscd.h"
+#ifdef WITH_TCB
+#include <tcb.h>
+#endif				/* WITH_TCB */
+#include "prototypes.h"
+#include "commonio.h"
+
+/* local function prototypes */
+static int lrename (const char *, const char *);
+static int check_link_count (const char *file);
+static int do_lock_file (const char *file, const char *lock, bool log);
+static /*@null@*/ /*@dependent@*/FILE *fopen_set_perms (
+	const char *name,
+	const char *mode,
+	const struct stat *sb);
+static int create_backup (const char *, FILE *);
+static void free_linked_list (struct commonio_db *);
+static void add_one_entry (
+	struct commonio_db *db,
+	/*@owned@*/struct commonio_entry *p);
+static bool name_is_nis (const char *name);
+static int write_all (const struct commonio_db *);
+static /*@dependent@*/ /*@null@*/struct commonio_entry *find_entry_by_name (
+	struct commonio_db *,
+	const char *);
+static /*@dependent@*/ /*@null@*/struct commonio_entry *next_entry_by_name (
+	struct commonio_db *,
+	/*@null@*/struct commonio_entry *pos,
+	const char *);
+
+static int lock_count = 0;
+static bool nscd_need_reload = false;
+
+/*
+ * Simple rename(P) alternative that attempts to rename to symlink
+ * target.
+ */
+int lrename (const char *old, const char *new)
+{
+	int res;
+	char *r = NULL;
+
+#if defined(S_ISLNK)
+#ifndef __GLIBC__
+	char resolved_path[PATH_MAX];
+#endif				/* !__GLIBC__ */
+	struct stat sb;
+	if (lstat (new, &sb) == 0 && S_ISLNK (sb.st_mode)) {
+#ifdef __GLIBC__ /* now a POSIX.1-2008 feature */
+		r = realpath (new, NULL);
+#else				/* !__GLIBC__ */
+		r = realpath (new, resolved_path);
+#endif				/* !__GLIBC__ */
+		if (NULL == r) {
+			perror ("realpath in lrename()");
+		} else {
+			new = r;
+		}
+	}
+#endif				/* S_ISLNK */
+
+	res = rename (old, new);
+
+#ifdef __GLIBC__
+	if (NULL != r) {
+		free (r);
+	}
+#endif				/* __GLIBC__ */
+
+	return res;
+}
+
+static int check_link_count (const char *file)
+{
+	struct stat sb;
+
+	if (stat (file, &sb) != 0) {
+		return 0;
+	}
+
+	if (sb.st_nlink != 2) {
+		return 0;
+	}
+
+	return 1;
+}
+
+
+static int do_lock_file (const char *file, const char *lock, bool log)
+{
+	int fd;
+	pid_t pid;
+	ssize_t len;
+	int retval;
+	char buf[32];
+
+	fd = open (file, O_CREAT | O_EXCL | O_WRONLY, 0600);
+	if (-1 == fd) {
+		if (log) {
+			(void) fprintf (stderr,
+			                "%s: %s: %s\n",
+			                Prog, file, strerror (errno));
+		}
+		return 0;
+	}
+
+	pid = getpid ();
+	snprintf (buf, sizeof buf, "%lu", (unsigned long) pid);
+	len = (ssize_t) strlen (buf) + 1;
+	if (write (fd, buf, (size_t) len) != len) {
+		if (log) {
+			(void) fprintf (stderr,
+			                "%s: %s: %s\n",
+			                Prog, file, strerror (errno));
+		}
+		(void) close (fd);
+		unlink (file);
+		return 0;
+	}
+	close (fd);
+
+	if (link (file, lock) == 0) {
+		retval = check_link_count (file);
+		if ((0==retval) && log) {
+			(void) fprintf (stderr,
+			                "%s: %s: lock file already used\n",
+			                Prog, file);
+		}
+		unlink (file);
+		return retval;
+	}
+
+	fd = open (lock, O_RDWR);
+	if (-1 == fd) {
+		if (log) {
+			(void) fprintf (stderr,
+			                "%s: %s: %s\n",
+			                Prog, lock, strerror (errno));
+		}
+		unlink (file);
+		errno = EINVAL;
+		return 0;
+	}
+	len = read (fd, buf, sizeof (buf) - 1);
+	close (fd);
+	if (len <= 0) {
+		if (log) {
+			(void) fprintf (stderr,
+			                "%s: existing lock file %s without a PID\n",
+			                Prog, lock);
+		}
+		unlink (file);
+		errno = EINVAL;
+		return 0;
+	}
+	buf[len] = '\0';
+	if (get_pid (buf, &pid) == 0) {
+		if (log) {
+			(void) fprintf (stderr,
+			                "%s: existing lock file %s with an invalid PID '%s'\n",
+			                Prog, lock, buf);
+		}
+		unlink (file);
+		errno = EINVAL;
+		return 0;
+	}
+	if (kill (pid, 0) == 0) {
+		if (log) {
+			(void) fprintf (stderr,
+			                "%s: lock %s already used by PID %lu\n",
+			                Prog, lock, (unsigned long) pid);
+		}
+		unlink (file);
+		errno = EEXIST;
+		return 0;
+	}
+	if (unlink (lock) != 0) {
+		if (log) {
+			(void) fprintf (stderr,
+			                "%s: cannot get lock %s: %s\n",
+			                Prog, lock, strerror (errno));
+		}
+		unlink (file);
+		return 0;
+	}
+
+	retval = 0;
+	if (link (file, lock) == 0) {
+		retval = check_link_count (file);
+		if ((0==retval) && log) {
+			(void) fprintf (stderr,
+			                "%s: %s: lock file already used\n",
+			                Prog, file);
+		}
+	} else {
+		if (log) {
+			(void) fprintf (stderr,
+			                "%s: cannot get lock %s: %s\n",
+			                Prog, lock, strerror (errno));
+		}
+	}
+
+	unlink (file);
+	return retval;
+}
+
+
+static /*@null@*/ /*@dependent@*/FILE *fopen_set_perms (
+	const char *name,
+	const char *mode,
+	const struct stat *sb)
+{
+	FILE *fp;
+	mode_t mask;
+
+	mask = umask (0777);
+	fp = fopen (name, mode);
+	(void) umask (mask);
+	if (NULL == fp) {
+		return NULL;
+	}
+
+#ifdef HAVE_FCHOWN
+	if (fchown (fileno (fp), sb->st_uid, sb->st_gid) != 0) {
+		goto fail;
+	}
+#else				/* !HAVE_FCHOWN */
+	if (chown (name, sb->st_mode) != 0) {
+		goto fail;
+	}
+#endif				/* !HAVE_FCHOWN */
+
+#ifdef HAVE_FCHMOD
+	if (fchmod (fileno (fp), sb->st_mode & 0664) != 0) {
+		goto fail;
+	}
+#else				/* !HAVE_FCHMOD */
+	if (chmod (name, sb->st_mode & 0664) != 0) {
+		goto fail;
+	}
+#endif				/* !HAVE_FCHMOD */
+	return fp;
+
+      fail:
+	(void) fclose (fp);
+	/* fopen_set_perms is used for intermediate files */
+	(void) unlink (name);
+	return NULL;
+}
+
+
+static int create_backup (const char *backup, FILE * fp)
+{
+	struct stat sb;
+	struct utimbuf ub;
+	FILE *bkfp;
+	int c;
+
+	if (fstat (fileno (fp), &sb) != 0) {
+		return -1;
+	}
+
+	bkfp = fopen_set_perms (backup, "w", &sb);
+	if (NULL == bkfp) {
+		return -1;
+	}
+
+	/* TODO: faster copy, not one-char-at-a-time.  --marekm */
+	c = 0;
+	if (fseek (fp, 0, SEEK_SET) == 0) {
+		while ((c = getc (fp)) != EOF) {
+			if (putc (c, bkfp) == EOF) {
+				break;
+			}
+		}
+	}
+	if ((c != EOF) || (ferror (fp) != 0) || (fflush (bkfp) != 0)) {
+		(void) fclose (bkfp);
+		/* FIXME: unlink the backup file? */
+		return -1;
+	}
+	if (   (fsync (fileno (bkfp)) != 0)
+	    || (fclose (bkfp) != 0)) {
+		/* FIXME: unlink the backup file? */
+		return -1;
+	}
+
+	ub.actime = sb.st_atime;
+	ub.modtime = sb.st_mtime;
+	(void) utime (backup, &ub);
+	return 0;
+}
+
+
+static void free_linked_list (struct commonio_db *db)
+{
+	struct commonio_entry *p;
+
+	while (NULL != db->head) {
+		p = db->head;
+		db->head = p->next;
+
+		if (NULL != p->line) {
+			free (p->line);
+		}
+
+		if (NULL != p->eptr) {
+			db->ops->free (p->eptr);
+		}
+
+		free (p);
+	}
+	db->tail = NULL;
+}
+
+
+int commonio_setname (struct commonio_db *db, const char *name)
+{
+	snprintf (db->filename, sizeof (db->filename), "%s", name);
+	return 1;
+}
+
+
+bool commonio_present (const struct commonio_db *db)
+{
+	return (access (db->filename, F_OK) == 0);
+}
+
+
+int commonio_lock_nowait (struct commonio_db *db, bool log)
+{
+	char file[1024];
+	char lock[1024];
+
+	if (db->locked) {
+		return 1;
+	}
+
+	snprintf (file, sizeof file, "%s.%lu",
+	          db->filename, (unsigned long) getpid ());
+	snprintf (lock, sizeof lock, "%s.lock", db->filename);
+	if (do_lock_file (file, lock, log) != 0) {
+		db->locked = true;
+		lock_count++;
+		return 1;
+	}
+	return 0;
+}
+
+
+int commonio_lock (struct commonio_db *db)
+{
+#ifdef HAVE_LCKPWDF
+	/*
+	 * only if the system libc has a real lckpwdf() - the one from
+	 * lockpw.c calls us and would cause infinite recursion!
+	 */
+
+	/*
+	 * Call lckpwdf() on the first lock.
+	 * If it succeeds, call *_lock() only once
+	 * (no retries, it should always succeed).
+	 */
+	if (0 == lock_count) {
+		if (lckpwdf () == -1) {
+			if (geteuid () != 0) {
+				(void) fprintf (stderr,
+				                "%s: Permission denied.\n",
+				                Prog);
+			}
+			return 0;	/* failure */
+		}
+	}
+
+	if (commonio_lock_nowait (db, true) != 0) {
+		return 1;	/* success */
+	}
+
+	ulckpwdf ();
+	return 0;		/* failure */
+#else				/* !HAVE_LCKPWDF */
+	int i;
+
+	/*
+	 * lckpwdf() not used - do it the old way.
+	 */
+#ifndef LOCK_TRIES
+#define LOCK_TRIES 15
+#endif
+
+#ifndef LOCK_SLEEP
+#define LOCK_SLEEP 1
+#endif
+	for (i = 0; i < LOCK_TRIES; i++) {
+		if (i > 0) {
+			sleep (LOCK_SLEEP);	/* delay between retries */
+		}
+		if (commonio_lock_nowait (db, i==LOCK_TRIES-1) != 0) {
+			return 1;	/* success */
+		}
+		/* no unnecessary retries on "permission denied" errors */
+		if (geteuid () != 0) {
+			(void) fprintf (stderr, "%s: Permission denied.\n",
+			                Prog);
+			return 0;
+		}
+	}
+	return 0;		/* failure */
+#endif				/* !HAVE_LCKPWDF */
+}
+
+static void dec_lock_count (void)
+{
+	if (lock_count > 0) {
+		lock_count--;
+		if (lock_count == 0) {
+			/* Tell nscd when lock count goes to zero,
+			   if any of the files were changed.  */
+			if (nscd_need_reload) {
+				nscd_flush_cache ("passwd");
+				nscd_flush_cache ("group");
+				nscd_need_reload = false;
+			}
+#ifdef HAVE_LCKPWDF
+			ulckpwdf ();
+#endif				/* HAVE_LCKPWDF */
+		}
+	}
+}
+
+
+int commonio_unlock (struct commonio_db *db)
+{
+	char lock[1024];
+
+	if (db->isopen) {
+		db->readonly = true;
+		if (commonio_close (db) == 0) {
+			if (db->locked) {
+				dec_lock_count ();
+			}
+			return 0;
+		}
+	}
+	if (db->locked) {
+		/*
+		 * Unlock in reverse order: remove the lock file,
+		 * then call ulckpwdf() (if used) on last unlock.
+		 */
+		db->locked = false;
+		snprintf (lock, sizeof lock, "%s.lock", db->filename);
+		unlink (lock);
+		dec_lock_count ();
+		return 1;
+	}
+	return 0;
+}
+
+
+/*
+ * Add an entry at the end.
+ *
+ * defines p->next, p->prev
+ * (unfortunately, owned special are not supported)
+ */
+static void add_one_entry (struct commonio_db *db,
+                           /*@owned@*/struct commonio_entry *p)
+{
+	/*@-mustfreeonly@*/
+	p->next = NULL;
+	p->prev = db->tail;
+	/*@=mustfreeonly@*/
+	if (NULL == db->head) {
+		db->head = p;
+	}
+	if (NULL != db->tail) {
+		db->tail->next = p;
+	}
+	db->tail = p;
+}
+
+
+static bool name_is_nis (const char *name)
+{
+	return (('+' == name[0]) || ('-' == name[0]));
+}
+
+
+/*
+ * New entries are inserted before the first NIS entry.  Order is preserved
+ * when db is written out.
+ */
+#ifndef KEEP_NIS_AT_END
+#define KEEP_NIS_AT_END 1
+#endif
+
+#if KEEP_NIS_AT_END
+static void add_one_entry_nis (struct commonio_db *db,
+                               /*@owned@*/struct commonio_entry *newp);
+
+/*
+ * Insert an entry between the regular entries, and the NIS entries.
+ *
+ * defines newp->next, newp->prev
+ * (unfortunately, owned special are not supported)
+ */
+static void add_one_entry_nis (struct commonio_db *db,
+                               /*@owned@*/struct commonio_entry *newp)
+{
+	struct commonio_entry *p;
+
+	for (p = db->head; NULL != p; p = p->next) {
+		if (name_is_nis (p->eptr ? db->ops->getname (p->eptr)
+		                         : p->line)) {
+			/*@-mustfreeonly@*/
+			newp->next = p;
+			newp->prev = p->prev;
+			/*@=mustfreeonly@*/
+			if (NULL != p->prev) {
+				p->prev->next = newp;
+			} else {
+				db->head = newp;
+			}
+			p->prev = newp;
+			return;
+		}
+	}
+	add_one_entry (db, newp);
+}
+#endif				/* KEEP_NIS_AT_END */
+
+/* Initial buffer size, as well as increment if not sufficient
+   (for reading very long lines in group files).  */
+#define BUFLEN 4096
+
+int commonio_open (struct commonio_db *db, int mode)
+{
+	char *buf;
+	char *cp;
+	char *line;
+	struct commonio_entry *p;
+	void *eptr = NULL;
+	int flags = mode;
+	size_t buflen;
+	int fd;
+	int saved_errno;
+
+	mode &= ~O_CREAT;
+
+	if (   db->isopen
+	    || (   (O_RDONLY != mode)
+	        && (O_RDWR != mode))) {
+		errno = EINVAL;
+		return 0;
+	}
+	db->readonly = (mode == O_RDONLY);
+	if (!db->readonly && !db->locked) {
+		errno = EACCES;
+		return 0;
+	}
+
+	db->head = NULL;
+	db->tail = NULL;
+	db->cursor = NULL;
+	db->changed = false;
+
+	fd = open (db->filename,
+	             (db->readonly ? O_RDONLY : O_RDWR)
+	           | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW);
+	saved_errno = errno;
+	db->fp = NULL;
+	if (fd >= 0) {
+#ifdef WITH_TCB
+		if (tcb_is_suspect (fd) != 0) {
+			(void) close (fd);
+			errno = EINVAL;
+			return 0;
+		}
+#endif				/* WITH_TCB */
+		db->fp = fdopen (fd, db->readonly ? "r" : "r+");
+		saved_errno = errno;
+		if (NULL == db->fp) {
+			(void) close (fd);
+		}
+	}
+	errno = saved_errno;
+
+	/*
+	 * If O_CREAT was specified and the file didn't exist, it will be
+	 * created by commonio_close().  We have no entries to read yet.  --marekm
+	 */
+	if (NULL == db->fp) {
+		if (((flags & O_CREAT) != 0) && (ENOENT == errno)) {
+			db->isopen = true;
+			return 1;
+		}
+		return 0;
+	}
+
+	/* Do not inherit fd in spawned processes (e.g. nscd) */
+	fcntl (fileno (db->fp), F_SETFD, FD_CLOEXEC);
+
+	buflen = BUFLEN;
+	buf = (char *) malloc (buflen);
+	if (NULL == buf) {
+		goto cleanup_ENOMEM;
+	}
+
+	while (db->ops->fgets (buf, (int) buflen, db->fp) == buf) {
+		while (   ((cp = strrchr (buf, '\n')) == NULL)
+		       && (feof (db->fp) == 0)) {
+			size_t len;
+
+			buflen += BUFLEN;
+			cp = (char *) realloc (buf, buflen);
+			if (NULL == cp) {
+				goto cleanup_buf;
+			}
+			buf = cp;
+			len = strlen (buf);
+			if (db->ops->fgets (buf + len,
+			                    (int) (buflen - len),
+			                    db->fp) == NULL) {
+				goto cleanup_buf;
+			}
+		}
+		cp = strrchr (buf, '\n');
+		if (NULL != cp) {
+			*cp = '\0';
+		}
+
+		line = strdup (buf);
+		if (NULL == line) {
+			goto cleanup_buf;
+		}
+
+		if (name_is_nis (line)) {
+			eptr = NULL;
+		} else {
+			eptr = db->ops->parse (line);
+			if (NULL != eptr) {
+				eptr = db->ops->dup (eptr);
+				if (NULL == eptr) {
+					goto cleanup_line;
+				}
+			}
+		}
+
+		p = (struct commonio_entry *) malloc (sizeof *p);
+		if (NULL == p) {
+			goto cleanup_entry;
+		}
+
+		p->eptr = eptr;
+		p->line = line;
+		p->changed = false;
+
+		add_one_entry (db, p);
+	}
+
+	free (buf);
+
+	if (ferror (db->fp) != 0) {
+		goto cleanup_errno;
+	}
+
+	if ((NULL != db->ops->open_hook) && (db->ops->open_hook () == 0)) {
+		goto cleanup_errno;
+	}
+
+	db->isopen = true;
+	return 1;
+
+      cleanup_entry:
+	if (NULL != eptr) {
+		db->ops->free (eptr);
+	}
+      cleanup_line:
+	free (line);
+      cleanup_buf:
+	free (buf);
+      cleanup_ENOMEM:
+	errno = ENOMEM;
+      cleanup_errno:
+	saved_errno = errno;
+	free_linked_list (db);
+	fclose (db->fp);
+	db->fp = NULL;
+	errno = saved_errno;
+	return 0;
+}
+
+/*
+ * Sort given db according to cmp function (usually compares uids)
+ */
+int
+commonio_sort (struct commonio_db *db, int (*cmp) (const void *, const void *))
+{
+	struct commonio_entry **entries, *ptr;
+	size_t n = 0, i;
+#if KEEP_NIS_AT_END
+	struct commonio_entry *nis = NULL;
+#endif
+
+	for (ptr = db->head;
+	        (NULL != ptr)
+#if KEEP_NIS_AT_END
+	     && ((NULL == ptr->line)
+	         || (('+' != ptr->line[0])
+	             && ('-' != ptr->line[0])))
+#endif
+	     ;
+	     ptr = ptr->next) {
+		n++;
+	}
+#if KEEP_NIS_AT_END
+	if (NULL != ptr) {
+		nis = ptr;
+	}
+#endif
+
+	if (n <= 1) {
+		return 0;
+	}
+
+	entries = malloc (n * sizeof (struct commonio_entry *));
+	if (entries == NULL) {
+		return -1;
+	}
+
+	n = 0;
+	for (ptr = db->head;
+#if KEEP_NIS_AT_END
+	     nis != ptr;
+#else
+	     NULL != ptr;
+#endif
+/*@ -nullderef @*/
+	     ptr = ptr->next
+/*@ +nullderef @*/
+	    ) {
+		entries[n] = ptr;
+		n++;
+	}
+	qsort (entries, n, sizeof (struct commonio_entry *), cmp);
+
+	/* Take care of the head and tail separately */
+	db->head = entries[0];
+	n--;
+#if KEEP_NIS_AT_END
+	if (NULL == nis)
+#endif
+	{
+		db->tail = entries[n];
+	}
+	db->head->prev = NULL;
+	db->head->next = entries[1];
+	entries[n]->prev = entries[n - 1];
+#if KEEP_NIS_AT_END
+	entries[n]->next = nis;
+#else
+	entries[n]->next = NULL;
+#endif
+
+	/* Now other elements have prev and next entries */
+	for (i = 1; i < n; i++) {
+		entries[i]->prev = entries[i - 1];
+		entries[i]->next = entries[i + 1];
+	}
+
+	free (entries);
+	db->changed = true;
+
+	return 0;
+}
+
+/*
+ * Sort entries in db according to order in another.
+ */
+int commonio_sort_wrt (struct commonio_db *shadow,
+                       const struct commonio_db *passwd)
+{
+	struct commonio_entry *head = NULL, *pw_ptr, *spw_ptr;
+	const char *name;
+
+	if ((NULL == shadow) || (NULL == shadow->head)) {
+		return 0;
+	}
+
+	for (pw_ptr = passwd->head; NULL != pw_ptr; pw_ptr = pw_ptr->next) {
+		if (NULL == pw_ptr->eptr) {
+			continue;
+		}
+		name = passwd->ops->getname (pw_ptr->eptr);
+		for (spw_ptr = shadow->head;
+		     NULL != spw_ptr;
+		     spw_ptr = spw_ptr->next) {
+			if (NULL == spw_ptr->eptr) {
+				continue;
+			}
+			if (strcmp (name, shadow->ops->getname (spw_ptr->eptr))
+			    == 0) {
+				break;
+			}
+		}
+		if (NULL == spw_ptr) {
+			continue;
+		}
+		commonio_del_entry (shadow, spw_ptr);
+		spw_ptr->next = head;
+		head = spw_ptr;
+	}
+
+	for (spw_ptr = head; NULL != spw_ptr; spw_ptr = head) {
+		head = head->next;
+
+		if (NULL != shadow->head) {
+			shadow->head->prev = spw_ptr;
+		}
+		spw_ptr->next = shadow->head;
+		shadow->head = spw_ptr;
+	}
+
+	shadow->head->prev = NULL;
+	shadow->changed = true;
+
+	return 0;
+}
+
+/*
+ * write_all - Write the database to its file.
+ *
+ * It returns 0 if all the entries could be written correctly.
+ */
+static int write_all (const struct commonio_db *db)
+	/*@requires notnull db->fp@*/
+{
+	const struct commonio_entry *p;
+	void *eptr;
+
+	for (p = db->head; NULL != p; p = p->next) {
+		if (p->changed) {
+			eptr = p->eptr;
+			assert (NULL != eptr);
+			if (db->ops->put (eptr, db->fp) != 0) {
+				return -1;
+			}
+		} else if (NULL != p->line) {
+			if (db->ops->fputs (p->line, db->fp) == EOF) {
+				return -1;
+			}
+			if (putc ('\n', db->fp) == EOF) {
+				return -1;
+			}
+		}
+	}
+	return 0;
+}
+
+
+int commonio_close (struct commonio_db *db)
+	/*@requires notnull db->fp@*/
+{
+	char buf[1024];
+	int errors = 0;
+	struct stat sb;
+
+	if (!db->isopen) {
+		errno = EINVAL;
+		return 0;
+	}
+	db->isopen = false;
+
+	if (!db->changed || db->readonly) {
+		(void) fclose (db->fp);
+		db->fp = NULL;
+		goto success;
+	}
+
+	if ((NULL != db->ops->close_hook) && (db->ops->close_hook () == 0)) {
+		goto fail;
+	}
+
+	memzero (&sb, sizeof sb);
+	if (NULL != db->fp) {
+		if (fstat (fileno (db->fp), &sb) != 0) {
+			(void) fclose (db->fp);
+			db->fp = NULL;
+			goto fail;
+		}
+
+		/*
+		 * Create backup file.
+		 */
+		snprintf (buf, sizeof buf, "%s-", db->filename);
+
+#ifdef WITH_SELINUX
+		if (set_selinux_file_context (buf) != 0) {
+			errors++;
+		}
+#endif
+		if (create_backup (buf, db->fp) != 0) {
+			errors++;
+		}
+
+		if (fclose (db->fp) != 0) {
+			errors++;
+		}
+
+#ifdef WITH_SELINUX
+		if (reset_selinux_file_context () != 0) {
+			errors++;
+		}
+#endif
+		if (errors != 0) {
+			db->fp = NULL;
+			goto fail;
+		}
+	} else {
+		/*
+		 * Default permissions for new [g]shadow files.
+		 */
+		sb.st_mode = db->st_mode;
+		sb.st_uid = db->st_uid;
+		sb.st_gid = db->st_gid;
+	}
+
+	snprintf (buf, sizeof buf, "%s+", db->filename);
+
+#ifdef WITH_SELINUX
+	if (set_selinux_file_context (buf) != 0) {
+		errors++;
+	}
+#endif
+
+	db->fp = fopen_set_perms (buf, "w", &sb);
+	if (NULL == db->fp) {
+		goto fail;
+	}
+
+	if (write_all (db) != 0) {
+		errors++;
+	}
+
+	if (fflush (db->fp) != 0) {
+		errors++;
+	}
+#ifdef HAVE_FSYNC
+	if (fsync (fileno (db->fp)) != 0) {
+		errors++;
+	}
+#else				/* !HAVE_FSYNC */
+	sync ();
+#endif				/* !HAVE_FSYNC */
+	if (fclose (db->fp) != 0) {
+		errors++;
+	}
+
+	db->fp = NULL;
+
+	if (errors != 0) {
+		unlink (buf);
+		goto fail;
+	}
+
+	if (lrename (buf, db->filename) != 0) {
+		goto fail;
+	}
+
+#ifdef WITH_SELINUX
+	if (reset_selinux_file_context () != 0) {
+		goto fail;
+	}
+#endif
+
+	nscd_need_reload = true;
+	goto success;
+      fail:
+	errors++;
+      success:
+
+	free_linked_list (db);
+	return errors == 0;
+}
+
+static /*@dependent@*/ /*@null@*/struct commonio_entry *next_entry_by_name (
+	struct commonio_db *db,
+	/*@null@*/struct commonio_entry *pos,
+	const char *name)
+{
+	struct commonio_entry *p;
+	void *ep;
+
+	if (NULL == pos) {
+		return NULL;
+	}
+
+	for (p = pos; NULL != p; p = p->next) {
+		ep = p->eptr;
+		if (   (NULL != ep)
+		    && (strcmp (db->ops->getname (ep), name) == 0)) {
+			break;
+		}
+	}
+	return p;
+}
+
+static /*@dependent@*/ /*@null@*/struct commonio_entry *find_entry_by_name (
+	struct commonio_db *db,
+	const char *name)
+{
+	return next_entry_by_name (db, db->head, name);
+}
+
+
+int commonio_update (struct commonio_db *db, const void *eptr)
+{
+	struct commonio_entry *p;
+	void *nentry;
+
+	if (!db->isopen || db->readonly) {
+		errno = EINVAL;
+		return 0;
+	}
+	nentry = db->ops->dup (eptr);
+	if (NULL == nentry) {
+		errno = ENOMEM;
+		return 0;
+	}
+	p = find_entry_by_name (db, db->ops->getname (eptr));
+	if (NULL != p) {
+		if (next_entry_by_name (db, p->next, db->ops->getname (eptr)) != NULL) {
+			fprintf (stderr, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), db->ops->getname (eptr), db->filename);
+			db->ops->free (nentry);
+			return 0;
+		}
+		db->ops->free (p->eptr);
+		p->eptr = nentry;
+		p->changed = true;
+		db->cursor = p;
+
+		db->changed = true;
+		return 1;
+	}
+	/* not found, new entry */
+	p = (struct commonio_entry *) malloc (sizeof *p);
+	if (NULL == p) {
+		db->ops->free (nentry);
+		errno = ENOMEM;
+		return 0;
+	}
+
+	p->eptr = nentry;
+	p->line = NULL;
+	p->changed = true;
+
+#if KEEP_NIS_AT_END
+	add_one_entry_nis (db, p);
+#else				/* !KEEP_NIS_AT_END */
+	add_one_entry (db, p);
+#endif				/* !KEEP_NIS_AT_END */
+
+	db->changed = true;
+	return 1;
+}
+
+#ifdef ENABLE_SUBIDS
+int commonio_append (struct commonio_db *db, const void *eptr)
+{
+	struct commonio_entry *p;
+	void *nentry;
+
+	if (!db->isopen || db->readonly) {
+		errno = EINVAL;
+		return 0;
+	}
+	nentry = db->ops->dup (eptr);
+	if (NULL == nentry) {
+		errno = ENOMEM;
+		return 0;
+	}
+	/* new entry */
+	p = (struct commonio_entry *) malloc (sizeof *p);
+	if (NULL == p) {
+		db->ops->free (nentry);
+		errno = ENOMEM;
+		return 0;
+	}
+
+	p->eptr = nentry;
+	p->line = NULL;
+	p->changed = true;
+	add_one_entry (db, p);
+
+	db->changed = true;
+	return 1;
+}
+#endif				/* ENABLE_SUBIDS */
+
+void commonio_del_entry (struct commonio_db *db, const struct commonio_entry *p)
+{
+	if (p == db->cursor) {
+		db->cursor = p->next;
+	}
+
+	if (NULL != p->prev) {
+		p->prev->next = p->next;
+	} else {
+		db->head = p->next;
+	}
+
+	if (NULL != p->next) {
+		p->next->prev = p->prev;
+	} else {
+		db->tail = p->prev;
+	}
+
+	db->changed = true;
+}
+
+/*
+ * commonio_remove - Remove the entry of the given name from the database.
+ */
+int commonio_remove (struct commonio_db *db, const char *name)
+{
+	struct commonio_entry *p;
+
+	if (!db->isopen || db->readonly) {
+		errno = EINVAL;
+		return 0;
+	}
+	p = find_entry_by_name (db, name);
+	if (NULL == p) {
+		errno = ENOENT;
+		return 0;
+	}
+	if (next_entry_by_name (db, p->next, name) != NULL) {
+		fprintf (stderr, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), name, db->filename);
+		return 0;
+	}
+
+	commonio_del_entry (db, p);
+
+	if (NULL != p->line) {
+		free (p->line);
+	}
+
+	if (NULL != p->eptr) {
+		db->ops->free (p->eptr);
+	}
+
+	return 1;
+}
+
+/*
+ * commonio_locate - Find the first entry with the specified name in
+ *                   the database.
+ *
+ *	If found, it returns the entry and set the cursor of the database to
+ *	that entry.
+ *
+ *	Otherwise, it returns NULL.
+ */
+/*@observer@*/ /*@null@*/const void *commonio_locate (struct commonio_db *db, const char *name)
+{
+	struct commonio_entry *p;
+
+	if (!db->isopen) {
+		errno = EINVAL;
+		return NULL;
+	}
+	p = find_entry_by_name (db, name);
+	if (NULL == p) {
+		errno = ENOENT;
+		return NULL;
+	}
+	db->cursor = p;
+	return p->eptr;
+}
+
+/*
+ * commonio_rewind - Restore the database cursor to the first entry.
+ *
+ * It returns 0 on error, 1 on success.
+ */
+int commonio_rewind (struct commonio_db *db)
+{
+	if (!db->isopen) {
+		errno = EINVAL;
+		return 0;
+	}
+	db->cursor = NULL;
+	return 1;
+}
+
+/*
+ * commonio_next - Return the next entry of the specified database
+ *
+ * It returns the next entry, or NULL if no other entries could be found.
+ */
+/*@observer@*/ /*@null@*/const void *commonio_next (struct commonio_db *db)
+{
+	void *eptr;
+
+	if (!db->isopen) {
+		errno = EINVAL;
+		return 0;
+	}
+	if (NULL == db->cursor) {
+		db->cursor = db->head;
+	} else {
+		db->cursor = db->cursor->next;
+	}
+
+	while (NULL != db->cursor) {
+		eptr = db->cursor->eptr;
+		if (NULL != eptr) {
+			return eptr;
+		}
+
+		db->cursor = db->cursor->next;
+	}
+	return NULL;
+}
+
diff --git a/lib/commonio.h b/lib/commonio.h
new file mode 100644
index 0000000..40e5708
--- /dev/null
+++ b/lib/commonio.h
@@ -0,0 +1,170 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id$ */
+#ifndef COMMONIO_H
+#define COMMONIO_H
+
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#endif
+
+#include "defines.h" /* bool */
+
+/*
+ * Linked list entry.
+ */
+struct commonio_entry {
+	/*@null@*/char *line;
+	/*@null@*/void *eptr;		/* struct passwd, struct spwd, ... */
+	/*@dependent@*/ /*@null@*/struct commonio_entry *prev;
+	/*@owned@*/ /*@null@*/struct commonio_entry *next;
+	bool changed:1;
+};
+
+/*
+ * Operations depending on database type: passwd, group, shadow etc.
+ */
+struct commonio_ops {
+	/*
+	 * Make a copy of the object (for example, struct passwd)
+	 * and all strings pointed by it, in malloced memory.
+	 */
+	/*@null@*/ /*@only@*/void *(*dup) (const void *);
+
+	/*
+	 * free() the object including any strings pointed by it.
+	 */
+	void (*free) (/*@out@*/ /*@only@*/void *);
+
+	/*
+	 * Return the name of the object (for example, pw_name
+	 * for struct passwd).
+	 */
+	const char *(*getname) (const void *);
+
+	/*
+	 * Parse a string, return object (in static area -
+	 * should be copied using the dup operation above).
+	 */
+	void *(*parse) (const char *);
+
+	/*
+	 * Write the object to the file (this calls putpwent()
+	 * for struct passwd, for example).
+	 */
+	int (*put) (const void *, FILE *);
+
+	/*
+	 * fgets and fputs (can be replaced by versions that
+	 * understand line continuation conventions).
+	 */
+	/*@null@*/char *(*fgets) (/*@returned@*/ /*@out@*/char *s, int n, FILE *stream);
+	int (*fputs) (const char *, FILE *);
+
+	/*
+	 * open_hook and close_hook.
+	 * If non NULL, these functions will be called after the database
+	 * is open or before it is closed.
+	 * They return 0 on failure and 1 on success.
+	 */
+	/*@null@*/int (*open_hook) (void);
+	/*@null@*/int (*close_hook) (void);
+};
+
+/*
+ * Database structure.
+ */
+struct commonio_db {
+	/*
+	 * Name of the data file.
+	 */
+	char filename[1024];
+
+	/*
+	 * Operations from above.
+	 */
+	/*@observer@*/const struct commonio_ops *ops;
+
+	/*
+	 * Currently open file stream.
+	 */
+	/*@dependent@*/ /*@null@*/FILE *fp;
+
+#ifdef WITH_SELINUX
+	/*@null@*/security_context_t scontext;
+#endif
+	/*
+	 * Default permissions and owner for newly created data file.
+         */
+	mode_t st_mode;
+	uid_t st_uid;
+	gid_t st_gid;
+	/*
+	 * Head, tail, current position in linked list.
+	 */
+	/*@owned@*/ /*@null@*/struct commonio_entry *head;
+	/*@dependent@*/ /*@null@*/struct commonio_entry *tail;
+	/*@dependent@*/ /*@null@*/struct commonio_entry *cursor;
+
+	/*
+	 * Various flags.
+	 */
+	bool changed:1;
+	bool isopen:1;
+	bool locked:1;
+	bool readonly:1;
+};
+
+extern int commonio_setname (struct commonio_db *, const char *);
+extern bool commonio_present (const struct commonio_db *db);
+extern int commonio_lock (struct commonio_db *);
+extern int commonio_lock_nowait (struct commonio_db *, bool log);
+extern int commonio_open (struct commonio_db *, int);
+extern /*@observer@*/ /*@null@*/const void *commonio_locate (struct commonio_db *, const char *);
+extern int commonio_update (struct commonio_db *, const void *);
+#ifdef ENABLE_SUBIDS
+extern int commonio_append (struct commonio_db *, const void *);
+#endif				/* ENABLE_SUBIDS */
+extern int commonio_remove (struct commonio_db *, const char *);
+extern int commonio_rewind (struct commonio_db *);
+extern /*@observer@*/ /*@null@*/const void *commonio_next (struct commonio_db *);
+extern int commonio_close (struct commonio_db *);
+extern int commonio_unlock (struct commonio_db *);
+extern void commonio_del_entry (struct commonio_db *,
+                                const struct commonio_entry *);
+extern int commonio_sort_wrt (struct commonio_db *shadow,
+                              const struct commonio_db *passwd);
+extern int commonio_sort (struct commonio_db *db,
+                          int (*cmp) (const void *, const void *));
+
+#endif
diff --git a/lib/defines.h b/lib/defines.h
new file mode 100644
index 0000000..62bd73e
--- /dev/null
+++ b/lib/defines.h
@@ -0,0 +1,385 @@
+/* $Id$ */
+/* some useful defines */
+
+#ifndef _DEFINES_H_
+#define _DEFINES_H_
+
+#if HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# if ! HAVE__BOOL
+#  ifdef __cplusplus
+typedef bool _Bool;
+#  else
+typedef unsigned char _Bool;
+#  endif
+# endif
+# define bool _Bool
+# define false (0)
+# define true  (1)
+# define __bool_true_false_are_defined 1
+#endif
+
+#define ISDIGIT_LOCALE(c) (IN_CTYPE_DOMAIN (c) && isdigit (c))
+
+/* Take care of NLS matters.  */
+#ifdef S_SPLINT_S
+extern char *setlocale(int categorie, const char *locale);
+# define LC_ALL		(6)
+extern char * bindtextdomain (const char * domainname, const char * dirname);
+extern char * textdomain (const char * domainname);
+# define _(Text) Text
+# define ngettext(Msgid1, Msgid2, N) \
+    ((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
+#else
+#ifdef HAVE_LOCALE_H
+# include <locale.h>
+#else
+# undef setlocale
+# define setlocale(category, locale)	(NULL)
+# ifndef LC_ALL
+#  define LC_ALL	6
+# endif
+#endif
+
+#define gettext_noop(String) (String)
+/* #define gettext_def(String) "#define String" */
+
+#ifdef ENABLE_NLS
+# include <libintl.h>
+# define _(Text) gettext (Text)
+#else
+# undef bindtextdomain
+# define bindtextdomain(Domain, Directory)	(NULL)
+# undef textdomain
+# define textdomain(Domain)	(NULL)
+# define _(Text) Text
+# define ngettext(Msgid1, Msgid2, N) \
+    ((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
+#endif
+#endif
+
+#if STDC_HEADERS
+# include <stdlib.h>
+# include <string.h>
+#else				/* not STDC_HEADERS */
+# ifndef HAVE_STRCHR
+#  define strchr index
+#  define strrchr rindex
+# endif
+char *strchr (), *strrchr (), *strtok ();
+
+# ifndef HAVE_MEMCPY
+#  define memcpy(d, s, n) bcopy((s), (d), (n))
+# endif
+#endif				/* not STDC_HEADERS */
+
+#if HAVE_ERRNO_H
+# include <errno.h>
+#endif
+
+#include <sys/stat.h>
+#include <sys/types.h>
+#if HAVE_SYS_WAIT_H
+# include <sys/wait.h>
+#endif
+#ifndef WEXITSTATUS
+# define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8)
+#endif
+#ifndef WIFEXITED
+# define WIFEXITED(stat_val) (((stat_val) & 255) == 0)
+#endif
+
+#if HAVE_UNISTD_H
+# include <unistd.h>
+#endif
+
+#if TIME_WITH_SYS_TIME
+# include <sys/time.h>
+# include <time.h>
+#else				/* not TIME_WITH_SYS_TIME */
+# if HAVE_SYS_TIME_H
+#  include <sys/time.h>
+# else
+#  include <time.h>
+# endif
+#endif				/* not TIME_WITH_SYS_TIME */
+
+#ifdef HAVE_MEMSET
+# define memzero(ptr, size) memset((void *)(ptr), 0, (size))
+#else
+# define memzero(ptr, size) bzero((char *)(ptr), (size))
+#endif
+#define strzero(s) memzero(s, strlen(s))	/* warning: evaluates twice */
+
+#ifdef HAVE_DIRENT_H		/* DIR_SYSV */
+# include <dirent.h>
+# define DIRECT dirent
+#else
+# ifdef HAVE_SYS_NDIR_H		/* DIR_XENIX */
+#  include <sys/ndir.h>
+# endif
+# ifdef HAVE_SYS_DIR_H		/* DIR_??? */
+#  include <sys/dir.h>
+# endif
+# ifdef HAVE_NDIR_H		/* DIR_BSD */
+#  include <ndir.h>
+# endif
+# define DIRECT direct
+#endif
+
+/*
+ * Possible cases:
+ * - /usr/include/shadow.h exists and includes the shadow group stuff.
+ * - /usr/include/shadow.h exists, but we use our own gshadow.h.
+ */
+#include <shadow.h>
+#if defined(SHADOWGRP) && !defined(GSHADOW)
+#include "gshadow_.h"
+#endif
+
+#include <limits.h>
+
+#ifndef	NGROUPS_MAX
+#ifdef	NGROUPS
+#define	NGROUPS_MAX	NGROUPS
+#else
+#define	NGROUPS_MAX	64
+#endif
+#endif
+
+#ifdef USE_SYSLOG
+#include <syslog.h>
+
+#ifndef LOG_WARN
+#define LOG_WARN LOG_WARNING
+#endif
+
+/* LOG_NOWAIT is deprecated */
+#ifndef LOG_NOWAIT
+#define LOG_NOWAIT 0
+#endif
+
+/* LOG_AUTH is deprecated, use LOG_AUTHPRIV instead */
+#ifndef LOG_AUTHPRIV
+#define LOG_AUTHPRIV LOG_AUTH
+#endif
+
+/* cleaner than lots of #ifdefs everywhere - use this as follows:
+   SYSLOG((LOG_CRIT, "user %s cracked root", user)); */
+#ifdef ENABLE_NLS
+/* Temporarily set LC_TIME to "C" to avoid strange dates in syslog.
+   This is a workaround for a more general syslog(d) design problem -
+   syslogd should log the current system time for each event, and not
+   trust the formatted time received from the unix domain (or worse,
+   UDP) socket.  -MM */
+/* Avoid translated PAM error messages: Set LC_ALL to "C".
+ * --Nekral */
+#define SYSLOG(x)							\
+	do {								\
+		char *old_locale = setlocale (LC_ALL, NULL);		\
+		char *saved_locale = NULL;				\
+		if (NULL != old_locale) {				\
+			saved_locale = strdup (old_locale);		\
+		}							\
+		if (NULL != saved_locale) {				\
+			(void) setlocale (LC_ALL, "C");			\
+		}							\
+		syslog x ;						\
+		if (NULL != saved_locale) {				\
+			(void) setlocale (LC_ALL, saved_locale);	\
+			free (saved_locale);				\
+		}							\
+	} while (false)
+#else				/* !ENABLE_NLS */
+#define SYSLOG(x) syslog x
+#endif				/* !ENABLE_NLS */
+
+#else				/* !USE_SYSLOG */
+
+#define SYSLOG(x)		/* empty */
+#define openlog(a,b,c)		/* empty */
+#define closelog()		/* empty */
+
+#endif				/* !USE_SYSLOG */
+
+/* The default syslog settings can now be changed here,
+   in just one place.  */
+
+#ifndef SYSLOG_OPTIONS
+/* #define SYSLOG_OPTIONS (LOG_PID | LOG_CONS | LOG_NOWAIT) */
+#define SYSLOG_OPTIONS (LOG_PID)
+#endif
+
+#ifndef SYSLOG_FACILITY
+#define SYSLOG_FACILITY LOG_AUTHPRIV
+#endif
+
+#define OPENLOG(progname) openlog(progname, SYSLOG_OPTIONS, SYSLOG_FACILITY)
+
+#ifndef F_OK
+# define F_OK 0
+# define X_OK 1
+# define W_OK 2
+# define R_OK 4
+#endif
+
+#ifndef SEEK_SET
+# define SEEK_SET 0
+# define SEEK_CUR 1
+# define SEEK_END 2
+#endif
+
+#ifdef STAT_MACROS_BROKEN
+# define S_ISDIR(x) ((x) & S_IFMT) == S_IFDIR)
+# define S_ISREG(x) ((x) & S_IFMT) == S_IFREG)
+# ifdef S_IFLNK
+#  define S_ISLNK(x) ((x) & S_IFMT) == S_IFLNK)
+# endif
+#endif
+
+#ifndef S_ISLNK
+#define S_ISLNK(x) (0)
+#endif
+
+#if HAVE_LCHOWN
+#define LCHOWN lchown
+#else
+#define LCHOWN chown
+#endif
+
+#if HAVE_LSTAT
+#define LSTAT lstat
+#else
+#define LSTAT stat
+#endif
+
+#if HAVE_TERMIOS_H
+# include <termios.h>
+# define STTY(fd, termio) tcsetattr(fd, TCSANOW, termio)
+# define GTTY(fd, termio) tcgetattr(fd, termio)
+# define TERMIO struct termios
+# define USE_TERMIOS
+#else				/* assumed HAVE_TERMIO_H */
+# include <sys/ioctl.h>
+# include <termio.h>
+# define STTY(fd, termio) ioctl(fd, TCSETA, termio)
+# define GTTY(fd, termio) ioctl(fd, TCGETA, termio)
+# define TEMRIO struct termio
+# define USE_TERMIO
+#endif
+
+/*
+ * Password aging constants
+ *
+ * DAY - seconds / day
+ * WEEK - seconds / week
+ * SCALE - seconds / aging unit
+ */
+
+/* Solaris defines this in shadow.h */
+#ifndef DAY
+#define DAY (24L*3600L)
+#endif
+
+#define WEEK (7*DAY)
+
+#ifdef ITI_AGING
+#define SCALE 1
+#else
+#define SCALE DAY
+#endif
+
+/* Copy string pointed by B to array A with size checking.  It was originally
+   in lmain.c but is _very_ useful elsewhere.  Some setuid root programs with
+   very sloppy coding used to assume that BUFSIZ will always be enough...  */
+
+					/* danger - side effects */
+#define STRFCPY(A,B) \
+	(strncpy((A), (B), sizeof(A) - 1), (A)[sizeof(A) - 1] = '\0')
+
+#ifndef PASSWD_FILE
+#define PASSWD_FILE "/etc/passwd"
+#endif
+
+#ifndef GROUP_FILE
+#define GROUP_FILE "/etc/group"
+#endif
+
+#ifndef SHADOW_FILE
+#define SHADOW_FILE "/etc/shadow"
+#endif
+
+#ifdef SHADOWGRP
+#ifndef SGROUP_FILE
+#define SGROUP_FILE "/etc/gshadow"
+#endif
+#endif
+
+#ifndef NULL
+#define NULL ((void *) 0)
+#endif
+
+#ifdef sun			/* hacks for compiling on SunOS */
+# ifndef SOLARIS
+extern int fputs ();
+extern char *strdup ();
+extern char *strerror ();
+# endif
+#endif
+
+/*
+ * string to use for the pw_passwd field in /etc/passwd when using
+ * shadow passwords - most systems use "x" but there are a few
+ * exceptions, so it can be changed here if necessary.  --marekm
+ */
+#ifndef SHADOW_PASSWD_STRING
+#define SHADOW_PASSWD_STRING "x"
+#endif
+
+#define SHADOW_SP_FLAG_UNSET ((unsigned long int)-1)
+
+#ifdef WITH_AUDIT
+#ifdef __u8			/* in case we use pam < 0.80 */
+#undef __u8
+#endif
+#ifdef __u32
+#undef __u32
+#endif
+
+#include <libaudit.h>
+#endif
+
+/* To be used for verified unused parameters */
+#if defined(__GNUC__) && !defined(__STRICT_ANSI__)
+# define unused __attribute__((unused))
+#else
+# define unused
+#endif
+
+/* ! Arguments evaluated twice ! */
+#ifndef MIN
+#define MIN(a,b) (((a) < (b)) ? (a) : (b))
+#endif
+#ifndef MAX
+#define MAX(x,y) (((x) > (y)) ? (x) : (y))
+#endif
+
+/* Maximum length of usernames */
+#ifdef HAVE_UTMPX_H
+# include <utmpx.h>
+# define USER_NAME_MAX_LENGTH (sizeof (((struct utmpx *)NULL)->ut_user))
+#else
+# include <utmp.h>
+# ifdef HAVE_STRUCT_UTMP_UT_USER
+#  define USER_NAME_MAX_LENGTH (sizeof (((struct utmp *)NULL)->ut_user))
+# else
+#  ifdef HAVE_STRUCT_UTMP_UT_NAME
+#   define USER_NAME_MAX_LENGTH (sizeof (((struct utmp *)NULL)->ut_name))
+#  else
+#   define USER_NAME_MAX_LENGTH 32
+#  endif
+# endif
+#endif
+
+#endif				/* _DEFINES_H_ */
diff --git a/lib/encrypt.c b/lib/encrypt.c
new file mode 100644
index 0000000..53c99c9
--- /dev/null
+++ b/lib/encrypt.c
@@ -0,0 +1,95 @@
+/*
+ * Copyright (c) 1990 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <unistd.h>
+#include <stdio.h>
+
+#include "prototypes.h"
+#include "defines.h"
+
+/*@exposed@*//*@null@*/char *pw_encrypt (const char *clear, const char *salt)
+{
+	static char cipher[128];
+	char *cp;
+
+	cp = crypt (clear, salt);
+	if (NULL == cp) {
+		/*
+		 * Single Unix Spec: crypt() may return a null pointer,
+		 * and set errno to indicate an error. In this case return
+		 * the NULL so the caller can handle appropriately.
+		 */
+		return NULL;
+	}
+
+	/* Some crypt() do not return NULL if the algorithm is not
+	 * supported, and return a DES encrypted password. */
+	if ((NULL != salt) && (salt[0] == '$') && (strlen (cp) <= 13))
+	{
+		/*@observer@*/const char *method;
+		switch (salt[1])
+		{
+			case '1':
+				method = "MD5";
+				break;
+			case '5':
+				method = "SHA256";
+				break;
+			case '6':
+				method = "SHA512";
+				break;
+			default:
+			{
+				static char nummethod[4] = "$x$";
+				nummethod[1] = salt[1];
+				method = &nummethod[0];
+			}
+		}
+		(void) fprintf (stderr,
+		                _("crypt method not supported by libcrypt? (%s)\n"),
+		                method);
+		exit (EXIT_FAILURE);
+	}
+
+	if (strlen (cp) != 13) {
+		return cp;	/* nonstandard crypt() in libc, better bail out */
+	}
+
+	strcpy (cipher, cp);
+
+	return cipher;
+}
+
diff --git a/lib/exitcodes.h b/lib/exitcodes.h
new file mode 100644
index 0000000..96b2340
--- /dev/null
+++ b/lib/exitcodes.h
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2005 - 2006, Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id$ */
+
+/*
+ * Exit codes used by shadow programs
+ */
+#define E_SUCCESS       	EXIT_SUCCESS	/* success */
+/*
+ * FIXME: other values should differ from EXIT_FAILURE (and EXIT_SUCCESS).
+ *
+ * FIXME: reserve EXIT_FAILURE for internal failures.
+ */
+#define E_NOPERM        	1	/* permission denied */
+#define E_USAGE         	2	/* invalid command syntax */
+#define E_BAD_ARG       	3	/* invalid argument to option */
+#define E_PASSWD_NOTFOUND	14	/* not found password file */
+#define E_SHADOW_NOTFOUND	15	/* not found shadow password file */
+#define E_GROUP_NOTFOUND	16	/* not found group file */
+#define E_GSHADOW_NOTFOUND	17	/* not found shadow group file */
+#define E_CMD_NOEXEC		126	/* can't run command/shell */
+#define E_CMD_NOTFOUND		127	/* can't find command/shell to run */
diff --git a/lib/faillog.h b/lib/faillog.h
new file mode 100644
index 0000000..a0a95b3
--- /dev/null
+++ b/lib/faillog.h
@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * faillog.h - login failure logging file format
+ *
+ *	$Id$
+ *
+ * The login failure file is maintained by login(1) and faillog(8)
+ * Each record in the file represents a separate UID and the file
+ * is indexed in that fashion.
+ */
+
+#ifndef _FAILLOG_H
+#define _FAILLOG_H
+
+struct faillog {
+	short fail_cnt;		/* failures since last success */
+	short fail_max;		/* failures before turning account off */
+	char fail_line[12];	/* last failure occured here */
+	time_t fail_time;	/* last failure occured then */
+	/*
+	 * If nonzero, the account will be re-enabled if there are no
+	 * failures for fail_locktime seconds since last failure.
+	 */
+	long fail_locktime;
+};
+
+#endif
diff --git a/lib/fields.c b/lib/fields.c
new file mode 100644
index 0000000..649fae1
--- /dev/null
+++ b/lib/fields.c
@@ -0,0 +1,130 @@
+/*
+ * Copyright (c) 1990       , Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <ctype.h>
+#include <string.h>
+#include <stdio.h>
+#include "prototypes.h"
+
+/*
+ * valid_field - insure that a field contains all legal characters
+ *
+ * The supplied field is scanned for non-printable and other illegal
+ * characters.
+ *  + -1 is returned if an illegal character is present.
+ *  +  1 is returned if no illegal characters are present, but the field
+ *       contains a non-printable character.
+ *  +  0 is returned otherwise.
+ */
+int valid_field (const char *field, const char *illegal)
+{
+	const char *cp;
+	int err = 0;
+
+	if (NULL == field) {
+		return -1;
+	}
+
+	/* For each character of field, search if it appears in the list
+	 * of illegal characters. */
+	for (cp = field; '\0' != *cp; cp++) {
+		if (strchr (illegal, *cp) != NULL) {
+			err = -1;
+			break;
+		}
+	}
+
+	if (0 == err) {
+		/* Search if there are some non-printable characters */
+		for (cp = field; '\0' != *cp; cp++) {
+			if (!isprint (*cp)) {
+				err = 1;
+				break;
+			}
+		}
+	}
+
+	return err;
+}
+
+/*
+ * change_field - change a single field if a new value is given.
+ *
+ * prompt the user with the name of the field being changed and the
+ * current value.
+ */
+void change_field (char *buf, size_t maxsize, const char *prompt)
+{
+	char newf[200];
+	char *cp;
+
+	if (maxsize > sizeof (newf)) {
+		maxsize = sizeof (newf);
+	}
+
+	printf ("\t%s [%s]: ", prompt, buf);
+	(void) fflush (stdout);
+	if (fgets (newf, (int) maxsize, stdin) != newf) {
+		return;
+	}
+
+	cp = strchr (newf, '\n');
+	if (NULL == cp) {
+		return;
+	}
+	*cp = '\0';
+
+	if ('\0' != newf[0]) {
+		/*
+		 * Remove leading and trailing whitespace.  This also
+		 * makes it possible to change the field to empty, by
+		 * entering a space.  --marekm
+		 */
+
+		while (--cp >= newf && isspace (*cp));
+		cp++;
+		*cp = '\0';
+
+		cp = newf;
+		while (('\0' != *cp) && isspace (*cp)) {
+			cp++;
+		}
+
+		strncpy (buf, cp, maxsize - 1);
+		buf[maxsize - 1] = '\0';
+	}
+}
+
diff --git a/lib/fputsx.c b/lib/fputsx.c
new file mode 100644
index 0000000..c42b40b
--- /dev/null
+++ b/lib/fputsx.c
@@ -0,0 +1,90 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <stdio.h>
+#include "defines.h"
+#include "prototypes.h"
+
+#ident "$Id$"
+
+
+/*@null@*/char *fgetsx (/*@returned@*/ /*@out@*/char *buf, int cnt, FILE * f)
+{
+	char *cp = buf;
+	char *ep;
+
+	while (cnt > 0) {
+		if (fgets (cp, cnt, f) != cp) {
+			if (cp == buf) {
+				return 0;
+			} else {
+				break;
+			}
+		}
+		ep = strrchr (cp, '\\');
+		if ((NULL != ep) && (*(ep + 1) == '\n')) {
+			cnt -= ep - cp;
+			if (cnt > 0) {
+				cp = ep;
+				*cp = '\0';
+			}
+		} else {
+			break;
+		}
+	}
+	return buf;
+}
+
+int fputsx (const char *s, FILE * stream)
+{
+	int i;
+
+	for (i = 0; '\0' != *s; i++, s++) {
+		if (putc (*s, stream) == EOF) {
+			return EOF;
+		}
+
+#if 0				/* The standard getgr*() can't handle that.  --marekm */
+		if (i > (BUFSIZ / 2)) {
+			if (putc ('\\', stream) == EOF ||
+			    putc ('\n', stream) == EOF)
+				return EOF;
+
+			i = 0;
+		}
+#endif
+	}
+	return 0;
+}
+
diff --git a/lib/get_gid.c b/lib/get_gid.c
new file mode 100644
index 0000000..6fb31ff
--- /dev/null
+++ b/lib/get_gid.c
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2009       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+
+int get_gid (const char *gidstr, gid_t *gid)
+{
+	long long int val;
+	char *endptr;
+
+	errno = 0;
+	val = strtoll (gidstr, &endptr, 10);
+	if (   ('\0' == *gidstr)
+	    || ('\0' != *endptr)
+	    || (ERANGE == errno)
+	    || (/*@+longintegral@*/val != (gid_t)val)/*@=longintegral@*/) {
+		return 0;
+	}
+
+	*gid = (gid_t)val;
+	return 1;
+}
+
diff --git a/lib/get_pid.c b/lib/get_pid.c
new file mode 100644
index 0000000..e2b47ce
--- /dev/null
+++ b/lib/get_pid.c
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2009       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+
+int get_pid (const char *pidstr, pid_t *pid)
+{
+	long long int val;
+	char *endptr;
+
+	errno = 0;
+	val = strtoll (pidstr, &endptr, 10);
+	if (   ('\0' == *pidstr)
+	    || ('\0' != *endptr)
+	    || (ERANGE == errno)
+	    || (/*@+longintegral@*/val != (pid_t)val)/*@=longintegral@*/) {
+		return 0;
+	}
+
+	*pid = (pid_t)val;
+	return 1;
+}
+
diff --git a/lib/get_uid.c b/lib/get_uid.c
new file mode 100644
index 0000000..ac0f2df
--- /dev/null
+++ b/lib/get_uid.c
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2009       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+
+int get_uid (const char *uidstr, uid_t *uid)
+{
+	long long int val;
+	char *endptr;
+
+	errno = 0;
+	val = strtoll (uidstr, &endptr, 10);
+	if (   ('\0' == *uidstr)
+	    || ('\0' != *endptr)
+	    || (ERANGE == errno)
+	    || (/*@+longintegral@*/val != (uid_t)val)/*@=longintegral@*/) {
+		return 0;
+	}
+
+	*uid = (uid_t)val;
+	return 1;
+}
+
diff --git a/lib/getdef.c b/lib/getdef.c
new file mode 100644
index 0000000..a181cc2
--- /dev/null
+++ b/lib/getdef.c
@@ -0,0 +1,539 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <ctype.h>
+#include <errno.h>
+#include "getdef.h"
+/*
+ * A configuration item definition.
+ */
+struct itemdef {
+	/*@null@*/const char *name;	/* name of the item                     */
+	/*@null@*/char *value;		/* value given, or NULL if no value     */
+};
+
+#define PAMDEFS					\
+	{"CHFN_AUTH", NULL},			\
+	{"CHSH_AUTH", NULL},			\
+	{"CRACKLIB_DICTPATH", NULL},		\
+	{"ENV_HZ", NULL},			\
+	{"ENVIRON_FILE", NULL},			\
+	{"ENV_TZ", NULL},			\
+	{"FAILLOG_ENAB", NULL},			\
+	{"FTMP_FILE", NULL},			\
+	{"ISSUE_FILE", NULL},			\
+	{"LASTLOG_ENAB", NULL},			\
+	{"LOGIN_STRING", NULL},			\
+	{"MAIL_CHECK_ENAB", NULL},		\
+	{"MOTD_FILE", NULL},			\
+	{"NOLOGINS_FILE", NULL},		\
+	{"OBSCURE_CHECKS_ENAB", NULL},		\
+	{"PASS_ALWAYS_WARN", NULL},		\
+	{"PASS_CHANGE_TRIES", NULL},		\
+	{"PASS_MAX_LEN", NULL},			\
+	{"PASS_MIN_LEN", NULL},			\
+	{"PORTTIME_CHECKS_ENAB", NULL},		\
+	{"QUOTAS_ENAB", NULL},			\
+	{"SU_WHEEL_ONLY", NULL},		\
+	{"ULIMIT", NULL},
+
+
+#define NUMDEFS	(sizeof(def_table)/sizeof(def_table[0]))
+static struct itemdef def_table[] = {
+	{"CHFN_RESTRICT", NULL},
+	{"CONSOLE_GROUPS", NULL},
+	{"CONSOLE", NULL},
+	{"CREATE_HOME", NULL},
+	{"DEFAULT_HOME", NULL},
+	{"ENCRYPT_METHOD", NULL},
+	{"ENV_PATH", NULL},
+	{"ENV_SUPATH", NULL},
+	{"ERASECHAR", NULL},
+	{"FAIL_DELAY", NULL},
+	{"FAKE_SHELL", NULL},
+	{"GID_MAX", NULL},
+	{"GID_MIN", NULL},
+	{"HUSHLOGIN_FILE", NULL},
+	{"KILLCHAR", NULL},
+	{"LOGIN_RETRIES", NULL},
+	{"LOGIN_TIMEOUT", NULL},
+	{"LOG_OK_LOGINS", NULL},
+	{"LOG_UNKFAIL_ENAB", NULL},
+	{"MAIL_DIR", NULL},
+	{"MAIL_FILE", NULL},
+	{"MAX_MEMBERS_PER_GROUP", NULL},
+	{"MD5_CRYPT_ENAB", NULL},
+	{"PASS_MAX_DAYS", NULL},
+	{"PASS_MIN_DAYS", NULL},
+	{"PASS_WARN_AGE", NULL},
+#ifdef USE_SHA_CRYPT
+	{"SHA_CRYPT_MAX_ROUNDS", NULL},
+	{"SHA_CRYPT_MIN_ROUNDS", NULL},
+#endif
+	{"SUB_GID_COUNT", NULL},
+	{"SUB_GID_MAX", NULL},
+	{"SUB_GID_MIN", NULL},
+	{"SUB_UID_COUNT", NULL},
+	{"SUB_UID_MAX", NULL},
+	{"SUB_UID_MIN", NULL},
+	{"SULOG_FILE", NULL},
+	{"SU_NAME", NULL},
+	{"SYS_GID_MAX", NULL},
+	{"SYS_GID_MIN", NULL},
+	{"SYS_UID_MAX", NULL},
+	{"SYS_UID_MIN", NULL},
+	{"TTYGROUP", NULL},
+	{"TTYPERM", NULL},
+	{"TTYTYPE_FILE", NULL},
+	{"UID_MAX", NULL},
+	{"UID_MIN", NULL},
+	{"UMASK", NULL},
+	{"USERDEL_CMD", NULL},
+	{"USERGROUPS_ENAB", NULL},
+#ifndef USE_PAM
+	PAMDEFS
+#endif
+#ifdef USE_SYSLOG
+	{"SYSLOG_SG_ENAB", NULL},
+	{"SYSLOG_SU_ENAB", NULL},
+#endif
+#ifdef WITH_TCB
+	{"TCB_AUTH_GROUP", NULL},
+	{"TCB_SYMLINKS", NULL},
+	{"USE_TCB", NULL},
+#endif
+	{"FORCE_SHADOW", NULL},
+	{NULL, NULL}
+};
+
+#define NUMKNOWNDEFS	(sizeof(knowndef_table)/sizeof(knowndef_table[0]))
+static struct itemdef knowndef_table[] = {
+#ifdef USE_PAM
+	PAMDEFS
+#endif
+	{NULL, NULL}
+};
+
+#ifndef LOGINDEFS
+#define LOGINDEFS "/etc/login.defs"
+#endif
+
+static char def_fname[] = LOGINDEFS;	/* login config defs file       */
+static bool def_loaded = false;		/* are defs already loaded?     */
+
+/* local function prototypes */
+static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *);
+static void def_load (void);
+
+
+/*
+ * getdef_str - get string value from table of definitions.
+ *
+ * Return point to static data for specified item, or NULL if item is not
+ * defined.  First time invoked, will load definitions from the file.
+ */
+
+/*@observer@*/ /*@null@*/const char *getdef_str (const char *item)
+{
+	struct itemdef *d;
+
+	if (!def_loaded) {
+		def_load ();
+	}
+
+	d = def_find (item);
+	return ((NULL == d)? (const char *) NULL : d->value);
+}
+
+
+/*
+ * getdef_bool - get boolean value from table of definitions.
+ *
+ * Return TRUE if specified item is defined as "yes", else FALSE.
+ */
+
+bool getdef_bool (const char *item)
+{
+	struct itemdef *d;
+
+	if (!def_loaded) {
+		def_load ();
+	}
+
+	d = def_find (item);
+	if ((NULL == d) || (NULL == d->value)) {
+		return false;
+	}
+
+	return (strcasecmp (d->value, "yes") == 0);
+}
+
+
+/*
+ * getdef_num - get numerical value from table of definitions
+ *
+ * Returns numeric value of specified item, else the "dflt" value if
+ * the item is not defined.  Octal (leading "0") and hex (leading "0x")
+ * values are handled.
+ */
+
+int getdef_num (const char *item, int dflt)
+{
+	struct itemdef *d;
+	long val;
+
+	if (!def_loaded) {
+		def_load ();
+	}
+
+	d = def_find (item);
+	if ((NULL == d) || (NULL == d->value)) {
+		return dflt;
+	}
+
+	if (   (getlong (d->value, &val) == 0)
+	    || (val > INT_MAX)
+	    || (val < INT_MIN)) {
+		fprintf (stderr,
+		         _("configuration error - cannot parse %s value: '%s'"),
+		         item, d->value);
+		return dflt;
+	}
+
+	return (int) val;
+}
+
+
+/*
+ * getdef_unum - get unsigned numerical value from table of definitions
+ *
+ * Returns numeric value of specified item, else the "dflt" value if
+ * the item is not defined.  Octal (leading "0") and hex (leading "0x")
+ * values are handled.
+ */
+
+unsigned int getdef_unum (const char *item, unsigned int dflt)
+{
+	struct itemdef *d;
+	long val;
+
+	if (!def_loaded) {
+		def_load ();
+	}
+
+	d = def_find (item);
+	if ((NULL == d) || (NULL == d->value)) {
+		return dflt;
+	}
+
+	if (   (getlong (d->value, &val) == 0)
+	    || (val < 0)
+	    || (val > INT_MAX)) {
+		fprintf (stderr,
+		         _("configuration error - cannot parse %s value: '%s'"),
+		         item, d->value);
+		return dflt;
+	}
+
+	return (unsigned int) val;
+}
+
+
+/*
+ * getdef_long - get long integer value from table of definitions
+ *
+ * Returns numeric value of specified item, else the "dflt" value if
+ * the item is not defined.  Octal (leading "0") and hex (leading "0x")
+ * values are handled.
+ */
+
+long getdef_long (const char *item, long dflt)
+{
+	struct itemdef *d;
+	long val;
+
+	if (!def_loaded) {
+		def_load ();
+	}
+
+	d = def_find (item);
+	if ((NULL == d) || (NULL == d->value)) {
+		return dflt;
+	}
+
+	if (getlong (d->value, &val) == 0) {
+		fprintf (stderr,
+		         _("configuration error - cannot parse %s value: '%s'"),
+		         item, d->value);
+		return dflt;
+	}
+
+	return val;
+}
+
+/*
+ * getdef_ulong - get unsigned long numerical value from table of definitions
+ *
+ * Returns numeric value of specified item, else the "dflt" value if
+ * the item is not defined.  Octal (leading "0") and hex (leading "0x")
+ * values are handled.
+ */
+
+unsigned long getdef_ulong (const char *item, unsigned long dflt)
+{
+	struct itemdef *d;
+	unsigned long val;
+
+	if (!def_loaded) {
+		def_load ();
+	}
+
+	d = def_find (item);
+	if ((NULL == d) || (NULL == d->value)) {
+		return dflt;
+	}
+
+	if (getulong (d->value, &val) == 0) {
+		/* FIXME: we should have a getulong */
+		fprintf (stderr,
+		         _("configuration error - cannot parse %s value: '%s'"),
+		         item, d->value);
+		return dflt;
+	}
+
+	return val;
+}
+
+/*
+ * putdef_str - override the value read from /etc/login.defs
+ * (also used when loading the initial defaults)
+ */
+
+int putdef_str (const char *name, const char *value)
+{
+	struct itemdef *d;
+	char *cp;
+
+	if (!def_loaded) {
+		def_load ();
+	}
+
+	/*
+	 * Locate the slot to save the value.  If this parameter
+	 * is unknown then "def_find" will print an err message.
+	 */
+	d = def_find (name);
+	if (NULL == d) {
+		return -1;
+	}
+
+	/*
+	 * Save off the value.
+	 */
+	cp = strdup (value);
+	if (NULL == cp) {
+		(void) fputs (_("Could not allocate space for config info.\n"),
+		              stderr);
+		SYSLOG ((LOG_ERR, "could not allocate space for config info"));
+		return -1;
+	}
+
+	if (NULL != d->value) {
+		free (d->value);
+	}
+
+	d->value = cp;
+	return 0;
+}
+
+
+/*
+ * def_find - locate named item in table
+ *
+ * Search through a table of configurable items to locate the
+ * specified configuration option.
+ */
+
+static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name)
+{
+	struct itemdef *ptr;
+
+
+	/*
+	 * Search into the table.
+	 */
+
+	for (ptr = def_table; NULL != ptr->name; ptr++) {
+		if (strcmp (ptr->name, name) == 0) {
+			return ptr;
+		}
+	}
+
+	/*
+	 * Item was never found.
+	 */
+
+	for (ptr = knowndef_table; NULL != ptr->name; ptr++) {
+		if (strcmp (ptr->name, name) == 0) {
+			goto out;
+		}
+	}
+	fprintf (stderr,
+	         _("configuration error - unknown item '%s' (notify administrator)\n"),
+	         name);
+	SYSLOG ((LOG_CRIT, "unknown configuration item `%s'", name));
+
+out:
+	return (struct itemdef *) NULL;
+}
+
+/*
+ * def_load - load configuration table
+ *
+ * Loads the user-configured options from the default configuration file
+ */
+
+static void def_load (void)
+{
+	int i;
+	FILE *fp;
+	char buf[1024], *name, *value, *s;
+
+	/*
+	 * Set the initialized flag.
+	 * (do it early to prevent recursion in putdef_str())
+	 */
+	def_loaded = true;
+
+	/*
+	 * Open the configuration definitions file.
+	 */
+	fp = fopen (def_fname, "r");
+	if (NULL == fp) {
+		if (errno == ENOENT)
+			return;
+
+		int err = errno;
+		SYSLOG ((LOG_CRIT, "cannot open login definitions %s [%s]",
+		         def_fname, strerror (err)));
+		exit (EXIT_FAILURE);
+	}
+
+	/*
+	 * Go through all of the lines in the file.
+	 */
+	while (fgets (buf, (int) sizeof (buf), fp) != NULL) {
+
+		/*
+		 * Trim trailing whitespace.
+		 */
+		for (i = (int) strlen (buf) - 1; i >= 0; --i) {
+			if (!isspace (buf[i])) {
+				break;
+			}
+		}
+		i++;
+		buf[i] = '\0';
+
+		/*
+		 * Break the line into two fields.
+		 */
+		name = buf + strspn (buf, " \t");	/* first nonwhite */
+		if (*name == '\0' || *name == '#')
+			continue;	/* comment or empty */
+
+		s = name + strcspn (name, " \t");	/* end of field */
+		if (*s == '\0')
+			continue;	/* only 1 field?? */
+
+		*s++ = '\0';
+		value = s + strspn (s, " \"\t");	/* next nonwhite */
+		*(value + strcspn (value, "\"")) = '\0';
+
+		/*
+		 * Store the value in def_table.
+		 *
+		 * Ignore failures to load the login.defs file.
+		 * The error was already reported to the user and to
+		 * syslog. The tools will just use their default values.
+		 */
+		(void)putdef_str (name, value);
+	}
+
+	if (ferror (fp) != 0) {
+		int err = errno;
+		SYSLOG ((LOG_CRIT, "cannot read login definitions %s [%s]",
+		         def_fname, strerror (err)));
+		exit (EXIT_FAILURE);
+	}
+
+	(void) fclose (fp);
+}
+
+
+#ifdef CKDEFS
+int main (int argc, char **argv)
+{
+	int i;
+	char *cp;
+	struct itemdef *d;
+
+	def_load ();
+
+	for (i = 0; i < NUMDEFS; ++i) {
+		d = def_find (def_table[i].name);
+		if (NULL == d) {
+			printf ("error - lookup '%s' failed\n",
+			        def_table[i].name);
+		} else {
+			printf ("%4d %-24s %s\n", i + 1, d->name, d->value);
+		}
+	}
+	for (i = 1; i < argc; i++) {
+		cp = getdef_str (argv[1]);
+		if (NULL != cp) {
+			printf ("%s `%s'\n", argv[1], cp);
+		} else {
+			printf ("%s not found\n", argv[1]);
+		}
+	}
+	exit (EXIT_SUCCESS);
+}
+#endif
diff --git a/lib/getdef.h b/lib/getdef.h
new file mode 100644
index 0000000..15e35ff
--- /dev/null
+++ b/lib/getdef.h
@@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#ifndef _GETDEF_H
+#define _GETDEF_H
+
+/* getdef.c */
+extern bool getdef_bool (const char *);
+extern long getdef_long (const char *, long);
+extern int getdef_num (const char *, int);
+extern unsigned long getdef_ulong (const char *, unsigned long);
+extern unsigned int getdef_unum (const char *, unsigned int);
+extern /*@observer@*/ /*@null@*/const char *getdef_str (const char *);
+extern int putdef_str (const char *, const char *);
+
+/* default UMASK value if not specified in /etc/login.defs */
+#define		GETDEF_DEFAULT_UMASK	022
+
+#endif				/* _GETDEF_H */
diff --git a/lib/getlong.c b/lib/getlong.c
new file mode 100644
index 0000000..47c3a60
--- /dev/null
+++ b/lib/getlong.c
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdlib.h>
+#include <errno.h>
+#include "prototypes.h"
+
+/*
+ * getlong - extract a long integer provided by the numstr string in *result
+ *
+ * It supports decimal, hexadecimal or octal representations.
+ *
+ * Returns 0 on failure, 1 on success.
+ */
+int getlong (const char *numstr, /*@out@*/long int *result)
+{
+	long val;
+	char *endptr;
+
+	errno = 0;
+	val = strtol (numstr, &endptr, 0);
+	if (('\0' == *numstr) || ('\0' != *endptr) || (ERANGE == errno)) {
+		return 0;
+	}
+
+	*result = val;
+	return 1;
+}
+
diff --git a/lib/getulong.c b/lib/getulong.c
new file mode 100644
index 0000000..08d2c1a
--- /dev/null
+++ b/lib/getulong.c
@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id: getlong.c 2763 2009-04-23 09:57:03Z nekral-guest $"
+
+#include <stdlib.h>
+#include <errno.h>
+#include "prototypes.h"
+
+/*
+ * getulong - extract an unsigned long integer provided by the numstr string in *result
+ *
+ * It supports decimal, hexadecimal or octal representations.
+ *
+ * Returns 0 on failure, 1 on success.
+ */
+int getulong (const char *numstr, /*@out@*/unsigned long int *result)
+{
+	unsigned long int val;
+	char *endptr;
+
+	errno = 0;
+	val = strtoul (numstr, &endptr, 0);
+	if (    ('\0' == *numstr)
+	     || ('\0' != *endptr)
+	     || (ERANGE == errno)
+	   ) {
+		return 0;
+	}
+
+	*result = val;
+	return 1;
+}
+
diff --git a/lib/groupio.c b/lib/groupio.c
new file mode 100644
index 0000000..ae2302b
--- /dev/null
+++ b/lib/groupio.c
@@ -0,0 +1,462 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001       , Michał Moskal
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <assert.h>
+#include <stdio.h>
+
+#include "prototypes.h"
+#include "defines.h"
+#include "commonio.h"
+#include "getdef.h"
+#include "groupio.h"
+
+static /*@null@*/struct commonio_entry *merge_group_entries (
+	/*@null@*/ /*@returned@*/struct commonio_entry *gr1,
+	/*@null@*/struct commonio_entry *gr2);
+static int split_groups (unsigned int max_members);
+static int group_open_hook (void);
+
+static /*@null@*/ /*@only@*/void *group_dup (const void *ent)
+{
+	const struct group *gr = ent;
+
+	return __gr_dup (gr);
+}
+
+static void group_free (/*@out@*/ /*@only@*/void *ent)
+{
+	struct group *gr = ent;
+
+	gr_free (gr);
+}
+
+static const char *group_getname (const void *ent)
+{
+	const struct group *gr = ent;
+
+	return gr->gr_name;
+}
+
+static void *group_parse (const char *line)
+{
+	return (void *) sgetgrent (line);
+}
+
+static int group_put (const void *ent, FILE * file)
+{
+	const struct group *gr = ent;
+
+	if (   (NULL == gr)
+	    || (valid_field (gr->gr_name, ":\n") == -1)
+	    || (valid_field (gr->gr_passwd, ":\n") == -1)
+	    || (gr->gr_gid == (gid_t)-1)) {
+		return -1;
+	}
+
+	/* FIXME: fail also if gr->gr_mem == NULL ?*/
+	if (NULL != gr->gr_mem) {
+		size_t i;
+		for (i = 0; NULL != gr->gr_mem[i]; i++) {
+			if (valid_field (gr->gr_mem[i], ",:\n") == -1) {
+				return -1;
+			}
+		}
+	}
+
+	return (putgrent (gr, file) == -1) ? -1 : 0;
+}
+
+static int group_close_hook (void)
+{
+	unsigned int max_members = getdef_unum("MAX_MEMBERS_PER_GROUP", 0);
+
+	if (0 == max_members) {
+		return 1;
+	}
+
+	return split_groups (max_members);
+}
+
+static struct commonio_ops group_ops = {
+	group_dup,
+	group_free,
+	group_getname,
+	group_parse,
+	group_put,
+	fgetsx,
+	fputsx,
+	group_open_hook,
+	group_close_hook
+};
+
+static /*@owned@*/struct commonio_db group_db = {
+	GROUP_FILE,		/* filename */
+	&group_ops,		/* ops */
+	NULL,			/* fp */
+#ifdef WITH_SELINUX
+	NULL,			/* scontext */
+#endif
+	0644,                   /* st_mode */
+	0,                      /* st_uid */
+	0,                      /* st_gid */
+	NULL,			/* head */
+	NULL,			/* tail */
+	NULL,			/* cursor */
+	false,			/* changed */
+	false,			/* isopen */
+	false,			/* locked */
+	false			/* readonly */
+};
+
+int gr_setdbname (const char *filename)
+{
+	return commonio_setname (&group_db, filename);
+}
+
+/*@observer@*/const char *gr_dbname (void)
+{
+	return group_db.filename;
+}
+
+int gr_lock (void)
+{
+	return commonio_lock (&group_db);
+}
+
+int gr_open (int mode)
+{
+	return commonio_open (&group_db, mode);
+}
+
+/*@observer@*/ /*@null@*/const struct group *gr_locate (const char *name)
+{
+	return commonio_locate (&group_db, name);
+}
+
+/*@observer@*/ /*@null@*/const struct group *gr_locate_gid (gid_t gid)
+{
+	const struct group *grp;
+
+	gr_rewind ();
+	while (   ((grp = gr_next ()) != NULL)
+	       && (grp->gr_gid != gid)) {
+	}
+
+	return grp;
+}
+
+int gr_update (const struct group *gr)
+{
+	return commonio_update (&group_db, (const void *) gr);
+}
+
+int gr_remove (const char *name)
+{
+	return commonio_remove (&group_db, name);
+}
+
+int gr_rewind (void)
+{
+	return commonio_rewind (&group_db);
+}
+
+/*@observer@*/ /*@null@*/const struct group *gr_next (void)
+{
+	return commonio_next (&group_db);
+}
+
+int gr_close (void)
+{
+	return commonio_close (&group_db);
+}
+
+int gr_unlock (void)
+{
+	return commonio_unlock (&group_db);
+}
+
+void __gr_set_changed (void)
+{
+	group_db.changed = true;
+}
+
+/*@dependent@*/ /*@null@*/struct commonio_entry *__gr_get_head (void)
+{
+	return group_db.head;
+}
+
+/*@observer@*/const struct commonio_db *__gr_get_db (void)
+{
+	return &group_db;
+}
+
+void __gr_del_entry (const struct commonio_entry *ent)
+{
+	commonio_del_entry (&group_db, ent);
+}
+
+static int gr_cmp (const void *p1, const void *p2)
+{
+	gid_t u1, u2;
+
+	if ((*(struct commonio_entry **) p1)->eptr == NULL) {
+		return 1;
+	}
+	if ((*(struct commonio_entry **) p2)->eptr == NULL) {
+		return -1;
+	}
+
+	u1 = ((struct group *) (*(struct commonio_entry **) p1)->eptr)->gr_gid;
+	u2 = ((struct group *) (*(struct commonio_entry **) p2)->eptr)->gr_gid;
+
+	if (u1 < u2) {
+		return -1;
+	} else if (u1 > u2) {
+		return 1;
+	} else {
+		return 0;
+	}
+}
+
+/* Sort entries by GID */
+int gr_sort ()
+{
+	return commonio_sort (&group_db, gr_cmp);
+}
+
+static int group_open_hook (void)
+{
+	unsigned int max_members = getdef_unum("MAX_MEMBERS_PER_GROUP", 0);
+	struct commonio_entry *gr1, *gr2;
+
+	if (0 == max_members) {
+		return 1;
+	}
+
+	for (gr1 = group_db.head; NULL != gr1; gr1 = gr1->next) {
+		for (gr2 = gr1->next; NULL != gr2; gr2 = gr2->next) {
+			struct group *g1 = (struct group *)gr1->eptr;
+			struct group *g2 = (struct group *)gr2->eptr;
+			if (NULL != g1 &&
+			    NULL != g2 &&
+			    0 == strcmp (g1->gr_name, g2->gr_name) &&
+			    0 == strcmp (g1->gr_passwd, g2->gr_passwd) &&
+			    g1->gr_gid == g2->gr_gid) {
+				/* Both group entries refer to the same
+				 * group. It is a split group. Merge the
+				 * members. */
+				gr1 = merge_group_entries (gr1, gr2);
+				if (NULL == gr1)
+					return 0;
+				/* Unlink gr2 */
+				if (NULL != gr2->next) {
+					gr2->next->prev = gr2->prev;
+				}
+				/* gr2 does not start with head */
+				assert (NULL != gr2->prev);
+				gr2->prev->next = gr2->next;
+			}
+		}
+		assert (NULL != gr1);
+	}
+
+	return 1;
+}
+
+/*
+ * Merge the list of members of the two group entries.
+ *
+ * The commonio_entry arguments shall be group entries.
+ *
+ * You should not merge the members of two groups if they don't have the
+ * same name, password and gid.
+ *
+ * It merge the members of the second entry in the first one, and return
+ * the modified first entry on success, or NULL on failure (with errno
+ * set).
+ */
+static /*@null@*/struct commonio_entry *merge_group_entries (
+	/*@null@*/ /*@returned@*/struct commonio_entry *gr1,
+	/*@null@*/struct commonio_entry *gr2)
+{
+	struct group *gptr1;
+	struct group *gptr2;
+	char **new_members;
+	size_t members = 0;
+	char *new_line;
+	size_t new_line_len, i;
+	if (NULL == gr2 || NULL == gr1) {
+		errno = EINVAL;
+		return NULL;
+	}
+
+	gptr1 = (struct group *)gr1->eptr;
+	gptr2 = (struct group *)gr2->eptr;
+	if (NULL == gptr2 || NULL == gptr1) {
+		errno = EINVAL;
+		return NULL;
+	}
+
+	/* Concatenate the 2 lines */
+	new_line_len = strlen (gr1->line) + strlen (gr2->line) +1;
+	new_line = (char *)malloc (new_line_len + 1);
+	if (NULL == new_line) {
+		errno = ENOMEM;
+		return NULL;
+	}
+	snprintf(new_line, new_line_len + 1, "%s\n%s", gr1->line, gr2->line);
+
+	/* Concatenate the 2 list of members */
+	for (i=0; NULL != gptr1->gr_mem[i]; i++);
+	members += i;
+	for (i=0; NULL != gptr2->gr_mem[i]; i++) {
+		char **pmember = gptr1->gr_mem;
+		while (NULL != *pmember) {
+			if (0 == strcmp(*pmember, gptr2->gr_mem[i])) {
+				break;
+			}
+			pmember++;
+		}
+		if (NULL == *pmember) {
+			members++;
+		}
+	}
+	new_members = (char **)calloc ( (members+1), sizeof(char*) );
+	if (NULL == new_members) {
+		free (new_line);
+		errno = ENOMEM;
+		return NULL;
+	}
+	for (i=0; NULL != gptr1->gr_mem[i]; i++) {
+		new_members[i] = gptr1->gr_mem[i];
+	}
+	/* NULL termination enforced by above calloc */
+
+	members = i;
+	for (i=0; NULL != gptr2->gr_mem[i]; i++) {
+		char **pmember = new_members;
+		while (NULL != *pmember) {
+			if (0 == strcmp(*pmember, gptr2->gr_mem[i])) {
+				break;
+			}
+			pmember++;
+		}
+		if (NULL == *pmember) {
+			new_members[members] = gptr2->gr_mem[i];
+			members++;
+			new_members[members] = NULL;
+		}
+	}
+
+	gr1->line = new_line;
+	gptr1->gr_mem = new_members;
+
+	return gr1;
+}
+
+/*
+ * Scan the group database and split the groups which have more members
+ * than specified, if this is the result from a current change.
+ *
+ * Return 0 on failure (errno set) and 1 on success.
+ */
+static int split_groups (unsigned int max_members)
+{
+	struct commonio_entry *gr;
+
+	for (gr = group_db.head; NULL != gr; gr = gr->next) {
+		struct group *gptr = (struct group *)gr->eptr;
+		struct commonio_entry *new;
+		struct group *new_gptr;
+		unsigned int members = 0;
+		unsigned int i;
+
+		/* Check if this group must be split */
+		if (!gr->changed) {
+			continue;
+		}
+		if (NULL == gptr) {
+			continue;
+		}
+		for (members = 0; NULL != gptr->gr_mem[members]; members++);
+		if (members <= max_members) {
+			continue;
+		}
+
+		new = (struct commonio_entry *) malloc (sizeof *new);
+		if (NULL == new) {
+			errno = ENOMEM;
+			return 0;
+		}
+		new->eptr = group_dup(gr->eptr);
+		if (NULL == new->eptr) {
+			free (new);
+			errno = ENOMEM;
+			return 0;
+		}
+		new_gptr = (struct group *)new->eptr;
+		new->line = NULL;
+		new->changed = true;
+
+		/* Enforce the maximum number of members on gptr */
+		for (i = max_members; NULL != gptr->gr_mem[i]; i++) {
+			free (gptr->gr_mem[i]);
+			gptr->gr_mem[i] = NULL;
+		}
+		/* Shift all the members */
+		/* The number of members in new_gptr will be check later */
+		for (i = 0; NULL != new_gptr->gr_mem[i + max_members]; i++) {
+			if (NULL != new_gptr->gr_mem[i]) {
+				free (new_gptr->gr_mem[i]);
+			}
+			new_gptr->gr_mem[i] = new_gptr->gr_mem[i + max_members];
+			new_gptr->gr_mem[i + max_members] = NULL;
+		}
+		for (; NULL != new_gptr->gr_mem[i]; i++) {
+			free (new_gptr->gr_mem[i]);
+			new_gptr->gr_mem[i] = NULL;
+		}
+
+		/* insert the new entry in the list */
+		new->prev = gr;
+		new->next = gr->next;
+		gr->next = new;
+	}
+
+	return 1;
+}
+
diff --git a/lib/groupio.h b/lib/groupio.h
new file mode 100644
index 0000000..e1f1b02
--- /dev/null
+++ b/lib/groupio.h
@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001       , Michał Moskal
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id$ */
+#ifndef _GROUPIO_H
+#define _GROUPIO_H
+
+#include <sys/types.h>
+#include <grp.h>
+
+extern int gr_close (void);
+extern /*@observer@*/ /*@null@*/const struct group *gr_locate (const char *name);
+extern /*@observer@*/ /*@null@*/const struct group *gr_locate_gid (gid_t gid);
+extern int gr_lock (void);
+extern int gr_setdbname (const char *filename);
+extern /*@observer@*/const char *gr_dbname (void);
+extern /*@observer@*/ /*@null@*/const struct group *gr_next (void);
+extern int gr_open (int mode);
+extern int gr_remove (const char *name);
+extern int gr_rewind (void);
+extern int gr_unlock (void);
+extern int gr_update (const struct group *gr);
+extern int gr_sort (void);
+
+#endif
diff --git a/lib/groupmem.c b/lib/groupmem.c
new file mode 100644
index 0000000..1fd1c13
--- /dev/null
+++ b/lib/groupmem.c
@@ -0,0 +1,106 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001       , Michał Moskal
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2013, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+#include "groupio.h"
+
+/*@null@*/ /*@only@*/struct group *__gr_dup (const struct group *grent)
+{
+	struct group *gr;
+	int i;
+
+	gr = (struct group *) malloc (sizeof *gr);
+	if (NULL == gr) {
+		return NULL;
+	}
+	/* The libc might define other fields. They won't be copied. */
+	memset (gr, 0, sizeof *gr);
+	gr->gr_gid = grent->gr_gid;
+	/*@-mustfreeonly@*/
+	gr->gr_name = strdup (grent->gr_name);
+	/*@=mustfreeonly@*/
+	if (NULL == gr->gr_name) {
+		gr_free(gr);
+		return NULL;
+	}
+	/*@-mustfreeonly@*/
+	gr->gr_passwd = strdup (grent->gr_passwd);
+	/*@=mustfreeonly@*/
+	if (NULL == gr->gr_passwd) {
+		gr_free(gr);
+		return NULL;
+	}
+
+	for (i = 0; grent->gr_mem[i]; i++);
+
+	/*@-mustfreeonly@*/
+	gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *));
+	/*@=mustfreeonly@*/
+	if (NULL == gr->gr_mem) {
+		gr_free(gr);
+		return NULL;
+	}
+	for (i = 0; grent->gr_mem[i]; i++) {
+		gr->gr_mem[i] = strdup (grent->gr_mem[i]);
+		if (NULL == gr->gr_mem[i]) {
+			gr_free(gr);
+			return NULL;
+		}
+	}
+	gr->gr_mem[i] = NULL;
+
+	return gr;
+}
+
+void gr_free (/*@out@*/ /*@only@*/struct group *grent)
+{
+	free (grent->gr_name);
+	if (NULL != grent->gr_passwd) {
+		memzero (grent->gr_passwd, strlen (grent->gr_passwd));
+		free (grent->gr_passwd);
+	}
+	if (NULL != grent->gr_mem) {
+		size_t i;
+		for (i = 0; NULL != grent->gr_mem[i]; i++) {
+			free (grent->gr_mem[i]);
+		}
+		free (grent->gr_mem);
+	}
+	free (grent);
+}
+
diff --git a/lib/gshadow.c b/lib/gshadow.c
new file mode 100644
index 0000000..e5a0f61
--- /dev/null
+++ b/lib/gshadow.c
@@ -0,0 +1,529 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+/* Newer versions of Linux libc already have shadow support.  */
+#if defined(SHADOWGRP) && !defined(HAVE_SHADOWGRP)	/*{ */
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include "prototypes.h"
+#include "defines.h"
+static /*@null@*/FILE *shadow;
+static /*@null@*//*@only@*/char **members = NULL;
+static size_t nmembers = 0;
+static /*@null@*//*@only@*/char **admins = NULL;
+static size_t nadmins = 0;
+static struct sgrp sgroup;
+
+#define	FIELDS	4
+
+#ifdef	USE_NIS
+static bool nis_used;
+static bool nis_ignore;
+static enum { native, start, middle, native2 } nis_state;
+static bool nis_bound;
+static char *nis_domain;
+static char *nis_key;
+static int nis_keylen;
+static char *nis_val;
+static int nis_vallen;
+
+#define	IS_NISCHAR(c) ((c)=='+')
+#endif
+
+#ifdef	USE_NIS
+/*
+ * bind_nis - bind to NIS server
+ */
+
+static int bind_nis (void)
+{
+	if (yp_get_default_domain (&nis_domain))
+		return -1;
+
+	nis_bound = true;
+	return 0;
+}
+#endif
+
+static /*@null@*/char **build_list (char *s, char **list[], size_t * nlist)
+{
+	char **ptr = *list;
+	size_t nelem = *nlist, size;
+
+	while (s != NULL && *s != '\0') {
+		size = (nelem + 1) * sizeof (ptr);
+		ptr = realloc (*list, size);
+		if (NULL != ptr) {
+			ptr[nelem] = s;
+			nelem++;
+			*list = ptr;
+			*nlist = nelem;
+			s = strchr (s, ',');
+			if (NULL != s) {
+				*s = '\0';
+				s++;
+			}
+		}
+	}
+	size = (nelem + 1) * sizeof (ptr);
+	ptr = realloc (*list, size);
+	if (NULL != ptr) {
+		ptr[nelem] = NULL;
+		*list = ptr;
+	}
+	return ptr;
+}
+
+void setsgent (void)
+{
+#ifdef	USE_NIS
+	nis_state = native;
+#endif
+	if (NULL != shadow) {
+		rewind (shadow);
+	} else {
+		shadow = fopen (SGROUP_FILE, "r");
+	}
+}
+
+void endsgent (void)
+{
+	if (NULL != shadow) {
+		(void) fclose (shadow);
+	}
+
+	shadow = (FILE *) 0;
+}
+
+/*@observer@*//*@null@*/struct sgrp *sgetsgent (const char *string)
+{
+	static char *sgrbuf = NULL;
+	static size_t sgrbuflen = 0;
+
+	char *fields[FIELDS];
+	char *cp;
+	int i;
+	size_t len = strlen (string) + 1;
+
+	if (len > sgrbuflen) {
+		char *buf = (char *) realloc (sgrbuf, sizeof (char) * len);
+		if (NULL == buf) {
+			return NULL;
+		}
+		sgrbuf = buf;
+		sgrbuflen = len;
+	}
+
+	strncpy (sgrbuf, string, len);
+	sgrbuf[len-1] = '\0';
+
+	cp = strrchr (sgrbuf, '\n');
+	if (NULL != cp) {
+		*cp = '\0';
+	}
+
+	/*
+	 * There should be exactly 4 colon separated fields.  Find
+	 * all 4 of them and save the starting addresses in fields[].
+	 */
+
+	for (cp = sgrbuf, i = 0; (i < FIELDS) && (NULL != cp); i++) {
+		fields[i] = cp;
+		cp = strchr (cp, ':');
+		if (NULL != cp) {
+			*cp++ = '\0';
+		}
+	}
+
+	/*
+	 * If there was an extra field somehow, or perhaps not enough,
+	 * the line is invalid.
+	 */
+
+	if ((NULL != cp) || (i != FIELDS)) {
+#ifdef	USE_NIS
+		if (!IS_NISCHAR (fields[0][0])) {
+			return 0;
+		} else {
+			nis_used = true;
+		}
+#else
+		return 0;
+#endif
+	}
+
+	sgroup.sg_name = fields[0];
+	sgroup.sg_passwd = fields[1];
+	if (0 != nadmins) {
+		nadmins = 0;
+		free (admins);
+		admins = NULL;
+	}
+	if (0 != nmembers) {
+		nmembers = 0;
+		free (members);
+		members = NULL;
+	}
+	sgroup.sg_adm = build_list (fields[2], &admins, &nadmins);
+	sgroup.sg_mem = build_list (fields[3], &members, &nmembers);
+
+	return &sgroup;
+}
+
+/*
+ * fgetsgent - convert next line in stream to (struct sgrp)
+ *
+ * fgetsgent() reads the next line from the provided stream and
+ * converts it to a (struct sgrp).  NULL is returned on EOF.
+ */
+
+/*@observer@*//*@null@*/struct sgrp *fgetsgent (/*@null@*/FILE * fp)
+{
+	static size_t buflen = 0;
+	static char *buf = NULL;
+
+	char *cp;
+
+	if (0 == buflen) {
+		buf = (char *) malloc (BUFSIZ);
+		if (NULL == buf) {
+			return NULL;
+		}
+		buflen = BUFSIZ;
+	}
+
+	if (NULL == fp) {
+		return NULL;
+	}
+
+#ifdef	USE_NIS
+	while (fgetsx (buf, (int) buflen, fp) == buf)
+#else
+	if (fgetsx (buf, (int) buflen, fp) == buf)
+#endif
+	{
+		while (   ((cp = strrchr (buf, '\n')) == NULL)
+		       && (feof (fp) == 0)) {
+			size_t len;
+
+			cp = (char *) realloc (buf, buflen*2);
+			if (NULL == cp) {
+				return NULL;
+			}
+			buf = cp;
+			buflen *= 2;
+
+			len = strlen (buf);
+			if (fgetsx (&buf[len],
+			            (int) (buflen - len),
+			            fp) != &buf[len]) {
+				return NULL;
+			}
+		}
+		cp = strrchr (buf, '\n');
+		if (NULL != cp) {
+			*cp = '\0';
+		}
+#ifdef	USE_NIS
+		if (nis_ignore && IS_NISCHAR (buf[0])) {
+			continue;
+		}
+#endif
+		return (sgetsgent (buf));
+	}
+	return NULL;
+}
+
+/*
+ * getsgent - get a single shadow group entry
+ */
+
+/*@observer@*//*@null@*/struct sgrp *getsgent (void)
+{
+#ifdef	USE_NIS
+	bool nis_1_group = false;
+	struct sgrp *val;
+#endif
+	if (NULL == shadow) {
+		setsgent ();
+	}
+
+#ifdef	USE_NIS
+      again:
+	/*
+	 * See if we are reading from the local file.
+	 */
+
+	if (nis_state == native || nis_state == native2) {
+
+		/*
+		 * Get the next entry from the shadow group file.  Return
+		 * NULL right away if there is none.
+		 */
+
+		val = fgetsgent (shadow);
+		if (NULL == val) {
+			return 0;
+		}
+
+		/*
+		 * If this entry began with a NIS escape character, we have
+		 * to see if this is just a single group, or if the entire
+		 * map is being asked for.
+		 */
+
+		if (IS_NISCHAR (val->sg_name[0])) {
+			if ('\0' != val->sg_name[1]) {
+				nis_1_group = true;
+			} else {
+				nis_state = start;
+			}
+		}
+
+		/*
+		 * If this isn't a NIS group and this isn't an escape to go
+		 * use a NIS map, it must be a regular local group.
+		 */
+
+		if (!nis_1_group && (nis_state != start)) {
+			return val;
+		}
+
+		/*
+		 * If this is an escape to use an NIS map, switch over to
+		 * that bunch of code.
+		 */
+
+		if (nis_state == start) {
+			goto again;
+		}
+
+		/*
+		 * NEEDSWORK.  Here we substitute pieces-parts of this entry.
+		 */
+
+		return 0;
+	} else {
+		if (!nis_bound) {
+			if (bind_nis ()) {
+				nis_state = native2;
+				goto again;
+			}
+		}
+		if (nis_state == start) {
+			if (yp_first (nis_domain, "gshadow.byname", &nis_key,
+				      &nis_keylen, &nis_val, &nis_vallen)) {
+				nis_state = native2;
+				goto again;
+			}
+			nis_state = middle;
+		} else if (nis_state == middle) {
+			if (yp_next (nis_domain, "gshadow.byname", nis_key,
+				     nis_keylen, &nis_key, &nis_keylen,
+				     &nis_val, &nis_vallen)) {
+				nis_state = native2;
+				goto again;
+			}
+		}
+		return sgetsgent (nis_val);
+	}
+#else
+	return (fgetsgent (shadow));
+#endif
+}
+
+/*
+ * getsgnam - get a shadow group entry by name
+ */
+
+/*@observer@*//*@null@*/struct sgrp *getsgnam (const char *name)
+{
+	struct sgrp *sgrp;
+
+#ifdef	USE_NIS
+	static char save_name[16];
+	int nis_disabled = 0;
+#endif
+
+	setsgent ();
+
+#ifdef	USE_NIS
+	if (nis_used) {
+	      again:
+
+		/*
+		 * Search the gshadow.byname map for this group.
+		 */
+
+		if (!nis_bound) {
+			bind_nis ();
+		}
+
+		if (nis_bound) {
+			char *cp;
+
+			if (yp_match (nis_domain, "gshadow.byname", name,
+				      strlen (name), &nis_val,
+				      &nis_vallen) == 0) {
+				cp = strchr (nis_val, '\n');
+				if (NULL != cp) {
+					*cp = '\0';
+				}
+
+				nis_state = middle;
+				sgrp = sgetsgent (nis_val);
+				if (NULL != sgrp) {
+					strcpy (save_name, sgrp->sg_name);
+					nis_key = save_name;
+					nis_keylen = strlen (save_name);
+				}
+				return sgrp;
+			}
+		}
+		nis_state = native2;
+	}
+#endif
+#ifdef	USE_NIS
+	if (nis_used) {
+		nis_ignore = true;
+		nis_disabled = true;
+	}
+#endif
+	while ((sgrp = getsgent ()) != (struct sgrp *) 0) {
+		if (strcmp (name, sgrp->sg_name) == 0) {
+			break;
+		}
+	}
+#ifdef	USE_NIS
+	nis_ignore = false;
+#endif
+	return sgrp;
+}
+
+/*
+ * putsgent - output shadow group entry in text form
+ *
+ * putsgent() converts the contents of a (struct sgrp) to text and
+ * writes the result to the given stream.  This is the logical
+ * opposite of fgetsgent.
+ */
+
+int putsgent (const struct sgrp *sgrp, FILE * fp)
+{
+	char *buf, *cp;
+	int i;
+	size_t size;
+
+	if ((NULL == fp) || (NULL == sgrp)) {
+		return -1;
+	}
+
+	/* calculate the required buffer size */
+	size = strlen (sgrp->sg_name) + strlen (sgrp->sg_passwd) + 10;
+	for (i = 0; (NULL != sgrp->sg_adm) && (NULL != sgrp->sg_adm[i]); i++) {
+		size += strlen (sgrp->sg_adm[i]) + 1;
+	}
+	for (i = 0; (NULL != sgrp->sg_mem) && (NULL != sgrp->sg_mem[i]); i++) {
+		size += strlen (sgrp->sg_mem[i]) + 1;
+	}
+
+	buf = malloc (size);
+	if (NULL == buf) {
+		return -1;
+	}
+	cp = buf;
+
+	/*
+	 * Copy the group name and passwd.
+	 */
+
+	strcpy (cp, sgrp->sg_name);
+	cp += strlen (cp);
+	*cp++ = ':';
+
+	strcpy (cp, sgrp->sg_passwd);
+	cp += strlen (cp);
+	*cp++ = ':';
+
+	/*
+	 * Copy the administrators, separating each from the other
+	 * with a ",".
+	 */
+
+	for (i = 0; NULL != sgrp->sg_adm[i]; i++) {
+		if (i > 0) {
+			*cp++ = ',';
+		}
+
+		strcpy (cp, sgrp->sg_adm[i]);
+		cp += strlen (cp);
+	}
+	*cp = ':';
+	cp++;
+
+	/*
+	 * Now do likewise with the group members.
+	 */
+
+	for (i = 0; NULL != sgrp->sg_mem[i]; i++) {
+		if (i > 0) {
+			*cp = ',';
+			cp++;
+		}
+
+		strcpy (cp, sgrp->sg_mem[i]);
+		cp += strlen (cp);
+	}
+	*cp = '\n';
+	cp++;
+	*cp = '\0';
+
+	/*
+	 * Output using the function which understands the line
+	 * continuation conventions.
+	 */
+
+	if (fputsx (buf, fp) == EOF) {
+		free (buf);
+		return -1;
+	}
+
+	free (buf);
+	return 0;
+}
+#else
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/*} SHADOWGRP */
diff --git a/lib/gshadow_.h b/lib/gshadow_.h
new file mode 100644
index 0000000..7959c5a
--- /dev/null
+++ b/lib/gshadow_.h
@@ -0,0 +1,75 @@
+/*
+ * Copyright (c) 1988 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ *	$Id$
+ */
+
+#ifndef	_H_GSHADOW
+#define	_H_GSHADOW
+
+/*
+ * Shadow group security file structure
+ */
+
+struct sgrp {
+	char *sg_name;		/* group name */
+	char *sg_passwd;	/* group password */
+	char **sg_adm;		/* group administrator list */
+	char **sg_mem;		/* group membership list */
+};
+
+/*
+ * Shadow group security file functions.
+ */
+
+#include <stdio.h>		/* for FILE */
+
+#if __STDC__
+/*@observer@*//*@null@*/struct sgrp *getsgent (void);
+/*@observer@*//*@null@*/struct sgrp *getsgnam (const char *);
+/*@observer@*//*@null@*/struct sgrp *sgetsgent (const char *);
+/*@observer@*//*@null@*/struct sgrp *fgetsgent (/*@null@*/FILE *);
+void setsgent (void);
+void endsgent (void);
+int putsgent (const struct sgrp *, FILE *);
+#else
+/*@observer@*//*@null@*/struct sgrp *getsgent ();
+/*@observer@*//*@null@*/struct sgrp *getsgnam ();
+/*@observer@*//*@null@*/struct sgrp *sgetsgent ();
+/*@observer@*//*@null@*/struct sgrp *fgetsgent ();
+void setsgent ();
+void endsgent ();
+int putsgent ();
+#endif
+
+#define	GSHADOW	"/etc/gshadow"
+#endif				/* ifndef _H_GSHADOW */
diff --git a/lib/lockpw.c b/lib/lockpw.c
new file mode 100644
index 0000000..0bcf195
--- /dev/null
+++ b/lib/lockpw.c
@@ -0,0 +1,108 @@
+/*
+ * Copyright (c) 1992       , Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifndef HAVE_LCKPWDF
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+#include "pwio.h"
+#include "shadowio.h"
+/*
+ * lckpwdf - lock the password files
+ */
+int lckpwdf (void)
+{
+	int i;
+
+	/*
+	 * We have 15 seconds to lock the whole mess
+	 */
+
+	for (i = 0; i < 15; i++)
+		if (pw_lock ())
+			break;
+		else
+			sleep (1);
+
+	/*
+	 * Did we run out of time?
+	 */
+
+	if (i == 15)
+		return -1;
+
+	/*
+	 * Nope, use any remaining time to lock the shadow password
+	 * file.
+	 */
+
+	for (; i < 15; i++)
+		if (spw_lock ())
+			break;
+		else
+			sleep (1);
+
+	/*
+	 * Out of time yet?
+	 */
+
+	if (i == 15) {
+		pw_unlock ();
+		return -1;
+	}
+
+	/*
+	 * Nope - and both files are now locked.
+	 */
+
+	return 0;
+}
+
+/*
+ * ulckpwdf - unlock the password files
+ */
+
+int ulckpwdf (void)
+{
+
+	/*
+	 * Unlock both files.
+	 */
+
+	return (pw_unlock () && spw_unlock ())? 0 : -1;
+}
+#else
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif
diff --git a/lib/nscd.c b/lib/nscd.c
new file mode 100644
index 0000000..7adb58f
--- /dev/null
+++ b/lib/nscd.c
@@ -0,0 +1,57 @@
+/* Author: Peter Vrabec <pvrabec@redhat.com> */
+
+#include <config.h>
+#ifdef USE_NSCD
+
+#include <stdio.h>
+#include <sys/wait.h>
+#include <sys/types.h>
+#include "exitcodes.h"
+#include "defines.h"
+#include "prototypes.h"
+#include "nscd.h"
+
+#define MSG_NSCD_FLUSH_CACHE_FAILED "%s: Failed to flush the nscd cache.\n"
+
+/*
+ * nscd_flush_cache - flush specified service buffer in nscd cache
+ */
+int nscd_flush_cache (const char *service)
+{
+	int status, code;
+	const char *cmd = "/usr/sbin/nscd";
+	const char *spawnedArgs[] = {"nscd", "-i", service, NULL};
+	const char *spawnedEnv[] = {NULL};
+
+	if (run_command (cmd, spawnedArgs, spawnedEnv, &status) != 0) {
+		/* run_command writes its own more detailed message. */
+		(void) fprintf (stderr, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
+		return -1;
+	}
+
+	code = WEXITSTATUS (status);
+	if (!WIFEXITED (status)) {
+		(void) fprintf (stderr,
+		                _("%s: nscd did not terminate normally (signal %d)\n"),
+		                Prog, WTERMSIG (status));
+		return -1;
+	} else if (code == E_CMD_NOTFOUND) {
+		/* nscd is not installed, or it is installed but uses an
+		   interpreter that is missing.  Probably the former. */
+		return 0;
+	} else if (code == 1) {
+		/* nscd is installed, but it isn't active. */
+		return 0;
+	} else if (code != 0) {
+		(void) fprintf (stderr, _("%s: nscd exited with status %d\n"),
+		                Prog, code);
+		(void) fprintf (stderr, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
+		return -1;
+	}
+
+	return 0;
+}
+#else				/* USE_NSCD */
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/* USE_NSCD */
+
diff --git a/lib/nscd.h b/lib/nscd.h
new file mode 100644
index 0000000..a430b00
--- /dev/null
+++ b/lib/nscd.h
@@ -0,0 +1,13 @@
+#ifndef _NSCD_H_
+#define _NSCD_H_
+
+/*
+ * nscd_flush_cache - flush specified service buffer in nscd cache
+ */
+#ifdef	USE_NSCD
+extern int nscd_flush_cache (const char *service);
+#else
+#define nscd_flush_cache(service) (0)
+#endif
+
+#endif
diff --git a/lib/pam_defs.h b/lib/pam_defs.h
new file mode 100644
index 0000000..343fbb4
--- /dev/null
+++ b/lib/pam_defs.h
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 1999       , Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+#include <security/pam_appl.h>
+#ifdef HAVE_SECURITY_PAM_MISC_H
+# include <security/pam_misc.h>
+#endif
+#ifdef HAVE_SECURITY_OPENPAM_H
+# include <security/openpam.h>
+#endif
+
+
+static struct pam_conv conv = {
+	SHADOW_PAM_CONVERSATION,
+	NULL
+};
+
+/* compatibility with different versions of Linux-PAM */
+#if !HAVE_DECL_PAM_ESTABLISH_CRED
+#define PAM_ESTABLISH_CRED PAM_CRED_ESTABLISH
+#endif
+#if !HAVE_DECL_PAM_DELETE_CRED
+#define PAM_DELETE_CRED PAM_CRED_DELETE
+#endif
+#if !HAVE_DECL_PAM_NEW_AUTHTOK_REQD
+#define PAM_NEW_AUTHTOK_REQD PAM_AUTHTOKEN_REQD
+#endif
+#if !HAVE_DECL_PAM_DATA_SILENT
+#define PAM_DATA_SILENT 0
+#endif
diff --git a/lib/port.c b/lib/port.c
new file mode 100644
index 0000000..438879c
--- /dev/null
+++ b/lib/port.c
@@ -0,0 +1,477 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <ctype.h>
+#include <errno.h>
+#include "defines.h"
+#include "prototypes.h"
+#include "port.h"
+
+static FILE *ports;
+
+/*
+ * portcmp - compare the name of a port to a /etc/porttime entry
+ *
+ *	portcmp works like strcmp, except that if the last character
+ *	in a failing match is a '*', the match is considered to have
+ *	passed.  The "*" match is suppressed whenever the port is "SU",
+ *	which is the token the "su" command uses to validate access.
+ *	A match returns 0, failure returns non-zero.
+ */
+
+static int portcmp (const char *pattern, const char *port)
+{
+	const char *orig = port;
+
+	while (('\0' != *pattern) && (*pattern == *port)) {
+		pattern++;
+		port++;
+	}
+
+	if (('\0' == *pattern) && ('\0' == *port)) {
+		return 0;
+	}
+	if (('S' == orig[0]) && ('U' == orig[1]) && ('\0' == orig[2])) {
+		return 1;
+	}
+
+	return (*pattern == '*') ? 0 : 1;
+}
+
+/*
+ * setportent - open /etc/porttime file or rewind
+ *
+ *	the /etc/porttime file is rewound if already open, or
+ *	opened for reading.
+ */
+
+static void setportent (void)
+{
+	if (NULL != ports) {
+		rewind (ports);
+	} else {
+		ports = fopen (PORTS, "r");
+	}
+}
+
+/*
+ * endportent - close the /etc/porttime file
+ *
+ *	the /etc/porttime file is closed and the ports variable set
+ *	to NULL to indicate that the /etc/porttime file is no longer
+ *	open.
+ */
+
+static void endportent (void)
+{
+	if (NULL != ports) {
+		(void) fclose (ports);
+	}
+
+	ports = (FILE *) 0;
+}
+
+/*
+ * getportent - read a single entry from /etc/porttime
+ *
+ *	the next line in /etc/porttime is converted to a (struct port)
+ *	and a pointer to a static (struct port) is returned to the
+ *	invoker.  NULL is returned on either EOF or error.  errno is
+ *	set to EINVAL on error to distinguish the two conditions.
+ */
+
+static struct port *getportent (void)
+{
+	static struct port port;	/* static struct to point to         */
+	static char buf[BUFSIZ];	/* some space for stuff              */
+	static char *ttys[PORT_TTY + 1];	/* some pointers to tty names     */
+	static char *users[PORT_IDS + 1];	/* some pointers to user ids     */
+	static struct pt_time ptimes[PORT_TIMES + 1];	/* time ranges         */
+	char *cp;		/* pointer into line                 */
+	int dtime;		/* scratch time of day               */
+	int i, j;
+	int saveerr = errno;	/* errno value on entry              */
+
+	/*
+	 * If the ports file is not open, open the file.  Do not rewind
+	 * since we want to search from the beginning each time.
+	 */
+
+	if (NULL == ports) {
+		setportent ();
+	}
+
+	if (NULL == ports) {
+		errno = saveerr;
+		return 0;
+	}
+
+	/*
+	 * Common point for beginning a new line -
+	 *
+	 *      - read a line, and NUL terminate
+	 *      - skip lines which begin with '#'
+	 *      - parse off the tty names
+	 *      - parse off a list of user names
+	 *      - parse off a list of days and times
+	 */
+
+      again:
+
+	/*
+	 * Get the next line and remove the last character, which
+	 * is a '\n'.  Lines which begin with '#' are all ignored.
+	 */
+
+	if (fgets (buf, (int) sizeof buf, ports) == 0) {
+		errno = saveerr;
+		return 0;
+	}
+	if ('#' == buf[0]) {
+		goto again;
+	}
+
+	/*
+	 * Get the name of the TTY device.  It is the first colon
+	 * separated field, and is the name of the TTY with no
+	 * leading "/dev".  The entry '*' is used to specify all
+	 * TTY devices.
+	 */
+
+	buf[strlen (buf) - 1] = 0;
+
+	port.pt_names = ttys;
+	for (cp = buf, j = 0; j < PORT_TTY; j++) {
+		port.pt_names[j] = cp;
+		while (('\0' != *cp) && (':' != *cp) && (',' != *cp)) {
+			cp++;
+		}
+
+		if ('\0' == *cp) {
+			goto again;	/* line format error */
+		}
+
+		if (':' == *cp) {	/* end of tty name list */
+			break;
+		}
+
+		if (',' == *cp) {	/* end of current tty name */
+			*cp++ = '\0';
+		}
+	}
+	*cp = '\0';
+	cp++;
+	port.pt_names[j + 1] = (char *) 0;
+
+	/*
+	 * Get the list of user names.  It is the second colon
+	 * separated field, and is a comma separated list of user
+	 * names.  The entry '*' is used to specify all usernames.
+	 * The last entry in the list is a (char *) 0 pointer.
+	 */
+
+	if (':' != *cp) {
+		port.pt_users = users;
+		port.pt_users[0] = cp;
+
+		for (j = 1; ':' != *cp; cp++) {
+			if ((',' == *cp) && (j < PORT_IDS)) {
+				*cp = '\0';
+				cp++;
+				port.pt_users[j] = cp;
+				j++;
+			}
+		}
+		port.pt_users[j] = 0;
+	} else {
+		port.pt_users = 0;
+	}
+
+	if (':' != *cp) {
+		goto again;
+	}
+
+	*cp = '\0';
+	cp++;
+
+	/*
+	 * Get the list of valid times.  The times field is the third
+	 * colon separated field and is a list of days of the week and
+	 * times during which this port may be used by this user.  The
+	 * valid days are 'Su', 'Mo', 'Tu', 'We', 'Th', 'Fr', and 'Sa'.
+	 *
+	 * In addition, the value 'Al' represents all 7 days, and 'Wk'
+	 * represents the 5 weekdays.
+	 *
+	 * Times are given as HHMM-HHMM.  The ending time may be before
+	 * the starting time.  Days are presumed to wrap at 0000.
+	 */
+
+	if ('\0' == *cp) {
+		port.pt_times = 0;
+		return &port;
+	}
+
+	port.pt_times = ptimes;
+
+	/*
+	 * Get the next comma separated entry
+	 */
+
+	for (j = 0; ('\0' != *cp) && (j < PORT_TIMES); j++) {
+
+		/*
+		 * Start off with no days of the week
+		 */
+
+		port.pt_times[j].t_days = 0;
+
+		/*
+		 * Check each two letter sequence to see if it is
+		 * one of the abbreviations for the days of the
+		 * week or the other two values.
+		 */
+
+		for (i = 0;
+		     ('\0' != cp[i]) && ('\0' != cp[i + 1]) && isalpha (cp[i]);
+		     i += 2) {
+			switch ((cp[i] << 8) | (cp[i + 1])) {
+			case ('S' << 8) | 'u':
+				port.pt_times[j].t_days |= 01;
+				break;
+			case ('M' << 8) | 'o':
+				port.pt_times[j].t_days |= 02;
+				break;
+			case ('T' << 8) | 'u':
+				port.pt_times[j].t_days |= 04;
+				break;
+			case ('W' << 8) | 'e':
+				port.pt_times[j].t_days |= 010;
+				break;
+			case ('T' << 8) | 'h':
+				port.pt_times[j].t_days |= 020;
+				break;
+			case ('F' << 8) | 'r':
+				port.pt_times[j].t_days |= 040;
+				break;
+			case ('S' << 8) | 'a':
+				port.pt_times[j].t_days |= 0100;
+				break;
+			case ('W' << 8) | 'k':
+				port.pt_times[j].t_days |= 076;
+				break;
+			case ('A' << 8) | 'l':
+				port.pt_times[j].t_days |= 0177;
+				break;
+			default:
+				errno = EINVAL;
+				return 0;
+			}
+		}
+
+		/*
+		 * The default is 'Al' if no days were seen.
+		 */
+
+		if (0 == i) {
+			port.pt_times[j].t_days = 0177;
+		}
+
+		/*
+		 * The start and end times are separated from each
+		 * other by a '-'.  The times are four digit numbers
+		 * representing the times of day.
+		 */
+
+		for (dtime = 0; ('\0' != cp[i]) && isdigit (cp[i]); i++) {
+			dtime = dtime * 10 + cp[i] - '0';
+		}
+
+		if (('-' != cp[i]) || (dtime > 2400) || ((dtime % 100) > 59)) {
+			goto again;
+		}
+		port.pt_times[j].t_start = dtime;
+		cp = cp + i + 1;
+
+		for (dtime = 0, i = 0;
+		     ('\0' != cp[i]) && isdigit (cp[i]);
+		     i++) {
+			dtime = dtime * 10 + cp[i] - '0';
+		}
+
+		if (   ((',' != cp[i]) && ('\0' != cp[i]))
+		    || (dtime > 2400)
+		    || ((dtime % 100) > 59)) {
+			goto again;
+		}
+
+		port.pt_times[j].t_end = dtime;
+		cp = cp + i + 1;
+	}
+
+	/*
+	 * The end of the list is indicated by a pair of -1's for the
+	 * start and end times.
+	 */
+
+	port.pt_times[j].t_start = port.pt_times[j].t_end = -1;
+
+	return &port;
+}
+
+/*
+ * getttyuser - get ports information for user and tty
+ *
+ *	getttyuser() searches the ports file for an entry with a TTY
+ *	and user field both of which match the supplied TTY and
+ *	user name.  The file is searched from the beginning, so the
+ *	entries are treated as an ordered list.
+ */
+
+static struct port *getttyuser (const char *tty, const char *user)
+{
+	int i, j;
+	struct port *port;
+
+	setportent ();
+
+	while ((port = getportent ()) != NULL) {
+		if (   (0 == port->pt_names)
+		    || (0 == port->pt_users)) {
+			continue;
+		}
+
+		for (i = 0; NULL != port->pt_names[i]; i++) {
+			if (portcmp (port->pt_names[i], tty) == 0) {
+				break;
+			}
+		}
+
+		if (port->pt_names[i] == 0) {
+			continue;
+		}
+
+		for (j = 0; NULL != port->pt_users[j]; j++) {
+			if (   (strcmp (user, port->pt_users[j]) == 0)
+			    || (strcmp (port->pt_users[j], "*") == 0)) {
+				break;
+			}
+		}
+
+		if (port->pt_users[j] != 0) {
+			break;
+		}
+	}
+	endportent ();
+	return port;
+}
+
+/*
+ * isttytime - tell if a given user may login at a particular time
+ *
+ *	isttytime searches the ports file for an entry which matches
+ *	the user name and TTY given.
+ */
+
+bool isttytime (const char *id, const char *port, time_t when)
+{
+	int i;
+	int dtime;
+	struct port *pp;
+	struct tm *tm;
+
+	/*
+	 * Try to find a matching entry for this user.  Default to
+	 * letting the user in - there are plenty of ways to have an
+	 * entry to match all users.
+	 */
+
+	pp = getttyuser (port, id);
+	if (NULL == pp) {
+		return true;
+	}
+
+	/*
+	 * The entry is there, but has no time entries - don't
+	 * ever let them login.
+	 */
+
+	if (0 == pp->pt_times) {
+		return false;
+	}
+
+	/*
+	 * The current time is converted to HHMM format for
+	 * comparison against the time values in the TTY entry.
+	 */
+
+	tm = localtime (&when);
+	dtime = tm->tm_hour * 100 + tm->tm_min;
+
+	/*
+	 * Each time entry is compared against the current
+	 * time.  For entries with the start after the end time,
+	 * the comparison is made so that the time is between
+	 * midnight and either the start or end time.
+	 */
+
+	for (i = 0; pp->pt_times[i].t_start != -1; i++) {
+		if (!(pp->pt_times[i].t_days & PORT_DAY (tm->tm_wday))) {
+			continue;
+		}
+
+		if (pp->pt_times[i].t_start <= pp->pt_times[i].t_end) {
+			if (   (dtime >= pp->pt_times[i].t_start)
+			    && (dtime <= pp->pt_times[i].t_end)) {
+				return true;
+			}
+		} else {
+			if (   (dtime >= pp->pt_times[i].t_start)
+			    || (dtime <= pp->pt_times[i].t_end)) {
+				return true;
+			}
+		}
+	}
+
+	/*
+	 * No matching time entry was found, user shouldn't
+	 * be let in right now.
+	 */
+
+	return false;
+}
+
diff --git a/lib/port.h b/lib/port.h
new file mode 100644
index 0000000..2da56b2
--- /dev/null
+++ b/lib/port.h
@@ -0,0 +1,83 @@
+/*
+ * Copyright (c) 1989 - 1991, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * port.h - structure of /etc/porttime
+ *
+ *	$Id$
+ *
+ *	Each entry in /etc/porttime consists of a TTY device
+ *	name or "*" to indicate all TTY devices, followed by
+ *	a list of 1 or more user IDs or "*" to indicate all
+ *	user names, followed by a list of zero or more valid
+ *	login times.  Login time entries consist of zero or
+ *	more day names (Su, Mo, Tu, We, Th, Fr, Sa, Wk, Al)
+ *	followed by a pair of time values in HHMM format
+ *	separated by a "-".
+ */
+
+/*
+ * PORTS - Name of system port access time file.
+ * PORT_IDS - Allowable number of IDs per entry.
+ * PORT_TTY - Allowable number of TTYs per entry.
+ * PORT_TIMES - Allowable number of time entries per entry.
+ * PORT_DAY - Day of the week to a bit value (0 = Sunday).
+ */
+
+#define	PORTS	"/etc/porttime"
+#define	PORT_IDS	64
+#define	PORT_TTY	64
+#define	PORT_TIMES	24
+#define	PORT_DAY(day)	(1<<(day))
+
+/*
+ *	pt_names - pointer to array of device names in /dev/
+ *	pt_users - pointer to array of applicable user IDs.
+ *	pt_times - pointer to list of allowable time periods.
+ */
+
+struct port {
+	char **pt_names;
+	char **pt_users;
+	struct pt_time *pt_times;
+};
+
+/*
+ *	t_days - bit array for each day of the week (0 = Sunday)
+ *	t_start - starting time for this entry
+ *	t_end - ending time for this entry
+ */
+
+struct pt_time {
+	short t_days;
+	short t_start;
+	short t_end;
+};
diff --git a/lib/prototypes.h b/lib/prototypes.h
new file mode 100644
index 0000000..4808d5d
--- /dev/null
+++ b/lib/prototypes.h
@@ -0,0 +1,440 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * prototypes.h
+ *
+ * prototypes of libmisc functions, and private lib functions.
+ *
+ * $Id$
+ *
+ */
+
+#ifndef _PROTOTYPES_H
+#define _PROTOTYPES_H
+
+#include <config.h>
+
+#include <sys/stat.h>
+#ifdef USE_UTMPX
+#include <utmpx.h>
+#else
+#include <utmp.h>
+#endif
+#include <sys/types.h>
+#include <pwd.h>
+#include <grp.h>
+#include <shadow.h>
+#include <lastlog.h>
+
+#include "defines.h"
+#include "commonio.h"
+
+extern /*@observer@*/ const char *Prog;
+
+/* addgrps.c */
+#if defined (HAVE_SETGROUPS) && ! defined (USE_PAM)
+extern int add_groups (const char *);
+#endif
+
+/* age.c */
+extern void agecheck (/*@null@*/const struct spwd *);
+extern int expire (const struct passwd *, /*@null@*/const struct spwd *);
+/* isexpired.c */
+extern int isexpired (const struct passwd *, /*@null@*/const struct spwd *);
+
+/* basename() renamed to Basename() to avoid libc name space confusion */
+/* basename.c */
+extern /*@observer@*/const char *Basename (const char *str);
+
+/* chowndir.c */
+extern int chown_tree (const char *root,
+                       uid_t old_uid, uid_t new_uid,
+                       gid_t old_gid, gid_t new_gid);
+
+/* chowntty.c */
+extern void chown_tty (const struct passwd *);
+
+/* cleanup.c */
+typedef /*@null@*/void (*cleanup_function) (/*@null@*/void *arg);
+void add_cleanup (/*@notnull@*/cleanup_function pcf, /*@null@*/void *arg);
+void del_cleanup (/*@notnull@*/cleanup_function pcf);
+void do_cleanups (void);
+
+/* cleanup_group.c */
+struct cleanup_info_mod {
+	char *audit_msg;
+	char *action;
+	/*@observer@*/const char *name;
+};
+void cleanup_report_add_group (void *group_name);
+void cleanup_report_add_group_group (void *group_name);
+#ifdef SHADOWGRP
+void cleanup_report_add_group_gshadow (void *group_name);
+#endif
+void cleanup_report_del_group (void *group_name);
+void cleanup_report_del_group_group (void *group_name);
+#ifdef SHADOWGRP
+void cleanup_report_del_group_gshadow (void *group_name);
+#endif
+void cleanup_report_mod_passwd (void *cleanup_info);
+void cleanup_report_mod_group (void *cleanup_info);
+void cleanup_report_mod_gshadow (void *cleanup_info);
+void cleanup_unlock_group (/*@null@*/void *unused);
+#ifdef SHADOWGRP
+void cleanup_unlock_gshadow (/*@null@*/void *unused);
+#endif
+void cleanup_unlock_passwd (/*@null@*/void *unused);
+
+/* console.c */
+extern bool console (const char *);
+
+/* copydir.c */
+extern int copy_tree (const char *src_root, const char *dst_root,
+                      bool copy_root,
+                      bool reset_selinux,
+                      uid_t old_uid, uid_t new_uid,
+                      gid_t old_gid, gid_t new_gid);
+
+/* encrypt.c */
+extern /*@exposed@*//*@null@*/char *pw_encrypt (const char *, const char *);
+
+/* entry.c */
+extern void pw_entry (const char *, struct passwd *);
+
+/* env.c */
+extern void addenv (const char *, /*@null@*/const char *);
+extern void initenv (void);
+extern void set_env (int, char *const *);
+extern void sanitize_env (void);
+
+/* fields.c */
+extern void change_field (char *, size_t, const char *);
+extern int valid_field (const char *, const char *);
+
+/* find_new_gid.c */
+extern int find_new_gid (bool sys_group,
+                         gid_t *gid,
+                         /*@null@*/gid_t const *preferred_gid);
+
+/* find_new_uid.c */
+extern int find_new_uid (bool sys_user,
+                         uid_t *uid,
+                         /*@null@*/uid_t const *preferred_uid);
+
+#ifdef ENABLE_SUBIDS
+/* find_new_sub_gids.c */
+extern int find_new_sub_gids (const char *owner,
+			      gid_t *range_start, unsigned long *range_count);
+
+/* find_new_sub_uids.c */
+extern int find_new_sub_uids (const char *owner,
+			      uid_t *range_start, unsigned long *range_count);
+#endif				/* ENABLE_SUBIDS */
+
+
+/* get_gid.c */
+extern int get_gid (const char *gidstr, gid_t *gid);
+
+/* getgr_nam_gid.c */
+extern /*@only@*//*@null@*/struct group *getgr_nam_gid (/*@null@*/const char *grname);
+
+/* getlong.c */
+extern int getlong (const char *numstr, /*@out@*/long int *result);
+
+/* get_pid.c */
+extern int get_pid (const char *pidstr, pid_t *pid);
+
+/* getrange */
+extern int getrange (char *range,
+                     unsigned long *min, bool *has_min,
+                     unsigned long *max, bool *has_max);
+
+/* gettime.c */
+extern time_t gettime ();
+
+/* get_uid.c */
+extern int get_uid (const char *uidstr, uid_t *uid);
+
+/* getulong.c */
+extern int getulong (const char *numstr, /*@out@*/unsigned long int *result);
+
+/* fputsx.c */
+extern /*@null@*/char *fgetsx (/*@returned@*/ /*@out@*/char *, int, FILE *);
+extern int fputsx (const char *, FILE *);
+
+/* groupio.c */
+extern void __gr_del_entry (const struct commonio_entry *ent);
+extern /*@observer@*/const struct commonio_db *__gr_get_db (void);
+extern /*@dependent@*/ /*@null@*/struct commonio_entry *__gr_get_head (void);
+extern void __gr_set_changed (void);
+
+/* groupmem.c */
+extern /*@null@*/ /*@only@*/struct group *__gr_dup (const struct group *grent);
+extern void gr_free (/*@out@*/ /*@only@*/struct group *grent);
+
+/* hushed.c */
+extern bool hushed (const char *username);
+
+/* audit_help.c */
+#ifdef WITH_AUDIT
+extern int audit_fd;
+extern void audit_help_open (void);
+/* Use AUDIT_NO_ID when a name is provided to audit_logger instead of an ID */
+#define AUDIT_NO_ID	((unsigned int) -1)
+typedef enum {
+	SHADOW_AUDIT_FAILURE = 0,
+	SHADOW_AUDIT_SUCCESS = 1} shadow_audit_result;
+extern void audit_logger (int type, const char *pgname, const char *op,
+                          const char *name, unsigned int id,
+                          shadow_audit_result result);
+void audit_logger_message (const char *message, shadow_audit_result result);
+#endif
+
+/* limits.c */
+#ifndef USE_PAM
+extern void setup_limits (const struct passwd *);
+#endif
+
+/* list.c */
+extern /*@only@*/ /*@out@*/char **add_list (/*@returned@*/ /*@only@*/char **, const char *);
+extern /*@only@*/ /*@out@*/char **del_list (/*@returned@*/ /*@only@*/char **, const char *);
+extern /*@only@*/ /*@out@*/char **dup_list (char *const *);
+extern bool is_on_list (char *const *list, const char *member);
+extern /*@only@*/char **comma_to_list (const char *);
+
+/* log.c */
+extern void dolastlog (
+	struct lastlog *ll,
+	const struct passwd *pw,
+	/*@unique@*/const char *line,
+	/*@unique@*/const char *host);
+
+/* login_nopam.c */
+extern int login_access (const char *user, const char *from);
+
+/* loginprompt.c */
+extern void login_prompt (const char *, char *, int);
+
+/* mail.c */
+extern void mailcheck (void);
+
+/* motd.c */
+extern void motd (void);
+
+/* myname.c */
+extern /*@null@*//*@only@*/struct passwd *get_my_pwent (void);
+
+/* pam_pass_non_interractive.c */
+#ifdef USE_PAM
+extern int do_pam_passwd_non_interractive (const char *pam_service,
+                                           const char *username,
+                                           const char* password);
+#endif				/* USE_PAM */
+
+/* obscure.c */
+#ifndef USE_PAM
+extern bool obscure (const char *, const char *, const struct passwd *);
+#endif
+
+/* pam_pass.c */
+#ifdef USE_PAM
+extern void do_pam_passwd (const char *user, bool silent, bool change_expired);
+#endif
+
+/* port.c */
+extern bool isttytime (const char *, const char *, time_t);
+
+/* pwd2spwd.c */
+#ifndef USE_PAM
+extern struct spwd *pwd_to_spwd (const struct passwd *);
+#endif
+
+/* pwdcheck.c */
+#ifndef USE_PAM
+extern void passwd_check (const char *, const char *, const char *);
+#endif
+
+/* pwd_init.c */
+extern void pwd_init (void);
+
+/* pwio.c */
+extern void __pw_del_entry (const struct commonio_entry *ent);
+extern struct commonio_db *__pw_get_db (void);
+extern /*@dependent@*/ /*@null@*/struct commonio_entry *__pw_get_head (void);
+
+/* pwmem.c */
+extern /*@null@*/ /*@only@*/struct passwd *__pw_dup (const struct passwd *pwent);
+extern void pw_free (/*@out@*/ /*@only@*/struct passwd *pwent);
+
+/* remove_tree.c */
+extern int remove_tree (const char *root, bool remove_root);
+
+/* rlogin.c */
+extern int do_rlogin (const char *remote_host, char *name, size_t namelen,
+                      char *term, size_t termlen);
+
+/* root_flag.c */
+extern void process_root_flag (const char* short_opt, int argc, char **argv);
+
+/* salt.c */
+extern /*@observer@*/const char *crypt_make_salt (/*@null@*//*@observer@*/const char *meth, /*@null@*/void *arg);
+
+/* selinux.c */
+#ifdef WITH_SELINUX
+extern int set_selinux_file_context (const char *dst_name);
+extern int reset_selinux_file_context (void);
+#endif
+
+/* semanage.c */
+#ifdef WITH_SELINUX
+extern int set_seuser(const char *login_name, const char *seuser_name);
+extern int del_seuser(const char *login_name);
+#endif
+
+/* setugid.c */
+extern int setup_groups (const struct passwd *info);
+extern int change_uid (const struct passwd *info);
+#if (defined HAVE_INITGROUPS) && (! defined USE_PAM)
+extern int setup_uid_gid (const struct passwd *info, bool is_console);
+#else
+extern int setup_uid_gid (const struct passwd *info);
+#endif
+
+/* setup.c */
+extern void setup (struct passwd *);
+
+/* setupenv.c */
+extern void setup_env (struct passwd *);
+
+/* sgetgrent.c */
+extern struct group *sgetgrent (const char *buf);
+
+/* sgetpwent.c */
+extern struct passwd *sgetpwent (const char *buf);
+
+/* sgetspent.c */
+#ifndef HAVE_SGETSPENT
+extern struct spwd *sgetspent (const char *string);
+#endif
+
+/* sgroupio.c */
+extern void __sgr_del_entry (const struct commonio_entry *ent);
+extern /*@null@*/ /*@only@*/struct sgrp *__sgr_dup (const struct sgrp *sgent);
+extern void sgr_free (/*@out@*/ /*@only@*/struct sgrp *sgent);
+extern /*@dependent@*/ /*@null@*/struct commonio_entry *__sgr_get_head (void);
+extern void __sgr_set_changed (void);
+
+/* shadowio.c */
+extern /*@dependent@*/ /*@null@*/struct commonio_entry *__spw_get_head (void);
+extern void __spw_del_entry (const struct commonio_entry *ent);
+
+/* shadowmem.c */
+extern /*@null@*/ /*@only@*/struct spwd *__spw_dup (const struct spwd *spent);
+extern void spw_free (/*@out@*/ /*@only@*/struct spwd *spent);
+
+/* shell.c */
+extern int shell (const char *file, /*@null@*/const char *arg, char *const envp[]);
+
+/* spawn.c */
+extern int run_command (const char *cmd, const char *argv[],
+                        /*@null@*/const char *envp[], /*@out@*/int *status);
+
+/* strtoday.c */
+extern long strtoday (const char *);
+
+/* suauth.c */
+extern int check_su_auth (const char *actual_id,
+                          const char *wanted_id,
+                          bool su_to_root);
+
+/* sulog.c */
+extern void sulog (const char *tty,
+                   bool success,
+                   const char *oldname,
+                   const char *name);
+
+/* sub.c */
+extern void subsystem (const struct passwd *);
+
+/* ttytype.c */
+extern void ttytype (const char *);
+
+/* tz.c */
+#ifndef USE_PAM
+extern /*@observer@*/const char *tz (const char *);
+#endif
+
+/* ulimit.c */
+extern int set_filesize_limit (int blocks);
+
+/* user_busy.c */
+extern int user_busy (const char *name, uid_t uid);
+
+/* utmp.c */
+extern /*@null@*/struct utmp *get_current_utmp (void);
+extern struct utmp *prepare_utmp (const char *name,
+                                  const char *line,
+                                  const char *host,
+                                  /*@null@*/const struct utmp *ut);
+extern int setutmp (struct utmp *ut);
+#ifdef USE_UTMPX
+extern struct utmpx *prepare_utmpx (const char *name,
+                                    const char *line,
+                                    const char *host,
+                                    /*@null@*/const struct utmp *ut);
+extern int setutmpx (struct utmpx *utx);
+#endif				/* USE_UTMPX */
+
+/* valid.c */
+extern bool valid (const char *, const struct passwd *);
+
+/* xmalloc.c */
+extern /*@maynotreturn@*/ /*@only@*//*@out@*//*@notnull@*/char *xmalloc (size_t size)
+  /*@ensures MaxSet(result) == (size - 1); @*/;
+extern /*@maynotreturn@*/ /*@only@*//*@notnull@*/char *xstrdup (const char *);
+
+/* xgetpwnam.c */
+extern /*@null@*/ /*@only@*/struct passwd *xgetpwnam (const char *);
+/* xgetpwuid.c */
+extern /*@null@*/ /*@only@*/struct passwd *xgetpwuid (uid_t);
+/* xgetgrnam.c */
+extern /*@null@*/ /*@only@*/struct group *xgetgrnam (const char *);
+/* xgetgrgid.c */
+extern /*@null@*/ /*@only@*/struct group *xgetgrgid (gid_t);
+/* xgetspnam.c */
+extern /*@null@*/ /*@only@*/struct spwd *xgetspnam(const char *);
+
+/* yesno.c */
+extern bool yes_or_no (bool read_only);
+
+#endif				/* _PROTOTYPES_H */
diff --git a/lib/pwauth.c b/lib/pwauth.c
new file mode 100644
index 0000000..9e24fbf
--- /dev/null
+++ b/lib/pwauth.c
@@ -0,0 +1,234 @@
+/*
+ * Copyright (c) 1992 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifndef USE_PAM
+#ident "$Id$"
+
+#include <errno.h>
+#include <fcntl.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "pwauth.h"
+#include "getdef.h"
+#ifdef SKEY
+#include <skey.h>
+#endif
+#ifdef __linux__		/* standard password prompt by default */
+static const char *PROMPT = gettext_noop ("Password: ");
+#else
+static const char *PROMPT = gettext_noop ("%s's Password: ");
+#endif
+
+bool wipe_clear_pass = true;
+/*@null@*/char *clear_pass = NULL;
+
+/*
+ * pw_auth - perform getpass/crypt authentication
+ *
+ *	pw_auth gets the user's cleartext password and encrypts it
+ *	using the salt in the encrypted password. The results are
+ *	compared.
+ */
+
+int pw_auth (const char *cipher,
+             const char *user,
+             int reason,
+             /*@null@*/const char *input)
+{
+	char prompt[1024];
+	char *clear = NULL;
+	const char *cp;
+	const char *encrypted;
+	int retval;
+
+#ifdef	SKEY
+	bool use_skey = false;
+	char challenge_info[40];
+	struct skey skey;
+#endif
+
+	/*
+	 * There are programs for adding and deleting authentication data.
+	 */
+
+	if ((PW_ADD == reason) || (PW_DELETE == reason)) {
+		return 0;
+	}
+
+	/*
+	 * There are even programs for changing the user name ...
+	 */
+
+	if ((PW_CHANGE == reason) && (NULL != input)) {
+		return 0;
+	}
+
+	/*
+	 * WARNING:
+	 *
+	 * When we change a password and we are root, we don't prompt.
+	 * This is so root can change any password without having to
+	 * know it.  This is a policy decision that might have to be
+	 * revisited.
+	 */
+
+	if ((PW_CHANGE == reason) && (getuid () == 0)) {
+		return 0;
+	}
+
+	/*
+	 * WARNING:
+	 *
+	 * When we are logging in a user with no ciphertext password,
+	 * we don't prompt for the password or anything.  In reality
+	 * the user could just hit <ENTER>, so it doesn't really
+	 * matter.
+	 */
+
+	if ((NULL == cipher) || ('\0' == *cipher)) {
+		return 0;
+	}
+
+#ifdef	SKEY
+	/*
+	 * If the user has an S/KEY entry show them the pertinent info
+	 * and then we can try validating the created cyphertext and the SKEY.
+	 * If there is no SKEY information we default to not using SKEY.
+	 */
+
+# ifdef SKEY_BSD_STYLE
+	/*
+	 * Some BSD updates to the S/KEY API adds a fourth parameter; the
+	 * sizeof of the challenge info buffer.
+	 */
+#  define skeychallenge(s,u,c) skeychallenge(s,u,c,sizeof(c))
+# endif
+
+	if (skeychallenge (&skey, user, challenge_info) == 0) {
+		use_skey = true;
+	}
+#endif
+
+	/*
+	 * Prompt for the password as required.  FTPD and REXECD both
+	 * get the cleartext password for us.
+	 */
+
+	if ((PW_FTP != reason) && (PW_REXEC != reason) && (NULL == input)) {
+		cp = getdef_str ("LOGIN_STRING");
+		if (NULL == cp) {
+			cp = _(PROMPT);
+		}
+#ifdef	SKEY
+		if (use_skey) {
+			printf ("[%s]\n", challenge_info);
+		}
+#endif
+
+		snprintf (prompt, sizeof prompt, cp, user);
+		clear = getpass (prompt);
+		if (NULL == clear) {
+			static char c[1];
+
+			c[0] = '\0';
+			clear = c;
+		}
+		input = clear;
+	}
+
+	/*
+	 * Convert the cleartext password into a ciphertext string.
+	 * If the two match, the return value will be zero, which is
+	 * SUCCESS. Otherwise we see if SKEY is being used and check
+	 * the results there as well.
+	 */
+
+	encrypted = pw_encrypt (input, cipher);
+	if (NULL != encrypted) {
+		retval = strcmp (encrypted, cipher);
+	} else {
+		retval = -1;
+	}
+
+#ifdef  SKEY
+	/*
+	 * If (1) The password fails to match, and
+	 * (2) The password is empty and
+	 * (3) We are using OPIE or S/Key, then
+	 * ...Re-prompt, with echo on.
+	 * -- AR 8/22/1999
+	 */
+	if ((0 != retval) && ('\0' == input[0]) && use_skey) {
+		clear = getpass (prompt);
+		if (NULL == clear) {
+			static char c[1];
+
+			c[0] = '\0';
+			clear = c;
+		}
+		input = clear;
+	}
+
+	if ((0 != retval) && use_skey) {
+		int passcheck = -1;
+
+		if (skeyverify (&skey, input) == 0) {
+			passcheck = skey.n;
+		}
+		if (passcheck > 0) {
+			retval = 0;
+		}
+	}
+#endif
+
+	/*
+	 * Things like RADIUS authentication may need the password -
+	 * if the external variable wipe_clear_pass is zero, we will
+	 * not wipe it (the caller should wipe clear_pass when it is
+	 * no longer needed).  --marekm
+	 */
+
+	clear_pass = clear;
+	if (wipe_clear_pass && (NULL != clear) && ('\0' != *clear)) {
+		strzero (clear);
+	}
+	return retval;
+}
+#else				/* !USE_PAM */
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/* !USE_PAM */
diff --git a/lib/pwauth.h b/lib/pwauth.h
new file mode 100644
index 0000000..d6c71dd
--- /dev/null
+++ b/lib/pwauth.h
@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 1992 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2009       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ *	$Id$
+ */
+
+#ifndef USE_PAM
+int pw_auth (const char *cipher,
+             const char *user,
+             int flag,
+             /*@null@*/const char *input);
+#endif				/* !USE_PAM */
+
+/*
+ * Local access
+ */
+
+#define	PW_SU		1
+#define	PW_LOGIN	2
+
+/*
+ * Administrative functions
+ */
+
+#define	PW_ADD		101
+#define	PW_CHANGE	102
+#define	PW_DELETE	103
+
+/*
+ * Network access
+ */
+
+#define	PW_TELNET	201
+#define	PW_RLOGIN	202
+#define	PW_FTP		203
+#define	PW_REXEC	204
diff --git a/lib/pwio.c b/lib/pwio.c
new file mode 100644
index 0000000..7ee8537
--- /dev/null
+++ b/lib/pwio.c
@@ -0,0 +1,226 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001       , Michał Moskal
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+#include <stdio.h>
+#include "commonio.h"
+#include "pwio.h"
+
+static /*@null@*/ /*@only@*/void *passwd_dup (const void *ent)
+{
+	const struct passwd *pw = ent;
+
+	return __pw_dup (pw);
+}
+
+static void passwd_free (/*@out@*/ /*@only@*/void *ent)
+{
+	struct passwd *pw = ent;
+
+	pw_free (pw);
+}
+
+static const char *passwd_getname (const void *ent)
+{
+	const struct passwd *pw = ent;
+
+	return pw->pw_name;
+}
+
+static void *passwd_parse (const char *line)
+{
+	return (void *) sgetpwent (line);
+}
+
+static int passwd_put (const void *ent, FILE * file)
+{
+	const struct passwd *pw = ent;
+
+	if (   (NULL == pw)
+	    || (valid_field (pw->pw_name, ":\n") == -1)
+	    || (valid_field (pw->pw_passwd, ":\n") == -1)
+	    || (pw->pw_uid == (uid_t)-1)
+	    || (pw->pw_gid == (gid_t)-1)
+	    || (valid_field (pw->pw_gecos, ":\n") == -1)
+	    || (valid_field (pw->pw_dir, ":\n") == -1)
+	    || (valid_field (pw->pw_shell, ":\n") == -1)) {
+		return -1;
+	}
+
+	return (putpwent (pw, file) == -1) ? -1 : 0;
+}
+
+static struct commonio_ops passwd_ops = {
+	passwd_dup,
+	passwd_free,
+	passwd_getname,
+	passwd_parse,
+	passwd_put,
+	fgets,
+	fputs,
+	NULL,			/* open_hook */
+	NULL			/* close_hook */
+};
+
+static struct commonio_db passwd_db = {
+	PASSWD_FILE,		/* filename */
+	&passwd_ops,		/* ops */
+	NULL,			/* fp */
+#ifdef WITH_SELINUX
+	NULL,			/* scontext */
+#endif
+	0644,                   /* st_mode */
+	0,                      /* st_uid */
+	0,                      /* st_gid */
+	NULL,			/* head */
+	NULL,			/* tail */
+	NULL,			/* cursor */
+	false,			/* changed */
+	false,			/* isopen */
+	false,			/* locked */
+	false			/* readonly */
+};
+
+int pw_setdbname (const char *filename)
+{
+	return commonio_setname (&passwd_db, filename);
+}
+
+/*@observer@*/const char *pw_dbname (void)
+{
+	return passwd_db.filename;
+}
+
+int pw_lock (void)
+{
+	return commonio_lock (&passwd_db);
+}
+
+int pw_open (int mode)
+{
+	return commonio_open (&passwd_db, mode);
+}
+
+/*@observer@*/ /*@null@*/const struct passwd *pw_locate (const char *name)
+{
+	return commonio_locate (&passwd_db, name);
+}
+
+/*@observer@*/ /*@null@*/const struct passwd *pw_locate_uid (uid_t uid)
+{
+	const struct passwd *pwd;
+
+	pw_rewind ();
+	while (   ((pwd = pw_next ()) != NULL)
+	       && (pwd->pw_uid != uid)) {
+	}
+
+	return pwd;
+}
+
+int pw_update (const struct passwd *pw)
+{
+	return commonio_update (&passwd_db, (const void *) pw);
+}
+
+int pw_remove (const char *name)
+{
+	return commonio_remove (&passwd_db, name);
+}
+
+int pw_rewind (void)
+{
+	return commonio_rewind (&passwd_db);
+}
+
+/*@observer@*/ /*@null@*/const struct passwd *pw_next (void)
+{
+	return commonio_next (&passwd_db);
+}
+
+int pw_close (void)
+{
+	return commonio_close (&passwd_db);
+}
+
+int pw_unlock (void)
+{
+	return commonio_unlock (&passwd_db);
+}
+
+/*@null@*/struct commonio_entry *__pw_get_head (void)
+{
+	return passwd_db.head;
+}
+
+void __pw_del_entry (const struct commonio_entry *ent)
+{
+	commonio_del_entry (&passwd_db, ent);
+}
+
+struct commonio_db *__pw_get_db (void)
+{
+	return &passwd_db;
+}
+
+static int pw_cmp (const void *p1, const void *p2)
+{
+	uid_t u1, u2;
+
+	if ((*(struct commonio_entry **) p1)->eptr == NULL)
+		return 1;
+	if ((*(struct commonio_entry **) p2)->eptr == NULL)
+		return -1;
+
+	u1 = ((struct passwd *) (*(struct commonio_entry **) p1)->eptr)->pw_uid;
+	u2 = ((struct passwd *) (*(struct commonio_entry **) p2)->eptr)->pw_uid;
+
+	if (u1 < u2)
+		return -1;
+	else if (u1 > u2)
+		return 1;
+	else
+		return 0;
+}
+
+/* Sort entries by UID */
+int pw_sort ()
+{
+	return commonio_sort (&passwd_db, pw_cmp);
+}
diff --git a/lib/pwio.h b/lib/pwio.h
new file mode 100644
index 0000000..2db85e0
--- /dev/null
+++ b/lib/pwio.h
@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2005       , Michał Moskal
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id$ */
+#ifndef _PWIO_H
+#define _PWIO_H
+
+#include <sys/types.h>
+#include <pwd.h>
+
+extern int pw_close (void);
+extern /*@observer@*/ /*@null@*/const struct passwd *pw_locate (const char *name);
+extern /*@observer@*/ /*@null@*/const struct passwd *pw_locate_uid (uid_t uid);
+extern int pw_lock (void);
+extern int pw_setdbname (const char *filename);
+extern /*@observer@*/const char *pw_dbname (void);
+extern /*@observer@*/ /*@null@*/const struct passwd *pw_next (void);
+extern int pw_open (int mode);
+extern int pw_remove (const char *name);
+extern int pw_rewind (void);
+extern int pw_unlock (void);
+extern int pw_update (const struct passwd *pw);
+extern int pw_sort (void);
+
+#endif
diff --git a/lib/pwmem.c b/lib/pwmem.c
new file mode 100644
index 0000000..17d2eb2
--- /dev/null
+++ b/lib/pwmem.c
@@ -0,0 +1,106 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001       , Michał Moskal
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2013, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include "defines.h"
+#include "prototypes.h"
+#include "pwio.h"
+
+/*@null@*/ /*@only@*/struct passwd *__pw_dup (const struct passwd *pwent)
+{
+	struct passwd *pw;
+
+	pw = (struct passwd *) malloc (sizeof *pw);
+	if (NULL == pw) {
+		return NULL;
+	}
+	/* The libc might define other fields. They won't be copied. */
+	memset (pw, 0, sizeof *pw);
+	pw->pw_uid = pwent->pw_uid;
+	pw->pw_gid = pwent->pw_gid;
+	/*@-mustfreeonly@*/
+	pw->pw_name = strdup (pwent->pw_name);
+	/*@=mustfreeonly@*/
+	if (NULL == pw->pw_name) {
+		pw_free(pw);
+		return NULL;
+	}
+	/*@-mustfreeonly@*/
+	pw->pw_passwd = strdup (pwent->pw_passwd);
+	/*@=mustfreeonly@*/
+	if (NULL == pw->pw_passwd) {
+		pw_free(pw);
+		return NULL;
+	}
+	/*@-mustfreeonly@*/
+	pw->pw_gecos = strdup (pwent->pw_gecos);
+	/*@=mustfreeonly@*/
+	if (NULL == pw->pw_gecos) {
+		pw_free(pw);
+		return NULL;
+	}
+	/*@-mustfreeonly@*/
+	pw->pw_dir = strdup (pwent->pw_dir);
+	/*@=mustfreeonly@*/
+	if (NULL == pw->pw_dir) {
+		pw_free(pw);
+		return NULL;
+	}
+	/*@-mustfreeonly@*/
+	pw->pw_shell = strdup (pwent->pw_shell);
+	/*@=mustfreeonly@*/
+	if (NULL == pw->pw_shell) {
+		pw_free(pw);
+		return NULL;
+	}
+
+	return pw;
+}
+
+void pw_free (/*@out@*/ /*@only@*/struct passwd *pwent)
+{
+	free (pwent->pw_name);
+	if (pwent->pw_passwd) {
+		memzero (pwent->pw_passwd, strlen (pwent->pw_passwd));
+		free (pwent->pw_passwd);
+	}
+	free (pwent->pw_gecos);
+	free (pwent->pw_dir);
+	free (pwent->pw_shell);
+	free (pwent);
+}
+
diff --git a/lib/selinux.c b/lib/selinux.c
new file mode 100644
index 0000000..d751329
--- /dev/null
+++ b/lib/selinux.c
@@ -0,0 +1,103 @@
+/*
+ * Copyright (c) 2011       , Peter Vrabec <pvrabec@redhat.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifdef WITH_SELINUX
+
+#include "defines.h"
+
+#include <selinux/selinux.h>
+#include "prototypes.h"
+
+
+static bool selinux_checked = false;
+static bool selinux_enabled;
+
+/*
+ * set_selinux_file_context - Set the security context before any file or
+ *                            directory creation.
+ *
+ *	set_selinux_file_context () should be called before any creation
+ *	of file, symlink, directory, ...
+ *
+ *	Callers may have to Reset SELinux to create files with default
+ *	contexts with reset_selinux_file_context
+ */
+int set_selinux_file_context (const char *dst_name)
+{
+	/*@null@*/security_context_t scontext = NULL;
+
+	if (!selinux_checked) {
+		selinux_enabled = is_selinux_enabled () > 0;
+		selinux_checked = true;
+	}
+
+	if (selinux_enabled) {
+		/* Get the default security context for this file */
+		if (matchpathcon (dst_name, 0, &scontext) < 0) {
+			if (security_getenforce () != 0) {
+				return 1;
+			}
+		}
+		/* Set the security context for the next created file */
+		if (setfscreatecon (scontext) < 0) {
+			if (security_getenforce () != 0) {
+				return 1;
+			}
+		}
+		freecon (scontext);
+	}
+	return 0;
+}
+
+/*
+ * reset_selinux_file_context - Reset the security context to the default
+ *                              policy behavior
+ *
+ *	reset_selinux_file_context () should be called after the context
+ *	was changed with set_selinux_file_context ()
+ */
+int reset_selinux_file_context (void)
+{
+	if (!selinux_checked) {
+		selinux_enabled = is_selinux_enabled () > 0;
+		selinux_checked = true;
+	}
+	if (selinux_enabled) {
+		if (setfscreatecon (NULL) != 0) {
+			return 1;
+		}
+	}
+	return 0;
+}
+
+#else				/* !WITH_SELINUX */
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/* !WITH_SELINUX */
diff --git a/lib/semanage.c b/lib/semanage.c
new file mode 100644
index 0000000..e983f5f
--- /dev/null
+++ b/lib/semanage.c
@@ -0,0 +1,378 @@
+/*
+ * Copyright (c) 2010       , Jakub Hrozek <jhrozek@redhat.com>
+ * Copyright (c) 2011       , Peter Vrabec <pvrabec@redhat.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifdef WITH_SELINUX
+
+#include "defines.h"
+
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE
+#endif
+#include <stdio.h>
+#include <stdarg.h>
+#include <selinux/selinux.h>
+#include <semanage/semanage.h>
+#include "prototypes.h"
+
+
+#ifndef DEFAULT_SERANGE
+#define DEFAULT_SERANGE "s0"
+#endif
+
+
+static void semanage_error_callback (unused void *varg,
+                                     semanage_handle_t *handle,
+                                     const char *fmt, ...)
+{
+	int ret;
+	char * message = NULL;
+	va_list ap;
+
+
+	va_start (ap, fmt);
+	ret = vasprintf (&message, fmt, ap);
+	va_end (ap);
+	if (ret < 0) {
+		/* ENOMEM */
+		return;
+	}
+
+	switch (semanage_msg_get_level (handle)) {
+	case SEMANAGE_MSG_ERR:
+	case SEMANAGE_MSG_WARN:
+		fprintf (stderr, _("[libsemanage]: %s\n"), message);
+		break;
+	case SEMANAGE_MSG_INFO:
+		/* nop */
+		break;
+	}
+
+	free (message);
+}
+
+
+static semanage_handle_t *semanage_init (void)
+{
+	int ret;
+	semanage_handle_t *handle = NULL;
+
+	handle = semanage_handle_create ();
+	if (NULL == handle) {
+		fprintf (stderr,
+		         _("Cannot create SELinux management handle\n"));
+		return NULL;
+	}
+
+	semanage_msg_set_callback (handle, semanage_error_callback, NULL);
+
+	ret = semanage_is_managed (handle);
+	if (ret != 1) {
+		fprintf (stderr, _("SELinux policy not managed\n"));
+		goto fail;
+	}
+
+	ret = semanage_access_check (handle);
+	if (ret < SEMANAGE_CAN_READ) {
+		fprintf (stderr, _("Cannot read SELinux policy store\n"));
+		goto fail;
+	}
+
+	ret = semanage_connect (handle);
+	if (ret != 0) {
+		fprintf (stderr,
+		         _("Cannot establish SELinux management connection\n"));
+		goto fail;
+	}
+
+	ret = semanage_begin_transaction (handle);
+	if (ret != 0) {
+		fprintf (stderr, _("Cannot begin SELinux transaction\n"));
+		goto fail;
+	}
+
+	return handle;
+
+fail:
+	semanage_handle_destroy (handle);
+	return NULL;
+}
+
+
+static int semanage_user_mod (semanage_handle_t *handle,
+                              semanage_seuser_key_t *key,
+                              const char *login_name,
+                              const char *seuser_name)
+{
+	int ret;
+	semanage_seuser_t *seuser = NULL;
+
+	semanage_seuser_query (handle, key, &seuser);
+	if (NULL == seuser) {
+		fprintf (stderr,
+		         _("Could not query seuser for %s\n"), login_name);
+		ret = 1;
+		goto done;
+	}
+
+	ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
+	if (ret != 0) {
+		fprintf (stderr,
+		         _("Could not set serange for %s\n"), login_name);
+		ret = 1;
+		goto done;
+	}
+
+	ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
+	if (ret != 0) {
+		fprintf (stderr,
+		         _("Could not set sename for %s\n"),
+		         login_name);
+		ret = 1;
+		goto done;
+	}
+
+	ret = semanage_seuser_modify_local (handle, key, seuser);
+	if (ret != 0) {
+		fprintf (stderr,
+		         _("Could not modify login mapping for %s\n"),
+		         login_name);
+		ret = 1;
+		goto done;
+	}
+
+	ret = 0;
+done:
+	semanage_seuser_free (seuser);
+	return ret;
+}
+
+
+static int semanage_user_add (semanage_handle_t *handle,
+                             semanage_seuser_key_t *key,
+                             const char *login_name,
+                             const char *seuser_name)
+{
+	int ret;
+	semanage_seuser_t *seuser = NULL;
+
+	ret = semanage_seuser_create (handle, &seuser);
+	if (ret != 0) {
+		fprintf (stderr,
+		         _("Cannot create SELinux login mapping for %s\n"),
+		         login_name);
+		ret = 1;
+		goto done;
+	}
+
+	ret = semanage_seuser_set_name (handle, seuser, login_name);
+	if (ret != 0) {
+		fprintf (stderr, _("Could not set name for %s\n"), login_name);
+		ret = 1;
+		goto done;
+	}
+
+	ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
+	if (ret != 0) {
+		fprintf (stderr,
+		         _("Could not set serange for %s\n"),
+		         login_name);
+		ret = 1;
+		goto done;
+	}
+
+	ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
+	if (ret != 0) {
+		fprintf (stderr,
+		         _("Could not set SELinux user for %s\n"),
+		         login_name);
+		ret = 1;
+		goto done;
+	}
+
+	ret = semanage_seuser_modify_local (handle, key, seuser);
+	if (ret != 0) {
+		fprintf (stderr,
+		         _("Could not add login mapping for %s\n"),
+		         login_name);
+		ret = 1;
+		goto done;
+	}
+
+	ret = 0;
+done:
+	semanage_seuser_free (seuser);
+	return ret;
+}
+
+
+int set_seuser (const char *login_name, const char *seuser_name)
+{
+	semanage_handle_t *handle = NULL;
+	semanage_seuser_key_t *key = NULL;
+	int ret;
+	int seuser_exists = 0;
+
+	if (NULL == seuser_name) {
+		/* don't care, just let system pick the defaults */
+		return 0;
+	}
+
+	handle = semanage_init ();
+	if (NULL == handle) {
+		fprintf (stderr, _("Cannot init SELinux management\n"));
+		ret = 1;
+		goto done;
+	}
+
+	ret = semanage_seuser_key_create (handle, login_name, &key);
+	if (ret != 0) {
+		fprintf (stderr, _("Cannot create SELinux user key\n"));
+		ret = 1;
+		goto done;
+	}
+
+	ret = semanage_seuser_exists (handle, key, &seuser_exists);
+	if (ret < 0) {
+		fprintf (stderr, _("Cannot verify the SELinux user\n"));
+		ret = 1;
+		goto done;
+	}
+
+	if (0 != seuser_exists) {
+		ret = semanage_user_mod (handle, key, login_name, seuser_name);
+		if (ret != 0) {
+			fprintf (stderr,
+			         _("Cannot modify SELinux user mapping\n"));
+			ret = 1;
+			goto done;
+		}
+	} else {
+		ret = semanage_user_add (handle, key, login_name, seuser_name);
+		if (ret != 0) {
+			fprintf (stderr,
+			         _("Cannot add SELinux user mapping\n"));
+			ret = 1;
+			goto done;
+		}
+	}
+
+	ret = semanage_commit (handle);
+	if (ret < 0) {
+		fprintf (stderr, _("Cannot commit SELinux transaction\n"));
+		ret = 1;
+		goto done;
+	}
+
+	ret = 0;
+
+done:
+	semanage_seuser_key_free (key);
+	semanage_handle_destroy (handle);
+	return ret;
+}
+
+
+int del_seuser (const char *login_name)
+{
+	semanage_handle_t *handle = NULL;
+	semanage_seuser_key_t *key = NULL;
+	int ret;
+	int exists = 0;
+
+	handle = semanage_init ();
+	if (NULL == handle) {
+		fprintf (stderr, _("Cannot init SELinux management\n"));
+		ret = 1;
+		goto done;
+	}
+
+	ret = semanage_seuser_key_create (handle, login_name, &key);
+	if (ret != 0) {
+		fprintf (stderr, _("Cannot create SELinux user key\n"));
+		ret = 1;
+		goto done;
+	}
+
+	ret = semanage_seuser_exists (handle, key, &exists);
+	if (ret < 0) {
+		fprintf (stderr, _("Cannot verify the SELinux user\n"));
+		ret = 1;
+		goto done;
+	}
+
+	if (0 == exists) {
+		fprintf (stderr,
+		         _("Login mapping for %s is not defined, OK if default mapping was used\n"), 
+		         login_name);
+		ret = 0;  /* probably default mapping */
+		goto done;
+	}
+
+	ret = semanage_seuser_exists_local (handle, key, &exists);
+	if (ret < 0) {
+		fprintf (stderr, _("Cannot verify the SELinux user\n"));
+		ret = 1;
+		goto done;
+	}
+
+	if (0 == exists) {
+		fprintf (stderr,
+		         _("Login mapping for %s is defined in policy, cannot be deleted\n"), 
+		         login_name);
+		ret = 0; /* Login mapping defined in policy can't be deleted */
+		goto done;
+	}
+
+	ret = semanage_seuser_del_local (handle, key);
+	if (ret != 0) {
+		fprintf (stderr,
+		         _("Could not delete login mapping for %s"),
+		         login_name);
+		ret = 1;
+		goto done;
+	}
+
+	ret = semanage_commit (handle);
+	if (ret < 0) {
+		fprintf (stderr, _("Cannot commit SELinux transaction\n"));
+		ret = 1;
+		goto done;
+	}
+
+	ret = 0;
+done:
+	semanage_handle_destroy (handle);
+	return ret;
+}
+#else				/* !WITH_SELINUX */
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/* !WITH_SELINUX */
diff --git a/lib/sgetgrent.c b/lib/sgetgrent.c
new file mode 100644
index 0000000..206f1c5
--- /dev/null
+++ b/lib/sgetgrent.c
@@ -0,0 +1,154 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <grp.h>
+#include "defines.h"
+#include "prototypes.h"
+
+#define	NFIELDS	4
+
+/*
+ * list - turn a comma-separated string into an array of (char *)'s
+ *
+ *	list() converts the comma-separated list of member names into
+ *	an array of character pointers.
+ *
+ *	WARNING: I profiled this once with and without strchr() calls
+ *	and found that using a register variable and an explicit loop
+ *	works best.  For large /etc/group files, this is a major win.
+ *
+ * FINALLY added dynamic allocation.  Still need to fix sgetsgent().
+ *  --marekm
+ */
+static char **list (char *s)
+{
+	static char **members = 0;
+	static int size = 0;	/* max members + 1 */
+	int i;
+	char **rbuf;
+
+	i = 0;
+	for (;;) {
+		/* check if there is room for another pointer (to a group
+		   member name, or terminating NULL).  */
+		if (i >= size) {
+			size = i + 100;	/* at least: i + 1 */
+			if (members) {
+				rbuf =
+				    realloc (members, size * sizeof (char *));
+			} else {
+				/* for old (before ANSI C) implementations of
+				   realloc() that don't handle NULL properly */
+				rbuf = malloc (size * sizeof (char *));
+			}
+			if (!rbuf) {
+				if (members)
+					free (members);
+				members = 0;
+				size = 0;
+				return (char **) 0;
+			}
+			members = rbuf;
+		}
+		if (!s || s[0] == '\0')
+			break;
+		members[i++] = s;
+		while (('\0' != *s) && (',' != *s)) {
+			s++;
+		}
+		if ('\0' != *s) {
+			*s++ = '\0';
+		}
+	}
+	members[i] = (char *) 0;
+	return members;
+}
+
+
+struct group *sgetgrent (const char *buf)
+{
+	static char *grpbuf = 0;
+	static size_t size = 0;
+	static char *grpfields[NFIELDS];
+	static struct group grent;
+	int i;
+	char *cp;
+
+	if (strlen (buf) + 1 > size) {
+		/* no need to use realloc() here - just free it and
+		   allocate a larger block */
+		if (grpbuf)
+			free (grpbuf);
+		size = strlen (buf) + 1000;	/* at least: strlen(buf) + 1 */
+		grpbuf = malloc (size);
+		if (!grpbuf) {
+			size = 0;
+			return 0;
+		}
+	}
+	strcpy (grpbuf, buf);
+
+	cp = strrchr (grpbuf, '\n');
+	if (NULL != cp) {
+		*cp = '\0';
+	}
+
+	for (cp = grpbuf, i = 0; (i < NFIELDS) && (NULL != cp); i++) {
+		grpfields[i] = cp;
+		cp = strchr (cp, ':');
+		if (NULL != cp) {
+			*cp = '\0';
+			cp++;
+		}
+	}
+	if (i < (NFIELDS - 1) || *grpfields[2] == '\0') {
+		return (struct group *) 0;
+	}
+	grent.gr_name = grpfields[0];
+	grent.gr_passwd = grpfields[1];
+	if (get_gid (grpfields[2], &grent.gr_gid) == 0) {
+		return (struct group *) 0;
+	}
+	grent.gr_mem = list (grpfields[3]);
+	if (NULL == grent.gr_mem) {
+		return (struct group *) 0;	/* out of memory */
+	}
+
+	return &grent;
+}
+
diff --git a/lib/sgetpwent.c b/lib/sgetpwent.c
new file mode 100644
index 0000000..293aabe
--- /dev/null
+++ b/lib/sgetpwent.c
@@ -0,0 +1,122 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include "defines.h"
+#include <stdio.h>
+#include <pwd.h>
+#include "prototypes.h"
+
+#define	NFIELDS	7
+
+/*
+ * sgetpwent - convert a string to a (struct passwd)
+ *
+ * sgetpwent() parses a string into the parts required for a password
+ * structure.  Strict checking is made for the UID and GID fields and
+ * presence of the correct number of colons.  Any failing tests result
+ * in a NULL pointer being returned.
+ *
+ * NOTE: This function uses hard-coded string scanning functions for
+ *	performance reasons.  I am going to come up with some conditional
+ *	compilation glarp to improve on this in the future.
+ */
+struct passwd *sgetpwent (const char *buf)
+{
+	static struct passwd pwent;
+	static char pwdbuf[1024];
+	register int i;
+	register char *cp;
+	char *fields[NFIELDS];
+
+	/*
+	 * Copy the string to a static buffer so the pointers into
+	 * the password structure remain valid.
+	 */
+
+	if (strlen (buf) >= sizeof pwdbuf)
+		return 0;	/* fail if too long */
+	strcpy (pwdbuf, buf);
+
+	/*
+	 * Save a pointer to the start of each colon separated
+	 * field.  The fields are converted into NUL terminated strings.
+	 */
+
+	for (cp = pwdbuf, i = 0; (i < NFIELDS) && (NULL != cp); i++) {
+		fields[i] = cp;
+		while (('\0' != *cp) && (':' != *cp)) {
+			cp++;
+		}
+
+		if ('\0' != *cp) {
+			*cp = '\0';
+			cp++;
+		} else {
+			cp = NULL;
+		}
+	}
+
+	/*
+	 * There must be exactly NFIELDS colon separated fields or
+	 * the entry is invalid.  Also, the UID and GID must be non-blank.
+	 */
+
+	if (i != NFIELDS || *fields[2] == '\0' || *fields[3] == '\0')
+		return NULL;
+
+	/*
+	 * Each of the fields is converted the appropriate data type
+	 * and the result assigned to the password structure.  If the
+	 * UID or GID does not convert to an integer value, a NULL
+	 * pointer is returned.
+	 */
+
+	pwent.pw_name = fields[0];
+	pwent.pw_passwd = fields[1];
+	if (get_uid (fields[2], &pwent.pw_uid) == 0) {
+		return NULL;
+	}
+	if (get_gid (fields[3], &pwent.pw_gid) == 0) {
+		return NULL;
+	}
+	pwent.pw_gecos = fields[4];
+	pwent.pw_dir = fields[5];
+	pwent.pw_shell = fields[6];
+
+	return &pwent;
+}
+
diff --git a/lib/sgetspent.c b/lib/sgetspent.c
new file mode 100644
index 0000000..20531eb
--- /dev/null
+++ b/lib/sgetspent.c
@@ -0,0 +1,208 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2009       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+/* Newer versions of Linux libc already have shadow support.  */
+#ifndef HAVE_SGETSPENT
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <stdio.h>
+#define	FIELDS	9
+#define	OFIELDS	5
+/*
+ * sgetspent - convert string in shadow file format to (struct spwd *)
+ */
+struct spwd *sgetspent (const char *string)
+{
+	static char spwbuf[1024];
+	static struct spwd spwd;
+	char *fields[FIELDS];
+	char *cp;
+	char *cpp;
+	int i;
+
+	/*
+	 * Copy string to local buffer.  It has to be tokenized and we
+	 * have to do that to our private copy.
+	 */
+
+	if (strlen (string) >= sizeof spwbuf) {
+		return 0;	/* fail if too long */
+	}
+	strcpy (spwbuf, string);
+
+	cp = strrchr (spwbuf, '\n');
+	if (NULL != cp) {
+		*cp = '\0';
+	}
+
+	/*
+	 * Tokenize the string into colon separated fields.  Allow up to
+	 * FIELDS different fields.
+	 */
+
+	for (cp = spwbuf, i = 0; ('\0' != *cp) && (i < FIELDS); i++) {
+		fields[i] = cp;
+		while (('\0' != *cp) && (':' != *cp)) {
+			cp++;
+		}
+
+		if ('\0' != *cp) {
+			*cp = '\0';
+			cp++;
+		}
+	}
+
+	if (i == (FIELDS - 1)) {
+		fields[i++] = cp;
+	}
+
+	if ( ((NULL != cp) && ('\0' != *cp)) ||
+	     ((i != FIELDS) && (i != OFIELDS)) ) {
+		return 0;
+	}
+
+	/*
+	 * Start populating the structure.  The fields are all in
+	 * static storage, as is the structure we pass back.
+	 */
+
+	spwd.sp_namp = fields[0];
+	spwd.sp_pwdp = fields[1];
+
+	/*
+	 * Get the last changed date.  For all of the integer fields,
+	 * we check for proper format.  It is an error to have an
+	 * incorrectly formatted number.
+	 */
+
+	if (fields[2][0] == '\0') {
+		spwd.sp_lstchg = -1;
+	} else if (   (getlong (fields[2], &spwd.sp_lstchg) == 0)
+	           || (spwd.sp_lstchg < 0)) {
+		return 0;
+	}
+
+	/*
+	 * Get the minimum period between password changes.
+	 */
+
+	if (fields[3][0] == '\0') {
+		spwd.sp_min = -1;
+	} else if (   (getlong (fields[3], &spwd.sp_min) == 0)
+	           || (spwd.sp_min < 0)) {
+		return 0;
+	}
+
+	/*
+	 * Get the maximum number of days a password is valid.
+	 */
+
+	if (fields[4][0] == '\0') {
+		spwd.sp_max = -1;
+	} else if (   (getlong (fields[4], &spwd.sp_max) == 0)
+	           || (spwd.sp_max < 0)) {
+		return 0;
+	}
+
+	/*
+	 * If there are only OFIELDS fields (this is a SVR3.2 /etc/shadow
+	 * formatted file), initialize the other field members to -1.
+	 */
+
+	if (i == OFIELDS) {
+		spwd.sp_warn   = -1;
+		spwd.sp_inact  = -1;
+		spwd.sp_expire = -1;
+		spwd.sp_flag   = SHADOW_SP_FLAG_UNSET;
+
+		return &spwd;
+	}
+
+	/*
+	 * Get the number of days of password expiry warning.
+	 */
+
+	if (fields[5][0] == '\0') {
+		spwd.sp_warn = -1;
+	} else if (   (getlong (fields[5], &spwd.sp_warn) == 0)
+	           || (spwd.sp_warn < 0)) {
+		return 0;
+	}
+
+	/*
+	 * Get the number of days of inactivity before an account is
+	 * disabled.
+	 */
+
+	if (fields[6][0] == '\0') {
+		spwd.sp_inact = -1;
+	} else if (   (getlong (fields[6], &spwd.sp_inact) == 0)
+	           || (spwd.sp_inact < 0)) {
+		return 0;
+	}
+
+	/*
+	 * Get the number of days after the epoch before the account is
+	 * set to expire.
+	 */
+
+	if (fields[7][0] == '\0') {
+		spwd.sp_expire = -1;
+	} else if (   (getlong (fields[7], &spwd.sp_expire) == 0)
+	           || (spwd.sp_expire < 0)) {
+		return 0;
+	}
+
+	/*
+	 * This field is reserved for future use.  But it isn't supposed
+	 * to have anything other than a valid integer in it.
+	 */
+
+	if (fields[8][0] == '\0') {
+		spwd.sp_flag = SHADOW_SP_FLAG_UNSET;
+	} else if (getlong (fields[8], &spwd.sp_flag) == 0) {
+		/* FIXME: add a getulong function */
+		return 0;
+	}
+
+	return (&spwd);
+}
+#else
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif
+
diff --git a/lib/sgroupio.c b/lib/sgroupio.c
new file mode 100644
index 0000000..5423626
--- /dev/null
+++ b/lib/sgroupio.c
@@ -0,0 +1,328 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001       , Michał Moskal
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2013, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifdef SHADOWGRP
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+#include "commonio.h"
+#include "getdef.h"
+#include "sgroupio.h"
+
+/*@null@*/ /*@only@*/struct sgrp *__sgr_dup (const struct sgrp *sgent)
+{
+	struct sgrp *sg;
+	int i;
+
+	sg = (struct sgrp *) malloc (sizeof *sg);
+	if (NULL == sg) {
+		return NULL;
+	}
+	/* Do the same as the other _dup function, even if we know the
+	 * structure. */
+	memset (sg, 0, sizeof *sg);
+	/*@-mustfreeonly@*/
+	sg->sg_name = strdup (sgent->sg_name);
+	/*@=mustfreeonly@*/
+	if (NULL == sg->sg_name) {
+		free (sg);
+		return NULL;
+	}
+	/*@-mustfreeonly@*/
+	sg->sg_passwd = strdup (sgent->sg_passwd);
+	/*@=mustfreeonly@*/
+	if (NULL == sg->sg_passwd) {
+		free (sg->sg_name);
+		free (sg);
+		return NULL;
+	}
+
+	for (i = 0; NULL != sgent->sg_adm[i]; i++);
+	/*@-mustfreeonly@*/
+	sg->sg_adm = (char **) malloc ((i + 1) * sizeof (char *));
+	/*@=mustfreeonly@*/
+	if (NULL == sg->sg_adm) {
+		free (sg->sg_passwd);
+		free (sg->sg_name);
+		free (sg);
+		return NULL;
+	}
+	for (i = 0; NULL != sgent->sg_adm[i]; i++) {
+		sg->sg_adm[i] = strdup (sgent->sg_adm[i]);
+		if (NULL == sg->sg_adm[i]) {
+			for (i = 0; NULL != sg->sg_adm[i]; i++) {
+				free (sg->sg_adm[i]);
+			}
+			free (sg->sg_adm);
+			free (sg->sg_passwd);
+			free (sg->sg_name);
+			free (sg);
+			return NULL;
+		}
+	}
+	sg->sg_adm[i] = NULL;
+
+	for (i = 0; NULL != sgent->sg_mem[i]; i++);
+	/*@-mustfreeonly@*/
+	sg->sg_mem = (char **) malloc ((i + 1) * sizeof (char *));
+	/*@=mustfreeonly@*/
+	if (NULL == sg->sg_mem) {
+		for (i = 0; NULL != sg->sg_adm[i]; i++) {
+			free (sg->sg_adm[i]);
+		}
+		free (sg->sg_adm);
+		free (sg->sg_passwd);
+		free (sg->sg_name);
+		free (sg);
+		return NULL;
+	}
+	for (i = 0; NULL != sgent->sg_mem[i]; i++) {
+		sg->sg_mem[i] = strdup (sgent->sg_mem[i]);
+		if (NULL == sg->sg_mem[i]) {
+			for (i = 0; NULL != sg->sg_mem[i]; i++) {
+				free (sg->sg_mem[i]);
+			}
+			free (sg->sg_mem);
+			for (i = 0; NULL != sg->sg_adm[i]; i++) {
+				free (sg->sg_adm[i]);
+			}
+			free (sg->sg_adm);
+			free (sg->sg_passwd);
+			free (sg->sg_name);
+			free (sg);
+			return NULL;
+		}
+	}
+	sg->sg_mem[i] = NULL;
+
+	return sg;
+}
+
+static /*@null@*/ /*@only@*/void *gshadow_dup (const void *ent)
+{
+	const struct sgrp *sg = ent;
+
+	return __sgr_dup (sg);
+}
+
+static void gshadow_free (/*@out@*/ /*@only@*/void *ent)
+{
+	struct sgrp *sg = ent;
+
+	sgr_free (sg);
+}
+
+void sgr_free (/*@out@*/ /*@only@*/struct sgrp *sgent)
+{
+	size_t i;
+	free (sgent->sg_name);
+	if (NULL != sgent->sg_passwd) {
+		memzero (sgent->sg_passwd, strlen (sgent->sg_passwd));
+		free (sgent->sg_passwd);
+	}
+	for (i = 0; NULL != sgent->sg_adm[i]; i++) {
+		free (sgent->sg_adm[i]);
+	}
+	free (sgent->sg_adm);
+	for (i = 0; NULL != sgent->sg_mem[i]; i++) {
+		free (sgent->sg_mem[i]);
+	}
+	free (sgent->sg_mem);
+	free (sgent);
+}
+
+static const char *gshadow_getname (const void *ent)
+{
+	const struct sgrp *gr = ent;
+
+	return gr->sg_name;
+}
+
+static void *gshadow_parse (const char *line)
+{
+	return (void *) sgetsgent (line);
+}
+
+static int gshadow_put (const void *ent, FILE * file)
+{
+	const struct sgrp *sg = ent;
+
+	if (   (NULL == sg)
+	    || (valid_field (sg->sg_name, ":\n") == -1)
+	    || (valid_field (sg->sg_passwd, ":\n") == -1)) {
+		return -1;
+	}
+
+	/* FIXME: fail also if sg->sg_adm == NULL ?*/
+	if (NULL != sg->sg_adm) {
+		size_t i;
+		for (i = 0; NULL != sg->sg_adm[i]; i++) {
+			if (valid_field (sg->sg_adm[i], ",:\n") == -1) {
+				return -1;
+			}
+		}
+	}
+
+	/* FIXME: fail also if sg->sg_mem == NULL ?*/
+	if (NULL != sg->sg_mem) {
+		size_t i;
+		for (i = 0; NULL != sg->sg_mem[i]; i++) {
+			if (valid_field (sg->sg_mem[i], ",:\n") == -1) {
+				return -1;
+			}
+		}
+	}
+
+	return (putsgent (sg, file) == -1) ? -1 : 0;
+}
+
+static struct commonio_ops gshadow_ops = {
+	gshadow_dup,
+	gshadow_free,
+	gshadow_getname,
+	gshadow_parse,
+	gshadow_put,
+	fgetsx,
+	fputsx,
+	NULL,			/* open_hook */
+	NULL			/* close_hook */
+};
+
+static struct commonio_db gshadow_db = {
+	SGROUP_FILE,		/* filename */
+	&gshadow_ops,		/* ops */
+	NULL,			/* fp */
+#ifdef WITH_SELINUX
+	NULL,			/* scontext */
+#endif
+	0400,                   /* st_mode */
+	0,                      /* st_uid */
+	0,                      /* st_gid */
+	NULL,			/* head */
+	NULL,			/* tail */
+	NULL,			/* cursor */
+	false,			/* changed */
+	false,			/* isopen */
+	false,			/* locked */
+	false			/* readonly */
+};
+
+int sgr_setdbname (const char *filename)
+{
+	return commonio_setname (&gshadow_db, filename);
+}
+
+/*@observer@*/const char *sgr_dbname (void)
+{
+	return gshadow_db.filename;
+}
+
+bool sgr_file_present (void)
+{
+	if (getdef_bool ("FORCE_SHADOW"))
+		return true;
+	return commonio_present (&gshadow_db);
+}
+
+int sgr_lock (void)
+{
+	return commonio_lock (&gshadow_db);
+}
+
+int sgr_open (int mode)
+{
+	return commonio_open (&gshadow_db, mode);
+}
+
+/*@observer@*/ /*@null@*/const struct sgrp *sgr_locate (const char *name)
+{
+	return commonio_locate (&gshadow_db, name);
+}
+
+int sgr_update (const struct sgrp *sg)
+{
+	return commonio_update (&gshadow_db, (const void *) sg);
+}
+
+int sgr_remove (const char *name)
+{
+	return commonio_remove (&gshadow_db, name);
+}
+
+int sgr_rewind (void)
+{
+	return commonio_rewind (&gshadow_db);
+}
+
+/*@null@*/const struct sgrp *sgr_next (void)
+{
+	return commonio_next (&gshadow_db);
+}
+
+int sgr_close (void)
+{
+	return commonio_close (&gshadow_db);
+}
+
+int sgr_unlock (void)
+{
+	return commonio_unlock (&gshadow_db);
+}
+
+void __sgr_set_changed (void)
+{
+	gshadow_db.changed = true;
+}
+
+/*@dependent@*/ /*@null@*/struct commonio_entry *__sgr_get_head (void)
+{
+	return gshadow_db.head;
+}
+
+void __sgr_del_entry (const struct commonio_entry *ent)
+{
+	commonio_del_entry (&gshadow_db, ent);
+}
+
+/* Sort with respect to group ordering. */
+int sgr_sort ()
+{
+	return commonio_sort_wrt (&gshadow_db, __gr_get_db ());
+}
+#else
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif
diff --git a/lib/sgroupio.h b/lib/sgroupio.h
new file mode 100644
index 0000000..163243a
--- /dev/null
+++ b/lib/sgroupio.h
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001       , Michał Moskal
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id$ */
+#ifndef _SGROUPIO_H
+#define _SGROUPIO_H
+
+extern int sgr_close (void);
+extern bool sgr_file_present (void);
+extern /*@observer@*/ /*@null@*/const struct sgrp *sgr_locate (const char *name);
+extern int sgr_lock (void);
+extern int sgr_setdbname (const char *filename);
+extern /*@observer@*/const char *sgr_dbname (void);
+extern /*@null@*/const struct sgrp *sgr_next (void);
+extern int sgr_open (int mode);
+extern int sgr_remove (const char *name);
+extern int sgr_rewind (void);
+extern int sgr_unlock (void);
+extern int sgr_update (const struct sgrp *sg);
+extern int sgr_sort (void);
+
+#endif
diff --git a/lib/shadow.c b/lib/shadow.c
new file mode 100644
index 0000000..05cb0e4
--- /dev/null
+++ b/lib/shadow.c
@@ -0,0 +1,557 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2009       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+/* Newer versions of Linux libc already have shadow support.  */
+#ifndef HAVE_GETSPNAM
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <stdio.h>
+#ifdef	USE_NIS
+static bool nis_used;
+static bool nis_ignore;
+static enum { native, start, middle, native2 } nis_state;
+static bool nis_bound;
+static char *nis_domain;
+static char *nis_key;
+static int nis_keylen;
+static char *nis_val;
+static int nis_vallen;
+
+#define	IS_NISCHAR(c) ((c)=='+')
+#endif
+
+static FILE *shadow;
+
+#define	FIELDS	9
+#define	OFIELDS	5
+
+#ifdef	USE_NIS
+
+/*
+ * __setspNIS - turn on or off NIS searches
+ */
+
+void __setspNIS (bool flag)
+{
+	nis_ignore = !flag;
+
+	if (nis_ignore) {
+		nis_used = false;
+	}
+}
+
+/*
+ * bind_nis - bind to NIS server
+ */
+
+static int bind_nis (void)
+{
+	if (yp_get_default_domain (&nis_domain)) {
+		return -1;
+	}
+
+	nis_bound = true;
+	return 0;
+}
+#endif
+
+/*
+ * setspent - initialize access to shadow text and DBM files
+ */
+
+void setspent (void)
+{
+	if (NULL != shadow) {
+		rewind (shadow);
+	}else {
+		shadow = fopen (SHADOW_FILE, "r");
+	}
+
+#ifdef	USE_NIS
+	nis_state = native;
+#endif
+}
+
+/*
+ * endspent - terminate access to shadow text and DBM files
+ */
+
+void endspent (void)
+{
+	if (NULL != shadow) {
+		(void) fclose (shadow);
+	}
+
+	shadow = (FILE *) 0;
+}
+
+/*
+ * my_sgetspent - convert string in shadow file format to (struct spwd *)
+ */
+
+static struct spwd *my_sgetspent (const char *string)
+{
+	static char spwbuf[BUFSIZ];
+	static struct spwd spwd;
+	char *fields[FIELDS];
+	char *cp;
+	char *cpp;
+	int i;
+
+	/*
+	 * Copy string to local buffer.  It has to be tokenized and we
+	 * have to do that to our private copy.
+	 */
+
+	if (strlen (string) >= sizeof spwbuf)
+		return 0;
+	strcpy (spwbuf, string);
+
+	cp = strrchr (spwbuf, '\n');
+	if (NULL != cp)
+		*cp = '\0';
+
+	/*
+	 * Tokenize the string into colon separated fields.  Allow up to
+	 * FIELDS different fields.
+	 */
+
+	for (cp = spwbuf, i = 0; *cp && i < FIELDS; i++) {
+		fields[i] = cp;
+		while (*cp && *cp != ':')
+			cp++;
+
+		if (*cp)
+			*cp++ = '\0';
+	}
+
+	if (i == (FIELDS - 1))
+		fields[i++] = cp;
+
+	if ((cp && *cp) || (i != FIELDS && i != OFIELDS))
+		return 0;
+
+	/*
+	 * Start populating the structure.  The fields are all in
+	 * static storage, as is the structure we pass back.  If we
+	 * ever see a name with '+' as the first character, we try
+	 * to turn on NIS processing.
+	 */
+
+	spwd.sp_namp = fields[0];
+#ifdef	USE_NIS
+	if (IS_NISCHAR (fields[0][0])) {
+		nis_used = true;
+	}
+#endif
+	spwd.sp_pwdp = fields[1];
+
+	/*
+	 * Get the last changed date.  For all of the integer fields,
+	 * we check for proper format.  It is an error to have an
+	 * incorrectly formatted number, unless we are using NIS.
+	 */
+
+	if (fields[2][0] == '\0') {
+		spwd.sp_lstchg = -1;
+	} else {
+		if (getlong (fields[2], &spwd.sp_lstchg) == 0) {
+#ifdef	USE_NIS
+			if (nis_used) {
+				spwd.sp_lstchg = -1;
+			} else
+#endif
+				return 0;
+		} else if (spwd.sp_lstchg < 0) {
+			return 0;
+		}
+	}
+
+	/*
+	 * Get the minimum period between password changes.
+	 */
+
+	if (fields[3][0] == '\0') {
+		spwd.sp_min = -1;
+	} else {
+		if (getlong (fields[3], &spwd.sp_min) == 0) {
+#ifdef	USE_NIS
+			if (nis_used) {
+				spwd.sp_min = -1;
+			} else
+#endif
+			{
+				return 0;
+			}
+		} else if (spwd.sp_min < 0) {
+			return 0;
+		}
+	}
+
+	/*
+	 * Get the maximum number of days a password is valid.
+	 */
+
+	if (fields[4][0] == '\0') {
+		spwd.sp_max = -1;
+	} else {
+		if (getlong (fields[4], &spwd.sp_max) == 0) {
+#ifdef	USE_NIS
+			if (nis_used) {
+				spwd.sp_max = -1;
+			} else
+#endif
+				return 0;
+		} else if (spwd.sp_max < 0) {
+			return 0;
+		}
+	}
+
+	/*
+	 * If there are only OFIELDS fields (this is a SVR3.2 /etc/shadow
+	 * formatted file), initialize the other field members to -1.
+	 */
+
+	if (i == OFIELDS) {
+		spwd.sp_warn   = -1;
+		spwd.sp_inact  = -1;
+		spwd.sp_expire = -1;
+		spwd.sp_flag   = SHADOW_SP_FLAG_UNSET;
+
+		return &spwd;
+	}
+
+	/*
+	 * Get the number of days of password expiry warning.
+	 */
+
+	if (fields[5][0] == '\0') {
+		spwd.sp_warn = -1;
+	} else {
+		if (getlong (fields[5], &spwd.sp_warn) == 0) {
+#ifdef	USE_NIS
+			if (nis_used) {
+				spwd.sp_warn = -1;
+			} else
+#endif
+			{
+				return 0;
+			}
+		} else if (spwd.sp_warn < 0) {
+			return 0;
+		}
+	}
+
+	/*
+	 * Get the number of days of inactivity before an account is
+	 * disabled.
+	 */
+
+	if (fields[6][0] == '\0') {
+		spwd.sp_inact = -1;
+	} else {
+		if (getlong (fields[6], &spwd.sp_inact) == 0) {
+#ifdef	USE_NIS
+			if (nis_used) {
+				spwd.sp_inact = -1;
+			} else
+#endif
+			{
+				return 0;
+			}
+		} else if (spwd.sp_inact < 0) {
+			return 0;
+		}
+	}
+
+	/*
+	 * Get the number of days after the epoch before the account is
+	 * set to expire.
+	 */
+
+	if (fields[7][0] == '\0') {
+		spwd.sp_expire = -1;
+	} else {
+		if (getlong (fields[7], &spwd.sp_expire) == 0) {
+#ifdef	USE_NIS
+			if (nis_used) {
+				spwd.sp_expire = -1;
+			} else
+#endif
+			{
+				return 0;
+			}
+		} else if (spwd.sp_expire < 0) {
+			return 0;
+		}
+	}
+
+	/*
+	 * This field is reserved for future use.  But it isn't supposed
+	 * to have anything other than a valid integer in it.
+	 */
+
+	if (fields[8][0] == '\0') {
+		spwd.sp_flag = SHADOW_SP_FLAG_UNSET;
+	} else {
+		if (getlong (fields[8], &spwd.sp_flag) == 0) {
+			/* FIXME: add a getulong function */
+#ifdef	USE_NIS
+			if (nis_used) {
+				spwd.sp_flag = SHADOW_SP_FLAG_UNSET;
+			} else
+#endif
+			{
+				return 0;
+			}
+		} else if (spwd.sp_flag < 0) {
+			return 0;
+		}
+	}
+
+	return (&spwd);
+}
+
+/*
+ * fgetspent - get an entry from a /etc/shadow formatted stream
+ */
+
+struct spwd *fgetspent (FILE * fp)
+{
+	char buf[BUFSIZ];
+	char *cp;
+
+	if (NULL == fp) {
+		return (0);
+	}
+
+#ifdef	USE_NIS
+	while (fgets (buf, (int) sizeof buf, fp) != (char *) 0)
+#else
+	if (fgets (buf, (int) sizeof buf, fp) != (char *) 0)
+#endif
+	{
+		cp = strchr (buf, '\n');
+		if (NULL != cp) {
+			*cp = '\0';
+		}
+#ifdef	USE_NIS
+		if (nis_ignore && IS_NISCHAR (buf[0])) {
+			continue;
+		}
+#endif
+		return my_sgetspent (buf);
+	}
+	return 0;
+}
+
+/*
+ * getspent - get a (struct spwd *) from the current shadow file
+ */
+
+struct spwd *getspent (void)
+{
+#ifdef	USE_NIS
+	int nis_1_user = 0;
+	struct spwd *val;
+	char buf[BUFSIZ];
+#endif
+	if (NULL == shadow) {
+		setspent ();
+	}
+
+#ifdef	USE_NIS
+      again:
+	/*
+	 * See if we are reading from the local file.
+	 */
+
+	if (nis_state == native || nis_state == native2) {
+
+		/*
+		 * Get the next entry from the shadow file.  Return NULL
+		 * right away if there is none.
+		 */
+
+		val = fgetspent (shadow);
+		if (NULL == val)
+			return 0;
+
+		/*
+		 * If this entry began with a NIS escape character, we have
+		 * to see if this is just a single user, or if the entire
+		 * map is being asked for.
+		 */
+
+		if (IS_NISCHAR (val->sp_namp[0])) {
+			if (val->sp_namp[1])
+				nis_1_user = 1;
+			else
+				nis_state = start;
+		}
+
+		/*
+		 * If this isn't a NIS user and this isn't an escape to go
+		 * use a NIS map, it must be a regular local user.
+		 */
+
+		if (nis_1_user == 0 && nis_state != start)
+			return val;
+
+		/*
+		 * If this is an escape to use an NIS map, switch over to
+		 * that bunch of code.
+		 */
+
+		if (nis_state == start)
+			goto again;
+
+		/*
+		 * NEEDSWORK.  Here we substitute pieces-parts of this entry.
+		 */
+
+		return 0;
+	} else {
+		if (!nis_bound) {
+			if (bind_nis ()) {
+				nis_state = native2;
+				goto again;
+			}
+		}
+		if (nis_state == start) {
+			if (yp_first (nis_domain, "shadow.bynam", &nis_key,
+			              &nis_keylen, &nis_val, &nis_vallen)) {
+				nis_state = native2;
+				goto again;
+			}
+			nis_state = middle;
+		} else if (nis_state == middle) {
+			if (yp_next (nis_domain, "shadow.bynam", nis_key,
+			             nis_keylen, &nis_key, &nis_keylen,
+			             &nis_val, &nis_vallen)) {
+				nis_state = native2;
+				goto again;
+			}
+		}
+		return my_sgetspent (nis_val);
+	}
+#else
+	return (fgetspent (shadow));
+#endif
+}
+
+/*
+ * getspnam - get a shadow entry by name
+ */
+
+struct spwd *getspnam (const char *name)
+{
+	struct spwd *sp;
+
+#ifdef	USE_NIS
+	char buf[BUFSIZ];
+	static char save_name[16];
+	bool nis_disabled = false;
+#endif
+
+	setspent ();
+
+#ifdef	USE_NIS
+	/*
+	 * Search the shadow.byname map for this user.
+	 */
+
+	if (!nis_ignore && !nis_bound) {
+		bind_nis ();
+	}
+
+	if (!nis_ignore && nis_bound) {
+		char *cp;
+
+		if (yp_match (nis_domain, "shadow.byname", name,
+		              strlen (name), &nis_val, &nis_vallen) == 0) {
+
+			cp = strchr (nis_val, '\n');
+			if (NULL != cp) {
+				*cp = '\0';
+			}
+
+			nis_state = middle;
+			sp = my_sgetspent (nis_val);
+			if (NULL != sp) {
+				strcpy (save_name, sp->sp_namp);
+				nis_key = save_name;
+				nis_keylen = strlen (save_name);
+			}
+			endspent ();
+			return sp;
+		} else {
+			nis_state = native2;
+		}
+	}
+#endif
+#ifdef	USE_NIS
+	/*
+	 * NEEDSWORK -- this is a mess, and it is the same mess in the
+	 * other three files.  I can't just blindly turn off NIS because
+	 * this might be the first pass through the local files.  In
+	 * that case, I never discover that NIS is present.
+	 */
+
+	if (nis_used) {
+		nis_ignore = true;
+		nis_disabled = true;
+	}
+#endif
+	while ((sp = getspent ()) != (struct spwd *) 0) {
+		if (strcmp (name, sp->sp_namp) == 0) {
+			break;
+		}
+	}
+#ifdef	USE_NIS
+	if (nis_disabled) {
+		nis_ignore = false;
+	}
+#endif
+	endspent ();
+	return (sp);
+}
+#else
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif
+
diff --git a/lib/shadowio.c b/lib/shadowio.c
new file mode 100644
index 0000000..5fa3d31
--- /dev/null
+++ b/lib/shadowio.c
@@ -0,0 +1,267 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001       , Michał Moskal
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+#include <shadow.h>
+#include <stdio.h>
+#include "commonio.h"
+#include "getdef.h"
+#include "shadowio.h"
+#ifdef WITH_TCB
+#include <tcb.h>
+#include "tcbfuncs.h"
+#endif				/* WITH_TCB */
+
+static /*@null@*/ /*@only@*/void *shadow_dup (const void *ent)
+{
+	const struct spwd *sp = ent;
+
+	return __spw_dup (sp);
+}
+
+static void shadow_free (/*@out@*//*@only@*/void *ent)
+{
+	struct spwd *sp = ent;
+
+	spw_free (sp);
+}
+
+static const char *shadow_getname (const void *ent)
+{
+	const struct spwd *sp = ent;
+
+	return sp->sp_namp;
+}
+
+static void *shadow_parse (const char *line)
+{
+	return (void *) sgetspent (line);
+}
+
+static int shadow_put (const void *ent, FILE * file)
+{
+	const struct spwd *sp = ent;
+
+	if (   (NULL == sp)
+	    || (valid_field (sp->sp_namp, ":\n") == -1)
+	    || (valid_field (sp->sp_pwdp, ":\n") == -1)) {
+		return -1;
+	}
+
+	return (putspent (sp, file) == -1) ? -1 : 0;
+}
+
+static struct commonio_ops shadow_ops = {
+	shadow_dup,
+	shadow_free,
+	shadow_getname,
+	shadow_parse,
+	shadow_put,
+	fgets,
+	fputs,
+	NULL,			/* open_hook */
+	NULL			/* close_hook */
+};
+
+static struct commonio_db shadow_db = {
+	SHADOW_FILE,		/* filename */
+	&shadow_ops,		/* ops */
+	NULL,			/* fp */
+#ifdef WITH_SELINUX
+	NULL,			/* scontext */
+#endif				/* WITH_SELINUX */
+	0400,                   /* st_mode */
+	0,                      /* st_uid */
+	0,                      /* st_gid */
+	NULL,			/* head */
+	NULL,			/* tail */
+	NULL,			/* cursor */
+	false,			/* changed */
+	false,			/* isopen */
+	false,			/* locked */
+	false			/* readonly */
+};
+
+int spw_setdbname (const char *filename)
+{
+	return commonio_setname (&shadow_db, filename);
+}
+
+/*@observer@*/const char *spw_dbname (void)
+{
+	return shadow_db.filename;
+}
+
+bool spw_file_present (void)
+{
+	if (getdef_bool ("FORCE_SHADOW"))
+		return true;
+	return commonio_present (&shadow_db);
+}
+
+int spw_lock (void)
+{
+#ifdef WITH_TCB
+	int retval = 0;
+
+	if (!getdef_bool ("USE_TCB")) {
+#endif				/* WITH_TCB */
+		return commonio_lock (&shadow_db);
+#ifdef WITH_TCB
+	}
+	if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) {
+		return 0;
+	}
+	if (lckpwdf_tcb (shadow_db.filename) == 0) {
+		shadow_db.locked = 1;
+		retval = 1;
+	}
+	if (shadowtcb_gain_priv () == SHADOWTCB_FAILURE) {
+		return 0;
+	}
+	return retval;
+#endif				/* WITH_TCB */
+}
+
+int spw_open (int mode)
+{
+	int retval = 0;
+#ifdef WITH_TCB
+	bool use_tcb = getdef_bool ("USE_TCB");
+
+	if (use_tcb && (shadowtcb_drop_priv () == SHADOWTCB_FAILURE)) {
+		return 0;
+	}
+#endif				/* WITH_TCB */
+	retval = commonio_open (&shadow_db, mode);
+#ifdef WITH_TCB
+	if (use_tcb && (shadowtcb_gain_priv () == SHADOWTCB_FAILURE)) {
+		return 0;
+	}
+#endif				/* WITH_TCB */
+	return retval;
+}
+
+/*@observer@*/ /*@null@*/const struct spwd *spw_locate (const char *name)
+{
+	return commonio_locate (&shadow_db, name);
+}
+
+int spw_update (const struct spwd *sp)
+{
+	return commonio_update (&shadow_db, (const void *) sp);
+}
+
+int spw_remove (const char *name)
+{
+	return commonio_remove (&shadow_db, name);
+}
+
+int spw_rewind (void)
+{
+	return commonio_rewind (&shadow_db);
+}
+
+/*@observer@*/ /*@null@*/const struct spwd *spw_next (void)
+{
+	return commonio_next (&shadow_db);
+}
+
+int spw_close (void)
+{
+	int retval = 0;
+#ifdef WITH_TCB
+	bool use_tcb = getdef_bool ("USE_TCB");
+
+	if (use_tcb && (shadowtcb_drop_priv () == SHADOWTCB_FAILURE)) {
+		return 0;
+	}
+#endif				/* WITH_TCB */
+	retval = commonio_close (&shadow_db);
+#ifdef WITH_TCB
+	if (use_tcb && (shadowtcb_gain_priv () == SHADOWTCB_FAILURE)) {
+		return 0;
+	}
+#endif				/* WITH_TCB */
+	return retval;
+}
+
+int spw_unlock (void)
+{
+#ifdef WITH_TCB
+	int retval = 0;
+
+	if (!getdef_bool ("USE_TCB")) {
+#endif				/* WITH_TCB */
+		return commonio_unlock (&shadow_db);
+#ifdef WITH_TCB
+	}
+	if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) {
+		return 0;
+	}
+	if (ulckpwdf_tcb () == 0) {
+		shadow_db.locked = 0;
+		retval = 1;
+	}
+	if (shadowtcb_gain_priv () == SHADOWTCB_FAILURE) {
+		return 0;
+	}
+	return retval;
+#endif				/* WITH_TCB */
+}
+
+struct commonio_entry *__spw_get_head (void)
+{
+	return shadow_db.head;
+}
+
+void __spw_del_entry (const struct commonio_entry *ent)
+{
+	commonio_del_entry (&shadow_db, ent);
+}
+
+/* Sort with respect to passwd ordering. */
+int spw_sort ()
+{
+#ifdef WITH_TCB
+	if (getdef_bool ("USE_TCB")) {
+		return 0;
+	}
+#endif				/* WITH_TCB */
+	return commonio_sort_wrt (&shadow_db, __pw_get_db ());
+}
diff --git a/lib/shadowio.h b/lib/shadowio.h
new file mode 100644
index 0000000..5384b1d
--- /dev/null
+++ b/lib/shadowio.h
@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id$ */
+#ifndef SHADOWIO_H
+#define SHADOWIO_H
+
+#include "defines.h"
+
+extern int spw_close (void);
+extern bool spw_file_present (void);
+extern /*@observer@*/ /*@null@*/const struct spwd *spw_locate (const char *name);
+extern int spw_lock (void);
+extern int spw_setdbname (const char *filename);
+extern /*@observer@*/const char *spw_dbname (void);
+extern /*@observer@*/ /*@null@*/const struct spwd *spw_next (void);
+extern int spw_open (int mode);
+extern int spw_remove (const char *name);
+extern int spw_rewind (void);
+extern int spw_unlock (void);
+extern int spw_update (const struct spwd *sp);
+extern int spw_sort (void);
+
+#endif
diff --git a/lib/shadowmem.c b/lib/shadowmem.c
new file mode 100644
index 0000000..8989598
--- /dev/null
+++ b/lib/shadowmem.c
@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001       , Michał Moskal
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2013, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+#include <shadow.h>
+#include <stdio.h>
+#include "shadowio.h"
+
+/*@null@*/ /*@only@*/struct spwd *__spw_dup (const struct spwd *spent)
+{
+	struct spwd *sp;
+
+	sp = (struct spwd *) malloc (sizeof *sp);
+	if (NULL == sp) {
+		return NULL;
+	}
+	/* The libc might define other fields. They won't be copied. */
+	memset (sp, 0, sizeof *sp);
+	sp->sp_lstchg = spent->sp_lstchg;
+	sp->sp_min    = spent->sp_min;
+	sp->sp_max    = spent->sp_max;
+	sp->sp_warn   = spent->sp_warn;
+	sp->sp_inact  = spent->sp_inact;
+	sp->sp_expire = spent->sp_expire;
+	sp->sp_flag   = spent->sp_flag;
+	/*@-mustfreeonly@*/
+	sp->sp_namp   = strdup (spent->sp_namp);
+	/*@=mustfreeonly@*/
+	if (NULL == sp->sp_namp) {
+		free(sp);
+		return NULL;
+	}
+	/*@-mustfreeonly@*/
+	sp->sp_pwdp = strdup (spent->sp_pwdp);
+	/*@=mustfreeonly@*/
+	if (NULL == sp->sp_pwdp) {
+		free(sp->sp_namp);
+		free(sp);
+		return NULL;
+	}
+
+	return sp;
+}
+
+void spw_free (/*@out@*/ /*@only@*/struct spwd *spent)
+{
+	free (spent->sp_namp);
+	if (NULL != spent->sp_pwdp) {
+		memzero (spent->sp_pwdp, strlen (spent->sp_pwdp));
+		free (spent->sp_pwdp);
+	}
+	free (spent);
+}
+
diff --git a/lib/spawn.c b/lib/spawn.c
new file mode 100644
index 0000000..da98401
--- /dev/null
+++ b/lib/spawn.c
@@ -0,0 +1,82 @@
+/*
+ * Copyright (c) 2011       , Jonathan Nieder
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <unistd.h>
+#include <errno.h>
+#include <string.h>
+#include "exitcodes.h"
+#include "prototypes.h"
+
+int run_command (const char *cmd, const char *argv[],
+                 /*@null@*/const char *envp[], /*@out@*/int *status)
+{
+	pid_t pid, wpid;
+
+	if (NULL == envp) {
+		envp = (const char **)environ;
+	}
+
+	(void) fflush (stdout);
+	(void) fflush (stderr);
+
+	pid = fork ();
+	if (0 == pid) {
+		(void) execve (cmd, (char * const *) argv,
+		               (char * const *) envp);
+		if (ENOENT == errno) {
+			exit (E_CMD_NOTFOUND);
+		}
+		fprintf (stderr, "%s: cannot execute %s: %s\n",
+		         Prog, cmd, strerror (errno));
+		exit (E_CMD_NOEXEC);
+	} else if ((pid_t)-1 == pid) {
+		fprintf (stderr, "%s: cannot execute %s: %s\n",
+		         Prog, cmd, strerror (errno));
+		return -1;
+	}
+
+	do {
+		wpid = waitpid (pid, status, 0);
+	} while (   ((pid_t)-1 == wpid && errno == EINTR)
+	         || (wpid != pid));
+
+	if ((pid_t)-1 == wpid) {
+		fprintf (stderr, "%s: waitpid (status: %d): %s\n",
+		         Prog, *status, strerror (errno));
+		return -1;
+	}
+
+	return 0;
+}
+
diff --git a/lib/subordinateio.c b/lib/subordinateio.c
new file mode 100644
index 0000000..0d64a91
--- /dev/null
+++ b/lib/subordinateio.c
@@ -0,0 +1,701 @@
+/*
+ * Copyright (c) 2012 - Eric Biederman
+ */
+
+#include <config.h>
+
+#ifdef ENABLE_SUBIDS
+
+#include "prototypes.h"
+#include "defines.h"
+#include <stdio.h>
+#include "commonio.h"
+#include "subordinateio.h"
+#include <sys/types.h>
+#include <pwd.h>
+
+struct subordinate_range {
+	const char *owner;
+	unsigned long start;
+	unsigned long count;
+};
+
+#define NFIELDS 3
+
+/*
+ * subordinate_dup: create a duplicate range
+ *
+ * @ent: a pointer to a subordinate_range struct
+ *
+ * Returns a pointer to a newly allocated duplicate subordinate_range struct
+ * or NULL on failure
+ */
+static /*@null@*/ /*@only@*/void *subordinate_dup (const void *ent)
+{
+	const struct subordinate_range *rangeent = ent;
+	struct subordinate_range *range;
+
+	range = (struct subordinate_range *) malloc (sizeof *range);
+	if (NULL == range) {
+		return NULL;
+	}
+	range->owner = strdup (rangeent->owner);
+	if (NULL == range->owner) {
+		free(range);
+		return NULL;
+	}
+	range->start = rangeent->start;
+	range->count = rangeent->count;
+
+	return range;
+}
+
+/*
+ * subordinate_free: free a subordinate_range struct
+ *
+ * @ent: pointer to a subordinate_range struct to free.
+ */
+static void subordinate_free (/*@out@*/ /*@only@*/void *ent)
+{
+	struct subordinate_range *rangeent = ent;
+	
+	free ((void *)(rangeent->owner));
+	free (rangeent);
+}
+
+/*
+ * subordinate_parse:
+ *
+ * @line: a line to parse
+ *
+ * Returns a pointer to a subordinate_range struct representing the values
+ * in @line, or NULL on failure.  Note that the returned value should not
+ * be freed by the caller.
+ */
+static void *subordinate_parse (const char *line)
+{
+	static struct subordinate_range range;
+	static char rangebuf[1024];
+	int i;
+	char *cp;
+	char *fields[NFIELDS];
+
+	/*
+	 * Copy the string to a temporary buffer so the substrings can
+	 * be modified to be NULL terminated.
+	 */
+	if (strlen (line) >= sizeof rangebuf)
+		return NULL;	/* fail if too long */
+	strcpy (rangebuf, line);
+
+	/*
+	 * Save a pointer to the start of each colon separated
+	 * field.  The fields are converted into NUL terminated strings.
+	 */
+
+	for (cp = rangebuf, i = 0; (i < NFIELDS) && (NULL != cp); i++) {
+		fields[i] = cp;
+		while (('\0' != *cp) && (':' != *cp)) {
+			cp++;
+		}
+
+		if ('\0' != *cp) {
+			*cp = '\0';
+			cp++;
+		} else {
+			cp = NULL;
+		}
+	}
+
+	/*
+	 * There must be exactly NFIELDS colon separated fields or
+	 * the entry is invalid.  Also, fields must be non-blank.
+	 */
+	if (i != NFIELDS || *fields[0] == '\0' || *fields[1] == '\0' || *fields[2] == '\0')
+		return NULL;
+	range.owner = fields[0];
+	if (getulong (fields[1], &range.start) == 0)
+		return NULL;
+	if (getulong (fields[2], &range.count) == 0)
+		return NULL;
+
+	return &range;
+}
+
+/*
+ * subordinate_put: print a subordinate_range value to a file
+ *
+ * @ent: a pointer to a subordinate_range struct to print out.
+ * @file: file to which to print.
+ *
+ * Returns 0 on success, -1 on error.
+ */
+static int subordinate_put (const void *ent, FILE * file)
+{
+	const struct subordinate_range *range = ent;
+
+	return fprintf(file, "%s:%lu:%lu\n",
+			       range->owner,
+			       range->start,
+			       range->count) < 0 ? -1  : 0;
+}
+
+static struct commonio_ops subordinate_ops = {
+	subordinate_dup,	/* dup */
+	subordinate_free,	/* free */
+	NULL,			/* getname */
+	subordinate_parse,	/* parse */
+	subordinate_put,	/* put */
+	fgets,			/* fgets */
+	fputs,			/* fputs */
+	NULL,			/* open_hook */
+	NULL,			/* close_hook */
+};
+
+static /*@observer@*/ /*@null*/const struct subordinate_range *subordinate_next(struct commonio_db *db)
+{
+	return (const struct subordinate_range *)commonio_next (db);
+}
+
+/*
+ * range_exists: Check whether @owner owns any ranges
+ *
+ * @db: database to query
+ * @owner: owner being queried
+ *
+ * Returns true if @owner owns any subuid ranges, false otherwise.
+ */
+static const bool range_exists(struct commonio_db *db, const char *owner)
+{
+	const struct subordinate_range *range;
+	commonio_rewind(db);
+	while ((range = commonio_next(db)) != NULL) {
+		if (0 == strcmp(range->owner, owner))
+			return true;
+	}
+	return false;
+}
+
+/*
+ * find_range: find a range which @owner is authorized to use which includes
+ *             subuid @val.
+ *
+ * @db: database to query
+ * @owner: owning uid being queuried
+ * @val: subuid being searched for.
+ *
+ * Returns a range of subuids belonging to @owner and including the subuid
+ * @val, or NULL if no such range exists.
+ */
+static const struct subordinate_range *find_range(struct commonio_db *db,
+						  const char *owner, unsigned long val)
+{
+	const struct subordinate_range *range;
+
+	/*
+	 * Search for exact username/group specification
+	 *
+	 * This is the original method - go fast through the db, doing only
+	 * exact username/group string comparison. Therefore we leave it as-is
+	 * for the time being, in order to keep it equally fast as it was
+	 * before.
+	 */
+	commonio_rewind(db);
+	while ((range = commonio_next(db)) != NULL) {
+		unsigned long first = range->start;
+		unsigned long last = first + range->count - 1;
+
+		if (0 != strcmp(range->owner, owner))
+			continue;
+
+		if ((val >= first) && (val <= last))
+			return range;
+	}
+
+
+        /*
+         * We only do special handling for these two files
+         */
+        if ((0 != strcmp(db->filename, "/etc/subuid")) && (0 != strcmp(db->filename, "/etc/subgid")))
+                return NULL;
+
+        /*
+         * Search loop above did not produce any result. Let's rerun it,
+         * but this time try to matcha actual UIDs. The first entry that
+         * matches is considered a success.
+         * (It may be specified as literal UID or as another username which
+         * has the same UID as the username we are looking for.)
+         */
+        struct passwd *pwd;
+        uid_t          owner_uid;
+        char           owner_uid_string[33] = "";
+
+
+        /* Get UID of the username we are looking for */
+        pwd = getpwnam(owner);
+        if (NULL == pwd) {
+                /* Username not defined in /etc/passwd, or error occured during lookup */
+                return NULL;
+        }
+        owner_uid = pwd->pw_uid;
+        sprintf(owner_uid_string, "%lu", (unsigned long int)owner_uid);
+
+        commonio_rewind(db);
+        while ((range = commonio_next(db)) != NULL) {
+                unsigned long first = range->start;
+                unsigned long last = first + range->count - 1;
+
+                /* For performance reasons check range before using getpwnam() */
+                if ((val < first) || (val > last)) {
+                        continue;
+                }
+
+                /*
+                 * Range matches. Check if range owner is specified
+                 * as numeric UID and if it matches.
+                 */
+                if (0 == strcmp(range->owner, owner_uid_string)) {
+                        return range;
+                }
+
+                /*
+                 * Ok, this range owner is not specified as numeric UID
+                 * we are looking for. It may be specified as another
+                 * UID or as a literal username.
+                 *
+                 * If specified as another UID, the call to getpwnam()
+                 * will return NULL.
+                 *
+                 * If specified as literal username, we will get its
+                 * UID and compare that to UID we are looking for.
+                 */
+                const struct passwd *range_owner_pwd;
+
+                range_owner_pwd = getpwnam(range->owner);
+                if (NULL == range_owner_pwd) {
+                        continue;
+                }
+
+                if (owner_uid == range_owner_pwd->pw_uid) {
+                        return range;
+                }
+        }
+
+	return NULL;
+}
+
+/*
+ * have_range: check whether @owner is authorized to use the range
+ *             (@start .. @start+@count-1).
+ * @db: database to check
+ * @owner: owning uid being queried
+ * @start: start of range
+ * @count: number of uids in range
+ *
+ * Returns true if @owner is authorized to use the range, false otherwise.
+ */
+static bool have_range(struct commonio_db *db,
+		       const char *owner, unsigned long start, unsigned long count)
+{
+	const struct subordinate_range *range;
+	unsigned long end;
+
+	if (count == 0)
+		return false;
+
+	end = start + count - 1;
+	range = find_range (db, owner, start);
+	while (range) {
+		unsigned long last; 
+
+		last = range->start + range->count - 1;
+		if (last >= (start + count - 1))
+			return true;
+
+		count = end - last;
+		start = last + 1;
+		range = find_range(db, owner, start);
+	}
+	return false;
+}
+
+/*
+ * subordinate_range_cmp: compare uid ranges
+ *
+ * @p1: pointer to a commonio_entry struct to compare
+ * @p2: pointer to second commonio_entry struct to compare
+ *
+ * Returns 0 if the entries are the same.  Otherwise return -1
+ * if the range in p1 is lower than that in p2, or (if the ranges are
+ * equal) if the owning uid in p1 is lower than p2's.  Return 1 if p1's
+ * range or owning uid is great than p2's.
+ */
+static int subordinate_range_cmp (const void *p1, const void *p2)
+{
+	struct subordinate_range *range1, *range2;
+
+	if ((*(struct commonio_entry **) p1)->eptr == NULL)
+		return 1;
+	if ((*(struct commonio_entry **) p2)->eptr == NULL)
+		return -1;
+
+	range1 = ((struct subordinate_range *) (*(struct commonio_entry **) p1)->eptr);
+	range2 = ((struct subordinate_range *) (*(struct commonio_entry **) p2)->eptr);
+
+	if (range1->start < range2->start)
+		return -1;
+	else if (range1->start > range2->start)
+		return 1;
+	else if (range1->count < range2->count)
+		return -1;
+	else if (range1->count > range2->count)
+		return 1;
+	else
+		return strcmp(range1->owner, range2->owner);
+}
+
+/*
+ * find_free_range: find an unused consecutive sequence of ids to allocate
+ *                  to a user.
+ * @db: database to search
+ * @min: the first uid in the range to find
+ * @max: the highest uid to find
+ * @count: the number of uids needed
+ *
+ * Return the lowest new uid, or ULONG_MAX on failure.
+ */
+static unsigned long find_free_range(struct commonio_db *db,
+				     unsigned long min, unsigned long max,
+				     unsigned long count)
+{
+	const struct subordinate_range *range;
+	unsigned long low, high;
+
+	/* When given invalid parameters fail */
+	if ((count == 0) || (max < min))
+		goto fail;
+
+	/* Sort by range then by owner */
+	commonio_sort (db, subordinate_range_cmp);
+	commonio_rewind(db);
+
+	low = min;
+	while ((range = commonio_next(db)) != NULL) {
+		unsigned long first = range->start;
+		unsigned long last = first + range->count - 1;
+
+		/* Find the top end of the hole before this range */
+		high = first;
+
+		/* Don't allocate IDs after max (included) */
+		if (high > max + 1) {
+			high = max + 1;
+		}
+
+		/* Is the hole before this range large enough? */
+		if ((high > low) && ((high - low) >= count))
+			return low;
+
+		/* Compute the low end of the next hole */
+		if (low < (last + 1))
+			low = last + 1;
+		if (low > max)
+			goto fail;
+	}
+
+	/* Is the remaining unclaimed area large enough? */
+	if (((max - low) + 1) >= count)
+		return low;
+fail:
+	return ULONG_MAX;
+}
+
+/*
+ * add_range: add a subuid range to an owning uid's list of authorized
+ *            subuids.
+ * @db: database to which to add
+ * @owner: uid which owns the subuid
+ * @start: the first uid in the owned range
+ * @count: the number of uids in the range
+ *
+ * Return 1 if the range is already present or on succcess.  On error
+ * return 0 and set errno appropriately.
+ */
+static int add_range(struct commonio_db *db,
+	const char *owner, unsigned long start, unsigned long count)
+{
+	struct subordinate_range range;
+	range.owner = owner;
+	range.start = start;
+	range.count = count;
+
+	/* See if the range is already present */
+	if (have_range(db, owner, start, count))
+		return 1;
+
+	/* Otherwise append the range */
+	return commonio_append(db, &range);
+}
+
+/*
+ * remove_range:  remove a range of subuids from an owning uid's list
+ *                of authorized subuids.
+ * @db: database to work on
+ * @owner: owning uid whose range is being removed
+ * @start: start of the range to be removed
+ * @count: number of uids in the range.
+ *
+ * Returns 0 on failure, 1 on success.  Failure means that we needed to
+ * create a new range to represent the new limits, and failed doing so.
+ */
+static int remove_range (struct commonio_db *db,
+                         const char *owner,
+                         unsigned long start, unsigned long count)
+{
+	struct commonio_entry *ent;
+	unsigned long end;
+
+	if (count == 0) {
+		return 1;
+	}
+
+	end = start + count - 1;
+	for (ent = db->head; NULL != ent; ent = ent->next) {
+		struct subordinate_range *range = ent->eptr;
+		unsigned long first;
+		unsigned long last;
+
+		/* Skip unparsed entries */
+		if (NULL == range) {
+			continue;
+		}
+
+		first = range->start;
+		last = first + range->count - 1;
+
+		/* Skip entries with a different owner */
+		if (0 != strcmp (range->owner, owner)) {
+			continue;
+		}
+
+		/* Skip entries outside of the range to remove */
+		if ((end < first) || (start > last)) {
+			continue;
+		}
+
+		if (start <= first) {
+			if (end >= last) {
+				/* to be removed: [start,      end]
+				 * range:           [first, last] */
+				/* entry completely contained in the
+				 * range to remove */
+				commonio_del_entry (db, ent);
+			} else {
+				/* to be removed: [start,  end]
+				 * range:           [first, last] */
+				/* Remove only the start of the entry */
+				range->start = end + 1;
+				range->count = (last - range->start) + 1;
+
+				ent->changed = true;
+				db->changed = true;
+			}
+		} else {
+			if (end >= last) {
+				/* to be removed:   [start,  end]
+				 * range:         [first, last] */
+				/* Remove only the end of the entry */
+				range->count = start - range->start;
+
+				ent->changed = true;
+				db->changed = true;
+			} else {
+				/* to be removed:   [start, end]
+				 * range:         [first,    last] */
+				/* Remove the middle of the range
+				 * This requires to create a new range */
+				struct subordinate_range tail;
+				tail.owner = range->owner;
+				tail.start = end + 1;
+				tail.count = (last - tail.start) + 1;
+
+				if (commonio_append (db, &tail) == 0) {
+					return 0;
+				}
+
+				range->count = start - range->start;
+
+				ent->changed = true;
+				db->changed = true;
+			}
+		}
+	}
+
+	return 1;
+}
+
+static struct commonio_db subordinate_uid_db = {
+	"/etc/subuid",		/* filename */
+	&subordinate_ops,	/* ops */
+	NULL,			/* fp */
+#ifdef WITH_SELINUX
+	NULL,			/* scontext */
+#endif
+	0644,                   /* st_mode */
+	0,                      /* st_uid */
+	0,                      /* st_gid */
+	NULL,			/* head */
+	NULL,			/* tail */
+	NULL,			/* cursor */
+	false,			/* changed */
+	false,			/* isopen */
+	false,			/* locked */
+	false			/* readonly */
+};
+
+int sub_uid_setdbname (const char *filename)
+{
+	return commonio_setname (&subordinate_uid_db, filename);
+}
+
+/*@observer@*/const char *sub_uid_dbname (void)
+{
+	return subordinate_uid_db.filename;
+}
+
+bool sub_uid_file_present (void)
+{
+	return commonio_present (&subordinate_uid_db);
+}
+
+int sub_uid_lock (void)
+{
+	return commonio_lock (&subordinate_uid_db);
+}
+
+int sub_uid_open (int mode)
+{
+	return commonio_open (&subordinate_uid_db, mode);
+}
+
+bool sub_uid_assigned(const char *owner)
+{
+	return range_exists (&subordinate_uid_db, owner);
+}
+
+bool have_sub_uids(const char *owner, uid_t start, unsigned long count)
+{
+	return have_range (&subordinate_uid_db, owner, start, count);
+}
+
+int sub_uid_add (const char *owner, uid_t start, unsigned long count)
+{
+	return add_range (&subordinate_uid_db, owner, start, count);
+}
+
+int sub_uid_remove (const char *owner, uid_t start, unsigned long count)
+{
+	return remove_range (&subordinate_uid_db, owner, start, count);
+}
+
+int sub_uid_close (void)
+{
+	return commonio_close (&subordinate_uid_db);
+}
+
+int sub_uid_unlock (void)
+{
+	return commonio_unlock (&subordinate_uid_db);
+}
+
+uid_t sub_uid_find_free_range(uid_t min, uid_t max, unsigned long count)
+{
+	unsigned long start;
+	start = find_free_range (&subordinate_uid_db, min, max, count);
+	return start == ULONG_MAX ? (uid_t) -1 : start;
+}
+
+static struct commonio_db subordinate_gid_db = {
+	"/etc/subgid",		/* filename */
+	&subordinate_ops,	/* ops */
+	NULL,			/* fp */
+#ifdef WITH_SELINUX
+	NULL,			/* scontext */
+#endif
+	0644,                   /* st_mode */
+	0,                      /* st_uid */
+	0,                      /* st_gid */
+	NULL,			/* head */
+	NULL,			/* tail */
+	NULL,			/* cursor */
+	false,			/* changed */
+	false,			/* isopen */
+	false,			/* locked */
+	false			/* readonly */
+};
+
+int sub_gid_setdbname (const char *filename)
+{
+	return commonio_setname (&subordinate_gid_db, filename);
+}
+
+/*@observer@*/const char *sub_gid_dbname (void)
+{
+	return subordinate_gid_db.filename;
+}
+
+bool sub_gid_file_present (void)
+{
+	return commonio_present (&subordinate_gid_db);
+}
+
+int sub_gid_lock (void)
+{
+	return commonio_lock (&subordinate_gid_db);
+}
+
+int sub_gid_open (int mode)
+{
+	return commonio_open (&subordinate_gid_db, mode);
+}
+
+bool have_sub_gids(const char *owner, gid_t start, unsigned long count)
+{
+	return have_range(&subordinate_gid_db, owner, start, count);
+}
+
+bool sub_gid_assigned(const char *owner)
+{
+	return range_exists (&subordinate_gid_db, owner);
+}
+
+int sub_gid_add (const char *owner, gid_t start, unsigned long count)
+{
+	return add_range (&subordinate_gid_db, owner, start, count);
+}
+
+int sub_gid_remove (const char *owner, gid_t start, unsigned long count)
+{
+	return remove_range (&subordinate_gid_db, owner, start, count);
+}
+
+int sub_gid_close (void)
+{
+	return commonio_close (&subordinate_gid_db);
+}
+
+int sub_gid_unlock (void)
+{
+	return commonio_unlock (&subordinate_gid_db);
+}
+
+gid_t sub_gid_find_free_range(gid_t min, gid_t max, unsigned long count)
+{
+	unsigned long start;
+	start = find_free_range (&subordinate_gid_db, min, max, count);
+	return start == ULONG_MAX ? (gid_t) -1 : start;
+}
+#else				/* !ENABLE_SUBIDS */
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/* !ENABLE_SUBIDS */
+
diff --git a/lib/subordinateio.h b/lib/subordinateio.h
new file mode 100644
index 0000000..a21d72b
--- /dev/null
+++ b/lib/subordinateio.h
@@ -0,0 +1,41 @@
+/*
+ * Copyright (c) 2012- Eric W. Biederman
+ */
+
+#ifndef _SUBORDINATEIO_H
+#define _SUBORDINATEIO_H
+
+#include <config.h>
+
+#ifdef ENABLE_SUBIDS
+
+#include <sys/types.h>
+
+extern int sub_uid_close(void);
+extern bool have_sub_uids(const char *owner, uid_t start, unsigned long count);
+extern bool sub_uid_file_present (void);
+extern bool sub_uid_assigned(const char *owner);
+extern int sub_uid_lock (void);
+extern int sub_uid_setdbname (const char *filename);
+extern /*@observer@*/const char *sub_uid_dbname (void);
+extern int sub_uid_open (int mode);
+extern int sub_uid_unlock (void);
+extern int sub_uid_add (const char *owner, uid_t start, unsigned long count);
+extern int sub_uid_remove (const char *owner, uid_t start, unsigned long count);
+extern uid_t sub_uid_find_free_range(uid_t min, uid_t max, unsigned long count);
+
+extern int sub_gid_close(void);
+extern bool have_sub_gids(const char *owner, gid_t start, unsigned long count);
+extern bool sub_gid_file_present (void);
+extern bool sub_gid_assigned(const char *owner);
+extern int sub_gid_lock (void);
+extern int sub_gid_setdbname (const char *filename);
+extern /*@observer@*/const char *sub_gid_dbname (void);
+extern int sub_gid_open (int mode);
+extern int sub_gid_unlock (void);
+extern int sub_gid_add (const char *owner, gid_t start, unsigned long count);
+extern int sub_gid_remove (const char *owner, gid_t start, unsigned long count);
+extern uid_t sub_gid_find_free_range(gid_t min, gid_t max, unsigned long count);
+#endif				/* ENABLE_SUBIDS */
+
+#endif
diff --git a/lib/tcbfuncs.c b/lib/tcbfuncs.c
new file mode 100644
index 0000000..2f694bd
--- /dev/null
+++ b/lib/tcbfuncs.c
@@ -0,0 +1,613 @@
+/*
+ * Copyright (c) 2001 Rafal Wojtczuk, Solar Designer
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#define _GNU_SOURCE
+
+#include <errno.h>
+#include <fcntl.h>
+#include <grp.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <tcb.h>
+#include <unistd.h>
+
+#include "config.h"
+
+#include "defines.h"
+#include "prototypes.h"
+#include "getdef.h"
+#include "shadowio.h"
+#include "tcbfuncs.h"
+
+#define SHADOWTCB_HASH_BY 1000
+#define SHADOWTCB_LOCK_SUFFIX ".lock"
+
+static /*@null@*//*@only@*/char *stored_tcb_user = NULL;
+
+shadowtcb_status shadowtcb_drop_priv (void)
+{
+	if (!getdef_bool ("USE_TCB")) {
+		return SHADOWTCB_SUCCESS;
+	}
+
+	if (NULL != stored_tcb_user) {
+		if (tcb_drop_priv (stored_tcb_user) == 0) {
+			return SHADOWTCB_SUCCESS;
+		}
+	}
+
+	return SHADOWTCB_FAILURE;
+}
+
+shadowtcb_status shadowtcb_gain_priv (void)
+{
+	if (!getdef_bool ("USE_TCB")) {
+		return SHADOWTCB_SUCCESS;
+	}
+
+	return (tcb_gain_priv () == 0) ? SHADOWTCB_SUCCESS : SHADOWTCB_FAILURE;
+}
+
+/* In case something goes wrong, we return immediately, not polluting the
+ * code with free(). All errors are fatal, so the application is expected
+ * to exit soon.
+ */
+#define OUT_OF_MEMORY do { \
+	fprintf (stderr, _("%s: out of memory\n"), Prog); \
+	(void) fflush (stderr); \
+} while (false)
+
+/* Returns user's tcb directory path relative to TCB_DIR. */
+static /*@null@*/ char *shadowtcb_path_rel (const char *name, uid_t uid)
+{
+	char *ret;
+
+	if (!getdef_bool ("TCB_SYMLINKS") || uid < SHADOWTCB_HASH_BY) {
+		if (asprintf (&ret, "%s", name) == -1) {
+			OUT_OF_MEMORY;
+			return NULL;
+		}
+	} else if (uid < SHADOWTCB_HASH_BY * SHADOWTCB_HASH_BY) {
+		if (asprintf (&ret, ":%dK/%s",
+		              uid / SHADOWTCB_HASH_BY, name) == -1) {
+			OUT_OF_MEMORY;
+			return NULL;
+		}
+	} else {
+		if (asprintf (&ret, ":%dM/:%dK/%s",
+		              uid / (SHADOWTCB_HASH_BY * SHADOWTCB_HASH_BY),
+		              (uid % (SHADOWTCB_HASH_BY * SHADOWTCB_HASH_BY)) / SHADOWTCB_HASH_BY,
+			name) == -1) {
+			OUT_OF_MEMORY;
+			return NULL;
+		}
+	}
+	return ret;
+}
+
+static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
+{
+	char *path, *rval;
+	struct stat st;
+	char link[8192];
+	ssize_t ret;
+
+	if (asprintf (&path, TCB_DIR "/%s", name) == -1) {
+		OUT_OF_MEMORY;
+		return NULL;
+	}
+	if (lstat (path, &st) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot stat %s: %s\n"),
+		         Prog, path, strerror (errno));
+		free (path);
+		return NULL;
+	}
+	if (S_ISDIR (st.st_mode)) {
+		free (path);
+		rval = strdup (name);
+		if (NULL == rval) {
+			OUT_OF_MEMORY;
+			return NULL;
+		}
+		return rval;
+	}
+	if (!S_ISLNK (st.st_mode)) {
+		fprintf (stderr,
+		         _("%s: %s is neither a directory, nor a symlink.\n"),
+		         Prog, path);
+		free (path);
+		return NULL;
+	}
+	ret = readlink (path, link, sizeof (link) - 1);
+	if (-1 == ret) {
+		fprintf (stderr,
+		         _("%s: Cannot read symbolic link %s: %s\n"),
+		         Prog, path, strerror (errno));
+		free (path);
+		return NULL;
+	}
+	free (path);
+	if ((size_t)ret >= sizeof(link) - 1) {
+		link[sizeof(link) - 1] = '\0';
+		fprintf (stderr,
+		         _("%s: Suspiciously long symlink: %s\n"),
+		         Prog, link);
+		return NULL;
+	}
+	link[(size_t)ret] = '\0';
+	rval = strdup (link);
+	if (NULL == rval) {
+		OUT_OF_MEMORY;
+		return NULL;
+	}
+	return rval;
+}
+
+static /*@null@*/ char *shadowtcb_path (const char *name, uid_t uid)
+{
+	char *ret, *rel;
+
+	rel = shadowtcb_path_rel (name, uid);
+	if (NULL == rel) {
+		return NULL;
+	}
+	if (asprintf (&ret, TCB_DIR "/%s", rel) == -1) {
+		OUT_OF_MEMORY;
+		free (rel);
+		return NULL;
+	}
+	free (rel);
+	return ret;
+}
+
+static /*@null@*/ char *shadowtcb_path_existing (const char *name)
+{
+	char *ret, *rel;
+
+	rel = shadowtcb_path_rel_existing (name);
+	if (NULL == rel) {
+		return NULL;
+	}
+	if (asprintf (&ret, TCB_DIR "/%s", rel) == -1) {
+		OUT_OF_MEMORY;
+		free (rel);
+		return NULL;
+	}
+	free (rel);
+	return ret;
+}
+
+static shadowtcb_status mkdir_leading (const char *name, uid_t uid)
+{
+	char *ind, *dir, *ptr, *path = shadowtcb_path_rel (name, uid);
+	struct stat st;
+
+	if (NULL == path) {
+		return SHADOWTCB_FAILURE;
+	}
+	ptr = path;
+	if (stat (TCB_DIR, &st) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot stat %s: %s\n"),
+		         Prog, TCB_DIR, strerror (errno));
+		goto out_free_path;
+	}
+	while ((ind = strchr (ptr, '/'))) {
+		*ind = '\0';
+		if (asprintf (&dir, TCB_DIR "/%s", path) == -1) {
+			OUT_OF_MEMORY;
+			return SHADOWTCB_FAILURE;
+		}
+		if ((mkdir (dir, 0700) != 0) && (errno != EEXIST)) {
+			fprintf (stderr,
+			         _("%s: Cannot create directory %s: %s\n"),
+			         Prog, dir, strerror (errno));
+			goto out_free_dir;
+		}
+		if (chown (dir, 0, st.st_gid) != 0) {
+			fprintf (stderr,
+			         _("%s: Cannot change owner of %s: %s\n"),
+			         Prog, dir, strerror (errno));
+			goto out_free_dir;
+		}
+		if (chmod (dir, 0711) != 0) {
+			fprintf (stderr,
+			         _("%s: Cannot change mode of %s: %s\n"),
+			         Prog, dir, strerror (errno));
+			goto out_free_dir;
+		}
+		free (dir);
+		*ind = '/';
+		ptr = ind + 1;
+	}
+	free (path);
+	return SHADOWTCB_SUCCESS;
+out_free_dir:
+	free (dir);
+out_free_path:
+	free (path);
+	return SHADOWTCB_FAILURE;
+}
+
+static shadowtcb_status unlink_suffs (const char *user)
+{
+	static char *suffs[] = { "+", "-", SHADOWTCB_LOCK_SUFFIX };
+	char *tmp;
+	int i;
+
+	for (i = 0; i < 3; i++) {
+		if (asprintf (&tmp, TCB_FMT "%s", user, suffs[i]) == -1) {
+			OUT_OF_MEMORY;
+			return SHADOWTCB_FAILURE;
+		}
+		if ((unlink (tmp) != 0) && (errno != ENOENT)) {
+			fprintf (stderr,
+			         _("%s: unlink: %s: %s\n"),
+			         Prog, tmp, strerror (errno));
+			free (tmp);
+			return SHADOWTCB_FAILURE;
+		}
+		free (tmp);
+	}
+
+	return SHADOWTCB_SUCCESS;
+}
+
+/* path should be a relative existing tcb directory */
+static shadowtcb_status rmdir_leading (char *path)
+{
+	char *ind, *dir;
+	shadowtcb_status ret = SHADOWTCB_SUCCESS;
+	while ((ind = strrchr (path, '/'))) {
+		*ind = '\0';
+		if (asprintf (&dir, TCB_DIR "/%s", path) == -1) {
+			OUT_OF_MEMORY;
+			return SHADOWTCB_FAILURE;
+		}
+		if (rmdir (dir) != 0) {
+			if (errno != ENOTEMPTY) {
+				fprintf (stderr,
+				         _("%s: Cannot remove directory %s: %s\n"),
+				         Prog, dir, strerror (errno));
+				ret = SHADOWTCB_FAILURE;
+			}
+			free (dir);
+			break;
+		}
+		free (dir);
+	}
+	return ret;
+}
+
+static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
+{
+	char *olddir = NULL, *newdir = NULL;
+	char *real_old_dir = NULL, *real_new_dir = NULL;
+	char *real_old_dir_rel = NULL, *real_new_dir_rel = NULL;
+	uid_t old_uid, the_newid;
+	struct stat oldmode;
+	shadowtcb_status ret = SHADOWTCB_FAILURE;
+
+	if (NULL == stored_tcb_user) {
+		return SHADOWTCB_FAILURE;
+	}
+	if (asprintf (&olddir, TCB_DIR "/%s", stored_tcb_user) == -1) {
+		goto out_free_nomem;
+	}
+	if (stat (olddir, &oldmode) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot stat %s: %s\n"),
+		         Prog, olddir, strerror (errno));
+		goto out_free;
+	}
+	old_uid = oldmode.st_uid;
+	the_newid = (user_newid == -1) ? old_uid : user_newid;
+	real_old_dir = shadowtcb_path_existing (stored_tcb_user);
+	if (NULL == real_old_dir) {
+		goto out_free;
+	}
+	real_new_dir = shadowtcb_path (user_newname, the_newid);
+	if (NULL == real_new_dir) {
+		goto out_free;
+	}
+	if (strcmp (real_old_dir, real_new_dir) == 0) {
+		ret = SHADOWTCB_SUCCESS;
+		goto out_free;
+	}
+	real_old_dir_rel = shadowtcb_path_rel_existing (stored_tcb_user);
+	if (NULL == real_old_dir_rel) {
+		goto out_free;
+	}
+	if (mkdir_leading (user_newname, the_newid) == SHADOWTCB_FAILURE) {
+		goto out_free;
+	}
+	if (rename (real_old_dir, real_new_dir) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot rename %s to %s: %s\n"),
+		         Prog, real_old_dir, real_new_dir, strerror (errno));
+		goto out_free;
+	}
+	if (rmdir_leading (real_old_dir_rel) == SHADOWTCB_FAILURE) {
+		goto out_free;
+	}
+	if ((unlink (olddir) != 0) && (errno != ENOENT)) {
+		fprintf (stderr,
+		         _("%s: Cannot remove %s: %s\n"),
+		         Prog, olddir, strerror (errno));
+		goto out_free;
+	}
+	if (asprintf (&newdir, TCB_DIR "/%s", user_newname) == -1) {
+		goto out_free_nomem;
+	}
+	real_new_dir_rel = shadowtcb_path_rel (user_newname, the_newid);
+	if (NULL == real_new_dir_rel) {
+		goto out_free;
+	}
+	if (   (strcmp (real_new_dir, newdir) != 0)
+	    && (symlink (real_new_dir_rel, newdir) != 0)) {
+		fprintf (stderr,
+		         _("%s: Cannot create symbolic link %s: %s\n"),
+		         Prog, real_new_dir_rel, strerror (errno));
+		goto out_free;
+	}
+	ret = SHADOWTCB_SUCCESS;
+	goto out_free;
+out_free_nomem:
+	OUT_OF_MEMORY;
+out_free:
+	free (olddir);
+	free (newdir);
+	free (real_old_dir);
+	free (real_new_dir);
+	free (real_old_dir_rel);
+	free (real_new_dir_rel);
+	return ret;
+}
+
+shadowtcb_status shadowtcb_set_user (const char* name)
+{
+	char *buf;
+	shadowtcb_status retval;
+
+	if (!getdef_bool ("USE_TCB")) {
+		return SHADOWTCB_SUCCESS;
+	}
+
+	if (NULL != stored_tcb_user) {
+		free (stored_tcb_user);
+	}
+
+	stored_tcb_user = strdup (name);
+	if (NULL == stored_tcb_user) {
+		OUT_OF_MEMORY;
+		return SHADOWTCB_FAILURE;
+	}
+	if (asprintf (&buf, TCB_FMT, name) == -1) {
+		OUT_OF_MEMORY;
+		return SHADOWTCB_FAILURE;
+	}
+
+	retval = (spw_setdbname (buf) != 0) ? SHADOWTCB_SUCCESS : SHADOWTCB_FAILURE;
+	free (buf);
+	return retval;
+}
+
+/* tcb directory must be empty before shadowtcb_remove is called. */
+shadowtcb_status shadowtcb_remove (const char *name)
+{
+	shadowtcb_status ret = SHADOWTCB_SUCCESS;
+	char *path = shadowtcb_path_existing (name);
+	char *rel = shadowtcb_path_rel_existing (name);
+	if ((NULL == path) || (NULL == rel) || (rmdir (path) != 0)) {
+		return SHADOWTCB_FAILURE;
+	}
+	if (rmdir_leading (rel) == SHADOWTCB_FAILURE) {
+		return SHADOWTCB_FAILURE;
+	}
+	free (path);
+	free (rel);
+	if (asprintf (&path, TCB_DIR "/%s", name) == -1) {
+		OUT_OF_MEMORY;
+		return SHADOWTCB_FAILURE;
+	}
+	if ((unlink (path) != 0) && (errno != ENOENT)) {
+		ret = SHADOWTCB_FAILURE;
+	}
+	free (path);
+	return ret;
+}
+
+shadowtcb_status shadowtcb_move (/*@NULL@*/const char *user_newname, uid_t user_newid)
+{
+	struct stat dirmode, filemode;
+	char *tcbdir, *shadow;
+	shadowtcb_status ret = SHADOWTCB_FAILURE;
+
+	if (!getdef_bool ("USE_TCB")) {
+		return SHADOWTCB_SUCCESS;
+	}
+	if (NULL == stored_tcb_user) {
+		return SHADOWTCB_FAILURE;
+	}
+	if (NULL == user_newname) {
+		user_newname = stored_tcb_user;
+	}
+	if (move_dir (user_newname, user_newid) == SHADOWTCB_FAILURE) {
+		return SHADOWTCB_FAILURE;
+	}
+	if (-1 == user_newid) {
+		return SHADOWTCB_SUCCESS;
+	}
+	if (   (asprintf (&tcbdir, TCB_DIR "/%s", user_newname) == -1)
+	    || (asprintf (&shadow, TCB_FMT, user_newname) == -1)) {
+		OUT_OF_MEMORY;
+		return SHADOWTCB_FAILURE;
+	}
+	if (stat (tcbdir, &dirmode) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot stat %s: %s\n"),
+		         Prog, tcbdir, strerror (errno));
+		goto out_free;
+	}
+	if (chown (tcbdir, 0, 0) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot change owners of %s: %s\n"),
+		         Prog, tcbdir, strerror (errno));
+		goto out_free;
+	}
+	if (chmod (tcbdir, 0700) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot change mode of %s: %s\n"),
+		         Prog, tcbdir, strerror (errno));
+		goto out_free;
+	}
+	if (lstat (shadow, &filemode) != 0) {
+		if (errno != ENOENT) {
+			fprintf (stderr,
+			         _("%s: Cannot lstat %s: %s\n"),
+			         Prog, shadow, strerror (errno));
+			goto out_free;
+		}
+		fprintf (stderr,
+		         _("%s: Warning, user %s has no tcb shadow file.\n"),
+		         Prog, user_newname);
+	} else {
+		if (!S_ISREG (filemode.st_mode) ||
+			filemode.st_nlink != 1) {
+			fprintf (stderr,
+			         _("%s: Emergency: %s's tcb shadow is not a "
+			           "regular file with st_nlink=1.\n"
+			           "The account is left locked.\n"),
+			         Prog, user_newname);
+			goto out_free;
+		}
+		if (chown (shadow, user_newid, filemode.st_gid) != 0) {
+			fprintf (stderr,
+			         _("%s: Cannot change owner of %s: %s\n"),
+			         Prog, shadow, strerror (errno));
+			goto out_free;
+		}
+		if (chmod (shadow, filemode.st_mode & 07777) != 0) {
+			fprintf (stderr,
+			         _("%s: Cannot change mode of %s: %s\n"),
+			         Prog, shadow, strerror (errno));
+			goto out_free;
+		}
+	}
+	if (unlink_suffs (user_newname) == SHADOWTCB_FAILURE) {
+		goto out_free;
+	}
+	if (chown (tcbdir, user_newid, dirmode.st_gid) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot change owner of %s: %s\n"),
+		         Prog, tcbdir, strerror (errno));
+		goto out_free;
+	}
+	ret = SHADOWTCB_SUCCESS;
+out_free:
+	free (tcbdir);
+	free (shadow);
+	return ret;
+}
+
+shadowtcb_status shadowtcb_create (const char *name, uid_t uid)
+{
+	char *dir, *shadow;
+	struct stat tcbdir_stat;
+	gid_t shadowgid, authgid;
+	struct group *gr;
+	int fd;
+	shadowtcb_status ret = SHADOWTCB_FAILURE;
+
+	if (!getdef_bool ("USE_TCB")) {
+		return SHADOWTCB_SUCCESS;
+	}
+	if (stat (TCB_DIR, &tcbdir_stat) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot stat %s: %s\n"),
+		         Prog, TCB_DIR, strerror (errno));
+		return SHADOWTCB_FAILURE;
+	}
+	shadowgid = tcbdir_stat.st_gid;
+	authgid = shadowgid;
+	if (getdef_bool ("TCB_AUTH_GROUP")) {
+		gr = getgrnam ("auth");
+		if (NULL != gr) {
+			authgid = gr->gr_gid;
+		}
+	}
+
+	if (   (asprintf (&dir, TCB_DIR "/%s", name) == -1)
+	    || (asprintf (&shadow, TCB_FMT, name) == -1)) {
+		OUT_OF_MEMORY;
+		return SHADOWTCB_FAILURE;
+	}
+	if (mkdir (dir, 0700) != 0) {
+		fprintf (stderr,
+		         _("%s: mkdir: %s: %s\n"),
+		         Prog, dir, strerror (errno));
+		goto out_free;
+	}
+	fd = open (shadow, O_RDWR | O_CREAT | O_TRUNC, 0600);
+	if (fd < 0) {
+		fprintf (stderr,
+		         _("%s: Cannot open %s: %s\n"),
+		         Prog, shadow, strerror (errno));
+		goto out_free;
+	}
+	close (fd);
+	if (chown (shadow, 0, authgid) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot change owner of %s: %s\n"),
+		         Prog, shadow, strerror (errno));
+		goto out_free;
+	}
+	if (chmod (shadow, (mode_t) ((authgid == shadowgid) ? 0600 : 0640)) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot change mode of %s: %s\n"),
+		         Prog, shadow, strerror (errno));
+		goto out_free;
+	}
+	if (chown (dir, 0, authgid) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot change owner of %s: %s\n"),
+		         Prog, dir, strerror (errno));
+		goto out_free;
+	}
+	if (chmod (dir, (mode_t) ((authgid == shadowgid) ? 02700 : 02710)) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot change mode of %s: %s\n"),
+		         Prog, dir, strerror (errno));
+		goto out_free;
+	}
+	if (   (shadowtcb_set_user (name) == SHADOWTCB_FAILURE)
+	    || (shadowtcb_move (NULL, uid) == SHADOWTCB_FAILURE)) {
+		goto out_free;
+	}
+	ret = SHADOWTCB_SUCCESS;
+out_free:
+	free (dir);
+	free (shadow);
+	return ret;
+}
+
diff --git a/lib/tcbfuncs.h b/lib/tcbfuncs.h
new file mode 100644
index 0000000..6324bc1
--- /dev/null
+++ b/lib/tcbfuncs.h
@@ -0,0 +1,19 @@
+#ifndef _TCBFUNCS_H
+#define _TCBFUNCS_H
+
+#include <sys/types.h>
+
+typedef enum {
+	SHADOWTCB_FAILURE = 0,
+	SHADOWTCB_SUCCESS = 1
+} shadowtcb_status;
+
+extern shadowtcb_status shadowtcb_drop_priv (void);
+extern shadowtcb_status shadowtcb_gain_priv (void);
+extern shadowtcb_status shadowtcb_set_user (const char *name);
+extern shadowtcb_status shadowtcb_remove (const char *name);
+extern shadowtcb_status shadowtcb_move (/*@null@*/const char *user_newname,
+                                        uid_t user_newid);
+extern shadowtcb_status shadowtcb_create (const char *name, uid_t uid);
+
+#endif
diff --git a/lib/utent.c b/lib/utent.c
new file mode 100644
index 0000000..45af260
--- /dev/null
+++ b/lib/utent.c
@@ -0,0 +1,93 @@
+/*
+ * Copyright (c) 1993 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifndef	HAVE_GETUTENT
+
+#include "defines.h"
+#include <stdio.h>
+#include <fcntl.h>
+#include <utmp.h>
+
+#ifndef	lint
+static char rcsid[] = "$Id$";
+#endif
+
+static int utmp_fd = -1;
+static struct utmp utmp_buf;
+
+/*
+ * setutent - open or rewind the utmp file
+ */
+
+void setutent (void)
+{
+	if (utmp_fd == -1)
+		if ((utmp_fd = open (_UTMP_FILE, O_RDWR)) == -1)
+			utmp_fd = open (_UTMP_FILE, O_RDONLY);
+
+	if (utmp_fd != -1)
+		lseek (utmp_fd, (off_t) 0L, SEEK_SET);
+}
+
+/*
+ * endutent - close the utmp file
+ */
+
+void endutent (void)
+{
+	if (utmp_fd != -1)
+		close (utmp_fd);
+
+	utmp_fd = -1;
+}
+
+/*
+ * getutent - get the next record from the utmp file
+ */
+
+struct utmp *getutent (void)
+{
+	if (utmp_fd == -1)
+		setutent ();
+
+	if (utmp_fd == -1)
+		return 0;
+
+	if (read (utmp_fd, &utmp_buf, sizeof utmp_buf) != sizeof utmp_buf)
+		return 0;
+
+	return &utmp_buf;
+}
+#else
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif
diff --git a/libmisc/.indent.pro b/libmisc/.indent.pro
new file mode 100644
index 0000000..fe572bb
--- /dev/null
+++ b/libmisc/.indent.pro
@@ -0,0 +1,5 @@
+-kr
+-i8
+-bad
+-pcs
+-l80
diff --git a/libmisc/Makefile.am b/libmisc/Makefile.am
new file mode 100644
index 0000000..4a62049
--- /dev/null
+++ b/libmisc/Makefile.am
@@ -0,0 +1,73 @@
+
+EXTRA_DIST = .indent.pro xgetXXbyYY.c
+
+AM_CPPFLAGS = -I$(top_srcdir)/lib
+
+noinst_LIBRARIES = libmisc.a
+
+libmisc_a_SOURCES = \
+	addgrps.c \
+	age.c \
+	audit_help.c \
+	basename.c \
+	chkname.c \
+	chkname.h \
+	chowndir.c \
+	chowntty.c \
+	cleanup.c \
+	cleanup_group.c \
+	cleanup_user.c \
+	console.c \
+	copydir.c \
+	entry.c \
+	env.c \
+	failure.c \
+	failure.h \
+	find_new_gid.c \
+	find_new_uid.c \
+	find_new_sub_gids.c \
+	find_new_sub_uids.c \
+	getdate.h \
+	getdate.y \
+	getgr_nam_gid.c \
+	getrange.c \
+	gettime.c \
+	hushed.c \
+	idmapping.h \
+	idmapping.c \
+	isexpired.c \
+	limits.c \
+	list.c log.c \
+	loginprompt.c \
+	mail.c \
+	motd.c \
+	myname.c \
+	obscure.c \
+	pam_pass.c \
+	pam_pass_non_interractive.c \
+	pwd2spwd.c \
+	pwdcheck.c \
+	pwd_init.c \
+	remove_tree.c \
+	rlogin.c \
+	root_flag.c \
+	salt.c \
+	setugid.c \
+	setupenv.c \
+	shell.c \
+	strtoday.c \
+	sub.c \
+	sulog.c \
+	ttytype.c \
+	tz.c \
+	ulimit.c \
+	user_busy.c \
+	utmp.c \
+	valid.c \
+	xgetpwnam.c \
+	xgetpwuid.c \
+	xgetgrnam.c \
+	xgetgrgid.c \
+	xgetspnam.c \
+	xmalloc.c \
+	yesno.c
diff --git a/libmisc/addgrps.c b/libmisc/addgrps.c
new file mode 100644
index 0000000..40fad99
--- /dev/null
+++ b/libmisc/addgrps.c
@@ -0,0 +1,131 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#if defined (HAVE_SETGROUPS) && ! defined (USE_PAM)
+
+#include "prototypes.h"
+#include "defines.h"
+
+#include <stdio.h>
+#include <grp.h>
+#include <errno.h>
+
+#ident "$Id$"
+
+#define SEP ",:"
+/*
+ * Add groups with names from LIST (separated by commas or colons)
+ * to the supplementary group set.  Silently ignore groups which are
+ * already there.  Warning: uses strtok().
+ */
+int add_groups (const char *list)
+{
+	GETGROUPS_T *grouplist, *tmp;
+	size_t i;
+	int ngroups;
+	bool added;
+	char *token;
+	char buf[1024];
+
+	if (strlen (list) >= sizeof (buf)) {
+		errno = EINVAL;
+		return -1;
+	}
+	strcpy (buf, list);
+
+	i = 16;
+	for (;;) {
+		grouplist = (gid_t *) malloc (i * sizeof (GETGROUPS_T));
+		if (NULL == grouplist) {
+			return -1;
+		}
+		ngroups = getgroups (i, grouplist);
+		if (   (   (-1 == ngroups)
+		        && (EINVAL != errno))
+		    || (i > (size_t)ngroups)) {
+			/* Unexpected failure of getgroups or successful
+			 * reception of the groups */
+			break;
+		}
+		/* not enough room, so try allocating a larger buffer */
+		free (grouplist);
+		i *= 2;
+	}
+	if (ngroups < 0) {
+		free (grouplist);
+		return -1;
+	}
+
+	added = false;
+	for (token = strtok (buf, SEP); NULL != token; token = strtok (NULL, SEP)) {
+		struct group *grp;
+
+		grp = getgrnam (token); /* local, no need for xgetgrnam */
+		if (NULL == grp) {
+			fprintf (stderr, _("Warning: unknown group %s\n"),
+				 token);
+			continue;
+		}
+
+		for (i = 0; i < (size_t)ngroups && grouplist[i] != grp->gr_gid; i++);
+
+		if (i < (size_t)ngroups) {
+			continue;
+		}
+
+		if (ngroups >= sysconf (_SC_NGROUPS_MAX)) {
+			fputs (_("Warning: too many groups\n"), stderr);
+			break;
+		}
+		tmp = (gid_t *) realloc (grouplist, (size_t)(ngroups + 1) * sizeof (GETGROUPS_T));
+		if (NULL == tmp) {
+			free (grouplist);
+			return -1;
+		}
+		tmp[ngroups] = grp->gr_gid;
+		ngroups++;
+		grouplist = tmp;
+		added = true;
+	}
+
+	if (added) {
+		return setgroups ((size_t)ngroups, grouplist);
+	}
+
+	return 0;
+}
+#else				/* HAVE_SETGROUPS && !USE_PAM */
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/* HAVE_SETGROUPS && !USE_PAM */
+
diff --git a/libmisc/age.c b/libmisc/age.c
new file mode 100644
index 0000000..12e6036
--- /dev/null
+++ b/libmisc/age.c
@@ -0,0 +1,201 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "exitcodes.h"
+#include <pwd.h>
+#include <grp.h>
+
+#ident "$Id$"
+
+#ifndef PASSWD_PROGRAM
+#define PASSWD_PROGRAM "/bin/passwd"
+#endif
+/*
+ * expire - force password change if password expired
+ *
+ *	expire() calls /bin/passwd to change the user's password
+ *	if it has expired.
+ */
+int expire (const struct passwd *pw, /*@null@*/const struct spwd *sp)
+{
+	int status;
+	pid_t child;
+	pid_t pid;
+
+	if (NULL == sp) {
+		return 0;
+	}
+
+	/*
+	 * See if the user's password has expired, and if so
+	 * force them to change their password.
+	 */
+
+	status = isexpired (pw, sp);
+	switch (status) {
+	case 0:
+		return 0;
+	case 1:
+		(void) fputs (_("Your password has expired."), stdout);
+		break;
+	case 2:
+		(void) fputs (_("Your password is inactive."), stdout);
+		break;
+	case 3:
+		(void) fputs (_("Your login has expired."), stdout);
+		break;
+	}
+
+	/*
+	 * Setting the maximum valid period to less than the minimum
+	 * valid period means that the minimum period will never
+	 * occur while the password is valid, so the user can never
+	 * change that password.
+	 */
+
+	if ((status > 1) || (sp->sp_max < sp->sp_min)) {
+		(void) puts (_("  Contact the system administrator."));
+		exit (EXIT_FAILURE);
+	}
+	(void) puts (_("  Choose a new password."));
+	(void) fflush (stdout);
+
+	/*
+	 * Close all the files so that unauthorized access won't
+	 * occur.  This needs to be done anyway because those files
+	 * might become stale after "passwd" is executed.
+	 */
+
+	endspent ();
+	endpwent ();
+#ifdef SHADOWGRP
+	endsgent ();
+#endif
+	endgrent ();
+
+	/*
+	 * Execute the /bin/passwd command.  The exit status will be
+	 * examined to see what the result is.  If there are any
+	 * errors the routine will exit.  This forces the user to
+	 * change their password before being able to use the account.
+	 */
+
+	pid = fork ();
+	if (0 == pid) {
+		int err;
+
+		/*
+		 * Set the UID to be that of the user.  This causes
+		 * passwd to work just like it would had they executed
+		 * it from the command line while logged in.
+		 */
+#if defined(HAVE_INITGROUPS) && ! defined(USE_PAM)
+		if (setup_uid_gid (pw, false) != 0)
+#else
+		if (setup_uid_gid (pw) != 0)
+#endif
+		{
+			_exit (126);
+		}
+
+		(void) execl (PASSWD_PROGRAM, PASSWD_PROGRAM, pw->pw_name, (char *) 0);
+		err = errno;
+		perror ("Can't execute " PASSWD_PROGRAM);
+		_exit ((ENOENT == err) ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
+	} else if ((pid_t) -1 == pid) {
+		perror ("fork");
+		exit (EXIT_FAILURE);
+	}
+
+	while (((child = wait (&status)) != pid) && (child != (pid_t)-1));
+
+	if ((child == pid) && (0 == status)) {
+		return 1;
+	}
+
+	exit (EXIT_FAILURE);
+ /*@notreached@*/}
+
+/*
+ * agecheck - see if warning is needed for password expiration
+ *
+ *	agecheck sees how many days until the user's password is going
+ *	to expire and warns the user of the pending password expiration.
+ */
+
+void agecheck (/*@null@*/const struct spwd *sp)
+{
+	long now = (long) time ((time_t *) 0) / SCALE;
+	long remain;
+
+	if (NULL == sp) {
+		return;
+	}
+
+	/*
+	 * The last, max, and warn fields must be supported or the
+	 * warning period cannot be calculated.
+	 */
+
+	if (   (-1 == sp->sp_lstchg)
+	    || (-1 == sp->sp_max)
+	    || (-1 == sp->sp_warn)) {
+		return;
+	}
+
+	if (0 == sp->sp_lstchg) {
+		(void) puts (_("You must change your password."));
+		return;
+	}
+
+	remain = sp->sp_lstchg + sp->sp_max - now;
+	if (remain <= sp->sp_warn) {
+		remain /= DAY / SCALE;
+		if (remain > 1) {
+			(void) printf (_("Your password will expire in %ld days.\n"),
+			               remain);
+		} else if (1 == remain) {
+			(void) puts (_("Your password will expire tomorrow."));
+		} else if (remain == 0) {
+			(void) puts (_("Your password will expire today."));
+		}
+	}
+}
+
diff --git a/libmisc/audit_help.c b/libmisc/audit_help.c
new file mode 100644
index 0000000..1aadaa3
--- /dev/null
+++ b/libmisc/audit_help.c
@@ -0,0 +1,109 @@
+/*
+ * Copyright (c) 2005       , Red Hat, Inc.
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ *  Audit helper functions used throughout shadow
+ *
+ */
+
+#include <config.h>
+
+#ifdef WITH_AUDIT
+
+#include <stdlib.h>
+#include <syslog.h>
+#include <stdarg.h>
+#include <libaudit.h>
+#include <errno.h>
+#include <stdio.h>
+#include "prototypes.h"
+int audit_fd;
+
+void audit_help_open (void)
+{
+	audit_fd = audit_open ();
+	if (audit_fd < 0) {
+		/* You get these only when the kernel doesn't have
+		 * audit compiled in. */
+		if (   (errno == EINVAL)
+		    || (errno == EPROTONOSUPPORT)
+		    || (errno == EAFNOSUPPORT)) {
+			return;
+		}
+		(void) fputs (_("Cannot open audit interface - aborting.\n"),
+		              stderr);
+		exit (EXIT_FAILURE);
+	}
+}
+
+/*
+ * This function will log a message to the audit system using a predefined
+ * message format. Parameter usage is as follows:
+ *
+ * type - type of message: AUDIT_USER_CHAUTHTOK for changing any account 
+ *	  attributes.
+ * pgname - program's name
+ * op  -  operation. "adding user", "changing finger info", "deleting group"
+ * name - user's account or group name. If not available use NULL.
+ * id  -  uid or gid that the operation is being performed on. This is used
+ *	  only when user is NULL.
+ */
+void audit_logger (int type, unused const char *pgname, const char *op,
+                   const char *name, unsigned int id,
+                   shadow_audit_result result)
+{
+	if (audit_fd < 0) {
+		return;
+	} else {
+		audit_log_acct_message (audit_fd, type, NULL, op, name, id,
+		                        NULL, NULL, NULL, (int) result);
+	}
+}
+
+void audit_logger_message (const char *message, shadow_audit_result result)
+{
+	if (audit_fd < 0) {
+		return;
+	} else {
+		audit_log_user_message (audit_fd,
+		                        AUDIT_USYS_CONFIG,
+		                        message,
+		                        NULL, /* hostname */
+		                        NULL, /* addr */
+		                        NULL, /* tty */
+		                        (int) result);
+	}
+}
+
+#else				/* WITH_AUDIT */
+extern int errno;	/* warning: ANSI C forbids an empty source file */
+#endif				/* WITH_AUDIT */
+
diff --git a/libmisc/basename.c b/libmisc/basename.c
new file mode 100644
index 0000000..1525169
--- /dev/null
+++ b/libmisc/basename.c
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * basename.c - not worth copyrighting :-).  Some versions of Linux libc
+ * already have basename(), other versions don't.  To avoid confusion,
+ * we will not use the function from libc and use a different name here.
+ * --marekm
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "defines.h"
+#include "prototypes.h"
+/*@observer@*/const char *Basename (const char *str)
+{
+	char *cp = strrchr (str, '/');
+
+	return (NULL != cp) ? cp + 1 : str;
+}
diff --git a/libmisc/chkname.c b/libmisc/chkname.c
new file mode 100644
index 0000000..64f5580
--- /dev/null
+++ b/libmisc/chkname.c
@@ -0,0 +1,99 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2005 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * is_valid_user_name(), is_valid_group_name() - check the new user/group
+ * name for validity;
+ * return values:
+ *   true  - OK
+ *   false - bad name
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <ctype.h>
+#include "defines.h"
+#include "chkname.h"
+
+static bool is_valid_name (const char *name)
+{
+	/*
+	 * User/group names must match [a-z_][a-z0-9_-]*[$]
+	 */
+	if (('\0' == *name) ||
+	    !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) {
+		return false;
+	}
+
+	while ('\0' != *++name) {
+		if (!(( ('a' <= *name) && ('z' >= *name) ) ||
+		      ( ('0' <= *name) && ('9' >= *name) ) ||
+		      ('_' == *name) ||
+		      ('-' == *name) ||
+		      ( ('$' == *name) && ('\0' == *(name + 1)) )
+		     )) {
+			return false;
+		}
+	}
+
+	return true;
+}
+
+bool is_valid_user_name (const char *name)
+{
+	/*
+	 * User names are limited by whatever utmp can
+	 * handle.
+	 */
+	if (strlen (name) > USER_NAME_MAX_LENGTH) {
+		return false;
+	}
+
+	return is_valid_name (name);
+}
+
+bool is_valid_group_name (const char *name)
+{
+	/*
+	 * Arbitrary limit for group names.
+	 * HP-UX 10 limits to 16 characters
+	 */
+	if (   (GROUP_NAME_MAX_LENGTH > 0)
+	    && (strlen (name) > GROUP_NAME_MAX_LENGTH)) {
+		return false;
+	}
+
+	return is_valid_name (name);
+}
+
diff --git a/libmisc/chkname.h b/libmisc/chkname.h
new file mode 100644
index 0000000..06e0dee
--- /dev/null
+++ b/libmisc/chkname.h
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1997 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id$ */
+#ifndef _CHKNAME_H_
+#define _CHKNAME_H_
+
+/*
+ * is_valid_user_name(), is_valid_group_name() - check the new user/group
+ * name for validity;
+ * return values:
+ *   true  - OK
+ *   false - bad name
+ */
+
+#include "defines.h"
+
+extern bool is_valid_user_name (const char *name);
+extern bool is_valid_group_name (const char *name);
+
+#endif
diff --git a/libmisc/chowndir.c b/libmisc/chowndir.c
new file mode 100644
index 0000000..c4c504a
--- /dev/null
+++ b/libmisc/chowndir.c
@@ -0,0 +1,201 @@
+/*
+ * Copyright (c) 1992 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2010 -     , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <fcntl.h>
+#include <stdio.h>
+/*
+ * chown_tree - change ownership of files in a directory tree
+ *
+ *	chown_dir() walks a directory tree and changes the ownership
+ *	of all files owned by the provided user ID.
+ *
+ *	Only files owned (resp. group-owned) by old_uid (resp. by old_gid)
+ *	will have their ownership (resp. group-ownership) modified, unless
+ *	old_uid (resp. old_gid) is set to -1.
+ *
+ *	new_uid and new_gid can be set to -1 to indicate that no owner or
+ *	group-owner shall be changed.
+ */
+int chown_tree (const char *root,
+                uid_t old_uid,
+                uid_t new_uid,
+                gid_t old_gid,
+                gid_t new_gid)
+{
+	char *new_name;
+	size_t new_name_len;
+	int rc = 0;
+	struct DIRECT *ent;
+	struct stat sb;
+	DIR *dir;
+
+	new_name = malloc (1024);
+	if (NULL == new_name) {
+		return -1;
+	}
+	new_name_len = 1024;
+
+	/*
+	 * Make certain the directory exists.  This routine is called
+	 * directly by the invoker, or recursively.
+	 */
+
+	if (access (root, F_OK) != 0) {
+		free (new_name);
+		return -1;
+	}
+
+	/*
+	 * Open the directory and read each entry.  Every entry is tested
+	 * to see if it is a directory, and if so this routine is called
+	 * recursively.  If not, it is checked to see if an ownership
+	 * shall be changed.
+	 */
+
+	dir = opendir (root);
+	if (NULL == dir) {
+		free (new_name);
+		return -1;
+	}
+
+	while ((ent = readdir (dir))) {
+		size_t ent_name_len;
+		uid_t tmpuid = (uid_t) -1;
+		gid_t tmpgid = (gid_t) -1;
+
+		/*
+		 * Skip the "." and ".." entries
+		 */
+
+		if (   (strcmp (ent->d_name, ".") == 0)
+		    || (strcmp (ent->d_name, "..") == 0)) {
+			continue;
+		}
+
+		/*
+		 * Make the filename for both the source and the
+		 * destination files.
+		 */
+
+		ent_name_len = strlen (root) + strlen (ent->d_name) + 2;
+		if (ent_name_len > new_name_len) {
+			/*@only@*/char *tmp = realloc (new_name, ent_name_len);
+			if (NULL == tmp) {
+				rc = -1;
+				break;
+			}
+			new_name = tmp;
+			new_name_len = ent_name_len;
+		}
+
+		(void) snprintf (new_name, new_name_len, "%s/%s", root, ent->d_name);
+
+		/* Don't follow symbolic links! */
+		if (LSTAT (new_name, &sb) == -1) {
+			continue;
+		}
+
+		if (S_ISDIR (sb.st_mode) && !S_ISLNK (sb.st_mode)) {
+
+			/*
+			 * Do the entire subdirectory.
+			 */
+
+			rc = chown_tree (new_name, old_uid, new_uid,
+			                 old_gid, new_gid);
+			if (0 != rc) {
+				break;
+			}
+		}
+#ifndef HAVE_LCHOWN
+		/* don't use chown (follows symbolic links!) */
+		if (S_ISLNK (sb.st_mode)) {
+			continue;
+		}
+#endif
+		/*
+		 * By default, the IDs are not changed (-1).
+		 *
+		 * If the file is not owned by the user, the owner is not
+		 * changed.
+		 *
+		 * If the file is not group-owned by the group, the
+		 * group-owner is not changed.
+		 */
+		if (((uid_t) -1 == old_uid) || (sb.st_uid == old_uid)) {
+			tmpuid = new_uid;
+		}
+		if (((gid_t) -1 == old_gid) || (sb.st_gid == old_gid)) {
+			tmpgid = new_gid;
+		}
+		if (((uid_t) -1 != tmpuid) || ((gid_t) -1 != tmpgid)) {
+			rc = LCHOWN (new_name, tmpuid, tmpgid);
+			if (0 != rc) {
+				break;
+			}
+		}
+	}
+
+	free (new_name);
+	(void) closedir (dir);
+
+	/*
+	 * Now do the root of the tree
+	 */
+
+	if ((0 == rc) && (stat (root, &sb) == 0)) {
+		uid_t tmpuid = (uid_t) -1;
+		gid_t tmpgid = (gid_t) -1;
+		if (((uid_t) -1 == old_uid) || (sb.st_uid == old_uid)) {
+			tmpuid = new_uid;
+		}
+		if (((gid_t) -1 == old_gid) || (sb.st_gid == old_gid)) {
+			tmpgid = new_gid;
+		}
+		if (((uid_t) -1 != tmpuid) || ((gid_t) -1 != tmpgid)) {
+			rc = LCHOWN (root, tmpuid, tmpgid);
+		}
+	} else {
+		rc = -1;
+	}
+
+	return rc;
+}
+
diff --git a/libmisc/chowntty.c b/libmisc/chowntty.c
new file mode 100644
index 0000000..f6f5dbc
--- /dev/null
+++ b/libmisc/chowntty.c
@@ -0,0 +1,99 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2001, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <errno.h>
+#include <grp.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+#include "getdef.h"
+
+/*
+ *	chown_tty() sets the login tty to be owned by the new user ID
+ *	with TTYPERM modes
+ */
+
+void chown_tty (const struct passwd *info)
+{
+	struct group *grent;
+	gid_t gid;
+
+	/*
+	 * See if login.defs has some value configured for the port group
+	 * ID.  Otherwise, use the user's primary group ID.
+	 */
+
+	grent = getgr_nam_gid (getdef_str ("TTYGROUP"));
+	if (NULL != grent) {
+		gid = grent->gr_gid;
+	} else {
+		gid = info->pw_gid;
+	}
+
+	/*
+	 * Change the permissions on the TTY to be owned by the user with
+	 * the group as determined above.
+	 */
+
+	if (   (fchown (STDIN_FILENO, info->pw_uid, gid) != 0)
+	    || (fchmod (STDIN_FILENO, (mode_t)getdef_num ("TTYPERM", 0600)) != 0)) {
+		int err = errno;
+
+		fprintf (stderr,
+		         _("Unable to change owner or mode of tty stdin: %s"),
+		         strerror (err));
+		SYSLOG ((LOG_WARN,
+		         "unable to change owner or mode of tty stdin for user `%s': %s\n",
+		         info->pw_name, strerror (err)));
+		if (EROFS != err) {
+			closelog ();
+			exit (EXIT_FAILURE);
+		}
+	}
+#ifdef __linux__
+	/*
+	 * Please don't add code to chown /dev/vcs* to the user logging in -
+	 * it's a potential security hole.  I wouldn't like the previous user
+	 * to hold the file descriptor open and watch my screen.  We don't
+	 * have the *BSD revoke() system call yet, and vhangup() only works
+	 * for tty devices (which vcs* is not).  --marekm
+	 */
+#endif
+}
+
diff --git a/libmisc/cleanup.c b/libmisc/cleanup.c
new file mode 100644
index 0000000..bd83a23
--- /dev/null
+++ b/libmisc/cleanup.c
@@ -0,0 +1,144 @@
+/*
+ * Copyright (c) 2008 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <assert.h>
+#include <stdio.h>
+
+#include "prototypes.h"
+
+/*
+ * The cleanup_functions stack.
+ */
+#define CLEANUP_FUNCTIONS 10
+
+typedef /*@null@*/void * parg_t;
+
+static cleanup_function cleanup_functions[CLEANUP_FUNCTIONS];
+static parg_t cleanup_function_args[CLEANUP_FUNCTIONS];
+static pid_t cleanup_pid = 0;
+
+/*
+ * - Cleanup functions shall not fail.
+ * - You should register do_cleanups with atexit.
+ * - You should add cleanup functions to the stack with add_cleanup when
+ *   an operation is expected to be executed later, and remove it from the
+ *   stack with del_cleanup when it has been executed.
+ *
+ **/
+
+/*
+ * do_cleanups - perform the actions stored in the cleanup_functions stack.
+ *
+ * Cleanup action are not executed on exit of the processes started by the
+ * parent (first caller of add_cleanup).
+ *
+ * It is intended to be used as:
+ *     atexit (do_cleanups);
+ */
+void do_cleanups (void)
+{
+	unsigned int i;
+
+	/* Make sure there were no overflow */
+	assert (NULL == cleanup_functions[CLEANUP_FUNCTIONS-1]);
+
+	if (getpid () != cleanup_pid) {
+		return;
+	}
+
+	i = CLEANUP_FUNCTIONS;
+	do {
+		i--;
+		if (cleanup_functions[i] != NULL) {
+			cleanup_functions[i] (cleanup_function_args[i]);
+		}
+	} while (i>0);
+}
+
+/*
+ * add_cleanup - Add a cleanup_function to the cleanup_functions stack.
+ */
+void add_cleanup (/*@notnull@*/cleanup_function pcf, /*@null@*/void *arg)
+{
+	unsigned int i;
+	assert (NULL != pcf);
+
+	assert (NULL == cleanup_functions[CLEANUP_FUNCTIONS-2]);
+
+	if (0 == cleanup_pid) {
+		cleanup_pid = getpid ();
+	}
+
+	/* Add the cleanup_function at the end of the stack */
+	for (i=0; NULL != cleanup_functions[i]; i++);
+	cleanup_functions[i] = pcf;
+	cleanup_function_args[i] = arg;
+}
+
+/*
+ * del_cleanup - Remove a cleanup_function from the cleanup_functions stack.
+ */
+void del_cleanup (/*@notnull@*/cleanup_function pcf)
+{
+	unsigned int i;
+	assert (NULL != pcf);
+
+	/* Find the pcf cleanup function */
+	for (i=0; i<CLEANUP_FUNCTIONS; i++) {
+		if (cleanup_functions[i] == pcf) {
+			break;
+		}
+	}
+
+	/* Make sure the cleanup function was found */
+	assert (i<CLEANUP_FUNCTIONS);
+
+	/* Move the rest of the cleanup functions */
+	for (; i<CLEANUP_FUNCTIONS; i++) {
+		/* Make sure the cleanup function was specified only once */
+		assert (   (i == (CLEANUP_FUNCTIONS -1))
+		        || (cleanup_functions[i+1] != pcf));
+
+		if (i == (CLEANUP_FUNCTIONS -1)) {
+			cleanup_functions[i] = NULL;
+			cleanup_function_args[i] = NULL;
+		} else {
+			cleanup_functions[i] = cleanup_functions[i+1];
+			cleanup_function_args[i] = cleanup_function_args[i+1];
+		}
+
+		/* A NULL indicates the end of the stack */
+		if (NULL == cleanup_functions[i]) {
+			break;
+		}
+	}
+}
+
diff --git a/libmisc/cleanup_group.c b/libmisc/cleanup_group.c
new file mode 100644
index 0000000..d07adc7
--- /dev/null
+++ b/libmisc/cleanup_group.c
@@ -0,0 +1,237 @@
+/*
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <assert.h>
+#include <stdio.h>
+
+#include "defines.h"
+#include "groupio.h"
+#include "sgroupio.h"
+#include "prototypes.h"
+
+/*
+ * cleanup_report_add_group - Report failure to add a group to the system
+ *
+ * It should be registered when it is decided to add a group to the system.
+ */
+void cleanup_report_add_group (void *group_name)
+{
+	const char *name = (const char *)group_name;
+
+	SYSLOG ((LOG_ERR, "failed to add group %s", name));
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_ADD_GROUP, Prog,
+	              "",
+	              name, AUDIT_NO_ID,
+	              SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+/*
+ * cleanup_report_del_group - Report failure to remove a group from the system
+ *
+ * It should be registered when it is decided to remove a group from the system.
+ */
+void cleanup_report_del_group (void *group_name)
+{
+	const char *name = (const char *)group_name;
+
+	SYSLOG ((LOG_ERR, "failed to remove group %s", name));
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_DEL_GROUP, Prog,
+	              "",
+	              name, AUDIT_NO_ID,
+	              SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+void cleanup_report_mod_group (void *cleanup_info)
+{
+	const struct cleanup_info_mod *info;
+	info = (const struct cleanup_info_mod *)cleanup_info;
+
+	SYSLOG ((LOG_ERR,
+	         "failed to change %s (%s)",
+	         gr_dbname (),
+	         info->action));
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_USER_ACCT, Prog,
+	              info->audit_msg,
+	              info->name, AUDIT_NO_ID,
+	              SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+#ifdef SHADOWGRP
+void cleanup_report_mod_gshadow (void *cleanup_info)
+{
+	const struct cleanup_info_mod *info;
+	info = (const struct cleanup_info_mod *)cleanup_info;
+
+	SYSLOG ((LOG_ERR,
+	         "failed to change %s (%s)",
+	         sgr_dbname (),
+	         info->action));
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_USER_ACCT, Prog,
+	              info->audit_msg,
+	              info->name, AUDIT_NO_ID,
+	              SHADOW_AUDIT_FAILURE);
+#endif
+}
+#endif
+
+/*
+ * cleanup_report_add_group_group - Report failure to add a group to group
+ *
+ * It should be registered when it is decided to add a group to the
+ * group database.
+ */
+void cleanup_report_add_group_group (void *group_name)
+{
+	const char *name = (const char *)group_name;
+
+	SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, gr_dbname ()));
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_ADD_GROUP, Prog,
+	              "adding group to /etc/group",
+	              name, AUDIT_NO_ID,
+	              SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+#ifdef SHADOWGRP
+/*
+ * cleanup_report_add_group_gshadow - Report failure to add a group to gshadow
+ *
+ * It should be registered when it is decided to add a group to the
+ * gshadow database.
+ */
+void cleanup_report_add_group_gshadow (void *group_name)
+{
+	const char *name = (const char *)group_name;
+
+	SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, sgr_dbname ()));
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_ADD_GROUP, Prog,
+	              "adding group to /etc/gshadow",
+	              name, AUDIT_NO_ID,
+	              SHADOW_AUDIT_FAILURE);
+#endif
+}
+#endif
+
+/*
+ * cleanup_report_del_group_group - Report failure to remove a group from the
+ *                                  regular group database
+ *
+ * It should be registered when it is decided to remove a group from the
+ * regular group database.
+ */
+void cleanup_report_del_group_group (void *group_name)
+{
+	const char *name = (const char *)group_name;
+
+	SYSLOG ((LOG_ERR,
+	         "failed to remove group %s from %s",
+	         name, gr_dbname ()));
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_ADD_GROUP, Prog,
+	              "removing group from /etc/group",
+	              name, AUDIT_NO_ID,
+	              SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+#ifdef SHADOWGRP
+/*
+ * cleanup_report_del_group_gshadow - Report failure to remove a group from
+ *                                    gshadow
+ *
+ * It should be registered when it is decided to remove a group from the
+ * gshadow database.
+ */
+void cleanup_report_del_group_gshadow (void *group_name)
+{
+	const char *name = (const char *)group_name;
+
+	SYSLOG ((LOG_ERR,
+	         "failed to remove group %s from %s",
+	         name, sgr_dbname ()));
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_ADD_GROUP, Prog,
+	              "removing group from /etc/gshadow",
+	              name, AUDIT_NO_ID,
+	              SHADOW_AUDIT_FAILURE);
+#endif
+}
+#endif
+
+/*
+ * cleanup_unlock_group - Unlock the group file
+ *
+ * It should be registered after the group file is successfully locked.
+ */
+void cleanup_unlock_group (unused void *arg)
+{
+	if (gr_unlock () == 0) {
+		fprintf (stderr,
+		         _("%s: failed to unlock %s\n"),
+		         Prog, gr_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+#ifdef WITH_AUDIT
+		audit_logger_message ("unlocking group file",
+		                      SHADOW_AUDIT_FAILURE);
+#endif
+	}
+}
+
+#ifdef SHADOWGRP
+/*
+ * cleanup_unlock_gshadow - Unlock the gshadow file
+ *
+ * It should be registered after the gshadow file is successfully locked.
+ */
+void cleanup_unlock_gshadow (unused void *arg)
+{
+	if (sgr_unlock () == 0) {
+		fprintf (stderr,
+		         _("%s: failed to unlock %s\n"),
+		         Prog, sgr_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+#ifdef WITH_AUDIT
+		audit_logger_message ("unlocking gshadow file",
+		                      SHADOW_AUDIT_FAILURE);
+#endif
+	}
+}
+#endif
+
diff --git a/libmisc/cleanup_user.c b/libmisc/cleanup_user.c
new file mode 100644
index 0000000..6e49751
--- /dev/null
+++ b/libmisc/cleanup_user.c
@@ -0,0 +1,152 @@
+/*
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <assert.h>
+#include <stdio.h>
+
+#include "defines.h"
+#include "pwio.h"
+#include "shadowio.h"
+#include "prototypes.h"
+
+/*
+ * cleanup_report_add_user - Report failure to add an user to the system
+ *
+ * It should be registered when it is decided to add an user to the system.
+ */
+void cleanup_report_add_user (void *user_name)
+{
+	const char *name = (const char *)user_name;
+
+	SYSLOG ((LOG_ERR, "failed to add user %s", name));
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_ADD_USER, Prog,
+	              "",
+	              name, AUDIT_NO_ID,
+	              SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+void cleanup_report_mod_passwd (void *cleanup_info)
+{
+	const struct cleanup_info_mod *info;
+	info = (const struct cleanup_info_mod *)cleanup_info;
+
+	SYSLOG ((LOG_ERR,
+	         "failed to change %s (%s)",
+	         pw_dbname (),
+	         info->action));
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_USER_ACCT, Prog,
+	              info->audit_msg,
+	              info->name, AUDIT_NO_ID,
+	              SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+/*
+ * cleanup_report_add_user_passwd - Report failure to add an user to
+ * /etc/passwd
+ *
+ * It should be registered when it is decided to add an user to the
+ * /etc/passwd database.
+ */
+void cleanup_report_add_user_passwd (void *user_name)
+{
+	const char *name = (const char *)user_name;
+
+	SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, pw_dbname ()));
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_ADD_USER, Prog,
+	              "adding user to /etc/passwd",
+	              name, AUDIT_NO_ID,
+	              SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+/*
+ * cleanup_report_add_user_shadow - Report failure to add an user to
+ * /etc/shadow
+ *
+ * It should be registered when it is decided to add an user to the
+ * /etc/shadow database.
+ */
+void cleanup_report_add_user_shadow (void *user_name)
+{
+	const char *name = (const char *)user_name;
+
+	SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, spw_dbname ()));
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_ADD_USER, Prog,
+	              "adding user to /etc/shadow",
+	              name, AUDIT_NO_ID,
+	              SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+/*
+ * cleanup_unlock_passwd - Unlock the /etc/passwd database
+ *
+ * It should be registered after the passwd database is successfully locked.
+ */
+void cleanup_unlock_passwd (unused void *arg)
+{
+	if (pw_unlock () == 0) {
+		fprintf (stderr,
+		         _("%s: failed to unlock %s\n"),
+		         Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+#ifdef WITH_AUDIT
+		audit_logger_message ("unlocking passwd file",
+		                      SHADOW_AUDIT_FAILURE);
+#endif
+	}
+}
+
+/*
+ * cleanup_unlock_shadow - Unlock the /etc/shadow database
+ *
+ * It should be registered after the shadow database is successfully locked.
+ */
+void cleanup_unlock_shadow (unused void *arg)
+{
+	if (spw_unlock () == 0) {
+		fprintf (stderr,
+		         _("%s: failed to unlock %s\n"),
+		         Prog, spw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+#ifdef WITH_AUDIT
+		audit_logger_message ("unlocking shadow file",
+		                      SHADOW_AUDIT_FAILURE);
+#endif
+	}
+}
+
diff --git a/libmisc/console.c b/libmisc/console.c
new file mode 100644
index 0000000..70d1390
--- /dev/null
+++ b/libmisc/console.c
@@ -0,0 +1,133 @@
+/*
+ * Copyright (c) 1991       , Julianne Frances Haugh
+ * Copyright (c) 1991       , Chip Rosenthal
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+#include "defines.h"
+#include <stdio.h>
+#include "getdef.h"
+#include "prototypes.h"
+
+#ident "$Id$"
+
+/* local function prototypes */
+static bool is_listed (const char *cfgin, const char *tty, bool def);
+
+/*
+ * This is now rather generic function which decides if "tty" is listed
+ * under "cfgin" in config (directly or indirectly). Fallback to default if
+ * something is bad.
+ */
+static bool is_listed (const char *cfgin, const char *tty, bool def)
+{
+	FILE *fp;
+	char buf[200], *s;
+	const char *cons;
+
+	/*
+	 * If the CONSOLE configuration definition isn't given,
+	 * fallback to default.
+	 */
+
+	cons = getdef_str (cfgin);
+	if (NULL == cons) {
+		return def;
+	}
+
+	/*
+	 * If this isn't a filename, then it is a ":" delimited list of
+	 * console devices upon which root logins are allowed.
+	 */
+
+	if (*cons != '/') {
+		char *pbuf;
+		strcpy (buf, cons);
+		pbuf = &buf[0];
+		while ((s = strtok (pbuf, ":")) != NULL) {
+			if (strcmp (s, tty) == 0) {
+				return true;
+			}
+
+			pbuf = NULL;
+		}
+		return false;
+	}
+
+	/*
+	 * If we can't open the console list, then call everything a
+	 * console - otherwise root will never be allowed to login.
+	 */
+
+	fp = fopen (cons, "r");
+	if (NULL == fp) {
+		return def;
+	}
+
+	/*
+	 * See if this tty is listed in the console file.
+	 */
+
+	while (fgets (buf, (int) sizeof (buf), fp) != NULL) {
+		buf[strlen (buf) - 1] = '\0';
+		if (strcmp (buf, tty) == 0) {
+			(void) fclose (fp);
+			return true;
+		}
+	}
+
+	/*
+	 * This tty isn't a console.
+	 */
+
+	(void) fclose (fp);
+	return false;
+}
+
+/*
+ * console - return 1 if the "tty" is a console device, else 0.
+ *
+ * Note - we need to take extreme care here to avoid locking out root logins
+ * if something goes awry.  That's why we do things like call everything a
+ * console if the consoles file can't be opened.  Because of this, we must
+ * warn the user to protect against the remove of the consoles file since
+ * that would allow an unauthorized root login.
+ */
+
+bool console (const char *tty)
+{
+	if (strncmp (tty, "/dev/", 5) == 0) {
+		tty += 5;
+	}
+
+	return is_listed ("CONSOLE", tty, true);
+}
+
diff --git a/libmisc/copydir.c b/libmisc/copydir.c
new file mode 100644
index 0000000..e6aac6e
--- /dev/null
+++ b/libmisc/copydir.c
@@ -0,0 +1,839 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2001, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <assert.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/time.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include "prototypes.h"
+#include "defines.h"
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#endif				/* WITH_SELINUX */
+#if defined(WITH_ACL) || defined(WITH_ATTR)
+#include <stdarg.h>
+#include <attr/error_context.h>
+#endif				/* WITH_ACL || WITH_ATTR */
+#ifdef WITH_ACL
+#include <acl/libacl.h>
+#endif				/* WITH_ACL */
+#ifdef WITH_ATTR
+#include <attr/libattr.h>
+#endif				/* WITH_ATTR */
+
+
+static /*@null@*/const char *src_orig;
+static /*@null@*/const char *dst_orig;
+
+struct link_name {
+	dev_t ln_dev;
+	ino_t ln_ino;
+	nlink_t ln_count;
+	char *ln_name;
+	/*@dependent@*/struct link_name *ln_next;
+};
+static /*@exposed@*/struct link_name *links;
+
+static int copy_entry (const char *src, const char *dst,
+                       bool reset_selinux,
+                       uid_t old_uid, uid_t new_uid,
+                       gid_t old_gid, gid_t new_gid);
+static int copy_dir (const char *src, const char *dst,
+                     bool reset_selinux,
+                     const struct stat *statp, const struct timeval mt[],
+                     uid_t old_uid, uid_t new_uid,
+                     gid_t old_gid, gid_t new_gid);
+#ifdef	S_IFLNK
+static /*@null@*/char *readlink_malloc (const char *filename);
+static int copy_symlink (const char *src, const char *dst,
+                         unused bool reset_selinux,
+                         const struct stat *statp, const struct timeval mt[],
+                         uid_t old_uid, uid_t new_uid,
+                         gid_t old_gid, gid_t new_gid);
+#endif				/* S_IFLNK */
+static int copy_hardlink (const char *dst,
+                          unused bool reset_selinux,
+                          struct link_name *lp);
+static int copy_special (const char *src, const char *dst,
+                         bool reset_selinux,
+                         const struct stat *statp, const struct timeval mt[],
+                         uid_t old_uid, uid_t new_uid,
+                         gid_t old_gid, gid_t new_gid);
+static int copy_file (const char *src, const char *dst,
+                      bool reset_selinux,
+                      const struct stat *statp, const struct timeval mt[],
+                      uid_t old_uid, uid_t new_uid,
+                      gid_t old_gid, gid_t new_gid);
+static int chown_if_needed (const char *dst, const struct stat *statp,
+                            uid_t old_uid, uid_t new_uid,
+                            gid_t old_gid, gid_t new_gid);
+static int lchown_if_needed (const char *dst, const struct stat *statp,
+                             uid_t old_uid, uid_t new_uid,
+                             gid_t old_gid, gid_t new_gid);
+static int fchown_if_needed (int fdst, const struct stat *statp,
+                             uid_t old_uid, uid_t new_uid,
+                             gid_t old_gid, gid_t new_gid);
+
+#if defined(WITH_ACL) || defined(WITH_ATTR)
+/*
+ * error_acl - format the error messages for the ACL and EQ libraries.
+ */
+static void error_acl (struct error_context *ctx, const char *fmt, ...)
+{
+	va_list ap;
+
+	/* ignore the case when destination does not support ACLs 
+	 * or extended attributes */
+	if (ENOTSUP == errno) {
+		errno = 0;
+		return;
+	}
+
+	va_start (ap, fmt);
+	(void) fprintf (stderr, _("%s: "), Prog);
+	if (vfprintf (stderr, fmt, ap) != 0) {
+		(void) fputs (_(": "), stderr);
+	}
+	(void) fprintf (stderr, "%s\n", strerror (errno));
+	va_end (ap);
+}
+
+static struct error_context ctx = {
+	error_acl
+};
+#endif				/* WITH_ACL || WITH_ATTR */
+
+/*
+ * remove_link - delete a link from the linked list
+ */
+static void remove_link (/*@only@*/struct link_name *ln)
+{
+	struct link_name *lp;
+
+	if (links == ln) {
+		links = ln->ln_next;
+		free (ln->ln_name);
+		free (ln);
+		return;
+	}
+	for (lp = links; NULL !=lp; lp = lp->ln_next) {
+		if (lp->ln_next == ln) {
+			break;
+		}
+	}
+
+	if (NULL == lp) {
+		free (ln->ln_name);
+		free (ln);
+		return;
+	}
+
+	lp->ln_next = lp->ln_next->ln_next;
+	free (ln->ln_name);
+	free (ln);
+}
+
+/*
+ * check_link - see if a file is really a link
+ */
+
+static /*@exposed@*/ /*@null@*/struct link_name *check_link (const char *name, const struct stat *sb)
+{
+	struct link_name *lp;
+	size_t src_len;
+	size_t dst_len;
+	size_t name_len;
+	size_t len;
+
+	/* copy_tree () must be the entry point */
+	assert (NULL != src_orig);
+	assert (NULL != dst_orig);
+
+	for (lp = links; NULL != lp; lp = lp->ln_next) {
+		if ((lp->ln_dev == sb->st_dev) && (lp->ln_ino == sb->st_ino)) {
+			return lp;
+		}
+	}
+
+	if (sb->st_nlink == 1) {
+		return NULL;
+	}
+
+	lp = (struct link_name *) xmalloc (sizeof *lp);
+	src_len = strlen (src_orig);
+	dst_len = strlen (dst_orig);
+	name_len = strlen (name);
+	lp->ln_dev = sb->st_dev;
+	lp->ln_ino = sb->st_ino;
+	lp->ln_count = sb->st_nlink;
+	len = name_len - src_len + dst_len + 1;
+	lp->ln_name = (char *) xmalloc (len);
+	(void) snprintf (lp->ln_name, len, "%s%s", dst_orig, name + src_len);
+	lp->ln_next = links;
+	links = lp;
+
+	return NULL;
+}
+
+/*
+ * copy_tree - copy files in a directory tree
+ *
+ *	copy_tree() walks a directory tree and copies ordinary files
+ *	as it goes.
+ *
+ *	When reset_selinux is enabled, extended attributes (and thus
+ *	SELinux attributes) are not copied.
+ *
+ *	old_uid and new_uid are used to set the ownership of the copied
+ *	files. Unless old_uid is set to -1, only the files owned by
+ *	old_uid have their ownership changed to new_uid. In addition, if
+ *	new_uid is set to -1, no ownership will be changed.
+ *
+ *	The same logic applies for the group-ownership and
+ *	old_gid/new_gid.
+ */
+int copy_tree (const char *src_root, const char *dst_root,
+               bool copy_root, bool reset_selinux,
+               uid_t old_uid, uid_t new_uid,
+               gid_t old_gid, gid_t new_gid)
+{
+	int err = 0;
+	bool set_orig = false;
+	struct DIRECT *ent;
+	DIR *dir;
+
+	if (copy_root) {
+		struct stat sb;
+		if (access (dst_root, F_OK) == 0) {
+			return -1;
+		}
+
+		if (LSTAT (src_root, &sb) == -1) {
+			return -1;
+		}
+
+		if (!S_ISDIR (sb.st_mode)) {
+			fprintf (stderr,
+			         "%s: %s is not a directory",
+			         Prog, src_root);
+			return -1;
+		}
+
+		return copy_entry (src_root, dst_root, reset_selinux,
+		                   old_uid, new_uid, old_gid, new_gid);
+	}
+
+	/*
+	 * Make certain both directories exist.  This routine is called
+	 * after the home directory is created, or recursively after the
+	 * target is created.  It assumes the target directory exists.
+	 */
+
+	if (   (access (src_root, F_OK) != 0)
+	    || (access (dst_root, F_OK) != 0)) {
+		return -1;
+	}
+
+	/*
+	 * Open the source directory and read each entry.  Every file
+	 * entry in the directory is copied with the UID and GID set
+	 * to the provided values.  As an added security feature only
+	 * regular files (and directories ...) are copied, and no file
+	 * is made set-ID.
+	 */
+	dir = opendir (src_root);
+	if (NULL == dir) {
+		return -1;
+	}
+
+	if (src_orig == NULL) {
+		src_orig = src_root;
+		dst_orig = dst_root;
+		set_orig = true;
+	}
+	while ((0 == err) && (ent = readdir (dir)) != NULL) {
+		/*
+		 * Skip the "." and ".." entries
+		 */
+		if ((strcmp (ent->d_name, ".") != 0) &&
+		    (strcmp (ent->d_name, "..") != 0)) {
+			char *src_name;
+			char *dst_name;
+			size_t src_len = strlen (ent->d_name) + 2;
+			size_t dst_len = strlen (ent->d_name) + 2;
+			src_len += strlen (src_root);
+			dst_len += strlen (dst_root);
+
+			src_name = (char *) malloc (src_len);
+			dst_name = (char *) malloc (dst_len);
+
+			if ((NULL == src_name) || (NULL == dst_name)) {
+				err = -1;
+			} else {
+				/*
+				 * Build the filename for both the source and
+				 * the destination files.
+				 */
+				(void) snprintf (src_name, src_len, "%s/%s",
+				                 src_root, ent->d_name);
+				(void) snprintf (dst_name, dst_len, "%s/%s",
+				                 dst_root, ent->d_name);
+
+				err = copy_entry (src_name, dst_name,
+				                  reset_selinux,
+				                  old_uid, new_uid,
+				                  old_gid, new_gid);
+			}
+			if (NULL != src_name) {
+				free (src_name);
+			}
+			if (NULL != dst_name) {
+				free (dst_name);
+			}
+		}
+	}
+	(void) closedir (dir);
+
+	if (set_orig) {
+		src_orig = NULL;
+		dst_orig = NULL;
+		/* FIXME: clean links
+		 * Since there can be hardlinks elsewhere on the device,
+		 * we cannot check that all the hardlinks were found:
+		assert (NULL == links);
+		 */
+	}
+
+#ifdef WITH_SELINUX
+	/* Reset SELinux to create files with default contexts.
+	 * Note that the context is only reset on exit of copy_tree (it is
+	 * assumed that the program would quit without needing a restored
+	 * context if copy_tree failed previously), and that copy_tree can
+	 * be called recursively (hence the context is set on the
+	 * sub-functions of copy_entry).
+	 */
+	if (reset_selinux_file_context () != 0) {
+		err = -1;
+	}
+#endif				/* WITH_SELINUX */
+
+	return err;
+}
+
+/*
+ * copy_entry - copy the entry of a directory
+ *
+ *	Copy the entry src to dst.
+ *	Depending on the type of entry, this function will forward the
+ *	request to copy_dir(), copy_symlink(), copy_hardlink(),
+ *	copy_special(), or copy_file().
+ *
+ *	The access and modification time will not be modified.
+ *
+ *	The permissions will be set to new_uid/new_gid.
+ *
+ *	If new_uid (resp. new_gid) is equal to -1, the user (resp. group) will
+ *	not be modified.
+ *
+ *	Only the files owned (resp. group-owned) by old_uid (resp.
+ *	old_gid) will be modified, unless old_uid (resp. old_gid) is set
+ *	to -1.
+ */
+static int copy_entry (const char *src, const char *dst,
+                       bool reset_selinux,
+                       uid_t old_uid, uid_t new_uid,
+                       gid_t old_gid, gid_t new_gid)
+{
+	int err = 0;
+	struct stat sb;
+	struct link_name *lp;
+	struct timeval mt[2];
+
+	if (LSTAT (src, &sb) == -1) {
+		/* If we cannot stat the file, do not care. */
+	} else {
+#ifdef HAVE_STRUCT_STAT_ST_ATIM
+		mt[0].tv_sec  = sb.st_atim.tv_sec;
+		mt[0].tv_usec = sb.st_atim.tv_nsec / 1000;
+#else				/* !HAVE_STRUCT_STAT_ST_ATIM */
+		mt[0].tv_sec  = sb.st_atime;
+# ifdef HAVE_STRUCT_STAT_ST_ATIMENSEC
+		mt[0].tv_usec = sb.st_atimensec / 1000;
+# else				/* !HAVE_STRUCT_STAT_ST_ATIMENSEC */
+		mt[0].tv_usec = 0;
+# endif				/* !HAVE_STRUCT_STAT_ST_ATIMENSEC */
+#endif				/* !HAVE_STRUCT_STAT_ST_ATIM */
+
+#ifdef HAVE_STRUCT_STAT_ST_MTIM
+		mt[1].tv_sec  = sb.st_mtim.tv_sec;
+		mt[1].tv_usec = sb.st_mtim.tv_nsec / 1000;
+#else				/* !HAVE_STRUCT_STAT_ST_MTIM */
+		mt[1].tv_sec  = sb.st_mtime;
+# ifdef HAVE_STRUCT_STAT_ST_MTIMENSEC
+		mt[1].tv_usec = sb.st_mtimensec / 1000;
+# else				/* !HAVE_STRUCT_STAT_ST_MTIMENSEC */
+		mt[1].tv_usec = 0;
+# endif				/* !HAVE_STRUCT_STAT_ST_MTIMENSEC */
+#endif				/* !HAVE_STRUCT_STAT_ST_MTIM */
+
+		if (S_ISDIR (sb.st_mode)) {
+			err = copy_dir (src, dst, reset_selinux, &sb, mt,
+			                old_uid, new_uid, old_gid, new_gid);
+		}
+
+#ifdef	S_IFLNK
+		/*
+		 * Copy any symbolic links
+		 */
+
+		else if (S_ISLNK (sb.st_mode)) {
+			err = copy_symlink (src, dst, reset_selinux, &sb, mt,
+			                    old_uid, new_uid, old_gid, new_gid);
+		}
+#endif				/* S_IFLNK */
+
+		/*
+		 * See if this is a previously copied link
+		 */
+
+		else if ((lp = check_link (src, &sb)) != NULL) {
+			err = copy_hardlink (dst, reset_selinux, lp);
+		}
+
+		/*
+		 * Deal with FIFOs and special files.  The user really
+		 * shouldn't have any of these, but it seems like it
+		 * would be nice to copy everything ...
+		 */
+
+		else if (!S_ISREG (sb.st_mode)) {
+			err = copy_special (src, dst, reset_selinux, &sb, mt,
+			                    old_uid, new_uid, old_gid, new_gid);
+		}
+
+		/*
+		 * Create the new file and copy the contents.  The new
+		 * file will be owned by the provided UID and GID values.
+		 */
+
+		else {
+			err = copy_file (src, dst, reset_selinux, &sb, mt,
+			                 old_uid, new_uid, old_gid, new_gid);
+		}
+	}
+
+	return err;
+}
+
+/*
+ * copy_dir - copy a directory
+ *
+ *	Copy a directory (recursively) from src to dst.
+ *
+ *	statp, mt, old_uid, new_uid, old_gid, and new_gid are used to set
+ *	the access and modification and the access rights.
+ *
+ *	Return 0 on success, -1 on error.
+ */
+static int copy_dir (const char *src, const char *dst,
+                     bool reset_selinux,
+                     const struct stat *statp, const struct timeval mt[],
+                     uid_t old_uid, uid_t new_uid,
+                     gid_t old_gid, gid_t new_gid)
+{
+	int err = 0;
+
+	/*
+	 * Create a new target directory, make it owned by
+	 * the user and then recursively copy that directory.
+	 */
+
+#ifdef WITH_SELINUX
+	if (set_selinux_file_context (dst) != 0) {
+		return -1;
+	}
+#endif				/* WITH_SELINUX */
+	if (   (mkdir (dst, statp->st_mode) != 0)
+	    || (chown_if_needed (dst, statp,
+	                         old_uid, new_uid, old_gid, new_gid) != 0)
+#ifdef WITH_ACL
+	    || (   (perm_copy_file (src, dst, &ctx) != 0)
+	        && (errno != 0))
+#else				/* !WITH_ACL */
+	    || (chmod (dst, statp->st_mode) != 0)
+#endif				/* !WITH_ACL */
+#ifdef WITH_ATTR
+	/*
+	 * If the third parameter is NULL, all extended attributes
+	 * except those that define Access Control Lists are copied.
+	 * ACLs are excluded by default because copying them between
+	 * file systems with and without ACL support needs some
+	 * additional logic so that no unexpected permissions result.
+	 */
+	    || (   !reset_selinux
+	        && (attr_copy_file (src, dst, NULL, &ctx) != 0)
+	        && (errno != 0))
+#endif				/* WITH_ATTR */
+	    || (copy_tree (src, dst, false, reset_selinux,
+	                   old_uid, new_uid, old_gid, new_gid) != 0)
+	    || (utimes (dst, mt) != 0)) {
+		err = -1;
+	}
+
+	return err;
+}
+
+#ifdef	S_IFLNK
+/*
+ * readlink_malloc - wrapper for readlink
+ *
+ * return NULL on error.
+ * The return string shall be freed by the caller.
+ */
+static /*@null@*/char *readlink_malloc (const char *filename)
+{
+	size_t size = 1024;
+
+	while (true) {
+		ssize_t nchars;
+		char *buffer = (char *) malloc (size);
+		if (NULL == buffer) {
+			return NULL;
+		}
+
+		nchars = readlink (filename, buffer, size);
+
+		if (nchars < 0) {
+			free(buffer);
+			return NULL;
+		}
+
+		if ((size_t) nchars < size) { /* The buffer was large enough */
+			/* readlink does not nul-terminate */
+			buffer[nchars] = '\0';
+			return buffer;
+		}
+
+		/* Try again with a bigger buffer */
+		free (buffer);
+		size *= 2;
+	}
+}
+
+/*
+ * copy_symlink - copy a symlink
+ *
+ *	Copy a symlink from src to dst.
+ *
+ *	statp, mt, old_uid, new_uid, old_gid, and new_gid are used to set
+ *	the access and modification and the access rights.
+ *
+ *	Return 0 on success, -1 on error.
+ */
+static int copy_symlink (const char *src, const char *dst,
+                         unused bool reset_selinux,
+                         const struct stat *statp, const struct timeval mt[],
+                         uid_t old_uid, uid_t new_uid,
+                         gid_t old_gid, gid_t new_gid)
+{
+	char *oldlink;
+
+	/* copy_tree () must be the entry point */
+	assert (NULL != src_orig);
+	assert (NULL != dst_orig);
+
+	/*
+	 * Get the name of the file which the link points
+	 * to.  If that name begins with the original
+	 * source directory name, that part of the link
+	 * name will be replaced with the original
+	 * destination directory name.
+	 */
+
+	oldlink = readlink_malloc (src);
+	if (NULL == oldlink) {
+		return -1;
+	}
+
+	/* If src was a link to an entry of the src_orig directory itself,
+	 * create a link to the corresponding entry in the dst_orig
+	 * directory.
+	 */
+	if (strncmp (oldlink, src_orig, strlen (src_orig)) == 0) {
+		size_t len = strlen (dst_orig) + strlen (oldlink) - strlen (src_orig) + 1;
+		char *dummy = (char *) xmalloc (len);
+		(void) snprintf (dummy, len, "%s%s",
+		                 dst_orig,
+		                 oldlink + strlen (src_orig));
+		free (oldlink);
+		oldlink = dummy;
+	}
+
+#ifdef WITH_SELINUX
+	if (set_selinux_file_context (dst) != 0) {
+		free (oldlink);
+		return -1;
+	}
+#endif				/* WITH_SELINUX */
+	if (   (symlink (oldlink, dst) != 0)
+	    || (lchown_if_needed (dst, statp,
+	                          old_uid, new_uid, old_gid, new_gid) != 0)) {
+		/* FIXME: there are no modes on symlinks, right?
+		 *        ACL could be copied, but this would be much more
+		 *        complex than calling perm_copy_file.
+		 *        Ditto for Extended Attributes.
+		 *        We currently only document that ACL and Extended
+		 *        Attributes are not copied.
+		 */
+		free (oldlink);
+		return -1;
+	}
+	free (oldlink);
+
+#ifdef HAVE_LUTIMES
+	/* 2007-10-18: We don't care about
+	 *  exit status of lutimes because
+	 *  it returns ENOSYS on many system
+	 *  - not implemented
+	 */
+	(void) lutimes (dst, mt);
+#endif				/* HAVE_LUTIMES */
+
+	return 0;
+}
+#endif				/* S_IFLNK */
+
+/*
+ * copy_hardlink - copy a hardlink
+ *
+ *	Copy a hardlink from src to dst.
+ *
+ *	Return 0 on success, -1 on error.
+ */
+static int copy_hardlink (const char *dst,
+                          unused bool reset_selinux,
+                          struct link_name *lp)
+{
+	/* FIXME: selinux, ACL, Extended Attributes needed? */
+
+	if (link (lp->ln_name, dst) != 0) {
+		return -1;
+	}
+
+	/* If the file could be unlinked, decrement the links counter,
+	 * and forget about this link if it was the last reference */
+	lp->ln_count--;
+	if (lp->ln_count <= 0) {
+		remove_link (lp);
+	}
+
+	return 0;
+}
+
+/*
+ * copy_special - copy a special file
+ *
+ *	Copy a special file from src to dst.
+ *
+ *	statp, mt, old_uid, new_uid, old_gid, and new_gid are used to set
+ *	the access and modification and the access rights.
+ *
+ *	Return 0 on success, -1 on error.
+ */
+static int copy_special (const char *src, const char *dst,
+                         bool reset_selinux,
+                         const struct stat *statp, const struct timeval mt[],
+                         uid_t old_uid, uid_t new_uid,
+                         gid_t old_gid, gid_t new_gid)
+{
+	int err = 0;
+
+#ifdef WITH_SELINUX
+	if (set_selinux_file_context (dst) != 0) {
+		return -1;
+	}
+#endif				/* WITH_SELINUX */
+
+	if (   (mknod (dst, statp->st_mode & ~07777, statp->st_rdev) != 0)
+	    || (chown_if_needed (dst, statp,
+	                         old_uid, new_uid, old_gid, new_gid) != 0)
+#ifdef WITH_ACL
+	    || (   (perm_copy_file (src, dst, &ctx) != 0)
+	        && (errno != 0))
+#else				/* !WITH_ACL */
+	    || (chmod (dst, statp->st_mode & 07777) != 0)
+#endif				/* !WITH_ACL */
+#ifdef WITH_ATTR
+	/*
+	 * If the third parameter is NULL, all extended attributes
+	 * except those that define Access Control Lists are copied.
+	 * ACLs are excluded by default because copying them between
+	 * file systems with and without ACL support needs some
+	 * additional logic so that no unexpected permissions result.
+	 */
+	    || (   !reset_selinux
+	        && (attr_copy_file (src, dst, NULL, &ctx) != 0)
+	        && (errno != 0))
+#endif				/* WITH_ATTR */
+	    || (utimes (dst, mt) != 0)) {
+		err = -1;
+	}
+
+	return err;
+}
+
+/*
+ * copy_file - copy a file
+ *
+ *	Copy a file from src to dst.
+ *
+ *	statp, mt, old_uid, new_uid, old_gid, and new_gid are used to set
+ *	the access and modification and the access rights.
+ *
+ *	Return 0 on success, -1 on error.
+ */
+static int copy_file (const char *src, const char *dst,
+                      bool reset_selinux,
+                      const struct stat *statp, const struct timeval mt[],
+                      uid_t old_uid, uid_t new_uid,
+                      gid_t old_gid, gid_t new_gid)
+{
+	int err = 0;
+	int ifd;
+	int ofd;
+	char buf[1024];
+	ssize_t cnt;
+
+	ifd = open (src, O_RDONLY);
+	if (ifd < 0) {
+		return -1;
+	}
+#ifdef WITH_SELINUX
+	if (set_selinux_file_context (dst) != 0) {
+		return -1;
+	}
+#endif				/* WITH_SELINUX */
+	ofd = open (dst, O_WRONLY | O_CREAT | O_TRUNC, statp->st_mode & 07777);
+	if (   (ofd < 0)
+	    || (fchown_if_needed (ofd, statp,
+	                          old_uid, new_uid, old_gid, new_gid) != 0)
+#ifdef WITH_ACL
+	    || (   (perm_copy_fd (src, ifd, dst, ofd, &ctx) != 0)
+	        && (errno != 0))
+#else				/* !WITH_ACL */
+	    || (fchmod (ofd, statp->st_mode & 07777) != 0)
+#endif				/* !WITH_ACL */
+#ifdef WITH_ATTR
+	/*
+	 * If the third parameter is NULL, all extended attributes
+	 * except those that define Access Control Lists are copied.
+	 * ACLs are excluded by default because copying them between
+	 * file systems with and without ACL support needs some
+	 * additional logic so that no unexpected permissions result.
+	 */
+	    || (   !reset_selinux
+	        && (attr_copy_fd (src, ifd, dst, ofd, NULL, &ctx) != 0)
+	        && (errno != 0))
+#endif				/* WITH_ATTR */
+	   ) {
+		(void) close (ifd);
+		return -1;
+	}
+
+	while ((cnt = read (ifd, buf, sizeof buf)) > 0) {
+		if (write (ofd, buf, (size_t)cnt) != cnt) {
+			(void) close (ifd);
+			return -1;
+		}
+	}
+
+	(void) close (ifd);
+
+#ifdef HAVE_FUTIMES
+	if (futimes (ofd, mt) != 0) {
+		return -1;
+	}
+#endif				/* HAVE_FUTIMES */
+
+	if (close (ofd) != 0) {
+		return -1;
+	}
+
+#ifndef HAVE_FUTIMES
+	if (utimes(dst, mt) != 0) {
+		return -1;
+	}
+#endif				/* !HAVE_FUTIMES */
+
+	return err;
+}
+
+#define def_chown_if_needed(chown_function, type_dst)                  \
+static int chown_function ## _if_needed (type_dst dst,                 \
+                                         const struct stat *statp,     \
+                                         uid_t old_uid, uid_t new_uid, \
+                                         gid_t old_gid, gid_t new_gid) \
+{                                                                      \
+	uid_t tmpuid = (uid_t) -1;                                     \
+	gid_t tmpgid = (gid_t) -1;                                     \
+                                                                       \
+	/* Use new_uid if old_uid is set to -1 or if the file was      \
+	 * owned by the user. */                                       \
+	if (((uid_t) -1 == old_uid) || (statp->st_uid == old_uid)) {   \
+		tmpuid = new_uid;                                      \
+	}                                                              \
+	/* Otherwise, or if new_uid was set to -1, we keep the same    \
+	 * owner. */                                                   \
+	if ((uid_t) -1 == tmpuid) {                                    \
+		tmpuid = statp->st_uid;                                \
+	}                                                              \
+                                                                       \
+	if (((gid_t) -1 == old_gid) || (statp->st_gid == old_gid)) {   \
+		tmpgid = new_gid;                                      \
+	}                                                              \
+	if ((gid_t) -1 == tmpgid) {                                    \
+		tmpgid = statp->st_gid;                                \
+	}                                                              \
+                                                                       \
+	return chown_function (dst, tmpuid, tmpgid);                   \
+}
+
+def_chown_if_needed (chown, const char *)
+def_chown_if_needed (lchown, const char *)
+def_chown_if_needed (fchown, int)
+
diff --git a/libmisc/entry.c b/libmisc/entry.c
new file mode 100644
index 0000000..f195fdf
--- /dev/null
+++ b/libmisc/entry.c
@@ -0,0 +1,68 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <stdio.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+
+void pw_entry (const char *name, struct passwd *pwent)
+{
+	struct passwd *passwd;
+
+	struct spwd *spwd;
+
+	if (!(passwd = getpwnam (name))) { /* local, no need for xgetpwnam */
+		pwent->pw_name = (char *) 0;
+		return;
+	} else {
+		pwent->pw_name = xstrdup (passwd->pw_name);
+		pwent->pw_uid = passwd->pw_uid;
+		pwent->pw_gid = passwd->pw_gid;
+		pwent->pw_gecos = xstrdup (passwd->pw_gecos);
+		pwent->pw_dir = xstrdup (passwd->pw_dir);
+		pwent->pw_shell = xstrdup (passwd->pw_shell);
+#if !defined(AUTOSHADOW)
+		/* local, no need for xgetspnam */
+		if ((spwd = getspnam (name))) {
+			pwent->pw_passwd = xstrdup (spwd->sp_pwdp);
+			return;
+		}
+#endif
+		pwent->pw_passwd = xstrdup (passwd->pw_passwd);
+	}
+}
diff --git a/libmisc/env.c b/libmisc/env.c
new file mode 100644
index 0000000..0b7c148
--- /dev/null
+++ b/libmisc/env.c
@@ -0,0 +1,275 @@
+/*
+ * Copyright (c) 1989 - 1992, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <assert.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "prototypes.h"
+#include "defines.h"
+/*
+ * NEWENVP_STEP must be a power of two.  This is the number
+ * of (char *) pointers to allocate at a time, to avoid using
+ * realloc() too often.
+ */
+#define NEWENVP_STEP 16
+size_t newenvc = 0;
+/*@null@*/char **newenvp = NULL;
+extern char **environ;
+
+static const char *forbid[] = {
+	"_RLD_=",
+	"BASH_ENV=",		/* GNU creeping featurism strikes again... */
+	"ENV=",
+	"HOME=",
+	"IFS=",
+	"KRB_CONF=",
+	"LD_",			/* anything with the LD_ prefix */
+	"LIBPATH=",
+	"MAIL=",
+	"NLSPATH=",
+	"PATH=",
+	"SHELL=",
+	"SHLIB_PATH=",
+	(char *) 0
+};
+
+/* these are allowed, but with no slashes inside
+   (to work around security problems in GNU gettext) */
+static const char *noslash[] = {
+	"LANG=",
+	"LANGUAGE=",
+	"LC_",			/* anything with the LC_ prefix */
+	(char *) 0
+};
+
+/*
+ * initenv() must be called once before using addenv().
+ */
+void initenv (void)
+{
+	newenvp = (char **) xmalloc (NEWENVP_STEP * sizeof (char *));
+	*newenvp = NULL;
+}
+
+
+void addenv (const char *string, /*@null@*/const char *value)
+{
+	char *cp, *newstring;
+	size_t i;
+	size_t n;
+
+	if (NULL != value) {
+		size_t len = strlen (string) + strlen (value) + 2;
+		int wlen;
+		newstring = xmalloc (len);
+		wlen = snprintf (newstring, len, "%s=%s", string, value);
+		assert (wlen == (int) len -1);
+	} else {
+		newstring = xstrdup (string);
+	}
+
+	/*
+	 * Search for a '=' character within the string and if none is found
+	 * just ignore the whole string.
+	 */
+
+	cp = strchr (newstring, '=');
+	if (NULL == cp) {
+		free (newstring);
+		return;
+	}
+
+	n = (size_t) (cp - newstring);
+
+	/*
+	 * If this environment variable is already set, change its value.
+	 */
+	for (i = 0; i < newenvc; i++) {
+		if (   (strncmp (newstring, newenvp[i], n) == 0)
+		    && (('=' == newenvp[i][n]) || ('\0' == newenvp[i][n]))) {
+			break;
+		}
+	}
+
+	if (i < newenvc) {
+		free (newenvp[i]);
+		newenvp[i] = newstring;
+		return;
+	}
+
+	/*
+	 * Otherwise, save the new environment variable
+	 */
+	newenvp[newenvc++] = newstring;
+
+	/*
+	 * And extend the environment if needed.
+	 */
+
+	/*
+	 * Check whether newenvc is a multiple of NEWENVP_STEP.
+	 * If so we have to resize the vector.
+	 * the expression (newenvc & (NEWENVP_STEP - 1)) == 0
+	 * is equal to    (newenvc %  NEWENVP_STEP) == 0
+	 * as long as NEWENVP_STEP is a power of 2.
+	 */
+
+	if ((newenvc & (NEWENVP_STEP - 1)) == 0) {
+		char **__newenvp;
+		size_t newsize;
+
+		/*
+		 * If the resize operation succeeds we can
+		 * happily go on, else print a message.
+		 */
+
+		newsize = (newenvc + NEWENVP_STEP) * sizeof (char *);
+		__newenvp = (char **) realloc (newenvp, newsize);
+
+		if (NULL != __newenvp) {
+			/*
+			 * If this is our current environment, update
+			 * environ so that it doesn't point to some
+			 * free memory area (realloc() could move it).
+			 */
+			if (environ == newenvp) {
+				environ = __newenvp;
+			}
+			newenvp = __newenvp;
+		} else {
+			(void) fputs (_("Environment overflow\n"), stderr);
+			newenvc--;
+			free (newenvp[newenvc]);
+		}
+	}
+
+	/*
+	 * The last entry of newenvp must be NULL
+	 */
+
+	newenvp[newenvc] = NULL;
+}
+
+
+/*
+ * set_env - copy command line arguments into the environment
+ */
+void set_env (int argc, char *const *argv)
+{
+	int noname = 1;
+	char variable[1024];
+	char *cp;
+
+	for (; argc > 0; argc--, argv++) {
+		if (strlen (*argv) >= sizeof variable) {
+			continue;	/* ignore long entries */
+		}
+
+		cp = strchr (*argv, '=');
+		if (NULL == cp) {
+			int wlen;
+			wlen = snprintf (variable, sizeof variable, "L%d", noname);
+			assert (wlen < (int) sizeof(variable));
+			noname++;
+			addenv (variable, *argv);
+		} else {
+			const char **p;
+
+			for (p = forbid; NULL != *p; p++) {
+				if (strncmp (*argv, *p, strlen (*p)) == 0) {
+					break;
+				}
+			}
+
+			if (NULL != *p) {
+				strncpy (variable, *argv, (size_t)(cp - *argv));
+				variable[cp - *argv] = '\0';
+				printf (_("You may not change $%s\n"),
+					variable);
+				continue;
+			}
+
+			addenv (*argv, NULL);
+		}
+	}
+}
+
+/*
+ * sanitize_env - remove some nasty environment variables
+ * If you fall into a total paranoia, you should call this
+ * function for any root-setuid program or anything the user
+ * might change the environment with. 99% useless as almost
+ * all modern Unixes will handle setuid executables properly,
+ * but... I feel better with that silly precaution. -j.
+ */
+
+void sanitize_env (void)
+{
+	char **envp = environ;
+	const char **bad;
+	char **cur;
+	char **move;
+
+	for (cur = envp; NULL != *cur; cur++) {
+		for (bad = forbid; NULL != *bad; bad++) {
+			if (strncmp (*cur, *bad, strlen (*bad)) == 0) {
+				for (move = cur; NULL != *move; move++) {
+					*move = *(move + 1);
+				}
+				cur--;
+				break;
+			}
+		}
+	}
+
+	for (cur = envp; NULL != *cur; cur++) {
+		for (bad = noslash; NULL != *bad; bad++) {
+			if (strncmp (*cur, *bad, strlen (*bad)) != 0) {
+				continue;
+			}
+			if (strchr (*cur, '/') == NULL) {
+				continue;	/* OK */
+			}
+			for (move = cur; NULL != *move; move++) {
+				*move = *(move + 1);
+			}
+			cur--;
+			break;
+		}
+	}
+}
+
diff --git a/libmisc/failure.c b/libmisc/failure.c
new file mode 100644
index 0000000..f6390a7
--- /dev/null
+++ b/libmisc/failure.c
@@ -0,0 +1,343 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <stdio.h>
+#include <unistd.h>
+#include "defines.h"
+#include "faillog.h"
+#include "getdef.h"
+#include "failure.h"
+#define	YEAR	(365L*DAY)
+/*
+ * failure - make failure entry
+ *
+ *	failure() creates a new (struct faillog) entry or updates an
+ *	existing one with the current failed login information.
+ */
+void failure (uid_t uid, const char *tty, struct faillog *fl)
+{
+	int fd;
+	off_t offset_uid = (off_t) (sizeof *fl) * uid;
+
+	/*
+	 * Don't do anything if failure logging isn't set up.
+	 */
+
+	if (access (FAILLOG_FILE, F_OK) != 0) {
+		return;
+	}
+
+	fd = open (FAILLOG_FILE, O_RDWR);
+	if (fd < 0) {
+		SYSLOG ((LOG_WARN,
+		         "Can't write faillog entry for UID %lu in %s.",
+		         (unsigned long) uid, FAILLOG_FILE));
+		return;
+	}
+
+	/*
+	 * The file is indexed by UID value meaning that shared UID's
+	 * share failure log records.  That's OK since they really
+	 * share just about everything else ...
+	 */
+
+	if (   (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
+	    || (read (fd, (char *) fl, sizeof *fl) != (ssize_t) sizeof *fl)) {
+		/* This is not necessarily a failure. The file is
+		 * initially zero length.
+		 *
+		 * If lseek() or read() failed for any other reason, this
+		 * might reset the counter. But the new failure will be
+		 * logged.
+		 */
+		memzero (fl, sizeof *fl);
+	}
+
+	/*
+	 * Update the record.  We increment the failure count to log the
+	 * latest failure.  The only concern here is overflow, and we'll
+	 * check for that.  The line name and time of day are both
+	 * updated as well.
+	 */
+
+	if (fl->fail_cnt + 1 > 0) {
+		fl->fail_cnt++;
+	}
+
+	strncpy (fl->fail_line, tty, sizeof fl->fail_line);
+	(void) time (&fl->fail_time);
+
+	/*
+	 * Seek back to the correct position in the file and write the
+	 * record out.  Ideally we should lock the file in case the same
+	 * account is being logged simultaneously.  But the risk doesn't
+	 * seem that great.
+	 */
+
+	if (   (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
+	    || (write (fd, (char *) fl, sizeof *fl) != (ssize_t) sizeof *fl)
+	    || (close (fd) != 0)) {
+		SYSLOG ((LOG_WARN,
+		         "Can't write faillog entry for UID %lu in %s.",
+		         (unsigned long) uid, FAILLOG_FILE));
+		(void) close (fd);
+	}
+}
+
+static bool too_many_failures (const struct faillog *fl)
+{
+	time_t now;
+
+	if ((0 == fl->fail_max) || (fl->fail_cnt < fl->fail_max)) {
+		return false;
+	}
+
+	if (0 == fl->fail_locktime) {
+		return true;	/* locked until reset manually */
+	}
+
+	(void) time (&now);
+	if ((fl->fail_time + fl->fail_locktime) < now) {
+		return false;	/* enough time since last failure */
+	}
+
+	return true;
+}
+
+/*
+ * failcheck - check for failures > allowable
+ *
+ *	failcheck() is called AFTER the password has been validated.  If the
+ *	account has been "attacked" with too many login failures, failcheck()
+ *	returns 0 to indicate that the login should be denied even though
+ *	the password is valid.
+ *
+ *	failed indicates if the login failed AFTER the password has been
+ *	       validated.
+ */
+
+int failcheck (uid_t uid, struct faillog *fl, bool failed)
+{
+	int fd;
+	struct faillog fail;
+	off_t offset_uid = (off_t) (sizeof *fl) * uid;
+
+	/*
+	 * Suppress the check if the log file isn't there.
+	 */
+
+	if (access (FAILLOG_FILE, F_OK) != 0) {
+		return 1;
+	}
+
+	fd = open (FAILLOG_FILE, failed?O_RDONLY:O_RDWR);
+	if (fd < 0) {
+		SYSLOG ((LOG_WARN,
+		         "Can't open the faillog file (%s) to check UID %lu. "
+		         "User access authorized.",
+		         FAILLOG_FILE, (unsigned long) uid));
+		return 1;
+	}
+
+	/*
+	 * Get the record from the file and determine if the user has
+	 * exceeded the failure limit.  If "max" is zero, any number
+	 * of failures are permitted.  Only when "max" is non-zero and
+	 * "cnt" is greater than or equal to "max" is the account
+	 * considered to be locked.
+	 *
+	 * If read fails, there is no record for this user yet (the
+	 * file is initially zero length and extended by writes), so
+	 * no need to reset the count.
+	 */
+
+	if (   (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
+	    || (read (fd, (char *) fl, sizeof *fl) != (ssize_t) sizeof *fl)) {
+		(void) close (fd);
+		return 1;
+	}
+
+	if (too_many_failures (fl)) {
+		(void) close (fd);
+		return 0;
+	}
+
+	/*
+	 * The record is updated if this is not a failure.  The count will
+	 * be reset to zero, but the rest of the information will be left
+	 * in the record in case someone wants to see where the failed
+	 * login originated.
+	 */
+
+	if (!failed) {
+		fail = *fl;
+		fail.fail_cnt = 0;
+
+		if (   (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
+		    || (write (fd, (const void *) &fail, sizeof fail) != (ssize_t) sizeof fail)
+		    || (close (fd) != 0)) {
+			SYSLOG ((LOG_WARN,
+			         "Can't reset faillog entry for UID %lu in %s.",
+			         (unsigned long) uid, FAILLOG_FILE));
+			(void) close (fd);
+		}
+	} else {
+		(void) close (fd);
+	}
+
+	return 1;
+}
+
+/*
+ * failprint - print line of failure information
+ *
+ *	failprint takes a (struct faillog) entry and formats it into a
+ *	message which is displayed at login time.
+ */
+
+void failprint (const struct faillog *fail)
+{
+	struct tm *tp;
+
+#if HAVE_STRFTIME
+	char lasttimeb[256];
+	char *lasttime = lasttimeb;
+#else
+	char *lasttime;
+#endif
+	time_t NOW;
+
+	if (0 == fail->fail_cnt) {
+		return;
+	}
+
+	tp = localtime (&(fail->fail_time));
+	(void) time (&NOW);
+
+#if HAVE_STRFTIME
+	/*
+	 * Print all information we have.
+	 */
+	(void) strftime (lasttimeb, sizeof lasttimeb, "%c", tp);
+#else
+
+	/*
+	 * Do the same thing, but don't use strftime since it
+	 * probably doesn't exist on this system
+	 */
+	lasttime = asctime (tp);
+	lasttime[24] = '\0';
+
+	if ((NOW - fail->fail_time) < YEAR) {
+		lasttime[19] = '\0';
+	}
+	if ((NOW - fail->fail_time) < DAY) {
+		lasttime = lasttime + 11;
+	}
+
+	if (' ' == *lasttime) {
+		lasttime++;
+	}
+#endif
+	/*@-formatconst@*/
+	(void) printf (ngettext ("%d failure since last login.\n"
+	                         "Last was %s on %s.\n",
+	                         "%d failures since last login.\n"
+	                         "Last was %s on %s.\n",
+	                         (unsigned long) fail->fail_cnt),
+	               fail->fail_cnt, lasttime, fail->fail_line);
+	/*@=formatconst@*/
+}
+
+/*
+ * failtmp - update the cumulative failure log
+ *
+ *	failtmp updates the (struct utmp) formatted failure log which
+ *	maintains a record of all login failures.
+ */
+
+void failtmp (const char *username,
+#ifdef USE_UTMPX
+		     const struct utmpx *failent
+#else				/* !USE_UTMPX */
+		     const struct utmp *failent
+#endif				/* !USE_UTMPX */
+    )
+{
+	const char *ftmp;
+	int fd;
+
+	/*
+	 * Get the name of the failure file.  If no file has been defined
+	 * in login.defs, don't do this.
+	 */
+
+	ftmp = getdef_str ("FTMP_FILE");
+	if (NULL == ftmp) {
+		return;
+	}
+
+	/*
+	 * Open the file for append.  It must already exist for this
+	 * feature to be used.
+	 */
+
+	if (access (ftmp, F_OK) != 0) {
+		return;
+	}
+
+	fd = open (ftmp, O_WRONLY | O_APPEND);
+	if (-1 == fd) {
+		SYSLOG ((LOG_WARN,
+		         "Can't append failure of user %s to %s.",
+		         username, ftmp));
+		return;
+	}
+
+	/*
+	 * Append the new failure record and close the log file.
+	 */
+
+	if (   (write (fd, (const void *) failent, sizeof *failent) != (ssize_t) sizeof *failent)
+	    || (close (fd) != 0)) {
+		SYSLOG ((LOG_WARN,
+		         "Can't append failure of user %s to %s.",
+		         username, ftmp));
+		(void) close (fd);
+	}
+}
+
diff --git a/libmisc/failure.h b/libmisc/failure.h
new file mode 100644
index 0000000..13187a4
--- /dev/null
+++ b/libmisc/failure.h
@@ -0,0 +1,84 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1997 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id$ */
+#ifndef _FAILURE_H_
+#define _FAILURE_H_
+
+#include "defines.h"
+#include "faillog.h"
+#ifdef USE_UTMPX
+#include <utmpx.h>
+#else					/* !USE_UTMPX */
+#include <utmp.h>
+#endif					/* !USE_UTMPX */
+
+/*
+ * failure - make failure entry
+ *
+ *	failure() creates a new (struct faillog) entry or updates an
+ *	existing one with the current failed login information.
+ */
+extern void failure (uid_t, const char *, struct faillog *);
+
+/*
+ * failcheck - check for failures > allowable
+ *
+ *	failcheck() is called AFTER the password has been validated.  If the
+ *	account has been "attacked" with too many login failures, failcheck()
+ *	returns FALSE to indicate that the login should be denied even though
+ *	the password is valid.
+ */
+extern int failcheck (uid_t uid, struct faillog *fl, bool failed);
+
+/*
+ * failprint - print line of failure information
+ *
+ *	failprint takes a (struct faillog) entry and formats it into a
+ *	message which is displayed at login time.
+ */
+extern void failprint (const struct faillog *);
+
+/*
+ * failtmp - update the cummulative failure log
+ *
+ *	failtmp updates the (struct utmp) formatted failure log which
+ *	maintains a record of all login failures.
+ */
+#ifdef USE_UTMPX
+extern void failtmp (const char *username, const struct utmpx *);
+#else				/* !USE_UTMPX */
+extern void failtmp (const char *username, const struct utmp *);
+#endif				/* !USE_UTMPX */
+
+#endif
+
diff --git a/libmisc/find_new_gid.c b/libmisc/find_new_gid.c
new file mode 100644
index 0000000..2fe6a2a
--- /dev/null
+++ b/libmisc/find_new_gid.c
@@ -0,0 +1,498 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 2008 - 2011, Nicolas François
+ * Copyright (c) 2014, Red Hat, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <assert.h>
+#include <stdio.h>
+#include <errno.h>
+
+#include "prototypes.h"
+#include "groupio.h"
+#include "getdef.h"
+
+/*
+ * get_ranges - Get the minimum and maximum ID ranges for the search
+ *
+ * This function will return the minimum and maximum ranges for IDs
+ *
+ * 0: The function completed successfully
+ * EINVAL: The provided ranges are impossible (such as maximum < minimum)
+ *
+ * preferred_min: The special-case minimum value for a specifically-
+ * requested ID, which may be lower than the standard min_id
+ */
+static int get_ranges (bool sys_group, gid_t *min_id, gid_t *max_id,
+		       gid_t *preferred_min)
+{
+	gid_t gid_def_max = 0;
+
+	if (sys_group) {
+		/* System groups */
+
+		/* A requested ID is allowed to be below the autoselect range */
+		*preferred_min = (gid_t) 1;
+
+		/* Get the minimum ID range from login.defs or default to 101 */
+		*min_id = (gid_t) getdef_ulong ("SYS_GID_MIN", 101UL);
+
+		/*
+		 * If SYS_GID_MAX is unspecified, we should assume it to be one
+		 * less than the GID_MIN (which is reserved for non-system accounts)
+		 */
+		gid_def_max = (gid_t) getdef_ulong ("GID_MIN", 1000UL) - 1;
+		*max_id = (gid_t) getdef_ulong ("SYS_GID_MAX",
+				(unsigned long) gid_def_max);
+
+		/* Check that the ranges make sense */
+		if (*max_id < *min_id) {
+			(void) fprintf (stderr,
+                            _("%s: Invalid configuration: SYS_GID_MIN (%lu), "
+                              "GID_MIN (%lu), SYS_GID_MAX (%lu)\n"),
+                            Prog, (unsigned long) *min_id,
+                            getdef_ulong ("GID_MIN", 1000UL),
+                            (unsigned long) *max_id);
+			return EINVAL;
+		}
+	} else {
+		/* Non-system groups */
+
+		/* Get the values from login.defs or use reasonable defaults */
+		*min_id = (gid_t) getdef_ulong ("GID_MIN", 1000UL);
+		*max_id = (gid_t) getdef_ulong ("GID_MAX", 60000UL);
+
+		/*
+		 * The preferred minimum should match the standard ID minimum
+		 * for non-system groups.
+		 */
+		*preferred_min = *min_id;
+
+		/* Check that the ranges make sense */
+		if (*max_id < *min_id) {
+			(void) fprintf (stderr,
+					_("%s: Invalid configuration: GID_MIN (%lu), "
+					  "GID_MAX (%lu)\n"),
+					Prog, (unsigned long) *min_id,
+					(unsigned long) *max_id);
+			return EINVAL;
+		}
+	}
+
+	return 0;
+}
+
+/*
+ * check_gid - See if the requested GID is available
+ *
+ * On success, return 0
+ * If the ID is in use, return EEXIST
+ * If the ID is outside the range, return ERANGE
+ * In other cases, return errno from getgrgid()
+ */
+static int check_gid (const gid_t gid,
+		      const gid_t gid_min,
+		      const gid_t gid_max,
+		      bool *used_gids)
+{
+	/* First test that the preferred ID is in the range */
+	if (gid < gid_min || gid > gid_max) {
+		return ERANGE;
+	}
+
+	/*
+	 * Check whether we already detected this GID
+	 * using the gr_next() loop
+	 */
+	if (used_gids != NULL && used_gids[gid]) {
+		return EEXIST;
+	}
+	/* Check if the GID exists according to NSS */
+	errno = 0;
+	if (getgrgid (gid) != NULL) {
+		return EEXIST;
+	} else {
+		/* getgrgid() was NULL
+		 * we have to ignore errors as temporary
+		 * failures of remote user identity services
+		 * would completely block user/group creation
+		 */
+	}
+
+	/* If we've made it here, the GID must be available */
+	return 0;
+}
+
+/*
+ * find_new_gid - Find a new unused GID.
+ *
+ * If successful, find_new_gid provides an unused group ID in the
+ * [GID_MIN:GID_MAX] range.
+ * This ID should be higher than all the used GID, but if not possible,
+ * the lowest unused ID in the range will be returned.
+ * 
+ * Return 0 on success, -1 if no unused GIDs are available.
+ */
+int find_new_gid (bool sys_group,
+                 gid_t *gid,
+                 /*@null@*/gid_t const *preferred_gid)
+{
+	bool *used_gids;
+	const struct group *grp;
+	gid_t gid_min, gid_max, preferred_min;
+	gid_t group_id, id;
+	gid_t lowest_found, highest_found;
+	int result;
+	int nospam = 0;
+
+	assert(gid != NULL);
+
+	/*
+	 * First, figure out what ID range is appropriate for
+	 * automatic assignment
+	 */
+	result = get_ranges (sys_group, &gid_min, &gid_max, &preferred_min);
+	if (result == EINVAL) {
+		return -1;
+	}
+
+	/* Check if the preferred GID is available */
+	if (preferred_gid) {
+		result = check_gid (*preferred_gid, preferred_min, gid_max, NULL);
+		if (result == 0) {
+			/*
+			 * Make sure the GID isn't queued for use already
+			 */
+			if (gr_locate_gid (*preferred_gid) == NULL) {
+				*gid = *preferred_gid;
+				return 0;
+			}
+			/*
+			 * gr_locate_gid() found the GID in an as-yet uncommitted
+			 * entry. We'll proceed below and auto-set a GID.
+			 */
+		} else if (result == EEXIST || result == ERANGE) {
+			/*
+			 * Continue on below. At this time, we won't
+			 * treat these two cases differently.
+			 */
+		} else {
+			/*
+			 * An unexpected error occurred. We should report
+			 * this and fail the group creation.
+			 * This differs from the automatic creation
+			 * behavior below, since if a specific GID was
+			 * requested and generated an error, the user is
+			 * more likely to want to stop and address the
+			 * issue.
+			 */
+			fprintf (stderr,
+				_("%s: Encountered error attempting to use "
+				  "preferred GID: %s\n"),
+				Prog, strerror (result));
+			return -1;
+		}
+	}
+
+	/*
+	 * Search the entire group file,
+	 * looking for the next unused value.
+	 *
+	 * We first check the local database with gr_rewind/gr_next to find
+	 * all local values that are in use.
+	 *
+	 * We then compare the next free value to all databases (local and
+	 * remote) and iterate until we find a free one. If there are free
+	 * values beyond the lowest (system groups) or highest (non-system
+	 * groups), we will prefer those and avoid potentially reclaiming a
+	 * deleted group (which can be a security issue, since it may grant
+	 * access to files belonging to that former group).
+	 *
+	 * If there are no GIDs available at the end of the search, we will
+	 * have no choice but to iterate through the range looking for gaps.
+	 *
+	 */
+
+	/* Create an array to hold all of the discovered GIDs */
+	used_gids = malloc (sizeof (bool) * (gid_max +1));
+	if (NULL == used_gids) {
+		fprintf (stderr,
+			 _("%s: failed to allocate memory: %s\n"),
+			 Prog, strerror (errno));
+		return -1;
+	}
+	memset (used_gids, false, sizeof (bool) * (gid_max + 1));
+
+	/* First look for the lowest and highest value in the local database */
+	(void) gr_rewind ();
+	highest_found = gid_min;
+	lowest_found = gid_max;
+	while ((grp = gr_next ()) != NULL) {
+		/*
+		 * Does this entry have a lower GID than the lowest we've found
+		 * so far?
+		 */
+		if ((grp->gr_gid <= lowest_found) && (grp->gr_gid >= gid_min)) {
+			lowest_found = grp->gr_gid - 1;
+		}
+
+		/*
+		 * Does this entry have a higher GID than the highest we've found
+		 * so far?
+		 */
+		if ((grp->gr_gid >= highest_found) && (grp->gr_gid <= gid_max)) {
+			highest_found = grp->gr_gid + 1;
+		}
+
+		/* create index of used GIDs */
+		if (grp->gr_gid >= gid_min
+			&& grp->gr_gid <= gid_max) {
+
+			used_gids[grp->gr_gid] = true;
+		}
+	}
+
+	if (sys_group) {
+		/*
+		 * For system groups, we want to start from the
+		 * top of the range and work downwards.
+		 */
+
+		/*
+		 * At the conclusion of the gr_next() search, we will either
+		 * have a presumed-free GID or we will be at GID_MIN - 1.
+		 */
+		if (lowest_found < gid_min) {
+			/*
+			 * In this case, a GID is in use at GID_MIN.
+			 *
+			 * We will reset the search to GID_MAX and proceed down
+			 * through all the GIDs (skipping those we detected with
+			 * used_gids) for a free one. It is a known issue that
+			 * this may result in reusing a previously-deleted GID,
+			 * so administrators should be instructed to use this
+			 * auto-detection with care (and prefer to assign GIDs
+			 * explicitly).
+			 */
+			lowest_found = gid_max;
+		}
+
+		/* Search through all of the IDs in the range */
+		for (id = lowest_found; id >= gid_min; id--) {
+			result = check_gid (id, gid_min, gid_max, used_gids);
+			if (result == 0) {
+				/* This GID is available. Return it. */
+				*gid = id;
+				free (used_gids);
+				return 0;
+			} else if (result == EEXIST) {
+				/* This GID is in use, we'll continue to the next */
+			} else {
+				/*
+				 * An unexpected error occurred.
+				 *
+				 * Only report it the first time to avoid spamming
+				 * the logs
+				 *
+				 */
+				if (!nospam) {
+					fprintf (stderr,
+						_("%s: Can't get unique system GID (%s). "
+						  "Suppressing additional messages.\n"),
+						Prog, strerror (result));
+					SYSLOG ((LOG_ERR,
+						"Error checking available GIDs: %s",
+						strerror (result)));
+					nospam = 1;
+				}
+				/*
+				 * We will continue anyway. Hopefully a later GID
+				 * will work properly.
+				 */
+			}
+		}
+
+		/*
+		 * If we get all the way through the loop, try again from GID_MAX,
+		 * unless that was where we previously started. (NOTE: the worst-case
+		 * scenario here is that we will run through (GID_MAX - GID_MIN - 1)
+		 * cycles *again* if we fall into this case with lowest_found as
+		 * GID_MAX - 1, all groups in the range in use and maintained by
+		 * network services such as LDAP.)
+		 */
+		if (lowest_found != gid_max) {
+			for (id = gid_max; id >= gid_min; id--) {
+				result = check_gid (id, gid_min, gid_max, used_gids);
+				if (result == 0) {
+					/* This GID is available. Return it. */
+					*gid = id;
+					free (used_gids);
+					return 0;
+				} else if (result == EEXIST) {
+					/* This GID is in use, we'll continue to the next */
+				} else {
+					/*
+					 * An unexpected error occurred.
+					 *
+					 * Only report it the first time to avoid spamming
+					 * the logs
+					 *
+					 */
+					if (!nospam) {
+						fprintf (stderr,
+							_("%s: Can't get unique system GID (%s). "
+							  "Suppressing additional messages.\n"),
+							Prog, strerror (result));
+						SYSLOG ((LOG_ERR,
+							"Error checking available GIDs: %s",
+							strerror (result)));
+						nospam = 1;
+					}
+					/*
+					 * We will continue anyway. Hopefully a later GID
+					 * will work properly.
+					 */
+				}
+			}
+		}
+	} else { /* !sys_group */
+		/*
+		 * For non-system groups, we want to start from the
+		 * bottom of the range and work upwards.
+		 */
+
+		/*
+		 * At the conclusion of the gr_next() search, we will either
+		 * have a presumed-free GID or we will be at GID_MAX + 1.
+		 */
+		if (highest_found > gid_max) {
+			/*
+			 * In this case, a GID is in use at GID_MAX.
+			 *
+			 * We will reset the search to GID_MIN and proceed up
+			 * through all the GIDs (skipping those we detected with
+			 * used_gids) for a free one. It is a known issue that
+			 * this may result in reusing a previously-deleted GID,
+			 * so administrators should be instructed to use this
+			 * auto-detection with care (and prefer to assign GIDs
+			 * explicitly).
+			 */
+			highest_found = gid_min;
+		}
+
+		/* Search through all of the IDs in the range */
+		for (id = highest_found; id <= gid_max; id++) {
+			result = check_gid (id, gid_min, gid_max, used_gids);
+			if (result == 0) {
+				/* This GID is available. Return it. */
+				*gid = id;
+				free (used_gids);
+				return 0;
+			} else if (result == EEXIST) {
+				/* This GID is in use, we'll continue to the next */
+			} else {
+				/*
+				 * An unexpected error occurred.
+				 *
+				 * Only report it the first time to avoid spamming
+				 * the logs
+				 *
+				 */
+				if (!nospam) {
+					fprintf (stderr,
+						_("%s: Can't get unique GID (%s). "
+						  "Suppressing additional messages.\n"),
+						Prog, strerror (result));
+					SYSLOG ((LOG_ERR,
+						"Error checking available GIDs: %s",
+						strerror (result)));
+					nospam = 1;
+				}
+				/*
+				 * We will continue anyway. Hopefully a later GID
+				 * will work properly.
+				 */
+			}
+		}
+
+		/*
+		 * If we get all the way through the loop, try again from GID_MIN,
+		 * unless that was where we previously started. (NOTE: the worst-case
+		 * scenario here is that we will run through (GID_MAX - GID_MIN - 1)
+		 * cycles *again* if we fall into this case with highest_found as
+		 * GID_MIN + 1, all groups in the range in use and maintained by
+		 * network services such as LDAP.)
+		 */
+		if (highest_found != gid_min) {
+			for (id = gid_min; id <= gid_max; id++) {
+				result = check_gid (id, gid_min, gid_max, used_gids);
+				if (result == 0) {
+					/* This GID is available. Return it. */
+					*gid = id;
+					free (used_gids);
+					return 0;
+				} else if (result == EEXIST) {
+					/* This GID is in use, we'll continue to the next */
+				} else {
+					/*
+					 * An unexpected error occurred.
+					 *
+					 * Only report it the first time to avoid spamming
+					 * the logs
+					 *
+					 */
+					if (!nospam) {
+						fprintf (stderr,
+							_("%s: Can't get unique GID (%s). "
+							  "Suppressing additional messages.\n"),
+							Prog, strerror (result));
+						SYSLOG ((LOG_ERR,
+							"Error checking available GIDs: %s",
+							strerror (result)));
+						nospam = 1;
+					}
+					/*
+					 * We will continue anyway. Hopefully a later GID
+					 * will work properly.
+					 */
+				}
+			}
+		}
+	}
+
+	/* The code reached here and found no available IDs in the range */
+	fprintf (stderr,
+		_("%s: Can't get unique GID (no more available GIDs)\n"),
+		Prog);
+	SYSLOG ((LOG_WARN, "no more available GIDs on the system"));
+	free (used_gids);
+	return -1;
+}
+
diff --git a/libmisc/find_new_sub_gids.c b/libmisc/find_new_sub_gids.c
new file mode 100644
index 0000000..ae8a937
--- /dev/null
+++ b/libmisc/find_new_sub_gids.c
@@ -0,0 +1,86 @@
+/*
+ * Copyright (c) 2012 Eric Biederman
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifdef ENABLE_SUBIDS
+
+#include <assert.h>
+#include <stdio.h>
+#include <errno.h>
+
+#include "prototypes.h"
+#include "subordinateio.h"
+#include "getdef.h"
+
+/*
+ * find_new_sub_gids - Find a new unused range of GIDs.
+ *
+ * If successful, find_new_sub_gids provides a range of unused
+ * user IDs in the [SUB_GID_MIN:SUB_GID_MAX] range.
+ * 
+ * Return 0 on success, -1 if no unused GIDs are available.
+ */
+int find_new_sub_gids (const char *owner,
+		       gid_t *range_start, unsigned long *range_count)
+{
+	unsigned long min, max;
+	unsigned long count;
+	gid_t start;
+
+	assert (range_start != NULL);
+	assert (range_count != NULL);
+
+	min = getdef_ulong ("SUB_GID_MIN", 100000UL);
+	max = getdef_ulong ("SUB_GID_MAX", 600100000UL);
+	count = getdef_ulong ("SUB_GID_COUNT", 65536);
+
+	if (min > max || count >= max || (min + count - 1) > max) {
+		(void) fprintf (stderr,
+				_("%s: Invalid configuration: SUB_GID_MIN (%lu),"
+				  " SUB_GID_MAX (%lu), SUB_GID_COUNT (%lu)\n"),
+			Prog, min, max, count);
+		return -1;
+	}
+
+	start = sub_gid_find_free_range(min, max, count);
+	if (start == (gid_t)-1) {
+		fprintf (stderr,
+		         _("%s: Can't get unique subordinate GID range\n"),
+		         Prog);
+		SYSLOG ((LOG_WARN, "no more available subordinate GIDs on the system"));
+		return -1;
+	}
+	*range_start = start;
+	*range_count = count;
+	return 0;
+}
+#else				/* !ENABLE_SUBIDS */
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/* !ENABLE_SUBIDS */
+
diff --git a/libmisc/find_new_sub_uids.c b/libmisc/find_new_sub_uids.c
new file mode 100644
index 0000000..12cb2d2
--- /dev/null
+++ b/libmisc/find_new_sub_uids.c
@@ -0,0 +1,86 @@
+/*
+ * Copyright (c) 2012 Eric Biederman
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifdef ENABLE_SUBIDS
+
+#include <assert.h>
+#include <stdio.h>
+#include <errno.h>
+
+#include "prototypes.h"
+#include "subordinateio.h"
+#include "getdef.h"
+
+/*
+ * find_new_sub_uids - Find a new unused range of UIDs.
+ *
+ * If successful, find_new_sub_uids provides a range of unused
+ * user IDs in the [SUB_UID_MIN:SUB_UID_MAX] range.
+ * 
+ * Return 0 on success, -1 if no unused UIDs are available.
+ */
+int find_new_sub_uids (const char *owner,
+		       uid_t *range_start, unsigned long *range_count)
+{
+	unsigned long min, max;
+	unsigned long count;
+	uid_t start;
+
+	assert (range_start != NULL);
+	assert (range_count != NULL);
+
+	min = getdef_ulong ("SUB_UID_MIN", 100000UL);
+	max = getdef_ulong ("SUB_UID_MAX", 600100000UL);
+	count = getdef_ulong ("SUB_UID_COUNT", 65536);
+
+	if (min > max || count >= max || (min + count - 1) > max) {
+		(void) fprintf (stderr,
+				_("%s: Invalid configuration: SUB_UID_MIN (%lu),"
+				  " SUB_UID_MAX (%lu), SUB_UID_COUNT (%lu)\n"),
+			Prog, min, max, count);
+		return -1;
+	}
+
+	start = sub_uid_find_free_range(min, max, count);
+	if (start == (uid_t)-1) {
+		fprintf (stderr,
+		         _("%s: Can't get unique subordinate UID range\n"),
+		         Prog);
+		SYSLOG ((LOG_WARN, "no more available subordinate UIDs on the system"));
+		return -1;
+	}
+	*range_start = start;
+	*range_count = count;
+	return 0;
+}
+#else				/* !ENABLE_SUBIDS */
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/* !ENABLE_SUBIDS */
+
diff --git a/libmisc/find_new_uid.c b/libmisc/find_new_uid.c
new file mode 100644
index 0000000..b314313
--- /dev/null
+++ b/libmisc/find_new_uid.c
@@ -0,0 +1,498 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 2008 - 2011, Nicolas François
+ * Copyright (c) 2014, Red Hat, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <assert.h>
+#include <stdio.h>
+#include <errno.h>
+
+#include "prototypes.h"
+#include "pwio.h"
+#include "getdef.h"
+
+/*
+ * get_ranges - Get the minimum and maximum ID ranges for the search
+ *
+ * This function will return the minimum and maximum ranges for IDs
+ *
+ * 0: The function completed successfully
+ * EINVAL: The provided ranges are impossible (such as maximum < minimum)
+ *
+ * preferred_min: The special-case minimum value for a specifically-
+ * requested ID, which may be lower than the standard min_id
+ */
+static int get_ranges (bool sys_user, uid_t *min_id, uid_t *max_id,
+			uid_t *preferred_min)
+{
+	uid_t uid_def_max = 0;
+
+	if (sys_user) {
+		/* System users */
+
+		/* A requested ID is allowed to be below the autoselect range */
+		*preferred_min = (uid_t) 1;
+
+		/* Get the minimum ID range from login.defs or default to 101 */
+		*min_id = (uid_t) getdef_ulong ("SYS_UID_MIN", 101UL);
+
+		/*
+		 * If SYS_UID_MAX is unspecified, we should assume it to be one
+		 * less than the UID_MIN (which is reserved for non-system accounts)
+		 */
+		uid_def_max = (uid_t) getdef_ulong ("UID_MIN", 1000UL) - 1;
+		*max_id = (uid_t) getdef_ulong ("SYS_UID_MAX",
+				(unsigned long) uid_def_max);
+
+		/* Check that the ranges make sense */
+		if (*max_id < *min_id) {
+			(void) fprintf (stderr,
+                            _("%s: Invalid configuration: SYS_UID_MIN (%lu), "
+                              "UID_MIN (%lu), SYS_UID_MAX (%lu)\n"),
+                            Prog, (unsigned long) *min_id,
+                            getdef_ulong ("UID_MIN", 1000UL),
+                            (unsigned long) *max_id);
+			return EINVAL;
+		}
+	} else {
+		/* Non-system users */
+
+		/* Get the values from login.defs or use reasonable defaults */
+		*min_id = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
+		*max_id = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
+
+		/*
+		 * The preferred minimum should match the standard ID minimum
+		 * for non-system users.
+		 */
+		*preferred_min = *min_id;
+
+		/* Check that the ranges make sense */
+		if (*max_id < *min_id) {
+			(void) fprintf (stderr,
+					_("%s: Invalid configuration: UID_MIN (%lu), "
+					  "UID_MAX (%lu)\n"),
+					Prog, (unsigned long) *min_id,
+					(unsigned long) *max_id);
+			return EINVAL;
+		}
+	}
+
+	return 0;
+}
+
+/*
+ * check_uid - See if the requested UID is available
+ *
+ * On success, return 0
+ * If the ID is in use, return EEXIST
+ * If the ID is outside the range, return ERANGE
+ * In other cases, return errno from getpwuid()
+ */
+static int check_uid(const uid_t uid,
+		     const uid_t uid_min,
+		     const uid_t uid_max,
+		     bool *used_uids)
+{
+	/* First test that the preferred ID is in the range */
+	if (uid < uid_min || uid > uid_max) {
+		return ERANGE;
+	}
+
+	/*
+	 * Check whether we already detected this UID
+	 * using the pw_next() loop
+	 */
+	if (used_uids != NULL && used_uids[uid]) {
+		return EEXIST;
+	}
+	/* Check if the UID exists according to NSS */
+	errno = 0;
+	if (getpwuid(uid) != NULL) {
+		return EEXIST;
+	} else {
+		/* getpwuid() was NULL
+		 * we have to ignore errors as temporary
+		 * failures of remote user identity services
+		 * would completely block user/group creation
+		 */
+	}
+
+	/* If we've made it here, the UID must be available */
+	return 0;
+}
+
+/*
+ * find_new_uid - Find a new unused UID.
+ *
+ * If successful, find_new_uid provides an unused user ID in the
+ * [UID_MIN:UID_MAX] range.
+ * This ID should be higher than all the used UID, but if not possible,
+ * the lowest unused ID in the range will be returned.
+ * 
+ * Return 0 on success, -1 if no unused UIDs are available.
+ */
+int find_new_uid(bool sys_user,
+                 uid_t *uid,
+                 /*@null@*/uid_t const *preferred_uid)
+{
+	bool *used_uids;
+	const struct passwd *pwd;
+	uid_t uid_min, uid_max, preferred_min;
+	uid_t user_id, id;
+	uid_t lowest_found, highest_found;
+	int result;
+	int nospam = 0;
+
+	assert (uid != NULL);
+
+	/*
+	 * First, figure out what ID range is appropriate for
+	 * automatic assignment
+	 */
+	result = get_ranges (sys_user, &uid_min, &uid_max, &preferred_min);
+	if (result == EINVAL) {
+		return -1;
+	}
+
+	/* Check if the preferred UID is available */
+	if (preferred_uid) {
+		result = check_uid (*preferred_uid, preferred_min, uid_max, NULL);
+		if (result == 0) {
+			/*
+			 * Make sure the UID isn't queued for use already
+			 */
+			if (pw_locate_uid (*preferred_uid) == NULL) {
+				*uid = *preferred_uid;
+				return 0;
+			}
+			/*
+			 * pw_locate_uid() found the UID in an as-yet uncommitted
+			 * entry. We'll proceed below and auto-set an UID.
+			 */
+		} else if (result == EEXIST || result == ERANGE) {
+			/*
+			 * Continue on below. At this time, we won't
+			 * treat these two cases differently.
+			 */
+		} else {
+			/*
+			 * An unexpected error occurred. We should report
+			 * this and fail the user creation.
+			 * This differs from the automatic creation
+			 * behavior below, since if a specific UID was
+			 * requested and generated an error, the user is
+			 * more likely to want to stop and address the
+			 * issue.
+			 */
+			fprintf (stderr,
+				_("%s: Encountered error attempting to use "
+				  "preferred UID: %s\n"),
+				Prog, strerror (result));
+			return -1;
+		}
+	}
+
+	/*
+	 * Search the entire passwd file,
+	 * looking for the next unused value.
+	 *
+	 * We first check the local database with pw_rewind/pw_next to find
+	 * all local values that are in use.
+	 *
+	 * We then compare the next free value to all databases (local and
+	 * remote) and iterate until we find a free one. If there are free
+	 * values beyond the lowest (system users) or highest (non-system
+	 * users), we will prefer those and avoid potentially reclaiming a
+	 * deleted user (which can be a security issue, since it may grant
+	 * access to files belonging to that former user).
+	 *
+	 * If there are no UIDs available at the end of the search, we will
+	 * have no choice but to iterate through the range looking for gaps.
+	 *
+	 */
+
+	/* Create an array to hold all of the discovered UIDs */
+	used_uids = malloc (sizeof (bool) * (uid_max +1));
+	if (NULL == used_uids) {
+		fprintf (stderr,
+			 _("%s: failed to allocate memory: %s\n"),
+			 Prog, strerror (errno));
+		return -1;
+	}
+	memset (used_uids, false, sizeof (bool) * (uid_max + 1));
+
+	/* First look for the lowest and highest value in the local database */
+	(void) pw_rewind ();
+	highest_found = uid_min;
+	lowest_found = uid_max;
+	while ((pwd = pw_next ()) != NULL) {
+		/*
+		 * Does this entry have a lower UID than the lowest we've found
+		 * so far?
+		 */
+		if ((pwd->pw_uid <= lowest_found) && (pwd->pw_uid >= uid_min)) {
+			lowest_found = pwd->pw_uid - 1;
+		}
+
+		/*
+		 * Does this entry have a higher UID than the highest we've found
+		 * so far?
+		 */
+		if ((pwd->pw_uid >= highest_found) && (pwd->pw_uid <= uid_max)) {
+			highest_found = pwd->pw_uid + 1;
+		}
+
+		/* create index of used UIDs */
+		if (pwd->pw_uid >= uid_min
+			&& pwd->pw_uid <= uid_max) {
+
+			used_uids[pwd->pw_uid] = true;
+		}
+	}
+
+	if (sys_user) {
+		/*
+		 * For system users, we want to start from the
+		 * top of the range and work downwards.
+		 */
+
+		/*
+		 * At the conclusion of the pw_next() search, we will either
+		 * have a presumed-free UID or we will be at UID_MIN - 1.
+		 */
+		if (lowest_found < uid_min) {
+			/*
+			 * In this case, an UID is in use at UID_MIN.
+			 *
+			 * We will reset the search to UID_MAX and proceed down
+			 * through all the UIDs (skipping those we detected with
+			 * used_uids) for a free one. It is a known issue that
+			 * this may result in reusing a previously-deleted UID,
+			 * so administrators should be instructed to use this
+			 * auto-detection with care (and prefer to assign UIDs
+			 * explicitly).
+			 */
+			lowest_found = uid_max;
+		}
+
+		/* Search through all of the IDs in the range */
+		for (id = lowest_found; id >= uid_min; id--) {
+			result = check_uid (id, uid_min, uid_max, used_uids);
+			if (result == 0) {
+				/* This UID is available. Return it. */
+				*uid = id;
+				free (used_uids);
+				return 0;
+			} else if (result == EEXIST) {
+				/* This UID is in use, we'll continue to the next */
+			} else {
+				/*
+				 * An unexpected error occurred.
+				 *
+				 * Only report it the first time to avoid spamming
+				 * the logs
+				 *
+				 */
+				if (!nospam) {
+					fprintf (stderr,
+						_("%s: Can't get unique system UID (%s). "
+						  "Suppressing additional messages.\n"),
+						Prog, strerror (result));
+					SYSLOG ((LOG_ERR,
+						"Error checking available UIDs: %s",
+						strerror (result)));
+					nospam = 1;
+				}
+				/*
+				 * We will continue anyway. Hopefully a later UID
+				 * will work properly.
+				 */
+			}
+		}
+
+		/*
+		 * If we get all the way through the loop, try again from UID_MAX,
+		 * unless that was where we previously started. (NOTE: the worst-case
+		 * scenario here is that we will run through (UID_MAX - UID_MIN - 1)
+		 * cycles *again* if we fall into this case with lowest_found as
+		 * UID_MAX - 1, all users in the range in use and maintained by
+		 * network services such as LDAP.)
+		 */
+		if (lowest_found != uid_max) {
+			for (id = uid_max; id >= uid_min; id--) {
+				result = check_uid (id, uid_min, uid_max, used_uids);
+				if (result == 0) {
+					/* This UID is available. Return it. */
+					*uid = id;
+					free (used_uids);
+					return 0;
+				} else if (result == EEXIST) {
+					/* This UID is in use, we'll continue to the next */
+				} else {
+					/*
+					 * An unexpected error occurred.
+					 *
+					 * Only report it the first time to avoid spamming
+					 * the logs
+					 *
+					 */
+					if (!nospam) {
+						fprintf (stderr,
+							_("%s: Can't get unique system UID (%s). "
+							  "Suppressing additional messages.\n"),
+							Prog, strerror (result));
+						SYSLOG((LOG_ERR,
+							"Error checking available UIDs: %s",
+							strerror (result)));
+						nospam = 1;
+					}
+					/*
+					 * We will continue anyway. Hopefully a later UID
+					 * will work properly.
+					 */
+				}
+			}
+		}
+	} else { /* !sys_user */
+		/*
+		 * For non-system users, we want to start from the
+		 * bottom of the range and work upwards.
+		 */
+
+		/*
+		 * At the conclusion of the pw_next() search, we will either
+		 * have a presumed-free UID or we will be at UID_MAX + 1.
+		 */
+		if (highest_found > uid_max) {
+			/*
+			 * In this case, a UID is in use at UID_MAX.
+			 *
+			 * We will reset the search to UID_MIN and proceed up
+			 * through all the UIDs (skipping those we detected with
+			 * used_uids) for a free one. It is a known issue that
+			 * this may result in reusing a previously-deleted UID,
+			 * so administrators should be instructed to use this
+			 * auto-detection with care (and prefer to assign UIDs
+			 * explicitly).
+			 */
+			highest_found = uid_min;
+		}
+
+		/* Search through all of the IDs in the range */
+		for (id = highest_found; id <= uid_max; id++) {
+			result = check_uid (id, uid_min, uid_max, used_uids);
+			if (result == 0) {
+				/* This UID is available. Return it. */
+				*uid = id;
+				free (used_uids);
+				return 0;
+			} else if (result == EEXIST) {
+				/* This UID is in use, we'll continue to the next */
+			} else {
+				/*
+				 * An unexpected error occurred.
+				 *
+				 * Only report it the first time to avoid spamming
+				 * the logs
+				 *
+				 */
+				if (!nospam) {
+					fprintf (stderr,
+						_("%s: Can't get unique UID (%s). "
+						  "Suppressing additional messages.\n"),
+						Prog, strerror (result));
+					SYSLOG ((LOG_ERR,
+						"Error checking available UIDs: %s",
+						strerror (result)));
+					nospam = 1;
+				}
+				/*
+				 * We will continue anyway. Hopefully a later UID
+				 * will work properly.
+				 */
+			}
+		}
+
+		/*
+		 * If we get all the way through the loop, try again from UID_MIN,
+		 * unless that was where we previously started. (NOTE: the worst-case
+		 * scenario here is that we will run through (UID_MAX - UID_MIN - 1)
+		 * cycles *again* if we fall into this case with highest_found as
+		 * UID_MIN + 1, all users in the range in use and maintained by
+		 * network services such as LDAP.)
+		 */
+		if (highest_found != uid_min) {
+			for (id = uid_min; id <= uid_max; id++) {
+				result = check_uid (id, uid_min, uid_max, used_uids);
+				if (result == 0) {
+					/* This UID is available. Return it. */
+					*uid = id;
+					free (used_uids);
+					return 0;
+				} else if (result == EEXIST) {
+					/* This UID is in use, we'll continue to the next */
+				} else {
+					/*
+					 * An unexpected error occurred.
+					 *
+					 * Only report it the first time to avoid spamming
+					 * the logs
+					 *
+					 */
+					if (!nospam) {
+						fprintf (stderr,
+							_("%s: Can't get unique UID (%s). "
+							  "Suppressing additional messages.\n"),
+							Prog, strerror (result));
+						SYSLOG ((LOG_ERR,
+							"Error checking available UIDs: %s",
+							strerror (result)));
+						nospam = 1;
+					}
+					/*
+					 * We will continue anyway. Hopefully a later UID
+					 * will work properly.
+					 */
+				}
+			}
+		}
+	}
+
+	/* The code reached here and found no available IDs in the range */
+	fprintf (stderr,
+		_("%s: Can't get unique UID (no more available UIDs)\n"),
+		Prog);
+	SYSLOG ((LOG_WARN, "no more available UIDs on the system"));
+	free (used_uids);
+	return -1;
+}
+
diff --git a/libmisc/getdate.h b/libmisc/getdate.h
new file mode 100644
index 0000000..d1bb176
--- /dev/null
+++ b/libmisc/getdate.h
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1997 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2005       , Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _GETDATE_H_
+#define _GETDATE_H_
+
+#include <config.h>
+#include "defines.h"
+
+time_t get_date (const char *p, /*@null@*/const time_t *now);
+#endif
diff --git a/libmisc/getdate.y b/libmisc/getdate.y
new file mode 100644
index 0000000..ee00ca5
--- /dev/null
+++ b/libmisc/getdate.y
@@ -0,0 +1,977 @@
+%{
+/*
+**  Originally written by Steven M. Bellovin <smb@research.att.com> while
+**  at the University of North Carolina at Chapel Hill.  Later tweaked by
+**  a couple of people on Usenet.  Completely overhauled by Rich $alz
+**  <rsalz@bbn.com> and Jim Berets <jberets@bbn.com> in August, 1990;
+**
+**  This grammar has 13 shift/reduce conflicts.
+**
+**  This code is in the public domain and has no copyright.
+*/
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+# ifdef FORCE_ALLOCA_H
+#  include <alloca.h>
+# endif
+#endif
+
+/* Since the code of getdate.y is not included in the Emacs executable
+   itself, there is no need to #define static in this file.  Even if
+   the code were included in the Emacs executable, it probably
+   wouldn't do any harm to #undef it here; this will only cause
+   problems if we try to write to a static variable, which I don't
+   think this code needs to do.  */
+#ifdef emacs
+# undef static
+#endif
+
+#include <stdio.h>
+#include <ctype.h>
+#include <time.h>
+
+#if defined (STDC_HEADERS) || (!defined (isascii) && !defined (HAVE_ISASCII))
+# define IN_CTYPE_DOMAIN(c) 1
+#else
+# define IN_CTYPE_DOMAIN(c) isascii(c)
+#endif
+
+#define ISSPACE(c) (IN_CTYPE_DOMAIN (c) && isspace (c))
+#define ISALPHA(c) (IN_CTYPE_DOMAIN (c) && isalpha (c))
+#define ISUPPER(c) (IN_CTYPE_DOMAIN (c) && isupper (c))
+#define ISDIGIT_LOCALE(c) (IN_CTYPE_DOMAIN (c) && isdigit (c))
+
+/* ISDIGIT differs from ISDIGIT_LOCALE, as follows:
+   - Its arg may be any int or unsigned int; it need not be an unsigned char.
+   - It's guaranteed to evaluate its argument exactly once.
+   - It's typically faster.
+   Posix 1003.2-1992 section 2.5.2.1 page 50 lines 1556-1558 says that
+   only '0' through '9' are digits.  Prefer ISDIGIT to ISDIGIT_LOCALE unless
+   it's important to use the locale's definition of `digit' even when the
+   host does not conform to Posix.  */
+#define ISDIGIT(c) ((unsigned) (c) - '0' <= 9)
+
+#include "getdate.h"
+
+#if defined (STDC_HEADERS)
+# include <string.h>
+#endif
+
+/* Some old versions of bison generate parsers that use bcopy.
+   That loses on systems that don't provide the function, so we have
+   to redefine it here.  */
+#if !defined (HAVE_BCOPY) && defined (HAVE_MEMCPY) && !defined (bcopy)
+# define bcopy(from, to, len) memcpy ((to), (from), (len))
+#endif
+
+/* Remap normal yacc parser interface names (yyparse, yylex, yyerror, etc),
+   as well as gratuitiously global symbol names, so we can have multiple
+   yacc generated parsers in the same program.  Note that these are only
+   the variables produced by yacc.  If other parser generators (bison,
+   byacc, etc) produce additional global names that conflict at link time,
+   then those parser generators need to be fixed instead of adding those
+   names to this list. */
+
+#define yymaxdepth gd_maxdepth
+#define yyparse gd_parse
+#define yylex   gd_lex
+#define yyerror gd_error
+#define yylval  gd_lval
+#define yychar  gd_char
+#define yydebug gd_debug
+#define yypact  gd_pact
+#define yyr1    gd_r1
+#define yyr2    gd_r2
+#define yydef   gd_def
+#define yychk   gd_chk
+#define yypgo   gd_pgo
+#define yyact   gd_act
+#define yyexca  gd_exca
+#define yyerrflag gd_errflag
+#define yynerrs gd_nerrs
+#define yyps    gd_ps
+#define yypv    gd_pv
+#define yys     gd_s
+#define yy_yys  gd_yys
+#define yystate gd_state
+#define yytmp   gd_tmp
+#define yyv     gd_v
+#define yy_yyv  gd_yyv
+#define yyval   gd_val
+#define yylloc  gd_lloc
+#define yyreds  gd_reds          /* With YYDEBUG defined */
+#define yytoks  gd_toks          /* With YYDEBUG defined */
+#define yylhs   gd_yylhs
+#define yylen   gd_yylen
+#define yydefred gd_yydefred
+#define yydgoto gd_yydgoto
+#define yysindex gd_yysindex
+#define yyrindex gd_yyrindex
+#define yygindex gd_yygindex
+#define yytable  gd_yytable
+#define yycheck  gd_yycheck
+
+static int yylex (void);
+static int yyerror (const char *s);
+
+#define EPOCH		1970
+#define HOUR(x)		((x) * 60)
+
+#define MAX_BUFF_LEN    128   /* size of buffer to read the date into */
+
+/*
+**  An entry in the lexical lookup table.
+*/
+typedef struct _TABLE {
+    const char	*name;
+    int		type;
+    int		value;
+} TABLE;
+
+
+/*
+**  Meridian:  am, pm, or 24-hour style.
+*/
+typedef enum _MERIDIAN {
+    MERam, MERpm, MER24
+} MERIDIAN;
+
+
+/*
+**  Global variables.  We could get rid of most of these by using a good
+**  union as the yacc stack.  (This routine was originally written before
+**  yacc had the %union construct.)  Maybe someday; right now we only use
+**  the %union very rarely.
+*/
+static const char	*yyInput;
+static int	yyDayOrdinal;
+static int	yyDayNumber;
+static int	yyHaveDate;
+static int	yyHaveDay;
+static int	yyHaveRel;
+static int	yyHaveTime;
+static int	yyHaveZone;
+static int	yyTimezone;
+static int	yyDay;
+static int	yyHour;
+static int	yyMinutes;
+static int	yyMonth;
+static int	yySeconds;
+static int	yyYear;
+static MERIDIAN	yyMeridian;
+static int	yyRelDay;
+static int	yyRelHour;
+static int	yyRelMinutes;
+static int	yyRelMonth;
+static int	yyRelSeconds;
+static int	yyRelYear;
+
+%}
+
+%union {
+    int			Number;
+    enum _MERIDIAN	Meridian;
+}
+
+%token	tAGO tDAY tDAY_UNIT tDAYZONE tDST tHOUR_UNIT tID
+%token	tMERIDIAN tMINUTE_UNIT tMONTH tMONTH_UNIT
+%token	tSEC_UNIT tSNUMBER tUNUMBER tYEAR_UNIT tZONE
+
+%type	<Number>	tDAY tDAY_UNIT tDAYZONE tHOUR_UNIT tMINUTE_UNIT
+%type	<Number>	tMONTH tMONTH_UNIT
+%type	<Number>	tSEC_UNIT tSNUMBER tUNUMBER tYEAR_UNIT tZONE
+%type	<Meridian>	tMERIDIAN o_merid
+
+%%
+
+spec	: /* NULL */
+	| spec item
+	;
+
+item	: time {
+	    yyHaveTime++;
+	}
+	| zone {
+	    yyHaveZone++;
+	}
+	| date {
+	    yyHaveDate++;
+	}
+	| day {
+	    yyHaveDay++;
+	}
+	| rel {
+	    yyHaveRel++;
+	}
+	| number
+	;
+
+time	: tUNUMBER tMERIDIAN {
+	    yyHour = $1;
+	    yyMinutes = 0;
+	    yySeconds = 0;
+	    yyMeridian = $2;
+	}
+	| tUNUMBER ':' tUNUMBER o_merid {
+	    yyHour = $1;
+	    yyMinutes = $3;
+	    yySeconds = 0;
+	    yyMeridian = $4;
+	}
+	| tUNUMBER ':' tUNUMBER tSNUMBER {
+	    yyHour = $1;
+	    yyMinutes = $3;
+	    yyMeridian = MER24;
+	    yyHaveZone++;
+	    yyTimezone = ($4 < 0
+			  ? -$4 % 100 + (-$4 / 100) * 60
+			  : - ($4 % 100 + ($4 / 100) * 60));
+	}
+	| tUNUMBER ':' tUNUMBER ':' tUNUMBER o_merid {
+	    yyHour = $1;
+	    yyMinutes = $3;
+	    yySeconds = $5;
+	    yyMeridian = $6;
+	}
+	| tUNUMBER ':' tUNUMBER ':' tUNUMBER tSNUMBER {
+	    yyHour = $1;
+	    yyMinutes = $3;
+	    yySeconds = $5;
+	    yyMeridian = MER24;
+	    yyHaveZone++;
+	    yyTimezone = ($6 < 0
+			  ? -$6 % 100 + (-$6 / 100) * 60
+			  : - ($6 % 100 + ($6 / 100) * 60));
+	}
+	;
+
+zone	: tZONE {
+	    yyTimezone = $1;
+	}
+	| tDAYZONE {
+	    yyTimezone = $1 - 60;
+	}
+	|
+	  tZONE tDST {
+	    yyTimezone = $1 - 60;
+	}
+	;
+
+day	: tDAY {
+	    yyDayOrdinal = 1;
+	    yyDayNumber = $1;
+	}
+	| tDAY ',' {
+	    yyDayOrdinal = 1;
+	    yyDayNumber = $1;
+	}
+	| tUNUMBER tDAY {
+	    yyDayOrdinal = $1;
+	    yyDayNumber = $2;
+	}
+	;
+
+date	: tUNUMBER '/' tUNUMBER {
+	    yyMonth = $1;
+	    yyDay = $3;
+	}
+	| tUNUMBER '/' tUNUMBER '/' tUNUMBER {
+	  /* Interpret as YYYY/MM/DD if $1 >= 1000, otherwise as MM/DD/YY.
+	     The goal in recognizing YYYY/MM/DD is solely to support legacy
+	     machine-generated dates like those in an RCS log listing.  If
+	     you want portability, use the ISO 8601 format.  */
+	  if ($1 >= 1000)
+	    {
+	      yyYear = $1;
+	      yyMonth = $3;
+	      yyDay = $5;
+	    }
+	  else
+	    {
+	      yyMonth = $1;
+	      yyDay = $3;
+	      yyYear = $5;
+	    }
+	}
+	| tUNUMBER tSNUMBER tSNUMBER {
+	    /* ISO 8601 format.  yyyy-mm-dd.  */
+	    yyYear = $1;
+	    yyMonth = -$2;
+	    yyDay = -$3;
+	}
+	| tUNUMBER tMONTH tSNUMBER {
+	    /* e.g. 17-JUN-1992.  */
+	    yyDay = $1;
+	    yyMonth = $2;
+	    yyYear = -$3;
+	}
+	| tMONTH tUNUMBER {
+	    yyMonth = $1;
+	    yyDay = $2;
+	}
+	| tMONTH tUNUMBER ',' tUNUMBER {
+	    yyMonth = $1;
+	    yyDay = $2;
+	    yyYear = $4;
+	}
+	| tUNUMBER tMONTH {
+	    yyMonth = $2;
+	    yyDay = $1;
+	}
+	| tUNUMBER tMONTH tUNUMBER {
+	    yyMonth = $2;
+	    yyDay = $1;
+	    yyYear = $3;
+	}
+	;
+
+rel	: relunit tAGO {
+	    yyRelSeconds = -yyRelSeconds;
+	    yyRelMinutes = -yyRelMinutes;
+	    yyRelHour = -yyRelHour;
+	    yyRelDay = -yyRelDay;
+	    yyRelMonth = -yyRelMonth;
+	    yyRelYear = -yyRelYear;
+	}
+	| relunit
+	;
+
+relunit	: tUNUMBER tYEAR_UNIT {
+	    yyRelYear += $1 * $2;
+	}
+	| tSNUMBER tYEAR_UNIT {
+	    yyRelYear += $1 * $2;
+	}
+	| tYEAR_UNIT {
+	    yyRelYear++;
+	}
+	| tUNUMBER tMONTH_UNIT {
+	    yyRelMonth += $1 * $2;
+	}
+	| tSNUMBER tMONTH_UNIT {
+	    yyRelMonth += $1 * $2;
+	}
+	| tMONTH_UNIT {
+	    yyRelMonth++;
+	}
+	| tUNUMBER tDAY_UNIT {
+	    yyRelDay += $1 * $2;
+	}
+	| tSNUMBER tDAY_UNIT {
+	    yyRelDay += $1 * $2;
+	}
+	| tDAY_UNIT {
+	    yyRelDay++;
+	}
+	| tUNUMBER tHOUR_UNIT {
+	    yyRelHour += $1 * $2;
+	}
+	| tSNUMBER tHOUR_UNIT {
+	    yyRelHour += $1 * $2;
+	}
+	| tHOUR_UNIT {
+	    yyRelHour++;
+	}
+	| tUNUMBER tMINUTE_UNIT {
+	    yyRelMinutes += $1 * $2;
+	}
+	| tSNUMBER tMINUTE_UNIT {
+	    yyRelMinutes += $1 * $2;
+	}
+	| tMINUTE_UNIT {
+	    yyRelMinutes++;
+	}
+	| tUNUMBER tSEC_UNIT {
+	    yyRelSeconds += $1 * $2;
+	}
+	| tSNUMBER tSEC_UNIT {
+	    yyRelSeconds += $1 * $2;
+	}
+	| tSEC_UNIT {
+	    yyRelSeconds++;
+	}
+	;
+
+number	: tUNUMBER
+          {
+	    if ((yyHaveTime != 0) && (yyHaveDate != 0) && (yyHaveRel == 0))
+	      yyYear = $1;
+	    else
+	      {
+		if ($1>10000)
+		  {
+		    yyHaveDate++;
+		    yyDay= ($1)%100;
+		    yyMonth= ($1/100)%100;
+		    yyYear = $1/10000;
+		  }
+		else
+		  {
+		    yyHaveTime++;
+		    if ($1 < 100)
+		      {
+			yyHour = $1;
+			yyMinutes = 0;
+		      }
+		    else
+		      {
+		    	yyHour = $1 / 100;
+		    	yyMinutes = $1 % 100;
+		      }
+		    yySeconds = 0;
+		    yyMeridian = MER24;
+		  }
+	      }
+	  }
+	;
+
+o_merid	: /* NULL */
+	  {
+	    $$ = MER24;
+	  }
+	| tMERIDIAN
+	  {
+	    $$ = $1;
+	  }
+	;
+
+%%
+
+/* Month and day table. */
+static TABLE const MonthDayTable[] = {
+    { "january",	tMONTH,  1 },
+    { "february",	tMONTH,  2 },
+    { "march",		tMONTH,  3 },
+    { "april",		tMONTH,  4 },
+    { "may",		tMONTH,  5 },
+    { "june",		tMONTH,  6 },
+    { "july",		tMONTH,  7 },
+    { "august",		tMONTH,  8 },
+    { "september",	tMONTH,  9 },
+    { "sept",		tMONTH,  9 },
+    { "october",	tMONTH, 10 },
+    { "november",	tMONTH, 11 },
+    { "december",	tMONTH, 12 },
+    { "sunday",		tDAY, 0 },
+    { "monday",		tDAY, 1 },
+    { "tuesday",	tDAY, 2 },
+    { "tues",		tDAY, 2 },
+    { "wednesday",	tDAY, 3 },
+    { "wednes",		tDAY, 3 },
+    { "thursday",	tDAY, 4 },
+    { "thur",		tDAY, 4 },
+    { "thurs",		tDAY, 4 },
+    { "friday",		tDAY, 5 },
+    { "saturday",	tDAY, 6 },
+    { NULL, 0, 0 }
+};
+
+/* Time units table. */
+static TABLE const UnitsTable[] = {
+    { "year",		tYEAR_UNIT,	1 },
+    { "month",		tMONTH_UNIT,	1 },
+    { "fortnight",	tDAY_UNIT,	14 },
+    { "week",		tDAY_UNIT,	7 },
+    { "day",		tDAY_UNIT,	1 },
+    { "hour",		tHOUR_UNIT,	1 },
+    { "minute",		tMINUTE_UNIT,	1 },
+    { "min",		tMINUTE_UNIT,	1 },
+    { "second",		tSEC_UNIT,	1 },
+    { "sec",		tSEC_UNIT,	1 },
+    { NULL, 0, 0 }
+};
+
+/* Assorted relative-time words. */
+static TABLE const OtherTable[] = {
+    { "tomorrow",	tMINUTE_UNIT,	1 * 24 * 60 },
+    { "yesterday",	tMINUTE_UNIT,	-1 * 24 * 60 },
+    { "today",		tMINUTE_UNIT,	0 },
+    { "now",		tMINUTE_UNIT,	0 },
+    { "last",		tUNUMBER,	-1 },
+    { "this",		tMINUTE_UNIT,	0 },
+    { "next",		tUNUMBER,	2 },
+    { "first",		tUNUMBER,	1 },
+/*  { "second",		tUNUMBER,	2 }, */
+    { "third",		tUNUMBER,	3 },
+    { "fourth",		tUNUMBER,	4 },
+    { "fifth",		tUNUMBER,	5 },
+    { "sixth",		tUNUMBER,	6 },
+    { "seventh",	tUNUMBER,	7 },
+    { "eighth",		tUNUMBER,	8 },
+    { "ninth",		tUNUMBER,	9 },
+    { "tenth",		tUNUMBER,	10 },
+    { "eleventh",	tUNUMBER,	11 },
+    { "twelfth",	tUNUMBER,	12 },
+    { "ago",		tAGO,	1 },
+    { NULL, 0, 0 }
+};
+
+/* The timezone table. */
+static TABLE const TimezoneTable[] = {
+    { "gmt",	tZONE,     HOUR ( 0) },	/* Greenwich Mean */
+    { "ut",	tZONE,     HOUR ( 0) },	/* Universal (Coordinated) */
+    { "utc",	tZONE,     HOUR ( 0) },
+    { "wet",	tZONE,     HOUR ( 0) },	/* Western European */
+    { "bst",	tDAYZONE,  HOUR ( 0) },	/* British Summer */
+    { "wat",	tZONE,     HOUR ( 1) },	/* West Africa */
+    { "at",	tZONE,     HOUR ( 2) },	/* Azores */
+    { "ast",	tZONE,     HOUR ( 4) },	/* Atlantic Standard */
+    { "adt",	tDAYZONE,  HOUR ( 4) },	/* Atlantic Daylight */
+    { "est",	tZONE,     HOUR ( 5) },	/* Eastern Standard */
+    { "edt",	tDAYZONE,  HOUR ( 5) },	/* Eastern Daylight */
+    { "cst",	tZONE,     HOUR ( 6) },	/* Central Standard */
+    { "cdt",	tDAYZONE,  HOUR ( 6) },	/* Central Daylight */
+    { "mst",	tZONE,     HOUR ( 7) },	/* Mountain Standard */
+    { "mdt",	tDAYZONE,  HOUR ( 7) },	/* Mountain Daylight */
+    { "pst",	tZONE,     HOUR ( 8) },	/* Pacific Standard */
+    { "pdt",	tDAYZONE,  HOUR ( 8) },	/* Pacific Daylight */
+    { "yst",	tZONE,     HOUR ( 9) },	/* Yukon Standard */
+    { "ydt",	tDAYZONE,  HOUR ( 9) },	/* Yukon Daylight */
+    { "hst",	tZONE,     HOUR (10) },	/* Hawaii Standard */
+    { "hdt",	tDAYZONE,  HOUR (10) },	/* Hawaii Daylight */
+    { "cat",	tZONE,     HOUR (10) },	/* Central Alaska */
+    { "ahst",	tZONE,     HOUR (10) },	/* Alaska-Hawaii Standard */
+    { "nt",	tZONE,     HOUR (11) },	/* Nome */
+    { "idlw",	tZONE,     HOUR (12) },	/* International Date Line West */
+    { "cet",	tZONE,     -HOUR (1) },	/* Central European */
+    { "met",	tZONE,     -HOUR (1) },	/* Middle European */
+    { "mewt",	tZONE,     -HOUR (1) },	/* Middle European Winter */
+    { "mest",	tDAYZONE,  -HOUR (1) },	/* Middle European Summer */
+    { "mesz",	tDAYZONE,  -HOUR (1) },	/* Middle European Summer */
+    { "swt",	tZONE,     -HOUR (1) },	/* Swedish Winter */
+    { "sst",	tDAYZONE,  -HOUR (1) },	/* Swedish Summer */
+    { "fwt",	tZONE,     -HOUR (1) },	/* French Winter */
+    { "fst",	tDAYZONE,  -HOUR (1) },	/* French Summer */
+    { "eet",	tZONE,     -HOUR (2) },	/* Eastern Europe, USSR Zone 1 */
+    { "bt",	tZONE,     -HOUR (3) },	/* Baghdad, USSR Zone 2 */
+    { "zp4",	tZONE,     -HOUR (4) },	/* USSR Zone 3 */
+    { "zp5",	tZONE,     -HOUR (5) },	/* USSR Zone 4 */
+    { "zp6",	tZONE,     -HOUR (6) },	/* USSR Zone 5 */
+    { "wast",	tZONE,     -HOUR (7) },	/* West Australian Standard */
+    { "wadt",	tDAYZONE,  -HOUR (7) },	/* West Australian Daylight */
+    { "cct",	tZONE,     -HOUR (8) },	/* China Coast, USSR Zone 7 */
+    { "jst",	tZONE,     -HOUR (9) },	/* Japan Standard, USSR Zone 8 */
+    { "east",	tZONE,     -HOUR (10) },	/* Eastern Australian Standard */
+    { "eadt",	tDAYZONE,  -HOUR (10) },	/* Eastern Australian Daylight */
+    { "gst",	tZONE,     -HOUR (10) },	/* Guam Standard, USSR Zone 9 */
+    { "nzt",	tZONE,     -HOUR (12) },	/* New Zealand */
+    { "nzst",	tZONE,     -HOUR (12) },	/* New Zealand Standard */
+    { "nzdt",	tDAYZONE,  -HOUR (12) },	/* New Zealand Daylight */
+    { "idle",	tZONE,     -HOUR (12) },	/* International Date Line East */
+    { NULL, 0, 0 }
+};
+
+/* Military timezone table. */
+static TABLE const MilitaryTable[] = {
+    { "a",	tZONE,	HOUR (  1) },
+    { "b",	tZONE,	HOUR (  2) },
+    { "c",	tZONE,	HOUR (  3) },
+    { "d",	tZONE,	HOUR (  4) },
+    { "e",	tZONE,	HOUR (  5) },
+    { "f",	tZONE,	HOUR (  6) },
+    { "g",	tZONE,	HOUR (  7) },
+    { "h",	tZONE,	HOUR (  8) },
+    { "i",	tZONE,	HOUR (  9) },
+    { "k",	tZONE,	HOUR ( 10) },
+    { "l",	tZONE,	HOUR ( 11) },
+    { "m",	tZONE,	HOUR ( 12) },
+    { "n",	tZONE,	HOUR (- 1) },
+    { "o",	tZONE,	HOUR (- 2) },
+    { "p",	tZONE,	HOUR (- 3) },
+    { "q",	tZONE,	HOUR (- 4) },
+    { "r",	tZONE,	HOUR (- 5) },
+    { "s",	tZONE,	HOUR (- 6) },
+    { "t",	tZONE,	HOUR (- 7) },
+    { "u",	tZONE,	HOUR (- 8) },
+    { "v",	tZONE,	HOUR (- 9) },
+    { "w",	tZONE,	HOUR (-10) },
+    { "x",	tZONE,	HOUR (-11) },
+    { "y",	tZONE,	HOUR (-12) },
+    { "z",	tZONE,	HOUR (  0) },
+    { NULL, 0, 0 }
+};
+
+
+
+
+static int yyerror (unused const char *s)
+{
+  return 0;
+}
+
+static int ToHour (int Hours, MERIDIAN Meridian)
+{
+  switch (Meridian)
+    {
+    case MER24:
+      if (Hours < 0 || Hours > 23)
+	return -1;
+      return Hours;
+    case MERam:
+      if (Hours < 1 || Hours > 12)
+	return -1;
+      if (Hours == 12)
+	Hours = 0;
+      return Hours;
+    case MERpm:
+      if (Hours < 1 || Hours > 12)
+	return -1;
+      if (Hours == 12)
+	Hours = 0;
+      return Hours + 12;
+    default:
+      abort ();
+    }
+  /* NOTREACHED */
+}
+
+static int ToYear (int Year)
+{
+  if (Year < 0)
+    Year = -Year;
+
+  /* XPG4 suggests that years 00-68 map to 2000-2068, and
+     years 69-99 map to 1969-1999.  */
+  if (Year < 69)
+    Year += 2000;
+  else if (Year < 100)
+    Year += 1900;
+
+  return Year;
+}
+
+static int LookupWord (char *buff)
+{
+  register char *p;
+  register char *q;
+  register const TABLE *tp;
+  int i;
+  bool abbrev;
+
+  /* Make it lowercase. */
+  for (p = buff; '\0' != *p; p++)
+    if (ISUPPER (*p))
+      *p = tolower (*p);
+
+  if (strcmp (buff, "am") == 0 || strcmp (buff, "a.m.") == 0)
+    {
+      yylval.Meridian = MERam;
+      return tMERIDIAN;
+    }
+  if (strcmp (buff, "pm") == 0 || strcmp (buff, "p.m.") == 0)
+    {
+      yylval.Meridian = MERpm;
+      return tMERIDIAN;
+    }
+
+  /* See if we have an abbreviation for a month. */
+  if (strlen (buff) == 3)
+    abbrev = true;
+  else if (strlen (buff) == 4 && buff[3] == '.')
+    {
+      abbrev = true;
+      buff[3] = '\0';
+    }
+  else
+    abbrev = false;
+
+  for (tp = MonthDayTable; tp->name; tp++)
+    {
+      if (abbrev)
+	{
+	  if (strncmp (buff, tp->name, 3) == 0)
+	    {
+	      yylval.Number = tp->value;
+	      return tp->type;
+	    }
+	}
+      else if (strcmp (buff, tp->name) == 0)
+	{
+	  yylval.Number = tp->value;
+	  return tp->type;
+	}
+    }
+
+  for (tp = TimezoneTable; tp->name; tp++)
+    if (strcmp (buff, tp->name) == 0)
+      {
+	yylval.Number = tp->value;
+	return tp->type;
+      }
+
+  if (strcmp (buff, "dst") == 0)
+    return tDST;
+
+  for (tp = UnitsTable; tp->name; tp++)
+    if (strcmp (buff, tp->name) == 0)
+      {
+	yylval.Number = tp->value;
+	return tp->type;
+      }
+
+  /* Strip off any plural and try the units table again. */
+  i = strlen (buff) - 1;
+  if (buff[i] == 's')
+    {
+      buff[i] = '\0';
+      for (tp = UnitsTable; tp->name; tp++)
+	if (strcmp (buff, tp->name) == 0)
+	  {
+	    yylval.Number = tp->value;
+	    return tp->type;
+	  }
+      buff[i] = 's';		/* Put back for "this" in OtherTable. */
+    }
+
+  for (tp = OtherTable; tp->name; tp++)
+    if (strcmp (buff, tp->name) == 0)
+      {
+	yylval.Number = tp->value;
+	return tp->type;
+      }
+
+  /* Military timezones. */
+  if (buff[1] == '\0' && ISALPHA (*buff))
+    {
+      for (tp = MilitaryTable; tp->name; tp++)
+	if (strcmp (buff, tp->name) == 0)
+	  {
+	    yylval.Number = tp->value;
+	    return tp->type;
+	  }
+    }
+
+  /* Drop out any periods and try the timezone table again. */
+  for (i = 0, p = q = buff; '\0' != *q; q++)
+    if (*q != '.')
+      *p++ = *q;
+    else
+      i++;
+  *p = '\0';
+  if (0 != i)
+    for (tp = TimezoneTable; NULL != tp->name; tp++)
+      if (strcmp (buff, tp->name) == 0)
+	{
+	  yylval.Number = tp->value;
+	  return tp->type;
+	}
+
+  return tID;
+}
+
+static int
+yylex (void)
+{
+  register char c;
+  register char *p;
+  char buff[20];
+  int Count;
+  int sign;
+
+  for (;;)
+    {
+      while (ISSPACE (*yyInput))
+	yyInput++;
+
+      if (ISDIGIT (c = *yyInput) || c == '-' || c == '+')
+	{
+	  if (c == '-' || c == '+')
+	    {
+	      sign = c == '-' ? -1 : 1;
+	      if (!ISDIGIT (*++yyInput))
+		/* skip the '-' sign */
+		continue;
+	    }
+	  else
+	    sign = 0;
+	  for (yylval.Number = 0; ISDIGIT (c = *yyInput++);)
+	    yylval.Number = 10 * yylval.Number + c - '0';
+	  yyInput--;
+	  if (sign < 0)
+	    yylval.Number = -yylval.Number;
+	  return (0 != sign) ? tSNUMBER : tUNUMBER;
+	}
+      if (ISALPHA (c))
+	{
+	  for (p = buff; (c = *yyInput++, ISALPHA (c)) || c == '.';)
+	    if (p < &buff[sizeof buff - 1])
+	      *p++ = c;
+	  *p = '\0';
+	  yyInput--;
+	  return LookupWord (buff);
+	}
+      if (c != '(')
+	return *yyInput++;
+      Count = 0;
+      do
+	{
+	  c = *yyInput++;
+	  if (c == '\0')
+	    return c;
+	  if (c == '(')
+	    Count++;
+	  else if (c == ')')
+	    Count--;
+	}
+      while (Count > 0);
+    }
+}
+
+#define TM_YEAR_ORIGIN 1900
+
+/* Yield A - B, measured in seconds.  */
+static long difftm (struct tm *a, struct tm *b)
+{
+  int ay = a->tm_year + (TM_YEAR_ORIGIN - 1);
+  int by = b->tm_year + (TM_YEAR_ORIGIN - 1);
+  long days = (
+  /* difference in day of year */
+		a->tm_yday - b->tm_yday
+  /* + intervening leap days */
+		+ ((ay >> 2) - (by >> 2))
+		- (ay / 100 - by / 100)
+		+ ((ay / 100 >> 2) - (by / 100 >> 2))
+  /* + difference in years * 365 */
+		+ (long) (ay - by) * 365
+  );
+  return (60 * (60 * (24 * days + (a->tm_hour - b->tm_hour))
+		+ (a->tm_min - b->tm_min))
+	  + (a->tm_sec - b->tm_sec));
+}
+
+time_t get_date (const char *p, const time_t *now)
+{
+  struct tm tm, tm0, *tmp;
+  time_t Start;
+
+  yyInput = p;
+  Start = now ? *now : time ((time_t *) NULL);
+  tmp = localtime (&Start);
+  yyYear = tmp->tm_year + TM_YEAR_ORIGIN;
+  yyMonth = tmp->tm_mon + 1;
+  yyDay = tmp->tm_mday;
+  yyHour = tmp->tm_hour;
+  yyMinutes = tmp->tm_min;
+  yySeconds = tmp->tm_sec;
+  yyMeridian = MER24;
+  yyRelSeconds = 0;
+  yyRelMinutes = 0;
+  yyRelHour = 0;
+  yyRelDay = 0;
+  yyRelMonth = 0;
+  yyRelYear = 0;
+  yyHaveDate = 0;
+  yyHaveDay = 0;
+  yyHaveRel = 0;
+  yyHaveTime = 0;
+  yyHaveZone = 0;
+
+  if (yyparse ()
+      || yyHaveTime > 1 || yyHaveZone > 1 || yyHaveDate > 1 || yyHaveDay > 1)
+    return -1;
+
+  tm.tm_year = ToYear (yyYear) - TM_YEAR_ORIGIN + yyRelYear;
+  tm.tm_mon = yyMonth - 1 + yyRelMonth;
+  tm.tm_mday = yyDay + yyRelDay;
+  if ((yyHaveTime != 0) ||
+      ( (yyHaveRel != 0) && (yyHaveDate == 0) && (yyHaveDay == 0) ))
+    {
+      tm.tm_hour = ToHour (yyHour, yyMeridian);
+      if (tm.tm_hour < 0)
+	return -1;
+      tm.tm_min = yyMinutes;
+      tm.tm_sec = yySeconds;
+    }
+  else
+    {
+      tm.tm_hour = tm.tm_min = tm.tm_sec = 0;
+    }
+  tm.tm_hour += yyRelHour;
+  tm.tm_min += yyRelMinutes;
+  tm.tm_sec += yyRelSeconds;
+  tm.tm_isdst = -1;
+  tm0 = tm;
+
+  Start = mktime (&tm);
+
+  if (Start == (time_t) -1)
+    {
+
+      /* Guard against falsely reporting errors near the time_t boundaries
+         when parsing times in other time zones.  For example, if the min
+         time_t value is 1970-01-01 00:00:00 UTC and we are 8 hours ahead
+         of UTC, then the min localtime value is 1970-01-01 08:00:00; if
+         we apply mktime to 1970-01-01 00:00:00 we will get an error, so
+         we apply mktime to 1970-01-02 08:00:00 instead and adjust the time
+         zone by 24 hours to compensate.  This algorithm assumes that
+         there is no DST transition within a day of the time_t boundaries.  */
+      if (yyHaveZone)
+	{
+	  tm = tm0;
+	  if (tm.tm_year <= EPOCH - TM_YEAR_ORIGIN)
+	    {
+	      tm.tm_mday++;
+	      yyTimezone -= 24 * 60;
+	    }
+	  else
+	    {
+	      tm.tm_mday--;
+	      yyTimezone += 24 * 60;
+	    }
+	  Start = mktime (&tm);
+	}
+
+      if (Start == (time_t) -1)
+	return Start;
+    }
+
+  if (yyHaveDay && !yyHaveDate)
+    {
+      tm.tm_mday += ((yyDayNumber - tm.tm_wday + 7) % 7
+		     + 7 * (yyDayOrdinal - (0 < yyDayOrdinal)));
+      Start = mktime (&tm);
+      if (Start == (time_t) -1)
+	return Start;
+    }
+
+  if (yyHaveZone)
+    {
+      long delta = yyTimezone * 60L + difftm (&tm, gmtime (&Start));
+      if ((Start + delta < Start) != (delta < 0))
+	return -1;		/* time_t overflow */
+      Start += delta;
+    }
+
+  return Start;
+}
+
+#if	defined (TEST)
+
+/* ARGSUSED */
+int
+main (ac, av)
+     int ac;
+     char *av[];
+{
+  char buff[MAX_BUFF_LEN + 1];
+  time_t d;
+
+  (void) printf ("Enter date, or blank line to exit.\n\t> ");
+  (void) fflush (stdout);
+
+  buff[MAX_BUFF_LEN] = 0;
+  while (fgets (buff, MAX_BUFF_LEN, stdin) && buff[0])
+    {
+      d = get_date (buff, (time_t *) NULL);
+      if (d == -1)
+	(void) printf ("Bad format - couldn't convert.\n");
+      else
+	(void) printf ("%s", ctime (&d));
+      (void) printf ("\t> ");
+      (void) fflush (stdout);
+    }
+  exit (0);
+  /* NOTREACHED */
+}
+#endif /* defined (TEST) */
diff --git a/libmisc/getgr_nam_gid.c b/libmisc/getgr_nam_gid.c
new file mode 100644
index 0000000..027280a
--- /dev/null
+++ b/libmisc/getgr_nam_gid.c
@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdlib.h>
+#include <errno.h>
+#include <grp.h>
+#include "prototypes.h"
+
+/*
+ * getgr_nam_gid - Return a pointer to the group specified by a string.
+ * The string may be a valid GID or a valid groupname.
+ * If the group does not exist on the system, NULL is returned.
+ */
+extern /*@only@*//*@null@*/struct group *getgr_nam_gid (/*@null@*/const char *grname)
+{
+	long long int gid;
+	char *endptr;
+
+	if (NULL == grname) {
+		return NULL;
+	}
+
+	errno = 0;
+	gid = strtoll (grname, &endptr, 10);
+	if (   ('\0' != *grname)
+	    && ('\0' == *endptr)
+	    && (ERANGE != errno)
+	    && (/*@+longintegral@*/gid == (gid_t)gid)/*@=longintegral@*/) {
+		return xgetgrgid ((gid_t) gid);
+	}
+	return xgetgrnam (grname);
+}
+
diff --git a/libmisc/getrange.c b/libmisc/getrange.c
new file mode 100644
index 0000000..9b5e611
--- /dev/null
+++ b/libmisc/getrange.c
@@ -0,0 +1,124 @@
+/*
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id: $"
+
+#include <ctype.h>
+#include <stdlib.h>
+
+#include "defines.h"
+#include "prototypes.h"
+
+/*
+ * Parse a range and indicate if the range is valid.
+ * Valid ranges are in the form:
+ *     <long>          -> min=max=long         has_min  has_max
+ *     -<long>         -> max=long            !has_min  has_max
+ *     <long>-         -> min=long             has_min !has_max
+ *     <long1>-<long2> -> min=long1 max=long2  has_min  has_max
+ *
+ * If the range is valid, getrange returns 1.
+ * If the range is not valid, getrange returns 0.
+ */
+int getrange (char *range,
+              unsigned long *min, bool *has_min,
+              unsigned long *max, bool *has_max)
+{
+	char *endptr;
+	unsigned long n;
+
+	if (NULL == range) {
+		return 0;
+	}
+
+	if ('-' == range[0]) {
+		if (!isdigit(range[1])) {
+			/* invalid */
+			return 0;
+		}
+		errno = 0;
+		n = strtoul (&range[1], &endptr, 10);
+		if (('\0' != *endptr) || (ERANGE == errno)) {
+			/* invalid */
+			return 0;
+		}
+		/* -<long> */
+		*has_min = false;
+		*has_max = true;
+		*max = n;
+	} else {
+		errno = 0;
+		n = strtoul (range, &endptr, 10);
+		if (ERANGE == errno) {
+			/* invalid */
+			return 0;
+		}
+		switch (*endptr) {
+			case '\0':
+				/* <long> */
+				*has_min = true;
+				*has_max = true;
+				*min = n;
+				*max = n;
+				break;
+			case '-':
+				endptr++;
+				if ('\0' == *endptr) {
+					/* <long>- */
+					*has_min = true;
+					*has_max = false;
+					*min = n;
+				} else if (!isdigit (*endptr)) {
+					/* invalid */
+					return 0;
+				} else {
+					*has_min = true;
+					*min = n;
+					errno = 0;
+					n = strtoul (endptr, &endptr, 10);
+					if (   ('\0' != *endptr)
+					    || (ERANGE == errno)) {
+						/* invalid */
+						return 0;
+					}
+					/* <long>-<long> */
+					*has_max = true;
+					*max = n;
+				}
+				break;
+			default:
+				return 0;
+		}
+	}
+
+	return 1;
+}
+
diff --git a/libmisc/gettime.c b/libmisc/gettime.c
new file mode 100644
index 0000000..53eaf51
--- /dev/null
+++ b/libmisc/gettime.c
@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) 2017, Chris Lamb
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <errno.h>
+#include <limits.h>
+#include <stdio.h>
+#include "defines.h"
+#include "prototypes.h"
+
+/*
+ * gettime() returns the time as the number of seconds since the Epoch
+ *
+ * Like time(), gettime() returns the time as the number of seconds since the
+ * Epoch, 1970-01-01 00:00:00 +0000 (UTC), except that if the SOURCE_DATE_EPOCH
+ * environment variable is exported it will use that instead.
+ */
+/*@observer@*/time_t gettime ()
+{
+	char *endptr;
+	char *source_date_epoch;
+	time_t fallback;
+	unsigned long long epoch;
+
+	fallback = time (NULL);
+	source_date_epoch = getenv ("SOURCE_DATE_EPOCH");
+
+	if (!source_date_epoch)
+		return fallback;
+
+	errno = 0;
+	epoch = strtoull (source_date_epoch, &endptr, 10);
+	if ((errno == ERANGE && (epoch == ULLONG_MAX || epoch == 0))
+			|| (errno != 0 && epoch == 0)) {
+		fprintf (stderr,
+			 _("Environment variable $SOURCE_DATE_EPOCH: strtoull: %s\n"),
+			 strerror(errno));
+	} else if (endptr == source_date_epoch) {
+		fprintf (stderr,
+			 _("Environment variable $SOURCE_DATE_EPOCH: No digits were found: %s\n"),
+			 endptr);
+	} else if (*endptr != '\0') {
+		fprintf (stderr,
+			 _("Environment variable $SOURCE_DATE_EPOCH: Trailing garbage: %s\n"),
+			 endptr);
+	} else if (epoch > ULONG_MAX) {
+		fprintf (stderr,
+			 _("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to %lu but was found to be: %llu\n"),
+			 ULONG_MAX, epoch);
+	} else if (epoch > fallback) {
+		fprintf (stderr,
+			 _("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to the current time (%lu) but was found to be: %llu\n"),
+			 fallback, epoch);
+	} else {
+		/* Valid */
+		return (time_t)epoch;
+	}
+
+	return fallback;
+}
diff --git a/libmisc/hushed.c b/libmisc/hushed.c
new file mode 100644
index 0000000..b71b99c
--- /dev/null
+++ b/libmisc/hushed.c
@@ -0,0 +1,100 @@
+/*
+ * Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1991 - 1993, Chip Rosenthal
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <pwd.h>
+#include "defines.h"
+#include "prototypes.h"
+#include "getdef.h"
+/*
+ * hushed - determine if a user receives login messages
+ *
+ * Look in the hushed-logins file (or user's home directory) to see
+ * if the user is to receive the login-time messages.
+ */
+bool hushed (const char *username)
+{
+	struct passwd *pw;
+	const char *hushfile;
+	char buf[BUFSIZ];
+	bool found;
+	FILE *fp;
+
+	/*
+	 * Get the name of the file to use.  If this option is not
+	 * defined, default to a noisy login.
+	 */
+
+	hushfile = getdef_str ("HUSHLOGIN_FILE");
+	if (NULL == hushfile) {
+		return false;
+	}
+
+	pw = getpwnam (username);
+	if (NULL == pw) {
+		return false;
+	}
+
+	/*
+	 * If this is not a fully rooted path then see if the
+	 * file exists in the user's home directory.
+	 */
+
+	if (hushfile[0] != '/') {
+		(void) snprintf (buf, sizeof (buf), "%s/%s", pw->pw_dir, hushfile);
+		return (access (buf, F_OK) == 0);
+	}
+
+	/*
+	 * If this is a fully rooted path then go through the file
+	 * and see if this user, or its shell is in there.
+	 */
+
+	fp = fopen (hushfile, "r");
+	if (NULL == fp) {
+		return false;
+	}
+	for (found = false; !found && (fgets (buf, (int) sizeof buf, fp) == buf);) {
+		buf[strlen (buf) - 1] = '\0';
+		found = (strcmp (buf, pw->pw_shell) == 0) ||
+		        (strcmp (buf, pw->pw_name) == 0);
+	}
+	(void) fclose (fp);
+	return found;
+}
+
diff --git a/libmisc/idmapping.c b/libmisc/idmapping.c
new file mode 100644
index 0000000..db254fc
--- /dev/null
+++ b/libmisc/idmapping.c
@@ -0,0 +1,164 @@
+/*
+ * Copyright (c) 2013 Eric Biederman
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include "prototypes.h"
+#include "idmapping.h"
+
+struct map_range *get_map_ranges(int ranges, int argc, char **argv)
+{
+	struct map_range *mappings, *mapping;
+	int idx, argidx;
+
+	if (ranges < 0 || argc < 0) {
+		fprintf(stderr, "%s: error calculating number of arguments\n", Prog);
+		return NULL;
+	}
+
+	if (ranges != ((argc + 2) / 3)) {
+		fprintf(stderr, "%s: ranges: %u is wrong for argc: %d\n", Prog, ranges, argc);
+		return NULL;
+	}
+
+	if ((ranges * 3) > argc) {
+		fprintf(stderr, "ranges: %u argc: %d\n",
+			ranges, argc);
+		fprintf(stderr,
+			_( "%s: Not enough arguments to form %u mappings\n"),
+			Prog, ranges);
+		return NULL;
+	}
+
+	mappings = calloc(ranges, sizeof(*mappings));
+	if (!mappings) {
+		fprintf(stderr, _( "%s: Memory allocation failure\n"),
+			Prog);
+		exit(EXIT_FAILURE);
+	}
+
+	/* Gather up the ranges from the command line */
+	mapping = mappings;
+	for (idx = 0, argidx = 0; idx < ranges; idx++, argidx += 3, mapping++) {
+		if (!getulong(argv[argidx + 0], &mapping->upper)) {
+			free(mappings);
+			return NULL;
+		}
+		if (!getulong(argv[argidx + 1], &mapping->lower)) {
+			free(mappings);
+			return NULL;
+		}
+		if (!getulong(argv[argidx + 2], &mapping->count)) {
+			free(mappings);
+			return NULL;
+		}
+		if (ULONG_MAX - mapping->upper <= mapping->count || ULONG_MAX - mapping->lower <= mapping->count) {
+			fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog);
+			exit(EXIT_FAILURE);
+		}
+		if (mapping->upper > UINT_MAX ||
+			mapping->lower > UINT_MAX ||
+			mapping->count > UINT_MAX)  {
+			fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog);
+			exit(EXIT_FAILURE);
+		}
+		if (mapping->lower + mapping->count > UINT_MAX ||
+				mapping->upper + mapping->count > UINT_MAX) {
+			fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog);
+			exit(EXIT_FAILURE);
+		}
+		if (mapping->lower + mapping->count < mapping->lower ||
+				mapping->upper + mapping->count < mapping->upper) {
+			/* this one really shouldn't be possible given previous checks */
+			fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog);
+			exit(EXIT_FAILURE);
+		}
+	}
+	return mappings;
+}
+
+/* Number of ascii digits needed to print any unsigned long in decimal.
+ * There are approximately 10 bits for every 3 decimal digits.
+ * So from bits to digits the formula is roundup((Number of bits)/10) * 3.
+ * For common sizes of integers this works out to:
+ *  2bytes -->  6 ascii estimate  -> 65536  (5 real)
+ *  4bytes --> 12 ascii estimated -> 4294967296 (10 real)
+ *  8bytes --> 21 ascii estimated -> 18446744073709551616 (20 real)
+ * 16bytes --> 39 ascii estimated -> 340282366920938463463374607431768211456 (39 real)
+ */
+#define ULONG_DIGITS ((((sizeof(unsigned long) * CHAR_BIT) + 9)/10)*3)
+
+
+void write_mapping(int proc_dir_fd, int ranges, struct map_range *mappings,
+	const char *map_file)
+{
+	int idx;
+	struct map_range *mapping;
+	size_t bufsize;
+	char *buf, *pos;
+	int fd;
+
+	bufsize = ranges * ((ULONG_DIGITS  + 1) * 3);
+	pos = buf = xmalloc(bufsize);
+
+	/* Build the mapping command */
+	mapping = mappings;
+	for (idx = 0; idx < ranges; idx++, mapping++) {
+		/* Append this range to the string that will be written */
+		int written = snprintf(pos, bufsize - (pos - buf),
+			"%lu %lu %lu\n",
+			mapping->upper,
+			mapping->lower,
+			mapping->count);
+		if ((written <= 0) || (written >= (bufsize - (pos - buf)))) {
+			fprintf(stderr, _("%s: snprintf failed!\n"), Prog);
+			exit(EXIT_FAILURE);
+		}
+		pos += written;
+	}
+
+	/* Write the mapping to the maping file */
+	fd = openat(proc_dir_fd, map_file, O_WRONLY);
+	if (fd < 0) {
+		fprintf(stderr, _("%s: open of %s failed: %s\n"),
+			Prog, map_file, strerror(errno));
+		exit(EXIT_FAILURE);
+	}
+	if (write(fd, buf, pos - buf) != (pos - buf)) {
+		fprintf(stderr, _("%s: write to %s failed: %s\n"),
+			Prog, map_file, strerror(errno));
+		exit(EXIT_FAILURE);
+	}
+	close(fd);
+}
diff --git a/libmisc/idmapping.h b/libmisc/idmapping.h
new file mode 100644
index 0000000..58d000f
--- /dev/null
+++ b/libmisc/idmapping.h
@@ -0,0 +1,44 @@
+/*
+ * Copyright (c) 2013 Eric Biederman
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _IDMAPPING_H_
+#define _IDMAPPING_H_
+
+struct map_range {
+	unsigned long upper; /* first ID inside the namespace */
+	unsigned long lower; /* first ID outside the namespace */
+	unsigned long count; /* Length of the inside and outside ranges */
+};
+
+extern struct map_range *get_map_ranges(int ranges, int argc, char **argv);
+extern void write_mapping(int proc_dir_fd, int ranges,
+	struct map_range *mappings, const char *map_file);
+
+#endif /* _ID_MAPPING_H_ */
+
diff --git a/libmisc/isexpired.c b/libmisc/isexpired.c
new file mode 100644
index 0000000..8e8a645
--- /dev/null
+++ b/libmisc/isexpired.c
@@ -0,0 +1,125 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Extracted from age.c and made part of libshadow.a - may be useful
+ * in other shadow-aware programs.  --marekm
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+#include <time.h>
+
+#ident "$Id$"
+
+
+/*
+ * isexpired - determine if account is expired yet
+ *
+ *	isexpired calculates the expiration date based on the
+ *	password expiration criteria.
+ *
+ * Return value:
+ *	0: The password is still valid
+ *	1: The password has expired, it must be changed
+ *	2: The password has expired since a long time and the account is
+ *	   now disabled. (password cannot be changed)
+ *	3: The account has expired
+ */
+int isexpired (const struct passwd *pw, /*@null@*/const struct spwd *sp)
+{
+	long now;
+
+	now = (long) time ((time_t *) 0) / SCALE;
+
+	if (NULL == sp) {
+		return 0;
+	}
+
+	/*
+	 * Quick and easy - there is an expired account field
+	 * along with an inactive account field.  Do the expired
+	 * one first since it is worse.
+	 */
+
+	if ((sp->sp_expire > 0) && (now >= sp->sp_expire)) {
+		return 3;
+	}
+
+	/*
+	 * Last changed date 1970-01-01 (not very likely) means that
+	 * the password must be changed on next login (passwd -e).
+	 *
+	 * The check for "x" is a workaround for RedHat NYS libc bug -
+	 * if /etc/shadow doesn't exist, getspnam() still succeeds and
+	 * returns sp_lstchg==0 (must change password) instead of -1!
+	 */
+	if (   (0 == sp->sp_lstchg)
+	    && (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) == 0)) {
+		return 1;
+	}
+
+	if (   (sp->sp_lstchg > 0)
+	    && (sp->sp_max >= 0)
+	    && (sp->sp_inact >= 0)
+	    && (now >= (sp->sp_lstchg + sp->sp_max + sp->sp_inact))) {
+		return 2;
+	}
+
+	/*
+	 * The last and max fields must be present for an account
+	 * to have an expired password.  A maximum of >10000 days
+	 * is considered to be infinite.
+	 */
+
+	if (   (-1 == sp->sp_lstchg)
+	    || (-1 == sp->sp_max)
+	    || (sp->sp_max >= ((10000L * DAY) / SCALE))) {
+		return 0;
+	}
+
+	/*
+	 * Calculate today's day and the day on which the password
+	 * is going to expire.  If that date has already passed,
+	 * the password has expired.
+	 */
+
+	if (now >= (sp->sp_lstchg + sp->sp_max)) {
+		return 1;
+	}
+	return 0;
+}
+
diff --git a/libmisc/limits.c b/libmisc/limits.c
new file mode 100644
index 0000000..f40e171
--- /dev/null
+++ b/libmisc/limits.c
@@ -0,0 +1,611 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Separated from setup.c.  --marekm
+ * Resource limits thanks to Cristian Gafton.
+ * Enhancements of resource limit code by Thomas Orgis <thomas@orgis.org>
+ */
+
+#include <config.h>
+
+#ifndef USE_PAM
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <ctype.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+#include "getdef.h"
+#ifdef HAVE_SYS_RESOURCE_H
+#include <sys/resource.h>
+#define LIMITS
+#endif
+#ifdef LIMITS
+#ifndef LIMITS_FILE
+#define LIMITS_FILE "/etc/limits"
+#endif
+#define LOGIN_ERROR_RLIMIT	1
+#define LOGIN_ERROR_LOGIN	2
+/* Set a limit on a resource */
+/*
+ *	rlimit - RLIMIT_XXXX
+ *	value - string value to be read
+ *	multiplier - value*multiplier is the actual limit
+ */
+static int setrlimit_value (unsigned int resource,
+                            const char *value,
+                            unsigned int multiplier)
+{
+	struct rlimit rlim;
+	rlim_t limit;
+
+	/* The "-" is special, not belonging to a strange negative limit.
+	 * It is infinity, in a controlled way.
+	 */
+	if ('-' == value[0]) {
+		limit = RLIM_INFINITY;
+	}
+	else {
+		/* We cannot use getlong here because it fails when there
+		 * is more to the value than just this number!
+		 * Also, we are limited to base 10 here (hex numbers will not
+		 * work with the limit string parser as is anyway)
+		 */
+		char *endptr;
+		long longlimit = strtol (value, &endptr, 10);
+		if ((0 == longlimit) && (value == endptr)) {
+			/* No argument at all. No-op.
+			 * FIXME: We could instead throw an error, though.
+			 */
+			return 0;
+		}
+		longlimit *= multiplier;
+		limit = (rlim_t)longlimit;
+		if (longlimit != limit)
+		{
+			/* FIXME: Again, silent error handling...
+			 * Wouldn't screaming make more sense?
+			 */
+			return 0;
+		}
+	}
+
+	rlim.rlim_cur = limit;
+	rlim.rlim_max = limit;
+	if (setrlimit (resource, &rlim) != 0) {
+		return LOGIN_ERROR_RLIMIT;
+	}
+	return 0;
+}
+
+
+static int set_prio (const char *value)
+{
+	long prio;
+
+	if (   (getlong (value, &prio) == 0)
+	    || (prio != (int) prio)) {
+		return 0;
+	}
+	if (setpriority (PRIO_PROCESS, 0, (int) prio) != 0) {
+		return LOGIN_ERROR_RLIMIT;
+	}
+	return 0;
+}
+
+
+static int set_umask (const char *value)
+{
+	unsigned long int mask;
+
+	if (   (getulong (value, &mask) == 0)
+	    || (mask != (mode_t) mask)) {
+		return 0;
+	}
+
+	(void) umask ((mode_t) mask);
+	return 0;
+}
+
+
+/* Counts the number of user logins and check against the limit */
+static int check_logins (const char *name, const char *maxlogins)
+{
+#ifdef USE_UTMPX
+	struct utmpx *ut;
+#else				/* !USE_UTMPX */
+	struct utmp *ut;
+#endif				/* !USE_UTMPX */
+	unsigned long limit, count;
+
+	if (getulong (maxlogins, &limit) == 0) {
+		return 0;
+	}
+
+	if (0 == limit) {	/* maximum 0 logins ? */
+		SYSLOG ((LOG_WARN, "No logins allowed for `%s'\n", name));
+		return LOGIN_ERROR_LOGIN;
+	}
+
+	count = 0;
+#ifdef USE_UTMPX
+	setutxent ();
+	while ((ut = getutxent ()))
+#else				/* !USE_UTMPX */
+	setutent ();
+	while ((ut = getutent ()))
+#endif				/* !USE_UTMPX */
+	{
+		if (USER_PROCESS != ut->ut_type) {
+			continue;
+		}
+		if ('\0' == ut->ut_user[0]) {
+			continue;
+		}
+		if (strncmp (name, ut->ut_user, sizeof (ut->ut_user)) != 0) {
+			continue;
+		}
+		count++;
+		if (count > limit) {
+			break;
+		}
+	}
+#ifdef USE_UTMPX
+	endutxent ();
+#else				/* !USE_UTMPX */
+	endutent ();
+#endif				/* !USE_UTMPX */
+	/*
+	 * This is called after setutmp(), so the number of logins counted
+	 * includes the user who is currently trying to log in.
+	 */
+	if (count > limit) {
+		SYSLOG ((LOG_WARN,
+		         "Too many logins (max %lu) for %s\n",
+		         limit, name));
+		return LOGIN_ERROR_LOGIN;
+	}
+	return 0;
+}
+
+/* Function setup_user_limits - checks/set limits for the curent login
+ * Original idea from Joel Katz's lshell. Ported to shadow-login
+ * by Cristian Gafton - gafton@sorosis.ro
+ *
+ * We are passed a string of the form ('BASH' constants for ulimit)
+ *     [Aa][Cc][Dd][Ff][Mm][Nn][Rr][Ss][Tt][Uu][Ll][Pp][Ii][Oo]
+ *     (eg. 'C2F256D2048N5' or 'C2 F256 D2048 N5')
+ * where:
+ * [Aa]: a = RLIMIT_AS		max address space (KB)
+ * [Cc]: c = RLIMIT_CORE	max core file size (KB)
+ * [Dd]: d = RLIMIT_DATA	max data size (KB)
+ * [Ff]: f = RLIMIT_FSIZE	max file size (KB)
+ * [Ii]: i = RLIMIT_NICE    max nice value (0..39 translates to 20..-19)
+ * [Kk]: k = file creation masK (umask)
+ * [Ll]: l = max number of logins for this user
+ * [Mm]: m = RLIMIT_MEMLOCK	max locked-in-memory address space (KB)
+ * [Nn]: n = RLIMIT_NOFILE	max number of open files
+ * [Oo]: o = RLIMIT_RTPRIO  max real time priority (linux/sched.h 0..MAX_RT_PRIO)
+ * [Pp]: p = process priority -20..20 (negative = high, positive = low)
+ * [Rr]: r = RLIMIT_RSS		max resident set size (KB)
+ * [Ss]: s = RLIMIT_STACK	max stack size (KB)
+ * [Tt]: t = RLIMIT_CPU		max CPU time (MIN)
+ * [Uu]: u = RLIMIT_NPROC	max number of processes
+ *
+ * NOTE: Remember to extend the "no-limits" string below when adding a new
+ * limit...
+ *
+ * Return value:
+ *		0 = okay, of course
+ *		LOGIN_ERROR_RLIMIT = error setting some RLIMIT
+ *		LOGIN_ERROR_LOGIN  = error - too many logins for this user
+ *
+ * buf - the limits string
+ * name - the username
+ */
+static int do_user_limits (const char *buf, const char *name)
+{
+	const char *pp;
+	int retval = 0;
+	bool reported = false;
+
+	pp = buf;
+	/* Skip leading whitespace. */
+	while ((' ' == *pp) || ('\t' == *pp)) {
+		pp++;
+	}
+
+	/* The special limit string "-" results in no limit for all known
+	 * limits.
+	 * We achieve that by parsing a full limit string, parts of it
+	 * being ignored if a limit type is not known to the system.
+	 * Though, there will be complaining for unknown limit types.
+	 */
+	if (strcmp (pp, "-") == 0) {
+		/* Remember to extend this, too, when adding new limits!
+		 * Oh... but "unlimited" does not make sense for umask,
+		 * or does it? (K-)
+		 */
+		pp = "A- C- D- F- I- L- M- N- O- P- R- S- T- U-";
+	}
+
+	while ('\0' != *pp) {
+		switch (*pp++) {
+#ifdef RLIMIT_AS
+		case 'a':
+		case 'A':
+			/* RLIMIT_AS - max address space (KB) */
+			retval |= setrlimit_value (RLIMIT_AS, pp, 1024);
+			break;
+#endif
+#ifdef RLIMIT_CORE
+		case 'c':
+		case 'C':
+			/* RLIMIT_CORE - max core file size (KB) */
+			retval |= setrlimit_value (RLIMIT_CORE, pp, 1024);
+			break;
+#endif
+#ifdef RLIMIT_DATA
+		case 'd':
+		case 'D':
+			/* RLIMIT_DATA - max data size (KB) */
+			retval |= setrlimit_value (RLIMIT_DATA, pp, 1024);
+			break;
+#endif
+#ifdef RLIMIT_FSIZE
+		case 'f':
+		case 'F':
+			/* RLIMIT_FSIZE - Maximum filesize (KB) */
+			retval |= setrlimit_value (RLIMIT_FSIZE, pp, 1024);
+			break;
+#endif
+#ifdef RLIMIT_NICE
+		case 'i':
+		case 'I':
+			/* RLIMIT_NICE - max scheduling priority (0..39) */
+			retval |= setrlimit_value (RLIMIT_NICE, pp, 1);
+			break;
+#endif
+		case 'k':
+		case 'K':
+			retval |= set_umask (pp);
+			break;
+		case 'l':
+		case 'L':
+			/* LIMIT the number of concurrent logins */
+			retval |= check_logins (name, pp);
+			break;
+#ifdef RLIMIT_MEMLOCK
+		case 'm':
+		case 'M':
+			/* RLIMIT_MEMLOCK - max locked-in-memory address space (KB) */
+			retval |= setrlimit_value (RLIMIT_MEMLOCK, pp, 1024);
+			break;
+#endif
+#ifdef RLIMIT_NOFILE
+		case 'n':
+		case 'N':
+			/* RLIMIT_NOFILE - max number of open files */
+			retval |= setrlimit_value (RLIMIT_NOFILE, pp, 1);
+			break;
+#endif
+#ifdef RLIMIT_RTPRIO
+		case 'o':
+		case 'O':
+			/* RLIMIT_RTPRIO - max real time priority (0..MAX_RT_PRIO) */
+			retval |= setrlimit_value (RLIMIT_RTPRIO, pp, 1);
+			break;
+#endif
+		case 'p':
+		case 'P':
+			retval |= set_prio (pp);
+			break;
+#ifdef RLIMIT_RSS
+		case 'r':
+		case 'R':
+			/* RLIMIT_RSS - max resident set size (KB) */
+			retval |= setrlimit_value (RLIMIT_RSS, pp, 1024);
+			break;
+#endif
+#ifdef RLIMIT_STACK
+		case 's':
+		case 'S':
+			/* RLIMIT_STACK - max stack size (KB) */
+			retval |= setrlimit_value (RLIMIT_STACK, pp, 1024);
+			break;
+#endif
+#ifdef RLIMIT_CPU
+		case 't':
+		case 'T':
+			/* RLIMIT_CPU - max CPU time (MIN) */
+			retval |= setrlimit_value (RLIMIT_CPU, pp, 60);
+			break;
+#endif
+#ifdef RLIMIT_NPROC
+		case 'u':
+		case 'U':
+			/* RLIMIT_NPROC - max number of processes */
+			retval |= setrlimit_value (RLIMIT_NPROC, pp, 1);
+			break;
+#endif
+		default:
+			/* Only report invalid strings once */
+			/* Note: A string can be invalid just because a
+			 * specific (theoretically valid) setting is not
+			 * supported by this build.
+			 * It is just a warning in syslog anyway. The line
+			 * is still processed
+			 */
+			if (!reported) {
+				SYSLOG ((LOG_WARN,
+				         "Invalid limit string: '%s'",
+				         pp-1));
+				reported = true;
+				retval |= LOGIN_ERROR_RLIMIT;
+			}
+		}
+		/* After parsing one limit setting (or just complaining
+		 * about it), one still needs to skip its argument to
+		 * prevent a bogus warning on trying to parse that as
+		 * limit specification.
+		 * So, let's skip all digits, "-" and our limited set of
+		 * whitespace.
+		 */
+		while (   isdigit (*pp)
+		       || ('-'  == *pp)
+		       || (' '  == *pp)
+		       || ('\t' ==*pp)) {
+			pp++;
+		}
+	}
+	return retval;
+}
+
+/* Check if user uname is in the group gname.
+ * Can I be sure that gr_mem contains no UID as string?
+ * Returns true when user is in the group, false when not.
+ * Any error is treated as false.
+ */
+static bool user_in_group (const char *uname, const char *gname)
+{
+	struct group *groupdata;
+
+	if (uname == NULL || gname == NULL){ 
+		return false;
+	}
+
+	/* We are not claiming to be re-entrant!
+	 * In case of paranoia or a multithreaded login program,
+	 * one needs to add some mess for getgrnam_r. */
+	groupdata = getgrnam (gname);
+	if (NULL == groupdata) {
+		SYSLOG ((LOG_WARN, "Nonexisting group `%s' in limits file.",
+		         gname));
+		return false;
+	}
+
+	return is_on_list (groupdata->gr_mem, uname);
+}
+
+static int setup_user_limits (const char *uname)
+{
+	FILE *fil;
+	char buf[1024];
+	char name[1024];
+	char limits[1024];
+	char deflimits[1024];
+	char tempbuf[1024];
+
+	/* init things */
+	memzero (buf, sizeof (buf));
+	memzero (name, sizeof (name));
+	memzero (limits, sizeof (limits));
+	memzero (deflimits, sizeof (deflimits));
+	memzero (tempbuf, sizeof (tempbuf));
+
+	/* start the checks */
+	fil = fopen (LIMITS_FILE, "r");
+	if (fil == NULL) {
+		return 0;
+	}
+	/* The limits file have the following format:
+	 * - '#' (comment) chars only as first chars on a line;
+	 * - username must start on first column (or *, or @group)
+	 *
+	 * FIXME: A better (smarter) checking should be done
+	 */
+	while (fgets (buf, 1024, fil) != NULL) {
+		if (('#' == buf[0]) || ('\n' == buf[0])) {
+			continue;
+		}
+		memzero (tempbuf, sizeof (tempbuf));
+		/* a valid line should have a username, then spaces,
+		 * then limits
+		 * we allow the format:
+		 * username    L2  D2048  R4096
+		 * where spaces={' ',\t}. Also, we reject invalid limits.
+		 * Imposing a limit should be done with care, so a wrong
+		 * entry means no care anyway :-).
+		 *
+		 * A '-' as a limits strings means no limits
+		 *
+		 * The username can also be:
+		 *  '*': the default limits (only the last is taken into
+		 *       account)
+		 *  @group: the limit applies to the members of the group
+		 *
+		 * To clarify: The first entry with matching user name rules,
+		 * everything after it is ignored. If there is no user entry,
+		 * the last encountered entry for a matching group rules.
+		 * If there is no matching group entry, the default limits rule.
+		 */
+		if (sscanf (buf, "%s%[ACDFIKLMNOPRSTUacdfiklmnoprstu0-9 \t-]",
+		            name, tempbuf) == 2) {
+			if (strcmp (name, uname) == 0) {
+				strcpy (limits, tempbuf);
+				break;
+			} else if (strcmp (name, "*") == 0) {
+				strcpy (deflimits, tempbuf);
+			} else if (name[0] == '@') {
+				/* If the user is in the group, the group
+				 * limits apply unless later a line for
+				 * the specific user is found.
+				 */
+				if (user_in_group (uname, name+1)) {
+					strcpy (limits, tempbuf);
+				}
+			}
+		}
+	}
+	(void) fclose (fil);
+	if (limits[0] == '\0') {
+		/* no user specific limits */
+		if (deflimits[0] == '\0') {	/* no default limits */
+			return 0;
+		}
+		strcpy (limits, deflimits);	/* use the default limits */
+	}
+	return do_user_limits (limits, uname);
+}
+#endif				/* LIMITS */
+
+
+static void setup_usergroups (const struct passwd *info)
+{
+	const struct group *grp;
+
+/*
+ *	if not root, and UID == GID, and username is the same as primary
+ *	group name, set umask group bits to be the same as owner bits
+ *	(examples: 022 -> 002, 077 -> 007).
+ */
+	if ((0 != info->pw_uid) && (info->pw_uid == info->pw_gid)) {
+		/* local, no need for xgetgrgid */
+		grp = getgrgid (info->pw_gid);
+		if (   (NULL != grp)
+		    && (strcmp (info->pw_name, grp->gr_name) == 0)) {
+			mode_t tmpmask;
+			tmpmask = umask (0777);
+			tmpmask = (tmpmask & ~070) | ((tmpmask >> 3) & 070);
+			(void) umask (tmpmask);
+		}
+	}
+}
+
+/*
+ *	set the process nice, ulimit, and umask from the password file entry
+ */
+
+void setup_limits (const struct passwd *info)
+{
+	char *cp;
+
+	if (getdef_bool ("USERGROUPS_ENAB")) {
+		setup_usergroups (info);
+	}
+
+	/*
+	 * See if the GECOS field contains values for NICE, UMASK or ULIMIT.
+	 * If this feature is enabled in /etc/login.defs, we make those
+	 * values the defaults for this login session.
+	 */
+
+	if (getdef_bool ("QUOTAS_ENAB")) {
+#ifdef LIMITS
+		if (info->pw_uid != 0) {
+			if ((setup_user_limits (info->pw_name) & LOGIN_ERROR_LOGIN) != 0) {
+				(void) fputs (_("Too many logins.\n"), stderr);
+				(void) sleep (2); /* XXX: Should be FAIL_DELAY */
+				exit (EXIT_FAILURE);
+			}
+		}
+#endif
+		for (cp = info->pw_gecos; cp != NULL; cp = strchr (cp, ',')) {
+			if (',' == *cp) {
+				cp++;
+			}
+
+			if (strncmp (cp, "pri=", 4) == 0) {
+				long int inc;
+				if (   (getlong (cp + 4, &inc) == 1)
+				    && (inc >= -20) && (inc <= 20)) {
+					errno = 0;
+					if (   (nice ((int) inc) != -1)
+					    || (0 != errno)) {
+						continue;
+					}
+				}
+
+				/* Failed to parse or failed to nice() */
+				SYSLOG ((LOG_WARN,
+				         "Can't set the nice value for user %s",
+				         info->pw_name));
+
+				continue;
+			}
+			if (strncmp (cp, "ulimit=", 7) == 0) {
+				long int blocks;
+				if (   (getlong (cp + 7, &blocks) == 0)
+				    || (blocks != (int) blocks)
+				    || (set_filesize_limit ((int) blocks) != 0)) {
+					SYSLOG ((LOG_WARN,
+					         "Can't set the ulimit for user %s",
+					         info->pw_name));
+				}
+				continue;
+			}
+			if (strncmp (cp, "umask=", 6) == 0) {
+				unsigned long int mask;
+				if (   (getulong (cp + 6, &mask) == 0)
+				    || (mask != (mode_t) mask)) {
+					SYSLOG ((LOG_WARN,
+					         "Can't set umask value for user %s",
+					         info->pw_name));
+				} else {
+					(void) umask ((mode_t) mask);
+				}
+
+				continue;
+			}
+		}
+	}
+}
+
+#else				/* !USE_PAM */
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/* !USE_PAM */
+
diff --git a/libmisc/list.c b/libmisc/list.c
new file mode 100644
index 0000000..2da734a
--- /dev/null
+++ b/libmisc/list.c
@@ -0,0 +1,271 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <assert.h>
+#include "prototypes.h"
+#include "defines.h"
+/*
+ * add_list - add a member to a list of group members
+ *
+ *	the array of member names is searched for the new member
+ *	name, and if not present it is added to a freshly allocated
+ *	list of users.
+ */
+/*@only@*/ /*@out@*/char **add_list (/*@returned@*/ /*@only@*/char **list, const char *member)
+{
+	int i;
+	char **tmp;
+
+	assert (NULL != member);
+	assert (NULL != list);
+
+	/*
+	 * Scan the list for the new name.  Return the original list
+	 * pointer if it is present.
+	 */
+
+	for (i = 0; list[i] != (char *) 0; i++) {
+		if (strcmp (list[i], member) == 0) {
+			return list;
+		}
+	}
+
+	/*
+	 * Allocate a new list pointer large enough to hold all the
+	 * old entries, and the new entries as well.
+	 */
+
+	tmp = (char **) xmalloc ((i + 2) * sizeof member);
+
+	/*
+	 * Copy the original list to the new list, then append the
+	 * new member and NULL terminate the result.  This new list
+	 * is returned to the invoker.
+	 */
+
+	for (i = 0; list[i] != (char *) 0; i++) {
+		tmp[i] = list[i];
+	}
+
+	tmp[i] = xstrdup (member);
+	tmp[i+1] = (char *) 0;
+
+	return tmp;
+}
+
+/*
+ * del_list - delete a member from a list of group members
+ *
+ *	the array of member names is searched for the old member
+ *	name, and if present it is deleted from a freshly allocated
+ *	list of users.
+ */
+
+/*@only@*/ /*@out@*/char **del_list (/*@returned@*/ /*@only@*/char **list, const char *member)
+{
+	int i, j;
+	char **tmp;
+
+	assert (NULL != member);
+	assert (NULL != list);
+
+	/*
+	 * Scan the list for the old name.  Return the original list
+	 * pointer if it is not present.
+	 */
+
+	for (i = j = 0; list[i] != (char *) 0; i++) {
+		if (strcmp (list[i], member) != 0) {
+			j++;
+		}
+	}
+
+	if (j == i) {
+		return list;
+	}
+
+	/*
+	 * Allocate a new list pointer large enough to hold all the
+	 * old entries.
+	 */
+
+	tmp = (char **) xmalloc ((j + 1) * sizeof member);
+
+	/*
+	 * Copy the original list except the deleted members to the
+	 * new list, then NULL terminate the result.  This new list
+	 * is returned to the invoker.
+	 */
+
+	for (i = j = 0; list[i] != (char *) 0; i++) {
+		if (strcmp (list[i], member) != 0) {
+			tmp[j] = list[i];
+			j++;
+		}
+	}
+
+	tmp[j] = (char *) 0;
+
+	return tmp;
+}
+
+/*
+ * Duplicate a list.
+ * The input list is not modified, but in order to allow the use of this
+ * function with list of members, the list elements are not enforced to be
+ * constant strings here.
+ */
+/*@only@*/ /*@out@*/char **dup_list (char *const *list)
+{
+	int i;
+	char **tmp;
+
+	assert (NULL != list);
+
+	for (i = 0; NULL != list[i]; i++);
+
+	tmp = (char **) xmalloc ((i + 1) * sizeof (char *));
+
+	i = 0;
+	while (NULL != *list) {
+		tmp[i] = xstrdup (*list);
+		i++;
+		list++;
+	}
+
+	tmp[i] = (char *) 0;
+	return tmp;
+}
+
+/*
+ * Check if member is part of the input list
+ * The input list is not modified, but in order to allow the use of this
+ * function with list of members, the list elements are not enforced to be
+ * constant strings here.
+ */
+bool is_on_list (char *const *list, const char *member)
+{
+	assert (NULL != member);
+	assert (NULL != list);
+
+	while (NULL != *list) {
+		if (strcmp (*list, member) == 0) {
+			return true;
+		}
+		list++;
+	}
+
+	return false;
+}
+
+/*
+ * comma_to_list - convert comma-separated list to (char *) array
+ */
+
+/*@only@*/char **comma_to_list (const char *comma)
+{
+	char *members;
+	char **array;
+	int i;
+	char *cp;
+	char *cp2;
+
+	assert (NULL != comma);
+
+	/*
+	 * Make a copy since we are going to be modifying the list
+	 */
+
+	members = xstrdup (comma);
+
+	/*
+	 * Count the number of commas in the list
+	 */
+
+	for (cp = members, i = 0;; i++) {
+		cp2 = strchr (cp, ',');
+		if (NULL != cp2) {
+			cp = cp2 + 1;
+		} else {
+			break;
+		}
+	}
+
+	/*
+	 * Add 2 - one for the ending NULL, the other for the last item
+	 */
+
+	i += 2;
+
+	/*
+	 * Allocate the array we're going to store the pointers into.
+	 */
+
+	array = (char **) xmalloc (sizeof (char *) * i);
+
+	/*
+	 * Empty list is special - 0 members, not 1 empty member.  --marekm
+	 */
+
+	if ('\0' == *members) {
+		*array = (char *) 0;
+		return array;
+	}
+
+	/*
+	 * Now go walk that list all over again, this time building the
+	 * array of pointers.
+	 */
+
+	for (cp = members, i = 0;; i++) {
+		array[i] = cp;
+		cp2 = strchr (cp, ',');
+		if (NULL != cp2) {
+			*cp2 = '\0';
+			cp2++;
+			cp = cp2;
+		} else {
+			array[i + 1] = (char *) 0;
+			break;
+		}
+	}
+
+	/*
+	 * Return the new array of pointers
+	 */
+
+	return array;
+}
+
diff --git a/libmisc/log.c b/libmisc/log.c
new file mode 100644
index 0000000..eb84859
--- /dev/null
+++ b/libmisc/log.c
@@ -0,0 +1,116 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <pwd.h>
+#include <fcntl.h>
+#include <time.h>
+#include "defines.h"
+#include <lastlog.h>
+#include "prototypes.h"
+
+/* 
+ * dolastlog - create lastlog entry
+ *
+ *	A "last login" entry is created for the user being logged in.  The
+ *	UID is extracted from the global (struct passwd) entry and the
+ *	TTY information is gotten from the (struct utmp).
+ */
+void dolastlog (
+	struct lastlog *ll,
+	const struct passwd *pw,
+	/*@unique@*/const char *line,
+	/*@unique@*/const char *host)
+{
+	int fd;
+	off_t offset;
+	struct lastlog newlog;
+	time_t ll_time;
+
+	/*
+	 * If the file does not exist, don't create it.
+	 */
+
+	fd = open (LASTLOG_FILE, O_RDWR);
+	if (-1 == fd) {
+		return;
+	}
+
+	/*
+	 * The file is indexed by UID number.  Seek to the record
+	 * for this UID.  Negative UID's will create problems, but ...
+	 */
+
+	offset = (off_t) pw->pw_uid * sizeof newlog;
+
+	if (lseek (fd, offset, SEEK_SET) != offset) {
+		SYSLOG ((LOG_WARN,
+		         "Can't read last lastlog entry for UID %lu in %s. Entry not updated.",
+		         (unsigned long) pw->pw_uid, LASTLOG_FILE));
+		(void) close (fd);
+		return;
+	}
+
+	/*
+	 * Read the old entry so we can tell the user when they last
+	 * logged in.  Then construct the new entry and write it out
+	 * the way we read the old one in.
+	 */
+
+	if (read (fd, (void *) &newlog, sizeof newlog) != (ssize_t) sizeof newlog) {
+		memzero (&newlog, sizeof newlog);
+	}
+	if (NULL != ll) {
+		*ll = newlog;
+	}
+
+	ll_time = newlog.ll_time;
+	(void) time (&ll_time);
+	newlog.ll_time = ll_time;
+	strncpy (newlog.ll_line, line, sizeof newlog.ll_line);
+#if HAVE_LL_HOST
+	strncpy (newlog.ll_host, host, sizeof newlog.ll_host);
+#endif
+	if (   (lseek (fd, offset, SEEK_SET) != offset)
+	    || (write (fd, (const void *) &newlog, sizeof newlog) != (ssize_t) sizeof newlog)
+	    || (close (fd) != 0)) {
+		SYSLOG ((LOG_WARN,
+		         "Can't write lastlog entry for UID %lu in %s.",
+		         (unsigned long) pw->pw_uid, LASTLOG_FILE));
+		(void) close (fd);
+	}
+}
+
diff --git a/libmisc/loginprompt.c b/libmisc/loginprompt.c
new file mode 100644
index 0000000..b008e2a
--- /dev/null
+++ b/libmisc/loginprompt.c
@@ -0,0 +1,178 @@
+/*
+ * Copyright (c) 1989 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <assert.h>
+#include <stdio.h>
+#include <signal.h>
+#include <ctype.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "getdef.h"
+
+static void login_exit (unused int sig)
+{
+	exit (EXIT_FAILURE);
+}
+
+/*
+ * login_prompt - prompt the user for their login name
+ *
+ * login_prompt() displays the standard login prompt.  If ISSUE_FILE
+ * is set in login.defs, this file is displayed before the prompt.
+ */
+
+void login_prompt (const char *prompt, char *name, int namesize)
+{
+	char buf[1024];
+
+#define MAX_ENV 32
+	char *envp[MAX_ENV];
+	char *cp;
+	int i;
+	FILE *fp;
+
+	RETSIGTYPE (*sigquit) (int);
+#ifdef	SIGTSTP
+	RETSIGTYPE (*sigtstp) (int);
+#endif
+
+	/*
+	 * There is a small chance that a QUIT character will be part of
+	 * some random noise during a prompt.  Deal with this by exiting
+	 * instead of core dumping.  If SIGTSTP is defined, do the same
+	 * thing for that signal.
+	 */
+
+	sigquit = signal (SIGQUIT, login_exit);
+#ifdef	SIGTSTP
+	sigtstp = signal (SIGTSTP, login_exit);
+#endif
+
+	/*
+	 * See if the user has configured the issue file to
+	 * be displayed and display it before the prompt.
+	 */
+
+	if (NULL != prompt) {
+		const char *fname = getdef_str ("ISSUE_FILE");
+		if (NULL != fname) {
+			fp = fopen (fname, "r");
+			if (NULL != fp) {
+				while ((i = getc (fp)) != EOF) {
+					(void) putc (i, stdout);
+				}
+
+				(void) fclose (fp);
+			}
+		}
+		(void) gethostname (buf, sizeof buf);
+		printf (prompt, buf);
+		(void) fflush (stdout);
+	}
+
+	/* 
+	 * Read the user's response.  The trailing newline will be
+	 * removed.
+	 */
+
+	memzero (buf, sizeof buf);
+	if (fgets (buf, (int) sizeof buf, stdin) != buf) {
+		exit (EXIT_FAILURE);
+	}
+
+	cp = strchr (buf, '\n');
+	if (NULL == cp) {
+		exit (EXIT_FAILURE);
+	}
+	*cp = '\0';		/* remove \n [ must be there ] */
+
+	/*
+	 * Skip leading whitespace.  This makes "  username" work right.
+	 * Then copy the rest (up to the end or the first "non-graphic"
+	 * character into the username.
+	 */
+
+	for (cp = buf; *cp == ' ' || *cp == '\t'; cp++);
+
+	for (i = 0; i < namesize - 1 && isgraph (*cp); name[i++] = *cp++);
+	while (isgraph (*cp)) {
+		cp++;
+	}
+
+	if ('\0' != *cp) {
+		cp++;
+	}
+
+	name[i] = '\0';
+
+	/*
+	 * This is a disaster, at best.  The user may have entered extra
+	 * environmental variables at the prompt.  There are several ways
+	 * to do this, and I just take the easy way out.
+	 */
+
+	if ('\0' != *cp) {	/* process new variables */
+		char *nvar;
+		int count = 1;
+		int envc;
+
+		for (envc = 0; envc < MAX_ENV; envc++) {
+			nvar = strtok ((0 != envc) ? (char *) 0 : cp, " \t,");
+			if (NULL == nvar) {
+				break;
+			}
+			if (strchr (nvar, '=') != NULL) {
+				envp[envc] = nvar;
+			} else {
+				size_t len = strlen (nvar) + 32;
+				envp[envc] = xmalloc (len);
+				(void) snprintf (envp[envc], len,
+				                 "L%d=%s", count++, nvar);
+			}
+		}
+		set_env (envc, envp);
+	}
+
+	/*
+	 * Set the SIGQUIT handler back to its original value
+	 */
+
+	(void) signal (SIGQUIT, sigquit);
+#ifdef	SIGTSTP
+	(void) signal (SIGTSTP, sigtstp);
+#endif
+}
+
diff --git a/libmisc/mail.c b/libmisc/mail.c
new file mode 100644
index 0000000..1c53c31
--- /dev/null
+++ b/libmisc/mail.c
@@ -0,0 +1,92 @@
+/*
+ * Copyright (c) 1989 - 1991, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <assert.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "getdef.h"
+
+#ident "$Id$"
+
+
+void mailcheck (void)
+{
+	struct stat statbuf;
+	char *mailbox;
+
+	if (!getdef_bool ("MAIL_CHECK_ENAB")) {
+		return;
+	}
+
+	/*
+	 * Check incoming mail in Maildir format - J.
+	 */
+	mailbox = getenv ("MAILDIR");
+	if (NULL != mailbox) {
+		char *newmail;
+		size_t len = strlen (mailbox) + 5;
+		int wlen;
+
+		newmail = xmalloc (len);
+		wlen = snprintf (newmail, len, "%s/new", mailbox);
+		assert (wlen == (int) len - 1);
+
+		if (stat (newmail, &statbuf) != -1 && statbuf.st_size != 0) {
+			if (statbuf.st_mtime > statbuf.st_atime) {
+				free (newmail);
+				(void) puts (_("You have new mail."));
+				return;
+			}
+		}
+		free (newmail);
+	}
+
+	mailbox = getenv ("MAIL");
+	if (NULL == mailbox) {
+		return;
+	}
+
+	if (   (stat (mailbox, &statbuf) == -1)
+	    || (statbuf.st_size == 0)) {
+		(void) puts (_("No mail."));
+	} else if (statbuf.st_atime > statbuf.st_mtime) {
+		(void) puts (_("You have mail."));
+	} else {
+		(void) puts (_("You have new mail."));
+	}
+}
+
diff --git a/libmisc/motd.c b/libmisc/motd.c
new file mode 100644
index 0000000..6ba7e12
--- /dev/null
+++ b/libmisc/motd.c
@@ -0,0 +1,81 @@
+/*
+ * Copyright (c) 1989 - 1991, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2010       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+ 
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "getdef.h"
+/*
+ * motd -- output the /etc/motd file
+ *
+ * motd() determines the name of a login announcement file and outputs
+ * it to the user's terminal at login time.  The MOTD_FILE configuration
+ * option is a colon-delimited list of filenames.
+ */
+void motd (void)
+{
+	FILE *fp;
+	char *motdlist;
+	const char *motdfile;
+	char *mb;
+	register int c;
+
+	motdfile = getdef_str ("MOTD_FILE");
+	if (NULL == motdfile) {
+		return;
+	}
+
+	motdlist = xstrdup (motdfile);
+
+	for (mb = motdlist; ;mb = NULL) {
+		motdfile = strtok (mb, ":");
+		if (NULL == motdfile) {
+			break;
+		}
+
+		fp = fopen (motdfile, "r");
+		if (NULL != fp) {
+			while ((c = getc (fp)) != EOF) {
+				putchar (c);
+			}
+			fclose (fp);
+		}
+	}
+	fflush (stdout);
+
+	free (motdlist);
+}
+
diff --git a/libmisc/myname.c b/libmisc/myname.c
new file mode 100644
index 0000000..05efdad
--- /dev/null
+++ b/libmisc/myname.c
@@ -0,0 +1,69 @@
+/*
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * myname.c - determine the current username and get the passwd entry
+ *
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "defines.h"
+#include <pwd.h>
+#include "prototypes.h"
+/*@null@*/ /*@only@*/struct passwd *get_my_pwent (void)
+{
+	struct passwd *pw;
+	const char *cp = getlogin ();
+	uid_t ruid = getuid ();
+
+	/*
+	 * Try getlogin() first - if it fails or returns a non-existent
+	 * username, or a username which doesn't match the real UID, fall
+	 * back to getpwuid(getuid()).  This should work reasonably with
+	 * usernames longer than the utmp limit (8 characters), as well as
+	 * shared UIDs - but not both at the same time...
+	 *
+	 * XXX - when running from su, will return the current user (not
+	 * the original user, like getlogin() does).  Does this matter?
+	 */
+	if ((NULL != cp) && ('\0' != *cp)) {
+		pw = xgetpwnam (cp);
+		if ((NULL != pw) && (pw->pw_uid == ruid)) {
+			return pw;
+		}
+	}
+
+	return xgetpwuid (ruid);
+}
+
diff --git a/libmisc/obscure.c b/libmisc/obscure.c
new file mode 100644
index 0000000..a075123
--- /dev/null
+++ b/libmisc/obscure.c
@@ -0,0 +1,323 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifndef USE_PAM
+
+#ident "$Id$"
+
+
+/*
+ * This version of obscure.c contains modifications to support "cracklib"
+ * by Alec Muffet (alec.muffett@uk.sun.com).  You must obtain the Cracklib
+ * library source code for this function to operate.
+ */
+#include <ctype.h>
+#include <stdio.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "getdef.h"
+/*
+ * can't be a palindrome - like `R A D A R' or `M A D A M'
+ */
+static bool palindrome (unused const char *old, const char *new)
+{
+	size_t i, j;
+
+	i = strlen (new);
+
+	for (j = 0; j < i; j++) {
+		if (new[i - j - 1] != new[j]) {
+			return false;
+		}
+	}
+
+	return true;
+}
+
+/*
+ * more than half of the characters are different ones.
+ */
+
+static bool similar (/*@notnull@*/const char *old, /*@notnull@*/const char *new)
+{
+	int i, j;
+
+	/*
+	 * XXX - sometimes this fails when changing from a simple password
+	 * to a really long one (MD5).  For now, I just return success if
+	 * the new password is long enough.  Please feel free to suggest
+	 * something better...  --marekm
+	 */
+	if (strlen (new) >= 8) {
+		return false;
+	}
+
+	for (i = j = 0; ('\0' != new[i]) && ('\0' != old[i]); i++) {
+		if (strchr (new, old[i]) != NULL) {
+			j++;
+		}
+	}
+
+	if (i >= j * 2) {
+		return false;
+	}
+
+	return true;
+}
+
+/*
+ * a nice mix of characters.
+ */
+
+static bool simple (unused const char *old, const char *new)
+{
+	bool digits = false;
+	bool uppers = false;
+	bool lowers = false;
+	bool others = false;
+	int size;
+	int i;
+
+	for (i = 0; '\0' != new[i]; i++) {
+		if (isdigit (new[i])) {
+			digits = true;
+		} else if (isupper (new[i])) {
+			uppers = true;
+		} else if (islower (new[i])) {
+			lowers = true;
+		} else {
+			others = true;
+		}
+	}
+
+	/*
+	 * The scam is this - a password of only one character type
+	 * must be 8 letters long.  Two types, 7, and so on.
+	 */
+
+	size = 9;
+	if (digits) {
+		size--;
+	}
+	if (uppers) {
+		size--;
+	}
+	if (lowers) {
+		size--;
+	}
+	if (others) {
+		size--;
+	}
+
+	if (size <= i) {
+		return false;
+	}
+
+	return true;
+}
+
+static char *str_lower (/*@returned@*/char *string)
+{
+	char *cp;
+
+	for (cp = string; '\0' != *cp; cp++) {
+		*cp = tolower (*cp);
+	}
+	return string;
+}
+
+static /*@observer@*//*@null@*/const char *password_check (
+	/*@notnull@*/const char *old,
+	/*@notnull@*/const char *new,
+	/*@notnull@*/const struct passwd *pwdp)
+{
+	const char *msg = NULL;
+	char *oldmono, *newmono, *wrapped;
+
+#ifdef HAVE_LIBCRACK
+	char *dictpath;
+
+#ifdef HAVE_LIBCRACK_PW
+	char *FascistCheckPw ();
+#else
+	char *FascistCheck ();
+#endif
+#endif
+
+	if (strcmp (new, old) == 0) {
+		return _("no change");
+	}
+
+	newmono = str_lower (xstrdup (new));
+	oldmono = str_lower (xstrdup (old));
+	wrapped = xmalloc (strlen (oldmono) * 2 + 1);
+	strcpy (wrapped, oldmono);
+	strcat (wrapped, oldmono);
+
+	if (palindrome (oldmono, newmono)) {
+		msg = _("a palindrome");
+	} else if (strcmp (oldmono, newmono) == 0) {
+		msg = _("case changes only");
+	} else if (similar (oldmono, newmono)) {
+		msg = _("too similar");
+	} else if (simple (old, new)) {
+		msg = _("too simple");
+	} else if (strstr (wrapped, newmono) != NULL) {
+		msg = _("rotated");
+	} else {
+#ifdef HAVE_LIBCRACK
+		/*
+		 * Invoke Alec Muffett's cracklib routines.
+		 */
+
+		dictpath = getdef_str ("CRACKLIB_DICTPATH");
+		if (NULL != dictpath) {
+#ifdef HAVE_LIBCRACK_PW
+			msg = FascistCheckPw (new, dictpath, pwdp);
+#else
+			msg = FascistCheck (new, dictpath);
+#endif
+		}
+#endif
+	}
+	strzero (newmono);
+	strzero (oldmono);
+	strzero (wrapped);
+	free (newmono);
+	free (oldmono);
+	free (wrapped);
+
+	return msg;
+}
+
+static /*@observer@*//*@null@*/const char *obscure_msg (
+	/*@notnull@*/const char *old,
+	/*@notnull@*/const char *new,
+	/*@notnull@*/const struct passwd *pwdp)
+{
+	size_t maxlen, oldlen, newlen;
+	char *new1, *old1;
+	const char *msg;
+	const char *result;
+
+	oldlen = strlen (old);
+	newlen = strlen (new);
+
+	if (newlen < (size_t) getdef_num ("PASS_MIN_LEN", 0)) {
+		return _("too short");
+	}
+
+	/*
+	 * Remaining checks are optional.
+	 */
+	if (!getdef_bool ("OBSCURE_CHECKS_ENAB")) {
+		return NULL;
+	}
+
+	msg = password_check (old, new, pwdp);
+	if (NULL != msg) {
+		return msg;
+	}
+
+	result = getdef_str ("ENCRYPT_METHOD");
+	if (NULL == result) {
+	/* The traditional crypt() truncates passwords to 8 chars.  It is
+	   possible to circumvent the above checks by choosing an easy
+	   8-char password and adding some random characters to it...
+	   Example: "password$%^&*123".  So check it again, this time
+	   truncated to the maximum length.  Idea from npasswd.  --marekm */
+
+		if (getdef_bool ("MD5_CRYPT_ENAB")) {
+			return NULL;
+		}
+
+	} else {
+
+		if (   (strcmp (result, "MD5")    == 0)
+#ifdef USE_SHA_CRYPT
+		    || (strcmp (result, "SHA256") == 0)
+		    || (strcmp (result, "SHA512") == 0)
+#endif
+		    ) {
+			return NULL;
+		}
+
+	}
+	maxlen = (size_t) getdef_num ("PASS_MAX_LEN", 8);
+	if (   (oldlen <= maxlen)
+	    && (newlen <= maxlen)) {
+		return NULL;
+	}
+
+	new1 = xstrdup (new);
+	old1 = xstrdup (old);
+	if (newlen > maxlen) {
+		new1[maxlen] = '\0';
+	}
+	if (oldlen > maxlen) {
+		old1[maxlen] = '\0';
+	}
+
+	msg = password_check (old1, new1, pwdp);
+
+	memzero (new1, newlen);
+	memzero (old1, oldlen);
+	free (new1);
+	free (old1);
+
+	return msg;
+}
+
+/*
+ * Obscure - see if password is obscure enough.
+ *
+ *	The programmer is encouraged to add as much complexity to this
+ *	routine as desired.  Included are some of my favorite ways to
+ *	check passwords.
+ */
+
+bool obscure (const char *old, const char *new, const struct passwd *pwdp)
+{
+	const char *msg = obscure_msg (old, new, pwdp);
+
+	if (NULL != msg) {
+		printf (_("Bad password: %s.  "), msg);
+		return false;
+	}
+	return true;
+}
+
+#else				/* !USE_PAM */
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/* !USE_PAM */
diff --git a/libmisc/pam_pass.c b/libmisc/pam_pass.c
new file mode 100644
index 0000000..a89bb2c
--- /dev/null
+++ b/libmisc/pam_pass.c
@@ -0,0 +1,80 @@
+/*
+ * Copyright (c) 1997 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifdef USE_PAM
+
+#ident "$Id$"
+
+
+/*
+ * Change the user's password using PAM.
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include "defines.h"
+#include "pam_defs.h"
+#include "prototypes.h"
+
+void do_pam_passwd (const char *user, bool silent, bool change_expired)
+{
+	pam_handle_t *pamh = NULL;
+	int flags = 0, ret;
+
+	if (silent)
+		flags |= PAM_SILENT;
+	if (change_expired)
+		flags |= PAM_CHANGE_EXPIRED_AUTHTOK;
+
+	ret = pam_start ("passwd", user, &conv, &pamh);
+	if (ret != PAM_SUCCESS) {
+		fprintf (stderr,
+			 _("passwd: pam_start() failed, error %d\n"), ret);
+		exit (10);	/* XXX */
+	}
+
+	ret = pam_chauthtok (pamh, flags);
+	if (ret != PAM_SUCCESS) {
+		fprintf (stderr, _("passwd: %s\n"), pam_strerror (pamh, ret));
+		fputs (_("passwd: password unchanged\n"), stderr);
+		pam_end (pamh, ret);
+		exit (10);	/* XXX */
+	}
+
+	fputs (_("passwd: password updated successfully\n"), stderr);
+	(void) pam_end (pamh, PAM_SUCCESS);
+}
+#else				/* !USE_PAM */
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/* !USE_PAM */
diff --git a/libmisc/pam_pass_non_interractive.c b/libmisc/pam_pass_non_interractive.c
new file mode 100644
index 0000000..e50648b
--- /dev/null
+++ b/libmisc/pam_pass_non_interractive.c
@@ -0,0 +1,167 @@
+/*
+ * Copyright (c) 2009 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id:$"
+
+#ifdef USE_PAM
+#include <assert.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <security/pam_appl.h>
+#include "prototypes.h"
+
+/*@null@*/ /*@only@*/static const char *non_interactive_password = NULL;
+static int ni_conv (int num_msg,
+                    const struct pam_message **msg,
+                    struct pam_response **resp,
+                    unused void *appdata_ptr);
+static struct pam_conv non_interactive_pam_conv = {
+	ni_conv,
+	NULL
+};
+
+
+
+static int ni_conv (int num_msg,
+                    const struct pam_message **msg,
+                    struct pam_response **resp,
+                    unused void *appdata_ptr)
+{
+	struct pam_response *responses;
+	int count;
+
+	assert (NULL != non_interactive_password);
+
+	if (num_msg <= 0) {
+		return PAM_CONV_ERR;
+	}
+
+	responses = (struct pam_response *) calloc ((size_t) num_msg,
+	                                            sizeof (*responses));
+	if (NULL == responses) {
+		return PAM_CONV_ERR;
+	}
+
+	for (count=0; count < num_msg; count++) {
+		responses[count].resp_retcode = 0;
+
+		switch (msg[count]->msg_style) {
+		case PAM_PROMPT_ECHO_ON:
+			fprintf (stderr,
+			         _("%s: PAM modules requesting echoing are not supported.\n"),
+			         Prog);
+			goto failed_conversation;
+		case PAM_PROMPT_ECHO_OFF:
+			responses[count].resp = strdup (non_interactive_password);
+			if (NULL == responses[count].resp) {
+				goto failed_conversation;
+			}
+			break;
+		case PAM_ERROR_MSG:
+			if (   (NULL == msg[count]->msg)
+			    || (fprintf (stderr, "%s\n", msg[count]->msg) <0)) {
+				goto failed_conversation;
+			}
+			responses[count].resp = NULL;
+			break;
+		case PAM_TEXT_INFO:
+			if (   (NULL == msg[count]->msg)
+			    || (fprintf (stdout, "%s\n", msg[count]->msg) <0)) {
+				goto failed_conversation;
+			}
+			responses[count].resp = NULL;
+			break;
+		default:
+			(void) fprintf (stderr,
+			                _("%s: conversation type %d not supported.\n"),
+			                Prog, msg[count]->msg_style);
+			goto failed_conversation;
+		}
+	}
+
+	*resp = responses;
+
+	return PAM_SUCCESS;
+
+failed_conversation:
+	for (count=0; count < num_msg; count++) {
+		if (NULL != responses[count].resp) {
+			memset (responses[count].resp, 0,
+			        strlen (responses[count].resp));
+			free (responses[count].resp);
+			responses[count].resp = NULL;
+		}
+	}
+
+	free (responses);
+	*resp = NULL;
+
+	return PAM_CONV_ERR;
+}
+
+
+/*
+ * Change non interactively the user's password using PAM.
+ *
+ * Return 0 on success, 1 on failure.
+ */
+int do_pam_passwd_non_interractive (const char *pam_service,
+                                    const char *username,
+                                    const char* password)
+{
+	pam_handle_t *pamh = NULL;
+	int ret;
+
+	ret = pam_start (pam_service, username, &non_interactive_pam_conv, &pamh);
+	if (ret != PAM_SUCCESS) {
+		fprintf (stderr,
+		         _("%s: (user %s) pam_start failure %d\n"),
+		         Prog, username, ret);
+		return 1;
+	}
+
+	non_interactive_password = password;
+	ret = pam_chauthtok (pamh, 0);
+	if (ret != PAM_SUCCESS) {
+		fprintf (stderr,
+		         _("%s: (user %s) pam_chauthtok() failed, error:\n"
+		           "%s\n"),
+		         Prog, username, pam_strerror (pamh, ret));
+	}
+
+	(void) pam_end (pamh, PAM_SUCCESS);
+
+	return ((PAM_SUCCESS == ret) ? 0 : 1);
+}
+#else				/* !USE_PAM */
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/* !USE_PAM */
diff --git a/libmisc/pwd2spwd.c b/libmisc/pwd2spwd.c
new file mode 100644
index 0000000..c1b9b29
--- /dev/null
+++ b/libmisc/pwd2spwd.c
@@ -0,0 +1,91 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#ifndef USE_PAM
+
+#include <sys/types.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+extern time_t time (time_t *);
+
+/*
+ * pwd_to_spwd - create entries for new spwd structure
+ *
+ *	pwd_to_spwd() creates a new (struct spwd) containing the
+ *	information in the pointed-to (struct passwd).
+ */
+
+struct spwd *pwd_to_spwd (const struct passwd *pw)
+{
+	static struct spwd sp;
+
+	/*
+	 * Nice, easy parts first.  The name and passwd map directly
+	 * from the old password structure to the new one.
+	 */
+	sp.sp_namp = pw->pw_name;
+	sp.sp_pwdp = pw->pw_passwd;
+
+	{
+		/*
+		 * Defaults used if there is no pw_age information.
+		 */
+		sp.sp_min = 0;
+		sp.sp_max = (10000L * DAY) / SCALE;
+		sp.sp_lstchg = (long) time ((time_t *) 0) / SCALE;
+		if (0 == sp.sp_lstchg) {
+			/* Better disable aging than requiring a password
+			 * change */
+			sp.sp_lstchg = -1;
+		}
+	}
+
+	/*
+	 * These fields have no corresponding information in the password
+	 * file.  They are set to uninitialized values.
+	 */
+	sp.sp_warn = -1;
+	sp.sp_expire = -1;
+	sp.sp_inact = -1;
+	sp.sp_flag = SHADOW_SP_FLAG_UNSET;
+
+	return &sp;
+}
+#else				/* USE_PAM */
+extern int errno;	/* warning: ANSI C forbids an empty source file */
+#endif				/* !USE_PAM */
+
diff --git a/libmisc/pwd_init.c b/libmisc/pwd_init.c
new file mode 100644
index 0000000..774ba9b
--- /dev/null
+++ b/libmisc/pwd_init.c
@@ -0,0 +1,102 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1997       , Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include "defines.h"
+#include <signal.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#ifdef HAVE_SYS_RESOURCE_H
+#include <sys/resource.h>
+#endif
+
+#include "prototypes.h"
+
+/*
+ * pwd_init - ignore signals, and set resource limits to safe
+ * values.  Call this before modifying password files, so that
+ * it is less likely to fail in the middle of operation.
+ */
+void pwd_init (void)
+{
+#ifdef HAVE_SYS_RESOURCE_H
+	struct rlimit rlim;
+
+#ifdef RLIMIT_CORE
+	rlim.rlim_cur = rlim.rlim_max = 0;
+	setrlimit (RLIMIT_CORE, &rlim);
+#endif
+	rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY;
+#ifdef RLIMIT_AS
+	setrlimit (RLIMIT_AS, &rlim);
+#endif
+#ifdef RLIMIT_CPU
+	setrlimit (RLIMIT_CPU, &rlim);
+#endif
+#ifdef RLIMIT_DATA
+	setrlimit (RLIMIT_DATA, &rlim);
+#endif
+#ifdef RLIMIT_FSIZE
+	setrlimit (RLIMIT_FSIZE, &rlim);
+#endif
+#ifdef RLIMIT_NOFILE
+	setrlimit (RLIMIT_NOFILE, &rlim);
+#endif
+#ifdef RLIMIT_RSS
+	setrlimit (RLIMIT_RSS, &rlim);
+#endif
+#ifdef RLIMIT_STACK
+	setrlimit (RLIMIT_STACK, &rlim);
+#endif
+#else				/* !HAVE_SYS_RESOURCE_H */
+	set_filesize_limit (30000);
+	/* don't know how to set the other limits... */
+#endif				/* !HAVE_SYS_RESOURCE_H */
+
+	signal (SIGALRM, SIG_IGN);
+	signal (SIGHUP, SIG_IGN);
+	signal (SIGINT, SIG_IGN);
+	signal (SIGPIPE, SIG_IGN);
+	signal (SIGQUIT, SIG_IGN);
+	signal (SIGTERM, SIG_IGN);
+#ifdef SIGTSTP
+	signal (SIGTSTP, SIG_IGN);
+#endif
+#ifdef SIGTTOU
+	signal (SIGTTOU, SIG_IGN);
+#endif
+
+	umask (077);
+}
diff --git a/libmisc/pwdcheck.c b/libmisc/pwdcheck.c
new file mode 100644
index 0000000..ec1f474
--- /dev/null
+++ b/libmisc/pwdcheck.c
@@ -0,0 +1,60 @@
+/*
+ * Copyright (c) 2000 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#ifndef USE_PAM
+
+#include <stdio.h>
+#include <shadow.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "pwauth.h"
+
+void passwd_check (const char *user, const char *passwd, unused const char *progname)
+{
+	struct spwd *sp;
+
+	sp = getspnam (user); /* !USE_PAM, no need for xgetspnam */
+	if (NULL != sp) {
+		passwd = sp->sp_pwdp;
+	}
+	if (pw_auth (passwd, user, PW_LOGIN, (char *) 0) != 0) {
+		SYSLOG ((LOG_WARN, "incorrect password for `%s'", user));
+		(void) sleep (1);
+		fprintf (stderr, _("Incorrect password for %s.\n"), user);
+		exit (EXIT_FAILURE);
+	}
+}
+#else			/* USE_PAM */
+extern int errno;	/* warning: ANSI C forbids an empty source file */
+#endif			/* USE_PAM */
diff --git a/libmisc/remove_tree.c b/libmisc/remove_tree.c
new file mode 100644
index 0000000..b2794ab
--- /dev/null
+++ b/libmisc/remove_tree.c
@@ -0,0 +1,133 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2001, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <dirent.h>
+#include <unistd.h>
+#include "prototypes.h"
+#include "defines.h"
+
+/*
+ * remove_tree - delete a directory tree
+ *
+ *	remove_tree() walks a directory tree and deletes all the files
+ *	and directories.
+ *	At the end, it deletes the root directory itself.
+ */
+
+int remove_tree (const char *root, bool remove_root)
+{
+	char *new_name = NULL;
+	int err = 0;
+	struct DIRECT *ent;
+	struct stat sb;
+	DIR *dir;
+
+	/*
+	 * Open the source directory and read each entry.  Every file
+	 * entry in the directory is copied with the UID and GID set
+	 * to the provided values.  As an added security feature only
+	 * regular files (and directories ...) are copied, and no file
+	 * is made set-ID.
+	 */
+	dir = opendir (root);
+	if (NULL == dir) {
+		return -1;
+	}
+
+	while ((ent = readdir (dir))) {
+		size_t new_len = strlen (root) + strlen (ent->d_name) + 2;
+
+		/*
+		 * Skip the "." and ".." entries
+		 */
+
+		if (strcmp (ent->d_name, ".") == 0 ||
+		    strcmp (ent->d_name, "..") == 0) {
+			continue;
+		}
+
+		/*
+		 * Make the filename for the current entry.
+		 */
+
+		free (new_name);
+		new_name = (char *) malloc (new_len);
+		if (NULL == new_name) {
+			err = -1;
+			break;
+		}
+		(void) snprintf (new_name, new_len, "%s/%s", root, ent->d_name);
+		if (LSTAT (new_name, &sb) == -1) {
+			continue;
+		}
+
+		if (S_ISDIR (sb.st_mode)) {
+			/*
+			 * Recursively delete this directory.
+			 */
+			if (remove_tree (new_name, true) != 0) {
+				err = -1;
+				break;
+			}
+		} else {
+			/*
+			 * Delete the file.
+			 */
+			if (unlink (new_name) != 0) {
+				err = -1;
+				break;
+			}
+		}
+	}
+	if (NULL != new_name) {
+		free (new_name);
+	}
+	(void) closedir (dir);
+
+	if (remove_root && (0 == err)) {
+		if (rmdir (root) != 0) {
+			err = -1;
+		}
+	}
+
+	return err;
+}
+
diff --git a/libmisc/rlogin.c b/libmisc/rlogin.c
new file mode 100644
index 0000000..b19f5e8
--- /dev/null
+++ b/libmisc/rlogin.c
@@ -0,0 +1,198 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifdef RLOGIN
+
+#ident "$Id$"
+
+#include "prototypes.h"
+#include "defines.h"
+#include <stdio.h>
+#include <pwd.h>
+#include <netdb.h>
+static struct {
+	int spd_name;
+	int spd_baud;
+} speed_table[] =
+{
+#ifdef B50
+	{
+	B50, 50},
+#endif
+#ifdef B75
+	{
+	B75, 75},
+#endif
+#ifdef B110
+	{
+	B110, 110},
+#endif
+#ifdef B134
+	{
+	B134, 134},
+#endif
+#ifdef B150
+	{
+	B150, 150},
+#endif
+#ifdef B200
+	{
+	B200, 200},
+#endif
+#ifdef B300
+	{
+	B300, 300},
+#endif
+#ifdef B600
+	{
+	B600, 600},
+#endif
+#ifdef B1200
+	{
+	B1200, 1200},
+#endif
+#ifdef B1800
+	{
+	B1800, 1800},
+#endif
+#ifdef B2400
+	{
+	B2400, 2400},
+#endif
+#ifdef B4800
+	{
+	B4800, 4800},
+#endif
+#ifdef B9600
+	{
+	B9600, 9600},
+#endif
+#ifdef B19200
+	{
+	B19200, 19200},
+#endif
+#ifdef B38400
+	{
+	B38400, 38400},
+#endif
+	{
+	-1, -1}
+};
+
+static void get_remote_string (char *buf, size_t size)
+{
+	for (;;) {
+		if (read (0, buf, 1) != 1) {
+			exit (EXIT_FAILURE);
+		}
+		if ('\0' == *buf) {
+			return;
+		}
+		--size;
+		if (size > 0) {
+			++buf;
+		}
+	}
+ /*NOTREACHED*/}
+
+int
+do_rlogin (const char *remote_host, char *name, size_t namelen, char *term,
+           size_t termlen)
+{
+	struct passwd *pwd;
+	char remote_name[32];
+	char *cp;
+	unsigned long remote_speed = 9600;
+	int speed_name = B9600;
+	int i;
+	TERMIO termio;
+
+	get_remote_string (remote_name, sizeof remote_name);
+	get_remote_string (name, namelen);
+	get_remote_string (term, termlen);
+
+	cp = strchr (term, '/');
+	if (NULL != cp) {
+		*cp = '\0';
+		cp++;
+
+		if (getulong (cp, &remote_speed) == 0) {
+			remote_speed = 9600;
+		}
+	}
+	for (i = 0;
+	     (   (speed_table[i].spd_baud != remote_speed)
+	      && (speed_table[i].spd_name != -1));
+	     i++);
+
+	if (-1 != speed_table[i].spd_name) {
+		speed_name = speed_table[i].spd_name;
+	}
+
+	/*
+	 * Put the terminal in cooked mode with echo turned on.
+	 */
+
+	GTTY (0, &termio);
+	termio.c_iflag |= ICRNL | IXON;
+	termio.c_oflag |= OPOST | ONLCR;
+	termio.c_lflag |= ICANON | ECHO | ECHOE;
+#ifdef CBAUD
+	termio.c_cflag = (termio.c_cflag & ~CBAUD) | speed_name;
+#else
+	termio.c_cflag = (termio.c_cflag) | speed_name;
+#endif
+	STTY (0, &termio);
+
+	pwd = getpwnam (name); /* local, no need for xgetpwnam */
+	if (NULL == pwd) {
+		return 0;
+	}
+
+	/*
+	 * ruserok() returns 0 for success on modern systems, and 1 on
+	 * older ones.  If you are having trouble with people logging
+	 * in without giving a required password, THIS is the culprit -
+	 * go fix the #define in config.h.
+	 */
+
+#ifndef	RUSEROK
+	return 0;
+#else
+	return ruserok (remote_host, pwd->pw_uid == 0,
+			remote_name, name) == RUSEROK;
+#endif
+}
+#endif				/* RLOGIN */
+
diff --git a/libmisc/root_flag.c b/libmisc/root_flag.c
new file mode 100644
index 0000000..7f5e611
--- /dev/null
+++ b/libmisc/root_flag.c
@@ -0,0 +1,124 @@
+/*
+ * Copyright (c) 2011       , Julian Pidancet
+ * Copyright (c) 2011       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <assert.h>
+#include "defines.h"
+#include "prototypes.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+static void change_root (const char* newroot);
+
+/*
+ * process_root_flag - chroot if given the --root option
+ *
+ * This shall be called before accessing the passwd, group, shadow,
+ * gshadow, useradd's default, login.defs files (non exhaustive list)
+ * or authenticating the caller.
+ *
+ * The audit, syslog, or locale files shall be open before
+ */
+extern void process_root_flag (const char* short_opt, int argc, char **argv)
+{
+	/*
+	 * Parse the command line options.
+	 */
+	int i;
+	const char *newroot = NULL;
+
+	for (i = 0; i < argc; i++) {
+		if (   (strcmp (argv[i], "--root") == 0)
+		    || (strcmp (argv[i], short_opt) == 0)) {
+			if (NULL != newroot) {
+				fprintf (stderr,
+				         _("%s: multiple --root options\n"),
+				         Prog);
+				exit (E_BAD_ARG);
+			}
+
+			if (i + 1 == argc) {
+				fprintf (stderr,
+				         _("%s: option '%s' requires an argument\n"),
+				         Prog, argv[i]);
+				exit (E_BAD_ARG);
+			}
+			newroot = argv[i + 1];
+		}
+	}
+
+	if (NULL != newroot) {
+		change_root (newroot);
+	}
+}
+
+static void change_root (const char* newroot)
+{
+	/* Drop privileges */
+	if (   (setregid (getgid (), getgid ()) != 0)
+	    || (setreuid (getuid (), getuid ()) != 0)) {
+		fprintf (stderr, _("%s: failed to drop privileges (%s)\n"),
+		         Prog, strerror (errno));
+		exit (EXIT_FAILURE);
+	}
+
+	if ('/' != newroot[0]) {
+		fprintf (stderr,
+		         _("%s: invalid chroot path '%s'\n"),
+		         Prog, newroot);
+		exit (E_BAD_ARG);
+	}
+
+	if (access (newroot, F_OK) != 0) {
+		fprintf(stderr,
+		        _("%s: cannot access chroot directory %s: %s\n"),
+		        Prog, newroot, strerror (errno));
+		exit (E_BAD_ARG);
+	}
+
+	if (chdir (newroot) != 0) {
+		fprintf(stderr,
+				_("%s: cannot chdir to chroot directory %s: %s\n"),
+				Prog, newroot, strerror (errno));
+		exit (E_BAD_ARG);
+	}
+
+	if (chroot (newroot) != 0) {
+		fprintf(stderr,
+		        _("%s: unable to chroot to directory %s: %s\n"),
+		        Prog, newroot, strerror (errno));
+		exit (E_BAD_ARG);
+	}
+}
+
diff --git a/libmisc/salt.c b/libmisc/salt.c
new file mode 100644
index 0000000..c72447e
--- /dev/null
+++ b/libmisc/salt.c
@@ -0,0 +1,260 @@
+/*
+ * salt.c - generate a random salt string for crypt()
+ *
+ * Written by Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>,
+ * it is in the public domain.
+ *
+ * l64a was Written by J.T. Conklin <jtc@netbsd.org>. Public domain.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/time.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <assert.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "getdef.h"
+
+/* local function prototypes */
+static void seedRNG (void);
+static /*@observer@*/const char *gensalt (size_t salt_size);
+#ifdef USE_SHA_CRYPT
+static long shadow_random (long min, long max);
+static /*@observer@*/const char *SHA_salt_rounds (/*@null@*/int *prefered_rounds);
+#endif /* USE_SHA_CRYPT */
+
+#ifndef HAVE_L64A
+static /*@observer@*/char *l64a(long value)
+{
+	static char buf[8];
+	char *s = buf;
+	int digit;
+	int i;
+
+	if (value < 0) {
+		errno = EINVAL;
+		return(NULL);
+	}
+
+	for (i = 0; value != 0 && i < 6; i++) {
+		digit = value & 0x3f;
+
+		if (digit < 2) {
+			*s = digit + '.';
+		} else if (digit < 12) {
+			*s = digit + '0' - 2;
+		} else if (digit < 38) {
+			*s = digit + 'A' - 12;
+		} else {
+			*s = digit + 'a' - 38;
+		}
+
+		value >>= 6;
+		s++;
+	}
+
+	*s = '\0';
+
+	return(buf);
+}
+#endif /* !HAVE_L64A */
+
+static void seedRNG (void)
+{
+	struct timeval tv;
+	static int seeded = 0;
+
+	if (0 == seeded) {
+		(void) gettimeofday (&tv, NULL);
+		srandom (tv.tv_sec ^ tv.tv_usec ^ getpid ());
+		seeded = 1;
+	}
+}
+
+/*
+ * Add the salt prefix.
+ */
+#define MAGNUM(array,ch)	(array)[0]=(array)[2]='$',(array)[1]=(ch),(array)[3]='\0'
+
+#ifdef USE_SHA_CRYPT
+/* It is not clear what is the maximum value of random().
+ * We assume 2^31-1.*/
+#define RANDOM_MAX 0x7FFFFFFF
+
+/*
+ * Return a random number between min and max (both included).
+ *
+ * It favors slightly the higher numbers.
+ */
+static long shadow_random (long min, long max)
+{
+	double drand;
+	long ret;
+	seedRNG ();
+	drand = (double) (max - min + 1) * random () / RANDOM_MAX;
+	/* On systems were this is not random() range is lower, we favor
+	 * higher numbers of salt. */
+	ret = (long) (max + 1 - drand);
+	/* And we catch limits, and use the highest number */
+	if ((ret < min) || (ret > max)) {
+		ret = max;
+	}
+	return ret;
+}
+
+/* Default number of rounds if not explicitly specified.  */
+#define ROUNDS_DEFAULT 5000
+/* Minimum number of rounds.  */
+#define ROUNDS_MIN 1000
+/* Maximum number of rounds.  */
+#define ROUNDS_MAX 999999999
+
+/*
+ * Return a salt prefix specifying the rounds number for the SHA crypt methods.
+ */
+static /*@observer@*/const char *SHA_salt_rounds (/*@null@*/int *prefered_rounds)
+{
+	static char rounds_prefix[18]; /* Max size: rounds=999999999$ */
+	long rounds;
+
+	if (NULL == prefered_rounds) {
+		long min_rounds = getdef_long ("SHA_CRYPT_MIN_ROUNDS", -1);
+		long max_rounds = getdef_long ("SHA_CRYPT_MAX_ROUNDS", -1);
+
+		if ((-1 == min_rounds) && (-1 == max_rounds)) {
+			return "";
+		}
+
+		if (-1 == min_rounds) {
+			min_rounds = max_rounds;
+		}
+
+		if (-1 == max_rounds) {
+			max_rounds = min_rounds;
+		}
+
+		if (min_rounds > max_rounds) {
+			max_rounds = min_rounds;
+		}
+
+		rounds = shadow_random (min_rounds, max_rounds);
+	} else if (0 == *prefered_rounds) {
+		return "";
+	} else {
+		rounds = *prefered_rounds;
+	}
+
+	/* Sanity checks. The libc should also check this, but this
+	 * protects against a rounds_prefix overflow. */
+	if (rounds < ROUNDS_MIN) {
+		rounds = ROUNDS_MIN;
+	}
+
+	if (rounds > ROUNDS_MAX) {
+		rounds = ROUNDS_MAX;
+	}
+
+	(void) snprintf (rounds_prefix, sizeof rounds_prefix,
+	                 "rounds=%ld$", rounds);
+
+	return rounds_prefix;
+}
+#endif /* USE_SHA_CRYPT */
+
+/*
+ *  Generate salt of size salt_size.
+ */
+#define MAX_SALT_SIZE 16
+#define MIN_SALT_SIZE 8
+
+static /*@observer@*/const char *gensalt (size_t salt_size)
+{
+	static char salt[32];
+
+	salt[0] = '\0';
+
+	assert (salt_size >= MIN_SALT_SIZE &&
+	        salt_size <= MAX_SALT_SIZE);
+	seedRNG ();
+	strcat (salt, l64a (random()));
+	do {
+		strcat (salt, l64a (random()));
+	} while (strlen (salt) < salt_size);
+
+	salt[salt_size] = '\0';
+
+	return salt;
+}
+
+/*
+ * Generate 8 base64 ASCII characters of random salt.  If MD5_CRYPT_ENAB
+ * in /etc/login.defs is "yes", the salt string will be prefixed by "$1$"
+ * (magic) and pw_encrypt() will execute the MD5-based FreeBSD-compatible
+ * version of crypt() instead of the standard one.
+ * Other methods can be set with ENCRYPT_METHOD
+ *
+ * The method can be forced with the meth parameter.
+ * If NULL, the method will be defined according to the MD5_CRYPT_ENAB and
+ * ENCRYPT_METHOD login.defs variables.
+ *
+ * If meth is specified, an additional parameter can be provided.
+ *  * For the SHA256 and SHA512 method, this specifies the number of rounds
+ *    (if not NULL).
+ */
+/*@observer@*/const char *crypt_make_salt (/*@null@*//*@observer@*/const char *meth, /*@null@*/void *arg)
+{
+	/* Max result size for the SHA methods:
+	 *  +3		$5$
+	 *  +17		rounds=999999999$
+	 *  +16		salt
+	 *  +1		\0
+	 */
+	static char result[40];
+	size_t salt_len = 8;
+	const char *method;
+
+	result[0] = '\0';
+
+	if (NULL != meth)
+		method = meth;
+	else {
+		method = getdef_str ("ENCRYPT_METHOD");
+		if (NULL == method) {
+			method = getdef_bool ("MD5_CRYPT_ENAB") ? "MD5" : "DES";
+		}
+	}
+
+	if (0 == strcmp (method, "MD5")) {
+		MAGNUM(result, '1');
+#ifdef USE_SHA_CRYPT
+	} else if (0 == strcmp (method, "SHA256")) {
+		MAGNUM(result, '5');
+		strcat(result, SHA_salt_rounds((int *)arg));
+		salt_len = (size_t) shadow_random (8, 16);
+	} else if (0 == strcmp (method, "SHA512")) {
+		MAGNUM(result, '6');
+		strcat(result, SHA_salt_rounds((int *)arg));
+		salt_len = (size_t) shadow_random (8, 16);
+#endif /* USE_SHA_CRYPT */
+	} else if (0 != strcmp (method, "DES")) {
+		fprintf (stderr,
+			 _("Invalid ENCRYPT_METHOD value: '%s'.\n"
+			   "Defaulting to DES.\n"),
+			 method);
+		result[0] = '\0';
+	}
+
+	/*
+	 * Concatenate a pseudo random salt.
+	 */
+	assert (sizeof (result) > strlen (result) + salt_len);
+	strncat (result, gensalt (salt_len),
+		 sizeof (result) - strlen (result) - 1);
+
+	return result;
+}
+
diff --git a/libmisc/setugid.c b/libmisc/setugid.c
new file mode 100644
index 0000000..9bb62af
--- /dev/null
+++ b/libmisc/setugid.c
@@ -0,0 +1,148 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Separated from setup.c.  --marekm
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <grp.h>
+#include <errno.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+#include "getdef.h"
+
+/*
+ * setup_groups - set the group credentials
+ *	set the group ID to the value from the password file entry
+ *	set the supplementary group IDs
+ *
+ * In case of PAM enabled configurations, this shall be called before
+ * pam_setcred.
+ *
+ * Returns 0 on success, or -1 on failure.
+ */
+int setup_groups (const struct passwd *info)
+{
+	/*
+	 * Set the real group ID to the primary group ID in the password
+	 * file.
+	 */
+	if (setgid (info->pw_gid) == -1) {
+		int err = errno;
+		perror ("setgid");
+		SYSLOG ((LOG_ERR, "bad group ID `%d' for user `%s': %s\n",
+		         info->pw_gid, info->pw_name, strerror (err)));
+		closelog ();
+		return -1;
+	}
+#ifdef HAVE_INITGROUPS
+	/*
+	 * For systems which support multiple concurrent groups, go get
+	 * the group set from the /etc/group file.
+	 */
+	if (initgroups (info->pw_name, info->pw_gid) == -1) {
+		int err = errno;
+		perror ("initgroups");
+		SYSLOG ((LOG_ERR, "initgroups failed for user `%s': %s\n",
+		         info->pw_name, strerror (err)));
+		closelog ();
+		return -1;
+	}
+#endif
+	return 0;
+}
+
+/*
+ * change_uid - Set the real UID
+ *
+ * Returns 0 on success, or -1 on failure.
+ */
+int change_uid (const struct passwd *info)
+{
+	/*
+	 * Set the real UID to the UID value in the password file.
+	 */
+	if (setuid (info->pw_uid) != 0) {
+		int err = errno;
+		perror ("setuid");
+		SYSLOG ((LOG_ERR, "bad user ID `%d' for user `%s': %s\n",
+		         (int) info->pw_uid, info->pw_name, strerror (err)));
+		closelog ();
+		return -1;
+	}
+	return 0;
+}
+
+/*
+ *	setup_uid_gid() performs the following steps -
+ *
+ *	set the group ID to the value from the password file entry
+ *	set the supplementary group IDs
+ *	optionally call specified function which may add more groups
+ *	set the user ID to the value from the password file entry
+ *
+ *	Returns 0 on success, or -1 on failure.
+ */
+
+#if defined (HAVE_INITGROUPS) && ! (defined USE_PAM)
+int setup_uid_gid (const struct passwd *info, bool is_console)
+#else
+int setup_uid_gid (const struct passwd *info)
+#endif
+{
+	if (setup_groups (info) < 0) {
+		return -1;
+	}
+
+#if defined (HAVE_INITGROUPS) && ! defined (USE_PAM)
+	if (is_console) {
+		const char *cp = getdef_str ("CONSOLE_GROUPS");
+
+		if ((NULL != cp) && (add_groups (cp) != 0)) {
+			perror ("Warning: add_groups");
+		}
+	}
+#endif				/* HAVE_INITGROUPS && !USE_PAM*/
+
+	if (change_uid (info) < 0) {
+		return -1;
+	}
+
+	return 0;
+}
+
diff --git a/libmisc/setupenv.c b/libmisc/setupenv.c
new file mode 100644
index 0000000..8020f3d
--- /dev/null
+++ b/libmisc/setupenv.c
@@ -0,0 +1,312 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Separated from setup.c.  --marekm
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <assert.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <ctype.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+#include "getdef.h"
+
+#ifndef USE_PAM
+static void
+addenv_path (const char *varname, const char *dirname, const char *filename)
+{
+	char *buf;
+	size_t len = strlen (dirname) + strlen (filename) + 2;
+	int wlen;
+
+	buf = xmalloc (len);
+	wlen = snprintf (buf, len, "%s/%s", dirname, filename);
+	assert (wlen == (int) len - 1);
+
+	addenv (varname, buf);
+	free (buf);
+}
+
+static void read_env_file (const char *filename)
+{
+	FILE *fp;
+	char buf[1024];
+	char *cp, *name, *val;
+
+	fp = fopen (filename, "r");
+	if (NULL == fp) {
+		return;
+	}
+	while (fgets (buf, (int)(sizeof buf), fp) == buf) {
+		cp = strrchr (buf, '\n');
+		if (NULL == cp) {
+			break;
+		}
+		*cp = '\0';
+
+		cp = buf;
+		/* ignore whitespace and comments */
+		while (('\0' != *cp) && isspace (*cp)) {
+			cp++;
+		}
+		if (('\0' == *cp) || ('#' == *cp)) {
+			continue;
+		}
+		/*
+		 * ignore lines which don't follow the name=value format
+		 * (for example, the "export NAME" shell commands)
+		 */
+		name = cp;
+		while (('\0' != *cp) && !isspace (*cp) && ('=' != *cp)) {
+			cp++;
+		}
+		if ('=' != *cp) {
+			continue;
+		}
+		/* NUL-terminate the name */
+		*cp = '\0';
+		cp++;
+		val = cp;
+#if 0				/* XXX untested, and needs rewrite with fewer goto's :-) */
+/*
+ (state, char_type) -> (state, action)
+
+ state: unquoted, single_quoted, double_quoted, escaped, double_quoted_escaped
+ char_type: normal, white, backslash, single, double
+ action: remove_curr, remove_curr_skip_next, remove_prev, finish XXX
+*/
+	      no_quote:
+		if (*cp == '\\') {
+			/* remove the backslash */
+			remove_char (cp);
+			/* skip over the next character */
+			if (*cp)
+				cp++;
+			goto no_quote;
+		} else if (*cp == '\'') {
+			/* remove the quote */
+			remove_char (cp);
+			/* now within single quotes */
+			goto s_quote;
+		} else if (*cp == '"') {
+			/* remove the quote */
+			remove_char (cp);
+			/* now within double quotes */
+			goto d_quote;
+		} else if (*cp == '\0') {
+			/* end of string */
+			goto finished;
+		} else if (isspace (*cp)) {
+			/* unescaped whitespace - end of string */
+			*cp = '\0';
+			goto finished;
+		} else {
+			cp++;
+			goto no_quote;
+		}
+	      s_quote:
+		if (*cp == '\'') {
+			/* remove the quote */
+			remove_char (cp);
+			/* unquoted again */
+			goto no_quote;
+		} else if (*cp == '\0') {
+			/* end of string */
+			goto finished;
+		} else {
+			/* preserve everything within single quotes */
+			cp++;
+			goto s_quote;
+		}
+	      d_quote:
+		if (*cp == '\"') {
+			/* remove the quote */
+			remove_char (cp);
+			/* unquoted again */
+			goto no_quote;
+		} else if (*cp == '\\') {
+			cp++;
+			/* if backslash followed by double quote, remove backslash
+			   else skip over the backslash and following char */
+			if (*cp == '"')
+				remove_char (cp - 1);
+			else if (*cp)
+				cp++;
+			goto d_quote;
+		}
+		eise if (*cp == '\0') {
+			/* end of string */
+			goto finished;
+		} else {
+			/* preserve everything within double quotes */
+			goto d_quote;
+		}
+	      finished:
+#endif				/* 0 */
+		/*
+		 * XXX - should handle quotes, backslash escapes, etc.
+		 * like the shell does.
+		 */
+		addenv (name, val);
+	}
+	(void) fclose (fp);
+}
+#endif				/* USE_PAM */
+
+
+/*
+ *	change to the user's home directory
+ *	set the HOME, SHELL, MAIL, PATH, and LOGNAME or USER environmental
+ *	variables.
+ */
+
+void setup_env (struct passwd *info)
+{
+#ifndef USE_PAM
+	const char *envf;
+#endif
+	const char *cp;
+
+	/*
+	 * Change the current working directory to be the home directory
+	 * of the user.  It is a fatal error for this process to be unable
+	 * to change to that directory.  There is no "default" home
+	 * directory.
+	 *
+	 * We no longer do it as root - should work better on NFS-mounted
+	 * home directories.  Some systems default to HOME=/, so we make
+	 * this a configurable option.  --marekm
+	 */
+
+	if (chdir (info->pw_dir) == -1) {
+		static char temp_pw_dir[] = "/";
+
+		if (!getdef_bool ("DEFAULT_HOME") || chdir ("/") == -1) {
+			fprintf (stderr, _("Unable to cd to '%s'\n"),
+				 info->pw_dir);
+			SYSLOG ((LOG_WARN,
+				 "unable to cd to `%s' for user `%s'\n",
+				 info->pw_dir, info->pw_name));
+			closelog ();
+			exit (EXIT_FAILURE);
+		}
+		(void) puts (_("No directory, logging in with HOME=/"));
+		free (info->pw_dir);
+		info->pw_dir = xstrdup (temp_pw_dir);
+	}
+
+	/*
+	 * Create the HOME environmental variable and export it.
+	 */
+
+	addenv ("HOME", info->pw_dir);
+
+	/*
+	 * Create the SHELL environmental variable and export it.
+	 */
+
+	if ((NULL == info->pw_shell) || ('\0' == *info->pw_shell)) {
+		static char temp_pw_shell[] = SHELL;
+
+		free (info->pw_shell);
+		info->pw_shell = xstrdup (temp_pw_shell);
+	}
+
+	addenv ("SHELL", info->pw_shell);
+
+	/*
+	 * Export the user name.  For BSD derived systems, it's "USER", for
+	 * all others it's "LOGNAME".  We set both of them.
+	 */
+
+	addenv ("USER", info->pw_name);
+	addenv ("LOGNAME", info->pw_name);
+
+	/*
+	 * Create the PATH environmental variable and export it.
+	 */
+
+	cp = getdef_str ((info->pw_uid == 0) ? "ENV_SUPATH" : "ENV_PATH");
+
+	if (NULL == cp) {
+		/* not specified, use a minimal default */
+		addenv ((info->pw_uid == 0) ? "PATH=/sbin:/bin:/usr/sbin:/usr/bin" : "PATH=/bin:/usr/bin", NULL);
+	} else if (strchr (cp, '=')) {
+		/* specified as name=value (PATH=...) */
+		addenv (cp, NULL);
+	} else {
+		/* only value specified without "PATH=" */
+		addenv ("PATH", cp);
+	}
+
+#ifndef USE_PAM
+	/*
+	 * Create the MAIL environmental variable and export it.  login.defs
+	 * knows the prefix.
+	 */
+
+	if (getdef_bool ("MAIL_CHECK_ENAB")) {
+		cp = getdef_str ("MAIL_DIR");
+		if (NULL != cp) {
+			addenv_path ("MAIL", cp, info->pw_name);
+		} else {
+			cp = getdef_str ("MAIL_FILE");
+			if (NULL != cp) {
+				addenv_path ("MAIL", info->pw_dir, cp);
+			} else {
+#if defined(MAIL_SPOOL_FILE)
+				addenv_path ("MAIL", info->pw_dir, MAIL_SPOOL_FILE);
+#elif defined(MAIL_SPOOL_DIR)
+				addenv_path ("MAIL", MAIL_SPOOL_DIR, info->pw_name);
+#endif
+			}
+		}
+	}
+
+	/*
+	 * Read environment from optional config file.  --marekm
+	 */
+	envf = getdef_str ("ENVIRON_FILE");
+	if (NULL != envf) {
+		read_env_file (envf);
+	}
+#endif				/* !USE_PAM */
+}
+
diff --git a/libmisc/shell.c b/libmisc/shell.c
new file mode 100644
index 0000000..92bfc2b
--- /dev/null
+++ b/libmisc/shell.c
@@ -0,0 +1,103 @@
+/*
+ * Copyright (c) 1989 - 1991, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2009       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <errno.h>
+#include "prototypes.h"
+#include "defines.h"
+extern char **newenvp;
+extern size_t newenvc;
+
+/*
+ * shell - execute the named program
+ *
+ *	shell begins by trying to figure out what argv[0] is going to
+ *	be for the named process.  The user may pass in that argument,
+ *	or it will be the last pathname component of the file with a
+ *	'-' prepended.
+ *	Then, it executes the named file.
+ */
+
+int shell (const char *file, /*@null@*/const char *arg, char *const envp[])
+{
+	char arg0[1024];
+	int err;
+
+	if (file == (char *) 0) {
+		errno = EINVAL;
+		return errno;
+	}
+
+	/*
+	 * The argv[0]'th entry is usually the path name, but
+	 * for various reasons the invoker may want to override
+	 * that.  So, we determine the 0'th entry only if they
+	 * don't want to tell us what it is themselves.
+	 */
+	if (arg == (char *) 0) {
+		(void) snprintf (arg0, sizeof arg0, "-%s", Basename ((char *) file));
+		arg0[sizeof arg0 - 1] = '\0';
+		arg = arg0;
+	}
+
+	/*
+	 * First we try the direct approach.  The system should be
+	 * able to figure out what we are up to without too much
+	 * grief.
+	 */
+	(void) execle (file, arg, (char *) 0, envp);
+	err = errno;
+
+	if (access (file, R_OK|X_OK) == 0) {
+		/*
+		 * Assume this is a shell script (with no shebang).
+		 * Interpret it with /bin/sh
+		 */
+		(void) execle (SHELL, "sh", "-", file, (char *)0, envp);
+		err = errno;
+	}
+
+	/*
+	 * Obviously something is really wrong - I can't figure out
+	 * how to execute this stupid shell, so I might as well give
+	 * up in disgust ...
+	 */
+	(void) snprintf (arg0, sizeof arg0, _("Cannot execute %s"), file);
+	errno = err;
+	perror (arg0);
+	return err;
+}
+
diff --git a/libmisc/strtoday.c b/libmisc/strtoday.c
new file mode 100644
index 0000000..5764898
--- /dev/null
+++ b/libmisc/strtoday.c
@@ -0,0 +1,243 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#if !defined(__GLIBC__)
+#define _XOPEN_SOURCE 500
+#endif
+
+#include <config.h>
+
+#include <ctype.h>
+
+#ident "$Id$"
+
+#include "defines.h"
+#include "prototypes.h"
+
+#ifndef USE_GETDATE
+#define USE_GETDATE 1
+#endif
+
+#if USE_GETDATE
+#include "getdate.h"
+/*
+ * strtoday() now uses get_date() (borrowed from GNU shellutils)
+ * which can handle many date formats, for example:
+ *	1970-09-17	# ISO 8601.
+ *	70-9-17		# This century assumed by default.
+ *	70-09-17	# Leading zeros are ignored.
+ *	9/17/72		# Common U.S. writing.
+ *	24 September 1972
+ *	24 Sept 72	# September has a special abbreviation.
+ *	24 Sep 72	# Three-letter abbreviations always allowed.
+ *	Sep 24, 1972
+ *	24-sep-72
+ *	24sep72
+ */
+long strtoday (const char *str)
+{
+	time_t t;
+	bool isnum = true;
+	const char *s = str;
+
+	/*
+	 * get_date() interprets an empty string as the current date,
+	 * which is not what we expect, unless you're a BOFH :-).
+	 * (useradd sets sp_expire = current date for new lusers)
+	 */
+	if ((NULL == str) || ('\0' == *str)) {
+		return -1;
+	}
+
+	/* If a numerical value is provided, this is already a number of
+	 * days since EPOCH.
+	 */
+	if ('-' == *s) {
+		s++;
+	}
+	while (' ' == *s) {
+		s++;
+	}
+	while (isnum && ('\0' != *s)) {
+		if (!isdigit (*s)) {
+			isnum = false;
+		}
+		s++;
+	}
+	if (isnum) {
+		long retdate;
+		if (getlong (str, &retdate) == 0) {
+			return -2;
+		}
+		return retdate;
+	}
+
+	t = get_date (str, NULL);
+	if ((time_t) - 1 == t) {
+		return -2;
+	}
+	/* convert seconds to days since 1970-01-01 */
+	return (long) (t + DAY / 2) / DAY;
+}
+
+#else				/* !USE_GETDATE */
+/*
+ * Old code, just in case get_date() doesn't work as expected...
+ */
+#include <stdio.h>
+#ifdef HAVE_STRPTIME
+/*
+ * for now we allow just one format, but we can define more later
+ * (we try them all until one succeeds).  --marekm
+ */
+static char *date_formats[] = {
+	"%Y-%m-%d",
+	(char *) 0
+};
+#else
+/*
+ * days and juldays are used to compute the number of days in the
+ * current month, and the cummulative number of days in the preceding
+ * months.  they are declared so that january is 1, not 0.
+ */
+static short days[13] = { 0,
+	31, 28, 31, 30, 31, 30,	/* JAN - JUN */
+	31, 31, 30, 31, 30, 31
+};				/* JUL - DEC */
+
+static short juldays[13] = { 0,
+	0, 31, 59, 90, 120, 151,	/* JAN - JUN */
+	181, 212, 243, 273, 304, 334
+};				/* JUL - DEC */
+#endif
+
+/*
+ * strtoday - compute the number of days since 1970.
+ *
+ * the total number of days prior to the current date is
+ * computed.  january 1, 1970 is used as the origin with
+ * it having a day number of 0.
+ */
+
+long strtoday (const char *str)
+{
+#ifdef HAVE_STRPTIME
+	struct tm tp;
+	char *const *fmt;
+	char *cp;
+	time_t result;
+
+	memzero (&tp, sizeof tp);
+	for (fmt = date_formats; *fmt; fmt++) {
+		cp = strptime ((char *) str, *fmt, &tp);
+		if ((NULL == cp) || ('\0' != *cp)) {
+			continue;
+		}
+
+		result = mktime (&tp);
+		if ((time_t) - 1 == result) {
+			continue;
+		}
+
+		return (long) (result / DAY);	/* success */
+	}
+	return -1;
+#else
+	char slop[2];
+	int month;
+	int day;
+	int year;
+	long total;
+
+	/*
+	 * start by separating the month, day and year.  the order
+	 * is compiled in ...
+	 */
+
+	if (sscanf (str, "%d/%d/%d%c", &year, &month, &day, slop) != 3) {
+		return -1;
+	}
+
+	/*
+	 * the month, day of the month, and year are checked for
+	 * correctness and the year adjusted so it falls between
+	 * 1970 and 2069.
+	 */
+
+	if ((month < 1) || (month > 12)) {
+		return -1;
+	}
+
+	if (day < 1) {
+		return -1;
+	}
+
+	if (   ((2 != month) || ((year % 4) != 0))
+	    && (day > days[month])) {
+		return -1;
+	} else if ((month == 2) && ((year % 4) == 0) && (day > 29)) {
+		return -1;
+	}
+
+	if (year < 0) {
+		return -1;
+	} else if (year <= 69) {
+		year += 2000;
+	} else if (year <= 99) {
+		year += 1900;
+	}
+
+	/*
+	 * On systems with 32-bit signed time_t, time wraps around in 2038
+	 * - for now we just limit the year to 2037 (instead of 2069).
+	 * This limit can be removed once no one is using 32-bit systems
+	 * anymore :-).  --marekm
+	 */
+	if ((year < 1970) || (year > 2037)) {
+		return -1;
+	}
+
+	/*
+	 * the total number of days is the total number of days in all
+	 * the whole years, plus the number of leap days, plus the
+	 * number of days in the whole months preceding, plus the number
+	 * of days so far in the month.
+	 */
+
+	total = (long) ((year - 1970) * 365L) + (((year + 1) - 1970) / 4);
+	total += (long) juldays[month] + (month > 2 && (year % 4) == 0 ? 1 : 0);
+	total += (long) day - 1;
+
+	return total;
+#endif				/* HAVE_STRPTIME */
+}
+#endif				/* !USE_GETDATE */
diff --git a/libmisc/sub.c b/libmisc/sub.c
new file mode 100644
index 0000000..b0e32d1
--- /dev/null
+++ b/libmisc/sub.c
@@ -0,0 +1,78 @@
+/*
+ * Copyright (c) 1989 - 1991, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2006, Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <pwd.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include "prototypes.h"
+#include "defines.h"
+#define	BAD_SUBROOT2	"invalid root `%s' for user `%s'\n"
+#define	NO_SUBROOT2	"no subsystem root `%s' for user `%s'\n"
+/*
+ * subsystem - change to subsystem root
+ *
+ *	A subsystem login is indicated by the presence of a "*" as
+ *	the first character of the login shell.  The given home
+ *	directory will be used as the root of a new filesystem which
+ *	the user is actually logged into.
+ */
+void subsystem (const struct passwd *pw)
+{
+	/*
+	 * The new root directory must begin with a "/" character.
+	 */
+
+	if (pw->pw_dir[0] != '/') {
+		printf (_("Invalid root directory '%s'\n"), pw->pw_dir);
+		SYSLOG ((LOG_WARN, BAD_SUBROOT2, pw->pw_dir, pw->pw_name));
+		closelog ();
+		exit (EXIT_FAILURE);
+	}
+
+	/*
+	 * The directory must be accessible and the current process
+	 * must be able to change into it.
+	 */
+
+	if (   (chdir (pw->pw_dir) != 0)
+	    || (chroot (pw->pw_dir) != 0)) {
+		(void) printf (_("Can't change root directory to '%s'\n"),
+		               pw->pw_dir);
+		SYSLOG ((LOG_WARN, NO_SUBROOT2, pw->pw_dir, pw->pw_name));
+		closelog ();
+		exit (EXIT_FAILURE);
+	}
+}
+
diff --git a/libmisc/sulog.c b/libmisc/sulog.c
new file mode 100644
index 0000000..4068acd
--- /dev/null
+++ b/libmisc/sulog.c
@@ -0,0 +1,106 @@
+/*
+ * Copyright (c) 1989 - 1992, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <time.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "getdef.h"
+
+/*
+ * sulog - log a SU command execution result
+ */
+void sulog (const char *tty, bool success, const char *oldname, const char *name)
+{
+	const char *sulog_file;
+	time_t now;
+	struct tm *tm;
+	FILE *fp;
+	mode_t oldmask;
+	gid_t oldgid = 0;
+
+	if (success) {
+		SYSLOG ((LOG_INFO,
+			"Successful su for %s by %s",name,oldname));
+	} else {
+		SYSLOG ((LOG_NOTICE,
+			"FAILED su for %s by %s",name,oldname));
+	}
+
+	sulog_file = getdef_str ("SULOG_FILE");
+	if (NULL == sulog_file) {
+		return;
+	}
+
+	oldgid = getgid ();
+	oldmask = umask (077);
+	/* Switch to group root to avoid creating the sulog file with
+	 * the wrong group ownership. */
+	if ((oldgid != 0) && (setgid (0) != 0)) {
+		SYSLOG ((LOG_INFO,
+		         "su session not logged to %s", sulog_file));
+		/* Continue, but do not switch back to oldgid later */
+		oldgid = 0;
+	}
+	fp = fopen (sulog_file, "a+");
+	(void) umask (oldmask);
+	if ((oldgid != 0) && (setgid (oldgid) != 0)) {
+		perror ("setgid");
+		SYSLOG ((LOG_ERR,
+		         "can't switch back to group `%d' in sulog",
+		         oldgid));
+		/* Do not return if the group permission were raised. */
+		exit (EXIT_FAILURE);
+	}
+	if (fp == (FILE *) 0) {
+		return;		/* can't open or create logfile */
+	}
+
+	(void) time (&now);
+	tm = localtime (&now);
+
+	fprintf (fp, "SU %.02d/%.02d %.02d:%.02d %c %s %s-%s\n",
+		 tm->tm_mon + 1, tm->tm_mday, tm->tm_hour, tm->tm_min,
+		 success ? '+' : '-', tty, oldname, name);
+
+	(void) fflush (fp);
+	fsync (fileno (fp));
+	fclose (fp);
+	/* TODO: log if failure */
+}
+
diff --git a/libmisc/ttytype.c b/libmisc/ttytype.c
new file mode 100644
index 0000000..06e7944
--- /dev/null
+++ b/libmisc/ttytype.c
@@ -0,0 +1,90 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include "prototypes.h"
+#include "defines.h"
+#include "getdef.h"
+/*
+ * ttytype - set ttytype from port to terminal type mapping database
+ */
+void ttytype (const char *line)
+{
+	FILE *fp;
+	char buf[BUFSIZ];
+	const char *typefile;
+	char *cp;
+	char type[1024] = "";
+	char port[1024];
+
+	if (getenv ("TERM") != NULL) {
+		return;
+	}
+	typefile = getdef_str ("TTYTYPE_FILE");
+	if (NULL == typefile) {
+		return;
+	}
+	if (access (typefile, F_OK) != 0) {
+		return;
+	}
+
+	fp = fopen (typefile, "r");
+	if (NULL == fp) {
+		perror (typefile);
+		return;
+	}
+	while (fgets (buf, (int) sizeof buf, fp) == buf) {
+		if (buf[0] == '#') {
+			continue;
+		}
+
+		cp = strchr (buf, '\n');
+		if (NULL != cp) {
+			*cp = '\0';
+		}
+
+		if (   (sscanf (buf, "%1023s %1023s", type, port) == 2)
+		    && (strcmp (line, port) == 0)) {
+			break;
+		}
+	}
+	if ((feof (fp) == 0) && (ferror (fp) == 0) && (type[0] != '\0')) {
+		addenv ("TERM", type);
+	}
+
+	(void) fclose (fp);
+}
+
diff --git a/libmisc/tz.c b/libmisc/tz.c
new file mode 100644
index 0000000..bcf4f7f
--- /dev/null
+++ b/libmisc/tz.c
@@ -0,0 +1,80 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1991 - 1994, Chip Rosenthal
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ifndef USE_PAM
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <string.h>
+#include "defines.h"
+#include "prototypes.h"
+#include "getdef.h"
+
+/*
+ * tz - return local timezone name
+ *
+ * tz() determines the name of the local timezone by reading the
+ * contents of the file named by ``fname''.
+ */
+/*@observer@*/const char *tz (const char *fname)
+{
+	FILE *fp = NULL;
+	static char tzbuf[BUFSIZ];
+	const char *def_tz = "TZ=CST6CDT";
+
+	fp = fopen (fname, "r");
+	if (   (NULL == fp)
+	    || (fgets (tzbuf, (int) sizeof (tzbuf), fp) == NULL)) {
+		def_tz = getdef_str ("ENV_TZ");
+		if ((NULL == def_tz) || ('/' == def_tz[0])) {
+			def_tz = "TZ=CST6CDT";
+		}
+
+		strcpy (tzbuf, def_tz);
+	} else {
+		tzbuf[strlen (tzbuf) - 1] = '\0';
+	}
+
+	if (NULL != fp) {
+		(void) fclose (fp);
+	}
+
+	return tzbuf;
+}
+#else				/* !USE_PAM */
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/* !USE_PAM */
+
diff --git a/libmisc/ulimit.c b/libmisc/ulimit.c
new file mode 100644
index 0000000..30255a5
--- /dev/null
+++ b/libmisc/ulimit.c
@@ -0,0 +1,70 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1997, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#if HAVE_ULIMIT_H
+#include <ulimit.h>
+#ifndef UL_SETFSIZE
+#ifdef UL_SFILLIM
+#define UL_SETFSIZE UL_SFILLIM
+#else
+#define UL_SETFSIZE 2
+#endif
+#endif
+#elif HAVE_SYS_RESOURCE_H
+#include <sys/time.h>		/* for struct timeval on sunos4 */
+/* XXX - is the above ok or should it be <time.h> on ultrix? */
+#include <sys/resource.h>
+#endif
+#include "prototypes.h"
+
+int set_filesize_limit (int blocks)
+{
+	int ret = -1;
+#if HAVE_ULIMIT_H
+	if (ulimit (UL_SETFSIZE, blocks) != -1) {
+		ret = 0;
+	}
+#elif defined(RLIMIT_FSIZE)
+	struct rlimit rlimit_fsize;
+
+	rlimit_fsize.rlim_cur = 512L * blocks;
+	rlimit_fsize.rlim_max = rlimit_fsize.rlim_cur;
+	ret = setrlimit (RLIMIT_FSIZE, &rlimit_fsize);
+#endif
+
+	return ret;
+}
+
diff --git a/libmisc/user_busy.c b/libmisc/user_busy.c
new file mode 100644
index 0000000..b086756
--- /dev/null
+++ b/libmisc/user_busy.c
@@ -0,0 +1,266 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id: $"
+
+#include <assert.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <dirent.h>
+#include <fcntl.h>
+#include "defines.h"
+#include "prototypes.h"
+#ifdef ENABLE_SUBIDS
+#include "subordinateio.h"
+#endif				/* ENABLE_SUBIDS */
+
+#ifdef __linux__
+static int check_status (const char *name, const char *sname, uid_t uid);
+static int user_busy_processes (const char *name, uid_t uid);
+#else				/* !__linux__ */
+static int user_busy_utmp (const char *name);
+#endif				/* !__linux__ */
+
+/*
+ * user_busy - check if an user if currently running processes
+ */
+int user_busy (const char *name, uid_t uid)
+{
+	/* There are no standard ways to get the list of processes.
+	 * An option could be to run an external tool (ps).
+	 */
+#ifdef __linux__
+	/* On Linux, directly parse /proc */
+	return user_busy_processes (name, uid);
+#else				/* !__linux__ */
+	/* If we cannot rely on /proc, check is there is a record in utmp
+	 * indicating that the user is still logged in */
+	return user_busy_utmp (name);
+#endif				/* !__linux__ */
+}
+
+#ifndef __linux__
+static int user_busy_utmp (const char *name)
+{
+#ifdef USE_UTMPX
+	struct utmpx *utent;
+
+	setutxent ();
+	while ((utent = getutxent ()) != NULL)
+#else				/* !USE_UTMPX */
+	struct utmp *utent;
+
+	setutent ();
+	while ((utent = getutent ()) != NULL)
+#endif				/* !USE_UTMPX */
+	{
+		if (utent->ut_type != USER_PROCESS) {
+			continue;
+		}
+		if (strncmp (utent->ut_user, name, sizeof utent->ut_user) != 0) {
+			continue;
+		}
+		if (kill (utent->ut_pid, 0) != 0) {
+			continue;
+		}
+
+		fprintf (stderr,
+		         _("%s: user %s is currently logged in\n"),
+		         Prog, name);
+		return 1;
+	}
+
+	return 0;
+}
+#endif				/* !__linux__ */
+
+#ifdef __linux__
+static int check_status (const char *name, const char *sname, uid_t uid)
+{
+	/* 40: /proc/xxxxxxxxxx/task/xxxxxxxxxx/status + \0 */
+	char status[40];
+	char line[1024];
+	FILE *sfile;
+
+	snprintf (status, 40, "/proc/%s/status", sname);
+	status[39] = '\0';
+
+	sfile = fopen (status, "r");
+	if (NULL == sfile) {
+		return 0;
+	}
+	while (fgets (line, sizeof (line), sfile) == line) {
+		if (strncmp (line, "Uid:\t", 5) == 0) {
+			unsigned long ruid, euid, suid;
+			assert (uid == (unsigned long) uid);
+			if (sscanf (line,
+			            "Uid:\t%lu\t%lu\t%lu\n",
+			            &ruid, &euid, &suid) == 3) {
+				if (   (ruid == (unsigned long) uid)
+				    || (euid == (unsigned long) uid)
+				    || (suid == (unsigned long) uid)
+#ifdef ENABLE_SUBIDS
+				    || have_sub_uids(name, ruid, 1)
+				    || have_sub_uids(name, euid, 1)
+				    || have_sub_uids(name, suid, 1)
+#endif				/* ENABLE_SUBIDS */
+				   ) {
+					(void) fclose (sfile);
+					return 1;
+				}
+			} else {
+				/* Ignore errors. This is just a best effort. */
+			}
+			(void) fclose (sfile);
+			return 0;
+		}
+	}
+	(void) fclose (sfile);
+	return 0;
+}
+
+static int user_busy_processes (const char *name, uid_t uid)
+{
+	DIR *proc;
+	struct dirent *ent;
+	char *tmp_d_name;
+	pid_t pid;
+	DIR *task_dir;
+	/* 22: /proc/xxxxxxxxxx/task + \0 */
+	char task_path[22];
+	char root_path[22];
+	struct stat sbroot;
+	struct stat sbroot_process;
+
+#ifdef ENABLE_SUBIDS
+	sub_uid_open (O_RDONLY);
+#endif				/* ENABLE_SUBIDS */
+
+	proc = opendir ("/proc");
+	if (proc == NULL) {
+		perror ("opendir /proc");
+#ifdef ENABLE_SUBIDS
+		sub_uid_close();
+#endif
+		return 0;
+	}
+	if (stat ("/", &sbroot) != 0) {
+		perror ("stat (\"/\")");
+		(void) closedir (proc);
+#ifdef ENABLE_SUBIDS
+		sub_uid_close();
+#endif
+		return 0;
+	}
+
+	while ((ent = readdir (proc)) != NULL) {
+		tmp_d_name = ent->d_name;
+		/*
+		 * Ingo Molnar's patch introducing NPTL for 2.4 hides
+		 * threads in the /proc directory by prepending a period.
+		 * This patch is applied by default in some RedHat
+		 * kernels.
+		 */
+		if (   (strcmp (tmp_d_name, ".") == 0)
+		    || (strcmp (tmp_d_name, "..") == 0)) {
+			continue;
+		}
+		if (*tmp_d_name == '.') {
+			tmp_d_name++;
+		}
+
+		/* Check if this is a valid PID */
+		if (get_pid (tmp_d_name, &pid) == 0) {
+			continue;
+		}
+
+		/* Check if the process is in our chroot */
+		snprintf (root_path, 22, "/proc/%lu/root", (unsigned long) pid);
+		root_path[21] = '\0';
+		if (stat (root_path, &sbroot_process) != 0) {
+			continue;
+		}
+		if (   (sbroot.st_dev != sbroot_process.st_dev)
+		    || (sbroot.st_ino != sbroot_process.st_ino)) {
+			continue;
+		}
+
+		if (check_status (name, tmp_d_name, uid) != 0) {
+			(void) closedir (proc);
+#ifdef ENABLE_SUBIDS
+			sub_uid_close();
+#endif
+			fprintf (stderr,
+			         _("%s: user %s is currently used by process %d\n"),
+			         Prog, name, pid);
+			return 1;
+		}
+
+		snprintf (task_path, 22, "/proc/%lu/task", (unsigned long) pid);
+		task_path[21] = '\0';
+		task_dir = opendir (task_path);
+		if (task_dir != NULL) {
+			while ((ent = readdir (task_dir)) != NULL) {
+				pid_t tid;
+				if (get_pid (ent->d_name, &tid) == 0) {
+					continue;
+				}
+				if (tid == pid) {
+					continue;
+				}
+				if (check_status (name, task_path+6, uid) != 0) {
+					(void) closedir (proc);
+#ifdef ENABLE_SUBIDS
+					sub_uid_close();
+#endif
+					fprintf (stderr,
+					         _("%s: user %s is currently used by process %d\n"),
+					         Prog, name, pid);
+					return 1;
+				}
+			}
+			(void) closedir (task_dir);
+		} else {
+			/* Ignore errors. This is just a best effort */
+		}
+	}
+
+	(void) closedir (proc);
+#ifdef ENABLE_SUBIDS
+	sub_uid_close();
+#endif				/* ENABLE_SUBIDS */
+	return 0;
+}
+#endif				/* __linux__ */
+
diff --git a/libmisc/utmp.c b/libmisc/utmp.c
new file mode 100644
index 0000000..c22f31c
--- /dev/null
+++ b/libmisc/utmp.c
@@ -0,0 +1,464 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include "defines.h"
+#include "prototypes.h"
+
+#include <utmp.h>
+
+#ifdef USE_UTMPX
+#include <utmpx.h>
+#endif
+
+#include <assert.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h>
+#include <stdio.h>
+
+#ident "$Id$"
+
+
+/*
+ * is_my_tty -- determine if "tty" is the same TTY stdin is using
+ */
+static bool is_my_tty (const char *tty)
+{
+	/* full_tty shall be at least sizeof utmp.ut_line + 5 */
+	char full_tty[200];
+	/* tmptty shall be bigger than full_tty */
+	static char tmptty[sizeof (full_tty)+1];
+
+	if ('/' != *tty) {
+		(void) snprintf (full_tty, sizeof full_tty, "/dev/%s", tty);
+		tty = &full_tty[0];
+	}
+
+	if ('\0' == tmptty[0]) {
+		const char *tname = ttyname (STDIN_FILENO);
+		if (NULL != tname) {
+			(void) strncpy (tmptty, tname, sizeof tmptty);
+			tmptty[sizeof (tmptty) - 1] = '\0';
+		}
+	}
+
+	if ('\0' == tmptty[0]) {
+		(void) puts (_("Unable to determine your tty name."));
+		exit (EXIT_FAILURE);
+	} else if (strncmp (tty, tmptty, sizeof (tmptty)) != 0) {
+		return false;
+	} else {
+		return true;
+	}
+}
+
+/*
+ * get_current_utmp - return the most probable utmp entry for the current
+ *                    session
+ *
+ *	The utmp file is scanned for an entry with the same process ID.
+ *	The line enterred by the *getty / telnetd, etc. should also match
+ *	the current terminal.
+ *
+ *	When an entry is returned by get_current_utmp, and if the utmp
+ *	structure has a ut_id field, this field should be used to update
+ *	the entry information.
+ *
+ *	Return NULL if no entries exist in utmp for the current process.
+ */
+/*@null@*/ /*@only@*/struct utmp *get_current_utmp (void)
+{
+	struct utmp *ut;
+	struct utmp *ret = NULL;
+
+	setutent ();
+
+	/* First, try to find a valid utmp entry for this process.  */
+	while ((ut = getutent ()) != NULL) {
+		if (   (ut->ut_pid == getpid ())
+#ifdef HAVE_STRUCT_UTMP_UT_ID
+		    && ('\0' != ut->ut_id[0])
+#endif
+#ifdef HAVE_STRUCT_UTMP_UT_TYPE
+		    && (   (LOGIN_PROCESS == ut->ut_type)
+		        || (USER_PROCESS  == ut->ut_type))
+#endif
+		    /* A process may have failed to close an entry
+		     * Check if this entry refers to the current tty */
+		    && is_my_tty (ut->ut_line)) {
+			break;
+		}
+	}
+
+	if (NULL != ut) {
+		ret = (struct utmp *) xmalloc (sizeof (*ret));
+		memcpy (ret, ut, sizeof (*ret));
+	}
+
+	endutent ();
+
+	return ret;
+}
+
+#ifndef USE_PAM
+/*
+ * Some systems already have updwtmp() and possibly updwtmpx().  Others
+ * don't, so we re-implement these functions if necessary.
+ */
+#ifndef HAVE_UPDWTMP
+static void updwtmp (const char *filename, const struct utmp *ut)
+{
+	int fd;
+
+	fd = open (filename, O_APPEND | O_WRONLY, 0);
+	if (fd >= 0) {
+		write (fd, (const char *) ut, sizeof (*ut));
+		close (fd);
+	}
+}
+#endif				/* ! HAVE_UPDWTMP */
+
+#ifdef USE_UTMPX
+#ifndef HAVE_UPDWTMPX
+static void updwtmpx (const char *filename, const struct utmpx *utx)
+{
+	int fd;
+
+	fd = open (filename, O_APPEND | O_WRONLY, 0);
+	if (fd >= 0) {
+		write (fd, (const char *) utx, sizeof (*utx));
+		close (fd);
+	}
+}
+#endif				/* ! HAVE_UPDWTMPX */
+#endif				/* ! USE_UTMPX */
+#endif				/* ! USE_PAM */
+
+
+/*
+ * prepare_utmp - prepare an utmp entry so that it can be logged in a
+ *                utmp/wtmp file.
+ *
+ *	It accepts an utmp entry in input (ut) to return an entry with
+ *	the right ut_id. This is typically an entry returned by
+ *	get_current_utmp
+ *	If ut is NULL, ut_id will be forged based on the line argument.
+ *
+ *	The ut_host field of the input structure may also be kept, and is
+ *	used to define the ut_addr/ut_addr_v6 fields. (if these fields
+ *	exist)
+ *
+ *	Other fields are discarded and filed with new values (if they
+ *	exist).
+ *
+ *	The returned structure shall be freed by the caller.
+ */
+/*@only@*/struct utmp *prepare_utmp (const char *name,
+                                     const char *line,
+                                     const char *host,
+                                     /*@null@*/const struct utmp *ut)
+{
+	struct timeval tv;
+	char *hostname = NULL;
+	struct utmp *utent;
+
+	assert (NULL != name);
+	assert (NULL != line);
+
+
+
+	if (   (NULL != host)
+	    && ('\0' != host[0])) {
+		hostname = (char *) xmalloc (strlen (host) + 1);
+		strcpy (hostname, host);
+#ifdef HAVE_STRUCT_UTMP_UT_HOST
+	} else if (   (NULL != ut)
+	           && ('\0' != ut->ut_host[0])) {
+		hostname = (char *) xmalloc (sizeof (ut->ut_host) + 1);
+		strncpy (hostname, ut->ut_host, sizeof (ut->ut_host));
+		hostname[sizeof (ut->ut_host)] = '\0';
+#endif				/* HAVE_STRUCT_UTMP_UT_HOST */
+	}
+
+	if (strncmp(line, "/dev/", 5) == 0) {
+		line += 5;
+	}
+
+
+	utent = (struct utmp *) xmalloc (sizeof (*utent));
+	memzero (utent, sizeof (*utent));
+
+
+
+#ifdef HAVE_STRUCT_UTMP_UT_TYPE
+	utent->ut_type = USER_PROCESS;
+#endif				/* HAVE_STRUCT_UTMP_UT_TYPE */
+	utent->ut_pid = getpid ();
+	strncpy (utent->ut_line, line,      sizeof (utent->ut_line));
+#ifdef HAVE_STRUCT_UTMP_UT_ID
+	if (NULL != ut) {
+		strncpy (utent->ut_id, ut->ut_id, sizeof (utent->ut_id));
+	} else {
+		/* XXX - assumes /dev/tty?? */
+		strncpy (utent->ut_id, line + 3, sizeof (utent->ut_id));
+	}
+#endif				/* HAVE_STRUCT_UTMP_UT_ID */
+#ifdef HAVE_STRUCT_UTMP_UT_NAME
+	strncpy (utent->ut_name, name,      sizeof (utent->ut_name));
+#endif				/* HAVE_STRUCT_UTMP_UT_NAME */
+#ifdef HAVE_STRUCT_UTMP_UT_USER
+	strncpy (utent->ut_user, name,      sizeof (utent->ut_user));
+#endif				/* HAVE_STRUCT_UTMP_UT_USER */
+	if (NULL != hostname) {
+		struct addrinfo *info = NULL;
+#ifdef HAVE_STRUCT_UTMP_UT_HOST
+		strncpy (utent->ut_host, hostname, sizeof (utent->ut_host));
+#endif				/* HAVE_STRUCT_UTMP_UT_HOST */
+#ifdef HAVE_STRUCT_UTMP_UT_SYSLEN
+		utent->ut_syslen = MIN (strlen (hostname),
+		                        sizeof (utent->ut_host));
+#endif				/* HAVE_STRUCT_UTMP_UT_SYSLEN */
+#if defined(HAVE_STRUCT_UTMP_UT_ADDR) || defined(HAVE_STRUCT_UTMP_UT_ADDR_V6)
+		if (getaddrinfo (hostname, NULL, NULL, &info) == 0) {
+			/* getaddrinfo might not be reliable.
+			 * Just try to log what may be useful.
+			 */
+			if (info->ai_family == AF_INET) {
+				struct sockaddr_in *sa =
+					(struct sockaddr_in *) info->ai_addr;
+#ifdef HAVE_STRUCT_UTMP_UT_ADDR
+				memcpy (&(utent->ut_addr),
+				        &(sa->sin_addr),
+				        MIN (sizeof (utent->ut_addr),
+				             sizeof (sa->sin_addr)));
+#endif				/* HAVE_STRUCT_UTMP_UT_ADDR */
+#ifdef HAVE_STRUCT_UTMP_UT_ADDR_V6
+				memcpy (utent->ut_addr_v6,
+				        &(sa->sin_addr),
+				        MIN (sizeof (utent->ut_addr_v6),
+				             sizeof (sa->sin_addr)));
+			} else if (info->ai_family == AF_INET6) {
+				struct sockaddr_in6 *sa =
+					(struct sockaddr_in6 *) info->ai_addr;
+				memcpy (utent->ut_addr_v6,
+				        &(sa->sin6_addr),
+				        MIN (sizeof (utent->ut_addr_v6),
+				             sizeof (sa->sin6_addr)));
+#endif				/* HAVE_STRUCT_UTMP_UT_ADDR_V6 */
+			}
+			freeaddrinfo (info);
+		}
+#endif		/* HAVE_STRUCT_UTMP_UT_ADDR || HAVE_STRUCT_UTMP_UT_ADDR_V6 */
+		free (hostname);
+	}
+	/* ut_exit is only for DEAD_PROCESS */
+	utent->ut_session = getsid (0);
+	if (gettimeofday (&tv, NULL) == 0) {
+#ifdef HAVE_STRUCT_UTMP_UT_TIME
+		utent->ut_time = tv.tv_sec;
+#endif				/* HAVE_STRUCT_UTMP_UT_TIME */
+#ifdef HAVE_STRUCT_UTMP_UT_XTIME
+		utent->ut_xtime = tv.tv_usec;
+#endif				/* HAVE_STRUCT_UTMP_UT_XTIME */
+#ifdef HAVE_STRUCT_UTMP_UT_TV
+		utent->ut_tv.tv_sec  = tv.tv_sec;
+		utent->ut_tv.tv_usec = tv.tv_usec;
+#endif				/* HAVE_STRUCT_UTMP_UT_TV */
+	}
+
+	return utent;
+}
+
+/*
+ * setutmp - Update an entry in utmp and log an entry in wtmp
+ *
+ *	Return 1 on failure and 0 on success.
+ */
+int setutmp (struct utmp *ut)
+{
+	int err = 0;
+
+	assert (NULL != ut);
+
+	setutent ();
+	if (pututline (ut) == NULL) {
+		err = 1;
+	}
+	endutent ();
+
+#ifndef USE_PAM
+	/* This is done by pam_lastlog */
+	updwtmp (_WTMP_FILE, ut);
+#endif				/* ! USE_PAM */
+
+	return err;
+}
+
+#ifdef USE_UTMPX
+/*
+ * prepare_utmpx - the UTMPX version for prepare_utmp
+ */
+/*@only@*/struct utmpx *prepare_utmpx (const char *name,
+                                       const char *line,
+                                       const char *host,
+                                       /*@null@*/const struct utmp *ut)
+{
+	struct timeval tv;
+	char *hostname = NULL;
+	struct utmpx *utxent;
+
+	assert (NULL != name);
+	assert (NULL != line);
+
+
+
+	if (   (NULL != host)
+	    && ('\0' != host[0])) {
+		hostname = (char *) xmalloc (strlen (host) + 1);
+		strcpy (hostname, host);
+#ifdef HAVE_STRUCT_UTMP_UT_HOST
+	} else if (   (NULL != ut)
+	           && (NULL != ut->ut_host)
+	           && ('\0' != ut->ut_host[0])) {
+		hostname = (char *) xmalloc (sizeof (ut->ut_host) + 1);
+		strncpy (hostname, ut->ut_host, sizeof (ut->ut_host));
+		hostname[sizeof (ut->ut_host)] = '\0';
+#endif				/* HAVE_STRUCT_UTMP_UT_TYPE */
+	}
+
+	if (strncmp(line, "/dev/", 5) == 0) {
+		line += 5;
+	}
+
+	utxent = (struct utmpx *) xmalloc (sizeof (*utxent));
+	memzero (utxent, sizeof (*utxent));
+
+
+
+	utxent->ut_type = USER_PROCESS;
+	utxent->ut_pid = getpid ();
+	strncpy (utxent->ut_line, line,      sizeof (utxent->ut_line));
+	/* existence of ut->ut_id is enforced by configure */
+	if (NULL != ut) {
+		strncpy (utxent->ut_id, ut->ut_id, sizeof (utxent->ut_id));
+	} else {
+		/* XXX - assumes /dev/tty?? */
+		strncpy (utxent->ut_id, line + 3, sizeof (utxent->ut_id));
+	}
+#ifdef HAVE_STRUCT_UTMPX_UT_NAME
+	strncpy (utxent->ut_name, name,      sizeof (utxent->ut_name));
+#endif				/* HAVE_STRUCT_UTMPX_UT_NAME */
+	strncpy (utxent->ut_user, name,      sizeof (utxent->ut_user));
+	if (NULL != hostname) {
+		struct addrinfo *info = NULL;
+#ifdef HAVE_STRUCT_UTMPX_UT_HOST
+		strncpy (utxent->ut_host, hostname, sizeof (utxent->ut_host));
+#endif				/* HAVE_STRUCT_UTMPX_UT_HOST */
+#ifdef HAVE_STRUCT_UTMPX_UT_SYSLEN
+		utxent->ut_syslen = MIN (strlen (hostname),
+		                         sizeof (utxent->ut_host));
+#endif				/* HAVE_STRUCT_UTMPX_UT_SYSLEN */
+#if defined(HAVE_STRUCT_UTMPX_UT_ADDR) || defined(HAVE_STRUCT_UTMPX_UT_ADDR_V6)
+		if (getaddrinfo (hostname, NULL, NULL, &info) == 0) {
+			/* getaddrinfo might not be reliable.
+			 * Just try to log what may be useful.
+			 */
+			if (info->ai_family == AF_INET) {
+				struct sockaddr_in *sa =
+					(struct sockaddr_in *) info->ai_addr;
+#ifdef HAVE_STRUCT_UTMPX_UT_ADDR
+				memcpy (utxent->ut_addr,
+				        &(sa->sin_addr),
+				        MIN (sizeof (utxent->ut_addr),
+				             sizeof (sa->sin_addr)));
+#endif				/* HAVE_STRUCT_UTMPX_UT_ADDR */
+#ifdef HAVE_STRUCT_UTMPX_UT_ADDR_V6
+				memcpy (utxent->ut_addr_v6,
+				        &(sa->sin_addr),
+				        MIN (sizeof (utxent->ut_addr_v6),
+				             sizeof (sa->sin_addr)));
+			} else if (info->ai_family == AF_INET6) {
+				struct sockaddr_in6 *sa =
+					(struct sockaddr_in6 *) info->ai_addr;
+				memcpy (utxent->ut_addr_v6,
+				        &(sa->sin6_addr),
+				        MIN (sizeof (utxent->ut_addr_v6),
+				             sizeof (sa->sin6_addr)));
+#endif				/* HAVE_STRUCT_UTMPX_UT_ADDR_V6 */
+			}
+			freeaddrinfo (info);
+		}
+#endif		/* HAVE_STRUCT_UTMPX_UT_ADDR || HAVE_STRUCT_UTMPX_UT_ADDR_V6 */
+		free (hostname);
+	}
+	/* ut_exit is only for DEAD_PROCESS */
+	utxent->ut_session = getsid (0);
+	if (gettimeofday (&tv, NULL) == 0) {
+#ifdef HAVE_STRUCT_UTMPX_UT_TIME
+		utxent->ut_time = tv.tv_sec;
+#endif				/* HAVE_STRUCT_UTMPX_UT_TIME */
+#ifdef HAVE_STRUCT_UTMPX_UT_XTIME
+		utxent->ut_xtime = tv.tv_usec;
+#endif				/* HAVE_STRUCT_UTMPX_UT_XTIME */
+		utxent->ut_tv.tv_sec  = tv.tv_sec;
+		utxent->ut_tv.tv_usec = tv.tv_usec;
+	}
+
+	return utxent;
+}
+
+/*
+ * setutmpx - the UTMPX version for setutmp
+ */
+int setutmpx (struct utmpx *utx)
+{
+	int err = 0;
+
+	assert (NULL != utx);
+
+	setutxent ();
+	if (pututxline (utx) == NULL) {
+		err = 1;
+	}
+	endutxent ();
+
+#ifndef USE_PAM
+	/* This is done by pam_lastlog */
+	updwtmpx (_WTMP_FILE "x", utx);
+#endif				/* ! USE_PAM */
+
+	return err;
+}
+#endif				/* USE_UTMPX */
+
diff --git a/libmisc/valid.c b/libmisc/valid.c
new file mode 100644
index 0000000..4b85d67
--- /dev/null
+++ b/libmisc/valid.c
@@ -0,0 +1,105 @@
+/*
+ * Copyright (c) 1989 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1999, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <stdio.h>
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+/*
+ * valid - compare encrypted passwords
+ *
+ *	Valid() compares the DES encrypted password from the password file
+ *	against the password which the user has entered after it has been
+ *	encrypted using the same salt as the original.  Entries which do
+ *	not have a password file entry have a NULL pw_name field and this
+ *	is used to indicate that a dummy salt must be used to encrypt the
+ *	password anyway.
+ */
+bool valid (const char *password, const struct passwd *ent)
+{
+	const char *encrypted;
+	/*@observer@*/const char *salt;
+
+	/*
+	 * Start with blank or empty password entries.  Always encrypt
+	 * a password if no such user exists.  Only if the ID exists and
+	 * the password is really empty do you return quickly.  This
+	 * routine is meant to waste CPU time.
+	 */
+
+	if ((NULL != ent->pw_name) && ('\0' == ent->pw_passwd[0])) {
+		if ('\0' == password[0]) {
+			return true;	/* user entered nothing */
+		} else {
+			return false;	/* user entered something! */
+		}
+	}
+
+	/*
+	 * If there is no entry then we need a salt to use.
+	 */
+
+	if ((NULL == ent->pw_name) || ('\0' == ent->pw_passwd[0])) {
+		salt = "xx";
+	} else {
+		salt = ent->pw_passwd;
+	}
+
+	/*
+	 * Now, perform the encryption using the salt from before on
+	 * the users input.  Since we always encrypt the string, it
+	 * should be very difficult to determine if the user exists by
+	 * looking at execution time.
+	 */
+
+	encrypted = pw_encrypt (password, salt);
+
+	/*
+	 * One last time we must deal with there being no password file
+	 * entry for the user.  We use the pw_name == NULL idiom to
+	 * cause non-existent users to not be validated.
+	 */
+
+	if (   (NULL != ent->pw_name)
+	    && (NULL != encrypted)
+	    && (strcmp (encrypted, ent->pw_passwd) == 0)) {
+		return true;
+	} else {
+		return false;
+	}
+}
+
diff --git a/libmisc/xgetXXbyYY.c b/libmisc/xgetXXbyYY.c
new file mode 100644
index 0000000..1b0b001
--- /dev/null
+++ b/libmisc/xgetXXbyYY.c
@@ -0,0 +1,144 @@
+/*
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * According to the Linux-PAM documentation:
+ *
+ *  4.1. Care about standard library calls
+ *
+ *  In general, writers of authorization-granting applications should
+ *  assume that each module is likely to call any or all 'libc' functions.
+ *  For 'libc' functions that return pointers to static/dynamically
+ *  allocated structures (ie.  the library allocates the memory and the
+ *  user is not expected to 'free()' it) any module call to this function
+ *  is likely to corrupt a pointer previously obtained by the application.
+ *  The application programmer should either re-call such a 'libc'
+ *  function after a call to the Linux-PAM library, or copy the structure
+ *  contents to some safe area of memory before passing control to the
+ *  Linux-PAM library.
+ *
+ *  Two important function classes that fall into this category are
+ *  getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include "prototypes.h"
+
+#define XFUNCTION_NAME XPREFIX (FUNCTION_NAME)
+#define XPREFIX(name) XPREFIX1 (name)
+#define XPREFIX1(name) x##name
+#define REENTRANT_NAME APPEND_R (FUNCTION_NAME)
+#define APPEND_R(name) APPEND_R1 (name)
+#define APPEND_R1(name) name##_r
+#define STRINGIZE(name) STRINGIZE1 (name)
+#define STRINGIZE1(name) #name
+
+/*@null@*/ /*@only@*/LOOKUP_TYPE *XFUNCTION_NAME (ARG_TYPE ARG_NAME)
+{
+#if HAVE_FUNCTION_R
+	LOOKUP_TYPE *result=NULL;
+	char *buffer=NULL;
+	/* we have to start with something */
+	size_t length = 0x100;
+
+	result = malloc(sizeof(LOOKUP_TYPE));
+	if (NULL == result) {
+		fprintf (stderr, _("%s: out of memory\n"),
+		         "x" STRINGIZE(FUNCTION_NAME));
+		exit (13);
+	}
+
+	while (true) {
+		int status;
+		LOOKUP_TYPE *resbuf = NULL;
+		buffer = (char *)realloc (buffer, length);
+		if (NULL == buffer) {
+			fprintf (stderr, _("%s: out of memory\n"),
+			         "x" STRINGIZE(FUNCTION_NAME));
+			exit (13);
+		}
+		errno = 0;
+		status = REENTRANT_NAME(ARG_NAME, result, buffer,
+		                        length, &resbuf);
+		if ((0 == status) && (resbuf == result)) {
+			/* Build a result structure that can be freed by
+			 * the shadow *_free functions. */
+			LOOKUP_TYPE *ret_result = DUP_FUNCTION(result);
+			free(buffer);
+			free(result);
+			return ret_result;
+		}
+
+		if (ERANGE != errno) {
+			free (buffer);
+			free (result);
+			return NULL;
+		}
+
+		if (length <= ((size_t)-1 / 4)) {
+			length *= 4;
+		} else if (length == (size_t) -1) {
+			break;
+		} else {
+			length = (size_t) -1;
+		}
+	}
+
+	free(buffer);
+	free(result);
+	return NULL;
+
+#else /* !HAVE_FUNCTION_R */
+
+	/* No reentrant function.
+	 * Duplicate the structure to avoid other call to overwrite it.
+	 *
+	 * We should also restore the initial structure. But that would be
+	 * overkill.
+	 */
+	LOOKUP_TYPE *result = FUNCTION_NAME(ARG_NAME);
+
+	if (result) {
+		result = DUP_FUNCTION(result);
+		if (NULL == result) {
+			fprintf (stderr, _("%s: out of memory\n"),
+			         "x" STRINGIZE(FUNCTION_NAME));
+			exit (13);
+		}
+	}
+
+	return result;
+#endif
+}
+
diff --git a/libmisc/xgetgrgid.c b/libmisc/xgetgrgid.c
new file mode 100644
index 0000000..2ef171d
--- /dev/null
+++ b/libmisc/xgetgrgid.c
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * According to the Linux-PAM documentation:
+ *
+ *  4.1. Care about standard library calls
+ *
+ *  In general, writers of authorization-granting applications should
+ *  assume that each module is likely to call any or all 'libc' functions.
+ *  For 'libc' functions that return pointers to static/dynamically
+ *  allocated structures (ie.  the library allocates the memory and the
+ *  user is not expected to 'free()' it) any module call to this function
+ *  is likely to corrupt a pointer previously obtained by the application.
+ *  The application programmer should either re-call such a 'libc'
+ *  function after a call to the Linux-PAM library, or copy the structure
+ *  contents to some safe area of memory before passing control to the
+ *  Linux-PAM library.
+ *
+ *  Two important function classes that fall into this category are
+ *  getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include <config.h>
+
+#include "groupio.h"
+
+#define LOOKUP_TYPE	struct group
+#define FUNCTION_NAME	getgrgid
+#define ARG_TYPE	gid_t
+#define ARG_NAME	gid
+#define DUP_FUNCTION	__gr_dup
+#define HAVE_FUNCTION_R (defined HAVE_GETGRGID_R)
+
+#include "xgetXXbyYY.c"
+
diff --git a/libmisc/xgetgrnam.c b/libmisc/xgetgrnam.c
new file mode 100644
index 0000000..a07d0c3
--- /dev/null
+++ b/libmisc/xgetgrnam.c
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * According to the Linux-PAM documentation:
+ *
+ *  4.1. Care about standard library calls
+ *
+ *  In general, writers of authorization-granting applications should
+ *  assume that each module is likely to call any or all 'libc' functions.
+ *  For 'libc' functions that return pointers to static/dynamically
+ *  allocated structures (ie.  the library allocates the memory and the
+ *  user is not expected to 'free()' it) any module call to this function
+ *  is likely to corrupt a pointer previously obtained by the application.
+ *  The application programmer should either re-call such a 'libc'
+ *  function after a call to the Linux-PAM library, or copy the structure
+ *  contents to some safe area of memory before passing control to the
+ *  Linux-PAM library.
+ *
+ *  Two important function classes that fall into this category are
+ *  getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include <config.h>
+
+#include "groupio.h"
+
+#define LOOKUP_TYPE	struct group
+#define FUNCTION_NAME	getgrnam
+#define ARG_TYPE	const char *
+#define ARG_NAME	name
+#define DUP_FUNCTION	__gr_dup
+#define HAVE_FUNCTION_R (defined HAVE_GETGRNAM_R)
+
+#include "xgetXXbyYY.c"
+
diff --git a/libmisc/xgetpwnam.c b/libmisc/xgetpwnam.c
new file mode 100644
index 0000000..db65abb
--- /dev/null
+++ b/libmisc/xgetpwnam.c
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * According to the Linux-PAM documentation:
+ *
+ *  4.1. Care about standard library calls
+ *
+ *  In general, writers of authorization-granting applications should
+ *  assume that each module is likely to call any or all 'libc' functions.
+ *  For 'libc' functions that return pointers to static/dynamically
+ *  allocated structures (ie.  the library allocates the memory and the
+ *  user is not expected to 'free()' it) any module call to this function
+ *  is likely to corrupt a pointer previously obtained by the application.
+ *  The application programmer should either re-call such a 'libc'
+ *  function after a call to the Linux-PAM library, or copy the structure
+ *  contents to some safe area of memory before passing control to the
+ *  Linux-PAM library.
+ *
+ *  Two important function classes that fall into this category are
+ *  getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include <config.h>
+
+#include "pwio.h"
+
+#define LOOKUP_TYPE	struct passwd
+#define FUNCTION_NAME	getpwnam
+#define ARG_TYPE	const char *
+#define ARG_NAME	name
+#define DUP_FUNCTION	__pw_dup
+#define HAVE_FUNCTION_R (defined HAVE_GETPWNAM_R)
+
+#include "xgetXXbyYY.c"
+
diff --git a/libmisc/xgetpwuid.c b/libmisc/xgetpwuid.c
new file mode 100644
index 0000000..8924134
--- /dev/null
+++ b/libmisc/xgetpwuid.c
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2007 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * According to the Linux-PAM documentation:
+ *
+ *  4.1. Care about standard library calls
+ *
+ *  In general, writers of authorization-granting applications should
+ *  assume that each module is likely to call any or all 'libc' functions.
+ *  For 'libc' functions that return pointers to static/dynamically
+ *  allocated structures (ie.  the library allocates the memory and the
+ *  user is not expected to 'free()' it) any module call to this function
+ *  is likely to corrupt a pointer previously obtained by the application.
+ *  The application programmer should either re-call such a 'libc'
+ *  function after a call to the Linux-PAM library, or copy the structure
+ *  contents to some safe area of memory before passing control to the
+ *  Linux-PAM library.
+ *
+ *  Two important function classes that fall into this category are
+ *  getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include <config.h>
+
+#include "pwio.h"
+
+#define LOOKUP_TYPE	struct passwd
+#define FUNCTION_NAME	getpwuid
+#define ARG_TYPE	uid_t
+#define ARG_NAME	uid
+#define DUP_FUNCTION	__pw_dup
+#define HAVE_FUNCTION_R (defined HAVE_GETPWUID_R)
+
+#include "xgetXXbyYY.c"
+
diff --git a/libmisc/xgetspnam.c b/libmisc/xgetspnam.c
new file mode 100644
index 0000000..287e97f
--- /dev/null
+++ b/libmisc/xgetspnam.c
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2008 - 2009, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * According to the Linux-PAM documentation:
+ *
+ *  4.1. Care about standard library calls
+ *
+ *  In general, writers of authorization-granting applications should
+ *  assume that each module is likely to call any or all 'libc' functions.
+ *  For 'libc' functions that return pointers to static/dynamically
+ *  allocated structures (ie.  the library allocates the memory and the
+ *  user is not expected to 'free()' it) any module call to this function
+ *  is likely to corrupt a pointer previously obtained by the application.
+ *  The application programmer should either re-call such a 'libc'
+ *  function after a call to the Linux-PAM library, or copy the structure
+ *  contents to some safe area of memory before passing control to the
+ *  Linux-PAM library.
+ *
+ *  Two important function classes that fall into this category are
+ *  getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include <config.h>
+
+#include "shadowio.h"
+
+#define LOOKUP_TYPE	struct spwd
+#define FUNCTION_NAME	getspnam
+#define ARG_TYPE	const char *
+#define ARG_NAME	name
+#define DUP_FUNCTION	__spw_dup
+#define HAVE_FUNCTION_R (defined HAVE_GETSPNAM_R)
+
+#include "xgetXXbyYY.c"
+
diff --git a/libmisc/xmalloc.c b/libmisc/xmalloc.c
new file mode 100644
index 0000000..41a3343
--- /dev/null
+++ b/libmisc/xmalloc.c
@@ -0,0 +1,68 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 1998, Marek Michałkiewicz
+ * Copyright (c) 2003 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2008       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* Replacements for malloc and strdup with error checking.  Too trivial
+   to be worth copyrighting :-).  I did that because a lot of code used
+   malloc and strdup without checking for NULL pointer, and I like some
+   message better than a core dump...  --marekm
+   
+   Yeh, but.  Remember that bailing out might leave the system in some
+   bizarre state.  You really want to put in error checking, then add
+   some back-out failure recovery code. -- jfh */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <errno.h>
+#include "defines.h"
+#include "prototypes.h"
+
+/*@maynotreturn@*/ /*@only@*//*@out@*//*@notnull@*/char *xmalloc (size_t size)
+{
+	char *ptr;
+
+	ptr = (char *) malloc (size);
+	if (NULL == ptr) {
+		(void) fprintf (stderr,
+		                _("%s: failed to allocate memory: %s\n"),
+		                Prog, strerror (errno));
+		exit (13);
+	}
+	return ptr;
+}
+
+/*@maynotreturn@*/ /*@only@*//*@notnull@*/char *xstrdup (const char *str)
+{
+	return strcpy (xmalloc (strlen (str) + 1), str);
+}
diff --git a/libmisc/yesno.c b/libmisc/yesno.c
new file mode 100644
index 0000000..a2eb953
--- /dev/null
+++ b/libmisc/yesno.c
@@ -0,0 +1,79 @@
+/*
+ * Copyright (c) 1992 - 1994, Julianne Frances Haugh
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Common code for yes/no prompting
+ *
+ * Used by pwck.c and grpck.c
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include "prototypes.h"
+
+/*
+ * yes_or_no - get answer to question from the user
+ *
+ *	It returns false if no.
+ *
+ *	If the read_only flag is set, it will print No, and will return
+ *	false.
+ */
+bool yes_or_no (bool read_only)
+{
+	char buf[80];
+
+	/*
+	 * In read-only mode all questions are answered "no".
+	 */
+	if (read_only) {
+		(void) puts (_("No"));
+		return false;
+	}
+
+	/*
+	 * Typically, there's a prompt on stdout, sometimes unflushed.
+	 */
+	(void) fflush (stdout);
+
+	/*
+	 * Get a line and see what the first character is.
+	 */
+	/* TODO: use gettext */
+	if (fgets (buf, (int) sizeof buf, stdin) == buf) {
+		return buf[0] == 'y' || buf[0] == 'Y';
+	}
+
+	return false;
+}
+
diff --git a/man/.gitignore b/man/.gitignore
new file mode 100644
index 0000000..a5a91a9
--- /dev/null
+++ b/man/.gitignore
@@ -0,0 +1,8 @@
+.xml2po.mo
+config.xml
+generate_mans.deps
+
+*.[0-9]
+
+/po/POTFILES
+/po/stamp-po
diff --git a/man/Makefile.am b/man/Makefile.am
new file mode 100644
index 0000000..4c34022
--- /dev/null
+++ b/man/Makefile.am
@@ -0,0 +1,218 @@
+
+# subdirectories for translated manual pages
+if USE_NLS
+SUBDIRS = po cs da de es fi fr hu id it ja ko pl pt_BR ru sv tr zh_CN zh_TW
+else
+SUBDIRS =
+endif
+
+man_MANS = \
+	man1/chage.1 \
+	man1/chfn.1 \
+	man8/chgpasswd.8 \
+	man8/chpasswd.8 \
+	man1/chsh.1 \
+	man1/expiry.1 \
+	man5/faillog.5 \
+	man8/faillog.8 \
+	man3/getspnam.3 \
+	man1/gpasswd.1 \
+	man8/groupadd.8 \
+	man8/groupdel.8 \
+	man8/groupmems.8 \
+	man8/groupmod.8 \
+	man1/groups.1 \
+	man8/grpck.8 \
+	man8/grpconv.8 \
+	man8/grpunconv.8 \
+	man5/gshadow.5 \
+	man8/lastlog.8 \
+	man1/login.1 \
+	man5/login.defs.5 \
+	man8/logoutd.8 \
+	man1/newgrp.1 \
+	man8/newusers.8 \
+	man8/nologin.8 \
+	man1/passwd.1 \
+	man5/passwd.5 \
+	man8/pwck.8 \
+	man8/pwconv.8 \
+	man8/pwunconv.8 \
+	man1/sg.1 \
+	man3/shadow.3 \
+	man5/shadow.5 \
+	man1/su.1 \
+	man5/suauth.5 \
+	man8/useradd.8 \
+	man8/userdel.8 \
+	man8/usermod.8 \
+	man8/vigr.8 \
+	man8/vipw.8
+
+man_nopam = \
+	man5/limits.5 \
+	man5/login.access.5 \
+	man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+man_subids = \
+	man1/newgidmap.1 \
+	man1/newuidmap.1 \
+	man5/subgid.5 \
+	man5/subuid.5
+
+if ENABLE_SUBIDS
+man_MANS += $(man_subids)
+endif
+
+man_XMANS = \
+	chage.1.xml \
+	chfn.1.xml \
+	chgpasswd.8.xml \
+	chpasswd.8.xml \
+	chsh.1.xml \
+	expiry.1.xml \
+	faillog.5.xml \
+	faillog.8.xml \
+	gpasswd.1.xml \
+	groupadd.8.xml \
+	groupdel.8.xml \
+	groupmems.8.xml \
+	groupmod.8.xml \
+	groups.1.xml \
+	grpck.8.xml \
+	gshadow.5.xml \
+	lastlog.8.xml \
+	limits.5.xml \
+	login.1.xml \
+	login.access.5.xml \
+	login.defs.5.xml \
+	logoutd.8.xml \
+	newgidmap.1.xml \
+	newgrp.1.xml \
+	newuidmap.1.xml \
+	newusers.8.xml \
+	nologin.8.xml \
+	passwd.1.xml \
+	passwd.5.xml \
+	porttime.5.xml \
+	pwck.8.xml \
+	pwconv.8.xml \
+	shadow.3.xml \
+	shadow.5.xml \
+	sg.1.xml \
+	su.1.xml \
+	suauth.5.xml \
+	subgid.5.xml \
+	subuid.5.xml \
+	useradd.8.xml \
+	userdel.8.xml \
+	usermod.8.xml \
+	vipw.8.xml
+
+login_defs_v = \
+	CHFN_AUTH.xml \
+	CHFN_RESTRICT.xml \
+	CHSH_AUTH.xml \
+	CONSOLE.xml \
+	CONSOLE_GROUPS.xml \
+	CREATE_HOME.xml \
+	DEFAULT_HOME.xml \
+	ENCRYPT_METHOD.xml \
+	ENV_HZ.xml \
+	ENVIRON_FILE.xml \
+	ENV_PATH.xml \
+	ENV_SUPATH.xml \
+	ENV_TZ.xml \
+	ERASECHAR.xml \
+	FAIL_DELAY.xml \
+	FAILLOG_ENAB.xml \
+	FAKE_SHELL.xml \
+	FTMP_FILE.xml \
+	GID_MAX.xml \
+	HUSHLOGIN_FILE.xml \
+	ISSUE_FILE.xml \
+	KILLCHAR.xml \
+	LASTLOG_ENAB.xml \
+	LOGIN_RETRIES.xml \
+	LOGIN_STRING.xml \
+	LOGIN_TIMEOUT.xml \
+	LOG_OK_LOGINS.xml \
+	LOG_UNKFAIL_ENAB.xml \
+	MAIL_CHECK_ENAB.xml \
+	MAIL_DIR.xml \
+	MAX_MEMBERS_PER_GROUP.xml \
+	MD5_CRYPT_ENAB.xml \
+	MOTD_FILE.xml \
+	NOLOGINS_FILE.xml \
+	OBSCURE_CHECKS_ENAB.xml \
+	PASS_ALWAYS_WARN.xml \
+	PASS_CHANGE_TRIES.xml \
+	PASS_MAX_DAYS.xml \
+	PASS_MAX_LEN.xml \
+	PASS_MIN_DAYS.xml \
+	PASS_WARN_AGE.xml \
+	PORTTIME_CHECKS_ENAB.xml \
+	QUOTAS_ENAB.xml \
+	SHA_CRYPT_MIN_ROUNDS.xml \
+	SULOG_FILE.xml \
+	SU_NAME.xml \
+	SU_WHEEL_ONLY.xml \
+	SYSLOG_SG_ENAB.xml \
+	SYSLOG_SU_ENAB.xml \
+	TCB_AUTH_GROUP.xml \
+	TCB_SYMLINKS.xml \
+	TTYGROUP.xml \
+	TTYTYPE_FILE.xml \
+	UID_MAX.xml \
+	ULIMIT.xml \
+	UMASK.xml \
+	USERDEL_CMD.xml \
+	USERGROUPS_ENAB.xml \
+	USE_TCB.xml \
+	SUB_GID_COUNT.xml \
+	SUB_UID_COUNT.xml \
+	SYS_GID_MAX.xml \
+	SYS_UID_MAX.xml
+
+EXTRA_DIST = \
+	$(man_MANS) \
+	$(man_XMANS) \
+	$(addprefix login.defs.d/,$(login_defs_v)) \
+	man1/id.1 \
+	id.1.xml \
+	man8/sulogin.8 \
+	sulogin.8.xml \
+	generate_mans.mak \
+	generate_translations.mak
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+if !ENABLE_SUBIDS
+EXTRA_DIST += $(man_subids)
+endif
+
+generate_mans.deps: *.xml
+	echo "# This file is generated" > $@
+	awk 'BEGIN{FS="\"";} /^<!ENTITY .* * SYSTEM ".*">$$/{ f=FILENAME; sub(/.xml/,"",f); print "man" substr(f, length (f)) "/" f ": " $$2 }' $(man_XMANS) >> $@
+
+if ENABLE_REGENERATE_MAN
+
+@ENABLE_REGENERATE_MAN_TRUE@include generate_mans.deps
+
+include generate_mans.mak
+
+CLEANFILES = $(man_MANS) man1/id.1 man8/sulogin.8
+
+else
+$(man_MANS):
+	@echo ""
+	@echo "Error: you need to run configure with '--enable-man'"
+	@echo "       in order to regenerate man pages."
+	@echo ""
+endif
diff --git a/man/chage.1.xml b/man/chage.1.xml
new file mode 100644
index 0000000..d05617d
--- /dev/null
+++ b/man/chage.1.xml
@@ -0,0 +1,321 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1990 - 1994, Julianne Frances Haugh
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY USE_TCB               SYSTEM "login.defs.d/USE_TCB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='chage.1'>
+  <!--  $Id$  -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1990</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>chage</refentrytitle>
+    <manvolnum>1</manvolnum>
+    <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>chage</refname>
+    <refpurpose>change user password expiry information</refpurpose>
+  </refnamediv>
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>chage</command>
+      <arg choice='opt'>
+	<replaceable>options</replaceable>
+      </arg>
+      <arg choice='plain'>
+	<replaceable>LOGIN</replaceable>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>chage</command> command changes the number of days between
+      password changes and the date of the last password change. This
+      information is used by the system to determine when a user must change
+      his/her password.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>chage</command> command are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Set the number of days since January 1st, 1970 when the password
+	    was last changed. The date may also be expressed in the format
+	    YYYY-MM-DD (or the format more commonly used in your area).
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-E</option>, <option>--expiredate</option>&nbsp;<replaceable>EXPIRE_DATE</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Set the date or number of days since January 1, 1970 on which the
+	    user's account will no longer be accessible. The date may also
+	    be expressed in the format YYYY-MM-DD (or the format more
+	    commonly used in your area). A user whose account is locked must
+	    contact the system administrator before being able to use the
+	    system again.
+	  </para>
+	  <para>
+	    Passing the number <emphasis remap='I'>-1</emphasis> as the
+	    <replaceable>EXPIRE_DATE</replaceable> will remove an account
+	    expiration date.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Set the number of days of inactivity after a password has
+	    expired before the account is locked. The
+	    <replaceable>INACTIVE</replaceable> option is the number of days
+	    of inactivity. A user whose account is locked must contact the
+	    system administrator before being able to use the system again.
+	  </para>
+	  <para>
+	    Passing the number <emphasis remap='I'>-1</emphasis> as the
+	    <replaceable>INACTIVE</replaceable> will remove an account's
+	    inactivity.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-l</option>, <option>--list</option>
+	</term>
+	<listitem>
+	  <para>
+	  Show account aging information.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Set the minimum number of days between password changes to
+	    <replaceable>MIN_DAYS</replaceable>. A value of zero for this field
+	    indicates that the user may change his/her password at any time.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Set the maximum number of days during which a password is valid. 
+	    When <replaceable>MAX_DAYS</replaceable> plus
+	    <replaceable>LAST_DAY</replaceable> is less than the current
+	    day, the user will be required to change his/her password before
+	    being able to use his/her account. This occurrence can be planned for
+	    in advance by use of the <option>-W</option> option, which
+	    provides the user with advance warning.
+	  </para>
+	  <para>
+	    Passing the number <emphasis remap='I'>-1</emphasis> as
+	    <replaceable>MAX_DAYS</replaceable> will remove checking a
+	    password's validity.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-W</option>, <option>--warndays</option>&nbsp;<replaceable>WARN_DAYS</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Set the number of days of warning before a password change is
+	    required. The <replaceable>WARN_DAYS</replaceable> option is the
+	    number of days prior to the password expiring that a user will
+	    be warned his/her password is about to expire.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+    <para>
+      If none of the options are selected, <command>chage</command> operates
+      in an interactive fashion, prompting the user with the current values
+      for all of the fields. Enter the new value to change the field, or
+      leave the line blank to use the current value. The current value is
+      displayed between a pair of <emphasis>[ ]</emphasis> marks.
+    </para>
+  </refsect1>
+  <refsect1 id='note'>
+    <title>NOTE</title>
+    <para>
+      The <command>chage</command> program requires a shadow password file to
+      be available.
+    </para>
+    <para>The <command>chage</command> command is restricted to the root
+      user, except for the <option>-l</option> option, which may be used by
+      an unprivileged user to determine when his/her password or account is due
+      to expire.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &USE_TCB;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term>
+	  <filename>/etc/passwd</filename>
+	</term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <filename>/etc/shadow</filename>
+	</term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='exit_values'>
+    <title>EXIT VALUES</title>
+    <para>
+      The <command>chage</command> command exits with the following values:
+      <variablelist>
+	<varlistentry>
+	  <term><replaceable>0</replaceable></term>
+	  <listitem>
+	    <para>success</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>1</replaceable></term>
+	  <listitem>
+	    <para>permission denied</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>2</replaceable></term>
+	  <listitem>
+	    <para>invalid command syntax</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>15</replaceable></term>
+	  <listitem>
+	    <para>can't find the shadow password file</para>
+	  </listitem>
+	</varlistentry>
+      </variablelist>
+    </para>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/chfn.1.xml b/man/chfn.1.xml
new file mode 100644
index 0000000..153d67e
--- /dev/null
+++ b/man/chfn.1.xml
@@ -0,0 +1,238 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1990 - 1994, Julianne Frances Haugh
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY CHFN_AUTH             SYSTEM "login.defs.d/CHFN_AUTH.xml">
+<!ENTITY CHFN_RESTRICT         SYSTEM "login.defs.d/CHFN_RESTRICT.xml">
+<!ENTITY LOGIN_STRING          SYSTEM "login.defs.d/LOGIN_STRING.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='chfn.1'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1990</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>chfn</refentrytitle>
+    <manvolnum>1</manvolnum>
+    <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>chfn</refname>
+    <refpurpose>change real user name and information</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>chfn</command>
+      <arg choice='opt'>
+	<replaceable>options</replaceable>
+      </arg>
+      <arg choice='opt'>
+	<replaceable>LOGIN</replaceable>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>chfn</command> command changes user fullname,
+      office room number, office phone number, and home phone number information
+      for a user's account. This information is typically printed by
+      <citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry> and similar programs. A normal user may only change
+      the fields for her own account, subject to the restrictions in
+      <filename>/etc/login.defs</filename>. (The default configuration is to
+      prevent users from changing their fullname.) The superuser may change
+      any field for any account. Additionally, only the superuser may use
+      the <option>-o</option> option to change the undefined portions of the
+      GECOS field.
+    </para>
+
+    <para>
+      These fields must not contain any colons. Except for the
+      <emphasis remap='I'>other</emphasis> field, they should not contain
+      any comma or equal sign. It is also recommended to avoid
+      non-US-ASCII characters, but this is only enforced for the phone
+      numbers. The <emphasis remap='I'>other</emphasis> field is used to
+      store accounting information used by other applications.
+    </para>
+
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>chfn</command> command are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-f</option>, <option>--full-name</option>&nbsp;<replaceable>FULL_NAME</replaceable>
+	</term>
+	<listitem>
+	  <para>Change the user's full name.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-h</option>, <option>--home-phone</option>&nbsp;<replaceable>HOME_PHONE</replaceable>
+	</term>
+	<listitem>
+	  <para>Change the user's home phone number.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Change the user's other GECOS information. This field is used to
+	    store accounting information used by other applications, and can
+	    be changed only by a superuser.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</replaceable>
+	</term>
+	<listitem>
+	  <para>Change the user's room number.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-u</option>, <option>--help</option>
+	</term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-w</option>, <option>--work-phone</option>&nbsp;<replaceable>WORK_PHONE</replaceable>
+	</term>
+	<listitem>
+	  <para>Change the user's office phone number.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+    <para>
+      If none of the options are selected, <command>chfn</command>
+      operates in an interactive fashion, prompting the user with the
+      current values for all of the fields. Enter the new value to change
+      the field, or leave the line blank to use the current value. The
+      current value is displayed between a pair of <emphasis remap='B'>[
+      ]</emphasis> marks. Without options, <command>chfn</command>
+      prompts for the current user account.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &CHFN_AUTH;
+      &CHFN_RESTRICT;
+      &LOGIN_STRING;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/login.defs</filename></term>
+	<listitem>
+	  <para>Shadow password suite configuration.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/chgpasswd.8.xml b/man/chgpasswd.8.xml
new file mode 100644
index 0000000..cd61687
--- /dev/null
+++ b/man/chgpasswd.8.xml
@@ -0,0 +1,250 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 2006       , Tomasz KÅ‚oczko
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY ENCRYPT_METHOD        SYSTEM "login.defs.d/ENCRYPT_METHOD.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY MD5_CRYPT_ENAB        SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
+<!ENTITY SHA_CRYPT_MIN_ROUNDS  SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='chgpasswd.8'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>Creation, 2006</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>chgpasswd</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>chgpasswd</refname>
+    <refpurpose>update group passwords in batch mode</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>chgpasswd</command>
+      <arg choice='opt'>
+	<replaceable>options</replaceable>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>chgpasswd</command> command reads a list of group name
+      and password pairs from standard input and uses this information to
+      update a set of existing groups. Each line is of the format:
+    </para>
+    <para>
+      <emphasis remap='I'>group_name</emphasis>:<emphasis
+      remap='I'>password</emphasis>
+    </para>
+    <para>
+      By default the supplied password must be in clear-text, and is
+      encrypted by <command>chgpasswd</command>.
+    </para>
+    <para>
+      The default encryption algorithm can be defined for the system with
+      the <option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</filename>,
+      and can be overwritten with the <option>-e</option>,
+      <option>-m</option>, or <option>-c</option> options.
+    </para>
+    <para>
+      This command is intended to be used in a large system environment
+      where many accounts are created at a single time.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>chgpasswd</command> command
+      are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term><option>-c</option>, <option>--crypt-method</option></term>
+	<listitem>
+	  <para>Use the specified method to encrypt the passwords.</para>
+	  <para condition="no_sha_crypt">
+	    The available methods are DES, MD5, and NONE.
+	  </para>
+	  <para condition="sha_crypt">
+	    The available methods are DES, MD5, NONE, and SHA256 or SHA512
+	    if your libc support these methods.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-e</option>, <option>--encrypted</option></term>
+	<listitem>
+	  <para>Supplied passwords are in encrypted form.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-m</option>, <option>--md5</option></term>
+	<listitem>
+	  <para>
+	    Use MD5 encryption instead of DES when the supplied passwords are
+	    not encrypted.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="sha_crypt">
+	<term><option>-s</option>, <option>--sha-rounds</option></term>
+	<listitem>
+	  <para>
+	    Use the specified number of rounds to encrypt the passwords.
+	  </para>
+	  <para>
+	    The value 0 means that the system will choose the default
+	    number of rounds for the crypt method (5000).
+	  </para>
+	  <para>
+	    A minimal value of 1000 and a maximal value of 999,999,999
+	    will be enforced.
+	  </para>
+	  <para>
+	    You can only use this option with the SHA256 or SHA512
+	    crypt method.
+	  </para>
+	  <para>
+	    By default, the number of rounds is defined by the
+	    SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in
+	    <filename>/etc/login.defs</filename>.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='caveats'>
+    <title>CAVEATS</title>
+    <para>
+      Remember to set permissions or umask to prevent readability of
+      unencrypted files by other users.
+    </para>
+    <para>
+      You should make sure the passwords and the encryption method respect
+      the system's password policy.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &ENCRYPT_METHOD;
+      &MAX_MEMBERS_PER_GROUP;
+      &MD5_CRYPT_ENAB;
+      &SHA_CRYPT_MIN_ROUNDS; <!--This also document SHA_CRYPT_MAX_ROUNDS-->
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="gshadow">
+	<term><filename>/etc/gshadow</filename></term>
+	<listitem>
+	  <para>Secure group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/login.defs</filename></term>
+	<listitem>
+	  <para>Shadow password suite configuration.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>gpasswd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/chpasswd.8.xml b/man/chpasswd.8.xml
new file mode 100644
index 0000000..19ef36e
--- /dev/null
+++ b/man/chpasswd.8.xml
@@ -0,0 +1,303 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1991       , Julianne Frances Haugh
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY ENCRYPT_METHOD        SYSTEM "login.defs.d/ENCRYPT_METHOD.xml">
+<!ENTITY MD5_CRYPT_ENAB        SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
+<!ENTITY SHA_CRYPT_MIN_ROUNDS  SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='chpasswd.8'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1991</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>chpasswd</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>chpasswd</refname>
+    <refpurpose>update passwords in batch mode</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>chpasswd</command>
+      <arg choice='opt'>
+	<replaceable>options</replaceable>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>chpasswd</command> command reads a list of user name and
+      password pairs from standard input and uses this information to update
+      a group of existing users. Each line is of the format:
+    </para>
+    <para>
+      <emphasis remap='I'>user_name</emphasis>:<emphasis
+      remap='I'>password</emphasis>
+    </para>
+    <para>
+      By default the passwords must be supplied in clear-text, and are
+      encrypted by <command>chpasswd</command>.
+      Also the password age will be updated, if present.
+    </para>
+    <para condition="no_pam">
+      The default encryption algorithm can be defined for the system with
+      the <option>ENCRYPT_METHOD</option> or
+      <option>MD5_CRYPT_ENAB</option> variables of
+      <filename>/etc/login.defs</filename>, and can be overwritten with the
+      <option>-e</option>, <option>-m</option>, or <option>-c</option>
+      options.
+    </para>
+    <para condition="pam">
+      By default, passwords are encrypted by PAM, but (even if not
+      recommended) you can select a different encryption method with the
+      <option>-e</option>, <option>-m</option>, or <option>-c</option>
+      options.
+    </para>
+    <para>
+      <phrase condition="pam">Except when PAM is used to encrypt the
+      passwords,</phrase> <command>chpasswd</command> first updates all the
+      passwords in memory, and then commits all the changes to disk if no
+      errors occurred for any user.
+    </para>
+    <para condition="pam">
+      When PAM is used to encrypt the passwords (and update the passwords in
+      the system database) then if a password cannot be updated
+      <command>chpasswd</command> continues updating the passwords of the
+      next users, and will return an error code on exit.
+    </para>
+    <para>
+      This command is intended to be used in a large system environment
+      where many accounts are created at a single time.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>chpasswd</command> command
+      are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-c</option>, <option>--crypt-method</option>&nbsp;<replaceable>METHOD</replaceable>
+	</term>
+	<listitem>
+	  <para>Use the specified method to encrypt the passwords.</para>
+	  <para condition="no_sha_crypt">
+	    The available methods are DES, MD5, and NONE.
+	  </para>
+	  <para condition="sha_crypt">
+	    The available methods are DES, MD5, NONE, and SHA256 or SHA512
+	    if your libc support these methods.
+	  </para>
+	  <para condition="pam">
+	    By default, PAM is used to encrypt the passwords.
+	  </para>
+	  <para condition="no_pam">
+	    By default (if none of the <option>-c</option>,
+	    <option>-m</option>, or <option>-e</option> options are
+	    specified), the encryption method is defined by the 
+	    <option>ENCRYPT_METHOD</option> or
+	    <option>MD5_CRYPT_ENAB</option> variables of
+	    <filename>/etc/login.defs</filename>.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-e</option>, <option>--encrypted</option></term>
+	<listitem>
+	  <para>Supplied passwords are in encrypted form.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term><option>-m</option>, <option>--md5</option></term>
+	<listitem>
+	  <para>
+	    Use MD5 encryption instead of DES when the supplied passwords are
+	    not encrypted.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="sha_crypt">
+	<term>
+	  <option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Use the specified number of rounds to encrypt the passwords.
+	  </para>
+	  <para>
+	    The value 0 means that the system will choose the default
+	    number of rounds for the crypt method (5000).
+	  </para>
+	  <para>
+	    A minimal value of 1000 and a maximal value of 999,999,999
+	    will be enforced.
+	  </para>
+	  <para>
+	    You can only use this option with the SHA256 or SHA512
+	    crypt method.
+	  </para>
+	  <para>
+	    By default, the number of rounds is defined by the
+	    <option>SHA_CRYPT_MIN_ROUNDS</option> and
+	    <option>SHA_CRYPT_MAX_ROUNDS</option> variables in
+	    <filename>/etc/login.defs</filename>.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='caveats'>
+    <title>CAVEATS</title>
+    <para>
+      Remember to set permissions or umask to prevent readability of
+      unencrypted files by other users.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist condition="no_pam">
+      &ENCRYPT_METHOD;
+      &MD5_CRYPT_ENAB;
+    </variablelist>
+    <variablelist>
+      &SHA_CRYPT_MIN_ROUNDS; <!--documents also SHA_CRYPT_MAX_ROUNDS-->
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/login.defs</filename></term>
+	<listitem>
+	  <para>Shadow password suite configuration.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="pam">
+	<term><filename>/etc/pam.d/chpasswd</filename></term>
+	<listitem>
+	  <para>PAM configuration for <command>chpasswd</command>.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <phrase>
+	<citerefentry>
+	  <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+	</citerefentry>,
+      </phrase>
+      <citerefentry>
+	<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/chsh.1.xml b/man/chsh.1.xml
new file mode 100644
index 0000000..2c853be
--- /dev/null
+++ b/man/chsh.1.xml
@@ -0,0 +1,204 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1990       , Julianne Frances Haugh
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY CHSH_AUTH             SYSTEM "login.defs.d/CHSH_AUTH.xml">
+<!ENTITY LOGIN_STRING          SYSTEM "login.defs.d/LOGIN_STRING.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='chsh.1'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1990</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>chsh</refentrytitle>
+    <manvolnum>1</manvolnum>
+    <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>chsh</refname>
+    <refpurpose>change login shell</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>chsh</command>
+      <arg choice='opt'>
+	<replaceable>options</replaceable>
+      </arg>
+      <arg choice='opt'>
+        <replaceable>LOGIN</replaceable>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>chsh</command> command changes the user login shell.
+      This determines the name of the user's initial login command. A normal
+      user may only change the login shell for her own account; the
+      superuser may change the login shell for any account.
+    </para>
+
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>chsh</command> command are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</replaceable>
+	</term>
+        <listitem>                                                                                                                   
+	  <para>
+	    The name of the user's new login shell. Setting this field to
+	    blank causes the system to select the default login shell.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+    <para>
+      If the <option>-s</option> option is not selected,
+      <command>chsh</command> operates in an interactive fashion, prompting
+      the user with the current login shell. Enter the new value to change
+      the shell, or leave the line blank to use the current one. The current
+      shell is displayed between a pair of <emphasis>[ ]</emphasis> marks.
+    </para>
+  </refsect1>
+
+  <refsect1 id='note'>
+    <title>NOTE</title>
+    <para>
+      The only restriction placed on the login shell is that the command
+      name must be listed in <filename>/etc/shells</filename>, unless the
+      invoker is the superuser, and then any value may be added. An
+      account with a restricted login shell may not change her login shell.
+      For this reason, placing <filename>/bin/rsh</filename> in
+      <filename>/etc/shells</filename> is discouraged since accidentally
+      changing to a restricted shell would prevent the user from ever
+      changing her login shell back to its original value.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration' condition="no_pam">
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &CHSH_AUTH;
+      &LOGIN_STRING;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shells</filename></term>
+	<listitem>
+	  <para>List of valid login shells.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/login.defs</filename></term>
+	<listitem>
+	  <para>Shadow password suite configuration.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/config.xml.in b/man/config.xml.in
new file mode 100644
index 0000000..2dbad9f
--- /dev/null
+++ b/man/config.xml.in
@@ -0,0 +1,2 @@
+<!ENTITY GROUP_NAME_MAX_LENGTH '@GROUP_NAME_MAX_LENGTH@'>
+<!ENTITY SHADOW_UTILS_VERSION '@VERSION@'>
diff --git a/man/cs/Makefile.am b/man/cs/Makefile.am
new file mode 100644
index 0000000..3b2be0c
--- /dev/null
+++ b/man/cs/Makefile.am
@@ -0,0 +1,26 @@
+
+mandir = @mandir@/cs
+
+man_MANS = \
+	man1/expiry.1 \
+	man5/faillog.5 \
+	man8/faillog.8 \
+	man1/gpasswd.1 \
+	man8/groupadd.8 \
+	man8/groupdel.8 \
+	man8/groupmod.8 \
+	man1/groups.1 \
+	man8/grpck.8 \
+	man5/gshadow.5 \
+	man8/lastlog.8 \
+	man8/nologin.8 \
+	man5/passwd.5 \
+	man5/shadow.5 \
+	man1/su.1 \
+	man8/vipw.8
+
+EXTRA_DIST = $(man_MANS) \
+	man1/id.1 \
+	man8/groupmems.8 \
+	man8/logoutd.8
+
diff --git a/man/cs/man1/expiry.1 b/man/cs/man1/expiry.1
new file mode 100644
index 0000000..99a0b4e
--- /dev/null
+++ b/man/cs/man1/expiry.1
@@ -0,0 +1,25 @@
+.TH "EXPIRY" "1" "11/05/2005" "User Commands" "User Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+expiry \- zkontroluje a vynutí politiku vypršení platnosti hesla
+.SH "POUŽIT�"
+.HP 7
+\fBexpiry\fR [\-c] [\-f]
+.SH "POPIS"
+.PP
+\fBexpiry\fR
+zkontroluje (\fB\-c\fR) vypršení platnosti aktuálního hesla a případně vynutí (\fB\-f\fR) změnu. Příkaz lze spustit jako běžný uživatel.
+.SH "SOUBORY"
+.TP
+\fI/etc/passwd\fR
+informace o uživatelských ú�tech
+.TP
+\fI/etc/shadow\fR
+důvěrné informace o uživatelských ú�tech
+.SH "VIZ TAKÉ"
+.PP
+\fBpasswd\fR(5),
+\fBshadow\fR(5).
diff --git a/man/cs/man1/gpasswd.1 b/man/cs/man1/gpasswd.1
new file mode 100644
index 0000000..32e4288
--- /dev/null
+++ b/man/cs/man1/gpasswd.1
@@ -0,0 +1,76 @@
+.TH "GPASSWD" "1" "11/05/2005" "User Commands" "User Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+gpasswd \- spravuje soubor /etc/group
+.SH "POUŽIT�"
+.HP 8
+\fBgpasswd\fR \fIskupina\fR
+.HP 8
+\fBgpasswd\fR \-a\ \fIuživatel\fR \fIskupina\fR
+.HP 8
+\fBgpasswd\fR \-d\ \fIuživatel\fR \fIskupina\fR
+.HP 8
+\fBgpasswd\fR \-R\ \fIskupina\fR
+.HP 8
+\fBgpasswd\fR \-r\ \fIskupina\fR
+.HP 8
+\fBgpasswd\fR [\-A\ \fIuživatel,\fR...] [\-M\ \fIuživatel,\fR...] \fIskupina\fR
+.SH "POPIS"
+.PP
+\fBgpasswd\fR
+se používá pro správu souboru
+\fI/etc/group\fR
+(a pokud je zkompilován s podporou SHADOWGRP, tak i
+\fI/etc/gshadow\fR).
+Každá skupina může mít správce, �leny a heslo. Systémový správce může
+volbou
+\fB\-A\fR
+definovat správce skupiny, volbou
+\fB\-M\fR
+�leny skupiny a má všechna práva skupinových správců a �lenů.
+.SS "Poznámka o skupinových heslech"
+.PP
+Skupinová hesla jsou samozřejmě bezpe�nostním problémem, jelikož je
+heslo sdíleno více uživateli. Skupiny jsou nicméně užite�ným nástrojem
+pro spolupráci mezi různými uživateli.
+.SH "VOLBY"
+.PP
+Správce skupiny může přidávat resp. mazat uživatele pomocí
+\fB\-a\fR
+resp.
+\fB\-d\fR.
+Správcové mohou odstranit skupinové heslo pomocí přepína�e
+\fB\-r\fR.
+Pokud není heslo nastaveno, mohou použít příkaz
+\fBnewgrp\fR
+pro zapojení do skupiny pouze �lenové skupiny. Volba
+\fB\-R\fR
+zakáže přístup do skupiny skrze příkaz
+\fBnewgrp\fR
+(�lenové skupiny se do ní budou moci stále přepnout).
+.PP
+Pokud je
+\fBgpasswd\fR
+spušten správcem skupiny a jediným parametrem je jméno skupiny, zeptá
+se na skupinové heslo. Pokud je heslo nastaveno, mohou �lenové používat
+\fBnewgrp\fR(1)
+stále bez hesla, ne�lenové musí heslo zadat.
+.SH "SOUBORY"
+.TP
+\fI/etc/group\fR
+informace o skupinových ú�tech
+.TP
+\fI/etc/gshadow\fR
+citlivé informace o skupinových ú�tech
+.SH "VIZ TAKÉ"
+.PP
+\fBnewgrp\fR(1),
+\fBgshadow\fR(5),
+\fBgroupadd\fR(8),
+\fBgroupdel\fR(8),
+\fBgroupmod\fR(8),
+\fBgrpck\fR(8),
+\fBgroup\fR(5).
diff --git a/man/cs/man1/groups.1 b/man/cs/man1/groups.1
new file mode 100644
index 0000000..6deab53
--- /dev/null
+++ b/man/cs/man1/groups.1
@@ -0,0 +1,29 @@
+.TH GROUPS 1 "GNU Shell Utilities" "FSF" \" \-*\- nroff \-*\-
+.do hla cs
+.do hpf hyphen.cs
+.SH JMÉNO
+groups \- vypíše skupiny, jichž je uživatel �lenem
+.SH POUŽIT�
+\fBgroups\fR [\fIuživatel...\fR]
+.SH POPIS
+Tato dokumentace není dále udržována a může být nepřesná nebo neúplná.
+Autoritativním zdrojem je Texinfo dokumentace.
+.PP
+Tato manuálová stránka popisuje GNU verzi příkazu
+.BR groups .
+Příkaz
+.B groups
+vypíše jména všech skupin, v nichž je zadaný \fIuživatel\fR nebo aktuální proces,
+pokud uživatel není zadán, �lenem. Pokud jsou zadána jména uživatelů, potom bude
+jméno každého z uživatelů vypsáno před seznam skupin, jichž je �lenem.
+.PP
+Seznam skupin je ekvivalentní s výstupem příkazu `id \-Gn'.
+.SH VOLBY
+Když je GNU příkaz \fBgroups\fR vyvolán právě s jedním parametrem,
+jsou rozpoznávány následující volby:
+.TP
+.I "\-\-help"
+Vypíše návod k použití na standardní výstup a bezchybně skon�í.
+.TP
+.I "\-\-version"
+Vypíše �íslo verze na standardní výstup a bezchybně skon�í.
diff --git a/man/cs/man1/id.1 b/man/cs/man1/id.1
new file mode 100644
index 0000000..9eafaf1
--- /dev/null
+++ b/man/cs/man1/id.1
@@ -0,0 +1,62 @@
+.TH ID 1 "GNU Shell Utilities" "FSF" \" \-*\- nroff \-*\-
+.do hla cs
+.do hpf hyphen.cs
+.SH JMÉNO
+id \- vypíše reálný a efektivní UID a GID
+.SH POUŽIT�
+.B id
+[\-gnruG] [\-\-group] [\-\-name] [\-\-real] [\-\-user] [\-\-groups]
+[\-\-help] [\-\-version] [uživatel]
+.SH POPIS
+Tato dokumentace není dále udržována a může být nepřesná nebo neúplná.
+Autoritativním zdrojem je Texinfo dokumentace.
+.PP
+Tato manuálová stránka popisuje GNU verzi příkazu
+.BR id .
+Příkaz
+.B id
+vypíše informace o zadaném uživateli nebo (pokud není jméno uživatele
+zadáno) o uživateli, který program
+.B id
+spustil. Implicitně vypisuje reálné user ID, reálné group ID,
+efektivní user ID, pokud se liší od reálného user ID, efektivní
+group ID, pokud se liší od reálného group ID, a group ID skupin,
+v nichž je uživatel �lenem. Před každou z hodnot je vypsán řetězec
+ur�ující o jakou hodnotu se jedná a za každou jsou odpovídající
+jména skupin a uživatelů v závorkách.
+.PP
+Volby způsobí, že program
+.B id
+vypisuje pouze některé z těchto informací.
+.SS VOLBY
+.TP
+.I "\-g, \-\-group"
+Vypíše pouze group ID.
+.TP
+.I "\-G, \-\-groups"
+Vypíše pouze skupiny, v nichž je uživatel �lenem.
+.TP
+.I "\-\-help"
+Vypíše návod k použití na standardní výstup a bezchybně skon�í.
+.TP
+.I "\-n, \-\-name"
+Vypíše jméno uživatele nebo skupiny místo �ísla ID.
+Vyžaduje
+.IR \-u ,
+.IR \-g ,
+nebo
+.IR \-G .
+.TP
+.I "\-r, \-\-real"
+Vypíše reálné místo efektivních user a group ID.
+Vyžaduje
+.IR \-u ,
+.IR \-g ,
+nebo
+.IR \-G .
+.TP
+.I "\-u, \-\-user"
+Vypíše pouze user ID.
+.TP
+.I "\-\-version"
+Vypíše �íslo verze na standardní výstup a bezchybně skon�í.
diff --git a/man/cs/man1/su.1 b/man/cs/man1/su.1
new file mode 100644
index 0000000..e8a6842
--- /dev/null
+++ b/man/cs/man1/su.1
@@ -0,0 +1,111 @@
+.TH SU 1 "GNU Shell Utilities" "FSF" \" \-*\- nroff \-*\-
+.do hla cs
+.do hpf hyphen.cs
+.SH JMÉNO
+su \- spustí shell pod jiným uživatelským a skupinovým ID
+.SH POUŽIT�
+.B su
+[\-flmp] [\-c příkaz] [\-s shell] [\-\-login] [\-\-fast]
+[\-\-preserve\-environment] [\-\-command=příkaz] [\-\-shell=shell] [\-]
+[\-\-help] [\-\-version] [uživatel [arg...]]
+.SH POPIS
+Tato dokumentace není dále udržována a může být nepřesná nebo neúplná.
+Autoritativním zdrojem je Texinfo dokumentace.
+.PP
+Tato manuálová stránka popisuje GNU verzi příkazu
+.BR su .
+Příkaz
+.B su
+umožňuje, aby se uživatel do�asně stal jiným uživatelem. Spustí
+shell s reálným a efektivním user ID, group ID, i skupinami, jichž
+je zadaný
+.I uživatel
+�lenem. Pokud není zadán
+.IR uživatel ,
+dosadí se root, superuživatel. Jméno shellu je převzato ze souboru
+/etc/passwd. Pokud v /etc/passwd jméno shellu není, použije se
+/bin/sh. Pokud má uživatelský ú�et heslo, a příkaz
+.B su
+není spuštěn pod reálným user ID 0 (tj. superuživatelem), bude
+požadovat zadání hesla.
+.PP
+Příkaz
+.B su
+implicitně nemění aktuální adresář. Nastavuje proměnné prostředí
+`HOME' a `SHELL' podle údajů z /etc/passwd a pokud zadaný
+.I uživatel
+není superuživatelem, nastaví proměnné `USER' a `LOGNAME' na
+.IR uživatel .
+Implicitně není spuštěný shell login shellem.
+.PP
+Jsou\-li zadány další argumenty, budou předány jako argumenty shellu.
+.PP
+Příkaz
+.B su
+nezpracovává speciálně /bin/sh nebo ostatní shelly (nastavením
+argv[0] na "\-su", předáním volby `\-c' pouze jistým shellům, atd.).
+.PP
+Na systémech se syslog démonem může být příkaz
+.B su
+přeložen tak, aby zaznamenával pomocí syslogu neúspěšná
+a volitelně i úspěšná vyvolání příkazu
+.BR su .
+.SS VOLBY
+.TP
+.I "\-c příkaz, \-\-command=příkaz"
+Místo odstartování interaktivního shellu předá
+.I příkaz
+s volbou
+.I \-c
+jako jediný příkazový řádek shellu.
+.TP
+.I "\-f, \-\-fast"
+Předá shellu volbu
+.IR \-f .
+Tuto volbu je pravděpodobně vhodné používat pouze pro shelly
+.B csh
+a
+.BR tcsh ,
+u nichž zabrání provedení startovacího souboru (.cshrc).
+U shellů vycházejících z Bourne shellu volba
+.I \-f
+zakazuje expanzi žolíkových znaků, což obecně není žádoucí.
+.TP
+.I "\-\-help"
+Vypíše návod k použití na standardní výstup a bezchybně skon�í.
+.TP
+.I "\-, \-l, \-\-login"
+Spustí shell jako login shell. To znamená, že nebude nastaven obsah
+žádných proměnných prostředí kromě `TERM', `HOME', a `SHELL' (které
+budou nastaveny, jak je popsáno výše), `USER' a `LOGNAME' (které
+budou nastaveny i pro superuživatele jak je popsáno výše). Proměnná
+prostředí `PATH' bude nastavena na hodnotu definovanou při překladu.
+Aktuální adresář bude nastaven na domovský adresář; před jméno
+shellu bude předřazen znak "\-", který způsobí, že bude zpracován
+startovací soubor nebo soubory.
+.TP
+.I "\-m, \-p, \-\-preserve\-environment"
+Nebude měnit proměnné prostředí `HOME', `USER', `LOGNAME' ani
+`SHELL'. Je chybou, pokud uživatel, který spustil příkaz
+.B su
+není superuživatel a přitom má nový uživatel omezený shell. Jinak
+se spustí místo uživatelova shellu z /etc/passwd shell zadaný
+v proměnné prostředí `SHELL'. Omezený shell je takový, který
+není uveden v souboru /etc/shells, nebo v zakompilován seznamu
+souborů, pokud /etc/shells neexistuje. Chování příkazu
+.B su
+s touto volbou lze změnit volbami
+.I \-\-login
+a
+.I \-\-shell
+(má přednost před hodnotou proměnné prostředí SHELL).
+.TP
+.I "\-s, \-\-shell shell"
+Spustí zadaný shell místo uživatelova shellu z /etc/passwd.
+Je chybou, pokud uživatel, který spustil
+.B su
+není superuživatel a přitom shell nového uživatele uvedený
+v /etc/passwd je omezený.
+.TP
+.I "\-\-version"
+Vypíše �íslo verze na standardní výstup a bezchybně skon�í.
diff --git a/man/cs/man5/faillog.5 b/man/cs/man5/faillog.5
new file mode 100644
index 0000000..99036ff
--- /dev/null
+++ b/man/cs/man5/faillog.5
@@ -0,0 +1,35 @@
+.TH "FAILLOG" "5" "11/05/2005" "" ""
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+faillog \- Soubor pro zaznamenávání chybných pokusů o přihlášení
+.SH "POPIS"
+.PP
+\fI/var/log/faillog\fR
+uchovává pro každý ú�et po�et chybných přihlášení a jejich
+limity. Záznamy v souboru mají pevnou délku a jsou indexovány
+�íselným UID. Každý záznam obsahuje po�et chybných pokusů o
+přihlášení od posledního úspěšného přihlášení, maximální po�et
+chybných pokusů o přihlášení před zablokováním ú�tu, linku, na které
+byl zaznamenán poslední chybný pokus o přihlášení, a datum,
+kdy byl zaznamenán poslední chybný pokus o přihlášení.
+.PP
+Struktura souboru vypadá následovně:
+.sp
+.nf
+struct	faillog {
+	short   fail_cnt;
+	short   fail_max;
+	char    fail_line[12];
+	time_t  fail_time;
+};
+.fi
+.SH "SOUBORY"
+.TP
+\fI/var/log/faillog\fR
+soubor pro záznam chybných pokusů o přihlášení
+.SH "VIZ TAKÉ"
+.PP
+\fBfaillog\fR(8)
diff --git a/man/cs/man5/gshadow.5 b/man/cs/man5/gshadow.5
new file mode 100644
index 0000000..ad8750d
--- /dev/null
+++ b/man/cs/man5/gshadow.5
@@ -0,0 +1,52 @@
+.TH "GSHADOW" "5" "11/05/2005" "File Formats and Conversions" "File Formats and Conversions"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+gshadow \- stínový soubor se skupinami
+.SH "POPIS"
+.PP
+\fI/etc/gshadow\fR
+Obsahuje stínové informace ke skupinovým ú�tům. Obsahuje řádky
+s pevnou strukturou, kde jsou jednotlivá pole oddělená dvojte�kami:
+.TP 3
+\(bu
+název skupiny
+.TP
+\(bu
+zašifrované heslo
+.TP
+\(bu
+�árkami oddělený seznam administrátorů skupiny
+.TP
+\(bu
+�árkami oddělený seznam �lenů skupiny
+.PP
+Pole pro název skupiny a heslo musí být vyplněná. Zašifrované heslo se
+skládá ze znaků 64 znakové abecedy (a-z, A-Z, 0-9, \\ a /).
+Podrobnosti o hesle naleznete v
+\fBcrypt\fR(3).
+Pokud pole s heslem obsahuje znak, který není platným výsledkem
+funkce
+\fBcrypt\fR(3), např. ! nebo *, uživatel se nebude moci pomocí tohoto
+hesla přihlásit, ale záleží také na systému
+\fBpam\fR(7).
+.PP
+Heslo v tomto souboru má přednost před heslem ze souboru
+\fI/etc/group\fR.
+.PP
+Má-li být zachována bezpe�nost hesel, nesmí být tento soubor �itelný
+pro běžné uživatele.
+.SH "SOUBORY"
+.TP
+\fI/etc/group\fR
+informace o skupinových ú�tech
+.TP
+\fI/etc/gshadow\fR
+citlivé informace o skupinových ú�tech
+.SH "VIZ TAKÉ"
+.PP
+\fBgroup\fR(5),
+\fBgpasswd\fR(5),
+\fBnewgrp\fR(5).
diff --git a/man/cs/man5/passwd.5 b/man/cs/man5/passwd.5
new file mode 100644
index 0000000..1b00228
--- /dev/null
+++ b/man/cs/man5/passwd.5
@@ -0,0 +1,57 @@
+.TH PASSWD 5 "19. března 1997" "Linux" "Linux \- příru�ka programátora"
+.do hla cs
+.do hpf hyphen.cs
+.SH JMÉNO
+passwd \- seznam hesel uživatelů
+.SH POPIS
+.B Passwd
+je �itelný textový soubor, který obsahuje seznam uživatelů systému a hesel,
+která musejí použít pro přístup. Seznam hesel uživatelů by měl být s právy
+pro �tení pro každého, což v pořádku, protože jsou hesla zašifrována, ale 
+zápisová práva má jenom superuživatel. Jestliže vytvoříte nový login,
+nechejte pole pro heslo prázdné a použijte \fBpasswd\fP(1) pro doplnění.
+Hvězdi�ka nebo něco podobného v poli hesel zna�í, že tento uživatel se nemůže
+přihlásit přes \fBlogin\fP(1). Jestliže je váš kořenový adresář v 
+.IR /dev/ram,
+tak musíte uložit změněný soubor hesel do vašeho kořenového adresáře na
+disketě něž systém vypnete. Jestliže chcete
+vytvořit skupinu uživatelů, jejich GID musí být stejná a musí pro ni
+existovat záznam v souboru \fI/etc/group\fP, nebo skupina nebude existovat.
+.PP
+Každý řádek tvoří jeden záznam, který má následující formát:
+.sp
+.RS
+login_name:passwd:UID:GID:user_name:directory:shell
+.RE
+.sp
+Popis jednotlivých polí:
+.sp
+.RS
+.TP 1.0in
+.I login_name
+přihlašovací jméno uživatele systému
+.TP
+.I password
+zašifrované heslo uživatele
+.TP
+.I UID
+�íselná identifikace uživatele (user ID)
+.TP
+.I GID
+�íselná identifikace  skupiny  (group ID)
+.TP
+.I user_name
+(volitelné) poznámka (�asto celé jméno uživatele)
+.TP
+.I directory
+domovský adresář uživatele ($HOME)
+.TP
+.I shell
+program, který je spuštěn po úspěšném přihlášení (jestliže je prázdný,
+použije se
+.IR /bin/sh ).
+.RE
+.SH SOUBORY
+.I /etc/passwd
+.SH DALŠ� INFORMACE
+.BR passwd "(1), " login "(1), " group (5)
diff --git a/man/cs/man5/shadow.5 b/man/cs/man5/shadow.5
new file mode 100644
index 0000000..fdbe0a1
--- /dev/null
+++ b/man/cs/man5/shadow.5
@@ -0,0 +1,64 @@
+.TH SHADOW 5
+.do hla cs
+.do hpf hyphen.cs
+.SH JMÉNO
+shadow \- soubor se zašifrovanými hesly
+.SH POPIS
+.I shadow
+obsahuje informace o zašifrovaných heslech uživatelských ú�tů a
+volitelně může obsahovat informace o stárnutí hesel. Soubor obsahuje
+
+.IP "" .5i
+Přihlašovací jméno
+.IP "" .5i
+Zašifrované heslo
+.IP "" .5i
+Po�et dnů od 1. ledna 1970, kdy bylo heslo naposledy změněno
+.IP "" .5i
+Po�et dnů, po jejichž uplynutí může být heslo změněno
+.IP "" .5i
+Po�et dnů, po jejichž uplynutí musí být heslo změněno
+.IP "" .5i
+Po�et dnů před lhůtou, kdy je uživatel varován, že heslo vyprší
+.IP "" .5i
+Po�et dnů, po jejichž uplynutí po propadnutí hesla je zablokován ú�et.
+.IP "" .5i
+Po�et dnů od 1. ledna 1970, kdy byl ú�et zablokován
+.IP "" .5i
+Rezervované pole
+.PP
+Pole hesla musí být vyplněno. Zašifrované heslo se skládá ze 13 až 24
+znaků z 64 prvkové množiny znaků (a až z, A až Z, 0 až 9, \. a
+/). \fIcrypt(3)\fR obsahuje detailní informace o tom, jak
+interpretovat tento řetězec.
+.PP
+Datum poslední změny hesla je dáno po�tem dní od 1. ledna 1970. Heslo
+nesmí býti znovu změněno dokud řádně neuplyne specifikovaný po�et dní,
+a musí být změněno po uplynutí maximálního po�tu dní. Pokud je
+minimální po�et dnů platnosti hesla vyšší než maximální po�et
+povolených dní, heslo nemůže být změněno uživatelem.
+.PP
+Ú�et je považován za neaktivní a bude zablokován, jestliže heslo není
+změněno během ur�eného po�tu dní po vypršení platnosti hesla. Ú�et
+bude také zablokován v ur�ený den nezávisle na ostatních informacích o
+vypršení hesla.
+.PP
+Tyto informace o heslu a době jeho platnosti mají prioritu před
+informacemi uloženými v souboru \fB/etc/passwd\fR.
+.PP
+Tento soubor nesmí být �itelný řádnými uživateli, má\-li být
+ochrana hesel ú�inná.
+.SH SOUBORY
+\fI/etc/passwd\fR \- informace o uživatelských ú�tech
+.br
+\fI/etc/shadow\fR \- zašifrovaná hesla uživatelů
+.SH DALŠ� INFORMACE
+chage(1),
+login(1),
+passwd(1),
+su(1),
+sulogin(1M),
+shadow(3),
+passwd(5),
+pwconv(8),
+pwunconv(8)
diff --git a/man/cs/man8/faillog.8 b/man/cs/man8/faillog.8
new file mode 100644
index 0000000..e4dcae0
--- /dev/null
+++ b/man/cs/man8/faillog.8
@@ -0,0 +1,86 @@
+.TH "FAILLOG" "8" "11/05/2005" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+faillog \- zobrazí záznamy faillogu nebo nastaví limity na chybná přihlášení
+.SH "POUŽIT�"
+.HP 8
+\fBfaillog\fR [\fIvolby\fR]
+.SH "POPIS"
+.PP
+\fBfaillog\fR
+formátuje obsah souboru
+\fI/var/log/faillog\fR,
+ve kterém se zaznamenávají neúspěšné pokusy o přihlášení. Také jej
+můžete použít pro správu po�itadel neúspěšných přihlášení a pro
+nastavení limitů. Spuštení programu
+\fBfaillog\fR
+bez argumentů vypíše záznamy o neúspěšném přihlášení těch uživatelů,
+u kterých je zaznamenáno alespoň jedno chybné přihlášení.
+.SH "VOLBY"
+.PP
+Příkaz
+\fBfaillog\fR
+akceptuje následující volby:
+.TP
+\fB\-a\fR, \fB\-\-all\fR
+Zobrazí záznamy faillogu všech uživatelů.
+.TP
+\fB\-h\fR, \fB\-\-help\fR
+Zobrazí nápovědu a skon�í.
+.TP
+\fB\-l\fR, \fB\-\-lock\-time\fR \fISEK\fR
+Po neúspěšném přihlášení zamkne ú�et na
+\fISEK\fR
+sekund.
+.TP
+\fB\-m\fR, \fB\-\-maximum\fR \fIMAX\fR
+Nastaví maximální po�et chybných přihlášení na MAX. Poté se ú�et
+zablokuje. Hodnotou 0 tento limit zrušíte. Pro uživatele
+\fIroot\fR
+by hodnota
+\fIMAX\fR
+měla být vždy 0, abyste předešli útokům typu odepření služby.
+.TP
+\fB\-r\fR, \fB\-\-reset\fR
+Vynuluje po�itadla chybných přihlášení všech uživatelů. Při použití s
+parametrem \-u
+\fIÚČET\fR
+vynuluje po�itadlo pouze pro daný ú�et. Tato operace vyžaduje práva
+zápisu k souboru
+\fI/var/log/faillog\fR.
+.TP
+\fB\-t\fR, \fB\-\-time\fR \fIDNÅ®\fR
+Zobrazí záznamy faillogu novější než
+\fIDNÅ®\fR. Volba
+\fB\-t\fR
+má vyšší prioritu než
+\fB\-u\fR.
+.TP
+\fB\-u\fR, \fB\-\-user\fR \fIÚČET\fR
+Zobrazí záznamy faillogu (resp. s volbami
+\fB\-l\fR,
+\fB\-m\fR
+nebo
+\fB\-r\fR
+upraví po�itadla nebo limity chybných přihlášení) pouze pro uživatele
+\fIÚČET\fR.
+.SH "Z�LUDNOSTI"
+.PP
+\fBfaillog\fR
+vypíše pouze uživatele, bez úspěšného přihlášení od poslední
+chyby. Chcete-li vypsat i uživatele, kteří se od poslední chyby
+úspěšně přihlásili, musíte si je explicitně vyžádat volbou
+\fB\-u\fR
+nebo
+\fB\-a\fR.
+.SH "SOUBORY"
+.TP
+\fI/var/log/faillog\fR
+soubor pro záznam chybných pokusů o přihlášení
+.SH "VIZ TAKÉ"
+.PP
+\fBlogin\fR(1),
+\fBfaillog\fR(5).
diff --git a/man/cs/man8/groupadd.8 b/man/cs/man8/groupadd.8
new file mode 100644
index 0000000..c8e3977
--- /dev/null
+++ b/man/cs/man8/groupadd.8
@@ -0,0 +1,113 @@
+.TH "GROUPADD" "8" "01/02/2006" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+groupadd \- Vytvoří skupinu
+.SH "POUŽIT�"
+.HP 9
+\fBgroupadd\fR [\-g\ \fIGID\fR\ [\-o]] [\-f] [\-K\ \fIKL�Č\fR=\fIHODNOTA\fR] \fIskupina\fR
+.SH "POPIS"
+.PP
+Příkaz
+\fBgroupadd\fR
+vytváří nové skupinové ú�ty na základě zadaných hodnot a výchozích
+hodnot nastavených v systému. Nová skupina bude podle pořeby zařazena
+do příslušných systémových souborů.
+.SH "VOLBY"
+.PP
+Příkaz
+\fBgroupadd\fR
+akceptuje následující volby:
+.TP
+\fB\-f\fR
+Tato volba způsobí, že v případě kolize se stávající skupinou se vrátí
+úspěšný návratový kód. Při použití s volbou
+\fB\-g\fR, pokud již dané GID existuje, vybere se unikární GID
+automaticky, (tj. jako kdybyste
+\fB\-g\fR
+nezadali).
+.TP
+\fB\-g\fR \fIGID\fR
+Číselná hodnota skupinového ID. Tato hodnota musí být unikátní (s
+výjimkou volby
+\fB\-o\fR).
+Hodnota musí být nezáporné celé �íslo. Jako výchozí hodnota se použije
+nejmenší ID větší než 999 a zároveň větší než ID všech ostatních
+skupin. Hodnoty mezi 0 a 999 jsou obvykle rezervovány pro systémové ú�ty.
+.TP
+\fB\-h\fR, \fB\-\-help\fR
+Zobrazí nápovědu a skon�í.
+.TP
+\fB\-K \fR\fB\fIKL�Č\fR\fR\fB=\fR\fB\fIHODNOTA\fR\fR
+Přepíše výchozí nastavení /etc/login.defs (GID_MIN, GID_MAX
+apod.). Můžete zadat i více voleb najednou.
+.sp
+Příklad:
+\fB\-K \fR\fIGID_MIN\fR=\fI100\fR\fB \-K \fR\fIGID_MAX\fR=\fI499\fR
+.sp
+Poznámka:
+\fB\-K \fR\fIGID_MIN\fR=\fI10\fR,\fIGID_MAX\fR=\fI499\fR
+zatím nefunguje.
+.TP
+\fB\-o\fR
+Tato volba povolí přidání skupiny s neunikátním GID.
+.SH "SOUBORY"
+.TP
+\fI/etc/group\fR
+informace o skupinových ú�tech
+.TP
+\fI/etc/gshadow\fR
+citlivé informace o skupinových ú�tech
+.TP
+\fI/etc/login.defs\fR
+nastavení systému shadow
+.SH "Z�LUDNOSTI"
+.PP
+Názvy skupin musí za�ínat malým písmenem nebo podtržítkem a mohou
+obsahovat pouze malá písmena, �ísla, podtržítka, poml�ky a závěre�ný
+dolar. Vyjádřeno regulárním výrazem: [a\-z_][a\-z0\-9_\-]*[$]
+.PP
+Délka názvu skupiny nesmí překro�it 16 znaků.
+.PP
+Jestliže již název skupiny existuje v externí databázi typu NIS,
+příkaz
+\fBgroupadd\fR
+odmítne požadavek na vytvoření této skupiny.
+.SH "N�VRATOVÉ HODNOTY"
+.PP
+Příkaz
+\fBgroupadd\fR
+může skon�it s následujícími návratovými hodnotami:
+.TP
+\fI0\fR
+úspěch
+.TP
+\fI2\fR
+chybná syntaxe příkazu
+.TP
+\fI3\fR
+chybný argument parametru
+.TP
+\fI4\fR
+GID není unikátní (pokud nepoužijete
+\fB\-o\fR)
+.TP
+\fI9\fR
+název skupiny není unikátní
+.TP
+\fI10\fR
+nelze aktualizovat soubor group
+.SH "VIZ TAKÉ"
+.PP
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBgpasswd\fR(8),
+\fBgroupdel\fR(8),
+\fBgroupmod\fR(8),
+\fBlogin.defs\fR(5),
+\fBuseradd\fR(8),
+\fBuserdel\fR(8),
+\fBusermod\fR(8).
diff --git a/man/cs/man8/groupdel.8 b/man/cs/man8/groupdel.8
new file mode 100644
index 0000000..7991d9d
--- /dev/null
+++ b/man/cs/man8/groupdel.8
@@ -0,0 +1,60 @@
+.TH "GROUPDEL" "8" "11/05/2005" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+groupdel \- Smaže skupinu
+.SH "POUŽIT�"
+.HP 9
+\fBgroupdel\fR \fIskupina\fR
+.SH "POPIS"
+.PP
+Příkaz
+\fBgroupdel\fR
+upraví soubory se systémovými ú�ty tak, že smaže všechy záznamy, které
+se odkazují na
+\fIskupinu\fR. Daná skupina musí existovat.
+.PP
+Abyste zajistili, že na souborových systémech nezůstanou soubory
+vlastněné mazanou skupinou, musíte je sami vyhledat a příslušně
+opravit.
+.SH "Z�LUDNOSTI"
+.PP
+Nelze odstranit primární skupinu uživatele. Nejprve musíte odstranit
+uživatele a pak teprve danou skupinu.
+.SH "SOUBORY"
+.TP
+\fI/etc/group\fR
+informace o skupinových ú�tech
+.TP
+\fI/etc/gshadow\fR
+citlivé informace o skupinových ú�tech
+.SH "N�VRATOVÉ HODNOTY"
+.PP
+Příkaz
+\fBgroupdel\fR
+může skon�it s následujícími návratovými hodnotami:
+.TP
+\fI0\fR
+úspěch
+.TP
+\fI2\fR
+chybná syntaxe příkazu
+.TP
+\fI8\fR
+nelze odstranit primární skupinu uživatele
+.TP
+\fI10\fR
+nelze aktualizovat soubor group
+.SH "VIZ TAKÉ"
+.PP
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBgpasswd\fR(8),
+\fBgroupadd\fR(8),
+\fBgroupmod\fR(8),
+\fBuseradd\fR(8),
+\fBuserdel\fR(8),
+\fBusermod\fR(8)
diff --git a/man/cs/man8/groupmems.8 b/man/cs/man8/groupmems.8
new file mode 100644
index 0000000..729fce4
--- /dev/null
+++ b/man/cs/man8/groupmems.8
@@ -0,0 +1,85 @@
+.TH "GROUPMEMS" "8" "10/20/2005" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+groupmems \- Spravuje �leny uživatelovy primární skupiny
+.SH "POUŽIT�"
+.HP 10
+\fBgroupmems\fR \-a\ \fIuživatel\fR \-d\ \fIuživatel\fR \-l \-D [\-g\ \fIskupina\fR]
+.SH "POPIS"
+.PP
+Nástroj
+\fBgroupmems\fR
+umožňuje uživatelům spravovat �lenství ve své primární skupině, aniž
+by museli mít superuživatelská práva. Nástroj
+\fBgroupmems\fR
+je zamýšlen pro systémy, které pro každého uživatele vytváří vlastní
+primární skupinu (tj. novak / novak).
+.PP
+Pouze superuživatel (root) může použít
+\fBgroupmems\fR
+ke změně �lenství v ostatních skupinách.
+.SH "VOLBY"
+.PP
+Příkaz
+\fBgroupmems\fR
+akceptuje následující volby:
+.TP
+\fB\-a\fR \fIuživatel\fR
+Přidá do seznamu �lenů skupiny nového uživatele.
+.TP
+\fB\-d\fR \fIuživatel\fR
+Ze seznamu �lenů skupiny odebere daného uživatele.
+.TP
+\fB\-D\fR
+Ze seznamu �lenů skupiny odebere všechny uživatele.
+.TP
+\fB\-g\fR \fIskupina\fR
+Superuživatel může zadat skupinu, které se mají změny týkat.
+.TP
+\fB\-l\fR
+Vypíše seznam �lenů skupiny.
+.SH "NASTAVEN�"
+.PP
+Příkaz
+\fBgroupmems\fR
+by měl mít nastavena práva
+2770
+a měl by jej vlastnit uživatel
+\fIroot\fR
+a skupina
+\fIgroups\fR. Správce systému může uživatelům povolit
+používání nástroje
+\fBgroupmems\fR
+tím, že přidá uživatele do skupiny groups. Uživatelé si pak mohou sami
+spravovat �lenství ve skupinách.
+.sp
+.nf
+	$ groupadd \-r groups
+	$ chmod 2770 groupmems
+	$ chown root.groups groupmems
+	$ groupmems \-g groups \-a gk4
+
+.fi
+.SH "SOUBORY"
+.TP
+\fI/etc/group\fR
+informace o skupinových ú�tech
+.TP
+\fI/etc/gshadow\fR
+citlivé informace o skupinových ú�tech
+.SH "VIZ TAKÉ"
+.PP
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBgroupadd\fR(8),
+\fBgroupdel\fR(8),
+\fBuseradd\fR(8),
+\fBuserdel\fR(8),
+\fBusermod\fR(8).
+.SH "AUTOR"
+.PP
+George Kraft IV (gk4@us.ibm.com)
diff --git a/man/cs/man8/groupmod.8 b/man/cs/man8/groupmod.8
new file mode 100644
index 0000000..9338994
--- /dev/null
+++ b/man/cs/man8/groupmod.8
@@ -0,0 +1,79 @@
+.TH "GROUPMOD" "8" "11/05/2005" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+groupmod \- upraví skupinu
+.SH "POUŽIT�"
+.HP 9
+\fBgroupmod\fR [\-g\ \fIgid\fR\ [\-o\ ]] [\-n\ \fInové_jméno_skupiny\fR] \fIskupina\fR
+.SH "POPIS"
+.PP
+Příkaz
+\fBgroupmod\fR
+upravuje soubory se systémovými ú�ty tak, aby odpovídaly změnám
+zadaným na příkazové řádce.
+.SH "VOLBY"
+.PP
+Příkaz
+\fBgroupmod\fR
+akceptuje následující volby:
+.TP
+\fB\-g\fR \fIgid\fR
+Číselná hodnota skupinového ID. Tato hodnota musí být unikátní (s
+výjimkou volby
+\fB\-o\fR.
+Hodnota musí být nezáporné celé �íslo. Hodnoty mezi 0 a 999 jsou
+obvykle rezervovány pro systémové ú�ty. U souborů, které měly skupinu
+nastavenu na staré GID, ji musíte přenastavit na nové GID ru�ně.
+.TP
+\fB\-n\fR \fInové_jméno_skupiny\fR
+Jméno skupiny se změní ze
+\fIskupina\fR
+na
+\fInové_jméno_skupiny\fR.
+.SH "SOUBORY"
+.TP
+\fI/etc/group\fR
+informace o skupinových ú�tech
+.TP
+\fI/etc/gshadow\fR
+citlivé informace o skupinových ú�tech
+.SH "N�VRATOVÉ HODNOTY"
+.PP
+Příkaz
+\fBgroupmod\fR
+může skon�it s následujícími návratovými hodnotami:
+.TP
+\fI0\fR
+úspěch
+.TP
+\fI2\fR
+chybná syntaxe příkazu
+.TP
+\fI3\fR
+chybný argument parametru
+.TP
+\fI4\fR
+zadaná skupina neexistuje
+.TP
+\fI6\fR
+zadaná skupina neexistuje
+.TP
+\fI9\fR
+skupina je již používána
+.TP
+\fI10\fR
+nelze aktualizovat soubor group
+.SH "VIZ TAKÉ"
+.PP
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBgpasswd\fR(8),
+\fBgroupadd\fR(8),
+\fBgroupdel\fR(8),
+\fBuseradd\fR(8),
+\fBuserdel\fR(8),
+\fBusermod\fR(8).
diff --git a/man/cs/man8/grpck.8 b/man/cs/man8/grpck.8
new file mode 100644
index 0000000..07e67d7
--- /dev/null
+++ b/man/cs/man8/grpck.8
@@ -0,0 +1,111 @@
+.TH "GRPCK" "8" "11/05/2005" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+grpck \- ověří integritu skupinových souborů
+.SH "POUŽIT�"
+.HP 6
+\fBgrpck\fR [\-r] [\fIgroup\fR\ \fIshadow\fR]
+.SH "POPIS"
+.PP
+\fBgrpck\fR
+ověří integritu informací používaných při autentizaci vů�i
+systému. Kontrolují se všechny záznamy v souborech
+\fI/etc/group\fR
+a
+\fI/etc/gshadow\fR,
+zda mají správný formát a zda jsou ve všech polích jen povolená
+data. Při nalezení chybně formátovaných a jinak neopravitelných
+záznamů je uživatel vybídnut, aby tyto záznamy smazal.
+.PP
+U každého záznamu se kontroluje, zda:
+.TP 3
+\(bu
+má správný po�et polí
+.TP
+\(bu
+má unikátní název skupiny
+.TP
+\(bu
+obsahuje platný seznam �lenů a administrátorů
+.PP
+Kontroly na správný po�et polí a unikátnost názvu skupiny jsou
+kritické. Pokud má záznam chybný po�et polí, je uživatel vybídnut, aby
+záznam smazal. Nebude-li uživatel souhlasit, jsou všechny další
+kontroly přesko�eny. U záznamu s duplicitním názvem skupiny je
+uživatel taktéž vybídnut ke smazání záznamu, ovšem následné kontroly
+nejsou přesko�eny. Všechny ostatní chyby jsou považovány pouze za
+varování a uživatel je vyzván k nápravě chyby pomocí příkazu
+\fBgroupmod\fR.
+.PP
+Příkazy pracující se souborem
+\fI/etc/group\fR
+nemohou měnit porušené nebo duplicitní záznamy. V takových případech
+byste měli použít
+\fBgrpck\fR
+a chybné záznamy odstranit.
+.SH "VOLBY"
+.PP
+\fBgrpck\fR
+implicitnÄ› pracuje nad soubory
+\fI/etc/group\fR
+a
+\fI/etc/gshadow\fR. Uživatel může zvolit jiné soubory pomocí parametrů
+\fIgroup\fR
+a
+\fIshadow\fR.
+Uživatel dále může parametrem
+\fB\-r\fR
+zapnout režim jen pro �tení. Prakticky to znamená, že na všechny
+otázky ohledně změn se automaticky odpoví
+\fIne\fR.
+\fBgrpck\fR
+také umí setřítit záznamy v souborech
+\fI/etc/group\fR
+a
+\fI/etc/gshadow\fR
+podle GID. Pro třídící režim zadejte parametr
+\fB\-s\fR.
+V takovém případě se neprovádí žádné kontroly, soubory se pouze
+setřídí.
+.SH "SOUBORY"
+.TP
+\fI/etc/group\fR
+informace o skupinových ú�tech
+.TP
+\fI/etc/gshadow\fR
+citlivé informace o skupinových ú�tech
+.TP
+\fI/etc/passwd\fR
+informace o uživatelských ú�tech
+.SH "N�VRATOVÉ HODNOTY"
+.PP
+Příkaz
+\fBgrpck\fR
+může skon�it s následujícími návratovými hodnotami:
+.TP
+\fI0\fR
+úspěch
+.TP
+\fI1\fR
+chybná syntaxe příkazu
+.TP
+\fI2\fR
+jeden �i více chybných záznamů
+.TP
+\fI3\fR
+nelze otevřít soubory skupin
+.TP
+\fI4\fR
+nelze zamknout soubory skupin
+.TP
+\fI5\fR
+nelze aktualizovat soubory skupin
+.SH "VIZ TAKÉ"
+.PP
+\fBgroup\fR(5),
+\fBpasswd\fR(5),
+\fBshadow\fR(5),
+\fBgroupmod\fR(8).
diff --git a/man/cs/man8/lastlog.8 b/man/cs/man8/lastlog.8
new file mode 100644
index 0000000..67682ec
--- /dev/null
+++ b/man/cs/man8/lastlog.8
@@ -0,0 +1,40 @@
+.\"	@(#)lastlog.8	3.3	08:24:58	29 Sep 1993 (National Guard Release)
+.\"	$Id$
+.\"
+.TH LASTLOG 8
+.SH JMÉNO
+lastlog \- prozkoumá soubor lastlog
+.SH SYNTAXE
+.B lastlog
+.RB [ \-u
+.IR přihlašovací\-jméno ]
+.RB [ \-t
+.IR dny ]
+.SH POPIS
+\fBlastlog\fR setřídí a zobrazí obsah souboru
+\fI/var/log/lastlog\fR,
+který obsahuje záznamy o přihlašování a odhlašování uživatelů v systému.
+Zobrazí se \fBpřihlašovací jméno\fR, \fBjméno terminálu\fR a \fB�as posledního
+přihlašení\fR.
+Standardně (tj. bez dalších voleb) lastlog zobrazí záznamy setříděné
+podle �ísla UID.
+Použití přepína�e \fB\-u \fIpřihlašovací\-jméno\fR
+způsobí, že bude vytištěn pouze poslední záznam o přihlášení příslušného uživatele.
+Zadáním \fB\-t \fIdny\fR se zobrazí pouze
+ta přihlášení, které jsou dřívější než zadané \fIdny\fR.
+Parametr \fB\-t\fR překryje případný parametr \fB\-u\fR.
+.PP
+Pokud se uživatel ještě nikdy nepřihlásil, zobrazí se zpráva \fB"**Never logged in**"\fR (Nikdy nepřihlášen)
+místo jména terminálu a �asu.
+.SH SOUBORY
+/var/log/lastlog \- soubor se záznamy o přihlášení a odhlášení
+.SH N�MITKY
+Velké rozdíly v UID �íslech jsou způsobeny tím, že lastlog program běžel dlouho bez
+výstupu na obrazovku (např. mmdf=800 a poslední uid=170, program se bude
+jevit jako s uid 171\-799).
+.SH AUTOŘI
+Julianne Frances Haugh (jfh@austin.ibm.com)
+.br
+Phillip Street
+.SH PŘELOŽIL
+Ondřej Pavlí�ek (mox@post.cz).
diff --git a/man/cs/man8/logoutd.8 b/man/cs/man8/logoutd.8
new file mode 100644
index 0000000..ed264c4
--- /dev/null
+++ b/man/cs/man8/logoutd.8
@@ -0,0 +1,30 @@
+.TH "LOGOUTD" "8" "11/05/2005" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+logoutd \- Omezuje �as přihlášení
+.SH "POUŽIT�"
+.HP 8
+\fBlogoutd\fR
+.SH "POPIS"
+.PP
+\fBlogoutd\fR
+omezí �as přihlášení a seznam povolených portů podle pravidel zadaných v
+\fI/etc/porttime\fR.
+\fBlogoutd\fR
+by se měl spouštět z
+\fI/etc/rc\fR. Program pak pravidelnÄ› kontroluje soubor
+\fI/var/run/utmp\fR
+a zkoumá, zda má daný uživatel oprávnění být přihlášen na daném portu
+v daný �as. Všechna sezení, která porušují pravidla zadaná v
+\fI/etc/porttime\fR,
+jsou ukon�ena.
+.SH "SOUBORY"
+.TP
+\fI/etc/porttime\fR
+oprávnění k portům a přihlášení
+.TP
+\fI/var/run/utmp\fR
+seznam aktuálních sezení
diff --git a/man/cs/man8/nologin.8 b/man/cs/man8/nologin.8
new file mode 100644
index 0000000..92d6be8
--- /dev/null
+++ b/man/cs/man8/nologin.8
@@ -0,0 +1,28 @@
+.TH "NOLOGIN" "8" "01/07/2006" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+nologin \- slušně odmítne přihlášení
+.SH "PŘEHLED"
+.HP 8
+\fBnologin\fR
+.SH "POPIS"
+.PP
+\fBnologin\fR
+zobrazí oznámení, že ú�et není dostupný a skon�í s nenulovým
+návratovým kódem. Program je zamýšlen jako vhodná náhrada pole shell
+v souboru passwd pro zablokované ú�ty.
+.PP
+Pro zakázání všech přihlášení prozkoumejte
+\fBnologin\fR(5).
+.SH "VIZ TAKÉ"
+.PP
+\fBlogin\fR(1),
+\fBnologin\fR(5).
+.SH "HISTORIE"
+.PP
+Příkaz
+\fBnologin\fR
+se objevil v BSD 4.4.
diff --git a/man/cs/man8/vipw.8 b/man/cs/man8/vipw.8
new file mode 100644
index 0000000..fbef380
--- /dev/null
+++ b/man/cs/man8/vipw.8
@@ -0,0 +1,71 @@
+.TH "VIPW" "8" "12/07/2005" "System Management Commands" "System Management Commands"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "JMÉNO"
+vipw, vigr \- slouží k úpravě souborů password, group, shadow-password a shadow-group.
+.SH "POUŽIT�"
+.HP 5
+\fBvipw\fR [volby]
+.HP 5
+\fBvigr\fR [volby]
+.SH "POPIS"
+.PP
+\fBvipw\fR
+a
+\fBvigr\fR
+upravují soubory
+\fI/etc/passwd\fR
+a
+\fI/etc/group\fR. S přepína�em
+\fB\-s\fR
+budou upravovat stínové verze obou souborů, tj.
+\fI/etc/shadow\fR
+a
+\fI/etc/gshadow\fR. Programy používají zámky, aby předešly porušení
+souborů. Při hledání editoru nejprve zkusí proměnnou prostředí
+\fB$VISUAL\fR, poté proměnnou prostředí
+\fB$EDITOR\fR a na konec spustí standardní editor
+\fBvi\fR(1).
+.SH "VOLBY"
+.PP
+Příkazy
+\fBvipw\fR
+a
+\fBvigr\fR
+akceptují následující volby:
+.TP
+\fB\-g\fR, \fB\-\-group\fR
+Upraví databázi skupin.
+.TP
+\fB\-h\fR, \fB\-\-help\fR
+Zobrazí nápovědu a skon�í.
+.TP
+\fB\-p\fR, \fB\-\-passwd\fR
+Upraví databázi hesel.
+.TP
+\fB\-q\fR, \fB\-\-quiet\fR
+Tichý režim.
+.TP
+\fB\-s\fR, \fB\-\-shadow\fR
+Upraví databázi shadow nebo gshadow.
+.SH "SOUBORY"
+.TP
+\fI/etc/group\fR
+informace o skupinových ú�tech
+.TP
+\fI/etc/gshadow\fR
+stínový soubor pro skupiny
+.TP
+\fI/etc/passwd\fR
+informace o uživatelských ú�tech
+.TP
+\fI/etc/shadow\fR
+citlivé informace o uživatelských ú�tech
+.SH "VIZ TAKÉ"
+.PP
+\fBvi\fR(1),
+\fBgroup\fR(5),
+\fBgshadow\fR(5)\fBpasswd\fR(5),
+\fBshadow\fR(5).
diff --git a/man/da/Makefile.am b/man/da/Makefile.am
new file mode 100644
index 0000000..a3b0922
--- /dev/null
+++ b/man/da/Makefile.am
@@ -0,0 +1,32 @@
+
+mandir = @mandir@/da
+
+# 2012.01.28 - activate manpages with more than 50% translated messages
+man_MANS = \
+	man1/chfn.1 \
+	man8/groupdel.8 \
+	man1/groups.1 \
+	man5/gshadow.5 \
+	man8/logoutd.8 \
+	man1/newgrp.1 \
+	man8/nologin.8 \
+	man1/sg.1 \
+	man8/vigr.8 \
+	man8/vipw.8
+
+man_nopam = 
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+EXTRA_DIST = \
+	$(man_MANS) \
+	man1/id.1
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+include ../generate_translations.mak
+
diff --git a/man/de/Makefile.am b/man/de/Makefile.am
new file mode 100644
index 0000000..3cd302e
--- /dev/null
+++ b/man/de/Makefile.am
@@ -0,0 +1,66 @@
+
+mandir = @mandir@/de
+
+man_MANS = \
+	man1/chage.1 \
+	man1/chfn.1 \
+	man8/chgpasswd.8 \
+	man8/chpasswd.8 \
+	man1/chsh.1 \
+	man1/expiry.1 \
+	man5/faillog.5 \
+	man8/faillog.8 \
+	man3/getspnam.3 \
+	man1/gpasswd.1 \
+	man8/groupadd.8 \
+	man8/groupdel.8 \
+	man8/groupmems.8 \
+	man8/groupmod.8 \
+	man1/groups.1 \
+	man8/grpck.8 \
+	man8/grpconv.8 \
+	man8/grpunconv.8 \
+	man5/gshadow.5 \
+	man8/lastlog.8 \
+	man1/login.1 \
+	man5/login.defs.5 \
+	man8/logoutd.8 \
+	man1/newgrp.1 \
+	man8/newusers.8 \
+	man8/nologin.8 \
+	man1/passwd.1 \
+	man5/passwd.5 \
+	man8/pwck.8 \
+	man8/pwconv.8 \
+	man8/pwunconv.8 \
+	man1/sg.1 \
+	man3/shadow.3 \
+	man5/shadow.5 \
+	man1/su.1 \
+	man5/suauth.5 \
+	man8/useradd.8 \
+	man8/userdel.8 \
+	man8/usermod.8 \
+	man8/vigr.8 \
+	man8/vipw.8
+
+man_nopam = \
+	man5/limits.5 \
+	man5/login.access.5 \
+	man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+EXTRA_DIST = \
+	$(man_MANS) \
+	man1/id.1 \
+	man8/sulogin.8
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+include ../generate_translations.mak
+
diff --git a/man/es/Makefile.am b/man/es/Makefile.am
new file mode 100644
index 0000000..721dc0d
--- /dev/null
+++ b/man/es/Makefile.am
@@ -0,0 +1,17 @@
+
+mandir = @mandir@/es
+
+man_MANS = 
+
+# These Spanish manpages are outdated.
+# Please contact pkg-shadow-devel@lists.alioth.debian.org if you wish to
+# provide updates.
+#	man1/login.1 \
+#	man1/newgrp.1 \
+#	man1/passwd.1 \
+#	man5/passwd.5 \
+#	man1/su.1 \
+#	man8/vigr.8 \
+#	man8/vipw.8
+
+EXTRA_DIST = $(man_MANS)
diff --git a/man/es/man1/login.1 b/man/es/man1/login.1
new file mode 100644
index 0000000..ae3b7fc
--- /dev/null
+++ b/man/es/man1/login.1
@@ -0,0 +1,332 @@
+.\" Copyright 1993 Rickard E. Faith (faith@cs.unc.edu)
+.\" May be distributed under the GNU General Public License
+.\"
+.\" Translated 17 sep. 1998 by Juan José López Mellado(laveneno@hotmail.com) 
+.\"
+.TH LOGIN 1 "4 Noviembre 1996" "Util\-linux 1.6" "Manual del Programador de Linux"
+.SH NOMBRE
+login \- firmar
+.SH SINOPSIS
+.BR "login [ " name " ]"
+.br
+.B "login \-p"
+.br
+.BR "login \-h " hostname
+.br
+.BR "login \-f " name
+.SH DESCRIPCIÓN
+.B login
+es usado cuando se firma en un sistema. Puede ser usado para cambiar
+desde un usuario a otro en cualquier momento (los shells más modernos
+disponen de esta característica incluida internamente).
+
+Si no se da ningún argumento,
+.B login
+pregunta por el nombre de usuario.
+
+Si el usuario
+.I no
+es root, y si existe
+.IR /etc/nologin ,
+el contenido de este fichero se escribe en la pantalla y el ingreso
+finaliza. Esto se usa típicamente para prevenir los ingresos cuando el
+sistema se está cerrando.
+
+Si se han especificado restricciones de acceso para el usuario en
+.IR /etc/usertty ,
+estas son requeridas, o la petición de ingreso será denegada y se
+generará un mensaje a través de
+.BR syslog .
+Vea la sección "Restricciones de Acceso Especiales".
+
+Si el usuario es root, entonces el ingreso debe estar ocurriendo en
+alguno de los tty listados en
+.IR /etc/securetty .
+Los fallos serán registrados mediante
+.BR syslog .
+
+Después de comprobar estas condiciones, se pedirá la contraseña y se
+validará (si es que se requiere de una contraseña para el usuario). Se
+permite un total de diez intentos antes de que
+.B login
+muera, pero después de los tres primeros, la respuesta comienza a ser muy
+lenta. Los fallos de ingreso son registrados a través de
+.BR syslog .
+También es usado para registrar cualquier ingreso correcto del usuario
+root.
+
+Si el fichero
+.I .hushlogin
+existe, entonces se realiza un ingreso "reservado" (esto deshabilita la
+comprobación del correo y la escritura de la hora del último ingreso así
+como el mensaje del día). Por otro lado, si existe
+.IR /var/log/lastlog ,
+la hora del último ingreso se imprime (y el ingreso actual es
+registrado).
+
+Se llevan a cabo algunas tareas administrativas, como el cambio del UID y
+GID del tty. La variable de entorno TERM se preserva, si existe (las
+otras variables de entorno son preservadas si se usa la opción
+.BR \-p ).
+Después son definidas las variables HOME, PATH, SHELL, TERM, MAIL y
+LOGNAME. El PATH por defecto será
+.I /usr/local/bin:/bin:/usr/bin:.
+para usuarios normales, y
+.I /sbin:/bin:/usr/sbin:/usr/bin
+para root. Por último, si no es un ingreso "reservado", el mensaje del
+día será imprimido y se comprobará el fichero con el nombre del usuario en
+.I /usr/spool/mail
+y se imprimirá un mensaje si este tuviera un tamaño diferente de cero.
+
+A continuación, se inicia el shell del usuario. Si no se especifica ninguno
+para el usuario en
+.BR /etc/passwd ,
+entonces se usará
+.BR /bin/sh .
+Si no hay un directorio especificado en
+.IR /etc/passwd ,
+entonces se usará
+.I /
+(el directorio del usuario se analizará en busca del fichero
+.I .hushlogin
+descrito más abajo).
+
+.SH OPCIONES
+.TP
+.B \-p
+Usado por
+.BR getty (8)
+para indicar a
+.B login
+que no destruya el entorno
+.TP
+.B \-f
+Usado para evitar la segunda autenticación del ingreso. Esto 
+.B no
+funciona específicamente para root y no parece que funcione
+correctamente bajo Linux.
+.TP
+.B \-h
+Usado por otros servidores (por ejemplo,
+.BR telnetd (8))
+para pasar el nombre del host remoto a
+.B login
+de tal manera que pueda ser puesto en utmp y wtmp. Solo el superusuario
+podrá usar esta opción.
+
+.SH "RESTRICCIONES DE ACCESO ESPECIALES"
+El fichero
+.I /etc/securetty
+lista los nombres de los ttys donde se permite que el root pueda
+ingresar. Deberá especificarse un nombre de tty por línea (sin el prefijo
+/dev/). Si el fichero no existiera, se permitirá su ingreso desde
+cualquier tty.
+.PP
+El fichero
+.I /etc/usertty
+especifica restricciones de acceso adicionales para usuarios específicos.
+Si no existiera este fichero, no se impondrá ninguna restricción de
+acceso adicional. El fichero consiste en una secuencia de secciones. Hay
+tres tipos de secciones posibles: CLASSES, GROUPS y USERS. Una sección
+de tipo CLASSES define tipos de ttys y patrones de nombres de hosts, una
+sección de tipo GROUPS define los ttys permitidos y los hosts grupo por
+grupo y una sección USERS define los ttys permitidos y los hosts usuario
+por usuario.
+.PP
+Cada línea de este fichero no puede tener más de 255 caracteres. Los
+comentarios comienzan con un carácter # y se extienden hasta el final de
+la línea.
+.PP
+.SS "La sección CLASSES"
+Una sección de tipo CLASSES comienza por la palabra CLASSES al principio
+de la línea escrito en mayúsculas. Cada una de las líneas hasta el
+principio de una nueva sección o del final del fichero consiste en una
+secuencia de palabras separadas pos tabuladores o espacios. Cada línea
+define una clase de ttys y patrones de hosts.
+.PP
+La palabra al principio de la línea es tomada como el nombre colectivo
+para los ttys y patrones de hosts especificados en el resto de la línea.
+Este nombre colectivo puede usarse en las siguientes secciones de tipo
+GROUPS o USERS. No debería aparecer el nombre de una clase como parte de
+la definición de una clase para evitar problemas de recursividad de
+nombres.
+.PP
+Una sección CLASSES de ejemplo:
+.PP
+.nf
+.in +.5
+CLASSES
+miclase1		tty1 tty2
+miclase2		tty3 @.foo.com
+.in -.5
+.fi
+.PP
+Esto define las clases
+.I miclase1
+y
+.I miclase2
+como las partes derechas correspondientes.
+.PP
+
+.SS "La sección GROUPS"
+Una sección GROUPS define los ttys y hosts permitidos para cada grupo
+.I /etc/passwd
+y
+.I /etc/group
+y ese grupo es mencionado en una sección de tipo GROUPS en
+.I /etc/usertty
+entonces el usuario tiene acceso permitido.
+.PP
+Una sección GROUPS comienza con la palabra GROUPS en mayúsculas en el
+principio de una línea, y cada una de las siguientes líneas es una
+secuencia de palabras separadas pos espacios o tabuladores. La primera
+palabra de una línea es el nombre del grupo, y el resto de las palabras
+de la línea especifican los ttys y hosts donde los miembros de ese grupo
+tienen permitido el acceso. Estas especificaciones pueden comportar el
+uso de las clases definidas en secciones CLASSES anteriores.
+.PP
+Un ejemplo de una sección GROUPS:
+.PP
+.nf
+.in +0.5
+GROUPS
+sys		tty1 @.bar.edu
+stud		miclase1 tty4
+.in -0.5
+.fi
+.PP
+Este ejemplo especifica que los miembros del grupo
+.I sys
+pueden ingresar en el tty1 y desde los hosts en el dominio bar.edu. Los
+usuarios en el grupo
+.I stud
+pueden ingresar desde los hosts/ttys especificados en la clase miclase1 o
+desde el tty4.
+.PP
+
+.SS "La sección USERS"
+Una sección USERS comienza con la palabra USERS toda en mayúsculas al
+principio de la línea, y cada una de las líneas siguientes es una
+secuencia de palabras separadas por espacios o tabuladores. La primera
+palabra de una línea es un nombre de usuario y a ese usuario se le
+permite ingresar en los ttys y desde los hosts mencionados en el resto de
+la línea. Estas especificaciones pueden contener clases definidas en
+secciones CLASSES anteriores. Si no se especifica al principio del
+fichero una cabecera de sección, por defecto la primera sección se
+interpreta como del tipo USERS.
+
+.PP
+Una sección USERS de ejemplo:
+.PP
+.nf
+.in +0.5
+USERS
+zacho		tty1 @130.225.16.0/255.255.255.0
+pepe		tty3 miclase2
+.in -0.5
+.fi
+.PP
+Esto autoriza al usuario zacho a ingresar solo en el tty1 y desde los
+hosts con direcciones IP en el rango 130.225.16.0 \- 130.225.16.255, y
+también autoriza al usuario pepe a ingresar en el tty3 y desde cualquier
+parte mencionada en la clase miclase2.
+.PP
+Podrá aparecer una línea en la sección USERS que comience por un nombre
+de usuario *. Esta es la regla por defecto y será aplicada a cualquier
+usuario que no aparezca en ninguna de las otras líneas.
+.PP
+Si un usuario encaja con una línea USERS y con una línea GROUPS, el
+usuario estará autorizado a ingresar desde la unión de todos los
+ttys/hosts mencionados en estas especificaciones.
+
+.SS Orígenes
+Las especificaciones de patrones de tty y host usadas en la
+especificación de las clases, grupos y usuarios se llaman orígenes. Un
+origen es una cadena de caracteres que puede tener uno de estos formatos:
+.IP o 
+El nombre de un dispositivo tty sin el prefijo /dev/, por ejemplo tty1 o
+ttyS0.
+.PP
+.IP o
+La cadena @localhost, indicando que el usuario está autorizado a
+telnet/rlogin desde el host local al mismo host. Esto también habilita al
+usuario a ejecutar, por ejemplo, el comando: xterm \-e /bin/login.
+.PP
+.IP o
+Un sufijo de nombre de dominio como @.algun.dom, indicando que el usuario
+podrá hacer rlogin/telnet desde cualquier host cuyo nombre de dominio
+tenga el sufijo .algun.dom.
+.PP
+.IP o
+Un rango de direcciones IPv4, escritas @x.x.x.x/y.y.y.y donde x.x.x.x es
+la dirección IP en la notación decimal tradicional con puntos, e y.y.y.y
+es una máscara de bits en la misma notación especificando cuales de los
+bits de la dirección serán comparados con la dirección IP del host
+remoto. Por ejemplo @130.255.16.0/255.255.254.0 significa que el usuario
+podrá hacer rlogin/telnet desde cualquier host cuya dirección IP esté en
+el rango 130.255.16.0 \- 130.255.17.255.
+.PP
+Cualquiera de los orígenes anteriores pueden tener un prefijo con la
+especificación temporal acordando con la sintaxis:
+.PP
+.nf
+espec\-tiempo ::= '[' <día\-u\-hora> [':' <día\-u\-hora>]* ']'
+día          ::= 'mon' | 'tue' | 'wed' | 'thu' | 'fri' | 'sat' | 'sun'
+hora         ::= '0' | '1' | ... | '23'
+espec\-hora   ::= <hora> | <hora> '\-' <hora>
+día\-u\-hora   ::= <día> | <espec\-hora>
+.fi
+.PP
+Por ejemplo, el origen [mon:tue:wed:thu:fri:8\-17]tty3 significa que solo
+se permitirán ingresos de lunes a viernes entre las 8:00 y las 17:59
+(5:59 pm) en el tty3. Esto también muestra que un rango de horas a\-b
+incluye todo momento entre a:00 y b:59. Una sola hora (por ejemplo 10)
+significará un espacio temporal entre las 10:00 y las 10:59.
+.PP
+Si no se especifica ningún prefijo temporal para un tty o host significará
+que se permitirá el ingreso desde ese origen a cualquier hora. Si da un
+prefijo temporal asegúrese de especificar tanto el conjunto de días como
+una o más horas o rango de horas. Una especificación de tiempo no puede
+incluir espacios en blanco.
+.PP
+Si no se define ninguna regla por defecto entonces los usuarios que no
+concuerden con ninguna línea de
+.I /etc/usertty
+está autorizados para ingresar desde cualquier lugar en la manera
+estándar.
+.PP
+.SH FICHEROS
+.nf
+.I /var/run/utmp
+.I /var/log/wtmp
+.I /var/log/lastlog
+.I /usr/spool/mail/*
+.I /etc/motd
+.I /etc/passwd
+.I /etc/nologin
+.I /etc/usertty
+.I .hushlogin
+.fi
+.SH "VÉASE TAMBIÉN"
+.BR init (8),
+.BR getty (8),
+.BR mail (1),
+.BR passwd (1),
+.BR passwd (5),
+.BR environ (7),
+.BR shutdown (8)
+.SH FALLOS
+
+Linux, a diferencia de otros sistemas operativos draconianos, no comprueba
+las cuotas.
+
+La opción no documentada
+.B \-r
+de BSD no está soportada. Esta podría ser requerida por algún programa
+.BR rlogind (8)
+.
+.SH AUTOR
+Derivado de login 5.40 de BSD (5/9/89) por Michael Glad (glad@daimi.dk)
+para HP\-UX
+.br
+Portado a Linux 0.12: Peter Orbaek (poe@daimi.aau.dk)
diff --git a/man/es/man1/newgrp.1 b/man/es/man1/newgrp.1
new file mode 100644
index 0000000..09854f1
--- /dev/null
+++ b/man/es/man1/newgrp.1
@@ -0,0 +1,32 @@
+.\" Original author unknown.  This man page is in the public domain.
+.\" Modified Sat Oct  9 17:46:48 1993 by faith@cs.unc.edu
+.\"
+.\" Translated 19 Sep 1998 by Juan José López Mellado
+.\"   (laveneno@hotmail.com)
+.\"
+.TH NEWGRP 1 "9 Octubre 1993" "Linux 1.2" "Manual del Programador de Linux"
+.SH NOMBRE
+newgrp \- ingresar con un nuevo grupo
+.SH SINOPSIS
+.BI "newgrp [ " group " ]"
+.SH DESCRIPCIÓN
+.B Newgrp
+cambia la identificación de grupo de su invocador, análogamente a
+.BR login (1).
+La misma persona queda ingresada, y el directorio actual no es
+modificado, pero los cálculos de los permisos de acceso a los ficheros se
+realizan con respecto al nuevo ID de grupo.
+.LP
+Si no se espcifica un grupo, el GID es cambiado al GID de ingreso.
+.LP
+.SH FICHEROS
+.I /etc/group
+.br
+.I /etc/passwd
+
+.SH "VÉASE TAMBIÉN"
+.BR login "(1), " group (5)
+
+.SH AUTOR
+Originalmente por Michael Haardt. Actualmente mantenido por
+Peter Orbaek (poe@daimi.aau.dk).
diff --git a/man/es/man1/passwd.1 b/man/es/man1/passwd.1
new file mode 100644
index 0000000..fb17e64
--- /dev/null
+++ b/man/es/man1/passwd.1
@@ -0,0 +1,138 @@
+.\" Copyright 1992 Rickard E. Faith (faith@cs.unc.edu)
+.\" May be distributed under the GNU General Public License
+.\"
+.\" Translated 2 Dec 1998 by Victor Moral (victor@venexma.es) 
+.\"
+.TH PASSWD 1 "11 Noviembre 1996" "Util\-linux 2.6" "Manual del Programador Linux"
+.SH NOMBRE
+passwd \- cambia contraseñas
+.SH SINOPSIS
+.BR "passwd"
+.RB [ " \-o " ]
+.RB [ " \-q " ]
+.RB [ " \-v " ]
+.RI [ " usuario " [ " contraseña " ]]
+.br
+.BR "passwd \-f "
+.RI [ " parámetros para el cambio de nombre completo del usuario " ]
+.br
+.BR "passwd \-s "
+.RI [ " parámetros para el cambio de shell " ]
+
+.SH DESCRIPCIÓN
+
+Cuando se utiliza sin parámetros
+.B passwd
+cambia la contraseña para el usuario que lo invoca. Primero le exigirá 
+la contraseña vigente, y a continuación pedirá dos veces la nueva para 
+prevenir errores de escritura.
+
+La invocación del programa con los parámetros 
+.IR usuario 
+y
+.IR contraseña
+sólo puede realizarse desde la cuenta de superusuario. 
+
+Utilizando la invocación sólo con el parámetro
+.IR usuario
+, el 
+superusuario puede cambiar la contraseña para ese
+.IR usuario .
+
+En este caso no se exige al superusuario la contraseña vigente para el usuario,
+pero las reglas para validar contraseñas se siguen aplicando a menos que se
+utilice la opción
+.B "\-o".
+El superusuario puede tener razones legítimas para elegir una contraseña no
+conforme a las reglas.
+
+
+El uso de los dos parámetros asigna al 
+.IR usuario " la " contraseña
+indicada en el segundo parámetro. Puede ser útil cuando se debe dar a muchos
+usuarios una contraseña inicial predefinida. Pero también puede ser 
+extremadamente peligroso. Un simple fallo en un programa podría cambiar la 
+contraseña del superusuario (root) a cualquier cosa desconocida.
+
+Indicar una cadena vacía como el segundo parámetro borra la contraseña para 
+el usuario, pero sólo en combinación de la opción
+.B "\-o".
+
+Los cambios de contraseña pueden registrarse utilizando el servicio
+.BR syslog (3),
+dependiendo de las definiciones hechas en tiempo de compilación del programa
+(estando esta característica activa por omisión).
+Si es así, todos los cambios se registrarán a un nivel bajo como auth.notice,
+excepto para cambiar la contraseña del superusuario (root); en este caso se 
+registrarán con nivel auth.warning.
+
+.SH OPCIONES
+.TP
+.B "\-f, \-\-fullname"
+Cambia el nombre completo del usuario (el campo GECOS del registro de 
+contraseñas). Invoca el programa /usr/bin/chfn utilizando los parámetros
+que ha recibido que no son opciones.  
+
+.TP
+.B "\-o, \-\-force"
+Desactiva las verificaciones de validación sobre la nueva contraseña . Sólo
+puede ser utilizada por el superusuario, y está pensado para permitirle 
+asignar contraseñas iniciales simples.
+
+.TP
+.B "\-s, \-\-shell"
+Cambia el shell del usuario mediante la invocación del programa /usr/bin/chsh
+con los parámetros recibidos que no son opciones.
+
+.TP
+.B "\-q, \-\-quiet, \-\-silent"
+En este modo de funcionamiento passwd no indica que la contraseña se haya
+cambiado.
+
+.TP
+.B "\-v, \-V, \-\-version"
+Muestra información acerca de la versión del programa y finaliza.
+
+.SH REGLAS DE CONTRASEÑAS
+La nueva contraseña debe cumplir estas reglas:
+.TP
+o
+tener como mínimo seis caracteres;
+
+.TP
+o
+no ser igual a la contraseña anterior;
+
+.TP
+o
+contener caracteres que pertenezcan, como mínimo, a dos de las 
+siguientes categorías: mayúsculas y minúsculas, dígitos y caracteres no 
+alfanuméricos;
+
+.TP
+o
+no debe coincidir ni con el nombre del usuario, ni con ninguna de las palabras
+que forman su nombre completo (real), tanto en orden normal como inverso, ni 
+al principio ni al final.
+
+.SH FALLOS (BUGS)
+
+Si cambia de opinión no hay escape del programa. Insistirá en obtener una 
+contraseña nueva hasta que sea muerto (mediante kill) desde otro terminal.
+(Esto es provocado por un fallo en getpass(3): e ignora las señales.)
+
+.SH FICHEROS
+.TP
+.I /etc/passwd
+El archivo que contiene las contraseñas.
+.SH "VÉASE TAMBIÉN"
+.BR group (5),
+.BR passwd (5),
+.BR shadow (5)
+.SH AUTOR
+Peter Orbaek (poe@daimi.aau.dk).
+.br
+Martin Schulze (joey@infodrom.north.de) con extensas mejoras y reescrituras.
+.br
+.SH MANTENIMIENTO
+Nicolai Langfeldt (janl@math.uio.no)
diff --git a/man/es/man1/su.1 b/man/es/man1/su.1
new file mode 100644
index 0000000..1acf8c7
--- /dev/null
+++ b/man/es/man1/su.1
@@ -0,0 +1,139 @@
+.\" \-*\- nroff \-*\-
+.\"Translated 21 Jul 1998 by Javi Diaz (javid@si.upc.es)
+.TH SU 1 "Utilidades Shell de GNU" "FSF"
+.SH NOMBRE
+su \-  ejecuta una shell con identificadores de grupo y de usuario distintos
+.SH SINOPSIS
+.B su
+[\-flmp] [\-c comando] [\-s shell] [\-\-login] [\-\-fast]
+[\-\-preserve\-environment] [\-\-command=comando] [\-\-shell=shell] [\-]
+[\-\-help] [\-\-version] [usuario [arg...]]
+.SH DESCRIPCIÓN
+Este documento ya no es mantenido y puede ser impreciso o incompleto. La
+documentación de Texinfo es ahora la fuente de información recomendada.
+.PP
+Esta página del manual documenta la versión GNU de
+.BR su .
+.B su
+permite a un usuario convertirse temporalmente en otro usuario. Se ejecuta
+una shell con los identificadores reales y efectivos, el identificador de
+grupo, y los identificadores suplementarios del grupo del USUARIO. Si no se
+especifica ningún USUARIO, por defecto se usa root, el superusuario.
+La shell a ejecutar se toma de la entrada correspondiente al USUARIO en el
+fichero de passwords, o /bin/sh si no se especifica ninguna en dicho fichero.
+Si el USUARIO tiene password, 
+.B su
+lo solicitará, a menos que sea ejecutado por el usuario con identificador real
+0 (el superusuario).
+.PP
+Por defecto,
+.B su
+no cambia el directorio actual.
+.B su
+modifica las variables de entorno `HOME' y `SHELL' de acuerdo con la entrada
+del fichero de passwords correspondiente al USUARIO, y si el USUARIO no es el
+superusuario, coloca en las variables `USER' y `LOGNAME' el valor de USUARIO.
+Por defecto, la shell ejecutada no es una shell de entrada al sistema.
+.PP
+Si se facilitan uno o más ARGs, estos son pasados como argumentos adicionales
+a la shell ejecutada.
+.PP
+.B su
+no ejecuta de manera especial /bin/sh u otras shells (colocando en argv[0] el
+valor "\-su", pasando \-c únicamente a algunas shells, etc.).
+.PP
+En sistemas que utilicen syslog,
+.B su
+puede ser compilado para reportar fallo, y opcionalmente éxito en syslog.
+.B su
+intentará utilizar syslog.
+.PP
+Este programa no soporta el grupo "wheel", el cual restringe quien podrá
+ejecutar
+.B su
+hacia la cuenta de root (el superusuario) ya que esta política podría
+ayudar a los administradores de máquinas a facilitar un uso inadecuado a otros
+usuarios.
+.SS OPCIONES
+.TP
+.I "\-c COMANDO, \-\-command=COMANDO"
+Pasa el COMANDO, una única línea a ejecutar, a la shell con la opción
+.I \-c
+en vez de ejecutar una shell interactiva.
+.TP
+.I "\-f, \-\-fast"
+Pasa la opción
+.I \-f
+a la shell. Esto probablemente tiene sentido con 
+.B csh
+y
+.BR tcsh ,
+en estos casos la opción
+.I \-f
+indica que no se lean los ficheros de arranque de la shell (.cshrc).
+Con las shells del estilo Bourne shell, la opción
+.I \-f
+deshabilita la expansión de los patrones de fichero, la cual cosa no es 
+demasiado deseable.
+.TP
+.I "\-\-help"
+Escribe un mensaje sobre el uso en la salida estándar y acaba sin
+provocar error.
+.TP
+.I "\-, \-l, \-\-login"
+Provoca que la shell a ejecutar sea una shell de login. Lo cual significa que
+se eliminan del entorno todas las variables excepto `TERM', `HOME' y `SHELL'
+(las cuales se modifican como se explicó anteriormente) y `USER'y `LOGNAME'
+(que se modifican, incluso para el superusuario, como se explicó anteriormente),
+la variable `PATH' se añade al entorno con el valor por defecto que se
+estableció al compilar
+.B su
+, además de los cambios anteriores, 
+.B su
+cambia al directorio por defecto del USUARIO. Si se antepone "\-" al nombre de
+la shell a ejecutar, se leerán los ficheros de arraque pertinentes.
+.TP
+.I "\-m, \-p, \-\-preserve\-environment"
+No se cambian las variables de entorno `HOME', `USER', `LOGNAME' ni `SHELL'.
+Se ejecuta la shell especificada en la variable de entorno `SHELL' en vez
+de la shell que indique la entrada para el USUARIO en el fichero /etc/passwd,
+a menos que el usuario que ejecute
+.B su
+no sea el superusuario y la shell del USUARIO esté restringida.
+Una shell restringida es aquella que no está listada en el fichero /etc/shells
+o en una lista generada al compilar
+.B su
+si dicho fichero no existe. Algunos detalles de lo que hace esta opción pueden
+ser invalidadas mediante la opción
+.I \-\-login
+y
+.IR \-\-shell .
+.TP
+.I "\-s, \-\-shell shell"
+Ejecuta la SHELL en vez de la shell del USUARIO especificada en el fichero
+\fI/etc/passwd\fR, a menos que el usuario que ejecute
+.B su
+no sea el superusuario y la shell del USUARIO esté restringida.
+.TP
+.I "\-\-version"
+Escribe información sobre la versión en  la  salida estándar y acaba sin
+provocar error.
+
+.SH Por que GNU no soporta el grupo "wheel" (por Richard Stallman)
+A veces, algunos listillos intentan hacerse con el poder total
+sobre el resto de usuarios. Por ejemplo, en 1984, un grupo de usuarios del
+laboratorio de Inteligencia Artificial del MIT decidieron tomar el poder
+cambiando el password de operador del sistema Twenex y manteniendolo secreto
+para el resto de usuarios. (De todas maneras, hubiera sido posible desbaratar
+la situación y devolver el control a los usuarios legítimos parcheando el
+kernel, pero no sabría como realizar esta operación en un sistema Unix.)
+.PP
+Sin embargo, casualmente alguien contó el secreto. Mediante el uso habitual de
+.B su
+una vez que alguien conoce el password de root puede contarselo al resto de 
+usuarios. El grupo "wheel" hará que esto sea imposible, protegiendo así el poder
+de los superusuarios.
+.PP
+Yo estoy del lado de las masas, no de los superusuarios. Si eres de los que
+estan de acuerdo con los jefes y los administradores de sistemas en cualquier
+cosa que hagan, al principio encontrarás esta idea algo extraña.
diff --git a/man/es/man5/passwd.5 b/man/es/man5/passwd.5
new file mode 100644
index 0000000..bff5412
--- /dev/null
+++ b/man/es/man5/passwd.5
@@ -0,0 +1,138 @@
+.\" Copyright (c) 1993 Michael Haardt (michael@moria.de), Fri Apr  2 11:32:09 MET DST 1993
+.\"
+.\" This is free documentation; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of
+.\" the License, or (at your option) any later version.
+.\"
+.\" The GNU General Public License's references to "object code"
+.\" and "executables" are to be interpreted as the output of any
+.\" document formatting or typesetting system, including
+.\" intermediate and printed output.
+.\"
+.\" This manual is distributed in the hope that it will be useful,
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+.\" GNU General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public
+.\" License along with this manual; if not, write to the Free
+.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111,
+.\" USA.
+.\"
+.\" Modified Sun Jul 25 10:46:28 1993 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Aug 21 18:12:27 1994 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Jun 18 01:53:57 1995 by Andries Brouwer (aeb@cwi.nl)
+.\" Translated Tue Jul 23 11:06:10 1996 by Diego Novillo (diego@cs.ualberta.ca)
+.\" Modified Mon Jan  5 20:24:40 MET 1998 by Michael Haardt
+.\"  (michael@cantor.informatik.rwth-aachen.de)
+.\" Translation revised June 6 1998
+.\" Translation revised Wed Aug 19 1998 by Juan Piernas <piernas@ditec.um.es>
+.\"
+.TH PASSWD 5 "5 Enero 1998" "Linux" "Formatos de Fichero"
+.SH NOMBRE
+passwd \- fichero de contraseñas
+.SH DESCRIPCIÓN
+.B Passwd
+es un fichero de texto que contiene una lista de las cuentas del sistema,
+proporcionando para cada cuenta cierta información útil como el
+identificador (ID) de usuario, el ID de grupo, el directorio `home', el
+intérprete de órdenes, etc.
+Con frecuencia, también contiene la contraseña cifrada de cada cuenta.
+Este fichero debe tener permiso de lectura para todos (muchas utilidades,
+como 
+.BR ls (1),
+lo usan para traducir el número de identificador de
+usuario (UID) al nombre del usuario), pero sólo el superusuario debe
+poder escribirlo.
+.PP
+En los buenos viejos tiempos no había grandes problemas con estos permisos
+generales de lectura. Cualquiera podía leer contraseñas cifradas, ya que el
+hardware era demasiado lento para descifrar una clave bien elegida
+y, además, la suposición básica solía ser que la comunidad de usuarios era
+bastante amigable. Hoy en día, mucha gente
+utiliza alguna versión del paquete \fBshadow password\fP, donde en 
+.I /etc/passwd
+encontramos *'s en lugar de las claves cifradas; éstas se encuentran 
+en el fichero
+.IR /etc/shadow ,
+el cual sólo lo puede leer el superusuario.
+.PP
+Sin tener en cuenta si se utilizan o no `shadow passwords', muchos
+administradores de sistemas usan un asterisco en el campo de contraseña
+para asegurarse de que dicho usuario no se puede autenticar a sí
+mismo usando una contraseña. (No obstante, vea la sección OBSERVACIONES más abajo).
+.PP
+Si crea una nueva cuenta, coloque primero un asterisco en el campo de
+contraseña y a continuación use
+.BR passwd (1)
+para asignarla.
+.PP
+Hay una entrada por línea, cada línea tiene el siguiente formato:
+.sp
+.RS
+cuenta:contraseña:UID:GID:GECOS:directorio:intérprete
+.RE
+.sp
+Las descripciones de los campos son las siguientes:
+.sp
+.RS
+.TP 1.0in
+.I cuenta
+el nombre del usuario en el sistema. No debe contener letras mayúsculas.
+.TP
+.I contraseña
+la contraseña cifrada del usuario o un asterisco.
+.TP
+.I UID
+el número del ID de usuario.
+.TP
+.I GID
+el número del ID de grupo primario para este usuario.
+.TP
+.I GECOS
+Este campo es opcional y sólo se usa para propósitos de información.
+Normalmente, contiene el nombre completo del usuario. GECOS significa General
+Electric Comprehensive Operating System, que se renombró a GCOS cuando
+la división de grandes sistemas de GE se vendió a Honeywell.  Dennis Ritchie
+ha dicho: "Algunas veces enviábamos una salida de impresora o unos trabajos
+por lotes a la máquina GCOS. El campo gcos en el fichero password era el
+lugar para esconder la información de la $IDENTcard. No era elegante."
+.TP
+.I directorio
+el directorio base del usuario ($HOME).
+.TP
+.I intérprete
+el programa que se debe ejecutar cuando el usuario ingresa (si está vacío,
+se utiliza
+.BR /bin/sh ).
+Si se establece a un ejecutable que no existe, el usuario será incapaz de
+entrar al sistema a través de
+.BR login (1).
+.RE
+.SH OBSERVACIONES
+Para crear un grupo de usuarios, sus GIDs deben ser iguales y debe
+haber una entrada en \fI/etc/group\fP, de lo contrario no existirá ningún
+grupo.
+.PP
+Si la contraseña cifrada es un asterisco, el usuario será incapaz de entrar
+al sistema usando
+.BR login (1),
+pero todavía podrá entrar utilizando
+.BR rlogin (1),
+ejecutar procesos existentes e iniciar nuevos procesos a través de
+.BR rsh (1),
+.BR cron (1),
+.BR at (1),
+filtros de correo, etc. Intentar cerrar una cuenta cambiando simplemente el
+campo del intérprete de órdenes produce el mismo resultado y permite
+además el uso de
+.BR su (1).
+.SH FICHEROS
+.I /etc/passwd
+.SH "VÉASE TAMBIÉN"
+.BR passwd (1),
+.BR login (1),
+.BR su (1),
+.BR group (5),
+.BR shadow (5)
diff --git a/man/es/man8/vigr.8 b/man/es/man8/vigr.8
new file mode 100644
index 0000000..ff72d7a
--- /dev/null
+++ b/man/es/man8/vigr.8
@@ -0,0 +1 @@
+.so man8/vipw.8
diff --git a/man/es/man8/vipw.8 b/man/es/man8/vipw.8
new file mode 100644
index 0000000..b33d14b
--- /dev/null
+++ b/man/es/man8/vipw.8
@@ -0,0 +1,92 @@
+.\" Copyright (c) 1983, 1991 The Regents of the University of California.
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\"    must display the following acknowledgement:
+.\"	This product includes software developed by the University of
+.\"	California, Berkeley and its contributors.
+.\" 4. Neither the name of the University nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"     from: @(#)vipw.8	6.7 (Berkeley) 3/16/91
+.\"	$Id$
+.\"
+.\"
+.\" Translated into Spanish on Fri Aug 28 1998 by Gerardo Aburruzaga
+.\" García <gerado@cica.es>
+.\"
+.Dd 7 Julio 1996
+.Dt VIPW 8
+.Os Util-Linux 2.6
+.Sh NOMBRE
+.Nm vipw, vigr
+.Nd editan los ficheros de cuentas y grupos
+.Sh SINOPSIS
+.Nm vipw
+.Op -V
+.Op --version
+.Pp
+.Nm vigr
+.Op -V
+.Op --version
+.Sh DESCRIPCIÓN
+.Nm Vipw
+edita el fichero de cuentas tras establecer los bloqueos apropiados, y
+hace cualquier procesado que sea necesario después de que el fichero
+de cuentas se desbloquee.
+Si el fichero de cuentas ya está bloqueado para la edición por parte
+de otro usuario, 
+.Nm vipw
+le pedirá que lo intente de nuevo más tarde. El editor predeterminado
+para 
+.Nm vipw
+suele ser, como indica su nombre,
+.Xr vi 1 .
+.br
+.Nm Vigr
+edita el fichero de grupos de la misma manera que vipw.
+.Sh ENTORNO
+Si la siguiente variable de entorno existe, será utilizada por
+.Nm vipw :
+.Bl -tag -width EDITOR
+.It Ev EDITOR
+El editor especificado por la cadena
+.Ev EDITOR
+será llamado en vez del predeterminado
+.Xr vi 1 .
+.El
+.Sh VÉASE TAMBIÉN
+.Xr passwd 1 ,
+.Xr vi 1 ,
+.Xr passwd 5
+.Sh HISTORIA
+La orden
+.Nm vipw
+apareció en
+.Bx 4.0 .
+.br
+La orden
+.Nm vigr
+apareció en
+Util-Linux 2.6.
diff --git a/man/expiry.1.xml b/man/expiry.1.xml
new file mode 100644
index 0000000..63575b0
--- /dev/null
+++ b/man/expiry.1.xml
@@ -0,0 +1,149 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1990 - 1994, Julianne Frances Haugh
+   Copyright (c) 1999       , Ben Collins
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!--ENTITY CONSOLE_GROUPS        SYSTEM "login.defs.d/CONSOLE_GROUPS.xml"-->
+<!-- A call to CONSOLE_GROUPS is linked, but not used -->
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='expiry.1'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1990</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>expiry</refentrytitle>
+    <manvolnum>1</manvolnum>
+    <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>expiry</refname>
+    <refpurpose>check and enforce password expiration policy</refpurpose>
+  </refnamediv>
+  <!-- body begins here -->
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>expiry</command>
+      <arg choice='plain'>
+	<replaceable>option</replaceable>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>expiry</command> command checks (<option>-c</option>)
+      the current password expiration and forces (<option>-f</option>)
+      changes when required. It is callable as a normal user command.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>expiry</command> command are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term><option>-c</option>, <option>--check</option></term>
+	<listitem>
+	  <para>Check the password expiration of the current user.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-f</option>, <option>--force</option></term>
+	<listitem>
+	  <para>
+	    Force a password change if the current user has an expired
+	    password.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/faillog.5.xml b/man/faillog.5.xml
new file mode 100644
index 0000000..0e16752
--- /dev/null
+++ b/man/faillog.5.xml
@@ -0,0 +1,116 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1989 - 1994, Julianne Frances Haugh
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='faillog.5'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1989</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>faillog</refentrytitle>
+    <manvolnum>5</manvolnum>
+    <refmiscinfo class="sectdesc"> File Formats and Conversions</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>faillog</refname>
+    <refpurpose>login failure logging file</refpurpose>
+  </refnamediv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      <filename>/var/log/faillog</filename> maintains a count of login
+      failures and the limits for each account.
+    </para>
+    <para>
+      The file contains fixed length
+      records, indexed by numerical UID. Each record contains the count of
+      login failures since the last successful login; the maximum number of
+      failures before the account is disabled; the line on which the last login
+      failure occurred; the date of the last login failure;
+      and the duration (in seconds) during which the account will be locked after
+      a failure.
+    </para>
+
+    <para>The structure of the file is:</para>
+      <programlisting>
+struct	faillog {
+	short   fail_cnt;
+	short   fail_max;
+	char    fail_line[12];
+	time_t  fail_time;
+	long    fail_locktime;
+};</programlisting>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/var/log/faillog</filename></term>
+	<listitem>
+	  <para>Failure logging file.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>faillog</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>
+    </para>
+  </refsect1>
+</refentry>
+
diff --git a/man/faillog.8.xml b/man/faillog.8.xml
new file mode 100644
index 0000000..a9132a8
--- /dev/null
+++ b/man/faillog.8.xml
@@ -0,0 +1,265 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1989 - 1994, Julianne Frances Haugh
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='faillog.8'>
+  <!--  $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1989</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>faillog</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>faillog</refname>
+    <refpurpose>display faillog records or set login failure limits</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>faillog</command>
+      <arg choice='opt'>
+	<replaceable>options</replaceable>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      <command>faillog</command> displays the contents of the failure log
+      database (<filename>/var/log/faillog</filename>). It can also
+      set the failure counters and limits. When
+      <command>faillog</command> is run without arguments, it only displays the
+      faillog records of the users who had a login failure.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>faillog</command> command
+      are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term><option>-a</option>, <option>--all</option></term>
+	<listitem>
+	  <para>
+	    Display (or act on) faillog records for all users having an
+	    entry in the <filename>faillog</filename> database.
+	  </para>
+	  <para>
+	    The range of users can be restricted with the
+	    <option>-u</option> option.
+	  </para>
+	  <para>
+	    In display mode, this is still restricted to existing users
+	    but forces the display of the faillog entries even if they
+	    are empty.
+	  </para>
+	  <para>
+	    With the <option>-l</option>, <option>-m</option>,
+	    <option>-r</option>, <option>-t</option> options, the users'
+	    records are changed, even if the user does not exist on the
+	    system. This is useful to reset records of users that have
+	    been deleted or to set a policy in advance for a range of
+	    users.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Lock account for <replaceable>SEC</replaceable>
+	    seconds after failed login.
+	  </para>
+	  <para>
+	    Write access to <filename>/var/log/faillog</filename>
+	    is required for this option.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Set the maximum number of login failures after the account is
+	    disabled to <replaceable>MAX</replaceable>.
+	  </para>
+	  <para>
+	    Selecting a
+	    <replaceable>MAX</replaceable> value of 0 has the effect of not
+	    placing a limit on the number of failed logins.
+	  </para>
+	  <para>
+	    The maximum
+	    failure count should always be 0 for <emphasis>root</emphasis>
+	    to prevent a denial of services attack against the system.
+	  </para>
+	  <para>
+	    Write access to <filename>/var/log/faillog</filename>
+	    is required for this option.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-r</option>, <option>--reset</option></term>
+	<listitem>
+	  <para>
+	    Reset the counters of login failures.
+	  </para>
+	  <para>
+	    Write access to <filename>/var/log/faillog</filename>
+	    is required for this option.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Display faillog records more recent than
+	    <replaceable>DAYS</replaceable>.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</replaceable>|<replaceable>RANGE</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Display faillog record or maintains failure counters and limits
+	    (if used with <option>-l</option>, <option>-m</option> or
+	    <option>-r</option> options) only for the specified user(s).
+	  </para>
+	  <para>
+	    The users can be specified by a login name, a numerical user
+	    ID, or a <replaceable>RANGE</replaceable> of users.  This
+	    <replaceable>RANGE</replaceable> of users can be specified
+	    with a min and max values
+	    (<replaceable>UID_MIN-UID_MAX</replaceable>), a max value
+	    (<replaceable>-UID_MAX</replaceable>), or a min value
+	    (<replaceable>UID_MIN-</replaceable>).
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+
+    <para>
+      When none of the <option>-l</option>, <option>-m</option>, or
+      <option>-r</option> options are used, <command>faillog</command>
+      displays the faillog record of the specified user(s).
+    </para>
+  </refsect1>
+
+  <refsect1 id='caveats'>
+    <title>CAVEATS</title>
+    <para>
+      <command>faillog</command> only prints out users with no successful
+      login since the last failure. To print out a user who has had a
+      successful login since their last failure, you must explicitly request
+      the user with the <option>-u</option> flag, or print out all users
+      with the <option>-a</option> flag.
+    </para>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/var/log/faillog</filename></term>
+	<listitem>
+	  <para>Failure logging file.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>faillog</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/fi/Makefile.am b/man/fi/Makefile.am
new file mode 100644
index 0000000..26a1a84
--- /dev/null
+++ b/man/fi/Makefile.am
@@ -0,0 +1,12 @@
+
+mandir = @mandir@/fi
+
+man_MANS = \
+	man1/chfn.1 \
+	man1/chsh.1 \
+	man1/su.1
+
+# Outdated manpages
+#	passwd.1 (https://bugs.launchpad.net/ubuntu/+bug/384024)
+
+EXTRA_DIST = $(man_MANS)
diff --git a/man/fi/man1/chfn.1 b/man/fi/man1/chfn.1
new file mode 100644
index 0000000..2a10395
--- /dev/null
+++ b/man/fi/man1/chfn.1
@@ -0,0 +1,68 @@
+.\"
+.\"  chfn.1 -- change your finger information
+.\"  (c) 1994 by salvatore valente <svalente@athena.mit.edu>
+.\"
+.\"  this program is free software.  you can redistribute it and
+.\"  modify it under the terms of the gnu general public license.
+.\"  there is no warranty.
+.\"
+.\"  $Author: kloczek $
+.\"  $Revision: 1.2 $
+.\"  $Date: 2005/12/01 20:38:25 $
+.\" Proofread by Raimo Koski, Nov-Dec. 1999
+.\" Translated into Finnish by Lauri Nurmi (lanurmi@kauhajoki.fi)
+.\" Proofread by Juhana Siren (Juhana.Siren@oulu.fi)
+.\"
+.TH CHFN 1 "24. huhtikuuta 1998" "chfn" "Käyttäjän sovellusohjelmat"
+.SH NIMI
+chfn \- muuta finger-tietojasi
+.SH "YLEISKATSAUS"
+.B chfn
+[\ \-f\ koko nimi\ ] [\ \-o\ toimisto\ ] [\ \-p\ toimiston puhelin\ ]
+[\ \-h\ kotipuhelin\ ] [\ \-u\ ] [\ \-v\ ] [\ käyttäjänimi\ ]
+.SH KUVAUS
+.B chfn:ää
+käytetään finger-tietojen muuttamiseen. Nämä tiedot ovat
+.I /etc/passwd
+-tiedostossa, ja niitä voidaan katsoa
+.B finger\fR-ohjelmalla.
+Linuxin
+.B finger\fR-komento
+näyttää neljä tietoa, joita voidaan muuttaa
+.B chfn\fR:llä
+: todellinen nimesi, työhuoneesi ja puhelin, sekä kotipuhelimesi.
+.SS KOMENTORIVI
+Jokainen neljästä tiedosta voidaan määritellä komentorivillä. Jos
+komentorivillä ei anneta tietoja,
+.B chfn
+käynnistyy vuorovaikutteisessa tilassa.
+.SS VUOROVAIKUTTEINEN TILA
+Vuorovaikutteisessa tilassa
+.B chfn
+kysyy erikseen jokaista kenttää. Voit syöttää kenttään uuden tiedon, tai
+painaa Enteriä jättääksesi kentän ennalleen. Syötä sana "none" saadaksesi
+kentän tyhjäksi.
+.SH OPTIOT
+.TP
+.I "\-f, \-\-full-name"
+Määritä todellinen nimesi.
+.TP
+.I "\-o, \-\-office"
+Määritä toimistohuoneesi numero.
+.TP
+.I "\-p, \-\-office-phone"
+Määritä toimistohuoneesi puhelinnumero.
+.TP
+.I "\-h, \-\-home-phone"
+Määritä kotipuhelinnumerosi.
+.TP
+.I "\-u, \-\-help"
+Näytä lyhyt ohje komennoista.
+.TP
+.I "-v, \-\-version"
+Näytä versiotiedot.
+.SH TEKIJÄ
+Salvatore Valente <svalente@mit.edu>
+.SH "KATSO MYÖS"
+.BR finger (1),
+.BR passwd (5),
diff --git a/man/fi/man1/chsh.1 b/man/fi/man1/chsh.1
new file mode 100644
index 0000000..ed9cb95
--- /dev/null
+++ b/man/fi/man1/chsh.1
@@ -0,0 +1,49 @@
+.\" ** You probably do not want to edit this file directly **
+.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1).
+.\" Instead of manually editing it, you probably should edit the DocBook XML
+.\" source for it and then use the DocBook XSL Stylesheets to regenerate it.
+.TH "CHSH" "1" "03/07/2006" "Käyttäjän sovellukset" "Käyttäjän sovellukset"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+chsh \- vaihda sisäänkirjautumiskuorta
+.SH "SYNOPSIS"
+.HP 5
+\fBchsh\fR [\-s\ \fIsisäänkirjautumiskuori\fR] [\fIkäyttäjä\fR]
+.SH "KUVAUS"
+.PP
+\fBchsh\fR
+vaihtaa käyttäjän sisäänkirjautumiskuorta. Tämä määrittää käyttäjän ensimmäisen kirjautumiskomennon. Tavallinen käyttäjä voi vaihtaa ainoastaan oman tunnuksensa kirjautumiskuorta, mutta pääkäyttäjä voi vaihtaa kenen tahansa kirjautumiskuoren.
+.PP
+Ainoa rajoitus kirjautumiskuorelle on, että komennon nimen täytyy olla lueteltuna tiedostossa
+\fI/etc/shells\fR
+ellei komentoa käynnistänyt pääkäyttäjä, jolloin mikä tahansa arvo voidaan lisätä. Tunnus, jolla on rajoitettu kirjautumiskuori, ei voi vaihtaa omaa kirjautumiskuortaan. Tästä syystä komennon
+\fI/bin/rsh\fR
+lisääminen tiedostoon
+\fI/etc/shells\fR
+ei ole suositeltavaa, koska käyttäjän vahingossa vaihtaessa rajoitettuun kuoreen, ei hän voi koskaan vaihtaa kirjautumiskuortaan takaisin alkuperäiseen arvoon.
+.SH "VALITSIMET"
+.PP
+Mikäli valitsinta
+\fB\-s\fR
+ei ole annettu,
+\fBchsh\fR
+toimii interaktiivisesti kysyen käyttäjältä kirjautumiskuorta. Syöttämällä uuden arvon vaihdetaan kuorta, ja antamalla tyhjän syötteen, vanha kuori jää voimaan. Nykyinen kuori tulostetaan
+\fI[ ]\fR\-merkkiparin välissä.
+.SH "TIEDOSTOT"
+.TP
+\fI/etc/passwd\fR
+käyttäjätunnuksien tiedot
+.TP
+\fI/etc/shells\fR
+luettelo sallituista kirjautumiskuorista
+.TP
+\fI/etc/login.defs\fR
+varjosalasanakaluston asetukset
+.SH "KATSO MYÖS"
+.PP
+\fBchfn\fR(1),
+\fBlogin.defs\fR(5),
+\fBpasswd\fR(5)
diff --git a/man/fi/man1/passwd.1 b/man/fi/man1/passwd.1
new file mode 100644
index 0000000..930300f
--- /dev/null
+++ b/man/fi/man1/passwd.1
@@ -0,0 +1,95 @@
+.\" Hey Emacs! This file is -*- nroff -*- source.
+.\" (above from Rik Faith..:*)
+.\" Copyright (c) Andrew G. Morgan 1996, <morgan@parc.power.net>
+.\" Proofread by Raimo Koski, Nov-Dec. 1999
+.\" Translated into Finnish by Tuomo Pyhälä (tuomo@lesti.kpnet.fi)
+.\" Proofread by Raimo Koski (rkoski@pp.weppi.fi)
+.\"
+.TH PASSWD 1 "28. Huhtikuuta 1998" "SimplePAMApps 0.50" "Käyttäjän sovellusohjelmat"
+.SH NIMI
+passwd \- päivitä käyttäjän todennustunnukset
+
+.SH "YLEISKATSAUS"
+.B passwd [-u] [käyttäjänimi]
+.sp 2
+.SH KUVAUS
+Passwd on apuohjelma käyttäjän todennustunnusten
+päivittämiseen. Todennustunnus on lähes kaikissa järjestelmissä
+salasana ja termejä käytetään jäljempänä ristiin.
+
+.sp
+Ainoastaan pääkäyttäjä voi päivittää toisen käyttäjän salasanan syöttämällä
+.BR käyttäjänimen ". "
+Optiota
+.BR -u 
+käytetään, kun halutaan kertoa passwd:lle, että sen tulisi päivittää vain
+vanhentuneet salasanat (todennustunnukset) säilyttäen vanhentumattomat
+salasanat entisellään.
+
+.sp
+Passwd käyttää 
+.BR "Linux-PAM"
+ohjelmointirajapintaa ja se voidaan määrittää käyttämään
+haluttuja moduuleita salasanaa vaihtavan käyttäjän todennukseen ja
+salasanan vaihtoon. Alustaessaan ohjelmointirajapintaa passwd toimii nimellä
+"passwd".
+
+.sp
+Yksinkertainen osio
+.I Linux-PAM
+määritystiedostossa passwd:lle olisi:
+.br
+  
+.br
+ #
+.br
+ # passwd palvelun määrittely, joka tarkistaa ettei ehdotettu salasana 
+.br
+ # ole helposti arvattavissa, ennen salasanan päivittämistä.
+.br
+ #
+.br
+ passwd password requisite pam_cracklib.so retry=3
+.br
+ passwd password required pam_pwdb.so use_authtok
+.br
+ #
+
+.sp
+Huomaa, että passwd ei tarvitse muun tyyppisten moduulien määrittelyä.
+
+.SH PALUUARVO
+
+Virheettömän suorituksen jälkeen
+.B passwd
+päättää toimintansa paluuarvolla 0.  Paluuarvo 1 palautetaan virheen
+sattuessa. Virheilmoitukset kirjoitetaan virhetulosteeseen.
+
+.SH "NOUDATTAA:"
+.br
+.BR Linux-PAM
+(Pluggable Authentication modules for Linux).
+
+.SH TIEDOSTOT
+.br
+.B /etc/pam.conf
+- the
+.BR Linux-PAM
+asetus tiedosto
+
+.SH BUGIT
+.sp 2
+Ei tunnettuja virheitä.
+
+.SH "KATSO MYÖS"
+.BR pam (8),
+ja 
+.BR pam_chauthok (2).
+.sp
+Monipuolisempi selostus tämän ohjelman ja Linux-PAMin asetuksista
+löytyy englanninkielisestä
+.BR "'Linux-PAM System Adminstarators' Guide'":sta
+WWW-osoitteesta:
+.br 
+.I <http://parc.power.net/morgan/Linux-PAM/index.html>
+.\" TERM authentication_token todennustunnus
diff --git a/man/fi/man1/su.1 b/man/fi/man1/su.1
new file mode 100644
index 0000000..4c29823
--- /dev/null
+++ b/man/fi/man1/su.1
@@ -0,0 +1,119 @@
+.\" ** You probably do not want to edit this file directly **
+.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1).
+.\" Instead of manually editing it, you probably should edit the DocBook XML
+.\" source for it and then use the DocBook XSL Stylesheets to regenerate it.
+.TH "SU" "1" "03/07/2006" "Käyttäjän sovellukset" "Käyttäjän sovellukset"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+su \- vaihda käyttäjätunnusta tai tule pääkäyttäjäksi
+.SH "SYNOPSIS"
+.HP 3
+\fBsu\fR [\fIvalitsimet\fR] [\-] [\fIkäyttäjätunnus\fR\ [\ \fIparametrit\fR\ ]]
+.SH "KUVAUS"
+.PP
+\fBsu\fR\-komentoa käytetään vaihtamaan toiseksi käyttäjäksi kesken istunnon. Kun komento ajetaan ilman käyttäjänimeä,
+\fBsu\fR
+oletuksena vaihtaa pääkäyttäjäksi. Valinnainen parametri
+\fB\-\fR
+voidaan antaa kun halutaan samanlainen ympäristö kuin käyttäjä odottaa kirjautuessaan suoraan sisään.
+.PP
+Muita parametreja voidaan antaa käyttäjänimen jälkeen, jolloin ne välitetään käyttäjän sisäänkirjautumiskuorelle. Erityisesti parametri
+\fB\-c\fR
+tarkoittaa, että seuraava parametri on komento useimmissa komentotulkeissa. Komento suoritetaan kuorella, joka on määritetty
+\fI/etc/passwd\fR\-tiedostossa kohdekäyttäjälle.
+.PP
+Voit käyttää parametria
+\fB\-\-\fR
+erottamaan
+\fBsu\fR\-valitsimet kuorelle välitettävistä parametreista.
+.PP
+Käyttäjältä pyydetään salasanaa tarvittaessa. Väärä salasana tuottaa virheilmoituksen. Kaikki yritykset, niin kelvolliset kuin virheellisetkin, kirjataan lokiin järjestelmän väärinkäytösten tunnistamiseksi.
+.PP
+Nykyinen ympäristö välitetään kuorelle.
+\fB$PATH\fR\-muuttujan arvo tyhjätään arvoksi
+\fI/bin:/usr/bin\fR
+tavallisille käyttäjille taikka
+\fI/sbin:/bin:/usr/sbin:/usr/bin\fR
+pääkäyttäjälle. Tämän käyttäytymisen voi vaihtaa asetuksilla
+\fIENV_PATH\fR
+ja
+\fIENV_SUPATH\fR
+tiedostossa
+\fI/etc/login.defs\fR.
+.PP
+Sisäinen kirjautuminen ilmoitetaan lisäämällä "*" ensimmäiseksi merkiksi sisäänkirjautumiskuoreen. Annettua kotihakemistoa käytetään uuden tiedostojärjestelmän juurena, jonne käyttäjä tosiasiassa kirjautuu.
+.SH "VALITSIMET"
+.PP
+\fBsu\fR\-komennon valitsimet ovat:
+.TP
+\fB\-c\fR, \fB\-\-command\fR \fIKUORI\fR
+Määritä komento, jonka kuori käynnistää sen
+\fB\-c\fR\-valitsimella.
+.TP
+\fB\-\fR, \fB\-l\fR, \fB\-\-login\fR
+Tarjoa samankaltainen ympäristö kuin käyttäjä saisi kirjautuessaan suoraa sisään.
+.sp
+Kun
+\fB\-\fR
+on käytössä, se täytyy antaa viimeisenä valitsimena
+\fBsu\fR\-komennolle. Muilla valitsimilla (\fB\-l\fR
+sekä
+\fB\-\-login\fR) ei ole tätä rajoitusta.
+.TP
+\fB\-s\fR, \fB\-\-shell\fR \fIKUORI\fR
+Käynnistettävä kuori
+.sp
+Käynnistettävä kuori valitaan seuraavasti (tärkeimmästä alkaen):
+.RS
+.TP 3
+\(bu
+Kuori, joka määritetään valitsimella \-\-shell
+.TP
+\(bu
+Mikäli valitsinta
+\fB\-\-preserve\-environment\fR
+on käytetty, kuori onka määrittää ympäristömuuttuja
+\fB$SHELL\fR.
+.TP
+\(bu
+Kuori, joka on asetettu /etc/passwd\-tietueessa kohdekäyttäjälle.
+.TP
+\(bu
+/bin/sh mikäli kuorta ei löytynyt millään edellisistä tavoista.
+.RE
+.IP
+.sp
+Mikäli kohdekäyttäjällä on rajoitettu kuori (esim. kuorikenttä käyttäjän tietueessa
+\fI/etc/passwd\fR\-tiedostossa ei löydy tiedostosta
+\fI/etc/shell\fR), niin valitsin
+\fB\-\-shell\fR
+ja ympäristömuuttuja
+\fB$SHELL\fR
+jätetään huomiotta paitsi kun komennon
+\fBsu\fR
+käynnistää pääkäyttäjä.
+.TP
+\fB\-m\fR, \fB\-p\fR, \fB\-\-preserve\-environment\fR
+Säilytä nykyinen ympäristö.
+.sp
+Mikäli kohdekäyttäjällä on rajoitettu ympäristö, tällä valitsimella ei ole vaikutusta (ellei
+\fBsu\fR\-komentoa käynnistänyt pääkäyttäjä).
+.SH "VAROITUKSET"
+.PP
+Tällä versiolla
+\fBsu\fR\-sovelluksesta on useita käännösaikaisia valitsimia, ja niistä vain osa saattaa olla käytössä tietyissä paikoissa.
+.SH "TIEDOSTOT"
+.TP
+\fI/etc/passwd\fR
+käyttäjätunnuksien tiedot
+.TP
+\fI/etc/shadow\fR
+turvalliset käyttäjätunnuksien tiedot
+.SH "KATSO MYÖS"
+.PP
+\fBlogin\fR(1),
+\fBlogin.defs\fR(5),
+\fBsh\fR(1)
diff --git a/man/fr/Makefile.am b/man/fr/Makefile.am
new file mode 100644
index 0000000..230d212
--- /dev/null
+++ b/man/fr/Makefile.am
@@ -0,0 +1,80 @@
+
+mandir = @mandir@/fr
+
+man_MANS = \
+	man1/chage.1 \
+	man1/chfn.1 \
+	man8/chgpasswd.8 \
+	man8/chpasswd.8 \
+	man1/chsh.1 \
+	man1/expiry.1 \
+	man5/faillog.5 \
+	man8/faillog.8 \
+	man3/getspnam.3 \
+	man1/gpasswd.1 \
+	man8/groupadd.8 \
+	man8/groupdel.8 \
+	man8/groupmems.8 \
+	man8/groupmod.8 \
+	man1/groups.1 \
+	man8/grpck.8 \
+	man8/grpconv.8 \
+	man8/grpunconv.8 \
+	man5/gshadow.5 \
+	man8/lastlog.8 \
+	man1/login.1 \
+	man5/login.defs.5 \
+	man8/logoutd.8 \
+	man1/newgrp.1 \
+	man8/newusers.8 \
+	man8/nologin.8 \
+	man1/passwd.1 \
+	man5/passwd.5 \
+	man8/pwck.8 \
+	man8/pwconv.8 \
+	man8/pwunconv.8 \
+	man1/sg.1 \
+	man3/shadow.3 \
+	man5/shadow.5 \
+	man1/su.1 \
+	man5/suauth.5 \
+	man8/useradd.8 \
+	man8/userdel.8 \
+	man8/usermod.8 \
+	man8/vigr.8 \
+	man8/vipw.8
+
+man_nopam = \
+	man5/limits.5 \
+	man5/login.access.5 \
+	man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+man_subids = \
+	man1/newgidmap.1 \
+	man1/newuidmap.1 \
+	man5/subgid.5 \
+	man5/subuid.5
+
+if ENABLE_SUBIDS
+man_MANS += $(man_subids)
+endif
+
+EXTRA_DIST = \
+	$(man_MANS) \
+	man1/id.1 \
+	man8/sulogin.8
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+if !ENABLE_SUBIDS
+EXTRA_DIST += $(man_subids)
+endif
+
+include ../generate_translations.mak
+
diff --git a/man/generate_mans.mak b/man/generate_mans.mak
new file mode 100644
index 0000000..a0721b8
--- /dev/null
+++ b/man/generate_mans.mak
@@ -0,0 +1,56 @@
+if USE_PAM
+PAM_COND=pam
+else
+PAM_COND=no_pam
+endif
+if SHADOWGRP
+SHADOWGRP_COND=gshadow
+else
+SHADOWGRP_COND=no_gshadow
+endif
+if WITH_TCB
+TCB_COND=tcb
+else
+TCB_COND=no_tcb
+endif
+
+if USE_SHA_CRYPT
+SHA_CRYPT_COND=sha_crypt
+else
+SHA_CRYPT_COND=no_sha_crypt
+endif
+
+if ENABLE_SUBIDS
+SUBIDS_COND=subids
+else
+SUBIDS_COND=no_subids
+endif
+
+if ENABLE_REGENERATE_MAN
+%.xml-config: %.xml
+	if grep -q SHADOW-CONFIG-HERE $<; then \
+		sed -e 's/^<!-- SHADOW-CONFIG-HERE -->/<!ENTITY % config SYSTEM "config.xml">%config;/' $< > $@; \
+	else \
+		sed -e 's/^\(<!DOCTYPE .*docbookx.dtd"\)>/\1 [<!ENTITY % config SYSTEM "config.xml">%config;]>/' $< > $@; \
+	fi
+
+man1/% man3/% man5/% man8/%: %.xml-config Makefile config.xml
+	$(XSLTPROC) --stringparam profile.condition "$(PAM_COND);$(SHADOWGRP_COND);$(TCB_COND);$(SHA_CRYPT_COND);$(SUBIDS_COND)" \
+	            --param "man.authors.section.enabled" "0" \
+	            --stringparam "man.output.base.dir" "" \
+	            --param "man.output.in.separate.dir" "1" \
+	            -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/profile-docbook.xsl $<
+
+clean-local:
+	rm -rf man1 man3 man5 man8
+
+else
+$(man_MANS):
+	@echo you need to run configure with --enable-man to generate man pages
+endif
+
+man8/grpconv.8 man8/grpunconv.8 man8/pwunconv.8: man8/pwconv.8
+
+man3/getspnam.3: man3/shadow.3
+
+man8/vigr.8: man8/vipw.8
diff --git a/man/generate_translations.mak b/man/generate_translations.mak
new file mode 100644
index 0000000..7d242cc
--- /dev/null
+++ b/man/generate_translations.mak
@@ -0,0 +1,19 @@
+LANG=$(notdir $(CURDIR))
+
+if ENABLE_REGENERATE_MAN
+config.xml: ../config.xml.in
+	$(MAKE) -C .. config.xml
+	cp ../config.xml $@
+
+%.xml: ../%.xml ../po/$(LANG).po
+	xml2po --expand-all-entities -l $(LANG) -p ../po/$(LANG).po -o $@ ../$@
+	sed -i 's:\(^<refentry .*\)>:\1 lang="$(LANG)">:' $@
+
+include ../generate_mans.mak
+
+else
+$(man_MANS):
+	@echo you need to run configure with --enable-man to generate man pages
+endif
+
+CLEANFILES = .xml2po.mo $(EXTRA_DIST) $(addsuffix .xml,$(EXTRA_DIST)) config.xml
diff --git a/man/gpasswd.1.xml b/man/gpasswd.1.xml
new file mode 100644
index 0000000..ebd1b41
--- /dev/null
+++ b/man/gpasswd.1.xml
@@ -0,0 +1,322 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1996       , Rafal Maszkowski
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY ENCRYPT_METHOD        SYSTEM "login.defs.d/ENCRYPT_METHOD.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY MD5_CRYPT_ENAB        SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
+<!ENTITY SHA_CRYPT_MIN_ROUNDS  SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='gpasswd.1'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Rafal</firstname>
+      <surname>Maszkowski</surname>
+      <contrib>Creation, 1996</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>gpasswd</refentrytitle>
+    <manvolnum>1</manvolnum>
+    <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>gpasswd</refname>
+    <refpurpose>
+      <phrase condition="no_gshadow">
+	administer <filename>/etc/group</filename>
+      </phrase>
+      <phrase condition="gshadow">
+	administer <filename>/etc/group</filename> and
+	<filename>/etc/gshadow</filename>
+      </phrase>
+    </refpurpose>
+  </refnamediv>
+  <!-- body begins here -->
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>gpasswd</command>
+      <arg choice='opt'>
+	<replaceable>option</replaceable>
+      </arg>
+      <arg choice='plain'>
+	<replaceable>group</replaceable>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>gpasswd</command> command is used to administer
+      <filename>/etc/group</filename><phrase condition="gshadow">,
+      and <filename>/etc/gshadow</filename></phrase>.
+      Every group can have
+      <phrase condition="gshadow">administrators,</phrase>
+      members and a password.
+    </para>
+    <para condition="gshadow">
+      System administrators can use the <option>-A</option> option to define
+      group administrator(s) and the <option>-M</option> option to define
+      members. They have all rights of group administrators and members.
+    </para>
+    <para>
+      <command>gpasswd</command> called by
+      <phrase condition="gshadow">a group administrator</phrase>
+      <phrase condition="no_gshadow">a system administrator</phrase>
+      with a group name only prompts for the new password of the
+      <replaceable>group</replaceable>.
+    </para>
+    <para>
+      If a password is set the members can still use <citerefentry>
+      <refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry> without a password, and non-members must supply the
+      password.
+    </para>
+
+    <refsect2 id='notes_about_group_passwords'>
+      <title>Notes about group passwords</title>
+      <para>
+	Group passwords are an inherent security problem since more than one
+	person is permitted to know the password. However, groups are a
+	useful tool for permitting co-operation between different users.
+      </para>
+    </refsect2>
+
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para condition="gshadow">
+      Except for the <option>-A</option> and <option>-M</option> options,
+      the options cannot be combined.
+    </para>
+    <para condition="no_gshadow">
+      The options cannot be combined.
+    </para>
+    <para>
+      The options which apply to the <command>gpasswd</command> command are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Add the <replaceable>user</replaceable> to the named
+	    <replaceable>group</replaceable>.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Remove the <replaceable>user</replaceable> from the named
+	    <replaceable>group</replaceable>.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-r</option>, <option>--remove-password</option>
+	</term>
+	<listitem>
+	  <para>
+	    Remove the password from the named <replaceable>group</replaceable>.
+	    The group password will be empty.
+	    Only group members will be allowed to use
+	    <command>newgrp</command> to join the named
+	    <replaceable>group</replaceable>.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--restrict</option>
+	</term>
+	<listitem>
+	  <para>
+	    Restrict the access to the named <replaceable>group</replaceable>.
+	    The group password is set to "!".
+	    Only group members with a password will be allowed to use
+	    <command>newgrp</command> to join the named
+	    <replaceable>group</replaceable>.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+    <variablelist remap='IP' condition="gshadow">
+      <varlistentry>
+	<term>
+	  <option>-A</option>, <option>--administrators</option>&nbsp;<replaceable>user</replaceable>,...
+	</term>
+	<listitem>
+	  <para>
+	    Set the list of administrative users.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</replaceable>,...
+	</term>
+	<listitem>
+	  <para>
+	    Set the list of group members.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='caveats'>
+    <title>CAVEATS</title>
+    <para>
+      This tool only operates on the <filename>/etc/group</filename>
+      <phrase condition="gshadow"> and <filename>/etc/gshadow</filename>
+      files.</phrase>
+      <phrase condition="no_gshadow">file.</phrase>
+      Thus you cannot change any NIS or LDAP group. This must be performed
+      on the corresponding server.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &ENCRYPT_METHOD;
+      &MAX_MEMBERS_PER_GROUP;
+      &MD5_CRYPT_ENAB;
+      &SHA_CRYPT_MIN_ROUNDS; <!--This also document SHA_CRYPT_MAX_ROUNDS-->
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="gshadow">
+	<term><filename>/etc/gshadow</filename></term>
+	<listitem>
+	  <para>Secure group account information.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry><phrase condition="gshadow">,
+      <citerefentry>
+	<refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry></phrase>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/groupadd.8.xml b/man/groupadd.8.xml
new file mode 100644
index 0000000..93d8b6f
--- /dev/null
+++ b/man/groupadd.8.xml
@@ -0,0 +1,357 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1991       , Julianne Frances Haugh
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY GID_MAX               SYSTEM "login.defs.d/GID_MAX.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY SYS_GID_MAX           SYSTEM "login.defs.d/SYS_GID_MAX.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='groupadd.8'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1991</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>groupadd</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>groupadd</refname>
+    <refpurpose>create a new group</refpurpose>
+  </refnamediv>
+  <!-- body begins here -->
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>groupadd</command>
+      <arg choice='opt'>
+	<replaceable>options</replaceable>
+      </arg>
+      <arg choice='plain'>
+	<replaceable>group</replaceable>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>The <command>groupadd</command> command creates a new group
+      account using the values specified on the command line plus the default
+      values from the system. The new group will be entered into the system
+      files as needed.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>groupadd</command> command
+      are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-f</option>, <option>--force</option>
+	</term>
+	<listitem>
+	  <para>
+	    This option causes the command to simply exit with success
+	    status if the specified group already exists. When used with
+	    <option>-g</option>, and the specified GID already exists,
+	    another (unique) GID is chosen (i.e. <option>-g</option> is
+	    turned off).
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</replaceable>
+	</term>
+	<listitem>
+	  <para>The numerical value of the group's ID. This value must be
+	    unique, unless the <option>-o</option> option is used. The value
+	    must be non-negative. The default is to use the smallest ID
+	    value greater than or equal to <option>GID_MIN</option> and
+	    greater than every other group.
+	  </para>
+	  <para>
+	    See also the <option>-r</option> option and the
+	    <option>GID_MAX</option> description.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</replaceable>=<replaceable>VALUE</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Overrides <filename>/etc/login.defs</filename> defaults 
+	    (GID_MIN, GID_MAX and others). Multiple
+	    <option>-K</option> options can be specified.
+	  </para>
+	  <para>
+	     Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</replaceable>=<replaceable>100</replaceable>&nbsp;
+	    <option>-K</option>&nbsp;<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>
+	  </para>
+	  <para>
+	    Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>
+	    doesn't work yet.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-o</option>, <option>--non-unique</option>
+	</term>
+	<listitem>
+	  <para>
+	    This option permits to add a group with a non-unique GID.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The encrypted password, as returned by <citerefentry>
+	    <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+	    </citerefentry>. The default is to disable the password.
+	  </para>
+	  <para>
+	    <emphasis role="bold">Note:</emphasis> This option is not
+	    recommended because the password (or encrypted password) will
+	    be visible by users listing the processes.
+	  </para>
+	  <para>
+	    You should make sure the password respects the system's
+	    password policy.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-r</option>, <option>--system</option>
+	</term>
+	<listitem>
+	  <para>
+	    Create a system group.
+	  </para>
+	  <para>
+	    The numeric identifiers of new system groups are chosen in
+	    the <option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option>
+	    range, defined in <filename>login.defs</filename>, instead of
+	    <option>GID_MIN</option>-<option>GID_MAX</option>.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &GID_MAX; <!-- documents also GID_MIN -->
+      &MAX_MEMBERS_PER_GROUP;
+      &SYS_GID_MAX; <!-- documents also SYS_GID_MIN -->
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="gshadow">
+	<term><filename>/etc/gshadow</filename></term>
+	<listitem>
+	  <para>Secure group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/login.defs</filename></term>
+	<listitem>
+	  <para>Shadow password suite configuration.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+   <refsect1 id='caveats'>
+     <title>CAVEATS</title>
+     <para>
+       Groupnames must start with a lower case letter or an underscore,
+       followed by lower case letters, digits, underscores, or dashes.
+       They can end with a dollar sign.
+       In regular expression terms: [a-z_][a-z0-9_-]*[$]?
+     </para>
+     <para>
+       Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long.
+     </para>
+     <para>
+       You may not add a NIS or LDAP group. This must be performed on the
+       corresponding server.
+     </para>
+     <para>
+       If the groupname already exists in an external group database such
+       as NIS or LDAP, <command>groupadd</command> will deny the group
+       creation request.
+     </para>
+   </refsect1>
+
+  <refsect1 id='exit_values'>
+    <title>EXIT VALUES</title>
+    <para>
+      The <command>groupadd</command> command exits with the following values:
+      <variablelist>
+	<varlistentry>
+	  <term><replaceable>0</replaceable></term>
+	  <listitem>
+	    <para>success</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>2</replaceable></term>
+	  <listitem>
+	    <para>invalid command syntax</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>3</replaceable></term>
+	  <listitem>
+	    <para>invalid argument to option</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>4</replaceable></term>
+	  <listitem>
+	    <para>GID not unique (when <option>-o</option> not used)</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>9</replaceable></term>
+	  <listitem>
+	    <para>group name not unique</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>10</replaceable></term>
+	  <listitem>
+	    <para>can't update group file</para>
+	  </listitem>
+	</varlistentry>
+      </variablelist>
+    </para>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para><citerefentry>
+	<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/groupdel.8.xml b/man/groupdel.8.xml
new file mode 100644
index 0000000..438e9e5
--- /dev/null
+++ b/man/groupdel.8.xml
@@ -0,0 +1,228 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='groupdel.8'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1991</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>groupdel</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>groupdel</refname>
+    <refpurpose>delete a group</refpurpose>
+  </refnamediv>
+  <!-- body begins here -->
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>groupdel</command>
+      <arg choice='opt'>
+        <replaceable>options</replaceable>
+      </arg>
+      <arg choice='plain'><replaceable>GROUP</replaceable></arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para> The <command>groupdel</command> command modifies the system
+      account files, deleting all entries that refer to
+      <replaceable>GROUP</replaceable>. The named group must exist.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>groupdel</command> command
+      are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='caveats'>
+    <title>CAVEATS</title>
+    <para>
+      You may not remove the primary group of any existing user. You
+      must remove the user before you remove the group.
+    </para>
+    <para>
+      You should manually check all file systems to ensure that no files
+      remain owned by this group.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &MAX_MEMBERS_PER_GROUP;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="gshadow">
+	<term><filename>/etc/gshadow</filename></term>
+	<listitem>
+	  <para>Secure group account information.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='exit_values'>
+    <title>EXIT VALUES</title>
+    <para>
+      The <command>groupdel</command> command exits with the following values:
+      <variablelist>
+	<varlistentry>
+	  <term><replaceable>0</replaceable></term>
+	  <listitem>
+	    <para>success</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>2</replaceable></term>
+	  <listitem>
+	    <para>invalid command syntax</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>6</replaceable></term>
+	  <listitem>
+	    <para>specified group doesn't exist</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>8</replaceable></term>
+	  <listitem>
+	    <para>can't remove user's primary group</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>10</replaceable></term>
+	  <listitem>
+	    <para>can't update group file</para>
+	  </listitem>
+	</varlistentry>
+      </variablelist>
+    </para>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/groupmems.8.xml b/man/groupmems.8.xml
new file mode 100644
index 0000000..40d0421
--- /dev/null
+++ b/man/groupmems.8.xml
@@ -0,0 +1,257 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 2000       , International Business Machines
+                              George Kraft IV, gk4@us.ibm.com, 03/23/2000
+   Copyright (c) 2005       , Tomasz KÅ‚oczko
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='groupmems.8'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>George</firstname>
+      <surname>Kraft</surname>
+      <lineage>IV</lineage>
+      <contrib>Creation, 2000</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>groupmems</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>groupmems</refname>
+    <refpurpose>administer members of a user's primary group</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>groupmems</command>
+      <group choice='plain'>
+	<arg choice='plain'>-a <replaceable>user_name</replaceable></arg>
+	<arg choice='plain'>-d <replaceable>user_name</replaceable></arg>
+	<arg choice='opt'>-g <replaceable>group_name</replaceable></arg>
+	<arg choice='plain'>-l </arg><arg choice='plain'>-p </arg>
+      </group>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>groupmems</command> command allows a user to administer
+      his/her own group membership list without the requirement of
+      superuser privileges. The <command>groupmems</command> utility is for
+      systems that configure its users to be in their own name sake primary
+      group (i.e., guest / guest).
+    </para>
+
+    <para>Only the superuser, as administrator, can use
+      <command>groupmems</command> to alter the memberships of other groups.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>groupmems</command> command
+      are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term><option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</replaceable></term>
+	<listitem>
+	  <para>Add a user to the group membership list.</para>
+	  <para condition="gshadow">
+	    If the <filename>/etc/gshadow</filename> file exist, and the
+	    group has no entry in the <filename>/etc/gshadow</filename>
+	    file, a new entry will be created.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</replaceable></term>
+	<listitem>
+	  <para>Delete a user from the group membership list.</para>
+	  <para condition="gshadow">
+	    If the <filename>/etc/gshadow</filename> file exist, the user
+	    will be removed from the list of members and administrators of
+	    the group.
+	  </para>
+	  <para condition="gshadow">
+	    If the <filename>/etc/gshadow</filename> file exist, and the
+	    group has no entry in the <filename>/etc/gshadow</filename>
+	    file, a new entry will be created.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</replaceable></term>
+	<listitem>
+	  <para>The superuser can specify which group membership
+	    list to modify.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-l</option>, <option>--list</option></term>
+	<listitem>
+	  <para>List the group membership list.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-p</option>, <option>--purge</option></term>
+	<listitem>
+	  <para>Purge all users from the group membership list.</para>
+	  <para condition="gshadow">
+	    If the <filename>/etc/gshadow</filename> file exist, and the
+	    group has no entry in the <filename>/etc/gshadow</filename>
+	    file, a new entry will be created.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='setup'>
+    <title>SETUP</title>
+    <para>
+      The <command>groupmems</command> executable should be in mode
+      <literal>2770</literal> as user <emphasis>root</emphasis> and in group
+      <emphasis>groups</emphasis>. The system administrator can add users to
+      group <emphasis>groups</emphasis> to allow or disallow them using the
+      <command>groupmems</command> utility to manage their own group
+      membership list.
+    </para>
+
+    <programlisting>
+	$ groupadd -r groups
+	$ chmod 2770 groupmems
+	$ chown root.groups groupmems
+	$ groupmems -g groups -a gk4
+    </programlisting>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &MAX_MEMBERS_PER_GROUP;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="gshadow">
+	<term><filename>/etc/gshadow</filename></term>
+	<listitem>
+	  <para>secure group account information</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/groupmod.8.xml b/man/groupmod.8.xml
new file mode 100644
index 0000000..4666625
--- /dev/null
+++ b/man/groupmod.8.xml
@@ -0,0 +1,320 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1991       , Julianne Frances Haugh
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='groupmod.8'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1991</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>groupmod</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>groupmod</refname>
+    <refpurpose>modify a group definition on the system</refpurpose>
+  </refnamediv>
+  <!-- body begins here -->
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>groupmod</command>
+      <arg choice='opt'>
+        <replaceable>options</replaceable>
+      </arg>
+      <arg choice='plain'><replaceable>GROUP</replaceable></arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>groupmod</command> command modifies the definition of the
+      specified <replaceable>GROUP</replaceable> by modifying the appropriate
+      entry in the group database.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>groupmod</command> command
+      are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The group ID of the given <replaceable>GROUP</replaceable> will
+	    be changed to <replaceable>GID</replaceable>.
+	  </para>
+	  <para>
+	    The value of
+	    <replaceable>GID</replaceable> must be a non-negative decimal
+	    integer. This value must be unique, unless the
+	    <option>-o</option> option is used.
+	  </para>
+	  <para>
+	    Users who use the group as primary group will be updated to
+	    keep the group as their primary group.
+	  </para>
+	  <para>
+	    Any files that have the
+	    old group ID and must continue to belong to
+	    <replaceable>GROUP</replaceable>, must have their group ID
+	    changed manually.
+	  </para>
+	  <para>
+	    No checks will be performed with regard to the
+	    <option>GID_MIN</option>, <option>GID_MAX</option>,
+	    <option>SYS_GID_MIN</option>, or <option>SYS_GID_MAX</option>
+	    from <filename>/etc/login.defs</filename>.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-n</option>, <option>--new-name</option>&nbsp;<replaceable>NEW_GROUP</replaceable>
+	</term>
+	<listitem>
+	  <para> 
+	    The name of the group will be changed from <replaceable>GROUP</replaceable>
+	    to <replaceable>NEW_GROUP</replaceable> name.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-o</option>, <option>--non-unique</option>
+	</term>
+	<listitem>
+	  <para>
+	    When used with the <option>-g</option> option, allow to change the
+	    group <replaceable>GID</replaceable> to a non-unique value.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The encrypted password, as returned by <citerefentry>
+	    <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+	    </citerefentry>.
+	  </para>
+	  <para>
+	    <emphasis role="bold">Note:</emphasis> This option is not
+	    recommended because the password (or encrypted password) will
+	    be visible by users listing the processes.
+	  </para>
+	  <para>
+	    You should make sure the password respects the system's
+	    password policy.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &MAX_MEMBERS_PER_GROUP;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="gshadow">
+	<term><filename>/etc/gshadow</filename></term>
+	<listitem>
+	  <para>Secure group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/login.defs</filename></term>
+	<listitem>
+	  <para>Shadow password suite configuration.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='exit_values'>
+    <title>EXIT VALUES</title>
+    <para>
+      The <command>groupmod</command> command exits with the following values:
+      <variablelist>
+	<varlistentry>
+	  <term><replaceable>0</replaceable></term>
+	  <listitem>
+	    <para>success</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>2</replaceable></term>
+	  <listitem>
+	    <para>invalid command syntax</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>3</replaceable></term>
+	  <listitem>
+	    <para>invalid argument to option</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>4</replaceable></term>
+	  <listitem>
+	    <para>specified group doesn't exist</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>6</replaceable></term>
+	  <listitem>
+	    <para>specified group doesn't exist</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>9</replaceable></term>
+	  <listitem>
+	    <para>group name already in use</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>10</replaceable></term>
+	  <listitem>
+	    <para>can't update group file</para>
+	  </listitem>
+	</varlistentry>
+      </variablelist>
+    </para>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/groups.1.xml b/man/groups.1.xml
new file mode 100644
index 0000000..02e5432
--- /dev/null
+++ b/man/groups.1.xml
@@ -0,0 +1,128 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1991 - 1994, Julianne Frances Haugh
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='groups.1'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1991</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>groups</refentrytitle>
+    <manvolnum>1</manvolnum>
+    <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>groups</refname>
+    <refpurpose>display current group names</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>groups</command>
+      <arg choice='opt'>
+	<replaceable>user</replaceable>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>groups</command> command displays the current group names
+      or ID values. If the value does not have a corresponding entry in
+      <filename>/etc/group</filename>, the value will be displayed as the
+      numerical group value. The optional <emphasis
+      remap='I'>user</emphasis> parameter will display the groups for the
+      named <emphasis remap='I'>user</emphasis>.
+    </para>
+  </refsect1>
+
+  <refsect1 id='note'>
+    <title>NOTE</title>
+    <para>
+      Systems which do not support concurrent group sets will have the
+      information from <filename>/etc/group</filename> reported. The user
+      must use <command>newgrp</command> or <command>sg</command> to change
+      his current real and effective group ID.
+    </para>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>getgid</refentrytitle><manvolnum>2</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>getgroups</refentrytitle><manvolnum>2</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>getuid</refentrytitle><manvolnum>2</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/grpck.8.xml b/man/grpck.8.xml
new file mode 100644
index 0000000..77c4bd8
--- /dev/null
+++ b/man/grpck.8.xml
@@ -0,0 +1,314 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1992 - 1993, Julianne Frances Haugh
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='grpck.8'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1992</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>grpck</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>grpck</refname>
+    <refpurpose>verify integrity of group files</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>grpck</command>
+      <arg choice='opt'>options</arg>
+      <arg choice='opt'>
+	<arg choice='plain'><replaceable>group</replaceable></arg>
+	<arg choice='opt' condition="gshadow">
+	  <arg choice='plain'><replaceable>shadow</replaceable></arg>
+	</arg>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>grpck</command> command verifies the integrity of the
+      groups information. It checks that all entries in
+      <filename>/etc/group</filename> <phrase condition="gshadow">and
+      <filename>/etc/gshadow</filename></phrase>
+      have the proper format and contain valid data.
+      The user is prompted to delete entries that are
+      improperly formatted or which have other uncorrectable errors.
+    </para>
+
+    <para>Checks are made to verify that each entry has:</para>
+
+    <itemizedlist mark='bullet'>
+      <listitem>
+	<para>the correct number of fields</para>
+      </listitem>
+      <listitem>
+	<para>a unique and valid group name</para>
+      </listitem>
+      <listitem>
+	<para>
+	  a valid group identifier
+	  <phrase condition="gshadow"> (<filename>/etc/group</filename>
+	  only)</phrase>
+	</para>
+      </listitem>
+      <listitem>
+	<para>
+	  a valid list of members
+	  <phrase condition="gshadow"> and administrators</phrase>
+	</para>
+      </listitem>
+      <listitem condition="gshadow">
+	<para>
+	  a corresponding entry in the <filename>/etc/gshadow</filename>
+	  file (respectively <filename>/etc/group</filename> for the
+	  <filename>gshadow</filename> checks)
+	</para>
+      </listitem>
+    </itemizedlist>
+
+    <para>
+      The checks for correct number of fields and unique group name are
+      fatal. If an entry has the wrong number of fields, the user will be
+      prompted to delete the entire line. If the user does not answer
+      affirmatively, all further checks are bypassed. An entry with a
+      duplicated group name is prompted for deletion, but the remaining
+      checks will still be made. All other errors are warnings and the user
+      is encouraged to run the <command>groupmod</command> command to
+      correct the error.
+    </para>
+
+    <para>
+      The commands which operate on the <filename>/etc/group</filename>
+      <phrase condition="no_gshadow">file</phrase><phrase
+      condition="gshadow">and <filename>/etc/gshadow</filename> files</phrase>
+      are not able to alter corrupted or duplicated entries. 
+      <command>grpck</command> should be used in those circumstances to
+      remove the offending entries.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The <option>-r</option> and <option>-s</option> options cannot be
+      combined.
+    </para>
+    <para>
+      The options which apply to the <command>grpck</command> command are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-r</option>, <option>--read-only</option></term>
+	<listitem>
+	  <para>
+	    Execute the <command>grpck</command> command in read-only mode.
+	    This causes all questions regarding changes to be answered
+	    <emphasis>no</emphasis> without user intervention.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-s</option>, <option>--sort</option></term>
+	<listitem>
+	  <para>
+	    Sort entries in <filename>/etc/group</filename>
+	    <phrase condition="gshadow">and
+	    <filename>/etc/gshadow</filename></phrase>
+	    by GID.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+    <para>
+      By default, <command>grpck</command> operates on
+      <filename>/etc/group</filename> <phrase condition="gshadow">and
+      <filename>/etc/gshadow</filename></phrase>.
+      The user may select alternate files with the <emphasis
+      remap='I'>group</emphasis>
+      <phrase condition="no_gshadow">parameter.</phrase>
+      <phrase condition="gshadow">and <emphasis remap='I'>shadow</emphasis>
+      parameters.</phrase>
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &MAX_MEMBERS_PER_GROUP;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="gshadow">
+	<term><filename>/etc/gshadow</filename></term>
+	<listitem>
+	  <para>Secure group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='exit_values'>
+    <title>EXIT VALUES</title>
+    <para>
+      The <command>grpck</command> command exits with the following values:
+      <variablelist>
+	<varlistentry>
+	  <term><replaceable>0</replaceable></term>
+	  <listitem>
+	    <para>success</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>1</replaceable></term>
+	  <listitem>
+	    <para>invalid command syntax</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>2</replaceable></term>
+	  <listitem>
+	    <para>one or more bad group entries</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>3</replaceable></term>
+	  <listitem>
+	    <para>can't open group files</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>4</replaceable></term>
+	  <listitem>
+	    <para>can't lock group files</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>5</replaceable></term>
+	  <listitem>
+	    <para>can't update group files</para>
+	  </listitem>
+	</varlistentry>
+      </variablelist>
+    </para>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <phrase condition="gshadow">
+	<citerefentry>
+	  <refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum>,
+	</citerefentry>,
+      </phrase>
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/gshadow.5.xml b/man/gshadow.5.xml
new file mode 100644
index 0000000..6bc1ed9
--- /dev/null
+++ b/man/gshadow.5.xml
@@ -0,0 +1,193 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 2005 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='gshadow.5'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>Creation, 2005</contrib>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>gshadow</refentrytitle>
+    <manvolnum>5</manvolnum>
+    <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>gshadow</refname>
+    <refpurpose>shadowed group file</refpurpose>
+  </refnamediv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      <filename>/etc/gshadow</filename> contains the shadowed information
+      for group accounts.
+    </para>
+
+    <para>
+      This file must not be readable by regular users if password security
+      is to be maintained.
+    </para>
+
+    <para>
+      Each line of this file contains the following colon-separated
+      fields:
+    </para>
+    <variablelist>
+      <varlistentry>
+	<term><emphasis role="bold">group name</emphasis></term>
+	<listitem>
+	  <para>
+	    It must be a valid group name, which exist on the system.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><emphasis role="bold">encrypted password</emphasis></term>
+	<listitem>
+	  <para>
+	    Refer to <citerefentry><refentrytitle>crypt</refentrytitle>
+	    <manvolnum>3</manvolnum></citerefentry> for details on how
+	    this string is interpreted.
+	  </para>
+	  <para>
+	    If the password field contains some string that is not a valid
+	    result of <citerefentry><refentrytitle>crypt</refentrytitle>
+	    <manvolnum>3</manvolnum></citerefentry>, for instance ! or *,
+	    users will not be able to use a unix password to access the
+	    group (but group members do not need the password).
+	  </para>
+	  <para>
+	    The password is used when a user who is not a member of the
+	    group wants to gain the permissions of this group (see
+	    <citerefentry><refentrytitle>newgrp</refentrytitle>
+	    <manvolnum>1</manvolnum></citerefentry>).
+	  </para>
+	  <para>
+	    This field may be empty, in which case only the group members
+	    can gain the group permissions.
+	  </para>
+	  <para>
+	    A password field which starts with an exclamation mark means
+	    that the password is locked.  The remaining characters on the
+	    line represent the password field before the password was
+	    locked.
+	  </para>
+	  <para>
+	    This password supersedes any password specified in
+	    <filename>/etc/group</filename>.
+	  </para>
+
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><emphasis role="bold">administrators</emphasis></term>
+	<listitem>
+	  <para>
+	    It must be a comma-separated list of user names.
+	  </para>
+	  <para>
+	    Administrators can change the password or the members of the
+	    group.
+	  </para>
+	  <para>
+	    Administrators also have the same permissions as the members
+	    (see below).
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><emphasis role="bold">members</emphasis></term>
+	<listitem>
+	  <para>
+	    It must be a comma-separated list of user names.
+	  </para>
+	  <para>
+	    Members can access the group without being prompted for a
+	    password.
+	  </para>
+	  <para>
+	    You should use the same list of users as in
+	    <filename>/etc/group</filename>.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/gshadow</filename></term>
+	<listitem>
+	  <para>Secure group account information.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>gpasswd</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>grpconv</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/hu/Makefile.am b/man/hu/Makefile.am
new file mode 100644
index 0000000..e659aef
--- /dev/null
+++ b/man/hu/Makefile.am
@@ -0,0 +1,17 @@
+
+mandir = @mandir@/hu
+
+man_MANS = \
+	man1/chsh.1 \
+	man1/gpasswd.1 \
+	man1/groups.1 \
+	man8/lastlog.8 \
+	man1/login.1 \
+	man1/newgrp.1 \
+	man1/passwd.1 \
+	man5/passwd.5 \
+	man1/sg.1 \
+	man1/su.1
+
+EXTRA_DIST = $(man_MANS)
+ 
diff --git a/man/hu/man1/chfn.1 b/man/hu/man1/chfn.1
new file mode 100644
index 0000000..44826aa
--- /dev/null
+++ b/man/hu/man1/chfn.1
@@ -0,0 +1,75 @@
+.\"
+.\"  chfn.1 \-\- change your finger information
+.\"  (c) 1994 by salvatore valente <svalente@athena.mit.edu>
+.\"
+.\"  this program is free software.  you can redistribute it and
+.\"  modify it under the terms of the gnu general public license.
+.\"  there is no warranty.
+.\"
+.\"  $Author: kloczek $
+.\"  $Revision: 1.4 $
+.\"  $Date: 2005/12/01 20:38:25 $
+.\"
+.TH CHFN 1 "October 13 1994" "chfn" "Linux Reference Manual"
+.SH NÉV
+chfn \- finger információk módosítása
+.SH V�ZLAT
+.B chfn
+[\ \-f\ teljes név\ ] [\ \-o\ iroda\ ] [\ \-p\ irodai telefon\ ]
+[\ \-h\ otthoni telefon\ ] [\ \-u\ ] [\ \-v\ ] [\ felhasználó\ ]
+.SH LE�R�S
+A
+.B chfn
+segítségével megváltoztathatók a finger információk. Ezeket a
+.I /etc/passwd
+fájl tartalmazza, és a
+.B finger
+programmal jeleníthetőek meg. A linuxos
+.B finger
+négy adatot ír ki: valódi (polgári) nevet, munkahelyi
+szoba\- és telefonszámot és otthoni telefonszámot.
+.SS PARANCSSOR
+A négy érték bármelyike megadható parancssorból. Ha paraméterek nélkül
+indítjuk, a
+.B chfn
+interaktív módba lép.
+.SS INTERAKT�V MÓD
+Ilyenkor a
+.B chfn
+minden mezőt billentyűzetről kér be. A promptnál az új értékeket kell
+megadni. Az adatok az Enter lenyomásával változatlanul hagyhatók, a "none" szó
+beírásával a mező tartalma kiürül.
+.SH OPCIÓK
+.TP
+.I "\-f, \-\-full\-name"
+Teljes valódi név megadása.
+.TP
+.I "\-h, \-\-home\-phone"
+Otthoni telefonszám.
+.TP
+.I "\-o, \-\-office"
+Az irodai szobaszám módosítása.
+.TP
+.I "\-p, \-\-office\-phone"
+Irodai telefonszám megadása.
+.TP
+.I "\-u, \-\-help"
+Segítség kiíratása.
+.TP
+.I "\-v, \-\-version"
+Verzióinformáció megjelenítése.
+.SH L�SD MÉG
+.BR finger (1),
+.BR passwd (5)
+.SH SZERZ�
+Salvatore Valente <svalente@mit.edu>
+.SH MEGJEGYZÉS
+Ford. megj.: A hosszú, valamint az \-u és \-v paraméterek a
+.B chfn
+Julianne
+Frances Haugh által írt változatában nem érvényesek (pl. SuSE).
+Az irodai telefon itt a \-w, a szobaszám az \-r opcióval adható meg.
+Az \-o egy nem definiált tartalmú mezőt tölt ki; ezt egyébként csak a root
+módosíthatja.
+.SH MAGYAR FORD�T�S
+Gál Gyuri <gyuri@lamer.hu>
diff --git a/man/hu/man1/chsh.1 b/man/hu/man1/chsh.1
new file mode 100644
index 0000000..b4b1b4d
--- /dev/null
+++ b/man/hu/man1/chsh.1
@@ -0,0 +1,65 @@
+.\" Copyright 1990, John F. Haugh II
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\"    must display the following acknowledgement:
+.\" This product includes software developed by John F. Haugh, II
+.\"      and other contributors.
+.\" 4. Neither the name of John F. Haugh, II nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JOHN HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JOHN HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"	$Id$
+.\"
+.TH CHSH 1
+.SH NÉV
+chsh \- bejelentkezési parancsértelmező (héj) állítása
+.SH �TTEKINTÉS
+.TP 5
+\fBchsh\fR
+[\fB\-s\fR \fIhéjprogram\fR] [\fIfelhasználó\fR]
+.SH LE�R�S
+A \fBchsh\fR parancs a felhasználó bejelentkezési parancsértelmezőjét változtatja meg.
+Normál felhasználó csak a saját parancsértelmezőjét állíthatja, a 
+rendszergazda bárkiét.
+.PP
+A héjprogrammal (shell) szemben támasztott követelmény, hogy szerepeljen
+a \fI/etc/shells\fR fájlban, kivéve ha a rendszergazdáé mert
+neki minden beállítás elfogadott.
+Korlátozott parancsértelmezőt nem lehet másikra átállítani.
+Ezért nem tanácsos a \fB/bin/rsh\fR\-nak a \fI/etc/shells\fR\-ben
+való felsorolása, mert ha a felhasználó átvált erre a héj\-ra
+nem válthat másikra.
+.PP
+A \fB\-s\fR opció nélkül a \fBchsh\fR interaktív módon
+működik. Be kell írni az új értéket, vagy üresen hagyni a sort, hogy
+az éppen aktuális beállítás maradjon, ami \fB[ ]\fR jelek között látható.
+.SH F�JLOK
+\fI/etc/passwd\fR \- felhaszálói nyilvántartás
+.br
+\fI/etc/shells\fR \- engedélyezett parancsértelmezők listája
+.SH L�SD MÉG
+.BR chfn (1),
+.BR passwd (5)
+.SH MAGYAR FORD�T�S
+Székely Krisztián <szekelyk@edasz.hu>
diff --git a/man/hu/man1/gpasswd.1 b/man/hu/man1/gpasswd.1
new file mode 100644
index 0000000..b62cf1e
--- /dev/null
+++ b/man/hu/man1/gpasswd.1
@@ -0,0 +1,81 @@
+.\" Copyright 1996, Rafal Maszkowski, rzm@pdi.net
+.\" All rights reserved. You can redistribute this man page and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of the
+.\" License, or (at your option) any later version.
+.\"
+.\"	$Id$
+.\"
+.TH GPASSWD 1
+.SH NÉV
+gpasswd \- az /etc/group fájlt adminisztrálja
+.br
+.SH �TTEKINTÉS
+.B gpasswd \fIcsoport\fR
+.br
+.B gpasswd
+.B \-a
+\fIfelhasználó\fR \fIcsoport\fR
+.br
+.B gpasswd
+.B \-d
+\fIfelhasználó\fR \fIcsoport\fR
+.br
+.B gpasswd
+.B \-R
+\fIcsoport\fR
+.br
+.B gpasswd
+.B \-r
+\fIcsoport\fR
+.br
+.B gpasswd
+.RB [ \-A
+\fIfelhasználó\fR,...]
+.RB [ \-M
+\fIfelhasználó\fR,...]
+\fIcsoport\fR
+.br
+.SH LE�R�S
+A
+.B gpasswd
+program segítségével adminisztrálhatjuk az /etc/group fájlt
+illetve az /etc/gshadow fájlt amennyiben a SHADOWGPR definiálva
+volt a fordítás alatt. Minden csoportban lehetnek adminisztrátorok,
+tagok és egy jelszó. A rendszeradminisztrátor a \fB\-A\fR opció
+segítségével definiálhat csoportadminisztrátor(oka)t és a \fB\-M\fR
+opcióval tagokat. A rendszeradminisztátor minden joggal rendelkezik,
+amellyel a csoportadminisztrátor és a csoport tagjai.
+.PP
+A csoportadminisztrátor a \fB\-a\fR kapcsolóval hozhat létre
+felhasználókat, és a \fB\-d\fR opcióval törölheti őket. Az 
+adminisztrátorok a \fB\-r\fR opcióval törölhetik a csoport
+jelszavát. Ha nincs jelszó beállítva, akkor csak a csoport
+tagjai használhatják a 
+.BR newgrp (1)
+parancsot a csatlakozáshoz. A \fB\-R\fR opció
+meggátolja a csoport elérését a 
+.BR newgrp (1)
+parancson keresztül.
+.PP
+Ha
+.B gpasswd
+parancsot a csoportadminisztrátor adja ki a csoport nevével,
+akkor csak a jelszót kell beírnia. Ha van jelszó, akkor a tagok
+be tudnak lépni a 
+.BR newgrp (1)
+paranccsal jelszó nélkül is, csak a csoporton kívüli felhasználóknak
+kell megadniuk a jelszót.
+
+.SH F�JLOK
+\fI/etc/group\fR \- információ a csoportról
+.br
+\fI/etc/gshadow\fR \- információ a shadow csoportról
+.SH L�SD MÉG
+.BR newgrp (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR grpck (8)
+.SH MAGYAR FORD�T�S
+Tímár András <timar_a@freemail.hu>
diff --git a/man/hu/man1/groups.1 b/man/hu/man1/groups.1
new file mode 100644
index 0000000..9b87e51
--- /dev/null
+++ b/man/hu/man1/groups.1
@@ -0,0 +1,59 @@
+.\" Copyright 1991 \- 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"	$Id$
+.\"
+.TH GROUPS 1
+.SH NÉV
+groups \- kiírja a jelenlegi csoportazonosító neveket
+.SH �TTEKINTÉS
+.B groups
+.RI [ felhasználó ]
+.SH LE�R�S
+A
+.B groups
+parancs kiírja a jelenlegi csoportazonosító neveket vagy számértékeket. Ha
+nincs az értéknek megfelelő bejegyzés a \fI/etc/group\fR fájlban, akkor a
+csoport azonosító számát írja ki. Az opcionális \fIfelhasználó\fR paraméter
+esetén azokat a csoportokat írja ki, amelyekbe a megadott \fIfelhasználó\fR
+tartozik.
+.SH MEGJEGYZÉS
+Azok a rendszerek, amelyek nem támogatják a konkurrens csoportbeállításokat,
+a kiírt információkat a \fI/etc/group\fR fájlból gyűjtik. A felhasználónak
+muszáj a \fBnewgrp\fR vagy a \fBsg\fR parancsot használniuk, hogy
+megváltoztassák a jelenlegi valódi és effektív csoportazonosítójukat.
+.SH F�JLOK
+\fI/etc/group\fR \- információ a csoportokról
+.SH L�SD MÉG
+.BR newgrp (1),
+.BR getgid (2),
+.BR getgroups (2),
+.BR getuid (2)
+.SH AUTHOR
+Julianne Frances Haugh (jfh@tab.com)
+.SH MAGYAR FORD�T�S
+ifj. Dyekiss Emil <emil2@cds.hu>
diff --git a/man/hu/man1/id.1 b/man/hu/man1/id.1
new file mode 100644
index 0000000..cae75b7
--- /dev/null
+++ b/man/hu/man1/id.1
@@ -0,0 +1,63 @@
+.TH ID 1 "GNU Shell Utilities" "FSF" \" \-*\- nroff \-*\-
+.SH NÉV
+id \- kiírja a valóságos és effektív UID\-eket és GID\-eket
+.SH �TTEKINTÉS
+.B id
+[\-gnruG] [\-\-group] [\-\-name] [\-\-real] [\-\-user] [\-\-groups]
+[\-\-help] [\-\-version] [username]
+.SH LE�R�S
+Ezt a dokumentációt a továbbiakban nem tartjuk karban, így
+pontatlan vagy hiányos lehet. A Texinfo dokumentáció a hiteles forrás.
+.PP
+Ez a kézikönyv lap az
+.BR id
+GNU  változatát írja le. Az
+.B id
+információt szolgáltat az adott felhasználóról, vagy  arról aki a 
+programot futtatja, ha felhasználó nincs megadva. 
+Alapértelmezésben a valódi felhasználói ID\-t írja ki,
+a valódi csoport ID\-t, az effektív felhasználói ID\-t, ha az különbözik a 
+valódi felhasználói ID\-től, az effektív csoport ID\-t, ha az különbözik a
+valódi csoport ID\-től, és a kiegészítő csoportok ID\-it.
+A parancs ezeket a paramétereket egy sorban, egymás után 
+irja ki, zárójelben megadva a felhasználó, illetve a csoport nevét.
+.PP
+Az alábbi opciókkal az
+.B id
+képes a fenti információk egy részének a megjelenítésére is.
+.SS OPCIÓK
+.TP
+.I "\-g, \-\-group"
+Csak a csoport ID\-jét írja ki.
+.TP
+.I "\-G, \-\-groups"
+Csak a kiegészítő csoportok ID\-it írja ki.
+.TP
+.I "\-\-help"
+Használati útmutatót ír a standard kimenetre és kilép.
+.TP
+.I "\-n, \-\-name"
+A nevet jeleníti meg az ID helyet.
+Szükséges az
+.IR \-u ,
+.IR \-g ,
+vagy
+.IR \-G 
+paraméter.
+.TP
+.I "\-r, \-\-real"
+A valódi felhasználói vagy csoport ID\-t jeleníti meg az effektív helyett.
+Szükséges
+.IR \-u ,
+.IR \-g ,
+vagy
+.IR \-G 
+paraméter.
+.TP
+.I "\-u, \-\-user"
+Csak a felhasználó ID\-jét jeleníti meg.
+.TP
+.I "\-\-version"  
+A program verziójáról ír ki információt a standard kimenetre és kilép.
+.SH MAGYAR FORD�T�S
+�mon Tamás <sajt@erba.hu>
diff --git a/man/hu/man1/login.1 b/man/hu/man1/login.1
new file mode 100644
index 0000000..f84ea82
--- /dev/null
+++ b/man/hu/man1/login.1
@@ -0,0 +1,123 @@
+.\" Copyright 1989 \- 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"	$Id$
+.\"
+.TH LOGIN 1
+.SH NÉV
+login \- Új kapcsolat felvétele a rendszerrel (bejelentkezés)
+.SH �TTEKINTÉS
+.B login
+.RI [ felhasználónév " [" környezeti változók ]]
+.SH LE�R�S
+A
+.B login 
+programot a rendszerbe való belépésre használjuk. �ltalában nem 
+közvetlenül használjuk, hanem automatikusan meghívásra kerül, amikor a
+.I login:
+promptra válaszként beírjuk a felhasználónevünket.
+A
+.B login
+a shell szempontjából különleges kezelésű lehet és előfordulhat, hogy 
+nem hívható meg alfolyamatként. Tipikus példa erre, amikor a 
+.B login
+parancsot a shell \fBexec login\fR \-ként értelmezi, tehát az új 
+bejelentkezés előtt az aktuálisból való kilépésre készteti a 
+felhasználót. 
+Ha nem login shellből próbáljuk meg a \fBlogin\fR parancsot végrehajtani, 
+hibaüzenetet kapunk.
+.PP
+Ezután a jelszavunkat kell megadnunk. A beírt karakterek nem jelennek meg 
+a képernyőn, megelőzvén a 'leskelődést'. Ha többször hibás jelszót adunk 
+meg, a \fBlogin\fR kilép, és a kapcsolat megszakad.
+.PP
+Ha a jelszavunk érvényességi ideje korlátozott, a rendszer továbblépés 
+előtt felszólíthat a jelszó megváltoztatására. Ez azt jelenti, hogy a 
+jelszavunk lejárt, nem érvényes, vagy hamarosan le fog járni. A régi 
+jelszavunkat is esetleg meg kell adni ellenőrzésképpen, majd az általunk 
+választott új jelszót. A témában lásd: \fBpasswd \fR(1)
+.PP
+Sikeres bejelentkezés után néhány rendszerüzenetet kapunk, és a postaládánk 
+állapotáról némi visszajelszést. A rendszerüzenetfájl (\fI/etc/motd\fR) 
+kiíratását letilthatjuk egy 0 byte hosszúságú \fI.hushlogin\fR file 
+létrehozásával a login könyvtárunkban. A posta állapotától függően a 
+következő üzenetek valamelyikét kapjuk: "\fBYou have new mail.\fR" (Új 
+levél van), "\fBYou have mail.\fR" (Levél van), vagy "\fBNo Mail.\fR" 
+(Nincs levél).
+.PP
+A felhasználói\- (UID) és a csoportazonosítónk (GID) beállításra kerül az 
+\fI/etc/passwd\fR alapján. A \fB$HOME\fR, \fB$SHELL\fR,
+\fB$PATH\fR, \fB$LOGNAME\fR és a \fB$MAIL\fR környezeti változók 
+beállításra kerülnek a passwd adatbázis megfelelő mezői alapján.
+Az ulimit, umask és a nice is értéket kaphat a GECOS mező tartalma 
+alapján.
+.PP
+Néhány rendszeren a \fB$TERM\fR változó is értéket kap, miként az a 
+\fI/etc/ttytype\fR\-ban meg van írva.
+.PP
+Végrehajtódhat a parancsértelmezőnk inicializációs scriptje is. Ez ügyben 
+lásd a megfelelő kézikönyv\-oldalt.
+.SH FIGYELMEZTETÉSEK
+.PP
+A \fBlogin\fR ezen verziója sok fordítási opcióval rendelkezik, bár csak 
+néhány közülük az, ami használatban lehet egyes speciális gépeken.
+
+.PP
+A fájlok elhelyezkedése a rendszerkonfigurációk különbözőségéből adódóan 
+változhat.
+.SH F�JLOK
+\fI/var/run/utmp\fR \- az aktuális bejelentkezések listája
+.br
+\fI/var/log/wtmp\fR \- az előző (eddigi) bejelentkezések listája
+.br
+\fI/etc/passwd\fR \- felhasználói account\-okra vonatkozó információk
+.br
+\fI/etc/shadow\fR \- titkosított jelszavak és érvényességi idő\-információk
+.br
+\fI/etc/motd\fR \- rendszerüzenet file
+.br
+\fI/etc/nologin\fR \- nem\-root felhasználók belépésének tiltása
+.br
+\fI/etc/ttytype\fR \- termináltípusok listája
+.br
+.br
+\fI$HOME/.hushlogin\fR \- korlátozza a rendszerüzenetek megjelenítését
+.br
+.SH L�SD MÉG
+.PP
+.BR getty (8),
+.BR mail (1),
+.BR passwd (1),
+.BR sh (1),
+.BR su (1),
+.\" .BR d_passwd (5),
+.BR passwd (5),
+.BR nologin (5)
+.SH SZERZ�
+Julianne Frances Haugh (jfh@bga.com)
+.SH MAGYAR FORD�T�S
+Niedermayer Miklós <mico@musician.org>
diff --git a/man/hu/man1/newgrp.1 b/man/hu/man1/newgrp.1
new file mode 100644
index 0000000..714f187
--- /dev/null
+++ b/man/hu/man1/newgrp.1
@@ -0,0 +1,89 @@
+.\" Copyright 1991, Julianne Frances Haugh
+.\" Hungarian translation by Peter Mamuzsics <zumu@mentha.hu>
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"	$Id$
+.\"
+.TH NEWGRP 1
+.SH NÉV
+newgrp \- Csoportazonosító módosítása
+.br
+sg \- Parancs végrehajtása más csoportazonoító alatt
+.SH �TTEKINTÉS
+.BR newgrp " [" \- ]
+[\fIgroup\fR]
+.br
+.BR sg " [" \- ]
+[\fIgroup\fR [\fB\-c\fR \fIcommand\fR]]
+.SH LE�R�S
+A
+.B newgrp
+parancs a jelenlegi bejelentkezéshez tartozó csoportazonosító
+módosítására használható.  Ha a parancsot az elhagyható \fB\-\fR
+kapcsolóval hívtuk meg, akkor a rendszer úgy inicializálja újra
+a felhasználói környezetet, ahogy az a bejelelentkezés során 
+megtörténik, ellenkező esetben a jelenlegi környezet \- beleértve
+az aktuális munkakönyvtárat is \- változatlan marad.
+.PP
+A
+.B newgrp
+parancs lecseréli az aktuális csoportazonosítót a megnevezett
+vagy \- ha nincs megadva \- az \fI/etc/passwd\fR fájlban megadott
+alapértelmezett csoportra.  Ha a felhasználó nem rendelkezik jelszóval,
+de a csoport igen, vagy a felhasználó nem tagja a csoportnak,
+de a csoport rendelkezik jelszóval, akkor a rendszer bekéri a csoport
+jelszavát.
+Amennyiben a csoportnak nincs jelszava, és a felhasználó nem tagja a 
+csoportnak, akkor a hozzáférés nem lehetséges.
+.PP
+Az
+.B sg
+parancs működése hasonló a \fBnewgrp\fR parancs működéséhez,
+de ez nem cseréli le a felhasználó parancsértelmezőjét, így
+amikor kilépünk az \fBsg\fR parancsból, visszakapjuk az 
+eredeti csoportazonosítót.
+Az
+.B sg
+parancsnak egy másik, aposztrófok közé zárt parancsot is meg lehet
+adni, amely a \fB/bin/sh\fR parancsértelmezővel kerül végrehajtásra.
+.SH HIB�K
+A \fBnewgrp\fR többféle fordítási beállítással rendelkezik,
+amelyeknek egy adott felhasználási környezetben csak egy részére
+lehet szükség.
+.SH F�JLOK
+\fI/etc/passwd\fR	\- felhasználói információk
+.br
+\fI/etc/group\fR	\- csoportinfomációk
+.SH L�SD MÉG
+.BR id (1),
+.BR login (1),
+.BR su (1)
+.SH SZERZ�
+Julianne Frances Haugh (jfh@bga.com)
+.br
+.SH MAGYAR FORD�T�S
+Mamuzsics Péter <zumu@mentha.hu>
diff --git a/man/hu/man1/passwd.1 b/man/hu/man1/passwd.1
new file mode 100644
index 0000000..dab98dd
--- /dev/null
+++ b/man/hu/man1/passwd.1
@@ -0,0 +1,164 @@
+.\" Copyright 1989 \- 1994, John F. Haugh II
+.\" All rights reserved.
+.\"
+.\" Redistribution is allowed, provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\"    must display the following acknowledgement:
+.\" This product includes software developed by John F. Haugh, II
+.\"      and other contributors.
+.\" 4. Neither the name of John F. Haugh, II nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JOHN HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JOHN HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"	$Id$
+.\"
+.TH PASSWD 1 "" \" \-*\- nroff \-*\-
+.SH NÉV
+passwd \- Felhasználói jelszó megváltoztatása
+.SH �TTEKINTÉS
+\fBpasswd\fR [\fB\-f\fR|\fB\-s\fR] [\fInév\fR]
+.br
+\fBpasswd\fR [\fB\-g\fR] [\fB\-r\fR|\fB\-R\fR] \fIcsoport\fR
+.br
+\fBpasswd\fR [\fB\-x\fR \fImax\fR] [\fB\-n\fR \fImin\fR]
+[\fB\-w\fR \fIfigy\fR] [\fB\-i\fR \fIinakt\fR] \fInév\fR
+.br
+\fBpasswd\fR {\fB\-l\fR|\fB\-u\fR|\fB\-d\fR|\fB\-S\fR} \fInév\fR
+.SH LE�R�S
+A \fBpasswd\fR a felhasználók és a csoportok megváltoztatását végzi.
+A felhasználók csak a saját jelszavukat változtathatják meg, a rendszergazda
+bárkiét. A csoportok jelszavát az adott csoport adminisztrátora
+változtathatja meg. 
+A \fBpasswd\fR ezen kívül használható a felhasználói adatok, mint pl. az
+igazi név, a login shell, vagy a jelszavak "szavatossági idejének"
+megváltoztatására is.
+.SS Jelszóváltozások
+A felhasználónak először a régi jelszavát kell beírnia, ha már volt neki.
+Ezután ennek a jelszónak a kódolt változatát összehasonlítja a tárolt
+jelszóval. A megfelelő jelszó beírására a felhasználónak csak egy lehetősége
+van.
+A rendszergazda átugorhatja ezt a lépést, így az elfelejtett jelszavak is
+megváltoztathatóak.
+.PP
+Miután a felhasználó beírta a jelszavát, a \fBpasswd\fR megvizsgálja, hogyan
+rendelkezett a rendszergazda a jelszavak "szavatossági idejéről". Amennyiben
+az idő nem alkalmas a jelszó megváltoztatására, \fBpasswd\fR kilép minden
+változtatás nélkül.
+.PP
+Ezekután a program bekéri a felhasználótól az új jelszót, majd
+megvizsgálja hogy elég bonyolult\-e.
+�ltalános szabályként elmondható, hogy a jelszavak jók, ha 6\-8 karakterből
+állnak, és a következő jelkészletekből tartalmaz elemeket:
+.IP "" .5i
+Az ABC kis betűi
+.IP "" .5i
+Az ABC nagy betűi
+.IP "" .5i
+Számok 0 és 9 között 
+.IP "" .5i
+�rásjelek
+.PP
+Fontos odafigyelni, hogy ne tartalmazzon az adott rendszeren használt
+"erase" és "kill" kódű karaktereket.
+A \fBpasswd\fR nem fogad el nem eléggé bonyolult jelszót.
+.PP
+Ha a jelszó elfogadható, 
+a \fBpasswd\fR a biztonság kedvéért még egyszer bekéri az új jelszót, és
+csak akkor hajtja végre a változtatást, ha a két bevitt jelszó megegyezik.
+.SS Csoportok jelszavai
+A \fB\-g\fR kapcsoló használata esetén a megadott nevű csoport jelszava
+változik meg. Ezt csak a rendszergazda vagy a csoport adminisztrátora teheti
+meg.
+A jelenlegi csoportjelszavat nem kéri változtatás előtt.
+Az \fB\-r\fR kapcsolót a \fB\-g\fR kapcsolóval használva lehet a csoport jelszavát kikapcsolni, ezáltal minden tag használhatja a csoportot.
+Az \fB\-R\fR kapcsoló a \fB\-g\fR kapcsolóval használva a csoport minden felhasználó előtt lezárul.
+
+.SS A jelszavak "szavatossági ideje"
+A jelszavak elévülési idejét a rendszergazda a \fB\-x\fR, \fB\-n\fR, \fB\-w\fR, és \fB\-i\fR kapcsolókkal szabályozhatja.
+A \fB\-x\fR kapcsoló a jelszócserék közti maximális időt állítja be. 
+A jelszót legkésőbb \fImax\fR naponként meg kell változtatni.
+Az \fB\-n\fR kapcsoló a két jelszócsere közötti minimális időt szabályozza: a felhasználó addig nem változtathatja meg jelszavát, amíg legalább
+\fImin\fR nap el nem telt az előző változtatás óta.
+A \fB\-w\fR kapcsolóval azt állíthatod be, hogy hány nappal a jelszó lejárta előtt kezdje el a rendszer a felhasználót figyelmeztetni. Az első figyelmeztetés \fIfigy\fR nappal a lejárat előtt jelenik meg, és utána naponta tájékoztatja a felhasználót a még hátralévő napok számáról.
+Az \fB\-i\fR kapcsoló \fIinakt\fR nappal a jelszó lejárta után lezárja a felhasználó belépési lehetőségét.
+
+.SS Jogosultság\-kezelés
+A felhasználók lezárhatóak és újra beengedhetőek a \fB\-l\fR és a \fB\-u\fR kapcsolókkal.
+Az \fB\-l\fR kapcsoló a jelszót kicseréli egy olyan értékre, ami semmilyen lehetséges jelszó kódolt értékével nem egyezik.
+Az \fB\-u\fR kapcsoló visszaállítja a jelszót a régire, és így újra engedélyezi a belépést.
+.PP
+A jogosultságok az \fB\-S\fR kapcsolóval állíthatóak be. Ez 6 részből áll:
+Az első azt jelzi, hogy a felhaszáló le van zárva (L), nincs jelszava (NP), vagy van érvényes jelszava (P).
+A második rész az utolsó jelszóváltoztatás dátuma.
+A következő négy rész a jelszavak minimális és maximális ideje, az első figyelmeztetés a jelszó lejárta előtt és hogy mennyi ideig él a jelszó lejárta után.
+
+.SS Tippek a felhasználói jelszavakhoz
+Egy jelszavas rendszer biztonsága a kódolási algoritmus erősségétől és a lehetséges kulcsok számától függ.
+A \fB\s-2UNIX\s+2\fR rendszerek kódolási módja az NBS DES algoritmuson alapul, és nagyon biztonságos. A lehetséges kulcsok száma a választott jelszó véletlenszerűségén múlik.
+.PP
+A jelszavas rendszerek feltörése legtöbbször a gondatlanul megválasztott jelszóválasztásnak vagy a jelszavak cserélgetésének eredménye.
+Ezen okok miatt célszerű olyan jelszót választanod, ami nem szerepel a szótárban és nem szükséges leírnod. Tipikusan rossz választás még, ha valamilyen nevet, valamilyen azonosítószámodat, születésnapodat, vagy címedet használod jelszóként.
+Ezeket legtöbbször minden más lehetőség vizsgálata előtt kipróbálja a potenciális cracker.
+.PP
+Igyekezz olyan jelszót választani, amit könnyen megjegyzel és így nem vagy
+arra szorulva, hogy le kelljen írnod.
+Ezt például úgy érheted el, hogy két rövidebb szót elválasztasz egy számmal
+vagy valamilyen karakterrel, például jel@szo
+.PP
+A másik módszer, hogy egy könnyen megjegyezhető mondat vagy idézet minden
+szavának első vagy utolsó betűjét írod egymás után.
+�gy például a 
+.IP "" .5i
+Morzsa kutyám hegyezd füled
+.PP
+\-ből
+.IP "" .5i
+Maqmhdfd
+.PP
+lesz.
+Feltehetőleg kevés cracker szótárában fog szerepelni ez a szó.
+Ennek ellenére a még nagyobb biztonság kedvéért érdemes valamilyen saját
+módszert kitalálnod jelszavak készítésére.
+
+.SS Megjegyzés a csoportok jelszavairól
+A csoportok jelszavai állandó biztonsági problémát jelenthetnek, mivel
+nemcsak egy ember ismerheti a jelszavat. A csoport\-kezelés azonban
+hasznos abban az esetben, ha több felhasználó együttműködését kell
+megoldani.
+
+.SH FIGYELMEZTETÉS
+Nem biztos, hogy minden kapcsoló felhasználható.
+Az, hogy hogyan vizsgálja a jelszavak bonyolultságát, rendszerről rendszerre
+változhat.
+Minden felhasználónak célszerű a lehető legbonyolultabb, de még használható
+jelszót használnia.
+Ha NIS\-t használ a felhasználók azonosítására a rendszer és a felhasználó nem
+lépett be a NIS kiszolgálóra, nem változtathatja meg jelszavát.
+.SH F�JLOK
+\fI/etc/passwd\fR	\- felhasználói információk
+.br
+\fI/etc/shadow\fR	\- kódolt felhasználói jelszavak
+.SH L�SD MÉG
+.BR group (5),
+.BR passwd (5),
+.BR shadow (5)
+.SH MAGYAR FORD�T�S
+Érdi "Cactus" Gergő <cactus@freemail.c3.hu>
diff --git a/man/hu/man1/sg.1 b/man/hu/man1/sg.1
new file mode 100644
index 0000000..d07c5e4
--- /dev/null
+++ b/man/hu/man1/sg.1
@@ -0,0 +1 @@
+.so man1/newgrp.1
diff --git a/man/hu/man1/su.1 b/man/hu/man1/su.1
new file mode 100644
index 0000000..3d6e9fc
--- /dev/null
+++ b/man/hu/man1/su.1
@@ -0,0 +1,185 @@
+.\" You may copy, distribute and modify under the terms of the LDP General
+.\" Public License as specified in the LICENSE file that comes with the
+.\" gnumaniak distribution
+.\"
+.\" The author kindly requests that no comments regarding the "better"
+.\" suitability or up\-to\-date notices of any info documentation alternative
+.\" is added without contacting him first.
+.\"
+.\" (C) 1999 Ragnar Hojland Espinosa <ragnar@macula.net>
+.\"
+.\"     GNU su man page
+.\"     man pages are NOT obsolete!
+.\"     <ragnar@macula.net>
+.TH su 1 "18 August 1999" "GNU Shell Utilities 2.0"
+.SH NÉV
+su \- indít egy shellt más felhasználó\- és csoportazonosítóval
+.SH �TTEKINTÉS
+.B su
+.BI "[\-] [\-flmp] [\-c " parancs "] [\-s " shell "] [\-\-fast] [\-\-login]"
+.B [\-\-preserve\-environment]
+.BI "[\-\-command=" parancs "] [\-\-shell=" shell "]"
+.BI [ felhasználó " [" argumentum... ]]
+.sp
+.B su [\-\-help] [\-\-version]
+.SH LE�R�S
+Az
+.B su
+parancs lehetővé teszi, hogy ideiglenesen más felhasználóvá válhassunk 
+úgy, hogy egy új shell\-t indít a kért 
+.I felhasználó 
+valós és effektív felhasználói azonosítójával, csoportazonosítójával és 
+másodlagos csoportjaival. Ha nem adunk meg 
+.IR felhasználó \-t,
+az alapértelmezett érték a root (super\-user). Az a shell indul el, ami a 
+.I felhasználó 
+passwd bejegyzésében szerepel, ha ott nincs 
+semmi, akkor a /bin/sh. Ha a 
+.IR felhasználó \-nak
+van jelszava, akkor az
+.B su
+meg fogja azt kérdezni, kivéve ha root\-ként (a felhasználói azonosító 0) 
+futtatjuk.
+.PP
+Alapértelmezésben az
+.B su
+nem változtatja meg az aktuális könyvtárat. �tállítja a 
+.B HOME 
+és a
+.B SHELL 
+környezeti változókat a 
+.I felhasználó
+password bejegyzéséből kinézett értékekre, és ha a 
+.I felhasználó
+nem a root (a super\-user) a 
+.BR USER és LOGNAME 
+változókat a 
+.I felhasználó
+nevére állítja. Az alapértelmezés az, hogy az elinduló shell nem lesz 
+bejelentkezési shell.
+.PP
+Ha megadunk 
+.IR argumentum \-ként
+valamit, az is átadódik az induló shellnek.
+.PP
+Az 
+.B su
+se a /bin/sh\-t, se más shell\-eket nem kezel speciálisan.
+(ilyen az argv[0] "\-su"\-ra állítása, vagy a \-c paraméter csak 
+bizonyos shelleknek való átadása, stb.)
+.PP
+Azokon a rendszereken, ahol van
+.RB syslog (3) ,
+az
+.B su
+fordítható úgy is, hogy a sikertelen, vagy opcionálisan a 
+sikeres próbálkozásokat is naplóztassa a sysloggal.
+.SH OPCIÓK
+.TP
+.BI "\-c " parancs ", \-\-command=" parancs
+Csak a 
+.I parancs
+parancsot hajtatja végre a shell\-lel a
+.B \-c
+opció segítségével, így a shell nem interaktívan 
+indul el.
+.TP
+.B "\-f, \-\-fast"
+Beállítja a
+.B \-f
+opciót az induló shellnél. Ennek talán csak a 
+.BR csh (1)
+és a
+.BR tcsh (1),
+shelleknél van értelme ahol
+.B \-f
+opció megakadályozza, hogy a startup fájlt (.cshrc) a shell beolvassa.
+A Bourne\-hoz hasonló shelleknél a
+.B \-f
+opció letiltja a fájlnév minták kiterjesztését (filename pattern 
+expansion), ami általában nem kívánatos dolog. 
+.TP
+.B "\-, \-l, \-\-login"
+A shellt bejelentkezési shellként indítja. Ez a következőket jelenti: 
+törli az összes környezeti változót, kivéve a 
+.BR TERM "\-et, " HOME \-ot, 
+és a 
+.BR SHELL \-t 
+(amiket a fent leírt módon állít át), és a
+.BR USER "\-t és " LOGNAME \-t 
+(amiket szintén a fent leírt módon állít át
+a rootnak), továbbá a 
+.BR PATH \-t, 
+amit a fordításkor meghatározott 
+alapértékre állít. Az aktuális könyvtárat a 
+.I felhasználó
+home\-könyvtárára
+állítja. A shell neve elé egy 
+.B \- \-t 
+szúr be, így eléri azt, hogy
+az beolvassa a startup fájlját illetve fájljait.
+.TP
+.B "\-m, \-p, \-\-preserve\-environment"
+Nem állítja át a 
+.BR HOME ", " USER ", " LOGNAME ", és " SHELL
+környezeti változókat. Azt a shellt indítja, ami a 
+.B SHELL 
+változóban van a passwd fájlban lévő helyett, de csak akkor, ha az
+.B su
+parancsot vagy a superuser futtatja, vagy nem egy korlátozott
+(restricted) shellt akar futtatni. Az a shell korlátozott, ami nem
+szerepel a /etc/shells fájlban, vagy 
+az 
+.B su
+belső listájában, ha ez a fájl nem létezik. Az opció hatásainak egy részét a
+.B \-\-login
+és a
+.B \-\-shell
+opciók hatástalanítják.
+.TP
+.BI "\-s, \-\-shell " shell
+A 
+.IR shell "\-t indítja a " felhasználó 
+/etc/passwd fájlban szereplő
+shellje helyett, ha parancsot vagy a superuser futtatja,
+vagy ha nem korlátozott shellt akar futtatni. (Korlátozott 
+shell\-t lásd fentebb.)
+.TP
+.B "\-\-help"
+Használati útmutatót ír a standard kimenetre, majd sikeres visszatérési értékkel kilép.
+.TP
+.B "\-\-version"
+A program verziójáról ír ki információt a standard kimenetre, majd 
+sikeres visszatérési értékkel kilép.
+.SH Miért nem támogatja a GNU su a wheel csoportot? (Richard Stallman)
+
+Néha a rendszer fölötti teljes ellenőrzést egy néhány emberből 
+álló csoport akarja kézbe venni. Például 1984\-ben pár user a MIT AI
+laborban úgy döntött, hogy átveszik az irányítást a Twenex rendszer
+operátori jelszavának megváltoztatásával, és annak titokban tartásával. 
+(A puccsot sikerült leverni, és a felhasználókat jogaikba visszahelyezni 
+egy kernel patch segítségével, de Unix alatt ezt nem tudtam volna megcsinálni.)
+(A fordító megj.: a wheel csoportot ezzel a módszerrel könnyen
+önkényesen is leszűkíthetik a csoporttagok , így tulajdonképpen nincs sok értelme.)
+.PP
+Néha az uralmon levők elárulják a root jelszót. A szokásos su 
+mechanizmus szerint, ha valaki megtudja a root jelszót, és 
+szimpatizál a többi közönséges felhasználóval, elárulhatja nekik 
+is. A wheel csoport ezt lehetetlenné tenné, és így bebetonozná az 
+uralmon levő hatalmát.
+.PP
+Én a tömegek oldalán állok, nem az uralkodókén. Ha te mindig a 
+főnökök és a rendszergazdák oldalán állsz, bármit is tesznek, akkor 
+valószínűleg furcsálni fogod ezt a hozzáállást.
+.PP
+A fordító megjegyzése: 
+Valami jó azért mégis lenne a wheel csoportban: az, hogy ha a root 
+jelszó kitudódna azzal nem tudna bármelyik felhasználó közvetlenül 
+visszaélni. A wheel csoporthoz hasonló dolgot lehet elérni a
+.B sudo
+csomaggal.
+.SH MEGJEGYZÉS
+A hibákat a bug\-sh\-utils@gnu.org címen lehet jelenteni.
+Az oldalt Ragnar Hojland Espinosa <ragnar@macula.net> frissítette.
+.SH MAGYAR FORD�T�S
+Havasi Ferenc <hafy@prins.externet.hu> és Tímár András <timar_a@freemail.hu>
diff --git a/man/hu/man5/passwd.5 b/man/hu/man5/passwd.5
new file mode 100644
index 0000000..0ef231a
--- /dev/null
+++ b/man/hu/man5/passwd.5
@@ -0,0 +1,99 @@
+.\" Copyright (c) 1993 Michael Haardt (u31b3hs@pool.informatik.rwth-aachen.de), Fri Apr  2 11:32:09 MET DST 1993
+.\"
+.\" This is free documentation; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of
+.\" the License, or (at your option) any later version.
+.\"
+.\" The GNU General Public License's references to "object code"
+.\" and "executables" are to be interpreted as the output of any
+.\" document formatting or typesetting system, including
+.\" intermediate and printed output.
+.\"
+.\" This manual is distributed in the hope that it will be useful,
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+.\" GNU General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public
+.\" License along with this manual; if not, write to the Free
+.\" Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139,
+.\" USA.
+.\"
+.\" Modified Sun Jul 25 10:46:28 1993 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Aug 21 18:12:27 1994 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Jun 18 01:53:57 1995 by Andries Brouwer (aeb@cwi.nl)
+.TH PASSWD 5 "24 July 1993" "Linux" "Linux Programozói Kézikönyv"
+.SH NÉV
+passwd \- Jelszófájl
+.SH LE�R�S
+A
+.B Passwd
+egy, a felhasználók listáját és a belépésükhöz szükséges jelszavakat
+tartalmazó ASCII file. Mindenkinek tudnia kell olvasni (sok segédprogram, 
+pl. a
+.BR ls (1)
+ezt használja hogy a felhasználói azonosítókhoz (UID-khez) neveket
+rendeljen), de írási jogot csak a rendszergazdának szabad kapnia.
+.PP
+A régi szép időkben nem is volt ezzel semmi baj: mindenki olvashatta a
+felhasználók kódolt jelszavait, de mivel az akkori hardware-körülmények nem
+tették lehetővé a jól megválasztott jelszavak törését, és a felasználók
+alapvetően jóindulatűak voltak, ez nem okozott problémát.
+Manapság mindenki igyekszik shadow-zott jelszavakat használni, amikor is a 
+.I /etc/passwd
+file-ban a jelszavak helyett csak egy * karakter áll, és az igazi jelszavak
+a
+.I /etc/shadow
+file-ban találhatóak, amit csak a rendszergazda olvashat.
+.PP
+Amikor új felhasználót készítesz, célszerű a jelszó helyét
+üresen hagyni, és a \fBpasswd\fP(1) programmal kitölteni. Egy * karakter a
+jelszó helyén azt jelenti, hogy a \fBlogin\fP(1) szoltáltatáson keresztül
+a felhasználó nem tud belépni.
+.PP
+Soronként egy bejegyzés található, a következő formában:
+.sp
+.RS
+usernév:jelszó:UID:GID:valódi név:home mappa:shell
+.RE
+.sp
+, ahol a mezők jelentése:
+.sp
+.RS
+.TP 1.0in
+.I usernév
+a felhasználó belépési neve a rendszerben.
+.TP
+.I jelszó
+a felhasználó kódolt jelszava. 
+.TP
+.I UID
+A felhasználó azonosítószáma.
+.TP
+.I GID
+A felhasználó csoportjának azonosítószáma.
+.TP
+.I valódi név
+egy opcionális mező megjegyzések tárolására (gyakran a felhasználó teljes neve)
+.TP
+.I home mappa
+a felhasználó $HOME mappája.
+.TP
+.I shell
+a belépéskor elindítandó program (ha nincs megadva, a
+.IR /bin/sh -t használja).
+.RE
+.SH MEGJEGYZÉS
+Ha a root fájlrendszered a
+.IR /dev/ram
+-on van, a rendszer leállítása előtt rögzítened kell a megváltozott jelszófile-t a root fájlrendszer floppylemezén. Ha csoportokat is kezelni akarsz, meg kell egyezniük a GID-jüknek és be kell jegyezni őket a  \fI/etc/group\fP-ba.
+.SH F�JLOK
+.I /etc/passwd
+.SH L�SD MÉG
+.BR passwd (1),
+.BR login (1),
+.BR group (5),
+.BR shadow (5)
+.SH MAGYAR FORD�T�S
+Horváth András <horvatha@rs1.szif.hu>
diff --git a/man/hu/man8/lastlog.8 b/man/hu/man8/lastlog.8
new file mode 100644
index 0000000..a7058c5
--- /dev/null
+++ b/man/hu/man8/lastlog.8
@@ -0,0 +1,68 @@
+.\" Copyright 1992, Phillip Street and Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"	@(#)lastlog.8	3.3	08:24:58	29 Sep 1993 (National Guard Release)
+.\"	$Id$
+.\"
+.TH LASTLOG 8
+.SH NÉV
+lastlog \- a lastlog fájl vizsgálata
+.SH �TTEKINTÉS
+.B lastlog
+.RB [ -u
+.IR uid ]
+.RB [ -t
+.IR napok száma ]
+.SH LE�R�S
+
+A \fBlastlog\fR formázza és olvashatóan megjeleníti a
+\fB/var/log/lastlog\fR tartalmát. A listában szerepel a \fBlogin-név\fR, a
+\fBterminál (port) azonosítója\fR és a felhasználó \fBlegutolsó
+belépésének ideje\fR.  Paraméterek nélkül meghívva a
+felhasználó-azonosítók (UID) alapján sorbarendezve jelennek meg az
+értékek. A \fB-u \fIlogin-név\fR opció megadása esetén csak a megadott
+felhasználó utolsó belépésének ideje jelenik meg. A \fB-t \fInapok
+száma\fR opció megadásával csak a megadott számú napon belüli belépési
+idők jelennek meg. A \fB-r\fR opció felülírja a \fB-u\fR opciót.
+.PP
+Ha a felhasználó még soha nem lépett be, akkor a terminál és az idő
+helyett a \fB**Never logged in**\fR felirat jelenik meg.
+.SH F�JLOK
+/var/log/lastlog \- a felhasználók legutóbbi belépéseit tartalmazza
+.SH MEGJEGYZÉS
+Ha a felhasználói azonosító számok (UID-k) között nagyobb üres tartományok
+vannak, akkor a lastlog futásakor megtörténhet, hogy hosszabb ideig
+nem jelenik meg semmi a képernyőn (pl ha a 170-es és a 800-as azonosítójú
+felhasználók között nincs több azonosító, akkor a 171 és 799 közötti
+számok kiértékelése alatt a képernyőn nem változik semmi).
+.SH SZERZ�K
+Julianne Frances Haugh (jfh@tab.com)
+.br
+Phillip Street
+.SH MAGYAR FORD�T�S
+Hermann Benedek (bence@intercom.hu)
+
diff --git a/man/id.1.xml b/man/id.1.xml
new file mode 100644
index 0000000..e947e19
--- /dev/null
+++ b/man/id.1.xml
@@ -0,0 +1,119 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1991       , Julianne Frances Haugh
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='id.1'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1991</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>id</refentrytitle>
+    <manvolnum>1</manvolnum>
+    <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>id</refname>
+    <refpurpose>display current user and group ID names</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>id</command>    <arg choice='opt'>-a </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>id</command> command displays the current real and
+      effective user and group ID names or values. If the value does not
+      have a corresponding entry in <filename>/etc/passwd</filename> or
+      <filename>/etc/group</filename>, the value will be displayed without
+      the corresponding name. The optional <option>-a</option> flag will
+      display the group set on systems which support multiple concurrent
+      group membership.
+    </para>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>getgid</refentrytitle><manvolnum>2</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>getgroups</refentrytitle><manvolnum>2</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>getuid</refentrytitle><manvolnum>2</manvolnum>
+      </citerefentry>
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/id/Makefile.am b/man/id/Makefile.am
new file mode 100644
index 0000000..21f3dbe
--- /dev/null
+++ b/man/id/Makefile.am
@@ -0,0 +1,9 @@
+
+mandir = @mandir@/id
+
+man_MANS = \
+	man1/chsh.1 \
+	man1/login.1 \
+	man8/useradd.8
+
+EXTRA_DIST = $(man_MANS)
diff --git a/man/id/man1/chsh.1 b/man/id/man1/chsh.1
new file mode 100644
index 0000000..e13a49d
--- /dev/null
+++ b/man/id/man1/chsh.1
@@ -0,0 +1,53 @@
+.\"
+.\"  chsh.1 \-\- change your login shell
+.\"  (c) 1994 by salvatore valente <svalente@athena.mit.edu>
+.\"
+.\"  this program is free software.  you can redistribute it and
+.\"  modify it under the terms of the gnu general public license.
+.\"  there is no warranty.
+.\"
+.\"  $Author: kloczek $
+.\"  $Revision: 1.4 $
+.\"  $Date: 2005/08/29 13:59:29 $
+.\"
+.TH CHSH 1 "October 13 1994" "chsh" "Linux Reference Manual"
+.SH NAMA
+chsh \- merubah shell login
+.SH RINGKASAN
+.B chsh
+[\ \-s\ shell\ ] [\ \-l\ ] [\ \-u\ ] [\ \-v\ ] [\ username\ ]
+.SH PENJELASAN
+.B chsh
+digunakan untuk merubah shell login Anda.
+Bila shell tidak diberikan pada baris perintah maka
+.B chsh
+menampilkan prompt untuk memasukkan shell.
+.SS SHELL\-SHELL YANG BENAR
+.B chsh
+akan menerima pathname lengkap dari file executable pada sistem.
+Walau demikian, akan menampilkan peringatan bila shell tidak terdapat
+dalam file
+.I /etc/shells .
+.SH OPTION
+.TP
+.I "\-l, \-\-list\-shells"
+Menampilkan daftar shell yang ada dalam
+.I /etc/shells
+dan keluar atau exit.
+.TP
+.I "\-s, \-\-shell"
+Menentukan shell login Anda.
+.TP
+.I "\-u, \-\-help"
+Menampilkan cara penggunaan program.
+.TP
+.I "\-v, \-\-version"
+Menampilkan informasi versi program.
+.SH "LIHAT JUGA"
+.BR login (1),
+.BR passwd (5),
+.BR shells (5)
+.SH PEMBUAT
+Salvatore Valente <svalente@mit.edu>
+.SH PENTERJEMAH
+Rizqy Syarief <rizqy@rad.net.id>
diff --git a/man/id/man1/login.1 b/man/id/man1/login.1
new file mode 100644
index 0000000..970fc72
--- /dev/null
+++ b/man/id/man1/login.1
@@ -0,0 +1,311 @@
+.\" Copyright 1993 Rickard E. Faith (faith@cs.unc.edu)
+.\" May be distributed under the GNU General Public License
+.TH LOGIN 1 "4 November 1996" "Util\-linux 1.6" "Linux Programmer's Manual"
+.SH NAME
+login \- masuk ke system
+.SH SYNOPSIS
+.BR "login [ " name " ]"
+.br
+.B "login \-p"
+.br
+.BR "login \-h " hostname
+.br
+.BR "login \-f " name
+.SH PENJELASAN
+.B login
+digunakan ketika hendak masuk ke sebuah system.  Ia juga dapat digunakan
+untuk berpindah dari satu user ke user lainnya kapan saja (shell\-shell yang
+modern mendukung kemampuan ini).
+Jika tidak diikuti oleh sebuah argumen
+.B login
+system akan menanyakan nama user/username.
+
+Jika user tersebut
+.I bukan
+root, dan jika terdapat file
+.I /etc/nologin
+isi file tersebut akan tercetak di layar, kemudian login dihentikan.  
+Biasanya ini dilakukan untuk mencegah login ketika system sedang dimatikan.
+
+Jika terdapat pembatasan akses tertentu pada user sebagaimana terdapat di
+.IR /etc/usertty ,
+hal tersebut harus dipenuhi, atau login akan ditolak dan pesan
+.B syslog
+akan dibuat.  Lihat section pada "Special Access Restrictions".
+
+Jika user adalah root, maka login harus dijalankan pada tty yang terdapat
+di
+.IR /etc/securetty .
+Kegagalan akan dicatat pada log melalui fasilitas
+.B syslog .
+
+Setelah kondisi\-kondisi tersebut dicek, anda akan dimintai password untuk
+kemudian dicek (jika ada password untuk username tersebut).  Anda dapat
+mencoba sepuluh kali sebelum
+.B login
+dimatikan, tapi setelah kegagalan yang ketiga, respon yang diberikan
+akan sangat lamban.  Kegagalan login akan dilaporkan melalui fasilitas
+.B syslog .
+Fasilitas ini juga dapat digunakan untuk melaporkan login yang berhasil.
+
+Jika file
+.I .hushlogin
+ditemukan,  maka login secara "quiet" dilaksanakan (hal ini menonaktifkan
+pengecekan mail dan tidak menampilkan waktu login terakhir dan pesan
+yang ada untuk hari itu).  Namun, jika terdapat file
+.I /var/log/lastlog
+, waktu login terakhir akan ditampilkan (dan kegiatan login yang sekarang
+akan dicatat).
+
+Kegiatan administratif secara acak, seperti mengeset UID dan GID untuk tty
+akan dilakukan.  Variabel environment TERM dibuatkan, jika ia sudah ada
+(variabel environment lain akan dibuatkan jika option
+.B \-p
+digunakan).  Kemudian variable environment HOME, PATH, SHELL, TERM, MAIL
+dan LOGNAME ditetapkan. Default PATH merujuk ke
+.I /usr/local/bin:/bin:/usr/bin:.
+untuk user biasa, dan ke
+.I /sbin:/bin:/usr/sbin:/usr/bin
+untuk root.  Terakhir, jika login yang sedang dilakukan bukan login "quiet",
+pesan hari ini akan ditampilkan dan file dengan nama yang sama dengan user
+pada
+.I /usr/spool/mail
+akan diperiksa, dan sebuah pesan ditampilkan jika besar file tersebut tidak
+nol.
+
+Kemudian, shell untuk user berjalan.  Jika shell untuk user tidak ditentukan
+pada
+.BR /etc/passwd ,
+maka akan digunakan
+.BR /bin/sh .
+Jika directory tidak ditentukan pada
+.IR /etc/passwd ,
+maka
+.I /
+digunakan (home directiry diperiksa pada file
+.I .hushlogin
+seperti dijelaskan sebelumnya).
+.SH OPTION
+.TP
+.B \-f
+Used to skip a second login authentication.  This specifically does
+Digunakan untuk melewatkan pengecekan tahap kedua ketika login.  Biasanya
+.B tidak
+berjalan untuk, dan kelihatannya tidak dapat berjalan dengan baik pada Linux.
+.TP
+.B \-h
+Digunakan oleh server lain (misalnya
+.BR telnetd (8))
+to pass the name of the remote host to
+untuk melewatkan nama remote host ketika
+.B login
+sehingga dapat ditempatkan pada utmp dan wtmp.  HAnya superuser yang dapat
+menggunakan option ini.
+.TP
+.B \-p
+digunakan oleh
+.BR getty (8)
+untuk memberi tahu bahwa
+.B login
+tidak mengubah environment
+
+.SH "PEMBATASAN AKSES TERTENTU/SPECIAL ACCESS RESTRICTIONS"
+File
+.I /etc/securetty
+mencatat nama\-nama tty dimana root boleh login.  Nama device tty yang tidak
+berawalan /dev/ harus ditentukan pada setiap barisnya.  Jika file tersebut 
+tidak ditemukan, root boleh login di tty mana saja.
+
+.PP
+File
+.I /etc/usertty
+Menentukan tambahan batasan akses tertentu untuk user tertentu.  Jika 
+file ini tidak ditemukan, tak ada tambahan batasan akses yang diterapkan.
+File ini terdiri dari beberapa bagian.  Ada tiga bagian yang mungkin
+ada : CLASSES, GROUPS dan USERS.  Bagian CLASSES mendefinisikan kelas tty
+dan pola nama host, bagian GROUPS mendefinisikan tty dan nama host yang
+diperbolehkan berdasarkan per group, dan bagian USERS mendefinisikan tty 
+dan host yang diperbolehkan berdasarkan per user.
+
+.PP
+Panjang setiap baris pada file ini tidak boleh lebih dari 255 karakter.
+Komentar diawali oleh karakter # yang berlaku hingga akhir baris.
+
+.PP
+.SS "Bagian CLASSES"
+Bagian CLASSES dimulai dengan kata CLASSES pada baris awal dalam
+huruf besar semua.  Setiap baris berikutnya hingga permulaan bagian baru
+atau akhir file terdiri dari urutan kata\-kata yang dipisahkan oleh tab
+atau spasi.  Tiap baris mendefinisikan kelas tty dan pola host.
+
+.PP
+Kata yang terdapat pada awal baris dijadikan sebuah definisi untuk 
+sekumpulan nama untuk tty dan pola host yang ditentukan pada akhir baris.
+Kumpulan nama ini dapat digunakan untuk bagian GROUPS berikutnya atau 
+bagian USERS.  Nama kelas tidak boleh didefinisikan sebagai bagian
+dari sebuah kelas untuk menghindari masalah kelas rekursif.
+
+.PP
+Contoh bagian CLASSES:
+.PP
+.nf
+.in +.5
+CLASSES
+myclass1		tty1 tty2
+myclass2		tty3 @.foo.com
+.in -.5
+.fi
+.PP
+File di atas mendefinisikan
+.I myclass1
+dan
+.I myclass2
+sebagai sebelah kanan yang saling berhubungan.
+.PP
+
+.SS "Bagian GROUPS"
+Bagian GROUPS mendefinisikan tty dan host yang diperbolehkan berdasarkan
+per group UNIX.  Jika seorang user adalah anggota sebuah group menurut
+.I /etc/passwd
+dan
+.I /etc/group
+dan jika sebuah group disebutkan pada bagian GROUPS di
+.I /etc/usertty
+maka user diberikan akses jika memang itu group\-nya.
+.PP
+Bagian GROUPS diawali oleh kata GROUPS dalam huruf besar semua pada permulaan
+baris dan tiap baris selanjutnya merupakan urutan kata\-kata yang dipisahkan
+oleh spasi atau tab.  Kata pertama pada sebuah baris adalah nama group dan
+sisanya menentukan tty dan host dimana anggota group tersebut boleh 
+mendapatkan akses.  Ketentuan ini dapat mengikutsertakan kelas yang telah
+didefinisikan pada bagian CLASSES sebelumnya.
+
+.PP
+Contoh bagian GROUPS
+.PP
+.nf
+.in +0.5
+GROUPS
+sys		tty1 @.bar.edu
+stud		myclass1 tty4
+.in -0.5
+.fi
+.PP
+Contoh ini menentukan bahwa anggota group
+.I sys
+boleh log in pada tty1 dan dari host\-host yang terdapat pada domain
+bar.edu.  User yang terdapat pada group
+.I stud
+boleh log in dari host\-host/tty\-tty yang ditentukan pada kelas myclass1
+atau dari tty4
+.PP
+
+.SS "Bagian USERS"
+Bagian USERS dimulai dengan kata USERS dalam huruf besar semua pada awal
+baris, dan tiap baris berikutnya adalah urutan kata\-kata yang dipisahkan
+oleh tab atau spasi.  Kata pertama pada sebuah baris adalah username
+dan sisanya merupakan definisi tentang tty dan host tempat user boleh
+log in.  Ketentuan ini dapat melibatkan kelas yang didefinisikan pada
+bagian CLASSES sebelumnya dan.  Jika tak ada header bagian yang tercantum
+pada awal file, bagian pertama secara defaults adalah bagian USERS.
+
+.PP
+Contoh penggunaan bagian USERS:
+.PP
+.nf
+.in +0.5
+USERS
+zacho		tty1 @130.225.16.0/255.255.255.0
+blue		tty3 myclass2
+.in -0.5
+.fi
+.PP
+KEtentuan ini mengizinkan zacho hanya boleh login pada tty1 dan dari
+host\-host yang alamat IP\-nya terletak di kisaran 130.225.16.0 \-
+130.225.16.255, dan user bernama blue boleh log in dari tty3 dan apa
+saja yang disebutkan pada kelas myclass2.
+.PP
+Mungkin terdapat sebuah baris pada bagian USERS yang dimulai dengan
+sebuah username bernama *.  Ini adalah aturan default dan ia akan
+diterapkan pada user yang tidak tercantum pada baris\-baris definisi.
+.PP
+Jika user ditemukan pada baris USERS dan GROUPS maka user tersebut boleh
+mengakses dari gabungan tty/host yang disebutkan pada ketentuan tersebut.
+
+.SS Origins
+Ketentuan mengenai tty dan pola host yang digunakan sebagai ketentuan 
+pada kelas, group dan user disebut origin.  Sebuah origin bisa memiliki
+format berikut:
+.IP o 
+Nama sebuah device tty tanpa awalan /dev/, contohnya tty1 atau ttyS0.
+.PP
+.IP o
+String @localhost, artinya user boleh melakukan telnet/rlogin
+dari local host ke host yang sama.  Ini juga membolehkan user untuk
+menjalankan perintah: xterm \-e /bin/login.
+.PP
+.IP o
+Sebuah akhiran nama domain seperti @.some.dom, artinya user boleh
+melakukan rlogin/telnet dari host mana saja yang nama domainnya berakhiran
+@.some.dom
+.PP
+.IP o
+Kisaran alamat IPv4, ditulis @x.x.x.x/y.y.y.y dimana x.x.x.x adalah
+alamat IP pada notasi desimal biasa dan y.y.y.y adalah bitmask dalam
+notasi yang sama yang menentukan bit mana pada alamat tersebut untuk
+dibandingkan dengan alamat IP dari remote host.  Contohnya @130.225.16.0/
+255.255.254.0 berarti user boleh rlogin/telnet dari host mana saja yang
+alamat IP\-nya berada pada kisaran 130.225.16.0 \- 130.225.17.255.
+.PP
+Origin di atas boleh diawali oleh penentuan waktu menurut syntax:
+.PP
+.nf
+timespec    ::= '[' <day\-or\-hour> [':' <day\-or\-hour>]* ']'
+day         ::= 'mon' | 'tue' | 'wed' | 'thu' | 'fri' | 'sat' | 'sun'
+hour        ::= '0' | '1' | ... | '23'
+hourspec    ::= <hour> | <hour> '\-' <hour>
+day\-or\-hour ::= <day> | <hourspec>
+.fi
+.PP
+Contohnya, origin [mon:tue:wed:thu:fri:8\-17]tty3 berarti log in 
+diperbolehkan pada hari senin hingga jumat pukul 8:00 dan 17:59 (5:59
+pm) pada tty3.  Ini juga menunjukkan bahwa kisaran jam (seperti 10)
+menandakan waktu berkisar antara 10:00 dan 10:59.
+.PP
+Jika tidak menentukan waktu untuk tty atau nama host berarti lo gin
+dari origin tersebut diperbolehkan untuk setiap waktu.  Jika anda 
+memberikan awalan waktu, yakinkan untuk menentukan baik kumpulan hari
+dan waktu yang agak dilebihkan.  Penentuan waktu tidak boleh berisi
+spasi.
+.PP
+Jika tidak ada aturan diberikan maka user yang tidak ditemukan pada
+.I /etc/usertty
+boleh log in dari mana saja.
+.PP
+.SH FILES
+.nf
+.I /var/run/utmp
+.I /var/log/wtmp
+.I /var/log/lastlog
+.I /usr/spool/mail/*
+.I /etc/motd
+.I /etc/passwd
+.I /etc/nologin
+.I /etc/usertty
+.I .hushlogin
+.fi
+.SH "SEE ALSO"
+.BR init (8),
+.BR getty (8),
+.BR mail (1),
+.BR passwd (1),
+.BR passwd (5),
+.BR environ (7),
+.BR shutdown (8)
+.SH BUGS
+
+Linux, tidak seperti sistem operasi draconian, tidak mengecek quota.
+
+Option tidak resmi pada BSD
+.B \-r
+tidak dapat digunakan.   Ini mungkin dibutuhkan oleh program
diff --git a/man/id/man8/useradd.8 b/man/id/man8/useradd.8
new file mode 100644
index 0000000..2d6730c
--- /dev/null
+++ b/man/id/man8/useradd.8
@@ -0,0 +1,214 @@
+.\" Copyright 1991 \- 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Pendistribusian dan penggunaan dalam bentuk source dan binary, dengan
+.\" atau tanpa modifikasi, diperbolehkan asal syarat\-syarat ini dipenuhi :
+.\" 1. Pendistribusian source code harus mempertahankan tulisan copyright
+.\"    di atas, persyaratan ini, dan disclaimer berikut.
+.\" 2. Pendistribusian dalam bentuk binary harus menampilkan copyright di atas,
+.\"    persyaratan ini, dan disclaimer yang tercantum pada dokumentasi dan/
+.\"    atau keterangan lainnya yang terdapat pada distribusi ini.
+.\" 3. Nama Julianne F. Haugh atau nama\-nama kontributor lainnya tidak boleh
+.\"    digunakan sebagai jaminan atau untuk mempromosikan produk yang berasal
+.\"    dari software ini tanpa izin khusus tertulis.
+.\"
+.\" SOFTWARE INI DISEDIAKAN OLEH JULIE HAUGH DAN PARA KONTRIBUTOR DALAM BENTUK
+.\" "APA ADANYA" DAN SEGALA PERNYATAAN ATAU JAMINAN, TERMASUK, TAPI TIDAK
+.\" TERBATAS PADA, JAMINAN DALAM PENJUALAN DAN PENYESUAIAN UNTUK MAKSUD
+.\" TERTENTU DILUAR TANGGUNG JAWABNYA.  JULIE HAUGH DAN PARA KONTRIBUTOR TIDAK
+.\" BERTANGGUNG JAWAB PADA KERUSAKAN SECARA LANGSUNG, TIDAK LANGSUNG, KEBETULAN,
+.\" TERTENTU, SESUAI CONTOH ATAU KERUSAKAN BERUNTUN (TERMASUK, TAPI TIDAK
+.\" TERBATAS PADA MENDAPATKAN PRODUK DENGAN CARA PERTUKARAN ATAU JASA;
+.\" KEHILANGAN DATA, ATAU PROFIT; ATAU TERHENTINYA BISNIS) YANG MENGAKIBATKAN
+.\" DAN SECARA TEORI BERTANGGUNG JAWAB, MESKIPUN DALAM PERJANJIAN, BERTANGGUNG
+.\" JAWAB PENUH, ATAU TORT (TERMASUK KECEROBOHAN ATAU SEBALIKNYA) YANG TIMBUL
+.\" KARENA KESALAHAN DALAM MENGGUNAKAN SOFTWARE INI, BAHKAN JIKA TELAH
+.\" DIPERINGATKAN SEBELUMNYA TENTANG KEMUNGKINAN AKAN KERUSAKAN TERSEBUT.
+.\"
+.\"	$Id$
+.\"
+.TH USERADD 8
+.SH NAME
+useradd \- Membuat user baru atau memperbarui informasi tentang user baru
+.SH SYNOPSIS
+.TP 8
+.B useradd
+.\" .RB [ \-A
+.\" .RI { method | \fBDEFAULT\fR "},... ]"
+.RB [ \-c
+.IR comment ]
+.RB [ \-d
+.IR home_dir ]
+.br
+.RB [ \-e
+.IR expire_date ]
+.RB [ \-f
+.IR inactive_time ]
+.br
+.RB [ \-g
+.IR initial_group ]
+.RB [ \-G
+.IR group [,...]]
+.br
+.RB [ \-m " [" \-k
+.IR skeleton_dir ] " |" " " \-M ]
+.RB [ \-s
+.IR shell ]
+.br
+.RB [ \-u
+.IR uid " ["
+.BR \-o ]]
+.RB [ \-n ]
+.RB [ \-r ]
+.I login
+.TP 8
+.B useradd
+\fB\-D\fR
+[\fB\-g\fI default_group\fR]
+[\fB\-b\fI default_home\fR]
+.br
+[\fB\-f\fI default_inactive\fR]
+[\fB\-e\fI default_expire_date\fR]
+.br
+[\fB\-s\fI default_shell\fR]
+.SH PENJELASAN
+.SS Membuat User Baru
+Jika digunakan tanpa option \fB\-D\fR, perintah \fBuseradd\fR menciptakan
+sebuah  user account baru dengan menggunakan nilai yang terdapat pada
+baris perintah dan nilai default dari system.
+User account yang baru tersebut akan dimasukkan ke system files seperlunya,
+home directory akan dibuatkan, dan initial files di\-copy\-kan, tergantung
+option yang terdapat pada baris perintah.
+Versi yang terdapat pada Red Hat Linux akan membuat sebuah group untuk
+setiap user yang didaftarkan pada system, jika \fB\-b\fR tidak diberikan.
+Option yang dapat digunakan pada perintah \fBuseradd\fR adalah
+.\" .IP "\fB\-A {\fImethod\fR|\fBDEFAULT\fR},..."
+.\" Nilai milik user dalam metode autentikasi/pengecekan.
+.\" Metode autentikasi/pengecekan adalah nama sebuah program yang bertanggung 
+.\" jawab untuk memeriksa identitas user.
+.\" String \fBDEFAULT\fR dapat digunakan untuk mengubah metode autentikasi
+.\" menjadi metode password system yang standar.
+.\" Daftar tersebut berisi nama\-nama program, yang dipisahkan oleh koma.
+.\" \fBDEFAULT\fR hanya dapat dicantumkan sekali saja.
+.\" 
+.\" 
+.\" 
+.IP "\fB\-c \fIcomment\fR"
+Komentar pada file password milik user baru.
+.IP "\fB\-d \fIhome_dir\fR"
+User baru akan diciptakan dengan \fIhome_dir\fR sebagai lokasi directory 
+login\-nya.
+Default\-nya adalah menambahkan nama \fIlogin\fR pada \fIdefault_home\fR
+dan menggunakannya sebagai nama directory login.
+.IP "\fB\-e \fIexpire_date\fR"
+Tanggal ketika user account dimatikan.
+Tanggal ditulis dalam format \fIMM/DD/YY\fR.
+.IP "\fB\-f \fIinactive_days\fR"
+Jumlah hari setelah sebuah password kadaluarsa hingga account 
+tersebut dimatikan secara permanen.
+Nilai 0 mematikan account segera setelah password kadaluarsa,
+dan nilai \-1 mematikan fungsi ini.
+Nilai default\-nya adalah \-1.
+.IP "\fB\-g \fIinitial_group\fR"
+Nama group atau angka initial login group.
+Nama group harus sudah ada.  Seorang anggota group harus merujuk
+pada group yang sudah ada.
+Nilai group default\-nya adalah 1.
+.IP "\fB\-G \fIgroup,[...]\fR"
+Daftar group tambahan yang juga merupakan group\-nya user.
+Setiap group dipisahkan oleh koma, tanpa diikuti spasi.
+Group juga mengikuti aturan yang diberikan dengan option \fB\-g\fR.
+Default\-nya hanyalah untuk user yang terdaftar pada group awal.
+.IP \fB\-m\fR
+Home directory milik user akan dibuatkan jika belum ada.
+File yang terdapat pada \fIskeleton_dir\fR atau \fI/etc/skel\fR
+akan dibuatkan pada home directory milik user.
+Option \fB\-k\fR hanya valid jika bertemu option \fB\-m\fR.
+Dafault\-nya adalah tidak membuat directory dan tidak meng\-copy
+segala file.
+.IP \fB\-M\fR
+Home directory milik user tidak akan dibuatkan, bahkan jika setting
+system pada \fI/etc/login.defs\fR ditujukan untuk membuat home 
+directory.
+.IP \fB\-n\fR
+Sebuah group yang namanya sama dengan user akan ditambahkan ke dalam
+system secara default.  Option ini akan mematikan kebiasaan tersebut
+yang terdapat pada Red Hat Linux.
+.IP \fB\-r\fR
+Flag ini digunakan untuk membuat sebuah system account.  Yaitu, user
+dengan UID yang lebih kecil dari UID_MIN yang tercantum pada 
+\fI/etc/login.defs\fR.  Harap diingat bahwa \fBuseradd\fR tidak akan
+membuat home directory untuk user semacam ini, menghiraukan setting
+default yang terdapat di \fI/etc/login.defs\fR.
+Anda harus menyebutkan option \fB\-m\fR jika ingin membuat home directory
+untuk sebuah system account yang akan dibuat.
+Ini adalah option yang ditambahkan oleh Red Hat.
+.IP "\fB\-s \fIshell\fR"
+Nama login shell milik user.
+Default\-nya adalah membiarkan field ini kosong, yang menyebabkan
+system untuk memilih login shell yang default.
+.IP "\fB\-u \fIuid\fR"
+Nilai user ID secara numerik.
+Nilai ini harus unique, kecuali jika option \fI\-o\fR digunakan.
+Nilai tersebut tidak boleh negatif.
+Default\-nya adalah menggunakan nilai ID yang lebih besar dari 999
+dan lebih besar dari semua user lain.
+Nilai di antara 0 dan 999 biasanya disiapkan untuk system aacount.
+.SS Mengubah nilai\-nilai default.
+Ketika digunakan dengan option \fB\-D\fR, \fBuseradd\fR akan
+menampilkan nilai default, atau memperbarui nilai default baru
+yang terdapat pada baris perintah.
+Option yang dapat digunakan adalah
+.IP "\fB\-b \fIdefault_home\fR"
+Awalan path untuk home directory milik user baru.
+Nama user akan ditambahkan setelah akhir \fIdefault_home\fR
+ketika membuat nama directory baru jika option \fB\-d\fI tidak
+disebutkan dalam membuat account baru.
+.IP "\fB\-e \fIdefault_expire_date\fR"
+Tanggal ketika user account dimatikan.
+.IP "\fB\-f \fIdefault_inactive\fR"
+Jumlah hari setelah password kadaluarsa sebelum account
+dimatikan.
+.IP "\fB\-g \fIdefault_group\fR"
+Nama group atau ID sebagai group awal user baru.
+Nama group yang disebut harus sudah ada dan nomor group ID
+harus mempunyai entry.
+.IP "\fB\-s \fIdefault_shell\fR"
+Nama untuk login shell milik user baru.
+Nama program yang disebutkan akan digunakan untuk semua user
+account baru mendatang.
+.PP
+Jika tidak ada option yang disebutkan, \fBuseradd\fR menampilkan
+nilai default yang ada saat ini.
+.SH NOTES
+The system administrator is responsible for placing the default
+user files in the \fI/etc/skel\fR directory.
+.br
+Versi useradd ini dimodifikasi oleh Red Hat agar cocok dengan
+ketentuan mengenai user/group.
+.SH CAVEATS
+Anda tidak dapat menambahkan user pada grou NIS.
+Ini harus dilakukan pada server NIS.
+.SH FILES
+\fB/etc/passwd\fR \- informasi tentang user account
+.br
+\fB/etc/shadow\fR \- informasi user account yang terlindung
+.br
+\fB/etc/group\fR \- informasi tentang group
+.br
+\fB/etc/default/useradd\fR \- informasi tentang nilai default
+.br
+\fB/etc/login.defs\fR \- system\-wide settings
+.br
+\fB/etc/skel\fR \- directory yang mengandung default files
+.SH LIHAT JUGA
+.BR chfn (1),
+.BR chsh (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR passwd (1),
+.BR userdel (8),
+.BR usermod (8)
+.SH AUTHOR
+Julianne Frances Haugh (jfh@tab.com)
diff --git a/man/it/Makefile.am b/man/it/Makefile.am
new file mode 100644
index 0000000..94460aa
--- /dev/null
+++ b/man/it/Makefile.am
@@ -0,0 +1,66 @@
+
+mandir = @mandir@/it
+
+man_MANS = \
+	man1/chage.1 \
+	man1/chfn.1 \
+	man8/chgpasswd.8 \
+	man8/chpasswd.8 \
+	man1/chsh.1 \
+	man1/expiry.1 \
+	man5/faillog.5 \
+	man8/faillog.8 \
+	man3/getspnam.3 \
+	man1/gpasswd.1 \
+	man8/groupadd.8 \
+	man8/groupdel.8 \
+	man8/groupmems.8 \
+	man8/groupmod.8 \
+	man1/groups.1 \
+	man8/grpck.8 \
+	man8/grpconv.8 \
+	man8/grpunconv.8 \
+	man5/gshadow.5 \
+	man8/lastlog.8 \
+	man1/login.1 \
+	man5/login.defs.5 \
+	man8/logoutd.8 \
+	man1/newgrp.1 \
+	man8/newusers.8 \
+	man8/nologin.8 \
+	man1/passwd.1 \
+	man5/passwd.5 \
+	man8/pwck.8 \
+	man8/pwconv.8 \
+	man8/pwunconv.8 \
+	man1/sg.1 \
+	man3/shadow.3 \
+	man5/shadow.5 \
+	man1/su.1 \
+	man5/suauth.5 \
+	man8/useradd.8 \
+	man8/userdel.8 \
+	man8/usermod.8 \
+	man8/vigr.8 \
+	man8/vipw.8
+
+man_nopam = \
+	man5/limits.5 \
+	man5/login.access.5 \
+	man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+EXTRA_DIST = \
+	$(man_MANS) \
+	man1/id.1 \
+	man8/sulogin.8
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+include ../generate_translations.mak
+
diff --git a/man/ja/Makefile.am b/man/ja/Makefile.am
new file mode 100644
index 0000000..ffb75a9
--- /dev/null
+++ b/man/ja/Makefile.am
@@ -0,0 +1,58 @@
+
+mandir = @mandir@/ja
+
+man_MANS = \
+	man1/chage.1 \
+	man1/chfn.1 \
+	man8/chpasswd.8 \
+	man1/chsh.1 \
+	man1/expiry.1 \
+	man5/faillog.5 \
+	man8/faillog.8 \
+	man1/gpasswd.1 \
+	man8/groupadd.8 \
+	man8/groupdel.8 \
+	man8/groupmod.8 \
+	man1/groups.1 \
+	man8/grpck.8 \
+	man8/grpconv.8 \
+	man8/grpunconv.8 \
+	man8/lastlog.8 \
+	man1/login.1 \
+	man5/login.defs.5 \
+	man8/logoutd.8 \
+	man1/newgrp.1 \
+	man8/newusers.8 \
+	man1/passwd.1 \
+	man5/passwd.5 \
+	man8/pwck.8 \
+	man8/pwconv.8 \
+	man8/pwunconv.8 \
+	man1/sg.1 \
+	man5/shadow.5 \
+	man1/su.1 \
+	man5/suauth.5 \
+	man8/useradd.8 \
+	man8/userdel.8 \
+	man8/usermod.8 \
+	man8/vigr.8 \
+	man8/vipw.8
+
+man_nopam = \
+	man5/limits.5 \
+	man5/login.access.5 \
+	man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+EXTRA_DIST = \
+	$(man_MANS) \
+	man1/id.1 \
+	man3/shadow.3 \
+	man8/sulogin.8
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
diff --git a/man/ja/man1/chage.1 b/man/ja/man1/chage.1
new file mode 100644
index 0000000..cad8bfe
--- /dev/null
+++ b/man/ja/man1/chage.1
@@ -0,0 +1,120 @@
+.\" $Id$
+.\" Copyright 1990 - 1994 Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH CHAGE 1
+.SH ��
+chage \- ユーザパスワード�有効期�情報を変更�る。
+.SH 書�
+.TP 6
+\fBchage\fR
+[\fB\-m\fR \fImindays\fR] [\fB\-M\fR \fImaxdays\fR]
+[\fB\-d\fR \fIlastday\fR] [\fB\-I\fR \fIinactive\fR]
+.br
+[\fB\-E\fR \fIexpiredate\fR] [\fB\-W\fR \fIwarndays\fR] \fIuser\fR
+.TP 6
+\fBchage\fR
+\fB\-l\fR \fIuser\fR
+.SH 説明
+\fBchage\fR ��
+パスワードを最後�更新���ら�
+次�変更���れ��ら��期日���日数を変更�る。
+システム���情報を用���
+ユーザ���パスワードを変更���れ��ら���を決定�る。
+\fBchage\fR コマンドを使�る�� root ユーザ����られ��る。
+���一般ユーザも \fB\-l\fR オプションを指定�れ���コマンドを利用���
+自分�パスワード���アカウント���切れる�を知る�����る。
+.PP
+\fB\-m\fR オプションを指定��場��
+\fImindays\fR �値�パスワード変更�間隔�最短日数��る。
+��フィールドをゼロ���時��ユーザ����もパスワードを変更��る。
+.PP
+\fB\-M\fR オプションを指定�る��
+\fImaxdays\fR �値�パスワード�有効�最長日数��る。
+\fImaxdays\fR � \fIlastday\fR を足��値��在�日付より���場��
+ユーザ�アカウントを使用�る��パスワードを変更���れ��ら��。
+\fB\-W\fR オプションを使����期日����る��分�るよ����る。
+��場��ユーザ�事��警告�与�られる。
+.PP
+\fB\-d\fR オプションを用�る��
+パスワード�最終更新日を設定��る。
+\fIlastday\fR �値�
+1970 年 1 月 1 日�らパスワード最終更新日���日数��る。
+日付� YYYY\-MM\-DD ���書�
+(も�������地域�も��よ�用�られ��る書�)
+�指定�る事も��る。
+.PP
+\fB\-E\fR オプション��
+�れ以�ユーザ�アカウント�アクセス�����る日付を設定�る��用�られる。
+\fIexpiredate\fR � 1970 年 1 月 1 日�ら
+アカウント�ロック�れる日���日数��る。
+日付� YYYY\-MM\-DD ���書�
+(も�������地域�も��よ�用�られ��るも�)
+�指定�る��も��る。
+アカウントをロック�れ�ユーザ�����システムを使����
+システム管�者�連絡を�る必���る。
+.PP
+\fB\-I\fR オプション��
+パスワード�期��切れ��らアカウント�ロック�れる���
+放置日数を設定�る���用�る。
+アカウントをロック�れ�ユーザ�����システムを使������
+システム管�者�連絡���れ��ら��。
+\fIinactive\fR �使用�能期間�日数��る。
+0 ��れ���機能を無効���る。
+.PP
+\fB\-W\fR オプション��
+パスワード�変更�必���る��警告を行�期間�日数を設定�る���用�る。
+\fIwarndays\fR ��
+パスワード�期�切れ�先����
+ユーザ�期��切れ�����る��を警告�る日数��る。
+.PP
+��れ�オプションも指定�れ���
+\fBchage\fR �対話的�動作�る。
+全��フィールド�対���々�在�設定値を表示��
+新��値�入力を促�。
+新��値を設定�る場���れを入力��
+�在�値を使��ら空行���リターンキーを押��よ�。
+�在�値� \fB[ ]\fR �間�表示�れる。
+.SH 注�
+\fBchage\fR プログラムを用�る�� shadow パスワードファイル�必���る。
+��機能��passwd ファイル�パスワード��存�れ��る����
+利用����。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- shadow 化�れ�ユーザアカウント情報
+.SH 関連項目
+.BR passwd (5),
+.BR shadow (5)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man1/chfn.1 b/man/ja/man1/chfn.1
new file mode 100644
index 0000000..38971ea
--- /dev/null
+++ b/man/ja/man1/chfn.1
@@ -0,0 +1,72 @@
+.\" $Id$
+.\" Copyright 1990 - 1994 Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH CHFN 1
+.SH ��
+chfn \- ユーザ���や情報を変更�る。
+.SH 書�
+.TP 5
+\fBchfn\fR [\fB\-f\fR \fIfull_name\fR] [\fB\-r\fR \fIroom_no\fR]
+.br
+[\fB\-w\fR \fIwork_ph\fR] [\fB\-h\fR \fIhome_ph\fR] [\fB\-o\fR \fIother\fR]
+[\fIuser\fR]
+.SH 説明
+\fBchfn\fR ��ユーザ�フル�ーム・オフィス�部屋番�・内線番�・
+自宅�電話番�����アカウント情報を変更�る。
+��情報� \fBfinger\fR(1) �よ��プログラム�よ��表示�れる。
+一般ユーザ�自分自身�アカウント情報��を変更��る。
+スーパーユーザ�全��アカウント�対��情報を変更��る。
+�� \fB\-o\fR オプションを用��
+GECOS 欄�未定義部分を変更��る�もスーパーユーザ����る。
+.PP
+�フィールド�書�内容�関�る制���
+コントロール文字・コンマ・コロン・等�を�ん�����ら���
+���������る。
+\fIother\fR 欄�対�����制�������
+他�アプリケーション�用�るアカウンティング情報�記録�利用�れる。
+.PP
+��れ�オプションも指定�れ���
+\fBchfn\fR �対話的�動作�る。
+全��欄�対���々�在�設定値を表示��新��値�入力を促�。
+新��値を設定�る場���れを入力��
+�在�値を使��ら空行���リターンキーを押��よ�。
+�在�値� \fB[ ]\fR 記��間�表示�れる。
+オプションを指定�����場��
+chfn ��在�ユーザアカウント�対��動作�る。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.SH 関連項目
+.BR passwd (5)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man1/chsh.1 b/man/ja/man1/chsh.1
new file mode 100644
index 0000000..d56be97
--- /dev/null
+++ b/man/ja/man1/chsh.1
@@ -0,0 +1,72 @@
+.\"$Id$
+.\" Copyright 1990, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH CHSH 1
+.SH ��
+chsh \- ログインシェルを変更�る
+.SH 書�
+.TP 5
+\fBchsh\fR
+[\fB\-s\fR \fIlogin_shell\fR] [\fIuser\fR]
+.SH 説明
+\fBchsh\fR �ユーザ�ログインシェルを変更�る。
+�れ�よ���ユーザ�ログイン��最��実行�れるコマンド�決�る。
+一般ユーザ�自分�アカウント�ログインシェル��を変更��る。
+スーパーユーザ�全��アカウント�ログインシェルを変更��る。
+.PP
+ログインシェル��
+コマンド�� \fI/etc/shells\fR �記載�れ��れ��ん�も良�。
+スーパーユーザ�場����制��������る値�も指定��る。
+機能を制��れ�ログインシェルを用���るアカウント�ら��
+ログインシェルを変更�����も�れ��。
+���由�ら�
+\fB/bin/rsh\fR � \fI/etc/shells\fR ��書������良�。
+誤��機能�制��れ�シェル�変更�������
+ログインシェルを元�も��戻����������ら��る。
+.PP
+\fB\-s\fR オプションを指定�����場���
+\fBchsh\fR �対話的�動作�る。
+ユーザ��在�ログインシェルを表示��新��値�入力を促�。
+設定値を変更�る�ら新��値を入力��
+�在�値を使��ら空行���リターンキーを押��よ�。
+�在�シェル� \fB[ ]\fR 記��間�表示�れる。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shells\fR \- 指定��るログインシェル�リスト
+.SH 関連項目
+.BR chfn (1),
+.BR passwd (5)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man1/expiry.1 b/man/ja/man1/expiry.1
new file mode 100644
index 0000000..d671507
--- /dev/null
+++ b/man/ja/man1/expiry.1
@@ -0,0 +1,53 @@
+.\" $Id$
+.\" Copyright 1990 - 1994 Julianne Frances Haugh
+.\" All rights reserved.
+.\" Modified for expiry by Ben Collins <bcollins@debian.org>, 1999
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 2002 NAKANO Takeo all rights reserved.
+.\" Translated Sun 3 Mar 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH EXPIRY 1
+.SH ��
+expiry \- パスワード�期�切れ�リシー��ェック�執行
+.SH 書�
+.TP 6
+\fBexpiry\fR [\fB\-c\fR] [\fB\-f\fR]
+.SH 説明
+.B expiry
+��在�パスワード期�切れ情報を�ェック (\fB\-c\fR) ��
+必��場��変更を強制�る (\fB\-f\fR)。
+��コマンド�通常�ユーザコマンド���呼�出��能��る。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- shadow 化�れ�ユーザアカウント情報
+.SH 関連項目
+.BR passwd (5),
+.BR shadow (5)
+.SH 著者
+Ben Collins <bcollins@debian.org>
diff --git a/man/ja/man1/gpasswd.1 b/man/ja/man1/gpasswd.1
new file mode 100644
index 0000000..1b34157
--- /dev/null
+++ b/man/ja/man1/gpasswd.1
@@ -0,0 +1,70 @@
+.\"$Id$
+.\" Copyright 1996, Rafal Maszkowski <rzm@pdi.net>
+.\" All rights reserved. You can redistribute this man page and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of the
+.\" License, or (at your option) any later version.
+.\"
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated & Modified 3 Mar 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH GPASSWD 1
+.SH ��
+gpasswd \- /etc/groupファイルを管��る
+.SH 書�
+\fBgpasswd\fR \fIgroup\fR
+.br
+\fBgpasswd \-a\fR \fIuser\fR \fIgroup\fR
+.br
+\fBgpasswd \-d\fR \fIuser\fR \fIgroup\fR
+.br
+\fBgpasswd \-R\fR \fIgroup\fR
+.br
+\fBgpasswd \-r\fR \fIgroup\fR
+.br
+\fBgpasswd\fR [\fB\-A\fR \fIuser\fR,...] [\fB\-M\fR \fIuser\fR,...] \fIgroup\fR
+.SH 説明
+.B gpasswd
+� /etc/group ファイル
+(�よ� SHADOWGRP を定義��コンパイル��時� /etc/gshadow ファイル)
+�管��用�られる。
+�グループ���管�者・メン�ー・パスワードを設定��る。
+システム管�者��
+\fB\-A\fR オプションを使��グループ管�者 (複数�も�) を定義��り�
+\fB\-M\fR オプションを使��メン�ーを定義��り���
+�グループ�管�者・メン�ー��等�特権を��。
+.PP
+グループ管�者��\fB\-a\fR オプションを用��ユーザを追加��り�
+\fB\-d\fR オプションを用��ユーザを削除��り��る。
+管�者� \fB\-r\fR オプションを用��グループパスワードを削除��る。
+パスワード�設定�れ����時��
+グループ�メン�ー���
+.BR newgrp (1)
+を用��グループ�一員��れる。
+オプション \fB\-R\fR を指定�る��
+.BR newgrp (1)
+コマンドを用��グループ��アクセス������る。
+.PP
+グループ�管�者�グループ���を指定��
+.B gpasswd
+コマンドを実行��場���
+パスワード�入力を求�られる。
+パスワード�設定�れ��る場��も�
+メン�ー�パスワード���
+.BR newgrp (1)
+コマンドを使�る��
+メン�ー���人�パスワードを入力������ら��。
+.SH ファイル
+\fI/etc/group\fR \- グループ情報
+.br
+\fI/etc/gshadow\fR \- shadow �れ�グループ情報
+.SH 関連項目
+.BR newgrp (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR grpck (8)
+.SH 著者
+Rafal Maszkowski <rzm@pdi.net>
diff --git a/man/ja/man1/groups.1 b/man/ja/man1/groups.1
new file mode 100644
index 0000000..f0a2bbf
--- /dev/null
+++ b/man/ja/man1/groups.1
@@ -0,0 +1,65 @@
+.\"$Id$
+.\" Copyright 1991 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 2001 Maki KURODA
+.\"     all right reserved,
+.\" Translated Tue Oct 30 11:58:18 JST 2001
+.\" by Maki KURODA <mkuroda@aisys\-jp.com>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.\"WORD:	concurrent group set	�時所属グループ集�
+.\"WORD:	real group ID		実グループ ID
+.\"WORD:	effective group ID	実効グループ ID
+.\"
+.TH GROUPS 1
+.SH ��
+groups \- �在�グループ��表示
+.SH 書�
+\fBgroups\fR [\fIuser\fR]
+.SH 説明
+.B groups
+��在�グループ������ ID 値を表示�る。
+ID 値�対応�る��� \fI/etc/group\fR �登録�れ����れ��
+数値�グループ ID �表示�れる。
+パラメータ��� \fIuser\fR を与�る��
+指定�� \fIuser\fR �所属�るグループ�を表示�る。
+.SH 注�
+�時所属グループ集� (concurrent group set)
+をサ�ート�����システム���
+\fI/etc/group\fR �情報�報告�れる。
+ユーザ��在�実グループ ID や実効グループ ID を変更�る���
+\fBnewgrp\fR や \fBsg\fR を使用���れ��ら��。
+.SH ファイル
+/etc/group \- グループ情報
+.SH 関連項目
+.BR newgrp (1),
+.BR getuid (2),
+.BR getgid (2),
+.BR getgroups (2)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man1/id.1 b/man/ja/man1/id.1
new file mode 100644
index 0000000..197cbe7
--- /dev/null
+++ b/man/ja/man1/id.1
@@ -0,0 +1,57 @@
+.\"$Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 2000 ISHIKAWA Keisuke
+.\"         all rights reserved.
+.\" Translated Thu Nov  9 23:17:10 JST 2000
+.\"         by ISHIKAWA Keisuke
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH ID 1
+.SH ��
+id \- �在�ユーザ ID ��グループ ID �を表示�る
+.SH 書�
+\fBid\fR [\fB\-a\fR]
+.SH 説明
+\fBid\fR���在�実ユーザ ID�実効ユーザ ID�実グループ ID�
+実効グループ ID ������値を表示�る。
+値�対応�るエントリ� \fI/etc/passwd\fR や
+\fI/etc/group\fR �存在���場���
+対応�る���表示�れ��値���表示�れる。
+ユーザ��時�複数�グループ�メン�ー��れるシステム���
+\fB\-a\fR オプションを指定�る�グループ�集��表示�れる。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザーアカウント情報
+.br
+\fI/etc/group\fR \ \- グループ情報
+.SH 関連項目
+.BR getgid (2),
+.BR getgroups (2),
+.BR getuid (2)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man1/login.1 b/man/ja/man1/login.1
new file mode 100644
index 0000000..44d305e
--- /dev/null
+++ b/man/ja/man1/login.1
@@ -0,0 +1,141 @@
+.\" $Id$

+.\" Copyright 1989 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.TH LOGIN 1
+.SH ��
+login \- システム上�セッションを開�
+.SH 書�
+\fBlogin\fR [\fB\-p\fR] [\fIusername\fR] [\fIENV=VAR\fR ...]
+.br
+\fBlogin\fR [\fB\-p\fR] [\fB\-h\fR \fIhost\fR] [\fB\-f\fR \fIusername\fR]
+.br
+\fBlogin\fR [\fB\-p\fR] \fB\-r\fR \fIhost\fR
+.SH 説明
+.B login
+�システム�新��セッションを開����用�られる。
+通常��ユーザ�端末�表示�れる
+.I login:
+���プロンプト�応�る事�よ��自動的�起動�れる。
+.B login
+�シェル専用�も���り�
+サブプロセス���起動�る�������。
+通常シェル�
+.B login
+ã‚’
+\fBexec login\fR �������ユーザ��在�シェル�ら抜�る����る。
+ログインシェル以外�ら \fBlogin\fR を起動�よ���る��
+エラーメッセージ�表示�れる。
+.PP
+次���必��場����ユーザ�パスワードを入力�るよ�促�れる。
+パスワードを表示�������よ��エコー�行�れ��。
+数回以上パスワード入力�失敗�る�
+\fBlogin\fR �終了��通信�接続�切断�れ����。
+.PP
+アカウント�対��パスワード�有効期��設定�れ��る場���
+先�進む��新��パスワード�設定を促�れる��も�る。
+セッションを続�る������パスワード�
+新��パスワードを入力������ら��。
+詳��情報� \fBpasswd\fR(1) を�照�る��。
+.PP
+ログイン��功�る��システムメッセージやメール�有無�表示�れる。
+ログインディレクトリ�長� 0 �ファイル \fI.hushlogin\fR を作������
+システムメッセージファイル��る
+\fI/etc/motd\fR �表示を無効���る。
+メール�関�るメッセージ��メールボックス�状態�よ��
+"\fBYou have new mail.\fR",
+"\fBYou have mail.\fR",
+"\fBNo Mail.\fR"
+���れ���る。
+.PP
+ユーザ ID �グループ� ID �
+\fI/etc/passwd\fR ファイル中�記載�れ��る値�従��設定�れる。
+\fB$HOME\fR, \fB$SHELL\fR, \fB$PATH\fR, \fB$LOGNAME\fR, \fB$MAIL\fR
+�値��パスワードエントリ��れ�れ�フィールド�従��設定�れる。
+ulimit, umask, nice 値��
+GECOS フィールド�エントリー�よ��設定�れる��も�る。
+.PP
+インストール時�設定�よ����
+\fI/etc/ttytype\fR �指定�従���
+環境変数\fB$TERM\fR� tty 接続�端末�型 (terminal type)
+��期化�れる��も�る。
+.PP
+コマンドインタプリタ��期化スクリプト�実行�れる��も�る。
+��機能�����詳��情報��当�マニュアルセクションを�照���。
+.PP
+サブシステムログイン���
+ログインシェル�最��文字� "*" を置�。
+渡�れ�ホームディレクトリ��
+ユーザ�実際�ログイン�る新��ファイルシステム�ルート���扱�れる。
+.SH オプション
+.TP
+.B \-p
+環境を�存�る。
+.TP
+.B \-f
+ユーザ�����証�れ��るも������証動作を行����。
+.TP
+.B \-h
+��ログイン�リモートホスト���。
+.TP
+.B \-r
+rlogin �自動ログインプロトコルを実行�る。
+.PP
+\fB\-r\fP, \fB\-h\fP, \fB\-f\fP オプション��
+root � \fBlogin\fP を起動��場����用�る。
+.SH 警告
+��版� \fBlogin\fR ��多��コンパイル時オプション��る��
+サイト�よ��������一部��使�れ�����も�れ��。
+.PP
+システム設定����よ��上記ファイル�置�場所�変�る。
+.SH ファイル
+\fI/var/run/utmp\fR		\- �在�ログインセッション�リスト
+.br
+\fI/var/log/wtmp\fR		\- �去�ログインセッション�リスト
+.br
+\fI/etc/passwd\fR		\- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR		\- 暗�化パスワード�有効期�情報
+.br
+\fI/etc/motd\fR			\- システムメッセージファイル
+.br
+\fI/etc/nologin\fR		\- root 以外�ユーザ�ログインを�止�る
+.br
+\fI/etc/ttytype\fR		\- 端末�型�リスト
+.br
+\fI$HOME/.hushlogin\fR	\- システムメッセージ�表示を抑制�る
+.SH 関連項目
+.BR mail (1),
+.BR passwd (1),
+.BR sh (1),
+.BR su (1),
+.\" .BR d_passwd (5),
+.BR login.defs (5),
+.BR nologin (5),
+.BR passwd (5),
+.BR getty (8)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man1/newgrp.1 b/man/ja/man1/newgrp.1
new file mode 100644
index 0000000..a60af04
--- /dev/null
+++ b/man/ja/man1/newgrp.1
@@ -0,0 +1,92 @@
+.\"$Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated & Modified Sun 3 Mar 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH NEWGRP 1
+.SH ��
+newgrp \- 新��グループ�ログイン�る
+.br
+sg \- 別�グループ ID �コマンドを実行�る
+.SH 書�
+\fBnewgrp\fR [\fB\-\fR] [\fIgroup\fR]
+.br
+\fBsg\fR [\fB\-\fR] [\fIgroup\fR [[\fB\-c\fR] \fIcommand\fR]]
+.SH 説明
+.B newgrp
+�ログインセッション中��在�グループ ID を変更�る���用�られる。
+オプション��� \fB\-\fR フラグを与��場���
+新��ログイン������様�環境���期化�れる。
+�����場����在�作業ディレクトリを����
+�在�環境�変化���。
+.PP
+.B newgrp
+��在�実グループ ID を�指定��グループ�
+(グループ�を指定�����場�� \fI/etc/passwd\fR
+�記載�れ�デフォルト�グループ�) 変更�る。
+ユーザ��パスワード���グループ���る場��
+�る��ユーザ�グループ�メン�ー����
+グループ�パスワード��る場����
+��ユーザ�パスワード�入力を求�られる。
+グループ�パスワード�設定�れ��ら��
+��ユーザ�グループ�メン�ー���場���
+アクセス�拒��れる。
+.PP
+.B sg
+コマンド�
+.B newgrp
+��様�動作�る��コマンドを��付�る。
+��コマンド� \fB/bin/sh\fR シェル�実行�れる。
+コマンド�複数��語�ら�る場���
+sg �実行元��る����シェル���ん������
+�れらをクォート�る必���る���。
+.BR newgrp " � " sg
+�も�一������
+特定�シェル� \fBnewgrp\fR を特別�扱�点��る。
+��よ��シェル��自分自身を
+.B newgrp
+�生���新��実体�置���る。��よ�����
+.B sg
+��起������
+.B sg
+コマンド�ら戻��際��以��グループ ID �戻る。
+.SH ファイル
+\fI/etc/passwd\fR	\- ユーザアカウント情報
+.br
+\fI/etc/group\fR	\- グループ情報
+.SH 関連項目
+.BR id (1),
+.BR login (1),
+.BR su (1)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man1/passwd.1 b/man/ja/man1/passwd.1
new file mode 100644
index 0000000..15f55d4
--- /dev/null
+++ b/man/ja/man1/passwd.1
@@ -0,0 +1,217 @@
+.\" $Id$
+.\" Copyright 1989 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated 2 Mar 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH PASSWD 1
+.SH ��
+passwd \- ユーザパスワードを変更�る
+.SH 書�
+\fBpasswd\fR [\fB\-f\fR|\fB\-s\fR] [\fIname\fR]
+.br
+\fBpasswd\fR [\fB\-g\fR] [\fB\-r\fR|\fB\-R\fR] \fIgroup\fR
+.br
+\fBpasswd\fR [\fB\-x\fR \fImax\fR] [\fB\-n\fR \fImin\fR]
+[\fB\-w\fR \fIwarn\fR] [\fB\-i\fR \fIinact\fR] \fIlogin\fR
+.br
+\fBpasswd\fR {\fB\-l\fR|\fB\-u\fR|\fB\-d\fR|\fB\-S\fR|\fB\-e\fR} \fIlogin\fR
+.SH 説明
+\fBpasswd\fR �ユーザアカウント・グループアカウント�パスワードを変更�る。
+一般ユーザ�自分�アカウント�パスワード��変更����。
+スーパーユーザ����るアカウント�パスワードも変更��る。
+グループ�管�者�グループ�パスワードを変更��る。
+\fBpasswd\fR �よ���ユーザ�フル�ーム・ログインシェル・
+パスワード�期�切れ�日付・
+有効期間����アカウント情報を変更�る��も��る。
+.PP
+.B \-s
+オプションを指定�る�
+.BR passwd " � " chsh
+を呼�出��ユーザ�シェルを変更�る。
+.B \-f
+オプションを指定�る�
+.BR passwd " � " chfn
+を呼�出��ユーザ� GECOS 情報を変更�る。
+�れら� 2 ��オプション�互�性�������る。
+chsh や chfn を直接呼�出��も構���。
+.SS パスワード�変更
+パスワード�既��る場�������パスワードを入力�るよ�促�れる。
+入力�れ�パスワード�暗�化�れ�記録�れ��るも��照��れる。
+正��パスワードを 1 回�入力������ら��。
+スーパーユーザ��パスワードを忘れ�����際�変更も行��る様��
+��ステップを�略��る。
+.PP
+パスワード�入力�れ�後�パスワード有効期��情報を調��
+�在パスワード�変更�許�れ��る�検査�る。
+も�許��れ����場���
+\fBpasswd\fR �変更を拒���終了�る。
+.PP
+次�ユーザ��置���るパスワードを入力�るよ�促�れる。
+入力�れ�パスワード��充分複雑����検査�れる。
+一般的�指������
+パスワード�以下�集��れ�れ�ら一�以上�文字を使��
+6 �ら 8 文字�も�������る。
+.IP "" .5i
+�文字�アルファベット
+.IP "" .5i
+大文字�アルファベット
+.IP "" .5i
+0 �ら 9 ���数字
+.IP "" .5i
+�読点
+.PP
+システム�デフォルト�消去文字や
+kill 文字を����よ��注��る��。
+\fBpasswd\fR ���り��純�パスワード��変更�拒��る。
+.PP
+入力��パスワード���入れられ�場��
+\fBpasswd\fR �も�一度入力を促��
+二番目�入力��も�を最��も��比較�る。
+パスワード変更���入れられる�����
+��両者��致������ら��。
+.SS グループパスワード
+\fB\-g\fR オプションを用��場��
+指定��グループ�パスワード�変更�れる。
+��オプション�スーパーユーザ�指定��グループ�管�者��使���。
+�在�グループパスワード�尋�����。
+\fB\-g\fR オプションを \fB\-r\fR オプション��も�用�る��
+指定��グループ�パスワード�削除�れる。
+���る�全��メン�ー���グループ�アクセス��るよ���る。
+\fB\-R\fR オプションを \fB\-g\fR オプション��も�用�る��
+全��ユーザ�対��指定��グループ��アクセスを�止��る。
+.SS パスワード�有効期�情報
+スーパーユーザ��パスワード�有効期��関�る情報を変更��る。
+�れ�� \fB\-x\fR, \fB\-n\fR, \fB\-w\fR, \fB\-i\fR ���オプションを用�る。
+\fB\-x\fR オプション�パスワード�有効�最長日数を設定�る��用�られる。
+\fImax\fR 日���る�パスワードを変更�るよ��求�られる。
+\fB\-n\fR オプション�パスワード�変更�能��る���
+最短日数を設定�る��用�られる。
+ユーザ� \fImin\fR 日�経���後����パスワードを変更����。
+\fB\-w\fR オプション�パスワード�使用期���る��
+何日間警告を与�る�を設定�る���用�られる。
+期�切れ� \fIwarn\fR 日��ら注��開始�れ�
+パスワード�期�切れ��る����何日残���る��示�れる。
+\fB\-i\fR オプション��
+パスワード�期��切れ��ら何日間経���ら�
+��アカウントを使用�能�状態��る�を設定�る��用�る。
+\fIinact\fR 日間アカウントをパスワード期�切れ状態�����る��
+ユーザ���アカウント�入れ���る。
+.PP
+�るアカウント�パスワードを直��期�切れ����場���
+\fB\-e\fR オプションを用�れ�よ�。
+�る���ユーザ�次�ログイン�る際�パスワードを変更�るよ�強制�れる。
+\fB\-d\fR オプションを使���ユーザ�パスワードを削除�る��も��る
+(パスワード�空��る)。��オプション�注���使���。
+�れを使�����アカウント�ログイン�パスワードを全�必������り�
+システム�侵入者�対��オープン�������。
+.SS アカウント��守
+\fB\-l\fR フラグ� \fB\-u\fR フラグを用�る��
+ユーザアカウントをロック��り���ロックを外��り��る。
+\fB\-l\fR オプションを用�る��
+パスワードフィールド�値�暗�化�れ�如何�る値�もマッ�����り�
+アカウント�使用�能��る。
+\fB\-u\fR オプションを用�る��パスワード�以��値�戻り�
+アカウント���使用�能��る。
+.PP
+\fB\-S\fR オプションを用�る�アカウント�状態�表示�れる。
+アカウント�状態�情報� 6 ��部分�ら�る。
+最��部分��アカウント�ロック���られ��る (L)�
+パスワード�存在��� (NP)�
+も���使用�能�パスワード��る (P) ����情報を示�。
+2 番目�最後�パスワード�変更�れ�日付を示�。
+残り�4��部分��れ�れパスワード�最短期��最長期��警告期間�
+使用�能期間��る。
+.SS ユーザパスワード�対�るヒント
+パスワード�安全性�暗�化アルゴリズム�強力��キー空間�大����存�る。
+\fB\s-2UNIX\s+2\fR �システム暗�化�方法�
+NBS DES アルゴリズム�基����り��常�安全性�高�。
+キー空間�大�����れ�パスワード�ランダム���存�る。
+.PP
+パスワード�安全性�脅��れる���
+大抵�場�パスワード��択や扱���注������る。
+従��パスワード�����
+辞書�載���るも�や書�留���れ��ら��も��
+��る����る。
+���固有�詞・�許証番�・誕生日・自宅��所��を
+パスワード��る�も��る����る。
+�れら���れもシステムセキュリティを破る際��
+推�情報�用�られる�能性��る�ら��る。
+.PP
+パスワード�紙片�書�留����必��無�よ��
+簡����出�るも��������ら��。
+�れ�例���
+短�二���語を������
+��間�特殊記�や数字を挟�込む���よ��作れる。
+例�� Pass%word ��。
+.PP
+他�作り方�����文学作����ら��出�や���を��出��
+�れ�れ��語�ら最�も���最後�文字を抜�出�方法��る。
+��方法�例�����
+.IP "" .5i
+Ask not for whom the bell tolls.
+.PP
+�����ら
+.IP "" .5i
+An4wtbt.
+���パスワード�作り出�る。
+.PP
+クラッカー�辞書���
+�ん�語��載��������������も良����。
+�������示��方法���頼る������
+自分独自�パスワード�作り方を考�出�����る。
+.SS グループ�パスワード�関�る注�
+グループパスワード��一人以上�人間�知る���許�れるも���る�ら�
+本質的�セキュリティ上��題を抱���る。
+���グループを使��別々�人間�共��作業�る事���る���
+�れ�便利�ツール���る。
+.SH 警告
+全��オプション�使�るよ���設定�れ�����も�れ��。
+パスワード�複雑��検証�サイト�よ��異�る���。
+ユーザ�システム�満足�るよ���
+充分複雑�パスワードを��よ�強制�れる。
+NIS �動作�����
+�� NIS サー�以外�ログイン���るユーザ��
+パスワードを変更����。
+(訳注: ��場�
+.BR yppasswd (8)
+を用�る。)
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- 暗�化�れ�ユーザパスワード
+.SH 関連項目
+.BR group (5),
+.BR passwd (5),
+.BR shadow (5)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man1/sg.1 b/man/ja/man1/sg.1
new file mode 100644
index 0000000..d07c5e4
--- /dev/null
+++ b/man/ja/man1/sg.1
@@ -0,0 +1 @@
+.so man1/newgrp.1
diff --git a/man/ja/man1/su.1 b/man/ja/man1/su.1
new file mode 100644
index 0000000..9406f0d
--- /dev/null
+++ b/man/ja/man1/su.1
@@ -0,0 +1,88 @@
+.\" $Id$
+.\" Copyright 1989 - 1990, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated Wed Apr 26 JST 2000 by Kentaro Shirakata <argrath@ub32.org>
+.\" Updated Fri Jan 12 JST 2001 by Kentaro Shirakata <argrath@ub32.org>
+.\" Updated Mon Mar  4 JST 2002 by Kentaro Shirakata <argrath@ub32.org>
+.\" Modified Tue 16 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH SU 1
+.SH ��
+su \- ユーザIDを変更�る。���スーパーユーザ��る
+.SH 書�
+\fBsu\fR [\fB\-\fR] [\fIusername\fR [\fIargs\fR]]
+.SH 説明
+\fBsu\fR �ログインセッション中�別�ユーザ��る���用�る。
+ユーザ�を指定���起動��場��
+デフォルト��スーパーユーザ� ID �変更�る。
+オプション引数 \fB\-\fR を用�る��
+直接ログイン��場����環境��期化�れる。
+.PP
+ユーザ��後��追加�引数を与�る��も���
+��場�引数�ユーザ�ログインシェル�渡�れる。
+特����引数�一���� \fB\-c\fR を渡��場��
+�れ�続�引数�大部分�コマンドインタプリタ�コマンド���解釈�れる。
+コマンド���ユーザ� (\fI/etc/passwd\fR �)
+指定�れ��るシェル�実行�れる。
+.PP
+必��場����ユーザ��パスワード�入力�促�れる。
+間���パスワード�入力�れ�場���エラーメッセージ�出力�れる。
+\fIsu\fR�よ����場���システム�濫用を検知�る����
+�れ�正��場�も�正�場�も常�記録�残�れる。
+.PP
+�在�環境�新��シェル�引�継�れる。
+���
+\fB$PATH\fR �値��
+通常�ユーザ�� \fB/bin:/usr/bin\fR ��
+スーパーユーザ�� \fB/sbin:/bin:/usr/sbin:/usr/bin\fR
+��設定�れる。
+�れ� \fI/etc/login.defs\fR �
+\fBENV_PATH\fR � \fBENV_SUPATH\fR �変更��る。
+.PP
+サブシステムログイン���
+ログインシェル�最��文字� "*" を置�。
+渡�れ�ホームディレクトリ��
+ユーザ�実際�ログイン�る新��ファイルシステム�ルート���扱�れる。
+.SH 警告
+��版� \fBsu\fR ��多��コンパイル時オプション��る��
+サイト�よ�����一部��設定�れ������も�る。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- 暗�化パスワード�有効期�情報
+.SH 関連項目
+.BR login (1),
+.BR sh (1),
+.BR login.defs (5),
+.BR suauth (5)
+.SH 著者
+Julianne Frances Haugh <jockgrrl@ix.netcom.com>
diff --git a/man/ja/man3/shadow.3 b/man/ja/man3/shadow.3
new file mode 100644
index 0000000..b76a74f
--- /dev/null
+++ b/man/ja/man3/shadow.3
@@ -0,0 +1,153 @@
+.\" $Id$
+.\" Copyright 1989 - 1993, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" updated Tue 17 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH SHADOW 3
+.SH ��
+shadow \- 暗�化�れ�パスワードファイル用ルー�ン
+.SH 書�
+.B #include <shadow.h>
+.PP
+.B struct spwd *getspent();
+.PP
+.B struct spwd *getspnam(char
+.IB *name );
+.PP
+.B void setspent();
+.PP
+.B void endspent();
+.PP
+.B struct spwd *fgetspent(FILE
+.IB *fp );
+.PP
+.B struct spwd *sgetspent(char
+.IB *cp );
+.PP
+.B int putspent(struct spwd
+.I *p,
+.B FILE
+.IB *fp );
+.PP
+.B int lckpwdf();
+.PP
+.B int ulckpwdf();
+.SH 説明
+.I shadow
+� shadow パスワードファイル
+\fI/etc/shadow\fR �内容を�作�るルー�ン��る。
+\fI#include\fR ファイル�与�られ��る構造体�以下�通り。
+.sp
+struct spwd {
+.in +.5i
+.br
+	char	*sp_namp; /* user login name */
+.br
+	char	*sp_pwdp; /* encrypted password */
+.br
+	long	sp_lstchg; /* last password change */
+.br
+	int	sp_min; /* days until change allowed. */
+.br
+	int	sp_max; /* days before change required */
+.br
+	int	sp_warn; /* days warning for expiration */
+.br
+	int	sp_inact; /* days before account inactive */
+.br
+	int	sp_expire; /* date when account expires */
+.br
+	int	sp_flag; /* reserved for future use */
+.br
+.in \-.5i
+}
+.PP
+�フィールド��味�:
+.sp
+sp_namp \- ヌル終端�れ�ユーザ�文字列���インタ
+.br
+sp_pwdp \- ヌル終端�れ�パスワード文字列���インタ
+.br
+sp_lstchg \- 1970年1月1日�らパスワード最終変更日時迄�日数
+.br
+sp_min \- パスワード変更�出�るよ���る���日数
+.br
+sp_max \- パスワードを変更����も良�日数
+.br
+sp_warn \- パスワード�期�切れ��る���
+期�切れ�近����る旨�警告をユーザ�出�期間�日数
+.br
+sp_inact \- パスワード�期�切れ�����ら�
+アカウント��能��り使用�����る���日数
+.br
+sp_expire \- 1970年1月1�らアカウント�使用�能��る日迄�日数
+.br
+sp_flag \- 将�使�������予約
+.SH 説明
+\fBgetspent\fR, \fBgetspname\fR, \fBfgetspent\fR, \fBsgetspent\fR
+���れ�れ \fBstruct spwd\fR ���インタを返�。
+\fBgetspent\fR �ファイル�ら次�エントリを�
+\fBfgetspent\fR �指定�れ�ストリーム
+(正��書��ファイル����れる)
+�ら次�エントリを返�。
+\fBsgetspent\fR �入力���与�られ�文字列を用��
+\fBstruct spwd\fR ���インタを返�。
+\fBgetspnam\fR �ファイル中��在��置�ら
+\fBname\fR �マッ��るエントリを探�。
+.PP
+\fBsetspent\fR �
+shadow パスワードファイル��アクセスを開始�る����
+\fBendspent\fR �終了�る���用�られる。
+.PP
+\fI/etc/shadow\fR ファイル�対�る排他的�アクセスを�証���場����
+\fBlckpwdf\fR ルー�ン� \fBulckpwdf\fR ルー�ンを用�る。
+\fBlckpwdf\fR � \fBpw_lock\fR を用��最大 15 秒間ロックを�得�よ���る。
+���最�� 15 秒�残り�間�
+\fBspw_lock\fR �よ��二度目�ロックを�よ��試�続�る。
+計 15 秒間�間���れ��試��失敗��場���
+\fBlckpwdf\fR � \-1 を返�。
+��れ�ロックも�功��場�� 0 �返�れる。
+.SH 返り値
+�れら�ルー�ン��エントリ�残�����場�や�
+処���程�エラー�発生��場��� NULL を返�。
+返り値� \fBint\fR ��るルー�ン��
+�功��ら 0 を�失敗��ら \-1 を返�。
+.SH 警告
+shadow�れ�パスワードファイル��アクセス�制��れ��る���
+�れら�ルー�ン�スーパーユーザ���利用��る。
+.SH ファイル
+\fI/etc/shadow\fR \- 暗�化�れ�ユーザパスワード
+.SH 関連項目
+.BR getpwent (3),
+.BR shadow (5)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man5/faillog.5 b/man/ja/man5/faillog.5
new file mode 100644
index 0000000..4fdcf73
--- /dev/null
+++ b/man/ja/man5/faillog.5
@@ -0,0 +1,64 @@
+.\"$Id$
+.\" Copyright 1989 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 18 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH FAILLOG 5
+.SH ��
+faillog \- ログイン失敗を記録�るファイル
+.SH 説明
+.I faillog
+�個々�アカウント�対�るログイン失敗回数����度を記録�る。
+ファイル�固定長レコード��り�UID 番��インデックス付��れ��る。
+�レコード���最後�ログイン��功��以��ログイン失敗回数�
+アカウント�使用�能��る���許�れるログイン失敗回数�
+最後�ログイン�失敗�����接続デ�イス�
+最後�ログイン�失敗��日付�
+�記録�れ��る。
+.PP
+��ファイル�構造�以下�通り。
+.DS
+
+        struct	faillog {
+                short   fail_cnt;
+                short   fail_max;
+                char    fail_line[12];
+                time_t  fail_time;
+        };
+
+.DE
+.SH ファイル
+\fI/var/log/faillog\fR \- ログイン失敗�記録
+.SH 関連項目
+.BR faillog (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man5/limits.5 b/man/ja/man5/limits.5
new file mode 100644
index 0000000..a8c8329
--- /dev/null
+++ b/man/ja/man5/limits.5
@@ -0,0 +1,89 @@
+.\"$Id$
+.\"
+.\" Japanese Version Copyright (c) 2001 Maki KURODA
+.\"     all right reserved,
+.\" Translated Mon Nov  5 18:12:16 JST 2001
+.\" by Maki KURODA <mkuroda@aisys-jp.com>
+.\" Modified Tue 18 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH LIMITS 5
+.SH ��
+limits \- リソース制��定義
+.SH 説明
+.I limits
+ファイル (デフォルト�� /etc/limits。
+�る�� config.h �定義�� LIMITS_FILE)
+���設定���リソース制�を記述�る。
+��ファイル� root �所有��
+root アカウント���読�込��能��る����る．
+.PP
+デフォルト�� root �対�る制��設定����。
+実��root ��等�アカウント (UID 0 �アカウント)
+を��手段�よ��制��る�������。
+.PP
+�行��以下�形��ユーザ�対�る制�を記述�る。
+.sp
+.I	user LIMITS_STRING
+.PP
+\fBLIMITS_STRING\fP �リソース制��定義を連����文字列��る。
+�制��定義��1 文字�識別����れ�続�制�数値�ら�る。
+.PP
+有効�識別��以下�通り。
+.sp
+A: アドレス空間�最大値 (KB)
+.br
+C: コアファイルサイズ�最大値 (KB)
+.br
+D: データサイズ�最大値 (KB)
+.br
+F: ファイルサイズ�最大値 (KB)
+.br
+M: メモリ上�ロック��るアドレス空間�最大値 (KB)
+.br
+N: ファイルオープン数�最大値
+.br
+R: レジデントセットサイズ�最大値 (KB)
+.br
+S: スタックサイズ�最大値 (KB)
+.br
+T: CPU 時間�最大値 (分)
+.br
+U: プロセス数�最大値
+.br
+K: \fBumask\fR(2) �より設定�れる�ファイル作�時� mask
+.br
+L: ��ユーザ��時ログイン数�最大値
+.br
+P: \fBsetpriority\fR(2) �よ��設定�れるプロセス優先度
+.PP
+例���\fIL2D2048N5\fP �正�� \fBLIMITS_STRING\fP ��る。
+以下� 2 ��例�等価��る。2 番目�よ��読�易�書���も��る。
+.sp
+username L2D2048N5
+.br
+username L2 D2048 N5
+.PP
+\fIusername\fP 以��行�残り�制�用�文字列���扱�れる���
+コメント�書��������。
+login プログラム��正����制�文字列�拒絶�る (無視�る)。
+.PP
+デフォルト�エントリ��ユーザ�� "\fB*\fP" �����るも���る。
+\fBLIMITS_FILE\fP �複数�\fIデフォルト\fPを登録�る��
+最後�も��デフォルト指定���使用�れる。
+.PP
+�るユーザ��制�を完全�無効��る���
+シングルダッシュ "\fB\-\fP" を使用�る。
+.PP
+�ら��全��制��設定�「ログイン����設定�れ��る���注��る��。
+制��グロー�ル�����永続的�も��。
+グロー�ル�制����れ�能��る�����
+今�����「TO DO���る。;)
+.\"nakano 二番目�文�れ�������。
+.SH ファイル
+\fI/etc/limits\fR
+.SH 関連項目
+.BR login (1),
+.BR setpriority (2),
+.BR setrlimit (2)
+.SH 著者
+Cristian Gafton (gafton@sorosis.ro)
diff --git a/man/ja/man5/login.access.5 b/man/ja/man5/login.access.5
new file mode 100644
index 0000000..c6ec97b
--- /dev/null
+++ b/man/ja/man5/login.access.5
@@ -0,0 +1,69 @@
+.\"$Id$
+.\" this is comment
+.\"
+.\" This page is originally in the shadow package.
+.\" Translated Fri 14 Feb 1997
+.\"   by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 18 Sep 2002 by NAKNAO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH LOGIN.ACCESS 5
+.\" .Dt SKEY.ACCESS 5
+.\" .Os FreeBSD 1.2
+.SH ��
+login.access \- ログインアクセス�制御表
+.SH 説明
+.I login.access
+ファイル���ログインを許����拒絶�る�
+(ユーザ, ホスト) や (ユーザ, tty) �組����を指定�る。
+.PP
+誰��ログイン�る��
+.I login.access
+ファイル�スキャン�れ�最��マッ��る
+(ユーザ,ホスト) �組�
+�る���ットワーク経由�ログイン���場��最��マッ��る
+(ユーザ, tty) �組を探�。
+��テーブル�許�フィールド�よ���
+ログイン�許��れる�拒絶�れる��決�る。
+.PP
+ログインアクセス制御表��行� 3 ��フィールド�ら�り�
+文字 ":" �分割�れる。
+.sp 1
+.IR 	permission : users : origins
+.sp 1
+最��フィールド� "\fB+\fR" (アクセスを許��る) �
+"\fB\-\fR" (アクセスを拒��る) ���れ��ら��。
+二番目�フィールド��一�以上�ログイン�やグループ��
+も���
+.B ALL
+(必�マッ��る)
+���れ��ら��。
+三番目�フィールド��
+tty � (�ットワーク経由���ログイン�場�)�
+ホスト��
+ドメイン� ("\fB.\fR"�始�る)�
+ホストアドレス�
+インター�ット��ットワーク番� ("\fB.\fR"�終�る)�
+����以上�構��素�ら�るリスト��る��
+.B ALL
+(必�マッ��る) ���
+.B LOCAL
+("\fB.\fR"を全�����文字列全��マッ��る)
+���れ�������ら��。
+NIS を�用���る場���ホストやユーザ�パターン�
+@netgroupname �使�る。
+.PP
+.B EXCEPT
+オペレータを用�る��
+�常�簡略�ルールを指定��る。
+.PP
+group ファイル�検索�れる���
+ログイン�るユーザ�����マッ������場���られる。
+マッ��るグループ��
+group ファイル中�ユーザ��明示的�リスト�れ��るも���られる。
+��プログラム�ユーザ�主グループ� ID 番����見��。
+.SH ファイル
+\fI/etc/login.access\fR
+.SH 関連項目
+.BR login (1)
+.SH 著者
+Guido van Rooij
diff --git a/man/ja/man5/login.defs.5 b/man/ja/man5/login.defs.5
new file mode 100644
index 0000000..cb9566e
--- /dev/null
+++ b/man/ja/man5/login.defs.5
@@ -0,0 +1,193 @@
+.\" Copyright 1991 - 1993, Julianne Frances Haugh and Chip Rosenthal
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"	$Id$
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated Wed Apr 26 17:22:36 JST 2000
+.\"         by Kentaro Shirakata <argrath@ub32.org>
+.\" Updated Sat Jan 13 09:24:04 JST 2001
+.\"         by Kentaro Shirakata <argrath@ub32.org>
+.\" Updated Tue 18 Sep 2002 by NAKNAO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.\" WORD: shadow login suite	shadow ログイン機能
+.TH LOGIN.DEFS 5
+.SH ��
+/etc/login.defs \- shadow パスワード機能�設定
+.SH 説明
+.I /etc/login.defs
+ファイル� shadow ログイン機能�対�るサイト固有�設定を定義�る。
+��ファイル�必�存在���れ��ら��。
+��ファイル�無��もシステム�用��能��る��
+��ら�望����果��る���。
+.PP
+��ファイル�読��り�能�テキストファイル��
+ファイル中�一行���一��設定パラメータを設定���る。
+�行���設定パラメータ������値�空白�区切られ�示�れる。
+空行�コメント行�無視�れる。
+コメント行� `#' 記��始�る。
+記�`#'���行��空白以外�最��文字���れ��ら��。
+.PP
+パラメータ値�四��型を�る�����る。
+文字列・ブール型・数値・�精度数値���る。
+文字列��全���字�能文字を使�る。
+ブール型パラメータ�値� ``yes'' � ``no'' ���れ����れ��ら��。
+値�指定�れ����ブール型パラメータや�
+``yes'', ``no'' 以外�指定�れ�ブール型パラメータ�値� ``no''��れる。
+(�精度�よ��精度) 数値��
+10 進数�
+(数値��� ``0'' を付��) 8 進数�
+(数値��� ``0x'' を付��) 16 進数���れ��指定�る。
+�精度・�精度数値パラメータ�最大値�計算機��存�る。
+.PP
+以下�示�よ��設定項目��る:
+.\"
+.IP "CHFN_AUTH (ブール値)"
+も�
+.I yes
+�ら�
+.BR chfn ", " chsh
+両プログラム��スーパーユーザ�起動�������り
+何ら��変更を行����パスワードを尋�る。
+.\"
+.IP "CHFN_RESTRICT (文字列)"
+��パラメータ�
+.I passwd
+ファイル�
+.I gecos
+フィールド����
+一般ユーザ�
+.B chfn
+を使��変更��るフィールドを指定�る。
+指定�る文字列�
+.IR f ,
+.IR r ,
+.IR w ,
+.I h
+�文字�任��組�������れ�れフル�ーム�部屋番��
+�場電話番��自宅電話番�を�味�る。
+指定�れ����場���スーパーユーザ���全��項目を変更��る。
+最も制�を������場���
+chfn を SUID ��インストール���れ�よ�。
+.\"
+.IP "GID_MAX (数値)"
+.IP "GID_MIN (数値)"
+.B useradd
+プログラム�よ�
+.B groupadd
+プログラム�グループ ID を�択�る時�範囲。
+.\"
+.IP "MAIL_DIR (文字列)"
+メールスプールディレクトリ。
+�るユーザアカウント�修正・削除�れ�際��
+��ユーザ�メールボックス�対�る作業����必���る。
+指定�れ����コンパイル時�デフォルト値�用�られる。
+.\"
+.IP "PASS_MAX_DAYS (数値)"
+一��パスワードを使�る最長日数。
+パスワード���日数よりも��場���変更�るよ�強制�れる。
+指定�れ����場�� \-1 ��る (��制�機能を無効��る)。
+.IP "PASS_MIN_DAYS (数値)"
+パスワードを変更���ら次�変更��るよ���る���最短日数。
+��日数�経������パスワードを変更�よ����も拒��れる。
+指定�れ����場�� \-1 ��る (��制�機能を無効��る)。
+.IP "PASS_WARN_AGE (数値)"
+パスワード�有効期���る��警告を発�る期間�日数。
+ゼロ�������期�切れ�当日���警告を行��
+負�数を指定��場��一切警告を行���。
+指定�れ����場��警告を行���。
+.PP
+PASS_MAX_DAYS, PASS_MIN_DAYS, PASS_WARN_AGE
+�アカウントを作る�����利用�れる。
+�れら�設定を変更��も�既存�アカウント��影響���。
+.\"
+.IP "UID_MAX (数値)"
+.IP "UID_MIN (数値)"
+.B useradd
+プログラム�ユーザ ID を�択�る時�範囲。
+.\"
+.IP "UMASK (数値)"
+許�属性マスクを��値��期化�る。
+指定�れ����場���許�属性マスク� 077 ��期化�れる。
+.\"
+.IP "USERDEL_CMD (文字列)"
+定義�れ��る��ユーザを削除�る�����コマンド�実行�れる。
+削除�れるユーザ (最��引�数�渡�れる) � at/cron/print
+ジョブ��を削除�るコマンド������よ�。
+.\"
+.SH �照表
+以下��照表��
+shadow パスワード機能���プログラム�
+��パラメータを使用�る�を示��も���る。
+.na
+.IP chfn 12
+CHFN_AUTH CHFN_RESTRICT
+.IP chsh 12
+CHFN_AUTH
+.IP groupadd 12
+GID_MAX GID_MIN
+.IP newusers 12
+PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
+UMASK
+.IP pwconv 12
+PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
+.IP useradd 12
+GID_MAX GID_MIN
+PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
+UID_MAX UID_MIN
+UMASK
+.IP userdel 12
+MAIL_DIR
+USERDEL_CMD
+.IP usermod 12
+MAIL_DIR
+.ad
+.SH �グ
+shadow パスワード機能�よ���供�れ���機能�大部分��
+�在� PAM �よ��処��れ��る。
+������
+.BR login (1),
+.BR passwd (1),
+.BR su (1)
+���プログラム��も�や
+\fI/etc/login.defs\fR
+を用���。
+対応�る PAM �設定ファイルを調�るよ�������。
+.SH 関連項目
+.BR login (1),
+.BR passwd (1),
+.BR su (1),
+.BR passwd (5),
+.BR shadow (5),
+.BR pam (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
+.br
+Chip Rosenthal (chip@unicom.com)
diff --git a/man/ja/man5/passwd.5 b/man/ja/man5/passwd.5
new file mode 100644
index 0000000..438f499
--- /dev/null
+++ b/man/ja/man5/passwd.5
@@ -0,0 +1,113 @@
+.\"$Id$
+.\" Copyright 1989 - 1990, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 18 Sep 2002 by NAKNAO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH PASSWD 5
+.SH ��
+passwd \- パスワードファイル
+.SH 説明
+.I passwd
+ファイル���ユーザアカウント�様々�情報�記録�れ��る。
+書�れ��る��次�通り。
+.IP "" .5i
+ログイン�
+.IP "" .5i
+暗�化�れ�パスワード (無���も�る)
+.IP "" .5i
+ユーザ ID 番�
+.IP "" .5i
+グループ ID 番�
+.IP "" .5i
+ユーザ����コメント�フィールド
+.IP "" .5i
+ユーザ�ホームディレクトリ
+.IP "" .5i
+ユーザ�コマンドインタプリタ
+.PP
+パスワード� shadow 化�れ��る場���
+パスワードフィールドを埋����ら��。
+shadow パスワードを用���る場��暗�化�れ�パスワード�
+\fI/etc/shadow\fR �書�れ��る。
+暗�化�れ�パスワード��
+アルファベット a �ら z�A �ら Z�0 �ら 9�\. � / �
+64 文字�ら作られ� 13 文字�ら�る。
+��文字列���よ��解釈�れる��詳細�
+\fBcrypt\fR(3) を�照���。
+.PP
+オプション����パスワード�後��
+コンマ�続��パスワード�有効期�文字列�記�れ��る��も�る。
+��文字列�パスワード���文字セット�ら�る。
+最��文字��パスワード�何週間有効�を示�。
+二番目�文字��何週間経��ユーザ�パスワードを変更��る�を示�。
+最後�二文字��
+最後�パスワードを変更����
+1970 年 1 月�ら何週間経���時点��る�を表�。
+パスワード�有効期�����時��
+ユーザ�新��パスワードを設定���れ��ら��。
+.PP
+コメントフィールド�
+\fBfinger\fR(1) �よ��様々�システムユーティリティ�ら利用�れる。
+コメントフィールド���追加情報����
+次�よ�� 3 ��数値�記入�れ��る��も�る。
+.IP "" .5i
+pri= \- nice ��期設定値
+.IP "" .5i
+umask= \- umask ��期設定値
+.IP "" .5i
+ulimit= \- ulimit ��期設定値
+.PP
+�れら�フィールド�互�����他�コメントフィールド��
+コンマを用��分離�れる。
+.PP
+ホームディレクトリフィールド��
+�期作業ディレクトリ���を与�る。
+\fBlogin\fR ���情報を用��環境変数 \fBHOME\fR �内容を設定�る。
+.PP
+コマンドインタプリタ�フィールド���
+ユーザ�コマンド言語インタプリタ��
+最��実行�るプログラム���を記�。
+\fBlogin\fR ���情報を用��環境変数 \fBSHELL\fR �内容を設定�る。
+��フィールド�何も記�れ����場���
+デフォルト値��� \fB/bin/sh\fR を使用�る。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.SH 関連項目
+.BR login (1),
+.BR passwd (1),
+.BR su (1),
+.BR shadow (5),
+.BR pwconv (8),
+.BR pwunconv (8),
+.BR sulogin (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man5/porttime.5 b/man/ja/man5/porttime.5
new file mode 100644
index 0000000..5b6b035
--- /dev/null
+++ b/man/ja/man5/porttime.5
@@ -0,0 +1,93 @@
+.\" $Id$
+.\" Copyright 1989 - 1990, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 18 Sep 2002 by NAKNAO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH PORTTIME 5
+.SH ��
+porttime \- �ートアクセス時間設定ファイル
+.SH 説明
+.I porttime
+� tty デ�イス・ユーザ�・ログイン�能時間��リスト�ら�る。
+.PP
+�れ�れ�エントリ��コロン�区切られ�三��フィールド�ら�る。
+最��フィールド�コンマ�区切られ� tty デ�イス�リスト��
+アスタリスクを指定��場���らゆる tty デ�イス�マッ��る。
+二番目�フィールド�コンマ�区切られ�ユーザ��リスト��
+アスタリスクを指定��場���らゆるユーザ�マッ��る。
+三番目�フィールド��
+コンマ�区切られ�ログインを許�時間�リスト��る。
+.PP
+アクセス時間��エントリ��
+\fBSu\fR, \fBMo\fR, \fBTu\fR, \fBWe\fR, \fBTh\fR, \fBFr\fR, \fBSa\fR
+�略記�れ�ゼロ個以上�曜日��
+�イフン�区切られ� 2 ��時刻��ら�る。
+月曜日�ら金曜日��を指定�る \fBWk\fR や�
+全��日を指定�る \fBAl\fR ���略記法を用�る��も��る。
+曜日�指定�無�場�� \fBAl\fR �����れる。
+.SH 例
+次�エントリ��ユーザ \fBjfh\fR �平日���9時�ら�後5時���
+全���ート�らアクセス�能��る��を示�。
+.br
+.sp 1
+	*:jfh:Wk0900\-1700
+.br
+.sp 1
+次�エントリ��
+\fBroot\fR � \fBoper\fR 以外�ユーザ�����時間帯�も
+/dev/console �ら�アクセスを許����。
+��例��\fI/etc/porttime\fR
+ファイル�アクセス�能時間�リストを
+����順��扱��も示���る。
+他�全��ユーザ�二番目�エントリ�マッ���
+����� console �ら�アクセス�許��れ��。
+.br
+.sp 1
+	console:root,oper:Al0000\-2400
+.br
+	console:*:
+.br
+.sp 1
+次�エントリ��
+ユーザ \fBgames\fR ��就業時間外�ら
+�らゆる�ート�らアクセス��るよ��指定���る。
+.br
+.sp 1
+	*:games:Wk1700\-0900,SaSu0000\-2400
+.br
+.sp 1
+.SH ファイル
+\fI/etc/porttime\fR \- �ート��アクセス�能時間を記��ファイル
+.SH 関連項目
+.BR login (1)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man5/shadow.5 b/man/ja/man5/shadow.5
new file mode 100644
index 0000000..8885990
--- /dev/null
+++ b/man/ja/man5/shadow.5
@@ -0,0 +1,102 @@
+.\"$Id$
+.\" Copyright 1989 - 1990, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 18 Sep 2002 by NAKNAO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH SHADOW 5
+.SH ��
+shadow \- 暗�化�れ�パスワードファイル
+.SH 説明
+.I shadow
+��ユーザ�アカウント�対�る暗�化�れ�パスワード情報�
+�よ�オプション���パスワード�有効期��情報�記�れ��る。
+��れ��る内容�
+.IP "" .5i
+ログイン�
+.IP "" .5i
+暗�化�れ�パスワード
+.IP "" .5i
+1970 年 1 月 1 日�ら�最後�パスワード�変更�れ�日���日数
+.IP "" .5i
+パスワード�変更�能��る���日数
+.IP "" .5i
+パスワードを変更������ら���る日���日数
+.IP "" .5i
+パスワード有効期���る���ユーザ�警告を��る日数
+.IP "" .5i
+パスワード有効期������らアカウント�使用�能��る���日数
+.IP "" .5i
+1970 年 1 月 1 日�らアカウント�使用�能��る日���日数
+.IP "" .5i
+予約フィールド
+.PP
+パスワードフィールド�必�記入�れ�������ら��。
+暗�化�れ�パスワード��
+a �ら z�A �ら Z �アルファベット�
+0 �ら 9 ���数字� \. � / � 64 文字�����
+13 文字以上 24 文字以下��る。
+��文字列���よ��解釈�れる��詳細� \fBcrypt\fR(3) を�照�よ。
+.PP
+最後�パスワードを変更��日時�
+1970 年 1 月 1 日�ら�日数���記述�れる。
+パスワード��分�日数�経����ら����変更����
+��最大日数�経���後�必�変更���れ��ら��。
+変更�能��る�����る日数�有効期�よりも大��場���
+ユーザ�パスワードを変更�る���出���。
+.PP
+パスワード�有効期������ら�
+指定日数����パスワードを変更�����場���
+��アカウント�無効��り�使����る。
+���アカウントを指定��期日��
+(��他�パスワード有効期�情報��よら�)
+使用�能��る��も��る。
+.PP
+��情報��\fI/etc/passwd\fR 中�
+�らゆるパスワード情報・有効期�情報よりも優先�れる。
+.PP
+パスワード�安全性を�������
+��ファイルを一般ユーザ�読�るよ������ら��。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- 暗�化�れ�ユーザパスワード
+.SH 関連項目
+.BR chage (1),
+.BR login (1),
+.BR passwd (1),
+.BR su (1),
+.BR passwd (5),
+.BR pwconv (8),
+.BR pwunconv (8),
+.BR sulogin (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man5/suauth.5 b/man/ja/man5/suauth.5
new file mode 100644
index 0000000..b379d03
--- /dev/null
+++ b/man/ja/man5/suauth.5
@@ -0,0 +1,116 @@
+.\"$Id$
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri 14 Feb 1997
+.\"     by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Tue 18 Sep 2002 by NAKNAO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH SUAUTH 5 "Feb 14, 1996"
+.UC 5
+.SH ��
+suauth \- su を詳細�制御�る���ファイル
+.SH 書�
+.B /etc/suauth
+.SH 説明
+.I /etc/suauth
+ファイル��
+su コマンド�実行�れる����照�れる。
+��ファイルを用�る��
+以下�情報�基��� su コマンド�動作を変更��る。
+.PP
+.RS
+.nf
+1) su ��り代�������るユーザ
+.fi
+2) su コマンドを実行���るユーザ
+(も�����ユーザ�属�るグループ���れ�)
+.RE
+.PP
+��ファイル�次�様�書�を���る。
+# �始�る行�コメント���扱�れ�無視�れる。
+.PP
+.RS
+to\-id:from\-id:ACTION
+.RE
+.PP
+��� to\-id ��
+.B ALL
+����語�
+コンマ�区切られ�ユーザ��リスト�
+.B ALL EXCEPT
+����語以��置�れ� "," 区切り�ユーザ�リスト�
+���れ���る。
+.PP
+from\-id � to\-id ���書���り�更�
+.B GROUP
+����語も使用��る。
+.B ALL EXCEPT GROUP
+���使�方も�様�利用��る。
+.B GROUP
+�後��一�以上�グループ�を "," �区切��記�。
+��グループを主グループ id �������������
+\fI/etc/group\fR �エントリ�ユーザ��記�れ����れ��ら��。
+.PP
+ACTION ���以下�オプション���れ�一�を指定��る。
+.TP 10
+.B DENY
+パスワードを���� su 動作を中止�る。
+.TP
+.B NOPASS
+自動的� su ��功��パスワード�尋���。
+.TP
+.B OWNPASS
+su ��功�る�����
+ユーザ�自分�パスワードを入力������ら��。
+パスワードを入力�るよ���求�れる。
+.PP
+コロン�よ��区切られ�別々�フィールド�三��る点�注��る��。
+コロン��後�空白������ら��。
+ファイル�一行毎�順番��味�れ�
+最��マッ����則�用�られ�
+ファイル�残り��れ以上�査�れ��。
+�れ�よ���
+システム管�者�望む�り�微調整を行�����能��る。
+.SH 例
+.PP
+.nf
+# /etc/suauthファイル�例
+#
+# 二人�特権ユーザ��自分�パスワードを
+# 用�� root � su ��る。
+#
+root:chris,birddog:OWNPASS
+# 
+# 他�ユーザ� wheel グループ�属������り
+# root � su ����。�れ� BSD ���動作��る。
+#
+root:ALL EXCEPT GROUP wheel:DENY
+#
+# ��ら� terry � birddog ���人間�
+# 所有�るアカウント��る。
+# パスワード無��互��他方� su ��る。
+#
+terry:birddog:NOPASS
+birddog:terry:NOPASS
+#
+.fi
+.SH ファイル
+\fI/etc/suauth\fR
+.SH �グ
+多���グ�潜ん��る�能性��る。
+�り���ファイルパーザ�書�エラー�寛大�����
+(行�始���終�り以外�) 無駄�空白������ら����
+特定�トークン�別々�も�を区切るよ������る。
+.SH 返り値
+ファイルをパース�る際�エラー�
+.BR syslogd (8)
+を通���AUTH ファシリティ� ERR レベル�通知�れる。
+.SH 関連項目
+.BR su (1)
+.SH 著者
+.nf
+Chris Evans (lady0110@sable.ox.ac.uk)
+Lady Margaret Hall
+Oxford University
+England
diff --git a/man/ja/man8/chpasswd.8 b/man/ja/man8/chpasswd.8
new file mode 100644
index 0000000..e5dc43e
--- /dev/null
+++ b/man/ja/man8/chpasswd.8
@@ -0,0 +1,70 @@
+.\"$Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated Wed Apr 26 18:06:10 JST 2000
+.\"         by Kentaro Shirakata <argrath@ub32.org>
+.\" Updated & Modified Sat 21 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH CHPASSWD 8
+.SH ��
+\fBchpasswd\fR \- パスワードファイルを�ッ�処��更新�る
+.SH 書�
+\fBchpasswd\fR [\fB\-e\fR]
+.SH 説明
+\fBchpasswd\fR コマンド�
+標準入力�らユーザ��パスワード�組�記�れ��るファイルを読�込��
+��情報を用��既存�ユーザ群�パスワード情報を更新�る。
+\-e オプション���場���パスワード�平文����れる。
+\-e オプション��る場���パスワード�暗�化�れ��る����れる。
+�行�書��次�通り。
+.sp 1
+	  \fIuser_name\fR:\fIpassword\fR
+.sp 1
+指定��ユーザ�既�存在�����れ��ら��。
+与�られ�パスワード�必��応��暗�化�れ�
+パスワード�有効期���る場���れも更新�れる。
+.PP
+��コマンド���時�大��アカウントを作��るよ���
+大�模�システム環境�用�る���作られ�。
+.SH 警告
+.\" The \fBmkpasswd\fR command must be executed afterwards to update the
+.\" DBM password files.
+入力ファイル�暗�化�れ����パスワード�記�れ��る場���
+�切��護������れ��ら��。
+.\" This command may be discarded in favor of the newusers(8) command.
+.SH 関連項目
+.\" mkpasswd(8), passwd(1), useradd(1)
+.BR passwd (1),
+.BR newusers (8),
+.BR useradd (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/faillog.8 b/man/ja/man8/faillog.8
new file mode 100644
index 0000000..222043a
--- /dev/null
+++ b/man/ja/man8/faillog.8
@@ -0,0 +1,97 @@
+.\"$Id$
+.\" Copyright 1989 \- 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Sat 21 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH FAILLOG 8
+.SH ��
+faillog \- faillog を調��login 失敗�制�を設定�る
+.SH 書�
+\fBfaillog\fR [\fB\-u\fR \fIlogin\-name\fR] [\fB\-a\fR] [\fB\-t\fR \fIdays\fR]
+[\fB\-m\fR \fImax\fR] [\fB\-pr\fR] 
+.SH 説明
+\fBfaillog\fR �ログイン�失敗を記録�るログファイル
+\fI/var/log/faillog\fR �内容を整形��
+失敗�回数�制�値を記録・管��る。
+\fBfaillog\fR �与�る引数�順������り�
+�引数�与�られ�順�直��処��れる。
+.PP
+\fB\-p\fR フラグを指定�る�ログイン失敗�エントリを UID 順�表示�る。
+\fB\-u \fIlogin\-name\fR �入力�る��
+\fIlogin\-name\fR �ログイン失敗記録��を表示�る。
+\fB\-t \fIdays\fR �入力�る��
+最近 \fIdays\fR 日以内�ログイン失敗�記録を表示�る。
+\fB\-u\fR フラグを指定�る� \fB\-t\fR フラグ�無視�れる。
+.\"nakano �����実際�動作�よ��気��る����...
+\fB\-a\fR フラグを用�る�全ユーザ�対�る記録�表示�れる。
+��フラグを \fB\-p\fR フラグ��も�用�る��
+�れ���ログイン�失敗��全��ユーザ�表示�れる。
+\fB\-a\fR � \fB\-r\fR フラグ�用��も�味�無�。
+.PP
+\fB\-r\fR フラグ�ログイン失敗回数�記録をリセット�る。
+��オプションを用�る��
+\fI/var/log/faillog\fR ��書�込�権��必���る。
+\fB\-u \fIlogin\-name\fR �入力�る��
+\fIlogin\-name\fR �ログイン失敗回数��をリセット�る。
+.PP
+\fB\-m\fR フラグ��
+アカウント�使用�能��る���最大�ログイン失敗回数を設定�る。
+��オプションを用�る��
+\fI/var/log/faillog\fR ��書�込�権��必���る。
+\fB\-m \fImax\fR �入力�る��
+全��アカウント�ログイン失敗回数� \fImax\fR ��る�使用�能��る。
+.\"nakano double meaning...
+\fB\-u \fIlogin\-name\fR を�時�用�る��
+��機能を \fIlogin\-name\fR ���作用��る�����る。
+\fImax\fR �値を 0 ��る�ログイン�失敗回数��制��無��る。
+システム�対�るサービス�能攻撃を防����
+\fBroot\fR �最大ログイン失敗回数�常� 0 ���������る。
+.PP
+オプション�����よ��組�����も良�。
+\fB\-p\fR, \fB\-r\fR, \fB\-m\fR
+��オプション��
+\fB\-u\fR, \fB\-t\fR �指定�よる修正を���
+指定��順�実行�れる。
+.SH 警告
+\fBfaillog\fR ��
+最後�失敗��以�ログイン��功�����ユーザ��を表示�る。
+ログイン�失敗��後�正��ログイン���ユーザも表示��る���
+\fB\-u\fR フラグを用����ユーザを明示的�指定�る��
+\fB\-a\fR フラグを用��全ユーザを表示����れ��ら��。
+.SH ファイル
+\fI/var/log/faillog\fR \- 失敗を記録��ファイル
+.SH 関連項目
+.BR login (1),
+.BR faillog (5)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/groupadd.8 b/man/ja/man8/groupadd.8
new file mode 100644
index 0000000..4bdf73d
--- /dev/null
+++ b/man/ja/man8/groupadd.8
@@ -0,0 +1,68 @@
+.\"$Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated & Modified Sat 21 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH GROUPADD 8
+.SH ��
+groupadd \- 新��グループを作��る
+.SH 書�
+\fBgroupadd\fR [\fB\-g\fR \fIgid \fR[\fB\-o\fR]] [\fB\-f\fR] \fIgroup\fR
+.SH 説明
+\fBgroupadd\fR コマンド��
+コマンドライン上�指定�れ�値�
+システム�デフォルト値�を用��新��グループを作��る。
+新��グループ�必��応��システムファイル�記入�れる。
+\fBgroupadd\fR コマンド�指定��るオプション�次�通り。
+.IP "\fB\-g \fIgid\fR"
+新�グループ� ID 番�。
+��値��\fB\-o\fR オプションを用�る場�を除��他��複����ら��。
+���負値���れ��ら��。
+デフォルト���99 �よ�他��らゆる既存グループ� ID よりも大���
+最��数値��る。
+0 �ら 999 ���値��
+通常システム用�アカウント�予約�れ��る。
+.SH ファイル
+\fI/etc/group\fR \- グループアカウント情報
+.br
+\fI/etc/gshadow\fR \- 安全�グループアカウント情報
+.SH 関連項目
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/groupdel.8 b/man/ja/man8/groupdel.8
new file mode 100644
index 0000000..0f24453
--- /dev/null
+++ b/man/ja/man8/groupdel.8
@@ -0,0 +1,65 @@
+.\"$Id$
+.\" Copyright 1991 - 1993, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated & Modified Sat 21 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH GROUPDEL 8
+.SH ��
+groupdel \- グループを削除�る
+.SH 書�
+\fBgroupdel\fR \fIgroup\fR
+.SH 説明
+\fBgroupdel\fR コマンド��システムアカウントファイルを修正��
+グループ \fIgroup\fR �対応�る����エントリを削除�る。
+指定�れ�グループ�存在�����れ��ら��。
+.PP
+全��ファイルシステム��
+指定��グループ� ID を��ファイル�残�������を�
+手作業�確�������ら��。
+.SH 警告
+存在�るユーザ�主グループを削除����ら��。
+グループを削除�る����ユーザを削除���れ��ら��。
+.SH ファイル
+\fI/etc/group\fR \- グループ情報
+.br
+\fI/etc/gshadow\fR \- 安全�グループ情報
+.SH 関連項目
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR groupadd (8),
+.BR groupmod (8),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/groupmod.8 b/man/ja/man8/groupmod.8
new file mode 100644
index 0000000..eb0f7cf
--- /dev/null
+++ b/man/ja/man8/groupmod.8
@@ -0,0 +1,70 @@
+.\"$Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated & Modified Sat 21 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH GROUPMOD 8
+.SH ��
+groupmod \- グループを修正�る
+.SH 書�
+\fBgroupmod\fR [\fB\-g\fR \fIgid\fR [\fB\-o\fR]] [\fB\-n\fR \fIgroup_name\fR]
+\fIgroup\fR
+.SH 説明
+\fBgroupmod\fR コマンド��
+コマンドライン�ら�指定�よ���
+システムアカウントファイルを修正�る。
+\fIgroupmod\fR コマンド�指定��るオプション�次�通り。
+.IP "\fB\-g \fIgid\fR"
+変更を��るグループ� ID 番�。
+��値��\fB\-o\fR オプションを用�る場�を除��他��複����ら��。
+���負値������ら��。
+デフォルト��999 �よ�他��らゆる既存グループ� ID よりも大���
+最��数値��る。
+変更��グループ ID を��全��ファイル��
+手作業�新��グループ ID ��変更���れ��ら��。
+.IP "\fB\-n \fIgroup_name\fR"
+グループ���� \fIgroup\fR �ら \fIgroup_name\fR �変更�れる。
+.SH ファイル
+\fI/etc/group\fR \- グループ情報
+.br
+\fI/etc/gshadow\fR \- 安全�グループ情報
+.SH 関連項目
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/grpck.8 b/man/ja/man8/grpck.8
new file mode 100644
index 0000000..c570c28
--- /dev/null
+++ b/man/ja/man8/grpck.8
@@ -0,0 +1,116 @@
+.\"$Id$
+.\" Copyright 1992 - 1993, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated & Modified Sat 21 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH GRPCK 8
+.SH ��
+grpck \- グループファイル�正������検査�る
+.SH 書�
+\fBgrpck\fR [\fB\-r\fR] [\fIgroup\fR \fIshadow\fR]
+.SH 説明
+\fBgrpck\fR コマンド�システム��証情報�正������検査�る。
+\fI/etc/group\fR � \fI/etc/gshadow\fR
+�ファイル�全��エントリ�対��
+�フィールド�書��正����
+��データ�有効�も�����を検証�る。
+書��正����エントリや�
+修正�能�誤りを�むエントリ�削除�るよ�プロンプトを出�。
+.P
+�々�エントリ�対��
+.sp
+.in +.5i
+\- フィールド�数�正���
+.br
+\- グループ���複����
+.br
+\- メン�ー�リスト�管�者�リスト�正���
+.in -.5i
+.sp
+��ェック�れる。
+.P
+フィールド�数�間�����り�
+グループ���複���る��致命的�エラー��る。
+フィールド�数�正����場��
+ユーザー���エントリ行を削除�るよ�促�れる。
+削除��������場����れ以���ェック�行�れ��。
+�複��グループ�����場�も削除を促�れる��
+��場��削除����も�れ以���ェック�続行�れる。
+他�全��エラー�対���警告���れる。
+\fBgroupmod\fR コマンドを実行����エラーを修正�る�良����。
+.P
+\fI/etc/group\fR ファイルを�作�るコマンド��
+壊れ�エントリや�複��エントリを変更����。
+��よ��際�誤り��るエントリを削除�る��
+\fBgrpck\fR を用�る�よ�。
+.SH オプション
+デフォルト�� \fBgrpck\fR � \fI/etc/group\fR ファイル�
+\fI/etc/gshadow\fR �対��動作�る。
+\fIgroup\fR パラメータ� \fIshadow\fR パラメータを用���
+別�ファイルを�択�る��も��る。
+�ら� \fB\-r\fR フラグを指定�れ��
+リードオンリーモード�コマンドを実行�る��も��る。
+��場��変更を行������ユーザ������れ��
+自動的� \fBno\fR �回答�れる。
+.B grpck
+�
+\fI/etc/group\fR � \fI/etc/gshadow\fR
+�エントリを GID �ソート�る��も��る。
+ソートモード�動作��る�� \fB\-s\fR フラグを与�る。
+��場��ェック�行�れ����ソート�る����る。
+.SH ファイル
+\fI/etc/group\fR \  \- グループアカウント情報
+.br
+\fI/etc/gshadow\fR \- 暗�化�れ�パスワード�グループ管�者情報
+.br
+\fI/etc/passwd\fR \ \- ユーザー情報
+.SH 関連項目
+.BR group (5),
+.BR passwd (5),
+.BR shadow (5),
+.BR groupmod (8)
+.SH 返り値
+\fBgrpck\fR コマンド�終了時�以下�値を返�:
+.IP 0 5
+�功
+.IP 1 5
+構文エラー
+.IP 2 5
+誤��グループエントリ�存在�る
+.IP 3 5
+グループファイルをオープン����
+.IP 4 5
+グループファイルをロック����
+.IP 5 5
+グループファイルを更新����
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/grpconv.8 b/man/ja/man8/grpconv.8
new file mode 100644
index 0000000..6eed9e8
--- /dev/null
+++ b/man/ja/man8/grpconv.8
@@ -0,0 +1 @@
+.so man8/pwconv.8
diff --git a/man/ja/man8/grpunconv.8 b/man/ja/man8/grpunconv.8
new file mode 100644
index 0000000..6eed9e8
--- /dev/null
+++ b/man/ja/man8/grpunconv.8
@@ -0,0 +1 @@
+.so man8/pwconv.8
diff --git a/man/ja/man8/lastlog.8 b/man/ja/man8/lastlog.8
new file mode 100644
index 0000000..171d6a9
--- /dev/null
+++ b/man/ja/man8/lastlog.8
@@ -0,0 +1,80 @@
+.\"$Id$
+.\" Copyright 1992, Phillip Street and Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"	@(#)lastlog.8	3.3	08:24:58	29 Sep 1993 (National Guard Release)
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated & Modified Thu Oct 14 1997 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\" Updated Fri Jan 12 2001 by Kentaro Shirakata <argrath@ub32.org>
+.\" Updated Mon Mar  4 2002 by kentaro Shirakata <argrath@ub32.org>
+.\" Modified Sat 21 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH LASTLOG 8
+.SH ��
+lastlog \- lastlog ファイルを調�る
+.SH 書�
+.TP 8
+\fBlastlog\fR [(\fB\-u\fR|\fB\-\-user\fR) \fIlogin\fR]
+[(\fB\-t\fR|\fB\-\-time\fR) \fIdays\fR] [(\fB\-h\fR|\fB\-\-help\fR)]
+.SH 説明
+\fBlastlog\fR �最終ログイン�記録ファイル
+\fI/var/log/lastlog\fR �内容を整形��表示�る。
+\fBログイン�\fR・\fB�ート\fR・\fB最終ログイン時刻\fR��表示�れる。
+オプションを指定�����場��デフォルト��
+lastlog エントリを UID �数値�ソート��表示�る。
+.TP
+\fB\-u\fR, \fB\-\-user\fR \fIlogin\-name\fR
+\fIlogin\-name\fR �記録��を表示�る。
+.TP
+\fB\-t\fR, \fB\-\-time\fR \fIdays\fR
+最近 \fIdays\fR 日以内�最終ログインを表示�る。
+.TP
+\fB\-h\fR, \fB\-\-help\fR
+オンラインヘルプを表示��終了�る。
+.PP
+\fB\-u\fR フラグを用�る� \fB\-t\fR �無視�れる。
+.\"nakano �����実際�動作�よ��見�る���。
+.PP
+一度もログイン�����ユーザ�対����
+�ート�時刻�代�り�
+\fB"**Never logged in**"\fR
+���メッセージ�表示�れる。
+.SH ファイル
+\fI/var/log/lastlog\fR \- lastlog 記録ファイル
+.SH 警告
+UID 番��大��飛���る��
+lastlog プログラム�長時間画��何も出力�����
+実行を続�る (例�� mmdf � 800 �最後� UID � 170 �場��
+UID � 171\-799 �間プログラム�何も出力������
+�ング��よ��見�る)。
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
+.BR
+Phillip Street
diff --git a/man/ja/man8/logoutd.8 b/man/ja/man8/logoutd.8
new file mode 100644
index 0000000..c8215a5
--- /dev/null
+++ b/man/ja/man8/logoutd.8
@@ -0,0 +1,55 @@
+.\"$Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Sat 21 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH LOGOUTD 8
+.SH ��
+logoutd \- ログイン時間�制�を実施�る
+.SH 書�
+\fBlogoutd\fR
+.SH 説明
+\fBlogoutd\fR � \fI/etc/porttime\fR
+�記�れ��るログイン時間・�ート�対�る制�を実施�る。
+.B logoutd
+� \fI/etc/rc\fR �よ��起動�れるよ���る。
+\fI/etc/utmp\fR ファイル�定期的�スキャン�れ�
+ログイン���る�ユーザ�
+\fI/etc/porttime\fR 中����ユーザ�許�
+(�ート�時刻) ��������調�る。
+\fI/etc/porttime\fR �制����るログインセッション�終了��られる。
+.SH ファイル
+/etc/porttime \- ログイン��ート�許�
+.br
+/etc/utmp \- �在�ログインセッション
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/newusers.8 b/man/ja/man8/newusers.8
new file mode 100644
index 0000000..630660d
--- /dev/null
+++ b/man/ja/man8/newusers.8
@@ -0,0 +1,71 @@
+.\"$Id$
+.\" Copyright 1991 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1996 HANATAKA Shinya
+.\"         all rights reserved.
+.\" Translated Wed Nov 20 17:42:39 JST 1996
+.\"         by HANATAKA Shinya
+.\" Modified Sun 22 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH NEWUSERS 8
+.SH ��
+newusers \- ユーザ�新�作�や情報更新を�ッ�処��行�
+.SH 書�
+\fBnewusers\fR [\fInew_users\fR]
+.SH 説明
+\fBnewusers\fR �ユーザ��平文パスワード��組を記��ファイルを読��
+��情報をも��既存�ユーザ情報�変更や新�ユーザ�作�を行�。
+��ファイル�書���
+下記�点を除�標準的�パスワードファイル
+(\fBpasswd\fR(5) �照) �����る。
+.IP "\fIpw_passwd\fR" 10
+��フィールド�暗�化�れ�新��暗�化パスワード��る。
+.IP "\fIpw_age\fR"
+��フィールド� shadow ファイル���情報��る��
+ユーザ����存在�る場��無視�れる。
+.IP "\fIpw_gid\fR"
+��フィールド�既存�グループを指定��場���
+ユーザ���グループ�加�られる。
+存在���グループ ID を指定��場���
+��グループ ID �新��グループ�作��れる。
+.IP "\fIpw_dir\fR"
+��フィールド�指定��ディレクトリ����存在�る��ェック��
+も�存在���れ�新��ディレクトリ�作られる。
+��ディレクトリ�所有者��
+新�作��れ�ユーザ��る��情報�変更�れ�ユーザ��る。
+.PP
+��コマンド���時�大��アカウントを作��るよ���
+大�模�システム環境�用�る���作られ�。
+.SH 警告
+入力ファイル��暗�化�れ����パスワード���れる���
+�切��護������れ��ら��。
+.SH 関連項目
+.BR passwd (1),
+.BR useradd (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/pwck.8 b/man/ja/man8/pwck.8
new file mode 100644
index 0000000..e59972f
--- /dev/null
+++ b/man/ja/man8/pwck.8
@@ -0,0 +1,121 @@
+.\"$Id$
+.\" Copyright 1992, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated  Sun 3 Mar 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\" Modified Sun 22 Sep 2002 by NAKANO Takeo
+.\"
+.TH PWCK 8
+.SH ��
+pwck \- パスワードファイル�正������検査�る
+.SH 書�
+\fBpwck\fR [\fB\-sr\fR] [\fIpasswd\fR \fIshadow\fR]
+.SH 説明
+\fBpwck\fR コマンド�システム��証情報�正������検査�る。
+\fI/etc/passwd\fR � \fI/etc/shadow\fR
+�ファイル�����エントリ�対��
+�フィールド�書��正����
+��データ�有効�も�����を検証�る。
+書��正����エントリや�
+修正�能�誤りを�むエントリ�削除�るよ�プロンプトを出�。
+.P
+�々�エントリ�対��
+.sp
+.in +.5i
+\- フィールド�数�正���
+.br
+\- ユーザ���複����
+.br
+\- ユーザやグループ� ID �正���
+.br
+\- プライマリグループ�正���
+.br
+\- ホームディレクトリ�正���
+.br
+\- ログインシェル�正���
+.in -.5i
+.sp
+��ェック�れる。
+.P
+フィールド�数�間�����り�
+グループ���複���る��致命的�エラー��る。
+フィールド�数�正����場��
+ユーザー���エントリ行を削除�るよ�促�れる。
+削除��������場����れ以���ェック�行�れ��。
+�複��グループ�����場�も削除を促�れる��
+��場��削除����も�れ以���ェック�続行�れる。
+他�����エラー�対���警告���れる。
+\fBusermod\fR コマンドを実行����エラーを修正�る�良����。
+.P
+\fI/etc/passwd\fR ファイルを�作�るコマンド��
+壊れ�エントリや�複��エントリを変更����。
+��よ��際�誤り��るエントリを削除�る��
+\fBpwck\fR を用�る�よ�。
+.SH オプション
+デフォルト�� \fBpwck\fR � \fI/etc/passwd\fR ファイル�
+\fI/etc/shadow\fR �対��動作�る。
+\fIpasswd\fR パラメータ� \fIshadow\fR パラメータを用���
+別�ファイルを�択�る��も��る。
+�ら� \fB\-r\fR フラグを指定�れ��
+リードオンリーモード�コマンドを実行�る��も��る。
+��場��変更を行������ユーザ������れ��
+自動的� \fBno\fR �回答�れる。
+\fBpwck\fR � \fI/etc/passwd\fR � \fI/etc/shadow\fR
+�エントリを UID �ソート�る��も��る。
+ソートモード�動作��る�� \fB\-s\fR フラグを与�る。
+��場��ェック�行�れ����ソート�る����る。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザーアカウント情報
+.br
+\fI/etc/shadow\fR \- 暗�化�れ�パスワード情報
+.br
+\fI/etc/group\fR \ \- グループ情報
+.SH 関連項目
+.BR group (5),
+.BR passwd (5),
+.BR shadow (5),
+.BR usermod (8)
+.SH 返り値
+\fBpwck\fR コマンド�以下�値を返��終了�る:
+.IP 0 5
+�功
+.IP 1 5
+構文エラー
+.IP 2 5
+誤��パスワードエントリー�存在�る
+.IP 3 5
+パスワードファイルをオープン����
+.IP 4 5
+パスワードファイルをロック����
+.IP 5 5
+パスワードファイルを更新出���
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/pwconv.8 b/man/ja/man8/pwconv.8
new file mode 100644
index 0000000..e48a926
--- /dev/null
+++ b/man/ja/man8/pwconv.8
@@ -0,0 +1,80 @@
+.\"$Id$
+.\"
+.\" Japanese Version Copyright (c) 2001 Yuichi SATO
+.\"         all rights reserved.
+.\" Translated Sat Dec  1 20:09:17 JST 2001
+.\"         by Yuichi SATO <ysato@h4.dion.ne.jp>
+.\" Modified Sun 22 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH PWCONV 8 "26 Sep 1997"
+.SH ��
+pwconv, pwunconv, grpconv, grpunconv \- パスワード・グループ� shadow 化��通常ファイル��逆変�
+.SH 書�
+.B pwconv
+.br
+.B pwunconv
+.br
+.B grpconv
+.br
+.B grpunconv
+.SH 説明
+�れら 4 ��プログラム��
+通常�パスワードファイル・グループファイル��
+shadow 化�れ�パスワードファイル・グループファイル��る
+\fI/etc/passwd\fR ", " \fI/etc/group\fR ", " \fI/etc/shadow\fR ", " \fI/etc/gshadow\fR
+を�作�る。
+
+\fBpwconv\fR � \fIpasswd\fR �ら \fIshadow\fR を作��る
+(���存在�る場�� \fIshadow\fR �情報も用�る)。
+\fBpwunconv\fR � \fIpasswd\fR � \fIshadow\fR �ら
+\fIpasswd\fR を作���\fIshadow\fR を削除�る。
+\fBgrpconv\fR � \fIgroup\fR �ら \fIgshadow\fR を作��る
+(���存在�る場�� \fIgshadow\fR �情報も用�る)。
+\fBgrpunconv\fR � \fIgroup\fR � \fIgshadow\fR �ら
+\fIgroup\fR を作���\fIgshadow\fR を削除�る。
+
+�プログラム�変����必��ロックを�求�る。
+
+.B pwconv 
+�
+.B grpconv
+��以下�点�類似���る。
+���shadow 化ファイル��るエントリ����
+通常ファイル���も���削除�れる。
+���shadow 化ファイル��るエントリ����
+通常ファイル�パスワード� `x' �������も���更新�れる。
+最後��通常ファイル�書�れ�パスワード� `x' �置���られる。
+�れら�プログラム�����変�を行����も�
+��通常�ファイルを手動�編集��際��
+shadow 化ファイルを更新�る���も利用��る。
+
+\fI/etc/shadow\fR �新��エントリを追加�る���
+\fBpwconv\fR � \fI/etc/login.defs\fR
+�
+.BR PASS_MIN_DAYS ", " PASS_MAX_DAYS ", " PASS_WARN_AGE
+�値を使�。
+
+��よ���
+\fBpwunconv\fR � \fBgrpunconv\fR
+��以下�点�類似���る。
+通常ファイル�パスワード��
+shadow 化ファイル�も��更新�れる。
+通常ファイル��るエントリ��
+shadow 化ファイル����エントリ����も�
+����置�れ続�る。
+最後�� shadow 化ファイル�削除�れる。
+
+パスワード�有効期�情報�一部��
+.B pwunconv 
+�よ��失�れる。変���るも��変��れる。
+.SH �グ
+(�正�エントリや�複��エントリ����)
+エラー�パスワードファイルやグループファイル��る��
+プログラム�永��ループ��り�����形�失敗�る�も�れ��。
+shadow パスワード・グループ��変�や
+shadow 化ファイル�ら�逆変�を行����
+\fBpwck\fR � \fBgrpck\fR を実行��エラーを修正�る��。
+.SH 関連項目
+.BR login.defs (5),
+.BR grpck (8),
+.BR pwck (8)
diff --git a/man/ja/man8/pwunconv.8 b/man/ja/man8/pwunconv.8
new file mode 100644
index 0000000..6eed9e8
--- /dev/null
+++ b/man/ja/man8/pwunconv.8
@@ -0,0 +1 @@
+.so man8/pwconv.8
diff --git a/man/ja/man8/sulogin.8 b/man/ja/man8/sulogin.8
new file mode 100644
index 0000000..b4b0fd7
--- /dev/null
+++ b/man/ja/man8/sulogin.8
@@ -0,0 +1,95 @@
+.\" $Id$
+.\" Copyright 1989 - 1992, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Modified Sun 22 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH SULOGIN 8
+.SH ��
+sulogin \- シングルユーザ login
+.SH 書�
+\fBsulogin\fR [\fItty\-device\fR]
+.SH 説明
+.B sulogin
+��シングルユーザモード�時�
+ユーザ�システム�アクセス�能��る���
+\fI/etc/init\fR �よ��起動�れる。
+��機能��\fBinit\fR ��切�変更�れ��るシステム��
+�る�� \fI/etc/inittab\fR �シングルユーザ login
+�エントリ��るシステム���利用��る。
+.PP
+次�よ��プロンプト�出る。
+.IP "" .5i
+Type control\-d to proceed with normal startup,
+.br
+(or give root password for system maintenance):
+.PP
+オプション�デ�イス�引数�指定�れ�場�を除��
+標準�ファイルディスクリプタを用��入出力を行��。
+.PP
+ユーザ�正�� root �パスワードを入力��場���
+ログインセッション�開始�れる。
+\fBEOF\fR �押�れ�場���
+システム�マル�ユーザモード�入る。
+.PP
+ユーザ�シングルユーザシェルを抜���
+�る�� (シェル�入る��) \fBEOF\fR を押��後���
+システム�マル�ユーザモード�入る���必���期化処�を開始�る。
+.SH 警告
+��コマンド�利用��るよ���る���
+\fBinit\fR � \fB/bin/sh\fR ����
+\fBsulogin\fR を呼�よ������る��
+���
+\fIinittab\fR
+中�シングルユーザログイン�対�る設定��れ��る必���る。
+例���
+.br
+.sp 1
+co:s:respawn:/etc/sulogin /dev/console
+.br
+.sp 1
+���行を書������
+シングルユーザモード�� sulogin コマンド�実行�れる。
+.PP
+�能��り完全�環境��供�れる。
+����
+様々�デ�イス�マウント�れ������り�期化�れ������り�る���
+多��ユーザコマンド�使�����り機能����も�れ��。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- 暗�化�れ�パスワード�有効期��情報
+.SH 関連項目
+.BR login (1),
+.BR sh (1),
+.BR init (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/useradd.8 b/man/ja/man8/useradd.8
new file mode 100644
index 0000000..40ae9f3
--- /dev/null
+++ b/man/ja/man8/useradd.8
@@ -0,0 +1,176 @@
+.\" $Id$
+.\" Copyright 1991 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1996 HANATAKA Shinya
+.\"         all rights reserved.
+.\" Translated Wed Nov 20 17:42:39 JST 1996
+.\"         by HANATAKA Shinya 
+.\" Updated Mon Mar  5 JST 2002 by Kentaro Shirakata <argrath@ub32.org>
+.\" Modified Sun 22 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.\"WORD:        initial group           主グループ
+.\"WORD:        supplementary group     補助グループ
+.\"
+.TH USERADD 8
+.SH ��
+useradd \- 新�ユーザ�作�・新�ユーザ�デフォルト情報�更新
+.SH 書�
+.TP 8
+\fBuseradd\fR [\fB\-c\fR \fIcomment\fR] [\fB\-d\fR \fIhome_dir\fR]
+.br
+[\fB\-e\fR \fIexpire_date\fR] [\fB\-f\fR \fIinactive_time\fR]
+.br
+[\fB\-g\fR \fIinitial_group\fR] [\fB\-G\fR \fIgroup\fR[,...]]
+.br
+[\fB\-m\fR [\fB\-k\fR \fIskeleton_dir\fR]] [\fB\-o\fR] [\fB\-p\fR \fIpasswd\fR]
+.br
+[\fB\-s\fR \fIshell\fR] [\fB\-u\fR \fIuid\fR] \fIlogin\fR
+.TP 8
+\fBuseradd\fR \fB\-D\fR [\fB\-g\fR \fIdefault_group\fR] [\fB\-b\fR \fIdefault_home\fR]
+.br
+[\fB\-e\fR \fIdefault_expire_date\fR] [\fB\-f\fR \fIdefault_inactive\fR]
+.br
+[\fB\-s\fR \fIdefault_shell\fR]
+.SH 説明
+.SS 新�ユーザ�作�
+\fB\-D\fR オプション���実行�れ�場��
+\fBuseradd\fR コマンド�
+コマンドライン�値�デフォルト�設定値をも��
+新�ユーザ�アカウントを作��る。
+コマンドラインオプション�応���
+新�ユーザ�アカウント�必��システムファイル�追加�れ�
+ホームディレクトリ�作��れ�
+設定ファイル�コピー�れる。
+\fBuseradd\fR コマンド�オプション�次�通り。
+.IP "\fB\-c\fR \fIcomment\fR"
+パスワードファイル�追加�る新�ユーザ�コメントフィールド。
+.IP "\fB\-d\fR \fIhome_dir\fR"
+新�ユーザ�ログインディレクトリを \fIhome_dir\fR ��る。
+デフォルト�� \fIlogin\fR を
+\fIdefault_home\fR �付�加��も��ログインディレクトリ��る。
+.IP "\fB\-e\fR \fIexpire_date\fR"
+ユーザアカウント�使用�能��る日付。
+日付� \fIYYYY\-MM\-DD\fR ���書��指定�る。
+.IP "\fB\-f\fR \fIinactive_days\fR"
+パスワード�使用期��切れ��らアカウント�永久�使用�能��る���日数。
+0 ��る��
+パスワード�期��切れる��時���アカウント�使用�能��る。
+\-1 ��る���機能�無効��る。デフォルト値� \-1。
+.IP "\fB\-g\fR \fIinitial_group\fR"
+ユーザ�属�る主グループ�グループ���� ID。
+グループ�����存在�����れ��ら��。
+グループ ID �既存�グループ�対応�るも����れ��ら��。
+デフォルト�グループ ID � 1 ��
+��� \fI/etc/default/useradd\fR
+�指定�れ��るも���れ��れ�従�。
+.IP "\fB\-G\fR \fIgroup,[...]\fR"
+ユーザ�属�る補助グループ (supplementary groups) �リスト。
+グループ�コンマ�区切り�間�空白を入れ���ら��。
+指定��るグループ�� \fB\-g\fR オプション��様�制���る。
+デフォルト���ユーザ�主グループ���属�る。
+.IP \fB\-m\fR
+ホームディレクトリ�存在���場����ホームディレクトリを作��る。
+\fB\-k\fR オプションを�時�指定�る� \fIskeleton_dir\fR 以下�ファイル��
+指定���� \fI/etc/skel\fR 以下�ファイル��
+ホームディレクトリ�コピー�れる。
+ホームディレクトリ���
+\fIskeleton_dir\fR ��� \fI/etc/skel\fR
+���れる����ディレクトリも作��れる。
+\fB\-k\fR オプション��
+\fB\-m\fR オプション��も�使�れる場���有効��る。
+デフォルト���ホームディレクトリを作ら��ファイル�コピーも���。
+.IP "\fB\-o\fR"
+�複�� (固有���) UID �ユーザを作���るよ���る。
+.IP "\fB\-p\fR \fIpasswd\fR"
+\fBcrypt\fR(3) �返り値��る暗�化パスワード。
+デフォルト���アカウント�使���状態��る。
+.IP "\fB\-s\fR \fIshell\fR"
+ユーザ�ログインシェル���。
+デフォルト����フィールド�空白��り�
+システム�デフォルト�ログインシェルを��。
+.IP "\fB\-u\fR \fIuid\fR"
+ユーザ� ID 番�。
+��値��\fB\-o\fR オプションを用�る場�を除��他��複����ら��。
+���負値������ら��。
+デフォルト��� 999 �よ�他��らゆる既存ユーザ� ID よりも大���
+最��数値��る。
+0 �ら 999 ���値��
+通常システム用�アカウント�予約�れ��る。
+.SS デフォルト値�変更
+\fB\-D\fR オプションを指定�る��
+\fBuseradd\fR ��在�デフォルト値を表示�る��
+���オプション�与�られ�値�応��デフォルト値を変更�る。
+使用�能�オプション�次�通り。
+.IP "\fB\-b\fR \fIdefault_home\fR"
+新�ユーザ�ホームディレクトリ�パス�プレフィックス。
+新�ユーザアカウント�作�時� \fB\-d\fI オプション�指定�れ����
+\fIdefault_home\fR �後�ユーザ�を付�加��も��
+新�ディレクトリ����使�れる。
+.IP "\fB\-e\fR \fIdefault_expire_date\fR"
+ユーザアカウント�使用�能��る日付。
+.IP "\fB\-f\fR \fIdefault_inactive\fR"
+パスワード�使用期��切れ��らアカウント�使用�能��る���日数。
+.IP "\fB\-g\fR \fIdefault_group\fR"
+新�ユーザ�属�る主グループ�グループ����グループ ID。
+グループ�����存在�るも����れ��ら��。
+グループ ID �既存�グループ�対応�るも����れ��ら��。
+.IP "\fB\-s\fR \fIdefault_shell\fR"
+新�ユーザ�ログインシェル。
+指定�れ�プログラム��
+今後作られる����新�ユーザアカウント��用�れる。
+.PP
+オプションを指定�����
+\fBuseradd\fR ��在�デフォルト値を表示�る。
+.SH 注�
+\fI/etc/skel\fR ディレクトリ�デフォルト�ユーザファイルを置���
+システム管�者�行���作業��る。
+.SH 警告
+NIS �グループ�ユーザを加����ら��。
+�れ�必� NIS サー�上�行���。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- 安全�ユーザアカウント情報
+.br
+\fI/etc/group\fR \ \- グループ情報
+.br
+\fI/etc/default/useradd\fR \- デフォルト情報
+.br
+\fI/etc/skel/\fR \ \- ファイル�雛形�置�れるディレクトリ
+.SH 関連項目
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR crypt (3),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR userdel (8),
+.BR usermod (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/userdel.8 b/man/ja/man8/userdel.8
new file mode 100644
index 0000000..8cbb218
--- /dev/null
+++ b/man/ja/man8/userdel.8
@@ -0,0 +1,77 @@
+.\" $Id$
+.\" Copyright 1991 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated Fri Jan 12 JST 2000 by Kentaro Shirakata <argrath@ub32.org>
+.\" Updated Fri Mar  1 JST 2002 by Kentaro Shirakata <argrath@ub32.org>
+.\" Modified Sun 22 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH USERDEL 8
+.SH ��
+userdel \- ユーザ�アカウント�関連ファイルを削除�る
+.SH 書�
+.B userdel
+[\fB\-r\fR]
+.I login
+.SH 説明
+\fBuserdel\fR コマンド��システムアカウントファイルを修正��
+ユーザ \fIlogin\fR �対応�る����エントリを削除�る。
+削除�れるユーザ�存在�����れ��ら��。
+\fBuserdel\fR コマンド��用��るオプション�以下�通り。
+.IP \fB\-r\fR
+ユーザ�ホームディレクトリ中�ファイルを削除�る。
+ホームディレクトリ自体�ユーザ�メールスプールも消去�る。
+ファイルシステム中����場所��る��ユーザ�ファイル��
+手作業�探�出��削除���れ��ら��。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- 安全�ユーザアカウント情報
+.br
+\fI/etc/group\fR \ \- グループ情報
+.SH 警告
+\fBuserdel\fR ��削除�れるユーザ��在ログイン���る場���
+��アカウント�削除を許����。
+削除�よ�����るアカウント�属�る実行中�プロセス��
+��� kill ���れ��ら��。
+NIS �クライアント�ら��NIS �属性値�削除����。
+削除� NIS �サー��行���れ��ら��。
+.SH 関連項目
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR useradd (8),
+.BR usermod (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/usermod.8 b/man/ja/man8/usermod.8
new file mode 100644
index 0000000..bd2f604
--- /dev/null
+++ b/man/ja/man8/usermod.8
@@ -0,0 +1,145 @@
+.\" $Id$
+.\" Copyright 1991 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" Japanese Version Copyright (c) 1997 Kazuyoshi Furutaka
+.\"         all rights reserved.
+.\" Translated Fri Feb 14 23:06:00 JST 1997
+.\"         by Kazuyoshi Furutaka <furutaka@Flux.tokai.jaeri.go.jp>
+.\" Updated Tue Jan 23 17:21:08 JST 2001
+.\"         by Kentaro Shirakata <argrath@ub32.org>
+.\" Modified Sun 22 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.\"WORD:        initial group           主グループ
+.\"WORD:        supplementary group     補助グループ
+.\"
+.TH USERMOD 8
+.SH ��
+usermod \- ユーザアカウントを修正�る
+.SH 書�
+\fBusermod\fR [\fB\-c\fR \fIcomment\fR] [\fB\-d\fR \fIhome_dir\fR [\fB\-m\fR]]
+.br
+[\fB\-e\fR \fIexpire_date\fR] [\fB\-f\fR \fIinactive_time\fR]
+.br
+[\fB\-g\fR \fIinitial_group\fR] [\fB\-G\fR \fIgroup\fR [,...]]
+.br
+[\fB\-l\fR \fIlogin_name\fR] [\fB\-p\fR \fIpasswd\fR]
+.br
+[\fB\-s\fR \fIshell\fR] [\fB\-u\fR \fIuid\fR [\fB\-o\fR]] [\fB\-L\fR|\fB\-U\fR]
+\fIlogin\fR
+.SH 説明
+\fBusermod\fR コマンド��
+コマンドライン上��指定�よ���
+システムアカウントファイルを修正�る。
+\fBusermod\fR コマンド�指定��るオプション�次�通り。
+.IP "\fB\-c\fR \fIcomment\fR"
+パスワードファイル�コメントフィールド�与�る新��値。
+通常�
+.BR chfn (1)
+ユーティリティ�よ��変更�れる。
+.IP "\fB\-d\fR \fIhome_dir\fR"
+新��ログインディレクトリ。
+\fB\-m\fR オプションを用�る��
+�在�ホームディレクトリ�中身�新��ホームディレクトリ�移動�れる
+(後者�存在���場��新��作��れる)。
+.IP "\fB\-e\fR \fIexpire_date\fR"
+��ユーザアカウント�使用�能��る日付。
+日付� \fIYYYY\-MM\-DD\fR ���書��指定�る。
+.IP "\fB\-f\fR \fIinactive_days\fR"
+パスワード�使用期��切れ��らアカウント�永久�使用�能��る���日数。
+0 ��る��
+パスワード�期��切れる��時���アカウント�使用�能��る。
+\-1 ��る���機能�無効��る。デフォルト値� \-1。
+.IP "\fB\-g\fR \fIinitial_group\fR"
+
+新����ユーザ�ログイン時�期グループ��るグループ���� ID。
+グループ��既�存在�����れ��ら��。
+グループ番��既存�グループを�照�����れ��ら��。
+デフォルト�グループ番�� 1。
+.IP "\fB\-G\fR \fIgroup,[...]\fR"
+ユーザ�属�る補助グループ (supplementary groups) �リスト。
+グループ�コンマ�区切り�間�空白文字を入れ���ら��。
+指定��るグループ�� \fB\-g\fR オプション��様�制���る。
+�在��ユーザ��
+新��リスト���グループ�メン�ー�����る場���
+��グループ�ら削除�れる。
+.IP "\fB\-l\fR \fIlogin_name\fR"
+ユーザ�ログイン�を \fIlogin\fR �ら \fIlogin_name\fR �変更�る。
+他�何も変更������
+��ら�新��ログイン������
+ホームディレクトリ���を変更�る必���る���。
+.IP "\fB\-p\fR \fIpasswd\fR"                                                
+\fBcrypt\fR(3) �返り値��る暗�化パスワード。
+.IP "\fB\-s\fR \fIshell\fR"
+ユーザ�新��ログインシェル���。
+��フィールドを空白���場���
+システム�デフォルト�ログインシェルを�択�る。
+.IP "\fB\-u\fR \fIuid\fR"
+ユーザ� ID 番�。
+��値��\fB\-o\fR オプションを用�る場�を除��他��複����ら��。
+���負値������ら��。
+0 �ら 999 ���値��通常システムアカウント用�予約�れ��る。
+ホームディレクトリ以下��
+��ユーザ所有�����ファイル�ユーザ ID ��
+自動的�新��値�変更�れる。
+ホームディレクトリ以下���ファイル�手作業�変更���れ��ら��。
+.IP "\fB\-L\fR"
+ユーザ�パスワードをロック�る。
+�れ�暗�化�れ�パスワード��� '!' を追加��
+実質的�パスワードを無効��る。
+��オプションを \fI\-p\fR や \fI\-U\fR ��時�用�る�������。
+.IP "\fB\-U\fR"
+ユーザ�パスワードをアンロック�る。
+�れ�暗�化�れ�パスワード�先頭� '!' を�り除�。
+��オプションを \fI\-p\fR や \fI\-L\fR ��時�用�る�������。
+.SH 警告
+\fBusermod\fR
+��在ログイン���るユーザ���を変更����。
+��コマンドを使用��ユーザ� ID 番�を変更�る際���
+指定��ユーザ�プロセス�一�も実行�れ������を
+事��確����れ��ら��。
+crontab ファイル�所有者�手作業�変更���れ��ら��。
+at ジョブ�所有者�手作業�変更���れ��ら��。
+NIS �関�る作業� NIS サー�上�行����れ��ら��。
+.SH ファイル
+\fI/etc/passwd\fR \- ユーザアカウント情報
+.br
+\fI/etc/shadow\fR \- 安全�ユーザアカウント情報
+.br
+\fI/etc/group\fR \ \- グループ情報
+.SH 関連項目
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR crypt (3),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR useradd (8),
+.BR userdel (8)
+.SH 著者
+Julianne Frances Haugh (jockgrrl@ix.netcom.com)
diff --git a/man/ja/man8/vigr.8 b/man/ja/man8/vigr.8
new file mode 100644
index 0000000..ff72d7a
--- /dev/null
+++ b/man/ja/man8/vigr.8
@@ -0,0 +1 @@
+.so man8/vipw.8
diff --git a/man/ja/man8/vipw.8 b/man/ja/man8/vipw.8
new file mode 100644
index 0000000..205d121
--- /dev/null
+++ b/man/ja/man8/vipw.8
@@ -0,0 +1,38 @@
+.\" $Id$
+.\"
+.\" Japanese Version Copyright (c) 2001 Maki KURODA
+.\"     all right reserved,
+.\" Translated Tue Oct 30 11:55:56 JST 2001
+.\"     by Maki KURODA <mkuroda@aisys-jp.com>
+.\" Modified Sun 22 Sep 2002 by NAKANO Takeo <nakano@apm.seikei.ac.jp>
+.\"
+.TH VIPW 8 "26 Sep 1997"
+.SH ��
+vipw, vigr \- password, group ��れ�れ� shadow ファイルを編集�る
+.SH 書�
+\fBvipw\fR [\fB\-s\fR]
+.br
+\fBvigr\fR [\fB\-s\fR]
+.SH 説明
+.BR vipw " � " vigr
+���れ�れ
+\fI/etc/passwd\fR " � " \fI/etc/group\fR
+を編集�る。
+.B \-s
+フラグ�指定�れる���れら�ファイル� shadow 化版��る
+\fI/etc/shadow\fR � \fI/etc/gshadow\fR
+を�れ�れ編集�る。
+�れら�プログラム�ファイル�壊れ��よ��切�ロックを設定�る。
+
+�れら�プログラム��利用�るエディタ�����
+環境変数
+.BR VISUAL ,
+環境変数
+.BR EDITOR ,
+を順�試��最後�デフォルト�エディタ��る
+.BR vi 
+を用�よ���る。
+.SH 関連項目
+.BR group (5),
+.BR passwd (5),
+.BR shadow (5)
diff --git a/man/ko/Makefile.am b/man/ko/Makefile.am
new file mode 100644
index 0000000..c269f0b
--- /dev/null
+++ b/man/ko/Makefile.am
@@ -0,0 +1,16 @@
+
+mandir = @mandir@/ko
+
+man_MANS = \
+	man1/chfn.1 \
+	man1/chsh.1 \
+	man1/groups.1 \
+	man1/login.1 \
+	man5/passwd.5 \
+	man1/su.1 \
+	man8/vigr.8 \
+	man8/vipw.8
+# newgrp.1 must be updated
+#	newgrp.1
+
+EXTRA_DIST = $(man_MANS)
diff --git a/man/ko/man1/chfn.1 b/man/ko/man1/chfn.1
new file mode 100644
index 0000000..e6d3fae
--- /dev/null
+++ b/man/ko/man1/chfn.1
@@ -0,0 +1,54 @@
+.\" $Id$
+.\" (c) 1994 by salvatore valente <svalente@athena.mit.edu>
+.\"
+.\" this program is free software.  you can redistribute it and
+.\" modify it under the terms of the gnu general public license.
+.\" there is no warranty.
+.TH CHFN 1 "October 13 1994" "chfn" "Linux Reference Manual"
+.SH NAME
+chfn \- 사용� finger 정보를 바꾼다.
+.SH SYNOPSIS
+\fBchfn\fR [\fB\-f\fR \fIfull\-name\fR] [\fB\-o\fR \fIoffice\fR] [\fB\-p\fR \fIoffice\-phone\fR]
+[\ \-h\ home\-phone\ ] [\ \-u\ ] [\ \-v\ ] [\ username\ ]
+.SH DESCRIPTION
+.B chfn
+명령� 사용�� finger 정보를 바꾼다. �것� 
+.I /etc/passwd
+파�� 정보를 바꾼다. 
+.B finger
+명령� 사용� 때 바로 � 파�� 참조하기 때문�다.
+.B finger
+명령� 
+.B chfn
+명령�서 바� 실재�름, �장, �장전화, 집전화번호를 보여준다.
+.SS COMMAND LINE
+아무 옵션 없� � 명령� 사용하면, �접 사용��게 ��� 바꿀 정보를 
+물어보지만, � 정보들� 명령행�서 �접 입력할 수� 있다.
+.SS INTERACTIVE MODE
+아무 옵션 없� � 명령� 사용하면, �접 사용��게 ��� 바꿀 정보를 
+물어본다. �때 정당한 값� 지정해 주고, �래� 값� 바꾸지 않으려면, 
+그냥 Enter 글쇠를 누르면 �다.
+.SH OPTIONS
+.TP
+.I "\-f, \-\-full\-name"
+사용� 실재 �름
+.TP
+.I "\-o, \-\-office"
+사용� �장
+.TP
+.I "\-p, \-\-office\-phone"
+사용� �장 전화번호
+.TP
+.I "\-h, \-\-home\-phone"
+사용� 집 전화 번호
+.TP
+.I "\-u, \-\-help"
+�움�� 보여주고 마친다.
+.TP
+.I "\-v, \-\-version"
+버전 정보를 보여주고 마친다.
+.SH "SEE ALSO"
+.BR finger (1),
+.BR passwd (5)
+.SH AUTHOR
+Salvatore Valente <svalente@mit.edu>
diff --git a/man/ko/man1/chsh.1 b/man/ko/man1/chsh.1
new file mode 100644
index 0000000..6fd5d3f
--- /dev/null
+++ b/man/ko/man1/chsh.1
@@ -0,0 +1,43 @@
+.\" $Id$
+.\" (c) 1994 by salvatore valente <svalente@athena.mit.edu>
+.\"
+.\" this program is free software.  you can redistribute it and
+.\" modify it under the terms of the gnu general public license.
+.\" there is no warranty.
+.TH CHSH 1 "October 13 1994" "chsh" "Linux Reference Manual"
+.SH NAME
+chsh \- 사용� 로그� 쉘� 바꾼다.
+.SH SYNOPSIS
+.B chsh
+[\ \-s\ shell\ ] [\ \-l\ ] [\ \-u\ ] [\ \-v\ ] [\ username\ ]
+.SH DESCRIPTION
+.B chsh
+명령� 사용�가 사용하고 있는 로그� 쉘� 바꾸는�, 사용�다. 
+(��� exit 명령� 사용했� 때 로그아웃�는 쉘� �한다.)
+명령행�서 쉘� 지정하지 않으면, 사용��게 물어본다.
+.SS VALID SHELLS
+.B chsh
+명령�서는 절대 경로를 지정하는 어떠한 실행파�� 지정� 가능하다. 
+하지만, 
+.I /etc/shells
+파��서 지정�어 있지 않는 풀그림� 사용할 경우�는 경고 메시지를 보여준다.
+.SH OPTIONS
+.TP
+.I "\-s, \-\-shell"
+지정하는 쉘� 앞으로 사용할 로그� 쉘로 바꾼다.
+.TP
+.I "\-l, \-\-list\-shells"
+.I /etc/shells
+파� 안� 지정� 쉘� 나열하고 마친다.
+.TP
+.I "\-u, \-\-help"
+�움�� 보여주고 마친다.
+.TP
+.I "\-v, \-\-version"
+버전 정보를 보여주고 마친다.
+.SH "SEE ALSO"
+.BR login (1),
+.BR passwd (5),
+.BR shells (5)
+.SH AUTHOR
+Salvatore Valente <svalente@mit.edu>
diff --git a/man/ko/man1/groups.1 b/man/ko/man1/groups.1
new file mode 100644
index 0000000..d407d3d
--- /dev/null
+++ b/man/ko/man1/groups.1
@@ -0,0 +1,32 @@
+.\"$Id$
+.TH GROUPS 1L "GNU 쉘 유틸리티" "FSF" \" \-*\- nroff \-*\-
+.SH �름
+groups \- 사용�가 �한 그룹들� 출력한다
+.SH 개요
+.B groups
+[사용�명...]
+.br
+.B groups
+{\-\-help,\-\-version}
+.SH 설명
+� 맨페�지는 GNU 버전�
+.BR groups 
+를 다룬다.
+.B groups
+는 주어진 � 
+.IR username
+�는 프로세스
+가 �한 추가 그룹� �름� 출력해준다.
+만약 사용�명� 주어졌다면 � 사용�명� 소�� 그룹 목� 앞� 표시�다.
+.PP
+그룹 목�� `id \-Gn'� 결과와 같다.
+.SS 옵션
+GNU
+.B groups
+가 단 한 개� �수를 가지고 실행�면 다� 옵션들� ��한다:
+.TP
+.I "\-\-help"
+표준출력으로 사용법� 출력하고 정��으로 종료한다.
+.TP
+.I "\-\-version"
+표준출력으로 버전정보를 출력하고 정��으로 종료한다.
diff --git a/man/ko/man1/id.1 b/man/ko/man1/id.1
new file mode 100644
index 0000000..a48aa26
--- /dev/null
+++ b/man/ko/man1/id.1
@@ -0,0 +1,52 @@
+.TH ID 1L "GNU 쉘 유틸리티" "FSF" \" \-*\- nroff \-*\-
+.SH �름
+id \- 실제, 유효 UID와 GID를 출력한다.
+.SH 개요
+.B id
+[\-gnruG] [\-\-group] [\-\-name] [\-\-real] [\-\-user] [\-\-groups]
+[\-\-help] [\-\-version] [username]
+.SH 설명
+� 맨페�지는 GNU 버전�
+.BR id 
+를 다룬다.
+.B id
+는 주어진 사용�, �는 사용�가 주어지지 않는 경우 프로세스� 주�� 대한
+정보를 출력한다. 기본�으로 실제 사용� ID, 실제 그룹 ID, 만약 실제 사용�
+ID와 다르다면 유효 사용� ID를, 마찬가지로 실제 그룹 ID와 다르다면 유효 그룹
+ID를 출력하고 추가 그룹 ID를 출력한다. � 항목� �별 문� 그리고 괄호 안�
+해당하는 사용� �는 그룹명으로 표현�다.
+.PP
+.B id
+� 옵션� 주면 위�서 열거한 정보� �부만 보여준다.
+.SS 옵션
+.TP
+.I "\-g, \-\-group"
+오로지 그룹 ID만 출력한다.
+.TP
+.I "\-G, \-\-groups"
+추가 그룹만 출력한다.
+.TP
+.I "\-\-help"
+표준출력으로 사용법� 출력하고 정��으로 종료한다.
+.TP
+.I "\-n, \-\-name"
+ID 번호 대신 사용�명, 그룹명� 출력한다.
+.IR \-u ,
+.IR \-g ,
+�는
+.IR \-G 
+를 필요로 한다.
+.TP
+.I "\-r, \-\-real"
+유효 사용�, 유효 그룹 ID가 아니� 실제 ID 를 출력한다.
+.IR \-u ,
+.IR \-g ,
+�는
+.IR \-G 
+를 필요로 한다.
+.TP
+.I "\-u, \-\-user"
+오로지 사용� ID 만 출력한다.
+.TP
+.I "\-\-version"
+표준출력으로 버전정보를 출력하고 정��으로 종료한다.
diff --git a/man/ko/man1/login.1 b/man/ko/man1/login.1
new file mode 100644
index 0000000..4533beb
--- /dev/null
+++ b/man/ko/man1/login.1
@@ -0,0 +1,300 @@
+.\" Copyright 1993 Rickard E. Faith (faith@cs.unc.edu)
+.\" May be distributed under the GNU General Public License
+.TH LOGIN 1 "1 February 1993" "Linux 0.99" "Linux Programmer's Manual"
+.SH �름
+login \- 시스템 접�
+.SH 사용법
+.BR "login [ " �름 " ]"
+.br
+.B "login \-p"
+.br
+.BR "login \-h " 호스트�름
+.br
+.BR "login \-f " �름
+.SH 설명
+.B login
+풀그림� 한 시스템� 접�처리를 하는 풀그림�다. 
+�한 현재 접� 중�서� 한 사용��서 다른 사용�로 바꾸고� 할 때� 
+사용� 수 있다. (한편, 대부분� 요즘 만들어진 쉘� 그 쉘 내부�으로
+�러한 기능� 제공하고 있기� 하다.)
+
+아무 옵션 없� 사용하면, 
+사용� 계정� 물어보는 프롬프트가 나타난다.
+
+�때 입력�는 계정� root가 아니고, 
+.I /etc/nologin
+파�� 있으면 그 파�안� 내용� 보여지고 
+� 풀그림� 종료�다. �것� 시스템 검사나 기타 사정� �반 사용� 
+접�� 하지 못하�� 할때 사용�다.
+
+.IR /etc/usertty 
+파��서 특정 사용�� 로그� 허용과 거부가 지정�어 있� 때, 
+만� 그 사용�가 접�하고� 할 때는 그� 따른 접�처리를 한다.
+�때, 접�거부�면 로그�� �나고 
+.B syslog
+명령� 작��어 그 �황� 기�한다. 
+�세한 �야기는 아래 "특별 접근 거부" 부분�서 다룬다.
+
+
+.IR /etc/securetty 
+파��서는 root로 접�할 수 있는 터미날들� 나열�어 있다. 
+�때 접� 실패가 �어나면 
+.B syslog
+명령� 작��어 그 �황� 기�한다.
+
+사용� 계정� 확� 절차가 �나면, 비밀번호를 물어보는 프롬프트가 
+나타난다. (그 사용�� 계정�서 비밀번호가 필요하면 나타난다.)
+�때, 10번�안 비밀번호를 틀리게 입력하면 login� 종료�다. 
+그런�, 처� 세번� 바로 다시 물어보지만, 다�부터는 매우 �리게 
+반복�다. (로그� 과정�)
+물론 � 과정들� 
+.B syslog
+명령� �해 그 �황� 기��다. 
+
+.I .hushlogin
+파� $HOME 경로안� 있으면, 새로 �착한 편지가 있� 때 보여주는 
+메시지와 마지막 로그�한 시간� 알리는 메시지를 보여주지 않는다.
+� 파�� 없고, 
+.I /var/log/lastlog
+파�� 있으면, 그 파��서 마지막 로그� 시간� �어 보여주고, 
+그 파��, 현재 로그�� 기�한다.
+
+로그� 계정, 비밀번호 확�철�가 �나면, 
+다�� 터미날� UID, GID 설정같� 관리작업들� 무작위로
+수행한다. TERM 환경변수가 사용�고 있으면, � 환경변수를 지정하고, 
+(
+.B \-p
+옵션� 사용�면 다른 환경변수가 지정�다)
+HOME, PATH, SHELL, TERM, MAIL, LOGNAME 환경변수들� 지정한다.
+�반 사용��면 경로를 초기값으로 아래와 같� 지정하고, 
+.br
+.I /usr/local/bin:/bin:/usr/bin:.
+root�면 초기값으로 아래와 같� 지정한다.
+.br
+.I /sbin:/bin:/usr/sbin:/usr/bin
+.br
+마지막으로 "조용한" 로그�� 아니�면, 그날� 메시지를 출력하고, 
+.I /usr/spool/mail
+경로안� 그 사용� �름으로 � 파�� �기가 0� 아닌지 확�해서 
+0� 아니면, 편지가 있다고 알려준다.
+
+다� 사용� 쉘� 지정하는�, 
+.BR /etc/passwd 
+파��서 그 사용�� 쉘� 지정�어 있지 않으면, 
+.B /bin/sh
+쉘� 사용한다. 
+�한,
+.IR /etc/passwd 
+파��서 홈 경로가 지정�어 있지 않으며,
+.I /
+경로로 로그��다.(홈 경로는 위�서 설명한 
+.I .hushlogin
+파�� 있는지 확�할 때 검사�다.)
+.SH 옵션
+.TP
+.B \-p
+.B login
+실행할 때 �전 환경들� 그대로 사용하�� 
+.BR getty (8)
+명령� �해 사용�다.
+.TP
+.B \-f
+�번째 로그�� 경우�는 그 ��(계정확�절차)� 통과한다.
+root 계정� 경우�는 작��지 않으며, 리눅스�서는 바르게 
+작��지 않� 수� 있다.
+.TP
+.B \-h
+리모트 호스트 로그�시(가령, telnetd(8) 사용) 계정 입력� 통과한다.
+물론 utmp, wtmp 기�� 있다. � 옵션� 단지 root만� 사용할 수 있다.
+
+.SH "특별 접근 거부"
+.I /etc/securetty
+파��는 root가 접� 할 수 터미날� 나열�어 있다. 
+� 터미날 �름� /dev/ 글�를 �략한 터미날 �름만�다.
+� 파�� 없다면 root는 모든 터미날�서 접�� 가능하다.
+.PP
+.I /etc/usertty
+파��는 특정 사용�� 접�� 대한 특별한 설정 내용� 있다. 
+� 파�� 없다면, 어떠한 특정 사용�� 접� 거부같� 없다. 
+� 파�� 세부분으로 구성�어 있는�, �� 그 부분들� �름� 
+CLASSES, GROUPS, USERS �다. CLASSES 부분�서는 터미날� �래스와 
+호스트�름 패턴� 정��고,  GROUPS 부분�서는 그룹 단위� 허��는
+터미날과 호스트가 정��고, USERS 부분�서는 사용� 단위� 허��는
+터미날과 호스트가 정��다.
+.PP
+� 파�� � 줄� 255 문�를 넘� 수 없으며,
+# 문�로 시작하는 그 줄 전체는 주�으로 처리�다.
+.PP
+.SS "CLASSES 섹션"
+CLASSES 섹션� 대문�로 첫칸부터 CLASSES�고 씀으로 정��다. 
+� 부분� 다� 섹션� 정��기 전까지 모든 부분� �함�다.
+� 단어� 구분� 공백문�나 탭문�로 한다.
+� 줄�는 터미날과 호스트 패턴� �래스가 정��다.
+.PP
+� 줄� 처�� 관리�가 정�하는 �래스 �름� 오고, 
+그 다��는 그 �래스�서 사용하는 터미날과 호스트 패턴� 온다. 
+� �래스 �름� 다�� 오는 GROUPS, USERS 섹션�서 사용� 수 있다. 
+.PP
+CLASSES 섹션 예제:
+.PP
+.nf
+.in +.5
+CLASSES
+myclass1		tty1 tty2
+myclass2		tty3 @.foo.com
+.in -.5
+.fi
+.PP
+윗 예제는 
+.I myclass1
+ê³¼
+.I myclass2
+�래스를 오른쪽 부분과 같� 정�한 것�다.
+.PP
+.SS "GROUPS 섹션"
+GROUPS 섹션�서는 유닉스 그룹 단위� 허��는 터미날과 호스트가 정��다.
+접�하는 사용�� 그룹�(�것� 
+.I /etc/passwd
+파�과 
+.I /etc/group
+파��서 확��)� 
+.I /etc/usertty
+파�� GROUPS 섹션 부분�서 정�� 그룹��면, 그� 해당�는 
+터미날과 호스트�만 접�� 가능해 진다.
+.PP
+GROUPS 섹션� 첫칸� 대문�로 GROUPS ��고 씀으로 정�가 시작�고, 
+다�섹션� 정�가 나타나기 전까지 � 섹션으로 가정한다. 
+� 단어� 구분� 공백문�나 탭문�로 하며, 
+� 줄� 처��는 그룹� 오고 다��는 그 그룹�서 접근할 수 있는
+터미날과 호스트가 온다. �한 허��는 터미날과 호스트 부분�서 
+앞 CLASSES 섹션�서 정�한 �래스 �름� 사용� 수� 있다. 
+.PP
+GROUPS 섹션� 예제:
+.PP
+.nf
+.in +0.5
+GROUPS
+sys		tty1 @.bar.edu
+stud		myclass1 tty4
+.in -0.5
+.fi
+.PP
+윗 예제는 
+.I sys
+그룹� 사용�는 bar.edu �메�� 가진 호스트�서, tty1로만 
+접�� 가능하다. 
+.I stud 
+그룹� 사용�는 myclass1 �래스 �는 tty4로만 접�� 가능하다.
+.PP
+
+.SS "USERS 섹션"
+USERS 섹션� 첫칸� USERS �고 대문�로 씀으로 정��다. 
+� 단어� 구분� 공백문�와 탭문�로 하며, 
+첫칸�는 사용� 계정, 다��는 그 계정 사용�가 접� 할 수 있는 
+터미날과 그 사용�가 접� 시�하는 호스트가 정��다. 
+물론 터미날과 호스트 정�부분�서 앞 CLASSES 섹션�서 정�한 �래스가 
+사용� 수� 있다. 
+.PP
+USERS 섹션 예제:
+.PP
+.nf
+.in +0.5
+USERS
+zacho		tty1 @130.225.16.0/255.255.255.0
+blue		tty3 myclass2
+.in -0.5
+.fi
+.PP
+윗 예제는 zacho 계정 사용�는 IP 주소가 130.225.16.0 부터 130.225.16.255
+범위 안� 호스트�서 � 컴� tty1로 접� 하고� 할 때만 접�� 할 수 있다. 
+blue 계정 사용�는 myclass2�서 정�� 환경과 tty3으로만 접�할 수 있다.
+.PP
+USERS 섹션안�서 사용� 계정 부분� * 문�가 올 수� 있다. 
+�것� 초기값 지정�며, 모든 사용��게 �용�다.
+.PP
+접�하고� 하는 사용�� 계정과 그룹� USERS, GROUPS 섹션 � 부분�서 모�
+�용�면 � 섹션�서 정�� 모든 터미날/호스트가 �용�다.
+
+.SS Origins
+터미날과 호스트 정� 부분�는 �래스, origin��고 부르는 
+�군� 문�열� 사용�다. � origin 문�열� 다�과 같� 형�� 취한다.
+.IP o 
+터미날� �름�는 /dev/ 부분� 빠진다. 즉, tty1, ttyS0 형�으로 사용�다.
+.PP
+.IP o
+@localhost 문�열� 로칼 호스트�서 telnet/rlogin으로 접�하는 사용�를 
+�미한다. 즉 `xterm \-e /bin/login' 명령같� 것� 실행�다는 것� �미한다.
+.PP
+.IP o
+@.some.dom 문�열� 리모트 호스트 접�시 그 사용�가 rlogin/telnet으로
+�메�� .some.dom로 �나는 호스트�서만 접�할 수 있다는 것� �미한다.
+.PP
+.IP o
+IP 주소� �역� @x.x.x.x/y.y.y.y �런 �으로 정�하는�, 
+�것� x.x.x.x �서 y.y.y.y 범위� IP 주소를 가진 호스트�서만 
+접�� 가능하다. 예를 들어, @130.225.16.0/255.255.254.0
+으로 정�하면, IP� 범위가 130.225.16.0 \- 130.225.17.255� 
+호스트�서만 접�� 가능하다.
+.PP
+기타 origin �서 사용�는 문�열로 시간� 정할수 있는�, 
+그 형�� 다�과 같다.
+.PP
+.nf
+timespec    ::= '[' <day\-or\-hour> [':' <day\-or\-hour>]* ']'
+day         ::= 'mon' | 'tue' | 'wed' | 'thu' | 'fri' | 'sat' | 'sun'
+hour        ::= '0' | '1' | ... | '23'
+hourspec    ::= <hour> | <hour> '\-' <hour>
+day\-or\-hour ::= <day> | <hourspec>
+.fi
+.PP
+예를 들어, [mon:tue:wed:thu:fri:8\-17]tty3 문�열� 
+월요�부터 금요�까지, 오전 8시 00분부터 오후 5시 59분까지만
+tty3으로 접�할 수 있�� �미한다. 시간 지정�서는 단지, 
+a\-b �으로 정��면 a시 00분 부터 b시 59분까지를 �미하며,
+단지 단� 숫�만 있으면(가령 10) 그 시간만(10시 00분부터 10시 59분까지)�
+�미한다.
+.PP
+시간부분� 설정� 지정�지 않으면 어떠한 시간�� 접�� 가능하다.
+� 요�별로 그 시간� 따로 정하고 싶으면 � 요� 정�다�� 시간� 
+�� 따로 정� 할 수� 있다.
+시간지정�서는 공백문�를 사용할 수 없다.
+.PP
+만약 
+.I /etc/usertty
+파��서 � 정�들� 바르지 못하게 정��다면, 
+모든 사용�� 특별 접� 거부 같� 것� 없다. 
+.PP
+.SH "관련 파�"
+.nf
+\fI/var/run/utmp\fR
+\fI/var/log/wtmp\fR
+\fI/var/log/lastlog\fR
+\fI/etc/motd\fR
+\fI/etc/passwd\fR
+\fI/etc/nologin\fR
+\fI/etc/usertty\fR
+\fI$HOME/.hushlogin\fR
+.fi
+.SH "관련 항목"
+.BR init (8),
+.BR getty (8),
+.BR mail (1),
+.BR passwd (1),
+.BR passwd (5),
+.BR environ (7),
+.BR shutdown (8)
+.SH 벌레
+리눅스�서는 다른 옛날 운�체제와 달리 한 사용�� 중복 로그�� 
+제한하지 않는다.
+
+설명�지 않� BSD� 
+.B \-r
+옵션� 지��지 않는다. 
+� 옵션� 
+어떠한 
+.BR rlogind (8)
+풀그림�서 필요할 지� 모른다.
+.SH 만든�
+Derived from BSD login 5.40 (5/9/89) by Michael Glad (glad@daimi.dk) for HP\-UX
+.br
+Ported to Linux 0.12: Peter Orbaek (poe@daimi.aau.dk)
diff --git a/man/ko/man1/newgrp.1 b/man/ko/man1/newgrp.1
new file mode 100644
index 0000000..31cc482
--- /dev/null
+++ b/man/ko/man1/newgrp.1
@@ -0,0 +1,29 @@
+.\" Original author unknown.  This man page is in the public domain.
+.\" Modified Sat Oct  9 17:46:48 1993 by faith@cs.unc.edu
+.TH NEWGRP 1 "9 October 1993" "Linux 1.2" "Linux Programmer's Manual"
+.SH NAME
+newgrp \- �신� 소�� 그룹� 새 그룹으로 바꾼다.
+.SH SYNOPSIS
+.BI "newgrp [ " group " ]"
+.SH DESCRIPTION
+.B Newgrp
+명령� 
+changes the group identification of its caller, analogously to
+.BR login (1).
+명령으로 로그� 할 때 �별�는 그룹� 바꾼다. 
+\fIgroup\fR으로 사용� 수 있는 값� /etc/group 파�안� 
+있는 그룹� �름�나, GID 값�여야 하며, 
+명령행 ���서 � 값� 특별히 지정하지 않으면, 현재 �신� 
+그룹으로 바꾼다. 
+.LP
+.SH FILES
+.I /etc/group
+.br
+.I /etc/passwd
+
+.SH "SEE ALSO"
+.BR login "(1), " group (5)
+
+.SH AUTHOR
+Originally by Michael Haardt. Currently maintained by 
+Peter Orbaek (poe@daimi.aau.dk).
diff --git a/man/ko/man1/su.1 b/man/ko/man1/su.1
new file mode 100644
index 0000000..e509c70
--- /dev/null
+++ b/man/ko/man1/su.1
@@ -0,0 +1,92 @@
+.TH SU 1 "GNU 쉘 유틸리티" "FSF" \" \-*\- nroff \-*\-
+.SH �름
+su \- 사용�와 그룹 ID 를 �체하여 쉘� 실행한다
+.SH 개요
+.B su
+[\-flmp] [\-c 명령] [\-s 쉘] [\-\-login] [\-\-fast]
+[\-\-preserve\-environment] [\-\-command=명령] [\-\-shell=쉘] [\-]
+[\-\-help] [\-\-version] [사용� [�수...]]
+.SH 설명
+� 맨페�지는 GNU 버전�
+.BR su 
+를 설명한다.
+.B su
+는 한 사용�가 잠시 다른 사용�가 � 수 있�� 해준다.
+실제 사용� ID, 그룹 ID, USER� 보충�� 그룹으로 쉘� 실행한다.
+USER가 주어지지 않으면 기본�으로 수�유저� root 로 설정�다.
+실행�는 쉘� USER� 패스워드 목��서 찾아오거나 없으면 /bin/sh 를 수행한다.
+만약 USER� 패스워드가 있다면
+.B su
+는 실제 사용� ID 0 (수�유저)가 아닌 한 패스워드를 물어온다.
+.PP
+기본�으로,
+.B su
+는 현재 디렉토리를 변경하지 않는다. USER � 패스워드 항목으로부터 `HOME',
+`SHELL' 등� 변수를 설정하고 만약 수�유저가 아니�면 `USER'와 `LOGNAME'�
+USER로 설정한다. 기본�으로 � 쉘� 로그� 쉘� 아니다.
+.PP
+만약 한 개 ��� �수가 주어지면 쉘� 대한 �수로 전달�다.
+.PP
+.B su
+는 /bin/sh나 다른 쉘� 특별히 다루지는 않는다.
+(argv[0]를 "\-su"로 하고 \-c 를 특정 쉘로 지정하지 않는 한... )
+.PP
+syslog를 가지고 있는 시스템�서는,
+.B su
+가 실패하는 경우 보고를 하��, 그리고 성공� 경우�는 선��으로 보고하��
+컴파�하면
+.B su
+가 syslog를 사용한다.
+.SS 옵션
+.TP
+.I "\-c COMMAND, \-\-command=COMMAND"
+대화형 쉘� 시작하지 않고 
+.I \-c
+옵션� 쉘� 주어서 한 개� 명령만� 수행하�� 한다.
+.TP
+.I "\-f, \-\-fast"
+쉘�
+.I \-f
+옵션� 전달한다.
+.B csh
+와
+.BR tcsh 
+�만 해당�는 것으로서,
+.I \-f
+옵션� 시작 화�(.cshrc)를 �지 않�� 한다. 본쉘� 경우,
+.I \-f
+옵션� 화� 패턴 확장� 불능으로 설정하는 것으로서 �반�으로 그렇게 하지
+않는다.
+.TP
+.I "\-\-help"
+표준출력으로 사용법� 출력하고 정��으로 종료한다.
+.TP
+.I "\-, \-l, \-\-login"
+쉘� 로그� 쉘로 만든다. 그 �미는 다�과 같다. `TERM', `HOME', `SHELL'
+(위�서 설명) 그리고 `USER', `LOGNAME'(위�서 설명하였듯 수�유저� 할 지��
+설정�다)� 제외하고 나머지 환경 변수를 제거한다. 그리고 `PATH'를 컴파� 기본
+설정값으로 설정한다. USER� 홈 디렉토리로 ��한다. 쉘 �름� "\-" 를 추가하여
+로그� 스�립트 화�들� �� 수 있게 할 수 있다.
+.TP
+.I "\-m, \-p, \-\-preserve\-environment"
+`HOME', `USER', `LOGNAME', `SHELL' 등� 환경변수값� 변경하지 않는다.
+만약 
+.B su
+를 실행하는 사용�가 수�유저�거나 사용�� 쉘� 제한� 쉘� 때는
+\fI/etc/passwd\fR� 기재� USER� 쉘� 아니� `SHELL' 환경변수� 설정� 쉘�
+실행한다.
+제한� 쉘�란 /etc/shells� 등��어 있지 않거나 /etc/shells 화�� 존재하지
+않� 때 내장 컴파�� 목�� 들어있지 않는 경우를 �한다.
+� 옵션� �부는 다�
+.I \-\-login
+ê³¼
+.IR \-\-shell 
+옵션� �해 무시� 수 있다.
+.TP
+.I "\-s, \-\-shell shell"
+.B su
+를 실행하는 사용�가 수�유저가 아니거나 사용�� 쉘� 제한� 쉘� 때는
+\fI/etc/passwd\fR� 등�� USER� 쉘� 수행하지 않고 지정한 쉘� 수행한다.
+.TP
+.I "\-\-version"
+표준출력으로 버전정보를 출력하고 정��으로 종료한다.
diff --git a/man/ko/man5/passwd.5 b/man/ko/man5/passwd.5
new file mode 100644
index 0000000..52d7f0a
--- /dev/null
+++ b/man/ko/man5/passwd.5
@@ -0,0 +1,119 @@
+.\"$Id$
+.\" This is free documentation; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of
+.\" the License, or (at your option) any later version.
+.\"
+.\" The GNU General Public License's references to "object code"
+.\" and "executables" are to be interpreted as the output of any
+.\" document formatting or typesetting system, including
+.\" intermediate and printed output.
+.\"
+.\" This manual is distributed in the hope that it will be useful,
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+.\" GNU General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public
+.\" License along with this manual; if not, write to the Free
+.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111,
+.\" USA.
+.\"
+.\" Modified Sun Jul 25 10:46:28 1993 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Aug 21 18:12:27 1994 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Jun 18 01:53:57 1995 by Andries Brouwer (aeb@cwi.nl)
+.\" Modified Mon Jan  5 20:24:40 MET 1998 by Michael Haardt
+.\"  (michael@cantor.informatik.rwth-aachen.de)
+.\"
+.\" 한국어 번역 : ASPLINUX<man@asp-linux.co.kr>    2000년 7월 29�
+.\"
+.TH PASSWD 5 "January 5, 1998" "" "File formats"
+.SH �름
+passwd \- 패스워드 파� 
+.SH 설명
+.B Passwd
+는 �스트 파�로서, 시스템 계정� 목�� �함하고 있고, 사용� ID, 그룹 
+ID, 홈 디렉토리, 쉘 등� � 계정� 대한 매우 유용한 정보를 제공한다. 
+종종, � 계정� 대한 암호화� 패스워드를 �함한다. 
+Passwd는 �반�� �기 권한� 가져야 하지만, 수� 유저�게만 쓰기 접근�
+가능하다. 
+.PP
+예전�는 �반�� �기 권한으로�한 문제들� 없었다. 모든 사람들�
+암호화� 패스워드를 �� 수 있었지만, 패스워드를 �랙하기�는 하드웨어가
+너무나 �렸고, �우기, 기본�� 가정� 그들� 아주 친숙한 사용�
+공�체� 패스워드들�었다. 
+
+오늘날 많� 사람들� ��우 패스워드� �부 버전� 실행한다.
+ .I /etc/passwd는 암호화�  패스워드 대신 *로 �
+패스워드를 지니고, 암호화� 패스워드들� 수�유저만� �� 수 있는
+.I /etc/shadow� 저장�다. 
+.PP
+��우 패스우드가 사용�는지� �관없�, 많� 시스템 관리�들� 사용�가
+�기 �신� 패스워드를 사용하여 ��할 수 없�� 패스워드 필드내� 
+별표를 사용한다. 
+
+.PP
+만� 새로운 로그�� 만들면, 우선 패스워드 필드� 별표를 놓고, �를
+설정하기 위해 .BR passwd (1)� 사용한다. 
+PP
+� 행마다 하나� 항목� 있고, � 행� 다�� 형�� 지닌다. 
+.sp
+.RS
+계정:패스워드:UID:GID:GECOS:디렉토리:쉘
+.RE
+.sp
+� 필드� 대한 설명� 다�과 같다. 
+.sp
+.RS
+.TP 1.0in
+.I 계정
+시스템�서� 사용� �름. 대문�를 사용해서는 안�다. 
+.TP
+.I 패스워드
+암호화� 사용�� 패스워드 혹� 별표
+.TP
+.I UID
+숫�로 표현�는 사용� id
+.TP
+.I GID
+� 사용�� 대한 주 그룹 ID, 숫�로 표현�
+.TP
+.I GECOS
+� 필드는 선���고, 오� 정보�� 목�으로만 사용�다. 보통, �는
+사용�� 전체 �름� �함한다. GECOS는 �반 전� 통합 운�체제로서, 
+GE� 거대 시스템� Honeywell� �매� GCOS,로 다시 명명�었다. Dennis
+Ritchie는 �하기를, 때때로 우리는 프린터 출력 혹� �괄 처리 작업들�
+GCOS 머신으로 전송하였다. 패스워드 파��서 GCOS 필드는 $IDENTcard� 대한 
+정보를 숨겨�는 장소�다.
+.TP
+.I directory 
+사용�� $HOME 디렉토리
+.TP
+.I shell(쉘)
+로그�시 실행하는 프로그램(만� 비었다면, .BR /bin/sh� 사용한다.)
+만� 존재하지 않는 실행파�로 설정�었다면, 사용�는 .BR login (1)� 통해
+로그� 할 수 없� 것�다.
+
+.RE
+.SH 주�
+여러분� 사용� 그룹� 만들고 싶다면, GID는 �와 ��하여야 하며, 
+\fI/etc/group\fP내� 항목들� 있거나, 그룹� 존재하지 않아야 한다. 
+.PP
+암호화� 패스워드가 별표로 설정� 경우, 사용�는 .BR login (1)로 로그� 할 수 없지만, 
+.BR rlogin (1)� 사용하여 로그�할 수 있� 수� 있다. 존재하는 프로세스들� 실행하고,
+.BR rsh (1)
+혹�
+.BR cron (1)
+혹�
+.BR at (1)
+� 초기화시키거나, 메� 필터를 시작한다. 
+단순히 쉘 필드를 변경시켜서 계정� 잠그는 것� 똑같� 결과를 가져오고, 
+.BR su (1)� 사용� 허용한다..
+.SH 파�
+.I /etc/passwd
+.SH 관련 항목
+.BR passwd (1),
+.BR login (1),
+.BR su (1),
+.BR group (5),
+.BR shadow (5)
diff --git a/man/ko/man8/vigr.8 b/man/ko/man8/vigr.8
new file mode 100644
index 0000000..ff72d7a
--- /dev/null
+++ b/man/ko/man8/vigr.8
@@ -0,0 +1 @@
+.so man8/vipw.8
diff --git a/man/ko/man8/vipw.8 b/man/ko/man8/vipw.8
new file mode 100644
index 0000000..c36f908
--- /dev/null
+++ b/man/ko/man8/vipw.8
@@ -0,0 +1,64 @@
+.\" Copyright (c) 1983, 1991 The Regents of the University of California.
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\"    must display the following acknowledgement:
+.\"	This product includes software developed by the University of
+.\"	California, Berkeley and its contributors.
+.\" 4. Neither the name of the University nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"     from: @(#)vipw.8	6.7 (Berkeley) 3/16/91
+.\"	$Id$
+.\"
+.Dd March 16, 1991
+.Dt VIPW 8
+.Os BSD 4
+.Sh NAME
+.Nm vipw
+.Nd 패스워드 파� 편집
+.Sh 사용법
+.Nm vipw
+.Sh 설명
+.Nm Vipw
+명령� /etc/passwd 파�� 잠그고(lock) 편집하고, 
+편집� �나면, /etc/passwd 파�� 잠금해제(unlock)한다.
+�미 /etc/passwd 파�� 잠겨 있으면, 다�� 사용하�고 
+메시지를 보여준다.
+\fBvipw\fR�서 사용하는 기본 편집기는 \fBvi(1)\fR�다.
+.Sh 환경변수
+\fBvipw\fR는 다� 환경 변수를 사용한다.
+.Bl -tag -width EDITOR
+.It Ev EDITOR
+사용할 편집기 지정. 초기값� vi
+.El
+.Sh 관련 항목
+.Xr passwd 1 ,
+.Xr vi 1 ,
+.Xr passwd 5
+.Sh 발�취
+.Nm
+명령� 
+.Bx 4.0 
+�서 처� 나타났다.
diff --git a/man/lastlog.8.xml b/man/lastlog.8.xml
new file mode 100644
index 0000000..3ee1b3a
--- /dev/null
+++ b/man/lastlog.8.xml
@@ -0,0 +1,224 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1992       , Julianne Frances Haugh
+   Copyright (c) 1992       , Phillip Street
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='lastlog.8'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1992</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>lastlog</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>lastlog</refname>
+    <refpurpose>reports the most recent login of all users or of a given user</refpurpose>
+  </refnamediv>
+  <!-- body begins here -->
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>lastlog</command>
+      <arg choice='opt'>
+	<replaceable>options</replaceable>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      <command>lastlog</command> formats and prints the contents of the last
+      login log <filename>/var/log/lastlog</filename> file. The
+      <emphasis>login-name</emphasis>, <emphasis>port</emphasis>, and
+      <emphasis>last login time</emphasis> will be printed.  The default (no
+      flags) causes lastlog entries to be printed, sorted by their order in
+      <filename>/etc/passwd</filename>.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>lastlog</command> command are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Print only lastlog records older than <emphasis remap='I'>DAYS</emphasis>.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-C</option>, <option>--clear</option>
+	</term>
+	<listitem>
+	  <para>
+	    Clear lastlog record of a user. This option can be used only together
+	    with <option>-u</option> (<option>--user</option>)).
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-h</option>, <option>--help</option>
+	</term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-S</option>, <option>--set</option>
+	</term>
+	<listitem>
+	  <para>
+	    Set lastlog record of a user to the current time. This option can be
+	    used only together with <option>-u</option> (<option>--user</option>)).
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Print the lastlog records more recent than
+	    <emphasis remap='I'>DAYS</emphasis>.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</replaceable>|<replaceable>RANGE</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Print the lastlog record of the specified user(s).
+	  </para>
+	  <para>
+	    The users can be specified by a login name, a numerical user ID,
+	    or a <replaceable>RANGE</replaceable> of users. This
+	    <replaceable>RANGE</replaceable> of users can be specified with a
+	    min and max values (<replaceable>UID_MIN-UID_MAX</replaceable>), a
+	    max value (<replaceable>-UID_MAX</replaceable>), or a min value
+	    (<replaceable>UID_MIN-</replaceable>).
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+
+    <para>
+      If the user has never logged in the message <emphasis>** Never logged
+      in**</emphasis> will be displayed instead of the port and time.
+    </para>
+
+    <para>
+      Only the entries for the current users of the system will be
+      displayed.  Other entries may exist for users that were deleted
+      previously.
+    </para>
+  </refsect1>
+
+  <refsect1 id='note'>
+    <title>NOTE</title>
+    <para>
+      The <filename>lastlog</filename> file is a database which contains info
+      on the last login of each user. You should not rotate it. It is a sparse
+      file, so its size on the disk is usually much smaller than the one shown
+      by "<command>ls -l</command>" (which can indicate a really big file if
+      you have in <filename>passwd</filename> users with a high UID). You can
+      display its real size with "<command>ls -s</command>".
+    </para>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/var/log/lastlog</filename></term>
+	<listitem>
+	  <para>Database times of previous user logins.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='caveats'>
+    <title>CAVEATS</title>
+    <para>
+      Large gaps in UID numbers will cause the lastlog program to run
+      longer with no output to the screen (i.e. if in lastlog database there
+      is no entries for users with UID between 170 and 800 lastlog will appear
+      to hang as it processes entries with UIDs 171-799).
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/limits.5.xml b/man/limits.5.xml
new file mode 100644
index 0000000..1215f13
--- /dev/null
+++ b/man/limits.5.xml
@@ -0,0 +1,219 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1997       , Luca Berra
+   Copyright (c) 2001 - 2007, Tomasz KÅ‚oczko
+   Copyright (c) 2005 - 2006, Yuri Kozlov
+   Copyright (c) 2005 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='limits.5'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Luca</firstname>
+      <surname>Berra</surname>
+      <contrib>Creation, 1997</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>limits</refentrytitle>
+    <manvolnum>5</manvolnum>
+    <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>limits</refname>
+    <refpurpose>resource limits definition</refpurpose>
+  </refnamediv>
+  <!-- body begins here -->
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <emphasis remap='I'>limits</emphasis> file 
+      (<filename>/etc/limits</filename> by default
+      or LIMITS_FILE defined <filename>config.h</filename>) describes 
+      the resource limits you wish to impose. It should be owned by 
+      root and readable by root account only.
+    </para>
+
+    <para>
+      By default no quota is imposed on 'root'. In fact, there is no way to
+      impose limits via this procedure to root-equiv accounts (accounts with
+      UID 0).
+    </para>
+
+    <para>Each line describes a limit for a user in the form:</para>
+
+    <para>
+      <emphasis remap='I'>user LIMITS_STRING</emphasis>
+    </para>
+
+    <para>or in the form:</para>
+
+    <para>
+      <emphasis remap='I'>@group LIMITS_STRING</emphasis>
+    </para>
+
+    <para>
+      The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated
+      list of resource limits. Each limit consists of a letter identifier
+      followed by a numerical limit.
+    </para>
+
+    <para>The valid identifiers are:</para>
+
+    <itemizedlist>
+      <listitem><para>A: max address space (KB)</para></listitem>
+      <listitem><para>C: max core file size (KB)</para></listitem>
+      <listitem><para>D: max data size (KB)</para></listitem>
+      <listitem><para>F: maximum file size (KB)</para></listitem>
+      <listitem><para>K: file creation mask, set by
+	<citerefentry>
+	  <refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum>
+	</citerefentry>.</para>
+      </listitem>
+      <listitem><para>I: max nice value (0..39 which translates to
+      20..-19)</para></listitem>
+      <listitem><para>L: max number of logins for this user</para></listitem>
+      <listitem><para>M: max locked-in-memory address space (KB)</para></listitem>
+      <listitem><para>N: max number of open files</para></listitem>
+      <listitem><para>O: max real time priority</para></listitem>
+      <listitem><para>P: process priority, set by
+	<citerefentry>
+	  <refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum>
+	</citerefentry>.</para>
+      </listitem>
+      <listitem><para>R: max resident set size (KB)</para></listitem>
+      <listitem><para>S: max stack size (KB)</para></listitem>
+      <listitem><para>T: max CPU time (MIN)</para></listitem>
+      <listitem><para>U: max number of processes</para></listitem>
+    </itemizedlist>
+
+    <para>
+      For example, <emphasis remap='I'>L2D2048N5</emphasis> is a valid
+      <emphasis>LIMITS_STRING</emphasis>. For reading convenience, the
+      following entries are equivalent:
+    </para>
+
+    <programlisting>
+      username L2D2048N5
+      username L2 D2048 N5
+    </programlisting>
+
+    <para>
+      Be aware that after <emphasis remap='I'>username</emphasis> the rest
+      of the line is considered a limit string, thus comments are not
+      allowed. An invalid limits string will be rejected (not considered) by
+      the <command>login</command> program.
+    </para>
+
+    <para>
+      The default entry is denoted by username "<emphasis>*</emphasis>". If
+      you have multiple <emphasis remap='I'>default</emphasis> entries in
+      your <emphasis>LIMITS_FILE</emphasis>, then the last one will be used
+      as the default entry.
+    </para>
+
+    <para>
+      The limits specified in the form "<replaceable>@group</replaceable>"
+      apply to the members of the specified
+      <replaceable>group</replaceable>.
+    </para>
+
+    <para>
+      If more than one line with limits for a user exist, only the first line for
+      this user will be considered.
+    </para>
+
+    <para>
+      If no lines are specified for a user, the last
+      <replaceable>@group</replaceable> line matching a group whose the
+      user is a member of will be considered, or the last line with
+      default limits if no groups contain the user.
+    </para>
+
+    <para>
+      To completely disable limits for a user, a single dash
+      "<emphasis>-</emphasis>" will do.
+    </para>
+
+    <para>
+      To disable a limit for a user, a single dash
+      "<replaceable>-</replaceable>" can be used instead of the numerical
+      value for this limit.
+    </para>
+
+    <para>
+      Also, please note that all limit settings are set PER LOGIN. They are
+      not global, nor are they permanent. Perhaps global limits will come,
+      but for now this will have to do ;)
+    </para>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/limits</filename></term>
+	<listitem><para></para></listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/login.1.xml b/man/login.1.xml
new file mode 100644
index 0000000..1bca536
--- /dev/null
+++ b/man/login.1.xml
@@ -0,0 +1,429 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1989 - 1994, Julianne Frances Haugh
+   Copyright (c) 2007 - 2009, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY CONSOLE               SYSTEM "login.defs.d/CONSOLE.xml">
+<!ENTITY CONSOLE_GROUPS        SYSTEM "login.defs.d/CONSOLE_GROUPS.xml">
+<!ENTITY DEFAULT_HOME          SYSTEM "login.defs.d/DEFAULT_HOME.xml">
+<!ENTITY ENV_HZ                SYSTEM "login.defs.d/ENV_HZ.xml">
+<!ENTITY ENV_PATH              SYSTEM "login.defs.d/ENV_PATH.xml">
+<!ENTITY ENV_SUPATH            SYSTEM "login.defs.d/ENV_SUPATH.xml">
+<!ENTITY ENV_TZ                SYSTEM "login.defs.d/ENV_TZ.xml">
+<!ENTITY ENVIRON_FILE          SYSTEM "login.defs.d/ENVIRON_FILE.xml">
+<!ENTITY ERASECHAR             SYSTEM "login.defs.d/ERASECHAR.xml">
+<!ENTITY FAIL_DELAY            SYSTEM "login.defs.d/FAIL_DELAY.xml">
+<!ENTITY FAILLOG_ENAB          SYSTEM "login.defs.d/FAILLOG_ENAB.xml">
+<!ENTITY FAKE_SHELL            SYSTEM "login.defs.d/FAKE_SHELL.xml">
+<!ENTITY FTMP_FILE             SYSTEM "login.defs.d/FTMP_FILE.xml">
+<!ENTITY HUSHLOGIN_FILE        SYSTEM "login.defs.d/HUSHLOGIN_FILE.xml">
+<!ENTITY ISSUE_FILE            SYSTEM "login.defs.d/ISSUE_FILE.xml">
+<!ENTITY KILLCHAR              SYSTEM "login.defs.d/KILLCHAR.xml">
+<!ENTITY LASTLOG_ENAB          SYSTEM "login.defs.d/LASTLOG_ENAB.xml">
+<!ENTITY LOGIN_RETRIES         SYSTEM "login.defs.d/LOGIN_RETRIES.xml">
+<!ENTITY LOGIN_STRING          SYSTEM "login.defs.d/LOGIN_STRING.xml">
+<!ENTITY LOGIN_TIMEOUT         SYSTEM "login.defs.d/LOGIN_TIMEOUT.xml">
+<!ENTITY LOG_OK_LOGINS         SYSTEM "login.defs.d/LOG_OK_LOGINS.xml">
+<!ENTITY LOG_UNKFAIL_ENAB      SYSTEM "login.defs.d/LOG_UNKFAIL_ENAB.xml">
+<!ENTITY MAIL_CHECK_ENAB       SYSTEM "login.defs.d/MAIL_CHECK_ENAB.xml">
+<!ENTITY MAIL_DIR              SYSTEM "login.defs.d/MAIL_DIR.xml">
+<!ENTITY MOTD_FILE             SYSTEM "login.defs.d/MOTD_FILE.xml">
+<!ENTITY NOLOGINS_FILE         SYSTEM "login.defs.d/NOLOGINS_FILE.xml">
+<!ENTITY PORTTIME_CHECKS_ENAB  SYSTEM "login.defs.d/PORTTIME_CHECKS_ENAB.xml">
+<!ENTITY QUOTAS_ENAB           SYSTEM "login.defs.d/QUOTAS_ENAB.xml">
+<!ENTITY TTYGROUP              SYSTEM "login.defs.d/TTYGROUP.xml">
+<!ENTITY TTYTYPE_FILE          SYSTEM "login.defs.d/TTYTYPE_FILE.xml">
+<!ENTITY ULIMIT                SYSTEM "login.defs.d/ULIMIT.xml">
+<!ENTITY UMASK                 SYSTEM "login.defs.d/UMASK.xml">
+<!ENTITY USERGROUPS_ENAB       SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='login.1'>
+  <!--  $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1989</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>login</refentrytitle>
+    <manvolnum>1</manvolnum>
+    <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>login</refname>
+    <refpurpose>begin session on the system</refpurpose>
+  </refnamediv>
+  <!-- body begins here -->
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>login</command>
+      <arg choice='opt'>-p</arg>
+      <arg choice='opt'>-h <replaceable>host</replaceable></arg>
+      <arg choice='opt'>
+      <replaceable>username</replaceable></arg>
+      <arg choice='opt' rep='repeat'> <replaceable>ENV=VAR</replaceable></arg>
+    </cmdsynopsis>
+    <cmdsynopsis>
+      <command>login</command>
+      <arg choice='opt'>-p</arg>
+      <arg choice='opt'>-h <replaceable>host</replaceable></arg>
+      <arg choice='plain'>-f</arg>
+      <arg choice='plain'><replaceable>username</replaceable></arg>
+    </cmdsynopsis>
+    <cmdsynopsis>
+      <command>login</command>
+      <arg choice='opt'>-p</arg>
+      <arg choice='plain'>-r <replaceable>host</replaceable></arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>login</command> program is used to establish a new session
+      with the system. It is normally invoked automatically by responding to
+      the <emphasis remap='I'>login:</emphasis> prompt on the user's
+      terminal. <command>login</command> may be special to the shell and may
+      not be invoked as a sub-process. When called from a shell,
+      <command>login</command> should be executed as
+      <emphasis remap='B'>exec login</emphasis> which will cause the user
+      to exit from the current shell (and thus will prevent the new logged
+      in user to return to the session of the caller). Attempting to
+      execute <command>login</command> from any shell but the login shell
+      will produce an error message.
+    </para>
+
+    <para>
+      The user is then prompted for a password, where appropriate. Echoing
+      is disabled to prevent revealing the password. Only a small number of
+      password failures are permitted before <command>login</command> exits
+      and the communications link is severed.
+    </para>
+
+    <para>
+      If password aging has been enabled for your account, you may be
+      prompted for a new password before proceeding. You will be forced to
+      provide your old password and the new password before continuing. 
+      Please refer to <citerefentry>
+      <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry> for more information.
+    </para>
+
+    <para condition="no_pam">
+      After a successful login, you will be informed of any system messages
+      and the presence of mail. You may turn off the printing of the system
+      message file, <filename>/etc/motd</filename>, by creating a
+      zero-length file <filename>.hushlogin</filename> in your login directory. 
+      The mail message will be one of "<emphasis>You have new
+      mail.</emphasis>", "<emphasis>You have mail.</emphasis>", or
+      "<emphasis>No Mail.</emphasis>" according to the condition of your
+      mailbox.
+    </para>
+
+    <para>
+      Your user and group ID will be set according to their values in the
+      <filename>/etc/passwd</filename> file. The value for
+      <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$PATH</envar>,
+      <envar>$LOGNAME</envar>, and <envar>$MAIL</envar> are set according
+      to the appropriate fields in the password entry. Ulimit, umask and nice
+      values may also be set according to entries in the GECOS field.
+    </para>
+
+    <para>
+      On some installations, the environmental variable
+      <envar>$TERM</envar> will be initialized to the terminal type on
+      your tty line, as specified in <filename>/etc/ttytype</filename>.
+    </para>
+
+    <para>
+      An initialization script for your command interpreter may also be
+      executed. Please see the appropriate manual section for more
+      information on this function.
+    </para>
+
+    <para>
+      A subsystem login is indicated by the presence of a "*" as the first
+      character of the login shell. The given home directory will be used as
+      the root of a new file system which the user is actually logged into.
+    </para>
+
+    <para>
+      The <command>login</command> program is NOT responsible for removing
+      users from the utmp file. It is the responsibility of
+      <citerefentry><refentrytitle>getty</refentrytitle>
+      <manvolnum>8</manvolnum></citerefentry> and
+      <citerefentry><refentrytitle>init</refentrytitle>
+      <manvolnum>8</manvolnum></citerefentry> to clean up apparent ownership
+      of a terminal session. If you use <command>login</command> from the
+      shell prompt without <command>exec</command>, the user you use will
+      continue to appear to be logged in even after you log out of the
+      "subsession".
+    </para>
+
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-f</option>
+	</term>
+	<listitem>
+	  <para>
+	    Do not perform authentication, user is preauthenticated.
+	  </para>
+	  <para>
+	    Note: In that case, <replaceable>username</replaceable> is
+	    mandatory.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-h</option>
+	</term>
+	<listitem>
+	  <para>Name of the remote host for this login.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-p</option>
+	</term>
+	<listitem>
+	  <para>Preserve environment.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-r</option>
+	</term>
+	<listitem>
+	  <para>Perform autologin protocol for rlogin.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+
+    <para>
+      The <option>-r</option>, <option>-h</option> and <option>-f</option>
+      options are only used when <command>login</command> is invoked by
+      root.
+    </para>
+  </refsect1>
+
+  <refsect1 id='caveats'>
+    <title>CAVEATS</title>
+    <para>
+      This version of <command>login</command> has many compilation options,
+      only some of which may be in use at any particular site.
+    </para>
+
+    <para>The location of files is subject to differences in system
+      configuration.
+    </para>
+
+    <para>
+      The <command>login</command> program is NOT responsible for removing
+      users from the utmp file. It is the responsibility of <citerefentry>
+      <refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry> and <citerefentry>
+      <refentrytitle>init</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry> to clean up apparent ownership of a terminal session. 
+      If you use <command>login</command> from the shell prompt without
+      <command>exec</command>, the user you use will continue to appear to
+      be logged in even after you log out of the "subsession".
+    </para>
+
+    <para>
+      As with any program, <command>login</command>'s appearance can be faked. 
+      If non-trusted users have physical access to a machine, an
+      attacker could use this to obtain the password of the next person
+      coming to sit in front of the machine. Under Linux, the SAK mechanism can be
+      used by users to initiate a trusted path and prevent this kind of
+      attack.
+    </para>
+
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &CONSOLE;
+      &CONSOLE_GROUPS;
+      &DEFAULT_HOME;
+      <phrase condition="no_pam">&ENV_HZ;</phrase>
+      <phrase>&ENV_PATH;</phrase>
+      <phrase>&ENV_SUPATH;</phrase>
+      &ENV_TZ;
+      &ENVIRON_FILE;
+      &ERASECHAR;
+      &FAIL_DELAY;
+      &FAILLOG_ENAB;
+      &FAKE_SHELL;
+      &FTMP_FILE;
+      &HUSHLOGIN_FILE;
+      &ISSUE_FILE;
+      &KILLCHAR;
+      &LASTLOG_ENAB;
+      &LOGIN_RETRIES;
+      &LOGIN_STRING;
+      &LOGIN_TIMEOUT;
+      &LOG_OK_LOGINS;
+      &LOG_UNKFAIL_ENAB;
+      &MAIL_CHECK_ENAB;
+      <phrase condition="no_pam">&MAIL_DIR;</phrase>
+      &MOTD_FILE;
+      &NOLOGINS_FILE;
+      &PORTTIME_CHECKS_ENAB;
+      &QUOTAS_ENAB;
+      &TTYGROUP; <!-- documents also TTYPERM -->
+      &TTYTYPE_FILE;
+      &ULIMIT;
+      <phrase condition="no_pam">&UMASK;</phrase>
+      &USERGROUPS_ENAB;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/var/run/utmp</filename></term>
+	<listitem>
+	  <para>List of current login sessions.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/var/log/wtmp</filename></term>
+	<listitem>
+	  <para>List of previous login sessions.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/motd</filename></term>
+	<listitem>
+	  <para>System message of the day file.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/nologin</filename></term>
+	<listitem>
+	  <para>Prevent non-root users from logging in.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/ttytype</filename></term>
+	<listitem>
+	  <para>List of terminal types.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>$HOME/.hushlogin</filename></term>
+	<listitem>
+	  <para>Suppress printing of system messages.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/login.defs</filename></term>
+	<listitem>
+	  <para>Shadow password suite configuration.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>securetty</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/login.access.5.xml b/man/login.access.5.xml
new file mode 100644
index 0000000..bb3e77c
--- /dev/null
+++ b/man/login.access.5.xml
@@ -0,0 +1,140 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1996 - 2000, Marek Michałkiewicz
+   Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='login.access.5'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Marek</firstname>
+      <surname>Michałkiewicz</surname>
+      <contrib>Creation, 1996</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>login.access</refentrytitle>
+    <manvolnum>5</manvolnum>
+    <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>login.access</refname>
+    <refpurpose>login access control table</refpurpose>
+  </refnamediv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <emphasis remap='I'>login.access</emphasis> file specifies (user,
+      host) combinations and/or (user, tty) combinations for which a login
+      will be either accepted or refused.
+    </para>
+
+    <para>
+      When someone logs in, the <emphasis remap='I'>login.access</emphasis>
+      is scanned for the first entry that matches the (user, host)
+      combination, or, in case of non-networked logins, the first entry that
+      matches the (user, tty) combination. The permissions field of that
+      table entry determines whether the login will be accepted or refused.
+    </para>
+
+    <para>
+      Each line of the login access control table has three fields separated
+      by a ":" character:
+    </para>
+
+    <para>
+      <emphasis remap='I'>permission</emphasis>:<emphasis remap='I'>users</emphasis>:<emphasis remap='I'>origins</emphasis>
+    </para>
+
+    <para>
+      The first field should be a "<emphasis>+</emphasis>" (access granted)
+      or "<emphasis>-</emphasis>" (access denied) character. The second
+      field should be a list of one or more login names, group names, or
+      <emphasis>ALL</emphasis> (always matches). The third field should be a
+      list of one or more tty names (for non-networked logins), host names,
+      domain names (begin with "<literal>.</literal>"), host addresses,
+      internet network numbers (end with "<literal>.</literal>"),
+      <emphasis>ALL</emphasis> (always matches) or
+      <emphasis>LOCAL</emphasis> (matches any string that does not contain a
+      "<literal>.</literal>" character). If you run NIS you can use
+      @netgroupname in host or user patterns.
+    </para>
+
+    <para>
+      The <emphasis>EXCEPT</emphasis> operator makes it possible to write
+      very compact rules.
+    </para>
+
+    <para>
+      The group file is searched only when a name does not match that of the
+      logged-in user. Only groups are matched in which users are explicitly
+      listed: the program does not look at a user's primary group id value.
+    </para>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/login.defs</filename></term>
+	<listitem>
+	  <para>Shadow password suite configuration.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/login.defs.5.xml b/man/login.defs.5.xml
new file mode 100644
index 0000000..98d37fd
--- /dev/null
+++ b/man/login.defs.5.xml
@@ -0,0 +1,556 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2009, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN" 
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY CHFN_AUTH             SYSTEM "login.defs.d/CHFN_AUTH.xml">
+<!ENTITY CHFN_RESTRICT         SYSTEM "login.defs.d/CHFN_RESTRICT.xml">
+<!ENTITY CHSH_AUTH             SYSTEM "login.defs.d/CHSH_AUTH.xml">
+<!ENTITY CONSOLE               SYSTEM "login.defs.d/CONSOLE.xml">
+<!ENTITY CONSOLE_GROUPS        SYSTEM "login.defs.d/CONSOLE_GROUPS.xml">
+<!ENTITY CREATE_HOME           SYSTEM "login.defs.d/CREATE_HOME.xml">
+<!ENTITY DEFAULT_HOME          SYSTEM "login.defs.d/DEFAULT_HOME.xml">
+<!ENTITY ENCRYPT_METHOD        SYSTEM "login.defs.d/ENCRYPT_METHOD.xml">
+<!ENTITY ENV_HZ                SYSTEM "login.defs.d/ENV_HZ.xml">
+<!ENTITY ENV_PATH              SYSTEM "login.defs.d/ENV_PATH.xml">
+<!ENTITY ENV_SUPATH            SYSTEM "login.defs.d/ENV_SUPATH.xml">
+<!ENTITY ENV_TZ                SYSTEM "login.defs.d/ENV_TZ.xml">
+<!ENTITY ENVIRON_FILE          SYSTEM "login.defs.d/ENVIRON_FILE.xml">
+<!ENTITY ERASECHAR             SYSTEM "login.defs.d/ERASECHAR.xml">
+<!ENTITY FAIL_DELAY            SYSTEM "login.defs.d/FAIL_DELAY.xml">
+<!ENTITY FAILLOG_ENAB          SYSTEM "login.defs.d/FAILLOG_ENAB.xml">
+<!ENTITY FAKE_SHELL            SYSTEM "login.defs.d/FAKE_SHELL.xml">
+<!ENTITY FTMP_FILE             SYSTEM "login.defs.d/FTMP_FILE.xml">
+<!ENTITY GID_MAX               SYSTEM "login.defs.d/GID_MAX.xml">
+<!ENTITY HUSHLOGIN_FILE        SYSTEM "login.defs.d/HUSHLOGIN_FILE.xml">
+<!ENTITY ISSUE_FILE            SYSTEM "login.defs.d/ISSUE_FILE.xml">
+<!ENTITY KILLCHAR              SYSTEM "login.defs.d/KILLCHAR.xml">
+<!ENTITY LASTLOG_ENAB          SYSTEM "login.defs.d/LASTLOG_ENAB.xml">
+<!ENTITY LOG_OK_LOGINS         SYSTEM "login.defs.d/LOG_OK_LOGINS.xml">
+<!ENTITY LOG_UNKFAIL_ENAB      SYSTEM "login.defs.d/LOG_UNKFAIL_ENAB.xml">
+<!ENTITY LOGIN_RETRIES         SYSTEM "login.defs.d/LOGIN_RETRIES.xml">
+<!ENTITY LOGIN_STRING          SYSTEM "login.defs.d/LOGIN_STRING.xml">
+<!ENTITY LOGIN_TIMEOUT         SYSTEM "login.defs.d/LOGIN_TIMEOUT.xml">
+<!ENTITY MAIL_CHECK_ENAB       SYSTEM "login.defs.d/MAIL_CHECK_ENAB.xml">
+<!ENTITY MAIL_DIR              SYSTEM "login.defs.d/MAIL_DIR.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY MD5_CRYPT_ENAB        SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
+<!ENTITY MOTD_FILE             SYSTEM "login.defs.d/MOTD_FILE.xml">
+<!ENTITY NOLOGINS_FILE         SYSTEM "login.defs.d/NOLOGINS_FILE.xml">
+<!ENTITY OBSCURE_CHECKS_ENAB   SYSTEM "login.defs.d/OBSCURE_CHECKS_ENAB.xml">
+<!ENTITY PASS_ALWAYS_WARN      SYSTEM "login.defs.d/PASS_ALWAYS_WARN.xml">
+<!ENTITY PASS_CHANGE_TRIES     SYSTEM "login.defs.d/PASS_CHANGE_TRIES.xml">
+<!ENTITY PASS_MAX_LEN          SYSTEM "login.defs.d/PASS_MAX_LEN.xml">
+<!ENTITY PASS_MAX_DAYS         SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
+<!ENTITY PASS_MIN_DAYS         SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
+<!ENTITY PASS_WARN_AGE         SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
+<!ENTITY PORTTIME_CHECKS_ENAB  SYSTEM "login.defs.d/PORTTIME_CHECKS_ENAB.xml">
+<!ENTITY QUOTAS_ENAB           SYSTEM "login.defs.d/QUOTAS_ENAB.xml">
+<!ENTITY SHA_CRYPT_MIN_ROUNDS  SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
+<!ENTITY SULOG_FILE            SYSTEM "login.defs.d/SULOG_FILE.xml">
+<!ENTITY SU_NAME               SYSTEM "login.defs.d/SU_NAME.xml">
+<!ENTITY SU_WHEEL_ONLY         SYSTEM "login.defs.d/SU_WHEEL_ONLY.xml">
+<!ENTITY SUB_GID_COUNT         SYSTEM "login.defs.d/SUB_GID_COUNT.xml">
+<!ENTITY SUB_UID_COUNT         SYSTEM "login.defs.d/SUB_UID_COUNT.xml">
+<!ENTITY SYS_GID_MAX           SYSTEM "login.defs.d/SYS_GID_MAX.xml">
+<!ENTITY SYSLOG_SG_ENAB        SYSTEM "login.defs.d/SYSLOG_SG_ENAB.xml">
+<!ENTITY SYSLOG_SU_ENAB        SYSTEM "login.defs.d/SYSLOG_SU_ENAB.xml">
+<!ENTITY SYS_UID_MAX           SYSTEM "login.defs.d/SYS_UID_MAX.xml">
+<!ENTITY TCB_AUTH_GROUP        SYSTEM "login.defs.d/TCB_AUTH_GROUP.xml">
+<!ENTITY TCB_SYMLINKS          SYSTEM "login.defs.d/TCB_SYMLINKS.xml">
+<!ENTITY TTYGROUP              SYSTEM "login.defs.d/TTYGROUP.xml">
+<!ENTITY TTYTYPE_FILE          SYSTEM "login.defs.d/TTYTYPE_FILE.xml">
+<!ENTITY UID_MAX               SYSTEM "login.defs.d/UID_MAX.xml">
+<!ENTITY ULIMIT                SYSTEM "login.defs.d/ULIMIT.xml">
+<!ENTITY UMASK                 SYSTEM "login.defs.d/UMASK.xml">
+<!ENTITY USERDEL_CMD           SYSTEM "login.defs.d/USERDEL_CMD.xml">
+<!ENTITY USERGROUPS_ENAB       SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
+<!ENTITY USE_TCB               SYSTEM "login.defs.d/USE_TCB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='login.defs.5'>
+  <!--  $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1991</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>login.defs</refentrytitle>
+    <manvolnum>5</manvolnum>
+    <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>login.defs</refname>
+    <refpurpose>shadow password suite configuration</refpurpose>
+  </refnamediv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <filename>/etc/login.defs</filename> file defines the
+      site-specific configuration for the shadow password suite. This file
+      is required. Absence of this file will not prevent system operation,
+      but will probably result in undesirable operation.
+    </para>
+
+    <para>
+      This file is a readable text file, each line of the file describing
+      one configuration parameter. The lines consist of a configuration name
+      and value, separated by whitespace. Blank lines and comment lines are
+      ignored. Comments are introduced with a "#" pound sign and the pound
+      sign must be the first non-white character of the line.
+    </para>
+
+    <para>
+      Parameter values may be of four types: strings, booleans, numbers, and
+      long numbers. A string is comprised of any printable characters. A
+      boolean should be either the value <replaceable>yes</replaceable> or
+      <replaceable>no</replaceable>. An undefined boolean
+      parameter or one with a value other than these will be given a
+      <replaceable>no</replaceable>
+      value. Numbers (both regular and long) may be either decimal values,
+      octal values (precede the value with <replaceable>0</replaceable>) or
+      hexadecimal values
+      (precede the value with <replaceable>0x</replaceable>).
+      The maximum value of the regular and
+      long numeric parameters is machine-dependent.
+    </para>
+
+    <para>The following configuration items are provided:</para>
+
+    <variablelist remap='IP'>
+      &CHFN_AUTH;
+      &CHFN_RESTRICT;
+      &CHSH_AUTH;
+      &CONSOLE;
+      &CONSOLE_GROUPS;
+      &CREATE_HOME;
+      &DEFAULT_HOME;
+      &ENCRYPT_METHOD;
+      &ENV_HZ;
+      &ENV_PATH;
+      &ENV_SUPATH;
+      &ENV_TZ;
+      &ENVIRON_FILE;
+      &ERASECHAR;
+      &FAIL_DELAY;
+      &FAILLOG_ENAB;
+      &FAKE_SHELL;
+      &FTMP_FILE;
+      &GID_MAX; <!-- documents also GID_MIN -->
+      &HUSHLOGIN_FILE;
+      &ISSUE_FILE;
+      &KILLCHAR;
+      &LASTLOG_ENAB;
+      &LOG_OK_LOGINS;
+      &LOG_UNKFAIL_ENAB;
+      &LOGIN_RETRIES;
+      &LOGIN_STRING;
+      &LOGIN_TIMEOUT;
+      &MAIL_CHECK_ENAB;
+      &MAIL_DIR;
+      &MAX_MEMBERS_PER_GROUP;
+      &MD5_CRYPT_ENAB;
+      &MOTD_FILE;
+      &NOLOGINS_FILE;
+      &OBSCURE_CHECKS_ENAB;
+      &PASS_ALWAYS_WARN;
+      &PASS_CHANGE_TRIES;
+      &PASS_MAX_DAYS;
+      &PASS_MIN_DAYS;
+      &PASS_WARN_AGE;
+      <para> 
+        <option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and
+        <option>PASS_WARN_AGE</option> are only used at the
+        time of account creation. Any changes to these settings won't affect
+        existing accounts.
+      </para>
+      &PASS_MAX_LEN; <!-- documents also PASS_MIN_LEN -->
+      &PORTTIME_CHECKS_ENAB;
+      &QUOTAS_ENAB;
+      &SHA_CRYPT_MIN_ROUNDS; <!-- documents also SHA_CRYPT_MAX_ROUNDS -->
+      &SULOG_FILE;
+      &SU_NAME;
+      &SU_WHEEL_ONLY;
+      &SUB_GID_COUNT; <!-- documents also SUB_GID_MIN SUB_GID_MAX -->
+      &SUB_UID_COUNT; <!-- documents also SUB_UID_MIN SUB_UID_MAX -->
+      &SYS_GID_MAX; <!-- documents also SYS_GID_MIN -->
+      &SYS_UID_MAX; <!-- documents also SYS_UID_MIN -->
+      &SYSLOG_SG_ENAB;
+      &SYSLOG_SU_ENAB;
+      &TCB_AUTH_GROUP;
+      &TCB_SYMLINKS;
+      &TTYGROUP;
+      &TTYTYPE_FILE;
+      &UID_MAX; <!-- documents also UID_MIN -->
+      &ULIMIT;
+      &UMASK;
+      &USERDEL_CMD;
+      &USERGROUPS_ENAB;
+      &USE_TCB;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='cross_references'>
+    <title>CROSS REFERENCES</title>
+    <para>
+      The following cross references show which programs in the shadow
+      password suite use which parameters.
+    </para>
+    <!-- .na -->
+    <variablelist remap='IP'>
+      <varlistentry condition="tcb">
+	<term>chage</term>
+	<listitem>
+	  <para>USE_TCB</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>chfn</term>
+	<listitem>
+	  <para>
+	    <phrase condition="no_pam">CHFN_AUTH</phrase>
+	    CHFN_RESTRICT
+	    <phrase condition="no_pam">LOGIN_STRING</phrase>
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>chgpasswd</term>
+	<listitem>
+	  <para>
+	    ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
+	    <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
+	    SHA_CRYPT_MIN_ROUNDS</phrase>
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>chpasswd</term>
+	<listitem>
+	  <para>
+	    <phrase condition="no_pam">ENCRYPT_METHOD
+	    MD5_CRYPT_ENAB </phrase>
+	    <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
+	    SHA_CRYPT_MIN_ROUNDS</phrase>
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="no_pam">
+	<term>chsh</term>
+	<listitem>
+	  <para>
+	    CHSH_AUTH LOGIN_STRING
+	  </para>
+	</listitem>
+      </varlistentry>
+      <!-- expiry: no variables (CONSOLE_GROUPS linked, but not used) -->
+      <!-- faillog: no variables -->
+      <varlistentry>
+	<term>gpasswd</term>
+	<listitem>
+	  <para>
+	    ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
+	    <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
+	    SHA_CRYPT_MIN_ROUNDS</phrase>
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>groupadd</term>
+	<listitem>
+	  <para>
+	    GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP
+	    SYS_GID_MAX SYS_GID_MIN
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>groupdel</term>
+	<listitem>
+	  <para>MAX_MEMBERS_PER_GROUP</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>groupmems</term>
+	<listitem>
+	  <para>MAX_MEMBERS_PER_GROUP</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>groupmod</term>
+	<listitem>
+	  <para>MAX_MEMBERS_PER_GROUP</para>
+	</listitem>
+      </varlistentry>
+      <!-- groups: no variables -->
+      <varlistentry>
+	<term>grpck</term>
+	<listitem>
+	  <para>MAX_MEMBERS_PER_GROUP</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>grpconv</term>
+	<listitem>
+	  <para>MAX_MEMBERS_PER_GROUP</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>grpunconv</term>
+	<listitem>
+	  <para>MAX_MEMBERS_PER_GROUP</para>
+	</listitem>
+      </varlistentry>
+      <!-- id: no variables -->
+      <!-- lastlog: no variables -->
+      <varlistentry>
+	<term>login</term>
+	<listitem>
+	  <para>
+	    <phrase condition="no_pam">CONSOLE</phrase>
+	    CONSOLE_GROUPS DEFAULT_HOME
+	    <phrase condition="no_pam">ENV_HZ ENV_PATH ENV_SUPATH
+	    ENV_TZ ENVIRON_FILE</phrase>
+	    ERASECHAR FAIL_DELAY
+	    <phrase condition="no_pam">FAILLOG_ENAB</phrase>
+	    FAKE_SHELL
+	    <phrase condition="no_pam">FTMP_FILE</phrase>
+	    HUSHLOGIN_FILE
+	    <phrase condition="no_pam">ISSUE_FILE</phrase>
+	    KILLCHAR
+	    <phrase condition="no_pam">LASTLOG_ENAB</phrase>
+	    LOGIN_RETRIES
+	    <phrase condition="no_pam">LOGIN_STRING</phrase>
+	    LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB
+	    <phrase condition="no_pam">MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE
+	    MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB
+	    QUOTAS_ENAB</phrase>
+	    TTYGROUP TTYPERM TTYTYPE_FILE
+	    <phrase condition="no_pam">ULIMIT UMASK</phrase>
+	    USERGROUPS_ENAB
+	  </para>
+	</listitem>
+      </varlistentry>
+      <!-- logoutd: no variables -->
+      <varlistentry>
+	<term>newgrp / sg</term>
+	<listitem>
+	  <para>
+	    SYSLOG_SG_ENAB
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>newusers</term>
+	<listitem>
+	  <para>
+	    ENCRYPT_METHOD
+	    GID_MAX GID_MIN
+	    MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
+	    PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
+	    <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
+	    SHA_CRYPT_MIN_ROUNDS</phrase>
+	    SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN
+	    SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN
+	    SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN
+	    UMASK
+	  </para>
+	</listitem>
+      </varlistentry>
+      <!-- nologin: no variables -->
+      <varlistentry condition="no_pam">
+	<term>passwd</term>
+	<listitem>
+	  <para>
+	    ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB
+	    PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN
+	    <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
+	    SHA_CRYPT_MIN_ROUNDS</phrase>
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>pwck</term>
+	<listitem>
+	  <para>
+	    PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
+	    <phrase condition="tcb">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>pwconv</term>
+	<listitem>
+	  <para>
+	    PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
+	    <phrase condition="tcb">USE_TCB</phrase>
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="tcb">
+	<term>pwunconv</term>
+	<listitem>
+	  <para>
+	    <phrase condition="tcb">USE_TCB</phrase>
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>su</term>
+	<listitem>
+	  <para>
+	    <phrase condition="no_pam">CONSOLE</phrase>
+	    CONSOLE_GROUPS DEFAULT_HOME
+	    <phrase condition="no_pam">ENV_HZ ENVIRON_FILE</phrase>
+	    ENV_PATH ENV_SUPATH
+	    <phrase condition="no_pam">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB
+	    MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase>
+	    SULOG_FILE SU_NAME
+	    <phrase condition="no_pam">SU_WHEEL_ONLY</phrase>
+	    SYSLOG_SU_ENAB
+	    <phrase condition="no_pam">USERGROUPS_ENAB</phrase>
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>sulogin</term>
+	<listitem>
+	  <para>
+	    ENV_HZ
+	    <phrase condition="no_pam">ENV_TZ</phrase>
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>useradd</term>
+	<listitem>
+	  <para>
+	    CREATE_HOME
+	    GID_MAX GID_MIN
+	    MAIL_DIR MAX_MEMBERS_PER_GROUP
+	    PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
+	    SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN
+	    SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN
+	    SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN
+	    UMASK
+	    <phrase condition="tcb">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>userdel</term>
+	<listitem>
+	  <para>
+	    MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD
+	    USERGROUPS_ENAB
+	    <phrase condition="tcb">TCB_SYMLINKS USE_TCB</phrase>
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>usermod</term>
+	<listitem>
+	  <para>
+	    MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP
+	    <phrase condition="tcb">TCB_SYMLINKS USE_TCB</phrase>
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="tcb">
+	<term>vipw</term>
+	<listitem>
+	  <para>
+	    <phrase condition="tcb">USE_TCB</phrase>
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='bugs' condition="pam">
+    <title>BUGS</title>
+    <para>
+      Much of the functionality that used to be provided by the shadow
+      password suite is now handled by PAM. Thus,
+      <filename>/etc/login.defs</filename> is no longer used by <citerefentry>
+      <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>, or less used by <citerefentry>
+      <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>, and <citerefentry>
+      <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>. Please refer to the corresponding PAM configuration
+      files instead.
+    </para>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/login.defs.d/CHFN_AUTH.xml b/man/login.defs.d/CHFN_AUTH.xml
new file mode 100644
index 0000000..941e5f9
--- /dev/null
+++ b/man/login.defs.d/CHFN_AUTH.xml
@@ -0,0 +1,40 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>CHFN_AUTH</option> (boolean)</term>
+  <listitem>
+    <para>
+      If <replaceable>yes</replaceable>, the <command>chfn</command>
+      program will require authentication before making any changes,
+      unless run by the superuser.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/CHFN_RESTRICT.xml b/man/login.defs.d/CHFN_RESTRICT.xml
new file mode 100644
index 0000000..ecc21b7
--- /dev/null
+++ b/man/login.defs.d/CHFN_RESTRICT.xml
@@ -0,0 +1,51 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>CHFN_RESTRICT</option> (string)</term>
+  <listitem>
+    <para>
+      This parameter specifies which values in the <emphasis
+      remap='I'>gecos</emphasis> field of the
+      <filename>/etc/passwd</filename> file may be changed by regular
+      users using the <command>chfn</command> program. It can be any
+      combination of letters <replaceable>f</replaceable>,
+      <replaceable>r</replaceable>, <replaceable>w</replaceable>,
+      <replaceable>h</replaceable>, for Full name, Room number, Work
+      phone, and Home phone, respectively. For backward compatibility,
+      <replaceable>yes</replaceable> is equivalent to
+      <replaceable>rwh</replaceable> and <replaceable>no</replaceable> is
+      equivalent to <replaceable>frwh</replaceable>. If not specified,
+      only the superuser can make any changes. The most restrictive
+      setting is better achieved by not installing <command>chfn</command>
+      SUID.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/CHSH_AUTH.xml b/man/login.defs.d/CHSH_AUTH.xml
new file mode 100644
index 0000000..0d7139f
--- /dev/null
+++ b/man/login.defs.d/CHSH_AUTH.xml
@@ -0,0 +1,40 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>CHSH_AUTH</option> (boolean)</term>
+  <listitem>
+    <para>
+      If <replaceable>yes</replaceable>, the <command>chsh</command>
+      program will require authentication before making any changes,
+      unless run by the superuser.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/CONSOLE.xml b/man/login.defs.d/CONSOLE.xml
new file mode 100644
index 0000000..a5f6932
--- /dev/null
+++ b/man/login.defs.d/CONSOLE.xml
@@ -0,0 +1,46 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>CONSOLE</option> (string)</term>
+  <listitem>
+    <para>
+      If defined, either full pathname of a file containing device names
+      (one per line) or a ":" delimited list of device names.  Root logins will be
+      allowed only upon these devices.
+    </para>
+    <para>
+      If not defined, root will be allowed on any device.
+    </para>
+    <para>
+      The device should be specified without the /dev/ prefix.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/CONSOLE_GROUPS.xml b/man/login.defs.d/CONSOLE_GROUPS.xml
new file mode 100644
index 0000000..f464153
--- /dev/null
+++ b/man/login.defs.d/CONSOLE_GROUPS.xml
@@ -0,0 +1,44 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>CONSOLE_GROUPS</option> (string)</term>
+  <listitem>
+    <para>
+      List of groups to add to the user's supplementary groups set when
+      logging in on the console (as determined by the CONSOLE setting).
+      Default is none.
+    <para>
+    </para>
+      Use with caution - it is possible for users to gain permanent access
+      to these groups, even when not logged in on the console.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/CREATE_HOME.xml b/man/login.defs.d/CREATE_HOME.xml
new file mode 100644
index 0000000..fe40477
--- /dev/null
+++ b/man/login.defs.d/CREATE_HOME.xml
@@ -0,0 +1,41 @@
+<!--
+   Copyright (c) 2009       , Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>CREATE_HOME</option> (boolean)</term>
+  <listitem>
+    <para>
+      Indicate if a home directory should be created by default for new
+      users.
+    </para>
+    <para>
+      This setting does not apply to system users, and can be overridden on
+      the command line.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/DEFAULT_HOME.xml b/man/login.defs.d/DEFAULT_HOME.xml
new file mode 100644
index 0000000..bb9982b
--- /dev/null
+++ b/man/login.defs.d/DEFAULT_HOME.xml
@@ -0,0 +1,44 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>DEFAULT_HOME</option> (boolean)</term>
+  <listitem>
+    <para>
+      Indicate if login is allowed if we can't cd to the home directory.
+      Default is no.
+    </para>
+    <para>
+      If set to <replaceable>yes</replaceable>, the user will login in
+      the root (<filename>/</filename>) directory if it is not possible to
+      cd to her home directory.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ENCRYPT_METHOD.xml b/man/login.defs.d/ENCRYPT_METHOD.xml
new file mode 100644
index 0000000..325d025
--- /dev/null
+++ b/man/login.defs.d/ENCRYPT_METHOD.xml
@@ -0,0 +1,54 @@
+<!--
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>ENCRYPT_METHOD</option> (string)</term>
+  <listitem>
+    <para>
+      This defines the system default encryption algorithm for encrypting
+      passwords (if no algorithm are specified on the command line).
+    </para>
+    <para>
+      It can take one of these values:
+      <replaceable>DES</replaceable> (default),
+      <replaceable>MD5</replaceable><phrase condition="sha_crypt">,
+      <replaceable>SHA256</replaceable>,
+      <replaceable>SHA512</replaceable></phrase>.
+    </para>
+    <para>
+      Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option>
+      variable.
+    </para>
+    <para condition="pam">
+      Note: This only affect the generation of group passwords.
+      The generation of user passwords is done by PAM and subject to the
+      PAM configuration. It is recommended to set this variable
+      consistently with the PAM configuration.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ENVIRON_FILE.xml b/man/login.defs.d/ENVIRON_FILE.xml
new file mode 100644
index 0000000..ee85d8c
--- /dev/null
+++ b/man/login.defs.d/ENVIRON_FILE.xml
@@ -0,0 +1,42 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2009, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>ENVIRON_FILE</option> (string)</term>
+  <listitem>
+    <para>
+      If this file exists and is readable, login environment will be
+      read from it.  Every line should be in the form name=value.
+    </para>
+    <para>
+      Lines starting with a # are treated as comment lines and ignored.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ENV_HZ.xml b/man/login.defs.d/ENV_HZ.xml
new file mode 100644
index 0000000..9bbc255
--- /dev/null
+++ b/man/login.defs.d/ENV_HZ.xml
@@ -0,0 +1,47 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <!-- XXX: When compiled with PAM support, only sulogin uses ENV_HZ -->
+  <term><option>ENV_HZ</option> (string)</term>
+  <listitem>
+    <para>
+      If set, it will be used to define the HZ environment variable when
+      a user login. The value must be preceded by
+      <replaceable>HZ=</replaceable>. A common value on Linux is
+      <replaceable>HZ=100</replaceable>.
+    </para>
+    <para condition="pam">
+      The <envar>HZ</envar> environment variable is only set when the user
+      (the superuser) logs in with <command>sulogin</command>.
+    </para>
+    <!-- TODO: it can in fact be used to set any other variable-->
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ENV_PATH.xml b/man/login.defs.d/ENV_PATH.xml
new file mode 100644
index 0000000..a3852fa
--- /dev/null
+++ b/man/login.defs.d/ENV_PATH.xml
@@ -0,0 +1,43 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>ENV_PATH</option> (string)</term>
+  <listitem>
+    <para>
+      If set, it will be used to define the PATH environment variable when
+      a regular user login. The value is a colon separated list of paths
+      (for example <replaceable>/bin:/usr/bin</replaceable>) and can be
+      preceded by <replaceable>PATH=</replaceable>. The default value is
+      <replaceable>PATH=/bin:/usr/bin</replaceable>.
+    </para>
+    <!-- TODO: it can in fact be used to set any other variable-->
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ENV_SUPATH.xml b/man/login.defs.d/ENV_SUPATH.xml
new file mode 100644
index 0000000..bbd07f8
--- /dev/null
+++ b/man/login.defs.d/ENV_SUPATH.xml
@@ -0,0 +1,44 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2009, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>ENV_SUPATH</option> (string)</term>
+  <listitem>
+    <para>
+      If set, it will be used to define the PATH environment variable when
+      the superuser login. The value is a colon separated list of paths 
+      (for example
+      <replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be
+      preceded by <replaceable>PATH=</replaceable>. The default value is
+      <replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>.
+    </para>
+    <!-- TODO: it can in fact be used to set any other variable-->
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ENV_TZ.xml b/man/login.defs.d/ENV_TZ.xml
new file mode 100644
index 0000000..90c8bca
--- /dev/null
+++ b/man/login.defs.d/ENV_TZ.xml
@@ -0,0 +1,48 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>ENV_TZ</option> (string)</term>
+  <listitem>
+    <para>
+      If set, it will be used to define the TZ environment variable when
+      a user login. The value can be the name of a timezone preceded by
+      <replaceable>TZ=</replaceable> (for example
+      <replaceable>TZ=CST6CDT</replaceable>), or the full path to the file
+      containing the timezone specification (for example
+      <filename>/etc/tzname</filename>).
+    </para>
+    <!-- TODO: it can in fact be used to set any other variable-->
+    <para>
+      If a full path is specified but the file does not exist or cannot be
+      read, the default is to use <replaceable>TZ=CST6CDT</replaceable>.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ERASECHAR.xml b/man/login.defs.d/ERASECHAR.xml
new file mode 100644
index 0000000..fad4d72
--- /dev/null
+++ b/man/login.defs.d/ERASECHAR.xml
@@ -0,0 +1,43 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>ERASECHAR</option> (number)</term>
+  <listitem>
+    <para>
+      Terminal ERASE character (<replaceable>010</replaceable> =
+      backspace, <replaceable>0177</replaceable> = DEL).
+    </para>
+    <para>
+      The value can be prefixed "0" for an octal value, or "0x" for an
+      hexadecimal value.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/FAILLOG_ENAB.xml b/man/login.defs.d/FAILLOG_ENAB.xml
new file mode 100644
index 0000000..5a52557
--- /dev/null
+++ b/man/login.defs.d/FAILLOG_ENAB.xml
@@ -0,0 +1,39 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>FAILLOG_ENAB</option> (boolean)</term>
+  <listitem>
+    <para>
+      Enable logging and display of <filename>/var/log/faillog</filename>
+      login failure info.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/FAIL_DELAY.xml b/man/login.defs.d/FAIL_DELAY.xml
new file mode 100644
index 0000000..060ca0a
--- /dev/null
+++ b/man/login.defs.d/FAIL_DELAY.xml
@@ -0,0 +1,39 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>FAIL_DELAY</option> (number)</term>
+  <listitem>
+    <para>
+      Delay in seconds before being allowed another attempt after a login
+      failure.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/FAKE_SHELL.xml b/man/login.defs.d/FAKE_SHELL.xml
new file mode 100644
index 0000000..967acaa
--- /dev/null
+++ b/man/login.defs.d/FAKE_SHELL.xml
@@ -0,0 +1,39 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>FAKE_SHELL</option> (string)</term>
+  <listitem>
+    <para>
+      If set, <command>login</command> will execute this shell instead of
+      the users' shell specified in <filename>/etc/passwd</filename>.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/FTMP_FILE.xml b/man/login.defs.d/FTMP_FILE.xml
new file mode 100644
index 0000000..255569a
--- /dev/null
+++ b/man/login.defs.d/FTMP_FILE.xml
@@ -0,0 +1,38 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>FTMP_FILE</option> (string)</term>
+  <listitem>
+    <para>
+      If defined, login failures will be logged in this file in a utmp format.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/GID_MAX.xml b/man/login.defs.d/GID_MAX.xml
new file mode 100644
index 0000000..639eafb
--- /dev/null
+++ b/man/login.defs.d/GID_MAX.xml
@@ -0,0 +1,45 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>GID_MAX</option> (number)</term>
+  <term><option>GID_MIN</option> (number)</term>
+  <listitem>
+    <para>
+      Range of group IDs used for the creation of regular groups by
+      <command>useradd</command>, <command>groupadd</command>, or
+      <command>newusers</command>.
+    </para>
+    <para>
+      The default value for <option>GID_MIN</option> (resp.
+      <option>GID_MAX</option>) is 1000 (resp. 60000).
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/HUSHLOGIN_FILE.xml b/man/login.defs.d/HUSHLOGIN_FILE.xml
new file mode 100644
index 0000000..edb0262
--- /dev/null
+++ b/man/login.defs.d/HUSHLOGIN_FILE.xml
@@ -0,0 +1,42 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>HUSHLOGIN_FILE</option> (string)</term>
+  <listitem>
+    <para>
+      If defined, this file can inhibit all the usual chatter during the
+      login sequence.  If a full pathname is specified, then hushed mode
+      will be enabled if the user's name or shell are found in the file.
+      If not a full pathname, then hushed mode will be enabled if the file
+      exists in the user's home directory.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ISSUE_FILE.xml b/man/login.defs.d/ISSUE_FILE.xml
new file mode 100644
index 0000000..12c22a7
--- /dev/null
+++ b/man/login.defs.d/ISSUE_FILE.xml
@@ -0,0 +1,38 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>ISSUE_FILE</option> (string)</term>
+  <listitem>
+    <para>
+      If defined, this file will be displayed before each login prompt.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/KILLCHAR.xml b/man/login.defs.d/KILLCHAR.xml
new file mode 100644
index 0000000..fea9f87
--- /dev/null
+++ b/man/login.defs.d/KILLCHAR.xml
@@ -0,0 +1,42 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>KILLCHAR</option> (number)</term>
+  <listitem>
+    <para>
+      Terminal KILL character (<replaceable>025</replaceable> = CTRL/U).
+    </para>
+    <para>
+      The value can be prefixed "0" for an octal value, or "0x" for an
+      hexadecimal value.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/LASTLOG_ENAB.xml b/man/login.defs.d/LASTLOG_ENAB.xml
new file mode 100644
index 0000000..c264a89
--- /dev/null
+++ b/man/login.defs.d/LASTLOG_ENAB.xml
@@ -0,0 +1,38 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>LASTLOG_ENAB</option> (boolean)</term>
+  <listitem>
+    <para>
+      Enable logging and display of /var/log/lastlog login time info.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/LOGIN_RETRIES.xml b/man/login.defs.d/LOGIN_RETRIES.xml
new file mode 100644
index 0000000..3de450d
--- /dev/null
+++ b/man/login.defs.d/LOGIN_RETRIES.xml
@@ -0,0 +1,44 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>LOGIN_RETRIES</option> (number)</term>
+  <listitem>
+    <para>
+      Maximum number of login retries in case of bad password.
+    </para>
+    <para condition="pam">
+      This will most likely be overridden by PAM, since the default
+      pam_unix module has its own built in of 3 retries. However, this is
+      a safe fallback in case you are using an authentication module that
+      does not enforce PAM_MAXTRIES.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/LOGIN_STRING.xml b/man/login.defs.d/LOGIN_STRING.xml
new file mode 100644
index 0000000..3743afe
--- /dev/null
+++ b/man/login.defs.d/LOGIN_STRING.xml
@@ -0,0 +1,44 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>LOGIN_STRING</option> (string)</term>
+  <listitem>
+    <para>
+      The string used for prompting a password. The default is to use
+      "Password: ", or a translation of that string. If you set this
+      variable, the prompt will not be translated.
+    </para>
+    <para>
+      If the string contains <replaceable>%s</replaceable>, this will be
+      replaced by the user's name.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/LOGIN_TIMEOUT.xml b/man/login.defs.d/LOGIN_TIMEOUT.xml
new file mode 100644
index 0000000..05b7cff
--- /dev/null
+++ b/man/login.defs.d/LOGIN_TIMEOUT.xml
@@ -0,0 +1,38 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>LOGIN_TIMEOUT</option> (number)</term>
+  <listitem>
+    <para>
+      Max time in seconds for login.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/LOG_OK_LOGINS.xml b/man/login.defs.d/LOG_OK_LOGINS.xml
new file mode 100644
index 0000000..ec11580
--- /dev/null
+++ b/man/login.defs.d/LOG_OK_LOGINS.xml
@@ -0,0 +1,38 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>LOG_OK_LOGINS</option> (boolean)</term>
+  <listitem>
+    <para>
+      Enable logging of successful logins.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/LOG_UNKFAIL_ENAB.xml b/man/login.defs.d/LOG_UNKFAIL_ENAB.xml
new file mode 100644
index 0000000..2bc0ca2
--- /dev/null
+++ b/man/login.defs.d/LOG_UNKFAIL_ENAB.xml
@@ -0,0 +1,43 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>LOG_UNKFAIL_ENAB</option> (boolean)</term>
+  <listitem>
+    <para>
+      Enable display of unknown usernames when login failures are
+      recorded.
+    </para>
+    <para>
+      Note: logging unknown usernames may be a security issue if an user
+      enter her password instead of her login name.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/MAIL_CHECK_ENAB.xml b/man/login.defs.d/MAIL_CHECK_ENAB.xml
new file mode 100644
index 0000000..62dece0
--- /dev/null
+++ b/man/login.defs.d/MAIL_CHECK_ENAB.xml
@@ -0,0 +1,42 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>MAIL_CHECK_ENAB</option> (boolean)</term>
+  <listitem>
+    <para>
+      Enable checking and display of mailbox status upon login.
+    </para>
+    <para>
+      You should disable it if the shell startup files already check for
+      mail ("mailx -e" or equivalent).
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/MAIL_DIR.xml b/man/login.defs.d/MAIL_DIR.xml
new file mode 100644
index 0000000..60b82d6
--- /dev/null
+++ b/man/login.defs.d/MAIL_DIR.xml
@@ -0,0 +1,60 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>MAIL_DIR</option> (string)</term>
+  <listitem>
+    <para>
+      The mail spool directory. This is needed to manipulate the mailbox
+      when its corresponding user account is modified or deleted. If not
+      specified, a compile-time default is used.
+    </para>
+  </listitem>
+</varlistentry><varlistentry>
+  <term><option>MAIL_FILE</option> (string)</term>
+  <listitem>
+    <para>
+      Defines the location of the users mail spool files relatively to
+      their home directory.
+    </para>
+  </listitem>
+</varlistentry>
+<!-- FIXME: MAIL_FILE not used in useradd -->
+<para>
+  The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables
+  are used by <command>useradd</command>, <command>usermod</command>, and
+  <command>userdel</command> to create, move, or delete the user's mail
+  spool.
+</para>
+<para condition="no_pam">
+  If <option>MAIL_CHECK_ENAB</option> is set to
+  <replaceable>yes</replaceable>, they are also used to define the
+  <envar>MAIL</envar> environment variable.
+</para>
diff --git a/man/login.defs.d/MAX_MEMBERS_PER_GROUP.xml b/man/login.defs.d/MAX_MEMBERS_PER_GROUP.xml
new file mode 100644
index 0000000..45975d9
--- /dev/null
+++ b/man/login.defs.d/MAX_MEMBERS_PER_GROUP.xml
@@ -0,0 +1,57 @@
+<!--
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>MAX_MEMBERS_PER_GROUP</option> (number)</term>
+  <listitem>
+    <para>
+      Maximum members per group entry. When the maximum is reached, a new
+      group entry (line) is started in <filename>/etc/group</filename>
+      (with the same name, same password, and same GID).
+    </para>
+    <para>
+      The default value is 0, meaning that there are no limits in the
+      number of members in a group.
+    </para>
+    <!-- Note: on HP, split groups have the same ID, but different
+               names. -->
+    <para>
+      This feature (split group) permits to limit the length of lines in
+      the group file. This is useful to make sure that lines for NIS
+      groups are not larger than 1024 characters.
+    </para>
+    <para>
+      If you need to enforce such limit, you can use 25.
+    </para>
+    <para>
+      Note: split groups may not be supported by all tools (even in the
+      Shadow toolsuite). You should not use this variable unless you really
+      need it.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/MD5_CRYPT_ENAB.xml b/man/login.defs.d/MD5_CRYPT_ENAB.xml
new file mode 100644
index 0000000..be9426e
--- /dev/null
+++ b/man/login.defs.d/MD5_CRYPT_ENAB.xml
@@ -0,0 +1,60 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>MD5_CRYPT_ENAB</option> (boolean)</term>
+  <listitem>
+    <para>
+      Indicate if passwords must be encrypted using the MD5-based
+      algorithm. If set to <replaceable>yes</replaceable>, new passwords
+      will be encrypted using the MD5-based algorithm compatible with the
+      one used by recent releases of FreeBSD. It supports passwords of
+      unlimited length and longer salt strings. Set to
+      <replaceable>no</replaceable> if you need to copy encrypted
+      passwords to other systems which don't understand the new algorithm.
+      Default is <replaceable>no</replaceable>.
+    </para>
+    <para>
+      This variable is superseded by the <option>ENCRYPT_METHOD</option>
+      variable or by any command line option used to configure the
+      encryption algorithm.
+    </para>
+    <para>
+      This variable is deprecated. You should use
+      <option>ENCRYPT_METHOD</option>.
+    </para>
+    <para condition="pam">
+      Note: This only affect the generation of group passwords.
+      The generation of user passwords is done by PAM and subject to the
+      PAM configuration. It is recommended to set this variable
+      consistently with the PAM configuration.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/MOTD_FILE.xml b/man/login.defs.d/MOTD_FILE.xml
new file mode 100644
index 0000000..b472e71
--- /dev/null
+++ b/man/login.defs.d/MOTD_FILE.xml
@@ -0,0 +1,39 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>MOTD_FILE</option> (string)</term>
+  <listitem>
+    <para>
+      If defined, ":" delimited list of "message of the day" files to be
+      displayed upon login.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/NOLOGINS_FILE.xml b/man/login.defs.d/NOLOGINS_FILE.xml
new file mode 100644
index 0000000..fde79f5
--- /dev/null
+++ b/man/login.defs.d/NOLOGINS_FILE.xml
@@ -0,0 +1,40 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>NOLOGINS_FILE</option> (string)</term>
+  <listitem>
+    <para>
+      If defined, name of file whose presence will inhibit non-root
+      logins.  The contents of this file should be a message indicating
+      why logins are inhibited.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/OBSCURE_CHECKS_ENAB.xml b/man/login.defs.d/OBSCURE_CHECKS_ENAB.xml
new file mode 100644
index 0000000..5eb1d65
--- /dev/null
+++ b/man/login.defs.d/OBSCURE_CHECKS_ENAB.xml
@@ -0,0 +1,38 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>OBSCURE_CHECKS_ENAB</option> (boolean)</term>
+  <listitem>
+    <para>
+      Enable additional checks upon password changes.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/PASS_ALWAYS_WARN.xml b/man/login.defs.d/PASS_ALWAYS_WARN.xml
new file mode 100644
index 0000000..8687488
--- /dev/null
+++ b/man/login.defs.d/PASS_ALWAYS_WARN.xml
@@ -0,0 +1,38 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>PASS_ALWAYS_WARN</option> (boolean)</term>
+  <listitem>
+    <para>
+      Warn about weak passwords (but still allow them) if you are root.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/PASS_CHANGE_TRIES.xml b/man/login.defs.d/PASS_CHANGE_TRIES.xml
new file mode 100644
index 0000000..f6f6d1d
--- /dev/null
+++ b/man/login.defs.d/PASS_CHANGE_TRIES.xml
@@ -0,0 +1,39 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>PASS_CHANGE_TRIES</option> (number)</term>
+  <listitem>
+    <para>
+      Maximum number of attempts to change password if rejected (too
+      easy).
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/PASS_MAX_DAYS.xml b/man/login.defs.d/PASS_MAX_DAYS.xml
new file mode 100644
index 0000000..7df51a2
--- /dev/null
+++ b/man/login.defs.d/PASS_MAX_DAYS.xml
@@ -0,0 +1,40 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>PASS_MAX_DAYS</option> (number)</term>
+  <listitem>
+    <para>
+      The maximum number of days a password may be used. If the password
+      is older than this, a password change will be forced.  If not
+      specified, -1 will be assumed (which disables the restriction).
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/PASS_MAX_LEN.xml b/man/login.defs.d/PASS_MAX_LEN.xml
new file mode 100644
index 0000000..2b9e024
--- /dev/null
+++ b/man/login.defs.d/PASS_MAX_LEN.xml
@@ -0,0 +1,43 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>PASS_MAX_LEN</option> (number)</term>
+  <term><option>PASS_MIN_LEN</option> (number)</term>
+  <listitem>
+    <para>
+      Number of significant characters in the password for crypt().
+      <option>PASS_MAX_LEN</option> is 8 by default. Don't change unless
+      your crypt() is better. This is ignored if
+      <option>MD5_CRYPT_ENAB</option> set to
+      <replaceable>yes</replaceable>.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/PASS_MIN_DAYS.xml b/man/login.defs.d/PASS_MIN_DAYS.xml
new file mode 100644
index 0000000..14f68eb
--- /dev/null
+++ b/man/login.defs.d/PASS_MIN_DAYS.xml
@@ -0,0 +1,40 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>PASS_MIN_DAYS</option> (number)</term>
+  <listitem>
+    <para>
+      The minimum number of days allowed between password changes.  Any
+      password changes attempted sooner than this will be rejected. If not
+      specified, -1 will be assumed (which disables the restriction).
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/PASS_WARN_AGE.xml b/man/login.defs.d/PASS_WARN_AGE.xml
new file mode 100644
index 0000000..fc03f1d
--- /dev/null
+++ b/man/login.defs.d/PASS_WARN_AGE.xml
@@ -0,0 +1,41 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>PASS_WARN_AGE</option> (number)</term>
+  <listitem>
+    <para>
+      The number of days warning given before a password expires. A zero
+      means warning is given only upon the day of expiration, a negative
+      value means no warning is given. If not specified, no warning will
+      be provided.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/PORTTIME_CHECKS_ENAB.xml b/man/login.defs.d/PORTTIME_CHECKS_ENAB.xml
new file mode 100644
index 0000000..0ba7c3a
--- /dev/null
+++ b/man/login.defs.d/PORTTIME_CHECKS_ENAB.xml
@@ -0,0 +1,39 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>PORTTIME_CHECKS_ENAB</option> (boolean)</term>
+  <listitem>
+    <para>
+      Enable checking of time restrictions specified in
+      <filename>/etc/porttime</filename>.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/QUOTAS_ENAB.xml b/man/login.defs.d/QUOTAS_ENAB.xml
new file mode 100644
index 0000000..2a68b21
--- /dev/null
+++ b/man/login.defs.d/QUOTAS_ENAB.xml
@@ -0,0 +1,40 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>QUOTAS_ENAB</option> (boolean)</term>
+  <listitem>
+    <para>
+      Enable setting of resource limits from
+      <filename>/etc/limits</filename> and ulimit, umask, and niceness
+      from the user's passwd gecos field.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml b/man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml
new file mode 100644
index 0000000..0755e69
--- /dev/null
+++ b/man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml
@@ -0,0 +1,69 @@
+<!--
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="sha_crypt">
+  <term><option>SHA_CRYPT_MIN_ROUNDS</option> (number)</term>
+  <term><option>SHA_CRYPT_MAX_ROUNDS</option> (number)</term>
+  <listitem>
+    <para>
+      When <option>ENCRYPT_METHOD</option> is set to
+      <replaceable>SHA256</replaceable> or
+      <replaceable>SHA512</replaceable>, this defines the number of SHA
+      rounds used by the encryption algorithm by default (when the number
+      of rounds is not specified on the command line).
+    </para>
+    <para>
+      With a lot of rounds, it is more difficult to brute forcing the
+      password. But note also that more CPU resources will be needed to
+      authenticate users.
+    </para>
+    <para>
+      If not specified, the libc will choose the default number of rounds
+      (5000).
+    </para>
+    <para>
+      The values must be inside the 1000-999,999,999 range.
+    </para>
+    <para>
+      If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or
+      <option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value
+      will be used.
+    </para>
+    <para>
+      If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt;
+      <option>SHA_CRYPT_MAX_ROUNDS</option>, the highest value will be
+      used.
+    </para>
+    <para condition="pam">
+      Note: This only affect the generation of group passwords.
+      The generation of user passwords is done by PAM and subject to the
+      PAM configuration. It is recommended to set this variable
+      consistently with the PAM configuration.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SUB_GID_COUNT.xml b/man/login.defs.d/SUB_GID_COUNT.xml
new file mode 100644
index 0000000..01ace00
--- /dev/null
+++ b/man/login.defs.d/SUB_GID_COUNT.xml
@@ -0,0 +1,48 @@
+<!--
+   Copyright (c) 2013, Eric W. Biederman
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="subids">
+  <term><option>SUB_GID_MIN</option> (number)</term>
+  <term><option>SUB_GID_MAX</option> (number)</term>
+  <term><option>SUB_GID_COUNT</option> (number)</term>
+  <listitem>
+    <para>
+      If <filename>/etc/subuid</filename> exists, the commands
+      <command>useradd</command> and <command>newusers</command> (unless
+      the user already have subordinate group IDs) allocate
+      <option>SUB_GID_COUNT</option> unused group IDs from the range
+      <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</option> for each
+      new user.
+    </para>
+    <para>
+      The default values for <option>SUB_GID_MIN</option>,
+      <option>SUB_GID_MAX</option>, <option>SUB_GID_COUNT</option>
+      are respectively 100000, 600100000 and 10000.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SUB_UID_COUNT.xml b/man/login.defs.d/SUB_UID_COUNT.xml
new file mode 100644
index 0000000..5ad812f
--- /dev/null
+++ b/man/login.defs.d/SUB_UID_COUNT.xml
@@ -0,0 +1,48 @@
+<!--
+   Copyright (c) 2013, Eric W. Biederman
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="subids">
+  <term><option>SUB_UID_MIN</option> (number)</term>
+  <term><option>SUB_UID_MAX</option> (number)</term>
+  <term><option>SUB_UID_COUNT</option> (number)</term>
+  <listitem>
+    <para>
+      If <filename>/etc/subuid</filename> exists, the commands
+      <command>useradd</command> and <command>newusers</command> (unless
+      the user already have subordinate user IDs) allocate
+      <option>SUB_UID_COUNT</option> unused user IDs from the range
+      <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</option> for each
+      new user.
+    </para>
+    <para>
+      The default values for <option>SUB_UID_MIN</option>,
+      <option>SUB_UID_MAX</option>, <option>SUB_UID_COUNT</option>
+      are respectively 100000, 600100000 and 10000.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SULOG_FILE.xml b/man/login.defs.d/SULOG_FILE.xml
new file mode 100644
index 0000000..d5d07c8
--- /dev/null
+++ b/man/login.defs.d/SULOG_FILE.xml
@@ -0,0 +1,38 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>SULOG_FILE</option> (string)</term>
+  <listitem>
+    <para>
+      If defined, all su activity is logged to this file.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SU_NAME.xml b/man/login.defs.d/SU_NAME.xml
new file mode 100644
index 0000000..0a9dfdb
--- /dev/null
+++ b/man/login.defs.d/SU_NAME.xml
@@ -0,0 +1,41 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>SU_NAME</option> (string)</term>
+  <listitem>
+    <para>
+      If defined, the command name to display when running "su -".  For
+      example, if this is defined as "su" then a "ps" will display the
+      command is "-su".  If not defined, then "ps" would display the name
+      of the shell actually being run, e.g. something like "-sh".
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SU_WHEEL_ONLY.xml b/man/login.defs.d/SU_WHEEL_ONLY.xml
new file mode 100644
index 0000000..7b8e0bc
--- /dev/null
+++ b/man/login.defs.d/SU_WHEEL_ONLY.xml
@@ -0,0 +1,44 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!-- TODO: TBC -->
+<varlistentry condition="no_pam">
+  <term><option>SU_WHEEL_ONLY</option> (boolean)</term>
+  <listitem>
+    <para>
+      If <replaceable>yes</replaceable>, the user must be listed as a
+      member of the first gid 0 group in <filename>/etc/group</filename>
+      (called <replaceable>root</replaceable> on most Linux systems) to be
+      able to <command>su</command> to uid 0 accounts.  If the group
+      doesn't exist or is empty, no one will be able to
+      <command>su</command> to uid 0.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SYSLOG_SG_ENAB.xml b/man/login.defs.d/SYSLOG_SG_ENAB.xml
new file mode 100644
index 0000000..0705537
--- /dev/null
+++ b/man/login.defs.d/SYSLOG_SG_ENAB.xml
@@ -0,0 +1,38 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>SYSLOG_SG_ENAB</option> (boolean)</term>
+  <listitem>
+    <para>
+      Enable "syslog" logging of <command>sg</command> activity.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SYSLOG_SU_ENAB.xml b/man/login.defs.d/SYSLOG_SU_ENAB.xml
new file mode 100644
index 0000000..af94a23
--- /dev/null
+++ b/man/login.defs.d/SYSLOG_SU_ENAB.xml
@@ -0,0 +1,39 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>SYSLOG_SU_ENAB</option> (boolean)</term>
+  <listitem>
+    <para>
+      Enable "syslog" logging of <command>su</command> activity - in
+      addition to sulog file logging.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SYS_GID_MAX.xml b/man/login.defs.d/SYS_GID_MAX.xml
new file mode 100644
index 0000000..4a9ed28
--- /dev/null
+++ b/man/login.defs.d/SYS_GID_MAX.xml
@@ -0,0 +1,43 @@
+<!--
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>SYS_GID_MAX</option> (number)</term>
+  <term><option>SYS_GID_MIN</option> (number)</term>
+  <listitem>
+    <para>
+      Range of group IDs used for the creation of system groups by
+      <command>useradd</command>, <command>groupadd</command>, or
+      <command>newusers</command>.
+    </para>
+    <para>
+      The default value for <option>SYS_GID_MIN</option> (resp.
+      <option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1).
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/SYS_UID_MAX.xml b/man/login.defs.d/SYS_UID_MAX.xml
new file mode 100644
index 0000000..3ca6cee
--- /dev/null
+++ b/man/login.defs.d/SYS_UID_MAX.xml
@@ -0,0 +1,42 @@
+<!--
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>SYS_UID_MAX</option> (number)</term>
+  <term><option>SYS_UID_MIN</option> (number)</term>
+  <listitem>
+    <para>
+      Range of user IDs used for the creation of system users by
+      <command>useradd</command> or <command>newusers</command>.
+    </para>
+    <para>
+      The default value for <option>SYS_UID_MIN</option> (resp.
+      <option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1).
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/TCB_AUTH_GROUP.xml b/man/login.defs.d/TCB_AUTH_GROUP.xml
new file mode 100644
index 0000000..f9c9f72
--- /dev/null
+++ b/man/login.defs.d/TCB_AUTH_GROUP.xml
@@ -0,0 +1,37 @@
+<!--
+   Copyright (c) 2010, Pawel Hajdan
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="tcb">
+  <term><option>TCB_AUTH_GROUP</option> (boolean)</term>
+  <listitem>
+    <para>
+      If <replaceable>yes</replaceable>, newly created tcb shadow files
+      will be group owned by the <replaceable>auth</replaceable> group.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/TCB_SYMLINKS.xml b/man/login.defs.d/TCB_SYMLINKS.xml
new file mode 100644
index 0000000..76b34fb
--- /dev/null
+++ b/man/login.defs.d/TCB_SYMLINKS.xml
@@ -0,0 +1,53 @@
+<!--
+   Copyright (c) 2010, Pawel Hajdan
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="tcb">
+  <term><option>TCB_SYMLINKS</option> (boolean)</term>
+  <listitem>
+    <para>
+      If <replaceable>yes</replaceable>, the location of the user tcb
+      directory to be created will not be automatically set to /etc/tcb/user,
+      but will be computed depending on the UID of the user, according to
+      the following algorithm:
+      <programlisting>
+if ( UID is less than 1000) {
+  use /etc/tcb/user
+} else if ( UID is less than 1000000) {
+  kilos = UID / 1000
+  use /etc/tcb/:kilos/user
+  make symlink /etc/tcb/user to the above directory
+} else {
+  megas = UID / 1000000
+  kilos = ( UID / megas * 1000000 ) / 1000
+  use /etc/tcb/:megas/:kilos/user
+  make symlink /etc/tcb/user to the above directory
+}
+      </programlisting>
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/TTYGROUP.xml b/man/login.defs.d/TTYGROUP.xml
new file mode 100644
index 0000000..474f31b
--- /dev/null
+++ b/man/login.defs.d/TTYGROUP.xml
@@ -0,0 +1,56 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>TTYGROUP</option> (string)</term>
+  <term><option>TTYPERM</option> (string)</term>
+  <listitem>
+    <para>
+      The terminal permissions: the login tty will be owned by the
+      <option>TTYGROUP</option> group, and the permissions will be set to
+      <option>TTYPERM</option>.
+    </para>
+    <para>
+      By default, the ownership of the terminal is set to the user's
+      primary group and the permissions are set to
+      <replaceable>0600</replaceable>.
+    </para>
+    <para>
+      <option>TTYGROUP</option> can be either the name of a group or a
+      numeric group identifier.
+    </para>
+    <para>
+      If you have a <command>write</command> program which is "setgid" to
+      a special group which owns the terminals, define TTYGROUP to the
+      group number and TTYPERM to 0620.  Otherwise leave TTYGROUP
+      commented out and assign TTYPERM to either 622 or 600.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/TTYTYPE_FILE.xml b/man/login.defs.d/TTYTYPE_FILE.xml
new file mode 100644
index 0000000..f3e8509
--- /dev/null
+++ b/man/login.defs.d/TTYTYPE_FILE.xml
@@ -0,0 +1,39 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>TTYTYPE_FILE</option> (string)</term>
+  <listitem>
+    <para>
+      If defined, file which maps tty line to TERM environment parameter.
+      Each line of the file is in a format something like "vt100  tty01".
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/UID_MAX.xml b/man/login.defs.d/UID_MAX.xml
new file mode 100644
index 0000000..77cf41f
--- /dev/null
+++ b/man/login.defs.d/UID_MAX.xml
@@ -0,0 +1,44 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>UID_MAX</option> (number)</term>
+  <term><option>UID_MIN</option> (number)</term>
+  <listitem>
+    <para>
+      Range of user IDs used for the creation of regular users by
+      <command>useradd</command> or <command>newusers</command>.
+    </para>
+    <para>
+      The default value for <option>UID_MIN</option> (resp.
+      <option>UID_MAX</option>) is 1000 (resp. 60000).
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/ULIMIT.xml b/man/login.defs.d/ULIMIT.xml
new file mode 100644
index 0000000..3cf4267
--- /dev/null
+++ b/man/login.defs.d/ULIMIT.xml
@@ -0,0 +1,38 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="no_pam">
+  <term><option>ULIMIT</option> (number)</term>
+  <listitem>
+    <para>
+      Default <command>ulimit</command> value.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/UMASK.xml b/man/login.defs.d/UMASK.xml
new file mode 100644
index 0000000..d7b71a5
--- /dev/null
+++ b/man/login.defs.d/UMASK.xml
@@ -0,0 +1,55 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2009, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>UMASK</option> (number)</term>
+  <listitem>
+    <para>
+      The file mode creation mask is initialized to this value. If not
+      specified, the mask will be initialized to 022.
+    </para>
+    <para>
+      <command>useradd</command> and <command>newusers</command> use this
+      mask to set the mode of the home directory they create
+    </para>
+    <para condition="no_pam">
+      It is also used by <command>login</command> to define users' initial
+      umask.  Note that this mask can be overridden by the user's GECOS
+      line (if <option>QUOTAS_ENAB</option> is set) or by the
+      specification of a limit with the <emphasis>K</emphasis> identifier
+      in <citerefentry><refentrytitle>limits</refentrytitle>
+      <manvolnum>5</manvolnum></citerefentry>.
+    </para>
+    <para condition="pam">
+      It is also used by <command>pam_umask</command> as the default umask
+      value.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/USERDEL_CMD.xml b/man/login.defs.d/USERDEL_CMD.xml
new file mode 100644
index 0000000..40800b2
--- /dev/null
+++ b/man/login.defs.d/USERDEL_CMD.xml
@@ -0,0 +1,72 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 1996 - 2000, Marek Michałkiewicz
+   Copyright (c) 2007 - 2009, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>USERDEL_CMD</option> (string)</term>
+  <listitem>
+    <para>
+      If defined, this command is run when removing a user. It should
+      remove any at/cron/print jobs etc. owned by the user to be removed
+      (passed as the first argument).
+    </para>
+    <para>
+      The return code of the script is not taken into account.
+    </para>
+    <para>
+      Here is an example script, which removes the user's
+      cron, at and print jobs:
+      <programlisting>
+#! /bin/sh
+
+# Check for the required argument.
+if [ $# != 1 ]; then
+	echo "Usage: $0 username"
+	exit 1
+fi
+
+# Remove cron jobs.
+crontab -r -u $1
+
+# Remove at jobs.
+# Note that it will remove any jobs owned by the same UID,
+# even if it was shared by a different username.
+AT_SPOOL_DIR=/var/spool/cron/atjobs
+find $AT_SPOOL_DIR -name "[^.]*" -type f -user $1 -delete \;
+
+# Remove print jobs.
+lprm $1
+
+# All done.
+exit 0
+      </programlisting>
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/USERGROUPS_ENAB.xml b/man/login.defs.d/USERGROUPS_ENAB.xml
new file mode 100644
index 0000000..daa8892
--- /dev/null
+++ b/man/login.defs.d/USERGROUPS_ENAB.xml
@@ -0,0 +1,46 @@
+<!--
+   Copyright (c) 1991 - 1993, Julianne Frances Haugh
+   Copyright (c) 1991 - 1993, Chip Rosenthal
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry>
+  <term><option>USERGROUPS_ENAB</option> (boolean)</term>
+  <listitem>
+    <para condition="no_pam">
+      Enable setting of the umask group bits to be the same as owner bits
+      (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
+      the same as gid, and username is the same as the primary group name.
+    </para>
+    <para>
+      If set to <replaceable>yes</replaceable>, <command>userdel</command>
+      will remove the user's group if it contains no more members, and
+      <command>useradd</command> will create by default a group with the
+      name of the user.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/login.defs.d/USE_TCB.xml b/man/login.defs.d/USE_TCB.xml
new file mode 100644
index 0000000..6fbe4d9
--- /dev/null
+++ b/man/login.defs.d/USE_TCB.xml
@@ -0,0 +1,38 @@
+<!--
+   Copyright (c) 2010, Pawel Hajdan
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<varlistentry condition="tcb">
+  <term><option>USE_TCB</option> (boolean)</term>
+  <listitem>
+    <para>
+      If <replaceable>yes</replaceable>, the <citerefentry>
+      <refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+      password shadowing scheme will be used.
+    </para>
+  </listitem>
+</varlistentry>
diff --git a/man/logoutd.8.xml b/man/logoutd.8.xml
new file mode 100644
index 0000000..13b1337
--- /dev/null
+++ b/man/logoutd.8.xml
@@ -0,0 +1,105 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1991       , Julianne Frances Haugh
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='logoutd.8'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1991</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>logoutd</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>logoutd</refname>
+    <refpurpose>enforce login time restrictions</refpurpose>
+  </refnamediv>
+  <!-- body begins here -->
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>logoutd</command>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      <command>logoutd</command> enforces the login time and port
+      restrictions specified in <filename>/etc/porttime</filename>. 
+      <command>logoutd</command> should be started from
+      <filename>/etc/rc</filename>. The <filename>/var/run/utmp</filename>
+      file is scanned periodically and each user name is checked to see if
+      the named user is permitted on the named port at the current time. 
+      Any login session which is violating the restrictions in
+      <filename>/etc/porttime</filename> is terminated.
+    </para>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/porttime</filename></term>
+	<listitem>
+	  <para>File containing port access.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/var/run/utmp</filename></term>
+	<listitem>
+	  <para>List of current login sessions.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+</refentry>
diff --git a/man/newgidmap.1.xml b/man/newgidmap.1.xml
new file mode 100644
index 0000000..864bad1
--- /dev/null
+++ b/man/newgidmap.1.xml
@@ -0,0 +1,183 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 2013 Eric W. Biederman
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='newgidmap.1'>
+  <refmeta>
+    <refentrytitle>newgidmap</refentrytitle>
+    <manvolnum>1</manvolnum>
+    <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>newgidmap</refname>
+    <refpurpose>set the gid mapping of a user namespace</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>newgidmap</command>
+      <arg choice='plain'>
+	<replaceable>pid</replaceable>
+      </arg>
+      <arg choice='plain'>
+	<replaceable>gid</replaceable>
+      </arg>
+      <arg choice='plain'>
+	<replaceable>lowergid</replaceable>
+      </arg>
+      <arg choice='plain'>
+	<replaceable>count</replaceable>
+      </arg>
+      <arg choice='opt'>
+	<arg choice='plain'>
+	  <replaceable>gid</replaceable>
+	</arg>
+	<arg choice='plain'>
+	  <replaceable>lowergid</replaceable>
+	</arg>
+	<arg choice='plain'>
+	  <replaceable>count</replaceable>
+	</arg>
+	<arg choice='opt'>
+	  <replaceable>...</replaceable>
+	</arg>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>newgidmap</command> sets <filename>/proc/[pid]/gid_map</filename> based on its
+      command line arguments and the gids allowed in <filename>/etc/subgid</filename>.
+      Note that the root user is not exempted from the requirement for a valid
+      <filename>/etc/subgid</filename> entry.
+    </para>
+
+    <para>
+      After the pid argument, <command>newgidmap</command> expects sets of 3 integers:
+      <variablelist>
+	<varlistentry>
+	  <term>gid</term>
+	  <listitem>
+	    <para>
+	      Beginning of the range of GIDs inside the user namespace.
+	    </para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term>lowergid</term>
+	  <listitem>
+	    <para>
+	      Beginning of the range of GIDs outside the user namespace.
+	    </para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term>count</term>
+	  <listitem>
+	    <para>
+	      Length of the ranges (both inside and outside the user namespace).
+	    </para>
+	  </listitem>
+	</varlistentry>
+      </variablelist>
+    </para>
+
+    <para>
+      <command>newgidmap</command> verifies that the caller is the owner
+      of the process indicated by <option>pid</option> and that for each
+      of the above sets, each of the GIDs in the range [lowergid,
+      lowergid+count] is allowed to the caller according to
+      <filename>/etc/subgid</filename> before setting
+      <filename>/proc/[pid]/gid_map</filename>.
+    </para>
+    <para>
+      Note that newgidmap may be used only once for a given process.
+    </para>
+
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      There currently are no options to the <command>newgidmap</command> command.
+    </para>
+    <variablelist remap='IP'>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/subgid</filename></term>
+	<listitem>
+	  <para>List of user's subordinate group IDs.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/proc/[pid]/gid_map</filename></term>
+	<listitem>
+	  <para>Mapping of gids from one between user namespaces.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/newgrp.1.xml b/man/newgrp.1.xml
new file mode 100644
index 0000000..62f0625
--- /dev/null
+++ b/man/newgrp.1.xml
@@ -0,0 +1,177 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1991       , Julianne Frances Haugh
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY SYSLOG_SG_ENAB        SYSTEM "login.defs.d/SYSLOG_SG_ENAB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='newgrp.1'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1991</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>newgrp</refentrytitle>
+    <manvolnum>1</manvolnum>
+    <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>newgrp</refname>
+    <refpurpose>log in to a new group</refpurpose>
+  </refnamediv>
+  <!-- body begins here -->
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>newgrp</command>    <arg choice='opt'>- </arg>
+      <arg choice='opt'><replaceable>group</replaceable></arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+  <title>DESCRIPTION</title>
+    <para>
+      The <command>newgrp</command> command is used to change the current
+      group ID during a login session. If the optional <option>-</option>
+      flag is given, the user's environment will be reinitialized as though
+      the user had logged in, otherwise the current environment, including
+      current working directory, remains unchanged.
+    </para>
+
+    <para>
+      <command>newgrp</command> changes the current real group ID to the
+      named group, or to the default group listed in
+      <filename>/etc/passwd</filename> if no group name is given. 
+      <command>newgrp</command> also tries to add the group to the user
+      groupset. If not root, the user will be prompted for a password if she
+      does not have a password (in <filename>/etc/shadow</filename> if this
+      user has an entry in the shadowed password file, or in
+      <filename>/etc/passwd</filename> otherwise) and the group does, or if
+      the user is not listed as a member and the group has a password. The
+      user will be denied access if the group password is empty and the user
+      is not listed as a member.
+    </para>
+
+    <para condition="gshadow">
+      If there is an entry for this group in
+      <filename>/etc/gshadow</filename>, then the list of members and the
+      password of this group will be taken from this file, otherwise, the
+      entry in <filename>/etc/group</filename> is considered.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &SYSLOG_SG_ENAB;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	 </listitem>
+      </varlistentry>
+      <varlistentry condition="gshadow">
+	<term><filename>/etc/gshadow</filename></term>
+	<listitem>
+	  <para>Secure group account information.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>id</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>gpasswd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry><phrase condition="gshadow">,
+	<citerefentry condition="gshadow">
+	  <refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum>
+	</citerefentry>
+      </phrase>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/newuidmap.1.xml b/man/newuidmap.1.xml
new file mode 100644
index 0000000..a97b7f9
--- /dev/null
+++ b/man/newuidmap.1.xml
@@ -0,0 +1,182 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 2013 Eric W. Biederman
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='newuidmap.1'>
+  <refmeta>
+    <refentrytitle>newuidmap</refentrytitle>
+    <manvolnum>1</manvolnum>
+    <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>newuidmap</refname>
+    <refpurpose>set the uid mapping of a user namespace</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>newuidmap</command>
+      <arg choice='plain'>
+	<replaceable>pid</replaceable>
+      </arg>
+      <arg choice='plain'>
+	<replaceable>uid</replaceable>
+      </arg>
+      <arg choice='plain'>
+	<replaceable>loweruid</replaceable>
+      </arg>
+      <arg choice='plain'>
+	<replaceable>count</replaceable>
+      </arg>
+      <arg choice='opt'>
+	<arg choice='plain'>
+	  <replaceable>uid</replaceable>
+	</arg>
+	<arg choice='plain'>
+	  <replaceable>loweruid</replaceable>
+	</arg>
+	<arg choice='plain'>
+	  <replaceable>count</replaceable>
+	</arg>
+	<arg choice='opt'>
+	  <replaceable>...</replaceable>
+	</arg>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>newuidmap</command> sets <filename>/proc/[pid]/uid_map</filename> based on its
+      command line arguments and the uids allowed in <filename>/etc/subuid</filename>.
+      Note that the root user is not exempted from the requirement for a valid
+      <filename>/etc/subuid</filename> entry.
+    </para>
+
+    <para>
+      After the pid argument, <command>newuidmap</command> expects sets of 3 integers:
+      <variablelist>
+	<varlistentry>
+	  <term>uid</term>
+	  <listitem>
+	    <para>
+	      Beginning of the range of UIDs inside the user namespace.
+	    </para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term>loweruid</term>
+	  <listitem>
+	    <para>
+	      Beginning of the range of UIDs outside the user namespace.
+	    </para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term>count</term>
+	  <listitem>
+	    <para>
+	      Length of the ranges (both inside and outside the user namespace).
+	    </para>
+	  </listitem>
+	</varlistentry>
+      </variablelist>
+    </para>
+
+    <para>
+      <command>newuidmap</command> verifies that the caller is the owner
+      of the process indicated by <option>pid</option> and that for each
+      of the above sets, each of the UIDs in the range [loweruid,
+      loweruid+count] is allowed to the caller according to
+      <filename>/etc/subuid</filename> before setting
+      <filename>/proc/[pid]/uid_map</filename>.
+    </para>
+    <para>
+      Note that newuidmap may be used only once for a given process.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      There currently are no options to the <command>newuidmap</command> command.
+    </para>
+    <variablelist remap='IP'>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/subuid</filename></term>
+	<listitem>
+	  <para>List of user's subordinate user IDs.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/proc/[pid]/uid_map</filename></term>
+	<listitem>
+	  <para>Mapping of uids from one between user namespaces.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/newusers.8.xml b/man/newusers.8.xml
new file mode 100644
index 0000000..ff6dc1c
--- /dev/null
+++ b/man/newusers.8.xml
@@ -0,0 +1,472 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1991 - 1994, Julianne Frances Haugh
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY ENCRYPT_METHOD        SYSTEM "login.defs.d/ENCRYPT_METHOD.xml">
+<!ENTITY GID_MAX               SYSTEM "login.defs.d/GID_MAX.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY MD5_CRYPT_ENAB        SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
+<!ENTITY PASS_MAX_DAYS         SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
+<!ENTITY PASS_MIN_DAYS         SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
+<!ENTITY PASS_WARN_AGE         SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
+<!ENTITY SHA_CRYPT_MIN_ROUNDS  SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
+<!ENTITY SUB_GID_COUNT         SYSTEM "login.defs.d/SUB_GID_COUNT.xml">
+<!ENTITY SUB_UID_COUNT         SYSTEM "login.defs.d/SUB_UID_COUNT.xml">
+<!ENTITY SYS_GID_MAX           SYSTEM "login.defs.d/SYS_GID_MAX.xml">
+<!ENTITY SYS_UID_MAX           SYSTEM "login.defs.d/SYS_UID_MAX.xml">
+<!ENTITY UID_MAX               SYSTEM "login.defs.d/UID_MAX.xml">
+<!ENTITY UMASK                 SYSTEM "login.defs.d/UMASK.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='newusers.8'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1991</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>newusers</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>newusers</refname>
+    <refpurpose>update and create new users in batch</refpurpose>
+  </refnamediv>
+  <!-- body begins here -->
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>newusers</command>
+      <arg choice='opt'>
+	<replaceable>options</replaceable>
+      </arg>
+      <arg choice='opt'>
+	<replaceable>file</replaceable>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>newusers</command> command reads a <replaceable>file</replaceable> (or the standard input by default)
+      and uses this information to update a set
+      of existing users or to create new users. Each line is in the same format
+      as the standard password file (see
+      <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>) with the exceptions explained below:
+    </para>
+    <para>pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell</para>
+
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <emphasis remap='I'>pw_name</emphasis>
+	</term>
+	<listitem>
+	  <para>
+	    This is the name of the user.
+	  </para>
+	  <para>
+	    It can be the name of a new user or the name of an existing
+	    user (or a user created before by
+	    <command>newusers</command>).  In case of an existing user,
+	    the user's information will be changed, otherwise a new user
+	    will be created.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <emphasis remap='I'>pw_passwd</emphasis>
+	</term>
+	<listitem>
+	  <para>
+	    This field will be encrypted and used as the new value of the
+	    encrypted password.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <emphasis remap='I'>pw_uid</emphasis>
+	</term>
+	<listitem>
+	  <para>
+	    This field is used to define the UID of the user.
+	  </para>
+	  <para>
+	    If the field is empty, a new (unused) UID will be defined
+	    automatically by <command>newusers</command>.
+	  </para>
+	  <para>
+	    If this field contains a number, this number will be used as
+	    the UID.
+	  </para>
+	  <para>
+	    If this field contains the name of an existing user (or the
+	    name of a user created before by
+	    <command>newusers</command>), the UID of the specified user
+	    will be used.
+	  </para>
+	  <para>
+	    If the UID of an existing user is changed, the files ownership
+	    of the user's file should be fixed manually.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <emphasis remap='I'>pw_gid</emphasis>
+	</term>
+	<listitem>
+	  <para>
+	    This field is used to define the primary group ID for the user.
+	  </para>
+	  <para>
+	    If this field contains the name of an existing group (or a
+	    group created before by <command>newusers</command>), the GID
+	    of this group will be used as the primary group ID for the
+	    user.
+	  </para>
+	  <para>
+	    If this field is a number, this number will be used as the
+	    primary group ID of the user.  If no groups exist with this
+	    GID, a new group will be created with this GID, and the name
+	    of the user.
+	  </para>
+	  <para>
+	    If this field is empty, a new group will be created with the
+	    name of the user and a GID will be automatically defined by
+	    <command>newusers</command> to be used as the primary group ID
+	    for the user and as the GID for the new group.
+	  </para>
+	  <para>
+	    If this field contains the name of a group which does not
+	    exist (and was not created before by
+	    <command>newusers</command>), a new group will be created with
+	    the specified name and a GID will be automatically defined by
+	    <command>newusers</command> to be used as the primary group ID
+	    for the user and GID for the new group.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <emphasis remap='I'>pw_gecos</emphasis>
+	</term>
+	<listitem>
+	  <para>
+	    This field is copied in the GECOS field of the user.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <emphasis remap='I'>pw_dir</emphasis>
+	</term>
+	<listitem>
+	  <para>
+	    This field is used to define the home directory of the user.
+	  </para>
+	  <para>
+	    If this field does not specify an existing directory, the
+	    specified directory is created, with ownership set to the
+	    user being created or updated and its primary group.
+	  </para>
+	  <para>
+	    If the home directory of an existing user is changed,
+	    <command>newusers</command> does not move or copy the content
+	    of the old directory to the new location. This should be done
+	    manually.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <emphasis remap='I'>pw_shell</emphasis>
+	</term>
+	<listitem>
+	  <para>
+	    This field defines the shell of the user.
+	    No checks are performed on this field.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+
+    <para>
+      <command>newusers</command> first tries to create or change all the
+      specified users, and then write these changes to the user or group
+      databases. If an error occurs (except in the final writes to the
+      databases), no changes are committed to the databases.
+    </para>
+    <para condition="pam">
+      During this first pass, users are created with a locked password
+      (and passwords are not changed for the users which are not created).
+      A second pass is used to update the passwords using PAM.  Failures
+      to update a password are reported, but will not stop the other
+      password updates.
+    </para>
+
+    <para>
+      This command is intended to be used in a large system environment
+      where many accounts are updated at a single time.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>newusers</command> command are:
+    </para>
+    <variablelist remap='IP' condition="no_pam">
+      <varlistentry>
+	<term><option>-c</option>, <option>--crypt-method</option></term>
+	<listitem>
+	  <para>Use the specified method to encrypt the passwords.</para>
+	  <para>
+	    The available methods are DES, MD5, NONE, and SHA256 or SHA512
+	    if your libc support these methods.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-r</option>, <option>--system</option>
+	</term>
+	<listitem>
+	  <para>
+	    Create a system account.
+	  </para>
+	  <para>
+	    System users will be created with no aging information in
+	    <filename>/etc/shadow</filename>, and their numeric
+	    identifiers are chosen in the
+	    <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>
+	    range, defined in <filename>login.defs</filename>, instead of
+	    <option>UID_MIN</option>-<option>UID_MAX</option> (and their
+	    <option>GID</option> counterparts for the creation of groups).
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+    <variablelist remap='IP' condition="no_pam">
+      <varlistentry condition="sha_crypt">
+	<term><option>-s</option>, <option>--sha-rounds</option></term>
+	<listitem>
+	  <para>
+	    Use the specified number of rounds to encrypt the passwords.
+	  </para>
+	  <para>
+	    The value 0 means that the system will choose the default
+	    number of rounds for the crypt method (5000).
+	  </para>
+	  <para>
+	    A minimal value of 1000 and a maximal value of 999,999,999
+	    will be enforced.
+	  </para>
+	  <para>
+	    You can only use this option with the SHA256 or SHA512
+	    crypt method.
+	  </para>
+	  <para>
+	    By default, the number of rounds is defined by the
+	    SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in
+	    <filename>/etc/login.defs</filename>.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='caveats'>
+    <title>CAVEATS</title>
+    <para>
+      The input file must be protected since it contains unencrypted
+      passwords.
+    </para>
+    <para condition="no_pam">
+      You should make sure the passwords and the encryption method respect
+      the system's password policy.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist condition="no_pam">
+      &ENCRYPT_METHOD;
+    </variablelist>
+    <variablelist>
+      &GID_MAX; <!-- documents also GID_MIN -->
+      &MAX_MEMBERS_PER_GROUP;
+    </variablelist>
+    <variablelist condition="no_pam">
+      &MD5_CRYPT_ENAB;
+    </variablelist>
+    <variablelist>
+      &PASS_MAX_DAYS;
+      &PASS_MIN_DAYS;
+      &PASS_WARN_AGE;
+    </variablelist>
+    <variablelist condition="no_pam">
+      &SHA_CRYPT_MIN_ROUNDS; <!-- documents also SHA_CRYPT_MAX_ROUNDS-->
+    </variablelist>
+    <variablelist>
+      &SUB_GID_COUNT; <!-- documents also SUB_GID_MAX and SUB_GID_MIN -->
+      &SUB_UID_COUNT; <!-- documents also SUB_UID_MAX and SUB_UID_MIN -->
+      &SYS_GID_MAX; <!-- documents also SYS_GID_MIN -->
+      &SYS_UID_MAX; <!-- documents also SYS_UID_MIN -->
+      &UID_MAX; <!-- documents also UID_MIN -->
+      &UMASK;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="gshadow">
+	<term><filename>/etc/gshadow</filename></term>
+	<listitem>
+	  <para>Secure group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/login.defs</filename></term>
+	<listitem>
+	  <para>Shadow password suite configuration.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="pam">
+	<term><filename>/etc/pam.d/newusers</filename></term>
+	<listitem>
+	  <para>PAM configuration for <command>newusers</command>.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="subids">
+	<term><filename>/etc/subgid</filename></term>
+	<listitem>
+	  <para>Per user subordinate group IDs.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="subids">
+	<term><filename>/etc/subuid</filename></term>
+	<listitem>
+	  <para>Per user subordinate user IDs.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <phrase condition="subids">
+	<citerefentry>
+	  <refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum>
+	</citerefentry>,
+	<citerefentry>
+	  <refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum>
+	</citerefentry>,
+      </phrase>
+      <citerefentry>
+	<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/nologin.8.xml b/man/nologin.8.xml
new file mode 100644
index 0000000..ae355d3
--- /dev/null
+++ b/man/nologin.8.xml
@@ -0,0 +1,95 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1993       , The Regents of the University of California
+   Copyright (c) 2006 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='nologin.8'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>nologin</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>nologin</refname>
+    <refpurpose>politely refuse a login</refpurpose>
+  </refnamediv>
+  <!-- body begins here -->
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>nologin</command>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>nologin</command> command displays a message that an account
+      is not available and exits non-zero. It is intended as a replacement shell
+      field for accounts that have been disabled.
+    </para>
+    <para>
+      To disable all logins, investigate
+      <citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+
+  <refsect1 id='history'>
+    <title>HISTORY</title>
+    <para>
+      The <command>nologin</command> command appeared in BSD 4.4.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/passwd.1.xml b/man/passwd.1.xml
new file mode 100644
index 0000000..e678448
--- /dev/null
+++ b/man/passwd.1.xml
@@ -0,0 +1,510 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1989 - 1994, Julianne Frances Haugh
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY ENCRYPT_METHOD        SYSTEM "login.defs.d/ENCRYPT_METHOD.xml">
+<!ENTITY MD5_CRYPT_ENAB        SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
+<!ENTITY OBSCURE_CHECKS_ENAB   SYSTEM "login.defs.d/OBSCURE_CHECKS_ENAB.xml">
+<!ENTITY PASS_ALWAYS_WARN      SYSTEM "login.defs.d/PASS_ALWAYS_WARN.xml">
+<!ENTITY PASS_CHANGE_TRIES     SYSTEM "login.defs.d/PASS_CHANGE_TRIES.xml">
+<!ENTITY PASS_MAX_LEN          SYSTEM "login.defs.d/PASS_MAX_LEN.xml">
+<!ENTITY SHA_CRYPT_MIN_ROUNDS  SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='passwd.1'>
+  <!--  $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1989</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>passwd</refentrytitle>
+    <manvolnum>1</manvolnum>
+    <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>passwd</refname>
+    <refpurpose>change user password</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>passwd</command>
+      <arg choice='opt'>
+	<replaceable>options</replaceable>
+      </arg>
+      <arg choice='opt'>
+        <replaceable>LOGIN</replaceable>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>passwd</command> command changes passwords for user accounts.
+      A normal user may only change the password for his/her own account, while
+      the superuser may change the password for any account.
+      <command>passwd</command> also changes the account or associated
+      password validity period.
+    </para>
+
+    <refsect2 id='password_changes'>
+      <title>Password Changes</title>
+      <para>
+	The user is first prompted for his/her old password, if one is
+	present. This password is then encrypted and compared against the
+	stored password. The user has only one chance to enter the correct
+	password. The superuser is permitted to bypass this step so that
+	forgotten passwords may be changed.
+      </para>
+
+      <para>
+	After the password has been entered, password aging information is
+	checked to see if the user is permitted to change the password at
+	this time. If not, <command>passwd</command> refuses to change the
+	password and exits.
+      </para>
+
+      <para>
+	The user is then prompted twice for a replacement password. The
+	second entry is compared against the first and both are required to
+	match in order for the password to be changed.
+      </para>
+
+      <para>
+	Then, the password is tested for complexity. As a general guideline,
+	passwords should consist of 6 to 8 characters including one or more
+	characters from each of the following sets:
+      </para>
+
+      <itemizedlist mark='bullet'>
+	<listitem>
+	  <para>lower case alphabetics</para>
+	</listitem>
+	<listitem>
+	  <para>digits 0 thru 9</para>
+	</listitem>
+	<listitem>
+	  <para>punctuation marks</para>
+	</listitem>
+      </itemizedlist>
+
+      <para>
+	Care must be taken not to include the system default erase or kill
+	characters. <command>passwd</command> will reject any password which
+	is not suitably complex.
+      </para>
+
+    </refsect2>
+
+    <refsect2 id='hints_for_user_passwords'>
+      <title>Hints for user passwords</title>
+      <para>
+	The security of a password depends upon the strength of the
+	encryption algorithm and the size of the key space. The legacy
+	<emphasis>UNIX</emphasis> System encryption method is based on the
+	NBS DES algorithm. More recent methods are now recommended (see
+	<option>ENCRYPT_METHOD</option>). The size of the key space
+	depends upon the randomness of the password which is selected.
+      </para>
+
+      <para>
+	Compromises in password security normally result from careless
+	password selection or handling. For this reason, you should not
+	select a password which appears in a dictionary or which must be
+	written down. The password should also not be a proper name, your
+	license number, birth date, or street address. Any of these may be
+	used as guesses to violate system security.
+      </para>
+
+      <para>
+	You can find advice on how to choose a strong password on
+	http://en.wikipedia.org/wiki/Password_strength
+      </para>
+    </refsect2>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>passwd</command> command are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-a</option>, <option>--all</option>
+	</term>
+	<listitem>
+	  <para>
+	    This option can be used only with <option>-S</option> and causes show
+	    status for all users.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-d</option>, <option>--delete</option>
+	</term>
+	<listitem>
+	  <para>
+	    Delete a user's password (make it empty). This is a quick way
+	    to disable a password for an account. It will set the named
+	    account passwordless.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-e</option>, <option>--expire</option>
+	</term>
+	<listitem>
+	  <para>
+	    Immediately expire an account's password. This in effect can
+	    force a user to change his/her password at the user's next login.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    This option is used to disable an account after the password has
+	    been expired for a number of days. After a user account has had
+	    an expired password for <replaceable>INACTIVE</replaceable>
+	    days, the user may no longer sign on to the account.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-k</option>, <option>--keep-tokens</option>
+	</term>
+	<listitem>
+	  <para>
+	    Indicate password change should be performed only for expired
+	    authentication tokens (passwords). The user wishes to keep their
+	    non-expired tokens as before.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-l</option>, <option>--lock</option>
+	</term>
+	<listitem>
+	  <para>
+	    Lock the password of the named account. This option disables a
+	    password by changing it to a value which matches no possible
+	    encrypted value (it adds a ´!´ at the beginning of the
+	    password).
+	  </para>
+	  <para>
+	    Note that this does not disable the account. The user may
+	    still be able to login using another authentication token
+	    (e.g. an SSH key). To disable the account, administrators
+	    should use <command>usermod --expiredate 1</command> (this set
+	    the account's expire date to Jan 2, 1970).
+	  </para>
+	  <para>
+	    Users with a locked password are not allowed to change their
+	    password.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Set the minimum number of days between password changes to
+	    <replaceable>MIN_DAYS</replaceable>. A value of zero for this field
+	    indicates that the user may change his/her password at any time.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-q</option>, <option>--quiet</option>
+	</term>
+	<listitem>
+	  <para>
+	    Quiet mode.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-r</option>, <option>--repository</option>&nbsp;<replaceable>REPOSITORY</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    change password in <replaceable>REPOSITORY</replaceable> repository
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-S</option>, <option>--status</option>
+	</term>
+	<listitem>
+	  <para>
+	    Display account status information. The status information
+	    consists of 7 fields. The first field is the user's login name. 
+	    The second field indicates if the user account has a locked
+	    password (L),
+	    has no password (NP), or has a usable password (P). The third
+	    field gives the date of the last password change. The next four
+	    fields are the minimum age, maximum age, warning period, and
+	    inactivity period for the password. These ages are expressed in
+	    days.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-u</option>, <option>--unlock</option>
+	</term>
+	<listitem>
+	  <para>
+	    Unlock the password of the named account. This option
+	    re-enables a password by changing the password back to its
+	    previous value (to the value before using the
+	    <option>-l</option> option).
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-w</option>, <option>--warndays</option>&nbsp;<replaceable>WARN_DAYS</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Set the number of days of warning before a password change is
+	    required. The <replaceable>WARN_DAYS</replaceable> option is
+	    the number of days prior to the password expiring that a user
+	    will be warned that his/her password is about to expire.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Set the maximum number of days a password remains valid. After
+	    <replaceable>MAX_DAYS</replaceable>, the password is required
+	    to be changed.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='caveats'>
+    <title>CAVEATS</title>
+    <para>
+      Password complexity checking may
+      vary from site to site. The user is urged to select a password as
+      complex as he or she feels comfortable with.
+    </para>
+    <para>
+      Users may not be able to 
+      change their password on a system if NIS is enabled and they are not 
+      logged into the NIS server.
+    </para>
+    <para condition="pam">
+      <command>passwd</command> uses PAM to authenticate users and to
+      change their passwords.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration' condition="no_pam">
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &ENCRYPT_METHOD;
+      &MD5_CRYPT_ENAB;
+      &OBSCURE_CHECKS_ENAB;
+      &PASS_ALWAYS_WARN;
+      &PASS_CHANGE_TRIES;
+      &PASS_MAX_LEN; <!-- documents also PASS_MIN_LEN -->
+      &SHA_CRYPT_MIN_ROUNDS;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="no_pam">
+	<term><filename>/etc/login.defs</filename></term>
+	<listitem>
+	  <para>Shadow password suite configuration.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="pam">
+	<term><filename>/etc/pam.d/passwd</filename></term>
+	<listitem>
+	  <para>PAM configuration for <command>passwd</command>.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='exit_values'>
+    <title>EXIT VALUES</title>
+    <para>
+      The <command>passwd</command> command exits with the following values:
+      <variablelist>
+	<varlistentry>
+	  <term><replaceable>0</replaceable></term>
+	  <listitem>
+	    <para>success</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>1</replaceable></term>
+	  <listitem>
+	    <para>permission denied</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>2</replaceable></term>
+	  <listitem>
+	    <para>invalid combination of options</para>
+	    </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>3</replaceable></term>
+	  <listitem>
+	    <para>unexpected failure, nothing done</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>4</replaceable></term>
+	  <listitem>
+	    <para>unexpected failure, <filename>passwd</filename> file missing</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>5</replaceable></term>
+	  <listitem>
+	    <para><filename>passwd</filename> file busy, try again</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>6</replaceable></term>
+	  <listitem>
+	    <para>invalid argument to option</para>
+	  </listitem>
+	</varlistentry>
+      </variablelist>
+    </para>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>chpasswd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <phrase condition="no_pam">
+	<citerefentry>
+	  <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+	</citerefentry>,
+      </phrase>
+      <citerefentry>
+	<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/passwd.5.xml b/man/passwd.5.xml
new file mode 100644
index 0000000..8625dfb
--- /dev/null
+++ b/man/passwd.5.xml
@@ -0,0 +1,206 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1989 - 1990, Julianne Frances Haugh
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='passwd.5'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1989</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>passwd</refentrytitle>
+    <manvolnum>5</manvolnum>
+    <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>passwd</refname>
+    <refpurpose>the password file</refpurpose>
+  </refnamediv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      <filename>/etc/passwd</filename> contains one line for each
+      user account, with seven fields delimited by colons
+      (<quote>:</quote>).
+      These fields are:
+    </para>
+    <itemizedlist mark='bullet'>
+      <listitem>
+	<para>login name</para>
+      </listitem>
+      <listitem>
+	<para>optional encrypted password</para>
+      </listitem>
+      <listitem>
+	<para>numerical user ID</para>
+      </listitem>
+      <listitem>
+	<para>numerical group ID</para>
+      </listitem>
+      <listitem>
+	<para>user name or comment field</para>
+      </listitem>
+      <listitem>
+	<para>user home directory</para>
+      </listitem>
+      <listitem>
+	<para>optional user command interpreter</para>
+      </listitem>
+    </itemizedlist>
+
+    <para>
+      The encrypted password field may be blank, in which case no password
+      is required to authenticate as the specified login name. However,
+      some applications which read the <filename>/etc/passwd</filename> file
+      may decide not to permit <emphasis>any</emphasis> access at all if the
+      <emphasis>password</emphasis> field is blank. If the
+      <emphasis>password</emphasis> field is a lower-case <quote>x</quote>,
+      then the encrypted password is actually stored in the
+      <citerefentry><refentrytitle>shadow</refentrytitle>
+      <manvolnum>5</manvolnum></citerefentry> file instead; there
+      <emphasis>must</emphasis> be a corresponding line in the
+      <filename>/etc/shadow</filename> file, or else the user account is invalid. 
+      If the <emphasis>password</emphasis> field is any other string, then
+      it will be treated as an encrypted password, as specified by
+      <citerefentry><refentrytitle>crypt</refentrytitle>
+      <manvolnum>3</manvolnum></citerefentry>.
+
+    </para>
+
+    <para>
+      The comment field is used by various system utilities, such as
+      <citerefentry><refentrytitle>finger</refentrytitle>
+      <manvolnum>1</manvolnum></citerefentry>.
+    </para>
+
+    <para>
+      The home directory field provides the name of the initial working
+      directory. The <command>login</command> program uses this information
+      to set the value of the <envar>$HOME</envar> environmental variable.
+    </para>
+
+    <para>
+      The command interpreter field provides the name of the user's command
+      language interpreter, or the name of the initial program to execute. 
+      The <command>login</command> program uses this information to set the
+      value of the <envar>$SHELL</envar> environmental variable. If this
+      field is empty, it defaults to the value <filename>/bin/sh</filename>.
+    </para>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>optional encrypted password file</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/passwd-</filename></term>
+	<listitem>
+	  <para>Backup file for /etc/passwd.</para>
+	  <para>
+	    Note that this file is used by the tools of the shadow
+	    toolsuite, but not by all user and password management tools.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>getent</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>getpwnam</refentrytitle><manvolnum>3</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>pwunconv</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>sulogin</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/pl/Makefile.am b/man/pl/Makefile.am
new file mode 100644
index 0000000..724d25f
--- /dev/null
+++ b/man/pl/Makefile.am
@@ -0,0 +1,44 @@
+
+mandir = @mandir@/pl
+
+# 2012.01.28 - activate manpages with more than 50% translated messages
+man_MANS = \
+	man1/chage.1 \
+	man1/chsh.1 \
+	man1/expiry.1 \
+	man5/faillog.5 \
+	man8/faillog.8 \
+	man3/getspnam.3 \
+	man8/groupadd.8 \
+	man8/groupdel.8 \
+	man8/groupmems.8 \
+	man8/groupmod.8 \
+	man1/groups.1 \
+	man8/grpck.8 \
+	man8/lastlog.8 \
+	man8/logoutd.8 \
+	man1/newgrp.1 \
+	man1/sg.1 \
+	man3/shadow.3 \
+	man8/userdel.8 \
+	man8/usermod.8 \
+	man8/vigr.8 \
+	man8/vipw.8
+
+man_nopam = \
+	man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+EXTRA_DIST = \
+	$(man_MANS) \
+	man1/id.1
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+include ../generate_translations.mak
+
diff --git a/man/po/LINGUAS b/man/po/LINGUAS
new file mode 100644
index 0000000..1bf026a
--- /dev/null
+++ b/man/po/LINGUAS
@@ -0,0 +1,8 @@
+# LINGUAS
+
+LINGUAS = da de fr it pl ru sv zh_CN
+
+# These variables are generated based on the LINGUAS list
+POFILES = $(patsubst %,$(srcdir)/%.po,$(LINGUAS))
+UPDATEPOFILES = $(patsubst %,%.po-update,$(LINGUAS))
+DUMMYPOFILES = $(patsubst %,%.nop,$(LINGUAS))
diff --git a/man/po/Makefile.in b/man/po/Makefile.in
new file mode 100644
index 0000000..deaa870
--- /dev/null
+++ b/man/po/Makefile.in
@@ -0,0 +1,245 @@
+# Makefile for PO directory in any package using GNU gettext.
+# Copyright (C) 1995-1997, 2000-2006 by Ulrich Drepper <drepper@gnu.ai.mit.edu>
+#
+# This file can be copied and used freely without restrictions.  It can
+# be used in projects which are not available under the GNU General Public
+# License but which still want to provide support for the GNU gettext
+# functionality.
+# Please note that the actual code of GNU gettext is covered by the GNU
+# General Public License and is *not* in the public domain.
+#
+# Origin: gettext-0.16
+# Modified to handle translations with xml2po by Nicolas François - 2007
+
+PACKAGE = @PACKAGE@
+VERSION = @VERSION@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+
+SHELL = /bin/sh
+@SET_MAKE@
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+
+MSGFMT_ = @MSGFMT@
+MSGFMT_no = @MSGFMT@
+MSGFMT_yes = @MSGFMT_015@
+MSGFMT = $(MSGFMT_$(USE_MSGCTXT))
+XGETTEXT_ = @XGETTEXT@
+XGETTEXT_no = @XGETTEXT@
+XGETTEXT_yes = @XGETTEXT_015@
+XGETTEXT = $(XGETTEXT_$(USE_MSGCTXT))
+MSGMERGE = @MSGMERGE@ --previous
+MSGMERGE_UPDATE = @MSGMERGE@ --update --previous
+MSGINIT = msginit
+MSGCONV = msgconv
+MSGFILTER = msgfilter
+
+include $(srcdir)/LINGUAS
+DISTFILES = $(srcdir)/Makevars $(srcdir)/XMLFILES $(srcdir)/LINGUAS $(POFILES)
+
+include $(srcdir)/XMLFILES
+
+include $(srcdir)/Makevars
+
+.SUFFIXES:
+.SUFFIXES: .po .sed .sin .nop .po-create .po-update
+
+remove-potcdate.sin: $(top_srcdir)/po/remove-potcdate.sin
+	cp $? $@
+
+.sin.sed:
+	sed -e '/^#/d' $< > t-$@
+	mv t-$@ $@
+
+all: all-yes
+
+all-yes: stamp-po
+all-no:
+
+# $(srcdir)/$(DOMAIN).pot is only created when needed. When xgettext finds no
+# internationalized messages, no $(srcdir)/$(DOMAIN).pot is created (because
+# we don't want to bother translators with empty POT files). We assume that
+# LINGUAS is empty in this case, i.e. $(POFILES) and $(GMOFILES) are empty.
+# In this case, stamp-po is a nop (i.e. a phony target).
+
+# stamp-po is a timestamp denoting the last time at which the CATALOGS have
+# been loosely updated. Its purpose is that when a developer or translator
+# checks out the package via CVS, and the $(DOMAIN).pot file is not in CVS,
+# "make" will update the $(DOMAIN).pot and the $(CATALOGS), but subsequent
+# invocations of "make" will do nothing. This timestamp would not be necessary
+# if updating the $(CATALOGS) would always touch them; however, the rule for
+# $(POFILES) has been designed to not touch files that don't need to be
+# changed.
+stamp-po: $(srcdir)/$(DOMAIN).pot
+	@test ! -f $(srcdir)/$(DOMAIN).pot || { \
+	  echo "touch stamp-po" && \
+	  echo timestamp > stamp-poT && \
+	  mv stamp-poT stamp-po; \
+	}
+
+# Note: Target 'all' must not depend on target '$(DOMAIN).pot-update',
+# otherwise packages like GCC can not be built if only parts of the source
+# have been downloaded.
+
+# This target rebuilds $(DOMAIN).pot; it is an expensive operation.
+# Note that $(DOMAIN).pot is not touched if it doesn't need to be changed.
+# TODO: set MSGID_BUGS_ADDRESS, COPYRIGHT_HOLDER
+$(DOMAIN).pot-update: $(XMLFILES) $(srcdir)/XMLFILES remove-potcdate.sed
+	@set -e; tmpdir=`pwd`; \
+	echo "cd $(top_srcdir)/man"; \
+	cd $(top_srcdir)/man; \
+	echo "xml2po --expand-all-entities -o $$tmpdir/$(DOMAIN).po $(notdir $(XMLFILES))"; \
+	xml2po --expand-all-entities -o $$tmpdir/$(DOMAIN).po $(notdir $(XMLFILES)); \
+	cd $$tmpdir
+	test ! -f $(DOMAIN).po || { \
+	  if test -f $(srcdir)/$(DOMAIN).pot; then \
+	    sed -f remove-potcdate.sed < $(srcdir)/$(DOMAIN).pot > $(DOMAIN).1po && \
+	    sed -f remove-potcdate.sed < $(DOMAIN).po > $(DOMAIN).2po && \
+	    if cmp $(DOMAIN).1po $(DOMAIN).2po >/dev/null 2>&1; then \
+	      rm -f $(DOMAIN).1po $(DOMAIN).2po $(DOMAIN).po; \
+	    else \
+	      rm -f $(DOMAIN).1po $(DOMAIN).2po $(srcdir)/$(DOMAIN).pot && \
+	      mv $(DOMAIN).po $(srcdir)/$(DOMAIN).pot; \
+	    fi; \
+	  else \
+	    mv $(DOMAIN).po $(srcdir)/$(DOMAIN).pot; \
+	  fi; \
+	}
+
+# This rule has no dependencies: we don't need to update $(DOMAIN).pot at
+# every "make" invocation, only create it when it is missing.
+# Only "make $(DOMAIN).pot-update" or "make dist" will force an update.
+$(srcdir)/$(DOMAIN).pot:
+	$(MAKE) $(DOMAIN).pot-update
+
+# This target rebuilds a PO file if $(DOMAIN).pot has changed.
+# Note that a PO file is not touched if it doesn't need to be changed.
+$(POFILES): $(srcdir)/$(DOMAIN).pot
+	@lang=`echo $@ | sed -e 's,.*/,,' -e 's/\.po$$//'`; \
+	if test -f "$(srcdir)/$${lang}.po"; then \
+	  test "$(srcdir)" = . && cdcmd="" || cdcmd="cd $(srcdir) && "; \
+	  echo "$${cdcmd}$(MSGMERGE_UPDATE) $${lang}.po $(DOMAIN).pot"; \
+	  cd $(srcdir) && $(MSGMERGE_UPDATE) $${lang}.po $(DOMAIN).pot; \
+	else \
+	  $(MAKE) $${lang}.po-create; \
+	fi
+
+
+install: install-exec install-data
+install-exec:
+install-data:
+
+install-strip: install
+
+installdirs: installdirs-exec installdirs-data
+installdirs-exec:
+installdirs-data:
+
+# Define this as empty until I found a useful application.
+installcheck:
+
+uninstall: uninstall-exec uninstall-data
+uninstall-exec:
+uninstall-data:
+
+check: all
+
+info dvi ps pdf html tags TAGS ctags CTAGS ID:
+
+mostlyclean:
+	rm -f remove-potcdate.sed remove-potcdate.sin
+	rm -f stamp-poT
+	rm -f core core.* $(DOMAIN).po $(DOMAIN).1po $(DOMAIN).2po *.new.po
+
+clean: mostlyclean
+
+distclean: clean
+	rm -f Makefile
+
+maintainer-clean: distclean
+	@echo "This command is intended for maintainers to use;"
+	@echo "it deletes files that may require special tools to rebuild."
+	rm -f stamp-po
+
+distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
+dist distdir:
+	$(MAKE) update-po
+	@$(MAKE) dist2
+# This is a separate target because 'update-po' must be executed before.
+dist2: stamp-po $(DISTFILES)
+	dists="$(DISTFILES)"; \
+	if test -f $(srcdir)/$(DOMAIN).pot; then \
+	  dists="$$dists $(DOMAIN).pot stamp-po"; \
+	fi; \
+	if test -f $(srcdir)/ChangeLog; then \
+	  dists="$$dists ChangeLog"; \
+	fi; \
+	for i in 0 1 2 3 4 5 6 7 8 9; do \
+	  if test -f $(srcdir)/ChangeLog.$$i; then \
+	    dists="$$dists ChangeLog.$$i"; \
+	  fi; \
+	done; \
+	for file in $$dists; do \
+	  if test -f $$file; then \
+	    cp -p $$file $(distdir) || exit 1; \
+	  else \
+	    cp -p $(srcdir)/$$file $(distdir) || exit 1; \
+	  fi; \
+	done
+
+update-po: Makefile
+	$(MAKE) $(DOMAIN).pot-update
+	test -z "$(UPDATEPOFILES)" || $(MAKE) $(UPDATEPOFILES)
+
+# General rule for creating PO files.
+
+.nop.po-create:
+	@lang=`echo $@ | sed -e 's/\.po-create$$//'`; \
+	echo "File $$lang.po does not exist. If you are a translator, you can create it through 'msginit'." 1>&2; \
+	exit 1
+
+# General rule for updating PO files.
+
+.nop.po-update:
+	@lang=`echo $@ | sed -e 's/\.po-update$$//'`; \
+	tmpdir=`pwd`; \
+	echo "$$lang:"; \
+	test "$(srcdir)" = . && cdcmd="" || cdcmd="cd $(srcdir) && "; \
+	echo "$${cdcmd}$(MSGMERGE) $$lang.po $(DOMAIN).pot -o $$lang.new.po"; \
+	cd $(srcdir); \
+	if $(MSGMERGE) $$lang.po $(DOMAIN).pot -o $$tmpdir/$$lang.new.po; then \
+	  if cmp $$lang.po $$tmpdir/$$lang.new.po >/dev/null 2>&1; then \
+	    rm -f $$tmpdir/$$lang.new.po; \
+	  else \
+	    if mv -f $$tmpdir/$$lang.new.po $$lang.po; then \
+	      :; \
+	    else \
+	      echo "msgmerge for $$lang.po failed: cannot move $$tmpdir/$$lang.new.po to $$lang.po" 1>&2; \
+	      exit 1; \
+	    fi; \
+	  fi; \
+	else \
+	  echo "msgmerge for $$lang.po failed!" 1>&2; \
+	  rm -f $$tmpdir/$$lang.new.po; \
+	fi
+
+$(DUMMYPOFILES):
+
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+	@case '$?' in \
+	  *config.status*) \
+	    cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+	  *) \
+	    echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+	    cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+	esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+	cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+# Tell versions [3.59,3.63) of GNU make not to export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/man/po/Makevars b/man/po/Makevars
new file mode 100644
index 0000000..c78c646
--- /dev/null
+++ b/man/po/Makevars
@@ -0,0 +1,27 @@
+# Makefile variables for PO directory in any package using GNU gettext.
+
+# Usually the message domain is the same as the package name.
+DOMAIN = $(PACKAGE)-man-pages
+
+# These two variables depend on the location of this directory.
+subdir = man/po
+top_builddir = ../..
+
+# These options get passed to xgettext.
+XGETTEXT_OPTIONS = --keyword=_ --keyword=N_ --no-location
+
+# This is the copyright holder that gets inserted into the header of the
+# $(DOMAIN).pot file.  Set this to the copyright holder of the surrounding
+# package.  (Note that the msgstr strings, extracted from the package's
+# sources, belong to the copyright holder of the package.)  Translators are
+# expected to transfer the copyright for their translations to this person
+# or entity, or to disclaim their copyright.  The empty string stands for
+# the public domain; in this case the translators are expected to disclaim
+# their copyright.
+COPYRIGHT_HOLDER = Free Software Foundation, Inc.
+
+# This is the list of locale categories, beyond LC_MESSAGES, for which the
+# message catalogs shall be used.  It is usually empty.
+EXTRA_LOCALE_CATEGORIES =
+
+MSGID_BUGS_ADDRESS = pkg-shadow-devel@lists.alioth.debian.org
diff --git a/man/po/XMLFILES b/man/po/XMLFILES
new file mode 100644
index 0000000..de7925d
--- /dev/null
+++ b/man/po/XMLFILES
@@ -0,0 +1,42 @@
+# List of xml which contain translatable strings.
+XMLFILES = \
+	$(top_srcdir)/man/chage.1.xml \
+	$(top_srcdir)/man/chfn.1.xml \
+	$(top_srcdir)/man/chgpasswd.8.xml \
+	$(top_srcdir)/man/chpasswd.8.xml \
+	$(top_srcdir)/man/chsh.1.xml \
+	$(top_srcdir)/man/expiry.1.xml \
+	$(top_srcdir)/man/faillog.5.xml \
+	$(top_srcdir)/man/faillog.8.xml \
+	$(top_srcdir)/man/gpasswd.1.xml \
+	$(top_srcdir)/man/groupadd.8.xml \
+	$(top_srcdir)/man/groupdel.8.xml \
+	$(top_srcdir)/man/groupmems.8.xml \
+	$(top_srcdir)/man/groupmod.8.xml \
+	$(top_srcdir)/man/groups.1.xml \
+	$(top_srcdir)/man/grpck.8.xml \
+	$(top_srcdir)/man/gshadow.5.xml \
+	$(top_srcdir)/man/lastlog.8.xml \
+	$(top_srcdir)/man/limits.5.xml \
+	$(top_srcdir)/man/login.1.xml \
+	$(top_srcdir)/man/login.access.5.xml \
+	$(top_srcdir)/man/login.defs.5.xml \
+	$(top_srcdir)/man/logoutd.8.xml \
+	$(top_srcdir)/man/newgrp.1.xml \
+	$(top_srcdir)/man/newusers.8.xml \
+	$(top_srcdir)/man/nologin.8.xml \
+	$(top_srcdir)/man/passwd.1.xml \
+	$(top_srcdir)/man/passwd.5.xml \
+	$(top_srcdir)/man/porttime.5.xml \
+	$(top_srcdir)/man/pwck.8.xml \
+	$(top_srcdir)/man/pwconv.8.xml \
+	$(top_srcdir)/man/shadow.3.xml \
+	$(top_srcdir)/man/shadow.5.xml \
+	$(top_srcdir)/man/sg.1.xml \
+	$(top_srcdir)/man/su.1.xml \
+	$(top_srcdir)/man/suauth.5.xml \
+	$(top_srcdir)/man/useradd.8.xml \
+	$(top_srcdir)/man/userdel.8.xml \
+	$(top_srcdir)/man/usermod.8.xml \
+	$(top_srcdir)/man/vipw.8.xml
+
diff --git a/man/po/da.po b/man/po/da.po
new file mode 100644
index 0000000..8930267
--- /dev/null
+++ b/man/po/da.po
@@ -0,0 +1,8140 @@
+# Danish translation shadow-man.
+# Copyright (C) 2012 Free Software Foundation, Inc.
+# This file is distributed under the same license as the shadow package.
+# Joe Hansen (joedalton2@yahoo.dk), 2012.
+#
+# konventioner:
+# audit -> overvågning
+# entry, entries -> punkt, punkter
+# exist -> findes
+# Home Phone -> telefon (telefonnr. hvor det er mere præcist)
+# locktime -> låsetid
+# mapping -> oversættelse eller kortlægning?
+# quiet -> tavs
+# record -> post
+# scratch -> scratch
+# shadow -> skygge
+# stat -> køre stat
+# unlock -> åbne
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow-man\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2013-08-23 01:35+0200\n"
+"Last-Translator: Joe Hansen <joedalton2@yahoo.dk>\n"
+"Language-Team: Danish <debian-l10n-danish@lists.debian.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr ""
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr ""
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr ""
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr ""
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname)
+#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname)
+#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname)
+#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname)
+#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname)
+#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr ""
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr ""
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib)
+#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib)
+#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib)
+#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib)
+#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib)
+#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib)
+#: chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr ""
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr ""
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname)
+#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname)
+#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname)
+#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname)
+#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname)
+#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname)
+#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr ""
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr ""
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib)
+#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib)
+#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib)
+#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib)
+#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib)
+#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib)
+#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr ""
+
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "Kommandoer for systemhåndtering"
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+msgid "shadow-utils"
+msgstr "shadow-utils"
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr ""
+"rediger adgangskoden, gruppe, shadow-adgangskode- eller shadow-gruppe-fil"
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable)
+#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable)
+#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable)
+#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable)
+#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable)
+#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable)
+#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "tilvalg"
+
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "BESKRIVELSE"
+
+#: vipw.8.xml:90(para)
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Kommandoerne <command>vipw</command> og <command>vigr</command> redigerer "
+"filerne <filename>/etc/passwd</filename> og <filename>/etc/group</filename>, "
+"respektivt. Med flaget <option>-s</option> vil de redigere versionerne for "
+"Shadow for disse filer, <filename>/etc/shadow</filename> og <filename>/etc/"
+"gshadow</filename>, respektivt. Programmerne vil sætte de passende låse for "
+"at forhindre filødelæggelse. Når der kigges efter et redigerngsprogram, så "
+"vil programmet øfrst forsøge med miljøvariablen <envar>$VISUAL</envar>, "
+"derefter miljøvariablen <envar>$EDITOR</envar>, og endelig "
+"standardredigeringsprogrammet, <citerefentry><refentrytitle>vi</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title)
+#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title)
+#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title)
+#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "TILVALG"
+
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr ""
+"Tilvalgene som gælder for kommandoerne <command>vipw</command> og "
+"<command>vigr</command> er:"
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "Rediger gruppedatabase."
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "Vis hjælpeteksten og afslut."
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "Rediger passwd-database."
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "Stille tilstand."
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+"Brug ændringer i mappen <replaceable>CHROOT_DIR</replaceable> og brug "
+"konfigurationsfilerne fra mappen <replaceable>CHROOT_DIR</replaceable>."
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "Rediger shadow- eller gshadow-database."
+
+#: vipw.8.xml:156(term)
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr "Indikerer hvilken brugers tcb-shadowfil at redigere."
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title)
+#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title)
+#: chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr "KONFIGURATION"
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+"De følgende konfigurationsvariabler i <filename>/etc/login.defs</filename> "
+"ændrer opførelsen for dette værktøj:"
+
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "<option>USE_TCB</option> (boolesk)"
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"Hvis <replaceable>ja</replaceable>, så vil skemaet for adgangskodeskygge "
+"<citerefentry><refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry> blive brugt."
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr "MILJØ"
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr "VISUEL"
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr "Redigeringsprogram der skal bruges."
+
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr "REDIGERINGSPROGRAM"
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr ""
+"Redigeringsprogram der skal bruges hvis <option>VISUAL</option> ikke er "
+"angivet."
+
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title)
+#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title)
+#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title)
+#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title)
+#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title)
+#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title)
+#: chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr "FILER"
+
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename)
+#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename)
+#: grpck.8.xml:224(filename) groups.1.xml:103(filename)
+#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename)
+#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename)
+#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename)
+#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "Information om gruppekonto."
+
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "Information om sikret gruppekonto."
+
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "Information om brugerkonto."
+
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "Information om sikret brugerkonto."
+
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "SE OGSÃ…"
+
+#: vipw.8.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gruppe</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr ""
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname)
+#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname)
+#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname)
+#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname)
+#: groups.1.xml:40(surname) groupmod.8.xml:41(surname)
+#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname)
+#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname)
+#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname)
+#: chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr ""
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr ""
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "ændre en brugerkonto"
+
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "LOGIND"
+
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"Kommandoen <command>usermod</command> ændrer systemkontofilerne så de "
+"reflekterer ændringerne som angives på kommandolinjen."
+
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr ""
+"Tilvalgene som kan bruges for kommandoen <command>usermod</command> er:"
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--append</option>"
+
+#: usermod.8.xml:104(para)
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr ""
+"Tilføj brugeren til de supplementære grupper. Brug kun med tilvalget "
+"<option>-G</option>."
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>KOMMENTAR</"
+"replaceable>"
+
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"Den nye værdi for brugerens kommentar kommentarfelt i adgangskodefilen. Den "
+"ændres normalt med redskabet <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: usermod.8.xml:124(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home-dir</option>&nbsp;"
+#| "<replaceable>HOME_DIR</replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;"
+"<replaceable>HJEMMEMAPPE</replaceable>"
+
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr "Brugerens nye logindmappe."
+
+#: usermod.8.xml:131(para)
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+"Hvis tilvalget <option>-m</option> er angivet, vil indholdet af den aktuelle "
+"hjemmemappe blive flyttet til den nye hjemmemappe, som oprettes hvis denne "
+"ikke allerede findes."
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>UDLØBSDATO</replaceable>"
+
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+"Datoen hvorpå brugerkontoen vil blive deaktiveret. Datoen er angivet i "
+"formatet <emphasis remap=\"I\">Ã…Ã…Ã…Ã…-MM-DD</emphasis>."
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr ""
+"Et tomt argument for <replaceable>UDLØBSDATO</replaceable> vil deaktivere "
+"udløb for kontoen."
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+"Dette tilvalg kræver en <filename>/etc/shadow</filename>-fil. Et <filename>/"
+"etc/shadow</filename>-punkt vil blive oprettet hvis et sådant ikke fandtes."
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: usermod.8.xml:164(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr ""
+"Antallet af dage fra en adgangskode udløber til kontoen bliver permanent "
+"deaktiveret."
+
+#: usermod.8.xml:168(para)
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr ""
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+
+#: usermod.8.xml:185(para)
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr ""
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr ""
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr ""
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+
+#: usermod.8.xml:204(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+
+#: usermod.8.xml:211(para)
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+
+#: usermod.8.xml:220(term)
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+
+#: usermod.8.xml:224(para)
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr ""
+
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+
+#: usermod.8.xml:253(term)
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr ""
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr ""
+
+#: usermod.8.xml:261(para)
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr ""
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr ""
+
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr ""
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr ""
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr ""
+
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr ""
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr ""
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr ""
+
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+
+#: usermod.8.xml:384(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-f</option>, <option>--inactive</option>&nbsp;"
+#| "<replaceable>INACTIVE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+
+#: usermod.8.xml:402(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-e</option>, <option>--expiredate</option>&nbsp;"
+#| "<replaceable>EXPIRE_DATE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>UDLØBSDATO</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subuids</option> and <option>--add-"
+"subuids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+
+#: usermod.8.xml:422(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-f</option>, <option>--inactive</option>&nbsp;"
+#| "<replaceable>INACTIVE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+
+#: usermod.8.xml:440(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-e</option>, <option>--expiredate</option>&nbsp;"
+#| "<replaceable>EXPIRE_DATE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>UDLØBSDATO</replaceable>"
+
+#: usermod.8.xml:444(para)
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subgids</option> and <option>--add-"
+"subgids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr ""
+
+#: usermod.8.xml:467(para)
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title)
+#: faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr ""
+
+#: usermod.8.xml:479(para)
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux. On other platforms it only "
+"uses utmp to check if the user is logged in."
+msgstr ""
+
+#: usermod.8.xml:486(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr ""
+
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr ""
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr ""
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr ""
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr ""
+
+#. Note: on HP, split groups have the same ID, but different
+#.                names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr ""
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>GID_MIN</option> (number)"
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (nummer)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>GID_MAX</option> (number)"
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (nummer)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>GID_MIN</option> (number)"
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "<option>GID_MIN</option> (nummer)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+#| "option>) is 1000 (resp. 60000)."
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Standardværdien for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) er 1000 (resp. 60000)."
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>GID_MIN</option> (number)"
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (nummer)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>GID_MAX</option> (number)"
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (nummer)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>GID_MIN</option> (number)"
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "<option>GID_MIN</option> (nummer)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+#| "option>) is 1000 (resp. 60000)."
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Standardværdien for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) er 1000 (resp. 60000)."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr ""
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+"  use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+"  kilos = UID / 1000\n"
+"  use /etc/tcb/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+"  megas = UID / 1000000\n"
+"  kilos = ( UID / megas * 1000000 ) / 1000\n"
+"  use /etc/tcb/:megas/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+"      "
+msgstr ""
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr ""
+
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr ""
+
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+#: usermod.8.xml:562(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry condition=\"tcb"
+#| "\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+#| "condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gruppe</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr ""
+
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr ""
+
+#: userdel.8.xml:85(para)
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr ""
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr ""
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr ""
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr ""
+
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+
+#: userdel.8.xml:158(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr ""
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr ""
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr ""
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr ""
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+"      "
+msgstr ""
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr ""
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr ""
+
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr ""
+
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr ""
+
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum)
+#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr ""
+
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr ""
+
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr ""
+
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr ""
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr ""
+
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr ""
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr ""
+
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr ""
+
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr ""
+
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr ""
+
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr ""
+
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr ""
+
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr ""
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+
+#: userdel.8.xml:309(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry condition=\"tcb"
+#| "\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+#| "condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gruppe</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr ""
+
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr ""
+
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr ""
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+
+#: useradd.8.xml:133(para)
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr ""
+
+#: useradd.8.xml:162(term)
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;"
+"<replaceable>HJEMMEMAPPE</replaceable>"
+
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+
+#: useradd.8.xml:178(term)
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr ""
+
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr ""
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+
+#: useradd.8.xml:209(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+
+#: useradd.8.xml:228(para)
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+
+#: useradd.8.xml:272(term)
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+
+#: useradd.8.xml:281(para)
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr ""
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr ""
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+
+#: useradd.8.xml:301(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password aging, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+
+#: useradd.8.xml:322(term)
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr ""
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr ""
+
+#: useradd.8.xml:327(para)
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr ""
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+
+#: useradd.8.xml:353(term)
+#, fuzzy
+#| msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr "<option>-c</option>, <option>--crypt-method</option>"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+
+#: useradd.8.xml:366(term)
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr ""
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr ""
+
+#: useradd.8.xml:390(para)
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr ""
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr ""
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr ""
+
+#: useradd.8.xml:425(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+
+#: useradd.8.xml:434(para)
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such a user, regardless of the default setting in <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-"
+"m</option> options if you want a home directory for a system account to be "
+"created."
+msgstr ""
+
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+
+#: useradd.8.xml:482(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr ""
+
+#: useradd.8.xml:489(term)
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr ""
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr ""
+
+#: useradd.8.xml:510(para)
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr ""
+
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr ""
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr ""
+"Antallet af dage efter en adgangskode er udløbet før kontoen vil blive "
+"deaktiveret."
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Dette tilvalg sætter variablen <option>INACTIVE</option> i <filename>/etc/"
+"default/useradd</filename>."
+
+#: useradd.8.xml:579(para)
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr "Navnet på en ny brugers logindskal."
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr ""
+
+#: useradd.8.xml:615(para)
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+
+#: useradd.8.xml:624(para)
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Du kan ikke tilføje en bruger til en NIS eller LDAP-gruppe. Dette skal "
+"udføres på den tilsvarende server."
+
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+
+#: useradd.8.xml:635(para)
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr "Brugernavne må kun være op til 32 tegn lange."
+
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "<option>CREATE_HOME</option> (boolesk)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr ""
+"Indikerer om en hjemmemappe skal oprettes som standard for nye brugere."
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr ""
+"Denne indstilling gælder ikke for systembrugere og kan overskrives på "
+"kommandolinjen."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+msgid "<option>GID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (nummer)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+msgid "<option>GID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (nummer)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"Standardværdien for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) er 1000 (resp. 60000)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr ""
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>UID_MAX</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>UID_MIN</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+msgid "<option>UMASK</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr ""
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr "Standardværdier for kontooprettelse."
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr "Mappe indeholdende standardfiler."
+
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "Ugyldigt argument for tilvalg"
+
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "UID er allerede i brug (og intet <option>-o</option>)"
+
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr "angivet gruppe findes ikke"
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr "brugernavn er allerede i brug"
+
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr "kan ikke oprette hjemmemappe"
+
+#: useradd.8.xml:794(replaceable)
+#, fuzzy
+#| msgid "4"
+msgid "14"
+msgstr "4"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr ""
+
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandoen <command>useradd</command> findes med de følgende værdier: "
+"<placeholder-1/>"
+
+#: useradd.8.xml:805(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry condition=\"tcb"
+#| "\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+#| "condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gruppe</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr ""
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr ""
+
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr ""
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr ""
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      1) the user su is targeting\n"
+"    "
+msgstr ""
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr ""
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      to-id:from-id:ACTION\n"
+"    "
+msgstr ""
+
+#: suauth.5.xml:101(para)
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+
+#: suauth.5.xml:107(para)
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is necessary."
+msgstr ""
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr ""
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr ""
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr ""
+
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr ""
+
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr ""
+
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr ""
+
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr ""
+
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr ""
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      # sample /etc/suauth file\n"
+"      #\n"
+"      # A couple of privileged usernames may\n"
+"      # su to root with their own password.\n"
+"      #\n"
+"      root:chris,birddog:OWNPASS\n"
+"      #\n"
+"      # Anyone else may not su to root unless in\n"
+"      # group wheel. This is how BSD does things.\n"
+"      #\n"
+"      root:ALL EXCEPT GROUP wheel:DENY\n"
+"      #\n"
+"      # Perhaps terry and birddog are accounts\n"
+"      # owned by the same person.\n"
+"      # Access can be arranged between them\n"
+"      # with no password.\n"
+"      #\n"
+"      terry:birddog:NOPASS\n"
+"      birddog:terry:NOPASS\n"
+"      #\n"
+"    "
+msgstr ""
+
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr ""
+
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr ""
+
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib)
+#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr ""
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr ""
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr ""
+
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr ""
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr ""
+
+#: su.1.xml:100(para)
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+"Du kan bruge argumentet <option>--</option> til at adskille <command>su</"
+"command>-tilvalg fra argumenterne angivet til skallen."
+
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+"Brugeren vil blive spurgt om sin adgangskode, hvis det er relevant. Ugyldige "
+"adgangskoder vil medføre en fejlbesked. Alle forsøg, både gyldige og "
+"ugyldige, logges for at deteketere misbrug af systemet."
+
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr ""
+
+#: su.1.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr ""
+
+#: su.1.xml:158(para)
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr ""
+
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr ""
+
+#: su.1.xml:176(para)
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr ""
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr "Skallen angivet med --shell."
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr ""
+
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr ""
+
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr ""
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr ""
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+"Hvis målbrugeren har en begrænset skal, så har dette tilvalg ingen effekt "
+"(med mindre <command>su</command> kaldes af root)."
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr ""
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr ""
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr ""
+"Hvis ikke defineret så vil administrator (root) være tilladt på alle enheder"
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr "Enheden skal angives uden præfikset /dev/."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr ""
+"Indiker om logind er tilladt, hvis vi ikke kan cd til hjemmemappen. "
+"Standarden er nej."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "<option>ENV_HZ</option> (streng)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_PATH</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_TZ</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr ""
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SU_NAME</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr ""
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr ""
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr ""
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr ""
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr ""
+
+#: su.1.xml:422(replaceable)
+msgid "126"
+msgstr ""
+
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr ""
+
+#: su.1.xml:428(replaceable)
+msgid "127"
+msgstr ""
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr ""
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:439(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr ""
+
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr ""
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr ""
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr ""
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr ""
+
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr ""
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr ""
+
+#: sg.1.xml:141(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr ""
+
+#: shadow.5.xml:65(refpurpose)
+msgid "shadowed password file"
+msgstr ""
+
+#: shadow.5.xml:70(para)
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr ""
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr ""
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr ""
+
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr ""
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+
+#: shadow.5.xml:103(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+msgid ""
+"A password field which starts with an exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr ""
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:134(para)
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"password the next time she will log in the system."
+msgstr ""
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr ""
+
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr ""
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr ""
+
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr ""
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr ""
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr ""
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr ""
+
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr ""
+
+#: shadow.5.xml:187(para)
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr ""
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr ""
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr ""
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr ""
+
+#: shadow.5.xml:222(emphasis)
+msgid "account expiration date"
+msgstr ""
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:229(para)
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an account expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr ""
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr ""
+
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr "Dette felt er reserveret for fremtidig brug."
+
+#: shadow.5.xml:270(filename)
+msgid "/etc/shadow-"
+msgstr "/etc/shadow-"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr "Sikkerhedskopi for /etc/shadow."
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+"Bemærk at denne fil bruges af værktøjer fra shodows værktøjssæt, men ikke af "
+"alle håndteringsværktøjer for brugere og adgangskoder."
+
+#: shadow.5.xml:284(para)
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr ""
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr ""
+
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr ""
+
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "SYNTAKS"
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr ""
+
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr ""
+
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr ""
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr ""
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ""
+
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr ""
+
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr ""
+
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr ""
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr ""
+
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr ""
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr ""
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr ""
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr ""
+
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr ""
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr ""
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr ""
+
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid ""
+"struct spwd {\n"
+"      char\t\t*sp_namp; /* user login name */\n"
+"      char\t\t*sp_pwdp; /* encrypted password */\n"
+"      long int\t\tsp_lstchg; /* last password change */\n"
+"      long int\t\tsp_min; /* days until change allowed. */\n"
+"      long int\t\tsp_max; /* days before change required */\n"
+"      long int\t\tsp_warn; /* days warning for expiration */\n"
+"      long int\t\tsp_inact; /* days before account inactive */\n"
+"      long int\t\tsp_expire; /* date when account expires */\n"
+"      unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+"    "
+msgstr ""
+
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr ""
+
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr ""
+
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr ""
+
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr "sp_min - antal dage hvor adgangskode ikke må ændres"
+
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr "sp_max - antal dage hvorefter adgangskode skal ændres"
+
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr "sp_flag - reserveret for fremtidig brug"
+
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr ""
+
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr ""
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr ""
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr ""
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr ""
+
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr ""
+
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+
+#: pwconv.8.xml:188(para)
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+
+#: pwconv.8.xml:263(para)
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr ""
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr ""
+
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr ""
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr ""
+
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr ""
+
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr ""
+
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr ""
+
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr ""
+
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr ""
+
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr ""
+
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr ""
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr ""
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr ""
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr ""
+
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr ""
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr ""
+
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr ""
+
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr ""
+
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr ""
+
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr ""
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr ""
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr ""
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr ""
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+
+#: pwck.8.xml:227(para)
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr ""
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+
+#: pwck.8.xml:243(para)
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"parameter could be replaced by an alternate TCB directory."
+msgstr ""
+
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr ""
+
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr "kan ikke åbne adgangskodefiler"
+
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr "kan ikke låse adgangskodefiler"
+
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr "kan ikke opdatere adgangskodefiler"
+
+#: pwck.8.xml:336(para)
+msgid "can't sort password files"
+msgstr "kan ikke sortere adgangskodefiler"
+
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandoen <command>pwck</command> findes med de følgende værdier: "
+"<placeholder-1/>"
+
+#: pwck.8.xml:345(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr ""
+
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr ""
+
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "EKSEMPLER"
+
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr ""
+
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+msgstr ""
+
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr ""
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr ""
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr ""
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr ""
+
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr ""
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr ""
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr ""
+
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr ""
+
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr ""
+
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr ""
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr ""
+
+#: passwd.5.xml:156(filename)
+msgid "/etc/passwd-"
+msgstr ""
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr ""
+
+#: passwd.5.xml:170(para)
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr ""
+
+#: passwd.1.xml:89(para)
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr ""
+
+#: passwd.1.xml:99(para)
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr ""
+
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr ""
+
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr ""
+
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr ""
+
+#: passwd.1.xml:148(para)
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+
+#: passwd.1.xml:166(para)
+#, fuzzy
+#| msgid ""
+#| "You can find advices on how to choose a strong password on http://en."
+#| "wikipedia.org/wiki/Password_strength"
+msgid ""
+"You can find advice on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+"Du kan finde råd om hvordan du vælger en god adgangskode på http://en."
+"wikipedia.org/wiki/Password_strength"
+
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr "Tilvalgene som gælder for kommandoen <command>passwd</command> er:"
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr ""
+"Dette tilvalg kan kun bruges med <option>-S</option> medfører vis status for "
+"alle brugere."
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+"Slet en brugers adgangskode (gør den tom). Dette er en hurtig måde at "
+"deaktivere en adgangskode for en konto. Den vil sætte den navngivne konto "
+"uden adgangskode."
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr ""
+"Angiv øjeblikkelig en kontos adgangskode som udløbet. Dette kan tvinge en "
+"bruger til at ændre sin adgangskode ved brugerens næste logind."
+
+#: passwd.1.xml:220(term)
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+"Denne indstilling bruges til at deaktivere en konto efter at adgangskoden er "
+"udløbet i et antal dage. Efter at en brugerkonto har haft en udløbet "
+"adgangskode for <replaceable>INAKTIV</replaceable> dage, kan brugeren ikke "
+"længere logge ind på kontoen."
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+#: passwd.1.xml:237(para)
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr ""
+
+#: passwd.1.xml:249(para)
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr ""
+
+#: passwd.1.xml:269(term)
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+
+#: passwd.1.xml:291(term)
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr ""
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr ""
+
+#: passwd.1.xml:317(para)
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr ""
+
+#: passwd.1.xml:335(para)
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+
+#: passwd.1.xml:344(term)
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+
+#: passwd.1.xml:357(term)
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+
+#: passwd.1.xml:373(para)
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr ""
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr ""
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr ""
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr ""
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr ""
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr ""
+"Denne variabel er forældet, du skal bruge <option>ENCRYPT_METHOD</option>."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>OBSCURE_CHECKS_ENAB</option> (boolesk)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr "Aktiver yderligere kontroller før ændringer af adgangskode."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "<option>PASS_ALWAYS_WARN</option> (boolesk)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+"Advar om svage adgangskoder (men tillad dem stadig) hvis du er administrator "
+"(root)."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "<option>PASS_CHANGE_TRIES</option> (antal)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr "Maksimalt antal forsøg at ændre adgangskode hvis afvist (for nemt)."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "<option>PASS_MAX_LEN</option> (antal)"
+
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "<option>PASS_MIN_LEN</option> (antal)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MIN_ROUNDS</option> (antal)"
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr ""
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr ""
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+
+#: passwd.1.xml:429(filename)
+msgid "/etc/pam.d/passwd"
+msgstr ""
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr "PAM-konfiguration for <command>passwd</command>."
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "tilladelse nægtet"
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "Ugyldig kombination af tilvalg"
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr "uventet fejl, intet udført"
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr "uventet fejl, <filename>passwd</filename>-filen mangler"
+
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr "<filename>passwd</filename>-filen er optaget, forsøg igen"
+
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandoen <command>passwd</command> afsluttedes med de følgende værdier: "
+"<placeholder-1/>"
+
+#: passwd.1.xml:490(para)
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr ""
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr "nægt venligt et logind"
+
+#: nologin.8.xml:65(para)
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr "HISTORIK"
+
+#: nologin.8.xml:91(para)
+#, fuzzy
+#| msgid "The <command>nologin</command> command appearred in BSD 4.4."
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr "Kommandoen <command>nologin</command> fremkom i BSD 4.4."
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr "opdater og opret nye brugere i et job"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr "fil"
+
+#: newusers.8.xml:97(para)
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr ""
+
+#: newusers.8.xml:110(emphasis)
+msgid "pw_name"
+msgstr ""
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr "Dette er navnet på brugeren."
+
+#: newusers.8.xml:116(para)
+#, fuzzy
+#| msgid ""
+#| "If this field contains the name of an existing user (or the name of an "
+#| "user created before by <command>newusers</command>), the UID of the "
+#| "specified user will be used."
+msgid ""
+"It can be the name of a new user or the name of an existing user (or a user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+"Hvis dette felt indeholder navnet på en eksisterende bruger (eller navnet på "
+"en bruger oprettet før af <command>newusers</command>), så vil UID'en for "
+"den angivne bruger blive brugt."
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr ""
+
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr ""
+"Dette felt vil være krypteret og brugt som den nye værdi for den krypterede "
+"adgangskode."
+
+#: newusers.8.xml:138(emphasis)
+msgid "pw_uid"
+msgstr ""
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr "Dette flet bruges til at definere UID for brugeren."
+
+#: newusers.8.xml:144(para)
+#, fuzzy
+#| msgid ""
+#| "If the field is empty, an new (unused) UID will be defined automatically "
+#| "by <command>newusers</command>."
+msgid ""
+"If the field is empty, a new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+"Hvis feltet er tomt, vil en ny (ubrugt) UID blive defineret automatisk af "
+"<command>newusers</command>."
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr ""
+"Hvis dette felt indeholer et tal, så vil dette tal blive brugt som UID'en."
+
+#: newusers.8.xml:152(para)
+#, fuzzy
+#| msgid ""
+#| "If this field contains the name of an existing user (or the name of an "
+#| "user created before by <command>newusers</command>), the UID of the "
+#| "specified user will be used."
+msgid ""
+"If this field contains the name of an existing user (or the name of a user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+"Hvis dette felt indeholder navnet på en eksisterende bruger (eller navnet på "
+"en bruger oprettet før af <command>newusers</command>), så vil UID'en for "
+"den angivne bruger blive brugt."
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr ""
+"Hvis UID'en for en eksisterende bruger har ændret sig, så skal filens "
+"ejerskab for brugerens fil rettes manuelt."
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr ""
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr "Dette felt bruges til at definere det primære gruppe-id for brugeren."
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr ""
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr "Dette felt er kopieret i GECOS-feltet for brugeren."
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr ""
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr "Dette felt bruges til at definere hjemmemappen for brugeren."
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+"Hvis feltet ikke angiver en eksisterende mappe, så oprettes den angiven "
+"mappe, med ejerskab angivet for brugeren der oprettes elelr opdateres og "
+"dennes primære gruppe."
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+"Hvis hjemmemappen for en eksisterende bruger ændres så flytter eller "
+"kopierer <command>newusers</command> ikke indholdet fra den gamle mappe til "
+"den nye placering. Dette ksal gøres manuelt."
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr ""
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr ""
+"Dette felt definerer brugerens skal. Ingen kontrollerer udføres på dette "
+"felt."
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr ""
+"Denne kommando skal bruges i store systemmiljøer hvor mange kontoer "
+"opdateres på en gang."
+
+#: newusers.8.xml:266(para)
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr "Tilvalgene som gælder for kommandoen <command>newusers</command> er:"
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-c</option>, <option>--crypt-method</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr "Brug den angivne metode til at kryptere adgangskoderne."
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+"De tilgængelige metoder er DES, Md5, NONE og SHA256 eller SHA512 hvis din "
+"libc understøtter disse metoder."
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Systembrugere vil blive oprettet uden aldersinformation i <filename>/etc/"
+"shadow</filename>, og deres numeriske identifikatører vælges i intervallet "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>, defineret i "
+"<filename>login.defs</filename>, i stedet for <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (og deres <option>GID</option>-modparte for "
+"oprettelsen af grupper.)."
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--sha-rounds</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr "Brug det angivet antal rundet til at kryhptere adgangskoderne."
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr ""
+"Værdien 0 betyder at systemet vil vælge antallet af standardrunder for "
+"krypteringsmetoden (5000)."
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr ""
+"En minimusværdi på 1000 og en maksimumsværdi på 999.999.999 vil blive "
+"påtvunget."
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+"Du kan kun bruge dette tilvalg med SHA256- eller SHA512-krypteringsmetoden."
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Som standard er antallet af runder defineret af variablerne "
+"SHA_CRYPT_MIN_ROUNDS og SHA_CRYPT_MAX_ROUNDS i <filename>/etc/login.defs</"
+"filename>."
+
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+"Inddatafilen skal beskyttes da den indeholder adgangskoder der ikke er "
+"krypteret."
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr ""
+"Du skal sikre dig at adgangskoderne og krypteringsmetoden respekterer "
+"systemets adgangskodepolitik."
+
+#: newusers.8.xml:430(filename)
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/pam.d/newusers"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr "PAM-konfiguration for <command>newusers</command>."
+
+#: newusers.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry condition=\"tcb"
+#| "\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+#| "condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gruppe</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr ""
+
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr "log ind på en ny gruppe"
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr ""
+
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+"Kommandoen <command>newgrp</command> bruges til at ændre den aktuelle grupp-"
+"id under en logindsession. Hvis det valgfrie flag <option>-</option> er "
+"angivet, så vil brugerens miljø blive geninitialiseres som om at brugeren "
+"havde logget ind, ellers bevares det aktuelle miljø, inklusiv aktuel "
+"arbejdsmappe, uændret."
+
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+
+#: newgrp.1.xml:152(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr ""
+
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr "påtving restriktioner for logindperiode"
+
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr ""
+
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "Liste over aktuelle logindsessioner."
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr ""
+
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr ""
+
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+"Denne fil er en læsbar tekstfil, hvier linje i filen beskriver en "
+"konfigurationsparameter. Linjerne består af et konfigurationsnavn og -værdi, "
+"adskilt af mellemrum. Tomme linjer og kommentarlinjer ignoreres. Kommentarer "
+"indledes med tegnet »#« og tegnet skal være det første tegn på linjen, som "
+"ikke er et mellemrum."
+
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr "De følgende konfigurationspunkter tilbydes:"
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr "<option>CHFN_AUTH</option> (boolesk)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ERASECHAR</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "<option>FAIL_DELAY</option> (antal)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>KILLCHAR</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr "Aktiver logning af succesfulde logind."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "<option>LOG_UNKFAIL_ENAB</option> (boolesk)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr "Aktiver visning af ukendte brugernavne når logindfejl optages."
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+"Bemærk: Logning af ukendte brugernaven kan udgøre en sikkerhedsmæssig risiko "
+"såfremt en bruger indtatser sin adgangskode i stedet for sit logindnavn."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "<option>LOGIN_RETRIES</option> (antal)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr "Maksimalt antal logindforsøg i tilfælde af ugyldig adgangskode."
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+"Denne vil højst sandsynlig blive overskrevet af PAM, da standardmodulet "
+"pam_unix har sin egen indbygget 3 forsøg. Dette er dog en ekstra sikkerhed i "
+"tilfælde af at du bruger et godkendelsesmodul som ikke påtvinger "
+"PAM_MAXTRiES."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "<option>LOGIN_TIMEOUT</option> (antal)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr "Maks. tidsforbrug i sekunder for logind."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "<option>MOTD_FILE</option> (streng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+
+#: login.defs.5.xml:208(para)
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "<option>TTYGROUP</option> (streng)"
+
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>TTYPERM</option> (string)"
+msgstr "<option>TTYPERM</option> (streng)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+"Som standard er ejerskabet af terminalen angivet til brugerens primære "
+"gruppe og rettighederne er angivet til <replaceable>0600</replaceable>."
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "<option>TTYTYPE_FILE</option> (streng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ULIMIT</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr "Standardværdi for <command>ulimit</command>."
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr ""
+
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr ""
+"De følgende krydsreferencer viser hvilke programmer i shadows "
+"adgangskodeprogrampakke der bruger hvilke parametre."
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr ""
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr ""
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr ""
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr ""
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr ""
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr ""
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr ""
+
+#: login.defs.5.xml:288(para)
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr ""
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr ""
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr ""
+
+#: login.defs.5.xml:308(para)
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr ""
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr ""
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr ""
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr ""
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr ""
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr ""
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr ""
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:383(term)
+msgid "newgrp / sg"
+msgstr ""
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:393(para)
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:431(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr ""
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:463(term)
+msgid "sulogin"
+msgstr ""
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:474(para)
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:519(para)
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr ""
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr "kontroltabel for logindadgang"
+
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr ""
+"Hver linje i kontroltabellen for logindadagng har tre felter adskilt af "
+"tegnet »:«:"
+
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr ""
+
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr ""
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr "vært"
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr ""
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr ""
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr ""
+
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr "Navn på den eksterne vært for dette logind."
+
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr "Bevar miljø."
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr "Udfør autologin-protokol for rlogin."
+
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr "Placeringen af filer er underlagt forskelle i systemkonfiguration."
+
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr "Liste over tidligere logindsessioner."
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr ""
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr ""
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr ""
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr "Undertryk udskrivning af systembeskeder."
+
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr ""
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr ""
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr ""
+
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr "Hver linje beskriver en begrænsning for en bruger i formen:"
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr "bruger LIMITS_STRING"
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr "eller i formen:"
+
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr "@group LIMITS_STRING"
+
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr ""
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr "A: Maks. adresserum (KB)"
+
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr ""
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr "D: Maks. datastørrelse (KB)"
+
+#: limits.5.xml:111(para)
+#, fuzzy
+#| msgid "F: maximum filesize (KB)"
+msgid "F: maximum file size (KB)"
+msgstr "F: Maks filstørrelse (KB)"
+
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr ""
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr ""
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr ""
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr "N: Maks antal åbne filer"
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr ""
+
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr ""
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr ""
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr "T: Maks CPU-tid (MIN)"
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr ""
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      username L2D2048N5\n"
+"      username L2 D2048 N5\n"
+"    "
+msgstr ""
+
+#: limits.5.xml:145(para)
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. An "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+
+#: limits.5.xml:159(para)
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+
+#: limits.5.xml:165(para)
+#, fuzzy
+#| msgid ""
+#| "If more than one line with limits for an user exist, only the first line "
+#| "for this user will be considered."
+msgid ""
+"If more than one line with limits for a user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+"Hvis mere end en linje med begrænsninger for en bruger findes, så vil kun "
+"den første linje for denne bruger indgå."
+
+#: limits.5.xml:170(para)
+msgid ""
+"If no lines are specified for a user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr ""
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr ""
+
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr ""
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr ""
+
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr ""
+
+#: lastlog.8.xml:97(term)
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+
+#: lastlog.8.xml:107(term)
+#, fuzzy
+#| msgid "<option>-u</option>, <option>--user</option>"
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: lastlog.8.xml:111(para)
+msgid ""
+"Clear lastlog record of a user. This option can be used only together with "
+"<option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:138(term)
+#, fuzzy
+#| msgid "<option>-u</option>, <option>--user</option>"
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: lastlog.8.xml:142(para)
+msgid ""
+"Set lastlog record of a user to the current time. This option can be used "
+"only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+
+#: lastlog.8.xml:153(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr ""
+
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+
+#: lastlog.8.xml:164(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr ""
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+
+#: lastlog.8.xml:179(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+
+#: lastlog.8.xml:184(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr ""
+
+#: lastlog.8.xml:193(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr "Databasetider for tidligere brugerlogind."
+
+#: lastlog.8.xml:217(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr ""
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr ""
+
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr ""
+
+#: gshadow.5.xml:59(para)
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr ""
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr ""
+
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "gruppenavn"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr "Det skal være et gyldigt gruppenavn, som findes på systemet."
+
+#: gshadow.5.xml:90(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+
+#: gshadow.5.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The new value of the user's password file comment field. It is normally "
+#| "modified using the <citerefentry><refentrytitle>chfn</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgid ""
+"The password is used when a user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"Den nye værdi for brugerens kommentar kommentarfelt i adgangskodefilen. Den "
+"ændres normalt med redskabet <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr ""
+
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr ""
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr "administratorer"
+
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr "Det skal være en kommaadskilt liste af brugernavne."
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr "Administratorer kan ændre adgangskoden eller medlemmerne af gruppen."
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr ""
+"Administratorer har også de samme rettigheder som medlemmerne (se nedenfor)."
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr "medlemmer"
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr "Medlemmer kan tilgå gruppen uden at blive spurgt efter en adgangskode."
+
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+"Du skal bruge den samme liste over brugere som i <filename>/etc/group</"
+"filename>."
+
+#: gshadow.5.xml:175(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr "verificer integritet for gruppefiler"
+
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr "et unikt og gyldigt gruppenavn"
+
+#: grpck.8.xml:104(para)
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+
+#: grpck.8.xml:111(para)
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr ""
+
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+
+#: grpck.8.xml:152(para)
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr "Tilvalgen som gælder for kommandoen <command>grpck</command> er:"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+
+#: grpck.8.xml:187(para)
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+
+#: grpck.8.xml:196(para)
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr ""
+
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr "kan ikke åbne gruppefiler"
+
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr "kan ikke låse gruppefiler"
+
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr "kan ikke opdatere gruppefiler"
+
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandoen <command>grpck</command> findes med de følgende værdier: "
+"<placeholder-1/>"
+
+#: grpck.8.xml:291(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr "vis aktuelle gruppenavne"
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr "bruger"
+
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr "ændr en gruppedefinition på systemet"
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "GRUPPE"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr ""
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+
+#: groupmod.8.xml:100(para)
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+
+#: groupmod.8.xml:104(para)
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+"Brugere som bruger gruppen som primær gruppe vil blive opdateret for at "
+"beholde gruppen som deres primære gruppe."
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+
+#: groupmod.8.xml:120(para)
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: groupmod.8.xml:135(term)
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+
+#: groupmod.8.xml:150(para)
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "gruppenavn er allerede i brug"
+
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandoen <command>groupmod</command> findes med de følgende værdier: "
+"<placeholder-1/>"
+
+#: groupmod.8.xml:287(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr ""
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr ""
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr ""
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr ""
+
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr "administrer medlemmer for en brugers primære gruppe"
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr ""
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr ""
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr ""
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+
+#: groupmems.8.xml:94(para)
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr ""
+
+#: groupmems.8.xml:107(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+
+#: groupmems.8.xml:109(para)
+#, fuzzy
+#| msgid "Add an user to the group membership list."
+msgid "Add a user to the group membership list."
+msgstr "Tilføj en bruger til listen over gruppemedlemmer."
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+"Hvis filen <filename>/etc/gshadow</filename> findes, og gruppen ikke har et "
+"punkt i filen <filename>/etc/gshadow</filename>, så vil et nyt punkt blive "
+"oprettet."
+
+#: groupmems.8.xml:118(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr "Slet en bruger fra listen over gruppemedlemskab."
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+
+#: groupmems.8.xml:134(term)
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr ""
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr ""
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:154(term)
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-p</option>, <option>--purge</option>"
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr ""
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+"    "
+msgstr ""
+
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr ""
+
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr "slet en gruppe"
+
+#: groupdel.8.xml:81(para)
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+
+#: groupdel.8.xml:89(para)
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr "Tilvalgene som gælder for kommandoen <command>groupdel</command> er:"
+
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr ""
+"De kan ikke fjerne den primære gruppe for en eksisterende bruger. Du skal "
+"fjerne brugeren før du fjerner gruppen."
+
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr ""
+"Du skal manuelt kontrollere alle filsystemer for at sikre dig, at ingen "
+"filer fortsat er ejet af denne gruppe."
+
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr "Kan ikke fjerne brugers primære gruppe"
+
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandoen <command>groupdel</command> findes med de følgende værdier: "
+"<placeholder-1/>"
+
+#: groupdel.8.xml:198(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "opret en ny gruppe"
+
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr "Tilvalgene som gælder for kommandoen <command>groupadd</command> er:"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+
+#: groupadd.8.xml:118(para)
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+
+#: groupadd.8.xml:124(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr ""
+"Se også tilvalget <option>-r</option> og beskrivelsen <option>GID_MAX</"
+"option>."
+
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+
+#: groupadd.8.xml:146(para)
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+
+#: groupadd.8.xml:150(para)
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr ""
+
+#: groupadd.8.xml:192(para)
+msgid "Create a system group."
+msgstr "Opret en systemgruppe."
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+
+#: groupadd.8.xml:258(para)
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr ""
+
+#: groupadd.8.xml:267(para)
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr ""
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr ""
+
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr ""
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr ""
+
+#: gpasswd.1.xml:71(phrase)
+msgid "administer <placeholder-1/>"
+msgstr ""
+
+#: gpasswd.1.xml:74(phrase)
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr ""
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+msgid "option"
+msgstr ""
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:115(para)
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr ""
+
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+
+#: gpasswd.1.xml:135(para)
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr ""
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr ""
+
+#: gpasswd.1.xml:142(para)
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr ""
+
+#: gpasswd.1.xml:147(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+
+#: gpasswd.1.xml:151(para)
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:160(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+
+#: gpasswd.1.xml:164(para)
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:181(term)
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+
+#: gpasswd.1.xml:195(term)
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr ""
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:211(term)
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr ""
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:227(term)
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr ""
+
+#: gpasswd.1.xml:239(term)
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr ""
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+
+#: gpasswd.1.xml:298(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr ""
+
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr ""
+
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr ""
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+
+#: faillog.8.xml:102(para)
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr ""
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+
+#: faillog.8.xml:128(term)
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+
+#: faillog.8.xml:132(para)
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr ""
+
+#: faillog.8.xml:143(term)
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+
+#: faillog.8.xml:147(para)
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr ""
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr ""
+
+#: faillog.8.xml:195(para)
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr ""
+
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:224(para)
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr ""
+
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr ""
+
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr ""
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "Strukturen for filen er:"
+
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;\n"
+"\tshort   fail_max;\n"
+"\tchar    fail_line[12];\n"
+"\ttime_t  fail_time;\n"
+"\tlong    fail_locktime;\n"
+"};"
+msgstr ""
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr ""
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr ""
+
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr ""
+
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+
+#: expiry.1.xml:92(para)
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr ""
+
+#: expiry.1.xml:97(term)
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr ""
+
+#: expiry.1.xml:99(para)
+msgid "Check the password expiration of the current user."
+msgstr ""
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr ""
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr ""
+
+#: chsh.1.xml:85(para)
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr ""
+
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr ""
+
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr ""
+
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr ""
+
+#: chpasswd.8.xml:83(para)
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+
+#: chpasswd.8.xml:92(para)
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+
+#: chpasswd.8.xml:97(para)
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwritten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:111(para)
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occurred for "
+"any user."
+msgstr ""
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr ""
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr ""
+
+#: chpasswd.8.xml:137(term)
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr ""
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr ""
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr ""
+
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr ""
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr ""
+
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr ""
+
+#: chpasswd.8.xml:200(term)
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr ""
+
+#: chpasswd.8.xml:276(filename)
+msgid "/etc/pam.d/chpasswd"
+msgstr ""
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr ""
+
+#: chpasswd.8.xml:286(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr ""
+
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr ""
+
+#: chgpasswd.8.xml:79(para)
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+
+#: chgpasswd.8.xml:88(para)
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+
+#: chgpasswd.8.xml:92(para)
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwritten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr ""
+
+#: chgpasswd.8.xml:238(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr ""
+
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+
+#: chfn.1.xml:112(para)
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr "Tilvalgende som gælder for kommandoen <command>chfn</command> er:"
+
+#: chfn.1.xml:117(term)
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;<replaceable>NAVN</"
+"replaceable>"
+
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr "Ændr brugerens navn."
+
+#: chfn.1.xml:125(term)
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>TELEFONNUMMER</replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr "Ændr brugerens telefonnummer."
+
+#: chfn.1.xml:133(term)
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>ANDEN</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+"Ændr brugerens anden GECOS-information. Dette felt bruges til at gemme "
+"kontoinformation brugt af andre programmer, og kan kun ændres af en "
+"superbruger."
+
+#: chfn.1.xml:145(term)
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--room</option>&nbsp;"
+"<replaceable>VÆRELSESNUMMER</replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr "Ændr brugerens værelsesnummer."
+
+#: chfn.1.xml:165(term)
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-u</option>, <option>--help</option>"
+
+#: chfn.1.xml:173(term)
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>ARBEJDSTELEFON</replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr "Ændr brugerens arbejdsnummer."
+
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "ændr udløbsinformation om brugeradgangskode"
+
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr "Tilvalgene som gælder for kommandoen <command>chage</command> er:"
+
+#: chage.1.xml:97(term)
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+
+#: chage.1.xml:109(term)
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+
+#: chage.1.xml:135(term)
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr ""
+
+#: chage.1.xml:164(term)
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+
+#: chage.1.xml:176(term)
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+
+#: chage.1.xml:180(para)
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+
+#: chage.1.xml:209(term)
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+
+#: chage.1.xml:213(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr ""
+"Programmet <command>chage</command> kræver at en adgangskodefil for shadow "
+"er tilgængelig."
+
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+"Kommandoen <command>chage</command> er begrænset til administratorbrugeren "
+"(root), undtaget for tilvalget <option>-l</option>, som kan bruges af en "
+"upriviligeret bruger til at bestemme hvornår denne brugers adgangskode eller "
+"konto står til at udløbe."
+
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "Kan ikke finde shadows adgangskodefil"
+
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandoen <command>chage</command> findes med de følgende værdier: "
+"<placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr ""
+
+#~ msgid "13"
+#~ msgstr "13"
+
+#~ msgid "can't create mail spool"
+#~ msgstr "kan ikke oprette postkø"
diff --git a/man/po/de.po b/man/po/de.po
new file mode 100644
index 0000000..340e15d
--- /dev/null
+++ b/man/po/de.po
@@ -0,0 +1,10632 @@
+# German translation of shadow-man-pages
+# Copyright (C) 2006 Free Software Foundation, Inc.
+# Simon Brandmair <sbrandmair@gmx.net>, 2005, 2006, 2007, 2011, 2012.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow-man-pages\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2013-08-23 01:36+0200\n"
+"Last-Translator: Simon Brandmair <sbrandmair@gmx.net>\n"
+"Language-Team: debian-l10n-german <http://lists.debian.org/debian-l10n-"
+"german/>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr "Marek"
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr "Michałkiewicz"
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr "ursprünglicher Autor, 1997"
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr "Thomas"
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname)
+#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname)
+#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname)
+#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname)
+#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname)
+#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr "KÅ‚oczko"
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr "kloczek@pld.org.pl"
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib)
+#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib)
+#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib)
+#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib)
+#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib)
+#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib)
+#: chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr "shadow-utils-Betreuer, 2000 - 2007"
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr "Nicolas"
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname)
+#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname)
+#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname)
+#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname)
+#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname)
+#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname)
+#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr "François"
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr "nicolas.francois@centraliens.net"
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib)
+#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib)
+#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib)
+#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib)
+#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib)
+#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib)
+#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr "shadow-utils-Betreuer, 2007 - heute"
+
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "Befehle zur Systemverwaltung"
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+msgid "shadow-utils"
+msgstr "shadow-utils"
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr ""
+"bearbeitet die Passwort-, Gruppen-, Shadow-Passwort- oder Shadow-Gruppen-"
+"Datei"
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable)
+#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable)
+#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable)
+#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable)
+#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable)
+#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable)
+#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "Optionen"
+
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "BESCHREIBUNG"
+
+#: vipw.8.xml:90(para)
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Die Befehle <command>vipw</command> und <command>vigr</command> bearbeiten "
+"die Dateien <filename>/etc/passwd</filename> beziehungsweise <filename>/etc/"
+"group</filename>. Mit der Option <option>-s</option> bearbeiten Sie die "
+"Shadow-Versionen beider Dateien, <filename>/etc/shadow</filename> und "
+"<filename>/etc/gshadow</filename>. Die Programme werden die geeigneten "
+"Sperren setzen, um eine Beschädigung der Dateien zu verhindern. Wenn ein "
+"Editor benötigt wird, wird zuerst die Umgebungsvariable <envar>$VISUAL</"
+"envar> ausgewertet, danach die Umgebungsvariable <envar>$EDITOR</envar>. "
+"Zuletzt wird der Standard-Editor <citerefentry><refentrytitle>vi</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> verwendet."
+
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title)
+#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title)
+#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title)
+#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "OPTIONEN"
+
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr ""
+"Die Optionen, die von den Befehlen <command>vipw</command> und "
+"<command>vigr</command> unterstützt werden, sind:"
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "bearbeitet die Gruppendatenbank"
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "zeigt die Hilfe an und beendet das Programm"
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "bearbeitet die Passwd-Datenbank"
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "stiller Modus"
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_VERZ</"
+"replaceable>"
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+"führt die Veränderungen in dem Verzeichnis  <replaceable>CHROOT_VERZ</"
+"replaceable> durch und verwendet die Konfigurationsdateien aus dem "
+"Verzeichnis <replaceable>CHROOT_VERZ</replaceable>"
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "bearbeitet die Shadow- oder Gshadow-Datenbank"
+
+#: vipw.8.xml:156(term)
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr "bestimmt, welche Tcb-Shadow-Datei des Benutzers bearbeitet werden soll"
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title)
+#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title)
+#: chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr "KONFIGURATION"
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+"Die folgenden Konfigurationsvariablen in <filename>/etc/login.defs</"
+"filename> beeinflussen das Verhalten dieses Werkzeugs:"
+
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "<option>USE_TCB</option> (boolesch)"
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"Wenn auf <replaceable>yes</replaceable> gesetzt, wird das "
+"<citerefentry><refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>-Passwort-Shadowing-Schema verwendet."
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr "UMGEBUNGSVARIABLEN"
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr "VISUAL"
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr "der verwendete Editor"
+
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr "EDITOR"
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr "der verwendete Editor, wenn <option>VISUAL</option> nicht gesetzt ist"
+
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title)
+#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title)
+#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title)
+#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title)
+#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title)
+#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title)
+#: chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr "DATEIEN"
+
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename)
+#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename)
+#: grpck.8.xml:224(filename) groups.1.xml:103(filename)
+#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename)
+#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename)
+#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename)
+#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "Informationen zu den Gruppenkonten"
+
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+# type: Plain text
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "sichere Informationen zu den Gruppenkonten"
+
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "Informationen zu den Benutzerkonten"
+
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+# type: Plain text
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "verschlüsselte Informationen zu den Benutzerkonten"
+
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "SIEHE AUCH"
+
+#: vipw.8.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>,<citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry  "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr "Julianne Frances"
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname)
+#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname)
+#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname)
+#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname)
+#: groups.1.xml:40(surname) groupmod.8.xml:41(surname)
+#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname)
+#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname)
+#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname)
+#: chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr "Haugh"
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr "ursprünglicher Autor, 1991"
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "verändert ein Benutzerkonto"
+
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "ANMELDENAME"
+
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"Der Befehl <command>usermod</command> verändert die Kontodateien des "
+"Systems, so dass sie die Änderungen enthalten, die in der Befehlszeile "
+"eingegeben wurden."
+
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>usermod</command> unterstützt werden, "
+"sind:"
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--append</option>"
+
+#: usermod.8.xml:104(para)
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr ""
+"Fügt den Benutzer weiteren Gruppen hinzu. Kann nur zusammen mit der Option "
+"<option>-G</option> verwendet werden."
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>KOMMENTAR</"
+"replaceable>"
+
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"Der neue Wert des Kommentarfelds in der Passwortdatei des Benutzers. Er wird "
+"normalerweise mit dem Werkzeug <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> verändert."
+
+#: usermod.8.xml:124(term)
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_VERZ</"
+"replaceable>"
+
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr "das neue Home-Verzeichnis des Benutzers"
+
+#: usermod.8.xml:131(para)
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+"Wenn die Option <option>-m</option> verwendet wurde, wird der Inhalt des "
+"aktuellen Home-Verzeichnisses in das neue Home-Verzeichnis verschoben. Falls "
+"dieses nicht existiert, wird es angelegt."
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>VERFALLS_DATUM</replaceable>"
+
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+"Das Datum, an welchem das Benutzerkonto deaktiviert wird. Das Datum muss im "
+"Format <emphasis remap=\"I\">JJJJ-MM-TT</emphasis> angegeben werden."
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr ""
+"Wenn das Argument <replaceable>VERFALLS_DATUM</replaceable> leer bleibt, "
+"wird der Verfall des Kontos deaktiviert."
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+"Diese Option benötigt die Datei <filename>/etc/shadow</filename>. Falls die "
+"Datei <filename>/etc/shadow</filename> leer sein sollte, wird ein Eintrag "
+"erstellt."
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: usermod.8.xml:164(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr ""
+"Die Anzahl von Tagen, nach denen ein Passwort abgelaufen ist, bis das Konto "
+"deaktiviert wird."
+
+#: usermod.8.xml:168(para)
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr ""
+"Ein Wert von 0 deaktiviert das Konto, sobald das Passwort abläuft. Ein Wert "
+"von -1 schaltet diese Funktion ab."
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GRUPPE</"
+"replaceable>"
+
+#: usermod.8.xml:185(para)
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr ""
+"Der Name oder die Zahl der anfänglichen Anmeldegruppe eines neuen Benutzers. "
+"Der Gruppenname muss existieren."
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr ""
+"Jede Datei im Home-Verzeichnis des Benutzers, die der alten Hauptgruppe des "
+"Benutzers gehörte, wird dieser neuen Gruppe gehören."
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr ""
+"Die Gruppenzugehörigkeit von Dateien außerhalb des Home-Verzeichnisses des "
+"Benutzers muss per Hand angepasst werden."
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GRUPPE_1</"
+"replaceable>[<emphasis remap=\"I\">,GRUPPE_2, ...</emphasis>[<emphasis remap="
+"\"I\">,GRUPPE_N</emphasis>]]]"
+
+#: usermod.8.xml:204(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+"Eine Liste zusätzlicher Gruppen, denen der Benutzer ebenfalls angehört. Die "
+"Gruppen sind durch Kommata ohne Leerzeichen von einander zu trennen. Die "
+"Gruppen unterliegen denselben Beschränkungen wie die Gruppe, die mit der "
+"Option <option>-g</option> bestimmt wurde."
+
+#: usermod.8.xml:211(para)
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+"Wenn der Benutzer aktuell Mitglied einer Gruppe ist, die nicht angegeben "
+"ist, wird er aus dieser Gruppe entfernt. Dieses Verhalten kann mit der "
+"Option <option>-a</option> abgeschaltet werden. Damit wird der Benutzer nur "
+"den angegebenen Gruppen hinzugefügt, ohne aus den übrigen gelöscht zu werden."
+
+#: usermod.8.xml:220(term)
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--login</option>&nbsp;"
+"<replaceable>NEUER_ANMELDENAME</replaceable>"
+
+#: usermod.8.xml:224(para)
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+"Der Benutzername wird von <replaceable>ANMELDENAME</replaceable> zu "
+"<replaceable>NEUER_ANMELDENAME</replaceable> verändert. Andere Veränderungen "
+"werden nicht vorgenommen. Daher sollte wahrscheinlich der Name des Home-"
+"Verzeichnisses des Benutzers per Hand geändert werden, um dem neuen "
+"Anmeldenamen Rechnung zu tragen."
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+"Sperrt das Passwort eines Benutzers. Dadurch wird ein »!« vor das "
+"verschlüsselte Passwort gesetzt, wodurch im Ergebnis das Passwort "
+"abgeschaltet wird. Sie können diese Option nicht mit <option>-p</option> "
+"oder <option>-U</option> verwenden."
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+"Hinweis: Wenn Sie das Konto sperren wollen (und nicht nur den Zugang mit "
+"einem Passwort), müssen Sie auch das <replaceable>VERFALLSDATUM</"
+"replaceable> auf <replaceable>1</replaceable> setzen."
+
+#: usermod.8.xml:253(term)
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr "<option>-m</option>, <option>--move-home</option>"
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr ""
+"verschiebt den Inhalt des Home-Verzeichnisses eines Benutzers zu dem neuen "
+"Ziel"
+
+#: usermod.8.xml:261(para)
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr ""
+"Diese Option ist nur in Verbindung mit der Option <option>-d</option> (oder "
+"<option>--home</option>) zulässig."
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+"<command>usermod</command> versucht, den Eigentümer der Dateien anzupassen "
+"und die Rechte, ACL und erweiterten Attribute zu übernehmen, aber "
+"Anpassungen per Hand können dennoch notwendig sein."
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr "<option>-o</option>, <option>--non-unique</option>"
+
+# SB: What is that suppossed to mean? I can assign the UID 1000 twice?
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr ""
+"Wenn es mit der Option <option>-u</option> verwendet wird, kann mit dieser "
+"Option der Wert der Benutzer-ID auf einen nicht eindeutigen Wert gesetzt "
+"werden."
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORT</"
+"replaceable>"
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+"das verschlüsselte Passwort, wie es von <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> zurückgegeben wird"
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+"<emphasis role=\"bold\">Hinweis:</emphasis> Diese Option ist nicht "
+"empfehlenswert, weil das Passwort (auch wenn es verschlüsselt ist) für "
+"Benutzer sichtbar ist, die sich den Prozess anzeigen lassen."
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+"Das Passwort wird in die lokale Datei <filename>/etc/passwd</filename> oder "
+"<filename>/etc/shadow</filename> geschrieben. Dies könnte von der Passwort-"
+"Datenbank abweichen, die Sie für PAM konfiguriert haben."
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr ""
+"Sie sollten sicherstellen, dass das Passwort den Passwortrichtlinien des "
+"Systems entspricht."
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+"Der Name der neuen Anmelde-Shell des Benutzers. Falls dieses Feld leer "
+"gelassen wird, verwendet das System die Standard-Anmelde-Shell."
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr "der neue numerische Wert der UID des Benutzers"
+
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+"Dieser Wert muss eindeutig sein, sofern nicht die Option <option>-o</option> "
+"verwendet wird. Der Wert darf nicht negativ sein."
+
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr ""
+"Für die Mailbox des Benutzers und alle Dateien, die ihm gehören und sich in "
+"seinem Home-Verzeichnis befinden, wird die ID des Eigentümers automatisch "
+"angepasst."
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr ""
+"Der Eigentümer von Dateien außerhalb des Home-Verzeichnisses des Benutzers "
+"muss per Hand angepasst werden."
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Die Werte von <option>UID_MIN</option>, <option>UID_MAX</option>, "
+"<option>SYS_UID_MIN</option> und <option>SYS_UID_MAX</option> aus <filename>/"
+"etc/login.defs</filename> werden nicht geprüft."
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr "<option>-U</option>, <option>--unlock</option>"
+
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+"Gibt das Passwort eines Benutzers frei. Dies entfernt das »!« vor dem "
+"verschlüsselten Passwort. Sie können diese Option nicht mit <option>-p</"
+"option> oder <option>-U</option> verwenden."
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+"Hinweis: Falls Sie das Benutzerkonto freigeben wollen (und nicht nur den "
+"Zugang mit einem Passwort), sollten Sie auch das <replaceable>VERFALLSDATUM</"
+"replaceable> bearbeiten (zum Beispiel auf <replaceable>99999</replaceable> "
+"oder den Wert von <option>EXPIRE</option> aus <filename>/etc/default/"
+"useradd</filename> setzen)."
+
+#: usermod.8.xml:384(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>MENGE</replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>UID_MIN</option>, "
+#| "<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+#| "<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Die Werte von <option>UID_MIN</option>, <option>UID_MAX</option>, "
+"<option>SYS_UID_MIN</option> und <option>SYS_UID_MAX</option> aus <filename>/"
+"etc/login.defs</filename> werden nicht geprüft."
+
+#: usermod.8.xml:402(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>MENGE</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subuids</option> and <option>--add-"
+"subuids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+
+#: usermod.8.xml:422(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>MENGE</replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>GID_MIN</option>, "
+#| "<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+#| "<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Die Werte von <option>GID_MIN</option>, <option>GID_MAX</option>, "
+"<option>SYS_GID_MIN</option> und <option>SYS_GID_MAX</option> aus <filename>/"
+"etc/login.defs</filename> werden nicht geprüft."
+
+#: usermod.8.xml:440(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>MENGE</replaceable>"
+
+#: usermod.8.xml:444(para)
+#, fuzzy
+#| msgid "Remove any SELinux user mapping for the user's login."
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr ""
+"entfernt die Zuordnung von SELinux-Benutzern aus den Anmeldeinformationen "
+"des Benutzers"
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subgids</option> and <option>--add-"
+"subgids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;<replaceable>SE-"
+"BENUTZER</replaceable>"
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr "der neue SELinux-Benutzer für den Anmeldenamen des Benutzers"
+
+#: usermod.8.xml:467(para)
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+"Wenn <replaceable>SEBENUTZER</replaceable> leer ist, wird die Zuordnung von "
+"SELinux-Benutzern (sofern vorhanden) aus den Anmeldeinformationen des "
+"Benutzers entfernt"
+
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title)
+#: faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr "WARNUNGEN"
+
+#: usermod.8.xml:479(para)
+#, fuzzy
+#| msgid ""
+#| "You must make certain that the named user is not executing any processes "
+#| "when this command is being executed if the user's numerical user ID, the "
+#| "user's name, or the user's home directory is being changed. "
+#| "<command>usermod</command> checks this on Linux, but only check if the "
+#| "user is logged in according to utmp on other architectures."
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux. On other platforms it only "
+"uses utmp to check if the user is logged in."
+msgstr ""
+"Wenn Sie mit diesem Befehl die numerische UID, den Namen oder das Home-"
+"Verzeichnis eines Benutzers verändern wollen, müssen Sie sicherstellen, dass "
+"dieser Benutzer keine Prozesse laufen lässt. Bei Linux stellt dies "
+"<command>usermod</command> sicher, auf anderen Architekturen überprüft es "
+"nur, ob der Benutzer laut utmp eingeloggt ist."
+
+#: usermod.8.xml:486(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+"Sie müssen den Eigentümer von <command>crontab</command>-Dateien oder "
+"<command>at</command>-Aufträgen per Hand ändern."
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr ""
+"Sie müssen alle Änderung in Bezug auf NIS auf dem NIS-Server vornehmen."
+
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr "<option>MAIL_DIR</option> (Zeichenkette)"
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+"Das Verzeichnis des Mail-Spools. Diese Angabe wird benötigt, um die Mailbox "
+"zu bearbeiten, nachdem das entsprechende Benutzerkonto verändert oder "
+"gelöscht wurde. Falls nicht angegeben, wird ein Standard verwendet, der beim "
+"Kompilieren festgelegt wurde."
+
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr "<option>MAIL_FILE</option> (Zeichenkette)"
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr ""
+"Legt den Ort der Mail-Spool-Dateien eines Benutzers relativ zu seinem Home-"
+"Verzeichnis fest."
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+"Die Variablen <option>MAIL_DIR</option> und <option>MAIL_FILE</option>  "
+"werden von <command>useradd</command>, <command>usermod</command> und "
+"<command>userdel</command> verwendet, um den Mail-Spool eines Benutzers zu "
+"erstellen, zu verschieben oder zu löschen."
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+"Falls <option>MAIL_CHECK_ENAB</option> auf <replaceable>yes</replaceable> "
+"gesetzt ist, werden sie auch verwendet, um die Umgebungsvariable "
+"<envar>MAIL</envar> festzulegen."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr "<option>MAX_MEMBERS_PER_GROUP</option> (Zahl)"
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+"Maximale Anzahl von Mitgliedern je Gruppeneintrag. Wenn das Maximum erreicht "
+"wird, wird ein weiterer Eintrag in <filename>/etc/group</filename> (mit dem "
+"gleichen Namen, dem gleichen Passwort und der gleichen GID) erstellt."
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr ""
+"Der Standardwert ist 0, was zur Folge hat, dass die Anzahl der Mitglieder "
+"einer Gruppe nicht begrenzt ist."
+
+#. Note: on HP, split groups have the same ID, but different
+#.                names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+"Diese Fähigkeit (der aufgeteilten Gruppe) ermöglicht es, die Zeilenlänge in "
+"der Gruppendatei zu begrenzen. Damit kann sichergestellt werden, dass die "
+"Zeilen für NIS-Gruppen nicht länger als 1024 Zeichen sind."
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr "Falls Sie eine solche Begrenzung benötigen, können Sie 25 verwenden."
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+"Hinweis: Aufgeteilte Gruppen werden möglicherweise nicht von allen "
+"Werkzeugen unterstützt, selbst nicht aus der Shadow-Werkzeugsammlung. Sie "
+"sollten diese Variable nur setzen, falls Sie zwingend darauf angewiesen sind."
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (Zahl)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MAX</option> (number)"
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (Zahl)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (Zahl)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_GID_MIN</option> (resp. "
+#| "<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Der Standardwert für <option>SYS_GID_MIN</option> ist 101, für  "
+"<option>SYS_GID_MAX</option> <option>GID_MIN</option>-1."
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (Zahl)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MAX</option> (number)"
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (Zahl)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (Zahl)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_UID_MIN</option> (resp. "
+#| "<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Der Standardwert für <option>SYS_UID_MIN</option> ist 101, für "
+"<option>SYS_UID_MAX</option> <option>UID_MIN</option>-1."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr "<option>TCB_SYMLINKS</option> (boolesch)"
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+"  use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+"  kilos = UID / 1000\n"
+"  use /etc/tcb/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+"  megas = UID / 1000000\n"
+"  kilos = ( UID / megas * 1000000 ) / 1000\n"
+"  use /etc/tcb/:megas/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+"      "
+msgstr ""
+"\n"
+"falls ( UID kleiner als 1000) {\n"
+"  verwende /etc/tcb/user\n"
+"} anderenfalls, falls ( UID kleiner als 1000000) {\n"
+"  kilos = UID / 1000\n"
+"  verwende /etc/tcb/:kilos/user\n"
+"  erstelle symbolischen Verweis /etc/tcb/user zu dem genannten Verzeichnis\n"
+"} anderenfalls {\n"
+"  megas = UID / 1000000\n"
+"  kilos = ( UID / megas * 1000000 ) / 1000\n"
+"  verwende /etc/tcb/:megas/:kilos/user\n"
+"  erstelle symbolischen Verweis /etc/tcb/user zu dem genannten Verzeichnis\n"
+"}\n"
+"      "
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+"Falls der Wert <replaceable>yes</replaceable> ist, wird der Ort des Tcb-"
+"Verzeichnisses des Benutzers nicht automatisch /etc/tcb/user sein, sondern "
+"nach dem folgenden Algorithmus aus der UID des Benutzers errechnet: "
+"<placeholder-1/>"
+
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr "/etc/login.defs"
+
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr "Konfiguration der Shadow-Passwort-Werkzeugsammlung"
+
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+#: usermod.8.xml:562(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr "userdel"
+
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr "löscht ein Benutzerkonto und die dazugehörigen Dateien"
+
+#: userdel.8.xml:85(para)
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+"Der Befehl <command>userdel</command> bearbeitet die Kontodateien des "
+"Systems und löscht darin alle Einträge, die auf den <emphasis remap=\"I"
+"\">ANMELDENAMEN</emphasis> verweisen. Der bezeichnete Benutzer muss "
+"existieren."
+
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>userdel</command> unterstützt werden, "
+"sind:"
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr "<option>-f</option>, <option>--force</option"
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+"Diese Option erzwingt, dass der Benutzer entfernt wird, selbst wenn er noch "
+"angemeldet ist. Sie führt auch dazu, dass <command>userdel</command> das "
+"Home-Verzeichnis und den Mailspool des Benutzers entfernt, sogar wenn ein "
+"anderer Benutzer dasselbe Home-Verzeichnis hat oder der Mailspool nicht dem "
+"angegebenen Benutzer gehört. Falls in <filename>/etc/login.defs</filename> "
+"<option>USERGROUPS_ENAB</option> auf <emphasis remap=\"I\">yes</emphasis> "
+"gesetzt ist und eine Gruppe mit dem gleichen Namen wie der gelöschte "
+"Benutzer vorhanden ist, wird auch diese Gruppe entfernt, selbst wenn sie die "
+"Hauptgruppe anderer Benutzer ist."
+
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr ""
+"<emphasis>Hinweis:</emphasis> Diese Option ist gefährlich und kann dazu "
+"führen, dass Ihr System nicht mehr ordnungsgemäß funktioniert."
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+"Die Dateien im Home-Verzeichnis des Benutzers werden zusammen mit dem Home-"
+"Verzeichnis und dem Mailspool entfernt. Dateien, die sich nicht unterhalb "
+"des Home-Verzeichnisses befinden, müssen per Hand gesucht und gelöscht "
+"werden."
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+"Der Mailspool wird durch die Variable <option>MAIL_DIR</option> in der Datei "
+"<filename>login.defs</filename> definiert."
+
+#: userdel.8.xml:158(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr "<option>-Z</option>, <option>--selinux-user</option>"
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr ""
+"entfernt die Zuordnung von SELinux-Benutzern aus den Anmeldeinformationen "
+"des Benutzers"
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr "<option>USERDEL_CMD</option> (Zeichenkette)"
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+"Falls angegeben, wird dieser Befehl ausgeführt, wenn ein Benutzer entfernt "
+"wird. Damit können At-, Cron- und Druckaufträge etc. des entfernten "
+"Benutzers (wird als erstes Argument übergeben) gelöscht werden."
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr "Der Rückgabewert des Skripts wird nicht ausgewertet."
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+"      "
+msgstr ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Prüfen, ob das benötigte Argument angegeben wurde\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Verwendungsweise: $0 Benutzername\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# cron-Aufträge entfernen\n"
+"crontab -r -u $1\n"
+"\n"
+"# at-Aufträge entfernen.\n"
+"# Hinweis: Dies wird alle Aufträge entfernen, die der gleichen UID\n"
+"# gehören, selbst wenn sie von einem Benutzer mit einem anderen Namen\n"
+"# eingerichtet wurden.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Druck-Aufträge entfernen\n"
+"lprm $1\n"
+"\n"
+"# Fertig\n"
+"exit 0\n"
+"      "
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+"Dies ist ein Beispielsskript, das die cron-, at- und Druckaufträge des "
+"Benutzers entfernt:<placeholder-1/>"
+
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr "<option>USERGROUPS_ENAB</option> (boolesch)"
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+"Erlaubt Benutzern, die nicht Root sind, die Umask-Gruppen-Bits auf ihre "
+"Umask-Bits zu setzen (Beispiel: 022 -&gt; 002, 077 -&gt; 007), falls die UID "
+"mit der GID identisch ist sowie der Benutzername mit dem Gruppennamen "
+"übereinstimmt."
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+"Wenn der Wert <replaceable>yes</replaceable> ist, wird <command>userdel</"
+"command> die Gruppe des Benutzers entfernen, falls sie keine Mitglieder mehr "
+"hat, und <command>useradd</command> wird standardmäßig eine Gruppe mit dem "
+"Namen des Benutzers erstellen."
+
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr "RÃœCKGABEWERTE"
+
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr "0"
+
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr "Erfolg"
+
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum)
+#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr "1"
+
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr "Die Passwortdatei kann nicht aktualisieren werden."
+
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr "2"
+
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr "unzulässige Syntax für diesen Befehl"
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr "6"
+
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr "Der angegebene Benutzer ist nicht vorhanden."
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr "Benutzer ist im Moment angemeldet."
+
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr "10"
+
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr "Die Gruppendatei kann nicht aktualisieren werden."
+
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr "12"
+
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr "Das Home-Verzeichnis kann nicht gelöscht werden."
+
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>userdel</command> gibt beim Beenden folgende Werte "
+"zurück: <placeholder-1/>"
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+"<command>userdel</command> löscht ein Benutzerkonto nicht, wenn Prozesse "
+"laufen, die diesem Konto gehören. In diesem Fall müssen Sie entweder diese "
+"Prozesse beenden oder das Passwort oder Konto des Benutzers sperren und das "
+"Konto später entfernen. Die Option <option>-f</option> erzwingt das Löschen "
+"eines Kontos."
+
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr ""
+"Sie sollten von Hand alle Systemdateien überprüfen, um sicherzustellen, dass "
+"keine Dateien vorhanden sind, die dem gelöschten Benutzer gehören."
+
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr ""
+"Sie sollten keine NIS-Attribute auf einem NIS-Client löschen. Dies muss auf "
+"dem NIS-Server durchgeführt werden."
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+"Falls in <filename>/etc/login.defs</filename> <option>USERGROUPS_ENAB</"
+"option> auf <emphasis remap=\"I\">yes</emphasis> gesetzt ist, wird "
+"<command>userdel</command> die Gruppe mit dem gleichen Namen wie der "
+"Benutzer entfernen. Um Unstimmigkeiten in der Passwort- und Gruppendatenbank "
+"zu vermeiden, überprüft <command>userdel</command>, ob diese Gruppe die "
+"Hauptgruppe für andere Benutzer ist. Gegebenenfalls wird eine Warnung "
+"angezeigt und die betreffende Gruppe nicht entfernt. Mit der Option <option>-"
+"f</option> kann das Löschen dieser Gruppe erzwungen werden."
+
+#: userdel.8.xml:309(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr "useradd"
+
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+"erstellt einen neuen Benutzer oder aktualisiert die Standardwerte für neue "
+"Benutzer"
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr "-D"
+
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+"Wenn der Befehl <command>useradd</command> ohne die Option <option>-D</"
+"option> aufgerufen wird, wird ein neues Benutzerkonto mit den Werten "
+"erstellt, die auf der Befehlszeile angegeben wurden, und den Standardwerten "
+"des Systems. Je nach den Optionen auf der Befehlszeile aktualisiert der "
+"Befehl <command>useradd</command> Systemdateien, erstellt ein Home-"
+"Verzeichnis für den neuen Benutzer und kopiert Dateien."
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+"Standardmäßig wird auch eine Gruppe für den neuen Benutzer erstellt "
+"(vergleiche <option>-g</option>, <option>-N</option>, <option>-U</option> "
+"und <option>USERGROUPS_ENAB</option>)."
+
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>useradd</command> unterstützt werden, "
+"sind:"
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;"
+"<replaceable>WURZEL_VERZ</replaceable>"
+
+#: useradd.8.xml:133(para)
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+"Das standardmäßige Wurzelverzeichnis des Systems, wenn nicht eines mit "
+"<option>-d</option>&nbsp;<replaceable>HOME_VERZ</replaceable> festgelegt "
+"wurde. Der Name des Home-Verzeichnisses besteht aus der Verbindung von "
+"<replaceable>WURZEL_VERZ</replaceable> und dem Kontonamen. Wenn die Option "
+"<option>-m</option> nicht verwendet wird, muss <replaceable>WURZEL_VERZ</"
+"replaceable> existieren."
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+"Falls diese Option nicht angegeben wird, verwendet <command>useradd</"
+"command> das Wurzelverzeichnis, das mit der Variable <option>HOME</option> "
+"in <filename>/etc/default/useradd</filename> festgelegt wurde, anderenfalls "
+"<filename>/home</filename>."
+
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr ""
+"Eine beliebige Zeichenkette. Dies ist für gewöhnlich eine kurze Beschreibung "
+"des Logins und wird im Moment im Feld für den vollständigen Namen des "
+"Benutzers gespeichert."
+
+#: useradd.8.xml:162(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_VERZ</"
+"replaceable>"
+
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+"Beim Anlegen des neuen Benutzers wird <replaceable>HOME_VERZ</replaceable> "
+"als das Anmeldeverzeichnis des Benutzers verwendet. Um den Namen des "
+"Anmeldeverzeichnisses zu erhalten, wird standardmäßig der "
+"<replaceable>ANMELDE</replaceable>-Name an <replaceable>WURZEL_VERZ</"
+"replaceable> angehängt. Das Verzeichnis <replaceable>HOME_VERZ</replaceable> "
+"muss nicht vorhanden sein, sondern wird gegebenenfalls angelegt."
+
+#: useradd.8.xml:178(term)
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr "<option>-D</option>, <option>--defaults</option>"
+
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr "Lesen Sie dazu unten den Abschnitt »Die Standardwerte verändern«."
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+"Falls nicht definiert, verwendet <command>useradd</command> das "
+"Standardverfallsdatum, das mit der Variable <option>EXPIRE</option> in "
+"<filename>/etc/default/useradd</filename> bestimmt wurde, anderenfalls eine "
+"leere Zeichenkette (kein Verfall)."
+
+#: useradd.8.xml:209(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+"Die Anzahl von Tagen nach Ablaufen des Passworts bis das Konto dauerhaft "
+"deaktiviert wird. Ein Wert von 0 deaktiviert das Konto, sobald das Passwort "
+"abläuft. Ein Wert von -1 schaltet diese Funktion ab."
+
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+"Falls nicht definiert, verwendet <command>useradd</command> die "
+"Standarddauer der Inaktivität, die mit der Variable <option>INACTIVE</"
+"option> in <filename>/etc/default/useradd</filename> bestimmt wurde, "
+"anderenfalls -1."
+
+#: useradd.8.xml:228(para)
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+"Der Name oder die Nummer der anfänglichen Anmeldegruppe des Benutzers. Der "
+"Gruppenname muss existieren. Die Gruppenzahl muss auf eine bereits "
+"vorhandene Gruppe verweisen."
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+"Falls nicht definiert, hängt das Verhalten von <command>useradd</command> "
+"von der Variable <option>USERGROUPS_ENAB</option> in <filename>/etc/login."
+"defs</filename> ab. Wenn diese Variable auf <replaceable>yes</replaceable> "
+"gesetzt ist (oder auf der Befehlszeile <option>-U/--user-group</option> "
+"angegeben wurde), wird für den Benutzer eine Gruppe, die auf seinen Namen "
+"lautet, erstellt. Wenn die Variable auf <replaceable>no</replaceable> "
+"gesetzt ist (oder auf der Befehlszeile <option>-N/--no-user-group</option> "
+"angegeben wurde), legt useradd als Hauptgruppe des neuen Benutzers diejenige "
+"fest, die mit der Variable <option>GROUP</option> in <filename>/etc/default/"
+"useradd</filename> definiert wurde, anderenfalls 100."
+
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+"Eine Liste der zusätzlichen Gruppen, denen der Benutzer ebenfalls angehört. "
+"Die Gruppen sind durch Kommata ohne Leerzeichen voneinander zu trennen. Die "
+"Gruppen unterliegen denselben Beschränkungen wie die Gruppe, die mit der "
+"Option <option>-g</option> bestimmt wurde. Standardmäßig ist der Benutzer "
+"nur Mitglied der Ausgangsgruppe."
+
+#: useradd.8.xml:272(term)
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>GERÃœST_VERZ</"
+"replaceable>"
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+"Das Gerüstverzeichnis, das die Dateien und Verzeichnisse enthält, die in das "
+"Home-Verzeichnis des Benutzers kopiert werden, wenn es von <command>useradd</"
+"command> erstellt wird."
+
+#: useradd.8.xml:281(para)
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr ""
+"Diese Option ist nur zulässig, wenn auch die Option <option>-m</option> "
+"(oder <option>--create-home</option>) angegeben wird."
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+"Wenn diese Option nicht angegeben wird, wird das Gerüstverzeichnis durch die "
+"Variable <option>SKEL</option> in <filename>/etc/default/useradd</filename> "
+"festgelegt, anderenfalls ist dieses <filename>/etc/skel</filename>."
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr "Soweit möglich, werden die ACLs und erweiterten Attribute kopiert."
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>SCHLÃœSSEL</"
+"replaceable>=<replaceable>WERT</replaceable>"
+
+#: useradd.8.xml:301(para)
+#, fuzzy
+#| msgid ""
+#| "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+#| "option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+#| "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+#| "<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+#| "replaceable>=<replaceable>-1</replaceable> can be used when creating "
+#| "system account to turn off password ageing, even though system account "
+#| "has no password at all. Multiple <option>-K</option> options can be "
+#| "specified, e.g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+#| "<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password aging, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Ãœberschreibt die Standardwerte aus <filename>/etc/login.defs</filename> "
+"(<option>UID_MIN</option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> und andere). <placeholder-1/> Beispiel: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_TAGE</"
+"replaceable>=<replaceable>-1</replaceable> kann eingesetzt werden, wenn ein "
+"Systemkonto erstellt wird, um den Verfall des Passworts abzuschalten, selbst "
+"wenn das Systemkonto überhaupt kein Passwort besitzt. Die Option <option>-K</"
+"option> kann mehrmals verwendet werden, z.B.: <option>-K</option>&nbsp;"
+"<replaceable>UID_MIN</replaceable>=<replaceable>100</replaceable>&nbsp;"
+"<option>-K</option>&nbsp;<replaceable>UID_MAX</"
+"replaceable>=<replaceable>499</replaceable>"
+
+#: useradd.8.xml:322(term)
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr "<option>-l</option>, <option>--no-log-init</option>"
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr "Fügt den Benutzer nicht zu den Datenbanken lastlog und faillog hinzu."
+
+#: useradd.8.xml:327(para)
+#, fuzzy
+#| msgid ""
+#| "By default, the user's entries in the lastlog and faillog databases are "
+#| "resetted to avoid reusing the entry from a previously deleted user."
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+"Standardmäßig werden die Benutzereinträge in den Datenbanken lastlog und "
+"faillog zurückgesetzt, um zu vermeiden, dass der Eintrag eines früher "
+"gelöschten Benutzers verwendet wird."
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+"Erstellt das Home-Verzeichnis des Benutzers, wenn es nicht vorhanden ist. "
+"Die Dateien und Verzeichnisse im Gerüstverzeichnis, das mit der Option "
+"<option>-k</option> festgelegt werden kann, werden in das Home-Verzeichnis "
+"kopiert."
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+"Wenn diese Option nicht angegeben wird und <option>CREATE_HOME</option> "
+"nicht aktiviert wurde, wird standardmäßig kein Home-Verzeichnis erstellt."
+
+#: useradd.8.xml:353(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+"Erstellt nicht das Home-Verzeichnis des Benutzers, selbst wenn die "
+"systemweite Option <option>CREATE_HOME</option> in <filename>/etc/login."
+"defs</filename> auf <replaceable>yes</replaceable> gesetzt ist."
+
+#: useradd.8.xml:366(term)
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr "<option>-N</option>, <option>--no-user-group</option>"
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+"Erstellt keine Gruppe mit dem gleichen Namen wie der Benutzer, aber fügt ihn "
+"der Gruppe hinzu, die mit der Option <option>-g</option> oder mit der "
+"Variable <option>GROUP</option> in <filename>/etc/default/useradd</filename> "
+"angegeben wurde."
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"Wenn die Optionen <option>-g</option>, <option>-N</option> und <option>-U</"
+"option> nicht angegeben werden, wird das Verhalten durch die Variable "
+"<option>USERGROUPS_ENAB</option> in <filename>/etc/login.defs</filename> "
+"bestimmt."
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr ""
+"Erlaubt das Erstellen eines Benutzerkontos mit einer schon vergebenen (nicht "
+"eindeutigen) UID."
+
+#: useradd.8.xml:390(para)
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr ""
+"Diese Option kann nur in Verbindung mit der Option <option>-u</option> "
+"verwendet werden."
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+"Das verschlüsselte Passwort, wie es von <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> zurückgegeben wird. "
+"Standardmäßig ist das Passwort deaktiviert."
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr "<option>-r</option>, <option>--system</option>"
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr "erstellt ein Systemkonto"
+
+#: useradd.8.xml:425(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Systembenutzer werden ohne Hinterlegung ihres Alters in <filename>/etc/"
+"shadow</filename> erstellt. Ihre numerische Kennung wird aus der Spanne "
+"<option>SYS_UID_MIN</option> bis <option>SYS_UID_MAX</option> anstelle von "
+"<option>UID_MIN</option> bis <option>UID_MAX</option> gewählt (gleiches gilt "
+"für die GID bei der Erstellung von Gruppen)."
+
+#: useradd.8.xml:434(para)
+#, fuzzy
+#| msgid ""
+#| "Note that <command>useradd</command> will not create a home directory for "
+#| "such an user, regardless of the default setting in <filename>/etc/login."
+#| "defs</filename> (<option>CREATE_HOME</option>). You have to specify the "
+#| "<option>-m</option> options if you want a home directory for a system "
+#| "account to be created."
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such a user, regardless of the default setting in <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-"
+"m</option> options if you want a home directory for a system account to be "
+"created."
+msgstr ""
+"Beachten Sie, dass <command>useradd</command> für einen solchen Benutzer "
+"unabhängig von der Einstellung in <filename>/etc/login.defs</filename> "
+"(<option>CREATE_HOME</option>) kein Home-Verzeichnis erzeugen wird."
+
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+"Der Name der Anmelde-Shell des Benutzers. Standardmäßig wird dieses Feld "
+"leer gelassen. Das System verwendet dann die Standard-Anmelde-Shell, die mit "
+"der Variable <option>SHELL</option> in <filename>/etc/default/useradd</"
+"filename> definiert wird, anderenfalls bleibt das Feld leer."
+
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+"Der zahlenmäßige Wert der Benutzer-ID. Dieser Wert muss eindeutig sein, "
+"sofern nicht die Option <option>-o</option> verwendet wird. Der Wert darf "
+"nicht negativ sein. Standardmäßig wird der kleinste Wert größer als oder "
+"gleich <option>UID_MIN</option> und größer als jeder andere Wert eines "
+"Benutzers verwendet."
+
+#: useradd.8.xml:482(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr ""
+"Vergleichen Sie auch die Option <option>-r</option> und die Ausführungen zu "
+"<option>UID_MAX</option>."
+
+#: useradd.8.xml:489(term)
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr "<option>-U</option>, <option>--user-group</option>"
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr ""
+"erstellt eine Gruppe mit dem gleichen Name wie der Benutzer und fügt diesen "
+"der Gruppe hinzu"
+
+#: useradd.8.xml:510(para)
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+"Der SELinux-Benutzer für den Benutzer nach seiner Anmeldung. Standardmäßig "
+"bleibt dieses Feld leer und es wird dem System überlassen, den SELinux-"
+"Benutzer zu bestimmen."
+
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr "Die Standardwerte verändern"
+
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+"Wenn <command>useradd</command> nur mit der Option <option>-D</option> "
+"aufgerufen wird, werden die aktuellen Standardwerte angezeigt.  Wenn "
+"<command>useradd</command> neben der Option <option>-D</option> mit weiteren "
+"Optionen aufgerufen wird, werden deren Standardwerte entsprechend angepasst. "
+"Die gültigen Optionen, um Standardwerte zu ändern, sind:"
+
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+"Das Wurzelverzeichnis des Home-Verzeichnisses eines neuen Benutzers. Der "
+"Benutzername wird an <replaceable>WURZEL_VERZ</replaceable> angehängt, um "
+"den Namen des Home-Verzeichnisses zu erhalten, falls nicht die Option "
+"<option>-d</option> bei der Erstellung eines neuen Kontos verwendet wird."
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Diese Option verändert die Variable <option>HOME</option> in <filename>/etc/"
+"default/useradd</filename>."
+
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr "das Datum, an dem das Benutzerkonto abgeschaltet wird"
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Diese Option verändert die Variable <option>EXPIRE</option> in <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr ""
+"die Anzahl von Tagen nach dem Ablaufen des Passworts bis das Konto "
+"deaktiviert wird"
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Diese Option verändert die Variable <option>INACTIVE</option> in <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:579(para)
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+"Der Gruppenname oder die GID für die Anfangsgruppe eines neuen Benutzers "
+"(wenn <option>-N/--no-user-group</option> verwendet wird oder wenn in "
+"<filename>/etc/login.defs</filename> die Variable <option>USERGROUPS_ENAB</"
+"option> auf <replaceable>no</replaceable> gesetzt ist). Die bezeichnete "
+"Gruppe und die GID müssen existieren."
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Diese Option verändert die Variable <option>GROUP</option> in <filename>/etc/"
+"default/useradd</filename>."
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr "der Name der Anmelde-Shell des neuen Benutzers"
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Diese Option verändert die Variable <option>SHELL</option> in <filename>/etc/"
+"default/useradd</filename>."
+
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr "ANMERKUNGEN"
+
+#: useradd.8.xml:615(para)
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+"Der Systemadministrator ist dafür verantwortlich, die standardmäßigen "
+"Benutzerdateien im Verzeichnis <filename>/etc/skel/</filename> (oder in "
+"einem anderen Gerüstverzeichnis, das in <filename>/etc/default/useradd</"
+"filename> oder über die Befehlszeile definiert wurde), anzulegen."
+
+#: useradd.8.xml:624(para)
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Sie dürfen einen Benutzer nicht einer NIS- oder LDAP-Gruppe hinzufügen. Dies "
+"muss auf dem entsprechenden Server durchgeführt werden."
+
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+"Ebenso wird <command>useradd</command> ablehnen, ein neues Benutzerkonto zu "
+"erstellen, wenn der Benutzername schon in einer externen Benutzerdatenbank "
+"wie z.B. NIS oder LDAP vorhanden ist."
+
+#: useradd.8.xml:635(para)
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Benutzernamen müssen mit einem Kleinbuchstaben oder einem Unterstrich "
+"beginnen. Sie dürfen nur Kleinbuchstaben, Zahlen, Unterstriche oder "
+"Gedankenstriche enthalten. Sie können mit einem Dollarzeichen enden. Als "
+"regulärer Ausdruck: [a-z_][a-z0-9_-]*[$]?"
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr "Benutzernamen dürfen nur bis zu 32 Zeichen lang sein."
+
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "<option>CREATE_HOME</option> (boolesch)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr ""
+"bestimmt, ob standardmäßig ein Home-Verzeichnis für neue Benutzer erstellt "
+"werden soll"
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr ""
+"Diese Einstellung trifft nicht auf Systembenutzer zu. Sie kann auf der "
+"Befehlszeile überschrieben werden."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+msgid "<option>GID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (Zahl)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+msgid "<option>GID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (Zahl)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"der Bereich von Gruppen-IDs, aus dem die Programme <command>useradd</"
+"command>, <command>groupadd</command> oder <command>newusers</command> bei "
+"der Erstellung normaler Gruppen auswählen dürfen"
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"Der Standardwert für <option>GID_MIN</option> ist 1000, für <option>GID_MAX</"
+"option> 60.000."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr "<option>PASS_MAX_DAYS</option> (Zahl)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+"Die maximale Anzahl von Tagen, für die ein Passwort verwendet werden darf. "
+"Wenn das Passwort älter ist, wird ein Wechsel des Passworts erzwungen. Falls "
+"nicht angegeben, wird -1 angenommen (was zur Folge hat, dass diese "
+"Beschränkung abgeschaltet ist)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr "<option>PASS_MIN_DAYS</option> (Zahl)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+"Die Mindestanzahl von Tagen, bevor ein Wechsel des Passworts zugelassen "
+"wird. Ein vorheriger Versuch, das Passwort zu ändern, wird abgelehnt. Falls "
+"nicht angegeben, wird -1 angenommen (was zur Folge hat, dass diese "
+"Beschränkung abgeschaltet ist)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr "<option>PASS_WARN_AGE</option> (Zahl)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+"Die Anzahl von Tagen, an denen der Benutzer vorgewarnt wird, bevor das "
+"Passwort verfällt. Eine Null bedeutet, dass eine Warnung nur am Tag des "
+"Verfalls ausgegeben wird. Ein negativer Wert bedeutet, dass keine Vorwarnung "
+"erfolgt. Falls nicht angegeben, wird keine Vorwarnung ausgegeben."
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (Zahl)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (Zahl)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"der Bereich von Gruppen-IDs, aus dem die Programme <command>useradd</"
+"command>, <command>groupadd</command> oder <command>newusers</command> bei "
+"der Erstellung von Systemgruppen auswählen dürfen"
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+"Der Standardwert für <option>SYS_GID_MIN</option> ist 101, für  "
+"<option>SYS_GID_MAX</option> <option>GID_MIN</option>-1."
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (Zahl)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (Zahl)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+"der Bereich von Benutzer-IDs, aus dem die Programme <command>useradd</"
+"command> oder <command>newusers</command> bei der Erstellung von "
+"Systembenutzern auswählen dürfen"
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+"Der Standardwert für <option>SYS_UID_MIN</option> ist 101, für "
+"<option>SYS_UID_MAX</option> <option>UID_MIN</option>-1."
+
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr "<option>TCB_AUTH_GROUP</option> (boolesch)"
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+"Falls <replaceable>yes</replaceable>, gehören neu erstellte tcb-shadow-"
+"Dateien der Gruppe <replaceable>auth</replaceable>."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>UID_MAX</option> (number)"
+msgstr "<option>UID_MAX</option> (Zahl)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>UID_MIN</option> (number)"
+msgstr "<option>UID_MIN</option> (Zahl)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+"der Bereich von Benutzer-IDs, aus dem die Programme <command>useradd</"
+"command> oder <command>newusers</command> bei der Erstellung normaler "
+"Benutzer auswählen dürfen"
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"Der Standardwert für <option>UID_MIN</option> ist 1000, für <option>UID_MAX</"
+"option> 60.000."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+msgid "<option>UMASK</option> (number)"
+msgstr "<option>UMASK</option> (Zahl)"
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr ""
+"Die Bit-Gruppe, welche die Rechte von erstellten Dateien bestimmt, wird "
+"anfänglich auf diesen Wert gesetzt. Falls nicht angegeben, wird sie auf 022 "
+"gesetzt."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+"<command>useradd</command> und <command>newusers</command> verwenden diese "
+"Bit-Gruppe, um die Rechte des von ihnen erstellten Home-Verzeichnisses zu "
+"setzen."
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Sie wird auch von <command>login</command> verwendet, um die anfängliche "
+"Umask eines Benutzers zu bestimmen. Beachten Sie, dass diese Bit-Gruppe "
+"durch die GECOS-Zeile des Benutzers (wenn <option>QUOTAS_ENAB</option> "
+"gesetzt wurde) oder die Festlegung eines Limits in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry> mit der Kennung <emphasis>K</emphasis> überschrieben werden "
+"kann."
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+"Sie wird ebenfalls von <command>pam_umask</command> als die Standard-Umask "
+"verwendet."
+
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+# type: Plain text
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr "Standardwerte für die Erstellung eines Kontos"
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr "Verzeichnis, das die Standarddateien enthält"
+
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "ungültiges Argument für Option"
+
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "UID ist schon vergeben (und kein <option>-o</option>)"
+
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr "angegebene Gruppe ist nicht vorhanden"
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr "Benutzername ist schon vergeben"
+
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr "Home-Verzeichnis kann nicht erstellt werden."
+
+#: useradd.8.xml:794(replaceable)
+msgid "14"
+msgstr "14"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr "Die Zuordnung von SELinux-Benutzern kann nicht aktualisiert werden."
+
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>useradd</command> gibt beim Beenden folgende Werte "
+"zurück: <placeholder-1/>"
+
+#: useradd.8.xml:805(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr "ursprünglicher Autor, 1996"
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr "suauth"
+
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr "Dateiformate und konvertierung"
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr "ausführliche Kontrolldatei für su"
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+"Wenn der Befehl su aufgerufen wird, wird die Datei <filename>/etc/suauth</"
+"filename> ausgewertet. Dadurch kann das Verhalten des Befehls su verändert "
+"werden. Dies hängt von Folgendem ab:"
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, fuzzy, no-wrap
+#| msgid ""
+#| "\n"
+#| "      1) the user su is targetting\n"
+#| "    "
+msgid ""
+"\n"
+"      1) the user su is targeting\n"
+"    "
+msgstr ""
+"\n"
+"      1) auf welchen Benutzer su gerichtet ist\n"
+"    "
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+"2) dem Benutzer, der su ausführt (oder einer Gruppe, deren Mitglied er ist)"
+
+# SB: Shouldn't it be ":" at the end?
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr ""
+"Die Datei ist folgendermaßen aufgebaut, wobei Zeilen, die mit einem # "
+"beginnen, als Kommentare behandelt und daher ignoriert werden:"
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      to-id:from-id:ACTION\n"
+"    "
+msgstr ""
+"\n"
+"      Herkunfts-ID:Ziel-ID:AKTION\n"
+"    "
+
+#: suauth.5.xml:101(para)
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+"Hierbei kann to-id <emphasis>ALL</emphasis>, eine Aufzählung von "
+"Benutzernamen, die durch ein »,« getrennt werden, oder <emphasis>ALL EXCEPT</"
+"emphasis>, die von einer Aufzählung von Benutzernamen gefolgt werden, die "
+"durch ein »,« getrennt werden, sein."
+
+# SB: What is the meaning of the last sentence?
+#: suauth.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "from-id is formatted the same as to-id except the extra word "
+#| "<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</"
+#| "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+#| "appears one or more group names, delimited by \",\". It is not sufficient "
+#| "to have primary group id of the relevant group, an entry in "
+#| "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry> is neccessary."
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is necessary."
+msgstr ""
+"from-id hat das gleiche Format wie to-id mit der Ausnahme, dass zusätzlich "
+"<emphasis>GROUP</emphasis> zulässig ist. Auch <emphasis>ALL EXCEPT GROUP</"
+"emphasis> ist zulässig. Nach <emphasis>GROUP</emphasis> werden ein oder "
+"mehrere Gruppennamen aufgeführt, die durch »,« getrennt sind. Die Haupt-ID "
+"einer Gruppe reicht nicht aus, sondern ein Eintrag in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> ist notwendig."
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr "Als Aktion können nur die folgenden Optionen angegeben werden."
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr "DENY"
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr ""
+"Der Versuch, su auszuführen, wird abgebrochen, ehe nach einem Passwort "
+"gefragt wird."
+
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr "NOPASS"
+
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr ""
+"Der Versuch, su auszuführen, hat automatisch Erfolg. Ein Passwort wird nicht "
+"abgefragt."
+
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr "OWNPASS"
+
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr ""
+"Damit der Befehl su Erfolg hat, muss der Benutzer sein eigenes Passwort "
+"eingeben. Darauf wird er hingewiesen."
+
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+"Beachten Sie, dass es sich um drei selbständige Felder handelt, die durch "
+"einen Doppelpunkt getrennt sind. Neben den Doppelpunkten darf sich kein "
+"Leerzeichen befinden. Beachten Sie zudem, dass die Datei von oben nach unten "
+"Zeile für Zeile durchgegangen wird. Die erste Regel, die zutreffend ist, "
+"wird angewendet, ohne dass die Datei weiter ausgewertet wird. Damit kann ein "
+"Systemadministrator eine strenge Kontrolle ausüben."
+
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr "BEISPIEL"
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      # sample /etc/suauth file\n"
+"      #\n"
+"      # A couple of privileged usernames may\n"
+"      # su to root with their own password.\n"
+"      #\n"
+"      root:chris,birddog:OWNPASS\n"
+"      #\n"
+"      # Anyone else may not su to root unless in\n"
+"      # group wheel. This is how BSD does things.\n"
+"      #\n"
+"      root:ALL EXCEPT GROUP wheel:DENY\n"
+"      #\n"
+"      # Perhaps terry and birddog are accounts\n"
+"      # owned by the same person.\n"
+"      # Access can be arranged between them\n"
+"      # with no password.\n"
+"      #\n"
+"      terry:birddog:NOPASS\n"
+"      birddog:terry:NOPASS\n"
+"      #\n"
+"    "
+msgstr ""
+"\n"
+"      # /etc/suauth-Beispielsdatei\n"
+"      #\n"
+"      # Einige besondere Benutzer dürfen su\n"
+"      # auf Root mit ihrem eigenen Passwort ausführen.\n"
+"      #\n"
+"      root:chris,birddog:OWNPASS\n"
+"      #\n"
+"      # Alle anderen Benutzer dürfen nicht su auf Root\n"
+"      # ausführen, falls sie nicht in der Gruppe wheel\n"
+"      # sind. Dies wird bei BSD so gehandhabt.\n"
+"      #\n"
+"      root:ALL EXCEPT GROUP wheel:DENY\n"
+"      #\n"
+"      # Die Konten terry und birddog gehören derselben\n"
+"      # Person. Sie können ohne Passwort aufeinander\n"
+"      # zugreifen.\n"
+"      #\n"
+"      terry:birddog:NOPASS\n"
+"      birddog:terry:NOPASS\n"
+"      #\n"
+"    "
+
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr "FEHLER"
+
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+"Es gibt zahlreiche Fehlerquellen. Die Auswertung der Datei ist sehr "
+"empfindlich bei Syntaxfehlern, zusätzlichen Leerzeichen (außer am Anfang und "
+"Schluss einer Zeile) und dem besonderen Zeichen, das die verschiedenen "
+"Felder von einander trennt."
+
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr "DIAGNOSE"
+
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+"Fehler beim Auswerten der Datei werden an "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> mit der Stufe ERR an das Gerät AUTH gemeldet."
+
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib)
+#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr "ursprünglicher Autor, 1989"
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr "su"
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr "Dienstprogramme für Benutzer"
+
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr "ändert die Benutzer-ID oder wechselt zu Root"
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr "Benutzername"
+
+#: su.1.xml:100(para)
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+"Der Befehl <command>su</command> dient dazu, während einer Sitzung ein "
+"anderer Benutzer zu werden. Wenn <command>su</command> ohne "
+"<option>username</option> aufgerufen wird, wechselt es standardmäßig zu "
+"Root. Zusätzlich kann das Argument <option>-</option> angegeben werden. "
+"Damit wird eine Umgebung zur Verfügung gestellt, die der entspricht, die der "
+"Benutzer nach einer direkten Anmeldung erwartet."
+
+# SB: Bessere Ãœbersetzung als 'Zielbenutzer'?
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+"Zusätzliche Argumente können nach dem Benutzernamen angegeben werden. In "
+"diesem Fall werden sie an die Anmelde-Shell des Benutzers weitergereicht. "
+"Insbesondere führt das Argument <option>-c</option> dazu, dass das nächste "
+"Argument von den meisten Interpretatoren als Befehl behandelt wird. Dieser "
+"Befehl wird von der Shell ausgeführt, die in <filename>/etc/passwd</"
+"filename> für den Zielbenutzer angegeben ist."
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+"Sie können das Argument <option>--</option> verwenden, um Optionen für "
+"<command>su</command> von Argumenten für die Shell zu trennen."
+
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+"Der Benutzer wird gegebenenfalls nach einem Passwort gefragt. Ungültige "
+"Passworteingaben werden eine Fehlermeldung erzeugen. Sowohl erfolgreiche als "
+"auch misslungene Versuche werden protokolliert, um Missbrauch des Systems zu "
+"entdecken."
+
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"Die aktuelle Umgebung wird an die neue Shell übergeben. Der Wert von <envar>"
+"$PATH</envar> wird für normale Benutzer auf <filename>/bin:/usr/bin</"
+"filename> gesetzt, für Root auf <filename>/sbin:/bin:/usr/sbin:/usr/bin</"
+"filename>. Dieses Verhalten kann durch die Definition von <option>ENV_PATH</"
+"option> und <option>ENV_SUPATH</option> in <filename>/etc/login.defs</"
+"filename> geändert werden."
+
+# SB: Not quite sure what subsystem logins are.
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+"Eine Subsystem-Anmeldung wird durch einen »*« als erstes Zeichen der Anmelde-"
+"Shell gekennzeichnet. Das angegebene Home-Verzeichnis wird als Wurzel für "
+"das Dateisystem verwendet, auf welchem der Benutzer tatsächlich angemeldet "
+"ist."
+
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>su</command> unterstützt werden, sind:"
+
+#: su.1.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>BEFEHL</"
+"replaceable>"
+
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr ""
+"gibt einen Befehl an, der von der Shell mittels ihrer Option <option>-c</"
+"option> ausgeführt wird"
+
+#: su.1.xml:158(para)
+#, fuzzy
+#| msgid ""
+#| "The executed command will have no controlling terminal. This option "
+#| "cannot be used to execute interractive programs which need a controlling "
+#| "TTY."
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+"Der ausgeführte Befehl hat kein ihn steuerndes Terminal. Mit dieser Option "
+"können keine interaktiven Programme, die ein sie steuerndes TTY benötigen, "
+"ausgeführt werden."
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr ""
+"Eine Umgebung wird zur Verfügung gestellt, die der entspricht, die der "
+"Benutzer nach einer direkten Anmeldung erwartet."
+
+#: su.1.xml:176(para)
+#, fuzzy
+#| msgid ""
+#| "When <option>-</option> is used, it must be specified as the last "
+#| "<command>su</command> option. The other forms (<option>-l</option> and "
+#| "<option>--login</option>) do not have this restriction."
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+"Wenn <option>-</option> verwendet wird, muss es als die letzte Option von "
+"<command>su</command> angegeben werden. Die übrigen Formen ((<option>-l</"
+"option> und <option>--login</option>) unterliegen nicht dieser Beschränkung."
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr "die Shell, die gestartet wird"
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr "die Shell, die mit --shell angegeben wurde"
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+"Falls <option>--preserve-environment</option> verwendet wird, die Shell, die "
+"durch die Umgebungsvariable <envar>$SHELL</envar> festgelegt wird."
+
+# SB: Bessere Ãœbersetzung als 'Zielbenutzer'?
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr ""
+"die Shell, die in <filename>/etc/passwd</filename> für den Zielbenutzer "
+"angegeben ist"
+
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr ""
+"<filename>/bin/sh</filename>, falls durch die obigen Methoden keine Shell "
+"gefunden werden kann"
+
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+"Die aufgerufene Shell wird bestimmt durch (höchste Priorität zuerst): "
+"<placeholder-1/>"
+
+# SB: Bessere Ãœbersetzung als 'Zielbenutzer'?
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+"Falls der Zielbenutzer eine beschränkte Shell hat (d.h. das Feld für die "
+"Shell im Eintrag des Benutzers in <filename>/etc/passwd</filename> ist nicht "
+"in <filename>/etc/shells</filename>) aufgeführt), werden die Option "
+"<option>--shell</option> und die Umgebungsvariable <envar>$SHELL</envar> "
+"nicht beachtet, sofern <command>su</command> nicht von Root aufgerufen wird."
+
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr "$PATH"
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+"auf den Ausgangswert entsprechend der Optionen <option>ENV_PATH</option> "
+"oder <option>ENV_SUPATH</option> in <filename>/etc/login.defs</filename> "
+"zurücksetzen (siehe unten);"
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr "$IFS"
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+"auf <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote> zurücksetzen, "
+"falls es verändert wurde"
+
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr "Erhält die aktuelle Umgebung mit Ausnahme von: <placeholder-1/>"
+
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+"Falls der Zielbenutzer eine beschränkte Shell besitzt, hat diese Option "
+"keinen Effekt (sofern <command>su</command> nicht von Root aufgerufen wird)."
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+"Die Umgebungsvariablen <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>"
+"$USER</envar>, <envar>$LOGNAME</envar>, <envar>$PATH</envar> und <envar>"
+"$IFS</envar> werden zurückgesetzt."
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr ""
+"Falls nicht <option>--login</option> verwendet wurde, wird die Umgebung mit "
+"der Ausnahme der genannten Variablen kopiert."
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+"Falls <option>--login</option> verwendet wurde, werden die Variablen <envar>"
+"$TERM</envar>, <envar>$COLORTERM</envar>, <envar>$DISPLAY</envar> und <envar>"
+"$XAUTHORITY</envar> übernommen, wenn ihnen ein Wert zugewiesen wurde."
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+"Falls <option>--login</option> verwendet wurde, werden die "
+"Umgebungsvariablen <envar>$TZ</envar>, <envar>$HZ</envar> und <envar>$MAIL</"
+"envar> auf die in <filename>/etc/login.defs</filename> definierten Optionen "
+"<option>ENV_TZ</option>, <option>ENV_HZ</option>, <option>MAIL_DIR</option> "
+"und <option>MAIL_FILE</option> (siehe unten) gesetzt."
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+"Wenn <option>--login</option> verwendet wird, können andere "
+"Umgebungsvariablen mit der Datei <option>ENVIRON_FILE</option> vergeben "
+"werden (siehe unten)."
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr "Andere Umgebungen können auch durch PAM-Module eingerichtet werden."
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr ""
+"Beachten Sie, dass Folgendes das Standardverhalten für die Umgebung ist: "
+"<placeholder-1/>"
+
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Diese Version von <command>su</command> hat viele Kompilierungsoptionen. "
+"Deren Nützlichkeit hängt von den Anforderungen der jeweiligen Umgebung ab."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE</option> (string)"
+msgstr "<option>CONSOLE</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+"Die Konfiguration erfolgt entweder über die Angabe des vollen Pfadnamens "
+"einer Datei, welche die Namen der Geräte enthält (eines pro Zeile), oder mit "
+"einer Liste der Gerätenamen, die mit »:« getrennt sind. Root kann sich nur "
+"auf diesen Geräten anmelden."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr ""
+"Wenn es unkonfiguriert gelassen wird, kann sich Root auf jedem Gerät "
+"anmelden."
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr "Das Gerät soll ohne vorangestelltes /dev/ angegeben werden."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr "<option>CONSOLE_GROUPS</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+"Liste von Gruppen, deren Mitglied der Benutzer wird, wenn der sich auf der "
+"Konsole anmeldet, die mit dem Parameter CONSOLE festgelegt wird. "
+"Standardmäßig ist die Liste leer. <placeholder-1/> Seien Sie vorsichtig. "
+"Benutzer können dauerhaft Zugang zu den Gruppen erlangen, auch wenn sie "
+"nicht auf der Konsole angemeldet sind."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr "<option>DEFAULT_HOME</option> (boolesch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr ""
+"Legt fest, ob ein Login erlaubt wird, wenn mit cd nicht in das Home-"
+"Verzeichnis gewechselt werden kann. Standardmäßig wird dies nicht zugelassen."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+"Falls auf <replaceable>yes</replaceable> gesetzt, wird der Benutzer mit dem "
+"Wurzelverzeichnis (<filename>/</filename>) angemeldet, wenn mit cd nicht in "
+"sein Home-Verzeichnis gewechselt werden kann."
+
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "<option>ENV_HZ</option> (Zeichenkette)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+"Wenn vergeben, wird damit die Umgebungsvariable HZ definiert, wenn sich ein "
+"Benutzer anmeldet. Dem Wert muss ein <replaceable>HZ=</replaceable> "
+"vorangestellt werden. Ein üblicher Wert bei Linux ist <replaceable>HZ=100</"
+"replaceable>."
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+"Die Umgebungsvariable <envar>HZ</envar> wird nur gesetzt, wenn sich der "
+"Benutzer (der Administrator) mit <command>sulogin</command> anmeldet."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr "<option>ENVIRON_FILE</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+"Wenn diese Datei vorhanden ist, wird die Anmeldeumgebung aus ihr gelesen. "
+"Jede Zeile sollte die Form Name=Wert haben."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr ""
+"Zeilen, die mit einem # beginnen, werden als Kommentare behandelt und daher "
+"ignoriert."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_PATH</option> (string)"
+msgstr "<option>ENV_PATH</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+"Wenn gesetzt, wird damit die Umgebungsvariable PATH definiert, wenn sich ein "
+"normaler Benutzer anmeldet. Der Wert ist eine Liste, deren Einträge durch "
+"Doppelpunkte getrennt sind (zum Beispiel <replaceable>/bin:/usr/bin</"
+"replaceable>). Ihr kann ein <replaceable>PATH=</replaceable> vorangestellt "
+"werden. Der Standardwert ist <replaceable>PATH=/bin:/usr/bin</replaceable>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr "<option>ENV_SUPATH</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+"Wenn gesetzt, wird damit die Umgebungsvariable PATH definiert, wenn sich der "
+"Superuser anmeldet. Der Wert ist eine Liste, deren Einträge durch "
+"Doppelpunkte getrennt sind (zum Beispiel <replaceable>/sbin:/bin:/usr/sbin:/"
+"usr/bin</replaceable>). Ihr kann ein <replaceable>PATH=</replaceable> "
+"vorangestellt werden. Der Standardwert ist <replaceable>PATH=/sbin:/bin:/usr/"
+"sbin:/usr/bin</replaceable>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_TZ</option> (string)"
+msgstr "<option>ENV_TZ</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+"Wenn gesetzt, wird damit die Umgebungsvariable TZ definiert, wenn sich ein "
+"Benutzer anmeldet. Der Wert kann der Name der Zeitzone sein, dem "
+"<replaceable>TZ=</replaceable> vorausgeht (zum Beispiel "
+"<replaceable>TZ=CST6CDT</replaceable>), oder der vollständige Pfad der "
+"Datei, welche die Konfiguration der Zeitzone enthält (zum Beispiel "
+"<filename>/etc/tzname</filename>)."
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+"Wenn ein vollständiger Pfadname angegeben wird, die Datei aber nicht "
+"existiert oder nicht lesbar ist, wird <replaceable>TZ=CST6CDT</replaceable> "
+"verwendet."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr "<option>LOGIN_STRING</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+"Diese Zeichenkette wird bei der Eingabeaufforderung des Passworts (Prompt) "
+"verwendet. Standardmäßig wird »Password: « oder eine Übersetzung davon "
+"benutzt. Wenn Sie diese Variable definieren, wird die Eingabeaufforderung "
+"nicht übersetzt."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr ""
+"Wenn die Zeichenkette ein <replaceable>%s</replaceable> enthält, wird dies "
+"durch den Benutzernamen ersetzt."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr "<option>MAIL_CHECK_ENAB</option> (boolesch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr ""
+"aktiviert die Prüfung und Anzeige des Status der Mailbox bei der Anmeldung"
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+"Sie sollten dies abschalten, wenn schon die Startdateien der Shell die Mails "
+"prüfen (»mailx -e« oder ähnliches)."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr "<option>QUOTAS_ENAB</option> (boolesch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+"aktiviert das Setzen von Resourcenbeschränkungen aus <filename>/etc/limits</"
+"filename> und von ulimit, umask und niceness aus dem gecos-Feld des "
+"Benutzers von passwd"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr "<option>SULOG_FILE</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr ""
+"Wenn angegeben, wird jeder Aufruf von su in dieser Datei protokolliert."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SU_NAME</option> (string)"
+msgstr "<option>SU_NAME</option> (Zeichenkette)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+"Damit kann die Anzeige des Namens des Befehls festgelegt werden, wenn »su -« "
+"ausgeführt wird. Wenn beispielsweise dies auf »su« gesetzt wurde, zeigt »ps« "
+"den Befehl als »-su« an. Wenn es dagegen nicht vergeben wurde, wird »ps« den "
+"Namen der Shell anzeigen, die ausgeführt wird, also etwa »-sh«."
+
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr "<option>SU_WHEEL_ONLY</option> (boolesch)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+"Falls <replaceable>yes</replaceable>, muss der Benutzer Mitglied der ersten "
+"Gruppe mit der GID 0 in <filename>/etc/group</filename> sein (auf den "
+"meisten Linux-Systemen heißt die <replaceable>root</replaceable>), um mit "
+"<command>su</command> zu einem Konto mit der UID 0 wechseln zu können. Falls "
+"die Gruppe nicht existiert oder keine Mitglieder hat, kann niemand mittels "
+"<command>su</command> zur UID 0 wechseln."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SU_ENAB</option> (boolesch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr ""
+"aktiviert das Protokollieren der Aktivitäten von <command>su</command> in "
+"»syslog« neben der Protokollierung in der sulog-Datei"
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr ""
+"Wenn <command>su</command> erfolgreich ausgeführt wird, gibt es den "
+"Rückgabewert des mit ihm ausgeführten Befehls zurück."
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr ""
+"Wenn dieser Befehl mit einem Signal beendet wurde, gibt <command>su</"
+"command> die Nummer des Signals plus 128 zurück."
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+"Wenn <command>su</command> den Befehl mit kill beenden musste (weil er der "
+"Aufforderung, sich zu beenden, nicht rechtzeitig nachgekommen ist), gibt es "
+"255 zurück."
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr "Erfolg (nur bei <option>--help</option>)"
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr "System- oder Anmeldefehler"
+
+#: su.1.xml:422(replaceable)
+msgid "126"
+msgstr "126"
+
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr "Der angegebene Befehl konnte nicht gefunden werden."
+
+#: su.1.xml:428(replaceable)
+msgid "127"
+msgstr "127"
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr "Der angegebene Befehl konnte nicht ausgeführt werden."
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr ""
+"Einige Rückgabewerte von <command>su</command> sind unabhängig von dem "
+"ausgeführten Befehl: <placeholder-1/>"
+
+#: su.1.xml:439(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr "sg"
+
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr "führt einen Befehl unter einer anderen Gruppen-ID aus"
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr "-"
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr "-c"
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr "Gruppe <placeholder-1/> Befehl"
+
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+"Der Befehl <command>sg</command> funktioniert so ähnlich wie der Befehl "
+"<command>newgrp</command>, übernimmt aber auch einen Befehl. Dieser Befehl "
+"wird in der Shell <filename>/bin/sh</filename> ausgeführt. Bei den meisten "
+"Shells, in denen Sie <command>sg</command> ausführen, müssen Sie die "
+"Befehle, die aus mehrere Wörtern bestehen, in Anführungszeichen einfassen. "
+"Ein weiterer Unterschied zwischen <command>newgrp</command> und <command>sg</"
+"command> ist, dass einige Shells <command>newgrp</command> besonders "
+"behandeln: sie ersetzen sich mit einer neuen Instanz der Shell, die von "
+"<command>newgrp</command> erzeugt wurde. Dies geschieht nicht mit "
+"<command>sg</command>, daher werden Sie nach Beenden des Befehls "
+"<command>sg</command> zu Ihrer vorherigen Gruppen-ID zurückkehren."
+
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SG_ENAB</option> (boolesch)"
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr ""
+"aktiviert das Protokollieren der Aktivitäten von <command>sg</command> in "
+"»syslog«"
+
+#: sg.1.xml:141(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr "shadow"
+
+#: shadow.5.xml:65(refpurpose)
+msgid "shadowed password file"
+msgstr "Shadow-Passwortdatei"
+
+#: shadow.5.xml:70(para)
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+"<filename>shadow</filename> ist eine Datei, welche die  "
+"Passwortinformationen für die Konten des Systems und fakultativ "
+"Informationen zum Verfall der Passwörter enthält."
+
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr ""
+"Um die Sicherheit der Passwörter zu gewährleisten, darf diese Datei nicht "
+"für normale Benutzer lesbar sein."
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+"Jede Zeile dieser Datei enthält folgende neun Felder, die durch Doppelpunkt "
+"(<quote>:</quote>) getrennt werden:"
+
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr "Anmeldename"
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr ""
+"Dabei muss es sich um eine gültigen Kontonamen handeln, der auf dem System "
+"existiert."
+
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr "verschlüsseltes Passwort"
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+"Sie sollten in <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> nachsehen, wenn Sie "
+"mehr über die Bedeutung dieser Zeichenkette wissen wollen."
+
+#: shadow.5.xml:103(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+"Wenn das Passwortfeld eine Zeichenkette enthält, die kein zulässiges "
+"Ergebnis von <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> ist, z.B. ! oder *, kann sich der Benutzer nicht "
+"mit einem Unix-Passwort anmelden; eine Anmeldung auf anderem Wege wird "
+"dadurch nicht verhindert."
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+"Dieses Feld kann leer bleiben. In diesem Fall kann sich der angegebene "
+"Benutzer ohne Passwort anmelden. Möglicherweise verweigern Anwendungen, "
+"welche die Datei <filename>/etc/shadow</filename> auswerten, dennoch den "
+"Zugang, wenn das Passwortfeld leer ist."
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "A password field which starts with a exclamation mark means that the "
+#| "password is locked. The remaining characters on the line represent the "
+#| "password field before the password was locked."
+msgid ""
+"A password field which starts with an exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+"Ein Passwortfeld, das mit einem Ausrufezeichen beginnt, führt dazu, dass das "
+"Passwort gesperrt ist. Die übrigen Zeichen sind das Passwort vor der "
+"Sperrung."
+
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr "Datum, an dem das Passwort das letzte Mal geändert wurde"
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"Das Datum, als das Passwort das letzte Mal geändert wurde, wird als Anzahl "
+"der Tage seit dem 1. Januar 1970 ausgedrückt."
+
+#: shadow.5.xml:134(para)
+#, fuzzy
+#| msgid ""
+#| "The value 0 has a special meaning, which is that the user should change "
+#| "her pasword the next time she will log in the system."
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"password the next time she will log in the system."
+msgstr ""
+"Dem Wert 0 kommt eine besondere Bedeutung zu: Der Benutzer sollte sein "
+"Passwort bei der nächsten Anmeldung ändern."
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr ""
+"Ein leeres Feld bedeutet, dass das Altern des Passworts abgeschaltet ist."
+
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr "Mindestalter des Passworts"
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+"Das Mindestalter des Passworts ist die Anzahl von Tagen, die ein Benutzer "
+"warten muss, bevor er sein Passwort wieder ändern darf."
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr ""
+"Eine leeres Feld oder der Wert 0 bedeuten, dass es kein Mindestalter eines "
+"Passworts gibt."
+
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr "Höchstalter des Passworts"
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr ""
+"Das Höchstalter des Passworts ist die Anzahl von Tagen, nach welcher der "
+"Benutzer sein Passwort ändern muss."
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr ""
+"Auch nach Ablauf dieser Anzahl von Tagen bleibt das Passwort gültig. Der "
+"Benutzer wird bei der nächsten Anmeldung aufgefordert, sein Passwort zu "
+"ändern."
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+"Ein leeres Feld bedeutet, dass es kein Höchstalter für das Passwort, keine "
+"Vorwarnung und keine Dauer der Untätigkeit (siehe unten) gibt."
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr ""
+"Wenn das Höchstalter niedriger als das Mindestalter eines Passworts ist, "
+"kann ein Benutzer sein Passwort nicht ändern."
+
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr "Passwortvorwarndauer"
+
+#: shadow.5.xml:187(para)
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr ""
+"Die Anzahl von Tagen, während welcher der Benutzer vorgewarnt wird, bevor "
+"sein Passwort abläuft (siehe das Höchstalter des Passworts)."
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr ""
+"Ein leeres Feld oder der Wert 0 bedeutet, dass es keine Vorwarnung gibt."
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr "Dauer der fehlenden Verwendung des Passworts"
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+"Die Anzahl von Tagen, für die ein Benutzer sein Passwort, nachdem es "
+"abgelaufen ist (vergleiche oben das Höchstalter des Passworts), noch "
+"verwenden kann (und während des nächsten Logins ändern muss)."
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+"Nachdem das Passwort abgelaufen ist und auch die Dauer der Untätigkeit "
+"verstrichen ist, kann sich der Benutzer mit seinem Passwort nicht mehr "
+"anmelden. Er muss sich dann an den Administrator wenden."
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr ""
+"Ein leeres Feld bedeutet, dass es keine Höchstdauer zwischen Ablauf des "
+"Passworts und erneuter Anmeldung des Benutzers gibt."
+
+#: shadow.5.xml:222(emphasis)
+msgid "account expiration date"
+msgstr "Datum des Verfalls des Kontos"
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"Das Datum, an dem das Konto verfällt, wird als Anzahl der Tage seit dem 1. "
+"Januar 1970 ausgedrückt."
+
+#: shadow.5.xml:229(para)
+#, fuzzy
+#| msgid ""
+#| "Note that an account expiration differs from a password expiration. In "
+#| "case of an acount expiration, the user shall not be allowed to login. In "
+#| "case of a password expiration, the user is not allowed to login using her "
+#| "password."
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an account expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+"Beachten Sie, dass der Verfall eines Kontos sich von dem Ablaufen eines "
+"Passworts unterscheidet. Im ersteren Fall kann sich der Benutzer nicht mehr "
+"anmelden. Im letzteren Fall kann sich der Benutzer nur nicht mehr mit seinem "
+"(alten) Passwort anmelden."
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr "Ein leeres Feld bedeutet, dass das Konto nicht verfallen wird."
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+"Der Wert 0 sollte nicht verwendet werden, weil er sowohl bedeuten kann, dass "
+"das Konto nicht verfällt als auch, dass das Konto bereits am 1. Januar 1970 "
+"verfallen ist."
+
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr "reserviertes Feld"
+
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr "Dieses Feld ist für zukünftigen Gebrauch reserviert."
+
+#: shadow.5.xml:270(filename)
+msgid "/etc/shadow-"
+msgstr "/etc/shadow-"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr "Sicherungskopie von /etc/shadow"
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+"Beachten Sie, dass diese Datei von Werkzeugen der Shadow-Werkzeugsammlung "
+"verwendet wird, aber nicht von allen sonstigen Programmen zur Benutzer- und "
+"Passwortverwaltung."
+
+#: shadow.5.xml:284(para)
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr "Bibliotheksaufrufe"
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr "getspnam"
+
+# SB: Ãœbersetzung iO?
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr "Routinen für die Datei, die die verschlüsselten Passwörter enthält"
+
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "SYNTAX"
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr "#include &lt;shadow.h&gt;"
+
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr "struct spwd *getspent();"
+
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr "truct spwd *getspnam(char"
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr "*name"
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ");"
+
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr "void setspent();"
+
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr "void endspent();"
+
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr "struct spwd *fgetspent(FILE"
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr "*fp"
+
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr "struct spwd *sgetspent(char"
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr "*cp"
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr "int putspent(struct spwd"
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr "*p,"
+
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr "DATEIEN"
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr "int lckpwdf();"
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr "int ulckpwdf();"
+
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+"<emphasis remap=\"I\">shadow</emphasis> verändert den Inhalt der Shadow-"
+"Passwort-Datei <filename>/etc/shadow</filename>. Der Aufbau der Datei "
+"<emphasis remap=\"I\">#include</emphasis> ist:"
+
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid ""
+"struct spwd {\n"
+"      char\t\t*sp_namp; /* user login name */\n"
+"      char\t\t*sp_pwdp; /* encrypted password */\n"
+"      long int\t\tsp_lstchg; /* last password change */\n"
+"      long int\t\tsp_min; /* days until change allowed. */\n"
+"      long int\t\tsp_max; /* days before change required */\n"
+"      long int\t\tsp_warn; /* days warning for expiration */\n"
+"      long int\t\tsp_inact; /* days before account inactive */\n"
+"      long int\t\tsp_expire; /* date when account expires */\n"
+"      unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+"    "
+msgstr ""
+"struct spwd {\n"
+"      char  *sp_namp; /* Anmeldename des Benutzers */\n"
+"      char  *sp_pwdp; /* verschlüsseltes Passwort */\n"
+"      long int  sp_lstchg; /* letzte Änderung des Passworts */\n"
+"      long int  sp_min; /* Tage, ehe Änderung erlaubt ist */\n"
+"      long int  sp_max; /* Tage, bis Änderung erfolgen muss */\n"
+"      long int  sp_warn; /* Tage für Warnung vor Verfall */\n"
+"      long int  sp_inact; /* Tage, ehe Konto inaktiv wird */\n"
+"      long int  sp_expire; /* Datum, an dem Konto abgeschaltet wird */\n"
+"      unsigned long int  sp_flag; /* reserviert für zukünftigen Gebrauch*/\n"
+"}\n"
+"    "
+
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr "Die Bedeutung dieser Felder ist:"
+
+# SB: Ãœbersetzung von 'null-terminated'?
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr "sp_namp - Verweis auf Benutzername, der mit einer Null endet"
+
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr "sp_pwdp - Verweis auf Passwort, das mit einer Null endet"
+
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+"sp_lstchg - Anzahl der Tage gerechnet ab dem 1. Januar 1970, seitdem das "
+"Passwort das letzte Mal geändert wurde"
+
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr "sp_min - Anzahl der Tage, ehe das Passwort nicht geändert werden darf"
+
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr "sp_max - Anzahl der Tage, nach denen das Passwort geändert werden muss"
+
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+"sp_warn - Anzahl der Tage ehe das Passwort verfällt, an denen der Benutzer "
+"vor dem Verfall gewarnt wird"
+
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+"sp_inact - Anzahl der Tage nach dem Verfall des Passworts, nach denen das "
+"Konto als inaktiv angesehen und abgeschaltet wird"
+
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+"sp_expire - Anzahl Tage gerechnet ab dem 1. Januar 1970, für die das Konto "
+"abgeschaltet ist"
+
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr "sp_flag - für zukünftigen Gebrauch reserviert"
+
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis> und <emphasis>sgetspent</emphasis> geben "
+"einen Verweis auf <emphasis>struct spwd</emphasis> zurück. "
+"<emphasis>getspent</emphasis> gibt den nächsten Eintrag der Datei zurück. "
+"<emphasis>fgetspent</emphasis> gibt den nächsten Eintrag im angegebenen "
+"Datenstrom zurück, für den angenommen wird, dass es sich dabei um eine Datei "
+"im zulässigen Format handelt. <emphasis>sgetspent</emphasis> gibt einen "
+"Verweis auf einen <emphasis>struct spwd</emphasis> zurück, wobei die "
+"angegebene Zeichenkette als Eingabe verwendet wird. <emphasis>getspnam</"
+"emphasis> sucht ab der aktuellen Position in der Datei nach einem Eintrag, "
+"der mit <emphasis>name</emphasis> übereinstimmt."
+
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+"<emphasis>setspent</emphasis> und <emphasis>endspent</emphasis> können "
+"verwendet werden, um den Zugriff auf die Shadow-Passwort-Datei zu beginnen "
+"oder zu beenden."
+
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+"Die Routinen <emphasis>lckpwdf</emphasis> und <emphasis>ulckpwdf</emphasis> "
+"sollten eingesetzt werden, da so sichergestellt werden kann, dass exlusiv "
+"auf die Datei <filename>/etc/shadow</filename> zugegriffen wird. "
+"<emphasis>lckpwdf</emphasis> versucht, eine Sperre durch <emphasis>pw_lock</"
+"emphasis> für bis zu 15 Sekunden zu erhalten. Dann versucht es, eine zweite "
+"Sperre durch <emphasis>spw_lock</emphasis> für den Rest der 15 Sekunden zu "
+"erhalten. Sollte einer der beiden Versuche nach insgesamt 15 Sekunden "
+"scheitern, gibt <emphasis>lckpwdf</emphasis> -1 zurück. Wurden beide Sperren "
+"erhalten, wird 0 zurückgegeben."
+
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+"Wenn kein weiterer Eintrag vorhanden ist oder während der Verarbeitung ein "
+"Fehler auftritt, geben die Routinen NULL zurück. Routinen, die "
+"<emphasis>int</emphasis> als Rückgabewert haben, geben im Erfolgsfall 0 und "
+"beim Scheitern -1 zurück."
+
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr ""
+"Diese Routinen können nur von Root verwendet werden, da der Zugriff auf die "
+"Shadow-Passwort-Datei beschränkt ist."
+
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr "pwconv"
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr "pwunconv"
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr "grpconv"
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr "grpunconv"
+
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr "konvertiert zu oder von Shadow-Passwörtern und -gruppen"
+
+# SB: Translation ok?
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+"Der Befehl <command>pwconv</command> erstellt eine <emphasis remap=\"I"
+"\">shadow</emphasis>-Datei aus einer <emphasis remap=\"I\">passwd</emphasis>-"
+"Datei und gegebenenfalls aus einer bereits vorhandenen <emphasis remap=\"I"
+"\">shadow</emphasis>-Datei."
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+"<command>pwconv</command> funktioniert nicht, wenn <option>USE_TCB</option> "
+"aktiviert ist. Um zu Tcb-Passwörtern zu konvertieren, sollten Sie zuerst mit "
+"<command>pwconv</command> zu Shadowed-Passwörtern konvertieren, wobei Sie in "
+"<filename>login.defs</filename> <option>USE_TCB</option> deaktivieren, und "
+"anschließend mit <command>tcb_convert</command> zu Tcb-Passwörtern "
+"konvertieren. Schließlich können Sie <option>USE_TCB</option> in "
+"<filename>login.defs</filename> reaktivieren."
+
+# SB: Translation ok?
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+"Der Befehl <command>pwunconv</command> erstellt eine <emphasis remap=\"I"
+"\">passwd</emphasis>-Datei aus einer <emphasis remap=\"I\">passwd</"
+"emphasis>- und <emphasis remap=\"I\">shadow</emphasis>-Datei und entfernt "
+"anschließend die<emphasis remap=\"I\">shadow</emphasis>-Datei."
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+"<command>pwunconv</command> funktioniert nicht, wenn <option>USE_TCB</"
+"option> aktiviert ist. Sie sollten zuerst mit <command>tcb_unconvert</"
+"command> von tcb- zu shadowed-Passwörtern wechseln und anschließend vor der "
+"Verwendung von  <command>pwunconv</command> <option>USE_TCB</option> in "
+"<filename>login.defs</filename> deaktivieren."
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+"Der Befehl <command>grconv</command> erstellt eine <emphasis remap=\"I"
+"\">gshadow</emphasis>-Datei aus einer <emphasis remap=\"I\">group</emphasis>-"
+"Datei und gegebenenfalls aus einer bereits vorhandenen <emphasis remap=\"I"
+"\">gshadow</emphasis>-Datei."
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+"Der Befehl <command>grpunconv</command> erstellt eine <emphasis remap=\"I"
+"\">group</emphasis>-Datei aus einer <emphasis remap=\"I\">group</emphasis>- "
+"und <emphasis remap=\"I\">gshadow</emphasis>-Datei und entfernt anschließend "
+"die <emphasis remap=\"I\">gshadow</emphasis>-Datei."
+
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+"Diese vier Programme funktionieren mit der normalen und der Shadow-"
+"Passwortdatei und den Gruppendateien: <filename>/etc/passwd</filename>, "
+"<filename>/etc/group</filename>, <filename>/etc/shadow</filename> und "
+"<filename>/etc/gshadow</filename>."
+
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+"Jedes dieser Programme erzeugt vor der Konvertierung die notwendigen "
+"Sperren. <command>pwconv</command> und <command>grpconv</command> sind "
+"vergleichbar. Zuerst werden die Einträge aus der Shadow-Datei entfernt, die "
+"nicht in der Hauptdatei enthalten sind. Anschließend werden die Einträge in "
+"der Shadow-Datei aktualisiert, die kein »x« als Passwort haben. Zuletzt "
+"werden die Passwörter in der Hauptdatei durch »x« ersetzt. Diese Programme "
+"können für eine erstmalige Konvertierung genutzt werden als auch, um die "
+"Shadow-Datei zu aktualisieren, falls die Hauptdatei von Hand bearbeitet "
+"wurde."
+
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+"<command>pwconv</command> verwendet die Werte <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis> "
+"und <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> aus <filename>/etc/login."
+"defs</filename>, wenn neue Einträge zu <filename>/etc/shadow</filename> "
+"hinzugefügt werden."
+
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+"Ebenfalls sind die Befehle <command>pwunconv</command> und "
+"<command>grpunconv</command> ähnlich. Passwörter in der Hauptdatei werden "
+"durch die Shadow-Datei aktualisiert. Einträge, welche in der Hauptdatei, "
+"aber nicht in der Shadow-Datei vorhanden sind, bleiben unberührt. Zuletzt "
+"wird die Shadow-Datei gelöscht. Eine Information für den Verfall von "
+"Passwörtern geht durch <command>pwunconv</command> verloren. Es wird aber so "
+"viel wie möglich umgewandelt."
+
+#: pwconv.8.xml:188(para)
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+"Die Optionen, die von den Befehlen <command>pwconv</command>, "
+"<command>pwunconv</command>, <command>grpconv</command> und "
+"<command>grpunconv</command> unterstützt werden, sind:"
+
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+"Fehler in der Passwort- oder Gruppendatei (wie z.B. ungültige oder doppelte "
+"Einträge) können zu Endlosschleifen oder anderen seltsamen Fehlern führen. "
+"Sie sollten daher <command>pwck</command> und <command>grpck</command> "
+"ausführen, um solche Fehler zu entfernen, bevor Sie von oder zu Shadow-"
+"Passwörtern oder -gruppen umwandeln."
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+"Die folgende Konfigurationsvariablen in <filename>/etc/login.defs</filename> "
+"beeinflussen das Verhalten von <command>grpconv</command> und "
+"<command>grpunconv</command>:"
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+"Die folgenden Konfigurationsvariablen in <filename>/etc/login.defs</"
+"filename> beeinflussen das Verhalten von <command>pwconv</command>:"
+
+#: pwconv.8.xml:263(para)
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr "ursprünglicher Autor, 1992"
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr "pwck"
+
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr "überprüft die Stimmigkeit der Passwortdateien"
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr "passwd"
+
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+"Der Befehl <command>pwck</command> überprüft die Stimmigkeit der Benutzer- "
+"und Authentifizierungsdaten. Alle Einträge in <filename>/etc/passwd</"
+"filename> und <filename>/etc/shadow</filename><phrase condition=\"tcb\"> "
+"(oder die Dateien in <filename>/etc/tcb</filename>, falls <option>USE_TCB</"
+"option> aktiviert ist)</phrase> werden darauf überprüft, ob der Eintrag das "
+"richtige Format hat und gültige Daten enthält. Der Benutzer wird "
+"aufgefordert, Einträge zu löschen, die falsch formatiert sind oder andere "
+"unbehebbare Fehler enthalten."
+
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr "Es wird überprüft, ob jeder Eintrag folgende Eigenschaften aufweist:"
+
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr "die richtige Anzahl von Feldern"
+
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr "einen eindeutigen und gültigen Benutzernamen"
+
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr "eine gültige Benutzer- und Gruppenkennung"
+
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr "eine gültige Hauptgruppe"
+
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr "ein gültiges Home-Verzeichnis"
+
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr "eine gültige Anmelde-Shell"
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+"Eine Überprüfung von <filename>shadow</filename> findet statt, wenn ein "
+"zweiter Parameter angegeben wird oder auf dem System <filename>/etc/shadow</"
+"filename>  existiert."
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr "Diese Tests umfassen Folgendes:"
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr ""
+"ob jedem Eintrag in passwd ein Eintrag in shadow entspricht und umgekehrt"
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr "ob die Passwörter in der Shadow-Datei niedergelegt sind"
+
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr "ob die shadow-Einträge die richtige Anzahl von Feldern haben"
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr "ob die Shadow-Einträge in shadow eindeutig sind"
+
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr "dass das Datum der letzten Passwortänderung nicht in der Zukunft liegt"
+
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+"Fehler bei der Überprüfung der richtigen Anzahl der Felder und des "
+"eindeutigen Benutzernames sind schwerwiegend. Wenn ein Eintrag die falsche "
+"Anzahl von Feldern ausweist, wird der Benutzer aufgefordert, die gesamte "
+"Zeile zu löschen. Wenn dies der Benutzer ablehnt, werden alle weiteren Tests "
+"ausgelassen. Bei einem Eintrag mit einem mehrfach verwendeten Benutzernamen "
+"wird der Benutzer aufgefordert, diesen Eintrag zu löschen. Sollte er dies "
+"ablehnen, werden dennoch die übrigen Test ausgeführt. Bei allen anderen "
+"Fehlern wird eine Warnung abgegeben und der Benutzer aufgefordert, den "
+"Fehler mittels des Befehls <command>usermod</command> zu beheben."
+
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+"Die Befehle, welche die Datei <filename>/etc/passwd</filename> bearbeiten, "
+"können falsche oder doppelte Einträge nicht verändern. In solchen Fällen "
+"sollte <command>pwck</command> verwendet werden, um den betreffenden Eintrag "
+"zu entfernen."
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr ""
+"Die Optionen <option>-r</option> und <option>-s</option> können nicht "
+"zusammen verwendet werden."
+
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>pwck</command> unterstützt werden, "
+"sind:"
+
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr ""
+"meldet nur Fehler. Warnungen, die keine Handlung des Benutzers erfordern, "
+"werden nicht angezeigt"
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr "<option>-r</option>, <option>--read-only</option>"
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr "führt den Befehl <command>pwck</command> im Modus Nur-Lesen aus"
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr "<option>-s</option>, <option>--sort</option>"
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+"ordnet die Einträge in <filename>/etc/passwd</filename> und <filename>/etc/"
+"shadow</filename> nach der UID"
+
+#: pwck.8.xml:227(para)
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr ""
+"Diese Option ist wirkungslos, wenn <option>USE_TCB</option> aktiviert ist."
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+"Standardmäßig bearbeitet <command>pwck</command> die Dateien <filename>/etc/"
+"passwd</filename> und <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (oder die Dateien in <filename>/etc/tcb</filename>)</phrase>. Der "
+"Benutzer kann andere Dateien mit den Parametern <replaceable>passwd</"
+"replaceable> und <replaceable>shadow</replaceable> auswählen."
+
+#: pwck.8.xml:243(para)
+#, fuzzy
+#| msgid ""
+#| "Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+#| "alternative <replaceable>shadow</replaceable> file. In future releases, "
+#| "this paramater could be replaced by an alternate TCB directory."
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"parameter could be replaced by an alternate TCB directory."
+msgstr ""
+"Hinweis: Wenn <option>USE_TCB</option> aktiviert ist, können Sie keine "
+"andere <replaceable>shadow</replaceable>-Datei angeben. In zukünftigen  "
+"Versionen kann dieser Parameter durch ein anderes TCB-Verzeichnis ersetzt "
+"werden."
+
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr "ein oder mehrere fehlerhafte Passworteinträge"
+
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr "Die Passwortdatei kann nicht geöffnet werden."
+
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr "Die Passwortdatei kann nicht gesperret werden."
+
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr "Die Passwortdatei kann nicht aktualisieren werden."
+
+#: pwck.8.xml:336(para)
+msgid "can't sort password files"
+msgstr "Die Passwortdatei kann nicht sortieren werden."
+
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>pwck</command> gibt beim Beenden folgende Werte zurück: "
+"<placeholder-1/>"
+
+#: pwck.8.xml:345(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr "porttime"
+
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr "Datei für zeitlich begrenzten Zugang zu Ports"
+
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+"<emphasis remap=\"I\">porttime</emphasis> enthält eine Liste von tty-"
+"Geräten, Benutzernamen und zulässigen Anmeldezeiten."
+
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+"Jeder Eintrag besteht aus drei Feldern, die durch Doppelpunkte getrennt "
+"sind. Das erste Feld enthält eine Liste von tty-Geräten, die durch Kommata "
+"getrennt sind, oder einen Stern, was bedeutet, dass dieser Eintrag auf alle "
+"tty-Geräte zutrifft. Das zweite Feld enthält eine Liste von Benutzernamen, "
+"die durch Kommata getrennt sind, oder einen Stern, was bedeutet, dass dieser "
+"Eintrag auf alle Benutzernamen zutrifft. Das dritte Feld ist eine Liste von "
+"Anmeldezeiten, die durch Kommata getrennt sind."
+
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+"Jeder Zeiteintrag kann aus einem oder mehreren Wochentagen bestehen, die mit "
+"<emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</emphasis>, "
+"<emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</emphasis> "
+"und <emphasis>Sa</emphasis> abgekürzt werden. Danach folgt die Angabe von "
+"zwei Uhrzeiten, die durch einen Bindestrich getrennt sind. Mit der Abkürzung "
+"<emphasis>Wk</emphasis> wird Montag bis Freitag bezeichnet. Mit "
+"<emphasis>Al</emphasis> wird jeder Tag gewählt. Falls keine Tage angegeben "
+"werden, wird <emphasis>Al</emphasis> angenommen."
+
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "BEISPIELE"
+
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+"Der folgende Eintrag erlaubt dem Benutzer <emphasis remap=\"B\">jfh</"
+"emphasis> Zugriff auf jeden Port während Werktagen von 9 bis 17 Uhr."
+
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr "*:jfh:Wk0900-1700"
+
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+"Die folgenden Einträge erlauben nur den Benutzern <emphasis>root</emphasis> "
+"und <emphasis>oper</emphasis> jederzeit Zugriff auf <filename>/dev/console</"
+"filename>. Hier ist auch ersichtlich, dass <filename>/etc/porttime</"
+"filename> eine geordnete Liste der Zugriffszeiten ist. Jeder andere Benutzer "
+"fällt unter den zweiten Eintrag, welcher Zugriff zu keiner Zeit erlaubt."
+
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+msgstr ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+"Der folgende Eintrag erlaubt dem Benutzer <emphasis>games</emphasis> Zugriff "
+"auf jeden Port außerhalb von Arbeitszeiten."
+
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr "*:games:Wk1700-0900,SaSu0000-2400"
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr "/etc/porttime"
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr "Datei, die den Port-Zugriff enthält."
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr "die Passwortdatei"
+
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+"<filename>/etc/passwd</filename> enthält einen Eintrag pro Benutzerkonto, "
+"wobei jeder Eintrag sieben Felder besitzt, die durch Doppelpunkt (<quote>:</"
+"quote>) getrennt sind. Diese Felder sind:"
+
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr "optional verschlüsseltes Passwort"
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr "numerische Benutzer-ID"
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr "numerische Gruppen-ID"
+
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr "Benutzername oder Kommentarfeld"
+
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr "Home-Verzeichnis des Benutzers"
+
+# SB: Ãœbersetzung von "command interpreter"?
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr "optional Befehlsinterpreter des Benutzers"
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Das Feld für das verschlüsselte Passwort kann leer sein. In diesem Fall wird "
+"kein Passwort benötigt, um sich beim System anzumelden. Allerdings werden "
+"einige Anwendung, die <filename>/etc/passwd</filename> auswerten, "
+"<emphasis>keinen</emphasis> Zugriff erlauben, wenn das <emphasis>Passwort</"
+"emphasis>-Feld leer ist. Wenn das <emphasis>Passwort</emphasis>-Feld ein "
+"kleines <quote>x</quote> enthält, ist das Passwort in der Datei "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry> gespeichert. Es <emphasis>muss</emphasis> sich dann ein "
+"passender Eintrag in <filename>/etc/shadow</filename> befinden, oder das "
+"Benutzerkonto ist ungültig. Wenn das <emphasis>Passwort</emphasis>-Feld eine "
+"andere Zeichenkette enthält, wird diese als ein verschlüsseltes Passwort "
+"behandelt. Genaueres dazu befindet sich unter "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Das Kommentarfeld wird von verschiedenen Systemprogrammen wie z.B. "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> ausgewertet."
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+"Das Feld für das Home-Verzeichnis gibt den Namen für das anfängliche "
+"Arbeitsverzeichnis an. Das Programm <command>login</command> benutzt diese "
+"Information, um den Wert der Umgebungsvariable <envar>$HOME</envar> zu "
+"setzen."
+
+# SB: Ãœbersetzung von "command language interpreter"?
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+"Das Feld für den Befehlsinterpreter enthält den Namen des Befehlssprachen-"
+"Interpreters des Benutzers oder den Namen des Programms, das zuerst "
+"ausgeführt werden soll. Das Programm <command>login</command> benutzt diese "
+"Information, um den Wert der Umgebungsvariable <envar>$SHELL</envar> zu "
+"setzen. Falls dieses Feld leer ist, wird ihm standardmäßig der Wert "
+"<filename>/bin/sh</filename> zugewiesen."
+
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr "optionale Datei für verschlüsseltes Passwort"
+
+#: passwd.5.xml:156(filename)
+msgid "/etc/passwd-"
+msgstr "/etc/passwd-"
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr "Sicherungskopie von /etc/passwd"
+
+#: passwd.5.xml:170(para)
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr "ändert das Passwort eines Benutzers"
+
+#: passwd.1.xml:89(para)
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+"Der Befehl <command>passwd</command> ändert die Passwörter von "
+"Benutzerkonten. Ein normaler Benutzer kann nur das Passwort seines Kontos "
+"verändern, der Superuser dagegen kann die Passwörter aller Konten ändern. "
+"Mit <command>passwd</command> können auch die Informationen über das Konto "
+"und die Gültigkeitsdauer des Passworts verändert werden."
+
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr "Verändern des Passworts"
+
+#: passwd.1.xml:99(para)
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+"Der Benutzer wird zuerst nach seinem alten Passwort gefragt, falls eines "
+"vorhanden ist. Dieses Passwort wird dann verschlüsselt und mit dem "
+"gespeicherten Passwort verglichen. Der Benutzer hat nur eine Gelegenheit, "
+"das richtige Passwort einzugeben. Der Superuser kann diesen Schritt "
+"überspringen, um so vergessene Passwörter zu ändern."
+
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+"Nachdem das Passwort eingegeben wurde, werden Informationen über die "
+"Gültigkeitsdauer des Passworts abgefragt, um festzustellen, ob der Benutzer "
+"das Passwort zu dieser Zeit verändern darf. Wenn nicht, lehnt "
+"<command>passwd</command> die Änderung des Passworts ab und beendet sich."
+
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+"Der Benutzer wird dann aufgefordert, zweimal ein neues Passwort einzugeben. "
+"Beide Eingaben werden miteinander verglichen. Sie müssen übereinstimmen, "
+"damit das Passwort geändert wird."
+
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+"Anschließend wird das Passwort auf seine Komplexität überprüft. Eine "
+"allgemeine Richtlinie besagt, dass Passwörter aus sechs bis acht Zeichen "
+"bestehen sollten und ein oder mehrere Zeichen aus folgenden Mengen enthalten "
+"sollten:"
+
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr "Kleinbuchstaben"
+
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr "Ziffern 0 bis 9"
+
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr "Satzzeichen"
+
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+"Seien Sie vorsichtig, dass Sie nicht die standardmäßigen Lösch- und Kill-"
+"Zeichen des Systems eingeben. <command>passwd</command> weist Passwörter "
+"zurück, die nicht hinreichend komplex sind."
+
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr "Hinweise zu Benutzerpasswörtern"
+
+#: passwd.1.xml:148(para)
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+"Die Sicherheit eines Passworts hängt von der Stärke des "
+"Verschlüsselungsalgorithmus und von der Größe des Schlüsselraums ab. Die "
+"hergebrachte Verschlüsselung auf <emphasis>UNIX</emphasis>-Systemen basiert "
+"auf dem NBS-DES-Algorithmus. Heutzutage sind neuere Verschlüsselungsmethoden "
+"zu empfehlen (vergleiche <option>ENCRYPT_METHOD</option>). Die Größe des "
+"Schlüsselraums hängt von der Zufälligkeit des gewählten Passworts ab."
+
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+"Gefahren für die Sicherheit von Passwörtern kommen gewöhnlich von sorgloser "
+"Wahl oder Handhabung des Passworts. Daher sollten Sie kein Passwort wählen, "
+"das in einem Wörterbuch auftaucht oder das aufgeschrieben werden muss. Das "
+"Passwort sollte somit kein echter Name, Ihr Autokennzeichen, Geburtstag oder "
+"Ihre Adresse sein. All das kann dazu verwendet werden, das Passwort zu "
+"erraten, und stellt daher eine Gefahr für die Sicherheit Ihres Systems dar."
+
+#: passwd.1.xml:166(para)
+#, fuzzy
+#| msgid ""
+#| "You can find advices on how to choose a strong password on http://en."
+#| "wikipedia.org/wiki/Password_strength"
+msgid ""
+"You can find advice on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+"Ratschläge, wie Sie ein sicheres Passwort wählen, finden Sie unter http://de."
+"wikipedia.org/wiki/Passwort#Wahl_von_sicheren_Passw.C3.B6rtern."
+
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>passwd</command> unterstützt werden, "
+"sind:"
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr ""
+"Diese Option kann nur in Verbindung mit <option>-S</option> verwendet werden "
+"und führt dazu, dass der Status aller Benutzer angezeigt wird."
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+"Löscht das Passwort eines Benutzers (macht es leer). Dies ist ein schneller "
+"Weg, um das Passwort eines Kontos zu deaktivieren. Dem Konto ist dann kein "
+"Passwort zugeordnet."
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr ""
+"Lässt das Passwort eines Kontos sofort verfallen. Im Ergebnis kann damit "
+"erreicht werden, dass ein Benutzer beim nächsten Login das Passwort ändern "
+"muss."
+
+#: passwd.1.xml:220(term)
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+"Mit dieser Option wird ein Konto deaktiviert, nachdem das Passwort für eine "
+"bestimmte Anzahl von Tagen abgelaufen ist. Wenn ein Benutzerkonto ein "
+"abgelaufenes Passwort für länger als <replaceable>INAKTIV</replaceable> Tage "
+"hatte, kann sich der Benutzer nicht mehr auf diesem Konto anmelden."
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+# FIXME: Übersetzung, die näher am Original ist (tokens). SB
+#: passwd.1.xml:237(para)
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+"Zeigt an, dass nur abgelaufene Passwörter geändert werden sollen. Der "
+"Benutzer möchte seine gültigen Passwörter unverändert lassen."
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr "<option>-l</option>, <option>--lock</option>"
+
+#: passwd.1.xml:249(para)
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+"Sperrt das Passwort des  bezeichneten Kontos. Die Option schaltet ein "
+"Passwort ab, indem es ihm einen Wert zuweist, der mit keinem möglichen "
+"verschlüsselten Wert übereinstimmen kann. Dies geschieht, indem ein »!« dem "
+"Passwort vorangestellt wird."
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+"Beachten Sie, dass damit nicht das Konto deaktiviert wird. Der Benutzer kann "
+"sich immer noch mit einer anderen Authentifizierungsmethode (etwa einem SSH-"
+"Schlüssel) anmelden. Um ein Konto abzuschalten, sollte der Administrator "
+"<command>usermod --expiredate 1</command> verwenden; dies setzt das "
+"Verfallsdatum des Kontos auf den 2. Januar 1970."
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr "Benutzer mit einem gesperrten Passwort können dieses nicht ändern."
+
+#: passwd.1.xml:269(term)
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_TAGE</"
+"replaceable>"
+
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+"Setzt die Anzahl von Tagen, die mindestens zwischen zwei Änderungen eines "
+"Passworts vergehen müssen, auf <replaceable>MIN_TAGE</replaceable>. Ein Wert "
+"von Null in diesem Feld bedeutet, dass der Benutzer sein Passwort jederzeit "
+"ändern darf."
+
+#: passwd.1.xml:291(term)
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--repository</option>&nbsp;<replaceable>DEPOT</"
+"replaceable>"
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr "ändert das Passwort im Depot <replaceable>DEPOT</replaceable>"
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr "<option>-S</option>, <option>--status</option>"
+
+#: passwd.1.xml:317(para)
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+"Zeigt Informationen über den Kontostatus an. Die Statusinformation besteht "
+"aus sieben Feldern. Das erste Feld ist der Anmeldename des Benutzers. Das "
+"zweite Feld zeigt an, ob das Benutzerkonto ein gesperrtes Passwort (L), kein "
+"Passwort (NP) oder ein verwendbares Passwort hat (P). Das dritte Feld zeigt "
+"das Datum der letzten Änderung des Passworts an. Die nächsten vier Felder "
+"sind das Mindestalter, das Höchstalter, die Dauer der Warnung und die Dauer "
+"der Untätigkeit für das Passwort. Die Zeiträume werden in Tagen ausgedrückt."
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr "<option>-u</option>, <option>--unlock</option>"
+
+#: passwd.1.xml:335(para)
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+"Entsperrt das bezeichnete Konto. Diese Option reaktiviert ein Konto wieder, "
+"indem das Passwort auf seinen alten Wert zurückgesetzt wird, den es hatte, "
+"bevor die Option <option>-l</option> verwendet wurde."
+
+#: passwd.1.xml:344(term)
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_TAGE</replaceable>"
+
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+"Legt die Anzahl der Tage fest, an denen der Benutzer eine Warnung erhält, "
+"bevor sein Passwort ungültig wird. Die Option <replaceable>WARN_TAGE</"
+"replaceable> bezeichnet die Anzahl der Tage, für die ein Benutzer vor "
+"Verfall seines Passworts gewarnt wird."
+
+#: passwd.1.xml:357(term)
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_TAGE</"
+"replaceable>"
+
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+"Bestimmt die maximale Anzahl von Tagen, die das Passwort gültig bleibt. Nach "
+"<replaceable>MAX_TAGE</replaceable> Tagen muss das Passwort geändert werden."
+
+#: passwd.1.xml:373(para)
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr ""
+"Die Komplexität der Passwortprüfung kann sich auf verschiedenen Systemen "
+"unterscheiden. Der Benutzer wird angehalten, ein möglichst komplexes, von "
+"ihm aber gut zu verwendendes Passwort zu wählen."
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+"Benutzer können unter Umständen ihr Passwort nicht ändern, wenn auf dem "
+"System NIS aktiviert ist, sie aber nicht am NIS-Server angemeldet sind."
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr ""
+"<command>passwd</command> verwendet PAM, um einen Benutzer zu "
+"authentifizieren und sein Passwort zu ändern."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr "<option>ENCRYPT_METHOD</option> (Zeichenkette)"
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr ""
+"Damit wird der standardmäßige Verschlüsselungsalgorithmus, mit dem "
+"Passwörter verschlüsselt werden, bestimmt (soweit nicht in der Befehlszeile "
+"ein Algorithmus angegeben wird)."
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+"Ihm kann einer der folgenden Wert zugewiesen werden: <replaceable>DES</"
+"replaceable> (default), <replaceable>MD5</replaceable><phrase condition="
+"\"sha_crypt\">, <replaceable>SHA256</replaceable>, <replaceable>SHA512</"
+"replaceable></phrase>."
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+"Hinweis: Dieser Parameter überschreibt die Variable <option>MD5_CRYPT_ENAB</"
+"option>."
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+"Hinweis: Damit wird lediglich die Erstellung von Gruppenpasswörtern "
+"beeinflusst. Benutzerpasswörter werden dagegen von PAM erstellt, so dass "
+"dieser Vorgang in PAM konfiguriert werden muss. Empfehlenswert ist, diese "
+"Variable mit der Konfiguration von PAM in Einklang zu bringen."
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr "<option>MD5_CRYPT_ENAB</option> (boolesch)"
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+"Legt fest, ob Passwörter mit dem auf MD5 beruhenden Algorithmus "
+"verschlüsselt werden. Falls diesem Wert <replaceable>yes</replaceable> "
+"zugewiesen ist, werden neue Passwörter mit dem auf MD5 beruhenden "
+"Algorithmus verschlüsselt, der zu dem in der aktuellen Veröffentlichung von "
+"FreeBSD eingesetzten Algorithmus kompatibel ist. Passwörter können dann "
+"beliebig lang sein, auch die Salt-Zeichenketten sind länger. Setzen Sie "
+"diesen Wert auf <replaceable>no</replaceable>, wenn Sie verschlüsselte "
+"Passwörter auf ein anderes System kopieren möchten, das den neuen "
+"Algorithmus nicht versteht. Der Standardwert ist <replaceable>no</"
+"replaceable>."
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+"Dieser Variable geht die Variable <option>ENCRYPT_METHOD</option> und eine "
+"Option auf der Befehlszeile, mit der der Verschlüsselungsalgorithmus "
+"bestimmt wird, vor."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr ""
+"Der Einsatz dieser Variable ist veraltet. Sie sollten "
+"<option>ENCRYPT_METHOD</option> verwenden."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>OBSCURE_CHECKS_ENAB</option> (boolesch)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr "Aktiviert zusätzliche Tests bei der Veränderung eines Passworts."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "<option>PASS_ALWAYS_WARN</option> (boolesch)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+"weist auf schwache Passwörter hin (aber lässt sie zu), falls Sie root sind"
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "<option>PASS_CHANGE_TRIES</option> (Zahl)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr ""
+"maximale Anzahl von Versuchen, ein Passwort zu ändern, wenn dies wegen zu "
+"geringer Stärke des gewählten Passworts abgelehnt wurde"
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "<option>PASS_MAX_LEN</option> (Zahl)"
+
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "<option>PASS_MIN_LEN</option> (Zahl)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+"Anzahl der von crypt() berücksichtigten Zeichen des Passworts. Standardmäßig "
+"ist <option>PASS_MAX_LEN</option> 8. Diese Option wird ignoriert, wenn "
+"<option>MD5_CRYPT_ENAB</option> auf <replaceable>yes</replaceable> gesetzt "
+"ist."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MIN_ROUNDS</option> (Zahl)"
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MAX_ROUNDS</option> (Zahl)"
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+"Wenn <option>ENCRYPT_METHOD</option> auf <replaceable>SHA256</replaceable> "
+"oder <replaceable>SHA512</replaceable> gesetzt ist, legt dies die Anzahl der "
+"Runden von SHA fest, die standardmäßig vom Verschlüsselungsalgorithmus "
+"verwendet werden (falls die Anzahl der Runden nicht auf der Befehlszeile "
+"angegeben wird)."
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+"Je mehr Runden Sie definieren, umso schwieriger ist es, das Passwort mit "
+"sturem Durchprobieren (brute force) zu knacken; umso mehr Rechenleistung "
+"wird jedoch auch für die Anmeldung eines Benutzers benötigt."
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr ""
+"Falls Sie nichts angeben, wird libc die Standardanzahl der Runden  festlegen "
+"(5000)."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr "Die Werte müssen zwischen 1000-999.999.999 liegen."
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+"Falls nur der Wert für <option>SHA_CRYPT_MIN_ROUNDS</option> oder "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> festgelegt wird, wird dieser Wert "
+"verwendet."
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+"Falls <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; "
+"<option>SHA_CRYPT_MAX_ROUNDS</option>, wird der höhere Wert verwendet."
+
+#: passwd.1.xml:429(filename)
+msgid "/etc/pam.d/passwd"
+msgstr "/etc/pam.d/passwd"
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr "PAM-Konfiguration für <command>passwd</command>"
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "Berechtigung verweigert"
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "ungültige Kombination von Optionen"
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr "unerwarteter Fehler, nichts wurde verändert"
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr "unerwarteter Fehler, die Datei <filename>passwd</filename> fehlt"
+
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr ""
+"Datei <filename>passwd</filename> wird benutzt, bitte nochmal versuchen"
+
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>passwd</command> gibt beim Beenden folgende Werte "
+"zurück: <placeholder-1/>"
+
+#: passwd.1.xml:490(para)
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr "nologin"
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr "lehnt höflich eine Anmeldung ab"
+
+#: nologin.8.xml:65(para)
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+"Der Befehl <command>nologin</command> zeigt die Meldung an, dass ein Konto "
+"nicht verfügbar ist, und gibt einen Wert von ungleich Null zurück. Dies ist "
+"als Einsatz für das Shell-Feld bei abgeschalteten Konten vorgesehen."
+
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"Wie Sie alle Konten abschalten, erfahren Sie unter "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr "GESCHICHTE"
+
+#: nologin.8.xml:91(para)
+#, fuzzy
+#| msgid "The <command>nologin</command> command appearred in BSD 4.4."
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr "Der Befehl <command>nologin</command> tauchte erstmals in BSD 4.4 auf."
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr "erstellt oder aktualisiert mehrere neue Benutzer am Stück"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr "Datei"
+
+#: newusers.8.xml:97(para)
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+"Der Befehl <command>newusers</command> verwendet eine <replaceable>Datei</"
+"replaceable> (oder standardmäßig die Standardeingabe) und aktualisiert damit "
+"eine Gruppe bestehender Benutzer oder erstellt damit neue Benutzer. Jede "
+"Zeile hat dasselbe Format wie die übliche Passwortdatei (vergleiche "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) mit den unten aufgeführten Ausnahmen:"
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr "pw_Name:pw_Passwort:pw_uid:pw_gid:pw_gecos:pw_Verz:pw_shell"
+
+#: newusers.8.xml:110(emphasis)
+msgid "pw_name"
+msgstr "pw_Name"
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr "Dies ist der Name des Benutzers."
+
+#: newusers.8.xml:116(para)
+#, fuzzy
+#| msgid ""
+#| "It can be the name of a new user or the name of an existing user (or an "
+#| "user created before by <command>newusers</command>). In case of an "
+#| "existing user, the user's information will be changed, otherwise a new "
+#| "user will be created."
+msgid ""
+"It can be the name of a new user or the name of an existing user (or a user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+"Es kann sich dabei um den Namen eines neuen oder eines existierenden "
+"Benutzer (oder eines, der zuvor mit <command>newusers</command> erstellt "
+"wurde) handeln. Für den Fall, dass der Benutzer bereits vorhanden ist, "
+"werden seine Daten verändert, anderenfalls wird ein neuer Benutzer erstellt."
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr "pw_Passwort"
+
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr ""
+"Dieses Feld wird verschlüsselt und als neuer Wert für das verschlüsselte "
+"Passwort verwendet."
+
+#: newusers.8.xml:138(emphasis)
+msgid "pw_uid"
+msgstr "pw_uid"
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr "Mit diesem Feld wird die UID des Benutzers bestimmt."
+
+#: newusers.8.xml:144(para)
+#, fuzzy
+#| msgid ""
+#| "If the field is empty, an new (unused) UID will be defined automatically "
+#| "by <command>newusers</command>."
+msgid ""
+"If the field is empty, a new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+"Wenn dieses Feld leer ist, wird von <command>newusers</command> automatisch "
+"eine neue (noch freie) UID gewählt."
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr "Wenn dieses Feld eine Zahl enthält, wird sie als UID verwendet."
+
+#: newusers.8.xml:152(para)
+#, fuzzy
+#| msgid ""
+#| "If this field contains the name of an existing user (or the name of an "
+#| "user created before by <command>newusers</command>), the UID of the "
+#| "specified user will be used."
+msgid ""
+"If this field contains the name of an existing user (or the name of a user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+"Wenn dieses Feld den Namen eines existierenden Benutzers enthält (oder eines "
+"Benutzers, der zuvor mit <command>newusers</command> erstellt wurde), wird "
+"die UID des angegebenen Benutzers verwendet."
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr ""
+"Falls die UID eines bestehenden Benutzers verändert wird, muss der "
+"Eigentümer der Dateien des Benutzers per Hand angepasst werden."
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr "Mit diesem Feld wird die ID der Hauptgruppe des Benutzers definiert."
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+"Wenn dieses Feld den Namen einer existierenden Gruppe enthält (oder einer "
+"Gruppe, die zuvor mit <command>newusers</command> erstellt wurde), wird die "
+"GID dieser Gruppe als ID der Hauptgruppe des  Benutzers verwendet."
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+"Wenn dieses Feld eine Zahl enthält, wird sie als ID der Hauptgruppe des "
+"Benutzers verwendet. Falls eine Gruppe mit dieser GID nicht existiert, wird "
+"eine neue Gruppe mit dieser GID unter dem Namen des Benutzers erstellt."
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+"Wenn dieses Feld leer ist, wird eine neue Gruppe unter dem Namen des "
+"Benutzers erstellt und von <command>newusers</command> automatisch eine neue "
+"GID gewählt, die als ID der Hauptgruppe des Benutzers und als GID für die "
+"neue Gruppe dient."
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+"Wenn dieses Feld den Namen einer Gruppe enthält, die nicht vorhanden ist "
+"(und nicht zuvor von <command>newusers</command> erstellt wurde), wird eine "
+"neue Gruppe unter dem angegebenen Namen erstellt und von <command>newusers</"
+"command> automatisch eine neue GID gewählt, die als ID der Hauptgruppe des "
+"Benutzers und als GID für die neue Gruppe dient."
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr "pw_gecos"
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr "Dieses Feld wird in das GECOS-Feld des Benutzers kopiert."
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr "pw_Verz"
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr "Mit diesem Feld wird das Home-Verzeichnis des Benutzers definiert."
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+"Wenn in diesem Feld ein Verzeichnis angegeben wird, das nicht vorhanden ist, "
+"wird es erstellt. Dieses gehört dem Benutzer, der gerade erstellt und "
+"aktualisiert wird, und dessen Hauptgruppe."
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+"Wenn das Home-Verzeichnis eines vorhandenen Benutzers geändert wird, "
+"verschiebt oder kopiert <command>newusers</command> nicht den Inhalt des "
+"alten Verzeichnisses in das neue. Dies muss von Hand erledigt werden."
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr "pw_shell"
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr ""
+"Mit diesem Feld wird die Shell des Benutzers definiert. Diese Eingabe wird "
+"nicht überprüft."
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+"Zuerst erstellt und ändert <command>newusers</command> die angegebenen "
+"Benutzer und schreibt die Änderungen in die Benutzer- oder Gruppendatenbank. "
+"Falls ein Fehler auftritt (außer beim Schreiben in die Datenbanken), werden "
+"in den Datenbanken keine Änderungen vorgenommen."
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+"Im ersten Durchlauf werden Benutzer mit einem gesperrten Passwort erstellt; "
+"Passwörter von bereits vorhandenen Benutzern werden in diesem Stadium nicht "
+"verändert. Im zweiten Durchlauf werden die Passwörter mit PAM aktualisiert. "
+"Sofern dabei ein Fehler auftritt, wird dieser angezeigt, die Aktualisierung "
+"der übrigen Passwörter aber fortgesetzt."
+
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr ""
+"Dieser Befehl ist für den Einsatz in einer Umgebung mit zahlreichen Systemen "
+"vorgesehen, in der viele Konten gleichzeitig aktualisiert werden müssen."
+
+#: newusers.8.xml:266(para)
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>newusers</command> unterstützt werden, "
+"sind:"
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-c</option>, <option>--crypt-method</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr "Definiert die Methode, mit der die Passwörter verschlüsselt werden."
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+"Die verfügbaren Methoden sind DES, MD5, NONE und SHA256 oder SHA512, soweit "
+"Ihre libc sie unterstützt."
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Systembenutzer werden ohne Hinterlegung des Alters ihres Passworts in "
+"<filename>/etc/shadow</filename> erstellt. Ihre numerische Kennung wird aus "
+"der Spanne <option>SYS_UID_MIN</option> bis <option>SYS_UID_MAX</option> "
+"anstelle von <option>UID_MIN</option> bis <option>UID_MAX</option> gewählt "
+"(gleiches gilt für die GID bei der Erstellung von Gruppen)."
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--sha-rounds</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr ""
+"Verwendet die angegebene Anzahl von Runden, um die Passwörter zu "
+"verschlüsseln."
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr ""
+"Ein Wert von 0 bedeutet, dass das System die Standardanzahl der Runden "
+"(5000) für die Verschlüsselung verwenden wird."
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr "Der Mindestwert ist 1000, der Höchstwert 999.999.999."
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+"Sie können diese Option nur mit den Verschlüsselungsmethoden SHA256 und "
+"SHA512 verwenden."
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Standardmäßig wird die Anzahl der Runden mit den Variablen "
+"SHA_CRYPT_MIN_ROUNDS und SHA_CRYPT_MAX_ROUNDS  in <filename>/etc/login.defs</"
+"filename> definiert."
+
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+"Die Eingabedatei muss geschützt werden, da sie unverschlüsselte Passwörter "
+"enthält."
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr ""
+"Sie sollten darauf achten, dass Passwörter und Verschlüsselungsmethode in "
+"Einklage mit der Passwortrichtlinie des Systems stehen."
+
+#: newusers.8.xml:430(filename)
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/pam.d/newusers"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr "Konfiguration von PAM für <command>newusers</command>."
+
+#: newusers.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr "newgrp"
+
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr "als neue Gruppe anmelden"
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr "Gruppe"
+
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+"Mit dem Befehl <command>newgrp</command> kann während einer angemeldeten "
+"Sitzung die aktuelle Gruppen-ID geändert werden. Wenn zusätzlich der "
+"Schalter <option>-</option> angegeben wird, wird die Benutzerumgebung neu "
+"gestartet, so als ob sich der Benutzer neu angemeldet hätte. Anderenfalls "
+"bleibt die aktuelle Umgebung einschließlich des aktuellen "
+"Arbeitsverzeichnisses unverändert."
+
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+"<command>newgrp</command> wechselt von der aktuellen echten Gruppen-ID zu "
+"der angegeben Gruppe oder, falls kein Gruppenname angegeben wird, zu der "
+"Standardgruppe, wie sie in <filename>/etc/passwd</filename> festgelegt ist. "
+"Zudem versucht <command>newgrp</command>, die Gruppe der Gruppensammlung des "
+"Benutzers hinzuzufügen. Wenn der Benutzer nicht Root ist und die Gruppe ein "
+"Passwort hat und der Benutzer nicht Mitglied der Gruppe ist oder kein "
+"Passwort hat (in <filename>/etc/shadow</filename>, falls er einen Eintrag in "
+"der Shadow-Passwort-Datei hat, anderenfalls in <filename>/etc/passwd</"
+"filename>), wird er nach einem Passwort gefragt."
+
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+"Wenn sich in <filename>/etc/gshadow</filename> ein Eintrag für diese Gruppe "
+"befindet, wird die Mitgliederliste und das Passwort der Gruppe dieser Datei "
+"entnommen. Anderenfalls wird der Eintrag in <filename>/etc/group</filename> "
+"ausgewertet."
+
+#: newgrp.1.xml:152(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr "logoutd"
+
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr "richtet Beschränkung von Anmeldezeiten ein"
+
+# SB: /etc/rc is not in Debian. Probably doesn't matter, since logoutd is not in Debian either.
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+"<command>logoutd</command> setzt die Anmeldezeiten und Portbeschränkungen "
+"aus <filename>/etc/porttime</filename> um. <command>logoutd</command> sollte "
+"aus <filename>/etc/rc</filename> gestartet werden. Die Datei <filename>/var/"
+"run/utmp</filename> wird regelmäßig abgerufen, wobei jeder Benutzername "
+"darauf überprüft wird, ob er für den jeweiligen Port zur jeweiligen Zeit "
+"zugelassen ist. Alle angemeldeten Sitzungen, die gegen die Beschränkungen in "
+"<filename>/etc/porttime</filename> verstoßen, werden beendet."
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr "/var/run/utmp"
+
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "Liste der aktuellen angemeldeten Sitzungen"
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr "login.defs"
+
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr "Konfiguration der Werkzeugsammlung für Shadow-Passwörter"
+
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+"Die Datei <filename>/etc/login.defs</filename> legt die systemspezifische "
+"Konfiguration der Werkzeugsammlung für Shadow-Passwörter fest. Diese Datei "
+"muss vorhanden sein. Wenn sie fehlt, wird das System zwar laufen, es können "
+"aber unerwünschte Ergebnisse auftauchen."
+
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+"Diese Datei ist eine lesbare Textdatei. Jede Zeile der Datei beschreibt "
+"einen Konfigurationsparameter. Eine Zeile besteht aus einem "
+"Konfigurationsnamen und einem Wert, die durch ein Leerzeichen getrennt sind. "
+"Leer- und Kommentarzeilen werden nicht beachtet. Kommentare werden mit dem "
+"Rautezeichen »#« eingeleitet. Die Raute muss das erste nicht leere Zeichen "
+"der Zeile sein."
+
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+"Die Parameterwerte können aus vier Typen bestehen: Zeichenketten, Boolesch, "
+"Zahlen und lange Zahlen. Eine Zeichenkette kann aus jedem druckbaren Zeichen "
+"bestehen. Ein Boolesch sollte »yes« oder »no« sein. Einem anderen oder "
+"undefinierten Parameter für Boolesch wird der Wert »no« zugewiesen. Normale "
+"und lange Zahlen können aus Dezimalzahlen, Oktalzahlen (beginnen mit »0«) "
+"oder Hexadezimalzahlen (beginnen mit »0x«) bestehen. Die maximale Größe der "
+"Parameter normaler und langer Zahlen ist systemabhängig."
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr "Die folgenden Konfigurationsmöglichkeiten sind vorhanden:"
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr "<option>CHFN_AUTH</option> (boolesch)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"Falls <replaceable>yes</replaceable>, benötigt das Programm <command>chfn</"
+"command> eine Authentifizierung, bevor es Änderungen vornimmt, sofern es "
+"nicht von Root ausgeführt wird."
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr "<option>CHFN_RESTRICT</option> (Zeichenkette)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+"Der Parameter bestimmt, welcher Wert in dem <emphasis remap=\"I\">gecos</"
+"emphasis>-Feld von <filename>/etc/passwd</filename> von gewöhnlichen "
+"Benutzern mittels des Programms <command>chfn</command> geändert werden "
+"darf. Er kann aus jeder Kombination der Buchstaben <emphasis remap=\"I\">f</"
+"emphasis> ,<emphasis remap=\"I\">r</emphasis>, <emphasis remap=\"I\">w</"
+"emphasis> und <emphasis remap=\"I\">h</emphasis> bestehen. Diese Buchstaben "
+"stehen für den vollständigen Namen, die Zimmernummer, die geschäftliche "
+"Telefonnummer und die private Telefonnummer. Zum Zweck der "
+"Abwärtskompatibilität entspricht <replaceable>yes</replaceable> "
+"<replaceable>rwh</replaceable> und <replaceable>no</replaceable> "
+"<replaceable>frwh</replaceable>. Falls nichts festgelegt wird, kann nur Root "
+"Änderungen vornehmen. Die größte Einschränkung erreicht man besser, indem "
+"<filename>chfn</filename> nicht mit SUID-Rechten ausgestattet wird."
+
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr "<option>CHSH_AUTH</option> (boolesch)"
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"Falls <replaceable>yes</replaceable>, benötigt das Programm <command>chsh</"
+"command> eine Authentifizierung, bevor es Änderungen vornimmt, sofern es "
+"nicht von Root ausgeführt wird."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ERASECHAR</option> (number)"
+msgstr "<option>ERASECHAR</option> (Zahl)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+"Das Löschzeichen des Terminals (<replaceable>010</replaceable> = Rücktaste, "
+"<replaceable>0177</replaceable> = Entf)."
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr ""
+"Wenn der Wert mit »0« beginnt, wird er als Oktalzahl gewertet, wenn er mit "
+"»0x« beginnt, als Hexadezimalzahl."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "<option>FAIL_DELAY</option> (Zahl)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr ""
+"Wartezeit in Sekunden, ehe nach einem fehlgeschlagenen Anmeldeversuch ein "
+"neuer unternommen werden kann"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr "<option>FAILLOG_ENAB</option> (boolesch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr ""
+"aktiviert die Protokollierung und Anzeige der Informationen zu "
+"fehlgeschlagenen Anmeldeversuchen in <filename>/var/log/faillog</filename>"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr "<option>FAKE_SHELL</option> (Zeichenkette)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+"Falls angegeben, führt <command>login</command> diese Shell anstelle der in "
+"<filename>/etc/passwd</filename> angegebenen Shell des Benutzers aus."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr "<option>FTMP_FILE</option> (Zeichenkette)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+"Falls angegeben, werden fehlgeschlagene Anmeldeversuche in dieser Datei im "
+"Format utmp protokolliert."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr "<option>HUSHLOGIN_FILE</option> (Zeichenkette)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+"Falls angegeben, kann diese Datei die übliche Informationsanzeige während "
+"des Anmeldevorgangs unterbinden. Wenn ein vollständiger Pfad angegeben wird, "
+"wird der Modus ohne Anmeldeinformationen verwendet, wenn der Name oder die "
+"Shell des Benutzers in der Datei enthalten sind. Wenn kein vollständiger "
+"Pfad angegeben wird, wird der Modus ohne Anmeldeinformationen aktiviert, "
+"wenn die Datei im Home-Verzeichnis des Benutzers existiert."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr "<option>ISSUE_FILE</option> (Zeichenkette)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr ""
+"Falls angegeben, wird diese Datei vor der Anmeldeaufforderung angezeigt."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>KILLCHAR</option> (number)"
+msgstr "<option>KILLCHAR</option> (Zahl)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr ""
+"Das KILL-Zeichen des Terminals (<replaceable>025</replaceable> = CTRL/U)."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr "<option>LASTLOG_ENAB</option> (boolesch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+"aktiviert die Protokollierung und Anzeige der Informationen zu Anmeldezeiten "
+"in <filename>/var/log/lastlog</filename>"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr "<option>LOG_OK_LOGINS</option> (boolesch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr "aktiviert die Protokollierung erfolgreicher Anmeldungen"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "<option>LOG_UNKFAIL_ENAB</option> (boolesch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr ""
+"aktiviert die Anzeige unbekannter Benutzernamen, wenn fehlgeschlagene "
+"Anmeldeversuche aufgezeichnet werden"
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+"Hinweis: Das Protokollieren unbekannter Benutzernamen kann ein "
+"Sicherheitsproblem darstellen, wenn ein Benutzer sein Passwort anstelle "
+"seines Anmeldenamens eingibt."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "<option>LOGIN_RETRIES</option> (Zahl)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr ""
+"maximale Anzahl von Anmeldeversuchen, wenn ein falsches Passwort eingegeben "
+"wird"
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+"Dies wird höchstwahrscheinlich von PAM überschrieben, da standardmäßig das "
+"Modul pam_unix drei Versuche enthält. Dennoch stellt dies ein zusätzliches "
+"Sicherungssystem dar, falls Sie eine Anmeldemöglichkeit einsetzen, die nicht "
+"PAM_MAXTRIES beachtet."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "<option>LOGIN_TIMEOUT</option> (Zahl)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr "Höchstdauer für einen Anmeldeversuch"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "<option>MOTD_FILE</option> (Zeichenkette)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr ""
+"Falls angegeben, eine Aufzählung von Dateien, welche die bei der Anmeldung "
+"anzuzeigenden »Nachrichten des Tages« enthält. Die Dateien werden mit einem "
+"»:« getrennt."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr "<option>NOLOGINS_FILE</option> (Zeichenkette)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+"Falls angegeben, der Name einer Datei, deren Existenz Anmeldungen außer von "
+"Root verhindert. Der Inhalt der Datei sollte die Gründe enthalten, weshalb "
+"Anmeldungen untersagt sind."
+
+#: login.defs.5.xml:208(para)
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> und "
+"<option>PASS_WARN_AGE</option> werden nur bei der Erstellung eines Kontos "
+"verwendet. Spätere Änderungen dieser Werte berühren bestehende Konten nicht."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>PORTTIME_CHECKS_ENAB</option> (boolesch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr ""
+"aktiviert die Auswertung der in <filename>/etc/porttime</filename> "
+"angegebenen Zeitbegrenzungen"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "<option>TTYGROUP</option> (Zeichenkette)"
+
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>TTYPERM</option> (string)"
+msgstr "<option>TTYPERM</option> (Zeichenkette)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+"Die Rechte des Terminals: Das Anmelde-tty gehört der Gruppe "
+"<option>TTYGROUP</option> an, die Rechte werden auf <option>TTYPERM</option> "
+"gesetzt."
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+"Standardmäßig ist der Eigentümer des Terminals die Hauptgruppe des "
+"Benutzers, die Rechte werden auf <replaceable>0600</replaceable> gesetzt."
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+"<option>TTYGROUP</option> kann der Gruppenname oder die als Zahl "
+"ausgedrückte Gruppen-ID sein."
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+"Wenn Sie ein <command>write</command>-Programm haben, das »setgid« für eine "
+"Gruppe besitzt, der das Terminal gehört, sollten Sie TTYGROUP die "
+"Gruppennummer und TTYPERM den Wert 0620 zuweisen. Oder Sie sollten TTYGROUP "
+"als Kommentar belassen und TTYPERM den Wert 622 oder 600 zuweisen."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "<option>TTYTYPE_FILE</option> (Zeichenkette)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+"Falls angegeben, eine Datei, welche einer tty-Zeile den Umgebungsparameter "
+"TERM zuweist. Jede Zeile hat das Format wie etwa »vt100 tty01«."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ULIMIT</option> (number)"
+msgstr "<option>ULIMIT</option> (Zahl)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr "der Standardwert von <command>ulimit</command>"
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr "QUERVERWEISE"
+
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr ""
+"Die folgenden Querverweise zeigen, welche Programme aus der Shadow-Passwort-"
+"Werkzeugsammlung welche Parameter verwenden."
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr "chage"
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr "USE_TCB"
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr "chfn"
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr "chgpasswd"
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr "chpasswd"
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr "chsh"
+
+#: login.defs.5.xml:288(para)
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr "CHSH_AUTH LOGIN_STRING"
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr "gpasswd"
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr "groupadd"
+
+#: login.defs.5.xml:308(para)
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr "groupdel"
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr "MAX_MEMBERS_PER_GROUP"
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr "groupmems"
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr "groupmod"
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr "grpck"
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr "login"
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+
+#: login.defs.5.xml:383(term)
+msgid "newgrp / sg"
+msgstr "newgrp / sg"
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr "SYSLOG_SG_ENAB"
+
+#: login.defs.5.xml:393(para)
+#, fuzzy
+#| msgid ""
+#| "ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+#| "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+#| "\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+#| "SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:431(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+
+#: login.defs.5.xml:463(term)
+msgid "sulogin"
+msgstr "sulogin"
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+
+#: login.defs.5.xml:474(para)
+#, fuzzy
+#| msgid ""
+#| "CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+#| "PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+#| "SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb"
+#| "\">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>"
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN "
+"UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP TCB_SYMLINK "
+"USE_TCB</phrase>"
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:519(para)
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+"Ein Großteil der Funktionen, die früher einmal durch die Shadow-Passwort-"
+"Werkzeugsammlung angeboten wurden, wird heute durch PAM zur Verfügung "
+"gestellt. Daher wird <filename>/etc/login.defs</filename> nicht länger von "
+"Programmen wie <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> ausgewertet und von "
+"Programmen wie <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> oder "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> nur noch in geringem Umfang beachtet. Sie sollten daher für "
+"eine entsprechende Konfiguration in den Dateien von PAM nachsehen."
+
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr "login.access"
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr "Tabelle für die Zugangskontrolle zur Anmeldung"
+
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+"Die Datei <emphasis remap=\"I\">login.access</emphasis> legt Kombinationen "
+"von (Benutzer, Rechner) und (Benutzer, tty) fest, für die eine Anmeldung "
+"erlaubt oder abgelehnt wird."
+
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+"Wenn sich jemand anmeldet, wird <emphasis remap=\"I\">login.access</"
+"emphasis> nach dem ersten Eintrag durchsucht, auf den die Kombination von "
+"(Benutzer, Rechner) oder, bei lokalen Anmeldungen, von (Benutzer, tty) "
+"zutrifft. Das Feld für die Erlaubnis bestimmt, ob die Anmeldung zugelassen "
+"oder abgelehnt wird."
+
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr ""
+"Jede Zeile der Tabelle für die Zugangskontrolle enthält drei Felder, die "
+"jeweils durch einen Doppelpunkt »:« getrennt sind:"
+
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">Erlaubnis</emphasis>:<emphasis remap=\"I\">Benutzer</"
+"emphasis>:<emphasis remap=\"I\">Herkunft</emphasis>"
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+"Das erste Feld kann das Zeichen »<emphasis>+</emphasis>« (Zugriff erlaubt) "
+"oder »<emphasis>-</emphasis>« (Zugriff verweigert) sein. Das zweite Feld "
+"kann eine Liste von einem oder mehreren Anmeldenamen, Gruppennamen oder "
+"<emphasis>ALL<emphasis> (trifft immer zu) sein. Das dritte Feld kann eine "
+"Liste von einem oder mehreren tty-Namen (für lokale Anmeldungen), Rechner-"
+"Namen, Domain-Namen (beginnen mit einem »<literal>.</literal>«), Rechner-"
+"Adressen, Internet-Netzwerk-Nummern (enden mit einem »<literal>.</"
+"literal>«), <emphasis>ALL</emphasis> (trifft immer zu) oder <emphasis>LOCAL</"
+"emphasis> (trifft auf alle Zeichenketten zu, die keinen »<literal>.</"
+"literal>« enthalten). Falls Sie NIS einsetzen, können Sie in den Rechner- "
+"und Benutzerangaben auch @netgroupname verwenden."
+
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr ""
+"Der Operator <emphasis>EXCEPT</emphasis> ermöglicht es, sehr kurze Regeln zu "
+"schreiben."
+
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+"Die Gruppendatei wird nur durchsucht, wenn ein Name nicht mit dem des "
+"angemeldeten Benutzers übereinstimmt. Eine Übereinstimmung mit Gruppen wird "
+"nur festgestellt, wenn darin der Benutzer ausdrücklich aufgeführt ist. Das "
+"Programm beachtet also nicht den Wert der Hauptgruppe des Benutzers."
+
+# SB: Translation of login.1 based on Josef Spillner's
+# (josef@ggzgamingzone.org) from 2003. Mention somewhere else as well?
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr "startet eine Sitzung auf dem System"
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr "Rechner"
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr "ENV=VAR"
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+"Das Programm <command>login</command> wird verwendet, um eine neue Sitzung "
+"auf dem System zu starten. Es wird normalerweise automatisch als Antwort auf "
+"die <emphasis remap=\"I\">login:</emphasis>-Eingabeaufforderung auf dem "
+"Terminal des Benutzers ausgeführt. <command>login</command> kann von der "
+"Shell besonders behandelt werden und kann nicht als Subprozess gestartet "
+"werden. Wenn <command>login</command> von einer Shell aufgerufen wird, "
+"sollte es als <emphasis remap=\"B\">exec login</emphasis> ausgeführt werden, "
+"so dass die aktuelle Shell des Benutzers beendet wird (und somit verhindert "
+"wird, dass der neue Benutzer in die Sitzung des alten zurückkehren kann). "
+"Der Versuch, von einer Shell außer der Anmelde-Shell <command>login</"
+"command> auszuführen, wird eine Fehlermeldung erzeugen."
+
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+"Falls  erforderlich, wird der Benutzer anschließend nach einem Passwort "
+"gefragt. Dieses wird während der Eingabe nicht angezeigt. Es sind nur eine "
+"kleine Anzahl von Anmeldeversuchen zulässig, ehe <command>login</command> "
+"abbricht und die Kommunikation getrennt wird."
+
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+"Falls der Passwortverfall für Ihr Konto aktiviert wurde, kann es sein, dass "
+"Sie vor der weiteren Nutzung nach einem neuen Passwort gefragt werden. Sie "
+"müssen Ihr altes und neues Passwort angegeben, bevor Sie fortfahren können. "
+"In der Dokumentation zu <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> finden sich weitere "
+"Informationen."
+
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+"Nach einer erfolgreichen Anmeldung werden Ihnen Systemmeldungen präsentiert, "
+"sowie das Vorhandensein von Mails angezeigt. Die Anzeige der systemweiten "
+"Nachrichtendatei <filename>/etc/motd</filename> kann abgeschaltet werden, "
+"indem im Anmeldeverzeichnis eine leere Datei <filename>.hushlogin</filename> "
+"angelegt wird. Je nach Zustand der Mailbox des Benutzers ist die "
+"Mailnachricht entweder »<emphasis>Sie haben neue Mails.</emphasis>«, "
+"»<emphasis>Sie haben Mails.</emphasis>« oder »<emphasis>Keine Mails.</"
+"emphasis>«."
+
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+"Die Benutzer- und Gruppen-IDs werden gemäß den Werten in <filename>/etc/"
+"passwd</filename> gesetzt. Die Werte für <envar>$HOME</envar>, <envar>"
+"$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar> und <envar>"
+"$MAIL</envar> werden ebenfalls entsprechend den Feldern im Passworteintrag "
+"gesetzt. Werte für ulimit, umask und nice können ebenfalls gemäß den Werten "
+"im GECOS-Feld gesetzt werden."
+
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+"Bei einigen Installationen wird anfänglich die Umgebungsvariable <envar>"
+"$TERM</envar> entsprechend dem Terminaltyp Ihrer tty-Zeile, wie sie in "
+"<filename>/etc/ttytype</filename> angegeben ist, gesetzt."
+
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+"Ein  Startskript für Ihren Befehlsinterpreter kann auch ausgeführt werden. "
+"Sehen Sie bitte in den entsprechenden Handbuchseiten für weitere "
+"Informationen darüber nach."
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+"Es liegt NICHT in der Verantwortung von <command>login</command>, Benutzer "
+"aus der utmp-Datei zu entfernen. Sowohl <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> als auch "
+"<citerefentry><refentrytitle>init</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> sind dafür zuständig, die offenkundige Eigentümerstellung "
+"einer Terminalsitzung aufzuräumen. Falls Sie <command>login</command> von "
+"der Shell ohne <command>exec</command> verwenden, wird der Benutzer, den Sie "
+"verwenden, weiterhin als angemeldet erscheinen, obwohl Sie die "
+"»untergeordnete Sitzung« beendet haben."
+
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr "Keine Authentifizierung durchführen, Benutzer ist bereits angemeldet."
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+"Hinweis: In diesem Fall muss <replaceable>Benutzername</replaceable> "
+"angegeben werden."
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr "-h"
+
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr "Name des entfernt stehenden Rechners für die Anmeldung"
+
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr "behält die Umgebungseinstellungen bei"
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr "führt das Autologin-Protokoll für rlogin aus"
+
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+"Die Optionen <option>-r</option>, <option>-h</option> und <option>-f</"
+"option> können nur verwendet werden, wenn <command>login</command> von Root "
+"ausgeführt wird."
+
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Diese Version von <command>login</command> hat viele Optionen für die "
+"Kompilierung, wobei eventuell nicht alle Optionen auf allen Systemen "
+"verwendet werden."
+
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr ""
+"Der Ort der Konfigurationsdateien kann je nach Konfiguration des Systems "
+"unterschiedlich sein."
+
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+"Wie bei jedem anderen Programm kann auch das Erscheinungsbild von "
+"<command>login</command> vorgespiegelt werden. Falls unseriöse Benutzer "
+"physischen Zugriff auf den Rechner haben, kann dies von einem Angreifer "
+"verwendet werden, um das Passwort der Person zu erhalten, die sich als "
+"nächste vor den Rechner setzt. In Linux können Benutzer den SAK-Mechanismus "
+"verwenden, um einen vertrauenswürdigen Pfad zu erstellen und somit diesem "
+"Angriff zu entgehen."
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr "Liste der vorangegangenen angemeldeten Sitzungen"
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr "Datei mit der Systemmeldung des Tages"
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr "verhindert, dass sich Benutzer außer Root anmelden"
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr "Liste der Terminaltypen"
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr "unterdrückt die Ausgabe von Systemnachrichten"
+
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr "Luca"
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr "Berra"
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr "Festlegung von Resourcenbeschränkungen"
+
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+"Die <emphasis remap=\"I\">limits</emphasis>-Datei (standardmäßig <filename>/"
+"etc/limits</filename> oder die durch LIMITS_FILE in <filename>config.h</"
+"filename> festgelegte) bezeichnet die von Ihnen eingeführte Beschränkung von "
+"Ressourcen. Sie sollte Root gehören und nur von ihm lesbar sein."
+
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+"Standardmäßig bestehen für Root keine Einschränkungen. Tatsächlich gibt es "
+"keine Möglichkeit, mit diesem Verfahren Root-Konten (Konten mit der UID 0) "
+"Beschränkungen aufzuerlegen."
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr ""
+"Jede Zeile beschreibt eine Beschränkung für einen Benutzer in der Form:"
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr "Benutzer BESCHRÄNKUNGSZEICHENKETTE"
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr "oder in der Form:"
+
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr "@Gruppe BESCHRÄNKUNGSZEICHENKETTE"
+
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+"Die <emphasis>BESCHRÄNKUNGSZEICHENKETTE</emphasis> ist eine Kette von "
+"Ressourcen-Beschränkungen. Jede Beschränkung besteht aus einer "
+"Buchstabenkennung, der eine zahlenmäßige Beschränkung folgt."
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr "Gültige Kennungen sind:"
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr "A: maximaler Adressraum (KB)"
+
+# SB: Uebersetzung von "core file"?
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr "C: maximale Größe der Speicherabbild-Datei"
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr "D: maximale Datengröße (KB)"
+
+#: limits.5.xml:111(para)
+#, fuzzy
+#| msgid "F: maximum filesize (KB)"
+msgid "F: maximum file size (KB)"
+msgstr "F: maximale Dateigröße (KB)"
+
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"K: Maske für die Dateierstellung, wird von "
+"<citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></"
+"citerefentry> gesetzt."
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr ""
+"I: Maximaler Wert von nice (0 bis 39, was in 20 bis -19 übersetzt wird)"
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr "L: maximale Anzahl von Logins für diesen Benutzer"
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr "M: maximaler gesperrter Adressbereich im Speicher (KB)"
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr "N: maximale Anzahl offener Dateien"
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr "O: Maximale Echtzeit-Priorität "
+
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"P: Prozesspriorität, wird von <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry> gesetzt."
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr "R: maximale Resident Set Size (KB)"
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr "S: maximale Größe des Stapelverarbeitungsspeichers (KB)"
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr "T: maximale CPU-Zeit (Min)"
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr "U: maximale Anzahl von Prozessen"
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+"Zum Beispiel ist <emphasis remap=\"I\">L2D2048N5</emphasis> eine gültige "
+"<emphasis>BESCHRÄNKUNGSZEICHENKETTE</emphasis>. Um das Lesen zu erleichtern, "
+"werden folgende Einträge gleich behandelt:"
+
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      username L2D2048N5\n"
+"      username L2 D2048 N5\n"
+"    "
+msgstr ""
+"\n"
+"      Benutzername L2D2048N5\n"
+"      Benutzername L2 D2048 N5\n"
+"    "
+
+#: limits.5.xml:145(para)
+#, fuzzy
+#| msgid ""
+#| "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+#| "the line is considered a limit string, thus comments are not allowed. A "
+#| "invalid limits string will be rejected (not considered) by the "
+#| "<command>login</command> program."
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. An "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+"Beachten Sie, dass nach <emphasis remap=\"I\">Benutzername</emphasis> die "
+"übrige Zeile als Zeichenkette für Beschränkungen angesehen wird. Kommentare "
+"sind daher nicht zulässig. Eine ungültige Zeichenkette wird von "
+"<command>login</command> ignoriert."
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+"Standardwerte werden mit dem Benutzernamen »<emphasis>*</emphasis>« "
+"festgelegt. Falls Sie mehrfach <emphasis remap=\"I\">Standard</emphasis>-"
+"Werte in der <emphasis>BESCHRÄNKUNGSDATEI</emphasis> bestimmen, wird nur der "
+"letzte berücksichtigt."
+
+#: limits.5.xml:159(para)
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+"Beschränkungen, die in der Form »<replaceable>@group</replaceable>« "
+"festgelegt wurden, gelten für alle Mitglieder der angegebenen Gruppe "
+"<replaceable>group</replaceable>."
+
+#: limits.5.xml:165(para)
+#, fuzzy
+#| msgid ""
+#| "If more than one line with limits for an user exist, only the first line "
+#| "for this user will be considered."
+msgid ""
+"If more than one line with limits for a user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+"Wenn mehr als eine Zeile mit Beschränkungen für einen Benutzer vorhanden "
+"ist, wird für ihn nur die erste Zeile berücksichtigt."
+
+#: limits.5.xml:170(para)
+#, fuzzy
+#| msgid ""
+#| "If no lines are specified for an user, the last <replaceable>@group</"
+#| "replaceable> line matching a group whose the user is a member of will be "
+#| "considered, or the last line with default limits if no groups contain the "
+#| "user."
+msgid ""
+"If no lines are specified for a user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+"Wenn keine Zeile auf einen Benutzer zutrifft, wird auf ihn die letzte Zeile "
+"mit <replaceable>@group</replaceable> angewendet, die auf eine Gruppe "
+"verweist, deren Mitglied er ist. Wenn er auch nicht Mitglied einer der "
+"aufgeführten Gruppe ist, wird auf ihn die letzte Zeile, in der Standardwerte "
+"bestimmt sind, angewendet."
+
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr ""
+"Mit einem Gedankenstrich »<emphasis>-</emphasis>« können Sie alle "
+"Beschränkungen für einen Benutzer zu entfernen."
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+"Um für einen Benutzer eine bestimmte Beschränkung zu entfernen, müssen Sie "
+"für diese Beschränkung anstelle des numerischen Wertes einen Gedankenstrich "
+"»<replaceable>-</replaceable>« setzen."
+
+# SB: Well, there is PAM with /etc/security/limits.conf
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+"Berücksichtigen Sie auch, dass alle Beschränkungen nur JE ANMELDUNG gelten. "
+"Sie sind nicht global und auch nicht dauerhaft. Vielleicht wird es einmal "
+"globale Beschränkungen geben, für jetzt muss dies aber reichen ;)"
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr "/etc/limits"
+
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr "lastlog"
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr "berichtet die letzte Anmeldung für alle oder einen bestimmten Benutzer"
+
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+"<command>lastlog</command> formatiert und gibt den Inhalt der Datei mit den "
+"letzten Anmeldungen, <filename>/var/log/lastlog</filename>, aus. Der "
+"<emphasis>Anmeldename</emphasis>, der <emphasis>Port</emphasis> und der "
+"<emphasis>Zeitpunkt der letzten Anmeldung</emphasis> werden angezeigt. "
+"Standardmäßig (keine Optionen) werden die Lastlog-Einträge in der "
+"Reihenfolge, wie sie sich in <filename>/etc/passwd</filename> befinden, "
+"ausgegeben."
+
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>lastlog</command> unterstützt werden, "
+"sind:"
+
+#: lastlog.8.xml:97(term)
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>TAGE</"
+"replaceable>"
+
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+"gibt nur Lastlog-Einträge aus, die älter als <emphasis remap=\"I\">TAGE</"
+"emphasis> sind"
+
+#: lastlog.8.xml:107(term)
+#, fuzzy
+#| msgid "<option>-u</option>, <option>--user</option>"
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: lastlog.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "This option is only valid in combination with the <option>-d</option> (or "
+#| "<option>--home</option>) option."
+msgid ""
+"Clear lastlog record of a user. This option can be used only together with "
+"<option>-u</option> (<option>--user</option>))."
+msgstr ""
+"Diese Option ist nur in Verbindung mit der Option <option>-d</option> (oder "
+"<option>--home</option>) zulässig."
+
+#: lastlog.8.xml:138(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: lastlog.8.xml:142(para)
+msgid ""
+"Set lastlog record of a user to the current time. This option can be used "
+"only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>TAGE</"
+"replaceable>"
+
+#: lastlog.8.xml:153(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr ""
+"gibt nur Lastlog-Einträge aus, die neuer als <emphasis remap=\"I\">TAGE</"
+"emphasis> sind"
+
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>MENGE</replaceable>"
+
+#: lastlog.8.xml:164(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr "gibt nur die Lastlog-Einträge für die angegebenen Benutzer aus"
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+"Die Bestimmung der Benutzer erfolgt durch ihren Anmeldenamen, ihrer "
+"zahlenmäßigen Benutzer-ID oder einer <replaceable>MENGE</replaceable> von "
+"Benutzern. Diese <replaceable>MENGE</replaceable> kann mit Minimum- und "
+"Maximumwerten (<replaceable>UID_MIN-UID_MAX</replaceable>), nur mit einem "
+"Maximumwert (<replaceable>UID_MIN-UID_MAX</replaceable>) oder nur einem "
+"Minimumwert (<replaceable>UID_MIN-</replaceable>) bestimmt werden."
+
+#: lastlog.8.xml:179(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+"Wenn sich ein Benutzer noch nie angemeldet hat, wird die Meldung "
+"<emphasis>** Never logged in**</emphasis> anstatt von Port und Zeit "
+"angezeigt."
+
+#: lastlog.8.xml:184(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+"Es werden nur Einträge für auf dem System vorhandene Benutzer angezeigt, "
+"selbst wenn Einträge über gelöschte Benutzer noch vorhanden sind."
+
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr "ANMERKUNGEN"
+
+#: lastlog.8.xml:193(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+"Bei der Datei <filename>lastlog</filename> handelt es sich um eine "
+"Datenbank, die Informationen zur letzten Anmeldung der Benutzer enthält. Sie "
+"sollten sie nicht austauschen. Es handelt sich um eine Sparse-Datei, so dass "
+"die tatsächliche Größe auf dem Speichermedium gewöhnlich viel kleiner ist "
+"als von »<command>ls -l</command>« angezeigt wird (was eine sehr große Datei "
+"anzeigen kann, wenn sich Benutzer mit einer großen UID in <filename>passwd</"
+"filename> befinden). Die wirkliche Dateigröße lässt sich mit »<command>ls -"
+"s</command>« anzeigen."
+
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr "Datenbank mit Zeiten der letzten Anmeldung der Benutzer"
+
+#: lastlog.8.xml:217(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+"Große Lücken in den UID-Zahlen haben zur Folge, dass das Lastlog-Programm "
+"längere Zeit ohne Bildschirmausgabe läuft. Wenn sich z.B. in der Datenbank "
+"von Lastlog kein Eintrag für Benutzer mit der UID zwischen 170 und 800 "
+"befindet, wird es scheinen, als ob lastlog stehen geblieben ist, während es "
+"die Einträge mit der UID 171 bis 799 verarbeitet."
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr "ursprünglicher Autor, 2005"
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr "gshadow"
+
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr "Shadow-Datei für Gruppen"
+
+#: gshadow.5.xml:59(para)
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr ""
+"In <filename>/etc/gshadow</filename> befinden sich die Informationen für das "
+"Shadow-Gruppen-System."
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr ""
+"Die darin enthaltenen Zeilen haben folgende Felder, die durch Doppelpunkt "
+"getrennt sind:"
+
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "Gruppenname"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr ""
+"Es muss sich um einen gültigen, auf dem System vorhandenen Gruppennamen "
+"handeln."
+
+#: gshadow.5.xml:90(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+"Wenn das Passwortfeld eine Zeichenkette enthält, die kein zulässiges "
+"Ergebnis von <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> ist, z.B. ! oder *, können Benutzer nicht mit "
+"einem Unix-Passwort Zugang zu der Gruppe erhalten, wobei Gruppenmitglieder "
+"kein Passwort benötigen."
+
+#: gshadow.5.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The password is used when an user who is not a member of the group wants "
+#| "to gain the permissions of this group (see "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>)."
+msgid ""
+"The password is used when a user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"Das Passwort wird angefordert, wenn ein Benutzer, der nicht Mitglied der "
+"Gruppe ist, die Berechtigungen dieser Gruppe erhalten will (vergleiche "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>)."
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr ""
+"Dieses Feld kann leer bleiben. Dies hat zur Folge, dass nur "
+"Gruppenmitglieder von den Rechten der Gruppe Gebrauch machen können."
+
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr ""
+"Dieses Passwort geht den in <filename>/etc/group</filename> definierten "
+"Passwörtern vor."
+
+# SB: Gruppenverwalter ist besser als Administrator, weil so keine Verwechslung mit Systemadminstrator.
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr "Gruppenverwalter"
+
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr ""
+"Es muss sich dabei um eine durch Kommas getrennte Liste von Benutzernamen "
+"handeln."
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr ""
+"Gruppenverwalter können das Passwort und die Mitglieder der Gruppe ändern."
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr ""
+"Gruppenverwalter haben die gleichen Recht wie die Gruppenmitglieder (siehe "
+"unten)."
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr "Mitglieder"
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr ""
+"Mitglieder haben Zugang zu der Gruppe, ohne eine Passwort eingeben zu müssen."
+
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+"Sie sollten die gleiche Benutzerliste wie in <filename>/etc/group</filename> "
+"verwenden."
+
+#: gshadow.5.xml:175(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr "überprüft die Stimmigkeit der Gruppendateien"
+
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+"Der Befehl <command>grpwck</command> überprüft die Stimmigkeit der "
+"Informationen über die Gruppen. Alle Einträge in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">und <filename>/etc/gshadow</"
+"filename></phrase> werden darauf überprüft, ob sie das richtige Format haben "
+"und gültige Daten enthalten. Bei einem Eintrag, der falsch formatiert ist "
+"oder andere unbehebbare Fehler enthält, wird der Benutzer aufgefordert, ihn "
+"zu löschen."
+
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr "einen eindeutigen und gültigen Gruppennamen"
+
+#: grpck.8.xml:104(para)
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+"eine gültige Gruppenkennung <phrase condition=\"gshadow\"> (nur für "
+"<filename>/etc/group</filename>)</phrase>"
+
+#: grpck.8.xml:111(para)
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr ""
+"eine gültige Liste der Mitglieder <phrase condition=\"gshadow\"> und "
+"Gruppenverwalter</phrase>"
+
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+"einen passenden Eintrag in der Datei <filename>/etc/gshadow</filename>  "
+"(oder in <filename>/etc/group</filename> bei der Überprüfung von "
+"<filename>gshadow</filename>)"
+
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+"Fehler bei der Überprüfung der richtigen Anzahl der Felder und des "
+"eindeutigen Benutzernamens sind schwerwiegend. Wenn ein Eintrag die falsche "
+"Anzahl von Feldern aufweist, wird der Benutzer aufgefordert, die gesamte "
+"Zeile zu löschen. Wenn er dies ablehnt, werden alle weiteren Tests "
+"ausgelassen. Bei einem Eintrag mit einem mehrfach verwendeten Benutzernamen "
+"wird der Benutzer aufgefordert, diesen Eintrag zu löschen. Sollte er dies "
+"ablehnen, werden dennoch die übrigen Tests ausgeführt. Bei allen anderen "
+"Fehlern wird eine Warnung ausgegeben und der Benutzer aufgefordert, den "
+"Fehler mittels des Befehls <command>groupmod</command> zu beheben."
+
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+"Die Befehle, welche die <phrase condition=\"no_gshadow\">Datei <filename>/"
+"etc/group</filename></phrase><phrase condition=\"gshadow\">Dateien "
+"<filename>/etc/group</filename> und <filename>/etc/gshadow</filename></"
+"phrase> bearbeiten, können falsche oder doppelte Einträge nicht verändern. "
+"In solchen Fällen sollte <command>grpwck</command> verwendet werden, um die "
+"betreffenden Einträge zu entfernen."
+
+#: grpck.8.xml:152(para)
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>grpck</command> unterstützt werden, "
+"sind:"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+"Führt den Befehl <command>grpck</command> im Modus Nur-Lesen aus. Dies hat "
+"zur Folge, dass alle Fragen, ob Veränderungen vorgenommen werden sollen, mit "
+"<emphasis>no</emphasis> beantworteten werden, ohne dass der Benutzer "
+"einzugreifen braucht."
+
+#: grpck.8.xml:187(para)
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+"Ordnet die Einträge in <filename>/etc/group</filename><phrase condition="
+"\"gshadow\">und <filename>/etc/gshadow</filename></phrase> nach der GID."
+
+#: grpck.8.xml:196(para)
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+"Standardmäßig arbeitet <command>grpck</command> mit  <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\"> und <filename>/etc/gshadow</"
+"filename></phrase>. Der Benutzer kann andere Dateien mit <phrase condition="
+"\"no_gshadow\">dem Parameter <emphasis remap=\"I\">group</emphasis></"
+"phrase><phrase condition=\"gshadow\">den Parametern <emphasis remap=\"I"
+"\">group</emphasis> und <emphasis remap=\"I\">shadow</emphasis></phrase> "
+"auswählen."
+
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr "ein oder mehrere fehlerhafte Gruppeneinträge"
+
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr "Die Gruppendateien können nicht geöffnet werden."
+
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr "Die Gruppendateien können nicht gesperrt werden."
+
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr "Die Gruppendateien können nicht aktualisiert werden."
+
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>grpck</command> gibt beim Beenden folgende Werte zurück: "
+"<placeholder-1/>"
+
+#: grpck.8.xml:291(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr "zeigt die aktuell verwendeten Gruppennamen an"
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr "Benutzer"
+
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+"Der Befehl <command>groups</command> zeigt die momentan verwendeten "
+"Gruppennamen oder IDs an. Wenn einem Wert kein Eintrag in <filename>/etc/"
+"group</filename> entspricht, wird die Gruppennummer ausgegeben. Mit der "
+"Option <emphasis remap=\"I\">user</emphasis> werden nur die Gruppen des "
+"bezeichneten <emphasis remap=\"I\">Benutzers</emphasis> angezeigt."
+
+# SB: Ãœbersetzung von "concurrent group set"?
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+"Auf Systemen, die keine simultanen Gruppen unterstützen, werden die "
+"Informationen aus <filename>/etc/group</filename> ausgegeben. Wenn der "
+"Benutzer seine tatsächliche und effektive Gruppen-ID ändern will, muss er "
+"<command>newgrp</command> oder <command>sg</command> verwenden."
+
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr "ändert die Eigenschaften einer Gruppe auf dem System"
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "GRUPPE"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+"Der Befehl <command>groupmod</command> ändert die Eigenschaften der "
+"angegebenen <replaceable>GRUPPE</replaceable>, indem die passenden Einträge "
+"in der Gruppendatenbank geändert werden."
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>groupmod</command> unterstützt werden, "
+"sind:"
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmod.8.xml:100(para)
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+"Die Gruppen-ID der angegebenen <replaceable>GRUPPE</replaceable> wird zu "
+"<replaceable>GID</replaceable> geändert."
+
+#: groupmod.8.xml:104(para)
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+"Der Wert von <replaceable>GID</replaceable> muss eine nicht negative, "
+"dezimale Zahl sein. Er muss eindeutig sein, außer wenn die Option <option>-"
+"o</option> verwendet wird."
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+"Benutzer, welche die Gruppe als Hauptgruppe verwenden, werden aktualisiert, "
+"um die Gruppe als Hauptgruppe zu behalten."
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+"Bei Dateien, welche die alte Gruppen-ID haben und weiterhin der Gruppe "
+"<replaceable>GROUP</replaceable> gehören sollen, muss die Gruppen-ID per "
+"Hand angepasst werden."
+
+#: groupmod.8.xml:120(para)
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Die Werte von <option>GID_MIN</option>, <option>GID_MAX</option>, "
+"<option>SYS_GID_MIN</option> und <option>SYS_GID_MAX</option> aus <filename>/"
+"etc/login.defs</filename> werden nicht geprüft."
+
+#: groupmod.8.xml:135(term)
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEUE_GRUPPE</replaceable>"
+
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+"Der Gruppenname wird vom Namen <replaceable>GRUPPE</replaceable> zu "
+"<replaceable>NEUE_GRUPPE</replaceable> geändert."
+
+#: groupmod.8.xml:150(para)
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+"Wenn sie mit der Option <option>-g</option> verwendet wird, kann mit ihr der "
+"Wert der Gruppen-<replaceable>GID</replaceable> auf einen nicht eindeutigen "
+"Wert gesetzt werden."
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "Gruppenname wird schon verwendet"
+
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>groupmod</command> gibt beim Beenden folgende Werte "
+"zurück: <placeholder-1/>"
+
+#: groupmod.8.xml:287(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr "George"
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr "Kraft"
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr "IV"
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr "ursprünglicher Autor, 2000"
+
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr "verwaltet die Mitglieder der Hauptgruppe eines Benutzers"
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr "Benutzer_Name"
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr "Gruppen_Name"
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr "-g <placeholder-1/>"
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+# SB: 1. I don't understand "sake"? A typo? But of what? 2. I think we shouldn't have the notorious guest account here as an example.
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+"Mit dem Befehl <command>groupmems</command> kann ein Benutzer die "
+"Mitgliederliste seiner eigenen Gruppe verwalten, ohne Root-Rechte zu "
+"benötigen. Das Werkzeug <command>groupmems</command> ist für Systeme "
+"gedacht, auf denen die Hauptgruppe eines Benutzers den gleichen Namen hat "
+"wie der Benutzer (z.B. fritz/fritz)."
+
+#: groupmems.8.xml:94(para)
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+"Nur Root als Administrator kann mit <command>groupmems</command> die "
+"Mitgliederlisten anderer Gruppen bearbeiten."
+
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>groupmems</command> unterstützt "
+"werden, sind:"
+
+#: groupmems.8.xml:107(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>Benutzer_Name</"
+"replaceable>"
+
+#: groupmems.8.xml:109(para)
+#, fuzzy
+#| msgid "Add an user to the group membership list."
+msgid "Add a user to the group membership list."
+msgstr "Fügt einen Benutzer der Mitgliederliste der Gruppe hinzu."
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+"Wenn die Datei <filename>/etc/gshadow</filename> vorhanden ist, die Gruppe "
+"darin aber keinen Eintrag hat, wird ein solcher erstellt."
+
+#: groupmems.8.xml:118(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;"
+"<replaceable>Benutzer_Name</replaceable>"
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr "Löscht einen Benutzer aus der Mitgliederliste der Gruppe."
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+"Wenn <filename>/etc/gshadow</filename> vorhanden ist, wird der Benutzer aus "
+"der Liste der Mitglieder und Gruppenverwalter entfernt."
+
+#: groupmems.8.xml:134(term)
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--group</option>&nbsp;"
+"<replaceable>Gruppen_Name</replaceable>"
+
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr ""
+"Root kann eine Gruppen bestimmen, deren Mitgliederliste er bearbeiten will."
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr "gibt die Mitgliederliste aus"
+
+#: groupmems.8.xml:154(term)
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-p</option>, <option>--purge</option>"
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr "löscht alle Benutzer aus der Mitgliederliste der Gruppe"
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr "EINRICHTUNG"
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+"Die ausführbare Datei <command>groupmems</command> sollte die Rechte "
+"<literal>2770</literal> haben und dem Benutzer <emphasis>root</emphasis> und "
+"der Gruppe <emphasis>groups</emphasis> gehören. Der Systemadministrator kann "
+"Benutzer der Gruppe <emphasis>groups</emphasis> hinzufügen, um ihnen zu "
+"ermöglichen, mit <command>groupmems</command> die Mitgliederliste ihrer "
+"eigenen Gruppe zu verwalten."
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+"    "
+msgstr ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+"    "
+
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr "verschlüsselte Informationen zu den Gruppenkonten"
+
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr "löscht eine Gruppe"
+
+#: groupdel.8.xml:81(para)
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+"Der Befehl <command>groupdel</command> bearbeitet die Kontodateien des "
+"Systems und löscht darin alle Einträge, die auf die <replaceable>Gruppe</"
+"replaceable> verweisen. Die bezeichnete Gruppe muss existieren."
+
+#: groupdel.8.xml:89(para)
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>groupdel</command> unterstützt werden, "
+"sind:"
+
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr ""
+"Sie können nicht die Hauptgruppe eines Benutzers entfernen. Dazu müssten Sie "
+"zunächst den betreffenden Benutzer löschen."
+
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr ""
+"Sie sollten von Hand alle Systemdateien überprüfen, um sicherzustellen, dass "
+"keine Dateien, die der gelöschten Gruppe angehören, vorhanden sind."
+
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr "Die Hauptgruppe eines Benutzers kann nicht entfernen werden."
+
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>groupdel</command> gibt beim Beenden folgende Werte "
+"zurück: <placeholder-1/>"
+
+#: groupdel.8.xml:198(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "erstellt eine neue Gruppe"
+
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+"Der Befehl <command>groupadd</command> erstellt ein neues Gruppenkonto. "
+"Dabei verwendet er die Werte, die auf der Befehlszeile angegeben wurden, "
+"oder die Standardwerte des Systems. Soweit es notwendig ist, wird die neue "
+"Gruppe den Systemdateien hinzugefügt."
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>groupadd</command> unterstützt werden, "
+"sind:"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+"Die Option führt dazu, dass der Befehl nur dann erfolgreich beendet wird, "
+"wenn die angegebene Gruppe existiert. Falls diese Option zusammen mit der "
+"Option <option>-g</option> verwendet wird und die angegebene GID schon "
+"vergeben ist, wird eine andere, eindeutige GID gewählt (d.h. <option>-g</"
+"option> wird nicht beachtet)."
+
+#: groupadd.8.xml:118(para)
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+"Der zahlenmäßige Wert der Gruppen-ID. Dieser Wert muss eindeutig sein, "
+"sofern nicht die Option <option>-o</option> verwendet wird. Der Wert darf "
+"nicht negativ sein. Standardmäßig wird der kleinste Wert größer als oder "
+"gleich <option>GID_MIN</option> und größer als jeder andere Wert einer "
+"Gruppe verwendet."
+
+#: groupadd.8.xml:124(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr ""
+"Vergleichen Sie auch die Option <option>-r</option> und die Ausführungen zu "
+"<option>GID_MAX</option>."
+
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+"Ãœberschreibt die Standardwerte von <filename>/etc/login.defs</filename> "
+"(GID_MIN, GID_MAX und weitere). Diese Option kann mehrfach verwendet werden."
+
+#: groupadd.8.xml:146(para)
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Beispiel: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: groupadd.8.xml:150(para)
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+"Hinweis: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> funktioniert noch nicht."
+
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr ""
+"Diese Option erlaubt es, eine Gruppe mit einer nicht eindeutigen GID zu "
+"erstellen."
+
+#: groupadd.8.xml:192(para)
+msgid "Create a system group."
+msgstr "erstellt eine neue Systemgruppe"
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+"Die zahlenmäßige Kennung einer neuen Systemgruppe wird aus der Spanne von "
+"<option>SYS_GID_MIN</option> bis <option>SYS_GID_MAX</option> gewählt, "
+"welche in <filename>login.defs</filename> festgelegt wird, anstelle von "
+"<option>GID_MIN</option> bis <option>GID_MAX</option>."
+
+#: groupadd.8.xml:258(para)
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Gruppennamen müssen mit einem Kleinbuchstaben oder einem Unterstrich "
+"beginnen. Nachfolgend dürfen sie Kleinbuchstaben, Zahlen, Unterstriche und "
+"Gedankenstriche enthalten. Das letzte Zeichen darf auch ein Dollarzeichen "
+"sein. Als regulärer Ausdruck: [a-z_][a-z0-9_-]*[$]?"
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr ""
+"Gruppennamen dürfen nur bis zu &GROUP_NAME_MAX_LENGTH; Zeichen lang sein."
+
+#: groupadd.8.xml:267(para)
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Sie können einen Benutzer nicht einer NIS- oder LDAP-Gruppe hinzufügen. Dies "
+"müssen Sie auf dem entsprechenden Server durchführen."
+
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+"Falls der Gruppenname bereits in einer externen Datenbank (wie etwa NIS oder "
+"LDAP) vergeben ist, wird <command>groupadd</command> die Gruppe nicht "
+"erstellen."
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr "GID nicht eindeutig (wenn <option>-o</option> nicht angegeben wird)"
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr "Gruppenname nicht eindeutig"
+
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>groupadd</command> gibt beim Beenden folgende Werte "
+"zurück: <placeholder-1/>"
+
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr "Rafal"
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr "Maszkowski"
+
+#: gpasswd.1.xml:71(phrase)
+msgid "administer <placeholder-1/>"
+msgstr "verwaltet <placeholder-1/>"
+
+#: gpasswd.1.xml:74(phrase)
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr "verwaltet <placeholder-1/> und <placeholder-2/>"
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+msgid "option"
+msgstr "Option"
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+"Der Befehl <command>gpasswd</command> dient zur Verwaltung von <filename>/"
+"etc/group</filename><phrase condition=\"gshadow\"> und <filename>/etc/"
+"gshadow</filename></phrase>. Jede Gruppe kann <phrase condition=\"gshadow"
+"\">Gruppenverwalter,</phrase> Mitglieder und ein Passwort haben."
+
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+"Der Systemadministrator kann mit der Option <option>-A</option> "
+"Gruppenverwalter bestimmen. Mit der Option <option>-M</option> legt er die "
+"Mitglieder fest. Er besitzt alle Rechte, die Gruppenverwalter und Mitglieder "
+"haben können."
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+"Wenn ein <phrase condition=\"gshadow\">Gruppenverwalter</phrase><phrase "
+"condition=\"no_gshadow\">Systemadministrator</phrase> <command>gpasswd</"
+"command> nur mit dem Gruppennamen aufruft, wird er aufgefordert, für die "
+"<replaceable>Gruppe</replaceable> ein neues Passwort zu vergeben."
+
+#: gpasswd.1.xml:115(para)
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+"Wenn ein Passwort vergeben wurde, können Mitglieder der Gruppe dennoch ohne "
+"Passwort <citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry> ausführen. Alle anderen Benutzer benötigen dazu "
+"das Passwort."
+
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr "Hinweise zu Gruppenpasswörtern"
+
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+"Gruppenpasswörter beinhalten ein Sicherheitsrisiko, da mehrere Personen das "
+"Passwort kennen. Dennoch können sie sinnvoll sein, um die Zusammenarbeit "
+"zwischen Benutzern zu erleichtern."
+
+#: gpasswd.1.xml:135(para)
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr ""
+"Außer die Optionen <option>-A</option> und <option>-M</option> können die "
+"übrigen Optionen nicht zusammen verwendet werden."
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr "Die Optionen können nicht zusammen verwendet werden."
+
+#: gpasswd.1.xml:142(para)
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>gpasswd</command> unterstützt werden, "
+"sind:"
+
+#: gpasswd.1.xml:147(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>Benutzer</"
+"replaceable>"
+
+#: gpasswd.1.xml:151(para)
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Fügt den <replaceable>Benutzer</replaceable> der bezeichneten "
+"<replaceable>Gruppe</replaceable> zu."
+
+#: gpasswd.1.xml:160(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>Benutzer</"
+"replaceable>"
+
+#: gpasswd.1.xml:164(para)
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+"entfernt den <replaceable>Benutzer</replaceable> aus der bezeichneten "
+"<replaceable>Gruppe</replaceable>"
+
+#: gpasswd.1.xml:181(term)
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_VERZ</"
+"replaceable>"
+
+#: gpasswd.1.xml:195(term)
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr "<option>-r</option>, <option>--remove-password</option>"
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+"Entfernt das Passwort der bezeichneten <replaceable>Gruppe</replaceable>. "
+"Das Gruppenpasswort wird leer sein. Damit können nur noch Gruppenmitglieder "
+"mit <command>newgrp</command> zu der bezeichneten <replaceable>Gruppe</"
+"replaceable> wechseln."
+
+#: gpasswd.1.xml:211(term)
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr "<option>-R</option>, <option>--restrict</option>"
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Schränkt den Zugang zur bezeichneten <replaceable>Gruppe</replaceable> ein. "
+"Das Gruppenpasswort wird auf »!« gesetzt. Damit können nur noch "
+"Gruppenmitglieder mit einem Passwort mit <command>newgrp</command> zu der "
+"bezeichneten <replaceable>Gruppe</replaceable> wechseln."
+
+#: gpasswd.1.xml:227(term)
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>Benutzer</replaceable>, ..."
+
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr "Liste der Gruppenverwalter bestimmen"
+
+#: gpasswd.1.xml:239(term)
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>Benutzer</"
+"replaceable>, ..."
+
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr "Liste der Mitglieder der Gruppe bestimmen"
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+"Dieses Werkzeug bearbeitet nur <phrase condition=\"gshadow\">die Dateien "
+"<filename>/etc/group</filename> und <filename>/etc/gshadow</filename> </"
+"phrase><phrase condition=\"no_gshadow\">die Datei <filename>/etc/group</"
+"filename></phrase>. Sie können daher keine NIS- oder LDAP-Gruppen "
+"bearbeiten. Dies muss auf dem entsprechenden Server durchgeführt werden."
+
+#: gpasswd.1.xml:298(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr "faillog"
+
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr ""
+"zeigt Aufzeichnungen der fehlgeschlagenen Anmeldungen an oder richtet "
+"Beschränkungen für fehlgeschlagene Anmeldungen ein"
+
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+"<command>faillog</command> zeigt den Inhalt der Datenbank der "
+"fehlgeschlagenen Anmeldungen (<filename>/var/log/faillog</filename>) an. Es "
+"kann auch die Zählung und Beschränkung der Fehlversuche verwalten. Wenn "
+"<command>faillog</command> ohne Optionen ausgeführt wird, wird nur die Liste "
+"der fehlgeschlagenen Anmeldungen aller Benutzer angezeigt, deren Anmeldung "
+"jemals gescheitert ist."
+
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>faillog</command> unterstützt werden, "
+"sind:"
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+"zeigt (oder bearbeitet) die faillog-Einträge aller Benutzer, die einen "
+"Eintrag in der Datenbank <filename>faillog</filename> haben"
+
+#: faillog.8.xml:102(para)
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr ""
+"Die Spanne der Benutzer kann mit der Option <option>-u</option> eingegrenzt "
+"werden."
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+"Im Anzeigemodus ist dies auf vorhandene Benutzer beschränkt, erzwingt aber "
+"die Anzeige der Faillog-Einträge, auch wenn diese leer sind."
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+"Mit den Optionen <option>-l</option>, <option>-m</option>, <option>-r</"
+"option> und <option>-t</option> werden die Benutzereinträge selbst dann "
+"geändert, wenn der Benutzer auf dem System nicht vorhanden ist. Dies kann "
+"sinnvoll sein, wenn die Einträge von gelöschten Benutzer zurückgesetzt "
+"werden sollen oder vorsorglich eine Richtlinie für eine Anzahl von Benutzern "
+"eingerichtet werden soll."
+
+#: faillog.8.xml:128(term)
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEK</"
+"replaceable>"
+
+#: faillog.8.xml:132(para)
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+"sperrt nach einer fehlgeschlagenen Anmeldung das Konto für <replaceable>SEK</"
+"replaceable> Sekunden"
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr ""
+"Für diese Option muss ein Schreibzugriff auf <filename>/var/log/faillog</"
+"filename> bestehen."
+
+#: faillog.8.xml:143(term)
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+
+#: faillog.8.xml:147(para)
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+"setzt den Zähler der fehlgeschlagene Anmeldungen, nach denen das Konto "
+"abgeschaltet wird, auf <replaceable>MAX</replaceable>"
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+"Wenn <replaceable>MAX</replaceable> den Wert 0 hat, besteht keine "
+"Beschränkung für die Anzahl fehlgeschlagener Anmeldeversuche."
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+"Für <emphasis>root</emphasis> sollte der Wert der maximalen Anmeldeversuche "
+"immer 0 betragen, um eine durch einen Angriff ausgelöste Dienstverweigerung "
+"(denial of service) zu verhindern."
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr "setzt die Zählerstände der fehlgeschlagenen Anmeldeversuche zurück"
+
+#: faillog.8.xml:195(para)
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr ""
+"zeigt die Einträge der fehlgeschlagenen Anmeldungen an, die aktueller als "
+"<replaceable>TAGE</replaceable> sind"
+
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+"zeigt die Aufzeichnungen der fehlgeschlagenen Anmeldungen nur der "
+"angegebenen Benutzer an oder bearbeitet (wenn mit den Optionen <option>-l</"
+"option>, <option>-m</option> oder <option>-r</option> verwendet) nur deren "
+"Zählerstände und Beschränkungen"
+
+#: faillog.8.xml:224(para)
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+"Wenn keine der Optionen <option>-l</option>, <option>-m</option> oder "
+"<option>-r</option> verwendet wird, zeigt <command>faillog</command> die "
+"Aufzeichnung der fehlgeschlagenen Anmeldeversuche der angegebenen Benutzer "
+"an."
+
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+"<command>faillog</command> zeigt nur die Benutzer an, die sich seit der "
+"letzten fehlgeschlagenen Anmeldung nicht erfolgreich anmelden konnten. Um "
+"die übrigen Benutzer anzuzeigen, müssen Sie diese explizit mit der Option "
+"<option>-u</option> benennen oder sich alle Benutzer mit der Option <option>-"
+"a</option> anzeigen lassen."
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr "/var/log/faillog"
+
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr "Datei mit fehlgeschlagenen Anmeldungen"
+
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr "Datei mit fehlgeschlagenen Anmeldungen"
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+"In <filename>/var/log/faillog</filename> wird der Zählerstand von "
+"fehlgeschlagenen Anmeldungen und die Beschränkungen für jedes Konto "
+"niedergelegt."
+
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+"Einträge in dieser Datei haben eine festgelegte Länge und sind der "
+"zahlenmäßigen UID nach angeordnet. Jeder Eintrag besteht aus der Anzahl der "
+"fehlgeschlagenen Anmeldungen seit der letzten erfolgreichen Anmeldung, der "
+"maximalen Anzahl von Fehlschlägen, ehe das Konto abgeschaltet wird, dem "
+"Gerät, auf dem die letzte fehlgeschlagene Anmeldung erfolgte, das Datum der "
+"letzten fehlgeschlagenen Anmeldung und die Dauer in Sekunden, für die das "
+"Konto nach einem Fehlschlag gesperrt ist."
+
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "Die Datei ist so aufgebaut:"
+
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;\n"
+"\tshort   fail_max;\n"
+"\tchar    fail_line[12];\n"
+"\ttime_t  fail_time;\n"
+"\tlong    fail_locktime;\n"
+"};"
+msgstr ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;\n"
+"\tshort   fail_max;\n"
+"\tchar    fail_line[12];\n"
+"\ttime_t  fail_time;\n"
+"\tlong    fail_locktime;\n"
+"};"
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr "ursprünglicher Autor, 1990"
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr "expiry"
+
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr "überprüft die Regeln für den Verfall des Passworts und setzt diese um"
+
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+"Mit der Option <option>-c</option> überprüft der Befehl <command>expiry</"
+"command> den aktuellen Status des Verfalls des Passworts. Mit der Option "
+"<option>-f</option> werden die notwendigen Veränderungen umgesetzt. Er kann "
+"von normalen Benutzern aufgerufen werden."
+
+#: expiry.1.xml:92(para)
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>expiry</command> unterstützt werden, "
+"sind:"
+
+#: expiry.1.xml:97(term)
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr "<option>-c</option>, <option>--check</option>"
+
+#: expiry.1.xml:99(para)
+msgid "Check the password expiration of the current user."
+msgstr "überprüft den Verfall des Passworts des aktuellen Benutzers"
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr ""
+"erzwingt den Wechsel des Passworts des aktuellen Benutzers, falls dieses "
+"abgelaufen ist"
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+# SB: Translation of chsh.1 based on Josef Spillner's
+# (josef@ggzgamingzone.org) from 2003. Mention somewhere else as well?
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr "ändert die Anmelde-Shell"
+
+#: chsh.1.xml:85(para)
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+"Der Befehl <command>chsh</command> ändert die Anmelde-Shell eines Benutzers. "
+"Er legt den Befehl fest, der bei der Anmeldung ausgeführt wird. Ein normaler "
+"Benutzer kann nur die Anmelde-Shell seines eigenen  Kontos ändern, während "
+"Root dies für alle Konten darf."
+
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>chsh</command> unterstützt werden, "
+"sind:"
+
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Wenn die Option <option>-s</option> nicht ausgewählt ist, wird "
+"<command>chsh</command> im interaktiven Modus betrieben. Dabei wird der "
+"Benutzer mit der aktuellen Anmelde-Shell zur Eingabe einer neuen "
+"aufgefordert. Durch Eingabe eines Wertes wird die Shell geändert, während "
+"sie bei einer leeren Zeile beibehalten wird. Die aktuelle Shell wird "
+"zwischen einem Paar von <emphasis>[ ]</emphasis> angezeigt."
+
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+"Die einzige Beschränkung für die Anmelde-Shell ist, dass der Name des "
+"Befehls in der Datei <filename>/etc/shells</filename> enthalten sein muss. "
+"Root darf allerdings jeden beliebigen Befehl vergeben. Bei Konten, denen "
+"eine beschränkte Anmelde-Shell zugewiesen ist, ist es nicht möglich, die "
+"Anmelde-Shell zu ändern. Daher ist es nicht ratsam, <filename>/bin/rsh</"
+"filename> in <filename>/etc/shells</filename> einzutragen, da ein Benutzer "
+"nicht zu seiner ursprünglichen Anmelde-Shell zurückwechseln kann, falls er "
+"versehentlich eine beschränkte Shell als Anmelde-Shell auswählt."
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr "/etc/shells"
+
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr "Liste der möglichen Anmelde-Shells"
+
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr "aktualisiert Passwörter im Batch-Modus"
+
+#: chpasswd.8.xml:83(para)
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+"Der Befehl <command>chpasswd</command> liest eine Liste von Benutzername-"
+"Passwort-Paaren von der Standardeingabe. Damit werden Benutzerdaten "
+"aktualisiert. Jede Zeile muss folgendes Format haben:"
+
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">Benutzername</emphasis>:<emphasis remap=\"I"
+"\">Passwort</emphasis>"
+
+#: chpasswd.8.xml:92(para)
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+"Das Passwort muss standardmäßig im Klartext angegeben werden und von "
+"<command>chpasswd</command> verschlüsselt. Soweit vorhanden, wird auch das "
+"Alter des Passworts aktualisiert."
+
+#: chpasswd.8.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+#| "variables of <filename>/etc/login.defs</filename>, and can be overwitten "
+#| "with the <option>-e</option>, <option>-m</option>, or <option>-c</option> "
+#| "options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwritten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"Der standardmäßige Verschlüsselungsalgorithmus kann systemweit mit den "
+"Variablen <option>ENCRYPT_METHOD</option> oder <option>MD5_CRYPT_ENAB</"
+"option> in <filename>/etc/login.defs</filename> definiert werden. Dieser "
+"kann mit den Optionen <option>-e</option>, <option>-m</option> oder <option>-"
+"c</option> überschrieben werden."
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"Standardmäßig werden die Passwörter von PAM verschlüsselt. Sie können aber "
+"eine andere Verschlüsselungsmethode mit den Optionen <option>-e</option>, "
+"<option>-m</option> oder <option>-c</option> festlegen (dies wird jedoch "
+"nicht angeraten)."
+
+#: chpasswd.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "<phrase condition=\"pam\">Except when PAM is used to encrypt the "
+#| "passwords,</phrase><command>chpasswd</command> first updates all the "
+#| "passwords in memory, and then commits all the changes to disk if no "
+#| "errors occured for any user."
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occurred for "
+"any user."
+msgstr ""
+"<phrase condition=\"pam\">PAM wird nicht zur Verschlüsselung der Passwörter "
+"verwendet:</phrase><command>chpasswd</command> aktualisiert zunächst alle "
+"Passwörter im Arbeitsspeicher und schreibt dann die Änderungen auf das "
+"Speichermedium, falls keine Fehler aufgetreten sind."
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+"Wenn PAM zur Verschlüsselung der Passwörter (und ihrer Aktualisierung in der "
+"Systemdatenbank) verwendet wird, wird <command>chpasswd</command> die "
+"Aktualisierung der Passwörter auch dann fortsetzen, wenn ein Passwort nicht "
+"geändert werden kann, und beim Beenden eine Fehlermeldung zurückgeben."
+
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr ""
+"Dieser Befehl ist für den Einsatz in großen Umgebungen vorgesehen, in der "
+"viele Konten gleichzeitig erstellt werden müssen."
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>chpasswd</command> unterstützt werden, "
+"sind:"
+
+#: chpasswd.8.xml:137(term)
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHODE</replaceable>"
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr "Die verfügbaren Methoden sind DES, MD5 und NONE."
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr "Standardmäßig verschlüsselt PAM die Passwörter."
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+"Standardmäßig (wenn keine der Optionen <option>-c</option>, <option>-m</"
+"option> oder <option>-e</option> angegeben wird) wird die "
+"Verschlüsselungsmethode durch die Variablen <option>ENCRYPT_METHOD</option> "
+"oder <option>MD5_CRYPT_ENAB</option> in <filename>/etc/login.defs</filename> "
+"bestimmt."
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr "Passwörter werden verschlüsselt angegeben."
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr "<option>-m</option>, <option>--md5</option>"
+
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr ""
+"werwendet zur Verschlüsselung MD5 anstelle von DES, wenn die Passwörter "
+"unverschlüsselt angegeben werden"
+
+#: chpasswd.8.xml:200(term)
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>RUNDEN</"
+"replaceable>"
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Standardmäßig wird die Anzahl der Runden von den Variablen "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> und <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> <filename>/etc/login.defs</filename> bestimmt."
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr ""
+"Achten Sie darauf, dass die Rechte und Umask korrekt vergeben sind, um zu "
+"verhindern, dass andere Benutzer unverschlüsselte Dateien lesen können."
+
+#: chpasswd.8.xml:276(filename)
+msgid "/etc/pam.d/chpasswd"
+msgstr "/etc/pam.d/chpasswd"
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr "PAM-Konfiguration für <command>chpasswd</command>"
+
+#: chpasswd.8.xml:286(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr "ursprünglicher Autor, 2006"
+
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr "aktualisiert Gruppenpasswörter im Batch-Modus"
+
+#: chgpasswd.8.xml:79(para)
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+"Der Befehl <command>chgpasswd</command> liest eine Liste von Gruppenname-"
+"Passwort-Paaren von der Standardeingabe. Damit werden Gruppendaten "
+"aktualisiert. Jede Zeile muss folgendes Format haben:"
+
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">Gruppenname</emphasis>:<emphasis remap=\"I\">Passwort</"
+"emphasis>"
+
+#: chgpasswd.8.xml:88(para)
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+"Das Passwort wird standardmäßig im Klartext angegeben. Die "
+"Standardalgorithmus zur Verschlüsselung ist DES."
+
+#: chgpasswd.8.xml:92(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+#| "filename>, and can be overwiten with the <option>-e</option>, <option>-m</"
+#| "option>, or <option>-c</option> options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwritten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+"Der standardmäßige Verschlüsselungsalgorithmus wird systemweit mit der "
+"Variable <option>ENCRYPT_METHOD</option> in <filename>/etc/login.defs</"
+"filename> bestimmt. Dies kann mit den Optionen <option>-e</option>, <option>-"
+"m</option> oder <option>-c</option> überschrieben werden."
+
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>chgpasswd</command> unterstützt "
+"werden, sind:"
+
+#: chgpasswd.8.xml:238(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+# SB: Translation of chfn.1 based on Josef Spillner's
+# (josef@ggzgamingzone.org) from 2003. Mention somewhere else as well?
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr ""
+"ändert den vollständigen Namen eines Benutzers und sonstige Informationen"
+
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+"Der Befehl <command>chfn</command> ändert den vollständigen Namen, die "
+"Bürozimmernummer sowie die berufliche und private Telefonnummer für ein "
+"Benutzerkonto. Diese Informationen werden typischerweise von "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> und ähnlichen Programmen verwendet. Ein normaler Benutzer darf "
+"nur die Felder seines eigenen Kontos ändern und muss dabei zudem die "
+"Einschränkungen in <filename>/etc/login.defs</filename> beachten. So ist es "
+"Benutzern standardmäßig nicht möglich, ihren vollständigen Namen zu ändern. "
+"Root kann die Felder aller Konten verändern. Außerdem darf nur Root mittels "
+"der Option <option>-o</option> die undefinierten Teile des GECOS-Feldes "
+"ändern."
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+"Diese Felder dürfen keinen Doppelpunkt enthalten. Mit Ausnahme des Feldes "
+"<emphasis remap=\"I\">sonstiges</emphasis> sollten sie kein Komma oder "
+"Gleichheitszeichen enthalten. Außerdem wird abgeraten, andere Zeichen als US-"
+"ASCII zu verwenden, aber nur für die Telefonnummern ist dies zwingend. Das "
+"Feld <emphasis remap=\"I\">sonstiges</emphasis> wird von anderen Anwendungen "
+"verwendet, um dort Informationen über das Konto abzuspeichern."
+
+#: chfn.1.xml:112(para)
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>chfn</command> unterstützt werden, "
+"sind:"
+
+#: chfn.1.xml:117(term)
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>VOLLSTÄNDIGER_NAME</replaceable>"
+
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr "verändert den vollständigen Namen des Benutzers"
+
+#: chfn.1.xml:125(term)
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>TEL_PRIV</replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr "ändert die private Telefonnummer des Benutzers"
+
+#: chfn.1.xml:133(term)
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>SONSTIGES</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+"Verändert die sonstigen Informationen über den Benutzer in der GECOS-Zeile. "
+"In diesem Feld werden Kontoinformationen anderer Anwendungen gespeichert. Es "
+"kann nur vom Superuser verändert werden."
+
+#: chfn.1.xml:145(term)
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--room</option>&nbsp;"
+"<replaceable>ZIMMER_NUMMER</replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr "ändert die Zimmernummer des Benutzers"
+
+#: chfn.1.xml:165(term)
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-u</option>, <option>--help</option>"
+
+#: chfn.1.xml:173(term)
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>TEL_BERUF</replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr "verändert die berufliche Telefonnummer des Benutzers"
+
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+"Wenn keine Option ausgewählt wird, arbeitet <command>chfn</command> "
+"interaktiv. Dabei wird der Benutzer nach den aktuellen Werten für alle "
+"Felder befragt. Bei Eingabe eines neuen Wertes wird dieser verwendet, bei "
+"keiner Eingabe stattdessen der Originalwert beibehalten. Der aktuelle Wert "
+"wird zwischen einem Paar von <emphasis remap=\"B\">[ ]</emphasis> angezeigt. "
+"Ohne Optionen fragt <command>chfn</command> nach einem Benutzerkonto."
+
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "ändert die Information zum Passwortverfall"
+
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+"Der Befehl <command>chage</command> verändert die Anzahl der Tage zwischen "
+"dem letzten Wechsel des Passworts und dem nächsten Wechsel. Mit dieser "
+"Information bestimmt das System, wann ein Benutzer sein Passwort verändern "
+"muss."
+
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr ""
+"Die Optionen, die vom Befehl <command>chage</command> unterstützt werden, "
+"sind:"
+
+#: chage.1.xml:97(term)
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;"
+"<replaceable>LETZTER_TAG</replaceable>"
+
+# SB: So I could also do DD.MM.YYYY or MM.DD.YYYY? How does system know which format I chose?
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+"Legt die Anzahl der Tage, gerechnet ab dem 1. Januar 1970, fest, seit denen "
+"das Passwort das letzte Mal gewechselt wurde. Das Datum kann auch im Format "
+"JJJJ-MM-TT (oder in dem Format, das in Ihrer Region verbreitet ist) "
+"angegeben werden."
+
+#: chage.1.xml:109(term)
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>VERFALLSDATUM</replaceable>"
+
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+"Setzt das Datum oder die Anzahl der Tage seit dem 1. Januar 1970, ab dem auf "
+"das Benutzerkonto nicht mehr zugegriffen werden kann. Das Datum kann auch im "
+"Format JJJJ-MM-TT (oder in dem Format, das in Ihrer Region verbreitet ist) "
+"angegeben werden. Ein Benutzer, dessen Konto gesperrt ist, muss sich mit dem "
+"Systemadministrator in Verbindung setzen, ehe er sich wieder am System "
+"anmelden kann."
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+"Wenn <emphasis remap=\"I\">-1</emphasis> als <replaceable>VERFALLSDATUM</"
+"replaceable> angegeben wird, wird das Verfallsdatum für das Konto entfernt."
+
+#: chage.1.xml:135(term)
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+"Legt die Anzahl der Tage der Untätigkeit fest, nach denen ein Passwort "
+"abgelaufen ist, bevor das Konto gesperrt wird. Die Option "
+"<replaceable>INAKTIV</replaceable> bezeichnet die Anzahl der Tage, für die "
+"das Konto inaktiv ist. Ein Benutzer, dessen Konto gesperrt ist, muss sich "
+"mit dem Systemadministrator in Verbindung setzen, ehe er sich wieder am "
+"System anmelden kann."
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+"Wenn <emphasis remap=\"I\">-1</emphasis> als <replaceable>INAKTIV</"
+"replaceable> angegeben wird, wird die Ãœberwachung der fehlenden Verwendung "
+"des Kontos entfernt."
+
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr "zeigt Informationen zur Kontoalterung an"
+
+#: chage.1.xml:164(term)
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_TAGE</"
+"replaceable>"
+
+#: chage.1.xml:176(term)
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_TAGE</"
+"replaceable>"
+
+#: chage.1.xml:180(para)
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+"Bestimmt die maximale Anzahl von Tagen, die das Passwort gültig bleibt. Wenn "
+"<replaceable>MAX_TAGE</replaceable> plus <replaceable>LETZTER_TAG</"
+"replaceable> älter als das aktuelle Datum ist, muss der Benutzer sein "
+"Passwort ändern, ehe er sein Konto benutzen kann. Mit der Option <option>-W</"
+"option> werden die Benutzer vor dem drohenden Verfall ihres Passworts "
+"gewarnt."
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+"Wenn <emphasis remap=\"I\">-1</emphasis> als <replaceable>MAX_TAGE</"
+"replaceable> angegeben wird, wird der Passwortverfall entfernt."
+
+#: chage.1.xml:209(term)
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_TAGE</replaceable>"
+
+#: chage.1.xml:213(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+"Legt die Anzahl der Tage fest, an denen der Benutzer eine Warnung erhält, "
+"bevor sein Passwort geändert werden muss. Die Option <replaceable>WARN_TAGE</"
+"replaceable> bezeichnet die Anzahl der Tage, für die ein Benutzer vor "
+"Verfall seines Passworts gewarnt wird."
+
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Wenn keine Option ausgewählt wird, arbeitet <command>chage</command> "
+"interaktiv. Dabei wird der Benutzer nach den aktuellen Werten für alle "
+"Felder befragt. Bei Eingabe eines neuen Wertes wird dieser verwendet, bei "
+"Eingabe einer Leerzeile stattdessen der Originalwert beibehalten. Der "
+"aktuelle Wert wird zwischen einem Paar von <emphasis remap=\"B\">[ ]</"
+"emphasis> angezeigt."
+
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr ""
+"Für das Programm <command>chage</command> ist es notwendig, dass eine Shadow-"
+"Passwort-Datei vorhanden ist."
+
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+"Der Befehl <command>chage</command> kann nur von Root ausgeführt werden. "
+"Alle anderen Benutzer können nur die Option <option>-l</option> verwenden, "
+"um die Verfallsdaten für ihr Konto einzusehen."
+
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "Eine Shadow-Passwort-Datei kann nicht gefunden werden."
+
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Der Befehl <command>chage</command> gibt beim Beenden folgende Werte zurück: "
+"<placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr "Simon Brandmair (sbrandmair@gmx.net), 2005, 2007, 2011."
+
+#~ msgid "-M"
+#~ msgstr "-M"
+
+#~ msgid "Kłoczko"
+#~ msgstr "Kłoczko"
+
+#~ msgid "François"
+#~ msgstr "François"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "13"
+#~ msgstr "13"
+
+#~ msgid "can't create mail spool"
+#~ msgstr "Mail-Spool kann nicht erstellen werden."
+
+#~ msgid ""
+#~ "The SELinux user for the user's login. The default is to leave this field "
+#~ "the blank, which causes the system to select the default SELinux user."
+#~ msgstr ""
+#~ "Der SELinux-Benutzer für den Benutzer nach seiner Anmeldung. "
+#~ "Standardmäßig bleibt dieses Feld leer und es wird dem System überlassen, "
+#~ "den SELinux-Benutzer zu bestimmen."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "-q"
+#~ msgstr "-q"
+
+#~ msgid "-s"
+#~ msgstr "-s"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "new_users"
+#~ msgstr "neue_benutzer"
+
+#~ msgid "full_name"
+#~ msgstr "Voller_Name"
+
+#~ msgid "-f <placeholder-1/>"
+#~ msgstr "-f <placeholder-1/>"
+
+#~ msgid "room_no"
+#~ msgstr "Zimmer_Nr"
+
+#~ msgid "work_ph"
+#~ msgstr "Tel_dienstlich"
+
+#~ msgid "-w <placeholder-1/>"
+#~ msgstr "-w <placeholder-1/>"
+
+#~ msgid "home_ph"
+#~ msgstr "Tel_Privat"
+
+#~ msgid "other"
+#~ msgstr "sonstiges"
+
+#~ msgid "-o <placeholder-1/>"
+#~ msgstr "-o <placeholder-1/>"
diff --git a/man/po/fr.po b/man/po/fr.po
new file mode 100644
index 0000000..48ef2fd
--- /dev/null
+++ b/man/po/fr.po
@@ -0,0 +1,11084 @@
+# translation of shadow-man.po to French
+# French translation of the shadow's man pages
+# Traduction des pages de manuel livrées avec shadow
+# Copyright (C) 2011, 2012  Debian French l10n team <debian-l10n-french@lists.debian.org>
+#
+#     Certaines pages étaient déjà traduites:
+#       chpasswd: Amand Tihon <amand@alrj.org>
+#       faillog(5): Pascal Terjan <CMoi@tuxfamily.org>
+#
+# Nicolas FRANÇOIS <nicolas.francois@centraliens.net>, 2004-2009.
+# Jean-Luc Coulon <jean-luc.coulon@wanadoo.fr>, 2008.
+# ABBAS.B <abelkcem@hotmail.com>, 2009.
+#       chage: Olivier Marin, 2001.
+#       chsh, groups, passwd(1), passwd(5): Christophe Blaess, 1997.
+#       gpasswd: Maxime Mastin, 2001.
+#       shadow(5): Thierry Vignaud <tvignaud@mandrakesoft.com>, 1999.
+#       useradd: Frédéric Delanoy, 2000.
+# Christian Perrier <bubulle@debian.org>, 2009, 2012.
+# Thomas Blein <tblein@tblein.eu>, 2011, 2012.
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow-man-pages 4.0.18\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2013-08-23 01:37+0200\n"
+"Last-Translator: Thomas Blein <tblein@tblein.eu>\n"
+"Language-Team: French <debian-l10n-french@lists.debian.org>\n"
+"Language: fr\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: Lokalize 1.2\n"
+"X-Poedit-Language: French\n"
+"X-Poedit-Country: FRANCE\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr ""
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr ""
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr ""
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr ""
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname)
+#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname)
+#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname)
+#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname)
+#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname)
+#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr ""
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr ""
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib)
+#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib)
+#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib)
+#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib)
+#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib)
+#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib)
+#: chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr ""
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr ""
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname)
+#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname)
+#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname)
+#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname)
+#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname)
+#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname)
+#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr ""
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr ""
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib)
+#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib)
+#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib)
+#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib)
+#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib)
+#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib)
+#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr ""
+
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "Commandes de gestion du système"
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+msgid "shadow-utils"
+msgstr "shadow-utils"
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr "Éditer les fichiers passwd, group, shadow ou gshadow"
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable)
+#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable)
+#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable)
+#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable)
+#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable)
+#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable)
+#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "options"
+
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "DESCRIPTION"
+
+#: vipw.8.xml:90(para)
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<command>vipw</command> et <command>vigr</command> permettent de modifier "
+"les fichiers <filename>/etc/passwd</filename> et <filename>/etc/group</"
+"filename>, respectivement. Avec l'option <option>-s</option>, ils permettent "
+"d'éditer les versions cachées de ces fichiers : <filename>/etc/shadow</"
+"filename> et <filename>/etc/gshadow</filename>, respectivement. Ces "
+"programmes placent les verrous nécessaires afin d'éviter toute corruption "
+"des fichiers. L'éditeur utilisé est choisi d'abord en fonction de la "
+"variable d'environnement <envar>$VISUAL</envar>, puis de la variable "
+"d'environnement <envar>$EDITOR</envar>. À défaut, l'éditeur, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> est utilisé quand ces variables ne sont pas définies."
+
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title)
+#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title)
+#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title)
+#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "OPTIONS"
+
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr ""
+"Les options applicables aux commandes <command>vipw</command> et "
+"<command>vigr</command> sont :"
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "Éditer la base de données de groupes."
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "Afficher un message d'aide et quitter."
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "Éditer la base de données passwd."
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "Mode silencieux."
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>RÉP_CHROOT</"
+"replaceable>"
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+"Appliquer les changements dans le répertoire <replaceable>RÉP_CHROOT</"
+"replaceable> et utiliser les fichiers de configuration du répertoire "
+"<replaceable>RÉP_CHROOT</replaceable>."
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "Éditer les bases de données shadow ou gshadow."
+
+#: vipw.8.xml:156(term)
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr "Indique l'utilisateur dont le fichier shadow de tcb doit être édité."
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title)
+#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title)
+#: chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr "CONFIGURATION"
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+"Les variables de configuration suivantes dans <filename>/etc/login.defs</"
+"filename> modifient le comportement de cet outil :"
+
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "<option>USE_TCB</option> (booléen)"
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"Si <replaceable>yes</replaceable> (« oui »), le schéma de mot de passe "
+"shadow de <citerefentry><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> sera utilisé."
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr "ENVIRONNEMENT"
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr "VISUAL"
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr "L'éditeur à utiliser"
+
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr "EDITOR"
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr "L'éditeur à utiliser si <option>VISUAL</option> n'est pas définie."
+
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title)
+#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title)
+#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title)
+#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title)
+#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title)
+#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title)
+#: chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr "FICHIERS"
+
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename)
+#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename)
+#: grpck.8.xml:224(filename) groups.1.xml:103(filename)
+#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename)
+#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename)
+#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename)
+#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "Informations sur les groupes."
+
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "Informations sécurisées sur les groupes."
+
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "Informations sur les comptes des utilisateurs."
+
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "Informations sécurisées sur les comptes utilisateurs."
+
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "VOIR AUSSI"
+
+#: vipw.8.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr ""
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname)
+#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname)
+#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname)
+#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname)
+#: groups.1.xml:40(surname) groupmod.8.xml:41(surname)
+#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname)
+#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname)
+#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname)
+#: chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr ""
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr ""
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "Modifier un compte utilisateur"
+
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "LOGIN"
+
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"La commande <command>usermod</command> modifie les fichiers d'administration "
+"des comptes du système selon les modifications qui ont été indiquées sur la "
+"ligne de commande."
+
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>usermod</command> sont :"
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--append</option>"
+
+#: usermod.8.xml:104(para)
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr ""
+"Ajouter l'utilisateur aux groupes supplémentaires. N'utilisez cette option "
+"qu'avec l'option <option>-G</option>."
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;"
+"<replaceable>COMMENTAIRE</replaceable>"
+
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"La nouvelle valeur du champ de commentaire du fichier de mots de passe pour "
+"l'utilisateur. Il est normalement modifié en utilisant l'utilitaire "
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: usermod.8.xml:124(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home-dir</option>&nbsp;"
+#| "<replaceable>HOME_DIR</replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;"
+"<replaceable>RÉP_PERSO</replaceable>"
+
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr "Le nouveau répertoire personnel de l'utilisateur."
+
+#: usermod.8.xml:131(para)
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+"Si l'option <option>-m</option> est fournie, le contenu du répertoire "
+"personnel actuel sera déplacé dans le nouveau répertoire personnel, qui sera "
+"créé si nécessaire."
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable>"
+
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+"Date à laquelle le compte utilisateur sera désactivé. La date est indiquée "
+"dans le format <emphasis remap=\"I\">AAAA-MM-JJ</emphasis>."
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr ""
+"Un paramètre <replaceable>DATE_FIN_VALIDITÉ</replaceable> vide désactivera "
+"l'expiration du compte."
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+"Cette option nécessite un fichier <filename>/etc/shadow</filename>. Une "
+"entrée <filename>/etc/shadow</filename> sera créée si il n'y en avait pas."
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>DURÉE_INACTIVITÉ</replaceable>"
+
+#: usermod.8.xml:164(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr ""
+"Nombre de jours suivant la fin de validité d'un mot de passe après lequel le "
+"compte est définitivement désactivé."
+
+#: usermod.8.xml:168(para)
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr ""
+"Une valeur de 0 désactive le compte dès que le mot de passe a dépassé sa fin "
+"de validité, et une valeur de -1 désactive cette fonctionnalité."
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUPE</"
+"replaceable>"
+
+#: usermod.8.xml:185(para)
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr ""
+"Nom du groupe ou identifiant numérique du groupe de connexion initial de "
+"l'utilisateur. Le groupe doit exister."
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr ""
+"Tout fichier du répertoire personnel de l'utilisateur appartenant au groupe "
+"primaire précédent de l'utilisateur appartiendra à ce nouveau groupe."
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr ""
+"Le groupe propriétaire des fichiers en dehors du répertoire personnel de "
+"l'utilisateur doit être modifié manuellement."
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUPE1</"
+"replaceable>[<emphasis remap=\"I\">,GROUPE2,...</emphasis>[<emphasis remap="
+"\"I\">,GROUPEN</emphasis>]]]"
+
+#: usermod.8.xml:204(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+"Liste de groupes supplémentaires auxquels appartient également "
+"l'utilisateur. Chaque groupe est séparé du suivant par une virgule, sans "
+"espace entre eux. Les groupes sont soumis aux mêmes restrictions que celles "
+"de l'option <option>-g</option>."
+
+#: usermod.8.xml:211(para)
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+"Si l'utilisateur fait actuellement partie d'un groupe qui n'est pas listé, "
+"l'utilisateur sera supprimé du groupe. Ce comportement peut être modifié par "
+"l'option <option>-a</option>, qui permet d'ajouter l'utilisateur à la liste "
+"actuelle des groupes supplémentaires."
+
+#: usermod.8.xml:220(term)
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--login</option>&nbsp;"
+"<replaceable>NOUVEAU_LOGIN</replaceable>"
+
+#: usermod.8.xml:224(para)
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+"Le nom de l'utilisateur passera de <replaceable>LOGIN</replaceable> à "
+"<replaceable>NOUVEAU_LOGIN</replaceable>. Rien d'autre ne sera modifié. En "
+"particulier, le nom du répertoire personnel et l'emplacement de la boîte aux "
+"lettres de l'utilisateur devrontprobablement être changés pour refléter le "
+"nouveau nom de connexion."
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+"Verrouiller le mot de passe d'un utilisateur. Cette option ajoute un « ! » "
+"devant le mot de passe chiffré, ce qui désactive le mot de passe. Vous ne "
+"pouvez pas utiliser cette option avec <option>-p</option> ou <option>-U</"
+"option>."
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+"Remarque : pour verrouiller le compte (et pas seulement l'accès au compte "
+"par un mot de passe), il est également nécessaire de placer "
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable> à <replaceable>1</replaceable>."
+
+#: usermod.8.xml:253(term)
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr "<option>-m</option>, <option>--move-home</option>"
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr ""
+"Déplacer le contenu du répertoire personnel de l'utilisateur vers un nouvel "
+"emplacement."
+
+#: usermod.8.xml:261(para)
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr ""
+"Cette option ne fonctionne que lorsqu'elle est combinée avec l'option "
+"<option>-d</option> (ou <option>--home</option>)."
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+"<command>usermod</command> essayera d'adapter les permissions des fichiers "
+"et de copier les modes, ACL et attributs étendus. Cependant, vous risquez de "
+"devoir procéder à des modifications vous-même."
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr "<option>-o</option>, <option>--non-unique</option>"
+
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr ""
+"En combinaison avec l'option <option>-u</option>, cette option permet de "
+"changer l'identifiant utilisateur vers une valeur déjà utilisée."
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+"<option>-p</option>, <option>--password</option>&nbsp;"
+"<replaceable>MOT_DE_PASSE</replaceable>"
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+"Mot de passe chiffré, comme renvoyé par <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+"<emphasis role=\"bold\">Remarque :</emphasis> l'utilisation de cette option "
+"est déconseillée car le mot de passe (ou le mot de passe chiffré) peut être "
+"visible des utilisateurs qui affichent la liste des processus. "
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+"Le mot de passe sera écrit dans le fichier <filename>/etc/passwd</filename> "
+"local ou le fichier <filename>/etc/shadow</filename>. Cela peut être "
+"différent de la base de données de mots de passe définie dans la "
+"configuration de PAM."
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr ""
+"Il est nécessaire de vérifier si le mot de passe respecte la politique de "
+"mots de passe du système."
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;"
+"<replaceable>INTERPRÉTEUR</replaceable>"
+
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+"Nom du nouvel interpréteur de commandes initial (« login shell ») de "
+"l'utilisateur. Si ce champ est vide, le système sélectionnera l'interpréteur "
+"de commandes initial par défaut."
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr "La valeur numérique de l'identifiant de l'utilisateur."
+
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+"Cette valeur doit être unique, à moins que l'option <option>-o</option> ne "
+"soit utilisée. La valeur ne doit pas être négative."
+
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr ""
+"La boîte aux lettres et tous les fichiers possédés par l'utilisateur et qui "
+"sont situés dans son répertoire personnel verront leur identifiant "
+"d'utilisateur automatiquement modifié."
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr ""
+"Le propriétaire des fichiers en dehors du répertoire personnel de "
+"l'utilisateur doit être modifié manuellement."
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Aucun contrôle ne sera effectué sur les valeurs de <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, ou "
+"<option>SYS_UID_MAX</option> du fichier <filename>/etc/login.defs</filename>."
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr "<option>-U</option>, <option>--unlock</option>"
+
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+"Déverrouiller le mot de passe d'un utilisateur. Cela supprime le « ! » situé "
+"devant le mot de passe chiffré. Vous ne pouvez pas utiliser cette option "
+"avec <option>-p</option> ou <option>-L</option>."
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+"Remarque : pour déverrouiller le compte (et pas seulement l'accès au compte "
+"via un mot de passe), vous devriez définir la valeur "
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable> (par exemple à "
+"<replaceable>99999</replaceable> ou à la valeur <option>EXPIRE</option> dans "
+"<filename>/etc/default/useradd</filename>)."
+
+#: usermod.8.xml:384(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLE</replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>UID_MIN</option>, "
+#| "<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+#| "<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Aucun contrôle ne sera effectué sur les valeurs de <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, ou "
+"<option>SYS_UID_MAX</option> du fichier <filename>/etc/login.defs</filename>."
+
+#: usermod.8.xml:402(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLE</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subuids</option> and <option>--add-"
+"subuids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+
+#: usermod.8.xml:422(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLE</replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>GID_MIN</option>, "
+#| "<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+#| "<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Aucun contrôle ne sera effectué sur les valeurs de <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, ou "
+"<option>SYS_GID_MAX</option> du fichier <filename>/etc/login.defs</filename>."
+
+#: usermod.8.xml:440(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLE</replaceable>"
+
+#: usermod.8.xml:444(para)
+#, fuzzy
+#| msgid "Remove any SELinux user mapping for the user's login."
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr ""
+"Élimine toute association avec tout utilisateur SELinux pour la connexion de "
+"l'utilisateur."
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subgids</option> and <option>--add-"
+"subgids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>UTILISATEUR_SELINUX</replaceable>"
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr ""
+"Le nouvel utilisateur SELinux utilisé pour la connexion de l'utilisateur."
+
+#: usermod.8.xml:467(para)
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+"Un paramètre <replaceable>SEUSER</replaceable> vide éliminera l'association "
+"de l'utilisateur SELinux pour l'utilisateur <replaceable>LOGIN</replaceable> "
+"(si spécifiée)"
+
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title)
+#: faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr "AVERTISSEMENTS"
+
+#: usermod.8.xml:479(para)
+#, fuzzy
+#| msgid ""
+#| "You must make certain that the named user is not executing any processes "
+#| "when this command is being executed if the user's numerical user ID, the "
+#| "user's name, or the user's home directory is being changed. "
+#| "<command>usermod</command> checks this on Linux, but only check if the "
+#| "user is logged in according to utmp on other architectures."
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux. On other platforms it only "
+"uses utmp to check if the user is logged in."
+msgstr ""
+"Il est nécessaire de contrôler que l'identifiant indiqué n'a pas de "
+"processus en cours d'exécution si cette commande est utilisée pour modifier "
+"l'identifiant numérique de l'utilisateur, son identifiant (login) ou son "
+"répertoire personnel. <command>usermod</command> effectue ce contrôle sous "
+"Linux mais vérifie seulement les informations d'utmp sur les autres "
+"architectures."
+
+#: usermod.8.xml:486(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+"Il est nécessaire de changer manuellement le propriétaire des fichiers "
+"<command>crontab</command> ou des travaux programmés par <command>at</"
+"command>."
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr ""
+"Les modifications qui concernent NIS doivent être effectuées sur le serveur "
+"NIS."
+
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr "<option>MAIL_DIR</option> (chaîne de caractères)"
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+"Répertoire d'attente des courriels (« mail spool directory »). Ce paramètre "
+"est nécessaire pour manipuler les boîtes à lettres lorsque le compte d'un "
+"utilisateur est modifié ou supprimé. S'il n'est pas spécifié, une valeur par "
+"défaut définie à la compilation est utilisée."
+
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr "<option>MAIL_FILE</option> (chaîne de caractères)"
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr ""
+"Définir l'emplacement des boîtes aux lettres des utilisateurs relativement à "
+"leur répertoire personnel."
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+"Les paramètres <option>MAIL_DIR</option> et <option>MAIL_FILE</option> sont "
+"utilisés par <command>useradd</command>, <command>usermod</command> et "
+"<command>userdel</command> pour créer, déplacer ou supprimer les boîtes aux "
+"lettres des utilisateurs."
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+"Si <option>MAIL_CHECK_ENAB</option> est réglé sur <replaceable>yes</"
+"replaceable>, ces variables servent également à définir la variable "
+"d'environnement <envar>MAIL</envar>."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr "<option>MAX_MEMBERS_PER_GROUP</option> (nombre)"
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+"Nombre maximum de membres par entrée de groupe. Lorsque le maximum est "
+"atteint, une nouvelle entrée de groupe (ligne) est démarrée dans <filename>/"
+"etc/group</filename> (avec le même nom, même mot de passe, et même GID)."
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr ""
+"La valeur par défaut est 0, ce qui signifie qu'il n'y a pas de limites pour "
+"le nombre de membres dans un groupe."
+
+#. Note: on HP, split groups have the same ID, but different
+#.                names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+"Cette fonctionnalité (groupe découpé) permet de limiter la longueur des "
+"lignes dans le fichier de groupes. Ceci est utile pour s'assurer que les "
+"lignes pour les groupes NIS ne sont pas plus grandes que 1024 caractères."
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr ""
+"Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25."
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+"Remarque : les groupes découpés ne sont peut-être pas pris en charge par "
+"tous les outils (même dans la suite d'outils Shadow). Vous ne devriez pas "
+"utiliser cette variable, sauf si vous en avez vraiment besoin."
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (nombre)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MAX</option> (number)"
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (nombre)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (nombre)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_GID_MIN</option> (resp. "
+#| "<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"La valeur par défaut pour <option>SYS_GID_MIN</option> (respectivement "
+"<option>SYS_GID_MAX</option>) est 101 (respectivement <option>GID_MIN</"
+"option>-1)."
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (nombre)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MAX</option> (number)"
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (nombre)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (nombre)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_UID_MIN</option> (resp. "
+#| "<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"La valeur par défaut pour <option>SYS_UID_MIN</option> (respectivement "
+"<option>SYS_UID_MAX</option>) est 101 (respectivement <option>UID_MIN</"
+"option>-1)."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr "<option>TCB_SYMLINKS</option> (booléen)"
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+"  use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+"  kilos = UID / 1000\n"
+"  use /etc/tcb/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+"  megas = UID / 1000000\n"
+"  kilos = ( UID / megas * 1000000 ) / 1000\n"
+"  use /etc/tcb/:megas/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+"      "
+msgstr ""
+"\n"
+"si ( UID est inférieur à 1000) {\n"
+"  utiliser /etc/tcb/user\n"
+"} sinon, et si ( UID est inférieur à 1000000) {\n"
+"  kilos = UID / 1000\n"
+"  utiliser /etc/tcb/:kilos/user\n"
+"  faire un lien symbolique de /etc/tcb/user vers le répertoire précédent\n"
+"} sinon {\n"
+"  megas = UID / 1000000\n"
+"  kilos = ( UID / megas * 1000000 ) / 1000\n"
+"  utiliser /etc/tcb/:megas/:kilos/user\n"
+"  faire un lien symbolique de /etc/tcb/user vers le répertoire précédent\n"
+"}\n"
+"      "
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+"Si <replaceable>yes</replaceable> (« oui »), l'emplacement du répertoire tcb "
+"de l'utilisateur à créer ne sera pas automatiquement configuré à /etc/tcb/"
+"user, mais sera calculé en fonction de l'UID de l'utilisateur, à l'aide de "
+"l'algorithme suivant : <placeholder-1/>"
+
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr "/etc/login.defs"
+
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr ""
+"Configuration de la suite des mots de passe cachés « shadow password »."
+
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+#: usermod.8.xml:562(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr "userdel"
+
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr "supprimer un compte utilisateur et les fichiers associés"
+
+#: userdel.8.xml:85(para)
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+"La commande <command>userdel</command> modifie les fichiers d'administration "
+"des comptes du système, en supprimant les entrées qui se réfèrent à "
+"<emphasis remap=\"I\">LOGIN</emphasis>. L'utilisateur nommé doit exister."
+
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr ""
+"Les options disponibles de la commande <command>userdel</command> sont :"
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr "<option>-f</option>, <option>--force</option>"
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+"Cette option impose la suppression de l'utilisateur, même s'il est encore "
+"connecté. Elle force également <command>userdel</command> à supprimer son "
+"répertoire personnel et sa file d'attente des courriels, même si un autre "
+"utilisateur utilise le même répertoire personnel ou si l'utilisateur précisé "
+"n'est pas le propriétaire de la file d'attente des courriels. Si "
+"<emphasis>USERGROUPS_ENAB</emphasis> vaut <emphasis remap=\"I\">yes</"
+"emphasis> dans <filename>/etc/login.defs</filename> et si un groupe existe "
+"avec le même nom que l'utilisateur supprimé, alors ce groupe sera supprimé, "
+"même s'il s'agit du groupe primaire d'un autre utilisateur."
+
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr ""
+"<emphasis>Remarque :</emphasis> Cette option est dangereuse, elle peut "
+"laisser votre système dans un état incohérent."
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+"Les fichiers présents dans le répertoire personnel de l'utilisateur seront "
+"supprimés en même temps que le répertoire lui-même, ainsi que le répertoire "
+"d'attente des courriels. Vous devrez rechercher et éliminer vous-même les "
+"fichiers situés dans d'autres systèmes de fichiers."
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+"Le répertoire d'attente des courriels est défini par la variable "
+"<option>MAIL_DIR</option> dans <filename>login.defs</filename>."
+
+#: userdel.8.xml:158(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr "<option>-Z</option>, <option>--selinux-user</option>"
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr ""
+"Élimine toute association avec tout utilisateur SELinux pour la connexion de "
+"l'utilisateur."
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr "<option>USERDEL_CMD</option> (chaîne de caractères)"
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+"Si définie, la commande est exécutée lors de la suppression d'un "
+"utilisateur. Elle pourra supprimer toutes les tâches périodiques cron ou at, "
+"tous les travaux d'impression, etc. de l'utilisateur (qui sera fourni comme "
+"premier paramètre)."
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr "Le code de retour du script n'est pas pris en compte."
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+"      "
+msgstr ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+"      "
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+"Voici un script exemple, qui supprime le fichier d'entrée de cron et d'at "
+"ainsi que les travaux d'impression en attente ;<placeholder-1/>"
+
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr "<option>USERGROUPS_ENAB</option> (booléen)"
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+"Activer la mise en place de bits de masque de groupe (« umask group bits ») "
+"identiques à ceux du propriétaire (exemple : 022 -&gt; 002, 077 -&gt; 007) "
+"pour les utilisateurs non privilégiés, si l'UID est identique au GID et que "
+"l'identifiant de connexion est identique au groupe principal."
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+"Si cette variable est configurée à <replaceable>yes</replaceable>, "
+"<command>userdel</command> supprimera le groupe de l'utilisateur s'il ne "
+"contient pas d'autres membres, et <command>useradd</command> créera par "
+"défaut un groupe portant le nom de l'utilisateur."
+
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr "VALEURS DE RETOUR"
+
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr "0"
+
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr "succès"
+
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum)
+#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr "1"
+
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr "impossible de mettre à jour le fichier des mots de passe"
+
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr "2"
+
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr "erreur de syntaxe"
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr "6"
+
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr "l'utilisateur indiqué n'existe pas"
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr "l'utilisateur est actuellement connecté"
+
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr "10"
+
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr "impossible de mettre à jour le fichier des groupes"
+
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr "12"
+
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr "impossible de supprimer le répertoire personnel"
+
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>userdel</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+"<command>userdel</command> ne permet pas la suppression d'un compte si des "
+"processus actifs lui appartiennent encore. Dans ce cas, il peut être "
+"nécessaire de tuer ces processus ou de simplement verrouiller le mot de "
+"passe ou le compte de l'utilisateur, afin de supprimer le compte plus tard. "
+"L'option <option>-f</option> permet de forcer la suppression du compte."
+
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr ""
+"Vous devez vérifier vous-même qu'aucun fichier possédé par l'utilisateur ne "
+"subsiste sur tous les systèmes de fichiers."
+
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr ""
+"Vous ne pouvez supprimer aucun attribut NIS d'un client NIS. Cela doit être "
+"effectué sur le serveur NIS."
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+"Si <option>USERGROUPS_ENAB</option> vaut <emphasis remap=\"I\">yes</"
+"emphasis> (« oui ») dans <filename>/etc/login.defs</filename>, "
+"<command>userdel</command> supprimera le groupe ayant le même nom que "
+"l'utilisateur. Afin d'éviter des incohérences entre les fichiers passwd et "
+"group, <command>userdel</command> vérifiera que le groupe n'est pas utilisé "
+"comme groupe primaire d'un autre utilisateur ; si c'est le cas un "
+"avertissement sera affiché et le groupe ne sera pas supprimé. L'option "
+"<option>-f</option> permet d'imposer la suppression du groupe."
+
+#: userdel.8.xml:309(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr "useradd"
+
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+"créer un nouvel utilisateur ou modifier les informations par défaut "
+"appliquées aux nouveaux utilisateurs"
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr "-D"
+
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+"Quand elle est invoquée sans l'option <option>-D</option>, la commande "
+"<command>useradd</command> crée un nouveau compte utilisateur qui utilise "
+"les valeurs indiquées sur la ligne de commande et les valeurs par défaut du "
+"système. En fonction des options de la ligne de commande, la commande "
+"<command>useradd</command> fera la mise à jour des fichiers du système, elle "
+"pourra créer le répertoire personnel et copier les fichiers initiaux."
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+"Par défaut, un groupe sera également créé pour le nouvel utilisateur (voir "
+"<option>-g</option>, <option>-N</option>, <option>-U</option>, et "
+"<option>USERGROUPS_ENAB</option>)"
+
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>useradd</command> sont :"
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>RÉP_BASE</"
+"replaceable>"
+
+#: useradd.8.xml:133(para)
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+"Répertoire de base par défaut du système si l'option <option>-d</"
+"option>&nbsp;<replaceable>RÉP_PERSO</replaceable> n'est pas spécifiée. "
+"<replaceable>RÉP_BASE</replaceable> est concaténé avec le nom du compte pour "
+"définir le répertoire personnel. Quand l'option <option>-m</option> n'est "
+"pas utilisée, <replaceable>RÉP_BASE</replaceable> doit exister."
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+"Si cette option n'est pas précisée, <command>useradd</command> utilisera le "
+"répertoire de base précisé par la variable <option>HOME</option> dans "
+"<filename>/etc/default/useradd</filename> ou <filename>/home</filename> par "
+"défaut."
+
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr ""
+"Toute chaîne de texte. C'est généralement une description courte du compte, "
+"elle est actuellement utilisée comme champ pour le nom complet de "
+"l'utilisateur."
+
+#: useradd.8.xml:162(term)
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;"
+"<replaceable>RÉP_PERSO</replaceable>"
+
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+"Le nouvel utilisateur sera créé en utilisant <replaceable>RÉP_PERSO</"
+"replaceable> comme valeur de répertoire de connexion de l'utilisateur. Le "
+"comportement par défaut est de concaténer <replaceable>UTILISATEUR</"
+"replaceable> au répertoire <replaceable>RÉP_BASE</replaceable>, et de "
+"l'utiliser en tant que nom de répertoire de connexion. Il n'est pas "
+"nécessaire que le répertoire <replaceable>RÉP_PERSO</replaceable> existe "
+"mais il ne sera pas créé s'il n'existe pas."
+
+#: useradd.8.xml:178(term)
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr "<option>-D</option>, <option>--defaults</option>"
+
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr ""
+"Consultez ci-dessous la sous-section « Modifier les valeurs par défaut »."
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+"Si non précisé, <command>useradd</command> utilisera la date d'expiration "
+"par défaut précisée par la variable <option>EXPIRE</option> dans <filename>/"
+"etc/default/useradd</filename> ou une chaîne vide (pas d'expiration) par "
+"défaut."
+
+#: useradd.8.xml:209(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+"Nombre de jours suivant la fin de validité d'un mot de passe après lequel le "
+"compte est définitivement désactivé. Une valeur de 0 désactive le compte dès "
+"que le mot de passe a dépassé sa fin de validité, et une valeur de -1 "
+"désactive cette fonctionnalité."
+
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+"Si non précisé, <command>useradd</command> utilisera la période d'inactivité "
+"par défaut précisée par la variable <option>INACTIVE</option> dans "
+"<filename>/etc/default/useradd</filename>, ou -1 par défaut."
+
+#: useradd.8.xml:228(para)
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+"Nom du groupe ou identifiant numérique du groupe de connexion initial de "
+"l'utilisateur. Le nom du groupe doit exister. Un numéro de groupe doit se "
+"référer à un groupe déjà existant."
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+"Si non précisé, le comportement de <command>useradd</command> dépendra de la "
+"variable <option>USERGROUPS_ENAB</option> dans <filename>/etc/login.defs</"
+"filename>. Si cette variable est configurée à <replaceable>yes</replaceable> "
+"(ou si <option>-U/--user-group</option> est précisée sur la ligne de "
+"commandes), un groupe sera créé pour l'utilisateur, avec le même nom que son "
+"identifiant. Si la variable est configurée à <replaceable>no</replaceable> "
+"(ou si <option>-N/--no-user-group</option> est précisé sur la ligne de "
+"commandes), useradd configurera le groupe primaire du nouvel utilisateur à "
+"la valeur précisée par la variable <option>GROUP</option> dans <filename>/"
+"etc/default/useradd</filename>, ou 100 par défaut."
+
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+"Liste de groupes supplémentaires auxquels appartient également "
+"l'utilisateur. Chaque groupe est séparé du suivant par une virgule, sans "
+"espace entre eux. Les groupes sont soumis aux mêmes restrictions que celles "
+"de l'option <option>-g</option>. Le comportement par défaut pour "
+"l'utilisateur est de n'appartenir qu'au groupe initial."
+
+#: useradd.8.xml:272(term)
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-k</option>, <option>--skel</option>&nbsp;"
+"<replaceable>RÉP_SQUELETTE</replaceable>"
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+"Le répertoire squelette, qui contient les fichiers et répertoires qui seront "
+"copiés dans le répertoire personnel de l'utilisateur, quand le répertoire "
+"personnel est créé par <command>useradd</command>."
+
+#: useradd.8.xml:281(para)
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr ""
+"Cette option n'est valable que si l'option <option>-m</option> (ou <option>--"
+"create-home</option>) est utilisée."
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+"Si cette option n'est pas précisée, le répertoire squelette est défini par "
+"la variable <option>SKEL</option> dans <filename>/etc/default/useradd</"
+"filename> ou, par défaut, <filename>/etc/skel</filename>."
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr "Si possible, les ACL et les attributs étendus seront copiés."
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>CLÉ</"
+"replaceable>=<replaceable>VALEUR</replaceable>"
+
+#: useradd.8.xml:301(para)
+#, fuzzy
+#| msgid ""
+#| "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+#| "option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+#| "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+#| "<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+#| "replaceable>=<replaceable>-1</replaceable> can be used when creating "
+#| "system account to turn off password ageing, even though system account "
+#| "has no password at all. Multiple <option>-K</option> options can be "
+#| "specified, e.g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+#| "<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password aging, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Surcharge les valeurs par défaut de <filename>/etc/login.defs</filename> "
+"(<option>UID_MIN</option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> et autres). <placeholder-1/> Par exemple : "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> peut être utilisé pour la "
+"création de comptes système pour désactiver la gestion de la durée de "
+"validité des mots de passe, même si les comptes système n'ont pas de mot de "
+"passe. Plusieurs options <option>-K</option> peuvent être précisées, comme "
+"par exemple : <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable> <option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: useradd.8.xml:322(term)
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr "<option>-l</option>, <option>--no-log-init</option>"
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr "N'ajoute pas l'utilisateur aux bases de données lastlog et faillog."
+
+#: useradd.8.xml:327(para)
+#, fuzzy
+#| msgid ""
+#| "By default, the user's entries in the lastlog and faillog databases are "
+#| "resetted to avoid reusing the entry from a previously deleted user."
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+"Par défaut, les entrées de l'utilisateur dans les bases de données lastlog "
+"et faillog sont remises à zéro pour éviter de réutiliser les entrées d'un "
+"utilisateur précédemment supprimé."
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+"Créé le répertoire personnel de l'utilisateur s'il n'existe pas. Les "
+"fichiers et les répertoires contenus dans le répertoire squelette (qui peut "
+"être défini avec l'option <option>-k</option>) sera copié dans le répertoire "
+"personnel."
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+"Par défaut, si cette option n'est pas précisée et si <option>CREATE_HOME</"
+"option> n'est pas activée, aucun répertoire personnel ne sera créé."
+
+#: useradd.8.xml:353(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+"Ne crée pas le répertoire personnel de l'utilisateur, même si la "
+"configuration globale au système contenue dans <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>) est configurée à <replaceable>yes</"
+"replaceable>."
+
+#: useradd.8.xml:366(term)
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr "<option>-N</option>, <option>--no-user-group</option>"
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+"Ne crée pas de groupe avec le même nom que celui de l'utilisateur, mais "
+"ajoute l'utilisateur au groupe précisé par l'option <option>-g</option> ou "
+"par la variable <option>GROUP</option> dans <filename>/etc/default/useradd</"
+"filename>."
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"Le comportement par défaut (si les options <option>-g</option>, <option>-N</"
+"option>, et <option>-U</option> ne sont pas précisées) est défini par la "
+"variable <option>USERGROUPS_ENAB</option> dans <filename>/etc/login.defs</"
+"filename>."
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr ""
+"Permet de créer un compte d'utilisateur avec un identifiant (« UID ») "
+"dupliqué (non unique)."
+
+#: useradd.8.xml:390(para)
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr "Cette option n'est valable qu'avec l'option <option>-u</option>."
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+"Le mot de passe chiffré, comme renvoyé par "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>. Le comportement par défaut est de désactiver le mot de passe."
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr "<option>-r</option>, <option>--system</option>"
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr "Créer un compte système."
+
+#: useradd.8.xml:425(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Les utilisateurs système seront créés sans information d'expiration dans "
+"<filename>/etc/shadow</filename>, et leur identifiant numérique est choisi "
+"dans l'intervalle <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>, "
+"défini dans <filename>/etc/login.defs</filename>, au lieu de "
+"<option>UID_MIN</option>-<option>UID_MAX</option> (et leurs équivalents "
+"<option>GID</option> pour la création des groupes)."
+
+#: useradd.8.xml:434(para)
+#, fuzzy
+#| msgid ""
+#| "Note that <command>useradd</command> will not create a home directory for "
+#| "such an user, regardless of the default setting in <filename>/etc/login."
+#| "defs</filename> (<option>CREATE_HOME</option>). You have to specify the "
+#| "<option>-m</option> options if you want a home directory for a system "
+#| "account to be created."
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such a user, regardless of the default setting in <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-"
+"m</option> options if you want a home directory for a system account to be "
+"created."
+msgstr ""
+"Notez que <command>useradd</command> ne créera pas de répertoire personnel "
+"pour ces utilisateurs, indépendamment de la configuration par défaut dans "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>). Vous "
+"devez préciser l'option <option>-m</option> si vous voulez qu'un répertoire "
+"personnel soit créé pour un compte système."
+
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+"Le nom de l'interpréteur de commandes initial de l'utilisateur (« login "
+"shell »). Le comportement par défaut est de laisser ce champ vide. Le "
+"système sélectionnera alors l'interpréteur par défaut indiqué par la "
+"variable <option>SHELL</option> dans <filename>/etc/default/useradd</"
+"filename>, ou une chaîne vide par défaut."
+
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+"La valeur numérique de l'identifiant de l'utilisateur. Cette valeur doit "
+"être unique, sauf si l'option <option>-o</option> est utilisée. La valeur ne "
+"doit pas être négative. Le comportement par défaut est d'utiliser la plus "
+"petite valeur d'identifiant à la fois supérieure ou égale à <option>UID_MIN</"
+"option> et supérieure aux identifiants de tous les autres utilisateurs."
+
+#: useradd.8.xml:482(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr ""
+"Voir aussi aussi l'option <option>-r</option> et la description de "
+"<option>UID_MAX</option>."
+
+#: useradd.8.xml:489(term)
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr "<option>-U</option>, <option>--user-group</option>"
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr ""
+"Crée un groupe avec le même nom que celui de l'utilisateur, et ajoute "
+"l'utilisateur à ce groupe."
+
+#: useradd.8.xml:510(para)
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+"L'utilisateur SELinux utilisé pour la connexion de l'utilisateur. Le "
+"comportement par défaut est de laisser ce champ vide. Le système "
+"sélectionnera alors l'utilisateur SELinux par défaut."
+
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr "Modifier les valeurs par défaut"
+
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+"Quand il est invoqué avec seulement l'option <option>-D</option>, "
+"<command>useradd</command> affichera les valeurs actuelles par défaut. Quand "
+"il est invoqué avec l'option <option>-D</option> et d'autres options, "
+"<command>useradd</command> mettra à jour les valeurs par défaut des options "
+"précisées. Les options valables sont :"
+
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+"Préfixe du chemin des répertoires personnels pour les nouveaux utilisateurs. "
+"Le nom de l'utilisateur sera attaché à la fin de <replaceable>RÉP_PERSO</"
+"replaceable> pour créer le nom du nouveau répertoire personnel si l'option "
+"<option>-d</option> n'est pas utilisée pendant la création d'un nouveau "
+"compte."
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>HOME</option> dans <filename>/etc/"
+"default/useradd</filename>."
+
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr "Date à laquelle le compte utilisateur sera désactivé."
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>EXPIRE</option> dans <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr ""
+"Nombre de jours après la fin de validité d'un mot de passe avant que le "
+"compte ne soit désactivé."
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>INACTIVE</option> dans <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:579(para)
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+"Le nom ou l'identifiant du groupe pour le groupe principal d'un nouvel "
+"utilisateur (quand l'option <option>-N/--no-user-group</option> est utilisée "
+"ou quand la variable <option>USERGROUPS_ENAB</option> est configurée à "
+"<replaceable>no</replaceable> dans <filename>/etc/login.defs</filename>). Le "
+"nom du groupe doit exister, et un identifiant de groupe numérique doit avoir "
+"une entrée existante."
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>GROUP</option> dans <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr "Le nom de l'interpréteur de commandes du nouvel utilisateur."
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>SHELL</option> dans <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr "NOTES"
+
+#: useradd.8.xml:615(para)
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+"L'administrateur système doit se charger de placer les fichiers par défaut "
+"dans le répertoire <filename>/etc/skel</filename> (ou tout autre répertoire "
+"de modèles indiqué dans <filename>/etc/default/useradd</filename> ou sur la "
+"ligne de commande)."
+
+#: useradd.8.xml:624(para)
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Vous ne pouvez pas ajouter d'utilisateur à un groupe NIS ou LDAP. Cela doit "
+"être effectué sur le serveur correspondant."
+
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+"De la même façon, si le nom de l'utilisateur existe dans une base de données "
+"externe, telle que NIS ou LDAP, <command>useradd</command> refusera de créer "
+"le compte d'utilisateur."
+
+#: useradd.8.xml:635(para)
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Les noms d'utilisateur doivent commencer par une lettre minuscule ou un "
+"tiret bas (« underscore »), et seuls des lettres minuscules, des chiffres, "
+"des « underscore », ou des tirets peuvent suivre. Ils peuvent se terminer "
+"par un signe dollar. Soit, sous la forme d'une expression rationnelle : [a-"
+"z_][a-z0-9_-]*[$]?"
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr "Les noms d'utilisateur sont limités à 16 caractères."
+
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "<option>CREATE_HOME</option> (boolean)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr ""
+"Indiquer si un répertoire personnel doit être créé par défaut pour les "
+"nouveaux utilisateurs."
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr ""
+"Ce réglage ne s'applique pas pour les utilisateurs système, et peut être "
+"annulé sur la ligne de commande."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+msgid "<option>GID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (nombre)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+msgid "<option>GID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (nombre)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"Plage d'identifiants numériques de groupes que les commandes "
+"<command>useradd</command>, <command>groupadd</command> ou "
+"<command>newusers</command> peuvent utiliser pour la création des groupes "
+"normaux."
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"La valeur par défaut pour <option>GID_MIN</option> (respectivement "
+"<option>GID_MAX</option>) est 1000 (respectivement 60000)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr "<option>PASS_MAX_DAYS</option> (nombre)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+"Nombre maximum de jours de validité d'un mot de passe. Après cette durée, "
+"une modification du mot de passe est obligatoire. S'il n'est pas précisé, la "
+"valeur de -1 est utilisée (ce qui enlève toute restriction)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr "<option>PASS_MIN_DAYS</option> (nombre)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+"Nombre minimum de jours autorisé avant la modification d'un mot de passe. "
+"Toute tentative de modification du mot de passe avant cette durée est "
+"rejetée. S'il n'est pas précisé, la valeur de -1 est utilisée (ce qui enlève "
+"toute restriction)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr "<option>PASS_WARN_AGE</option> (nombre)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+"Nombre de jours durant lesquels l'utilisateur recevra un avertissement avant "
+"que son mot de passe n'arrive en fin de validité. Une valeur négative "
+"signifie qu'aucun avertissement n'est donné. S'il n'est pas précisé, aucun "
+"avertissement n'est donné."
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (nombre)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (nombre)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"Plage d'identifiants numériques de groupes que les commandes "
+"<command>useradd</command>, <command>groupadd</command> ou "
+"<command>newusers</command> peuvent utiliser pour la création de groupes "
+"système."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+"La valeur par défaut pour <option>SYS_GID_MIN</option> (respectivement "
+"<option>SYS_GID_MAX</option>) est 101 (respectivement <option>GID_MIN</"
+"option>-1)."
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (nombre)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (nombre)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+"Plage d'identifiants numériques d'utilisateurs que les commandes "
+"<command>useradd</command> ou <command>newusers</command> peuvent utiliser "
+"pour la création d'utilisateurs système."
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+"La valeur par défaut pour <option>SYS_UID_MIN</option> (respectivement "
+"<option>SYS_UID_MAX</option>) est 101 (respectivement <option>UID_MIN</"
+"option>-1)."
+
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr "<option>TCB_AUTH_GROUP</option> (booléen)"
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+"Si <replaceable>yes</replaceable>, le fichier shadow de tcb nouvellement "
+"créé appartiendra au groupe <replaceable>auth</replaceable>."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>UID_MAX</option> (number)"
+msgstr "<option>UID_MAX</option> (nombre)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>UID_MIN</option> (number)"
+msgstr "<option>UID_MIN</option> (nombre)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+"Plage d'identifiants numériques d'utilisateurs que les commandes "
+"<command>useradd</command> ou <command>newusers</command> peuvent utiliser "
+"pour la création d'utilisateurs normaux."
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"La valeur par défaut de <option>UID_MIN</option> (respectivement "
+"<option>UID_MAX</option>) est 1000 (respectivement 60000)."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+msgid "<option>UMASK</option> (number)"
+msgstr "<option>UMASK</option> (nombre)"
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr ""
+"Valeur d'initialisation du masque de permissions. S'il n'est pas précisé, le "
+"masque des permissions sera initialisé à 022."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+"<command>useradd</command> et <command>newusers</command> utilisent ce "
+"masque pour définir les permissions d'accès des répertoires personnels "
+"qu'ils créent."
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Il est également utilisé par <command>login</command> pour définir l'umask "
+"initial de l'utilisateur. Veuillez noter que cet umask peut être redéfini "
+"par les GECOS de l'utilisateur (si <option>QUOTAS_ENAB</option> est activé) "
+"ou en précisant une limite avec l'identifiant <emphasis>K</emphasis> dans "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+"Il est également utilisé par <command>pam_umask</command> en tant que valeur "
+"d'umask par défaut."
+
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr "Valeurs par défaut pour la création de comptes."
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr "Répertoire contenant les fichiers par défaut."
+
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "paramètre non valable pour l'option"
+
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "UID déjà utilisé (et pas d'option <option>-o</option>)"
+
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr "le groupe spécifié n'existe pas"
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr "nom d'utilisateur déjà utilisé"
+
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr "impossible de créer le répertoire personnel"
+
+#: useradd.8.xml:794(replaceable)
+#, fuzzy
+#| msgid "1"
+msgid "14"
+msgstr "1"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr ""
+
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>useradd</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: useradd.8.xml:805(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr ""
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr "suauth"
+
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr "Formats et conversions de fichiers"
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr "Fichier de contrôle détaillé de su"
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+"Le fichier <filename>/etc/suauth</filename> est lu chaque fois que su est "
+"exécuté. Il permet de modifier le comportement de la commande su, en "
+"fonction de :"
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, fuzzy, no-wrap
+#| msgid ""
+#| "\n"
+#| "      1) the user su is targetting\n"
+#| "    "
+msgid ""
+"\n"
+"      1) the user su is targeting\n"
+"    "
+msgstr ""
+"\n"
+"      1) l'utilisateur cible de su\n"
+"    "
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+"2) l'utilisateur qui exécute la commande su (ou un groupe dont il est membre)"
+
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr ""
+"Le fichier est formaté de la façon suivante (les lignes commençant par un "
+"« # » sont des commentaires, et sont ignorées) :"
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      to-id:from-id:ACTION\n"
+"    "
+msgstr ""
+"\n"
+"      vers-id:par-id:ACTION\n"
+"    "
+
+#: suauth.5.xml:101(para)
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+"Où vers-id peut être le mot <emphasis>ALL</emphasis>, une liste de noms "
+"d'utilisateurs séparés par une virgule ou <emphasis>ALL EXCEPT</emphasis> "
+"suivi d'une liste d'utilisateurs séparés par une virgule."
+
+#: suauth.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "from-id is formatted the same as to-id except the extra word "
+#| "<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</"
+#| "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+#| "appears one or more group names, delimited by \",\". It is not sufficient "
+#| "to have primary group id of the relevant group, an entry in "
+#| "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry> is neccessary."
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is necessary."
+msgstr ""
+"par-id utilise le même format que vers-id, mais accepte également le mot-clé "
+"<emphasis>GROUP</emphasis>. <emphasis>ALL EXCEPT GROUP</emphasis> est "
+"également accepté. <emphasis>GROUP</emphasis> est suivi d'un ou plusieurs "
+"noms de groupes, séparés par une virgule. Il n'est pas suffisant d'avoir "
+"comme groupe primaire le groupe approprié : une entrée dans "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> est nécessaire."
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr "Les valeurs d'ACTION valables sont :"
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr "DENY"
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr ""
+"La tentative de changement d'utilisateur est arrêtée avant que le mot de "
+"passe ne soit demandé."
+
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr "NOPASS"
+
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr ""
+"La tentative est automatiquement réussie. Aucun mot de passe n'est demandé."
+
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr "OWNPASS"
+
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr ""
+"Pour que la commande su soit réussie, l'utilisateur doit entrer son propre "
+"mot de passe. Ceci lui est demandé."
+
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+"Notez qu'il y a trois champs séparés par un « deux-points ». Ne pas accoler "
+"d'espace à ce « deux-points ». Notez aussi que le fichier est examiné "
+"séquentiellement ligne par ligne, et que la première règle applicable est "
+"utilisée sans que le reste du fichier ne soit examiné. Ceci permet à "
+"l'administrateur système de définir un contrôle aussi fin qu'il le souhaite."
+
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr "EXEMPLE"
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      # sample /etc/suauth file\n"
+"      #\n"
+"      # A couple of privileged usernames may\n"
+"      # su to root with their own password.\n"
+"      #\n"
+"      root:chris,birddog:OWNPASS\n"
+"      #\n"
+"      # Anyone else may not su to root unless in\n"
+"      # group wheel. This is how BSD does things.\n"
+"      #\n"
+"      root:ALL EXCEPT GROUP wheel:DENY\n"
+"      #\n"
+"      # Perhaps terry and birddog are accounts\n"
+"      # owned by the same person.\n"
+"      # Access can be arranged between them\n"
+"      # with no password.\n"
+"      #\n"
+"      terry:birddog:NOPASS\n"
+"      birddog:terry:NOPASS\n"
+"      #\n"
+"    "
+msgstr ""
+"\n"
+"      # exemple de fichier /etc/suauth\n"
+"      #\n"
+"      # Deux utilisateurs privilégiés peuvent\n"
+"      # devenir root avec leur propre mot de passe.\n"
+"      #\n"
+"      root:chris,birddog:OWNPASS\n"
+"      #\n"
+"      # Les autres ne peuvent pas de venir root avec\n"
+"      # su, à l'exception des membres du groupe wheel.\n"
+"      # Ceci correspond au comportement des BSD.\n"
+"      #\n"
+"      root:ALL EXCEPT GROUP wheel:DENY\n"
+"      #\n"
+"      # terry et birddog sont des comptes possédés\n"
+"      # par la même personne.\n"
+"      # Un accès sans mot passe est aménagé\n"
+"      # entre ces deux comptes.\n"
+"      #\n"
+"      terry:birddog:NOPASS\n"
+"      birddog:terry:NOPASS\n"
+"      #\n"
+"    "
+
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr "BOGUES"
+
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+"Il en reste sans doute beaucoup. L'analyseur du fichier est particulièrement "
+"impitoyable avec les erreurs de syntaxe. Il n'autorise d'espace qu'en début "
+"et fin de ligne, et seul le délimiteur spécifique doit être utilisé."
+
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr "DIAGNOSTICS"
+
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+"Une erreur dans l'analyse du fichier est reportée via "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> au niveau ERR dans la catégorie AUTH."
+
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib)
+#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr ""
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr "su"
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr "Commandes utilisateur"
+
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr "Changer d'identifiant d'utilisateur ou devenir superutilisateur"
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr "nom_utilisateur"
+
+#: su.1.xml:100(para)
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+"La commande <command>su</command> permet de devenir un autre utilisateur "
+"pour la durée d'une session. Invoqué sans nom d'<option>utilisateur</"
+"option>, le comportement par défaut de <command>su</command>est de devenir "
+"superutilisateur. Le paramètre optionnel <option>-</option> permet d'obtenir "
+"un environnement similaire à celui que l'utilisateur aurait obtenu lors "
+"d'une connexion directe."
+
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+"Des paramètres supplémentaires peuvent être fournis après le nom de "
+"l'utilisateur. Dans ce cas, ils sont donnés à l'interpréteur de commandes de "
+"connexion de l'utilisateur. En particulier, le paramètre « <option>-c</"
+"option> » considère que le paramètre suivant est une commande pour la "
+"plupart des interpréteurs de commandes. La commande sera exécutée par "
+"l'interpréteur indiqué dans <filename>/etc/passwd</filename> pour "
+"l'utilisateur cible."
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+"Vous pouvez utiliser le paramètre <option>--</option> pour séparer les "
+"options de <command>su</command> des paramètres fournis par l'interpréteur "
+"de commandes."
+
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+"Un mot de passe sera demandé à l'utilisateur, si nécessaire. Les mots de "
+"passe incorrects produisent un message d'erreur. Toutes les tentatives, "
+"réussies ou non, sont enregistrées afin de détecter tout abus du système."
+
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"L'environnement actuel est fourni au nouvel interpréteur de commandes. La "
+"valeur de <envar>$PATH</envar> est réinitialisée à <filename>/bin:/usr/bin</"
+"filename> pour les utilisateurs normaux, ou à <emphasis>/sbin:/bin:/usr/"
+"sbin:/usr/bin</emphasis> pour le superutilisateur. Ce comportement peut être "
+"modifié avec les paramètres <emphasis>ENV_PATH</emphasis> et "
+"<emphasis>ENV_SUPATH</emphasis> dans <filename>/etc/login.defs</filename>. "
+
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+"Une connexion à un sous-système est indiquée par la présence d'un « * » "
+"comme premier caractère de l'interpréteur de commandes initial. Le "
+"répertoire personnel sera utilisé comme racine d'un nouveau système de "
+"fichiers dans lequel l'utilisateur sera connecté."
+
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr "Les options applicables à la commande <command>su</command> sont :"
+
+#: su.1.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMANDE</"
+"replaceable>"
+
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr ""
+"Indiquer une commande qui sera invoquée par l'interpréteur de commandes en "
+"utilisant son option <option>-c</option>"
+
+#: su.1.xml:158(para)
+#, fuzzy
+#| msgid ""
+#| "The executed command will have no controlling terminal. This option "
+#| "cannot be used to execute interractive programs which need a controlling "
+#| "TTY."
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+"La commande exécutée n'aura aucun terminal de contrôle. Cette option ne peut "
+"pas être utilisée pour exécuter des programmes interactifs qui ont besoin "
+"d'un terminal de contrôle."
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr ""
+"Fournir à l'utilisateur un environnement similaire à celui qu'il aurait "
+"obtenu s'il s'était connecté directement."
+
+#: su.1.xml:176(para)
+#, fuzzy
+#| msgid ""
+#| "When <option>-</option> is used, it must be specified as the last "
+#| "<command>su</command> option. The other forms (<option>-l</option> and "
+#| "<option>--login</option>) do not have this restriction."
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+"Lorsque <option>-</option> est utilisé, il doit être indiqué comme dernier "
+"paramètre de <command>su</command>. Les autres formes (<option>-l</option> "
+"et <option>--login</option>) ne présentent pas cette restriction."
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr "Interpréteur de commande devant être appelé."
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr "Interpréteur de commande indiqué par --shell."
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+"Si <option>--preserve-environment</option> est utilisé, l'interpréteur de "
+"commandes indiqué par la variable d'environnement <envar>$SHELL</envar> sera "
+"utilisé."
+
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr ""
+"Interpréteur de commandes indiqué dans <filename>/etc/passwd</filename> pour "
+"l'utilisateur cible."
+
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr ""
+"<filename>/bin/sh</filename> si aucun interpréteur de commandes ne peut être "
+"trouvé par l'une des méthodes ci-dessus."
+
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+"L'interpréteur de commandes à appeler est choisi parmi (le choix de plus "
+"haute priorité en tête) : <placeholder-1/>"
+
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+"Si l'utilisateur cible possède un interpréteur de commande restreint (par "
+"exemple, le champ de l'interpréteur de commande dans <filename>/etc/passwd</"
+"filename> n'est pas renseigné dans <filename>/etc/shells</filename>), alors, "
+"ni l'option <option>--shell</option> ni la variable d'environnement <envar>"
+"$SHELL</envar> ne seront prises en compte à moins que <command>su</command> "
+"ne soit appelé par le superutilisateur."
+
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr "$PATH"
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+"réinitialise suivant les options <option>ENV_PATH</option> ou "
+"<option>ENV_SUPATH</option> dans <filename>/etc/login.defs</filename> (voir "
+"ci-dessous) :"
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr "$IFS"
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+"réinitialise à <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, s'il "
+"a été défini."
+
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr "Préserver l'environnement actuel, sauf pour : <placeholder-1/>"
+
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+"Si l'utilisateur cible possède un interpréteur de commandes restreint, cette "
+"option n'a aucun effet (à moins que <command>su</command> ne soit appelé par "
+"le superutilisateur)."
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+"Les variables d'environnement <envar>$HOME</envar>, <envar>$SHELL</envar>, "
+"<envar>$USER</envar>, <envar>$LOGNAME</envar>, <envar>$PATH</envar> et "
+"<envar>$IFS</envar> sont réinitialisées."
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr ""
+"Si <option>--login</option> n'est pas utilisée, l'environnement est copié "
+"sauf pour les variables ci-dessus."
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+"Si <option>--login</option> est utilisée, les variables d'environnement "
+"<envar>$TERM</envar>, <envar>$COLORTERM</envar>, <envar>$DISPLAY</envar> et "
+"<envar>$XAUTHORITY</envar> sont copiées si elles ont été définies."
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+"Si <option>--login</option> est utilisée, les variables d'environnement "
+"<envar>$TZ</envar>, <envar>$HZ</envar> et <envar>$MAIL</envar> sont "
+"configurées en accord avec les options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option> et <option>MAIL_FILE</"
+"option> de <filename>/etc/login.defs</filename> (voir ci-dessous)."
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+"Si <option>--login</option> est utilisée, les autres variables "
+"d'environnement peuvent être configurées par le fichier "
+"<option>ENVIRON_FILE</option> (voir ci-dessous)."
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr "D'autres environnements peuvent être configurés par des modules PAM."
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr ""
+"Notez que le comportement par défaut pour l'environnement est le suivant : "
+"<placeholder-1/>"
+
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Cette version de <command>su</command> a de nombreuses options de "
+"compilation. Seules certaines d'entre elles peuvent avoir été activées sur "
+"votre site."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE</option> (string)"
+msgstr "<option>CONSOLE</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+"Si définie, soit un chemin complet du fichier contenant les noms de "
+"périphériques (un par ligne), soit une liste de noms du périphérique "
+"délimitée par des « : ». Les connexions d'un administrateur ne seront "
+"autorisées que depuis ces périphériques."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr ""
+"S'il n'est pas défini, root pourra se connecter depuis n'importe quel "
+"périphérique."
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr "Le périphérique doit être précisé sans le préfixe /dev/."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr "<option>CONSOLE_GROUPS</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+"Une liste de groupes à rajouter aux groupes supplémentaires de l'utilisateur "
+"lors d'une connexion sur une console (déterminé par le paramètre CONSOLE). "
+"Par défaut, aucun groupe n'est ajouté. <placeholder-1/> À utiliser avec "
+"précaution : il est possible que les utilisateurs aient un accès permanent à "
+"ces groupes, et cela même s'ils ne sont pas connectés sur la console."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr "<option>DEFAULT_HOME</option> (booléen)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr ""
+"Indiquer si la connexion est permise si on ne peut pas accéder au répertoire "
+"personnel. Le réglage par défaut est « no »."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+"Si elle est configurée à <replaceable>yes</replaceable>, l'utilisateur va se "
+"connecter dans le répertoire racine (<filename>/</filename>) s'il n'est pas "
+"possible d'accéder à son répertoire personnel."
+
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "<option>ENV_HZ</option> (chaîne de caractères)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+"Si définie, sera utilisée pour définir la variable d'environnement HZ "
+"lorsqu'un utilisateur se connecte. La valeur doit être précédée par "
+"<replaceable>HZ=</replaceable>. Une valeur commune sur Linux est "
+"<replaceable>HZ=100</replaceable>."
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+"La variable d'environnement <envar>HZ</envar> est uniquement définie quand "
+"l'utilisateur (le super-utilisateur) se connecte avec <command>sulogin</"
+"command>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr "<option>ENVIRON_FILE</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+"Si ce fichier existe et est lisible, l'environnement de connexion sera lu à  "
+"partir de lui. Chaque ligne doit être sous la forme nom=valeur."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr ""
+"Les lignes commençant par un « # » sont considérées comme des commentaires, "
+"et sont ignorées."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_PATH</option> (string)"
+msgstr "<option>ENV_PATH</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+"Si définie, sera utilisée pour définir la variable d'environnement PATH "
+"quand un utilisateur ordinaire se connecte. La valeur est une liste de "
+"chemins séparés par des deux points (par exemple <replaceable>/bin:/usr/bin</"
+"replaceable>) et peut être précédée par <replaceable>PATH=</replaceable>. La "
+"valeur par défaut est <replaceable>PATH=/bin:/usr/bin</replaceable>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr "<option>ENV_SUPATH</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+"Si définie, sera utilisée pour définir la variable d'environnement PATH "
+"quand le super-utilisateur se connecte. La valeur est une liste de chemins "
+"séparés par deux points (par exemple <replaceable>/sbin:/bin:/usr/sbin:/usr/"
+"bin</replaceable>) et peut être précédée par <replaceable>PATH=</"
+"replaceable>. La valeur par défaut est <replaceable>PATH=/sbin:/bin:/usr/"
+"sbin:/usr/bin</replaceable>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_TZ</option> (string)"
+msgstr "<option>ENV_TZ</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+"Si définie, sera utilisée pour définir la variable d'environnement TZ quand "
+"un utilisateur se connecte. La valeur peut être le nom d'un fuseau horaire "
+"précédé par <replaceable>TZ=</replaceable> (par exemple "
+"<replaceable>TZ=CST6CDT</replaceable>), ou le chemin complet vers le fichier "
+"contenant la spécification du fuseau horaire (par exemple <filename>/etc/"
+"tzname</filename>)."
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+"Si un chemin complet est spécifié mais que le fichier n'existe pas ou ne "
+"peut pas être lu, la valeur par défaut utilisée est <replaceable>TZ=CST6CDT</"
+"replaceable>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr "<option>LOGIN_STRING</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+"La chaîne de caractères utilisée pour l'invite de mot de passe. La valeur "
+"par défaut est d'utiliser \"Password: \" (« mot de passe : »), ou une "
+"traduction de cette chaîne. Si vous définissez cette variable, l'invite ne "
+"sera pas traduite."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr ""
+"Si la chaîne contient <replaceable>%s</replaceable>, ces caractères seront "
+"remplacés par le nom de l'utilisateur."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr "<option>MAIL_CHECK_ENAB</option> (booléen)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr ""
+"Activer le contrôle et l'affichage du statut de la boîte aux lettres durant "
+"la connexion."
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+"Vous devriez le désactiver si les fichiers de démarrage de l'interpréteur de "
+"commandes vérifient déjà la présence de courriers (« mail -e » ou "
+"équivalent)."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr "<option>QUOTAS_ENAB</option> (booléen)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+"Activer la mise en place de limites de resources depuis <filename>/etc/"
+"limits</filename> et ulimit, umask et niveau nice depuis les champs gecos de "
+"passwd."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr "<option>SULOG_FILE</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr "Si définie, les activités de su seront enregistrées dans le fichier."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SU_NAME</option> (string)"
+msgstr "<option>SU_NAME</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+"Si définie, le nom de la commande à afficher lorsque « su - » est exécutée. "
+"Par exemple, si elle est définie à « su » alors un « ps » affichera la "
+"commande comme « -su ». Si non définie, alors « ps » affichera le nom du "
+"shell qui sera en fait exécuté, par exemple quelque chose comme « -sh »."
+
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr "<option>SU_WHEEL_ONLY</option> (booléen)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+"Si <replaceable>yes</replaceable>, l'utilisateur doit faire partie des "
+"membres du groupe avec le premier gid 0 dans <filename>/etc/group</filename> "
+"(appelé <replaceable>root</replaceable> sur la plupart des systèmes Linux) "
+"pour être capable de <command>su</command> vers des comptes à uid 0. Si ce "
+"groupe n'existe pas ou est vide, personne ne pourra <command>su</command> "
+"vers un uid 0."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SU_ENAB</option> (booléen)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr ""
+"Activer la journalisation « syslog » de l'activité de <command>su</command> "
+"- en plus de la journalisation sulog."
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr ""
+"En cas de succès, <command>su</command> renvoie la valeur de sortie de la "
+"commande qu'il a exécutée."
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr ""
+"Si cette commande s'est terminée par un signal, <command>su</command> y "
+"ajoute 128 et renvoie le résultat."
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+"Si <command>su</command> doit tuer la commande (parce qu'il a été demandé de "
+"terminer et que la commande ne s'est pas terminée à temps), <command>su</"
+"command> renvoie 255."
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr "succès (<option>--help</option> uniquement)"
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr "Échec système ou d'authentification"
+
+#: su.1.xml:422(replaceable)
+msgid "126"
+msgstr "126"
+
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr "La commande demandée n'a pas été trouvée."
+
+#: su.1.xml:428(replaceable)
+msgid "127"
+msgstr "127"
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr "La commande demandée n'a pas pu être exécutée."
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr ""
+"Certaines valeurs de retour de <command>su</command> sont indépendantes de "
+"la commande exécutée : <placeholder-1/>"
+
+#: su.1.xml:439(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr "sg"
+
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr "exécuter une commande avec un autre identifiant de groupe"
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr "-"
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr "-c"
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr "groupe <placeholder-1/> commande"
+
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+"La commande <command>sg</command> fonctionne de la même manière que "
+"<command>newgrp</command>, mais prend une commande comme paramètre. Cette "
+"commande sera exécutée avec un interpréteur de commandes <filename>/bin/sh</"
+"filename>. Avec la plupart des interpréteurs de commandes permettant "
+"d'exécuter <command>sg</command>, si la commande comporte plusieurs mots, il "
+"faut la placer entre des guillemets (« \" »). Une autre différence entre "
+"<command>newgrp</command> et <command>sg</command> est que certains "
+"interpréteurs de commandes traitent <command>newgrp</command> de façon "
+"particulière, en se remplaçant eux-mêmes par une nouvelle instance d'un "
+"interpréteur que <command>newgrp</command> crée. Ceci n'est pas le cas de "
+"<command>sg</command>, ce qui permet de retrouver le groupe précédent à la "
+"sortie de <command>sg</command>."
+
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SG_ENAB</option> (booléen)"
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr ""
+"Activer la journalisation « syslog » de l'activité de <command>sg</command>."
+
+#: sg.1.xml:141(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr "shadow"
+
+#: shadow.5.xml:65(refpurpose)
+msgid "shadowed password file"
+msgstr "fichier des mots de passe cachés"
+
+#: shadow.5.xml:70(para)
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+"<filename>shadow</filename> est un fichier qui contient les informations "
+"cachées concernant les mots de passe des utilisateurs et leurs dates de "
+"validité."
+
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr ""
+"Ce fichier ne doit pas être accessible en lecture par les utilisateurs "
+"normaux afin de maintenir la sécurité des mots de passe, en particuliers "
+"pour prévenir les attaques par dictionnaires."
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+"Chaque ligne de ce fichier contient 9 champs, séparés par des deux-points "
+"(<quote>:</quote>), dans l'ordre suivant :"
+
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr "nom de connexion de l'utilisateur (« login »)"
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr "Ce doit être un nom de compte valable, qui existe sur le système."
+
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr "mot de passe chiffré"
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+"Consultez <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> pour plus d'informations sur le traitement de "
+"cette chaîne."
+
+#: shadow.5.xml:103(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+"Si le champ du mot de passe contient une chaîne qui ne peut pas être un "
+"résultat valable de <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, par exemple si elle "
+"contient les caractères ! ou *, alors l'utilisateur ne pourra pas utiliser "
+"son mot de passe UNIX pour se connecter (mais il se peut que l'utilisateur "
+"puisse se connecter au système par d'autres moyens)."
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+"Ce champ peut être vide. Dans ce cas aucun mot de passe n'est nécessaire "
+"pour s'authentifier avec l'identifiant de connexion indiqué. Cependant, "
+"certaines applications qui lisent le fichier <filename>/etc/shadow</"
+"filename> peuvent n'autoriser aucun accès si le mot de passe est vide."
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "A password field which starts with a exclamation mark means that the "
+#| "password is locked. The remaining characters on the line represent the "
+#| "password field before the password was locked."
+msgid ""
+"A password field which starts with an exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+"Un champ de mot de passe qui commence avec un point d'exclamation indique "
+"que le mot de passe est bloqué. Les caractères restants sur la ligne "
+"représentent le champ de mot de passe avant que le mot de passe n'ait été "
+"bloqué."
+
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr "date du dernier changement de mot de passe"
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"La date du dernier changement de mot de passe, exprimée en nombre de jours "
+"depuis le 1er janvier 1970."
+
+#: shadow.5.xml:134(para)
+#, fuzzy
+#| msgid ""
+#| "The value 0 has a special meaning, which is that the user should change "
+#| "her pasword the next time she will log in the system."
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"password the next time she will log in the system."
+msgstr ""
+"La valeur 0 a une signification particulière : l'utilisateur devra changer "
+"son mot de passe la prochaine fois qu'il se connectera au système."
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr ""
+"Un champ vide indique que les fonctionnalités de vieillissement de mot de "
+"passe sont désactivées."
+
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr "âge minimum du mot de passe"
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+"L'âge minimum du mot de passe est la durée (en jour) que l'utilisateur devra "
+"attendre avant de pouvoir le changer de nouveau."
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr ""
+"Un champ vide ou une valeur de 0 signifie qu'il n'y a pas d'âge minimum pour "
+"le mot de passe."
+
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr "âge maximum du mot de passe"
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr ""
+"L'âge maximum du mot de passe est la durée (en jour) après laquelle "
+"l'utilisateur devra changer son mot de passe."
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr ""
+"Une fois cette durée écoulée, le mot de passe restera valable. Il sera "
+"demandé à l'utilisateur de le changer la prochaine fois qu'il se connectera."
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+"Un champ vide signifie qu'il n'y a pour le mot de passe aucune limite d'âge, "
+"aucune période d'avertissement d'expiration et aucune période d'inactivité "
+"(voir ci-dessous)."
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr ""
+"Si l'âge maximum du mot de passe est plus petit que l'âge minimum du mot de "
+"passe, l'utilisateur ne pourra pas changer son mot de passe."
+
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr "période d'avertissement d'expiration du mot de passe"
+
+#: shadow.5.xml:187(para)
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr ""
+"La durée (en jour) pendant laquelle l'utilisateur sera averti avant que le "
+"mot de passe n'expire (voir l'âge maximum du mot de passe ci-dessus)."
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr ""
+"Un champ vide ou une valeur de 0 signifie qu'il n'y aura pas de période "
+"d'avertissement d'expiration du mot de passe."
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr "période d'inactivité du mot de passe"
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+"La durée (en jour) pendant laquelle le mot de passe sera quand même accepté "
+"après son expiration (voir l'âge maximum du mot de passe ci-dessus). "
+"L'utilisateur devra mettre à jour son mot de passe à la prochaine connexion."
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+"Après expiration du mot de passe suivie de la période d'expiration, plus "
+"aucune connexion n'est possible en utilisant le mot de passe de "
+"l'utilisateur. L'utilisateur doit contacter son administrateur."
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr "Un champ vide signifie qu'aucune période d'inactivité n'est imposée."
+
+#: shadow.5.xml:222(emphasis)
+msgid "account expiration date"
+msgstr "date de fin de validité du compte"
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"La date d'expiration du compte, exprimé en nombre de jours depuis le "
+"1er janvier 1970."
+
+#: shadow.5.xml:229(para)
+#, fuzzy
+#| msgid ""
+#| "Note that an account expiration differs from a password expiration. In "
+#| "case of an acount expiration, the user shall not be allowed to login. In "
+#| "case of a password expiration, the user is not allowed to login using her "
+#| "password."
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an account expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+"Veuillez noter que l'expiration d'un compte diffère de l'expiration d'un mot "
+"de passe. En cas d'expiration d'un compte, l'utilisateur ne sera plus "
+"autorisé à se connecter. En cas d'expiration d'un mot de passe, "
+"l'utilisateur n'est pas autorisé à se connecter en utilisant son mot de "
+"passe."
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr "Un champ vide signifie que le compte n'expirera jamais."
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+"La valeur 0 ne doit pas être utilisée puisqu'elle peut être interprétée soit "
+"comme un compte sans expiration, soit comme ayant expiré le 1er janvier 1970."
+
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr "champ réservé"
+
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr "Ce champ est réservé pour une utilisation future."
+
+#: shadow.5.xml:270(filename)
+msgid "/etc/shadow-"
+msgstr "/etc/shadow-"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr "Fichier de sauvegarde pour /etc/shadow."
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+"Notez que ce fichier est utilisé par les outils de la suite d'outils shadow, "
+"mais pas par tous les outils de gestion d'utilisateurs et de mot de passes."
+
+#: shadow.5.xml:284(para)
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr "Appels de bibliothèque"
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr "getspnam"
+
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr "routines d'utilisation des mots de passe cachés"
+
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "SYNTAX"
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr "#include &lt;shadow.h&gt;"
+
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr "struct spwd *getspent();"
+
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr "struct spwd *getspnam(char"
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr "*nom"
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ");"
+
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr "void setspent();"
+
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr "void endspent();"
+
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr "struct spwd *fgetspent(FILE"
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr "*fp"
+
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr "struct spwd *sgetspent(char"
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr "*cp"
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr "int putspent(struct spwd"
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr "*p,"
+
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr "FICHIER"
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr "int lckpwdf();"
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr "int ulckpwdf();"
+
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+"<emphasis remap=\"I\">shadow</emphasis> manipule le contenu du fichier des "
+"mots de passe cachés, <filename>/etc/shadow</filename>. La structure définie "
+"dans le fichier inclus est :"
+
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid ""
+"struct spwd {\n"
+"      char\t\t*sp_namp; /* user login name */\n"
+"      char\t\t*sp_pwdp; /* encrypted password */\n"
+"      long int\t\tsp_lstchg; /* last password change */\n"
+"      long int\t\tsp_min; /* days until change allowed. */\n"
+"      long int\t\tsp_max; /* days before change required */\n"
+"      long int\t\tsp_warn; /* days warning for expiration */\n"
+"      long int\t\tsp_inact; /* days before account inactive */\n"
+"      long int\t\tsp_expire; /* date when account expires */\n"
+"      unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+"    "
+msgstr ""
+"struct spwd {\n"
+"      char\t\t*sp_namp; /* nom de connexion de l'utilisateur */\n"
+"      char\t\t*sp_pwdp; /* mot de passe chiffré */\n"
+"      long int\t\tsp_lstchg; /* dernier changement de mot de passe */\n"
+"      long int\t\tsp_min; /* jours avant de pouvoir changer de mot de passe */\n"
+"      long int\t\tsp_max; /* jours avant l'obligation de changer de mot de passe */\n"
+"      long int\t\tsp_warn; /* jours d'avertissement avant la fin de validité */\n"
+"      long int\t\tsp_inact; /* jours avant que le compte soit inactif */\n"
+"      long int\t\tsp_expire; /* date de fin de validité du compte */\n"
+"      unsigned long int\tsp_flag; /* réservé pour une utilisation future */\n"
+"}\n"
+"    "
+
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr "La signification de chaque champ est la suivante :"
+
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr ""
+"sp_namp - pointeur vers le nom d'utilisateur terminé par un zéro binaire "
+"(« null-terminated »)"
+
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr ""
+"sp_pwdp - pointeur vers le mot de passe terminé par un zéro binaire (« null-"
+"terminated »)"
+
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+"sp_lstchg - nombre de jours, comptés à partir du 1er janvier 1970, depuis la "
+"dernière modification du mot de passe"
+
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr ""
+"sp_min - nombre de jours pendant lesquels le mot de passe ne peut pas être "
+"changé"
+
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr ""
+"sp_max - nombre maximal de jours avant que le mot de passe doive être changé"
+
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+"sp_warn - nombre de jours avant que le mot de passe n'arrive en fin de "
+"validité pendant lesquels l'utilisateur est averti de la fin prochaine de la "
+"validité de son mot de passe"
+
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+"sp_inact - nombre de jours après la fin de validité du mot de passe avant de "
+"considérer que le compte est inactif et soit désactivé"
+
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+"sp_expire - nombre de jours, comptés à partir du 1er janvier 1970, après "
+"lesquels le compte sera désactivé"
+
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr "sp_flag - réservé pour une utilisation future"
+
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+"<emphasis>Getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, et <emphasis>sgetspent</emphasis> renvoient "
+"tous un pointeur vers une structure <emphasis>struct spwd</emphasis>. "
+"<emphasis>Getspent</emphasis> renvoie l'entrée suivante du fichier, et "
+"<emphasis>fgetspent</emphasis> renvoie l'entrée suivante du flux qui est "
+"considéré comme étant un fichier au format correct. <emphasis>Sgetspent</"
+"emphasis> renvoie un pointeur vers une structure <emphasis>struct spwd</"
+"emphasis> en utilisant la chaîne de caractère fournie en entrée. "
+"<emphasis>Getspnam</emphasis> cherche à partir de la position courante une "
+"entrée correspondant à <emphasis>nom</emphasis> dans le fichier fourni en "
+"entrée."
+
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+"<emphasis>Setspent</emphasis> et <emphasis>endspent</emphasis> peuvent être "
+"utilisés pour débuter et terminer l'accès au fichier de mots de passe cachés."
+
+# TBD: vérifier tous les remap
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+"Les fonctions <emphasis>lckpwdf</emphasis> et <emphasis>ulckpwdf</emphasis> "
+"doivent être utilisées pour garantir un accès exclusif au fichier <filename>/"
+"etc/shadow</filename>. <emphasis>Lckpwdf</emphasis> essaie de placer un "
+"verrou avec <emphasis>pw_lock</emphasis> pendant 15 secondes. Il essaie "
+"ensuite de placer un second verrou en utilisant <emphasis>spw_lock</"
+"emphasis> pendant le reste de ces 15 secondes. Si un de ces verrous ne peut "
+"être placé, <emphasis>lckpwdf</emphasis> renvoie -1. Quand les deux verrous "
+"peuvent être placés, la valeur 0 est renvoyée."
+
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+"Les fonctions renvoient NULL si plus aucune entrée n'est disponible ou si "
+"une erreur est survenue lors du traitement. Les fonctions dont la valeur de "
+"retour est un <emphasis>int</emphasis> renvoient 0 en cas de succès et -1 en "
+"cas d'échec."
+
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr ""
+"Ces fonctions peuvent n'être utilisées que par le superutilisateur car "
+"l'accès au fichier de mots de passe cachés est restreint."
+
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr "pwconv"
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr "pwunconv"
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr "grpconv"
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr "grpunconv"
+
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr ""
+"Convertir vers ou depuis les fichiers de mots de passe ou de groupe cachés"
+
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+"La commande <command>pwconv</command> crée le fichier <emphasis remap=\"I"
+"\">shadow</emphasis> à partir du fichier <emphasis remap=\"I\">passwd</"
+"emphasis> et d'un éventuel fichier <emphasis remap=\"I\">shadow</emphasis>."
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+"<command>pwconv</command> ne fonctionne pas avec <option>USE_TCB</option> "
+"activée. Pour convertir les mots de passe vers tcb, vous devez d'abord "
+"utiliser <command>pwconv</command> pour les convertir vers les mots de passe "
+"cachés en désactivant <option>USE_TCB</option> dans <filename>login.defs</"
+"filename> puis les convertir en mots de passe tcb avec <command>tcb_convert</"
+"command> (et en réactivant <option>USE_TCB</option> dans <filename>login."
+"defs</filename>)."
+
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+"La commande <command>pwunconv</command> crée le fichier <emphasis remap=\"I"
+"\">passwd</emphasis> à partir des fichiers <emphasis remap=\"I\">passwd</"
+"emphasis> et <emphasis remap=\"I\">shadow</emphasis> puis supprime <emphasis "
+"remap=\"I\">shadow</emphasis>."
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+"<command>pwunconv</command> ne fonctionne pas avec <option>USE_TCB</option> "
+"activé. Vous devez d'abord convertir les mots de passe depuis tcb vers des "
+"mots de passe cachés en utilisant <command>tcb_unconvert</command> puis "
+"désactiver <option>USE_TCB</option> dans <filename>login.defs</filename> "
+"avant d'utiliser <command>pwunconv</command>."
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+"La commande <command>grpconv</command> crée <emphasis remap=\"I\">gshadow</"
+"emphasis> à partir de <emphasis remap=\"I\">group</emphasis> et d'un "
+"éventuel fichier <emphasis remap=\"I\">gshadow</emphasis>."
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+"La commande <command>grpunconv</command> crée <emphasis remap=\"I\">group</"
+"emphasis> à partir des fichiers <emphasis remap=\"I\">group</emphasis> et "
+"<emphasis remap=\"I\">gshadow</emphasis> puis supprime <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+"Ces quatre programmes opèrent sur les fichiers de mots de passe et "
+"d'informations sur les groupes cachés ou non : <filename>/etc/passwd</"
+"filename>, <filename>/etc/group</filename>, <filename>/etc/shadow</"
+"filename>, et <filename>/etc/gshadow</filename>."
+
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+"Chaque programme place les verrous nécessaires avant d'effectuer la "
+"conversion. <command>pwconv</command> et <command>grpconv</command> sont "
+"similaires. Dans un premier temps, les entrées du fichier de mots de passe "
+"cachés (<filename>/etc/shadow</filename> ou <filename>/etc/gshadow</"
+"filename>) qui n'existent pas dans le fichier principal (<filename>passwd</"
+"filename> ou <filename>group</filename>), sont retirées. Ensuite, les "
+"entrées du fichier <filename>shadow</filename> n'ayant pas pour mot de passe "
+"« x » dans le fichier <filename>passwd</filename> sont mises à jour. Enfin, "
+"les mots de passe du fichier <filename>passwd</filename> sont remplacés par "
+"« x ». Ces programmes peuvent être utilisés pour une première conversion, ou "
+"bien pour une mise à jour, si les fichiers principaux [ NdT : non cachés ] "
+"ont été édités à la main."
+
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+"Lors de l'ajout de nouvelles entrées dans <filename>/etc/shadow</filename>, "
+"<command>pwconv</command> utilisera les valeurs de <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"et <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> définies dans le fichier "
+"<filename>/etc/login.defs</filename>."
+
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+"De même, <command>pwunconv</command> et <command>grpunconv</command> sont "
+"similaires. Les mots de passe des fichiers principaux sont mis à jour à "
+"partir des fichiers d'informations cachées (« shadowed file »). Les entrées "
+"existant dans un fichier principal, mais pas dans le fichier caché sont "
+"laissées. Enfin, le fichier caché est supprimé. Certaines informations d'âge "
+"des mots de passe sont perdues par <command>pwunconv</command>. Il ne "
+"convertit que ce qu'il peut."
+
+#: pwconv.8.xml:188(para)
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+"Les options applicables aux commandes <command>pwconv</command>, "
+"<command>pwunconv</command>, <command>grpconv</command> et "
+"<command>grpunconv</command> sont :"
+
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+"Des erreurs dans les fichiers de mots de passe ou d'informations sur les "
+"groupes (comme des entrées invalides ou redondantes) peuvent conduire ces "
+"programmes à boucler indéfiniment ou à échouer d'une manière tout aussi "
+"étrange. Veuillez exécuter <command>pwck</command> et <command>grpck</"
+"command> pour corriger ces erreurs avant de lancer toute conversion."
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+"La variable de configuration suivante dans <filename>/etc/login.defs</"
+"filename> change le comportement de <command>grpconv</command> et "
+"<command>grpunconv</command> :"
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+"Les variables de configuration suivantes dans <filename>/etc/login.defs</"
+"filename> changent le comportement de <command>pwconv</command> :"
+
+#: pwconv.8.xml:263(para)
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr ""
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr "pwck"
+
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr "Vérifier l'intégrité des fichiers de mots de passe"
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr "passwd"
+
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+"La commande <command>pwck</command> vérifie l'intégrité des informations du "
+"système concernant les utilisateurs et leur mots de passe. Toutes les "
+"entrées des fichiers <filename>/etc/passwd</filename> et <filename>/etc/"
+"shadow</filename> sont vérifiées afin de s'assurer qu'elles ont le bon "
+"format et qu'elles contiennent des données valables dans chaque champ. Une "
+"confirmation de l'utilisateur sera demandée pour détruire les entrées mal "
+"formatées ou ayant d'autres erreurs non récupérables."
+
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr "Voici les vérifications effectuées :"
+
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr "nombre correct de champs ;"
+
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr "unicité et validité des noms d'utilisateur ;"
+
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr "validité des identifiants d'utilisateur et de groupe ;"
+
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr "validité du groupe primaire ;"
+
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr "validité du répertoire personnel ;"
+
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr "validité de l'interpréteur de commandes initial (« login shell »)."
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+"Les vérifications de <filename>shadow</filename> sont activées quand un "
+"second paramètre de fichier est indiqué ou quand <filename>/etc/shadow</"
+"filename> existe sur le système."
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr "Ces vérifications sont les suivantes :"
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr ""
+"chaque entrée de passwd a une entrée correspondante dans shadow, et chaque "
+"entrée shadow a une entrée passwd correspondante ;"
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr ""
+"les mots de passe sont indiqués dans le fichier des mot de passe cachés ;"
+
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr "les entrées de shadow ont le bon nombre de champs ;"
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr "les entrées de shadow sont uniques dans shadow ;"
+
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr "la date du dernier changement de mot de passe n'est pas dans le futur."
+
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+"Une erreur dans le nombre de champs ou la non unicité d'un nom d'utilisateur "
+"sera fatale. Si le nombre de champs n'est pas correct, il sera demandé à "
+"l'utilisateur de supprimer la ligne. Si l'utilisateur ne répond pas par "
+"l'affirmative, les vérifications suivantes ne seront pas effectuées. Il sera "
+"également demandé de supprimer les entrées correspondant aux noms "
+"d'utilisateur redondants, mais dans ce cas, les autres vérifications seront "
+"effectuées. Toutes les autres erreurs ne sont que des avertissements et "
+"l'utilisateur est encouragé à utiliser <command>usermod</command> pour les "
+"corriger."
+
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+"Les commandes qui opèrent sur le fichier <filename>/etc/passwd</filename> ne "
+"peuvent pas modifier les entrées corrompues ou redondantes. <command>pwck</"
+"command> doit être utilisé dans ce cas pour retirer ces entrées."
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr ""
+"Les options <option>-r</option> et <option>-s</option> ne peuvent pas être "
+"combinées."
+
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>pwck</command> sont :"
+
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr ""
+"Ne signaler que les erreurs. Les avertissements qui ne nécessitent pas une "
+"action de la part de l'utilisateur ne seront pas affichés."
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr "<option>-r</option>, <option>--read-only</option>"
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr "Permet d'exécuter <command>pwck</command> dans le mode lecture seule."
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr "<option>-s</option>, <option>--sort</option>"
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+"Trie les entrées de <filename>/etc/passwd</filename> et <filename>/etc/"
+"shadow</filename> par UID."
+
+#: pwck.8.xml:227(para)
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr ""
+"Cette option n'a aucun effet quand <option>USE_TCB</option> est activée."
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+"Par défaut, <command>pwck</command> opère sur les fichiers <filename>/etc/"
+"passwd</filename> et <filename>/etc/shadow</filename><phrase condition="
+"\"tcb> (ou les fichiers dans <filename>/etc/tcb</filename>)</phrase>. "
+"L'utilisateur peut spécifier d'autres fichiers avec les paramètres "
+"<replaceable>passwd</replaceable> et <replaceable>shadow</replaceable>."
+
+#: pwck.8.xml:243(para)
+#, fuzzy
+#| msgid ""
+#| "Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+#| "alternative <replaceable>shadow</replaceable> file. In future releases, "
+#| "this paramater could be replaced by an alternate TCB directory."
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"parameter could be replaced by an alternate TCB directory."
+msgstr ""
+"Veuillez noter que quand <option>USE_TCB</option> est activée, vous ne "
+"pouvez pas indiquer de fichier <replaceable>shadow</replaceable> alternatif. "
+"Dans les prochaines versions, ce paramètre pourra être remplacé par un "
+"répertoire TCB alternatif."
+
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr "une entrée de mot de passe ou plus est incorrecte"
+
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr "impossible d'ouvrir les fichiers de mots de passe"
+
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr "impossible de verrouiller les fichiers de mots de passe"
+
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr "impossible de mettre à jour les fichiers des mots de passe"
+
+#: pwck.8.xml:336(para)
+msgid "can't sort password files"
+msgstr "impossible de trier les fichiers de mots de passe"
+
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>pwck</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: pwck.8.xml:345(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr "porttime"
+
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr ""
+"Fichier de configuration des droits d'accès en fonction de la date et de "
+"l'heure"
+
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+"<emphasis remap=\"I\">porttime</emphasis> contient une liste de tty, noms "
+"d'utilisateurs, et horaires d'accès autorisés."
+
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+"Chaque entrée consiste en trois champs séparés par un caractère deux-points "
+"« : ». Le premier champ est une liste de tty séparés par des virgules, ou un "
+"astérisque « * » pour indiquer que l'entrée correspond à toutes les tty. Le "
+"second champ est une liste de noms d'utilisateurs, ou un astérisque pour "
+"indiquer que cette entrée correspond à n'importe quel utilisateur. Le "
+"troisième champ est une liste d'horaires d'accès autorisés."
+
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+"Chaque horaire d'accès consiste en zéro ou plusieurs abréviations de jours "
+"de la semaine : <emphasis>Su</emphasis> (dimanche), <emphasis>Mo</emphasis> "
+"(lundi), <emphasis>Tu</emphasis> (mardi), <emphasis>We</emphasis> "
+"(mercredi), <emphasis>Th</emphasis> (jeudi), <emphasis>Fr</emphasis> "
+"(vendredi), <emphasis>Sa</emphasis> (samedi), suivi d'un couple d'horaires "
+"séparés par un tiret. L'abréviation <emphasis>Wk</emphasis> peut être "
+"utilisée pour représenter les jours de la semaine du lundi au vendredi, et "
+"<emphasis>Al</emphasis> permet de spécifier l'ensemble des jours de la "
+"semaine. Par défaut, si aucun jour n'est spécifié, <emphasis>Al</emphasis> "
+"est utilisé."
+
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "EXEMPLES"
+
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+"L'entrée suivante autorise l'accès à l'utilisateur <emphasis remap=\"B"
+"\">jfh</emphasis> sur n'importe quel port pendant la semaine de 9 heures à "
+"17 heures."
+
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr "*:jfh:Wk0900-1700"
+
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+"L'entrée suivante autorise l'accès à /dev/console uniquement aux "
+"utilisateurs <emphasis>root</emphasis> et <emphasis>oper</emphasis> à "
+"n'importe quelle heure. Ceci permet de montrer l'importance de l'ordre des "
+"entrées dans le fichier <filename>/etc/porttime</filename>. Les autres "
+"utilisateurs ne satisferont que la deuxième entrée, qui n'autorise aucun "
+"accès."
+
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+msgstr ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+"L'entrée suivante autorise l'accès à tous les ports pour l'utilisateur "
+"<emphasis>games</emphasis>, en dehors des heures de travail."
+
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr "*:games:Wk1700-0900,SaSu0000-2400"
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr "/etc/porttime"
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr "Fichier contenant le port d'accès."
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr "fichier des mots de passe"
+
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+"<filename>/etc/passwd</filename> contient différentes informations sur les "
+"comptes utilisateurs. Ces informations consistent en sept champs séparés par "
+"des deux-points (« : ») :"
+
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr "un mot de passe chiffré optionnel"
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr "l'identifiant numérique de l'utilisateur"
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr "l'identifiant numérique du groupe de l'utilisateur"
+
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr "le nom complet de l'utilisateur ou un champ de commentaires"
+
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr "le répertoire personnel de l'utilisateur"
+
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr "l'interpréteur de commandes de l'utilisateur (optionnel)"
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Le champ du mot de passe chiffré peut être vide. Dans ce cas, aucun mot de "
+"passe n'est nécessaire pour s'authentifier avec le compte donné. Cependant, "
+"certaines applications qui lisent le fichier <filename>/etc/passwd</"
+"filename> peuvent décider de ne donner aucun accès si le <emphasis>mot de</"
+"emphasis> passe est vide. Si le mot de passe est un <quote>x</quote> "
+"minuscule, alors le mot de passe chiffré se trouve dans le fichier "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry> ; il <emphasis>doit</emphasis> y avoir une ligne "
+"correspondante dans le fichier <filename>shadow</filename>, sinon le compte "
+"de l'utilisateur n'est pas valide. Si le mot de passe est constitué d'une "
+"autre chaîne, alors il est considéré comme un mot de passe chiffré, comme "
+"indiqué dans <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>."
+
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Le champ de commentaire est utilisé par différents utilitaires système, tels "
+"que <citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+"Le champ du répertoire personnel de l'utilisateur correspond au nom du "
+"répertoire de travail initial. <command>login</command> utilise cette "
+"information pour définir la valeur de la variable d'environnement <envar>"
+"$HOME</envar>."
+
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+"Le champ de l'interpréteur de commandes correspond au nom de l'interpréteur "
+"de commandes de l'utilisateur, ou au nom d'un programme initial à exécuter. "
+"<command>login</command> utilise cette information pour définir la valeur de "
+"la variable d'environnement <envar>$SHELL</envar>. Si ce champ est vide, "
+"<filename>/bin/sh</filename> est utilisé par défaut."
+
+# TBC: file ?
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr "un mot de passe chiffré optionnel"
+
+#: passwd.5.xml:156(filename)
+msgid "/etc/passwd-"
+msgstr "/etc/passwd-"
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr "Fichier de sauvegarde de /etc/passwd."
+
+#: passwd.5.xml:170(para)
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr "Modifier le mot de passe d'un utilisateur"
+
+#: passwd.1.xml:89(para)
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+"La commande <command>passwd</command> modifie les mots de passe des comptes "
+"d'utilisateurs. Un utilisateur normal ne peut changer que son propre mot de "
+"passe, alors que le superutilisateur peut changer le mot de passe associé à "
+"n'importe quel compte. <command>passwd</command> modifie également les dates "
+"de fin de validité du compte ou du mot de passe associé."
+
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr "Modifications du mot de passe"
+
+#: passwd.1.xml:99(para)
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+"Dans un premier temps, l'utilisateur doit fournir son ancien mot de passe, "
+"s'il en avait un. Ce mot de passe est ensuite chiffré puis comparé avec le "
+"mot de passe enregistré. L'utilisateur n'a droit qu'à un seul essai pour "
+"entrer le mot de passe correct. Le superutilisateur peut contourner cette "
+"première étape de manière à changer les mots de passe ayant été oubliés."
+
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+"Une fois que le mot de passe a été entré, les informations de limite de "
+"validité du mot de passe sont vérifiées pour s'assurer que l'utilisateur est "
+"autorisé à modifier son mot de passe à cet instant. Dans le cas contraire, "
+"<command>passwd</command> refuse de changer le mot de passe, et quitte."
+
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+"Le nouveau mot de passe sera demandé deux fois à l'utilisateur. Le second "
+"mot de passe est comparé avec le premier. Ces deux mots de passe devront "
+"être identiques pour que le mot de passe soit changé."
+
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+"La complexité de ce mot de passe est alors testée. Comme ligne de conduite "
+"générale, un mot de passe doit toujours être constitué de 6 à 8 caractères "
+"en en choisissant un ou plus parmi chacun des ensembles suivants :"
+
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr "caractères alphabétiques minuscules"
+
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr "chiffres de 0 à 9"
+
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr "marques de ponctuation"
+
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+"Il faudra faire attention à ne pas utiliser les caractères de suppression ou "
+"d'effacement. <command>passwd</command> rejettera tout mot de passe dont la "
+"complexité ne sera pas suffisante."
+
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr "Astuces pour les mots de passe"
+
+#: passwd.1.xml:148(para)
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+"La sécurité d'un mot de passe repose sur la force de l'algorithme de "
+"chiffrement et sur la taille de l'espace de clés utilisé. La méthode de "
+"chiffrement des systèmes <emphasis>UNIX</emphasis> est basée sur "
+"l'algorithme NBS DES. Des méthodes plus récentes sont maintenant "
+"recommandées (voir <option>ENCRYPT_METHOD</option>). La taille de l'espace "
+"de clés dépend de l'aléa du mot de passe utilisé."
+
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+"Les compromissions de la sécurité des mots de passe résultent le plus "
+"souvent d'une négligence dans le choix du mot de passe, ou lors de son "
+"utilisation. Pour cette raison, vous ne devez pas sélectionner de mot de "
+"passe apparaissant dans un dictionnaire ou devant être écrit. Le mot de "
+"passe ne doit pas non plus être un nom propre, un numéro minéralogique, une "
+"date de naissance, ou une adresse. En effet ceux-ci pourraient être devinés "
+"pour violer la sécurité du système."
+
+#: passwd.1.xml:166(para)
+#, fuzzy
+#| msgid ""
+#| "You can find advices on how to choose a strong password on http://en."
+#| "wikipedia.org/wiki/Password_strength"
+msgid ""
+"You can find advice on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+"Vous pouvez trouver des conseils sur la façon choisir un mot de passe "
+"robuste sur http://en.wikipedia.org/wiki/Password_strength (en anglais)."
+
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>passwd</command> sont :"
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+# NOTE: pas clair
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr ""
+"Cette option ne peut être utilisée qu'avec <option>-S</option> et permet "
+"d'afficher l'état des mots de passe pour tous les utilisateurs."
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+"Supprimer le mot de passe (le rendre vide) d'un utilisateur. C'est une façon "
+"rapide de supprimer l'authentification par mot de passe pour un compte. Il "
+"rend le compte indiqué sans mot de passe."
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr ""
+"Annuler immédiatement la validité du mot de passe d'un compte. Ceci permet "
+"d'obliger un utilisateur à changer son mot de passe lors de sa prochaine "
+"connexion."
+
+#: passwd.1.xml:220(term)
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>DURÉE_INACTIVITÉ</replaceable>"
+
+# NOTE: Only this user account
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+"Cette option permet de désactiver un compte quelques temps après expiration "
+"de son mot de passe. <replaceable>DURÉE_INACTIVITÉ</replaceable> jours après "
+"expiration de son mot de passe, l'utilisateur ne pourra plus se connecter "
+"avec ce compte."
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+# NOTE: pas clair
+#: passwd.1.xml:237(para)
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+"Indiquer que la modification de mot de passe ne sera effectuée que lors de "
+"l'expiration des jetons d'authentification (mots de passe). C'est utile dans "
+"le cas où l'utilisateur voudrait conserver ses jetons d'authentification "
+"encore valables."
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr "<option>-l</option>, <option>--lock</option>"
+
+#: passwd.1.xml:249(para)
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+"Verrouiller le mot de passe du compte indiqué. Cette option désactive un mot "
+"de passe en le modifiant par une valeur qui ne correspond pas à un mot de "
+"passe chiffré possible (cela ajoute un « ! » au début du mot de passe)."
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+"Veuillez noter que cela ne désactive pas le compte. L'utilisateur peut "
+"toujours se connecter en utilisant une autre méthode d'authentification (par "
+"exemple une clé SSH). Pour désactiver un compte, les administrateurs "
+"devraient utiliser <command>usermod --expiredate 1</command> (cela définit "
+"la date d'expiration du compte au 2 janvier 1970)."
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr ""
+"Les utilisateurs avec un mot de passe verrouillé ne sont pas autorisés à le "
+"changer."
+
+#: passwd.1.xml:269(term)
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>JOURS_MIN</"
+"replaceable>"
+
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+"Définir le nombre minimum de jours entre chaque changement de mot de passe à "
+"<replaceable>MIN_DAYS</replaceable>. Une valeur de zéro pour ce champ "
+"indique que l'utilisateur peut changer son mot de passe quand il le souhaite."
+
+#: passwd.1.xml:291(term)
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr ""
+"Modifier le mot de passe dans la base <replaceable>REPOSITORY</replaceable>"
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr "<option>-S</option>, <option>--status</option>"
+
+#: passwd.1.xml:317(para)
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+"Afficher l'état d'un compte. Cet état est constitué de 7 champs. Le premier "
+"champ est le nom du compte. Le second champ indique si le mot de passe est "
+"bloqué (L), n'a pas de mot de passe (NP) ou a un mot de passe utilisable "
+"(P). Le troisième champ donne la date de dernière modification du mot de "
+"passe. Les quatre champs suivants sont : la durée minimum avant "
+"modification, la durée maximum de validité, la durée d'avertissement, et la "
+"durée d'inactivité autorisée pour le mot de passe. Les durées sont exprimées "
+"en jours."
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr "<option>-u</option>, <option>--unlock</option>"
+
+#: passwd.1.xml:335(para)
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+"Déverrouiller le mot de passe du compte indiqué. Cette option réactive un "
+"mot de passe en remettant le mot de passe à sa valeur précédente (la valeur "
+"présente avant l'utilisation de l'option <option>-l</option>)."
+
+#: passwd.1.xml:344(term)
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>DURÉE_AVERTISSEMENT</replaceable>"
+
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+"Configurer le nombre de jours d'avertissement avant que le changement de mot "
+"de passe ne soit obligatoire. La valeur <replaceable>DURÉE_AVERTISSEMENT</"
+"replaceable> est le nombre de jours précédant la fin de validité pendant "
+"lesquels un utilisateur sera prévenu que son mot de passe est sur le point "
+"d'arriver en fin de validité."
+
+#: passwd.1.xml:357(term)
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>JOURS_MAX</"
+"replaceable>"
+
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+"Configurer le nombre maximum de jours pendant lesquels un mot de passe reste "
+"valable. Après <replaceable>JOURS_MAX</replaceable>, le mot de passe devra "
+"être modifié."
+
+#: passwd.1.xml:373(para)
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr ""
+"La vérification de la complexité des mots de passe peut varier d'un site à "
+"l'autre. Il est vivement conseillé aux utilisateurs de choisir un mot de "
+"passe aussi complexe que possible dans la limite de ce qu'il est capable de "
+"mémoriser. "
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+"Il se peut que les utilisateurs ne puissent pas changer leur mot de passe "
+"sur un système si NIS est activé et qu'ils ne sont pas connectés au serveur "
+"NIS."
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr ""
+"<command>passwd</command> utilise PAM pour authentifier les utilisateurs et "
+"modifier leur mot de passe."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr "<option>ENCRYPT_METHOD</option> (chaîne de caractères)"
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr ""
+"Définir les algorithmes de chiffrement par défaut du système pour coder les "
+"mots de passes (si aucun algorithme n'a été indiqué sur la ligne de "
+"commandes)."
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+"Les valeurs suivantes sont acceptées : <replaceable>DES</replaceable> (par "
+"défaut), <replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+"Remarque : ce paramètre remplace la variable <option>MD5_CRYPT_ENAB</option>."
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+"Remarque : cela n'affecte que la création des mots de passe de groupe. La "
+"création de mot de passe des utilisateurs est effectuée par PAM en fonction "
+"de la configuration de PAM. Il est recommandé de définir cette variable en "
+"cohérence avec la configuration de PAM."
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr "<option>MD5_CRYPT_ENAB</option> (booléen)"
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+"Indiquer si un mot de passe doit être chiffré en utilisant l'algorithme basé "
+"sur MD5. Si configurée à <replaceable>yes</replaceable>, les nouveaux mots "
+"de passe seront chiffrés en utilisant l'algorithme basé sur MD5 compatible "
+"avec celui utilisé par les versions récentes de FreeBSD. Il gère des mots de "
+"passe de longueur illimitée et des chaînes de salage plus longues. "
+"Configurez-la à <replaceable>no</replaceable> pour copier les mots de passe "
+"chiffrés sur d'autres systèmes qui ne comprennent pas le nouvel algorithme. "
+"la valeur par défaut est <replaceable>no</replaceable>."
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+"Cette variable est écrasée par la variable <option>ENCRYPT_METHOD</option> "
+"ou par toute option de la ligne de commande utilisée pour configurer "
+"l'algorithme de chiffrement."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr ""
+"Cette variable est obsolète. Vous devriez utiliser <option>ENCRYPT_METHOD</"
+"option>."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>OBSCURE_CHECKS_ENAB</option> (booléen)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr ""
+"Activer des vérifications supplémentaires lors des changements de mot de "
+"passe."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "<option>PASS_ALWAYS_WARN</option> (booléen)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+"Avertir en cas de mots de passe faibles (mais les accepte quand même) si "
+"vous êtes superutilisateur."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "<option>PASS_CHANGE_TRIES</option> (nombre)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr ""
+"Nombre maximum d'essais pour changer de mot de passe si refusé (trop facile)."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "<option>PASS_MAX_LEN</option> (nombre)"
+
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "<option>PASS_MIN_LEN</option> (nombre)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+"Nombre de caractères significatifs dans le mot de passe pour crypt(). La "
+"valeur par défaut de <option>PASS_MAX_LEN</option> est 8. Ne la changez pas "
+"à moins que votre crypt() ne soit meilleur. Ceci est ignoré si "
+"<option>MD5_CRYPT_ENAB</option> est configurée à <replaceable>yes</"
+"replaceable>."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MIN_ROUNDS</option> (nombre)"
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MAX_ROUNDS</option> (nombre)"
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+"Quand <option>ENCRYPT_METHOD</option> est configurée à <replaceable>SHA256</"
+"replaceable> ou <replaceable>SHA512</replaceable>, cela définit le nombre de "
+"rounds de SHA utilisés par l'algorithme de chiffrement par défaut (quand le "
+"nombre de rounds n'est pas précisé sur la ligne de commande)."
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+"Avec beaucoup de rounds, il est plus difficile de trouver le mot de passe "
+"avec une attaque par force brute. Veuillez remarquer que plus de ressources "
+"processeur seront nécessaires pour authentifier les utilisateurs."
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr ""
+"Si non précisée, la libc utilisera le nombre de rounds par défaut (5000)."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr ""
+"Les valeurs doivent être comprises dans l'intervalle 1 000 - 999 999 999."
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+"Si une seule des variables <option>SHA_CRYPT_MIN_ROUNDS</option> ou "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> est configurée, alors cette valeur "
+"sera utilisée."
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+"Si <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, la valeur la plus élevée sera utilisée."
+
+#: passwd.1.xml:429(filename)
+msgid "/etc/pam.d/passwd"
+msgstr "/etc/pam.d/passwd"
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr "Configuration de PAM pour <command>passwd</command>."
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "permission refusée"
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "combinaison d'options non valable"
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr "échec inattendu, rien n'a été fait"
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr "échec inattendu, le fichier <filename>passwd</filename> est manquant"
+
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr ""
+"fichier <filename>passwd</filename> en cours d'utilisation, veuillez "
+"réessayer plus tard"
+
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>passwd</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: passwd.1.xml:490(para)
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr "nologin"
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr "refuser poliment une connexion"
+
+#: nologin.8.xml:65(para)
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+"La commande <command>nologin</command> affiche un message indiquant que le "
+"compte n'est pas disponible et retourne avec un code non nul. Elle peut être "
+"placée dans le champ indiquant l'interpréteur de commandes pour les comptes "
+"qui ont été désactivés."
+
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"Pour désactiver toutes les connexions, veuillez consulter "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr "HISTORIQUE"
+
+#: nologin.8.xml:91(para)
+#, fuzzy
+#| msgid "The <command>nologin</command> command appearred in BSD 4.4."
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr "La commande <command>nologin</command> est apparue avec BSD 4.4."
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr "Mettre à jour, ou créer de nouveaux utilisateurs par lots"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr "fichier"
+
+#: newusers.8.xml:97(para)
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+"La commande <command>newusers</command> lit un "
+"<replaceable>fichier<replaceable> (ou l'entrée standard par défaut) et "
+"utilise ces informations pour mettre à jour un groupe d'utilisateurs "
+"existants ou pour créer de nouveaux utilisateurs. Chaque ligne est au même "
+"format que le fichier des mots de passe (consultez "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) avec les exceptions suivantes :"
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+
+#: newusers.8.xml:110(emphasis)
+msgid "pw_name"
+msgstr "pw_name"
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr "C'est le nom de l'utilisateur."
+
+#: newusers.8.xml:116(para)
+#, fuzzy
+#| msgid ""
+#| "It can be the name of a new user or the name of an existing user (or an "
+#| "user created before by <command>newusers</command>). In case of an "
+#| "existing user, the user's information will be changed, otherwise a new "
+#| "user will be created."
+msgid ""
+"It can be the name of a new user or the name of an existing user (or a user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+"Il peut s'agir du nom d'un nouvel utilisateur ou du nom d'un utilisateur "
+"existant (ou d'un utilisateur créé précédemment par <command>newusers</"
+"command>). Dans le cas d'un utilisateur existant, les informations de "
+"l'utilisateur seront modifiées, sinon un nouvel utilisateur sera créé."
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr "pw_passwd"
+
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr ""
+"Ce champ sera chiffré et utilisé comme nouvelle valeur du mot de passe "
+"chiffré."
+
+#: newusers.8.xml:138(emphasis)
+msgid "pw_uid"
+msgstr "pw_uid"
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr "Ce champ est utilisé pour définir l'UID de l'utilisateur."
+
+#: newusers.8.xml:144(para)
+#, fuzzy
+#| msgid ""
+#| "If the field is empty, an new (unused) UID will be defined automatically "
+#| "by <command>newusers</command>."
+msgid ""
+"If the field is empty, a new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+"Si ce champ est vide, un nouvel UID (non utilisé) sera défini "
+"automatiquement par <command>newusers</command>."
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr "Si ce champ contient un nombre, ce nombre sera utilisé comme UID."
+
+#: newusers.8.xml:152(para)
+#, fuzzy
+#| msgid ""
+#| "If this field contains the name of an existing user (or the name of an "
+#| "user created before by <command>newusers</command>), the UID of the "
+#| "specified user will be used."
+msgid ""
+"If this field contains the name of an existing user (or the name of a user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+"Si ce champ contient le nom d'un utilisateur existant (ou le nom d'un "
+"utilisateur créé précédemment par <command>newusers</command>), l'UID de "
+"l'utilisateur indiqué sera utilisé."
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr ""
+"Si l'UID d'un utilisateur existant est modifié, vous devrez configurer vous-"
+"même le propriétaire des fichiers de l'utilisateur."
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr ""
+"Ce champ est utilisé pour définir l'identifiant du groupe primaire de "
+"l'utilisateur."
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+"Si ce champ contient le nom d'un groupe existant (ou d'un groupe créé "
+"précédemment par <command>newusers</command>), le GID de ce groupe sera "
+"utilisé comme identifiant de groupe primaire pour l'utilisateur."
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+"Si ce champ est un nombre, ce nombre sera utilisé comme identifiant de "
+"groupe primaire de cet utilisateur. Si aucun groupe n'existe avec ce GID, un "
+"nouveau groupe sera créé avec ce GID et le nom de l'utilisateur."
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+"Si ce champ est vide, un nouveau groupe sera créé avec le nom de "
+"l'utilisateur et un GID sera automatiquement défini par <command>newusers</"
+"command> pour être utilisé comme identifiant de groupe primaire pour "
+"l'utilisateur et comme GID pour le nouveau groupe."
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+"Si le champ contient le nom d'un groupe qui n'existe pas (et qui n'a pas été "
+"créé précédemment par <command>newusers</command>), un nouveau groupe sera "
+"créé avec le nom indiqué et un GID sera automatiquement défini par "
+"<command>newusers</command> pour être utilisé comme identifiant de groupe "
+"primaire pour l'utilisateur et comme identifiant pour le nouveau groupe."
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr "pw_gecos"
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr "Ce champ est copié dans le champ GECOS de l'utilisateur."
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr "pw_dir"
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr ""
+"Ce champ est utilisé pour définir le répertoire personnel de l'utilisateur."
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+"Si ce champ n'indique pas de répertoire existant, le répertoire indiqué est "
+"créé, avec comme propriétaire l'utilisateur en cours de création ou mis à "
+"jour et son groupe primaire."
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+"Si le répertoire personnel d'un utilisateur existant est modifié, "
+"<command>newusers</command> ne déplace ni ne copie le contenu de l'ancien "
+"répertoire personnel à la nouvelle place. Vous devrez effectuer cela vous-"
+"même."
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr "pw_shell"
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr ""
+"Ce champ définit l'interpréteur de commande de l'utilisateur. Aucune "
+"vérification n'est effectuée sur ce champ."
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+"<command>newusers</command> essayera d'abord de créer ou de modifier tous "
+"les utilisateurs indiqués puis écrira ces modifications dans les bases de "
+"données d'utilisateurs et de groupes. Si une erreur survient (en dehors de "
+"l'écriture finale des bases de données), aucune modification ne sera "
+"propagée dans les bases de données."
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+"Lors du premier passage, les utilisateurs sont créés avec un mot de passe "
+"verrouillé (les mots de passe ne sont pas modifiés pour les utilisateurs non "
+"créés). Un second passage est utilisé pour mettre à jour les mots de passe "
+"en utilisant PAM. Les échecs de mise à jour des mots de passe sont signalés, "
+"mais n'empêchent pas les mises à jour des autres mots de passe."
+
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr ""
+"Cette commande a été conçue pour les gros systèmes pour lesquels un grand "
+"nombre de comptes sont mis à jour en même temps."
+
+#: newusers.8.xml:266(para)
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>newusers</command> sont :"
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-c</option>, <option>--crypt-method</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr "Utiliser la méthode précisée pour chiffrer les mots de passe."
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+"Les méthodes disponibles sont DES, MD5, NONE et SHA256 ou SHA512 si votre "
+"libc prend en charge ces méthodes."
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Les utilisateurs système seront créés sans information d'âge dans <filename>/"
+"etc/shadow</filename> et leurs identifiants numériques sont choisis dans "
+"l'intervalle <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>, "
+"défini dans <filename>login.defs</filename>, au lieu de <option>UID_MIN</"
+"option>-<option>UID_MAX</option> (et leur <option>GID</option> correspondant "
+"pour la création de groupes)."
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--sha-rounds</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr "Utiliser le nombre de rounds précisé pour chiffrer les mots de passe."
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr ""
+"La valeur 0 signifie que le système choisira la valeur par défaut du nombre "
+"de rounds pour la méthode de chiffrement (5 000)."
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr ""
+"Une valeur minimale de 1 000 et une valeur maximale de 999 999 999 seront "
+"imposées."
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+"Vous ne pouvez utiliser cette méthode qu'avec les méthodes de chiffrement "
+"SHA256 ou SHA512."
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Par défaut, le nombre de rounds est défini par les variables "
+"SHA_CRYPT_MIN_ROUNDS et SHA_CRYPT_MAX_ROUNDS dans <filename>/etc/login.defs</"
+"filename>."
+
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+"Le fichier d'entrée doit être correctement protégé puisqu'il contient des "
+"mots de passe en clair."
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr ""
+"Vous devez vous assurer que les mots de passe et la méthode de chiffrement "
+"respectent la politique de mot de passe du système."
+
+#: newusers.8.xml:430(filename)
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/pam.d/newusers"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr "Configuration de PAM pour <command>newusers</command>."
+
+#: newusers.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr "newgrp"
+
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr "se connecter avec un nouveau groupe"
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr "groupe"
+
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+"La commande <command>newgrp</command> permet de changer l'identifiant de "
+"groupe de l'utilisateur au cours d'une session. Si l'option <option>-</"
+"option> est fournie, l'environnement de l'utilisateur est réinitialisé, "
+"comme si l'utilisateur venait de se connecter. Sinon, l'environnement "
+"actuel, y compris le répertoire de travail actuel est conservé."
+
+# NOTE:
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+"<command>newgrp</command> change l'identifiant de groupe réel actuel à la "
+"valeur du groupe indiqué, ou au groupe par défaut défini dans <filename>/etc/"
+"passwd</filename> si aucun nom de groupe n'est fourni. <command>newgrp</"
+"command> essaiera également d'ajouter le groupe à l'ensemble des groupes de "
+"l'utilisateur. Si l'utilisateur n'est pas superutilisateur, un mot de passe "
+"lui sera demandé s'il n'utilise pas de mot de passe (dans <filename>/etc/"
+"shadow</filename>, si cet utilisateur a une entrée dans le fichier des mots "
+"de passe cachés, ou dans <filename>/etc/passwd</filename> sinon), mais que "
+"le groupe en a un, ou si l'utilisateur n'est pas dans la liste des membres "
+"de ce groupe et que ce groupe utilise un mot de passe. L'accès sera refusé "
+"si le mot de passe du groupe est vide et que l'utilisateur ne fait pas "
+"partie de ses membres."
+
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+"S'il y a une entrée pour ce groupe dans <filename>/etc/gshadow</filename>, "
+"alors la liste des membres et le mot de passe de ce groupe seront pris dans "
+"ce fichier, sinon, l'entrée du fichier <filename>/etc/group</filename> est "
+"utilisée."
+
+#: newgrp.1.xml:152(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr "logoutd"
+
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr "Imposer les restrictions de connexion dans le temps"
+
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+"<command>logoutd</command> impose les restrictions (sur les ports, la date "
+"et l'heure de connexion) spécifiées dans <filename>/etc/porttime</filename>. "
+"<command>logoutd</command> doit être démarré depuis <filename>/etc/rc</"
+"filename>. Il analyse le fichier <filename>/var/run/utmp</filename> "
+"régulièrement et, pour chaque utilisateur, il vérifie que ce nom "
+"d'utilisateur est autorisé à être connecté à ce port à ce moment. Toute "
+"session en violation avec les restrictions de <filename>/etc/porttime</"
+"filename> est terminée."
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr "/var/run/utmp"
+
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "Liste des sessions de connexion en cours."
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr "login.defs"
+
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr "configuration de la suite des mots de passe cachés « shadow password »"
+
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+"Le fichier <filename>/etc/login.defs</filename> définit la configuration de "
+"la suite shadow password (mots de passe cachés) pour le système. Ce fichier "
+"est indispensable. Son absence n'empêchera pas le système de fonctionner, "
+"mais aura probablement des conséquences indésirables."
+
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+"Ce fichier est un fichier texte, dont chaque ligne décrit un paramètre de "
+"configuration. Les lignes consistent en un nom et une valeur, séparés par "
+"une espace. Les lignes blanches et les lignes de commentaires sont ignorées. "
+"Les commentaires commencent par un caractère « # », qui doit être le premier "
+"caractère non blanc de la ligne."
+
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+"Les valeurs des paramètres sont de quatre types : chaînes de caractères, "
+"booléens, nombres et nombres longs. Une chaîne de caractères est constituée "
+"de n'importe quels caractères imprimables. Un booléen est soit "
+"<replaceable>yes</replaceable> (oui), soit <replaceable>no</replaceable> "
+"(non). Un paramètre booléen non défini, ou défini avec une valeur autre que "
+"celles-là prendra la valeur <replaceable>no</replaceable>. Un nombre (normal "
+"ou long) peut être soit décimal, soit octal (en précédant la valeur d'un "
+"<replaceable>0</replaceable>), ou encore hexadécimal (en précédant la valeur "
+"de <replaceable>0x</replaceable>). La valeur maximale des paramètres "
+"numériques normaux ou longs dépend de la machine."
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr "Les paramètres de configuration suivants sont fournis :"
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr "<option>CHFN_AUTH</option> (booléen)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"La valeur <replaceable>yes</replaceable> indique que le programme "
+"<command>chfn</command> nécessitera une authentification avant de procéder à "
+"tout changement, à moins qu'ils ne soient exécutés par le superutilisateur."
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr "<option>CHFN_RESTRICT</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+"Ce paramètre précise quelles valeurs du champ <emphasis remap=\"I\">gecos</"
+"emphasis> du fichier <filename>passwd</filename> peuvent être modifiées par "
+"les utilisateurs ordinaires à l'aide du programme <command>chfn</command>. "
+"Il est constitué d'une combinaison de lettres parmi <replaceable>f</"
+"replaceable>, <replaceable>r</replaceable>, <replaceable>w</replaceable> et "
+"<replaceable>h</replaceable>, correspondant respectivement au nom complet, "
+"au numéro de bureau, au numéro de téléphone professionnel et au numéro de "
+"téléphone personnel. Pour des raisons de compatibilité avec des versions "
+"antérieures, <replaceable>yes</replaceable> est équivalent à "
+"<replaceable>rwh</replaceable> et <replaceable>no</replaceable> à "
+"<replaceable>frwh</replaceable>. S'il n'est pas précisé, seul le "
+"superutilisateur peut effectuer des modifications. Pour une configuration "
+"encore plus restrictive, il sera préférable de ne pas installer "
+"<command>chfn</command> avec l'indicateur SUID positionné."
+
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr "<option>CHSH_AUTH</option> (booléen)"
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"La valeur <replaceable>yes</replaceable> indique que le programme "
+"<command>chsh</command> nécessitera une authentification avant de procéder à "
+"tout changement, à moins qu'ils ne soient exécutés par le superutilisateur."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ERASECHAR</option> (number)"
+msgstr "<option>ERASECHAR</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+"Le caractère ERASE du terminal (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr ""
+"La valeur peut être préfixée par « 0 » pour une valeur octale, ou « 0x » "
+"pour une valeur hexadécimale."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "<option>FAIL_DELAY</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr ""
+"Le délai en secondes avant qu'un nouvel essai soit permis après un échec de "
+"connexion."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr "<option>FAILLOG_ENAB</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr ""
+"Activer l'enregistrement et l'affichage des informations d'échec de "
+"connexion de <filename>/var/log/faillog</filename>"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr "<option>FAKE_SHELL</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+"Si définie, <command>login</command> exécutera cet interpréteur de commandes "
+"au lieu de l'interpréteur de l'utilisateur spécifié dans <filename>/etc/"
+"passwd</filename>."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr "<option>FTMP_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+"Si définie, les échecs de connexion seront enregistrés dans le fichier sous "
+"le format utmp"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr "<option>HUSHLOGIN_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+"Si définie, le fichier peut désactiver tous les affichages habituels durant "
+"la séquence de connexion. Si un nom de chemin complet est spécifié, alors le "
+"mode taiseux sera activé si le nom ou l'interpréteur de commandes de "
+"l'utilisateur sont trouvés dans le fichier. Si ce n'est pas un nom de chemin "
+"complet, alors le mode taiseux sera activé si le fichier existe dans le "
+"répertoire personnel de l'utilisateur."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr "<option>ISSUE_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr "Si définie, le fichier sera affiché avant chaque invite de connexion."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>KILLCHAR</option> (number)"
+msgstr "<option>KILLCHAR</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr ""
+"Le caractère KILL du terminal (<replaceable>025</replaceable> = CTRL/U)."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr "<option>LASTLOG_ENAB</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+"Activer la journalisation et l'affichage des informations de dernière "
+"connexion de /var/log/lastlog."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr "<option>LOG_OK_LOGINS</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr "Activer la journalisation des connexions réussies."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "<option>LOG_UNKFAIL_ENAB</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr ""
+"Activer l'affichage des noms d'utilisateurs inconnus quand les échecs de "
+"connexions sont enregistrés."
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+"Remarque : la journalisation des noms d'utilisateurs inconnus peut être un "
+"problème de sécurité si un utilisateur entre son mot de passe au lieu de son "
+"nom d'utilisateur."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "<option>LOGIN_RETRIES</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr ""
+"Le nombre maximum de tentatives de connexion en cas de mauvais mot de passe."
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+"Ce sera probablement écrasé par PAM, puisque le module pam_unix est réglé en "
+"dur pour n'effectuer que 3 tentatives. Toutefois, il s'agit d'une solution "
+"de repli au cas où vous utilisez un module d'authentification qui ne fait "
+"pas appliquer PAM_MAXTRIES."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "<option>LOGIN_TIMEOUT</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr "Le temps maximum en secondes pour la connexion."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "<option>MOTD_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr ""
+"Si définie, liste délimitée par des « : » de fichiers de « message du jour » "
+"à afficher lors de la connexion."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr "<option>NOLOGINS_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+"Si définie, nom de fichier dont la présence empêchera les connexions de "
+"quelqu'un d'autre que le superutilisateur. Le contenu de ces fichiers doit "
+"être un message indiquant pourquoi les connexions sont désactivées."
+
+#: login.defs.5.xml:208(para)
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+"Les paramètres <option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</"
+"option> et <option>PASS_WARN_AGE</option> ne sont utilisés qu'au moment de "
+"la création d'un compte. Les changements n'affecteront pas les comptes "
+"existants."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>PORTTIME_CHECKS_ENAB</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr ""
+"Activer la vérification des restrictions de temps précisées dans <filename>/"
+"etc/porttime</filename>."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "<option>TTYGROUP</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>TTYPERM</option> (string)"
+msgstr "<option>TTYPERM</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+"Les permissions de terminal : la connexion tty appartiendra au groupe "
+"<option>TTYGROUP</option> et les permissions seront configurées à "
+"<option>TTYPERM</option>."
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+"Par défaut, le propriétaire du terminal est configuré au groupe primaire de "
+"l'utilisateur et les permissions sont configurées à <replaceable>0600</"
+"replaceable>."
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+"<option>TTYGROUP</option> peut être le nom d'un groupe ou un identifiant "
+"numérique de groupe."
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+"Si vous avez un programme <command>write</command> qui est « setgid » à un "
+"groupe spécial auquel les terminaux appartiennent, définissez TTYGROUP comme "
+"l'identifiant numérique du groupe et TTYPERM à 0620. Autrement laissez "
+"TTYGROUP décommenté et TTYPERM configuré soit à 622 soit à 600."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "<option>TTYTYPE_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+"Si définie, fichier qui lie les lignes de tty à la variable d'environnement "
+"TERM. Chaque ligne du fichier est dans un format ressemblant à « vt100 "
+"tty01 »."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ULIMIT</option> (number)"
+msgstr "<option>ULIMIT</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr "Valeur par défaut d'<command>ulimit</command>."
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr "RÉFÉRENCES CROISÉES"
+
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr ""
+"Les références croisées ci-dessous montrent quels sont les paramètres "
+"utilisés par les différents programmes de la suite shadow password."
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr "chage"
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr "USE_TCB"
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr "chfn"
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr "chgpasswd"
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr "chpasswd"
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr "chsh"
+
+#: login.defs.5.xml:288(para)
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr "CHSH_AUTH LOGIN_STRING"
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr "gpasswd"
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr "groupadd"
+
+#: login.defs.5.xml:308(para)
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr "groupdel"
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr "MAX_MEMBERS_PER_GROUP"
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr "groupmems"
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr "groupmod"
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr "grpck"
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr "login"
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+
+#: login.defs.5.xml:383(term)
+msgid "newgrp / sg"
+msgstr "newgrp / sg"
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr "SYSLOG_SG_ENAB"
+
+#: login.defs.5.xml:393(para)
+#, fuzzy
+#| msgid ""
+#| "ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+#| "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+#| "\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+#| "SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:431(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+
+#: login.defs.5.xml:463(term)
+msgid "sulogin"
+msgstr "sulogin"
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+
+#: login.defs.5.xml:474(para)
+#, fuzzy
+#| msgid ""
+#| "CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+#| "PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+#| "SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb"
+#| "\">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>"
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN "
+"UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP TCB_SYMLINK "
+"USE_TCB</phrase>"
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:519(para)
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+"La plupart des fonctionnalités qui étaient fournies par les mots de passe "
+"cachés (« shadow password ») sont désormais gérées par PAM. De ce fait, "
+"<filename>/etc/login.defs</filename> n'est plus utilisé par "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> et moins utilisé par <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> et "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>. Veuillez plutôt vous référer aux fichiers de configuration de "
+"PAM correspondant."
+
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr "login.access"
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr "table de contrôle des connexions"
+
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+"Le fichier <emphasis remap=\"I\">login.access</emphasis> permet de spécifier "
+"des paires (utilisateur, hôte) et/ou (utilisateur, tty) pour lesquelles "
+"toute connexion sera soit acceptée soit refusée."
+
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+"Lorsqu'un utilisateur se connecte, le fichier <emphasis remap=\"I\">login."
+"access</emphasis> est lu jusqu'à la première entrée correspondant à la paire "
+"(utilisateur, hôte) ou, dans le cas d'une connexion ne passant pas par le "
+"réseau, à la première entrée correspondant au couple (utilisateur, tty). Le "
+"champ des permissions de la table pour cette entrée détermine alors si la "
+"connexion doit être acceptée ou refusée."
+
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr ""
+"Chaque ligne de la table de contrôle des connexions (« login access control "
+"table ») est composée de trois champs séparés par le caractère « : » :"
+
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I"
+"\">utilisateurs</emphasis>:<emphasis remap=\"I\">origines</emphasis>"
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+"Le premier champ est soit un « <emphasis>+</emphasis> » (accès autorisé), "
+"soit un « <emphasis>-</emphasis> » (accès refusé). Le second champ est une "
+"liste d'un ou plusieurs noms d'utilisateurs ou de groupes, ou <emphasis>ALL</"
+"emphasis> (correspond à tous les utilisateurs). Le troisième champ est une "
+"liste d'un ou plusieurs noms de tty (pour les connexions hors réseau), noms "
+"d'hôtes, noms de domaines (commençant par un « <literal>.</literal> »), "
+"adresses d'hôte, adresses de sous-réseau (terminant par un « <literal>.</"
+"literal> »), <emphasis>ALL</emphasis> (pour spécifier n'importe quelle "
+"connexion), ou <emphasis>LOCAL</emphasis> (correspond à n'importe quelle "
+"chaîne ne contenant pas de « <literal>.</literal> »). Si vous utilisez NIS, "
+"vous pouvez utiliser @nomdegroupe pour les motifs d'utilisateur et d'hôte."
+
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr ""
+"L'opérateur <emphasis>EXCEPT</emphasis> permet d'écrire des règles très "
+"compactes."
+
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+"Le fichier d'informations sur les groupes (/etc/group) n'est utilisé que "
+"lorsqu'un nom ne correspond à aucun des utilisateurs connectés. Seuls les "
+"groupes pour lesquels la liste des utilisateurs est spécifiée sont "
+"utilisés : le programme ne recherche pas parmi les groupes primaires des "
+"utilisateurs."
+
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr "Démarrer une session sur le système"
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr "hôte"
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr "ENV=VAR"
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+"Le programme <command>login</command> permet d'établir une nouvelle session "
+"sur le système. Il est généralement invoqué après avoir répondu à l'invite "
+"de connexion <emphasis remap=\"I\">login:</emphasis> sur le terminal de "
+"l'utilisateur. <command>login</command> peut être spécifique à "
+"l'interpréteur de commandes et ne devrait pas être invoqué comme un sous-"
+"processus. Lorsqu'il est appelé depuis un interpréteur de commande, "
+"<command>login</command> doit être exécuté comme <emphasis remap=\"B\">>exec "
+"login</emphasis>, ce qui entraîne la sortie de l'interpréteur de commandes "
+"en cours (et ainsi empêche le nouvel utilisateur connecté de retourner à la "
+"session de l'appelant). L'exécution de <command>login</command> depuis un "
+"interpréteur de commandes autre qu'un interpréteur de commandes initial "
+"(« login shell ») produira un message d'erreur."
+
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+"Un mot de passe est ensuite demandé à l'utilisateur. L'affichage du mot de "
+"passe est désactivé pour éviter de révéler le mot de passe. Seul un petit "
+"nombre d'échecs est permis avant que <command>login</command> ne quitte et "
+"que la liaison ne soit interrompue."
+
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+"Si une date de fin de validité du mot de passe a été définie pour ce compte, "
+"un nouveau mot de passe pourra vous être demandé. Votre ancien mot de passe "
+"et votre nouveau mot de passe vous seront alors demandés avant de pouvoir "
+"continuer. Veuillez lire la page de manuel "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> pour plus d'informations."
+
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+"Après une connexion réussie, vous serez informé des messages du système et "
+"de la présence de courrier. Vous pouvez désactiver l'affichage du message du "
+"système (<filename>/etc/motd</filename>), en créant un fichier vide "
+"<filename>.hushlogin</filename> dans le répertoire de votre compte. Le "
+"message concernant les courriers sera « <emphasis>You have new mail.</"
+"emphasis> », « <emphasis>You have mail.</emphasis> », ou « <emphasis>No Mail."
+"</emphasis> » suivant l'état de votre boîte aux lettres."
+
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+"Vos identifiants d'utilisateur et de groupe seront définis en fonction des "
+"valeurs spécifiées dans le fichier <filename>/etc/passwd</filename>. Les "
+"valeurs des variables d'environnement <emphasis>$HOME</emphasis>, <emphasis>"
+"$SHELL</emphasis>, <emphasis>$PATH</emphasis>, <emphasis>$LOGNAME</"
+"emphasis>, et <emphasis>$MAIL</emphasis> seront définies en fonction des "
+"champs appropriés de l'entrée qui vous correspond. Les valeurs d'ulimit, "
+"d'umask et de nice pourront également être affectées en fonction des entrées "
+"du champ GECOS."
+
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+"Sur certains systèmes, la variable d'environnement <emphasis>$TERM</"
+"emphasis> sera initialisée au type de terminal de votre tty, comme spécifié "
+"dans <filename>/etc/ttytype</filename>."
+
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+"Un script d'initialisation pour votre interpréteur de commandes pourra "
+"également être exécuté. Veuillez vous référer à la section de manuel "
+"appropriée pour plus d'informations sur cette fonctionnalité."
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+"Le programme <command>login</command> n'est PAS responsable de la "
+"suppression d'utilisateurs dans le fichier utmp. Les responsables du "
+"nettoyage de l'appartenance des sessions de terminal sont "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> et <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>. Si vous utilisez "
+"<command>login</command> depuis un interpréteur de commandes sans "
+"<command>exec</command>, l'utilisateur que vous utilisez continuera à "
+"apparaître comme étant connecté même après s'être déconnecté de cette « sous-"
+"session »."
+
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr "Ne pas réaliser d'authentification. L'utilisateur est pré-authentifié."
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+"Remarque : Dans ce cas, <replaceable>username</replaceable> est nécessaire."
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr "-h"
+
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr "Nom de l'hôte distant pour cette connexion."
+
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr "Préserver l'environnement."
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr ""
+"Exécuter le protocole de connexion automatique (autologin) pour rlogin."
+
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+"Les options <option>-r</option>, <option>-h</option> et <option>-f</option> "
+"ne peuvent être utilisées que par root."
+
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Cette version de <command>login</command> comporte de nombreuses options de "
+"compilation. Seules certaines d'entre elles peuvent avoir été activées sur "
+"votre site."
+
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr ""
+"L'emplacement des fichiers peut varier suivant la configuration du système."
+
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+"Comme pour n'importe quel programme, l'apparence de <command>login</command> "
+"peut être imitée. Si des utilisateurs non sûrs ont un accès physique à la "
+"machine, un attaquant pourrait utiliser cet accès pour obtenir le mot de "
+"passe de la personne qui s'assiérait ensuite face à l'écran. Sous Linux, le "
+"mécanisme SAK peut être utilisé par les utilisateurs pour initier un chemin "
+"de confiance et prévenir ce genre d'attaques."
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr "Liste des sessions de connexion précédentes."
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr "Fichier contenant le message du système."
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr "Empêcher les utilisateurs non-root de se connecter."
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr "Liste des types de terminaux."
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr "Supprimer l'affichage des messages du système."
+
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr ""
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr ""
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr "définition des limites de ressources"
+
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+"Le fichier <emphasis remap=\"I\">limits</emphasis> (<filename>/etc/limits</"
+"filename> par défaut ou LIMITS_FILE définit dans <filename>config.h</"
+"filename>) décrit les limites de ressource que vous voulez imposer. Il doit "
+"être possédé et ne doit être lisible que par le compte root."
+
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+"Par défaut, aucun quota (aucune limite) n'est imposé à « root ». En fait, il "
+"n'est pas possible d'imposer de cette façon de limite aux comptes root ou "
+"équivalents (comptes ayant un UID de 0)."
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr ""
+"Chaque ligne décrit une limite pour un utilisateur, elle est de la forme "
+"suivante :"
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr "utilisateur LISTE_DE_LIMITES"
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr "ou sous la forme :"
+
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr "@groupe LISTE_DE_LIMITES"
+
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+"Où <emphasis>LISTE_DE_LIMITES</emphasis> est une chaîne construite par la "
+"concaténation d'une liste de limites de ressource. Chaque limite consiste en "
+"une lettre (identifiant le type de limite) et une valeur numérique."
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr "Les identifiants possibles sont :"
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr "A : espace d'adressage maximal (en kilo octets)"
+
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr ""
+"C : taille maximale d'un fichier image de la mémoire (« core », en kilo "
+"octets)"
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr ""
+"D : taille maximale du segment de données d'un programme (en kilo octets)"
+
+#: limits.5.xml:111(para)
+#, fuzzy
+#| msgid "F: maximum filesize (KB)"
+msgid "F: maximum file size (KB)"
+msgstr "F : taille maximale des fichiers (en kilo octets)"
+
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"K : masque de création de fichier, défini par "
+"<citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></"
+"citerefentry>."
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr "I : valeur nice maximum (0..39 qui sera traduit en 20..-19)"
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr "L : nombre maximal de connexions simultanées pour cet utilisateur"
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr ""
+"M : taille  maximale de mémoire verrouillée (« locked-in-memory », en kilo "
+"octets)"
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr "N : nombre maximal de fichiers ouverts"
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr "O : priorité temps réel maximale"
+
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"P : priorité des processus, défini par "
+"<citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr ""
+"R : taille maximale de la mémoire résidente (« resident set size », en kilo "
+"octets)"
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr "S : taille maximale de la pile (en kilo octets)"
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr "T : temps processeur maximal consommé (en minutes)"
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr "U : nombre maximal de processus"
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+"Par exemple, <emphasis remap=\"I\">L2D2048N5</emphasis> est une chaîne "
+"<emphasis>LISTE_DE_LIMITES</emphasis> valable. Pour faciliter la lecture, "
+"les entrées suivantes sont équivalentes :"
+
+# NOTE: elle va pas cette chaîne
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      username L2D2048N5\n"
+"      username L2 D2048 N5\n"
+"    "
+msgstr ""
+"\n"
+"      utilisateur L2D2048N5\n"
+"      utilisateur L2 D2048 N5\n"
+"    "
+
+#: limits.5.xml:145(para)
+#, fuzzy
+#| msgid ""
+#| "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+#| "the line is considered a limit string, thus comments are not allowed. A "
+#| "invalid limits string will be rejected (not considered) by the "
+#| "<command>login</command> program."
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. An "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+"Attention : tout ce qui suit <emphasis remap=\"I\">utilisateur</emphasis> "
+"est considéré comme une limite de chaîne. Les commentaires ne sont pas "
+"autorisés. Une chaîne de limites non valable sera rejetée (non utilisée) par "
+"le programme <command>login</command>."
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+"L'entrée par défaut est représentée par un utilisateur dénommé "
+"« <emphasis>*</emphasis> ». Si plusieurs entrées par défaut sont présentes "
+"dans le fichier de limites, alors seule la dernière sera prise en compte."
+
+#: limits.5.xml:159(para)
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+"Les limites précisées sous la forme « <replaceable>@groupe</replaceable> » "
+"s'appliquent aux membres du <replaceable>groupe</replaceable> précisé."
+
+#: limits.5.xml:165(para)
+#, fuzzy
+#| msgid ""
+#| "If more than one line with limits for an user exist, only the first line "
+#| "for this user will be considered."
+msgid ""
+"If more than one line with limits for a user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+"Si plusieurs lignes avec des limites pour un utilisateur existent, seule la "
+"première ligne pour cet utilisateur sera prise en compte."
+
+#: limits.5.xml:170(para)
+#, fuzzy
+#| msgid ""
+#| "If no lines are specified for an user, the last <replaceable>@group</"
+#| "replaceable> line matching a group whose the user is a member of will be "
+#| "considered, or the last line with default limits if no groups contain the "
+#| "user."
+msgid ""
+"If no lines are specified for a user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+"Si aucune ligne n'est précisée pour l'utilisateur, la dernière ligne "
+"<replaceable>@groupe</replaceable> correspondant à un groupe auquel "
+"l'utilisateur appartient sera prise en compte, ou la dernière ligne avec les "
+"limites par défaut si aucun groupe ne contient l'utilisateur."
+
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr ""
+"Un simple tiret « <emphasis>-</emphasis> » sera suffisant pour désactiver "
+"toute limite à un utilisateur, "
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+"Afin de désactiver une limite pour un utilisateur, un simple tiret "
+"« <replaceable>-</replaceable> » peut être utilisé au lieu d'une valeur "
+"numérique pour cette limite."
+
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+"Notez également que les limites ne sont configurées que PAR CONNEXION. Il "
+"n'y a pas de limite globale ou permanente. Des limites globales pourraient "
+"voir le jour, mais pour l'instant, il faut faire sans."
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr "/etc/limits"
+
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr "lastlog"
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr ""
+"signaler les connexions les plus récentes de tous les utilisateurs ou d'un "
+"utilisateur donné"
+
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+"<command>lastlog</command> affiche le contenu du journal des dernières "
+"connexions (<filename>/var/log/lastlog</filename>). Les champs "
+"<emphasis>Utilisateur</emphasis>, <emphasis>Port</emphasis>, date de "
+"<emphasis>Dernière</emphasis> connexion sont affichés. Par défaut (aucune "
+"option de spécifiée), les entrées de lastlog sont affichées triées par ordre "
+"d'apparition dans <filename>/etc/passwd</filename>."
+
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>lastlog</command> sont :"
+
+#: lastlog.8.xml:97(term)
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>JOURS</"
+"replaceable>"
+
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+"N'afficher que les entrées du fichier lastlog plus anciennes que <emphasis "
+"remap=\"I\">JOURS</emphasis>."
+
+#: lastlog.8.xml:107(term)
+#, fuzzy
+#| msgid "<option>-u</option>, <option>--user</option>"
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: lastlog.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "This option is only valid in combination with the <option>-d</option> (or "
+#| "<option>--home</option>) option."
+msgid ""
+"Clear lastlog record of a user. This option can be used only together with "
+"<option>-u</option> (<option>--user</option>))."
+msgstr ""
+"Cette option ne fonctionne que lorsqu'elle est combinée avec l'option "
+"<option>-d</option> (ou <option>--home</option>)."
+
+#: lastlog.8.xml:138(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: lastlog.8.xml:142(para)
+msgid ""
+"Set lastlog record of a user to the current time. This option can be used "
+"only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>JOURS</"
+"replaceable>"
+
+#: lastlog.8.xml:153(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr ""
+"Afficher les entrées du fichier lastlog plus récentes que <emphasis remap=\"I"
+"\">JOURS</emphasis>."
+
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLE</replaceable>"
+
+#: lastlog.8.xml:164(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr "N'afficher que les entrées correspondant aux utilisateurs indiqués."
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+"Les utilisateurs peuvent être précisés par un nom de connexion, un "
+"identifiant numérique d'utilisateur ou un <replaceable>INTERVALLE</"
+"replaceable> d'utilisateurs. Cet <replaceable>INTERVALLE</replaceable> "
+"d'utilisateurs peut être précisé avec des valeurs minimale et maximale "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), seulement une valeur maximale "
+"(<replaceable>-UID_MAX</replaceable>) ou une valeur minimale "
+"(<replaceable>UID_MIN-</replaceable>)."
+
+#: lastlog.8.xml:179(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+"Dans le cas où l'utilisateur ne s'est jamais connecté, le message "
+"« <emphasis>**Never logged in**</emphasis> » (« <emphasis>**Jamais "
+"connecté**</emphasis> ») est affiché à la place des champs <emphasis>Port</"
+"emphasis> et date de <emphasis>Dernière</emphasis> connexion."
+
+#: lastlog.8.xml:184(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+"Seules les entrées pour les utilisateurs actuels du système seront "
+"affichées. D'autres entrées peuvent exister pour les utilisateurs supprimés "
+"précédemment."
+
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr "NOTE"
+
+#: lastlog.8.xml:193(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+"Le fichier <filename>lastlog</filename> est une base de données qui contient "
+"des informations concernant la dernière connexion de chaque utilisateur. "
+"Vous n'avez pas à faire de rotation (avec <command>logrotate</command>) sur "
+"ce fichier. C'est un fichier « creux », donc sa taille sur le disque est "
+"bien plus petite que celle affichée par « <command>ls -l</command> » (qui "
+"peut indiquer un très gros fichier si vous avez des utilisateurs avec des "
+"UID élevés). Vous pouvez afficher sa taille réelle avec « <command>ls -s</"
+"command> »."
+
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr ""
+"Base de données de l'heure des connexions précédentes des utilisateurs."
+
+#: lastlog.8.xml:217(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+"S'il y a des trous importants dans les valeurs des UID, <command>lastlog</"
+"command> s'exécutera plus lentement, sans affichage à l'écran (par exemple, "
+"s'il n'y a pas d'entrée pour les utilisateurs ayant un UID compris entre 170 "
+"et 800 dans base de données lastlog, le programme lastlog semblera bloqué "
+"comme s'il traitait les entrées correspondant aux UID 171 à 799)."
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr ""
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr "gshadow"
+
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr "informations cachées sur les groupes"
+
+#: gshadow.5.xml:59(para)
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr ""
+"<filename>/etc/gshadow</filename> contient les informations cachées sur les "
+"groupes."
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr ""
+"Chaque ligne de ce fichier contient les champs suivants, séparés par des "
+"deux-points (« : ») :"
+
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "nom du groupe"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr "Ce doit être un nom de groupe valable, qui existe sur le système."
+
+#: gshadow.5.xml:90(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+"Si le champ du mot de passe contient une chaîne qui ne peut pas être un "
+"résultat valable de <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, par exemple si elle "
+"contient les caractères « ! » ou « * », les utilisateurs ne pourront pas "
+"utiliser le mot de passe UNIX pour accéder au groupe (mais les membres du "
+"groupe n'ont pas besoin de mot de passe)."
+
+#: gshadow.5.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The password is used when an user who is not a member of the group wants "
+#| "to gain the permissions of this group (see "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>)."
+msgid ""
+"The password is used when a user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"Le mot de passe est utilisé quand un utilisateur non membre du groupe veut "
+"obtenir les permissions de ce groupe (consultez "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>)."
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr ""
+"Ce champ peut être vide. Dans ce cas seuls les membres du groupe peuvent "
+"obtenir les permissions du groupe."
+
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr ""
+"Ce mot de passe remplace tout mot de passe indiqué dans <filename>/etc/"
+"group</filename>."
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr "administrateurs"
+
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr "Ce champ doit être une liste d'utilisateurs, séparés par des virgules."
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr ""
+"Les administrateurs peuvent modifier le mot de passe ou les membres du "
+"groupe."
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr ""
+"Les administrateurs peuvent aussi avoir les mêmes permissions que les "
+"membres (voir ci-dessous)."
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr "membres"
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr ""
+"Les membres peuvent accéder au groupe sans qu'un mot de passe ne leur soit "
+"demandé."
+
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+"Vous devez utiliser la même liste d'utilisateurs que dans <filename>/etc/"
+"group</filename>."
+
+#: gshadow.5.xml:175(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr "Vérifier l'intégrité des fichiers d'administration des groupes"
+
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+"La commande <command>grpck</command> vérifie l'intégrité des informations "
+"sur les groupes du système. Toutes les entrées de <filename>/etc/group</"
+"filename> <phrase condition=\"gshadow\"> et <filename>/etc/gshadow</"
+"filename></phrase> sont vérifiées afin de s'assurer qu'elles ont le bon "
+"format et qu'elles contiennent des données valables dans chaque champ. Une "
+"confirmation de l'utilisateur sera demandée pour détruire les entrées mal "
+"formatées ou ayant d'autres erreurs non récupérables."
+
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr "unicité et validité des noms de groupe ;"
+
+#: grpck.8.xml:104(para)
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+"validité des identifiants de groupe <phrase condition=\"gshadow\"> "
+"(seulement <filename>/etc/group</filename>)</phrase> ;"
+
+#: grpck.8.xml:111(para)
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr ""
+"validité de la liste de membres <phrase condition=\"gshadow\"> et "
+"d'administrateurs</phrase> ;"
+
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+"correspondance d'entrée dans le fichier <filename>/etc/gshadow</filename> "
+"(respectivement <filename>/etc/group</filename> pour les vérifications de "
+"<filename>gshadow</filename>)."
+
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+"Une erreur dans le nombre de champs ou la non unicité d'un nom de groupe "
+"sera fatale. Si le nombre de champs n'est pas correct, il sera demandé à "
+"l'utilisateur de supprimer la ligne. Si l'utilisateur ne répond pas par "
+"l'affirmative, les vérifications suivantes ne seront pas effectuées. Il sera "
+"également demandé de supprimer les entrées correspondant aux noms de groupe "
+"redondants, mais dans ce cas, les autres vérifications seront effectuées. "
+"Toutes les autres erreurs ne sont que des avertissements et l'utilisateur "
+"est encouragé à utiliser <command>groupmod</command> pour les corriger."
+
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+"Les commandes qui opèrent sur <phrase condition=\"no_gshadow\">le fichier</"
+"phrase> <phrase condition=\"gshadow\">les fichiers</phrase> <filename>/etc/"
+"group</filename> <phrase condition=\"gshadow\">et <filename>/etc/gshadow</"
+"filename></phrase> ne peuvent pas modifier les entrées corrompues ou "
+"redondantes. <command>grpck</command> doit être utilisée dans ce cas pour "
+"supprimer ces entrées."
+
+#: grpck.8.xml:152(para)
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>grpck</command> sont :"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+"Exécute la commande <command>grpck</command> en mode lecture seule. Cela "
+"signifie qu'à toutes les questions concernant des modifications il sera "
+"répondu <emphasis>no</emphasis> sans l'intervention de l'utilisateur."
+
+#: grpck.8.xml:187(para)
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+"Trie les entrées de <filename>/etc/group</filename> <phrase condition="
+"\"gshadow\">et <filename>/etc/gshadow</filename></phrase> par GID."
+
+#: grpck.8.xml:196(para)
+#, fuzzy
+#| msgid ""
+#| "By default, <command>grpck</command> operates on <filename>/etc/group</"
+#| "filename><phrase condition=\"gshadow\"> and <filename>/etc/gshadow</"
+#| "filename></phrase>. The user may select alternate files with the "
+#| "<emphasis remap=\"I\">group</emphasis><phrase condition=\"no_gshadow"
+#| "\">parameter.</phrase><phrase condition=\"gshadow\">and <emphasis remap="
+#| "\"I\">shadow</emphasis> parameters.</phrase>"
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+"Par défaut, <command>grpck</command> opère sur <filename>/etc/group</"
+"filename> <phrase condition=\"gshadow\">et <filename>/etc/gshadow</"
+"filename></phrase>. L'utilisateur peut préciser d'autres fichiers avec "
+"<phrase condition=\"no_gshadow\">le paramètre</phrase><phrase condition="
+"\"gshadow\">les paramètres</phrase> <emphasis remap=\"I\">group</emphasis> "
+"<phrase condition=\"gshadow\"> et <emphasis remap=\"I\">shadow</emphasis></"
+"phrase>."
+
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr "une entrée de groupe ou plus est incorrecte"
+
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr "impossible d'ouvrir les fichiers group"
+
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr "impossible de verrouiller les fichiers group"
+
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr "impossible de mettre à jour les fichiers group"
+
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>grpck</command> renvoie les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: grpck.8.xml:291(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr "Afficher la liste des groupes auxquels appartient l'utilisateur"
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr "utilisateur"
+
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+"La commande <command>groups</command> affiche la liste des noms de groupe "
+"(ou leur identifiant numérique) de l'utilisateur courant. Si une valeur n'a "
+"pas d'entrée correspondante dans <filename>/etc/group</filename>, "
+"l'identifiant numérique du groupe est affiché. Le paramètre optionnel "
+"<emphasis remap=\"I\">utilisateur</emphasis> permet d'afficher la liste des "
+"groupes pour cet utilisateur."
+
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+"Sur les systèmes qui ne gèrent pas l'appartenance à plusieurs groupes, "
+"seules les informations contenues dans <filename>/etc/group</filename> sont "
+"affichées. L'utilisateur doit utiliser <command>newgrp</command> ou "
+"<command>sg</command> pour modifier l'identifiant de groupe réel et effectif."
+
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr "Modifier la définition d'un groupe du système"
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "GROUPE"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+"La commande <command>groupmod</command> modifie la définition du "
+"<replaceable>GROUPE</replaceable> spécifié en modifiant l'entrée "
+"correspondante de la base de données des groupes."
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>groupmod</command> sont :"
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmod.8.xml:100(para)
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+"L'identifiant numérique du groupe <replaceable>GROUPE</replaceable> sera "
+"modifié vers <emphasis remap=\"I\">GID</emphasis>."
+
+#: groupmod.8.xml:104(para)
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+"La valeur de <replaceable>GID</replaceable> doit être un nombre décimal "
+"positif. Cette valeur doit être unique, à moins que l'option <option>-o</"
+"option> ne soit utilisée."
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+"Les utilisateurs qui utilisent ce groupe comme groupe primaire seront mis à "
+"jour pour garder le groupe comme groupe primaire."
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+"Vous devrez modifier vous-même l'identifiant de groupe des fichiers ayant "
+"l'ancien identifiant de groupe qui doivent continuer à appartenir au "
+"<replaceable>GROUPE</replaceable>."
+
+#: groupmod.8.xml:120(para)
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Aucun contrôle ne sera effectué sur les valeurs de <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, ou "
+"<option>SYS_GID_MAX</option> du fichier <filename>/etc/login.defs</filename>."
+
+#: groupmod.8.xml:135(term)
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NOUVEAU_NOM_GROUPE</replaceable>"
+
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+"Le nom du groupe sera modifié de <emphasis remap=\"I\">GROUPE</emphasis> "
+"vers <emphasis remap=\"I\">NOUVEAU_NOM_GROUPE</emphasis>."
+
+#: groupmod.8.xml:150(para)
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+"En combinaison avec l'option <option>-g</option>, cette option permet de "
+"changer l'identifiant du groupe (<replaceable>GID</replaceable>) vers une "
+"valeur déjà utilisée."
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "nom de groupe déjà utilisé"
+
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>groupmod</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: groupmod.8.xml:287(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr ""
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr ""
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr ""
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr ""
+
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr "Administrer les membres du groupe primaire d'un utilisateur"
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr "nom_utilisateur"
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr "nom_groupe"
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr "-g <placeholder-1/>"
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+"La commande <command>groupmems</command> permet à un utilisateur "
+"d'administrer la liste des membres de son propre groupe sans avoir les "
+"privilèges du superutilisateur. L'utilitaire <command>groupmems</command> a "
+"été conçu pour les systèmes qui configurent leurs utilisateurs de telle "
+"sorte qu'ils soient responsables de leur groupe primaire (par exemple guest/"
+"guest)."
+
+#: groupmems.8.xml:94(para)
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+"Seul le superutilisateur, en tant qu'administrateur, peut utiliser "
+"<command>groupmems</command> pour modifier la liste des membres d'un autre "
+"groupe."
+
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>groupmems</command> sont :"
+
+#: groupmems.8.xml:107(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;"
+"<replaceable>nom_utilisateur</replaceable>"
+
+#: groupmems.8.xml:109(para)
+#, fuzzy
+#| msgid "Add an user to the group membership list."
+msgid "Add a user to the group membership list."
+msgstr "Ajouter un utilisateur à la liste des membres du groupe."
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+"Si le fichier <filename>/etc/gshadow</filename> existe, et que le groupe n'y "
+"a pas d'entrée, une nouvelle entrée sera créée."
+
+#: groupmems.8.xml:118(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;"
+"<replaceable>nom_utilisateur</replaceable>"
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr "Supprimer un utilisateur de la liste des membres du groupe."
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+"Si le fichier <filename>/etc/gshadow</filename> existe, l'utilisateur sera "
+"retiré de la liste des membres et des administrateurs du groupe."
+
+#: groupmems.8.xml:134(term)
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>nom_groupe</"
+"replaceable>"
+
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr ""
+"Le superutilisateur peut préciser la liste des membres du groupe à modifier."
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr "Afficher la liste des membres du groupe."
+
+#: groupmems.8.xml:154(term)
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-p</option>, <option>--purge</option>"
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr "Supprimer tous les utilisateurs de la liste des membres du groupe."
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr "CONFIGURATION"
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+"L'exécutable <command>groupmems</command> doit être installé en mode "
+"<literal>2770</literal> avec pour utilisateur <emphasis>root</emphasis> et "
+"pour groupe <emphasis>groups</emphasis>. L'administrateur système peut "
+"ajouter des utilisateurs au groupe <emphasis>groups</emphasis> pour leur "
+"permettre ou leur interdire d'utiliser <command>groupmems</command> pour "
+"gérer leur propre liste de membres du groupe."
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+"    "
+msgstr ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+"    "
+
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr "informations cachées sur les groupes"
+
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr "Supprimer un groupe"
+
+#: groupdel.8.xml:81(para)
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+"La commande <command>groupdel</command> modifie les fichiers "
+"d'administration des comptes du système, en supprimant les entrées qui se "
+"réfèrent à <replaceable>groupe</replaceable>. Le groupe indiqué doit exister."
+
+#: groupdel.8.xml:89(para)
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>groupdel</command> sont :"
+
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr ""
+"Vous ne pouvez pas supprimer le groupe primaire d'un utilisateur existant. "
+"Vous devez supprimer l'utilisateur auparavant."
+
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr ""
+"Vous devriez vérifier vous-même qu'aucun fichier possédé par le groupe ne "
+"subsiste sur tous les systèmes de fichiers."
+
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr "impossible de supprimer le groupe primaire d'un utilisateur existant"
+
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>groupdel</command> renvoie les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: groupdel.8.xml:198(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "Créer un nouveau groupe"
+
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+"La commande <command>groupadd</command> crée un nouveau compte de groupe en "
+"utilisant les valeurs spécifiées sur la ligne de commande et les valeurs par "
+"défaut du système. Le nouveau groupe sera inséré dans les fichiers du "
+"système selon les besoins."
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>groupadd</command> sont :"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+"Avec cette option, la commande quittera juste avec un état de succès si le "
+"groupe indiqué existe déjà. Avec l'option <option>-g</option>, si "
+"l'identifiant de groupe indiqué existe déjà, un autre identifiant de groupe "
+"(non utilisé) sera choisi (c.-à-d. que <option>-g</option> est désactivée)."
+
+#: groupadd.8.xml:118(para)
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+"La valeur numérique de l'identifiant du groupe (« group ID » ou GID). Cette "
+"valeur doit être unique, sauf si l'option <option>-o</option> est utilisée. "
+"La valeur ne doit pas être négative. Par défaut, le plus petit identifiant "
+"supérieur au <option>GID_MIN</option> et aux identifiants des groupes "
+"existants est utilisé."
+
+#: groupadd.8.xml:124(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr ""
+"Voir aussi aussi la description des options <option>-r</option> et "
+"<option>GID_MAX</option>."
+
+# NOTE: missing <filename>
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+"Surcharger les valeurs par défaut du fichier <filename>/etc/login.defs</"
+"filename> (GID_MIN, GID_MAX et autres). L'option <option>-K</option> peut "
+"être indiquée plusieurs fois."
+
+#: groupadd.8.xml:146(para)
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Exemple : <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: groupadd.8.xml:150(para)
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+"Remarque : <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> ne fonctionne pas pour l'instant."
+
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr ""
+"Cette option permet d'ajouter un groupe avec un identifiant (« GID ») déjà "
+"utilisé."
+
+#: groupadd.8.xml:192(para)
+msgid "Create a system group."
+msgstr "Créer un groupe système."
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+"Les identifiants numériques des nouveaux groupes systèmes sont choisis dans "
+"l'intervalle <option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option>, "
+"défini dans <filename>login.defs</filename>, au lieu de <option>GID_MIN</"
+"option>-<option>GID_MAX</option>"
+
+#: groupadd.8.xml:258(para)
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Les noms de groupe doivent commencer par une lettre minuscule ou un tiret "
+"bas (« underscore »), et seuls des lettres minuscules, des chiffres, des "
+"« underscore », ou des tirets peuvent suivre. Ils peuvent se terminer par un "
+"signe dollar. Soit, sous la forme d'une expression rationnelle : [a-z_][a-"
+"z0-9_-]*[$]?"
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr "Les noms de groupe sont limités à &GROUP_NAME_MAX_LENGTH; caractères."
+
+#: groupadd.8.xml:267(para)
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Vous ne pouvez pas ajouter d'utilisateur à un groupe NIS ou LDAP. Cela doit "
+"être effectué sur le serveur correspondant."
+
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+"Si le nom du groupe existe dans une base de données externe, telle que NIS "
+"ou LDAP, <command>groupadd</command> refusera de créer le groupe."
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr "GID déjà utilisé (et <option>-o</option> n'est pas utilisé)"
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr "nom de groupe déjà utilisé"
+
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>groupadd</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr ""
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr ""
+
+#: gpasswd.1.xml:71(phrase)
+msgid "administer <placeholder-1/>"
+msgstr "Administrer <placeholder-1/>"
+
+#: gpasswd.1.xml:74(phrase)
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr "Administrer <placeholder-1/> et <placeholder-2/>"
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+msgid "option"
+msgstr "option"
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+"La commande <command>gpasswd</command> est utilisée pour administrer "
+"<filename>/etc/group</filename><phrase condition=\"gshadow\"> et <filename>/"
+"etc/gshadow</filename></phrase>. Chaque groupe peut avoir <phrase condition="
+"\"gshadow\">des administrateurs,</phrase> des membres et un mot de passe."
+
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+"Les administrateurs système peuvent utiliser l'option <option>-A</option> "
+"pour définir un ou des administrateurs de groupe et l'option <option>-M</"
+"option> pour définir les membres. Ils ont tous les droits des "
+"administrateurs et membres du groupe."
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+"<command>gpasswd</command> appelée par <phrase condition=\"gshadow\">un "
+"administrateur de groupe</phrase><phrase condition=\"no_gshadow\">un "
+"administrateur système</phrase> avec un nom de groupe demande seulement le "
+"nouveau mot de passe du <replaceable>groupe</replaceable>."
+
+#: gpasswd.1.xml:115(para)
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+"Si un mot de passe est configuré, les membres peuvent toujours utiliser "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> sans mot de passe. Les non membres doivent fournir le mot de "
+"passe."
+
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr "Notes sur les mots de passe de groupe"
+
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+"Les mots de passe de groupe représentent naturellement un risque en matière "
+"de sécurité, puisque plusieurs personnes ont connaissance du mot de passe. "
+"Cependant, les groupes sont utiles pour permettre la coopération entre "
+"différents utilisateurs."
+
+#: gpasswd.1.xml:135(para)
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr ""
+"À part les options <option>-A</option> et <option>-M</option>, les options "
+"ne peuvent pas être combinées."
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr "Les options ne peuvent pas être combinées."
+
+#: gpasswd.1.xml:142(para)
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>gpasswd</command> sont :"
+
+#: gpasswd.1.xml:147(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>utilisateur</"
+"replaceable>"
+
+#: gpasswd.1.xml:151(para)
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Ajouter l'<replaceable>utilisateur</replaceable> à ce <replaceable>groupe</"
+"replaceable>."
+
+#: gpasswd.1.xml:160(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;"
+"<replaceable>utilisateur</replaceable>"
+
+#: gpasswd.1.xml:164(para)
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+"Enlever l'<replaceable>utilisateur</replaceable> de ce <replaceable>groupe</"
+"replaceable>."
+
+#: gpasswd.1.xml:181(term)
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>RÉP_CHROOT</"
+"replaceable>"
+
+#: gpasswd.1.xml:195(term)
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr "<option>-r</option>, <option>--remove-password</option>"
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+"Enlever le mot de passe pour ce <replaceable>groupe</replaceable>. Le mot de "
+"passe du groupe sera vide. Seuls les membres du groupe seront autorisés à "
+"utiliser <command>newgrp</command> pour rejoindre ce <replaceable>groupe</"
+"replaceable>."
+
+#: gpasswd.1.xml:211(term)
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr "<option>-R</option>, <option>--restrict</option>"
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Restreindre l'accès à ce <replaceable>groupe</replaceable>. Le mot de passe "
+"du groupe est défini à « ! ». Seuls les membres du groupe seront autorisés à "
+"utiliser <command>newgrp</command> pour rejoindre ce <replaceable>groupe</"
+"replaceable>."
+
+#: gpasswd.1.xml:227(term)
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>utilisateur</replaceable>,..."
+
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr "Configurer la liste des administrateurs."
+
+#: gpasswd.1.xml:239(term)
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+"<option>-M</option>, <option>--members</option>&nbsp;"
+"<replaceable>utilisateur</replaceable>,..."
+
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr "Configurer la liste des membres du groupe."
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+"Cet outil ne fonctionne que sur <phrase condition=\"no_gshadow\">le fichier</"
+"phrase><phrase condition=\"gshadow\">les fichiers</phrase> <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\"> et <filename>/etc/gshadow</"
+"filename></phrase>. Par conséquent vous ne pouvez modifier aucun groupe NIS "
+"ou LDAP. Cela doit être effectué sur le serveur correspondant."
+
+#: gpasswd.1.xml:298(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr "faillog"
+
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr ""
+"Examiner le fichier faillog, et configurer les limites d'échecs de connexion"
+
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+"<command>faillog</command> affiche le contenu du journal des échecs de "
+"connexion (<filename>/var/log/faillog</filename>). Il peut aussi configurer "
+"le décompte et les limitations de ces échecs. Exécuter <command>faillog</"
+"command> sans argument n'affiche que la liste des échecs des utilisateurs "
+"qui ont déjà eu un échec de connexion."
+
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>faillog</command> sont :"
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+"Afficher (ou agir sur) les enregistrements d'erreurs de connexion pour tous "
+"les utilisateurs ayant une entrée dans la base de données <filename>faillog</"
+"filename>."
+
+#: faillog.8.xml:102(para)
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr ""
+"La liste des utilisateurs peut être limitée avec l'option <option>-u</"
+"option>."
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+"En mode affichage, toujours limitée aux utilisateurs existants, mais "
+"l'affichage des entrées d'erreur de connexion est imposé même si elles sont "
+"vides."
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+"Avec les options <option>-l</option>, <option>-m</option>, <option>-r</"
+"option> ou <option>-t</option> les enregistrements des utilisateurs sont "
+"modifiés, même si l'utilisateur n'existe pas sur le système. C'est utile "
+"pour remettre à zéro les enregistrements des utilisateurs qui ont été "
+"supprimés ou pour mettre en place une politique préventive pour un ensemble "
+"d'utilisateurs."
+
+#: faillog.8.xml:128(term)
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+
+# NOTE: s/to/during/
+#: faillog.8.xml:132(para)
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+"Verrouiller le compte pendant <replaceable>SEC</replaceable> secondes après "
+"un échec de connexion."
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr ""
+"L'accès en écriture sur <filename>/var/log/faillog</filename> est nécessaire "
+"pour cette option."
+
+#: faillog.8.xml:143(term)
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+
+#: faillog.8.xml:147(para)
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+"Configurer le nombre maximum d'échecs de connexion après lequel le compte "
+"sera désactivé à <replaceable>MAX</replaceable>."
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+"Sélectionner une valeur <replaceable>MAX</replaceable> de 0 a pour effet de "
+"ne placer aucune limite sur le nombre d'échecs de connexion."
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+"Le compteur d'erreurs maximum doit toujours être 0 pour <emphasis>root</"
+"emphasis> afin d'éviter les attaques de type déni de service sur le système."
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr "Remettre à zéro le compteur d'échecs de connexion."
+
+#: faillog.8.xml:195(para)
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr ""
+"Afficher les entrées de faillog plus récentes que <replaceable>JOURS</"
+"replaceable>."
+
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+"Afficher l'entrée de faillog ou maintient le décompte et les limitations "
+"(suivant que l'option <option>-l</option>, <option>-m</option> ou <option>-"
+"r</option> est utilisée) seulement pour les utilisateurs indiqués."
+
+#: faillog.8.xml:224(para)
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+"Quand aucune des options <option>-l</option>, <option>-m</option> ou "
+"<option>-r</option> n'est utilisée, <command>faillog</command> affiche "
+"l'enregistrement des échecs de connexion des utilisateurs précisés."
+
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+"<command>faillog</command> n'affiche que les utilisateurs n'ayant pas eu de "
+"connexion réussie depuis leur dernier échec. Pour afficher un utilisateur "
+"ayant eu une connexion réussie depuis son dernier échec, vous devez "
+"explicitement demander cet utilisateur avec l'option <option>-u</option>, ou "
+"demander l'affichage de tous les utilisateurs avec l'option <option>-a</"
+"option>."
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr "/var/log/faillog"
+
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr "Journal des échecs de connexion."
+
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr "journal des échecs de connexion"
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+"<filename>/var/log/faillog</filename> maintient un compte des échecs de "
+"connexion et les limites pour chaque compte."
+
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+"Le fichier contient un nombre constant d'enregistrements, triés par "
+"identifiant d'utilisateur numérique. Chaque enregistrement contient le "
+"nombre d'échecs de connexion depuis la dernière connexion réussie, le nombre "
+"maximum d'échecs de connexion avant désactivation du compte, la ligne sur "
+"laquelle a eu lieu le dernier échec de connexion, la date du dernier échec "
+"de connexion et la durée (en seconde) pendant laquelle le compte sera "
+"verrouillé après un échec."
+
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "La structure du fichier est la suivante :"
+
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;\n"
+"\tshort   fail_max;\n"
+"\tchar    fail_line[12];\n"
+"\ttime_t  fail_time;\n"
+"\tlong    fail_locktime;\n"
+"};"
+msgstr ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;      /* compteur des échecs */\n"
+"\tshort   fail_max;      /* nb max avant désactivation */\n"
+"\tchar    fail_line[12]; /* ligne du dernier échec */\n"
+"\ttime_t  fail_time;     /* date du dernier échec */\n"
+"\tlong    fail_locktime;};"
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr ""
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr "expiry"
+
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr "Vérifier et sécuriser la durée de validité des mots de passe"
+
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+"Avec l'option <option>-c</option>, <command>expiry</command> vérifie la "
+"validité du mot de passe de l'utilisateur actuel, et force (avec l'option "
+"<option>-f</option>) des modifications si nécessaire. Il peut être appelé "
+"par un utilisateur normal."
+
+#: expiry.1.xml:92(para)
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>expiry</command> sont :"
+
+#: expiry.1.xml:97(term)
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr "<option>-c</option>, <option>--check</option>"
+
+#: expiry.1.xml:99(para)
+msgid "Check the password expiration of the current user."
+msgstr ""
+"Vérifier la durée de validité du mot de passe de l'utilisateur courant."
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr ""
+"Forcer le changement du mot de passe si l'utilisateur courant possède un mot "
+"de passe qui a expiré."
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr "Changer l'interpréteur de commandes initial"
+
+#: chsh.1.xml:85(para)
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+"La commande <command>chsh</command> modifie l'interpréteur de commandes "
+"initial (« login shell ») de l'utilisateur qui sera invoqué lors des "
+"connexions de l'utilisateur. Un utilisateur normal ne peut changer que "
+"l'interpréteur associé à son propre compte. Le superutilisateur peut changer "
+"l'interpréteur de commandes initial de n'importe quel compte."
+
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr "Les options applicables à la commande <command>chsh</command> sont :"
+
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Quand l'option <option>-s</option> n'est pas sélectionnée, <command>chsh</"
+"command> opère de façon interactive, demandant à l'utilisateur quel doit "
+"être le nouvel interpréteur de commandes initial (« login shell »). "
+"L'utilisateur pourra entrer une nouvelle valeur pour modifier "
+"l'interpréteur, ou laisser la ligne blanche pour conserver l'interpréteur "
+"actuel. L'interpréteur actuel est indiqué entre crochets (<emphasis>[ ]</"
+"emphasis>)."
+
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+"La seule restriction placée sur l'interpréteur de commandes initial (« login "
+"shell ») est que cette commande doit faire partie de <filename>/etc/shells</"
+"filename>, à moins qu'elle ne soit invoquée par le superutilisateur, qui "
+"peut ajouter n'importe quelle valeur. Un compte avec un interpréteur de "
+"commandes initial restreint ne peut pas changer son interpréteur. Pour cette "
+"raison, il est déconseillé de placer <filename>/bin/rsh</filename> dans "
+"<filename>/etc/shells</filename>, puisqu'une modification accidentelle vers "
+"un interpréteur restreint empêchera alors l'utilisateur de revenir ensuite à "
+"l'interpréteur précédent."
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr "/etc/shells"
+
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr "Liste des interpréteurs de commandes initiaux valables."
+
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr "Mettre à jour des mots de passe par lot"
+
+#: chpasswd.8.xml:83(para)
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+"La commande <command>chpasswd</command> lit une liste de paires de noms "
+"d'utilisateurs et de mots de passe depuis l'entrée standard et utilise ces "
+"informations pour mettre à jour un groupe d'utilisateurs existants. Chaque "
+"ligne est au format suivant :"
+
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">nom_utilisateur</emphasis>:<emphasis remap=\"I"
+"\">mot_de_passe</emphasis>"
+
+#: chpasswd.8.xml:92(para)
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+"Par défaut, les mots de passe doivent être fournis en clair, et sont "
+"chiffrés par <command>chpasswd</command>. L'âge du mot de passe sera "
+"également mis à jour, s'il est présent."
+
+#: chpasswd.8.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+#| "variables of <filename>/etc/login.defs</filename>, and can be overwitten "
+#| "with the <option>-e</option>, <option>-m</option>, or <option>-c</option> "
+#| "options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwritten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"L'algorithme de chiffrement par défaut peut être défini pour le système à "
+"l'aide des variables <option>ENCRYPT_METHOD</option> ou "
+"<option>MD5_CRYPT_ENAB</option> de <filename>/etc/login.defs</filename>, et "
+"peut être surchargé par les options <option>-e</option>, <option>-m</option> "
+"ou <option>-c</option>"
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"Par défaut les mots de passe sont chiffrés par PAM, mais (même si cela est "
+"déconseillé) vous pouvez sélectionner une méthode de chiffrement différente "
+"avec les options <option>-e</option>, <option>-m</option> ou <option>-c</"
+"option>."
+
+#: chpasswd.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "<phrase condition=\"pam\">Except when PAM is used to encrypt the "
+#| "passwords,</phrase><command>chpasswd</command> first updates all the "
+#| "passwords in memory, and then commits all the changes to disk if no "
+#| "errors occured for any user."
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occurred for "
+"any user."
+msgstr ""
+"<phrase condition=\"pam\">Sauf quand PAM est utilisé pour chiffrer les mots "
+"de passe, </phrase><command>chpasswd</command> modifie d'abord tous les mots "
+"de passe en mémoire, puis propage toutes les modifications sur le disque si "
+"aucune erreur n'a eu lieu, quelque soit l'utilisateur."
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+"Quand PAM est utilisé pour chiffrer les mots de passe (et pour mettre à jour "
+"les mots de passe dans la base de données du système), si aucun mot de passe "
+"ne peut être mis à jour, <command>chpasswd</command> continuera la mise à "
+"jour des mots de passe pour les utilisateurs suivants, et renverra un code "
+"d'erreur en sortie."
+
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr ""
+"Cette commande est destinée aux gros systèmes pour lesquels un nombre "
+"importants de comptes sont créés en une seule fois."
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>chpasswd</command> sont :"
+
+#: chpasswd.8.xml:137(term)
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>MÉTHODE</replaceable>"
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr "Les méthodes disponibles sont DES, MD5 et NONE."
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr "Par défaut, PAM est utilisé pour chiffrer les mots de passe."
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+"Par défaut (si aucune des options <option>-c</option>, <option>-m</option> "
+"ou <option>-e</option> n'est précisée), la méthode de chiffrement est "
+"définie par les variables <option>ENCRYPT_METHOD</option> ou "
+"<option>MD5_CRYPT_ENAB</option> de <filename>/etc/login.defs</filename>."
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr "Indiquer que les mots de passe fournis sont chiffrés."
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr "<option>-m</option>, <option>--md5</option>"
+
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr ""
+"Permettre d'utiliser le chiffrement MD5, plutôt que DES, lorsque les mots de "
+"passe fournis ne sont pas chiffrés."
+
+#: chpasswd.8.xml:200(term)
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Par défaut, le nombre de rounds est défini par les variables "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> et <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> dans <filename>/etc/login.defs</filename>."
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr ""
+"Pensez à configurer les permissions ou umask afin d'empêcher la lecture des "
+"fichiers non chiffrés par les d'autres utilisateurs."
+
+#: chpasswd.8.xml:276(filename)
+msgid "/etc/pam.d/chpasswd"
+msgstr "/etc/pam.d/chpasswd"
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr "Configuration de PAM pour <command>chpasswd</command>."
+
+#: chpasswd.8.xml:286(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr ""
+
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr "Mettre à jour par lot des mots de passe des groupes"
+
+#: chgpasswd.8.xml:79(para)
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+"La commande <command>chgpasswd</command> lit une liste de paires de noms de "
+"groupes et de mots de passe depuis l'entrée standard et utilise ces "
+"informations pour mettre à jour un ensemble de groupes existants. Chaque "
+"ligne est au format suivant :"
+
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">nom_utilisateur</emphasis>:<emphasis remap=\"I"
+"\">mot_de_passe</emphasis>"
+
+#: chgpasswd.8.xml:88(para)
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+"Par défaut, le mot de passe doit être fourni en clair, et est chiffré par "
+"<command>chgpasswd</command>."
+
+#: chgpasswd.8.xml:92(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+#| "filename>, and can be overwiten with the <option>-e</option>, <option>-m</"
+#| "option>, or <option>-c</option> options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwritten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+"L'algorithme de chiffrement peut être défini pour le système avec la "
+"variable <option>ENCRYPT_METHOD</option> de <filename>/etc/login.defs</"
+"filename> et peut être surchargé avec les options <option>-e</option>, "
+"<option>-m</option> ou <option>-c</option>."
+
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>chgpasswd</command> sont :"
+
+#: chgpasswd.8.xml:238(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr "Modifier le nom complet et les informations associées à un utilisateur"
+
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+"La commande <command>chfn</command> modifie le nom complet d'un utilisateur, "
+"son numéro de bureau, son numéro de téléphone professionnel, son extension, "
+"et son numéro de téléphone personnel. Ces informations sont généralement "
+"affichées par <citerefentry><refentrytitle>finger</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> ou d'autres programmes "
+"similaires. Un utilisateur normal ne peut modifier que les informations "
+"associées à son propre compte, avec les restrictions précisées dans "
+"<filename>/etc/login.defs</filename>. (Par défaut, les utilisateurs ne "
+"peuvent pas modifier leur nom complet). Le superutilisateur peut modifier "
+"n'importe quel champ pour n'importe quel compte. De plus, seul le "
+"superutilisateur peut utiliser l'option <option>-o</option> pour modifier "
+"les parties non précisées du champ GECOS."
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+"Ces champs ne doivent contenir aucun « : ». À l'exception du champ <emphasis "
+"remap=\"I\">autre</emphasis>, ils ne doivent contenir aucune virgule ou "
+"signe égal. Il est également recommandé d'éviter les caractères non US-"
+"ASCII, mais cela n'est imposé que pour les numéros de téléphone. Le champ "
+"<emphasis remap=\"I\">autre</emphasis> est utilisé pour garder des "
+"informations de compte utilisées par d'autres applications."
+
+#: chfn.1.xml:112(para)
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr "Les options applicables à la commande <command>chfn</command> sont :"
+
+#: chfn.1.xml:117(term)
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>NOM_COMPLET</replaceable>"
+
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr "Modifier le nom complet de l'utilisateur."
+
+#: chfn.1.xml:125(term)
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>TEL_PERSO</replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr "Modifier le numéro de téléphone personnel de l'utilisateur."
+
+#: chfn.1.xml:133(term)
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>AUTRE</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+"Modifier les informations GECO de l'utilisateur. Ce champ est utilisé pour "
+"enregistrer les informations de l'utilisateur utilisées par d'autres "
+"applications et peut être changé seulement par un superutilisateur."
+
+#: chfn.1.xml:145(term)
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--room</option>&nbsp;"
+"<replaceable>NUMÉRO_DE_BUREAU</replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr "Modifier le numéro de bureau de l'utilisateur."
+
+#: chfn.1.xml:165(term)
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-u</option>, <option>--help</option>"
+
+#: chfn.1.xml:173(term)
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>TEL_PRO</replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr "Modifier le numéro de téléphone professionnel de l'utilisateur."
+
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+"Si aucune option n'est sélectionnée, <command>chfn</command> opère de "
+"manière interactive, demandant à l'utilisateur d'entrer les valeurs "
+"actuelles de chacun des champs. Entrer une nouvelle valeur pour la modifier, "
+"ou de laisser une ligne blanche pour conserver la valeur actuelle. La valeur "
+"actuelle est indiquée entre crochets (<emphasis remap=\"B\">[ ]</emphasis>). "
+"En l'absence d'option, <command>chfn</command> opère sur l'utilisateur "
+"actuel."
+
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "Modifier les informations de validité d'un mot de passe"
+
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+"La commande <command>chage</command> modifie le nombre de jours entre les "
+"changements de mot de passe et la date du dernier changement. Ces "
+"informations sont utilisées par le système pour déterminer si un utilisateur "
+"doit changer son mot de passe."
+
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>chage</command> sont :"
+
+#: chage.1.xml:97(term)
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;"
+"<replaceable>DERNIER_JOUR</replaceable>"
+
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+"Configurer le nombre du jour, à compter du 1er janvier 1970, où le mot de "
+"passe a été changé la dernière fois. La date peut aussi être exprimée dans "
+"le format AAAA-MM-JJ (ou le format utilisé plus communément dans votre "
+"région)."
+
+#: chage.1.xml:109(term)
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable>"
+
+# NOTE: s/date//
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+"Configurer la date, ou le nombre de jours à compter du 1er janvier 1970, à "
+"partir de laquelle le compte de l'utilisateur ne sera plus accessible. La "
+"date peut aussi être exprimée dans le format AAAA-MM-JJ (ou le format plus "
+"communément utilisé dans votre région). Un utilisateur dont le compte est "
+"bloqué doit contacter l'administrateur système pour pouvoir utiliser à "
+"nouveau le système."
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+"Une valeur de <emphasis remap=\"I\">-1</emphasis> pour "
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable> aura pour effet de supprimer la "
+"date de fin de validité."
+
+#: chage.1.xml:135(term)
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>DURÉE_INACTIVITÉ</replaceable>"
+
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+"Configurer le nombre de jours d'inactivité, après qu'un mot de passe ait "
+"dépassé la date de fin de validité, avant que le compte ne soit bloqué. La "
+"valeur <replaceable>DURÉE_INACTIVITÉ</replaceable> est le nombre de jours "
+"d'inactivité. Un utilisateur dont le compte est bloqué doit contacter "
+"l'administrateur système avant de pouvoir utiliser de nouveau le système."
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+"Une valeur de <emphasis remap=\"I\">-1</emphasis> pour "
+"<replaceable>DURÉE_INACTIVITÉ</replaceable> supprime la durée d'inactivité "
+"pour un compte."
+
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr "Afficher les informations sur l'âge des comptes."
+
+#: chage.1.xml:164(term)
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>JOURS_MIN</"
+"replaceable>"
+
+#: chage.1.xml:176(term)
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>JOURS_MAX</"
+"replaceable>"
+
+#: chage.1.xml:180(para)
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+"Configurer le nombre maximum de jours pendant lesquels un mot de passe est "
+"valable. Quand <replaceable>JOURS_MAX</replaceable> plus "
+"<replaceable>DERNIER_JOUR</replaceable> est inférieur à la date actuelle, "
+"l'utilisateur est obligé de changer son mot de passe avant de pouvoir "
+"utiliser son compte. Cet événement peut être déclenché plus tôt grâce à "
+"l'option <option>-W</option> qui prévient l'utilisateur à l'avance par un "
+"message d'alerte."
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+"Une valeur de <emphasis remap=\"I\">-1</emphasis> pour "
+"<replaceable>JOURS_MAX</replaceable> supprime la vérification de validité."
+
+#: chage.1.xml:209(term)
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>DURÉE_AVERTISSEMENT</replaceable>"
+
+#: chage.1.xml:213(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+"Configurer le nombre de jours d'avertissement avant que le changement de mot "
+"de passe ne soit obligatoire. La valeur <replaceable>DURÉE_AVERTISSEMENT</"
+"replaceable> est le nombre de jours précédant la fin de validité pendant "
+"lesquels un utilisateur sera prévenu que son mot de passe est sur le point "
+"d'arriver en fin de validité."
+
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Si aucune de ces options n'est donnée, <command>chage</command> utilise un "
+"mode interactif, demandant confirmation à l'utilisateur pour les valeurs de "
+"tous les champs. Entrez la nouvelle valeur pour modifier la valeur du champ, "
+"ou laissez la ligne vide pour conserver la valeur actuelle. La valeur "
+"actuelle est affichée entre crochets."
+
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr ""
+"Le programme <command>chage</command> nécessite l'utilisation d'un fichier "
+"de mots de passe cachés (« shadow password file »)."
+
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+"La commande <command>chage</command> est réservée à l'utilisateur root, sauf "
+"pour l'option <option>-l</option>, qui peut être utilisée par un utilisateur "
+"non privilégié pour lui permettre de savoir quand son mot de passe ou son "
+"compte arrivera en fin de validité."
+
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "impossible de trouver le fichier des mots de passe cachés"
+
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>chage</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr ""
+"Nicolas FRANÇOIS <nicolas.francois@centraliens.net>, 2005-2010Thomas Blein "
+"<tblein@tblein.eu>, 2011-2012Debian French l10n team <debian-l10n-"
+"french@lists.debian.org>, 2011-2012"
+
+#~ msgid "-M"
+#~ msgstr "-M"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "13"
+#~ msgstr "13"
+
+#~ msgid "can't create mail spool"
+#~ msgstr "impossible de créer le répertoire d'attente des courriels"
+
+#~ msgid ""
+#~ "The SELinux user for the user's login. The default is to leave this field "
+#~ "the blank, which causes the system to select the default SELinux user."
+#~ msgstr ""
+#~ "Identifiant SELinux du nouvel utilisateur. Cette valeur est vide par "
+#~ "défaut et, dans ce cas, le système sélectionnera l'utilisateur SELinux "
+#~ "par défaut."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "-q"
+#~ msgstr "-q"
+
+#~ msgid "-s"
+#~ msgstr "-s"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "new_users"
+#~ msgstr "nouveaux_utilisateurs"
+
+#~ msgid "full_name"
+#~ msgstr "nom_complet"
+
+#~ msgid "-f <placeholder-1/>"
+#~ msgstr "-f <placeholder-1/>"
+
+#~ msgid "room_no"
+#~ msgstr "no_bureau"
+
+#~ msgid "work_ph"
+#~ msgstr "tel_bureau"
+
+#~ msgid "-w <placeholder-1/>"
+#~ msgstr "-w <placeholder-1/>"
+
+#~ msgid "home_ph"
+#~ msgstr "tel_perso"
+
+#~ msgid "other"
+#~ msgstr "autre"
+
+#~ msgid "-o <placeholder-1/>"
+#~ msgstr "-o <placeholder-1/>"
+
+#~ msgid ""
+#~ "Note: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#~ "replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
+#~ "replaceable>=<replaceable>499</replaceable> doesn't work yet."
+#~ msgstr ""
+#~ "Note : <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#~ "replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
+#~ "replaceable>=<replaceable>499</replaceable> ne fonctionne pas pour "
+#~ "l'instant."
+
+#~ msgid "It can take one of these values: <placeholder-1/>"
+#~ msgstr "Il peut prendre une de ces valeurs : <placeholder-1/>"
+
+#~ msgid "The supplied passwords must be in clear-text."
+#~ msgstr "Les mots de passe doivent être fournis en clair."
+
+#~ msgid ""
+#~ "The encrypted password, as returned by "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>. The default is to disable the account."
+#~ msgstr ""
+#~ "Le mot de passe chiffré, comme renvoyé par "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>. Le comportement par défaut est de désactiver "
+#~ "le compte."
+
+# NOTE: shadowed, not encrypted
+#~ msgid "encrypted password file"
+#~ msgstr "fichier des mots de passe cachés"
+
+#~ msgid "comma-separated list of group administrators"
+#~ msgstr "liste d'administrateurs du groupe séparés par des virgules"
+
+#~ msgid ""
+#~ "The group name and password fields must be filled. The encrypted password "
+#~ "consists of characters from the 64-character alphabet a thru z, A thru Z, "
+#~ "0 thru 9, \\. and /. Refer to <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry> for details on how "
+#~ "this string is interpreted. If the password field contains some string "
+#~ "that is not valid result of <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, for instance ! or "
+#~ "*, the user will not be able to use a unix password to log in, subject to "
+#~ "<citerefentry><refentrytitle>pam</refentrytitle><manvolnum>7</manvolnum></"
+#~ "citerefentry>."
+#~ msgstr ""
+#~ "Les champs « nom du groupe » et « mot de passe » doivent être remplis. Le "
+#~ "mot de passe chiffré comprend 13 caractères pris dans l'alphabet de 64 "
+#~ "caractères a-z, A-Z, 0-9, \\. et /. Consultez "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry> pour plus d'informations sur le traitement de "
+#~ "cette chaîne. Si le champ du mot de passe contient une chaîne qui ne peut "
+#~ "pas être un résultat valable de <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, par exemple si "
+#~ "elle contient les caractères ! ou *, alors l'utilisateur ne pourra pas "
+#~ "utiliser son mot de passe UNIX pour se connecter. Ceci peut dépendre de "
+#~ "<citerefentry><refentrytitle>pam</refentrytitle><manvolnum>7</manvolnum></"
+#~ "citerefentry>."
+
+#, fuzzy
+#~ msgid ""
+#~ "The group ID of the given <replaceable>GROUP</replaceable> will be "
+#~ "changed to <replaceable>GID</replaceable>. The value of <replaceable>GID</"
+#~ "replaceable> must be a non-negative decimal integer. This value must be "
+#~ "unique, unless the <option>-o</option> option is used. Values between 0 "
+#~ "and 999 are typically reserved for system groups. Any files that have the "
+#~ "old group ID and must continue to belong to <replaceable>GROUP</"
+#~ "replaceable>, must have their group ID changed manually."
+#~ msgstr ""
+#~ "Indiquer la nouvelle Valeur numérique de l'identifiant du "
+#~ "<replaceable>GROUPE</replaceable> (« group ID » ou GID). La valeur de "
+#~ "<replaceable>GID</replaceable> doit être un entier décimal non négatif. "
+#~ "Cette valeur doit être unique, à moins que l'option <option>-o</option> "
+#~ "ne soit utilisée. Les valeurs comprises entre 0 et 999 sont généralement "
+#~ "réservées aux comptes système. Vous devrez modifier vous-même le groupe "
+#~ "propriétaire de tous les fichiers possédés par ce groupe."
+
+#~ msgid ""
+#~ "Note: if you use PAM, it is recommended to set this variable consistently "
+#~ "with the PAM modules configuration."
+#~ msgstr ""
+#~ "Remarque : si vous utilisez PAM, il est recommandé d'ajuster cette "
+#~ "variable de façon cohérente avec la configuration des modules PAM."
+
+#~| msgid ""
+#~| "<command>usermod</command> will not allow you to change the name of a "
+#~| "user who is logged in. You must make certain that the named user is not "
+#~| "executing any processes when this command is being executed if the "
+#~| "user's numerical user ID is being changed. You must change the owner of "
+#~| "any <command>crontab</command> files manually. You must change the owner "
+#~| "of any <command>at</command> jobs manually. You must make any changes "
+#~| "involving NIS on the NIS server."
+#~ msgid ""
+#~ "<command>usermod</command> will not allow you to change the name of an "
+#~ "user who is logged in. You must make certain that the named user is not "
+#~ "executing any processes when this command is being executed if the user's "
+#~ "numerical user ID is being changed. You must change the owner of any "
+#~ "<command>crontab</command> files manually. You must change the owner of "
+#~ "any <command>at</command> jobs manually. You must make any changes "
+#~ "involving NIS on the NIS server."
+#~ msgstr ""
+#~ "<command>Usermod</command> ne vous permet pas de modifier le nom d'un "
+#~ "utilisateur qui est actuellement connecté. Vous devez vous assurer que "
+#~ "l'utilisateur nommé n'est pas en train d'exécuter un quelconque programme "
+#~ "lorsque cette commande est exécutée si l'UID numérique de l'utilisateur "
+#~ "est modifié. Vous devez modifier vous-même le nom du propriétaire de tous "
+#~ "les fichiers <command>crontab</command> et des tâches <command>at</"
+#~ "command>. Vous devez effectuer toutes les modifications impliquant NIS "
+#~ "sur le serveur NIS."
+
+#~ msgid ""
+#~ "<command>userdel</command> will not allow you to remove an account if the "
+#~ "user is currently logged in. You must kill any running processes which "
+#~ "belong to an account that you are deleting."
+#~ msgstr ""
+#~ "<command>Userdel</command> ne vous permet pas de supprimer un compte si "
+#~ "l'utilisateur en question est actuellement connecté. Vous devez tuer tous "
+#~ "les processus en cours d'exécution appartenant à l'utilisateur que vous "
+#~ "êtes en train de supprimer."
+
+#~ msgid ""
+#~ "The group name or number of the user's new initial login group. The group "
+#~ "name must exist. A group number must refer to an already existing group. "
+#~ "The default group number is 1."
+#~ msgstr ""
+#~ "Nom du groupe ou identifiant numérique du groupe de connexion initial de "
+#~ "l'utilisateur. Le nom du groupe doit exister. Un numéro de groupe doit se "
+#~ "référer à un groupe déjà existant. Le numéro de groupe par défaut est de "
+#~ "1."
+
+#~ msgid ""
+#~ "The group name or number of the user's initial login group. The group "
+#~ "name must exist. A group number must refer to an already existing group. "
+#~ "The default group number is 1 or whatever is specified in <filename>/etc/"
+#~ "default/useradd</filename>."
+#~ msgstr ""
+#~ "Nom ou ou numéro du groupe de connexion initial de l'utilisateur. Le nom "
+#~ "du groupe doit exister. Un numéro de groupe doit se référer à un groupe "
+#~ "existant. Le numéro de groupe par défaut est de 1, ou la valeur indiquée "
+#~ "dans <filename>/etc/default/useradd</filename>."
+
+#~ msgid ""
+#~ "The group name or ID for a new user's initial group. The named group must "
+#~ "exist, and a numerical group ID must have an existing entry."
+#~ msgstr ""
+#~ "Nom de groupe ou identifiant numérique du groupe initial d'un nouvel "
+#~ "utilisateur. Le groupe spécifié doit exister, et un identifiant de groupe "
+#~ "numérique doit déjà exister."
+
+#~ msgid "days since Jan 1, 1970 that password was last changed"
+#~ msgstr ""
+#~ "nombre de jours, comptés à partir du 1er janvier 1970, depuis le dernier "
+#~ "changement de mot de passe"
+
+#~ msgid "days after which password must be changed"
+#~ msgstr "nombre de jours après lesquels le mot de passe doit être changé"
+
+#~ msgid "days before password is to expire that user is warned"
+#~ msgstr ""
+#~ "nombre de jours avant la fin de validité du mot de passe et pendant "
+#~ "lesquels l'utilisateur est averti"
+
+#~ msgid "days after password expires that account is disabled"
+#~ msgstr ""
+#~ "nombre de jours après la fin de validité provoquant la désactivation du "
+#~ "compte"
+
+#~ msgid "days since Jan 1, 1970 that account is disabled"
+#~ msgstr ""
+#~ "nombre de jours, comptés à partir du 1er janvier 1970, depuis que le "
+#~ "compte est désactivé"
+
+#, fuzzy
+#~ msgid ""
+#~ "The password field must be filled. The encrypted password consists of 13 "
+#~ "to 24 characters from the 64 character alphabet a thru z, A thru Z, 0 "
+#~ "thru 9, \\. and /. Optionally it can start with a \"$\" character. This "
+#~ "means the encrypted password was generated using another (not DES) "
+#~ "algorithm. For example if it starts with \"$1$\" it means the MD5-based "
+#~ "algorithm was used."
+#~ msgstr ""
+#~ "Le champ « mot de passe » doit être rempli. Le mot de passe chiffré "
+#~ "comprend 13 à 24 caractères pris dans l'alphabet de 64 caractère : a-z, A-"
+#~ "Z, 0-9, \\. et /. Il peut optionellement commencer par un caractère "
+#~ "« $ ». Ceci signifie que le mot de passe a été généré par un autre "
+#~ "algorithme (autre que DES). Par exemple, s'il commence par « $1$ », "
+#~ "l'algorithme basé sur MD5 a été utilisé."
+
+#~ msgid ""
+#~ "The date of the last password change is given as the number of days since "
+#~ "Jan 1, 1970. The password may not be changed again until the proper "
+#~ "number of days have passed, and must be changed after the maximum number "
+#~ "of days. If the minimum number of days required is greater than the "
+#~ "maximum number of day allowed, this password may not be changed by the "
+#~ "user."
+#~ msgstr ""
+#~ "La date de dernière modification du mot de passe est donnée par le nombre "
+#~ "de jours écoulés depuis le 1er janvier 1970 jusqu'au dernier changement "
+#~ "du mot de passe. Un mot de passe ne peut pas être changé de nouveau avant "
+#~ "le nombre de jours indiqués, et doit être modifié avant le nombre maximal "
+#~ "de jours spécifié. Si le nombre minimal de jours requis est plus grand "
+#~ "que le nombre maximal de jours de validité, ce mot de passe ne peut pas "
+#~ "être changé par l'utilisateur."
+
+#~ msgid ""
+#~ "An account is considered to be inactive and is disabled if the password "
+#~ "is not changed within the specified number of days after the password "
+#~ "expires. An account will also be disabled on the specified day regardless "
+#~ "of other password expiration information."
+#~ msgstr ""
+#~ "Un compte est considéré comme inactif et est désactivé si le mot de passe "
+#~ "n'est pas changé dans l'intervalle indiqué après la fin de la validité du "
+#~ "mot de passe. Un compte est également désactivé le jour indiqué quels que "
+#~ "soient les autres informations de validité."
+
+#~ msgid ""
+#~ "This information supersedes any password or password age information "
+#~ "present in <filename>/etc/passwd</filename>."
+#~ msgstr ""
+#~ "Ces informations sont prioritaires sur tous les autres champs présents "
+#~ "dans <filename>/etc/passwd</filename>."
+
+#, fuzzy
+#~ msgid ""
+#~ "This field will be checked for existence as a directory, and a new "
+#~ "directory with this name will be created if it does not already exist. "
+#~ "The ownership of the directory will be set to be that of the user being "
+#~ "created or updated."
+#~ msgstr ""
+#~ "L'existence du répertoire indiqué dans ce champ est vérifiée, et dans le "
+#~ "cas contraire, le répertoire est créé. Le propriétaire du répertoire sera "
+#~ "l'utilisateur dont le compte est créé ou mis à jour."
+
+#~ msgid "Display faillog records for all users."
+#~ msgstr "Afficher les échecs de tous les utilisateurs."
+
+#~ msgid ""
+#~ "Set maximum number of login failures after the account is disabled to "
+#~ "<replaceable>MAX</replaceable>. Selecting <replaceable>MAX</replaceable> "
+#~ "value of 0 has the effect of not placing a limit on the number of failed "
+#~ "logins. The maximum failure count should always be 0 for <emphasis>root</"
+#~ "emphasis> to prevent a denial of services attack against the system."
+#~ msgstr ""
+#~ "Fixer le nombre maximum d'échecs de connexion après lesquels le compte "
+#~ "sera désactivé à <emphasis remap=\"I\">MAX</emphasis>. Une limite "
+#~ "<replaceable>MAX</replaceable> de 0 aura pour effet de ne pas placer de "
+#~ "limite d'échec. La limite pour l'utilisateur <emphasis>root</emphasis> "
+#~ "devrait toujours être 0 pour éviter tout risque de déni de service contre "
+#~ "le système."
+
+#~ msgid ""
+#~ "The user's home directory will be created if it does not exist. The files "
+#~ "contained in <replaceable>SKEL_DIR</replaceable> will be copied to the "
+#~ "home directory if the <option>-k</option> option is used, otherwise the "
+#~ "files contained in <filename>/etc/skel</filename> will be used instead. "
+#~ "Any directories contained in <replaceable>SKEL_DIR</replaceable> or "
+#~ "<filename>/etc/skel</filename> will be created in the user's home "
+#~ "directory as well. The <option>-k</option> option is only valid in "
+#~ "conjunction with the <option>-m</option> option. The default is to not "
+#~ "create the directory and to not copy any files."
+#~ msgstr ""
+#~ "Le répertoire personnel de l'utilisateur sera créé s'il n'existe pas "
+#~ "déjà. Les fichiers contenus dans <replaceable>rép_squelette</replaceable> "
+#~ "seront copiés dans le répertoire personnel si l'option <option>-k</"
+#~ "option> est employée ; sinon, les fichiers contenus dans <filename>/etc/"
+#~ "skel</filename> seront utilisés à la place. Tous les répertoires contenus "
+#~ "dans <replaceable>rép_squelette</replaceable> ou dans <filename>/etc/"
+#~ "skel</filename> seront également créés dans le répertoire personnel de "
+#~ "l'utilisateur. L'option <option>-k</option> n'est valable qu'en "
+#~ "conjonction avec l'option <option>-m</option>. Le comportement par défaut "
+#~ "est de ne pas créer le répertoire, et de ne copier aucun fichier."
+
+#~ msgid ""
+#~ "Your password must be easily remembered so that you will not be forced to "
+#~ "write it on a piece of paper. This can be accomplished by appending two "
+#~ "small words together and separating each with a special character or "
+#~ "digit. For example, Pass%word."
+#~ msgstr ""
+#~ "Vous devez pouvoir vous souvenir facilement de votre mot de passe, afin "
+#~ "de ne pas avoir à le noter sur un morceau de papier. Pour ce faire, on "
+#~ "peut choisir d'accoler deux mots en les séparant avec un caractère "
+#~ "spécial ou un chiffre. Par exemple, Mot2passe."
+
+#~ msgid ""
+#~ "Other methods of construction involve selecting an easily remembered "
+#~ "phrase from literature and selecting the first or last letter from each "
+#~ "word. An example of this is:"
+#~ msgstr ""
+#~ "D'autres méthodes de construction utilisent une phrase facile à se "
+#~ "rappeler, et consistent à sélectionner la première ou la dernière lettre "
+#~ "de chaque mot. Voici un exemple [ NdT : en anglais ] :"
+
+#~ msgid "Ask not for whom the bell tolls"
+#~ msgstr "Ask not for whom the bell tolls."
+
+#~ msgid "which produces"
+#~ msgstr "Ce qui donne :"
+
+#~ msgid "An4wtbt"
+#~ msgstr "An4wtbt."
+
+#~ msgid ""
+#~ "You may be reasonably sure few crackers will have included this in their "
+#~ "dictionaries. You should, however, select your own methods for "
+#~ "constructing passwords and not rely exclusively on the methods given here."
+#~ msgstr ""
+#~ "Vous pouvez raisonnablement être assuré que quelques crackers ont "
+#~ "désormais inclus ces mots de passe dans leurs dictionnaires. Vous pouvez "
+#~ "également utiliser votre propre méthode de construction de mots de passe "
+#~ "et ne pas compter exclusivement sur les méthodes proposées ici."
+
+#~ msgid ""
+#~ "The only restriction placed on the contents of the fields is that no "
+#~ "control characters may be present, nor any of comma, colon, or equal "
+#~ "sign. The <emphasis remap=\"I\">other</emphasis> field does not have this "
+#~ "restriction, and is used to store accounting information used by other "
+#~ "applications."
+#~ msgstr ""
+#~ "La seule restriction pour le contenu des champs est qu'ils ne doivent "
+#~ "contenir aucun caractère de contrôle, ni aucune virgule, deux-points ou "
+#~ "signe égal. Le champ <emphasis remap=\"I\">autre</emphasis> n'a pas cette "
+#~ "limitation et peut être utilisé pour enregistrer des informations sur le "
+#~ "compte pour d'autres applications."
+
+#~ msgid ""
+#~ "Range of user IDs to choose from for the <command>useradd</command> "
+#~ "program."
+#~ msgstr ""
+#~ "Plage d'identifiants numériques d'utilisateur que <command>useradd</"
+#~ "command> peut utiliser."
+
+#~ msgid ""
+#~ "The <option>-t</option> flag overrides the use of <option>-u</option>."
+#~ msgstr ""
+#~ "L'utilisation de l'option <option>-t</option> supplante l'option <option>-"
+#~ "u</option>."
+
+# NOTE: shadow => gshadow
+#~ msgid ""
+#~ "By default, <command>grpck</command> operates on the files <filename>/etc/"
+#~ "group</filename> and <filename>/etc/gshadow</filename>. The user may "
+#~ "select alternate files with the <emphasis remap=\"I\">group</emphasis> "
+#~ "and <emphasis remap=\"I\">shadow</emphasis> parameters. Additionally, the "
+#~ "user may execute the command in read-only mode by specifying the <option>-"
+#~ "r</option> flag. This causes all questions regarding changes to be "
+#~ "answered <emphasis>no</emphasis> without user intervention. "
+#~ "<command>grpck</command> can also sort entries in <filename>/etc/group</"
+#~ "filename> and <filename>/etc/gshadow</filename> by GID. To run it in sort "
+#~ "mode pass it <option>-s</option> flag. No checks are performed then, it "
+#~ "just sorts."
+#~ msgstr ""
+#~ "Par défaut, <command>grpck</command> opère sur les fichiers <filename>/"
+#~ "etc/group</filename> et <filename>/etc/gshadow</filename>. L'utilisateur "
+#~ "peut spécifier d'autres fichiers avec les paramètres <emphasis remap=\"I"
+#~ "\">group</emphasis> et <emphasis remap=\"I\">gshadow</emphasis>. De plus, "
+#~ "l'utilisateur peut exécuter les commandes en lecture seule en utilisant "
+#~ "l'option <option>-r</option>. Ceci aura pour conséquence de répondre "
+#~ "<emphasis>no</emphasis> à toutes les questions demandant des "
+#~ "modifications, sans intervention de l'utilisateur. <command>Grpck</"
+#~ "command> permet aussi de trier les entrées de <filename>/etc/group</"
+#~ "filename> et <filename>/etc/gshadow</filename> par GID. Pour effectuer ce "
+#~ "tri, utilisez l'option <option>-s</option>. Aucune vérification n'est "
+#~ "alors effectuée, les entrées sont seulement triées."
+
+#~ msgid ""
+#~ "The name of the new user's login shell. The named program will be used "
+#~ "for all future new user accounts."
+#~ msgstr ""
+#~ "Nom de l'interpréteur de commandes initial (« login shell ») d'un nouvel "
+#~ "utilisateur. Le programme nommé sera utilisé pour tous les futurs "
+#~ "nouveaux comptes utilisateur."
+
+#~ msgid ""
+#~ "Group administrator can add and delete users using <option>-a</option> "
+#~ "and <option>-d</option> options respectively. Administrators can use "
+#~ "<option>-r</option> option to remove group password. When no password is "
+#~ "set only group members can use <command>newgrp</command> to join the "
+#~ "group. Option <option>-R</option> disables access via a password to the "
+#~ "group through <command>newgrp</command> command (however members will "
+#~ "still be able to switch to this group)."
+#~ msgstr ""
+#~ "Un administrateur de groupe peut ajouter ou supprimer des utilisateurs en "
+#~ "utilisant respectivement les options <option>-a</option> et <option>-d</"
+#~ "option>. Les administrateurs peuvent utiliser l'option <option>-r</"
+#~ "option> pour supprimer le mot de passe d'un groupe. Lorsqu'aucun mot de "
+#~ "passe n'est défini, seuls les membres d'un groupe peuvent utiliser "
+#~ "<command>newgrp</command> pour utiliser ce groupe. L'option <option>-R</"
+#~ "option> désactive l'accès au groupe via la commande <command>newgrp</"
+#~ "command> (sauf pour les membres du groupe)."
+
+#, fuzzy
+#~ msgid ""
+#~ "This field must contain name of group. When specified an existing group "
+#~ "name the named user will be added as a new member of this group. If "
+#~ "specified non-existent non-numerical group name a new group will be "
+#~ "created."
+#~ msgstr ""
+#~ "Ce champ peut être le nom d'un groupe existant, ce qui permet d'ajouter "
+#~ "l'utilisateur désigné dans la liste des membres du groupe. Si un "
+#~ "identifiant de groupe inexistant est indiqué, un nouveau groupe est créé, "
+#~ "avec cet identifiant de groupe."
diff --git a/man/po/it.po b/man/po/it.po
new file mode 100644
index 0000000..79e8475
--- /dev/null
+++ b/man/po/it.po
@@ -0,0 +1,10997 @@
+# Italian translations for shadow package.
+# Copyright © 2005 the shadow copyright holder.
+# This file is distributed under the same license as the shadow package.
+# Giuseppe Sacco <eppesuig@debian.org>, 2005, 2012.
+# Danilo Piazzalunga <danilopiazza@libero.it>, 2005.
+# Isabella Ruocco <isacher@nettaxi.com>, 1999.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.1.5\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2013-08-23 01:38+0200\n"
+"Last-Translator: Giuseppe Sacco <eppesuig@debian.org>\n"
+"Language-Team: Italian <tp@lists.linux.it>\n"
+"Language: it\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8-bit\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr ""
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr ""
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr ""
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr ""
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname)
+#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname)
+#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname)
+#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname)
+#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname)
+#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr ""
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr ""
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib)
+#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib)
+#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib)
+#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib)
+#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib)
+#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib)
+#: chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr ""
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr ""
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname)
+#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname)
+#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname)
+#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname)
+#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname)
+#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname)
+#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr ""
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr ""
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib)
+#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib)
+#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib)
+#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib)
+#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib)
+#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib)
+#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr ""
+
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "Comandi per la gestione del sistema"
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+msgid "shadow-utils"
+msgstr "shadow-utils"
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+# type: Plain text
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr ""
+"modifica i file delle password, dei gruppi, delle password shadow o dei "
+"gruppi shadow"
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable)
+#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable)
+#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable)
+#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable)
+#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable)
+#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable)
+#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "opzioni"
+
+# type: SH
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "DESCRIZIONE"
+
+# type: Plain text
+#: vipw.8.xml:90(para)
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"I comandi <command>vipw</command> e <command>vigr</command> permettono di "
+"modificare rispettivamente i file <filename>/etc/passwd</filename> e "
+"<filename>/etc/group</filename>. Con l'opzione <option>-s</option>, vengono "
+"aperte le versioni shadow di quei file, rispettivamente <filename>/etc/"
+"shadow</filename> e <filename>/etc/gshadow</filename>. I programmi si "
+"occupano di impostare i lock necessari per evitare la corruzione dei file. "
+"Per determinare l'editor da usare, i programmi prima provano con la "
+"variabile d'ambiente <envar>$VISUAL</envar>, poi con la variabile d'ambiente "
+"<envar>$EDITOR</envar> e infine con l'editor predefinito, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+# type: SH
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title)
+#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title)
+#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title)
+#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "OPZIONI"
+
+# type: Plain text
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr ""
+"Le opzioni per i comandi <command>vipw</command> e <command>vigr</command> "
+"sono:"
+
+# type: TP
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "Modifica del database «group»."
+
+# type: TP
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+# type: Plain text
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "Mostra un messaggio di aiuto ed esce."
+
+# type: IP
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "Modifica del database «passwd»."
+
+# type: IP
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "Modalità silenziosa."
+
+# type: IP
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+
+# type: Plain text
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+"Effettua le modifiche nella directory <replaceable>CHROOT_DIR</replaceable> "
+"e usa i file di configurazione dalla directory <replaceable>CHROOT_DIR</"
+"replaceable>."
+
+# type: IP
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "Modifica del database «shadow» o «gshadow»"
+
+# type: IP
+#: vipw.8.xml:156(term)
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr "Indica di quale utente modificare il file «shadow tcb»."
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title)
+#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title)
+#: chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr "CONFIGURAZIONE"
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+"Le seguenti variabili di configurazione in <filename>/etc/login.defs</"
+"filename> cambiano il comportamento di questo strumento:"
+
+# type: IP
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "<option>USE_TCB</option> (booleano)"
+
+# type: Plain text
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"Se <replaceable>yes</replaceable> viene usato lo schema "
+"<citerefentry><refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry> per lo «shadow» delle password."
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr "VARIABILI D'AMBIENTE"
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr "VISUAL"
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr "Editor da utilizzare."
+
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr "EDITOR"
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr "Editor da utilizzare se <option>VISUAL</option> non è impostata."
+
+# type: SH
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title)
+#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title)
+#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title)
+#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title)
+#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title)
+#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title)
+#: chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr "FILE"
+
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename)
+#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename)
+#: grpck.8.xml:224(filename) groups.1.xml:103(filename)
+#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename)
+#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename)
+#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename)
+#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+# type: Plain text
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "Informazioni sugli account di gruppo."
+
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+# type: Plain text
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "Informazioni sicure sugli account di gruppo."
+
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+# type: Plain text
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "Informazioni sugli account utente."
+
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+# type: Plain text
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "Informazioni sicure sugli account utente."
+
+# type: SH
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "VEDERE ANCHE"
+
+# type: Plain text
+#: vipw.8.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>"
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr ""
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname)
+#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname)
+#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname)
+#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname)
+#: groups.1.xml:40(surname) groupmod.8.xml:41(surname)
+#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname)
+#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname)
+#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname)
+#: chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr ""
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr ""
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+# type: Plain text
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "modifica l'account di un utente"
+
+# type: TH
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "LOGIN"
+
+# type: Plain text
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"Il comando <command>usermod</command> modifica i file di account del sistema "
+"in modo da riflettere i cambiamenti che sono specificati sulla riga di "
+"comando."
+
+# type: TP
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr "Il comando <command>usermod</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--append</option>"
+
+# type: IP
+#: usermod.8.xml:104(para)
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr ""
+"Aggiunge l'utente al/i gruppo/i supplmentare/i. Usare solo con l'opzione "
+"<option>-G</option>."
+
+# type: TP
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENTO</"
+"replaceable>"
+
+# type: Plain text
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"Il nuovo valore per il campo commento dell'utente nel file password. "
+"Normalmente viene modificato usando l'utilità "
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+# type: TP
+#: usermod.8.xml:124(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home-dir</option>&nbsp;"
+#| "<replaceable>HOME_DIR</replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+
+# type: Plain text
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr "La nuova directory home dell'utente."
+
+# type: Plain text
+#: usermod.8.xml:131(para)
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+"Se è data l'opzione <option>-m</option> il contenuto della directory home "
+"corrente sarà spostato nella nuova directory home, che viene creata se non "
+"esiste già."
+
+# type: TP
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>DATA_SCADENZA</replaceable>"
+
+# type: Plain text
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+"La data in cui l'account dell'utente verrà disabilitato. La data è "
+"specificata nel formato <emphasis remap=\"I\">AAAA-MM-GG</emphasis>."
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr ""
+"Un argomento <replaceable>DATA_SCADENZA</replaceable> vuoto disabilita la "
+"scadenza dell'account."
+
+# type: Plain text
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+"Questa opzione richiede il file <filename>/etc/shadow</filename>. Se non c'è "
+"ancora viene creata una voce nel file <filename>/etc/shadow</filename>."
+
+# type: TP
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INATTIVO</"
+"replaceable>"
+
+# type: Plain text
+#: usermod.8.xml:164(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr ""
+"Il numero di giorni dopo la scadenza di una password prima che l'account "
+"venga disabilitato permanentemente."
+
+# type: Plain text
+#: usermod.8.xml:168(para)
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr ""
+"Il valore 0 disabilita l'account non appena la password è scaduta, e il "
+"valore -1 disabilita questa funzionalità."
+
+# type: IP
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GRUPPO</"
+"replaceable>"
+
+# type: Plain text
+#: usermod.8.xml:185(para)
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr ""
+"Il nome o numero del gruppo da assegnare alla connessione dell'utente. Il "
+"gruppo deve esistere."
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr ""
+"Tutti i file nella directory home dell'utente che hanno come gruppo il "
+"precedente gruppo primario dell'utente stesso verranno modificati perché "
+"abbiano questo nuovo gruppo."
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr ""
+"Il gruppo dei file che si trovano all'esterno della directory home "
+"dell'utente andrà modificato manualmente."
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GRUPPO1</"
+"replaceable>[<emphasis remap=\"I\">,GRUPPO2,...</emphasis>[<emphasis remap="
+"\"I\">,GRUPPON</emphasis>]]]"
+
+# type: Plain text
+#: usermod.8.xml:204(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+"Una lista di gruppi supplementari di cui l'utente è altresì membro. Ciascun "
+"gruppo è separato dal successivo da una virgola, senza spazi bianchi "
+"intermedi. I gruppi sono soggetti alle stesse restrizioni del gruppo dato "
+"con l'opzione <option>-g</option>."
+
+# type: Plain text
+#: usermod.8.xml:211(para)
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+"Se l'utente è attualmente membro di un gruppo che non è elencato, l'utente "
+"verrà rimosso dal gruppo. Questo comportamento può essere cambiato con "
+"l'opzione <option>-a</option> che aggiunge all'utente i gruppi supplementari "
+"dei quali fa attualmente parte."
+
+# type: IP
+#: usermod.8.xml:220(term)
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NUOVO_LOGIN</"
+"replaceable>"
+
+# type: Plain text
+#: usermod.8.xml:224(para)
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+"Il nome dell'utente verrà cambiato da <replaceable>LOGIN</replaceable> a "
+"<replaceable>NUOVO_LOGIN</replaceable>. Niente altro viene cambiato. In "
+"particolare, la directory home dell'utente e la casella di posta dovrebbero "
+"probabilmente essere modificate manualmente in modo da riflettere il nuovo "
+"nome di login."
+
+# type: IP
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+"Blocca la password di un utente. Questo inserisce un «!» davanti alla "
+"password cifrata, disabilitandola. Non si può utilizzare questa opzione con "
+"le opzioni <option>-p</option> e <option>-U</option>."
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+"Nota: se si vuole bloccare l'account (non solo l'accesso tramite password), "
+"si deve anche impostare <replaceable>DATA_SCADENZA</replaceable> a "
+"<replaceable>1</replaceable>."
+
+# type: IP
+#: usermod.8.xml:253(term)
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr "<option>-m</option>, <option>--move-home</option>"
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr ""
+"Sposta il contenuto della directory home di un utente nella nuova posizione."
+
+# type: IP
+#: usermod.8.xml:261(para)
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr ""
+"Questa opzione è valida solo in combinazioone con l'opzione <option>-d</"
+"option> (o <option>--home</option>)."
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+"<command>usermod</command> cercherà di adattare la proprietà dei file e di "
+"copiare i permessi, le ACL e gli attributi estesi, ma successive modifiche "
+"manuali potrebbe comunque essere necessarie."
+
+# type: TP
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr "<option>-o</option>, <option>--non-unique</option>"
+
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr ""
+"Quando è usata con l'opzione <option>-u</option> questa opzione permette di "
+"modificare l'ID utente in un valore non univoco."
+
+# type: TP
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+
+# type: Plain text
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+"La passwird cifrata, così come viene restituita da "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+"<emphasis role=\"bold\">Nota:</emphasis> questa opzione non è consigliata "
+"perché la password (o password cifrata) sarà visibile agli utenti che "
+"elencano i processi."
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+"La password verrà scritta nel file locale <filename>/etc/passwd</filename> o "
+"<filename>/etc/shadow</filename>. Questo potrebbe essere diverso dal "
+"database delle password configurato per l'utilizzo da PAM."
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr ""
+"Ci si deve accertare che la password rispetti le norme delle password del "
+"sistema."
+
+# type: TP
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+
+# type: Plain text
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+"Il nome della nuova shell di login dell'utente. Lasciando questo campo vuoto "
+"si fa in modo che il sistema selezioni la shell di login predefinita."
+
+# type: TP
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr "Il nuovo valore numerico dell'ID utente."
+
+# type: Plain text
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+"Questo valore deve essere univoco, a meno che non sia utilizzata l'opzione "
+"<option>-o</option>. Il valore non può essere negativo."
+
+# type: Plain text
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr ""
+"La casella di posta dell'utente e ogni altro file di proprietà dell'utente "
+"che si trovi all'interno della directory home avrà l'ID utente cambiato "
+"automaticamente."
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr ""
+"La proprietà dei file esterni alla directory home dell'utente va corretta "
+"manualmente."
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Non vengono fatti controlli riguardo <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option> o "
+"<option>SYS_UID_MAX</option> dal file <filename>/etc/login.defs</filename>."
+
+# type: IP
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr "<option>-U</option>, <option>--unlock</option>"
+
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+"Sblocca la password di un utente. Questo rimuove il «!» davanti alla "
+"password cifrata. Non si può usare questa opzione con l'opzione <option>-p</"
+"option> o <option>-L</option>."
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+"Nota: se si vuole sbloccare l'account (non solo l'accesso con password) si "
+"deve anche impostare <replaceable>DATA_SCADENZA</replaceable> (per esempio a "
+"<replaceable>99999</replaceable> o al valore <option>EXPIRE</option> dal "
+"file <filename>/etc/default/useradd</filename>)."
+
+# type: IP
+#: usermod.8.xml:384(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLO</replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>UID_MIN</option>, "
+#| "<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+#| "<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Non vengono fatti controlli riguardo <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option> o "
+"<option>SYS_UID_MAX</option> dal file <filename>/etc/login.defs</filename>."
+
+# type: IP
+#: usermod.8.xml:402(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLO</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subuids</option> and <option>--add-"
+"subuids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+
+# type: IP
+#: usermod.8.xml:422(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLO</replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>GID_MIN</option>, "
+#| "<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+#| "<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Non verrà effettuato nessun controllo riguardo i limiti <option>GID_MIN</"
+"option>, <option>GID_MAX</option>, <option>SYS_GID_MIN</option> o "
+"<option>SYS_GID_MAX</option> definiti in <filename>/etc/login.defs</"
+"filename>."
+
+# type: IP
+#: usermod.8.xml:440(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLO</replaceable>"
+
+#: usermod.8.xml:444(para)
+#, fuzzy
+#| msgid "Remove any SELinux user mapping for the user's login."
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr "Rimuove tutti gli utenti SELinux assegnati al login utente."
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subgids</option> and <option>--add-"
+"subgids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+
+# type: IP
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>UTENTESE</replaceable>"
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr "Il nuovo utente SELinux per il login dell'utente."
+
+# type: Plain text
+#: usermod.8.xml:467(para)
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+"Un <replaceable>UTENTESE</replaceable> vuoto rimuoverà la mappatura per "
+"l'utente SELinux da <replaceable>LOGIN</replaceable> (se presente)."
+
+# type: SH
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title)
+#: faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr "AVVISI/CAVEAT"
+
+#: usermod.8.xml:479(para)
+#, fuzzy
+#| msgid ""
+#| "You must make certain that the named user is not executing any processes "
+#| "when this command is being executed if the user's numerical user ID, the "
+#| "user's name, or the user's home directory is being changed. "
+#| "<command>usermod</command> checks this on Linux, but only check if the "
+#| "user is logged in according to utmp on other architectures."
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux. On other platforms it only "
+"uses utmp to check if the user is logged in."
+msgstr ""
+"Se si cambia l'ID numerico, il nome dell'utente o la sua directory home, si "
+"deve verificare che l'utente in questione non stia eseguendo nessun processo "
+"al momento dell'esecuzione del comando.\n"
+"<command>usermod</command> effettua questo controllo in Linux, ma su altri "
+"sistemi controlla solo che non sia registrato come collegato in utmp."
+
+#: usermod.8.xml:486(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+"Si deve cambiare manualmente il proprietario di eventuali file "
+"<command>crontab</command> e compiti <command>at</command>."
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr ""
+"Si devono apportare tutte le modifiche che riguardano NIS sul server NIS."
+
+# type: IP
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr "<option>MAIL_DIR</option> (testo)"
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+"La directory di spool per la posta. Questa è necessaria per manipolare la "
+"casella di posta quando il corrispondente account utente viene modificato o "
+"cancellato. Se non è specificata viene utilizzato un valore impostato al "
+"momento della compilazione."
+
+# type: IP
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr "<option>MAIL_FILE</option> (testo)"
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr ""
+"Imposta la posizione delle caselle di posta degli utenti relative alla loro "
+"directory home."
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+"Le variabili <option>MAIL_DIR</option> e <option>MAIL_FILE</option> vengono "
+"utilizzate da <command>useradd</command>, <command>usermod</command> e "
+"<command>userdel</command> per creare, spostare e cancellare le caselle di "
+"posta dell'utente."
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+"Se <option>MAIL_CHECK_ENAB</option> è impostata a <replaceable>yes</"
+"replaceable> allora sono anche utilizzate per impostare la variabile "
+"d'ambiente <envar>MAIL</envar>."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr "<option>MAX_MEMBERS_PER_GROUP</option> (numero)"
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+"Numero massimo di membri per gruppo. Quando viene raggiunto il massimo, "
+"viene creata una nuova riga per il gruppo nel file <filename>/etc/group</"
+"filename> (con lo stesso nome, stessa password e stesso GID)."
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr ""
+"Il valore predefinito è 0, che non pone nessun limite al numero di membri "
+"per gruppo."
+
+#. Note: on HP, split groups have the same ID, but different
+#.                names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+"Questa opzione (dividi gruppo) permette di limitare la lunghezza delle righe "
+"nel file «group». Questo è utile per essere certi che le righe per gruppi "
+"NIS non eccedano i 1024 caratteri."
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr "Se si deve impostare questo limite, si può usare 25."
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+"Nota: la divisione dei gruppi potrebbe non essere supportata da ogni "
+"strumento (anche all'interno del pacchetto Shadow). Non si dovrebbe "
+"utilizzare questa variabile a meno di esserci forzati."
+
+# type: IP
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (numerico)"
+
+# type: IP
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MAX</option> (number)"
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (numerico)"
+
+# type: IP
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (numerico)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_GID_MIN</option> (resp. "
+#| "<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Il valore predefinito per <option>SYS_GID_MIN</option> (rispettivamente "
+"<option>SYS_GID_MAX</option>) è 101 (rispettivamente <option>GID_MIN</"
+"option>-1)."
+
+# type: IP
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (numerico)"
+
+# type: IP
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MAX</option> (number)"
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (numerico)"
+
+# type: IP
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (numerico)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_UID_MIN</option> (resp. "
+#| "<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Il valore predefinito per <option>SYS_UID_MIN</option> (rispettivamente "
+"<option>SYS_UID_MAX</option>) è 101 (rispettivamente <option>UID_MIN</"
+"option>-1)."
+
+# type: IP
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr "<option>TCB_SYMLINKS</option> (booleano)"
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+"  use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+"  kilos = UID / 1000\n"
+"  use /etc/tcb/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+"  megas = UID / 1000000\n"
+"  kilos = ( UID / megas * 1000000 ) / 1000\n"
+"  use /etc/tcb/:megas/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+"      "
+msgstr ""
+"\n"
+"se ( UID è minore di 1000) {\n"
+"  usa /etc/tcb/user\n"
+"} altrimenti se ( UID è minore di 1000000) {\n"
+"  migliaia = UID / 1000\n"
+"  usa /etc/tcb/:migliaia/user\n"
+"  crea link simbolico da /etc/tcb/user alla directory precedente\n"
+"} altrimenti {\n"
+"  milioni = UID / 1000000\n"
+"  migliaia = ( UID / megas * 1000000 ) / 1000\n"
+"  usa /etc/tcb/:milioni/:migliaia/user\n"
+"  crea link simbolico da /etc/tcb/user alla directory precedente\n"
+"}\n"
+"    "
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+"Se <replaceable>yes</replaceable> la posizione della directory utente tcb "
+"non verrà creata automaticamente come /etc/tcb/user, ma verrà determinato in "
+"base all'UID dell'utente secondo questo algoritmo: <placeholder-1/>"
+
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr "/etc/login.defs"
+
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr "Configurazione del pacchetto password shadow"
+
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+# type: Plain text
+#: usermod.8.xml:562(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr "userdel"
+
+# type: Plain text
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr "rimuove l'account di un utente ed i file relativi"
+
+# type: Plain text
+#: userdel.8.xml:85(para)
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+"Il comando <command>userdel</command> modifica i file di account del "
+"sistema, rimuovendo tutte le voci che si riferiscono al nome utente "
+"<emphasis remap=\"I\">LOGIN</emphasis>. L'utente indicato deve esistere."
+
+# type: TP
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr "Il comando <command>userdel</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr "<option>-f</option>, <option>--force</option>"
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+"Questa opzione forza la cancellazione di un account utente anche se l'utente "
+"è ancora collegato al sistema. Inoltre forza <command>userdel</command> a "
+"rimuovere la directory home dell'utente e la casella di posta anche se un "
+"altro utente usa la stessa directory home o se la casella di posta non è di "
+"proprietà dell'utente specificato. Se <option>USERGROUPS_ENAB</option> è "
+"impostato a <emphasis remap=\"I\">yes</emphasis> in <filename>/etc/login."
+"defs</filename> e se esiste un gruppo con lo stesso nome dell'utente "
+"cancellato, allora il gruppo stesso viene cancellato anche se risulta il "
+"gruppo primario di un altro utente."
+
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr ""
+"<emphasis>Nota:</emphasis> questa opzione è pericolosa e può lasciare il "
+"sistema in uno stato incoerente."
+
+# type: IP
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+# type: Plain text
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+"I file nella home directory dell'utente verranno rimossi insieme alla home "
+"directory stessa e alla casella di posta dell'utente. I file collocati in "
+"altri file system dovranno essere cercati e rimossi manualmente."
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+"La directory di spool per la posta è definita dalla variabile "
+"<option>MAIL_DIR</option> nel file <filename>login.defs</filename>."
+
+# type: IP
+#: userdel.8.xml:158(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr "<option>-Z</option>, <option>--selinux-user</option>"
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr "Rimuove tutti gli utenti SELinux assegnati al login utente."
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr "<option>USERDEL_CMD</option> (testo)"
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+"Se definito, questo comando viene eseguito quando si cancella un utente. "
+"Dovrebbe rimuovere tutti i compiti di stampa/cron/at di proprietà "
+"dell'utente da cancellare (passato come primo argomento)."
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr ""
+"Il codice d'uscita restituito dallo script non è preso in considerazione."
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+"      "
+msgstr ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Verifica la presenza dell'argomento obbligatorio\n"
+"if [ $# != 1 ]; then\n"
+"   echo \"Uso: $0 username\"\n"
+"   exit 1\n"
+"fi\n"
+"\n"
+"# Rimuove i compiti di cron\n"
+"crontab -r -u $1\n"
+"\n"
+"# Rimuove i compiti di at\n"
+"# Nota che verranno rimossi tutti i compiti di proprietà dello stesso UID,\n"
+"# anche se condiviso con un altro nome utente.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Rimuove le stampe\n"
+"lprm $1\n"
+"\n"
+"# Finito.\n"
+"exit 0\n"
+"    "
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+"Ecco uno script di esempio che rimuove i job dell'utente, sia di cron che at "
+"che di stampa: <placeholder-1/>"
+
+# type: IP
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr "<option>USERGROUPS_ENAB</option> (booleano)"
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+"Abilita l'impostazione dei bit di gruppo di umask in modo che siano gli "
+"stessi dei bit del proprietario (esempio: 022 -&gt; 002, 077 -&gt; 007) per "
+"utenti non root a condizione che uid e gid siano identici e che il nome "
+"utente sia lo stesso del gruppo primario."
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+"Se impostato a <replaceable>yes</replaceable>, <command>userdel</command> "
+"cancellerà il gruppo dell'utente se non contiene altri membri, e "
+"<command>useradd</command> creerà automaticamente un gruppo con lo stesso "
+"nome dell'utente."
+
+# type: SH
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr "VALORI RESTITUITI"
+
+# type: IP
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr "0"
+
+# type: Plain text
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr "successo"
+
+# type: IP
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum)
+#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr "1"
+
+# type: Plain text
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr "impossibile aggiornare il file delle password"
+
+# type: IP
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr "2"
+
+# type: Plain text
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr "sintassi del comando errata"
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr "6"
+
+# type: Plain text
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr "l'utente specificato non esiste"
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr "utente attualmente connesso al sistema"
+
+# type: IP
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr "10"
+
+# type: Plain text
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr "non è possibile aggiornare il file group"
+
+# type: IP
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr "12"
+
+# type: Plain text
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr "non è possibile cancellare la directory home"
+
+# type: TP
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Il comando <command>userdel</command> esce con i seguenti valori: "
+"<placeholder-1/>"
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+"<command>userdel</command> non permetterà la cancellazione di un account se "
+"ci sono in esecuzione processi dell'account stesso. In quel caso si deve "
+"prima terminare quei processi o bloccare la password o l'account, e "
+"cancellare l'account successivamente. L'opzione <option>-f</option> forza la "
+"cancellazione dell'account."
+
+# type: Plain text
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr ""
+"Occorre controllare manualmente tutti i file system per assicurarsi che non "
+"rimanga nessun file di proprietà di questo utente."
+
+# type: Plain text
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr ""
+"Non è possibile rimuovere nessun attributo NIS su un client NIS. Questo deve "
+"essere fatto sul server NIS."
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+"Se <option>USERGROUPS_ENAB</option> è impostato a <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> cancellerà il gruppo che ha lo stesso nome dell'utente. Per evitare "
+"incoerenze tra i database di passwd e group, <command>userdel</command> "
+"verificherà che questo gruppo non sia utilizzato come gruppo primario da "
+"altri utenti, e nel caso emetterà un avviso senza cancellare il gruppo. "
+"L'opzione <option>-f</option> forza la cancellazione di questo gruppo."
+
+# type: Plain text
+#: userdel.8.xml:309(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr "useradd"
+
+# type: Plain text
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+"crea un nuovo utente o aggiorna le informazioni predefinite per i nuovi "
+"utenti"
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr "-D"
+
+# type: Plain text
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+"Quando viene invocato senza l'opzione <option>-D</option>, il comando "
+"<command>useradd</command> crea un nuovo account di utente usando i valori "
+"specificati sulla riga di comando ed i valori predefiniti dal sistema. A "
+"seconda dalle opzioni nella riga di comando, il comando <command>useradd</"
+"command> aggiornerà i file di sistema che lo necessitano, creerà la home "
+"directory, e lì verranno copiati i file iniziali."
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+"Normalmente viene anche creato un gruppo per il nuovo utente (vedere "
+"<option>-g</option>, <option>-N</option>, <option>-U</option> e "
+"<option>USERGROUPS_ENAB</option>).\""
+
+# type: Plain text
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr "Il comando <command>useradd</command> accetta le seguenti opzioni:"
+
+# type: TP
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+
+#: useradd.8.xml:133(para)
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+"La directory base predefinita, nel caso che l'opzione <option>-d</"
+"option>&nbsp;<replaceable>HOME_DIR</replaceable> non sia specificata. "
+"<replaceable>BASE_DIR</replaceable> viene concatenata con il nome "
+"dell'account per definire la directory home. Se l'opzione <option>-m</"
+"option> non è usata, <replaceable>BASE_DIR</replaceable> deve esistere."
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+"Se questa opzione non è specificata, <command>useradd</command> userà la "
+"directory base specificata dalla variabile <option>HOME</option> in "
+"<filename>/etc/default/useradd</filename> oppure la costante <filename>/"
+"home</filename>."
+
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr ""
+"Un testo qualsiasi. Di norma è una breve descrizione del login, ed è "
+"attualmente usato come nome completo dell'utente."
+
+# type: TP
+#: useradd.8.xml:162(term)
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+
+# type: Plain text
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+"Il nuovo utente verrà creato usando <replaceable>HOME_DIR</replaceable> come "
+"valore per la directory di login dell'utente. Il comportamento predefinito è "
+"di aggiungere il nome <replaceable>LOGIN</replaceable> in fondo a "
+"<replaceable>BASE_DIR</replaceable> ed usare quello come nome di directory "
+"di login. Non è necessario che la directory <replaceable>HOME_DIR</"
+"replaceable> esista, ma se non ci fosse non verrà creata."
+
+# type: IP
+#: useradd.8.xml:178(term)
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr "<option>-D</option>, <option>--defaults</option>"
+
+# type: SS
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr "Vedere oltre, la sezione «Cambiare i valori predefiniti»."
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+"Se non specificato diversamente, <command>useradd</command> userà la data di "
+"scadenza impostata con la variabile <option>EXPIRE</option> nel file "
+"<filename>/etc/default/useradd</filename> o un campo vuoto (nessuna "
+"scadenza)."
+
+# type: Plain text
+#: useradd.8.xml:209(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+"Il numero di giorni dopo la scadenza della password prima che l'account "
+"venga permanentemente disabilitato. Un valore pari a 0 disabilita l'account "
+"non appena la password è scaduta, ed un valore pari a -1 disabilita questa "
+"funzionalità."
+
+# type: Plain text
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+"Il comportamento predefinito di <command>useradd</command> è di usare il "
+"periodo di inattività specificato dalla variabile <option>INACTIVE</option> "
+"del file <filename>/etc/default/useradd</filename> oppure -1 (con variabile "
+"assente)."
+
+# type: Plain text
+#: useradd.8.xml:228(para)
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+"Il nome o numero del gruppo di connessione iniziale dell'utente.  Il nome "
+"del gruppo deve esistere. Un numero di gruppo deve riferirsi ad un gruppo "
+"già esistente."
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+"Se non specificato, il comportamento di <command>useradd</command> varierà "
+"in base alla variabile <option>USERGROUPS_ENAB</option> del file <filename>/"
+"etc/login.defs</filename>. Se questa variabile è impostata a "
+"<replaceable>yes</replaceable> (o se è stata usata l'opzione <option>-U/--"
+"user-group</option> nella riga di comando) verrà creato un gruppo per "
+"l'utente con lo stesso nome. Se la variabile è impostata a <replaceable>no</"
+"replaceable> (o se è stata usata l'opzione <option>-N/--no-user-group</"
+"option> nella riga di comando) useradd imposterà il gruppo primario "
+"dell'utente in base a quello impostato nella variabile <option>GROUP</"
+"option> del file <filename>/etc/default/useradd</filename> o a 100 se non "
+"specificato."
+
+# type: Plain text
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+"Una lista di gruppi supplementari di cui l'utente è altresì membro. Ciascun "
+"gruppo è separato dal successivo da una virgola, senza spazi bianchi "
+"intermedi. I gruppi sono soggetti alle stesse restrizioni del gruppo dato "
+"con l'opzione <option>-g</option>. Il comportamento predefinito è che "
+"l'utente appartenga solo al gruppo iniziale."
+
+# type: IP
+#: useradd.8.xml:272(term)
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+"La directory «skeleton» che contiene file e directory da copiare nella "
+"directory home dell'utente quando viene creata da <command>useradd</command>."
+
+# type: IP
+#: useradd.8.xml:281(para)
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr ""
+"Questa opzione è valida solo se anche l'opzione <option>-m</option> (o "
+"<option>--create-home</option>) è stata specificata."
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+"Se questa opzione non è impostata, la directory «skeleton» è definita dalla "
+"variabile <option>SKEL</option> nel file <filename>/etc/default/useradd</"
+"filename> o, altrimenti, vale <filename>/etc/skel</filename>."
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr "Se possibile vengono copiate le ACL e gli attributi estesi."
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>."
+
+#: useradd.8.xml:301(para)
+#, fuzzy
+#| msgid ""
+#| "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+#| "option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+#| "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+#| "<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+#| "replaceable>=<replaceable>-1</replaceable> can be used when creating "
+#| "system account to turn off password ageing, even though system account "
+#| "has no password at all. Multiple <option>-K</option> options can be "
+#| "specified, e.g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+#| "<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password aging, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Forza l'impostazione al di là di quanto specificato in <filename>/etc/login."
+"defs</filename> (<option>UID_MIN</option>, <option>UID_MAX</option>, "
+"<option>UMASK</option>, <option>PASS_MAX_DAYS</option> e altri). "
+"<placeholder-1/> Esempio: <option>-K</option>&nbsp;"
+"<replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</replaceable> può "
+"essere usato durante la creazione di account di sistema per disabilitare la "
+"scadenza della password anche se l'account di sistema non ha affatto la "
+"password. Possono essere specificate più opzioni <option>-K</option>, come "
+"in: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+# type: IP
+#: useradd.8.xml:322(term)
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr "<option>-l</option>, <option>--no-log-init</option>"
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr "Non aggiunge l'utente ai database «lastlog» e «faillog»."
+
+#: useradd.8.xml:327(para)
+#, fuzzy
+#| msgid ""
+#| "By default, the user's entries in the lastlog and faillog databases are "
+#| "resetted to avoid reusing the entry from a previously deleted user."
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+"Normalmente i dati utente nei database «lastlog» e «faillog» vengono "
+"azzerati per evitare di riutilizzare dati di un utente cancellato in "
+"precedenza."
+
+# type: IP
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+"Crea la directory home dell'utente nel caso in cui non esista. I file e "
+"directory contenuti nella directory «skeleton» (che può essere definita con "
+"l'opzione <option>-k</option>) vengono copiati nella directory home."
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+"Se questa opzione non viene utilizzata e se non è attiva la voce "
+"<option>CREATE_HOME</option>, la directory non viene creata."
+
+# type: IP
+#: useradd.8.xml:353(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+"Non crea la directory home dell'utente nonostante la configurazione di "
+"sistema in <filename>/etc/login.defs</filename> (<option>CREATE_HOME</"
+"option>) sia impostata a <replaceable>yes</replaceable>."
+
+# type: TP
+#: useradd.8.xml:366(term)
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr "<option>-N</option>, <option>--no-user-group</option>"
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+"Non crea un gruppo con lo stesso nome dell'utente, ma aggiunge l'utente al "
+"gruppo specificato con l'opzione <option>-g</option> o tramite la variabile "
+"<option>GROUP</option> nel file <filename>/etc/default/useradd</filename>."
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"Il comportamento predefinito (se le opzioni <option>-g</option>, <option>-N</"
+"option> e <option>-U</option> non sono specificate) è definito dalla "
+"variabile <option>USERGROUPS_ENAB</option> nel file <filename>/etc/login."
+"defs</filename>."
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr "Permette la creazione di un utente con un UID duplicato (non unico)."
+
+# type: IP
+#: useradd.8.xml:390(para)
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr ""
+"Questa opzione è valida solo congiuntamente all'opzione <option>-u</option>."
+
+# type: Plain text
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+"La password cifrata, come restituita da <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. Il comportamento "
+"predefinito è di disabilitare la password."
+
+# type: IP
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr "<option>-r</option>, <option>--system</option>"
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr "Crea un account di sistema."
+
+#: useradd.8.xml:425(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Gli utenti di sistema vengono creati senza le informazioni sulla scadenza in "
+"<filename>/etc/shadow</filename> e con l'ID numerico scelto nell'intervallo "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>, definito nel file "
+"<filename>/etc/login.defs</filename>, anziché <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (e le loro controparti <option>GID</option> per la "
+"creazione dei gruppi)."
+
+#: useradd.8.xml:434(para)
+#, fuzzy
+#| msgid ""
+#| "Note that <command>useradd</command> will not create a home directory for "
+#| "such an user, regardless of the default setting in <filename>/etc/login."
+#| "defs</filename> (<option>CREATE_HOME</option>). You have to specify the "
+#| "<option>-m</option> options if you want a home directory for a system "
+#| "account to be created."
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such a user, regardless of the default setting in <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-"
+"m</option> options if you want a home directory for a system account to be "
+"created."
+msgstr ""
+"Notare che <command>useradd</command> non creerà la directory home per "
+"questi utenti indipendentemente da quanto impostato in <filename>/etc/login."
+"defs</filename> (<option>CREATE_HOME</option>). Si deve specificare "
+"l'opzione <option>-m</option> se si vuole creare la directory home per un "
+"account di sistema."
+
+# type: Plain text
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+"Il nome della shell di login dell'utente. Il comportamento predefinito è di "
+"lasciare vuoto questo campo, che fa sì che il sistema selezioni la shell di "
+"connessione predefinita tramite la variabile <option>SHELL</option> in "
+"<filename>/etc/default/useradd</filename>, oppure un testo vuoto."
+
+# type: Plain text
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+"Il valore numerico dell'identificatore (ID) dell'utente. Questo valore deve "
+"essere univoco, a meno che non venga usata l'opzione <option>-o</option>. Il "
+"valore non deve essere negativo. La scelta predefinita è quella di usare il "
+"minimo valore di ID maggiore o eguale a <option>UID_MIN</option> e maggiore "
+"a qualunque altro utente."
+
+# type: Plain text
+#: useradd.8.xml:482(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr ""
+"Vedere anche la descrizione dell'opzione <option>-r</option> e "
+"<option>UID_MAX</option>"
+
+# type: TP
+#: useradd.8.xml:489(term)
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr "<option>-U</option>, <option>--user-group</option>"
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr ""
+"Crea un gruppo con lo stesso nome dell'utente e aggiunge l'utente al gruppo "
+"stesso."
+
+# type: Plain text
+#: useradd.8.xml:510(para)
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+"L'utente SELinux per questo login utente. Lasciando questo campo vuoto si fa "
+"in modo che il sistema selezioni automaticamente l'utente SELinux."
+
+# type: SS
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr "Cambiare i valori predefiniti"
+
+# type: Plain text
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+"Quando invocato con la sola opzione <option>-D</option>, <command>useradd</"
+"command> mostrerà i valori predefiniti correnti. Quando invocato con "
+"l'opzione <option>-D</option> e altre opzioni, <command>useradd</command> "
+"aggiornerà i valori predefiniti per le opzioni specificate. Le opzioni "
+"valide sono:"
+
+# type: Plain text
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+"Il prefisso del percorso per la directory home del nuovo utente. Il nome "
+"dell'utente verrà aggiunto alla fine di <replaceable>BASE_DIR</replaceable> "
+"per creare il nome della nuova directory home, a meno che non venga usata "
+"l'opzione <option>-d</option> quando si crea un nuovo account."
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Questa opzione imposta la variabile <option>HOME</option> del file "
+"<filename>/etc/default/useradd</filename>."
+
+# type: Plain text
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr "La data in cui l'account dell'utente verrà disabilitato."
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Questa opzione imposta la variabile <option>EXPIRE</option> del file "
+"<filename>/etc/default/useradd</filename>."
+
+# type: Plain text
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr ""
+"Il numero di giorni dopo la scadenza di una password prima che l'account "
+"venga disabilitato."
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Questa opzione imposta la variabile <option>INACTIVE</option> del file "
+"<filename>/etc/default/useradd</filename>."
+
+#: useradd.8.xml:579(para)
+#, fuzzy
+#| msgid ""
+#| "The group name or ID for a new user's initial group (when the <option>-"
+#| "N/--no-user-group</option> is used or when the <option>USERGROUPS_ENAB</"
+#| "option> variable is set to <replaceable>no</replaceable> in <filename>/"
+#| "etc/login.defs</filename>. The named group must exist, and a numerical "
+#| "group ID must have an existing entry."
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+"Il nome o l'ID del gruppo da usare come gruppo iniziale per il nuovo utente "
+"(quando è usata l'opzione <option>-N/--no-user-group</option> o quando la "
+"variabile <option>USERGROUPS_ENAB</option> è impostata a <replaceable>no</"
+"replaceable> nel file <filename>/etc/login.defs</filename>). Il gruppo "
+"indicato deve esistere, anche se viene utilizzato l'ID numerico."
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Questa opzione imposta la variabile <option>GROUP</option> nel file "
+"<filename>/etc/default/useradd</filename>."
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr "Il nome della shell di login per il nuovo utente."
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Questa opzione imposta la variabile <option>SHELL</option> del file "
+"<filename>/etc/default/useradd</filename>."
+
+# type: SH
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr "NOTE"
+
+# type: Plain text
+#: useradd.8.xml:615(para)
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+"L'amministratore di sistema è responsabile del posizionamento dei file "
+"utente predefiniti nella directory <filename>/etc/skel/</filename> (o "
+"qualsiasi altra directory impostata in <filename>/etc/default/useradd</"
+"filename> o nella riga di comando)."
+
+# type: Plain text
+#: useradd.8.xml:624(para)
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Non è possibile aggiungere un utente ad un gruppo NIS o LDAP. Questo deve "
+"essere fatto sul server corrispondente."
+
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+"Analogamente, se il nome utente esiste già in un database esterno come NIS o "
+"LDAP, <command>useradd</command> bloccherà la creazione dell'account."
+
+#: useradd.8.xml:635(para)
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"I nomi utente devono iniziare con una lettera minuscola o un underscore, "
+"seguiti da lettere minuscole, cifre numeriche, underscore o trattini. "
+"Possono terminare con il simbolo del dollaro. In termini di espressioni "
+"regolari: [a-z_][a-z0-9_-]*[$]?"
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr "I nomi utente non possono eccedere i 32 caratteri di lunghezza."
+
+# type: IP
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "<option>CREATE_HOME</option> (booleano)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr "Indica se per i nuovi utenti va creata la directory home."
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr ""
+"Questa impostazione non viene applicata agli utenti di sistema e può essere "
+"modificata sulla riga di comando."
+
+# type: IP
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+msgid "<option>GID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (numerico)"
+
+# type: IP
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+msgid "<option>GID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (numerico)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"Intervallo di ID di gruppo per la creazione di gruppi normali tramite "
+"<command>useradd</command>, <command>groupadd</command> o <command>newusers</"
+"command>."
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"Il valore predefinito per <option>GID_MIN</option> (rispettivamente "
+"<option>GID_MAX</option>) è 1000 (rispettivmente 60000)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr "<option>PASS_MAX_DAYS</option> (numerico)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+"Il numero massimo di giorni che una password può essere utilizzata. Se la "
+"password è più vecchia verrà imposto il suo cambiamento. Se non specificato "
+"viene assunto -1 (che disabilita questo controllo)."
+
+# type: IP
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr "<option>PASS_MIN_DAYS</option> (numerico)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+"Il numero minimo di giorni tra due cambiamenti di password. Ogni tentativo "
+"di cambiare la password prima di questo periodo verrà rifiutato. Se non "
+"specificato viene assunto -1 (che disabilita questo controllo)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr "<option>PASS_WARN_AGE</option> (numerico)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+"Il numero di giorni per i quali un utente va avvisato che la sua password "
+"sta per scadere. Se zero l'utente viene avvisato solo alla scadenza. Un "
+"valore negativo indica che non si deve avvisare mai. Se non specificato "
+"allora non c'è nessun avviso."
+
+# type: IP
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (numerico)"
+
+# type: IP
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (numerico)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"Intervallo di ID di gruppo utilizzato per la creazione di un gruppo di "
+"sistema da <command>useradd</command>, <command>groupadd</command> o "
+"<command>newusers</command>."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+"Il valore predefinito per <option>SYS_GID_MIN</option> (rispettivamente "
+"<option>SYS_GID_MAX</option>) è 101 (rispettivamente <option>GID_MIN</"
+"option>-1)."
+
+# type: IP
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (numerico)"
+
+# type: IP
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (numerico)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+"Intervallo di ID utente per la creazione degli utenti di sistema con "
+"<command>useradd</command> o <command>newusers</command>."
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+"Il valore predefinito per <option>SYS_UID_MIN</option> (rispettivamente "
+"<option>SYS_UID_MAX</option>) è 101 (rispettivamente <option>UID_MIN</"
+"option>-1)."
+
+# type: IP
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr "<option>TCB_AUTH_GROUP</option> (booleano)"
+
+# type: Plain text
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+"Se <replaceable>yes</replaceable> i file shadow tcb di prossima creazione "
+"avranno come gruppo proprietario il gruppo <replaceable>auth</replaceable>."
+
+# type: IP
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>UID_MAX</option> (number)"
+msgstr "<option>UID_MAX</option> (numerico)"
+
+# type: IP
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>UID_MIN</option> (number)"
+msgstr "<option>UID_MIN</option> (numerico)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+"Intervallo di ID utente da utilizzare nella creazione degli utenti normali "
+"tramite <command>useradd</command> o <command>newusers</command>."
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"Il valore predefinito per <option>UID_MIN</option> (rispettivamente "
+"<option>UID_MAX</option>) è 1000 (rispettivamente 60000)."
+
+# type: IP
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+msgid "<option>UMASK</option> (number)"
+msgstr "<option>UMASK</option> (numerico)"
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr ""
+"La maschera di permessi alla creazione dei file è inizializzata con questo "
+"valore. Se non specificato la maschera viene impostata a 022."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+"<command>useradd</command> e <command>newusers</command> usano questa "
+"maschera per impostare i permessi della directory home che creano."
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Viene anche utilizzata da <command>login</command> per definire la maschera "
+"iniziale dell'utente. Notare che questa maschera può essere modificata dalla "
+"riga GECOS dell'utente (se <option>QUOTAS_ENAB</option> è impostato) o "
+"specificando un limite con l'identificativo <emphasis>K</emphasis> in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+# type: Plain text
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+"Viene anche utilizzato da <command>pam_umask</command> come valore umask "
+"predefinito."
+
+# type: Plain text
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr "Valori predefiniti per la creazione dell'account."
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+# type: Plain text
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr "Directory contenente i file predefiniti."
+
+# type: IP
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "argomento non valido per l'opzione"
+
+# type: IP
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "UID già in uso (e <option>-o</option> assente)"
+
+# type: Plain text
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr "il gruppo specificato non esiste"
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr "nome utente già in uso"
+
+# type: Plain text
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr "non è possibile creare la directory home"
+
+# type: IP
+#: useradd.8.xml:794(replaceable)
+#, fuzzy
+#| msgid "1"
+msgid "14"
+msgstr "1"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr ""
+
+# type: TP
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "Il comando <command>useradd</command> restituisce i seguenti valori:"
+
+# type: Plain text
+#: useradd.8.xml:805(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr ""
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr "suauth"
+
+# type: IP
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr "Formati di file e conversioni"
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr "file di controllo dettagliato per «su»"
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+"Il file <filename>/etc/suauth</filename> viene utilizzato all'invocazione "
+"del comando «su». Può cambiare il comportamento del comando in base a:"
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, fuzzy, no-wrap
+#| msgid ""
+#| "\n"
+#| "      1) the user su is targetting\n"
+#| "    "
+msgid ""
+"\n"
+"      1) the user su is targeting\n"
+"    "
+msgstr ""
+"\n"
+"    1) l'utente che «su» sta usando come target\n"
+"    "
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+"2) l'utente che sta invocando «su» (o qualsiasi gruppo del quale questi "
+"faccia parte)"
+
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr ""
+"Il formato del file è il seguente, con le righe che iniziano con «#» "
+"trattate come commenti e ignorate;"
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      to-id:from-id:ACTION\n"
+"    "
+msgstr ""
+"\n"
+"    id-finale:id-iniziale:AZIONE\n"
+"    "
+
+#: suauth.5.xml:101(para)
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+"Dove «id-finale» è la parola <emphasis>ALL</emphasis> (tutti), un elenco di "
+"nomi utenti separati da «,» o le parole <emphasis>ALL EXCEPT</emphasis> "
+"seguite da una lista di nomi utente separati da «,»."
+
+#: suauth.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "from-id is formatted the same as to-id except the extra word "
+#| "<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</"
+#| "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+#| "appears one or more group names, delimited by \",\". It is not sufficient "
+#| "to have primary group id of the relevant group, an entry in "
+#| "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry> is neccessary."
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is necessary."
+msgstr ""
+"«id-iniziale» è formattato come «id-iniziale» salvo il riconoscimento della "
+"parola aggiuntiva <emphasis>GROUP</emphasis>. Anche <emphasis>ALL EXCEPT "
+"GROUP</emphasis> è perfettamente gestito. Subito dopo <emphasis>GROUP</"
+"emphasis> appaiono uno o più nomi di gruppo separati da «,». Non è "
+"sufficiente avere come gruppo primario il gruppo specificato, ma deve anche "
+"esserci la relativa riga in <citerefentry><refentrytitle>/etc/group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr "AZIONE può essere una delle seguenti opzioni attualmente supportate."
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr "DENY"
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr ""
+"Il tentativo di usare «su» viene bloccato prima ancora che la password sia "
+"chiesta."
+
+# type: SH
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr "NOPASS"
+
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr ""
+"Il tentativo di usare «su» ha successo senza neppure chiedere la password."
+
+# type: TH
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr "OWNPASS"
+
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr ""
+"Perché «su» abbia successo, l'utente deve inserire la propria password che "
+"verrà espressamente richiesta."
+
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+"Notare che ci sono tre campi diversi separati da «:». Nessuno spazio deve "
+"affiancare i due punti. Notare anche che il file viene esaminato in maniera "
+"sequenziale una riga alla volta, e la prima regola applicabile viene "
+"utilizzata senza procede con la lettura delle successive. Questo permette "
+"all'amministratore di sistema di impostare dei controlli allargati o "
+"puntuali, come preferisce."
+
+# type: SH
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr "ESEMPIO"
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      # sample /etc/suauth file\n"
+"      #\n"
+"      # A couple of privileged usernames may\n"
+"      # su to root with their own password.\n"
+"      #\n"
+"      root:chris,birddog:OWNPASS\n"
+"      #\n"
+"      # Anyone else may not su to root unless in\n"
+"      # group wheel. This is how BSD does things.\n"
+"      #\n"
+"      root:ALL EXCEPT GROUP wheel:DENY\n"
+"      #\n"
+"      # Perhaps terry and birddog are accounts\n"
+"      # owned by the same person.\n"
+"      # Access can be arranged between them\n"
+"      # with no password.\n"
+"      #\n"
+"      terry:birddog:NOPASS\n"
+"      birddog:terry:NOPASS\n"
+"      #\n"
+"    "
+msgstr ""
+"\n"
+"      # Esempio di file /etc/suauth\n"
+"      #\n"
+"      # Due utenti privilegiati possono usare\n"
+"      # su verso root con la propria password.\n"
+"      #\n"
+"      root:chris,birddog:OWNPASS\n"
+"      #\n"
+"      # Tutti gli altri non possono farlo a meno di non appartenere\n"
+"      # al groppo wheel. Questo è come funziona in BSD.\n"
+"      #\n"
+"      root:ALL EXCEPT GROUP wheel:DENY\n"
+"      #\n"
+"      # Nel caso che terry e birddog siano account\n"
+"      # della stessa persona di permettere il passaggio\n"
+"      # tra loro senza richiedere la password.\n"
+"      #\n"
+"      terry:birddog:NOPASS\n"
+"      birddog:terry:NOPASS\n"
+"      #\n"
+"    "
+
+# type: SH
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr "ERRORI"
+
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+"Ce ne possono essere molti non visti. Il parser dei file è particolarmente "
+"rigido sugli errori di sintassi, attendendo l'assenza di spazi estranei (ad "
+"eccezione di inizio e fine riga) e specifici separatori per delimitare "
+"oggetti diversi."
+
+# type: SH
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr "DIAGNOSTICA"
+
+# type: Plain text
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+"Qualsiasi errore durante le lettura del file viene riportato tramite "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> con livello ERR e «facility» AUTH."
+
+# type: Plain text
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib)
+#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr ""
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr "su"
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr "Comandi utente"
+
+# type: Plain text
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr "cambia ID utente o diventa amministratore"
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr "nome"
+
+# type: Plain text
+#: su.1.xml:100(para)
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+"<command>su</command> permette di diventare un altro utente durante una "
+"sessione di login. Se nessun <option>nome</option> utente viene specificato, "
+"<command>su</command> acquisice i privilegi di amministratore. L'opzione "
+"<option>-</option> può essere usata per fornire un ambiente simile a quello "
+"che l'utente troverebbe se effettuasse il login direttamente."
+
+# type: Plain text
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+"Dopo il nome utente, è possibile specificare argomenti aggiuntivi da passare "
+"alla shell di login dell'utente. In particolare, molti interpreti di comando "
+"adottano la convenzione per cui l'opzione <option>-c</option> seguita da un "
+"argomento fa sì che quest'ultimo sia considerato un comando. Il comando "
+"viene eseguito dalla shell specificata in <filename>/etc/passwd</filename> "
+"per l'utente di destinazione."
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+"Si può utilizzare <option>--</option> per separare le opzioni di "
+"<command>su</command> dagli argomenti passati alla shell."
+
+# type: Plain text
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+"All'utente viene quindi chiesta la password, se necessario. Una password "
+"errata viene segnalata da un messaggio d'errore. Viene effettuato il log di "
+"tutti i tentativi, siano essi riusciti o meno, al fine di rilevare ogni "
+"abuso del sistema."
+
+# type: Plain text
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"Le variabili d'ambiente in uso vengono passate alla nuova shell, eccetto il "
+"valore di <envar>$PATH</envar> che viene impostato a <filename>/bin:/usr/"
+"bin</filename> per gli utenti qualsiasi e a <filename>/sbin:/bin:/usr/sbin:/"
+"usr/bin</filename> per l'amministratore. Questa impostazione è controllata "
+"dalle definizioni <emphasis>ENV_PATH</emphasis> ed <emphasis>ENV_SUPATH</"
+"emphasis> in <filename>/etc/login.defs</filename>."
+
+# type: Plain text
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+"Un sottosistema di login è indicato dalla presenza del carattere «*» "
+"all'inizio della shell di login. La directory home impostata sarà utilizzata "
+"come root di un nuovo file system al quale l'utente accede."
+
+# type: TP
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr "Il comando <command>su</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: su.1.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMANDO</"
+"replaceable>"
+
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr ""
+"Specifica un comando che verrà invocato dalla shell tramite la sua opzione "
+"<option>-c</option>."
+
+#: su.1.xml:158(para)
+#, fuzzy
+#| msgid ""
+#| "The executed command will have no controlling terminal. This option "
+#| "cannot be used to execute interractive programs which need a controlling "
+#| "TTY."
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+"Il comando eseguito non avrà un terminale di controllo. Questa opzione non "
+"può essere utilizzata per invocare programmi interattivi che richiedono un "
+"TTY di controllo."
+
+# type: TP
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr ""
+"Fornisce un ambiente simile a quello che un utente si attende quando "
+"effettua direttamente il login."
+
+#: su.1.xml:176(para)
+#, fuzzy
+#| msgid ""
+#| "When <option>-</option> is used, it must be specified as the last "
+#| "<command>su</command> option. The other forms (<option>-l</option> and "
+#| "<option>--login</option>) do not have this restriction."
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+"Quando si usa <option>-</option> deve essere l'ultima opzione di "
+"<command>su</command>. Le altre forme (<option>-l</option> e <option>--"
+"login</option>) non hanno questo vincolo."
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr "La shell che verrà invocata."
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr "La shell specificata con --shell."
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+"Se viene usato <option>--preserve-environment</option>, la shell specificata "
+"dalla variabile d'ambiente <envar>$SHELL</envar>."
+
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr ""
+"La shell indicata nel file <filename>/etc/passwd</filename> per l'utente "
+"target."
+
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr "<filename>/bin/sh</filename> se gli altri metodi falliscono."
+
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+"La shell invocata viene scelta da (in ordine di priorità): <placeholder-1/>"
+
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+"Se l'utente target ha una shell con restrizioni (cioè se la sua shell "
+"presente in <filename>/etc/passwd</filename> non è presente in <filename>/"
+"etc/shells</filename>), allora l'opzione <option>--shell</option> e la "
+"variabile d'ambiente <envar>$SHELL</envar> non vengono prese in "
+"considerazione a meno che <command>su</command> sia invocato da root."
+
+# type: IP
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr "$PATH"
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+"reimpostato in accordo alle opzioni <option>ENV_PATH</option> o "
+"<option>ENV_SUPATH</option> del file <filename>/etc/login.defs</filename> "
+"(vedi sotto);"
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr "$IFS"
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+"reimpostato a <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote> se era "
+"impostato."
+
+# type: Plain text
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr "Mantiene l'ambiente attuale, fatta eccezione per: <placeholder-1/>"
+
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+"Se l'utente target ha una shell con restrizioni, questa opzione non ha "
+"effetto (a meno che <command>su</command> sia invocato da root)."
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+"Le variabili d'ambiente <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>"
+"$USER</envar>, <envar>$LOGNAME</envar>, <envar>$PATH</envar> e <envar>$IFS</"
+"envar> sono reimpostate."
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr ""
+"Se l'opzione <option>--login</option> non è usata, l'ambiente è copiato con "
+"l'eccezione delle variabili elencate sopra."
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+"Se l'opzione <option>--login</option> è utilizzata, le variabili <envar>"
+"$TERM</envar>, <envar>$COLORTERM</envar>, <envar>$DISPLAY</envar> e <envar>"
+"$XAUTHORITY</envar> sono copiate se risultano impostate."
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+"Se l'opzione <option>--login</option> è utilizzata, le variabili d'ambiente "
+"<envar>$TZ</envar>, <envar>$HZ</envar> e <envar>$MAIL</envar> sono impostate "
+"in accordo alle opzioni <option>ENV_TZ</option>, <option>ENV_HZ</option>, "
+"<option>MAIL_DIR</option> e <option>MAIL_FILE</option> specificate nel file "
+"<filename>/etc/login.defs</filename> (vedi sotto)."
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+"Se l'opzione <option>--login</option> è utilizzata, altre variabili "
+"d'ambiente potrebbero essere impostate dal file <option>ENVIRON_FILE</"
+"option> (vedi sotto)."
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr "Altre variabili d'ambiente potrebbero essere impostate da moduli PAM."
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr ""
+"Notare che il comportamento predefinito per l'ambiente è il seguente: "
+"<placeholder-1/>"
+
+# type: Plain text
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Questa versione di <command>su</command> ha molte opzioni di compilazione; "
+"solo una parte di esse potrebbe essere in uso su un determinato sistema."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE</option> (string)"
+msgstr "<option>CONSOLE</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+"Se definito, o il percorso completo di un file che contiene l'elenco di nomi "
+"di device (uno per riga) oppure un elenco di nomi di device separati da «:». "
+"L'accesso come root verrà permesso solo attraverso questi device."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr "Se non definito, root potrà accedere da qualsiasi device."
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr "Il nome di device deve essere specificato senza il prefisso /dev."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr "<option>CONSOLE_GROUPS</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+"Elenco di gruppi da aggiungere ai gruppi supplementari dell'utente quando "
+"questi accede dalla console (come determinato dalla impostazione CONSOLE). "
+"Il valore predefinito è nullo. <placeholder-1/> Usare con cautela - è "
+"possibile che gli utenti ottengano l'accesso permanente a questi gruppi "
+"anche se non accedono dalla console."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr "<option>DEFAULT_HOME</option> (booleano)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr ""
+"Indica se permettere l'accesso al sistema anche se non si può accedere alla "
+"directory home. Il valore predefinito è no."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+"Se impostato a <replaceable>yes</replaceable>, l'utente accederà alla "
+"directory root (<filename>/</filename>) nel caso che non sia possibile "
+"accedere alla propria directory home."
+
+# type: IP
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "<option>ENV_HZ</option> (testo)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+"Se impostato viene utilizzato per definire il valore della variabile "
+"d'ambiente HZ al login dell'utente. Il valore deve essere preceduto da "
+"<replaceable>HZ=</replaceable>. Un valore comune per Linux è "
+"<replaceable>HZ=100</replaceable>."
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+"La variabile d'ambiente <envar>HZ</envar> viene impostata solo quando "
+"l'utente (il super utente) accede con <command>sulogin</command>."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr "<option>ENVIRON_FILE</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+"Se questo file esiste ed è leggibile, l'ambiente di login viene letto da lì. "
+"Ogni riga deve essere nella forma nome=valore."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr "Le righe che iniziano con «#» sono trattate come commenti e ignorate."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_PATH</option> (string)"
+msgstr "<option>ENV_PATH</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+#| msgid ""
+#| "If set, it will be used to define the PATH environment variable when a "
+#| "regular user login. The value can be preceded by <replaceable>PATH=</"
+#| "replaceable>, or a colon separated list of paths (for example "
+#| "<replaceable>/bin:/usr/bin</replaceable>). The default value is "
+#| "<replaceable>PATH=/bin:/usr/bin</replaceable>."
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+"Se impostato, viene utilizzato per definire la variabile d'ambiente PATH "
+"all'accesso di un utente normale. Il valore può essere preceduto da "
+"<replaceable>PATH=</replaceable> e composto da una lista di directory "
+"separate da «:» (per esempio <replaceable>/bin:/usr/bin</replaceable>). Il "
+"valore predefinito è <replaceable>PATH=/bin:/usr/bin</replaceable>."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr "<option>ENV_SUPATH</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+#| msgid ""
+#| "If set, it will be used to define the PATH environment variable when the "
+#| "superuser login. The value can be preceded by <replaceable>PATH=</"
+#| "replaceable>, or a colon separated list of paths (for example "
+#| "<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>). The default "
+#| "value is <replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+"> #: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)\n"
+"> > msgid \"\"\n"
+"> > \"If set, it will be used to define the PATH environment variable when "
+"the \"\n"
+"> > \"superuser login. The value can be preceded by <replaceable>PATH=</\"\n"
+"> > \"replaceable>, or a colon separated list of paths (for example "
+"<replaceable>/\"\n"
+"> > \"sbin:/bin:/usr/sbin:/usr/bin</replaceable>). The default value is \"\n"
+"> > \"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>.\"\n"
+"> > msgstr \"Se impostato, viene utilizzato per definire la variabile "
+"d'ambiente PATH al login del superutente. Il valore può essere preceduto da "
+"<replaceable>PATH=</replaceable>, ed è formato da un elenco di directory "
+"separati dal «:» (ad esempio <replaceable>/sbin:/bin:/usr/sbin:/usr/bin</"
+"replaceable>). Il valore predefinito è <replaceable>PATH=/sbin:/bin:/usr/"
+"sbin:/usr/bin</replaceable>.\"\n"
+"> \n"
+"> s/separatI dal/separatE da\n"
+"> "
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_TZ</option> (string)"
+msgstr "<option>ENV_TZ</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+"Se impostato viene usato per definire la variabile d'ambiente TZ al login "
+"dell'utente. Il valore può essere il nome di una «timezone» preceduta da "
+"<replaceable>TZ=</replaceable> (ad esempio <replaceable>TZ=CST6CDT</"
+"replaceable>), o il percorso completo di un file che contenga la specifica "
+"della «timezone» (ad esempio <filename>/etc/tzname</filename>)."
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+"Se viene specificato il percorso completo di un file che però non esiste o "
+"non può essere letto, allora viene utilizzato il valore predefinito "
+"<replaceable>TZ=CST6CDT</replaceable>."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr "<option>LOGIN_STRING</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+"Il testo da utilizzare per richiedere la password. Il valore predefinito è "
+"«Password: » o una sua traduzione. Se si imposta questa variabile allora il "
+"testo non verrà tradotto."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr ""
+"Se il testo contiene <replaceable>%s</replaceable>, questo verrà sostituito "
+"dal nome dell'utente."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr "<option>MAIL_CHECK_ENAB</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr ""
+"Abilita la verifica e stampa a video dello stato della casella di posta al "
+"momento dell'accesso al sistema."
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+"Andrebbe disabilitato se i file di avvio della shell effettuano già questo "
+"controllo («mailx -e» o equivalente)."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr "<option>QUOTAS_ENAB</option> (booleano)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+"Abilita l'impostazione di limiti di risorsa definiti in <filename>/etc/"
+"limits</filename> e ulimit, umask e livello di «nice» in base al campo gecos "
+"del passwd dell'utente."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr "<option>SULOG_FILE</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr "Se definito, tutta l'attività di «su» viene tracciata in questo file."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SU_NAME</option> (string)"
+msgstr "<option>SU_NAME</option> (testo)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+"Se definito è il nome del comando da mostrare quando si esegue «su -». Ad "
+"esempio, se lo di definisce come «su» allora «ps» mostrerà che il comando è "
+"«-su». Se non definito, «ps» mostrerà il nome della shell invocata, come «-"
+"sh»."
+
+# type: IP
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr "<option>SU_WHEEL_ONLY</option> (booleano)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+"Se <replaceable>yes</replaceable>, l'utente deve essere elencato come membro "
+"del primo gruppo con gid 0 in <filename>/etc/group</filename> (chiamato "
+"<replaceable>root</replaceable> in molti sistemi Linux) perché sia possibile "
+"usare <command>su</command> verso account con uid 0. Se il gruppo non esiste "
+"o è vuoto, nessuno potrà utilizzare <command>su</command> verso uid 0."
+
+# type: IP
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SU_ENAB</option> (booleano)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr ""
+"Abilita la tracciatura su «syslog» dell'attività di <command>su</command>, "
+"oltre a quella sul file «sulog»."
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr ""
+"In caso di successo, il valore restituito da <command>su</command> è quello "
+"del comando da esso eseguito."
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr ""
+"Se questo comando è terminato da un segnale, <command>su</command> "
+"restituisce il numero del segnale più 128."
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+"Se «su» deve terminare il comando (perché gli è stato chiesto di terminare "
+"ma il comando non è terminato in tempo),  <command>su</command> restituisce "
+"255."
+
+# type: IP
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr "successo (solo <option>--help</option>)"
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr "Errore di sistema o di autenticazione"
+
+# type: IP
+#: su.1.xml:422(replaceable)
+msgid "126"
+msgstr "126"
+
+# type: Plain text
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr "Il comando richiesto non è stato trovato"
+
+# type: IP
+#: su.1.xml:428(replaceable)
+msgid "127"
+msgstr "127"
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr "Il comando richiesto non può essere eseguito"
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr ""
+"Alcuni dei codici d'uscita di <command>su</command> sono indipendenti dal "
+"comando eseguito: <placeholder-1/>\""
+
+# type: Plain text
+#: su.1.xml:439(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr "sg"
+
+# type: Plain text
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr "esegue un comando con un diverso ID di gruppo"
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr "-"
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr "-c"
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr "comando <placeholder-1/> group"
+
+# type: Plain text
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+"Il comando <command>sg</command> funziona in maniera analoga a "
+"<command>newgrp</command>, ma accetta un comando che viene eseguito con la "
+"shell <filename>/bin/sh</filename>. La maggior parte delle shell che "
+"permettono l'uso di <command>sg</command> richiede che i comandi composti da "
+"più parole siano inclusi tra apici. Un'altra differenza tra <command>newgrp</"
+"command> e <command>sg</command> è che alcune shell trattano "
+"<command>newgrp</command> in maniera speciale, sostituendo se stesse con la "
+"shell creata da <command>newgrp</command>. Questo non accade con "
+"<command>sg</command>, per cui all'uscita del comando <command>sg</command> "
+"si ritorna al precedente ID di gruppo."
+
+# type: IP
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SG_ENAB</option> (booleano)"
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr ""
+"Abilita il tracciamento dell'attività di <command>sg</command> su «syslog»."
+
+# type: Plain text
+#: sg.1.xml:141(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr "shadow"
+
+# type: Plain text
+#: shadow.5.xml:65(refpurpose)
+msgid "shadowed password file"
+msgstr "file delle password shadow"
+
+# type: Plain text
+#: shadow.5.xml:70(para)
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+"<filename>shadow</filename> è un file che contiene le informazioni sulle "
+"password per gli account degli utenti e, opzionalmente, le informazioni "
+"sulla durata delle password («aging»)."
+
+# type: Plain text
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr ""
+"Questo file non deve essere leggibile dagli utenti normali se si vuole "
+"mantenere la sicurezza sulle password."
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+"Ciascuna riga di questo file contiene 9 campi separati da due punti (<quote>:"
+"</quote>), nel seguente ordine:"
+
+# type: Plain text
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr "nome di login"
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr "Deve essere un nome valido di un account esistente nel sistema."
+
+# type: Plain text
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr "password cifrata"
+
+# type: Plain text
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+"Fare riferimento a <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> per dettagli sul modo "
+"in cui questa stringa viene interpretata."
+
+# type: Plain text
+#: shadow.5.xml:103(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+"Se il campo password contiene un testo che non è un risultato valido di "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, come ad esempio ! o *, l'utente non potrà accedere al sistema "
+"utilizzando la password unix (ma potrà accedere al sistema in altri modi)."
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+"Questo campo può essere vuoto, nel qual caso nessuna password è richiesta "
+"per l'autenticazione di questo specifico nome di login. Tuttavia alcune "
+"applicazioni che leggono <filename>/etc/shadow</filename> possono decidere "
+"di non permettere nessun accesso se il campo password è vuoto."
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "A password field which starts with a exclamation mark means that the "
+#| "password is locked. The remaining characters on the line represent the "
+#| "password field before the password was locked."
+msgid ""
+"A password field which starts with an exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+"Se il campo password inizia con un punto esclamativo vuol dire che la "
+"password è bloccata. I restanti caratteri del campo sono il contenuto del "
+"campo password prima che venisse bloccata."
+
+# type: Plain text
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr "data dell'ultimo cambio di password"
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"Data dell'ultimo cambio di password espressa in numero di giorni a partire "
+"dal 1 gennaio 1970."
+
+#: shadow.5.xml:134(para)
+#, fuzzy
+#| msgid ""
+#| "The value 0 has a special meaning, which is that the user should change "
+#| "her pasword the next time she will log in the system."
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"password the next time she will log in the system."
+msgstr ""
+"Il valore 0 ha un significato speciale, vale a dire che l'utente deve "
+"cambiare la propria password al prossimo accesso al sistema."
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr "Un campo vuoto implica che la scadenza della password è disabilitata."
+
+# type: SS
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr "età minima password"
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+"L'età minima password è il numero di giorni che l'utente dovrà attendere "
+"prima di poter cambiare nuovamente la propria password."
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr ""
+"Un campo vuoto o con valore 0 indica che non c'è una età minima della "
+"password."
+
+# type: SS
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr "età massima password"
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr ""
+"L'età massima password è il numero di giorni dopo il quale l'utente deve "
+"cambiare la propria password."
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr ""
+"Quando questo numero di giorni è passato, la password può ancora essere "
+"valida. All'utente verrà chiesto di cambiare la password durante il "
+"successivo accesso."
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+"Un campo vuoto indica che non ci sono una età massima password, un periodo "
+"di avviso e nessun periodo di inattività (vedere oltre)."
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr ""
+"Se l'età massima password è minore dell'età minima password, l'utente non "
+"può cambiare la propria password."
+
+# type: SS
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr "periodo avviso password"
+
+# type: Plain text
+#: shadow.5.xml:187(para)
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr ""
+"Il numero di giorni prima della scadenza di una password (vedere età massima "
+"password, sopra) durante il quale l'utente riceve un avviso."
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr ""
+"Un campo vuoto e il valore 0 indicano che non c'è un periodo di avviso "
+"password."
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr "periodo inattività password"
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+"Il numero di giorni dopo la scadenza della password (vedere età massima "
+"password, sopra) durante il quale la password è ancora accettata (e l'utente "
+"dovrebbe aggiornare la propria password al primo accesso)."
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+"Dopo la scadenza della password e di questo periodo, l'utente non potrà "
+"accedere usando questa password, ma dovrà contattare l'amministratore."
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr "Un campo vuoto implica che non è applicato il periodo di inattività."
+
+# type: Plain text
+#: shadow.5.xml:222(emphasis)
+msgid "account expiration date"
+msgstr "data scadenza account"
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"La data di scadenza dell'account, espressa in numero di giorni dal 1 gennaio "
+"1970."
+
+#: shadow.5.xml:229(para)
+#, fuzzy
+#| msgid ""
+#| "Note that an account expiration differs from a password expiration. In "
+#| "case of an acount expiration, the user shall not be allowed to login. In "
+#| "case of a password expiration, the user is not allowed to login using her "
+#| "password."
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an account expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+"Notare che la scadenza dell'account differisce da quella della password. Nel "
+"caso di un account scaduto l'utente non deve poter accedere ulteriormente al "
+"sistema. Nel caso di password scaduta invece l'utente non è abilitato ad "
+"accedere con la propria password."
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr "Un campo vuoto implica che l'account non scade mai."
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+"Il valore 0 non andrebbe usato perché potrebbe essere interpretato come "
+"account che non scade o come scaduto il 1 gennaio 1970."
+
+# type: Plain text
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr "campo riservato"
+
+# type: Plain text
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr "Questo campo è riservato per uso futuro."
+
+#: shadow.5.xml:270(filename)
+msgid "/etc/shadow-"
+msgstr "/etc/shadow-"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr "Copia di backup per /etc/shadow."
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+"Notare che questo file viene usato dagli strumenti del pacchetto shadow, ma "
+"non da tutti gli strumenti per la gestione di utenti e password."
+
+# type: Plain text
+#: shadow.5.xml:284(para)
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>"
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr "Chiamate di libreria"
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr "getspnam"
+
+# type: Plain text
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr "routine per file delle password cifrate"
+
+# type: SH
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "SINTASSI"
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr "#include &lt;shadow.h&gt;"
+
+# type: Plain text
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr "struct spwd *getspent();"
+
+# type: Plain text
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr "struct spwd *getspnam(char"
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr "*nome"
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ");"
+
+# type: Plain text
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr "void setspent();"
+
+# type: Plain text
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr "void endspent();"
+
+# type: Plain text
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr "struct spwd *fgetspent(FILE"
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr "*fp"
+
+# type: Plain text
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr "struct spwd *sgetspent(char"
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr "*cp"
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr "int putspent(struct spwd"
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr "*p,"
+
+# type: SH
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr "FILE"
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr "int lckpwdf();"
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr "int ulckpwdf();"
+
+# type: Plain text
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+"<emphasis remap=\"I\">shadow</emphasis> manipola il contenuto del file delle "
+"password shadow, <filename>/etc/shadow</filename>. La struttura nel file "
+"<emphasis remap=\"I\">#include</emphasis> è la seguente:"
+
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid ""
+"struct spwd {\n"
+"      char\t\t*sp_namp; /* user login name */\n"
+"      char\t\t*sp_pwdp; /* encrypted password */\n"
+"      long int\t\tsp_lstchg; /* last password change */\n"
+"      long int\t\tsp_min; /* days until change allowed. */\n"
+"      long int\t\tsp_max; /* days before change required */\n"
+"      long int\t\tsp_warn; /* days warning for expiration */\n"
+"      long int\t\tsp_inact; /* days before account inactive */\n"
+"      long int\t\tsp_expire; /* date when account expires */\n"
+"      unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+"    "
+msgstr ""
+"struct spwd {\n"
+"      char\t\t*sp_namp; /* login dell'utente */\n"
+"      char\t\t*sp_pwdp; /* password cifrata */\n"
+"      long int\t\tsp_lstchg; /* ultimo cambio della password */\n"
+"      long int\t\tsp_min; /* giorni minimi tra i cambi */\n"
+"      long int\t\tsp_max; /* giorni massimi tra i cambi */\n"
+"      long int\t\tsp_warn; /* giorni di preavviso */\n"
+"      long int\t\tsp_inact; /* giorni di inattività */\n"
+"      long int\t\tsp_expire; /* data di scadenza dell'account */\n"
+"      unsigned long int\tsp_flag; /* riservato per uso futuro */\n"
+"}\n"
+"    "
+
+# type: Plain text
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr "Ciascun campo significa:"
+
+# type: Plain text
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr ""
+"sp_namp - puntatore a una stringa null-terminated che contiene il nome "
+"utente."
+
+# type: Plain text
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr ""
+"sp_pwdp - puntatore a una stringa null-terminated che contiene la password."
+
+# type: Plain text
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+"sp_lstchg - giorni trascorsi dal 1 gennaio 1970 al momento in cui la "
+"password è stata cambiata l'ultima volta."
+
+# type: Plain text
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr "sp_min - giorni prima dei quali la password non può essere cambiata."
+
+# type: Plain text
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr "sp_max - giorni dopo i quali la password deve essere cambiata."
+
+# type: Plain text
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+"sp_warn - giorni prima della scadenza della password in cui l'utente viene "
+"avvertito."
+
+# type: Plain text
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+"sp_inact - giorni dopo la scadenza della password dopo i quali l'account "
+"viene considerato inattivo e disabilitato."
+
+# type: Plain text
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+"sp_expire - giorni a partire dal 1 gennaio 1970 dopo i quali l'account viene "
+"disabilitato."
+
+# type: Plain text
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr "sp_flag - riservato per uso futuro."
+
+# type: Plain text
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis> e <emphasis>sgetspent</emphasis> "
+"restituiscono tutte un puntatore a uno <emphasis>struct spwd</emphasis>. "
+"<emphasis>getspent</emphasis> restituisce la voce successiva nel file, "
+"<emphasis>fgetspent</emphasis> la voce successiva nello stream specificato, "
+"che si suppone sia un file nel formato corretto. <emphasis>sgetspent</"
+"emphasis> restituisce un puntatore a uno <emphasis>struct spwd</emphasis> "
+"usando come input la stringa fornita. <emphasis>getspnam</emphasis> cerca "
+"una voce che corrisponde a <emphasis>name</emphasis> partendo dalla "
+"posizione corrente nel file."
+
+# type: Plain text
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+"<emphasis>setspent</emphasis> e <emphasis>endspent</emphasis> sono usate "
+"rispettivamente per iniziare e terminare l'accesso al file delle password "
+"shadow."
+
+# type: Plain text
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+"Le funzioni <emphasis>lckpwdf</emphasis> e <emphasis>ulckpwdf</emphasis> si "
+"usano per garantire l'accesso esclusivo al file <filename>/etc/shadow</"
+"filename>. <emphasis>lckpwdf</emphasis> prova ad acquisire il lock tramite "
+"<emphasis>pw_lock</emphasis> per un massimo di 15 secondi, dopodiché tenta "
+"di ottenere un secondo lock usando <emphasis>spw_lock</emphasis> per il "
+"tempo che rimane dei 15 secondi iniziali. Se anche uno solo dei due "
+"tentativi fallisce dopo un totale di 15 secondi, <emphasis>lckpwdf</"
+"emphasis> restituisce -1, mentre restituisce 0 se riesce ad acquisire "
+"entrambi i lock."
+
+# type: Plain text
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+"Le funzioni restituiscono NULL se non ci sono altre voci disponibili o se si "
+"verifica un errore durante l'elaborazione. Le funzioni di tipo "
+"<emphasis>int</emphasis> restituiscono 0 in caso di successo e -1 in caso di "
+"errore."
+
+# type: Plain text
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr ""
+"Queste funzioni possono essere usate solo dall'amministratore, perché "
+"l'accesso al file delle password shadow è riservato."
+
+# type: Plain text
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr "pwconv"
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr "pwunconv"
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr "grpconv"
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr "grpunconv"
+
+# type: Plain text
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr "convertono a e da password e gruppi shadow."
+
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+"<command>pwconv</command> crea <emphasis remap=\"I\">shadow</emphasis> da "
+"<emphasis remap=\"I\">passwd</emphasis> e da un eventuale preesistente "
+"<emphasis remap=\"I\">shadow</emphasis>."
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+"<command>pwconv</command> non funziona se <option>USE_TCB</option> è attivo. "
+"Per convertire a password tcb si deve prima usare <command>pwconv</command> "
+"per convertire a password shadow disabilitando <option>USE_TCB</option> nel "
+"file <filename>login.defs</filename> e poi convertire a password tcb usando "
+"<command>tcb_convert</command> (e riabilitando <option>USE_TCB</option> in "
+"<filename>login.defs</filename>)."
+
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+"<command>pwunconv</command> crea <emphasis remap=\"I\">passwd</emphasis> da "
+"<emphasis remap=\"I\">passwd</emphasis> e <emphasis remap=\"I\">shadow</"
+"emphasis> e poi cancella <emphasis remap=\"I\">shadow</emphasis>."
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+"<command>pwunconv</command> non funziona con <option>USE_TCB</option> "
+"abilitato. Si deve prima ritornare da tcb a password shadow usando "
+"<command>tcb_unconvert</command> e poi disabilitare <option>USE_TCB</option> "
+"in <filename>login.defs</filename> prima di usare <command>pwunconv</"
+"command>."
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+"<command>grpconv</command> crea <emphasis remap=\"I\">gshadow</emphasis> da "
+"<emphasis remap=\"I\">group</emphasis> e da un eventuale preesistente "
+"<emphasis remap=\"I\">gshadow</emphasis>."
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+"<command>grpunconv</command> crea <emphasis remap=\"I\">group</emphasis> da "
+"<emphasis remap=\"I\">group</emphasis> e <emphasis remap=\"I\">gshadow</"
+"emphasis> e quindi rimuove <emphasis remap=\"I\">gshadow</emphasis>."
+
+# type: Plain text
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+"Questi quattro programmi agiscono tutti sui file normali e oscurati (shadow) "
+"delle password e dei gruppi: <filename>/etc/passwd</filename>, <filename>/"
+"etc/group</filename>, <filename>/etc/shadow</filename> e <filename>/etc/"
+"gshadow</filename>."
+
+# type: Plain text
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+"Ciascun programma, prima della conversione, acquisisce i lock necessari. "
+"<command>pwconv</command> e <command>grpconv</command> sono simili. Per "
+"prima cosa vengono rimosse le voci nel file shadow che non esistono nel file "
+"principale. Quindi vengono aggiornate le voci oscurate che non hanno «x» "
+"come password nel file principale. Vengono aggiunte le eventuali voci "
+"oscurate mancanti.  Infine, le password nel file principale vengono "
+"sostituite con «x». Questi programmi possono essere usati per le conversioni "
+"iniziali così come per aggiornare il file oscurato se il file principale "
+"viene modificato a mano."
+
+# type: Plain text
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+"<command>pwconv</command> userà i valori <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis> "
+"e <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> da <filename>/etc/login."
+"defs</filename> al momento dell'aggiunta di nuove voci a <filename>/etc/"
+"shadow</filename>."
+
+# type: Plain text
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+"Analogamente, <command>pwunconv</command> e <command>grpunconv</command> "
+"sono simili. Le password nel file principale vengono aggiornate dal file "
+"shadow. Voci che esistono nel file principale ma non nel file shadow vengono "
+"lasciate stare. Infine, viene rimosso il file shadow. Alcune informazioni "
+"sull'invecchiamento delle password vengono perse da <command>pwunconv</"
+"command>. Convertirà solo quello che potrà."
+
+# type: Plain text
+#: pwconv.8.xml:188(para)
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+"Le opzioni che si possono applicare ai comandi <command>pwconv</command>, "
+"<command>pwunconv</command>, <command>grpconv</command> e "
+"<command>grpunconv</command> sono:"
+
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+"Errori nel file delle password o dei gruppi (come elementi non validi o "
+"duplicati) possono causare dei cicli infiniti in questi programmi, oppure "
+"degli errori non prevedibili. Eseguire <command>pwck</command> e "
+"<command>grpck</command> per correggere ogni eventuale errore prima di "
+"convertire da o verso password o gruppi shadow."
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+"Le seguenti variabili di configurazione in <filename>/etc/login.defs</"
+"filename> influenzano il comportamento di <command>grpconv</command> e "
+"<command>grpunconv</command>:"
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+"Le seguenti variabili di configurazione in <filename>/etc/login.defs</"
+"filename> influenzano il comportamento di <command>pwconv</command>:"
+
+# type: Plain text
+#: pwconv.8.xml:263(para)
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr ""
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr "pwck"
+
+# type: Plain text
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr "verifica l'integrità dei file delle password"
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr "passwd"
+
+# type: Plain text
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+"<command>pwck</command> verifica l'integrità delle informazioni su utenti e "
+"autenticazione del sistema. Ogni voce in <filename>/etc/passwd</filename> e "
+"in <filename>/etc/shadow</filename> <phrase condition=\"tcb\">(o nei file in "
+"<filename>/etc/tcb</filename>, quando <option>USE_TCB<option> è abilitato)</"
+"phrase> viene controllata per verificare che abbia il formato corretto e "
+"dati validi in ciascun campo. Viene richiesto all'utente di rimuovere le "
+"voci che non hanno un formato appropriato o che hanno altri errori "
+"impossibili da correggere."
+
+# type: Plain text
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr "Vengono fatti controlli per verificare che ogni voce abbia:"
+
+# type: Plain text
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr "il corretto numero di campi"
+
+# type: Plain text
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr "un nome utente univoco e valido"
+
+# type: Plain text
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr "identificatori validi dell'utente e del gruppo"
+
+# type: Plain text
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr "un gruppo primario valido"
+
+# type: Plain text
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr "una home directory valida"
+
+# type: Plain text
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr "una shell di login valida"
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+"Le verifiche sul file <filename>shadow</filename> sono abilitate ogni volta "
+"che si usa un secondo argomento o quanto esiste nel sistema il file "
+"<filename>/etc/shadow</filename>."
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr "Le verifiche sono le seguenti:"
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr ""
+"ogni elemento del file passwd deve avere un corrispondente elemento in "
+"shadow, e viceversa"
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr "le password sono specificate nel file shadow"
+
+# type: Plain text
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr "gli elementi di shadow hanno il corretto numero di campi"
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr "gli elementi di shadow sono unici"
+
+# type: Plain text
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr "le date di ultima modifica non sono nel futuro"
+
+# type: Plain text
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+"Gli errori nelle verifiche sul corretto numero di campi e sull'univocità del "
+"nome utente sono irrimediabili. Se una voce ha un numero errato di campi, "
+"all'utente viene chiesto di cancellare l'intera riga; se l'utente non "
+"risponde affermativamente, vengono omessi tutti gli ulteriori controlli. "
+"Viene richiesta la cancellazione anche per le voci aventi il nome utente "
+"duplicato, ma i rimanenti controlli vengono ugualmente effettuati. Tutti gli "
+"altri errori non sono gravi e l'utente è invitato a eseguire il comando "
+"<command>usermod</command> per correggerli."
+
+# type: Plain text
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+"I comandi che operano sul file <filename>/etc/passwd</filename> non sono in "
+"grado di modificare voci corrotte o duplicate; in tali circostanze va usato "
+"<command>pwck</command> per rimuovere la voce scorretta."
+
+# type: Plain text
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr ""
+"Le opzioni <option>-r</option> e <option>-s</option> non possono essere "
+"combinate."
+
+# type: Plain text
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr "Il comando <command>pwck</command> accetta le seguenti opzioni:"
+
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr ""
+"Riporta solo gli errori. Gli avvisi che non richiedono azioni da parte "
+"dell'utente non sono mostrati."
+
+# type: IP
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr "<option>-r</option>, <option>--read-only</option>"
+
+# type: TP
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr "Esegue il comando <command>pwck</command> in sola lettura."
+
+# type: IP
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr "<option>-s</option>, <option>--sort</option>"
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+"Ordina gli elementi di <filename>/etc/passwd</filename> e <filename>/etc/"
+"shadow</filename> per UID."
+
+# type: IP
+#: pwck.8.xml:227(para)
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr ""
+"Questa opzione non ha nessun effetto se <option>USE_TCB</option> è abilitato."
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+"Come impostazione predefinita, <command>pwck</command> opera sui file "
+"<filename>/etc/passwd</filename> e in <filename>/etc/shadow</"
+"filename><phrase condition=\"tcb\"> (o i file in <filename>/etc/tcb</"
+"filename>)</phrase>. L'utente può selezionare file alternativi con i "
+"parametri <replaceable>passwd</replaceable> e <replaceable>shadow</"
+"replaceable>."
+
+#: pwck.8.xml:243(para)
+#, fuzzy
+#| msgid ""
+#| "Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+#| "alternative <replaceable>shadow</replaceable> file. In future releases, "
+#| "this paramater could be replaced by an alternate TCB directory."
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"parameter could be replaced by an alternate TCB directory."
+msgstr ""
+"Notare che quando <option>USE_TCB</option> è abilitata, non si può "
+"specificare un file <replaceable>shadow</replaceable> alternativo. In future "
+"versioni questo parametro potrebbe essere sostituito da una directory TCB "
+"alternativa."
+
+# type: Plain text
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr "una o più voci di password conengono errori"
+
+# type: Plain text
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr "impossibile aprire i file delle password"
+
+# type: Plain text
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr "impossibile fare il lock dei file delle password"
+
+# type: Plain text
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr "impossibile aggiornare i file delle password"
+
+# type: Plain text
+#: pwck.8.xml:336(para)
+msgid "can't sort password files"
+msgstr "impossibile ordinare i file delle password"
+
+# type: TP
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Il comando <command>pwck</command> restituisce i seguenti valori: "
+"<placeholder-1/>"
+
+# type: Plain text
+#: pwck.8.xml:345(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr "porttime"
+
+# type: Plain text
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr "file delle porte e degli orari d'accesso"
+
+# type: Plain text
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+"<emphasis remap=\"I\">porttime</emphasis> contiene un elenco di device tty, "
+"nomi utente e orari di accesso permessi."
+
+# type: Plain text
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+"Ciascuna voce è composta da tre campi separati da due punti. Il primo è un "
+"elenco di device tty, separati da virgole, oppure un asterisco per indicare "
+"che la voce corrisponde a qualsiasi device. Il secondo campo è un elenco di "
+"nomi utente, separati da virgole, oppure un asterisco per indicare che la "
+"voce corrisponde ad ogni utente. Il terzo campo è un elenco degli orari, "
+"separati da virgole, in cui è consentito l'accesso."
+
+# type: Plain text
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+"Un orario di accesso consiste in zero o più giorni della settimana "
+"abbreviati in <emphasis>Mo</emphasis> (lunedì), <emphasis>Tu</emphasis>, "
+"<emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</emphasis>, "
+"<emphasis>Sa</emphasis> e <emphasis>Su</emphasis> (domenica), seguiti da una "
+"coppia di orari, separati da un trattino. L'abbreviazione <emphasis>Wk</"
+"emphasis> rappresenta tutti i giorni da lunedì a venerdì, mentre "
+"<emphasis>Al</emphasis> indica tutti i giorni della settimana. Se non si "
+"specifica alcun giorno, viene usato implicitamente <emphasis>Al</emphasis>."
+
+# type: SH
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "ESEMPI"
+
+# type: Plain text
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+"La voce seguente permette l'accesso all'utente <emphasis remap=\"B\">jfh</"
+"emphasis> da qualsiasi porta durante i giorni lavorativi dalle 9 alle 17."
+
+# type: Plain text
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr "*:jfh:Wk0900-1700"
+
+# type: Plain text
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+"Le voci seguenti permettono l'accesso solo agli utenti <emphasis>root</"
+"emphasis> e <emphasis>oper</emphasis> da <filename>/dev/console</filename> a "
+"qualsiasi ora. Qui viene mostrato come il file <filename>/etc/porttime</"
+"filename> sia una lista ordinata di orari d'accesso: ogni altro utente "
+"corrisponderebbe alla seconda voce, che impedisce l'accesso in qualsiasi "
+"orario."
+
+# type: Plain text
+# no-wrap
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+msgstr ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+
+# type: Plain text
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+"La voce seguente permette l'accesso all'utente <emphasis>games</emphasis> da "
+"qualsiasi porta durante gli orari non lavorativi."
+
+# type: Plain text
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr "*:games:Wk1700-0900,SaSu0000-2400"
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr "/etc/porttime"
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr "File contenente gli accessi alle porte."
+
+# type: Plain text
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+# type: Plain text
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr "il file delle password"
+
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+"<filename>/etc/passwd</filename> contiene una riga per ogni account, con "
+"sette campi delimitati da due punti (<quote>:</quote>). Questi campi sono:"
+
+# type: Plain text
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr "password cifrata opzionale"
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr "ID utente numerico"
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr "ID gruppo numerico"
+
+# type: Plain text
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr "nome utente o commento"
+
+# type: Plain text
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr "directory home utente"
+
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr "interprete dei comandi utente opzionale"
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Il campo password cifrata può essere vuoto, nel qual caso non viene "
+"richiesta nessuna password per autenticare lo specifico login. Tuttavia "
+"alcune applicazioni che leggono il file <filename>/etc/passwd</filename> "
+"possono decidere di non permettere <emphasis>nessun</emphasis> accesso se il "
+"campo <emphasis>password</emphasis> è vuoto. Se il campo <emphasis>password</"
+"emphasis> contiene solo una <quote>x</quote> minuscola, la password cifrata "
+"è invece memorizzata nel file <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>; ci <emphasis>deve</"
+"emphasis> essere una riga corrispondente nel file <filename>/etc/shadow</"
+"filename> altrimenti l'account non sarà valido. Se il campo "
+"<emphasis>password</emphasis> ha un qualsiasi altro contenuto allora viene "
+"trattato come password cifrata, come specificato da "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+
+# type: Plain text
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Il campo di commento è utilizzato da vari strumenti di sistema come ad "
+"esempio <citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+"Il campo directory home fornisce il nome della directory di lavoro iniziale. "
+"Il programma <command>login</command> usa questa informazione per impostare "
+"il valore della variabile d'ambiente <envar>$HOME</envar>."
+
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+"Il campo interprete dei comandi fornisce il nome dell'interprete del "
+"linguaggio utente, o il nome del programma da invocare inizialmente. Il "
+"programma <command>login</command> utilizza questa informazione per "
+"impostare il valore della variabile d'ambiente <envar>$SHELL</envar>. Se "
+"questo campo è vuoto, il valore predefinito è <filename>/bin/sh</filename>."
+
+# type: Plain text
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr "file opzionale delle password cifrate"
+
+#: passwd.5.xml:156(filename)
+msgid "/etc/passwd-"
+msgstr "/etc/passwd-"
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr "Copia di backup di /etc/passwd."
+
+# type: Plain text
+#: passwd.5.xml:170(para)
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+# type: Plain text
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr "cambia la password utente"
+
+# type: Plain text
+#: passwd.1.xml:89(para)
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+"<command>passwd</command> cambia la password per account utente. Un utente "
+"normale può solo cambiare la password per il proprio account, mentre il "
+"super utente può cambiarla per qualsiasi account. <command>passwd</command> "
+"modifica anche l'account o il periodo di validità della password associata."
+
+# type: SS
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr "Modifiche delle password"
+
+# type: Plain text
+#: passwd.1.xml:99(para)
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+"All'utente viene prima chiesta la propria password attuale, se presente. "
+"Questa password viene cifrata e confrontata con quella memorizzata. "
+"All'utente viene data solo una possibilità di inserire la password corretta. "
+"Il super utente salta questo passo in modo da poter modificare password "
+"dimenticate."
+
+# type: Plain text
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+"Dopo che la password è stata inserita, vengono controllati i parametri "
+"dell'invecchiamento delle password per verificare che l'utente possa "
+"modificarla in questo momento. In caso negativo <command>passwd</command> "
+"non fa cambiare la password ed esce."
+
+# type: Plain text
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+"All'utente viene quindi chiesto di inserire la nuova password due volte. Le "
+"due password sono confrontate e devono essere uguali affinché la password "
+"venga accettata."
+
+# type: Plain text
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+"Quindi viene misurata la complessità della password. In linea di massima le "
+"password dovrebbero contenere dai 6 agli 8 caratteri, includendovi uno o più "
+"caratteri da ciascuno dei seguenti insiemi:"
+
+# type: Plain text
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr "lettere minuscole"
+
+# type: Plain text
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr "numeri da 0 a 9"
+
+# type: Plain text
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr "segni di punteggiatura"
+
+# type: Plain text
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+"Si deve fare attenzione a non inserire il carattere di cancellazione o di "
+"kill (azzeramento della riga). <command>passwd</command> non accetta "
+"password non sufficientemente complesse."
+
+# type: SS
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr "Suggerimenti per password utente"
+
+# type: Plain text
+#: passwd.1.xml:148(para)
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+"La sicurezza di una password dipende dalla forza dell'algoritmo e dalla "
+"dimensione della chiave utilizzata. Il metodo originale di cifratura del "
+"sistema <emphasis>UNIX</emphasis> si basa sull'algoritmo NBS DES. Adesso "
+"sono da preferisi metodi di cifratura più recenti (vedere "
+"<option>ENCRYPT_METHOD</option>). La dimensione della chiave dipende "
+"dall'aleatorietà della password indicata."
+
+# type: Plain text
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+"La compromissione di una password avviene normalmente a seguito di incuria "
+"nella scelta o nella gestione della password. Per questo motivo non si "
+"devono utilizzare password che appaiono nei dizionari o che devono essere "
+"scritte. La password non deve essere uno nome proprio, il numero della "
+"patente, la data di nascita o l'indirizzo. Uno qualunque di questi potrebbe "
+"essere indovinato per violare la sicurezza del sistema."
+
+#: passwd.1.xml:166(para)
+#, fuzzy
+#| msgid ""
+#| "You can find advices on how to choose a strong password on http://en."
+#| "wikipedia.org/wiki/Password_strength"
+msgid ""
+"You can find advice on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+"Si possono trovare indicazioni su come scegliere una password forte su "
+"http://en.wikipedia.org/wiki/Password_strength"
+
+# type: Plain text
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr "Il comando <command>passwd</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr ""
+"Questa opzione può essere utilizzata solo con <option>-S</option> e mostra "
+"lo stato per ogni utente."
+
+# type: IP
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+"Cancella la password utente (la rende vuota). Questo è un metodo veloce per "
+"disabilitare la password per l'account. Imposta l'account indicato come "
+"senza password."
+
+# type: TP
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr ""
+"Fa scadere subito la password dell'utente. Il che ha l'effetto di forzare un "
+"cambio password al successivo accesso da parte dell'utente."
+
+# type: TP
+#: passwd.1.xml:220(term)
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INATTIVO</"
+"replaceable>"
+
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+"Questa opzione viene utilizzata per disabilitare un account dopo che la "
+"password è scaduta da un certo numero di giorni. Dopo che un account ha una "
+"password che è scaduta da <replaceable>INATTIVO</replaceable> giorni, "
+"l'utente non può più accedere con l'account."
+
+# type: IP
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+#: passwd.1.xml:237(para)
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+"Indica che il cambio password va effettuato solo per i token (password) di "
+"autenticazione scaduti. L'utente vuole mantenere inalterati i token non "
+"scaduti."
+
+# type: IP
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr "<option>-l</option>, <option>--lock</option>"
+
+#: passwd.1.xml:249(para)
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+"Blocca la password dell'account indicato. Questa opzione disabilita una "
+"password modificandola in modo che non corrisponda a nessun valore cifrato "
+"(aggiunge un «!» all'inizio della password)."
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+"Notare che questo non disabilita l'account. L'utente può sempre accedere al "
+"sistema tramite altri token di autenticazione (ad esempio una chiave SSH). "
+"Per disabilitare l'account l'amministratore deve usare <command>usermod --"
+"expiredate 1</command> (che imposta la data di scadenza al 2 gennaio 1970)."
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr "Gli utenti con password bloccata non la possono cambiare."
+
+# type: IP
+#: passwd.1.xml:269(term)
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;"
+"<replaceable>MIN_GIORNI</replaceable>"
+
+# type: Plain text
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+"Imposta il numero minimo di giorni tra i cambi di password a "
+"<replaceable>MIN_GIORNI</replaceable>. Un valore pari a zero indica che "
+"l'utente può cambiare la propria password in qualsiasi momento."
+
+# type: IP
+#: passwd.1.xml:291(term)
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr ""
+"cambia la password nel repository <replaceable>REPOSITORY</replaceable>"
+
+# type: IP
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr "<option>-S</option>, <option>--status</option>"
+
+# type: Plain text
+#: passwd.1.xml:317(para)
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+"Visualizza le informazioni sullo stato di un account. Lo stato consiste di 7 "
+"campi. Il primo campo è il nome dell'utente. Il secondo campo indica se "
+"l'account ha una password bloccata (L), non ha password (NP) o ha una "
+"password valida (P). Il terzo campo contiene la data di ultima modifica "
+"della password. I successivi quattro campi sono l'età minima, la massima, il "
+"periodo di avviso e quello di inattività. Queste età sono espresse in giorni."
+
+# type: IP
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr "<option>-u</option>, <option>--unlock</option>"
+
+#: passwd.1.xml:335(para)
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+"Sblocca la password dell'account indicato. Questa opzione riabilita la "
+"password riportandola al suo valore precedente (il valore che c'era prima di "
+"usare l'opzione <option>-l</option>)."
+
+# type: IP
+#: passwd.1.xml:344(term)
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>AVVISO_GIORNI</replaceable>"
+
+# type: Plain text
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+"Imposta il numero di giorni di preavviso prima che sia obbligatorio cambiare "
+"la password. L'opzione <replaceable>AVVISO_GIORNI</replaceable> indica il "
+"numero di giorni precedenti alla scadenza della password durante i quali "
+"l'utente viene avvertito dell'imminente scadenza."
+
+# type: IP
+#: passwd.1.xml:357(term)
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;"
+"<replaceable>MAX_GIORNI</replaceable>"
+
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+"Imposta il massimo numero di giorni che una password rimane valida. Dopo "
+"<replaceable>MAX_GIORNI</replaceable> viene richiesto di cambiare la "
+"password."
+
+# type: Plain text
+#: passwd.1.xml:373(para)
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr ""
+"Il controllo della complessità delle password varia da sistema a sistema. "
+"All'utente è caldamente consigliato si utilizzare una password che ritenga "
+"sufficientemente complessa."
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+"Gli utenti possono non essere in grado di cambiare la propria password se "
+"NIS è abilitato ed essi non sono collegati al server NIS."
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr ""
+"<command>passwd</command> utilizza PAM per autenticare gli utenti e per "
+"cambiare le loro password."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr "<option>ENCRYPT_METHOD</option> (testo)"
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr ""
+"Definisce l'algoritmo di cifratura predefinito per le password (se non ne "
+"viene specificato uno a riga di comando)."
+
+# type: IP
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+"Può avere uno dei seguenti valori: <replaceable>DES</replaceable> "
+"(predefinito), <replaceable>MD5</replaceable><phrase condition=\"sha_crypt"
+"\">, <replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+"Nota: questo parametro ha la precedenza sulla variabile "
+"<option>MD5_CRYPT_ENAB</option>."
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+"Nota: questo ha effetto solo sulla generazione delle password di gruppo. La "
+"generazione delle password utente avviene tramite PAM ed è soggetta alla "
+"configurazione PAM. È raccomandato di impostare questa variabile in maniera "
+"consistente con la configurazione PAM."
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr "<option>MD5_CRYPT_ENAB</option> (booleano)"
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+"Indica se le password vanno cifrate usando l'algoritmo basato su MD5. Se "
+"impostato a <replaceable>yes</replaceable> le nuove password saranno cifrate "
+"usando un algoritmo basato su MD5 e compatibile con quello delle versioni "
+"più recenti di FreeBSD. Supporta password di lunghezza qualsiasi e testi "
+"«salt» più lunghi. Impostare a <replaceable>no</replaceable> se si devono "
+"copiare password su altri sistemi che non gestiscono l'algoritmo. Il valore "
+"predefinito è <replaceable>no</replaceable>."
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+"Questa variabile ha meno priorità della variabile <option>ENCRYPT_METHOD</"
+"option> e di qualsiasi opzione a riga di comando che imposta un algoritmo di "
+"cifratura."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr ""
+"Questa variabile non è più usata. Si dovrebbe utilizzare "
+"<option>ENCRYPT_METHOD</option>."
+
+# type: IP
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>OBSCURE_CHECKS_ENAB</option> (booleano)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr "Abilita controlli addizionali durante il cambio password."
+
+# type: IP
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "<option>PASS_ALWAYS_WARN</option> (booleano)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+"Avvisa riguardo password deboli (anche se le permette egualmente) se si è "
+"root."
+
+# type: IP
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "<option>PASS_CHANGE_TRIES</option> (numerico)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr "Massimo numero di tentativi per cambiare una password (troppo facile)."
+
+# type: IP
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "<option>PASS_MAX_LEN</option> (numerico)"
+
+# type: IP
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "<option>PASS_MIN_LEN</option> (numerico)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+"Numero di caratteri significativi della password per crypt(). "
+"<option>PASS_MAX_LEN</option> è normalmente 8. Da non cambiare a meno che la "
+"propria crypt() sia migliore. Questo viene ignorato se "
+"<option>MD5_CRYPT_ENAB</option> è impostata a <replaceable>yes</replaceable>."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MIN_ROUNDS</option> (numerico)"
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MAX_ROUNDS</option> (numerico)"
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+"Quando <option>ENCRYPT_METHOD</option> vale <replaceable>SHA256</"
+"replaceable> o <replaceable>SHA512</replaceable>, questo definisce il numero "
+"di cicli SHA usati per l'algoritmo di cifratura (quando il numero di cicli "
+"non è impostato a riga di comando)."
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+"Con molti cicli è più difficile trovare una password usando la forza bruta. "
+"Ma va notato che è richiesta maggiore potenza di calcolo per autenticare gli "
+"utenti."
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr "Se non specificato sarà la libc a scegliere il numero di cicli (5000)."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr "Il valore deve essere compreso tra 1.000 e 999.999.999."
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+"Se viene impostato solo uno tra <option>SHA_CRYPT_MIN_ROUNDS</option> e "
+"<option>SHA_CRYPT_MAX_ROUNDS</option>, allora l'unico valore viene "
+"utilizzato."
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+"Se <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, allora viene utilizzato il maggiore."
+
+#: passwd.1.xml:429(filename)
+msgid "/etc/pam.d/passwd"
+msgstr "/etc/pam.d/passwd"
+
+# type: Plain text
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr "configurazione PAM per <command>passwd</command>."
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "permesso negato"
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "combinazione di opzioni non valida"
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr "errore non previsto, nulla di fatto"
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr "errore non previsto, file <filename>passwd</filename> mancante"
+
+# type: TP
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr "file <filename>passwd</filename> occupato, provare di nuovo"
+
+# type: TP
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "Il comando <command>passwd</command> restituisce i seguenti valori:"
+
+# type: Plain text
+#: passwd.1.xml:490(para)
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr "nologin"
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr "rifiuta gentilmente l'accesso"
+
+#: nologin.8.xml:65(para)
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+"Il comando <command>nologin</command> mostra un messaggio che indica che "
+"l'account non è disponibile ed esce con codice d'errore non zero. È stato "
+"pensato come sostituto del campo shell per account che sono stati "
+"disabilitati."
+
+# type: Plain text
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"Per diabilitare tutti gli accessi vedere "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+# type: Plain text
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr "CRONOLOGIA"
+
+# type: TP
+#: nologin.8.xml:91(para)
+#, fuzzy
+#| msgid "The <command>nologin</command> command appearred in BSD 4.4."
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr "Il comando <command>nologin</command> è apparso in BSD 4.4."
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr "aggiorna e crea nuovi utenti in blocco"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr "file"
+
+#: newusers.8.xml:97(para)
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+"Il comando <command>newusers</command> legge un <replaceable>file</"
+"replaceable> (o il proprio standard input) e utilizza queste informazioni "
+"per aggiornare l'insieme di utenti già esistenti oppure per crearne di "
+"nuovi. Ogni riga è nello stesso formato del file standard passwd (vedere "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) con le seguenti eccezioni:"
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+
+#: newusers.8.xml:110(emphasis)
+msgid "pw_name"
+msgstr "pw_name"
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr "Il nome dell'utente."
+
+#: newusers.8.xml:116(para)
+#, fuzzy
+#| msgid ""
+#| "It can be the name of a new user or the name of an existing user (or an "
+#| "user created before by <command>newusers</command>). In case of an "
+#| "existing user, the user's information will be changed, otherwise a new "
+#| "user will be created."
+msgid ""
+"It can be the name of a new user or the name of an existing user (or a user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+"Può essere il nome di un nuovo utente o di uno già esistente (o uno creato "
+"precedentemente da <command>newusers</command>). Nel caso di utente già "
+"esistente le informazioni sull'utente verranno aggiornate, altrimenti verrà "
+"creato un nuovo utente."
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr "pw_passwd"
+
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr ""
+"Questo campo verrà cifrato e utilizzato come nuovo valore per la password "
+"cifrata."
+
+#: newusers.8.xml:138(emphasis)
+msgid "pw_uid"
+msgstr "pw_uid"
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr "Definisce l'UID dell'utente."
+
+#: newusers.8.xml:144(para)
+#, fuzzy
+#| msgid ""
+#| "If the field is empty, an new (unused) UID will be defined automatically "
+#| "by <command>newusers</command>."
+msgid ""
+"If the field is empty, a new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+"Se il campo è vuoto, verrà generato automaticamente un nuovo UID (non "
+"utilizzato) da parte di <command>newusers</command>."
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr "Se questo campo contiene un numero, verrà utilizzato come UID."
+
+#: newusers.8.xml:152(para)
+#, fuzzy
+#| msgid ""
+#| "If this field contains the name of an existing user (or the name of an "
+#| "user created before by <command>newusers</command>), the UID of the "
+#| "specified user will be used."
+msgid ""
+"If this field contains the name of an existing user (or the name of a user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+"Se questo campo contiene il nome di un utente già esistente (o il nome di un "
+"utente creato precedentemente da <command>newusers</command>), verrà "
+"utilizzato l'UID dell'utente specificato."
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr ""
+"Se viene cambiato l'UID di un utente esistente, la proprietà dei file di "
+"proprietà dell'utente stesso andrà cambiata manualmente."
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr "Definisce il l'ID del gruppo primario dell'utente."
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+"Se questo campo contiene il nome di un gruppo esistente (o un gruppo creato "
+"in precedenza da <command>newusers</command>), verrà utilizzato come ID del "
+"gruppo primario di questo utente il GID del gruppo stesso."
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+"Se questo campo è numerico, questo numero verrà utilizzato come ID del "
+"gruppo primario dell'utente. Se non esiste nessun gruppo con quel GID, ne "
+"viene creato uno con il nome dell'utente e il GID specificato."
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+"Se questo campo è vuoto verrà creato un nuovo gruppo con lo stesso nome "
+"dell'utente e con un GID determinato automaticamente da <command>newusers</"
+"command> da utilizzare come ID del gruppo primario dell'utente e come GID "
+"del nuovo gruppo."
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+"Se questo campo contiene il nome di un gruppo che non esiste (e non è stato "
+"creato precedentemente da <command>newusers</command>), verrà creato un "
+"nuovo gruppo con il nome specificato e un GID determinato automaticamente da "
+"<command>newusers</command> perché sia utilizzato come ID del gruppo "
+"primario dell'utente e come GID per il nuovo gruppo."
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr "pw_gecos"
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr "Questo campo viene copiato nel campo GECOS dell'utente."
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr "pw_dir"
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr "Questo campo è utilizzato per impostare la directory home dell'utente."
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+"Se questo campo non contiene il nome di una directory esistente la directory "
+"viene creata, assegnandone la proprietà all'utente che si sta definendo o "
+"aggiornando e al suo gruppo primario."
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+"Se si modifica la directory home di un utente esistente, <command>newusers</"
+"command> non sposta o copia il contenuto della vecchia directory nella "
+"nuova. Questo va fatto manualmente."
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr "pw_shell"
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr ""
+"Questo campo definisce la shell dell'utente. Su questo campo non viene fatto "
+"nessun controllo."
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+"<command>newusers</command> prova prima a creare o modificare tutti gli "
+"utenti specificati e poi scrive tutte le modifiche sui database utente e "
+"gruppi. Se c'è un errore (eccetto sulla scrittura finale dei database) "
+"nessuna modifica viene scritta sui database."
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+"Durante il primo passaggio gli utenti vengono creati con la password "
+"bloccata (e le password non sono modificate nel caso di utenti che non sono "
+"creati). Un secondo passaggio si occupa di aggiornare tutte le password "
+"usando PAM. I problemi durante l'aggiornamento delle password sono "
+"riportati, ma non interrompono la modifica delle altre password."
+
+# type: Plain text
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr ""
+"Questo comando è appositamente pensato per grossi sistemi nei quali molti "
+"account sono aggiornati allo stesso tempo."
+
+# type: TP
+#: newusers.8.xml:266(para)
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr "Il comando <command>newusers</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-c</option>, <option>--crypt-method</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr "Utilizza il metodo specificato per cifrare le password."
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+"I metodi disponibili sono DES, MD5, NONE e SHA256 o SHA512 se la propria "
+"libc lo consente."
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Gli utenti di sistema sono creati senza informazioni riguardo la scadenza "
+"della password in <filename>/etc/shadow</filename> e il loro identificativo "
+"numerico è scelto nell'intervallo <option>SYS_UID_MIN</option>-"
+"<option>SYS_UID_MAX</option> definito nel file <filename>login.defs</"
+"filename>, anziché dell'intervallo <option>UID_MIN</option>-<option>UID_MAX</"
+"option> (e la loro controparte <option>GID</option> per la creazione dei "
+"gruppi)."
+
+# type: IP
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--sha-rounds</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr "Usa il numero specificato di cicli per cifrare la password."
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr ""
+"Il valore 0 indica che il sistema utilizzerà il numero predefinito di cicli "
+"per il metodo crypt (5000)."
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr "I valori minimo di 1.000 e massimo di 999.999.999 sono forzati."
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+"Si può utilizzare questa opzione solo con i metodi di cifratura SHA256 o "
+"SHA512."
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Il numero di cicli predefinito è impostato con le variabili "
+"SHA_CRYPT_MIN_ROUNDS e SHA_CRYPT_MAX_ROUNDS nel file <filename>/etc/login."
+"defs</filename>."
+
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+"Il file di input deve essere protetto poiché contiene password non cifrate."
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr ""
+"Ci si deve accertare che le password e il metodo di cifratura rispettino le "
+"norme delle password del sistema."
+
+#: newusers.8.xml:430(filename)
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/pam.d/newusers"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr "Configurazione PAM per <command>newusers</command>."
+
+# type: Plain text
+#: newusers.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr "newgrp"
+
+# type: Plain text
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr "effettua l'accesso a un nuovo gruppo"
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr "gruppo"
+
+# type: Plain text
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+"<command>newgrp</command> permette di cambiare il proprio ID di gruppo "
+"durante una sessione di login. Se viene specificato <option>-</option>, "
+"l'ambiente dell'utente viene reinizializzato come se l'utente stesse "
+"effettuando il login, altrimenti l'ambiente non viene modificato e la "
+"directory corrente non viene cambiata."
+
+# type: Plain text
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+"<command>newgrp</command> cambia l'ID di gruppo attuale reale in base al "
+"gruppo passato come argomento oppure, se non si passa nessun argomento, al "
+"gruppo predefinito nel file <filename>/etc/passwd</filename>. "
+"<command>newgrp</command> cerca anche di inserire il gruppo tra quelli "
+"dell'utente. Se non si tratta di root, all'utente viene chiesta una password "
+"nel caso che il gruppo lo richieda e l'utente non ne abbia (né in <filename>/"
+"etc/shadow</filename> se l'utente è definito anche lì, né in <filename>/etc/"
+"passwd</filename> altrimenti), oppure se l'utente non è elencato tra i "
+"membri del gruppo e il gruppo ha una password. Viene negato l'accesso "
+"all'utente nel caso che la password del gruppo sia vuota e l'utente non ne "
+"faccia parte."
+
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+"Se c'è una voce per questo gruppo nel file <filename>/etc/gshadow</"
+"filename>, allora l'elenco dei membri e la password di questo gruppo sono "
+"presi da questo file, altrimenti verrà presa la voce da <filename>/etc/"
+"group</filename>."
+
+# type: Plain text
+#: newgrp.1.xml:152(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr "logoutd"
+
+# type: Plain text
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr "impone le limitazioni sugli orari d'accesso"
+
+# type: Plain text
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+"<command>logoutd</command> fa rispettare le limitazioni sugli orari e sulle "
+"porte di accesso specificate in <filename>/etc/porttime</filename>. "
+"<command>logoutd</command> andrebbe avviato da <filename>/etc/rc</filename>. "
+"Il file <filename>/var/run/utmp</filename> viene controllato periodicamente "
+"per verificare che a ciascun utente sia consentito l'accesso da quella "
+"determinata porta e all'orario attuale. Ogni sessione di login che stia "
+"violando le limitazioni in <filename>/etc/porttime</filename> viene "
+"terminata."
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr "/var/run/utmp"
+
+# type: Plain text
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "Elenco delle sessioni attive."
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr "login.defs"
+
+# type: Plain text
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr "configurazione del pacchetto password shadow"
+
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+"Il file <filename>/etc/login.defs</filename> contiene la configurazione "
+"specifica per questo sistema relativa al pacchetto password shadow. Questo "
+"file è obbligatorio. La sua assenza non bloccerà l'utilizzo del sistema, ma "
+"probabilmente sarà causa di risultati non desiderati."
+
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+"Questo file è un file di testo leggibile nel quale ogni riga descrive un "
+"parametro di configurazione. Le righe consistono di una coppia nome valore "
+"separati da spazi. Le righe vuote e di commento sono ignorate. I commenti "
+"iniziano con con il simbolo \"#\" che deve essere il primo carattere diverso "
+"da spazio della riga."
+
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+"I valori dei parametri possono essere di quattro tipi: testo, booleano, "
+"numerico e numerico lungo. Un testo può contenere qualsiasi carattere "
+"stampabile. Un booleano dovrebbe essere uno tra <replaceable>yes</"
+"replaceable> e <replaceable>no</replaceable>. Un parametro dal valore "
+"booleano non definito oppure uno che ha un valore diverso da quelli permessi "
+"verrà equiparato al valore <replaceable>no</replaceable>. I numerici (sia "
+"normali che lunghi) possono essere decimali, ottali (preceduti da "
+"<replaceable>0</replaceable>) o esadecimali (preceduti da <replaceable>0x</"
+"replaceable>). Il valore massimo dei numerici normali e lunghi è dipendente "
+"dalla macchina."
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr "Sono forniti i seguenti parametri di configurazione:"
+
+# type: IP
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr "<option>CHFN_AUTH</option> (booleano)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"Se <replaceable>yes</replaceable>, il programma <command>chfn</command> "
+"richiederà l'autenticazione prima di apportare qualsiasi modifica, a meno "
+"che non sia eseguito dal super utente."
+
+# type: IP
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr "<option>CHFN_RESTRICT</option> (testo)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+"Questo parametro specifica quali valori del campo <emphasis remap=\"I"
+"\">gecos</emphasis> del file <filename>/etc/passwd</filename> possono essere "
+"cambiati da utenti normali usando il programma <command>chfn</command>. Può "
+"essere una combinazione qualsiasi delle lettere <replaceable>f</"
+"replaceable>, <replaceable>r</replaceable>, <replaceable>w</replaceable>, "
+"<replaceable>h</replaceable> per «Nome completo (f)», «Numero stanza (r)», "
+"«Telefono di lavoro (w)» e «Telefono di casa (h)». Per compatibilità con "
+"precedenti versioni, <replaceable>yes</replaceable> è quivalente a "
+"<replaceable>rwh</replaceable> e <replaceable>no</replaceable> è equivalente "
+"a <replaceable>frwh</replaceable>. Se non specificato, solo il super utente "
+"può effettuare modifiche. Le impostazioni più stringenti si ottengono "
+"installando <command>chfn</command> non SUID."
+
+# type: IP
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr "<option>CHSH_AUTH</option> (booleano)"
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"Se <replaceable>yes</replaceable>, il comando <command>chsh</command> "
+"richiederà l'autenticazione prima di apportare qualsiasi modifica, a meno "
+"che sia utilizzato dal super utente."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ERASECHAR</option> (number)"
+msgstr "<option>ERASECHAR</option> (numerico)"
+
+# type: Plain text
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+"Carattere ERASE del terminale (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = Canc)."
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr ""
+"Il valore deve avere il prefisso «0» se in ottale, o «0x» se esadecimale."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "<option>FAIL_DELAY</option> (numerico)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr ""
+"Numero di secondi prima che venga concesso un ulteriore tentativo dopo un "
+"accesso fallito."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr "<option>FAILLOG_ENAB</option> (booleano)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr ""
+"Abilita la memorizzazione e mostra le informazioni sugli accessi falliti "
+"contenute in <filename>/var/log/faillog</filename>."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr "<option>FAKE_SHELL</option> (testo)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+"Se impostato, <command>login</command> eseguirà questa shell al posto di "
+"quella utente specificata in <filename>/etc/passwd</filename>."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr "<option>FTMP_FILE</option> (testo)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+"Se impostato, gli accessi falliti verranno tracciati in questo file nel "
+"formato utmp."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr "<option>HUSHLOGIN_FILE</option> (testo)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+"Se definito, questo file inibisce quanto stampato durante l'accesso. Se "
+"viene specificato un percorso completo, la modalità silenziosa (hushed) "
+"viene attivata se in quel file è presente il nome dell'utente o della shell "
+"dell'utente. Se il percorso non è completo, allora la modalità silenziosa "
+"viene attivata se quel file è presente nella directory home dell'utente."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr "<option>ISSUE_FILE</option> (testo)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr "Se definito, il file verrà mostrato prima del prompt di login."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>KILLCHAR</option> (number)"
+msgstr "<option>KILLCHAR</option> (numerico)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr ""
+"Il carattere da usare sul terminale per cancellare l'intera riga "
+"(<replaceable>025</replaceable> = CTRL-U)"
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr "<option>LASTLOG_ENAB</option> (booleano)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+"Abilita la memorizzazione e la stampa delle informazioni sulle date degli "
+"ultimi accessi in /var/log/lastlog."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr "<option>LOG_OK_LOGINS</option> (booleano)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr "Abilita la tracciatura degli accessi avvenuti con successo."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "<option>LOG_UNKFAIL_ENAB</option> (booleano)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr ""
+"Abilita l'inclusione dei nomi utente sconosciuti quando si registrano gli "
+"accessi falliti."
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+"Nota: memorizzare i nomi sconosciuti potrebbe diventare un problema legato "
+"alla sicurezza se un utente inserisce la propria password al posto del nome "
+"utente."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "<option>LOGIN_RETRIES</option> (numerico)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr "Massimo numero di tentativi di accesso per password errata."
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+"Questa impostazione verrà probabilmente superata da quella di PAM poiché il "
+"modulo predefinito pam_unix ha una sua gestione con 3 tentativi. In ogni "
+"caso questa è una impostazione di sicurezza nel caso in cui si utilizzi un "
+"modulo PAM che ignora PAM_MAXTRIES."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "<option>LOGIN_TIMEOUT</option> (numerico)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr "Numero massimo di secondi per l'accesso."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "<option>MOTD_FILE</option> (testo)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr ""
+"Se definito è una lista di nomi di file con «messaggi del giorno» separati "
+"da «:» che vengono mostrati subito dopo l'accesso."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr "<option>NOLOGINS_FILE</option> (testo)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+"Se definito è il nome di un file che impedisce l'accesso degli utenti non "
+"root. Il suo contenuto dovrebbe essere un messaggio che indica il motivo per "
+"il quale l'accesso è impedito."
+
+#: login.defs.5.xml:208(para)
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> e "
+"<option>PASS_WARN_AGE</option> sono utilizzate solo al momento della "
+"creazione dell'account. Qualsiasi cambiamento di queste impostazioni non "
+"modifica gli account preesistenti."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>PORTTIME_CHECKS_ENAB</option> (booleano)"
+
+# type: Plain text
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr ""
+"Abilita la verifica delle restrizioni temporali specificate in <filename>/"
+"etc/porttime</filename>."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "<option>TTYGROUP</option> (testo)"
+
+# type: IP
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>TTYPERM</option> (string)"
+msgstr "<option>TTYPERM</option> (testo)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+"I permessi del terminale: il tty usato per l'accesso sarà di proprietà del "
+"gruppo <option>TTYGROUP</option> e avrà permessi impostati a "
+"<option>TTYPERM</option>."
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+"In maniera predefinita la proprietà del terminale sarà impostata al gruppo "
+"primario dell'utente, mentre i permessi saranno <replaceable>0600</"
+"replaceable>."
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+"<option>TTYGROUP</option> può essere il nome del gruppo o il suo "
+"identificativo numerico."
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+"Se si ha il comando <command>write</command> che è «setgid» e ha un gruppo "
+"speciale che possiede i terminali, definire TTYGROUP con lo stesso gruppo e "
+"TTYPERM a 0620. Altrimenti lasciare TTYGROUP commentato e assegnare TTYPERM "
+"a 622 o 600."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "<option>TTYTYPE_FILE</option> (testo)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+"Se definito si tratta di un file che mappa le linee tty nella variabile "
+"d'ambiente TERM. Ogni riga del file è in un formato tipo «vt100 tty01»."
+
+# type: IP
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ULIMIT</option> (number)"
+msgstr "<option>ULIMIT</option> (numerico)"
+
+# type: Plain text
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr "Valore <command>ulimit</command> predefinito."
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr "RIFERIMENTI INCROCIATI"
+
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr ""
+"I seguenti riferimenti incrociati mostrano quali programmi del pacchetto "
+"shadow password utilizzano quali parametri."
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr "chage"
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr "USE_TCB"
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr "chfn"
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr "chgpasswd"
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr "chpasswd"
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr "chsh"
+
+#: login.defs.5.xml:288(para)
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr "CHSH_AUTH LOGIN_STRING"
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr "gpasswd"
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr "groupadd"
+
+#: login.defs.5.xml:308(para)
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr "groupdel"
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr "MAX_MEMBERS_PER_GROUP"
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr "groupmems"
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr "groupmod"
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr "grpck"
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr "login"
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+
+#: login.defs.5.xml:383(term)
+msgid "newgrp / sg"
+msgstr "newgrp / sg"
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr "SYSLOG_SG_ENAB"
+
+#: login.defs.5.xml:393(para)
+#, fuzzy
+#| msgid ""
+#| "ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+#| "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+#| "\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+#| "SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:431(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+
+#: login.defs.5.xml:463(term)
+msgid "sulogin"
+msgstr "sulogin"
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+
+#: login.defs.5.xml:474(para)
+#, fuzzy
+#| msgid ""
+#| "CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+#| "PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+#| "SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb"
+#| "\">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>"
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN "
+"UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP TCB_SYMLINK "
+"USE_TCB</phrase>"
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"\"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB "
+"<phrase condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+
+# type: Plain text
+#: login.defs.5.xml:519(para)
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+"Molte delle funzionalità che erano fornite dal pacchetto password shadow "
+"sono adesso gestite da PAM. Quindi <filename>/etc/login.defs</filename> non "
+"è più utilizzato da <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, e meno usato da "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> e <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>. Vedere la corrispondente configurazione di PAM."
+
+# type: Plain text
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr "login.access"
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr "tabella di controllo accessi"
+
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+"Il file <emphasis remap=\"I\">login.access</emphasis> specifica le "
+"combinazioni (utente, macchina) e/o (utente, terminale) per le quali un "
+"accesso sia accettato o rifiutato."
+
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+"Quando avviene un accesso, il file <emphasis remap=\\\"I\\\">login.access</"
+"emphasis> viene scorso alla ricerca della prima combinazione (utente, "
+"macchina) oppure, in caso di accesso in locale, la prima combinazione "
+"(utente, terminale). Il campo per l'autorizzazione di quanto ritrovato "
+"determina se l'utente può o meno accedere."
+
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr ""
+"Ogni riga della tabella di controllo degli accessi ha tre campi separati dal "
+"carattere «:»:"
+
+# type: Plain text
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">permesso</emphasis>:<emphasis remap=\"I\">utenti</"
+"emphasis>:<emphasis remap=\"I\">origini</emphasis>"
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+"Il primo campo dovrebbe essere il carattere «<emphasis>+</"
+"emphasis>» (accesso concesso) o «<emphasis>-</emphasis>» (accesso negato). "
+"Il secondo campo dovrebbe essere un elenco di nomi utente o gruppi oppure "
+"<emphasis>ALL</emphasis> (sempre vero). Il terzo campo dovrebbe essere una "
+"lista di uno o più nomi di terminale (per accesso locale), nomi di macchina, "
+"nomi di dominio (con il carattere «<literal>.</literal>» all'inizio), "
+"indirizzi di macchina, numeri di rete internet (termina con il carattere "
+"«<literal>.</literal>»), <emphasis>ALL</emphasis> (sempre vero) oppure "
+"<emphasis>LOCAL</emphasis> (corrisponde a ogni testo che non contenga il "
+"carattere «<literal>.</literal>»). Se si usa NIS si può usare @nomenetgroup "
+"come nome macchina o utente."
+
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr ""
+"L'operatore <emphasis>EXCEPT</emphasis> permette di scrivere regole molto "
+"compatte."
+
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+"La ricerca nel file dei gruppi avviene solo quando il nome non corrisponde a "
+"quello dell'utente che accede. I gruppi che possono corrispondere sono solo "
+"quelli nei quali l'utente è esplicitamente elencato: il programma non "
+"controlla l'id del gruppo primario dell'utente."
+
+# type: Plain text
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr "apre una sessione sul sistema"
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr "macchina"
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr "ENV=VAR"
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+# type: Plain text
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+"<command>login</command> viene utilizzato per aprire una sessione sul "
+"sistema. Normalmente viene invocato automaticamente rispondendo al prompt "
+"<emphasis remap=\"I\">login:</emphasis> del terminale. <command>login</"
+"command> può essere trattato in maniera speciale dalla shell e non può "
+"essere invocato come sottoprocesso. Quando è richiamato dalla shell, "
+"<command>login</command> va invocato come <emphasis remap=\"B\">exec login</"
+"emphasis> che termina la shell utente attuale (il che impedirà al nuovo "
+"utente che accede, di poter ritornare alla sessione del chiamante). Il "
+"tentativo di esecuzione di <command>login</command> da una shell che non sia "
+"quella di login produce un messaggio d'errore."
+
+# type: Plain text
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+"Se necessario viene quindi chiesta la password all'utente. Durante questa "
+"operazione l'eco sul terminale è disabilitata per non rivelare la password. "
+"Solo un basso numero di tentativi falliti è permesso prima che "
+"<command>login</command> termini e che la connessione sia interrotta."
+
+# type: Plain text
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+"Se la scadenza delle password è abilitata per il proprio account, prima di "
+"proseguire ci può essere la richiesta di una nuova password. Il programma "
+"chiederà prima la vecchia password e poi la nuova per poter continuare. Per "
+"maggiori informazioni si faccia riferimento a "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+# type: Plain text
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+"Dopo aver completato correttamente l'accesso, vengono mostrati eventuali "
+"messaggi di sistema e si viene informati della presenza di nuova posta. Si "
+"può evitare di visualizzare i messaggi in <filename>/etc/motd</filename> "
+"creando un file vuoto chiamato <filename>.hushlogin</filename> nella propria "
+"directory di login. Il messaggio relativo alla presenza di posta è "
+"«<emphasis>C'è nuova posta.</emphasis>», «<emphasis>C'è posta.</emphasis>» o "
+"«<emphasis>Nessun messaggio di posta.</emphasis>» a seconda dello stato "
+"della propria casella di posta."
+
+# type: Plain text
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+"I propri ID di utente e gruppo vengono poi impostati in base ai valori "
+"definiti nel file <filename>/etc/passwd</filename>. I valori di <envar>"
+"$HOME</envar>, <envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</"
+"envar> e <envar>$MAIL</envar> sono impostati in base ai campi appropriati "
+"nella voce della password. Anche i valori per ulimit, umask e nice possono "
+"essere impostati in base al campo GECOS."
+
+# type: Plain text
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+"In alcune installazioni la variabile d'ambiente <envar>$TERM</envar> può "
+"essere impostata in base al tipo di terminale della propria connessione, "
+"come specificato in <filename>/etc/ttytype</filename>."
+
+# type: Plain text
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+"Può anche essere eseguito uno script di inizializzazione per il proprio "
+"interprete dei comandi. Fare riferimento alla relativa sezione di manuale "
+"per maggiori informazioni su questa funzione."
+
+# type: Plain text
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+"Il programma <command>login</command> NON è responsabile di rimuovere gli "
+"utenti dal file utmp. La correzione del proprietario di una sessione di "
+"terminale è responsabilità di <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> e "
+"<citerefentry><refentrytitle>init</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>. Se si usa <command>login</command> senza <command>exec</"
+"command> dal prompt della shell, allora l'utente che si sta usando risulterà "
+"sempre connesso al sistema anche oltre il termine della «sottosessione»."
+
+# type: Plain text
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr "Non effettua l'autenticazione, l'utente è già autenticato"
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+"Nota: in questo caso <replaceable>username</replaceable> è obbligatorio."
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr "-h"
+
+# type: Plain text
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr "Nome dell'host remoto per questo login."
+
+# type: Plain text
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr "Non modifica l'ambiente."
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+# type: Plain text
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr "Attiva il protocollo autologin di rlogin."
+
+# type: Plain text
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+"Le opzioni <option>-r</option>, <option>-h</option> e <option>-f</option> "
+"possono essere utilizzate solo quando <command>login</command> viene "
+"invocato da root."
+
+# type: Plain text
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Questa versione di <command>login</command> ha molte opzioni di "
+"compilazione; in un determinato sistema potrebbe esserne in uso solo una "
+"parte."
+
+# type: Plain text
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr ""
+"La posizione dei file è soggetta a differenze in base alla configurazione "
+"del sistema."
+
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+"Come per ogni programma, l'aspetto di <command>login</command> può essere "
+"simulata. Se utenti non fidati hanno accesso fisico alla macchina, essi "
+"potrebbero sfruttare questa cosa per ottenere la password della prossima "
+"persona che si siede davanti al terminale. In Linux si può utilizzare il "
+"meccanismo SAK per iniziare un percorso sicuro che previene questo tipo di "
+"attacchi."
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+# type: Plain text
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr "Elenco delle precedenti sessioni di login."
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr "File di sistema con il messaggio del giorno."
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+# type: Plain text
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr "Impedisce l'accesso al sistema per utenti diversi da root."
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+# type: Plain text
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr "Elenco di tipi di terminale."
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+# type: Plain text
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr "Impedisce che vengano mostrati i messaggi di sistema."
+
+# type: Plain text
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr ""
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr ""
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr "definizione dei limiti di risorsa"
+
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+"Il file <emphasis remap=\"I\">limits</emphasis> (<filename>/etc/limits</"
+"filename> o quanto definito da LIMITS_FILE in <filename>config.h</filename>) "
+"descrive i limiti di risorsa che si vuole imporre. Deve essere di proprietà "
+"di root e leggibile solo dall'account root."
+
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+"In maniera predefinita non c'è nessun limite alla quota di «root». In "
+"effetti non c'è nessun modo per imporre una quota massima tramite questa "
+"procedura agli account equivalenti a root (cioè tutti quelli con UID 0)."
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr "Ogni riga descrive un limite per l'utente in questo formato:"
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr "utente TESTO_LIMITE"
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr "oppure nel formato:"
+
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr "@gruppo TESTO_LIMITE"
+
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+"Dove <emphasis>TESTO_LIMITE</emphasis> è un testo dato dalla concatenazione "
+"di vari limiti di risorsa. Ogni limite consiste di una lettera "
+"identificativa seguita dal limite numerico."
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr "Gli identificatori validi sono:"
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr "A: spazio massimo di indirizzamento (kB)"
+
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr "C: dimensione massima dei file «core» (kB)"
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr "D: spazio massimo per i dati (kB)"
+
+#: limits.5.xml:111(para)
+#, fuzzy
+#| msgid "F: maximum filesize (KB)"
+msgid "F: maximum file size (KB)"
+msgstr "F: dimensione massima di file (kB)"
+
+# type: Plain text
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"K: maschera dei permessi per i file creati, impostata da "
+"<citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></"
+"citerefentry>."
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr "I: massimo valore di «nice» (0..39 che viene tradotto in 20..-19)"
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr "L: massimo numero di accessi per questo utente"
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr ""
+"M: massima quantità di memoria bloccata (della quale non si può fare «swap») "
+"(kB)"
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr "N: numero massimo di file aperti"
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr "O: massima priorità «real time»"
+
+# type: Plain text
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"P: priorità di processo, impostata con "
+"<citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr "R: massimo «resident set size» (kB)"
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr "S: dimensione massima della pila (kB)"
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr "T: quantità massima di tempo CPU (MIN)"
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr "U: massimo numero di processi"
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+"Ad esempio, <emphasis remap=\"I\">L2D2048N5</emphasis> è uno testo valido "
+"per <emphasis>TESTO_LIMITE</emphasis>. Per sempicità di lettura le seguenti "
+"scritture sono equivalenti:"
+
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      username L2D2048N5\n"
+"      username L2 D2048 N5\n"
+"    "
+msgstr ""
+"\n"
+"   nomeutente L2D2048N5\n"
+"   nomeutente L2 D2048 N5\n"
+"   "
+
+#: limits.5.xml:145(para)
+#, fuzzy
+#| msgid ""
+#| "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+#| "the line is considered a limit string, thus comments are not allowed. A "
+#| "invalid limits string will be rejected (not considered) by the "
+#| "<command>login</command> program."
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. An "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+"Notare che dopo <emphasis remap=\"I\">nomeutente</emphasis> il resto della "
+"riga è considerato il testo del limite, quindi non sono ammessi commenti a "
+"fine riga. Un testo limite non valido verrà ignorato dal programma "
+"<command>login</command>."
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+"L'impostazione predefinita è quella che ha come nome utente «<emphasis>*</"
+"emphasis>». Se si hanno varie righe <emphasis remap=\"I\">predefinite</"
+"emphasis> nel file <emphasis>LIMITS_FILE</emphasis> verrà utilizzata solo "
+"l'ultima."
+
+# type: Plain text
+#: limits.5.xml:159(para)
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+"I limiti specificati nella forma «<replaceable>@gruppo</replaceable>» si "
+"applicano ai membri del <replaceable>gruppo</replaceable> specificato."
+
+#: limits.5.xml:165(para)
+#, fuzzy
+#| msgid ""
+#| "If more than one line with limits for an user exist, only the first line "
+#| "for this user will be considered."
+msgid ""
+"If more than one line with limits for a user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+"Se ci sono più righe per lo stesso utente nel file limits, allora solo la "
+"prima verrà considerata."
+
+#: limits.5.xml:170(para)
+#, fuzzy
+#| msgid ""
+#| "If no lines are specified for an user, the last <replaceable>@group</"
+#| "replaceable> line matching a group whose the user is a member of will be "
+#| "considered, or the last line with default limits if no groups contain the "
+#| "user."
+msgid ""
+"If no lines are specified for a user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+"Se non ci sono righe specifiche per un utente, verrà presa l'ultima riga "
+"<replaceable>@group</replaceable> relativa ad un gruppo del quale l'utente è "
+"membro, oppure l'ultima riga con limiti predefiniti se non si trova nessuna "
+"riga con gruppi dell'utente."
+
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr ""
+"Per eliminare completamente l'impostazione di limiti per un certo utente, si "
+"può utilizzare «<emphasis>-</emphasis>»."
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+"Per disabilitare i limiti per un utente, un singolo trattino «<replaceable>-"
+"</replaceable>» può essere utilizzato al posto del valore numerico del "
+"limite."
+
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+"Notare inoltre che tutte queste impostazioni sono effettuate ad ogni "
+"accesso. Non si tratta di impostazioni globali né permanenti. Forse limiti "
+"globali saranno possibili in futuro, ma per ora devono bastare questi ;)"
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr "/etc/limits"
+
+# type: Plain text
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr "lastlog"
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr ""
+"riepiloga gli accessi più recenti di tutti gli utenti o dell'utente dato"
+
+# type: Plain text
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+"<command>lastlog</command> formatta e mostra il log degli ultimi accessi, "
+"contenuto nel file <filename>/var/log/lastlog</filename>. Le informazioni "
+"mostrate sono il <emphasis>nome utente</emphasis>, la <emphasis>porta</"
+"emphasis> e la <emphasis>data dell'ultimo accesso</emphasis>. Il "
+"comportamento predefinito (nessuna opzione specificata) è di mostrare i "
+"record di ultimo accesso per tutti gli utenti, nell'ordine in cui compaiono "
+"in <filename>/etc/passwd</filename>."
+
+# type: TP
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr "Il comando <command>lastlog</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: lastlog.8.xml:97(term)
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>GIORNI</"
+"replaceable>"
+
+# type: Plain text
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+"Mostra solo i record di ultimo accesso più vecchi di <emphasis remap=\"I"
+"\">GIORNI</emphasis> giorni."
+
+# type: IP
+#: lastlog.8.xml:107(term)
+#, fuzzy
+#| msgid "<option>-u</option>, <option>--user</option>"
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+# type: IP
+#: lastlog.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "This option is only valid in combination with the <option>-d</option> (or "
+#| "<option>--home</option>) option."
+msgid ""
+"Clear lastlog record of a user. This option can be used only together with "
+"<option>-u</option> (<option>--user</option>))."
+msgstr ""
+"Questa opzione è valida solo in combinazioone con l'opzione <option>-d</"
+"option> (o <option>--home</option>)."
+
+# type: IP
+#: lastlog.8.xml:138(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: lastlog.8.xml:142(para)
+msgid ""
+"Set lastlog record of a user to the current time. This option can be used "
+"only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+# type: IP
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>GIORNI</"
+"replaceable>"
+
+# type: Plain text
+#: lastlog.8.xml:153(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr ""
+"Mostra solo i record di ultimo accesso più recenti di <emphasis remap=\"I"
+"\">GIORNI</emphasis>."
+
+# type: IP
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLO</replaceable>"
+
+# type: Plain text
+#: lastlog.8.xml:164(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr ""
+"Mostra il record di ultimo accesso per l'utente o gli utenti specificati da "
+"<emphasis remap=\"I\">LOGIN</emphasis>."
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+"Gli utenti possono essere specificati utilizzando il loro nome oppure l'ID "
+"numerico o tramite un <replaceable>INTERVALLO</replaceable> di utenti. "
+"Questo <replaceable>INTERVALLO</replaceable> di utenti ha tre forme: tra "
+"minimo e massimo (<replaceable>UID_MIN-UID_MAX</replaceable>), fino ad un "
+"valore massimo (<replaceable>-UID_MAX</replaceable>) o da un valore minimo "
+"(<replaceable>UID_MIN-</replaceable>)."
+
+# type: Plain text
+#: lastlog.8.xml:179(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+"Se l'utente non ha mai effettuato accessi al sistema viene mostrato, al "
+"posto della porta e della data, il messaggio «<emphasis>**Nessun accesso "
+"effettuato**</emphasis>»."
+
+#: lastlog.8.xml:184(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+"Solo le registrazioni degli utenti correnti del sistema verranno mostrate. "
+"Ci potrebbero essere altre registrazioni per utenti cancellati in precedenza."
+
+# type: SH
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr "NOTA"
+
+#: lastlog.8.xml:193(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+"Il file <filename>lastlog</filename> è un database che contiene informazioni "
+"sull'ultimo accesso di ogni utente. Non deve essere ruotato. Si tratta di un "
+"file «sparse», quindi la sua dimensione è minore di quanto normalmente "
+"mostrato da «<command>ls -l</command>» (che potrebbe indicare una dimensione "
+"veramente grande se si hanno utenti con grandi UID in <filename>passwd</"
+"filename>). Si può vedere la dimensione effettiva con «<command>ls -s</"
+"command>»."
+
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr "Database degli orari dei precedenti accessi utente."
+
+# type: Plain text
+#: lastlog.8.xml:217(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+"Se ci sono dei grossi scarti tra i valori di UID, il programma lastlog può "
+"restare in esecuzione per un tempo prolungato senza produrre output sullo "
+"schermo (ad es. se nel database lastlog non ci sono registrazioni per UID "
+"tra 170 e 800, il programma sembrerà bloccato mentre esamina gli UID tra 171 "
+"e 799)."
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr ""
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr "gshadow"
+
+# type: Plain text
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr "file shadow per i gruppi"
+
+# type: Plain text
+#: gshadow.5.xml:59(para)
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr ""
+"<emphasis>/etc/gshadow</emphasis> contiene le informazioni shadow sugli "
+"account di gruppo."
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr "Ogni riga di questo file contiene questi campi separati da due punti:"
+
+# type: Plain text
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "nome del gruppo"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr "Deve essere un nome di gruppo valido, che esista nel sistema."
+
+# type: Plain text
+#: gshadow.5.xml:90(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+"Se il campo password contiene un testo che non sia un risultato valido di "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, ad esempio ! o *, gli utenti non potranno accedere a quel "
+"gruppo utilizzando la password unix (ma i membri del gruppo non necessitano "
+"di password)."
+
+# type: Plain text
+#: gshadow.5.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The password is used when an user who is not a member of the group wants "
+#| "to gain the permissions of this group (see "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>)."
+msgid ""
+"The password is used when a user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"La password è utilizzata quanto un utente che non è membro del gruppo cerca "
+"di ottenerne i permessi (vedere <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr ""
+"Questo campo può essere vuoto, nel qual caso solo i membri del gruppo "
+"possono ottenere i permessi del gruppo."
+
+# type: Plain text
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr ""
+"Questa password ha la precedenza su ogni altra specificata in <filename>/etc/"
+"group</filename>."
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr "amministratori"
+
+# type: Plain text
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr "Deve essere una lista di nomi utente separati da virgole."
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr "Gli amministratori possono cambiare la password o i membri del gruppo."
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr ""
+"Gli amministratori hanno anche gli stessi permessi dei membri (vedere sotto),"
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr "membri"
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr ""
+"I membri possono accedere al gruppo senza che ne sia richiesta la password."
+
+# type: Plain text
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+"Si dovrebbe utilizzare la stessa lista di utenti di <filename>/etc/group</"
+"filename>."
+
+# type: Plain text
+#: gshadow.5.xml:175(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+# type: Plain text
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr "verifica l'integrità dei file dei gruppi"
+
+# type: Plain text
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+"Il comando <command>grpck</command> verifica l'integrità delle informazioni "
+"sui gruppi. Ogni voce in <filename>/etc/group</filename><phrase condition="
+"\"gshadow\"> e in <filename>/etc/gshadow</filename></phrase> viene "
+"controllata per verificare che abbia il formato corretto e dati validi. "
+"Viene richiesto all'utente di rimuovere le voci che non hanno un formato "
+"appropriato o che presentano altri errori impossibili da correggere."
+
+# type: Plain text
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr "un nome univoco e valido di gruppo"
+
+#: grpck.8.xml:104(para)
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+"un identificatore valido di gruppo <phrase condition=\"gshadow\"> (solo "
+"<filename>/etc/group</filename>)</phrase>"
+
+# type: Plain text
+#: grpck.8.xml:111(para)
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr ""
+"un elenco valido di membri<phrase condition=\"gshadow\"> e amministratori</"
+"phrase>"
+
+# type: Plain text
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+"una voce corrispondente nel file <filename>/etc/gshadow</filename> "
+"(rispettivamente <filename>/etc/group</filename> per i controlli in "
+"<filename>gshadow</filename>)"
+
+# type: Plain text
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+"Gli errori nelle verifiche sul corretto numero di campi e sull'univocità del "
+"nome del gruppo sono irrimediabili. Se una voce ha un numero errato di "
+"campi, all'utente viene chiesto di cancellare l'intera riga; se l'utente non "
+"risponde affermativamente, vengono omessi tutti gli ulteriori controlli. "
+"Viene richiesta la cancellazione anche per le voci aventi il nome del gruppo "
+"duplicato, ma i rimanenti controlli vengono ugualmente effettuati. Tutti gli "
+"altri errori non sono gravi e l'utente è invitato a eseguire il comando "
+"<command>groupmod</command> per correggerli."
+
+# type: Plain text
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+"I comandi che operano <phrase condition=\"no_gshadow\">sul file <filename>/"
+"etc/group</filename></phrase><phrase condition=\"gshadow\">sui file "
+"<filename>/etc/group</filename> e <filename>/etc/gshadow</filename></phrase> "
+"non sono in grado di modificare voci corrotte o duplicate; in tali "
+"circostanze va usato <command>grpck</command> per rimuovere le voci "
+"scorrette."
+
+# type: Plain text
+#: grpck.8.xml:152(para)
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr "Il comando <command>grpck</command> accetta le seguenti opzioni:"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+"Esegue il comando <command>grpck</command> in sola lettura. Questo implica "
+"che sia risposto <emphasis>no</emphasis> automaticamente a tutte le domande "
+"relative alle modifiche."
+
+#: grpck.8.xml:187(para)
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+"Ordina le voci in <filename>/etc/group</filename> <phrase condition=\"gshadow"
+"\">e <filename>/etc/gshadow</filename> </phrase>per GID."
+
+#: grpck.8.xml:196(para)
+#, fuzzy
+#| msgid ""
+#| "By default, <command>grpck</command> operates on <filename>/etc/group</"
+#| "filename><phrase condition=\"gshadow\"> and <filename>/etc/gshadow</"
+#| "filename></phrase>. The user may select alternate files with the "
+#| "<emphasis remap=\"I\">group</emphasis><phrase condition=\"no_gshadow"
+#| "\">parameter.</phrase><phrase condition=\"gshadow\">and <emphasis remap="
+#| "\"I\">shadow</emphasis> parameters.</phrase>"
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+"Come impostazione predefinita, <command>grpck</command> opera sul file "
+"<filename>/etc/passwd</filename><phrase condition=\"gshadow\"> e su "
+"<filename>/etc/shadow</filename></phrase>. L'utente può selezionare file "
+"alternativi con <phrase condition=\"gshadow\">i parametri <emphasis remap=\"I"
+"\">group</emphasis> e <emphasis remap=\"I\">shadow</emphasis></"
+"phrase><phrase condition=\"no_gshadow\">il parametro <emphasis remap=\"I"
+"\">group</emphasis></phrase>."
+
+# type: Plain text
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr "una o più voci di gruppo contengono errori"
+
+# type: Plain text
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr "impossibile aprire i file dei gruppi"
+
+# type: Plain text
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr "impossibile fare il lock dei file dei gruppi"
+
+# type: Plain text
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr "impossibile aggiornare i file dei gruppi"
+
+# type: TP
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Il comando <command>grpck</command> restituisce i seguenti valori: "
+"<placeholder-1/>"
+
+# type: Plain text
+#: grpck.8.xml:291(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+# type: Plain text
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr "mostra i nomi dei gruppi correnti"
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr "utente"
+
+# type: Plain text
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+"Per ciascuno dei gruppi correnti, il comando <command>groups</command> "
+"mostra i nomi o i valori ID. Se un valore non ha nessuna voce corrispondente "
+"in <filename>/etc/group</filename>, esso viene mostrato in forma numerica. "
+"Se viene specificato un <emphasis remap=\"I\">utente</emphasis>, vengono "
+"mostrati i gruppi a cui appartiene quel determinato <emphasis remap=\"I"
+"\">utente</emphasis>."
+
+# type: Plain text
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+"Sui sistemi che non supportano l'appartenenza contemporanea a più gruppi, "
+"vengono riportate le informazioni da <filename>/etc/group</filename>. "
+"L'utente deve usare <command>newgrp</command> o <command>sg</command> per "
+"cambiare gli ID reale ed effettivo del gruppo."
+
+# type: Plain text
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+# type: Plain text
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr "modifica la definizione di un gruppo del sistema"
+
+# type: TH
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "GRUPPO"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+"Il comando <command>groupmod</command> cambia la definizione del "
+"<replaceable>GRUPPO</replaceable> modificando appropriatamente il database "
+"dei gruppi."
+
+# type: Plain text
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr "Il comando <command>groupmod</command> accetta le seguenti opzioni:"
+
+# type: TP
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+"\"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+# type: Plain text
+#: groupmod.8.xml:100(para)
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+"Verrà modificato l'ID del <replaceable>GRUPPO</replaceable> in "
+"<replaceable>GID</replaceable>."
+
+# type: Plain text
+#: groupmod.8.xml:104(para)
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+"Il valore <replaceable>GID</replaceable> deve essere un numero intero "
+"decimale non negativo. Deve essere univoco, a meno che non venga usata "
+"l'opzione <option>-o</option>."
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+"Gli utenti che hanno il gruppo come gruppo primario verranno aggiornati per "
+"mantenere tale gruppo come loro gruppo primario."
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+"Tutti i file che hanno il vecchio ID di gruppo e devono continuare ad "
+"appartenere a <replaceable>GRUPPO</replaceable>, devono essere aggiornati "
+"manualmente."
+
+#: groupmod.8.xml:120(para)
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Non verrà effettuato nessun controllo riguardo i limiti <option>GID_MIN</"
+"option>, <option>GID_MAX</option>, <option>SYS_GID_MIN</option> o "
+"<option>SYS_GID_MAX</option> definiti in <filename>/etc/login.defs</"
+"filename>."
+
+# type: TP
+#: groupmod.8.xml:135(term)
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NUOVO_GRUPPO</replaceable>"
+
+# type: Plain text
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+"Il nome del gruppo verrà modificato da <replaceable>GRUPPO</replaceable> a "
+"<replaceable>NUOVO_GRUPPO</replaceable>."
+
+#: groupmod.8.xml:150(para)
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+"Quando è usato con l'opzione <option>-g</option>, permette di cambiare il "
+"<replaceable>GID</replaceable> in un valore non univoco."
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "nome di gruppo già in uso"
+
+# type: TP
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "Il comando <command>groupmod</command> esce con i seguenti valori:"
+
+# type: Plain text
+#: groupmod.8.xml:287(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr ""
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr ""
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr ""
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr ""
+
+# type: Plain text
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr "membri amministratori del gruppo primario dell'utente"
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr "user_name"
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr "group_name"
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr "-g <placeholder-1/>"
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+"Il comando <command>groupmems</command> permette a utenti di amministrare la "
+"lista di membri del proprio gruppo senza richiedere i privilegi di "
+"amministratore. Il comando <command>groupmems</command> è per sistemi che "
+"configurano gli utenti perché siano in un gruppo primario con lo stesso nome "
+"dell'utente (esempio: guest/guest)."
+
+#: groupmems.8.xml:94(para)
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+"Solo il super utente, come amministratore, può utilizzare "
+"<command>groupmems</command> per modificare l'elenco di membri di altri "
+"gruppi."
+
+# type: Plain text
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr "Il comando <command>groupmems</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: groupmems.8.xml:107(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+
+#: groupmems.8.xml:109(para)
+#, fuzzy
+#| msgid "Add an user to the group membership list."
+msgid "Add a user to the group membership list."
+msgstr "Aggiunge un utente all'elenco di membri del gruppo."
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+"Se esiste il file <filename>/etc/gshadow</filename> e il gruppo non vi è "
+"presente, viene aggiunto."
+
+# type: IP
+#: groupmems.8.xml:118(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr "Cancella un utente dall'elenco degli utenti del gruppo."
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+"Se esiste il file <filename>/etc/gshadow</filename>, l'utente verrà rimosso "
+"dalle liste di utenti e amministratori del gruppo."
+
+# type: IP
+#: groupmems.8.xml:134(term)
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr ""
+"Il super utente può specificare quale elenco di membri del gruppo modificare."
+
+# type: IP
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr "Elenca tutti i membri del gruppo."
+
+# type: TP
+#: groupmems.8.xml:154(term)
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-p</option>, <option>--purge</option>"
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr "Elimina tutti gli utenti dalla lista dei membri del gruppo."
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr "CONFIGURAZIONE"
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+"L'eseguibile <command>groupmems</command> dovrebbe avere i permessi "
+"<literal>2770</literal> ed essere di proprietà di <emphasis>root</emphasis> "
+"e del gruppo <emphasis>groups</emphasis>. L'amministratore di sistema può "
+"aggiungere utenti al gruppo <emphasis>groups</emphasis> per permettere loro "
+"di poter gestire l'elenco di membri del proprio gruppo tramite il comando "
+"<command>groupmems</command>."
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+"    "
+msgstr ""
+"\n"
+"        $ groupadd -r groups\n"
+"        $ chmod 2770 groupmems\n"
+"        $ chown root.groups groupmems\n"
+"        $ groupmems -g groups -a gk4\n"
+"    "
+
+# type: Plain text
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr "informazioni sicure sugli account di gruppo"
+
+# type: Plain text
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+# type: Plain text
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr "rimuove un gruppo"
+
+# type: Plain text
+#: groupdel.8.xml:81(para)
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+"Il comando <command>groupdel</command> modifica i file di account di sistema "
+"rimuovendo tutte le voci che si riferiscono a <replaceable>GRUPPO</"
+"replaceable>. Il gruppo indicato deve esistere."
+
+# type: Plain text
+#: groupdel.8.xml:89(para)
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr "Il comando <command>groupdel</command> accetta le seguenti opzioni:"
+
+# type: Plain text
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr ""
+"Non si può rimuovere un gruppo che sia gruppo primario di un utente. Occorre "
+"rimuovere l'utente prima di rimuovere il gruppo."
+
+# type: Plain text
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr ""
+"Occorre controllare manualmente tutti i file system per assicurarsi che non "
+"rimanga alcun file avente questo ID di gruppo."
+
+# type: Plain text
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr "operazione impossibile perché il gruppo è primario per un utente"
+
+# type: TP
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Il comando <command>groupdel</command> restituisce i seguenti valori: "
+"<placeholder-1/>"
+
+# type: Plain text
+#: groupdel.8.xml:198(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+# type: Plain text
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "crea un nuovo gruppo"
+
+# type: Plain text
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+"Il comando <command>groupadd</command> crea un nuovo account di gruppo "
+"usando i valori specificati sulla riga di comando ed i valori predefiniti "
+"dal sistema. Il nuovo gruppo verrà aggiunto ai file di sistema secondo "
+"necessità."
+
+# type: Plain text
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr "Il comando <command>groupadd</command> accetta le seguenti opzioni:"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+"Questa opzione fa sì che il comando esca con esito positivo nel caso che il "
+"gruppo esista già. Quando utilizzato con l'opzione <option>-g</option>, e il "
+"GID specificato esiste, un altro GID (univoco) viene scelto (cioè <option>-"
+"g</option> viene ignorato)."
+
+# type: Plain text
+#: groupadd.8.xml:118(para)
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+"Il valore numerico dell'identificatore (ID) del gruppo. Questo valore deve "
+"essere univoco, a meno che non venga usata l'opzione <option>-o</option>. Il "
+"valore deve essere non-negativo. La scelta predefinita è quella di usare il "
+"minimo valore di ID maggiore o eguale a <option>GID_MIN</option> e superiore "
+"a qualunque altro gruppo."
+
+# type: Plain text
+#: groupadd.8.xml:124(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr ""
+"Vedere anche l'opzione <option>-r</option> e la descrizione di "
+"<option>GID_MAX</option>."
+
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+"Ha la precedenza sui valori predefiniti (GID_MIN, GID_MAX e altri) definiti "
+"in <filename>/etc/login.defs</filename>. Più opzioni <option>-K</option> "
+"possono essere specificate."
+
+# type: IP
+#: groupadd.8.xml:146(para)
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Esempio: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: groupadd.8.xml:150(para)
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+"Nota: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> non funziona ancora."
+
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr ""
+"Questa opzione permette di aggiungere un gruppo con un GID non univoco."
+
+# type: Plain text
+#: groupadd.8.xml:192(para)
+msgid "Create a system group."
+msgstr "Crea un gruppo di sistema."
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+"L'identificativo numerico del nuovo gruppo di sistema è scelto "
+"nell'intervallo <option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> "
+"definito in <filename>login.defs</filename>, al posto di <option>GID_MIN</"
+"option>-<option>GID_MAX</option>."
+
+#: groupadd.8.xml:258(para)
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"I nomi di gruppo devono iniziare con una lettera minuscola o l'underscore, "
+"seguiti da lettere minuscole, cifre numeriche, underscore o trattini. "
+"Possono terminare con il simbolo del dollaro. In termini di espressioni "
+"regolari: [a-z_][a-z0-9_-]*[$]?"
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr ""
+"I nomi di gruppo possono essere al massimo di &GROUP_NAME_MAX_LENGTH; "
+"caratteri."
+
+# type: Plain text
+#: groupadd.8.xml:267(para)
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Non è possibile aggiungere un gruppo NIS o LDAP. Questo deve essere fatto "
+"sul server corrispondente."
+
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+"Se il nome di gruppo esiste già in un database esterno come quello NIS o "
+"LDAP, <command>groupadd</command> negherà la richiesta di creazione del "
+"gruppo."
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr "GID non univoco (quando <option>-o</option> non è usata)"
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr "nome di gruppo non univoco"
+
+# type: TP
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "Il comando <command>groupadd</command> restituisce i seguenti valori:"
+
+# type: Plain text
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr ""
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr ""
+
+#: gpasswd.1.xml:71(phrase)
+msgid "administer <placeholder-1/>"
+msgstr "amministra <placeholder-1/>"
+
+#: gpasswd.1.xml:74(phrase)
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr "amministra <placeholder-1/> e <placeholder-2/>"
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+msgid "option"
+msgstr "opzione"
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+"Il comando <command>gpasswd</command> è utilizzato per amministrare "
+"<filename>/etc/group</filename><phrase condition=\"gshadow\"> e <filename>/"
+"etc/gshadow</filename></phrase>. Ogni gruppo può avere<phrase condition="
+"\"gshadow\"> amministratori,</phrase> membri e una password."
+
+# type: Plain text
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+"Gli amministratori di sistema possono usare l'opzione <option>-A</option> "
+"per definire l'amministratore/gli amministratori di gruppo e l'opzione "
+"<option>-M</option> per definire i membri ed hanno tutti i permessi degli "
+"amministratori di gruppo e dei membri."
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+"<command>gpasswd</command> richiamato da <phrase condition=\"gshadow\">un "
+"amminstatore di gruppo </phrase><phrase condition=\"no_gshadow\">un "
+"amministratore di sistema</phrase> con un nome di gruppo richiede solo la "
+"nuova password del <replaceable>gruppo</replaceable>."
+
+# type: Plain text
+#: gpasswd.1.xml:115(para)
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+"Se la password è impostata i membri possono ancora usare "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> senza la password, i non-membri devono fornire la password."
+
+# type: SS
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr "Note sulle password di gruppo"
+
+# type: Plain text
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+"Le password di gruppo rappresentano un intrinseco problema di sicurezza "
+"perché più di una persona deve conoscerle. Ciononostante i gruppi sono uno "
+"strumento molto utile per la cooperazione tra vari utenti."
+
+# type: Plain text
+#: gpasswd.1.xml:135(para)
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr ""
+"Ad eccezione di <option>-A</option> e <option>-M</option>, le altre opzioni "
+"non possono essere combinate."
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr "Le opzioni non possono essere combinate."
+
+# type: Plain text
+#: gpasswd.1.xml:142(para)
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr "Il comando <command>gpasswd</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: gpasswd.1.xml:147(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>utente</"
+"replaceable>"
+
+# type: Plain text
+#: gpasswd.1.xml:151(para)
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Aggiunge <replaceable>utente</replaceable> al <replaceable>gruppo</"
+"replaceable> indicato."
+
+# type: IP
+#: gpasswd.1.xml:160(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>utente</"
+"replaceable>"
+
+# type: Plain text
+#: gpasswd.1.xml:164(para)
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+"Rimuove <replaceable>utente</replaceable> dal <replaceable>gruppo</"
+"replaceable> indicato."
+
+# type: IP
+#: gpasswd.1.xml:181(term)
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+
+# type: IP
+#: gpasswd.1.xml:195(term)
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr "<option>-r</option>, <option>--remove-password</option>"
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+"Rimuove la password dal <replaceable>gruppo</replaceable> indicato. La "
+"password del gruppo sarà vuota. Solo ai membri del gruppo sarà ammesso "
+"l'accesso tramite <command>newgrp</command> al <replaceable>gruppo</"
+"replaceable> indicato."
+
+# type: IP
+#: gpasswd.1.xml:211(term)
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr "<option>-R</option>, <option>--restrict</option>"
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Limita l'accesso al <replaceable>gruppo</replaceable> indicato. La password "
+"del gruppo è cambiata in «!». Solo ai membri del gruppo con una password "
+"verrà permesso di usare <command>newgrp</command> per accedere al "
+"<replaceable>gruppo</replaceable> indicato."
+
+# type: IP
+#: gpasswd.1.xml:227(term)
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>utente</replaceable>,..."
+
+# type: Plain text
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr "Imposta l'elenco degli utenti amministratori."
+
+# type: IP
+#: gpasswd.1.xml:239(term)
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>utente</"
+"replaceable>,..."
+
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr "Definisce l'elenco dei membri del gruppo."
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+"Questo strumento opera solo sul file <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> e sul file <filename>/etc/gshadow</filename></"
+"phrase>. Quindi non si possono modificare gruppi NIS o LDAP. Questo dovrebbe "
+"essere fatto sul corrispondente server."
+
+# type: Plain text
+#: gpasswd.1.xml:298(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr "faillog"
+
+# type: Plain text
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr "mostra le registrazioni e imposta i limiti degli accessi falliti"
+
+# type: Plain text
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+"<command>faillog</command> mostra il contentuto del database degli accessi "
+"falliti (<filename>/var/log/faillog</filename>); può anche essere usato per "
+"impostare i conteggi e i limiti dei tentativi falliti. Eseguire "
+"<command>faillog</command> senza argomenti per ottenere un elenco degli "
+"utenti che hanno fallito almeno un tentativo di accesso."
+
+# type: Plain text
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr "Il comando <command>faillog</command> accetta le seguenti opzioni:"
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+"Mostra (o opera su) registrazioni faillog per tutti gli utenti presenti nel "
+"database <filename>faillog</filename>."
+
+# type: IP
+#: faillog.8.xml:102(para)
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr ""
+"L'intervallo di utenti può essere ristretto con l'opzione <option>-u</"
+"option>."
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+"Nella modalità di visualizzazione, questo è già ristretto ai soli utenti "
+"esistenti, ma vengono mostrate anche eventuali registrazioni vuote."
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+"Con le opzioni <option>-l</option>, <option>-m</option>, <option>-r</option> "
+"e <option>-t</option>, le registrazioni degli utenti sono modificate anche "
+"se l'utente non esiste nel sistema. Questo è utile quando si vogliono "
+"azzerare le registrazioni degli utenti cancellati, o per definire in "
+"anticipo delle norme per intervalli di utenti."
+
+# type: IP
+#: faillog.8.xml:128(term)
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+
+# type: Plain text
+#: faillog.8.xml:132(para)
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+"Blocca l'account per <replaceable>SEC</replaceable> secondi dopo un "
+"tentativo di accesso fallito."
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr ""
+"Per questa opzione è necessario l'accesso in scrittura a <filename>/var/log/"
+"faillog</filename>."
+
+# type: IP
+#: faillog.8.xml:143(term)
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+
+# type: Plain text
+#: faillog.8.xml:147(para)
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+"Imposta a <replaceable>MAX</replaceable> il massimo numero di accessi "
+"falliti prima che l'account sia disabilitato."
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+"Impostare <replaceable>MAX</replaceable> al valore 0 ha l'effetto di non "
+"porre nessun limite al numero di accessi falliti."
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+"Il numero massimo di fallimenti dovrebbe sempre essere 0 per <emphasis>root</"
+"emphasis> in modo da evitare attacchi al sistema di tipo «denial of service»."
+
+# type: IP
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr "Azzera i contatori degli accessi falliti."
+
+# type: Plain text
+#: faillog.8.xml:195(para)
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr ""
+"Visualizza le registrazioni faillog più recenti di <replaceable>GIORNI</"
+"replaceable> giorni."
+
+# type: Plain text
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+"Mostra la registrazione degli accessi falliti o, se sono state usate le "
+"opzioni <option>-r</option>, <option>-m</option> o <option>-l</option>, "
+"imposta contatori e limiti solo gli utenti specificati."
+
+# type: Plain text
+#: faillog.8.xml:224(para)
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+"Quando nessuna tra le opzioni <option>-l</option>, <option>-m</option> o "
+"<option>-r</option> è utilizzata, <command>faillog</command> mostra le voci "
+"dei fallimenti degli utenti specificati."
+
+# type: Plain text
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+"<command>faillog</command> mostra solo gli utenti che non hanno effettuato "
+"nessun accesso corretto dopo l'ultimo tentativo fallito. Un utente che abbia "
+"completato correttamente un accesso dopo l'ultimo tentativo fallito è "
+"mostrato solo se viene richiesto esplicitamente con l'opzione <option>-u</"
+"option> o se viene richiesto di mostrare tutti gli utenti con l'opzione "
+"<option>-a</option>."
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr "/var/log/faillog"
+
+# type: Plain text
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr "File per tracciare gli accessi falliti."
+
+# type: Plain text
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+# type: Plain text
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr "file di log degli accessi falliti"
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+"<filename>/var/log/faillog</filename> mantiene un contatore di accessi "
+"falliti e dei vari limiti per ogni account."
+
+# type: Plain text
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+"Questo file è composto da record di lunghezza fissa, indicizzati dal valore "
+"numerico di UID. Ciascun record contiene il conteggio degli accessi falliti "
+"a partire dall'ultimo login corretto, il numero massimo di tentativi "
+"permessi prima che l'account venga disabilitato, il terminale sul quale "
+"l'ultimo tentativo fallito è avvenuto, la data in cui è avvenuto, e infine "
+"il periodo (in secondi) durante il quale l'account verrà bloccato a seguito "
+"di un fallimento."
+
+# type: Plain text
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "La struttura del file è la seguente:"
+
+# type: Plain text
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;\n"
+"\tshort   fail_max;\n"
+"\tchar    fail_line[12];\n"
+"\ttime_t  fail_time;\n"
+"\tlong    fail_locktime;\n"
+"};"
+msgstr ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;\n"
+"\tshort   fail_max;\n"
+"\tchar    fail_line[12];\n"
+"\ttime_t  fail_time;\n"
+"\tlong    fail_locktime;\n"
+"};"
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr ""
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr "expiry"
+
+# type: Plain text
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr "controlla e fa rispettare la scadenza della password"
+
+# type: Plain text
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+"<command>expiry</command> controlla (<option>-c</option>) la scadenza della "
+"password in uso e, se necessario, richiede (<option>-f</option>) che venga "
+"cambiata quando necessario. Questo comando può essere eseguito da un utente "
+"qualsiasi."
+
+# type: Plain text
+#: expiry.1.xml:92(para)
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr "Il comando <command>expiry</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: expiry.1.xml:97(term)
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr "<option>-c</option>, <option>--check</option>"
+
+# type: Plain text
+#: expiry.1.xml:99(para)
+msgid "Check the password expiration of the current user."
+msgstr "Controlla la scadenza della password dell'utente corrente."
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr ""
+"Forza un cambio di password se l'utente corrente ha una password scaduta."
+
+# type: Plain text
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+# type: Plain text
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr "cambia la shell di login"
+
+# type: Plain text
+#: chsh.1.xml:85(para)
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+"Il comando <command>chsh</command> cambia la shell di login dell'utente, in "
+"altre parole determina il comando iniziale eseguito quando un utente accede "
+"al sistema. Chiunque può cambiare la propria shell di login, mentre "
+"l'amministratore può cambiare la shell di login per ogni account."
+
+# type: Plain text
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr "Il comando <command>chsh</command> accetta le seguenti opzioni:"
+
+# type: Plain text
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Se non viene usata l'opzione <option>-s</option>, <command>chsh</command> "
+"opera in maniera interattiva, mostrando all'utente la shell attuale. "
+"Inserire il nuovo valore oppure lasciare la riga vuota per non modificare il "
+"valore attuale. La shell attuale è mostrata tra parentesi <emphasis>[ ]</"
+"emphasis>."
+
+# type: Plain text
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+"L'unica limitazione sulla scelta della shell di login è che il nome del "
+"comando deve essere presente in <filename>/etc/shells</filename>; fa "
+"eccezione l'amministratore di sistema, che è libero di scegliere qualsiasi "
+"valore. Un account con una shell di login limitata non può cambiare la "
+"propria shell di login. Per questo motivo è sconsigliato includere "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename>: se "
+"accidentalmente un utente selezionasse una shell limitata, non potrebbe più "
+"tornare alla shell di login che usava originariamente."
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr "/etc/shells"
+
+# type: Plain text
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr "Elenco delle shell di login ammesse."
+
+# type: Plain text
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+# type: Plain text
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr "aggiorna le password in modo non interattivo"
+
+# type: Plain text
+#: chpasswd.8.xml:83(para)
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+"<command>chpasswd</command> legge da standard input un elenco di coppie di "
+"nomi utente e password e usa queste informazioni per aggiornare un gruppo di "
+"utenti esistenti. Ciascuna riga usa il formato:"
+
+# type: Plain text
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">nome_utente</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+
+# type: Plain text
+#: chpasswd.8.xml:92(para)
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+"Come impostazione predefinita, si devono fornire password in chiaro che "
+"vengono poi cifrate da <command>chpasswd</command>. Vengono aggiornate, se "
+"presenti, anche le informazioni sulla durata delle password."
+
+#: chpasswd.8.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+#| "variables of <filename>/etc/login.defs</filename>, and can be overwitten "
+#| "with the <option>-e</option>, <option>-m</option>, or <option>-c</option> "
+#| "options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwritten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"L'algoritmo di cifratura predefinito può essere impostato con le variabili "
+"<option>ENCRYPT_METHOD</option> e <option>MD5_CRYPT_ENAB</option> in "
+"<filename>/etc/login.defs</filename>, e può essere ulteriormente modificato "
+"con le opzioni <option>-e</option>, <option>-m</option> o <option>-c</"
+"option>."
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"Se non diversamente impostato, le password saranno cifrate da PAM, ma (anche "
+"se non è raccomandato) si può impostare un metodo di cifratura diverso con "
+"le opzioni <option>-e</option>, <option>-m</option> e <option>-c</option>."
+
+#: chpasswd.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "<phrase condition=\"pam\">Except when PAM is used to encrypt the "
+#| "passwords,</phrase><command>chpasswd</command> first updates all the "
+#| "passwords in memory, and then commits all the changes to disk if no "
+#| "errors occured for any user."
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occurred for "
+"any user."
+msgstr ""
+"<phrase condition=\"pam\">Escluso quando PAM viene utilizzato per cifrare le "
+"password, </phrase><command>chpasswd</command> prima aggiorna tutte le "
+"passwor in memoria, e poi scrive tutto su disco se non trova errori per "
+"nessun utente."
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+"Quando PAM è utilizzato per cifrare le password (e aggiornare le password "
+"nel database di sistema), se una password non può essere aggiornata "
+"<command>chpasswd</command> continua con l'aggiornamento delle password "
+"degli utenti seguenti, e restituisce un codice d'errore all'uscita."
+
+# type: Plain text
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr ""
+"Questo comando è appositamente pensato per grossi sistemi in cui si abbia la "
+"necessità di creare molti account nello stesso momento."
+
+# type: Plain text
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr "Il comando <command>chpasswd</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: chpasswd.8.xml:137(term)
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METODO</replaceable>"
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr "I metodi disponibili sono DES, MD5 e NONE (nessuno)."
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr "PAM viene utilizzato, in maniera predefinita, per cifrare le password."
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+"Normalmente (se nessuna delle opzioni <option>-c</option>, <option>-m</"
+"option> o <option>-e</option> viene specificata), il metodo di cifratura è "
+"definito dalle variabili <option>ENCRYPT_METHOD</option> o "
+"<option>MD5_CRYPT_ENAB</option> in <filename>/etc/login.defs</filename>."
+
+# type: IP
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+# type: Plain text
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr "Le password fornite sono in forma cifrata."
+
+# type: IP
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr "<option>-m</option>, <option>--md5</option>"
+
+# type: Plain text
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr ""
+"Usa la cifratura MD5 anziché DES quando le password fornite non sono cifrate."
+
+# type: IP
+#: chpasswd.8.xml:200(term)
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>CICLI</"
+"replaceable>"
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Il numero di cicli è definito dalle variabili <option>SHA_CRYPT_MIN_ROUNDS</"
+"option> e <option>SHA_CRYPT_MAX_ROUNDS</option> in <filename>/etc/login."
+"defs</filename>."
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr ""
+"Ricordarsi di impostare i permessi o umask in modo da prevenire la lettura "
+"in chiaro da parte di altri utenti."
+
+#: chpasswd.8.xml:276(filename)
+msgid "/etc/pam.d/chpasswd"
+msgstr "/etc/pam.d/chpasswd"
+
+# type: Plain text
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr "Configurazione PAM per <command>chpasswd</command>."
+
+# type: Plain text
+#: chpasswd.8.xml:286(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr ""
+
+# type: Plain text
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr "aggiorna le password di gruppo in modalità non interattiva"
+
+# type: Plain text
+#: chgpasswd.8.xml:79(para)
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+"Il comando <command>chgpasswd</command> legge un elenco di coppie di nomi "
+"gruppo e password e usa queste informazioni per aggiornare un insieme di "
+"gruppi esistenti. Ciascuna riga usa il formato:"
+
+# type: Plain text
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">nome_gruppo</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+
+# type: Plain text
+#: chgpasswd.8.xml:88(para)
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+"Come impostazione predefinita la password deve essere in chiaro ed è cifrata "
+"da <command>chgpasswd</command>."
+
+#: chgpasswd.8.xml:92(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+#| "filename>, and can be overwiten with the <option>-e</option>, <option>-m</"
+#| "option>, or <option>-c</option> options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwritten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+"L'algoritmo di cifratura utilizzato può essere definito per tutto il sistema "
+"dalla variabile <option>ENCRYPT_METHOD</option> in <filename>/etc/login."
+"defs</filename>, e può essere modificato con le opzioni <option>-e</option>, "
+"<option>-m</option> o <option>-c</option>."
+
+# type: Plain text
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr "Il comando <command>chgpasswd</command> accetta le seguenti opzioni:"
+
+# type: Plain text
+#: chgpasswd.8.xml:238(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+# type: Plain text
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr "cambia il nome dell'utente e altre informazioni"
+
+# type: Plain text
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+"<command>chfn</command> è usato per cambiare il nome completo "
+"dell'utilizzatore, il numero di stanza dell'ufficio, quello di telefono "
+"dell'ufficio e di casa. Questi dati sono normalmente stampati dal programma "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> o equivalenti. Un utente normale può cambiare solo i dati "
+"relativi al proprio account, con eventuali altre limitazioni specificate in "
+"<filename>/etc/login.defs</filename>. (La configurazione predefinita "
+"impedisce la modifica del proprio nome completo.) Il super utente può "
+"cambiare tutte le informazioni di ciascun utente. Inoltre, solo il super "
+"utente può usare l'opzione <option>-o</option> per la modifica delle parti "
+"non definite del campo GECOS."
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+"Questi campi non possono contenere nessun carattere due punti. Ad eccezione "
+"del campo <emphasis remap=\"I\">other</emphasis>, non dovrebbero contenere "
+"nessuna virgola e nessun segno uguale. È anche consigliato di evitare "
+"caratteri non US-ACII, ma su questo viene fatto un controllo solo per il "
+"numero di telefono. Il campo <emphasis remap=\"I\">other</emphasis> viene "
+"utilizzato per memorizzare informazioni sull'«accounting» da altre "
+"applicazioni."
+
+# type: Plain text
+#: chfn.1.xml:112(para)
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr "Il comando <command>chfn</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: chfn.1.xml:117(term)
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>NOME_COMPLETO</replaceable>"
+
+# type: SS
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr "Cambia il nome completo dell'utente."
+
+# type: IP
+#: chfn.1.xml:125(term)
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>TELEFONO_CASA</replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr "Cambia il numero di telefono di casa dell'utente."
+
+# type: IP
+#: chfn.1.xml:133(term)
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>ALTRO</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+"Cambia il campo GECOS per le altre informazioni. Questo campo viene "
+"utilizzato per memorizzare informazioni di «accounting» usate da altre "
+"applicazioni, e può essere modificato solo dal super utente."
+
+# type: IP
+#: chfn.1.xml:145(term)
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--room</option>&nbsp;"
+"<replaceable>NUMERO_STANZA</replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr "Cambia il numero della stanza dell'utente."
+
+# type: TP
+#: chfn.1.xml:165(term)
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-u</option>, <option>--help</option>"
+
+# type: IP
+#: chfn.1.xml:173(term)
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>TELEFONO_LAVORO</replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr "Cambia il numero di telefono di lavoro dell'utente."
+
+# type: Plain text
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+"Se nessuna delle opzioni è selezionata, <command>chfn</command> opera in "
+"maniera interattiva, chiedendo all'utente il valore da impostare per ogni "
+"campo. Inserire un nuovo valore per sostituire il contenuto attuale, oppure "
+"lasciare la riga vuota per non cambiarlo. Il valore attuale è mostrato tra "
+"le parentesi <emphasis remap=\"B\">[ ]</emphasis>. Senza nessuna opzione, "
+"<command>chfn</command> opera sull'account corrente."
+
+# type: Plain text
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+# type: Plain text
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "cambia le informazioni sulla scadenza della password"
+
+# type: Plain text
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+"<command>chage</command> modifica il numero minimo di giorni tra i cambi di "
+"password e la data dell'ultimo cambio. Queste informazioni sono usate dal "
+"sistema per determinare quando un utente deve cambiare la propria password."
+
+# type: Plain text
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr "Il comando <command>chage</command> accetta le seguenti opzioni:"
+
+# type: IP
+#: chage.1.xml:97(term)
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;"
+"<replaceable>ULTIMO_GIORNO</replaceable>"
+
+# type: Plain text
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+"Imposta la data dell'ultimo cambio della password, espressa come il numero "
+"di giorni trascorsi dal 1 gennaio 1970. La data può anche essere specificata "
+"nel formato AAAA-MM-GG o nella notazione comunemente usata nel proprio paese."
+
+# type: TP
+#: chage.1.xml:109(term)
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>DATA_SCADENZA</replaceable>"
+
+# type: Plain text
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+"Imposta la data o il numero di giorni dal 1 gennaio 1970 dal quale l'account "
+"utente non sarà più accessibile. La data può essere inserita nel formato "
+"AAAA-MM-GG (o il formato più comunemente utilizzato nel proprio paese). Un "
+"utente il cui account sia bloccato deve contattare l'amministratore di "
+"sistema prima di poter accedere nuovamente al sistema."
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+"Se si passa il numero <emphasis remap=\"I\">-1</emphasis> come "
+"<replaceable>DATA_SCADENZA</replaceable>, si rimuove la data di scadenza "
+"dell'account."
+
+# type: TP
+#: chage.1.xml:135(term)
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INATTIVO</"
+"replaceable>"
+
+# type: Plain text
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+"Imposta il numero di giorni di inattività dopo la scadenza della password "
+"dopo i quali l'account viene bloccato. L'opzione <replaceable>INATTIVO</"
+"replaceable> indica il numero di giorni di inattività. Un utente con "
+"l'account bloccato deve contattare l'amministratore prima di poter usare "
+"ancora il sistema."
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+"Utilizzare il numero <emphasis remap=\"I\">-1</emphasis> come "
+"<replaceable>INATTIVO</replaceable> elimina l'intervallo di inattività "
+"dall'account."
+
+# type: Plain text
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr "Visualizza le informazioni sulla scadenza dell'account."
+
+# type: IP
+#: chage.1.xml:164(term)
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;"
+"<replaceable>MIN_GIORNI</replaceable>"
+
+# type: IP
+#: chage.1.xml:176(term)
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;"
+"<replaceable>MAX_GIORNI</replaceable>"
+
+# type: Plain text
+#: chage.1.xml:180(para)
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+"Imposta il numero massimo di giorni di validità di una password. Quando la "
+"somma di <replaceable>MAX_GIORNI</replaceable> e <replaceable>ULTIMO_GIORNO</"
+"replaceable> è inferiore alla data odierna, l'utente è obbligato a cambiare "
+"la password prima di poter usare ancora il proprio account. Questo evento "
+"può essere reso noto in anticipo usando l'opzione <option>-W</option>, che "
+"fornisce un preavviso all'utente."
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+"Usare il valore <emphasis remap=\"I\">-1</emphasis> come "
+"<replaceable>MAX_GIORNI</replaceable> rimuove il controllo sulla validità "
+"della password."
+
+# type: IP
+#: chage.1.xml:209(term)
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>AVVISO_GIORNI</replaceable>"
+
+# type: Plain text
+#: chage.1.xml:213(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+"Imposta il numero di giorni di preavviso prima che sia obbligatorio cambiare "
+"la password. L'opzione <replaceable>AVVISO_GIORNI</replaceable> indica il "
+"numero di giorni prima della scadenza della password in cui l'utente viene "
+"avvertito dell'imminente scadenza."
+
+# type: Plain text
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Se non viene specificata nessuna opzione, <command>chage</command> opera in "
+"modalità interattiva, chiedendo all'utente il nuovo valore per ogni campo. "
+"Inserire un nuovo valore per modificare il campo, oppure lasciare la riga "
+"vuota per continuare a usare il valore attuale. I valori attuali vengono "
+"mostrati tra parentesi quadre <emphasis>[ ]</emphasis>."
+
+# type: Plain text
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr ""
+"<command>chage</command> richiede che il file delle password shadow sia "
+"disponibile."
+
+# type: Plain text
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+"L'uso del comando <command>chage</command> è permesso solo all'utente root, "
+"tranne per l'opzione <option>-l</option>, che può essere usata da un utente "
+"non privilegiato per conoscere la scadenza della propria password o "
+"dell'account."
+
+# type: IP
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+# type: Plain text
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "non è possibile trovare il file delle password shadow"
+
+# type: TP
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Il comando <command>chage</command> restituisce i seguenti valori: "
+"<placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr ""
+"Giuseppe Sacco <eppesuig@debian.org>, 2005, 2012.\n"
+"Danilo Piazzalunga <danilopiazza@libero.it>, 2005."
+
+#~ msgid "-M"
+#~ msgstr "-M"
+
+# type: Plain text
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+# type: Plain text
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+# type: IP
+#~ msgid "13"
+#~ msgstr "13"
+
+#~ msgid "can't create mail spool"
+#~ msgstr "non è possibile creare la casella di posta"
diff --git a/man/po/pl.po b/man/po/pl.po
new file mode 100644
index 0000000..c003c72
--- /dev/null
+++ b/man/po/pl.po
@@ -0,0 +1,9500 @@
+# Polish translation for shadow man pages
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: man pages for shadow 4.0.16\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2013-08-23 01:38+0200\n"
+"Last-Translator: Tomasz KÅ‚oczko <kloczek@pld.org.pl>\n"
+"Language-Team: Polish <translation-team-pl@lists.sourceforge.net>\n"
+"Language: pl\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr ""
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr ""
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr ""
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr ""
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname)
+#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname)
+#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname)
+#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname)
+#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname)
+#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr ""
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr ""
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib)
+#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib)
+#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib)
+#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib)
+#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib)
+#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib)
+#: chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr ""
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr ""
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname)
+#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname)
+#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname)
+#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname)
+#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname)
+#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname)
+#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr ""
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr ""
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib)
+#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib)
+#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib)
+#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib)
+#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib)
+#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib)
+#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr ""
+
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "Polecenia ZarzÄ…dzania Systemem"
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+#, fuzzy
+#| msgid "gshadow"
+msgid "shadow-utils"
+msgstr "gshadow"
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr "edytuj plik haseł, grup lub ich wersji chronionych"
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable)
+#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable)
+#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable)
+#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable)
+#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable)
+#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable)
+#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "opcje"
+
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "OPIS"
+
+#: vipw.8.xml:90(para)
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Polecenia <command>vipw</command> i <command>vigr</command> umożliwiają "
+"modyfikację plików odpowiednio <filename>/etc/passwd</filename> i <filename>/"
+"etc/group</filename>. Przy zastosowaniu flagi <option>-s</option> modyfikujÄ… "
+"także dodatkowe wersje chronione tych plików - odpowiednio <filename>/etc/"
+"shadow</filename> i <filename>/etc/gshadow</filename>. Dla ochrony przed "
+"uszkodzeniem w trakcie modyfikacji tych plików programy te ustawiają "
+"odpowiednie blokady. Szukając edytora programy te używają w pierwszej "
+"kolejności zmiennej środowiska <envar>$VISUAL</envar>, a następnie <envar>"
+"$EDITOR</envar>, a na końcu a na końcu domyślnego edytora "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title)
+#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title)
+#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title)
+#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "OPCJE"
+
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr ""
+"Polecenia <command>vipw</command> i <command>vigr</command> posiadajÄ… "
+"następujące opcje:Polecenia <command>vipw</command> i <command>vigr</"
+"command> posiadają następujące opcje:"
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "Edycja bazy grup."
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "Wyświetlenie komunikatu pomocy i zakończenie działania."
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "Edycja bazy passwd."
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "Cichy tryb pracy."
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>KAT_DOMOWY</"
+"replaceable>"
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+#, fuzzy
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "Edycja bazy shadow lub gshadow."
+
+#: vipw.8.xml:156(term)
+#, fuzzy
+#| msgid "<option>-q</option>, <option>--quiet</option>"
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr ""
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title)
+#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title)
+#: chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr ""
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+#, fuzzy
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+#, fuzzy
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"Nowa wartość pola komentarza dla danego użytkownika w pliku haseł. Zwykle "
+"jest zmieniana przy pomocy polecenia <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr ""
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr ""
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr ""
+
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr ""
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr ""
+
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title)
+#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title)
+#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title)
+#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title)
+#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title)
+#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title)
+#: chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr "PLIKI"
+
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename)
+#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename)
+#: grpck.8.xml:224(filename) groups.1.xml:103(filename)
+#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename)
+#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename)
+#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename)
+#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "Informacje o grupach użytkowników."
+
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "Informacje chronione o grupach użytkowników."
+
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "Informacja o kontach użytkowników."
+
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "Informacje chronione o użytkownikach."
+
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "ZOBACZ TAKŻE"
+
+#: vipw.8.xml:226(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>login</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>"
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr ""
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname)
+#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname)
+#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname)
+#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname)
+#: groups.1.xml:40(surname) groupmod.8.xml:41(surname)
+#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname)
+#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname)
+#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname)
+#: chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr ""
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr ""
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "zmiana danych konta użytkownika"
+
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "LOGIN"
+
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"Polecenie <command>usermod</command> zmienia systemowe pliki kont, "
+"odzwierciedlając zmiany podane w wierszu poleceń."
+
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr "Polecenie <command>usermod</command> posiada następujące opcje:"
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+#: usermod.8.xml:104(para)
+#, fuzzy
+#| msgid ""
+#| "Add the user to the supplemental group(s). Use only with <option>-G</"
+#| "option> option."
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr ""
+"Dodaj użytkownika do dodatkowej grupy lub grup. Może być użyte tylko z opcją "
+"<option>-G</option>."
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>KOMENTARZ</"
+"replaceable>"
+
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"Nowa wartość pola komentarza dla danego użytkownika w pliku haseł. Zwykle "
+"jest zmieniana przy pomocy polecenia <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: usermod.8.xml:124(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home-dir</option>&nbsp;"
+#| "<replaceable>HOME_DIR</replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;"
+"<replaceable>KAT_DOMOWY</replaceable>"
+
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr ""
+
+#: usermod.8.xml:131(para)
+#, fuzzy
+#| msgid ""
+#| "The user's new login directory. If the <option>-m</option> option is "
+#| "given the contents of the current home directory will be moved to the new "
+#| "home directory, which is created if it does not already exist."
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+"Nowy katalog domowy użytkownika. Jeżeli podano opcję <option>-m</option>, to "
+"zawartość aktualnego katalogu domowego zostanie przesunięta do nowego "
+"katalogu. Nowy katalog domowy jest tworzony jeśli nie istnieje."
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>DATA_WAŻN</replaceable>"
+
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+"Data, od której konto danego użytkownika zostanie wyłączone. Data podawana "
+"jest w formacie <emphasis remap=\"I\">MM/DD/RR</emphasis>."
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr ""
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>NIEAKTYWNE</replaceable>"
+
+#: usermod.8.xml:164(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr ""
+
+#: usermod.8.xml:168(para)
+#, fuzzy
+#| msgid ""
+#| "The number of days after a password expires until the account is "
+#| "permanently disabled. A value of 0 disables the account as soon as the "
+#| "password has expired, and a value of -1 disables the feature. The default "
+#| "value is -1."
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr ""
+"Liczba dni po wygaśnięciu hasła do stałego wyłączenia konta. Wartość 0 "
+"wyłącza konto natychmiast po przeterminowaniu hasła, zaś wartość -1 wyłącza "
+"tę cechę. Domyślną wartością jest -1."
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GRUPA</"
+"replaceable>"
+
+#: usermod.8.xml:185(para)
+#, fuzzy
+#| msgid ""
+#| "The group name or number of the user's new initial login group. The group "
+#| "name must exist. A group number must refer to an already existing group. "
+#| "The default group number is 1."
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr ""
+"Nazwa lub numer początkowej grupy logowania użytkownika. Nazwa grupy musi "
+"istnieć. Numer grupy musi odnosić się do już istniejącej grupy. Domyślnym "
+"numerem grupy jest 1."
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr ""
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr ""
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GRUPA1</"
+"replaceable>[<emphasis remap=\"I\">,GRUPA2,...</emphasis>[<emphasis remap=\"I"
+"\">,GRUPAN</emphasis>]]]"
+
+#: usermod.8.xml:204(para)
+#, fuzzy
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+"Lista dodatkowych grup, do których również należy użytkownik. Każda grupa "
+"oddzielona jest od następnej przecinkiem, bez wtrąconej spacji. Do grup "
+"odnoszą się te same ograniczenia, które obowiązują przy grupie podanej w "
+"opcji <option>-g</option>.   Jeżeli użytkownik jest obecnie członkiem grupy, "
+"której nie podano na liście, to zostanie z niej usunięty."
+
+#: usermod.8.xml:211(para)
+#, fuzzy
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+"Lista dodatkowych grup, do których również należy użytkownik. Każda grupa "
+"oddzielona jest od następnej przecinkiem, bez wtrąconej spacji. Do grup "
+"odnoszą się te same ograniczenia, które obowiązują przy grupie podanej w "
+"opcji <option>-g</option>.   Jeżeli użytkownik jest obecnie członkiem grupy, "
+"której nie podano na liście, to zostanie z niej usunięty."
+
+#: usermod.8.xml:220(term)
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NOWY_LOGIN</"
+"replaceable>"
+
+#: usermod.8.xml:224(para)
+#, fuzzy
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+"Nazwa użytkownika zostanie zmieniona z <emphasis remap=\"I\">LOGIN</"
+"emphasis> na <emphasis remap=\"I\">NOWY_LOGIN</emphasis>. Nic więcej nie "
+"jest zmieniane. W szczególności, prawdopodobnie powinna zostać zmieniona "
+"nazwa katalogu domowego użytkownika, tak by odzwierciedlała nową nazwę "
+"użytkownika."
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+"Zablokuj hasło użytkownika. Opcja ta powoduje wstawienie ’!’ na początku "
+"zakodowanego hasła. Opcji tej nie można używać z opcjami <option>-p</option> "
+"or <option>-U</option>."
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+
+#: usermod.8.xml:253(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr ""
+
+#: usermod.8.xml:261(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr "<option>-o</option>, <option>--non-unique</option>"
+
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr ""
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>HAS�O</"
+"replaceable>"
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr ""
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+"Nazwa nowej powłoki (shell) użytkownika. Ustawienie tego pola na puste "
+"powoduje, że system wybierze domyślną powłokę logowania."
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr ""
+
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr ""
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr ""
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr "<option>-U</option>, <option>--unlock</option>"
+
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+"Odblokowuje hasło użytkownika. Opcja ta powoduje usuniecie ’!’ z początku "
+"zakodowanego hasła. Opcji tej nie można używać z opcjami <option>-p</option> "
+"lub <option>-L</option>."
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+
+#: usermod.8.xml:384(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KLUCZ</"
+"replaceable>=<replaceable>WARTOŚĆ</replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+
+#: usermod.8.xml:402(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KLUCZ</"
+"replaceable>=<replaceable>WARTOŚĆ</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subuids</option> and <option>--add-"
+"subuids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+
+#: usermod.8.xml:422(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KLUCZ</"
+"replaceable>=<replaceable>WARTOŚĆ</replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+
+#: usermod.8.xml:440(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KLUCZ</"
+"replaceable>=<replaceable>WARTOŚĆ</replaceable>"
+
+#: usermod.8.xml:444(para)
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subgids</option> and <option>--add-"
+"subgids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+#| "replaceable>"
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr ""
+
+#: usermod.8.xml:467(para)
+#, fuzzy
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title)
+#: faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr "OSTRZEŻENIA"
+
+#: usermod.8.xml:479(para)
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux. On other platforms it only "
+"uses utmp to check if the user is logged in."
+msgstr ""
+
+#: usermod.8.xml:486(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr ""
+
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+#, fuzzy
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr ""
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr ""
+
+#. Note: on HP, split groups have the same ID, but different
+#.                names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr ""
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "GID_MIN (numer)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "GID_MAX (numer)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "GID_MIN (numer)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "UID_MIN (numer)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "UID_MAX (numer)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "UID_MIN (numer)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+"  use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+"  kilos = UID / 1000\n"
+"  use /etc/tcb/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+"  megas = UID / 1000000\n"
+"  kilos = ( UID / megas * 1000000 ) / 1000\n"
+"  use /etc/tcb/:megas/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+"      "
+msgstr ""
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr "/etc/login.defs"
+
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr "Konfiguracja pakietu shadow."
+
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+#: usermod.8.xml:562(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr "userdel"
+
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr "plik chroniony informacji o użytkownikach"
+
+#: userdel.8.xml:85(para)
+#, fuzzy
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+"Polecenie <command>usermod</command> zmienia systemowe pliki kont, "
+"odzwierciedlając zmiany podane w wierszu poleceń."
+
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr "Polecenie <command>userdel</command> posiada następujące opcje:"
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr "<option>-f</option>, <option>--force</option>"
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr ""
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+
+#: userdel.8.xml:158(term)
+#, fuzzy
+#| msgid "<option>-q</option>, <option>--quiet</option>"
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr ""
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+#, fuzzy
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr "USERDEL_CMD (łańcuch)"
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr ""
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+"      "
+msgstr ""
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr "KOD ZAKOŃCZENIA"
+
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr "0"
+
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr "poprawne zakończenie działania programu"
+
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum)
+#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr "1"
+
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr "nie można zaktualizować pliku z hasłami"
+
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr "2"
+
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr "niepoprawna składnia polecenia"
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr "6"
+
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr ""
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr ""
+
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr "10"
+
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr "nie można zaktualizować pliku z grupami"
+
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr "12"
+
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr ""
+
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>userdel</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr ""
+
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr ""
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+
+#: userdel.8.xml:309(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr "useradd"
+
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr "-D"
+
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr "Polecenie <command>useradd</command> posiada następujące opcje:"
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;"
+"<replaceable>KAT_BAZOWY</replaceable>"
+
+#: useradd.8.xml:133(para)
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr ""
+
+#: useradd.8.xml:162(term)
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;"
+"<replaceable>KAT_DOMOWY</replaceable>"
+
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+
+#: useradd.8.xml:178(term)
+#, fuzzy
+#| msgid "<option>-d</option>, <option>--delete</option>"
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr ""
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+
+#: useradd.8.xml:209(para)
+#, fuzzy
+#| msgid ""
+#| "The number of days after a password expires until the account is "
+#| "permanently disabled. A value of 0 disables the account as soon as the "
+#| "password has expired, and a value of -1 disables the feature. The default "
+#| "value is -1."
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+"Liczba dni po wygaśnięciu hasła do stałego wyłączenia konta. Wartość 0 "
+"wyłącza konto natychmiast po przeterminowaniu hasła, zaś wartość -1 wyłącza "
+"tę cechę. Domyślną wartością jest -1."
+
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+
+#: useradd.8.xml:228(para)
+#, fuzzy
+#| msgid ""
+#| "The group name or number of the user's new initial login group. The group "
+#| "name must exist. A group number must refer to an already existing group. "
+#| "The default group number is 1."
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+"Nazwa lub numer początkowej grupy logowania użytkownika. Nazwa grupy musi "
+"istnieć. Numer grupy musi odnosić się do już istniejącej grupy. Domyślnym "
+"numerem grupy jest 1."
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+
+#: useradd.8.xml:272(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+#| "replaceable>"
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+
+#: useradd.8.xml:281(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr ""
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KLUCZ</"
+"replaceable>=<replaceable>WARTOŚĆ</replaceable>"
+
+#: useradd.8.xml:301(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password aging, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+
+#: useradd.8.xml:322(term)
+#, fuzzy
+#| msgid "<option>-l</option>, <option>--list</option>"
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr ""
+
+#: useradd.8.xml:327(para)
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+
+#: useradd.8.xml:353(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+
+#: useradd.8.xml:366(term)
+#, fuzzy
+#| msgid "<option>-g</option>, <option>--group</option>"
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr ""
+
+#: useradd.8.xml:390(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+#, fuzzy
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+"Nowa wartość pola komentarza dla danego użytkownika w pliku haseł. Zwykle "
+"jest zmieniana przy pomocy polecenia <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr ""
+
+#: useradd.8.xml:425(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+
+#: useradd.8.xml:434(para)
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such a user, regardless of the default setting in <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-"
+"m</option> options if you want a home directory for a system account to be "
+"created."
+msgstr ""
+
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+
+#: useradd.8.xml:482(para)
+#, fuzzy
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: useradd.8.xml:489(term)
+#, fuzzy
+#| msgid "<option>-g</option>, <option>--group</option>"
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr ""
+
+#: useradd.8.xml:510(para)
+#, fuzzy
+#| msgid ""
+#| "The name of the user's new login shell. Setting this field to blank "
+#| "causes the system to select the default login shell."
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+"Nazwa nowej powłoki (shell) użytkownika. Ustawienie tego pola na puste "
+"powoduje, że system wybierze domyślną powłokę logowania."
+
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr ""
+
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr ""
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr ""
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:579(para)
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr ""
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr "UWAGI"
+
+#: useradd.8.xml:615(para)
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+
+#: useradd.8.xml:624(para)
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+
+#: useradd.8.xml:635(para)
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr ""
+
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr ""
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+#, fuzzy
+msgid "<option>GID_MAX</option> (number)"
+msgstr "GID_MAX (numer)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+#, fuzzy
+msgid "<option>GID_MIN</option> (number)"
+msgstr "GID_MIN (numer)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr "PASS_MAX_DAYS (numer)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr "PASS_MIN_DAYS (numer)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr "PASS_WARN_AGE (numer)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+#, fuzzy
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr "GID_MAX (numer)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+#, fuzzy
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr "GID_MIN (numer)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr "UID_MAX (numer)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#, fuzzy
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr "UID_MIN (numer)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+#, fuzzy
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>UID_MAX</option> (number)"
+msgstr "UID_MAX (numer)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#, fuzzy
+msgid "<option>UID_MIN</option> (number)"
+msgstr "UID_MIN (numer)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+#, fuzzy
+msgid "<option>UMASK</option> (number)"
+msgstr "UMASK (number)"
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr ""
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr ""
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr ""
+
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "nieprawidłowy argument opcji"
+
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "UID juz jest używany (i nie uzyto opcji <option>-o</option>)"
+
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr ""
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr ""
+
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr ""
+
+#: useradd.8.xml:794(replaceable)
+#, fuzzy
+#| msgid "1"
+msgid "14"
+msgstr "1"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr ""
+
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>useradd</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#: useradd.8.xml:805(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr ""
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr "suauth"
+
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr ""
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr ""
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      1) the user su is targeting\n"
+"    "
+msgstr ""
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr ""
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      to-id:from-id:ACTION\n"
+"    "
+msgstr ""
+
+#: suauth.5.xml:101(para)
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+
+#: suauth.5.xml:107(para)
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is necessary."
+msgstr ""
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr ""
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr "DENY"
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr ""
+
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr "NOPASS"
+
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr ""
+
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr "OWNPASS"
+
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr ""
+
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr "EXAMPLE"
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      # sample /etc/suauth file\n"
+"      #\n"
+"      # A couple of privileged usernames may\n"
+"      # su to root with their own password.\n"
+"      #\n"
+"      root:chris,birddog:OWNPASS\n"
+"      #\n"
+"      # Anyone else may not su to root unless in\n"
+"      # group wheel. This is how BSD does things.\n"
+"      #\n"
+"      root:ALL EXCEPT GROUP wheel:DENY\n"
+"      #\n"
+"      # Perhaps terry and birddog are accounts\n"
+"      # owned by the same person.\n"
+"      # Access can be arranged between them\n"
+"      # with no password.\n"
+"      #\n"
+"      terry:birddog:NOPASS\n"
+"      birddog:terry:NOPASS\n"
+"      #\n"
+"    "
+msgstr ""
+
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr "B�ĘDY"
+
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr "DIAGNOSTYKA"
+
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib)
+#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr ""
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr "su"
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr "Polecenia użytkowników"
+
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr ""
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr ""
+
+#: su.1.xml:100(para)
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr "Polecenie <command>su</command> posiada następujące opcje:"
+
+#: su.1.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>POLECENIE</"
+"replaceable>"
+
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr ""
+
+#: su.1.xml:158(para)
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr ""
+
+#: su.1.xml:176(para)
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr ""
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr ""
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr ""
+
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr ""
+
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr ""
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr ""
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr ""
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr ""
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>CONSOLE</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr ""
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr ""
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+#, fuzzy
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ENV_PATH</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ENV_TZ</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr ""
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SU_NAME</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+#, fuzzy
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr ""
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr ""
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr ""
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr ""
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr ""
+
+#: su.1.xml:422(replaceable)
+#, fuzzy
+#| msgid "12"
+msgid "126"
+msgstr "12"
+
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr ""
+
+#: su.1.xml:428(replaceable)
+#, fuzzy
+#| msgid "12"
+msgid "127"
+msgstr "12"
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr ""
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:439(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>sh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>"
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr "sg"
+
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr ""
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr "-"
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr "-c"
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr ""
+
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr ""
+
+#: sg.1.xml:141(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>login</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>"
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr ""
+
+#: shadow.5.xml:65(refpurpose)
+#, fuzzy
+#| msgid "can't update password file"
+msgid "shadowed password file"
+msgstr "nie można zaktualizować pliku z hasłami"
+
+#: shadow.5.xml:70(para)
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr ""
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr ""
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr ""
+
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr ""
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+
+#: shadow.5.xml:103(para)
+#, fuzzy
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+"Nowa wartość pola komentarza dla danego użytkownika w pliku haseł. Zwykle "
+"jest zmieniana przy pomocy polecenia <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+msgid ""
+"A password field which starts with an exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr ""
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:134(para)
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"password the next time she will log in the system."
+msgstr ""
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr ""
+
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr ""
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr ""
+
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr ""
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr ""
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr ""
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr ""
+
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr ""
+
+#: shadow.5.xml:187(para)
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr ""
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr ""
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr ""
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr ""
+
+#: shadow.5.xml:222(emphasis)
+#, fuzzy
+#| msgid "User account information."
+msgid "account expiration date"
+msgstr "Informacja o kontach użytkowników."
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:229(para)
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an account expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr ""
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr ""
+
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr ""
+
+#: shadow.5.xml:270(filename)
+#, fuzzy
+#| msgid "/etc/shadow"
+msgid "/etc/shadow-"
+msgstr "/etc/shadow"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr ""
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+
+#: shadow.5.xml:284(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>"
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr ""
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr "getspnam"
+
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr ""
+
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "SK�ADNIA"
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr "#include &lt;shadow.h&gt;"
+
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr "struct spwd *getspent();"
+
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr "struct spwd *getspnam(char"
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr "*name"
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ");"
+
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr "void setspent()"
+
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr "void endspent();"
+
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr "struct spwd *fgetspent(FILE"
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr "*fp"
+
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr "struct spwd *sgetspent(char"
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr "*cp"
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr "int putspent(struct spwd"
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr "*p,"
+
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr "FILE"
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr "int lckpwdf();"
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr "int ulckpwdf();"
+
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid ""
+"struct spwd {\n"
+"      char\t\t*sp_namp; /* user login name */\n"
+"      char\t\t*sp_pwdp; /* encrypted password */\n"
+"      long int\t\tsp_lstchg; /* last password change */\n"
+"      long int\t\tsp_min; /* days until change allowed. */\n"
+"      long int\t\tsp_max; /* days before change required */\n"
+"      long int\t\tsp_warn; /* days warning for expiration */\n"
+"      long int\t\tsp_inact; /* days before account inactive */\n"
+"      long int\t\tsp_expire; /* date when account expires */\n"
+"      unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+"    "
+msgstr ""
+
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr ""
+
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr ""
+
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr ""
+
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr ""
+
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr ""
+
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr ""
+
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr ""
+
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr "pwconv"
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr "pwunconv"
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr "grpconv"
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr "grpunconv"
+
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr ""
+
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+
+#: pwconv.8.xml:188(para)
+#, fuzzy
+#| msgid ""
+#| "The options which apply to the <command>vipw</command> and <command>vigr</"
+#| "command> commands are:"
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+"Polecenia <command>vipw</command> i <command>vigr</command> posiadajÄ… "
+"następujące opcje:Polecenia <command>vipw</command> i <command>vigr</"
+"command> posiadają następujące opcje:"
+
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+
+#: pwconv.8.xml:263(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr ""
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr "pwck"
+
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr ""
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr "passwd"
+
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr ""
+
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr ""
+
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr ""
+
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr ""
+
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr ""
+
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr ""
+
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr ""
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr ""
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr ""
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr ""
+
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr ""
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr ""
+
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr ""
+
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+#, fuzzy
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr "Polecenie <command>pwck</command> posiada następujące opcje:"
+
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr ""
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--remove</option>"
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr ""
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+#, fuzzy
+#| msgid "<option>-s</option>, <option>--shadow</option>"
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+
+#: pwck.8.xml:227(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+
+#: pwck.8.xml:243(para)
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"parameter could be replaced by an alternate TCB directory."
+msgstr ""
+
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr ""
+
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr ""
+
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr ""
+
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr ""
+
+#: pwck.8.xml:336(para)
+#, fuzzy
+#| msgid "can't update password file"
+msgid "can't sort password files"
+msgstr "nie można zaktualizować pliku z hasłami"
+
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>pwck</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#: pwck.8.xml:345(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr ""
+
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr ""
+
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "PRZYK�ADY"
+
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr "*:jfh:Wk0900-1700"
+
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+msgstr ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr "*:games:Wk1700-0900,SaSu0000-2400"
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr "/etc/porttime"
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr "Plik zawierający ustawienia dostępu do portów."
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr ""
+
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr ""
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr ""
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr ""
+
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr ""
+
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr ""
+
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr ""
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr ""
+
+#: passwd.5.xml:156(filename)
+#, fuzzy
+#| msgid "/etc/passwd"
+msgid "/etc/passwd-"
+msgstr "/etc/passwd"
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr ""
+
+#: passwd.5.xml:170(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr "zmiana hasła użytkownika"
+
+#: passwd.1.xml:89(para)
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr ""
+
+#: passwd.1.xml:99(para)
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr ""
+
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr ""
+
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr ""
+
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr ""
+
+#: passwd.1.xml:148(para)
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+
+#: passwd.1.xml:166(para)
+msgid ""
+"You can find advice on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr "Polecenie <command>passwd</command> posiada następujące opcje:"
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr ""
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr ""
+
+#: passwd.1.xml:220(term)
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>NIEAKTYWNE</replaceable>"
+
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+#: passwd.1.xml:237(para)
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr "<option>-l</option>, <option>--lock</option>"
+
+#: passwd.1.xml:249(para)
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr ""
+
+#: passwd.1.xml:269(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-m</option>, <option>--mindays</option>&nbsp;"
+#| "<replaceable>MIN_DAYS</replaceable>"
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DNI</"
+"replaceable>"
+
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+"Utawia minimalną liczbę dni pomiędzy zmianami hasła na "
+"<replaceable>MIN_DAYS</replaceable>. Wartość zerowa oznacza, że użytkownik "
+"może je zmieniać w dowolnym czasie."
+
+#: passwd.1.xml:291(term)
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOZYTORIUM</replaceable>"
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr ""
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr "<option>-S</option>, <option>--status</option>"
+
+#: passwd.1.xml:317(para)
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr "<option>-u</option>, <option>--unlock</option>"
+
+#: passwd.1.xml:335(para)
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+
+#: passwd.1.xml:344(term)
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>DNI_OSTRZ</replaceable>"
+
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+
+#: passwd.1.xml:357(term)
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DNI</"
+"replaceable>"
+
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+
+#: passwd.1.xml:373(para)
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr ""
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr ""
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr ""
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr ""
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KLUCZ</"
+"replaceable>=<replaceable>WARTOŚĆ</replaceable>"
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr ""
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "PASS_WARN_AGE (numer)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "PASS_MAX_DAYS (numer)"
+
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+#, fuzzy
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "PASS_MIN_DAYS (numer)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr ""
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr ""
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+
+#: passwd.1.xml:429(filename)
+#, fuzzy
+#| msgid "/etc/passwd"
+msgid "/etc/pam.d/passwd"
+msgstr "/etc/passwd"
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr ""
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "brak dostępu"
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "nieprawidłowa kombinacja opcji"
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr ""
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr ""
+
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr ""
+
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>passwd</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#: passwd.1.xml:490(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr "nologin"
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr ""
+
+#: nologin.8.xml:65(para)
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr ""
+
+#: nologin.8.xml:91(para)
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr ""
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr "wsadowa aktualizacja i tworzenie nowych użytkowników"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr ""
+
+#: newusers.8.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The <command>newusers</command> command reads a file of user name and "
+#| "clear-text password pairs and uses this information to update a group of "
+#| "existing users or to create new users. Each line is in the same format as "
+#| "the standard password file (see <citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>) with the following "
+#| "exceptions:"
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+"Polecenie <command>newusers</command> odczytuje z pliku nazwa użytkowników i "
+"podane jawnym tekstem hasło. Odczytane informacje wykorzystywane są do "
+"aktualizacji grupy istniejących użytkowników lub tworzenia nowych. Każdy "
+"wiersz pliku posiada taki sam format jak standardowy plik haseł (patrz "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>), z następującymi wyjątkami:"
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr ""
+
+#: newusers.8.xml:110(emphasis)
+#, fuzzy
+#| msgid "*name"
+msgid "pw_name"
+msgstr "*name"
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr ""
+
+#: newusers.8.xml:116(para)
+msgid ""
+"It can be the name of a new user or the name of an existing user (or a user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr "pw_passwd"
+
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr ""
+"To pole zostanie zakodowane i użyte jako nowa wartość zakodowanego hasła."
+
+#: newusers.8.xml:138(emphasis)
+#, fuzzy
+#| msgid "pw_gid"
+msgid "pw_uid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr ""
+
+#: newusers.8.xml:144(para)
+msgid ""
+"If the field is empty, a new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr ""
+
+#: newusers.8.xml:152(para)
+msgid ""
+"If this field contains the name of an existing user (or the name of a user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr ""
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr ""
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr ""
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr ""
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr "pw_dir"
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr ""
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr ""
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr ""
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr ""
+
+#: newusers.8.xml:266(para)
+#, fuzzy
+#| msgid ""
+#| "The options which apply to the <command>usermod</command> command are:"
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr "Polecenie <command>usermod</command> posiada następujące opcje:"
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+#, fuzzy
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr ""
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+#, fuzzy
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr ""
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr ""
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr ""
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr ""
+
+#: newusers.8.xml:430(filename)
+#, fuzzy
+#| msgid "/etc/passwd"
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/passwd"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr ""
+
+#: newusers.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr "newgrp"
+
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr ""
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr "group"
+
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+
+#: newgrp.1.xml:152(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>"
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr "logoutd"
+
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr "wymuszenie ograniczeń czasu logowania"
+
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+"<command>logoutd</command> wymusza ograniczenia portów i czasów logowania "
+"podane w <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"powinno być uruchamiane z <filename>/etc/rc</filename>.  Okresowo "
+"przeglÄ…dany jest plik <filename>/var/run/utmp</filename>. Sprawdzana jest "
+"każda nazwa  użytkownika, aby stwierdzić, czy użytkownik ma zezwolenie na "
+"pracę w bieżącym czasie na danym porcie. Każda sesja pracy (logowania) "
+"naruszajÄ…ca ograniczenia zawarte w <filename>/etc/porttime</filename> jest "
+"kończona."
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr "/var/run/utmp"
+
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "List bieżących sesji pracy."
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr "login.defs"
+
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr ""
+
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr ""
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+#, fuzzy
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+#, fuzzy
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ERASECHAR</option> (number)"
+msgstr "UMASK (number)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "PASS_MIN_DAYS (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>KILLCHAR</option> (number)"
+msgstr "GID_MAX (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr ""
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "GID_MIN (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr ""
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "GID_MAX (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr "CHFN_RESTRICT (łańcuch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+
+#: login.defs.5.xml:208(para)
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr "GID_MAX (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+#, fuzzy
+msgid "<option>TTYPERM</option> (string)"
+msgstr "USERDEL_CMD (łańcuch)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "MAIL_DIR (łańcuch)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ULIMIT</option> (number)"
+msgstr "UID_MIN (numer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr ""
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr ""
+
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr ""
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr "chage"
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr ""
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr "chfn"
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr "chgpasswd"
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr "chpasswd"
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr ""
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr "chsh"
+
+#: login.defs.5.xml:288(para)
+#, fuzzy
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr "CHFN_AUTH CHFN_RESTRICT"
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr "gpasswd"
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr "groupadd"
+
+#: login.defs.5.xml:308(para)
+#, fuzzy
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr ""
+"GID_MAX GID_MIN PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UID_MAX UID_MIN "
+"UMASK"
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr "groupdel"
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr ""
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr "groupmems"
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr "groupmod"
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr "grpck"
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr "login"
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:383(term)
+#, fuzzy
+#| msgid "newgrp"
+msgid "newgrp / sg"
+msgstr "newgrp"
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:393(para)
+#, fuzzy
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+"GID_MAX GID_MIN PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UID_MAX UID_MIN "
+"UMASK"
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:431(para)
+#, fuzzy
+#| msgid "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UMASK"
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UMASK"
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:463(term)
+#, fuzzy
+msgid "sulogin"
+msgstr "login"
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:474(para)
+#, fuzzy
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+"GID_MAX GID_MIN PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UID_MAX UID_MIN "
+"UMASK"
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:519(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr "login.access"
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr ""
+
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr ""
+
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr ""
+
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr ""
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr ""
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr "ENV=VAR"
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr ""
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr "-h"
+
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr ""
+
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr ""
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr ""
+
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr ""
+
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr ""
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr ""
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr ""
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr ""
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr ""
+
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr ""
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr ""
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr ""
+
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr ""
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr ""
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr ""
+
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr ""
+
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr ""
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr ""
+
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr ""
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr ""
+
+#: limits.5.xml:111(para)
+msgid "F: maximum file size (KB)"
+msgstr ""
+
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr ""
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr ""
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr ""
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr ""
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr ""
+
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr ""
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr ""
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr ""
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr ""
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      username L2D2048N5\n"
+"      username L2 D2048 N5\n"
+"    "
+msgstr ""
+"\n"
+"      username L2D2048N5\n"
+"      username L2 D2048 N5\n"
+"    "
+
+#: limits.5.xml:145(para)
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. An "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+
+#: limits.5.xml:159(para)
+#, fuzzy
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: limits.5.xml:165(para)
+msgid ""
+"If more than one line with limits for a user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+
+#: limits.5.xml:170(para)
+msgid ""
+"If no lines are specified for a user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr ""
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr "/etc/limits"
+
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr "lastlog"
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr ""
+"wyświetla informacje o ostanim logowaniu dla wybranego lub wszystkich "
+"użytkowaników"
+
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+"Polecenie <command>lastlog</command> formatuje i wyświetla zawartość bazy "
+"ostatnich logowań zapisanych w pliku <filename>/var/log/lastlog</filename>. "
+"Wyświetlone zostaną <emphasis>nazwa użytkownika</emphasis>, <emphasis>port</"
+"emphasis> i <emphasis>czas</emphasis> ostatniego logowania. Domyślnie (bez "
+"flag) pozycje wyświetlane są w kolejności w jakiej są w pliku <filename>/etc/"
+"passwd</filename>."
+
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr "Polecenie <command>lastlog</command> posiada następujące opcje:"
+
+#: lastlog.8.xml:97(term)
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DNI</"
+"replaceable>"
+
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+"Wyświetlenie rekordów lastlog starszych niż zadana <emphasis remap=\"I"
+"\">DNI</emphasis>."
+
+#: lastlog.8.xml:107(term)
+#, fuzzy
+#| msgid "<option>-q</option>, <option>--quiet</option>"
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: lastlog.8.xml:111(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"Clear lastlog record of a user. This option can be used only together with "
+"<option>-u</option> (<option>--user</option>))."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: lastlog.8.xml:138(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: lastlog.8.xml:142(para)
+msgid ""
+"Set lastlog record of a user to the current time. This option can be used "
+"only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DNI</"
+"replaceable>"
+
+#: lastlog.8.xml:153(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr ""
+"Wyświetlenie rekordów lastlog nie starszych niż zadana ilość <emphasis remap="
+"\"I\">DNI</emphasis>."
+
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KLUCZ</"
+"replaceable>=<replaceable>WARTOŚĆ</replaceable>"
+
+#: lastlog.8.xml:164(para)
+#, fuzzy
+#| msgid ""
+#| "Print the lastlog record for user with specified <emphasis remap=\"I"
+#| "\">LOGIN</emphasis> only."
+msgid "Print the lastlog record of the specified user(s)."
+msgstr ""
+"Wyświetlenie informacji o ostanim logowaniu dla użytkownika "
+"<replaceable>LOGIN</replaceable>."
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+
+#: lastlog.8.xml:179(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+"Jeżeli użytkownik nigdy się nie logował to zamiast portu i czasu \n"
+"logowania wyświetlany jest komunikat <emphasis>**Nigdy nie zalogowany**</"
+"emphasis> (użytkownik nigdy się nie logował)."
+
+#: lastlog.8.xml:184(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr "UWAGI"
+
+#: lastlog.8.xml:193(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+"Baza danych <filename>lastlog</filename> jest plikiem zawierajacym "
+"informacje o ostanim logowaniu każdego użytkowanika. Pliku tego nie powinnoa "
+"się okresowo kasować i zakąłdać od nowa (rotacja). Plik ten jest plikiem z "
+"dziurami tak więc jego rozmiar jest zwykle znacznie mniejszy pokazywany "
+"przez polecenie \"<command>ls -l</command>\" (pokazujące że jest on dużych "
+"rozmiarów jeżeli masz w <filename>passwd</filename> użytkowaników z wysokimi "
+"wartościami UID). Mozesz wyświetlić rzeczywisty rozmiar tego pliku używając "
+"polecenia \"<command>ls -s</command>\"."
+
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr "Baza danych ostatnich logowań użytkowników."
+
+#: lastlog.8.xml:217(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+"Duże luki w numeracji UID powodują, że program będzie pracował dłużej, nie "
+"wyświetlając wyników (np. jeśli w bazie lastlog nie ma wpisów dla o UID "
+"pomiedzy 170, a 800, to program będzie sprawiał wrażenie zawieszonego w "
+"trakcie przetwarzania wpisów dla użytkowanikół o UID 171-799)."
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr ""
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr "gshadow"
+
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr ""
+
+#: gshadow.5.xml:59(para)
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr ""
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr ""
+
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "nazwa grupy"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr ""
+
+#: gshadow.5.xml:90(para)
+#, fuzzy
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+"Nowa wartość pola komentarza dla danego użytkownika w pliku haseł. Zwykle "
+"jest zmieniana przy pomocy polecenia <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: gshadow.5.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The new value of the user's password file comment field. It is normally "
+#| "modified using the <citerefentry><refentrytitle>chfn</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgid ""
+"The password is used when a user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"Nowa wartość pola komentarza dla danego użytkownika w pliku haseł. Zwykle "
+"jest zmieniana przy pomocy polecenia <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr ""
+
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr ""
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr ""
+
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr ""
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr ""
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr ""
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr ""
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr ""
+
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+
+#: gshadow.5.xml:175(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr ""
+
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr ""
+
+#: grpck.8.xml:104(para)
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+
+#: grpck.8.xml:111(para)
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr ""
+
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+
+#: grpck.8.xml:152(para)
+#, fuzzy
+#| msgid "The options which apply to the <command>pwck</command> command are:"
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr "Polecenie <command>pwck</command> posiada następujące opcje:"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+
+#: grpck.8.xml:187(para)
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+
+#: grpck.8.xml:196(para)
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr ""
+
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr ""
+
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr ""
+
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr ""
+
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>grpckl</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#: grpck.8.xml:291(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>login</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>gshadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr ""
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr ""
+
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr "modyfikuj definicjÄ™ grupy systemowej"
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "GRUPA"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+"Polcenie <command>groupmod</command> modifikuje definicjÄ™ grupy "
+"<replaceable>GRUPA</replaceable> poprzez modifikacjÄ™ stosownego wpisu w "
+"bazie grup."
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr "Polecenie <command>groupmod</command> posiada następujące opcje:"
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmod.8.xml:100(para)
+#, fuzzy
+#| msgid ""
+#| "The name of the group will be changed from <replaceable>GROUP</"
+#| "replaceable> to <replaceable>NEW_GROUP</replaceable> name."
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: groupmod.8.xml:104(para)
+#, fuzzy
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+"Nowa wartość ID grupy <replaceable>GRUPA</replaceable>. Numeryczna wartość "
+"<replaceable>GID</replaceable> musi mieć nieujemną wartość całkowitą. "
+"Wartość ta musi być unikalna chyba że użyto opcji <option>-o</option>. "
+"Wartości pomiędzy 0 a 999 są zwykle zarezerwowane dla grup systemowych. "
+"Pliki, dla których stary identyfikator jest identyfikatorem grupy pliku, "
+"wymagają ręcznej zmiany ID grupy."
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+
+#: groupmod.8.xml:120(para)
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: groupmod.8.xml:135(term)
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--append</option>&nbsp;<replaceable>NOWA_GRUPA</"
+"replaceable>"
+
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: groupmod.8.xml:150(para)
+#, fuzzy
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+"Użyte z opcją <option>-g</option> umożliwia zmiane <replaceable>GID</"
+"replaceable> grupy na wartość nieunikalną."
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "nazwa grupy już jest w użyciu"
+
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>groupmod</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#: groupmod.8.xml:287(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr ""
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr ""
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr ""
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr ""
+
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr ""
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr "user_name"
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr ""
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr "-g <placeholder-1/>"
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+
+#: groupmems.8.xml:94(para)
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr "Polecenie <command>groupmems</command> posiada następujące opcje:"
+
+#: groupmems.8.xml:107(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#| "replaceable>"
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: groupmems.8.xml:109(para)
+msgid "Add a user to the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+
+#: groupmems.8.xml:118(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DNI</"
+"replaceable>"
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+
+#: groupmems.8.xml:134(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+#| "replaceable>"
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr ""
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:154(term)
+#, fuzzy
+#| msgid "<option>-e</option>, <option>--expire</option>"
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr ""
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+"    "
+msgstr ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+"    "
+
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr ""
+
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr ""
+
+#: groupdel.8.xml:81(para)
+#, fuzzy
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+"Polecenie <command>usermod</command> zmienia systemowe pliki kont, "
+"odzwierciedlając zmiany podane w wierszu poleceń."
+
+#: groupdel.8.xml:89(para)
+#, fuzzy
+#| msgid ""
+#| "The options which apply to the <command>groupmod</command> command are:"
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr "Polecenie <command>groupmod</command> posiada następujące opcje:"
+
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr ""
+
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr ""
+
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr ""
+
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>groupdel</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#: groupdel.8.xml:198(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>"
+
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "utwórz nową grupę"
+
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr "Polecenie <command>groupadd</command> posiada następujące opcje:"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+
+#: groupadd.8.xml:118(para)
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+
+#: groupadd.8.xml:124(para)
+#, fuzzy
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+
+#: groupadd.8.xml:146(para)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KLUCZ</"
+"replaceable>=<replaceable>WARTOŚĆ</replaceable>"
+
+#: groupadd.8.xml:150(para)
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr ""
+
+#: groupadd.8.xml:192(para)
+#, fuzzy
+#| msgid "create a new group"
+msgid "Create a system group."
+msgstr "twółrz nową grupę"
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+
+#: groupadd.8.xml:258(para)
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr ""
+
+#: groupadd.8.xml:267(para)
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr ""
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr ""
+
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>groupadd</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr ""
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr ""
+
+#: gpasswd.1.xml:71(phrase)
+#, fuzzy
+#| msgid "-r <placeholder-1/>"
+msgid "administer <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: gpasswd.1.xml:74(phrase)
+#, fuzzy
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr "-K <placeholder-1/>=<placeholder-2/>"
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+#, fuzzy
+msgid "option"
+msgstr "opcje"
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:115(para)
+#, fuzzy
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+"Nowa wartość pola komentarza dla danego użytkownika w pliku haseł. Zwykle "
+"jest zmieniana przy pomocy polecenia <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr ""
+
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+
+#: gpasswd.1.xml:135(para)
+#, fuzzy
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr ""
+
+#: gpasswd.1.xml:142(para)
+#, fuzzy
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr "Polecenie <command>passwd</command> posiada następujące opcje:"
+
+#: gpasswd.1.xml:147(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#| "replaceable>"
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: gpasswd.1.xml:151(para)
+#, fuzzy
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: gpasswd.1.xml:160(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DNI</"
+"replaceable>"
+
+#: gpasswd.1.xml:164(para)
+#, fuzzy
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+"Nazwa grupy zostanie zmieniona z <replaceable>GRUPA</replaceable> na nazwÄ™ "
+"<replaceable>NOWA_GRUPA</replaceable>."
+
+#: gpasswd.1.xml:181(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>KAT_DOMOWY</"
+"replaceable>"
+
+#: gpasswd.1.xml:195(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--remove</option>"
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:211(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:227(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-m</option>, <option>--mindays</option>&nbsp;"
+#| "<replaceable>MIN_DAYS</replaceable>"
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DNI</"
+"replaceable>"
+
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr ""
+
+#: gpasswd.1.xml:239(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DNI</"
+"replaceable>"
+
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr ""
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+
+#: gpasswd.1.xml:298(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr "faillog"
+
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr ""
+
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr "Polecenie <command>faillog</command> posiada następujące opcje:"
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+
+#: faillog.8.xml:102(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+
+#: faillog.8.xml:128(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-l</option>, <option>--lock-time</option>&nbsp;<replaceable>SEC</"
+#| "replaceable>"
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--lock-time</option>&nbsp;<replaceable>SEK</"
+"replaceable>"
+
+#: faillog.8.xml:132(para)
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr ""
+
+#: faillog.8.xml:143(term)
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+
+#: faillog.8.xml:147(para)
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr ""
+
+#: faillog.8.xml:195(para)
+#, fuzzy
+#| msgid ""
+#| "Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+#| "emphasis>."
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr ""
+"Wyświetlenie rekordów lastlog nie starszych niż zadana ilość <emphasis remap="
+"\"I\">DNI</emphasis>."
+
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:224(para)
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr "/var/log/faillog"
+
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr ""
+
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr ""
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "Struktura tego pliku to:"
+
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;\n"
+"\tshort   fail_max;\n"
+"\tchar    fail_line[12];\n"
+"\ttime_t  fail_time;\n"
+"\tlong    fail_locktime;\n"
+"};"
+msgstr ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;\n"
+"\tshort   fail_max;\n"
+"\tchar    fail_line[12];\n"
+"\ttime_t  fail_time;\n"
+"\tlong    fail_locktime;\n"
+"};"
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr ""
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr "expiry"
+
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr "sprawdzenie ważności i wymuszenie zmiany hasła"
+
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+"Polecenie <command>expiry</command> sprawdza (<option>-c</option>), kiedy "
+"wygaśnie aktualne hasło oraz wymusza (<option>-f</option>) lub wymusza jego "
+"zmianę.Może ono być wywoływane jako zwykłe polecenie przez użytkownika."
+
+#: expiry.1.xml:92(para)
+#, fuzzy
+#| msgid "The options which apply to the <command>pwck</command> command are:"
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr "Polecenie <command>pwck</command> posiada następujące opcje:"
+
+#: expiry.1.xml:97(term)
+#, fuzzy
+#| msgid "<option>-L</option>, <option>--lock</option>"
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: expiry.1.xml:99(para)
+#, fuzzy
+#| msgid "check and enforce password expiration policy"
+msgid "Check the password expiration of the current user."
+msgstr "sprawdzenie ważności i wymuszenie zmiany hasła"
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr ""
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr "zmiana powłoki zgłoszeniowej"
+
+#: chsh.1.xml:85(para)
+#, fuzzy
+#| msgid ""
+#| "The <command>chsh</command> command changes the user login shell. This "
+#| "determines the name of the user's initial login command. A normal user "
+#| "may only change the login shell for her own account, the superuser may "
+#| "change the login shell for any account."
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+"Polecenie <command>chsh</command> zmienia powłokę zgłoszeniową użytkownika, "
+"która określa nazwę początkowego polecenia zgłoszeniowego użytkownika. "
+"Zwykły użytkownik może zmienić wyłącznie  powłokę zgłoszeniową własnego "
+"konta, superużytkownik może zmienić powłokę zgłoszeniową dla dowolnego konta."
+
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr "Polecenie <command>chsh</command> posiada następujące opcje:"
+
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Jeżeli nie podano opcji <option>-s</option>, to polecenie <command>chsh</"
+"command> działa w trybie interaktywnym, proponując użytkownikowi bieżącą "
+"powłokę logowania. Wprowadzenie nowej wartości powoduje zmianę powłoki, a "
+"podanie wartości pustej  pozostawia bieżącą powłokę. Bieżąca powłoka "
+"wyświetlana jest w nawiasach <emphasis>[ ]</emphasis>"
+
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+"Jedynym ograniczeniem nałożonym na powłokę zgłoszeniową jest to, że jej "
+"nazwa musi być wymieniona w <filename>/etc/shells</filename>, chyba że "
+"polecenie chsh zostało uruchomione przez superużytkownika wówczas może być "
+"podana dowolna nazwa. Użytkownicy kont z ograniczoną powłoką logowania nie "
+"mogą jej zmieniać. Odradza się z tego powodu umieszczanie <filename>/bin/"
+"rsh</filename> w pliku <filename>/etc/shells</filename>, gdyż przypadkowa "
+"zmiana na powłokę ograniczoną uniemożliwi użytkownikowi jakąkolwiek zmianę "
+"powłoki logowania, nawet z powrotem na dotychczasową."
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr "/etc/shells"
+
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr "Lista dozwolonych powłok zgłoszeniowych."
+
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr "wsadowa aktualizacja haseł użytkowników"
+
+#: chpasswd.8.xml:83(para)
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+"Polecenie <command>chpasswd</command> czyta pary danych (użytkownik i hasło) "
+"ze standardowego wejścia. Odczytane informacje wykorzystywane są do "
+"aktualizacji danych o grupie istniejących użytkowników. Każdy wiersz "
+"przekazywanych danych ma postać:"
+
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">nazwa_użytkownika</emphasis>:<emphasis remap=\"I"
+"\">hasło</emphasis>"
+
+#: chpasswd.8.xml:92(para)
+#, fuzzy
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+"Domyślnie dostarczane hasła muszą być w postaci jawnej. Podczas kodowania "
+"haseł używany jest domyślnie algorytm DES. W trakcie zmiany hasła "
+"aktualizowany jest także wiek hasła."
+
+#: chpasswd.8.xml:97(para)
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwritten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:111(para)
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occurred for "
+"any user."
+msgstr ""
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr ""
+"Polecenie to przeznaczone jest do użytku w dużych systemach, gdzie "
+"aktualizuje siÄ™ wiele kont naraz."
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr "Polecenie <command>chpasswd</command> posiada następujące opcje:"
+
+#: chpasswd.8.xml:137(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-c</option>, <option>--comment</option>&nbsp;"
+#| "<replaceable>COMMENT</replaceable>"
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>KOMENTARZ</"
+"replaceable>"
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr ""
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr ""
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr ""
+"Dostarczone na standardowe wejście hasła są traktowane jako już zakodowane."
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr "<option>-m</option>, <option>--md5</option>"
+
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr ""
+"Jeżeli dpostarczane hasła są w postaci jawnej użyj kodowania MD5 zamiast "
+"domyślnego DES."
+
+#: chpasswd.8.xml:200(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-w</option>, <option>--warndays</option>&nbsp;"
+#| "<replaceable>WARN_DAYS</replaceable>"
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>DNI_OSTRZ</replaceable>"
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr ""
+"Pamiętaj żeby zabezpieczyć przed odczytem plik przekazywany na standardowe "
+"wejście polecenia."
+
+#: chpasswd.8.xml:276(filename)
+#, fuzzy
+#| msgid "/etc/passwd"
+msgid "/etc/pam.d/chpasswd"
+msgstr "/etc/passwd"
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr ""
+
+#: chpasswd.8.xml:286(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr ""
+
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr "wsadowa aktualizacja haseł grup"
+
+#: chgpasswd.8.xml:79(para)
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+"Polecenie <command>chgpasswd</command> czyta pary danych (grupa i hasło) ze "
+"standardowego wejścia. Odczytane informacje wykorzystywane są do "
+"aktualizacji danych o grupach istniejących użytkowników. Każdy wiersz "
+"przekazywanych danych ma postać:"
+
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">nazwa_grupy</emphasis>:<emphasis remap=\"I\">hasło</"
+"emphasis>"
+
+#: chgpasswd.8.xml:88(para)
+#, fuzzy
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+"Domyślnie dostarczane hasła muszą być w postaci jawnej. Podczas kodowania "
+"haseł używany jest domyślnie algorytm DES."
+
+#: chgpasswd.8.xml:92(para)
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwritten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr "Polecenie <command>chgpasswd</command> posiada następujące opcje:"
+
+#: chgpasswd.8.xml:238(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr ""
+
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+
+#: chfn.1.xml:112(para)
+#, fuzzy
+#| msgid "The options which apply to the <command>chsh</command> command are:"
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr "Polecenie <command>chsh</command> posiada następujące opcje:"
+
+#: chfn.1.xml:117(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>"
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>"
+
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr ""
+
+#: chfn.1.xml:125(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>KAT_DOMOWY</"
+"replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr ""
+
+#: chfn.1.xml:133(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>KAT_DOMOWY</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+
+#: chfn.1.xml:145(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>KAT_DOMOWY</"
+"replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr ""
+
+#: chfn.1.xml:165(term)
+#, fuzzy
+#| msgid "<option>-h</option>, <option>--help</option>"
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: chfn.1.xml:173(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>KAT_DOMOWY</"
+"replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr ""
+
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "zmiana informacji o terminie ważności hasła użytkownika"
+
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+"Polecenie <command>chage</command> zmienia liczbę dni pomiędzy zmianami "
+"hasła i datę ostatniej zmiany hasła. Informację tę system wykorzystuje do "
+"ustalenia, kiedy użytkownik musi zmienić hasło."
+
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr "Polecenie <command>chage</command> posiada następujące opcje:"
+
+#: chage.1.xml:97(term)
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>OSTATNI</"
+"replaceable>"
+
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+"Ustawia ilość dni od 1 stycznia 1970 kiedy hało było ostani raz zmieniane. "
+"Data ważności może być takze prezekazana w formacie RRRR-MM-DD (lub formacie "
+"używanym lokalnie)."
+
+#: chage.1.xml:109(term)
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>DATA_WAŻN</replaceable>"
+
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+"Ustawia datę, począwszy od której konto użytkownika nie będzie już dostępne. "
+"<replaceable>DATA_WAŻN</replaceable> jest liczbą dni od 1 stycznia 1970, od "
+"której konto jest blokowane. Data może być też wyrażona w formacie RRRR-MM-"
+"DD (lub innej, powszechniej używanej w danym regionie). Użytkownik, którego "
+"konto jest zablokowane musi skontaktować się z administratorem systemu zanim "
+"będzie mógł z niego ponownie skorzystać."
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+"Przekazanie <emphasis remap=\"I\">-1</emphasis> jako <replaceable>DATA_WAŻN</"
+"replaceable> usuwa ograniczenie ważności konta użytkownika."
+
+#: chage.1.xml:135(term)
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>NIEAKTYWNE</replaceable>"
+
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+"Opcja ta służy do ustawiania czasu nieaktywności konta po wygaśnięciu "
+"ważności hasła, po którym to czasie konto jest blokowane. Parametr "
+"<replaceable>NIEAKTYWNE</replaceable> jest liczbą dni nieaktywności. "
+"Użytkownik, którego konto jest zablokowane musi skontaktować się z "
+"administratorem systemu zanim będzie mógł z niego ponownie skorzystać."
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+"Przekazanie <emphasis remap=\"I\">-1</emphasis> jako "
+"<replaceable>NIEAKTYWNE</replaceable> usuwa ograniczenie nieaktywniści konta "
+"użytkownika."
+
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr "Wyświetlenie informacji o terminach ważności konta i hasła."
+
+#: chage.1.xml:164(term)
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DNI</"
+"replaceable>"
+
+#: chage.1.xml:176(term)
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DNI</"
+"replaceable>"
+
+#: chage.1.xml:180(para)
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+"Ustawia maksymalną liczbę dni, przez jakie hasło jest ważne. Gdy "
+"<replaceable>MAX_DNI</replaceable> plus <replaceable>OSTATNI</replaceable> "
+"jest mniejsze niż bieżący dzień, użytkownik musi zmienić swoje hasła, zanim "
+"będzie mógł skorzystać z konta. Zdarzenie to może być zaplanowane z "
+"wyprzedzeniem przez wykorzystanie opcji <option>-W</option>, ostrzegajÄ…cej "
+"zawczasu użytkownika o zbliżającym się terminie zmiany."
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+"Przekazanie <emphasis remap=\"I\">-1</emphasis> jako <replaceable>MAX_DAYS</"
+"replaceable> usuwa sprawdzanie wazności hasła."
+
+#: chage.1.xml:209(term)
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>DNI_OSTRZ</replaceable>"
+
+#: chage.1.xml:213(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+"Ustawia na <replaceable>DNI_OSTRZ</replaceable> liczbę dni przed upływem "
+"ważności hasła. Od tego dnia użytkownik będzie ostrzegany o nadchodzącym "
+"terminie zmiany hasła."
+
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Jeśli nie podano żadnej opcji, to <command>chage</command> działa w trybie "
+"interaktywnym, proponując użytkownikowi wartości bieżące dla każdego z pól. "
+"Wprowadzenie nowej wartości powoduje zmianę wartości pola, a podanie "
+"wartości pustej pozostawia wartość bieżącą. Bieżąca wartość pola wyświetlana "
+"jest w nawiasach <emphasis>[ ]</emphasis>."
+
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr ""
+"Program <command>chage</command> wymaga do działania chronionego pliku haseł "
+"użytkowników (shadow)."
+
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+"Polecenia chage może użyć tylko użytkownik root, za wyjątkiem opcji <option>-"
+"l</option>. Może się nią posłużyć się użytkownik nieuprzywilejowany  do "
+"stwierdzenia, kiedy wygasa jego własne hasło lub konto."
+
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "nie można znaleźć pliku shadow"
+
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Polecenie <command>chage</command> kończy działanie z następującymi "
+"wartościami kodów zakończenia: <placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr "Tomasz KÅ‚oczko <kloczek@pld.org.pl>, 2006"
+
+#, fuzzy
+#~| msgid "-"
+#~ msgid "-M"
+#~ msgstr "-"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "13"
+#~ msgstr "13"
+
+#, fuzzy
+#~| msgid ""
+#~| "The name of the user's new login shell. Setting this field to blank "
+#~| "causes the system to select the default login shell."
+#~ msgid ""
+#~ "The SELinux user for the user's login. The default is to leave this field "
+#~ "the blank, which causes the system to select the default SELinux user."
+#~ msgstr ""
+#~ "Nazwa nowej powłoki (shell) użytkownika. Ustawienie tego pola na puste "
+#~ "powoduje, że system wybierze domyślną powłokę logowania."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "-q"
+#~ msgstr "-q"
+
+#~ msgid "-s"
+#~ msgstr "-s"
+
+#, fuzzy
+#~| msgid ""
+#~| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid "new_users"
+#~ msgstr "new_users"
+
+#~ msgid "full_name"
+#~ msgstr "full_name"
+
+#~ msgid "-f <placeholder-1/>"
+#~ msgstr "-f <placeholder-1/>"
+
+#~ msgid "room_no"
+#~ msgstr "room_no"
+
+#~ msgid "work_ph"
+#~ msgstr "work_ph"
+
+#~ msgid "-w <placeholder-1/>"
+#~ msgstr "-w <placeholder-1/>"
+
+#~ msgid "home_ph"
+#~ msgstr "home_ph"
+
+#~ msgid "other"
+#~ msgstr "other"
+
+#~ msgid "-o <placeholder-1/>"
+#~ msgstr "-o <placeholder-1/>"
+
+#, fuzzy
+#~| msgid ""
+#~| "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~| "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>pam</"
+#~| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+#~ "condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pam</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE"
+#~ msgstr "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE"
+
+#, fuzzy
+#~| msgid "Supplied passwords are in encrypted form."
+#~ msgid "The supplied passwords must be in clear-text."
+#~ msgstr ""
+#~ "Dostarczone na standardowe wejście hasła są traktowane jako już "
+#~ "zakodowane."
+
+#, fuzzy
+#~ msgid "and <placeholder-1/> files"
+#~ msgstr "-a <placeholder-1/>"
+
+#, fuzzy
+#~| msgid ""
+#~| "<command>usermod</command> will not allow you to change the name of a "
+#~| "user who is logged in. You must make certain that the named user is not "
+#~| "executing any processes when this command is being executed if the "
+#~| "user's numerical user ID is being changed. You must change the owner of "
+#~| "any <command>crontab</command> files manually. You must change the owner "
+#~| "of any <command>at</command> jobs manually. You must make any changes "
+#~| "involving NIS on the NIS server."
+#~ msgid ""
+#~ "<command>usermod</command> will not allow you to change the name of an "
+#~ "user who is logged in. You must make certain that the named user is not "
+#~ "executing any processes when this command is being executed if the user's "
+#~ "numerical user ID is being changed. You must change the owner of any "
+#~ "<command>crontab</command> files manually. You must change the owner of "
+#~ "any <command>at</command> jobs manually. You must make any changes "
+#~ "involving NIS on the NIS server."
+#~ msgstr ""
+#~ "Polecenie <command>usermod</command> nie pozwola na zmianÄ™ nazwy "
+#~ "zalogowanego użytkownika. Jeśli zmieniany jest numeryczny identyfikator "
+#~ "użytkownika procesu to musisz się upewnić, że w trakcie wykonywania tego "
+#~ "polecenia użytkownik nie wykonuje żadnego procesu. Właśniciela plików "
+#~ "<command>crontab</command> musisz zmienić ręcznie. Właśniciela zadań "
+#~ "<command>at</command> musisz zmienić ręcznie. Jakiekolwiek zmiany "
+#~ "dotyczące NIS musisz wykonać na serwerze NIS."
+
+#~ msgid ""
+#~ "The group name or number of the user's new initial login group. The group "
+#~ "name must exist. A group number must refer to an already existing group. "
+#~ "The default group number is 1."
+#~ msgstr ""
+#~ "Nazwa lub numer początkowej grupy logowania użytkownika. Nazwa grupy musi "
+#~ "istnieć. Numer grupy musi odnosić się do już istniejącej grupy. Domyślnym "
+#~ "numerem grupy jest 1."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>getpwnam</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>getpwnam</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+#, fuzzy
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "-a"
+#~ msgstr "-a"
+
+#~ msgid "-d"
+#~ msgstr "-d"
+
+#~ msgid "-g"
+#~ msgstr "-g"
+
+#~ msgid "GID"
+#~ msgstr "GID"
+
+#~ msgid "-o"
+#~ msgstr "-o"
+
+#~ msgid "KEY"
+#~ msgstr "KLUCZ"
+
+#~ msgid "VALUE"
+#~ msgstr "WARTOŚĆ"
+
+#~ msgid "-K <placeholder-1/>=<placeholder-2/>"
+#~ msgstr "-K <placeholder-1/>=<placeholder-2/>"
+
+#, fuzzy
+#~ msgid "-R"
+#~ msgstr "-"
+
+#, fuzzy
+#~ msgid "<option>-A</option>&nbsp;<replaceable>user</replaceable>,..."
+#~ msgstr ""
+#~ "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#~ "replaceable>"
+
+#, fuzzy
+#~ msgid "<option>-M</option>&nbsp;<replaceable>user</replaceable>,..."
+#~ msgstr ""
+#~ "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#~ "replaceable>"
+
+#~ msgid "An4wtbt"
+#~ msgstr "An4wtbt"
+
+#~ msgid ""
+#~ "The <option>-t</option> flag overrides the use of <option>-u</option>."
+#~ msgstr ""
+#~ "Opcja <option>-t</option> przesłania użycie opcji <option>-u</option>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid "MAIL_DIR USERDEL_CMD"
+#~ msgstr "MAIL_DIR USERDEL_CMD"
+
+#~ msgid "MAIL_DIR"
+#~ msgstr "MAIL_DIR"
+
+#~ msgid "CHFN_AUTH"
+#~ msgstr "CHFN_AUTH"
+
+#~ msgid "GID_MAX GID_MIN"
+#~ msgstr "GID_MAX GID_MIN"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>newusers</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>newusers</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid "-R <placeholder-1/>"
+#~ msgstr "-R <placeholder-1/>"
+
+#~ msgid "-A <placeholder-1/>"
+#~ msgstr "-A <placeholder-1/>"
+
+#~ msgid "-M <placeholder-1/>"
+#~ msgstr "-M <placeholder-1/>"
diff --git a/man/po/ru.po b/man/po/ru.po
new file mode 100644
index 0000000..ef552be
--- /dev/null
+++ b/man/po/ru.po
@@ -0,0 +1,11767 @@
+# translation of shadow_1:4.0.18.2-1_ru.po to Russian
+# Yuri Kozlov <kozlov.y@gmail.com>, 2005, 2006, 2007.
+# Yuri Kozlov <yuray@komyakino.ru>, 2012.
+msgid ""
+msgstr ""
+"Project-Id-Version: 1:4.0.18.2-1\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2013-08-23 01:39+0200\n"
+"Last-Translator: Yuri Kozlov <yuray@komyakino.ru>\n"
+"Language-Team: Russian <debian-l10n-russian@lists.debian.org>\n"
+"Language: ru\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: Lokalize 1.0\n"
+"Plural-Forms:  nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
+"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr ""
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr ""
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr ""
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr ""
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname)
+#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname)
+#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname)
+#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname)
+#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname)
+#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr ""
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr ""
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib)
+#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib)
+#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib)
+#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib)
+#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib)
+#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib)
+#: chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr ""
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr ""
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname)
+#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname)
+#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname)
+#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname)
+#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname)
+#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname)
+#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr ""
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr ""
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib)
+#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib)
+#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib)
+#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib)
+#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib)
+#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib)
+#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr ""
+
+# type: Content of: <refentry><refsect1><para><command>
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><manvolnum>
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+# type: Content of: <refentry><refmeta><refmiscinfo>
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "Команды управлени� �и�темой"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+msgid "shadow-utils"
+msgstr "shadow-utils"
+
+# type: Content of: <refentry><refsect1><para><command>
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr ""
+"позвол�ют редактировать файлы паролей, групп, теневых паролей пользователей "
+"или групп."
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable)
+#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable)
+#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable)
+#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable)
+#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable)
+#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable)
+#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "параметры"
+
+# type: Content of: <refentry><refsect1><title>
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "ОПИС��ИЕ"
+
+#: vipw.8.xml:90(para)
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"С помощью программ <command>vipw</command> и <command>vigr</command> можно "
+"измен�ть файлы <filename>/etc/passwd</filename> и <filename>/etc/group</"
+"filename>, �оответ�твенно. Е�ли указан параметр <option>-s</option>, то "
+"будут редактировать�� теневые вер�ии �тих файлов, <filename>/etc/shadow</"
+"filename> и <filename>/etc/gshadow</filename>, �оответ�твенно. �а врем� "
+"работы программы у�танавливают блокировку дл� предотвращени� повреждени� "
+"файла. При выборе редактора программы �начала провер�ют переменную окружени� "
+"<envar>$VISUAL</envar>, затем <envar>$EDITOR</envar>, и е�ли ничего не "
+"найдено, запу�кают �тандартный редактор <citerefentry><refentrytitle>vi</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><title>
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title)
+#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title)
+#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title)
+#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "П�Р�МЕТРЫ"
+
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr "Параметры команд <command>vipw</command> и <command>vigr</command>:"
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "Редактировать базу данных групп."
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "Показать краткую �правку и закончить работу."
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "Редактировать базу данных passwd."
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "�е выводить �ообщений при работе."
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>К�Т_CHROOT</"
+"replaceable>"
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+"Выполнить изменени� в каталоге <replaceable>К�Т_CHROOT</replaceable> и "
+"и�пользовать файлы на�тройки из каталога <replaceable>К�Т_CHROOT</"
+"replaceable>."
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "Редактировать базу данных shadow или gshadow."
+
+#: vipw.8.xml:156(term)
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr "Указать какой пользователь�кий теневой файл tcb редактировать."
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title)
+#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title)
+#: chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr "��СТРОЙК�"
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+"�а работу �того ин�трумента вли�ют �ледующие переменные на�тройки из "
+"<filename>/etc/login.defs</filename>:"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "<option>USE_TCB</option> (логиче�кий)"
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"Е�ли значение равно <replaceable>yes</replaceable>, то будет и�пользовать�� "
+"тенева� �хема паролей <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr "ОКРУЖЕ�ИЕ"
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr "VISUAL"
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr "Редактор, который будет вызван."
+
+# type: Content of: <refentry><refsect1><title>
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr "EDITOR"
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr ""
+"Редактор, который будет вызван, е�ли не задана переменна� <option>VISUAL</"
+"option>."
+
+# type: Content of: <refentry><refsect1><title>
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title)
+#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title)
+#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title)
+#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title)
+#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title)
+#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title)
+#: chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr "Ф�ЙЛЫ"
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename)
+#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename)
+#: grpck.8.xml:224(filename) groups.1.xml:103(filename)
+#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename)
+#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename)
+#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename)
+#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "�одержит информацию о группах"
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "�одержит защищаемую информацию о группах"
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "�одержит информацию о пользовател�х"
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "�одержит защищаемую информацию о пользовател�х"
+
+# type: Content of: <refentry><refsect1><title>
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "СМОТРИТЕ Т�КЖЕ"
+
+#: vipw.8.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr ""
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname)
+#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname)
+#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname)
+#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname)
+#: groups.1.xml:40(surname) groupmod.8.xml:41(surname)
+#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname)
+#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname)
+#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname)
+#: chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr ""
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr ""
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "измен�ет учётную запи�ь пользовател�"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><emphasis>
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "УЧ�Т��Я_З�ПИСЬ"
+
+# type: Content of: <refentry><refsect1><para>
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"Команда <command>usermod</command> измен�ет �и�темные файлы учётных запи�ей "
+"�огла�но переданным в командной �троке параметрам."
+
+# type: Content of: <refentry><refsect1><para>
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr "Параметры команды <command>usermod</command>:"
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--append</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:104(para)
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr ""
+"Добавить пользовател� в дополнительную группу(ы). И�пользовать только вме�те "
+"� параметром <option>-G</option>."
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;"
+"<replaceable>КОММЕ�Т�РИЙ</replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"�овое значение пол� комментари� в файле пользователь�ких паролей. Обычно его "
+"измен�ют � помощью программы <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: usermod.8.xml:124(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home-dir</option>&nbsp;"
+#| "<replaceable>HOME_DIR</replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option> "
+"<replaceable>ДОМ�Ш�ИЙ_К�Т�ЛОГ</replaceable>"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr "Домашний каталог нового пользовател�."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:131(para)
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+"Е�ли указан параметр <option>-m</option>, то �одержимое текущего домашнего "
+"каталога будет перемещено в новый домашний каталог, который будет �оздан, "
+"е�ли он ещё не �уще�твует."
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option> "
+"<replaceable>Д�Т�_УСТ�РЕВ��ИЯ</replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+"Дата, когда учётна� запи�ь пользовател� будет заблокирована. Дата задаёт�� в "
+"формате <emphasis remap=\"I\">ГГГГ-ММ-ДД</emphasis>."
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr ""
+"Пу�тое значение аргумента <replaceable>Д�Т�_УСТ�РЕВ��ИЯ</replaceable> "
+"отключает у�таревание учётной запи�и."
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+"Дл� �того параметра требует�� файл <filename>/etc/shadow</filename>. При "
+"от�ут�твии в <filename>/etc/shadow</filename> �оздаёт�� необходима� запи�ь."
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>Д�ЕЙ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:164(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr ""
+"Количе�тво дней, которые должны пройти по�ле у�таревани� парол�, чтобы "
+"учётна� запи�ь заблокировала�ь нав�егда."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:168(para)
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr ""
+"Е�ли указано значение 0, то учётна� запи�ь блокирует�� �разу по�ле "
+"у�таревани� парол�, а при значении -1 данна� возможно�ть не и�пользует��."
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>ГРУПП�</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:185(para)
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr ""
+"Им� или чи�ловой идентификатор новой первичной группы пользовател�. Группа � "
+"таким именем должна �уще�твовать."
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr ""
+"В�е файлы в домашнем каталоге пользовател�, принадлежавшие предыдущей "
+"первичной группе пользовател�, будут принадлежать новой группе."
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr ""
+"Группового владельца файлов вне домашнего каталога нужно изменить вручную."
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>ГРУПП�1</"
+"replaceable>[<emphasis remap=\"I\">,ГРУПП�2,…</emphasis>[<emphasis remap=\"I"
+"\">,ГРУПП�N</emphasis>]]]"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:204(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+"Спи�ок дополнительных групп, в которых чи�лит�� пользователь. Перечи�ление "
+"групп о�уще�твл�ет�� через зап�тую, без промежуточных пробелов. �а указанные "
+"группы дей�твуют те же ограничени�, что и дл� группы указанной в параметре "
+"<option>-g</option>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:211(para)
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+"Е�ли пользователь — член группы, которой в указанном �пи�ке нет, то "
+"пользователь удал�ет�� из �той группы. Такое поведение можно изменить � "
+"помощью параметра <option>-a</option>, при указании которого к уже "
+"имеющему�� �пи�ку групп пользовател� добавл�ет�� �пи�ок указанных "
+"дополнительных групп."
+
+#: usermod.8.xml:220(term)
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>�ОВОЕ_ИМЯ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:224(para)
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+"Им� пользовател� будет изменено � <replaceable>ИМЯ</replaceable> на "
+"<replaceable>�ОВОЕ_ИМЯ</replaceable>. Больше ничего не мен�ет��. В "
+"ча�тно�ти, веро�тно, должно быть изменено им� домашнего каталога и почтового "
+"�щика, чтобы отразить изменение имени пользовател�."
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+"Заблокировать пароль пользовател�. Это делает�� помещением �имвола «!» в "
+"начало шифрованного парол�, чтобы приводит к блокировке парол�. �е "
+"и�пользуйте �тот параметр вме�те � <option>-p</option> или <option>-U</"
+"option>."
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+"Замечание: е�ли вы хотите заблокировать учётную запи�ь (не только до�туп по "
+"паролю), также у�тановите значение <replaceable>EXPIRE_DATE</replaceable> в "
+"<replaceable>1</replaceable>."
+
+#: usermod.8.xml:253(term)
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr "<option>-m</option>, <option>--move-home</option>"
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr "Переме�тить �одержимое домашнего каталога в новое ме�то."
+
+#: usermod.8.xml:261(para)
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr ""
+"Этот параметр можно и�пользовать только � параметром <option>-d</option> "
+"(или <option>--home</option>)."
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+"Команда <command>usermod</command> пытает�� изменить владельцев файлов и "
+"копирует права, ACL и ра�ширенные атрибуты, но по�ле неё в�ё равно могут "
+"потребовать�� некоторые ручные дей�тви�."
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr "<option>-o</option>, <option>--non-unique</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr ""
+"При и�пользовании � параметром <option>-u</option>, �тот параметр позвол�ет "
+"указывать не уникальный чи�ловой идентификатор пользовател�."
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>П�РОЛЬ</"
+"replaceable>"
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+"Шифрованное значение парол�, которое возвращает функци� "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+"<emphasis role=\"bold\">Замечание:</emphasis> Этот параметр и�пользовать не "
+"рекомендует��, так как пароль (или не шифрованный пароль) будет видим "
+"другими пользовател�м в �пи�ке проце��ов."
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+"Пароль будет запи�ан в локальный файл <filename>/etc/passwd</filename> или "
+"<filename>/etc/shadow</filename>. Это может вызвать ра�хождени� � базой "
+"данных паролей, на�троенной в PAM."
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr ""
+"Вы должны проверить, что пароль �оответ�твует политике �и�темных паролей."
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>ОБОЛОЧК�</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+"Им� новой реги�трационной оболочки пользовател�. Е�ли задать пу�тое "
+"значение, то будет и�пользована реги�трационна� оболочка по умолчанию."
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr "�овый чи�ловой идентификатор пользовател� (UID)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+"Оно должно быть уникальным, е�ли не и�пользует�� параметр <option>-o</"
+"option>. Значение должно быть неотрицательным."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr ""
+"Дл� почтового �щика и в�ех файлов, которыми владеет пользователь и которые "
+"ра�положены в его домашнем каталоге, идентификатор владельца файла будет "
+"изменён автоматиче�ки."
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr ""
+"Дл� файлов, ра�положенных вне домашнего каталога, идентификатор нужно "
+"измен�ть вручную."
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"�икаких проверок по <option>UID_MIN</option>, <option>UID_MAX</option>, "
+"<option>SYS_UID_MIN</option> или <option>SYS_UID_MAX</option> из <filename>/"
+"etc/login.defs</filename> не производит��."
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr "<option>-U</option>, <option>--unlock</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+"Разблокировать пароль пользовател�. Это выполн�ет�� удалением �имвола «!» из "
+"начала шифрованного парол�. �е и�пользуйте �тот параметр вме�те � <option>-"
+"p</option> или <option>-L</option>."
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+"Замечание: е�ли вы хотите разблокировать учётную запи�ь (не только до�туп по "
+"паролю), также у�тановите значение <replaceable>EXPIRE_DATE</replaceable> "
+"(например, в to <replaceable>99999</replaceable> или равным значению "
+"<option>EXPIRE</option> из файла <filename>/etc/default/useradd</filename>)."
+
+#: usermod.8.xml:384(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>УЧ�Т��Я "
+"З�ПИСЬ</replaceable>|<replaceable>ДИ�П�ЗО�</replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>UID_MIN</option>, "
+#| "<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+#| "<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"�икаких проверок по <option>UID_MIN</option>, <option>UID_MAX</option>, "
+"<option>SYS_UID_MIN</option> или <option>SYS_UID_MAX</option> из <filename>/"
+"etc/login.defs</filename> не производит��."
+
+#: usermod.8.xml:402(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>УЧ�Т��Я "
+"З�ПИСЬ</replaceable>|<replaceable>ДИ�П�ЗО�</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subuids</option> and <option>--add-"
+"subuids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+
+#: usermod.8.xml:422(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>УЧ�Т��Я "
+"З�ПИСЬ</replaceable>|<replaceable>ДИ�П�ЗО�</replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>GID_MIN</option>, "
+#| "<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+#| "<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"�икаких проверок по <option>GID_MIN</option>, <option>GID_MAX</option>, "
+"<option>SYS_GID_MIN</option> или <option>SYS_GID_MAX</option> из <filename>/"
+"etc/login.defs</filename> не производит��."
+
+#: usermod.8.xml:440(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>УЧ�Т��Я "
+"З�ПИСЬ</replaceable>|<replaceable>ДИ�П�ЗО�</replaceable>"
+
+#: usermod.8.xml:444(para)
+#, fuzzy
+#| msgid "Remove any SELinux user mapping for the user's login."
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr ""
+"Удал�ет в�е пользователь�кие �опо�тавлени� SELinux дл� учётной запи�и "
+"пользовател�."
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subgids</option> and <option>--add-"
+"subgids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr "�овый пользователь SELinux дл� пользователь�кого входа."
+
+#: usermod.8.xml:467(para)
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+"При пу�том значении <replaceable>SEUSER</replaceable> пользователь�кое "
+"�опо�тавление SELinux дл� пользовател� <replaceable>LOGIN</replaceable> "
+"удал�ет�� (е�ли е�ть)."
+
+# type: Content of: <refentry><refsect1><title>
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title)
+#: faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr "ПРЕДОСТЕРЕЖЕ�ИЯ"
+
+#: usermod.8.xml:479(para)
+#, fuzzy
+#| msgid ""
+#| "You must make certain that the named user is not executing any processes "
+#| "when this command is being executed if the user's numerical user ID, the "
+#| "user's name, or the user's home directory is being changed. "
+#| "<command>usermod</command> checks this on Linux, but only check if the "
+#| "user is logged in according to utmp on other architectures."
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux. On other platforms it only "
+"uses utmp to check if the user is logged in."
+msgstr ""
+"Вы должны убедить��, что от указанного пользовател� не запущено никаких "
+"проце��ов, е�ли при выполнении �той команды измен�ет�� чи�ловой "
+"пользователь�кий ID, им� пользовател� или домашний каталог пользовател�. В "
+"Linux команда <command>usermod</command> выполн�ет такую проверку, но на "
+"других архитектурах провер�ет�� только при�ут�твие пользовател� в �и�теме "
+"�огла�но данным utmp."
+
+#: usermod.8.xml:486(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+"Вы должны вручную изменить владельца в�ех файлов <command>crontab</command> "
+"или заданий <command>at</command>."
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr "Вы должны �делать в�е изменени� NIS на �ервере NIS �амо�то�тельно."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr "<option>MAIL_DIR</option> (�трока)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+"Почтовый каталог. Данный параметр нужен дл� управлени� почтовым �щиком при "
+"изменении или удалении учётной запи�и пользовател�. Е�ли параметр не задан, "
+"то и�пользует�� значение указанное при �борке."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr "<option>MAIL_FILE</option> (�трока)"
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr ""
+"Определ�ет ра�положение почтовых файлов пользовател� отно�ительно домашнего "
+"каталога."
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+"Переменные <option>MAIL_DIR</option> и <option>MAIL_FILE</option> "
+"и�пользуют�� командами <command>useradd</command>, <command>usermod</"
+"command> и <command>userdel</command> дл� �оздани�, перемещени� или удалени� "
+"почты пользовател�."
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+"Е�ли значение <option>MAIL_CHECK_ENAB</option> равно <replaceable>yes</"
+"replaceable>, то они также и�пользуют�� дл� определени� переменной окружени� "
+"<envar>MAIL</envar>."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr "<option>MAX_MEMBERS_PER_GROUP</option> (чи�ло)"
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+"Мак�имальное количе�тво членов в запи�и о группе. При до�тижени� мак�имума "
+"заводит�� нова� запи�ь группы (�трока) в <filename>/etc/group</filename> (� "
+"тем же именем, паролем и тем же GID)."
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr ""
+"Значение по умолчанию равно 0, означающее, что ограничени� на количе�тво "
+"членов в группе нет."
+
+#. Note: on HP, split groups have the same ID, but different
+#.                names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+"Данна� возможно�ть (разделение группы) позвол�ет ограничить длину �трок в "
+"файле групп. Это полезно дл� ограничени� длины �трок групп NIS в 1024 "
+"�имвола."
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr "Е�ли вам нужно такое ограничение, укажите значение 25."
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+"Замечание: разделение групп поддерживает�� не в�еми ин�трументами (даже в "
+"наборе ин�трументов Shadow). Вы не должны и�пользовать �ту переменную, е�ли "
+"вам дей�твительно �то ненужно."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (чи�ло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MAX</option> (number)"
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (чи�ло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (чи�ло)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_GID_MIN</option> (resp. "
+#| "<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Значение по умолчанию дл� <option>SYS_GID_MIN</option> (�оотв."
+"<option>SYS_GID_MAX</option>) равно 101 (�оотв. <option>GID_MIN</option>-1)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (чи�ло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MAX</option> (number)"
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (чи�ло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (чи�ло)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_UID_MIN</option> (resp. "
+#| "<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Значение по умолчанию дл� <option>SYS_UID_MIN</option> (�оотв. "
+"<option>SYS_UID_MAX</option>) равно 101 (�оотв. <option>UID_MIN</option>-1)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr "<option>TCB_SYMLINKS</option> (логиче�кий)"
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+"  use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+"  kilos = UID / 1000\n"
+"  use /etc/tcb/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+"  megas = UID / 1000000\n"
+"  kilos = ( UID / megas * 1000000 ) / 1000\n"
+"  use /etc/tcb/:megas/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+"      "
+msgstr ""
+"\n"
+"е�ли ( UID меньше 1000) {\n"
+"  и�пользовать /etc/tcb/user\n"
+"} иначе е�ли ( UID меньше 1000000) {\n"
+"  kilos = UID / 1000\n"
+"  и�пользовать /etc/tcb/:kilos/user\n"
+"  �оздать symlink /etc/tcb/user на каталог выше\n"
+"} иначе {\n"
+"  megas = UID / 1000000\n"
+"  kilos = ( UID / megas * 1000000 ) / 1000\n"
+"  и�пользовать /etc/tcb/:megas/:kilos/user\n"
+"  �оздать symlink /etc/tcb/user на каталог выше\n"
+"}\n"
+"      "
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+"Е�ли значение равно <replaceable>yes</replaceable>, то ра�положение "
+"�оздаваемого пользователь�кого каталога tcb directory не будет автоматиче�ки "
+"у�тановлено в /etc/tcb/user, а будет вычи�лено в зави�имо�ти от UID "
+"пользовател�, �огла�но �ледующему алгоритму: <placeholder-1/>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr "/etc/login.defs"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr "�одержит конфигурацию под�и�темы теневых паролей"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+#: usermod.8.xml:562(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><command>
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr "userdel"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr "удал�ет учётную запи�ь и файлы пользовател�"
+
+#: userdel.8.xml:85(para)
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+"Команда <command>userdel</command> измен�ет �и�темные файлы учётных запи�ей, "
+"удал�� в�е запи�и, отно��щие�� к указанному <emphasis remap=\"I"
+"\">имени_пользовател�</emphasis>. Заданна� учётна� запи�ь должна "
+"�уще�твовать."
+
+# type: Content of: <refentry><refsect1><para>
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr "Параметры команды <command>userdel</command>:"
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr "<option>-f</option>, <option>--force</option>"
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+"С �тим параметром учётна� запи�ь будет удалена, даже е�ли пользователь в "
+"�тот момент работает в �и�теме. Он также за�тавл�ет <command>userdel</"
+"command> удалить домашний каталог пользовател� и почтовый �щик, даже е�ли "
+"другой пользователь и�пользует тот же домашний каталог или е�ли почтовый "
+"�щик не принадлежит данному пользователю. Е�ли значение "
+"<option>USERGROUPS_ENAB</option> равно <emphasis remap=\"I\">yes</emphasis> "
+"в файле <filename>/etc/login.defs</filename> и е�ли �уще�твует группа � "
+"именем удал�емого пользовател�, то �то группа будет удалена, даже е�ли она "
+"в�ё ещё �вл�ет�� первичной группой другого пользовател�."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr ""
+"<emphasis>Замечание:</emphasis> Этот параметр опа�но и�пользовать; он может "
+"приве�ти �и�тему в нерабочее �о�то�ние."
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+"Файлы в домашнем каталоге пользовател� будут удалены вме�те � �амим домашним "
+"каталогом и почтовым �щиком. Пользователь�кие файлы, ра�положенные в других "
+"файловых �и�темах, нужно и�кать и удал�ть вручную."
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+"Им� файла почтового �щика задаёт�� переменной <option>MAIL_DIR</option> в "
+"файле <filename>login.defs</filename>."
+
+#: userdel.8.xml:158(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr "<option>-Z</option>, <option>--selinux-user</option>"
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr ""
+"Удал�ет в�е пользователь�кие �опо�тавлени� SELinux дл� учётной запи�и "
+"пользовател�."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr "<option>USERDEL_CMD</option> (�трока)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+"Определ�ет программу, котора� будет запущена при удалении пользовател�. Она "
+"должна удал�ть любые задани� at/cron/печати удал�емого пользовател� "
+"(передаёт�� в каче�тве первого аргумента)."
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr "Возвращаемый �ценарием код завершени� не учитывает��."
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+"      "
+msgstr ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# проверить в�е необходимые параметры\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"И�пользование: $0 им�_пользовател�\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# удалить задани� cron\n"
+"crontab -r -u $1\n"
+"\n"
+"# удалить задани� at\n"
+"# Заметим, что �то удалит в�е задани� � указанным UID,\n"
+"# даже е�ли он и�пользует�� дл� другой учётной запи�и.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# удалить задани� печати\n"
+"lprm $1\n"
+"\n"
+"# в�ё\n"
+"exit 0\n"
+"      "
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+"Вот про�той �ценарий, который удал�ет задани� печати, cron и at: "
+"<placeholder-1/>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr "<option>USERGROUPS_ENAB</option> (логиче�кий)"
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+"Включает у�тановку группы битов umask равной битам владельца (пример: 022 -"
+"&gt; 002, 077 -&gt; 007) дл� не �уперпользователей, е�ли uid равен gid и им� "
+"пользовател� �овпадает � именем первичной группы."
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+"Е�ли значение равно <replaceable>yes</replaceable>, то <command>userdel</"
+"command> удал�ет пользователь�кую группу, е�ли в ней нет больше членов, а "
+"<command>useradd</command> по умолчанию �оздаёт группу � именем пользовател�."
+
+# type: Content of: <refentry><refsect1><title>
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr "ВОЗВР�Щ�ЕМЫЕ З��ЧЕ�ИЯ"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr "0"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr "у�пешное выполнение"
+
+# type: Content of: <refentry><refmeta><manvolnum>
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum)
+#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr "1"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr "не удало�ь изменить файл паролей"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr "2"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr "ошибка в параметрах команды"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr "6"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr "указанный пользователь не �уще�твует"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr "пользователь �ейча� работает в �и�теме"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr "10"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr "не удало�ь изменить файл групп"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr "12"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr "не удало�ь удалить домашний каталог"
+
+# type: Content of: <refentry><refsect1><para>
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Команда <command>userdel</command> заверша� работу, возвращает �ледующие "
+"значени�: <placeholder-1/>"
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+"Команда <command>userdel</command> не позволит удалить учётную запи�ь, е�ли "
+"е�ть запущенные проце��ы, принадлежащие данной учётной запи�и. В �том �лучае "
+"вы можете удалить �ти проце��ы или заблокировать пароль пользовател� или "
+"учётную запи�ь, а затем удалить учётную запи�ь. Е�ли указан параметр "
+"<option>-f</option>, то учётна� запи�ь будет удалена не�мотр� ни на что."
+
+# type: Content of: <refentry><refsect1><para>
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr ""
+"Вы должны вручную проверить в�е файловые �и�темы, чтобы убедить��, что не "
+"о�тало�ь файлов, принадлежащих �тому пользователю."
+
+# type: Content of: <refentry><refsect1><para>
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr ""
+"�ельз� удалить NIS атрибуты клиента NIS. Это необходимо �делать на NIS "
+"�ервере."
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+"Е�ли значение переменной <option>USERGROUPS_ENAB</option> равно <emphasis "
+"remap=\"I\">yes</emphasis> в файле <filename>/etc/login.defs</filename>, то "
+"<command>userdel</command> удалит группу � именем как у пользовател�. Чтобы "
+"избежать ра��огла�ованно�ти в базах данных групп и паролей, "
+"<command>userdel</command> проверит, что данна� группа не и�пользует�� в "
+"каче�тве первичной дл� другого пользовател�, и выда�т предупреждение без "
+"удалени�, е�ли такое �лучит��. Параметр <option>-f</option> поможет удалить "
+"группу в любом �лучае."
+
+#: userdel.8.xml:309(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr "useradd"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+"реги�трирует нового пользовател� или измен�ет информацию по умолчанию о "
+"новых пользовател�х"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr "-D"
+
+# type: Content of: <refentry><refsect1><para>
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+"При запу�ке без параметра <option>-D</option> команда <command>useradd</"
+"command> �оздаёт новую учётную запи�ь пользовател�, и�пользу� значени� из "
+"командной �троки и �и�темные значени� по умолчанию. В зави�имо�ти от "
+"параметров командной �троки, команда <command>useradd</command> обновл�ет "
+"�и�темные файлы, а также может �оздать домашний каталог нового пользовател� "
+"и �копировать начальные файлы на�троек."
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+"По умолчанию, дл� нового пользовател� также �оздаёт�� группа (�мотрите "
+"параметры <option>-g</option>, <option>-N</option>, <option>-U</option> и "
+"<option>USERGROUPS_ENAB</option>)."
+
+# type: Content of: <refentry><refsect1><para>
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr "Параметры команды <command>useradd</command>:"
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--base-dir</option> "
+"<replaceable>Б�ЗОВЫЙ_К�Т�ЛОГ</replaceable>"
+
+#: useradd.8.xml:133(para)
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+"Базовый �и�темный каталог по умолчанию, е�ли другой каталог не указан � "
+"помощью параметра <option>-d</option>. Значение "
+"<replaceable>Б�ЗОВЫЙ_К�Т�ЛОГ</replaceable> объедин�ет�� � именем учётной "
+"запи�и дл� определени� домашнего каталога. Е�ли не указан параметр <option>-"
+"m</option>, то <replaceable>Б�ЗОВЫЙ_К�Т�ЛОГ</replaceable> должен "
+"�уще�твовать."
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+"Е�ли �тот параметр не задан, то команда <command>useradd</command> будет "
+"и�пользовать базовый каталог, указанный в переменной <option>HOME</option> в "
+"файле <filename>/etc/default/useradd</filename> иначе <filename>/home</"
+"filename> (по умолчанию)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr ""
+"Люба� тек�това� �трока. Обычно, зде�ь коротко опи�ывает�� учётна� запи�ь, и "
+"в на�то�щее врем� и�пользует�� как поле дл� имени и фамилии пользовател�."
+
+#: useradd.8.xml:162(term)
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option> "
+"<replaceable>ДОМ�Ш�ИЙ_К�Т�ЛОГ</replaceable>"
+
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+"Дл� �оздаваемого пользовател� будет и�пользован каталог "
+"<replaceable>ДОМ�Ш�ИЙ_К�Т�ЛОГ</replaceable> в каче�тве начального каталога. "
+"По умолчанию, �то значение получает�� объединением <replaceable>ИМЕ�И</"
+"replaceable> пользовател� � <replaceable>Б�ЗОВЫМ_К�Т�ЛОГОМ</replaceable> и "
+"и�пользует�� как им� домашнего каталога. Каталог "
+"<replaceable>ДОМ�Ш�ИЙ_К�Т�ЛОГ</replaceable> необ�зательно должен "
+"�уще�твовать, но не будет �оздан, е�ли его нет."
+
+#: useradd.8.xml:178(term)
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr "<option>-D</option>, <option>--defaults</option>"
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr "Смотрите далее в подразделе «Изменение значений по умолчанию»."
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+"Е�ли �тот параметр не задан, то команда <command>useradd</command> будет "
+"и�пользовать дату у�таревани� по умолчанию, указанную в переменной "
+"<option>EXPIRE</option> в файле <filename>/etc/default/useradd</filename>, "
+"иначе пу�тую �троку (без у�таревани�, по умолчанию)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:209(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+"Е�ли указано значение 0, то учётна� запи�ь блокирует�� �разу по�ле "
+"у�таревани� парол�, а при значении -1 данна� возможно�ть не и�пользует��."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+"Е�ли �тот параметр не задан, то команда <command>useradd</command> будет "
+"и�пользовать �рок неактивно�ти по умолчанию, указанный в переменной "
+"<option>INACTIVE</option> в файле <filename>/etc/default/useradd</filename> "
+"или -1 (по умолчанию)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:228(para)
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+"Им� или чи�ловой идентификатор первичной группы пользовател�. Группа � таким "
+"именем должна �уще�твовать. Идентификатор группы должен указывать на уже "
+"�уще�твующую группу."
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+"Е�ли не указан, то поведение <command>useradd</command> зави�ит от "
+"переменной <option>USERGROUPS_ENAB</option> в файле <filename>/etc/login."
+"defs</filename>. Е�ли значение �той переменной равно <replaceable>yes</"
+"replaceable> (или в командной �троке указан параметр <option>-U/--user-"
+"group</option>), то дл� пользовател� будет �оздана группа � тем же именем "
+"как его им� дл� входа. Е�ли значение переменной равно <replaceable>no</"
+"replaceable> (или в  командной �троке указан параметр <option>-N/--no-user-"
+"group</option>), то useradd у�тановит первичную группу нового пользовател� "
+"равной значению переменной <option>GROUP</option> из файла <filename>/etc/"
+"default/useradd</filename>, или 100 (по умолчанию)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+"Спи�ок дополнительных групп, в которых чи�лит�� пользователь. Перечи�ление "
+"групп о�уще�твл�ет�� через зап�тую, без промежуточных пробелов. �а указанные "
+"группы дей�твуют те же ограничени�, что и дл� группы указанной в параметре "
+"<option>-g</option>. По умолчанию пользователь входит только в начальную "
+"группу."
+
+#: useradd.8.xml:272(term)
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-k</option>, <option>--skel</option>&nbsp;"
+"<replaceable>К�Т�ЛОГ_Ш�БЛО�ОВ</replaceable>"
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+"Каталог � шаблонами, который �одержит файлы и каталоги дл� копировани� в "
+"домашний каталог пользовател� при �оздании домашнего каталога командой "
+"<command>useradd</command>."
+
+#: useradd.8.xml:281(para)
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr ""
+"Этот параметр можно и�пользовать только � параметром <option>-m</option> "
+"(или <option>--create-home</option>)."
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+"Е�ли �тот параметр не задан, то каталог шаблонов определ�ет�� переменной "
+"<option>SKEL</option> из файла <filename>/etc/default/useradd</filename>, "
+"или равен <filename>/etc/skel</filename> (по умолчанию)."
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr "Е�ли возможно, выполн�ет�� копирование ACL и ра�ширенных атрибутов."
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>КЛЮЧ</"
+"replaceable>=<replaceable>З��ЧЕ�ИЕ</replaceable>"
+
+#: useradd.8.xml:301(para)
+#, fuzzy
+#| msgid ""
+#| "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+#| "option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+#| "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+#| "<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+#| "replaceable>=<replaceable>-1</replaceable> can be used when creating "
+#| "system account to turn off password ageing, even though system account "
+#| "has no password at all. Multiple <option>-K</option> options can be "
+#| "specified, e.g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+#| "<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password aging, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Замен�ет значени� по умолчанию из файла <filename>/etc/login.defs</filename> "
+"(<option>UID_MIN</option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> и других). <placeholder-1/> Пример: <option>-"
+"K</option>&nbsp;<replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</"
+"replaceable> можно и�пользовать при �оздании �и�темной учётной запи�и, чтобы "
+"выключить у�таревание парол�, даже е�ли �и�темна� учётна� запи�ь вообще не "
+"имеет парол�. Можно указывать параметр <option>-K</option> не�колько раз, "
+"например: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: useradd.8.xml:322(term)
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr "<option>-l</option>, <option>--no-log-init</option>"
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr "�е добавл�ть пользовател� в базы данных lastlog и faillog."
+
+#: useradd.8.xml:327(para)
+#, fuzzy
+#| msgid ""
+#| "By default, the user's entries in the lastlog and faillog databases are "
+#| "resetted to avoid reusing the entry from a previously deleted user."
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+"По умолчанию, запи�и пользовател� в базах данных lastlog и faillog "
+"�бра�ывают�� во избежание повторного и�пользовани� запи�и, о�тавшей�� от "
+"ранее удалённого пользовател�."
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+"Создать домашний каталог пользовател�, е�ли он не �уще�твует. Файлы и "
+"каталоги, �одержащие�� в каталоге шаблонов (который можно указать � помощью "
+"параметра the <option>-k</option> option), будут �копированы в домашний "
+"каталог."
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+"По умолчанию, е�ли �тот параметр не указан и не задана переменна� "
+"<option>CREATE_HOME</option>, домашний каталог не �оздаёт��."
+
+#: useradd.8.xml:353(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+"�е �оздавать домашний каталог пользовател�, даже е�ли значение �и�темной "
+"переменной в файле <filename>/etc/login.defs</filename> "
+"(<option>CREATE_HOME</option>) равно <replaceable>yes</replaceable>."
+
+#: useradd.8.xml:366(term)
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr "<option>-N</option>, <option>--no-user-group</option>"
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+"�е �оздавать группу � тем же именем как у пользовател�, но добавить "
+"пользовател� в группу, заданную параметром <option>-g</option> или "
+"переменной <option>GROUP</option> из файла <filename>/etc/default/useradd</"
+"filename>."
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"Поведение по умолчанию (е�ли не указан параметр <option>-g</option>, "
+"<option>-N</option> и <option>-U</option>) определ�ет�� переменной "
+"<option>USERGROUPS_ENAB</option> из файла <filename>/etc/login.defs</"
+"filename>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr "Разрешить �оздание учётной запи�и � уже имеющим�� (не уникальным) UID."
+
+#: useradd.8.xml:390(para)
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr ""
+"Этот параметр можно и�пользовать только � параметром <option>-u</option>."
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+"Шифрованное значение парол�, которое возвращает функци� "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>. По умолчанию пароль отключён."
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr "<option>-r</option>, <option>--system</option>"
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr "Создать �и�темную учётную запи�ь."
+
+#: useradd.8.xml:425(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Си�темные пользователи �оздают�� без информации об у�таревании в <filename>/"
+"etc/shadow</filename>, и их чи�ловые идентификаторы выбирают�� из диапазона "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>, определённого в "
+"<filename>/etc/login.defs</filename>, а не из <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (�то же ка�ает�� и ча�ти � <option>GID</option> при "
+"�оздании групп)."
+
+#: useradd.8.xml:434(para)
+#, fuzzy
+#| msgid ""
+#| "Note that <command>useradd</command> will not create a home directory for "
+#| "such an user, regardless of the default setting in <filename>/etc/login."
+#| "defs</filename> (<option>CREATE_HOME</option>). You have to specify the "
+#| "<option>-m</option> options if you want a home directory for a system "
+#| "account to be created."
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such a user, regardless of the default setting in <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-"
+"m</option> options if you want a home directory for a system account to be "
+"created."
+msgstr ""
+"Заметим, что <command>useradd</command> не �оздаёт домашний каталог дл� "
+"данного пользовател� незави�имо от значени� по умолчанию в <filename>/etc/"
+"login.defs</filename> (<option>CREATE_HOME</option>). Е�ли вы хотите �оздать "
+"домашний каталог  дл� �и�темной учётной запи�и укажите параметр <option>-m</"
+"option>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+"Им� реги�трационной оболочки пользовател�. По умолчанию �то поле пу�то, что "
+"вызывает выбор реги�трационной оболочки по умолчанию �огла�но значению "
+"переменной <option>SHELL</option> из файла <filename>/etc/default/useradd</"
+"filename>, или по умолчанию и�пользует�� пу�та� �трока."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+"Чи�ловое значение идентификатора пользовател� (ID). Оно должно быть "
+"уникальным, е�ли не и�пользует�� параметр <option>-o</option>. Значение "
+"должно быть неотрицательным. По умолчанию и�пользует�� наименьшее значение "
+"ID большее или равное <option>UID_MIN</option> и большее чем у о�тальных "
+"пользователей."
+
+#: useradd.8.xml:482(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr ""
+"Смотрите также опи�ание <option>-r</option> и <option>UID_MAX</option>."
+
+#: useradd.8.xml:489(term)
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr "<option>-U</option>, <option>--user-group</option>"
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr ""
+"Создать группу � тем же именем что и у пользовател�, и добавить пользовател� "
+"в �ту группу."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:510(para)
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+"Пользователь SELinux дл� реги�трационной оболочки пользовател�. По умолчанию "
+"�то поле пу�то, что за�тавл�ет �и�тему выбрать пользовател� SELinux по "
+"умолчанию."
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr "Изменение значений по умолчанию"
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+"При запу�ке программы только � параметром <option>-D</option> команда "
+"<command>useradd</command> показывает текущие значени� по умолчанию. Е�ли "
+"программа запу�кает�� � параметром <option>-D</option> вме�те � другими "
+"параметрами, то <command>useradd</command> обновл�ет значени� по умолчанию "
+"�тих указанных параметров. Измен�емые параметры:"
+
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+"�ачальна� ча�ть пути нового домашнего каталога пользовател�. Им� "
+"пользовател� будет добавлено в конец <replaceable>ДОМ�Ш�ЕГО_К�Т�ЛОГ�</"
+"replaceable> дл� �оздани� имени нового каталога, е�ли при �оздании новой "
+"учётной запи�и не указан параметр <option>-d</option>."
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Этот параметр измен�ет переменную <option>HOME</option> в файле <filename>/"
+"etc/default/useradd</filename>."
+
+# type: Content of: <refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr "Дата, когда учётна� запи�ь пользовател� заблокирована."
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Этот параметр измен�ет переменную <option>EXPIRE</option> в файле <filename>/"
+"etc/default/useradd</filename>."
+
+# type: Content of: <refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr ""
+"Чи�ло дней, которые должны пройти по�ле у�таревани� парол�, перед тем как "
+"учётна� запи�ь будет заблокирована."
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Этот параметр измен�ет переменную <option>INACTIVE</option> в файле "
+"<filename>/etc/default/useradd</filename>."
+
+#: useradd.8.xml:579(para)
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+"Им� группы или ID новой первичной группы пользовател� (е�ли и�пользует�� "
+"<option>-N/--no-user-group</option> или когда значение переменной "
+"<option>USERGROUPS_ENAB</option> равно <replaceable>no</replaceable> (файл "
+"<filename>/etc/login.defs</filename>). Группа � указанным именем должна "
+"�уще�твовать, а дл� чи�лового идентификатора группы должна быть "
+"�оответ�твующа� запи�ь."
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Этот параметр измен�ет переменную <option>GROUP</option> в файле <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr "Им� новой реги�трационной командной оболочки пользовател�."
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Этот параметр измен�ет переменную <option>SHELL</option> в файле <filename>/"
+"etc/default/useradd</filename>."
+
+# type: Content of: <refentry><refsect1><title>
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr "З�МЕЧ��ИЯ"
+
+# type: Content of: <refentry><refsect1><para>
+#: useradd.8.xml:615(para)
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+"Си�темный админи�тратор �ам решает, какие файлы нужно положить в каталог "
+"<filename>/etc/skel/</filename> (или в любой другой каталог шаблонов, "
+"указанный в <filename>/etc/default/useradd</filename> или в командной "
+"�троке)."
+
+# type: Content of: <refentry><refsect1><para>
+#: useradd.8.xml:624(para)
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"�ельз� добавить пользовател� в группу NIS или LDAP. Это необходимо делать на "
+"�оответ�твующем �ервере."
+
+# type: Content of: <refentry><refsect1><para>
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+"Также, е�ли им� пользовател� уже �уще�твует во внешней базе данных такой как "
+"NIS или LDAP, то <command>useradd</command> не �танет �оздавать учётную "
+"запи�ь пользовател�."
+
+# type: Content of: <refentry><refsect1><para>
+#: useradd.8.xml:635(para)
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Имена пользователей должны начинать�� �о �трочной буквы или �имвола "
+"подчёркивани�, и должны �о�то�ть только из �трочных букв, цифр, �имволов "
+"подчёркивани� и мину�. Они могут заканчивать�� знаком доллара. Это можно "
+"опи�ать регул�рным выражением: [a-z_][a-z0-9_-]*[$]?"
+
+# type: Content of: <refentry><refsect1><para>
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr "Имена пользователей могут быть длиной не более 32 знаков."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "<option>CREATE_HOME</option> (логиче�кий)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr ""
+"Определ�ет, должен ли �оздавать�� по умолчанию домашний каталог дл� новых "
+"пользователей."
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr ""
+"Эта переменна� не вли�ет на �и�темных пользователей и может быть "
+"переопределена из командной �троки."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+msgid "<option>GID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (чи�ло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+msgid "<option>GID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (чи�ло)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"Диапазон идентификаторов групп, и�пользуемый в программах <command>useradd</"
+"command>, <command>groupadd</command> или <command>newusers</command> дл� "
+"�оздани� обычных групп."
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"Значение по умолчанию дл� <option>GID_MIN</option> (�оотв. <option>GID_MAX</"
+"option>) равно 1000 (�оотв. 60000)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr "<option>PASS_MAX_DAYS</option> (чи�ло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+"Мак�имальное чи�ло дней и�пользовани� парол�. Е�ли пароль �тарее �того "
+"чи�ла, то будет запущена процедура �мены парол�. Е�ли значение не задано, то "
+"предполагает�� значение -1 (то е�ть возможно�ть ограничени� не и�пользует��)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr "<option>PASS_MIN_DAYS</option> (чи�ло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+"Мак�имальное чи�ло дней между изменени�ми парол�. Люба� �мена парол� ранее "
+"заданного �рока выполнена не будет. Е�ли значение не задано, то "
+"предполагает�� значение -1 (то е�ть возможно�ть ограничени� не и�пользует��)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr "<option>PASS_WARN_AGE</option> (чи�ло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+"Чи�ло дней за которое начнёт выдавать�� предупреждение об у�таревании "
+"парол�. �улевое значение означает, что предупреждение выдаёт�� в день "
+"у�таревани�, при отрицательном значении предупреждение выдавать�� не будет. "
+"Е�ли значение не задано, выдача предупреждени� отключает��."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (чи�ло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (чи�ло)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"Диапазон идентификаторов групп, и�пользуемый в программах <command>useradd</"
+"command>, <command>groupadd</command> или <command>newusers</command> дл� "
+"�оздани� �и�темных групп."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+"Значение по умолчанию дл� <option>SYS_GID_MIN</option> (�оотв."
+"<option>SYS_GID_MAX</option>) равно 101 (�оотв. <option>GID_MIN</option>-1)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (чи�ло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (чи�ло)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+"Диапазон идентификаторов пользователей, и�пользуемый в программах "
+"<command>useradd</command> или <command>newusers</command> дл� �оздани� "
+"�и�темных пользователей."
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+"Значение по умолчанию дл� <option>SYS_UID_MIN</option> (�оотв. "
+"<option>SYS_UID_MAX</option>) равно 101 (�оотв. <option>UID_MIN</option>-1)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr "<option>TCB_AUTH_GROUP</option> (логиче�кий)"
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+"Е�ли равно <replaceable>yes</replaceable>, то новые �оздаваемые теневые "
+"файлы tcb будут принадлежать группе <replaceable>auth</replaceable>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>UID_MAX</option> (number)"
+msgstr "<option>UID_MAX</option> (чи�ло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>UID_MIN</option> (number)"
+msgstr "<option>UID_MIN</option> (чи�ло)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+"Диапазон идентификаторов пользователей, и�пользуемый в программах "
+"<command>useradd</command> или <command>newusers</command> дл� �оздани� "
+"обычных пользователей."
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"Значение по умолчанию дл� <option>UID_MIN</option> (�оотв. <option>UID_MAX</"
+"option>) равно 1000 (�оотв. 60000)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+msgid "<option>UMASK</option> (number)"
+msgstr "<option>UMASK</option> (чи�ло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr ""
+"Задаёт начальное значение ма�ки до�тупа дл� �оздаваемых файлов. Е�ли не "
+"указано, то ма�ка у�танавливает�� в 022."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+"Команды <command>useradd</command> и <command>newusers</command> и�пользуют "
+"�ту ма�ку дл� у�тановки прав до�тупа к домашнему каталогу, который они "
+"�оздают."
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Также она и�пользует�� программой <command>login</command> дл� задани� "
+"начального значени� umask пользовател�. Заметим, что �та ма�ка может быть "
+"переопределена из пользователь�кой �троки GECOS (е�ли у�тановлена переменна� "
+"<option>QUOTAS_ENAB</option>) или указанием ограничени� � идентификатором "
+"<emphasis>K</emphasis>, в <citerefentry><refentrytitle>limits</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+"Она также и�пользует�� командой <command>pam_umask</command> как значение "
+"umask по умолчанию."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr "значени� по умолчанию дл� �оздаваемой учётной запи�и"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr "каталог, �одержащий файлы по умолчанию"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "недопу�тимое значение параметра"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "такой UID уже �уще�твует (и не задан параметр <option>-o</option>)"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr "указанна� группа не �уще�твует"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr "им� пользовател� уже �уще�твует"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr "не удало�ь �оздать домашний каталог"
+
+# type: Content of: <refentry><refmeta><manvolnum>
+#: useradd.8.xml:794(replaceable)
+#, fuzzy
+#| msgid "1"
+msgid "14"
+msgstr "1"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr ""
+
+# type: Content of: <refentry><refsect1><para>
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Команда <command>useradd</command> заверша� работу, возвращает �ледующие "
+"значени�: <placeholder-1/>"
+
+#: useradd.8.xml:805(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr ""
+
+# type: Content of: <refentry><refnamediv><refname>
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr "suauth"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><manvolnum>
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+# type: Content of: <refentry><refmeta><refmiscinfo>
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr "Форматы файлов"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr "файл управлени� командой su"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+# type: Content of: <refentry><refsect1><para>
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+"Файл <filename>/etc/suauth</filename> провер�ет�� каждый раз при запу�ке "
+"команды su. Он вли�ет на поведение команды su, в зави�имо�ти от:"
+
+# type: Content of: <refentry><refsect1><literallayout>
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, fuzzy, no-wrap
+#| msgid ""
+#| "\n"
+#| "      1) the user su is targetting\n"
+#| "    "
+msgid ""
+"\n"
+"      1) the user su is targeting\n"
+"    "
+msgstr ""
+"\n"
+"      1) пользовател�, права которого нужно получить � помощью su\n"
+"    "
+
+# type: Content of: <refentry><refsect1><para>
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+"2) пользовател�, запу�тившего команду su (или группы, членом которой он "
+"может быть)"
+
+# type: Content of: <refentry><refsect1><para>
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr ""
+"Формат файла показан ниже, �троки начинающие�� � # �читают�� комментарием и "
+"игнорируют��;"
+
+# type: Content of: <refentry><refsect1><literallayout>
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      to-id:from-id:ACTION\n"
+"    "
+msgstr ""
+"\n"
+"      желаемый-id:желающий-id:ДЕЙСТВИЕ\n"
+"    "
+
+#: suauth.5.xml:101(para)
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+"Где желаемый-id может быть �ловом <emphasis>ALL</emphasis>, �пи�ком имён "
+"пользователей, перечи�ленных через зап�тую («,») или фразы <emphasis>ALL "
+"EXCEPT</emphasis>, по�ле которой идёт �пи�ок имён пользователей "
+"перечи�ленных через «,»."
+
+#: suauth.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "from-id is formatted the same as to-id except the extra word "
+#| "<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</"
+#| "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+#| "appears one or more group names, delimited by \",\". It is not sufficient "
+#| "to have primary group id of the relevant group, an entry in "
+#| "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry> is neccessary."
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is necessary."
+msgstr ""
+"желающий-id может �одержать то же, что и желательный-id, плю� новое "
+"�лово<emphasis>GROUP</emphasis>. <emphasis>ALL EXCEPT GROUP</emphasis> тоже "
+"допу�тимо. По�ле <emphasis>GROUP</emphasis> указывает�� одна или более "
+"названий групп, разделённых «,». �едо�таточно иметь id первичной группы "
+"�оответ�твующей группы, необходимо иметь запи�ь в файле "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para>
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr "В поле ДЕЙСТВИЕ может быть только одно из �ледующих значений:"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><emphasis>
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr "DENY"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr "Команда su о�танавливает выполнение, даже не �прашива� пароль."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><emphasis>
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr "NOPASS"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr "Команда su выполн�ет�� без запро�а парол�."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><emphasis>
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr "OWNPASS"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr ""
+"Чтобы у�пешно выполнить команду su, пользователь должен вве�ти �вой "
+"�об�твенный пароль."
+
+# type: Content of: <refentry><refsect1><para>
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+"Заметим, что тут и�пользуют�� три пол�, разделённых двоеточи�ми. �икаких "
+"пробелов не допу�кает�� около двоеточий. Также заметим, что файл "
+"про�матривает�� �трока за �трокой, и первое подход�щее правило будет "
+"и�пользовано без проверки о�тавших�� правил. Это позвол�ет �и�темному "
+"админи�тратору о�уще�твл�ть любой контроль, какой он пожелает."
+
+# type: Content of: <refentry><refsect1><title>
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr "ПРИМЕР"
+
+# type: Content of: <refentry><refsect1><literallayout>
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      # sample /etc/suauth file\n"
+"      #\n"
+"      # A couple of privileged usernames may\n"
+"      # su to root with their own password.\n"
+"      #\n"
+"      root:chris,birddog:OWNPASS\n"
+"      #\n"
+"      # Anyone else may not su to root unless in\n"
+"      # group wheel. This is how BSD does things.\n"
+"      #\n"
+"      root:ALL EXCEPT GROUP wheel:DENY\n"
+"      #\n"
+"      # Perhaps terry and birddog are accounts\n"
+"      # owned by the same person.\n"
+"      # Access can be arranged between them\n"
+"      # with no password.\n"
+"      #\n"
+"      terry:birddog:NOPASS\n"
+"      birddog:terry:NOPASS\n"
+"      #\n"
+"    "
+msgstr ""
+"\n"
+"      # пример файла /etc/suauth\n"
+"      #\n"
+"      # Пара привилегированных имён пользователей\n"
+"      # могут выполнить su, чтобы получить права �уперпользовател� введ� �вой пароль.\n"
+"      #\n"
+"      root:chris,birddog:OWNPASS\n"
+"      #\n"
+"      # В�е о�тальные не могут выполнить su дл� получени� root, е�ли они \n"
+"      # не члены группы wheel. Так на�троено в BSD.\n"
+"      #\n"
+"      root:ALL EXCEPT GROUP wheel:DENY\n"
+"      #\n"
+"      # Возможно учётными запи��ми terry и birddog\n"
+"      # владеет один человек.\n"
+"      # Переход из одной запи�и в другую\n"
+"      # можно �делать без запро�а парол�.\n"
+"      #\n"
+"      terry:birddog:NOPASS\n"
+"      birddog:terry:NOPASS\n"
+"      #\n"
+"    "
+
+# type: Content of: <refentry><refsect1><title>
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr "ОШИБКИ РЕ�ЛИЗ�ЦИИ"
+
+# type: Content of: <refentry><refsect1><para>
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+"Может быть не�колько угроз. �нализатор файла, в ча�тно�ти, не прощает "
+"�интак�иче�ких ошибок, ожида�, что не будет недопу�тимых пробелов (кроме как "
+"в начале и конце �трок) и �пециальных �лов, раздел�ющих различные вещи."
+
+# type: Content of: <refentry><refsect1><title>
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr "ДИ�Г�ОСТИК�"
+
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+"Ошибки при анализе файла вывод�т�� � помощью "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> � уровнем ERR �ред�тва AUTH."
+
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib)
+#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr ""
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr "su"
+
+# type: Content of: <refentry><refmeta><refmiscinfo>
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr "Пользователь�кие команды"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr "измен�ет ID пользовател� или делает его �уперпользователем"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><arg><replaceable>
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr "им�_пользовател�"
+
+#: su.1.xml:100(para)
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+"Программа <command>su</command> и�пользует�� дл� того, чтобы пользователь "
+"мог �тать другим пользователем в текущем �еан�е. Е�ли <command>su</command> "
+"вызывает�� без <option>имени_пользовател�</option>, то �то по умолчанию "
+"делает пользовател� �уперпользователем. �еоб�зательный параметр <option>-</"
+"option> можно и�пользовать дл� во��оздани� окружени�, такого же как е�ли бы "
+"на�то�щий пользователь выполн�л вход в �и�тему."
+
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+"По�ле имени пользовател� можно указать дополнительные аргументы, которые "
+"будут переданы реги�трационной оболочке пользовател�. В ча�тно�ти, аргумент "
+"<option>-c</option> за�тавит большин�тво оболочек �читать �ледующий аргумент "
+"как команду. Команда будет выполнена оболочкой, указанной в файле <filename>/"
+"etc/passwd</filename>, котора� �вл�ет�� реги�трационной дл� указываемого "
+"пользовател�."
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+"Вы можете и�пользовать параметр <option>--</option> чтобы отделить параметры "
+"<command>su</command> от параметров, которые передают�� оболочке."
+
+# type: Content of: <refentry><refsect1><para>
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+"Пользователю предложат вве�ти пароль, е�ли он задан. При неверном пароле "
+"возникает �ообщение об ошибке. В�е попытки, удачные и неудачные, "
+"протоколируют�� �и�темой � целью обнаружени� злоупотреблений."
+
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"Текущее окружение передаёт�� новой оболочке. Значение <envar>$PATH</envar> "
+"�бра�ывает�� в значение <filename>/bin:/usr/bin</filename> дл� обычных "
+"пользователей или в <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> дл� "
+"�уперпользовател�. Эти значени� можно изменить в переменных "
+"<option>ENV_PATH</option> и <option>ENV_SUPATH</option> в файле <filename>/"
+"etc/login.defs</filename>."
+
+# type: Content of: <refentry><refsect1><para>
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+"Суб�и�темный вход в �и�тему можно ра�познать по наличию �имвола «*» в начале "
+"реги�трационной оболочки. Заданный домашний каталог будет и�пользован как "
+"корень новой файловой �и�темы, в которой реги�трирует�� пользователь."
+
+# type: Content of: <refentry><refsect1><para>
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr "Параметры команды <command>su</command>:"
+
+#: su.1.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>КОМ��Д�</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr ""
+"Указать команду, котора� будет запущена оболочкой в виде параметра дл� "
+"<option>-c</option>."
+
+#: su.1.xml:158(para)
+#, fuzzy
+#| msgid ""
+#| "The executed command will have no controlling terminal. This option "
+#| "cannot be used to execute interractive programs which need a controlling "
+#| "TTY."
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+"Запу�каема� программа не будет иметь управл�ющего терминала. Этот параметр "
+"не может быть и�пользован дл� запу�ка интерактивных программ, которым "
+"требует�� управл�ющий TTY."
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr ""
+"Предо�тавл�ет окружение, как е�ли бы пользователь непо�ред�твенно "
+"реги�трировал�� в �и�теме."
+
+#: su.1.xml:176(para)
+#, fuzzy
+#| msgid ""
+#| "When <option>-</option> is used, it must be specified as the last "
+#| "<command>su</command> option. The other forms (<option>-l</option> and "
+#| "<option>--login</option>) do not have this restriction."
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+"Е�ли и�пользует�� <option>-</option>, то он должен быть задан по�ледним "
+"параметром <command>su</command>. Другие формы (<option>-l</option> и "
+"<option>--login</option>) не имеют �того ограничени�."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr "Оболочка, котора� будет запущена."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr "Оболочка указанна� в параметре --shell."
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+"Е�ли и�пользует�� <option>--preserve-environment</option>, то оболочка "
+"задаёт�� переменной окружени� <envar>$SHELL</envar>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr ""
+"Оболочка, указанна� в запи�и файла <filename>/etc/passwd</filename> дл� "
+"заданного пользовател�."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr ""
+"<filename>/bin/sh</filename>, е�ли ни одной оболочке не было найдено � "
+"помощью методов, указанных выше."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+"Запущенна� оболочка выбирает�� из (в пор�дке убывани� приоритета): "
+"<placeholder-1/>"
+
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+"Е�ли заданный пользователь имеет ограниченную оболочку (то е�ть оболочка в "
+"поле пользователь�кой запи�и в файле <filename>/etc/passwd</filename> "
+"от�ут�твует в файле <filename>/etc/shells</filename>), то параметр <option>--"
+"shell</option> или переменна� окружени� <envar>$SHELL</envar> не будут "
+"учтены, е�ли <command>su</command> не была запущена �уперпользователем."
+
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr "$PATH"
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+"�бра�ывает�� в значение <option>ENV_PATH</option> или <option>ENV_SUPATH</"
+"option> (�мотрите далее) из <filename>/etc/login.defs</filename>;"
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr "$IFS"
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+"�бра�ывает�� в значение <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</"
+"quote>, е�ли она у�тановлена."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr "Сохранить текущее окружение за и�ключением: <placeholder-1/>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+"Е�ли заданный пользователь имеет ограниченную оболочку, то �тот параметр не "
+"�работает (е�ли <command>su</command> не запу�кает�� �уперпользователем)."
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+"Переменные окружение <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>"
+"$USER</envar>, <envar>$LOGNAME</envar>, <envar>$PATH</envar> и <envar>$IFS</"
+"envar> �бра�ывают��."
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr ""
+"Е�ли параметр <option>--login</option> не указан, то окружение копирует��, "
+"за и�ключением переменных, перечи�ленных выше."
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+"Е�ли параметр <option>--login</option> указан, то переменные окружени� "
+"<envar>$TERM</envar>, <envar>$COLORTERM</envar>, <envar>$DISPLAY</envar> и "
+"<envar>$XAUTHORITY</envar> копируют�� (е�ли они у�тановлены)."
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+"Е�ли параметр <option>--login</option> указан, то переменные окружени� "
+"<envar>$TZ</envar>, <envar>$HZ</envar> и <envar>$MAIL</envar> "
+"у�танавливают�� �огла�но переменным файла <filename>/etc/login.defs</"
+"filename>: <option>ENV_TZ</option>, <option>ENV_HZ</option>, "
+"<option>MAIL_DIR</option> и <option>MAIL_FILE</option> (�мотрите далее)."
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+"Е�ли параметр <option>--login</option> указан, то дополнительные переменные "
+"окружени� могут быть у�тановлены из файла <option>ENVIRON_FILE</option> "
+"(�мотрите далее)."
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr ""
+"Дополнительные переменные окружени� могут быть у�тановлены из модулей PAM."
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr "Заметим, что поведение окружени� по умолчанию таково: <placeholder-1/>"
+
+# type: Content of: <refentry><refsect1><para>
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Данна� вер�и� программы <command>su</command> может быть �обрана � разными "
+"параметрами и только некоторые из них �могут быть и�пользованы на любой "
+"машине."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE</option> (string)"
+msgstr "<option>CONSOLE</option> (�трока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+"Е�ли определена, то значение равно или полному пути к файлу � именами "
+"у�трой�тв (одно на �троку), или �пи�ку имён у�трой�тв, перечи�ленных через "
+"«:». Вход �уперпользовател� будет разрешён только � �тих у�трой�тв."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr ""
+"Е�ли не определена, то �уперпользователь может входить в �и�тему � любого "
+"у�трой�тва."
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr "У�трой�тва должны указывать�� без начального префик�а /dev/."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr "<option>CONSOLE_GROUPS</option> (�трока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+"Спи�ок групп дл� добавлени� к набору пользователь�ких дополнительных групп "
+"при входе � кон�оли (определ�емой переменной CONSOLE). По умолчанию не "
+"указана. <placeholder-1/> И�пользуйте о�торожно — может дать пользовател�м "
+"по�то�нный до�туп к �тим группам, даже е�ли они не входили � кон�оли."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr "<option>DEFAULT_HOME</option> (логиче�кий)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr ""
+"Определ�ет, можно ли войти в �и�тему, е�ли нельз� выполнить cd в домашний "
+"каталог. По умолчанию «no»."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+"Е�ли равно <replaceable>yes</replaceable>, то пользователь будет попадать в "
+"корневой каталог (<filename>/</filename>), е�ли невозможно выполнить cd в "
+"его домашний каталог."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "<option>ENV_HZ</option> (�трока)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+"Е�ли у�тановлена, то будет и�пользовать�� дл� определени� переменной "
+"окружени� HZ при входе пользовател� в �и�тему. Значение должно начинать�� � "
+"<replaceable>HZ=</replaceable>. Обычное значение дл� Linux — "
+"<replaceable>HZ=100</replaceable>."
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+"Переменна� окружени� <envar>HZ</envar> у�танавливает�� только когда "
+"пользователь (�уперпользователь) входит в �и�тему � помощью "
+"<command>sulogin</command>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr "<option>ENVIRON_FILE</option> (�трока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+"Е�ли �тот файл �уще�твует и до�туп дл� чтени�, то из него читает "
+"реги�трационное окружение. Кажда� �трока должна иметь формат: им�=значение."
+
+# type: Content of: <refentry><refsect1><para>
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr "Строки, начинающие�� � #, �читают�� комментарием и игнорируют��."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_PATH</option> (string)"
+msgstr "<option>ENV_PATH</option> (�трока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+#| msgid ""
+#| "If set, it will be used to define the PATH environment variable when a "
+#| "regular user login. The value can be preceded by <replaceable>PATH=</"
+#| "replaceable>, or a colon separated list of paths (for example "
+#| "<replaceable>/bin:/usr/bin</replaceable>). The default value is "
+#| "<replaceable>PATH=/bin:/usr/bin</replaceable>."
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+"Е�ли у�тановлена, то будет и�пользовать�� дл� определени� переменной "
+"окружени� PATH, при входе обычного пользовател�. Значение может начинать�� � "
+"<replaceable>PATH=</replaceable>, или пред�тавл�ть �обой �пи�ок путей через "
+"двоеточие (например, <replaceable>/bin:/usr/bin</replaceable>). Значение по "
+"умолчанию равно <replaceable>PATH=/bin:/usr/bin</replaceable>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr "<option>ENV_SUPATH</option> (�трока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+#| msgid ""
+#| "If set, it will be used to define the PATH environment variable when the "
+#| "superuser login. The value can be preceded by <replaceable>PATH=</"
+#| "replaceable>, or a colon separated list of paths (for example "
+#| "<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>). The default "
+#| "value is <replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+"Е�ли у�тановлена, то будет и�пользовать�� дл� определени� переменной "
+"окружени� PATH при входе �уперпользовател�. Значение может начинать�� � "
+"<replaceable>PATH=</replaceable>, или пред�тавл�ть �обой �пи�ок путей через "
+"двоеточие (например, <replaceable>/sbin:/bin:/usr/sbin:/usr/bin</"
+"replaceable>). Значение по умолчанию равно <replaceable>PATH=/sbin:/bin:/usr/"
+"sbin:/usr/bin</replaceable>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_TZ</option> (string)"
+msgstr "<option>ENV_TZ</option> (�трока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+"Е�ли у�тановлена, то будет и�пользовать�� дл� определени� переменной "
+"окружени� TZ при входе пользовател�. Значение может быть равно имени "
+"ча�ового по��а, начинающего�� <replaceable>TZ=</replaceable> (например, "
+"<replaceable>TZ=CST6CDT</replaceable>), или полному пути к файлу � "
+"параметрами ча�ового по��а (например, <filename>/etc/tzname</filename>)."
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+"Е�ли указан полный путь, но файл не �уще�твует или недо�тупен дл� чтени�, то "
+"и�пользует�� значение по умолчанию: <replaceable>TZ=CST6CDT</replaceable>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr "<option>LOGIN_STRING</option> (�трока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+"Строка-приглашение к вводу парол�. Значение по умолчанию: «Password:» или "
+"перевод �той �троки на разные �зыки. Е�ли вы измените �ту переменную, то "
+"перевод будет от�ут�твовать."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr ""
+"Е�ли в �троке �одержит�� под�трока <replaceable>%s</replaceable>, то она "
+"будет заменена на им� пользовател�."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr "<option>MAIL_CHECK_ENAB</option> (логиче�кий)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr "Включает проверку и показ �о�то�ни� почтового �щика при входе."
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+"Вы должны выключить �то, е�ли почтовый �щик провер�ет�� из файлов "
+"автозапу�ка оболочки («mailx -e» или похожей командой)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr "<option>QUOTAS_ENAB</option> (логиче�кий)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+"Включает у�тановку ограничений ре�ур�ов из <filename>/etc/limits</filename> "
+"и ulimit, umask и niceness из пол� gecos файла passwd."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr "<option>SULOG_FILE</option> (�трока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr ""
+"Е�ли определена, то люба� активно�ть su будет протоколировать�� в �тот файл."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SU_NAME</option> (string)"
+msgstr "<option>SU_NAME</option> (�трока)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+"Е�ли определена, то выводит�� им� команды когда работает «su -». �апример, "
+"е�ли значение равно «su», то «ps» покажет команду как «-su». Е�ли не "
+"определена, то «ps» покажет им� запу�каемой оболочки например как «-sh»."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr "<option>SU_WHEEL_ONLY</option> (логиче�кий)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+"Е�ли равна <replaceable>yes</replaceable>, то пользователь должен быть "
+"членом первой группы � gid 0 в файле <filename>/etc/group</filename> (в "
+"большин�тве �и�тем Linux называет�� <replaceable>root</replaceable>), чтобы "
+"иметь возможно�ть запу�кать <command>su</command> дл� получени� uid 0. Е�ли "
+"группа не �уще�твует, или пу�та, то никто не �может получить uid 0 � помощью "
+"<command>su</command>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SU_ENAB</option> (логиче�кий)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr ""
+"Включить протоколирование «syslog» дей�твий <command>su</command> — "
+"дополнительно к протоколированию в файле sulog."
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr ""
+"При у�пешном выполнении <command>su</command> возвращает код выхода команды, "
+"котора� была выполнена."
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr ""
+"Е�ли выполнение команды завершило�ь по �игналу, то <command>su</command> "
+"возвращает номер �того �игнала плю� 128."
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+"Е�ли su завершила команду (так как был запро� �делать �то и команда не "
+"завершила�ь в положенное врем�), то <command>su</command> завершает�� � "
+"кодом 255."
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr "У�пешно (только дл� <option>--help</option>)"
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr "Сбой аутентификации или �и�темы"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: su.1.xml:422(replaceable)
+msgid "126"
+msgstr "126"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr "Запрошенна� команда не найдена"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: su.1.xml:428(replaceable)
+msgid "127"
+msgstr "127"
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr "Запрошенна� команда не может быть выполнена"
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr ""
+"�екоторые коды выхода <command>su</command> не зави��т от запу�каемой "
+"команды: <placeholder-1/>"
+
+#: su.1.xml:439(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><command>
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr "sg"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr "выполн�ет команду � правами другой группы"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><option>
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr "-"
+
+# type: Content of: <refentry><refsect1><para><option>
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr "-c"
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr "группа <placeholder-1/> команда"
+
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+"Команда <command>sg</command> работает подобно команде <command>newgrp</"
+"command>, но в каче�тве параметра ожидает команду. Команда будет выполнена "
+"оболочкой <filename>/bin/sh</filename>. В большин�тве оболочек, откуда может "
+"запу�кать�� <command>sg</command>, команду из не�кольких �лов нужно "
+"заключать в кавычки. Другим отличием между <command>newgrp</command> и "
+"<command>sg</command> �вл�ет�� то, что некоторые оболочки во�принимают "
+"<command>newgrp</command> о�обенным образом, замен�� �еб� новым �кземпл�ром "
+"оболочки, которую �оздаёт <command>newgrp</command>. Этого не прои�ходит � "
+"командой <command>sg</command>, по�тому по�ле завершени� работы <command>sg</"
+"command> вы возвращаете�ь в предыдущую группу."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SG_ENAB</option> (логиче�кий)"
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr "Включить протоколирование «syslog» дей�твий <command>sg</command>."
+
+#: sg.1.xml:141(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr "shadow"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: shadow.5.xml:65(refpurpose)
+msgid "shadowed password file"
+msgstr "файл теневых паролей"
+
+# type: Content of: <refentry><refsect1><para>
+#: shadow.5.xml:70(para)
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+"Файл <filename>shadow</filename> �одержит шифрованные пароли учётных запи�ей "
+"пользователей и необ�зательную информацию об у�таревании парол�."
+
+# type: Content of: <refentry><refsect1><para>
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr ""
+"Этот файл должен быть недо�тупен обычному пользователю, е�ли нужно "
+"обе�печить безопа�но�ть паролей."
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+"Кажда� �трока файла �одержит 9 полей, разделённых двоеточи�ми (<quote>:</"
+"quote>), ра�положенных в �ледующем пор�дке:"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr "им� пользовател� дл� входа в �и�тему"
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr ""
+"Должно �одержать правильное им� учётной запи�и, котора� �уще�твует в �и�теме."
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr "шифрованный пароль"
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+"Подробней о пароле �мотрите в �правочной �транице "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+
+#: shadow.5.xml:103(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+"Е�ли поле парол� �одержит �троку, котора� не удовлетвор�ет требовани�м "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, например �одержит ! или *, то пользователь не �может "
+"и�пользовать �тот пароль unix дл� входа (но может войти в �и�тему под "
+"другими парол�ми)."
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+"Это поле может быть пу�тым, то е�ть дл� указанной учётной запи�и не "
+"требует�� аутентификаци� по паролю. Однако, некоторые приложени�, читающие "
+"файл <filename>/etc/shadow</filename>, могут вообще отказать в до�тупе, е�ли "
+"поле парол� пу�то."
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "A password field which starts with a exclamation mark means that the "
+#| "password is locked. The remaining characters on the line represent the "
+#| "password field before the password was locked."
+msgid ""
+"A password field which starts with an exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+"Поле парол� может начинать�� � во�клицательного знака, означающего, что "
+"пароль заблокирован. О�тавшие�� �имволы в �троке пред�тавл�ют поле парол� до "
+"его блокировки."
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr "дата по�ледней �мены парол�"
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr "Дата по�ледней �мены парол� в дн�х начина� � 1 �нвар� 1970 года."
+
+#: shadow.5.xml:134(para)
+#, fuzzy
+#| msgid ""
+#| "The value 0 has a special meaning, which is that the user should change "
+#| "her pasword the next time she will log in the system."
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"password the next time she will log in the system."
+msgstr ""
+"Значение 0 имеет �пециальное предназначение: оно указывает, что пользователь "
+"должен �менить пароль в �ледующий раз при входе в �и�тему."
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr "Пу�тое значение обозначает, что проверка у�таревани� парол� выключена."
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr "минимальный �рок дей�тви� парол�"
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+"Минимальный �рок дей�тви� парол� в дн�х, которые пользователь должен ждать, "
+"чтобы помен�ть пароль."
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr "Пу�тое значение пол� и 0 отключают минимальный �рок дей�тви� парол�."
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr "мак�имальный �рок дей�тви� парол�"
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr ""
+"Мак�имальный �рок дей�тви� парол� в дн�х, по�ле которого пользователь должен "
+"изменить пароль."
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr ""
+"По проше�твии �того количе�тва дней пароль может быть ещё дей�твительным. "
+"Пользовател� нужно попро�ить изменить пароль при �ледующем входе."
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+"Пу�тое значение пол� означает, что нет мак�имального �рока дей�тви� парол�, "
+"нет периода предупреждени� о пароле и нет периода неактивно�ти парол� "
+"(�мотрите далее)."
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr ""
+"Е�ли мак�имальный �рок дей�тви� парол� меньше чем минимальный �рок дей�тви� "
+"парол�, то пользователь не �может изменить �вой пароль."
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr "период предупреждени� о пароле"
+
+# type: Content of: <refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: shadow.5.xml:187(para)
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr ""
+"Количе�тво дней до у�таревани� парол� (�мотрите мак�имальный �рок дей�тви� "
+"парол�) во врем� которых пользователю выдаёт�� предупреждение."
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr "Пу�тое значение пол� и 0 отключают период предупреждени� о пароле."
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr "период неактивно�ти парол�"
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+"Количе�тво дней по�ле у�таревани� парол� (�мотрите мак�имальный �рок "
+"дей�тви� парол�) во врем� которых пароль в�ё ещё принимает�� (и пользователь "
+"должен обновить �вой пароль при �ледующем входе)."
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+"По�ле у�таревани� парол� и и�течени� �того периода у�таревани� вход � "
+"текущим паролем �тановит�� невозможным. Пользователь должен обратить�� к "
+"админи�тратору."
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr "Пу�тое значение пол� означает, что период неактивно�ти от�ут�твует."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: shadow.5.xml:222(emphasis)
+msgid "account expiration date"
+msgstr "дата и�течени� �рока дей�тви� учётной запи�и"
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"Дата и�течени� �рока дей�тви� учётной запи�и, указывает�� в дн�х начина� � 1 "
+"�нвар� 1970 года."
+
+#: shadow.5.xml:229(para)
+#, fuzzy
+#| msgid ""
+#| "Note that an account expiration differs from a password expiration. In "
+#| "case of an acount expiration, the user shall not be allowed to login. In "
+#| "case of a password expiration, the user is not allowed to login using her "
+#| "password."
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an account expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+"Заметим, что у�таревание учётной запи�и отличает�� от у�таревани� парол�. "
+"При у�таревании учётной запи�и пользователь не �может войти в �и�тему. При "
+"у�таревании парол� пользователь не может войти в �и�тему по �тому паролю."
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr "Пу�тое значение обозначает, что учётна� запи�ь никогда не у�таревает."
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+"Значение 0 не должно и�пользовать��, так как �то может ра��матривать�� как "
+"неу�таревающа� учётна� запи�ь или что запи�ь у�тарела 1 �нвар� 1970 года."
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr "зарезервированное поле"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr "Это поле зарезервировано дл� и�пользовани� в будущем."
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: shadow.5.xml:270(filename)
+msgid "/etc/shadow-"
+msgstr "/etc/shadow-"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr "резервна� копи� файла /etc/shadow"
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+"Заметим, что �тот файл и�пользует�� программами из комплекта утилит shadow, "
+"но не в�еми ин�трументами управлени� пользовател�ми и парол�ми."
+
+#: shadow.5.xml:284(para)
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refmeta><refmiscinfo>
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr "Библиотечные функции"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr "getspnam"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr "процедуры дл� работы � файлом шифрованных паролей"
+
+# type: Content of: <refentry><refsect1><title>
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "СИ�Т�КСИС"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr "#include &lt;shadow.h&gt;"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr "struct spwd *getspent();"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr "struct spwd *getspnam(char"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr "*name"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ");"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr "void setspent();"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr "void endspent();"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr "struct spwd *fgetspent(FILE"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><emphasis>
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr "*fp"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr "struct spwd *sgetspent(char"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr "*cp"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr "int putspent(struct spwd"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr "*p,"
+
+# type: Content of: <refentry><refsect1><title>
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr "Ф�ЙЛ"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr "int lckpwdf();"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr "int ulckpwdf();"
+
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+"<emphasis remap=\"I\">shadow</emphasis> управл�ет �одержимым файла теневых "
+"паролей, <filename>/etc/shadow</filename>. Структура в файле <emphasis remap="
+"\"I\">#include</emphasis>:"
+
+# type: Content of: <refentry><refsect1><programlisting>
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid ""
+"struct spwd {\n"
+"      char\t\t*sp_namp; /* user login name */\n"
+"      char\t\t*sp_pwdp; /* encrypted password */\n"
+"      long int\t\tsp_lstchg; /* last password change */\n"
+"      long int\t\tsp_min; /* days until change allowed. */\n"
+"      long int\t\tsp_max; /* days before change required */\n"
+"      long int\t\tsp_warn; /* days warning for expiration */\n"
+"      long int\t\tsp_inact; /* days before account inactive */\n"
+"      long int\t\tsp_expire; /* date when account expires */\n"
+"      unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+"    "
+msgstr ""
+"struct spwd {\n"
+"      char\t \t \t*sp_namp;  /* им� пользовател� */\n"
+"      char\t \t \t*sp_pwdp;  /* шифрованный пароль */\n"
+"      long int\t \t \tsp_lstchg; /* дата по�ледней �мены парол� */\n"
+"      long int\t \t \tsp_min;    /* дней должно пройти между �менами парол�. */\n"
+"      long int\t \t \tsp_max;    /* дней перед необходимо�тью �мены парол� */\n"
+"      long int\t \t \tsp_warn;   /* дней вывода предупреждени� об у�таревании */\n"
+"      long int\t \t \tsp_inact;  /* дней перед тем как учётна� запи�ь заблокирует�� */\n"
+"      long int\t \t \tsp_expire; /* дата у�таревани� учётной запи�и */\n"
+"      unsigned long int\tsp_flag;   /* зарезервировано */\n"
+"}"
+
+# type: Content of: <refentry><refsect1><para>
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr "Значение каждого пол�:"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr ""
+"sp_namp - указатель на �троку � именем пользовател�, завершающую�� нулевым "
+"�имволом"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr ""
+"sp_pwdp - указатель на �троку � паролем, завершающую�� нулевым �имволом"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+"sp_lstchg - количе�тво дней, когда был изменён пароль по�ледний раз, начина� "
+"� 1 �нвар� 1970 года"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr "sp_min - количе�тво дней, когда можно не мен�ть пароль"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr ""
+"sp_max - количе�тво дней, которое должно пройти, чтобы нужно было помен�ть "
+"пароль"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+"sp_warn - количе�тво дней, когда будет выдавать�� предупреждение о �кором "
+"у�таревании парол� перед тем как пароль у�тареет"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+"sp_inact - количе�тво дней, которые должны пройти по�ле у�таревани� парол�, "
+"когда начинать �читать, что учётна� запи�ь неактивна и заблокирована"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+"sp_expire - дней, по�ле которых учётна� запи�ь будет заблокирована, начина� "
+"� 1 �нвар� 1970 года"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr "sp_flag - зарезервировано"
+
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+"Функции <emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis> и <emphasis>sgetspent</emphasis> возвращают "
+"указатель на �труктуру <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> возвращает �ледующую запи�ь из файла, а <emphasis>fgetspent</"
+"emphasis> возвращает �ледующую запи�ь из заданного канала, предполага�, что "
+"�то файл правильного формата.<emphasis>sgetspent</emphasis> возвращает "
+"указатель на <emphasis>struct spwd</emphasis>, и�пользу� предо�тавленную "
+"�троку в каче�тве вход�щих данных. <emphasis>getspnam</emphasis> ищет "
+"начина� � текущей позиции в файле запи�ь по имени <emphasis>name</emphasis>."
+
+# type: Content of: <refentry><refsect1><para>
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+"Функции <emphasis>setspent</emphasis> и <emphasis>endspent</emphasis> можно "
+"и�пользовать дл� перемещени� в начало и конец файла теневых паролей "
+"�оответ�твенно."
+
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+"Функции <emphasis>lckpwdf</emphasis> и <emphasis>ulckpwdf</emphasis> "
+"и�пользуют�� дл� получени� монопольного до�тупа к файлу <filename>/etc/"
+"shadow</filename>. <emphasis>lckpwdf</emphasis> пытает�� выполнить "
+"блокировку � помощью <emphasis>pw_lock</emphasis> в течении 15 �екунд. Далее "
+"выполн�ет�� попытка получить вторую блокировку � помощью <emphasis>spw_lock</"
+"emphasis> в течении времени о�тавшего�� от первоначальных 15 �екунд. При "
+"неудаче в любой из блокировок в течении 15 �екунд, функци� "
+"<emphasis>lckpwdf</emphasis> возвращает -1. Е�ли обе блокировки прошли "
+"у�пешно возвращает�� 0."
+
+# type: Content of: <refentry><refsect1><para>
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+"Функции возвращают NULL, е�ли в�е запи�и кончили�ь или произошла ошибка во "
+"врем� работы. Функции, возвращающие <emphasis>int</emphasis>, возвращают 0 "
+"при у�пешном выполнении и -1 в �лучае неудачи."
+
+# type: Content of: <refentry><refsect1><para>
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr ""
+"Данные функции могут и�пользовать�� только �уперпользователем, так как "
+"до�туп к файлу теневых паролей ограничен."
+
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><command>
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr "pwconv"
+
+# type: Content of: <refentry><refsect1><para><command>
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr "pwunconv"
+
+# type: Content of: <refentry><refsect1><para><command>
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr "grpconv"
+
+# type: Content of: <refentry><refsect1><para><command>
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr "grpunconv"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr "преобразует пароли пользователей и групп в/из защищённую форму"
+
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+"Команда <command>pwconv</command> �оздаёт файл <emphasis remap=\"I\">shadow</"
+"emphasis> из файла <emphasis remap=\"I\">passwd</emphasis> и необ�зательно "
+"�уще�твующего файла <emphasis remap=\"I\">shadow</emphasis>."
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+"Программа <command>pwconv</command> не работает, е�ли включена "
+"<option>USE_TCB</option>. Дл� преобразовани� паролей tcb, �начала "
+"и�пользуйте команду <command>pwconv</command> дл� преобразовани� теневых "
+"паролей, выключив <option>USE_TCB</option> в <filename>login.defs</"
+"filename>, а затем преобразуйте пароль tcb � помощью <command>tcb_convert</"
+"command> (и включите <option>USE_TCB</option> в <filename>login.defs</"
+"filename> оп�ть)."
+
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+"Команда <command>pwunconv</command> �оздаёт файл <emphasis remap=\"I"
+"\">passwd</emphasis> из файлов <emphasis remap=\"I\">passwd</emphasis> и "
+"<emphasis remap=\"I\">shadow</emphasis>, а затем удал�ет файл <emphasis "
+"remap=\"I\">shadow</emphasis>."
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+"Программа <command>pwunconv</command> не работает, е�ли включена "
+"<option>USE_TCB</option>. Сначала вам нужно перейти � tcb обратно к "
+"и�пользованию теневых паролей � помощью <command>tcb_unconvert</command>, а "
+"затем выключить <option>USE_TCB</option> в <filename>login.defs</filename> "
+"перед и�пользованием <command>pwunconv</command>."
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+"Команда <command>grpconv</command> �оздаёт файл <emphasis remap=\"I"
+"\">gshadow</emphasis> из файла <emphasis remap=\"I\">group</emphasis> и "
+"необ�зательно �уще�твующего файла <emphasis remap=\"I\">gshadow</emphasis>."
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+"Команда <command>grpunconv</command> �оздаёт файл <emphasis remap=\"I"
+"\">group</emphasis> из файлов <emphasis remap=\"I\">group</emphasis> и "
+"<emphasis remap=\"I\">gshadow</emphasis>, а затем удал�ет файл <emphasis "
+"remap=\"I\">gshadow</emphasis>."
+
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+"Эти четыре программы работают � файлами обычных или теневых паролей "
+"пользователей и групп: <filename>/etc/passwd</filename>, <filename>/etc/"
+"group</filename>, <filename>/etc/shadow</filename> и <filename>/etc/gshadow</"
+"filename>."
+
+# type: Content of: <refentry><refsect1><para>
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+"Кажда� программа выполн�ет необходимые блокировки перед преобразовани�ми. "
+"Команды <command>pwconv</command> и <command>grpconv</command> выполн�ют "
+"�хожий пор�док дей�твий. Сначала удал�ют�� запи�и из теневого файла которых "
+"нет в главном файле. Затем обновл�ют�� запи�и в теневом файле которые не "
+"�одержат «x» вме�то парол� в главном файле. Далее добавл�ют�� от�ут�твующие "
+"теневые запи�и. �аконец, пароли в главном файле замен�ют�� �имволом «x». "
+"Данные программы можно и�пользовать как дл� первоначального преобразовани�, "
+"так и дл� обновлени� теневого файла, е�ли главный файл редактировал�� "
+"вручную."
+
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+"Команда <command>pwconv</command> и�пользует значени� переменных <emphasis "
+"remap=\"I\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</"
+"emphasis> и <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> из файла "
+"<filename>/etc/login.defs</filename> при добавлении новых запи�ей в файл "
+"<filename>/etc/shadow</filename>."
+
+# type: Content of: <refentry><refsect1><para>
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+"Программы <command>pwunconv</command> и <command>grpunconv</command> также "
+"выполн�ют �хожий пор�док дей�твий. Пароли в главном файле обновл�ют�� из "
+"теневого файла. Запи�и, которые �уще�твуют в главном файле, но не �уще�твуют "
+"в теневом файле о�тавл�ют�� как е�ть. По окончании, теневой файл удал�ет��. "
+"Информаци� об у�таревании парол� не учитывает�� программой "
+"<command>pwunconv</command>. Конвертирует�� только возможное."
+
+#: pwconv.8.xml:188(para)
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+"Параметры, применимые к <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command> и <command>grpunconv</command>:"
+
+# type: Content of: <refentry><refsect1><para>
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+"Ошибки в файлах паролей или групп (типа неверных или дублирующих�� запи�ей) "
+"могут зациклить программу или произойдут какие-то другие �транные вещи. "
+"Перед конвертацией запу�тите <command>pwck</command> и <command>grpck</"
+"command>, чтобы и�править возможные ошибки."
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+"Следующа� переменна� на�тройки в <filename>/etc/login.defs</filename> "
+"измен�ет поведение <command>grpconv</command> и <command>grpunconv</command>:"
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+"Следующа� переменна� на�тройки в <filename>/etc/login.defs</filename> "
+"измен�ет поведение <command>pwconv</command>:"
+
+#: pwconv.8.xml:263(para)
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr ""
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr "pwck"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr "провер�ет цело�тно�ть файлов паролей"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr "passwd"
+
+# type: Content of: <refentry><refsect1><para>
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+"Программа <command>pwck</command> провер�ет цело�тно�ть информации о "
+"пользовател�х и аутентификации. Провер�ет�� формат в�ех запи�ей файлов "
+"<filename>/etc/passwd</filename> и <filename>/etc/shadow</filename><phrase "
+"condition=\"tcb\">(или файлов в <filename>/etc/tcb</filename>, е�ли включена "
+"<option>USE_TCB</option>)</phrase> и корректно�ть данных каждого пол�. В "
+"�лучае обнаружени� ошибок пользователю предлагает�� подтвердить удаление "
+"запи�ей, имеющих неверный формат или во��тановление которых невозможно."
+
+# type: Content of: <refentry><refsect1><para>
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr "Выполн�ют�� �ледующие проверки:"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr "правильное количе�тво полей"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr "уникально�ть и корректно�ть имени пользовател�"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr "корректно�ть идентификатора пользовател� и группы"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr "корректно�ть первичной группы"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr "корректно�ть домашнего каталога"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr "корректно�ть реги�трационной оболочки"
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+"Проверки <filename>shadow</filename> выполн�ют��, е�ли указан второй "
+"файловый параметр или когда в �и�теме �уще�твует файл <filename>/etc/shadow</"
+"filename>."
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr "Выполн�ют�� �ледующие проверки:"
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr ""
+"что кажда� запи�ь passwd имеет �оответ�твующую запи�ь shadow и кажда� запи�ь "
+"shadow имеет �оответ�твующую запи�ь passwd"
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr "пароли указаны в теневом файле"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr "запи�и shadow �одержат корректное количе�тво полей"
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr "запи�и shadow уникальны в shadow"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr "дата по�ледней �мены парол� не находит�� в будущем"
+
+# type: Content of: <refentry><refsect1><para>
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+"Ошибки в количе�тве полей и уникально�ти имён пользователей нево��тановимы. "
+"Е�ли запи�ь �одержит неверное чи�ло полей, пользовател� попро��т подтвердить "
+"удаление в�ей запи�и. Е�ли пользователь ответит отрицательно, дальнейша� "
+"проверка выполн�ть�� не будет. При ошибке повторени� имени пользовател� "
+"также возникает запро� на удаление, но в �лучае отказа проверка будет "
+"продолжена. Обо в�ех о�тальных ошибках выводит�� предупреждение и "
+"пользователю предлагает�� запу�тить команду <command>usermod</command>, "
+"чтобы и�править ошибку."
+
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+"Команды, которые работают � файлом <filename>/etc/passwd</filename>, не "
+"могут измен�ть повреждённые или дублирующие�� запи�и. Как раз в �том �лучае "
+"и нужно и�пользовать <command>pwck</command> дл� удалени� и�порченной запи�и."
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr ""
+"Параметры <option>-r</option>, <option>-s</option> не могут и�пользовать�� "
+"одновременно."
+
+# type: Content of: <refentry><refsect1><para>
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr "Параметры команды <command>pwck</command>:"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr ""
+"Сообщать только об ошибках. Предупреждени�, которые не требуют от "
+"пользовател� никаких дей�твий, показаны не будут."
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr "<option>-r</option>, <option>--read-only</option>"
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr "Выполн�ть команду <command>pwck</command> в режиме «только чтение»."
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr "<option>-s</option>, <option>--sort</option>"
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+"От�ортировать в�е запи�и в файлах <filename>/etc/passwd</filename> и "
+"<filename>/etc/shadow</filename> по чи�ловому идентификатору пользовател�."
+
+#: pwck.8.xml:227(para)
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr "Этот параметр не дей�твует, е�ли определена <option>USE_TCB</option>."
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+"По умолчанию, команда <command>pwck</command> работает � файлами <filename>/"
+"etc/passwd</filename> и <filename>/etc/shadow</filename><phrase condition="
+"\"tcb\"> (или файлами в <filename>/etc/tcb</filename>)</phrase>. "
+"Пользователь может указать другие файлы � помощью параметров "
+"<replaceable>passwd</replaceable> и <replaceable>shadow</replaceable>."
+
+#: pwck.8.xml:243(para)
+#, fuzzy
+#| msgid ""
+#| "Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+#| "alternative <replaceable>shadow</replaceable> file. In future releases, "
+#| "this paramater could be replaced by an alternate TCB directory."
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"parameter could be replaced by an alternate TCB directory."
+msgstr ""
+"Заметим, что е�ли определена <option>USE_TCB</option>, то вы не можете "
+"указать другой файл <replaceable>shadow</replaceable>. В �ледующих вер�и�х "
+"�тим параметром можно будет задать другой каталог TCB."
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr "е�ть одна или более запи�ей � недопу�тимыми парол�ми"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr "не удало�ь открыть файл паролей"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr "не удало�ь заблокировать файл паролей"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr "не удало�ь изменить файл паролей"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: pwck.8.xml:336(para)
+msgid "can't sort password files"
+msgstr "не удало�ь от�ортировать файл паролей"
+
+# type: Content of: <refentry><refsect1><para>
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Команда <command>pwck</command> заверша� работу, возвращает �ледующие "
+"значени�: <placeholder-1/>"
+
+#: pwck.8.xml:345(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr "porttime"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr "файл � временами до�тупа к портам"
+
+# type: Content of: <refentry><refsect1><para>
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+"Файл <emphasis remap=\"I\">porttime</emphasis> �одержит �пи�ок у�трой�тв "
+"tty, имена пользователей и разрешённое врем� входа."
+
+# type: Content of: <refentry><refsect1><para>
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+"Кажда� запи�ь �о�тоит из трёх полей, разделённых двоеточи�ми. В первом поле "
+"�одержит�� �пи�ок у�трой�тв tty (перечи�ленных через зап�тую) или звёздочка, "
+"указывающа�, что в�е у�трой�тва tty попадают под правило �той запи�и. Во "
+"втором поле �одержит�� �пи�ок имён пользователей (перечи�ленных через "
+"зап�тую) или звёздочка, указывающа�, что в�е имена пользователей попадают "
+"под правило �той запи�и. В третьем поле �одержит�� �пи�ок (через зап�тую) "
+"допу�тимого времени работы."
+
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+"Кажда� запи�ь времени до�тупа �о�тоит из нул� или более дней недели, "
+"обозначенных как <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, "
+"<emphasis>Tu</emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, "
+"<emphasis>Fr</emphasis> и <emphasis>Sa</emphasis>, а также временем начала и "
+"конца, запи�анного через дефи�. Сокращение <emphasis>Wk</emphasis> можно "
+"и�пользовать дл� обозначени� периода � понедельника по п�тницу, а "
+"<emphasis>Al</emphasis> обозначает каждый день. Е�ли день не задан, то "
+"предполагает�� <emphasis>Al</emphasis> в каче�тве значени� по умолчанию."
+
+# type: Content of: <refentry><refsect1><title>
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "ПРИМЕРЫ"
+
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+"Следующа� запи�ь разрешает до�туп пользователю <emphasis remap=\"B\">jfh</"
+"emphasis> � любого порта по будн�м � 9:00 до 17:00."
+
+# type: Content of: <refentry><refsect1><para>
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr "*:jfh:Wk0900-1700"
+
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+"Следующие запи�и разрешают до�туп только пользовател�м <emphasis>root</"
+"emphasis> и <emphasis>oper</emphasis> � <filename>/dev/console</filename> в "
+"любое врем�. Это показывает, что файл <filename>/etc/porttime</filename> "
+"обрабатывает�� в пор�дке по�влени� запи�ей в файле. Любой другой "
+"пользователь попадёт под правило второй запи�и, котора� не разрешает до�туп "
+"в любое врем�."
+
+# type: Content of: <refentry><refsect1><programlisting>
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+msgstr ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+"Следующа� запи�ь разрешает до�туп пользователю <emphasis>games</emphasis> � "
+"любого порта в нерабочие ча�ы."
+
+# type: Content of: <refentry><refsect1><para>
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr "*:games:Wk1700-0900,SaSu0000-2400"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr "/etc/porttime"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr ""
+"�одержит разрешённое врем� работы определённых пользователей � определённых "
+"портов"
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr "файл паролей"
+
+# type: Content of: <refentry><refsect1><para>
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+"Файл <filename>/etc/passwd</filename> �одержит учётные запи�и пользователей, "
+"по одной в каждой �троке. Строка �о�тоит из �еми полей, разделённых "
+"двоеточи�ми (<quote>:</quote>). Пол�:"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr "необ�зательный зашифрованный пароль"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr "чи�ловой идентификатор пользовател�"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr "чи�ловой идентификатор группы"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr "ФИО пользовател� или поле комментари�"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr "домашний каталог пользовател�"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr "необ�зательный интерпретатор командной �троки пользовател�"
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Поле � зашифрованным паролем может быть пу�тым, и тогда дл� входа под �той "
+"учётной запи�ью пароль не требует��. Однако, некоторые приложени�, которые "
+"читают файл <filename>/etc/passwd</filename>, могут решить не позвол�ть "
+"<emphasis>любой</emphasis> до�туп, е�ли поле <emphasis>парол�</emphasis> "
+"пу�тое. Е�ли поле <emphasis>парол�</emphasis> �одержит �трочную <quote>x</"
+"quote>, то шифрованный пароль хранит�� в файле "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>; в файле <filename>shadow</filename> <emphasis>должна</"
+"emphasis> быть �оответ�твующа� �трока, иначе учётна� запи�ь �читает�� "
+"недей�твительной. Е�ли в поле <emphasis>парол�</emphasis> �одержит�� кака�-"
+"то друга� �трока, то она во�принимает�� как шифрованный пароль, �огла�но "
+"формату <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>."
+
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Поле комментари� и�пользует�� различными �и�темными утилитами, такими как "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+"В поле домашнего каталога хранит�� начальный рабочий каталог. Программа "
+"<command>login</command> и�пользует �ту информацию дл� у�тановки значени� "
+"переменной окружени� <envar>$HOME</envar>."
+
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+"В поле интерпретатора командной �троки хранит�� название интерпретатора "
+"командной �троки пользовател� или программы, котора� будет запущена первой. "
+"Программа <command>login</command> и�пользует �ту информацию дл� у�тановки "
+"значени� переменной окружени� <envar>$SHELL</envar>. Е�ли �то поле пу�тое, "
+"то и�пользует�� значение по умолчанию <filename>/bin/sh</filename>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr "необ�зательный файл � шифрованными парол�ми"
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: passwd.5.xml:156(filename)
+msgid "/etc/passwd-"
+msgstr "/etc/passwd-"
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr "резервна� копи� файла /etc/passwd"
+
+#: passwd.5.xml:170(para)
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr "измен�ет пароль пользовател�"
+
+# type: Content of: <refentry><refsect1><para>
+#: passwd.1.xml:89(para)
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+"Программа <command>passwd</command> измен�ет пароли пользователь�ких учётных "
+"запи�ей. Обычный пользователь может изменить пароль только �воей учётной "
+"запи�и, �уперпользователь может изменить пароль любой учётной запи�и. "
+"Программа <command>passwd</command> также измен�ет информацию об учётной "
+"запи�и или �рок дей�тви� парол�."
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr "Изменение парол�"
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: passwd.1.xml:99(para)
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+"Сначала пользовател� попро��т вве�ти �тарый пароль, е�ли он был. Этот пароль "
+"зашифровывает�� и �равнивает�� � имеющим��. У пользовател� е�ть только одна "
+"попытка вве�ти правильный пароль. Дл� �уперпользовател� �тот шаг "
+"пропу�кает��, дл� того чтобы можно было изменить забытый пароль."
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+"По�ле ввода парол� провер�ет�� информаци� об у�таревании парол�, чтобы "
+"убедить��, что пользователю разрешено измен�ть пароль в на�то�щий момент. "
+"Е�ли нет, то <command>passwd</command> не производит изменение парол� и "
+"завершает работу."
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+"Затем пользователю предложат дважды вве�ти новый пароль. Значение второго "
+"ввода �равнивает�� � первым и дл� изменени� пароли из обеих попыток должны "
+"�овпа�ть."
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+"Затем пароль те�тирует�� на �ложно�ть подбора. Согла�но общим принципам, "
+"пароли должны быть длиной от 6 до 8 �имволов и включать один или более "
+"�имволов каждого типа:"
+
+# type: Content of: <refentry><refsect1><refsect2><itemizedlist><listitem><para>
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr "�трочные буквы"
+
+# type: Content of: <refentry><refsect1><refsect2><itemizedlist><listitem><para>
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr "цифры от 0 до 9"
+
+# type: Content of: <refentry><refsect1><refsect2><itemizedlist><listitem><para>
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr "знаки пунктуации"
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+"�е включайте �и�темные �имволы �тирани� и удалени�. Программа "
+"<command>passwd</command> не примет пароль, который не имеет до�таточной "
+"�ложно�ти."
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr "Выбор парол�"
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: passwd.1.xml:148(para)
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+"Безопа�но�ть парол� зави�ит от �тойко�ти алгоритма шифровани� и размера "
+"про�тран�тва ключа. В �тарых �и�темах <emphasis>UNIX</emphasis> метод "
+"шифровани� о�новывал�� на алгоритме NBS DES. Сейча� рекомендуют более новые "
+"методы (�мотрите <option>ENCRYPT_METHOD</option>). Размер про�тран�тва ключа "
+"зави�ит от �тепени произвольно�ти выбранного парол�."
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+"При обе�печении безопа�но�ти парол� выбирают нечто �реднее между �ложным "
+"паролем и �ложно�тью работы � ним. По �той причине, вы не должны "
+"и�пользовать пароль, который �вл�ет�� �ловом из �ловар� или который придёт�� "
+"запи�ать из-за его �ложно�ти. Также, пароль не должен быть названием чего-"
+"либо, номером вашей лицензии, днём рождени� и домашним адре�ом. Обо в�ём "
+"�том легко догадать��, что приведёт к нарушению безопа�но�ти �и�темы."
+
+#: passwd.1.xml:166(para)
+#, fuzzy
+#| msgid ""
+#| "You can find advices on how to choose a strong password on http://en."
+#| "wikipedia.org/wiki/Password_strength"
+msgid ""
+"You can find advice on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+"О том, как выбрать �тойкий пароль, читайте в http://ru.wikipedia.org/wiki/"
+"Сложно�ть_парол�."
+
+# type: Content of: <refentry><refsect1><para>
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr "Параметры команды <command>passwd</command>:"
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr ""
+"Этот параметр можно и�пользовать только вме�те � <option>-S</option> дл� "
+"вывода �тату�а в�ех пользователей."
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+"Удалить пароль пользовател� (�делать его пу�тым). Это бы�трый �по�об "
+"заблокировать пароль учётной запи�и. Это �делает указанную учётную запи�ь "
+"бе�парольной."
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr ""
+"�емедленно �делать пароль у�таревшим. В результате �то за�тавит пользовател� "
+"изменить пароль при �ледующем входе в �и�тему."
+
+#: passwd.1.xml:220(term)
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>Д�ЕЙ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+"Этот параметр и�пользует�� дл� блокировки учётной запи�и по проше�твии "
+"заданного чи�ла дней по�ле у�таревани� парол�. То е�ть, е�ли пароль у�тарел "
+"и прошло более указанных <replaceable>Д�ЕЙ</replaceable>, то пользователь "
+"больше не �может и�пользовать данную учётную запи�ь."
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:237(para)
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+"Указывает, что изменение парол� нужно выполнить только дл� у�таревших ключей "
+"аутентификации (паролей). Пользователи хот�т о�тавить �вои непро�роченные "
+"ключи нетронутыми."
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr "<option>-l</option>, <option>--lock</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:249(para)
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+"Заблокировать пароль указанной учётной запи�и. Этот параметр блокирует "
+"пароль, измен�� его значение на вариант, который не может быть шифрованным "
+"паролем (добавл�ет�� �имвол «!» в начало парол�)."
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+"Заметим, что �то не блокирует учётную запи�ь. Пользователь в�ё ещё может "
+"войти в �и�тему � помощью другого �по�оба аутентификации (например, � "
+"помощью ключа SSH). Чтобы заблокировать учётную запи�ь, админи�тратор должен "
+"и�пользовать команду <command>usermod --expiredate 1</command> (�то "
+"у�тановит дату у�таревани� учётной запи�ь равной 2 �нвар� 1970 года)."
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr "По�етитель � заблокированным паролем не может изменить �вой пароль."
+
+#: passwd.1.xml:269(term)
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>МИ�_Д�ЕЙ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+"Задать <replaceable>минимальное количе�тво дней</replaceable> между �менами "
+"парол�. �улевое значение �того пол� указывает на то, что пользователь может "
+"мен�ть �вой пароль когда захочет."
+
+#: passwd.1.xml:291(term)
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>РЕПОЗИТОРИЙ</replaceable>"
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr "Изменить пароль в <replaceable>РЕПОЗИТОРИИ</replaceable>."
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr "<option>-S</option>, <option>--status</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:317(para)
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+"Показать �о�то�ние учётной запи�и. Информаци� о �о�то�нии �одержит 7 полей. "
+"Первое поле �одержит им� учётной запи�и. Второе поле указывает, заблокирован "
+"ли пароль учётной запи�и (L), она без парол� (NP) или у неё е�ть рабочий "
+"пароль (P). Третье поле хранит дату по�леднего изменени� парол�. В �ледующих "
+"четырёх пол�х хран�т�� минимальный �рок, мак�имальный �рок, период выдачи "
+"предупреждени� и период неактивно�ти парол�. Эти �роки измер�ют�� в дн�х."
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr "<option>-u</option>, <option>--unlock</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:335(para)
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+"Разблокировать пароль указанной учётной запи�и. Этот параметр разблокирует "
+"пароль, возвраща� его прежнее значение (которое было перед и�пользованием "
+"параметра <option>-l</option>)."
+
+#: passwd.1.xml:344(term)
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>ПРЕД_Д�ЕЙ</replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+"У�тановить чи�ло дней выдачи предупреждени�, перед тем как потребует�� �мена "
+"парол�. В параметре <replaceable>ПРЕД_Д�ЕЙ</replaceable> указывает�� чи�ло "
+"дней перед тем как пароль у�тареет, в течении которых пользователю будут "
+"напоминать, что пароль �коро у�тареет."
+
+#: passwd.1.xml:357(term)
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>М�КС_Д�ЕЙ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+"У�тановить мак�имальное количе�тво дней, в течении которых пароль о�таёт�� "
+"рабочим. По�ле <replaceable>М�КС_Д�ЕЙ</replaceable> пароль нужно изменить."
+
+# type: Content of: <refentry><refsect1><para>
+#: passwd.1.xml:373(para)
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr ""
+"Сложно�ть парол� провер�ет�� на разных машинах по разному. Пользователю "
+"на�то�тельно рекомендует�� выбирать пароль такой �ложно�ти, чтобы ему "
+"нормально работало�ь."
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+"Пользователи не могут измен�ть �вои пароли в �и�теме, е�ли включён NIS и они "
+"не вошли на �ервер NIS."
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr ""
+"Команда <command>passwd</command> дл� аутентификации пользователей и дл� "
+"�мены паролей и�пользует PAM."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr "<option>ENCRYPT_METHOD</option> (�трока)"
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr ""
+"Задаёт �и�темный алгоритм шифровани� по умолчанию дл� шифровани� паролей "
+"(и�пользует��, е�ли алгоритм не указан в командной �троке)."
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+"Возможны �ледующие значени�: <replaceable>DES</replaceable> (по умолчанию), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+"Замечание: �тот параметр переопредел�ет переменную <option>MD5_CRYPT_ENAB</"
+"option>."
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+"Замечание: дей�твует только при генерации паролей к группам. Генераци� "
+"пользователь�ких паролей выполн�ет�� PAM и там же на�траивает��. "
+"Рекомендует�� у�танавливать значение �той переменной �огла�но на�тройкам PAM."
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr "<option>MD5_CRYPT_ENAB</option> (логиче�кий)"
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+"Обозначает, что пароль должен быть зашифрован по алгоритму на о�нове MD5. "
+"Е�ли значение равно <replaceable>yes</replaceable>, то новые пароли будут "
+"зашифрованы по алгоритму на о�нове MD5, �овме�тимому � и�пользуемым в новых "
+"вер�и�х FreeBSD. Он поддерживает пароли неограниченной длины и имеет более "
+"длинную �троку �оли. У�тановите в <replaceable>no</replaceable>, е�ли вам "
+"нужно копировать шифрованные пароли в другие �и�темы, которые не "
+"поддерживают новый алгоритм. По умолчанию <replaceable>no</replaceable>."
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+"Эта переменна� переопредел�ет�� переменной <option>ENCRYPT_METHOD</option> "
+"или любым параметром командной �троки, который задаёт алгоритм шифровани�."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr "Эта переменна� у�тарела; и�пользуйте <option>ENCRYPT_METHOD</option>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>OBSCURE_CHECKS_ENAB</option> (логиче�кий)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr "Включает дополнительные проверки при �мене парол�."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "<option>PASS_ALWAYS_WARN</option> (логиче�кий)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+"Предупреждать о �лабых парол�х (но разрешать их и�пользовать) дл� "
+"�уперпользовател�."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "<option>PASS_CHANGE_TRIES</option> (чи�ло)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr ""
+"Мак�имальное количе�тво попыток �мены парол� (�лишком про�того) при "
+"непрохождении проверки."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "<option>PASS_MAX_LEN</option> (чи�ло)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "<option>PASS_MIN_LEN</option> (чи�ло)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+"Количе�тво значимых �имволов в пароле дл� crypt(). По умолчанию значение "
+"<option>PASS_MAX_LEN</option> равно 8. �е измен�йте, е�ли ваш crypt() лучше. "
+"Игнорирует��, е�ли значение <option>MD5_CRYPT_ENAB</option> равно "
+"<replaceable>yes</replaceable>."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MIN_ROUNDS</option> (чи�ло)"
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MAX_ROUNDS</option> (чи�ло)"
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+"Е�ли значение <option>ENCRYPT_METHOD</option> равно <replaceable>SHA256</"
+"replaceable> или <replaceable>SHA512</replaceable>, �та переменна� "
+"определ�ет количе�тво раундов SHA, и�пользуемых алгоритмом шифровани� по "
+"умолчанию (е�ли количе�тво раундов не задано в командной �троке)."
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+"Увеличение количе�тва раундов повышает �ложно�ть подбора парол� про�тым "
+"перебором. �о заметим, что при �том дл� аутентификации пользователей "
+"требует�� большее количе�тво проце��орных ре�ур�ов."
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr ""
+"Е�ли не задана, то libc выбирает значение количе�тва раундов по умолчанию "
+"(5000)."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr "Значени� должны лежать в диапазоне 1000-999999999."
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+"Е�ли задано какое-то одно значение — <option>SHA_CRYPT_MIN_ROUNDS</option> "
+"или <option>SHA_CRYPT_MAX_ROUNDS</option> — то будет и�пользовано �то "
+"значение."
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+"Е�ли <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; "
+"<option>SHA_CRYPT_MAX_ROUNDS</option>, то и�пользует�� большее значение."
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: passwd.1.xml:429(filename)
+msgid "/etc/pam.d/passwd"
+msgstr "/etc/pam.d/passwd"
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr "на�тройки PAM дл� <command>passwd</command>"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "до�туп запрещён"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "недопу�тима� комбинаци� параметров"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr "неожиданна� ошибка при работе, ничего не �делано"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr ""
+"неожиданна� ошибка при работе, от�ут�твует файл <filename>passwd</filename>"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr ""
+"файл <filename>passwd</filename> зан�т другой программой, попробуйте ещё раз"
+
+# type: Content of: <refentry><refsect1><para>
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Программа <command>passwd</command> заверша� работу, возвращает �ледующие "
+"значени�: <placeholder-1/>"
+
+#: passwd.1.xml:490(para)
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><command>
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr "nologin"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr "вежливо отказывает во входе в �и�тему"
+
+# type: Content of: <refentry><refsect1><para>
+#: nologin.8.xml:65(para)
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+"Программа <command>nologin</command> выдаёт �ообщение, что учётна� запи�ь "
+"недо�тупна и завершает работу � ненулевым кодом возврата. Она предназначена "
+"дл� замены оболочки командной �троки в поле оболочки у заблокированных "
+"учётных запи�ей."
+
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"Чтобы заблокировать в�е учётные запи�и по�мотрите �правочную �траницу "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><title>
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr "ИСТОРИЯ"
+
+# type: Content of: <refentry><refsect1><para>
+#: nologin.8.xml:91(para)
+#, fuzzy
+#| msgid "The <command>nologin</command> command appearred in BSD 4.4."
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr "Программа <command>nologin</command> впервые по�вила�ь в BSD 4.4."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr ""
+"обновл�ет и �оздаёт новые учётные запи�и пользователей в пакетном режиме"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr "файл"
+
+# type: Content of: <refentry><refsect1><para>
+#: newusers.8.xml:97(para)
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+"Программа <command>newusers</command> читает <replaceable>файл</replaceable> "
+"(или по умолчанию �тандартный ввод)  и и�пользует �ту информацию дл� "
+"обновлени� группы �уще�твующих или �оздани� новых учётных запи�ей. Кажда� "
+"�трока имеет формат �тандартного файла паролей (�мотрите "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) за и�ключением:"
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><replaceable>
+#: newusers.8.xml:110(emphasis)
+msgid "pw_name"
+msgstr "pw_name"
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr "Им� пользовател�."
+
+#: newusers.8.xml:116(para)
+#, fuzzy
+#| msgid ""
+#| "It can be the name of a new user or the name of an existing user (or an "
+#| "user created before by <command>newusers</command>). In case of an "
+#| "existing user, the user's information will be changed, otherwise a new "
+#| "user will be created."
+msgid ""
+"It can be the name of a new user or the name of an existing user (or a user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+"Это может быть им� нового пользовател� или им� �уще�твующего пользовател� "
+"(или пользовател�, �озданного <command>newusers</command> ранее). Е�ли "
+"пользователь �уще�твует, то будет изменена информаци� о пользователе, или же "
+"�оздаёт�� новый пользователь."
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr "pw_passwd"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr ""
+"Это поле будет зашифровано и и�пользовано как новое значение шифрованного "
+"парол�."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><replaceable>
+#: newusers.8.xml:138(emphasis)
+msgid "pw_uid"
+msgstr " pw_gid"
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr "Это поле и�пользует�� дл� определени� UID пользовател�."
+
+#: newusers.8.xml:144(para)
+#, fuzzy
+#| msgid ""
+#| "If the field is empty, an new (unused) UID will be defined automatically "
+#| "by <command>newusers</command>."
+msgid ""
+"If the field is empty, a new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+"Е�ли �то поле пу�то, то командой <command>newusers</command> автоматиче�ки "
+"определ�ет�� новый (неи�пользованный) UID."
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr ""
+"Е�ли в �том поле указано чи�ло, то оно будет и�пользовано в каче�тве UID."
+
+#: newusers.8.xml:152(para)
+#, fuzzy
+#| msgid ""
+#| "If this field contains the name of an existing user (or the name of an "
+#| "user created before by <command>newusers</command>), the UID of the "
+#| "specified user will be used."
+msgid ""
+"If this field contains the name of an existing user (or the name of a user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+"Е�ли в поле �одержит�� им� �уще�твующего пользовател� (или им� пользовател�, "
+"�озданного <command>newusers</command> ранее), то и�пользует UID указанного "
+"пользовател�."
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr ""
+"Е�ли измен�ет�� UID �уще�твующего пользовател�, то у файлов, которыми владел "
+"�тот пользователь, нужно вручную переопределить владельца."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><replaceable>
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr ""
+"Это поле и�пользует�� дл� определени� ID первичной группы пользовател�."
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+"Е�ли в �том поле �одержит�� им� �уще�твующей группы (или группы, �озданной "
+"<command>newusers</command> ранее), то в каче�тве ID первичной группы "
+"пользовател� будет и�пользован GID �той группы."
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+"Е�ли в �том поле �одержит�� чи�ло, то �то чи�ло будет и�пользовано как ID "
+"первичной группы пользовател�. Е�ли � таким GID не �уще�твует, то будет "
+"�оздана нова� группа � �тим GID и именем пользовател�."
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+"Е�ли �то поле пу�то, то нова� группа будет �оздана � именем пользовател�, а "
+"GID будет определён <command>newusers</command> автоматиче�ки (дл� "
+"и�пользовани� в каче�тве ID первичной группы пользовател� и GID новой "
+"группы)."
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+"Е�ли поле �одержит им� группы, которой не �уще�твует (и котора� не была "
+"�оздана <command>newusers</command> ранее), то будет �оздана нова� группа � "
+"указанным именем, GID будет определён <command>newusers</command> "
+"автоматиче�ки (дл� и�пользовани� в каче�тве ID первичной группы пользовател� "
+"и GID новой группы)."
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr "pw_gecos"
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr "Это поле копирует�� в поле GECOS запи�и пользовател�."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><emphasis>
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr "pw_dir"
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr "Это поле и�пользует�� дл� определени� домашнего каталога пользовател�."
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+"Е�ли �то поле указывает на не�уще�твующий каталог, то указанный каталог "
+"�оздаёт��, его владельцем назначает�� �оздаваемый или обновл�емый "
+"пользователь и его первична� группа."
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+"Е�ли измен�ет�� домашний каталог �уще�твующего пользовател�, то команда "
+"<command>newusers</command> не перемещает или копирует �одержимое �тарого "
+"каталога в новое ме�то. Это нужно выполнить вручную."
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr "pw_shell"
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr ""
+"В �том поле задаёт�� пользователь�ка� оболочка. �икаких проверок пол� не "
+"делает��."
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+"Команда <command>newusers</command> �начала пытает�� �оздать или изменить "
+"в�ех указанных пользователей, а затем запи�ать �ти изменени� в базы данных "
+"пользователей или групп. Е�ли прои�ходит ошибка (кроме ошибок при по�ледней "
+"запи�и в базы данных), то изменени� в базы не �охран�ют��."
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+"Во врем� первого прохода пользователи �оздают�� � заблокированными парол�ми "
+"(у не�оздаваемых пользователей пароли не измен�ют��). Во врем� второго "
+"прохода выполн�ет�� обновление паролей � помощью PAM. При возникновении "
+"ошибок при обновлении об �том �ообщает��, но обновление паролей продолжает��."
+
+# type: Content of: <refentry><refsect1><para>
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr ""
+"Данна� команда предназначена дл� работы в крупных �и�темных �редах, где за "
+"один раз обновл�ет�� не�колько учётных запи�ей."
+
+# type: Content of: <refentry><refsect1><para>
+#: newusers.8.xml:266(para)
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr "Параметры команды <command>newusers</command>:"
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-c</option>, <option>--crypt-method</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr "И�пользовать указанный метод дл� шифровани� паролей."
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+"Возможные методы: DES, MD5, NONE и SHA256 или SHA512, е�ли �ти методы "
+"поддерживает�� libc."
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Си�темные пользователи �оздают�� без информации об у�таревании в <filename>/"
+"etc/shadow</filename>, и их чи�ловые идентификаторы выбирают�� из диапазона "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>, определённого в "
+"<filename>login.defs</filename>, а не из <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (�то же ка�ает�� и ча�ти � <option>GID</option> при "
+"�оздании групп)."
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--sha-rounds</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr "И�пользовать указанное количе�тво раундов шифровани� паролей."
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr ""
+"Значение 0 означает, что �и�тема выберет количе�тво раундов по умолчанию дл� "
+"выбранного метода шифровани� (5000)."
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr ""
+"Минимальное значение равно 1000, а мак�имальное значение равно 999,999,999."
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+"Вы можете и�пользовать �тот параметр только при методе шифровани� SHA256 или "
+"SHA512."
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"По умолчанию, количе�тво раундов определ�ет�� переменными "
+"SHA_CRYPT_MIN_ROUNDS и SHA_CRYPT_MAX_ROUNDS из <filename>/etc/login.defs</"
+"filename>."
+
+# type: Content of: <refentry><refsect1><para>
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+"Файл � входными данными должен быть защищён, так как в нём �одержат�� не "
+"шифрованные пароли."
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr ""
+"Вы должны проверить, что пароль и метод шифровани� �оответ�твует политике "
+"�и�темных паролей."
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: newusers.8.xml:430(filename)
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/pam.d/newusers"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr "на�тройки PAM дл� <command>newusers</command>"
+
+#: newusers.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr "newgrp"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr "выполн�ет реги�трацию пользовател� в новой группе"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr "группа"
+
+# type: Content of: <refentry><refsect1><para>
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+"Программа <command>newgrp</command> и�пользует�� дл� изменени� ID текущей "
+"группы в работающем �еан�е. Е�ли указан необ�зательный параметр <option>-</"
+"option>, то окружение пользовател� будет инициализировано повторно, как е�ли "
+"бы пользователь заново вошёл в �и�тему, иначе имеющее�� окружение, включа� "
+"текущий рабочий каталог, изменено не будет."
+
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+"Программа <command>newgrp</command> измен�ет идентификатор текущей реальной "
+"группы на заданный или на группу по умолчанию, указанную в файле <filename>/"
+"etc/passwd</filename>, в �лучае е�ли им� группы не указано. Программа "
+"<command>newgrp</command> также пытает�� добавить группу в �пи�ок групп "
+"пользовател�. Е�ли пользователь не �вл�ет�� �уперпользователем, то его "
+"попро��т вве�ти пароль, даже е�ли он его не имеет (в файле <filename>/etc/"
+"shadow</filename>, е�ли дл� �того пользовател� имеет�� запи�ь в файле "
+"теневых паролей, иначе и�пользует�� файл <filename>/etc/passwd</filename>), "
+"а группа имеет, или е�ли пользователь не �вл�ет�� членом группы, а группа "
+"имеет пароль. Е�ли пользователь не �вл�ет�� членом группы, а у группы пу�той "
+"пароль, то пользователю будет отказано в до�тупе."
+
+# type: Content of: <refentry><refsect1><para>
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+"Е�ли е�ть запи�ь дл� �той группы в файле <filename>/etc/gshadow</filename>, "
+"то �пи�ок членов и пароль �той группы будут вз�ты из �того файла, иначе "
+"и�пользует�� запи�ь из файла <filename>/etc/group</filename>."
+
+#: newgrp.1.xml:152(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+
+# type: Content of: <refentry><refsect1><para><command>
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr "logoutd"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr "контролирует временные интервалы работы в �и�теме"
+
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+"Программа <command>logoutd</command> контролирует временные ограничени� "
+"работы в �и�теме и порты, заданные в файле <filename>/etc/porttime</"
+"filename>. Программа <command>logoutd</command> должна запу�кать�� из "
+"�ценари� <filename>/etc/rc</filename>. Файл <filename>/var/run/utmp</"
+"filename> периодиче�ки �канирует�� и дл� каждого имени пользовател� "
+"провер�ет��, разрешено ли данному пользователю работать в на�то�щий момент "
+"на данном порту. Любой �еан�, который нарушает ограничени�, опи�анные в "
+"файле <filename>/etc/porttime</filename>, будет завершён."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr "/var/run/utmp"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "�одержит �пи�ок работающих �еан�ов в �и�теме"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr "login.defs"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr "�одержит конфигурацию под�и�темы теневых паролей"
+
+# type: Content of: <refentry><refsect1><para>
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+"Файл <filename>/etc/login.defs</filename> �одержит на�тройки под�и�темы "
+"теневых паролей (shadow password suite). Этот файл �вл�ет�� об�зательным. "
+"От�ут�твие данного файла не повли�ет на работу �и�темы, но, веро�тно, "
+"приведёт к выполнению нежелаемых операций."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+"Файл пред�тавл�ет �обой обычный тек�товый файл; кажда� �трока опи�ывает один "
+"параметр на�тройки. Строки �о�то�т из названи� параметра и его значени�, "
+"которые раздел�ют�� пробельным �имволом. Пу�тые �троки и комментарии "
+"игнорируют��. Комментарии начинают�� �о знака фунта «#», который должен быть "
+"первым непробельным �имволом в �троке."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+"Значени� параметров могут быть четырёх типов: �троки, логиче�кие значени�, "
+"чи�ла и длинные чи�ла. Строки �о�то�т из любых печатных �имволов. Под "
+"логиче�кими значени�ми подразумевают�� <replaceable>yes</replaceable> или "
+"<replaceable>no</replaceable>. �еопределённый логиче�кий параметр или "
+"имеющий значение, отличное от указанных выше, �читает�� как имеющий значение "
+"<replaceable>no</replaceable>. Чи�ла (обычные и длинные) можно задавать в "
+"де��тичной, во�ьмеричной (перед значением �тавит�� «<replaceable>0</"
+"replaceable>») или ше�тнадцатеричной (перед значением �тавит�� "
+"«<replaceable>0x</replaceable>») �и�темах �чи�лени�. Мак�имальные значени� "
+"параметра обычного и длинного чи�ла зави��т от архитектуры компьютера."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr "Возможны �ледующие параметры на�тройки:"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr "<option>CHFN_AUTH</option> (логиче�кий)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"Е�ли равно <<replaceable>yes</replaceable>, то программа <command>chfn</"
+"command> будет проводить аутентификацию перед тем как выполнить любые "
+"изменени�, в �лучае е�ли команда не запущена �уперпользователем."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr "<option>CHFN_RESTRICT</option> (�трока)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+"Этим параметром определ�ют�� ча�ти пол� <emphasis remap=\"I\">gecos</"
+"emphasis> в файле <filename>/etc/passwd</filename>, которые могут измен�ть "
+"обычные пользователи � помощью программы <command>chfn</command>. Строка "
+"может �одержать любую комбинацию букв <replaceable>f</replaceable>, "
+"<replaceable>r</replaceable>, <replaceable>w</replaceable>, <replaceable>h</"
+"replaceable> дл� изменени� полного имени пользовател�, номера комнаты, "
+"рабочего и домашнего телефона, �оответ�твенно. Дл� �овме�тимо�ти значение "
+"<replaceable>yes</replaceable> �квивалентно <replaceable>rwh</replaceable> и "
+"<replaceable>no</replaceable> �квивалентно <replaceable>frwh</replaceable>. "
+"Е�ли ничего не задано, то только �уперпользователь может выполн�ть любые "
+"изменени�. �аиболее ограничительна� на�тройка до�тигает�� �н�тием SUID бита "
+"� файла <filename>chfn</filename>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr "<option>CHSH_AUTH</option> (логиче�кий)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"Е�ли равно <replaceable>yes</replaceable>, то программа <command>chsh</"
+"command> будет проводить аутентификацию перед тем как выполнить любые "
+"изменени�, в �лучае е�ли команда не запущены �уперпользователем."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ERASECHAR</option> (number)"
+msgstr "<option>ERASECHAR</option> (чи�ло)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+"Символ ERASE у терминала (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr ""
+"Значение может начинать�� � «0» при указании значени� в во�ьмеричной �и�теме "
+"�чи�лени� или «0x» при указании значени� в ше�тнадцатеричной �и�теме "
+"�чи�лени�."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "<option>FAIL_DELAY</option> (чи�ло)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr "Задержка в �екундах перед повторной попыткой по�ле неудачного входа."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr "<option>FAILLOG_ENAB</option> (логиче�кий)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr ""
+"Включить протоколирование и показ информации о неудачных входах из "
+"<filename>/var/log/faillog</filename>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr "<option>FAKE_SHELL</option> (�трока)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+"Е�ли у�тановлена, то программа <command>login</command> запу�тит указанную "
+"оболочку вме�то пользователь�кой оболочки заданной в <filename>/etc/passwd</"
+"filename>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr "<option>FTMP_FILE</option> (�трока)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+"Е�ли определена, то неудачные попытки входа будут протоколировать�� в �тот "
+"файл в формате utmp."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr "<option>HUSHLOGIN_FILE</option> (�трока)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+"Е�ли определена, то �тот файл может заблокировать в�е обычные переговоры "
+"(chatter) при входе. Е�ли указан полный путь к файлу, то будет включён "
+"�окращённый (hushed) режим, е�ли в �том файле указано им� пользовател� или "
+"оболочка. Е�ли указан не полный путь, то будет включён �окращённый (hushed) "
+"режим, е�ли файл находит�� в домашнем каталоге пользовател�."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr "<option>ISSUE_FILE</option> (�трока)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr ""
+"Е�ли определена, то �тот файл будет показан перед каждым по�влением "
+"приглашени� на вход."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>KILLCHAR</option> (number)"
+msgstr "<option>KILLCHAR</option> (чи�ло)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr "Символ KILL у терминала (<replaceable>025</replaceable> = CTRL/U)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr "<option>LASTLOG_ENAB</option> (логиче�кий)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+"Включить протоколирование и показ информации о времени входа из /var/log/"
+"lastlog."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr "<option>LOG_OK_LOGINS</option> (логиче�кий)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr "Включить протоколирование у�пешных входов."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "<option>LOG_UNKFAIL_ENAB</option> (логиче�кий)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr ""
+"Включить показ неизве�тных имён пользователей при запи�и неудачных попыток "
+"входа."
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+"Замечание: протоколирование неизве�тных имён пользовател� может приве�ти к "
+"проблемам � безопа�но�тью, е�ли пользователь введёт �вой пароль вме�то "
+"�воего имени."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "<option>LOGIN_RETRIES</option> (чи�ло)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr "Мак�имальное количе�тво попыток входа при вводе неверного парол�."
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+"�аиболее веро�тно �то значение будет переопределено PAM, так как по "
+"умолчанию в модуле pam_unix определено 3 попытки. Однако, �то значение "
+"�вл�ет�� резервом, е�ли вы и�пользуете модуль аутентификации, который не "
+"учитывает PAM_MAXTRIES."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "<option>LOGIN_TIMEOUT</option> (чи�ло)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr "Мак�имальное врем� в �екундах, отведённое на вход."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "<option>MOTD_FILE</option> (�трока)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr ""
+"Е�ли определена, то при входе будет показано «�ообщение дн�» из файла �о "
+"�пи�ком значений, разделённых «:»."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr "<option>NOLOGINS_FILE</option> (�трока)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+"Е�ли определена, значение равно имени файла, чьё �уще�твование запретит вход "
+"дл� не �уперпользователей. В файле должно �одержать�� �ообщение, опи�ывающее "
+"почему запрещён вход."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.defs.5.xml:208(para)
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+"Параметры <option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> и "
+"<option>PASS_WARN_AGE</option>  и�пользуют�� только при �оздании учётной "
+"запи�и. Любые изменени� �тих параметров не вли�ют на уже �уще�твующие "
+"учётные запи�и."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>PORTTIME_CHECKS_ENAB</option> (логиче�кий)"
+
+# type: Content of: <refentry><refsect1><para>
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr ""
+"Включить проверку временных ограничений, заданных в <filename>/etc/porttime</"
+"filename>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "<option>TTYGROUP</option> (�трока)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>TTYPERM</option> (string)"
+msgstr "<option>TTYPERM</option> (�трока)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+"Права терминала: tty входа будет принадлежать группе <option>TTYGROUP</"
+"option>, а права будут назначены в �оответ�твии � <option>TTYPERM</option>."
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+"По умолчанию, терминалом владеет первична� группа пользовател�, а права "
+"у�танавливают�� в <replaceable>0600</replaceable>."
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+"В <option>TTYGROUP</option> может задавать�� или им� группы, или чи�ловой "
+"идентификатор группы."
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+"Е�ли ваша программа <command>write</command> имеет «setgid» �о �пециальной "
+"группой, которой принадлежат терминалы, то при�войте TTYGROUP номер �той "
+"группы, а TTYPERM значение 0620. В противном �лучае о�тавьте TTYGROUP "
+"закомментированной и назначьте TTYPERM значение 622 или 600."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "<option>TTYTYPE_FILE</option> (�трока)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+"Е�ли определена, то в ней указывает�� им� файла, в котором опи�ано "
+"�оответ�твие между линией tty и параметром окружени� TERM. Кажда� �трока "
+"файла имеет формат вида «vt100 tty01»."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ULIMIT</option> (number)"
+msgstr "<option>ULIMIT</option> (чи�ло)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr "Значение <command>ulimit</command> по умолчанию."
+
+# type: Content of: <refentry><refsect1><title>
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr "ПЕРЕКР�СТ�ЫЕ ССЫЛКИ"
+
+# type: Content of: <refentry><refsect1><para>
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr ""
+"Следующие перекрё�тные ��ылки отражают �в�зь между программами и их "
+"параметрам из набора дл� работы � теневыми парол�ми."
+
+# type: Content of: <refentry><refsect1><para><command>
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr "chage"
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr "USE_TCB"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr "chfn"
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+
+# type: Content of: <refentry><refsect1><para><command>
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr "chgpasswd"
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+# type: Content of: <refentry><refsect1><para><command>
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr "chpasswd"
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr "chsh"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.defs.5.xml:288(para)
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr "CHSH_AUTH LOGIN_STRING"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr "gpasswd"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr "groupadd"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.defs.5.xml:308(para)
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr "groupdel"
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr "MAX_MEMBERS_PER_GROUP"
+
+# type: Content of: <refentry><refsect1><para><command>
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr "groupmems"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr "groupmod"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr "grpck"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr "login"
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:383(term)
+msgid "newgrp / sg"
+msgstr "newgrp / sg"
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr "SYSLOG_SG_ENAB"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.defs.5.xml:393(para)
+#, fuzzy
+#| msgid ""
+#| "ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+#| "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+#| "\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+#| "SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.defs.5.xml:431(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: login.defs.5.xml:463(term)
+msgid "sulogin"
+msgstr "sulogin"
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.defs.5.xml:474(para)
+#, fuzzy
+#| msgid ""
+#| "CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+#| "PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+#| "SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb"
+#| "\">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>"
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN "
+"UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP TCB_SYMLINK "
+"USE_TCB</phrase>"
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:519(para)
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+"Большин�тво функций теневых паролей теперь реализовано через PAM. По�тому, "
+"файл <filename>/etc/login.defs</filename> больше не и�пользует�� программами "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> и "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>. �а�тройку данных программ �ледует выполн�ть в �оответ�твующих "
+"файлах на�тройки PAM."
+
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr "login.access"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr "файл контрол� до�тупа в �и�тему"
+
+# type: Content of: <refentry><refsect1><para>
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+"В файле <emphasis remap=\"I\">login.access</emphasis> определ�ют�� "
+"комбинации (пользователь, узел) и/или (пользователь, терминал), которым "
+"будет разрешён или запрещён вход в �и�тему."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+"Когда кто-то пытает�� войти в �и�тему выполн�ет�� �канирование файла "
+"<emphasis remap=\"I\">login.access</emphasis> в пои�ках первой �овпадающей "
+"запи�и (пользователь, узел), или в �лучае не �етевого входа, первой "
+"�овпадающей запи�и (пользователь, терминал). Из найденной запи�и выбирает�� "
+"поле прав до�тупа, по которому определ�ет�� разрешать ли данной учётной "
+"запи�и вход в �и�тему или нет."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr ""
+"Кажда� �трока таблицы контрол� до�тупа в �и�тему �о�тоит из трёх полей "
+"разделённых �имволом «:» и выгл�дит так:"
+
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">права_до�тупа</emphasis>:<emphasis remap=\"I"
+"\">пользователи</emphasis>:<emphasis remap=\"I\">и�точники</emphasis>"
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+"Первое поле должно �одержать �имвол «<emphasis>+</emphasis>» (до�туп "
+"разрешён) или «<emphasis>-</emphasis>» (до�туп запрещён). Второе поле должно "
+"�одержать им� одной или более учётных запи�ей, имена групп или "
+"<emphasis>ALL</emphasis> (в�егда �овпадает). Третье поле должно �одержать "
+"одно или не�кольких имён терминалов (дл� до�тупа не из �ети), имена узлов, "
+"доменных имён (начинают�� � «<literal>.</literal>»), адре�а узлов, адре�а "
+"под�етей (заканчивают�� на «<literal>.</literal>»), <emphasis>ALL</emphasis> "
+"(в�егда �овпадает) или <emphasis>LOCAL</emphasis> (люба� �трока, не "
+"�одержаща� �имвола «<literal>.</literal>»). Е�ли и�пользует�� NIS, то также "
+"можно и�пользовать @им�_�етевой_группы в шаблонах узлов или именах "
+"пользователей."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr ""
+"Оператор <emphasis>EXCEPT</emphasis> помогает в напи�ании компактных правил."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+"Пои�к в файле групп производит�� только когда им� не �овпадает � "
+"реги�трирующим�� пользователем. Ра��матривают�� группы только � �вно "
+"пропи�анными в них пользовател�ми: программа не принимает во внимание "
+"значение первичной группы пользовател�."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr "начинает �еан� в �и�теме"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr "узел"
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr "ПЕРЕМЕ���Я_ОКРУЖЕ�ИЯ=З��ЧЕ�ИЕ"
+
+# type: Content of: <refentry><refsect1><para><option>
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+"Программа <command>login</command> и�пользует�� дл� запу�ка нового �еан�а в "
+"�и�теме. Как правило, �та программа вызывает�� автоматиче�ки и выводит "
+"приглашение <emphasis remap=\"I\">login:</emphasis> на терминал "
+"пользовател�. Программа <command>login</command> может во�принимать�� "
+"оболочкой командной �троки не как про�та� программа и вызывать�� не как "
+"подпроце��. При вызове из оболочки <command>login</command> должна "
+"запу�кать�� по�ред�твом вызова <emphasis remap=\"B\">exec login</emphasis>, "
+"что приводит к завершению работы пользовател� в текущей оболочке (и, таким "
+"образом, вновь вход�щий в �и�тему пользователь не попадёт в �еан� "
+"вызвавшего). Попытка запу�тить <command>login</command> из любой оболочки, "
+"отличной от реги�трационной, приводит к �ообщению об ошибке."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+"В какой-то момент пользовател� попро��т вве�ти �вой пароль. Чтобы не "
+"допу�тить ра�крыти�, �имволы при вводе парол� не отображают��. Разрешено "
+"очень маленькое количе�тво попыток ввода неправильного парол�, перед тем как "
+"<command>login</command> закончит работу и прервёт подключение."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+"Е�ли включён механизм у�таревани� парол� учётной запи�и, то перед входом в "
+"�и�тему может потребовать�� �мена парол�. Дл� �того нужно вве�ти �тарый "
+"пароль и новый пароль. Подробней об �том напи�ано в "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+"По�ле у�пешного входа в �и�тему, будут показаны �ообщени� от �и�темы и о "
+"наличии почты. Можно отключить вывод файла �и�темных �ообщений из файла "
+"<filename>/etc/motd</filename>, �оздав в домашнем каталоге файл нулевой "
+"длины � именем <filename>.hushlogin</filename>. Сообщение о наличии почты "
+"может быть одним из: «<emphasis>У ва� е�ть нова� почта.</emphasis>», "
+"«<emphasis>У ва� е�ть почта.</emphasis>» или «<emphasis>У ва� нет почты.</"
+"emphasis>», в зави�имо�ти от наполненно�ти почтового �щика."
+
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+"Значение идентификатора учётной запи�и и группы будет вз�то из файла "
+"<filename>/etc/passwd</filename>. Значени� переменных <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar> и "
+"<envar>$MAIL</envar> у�танавливают�� �огла�но �оответ�твующим пол�м учётной "
+"запи�и пользовател�. Также могут быть у�тановлены значени� ulimit, umask и "
+"nice из пол� GECOS."
+
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+"В некоторых �и�темах переменной окружени� <envar>$TERM</envar> будет "
+"при�воен тип терминала линии tty, �огла�но данным из файла <filename>/etc/"
+"ttytype</filename>."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+"Также может быть выполнен �ценарий инициализации пользователь�кого "
+"интерпретатора команд. Подробней об �той функции �мотрите �оответ�твующую "
+"�правочную �траницу."
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+"Программа <command>login</command> �Е удал�ет запи�и о пользовател�х из "
+"файла utmp. Эта задача программ <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> и "
+"<citerefentry><refentrytitle>init</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> — удал�ть запи�и о владельце терминального �еан�а. Е�ли "
+"<command>login</command> запу�кает�� из командной �троки без <command>exec</"
+"command>, то пользователь продолжает находить�� в �и�теме даже по�ле "
+"завершени� работы в «порождённом �еан�е»."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr "�е выполн�ть аутентификацию, пользователь уже прошёл проверку."
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+"Замечание: в �том �лучае <replaceable>им�_пользовател�</replaceable> "
+"об�зательно."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr "-h"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr "Им� удалённого узла, на который нужно войти."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr "Сохранить окружение."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr "Выполнить протокол autologin дл� rlogin."
+
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+"Параметры <option>-r</option>, <option>-h</option> и <option>-f</option> "
+"и�пользуют�� только е�ли <command>login</command> запу�кает�� "
+"�уперпользователем."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Данна� вер�и� <command>login</command> может быть �обрана � разными "
+"параметрами и только некоторые из них �могут быть и�пользованы на любой "
+"машине."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr "Ра�положение файлов может отличать�� на разных �и�темах."
+
+# type: Content of: <refentry><refsect1><para>
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+"Как и дл� любой программы, запу�к <command>login</command> может быть "
+"подделан. Е�ли неуполномоченные пользователи имеют физиче�кий до�туп к "
+"машине, то атакующий может и�пользовать �то дл� получени� парол� �ледующего "
+"человека, который будет работать за машиной. Под Linux пользователи могут "
+"и�пользовать механизм SAK дл� у�тановлени� до�товерного пути и таким образом "
+"предотвращени� атаки."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr "�одержит �пи�ок завершённых �еан�ов работы � �и�темой"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr "�одержит �и�темные �ообщени� за день"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr ""
+"при �уще�твовании файла блокирует�� до�туп в �и�тему обычным пользовател�м"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr "�одержит �пи�ок типов терминалов"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr ""
+"при �уще�твовании файла �и�темные �ообщени� при входе в �и�тему не вывод�т��"
+
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr ""
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr ""
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr "файл контрол� ре�ур�ов"
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+"В файле <emphasis remap=\"I\">limits</emphasis> (по умолчанию <filename>/etc/"
+"limits</filename> или определ�ет�� значением LIMITS_FILE в файле "
+"<filename>config.h</filename>) опи�ывают�� ограничени�, которые можно "
+"измен�ть. Этот файл должен принадлежать �уперпользователю и право на чтение "
+"должно быть только у �уперпользовател�."
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+"По умолчанию учётна� запи�ь «root» ничем не ограничена. Фактиче�ки, никак "
+"нельз� у�тановить ограничени� � помощью �той процедуры на учётные запи�и, "
+"имеющие права �уперпользовател� (учётные запи�и � UID равным 0)."
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr "Кажда� �трока опи�ывает ограничение дл� одного пользовател� имеет вид:"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr "user СТРОК�_ОГР��ИЧЕ�ИЙ"
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr "или в виде:"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr "@group СТРОК�_ОГР��ИЧЕ�ИЙ"
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+"<emphasis>СТРОК�_ОГР��ИЧЕ�ИЙ</emphasis> — �то �трока, в которой указаны "
+"�разу не�колько ограничений. Каждое ограничение �о�тоит из буквенного "
+"идентификатора и чи�лового значени�."
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr "Допу�тимые идентификаторы:"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr "A: мак�имальное адре�ное про�тран�тво (КБ)"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr "C: мак�имальный размер файла core (КБ)"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr "D: мак�имальный размер данных (КБ)"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:111(para)
+#, fuzzy
+#| msgid "F: maximum filesize (KB)"
+msgid "F: maximum file size (KB)"
+msgstr "F: мак�имальный размер файла (КБ)"
+
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"K: ма�ка �оздаваемых файлов, у�танавливает�� � помощью вызова "
+"<citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></"
+"citerefentry>."
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr ""
+"I: мак�имальное значение у�тупчиво�ти (nice) (0..39, преобразуемые в 20..-19)"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr ""
+"L: мак�имальное чи�ло возможных реги�траций в �и�теме �того пользовател�"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr "M: мак�имальное �инхронизируемое адре�ное про�тран�тво пам�ти (КБ)"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr "N: мак�имальное чи�ло открытых файлов"
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr "O: мак�имальный приоритет реального времени"
+
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"P: приоритет проце��а, у�танавливает�� � помощью вызова "
+"<citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr "R: мак�имальный размер резидентного �егмента (КБ)"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr "S: мак�имальный размер �тека (КБ)"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr "T: мак�имальное врем� и�пользовани� проце��ора (минут)"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr "U: мак�имальное чи�ло проце��ов"
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+"�апример, значение <emphasis remap=\"I\">L2D2048N5</emphasis> допу�тимо дл� "
+"<emphasis>СТРОКИ_ОГР��ИЧЕ�ИЙ</emphasis>. Дл� удоб�тва чтени�, �ледующие "
+"запи�и �квивалентны:"
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      username L2D2048N5\n"
+"      username L2 D2048 N5\n"
+"    "
+msgstr ""
+"\n"
+"      username L2D2048N5\n"
+"      username L2 D2048 N5\n"
+"    "
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:145(para)
+#, fuzzy
+#| msgid ""
+#| "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+#| "the line is considered a limit string, thus comments are not allowed. A "
+#| "invalid limits string will be rejected (not considered) by the "
+#| "<command>login</command> program."
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. An "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+"Заметим, что по�ле <emphasis remap=\"I\">username</emphasis> о�тавша��� "
+"ча�ть �троки �читает�� �трокой ограничений, по�тому комментарии недопу�тимы. "
+"�еправильна� �трока ограничений будет отброшена (не учтена) программой "
+"<command>login</command>."
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+"Запи�ь по умолчанию выгл�дит как username \"<emphasis>*</emphasis>\". Е�ли у "
+"ва� е�ть не�колько запи�ей <emphasis remap=\"I\">по умолчанию</emphasis> в "
+"файле <emphasis>LIMITS_FILE</emphasis>, то будет и�пользовать�� по�ледн��."
+
+#: limits.5.xml:159(para)
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+"Ограничени�, задаваемые в виде «<replaceable>@group</replaceable>», "
+"примен�ют�� к членам указанной группы <replaceable>group</replaceable>."
+
+#: limits.5.xml:165(para)
+#, fuzzy
+#| msgid ""
+#| "If more than one line with limits for an user exist, only the first line "
+#| "for this user will be considered."
+msgid ""
+"If more than one line with limits for a user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+"Е�ли дл� пользовател� е�ть более одной �троки ограничений, то учитывает�� "
+"только перва� �трока."
+
+#: limits.5.xml:170(para)
+#, fuzzy
+#| msgid ""
+#| "If no lines are specified for an user, the last <replaceable>@group</"
+#| "replaceable> line matching a group whose the user is a member of will be "
+#| "considered, or the last line with default limits if no groups contain the "
+#| "user."
+msgid ""
+"If no lines are specified for a user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+"Е�ли дл� пользовател� не указано ни одной �троки, то учитывает�� по�ледн�� "
+"�трока <replaceable>@group</replaceable> � группой, в которую входит "
+"пользователь, или по�ледн�� �трока � ограничени�ми по умолчанию, е�ли не "
+"указано групп, в которые входит пользователь."
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr ""
+"Чтобы полно�тью �н�ть ограничени� � пользовател�, и�пользует�� одиночное "
+"тире «<emphasis>-</emphasis>»."
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+"Чтобы �н�ть ограничение � пользовател�, вме�то чи�лового значени� "
+"ограничени� можно и�пользовать одиночное тире «<emphasis>-</emphasis>»."
+
+# type: Content of: <refentry><refsect1><para>
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+"Также заметьте, что в�е на�тройки ограничений делают�� ДЛЯ КО�КРЕТ�ОЙ "
+"УЧ�Т�ОЙ З�ПИСИ. Они не �вл�ют�� глобальными и не по�то�нны. Возможно "
+"глобальные ограничени� и по�в�т��, но пока �то только в планах ;)"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr "/etc/limits"
+
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr "lastlog"
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr ""
+"выводит отчёт о по�ледней реги�трации в �и�теме в�ех или указанного "
+"пользовател�"
+
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+"Программа <command>lastlog</command> упор�дочивает и выводит �одержимое "
+"файла <filename>/var/log/lastlog</filename>, который �одержит даты "
+"по�леднего входа пользователей в �и�тему. Вывод�т�� <emphasis>им� "
+"пользовател�</emphasis>, <emphasis>порт</emphasis> и <emphasis>дата "
+"по�леднего входа в �и�тему</emphasis>. По умолчанию (вызов без параметров) "
+"показывают�� запи�и файла lastlog, от�ортированные �огла�но ра�положению "
+"пользователей в файле <filename>/etc/passwd</filename>."
+
+# type: Content of: <refentry><refsect1><para>
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr "Параметры команды <command>lastlog</command>:"
+
+#: lastlog.8.xml:97(term)
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>Д�ЕЙ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+"Показать запи�и lastlog за по�ледние <emphasis remap=\"I\">Д�ЕЙ</emphasis>."
+
+#: lastlog.8.xml:107(term)
+#, fuzzy
+#| msgid "<option>-u</option>, <option>--user</option>"
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: lastlog.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "This option is only valid in combination with the <option>-d</option> (or "
+#| "<option>--home</option>) option."
+msgid ""
+"Clear lastlog record of a user. This option can be used only together with "
+"<option>-u</option> (<option>--user</option>))."
+msgstr ""
+"Этот параметр можно и�пользовать только � параметром <option>-d</option> "
+"(или <option>--home</option>)."
+
+#: lastlog.8.xml:138(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: lastlog.8.xml:142(para)
+msgid ""
+"Set lastlog record of a user to the current time. This option can be used "
+"only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>Д�ЕЙ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: lastlog.8.xml:153(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr ""
+"Показать запи�и lastlog новее чем <emphasis remap=\"I\">Д�ЕЙ</emphasis>."
+
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>УЧ�Т��Я "
+"З�ПИСЬ</replaceable>|<replaceable>ДИ�П�ЗО�</replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: lastlog.8.xml:164(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr "Показать запи�ь lastlog только дл� указанного пользовател�(ей)."
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+"Пользовател� можно указать по отдельному имени, чи�ловому идентификатору или "
+"в виде <replaceable>ДИ�П�ЗО��</replaceable> пользователей. Такой "
+"<replaceable>ДИ�П�ЗО�</replaceable> можно задавать в виде мак�имального и "
+"минимального значений(<replaceable>UID_МИ�-UID_М�КС</replaceable>), "
+"мак�имального (<replaceable>-UID_М�КС</replaceable>) или минимального "
+"(<replaceable>UID_МИ�-</replaceable>) значени�."
+
+#: lastlog.8.xml:179(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+"Е�ли пользователь никогда не реги�трировал�� в �и�теме, то будет показано "
+"�ообщение <emphasis>** �икогда не входил в �и�тему**</emphasis> вме�то "
+"названи� порта и даты."
+
+#: lastlog.8.xml:184(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+"Будут показаны запи�и только дл� пользователей, имеющих в �и�теме данный "
+"момент. В журнале могут �уще�твовать запи�и дл� удалённых ранее "
+"пользователей."
+
+# type: Content of: <refentry><refsect1><title>
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr "З�МЕЧ��ИЕ"
+
+# type: Content of: <refentry><refsect1><para>
+#: lastlog.8.xml:193(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+"Файл <filename>lastlog</filename> �одержит информацию о по�ледней "
+"реги�трации в �и�теме каждого пользовател�. Вы не должны примен�ть к нему "
+"ротацию журнальных файлов. Этот файл �вл�ет�� разреженным, по�тому его "
+"размер на ди�ке гораздо меньше, чем показывает команда «<command>ls -l</"
+"command>» (котора� может показывать, что �то очень большой файл, е�ли "
+"значени� идентификаторов пользователей в �и�теме до�тигают больших "
+"значений). Чтобы увидеть реальный размер введите «<command>ls -s</command>»."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr "�одержит �пи�ок завершённых �еан�ов работы � �и�темой"
+
+# type: Content of: <refentry><refsect1><para>
+#: lastlog.8.xml:217(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+"Большие промежутки в значени�х идентификаторов пользователей привод�т к "
+"тому, что программа некоторое врем� ничего не выводит на �кран (то е�ть, "
+"е�ли в базе данных lastlog нет пользователей � идентификаторами � 170 по "
+"800, то во врем� обработки UID � 171 по 799 программа кажет�� пови�шей)."
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr ""
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr "gshadow"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr "файл � защищаемой информацией о группах"
+
+# type: Content of: <refentry><refsect1><para>
+#: gshadow.5.xml:59(para)
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr ""
+"Файл <filename>/etc/gshadow</filename> �одержит защищаемую информацию о "
+"группах."
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr ""
+"Кажда� �трока файла �одержит пол�, отделёнными друг от друга двоеточием:"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "им� группы"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr "Должно �одержать правильное им� группы, котора� �уще�твует в �и�теме."
+
+#: gshadow.5.xml:90(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+"Е�ли поле парол� �одержит �троку, котора� не удовлетвор�ет требовани�м "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, например �одержит ! или *, то пользователь не �может "
+"и�пользовать пароль unix дл� до�тупа в группу (а члену группы пароль не "
+"нужен)."
+
+#: gshadow.5.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The password is used when an user who is not a member of the group wants "
+#| "to gain the permissions of this group (see "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>)."
+msgid ""
+"The password is used when a user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"Пароль и�пользует��, е�ли пользователю, не �вл�ющему членом группы, "
+"требуют�� права �той группы (�мотрите <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr ""
+"Это поле может быть пу�тым; в �том �лучае только члены группы могут "
+"пользовать�� правами группы."
+
+# type: Content of: <refentry><refsect1><para>
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr ""
+"Данный пароль замен�ет любой пароль, указанный в файле <filename>/etc/group</"
+"filename>."
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr "админи�траторы"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr "Спи�ок имён пользователей, перечи�ленных через зап�тую."
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr "�дмини�траторы могут мен�ть пароль или член�тво в группе."
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr ""
+"�дмини�траторы также имеют те же права, что и члены группы (�мотрите далее)."
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr "члены"
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr "Члены могут иметь до�туп к группе без ввода парол�."
+
+# type: Content of: <refentry><refsect1><para>
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+"Вы должны и�пользовать тот же �пи�ок пользователей что и в <filename>/etc/"
+"group</filename>."
+
+#: gshadow.5.xml:175(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr "провер�ет корректно�ть файлов групп"
+
+# type: Content of: <refentry><refsect1><para>
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+"Программа <command>grpck</command> провер�ет цело�тно�ть информации о "
+"группах в �и�теме. Провер�ют�� формат и правильно�ть данных в�ех запи�ей в "
+"файлах <filename>/etc/group</filename> и <filename>/etc/gshadow</filename>. "
+"В �лучае обнаружени� ошибок пользователю предлагает�� подтвердить удаление "
+"запи�ей, имеющих неверный формат или во��тановление которых невозможно."
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr "уникально�ть и корректно�ть имени группы"
+
+#: grpck.8.xml:104(para)
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+"корректно�ть идентификатора группы <phrase condition=\"gshadow\"> (только "
+"дл� <filename>/etc/group</filename>)</phrase>"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: grpck.8.xml:111(para)
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr ""
+"корректно�ть �пи�ка членов <phrase condition=\"gshadow\">и админи�траторов</"
+"phrase>"
+
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+"�оответ�твие запи�и в файле <filename>/etc/gshadow</filename> (и <filename>/"
+"etc/group</filename> при проверках <filename>gshadow</filename>)"
+
+# type: Content of: <refentry><refsect1><para>
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+"Ошибки в количе�тве полей и уникально�ти имён групп нево��тановимы. Е�ли "
+"запи�ь �одержит неверное чи�ло полей, пользовател� попро��т подтвердить "
+"удаление в�ей �троки. Е�ли пользователь ответит отрицательно, дальнейша� "
+"проверка выполн�ть�� не будет. При ошибке повторени� имени группы также "
+"возникает запро� на удаление, но в �лучае отказа проверка будет продолжена. "
+"Обо в�ех о�тальных ошибках выводит�� предупреждение и пользователю "
+"предлагает�� запу�тить команду <command>groupmod</command>, чтобы и�править "
+"ошибку."
+
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+"Команды, которые работают � файлом <filename>/etc/group</filename> <phrase "
+"condition=\"gshadow\"> и <filename>/etc/gshadow</filename></phrase>, не "
+"�по�обны изменить повреждённые или дублирующие�� запи�и. В �том �лучае нужно "
+"и�пользовать <command>grpck</command> дл� удалени� и�порченной запи�и."
+
+# type: Content of: <refentry><refsect1><para>
+#: grpck.8.xml:152(para)
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr "Параметры команды <command>grpck</command>:"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+"Запу�кать команду <command>grpck</command> в режиме только дл� чтени�. При "
+"�том на в�е вопро�ы об изменени�х у�танавливает�� ответ <emphasis>нет</"
+"emphasis> и уча�тие пользовател� не требует��."
+
+#: grpck.8.xml:187(para)
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+"От�ортировать в�е запи�и в файле <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\">и <filename>/etc/gshadow</filename></phrase> по "
+"чи�ловому идентификатору группы (GID)."
+
+#: grpck.8.xml:196(para)
+#, fuzzy
+#| msgid ""
+#| "By default, <command>grpck</command> operates on <filename>/etc/group</"
+#| "filename><phrase condition=\"gshadow\"> and <filename>/etc/gshadow</"
+#| "filename></phrase>. The user may select alternate files with the "
+#| "<emphasis remap=\"I\">group</emphasis><phrase condition=\"no_gshadow"
+#| "\">parameter.</phrase><phrase condition=\"gshadow\">and <emphasis remap="
+#| "\"I\">shadow</emphasis> parameters.</phrase>"
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+"По умолчанию, команда <command>grpck</command> работает � файлом <filename>/"
+"etc/group</filename> <phrase condition=\"gshadow\"> и <filename>/etc/"
+"gshadow</filename></phrase>. Пользователь может указать другие файлы � "
+"помощью параметра <emphasis remap=\"I\">group</emphasis><phrase condition="
+"\"no_gshadow\">.</phrase> <phrase condition=\"gshadow\">и <emphasis remap=\"I"
+"\">shadow</emphasis>.</phrase>"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr "е�ть одна или более неправильных запи�ей групп"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr "не удало�ь открыть файл групп"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr "не удало�ь заблокировать файл групп"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr "не удало�ь изменить файл групп"
+
+# type: Content of: <refentry><refsect1><para>
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Команда <command>grpck</command> заверша� работу, возвращает �ледующие "
+"значени�: <placeholder-1/>"
+
+#: grpck.8.xml:291(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr "показывает имена групп запу�тившего программу пользовател�"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr "им�"
+
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+"Команда <command>groups</command> показывает имена групп запу�тившего "
+"программу пользовател� или их чи�ловые идентификаторы (ID). Е�ли дл� номера "
+"группы нет �оответ�твующей запи�и в файле <filename>/etc/group</filename>, "
+"то отображает�� чи�ловое значение. При указании необ�зательного параметра "
+"<emphasis remap=\"I\">им�</emphasis> вывод�т�� группы дл� учётной запи�и � "
+"указанным <emphasis remap=\"I\">именем</emphasis>."
+
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+"В �и�темах, не имеющих поддержки одновременного член�тва в не�кольких "
+"группах, и�пользует�� информаци� из файла <filename>/etc/group</filename>. "
+"Дл� �мены �воей текущей реальной или �ффективной группы пользователь должен "
+"и�пользовать команды <command>newgrp</command> или <command>sg</command>."
+
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr "измен�ет определение группы в �и�теме"
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "ГРУПП�"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+"Команда <command>groupmod</command> измен�ет определение указанной "
+"<replaceable>ГРУППЫ</replaceable>, измен�� �оответ�твующую запи�ь в базе "
+"данных групп."
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr "Параметры команды <command>groupmod</command>:"
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmod.8.xml:100(para)
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+"Им� группы будет изменено � <replaceable>ГРУПП�</replaceable> на "
+"<replaceable>GID</replaceable>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupmod.8.xml:104(para)
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+"Де��тичное значение <replaceable>GID</replaceable> должно быть "
+"неотрицательным. Это значение должно быть уникальным, е�ли не указан "
+"параметр <option>-o</option>."
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+"У пользователей, которых �та группа �вл�ет�� первичной, будет выполнено "
+"�оответ�твующее обновление."
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+"У в�ех файлов, которые имеют ID �тарой группы и должны продолжать "
+"принадлежать <replaceable>GROUP</replaceable>, нужно изменить их ID вручную."
+
+#: groupmod.8.xml:120(para)
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"�икаких проверок по <option>GID_MIN</option>, <option>GID_MAX</option>, "
+"<option>SYS_GID_MIN</option> или <option>SYS_GID_MAX</option> из <filename>/"
+"etc/login.defs</filename> не производит��."
+
+#: groupmod.8.xml:135(term)
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>�ОВ�Я_ГРУПП�</replaceable>"
+
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+"Им� группы будет изменено � <emphasis remap=\"I\">ГРУПП�</emphasis> на "
+"<emphasis remap=\"I\">�ОВ�Я_ГРУПП�</emphasis>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupmod.8.xml:150(para)
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+"При и�пользовании � параметром <option>-g</option> разрешает�� измен�ть "
+"<replaceable>GID</replaceable> группы не уникальным значением."
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "такое им� группы уже и�пользует��"
+
+# type: Content of: <refentry><refsect1><para>
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Команда <command>groupmod</command> заверша� работу, возвращает �ледующие "
+"значени�: <placeholder-1/>"
+
+#: groupmod.8.xml:287(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr ""
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr ""
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr ""
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr ""
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr "управл�ет членами первичной группы пользовател�"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><replaceable>
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr "им�_пользовател�"
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><replaceable>
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr "им�_группы"
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr "-g <placeholder-1/>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+"Программа <command>groupmems</command> позвол�ет пользователю управл�ть "
+"�пи�ком членов �воей группы не име� привилегий �уперпользовател�. Программа "
+"<command>groupmems</command> работает в �и�темах, где в каче�тве первичной "
+"группы пользовател� �вл�ет�� группа � именем �овпадающим � именем "
+"пользовател� (то е�ть, guest / guest)."
+
+#: groupmems.8.xml:94(para)
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+"Только �уперпользователь как админи�тратор может и�пользовать "
+"<command>groupmems</command>, чтобы изменить �пи�ок членов не �воей группы."
+
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr "Параметры команды <command>groupmems</command>:"
+
+#: groupmems.8.xml:107(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;"
+"<replaceable>им�_пользовател�</replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupmems.8.xml:109(para)
+#, fuzzy
+#| msgid "Add an user to the group membership list."
+msgid "Add a user to the group membership list."
+msgstr "Добавить нового пользовател� в группу."
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+"Е�ли �уще�твует файл <filename>/etc/gshadow</filename> и запи�и о группе нет "
+"в файле <filename>/etc/gshadow</filename>, то будет �оздана нова� запи�ь."
+
+#: groupmems.8.xml:118(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;"
+"<replaceable>им�_пользовател�</replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr "Удалить пользовател� из группы."
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+"Е�ли �уще�твует файл <filename>/etc/gshadow</filename>, то пользователь "
+"будет удалён из �пи�ка членов и админи�траторов группы."
+
+#: groupmems.8.xml:134(term)
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>им�_группы</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr ""
+"Суперпользователь может указать группу, в которой нужно изменить �пи�ок "
+"членов."
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr "Показать �пи�ок членов группы."
+
+#: groupmems.8.xml:154(term)
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-p</option>, <option>--purge</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr "Вычи�тить в�ех пользователей из �пи�ка членов группы."
+
+# type: Content of: <refentry><refsect1><title>
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr "��СТРОЙК�"
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+"И�полн�емый файл программы <command>groupmems</command> должен иметь права "
+"<literal>2770</literal>, принадлежать пользователю <emphasis>root</emphasis> "
+"и группе <emphasis>groups</emphasis>. Си�темный админи�тратор может "
+"добавл�ть пользователей в группу <emphasis>groups</emphasis>, разреша� или "
+"запреща� им запу�кать программу <command>groupmems</command> дл� управлени� "
+"член�твом в �воей группе."
+
+# type: Content of: <refentry><refsect1><programlisting>
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+"    "
+msgstr ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+"    "
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr "�одержит защищаемую информацию о группах"
+
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr "удал�ет группу"
+
+#: groupdel.8.xml:81(para)
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+"Программа <command>groupdel</command> измен�ет �и�темные файлы учётных "
+"запи�ей, удал�� в�е запи�и, отно��щие�� к <replaceable>ГРУППЕ</replaceable>. "
+"Группа � таким именем должна �уще�твовать."
+
+#: groupdel.8.xml:89(para)
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr "Параметры команды <command>groupdel</command>:"
+
+# type: Content of: <refentry><refsect1><para>
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr ""
+"Вы не можете удалить группу, е�ли она �вл�ет�� первичной дл� �уще�твующего "
+"пользовател�. Вы должны удалить пользовател� перед тем как удал�ть группу."
+
+# type: Content of: <refentry><refsect1><para>
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr ""
+"Вы должны вручную проверить в�е файловые �и�темы, чтобы убедить��, что не "
+"о�тало�ь файлов, принадлежащих удалённой группе."
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr "не удало�ь удалить первичную пользователь�кую группу"
+
+# type: Content of: <refentry><refsect1><para>
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Программа <command>groupdel</command> заверша� работу, возвращает �ледующие "
+"значени�: <placeholder-1/>"
+
+#: groupdel.8.xml:198(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "�оздаёт новую группу"
+
+# type: Content of: <refentry><refsect1><para>
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+"Программа <command>groupadd</command> �оздаёт новую группу �огла�но "
+"указанным значени�м командной �троки и �и�темным значени�м по умолчанию. "
+"�ова� группа будет добавлена в �и�темные файлы."
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr "Параметры команды <command>groupadd</command>:"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+"Завершить работу и вернуть �о�то�ние у�пешного выполнени�, е�ли группа уже "
+"�уще�твует. Е�ли и�пользует�� вме�те � параметром <option>-g</option> и "
+"указанный GID уже �уще�твует, то выбирает�� другой (уникальный) GID (то е�ть "
+"параметр <option>-g</option> игнорирует��)."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupadd.8.xml:118(para)
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+"Чи�ловое значение идентификатора группы (ID). Оно должно быть уникальным, "
+"е�ли не и�пользует�� параметр <option>-o</option>. Значение должно быть "
+"неотрицательным. По умолчанию и�пользует�� наименьшее значение ID большее "
+"или равное <option>GID_MIN</option> и большее чем у о�тальных групп."
+
+#: groupadd.8.xml:124(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr ""
+"Смотрите также опи�ание <option>-r</option> и <option>GID_MAX</option>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+"Изменить значени� по умолчанию (GID_MIN, GID_MAX и другие), которые хран�т�� "
+"в файле <filename>/etc/login.defs</filename>. Можно указать не�колько "
+"параметров <option>-K</option>."
+
+#: groupadd.8.xml:146(para)
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Пример: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: groupadd.8.xml:150(para)
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+"Замечание: запи�ь вида <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> пока не работает."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr "Разрешить добавление группы � не уникальным GID."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: groupadd.8.xml:192(para)
+msgid "Create a system group."
+msgstr "Создать �и�темную группу."
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+"Чи�ловые идентификаторы дл� �и�темных групп выбирают�� из диапазона "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option>, определённых в "
+"<filename>login.defs</filename>, а не из <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+
+# type: Content of: <refentry><refsect1><para>
+#: groupadd.8.xml:258(para)
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Имена групп должны начинать�� �о �трочной буквы или �имвола подчёркивани�, и "
+"должны �о�то�ть только из �трочных букв, цифр, �имволов подчёркивани� и "
+"мину�. Они могут заканчивать�� знаком доллара. Это можно опи�ать регул�рным "
+"выражением: [a-z_][a-z0-9_-]*[$]?"
+
+# type: Content of: <refentry><refsect1><para>
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr "Имена групп могут быть длиной не более &GROUP_NAME_MAX_LENGTH; знаков."
+
+# type: Content of: <refentry><refsect1><para>
+#: groupadd.8.xml:267(para)
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"�ельз� добавить группу NIS или LDAP. Это необходимо делать на "
+"�оответ�твующем �ервере."
+
+# type: Content of: <refentry><refsect1><para>
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+"Е�ли им� группы уже �уще�твует во внешней базе данных групп, например в NIS "
+"или LDAP, то <command>groupadd</command> не �танет �оздавать группу."
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr "не уникальный GID (е�ли не задан параметр <option>-o</option>)"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr "не уникальное им� группы"
+
+# type: Content of: <refentry><refsect1><para>
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Программа <command>groupadd</command> заверша� работу, возвращает �ледующие "
+"значени�: <placeholder-1/>"
+
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr ""
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr ""
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: gpasswd.1.xml:71(phrase)
+msgid "administer <placeholder-1/>"
+msgstr "управление <placeholder-1/>"
+
+#: gpasswd.1.xml:74(phrase)
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr "управление <placeholder-1/> и <placeholder-2/>"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+msgid "option"
+msgstr "параметр"
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+"Программа <command>gpasswd</command> и�пользует�� дл� управлени� файлом "
+"<filename>/etc/group</filename> <phrase condition=\"gshadow\"> и <filename>/"
+"etc/gshadow</filename></phrase>. В каждой группе могут быть определены "
+"<phrase condition=\"gshadow\">админи�траторы,</phrase> члены и пароль."
+
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+"Си�темные админи�траторы могут и�пользовать параметр <option>-A</option>, "
+"чтобы назначить группе админи�тратора(ов) и параметр <option>-M</option> дл� "
+"определени� �пи�ка членов, а также имеют в�е права админи�траторов и членов "
+"группы."
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+"Программа <command>gpasswd</command>, запущенна� <phrase condition=\"gshadow"
+"\">админи�тратором группы</phrase><phrase condition=\"no_gshadow\">�и�темным "
+"админи�тратором</phrase> � указанием в командной �троке только имени группы, "
+"предложит назначить пароль <replaceable>группе</replaceable>."
+
+#: gpasswd.1.xml:115(para)
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+"Е�ли пароль не пу�той, то дл� членов группы вызов "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> парол� не требует, а не члены группы должны вве�ти пароль."
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr "Замечани� о парол�х групп"
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+"Пароли групп имеют врождённую проблему � безопа�но�тью, так как пароль знает "
+"более одного человека. Однако, группы �вл�ют�� полезным ин�трументом "
+"�овме�тной работы различных пользователей."
+
+#: gpasswd.1.xml:135(para)
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr ""
+"За и�ключением параметров <option>-A</option> и <option>-M</option>, "
+"параметры нельз� и�пользовать вме�те."
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr "Параметры не могут быть указаны одновременно."
+
+# type: Content of: <refentry><refsect1><para>
+#: gpasswd.1.xml:142(para)
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr "Параметры команды <command>gpasswd</command>:"
+
+#: gpasswd.1.xml:147(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>пользователь</"
+"replaceable>"
+
+#: gpasswd.1.xml:151(para)
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Добавить <replaceable>пользовател�</replaceable> в указанную "
+"<replaceable>группу</replaceable>."
+
+#: gpasswd.1.xml:160(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;"
+"<replaceable>пользователь</replaceable>"
+
+#: gpasswd.1.xml:164(para)
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+"Удалить <replaceable>пользовател�</replaceable> из указанной "
+"<replaceable>группы</replaceable>."
+
+#: gpasswd.1.xml:181(term)
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>К�Т_CHROOT</"
+"replaceable>"
+
+#: gpasswd.1.xml:195(term)
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr "<option>-r</option>, <option>--remove-password</option>"
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+"Удалить пароль указанной <replaceable>группы</replaceable>. Пароль группы "
+"будет пу�тым. Только члены группы �могут и�пользовать <command>newgrp</"
+"command> дл� входа в указанную <replaceable>группу</replaceable>."
+
+#: gpasswd.1.xml:211(term)
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr "<option>-R</option>, <option>--restrict</option>"
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Ограничить до�туп к указанной <replaceable>группе</replaceable>. Пароль "
+"группы �тановит�� равным «!». Только члены группы имеющие пароль �могут "
+"и�пользовать <command>newgrp</command> дл� входа в указанную "
+"<replaceable>группу</replaceable>."
+
+#: gpasswd.1.xml:227(term)
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+"<option>-A</option>, <option>--administrators</option> "
+"<replaceable>пользователь</replaceable>, …"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr "Задать �пи�ок админи�траторов группы."
+
+#: gpasswd.1.xml:239(term)
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+"<option>-M</option>, <option>--members</option>&nbsp;"
+"<replaceable>пользователь</replaceable>, …"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr "Задать �пи�ок членов группы."
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+"Данна� утилита работает только � файлом <filename>/etc/group</filename> "
+"<phrase condition=\"gshadow\"> и <filename>/etc/gshadow</filename>.</"
+"phrase><phrase condition=\"no_gshadow\">.</phrase> Она не может изменить "
+"группу NIS или LDAP, �то нужно делать на �оответ�твующем �ервере."
+
+#: gpasswd.1.xml:298(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+
+# type: Content of: <refentry><refsect1><para><citerefentry><refentrytitle>
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr "faillog"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr ""
+"показывает запи�и из файла faillog или задаёт предел неудачных попыток входа "
+"в �и�тему"
+
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+"Программа <command>faillog</command> показывает �одержимое журнала неудачных "
+"попыток (файл <filename>/var/log/faillog</filename>). Также она может быть "
+"и�пользована дл� управлени� �чётчиком неудачных попыток и их ограничением. "
+"При запу�ке <command>faillog</command> без параметров вывод�т�� запи�и "
+"faillog только тех пользователей, у которых имеет�� хот� бы одна неудачна� "
+"попытка входа."
+
+# type: Content of: <refentry><refsect1><para>
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr "Параметры команды <command>faillog</command>:"
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+"Показать запи�и faillog дл� в�ех пользователей из базы данных "
+"<filename>faillog</filename>."
+
+#: faillog.8.xml:102(para)
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr ""
+"Спи�ок пользователей можно ограничить � помощью параметра <option>-u</"
+"option>."
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+"В режиме вывода �то ограничивает вывод �пи�ком �уще�твующих пользователей, "
+"но при �том дл� них вывод�т�� даже пу�тые запи�и faillog."
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+"Параметры <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> измен�ют запи�и пользователей, даже е�ли они не "
+"�уще�твует в �и�теме. Это полезно дл� �бро�а запи�ей пользователей, которые "
+"были удалены или дл� предварительной у�тановки политики дл� диапазона "
+"пользователей."
+
+#: faillog.8.xml:128(term)
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>СЕКУ�Д</"
+"replaceable>"
+
+#: faillog.8.xml:132(para)
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+"Блокировать учётную запи�ь на указанное количе�тво <replaceable>СЕКУ�Д</"
+"replaceable> по�ле неудачной попытки входа."
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr ""
+"Дл� �того параметра требует�� право на запи�ь в <filename>/var/log/faillog</"
+"filename>."
+
+#: faillog.8.xml:143(term)
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;"
+"<replaceable>М�КС_ЧИСЛО</replaceable>"
+
+#: faillog.8.xml:147(para)
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+"У�тановить мак�имальное количе�тво неудачных попыток входа перед блокировкой "
+"учётной запи�и равным <replaceable>М�КС_ЧИСЛО</replaceable>."
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+"Е�ли значение <replaceable>М�КС_ЧИСЛО</replaceable> равно 0, то количе�тво "
+"неудачных попыток входа не ограничивает��."
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+"Дл� предотвращени� атаки отказа в об�луживании мак�имальное количе�тво "
+"неудачных попыток входа у <emphasis>root</emphasis> в�егда должно быть равно "
+"0."
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr "Сбро�ить �чётчик неудачных попыток входа."
+
+#: faillog.8.xml:195(para)
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr "Показать запи�и faillog новее чем <replaceable>Д�ЕЙ</replaceable>."
+
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+"Показать запи�ь faillog или изменить �чётчики неудачных попыток и "
+"ограничени� (е�ли задан параметр <option>-l</option>, <option>-m</option> "
+"или <option>-r</option>) только дл� указанных учётных запи�ей."
+
+#: faillog.8.xml:224(para)
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+"Е�ли параметры <option>-l</option>, <option>-m</option> или <option>-r</"
+"option> не заданы, то <command>faillog</command> показывает запи�и faillog "
+"указанных пользователей."
+
+# type: Content of: <refentry><refsect1><para>
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+"Программа <command>faillog</command> выводит только запи�и о пользовател�х, "
+"по�ледн�� попытка входа которых была неудачной. Чтобы увидеть запи�ь о "
+"пользователе, по�ледн�� попытка входа которого была удачной, вы должны "
+"�пециально указать им� пользовател� � помощью параметра <option>-u</option>, "
+"или дл� показа в�ех пользователей указать параметр <option>-a</option>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr "/var/log/faillog"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr "журнал неудавших�� попыток входа в �и�тему"
+
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr "файл протокола неудачных попыток входа в �и�тему"
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+"В файле <filename>/var/log/faillog</filename> �одержат�� �чётчики неудачных "
+"попыток входа и ограничени� дл� каждой учётной запи�и."
+
+# type: Content of: <refentry><refsect1><para>
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+"Этот файл �о�тоит из запи�ей по�то�нной длины, упор�доченных по чи�ловому "
+"идентификатору учётной запи�и. Кажда� запи�ь �одержит количе�тво неудачных "
+"попыток входа � момента по�леднего у�пешного входа в �и�тему, мак�имальное "
+"количе�тво неудачных попыток перед тем как учётна� запи�ь будет "
+"заблокирована, терминал, � которого о�уще�твл�ла�ь по�ледн�� неудачна� "
+"попытка входа, дату �того �обыти� и интервал (в �екундах) на �колько учётна� "
+"запи�ь будет заблокирована в �лучае неудачной попытки."
+
+# type: Content of: <refentry><refsect1><para>
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "Структура файла:"
+
+# type: Content of: <refentry><refsect1><programlisting>
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;\n"
+"\tshort   fail_max;\n"
+"\tchar    fail_line[12];\n"
+"\ttime_t  fail_time;\n"
+"\tlong    fail_locktime;\n"
+"};"
+msgstr ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;\n"
+"\tshort   fail_max;\n"
+"\tchar    fail_line[12];\n"
+"\ttime_t  fail_time;\n"
+"\tlong    fail_locktime;\n"
+"};"
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr ""
+
+# type: Content of: <refentry><refsect1><para><command>
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr "expiry"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr "провер�ет и измен�ет пароль �огла�но политике у�таревани�"
+
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+"Программа <command>expiry</command> провер�ет (параметр <option>-c</option>) "
+"�колько ещё времени будет работо�по�обен текущий пароль и вынуждает изменить "
+"его (параметр <option>-f</option>), е�ли �то требует��. Она может "
+"запу�кать�� обычным пользователем."
+
+# type: Content of: <refentry><refsect1><para>
+#: expiry.1.xml:92(para)
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr "Параметры команды <command>expiry</command>:"
+
+#: expiry.1.xml:97(term)
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr "<option>-c</option>, <option>--check</option>"
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: expiry.1.xml:99(para)
+msgid "Check the password expiration of the current user."
+msgstr "Провер�ет и измен�ет �рок дей�тви� парол� у текущего пользовател�."
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr "Принудительно мен�ет пароль, е�ли его �рок дей�тви� и�тёк."
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr "измен�ет реги�трационную оболочку пользовател�"
+
+# type: Content of: <refentry><refsect1><para>
+#: chsh.1.xml:85(para)
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+"Программа <command>chsh</command> измен�ет реги�трационную оболочку "
+"пользовател�. Она определ�ет кака� команда будет запущена по�ле реги�трации "
+"пользовател� в �и�теме. Обычный пользователь может измен�ть реги�трационную "
+"оболочку только дл� �воей учётной запи�и; �уперпользователь может измен�ть "
+"реги�трационную оболочку любой учётной запи�и."
+
+# type: Content of: <refentry><refsect1><para>
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr "Параметры команды <command>chsh</command>:"
+
+# type: Content of: <refentry><refsect1><para>
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Е�ли параметр <option>-s</option> не задан, то <command>chsh</command> "
+"переходит в интерактивный режим, предлага� пользователю изменить �вою "
+"реги�трационную оболочку. Вводимое значение замен�ет текущее значение пол�; "
+"е�ли введена пу�та� �трока, то текущее значение о�таёт�� неизменным. Текущее "
+"значение реги�трационной оболочки указано в �кобках <emphasis>[ ]</emphasis>."
+
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+"В�е допу�тимые имена реги�трационных оболочек должны быть указаны в файле "
+"<filename>/etc/shells</filename>. �а �уперпользовател� �то ограничение не "
+"дей�твует и по�тому ему разрешено указывать любое значение. Дл� учётной "
+"запи�и � ограниченной реги�трационной оболочкой пользователь не может "
+"изменить �вою реги�трационную оболочку. По�тому <filename>/bin/rsh</"
+"filename> в файле <filename>/etc/shells</filename> лучше не указывать, так "
+"как, е�ли пользователь �лучайно изменит �вою реги�трационную оболочку на �ту "
+"ограниченную оболочку, то не �может во��тановить её первоначальное значение."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><filename>
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr "/etc/shells"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr "�одержит �пи�ок разрешённых реги�трационных оболочек"
+
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr "обновл�ет пароли в пакетном режиме"
+
+# type: Content of: <refentry><refsect1><para>
+#: chpasswd.8.xml:83(para)
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+"Программа <command>chpasswd</command> читает �пи�ок пар «пользователь "
+"пароль» из �тандартного входного потока и обновл�ет информацию о "
+"�уще�твующих пользовател�х. Кажда� �трока имеет вид:"
+
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">им�_пользовател�</emphasis>:<emphasis remap=\"I"
+"\">пароль</emphasis>"
+
+# type: Content of: <refentry><refsect1><para>
+#: chpasswd.8.xml:92(para)
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+"По умолчанию, передаваемый пароль должен быть в виде обычного тек�та и "
+"шифрует�� командой <command>chpasswd</command>. Также, е�ли е�ть �рок "
+"дей�тви� парол�, то он будет обновлён."
+
+#: chpasswd.8.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+#| "variables of <filename>/etc/login.defs</filename>, and can be overwitten "
+#| "with the <option>-e</option>, <option>-m</option>, or <option>-c</option> "
+#| "options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwritten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"Си�темный алгоритм шифровани� по умолчанию может быть задан в переменной "
+"<option>ENCRYPT_METHOD</option> или <option>MD5_CRYPT_ENAB</option> в файле "
+"<filename>/etc/login.defs</filename>, и может быть переопределён параметрами "
+"<option>-e</option>, <option>-m</option> или <option>-c</option>."
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"По умолчанию пароли шифруют�� PAM, но (даже е�ли �то не рекомендует��) вы "
+"можете выбрать другой метод шифровани� � помощью параметра <option>-e</"
+"option>, <option>-m</option> или <option>-c</option>."
+
+#: chpasswd.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "<phrase condition=\"pam\">Except when PAM is used to encrypt the "
+#| "passwords,</phrase><command>chpasswd</command> first updates all the "
+#| "passwords in memory, and then commits all the changes to disk if no "
+#| "errors occured for any user."
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occurred for "
+"any user."
+msgstr ""
+"Команда <command>chpasswd</command> <phrase condition=\"pam\">(когда дл� "
+"шифровани� паролей не и�пользует�� PAM)</phrase> �начала обновл�ет в�е "
+"пароли в пам�ти, а затем запи�ывает в�е изменени� на ди�к, е�ли не было "
+"никаких ошибок."
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+"В �лучае когда шифрование паролей (и обновление в �и�темной базе данных) "
+"выполн�ет�� PAM и пароль не может быть обновлён, то <command>chpasswd</"
+"command> продолжает обновление паролей о�тальных пользователей и завершает "
+"работу � кодом ошибки."
+
+# type: Content of: <refentry><refsect1><para>
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr ""
+"Данна� команда предназначена дл� работы в крупных �и�темных �редах, где за "
+"один раз заводит�� не�колько учётных запи�ей."
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr "Параметры команды <command>chpasswd</command>:"
+
+#: chpasswd.8.xml:137(term)
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>МЕТОД</replaceable>"
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr "Возможные методы: DES, MD5 и NONE."
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr "По умолчанию, дл� шифровани� паролей и�пользует�� PAM."
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+"По умолчанию (е�ли не указан параметр<option>-c</option>, <option>-m</"
+"option> или <option>-e</option>), метод шифровани� определ�ет�� переменной "
+"<option>ENCRYPT_METHOD</option> или <option>MD5_CRYPT_ENAB</option> из файла "
+"<filename>/etc/login.defs</filename>."
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr "Передаваемые пароли заданы в шифрованном виде."
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr "<option>-m</option>, <option>--md5</option>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr ""
+"И�пользовать алгоритм шифровани� MD5 вме�то DES, е�ли пароли передают�� не "
+"шифрованными."
+
+#: chpasswd.8.xml:200(term)
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;"
+"<replaceable>Р�У�ДОВ</replaceable>"
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"По умолчанию, количе�тво раундов определ�ет�� переменными "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> и <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> в <filename>/etc/login.defs</filename>."
+
+# type: Content of: <refentry><refsect1><para>
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr ""
+"�е забудьте у�тановить права или umask, чтобы не позволить чтение не "
+"шифрованных файлов другими пользовател�ми."
+
+# type: Content of: <refentry><refsect1><para><filename>
+#: chpasswd.8.xml:276(filename)
+msgid "/etc/pam.d/chpasswd"
+msgstr "/etc/pam.d/chpasswd"
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr "на�тройки PAM дл� <command>chpasswd</command>"
+
+#: chpasswd.8.xml:286(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr ""
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr "обновл�ет пароли групп в пакетном режиме"
+
+# type: Content of: <refentry><refsect1><para>
+#: chgpasswd.8.xml:79(para)
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+"Программа <command>chgpasswd</command> читает �пи�ок пар «группа пароль» из "
+"�тандартного входного потока и обновл�ет информацию о �уще�твующих группах. "
+"Кажда� �трока имеет вид:"
+
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">им�_группы</emphasis>:<emphasis remap=\"I\">пароль</"
+"emphasis>"
+
+# type: Content of: <refentry><refsect1><para>
+#: chgpasswd.8.xml:88(para)
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+"По умолчанию, передаваемый пароль должен быть в виде обычного тек�та и "
+"шифрует�� командой <command>chgpasswd</command>."
+
+#: chgpasswd.8.xml:92(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+#| "filename>, and can be overwiten with the <option>-e</option>, <option>-m</"
+#| "option>, or <option>-c</option> options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwritten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+"Си�темный алгоритм шифровани� по умолчанию может быть задан в переменной "
+"<option>ENCRYPT_METHOD</option> в файле <filename>/etc/login.defs</"
+"filename>, и может быть переопределён параметрами <option>-e</option>, "
+"<option>-m</option> или <option>-c</option>."
+
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr "Параметры команды <command>chgpasswd</command>:"
+
+#: chgpasswd.8.xml:238(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr "измен�ет информацию о пользователе"
+
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+"Программа <command>chfn</command> измен�ет ФИО, рабочий телефон, рабочий "
+"номер комнаты, рабочий и домашний номер телефона дл� учётной запи�и "
+"пользовател�. Обычно, �ти данные вывод�т�� командой "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> и ей подобными программами. Обычный пользователь может "
+"изменить только определённые данные �об�твенной учётной запи�и, разрешённые "
+"в файле <filename>/etc/login.defs</filename> (на�тройкой по умолчанию "
+"пользователю не разрешает�� мен�ть �воё им� и фамилию). Суперпользователь "
+"может измен�ть любые данные любой учётной запи�и. Кроме того, только "
+"�уперпользователь может и�пользовать параметр <option>-o</option> дл� "
+"изменени� не�тандартизованной ча�ти данных GECOS."
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+"Ча�ти пол� GECOS не должны �одержать двоеточий. За и�ключением ча�ти "
+"<emphasis remap=\"I\">друга�</emphasis>, в них не должно �одержать�� зап�тых "
+"и знаков равно. Также рекомендует�� избегать �имволов не в кодировке US-"
+"ASCII, но �то ка�ает�� только номеров телефонов. Ча�ть <emphasis remap=\"I"
+"\">друга�</emphasis> и�пользует�� дл� хранени� информации об учётной запи�и, "
+"котора� и�пользует�� другими приложени�ми."
+
+# type: Content of: <refentry><refsect1><para>
+#: chfn.1.xml:112(para)
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr "Параметры команды <command>chfn</command>:"
+
+#: chfn.1.xml:117(term)
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;<replaceable>ФИО</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><refsect2><title>
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr "Измен�ет ФИО пользовател�."
+
+#: chfn.1.xml:125(term)
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>ДОМ�Ш�ИЙ_ТЕЛЕФО�</replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr "Измен�ет номер домашнего телефона пользовател�."
+
+#: chfn.1.xml:133(term)
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>ДРУГ�Я</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+"Измен�ет другую информацию GECOS о пользователе. Эта ча�ть и�пользует�� дл� "
+"хранени� информации об учётной запи�и, и�пользуемой другими приложени�ми, и "
+"может измен�ть�� только �уперпользователем."
+
+#: chfn.1.xml:145(term)
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--room</option>&nbsp;"
+"<replaceable>�ОМЕР_КОМ��ТЫ</replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr "Измен�ет номер комнаты пользовател�."
+
+#: chfn.1.xml:165(term)
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-u</option>, <option>--help</option>"
+
+#: chfn.1.xml:173(term)
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>Р�БОЧИЙ_ТЕЛЕФО�</replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr "Измен�ет номер рабочего телефона пользовател�."
+
+# type: Content of: <refentry><refsect1><para>
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+"Е�ли ни один параметр не указан, то <command>chfn</command> переходит в "
+"интерактивный режим, предлага� запу�тившему пользователю изменить данные "
+"�воей учётной запи�и. Вводимое значение замен�ет текущее значение запи�и; "
+"е�ли введена пу�та� �трока, то текущее значение о�таёт�� неизменным. Текущее "
+"значение показано в �кобках <emphasis remap=\"B\">[ ]</emphasis>. При вызове "
+"без параметров программа <command>chfn</command> измен�ет учётную запи�ь "
+"запу�тившего пользовател�."
+
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+# type: Content of: <refentry><refnamediv><refpurpose>
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "измен�ет информацию об у�таревании парол� пользовател�"
+
+# type: Content of: <refentry><refsect1><para>
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+"Программа <command>chage</command> измен�ет количе�тво дней между датой "
+"�мены парол� и датой по�ледней �мены парол�. Эта информаци� и�пользует�� "
+"�и�темой дл� определени� момента, когда пользователь должен �менить �вой "
+"пароль."
+
+# type: Content of: <refentry><refsect1><para>
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr "Параметры команды <command>chage</command>:"
+
+#: chage.1.xml:97(term)
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>ПОСЛ_ДЕ�Ь</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+"У�тановить чи�ло дней прошедших � 1 �нвар� 1970 года, когда была по�ледн�� "
+"�мена парол�. Дата может быть также указана в виде ГГГГ-ММ-ДД (или в форме "
+"�огла�но региональным на�тройкам)."
+
+#: chage.1.xml:109(term)
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-E</option>, <option>--expiredate</option> "
+"<replaceable>Д�Т�_УСТ�РЕВ��ИЯ</replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+"У�тановить дату у�таревани� учётной запи�и пользовател�, котора� задаёт�� "
+"чи�лом дней прошедших � 1 �нвар� 1970 года. Дата может быть также задана в "
+"виде ГГГГ-ММ-ДД (или в форме �огла�но региональным на�тройкам). "
+"Пользователь, чь� учётна� запи�ь была заблокирована, должен обратить�� к "
+"�и�темному админи�тратору, е�ли хочет в дальнейшем работать � �и�темой."
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+"Значение <emphasis remap=\"I\">-1</emphasis> в параметре "
+"<replaceable>Д�Т�_УСТ�РЕВ��ИЯ</replaceable> отмен�ет у�таревание учётной "
+"запи�и."
+
+#: chage.1.xml:135(term)
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>Д�ЕЙ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+"У�тановить количе�тво дней неактивно�ти по�ле у�таревани� парол� перед тем "
+"как учётна� запи�ь будет заблокирована. В параметре <replaceable>Д�ЕЙ</"
+"replaceable> задаёт�� количе�тво дней неактивно�ти. Пользователь, чь� "
+"учётна� запи�ь была заблокирована, должен обратить�� к �и�темному "
+"админи�тратору, е�ли хочет в дальнейшем работать � �и�темой."
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+"Значение <emphasis remap=\"I\">-1</emphasis> в параметре <replaceable>Д�ЕЙ</"
+"replaceable> отмен�ет неактивно�ть учётной запи�и."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr "Показать информацию об у�таревании учётной запи�и."
+
+#: chage.1.xml:164(term)
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>МИ�_Д�ЕЙ</"
+"replaceable>"
+
+#: chage.1.xml:176(term)
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>М�КС_Д�ЕЙ</"
+"replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chage.1.xml:180(para)
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+"У�тановить мак�имальное количе�тво дней работо�по�обно�ти парол�. Е�ли �умма "
+"значений <replaceable>М�КС_Д�ЕЙ</replaceable> и <replaceable>ПОСЛ_ДЕ�Ь</"
+"replaceable> раньше текущего дн�, то пользователю придёт�� изменить �вой "
+"пароль перед и�пользованием учётной запи�и. Дл� того, чтобы �то не было "
+"неожиданно�тью можно во�пользовать�� параметром <option>-W</option>, который "
+"активирует выдачу предупреждени� о �мене парол� пользовател� заранее."
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+"Значение <emphasis remap=\"I\">-1</emphasis> в параметре "
+"<replaceable>М�КС_Д�ЕЙ</replaceable> отмен�ет проверку парол�."
+
+#: chage.1.xml:209(term)
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>ПРЕДУП_Д�ЕЙ</replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: chage.1.xml:213(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+"У�тановить количе�тво дней выдачи предупреждени�, перед тем как потребует�� "
+"�мена парол�. Параметр <replaceable>ПРЕДУП_Д�ЕЙ</replaceable> �читает�� в "
+"дн�х, в течении которых пользователь будет получать предупреждение об "
+"у�таревании парол�, перед тем как �то �лучит��."
+
+# type: Content of: <refentry><refsect1><para>
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Е�ли ни один параметр не указан, то <command>chage</command> переходит в "
+"интерактивный режим, предлага� запу�тившему пользователю изменить значени� "
+"в�ех полей �воей учётной запи�и. Вводимое значение замен�ет текущее значение "
+"пол�; е�ли введена пу�та� �трока, то текущее значение о�таёт�� неизменным. "
+"Текущее значение показано в �кобках <emphasis>[ ]</emphasis>."
+
+# type: Content of: <refentry><refsect1><para>
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr ""
+"Программа <command>chage</command> требует наличи� файла теневых паролей."
+
+# type: Content of: <refentry><refsect1><para>
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+"Программа <command>chage</command> работает только от �уперпользовател�, за "
+"и�ключением вызова � параметром <option>-l</option>, который может "
+"и�пользовать�� непривилегированным пользователем дл� определени� даты "
+"у�таревани� �воего парол�."
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "не удало�ь найти файл теневых паролей"
+
+# type: Content of: <refentry><refsect1><para>
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Программа <command>chage</command> заверша� работу, возвращает �ледующие "
+"значени�: <placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr ""
+"Yuri Kozlov <yuray@komyakino.ru>, 2005, 2006, 2012 Sergey Alyoshin <alyoshin."
+"s@gmail.com>, 2012 "
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><option>
+#~ msgid "-M"
+#~ msgstr "-M"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><term><replaceable>
+#~ msgid "13"
+#~ msgstr "13"
+
+# type: Content of: <refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#~ msgid "can't create mail spool"
+#~ msgstr "не удало�ь �оздать почтовый �щик"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#, fuzzy
+#~| msgid ""
+#~| "The name of the user's new login shell. Setting this field to blank "
+#~| "causes the system to select the default login shell."
+#~ msgid ""
+#~ "The SELinux user for the user's login. The default is to leave this field "
+#~ "the blank, which causes the system to select the default SELinux user."
+#~ msgstr ""
+#~ "Им� новой реги�трационной оболочки пользовател�. Е�ли задать пу�тое "
+#~ "значение, то будет и�пользована реги�трационна� оболочка по умолчанию."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#~ msgid "-q"
+#~ msgstr "-q"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#~ msgid "-s"
+#~ msgstr "-s"
+
+#, fuzzy
+#~| msgid ""
+#~| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term>
+#~ msgid "new_users"
+#~ msgstr "new_users"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#~ msgid "full_name"
+#~ msgstr "ФИО"
+
+#~ msgid "-f <placeholder-1/>"
+#~ msgstr "-f <placeholder-1/>"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#~ msgid "room_no"
+#~ msgstr "номер комнаты"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#~ msgid "work_ph"
+#~ msgstr "рабочий телефон"
+
+#~ msgid "-w <placeholder-1/>"
+#~ msgstr "-w <placeholder-1/>"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#~ msgid "home_ph"
+#~ msgstr "домашний телефон"
+
+# type: Content of: <refentry><refsect1><para><emphasis>
+#~ msgid "other"
+#~ msgstr "другое"
+
+#~ msgid "-o <placeholder-1/>"
+#~ msgstr "-o <placeholder-1/>"
+
+#, fuzzy
+#~| msgid ""
+#~| "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~| "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>pam</"
+#~| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+#~ "condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pam</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "Note: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#~ "replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
+#~ "replaceable>=<replaceable>499</replaceable> doesn't work yet."
+#~ msgstr ""
+#~ "Замечание: запи�ь вида <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#~ "replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
+#~ "replaceable>=<replaceable>499</replaceable> пока не работает."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE"
+#~ msgstr "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#, fuzzy
+#~| msgid "Supplied passwords are in encrypted form."
+#~ msgid "The supplied passwords must be in clear-text."
+#~ msgstr "Передаваемые пароли заданы в шифрованном виде."
+
+#, fuzzy
+#~ msgid "and <placeholder-1/> files"
+#~ msgstr "-a <placeholder-1/>"
+
+# type: Content of: <refentry><refsect1><para>
+#, fuzzy
+#~| msgid ""
+#~| "<command>usermod</command> will not allow you to change the name of a "
+#~| "user who is logged in. You must make certain that the named user is not "
+#~| "executing any processes when this command is being executed if the "
+#~| "user's numerical user ID is being changed. You must change the owner of "
+#~| "any <command>crontab</command> files manually. You must change the owner "
+#~| "of any <command>at</command> jobs manually. You must make any changes "
+#~| "involving NIS on the NIS server."
+#~ msgid ""
+#~ "<command>usermod</command> will not allow you to change the name of an "
+#~ "user who is logged in. You must make certain that the named user is not "
+#~ "executing any processes when this command is being executed if the user's "
+#~ "numerical user ID is being changed. You must change the owner of any "
+#~ "<command>crontab</command> files manually. You must change the owner of "
+#~ "any <command>at</command> jobs manually. You must make any changes "
+#~ "involving NIS on the NIS server."
+#~ msgstr ""
+#~ "Команда <command>usermod</command> не будет измен�ть им� пользовател�, "
+#~ "е�ли �тот пользователь в данный момент работает в �и�теме. Е�ли требует�� "
+#~ "изменить чи�ловой идентификатор пользовател�, нужно проверить, что от "
+#~ "�того пользовател� нет запущенных проце��ов. Владельца файлов "
+#~ "<command>crontab</command> нужно измен�ть вручную. Владельца заданий "
+#~ "<command>at</command> нужно измен�ть вручную. Также вручную нужно �делать "
+#~ "в�е изменени� �в�занные � NIS на �ервере NIS."
+
+# type: Content of: <refentry><refsect1><para>
+#~ msgid ""
+#~ "<command>userdel</command> will not allow you to remove an account if the "
+#~ "user is currently logged in. You must kill any running processes which "
+#~ "belong to an account that you are deleting."
+#~ msgstr ""
+#~ "Команда <command>userdel</command> не будет удал�ть учётную запи�ь, е�ли "
+#~ "пользователь в данный момент работает в �и�теме. Вы должны завершить в�е "
+#~ "запущенные проце��ы, принадлежащие учётной запи�и, которую нужно удалить."
+
+#~ msgid ""
+#~ "The encrypted password, as returned by "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>. The default is to disable the account."
+#~ msgstr ""
+#~ "Шифрованное значение парол�, которое возвращает функци� "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>. По умолчанию учётна� запи�ь заблокирована."
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#~ msgid "encrypted password file"
+#~ msgstr "файл � защищаемой информацией о пользовател�х"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#~ msgid "comma-separated list of group administrators"
+#~ msgstr "�пи�ок админи�траторов группы, перечи�ленных через зап�тую"
+
+#~ msgid ""
+#~ "The group name and password fields must be filled. The encrypted password "
+#~ "consists of characters from the 64-character alphabet a thru z, A thru Z, "
+#~ "0 thru 9, \\. and /. Refer to <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry> for details on how "
+#~ "this string is interpreted. If the password field contains some string "
+#~ "that is not valid result of <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, for instance ! or "
+#~ "*, the user will not be able to use a unix password to log in, subject to "
+#~ "<citerefentry><refentrytitle>pam</refentrytitle><manvolnum>7</manvolnum></"
+#~ "citerefentry>."
+#~ msgstr ""
+#~ "Пол� � именем группы и пароль должны быть заполнены. Шифрованный пароль "
+#~ "�о�тоит из разрешённых 64 �имволов � a по z, � A по Z, � 0 по 9, \\. и /. "
+#~ "Подробней о пароле �мотрите на �транице руковод�тва "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>. Е�ли поле парол� �одержит �троку, котора� не "
+#~ "удовлетвор�ет требовани�м <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, например "
+#~ "�одержит ! или *, то пользователь не �может и�пользовать �тот unix пароль "
+#~ "дл� реги�трации � учётом на�троек <citerefentry><refentrytitle>pam</"
+#~ "refentrytitle><manvolnum>7</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#, fuzzy
+#~ msgid ""
+#~ "The group ID of the given <replaceable>GROUP</replaceable> will be "
+#~ "changed to <replaceable>GID</replaceable>. The value of <replaceable>GID</"
+#~ "replaceable> must be a non-negative decimal integer. This value must be "
+#~ "unique, unless the <option>-o</option> option is used. Values between 0 "
+#~ "and 999 are typically reserved for system groups. Any files that have the "
+#~ "old group ID and must continue to belong to <replaceable>GROUP</"
+#~ "replaceable>, must have their group ID changed manually."
+#~ msgstr ""
+#~ "Указывает�� новый ID группы дл� <replaceable>ГРУППЫ</replaceable>. "
+#~ "Чи�ловое значение <replaceable>GID</replaceable> должно быть "
+#~ "неотрицательным де��тичным чи�лом. Оно должно быть уникальным, е�ли не "
+#~ "задан параметр <option>-o</option>. Значени� от 0 до 999 обычно "
+#~ "зарезервированы под �и�темные группы. Изменение принадлежно�ти в�ех "
+#~ "файлов �тарой группе необходимо выполн�ть вручную."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid ""
+#~ "The group name or number of the user's new initial login group. The group "
+#~ "name must exist. A group number must refer to an already existing group. "
+#~ "The default group number is 1."
+#~ msgstr ""
+#~ "Им� или чи�ловой идентификатор новой начальной группы пользовател�. "
+#~ "Группа � таким именем должна �уще�твовать. Идентификатор группы должен "
+#~ "указывать на уже �уще�твующую группу. По умолчанию идентификатор группы "
+#~ "у�тановлен в 1."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid ""
+#~ "The group name or number of the user's initial login group. The group "
+#~ "name must exist. A group number must refer to an already existing group. "
+#~ "The default group number is 1 or whatever is specified in <filename>/etc/"
+#~ "default/useradd</filename>."
+#~ msgstr ""
+#~ "Им� или чи�ловой идентификатор новой начальной группы пользовател�. "
+#~ "Группа � таким именем должна �уще�твовать. Идентификатор группы должен "
+#~ "указывать на уже �уще�твующую группу. Идентификатор группы по умолчанию "
+#~ "равен 1 или значению указанному в файле <filename>/etc/default/useradd</"
+#~ "filename>."
+
+# type: Content of: <refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#~ msgid ""
+#~ "The group name or ID for a new user's initial group. The named group must "
+#~ "exist, and a numerical group ID must have an existing entry."
+#~ msgstr ""
+#~ "Им� или чи�ловой идентификатор новой начальной группы пользовател�. "
+#~ "Группа � таким именем должна �уще�твовать и дл� чи�лового идентификатора "
+#~ "должна быть запи�ь."
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#~ msgid "days since Jan 1, 1970 that password was last changed"
+#~ msgstr ""
+#~ "чи�ло дней � момента по�леднего изменени� парол�, начина� � 1 �нвар� 1970 "
+#~ "года"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#~ msgid "days after which password must be changed"
+#~ msgstr "чи�ло дней, по�ле которых пароль должен быть изменён"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#~ msgid "days before password is to expire that user is warned"
+#~ msgstr ""
+#~ "чи�ло дней, за �колько пользовател� начнут предупреждать, что пароль "
+#~ "у�таревает"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#~ msgid "days after password expires that account is disabled"
+#~ msgstr "чи�ло дней, по�ле у�таревани� парол� дл� блокировки учётной запи�и"
+
+# type: Content of: <refentry><refsect1><itemizedlist><listitem><para>
+#~ msgid "days since Jan 1, 1970 that account is disabled"
+#~ msgstr ""
+#~ "дней, от�читыва� � 1 �нвар� 1970 года, когда учётна� запи�ь была "
+#~ "заблокирована"
+
+# type: Content of: <refentry><refsect1><para>
+#, fuzzy
+#~ msgid ""
+#~ "The password field must be filled. The encrypted password consists of 13 "
+#~ "to 24 characters from the 64 character alphabet a thru z, A thru Z, 0 "
+#~ "thru 9, \\. and /. Optionally it can start with a \"$\" character. This "
+#~ "means the encrypted password was generated using another (not DES) "
+#~ "algorithm. For example if it starts with \"$1$\" it means the MD5-based "
+#~ "algorithm was used."
+#~ msgstr ""
+#~ "Поле парол� должно быть заполнено. Шифрованный пароль имеет длину от 13 "
+#~ "до 24 �имволов и �о�тоит из 64 �имволов алфавита от a до z, от A до Z, от "
+#~ "0 до 9, \\. и /. Пароль может начинать�� � �имвола \"$\". Это означает, "
+#~ "что шифрованный пароль был �генерирован � и�пользованием другого (не DES) "
+#~ "алгоритма. �апример, е�ли он начинает�� � \"$1$\", то �то означает, что "
+#~ "и�пользовал�� алгоритм на о�нове MD5."
+
+# type: Content of: <refentry><refsect1><para>
+#~ msgid ""
+#~ "The date of the last password change is given as the number of days since "
+#~ "Jan 1, 1970. The password may not be changed again until the proper "
+#~ "number of days have passed, and must be changed after the maximum number "
+#~ "of days. If the minimum number of days required is greater than the "
+#~ "maximum number of day allowed, this password may not be changed by the "
+#~ "user."
+#~ msgstr ""
+#~ "Дата по�леднего изменени� парол� задаёт�� в дн�х, прошедших � 1 �нвар� "
+#~ "1970 года. Пароль не может быть изменён пока не пройдёт положенное чи�ло "
+#~ "дней, и должен быть изменён по�ле мак�имального чи�ла дней. Е�ли "
+#~ "об�зательное минимальное чи�ло дней больше чем мак�имальное чи�ло дней, "
+#~ "то такой пароль не может быть изменён пользователем."
+
+# type: Content of: <refentry><refsect1><para>
+#~ msgid ""
+#~ "An account is considered to be inactive and is disabled if the password "
+#~ "is not changed within the specified number of days after the password "
+#~ "expires. An account will also be disabled on the specified day regardless "
+#~ "of other password expiration information."
+#~ msgstr ""
+#~ "Учётна� запи�ь �читает�� неактивной и будет заблокирована, е�ли пароль не "
+#~ "был изменён за заданное чи�ло дней по�ле у�таревани� парол�. Учётна� "
+#~ "запи�ь также будет заблокирована в заданный день, незави�имо от другой "
+#~ "информации об у�таревании парол�."
+
+# type: Content of: <refentry><refsect1><para>
+#~ msgid ""
+#~ "This information supersedes any password or password age information "
+#~ "present in <filename>/etc/passwd</filename>."
+#~ msgstr ""
+#~ "Информаци� из �того файла замен�ет любой пароль или информацию об "
+#~ "у�таревании, �одержащую�� в файле <filename>/etc/passwd</filename>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>getpwnam</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>getpwnam</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "This field must contain the name (or number) of a group. The user will be "
+#~ "added as a member to this group. When a non-existent group name or number "
+#~ "is specified, a new group will be created. In the case of a non-existent "
+#~ "group number, both the name and the number of the new group will be this "
+#~ "number."
+#~ msgstr ""
+#~ "Это поле должно �одержать им� (или номер). Пользователь будет добавлен в "
+#~ "�ту группу. Е�ли указан чи�ловой идентификатор или им� не�уще�твующей "
+#~ "группы, то будет �оздана нова� группа � данным именем и номером."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid ""
+#~ "This field will be checked for existence as a directory, and a new "
+#~ "directory with this name will be created if it does not already exist. "
+#~ "The ownership of the directory will be set to be that of the user being "
+#~ "created or updated."
+#~ msgstr ""
+#~ "Будет проверено �уще�твование каталога � именем значени� данного пол� и "
+#~ "е�ли такого каталога нет, то он будет �оздан. Владельцем каталога будет "
+#~ "назначен обновл�емый или �оздаваемый пользователь."
+
+#, fuzzy
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#~ msgid "-a"
+#~ msgstr "-a"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#~ msgid "-d"
+#~ msgstr "-d"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><option>
+#~ msgid "-g"
+#~ msgstr "-g"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><replaceable>
+#~ msgid "GID"
+#~ msgstr "GID"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><option>
+#~ msgid "-o"
+#~ msgstr "-o"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><replaceable>
+#~ msgid "KEY"
+#~ msgstr "КЛЮЧ"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><term><replaceable>
+#~ msgid "VALUE"
+#~ msgstr "З��ЧЕ�ИЕ"
+
+#~ msgid "-K <placeholder-1/>=<placeholder-2/>"
+#~ msgstr "-K <placeholder-1/>=<placeholder-2/>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><option>
+#, fuzzy
+#~ msgid "-R"
+#~ msgstr "-"
+
+#, fuzzy
+#~ msgid "<option>-A</option>&nbsp;<replaceable>user</replaceable>,..."
+#~ msgstr ""
+#~ "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#~ "replaceable>"
+
+#, fuzzy
+#~ msgid "<option>-M</option>&nbsp;<replaceable>user</replaceable>,..."
+#~ msgstr ""
+#~ "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#~ "replaceable>"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid "Display faillog records for all users."
+#~ msgstr "Показать запи�и faillog дл� в�ех пользователей."
+
+#~ msgid ""
+#~ "Set maximum number of login failures after the account is disabled to "
+#~ "<replaceable>MAX</replaceable>. Selecting <replaceable>MAX</replaceable> "
+#~ "value of 0 has the effect of not placing a limit on the number of failed "
+#~ "logins. The maximum failure count should always be 0 for <emphasis>root</"
+#~ "emphasis> to prevent a denial of services attack against the system."
+#~ msgstr ""
+#~ "У�тановить мак�имальное чи�ло неудачных попыток входа "
+#~ "равному<replaceable>М�КС_ЧИСЛО</replaceable>, по�ле чего учётна� запи�ь "
+#~ "блокирует��. Е�ли <replaceable>М�КС_ЧИСЛО</replaceable> равно 0, то "
+#~ "количе�тво неудачных попыток не ограничивает��. Мак�имальное значение "
+#~ "неудачных попыток должно быть в�егда равно 0 дл� <emphasis>root</"
+#~ "emphasis>, дл� того чтобы предотвратить атаку отказа в об�луживании на "
+#~ "�и�тему."
+
+#~ msgid ""
+#~ "The user's home directory will be created if it does not exist. The files "
+#~ "contained in <replaceable>SKEL_DIR</replaceable> will be copied to the "
+#~ "home directory if the <option>-k</option> option is used, otherwise the "
+#~ "files contained in <filename>/etc/skel</filename> will be used instead. "
+#~ "Any directories contained in <replaceable>SKEL_DIR</replaceable> or "
+#~ "<filename>/etc/skel</filename> will be created in the user's home "
+#~ "directory as well. The <option>-k</option> option is only valid in "
+#~ "conjunction with the <option>-m</option> option. The default is to not "
+#~ "create the directory and to not copy any files."
+#~ msgstr ""
+#~ "Е�ли домашнего каталога пользовател� не �уще�твует, то он будет �оздан. "
+#~ "Файлы из каталога <replaceable>К�Т�ЛОГ_Ш�БЛО�</replaceable> будут "
+#~ "�копированы в домашний каталог, е�ли он указан параметр <option>-k</"
+#~ "option>, иначе будут и�пользованы файлы из каталога <filename>/etc/skel</"
+#~ "filename>. В�е подкаталоги каталога <replaceable>К�Т�ЛОГ_Ш�БЛО�</"
+#~ "replaceable> или <filename>/etc/skel</filename> будут также �озданы в "
+#~ "домашнем каталоге пользовател�. Параметр <option>-k</option> можно "
+#~ "и�пользовать только вме�те � параметром <option>-m</option>. По "
+#~ "умолчанию, домашний каталог не �оздаёт�� и файлы не копируют��."
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#~ msgid ""
+#~ "Your password must be easily remembered so that you will not be forced to "
+#~ "write it on a piece of paper. This can be accomplished by appending two "
+#~ "small words together and separating each with a special character or "
+#~ "digit. For example, Pass%word."
+#~ msgstr ""
+#~ "Пароль должен легко запоминать��, чтобы не было необходимо�ти запи�ывать "
+#~ "его на бумагу. Этого можно до�тичь �оединив два маленьких �лова в одно, "
+#~ "разделив их �пециальным �имволом или цифрой. �апример, Pass%word."
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#~ msgid ""
+#~ "Other methods of construction involve selecting an easily remembered "
+#~ "phrase from literature and selecting the first or last letter from each "
+#~ "word. An example of this is:"
+#~ msgstr ""
+#~ "Другим методом �оздани� �вл�ет�� выбор легко запоминающей�� фразы из "
+#~ "литературы и вз�тие первой или по�ледней буквы каждого �лова. �апример:"
+
+# type: Content of: <refentry><refsect1><refsect2><itemizedlist><listitem><para>
+#~ msgid "Ask not for whom the bell tolls"
+#~ msgstr "Ask not for whom the bell tolls"
+
+# type: Content of: <refentry><refsect1><refsect2><itemizedlist><listitem><para>
+#~ msgid "which produces"
+#~ msgstr "получает��"
+
+# type: Content of: <refentry><refsect1><refsect2><itemizedlist><listitem><para>
+#~ msgid "An4wtbt"
+#~ msgstr "An4wtbt"
+
+# type: Content of: <refentry><refsect1><refsect2><para>
+#~ msgid ""
+#~ "You may be reasonably sure few crackers will have included this in their "
+#~ "dictionaries. You should, however, select your own methods for "
+#~ "constructing passwords and not rely exclusively on the methods given here."
+#~ msgstr ""
+#~ "Можете быть уверены, что некоторые взломщики включат �тот пароль в �вои "
+#~ "�ловари. По�тому вы должны выбрать �вои �об�твенные методы �оздани� "
+#~ "паролей и не полагать�� на методы предложенные зде�ь."
+
+# type: Content of: <refentry><refsect1><para>
+#~ msgid ""
+#~ "The only restriction placed on the contents of the fields is that no "
+#~ "control characters may be present, nor any of comma, colon, or equal "
+#~ "sign. The <emphasis remap=\"I\">other</emphasis> field does not have this "
+#~ "restriction, and is used to store accounting information used by other "
+#~ "applications."
+#~ msgstr ""
+#~ "Един�твенным ограничением значений полей �вл�ет�� то, что они не должны "
+#~ "�одержать управл�ющих �имволов, зап�тых, двоеточий или знака равно. �а "
+#~ "поле <emphasis remap=\"I\">другое</emphasis> не дей�твует �то "
+#~ "ограничение, и оно может и�пользовать�� дл� хранени� информации об "
+#~ "учётной запи�и дл� любых приложений."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid ""
+#~ "Range of user IDs to choose from for the <command>useradd</command> "
+#~ "program."
+#~ msgstr ""
+#~ "Диапазон идентификаторов пользователей, и�пользуемый программой "
+#~ "<command>useradd</command>."
+
+#~ msgid ""
+#~ "The <option>-t</option> flag overrides the use of <option>-u</option>."
+#~ msgstr ""
+#~ "Параметр <option>-t</option> отмен�ет дей�твие параметра <option>-u</"
+#~ "option>."
+
+#~ msgid ""
+#~ "By default, <command>grpck</command> operates on the files <filename>/etc/"
+#~ "group</filename> and <filename>/etc/gshadow</filename>. The user may "
+#~ "select alternate files with the <emphasis remap=\"I\">group</emphasis> "
+#~ "and <emphasis remap=\"I\">shadow</emphasis> parameters. Additionally, the "
+#~ "user may execute the command in read-only mode by specifying the <option>-"
+#~ "r</option> flag. This causes all questions regarding changes to be "
+#~ "answered <emphasis>no</emphasis> without user intervention. "
+#~ "<command>grpck</command> can also sort entries in <filename>/etc/group</"
+#~ "filename> and <filename>/etc/gshadow</filename> by GID. To run it in sort "
+#~ "mode pass it <option>-s</option> flag. No checks are performed then, it "
+#~ "just sorts."
+#~ msgstr ""
+#~ "По умолчанию, команда <command>grpck</command> работает � файлами "
+#~ "<filename>/etc/group</filename> и <filename>/etc/gshadow</filename>. "
+#~ "Пользователь может указать другие файлы � помощью параметров <emphasis "
+#~ "remap=\"I\">shadow</emphasis>. Также, пользователь может запу�тить "
+#~ "команду в режиме только дл� чтени�, указав параметр <option>-r</option>. "
+#~ "Это приведёт к автоматиче�кому ответу <emphasis>нет</emphasis> без "
+#~ "подтверждени� пользовател�. Команда <command>grpck</command> также может "
+#~ "от�ортировать запи�и в файлах <filename>/etc/group</filename> и "
+#~ "<filename>/etc/gshadow</filename> по номеру группы. Дл� запу�ка режима "
+#~ "�ортировки укажите параметр <option>-s</option>. В �том режиме проверка "
+#~ "не выполн�ет��, производит�� только �ортировка."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid "MAIL_DIR USERDEL_CMD"
+#~ msgstr "MAIL_DIR USERDEL_CMD"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para><emphasis>
+#~ msgid "MAIL_DIR"
+#~ msgstr "MAIL_DIR"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid "CHFN_AUTH"
+#~ msgstr "CHFN_AUTH"
+
+# type: Content of: <refentry><refsect1><variablelist><varlistentry><listitem><para>
+#~ msgid "GID_MAX GID_MIN"
+#~ msgstr "GID_MAX GID_MIN"
+
+# type: Content of: <refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#~ msgid ""
+#~ "The name of the new user's login shell. The named program will be used "
+#~ "for all future new user accounts."
+#~ msgstr ""
+#~ "Им� новой реги�трационной оболочки пользовател�. Данна� программа будет "
+#~ "и�пользована дл� в�ех новых пользователь�ких учётных запи�ей."
+
+#~ msgid "-R <placeholder-1/>"
+#~ msgstr "-R <placeholder-1/>"
+
+# type: Content of: <refentry><refsynopsisdiv><cmdsynopsis><arg><replaceable>
+#~ msgid "user,"
+#~ msgstr "пользователь,"
+
+#~ msgid "-A <placeholder-1/>"
+#~ msgstr "-A <placeholder-1/>"
+
+#~ msgid "-M <placeholder-1/>"
+#~ msgstr "-M <placeholder-1/>"
+
+#~ msgid ""
+#~ "Group administrator can add and delete users using <option>-a</option> "
+#~ "and <option>-d</option> options respectively. Administrators can use "
+#~ "<option>-r</option> option to remove group password. When no password is "
+#~ "set only group members can use <command>newgrp</command> to join the "
+#~ "group. Option <option>-R</option> disables access via a password to the "
+#~ "group through <command>newgrp</command> command (however members will "
+#~ "still be able to switch to this group)."
+#~ msgstr ""
+#~ "�дмини�тратор группы может добавл�ть и удал�ть пользователей � помощью "
+#~ "параметров <option>-a</option> и <option>-d</option> �оответ�твенно. "
+#~ "�дмини�траторы могут и�пользовать параметр <option>-r</option> дл� "
+#~ "удалени� парол� группы. Е�ли пароль не задан, то только члены группы � "
+#~ "помощью команды <command>newgrp</command> могут войти в группу. Указав "
+#~ "параметр <option>-R</option> можно запретить до�туп в группу по паролю � "
+#~ "помощью команды <command>newgrp</command> (однако на членов группы �то не "
+#~ "ра�про�тран�ет��)."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>newusers</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>newusers</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
diff --git a/man/po/shadow-man-pages.pot b/man/po/shadow-man-pages.pot
new file mode 100644
index 0000000..05cef7f
--- /dev/null
+++ b/man/po/shadow-man-pages.pot
@@ -0,0 +1,4961 @@
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <LL@li.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname) pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr ""
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname) login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr ""
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr ""
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname) userdel.8.xml:50(firstname) useradd.8.xml:61(firstname) suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname) shadow.5.xml:44(firstname) shadow.3.xml:44(firstname) pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname) porttime.5.xml:44(firstname) passwd.5.xml:44(firstname) passwd.1.xml:51(firstname) newusers.8.xml:59(firstname) newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname) login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname) login.1.xml:77(firstname) limits.5.xml:46(firstname) lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname) groups.1.xml:44(firstname) groupmod.8.xml:45(firstname) groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname) groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname) faillog.8.xml:44(firstname) faillog.5.xml:44(firstname) expiry.1.xml:48(firstname) chsh.1.xml:47(firstname) chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname) chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr ""
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname) useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname) sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname) pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname) passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname) newgrp.1.xml:46(surname) logoutd.8.xml:45(surname) login.defs.5.xml:110(surname) login.access.5.xml:46(surname) login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname) grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname) groupmems.8.xml:49(surname) groupdel.8.xml:46(surname) groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname) faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname) chsh.1.xml:48(surname) chpasswd.8.xml:49(surname) chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr ""
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email) useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email) sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email) pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email) passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email) newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email) login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email) lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email) groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email) groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email) faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email) chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email) chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr ""
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib) useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib) sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib) pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib) passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib) newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib) login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib) login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib) groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib) groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib) faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib) chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib) chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr ""
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname) userdel.8.xml:56(firstname) useradd.8.xml:67(firstname) suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname) shadow.5.xml:50(firstname) shadow.3.xml:50(firstname) pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname) porttime.5.xml:50(firstname) passwd.5.xml:50(firstname) passwd.1.xml:57(firstname) nologin.8.xml:39(firstname) newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname) logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname) login.access.5.xml:51(firstname) login.1.xml:83(firstname) limits.5.xml:52(firstname) lastlog.8.xml:51(firstname) gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname) groups.1.xml:50(firstname) groupmod.8.xml:51(firstname) groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname) groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname) faillog.8.xml:50(firstname) faillog.5.xml:50(firstname) expiry.1.xml:54(firstname) chsh.1.xml:53(firstname) chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname) chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr ""
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname) useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname) sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname) pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname) passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname) newusers.8.xml:66(surname) newgrp.1.xml:52(surname) logoutd.8.xml:51(surname) login.defs.5.xml:116(surname) login.access.5.xml:52(surname) login.1.xml:84(surname) limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname) grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname) groupmems.8.xml:55(surname) groupdel.8.xml:52(surname) groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname) faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname) chsh.1.xml:54(surname) chpasswd.8.xml:55(surname) chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr ""
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email) useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email) sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email) pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email) passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email) newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email) login.defs.5.xml:117(email) login.access.5.xml:53(email) login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email) gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email) groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email) groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email) faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email) chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email) chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr ""
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib) useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib) sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib) pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib) passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib) newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib) logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib) login.access.5.xml:54(contrib) login.1.xml:86(contrib) limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib) grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib) groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib) groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib) faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib) chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr ""
+
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command) login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr ""
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum) userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable) useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum) pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum) newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum) lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum) groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum) groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable) groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum) faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum) chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr ""
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo) userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo) pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo) nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo) logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo) grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo) groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo) groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo) chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr ""
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo) userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo) suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo) sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo) shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo) pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo) passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo) nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo) newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo) login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo) login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo) lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo) grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo) groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo) groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo) gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo) faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo) chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo) chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo) chage.1.xml:61(refmiscinfo)
+msgid "shadow-utils"
+msgstr ""
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr ""
+
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr ""
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable) usermod.8.xml:78(replaceable) userdel.8.xml:76(arg) useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable) su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable) pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable) pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable) newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable) grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable) groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable) faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable) chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable) chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr ""
+
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title) useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title) sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title) shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title) porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title) nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title) logoutd.8.xml:75(title) login.defs.5.xml:134(title) login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title) lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title) groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title) groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title) faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title) chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title) chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr ""
+
+#: vipw.8.xml:90(para)
+msgid "The <command>vipw</command> and <command>vigr</command> commands edits the files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, respectively. With the <option>-s</option> flag, they will edit the shadow versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/gshadow</filename>, respectively. The programs will set the appropriate locks to prevent file corruption. When looking for an editor, the programs will first try the environment variable <envar>$VISUAL</envar>, then the environment variable <envar>$EDITOR</envar>, and finally the default editor, <citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+msgstr ""
+
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title) useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title) pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title) login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title) groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title) groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title) expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title) chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr ""
+
+#: vipw.8.xml:108(para)
+msgid "The options which apply to the <command>vipw</command> and <command>vigr</command> commands are:"
+msgstr ""
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr ""
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr ""
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term) pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term) newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term) groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term) groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term) expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term) chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr ""
+
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para) pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para) newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para) groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para) groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para) expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para) chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr ""
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr ""
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr ""
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr ""
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr ""
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term) useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term) passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term) grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term) groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term) chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term) chfn.1.xml:153(term) chage.1.xml:197(term)
+msgid "<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>"
+msgstr ""
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para) useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para) passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para) grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para) groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para) faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para) chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+msgid "Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use the configuration files from the <replaceable>CHROOT_DIR</replaceable> directory."
+msgstr ""
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr ""
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr ""
+
+#: vipw.8.xml:156(term)
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr ""
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr ""
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title) useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title) pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title) newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title) grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title) groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title) chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title) chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr ""
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para) useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para) pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para) newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para) groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para) groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para) chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para) chage.1.xml:245(para)
+msgid "The following configuration variables in <filename>/etc/login.defs</filename> change the behavior of this tool:"
+msgstr ""
+
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term) chage.1.xml:30(term)
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr ""
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para) chage.1.xml:32(para)
+msgid "If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing scheme will be used."
+msgstr ""
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr ""
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr ""
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr ""
+
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr ""
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr ""
+
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title) useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title) sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title) pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title) passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title) newgrp.1.xml:121(title) logoutd.8.xml:89(title) login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title) lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title) groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title) groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title) faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title) chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr ""
+
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename) userdel.8.xml:191(filename) useradd.8.xml:690(filename) sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename) newgrp.1.xml:136(filename) gshadow.5.xml:159(filename) grpck.8.xml:224(filename) groups.1.xml:103(filename) groupmod.8.xml:208(filename) groupmems.8.xml:214(filename) groupdel.8.xml:143(filename) groupadd.8.xml:236(filename) gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename) gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr ""
+
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para) useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para) newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para) grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para) groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para) gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr ""
+
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename) useradd.8.xml:696(filename) sg.1.xml:131(filename) newusers.8.xml:418(filename) newgrp.1.xml:142(filename) gshadow.5.xml:165(filename) grpck.8.xml:230(filename) groupmod.8.xml:214(filename) groupmems.8.xml:220(filename) groupdel.8.xml:149(filename) groupadd.8.xml:242(filename) gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename) chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr ""
+
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para) sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para) gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para) groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para) chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr ""
+
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename) userdel.8.xml:203(filename) useradd.8.xml:678(filename) su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename) pwck.8.xml:278(filename) passwd.5.xml:144(filename) passwd.1.xml:411(filename) newusers.8.xml:400(filename) newgrp.1.xml:124(filename) login.1.xml:353(filename) grpck.8.xml:236(filename) groupmod.8.xml:226(filename) expiry.1.xml:124(filename) chsh.1.xml:170(filename) chpasswd.8.xml:258(filename) chfn.1.xml:216(filename) chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr ""
+
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para) useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para) shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para) passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para) login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para) expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para) chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr ""
+
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename) userdel.8.xml:209(filename) useradd.8.xml:684(filename) su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename) shadow.3.xml:229(filename) pwck.8.xml:284(filename) passwd.5.xml:150(filename) passwd.1.xml:417(filename) newusers.8.xml:406(filename) newgrp.1.xml:130(filename) login.1.xml:359(filename) expiry.1.xml:130(filename) chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr ""
+
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para) useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para) shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para) passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para) login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para) chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr ""
+
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title) useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title) sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title) pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title) passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title) newusers.8.xml:451(title) newgrp.1.xml:151(title) login.defs.5.xml:534(title) login.access.5.xml:133(title) login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title) grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title) groupmems.8.xml:229(title) groupdel.8.xml:197(title) groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title) faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title) chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title) chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr ""
+
+#: vipw.8.xml:226(para)
+msgid "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></citerefentry><citerefentry condition=\"tcb\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname) useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname) shadow.5.xml:39(firstname) shadow.3.xml:39(firstname) pwck.8.xml:45(firstname) porttime.5.xml:39(firstname) passwd.5.xml:39(firstname) passwd.1.xml:46(firstname) newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname) logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname) login.1.xml:72(firstname) lastlog.8.xml:40(firstname) grpck.8.xml:40(firstname) groups.1.xml:39(firstname) groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname) groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname) faillog.5.xml:39(firstname) expiry.1.xml:43(firstname) chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname) chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr ""
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname) useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname) shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname) porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname) newusers.8.xml:55(surname) newgrp.1.xml:41(surname) logoutd.8.xml:40(surname) login.defs.5.xml:105(surname) login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname) groups.1.xml:40(surname) groupmod.8.xml:41(surname) groupdel.8.xml:41(surname) groupadd.8.xml:43(surname) faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname) chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr ""
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib) useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib) newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib) login.defs.5.xml:106(contrib) groups.1.xml:41(contrib) groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib) groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr ""
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname) usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr ""
+
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr ""
+
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable) useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable) chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable) chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr ""
+
+#: usermod.8.xml:86(para)
+msgid "The <command>usermod</command> command modifies the system account files to reflect the changes that are specified on the command line."
+msgstr ""
+
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr ""
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr ""
+
+#: usermod.8.xml:104(para)
+msgid "Add the user to the supplementary group(s). Use only with the <option>-G</option> option."
+msgstr ""
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid "<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:115(para)
+msgid "The new value of the user's password file comment field. It is normally modified using the <citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+
+#: usermod.8.xml:124(term)
+msgid "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr ""
+
+#: usermod.8.xml:131(para)
+msgid "If the <option>-m</option> option is given, the contents of the current home directory will be moved to the new home directory, which is created if it does not already exist."
+msgstr ""
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid "<option>-e</option>, <option>--expiredate</option>&nbsp;<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid "The date on which the user account will be disabled. The date is specified in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+
+#: usermod.8.xml:148(para)
+msgid "An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the expiration of the account."
+msgstr ""
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid "This option requires a <filename>/etc/shadow</filename> file. A <filename>/etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid "<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:164(para)
+msgid "The number of days after a password expires until the account is permanently disabled."
+msgstr ""
+
+#: usermod.8.xml:168(para)
+msgid "A value of 0 disables the account as soon as the password has expired, and a value of -1 disables the feature."
+msgstr ""
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid "<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:185(para)
+msgid "The group name or number of the user's new initial login group. The group must exist."
+msgstr ""
+
+#: usermod.8.xml:189(para)
+msgid "Any file from the user's home directory owned by the previous primary group of the user will be owned by this new group."
+msgstr ""
+
+#: usermod.8.xml:193(para)
+msgid "The group ownership of files outside of the user's home directory must be fixed manually."
+msgstr ""
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid "<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I\">,GROUPN</emphasis>]]]"
+msgstr ""
+
+#: usermod.8.xml:204(para)
+msgid "A list of supplementary groups which the user is also a member of. Each group is separated from the next by a comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the <option>-g</option> option."
+msgstr ""
+
+#: usermod.8.xml:211(para)
+msgid "If the user is currently a member of a group which is not listed, the user will be removed from the group. This behaviour can be changed via the <option>-a</option> option, which appends the user to the current supplementary group list."
+msgstr ""
+
+#: usermod.8.xml:220(term)
+msgid "<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:224(para)
+msgid "The name of the user will be changed from <replaceable>LOGIN</replaceable> to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In particular, the user's home directory or mail spool should probably be renamed manually to reflect the new login name."
+msgstr ""
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr ""
+
+#: usermod.8.xml:238(para)
+msgid "Lock a user's password. This puts a '!' in front of the encrypted password, effectively disabling the password. You can't use this option with <option>-p</option> or <option>-U</option>."
+msgstr ""
+
+#: usermod.8.xml:244(para)
+msgid "Note: if you wish to lock the account (not only access with a password), you should also set the <replaceable>EXPIRE_DATE</replaceable> to <replaceable>1</replaceable>."
+msgstr ""
+
+#: usermod.8.xml:253(term)
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr ""
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr ""
+
+#: usermod.8.xml:261(para)
+msgid "This option is only valid in combination with the <option>-d</option> (or <option>--home</option>) option."
+msgstr ""
+
+#: usermod.8.xml:265(para)
+msgid "<command>usermod</command> will try to adapt the ownership of the files and to copy the modes, ACL and extended attributes, but manual changes might be needed afterwards."
+msgstr ""
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term) groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr ""
+
+#: usermod.8.xml:277(para)
+msgid "When used with the <option>-u</option> option, this option allows to change the user ID to a non-unique value."
+msgstr ""
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term) groupadd.8.xml:167(term)
+msgid "<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid "The encrypted password, as returned by <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para) groupadd.8.xml:176(para)
+msgid "<emphasis role=\"bold\">Note:</emphasis> This option is not recommended because the password (or encrypted password) will be visible by users listing the processes."
+msgstr ""
+
+#: usermod.8.xml:298(para)
+msgid "The password will be written in the local <filename>/etc/passwd</filename> or <filename>/etc/shadow</filename> file. This might differ from the password database configured in your PAM configuration."
+msgstr ""
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para) groupadd.8.xml:181(para)
+msgid "You should make sure the password respects the system's password policy."
+msgstr ""
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term) su.1.xml:187(term) chsh.1.xml:119(term)
+msgid "<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid "The name of the user's new login shell. Setting this field to blank causes the system to select the default login shell."
+msgstr ""
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr ""
+
+#: usermod.8.xml:341(para)
+msgid "This value must be unique, unless the <option>-o</option> option is used. The value must be non-negative."
+msgstr ""
+
+#: usermod.8.xml:346(para)
+msgid "The user's mailbox, and any files which the user owns and which are located in the user's home directory will have the file user ID changed automatically."
+msgstr ""
+
+#: usermod.8.xml:351(para)
+msgid "The ownership of files outside of the user's home directory must be fixed manually."
+msgstr ""
+
+#: usermod.8.xml:355(para)
+msgid "No checks will be performed with regard to the <option>UID_MIN</option>, <option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or <option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr ""
+
+#: usermod.8.xml:368(para)
+msgid "Unlock a user's password. This removes the '!' in front of the encrypted password. You can't use this option with <option>-p</option> or <option>-L</option>."
+msgstr ""
+
+#: usermod.8.xml:373(para)
+msgid "Note: if you wish to unlock the account (not only access with a password), you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+
+#: usermod.8.xml:384(term)
+msgid "<option>-v</option>, <option>--add-subuids</option>&nbsp;<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid "This option may be specified multiple times to add multiple ranges to a users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+msgid "No checks will be performed with regard to <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/login.defs."
+msgstr ""
+
+#: usermod.8.xml:402(term)
+msgid "<option>-V</option>, <option>--del-subuids</option>&nbsp;<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid "This option may be specified multiple times to remove multiple ranges to a users account. When both <option>--del-subuids</option> and <option>--add-subuids</option> are specified, the removal of all subordinate uid ranges happens before any subordinate uid range is added."
+msgstr ""
+
+#: usermod.8.xml:422(term)
+msgid "<option>-w</option>, <option>--add-subgids</option>&nbsp;<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+msgid "No checks will be performed with regard to <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/login.defs."
+msgstr ""
+
+#: usermod.8.xml:440(term)
+msgid "<option>-W</option>, <option>--del-subgids</option>&nbsp;<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:444(para)
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:447(para)
+msgid "This option may be specified multiple times to remove multiple ranges to a users account. When both <option>--del-subgids</option> and <option>--add-subgids</option> are specified, the removal of all subordinate gid ranges happens before any subordinate gid range is added."
+msgstr ""
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>&nbsp;<replaceable>SEUSER</replaceable>"
+msgstr ""
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr ""
+
+#: usermod.8.xml:467(para)
+msgid "A blank <replaceable>SEUSER</replaceable> will remove the SELinux user mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title) su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title) newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title) groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title) faillog.8.xml:232(title) chpasswd.8.xml:231(title) chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr ""
+
+#: usermod.8.xml:479(para)
+msgid "You must make certain that the named user is not executing any processes when this command is being executed if the user's numerical user ID, the user's name, or the user's home directory is being changed. <command>usermod</command> checks this on Linux. On other platforms it only uses utmp to check if the user is logged in."
+msgstr ""
+
+#: usermod.8.xml:486(para)
+msgid "You must change the owner of any <command>crontab</command> files or <command>at</command> jobs manually."
+msgstr ""
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr ""
+
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr ""
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "The mail spool directory. This is needed to manipulate the mailbox when its corresponding user account is modified or deleted. If not specified, a compile-time default is used."
+msgstr ""
+
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term) su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr ""
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para) su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid "Defines the location of the users mail spool files relatively to their home directory."
+msgstr ""
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para) su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid "The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are used by <command>useradd</command>, <command>usermod</command>, and <command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para) su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid "If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</replaceable>, they are also used to define the <envar>MAIL</envar> environment variable."
+msgstr ""
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term) pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term) grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term) groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para) pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para) grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para) groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para) chgpasswd.8.xml:32(para)
+msgid "Maximum members per group entry. When the maximum is reached, a new group entry (line) is started in <filename>/etc/group</filename> (with the same name, same password, and same GID)."
+msgstr ""
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para) pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para) grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para) groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para) chgpasswd.8.xml:37(para)
+msgid "The default value is 0, meaning that there are no limits in the number of members in a group."
+msgstr ""
+
+#. Note: on HP, split groups have the same ID, but different
+#.                names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para) pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para) grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para) groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para) chgpasswd.8.xml:43(para)
+msgid "This feature (split group) permits to limit the length of lines in the group file. This is useful to make sure that lines for NIS groups are not larger than 1024 characters."
+msgstr ""
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para) pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para) grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para) groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para) chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr ""
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para) pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para) grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para) groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para) chgpasswd.8.xml:51(para)
+msgid "Note: split groups may not be supported by all tools (even in the Shadow toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid "If <filename>/etc/subuid</filename> exists, the commands <command>useradd</command> and <command>newusers</command> (unless the user already have subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+msgid "The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 and 10000."
+msgstr ""
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid "If <filename>/etc/subuid</filename> exists, the commands <command>useradd</command> and <command>newusers</command> (unless the user already have subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+msgid "The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 and 10000."
+msgstr ""
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr ""
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting) useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting) login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid "\nif ( UID is less than 1000) {\n  use /etc/tcb/user\n} else if ( UID is less than 1000000) {\n  kilos = UID / 1000\n  use /etc/tcb/:kilos/user\n  make symlink /etc/tcb/user to the above directory\n} else {\n  megas = UID / 1000000\n  kilos = ( UID / megas * 1000000 ) / 1000\n  use /etc/tcb/:megas/:kilos/user\n  make symlink /etc/tcb/user to the above directory\n}\n      "
+msgstr ""
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid "If <replaceable>yes</replaceable>, the location of the user tcb directory to be created will not be automatically set to /etc/tcb/user, but will be computed depending on the UID of the user, according to the following algorithm: <placeholder-1/>"
+msgstr ""
+
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename) useradd.8.xml:726(filename) su.1.xml:382(filename) pwconv.8.xml:253(filename) passwd.1.xml:423(filename) newusers.8.xml:424(filename) login.access.5.xml:124(filename) login.1.xml:389(filename) groupmod.8.xml:220(filename) groupadd.8.xml:248(filename) chsh.1.xml:182(filename) chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename) chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr ""
+
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para) su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para) newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para) groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para) chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr ""
+
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename) useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+msgid "/etc/subgid"
+msgstr ""
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para) newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename) useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+msgid "/etc/subuid"
+msgstr ""
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para) newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+#: usermod.8.xml:562(para)
+msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition=\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname) userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr ""
+
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr ""
+
+#: userdel.8.xml:85(para)
+msgid "The <command>userdel</command> command modifies the system account files, deleting all entries that refer to the user name <emphasis remap=\"I\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr ""
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr ""
+
+#: userdel.8.xml:103(para)
+msgid "This option forces the removal of the user account, even if the user is still logged in. It also forces <command>userdel</command> to remove the user's home directory and mail spool, even if another user uses the same home directory or if the mail spool is not owned by the specified user. If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</emphasis> in <filename>/etc/login.defs</filename> and if a group exists with the same name as the deleted user, then this group will be removed, even if it is still the primary group of another user."
+msgstr ""
+
+#: userdel.8.xml:116(para)
+msgid "<emphasis>Note:</emphasis> This option is dangerous and may leave your system in an inconsistent state."
+msgstr ""
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr ""
+
+#: userdel.8.xml:133(para)
+msgid "Files in the user's home directory will be removed along with the home directory itself and the user's mail spool. Files located in other file systems will have to be searched for and deleted manually."
+msgstr ""
+
+#: userdel.8.xml:139(para)
+msgid "The mail spool is defined by the <option>MAIL_DIR</option> variable in the <filename>login.defs</filename> file."
+msgstr ""
+
+#: userdel.8.xml:158(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr ""
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr ""
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr ""
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid "If defined, this command is run when removing a user. It should remove any at/cron/print jobs etc. owned by the user to be removed (passed as the first argument)."
+msgstr ""
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr ""
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid "\n#! /bin/sh\n\n# Check for the required argument.\nif [ $# != 1 ]; then\n\techo \"Usage: $0 username\"\n\texit 1\nfi\n\n# Remove cron jobs.\ncrontab -r -u $1\n\n# Remove at jobs.\n# Note that it will remove any jobs owned by the same UID,\n# even if it was shared by a different username.\nAT_SPOOL_DIR=/var/spool/cron/atjobs\nfind $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n\n# Remove print jobs.\nlprm $1\n\n# All done.\nexit 0\n      "
+msgstr ""
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid "Here is an example script, which removes the user's cron, at and print jobs: <placeholder-1/>"
+msgstr ""
+
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr ""
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable setting of the umask group bits to be the same as owner bits (examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is the same as gid, and username is the same as the primary group name."
+msgstr ""
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If set to <replaceable>yes</replaceable>, <command>userdel</command> will remove the user's group if it contains no more members, and <command>useradd</command> will create by default a group with the name of the user."
+msgstr ""
+
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title) pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title) groupmod.8.xml:235(title) groupdel.8.xml:158(title) groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr ""
+
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable) su.1.xml:410(replaceable) pwck.8.xml:298(replaceable) passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable) groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable) groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr ""
+
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para) passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para) groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr ""
+
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable) su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum) pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum) passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum) login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable) groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum) expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum) chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr ""
+
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr ""
+
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable) pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable) grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable) groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable) chage.1.xml:295(replaceable)
+msgid "2"
+msgstr ""
+
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para) grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para) groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr ""
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable) pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable) groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr ""
+
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr ""
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr ""
+
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable) groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable) groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr ""
+
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para) groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr ""
+
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr ""
+
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr ""
+
+#: userdel.8.xml:231(para)
+msgid "The <command>userdel</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#: userdel.8.xml:282(para)
+msgid "<command>userdel</command> will not allow you to remove an account if there are running processes which belong to this account. In that case, you may have to kill those processes or lock the user's password or account and remove the account later. The <option>-f</option> option can force the deletion of this account."
+msgstr ""
+
+#: userdel.8.xml:289(para)
+msgid "You should manually check all file systems to ensure that no files remain owned by this user."
+msgstr ""
+
+#: userdel.8.xml:293(para)
+msgid "You may not remove any NIS attributes on a NIS client. This must be performed on the NIS server."
+msgstr ""
+
+#: userdel.8.xml:296(para)
+msgid "If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</command> will delete the group with the same name as the user. To avoid inconsistencies in the passwd and group databases, <command>userdel</command> will check that this group is not used as a primary group for another user, and will just warn without deleting the group otherwise. The <option>-f</option> option can force the deletion of this group."
+msgstr ""
+
+#: userdel.8.xml:309(para)
+msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition=\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname) useradd.8.xml:86(command) useradd.8.xml:93(command) useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr ""
+
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr ""
+
+#: useradd.8.xml:107(para)
+msgid "When invoked without the <option>-D</option> option, the <command>useradd</command> command creates a new user account using the values specified on the command line plus the default values from the system. Depending on command line options, the <command>useradd</command> command will update system files and may also create the new user's home directory and copy initial files."
+msgstr ""
+
+#: useradd.8.xml:116(para)
+msgid "By default, a group will also be created for the new user (see <option>-g</option>, <option>-N</option>, <option>-U</option>, and <option>USERGROUPS_ENAB</option>)."
+msgstr ""
+
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr ""
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid "<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</replaceable>"
+msgstr ""
+
+#: useradd.8.xml:133(para)
+msgid "The default base directory for the system if <option>-d</option>&nbsp;<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</replaceable> is concatenated with the account name to define the home directory. If the <option>-m</option> option is not used, <replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+
+#: useradd.8.xml:140(para)
+msgid "If this option is not specified, <command>useradd</command> will use the base directory specified by the <option>HOME</option> variable in <filename>/etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+
+#: useradd.8.xml:154(para)
+msgid "Any text string. It is generally a short description of the login, and is currently used as the field for the user's full name."
+msgstr ""
+
+#: useradd.8.xml:162(term)
+msgid "<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</replaceable>"
+msgstr ""
+
+#: useradd.8.xml:166(para)
+msgid "The new user will be created using <replaceable>HOME_DIR</replaceable> as the value for the user's login directory. The default is to append the <replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> and use that as the login directory name. The directory <replaceable>HOME_DIR</replaceable> does not have to exist but will not be created if it is missing."
+msgstr ""
+
+#: useradd.8.xml:178(term)
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr ""
+
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr ""
+
+#: useradd.8.xml:196(para)
+msgid "If not specified, <command>useradd</command> will use the default expiry date specified by the <option>EXPIRE</option> variable in <filename>/etc/default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+
+#: useradd.8.xml:209(para)
+msgid "The number of days after a password expires until the account is permanently disabled. A value of 0 disables the account as soon as the password has expired, and a value of -1 disables the feature."
+msgstr ""
+
+#: useradd.8.xml:215(para)
+msgid "If not specified, <command>useradd</command> will use the default inactivity period specified by the <option>INACTIVE</option> variable in <filename>/etc/default/useradd</filename>, or -1 by default."
+msgstr ""
+
+#: useradd.8.xml:228(para)
+msgid "The group name or number of the user's initial login group. The group name must exist. A group number must refer to an already existing group."
+msgstr ""
+
+#: useradd.8.xml:233(para)
+msgid "If not specified, the behavior of <command>useradd</command> will depend on the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</filename>. If this variable is set to <replaceable>yes</replaceable> (or <option>-U/--user-group</option> is specified on the command line), a group will be created for the user, with the same name as her loginname. If the variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-group</option> is specified on the command line), useradd will set the primary group of the new user to the value specified by the <option>GROUP</option> variable in <filename>/etc/default/useradd</filename>, or 100 by default."
+msgstr ""
+
+#: useradd.8.xml:255(para)
+msgid "A list of supplementary groups which the user is also a member of. Each group is separated from the next by a comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the <option>-g</option> option. The default is for the user to belong only to the initial group."
+msgstr ""
+
+#: useradd.8.xml:272(term)
+msgid "<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</replaceable>"
+msgstr ""
+
+#: useradd.8.xml:276(para)
+msgid "The skeleton directory, which contains files and directories to be copied in the user's home directory, when the home directory is created by <command>useradd</command>."
+msgstr ""
+
+#: useradd.8.xml:281(para)
+msgid "This option is only valid if the <option>-m</option> (or <option>--create-home</option>) option is specified."
+msgstr ""
+
+#: useradd.8.xml:285(para)
+msgid "If this option is not set, the skeleton directory is defined by the <option>SKEL</option> variable in <filename>/etc/default/useradd</filename> or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr ""
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+
+#: useradd.8.xml:301(para)
+msgid "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</option>, <option>UID_MAX</option>, <option>UMASK</option>, <option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: <option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</replaceable> can be used when creating system account to turn off password aging, even though system account has no password at all. Multiple <option>-K</option> options can be specified, e.g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+
+#: useradd.8.xml:322(term)
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr ""
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr ""
+
+#: useradd.8.xml:327(para)
+msgid "By default, the user's entries in the lastlog and faillog databases are reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr ""
+
+#: useradd.8.xml:339(para)
+msgid "Create the user's home directory if it does not exist. The files and directories contained in the skeleton directory (which can be defined with the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+
+#: useradd.8.xml:345(para)
+msgid "By default, if this option is not specified and <option>CREATE_HOME</option> is not enabled, no home directories are created."
+msgstr ""
+
+#: useradd.8.xml:353(term)
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr ""
+
+#: useradd.8.xml:357(para)
+msgid "Do no create the user's home directory, even if the system wide setting from <filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set to <replaceable>yes</replaceable>."
+msgstr ""
+
+#: useradd.8.xml:366(term)
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr ""
+
+#: useradd.8.xml:370(para)
+msgid "Do not create a group with the same name as the user, but add the user to the group specified by the <option>-g</option> option or by the <option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid "The default behavior (if the <option>-g</option>, <option>-N</option>, and <option>-U</option> options are not specified) is defined by the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr ""
+
+#: useradd.8.xml:390(para)
+msgid "This option is only valid in combination with the <option>-u</option> option."
+msgstr ""
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+msgid "The encrypted password, as returned by <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to disable the password."
+msgstr ""
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr ""
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr ""
+
+#: useradd.8.xml:425(para)
+msgid "System users will be created with no aging information in <filename>/etc/shadow</filename>, and their numeric identifiers are chosen in the <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in <filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-<option>UID_MAX</option> (and their <option>GID</option> counterparts for the creation of groups)."
+msgstr ""
+
+#: useradd.8.xml:434(para)
+msgid "Note that <command>useradd</command> will not create a home directory for such a user, regardless of the default setting in <filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>). You have to specify the <option>-m</option> options if you want a home directory for a system account to be created."
+msgstr ""
+
+#: useradd.8.xml:461(para)
+msgid "The name of the user's login shell. The default is to leave this field blank, which causes the system to select the default login shell specified by the <option>SHELL</option> variable in <filename>/etc/default/useradd</filename>, or an empty string by default."
+msgstr ""
+
+#: useradd.8.xml:475(para)
+msgid "The numerical value of the user's ID. This value must be unique, unless the <option>-o</option> option is used. The value must be non-negative. The default is to use the smallest ID value greater than or equal to <option>UID_MIN</option> and greater than every other user."
+msgstr ""
+
+#: useradd.8.xml:482(para)
+msgid "See also the <option>-r</option> option and the <option>UID_MAX</option> description."
+msgstr ""
+
+#: useradd.8.xml:489(term)
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr ""
+
+#: useradd.8.xml:493(para)
+msgid "Create a group with the same name as the user, and add the user to this group."
+msgstr ""
+
+#: useradd.8.xml:510(para)
+msgid "The SELinux user for the user's login. The default is to leave this field blank, which causes the system to select the default SELinux user."
+msgstr ""
+
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr ""
+
+#: useradd.8.xml:521(para)
+msgid "When invoked with only the <option>-D</option> option, <command>useradd</command> will display the current default values. When invoked with <option>-D</option> plus other options, <command>useradd</command> will update the default values for the specified options. Valid default-changing options are:"
+msgstr ""
+
+#: useradd.8.xml:534(para)
+msgid "The path prefix for a new user's home directory. The user's name will be affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new user's home directory name, if the <option>-d</option> option is not used when creating a new account."
+msgstr ""
+
+#: useradd.8.xml:541(para)
+msgid "This option sets the <option>HOME</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr ""
+
+#: useradd.8.xml:553(para)
+msgid "This option sets the <option>EXPIRE</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:564(para)
+msgid "The number of days after a password has expired before the account will be disabled."
+msgstr ""
+
+#: useradd.8.xml:568(para)
+msgid "This option sets the <option>INACTIVE</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:579(para)
+msgid "The group name or ID for a new user's initial group (when the <option>-N/--no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> variable is set to <replaceable>no</replaceable> in <filename>/etc/login.defs</filename>). The named group must exist, and a numerical group ID must have an existing entry."
+msgstr ""
+
+#: useradd.8.xml:588(para)
+msgid "This option sets the <option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr ""
+
+#: useradd.8.xml:602(para)
+msgid "This option sets the <option>SHELL</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr ""
+
+#: useradd.8.xml:615(para)
+msgid "The system administrator is responsible for placing the default user files in the <filename>/etc/skel/</filename> directory (or any other skeleton directory specified in <filename>/etc/default/useradd</filename> or on the command line)."
+msgstr ""
+
+#: useradd.8.xml:624(para)
+msgid "You may not add a user to a NIS or LDAP group. This must be performed on the corresponding server."
+msgstr ""
+
+#: useradd.8.xml:629(para)
+msgid "Similarly, if the username already exists in an external user database such as NIS or LDAP, <command>useradd</command> will deny the user account creation request."
+msgstr ""
+
+#: useradd.8.xml:635(para)
+msgid "Usernames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes. They can end with a dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr ""
+
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr ""
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid "Indicate if a home directory should be created by default for new users."
+msgstr ""
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid "This setting does not apply to system users, and can be overridden on the command line."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term) groupadd.8.xml:32(term)
+msgid "<option>GID_MAX</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term) groupadd.8.xml:33(term)
+msgid "<option>GID_MIN</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para) groupadd.8.xml:35(para)
+msgid "Range of group IDs used for the creation of regular groups by <command>useradd</command>, <command>groupadd</command>, or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para) groupadd.8.xml:40(para)
+msgid "The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</option>) is 1000 (resp. 60000)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid "The maximum number of days a password may be used. If the password is older than this, a password change will be forced. If not specified, -1 will be assumed (which disables the restriction)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid "The minimum number of days allowed between password changes. Any password changes attempted sooner than this will be rejected. If not specified, -1 will be assumed (which disables the restriction)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid "The number of days warning given before a password expires. A zero means warning is given only upon the day of expiration, a negative value means no warning is given. If not specified, no warning will be provided."
+msgstr ""
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term) groupadd.8.xml:30(term)
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term) groupadd.8.xml:31(term)
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para) groupadd.8.xml:33(para)
+msgid "Range of group IDs used for the creation of system groups by <command>useradd</command>, <command>groupadd</command>, or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para) groupadd.8.xml:38(para)
+msgid "The default value for <option>SYS_GID_MIN</option> (resp. <option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid "Range of user IDs used for the creation of system users by <command>useradd</command> or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid "The default value for <option>SYS_UID_MIN</option> (resp. <option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr ""
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid "If <replaceable>yes</replaceable>, newly created tcb shadow files will be group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>UID_MAX</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>UID_MIN</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid "Range of user IDs used for the creation of regular users by <command>useradd</command> or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid "The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</option>) is 1000 (resp. 60000)."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>UMASK</option> (number)"
+msgstr ""
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "The file mode creation mask is initialized to this value. If not specified, the mask will be initialized to 022."
+msgstr ""
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "<command>useradd</command> and <command>newusers</command> use this mask to set the mode of the home directory they create"
+msgstr ""
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "It is also used by <command>login</command> to define users' initial umask. Note that this mask can be overridden by the user's GECOS line (if <option>QUOTAS_ENAB</option> is set) or by the specification of a limit with the <emphasis>K</emphasis> identifier in <citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid "It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr ""
+
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr ""
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr ""
+
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr ""
+
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum) pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable) grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable) groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr ""
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para) groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr ""
+
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable) passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable) groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr ""
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr ""
+
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para) groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr ""
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable) groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr ""
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr ""
+
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr ""
+
+#: useradd.8.xml:794(replaceable)
+msgid "14"
+msgstr ""
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr ""
+
+#: useradd.8.xml:736(para)
+msgid "The <command>useradd</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#: useradd.8.xml:805(para)
+msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition=\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib) login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr ""
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr ""
+
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum) pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum) passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable) login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum) limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum) grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr ""
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo) porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo) login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo) limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo) faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr ""
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr ""
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr ""
+
+#: suauth.5.xml:76(para)
+msgid "The file <filename>/etc/suauth</filename> is referenced whenever the su command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, no-wrap
+msgid "\n      1) the user su is targeting\n    "
+msgstr ""
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid "2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+
+#: suauth.5.xml:92(para)
+msgid "The file is formatted like this, with lines starting with a # being treated as comment lines and ignored;"
+msgstr ""
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid "\n      to-id:from-id:ACTION\n    "
+msgstr ""
+
+#: suauth.5.xml:101(para)
+msgid "Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by a list of usernames delimited by \",\"."
+msgstr ""
+
+#: suauth.5.xml:107(para)
+msgid "from-id is formatted the same as to-id except the extra word <emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> appears one or more group names, delimited by \",\". It is not sufficient to have primary group id of the relevant group, an entry in <citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</manvolnum></citerefentry> is necessary."
+msgstr ""
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr ""
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr ""
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr ""
+
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr ""
+
+#: suauth.5.xml:137(para)
+msgid "The attempt to su is automatically successful; no password is asked for."
+msgstr ""
+
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr ""
+
+#: suauth.5.xml:148(para)
+msgid "For the su command to be successful, the user must enter his or her own password. They are told this."
+msgstr ""
+
+#: suauth.5.xml:156(para)
+msgid "Note there are three separate fields delimited by a colon. No whitespace must surround this colon. Also note that the file is examined sequentially line by line, and the first applicable rule is used without examining the file further. This makes it possible for a system administrator to exercise as fine control as he or she wishes."
+msgstr ""
+
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr ""
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid "\n      # sample /etc/suauth file\n      #\n      # A couple of privileged usernames may\n      # su to root with their own password.\n      #\n      root:chris,birddog:OWNPASS\n      #\n      # Anyone else may not su to root unless in\n      # group wheel. This is how BSD does things.\n      #\n      root:ALL EXCEPT GROUP wheel:DENY\n      #\n      # Perhaps terry and birddog are accounts\n      # owned by the same person.\n      # Access can be arranged between them\n      # with no password.\n      #\n      terry:birddog:NOPASS\n      birddog:terry:NOPASS\n      #\n    "
+msgstr ""
+
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr ""
+
+#: suauth.5.xml:204(para)
+msgid "There could be plenty lurking. The file parser is particularly unforgiving about syntax errors, expecting no spurious whitespace (apart from beginning and end of lines), and a specific token delimiting different things."
+msgstr ""
+
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr ""
+
+#: suauth.5.xml:214(para)
+msgid "An error parsing the file is reported using <citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+
+#: suauth.5.xml:223(para)
+msgid "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+msgstr ""
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib) porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib) login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr ""
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command) login.defs.5.xml:446(term)
+msgid "su"
+msgstr ""
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo) passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo) login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo) gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo) chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo) chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr ""
+
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr ""
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable) login.1.xml:115(replaceable)
+msgid "username"
+msgstr ""
+
+#: su.1.xml:100(para)
+msgid "The <command>su</command> command is used to become another user during a login session. Invoked without a <option>username</option>, <command>su</command> defaults to becoming the superuser. The optional argument <option>-</option> may be used to provide an environment similar to what the user would expect had the user logged in directly."
+msgstr ""
+
+#: su.1.xml:109(para)
+msgid "Additional arguments may be provided after the username, in which case they are supplied to the user's login shell. In particular, an argument of <option>-c</option> will cause the next argument to be treated as a command by most command interpreters. The command will be executed by the shell specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+
+#: su.1.xml:118(para)
+msgid "You can use the <option>--</option> argument to separate <command>su</command> options from the arguments supplied to the shell."
+msgstr ""
+
+#: su.1.xml:123(para)
+msgid "The user will be prompted for a password, if appropriate. Invalid passwords will produce an error message. All attempts, both valid and invalid, are logged to detect abuse of the system."
+msgstr ""
+
+#: su.1.xml:128(para)
+msgid "The current environment is passed to the new shell. The value of <envar>$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the superuser. This may be changed with the <option>ENV_PATH</option> and <option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid "A subsystem login is indicated by the presence of a \"*\" as the first character of the login shell. The given home directory will be used as the root of a new file system which the user is actually logged into."
+msgstr ""
+
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr ""
+
+#: su.1.xml:150(term)
+msgid "<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</replaceable>"
+msgstr ""
+
+#: su.1.xml:154(para)
+msgid "Specify a command that will be invoked by the shell using its <option>-c</option>."
+msgstr ""
+
+#: su.1.xml:158(para)
+msgid "The executed command will have no controlling terminal. This option cannot be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr ""
+
+#: su.1.xml:172(para)
+msgid "Provide an environment similar to what the user would expect had the user logged in directly."
+msgstr ""
+
+#: su.1.xml:176(para)
+msgid "When <option>-</option> is used, it must be specified before any <option>username</option>. For portability it is recommended to use it as last option, before any <option>username</option>. The other forms (<option>-l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr ""
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr ""
+
+#: su.1.xml:202(para)
+msgid "If <option>--preserve-environment</option> is used, the shell specified by the <envar>$SHELL</envar> environment variable."
+msgstr ""
+
+#: su.1.xml:209(para)
+msgid "The shell indicated in the <filename>/etc/passwd</filename> entry for the target user."
+msgstr ""
+
+#: su.1.xml:215(para)
+msgid "<filename>/bin/sh</filename> if a shell could not be found by any above method."
+msgstr ""
+
+#: su.1.xml:192(para)
+msgid "The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:220(para)
+msgid "If the target user has a restricted shell (i.e. the shell field of this user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/etc/shells</filename>), then the <option>--shell</option> option or the <envar>$SHELL</envar> environment variable won't be taken into account, unless <command>su</command> is called by root."
+msgstr ""
+
+#: su.1.xml:231(term)
+msgid "<option>-m</option>, <option>-p</option>, <option>--preserve-environment</option>"
+msgstr ""
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr ""
+
+#: su.1.xml:242(para)
+msgid "reset according to the <filename>/etc/login.defs</filename> options <option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr ""
+
+#: su.1.xml:253(para)
+msgid "reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was set."
+msgstr ""
+
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:262(para)
+msgid "If the target user has a restricted shell, this option has no effect (unless <command>su</command> is called by root)."
+msgstr ""
+
+#: su.1.xml:271(para)
+msgid "The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, <envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> environment variables are reset."
+msgstr ""
+
+#: su.1.xml:280(para)
+msgid "If <option>--login</option> is not used, the environment is copied, except for the variables above."
+msgstr ""
+
+#: su.1.xml:287(para)
+msgid "If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> environment variables are copied if they were set."
+msgstr ""
+
+#: su.1.xml:297(para)
+msgid "If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</envar>, and <envar>$MAIL</envar> environment variables are set according to the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, <option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</option> (see below)."
+msgstr ""
+
+#: su.1.xml:310(para)
+msgid "If <option>--login</option> is used, other environment variables might be set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr ""
+
+#: su.1.xml:266(para)
+msgid "Note that the default behavior for the environment is the following: <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:332(para)
+msgid "This version of <command>su</command> has many compilation options, only some of which may be in use at any particular site."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, either full pathname of a file containing device names (one per line) or a \":\" delimited list of device names. Root logins will be allowed only upon these devices."
+msgstr ""
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr ""
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "List of groups to add to the user's supplementary groups set when logging in on the console (as determined by the CONSOLE setting). Default is none. <placeholder-1/> Use with caution - it is possible for users to gain permanent access to these groups, even when not logged in on the console."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Indicate if login is allowed if we can't cd to the home directory. Default is no."
+msgstr ""
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "If set to <replaceable>yes</replaceable>, the user will login in the root (<filename>/</filename>) directory if it is not possible to cd to her home directory."
+msgstr ""
+
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>ENV_HZ</option> (string)"
+msgstr ""
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid "If set, it will be used to define the HZ environment variable when a user login. The value must be preceded by <replaceable>HZ=</replaceable>. A common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid "The <envar>HZ</envar> environment variable is only set when the user (the superuser) logs in with <command>sulogin</command>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If this file exists and is readable, login environment will be read from it. Every line should be in the form name=value."
+msgstr ""
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_PATH</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If set, it will be used to define the PATH environment variable when a regular user login. The value is a colon separated list of paths (for example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by <replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/bin:/usr/bin</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If set, it will be used to define the PATH environment variable when the superuser login. The value is a colon separated list of paths (for example <replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be preceded by <replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_TZ</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If set, it will be used to define the TZ environment variable when a user login. The value can be the name of a timezone preceded by <replaceable>TZ=</replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the full path to the file containing the timezone specification (for example <filename>/etc/tzname</filename>)."
+msgstr ""
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid "If a full path is specified but the file does not exist or cannot be read, the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term) chsh.1.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para) chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid "The string used for prompting a password. The default is to use \"Password: \", or a translation of that string. If you set this variable, the prompt will not be translated."
+msgstr ""
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para) chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid "If the string contains <replaceable>%s</replaceable>, this will be replaced by the user's name."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr ""
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid "You should disable it if the shell startup files already check for mail (\"mailx -e\" or equivalent)."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable setting of resource limits from <filename>/etc/limits</filename> and ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SU_NAME</option> (string)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, the command name to display when running \"su -\". For example, if this is defined as \"su\" then a \"ps\" will display the command is \"-su\". If not defined, then \"ps\" would display the name of the shell actually being run, e.g. something like \"-sh\"."
+msgstr ""
+
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid "If <replaceable>yes</replaceable>, the user must be listed as a member of the first gid 0 group in <filename>/etc/group</filename> (called <replaceable>root</replaceable> on most Linux systems) to be able to <command>su</command> to uid 0 accounts. If the group doesn't exist or is empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr ""
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>su</command> activity - in addition to sulog file logging."
+msgstr ""
+
+#: su.1.xml:392(para)
+msgid "On success, <command>su</command> returns the exit value of the command it executed."
+msgstr ""
+
+#: su.1.xml:396(para)
+msgid "If this command was terminated by a signal, <command>su</command> returns the number of this signal plus 128."
+msgstr ""
+
+#: su.1.xml:400(para)
+msgid "If su has to kill the command (because it was asked to terminate, and the command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr ""
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr ""
+
+#: su.1.xml:422(replaceable)
+msgid "126"
+msgstr ""
+
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr ""
+
+#: su.1.xml:428(replaceable)
+msgid "127"
+msgstr ""
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr ""
+
+#: su.1.xml:405(para)
+msgid "Some exit values from <command>su</command> are independent from the executed command: <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:439(para)
+msgid "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+msgstr ""
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr ""
+
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr ""
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr ""
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr ""
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr ""
+
+#: sg.1.xml:82(para)
+msgid "The <command>sg</command> command works similar to <command>newgrp</command> but accepts a command. The command will be executed with the <filename>/bin/sh</filename> shell. With most shells you may run <command>sg</command> from, you need to enclose multi-word commands in quotes. Another difference between <command>newgrp</command> and <command>sg</command> is that some shells treat <command>newgrp</command> specially, replacing themselves with a new instance of a shell that <command>newgrp</command> creates. This doesn't happen with <command>sg</command>, so upon exit from a <command>sg</command> command you are returned to your previous group ID."
+msgstr ""
+
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr ""
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr ""
+
+#: sg.1.xml:141(para)
+msgid "<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition=\"gshadow\">, <citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname) shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname) pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr ""
+
+#: shadow.5.xml:65(refpurpose)
+msgid "shadowed password file"
+msgstr ""
+
+#: shadow.5.xml:70(para)
+msgid "<filename>shadow</filename> is a file which contains the password information for the system's accounts and optional aging information."
+msgstr ""
+
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid "This file must not be readable by regular users if password security is to be maintained."
+msgstr ""
+
+#: shadow.5.xml:81(para)
+msgid "Each line of this file contains 9 fields, separated by colons (<quote>:</quote>), in the following order:"
+msgstr ""
+
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr ""
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr ""
+
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr ""
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid "Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+
+#: shadow.5.xml:103(para)
+msgid "If the password field contains some string that is not a valid result of <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>, for instance ! or *, the user will not be able to use a unix password to log in (but the user may log in the system by other means)."
+msgstr ""
+
+#: shadow.5.xml:110(para)
+msgid "This field may be empty, in which case no passwords are required to authenticate as the specified login name. However, some applications which read the <filename>/etc/shadow</filename> file may decide not to permit any access at all if the password field is empty."
+msgstr ""
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+msgid "A password field which starts with an exclamation mark means that the password is locked. The remaining characters on the line represent the password field before the password was locked."
+msgstr ""
+
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr ""
+
+#: shadow.5.xml:130(para)
+msgid "The date of the last password change, expressed as the number of days since Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:134(para)
+msgid "The value 0 has a special meaning, which is that the user should change her password the next time she will log in the system."
+msgstr ""
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr ""
+
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr ""
+
+#: shadow.5.xml:148(para)
+msgid "The minimum password age is the number of days the user will have to wait before she will be allowed to change her password again."
+msgstr ""
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr ""
+
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr ""
+
+#: shadow.5.xml:162(para)
+msgid "The maximum password age is the number of days after which the user will have to change her password."
+msgstr ""
+
+#: shadow.5.xml:166(para)
+msgid "After this number of days is elapsed, the password may still be valid. The user should be asked to change her password the next time she will log in."
+msgstr ""
+
+#: shadow.5.xml:171(para)
+msgid "An empty field means that there are no maximum password age, no password warning period, and no password inactivity period (see below)."
+msgstr ""
+
+#: shadow.5.xml:176(para)
+msgid "If the maximum password age is lower than the minimum password age, the user cannot change her password."
+msgstr ""
+
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr ""
+
+#: shadow.5.xml:187(para)
+msgid "The number of days before a password is going to expire (see the maximum password age above) during which the user should be warned."
+msgstr ""
+
+#: shadow.5.xml:192(para)
+msgid "An empty field and value 0 mean that there are no password warning period."
+msgstr ""
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr ""
+
+#: shadow.5.xml:203(para)
+msgid "The number of days after a password has expired (see the maximum password age above) during which the password should still be accepted (and the user should update her password during the next login)."
+msgstr ""
+
+#: shadow.5.xml:209(para)
+msgid "After expiration of the password and this expiration period is elapsed, no login is possible using the current user's password. The user should contact her administrator."
+msgstr ""
+
+#: shadow.5.xml:214(para)
+msgid "An empty field means that there are no enforcement of an inactivity period."
+msgstr ""
+
+#: shadow.5.xml:222(emphasis)
+msgid "account expiration date"
+msgstr ""
+
+#: shadow.5.xml:225(para)
+msgid "The date of expiration of the account, expressed as the number of days since Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:229(para)
+msgid "Note that an account expiration differs from a password expiration. In case of an account expiration, the user shall not be allowed to login. In case of a password expiration, the user is not allowed to login using her password."
+msgstr ""
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr ""
+
+#: shadow.5.xml:238(para)
+msgid "The value 0 should not be used as it is interpreted as either an account with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr ""
+
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr ""
+
+#: shadow.5.xml:270(filename)
+msgid "/etc/shadow-"
+msgstr ""
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr ""
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid "Note that this file is used by the tools of the shadow toolsuite, but not by all user and password management tools."
+msgstr ""
+
+#: shadow.5.xml:284(para)
+msgid "<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr ""
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr ""
+
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr ""
+
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr ""
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr ""
+
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr ""
+
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr ""
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr ""
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis) shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ""
+
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr ""
+
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr ""
+
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr ""
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr ""
+
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr ""
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr ""
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr ""
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr ""
+
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr ""
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr ""
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr ""
+
+#: shadow.3.xml:119(para)
+msgid "<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the shadow password file, <filename>/etc/shadow</filename>. The structure in the <emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid "struct spwd {\n      char\t\t*sp_namp; /* user login name */\n      char\t\t*sp_pwdp; /* encrypted password */\n      long int\t\tsp_lstchg; /* last password change */\n      long int\t\tsp_min; /* days until change allowed. */\n      long int\t\tsp_max; /* days before change required */\n      long int\t\tsp_warn; /* days warning for expiration */\n      long int\t\tsp_inact; /* days before account inactive */\n      long int\t\tsp_expire; /* date when account expires */\n      unsigned long int\tsp_flag; /* reserved for future use */\n}\n    "
+msgstr ""
+
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr ""
+
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr ""
+
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr ""
+
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr ""
+
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr ""
+
+#: shadow.3.xml:154(para)
+msgid "sp_warn - days before password is to expire that user is warned of pending password expiration"
+msgstr ""
+
+#: shadow.3.xml:159(para)
+msgid "sp_inact - days after password expires that account is considered inactive and disabled"
+msgstr ""
+
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr ""
+
+#: shadow.3.xml:175(para)
+msgid "<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, <emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</emphasis> returns the next entry from the file, and <emphasis>fgetspent</emphasis> returns the next entry from the given stream, which is assumed to be a file of the proper format. <emphasis>sgetspent</emphasis> returns a pointer to a <emphasis>struct spwd</emphasis> using the provided string as input. <emphasis>getspnam</emphasis> searches from the current position in the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+
+#: shadow.3.xml:188(para)
+msgid "<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used to begin and end, respectively, access to the shadow password file."
+msgstr ""
+
+#: shadow.3.xml:194(para)
+msgid "The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines should be used to insure exclusive access to the <filename>/etc/shadow</filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for the remainder of the initial 15 seconds. Should either attempt fail after a total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both locks are acquired 0 is returned."
+msgstr ""
+
+#: shadow.3.xml:209(para)
+msgid "Routines return NULL if no more entries are available or if an error occurs during processing. Routines which have <emphasis>int</emphasis> as the return value return 0 for success and -1 for failure."
+msgstr ""
+
+#: shadow.3.xml:219(para)
+msgid "These routines may only be used by the superuser as access to the shadow password file is restricted."
+msgstr ""
+
+#: shadow.3.xml:239(para)
+msgid "<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname) pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr ""
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr ""
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr ""
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr ""
+
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr ""
+
+#: pwconv.8.xml:106(para)
+msgid "The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:111(para)
+msgid "<command>pwconv</command> does not work with <option>USE_TCB</option> enabled. To convert to tcb passwords, you should first use <command>pwconv</command> to convert to shadowed passwords by disabling <option>USE_TCB</option> in <filename>login.defs</filename> and then convert to tcb password using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> in <filename>login.defs</filename>.)"
+msgstr ""
+
+#: pwconv.8.xml:121(para)
+msgid "The <command>pwunconv</command> command creates <emphasis remap=\"I\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and <emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:127(para)
+msgid "<command>pwunconv</command> does not work with <option>USE_TCB</option> enabled. You should first switch back from tcb to shadowed passwords using <command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+
+#: pwconv.8.xml:136(para)
+msgid "The <command>grpconv</command> command creates <emphasis remap=\"I\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:142(para)
+msgid "The <command>grpunconv</command> command creates <emphasis remap=\"I\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and <emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:149(para)
+msgid "These four programs all operate on the normal and shadow password and group files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, <filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+
+#: pwconv.8.xml:156(para)
+msgid "Each program acquires the necessary locks before conversion. <command>pwconv</command> and <command>grpconv</command> are similar. First, entries in the shadowed file which don't exist in the main file are removed. Then, shadowed entries which don't have `x' as the password in the main file are updated. Any missing shadowed entries are added. Finally, passwords in the main file are replaced with `x'. These programs can be used for initial conversion as well to update the shadowed file if the main file is edited by hand."
+msgstr ""
+
+#: pwconv.8.xml:167(para)
+msgid "<command>pwconv</command> will use the values of <emphasis remap=\"I\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login.defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+
+#: pwconv.8.xml:176(para)
+msgid "Likewise <command>pwunconv</command> and <command>grpunconv</command> are similar. Passwords in the main file are updated from the shadowed file. Entries which exist in the main file but not in the shadowed file are left alone. Finally, the shadowed file is removed. Some password aging information is lost by <command>pwunconv</command>. It will convert what it can."
+msgstr ""
+
+#: pwconv.8.xml:188(para)
+msgid "The options which apply to the <command>pwconv</command>, <command>pwunconv</command>, <command>grpconv</command>, and <command>grpunconv</command> commands are:"
+msgstr ""
+
+#: pwconv.8.xml:217(para)
+msgid "Errors in the password or group files (such as invalid or duplicate entries) may cause these programs to loop forever or fail in other strange ways. Please run <command>pwck</command> and <command>grpck</command> to correct any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+
+#: pwconv.8.xml:228(para)
+msgid "The following configuration variable in <filename>/etc/login.defs</filename> changes the behavior of <command>grpconv</command> and <command>grpunconv</command>:"
+msgstr ""
+
+#: pwconv.8.xml:236(para)
+msgid "The following configuration variables in <filename>/etc/login.defs</filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+
+#: pwconv.8.xml:263(para)
+msgid "<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></citerefentry><phrase condition=\"tcb\">, <citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr ""
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command) login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr ""
+
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr ""
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle) passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle) passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr ""
+
+#: pwck.8.xml:93(para)
+msgid "The <command>pwck</command> command verifies the integrity of the users and authentication information. It checks that all entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</option> is enabled)</phrase> have the proper format and contain valid data. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors."
+msgstr ""
+
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr ""
+
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr ""
+
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr ""
+
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr ""
+
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr ""
+
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr ""
+
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr ""
+
+#: pwck.8.xml:127(para)
+msgid "<filename>shadow</filename> checks are enabled when a second file parameter is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr ""
+
+#: pwck.8.xml:137(para)
+msgid "every passwd entry has a matching shadow entry, and every shadow entry has a matching passwd entry"
+msgstr ""
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr ""
+
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr ""
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr ""
+
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr ""
+
+#: pwck.8.xml:156(para)
+msgid "The checks for correct number of fields and unique user name are fatal. If the entry has the wrong number of fields, the user will be prompted to delete the entire line. If the user does not answer affirmatively, all further checks are bypassed. An entry with a duplicated user name is prompted for deletion, but the remaining checks will still be made. All other errors are warning and the user is encouraged to run the <command>usermod</command> command to correct the error."
+msgstr ""
+
+#: pwck.8.xml:167(para)
+msgid "The commands which operate on the <filename>/etc/passwd</filename> file are not able to alter corrupted or duplicated entries. <command>pwck</command> should be used in those circumstances to remove the offending entry."
+msgstr ""
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+msgid "The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr ""
+
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr ""
+
+#: pwck.8.xml:194(para)
+msgid "Report errors only. The warnings which do not require any action from the user won't be displayed."
+msgstr ""
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr ""
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr ""
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr ""
+
+#: pwck.8.xml:223(para)
+msgid "Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</filename> by UID."
+msgstr ""
+
+#: pwck.8.xml:227(para)
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr ""
+
+#: pwck.8.xml:234(para)
+msgid "By default, <command>pwck</command> operates on the files <filename>/etc/passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may select alternate files with the <replaceable>passwd</replaceable> and <replaceable>shadow</replaceable> parameters."
+msgstr ""
+
+#: pwck.8.xml:243(para)
+msgid "Note that when <option>USE_TCB</option> is enabled, you cannot specify an alternative <replaceable>shadow</replaceable> file. In future releases, this parameter could be replaced by an alternate TCB directory."
+msgstr ""
+
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr ""
+
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr ""
+
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr ""
+
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr ""
+
+#: pwck.8.xml:336(para)
+msgid "can't sort password files"
+msgstr ""
+
+#: pwck.8.xml:294(para)
+msgid "The <command>pwck</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#: pwck.8.xml:345(para)
+msgid "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr ""
+
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr ""
+
+#: porttime.5.xml:70(para)
+msgid "<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, user names, and permitted login times."
+msgstr ""
+
+#: porttime.5.xml:75(para)
+msgid "Each entry consists of three colon separated fields. The first field is a comma separated list of tty devices, or an asterisk to indicate that all tty devices are matched by this entry. The second field is a comma separated list of user names, or an asterisk to indicated that all user names are matched by this entry. The third field is a comma separated list of permitted access times."
+msgstr ""
+
+#: porttime.5.xml:84(para)
+msgid "Each access time entry consists of zero or more days of the week, abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr ""
+
+#: porttime.5.xml:99(para)
+msgid "The following entry allows access to user <emphasis remap=\"B\">jfh</emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr ""
+
+#: porttime.5.xml:107(para)
+msgid "The following entries allow access only to the users <emphasis>root</emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> at any time. This illustrates how the <filename>/etc/porttime</filename> file is an ordered list of access times. Any other user would match the second entry which does not permit access at any time."
+msgstr ""
+
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid "\n      console:root,oper:Al0000-2400\n      console:*:\n    "
+msgstr ""
+
+#: porttime.5.xml:121(para)
+msgid "The following entry allows access for the user <emphasis>games</emphasis> on any port during non-working hours."
+msgstr ""
+
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr ""
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr ""
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr ""
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr ""
+
+#: passwd.5.xml:70(para)
+msgid "<filename>/etc/passwd</filename> contains one line for each user account, with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr ""
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr ""
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr ""
+
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr ""
+
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr ""
+
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr ""
+
+#: passwd.5.xml:100(para)
+msgid "The encrypted password field may be blank, in which case no password is required to authenticate as the specified login name. However, some applications which read the <filename>/etc/passwd</filename> file may decide not to permit <emphasis>any</emphasis> access at all if the <emphasis>password</emphasis> field is blank. If the <emphasis>password</emphasis> field is a lower-case <quote>x</quote>, then the encrypted password is actually stored in the <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there <emphasis>must</emphasis> be a corresponding line in the <filename>/etc/shadow</filename> file, or else the user account is invalid. If the <emphasis>password</emphasis> field is any other string, then it will be treated as an encrypted password, as specified by <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:119(para)
+msgid "The comment field is used by various system utilities, such as <citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:125(para)
+msgid "The home directory field provides the name of the initial working directory. The <command>login</command> program uses this information to set the value of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+
+#: passwd.5.xml:131(para)
+msgid "The command interpreter field provides the name of the user's command language interpreter, or the name of the initial program to execute. The <command>login</command> program uses this information to set the value of the <envar>$SHELL</envar> environmental variable. If this field is empty, it defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr ""
+
+#: passwd.5.xml:156(filename)
+msgid "/etc/passwd-"
+msgstr ""
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr ""
+
+#: passwd.5.xml:170(para)
+msgid "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr ""
+
+#: passwd.1.xml:89(para)
+msgid "The <command>passwd</command> command changes passwords for user accounts. A normal user may only change the password for his/her own account, while the superuser may change the password for any account. <command>passwd</command> also changes the account or associated password validity period."
+msgstr ""
+
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr ""
+
+#: passwd.1.xml:99(para)
+msgid "The user is first prompted for his/her old password, if one is present. This password is then encrypted and compared against the stored password. The user has only one chance to enter the correct password. The superuser is permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+
+#: passwd.1.xml:107(para)
+msgid "After the password has been entered, password aging information is checked to see if the user is permitted to change the password at this time. If not, <command>passwd</command> refuses to change the password and exits."
+msgstr ""
+
+#: passwd.1.xml:114(para)
+msgid "The user is then prompted twice for a replacement password. The second entry is compared against the first and both are required to match in order for the password to be changed."
+msgstr ""
+
+#: passwd.1.xml:120(para)
+msgid "Then, the password is tested for complexity. As a general guideline, passwords should consist of 6 to 8 characters including one or more characters from each of the following sets:"
+msgstr ""
+
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr ""
+
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr ""
+
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr ""
+
+#: passwd.1.xml:138(para)
+msgid "Care must be taken not to include the system default erase or kill characters. <command>passwd</command> will reject any password which is not suitably complex."
+msgstr ""
+
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr ""
+
+#: passwd.1.xml:148(para)
+msgid "The security of a password depends upon the strength of the encryption algorithm and the size of the key space. The legacy <emphasis>UNIX</emphasis> System encryption method is based on the NBS DES algorithm. More recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). The size of the key space depends upon the randomness of the password which is selected."
+msgstr ""
+
+#: passwd.1.xml:157(para)
+msgid "Compromises in password security normally result from careless password selection or handling. For this reason, you should not select a password which appears in a dictionary or which must be written down. The password should also not be a proper name, your license number, birth date, or street address. Any of these may be used as guesses to violate system security."
+msgstr ""
+
+#: passwd.1.xml:166(para)
+msgid "You can find advice on how to choose a strong password on http://en.wikipedia.org/wiki/Password_strength"
+msgstr ""
+
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr ""
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr ""
+
+#: passwd.1.xml:184(para)
+msgid "This option can be used only with <option>-S</option> and causes show status for all users."
+msgstr ""
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr ""
+
+#: passwd.1.xml:195(para)
+msgid "Delete a user's password (make it empty). This is a quick way to disable a password for an account. It will set the named account passwordless."
+msgstr ""
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr ""
+
+#: passwd.1.xml:207(para)
+msgid "Immediately expire an account's password. This in effect can force a user to change his/her password at the user's next login."
+msgstr ""
+
+#: passwd.1.xml:220(term)
+msgid "<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</replaceable>"
+msgstr ""
+
+#: passwd.1.xml:224(para)
+msgid "This option is used to disable an account after the password has been expired for a number of days. After a user account has had an expired password for <replaceable>INACTIVE</replaceable> days, the user may no longer sign on to the account."
+msgstr ""
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr ""
+
+#: passwd.1.xml:237(para)
+msgid "Indicate password change should be performed only for expired authentication tokens (passwords). The user wishes to keep their non-expired tokens as before."
+msgstr ""
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr ""
+
+#: passwd.1.xml:249(para)
+msgid "Lock the password of the named account. This option disables a password by changing it to a value which matches no possible encrypted value (it adds a ´!´ at the beginning of the password)."
+msgstr ""
+
+#: passwd.1.xml:255(para)
+msgid "Note that this does not disable the account. The user may still be able to login using another authentication token (e.g. an SSH key). To disable the account, administrators should use <command>usermod --expiredate 1</command> (this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr ""
+
+#: passwd.1.xml:269(term)
+msgid "<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</replaceable>"
+msgstr ""
+
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid "Set the minimum number of days between password changes to <replaceable>MIN_DAYS</replaceable>. A value of zero for this field indicates that the user may change his/her password at any time."
+msgstr ""
+
+#: passwd.1.xml:291(term)
+msgid "<option>-r</option>, <option>--repository</option>&nbsp;<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr ""
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr ""
+
+#: passwd.1.xml:317(para)
+msgid "Display account status information. The status information consists of 7 fields. The first field is the user's login name. The second field indicates if the user account has a locked password (L), has no password (NP), or has a usable password (P). The third field gives the date of the last password change. The next four fields are the minimum age, maximum age, warning period, and inactivity period for the password. These ages are expressed in days."
+msgstr ""
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr ""
+
+#: passwd.1.xml:335(para)
+msgid "Unlock the password of the named account. This option re-enables a password by changing the password back to its previous value (to the value before using the <option>-l</option> option)."
+msgstr ""
+
+#: passwd.1.xml:344(term)
+msgid "<option>-w</option>, <option>--warndays</option>&nbsp;<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+
+#: passwd.1.xml:348(para)
+msgid "Set the number of days of warning before a password change is required. The <replaceable>WARN_DAYS</replaceable> option is the number of days prior to the password expiring that a user will be warned that his/her password is about to expire."
+msgstr ""
+
+#: passwd.1.xml:357(term)
+msgid "<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</replaceable>"
+msgstr ""
+
+#: passwd.1.xml:361(para)
+msgid "Set the maximum number of days a password remains valid. After <replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+
+#: passwd.1.xml:373(para)
+msgid "Password complexity checking may vary from site to site. The user is urged to select a password as complex as he or she feels comfortable with."
+msgstr ""
+
+#: passwd.1.xml:378(para)
+msgid "Users may not be able to change their password on a system if NIS is enabled and they are not logged into the NIS server."
+msgstr ""
+
+#: passwd.1.xml:383(para)
+msgid "<command>passwd</command> uses PAM to authenticate users and to change their passwords."
+msgstr ""
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term) gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr ""
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para) gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid "This defines the system default encryption algorithm for encrypting passwords (if no algorithm are specified on the command line)."
+msgstr ""
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para) gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+msgid "It can take one of these values: <replaceable>DES</replaceable> (default), <replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, <replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></phrase>."
+msgstr ""
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para) gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid "Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para) newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para) login.defs.5.xml:47(para) login.defs.5.xml:53(para) login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para) gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para) chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para) chgpasswd.8.xml:62(para)
+msgid "Note: This only affect the generation of group passwords. The generation of user passwords is done by PAM and subject to the PAM configuration. It is recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term) gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr ""
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para) gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid "Indicate if passwords must be encrypted using the MD5-based algorithm. If set to <replaceable>yes</replaceable>, new passwords will be encrypted using the MD5-based algorithm compatible with the one used by recent releases of FreeBSD. It supports passwords of unlimited length and longer salt strings. Set to <replaceable>no</replaceable> if you need to copy encrypted passwords to other systems which don't understand the new algorithm. Default is <replaceable>no</replaceable>."
+msgstr ""
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para) gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid "This variable is superseded by the <option>ENCRYPT_METHOD</option> variable or by any command line option used to configure the encryption algorithm."
+msgstr ""
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para) gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr ""
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr ""
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid "Number of significant characters in the password for crypt(). <option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to <replaceable>yes</replaceable>."
+msgstr ""
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term) gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term) gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para) gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid "When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</replaceable> or <replaceable>SHA512</replaceable>, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)."
+msgstr ""
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para) gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid "With a lot of rounds, it is more difficult to brute forcing the password. But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para) gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid "If not specified, the libc will choose the default number of rounds (5000)."
+msgstr ""
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para) gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr ""
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para) gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid "If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or <option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be used."
+msgstr ""
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para) gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid "If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</option>, the highest value will be used."
+msgstr ""
+
+#: passwd.1.xml:429(filename)
+msgid "/etc/pam.d/passwd"
+msgstr ""
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr ""
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr ""
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr ""
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr ""
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr ""
+
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr ""
+
+#: passwd.1.xml:439(para)
+msgid "The <command>passwd</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#: passwd.1.xml:490(para)
+msgid "<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition=\"no_pam\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname) nologin.8.xml:59(command)
+msgid "nologin"
+msgstr ""
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr ""
+
+#: nologin.8.xml:65(para)
+msgid "The <command>nologin</command> command displays a message that an account is not available and exits non-zero. It is intended as a replacement shell field for accounts that have been disabled."
+msgstr ""
+
+#: nologin.8.xml:70(para)
+msgid "To disable all logins, investigate <citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: nologin.8.xml:79(para)
+msgid "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr ""
+
+#: nologin.8.xml:91(para)
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr ""
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname) newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr ""
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr ""
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr ""
+
+#: newusers.8.xml:97(para)
+msgid "The <command>newusers</command> command reads a <replaceable>file</replaceable> (or the standard input by default) and uses this information to update a set of existing users or to create new users. Each line is in the same format as the standard password file (see <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>) with the exceptions explained below:"
+msgstr ""
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr ""
+
+#: newusers.8.xml:110(emphasis)
+msgid "pw_name"
+msgstr ""
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr ""
+
+#: newusers.8.xml:116(para)
+msgid "It can be the name of a new user or the name of an existing user (or a user created before by <command>newusers</command>). In case of an existing user, the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr ""
+
+#: newusers.8.xml:130(para)
+msgid "This field will be encrypted and used as the new value of the encrypted password."
+msgstr ""
+
+#: newusers.8.xml:138(emphasis)
+msgid "pw_uid"
+msgstr ""
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr ""
+
+#: newusers.8.xml:144(para)
+msgid "If the field is empty, a new (unused) UID will be defined automatically by <command>newusers</command>."
+msgstr ""
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr ""
+
+#: newusers.8.xml:152(para)
+msgid "If this field contains the name of an existing user (or the name of a user created before by <command>newusers</command>), the UID of the specified user will be used."
+msgstr ""
+
+#: newusers.8.xml:158(para)
+msgid "If the UID of an existing user is changed, the files ownership of the user's file should be fixed manually."
+msgstr ""
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr ""
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr ""
+
+#: newusers.8.xml:172(para)
+msgid "If this field contains the name of an existing group (or a group created before by <command>newusers</command>), the GID of this group will be used as the primary group ID for the user."
+msgstr ""
+
+#: newusers.8.xml:178(para)
+msgid "If this field is a number, this number will be used as the primary group ID of the user. If no groups exist with this GID, a new group will be created with this GID, and the name of the user."
+msgstr ""
+
+#: newusers.8.xml:184(para)
+msgid "If this field is empty, a new group will be created with the name of the user and a GID will be automatically defined by <command>newusers</command> to be used as the primary group ID for the user and as the GID for the new group."
+msgstr ""
+
+#: newusers.8.xml:190(para)
+msgid "If this field contains the name of a group which does not exist (and was not created before by <command>newusers</command>), a new group will be created with the specified name and a GID will be automatically defined by <command>newusers</command> to be used as the primary group ID for the user and GID for the new group."
+msgstr ""
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr ""
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr ""
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr ""
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr ""
+
+#: newusers.8.xml:218(para)
+msgid "If this field does not specify an existing directory, the specified directory is created, with ownership set to the user being created or updated and its primary group."
+msgstr ""
+
+#: newusers.8.xml:223(para)
+msgid "If the home directory of an existing user is changed, <command>newusers</command> does not move or copy the content of the old directory to the new location. This should be done manually."
+msgstr ""
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr ""
+
+#: newusers.8.xml:236(para)
+msgid "This field defines the shell of the user. No checks are performed on this field."
+msgstr ""
+
+#: newusers.8.xml:244(para)
+msgid "<command>newusers</command> first tries to create or change all the specified users, and then write these changes to the user or group databases. If an error occurs (except in the final writes to the databases), no changes are committed to the databases."
+msgstr ""
+
+#: newusers.8.xml:250(para)
+msgid "During this first pass, users are created with a locked password (and passwords are not changed for the users which are not created). A second pass is used to update the passwords using PAM. Failures to update a password are reported, but will not stop the other password updates."
+msgstr ""
+
+#: newusers.8.xml:258(para)
+msgid "This command is intended to be used in a large system environment where many accounts are updated at a single time."
+msgstr ""
+
+#: newusers.8.xml:266(para)
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr ""
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr ""
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr ""
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid "The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc support these methods."
+msgstr ""
+
+#: newusers.8.xml:296(para)
+msgid "System users will be created with no aging information in <filename>/etc/shadow</filename>, and their numeric identifiers are chosen in the <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in <filename>login.defs</filename>, instead of <option>UID_MIN</option>-<option>UID_MAX</option> (and their <option>GID</option> counterparts for the creation of groups)."
+msgstr ""
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr ""
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr ""
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid "The value 0 means that the system will choose the default number of rounds for the crypt method (5000)."
+msgstr ""
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid "A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr ""
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid "By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: newusers.8.xml:351(para)
+msgid "The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid "You should make sure the passwords and the encryption method respect the system's password policy."
+msgstr ""
+
+#: newusers.8.xml:430(filename)
+msgid "/etc/pam.d/newusers"
+msgstr ""
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr ""
+
+#: newusers.8.xml:452(para)
+msgid "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition=\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname) newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr ""
+
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr ""
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable) groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr ""
+
+#: newgrp.1.xml:78(para)
+msgid "The <command>newgrp</command> command is used to change the current group ID during a login session. If the optional <option>-</option> flag is given, the user's environment will be reinitialized as though the user had logged in, otherwise the current environment, including current working directory, remains unchanged."
+msgstr ""
+
+#: newgrp.1.xml:86(para)
+msgid "<command>newgrp</command> changes the current real group ID to the named group, or to the default group listed in <filename>/etc/passwd</filename> if no group name is given. <command>newgrp</command> also tries to add the group to the user groupset. If not root, the user will be prompted for a password if she does not have a password (in <filename>/etc/shadow</filename> if this user has an entry in the shadowed password file, or in <filename>/etc/passwd</filename> otherwise) and the group does, or if the user is not listed as a member and the group has a password. The user will be denied access if the group password is empty and the user is not listed as a member."
+msgstr ""
+
+#: newgrp.1.xml:100(para)
+msgid "If there is an entry for this group in <filename>/etc/gshadow</filename>, then the list of members and the password of this group will be taken from this file, otherwise, the entry in <filename>/etc/group</filename> is considered."
+msgstr ""
+
+#: newgrp.1.xml:152(para)
+msgid "<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition=\"gshadow\">, <citerefentry condition=\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname) logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr ""
+
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr ""
+
+#: logoutd.8.xml:76(para)
+msgid "<command>logoutd</command> enforces the login time and port restrictions specified in <filename>/etc/porttime</filename>. <command>logoutd</command> should be started from <filename>/etc/rc</filename>. The <filename>/var/run/utmp</filename> file is scanned periodically and each user name is checked to see if the named user is permitted on the named port at the current time. Any login session which is violating the restrictions in <filename>/etc/porttime</filename> is terminated."
+msgstr ""
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr ""
+
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr ""
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr ""
+
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr ""
+
+#: login.defs.5.xml:135(para)
+msgid "The <filename>/etc/login.defs</filename> file defines the site-specific configuration for the shadow password suite. This file is required. Absence of this file will not prevent system operation, but will probably result in undesirable operation."
+msgstr ""
+
+#: login.defs.5.xml:142(para)
+msgid "This file is a readable text file, each line of the file describing one configuration parameter. The lines consist of a configuration name and value, separated by whitespace. Blank lines and comment lines are ignored. Comments are introduced with a \"#\" pound sign and the pound sign must be the first non-white character of the line."
+msgstr ""
+
+#: login.defs.5.xml:150(para)
+msgid "Parameter values may be of four types: strings, booleans, numbers, and long numbers. A string is comprised of any printable characters. A boolean should be either the value <replaceable>yes</replaceable> or <replaceable>no</replaceable>. An undefined boolean parameter or one with a value other than these will be given a <replaceable>no</replaceable> value. Numbers (both regular and long) may be either decimal values, octal values (precede the value with <replaceable>0</replaceable>) or hexadecimal values (precede the value with <replaceable>0x</replaceable>). The maximum value of the regular and long numeric parameters is machine-dependent."
+msgstr ""
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr ""
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid "If <replaceable>yes</replaceable>, the <command>chfn</command> program will require authentication before making any changes, unless run by the superuser."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid "This parameter specifies which values in the <emphasis remap=\"I\">gecos</emphasis> field of the <filename>/etc/passwd</filename> file may be changed by regular users using the <command>chfn</command> program. It can be any combination of letters <replaceable>f</replaceable>, <replaceable>r</replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, for Full name, Room number, Work phone, and Home phone, respectively. For backward compatibility, <replaceable>yes</replaceable> is equivalent to <replaceable>rwh</replaceable> and <replaceable>no</replaceable> is equivalent to <replaceable>frwh</replaceable>. If not specified, only the superuser can make any changes. The most restrictive setting is better achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid "If <replaceable>yes</replaceable>, the <command>chsh</command> program will require authentication before making any changes, unless run by the superuser."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ERASECHAR</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal ERASE character (<replaceable>010</replaceable> = backspace, <replaceable>0177</replaceable> = DEL)."
+msgstr ""
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para) login.1.xml:37(para)
+msgid "The value can be prefixed \"0\" for an octal value, or \"0x\" for an hexadecimal value."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Delay in seconds before being allowed another attempt after a login failure."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of <filename>/var/log/faillog</filename> login failure info."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If set, <command>login</command> will execute this shell instead of the users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file can inhibit all the usual chatter during the login sequence. If a full pathname is specified, then hushed mode will be enabled if the user's name or shell are found in the file. If not a full pathname, then hushed mode will be enabled if the file exists in the user's home directory."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>KILLCHAR</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr ""
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Note: logging unknown usernames may be a security issue if an user enter her password instead of her login name."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr ""
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid "This will most likely be overridden by PAM, since the default pam_unix module has its own built in of 3 retries. However, this is a safe fallback in case you are using an authentication module that does not enforce PAM_MAXTRIES."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, \":\" delimited list of \"message of the day\" files to be displayed upon login."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, name of file whose presence will inhibit non-root logins. The contents of this file should be a message indicating why logins are inhibited."
+msgstr ""
+
+#: login.defs.5.xml:208(para)
+msgid "<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and <option>PASS_WARN_AGE</option> are only used at the time of account creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking of time restrictions specified in <filename>/etc/porttime</filename>."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYGROUP</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>TTYPERM</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid "The terminal permissions: the login tty will be owned by the <option>TTYGROUP</option> group, and the permissions will be set to <option>TTYPERM</option>."
+msgstr ""
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid "By default, the ownership of the terminal is set to the user's primary group and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid "<option>TTYGROUP</option> can be either the name of a group or a numeric group identifier."
+msgstr ""
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid "If you have a <command>write</command> program which is \"setgid\" to a special group which owns the terminals, define TTYGROUP to the group number and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign TTYPERM to either 622 or 600."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, file which maps tty line to TERM environment parameter. Each line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ULIMIT</option> (number)"
+msgstr ""
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr ""
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr ""
+
+#: login.defs.5.xml:242(para)
+msgid "The following cross references show which programs in the shadow password suite use which parameters."
+msgstr ""
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle) chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr ""
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase) login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr ""
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle) chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr ""
+
+#: login.defs.5.xml:257(para)
+msgid "<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle) chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr ""
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid "ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition=\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle) chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr ""
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr ""
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle) chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr ""
+
+#: login.defs.5.xml:288(para)
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr ""
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle) gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr ""
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle) groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr ""
+
+#: login.defs.5.xml:308(para)
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr ""
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle) groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr ""
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para) login.defs.5.xml:329(para) login.defs.5.xml:336(para) login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr ""
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle) groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr ""
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle) groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr ""
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle) grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr ""
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle) login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command) login.1.xml:118(command)
+msgid "login"
+msgstr ""
+
+#: login.defs.5.xml:356(para)
+msgid "<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME <phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR <phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</phrase> USERGROUPS_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:383(term)
+msgid "newgrp / sg"
+msgstr ""
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:393(para)
+msgid "ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+
+#: login.defs.5.xml:411(para)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:422(para)
+msgid "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:431(para)
+msgid "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:448(para)
+msgid "<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME <phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition=\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:463(term)
+msgid "sulogin"
+msgstr ""
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:474(para)
+msgid "CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:490(para)
+msgid "MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:500(para)
+msgid "MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:519(para)
+msgid "Much of the functionality that used to be provided by the shadow password suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is no longer used by <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by <citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, and <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the corresponding PAM configuration files instead."
+msgstr ""
+
+#: login.defs.5.xml:535(para)
+msgid "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr ""
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr ""
+
+#: login.access.5.xml:71(para)
+msgid "The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, host) combinations and/or (user, tty) combinations for which a login will be either accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:77(para)
+msgid "When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is scanned for the first entry that matches the (user, host) combination, or, in case of non-networked logins, the first entry that matches the (user, tty) combination. The permissions field of that table entry determines whether the login will be accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:85(para)
+msgid "Each line of the login access control table has three fields separated by a \":\" character:"
+msgstr ""
+
+#: login.access.5.xml:90(para)
+msgid "<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+
+#: login.access.5.xml:94(para)
+msgid "The first field should be a \"<emphasis>+</emphasis>\" (access granted) or \"<emphasis>-</emphasis>\" (access denied) character. The second field should be a list of one or more login names, group names, or <emphasis>ALL</emphasis> (always matches). The third field should be a list of one or more tty names (for non-networked logins), host names, domain names (begin with \"<literal>.</literal>\"), host addresses, internet network numbers (end with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or <emphasis>LOCAL</emphasis> (matches any string that does not contain a \"<literal>.</literal>\" character). If you run NIS you can use @netgroupname in host or user patterns."
+msgstr ""
+
+#: login.access.5.xml:108(para)
+msgid "The <emphasis>EXCEPT</emphasis> operator makes it possible to write very compact rules."
+msgstr ""
+
+#: login.access.5.xml:113(para)
+msgid "The group file is searched only when a name does not match that of the logged-in user. Only groups are matched in which users are explicitly listed: the program does not look at a user's primary group id value."
+msgstr ""
+
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr ""
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg) login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr ""
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable) login.1.xml:120(replaceable)
+msgid "host"
+msgstr ""
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr ""
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr ""
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr ""
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr ""
+
+#: login.1.xml:126(para)
+msgid "The <command>login</command> program is used to establish a new session with the system. It is normally invoked automatically by responding to the <emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. <command>login</command> may be special to the shell and may not be invoked as a sub-process. When called from a shell, <command>login</command> should be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause the user to exit from the current shell (and thus will prevent the new logged in user to return to the session of the caller). Attempting to execute <command>login</command> from any shell but the login shell will produce an error message."
+msgstr ""
+
+#: login.1.xml:140(para)
+msgid "The user is then prompted for a password, where appropriate. Echoing is disabled to prevent revealing the password. Only a small number of password failures are permitted before <command>login</command> exits and the communications link is severed."
+msgstr ""
+
+#: login.1.xml:147(para)
+msgid "If password aging has been enabled for your account, you may be prompted for a new password before proceeding. You will be forced to provide your old password and the new password before continuing. Please refer to <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry> for more information."
+msgstr ""
+
+#: login.1.xml:156(para)
+msgid "After a successful login, you will be informed of any system messages and the presence of mail. You may turn off the printing of the system message file, <filename>/etc/motd</filename>, by creating a zero-length file <filename>.hushlogin</filename> in your login directory. The mail message will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to the condition of your mailbox."
+msgstr ""
+
+#: login.1.xml:167(para)
+msgid "Your user and group ID will be set according to their values in the <filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and <envar>$MAIL</envar> are set according to the appropriate fields in the password entry. Ulimit, umask and nice values may also be set according to entries in the GECOS field."
+msgstr ""
+
+#: login.1.xml:176(para)
+msgid "On some installations, the environmental variable <envar>$TERM</envar> will be initialized to the terminal type on your tty line, as specified in <filename>/etc/ttytype</filename>."
+msgstr ""
+
+#: login.1.xml:182(para)
+msgid "An initialization script for your command interpreter may also be executed. Please see the appropriate manual section for more information on this function."
+msgstr ""
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid "The <command>login</command> program is NOT responsible for removing users from the utmp file. It is the responsibility of <citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></citerefentry> and <citerefentry><refentrytitle>init</refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent ownership of a terminal session. If you use <command>login</command> from the shell prompt without <command>exec</command>, the user you use will continue to appear to be logged in even after you log out of the \"subsession\"."
+msgstr ""
+
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr ""
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr ""
+
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr ""
+
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr ""
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr ""
+
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr ""
+
+#: login.1.xml:252(para)
+msgid "The <option>-r</option>, <option>-h</option> and <option>-f</option> options are only used when <command>login</command> is invoked by root."
+msgstr ""
+
+#: login.1.xml:261(para)
+msgid "This version of <command>login</command> has many compilation options, only some of which may be in use at any particular site."
+msgstr ""
+
+#: login.1.xml:266(para)
+msgid "The location of files is subject to differences in system configuration."
+msgstr ""
+
+#: login.1.xml:282(para)
+msgid "As with any program, <command>login</command>'s appearance can be faked. If non-trusted users have physical access to a machine, an attacker could use this to obtain the password of the next person coming to sit in front of the machine. Under Linux, the SAK mechanism can be used by users to initiate a trusted path and prevent this kind of attack."
+msgstr ""
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr ""
+
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr ""
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr ""
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr ""
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr ""
+
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr ""
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr ""
+
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr ""
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr ""
+
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr ""
+
+#: login.1.xml:399(para)
+msgid "<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr ""
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr ""
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr ""
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr ""
+
+#: limits.5.xml:73(para)
+msgid "The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</filename> by default or LIMITS_FILE defined <filename>config.h</filename>) describes the resource limits you wish to impose. It should be owned by root and readable by root account only."
+msgstr ""
+
+#: limits.5.xml:81(para)
+msgid "By default no quota is imposed on 'root'. In fact, there is no way to impose limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr ""
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr ""
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr ""
+
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr ""
+
+#: limits.5.xml:99(para)
+msgid "The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of resource limits. Each limit consists of a letter identifier followed by a numerical limit."
+msgstr ""
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr ""
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr ""
+
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr ""
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr ""
+
+#: limits.5.xml:111(para)
+msgid "F: maximum file size (KB)"
+msgstr ""
+
+#: limits.5.xml:112(para)
+msgid "K: file creation mask, set by <citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr ""
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr ""
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr ""
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr ""
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr ""
+
+#: limits.5.xml:123(para)
+msgid "P: process priority, set by <citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr ""
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr ""
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr ""
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr ""
+
+#: limits.5.xml:134(para)
+msgid "For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid <emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following entries are equivalent:"
+msgstr ""
+
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid "\n      username L2D2048N5\n      username L2 D2048 N5\n    "
+msgstr ""
+
+#: limits.5.xml:145(para)
+msgid "Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of the line is considered a limit string, thus comments are not allowed. An invalid limits string will be rejected (not considered) by the <command>login</command> program."
+msgstr ""
+
+#: limits.5.xml:152(para)
+msgid "The default entry is denoted by username \"<emphasis>*</emphasis>\". If you have multiple <emphasis remap=\"I\">default</emphasis> entries in your <emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the default entry."
+msgstr ""
+
+#: limits.5.xml:159(para)
+msgid "The limits specified in the form \"<replaceable>@group</replaceable>\" apply to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+
+#: limits.5.xml:165(para)
+msgid "If more than one line with limits for a user exist, only the first line for this user will be considered."
+msgstr ""
+
+#: limits.5.xml:170(para)
+msgid "If no lines are specified for a user, the last <replaceable>@group</replaceable> line matching a group whose the user is a member of will be considered, or the last line with default limits if no groups contain the user."
+msgstr ""
+
+#: limits.5.xml:177(para)
+msgid "To completely disable limits for a user, a single dash \"<emphasis>-</emphasis>\" will do."
+msgstr ""
+
+#: limits.5.xml:182(para)
+msgid "To disable a limit for a user, a single dash \"<replaceable>-</replaceable>\" can be used instead of the numerical value for this limit."
+msgstr ""
+
+#: limits.5.xml:188(para)
+msgid "Also, please note that all limit settings are set PER LOGIN. They are not global, nor are they permanent. Perhaps global limits will come, but for now this will have to do ;)"
+msgstr ""
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr ""
+
+#: limits.5.xml:207(para)
+msgid "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname) lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr ""
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr ""
+
+#: lastlog.8.xml:80(para)
+msgid "<command>lastlog</command> formats and prints the contents of the last login log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</emphasis> will be printed. The default (no flags) causes lastlog entries to be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr ""
+
+#: lastlog.8.xml:97(term)
+msgid "<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</replaceable>"
+msgstr ""
+
+#: lastlog.8.xml:101(para)
+msgid "Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+
+#: lastlog.8.xml:107(term)
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr ""
+
+#: lastlog.8.xml:111(para)
+msgid "Clear lastlog record of a user. This option can be used only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:138(term)
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr ""
+
+#: lastlog.8.xml:142(para)
+msgid "Set lastlog record of a user to the current time. This option can be used only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid "<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</replaceable>"
+msgstr ""
+
+#: lastlog.8.xml:153(para)
+msgid "Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+msgid "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+
+#: lastlog.8.xml:164(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr ""
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid "The users can be specified by a login name, a numerical user ID, or a <replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</replaceable> of users can be specified with a min and max values (<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+
+#: lastlog.8.xml:179(para)
+msgid "If the user has never logged in the message <emphasis>** Never logged in**</emphasis> will be displayed instead of the port and time."
+msgstr ""
+
+#: lastlog.8.xml:184(para)
+msgid "Only the entries for the current users of the system will be displayed. Other entries may exist for users that were deleted previously."
+msgstr ""
+
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title) chage.1.xml:231(title)
+msgid "NOTE"
+msgstr ""
+
+#: lastlog.8.xml:193(para)
+msgid "The <filename>lastlog</filename> file is a database which contains info on the last login of each user. You should not rotate it. It is a sparse file, so its size on the disk is usually much smaller than the one shown by \"<command>ls -l</command>\" (which can indicate a really big file if you have in <filename>passwd</filename> users with a high UID). You can display its real size with \"<command>ls -s</command>\"."
+msgstr ""
+
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr ""
+
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr ""
+
+#: lastlog.8.xml:217(para)
+msgid "Large gaps in UID numbers will cause the lastlog program to run longer with no output to the screen (i.e. if in lastlog database there is no entries for users with UID between 170 and 800 lastlog will appear to hang as it processes entries with UIDs 171-799)."
+msgstr ""
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr ""
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr ""
+
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr ""
+
+#: gshadow.5.xml:59(para)
+msgid "<filename>/etc/gshadow</filename> contains the shadowed information for group accounts."
+msgstr ""
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr ""
+
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr ""
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr ""
+
+#: gshadow.5.xml:90(para)
+msgid "If the password field contains some string that is not a valid result of <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></citerefentry>, for instance ! or *, users will not be able to use a unix password to access the group (but group members do not need the password)."
+msgstr ""
+
+#: gshadow.5.xml:97(para)
+msgid "The password is used when a user who is not a member of the group wants to gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+
+#: gshadow.5.xml:103(para)
+msgid "This field may be empty, in which case only the group members can gain the group permissions."
+msgstr ""
+
+#: gshadow.5.xml:113(para)
+msgid "This password supersedes any password specified in <filename>/etc/group</filename>."
+msgstr ""
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr ""
+
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr ""
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr ""
+
+#: gshadow.5.xml:130(para)
+msgid "Administrators also have the same permissions as the members (see below)."
+msgstr ""
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr ""
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr ""
+
+#: gshadow.5.xml:146(para)
+msgid "You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+
+#: gshadow.5.xml:175(para)
+msgid "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>grpconv</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+msgstr ""
+
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr ""
+
+#: grpck.8.xml:84(para)
+msgid "The <command>grpck</command> command verifies the integrity of the groups information. It checks that all entries in <filename>/etc/group</filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</filename></phrase> have the proper format and contain valid data. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors."
+msgstr ""
+
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr ""
+
+#: grpck.8.xml:104(para)
+msgid "a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/group</filename> only)</phrase>"
+msgstr ""
+
+#: grpck.8.xml:111(para)
+msgid "a valid list of members <phrase condition=\"gshadow\"> and administrators</phrase>"
+msgstr ""
+
+#: grpck.8.xml:117(para)
+msgid "a corresponding entry in the <filename>/etc/gshadow</filename> file (respectively <filename>/etc/group</filename> for the <filename>gshadow</filename> checks)"
+msgstr ""
+
+#: grpck.8.xml:125(para)
+msgid "The checks for correct number of fields and unique group name are fatal. If an entry has the wrong number of fields, the user will be prompted to delete the entire line. If the user does not answer affirmatively, all further checks are bypassed. An entry with a duplicated group name is prompted for deletion, but the remaining checks will still be made. All other errors are warnings and the user is encouraged to run the <command>groupmod</command> command to correct the error."
+msgstr ""
+
+#: grpck.8.xml:136(para)
+msgid "The commands which operate on the <filename>/etc/group</filename><phrase condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and <filename>/etc/gshadow</filename> files</phrase> are not able to alter corrupted or duplicated entries. <command>grpck</command> should be used in those circumstances to remove the offending entries."
+msgstr ""
+
+#: grpck.8.xml:152(para)
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr ""
+
+#: grpck.8.xml:165(para)
+msgid "Execute the <command>grpck</command> command in read-only mode. This causes all questions regarding changes to be answered <emphasis>no</emphasis> without user intervention."
+msgstr ""
+
+#: grpck.8.xml:187(para)
+msgid "Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+
+#: grpck.8.xml:196(para)
+msgid "By default, <command>grpck</command> operates on <filename>/etc/group</filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</filename></phrase>. The user may select alternate files with the <emphasis remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</emphasis> parameters.</phrase>"
+msgstr ""
+
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr ""
+
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr ""
+
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr ""
+
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr ""
+
+#: grpck.8.xml:246(para)
+msgid "The <command>grpck</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#: grpck.8.xml:291(para)
+msgid "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition=\"gshadow\"><citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname) groups.1.xml:70(command)
+msgid "groups"
+msgstr ""
+
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr ""
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr ""
+
+#: groups.1.xml:79(para)
+msgid "The <command>groups</command> command displays the current group names or ID values. If the value does not have a corresponding entry in <filename>/etc/group</filename>, the value will be displayed as the numerical group value. The optional <emphasis remap=\"I\">user</emphasis> parameter will display the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+
+#: groups.1.xml:91(para)
+msgid "Systems which do not support concurrent group sets will have the information from <filename>/etc/group</filename> reported. The user must use <command>newgrp</command> or <command>sg</command> to change his current real and effective group ID."
+msgstr ""
+
+#: groups.1.xml:113(para)
+msgid "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>getgid</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr ""
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr ""
+
+#: groupmod.8.xml:81(para)
+msgid "The <command>groupmod</command> command modifies the definition of the specified <replaceable>GROUP</replaceable> by modifying the appropriate entry in the group database."
+msgstr ""
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr ""
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid "<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</replaceable>"
+msgstr ""
+
+#: groupmod.8.xml:100(para)
+msgid "The group ID of the given <replaceable>GROUP</replaceable> will be changed to <replaceable>GID</replaceable>."
+msgstr ""
+
+#: groupmod.8.xml:104(para)
+msgid "The value of <replaceable>GID</replaceable> must be a non-negative decimal integer. This value must be unique, unless the <option>-o</option> option is used."
+msgstr ""
+
+#: groupmod.8.xml:110(para)
+msgid "Users who use the group as primary group will be updated to keep the group as their primary group."
+msgstr ""
+
+#: groupmod.8.xml:114(para)
+msgid "Any files that have the old group ID and must continue to belong to <replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+
+#: groupmod.8.xml:120(para)
+msgid "No checks will be performed with regard to the <option>GID_MIN</option>, <option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or <option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: groupmod.8.xml:135(term)
+msgid "<option>-n</option>, <option>--new-name</option>&nbsp;<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+
+#: groupmod.8.xml:139(para)
+msgid "The name of the group will be changed from <replaceable>GROUP</replaceable> to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+
+#: groupmod.8.xml:150(para)
+msgid "When used with the <option>-g</option> option, allow to change the group <replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr ""
+
+#: groupmod.8.xml:236(para)
+msgid "The <command>groupmod</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#: groupmod.8.xml:287(para)
+msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr ""
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr ""
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr ""
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr ""
+
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr ""
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr ""
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr ""
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr ""
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr ""
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr ""
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr ""
+
+#: groupmems.8.xml:86(para)
+msgid "The <command>groupmems</command> command allows a user to administer his/her own group membership list without the requirement of superuser privileges. The <command>groupmems</command> utility is for systems that configure its users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+
+#: groupmems.8.xml:94(para)
+msgid "Only the superuser, as administrator, can use <command>groupmems</command> to alter the memberships of other groups."
+msgstr ""
+
+#: groupmems.8.xml:101(para)
+msgid "The options which apply to the <command>groupmems</command> command are:"
+msgstr ""
+
+#: groupmems.8.xml:107(term)
+msgid "<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</replaceable>"
+msgstr ""
+
+#: groupmems.8.xml:109(para)
+msgid "Add a user to the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para) groupmems.8.xml:157(para)
+msgid "If the <filename>/etc/gshadow</filename> file exist, and the group has no entry in the <filename>/etc/gshadow</filename> file, a new entry will be created."
+msgstr ""
+
+#: groupmems.8.xml:118(term)
+msgid "<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</replaceable>"
+msgstr ""
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:121(para)
+msgid "If the <filename>/etc/gshadow</filename> file exist, the user will be removed from the list of members and administrators of the group."
+msgstr ""
+
+#: groupmems.8.xml:134(term)
+msgid "<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</replaceable>"
+msgstr ""
+
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr ""
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr ""
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:154(term)
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr ""
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr ""
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr ""
+
+#: groupmems.8.xml:181(para)
+msgid "The <command>groupmems</command> executable should be in mode <literal>2770</literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</emphasis>. The system administrator can add users to group <emphasis>groups</emphasis> to allow or disallow them using the <command>groupmems</command> utility to manage their own group membership list."
+msgstr ""
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid "\n\t$ groupadd -r groups\n\t$ chmod 2770 groupmems\n\t$ chown root.groups groupmems\n\t$ groupmems -g groups -a gk4\n    "
+msgstr ""
+
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr ""
+
+#: groupmems.8.xml:230(para)
+msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr ""
+
+#: groupdel.8.xml:81(para)
+msgid "The <command>groupdel</command> command modifies the system account files, deleting all entries that refer to <replaceable>GROUP</replaceable>. The named group must exist."
+msgstr ""
+
+#: groupdel.8.xml:89(para)
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr ""
+
+#: groupdel.8.xml:117(para)
+msgid "You may not remove the primary group of any existing user. You must remove the user before you remove the group."
+msgstr ""
+
+#: groupdel.8.xml:121(para)
+msgid "You should manually check all file systems to ensure that no files remain owned by this group."
+msgstr ""
+
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr ""
+
+#: groupdel.8.xml:159(para)
+msgid "The <command>groupdel</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#: groupdel.8.xml:198(para)
+msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr ""
+
+#: groupadd.8.xml:85(para)
+msgid "The <command>groupadd</command> command creates a new group account using the values specified on the command line plus the default values from the system. The new group will be entered into the system files as needed."
+msgstr ""
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr ""
+
+#: groupadd.8.xml:104(para)
+msgid "This option causes the command to simply exit with success status if the specified group already exists. When used with <option>-g</option>, and the specified GID already exists, another (unique) GID is chosen (i.e. <option>-g</option> is turned off)."
+msgstr ""
+
+#: groupadd.8.xml:118(para)
+msgid "The numerical value of the group's ID. This value must be unique, unless the <option>-o</option> option is used. The value must be non-negative. The default is to use the smallest ID value greater than or equal to <option>GID_MIN</option> and greater than every other group."
+msgstr ""
+
+#: groupadd.8.xml:124(para)
+msgid "See also the <option>-r</option> option and the <option>GID_MAX</option> description."
+msgstr ""
+
+#: groupadd.8.xml:141(para)
+msgid "Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+
+#: groupadd.8.xml:146(para)
+msgid "Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+
+#: groupadd.8.xml:150(para)
+msgid "Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr ""
+
+#: groupadd.8.xml:192(para)
+msgid "Create a system group."
+msgstr ""
+
+#: groupadd.8.xml:195(para)
+msgid "The numeric identifiers of new system groups are chosen in the <option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in <filename>login.defs</filename>, instead of <option>GID_MIN</option>-<option>GID_MAX</option>."
+msgstr ""
+
+#: groupadd.8.xml:258(para)
+msgid "Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes. They can end with a dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr ""
+
+#: groupadd.8.xml:267(para)
+msgid "You may not add a NIS or LDAP group. This must be performed on the corresponding server."
+msgstr ""
+
+#: groupadd.8.xml:271(para)
+msgid "If the groupname already exists in an external group database such as NIS or LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr ""
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr ""
+
+#: groupadd.8.xml:280(para)
+msgid "The <command>groupadd</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#: groupadd.8.xml:325(para)
+msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr ""
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr ""
+
+#: gpasswd.1.xml:71(phrase)
+msgid "administer <placeholder-1/>"
+msgstr ""
+
+#: gpasswd.1.xml:74(phrase)
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr ""
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+msgid "option"
+msgstr ""
+
+#: gpasswd.1.xml:95(para)
+msgid "The <command>gpasswd</command> command is used to administer <filename>/etc/group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</filename></phrase>. Every group can have <phrase condition=\"gshadow\">administrators,</phrase> members and a password."
+msgstr ""
+
+#: gpasswd.1.xml:103(para)
+msgid "System administrators can use the <option>-A</option> option to define group administrator(s) and the <option>-M</option> option to define members. They have all rights of group administrators and members."
+msgstr ""
+
+#: gpasswd.1.xml:108(para)
+msgid "<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group administrator</phrase><phrase condition=\"no_gshadow\">a system administrator</phrase> with a group name only prompts for the new password of the <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:115(para)
+msgid "If a password is set the members can still use <citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr ""
+
+#: gpasswd.1.xml:124(para)
+msgid "Group passwords are an inherent security problem since more than one person is permitted to know the password. However, groups are a useful tool for permitting co-operation between different users."
+msgstr ""
+
+#: gpasswd.1.xml:135(para)
+msgid "Except for the <option>-A</option> and <option>-M</option> options, the options cannot be combined."
+msgstr ""
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr ""
+
+#: gpasswd.1.xml:142(para)
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr ""
+
+#: gpasswd.1.xml:147(term)
+msgid "<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</replaceable>"
+msgstr ""
+
+#: gpasswd.1.xml:151(para)
+msgid "Add the <replaceable>user</replaceable> to the named <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:160(term)
+msgid "<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</replaceable>"
+msgstr ""
+
+#: gpasswd.1.xml:164(para)
+msgid "Remove the <replaceable>user</replaceable> from the named <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:181(term)
+msgid "<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>"
+msgstr ""
+
+#: gpasswd.1.xml:195(term)
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr ""
+
+#: gpasswd.1.xml:199(para)
+msgid "Remove the password from the named <replaceable>group</replaceable>. The group password will be empty. Only group members will be allowed to use <command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:211(term)
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr ""
+
+#: gpasswd.1.xml:215(para)
+msgid "Restrict the access to the named <replaceable>group</replaceable>. The group password is set to \"!\". Only group members with a password will be allowed to use <command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:227(term)
+msgid "<option>-A</option>, <option>--administrators</option>&nbsp;<replaceable>user</replaceable>,..."
+msgstr ""
+
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr ""
+
+#: gpasswd.1.xml:239(term)
+msgid "<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</replaceable>,..."
+msgstr ""
+
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr ""
+
+#: gpasswd.1.xml:253(para)
+msgid "This tool only operates on the <filename>/etc/group</filename><phrase condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot change any NIS or LDAP group. This must be performed on the corresponding server."
+msgstr ""
+
+#: gpasswd.1.xml:298(para)
+msgid "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition=\"gshadow\">, <citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname) faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle) faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr ""
+
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr ""
+
+#: faillog.8.xml:79(para)
+msgid "<command>faillog</command> displays the contents of the failure log database (<filename>/var/log/faillog</filename>). It can also set the failure counters and limits. When <command>faillog</command> is run without arguments, it only displays the faillog records of the users who had a login failure."
+msgstr ""
+
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr ""
+
+#: faillog.8.xml:98(para)
+msgid "Display (or act on) faillog records for all users having an entry in the <filename>faillog</filename> database."
+msgstr ""
+
+#: faillog.8.xml:102(para)
+msgid "The range of users can be restricted with the <option>-u</option> option."
+msgstr ""
+
+#: faillog.8.xml:106(para)
+msgid "In display mode, this is still restricted to existing users but forces the display of the faillog entries even if they are empty."
+msgstr ""
+
+#: faillog.8.xml:111(para)
+msgid "With the <option>-l</option>, <option>-m</option>, <option>-r</option>, <option>-t</option> options, the users' records are changed, even if the user does not exist on the system. This is useful to reset records of users that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+
+#: faillog.8.xml:128(term)
+msgid "<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</replaceable>"
+msgstr ""
+
+#: faillog.8.xml:132(para)
+msgid "Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid "Write access to <filename>/var/log/faillog</filename> is required for this option."
+msgstr ""
+
+#: faillog.8.xml:143(term)
+msgid "<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</replaceable>"
+msgstr ""
+
+#: faillog.8.xml:147(para)
+msgid "Set the maximum number of login failures after the account is disabled to <replaceable>MAX</replaceable>."
+msgstr ""
+
+#: faillog.8.xml:151(para)
+msgid "Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not placing a limit on the number of failed logins."
+msgstr ""
+
+#: faillog.8.xml:156(para)
+msgid "The maximum failure count should always be 0 for <emphasis>root</emphasis> to prevent a denial of services attack against the system."
+msgstr ""
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr ""
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr ""
+
+#: faillog.8.xml:195(para)
+msgid "Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr ""
+
+#: faillog.8.xml:206(para)
+msgid "Display faillog record or maintains failure counters and limits (if used with <option>-l</option>, <option>-m</option> or <option>-r</option> options) only for the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:224(para)
+msgid "When none of the <option>-l</option>, <option>-m</option>, or <option>-r</option> options are used, <command>faillog</command> displays the faillog record of the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:233(para)
+msgid "<command>faillog</command> only prints out users with no successful login since the last failure. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the <option>-u</option> flag, or print out all users with the <option>-a</option> flag."
+msgstr ""
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr ""
+
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr ""
+
+#: faillog.8.xml:256(para)
+msgid "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>faillog</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr ""
+
+#: faillog.5.xml:70(para)
+msgid "<filename>/var/log/faillog</filename> maintains a count of login failures and the limits for each account."
+msgstr ""
+
+#: faillog.5.xml:74(para)
+msgid "The file contains fixed length records, indexed by numerical UID. Each record contains the count of login failures since the last successful login; the maximum number of failures before the account is disabled; the line on which the last login failure occurred; the date of the last login failure; and the duration (in seconds) during which the account will be locked after a failure."
+msgstr ""
+
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr ""
+
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid "\nstruct\tfaillog {\n\tshort   fail_cnt;\n\tshort   fail_max;\n\tchar    fail_line[12];\n\ttime_t  fail_time;\n\tlong    fail_locktime;\n};"
+msgstr ""
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib) chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr ""
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname) expiry.1.xml:74(command)
+msgid "expiry"
+msgstr ""
+
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr ""
+
+#: expiry.1.xml:83(para)
+msgid "The <command>expiry</command> command checks (<option>-c</option>) the current password expiration and forces (<option>-f</option>) changes when required. It is callable as a normal user command."
+msgstr ""
+
+#: expiry.1.xml:92(para)
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr ""
+
+#: expiry.1.xml:97(term)
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr ""
+
+#: expiry.1.xml:99(para)
+msgid "Check the password expiration of the current user."
+msgstr ""
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr ""
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr ""
+
+#: chsh.1.xml:85(para)
+msgid "The <command>chsh</command> command changes the user login shell. This determines the name of the user's initial login command. A normal user may only change the login shell for her own account; the superuser may change the login shell for any account."
+msgstr ""
+
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr ""
+
+#: chsh.1.xml:130(para)
+msgid "If the <option>-s</option> option is not selected, <command>chsh</command> operates in an interactive fashion, prompting the user with the current login shell. Enter the new value to change the shell, or leave the line blank to use the current one. The current shell is displayed between a pair of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+
+#: chsh.1.xml:141(para)
+msgid "The only restriction placed on the login shell is that the command name must be listed in <filename>/etc/shells</filename>, unless the invoker is the superuser, and then any value may be added. An account with a restricted login shell may not change her login shell. For this reason, placing <filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is discouraged since accidentally changing to a restricted shell would prevent the user from ever changing her login shell back to its original value."
+msgstr ""
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr ""
+
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr ""
+
+#: chsh.1.xml:192(para)
+msgid "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr ""
+
+#: chpasswd.8.xml:83(para)
+msgid "The <command>chpasswd</command> command reads a list of user name and password pairs from standard input and uses this information to update a group of existing users. Each line is of the format:"
+msgstr ""
+
+#: chpasswd.8.xml:88(para)
+msgid "<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</emphasis>"
+msgstr ""
+
+#: chpasswd.8.xml:92(para)
+msgid "By default the passwords must be supplied in clear-text, and are encrypted by <command>chpasswd</command>. Also the password age will be updated, if present."
+msgstr ""
+
+#: chpasswd.8.xml:97(para)
+msgid "The default encryption algorithm can be defined for the system with the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables of <filename>/etc/login.defs</filename>, and can be overwritten with the <option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:105(para)
+msgid "By default, passwords are encrypted by PAM, but (even if not recommended) you can select a different encryption method with the <option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:111(para)
+msgid "<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</phrase><command>chpasswd</command> first updates all the passwords in memory, and then commits all the changes to disk if no errors occurred for any user."
+msgstr ""
+
+#: chpasswd.8.xml:117(para)
+msgid "When PAM is used to encrypt the passwords (and update the passwords in the system database) then if a password cannot be updated <command>chpasswd</command> continues updating the passwords of the next users, and will return an error code on exit."
+msgstr ""
+
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid "This command is intended to be used in a large system environment where many accounts are created at a single time."
+msgstr ""
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr ""
+
+#: chpasswd.8.xml:137(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>&nbsp;<replaceable>METHOD</replaceable>"
+msgstr ""
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr ""
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr ""
+
+#: chpasswd.8.xml:152(para)
+msgid "By default (if none of the <option>-c</option>, <option>-m</option>, or <option>-e</option> options are specified), the encryption method is defined by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr ""
+
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr ""
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr ""
+
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid "Use MD5 encryption instead of DES when the supplied passwords are not encrypted."
+msgstr ""
+
+#: chpasswd.8.xml:200(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</replaceable>"
+msgstr ""
+
+#: chpasswd.8.xml:219(para)
+msgid "By default, the number of rounds is defined by the <option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid "Remember to set permissions or umask to prevent readability of unencrypted files by other users."
+msgstr ""
+
+#: chpasswd.8.xml:276(filename)
+msgid "/etc/pam.d/chpasswd"
+msgstr ""
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr ""
+
+#: chpasswd.8.xml:286(para)
+msgid "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr ""
+
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr ""
+
+#: chgpasswd.8.xml:79(para)
+msgid "The <command>chgpasswd</command> command reads a list of group name and password pairs from standard input and uses this information to update a set of existing groups. Each line is of the format:"
+msgstr ""
+
+#: chgpasswd.8.xml:84(para)
+msgid "<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</emphasis>"
+msgstr ""
+
+#: chgpasswd.8.xml:88(para)
+msgid "By default the supplied password must be in clear-text, and is encrypted by <command>chgpasswd</command>."
+msgstr ""
+
+#: chgpasswd.8.xml:92(para)
+msgid "The default encryption algorithm can be defined for the system with the <option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</filename>, and can be overwritten with the <option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chgpasswd.8.xml:106(para)
+msgid "The options which apply to the <command>chgpasswd</command> command are:"
+msgstr ""
+
+#: chgpasswd.8.xml:238(para)
+msgid "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr ""
+
+#: chfn.1.xml:85(para)
+msgid "The <command>chfn</command> command changes user fullname, office room number, office phone number, and home phone number information for a user's account. This information is typically printed by <citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></citerefentry> and similar programs. A normal user may only change the fields for her own account, subject to the restrictions in <filename>/etc/login.defs</filename>. (The default configuration is to prevent users from changing their fullname.) The superuser may change any field for any account. Additionally, only the superuser may use the <option>-o</option> option to change the undefined portions of the GECOS field."
+msgstr ""
+
+#: chfn.1.xml:99(para)
+msgid "These fields must not contain any colons. Except for the <emphasis remap=\"I\">other</emphasis> field, they should not contain any comma or equal sign. It is also recommended to avoid non-US-ASCII characters, but this is only enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> field is used to store accounting information used by other applications."
+msgstr ""
+
+#: chfn.1.xml:112(para)
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr ""
+
+#: chfn.1.xml:117(term)
+msgid "<option>-f</option>, <option>--full-name</option>&nbsp;<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr ""
+
+#: chfn.1.xml:125(term)
+msgid "<option>-h</option>, <option>--home-phone</option>&nbsp;<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr ""
+
+#: chfn.1.xml:133(term)
+msgid "<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</replaceable>"
+msgstr ""
+
+#: chfn.1.xml:137(para)
+msgid "Change the user's other GECOS information. This field is used to store accounting information used by other applications, and can be changed only by a superuser."
+msgstr ""
+
+#: chfn.1.xml:145(term)
+msgid "<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</replaceable>"
+msgstr ""
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr ""
+
+#: chfn.1.xml:165(term)
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr ""
+
+#: chfn.1.xml:173(term)
+msgid "<option>-w</option>, <option>--work-phone</option>&nbsp;<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr ""
+
+#: chfn.1.xml:181(para)
+msgid "If none of the options are selected, <command>chfn</command> operates in an interactive fashion, prompting the user with the current values for all of the fields. Enter the new value to change the field, or leave the line blank to use the current value. The current value is displayed between a pair of <emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</command> prompts for the current user account."
+msgstr ""
+
+#: chfn.1.xml:226(para)
+msgid "<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr ""
+
+#: chage.1.xml:82(para)
+msgid "The <command>chage</command> command changes the number of days between password changes and the date of the last password change. This information is used by the system to determine when a user must change his/her password."
+msgstr ""
+
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr ""
+
+#: chage.1.xml:97(term)
+msgid "<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</replaceable>"
+msgstr ""
+
+#: chage.1.xml:101(para)
+msgid "Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area)."
+msgstr ""
+
+#: chage.1.xml:109(term)
+msgid "<option>-E</option>, <option>--expiredate</option>&nbsp;<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+
+#: chage.1.xml:113(para)
+msgid "Set the date or number of days since January 1, 1970 on which the user's account will no longer be accessible. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). A user whose account is locked must contact the system administrator before being able to use the system again."
+msgstr ""
+
+#: chage.1.xml:121(para)
+msgid "Passing the number <emphasis remap=\"I\">-1</emphasis> as the <replaceable>EXPIRE_DATE</replaceable> will remove an account expiration date."
+msgstr ""
+
+#: chage.1.xml:135(term)
+msgid "<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</replaceable>"
+msgstr ""
+
+#: chage.1.xml:139(para)
+msgid "Set the number of days of inactivity after a password has expired before the account is locked. The <replaceable>INACTIVE</replaceable> option is the number of days of inactivity. A user whose account is locked must contact the system administrator before being able to use the system again."
+msgstr ""
+
+#: chage.1.xml:146(para)
+msgid "Passing the number <emphasis remap=\"I\">-1</emphasis> as the <replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr ""
+
+#: chage.1.xml:164(term)
+msgid "<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</replaceable>"
+msgstr ""
+
+#: chage.1.xml:176(term)
+msgid "<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</replaceable>"
+msgstr ""
+
+#: chage.1.xml:180(para)
+msgid "Set the maximum number of days during which a password is valid. When <replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> is less than the current day, the user will be required to change his/her password before being able to use his/her account. This occurrence can be planned for in advance by use of the <option>-W</option> option, which provides the user with advance warning."
+msgstr ""
+
+#: chage.1.xml:189(para)
+msgid "Passing the number <emphasis remap=\"I\">-1</emphasis> as <replaceable>MAX_DAYS</replaceable> will remove checking a password's validity."
+msgstr ""
+
+#: chage.1.xml:209(term)
+msgid "<option>-W</option>, <option>--warndays</option>&nbsp;<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+
+#: chage.1.xml:213(para)
+msgid "Set the number of days of warning before a password change is required. The <replaceable>WARN_DAYS</replaceable> option is the number of days prior to the password expiring that a user will be warned his/her password is about to expire."
+msgstr ""
+
+#: chage.1.xml:222(para)
+msgid "If none of the options are selected, <command>chage</command> operates in an interactive fashion, prompting the user with the current values for all of the fields. Enter the new value to change the field, or leave the line blank to use the current value. The current value is displayed between a pair of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+
+#: chage.1.xml:232(para)
+msgid "The <command>chage</command> program requires a shadow password file to be available."
+msgstr ""
+
+#: chage.1.xml:236(para)
+msgid "The <command>chage</command> command is restricted to the root user, except for the <option>-l</option> option, which may be used by an unprivileged user to determine when his/her password or account is due to expire."
+msgstr ""
+
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr ""
+
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr ""
+
+#: chage.1.xml:279(para)
+msgid "The <command>chage</command> command exits with the following values: <placeholder-1/>"
+msgstr ""
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr ""
+
diff --git a/man/po/sv.po b/man/po/sv.po
new file mode 100644
index 0000000..b09740d
--- /dev/null
+++ b/man/po/sv.po
@@ -0,0 +1,9714 @@
+msgid ""
+msgstr ""
+"Project-Id-Version: man pages for shadow 4.0.18\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2013-08-23 01:41+0200\n"
+"Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
+"Language-Team: Swedish <debian-l10n-swedish@lists.debian.org>\n"
+"Language: sv\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr ""
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr ""
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr ""
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr ""
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname)
+#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname)
+#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname)
+#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname)
+#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname)
+#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr ""
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr ""
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib)
+#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib)
+#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib)
+#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib)
+#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib)
+#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib)
+#: chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr ""
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr ""
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname)
+#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname)
+#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname)
+#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname)
+#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname)
+#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname)
+#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr ""
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr ""
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib)
+#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib)
+#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib)
+#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib)
+#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib)
+#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib)
+#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr ""
+
+# Swedish translation of shadow manpage.
+# Copyright (C) 2006 THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the shadow package.
+# Daniel Nylander <po@danielnylander.se>, 2006.
+#
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "Systemhanteringskommandon"
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+#, fuzzy
+#| msgid "shadow"
+msgid "shadow-utils"
+msgstr "shadow"
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr "redigera lösenordet, grupp, skugglösenord eller skuggruppfil"
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable)
+#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable)
+#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable)
+#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable)
+#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable)
+#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable)
+#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "flaggor"
+
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "BESKRIVNING"
+
+#: vipw.8.xml:90(para)
+#, fuzzy
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<command>vipw</command> and <command>vigr</command> redigerar filerna "
+"<filename>/etc/passwd</filename> och <filename>/etc/group</filename>, "
+"respektive. Med flaggan <option>-s</option>, kommer de att redigera "
+"skuggversionerna av dessa filer, <filename>/etc/shadow</filename> och "
+"<filename>/etc/gshadow</filename>, respektive. Programmen kommer att ställa "
+"in de lämpliga lås som behövs för att förhindra att filerna skadas. När de "
+"letar efter en redigerare kommer programmen att första försöka med "
+"miljövariabeln <envar>$VISUAL</envar>, sedan miljövariabeln <envar>$EDITOR</"
+"envar> och till sist standardredigeraren, <citerefentry><refentrytitle>vi</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title)
+#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title)
+#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title)
+#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "FLAGGOR"
+
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr ""
+"Flaggorna som gäller för kommandona <command>vipw</command> och "
+"<command>vigr</command> är:"
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "Redigera gruppdatabasen."
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "Visa hjälpmeddelande och avsluta."
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "Redigera lösenordsdatabasen."
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "Tyst läge."
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HEM_KAT</"
+"replaceable>"
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "Redigera shadow- eller gshadow-databasen."
+
+#: vipw.8.xml:156(term)
+#, fuzzy
+#| msgid "<option>-q</option>, <option>--quiet</option>"
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr ""
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title)
+#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title)
+#: chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr ""
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+#, fuzzy
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+#, fuzzy
+#| msgid ""
+#| "Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#| "manvolnum></citerefentry> for details on how this string is interpreted."
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"Referera till <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> för detaljer om hur "
+"denna sträng tolkas."
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr ""
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr ""
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr ""
+
+#: vipw.8.xml:186(option)
+#, fuzzy
+#| msgid "HYSTORY"
+msgid "EDITOR"
+msgstr "HISTORIK"
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr ""
+
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title)
+#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title)
+#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title)
+#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title)
+#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title)
+#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title)
+#: chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr "FILER"
+
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename)
+#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename)
+#: grpck.8.xml:224(filename) groups.1.xml:103(filename)
+#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename)
+#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename)
+#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename)
+#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "Gruppkontoinformation."
+
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "Säker gruppkontoinformation."
+
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "Användarkontoinformation."
+
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "Säker användarkontoinformation."
+
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "SE OCKSÃ…"
+
+#: vipw.8.xml:226(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>login</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>"
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr ""
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname)
+#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname)
+#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname)
+#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname)
+#: groups.1.xml:40(surname) groupmod.8.xml:41(surname)
+#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname)
+#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname)
+#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname)
+#: chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr ""
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr ""
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "ändra ett användarkonto"
+
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "INLOGGNINGSNAMN"
+
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"Kommandot <command>usermod</command> ändrar systemkontofiler enligt det som "
+"anges på kommandoraden."
+
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>usermod</command> är:"
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--append</option>"
+
+#: usermod.8.xml:104(para)
+#, fuzzy
+#| msgid ""
+#| "Add the user to the supplemental group(s). Use only with <option>-G</"
+#| "option> option."
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr ""
+"Lägg till användaren till tilläggsgrupp(er). Använd endast med flaggan "
+"<option>-G</option>."
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>KOMMENTAR</"
+"replaceable>"
+
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"Det nya värdet för användarens kommentarsfält i lösenordsfilen. Vanligtvis "
+"ändras det med verktyget <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: usermod.8.xml:124(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home-dir</option>&nbsp;"
+#| "<replaceable>HOME_DIR</replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HEM_KAT</"
+"replaceable>"
+
+#: usermod.8.xml:128(para)
+#, fuzzy
+#| msgid "user home directory"
+msgid "The user's new login directory."
+msgstr "användarens hemkatalog"
+
+#: usermod.8.xml:131(para)
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>UTGÃ…NGSDATUM</replaceable>"
+
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr ""
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+#, fuzzy
+#| msgid ""
+#| "Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/"
+#| "shadow</filename> by UID."
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+"Sorterar poster i <filename>/etc/passwd</filename> och <filename>/etc/"
+"shadow</filename> efter UID."
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: usermod.8.xml:164(para)
+#, fuzzy
+#| msgid ""
+#| "The number of days after a password has expired before the account will "
+#| "be disabled."
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr ""
+"Antalet dagar efter att ett lösenord har gått ut innan kontot kommer att "
+"inaktiveras."
+
+#: usermod.8.xml:168(para)
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr ""
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GRUPP</"
+"replaceable>"
+
+#: usermod.8.xml:185(para)
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr ""
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr ""
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr ""
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GRUPP1</"
+"replaceable>[<emphasis remap=\"I\">,GRUPP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GRUPPN</emphasis>]]]"
+
+#: usermod.8.xml:204(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+
+#: usermod.8.xml:211(para)
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+
+#: usermod.8.xml:220(term)
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--login</option>&nbsp;"
+"<replaceable>NYTT_INLOGGNINGSNAMN</replaceable>"
+
+#: usermod.8.xml:224(para)
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+"Lås en användares lösenord. Detta sätter ett \"!\" i början av det "
+"krypterade lösenordet som effektivt inaktiverar lösenordet. Du kan inte "
+"använda denna flagga med <option>-p</option> eller <option>-U</option>."
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+
+#: usermod.8.xml:253(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr ""
+
+#: usermod.8.xml:261(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr "<option>-o</option>, <option>--non-unique</option>"
+
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr ""
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>LÖSENORD</"
+"replaceable>"
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+"Det krypterade lösenordet, som returneras av "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr ""
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SKAL</"
+"replaceable>"
+
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr ""
+
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr ""
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr ""
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr "<option>-U</option>, <option>--unlock</option>"
+
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+"Låser upp en användares lösenord. Detta tar bort det inledande \"!\" i det "
+"krypterade lösenordet. Du kan inte använda denna flagga med <option>-p</"
+"option> eller <option>-L</option>."
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+
+#: usermod.8.xml:384(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>NYCKEL</"
+"replaceable>=<replaceable>VÄRDE</replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+
+#: usermod.8.xml:402(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>NYCKEL</"
+"replaceable>=<replaceable>VÄRDE</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subuids</option> and <option>--add-"
+"subuids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+
+#: usermod.8.xml:422(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>NYCKEL</"
+"replaceable>=<replaceable>VÄRDE</replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+
+#: usermod.8.xml:440(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>NYCKEL</"
+"replaceable>=<replaceable>VÄRDE</replaceable>"
+
+#: usermod.8.xml:444(para)
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subgids</option> and <option>--add-"
+"subgids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+#| "replaceable>"
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SKAL</"
+"replaceable>"
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr ""
+
+#: usermod.8.xml:467(para)
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title)
+#: faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr "TÄNK PÅ"
+
+#: usermod.8.xml:479(para)
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux. On other platforms it only "
+"uses utmp to check if the user is logged in."
+msgstr ""
+
+#: usermod.8.xml:486(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr ""
+
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+#, fuzzy
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr ""
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+#, fuzzy
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+"Om <option>--preserve-environment</option> används, anges skalet med "
+"miljövariabeln <envar>$SHELL</envar>."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr ""
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr ""
+
+#. Note: on HP, split groups have the same ID, but different
+#.                names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr ""
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "GID_MIN (nummer)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "GID_MAX (nummer)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "GID_MIN (nummer)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "UID_MIN (nummer)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "UID_MAX (nummer)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "UID_MIN (nummer)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+"  use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+"  kilos = UID / 1000\n"
+"  use /etc/tcb/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+"  megas = UID / 1000000\n"
+"  kilos = ( UID / megas * 1000000 ) / 1000\n"
+"  use /etc/tcb/:megas/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+"      "
+msgstr ""
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr "/etc/login.defs"
+
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr ""
+
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+#: usermod.8.xml:562(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr "userdel"
+
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr "ta bort ett användarkonto och relaterade filer"
+
+#: userdel.8.xml:85(para)
+#, fuzzy
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+"Kommandot <command>userdel</command> ändrar i systemkontofilerna, tar bort "
+"alla poster som refererar till <emphasis remap=\"I\">login_name</emphasis>. "
+"Den angivna användaren måste finnas."
+
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>userdel</command> är:"
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr "<option>-f</option>, <option>--force</option>"
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr ""
+"<emphasis>Notera:</emphasis> Denna flagga är farlig och kan göra att ditt "
+"system försätts i ett inkonsistent tillstånd."
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+
+#: userdel.8.xml:158(term)
+#, fuzzy
+#| msgid "<option>-q</option>, <option>--quiet</option>"
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr ""
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+#, fuzzy
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr "USERDEL_CMD (sträng)"
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr ""
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+"      "
+msgstr ""
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr "AVSLUTNINGSVÄRDEN"
+
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr "0"
+
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr "lyckad"
+
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum)
+#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr "1"
+
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr "kan inte uppdatera lösenordsfilen"
+
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr "2"
+
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr "ogiltig kommandosyntax"
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr "6"
+
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr "angiven användare finns inte"
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr "användaren är för närvarande inloggad"
+
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr "10"
+
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr "kan inte uppdatera gruppfilen"
+
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr "12"
+
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr "kan inte ta bort hemkatalogen"
+
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>userdel</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr ""
+
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr ""
+"Du får inte ta bort några NIS-attribut på en NIS-klient. Detta måste "
+"genomföras på NIS-servern."
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+
+#: userdel.8.xml:309(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr "useradd"
+
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+"skapa en ny användare eller uppdatera standardinformation för nya användare"
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr "-D"
+
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>useradd</command> är:"
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+
+#: useradd.8.xml:133(para)
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr ""
+
+#: useradd.8.xml:162(term)
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HEM_KAT</"
+"replaceable>"
+
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+
+#: useradd.8.xml:178(term)
+#, fuzzy
+#| msgid "<option>-d</option>, <option>--delete</option>"
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: useradd.8.xml:182(para)
+#, fuzzy
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr "Ändrar standardvärden"
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+
+#: useradd.8.xml:209(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+
+#: useradd.8.xml:228(para)
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+
+#: useradd.8.xml:272(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+#| "replaceable>"
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SKAL</"
+"replaceable>"
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+
+#: useradd.8.xml:281(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr ""
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>NYCKEL</"
+"replaceable>=<replaceable>VÄRDE</replaceable>"
+
+#: useradd.8.xml:301(para)
+#, fuzzy
+#| msgid ""
+#| "Overrides /etc/login.defs defaults (UID_MIN, UID_MAX, UMASK, "
+#| "PASS_MAX_DAYS and others). <placeholder-1/> Example: <option>-K </"
+#| "option>&nbsp;<replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</"
+#| "replaceable> can be used when creating system account to turn off "
+#| "password ageing, even though system account has no password at all. "
+#| "Multiple <option>-K</option> options can be specified, e.g.: <option>-K </"
+#| "option>&nbsp;<replaceable>UID_MIN</replaceable>=<replaceable>100</"
+#| "replaceable>&nbsp;<option>-K</option>&nbsp;<replaceable>UID_MAX</"
+#| "replaceable>=<replaceable>499</replaceable>"
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password aging, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Åsidosätter standardvärden för /etc/login.defs (UID_MIN, UID_MAX, UMASK, "
+"PASS_MAX_DAYS och others). <placeholder-1/> Exempel: <option>-K</"
+"option>&nbsp;<replaceable>LÖSEN_MAX_DAGAR</replaceable>=<replaceable>-1</"
+"replaceable> kan användas när systemkonton skapas för att stänga av "
+"lösenordsåldring, även om systemkontot inte har något lösenord alls. Flera "
+"av flaggan <option>-K</option> kan anges, t.ex.: <option>-K</option>&nbsp;"
+"<replaceable>UID_MIN</replaceable>=<replaceable>100</replaceable>&nbsp;"
+"<option>-K</option>&nbsp;<replaceable>UID_MAX</"
+"replaceable>=<replaceable>499</replaceable>"
+
+#: useradd.8.xml:322(term)
+#, fuzzy
+#| msgid "<option>-l</option>, <option>--list</option>"
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr ""
+
+#: useradd.8.xml:327(para)
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+
+#: useradd.8.xml:353(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+
+#: useradd.8.xml:366(term)
+#, fuzzy
+#| msgid "<option>-g</option>, <option>--group</option>"
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr ""
+
+#: useradd.8.xml:390(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+#, fuzzy
+#| msgid ""
+#| "The encrypted password, as returned by "
+#| "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+"Det krypterade lösenordet, som returneras av "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr ""
+
+#: useradd.8.xml:425(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+
+#: useradd.8.xml:434(para)
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such a user, regardless of the default setting in <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-"
+"m</option> options if you want a home directory for a system account to be "
+"created."
+msgstr ""
+
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+
+#: useradd.8.xml:482(para)
+#, fuzzy
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr ""
+"Flaggorna <option>-r</option>, <option>-h</option> och <option>-f</option> "
+"används endast när <command>login</command> har startats av root."
+
+#: useradd.8.xml:489(term)
+#, fuzzy
+#| msgid "<option>-g</option>, <option>--group</option>"
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr ""
+
+#: useradd.8.xml:510(para)
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr "Ändrar standardvärden"
+
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr "Datumet när användarkontot blir inaktiverat."
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr ""
+"Antalet dagar efter att ett lösenord har gått ut innan kontot kommer att "
+"inaktiveras."
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:579(para)
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr ""
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr "NOTERINGAR"
+
+#: useradd.8.xml:615(para)
+#, fuzzy
+#| msgid ""
+#| "The system administrator is responsible for placing the default user "
+#| "files in the <filename>/etc/skel/</filename> directory."
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+"Systemadministratören är ansvarig för att placera standardanvändarfiler i "
+"katalogen <filename>/etc/skel/</filename>."
+
+#: useradd.8.xml:624(para)
+#, fuzzy
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Du får inte lägga till en användare till en NIS-grupp. Detta måste "
+"genomföras på NIS-servern."
+
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+
+#: useradd.8.xml:635(para)
+#, fuzzy
+#| msgid ""
+#| "Usernames must begin with a lower case letter or an underscore, and only "
+#| "lower case letters, underscores, dashes, and dollar signs may follow. In "
+#| "regular expression terms: [a-z_][a-z0-9_-]*[$]"
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Användarnamn måste börja med en gemen bokstav eller ett understreck och får "
+"endast innehålla gemener, understreck, minustecken och på slutet ett dollar-"
+"tecken. I reguljära uttryckstermer: [a-z_][a-z0-9_-]*[$]"
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr ""
+
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr ""
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+#, fuzzy
+msgid "<option>GID_MAX</option> (number)"
+msgstr "GID_MAX (nummer)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+#, fuzzy
+msgid "<option>GID_MIN</option> (number)"
+msgstr "GID_MIN (nummer)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr "PASS_MAX_DAYS (nummer)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr "PASS_MIN_DAYS (nummer)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr "PASS_WARN_AGE (nummer)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+#, fuzzy
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr "GID_MAX (nummer)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+#, fuzzy
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr "GID_MIN (nummer)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr "UID_MAX (nummer)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#, fuzzy
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr "UID_MIN (nummer)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+#, fuzzy
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>UID_MAX</option> (number)"
+msgstr "UID_MAX (nummer)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#, fuzzy
+msgid "<option>UID_MIN</option> (number)"
+msgstr "UID_MIN (nummer)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+#, fuzzy
+msgid "<option>UMASK</option> (number)"
+msgstr "UMASK (nummer)"
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr ""
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr "Standardvärden för skapande av konto."
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr "Katalog som innehåller standardfiler."
+
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "ogiltigt argument till flagga"
+
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "UID används redan (och inget <option>-o</option>)"
+
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr "angiven grupp finns inte"
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr "användarnamnet används redan"
+
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr "kan inte skapa hemkatalog"
+
+#: useradd.8.xml:794(replaceable)
+#, fuzzy
+#| msgid "1"
+msgid "14"
+msgstr "1"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr ""
+
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>useradd</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#: useradd.8.xml:805(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr ""
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr "suauth"
+
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr "Filformat och konversioner"
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr "detaljerad kontrollfil för su"
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      1) the user su is targeting\n"
+"    "
+msgstr ""
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr ""
+"Filen är i följande format, med de rader som inleds med # behandlas som "
+"kommentarsrader och ignoreras;"
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      to-id:from-id:ACTION\n"
+"    "
+msgstr ""
+"\n"
+"      till-id:från-id:ÅTGÄRD\n"
+"    "
+
+#: suauth.5.xml:101(para)
+#, fuzzy
+#| msgid ""
+#| "Where to-id is either the word <emphasis>ALL</emphasis>, a list of "
+#| "usernames delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> "
+#| "followed by a list of usernames delimited by \",\""
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+"Där till-id är antingen ordet <emphasis>ALL</emphasis>, en lista med "
+"användarnamn separerade med \",\" eller orden <emphasis>ALL EXCEPT</"
+"emphasis> följt av en lista med användarnamn separerade med \",\""
+
+#: suauth.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "from-id is formatted the same as to-id except the extra word "
+#| "<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</"
+#| "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+#| "appears one or more group names, delimited by \",\". It is not sufficient "
+#| "to have primary group id of the relevant group, an entry in "
+#| "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry> is neccessary."
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is necessary."
+msgstr ""
+"från-id är formaterad på samma sätt som till-id förutom att det extra ordet "
+"<emphasis>GROUP</emphasis> känns igen. <emphasis>ALL EXCEPT GROUP</emphasis> "
+"är helt giltigt också. Efterföljande till <emphasis>GROUP</emphasis> kan "
+"vara ett eller flera gruppnamn, separerade med \",\". Det är inte "
+"tillräckligt att ha primärt grupp-id för den relevanta gruppen, en post i "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> är nödvändigt."
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr "Åtgärden kan endast vara en av följande för närvarande stödda flaggor."
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr "DENY"
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr "Försöket att använda su stoppades före ett lösenord har efterfrågats."
+
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr "NOPASS"
+
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr ""
+"Försöket att använda su lyckades helt automatiskt; inget lösenord har "
+"efterfrågats."
+
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr "OWNPASS"
+
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr ""
+"För att su-kommandot ska lyckas måste användaren mata in sitt egna lösenord. "
+"De blir frågade att göra detta."
+
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr "EXEMPEL"
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      # sample /etc/suauth file\n"
+"      #\n"
+"      # A couple of privileged usernames may\n"
+"      # su to root with their own password.\n"
+"      #\n"
+"      root:chris,birddog:OWNPASS\n"
+"      #\n"
+"      # Anyone else may not su to root unless in\n"
+"      # group wheel. This is how BSD does things.\n"
+"      #\n"
+"      root:ALL EXCEPT GROUP wheel:DENY\n"
+"      #\n"
+"      # Perhaps terry and birddog are accounts\n"
+"      # owned by the same person.\n"
+"      # Access can be arranged between them\n"
+"      # with no password.\n"
+"      #\n"
+"      terry:birddog:NOPASS\n"
+"      birddog:terry:NOPASS\n"
+"      #\n"
+"    "
+msgstr ""
+"\n"
+"      # exempelfil för /etc/suauth\n"
+"      #\n"
+"      # Ett par priviligerade användarnamn som \n"
+"      # kan su till root med sina egna lösenord.\n"
+"      #\n"
+"      root:bosse,birddog:OWNPASS\n"
+"      #\n"
+"      # Alla andra kan inte su till root om de inte finns\n"
+"      # gruppen wheel. Det är så BSD gör saker.\n"
+"      #\n"
+"      root:ALL EXCEPT GROUP wheel:DENY\n"
+"      #\n"
+"      # Kanske terry och birddog är konton som\n"
+"      # ägs av samma person.\n"
+"      # Tillgång kan ges mellan dem utan\n"
+"      # lösenord.\n"
+"      #\n"
+"      terry:birddog:NOPASS\n"
+"      birddog:terry:NOPASS\n"
+"      #\n"
+"    "
+
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr "FEL"
+
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr "DIAGNOSTIK"
+
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib)
+#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr ""
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr "su"
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr "Användarkommandon"
+
+#: su.1.xml:82(refpurpose)
+#, fuzzy
+msgid "change user ID or become superuser"
+msgstr "ändra användar-id eller bli superanvändare"
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr "användarnamn"
+
+#: su.1.xml:100(para)
+#, fuzzy
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+"<command>su</command> används för att bli en annan användare under en "
+"inloggningssession. Om det startas utan <option>användarnamn</option>, "
+"väljer <command>su</command> superanvändaren. Det valfria argumentet "
+"<option>-</option> kan användas för att tillhandahålla en miljö som liknar "
+"den som användaren skulle förvänta sig om användaren hade loggat in direkt."
+
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+"Du kan använda argumentet <option>--</option> för att separera flaggorna "
+"till <command>su</command> från de argument som skickas till skalet."
+
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+"Användaren kommer att frågas efter ett lösenord, om det är lämpligt. "
+"Ogiltiga lösenord kommer att ge ett felmeddelande. Alla försök, både giltiga "
+"och ogiltiga, loggas för att detektera misskötsel av systemet."
+
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>su</command> är:"
+
+#: su.1.xml:150(term)
+#, fuzzy
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>KOMMENTAR</"
+"replaceable>"
+
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr "Ange ett kommando som ska startas av skalet med <option>-c</option>."
+
+#: su.1.xml:158(para)
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr ""
+"Tillhandahåll en miljö som liknar den som användaren skulle förvänta sig om "
+"användaren loggat in direkt."
+
+#: su.1.xml:176(para)
+#, fuzzy
+#| msgid ""
+#| "When <option>-</option> is used, it must be specified as the last "
+#| "<command>su</command> option. The other forms (<option>-l</option> and "
+#| "<option>--login</option>) do not have this restriction."
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+"När <option>-</option> används måste den anges som den sista flaggan för "
+"<command>su</command>. De andra formerna (<option>-l</option> och <option>--"
+"login</option>) har inte denna restriktion."
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr "Skalet som ska startas."
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr "Skalet angivet med --shell."
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+"Om <option>--preserve-environment</option> används, anges skalet med "
+"miljövariabeln <envar>$SHELL</envar>."
+
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr ""
+
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr ""
+"<filename>/bin/sh</filename> om ett skal inte kunde hittas med någon "
+"ovanstående metod."
+
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr ""
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr ""
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+
+#: su.1.xml:236(para)
+#, fuzzy
+#| msgid "Preserve the current environment."
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr "Behåll den aktuella miljön."
+
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+"Om målanvändaren har ett begränsat skal har denna flagga ingen effekt "
+"(såvida inte <command>su</command> har startats av root)."
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr ""
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr ""
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Denna version av <command>su</command> har många kompileringsflaggor, kanske "
+"bara några används på specifika system."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>CONSOLE</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr ""
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr ""
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+#, fuzzy
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+#, fuzzy
+#| msgid ""
+#| "The file is formatted like this, with lines starting with a # being "
+#| "treated as comment lines and ignored;"
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr ""
+"Filen är i följande format, med de rader som inleds med # behandlas som "
+"kommentarsrader och ignoreras;"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ENV_PATH</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ENV_TZ</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr ""
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SU_NAME</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+#, fuzzy
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr ""
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr ""
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr ""
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr ""
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr ""
+
+#: su.1.xml:422(replaceable)
+#, fuzzy
+#| msgid "12"
+msgid "126"
+msgstr "12"
+
+#: su.1.xml:424(para)
+#, fuzzy
+#| msgid "execute command as different group ID"
+msgid "The requested command was not found"
+msgstr "kör kommando med annat grupp-id"
+
+#: su.1.xml:428(replaceable)
+#, fuzzy
+#| msgid "12"
+msgid "127"
+msgstr "12"
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr ""
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr ""
+
+#: su.1.xml:439(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>sh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>"
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr "sg"
+
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr "kör kommando med annat grupp-id"
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr "-"
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr "-c"
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr "grupp <placeholder-1/> kommando"
+
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr ""
+
+#: sg.1.xml:141(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>login</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>"
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr "shadow"
+
+#: shadow.5.xml:65(refpurpose)
+#, fuzzy
+#| msgid "the password file"
+msgid "shadowed password file"
+msgstr "lösenordsfilen"
+
+#: shadow.5.xml:70(para)
+#, fuzzy
+#| msgid ""
+#| "<filename>/etc/gshadow</filename> contains the shadowed information for "
+#| "group accounts. It contains lines with the following colon-separated "
+#| "fields:"
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+"<filename>/etc/gshadow</filename> innehåller skuggad gruppkontoinformation. "
+"Den innehåller rader med följande kolonseparerade fält:"
+
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr ""
+"Denna fil får inte vara läsbar av vanliga användare om lösenordssäkerheten "
+"ska upprätthållas."
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr "inloggningsnamn"
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr ""
+
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr "krypterat lösenord"
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+"Referera till <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> för detaljer om hur "
+"denna sträng tolkas."
+
+#: shadow.5.xml:103(para)
+#, fuzzy
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+"Referera till <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> för detaljer om hur "
+"denna sträng tolkas."
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+msgid ""
+"A password field which starts with an exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+
+#: shadow.5.xml:127(emphasis)
+#, fuzzy
+#| msgid "days before password may be changed"
+msgid "date of last password change"
+msgstr "dagar innan lösenordet får ändras"
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:134(para)
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"password the next time she will log in the system."
+msgstr ""
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr ""
+
+#: shadow.5.xml:146(emphasis)
+#, fuzzy
+#| msgid "Password Changes"
+msgid "minimum password age"
+msgstr "Lösenordsändringar"
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr ""
+
+#: shadow.5.xml:160(emphasis)
+#, fuzzy
+#| msgid "Password Changes"
+msgid "maximum password age"
+msgstr "Lösenordsändringar"
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr ""
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr ""
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr ""
+
+#: shadow.5.xml:184(emphasis)
+#, fuzzy
+#| msgid "Password Changes"
+msgid "password warning period"
+msgstr "Lösenordsändringar"
+
+#: shadow.5.xml:187(para)
+#, fuzzy
+#| msgid ""
+#| "The number of days after a password has expired before the account will "
+#| "be disabled."
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr ""
+"Antalet dagar efter att ett lösenord har gått ut innan kontot kommer att "
+"inaktiveras."
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr ""
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr ""
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr ""
+
+#: shadow.5.xml:222(emphasis)
+#, fuzzy
+#| msgid "User account information."
+msgid "account expiration date"
+msgstr "Användarkontoinformation."
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:229(para)
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an account expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr ""
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+
+#: shadow.5.xml:246(emphasis)
+#, fuzzy
+#| msgid "a reserved field"
+msgid "reserved field"
+msgstr "ett reserverat fält"
+
+#: shadow.5.xml:248(para)
+#, fuzzy
+#| msgid "sp_flag - reserved for future use"
+msgid "This field is reserved for future use."
+msgstr "sp_flag - reserverat för framtida användning"
+
+#: shadow.5.xml:270(filename)
+#, fuzzy
+#| msgid "/etc/shadow"
+msgid "/etc/shadow-"
+msgstr "/etc/shadow"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr ""
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+
+#: shadow.5.xml:284(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>"
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr "Biblioteksanrop"
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr "getspnam"
+
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr ""
+
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "SYNTAX"
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr "#include &lt;shadow.h&gt;"
+
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr "struct spwd *getspent();"
+
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr "struct spwd *getspnam(char"
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr "*name"
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ");"
+
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr "void setspent();"
+
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr "void endspent();"
+
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr "struct spwd *fgetspent(FILE"
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr "*fp"
+
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr "struct spwd *sgetspent(char"
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr "*cp"
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr "int putspent(struct spwd"
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr "*p,"
+
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr "FIL"
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr "int lckpwdf();"
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr "int ulckpwdf();"
+
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid ""
+"struct spwd {\n"
+"      char\t\t*sp_namp; /* user login name */\n"
+"      char\t\t*sp_pwdp; /* encrypted password */\n"
+"      long int\t\tsp_lstchg; /* last password change */\n"
+"      long int\t\tsp_min; /* days until change allowed. */\n"
+"      long int\t\tsp_max; /* days before change required */\n"
+"      long int\t\tsp_warn; /* days warning for expiration */\n"
+"      long int\t\tsp_inact; /* days before account inactive */\n"
+"      long int\t\tsp_expire; /* date when account expires */\n"
+"      unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+"    "
+msgstr ""
+
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr "Betydelsen av varje fält är:"
+
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr ""
+
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr ""
+
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr ""
+
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr ""
+
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr "sp_flag - reserverat för framtida användning"
+
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr ""
+
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr "pwconv"
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr "pwunconv"
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr "grpconv"
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr "grpunconv"
+
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr "konvertera till och från skugglösenord och grupper"
+
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+
+#: pwconv.8.xml:188(para)
+#, fuzzy
+#| msgid ""
+#| "The options which apply to the <command>vipw</command> and <command>vigr</"
+#| "command> commands are:"
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+"Flaggorna som gäller för kommandona <command>vipw</command> och "
+"<command>vigr</command> är:"
+
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+
+#: pwconv.8.xml:263(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr ""
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr "pwck"
+
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr "validera integriteten för lösenordsfiler"
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr "passwd"
+
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr "Kontroller görs för att validera att varje post har:"
+
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr "korrekt antal fält"
+
+#: pwck.8.xml:111(para)
+#, fuzzy
+#| msgid "a unique user name"
+msgid "a unique and valid user name"
+msgstr "ett unikt användarnamn"
+
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr "en giltig identifierare för användare och grupp"
+
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr "en giltig primär grupp"
+
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr "en giltig hemkatalog"
+
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr "ett giltigt inloggningsskal"
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr ""
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr ""
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr ""
+
+#: pwck.8.xml:146(para)
+#, fuzzy
+#| msgid "the correct number of fields"
+msgid "shadow entries have the correct number of fields"
+msgstr "korrekt antal fält"
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr ""
+
+#: pwck.8.xml:152(para)
+#, fuzzy
+#| msgid "days before password may be changed"
+msgid "the last password changes are not in the future"
+msgstr "dagar innan lösenordet får ändras"
+
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+#, fuzzy
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr ""
+"Flaggorna <option>-r</option>, <option>-h</option> och <option>-f</option> "
+"används endast när <command>login</command> har startats av root."
+
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>pwck</command> är:"
+
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr ""
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--remove</option>"
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr "Starta kommandot <command>pwck</command> i skrivskyddat läge."
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+#, fuzzy
+#| msgid "<option>-s</option>, <option>--shadow</option>"
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+"Sorterar poster i <filename>/etc/passwd</filename> och <filename>/etc/"
+"shadow</filename> efter UID."
+
+#: pwck.8.xml:227(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+
+#: pwck.8.xml:243(para)
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"parameter could be replaced by an alternate TCB directory."
+msgstr ""
+
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr "en eller flera felaktiga lösenordsposter"
+
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr "kan inte öppna lösenordsfiler"
+
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr "kan inte låsa lösenordsfiler"
+
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr "kan inte uppdatera lösenordsfiler"
+
+#: pwck.8.xml:336(para)
+#, fuzzy
+#| msgid "can't open password files"
+msgid "can't sort password files"
+msgstr "kan inte öppna lösenordsfiler"
+
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>pwck</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#: pwck.8.xml:345(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr "porttime"
+
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr ""
+
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+"<emphasis remap=\"I\">porttime</emphasis> innehåller en lista av tty-"
+"enheter, användarnamn och tillåtna inloggningstider."
+
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "EXEMPEL"
+
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+"Följande post tillåter åtkomst för användaren <emphasis remap=\"B\">jfh</"
+"emphasis> på varje port under veckodagar från 09.00 till 17.00."
+
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr "*:jfh:Wk0900-1700"
+
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+"De följande posterna tillåter åtkomst endast till användarna <emphasis>root</"
+"emphasis> och <emphasis>oper</emphasis> på <filename>/dev/console</filename> "
+"när som helst. Detta illustrerar hur filen <filename>/etc/porttime</"
+"filename> är en ordnad lista för åtkomsttider. Alla andra användare skulle "
+"matcha den andra poster, vilken inte tillåter någon åtkomst oavsett tid."
+
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+msgstr ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+"Fölajnde post tillåter åtkomst för användaren <emphasis>games</emphasis> på "
+"valfri port men inte under arbetstid."
+
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr "*:games:Wk1700-0900,SaSu0000-2400"
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr "/etc/porttime"
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr "Fil som innehåller portåtkomst"
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr "lösenordsfilen"
+
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+"<filename>/etc/passwd</filename> innehåller en rad för varje användarkonto "
+"men sju fält separerade med kolontecken (<quote>:</quote>). Dessa fält är:"
+
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr "valfritt krypterat lösenord"
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr "numeriskt användar-id"
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr "numeriskt grupp-id"
+
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr "användarnamn eller kommentarsfält"
+
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr "användarens hemkatalog"
+
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr ""
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr ""
+
+#: passwd.5.xml:156(filename)
+#, fuzzy
+#| msgid "/etc/passwd"
+msgid "/etc/passwd-"
+msgstr "/etc/passwd"
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr ""
+
+#: passwd.5.xml:170(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr "ändra användarlösenord"
+
+#: passwd.1.xml:89(para)
+#, fuzzy
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+"<command>passwd</command> ändrar lösenord för användarkonton. En vanlig "
+"användare kan endast ändra lösenordet för sitt egna konto men "
+"superanvändaren kan ändra lösenord för alla konton. <command>passwd</"
+"command> ändrar även kontoinformation, såsom det fullständiga namnet för "
+"användaren, användarens inloggningsskal eller hans/hennes utgångsdatum för "
+"lösenordet och intervall."
+
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr "Lösenordsändringar"
+
+#: passwd.1.xml:99(para)
+#, fuzzy
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+"Användaren frågas först efter hans/hennes gamla lösenord, om det finns "
+"något. Detta lösenord krypteras sedan och jämförs mot det lagrade "
+"lösenordet. Användaren har endast en chans att ange det korrekta lösenordet. "
+"Superanvändaren tillåts kringgå detta steg så att bortglömda lösenord kan "
+"ändras."
+
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+"Efter att lösenordet har matats in kontrolleras lösenordets "
+"åldringsinformation för att se om användaren tillåts att ändra lösenord för "
+"tillfället. Om inte, nekar <command>passwd</command> att ändra lösenordet "
+"och avslutas."
+
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+"Användaren frågas sedan två gånger efter ett ersättande lösenord. Den andra "
+"inmatningen jämförs mot den första och båda måste stämma överens för att "
+"lösenordet ska ändras."
+
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+"Sedan testas lösenordet för sin komplexitet. Som en allmän riktlinje bör "
+"lösenord innehålla 6 till 8 tecken och inkluderas ett eller flera tecken "
+"från var och en av följande punkter:"
+
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr "gemena bokstäver ur alfabetet"
+
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr "siffrorna 0 till 9"
+
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr "skiljetecken"
+
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+"Tänk på att inte inkludera systemets standardtecken för radering eller döda. "
+"<command>passwd</command> kommer att neka alla lösenord som inte har lämplig "
+"komplexitet."
+
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr "Tips för användarlösenord"
+
+#: passwd.1.xml:148(para)
+#, fuzzy
+#| msgid ""
+#| "The security of a password depends upon the strength of the encryption "
+#| "algorithm and the size of the key space. The <emphasis>UNIX</emphasis> "
+#| "System encryption method is based on the NBS DES algorithm and is very "
+#| "secure. The size of the key space depends upon the randomness of the "
+#| "password which is selected."
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+"Säkerhet i ett lösenord beror på styrkan på krypteringsalgoritmen och "
+"nyckellängden. Krypteringsmetoden för <emphasis>UNIX-system</emphasis> är "
+"baserad på NBS DES-algoritmen och är mycket säker. Längden på nyckeln är "
+"beroende på slumpmässigheten för det valda lösenordet."
+
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+"Problem i lösenordssäkerheten brukar normalt komma från slarvigt valda "
+"lösenord eller hantering. Av denna anledning bör du inte välja ett lösenord "
+"som finns i en ordbok eller som måste skrivas ner. Lösenordet bör heller "
+"inte vara ett korrekt namn, ditt personnummer, födelsedatum eller "
+"gatuadress. Dessa kan användas som gissningar för att ta sig in i systemet."
+
+#: passwd.1.xml:166(para)
+msgid ""
+"You can find advice on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>passwd</command> är:"
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr ""
+"Denna flagga kan endast användas med <option>-S</option> och gör att status "
+"visas för alla användare."
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+"Ta bort en användares lösenord (gör det blankt). Detta är ett snabbt sätt "
+"att inaktivera ett lösenord för ett konto. Det kommer att ta bort det "
+"angivna kontots lösenord."
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr ""
+"Lösenordet för ett konto sätts omedelbart som utgånget. Detta kan tvinga en "
+"användare att ändra sitt lösenord vid nästa inloggningsförsök."
+
+#: passwd.1.xml:220(term)
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+"Denna flagga används för att inaktivera ett konto efter att lösenordet har "
+"varit utgånget i ett antal dagar. Efter att ett användarkonto har haft ett "
+"utgånget lösenord i <replaceable>INAKTIV</replaceable> dagar får användaren "
+"inte längre logga in med detta konto."
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+#: passwd.1.xml:237(para)
+#, fuzzy
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+"Indikera lösenordsändring bör endast genomföras för utgångna "
+"autentiseringslösenord. Användaren önskar behålla sitt icke-utgångna "
+"lösenord som tidigare."
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr "<option>-l</option>, <option>--lock</option>"
+
+#: passwd.1.xml:249(para)
+#, fuzzy
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+"Lås angivet konto. Denna flagga inaktiverar ett konto genom att ändra "
+"lösenordet till ett värde som inte matchar något möjligt krypterat värde."
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr ""
+
+#: passwd.1.xml:269(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-m</option>, <option>--mindays</option>&nbsp;"
+#| "<replaceable>MIN_DAYS</replaceable>"
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAGAR</"
+"replaceable>"
+
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+"Sätter minimalt antal dagar mellan lösenordsändringar till "
+"<replaceable>MIN_DAGAR</replaceable>. Ett nollvärde för detta fält betyder "
+"att användaren kan ändra sitt lösenord när som helst."
+
+#: passwd.1.xml:291(term)
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--repository</option>&nbsp;<replaceable>FÖRRÅD</"
+"replaceable>"
+
+#: passwd.1.xml:295(para)
+#, fuzzy
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr "ändra lösenord i förrådet <replaceable>FÖRRÅD</replaceable>"
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr "<option>-S</option>, <option>--status</option>"
+
+#: passwd.1.xml:317(para)
+#, fuzzy
+#| msgid ""
+#| "Display account status information. The status information consists of 7 "
+#| "fields. The first field is the user's login name. The second field "
+#| "indicates if the user account is locked (L), has no password (NP), or has "
+#| "a usable password (P). The third field gives the date of the last "
+#| "password change. The next four fields are the minimum age, maximum age, "
+#| "warning period, and inactivity period for the password. These ages are "
+#| "expressed in days."
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+"Visa statusinformation för konto. Statusinformationen innehåller 7 fält. "
+"Första fältet är användarens inloggningsnamn. Det andra fältet indikerar om "
+"användarkontot är låst (L), saknar lösenord (NP) eller har ett användbart "
+"lösenord (P). Det tredje fältet anger datumet för senaste "
+"lösenordsändringen. De nästa fyra fälten är minimal ålder, maximal ålder, "
+"varningsperiod och inaktivitetsperiod för lösenordet. Dessa åldrar anges i "
+"dagar."
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr "<option>-u</option>, <option>--unlock</option>"
+
+#: passwd.1.xml:335(para)
+#, fuzzy
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+"Lås upp angivet konto. Denna flagga återaktiverar ett konto genom att ändra "
+"tillbaka lösenordet till dess tidigare värde (till värdet före användning av "
+"flaggan <option>-l</option>)."
+
+#: passwd.1.xml:344(term)
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>VARN_DAGAR</replaceable>"
+
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+"Sätter antalet dagar för varning före ett lösenord behöver ändras. Flaggan "
+"<replaceable>VARN_DAGAR</replaceable> är antalet dagar före användaren "
+"varnas om att lösenordet är på väg att bli utgånget."
+
+#: passwd.1.xml:357(term)
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAGAR</"
+"replaceable>"
+
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+"Sätter maximalt antal dagar som ett lösenord ska vara giltigt. Efter "
+"<replaceable>MAX_DAGAR</replaceable> krävs det att lösenordet ändras."
+
+#: passwd.1.xml:373(para)
+#, fuzzy
+#| msgid ""
+#| "Not all options may be supported. Password complexity checking may vary "
+#| "from site to site. The user is urged to select a password as complex as "
+#| "he or she feels comfortable with. Users may not be able to change their "
+#| "password on a system if NIS is enabled and they are not logged into the "
+#| "NIS server."
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr ""
+"Inte alla flaggor kanske stöds. Kontroll av lösenordskomplexiteten kan "
+"variera mellan olika system. Användare rekommenderas att välja ett lösenord "
+"som är så komplext som han eller hon känner sig komfortabel med. Användare "
+"kanske inte kan ändra sina lösenord på ett system om NIS är aktiverat och de "
+"inte är inloggade mot NIS-servern."
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr ""
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr ""
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr ""
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+#, fuzzy
+#| msgid ""
+#| "Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable>&nbsp;<option> -K </"
+#| "option>&nbsp;<replaceable>GID_MAX</replaceable>=<replaceable>499</"
+#| "replaceable>"
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+"Exempel: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr ""
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "PASS_WARN_AGE (nummer)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr ""
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+#, fuzzy
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "PASS_MAX_DAYS (nummer)"
+
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+#, fuzzy
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "PASS_MIN_DAYS (nummer)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr ""
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr ""
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr ""
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+
+#: passwd.1.xml:429(filename)
+#, fuzzy
+#| msgid "/etc/passwd"
+msgid "/etc/pam.d/passwd"
+msgstr "/etc/passwd"
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr ""
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "Ã¥tkomst nekad"
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "ogiltig kombination av flaggor"
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr "oväntat fel, ingenting har genomförts"
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr "oväntat fel, filen <filename>passwd</filename> saknas"
+
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr "Filen <filename>passwd</filename> är upptagen, försök igen"
+
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>passwd</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#: passwd.1.xml:490(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr "nologin"
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr "vägra snällt en inloggning"
+
+#: nologin.8.xml:65(para)
+#, fuzzy
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+"<command>nologin</command> visar ett meddelande om att kontot inte är "
+"tillgängligt och avslutas med icke-noll-status. Det är tänkt som ett "
+"ersättande skalfält för konton som har inaktiverats."
+
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"För att inaktivera alla inloggningar, undersök "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: nologin.8.xml:90(title)
+#, fuzzy
+#| msgid "HYSTORY"
+msgid "HISTORY"
+msgstr "HISTORIK"
+
+#: nologin.8.xml:91(para)
+#, fuzzy
+#| msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr "Kommandot <command>nologin</command> dök upp i BSD 4.4."
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr "uppdatera och skapa nya användare satsvis"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr ""
+
+#: newusers.8.xml:97(para)
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr ""
+
+#: newusers.8.xml:110(emphasis)
+#, fuzzy
+#| msgid "group_name"
+msgid "pw_name"
+msgstr "gruppnamn"
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr ""
+
+#: newusers.8.xml:116(para)
+msgid ""
+"It can be the name of a new user or the name of an existing user (or a user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr "pw_passwd"
+
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr ""
+"Detta fält kommer att krypteras och användas som det nya värdet för det "
+"krypterade lösenordet."
+
+#: newusers.8.xml:138(emphasis)
+#, fuzzy
+#| msgid "pw_gid"
+msgid "pw_uid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr ""
+
+#: newusers.8.xml:144(para)
+msgid ""
+"If the field is empty, a new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr ""
+
+#: newusers.8.xml:152(para)
+msgid ""
+"If this field contains the name of an existing user (or the name of a user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr ""
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr ""
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr ""
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr ""
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr "pw_dir"
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr ""
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr ""
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr ""
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr ""
+"Detta kommando är tänkt att användas i större systemmiljöer där många konton "
+"uppdateras på samma gång."
+
+#: newusers.8.xml:266(para)
+#, fuzzy
+#| msgid ""
+#| "The options which apply to the <command>usermod</command> command are:"
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>usermod</command> är:"
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+#, fuzzy
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr ""
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+#, fuzzy
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr ""
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr ""
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr ""
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+"Inmatningsfilen måste skyddas eftersom den innehåller okrypterade lösenord."
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr ""
+
+#: newusers.8.xml:430(filename)
+#, fuzzy
+#| msgid "/etc/passwd"
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/passwd"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr ""
+
+#: newusers.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr "newgrp"
+
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr "logga in i en ny grupp"
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr "grupp"
+
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+
+#: newgrp.1.xml:152(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>"
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr "logoutd"
+
+#: logoutd.8.xml:65(refpurpose)
+#, fuzzy
+#| msgid "Enforce login time restrictions"
+msgid "enforce login time restrictions"
+msgstr "Upprätthåll tidsbegränsningar för inloggningar"
+
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr "/var/run/utmp"
+
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "Lista på aktuella inloggningssessioner."
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr "login.defs"
+
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr ""
+
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr "Följande konfigurationsposter tillhandahålls:"
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+#, fuzzy
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+#, fuzzy
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+#, fuzzy
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ERASECHAR</option> (number)"
+msgstr "UMASK (nummer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "PASS_MIN_DAYS (nummer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>KILLCHAR</option> (number)"
+msgstr "GID_MAX (nummer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr ""
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "GID_MIN (nummer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr ""
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "GID_MAX (nummer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr "CHFN_RESTRICT (sträng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+
+#: login.defs.5.xml:208(para)
+#, fuzzy
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+"PASS_MAX_DAYS, PASS_MIN_DAYS och PASS_WARN_AGE används endast när kontot "
+"skapas. Alla ändringar av dessa inställningar påverkar inte existerande "
+"konton."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr "CHFN_AUTH (boolesk)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+#, fuzzy
+msgid "<option>TTYPERM</option> (string)"
+msgstr "USERDEL_CMD (sträng)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "MAIL_DIR (sträng)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+#, fuzzy
+msgid "<option>ULIMIT</option> (number)"
+msgstr "UID_MIN (nummer)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr ""
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr ""
+
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr ""
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr "chage"
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr ""
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr "chfn"
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr "chgpasswd"
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr "chpasswd"
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr ""
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr "chsh"
+
+#: login.defs.5.xml:288(para)
+#, fuzzy
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr "CHFN_AUTH CHFN_RESTRICT"
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr "gpasswd"
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr "groupadd"
+
+#: login.defs.5.xml:308(para)
+#, fuzzy
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr ""
+"GID_MAX GID_MIN PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UID_MAX UID_MIN "
+"UMASK"
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr "groupdel"
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr ""
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr "groupmems"
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr "groupmod"
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr "grpck"
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr "login"
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:383(term)
+#, fuzzy
+#| msgid "newgrp"
+msgid "newgrp / sg"
+msgstr "newgrp"
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr ""
+
+#: login.defs.5.xml:393(para)
+#, fuzzy
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+"GID_MAX GID_MIN PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UID_MAX UID_MIN "
+"UMASK"
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:431(para)
+#, fuzzy
+#| msgid "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UMASK"
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UMASK"
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:463(term)
+#, fuzzy
+msgid "sulogin"
+msgstr "login"
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:474(para)
+#, fuzzy
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+"GID_MAX GID_MIN PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UID_MAX UID_MIN "
+"UMASK"
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+
+#: login.defs.5.xml:519(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr "login.access"
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr ""
+
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr ""
+
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr ""
+
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr ""
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr "värd"
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr ""
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr "Genomför inte autentisering, användaren är förautentiserad."
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr "-h"
+
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr "Namnet på fjärrvärden för denna inloggning."
+
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr "Behåll miljö."
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr "Genomför automatiskt inloggningsprotokoll för rlogin."
+
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+"Flaggorna <option>-r</option>, <option>-h</option> och <option>-f</option> "
+"används endast när <command>login</command> har startats av root."
+
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr ""
+
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr "Lista på tidigare inloggningssessioner."
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr "Fil för dagens systemmeddelande."
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr "Förhindra icke-rootanvändare från att logga in."
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr "Lista på terminaltyper."
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr "Tysta ner utskrift av systemmeddelanden."
+
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr ""
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr ""
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr "definition av resursbegränsningar"
+
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr "Varje rad beskriver en begränsning för användaren i formatet:"
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr "user LIMITS_STRING"
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr ""
+
+#: limits.5.xml:96(emphasis)
+#, fuzzy
+#| msgid "user LIMITS_STRING"
+msgid "@group LIMITS_STRING"
+msgstr "user LIMITS_STRING"
+
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr "De giltiga identifierarna är:"
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr "A: maximal adressrymd (KB)"
+
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr ""
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr "D: maximal datastorlek (KB)"
+
+#: limits.5.xml:111(para)
+#, fuzzy
+#| msgid "F: maximum filesize (KB)"
+msgid "F: maximum file size (KB)"
+msgstr "F: maximal filstorlek (KB)"
+
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr ""
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr "L: maximalt antal inloggningar för denna användare"
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr ""
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr "N: maximalt antal öppna filer"
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr ""
+
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"P: processprioritet, inställd av <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr ""
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr "S: maximal stackstorlek (KB)"
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr "T: maximal processortid (MIN)"
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr "U: maximalt antal processer"
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      username L2D2048N5\n"
+"      username L2 D2048 N5\n"
+"    "
+msgstr ""
+"\n"
+"      username L2D2048N5\n"
+"      username L2 D2048 N5\n"
+"    "
+
+#: limits.5.xml:145(para)
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. An "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+
+#: limits.5.xml:159(para)
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+
+#: limits.5.xml:165(para)
+msgid ""
+"If more than one line with limits for a user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+
+#: limits.5.xml:170(para)
+msgid ""
+"If no lines are specified for a user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr ""
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr "/etc/limits"
+
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr "lastlog"
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr ""
+
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>lastlog</command> är:"
+
+#: lastlog.8.xml:97(term)
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAGAR</"
+"replaceable>"
+
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+
+#: lastlog.8.xml:107(term)
+#, fuzzy
+#| msgid "<option>-q</option>, <option>--quiet</option>"
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: lastlog.8.xml:111(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"Clear lastlog record of a user. This option can be used only together with "
+"<option>-u</option> (<option>--user</option>))."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: lastlog.8.xml:138(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: lastlog.8.xml:142(para)
+msgid ""
+"Set lastlog record of a user to the current time. This option can be used "
+"only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAGAR</"
+"replaceable>"
+
+#: lastlog.8.xml:153(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr ""
+
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>NYCKEL</"
+"replaceable>=<replaceable>VÄRDE</replaceable>"
+
+#: lastlog.8.xml:164(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr ""
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+
+#: lastlog.8.xml:179(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+
+#: lastlog.8.xml:184(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr "NOTERA"
+
+#: lastlog.8.xml:193(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr "Databastider för tidigare användarinloggningar."
+
+#: lastlog.8.xml:217(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr ""
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr "gshadow"
+
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr "skuggad gruppfil"
+
+#: gshadow.5.xml:59(para)
+#, fuzzy
+#| msgid ""
+#| "<filename>/etc/gshadow</filename> contains the shadowed information for "
+#| "group accounts. It contains lines with the following colon-separated "
+#| "fields:"
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr ""
+"<filename>/etc/gshadow</filename> innehåller skuggad gruppkontoinformation. "
+"Den innehåller rader med följande kolonseparerade fält:"
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr ""
+
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "gruppnamn"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr ""
+
+#: gshadow.5.xml:90(para)
+#, fuzzy
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+"Referera till <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> för detaljer om hur "
+"denna sträng tolkas."
+
+#: gshadow.5.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The new value of the user's password file comment field. It is normally "
+#| "modified using the <citerefentry><refentrytitle>chfn</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgid ""
+"The password is used when a user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"Det nya värdet för användarens kommentarsfält i lösenordsfilen. Vanligtvis "
+"ändras det med verktyget <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>."
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr ""
+
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr ""
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr ""
+
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+#, fuzzy
+#| msgid "comma-separated list of group members"
+msgid "It must be a comma-separated list of user names."
+msgstr "kommaseparerad lista med gruppmedlemmar"
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr ""
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr ""
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr ""
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr ""
+
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+
+#: gshadow.5.xml:175(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#| "citerefentry>, <citerefentry><refentrytitle>group</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr "validera integriteten för gruppfiler"
+
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+
+#: grpck.8.xml:101(para)
+#, fuzzy
+#| msgid "a unique group name"
+msgid "a unique and valid group name"
+msgstr "ett unikt gruppnamn"
+
+#: grpck.8.xml:104(para)
+#, fuzzy
+#| msgid ""
+#| "Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/"
+#| "shadow</filename> by UID."
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+"Sorterar poster i <filename>/etc/passwd</filename> och <filename>/etc/"
+"shadow</filename> efter UID."
+
+#: grpck.8.xml:111(para)
+#, fuzzy
+#| msgid "a valid list of members and administrators"
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr "en giltig lista med medlemmar och administratörer"
+
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+
+#: grpck.8.xml:152(para)
+#, fuzzy
+#| msgid "The options which apply to the <command>pwck</command> command are:"
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>pwck</command> är:"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+
+#: grpck.8.xml:187(para)
+#, fuzzy
+#| msgid ""
+#| "Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/"
+#| "shadow</filename> by UID."
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+"Sorterar poster i <filename>/etc/passwd</filename> och <filename>/etc/"
+"shadow</filename> efter UID."
+
+#: grpck.8.xml:196(para)
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr "en eller flera felaktiga grupposter"
+
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr "kan inte öppna gruppfiler"
+
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr "kan inte låsa gruppfiler"
+
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr "kan inte uppdatera gruppfiler"
+
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>grpck</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#: grpck.8.xml:291(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr "visa aktuella gruppnamn"
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr "användare"
+
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr "ändra en gruppdefinition på systemet"
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "GRUPP"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>groupmod</command> är:"
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmod.8.xml:100(para)
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+
+#: groupmod.8.xml:104(para)
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+
+#: groupmod.8.xml:120(para)
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: groupmod.8.xml:135(term)
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;<replaceable>NY_GRUPP</"
+"replaceable>"
+
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+
+#: groupmod.8.xml:150(para)
+#, fuzzy
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "gruppnamnet används redan"
+
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>groupmod</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#: groupmod.8.xml:287(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr ""
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr ""
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr ""
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr ""
+
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr "administrera medlemmar av en användares primära grupp"
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr "användarnamn"
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr "gruppnamn"
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr "-g <placeholder-1/>"
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+
+#: groupmems.8.xml:94(para)
+#, fuzzy
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+"Endast superanvändaren, som administratör, kan använda <command>groupmems</"
+"command> för att göra ändringar i medlemskap för andra grupper."
+
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>groupmems</command> är:"
+
+#: groupmems.8.xml:107(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#| "replaceable>"
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: groupmems.8.xml:109(para)
+#, fuzzy
+#| msgid "Add a new user to the group membership list."
+msgid "Add a user to the group membership list."
+msgstr "Lägg till en ny användare till gruppens medlemslista."
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+
+#: groupmems.8.xml:118(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAGAR</"
+"replaceable>"
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr "Ta bort en användare från gruppen medlemslista."
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+
+#: groupmems.8.xml:134(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+#| "replaceable>"
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmems.8.xml:136(para)
+#, fuzzy
+msgid "The superuser can specify which group membership list to modify."
+msgstr "Superanvändaren kan ange vilken grupps medlemslista som ska ändras."
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr "Lista gruppens medlemslista."
+
+#: groupmems.8.xml:154(term)
+#, fuzzy
+#| msgid "<option>-e</option>, <option>--expire</option>"
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr "Rensa alla användare från gruppens medlemslista."
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr ""
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+"    "
+msgstr ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+"    "
+
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr "säker gruppkontoinformation"
+
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr "ta bort en grupp"
+
+#: groupdel.8.xml:81(para)
+#, fuzzy
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+"Kommandot <command>userdel</command> ändrar i systemkontofilerna, tar bort "
+"alla poster som refererar till <emphasis remap=\"I\">login_name</emphasis>. "
+"Den angivna användaren måste finnas."
+
+#: groupdel.8.xml:89(para)
+#, fuzzy
+#| msgid ""
+#| "The options which apply to the <command>groupmod</command> command are:"
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>groupmod</command> är:"
+
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr ""
+"Du får inte ta bort den primära gruppen för någon existerande användare. Du "
+"måste ta bort användaren innan du tar bort gruppen."
+
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr ""
+
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr "kan inte ta bort användarens primära grupp"
+
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>groupdel</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#: groupdel.8.xml:198(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>"
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>"
+
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "skapa en ny grupp"
+
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>groupadd</command> är:"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+
+#: groupadd.8.xml:118(para)
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+
+#: groupadd.8.xml:124(para)
+#, fuzzy
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr ""
+"Flaggorna <option>-r</option>, <option>-h</option> och <option>-f</option> "
+"används endast när <command>login</command> har startats av root."
+
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+"Åsidosätter standardvärden i <filename>/etc/login.defs</filename> (GID_MIN, "
+"GID_MAX och andra). Flera flaggor av <option>-K</option> kan anges."
+
+#: groupadd.8.xml:146(para)
+#, fuzzy
+#| msgid ""
+#| "Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable>&nbsp;<option> -K </"
+#| "option>&nbsp;<replaceable>GID_MAX</replaceable>=<replaceable>499</"
+#| "replaceable>"
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Exempel: <option>-Koption>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: groupadd.8.xml:150(para)
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+"Notera: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> fungerar ännu inte."
+
+#: groupadd.8.xml:161(para)
+#, fuzzy
+msgid "This option permits to add a group with a non-unique GID."
+msgstr "Denna flagga tillåter att en grupp med ett icke-unikt GID läggs till."
+
+#: groupadd.8.xml:192(para)
+#, fuzzy
+#| msgid "create a new group"
+msgid "Create a system group."
+msgstr "skapa en ny grupp"
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+
+#: groupadd.8.xml:258(para)
+#, fuzzy
+#| msgid ""
+#| "Usernames must begin with a lower case letter or an underscore, and only "
+#| "lower case letters, underscores, dashes, and dollar signs may follow. In "
+#| "regular expression terms: [a-z_][a-z0-9_-]*[$]"
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Användarnamn måste börja med en gemen bokstav eller ett understreck och får "
+"endast innehålla gemener, understreck, minustecken och på slutet ett dollar-"
+"tecken. I reguljära uttryckstermer: [a-z_][a-z0-9_-]*[$]"
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr ""
+
+#: groupadd.8.xml:267(para)
+#, fuzzy
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Du får inte lägga till en användare till en NIS-grupp. Detta måste "
+"genomföras på NIS-servern."
+
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr "GID inte unikt (när <option>-o</option> inte används)"
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr "gruppnamn inte unikt"
+
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>groupadd</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr ""
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr ""
+
+#: gpasswd.1.xml:71(phrase)
+#, fuzzy
+#| msgid "-r <placeholder-1/>"
+msgid "administer <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: gpasswd.1.xml:74(phrase)
+#, fuzzy
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr "-K <placeholder-1/>=<placeholder-2/>"
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+#, fuzzy
+msgid "option"
+msgstr "flaggor"
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:115(para)
+#, fuzzy
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+"Referera till <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> för detaljer om hur "
+"denna sträng tolkas."
+
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr "Noteringar angående grupplösenord"
+
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+
+#: gpasswd.1.xml:135(para)
+#, fuzzy
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr ""
+"Flaggorna <option>-r</option>, <option>-h</option> och <option>-f</option> "
+"används endast när <command>login</command> har startats av root."
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr ""
+
+#: gpasswd.1.xml:142(para)
+#, fuzzy
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>passwd</command> är:"
+
+#: gpasswd.1.xml:147(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#| "replaceable>"
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: gpasswd.1.xml:151(para)
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:160(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAGAR</"
+"replaceable>"
+
+#: gpasswd.1.xml:164(para)
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:181(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HEM_KAT</"
+"replaceable>"
+
+#: gpasswd.1.xml:195(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--remove</option>"
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:211(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:227(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-m</option>, <option>--mindays</option>&nbsp;"
+#| "<replaceable>MIN_DAYS</replaceable>"
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAGAR</"
+"replaceable>"
+
+#: gpasswd.1.xml:231(para)
+#, fuzzy
+msgid "Set the list of administrative users."
+msgstr "kommaseparerad lista med gruppadministratörer"
+
+#: gpasswd.1.xml:239(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAGAR</"
+"replaceable>"
+
+#: gpasswd.1.xml:243(para)
+#, fuzzy
+msgid "Set the list of group members."
+msgstr "kommaseparerad lista med gruppmedlemmar"
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+
+#: gpasswd.1.xml:298(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr "faillog"
+
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr ""
+
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>faillog</command> är:"
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+
+#: faillog.8.xml:102(para)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+
+#: faillog.8.xml:128(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-l</option>, <option>--lock-time</option>&nbsp;<replaceable>SEC</"
+#| "replaceable>"
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--lock-time</option>&nbsp;<replaceable>SEK</"
+"replaceable>"
+
+#: faillog.8.xml:132(para)
+#, fuzzy
+#| msgid ""
+#| "Lock account to <replaceable>SEC</replaceable> seconds after failed login."
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+"LÃ¥s kontot <replaceable>SEK</replaceable> sekunder efter misslyckad "
+"inloggning."
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr ""
+
+#: faillog.8.xml:143(term)
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+
+#: faillog.8.xml:147(para)
+#, fuzzy
+#| msgid ""
+#| "Set the maximum number of days a password remains valid. After "
+#| "<replaceable>MAX_DAYS</replaceable>, the password is required to be "
+#| "changed."
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+"Sätter maximalt antal dagar som ett lösenord ska vara giltigt. Efter "
+"<replaceable>MAX_DAGAR</replaceable> krävs det att lösenordet ändras."
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr ""
+
+#: faillog.8.xml:195(para)
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr ""
+
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:224(para)
+#, fuzzy
+#| msgid ""
+#| "The <option>-r</option>, <option>-h</option> and <option>-f</option> "
+#| "options are only used when <command>login</command> is invoked by root."
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+"Flaggorna <option>-r</option>, <option>-h</option> och <option>-f</option> "
+"används endast när <command>login</command> har startats av root."
+
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr "/var/log/faillog"
+
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr ""
+
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr ""
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "Strukturen för filen är:"
+
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;\n"
+"\tshort   fail_max;\n"
+"\tchar    fail_line[12];\n"
+"\ttime_t  fail_time;\n"
+"\tlong    fail_locktime;\n"
+"};"
+msgstr ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;\n"
+"\tshort   fail_max;\n"
+"\tchar    fail_line[12];\n"
+"\ttime_t  fail_time;\n"
+"\tlong    fail_locktime;\n"
+"};"
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr ""
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr "expiry"
+
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr "kontrollera och upprätthåll policy för lösenordsutgång"
+
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+
+#: expiry.1.xml:92(para)
+#, fuzzy
+#| msgid "The options which apply to the <command>pwck</command> command are:"
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>pwck</command> är:"
+
+#: expiry.1.xml:97(term)
+#, fuzzy
+#| msgid "<option>-L</option>, <option>--lock</option>"
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: expiry.1.xml:99(para)
+#, fuzzy
+#| msgid "check and enforce password expiration policy"
+msgid "Check the password expiration of the current user."
+msgstr "kontrollera och upprätthåll policy för lösenordsutgång"
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr ""
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr "ändra inloggningsskal"
+
+#: chsh.1.xml:85(para)
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>chsh</command> är:"
+
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr "/etc/shells"
+
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr "Lista på giltiga inloggningsskal."
+
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr "uppdatera lösenord i satsläge"
+
+#: chpasswd.8.xml:83(para)
+#, fuzzy
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+"<command>chgpasswd</command> läser en lista på gruppnamn och lösenordspar "
+"från standard in och använder denna information för att uppdatera en "
+"uppsättning redan existerande grupper. Varje rad är i formatet:"
+
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">användarnamn</emphasis>:<emphasis remap=\"I"
+"\">lösenord</emphasis>"
+
+#: chpasswd.8.xml:92(para)
+#, fuzzy
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+"Som standard måste det insända lösenordet vara i klartext. "
+"Standardkrypteringsalgoritmen är DES."
+
+#: chpasswd.8.xml:97(para)
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwritten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:111(para)
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occurred for "
+"any user."
+msgstr ""
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr ""
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>chpasswd</command> är:"
+
+#: chpasswd.8.xml:137(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-c</option>, <option>--comment</option>&nbsp;"
+#| "<replaceable>COMMENT</replaceable>"
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>KOMMENTAR</"
+"replaceable>"
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr ""
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr ""
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr "Insända lösenord är i ett krypterat format."
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr "<option>-m</option>, <option>--md5</option>"
+
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr ""
+"Använd MD5-kryptering istället för DES när insända lösenord inte är "
+"krypterade."
+
+#: chpasswd.8.xml:200(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-w</option>, <option>--warndays</option>&nbsp;"
+#| "<replaceable>WARN_DAYS</replaceable>"
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>VARN_DAGAR</replaceable>"
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr ""
+"Kom ihåg att ställa in rättigheter eller umask för att förhindra läsning av "
+"okrypterade filer för andra användare."
+
+#: chpasswd.8.xml:276(filename)
+#, fuzzy
+#| msgid "/etc/passwd"
+msgid "/etc/pam.d/chpasswd"
+msgstr "/etc/passwd"
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr ""
+
+#: chpasswd.8.xml:286(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr ""
+
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr "uppdatera grupplösenord i satsläge"
+
+#: chgpasswd.8.xml:79(para)
+#, fuzzy
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+"<command>chgpasswd</command> läser en lista på gruppnamn och lösenordspar "
+"från standard in och använder denna information för att uppdatera en "
+"uppsättning redan existerande grupper. Varje rad är i formatet:"
+
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">gruppnamn</emphasis>:<emphasis remap=\"I\">lösenord</"
+"emphasis>"
+
+#: chgpasswd.8.xml:88(para)
+#, fuzzy
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+"Som standard måste det insända lösenordet vara i klartext. "
+"Standardkrypteringsalgoritmen är DES."
+
+#: chgpasswd.8.xml:92(para)
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwritten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>chgpasswd</command> är:"
+
+#: chgpasswd.8.xml:238(para)
+#, fuzzy
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr "ändra verkligt användarnamn och information"
+
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+
+#: chfn.1.xml:112(para)
+#, fuzzy
+#| msgid "The options which apply to the <command>chsh</command> command are:"
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>chsh</command> är:"
+
+#: chfn.1.xml:117(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>"
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;"
+"<replaceable>INLOGGNINGSNAMN</replaceable>"
+
+#: chfn.1.xml:121(para)
+#, fuzzy
+#| msgid "Changing the default values"
+msgid "Change the user's full name."
+msgstr "Ändrar standardvärden"
+
+#: chfn.1.xml:125(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HEM_KAT</"
+"replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr ""
+
+#: chfn.1.xml:133(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HEM_KAT</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+
+#: chfn.1.xml:145(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HEM_KAT</"
+"replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr ""
+
+#: chfn.1.xml:165(term)
+#, fuzzy
+#| msgid "<option>-h</option>, <option>--help</option>"
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: chfn.1.xml:173(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HEM_KAT</"
+"replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr ""
+
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "ändra åldringsinformation för användarlösenord"
+
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr "Flaggorna som gäller för kommandot <command>chage</command> är:"
+
+#: chage.1.xml:97(term)
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>SISTA_DAG</"
+"replaceable>"
+
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+
+#: chage.1.xml:109(term)
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>UTGÃ…NGSDATUM</replaceable>"
+
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+
+#: chage.1.xml:135(term)
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INAKTIV</"
+"replaceable>"
+
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr "Visa kontots åldringsinformation"
+
+#: chage.1.xml:164(term)
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAGAR</"
+"replaceable>"
+
+#: chage.1.xml:176(term)
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAGAR</"
+"replaceable>"
+
+#: chage.1.xml:180(para)
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+
+#: chage.1.xml:209(term)
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>VARN_DAGAR</replaceable>"
+
+#: chage.1.xml:213(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr ""
+"Programmet <command>chage</command> kräver att en skugglösenordsfil finns "
+"tillgänglig."
+
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "kan inte hitta skugglösenordsfilen"
+
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"Kommandot <command>chage</command> avslutas med följande värden: "
+"<placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr "Daniel Nylander <po@danielnylander.se>, 2006."
+
+#, fuzzy
+#~| msgid "-"
+#~ msgid "-M"
+#~ msgstr "-"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "13"
+#~ msgstr "13"
+
+#~ msgid "can't create mail spool"
+#~ msgstr "kan inte skapa postkö"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "-q"
+#~ msgstr "-q"
+
+#~ msgid "-s"
+#~ msgstr "-s"
+
+#, fuzzy
+#~| msgid ""
+#~| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid "new_users"
+#~ msgstr "nya_användare"
+
+#~ msgid "full_name"
+#~ msgstr "fullständigt_namn"
+
+#~ msgid "-f <placeholder-1/>"
+#~ msgstr "-f <placeholder-1/>"
+
+#~ msgid "room_no"
+#~ msgstr "rumsnummer"
+
+#~ msgid "work_ph"
+#~ msgstr "arbetstelefon"
+
+#~ msgid "-w <placeholder-1/>"
+#~ msgstr "-w <placeholder-1/>"
+
+#~ msgid "home_ph"
+#~ msgstr "hemtelefon"
+
+#~ msgid "other"
+#~ msgstr "övrigt"
+
+#~ msgid "-o <placeholder-1/>"
+#~ msgstr "-o <placeholder-1/>"
+
+#, fuzzy
+#~| msgid ""
+#~| "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~| "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~| "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~| "manvolnum></citerefentry>, <citerefentry><refentrytitle>pam</"
+#~| "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+#~ "condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pam</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>group</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry><citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "Note: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#~ "replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
+#~ "replaceable>=<replaceable>499</replaceable> doesn't work yet."
+#~ msgstr ""
+#~ "Notera: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#~ "replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
+#~ "replaceable>=<replaceable>499</replaceable> fungerar ännu inte."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE"
+#~ msgstr "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE"
+
+#, fuzzy
+#~| msgid "Supplied passwords are in encrypted form."
+#~ msgid "The supplied passwords must be in clear-text."
+#~ msgstr "Insända lösenord är i ett krypterat format."
+
+#, fuzzy
+#~ msgid "and <placeholder-1/> files"
+#~ msgstr "-a <placeholder-1/>"
+
+#~ msgid "encrypted password file"
+#~ msgstr "krypterad lösenordsfil"
+
+#~ msgid "comma-separated list of group administrators"
+#~ msgstr "kommaseparerad lista med gruppadministratörer"
+
+#~ msgid "days since Jan 1, 1970 that password was last changed"
+#~ msgstr "dagar sedan 1:a januari, 1970 som lösenordet senast ändrades"
+
+#~ msgid "days after which password must be changed"
+#~ msgstr "dagar efter vilket lösenordet måste ändras"
+
+#~ msgid "days before password is to expire that user is warned"
+#~ msgstr "dagar innan lösenordet går ut som användaren varnas"
+
+#~ msgid "days after password expires that account is disabled"
+#~ msgstr "dagar efter att lösenordet gått ut och kontot inaktiveras"
+
+#~ msgid "days since Jan 1, 1970 that account is disabled"
+#~ msgstr "dagar sedan 1:a januari 1970 som kontot är inaktiverat"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+#~ "citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>getpwnam</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>getent</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>getpwnam</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>pwconv</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+#, fuzzy
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "-a"
+#~ msgstr "-a"
+
+#~ msgid "-d"
+#~ msgstr "-d"
+
+#~ msgid "-g"
+#~ msgstr "-g"
+
+#~ msgid "GID"
+#~ msgstr "GID"
+
+#~ msgid "-o"
+#~ msgstr "-o"
+
+#~ msgid "KEY"
+#~ msgstr "NYCKEL"
+
+#~ msgid "VALUE"
+#~ msgstr "VÄRDE"
+
+#~ msgid "-K <placeholder-1/>=<placeholder-2/>"
+#~ msgstr "-K <placeholder-1/>=<placeholder-2/>"
+
+#, fuzzy
+#~ msgid "-R"
+#~ msgstr "-"
+
+#, fuzzy
+#~ msgid "<option>-A</option>&nbsp;<replaceable>user</replaceable>,..."
+#~ msgstr ""
+#~ "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#~ "replaceable>"
+
+#, fuzzy
+#~ msgid "<option>-M</option>&nbsp;<replaceable>user</replaceable>,..."
+#~ msgstr ""
+#~ "<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+#~ "replaceable>"
+
+#~ msgid ""
+#~ "Your password must be easily remembered so that you will not be forced to "
+#~ "write it on a piece of paper. This can be accomplished by appending two "
+#~ "small words together and separating each with a special character or "
+#~ "digit. For example, Pass%word."
+#~ msgstr ""
+#~ "Ditt lösenord måste vara lätt att komma ihåg så att du inte behöver "
+#~ "skriva ner det på en papperslapp. Detta kan göras genom att lägga till "
+#~ "två små ord tillsammans och separera dem med ett specialtecken eller "
+#~ "siffra. Till exempel, Pass%word."
+
+#~ msgid ""
+#~ "Other methods of construction involve selecting an easily remembered "
+#~ "phrase from literature and selecting the first or last letter from each "
+#~ "word. An example of this is:"
+#~ msgstr ""
+#~ "Andra metoder för att konstruera lösenord är att välja en literär fras "
+#~ "som är lätt att komma ihåg och välja den första eller sista bokstaven "
+#~ "från varje ord. Ett exempel på detta är:"
+
+#~ msgid "Ask not for whom the bell tolls"
+#~ msgstr "Fråga inte för vem klockorna ringer klockan 3"
+
+#~ msgid "which produces"
+#~ msgstr "som blir"
+
+#~ msgid "An4wtbt"
+#~ msgstr "Fifvkrk3"
+
+#~ msgid ""
+#~ "You may be reasonably sure few crackers will have included this in their "
+#~ "dictionaries. You should, however, select your own methods for "
+#~ "constructing passwords and not rely exclusively on the methods given here."
+#~ msgstr ""
+#~ "Du kan vara hyffsat säker på att få hackare har inkluderat detta i sina "
+#~ "ordböcker. Du bör dock välja dina egna metoder för att konstruera "
+#~ "lösenord och inte enbart förlita dig på de metoder som anges här."
+
+#~ msgid ""
+#~ "The <option>-t</option> flag overrides the use of <option>-u</option>."
+#~ msgstr ""
+#~ "Flaggan <option>-t</option> åsidosätter användningen av <option>-u</"
+#~ "option>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid "MAIL_DIR USERDEL_CMD"
+#~ msgstr "MAIL_DIR USERDEL_CMD"
+
+#~ msgid "MAIL_DIR"
+#~ msgstr "MAIL_DIR"
+
+#~ msgid "CHFN_AUTH"
+#~ msgstr "CHFN_AUTH"
+
+#~ msgid "GID_MAX GID_MIN"
+#~ msgstr "GID_MAX GID_MIN"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>newusers</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>newusers</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid "-R <placeholder-1/>"
+#~ msgstr "-R <placeholder-1/>"
+
+#~ msgid "user,"
+#~ msgstr "användare,"
+
+#~ msgid "-A <placeholder-1/>"
+#~ msgstr "-A <placeholder-1/>"
+
+#~ msgid "-M <placeholder-1/>"
+#~ msgstr "-M <placeholder-1/>"
diff --git a/man/po/zh_CN.po b/man/po/zh_CN.po
new file mode 100644
index 0000000..fd4c4ca
--- /dev/null
+++ b/man/po/zh_CN.po
@@ -0,0 +1,9435 @@
+#
+# YunQiang Su <wzssyqa@gmail.com>, 2010, 2011, 2012.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow-man-pages VERSION\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2013-08-23 01:42+0200\n"
+"Last-Translator: YunQiang Su <wzssyqa@gmail.com>\n"
+"Language-Team: Chinese (simplified) <i18n-zh@googlegroups.com>\n"
+"Language: zh_CN\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bits\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr ""
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr ""
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr ""
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr ""
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname) newusers.8.xml:60(surname)
+#: newgrp.1.xml:46(surname) logoutd.8.xml:45(surname)
+#: login.defs.5.xml:110(surname) login.access.5.xml:46(surname)
+#: login.1.xml:78(surname) limits.5.xml:47(surname) lastlog.8.xml:46(surname)
+#: grpck.8.xml:46(surname) groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname) expiry.1.xml:49(surname)
+#: chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr ""
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr ""
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib) newusers.8.xml:62(contrib)
+#: newgrp.1.xml:48(contrib) logoutd.8.xml:47(contrib)
+#: login.defs.5.xml:112(contrib) login.access.5.xml:48(contrib)
+#: login.1.xml:80(contrib) limits.5.xml:49(contrib) lastlog.8.xml:48(contrib)
+#: grpck.8.xml:48(contrib) groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib) expiry.1.xml:51(contrib)
+#: chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib) chfn.1.xml:50(contrib)
+#: chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr ""
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr ""
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname) gshadow.5.xml:39(surname)
+#: grpck.8.xml:52(surname) groups.1.xml:51(surname) groupmod.8.xml:52(surname)
+#: groupmems.8.xml:55(surname) groupdel.8.xml:52(surname)
+#: groupadd.8.xml:54(surname) gpasswd.1.xml:56(surname)
+#: faillog.8.xml:51(surname) faillog.5.xml:51(surname) expiry.1.xml:55(surname)
+#: chsh.1.xml:54(surname) chpasswd.8.xml:55(surname)
+#: chgpasswd.8.xml:51(surname) chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr ""
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr ""
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib) gshadow.5.xml:42(contrib)
+#: grpck.8.xml:54(contrib) groups.1.xml:53(contrib) groupmod.8.xml:54(contrib)
+#: groupmems.8.xml:57(contrib) groupdel.8.xml:54(contrib)
+#: groupadd.8.xml:56(contrib) gpasswd.1.xml:58(contrib)
+#: faillog.8.xml:53(contrib) faillog.5.xml:53(contrib) expiry.1.xml:57(contrib)
+#: chsh.1.xml:56(contrib) chpasswd.8.xml:57(contrib)
+#: chgpasswd.8.xml:53(contrib) chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr ""
+
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "系统管�命令"
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+msgid "shadow-utils"
+msgstr "shadow-utils"
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr "编辑密��组�影�密�或影�组文件。"
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg) passwd.1.xml:79(replaceable)
+#: newusers.8.xml:87(replaceable) lastlog.8.xml:73(replaceable)
+#: grpck.8.xml:72(arg) groupmod.8.xml:73(replaceable)
+#: groupdel.8.xml:73(replaceable) groupadd.8.xml:75(replaceable)
+#: faillog.8.xml:72(replaceable) chsh.1.xml:75(replaceable)
+#: chpasswd.8.xml:76(replaceable) chgpasswd.8.xml:72(replaceable)
+#: chfn.1.xml:75(replaceable) chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "选项"
+
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "�述"
+
+#: vipw.8.xml:90(para)
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<command>vipw</command> 和 <command>vigr</command> 命令分别编辑 <filename>/"
+"etc/passwd</filename> 和 <filename>/etc/group</filename> 文件。使用 <option>-"
+"s</option> 标识时，将编辑这些文件的影�版，�分别为 <filename>/etc/shadow</"
+"filename> 和 <filename>/etc/gshadow</filename>。这些程�将设置相应的�，以防"
+"止文件��。寻找编辑器时，首先�试环境�� <envar>$VISUAL</envar>，然�是环境"
+"�� <envar>$EDITOR</envar>，最�是默认编辑器 "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>。"
+
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title) groupdel.8.xml:88(title)
+#: groupadd.8.xml:93(title) gpasswd.1.xml:134(title) faillog.8.xml:89(title)
+#: expiry.1.xml:91(title) chsh.1.xml:95(title) chpasswd.8.xml:130(title)
+#: chgpasswd.8.xml:105(title) chfn.1.xml:111(title) chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "选项"
+
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr ""
+"<command>vipw</command> 和 <command>vigr</command> 命令�以接�的选项有："
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "编辑 group 数�库。"
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:118(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:122(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "现实帮助信�并退出。"
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "编辑 passwd 数�库。"
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "安�模�。"
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:126(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:130(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+#, fuzzy
+#| msgid ""
+#| "Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+#| "replaceable>."
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+"��为 <replaceable>group</replaceable> 的组中添加用户 <replaceable>user</"
+"replaceable>。"
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "编辑 shadow 或 gshadow 数�库。"
+
+#: vipw.8.xml:156(term)
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr "指定�编辑哪个用户的 tcb 影�文件。"
+
+#: vipw.8.xml:165(title) usermod.8.xml:496(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title) gpasswd.1.xml:264(title)
+#: chsh.1.xml:154(title) chpasswd.8.xml:239(title) chgpasswd.8.xml:198(title)
+#: chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr "�置文件"
+
+#: vipw.8.xml:166(para) usermod.8.xml:497(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+"在 <filename>/etc/login.defs</filename> 中有如下�置��，�以用�更改此工具"
+"的行为："
+
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "<option>USE_TCB</option> (boolean)"
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"如果 <replaceable>yes</replaceable>，将会使用 "
+"<citerefentry><refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry> 影�密�方案。"
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr "环境��"
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr "VISUAL"
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr "�使用的编辑器。"
+
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr "EDITOR"
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr "<option>VISUAL</option> 没有设置的情况下，使用的编辑器。"
+
+#: vipw.8.xml:195(title) usermod.8.xml:513(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title) limits.5.xml:196(title)
+#: lastlog.8.xml:204(title) gshadow.5.xml:156(title) grpck.8.xml:221(title)
+#: groups.1.xml:100(title) groupmod.8.xml:205(title) groupmems.8.xml:211(title)
+#: groupdel.8.xml:140(title) groupadd.8.xml:233(title) gpasswd.1.xml:279(title)
+#: faillog.8.xml:243(title) faillog.5.xml:96(title) expiry.1.xml:121(title)
+#: chsh.1.xml:167(title) chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title)
+#: chfn.1.xml:207(title) chage.1.xml:256(title)
+msgid "FILES"
+msgstr "文件"
+
+#: vipw.8.xml:198(filename) usermod.8.xml:516(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename) newusers.8.xml:412(filename)
+#: newgrp.1.xml:136(filename) gshadow.5.xml:159(filename)
+#: grpck.8.xml:224(filename) groups.1.xml:103(filename)
+#: groupmod.8.xml:208(filename) groupmems.8.xml:214(filename)
+#: groupdel.8.xml:143(filename) groupadd.8.xml:236(filename)
+#: gpasswd.1.xml:72(filename) gpasswd.1.xml:75(filename)
+#: gpasswd.1.xml:282(filename) chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+#: vipw.8.xml:200(para) usermod.8.xml:518(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "组账户信�。"
+
+#: vipw.8.xml:204(filename) usermod.8.xml:522(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+#: vipw.8.xml:206(para) usermod.8.xml:524(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "安全组账户信�。"
+
+#: vipw.8.xml:210(filename) usermod.8.xml:534(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+#: vipw.8.xml:212(para) usermod.8.xml:536(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "用户账户信�。"
+
+#: vipw.8.xml:216(filename) usermod.8.xml:540(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+#: vipw.8.xml:218(para) usermod.8.xml:542(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "安全用户账户信�。"
+
+#: vipw.8.xml:225(title) usermod.8.xml:561(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "��"
+
+#: vipw.8.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr ""
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname) passwd.1.xml:47(surname)
+#: newusers.8.xml:55(surname) newgrp.1.xml:41(surname)
+#: logoutd.8.xml:40(surname) login.defs.5.xml:105(surname)
+#: login.1.xml:73(surname) lastlog.8.xml:41(surname) grpck.8.xml:41(surname)
+#: groups.1.xml:40(surname) groupmod.8.xml:41(surname)
+#: groupdel.8.xml:41(surname) groupadd.8.xml:43(surname)
+#: faillog.8.xml:40(surname) faillog.5.xml:40(surname) expiry.1.xml:44(surname)
+#: chsh.1.xml:43(surname) chpasswd.8.xml:44(surname) chfn.1.xml:43(surname)
+#: chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr ""
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr ""
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "修改一个用户账户"
+
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "登录"
+
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"<command>usermod</command> 修改系统账户文件和在命令行上指定的相关更改。"
+
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr "<command>usermod</command> �以接�的选项有："
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--append</option>"
+
+#: usermod.8.xml:104(para)
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr "将用户添加到附加组。�能和 <option>-G</option> 选项一起使用。"
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"用户密�文件中注释字段的新值。通常使用 <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> 工具对其进行修改。"
+
+#: usermod.8.xml:124(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-d</option>, <option>--home-dir</option>&nbsp;"
+#| "<replaceable>HOME_DIR</replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr "用户的新登录目录。"
+
+#: usermod.8.xml:131(para)
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+"如果给了 <option>-m</option> 选项，当�主目录的内容将会移动到新主目录中，如果"
+"�存在，则创建。"
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+"用户账户将被�用的日期。日期以 <emphasis remap=\"I\">YYYY-MM-DD</emphasis> 格"
+"�指定。"
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr "空 <replaceable>EXPIRE_DATE</replaceable> �数将�用账户过期。"
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+"此选项需�一个 <filename>/etc/passwd</filename> 文件。如果没有，将会创建一� "
+"<filename>/etc/shadow</filename> 项目。"
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+
+#: usermod.8.xml:164(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr "密�过期之�，账户被彻底�用之�的天数。"
+
+#: usermod.8.xml:168(para)
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr "0 表示密�过期时，立��用账户；-1 表示�使用这个功能。"
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+
+#: usermod.8.xml:185(para)
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr "用户的新�始登录组的组�或数字代�。此组必须存在。"
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr "用户主目录中，属于原�的主组的文件将转交新组所有。"
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr "主目录之外的文件所属的组必须手动修改。"
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+
+#: usermod.8.xml:204(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+"用户还属于的附加组列表。组之间使用逗�分隔，没有空格。这些组需��守和 "
+"<option>-g</option> 选项中给的组�样的�制。"
+
+#: usermod.8.xml:211(para)
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+"如果用户当�是一个组的�员，而这个组没有列在这里，用户将被从那个组里便删除。"
+"这个行为�以通过 <option>-a</option> 选项修改，这使用户追加到给出的附加组列表"
+"中。"
+
+#: usermod.8.xml:220(term)
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+
+#: usermod.8.xml:224(para)
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+"用户的�称将会从 <replaceable>LOGIN</replaceable> 修改为 "
+"<replaceable>NEW_LOGIN</replaceable>。�会更改别的任何东西。特别是，用户的主"
+"目录�和邮件池也需�手动修改以和新登录�对应。"
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+"�定用户的密�。这会在用户加密的密�之�放置一个“!�，�以快速�用密�。您�以"
+"和 <option>-p</option> 或 <option>-U</option> ��使用此选项。"
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+"注�：如果希望�定账户(�仅仅是通过密�访问)，您也需�设置 "
+"<replaceable>EXPIRE_DATE</replaceable> 为 <replaceable>1</replaceable>。"
+
+#: usermod.8.xml:253(term)
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr "<option>-m</option>, <option>--move-home</option>"
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr "将用户的主目录移动到新�置。"
+
+#: usermod.8.xml:261(para)
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr ""
+"这个选项�有和 <option>-d</option> (或 <option>--home</option>) 选项组�使用"
+"时�有效。"
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+"<command>usermod</command> 会改写文件的属主并�制模��ACL 和扩展属性，但是�"
+"�也�能需�手动修改。"
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr "<option>-o</option>, <option>--non-unique</option>"
+
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr "使用 <option>-u</option> 选项时，�以将用户 ID 改为�唯一的值。"
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+"已�加密过的密�，就� <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> 返回的那样。"
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+"<emphasis role=\"bold\">注�：</emphasis>�推�使用这个选项，因为密�(或加密"
+"过的密�)会被用户通过列出这个过程而看到。"
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+"密�将会写到本地的 <filename>/etc/passwd</filename> 或 <filename>/etc/"
+"shadow</filename> 文件。这�能会与您的机器有所��，这根� PAM �置中的密�数"
+"�库�置而定。"
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr "您应该确�密�符�系统的密�政策。"
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+"用户的新登录 shell 的�称。将此字段设置为空会让系统选择默认的登录 shell。"
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr "用户 ID 的新数值。"
+
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+"这个值必须是唯一的，除�使用了 <option>-o</option> 选项，必须是�负值。"
+
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr "用户的邮箱，用户主目录中属于此用户的文件的属主 ID 也将自动更改。"
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr "用户主目录之外文件所有�必须手动修�。"
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"�会对 <filename>/etc/login.defs</filename> 中的 <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option> 和 "
+"<option>SYS_UID_MAX</option> 进行检查。"
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr "<option>-U</option>, <option>--unlock</option>"
+
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+"解�用户的密�。这将移除加密的密�之�的“!�。您�以将此选项和 <option>-p</"
+"option> 或 <option>-L</option> ��使用。"
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+"注�：如果您希望解�账户(��是使用密�访问)，您也应该设置 "
+"<replaceable>EXPIRE_DATE</replaceable> (例如设置为 <replaceable>99999</"
+"replaceable>，或者 <filename>/etc/default/useradd</filename> 中的 "
+"<option>EXPIRE</option> 值)。"
+
+#: usermod.8.xml:384(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+#, fuzzy
+#| msgid ""
+#| "No checks will be performed with regard to the <option>UID_MIN</option>, "
+#| "<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+#| "<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"�会对 <filename>/etc/login.defs</filename> 中的 <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option> 和 "
+"<option>SYS_UID_MAX</option> 进行检查。"
+
+#: usermod.8.xml:402(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-subuids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr ""
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subuids</option> and <option>--add-"
+"subuids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+
+#: usermod.8.xml:422(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "The default behavior (if the <option>-g</option>, <option>-N</option>, "
+#| "and <option>-U</option> options are not specified) is defined by the "
+#| "<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+#| "filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"如果没有指定 <option>-g</option>, <option>-N</option> 和 <option>-U</option> "
+"选项，默认行为由 <filename>/etc/login.defs</filename> 中的 "
+"<option>USERGROUPS_ENAB</option> ��指定。"
+
+#: usermod.8.xml:440(term)
+#, fuzzy
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-subgids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+
+#: usermod.8.xml:444(para)
+#, fuzzy
+#| msgid "Remove any SELinux user mapping for the user's login."
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr "移除用户登录的所有 SELinux 用户映射。"
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-subgids</option> and <option>--add-"
+"subgids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr "用户登陆的 SELinux 用户。"
+
+#: usermod.8.xml:467(para)
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+"空的 <replaceable>SEUSER</replaceable> 将移除用户 <replaceable>LOGIN</"
+"replaceable> 的 SELinux 用户映射(如果有)。"
+
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:216(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title) gpasswd.1.xml:252(title)
+#: faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr "CAVEATS"
+
+#: usermod.8.xml:479(para)
+#, fuzzy
+#| msgid ""
+#| "You must make certain that the named user is not executing any processes "
+#| "when this command is being executed if the user's numerical user ID, the "
+#| "user's name, or the user's home directory is being changed. "
+#| "<command>usermod</command> checks this on Linux, but only check if the "
+#| "user is logged in according to utmp on other architectures."
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux. On other platforms it only "
+"uses utmp to check if the user is logged in."
+msgstr ""
+"如果�更改用户的数字 ID�用户�或主目录，需�确��许命令时，用户没有执行任何"
+"进程。<command>usermod</command> 会在 Linux 上进行检查；但是在其它平�上，仅"
+"仅根� utmp 检查用户是�已�登录。"
+
+#: usermod.8.xml:486(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+"您必须手动更改 <command>crontab</command> 文件或 <command>at</command> 作业的"
+"属主。"
+
+#: usermod.8.xml:490(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr "您必须更改 NIS �务器上的 NIS 相关内容。"
+
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr "<option>MAIL_DIR</option> (string)"
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+"邮箱目录。修改或删除用户账户时需�处�邮箱，如果没有指定，将使用编译时指定的"
+"默认值。"
+
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr "<option>MAIL_FILE</option> (string)"
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr "定义用户邮箱文件的�置(相对于主目录)。"
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+"<option>MAIL_DIR</option> and <option>MAIL_FILE</option> ��由 "
+"<command>useradd</command>，<command>usermod</command> 和 <command>userdel</"
+"command> 用于创建�移动或删除用户邮箱。"
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+"如果 <option>MAIL_CHECK_ENAB</option> 设置为 <replaceable>yes</replaceable>，"
+"它们也被用于定义 <envar>MAIL</envar> 环境��。"
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+"�个组�目的最大�员数。达到最大值时，在 <filename>/etc/group</filename> 开始"
+"一个新�目(行)(使用�样的�称，�样的密�，�样的 GID)。"
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr "默认值是 0，�味�组中的�员数没有�制。"
+
+#. Note: on HP, split groups have the same ID, but different
+#.                names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+"此功能(分割组)�许�制组文件中的行长度。这对于确� NIS 组的行比长于 1024 字"
+"符。"
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr "如果�强制这个�制，�以使用 25。"
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+"注�：分割组�能��所有工具的支�(甚至在 Shadow 工具集中)。您�应该使用这个"
+"��，除�真的需�。"
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (number)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MAX</option> (number)"
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (number)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (number)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_GID_MIN</option> (resp. "
+#| "<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"<option>SYS_GID_MIN</option> 和 <option>SYS_GID_MAX</option> 的默认值分别是 "
+"101 和 <option>GID_MIN</option>-1。"
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (number)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MAX</option> (number)"
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (number)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#, fuzzy
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (number)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#, fuzzy
+#| msgid ""
+#| "The default value for <option>SYS_UID_MIN</option> (resp. "
+#| "<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"<option>SYS_UID_MIN</option> 和 <option>SYS_UID_MAX</option> 的默认值分别是 "
+"101 和 <option>UID_MIN</option>-1。"
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr "<option>TCB_SYMLINKS</option> (boolean)"
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+"  use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+"  kilos = UID / 1000\n"
+"  use /etc/tcb/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+"  megas = UID / 1000000\n"
+"  kilos = ( UID / megas * 1000000 ) / 1000\n"
+"  use /etc/tcb/:megas/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+"      "
+msgstr ""
+"\n"
+"if ( UID is less than 1000) {\n"
+"  use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+"  kilos = UID / 1000\n"
+"  use /etc/tcb/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+"  megas = UID / 1000000\n"
+"  kilos = ( UID / megas * 1000000 ) / 1000\n"
+"  use /etc/tcb/:megas/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+"      "
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+"如果是 <replaceable>yes</replaceable>，�创建用户 tcb 目录�会自动设置为 /"
+"etc/tcb/user，但是会根�用户的 UID 计算，根�的算法如下：<placeholder-1/>"
+
+#: usermod.8.xml:528(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr "/etc/login.defs"
+
+#: usermod.8.xml:530(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr "Shadow 密�套件�置。"
+
+#: usermod.8.xml:546(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:548(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr ""
+
+#: usermod.8.xml:552(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#, fuzzy
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/suauth"
+
+#: usermod.8.xml:554(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr ""
+
+#: usermod.8.xml:562(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr "userdel"
+
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr "删除用户账户和相关文件"
+
+#: userdel.8.xml:85(para)
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+"<command>userdel</command> 修改系统账户文件，删除与用户� <emphasis remap=\"I"
+"\">LOGIN</emphasis> 相关的所以项目。给出的用户�必须存在。"
+
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr "<command>userdel</command> �以使用的选项有："
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr "<option>-f</option>, <option>--force</option>"
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+"此选项强制删除用户账户，甚至用户�然在登录状�。它也强制 <command>userdel</"
+"command> 删除用户的主目录和邮箱，�使其它用户也使用�一个主目录或邮箱�属于指"
+"定的用户。如果 <filename>/etc/login.defs</filename> 中的 "
+"<option>USERGROUPS_ENAB</option> 定义为 <emphasis remap=\"I\">yes</"
+"emphasis>，并且如果有一个和用户��的组，也会删除此组，�使它�然是别的用户的"
+"主组。"
+
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr "<emphasis>注�：</emphasis>此选项�险，�能会破�系统的稳定性。"
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+"用户主目录中的文件将�用户主目录和用户邮箱一起删除。在其它文件系统中的文件必"
+"须手动�索并删除。"
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+"邮箱在 <filename>login.defs</filename> 文件中的 <option>MAIL_DIR</option> �"
+"�中定义。"
+
+#: userdel.8.xml:158(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr "<option>-Z</option>, <option>--selinux-user</option>"
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr "移除用户登录的所有 SELinux 用户映射。"
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr "<option>USERDEL_CMD</option> (string)"
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+"如果定义了，这是删除账户时执行的命令。它应该移除所有属于此用户的的 at/cron/"
+"print 等作业(作为第一个�数传递)。"
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr "这个脚本的返回值并�被带到账户中去。"
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+"      "
+msgstr ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# 检查需�的�数\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# 移除 cron 作业\n"
+"crontab -r -u $1\n"
+"\n"
+"# 移除 at 作业\n"
+"# 注�这将移除所有属于�一个 UID 的作业\n"
+"# �使此 ID 由多个用户�共享\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# 移除 print 作业\n"
+"lprm $1\n"
+"\n"
+"# 全部完�\n"
+"exit 0\n"
+"      "
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+"这是一个示例脚本，它移除用户的 cron�at 和 print 作业：<placeholder-1/>"
+
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr "<option>USERGROUPS_ENAB</option> (boolean)"
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+"如果 uid 和 gid 相�，用户�和主用户�也相�，使� root 组的组掩��和属主�"
+"相� (如：022 -&gt; 002, 077 -&gt; 007)。"
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+"如果设置为 <replaceable>yes</replaceable>，如果组中没有�员了，"
+"<command>userdel</command> 将移除此用户组，<command>useradd</command> 创建用"
+"户时，也会创建一个��的默认组。"
+
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr "退出值"
+
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr "0"
+
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr "�功"
+
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum) chfn.1.xml:61(manvolnum)
+#: chage.1.xml:59(manvolnum) chage.1.xml:289(replaceable)
+msgid "1"
+msgstr "1"
+
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr "无法更新密�文件"
+
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr "2"
+
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr "无效的命令语法"
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr "6"
+
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr "指定的用户�存在"
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr "用户已�登录"
+
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr "10"
+
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr "无法更新组文件"
+
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr "12"
+
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr "无法删除主目录"
+
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>userdel</command> 命令使用如下值退出：<placeholder-1/>"
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+"如果�账户有正在�行的进程，<command>userdel</command> �会�许此账户。此时，"
+"您�能必须��死那写进程或者�定用户的密�和账户，并���删除账户。<option>-"
+"f</option> 选项�以强制此删除账户。"
+
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr "您应该手动检查所以文件系统，以确�没有�留此用户的文件。"
+
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr "您�能在 NIS 客户端上移除任何 NIS 属性。这必须在 NIS �务器上执行。"
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+"如果在 <filename>/etc/login.defs</filename> 中 <option>USERGROUPS_ENAB</"
+"option> 设置为 <emphasis remap=\"I\">yes</emphasis>， <command>userdel</"
+"command> 将删除��组。为了���� passwd 和 group 数�库，"
+"<command>userdel</command> 将会检查这个主是�被别的用户用作主组，如果有，将�"
+"�出警告并�删除此组。<option>-f</option> 选项�以强制删除此组。"
+
+#: userdel.8.xml:309(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr "useradd"
+
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr "创建一个新用户或更新默认新用户信�"
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr "-D"
+
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+"如果使用时�带 <option>-D</option> 选项，<command>useradd</command> 命令使用"
+"命令行上指定的值和系统的默认值创建一个新用户。根�命令行选项，"
+"<command>useradd</command> 命令也会更新系统文件和创建新用户的主目录并�制�始"
+"文件。"
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+"默认上，也会为用户创建组 (察看 <option>-g</option>, <option>-N</option>, "
+"<option>-U</option>，和 <option>USERGROUPS_ENAB</option>)。"
+
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr "<command>useradd</command> �以使用的选项有："
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+
+#: useradd.8.xml:133(para)
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+"如果没有使用 <option>-d</option>&nbsp;<replaceable>HOME_DIR</replaceable>，则"
+"使用默认的基目录。<replaceable>BASE_DIR</replaceable> 加上账户�就是主目录。"
+"如果没有使用 <option>-m</option> 选项，<replaceable>BASE_DIR</replaceable> 必"
+"须已�存在。"
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+"如果选项没有指定，<command>useradd</command> 将使用 <filename>/etc/default/"
+"useradd</filename> 中的 <option>HOME</option> ��，或者默认的 <filename>/"
+"home</filename>。"
+
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr "任何字符串。通常是关于登录的简短�述，当�用于用户全�。"
+
+#: useradd.8.xml:162(term)
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+"将创建新用户，并使用 <replaceable>HOME_DIR</replaceable> 作为用户登陆目录的"
+"值。默认值是将 <replaceable>LOGIN</replaceable> �附加到 "
+"<replaceable>BASE_DIR</replaceable> ��，并使用这作为登陆目录。目录�一定必"
+"须已�存在 <replaceable>HOME_DIR</replaceable>，但是会在需�时创建。"
+
+#: useradd.8.xml:178(term)
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr "<option>-D</option>, <option>--defaults</option>"
+
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr "看下边，“更改默认值��节。"
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+"如果没有指定，<command>useradd</command> 将使用 <filename>/etc/default/"
+"useradd</filename> 中 <option>EXPIRE</option> ��指定的默认过期日期，或者一"
+"个空字符串(�过期)。"
+
+#: useradd.8.xml:209(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+"密�过期�，账户被彻底�用之�的天数。0 表示立��用，-1 表示�用这个功能。"
+
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+"如果未指定，<command>useradd</command> 将使用 <filename>/etc/default/"
+"useradd</filename> 中的 <option>INACTIVE</option> 指定的默认�用周期，或者默"
+"认为 -1。"
+
+#: useradd.8.xml:228(para)
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+"用户�始登陆组的组�或��。组�必须已�存在。组��必须指代已�存在的组。"
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+"如果没有指定， <command>useradd</command> 的行为将�赖于 <filename>/etc/"
+"login.defs</filename> 文件中的 <option>USERGROUPS_ENAB</option> �数。如果此"
+"�数设置为了 <replaceable>yes</replaceable> (或者在命令行上指定了 <option>-"
+"U/--user-group</option>)，将会为用户创建一个组，组�和登录�相�。如果选项设"
+"置为了 <replaceable>no</replaceable> (或者在命令行上指定了 <option>-N/--no-"
+"user-group</option>)，useradd 会把新用户的主组设置为 <filename>/etc/default/"
+"useradd</filename> 中 <option>GROUP</option> ��指定的值，�或者默认是 100。"
+
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+"用户还属于的附加组列表。�个组都用逗�隔开，没有中间的空格。这里的组�到了 "
+"<option>-g</option> 选项给定的组�样的�制。默认上，用户�属于�始组。"
+
+#: useradd.8.xml:272(term)
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+"骨架目录，包�使用 <command>useradd</command> 创建用户时，��制到用户主目录"
+"中的文件和目录。"
+
+#: useradd.8.xml:281(para)
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr ""
+"这个选项�有在指定 <option>-m</option> (或 <option>--create-home</option>) 选"
+"项时�有效。"
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+"如果此项没有设置，骨架目录使用 <filename>/etc/default/useradd</filename> 中"
+"的 <option>SKEL</option> 的��或默认为 <filename>/etc/skel</filename>。"
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr "如果�以，也�制 ACL 和扩展属性。"
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+
+#: useradd.8.xml:301(para)
+#, fuzzy
+#| msgid ""
+#| "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+#| "option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+#| "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+#| "<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+#| "replaceable>=<replaceable>-1</replaceable> can be used when creating "
+#| "system account to turn off password ageing, even though system account "
+#| "has no password at all. Multiple <option>-K</option> options can be "
+#| "specified, e.g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+#| "<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password aging, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"默认覆盖 <filename>/etc/login.defs</filename> (<option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>UMASK</option>, <option>PASS_MAX_DAYS</"
+"option> �其它)。<placeholder-1/> 例如：<option>-K</option>&nbsp;"
+"<replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</replaceable> �以用"
+"于创建一个密��会过期的系统账户，�使系统账户没有密�。�以指定多个 "
+"<option>-K</option> 选项，如：<option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: useradd.8.xml:322(term)
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr "<option>-l</option>, <option>--no-log-init</option>"
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr "��将用户添加到最近登录和登录失败数�库。"
+
+#: useradd.8.xml:327(para)
+#, fuzzy
+#| msgid ""
+#| "By default, the user's entries in the lastlog and faillog databases are "
+#| "resetted to avoid reusing the entry from a previously deleted user."
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"reset to avoid reusing the entry from a previously deleted user."
+msgstr ""
+"默认上，最近登录和登录失败中用户的�目会被�置，以���新使用先�删除的用户"
+"的�目。"
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+"如果�存在，则创建用户主目录。骨架目录中的文件和目录(�以使用 <option>-k</"
+"option> 选项指定)，将会�制到主目录。"
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+"默认上，如果没有指定此选项并且 <option>CREATE_HOME</option> 没有�用，�会创"
+"建主目录。"
+
+#: useradd.8.xml:353(term)
+#, fuzzy
+#| msgid "<option>-m</option>, <option>--create-home</option>"
+msgid "<option>-M</option>, <option>--no-create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+"�创建用户主目录，�使系统在 <filename>/etc/login.defs</filename> 中的设置 "
+"(<option>CREATE_HOME</option>) 为 <replaceable>yes</replaceable>。"
+
+#: useradd.8.xml:366(term)
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr "<option>-N</option>, <option>--no-user-group</option>"
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+"��创建��组，而是将用户添加到 <option>-g</option> 选项指定的组，或根� "
+"<filename>/etc/default/useradd</filename> 中的 <option>GROUP</option> ��。"
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"如果没有指定 <option>-g</option>, <option>-N</option> 和 <option>-U</option> "
+"选项，默认行为由 <filename>/etc/login.defs</filename> 中的 "
+"<option>USERGROUPS_ENAB</option> ��指定。"
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr "�许使用��的 UID 创建用户账户。"
+
+#: useradd.8.xml:390(para)
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr "此选项�有和 <option>-u</option> 选项组�使用�有效。"
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+"加密了的密�，就� <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> 的返回值。默认为�用密"
+"�。"
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr "<option>-r</option>, <option>--system</option>"
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr "创建一个系统账户。"
+
+#: useradd.8.xml:425(para)
+#, fuzzy
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"系统用户创建时，�会在 <filename>/etc/shadow</filename> 中有年龄信�，数字标"
+"识符会在 <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> 之间选�，"
+"这两个值在 <filename>/etc/login.defs</filename> 中定义，而�是普通用户的 "
+"<option>UID_MIN</option>-<option>UID_MAX</option> (and their <option>GID</"
+"option> counterparts for the creation of groups)。"
+
+#: useradd.8.xml:434(para)
+#, fuzzy
+#| msgid ""
+#| "Note that <command>useradd</command> will not create a home directory for "
+#| "such an user, regardless of the default setting in <filename>/etc/login."
+#| "defs</filename> (<option>CREATE_HOME</option>). You have to specify the "
+#| "<option>-m</option> options if you want a home directory for a system "
+#| "account to be created."
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such a user, regardless of the default setting in <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>). You have to specify the <option>-"
+"m</option> options if you want a home directory for a system account to be "
+"created."
+msgstr ""
+"注�：<command>useradd</command> �会为这�用户创建主目录，无论 <filename>/"
+"etc/login.defs</filename> (<option>CREATE_HOME</option>) 中是的默认设置是怎"
+"样。如果想为�创建的系统账户创建主目录，需�指定 <option>-m</option> 选项。"
+
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+"用户的登录 shell �。默认为留空，让系统根� <filename>/etc/default/useradd</"
+"filename> 中的 <option>SHELL</option> ��选择默认的登录 shell，默认为空字符"
+"串。"
+
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+"用户 ID 的数字值。此值必须为唯一的，除�使用了 <option>-o</option> 选项。此值"
+"必须�负，默认使用大于等于 <option>UID_MIN</option>，且大于任何其他用户 ID 最"
+"�值。"
+
+#: useradd.8.xml:482(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr "请�考 <option>-r</option> 选项和 <option>UID_MAX</option> 的�述。"
+
+#: useradd.8.xml:489(term)
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr "<option>-U</option>, <option>--user-group</option>"
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr "创建一个和用户��的组，并将用户添加到组中。"
+
+#: useradd.8.xml:510(para)
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+"用户登陆的 SELinux 用户。默认为留空，这会造�系统选择默认的 SELinux 用户。"
+
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr "更改默认值"
+
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+"�带 <option>-D</option> 选项使用时，<command>useradd</command> 将显示当�的"
+"默认值。<option>-D</option> 和其它选项��使用时，<command>useradd</command> "
+"将为指定的选项更新默认值。有效的“更改默认值�选项有："
+
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+"新用户主目录的路径�缀。如果创建新账户时，没有使用 <option>-d</option> 选项，"
+"用户的�称将会缀在 <replaceable>BASE_DIR</replaceable> 的�边形�新用户的主目"
+"录�。"
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"这个选择在 <filename>/etc/default/useradd</filename> 中设置 <option>HOME</"
+"option> 选项。"
+
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr "�用此用户账户的日期。"
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"此选项在 <filename>/etc/default/useradd</filename> 中设置 <option>EXPIRE</"
+"option> ��。"
+
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr "密�过期到账户被�用之�的天数。"
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"这个选项在 <filename>/etc/default/useradd</filename> 中设置 "
+"<option>INACTIVE</option> ��。"
+
+#: useradd.8.xml:579(para)
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+"新用户�始组的组�或 ID (使用了 <option>-N/--no-user-group</option> 或者 "
+"<filename>/etc/login.defs</filename> 中的�� <option>USERGROUPS_ENAB</"
+"option> 设置为 <replaceable>no</replaceable> 时)。给出的组必须存在，并且数字"
+"组 ID 必须有一个已�存在的项。"
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"这个选项在 <filename>/etc/default/useradd</filename> 中设置 <option>GROUP</"
+"option> ��。"
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr "新用户的登录 shell �。"
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"这个选项在 <filename>/etc/default/useradd</filename> 设置 <option>SHELL</"
+"option> ��。"
+
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr "注�："
+
+#: useradd.8.xml:615(para)
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+"系统管�员负责将默认的用户文件放在 <filename>/etc/skel/</filename> 目录中(或"
+"者命令行上�<filename>/etc/default/useradd</filename> 中指定的任何其它目录)。"
+
+#: useradd.8.xml:624(para)
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr "您�能�能想 NIS 组或 LDAP 组添加用户。这�能在相应�务器上进行。"
+
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+"相似地，如果用户�已�存在于外部用户数�库中，比如 NIS 或 LDAP，"
+"<command>useradd</command> 将拒�创建用户账户的请求。"
+
+#: useradd.8.xml:635(para)
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"用户�必须以一个�写字�或下划线开始，跟��写字符�数字�下划线或连字符的组"
+"�。�以以美元符�结�。用正则表达�表示就是：[a-z_][a-z0-9_-]*[$]?"
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr "用户��能超过 32 个字符长。"
+
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "<option>CREATE_HOME</option> (boolean)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr "指示是�应该为新用户默认创建主目录。"
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr "此设置并�应用到系统用户，并且�以使用命令行覆盖。"
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+msgid "<option>GID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (number)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+msgid "<option>GID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (number)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"<command>useradd</command>，<command>groupadd</command> 或 "
+"<command>newusers</command> 创建的常规组的组 ID 的范围。"
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"<option>GID_MIN</option> 和 <option>GID_MAX</option> 的默认值分别是 1000 和 "
+"60000。"
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr "<option>PASS_MAX_DAYS</option> (number)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+"一个密��以使用的最大天数。如果密�比这旧，将会强迫更改密�。如果�指定，就"
+"�定为 -1，这会�用这个�制。"
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr "<option>PASS_MIN_DAYS</option> (number)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+"两次更改密�时间的最�间隔。将会拒�任何早于此的更改密�的�试。如果�指定，"
+"�定为 -1，将会�用这个�制。"
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr "<option>PASS_WARN_AGE</option> (number)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+"密�过期之�给出警告的天数。0 表示�有�在过期的当天警告，负值表示�警告。如"
+"果没有指定，�会给警告。"
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (number)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (number)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"<command>useradd</command>�<command>groupadd</command> 或 "
+"<command>newusers</command> 创建的系统组的组 ID 的范围。"
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+"<option>SYS_GID_MIN</option> 和 <option>SYS_GID_MAX</option> 的默认值分别是 "
+"101 和 <option>GID_MIN</option>-1。"
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (number)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (number)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+"<command>useradd</command> 或 <command>newusers</command> 创建的系统用户的用"
+"户 ID 的范围。"
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+"<option>SYS_UID_MIN</option> 和 <option>SYS_UID_MAX</option> 的默认值分别是 "
+"101 和 <option>UID_MIN</option>-1。"
+
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr "<option>TCB_AUTH_GROUP</option> (boolean)"
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+"如果为 <replaceable>yes</replaceable>，新创建的 tcb 影�文件所属的组将是 "
+"<replaceable>auth</replaceable>。"
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>UID_MAX</option> (number)"
+msgstr "<option>UID_MAX</option> (number)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>UID_MIN</option> (number)"
+msgstr "<option>UID_MIN</option> (number)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+"<command>useradd</command> 或 <command>newusers</command> 创建的普通用户的用"
+"户 ID 的范围。"
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"<option>UID_MIN</option> 和 <option>UID_MAX</option> 的默认值分别是 1000 和 "
+"60000。"
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+msgid "<option>UMASK</option> (number)"
+msgstr "<option>UMASK</option> (number)"
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr "文件模�创建掩��始化为此值。如果没有指定，掩��始化为 022。"
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+"<command>useradd</command> 和 <command>newusers</command> 使用此掩�设置它们"
+"创建的用户主目录的模�。"
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"也被 <command>login</command> 用于指定用户的�始 umask。注�，此掩��以被用"
+"户的 GECOS 行覆盖(当设置了 <option>QUOTAS_ENAB</option> 时)，也�以被带 "
+"<emphasis>K</emphasis> 指示符的 <citerefentry><refentrytitle>limits</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> 定义的�制值覆盖。"
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr "也被 <command>pam_umask</command> 用作默认 umask 值。"
+
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr "账户创建的默认值。"
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr "包�默认文件的目录。"
+
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "给了选项一个无效的�数"
+
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "UID 已�使用 (且没有 <option>-o</option>)"
+
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr "指定的组�存在"
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr "用户�已被使用"
+
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr "无法创建主目录"
+
+#: useradd.8.xml:794(replaceable)
+#, fuzzy
+#| msgid "1"
+msgid "14"
+msgstr "1"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr ""
+
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>useradd</command> �以返回如下值：<placeholder-1/>"
+
+#: useradd.8.xml:805(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr ""
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr "suauth"
+
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr "文件格�和转化"
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr "详细的 su 控制文件"
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+"执行 su 命令时，总是根� <filename>/etc/suauth</filename>，�以更改 su 命令的"
+"行为，规则是："
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, fuzzy, no-wrap
+#| msgid ""
+#| "\n"
+#| "      1) the user su is targetting\n"
+#| "    "
+msgid ""
+"\n"
+"      1) the user su is targeting\n"
+"    "
+msgstr ""
+"\n"
+"      1) su 到的用户\n"
+"    "
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr "2) 执行 su 命令的用户 (或者他�能属于的组)"
+
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr "文件格�为：以 # 开头的行视为注视，并被忽略；"
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      to-id:from-id:ACTION\n"
+"    "
+msgstr ""
+"\n"
+"      to-id:from-id:ACTION\n"
+"    "
+
+#: suauth.5.xml:101(para)
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+"此处的 to-id �以是：<emphasis>ALL</emphasis>，逗�(,) 分隔的用户�列表或者 "
+"<emphasis>ALL EXCEPT</emphasis> �跟逗�分隔的用户�列表。"
+
+#: suauth.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "from-id is formatted the same as to-id except the extra word "
+#| "<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</"
+#| "emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+#| "appears one or more group names, delimited by \",\". It is not sufficient "
+#| "to have primary group id of the relevant group, an entry in "
+#| "<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry> is neccessary."
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is necessary."
+msgstr ""
+"from-id 格�和 to-id 相�，但是�以多识别一个� <emphasis>GROUP</emphasis>。"
+"<emphasis>ALL EXCEPT GROUP</emphasis> 也是有效的。<emphasis>GROUP</emphasis> "
+"�边是一个或更多的组�称，使用逗�(,)分隔。�光�有相关主组的 ID，也需�在 "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> 中有一个�目。"
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr "动作��以使用如下当�支�的选项。"
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr "DENY"
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr "su 的�试在询问密�之�就被拒�。"
+
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr "NOPASS"
+
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr "su �试自动�功，而且�询问密�。"
+
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr "OWNPASS"
+
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr "为了�功执行 su，用户必须�供自己的密�。将会�示他们这样。"
+
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+"注�，有三个用冒�分割的字段。冒��边�能有空格。也请注�，这个文件会被一行"
+"一行地�次检查，会使用第一个�用的规则，而�会继续检查文件。这�以让系统管�"
+"员使系统尽�符�其期望。"
+
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr "示例"
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      # sample /etc/suauth file\n"
+"      #\n"
+"      # A couple of privileged usernames may\n"
+"      # su to root with their own password.\n"
+"      #\n"
+"      root:chris,birddog:OWNPASS\n"
+"      #\n"
+"      # Anyone else may not su to root unless in\n"
+"      # group wheel. This is how BSD does things.\n"
+"      #\n"
+"      root:ALL EXCEPT GROUP wheel:DENY\n"
+"      #\n"
+"      # Perhaps terry and birddog are accounts\n"
+"      # owned by the same person.\n"
+"      # Access can be arranged between them\n"
+"      # with no password.\n"
+"      #\n"
+"      terry:birddog:NOPASS\n"
+"      birddog:terry:NOPASS\n"
+"      #\n"
+"    "
+msgstr ""
+"\n"
+"      # 示例 /etc/suauth 文件\n"
+"      #\n"
+"      # 有两个用户�以使用自己的密� su � root\n"
+"      #\n"
+"      root:chris,birddog:OWNPASS\n"
+"      #\n"
+"      # 任何其他人都�能 su � root，除�在 wheel 组中。\n"
+"      # BSD 就是这样实现这个功能的。\n"
+"      #\n"
+"      root:ALL EXCEPT GROUP wheel:DENY\n"
+"      #\n"
+"      # 或许 terry 和 birddog 是属于�一个人的账户\n"
+"      # 两个账户直接互相 su，�需�密�\n"
+"      #\n"
+"      terry:birddog:NOPASS\n"
+"      birddog:terry:NOPASS\n"
+"      #\n"
+"    "
+
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr "缺陷"
+
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+"�能会有很多潜在问题。文件解�器尤其�能容�语法错误，�能有无�义的空白符(除"
+"了行首和行尾)，并且使用特定的标记分割��的事情。"
+
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr ""
+
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+"此文件的解�错误会使用 <citerefentry><refentrytitle>syslogd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> 作为 AUTH 中的 ERR 级别"
+"报告。"
+
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib) passwd.1.xml:48(contrib)
+#: login.1.xml:74(contrib) faillog.8.xml:41(contrib) faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr ""
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr "su"
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr "用户命令"
+
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr "更改用户 ID 或�为超级用户"
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr "用户�"
+
+#: su.1.xml:100(para)
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+"<command>su</command> 用于让用户在登录期间���外一个用户。�边�带 "
+"<option>username</option> 使用时，<command>su</command> 默认会��超级用户。"
+"�选的选项 <option>-</option>，�以用于�供一个类似于用户直接登录的环境，用户"
+"�能期望是这样的。"
+
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+"附加�数�以在用户�之��供，这时，将会把他们�供给用户的登录 shell。特别"
+"地，�数 <option>-c</option> 将会使下一个�数被多数命令解释器视为命令。这个命"
+"令会被 <filename>/etc/passwd</filename> 中为目标用户指定的 shell 执行。"
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+"您�以使用 <option>--</option> �数将 <command>su</command> 选项和�供给 "
+"shell 的�数分隔开�。"
+
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+"如果�适，将�示用户输入一个密�。输入无效的密�会产生一个错误消�。所有的�"
+"试，无论�功还是失败，都会被记录，以检测对系统的滥用。"
+
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"当�环境会传递给新 shell。对于普通用户，<envar>$PATH</envar> 的值�置为 "
+"<filename>/bin:/usr/bin</filename>，而对于超级用户则是 <filename>/sbin:/bin:/"
+"usr/sbin:/usr/bin</filename>。这会� <filename>/etc/login.defs</filename> 中"
+"的 <option>ENV_PATH</option> 和 <option>ENV_SUPATH</option> 值改�。"
+
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+"在登录 shell 中以第一个字符是“*�标注的是�系统登录。给定的主目录将被用于用户"
+"实际登录的新文件系统的根。"
+
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr "<command>su</command> 命令�以接�的选项有："
+
+#: su.1.xml:150(term)
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr "通过使用其 <option>-c</option> 选项，指定一个由 shell �行的命令。"
+
+#: su.1.xml:158(para)
+#, fuzzy
+#| msgid ""
+#| "The executed command will have no controlling terminal. This option "
+#| "cannot be used to execute interractive programs which need a controlling "
+#| "TTY."
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+"执行的命令将�会拥有控制终端。此选项�能用于执行需�控制 TTY 的交互程�。"
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr "�供一个类似于用户直接登录的环境，用户�能会希望这样。"
+
+#: su.1.xml:176(para)
+#, fuzzy
+#| msgid ""
+#| "When <option>-</option> is used, it must be specified as the last "
+#| "<command>su</command> option. The other forms (<option>-l</option> and "
+#| "<option>--login</option>) do not have this restriction."
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+"使用了 <option>-</option> 时，它必须是 <command>su</command> 的最�一个�数。"
+"其它形�(<option>-l</option> 和 <option>--login</option>) 没有这个�制。"
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr "将使用的 shell。"
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr "通过 --shell 指定的 shell。"
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+"如果使用了 <option>--preserve-environment</option>，shell 将由 <envar>"
+"$SHELL</envar> 环境��指定。"
+
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr "在 <filename>/etc/passwd</filename> 的相应项中为目标用户指定的 shell。"
+
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr ""
+"如果无法通过以上办法找到一个 shell，则使用 <filename>/bin/sh</filename>。"
+
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr "使用的 shell 在如下中选择(高优先级在�)：<placeholder-1/>"
+
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+"如果目标用户的 shell 是有�制的(�，<filename>/etc/passwd</filename> 中用户项"
+"中的 shell 字段没有在 <filename>/etc/shells</filename> 中列出)，那么 "
+"<option>--shell</option> 选项或 <envar>$SHELL</envar> 环境���会带入账户，"
+"除� <command>su</command> 是被 root 调用的。"
+
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr "$PATH"
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+"根� <filename>/etc/login.defs</filename> 中的 <option>ENV_PATH</option> or "
+"<option>ENV_SUPATH</option> 选项�设 (请往下看)"
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr "$IFS"
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+"如果已�设置了，�设 <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>。"
+
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr "�留当�环境，除�：<placeholder-1/>"
+
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+"如果用户的 shell ��，此选项无效 (除�是 root 调用的 <command>su</"
+"command>)。"
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, 和 <envar>$IFS</envar> 这些环"
+"境��会被�置。"
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr "如果没有使用 <option>--login</option>，�制环境，上述几个��除外。"
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+"如果使用了 <option>--login</option>，如果设置了 <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar> 和 <envar>$XAUTHORITY</envar>，这"
+"些环境��也会被�置。"
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+"如果使用了 <option>--login</option>，环境�� <envar>$TZ</envar>, <envar>"
+"$HZ</envar>, and <envar>$MAIL</envar> 也会根� <filename>/etc/login.defs</"
+"filename> 中的选项 <option>ENV_TZ</option>, <option>ENV_HZ</option>, "
+"<option>MAIL_DIR</option> 和 <option>MAIL_FILE</option> �置 (请看下边)。"
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+"如果使用了 <option>--login</option>，其它环境���能会根� "
+"<option>ENVIRON_FILE</option> 文件�设置(请看下边)。"
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr "其它环境�能由 PAM 模�设置。"
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr "注�，环境的默认行为如下：<placeholder-1/>"
+
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"此版本的 <command>su</command> 有很多编译选项，在�些机器上，�能�使用了其中"
+"的一部分。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE</option> (string)"
+msgstr "<option>CONSOLE</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+"如果定义了，或者是包�设备�(没行一个)的文件的完整路径�，或者是“:�分隔的设备"
+"�列表。将�会在这写设备上�许 root 登录。"
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr "如果没有定义，�以在任何设备上使用 root。"
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr "指定的设备时�带 /dev/ �缀。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr "<option>CONSOLE_GROUPS</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+"在控制�登录时，添加到用户附加组集中的组列表(就如 CONSOLE 所确定的)。默认是"
+"无。<placeholder-1/> 使用时需�注�：这�能使用户获�这些组的永久��，甚至登"
+"录到的�是此控制�时。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr "<option>DEFAULT_HOME</option> (boolean)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr "如果�能 cd 到主目录时，说明是��许登录。默认是�。"
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+"如果设置为 <replaceable>yes</replaceable>，如果�能 cd 到主目录时，用户将会登"
+"录到根目录(<filename>/</filename>)。"
+
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "<option>ENV_HZ</option> (string)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+"如果设置了，将会用于在用户登录时定义 HZ 环境��。值必须以 <replaceable>HZ=</"
+"replaceable> 开头。Linux 上的常用值是 <replaceable>HZ=100</replaceable>。"
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+"<envar>HZ</envar> 环境���有当用户(超级用户)使用 <command>sulogin</"
+"command> 登录时�设置。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr "<option>ENVIRON_FILE</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+"如果此文件存在，并且�读，将会从中读�登录环境。所有行都必须是 name=value 的"
+"格�。"
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr "以 # 开头的行将视为注释，并被忽略。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_PATH</option> (string)"
+msgstr "<option>ENV_PATH</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+#| msgid ""
+#| "If set, it will be used to define the PATH environment variable when a "
+#| "regular user login. The value can be preceded by <replaceable>PATH=</"
+#| "replaceable>, or a colon separated list of paths (for example "
+#| "<replaceable>/bin:/usr/bin</replaceable>). The default value is "
+#| "<replaceable>PATH=/bin:/usr/bin</replaceable>."
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+"如果设置了，它将用于定义普通用户登录时的 PATH 环境��。此值�以用 "
+"<replaceable>PATH=</replaceable> 开头，或者是冒�分隔的路径列表 (例如 "
+"<replaceable>/bin:/usr/bin</replaceable>)。默认的值是 <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr "<option>ENV_SUPATH</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+#| msgid ""
+#| "If set, it will be used to define the PATH environment variable when the "
+#| "superuser login. The value can be preceded by <replaceable>PATH=</"
+#| "replaceable>, or a colon separated list of paths (for example "
+#| "<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>). The default "
+#| "value is <replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+"如果设置了，它将用于定义超级用户登录时的 PATH 环境��。此值�以用 "
+"<replaceable>PATH=</replaceable> 开头，或者是冒�分隔的路径列表 (例如 "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>)。默认值是 "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_TZ</option> (string)"
+msgstr "<option>ENV_TZ</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+"如果设置了，它将用于在用户登录时定义 TZ 环境��。此值�以是以 "
+"<replaceable>TZ=</replaceable> 开头的时区�(例如 <replaceable>TZ=CST6CDT</"
+"replaceable>)，或者是包�时区规则的文件完整路径(例如 <filename>/etc/tzname</"
+"filename>)。"
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+"如果将完整路径指定为了一个�存在或��读的文件，则默认使用 "
+"<replaceable>TZ=CST6CDT</replaceable>。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr "<option>LOGIN_STRING</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+"此字符串用于�示输入密�。默认是 \"Password: \"，或者翻译了的结果(汉语中翻译"
+"为了“密�：�)。如果设置了此��，�示�会被翻译。"
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr "如果字符串包� <replaceable>%s</replaceable>，将会被用户�替�。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr "<option>MAIL_CHECK_ENAB</option> (boolean)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr "�用登录时检查和现实邮箱状�。"
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+"如果 shell 的�动文件已�检查了邮件(\"mailx -e\" 或者其它�功能的工具)，您应"
+"该�用它。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr "<option>QUOTAS_ENAB</option> (boolean)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+#| msgid ""
+#| "Enable setting of ulimit, umask, and niceness from passwd gecos field."
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr "�许在 passwd 的 gecos 字段设置 ulimit�umask 和 niceness。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr "<option>SULOG_FILE</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr "如果定义了，所有的 su 活动都会记录到此文件。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SU_NAME</option> (string)"
+msgstr "<option>SU_NAME</option> (string)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+"如果定义了，就是�行“su -�时显示的命令�称。例如，如果定义为“su�，那么“ps�会"
+"显示此命令为“-su�。如果没有定义，“ps�将会显示实际执行的 shell，例如类似于“-"
+"sh�。"
+
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr "<option>SU_WHEEL_ONLY</option> (boolean)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+"如果为 <replaceable>yes</replaceable>，用户必须在 <filename>/etc/group</"
+"filename> 中别设定为 GID 为 0 的组(在大部分 Linux 上� <replaceable>root</"
+"replaceable>)的�员。"
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SU_ENAB</option> (boolean)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr "除了 sulog 文件日志，也为 <command>su</command> 活动�用“syslog�日志。"
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr "�功时，<command>su</command> 返回执行的命令的退出值。"
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr "如果命令被信�结�，<command>su</command> 返回此信�的编�加 128。"
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+"如果 su 必须��死此命令(因为已��求它结�，�是�没有�时结�)，"
+"<command>su</command> 返回 255。"
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr "�功 (�有 <option>--help</option>)"
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr "系统或者认�失败"
+
+#: su.1.xml:422(replaceable)
+msgid "126"
+msgstr "126"
+
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr "�求的命令�存在"
+
+#: su.1.xml:428(replaceable)
+msgid "127"
+msgstr "127"
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr "请求的命令�能执行"
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr "<command>su</command> 中的�些退出值与执行的命令无关：<placeholder-1/>"
+
+#: su.1.xml:439(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr "sg"
+
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr "以��的组 ID 执行命令"
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr "-"
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr "-c"
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr "组 <placeholder-1/> 命令"
+
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+"<command>sg</command> 命令类似于 <command>newgrp</command>，但是�以接�一个"
+"命令。这个命令将会使用 <filename>/bin/sh</filename> shell �执行。对于您�以"
+"使用 <command>sg</command> �动的多数 shell，您需�将多个�的命令用引�引起"
+"�。<command>newgrp</command> 和 <command>sg</command> 之间的�外一个��点是"
+"�些 shell 对 <command>newgrp</command> 有特殊对待，会使用 <command>newgrp</"
+"command> 创建的一个新的 shell 实例替�自身。这�会�生在 <command>sg</"
+"command> 身上，所以从 <command>sg</command> 退出�，您会返回到先�的组 ID。"
+
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SG_ENAB</option> (boolean)"
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr "�许“syslog�记录 <command>sg</command> 的活动。"
+
+#: sg.1.xml:141(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr "shadow"
+
+#: shadow.5.xml:65(refpurpose)
+msgid "shadowed password file"
+msgstr "影�化了的密�文件"
+
+#: shadow.5.xml:70(para)
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+"<filename>shadow</filename> 是一个文件，它包�系统账户的密�信�和�选的年龄"
+"信�。"
+
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr "如果没有维护好密�安全，此文件�对�能让普通用户�读。"
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+"此文件的�行包括 9 个字段，使用�角冒� (<quote>:</quote>) 分隔，顺�如下："
+
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr "登录�"
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr "必须是有效的账户�，且已�存在于系统中。"
+
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr "加密了的密�"
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+"请�考 <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> �了解关于解�此字符串的细节信�。"
+
+#: shadow.5.xml:103(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+"如果密�字段包�一些�是 <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> �法结果的字符，比如 ! "
+"或 *，用户将无法使用 unix 密�登录(但是�以通过其它方法登录系统)。"
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+"此字段�以为空，此时认�为特定的登录�时，��求密�。然而，一些读� "
+"<filename>/etc/shadow</filename> 文件的应用程�，在密�字段为空时，�能决定�"
+"止任何访问。"
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+#, fuzzy
+#| msgid ""
+#| "A password field which starts with a exclamation mark means that the "
+#| "password is locked. The remaining characters on the line represent the "
+#| "password field before the password was locked."
+msgid ""
+"A password field which starts with an exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+"以��开始的密�字段�味�密�被�定。该行的剩余字符表示�定之�的密�。"
+
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr "最�一次更改密�的日期"
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr "最近一次更改密�的时间，表示从1970年1月1日开始的天数。"
+
+#: shadow.5.xml:134(para)
+#, fuzzy
+#| msgid ""
+#| "The value 0 has a special meaning, which is that the user should change "
+#| "her pasword the next time she will log in the system."
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"password the next time she will log in the system."
+msgstr "0 有特殊��，表示用户应该在下次登录系统时更改密�。"
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr "空字段表示密�年龄功能被�用。"
+
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr "密�的最�年龄"
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+"最�密�年龄是指，用户一次更改密�之�，�等多长时间��次被�许更改密�。"
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr "空字段或 0 表示没有最�密�年龄。"
+
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr "最大密�年龄"
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr "最大密�年龄是指，这写天之�，用户必须更改密�。"
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr "这写天之�，密��然�用。用户将会在下次登录的时候被�求更改密�。"
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+"空字段表示没有最大密�年龄，没有密�警告时间段，没有密��用时间段(请看下"
+"边)。"
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr "如果最大密�年龄�于最�密�年龄，用户将会�能更改密�。"
+
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr "密�警告时间段"
+
+#: shadow.5.xml:187(para)
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr "密�过期之�，��警告用户的的天数(请�考上边的密�的最大年龄)。"
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr "空字段或者 0 表示没有密�警告期。"
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr "密��用期"
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+"密�过期(查看上边的密�最大年龄)�，�然接�此密�的天数(在此期间，用户应该在"
+"下次登录时修改密�)。"
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+"密�到期并且过了这个宽�期之�，使用用户的当�的密�将会�能登录。用户需��"
+"系系统管�员。"
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr "空字段表示没有强制密�过期。"
+
+#: shadow.5.xml:222(emphasis)
+msgid "account expiration date"
+msgstr "账户过期日期"
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr "账户过期的日期，表示从1970年1月1日开始的天数。"
+
+#: shadow.5.xml:229(para)
+#, fuzzy
+#| msgid ""
+#| "Note that an account expiration differs from a password expiration. In "
+#| "case of an acount expiration, the user shall not be allowed to login. In "
+#| "case of a password expiration, the user is not allowed to login using her "
+#| "password."
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an account expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+"注�，账户过期��于密�过期。账户过期时，用户将�被�许登录；密�过期时，用"
+"户将�被�许使用其密�登录。"
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr "空字段表示账户永�过期。"
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr "应该��使用 0，因为它既能�解�永�过期也能�解�在1970年1月1日过期。"
+
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr "�留字段"
+
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr "此字段�留作将�使用。"
+
+#: shadow.5.xml:270(filename)
+msgid "/etc/shadow-"
+msgstr "/etc/shadow-"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr "/etc/shadow 的备份文件。"
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+"注�，此文件由 shadow 工具集使用，而�是所有的用户和密�管�工具都会使用。"
+
+#: shadow.5.xml:284(para)
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr "库函数调用"
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr "getspnam"
+
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr "加密密�文件工具函数"
+
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "SYNTAX"
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr "#include &lt;shadow.h&gt;"
+
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr "struct spwd *getspent();"
+
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr "struct spwd *getspnam(char"
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr "*name"
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ");"
+
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr "void setspent();"
+
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr "void endspent();"
+
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr "struct spwd *fgetspent(FILE"
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr "*fp"
+
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr "struct spwd *sgetspent(char"
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr "*cp"
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr "int putspent(struct spwd"
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr "*p,"
+
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr "FILE"
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr "int lckpwdf();"
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr "int ulckpwdf();"
+
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+"<emphasis remap=\"I\">shadow</emphasis> 处� shadow 密�文件 <filename>/etc/"
+"shadow</filename> 的内容。<emphasis remap=\"I\">#include</emphasis> 文件中的"
+"结构是："
+
+#: shadow.3.xml:124(programlisting)
+#, fuzzy, no-wrap
+msgid ""
+"struct spwd {\n"
+"      char\t\t*sp_namp; /* user login name */\n"
+"      char\t\t*sp_pwdp; /* encrypted password */\n"
+"      long int\t\tsp_lstchg; /* last password change */\n"
+"      long int\t\tsp_min; /* days until change allowed. */\n"
+"      long int\t\tsp_max; /* days before change required */\n"
+"      long int\t\tsp_warn; /* days warning for expiration */\n"
+"      long int\t\tsp_inact; /* days before account inactive */\n"
+"      long int\t\tsp_expire; /* date when account expires */\n"
+"      unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+"    "
+msgstr ""
+"struct spwd {\n"
+"      char\t\t*sp_namp; /* 用户登录� */\n"
+"      char\t\t*sp_pwdp; /* 加密过的密� */\n"
+"      long int\t\tsp_lstchg; /* 最近密�更改日期 */\n"
+"      long int\t\tsp_min; /* 到�许更改密�还有多少天 */\n"
+"      long int\t\tsp_max; /* 到�求更改密�还有多少天 */\n"
+"      long int\t\tsp_warn; /* 警告过期的天数 */\n"
+"      long int\t\tsp_inact; /* 账户�活动之�的天数 */\n"
+"      long int\t\tsp_expire; /* 账户过期的日期 */\n"
+"      unsigned long int\tsp_flag; /* �留�以�使用 */\n"
+"}\n"
+"    "
+
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr "�个字段的�义是："
+
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr "sp_namp - 指�以 null 结�的用户�的指针"
+
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr "sp_pwdp - 指� null 结�的密�的指针"
+
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr "sp_lstchg - 最近更改密�的日期(日期计算方法是从1970年1月1日开始的天数)"
+
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr ""
+
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr ""
+
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr ""
+
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+"<emphasis>setspent</emphasis> 和 <emphasis>endspent</emphasis> 分别用�开始和"
+"结�对影�密�文件的访问。"
+
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+"需�使用 <emphasis>lckpwdf</emphasis> 和 <emphasis>ulckpwdf</emphasis> 函数�"
+"确�对 <filename>/etc/shadow</filename> 文件的互斥访问。<emphasis>lckpwdf</"
+"emphasis> 使用 <emphasis>pw_lock</emphasis> �获�一个最长为 15 秒的�，然�"
+"继续使用 <emphasis>spw_lock</emphasis> �获�长度为开始的 15 秒时间的剩余�的"
+"第二把�。总计 15 秒之�，无论哪个失败，<emphasis>lckpwdf</emphasis> 都返回 "
+"-1。两把�都获��功时，返回 0。"
+
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+"如果没有更多�目了或者处�时出错，此函数返回 NULL。使用 <emphasis>int</"
+"emphasis> 类型返回值的函数返回 0 表示�功，-1 表示失败。"
+
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr "这些函数�能由超级用户使用，因为对影�密�文件的访问是��的。"
+
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr "pwconv"
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command) login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr "pwunconv"
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command) login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr "grpconv"
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command) login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr "grpunconv"
+
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr "在影�密�和组以�其它直接转�"
+
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+"<command>pwconv</command> 命令使用 <emphasis remap=\"I\">passwd</emphasis> 以"
+"��选并已�存在的 <emphasis remap=\"I\">shadow</emphasis> �创建 <emphasis "
+"remap=\"I\">shadow</emphasis>。"
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+"<command>pwconv</command> �能在�用 <option>USE_TCB</option> 时�能工作。�"
+"转�到 tcb 密�，您首先需�通过在 <filename>login.defs</filename> �用 "
+"<option>USE_TCB</option> 并使用 <command>pwconv</command> 转�到影�密�，然"
+"��使用 <command>tcb_convert</command> 转�到 tcb 密�(并且在 "
+"<filename>login.defs</filename> 中�新�用 <option>USE_TCB</option>)。"
+
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+"<command>pwunconv</command> 命令使用 <emphasis remap=\"I\">passwd</emphasis> "
+"和 <emphasis remap=\"I\">shadow</emphasis> �创建 <emphasis remap=\"I"
+"\">passwd</emphasis>，然�移除 <emphasis remap=\"I\">shadow</emphasis>。"
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+"<command>pwunconv</command> 在�用 <option>USE_TCB</option> 时�能工作。首先"
+"需�使用 <command>tcb_unconvert</command> 从 tcb 切�回影�密�，然�使用 "
+"<command>pwunconv</command> 在 <filename>login.defs</filename> 中�用 "
+"<option>USE_TCB</option>。"
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+"<command>grpconv</command> 从 <emphasis remap=\"I\">group</emphasis> 和�能存"
+"在的 <emphasis remap=\"I\">gshadow</emphasis> 创建 <emphasis remap=\"I"
+"\">gshadow</emphasis>。"
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+"<command>grpunconv</command> 命令从 <emphasis remap=\"I\">group</emphasis> "
+"和 <emphasis remap=\"I\">gshadow</emphasis> 创建 <emphasis remap=\"I"
+"\">group</emphasis>，然�移除 <emphasis remap=\"I\">gshadow</emphasis>。"
+
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+"这四个程�都�以�作普通或影�密�和组文件：<filename>/etc/passwd</"
+"filename>, <filename>/etc/group</filename>, <filename>/etc/shadow</filename> "
+"和 <filename>/etc/gshadow</filename>。"
+
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+"转��，�个程�都会获�需�的�。<command>pwconv</command> 和 "
+"<command>grpconv</command> 也类似。首先删除，存在于在影�文件中，但在主文件中"
+"�没有的�目；然�，更新在主文件中�使用“x�作为密�的影��目，会添加所有缺失"
+"的�目；最�，将主文件中的密�替�为“x�。这两个工具�以用于�始转�以�根�手"
+"动编辑的主文件更新影�文件。"
+
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+"<command>pwconv</command> � <filename>/etc/shadow</filename> 添加�目时，将"
+"使用<filename>/etc/login.defs</filename> 中的 <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis> "
+"和 <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> 值。"
+
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+"<command>pwunconv</command> 和 <command>grpunconv</command> 与此类似。主文件"
+"中的密�会根�影�文件更新。在主文件中存在，但�在影�文件中的�目�独留下。"
+"最�，移除影�文件。一些密�年龄信�会因为 <command>pwunconv</command> 而丢"
+"失。它�转�它�以转�的。"
+
+#: pwconv.8.xml:188(para)
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+"<command>pwconv</command>, <command>pwunconv</command>, <command>grpconv</"
+"command> 和 <command>grpunconv</command> 命令�以接�的选项有："
+
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+"在 passwd 或 group 文件中有错误(比如，有���目)�能会造�这些程�死循环或者"
+"以奇怪的方�失败。在转�自，或转�到影�密�或组文件�，请�行 "
+"<command>pwck</command> 和 <command>grpck</command> �修正此类错误。"
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+"<filename>/etc/login.defs</filename> 中的如下�置��改� <command>grpconv</"
+"command> 和 <command>grpunconv</command> 的行为："
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+"<filename>/etc/login.defs</filename> 中的如下�置��改� <command>pwconv</"
+"command> 的行为："
+
+#: pwconv.8.xml:263(para)
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr ""
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr "pwck"
+
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr "检查密�文件的完整性"
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command) login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr "passwd"
+
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+"<command>pwck</command> 命令检查用户�其认�信�的完整性。它检查 <filename>/"
+"etc/passwd</filename> 和 <filename>/etc/shadow</filename><phrase condition="
+"\"tcb\">(或者在 <option>USE_TCB</option> �用时，<filename>/etc/tcb</"
+"filename> 中的文件)</phrase> 格�正确�数�有效。将会�示用户删除格��正确或"
+"者有其它错误的项。"
+
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr "检查的项目有："
+
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr "正确的字段数"
+
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr "一个唯一且有效的用户�"
+
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr "一个有效的用户和组标识符"
+
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr "有效的主组"
+
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr "有效的主目录"
+
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr "有效的登录 shell"
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+"当指定第二个文件�数或 <filename>/etc/shadow</filename> 在系统中存在时，�用 "
+"<filename>shadow</filename> 检查。"
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr "这些检查是："
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr "�个密�项都有对应的影�相，�之亦然。"
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr "密�在影�化了的文件中指定"
+
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr "影�项有正确的字段数。"
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr "影�项在影�文件中是唯一的"
+
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr "最�一次的密�更改时间�是被设�了一个将�的时间。"
+
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+"�作 <filename>/etc/passwd</filename> 文件的这些命令�能警告��或��的�"
+"目，这些情况下，应该使用 <command>pwck</command> �移除这写有问题的�目。"
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr "<option>-r</option> 和 <option>-s</option> 选项�能��使用。"
+
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr "<command>pwck</command> 选项�以接�的选项有："
+
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr "�报告错误。�显示那些�需�用户�作的警告。"
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr "<option>-r</option>, <option>--read-only</option>"
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr "在�读模�下执行 <command>pwck</command>。"
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr "<option>-s</option>, <option>--sort</option>"
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+"根� UID 在 <filename>/etc/passwd</filename> 和 <filename>/etc/shadow</"
+"filename> 对项目进行排�。"
+
+#: pwck.8.xml:227(para)
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr "�用 <option>USE_TCB</option> 是，本选项无效。"
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+"默认上，<command>pwck</command> �作文件 <filename>/etc/passwd</filename> 和 "
+"<filename>/etc/shadow</filename><phrase condition=\"tcb\"> (或者在 "
+"<filename>/etc/tcb</filename> 中的文件)</phrase>。用户也�以使用 "
+"<replaceable>passwd</replaceable> 和 <replaceable>shadow</replaceable> �数�"
+"选择替代文件。"
+
+#: pwck.8.xml:243(para)
+#, fuzzy
+#| msgid ""
+#| "Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+#| "alternative <replaceable>shadow</replaceable> file. In future releases, "
+#| "this paramater could be replaced by an alternate TCB directory."
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"parameter could be replaced by an alternate TCB directory."
+msgstr ""
+"注�，<option>USE_TCB</option> �用时，您�能指定�外的 <replaceable>shadow</"
+"replaceable>。以�的版本中，此�数�能会被替��一个�外的 TCB 目录。"
+
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr "一个或多个错误的密��目"
+
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr "无法打开密�文件"
+
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr "无法�定密�文件"
+
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr "无法更新密�文件"
+
+#: pwck.8.xml:336(para)
+msgid "can't sort password files"
+msgstr "无法在密�文件中排�"
+
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>pwck</command> 命令有如下返回值：<placeholder-1/>"
+
+#: pwck.8.xml:345(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr "porttime"
+
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr "端�访问时间文件"
+
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+"<emphasis remap=\"I\">porttime</emphasis> 包�一个 tty 设备�用户�和�许登录"
+"时间的列表。"
+
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+"�项包�三个由冒�分隔的字段。第一个字段是逗�分隔的 tty 设备列表，或者星�表"
+"示匹�所有终端。第二个字段是逗�分隔的用户�列表，或者星�表示匹�所有用户"
+"�。第三个字段是逗�分隔的访问许�时间。"
+
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+"��访问时间包�一周的 0 天或多天，缩写为 <emphasis>Su</emphasis>, "
+"<emphasis>Mo</emphasis>, <emphasis>Tu</emphasis>, <emphasis>We</emphasis>, "
+"<emphasis>Th</emphasis>, <emphasis>Fr</emphasis> 和 <emphasis>Sa</emphasis>，"
+"��是连字符分隔的一组时间，缩写 <emphasis>Wk</emphasis> �以用于表示周一到周"
+"五，<emphasis>Al</emphasis> �以用于表示没一天。如果没有制定周几，将会�定为 "
+"<emphasis>Al</emphasis>。"
+
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "示例"
+
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+"下�的�目�许在工作日的上��点到下�五点在任何端�上访问用户 <emphasis "
+"remap=\"B\">jfh</emphasis>。"
+
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr "*:jfh:Wk0900-1700"
+
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+"下�这�任何时间，��许用户 <emphasis>root</emphasis> 和 <emphasis>oper</"
+"emphasis> 在 <filename>/dev/console</filename> 登录。这也是说 <filename>/etc/"
+"porttime</filename> 文件是一个访问时间的有�列表。任何匹�第二�的其他用户都"
+"�会被�许访问。"
+
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+msgstr ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+"如下项�许，在�工作时间在任何端�上使用用户 <emphasis>games</emphasis>。"
+
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr "*:games:Wk1700-0900,SaSu0000-2400"
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr "/etc/porttime"
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr "包�了端�访问信�的文件。"
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr "密�文件"
+
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+"<filename>/etc/passwd</filename> 为�个用户账户包�一行，包�使用冒� "
+"(<quote>:</quote>) 分隔的七个字段，分别是："
+
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr "�选的加密�的密�"
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr "数字用户 ID"
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr "数字组 ID"
+
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr "用户�和注释字段"
+
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr "用户主目录"
+
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr "�选的用户命令解释器"
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+"加密的密�字段�以为空，此时使用指定的登录�登录时�会�求认�。然而，如果 "
+"<emphasis>password</emphasis> 为空，一些读� <filename>/etc/passwd</"
+"filename> 文件的程��能会��许  <emphasis>任何</emphasis> 访问。如果 "
+"<emphasis>password</emphasis> 字段是一个�写的 <quote>x</quote>，那么加密的密"
+"�实际上存储于 <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> 中；在 <filename>/etc/"
+"shadow</filename> 文件中 <emphasis>必须</emphasis> 有对应的行，�则用户账户就"
+"会无效。如果 <emphasis>password</emphasis> 字段是其他任何字符串，将会被视为加"
+"密过的密�，如 <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry> 中的说明。"
+
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"此注释字段被多个系统工具使用，例如 <citerefentry><refentrytitle>finger</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>。"
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+"主目录字段�供了�始工作目录的�称。<command>login</command> 程�根�此信�设"
+"置 <envar>$HOME</envar> 环境��。"
+
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+"命令解释器字段�供了用户命令语言解释器的�称，或者开始时执行的程�的�称。"
+"<command>login</command> 程�使用此信�设置 <envar>$SHELL</envar> 环境��的"
+"值。如果字段为空，默认值为 <filename>/bin/sh</filename>。"
+
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr "�选的加密�的密�文件"
+
+#: passwd.5.xml:156(filename)
+msgid "/etc/passwd-"
+msgstr "/etc/passwd-"
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr "/etc/passwd 的备份文件。"
+
+#: passwd.5.xml:170(para)
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr "更改用户密�"
+
+#: passwd.1.xml:89(para)
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+"<command>passwd</command> 命令用�更改用户账户的密�。普通用户通常�更改其自"
+"己账户的密�，而超级用户�以更改任何账户的密�。<command>passwd</command> 也"
+"更改账户或相关的密�有效期。"
+
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr "密�更改"
+
+#: passwd.1.xml:99(para)
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+"如果有旧密�，首先�示用户输入旧密�。加密这个密�然�和存储的密�进行比较。"
+"用户�有一次机会输入正确密�。�许超级用户略过这个步骤，以便更改忘记了的密"
+"�。"
+
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+"输入了密�之�，会检查密�年龄信�，以查看此时是��许用户更改密�。如果��"
+"许，<command>passwd</command> 拒�更改密�，然�退出。"
+
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+"�示用户输入两次新密�。第二次和第一次进行比较，并且需�相��能更改密�。"
+
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+"然�，测试密�的负责程度。一般�讲，密�应该包� 6 到 8 �字符，从下边的一个"
+"或多个集�中选择："
+
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr "�写字�"
+
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr "数字 0 到 9"
+
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr "标点符�"
+
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+"必须�留��能包�系统默认的擦除和�死字符。<command>passwd</command> 会拒�"
+"��度�满足�求的密�。"
+
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr "关于用户密�的�示"
+
+#: passwd.1.xml:148(para)
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+"密�的安全性�赖于加密算法的强度和密钥空间的大�。旧的 <emphasis>UNIX</"
+"emphasis> 系统加密算法基于 NBS DES 算法。推�使用更新的算法(查看 "
+"<option>ENCRYPT_METHOD</option>)。密钥空间的大��赖于选择的密�的�机性。"
+
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+"由于粗心地或处�选择密�，会��密�的安全。由于这个原因，您�应该选择出现在"
+"�典中或者必须�写下��能记�的密�。密�也�应该是一个�字�许����生日"
+"或者街��。所有这些�以用于猜测��害系统安全。"
+
+#: passwd.1.xml:166(para)
+#, fuzzy
+#| msgid ""
+#| "You can find advices on how to choose a strong password on http://en."
+#| "wikipedia.org/wiki/Password_strength"
+msgid ""
+"You can find advice on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+"您�以在在 http://zh.wikipedia.org/zh-cn/密�强度 找到怎样选择强壮密�的建"
+"议。"
+
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr "<command>passwd</command> 命令�以接�的选项有："
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr "此选项�能和 <option>-S</option> 一起使用，�显示所有用户的状�。"
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+"删除用户密�(让它为空)。这是�用一个用户密�的快速方法。它将设置给出�称的账"
+"户。"
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr "让一个账户的密�立�过期。这�以强制一个用户下次登录时更改密�。"
+
+#: passwd.1.xml:220(term)
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+"此选项用于在密�过期一定天数之��用账户。一个用户账户密�已�过期 "
+"<replaceable>INACTIVE</replaceable> 天之�，用户将�能�登录进账户。"
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+#: passwd.1.xml:237(para)
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+"表示密�更改�应该因为认��令(密�)过期更改。用户希望��他们尚未过期的�"
+"令。"
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr "<option>-l</option>, <option>--lock</option>"
+
+#: passwd.1.xml:249(para)
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+"�定指定账户的密�。此选项通过将密�更改为一个��能与加密值匹�的值��用(它"
+"在密�开头添加一个“!�)。"
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+"注�，这并没有�用此账户。用户�然�以通过其它认�方�(如 SSH 密�)�登录。�"
+"�用此账户，管�员需�使用 <command>usermod --expiredate 1</command> (设置账"
+"户的过期时间为1970年1月2日)。"
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr "被�定了密�的用户��许更改密�。"
+
+#: passwd.1.xml:269(term)
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+"在密�更改之间的最�天数设置为 <replaceable>MIN_DAYS</replaceable>。此字段中"
+"的 0 值表示用户�以在任何时间更改其密�。"
+
+#: passwd.1.xml:291(term)
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr "在 <replaceable>REPOSITORY</replaceable> 中更改密�"
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr "<option>-S</option>, <option>--status</option>"
+
+#: passwd.1.xml:317(para)
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+"显示账户状�信�。状�信�包� 7 个字段。首个字段是用户的登录�，第二个字段表"
+"示用户账户是�已��定密�(L)�没有密� (NP)或者密��用(P)，第三个字段给出最"
+"�一次更改密�的日期。接下�的四个字段分别是密�的最�年龄�最大年龄�警告期"
+"和�用期。这些年龄以天为��计算。"
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr "<option>-u</option>, <option>--unlock</option>"
+
+#: passwd.1.xml:335(para)
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+"解�指定用户的密�。此�作通过将密�改回先�值(改回使用 <option>-l</option> "
+"之�的值)�新�用密�。"
+
+#: passwd.1.xml:344(term)
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+"设置在�求更改密�之�警告的天数。<replaceable>WARN_DAYS</replaceable> 选项是"
+"在密�过期之���警告的天数。"
+
+#: passwd.1.xml:357(term)
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+"设置密��然有效的最大天数。<replaceable>MAX_DAYS</replaceable> 之�，密�会"
+"�求更改。"
+
+#: passwd.1.xml:373(para)
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr "密���性检查在��机器间��。用户应该选择适�的尽���的密�。"
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+"在�动了 NIS 的系统上，如果没有登录 NIS �务器，用户或许�能更改自己的密�。"
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr "<command>passwd</command> 使用 PAM �认�用户以�更改密�。"
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr "<option>ENCRYPT_METHOD</option> (string)"
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr "这定义了系统加密密�的默认算法(如果没有在命令行上指定算法)。"
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+"�以使用如下值：<replaceable>DES</replaceable> (default), <replaceable>MD5</"
+"replaceable><phrase condition=\"sha_crypt\">, <replaceable>SHA256</"
+"replaceable>, <replaceable>SHA512</replaceable></phrase>."
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr "注�，此�数会覆盖 <option>MD5_CRYPT_ENAB</option> ��。"
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+"注�：这�影�组密�的产生。用户密�的产生是由 PAM 和 PAM �置负责的。建议设"
+"置此��和 PAM �置一致。"
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr "<option>MD5_CRYPT_ENAB</option> (boolean)"
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+"表示密�是�必须使用基于 MD5 的算法加密。如果设为 <replaceable>yes</"
+"replaceable>，新密�将使用�以和新版 FreeBSD 兼容的基于 MD5 的算法加密。它支"
+"�无�长度的密�以�更长的�字符串。如果您需�将加密的密��制到其它��解新"
+"算法的系统，设置为 <replaceable>no</replaceable>。默认值是 <replaceable>no</"
+"replaceable>。"
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+#, fuzzy
+#| msgid ""
+#| "This variable is superceded by the <option>ENCRYPT_METHOD</option> "
+#| "variable or by any command line option used to configure the encryption "
+#| "algorithm."
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+"此��已�被 <option>ENCRYPT_METHOD</option> ��或者用于�置加密算法的命令行"
+"选项�代。"
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr "此��已�废弃。您应该使用 <option>ENCRYPT_METHOD</option>。"
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr "对密�更改�用附加检查。"
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "<option>PASS_ALWAYS_WARN</option> (boolean)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr "如果是 root，警告弱密�，但是�然�许使用。"
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "<option>PASS_CHANGE_TRIES</option> (number)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr "�以�试更改密�的最大次数(太容易)。"
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "<option>PASS_MAX_LEN</option> (number)"
+
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "<option>PASS_MIN_LEN</option> (number)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+"crypt() 的有效字符�数。<option>PASS_MAX_LEN</option> 默认是 8，除�您自己的 "
+"crypt() 更好，�则��更改。如果 <option>MD5_CRYPT_ENAB</option> 设为 "
+"<replaceable>yes</replaceable>，会被忽略。"
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+"<option>ENCRYPT_METHOD</option> 设为 <replaceable>SHA256</replaceable> 或 "
+"<replaceable>SHA512</replaceable> 时，此项确定加密算法默认使用 SHA 轮转数目"
+"(当轮转数没有通过命令行指定时)。"
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+"使用很多轮转，会让暴力破解更加困难。但是需�注�，认�用户时也会需�更多的 "
+"CPU 资�。"
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr "如果没有指定，libc 会选择默认的轮转数(5000)。"
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr "值必须在 1000 - 999,999,999 之间。"
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+"如果�设置了一个 <option>SHA_CRYPT_MIN_ROUNDS</option> 或 "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> 值，就会使用这个值。"
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+"如果 <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; "
+"<option>SHA_CRYPT_MAX_ROUNDS</option>，将会使用大的那个。"
+
+#: passwd.1.xml:429(filename)
+msgid "/etc/pam.d/passwd"
+msgstr "/etc/pam.d/passwd"
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr "<command>passwd</command> 的 PAM �置。"
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "���够"
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "无效的选项组�"
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr "�外的失败，什么也没有�。"
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr "�外的失败，<filename>passwd</filename> 文件丢失"
+
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr "<filename>passwd</filename> 文件忙，请�试"
+
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>passwd</command> 命令退出，并返回如下值：<placeholder-1/>"
+
+#: passwd.1.xml:490(para)
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr "nologin"
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr "礼貌地拒�登录"
+
+#: nologin.8.xml:65(para)
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+"<command>nologin</command> 命令显示一个信�，说账户��用然�返回�零值。它用"
+"于代替已��用的账户的 shell 字段。"
+
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"如果��用所有登录，请�考 <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>。"
+
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr "历�"
+
+#: nologin.8.xml:91(para)
+#, fuzzy
+#| msgid "The <command>nologin</command> command appearred in BSD 4.4."
+msgid "The <command>nologin</command> command appeared in BSD 4.4."
+msgstr "<command>nologin</command> 首次出现于 BSD 4.4。"
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr "批�更新和创建新用户"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr "文件"
+
+#: newusers.8.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The <command>newusers</command> command reads a file of user name and "
+#| "clear-text password pairs and uses this information to update a group of "
+#| "existing users or to create new users. Each line is in the same format as "
+#| "the standard password file (see <citerefentry><refentrytitle>passwd</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>) with the "
+#| "exceptions explained below:"
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+"<command>newusers</command> 命令读�用户�和明文密�对文件，并使用此信�更新"
+"一系列现有用户或创建新用户。�行和标准的 password 文件使用�样的格�(�考 "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>)，除了下边这些区别："
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+
+#: newusers.8.xml:110(emphasis)
+msgid "pw_name"
+msgstr "pw_name"
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr "这是用户的用户�。"
+
+#: newusers.8.xml:116(para)
+#, fuzzy
+#| msgid ""
+#| "It can be the name of a new user or the name of an existing user (or an "
+#| "user created before by <command>newusers</command>). In case of an "
+#| "existing user, the user's information will be changed, otherwise a new "
+#| "user will be created."
+msgid ""
+"It can be the name of a new user or the name of an existing user (or a user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+"既�以是新用户�也�以是现有用户�(也�以是 <command>newusers</command> 以�"
+"创建的用户)。现有用户时，将会更改用户信�，�则会创建新用户。"
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr "pw_passwd"
+
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr "此字段将被加密然�用于加密�密�的新值。"
+
+#: newusers.8.xml:138(emphasis)
+msgid "pw_uid"
+msgstr "pw_uid"
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr "此字段用于定义用户的 UID。"
+
+#: newusers.8.xml:144(para)
+#, fuzzy
+#| msgid ""
+#| "If the field is empty, an new (unused) UID will be defined automatically "
+#| "by <command>newusers</command>."
+msgid ""
+"If the field is empty, a new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+"如果此字段为空，<command>newusers</command> 会自动确定一个新的(未使用的)UID。"
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr "如果此字段包�一个数字，此数字会用于 UID。"
+
+#: newusers.8.xml:152(para)
+#, fuzzy
+#| msgid ""
+#| "If this field contains the name of an existing user (or the name of an "
+#| "user created before by <command>newusers</command>), the UID of the "
+#| "specified user will be used."
+msgid ""
+"If this field contains the name of an existing user (or the name of a user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+"如果此字段包�已�使用了的用户�(或者 <command>newusers</command> 在�边已�"
+"创建的一个用户)，将会使用指定用户的 UID。"
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr "如果一个现有用户更改了 UID，此用户的文件所有�需�手动修�。"
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr "此字段用于定义用户的主组 ID。"
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+"如果此字段包�一个现有组的组�(或者 <command>newusers</command> 在�边创建的"
+"一个组)，此组的 GID 会被用于�此用户的主组 ID。"
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+"如果此字段是一个数字，此数字会被用作此用户的主组 ID。如果没有对应此 GID 的现"
+"有组，将会使用此 GID 创建一个新组，�称和用户�相�。"
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+"如果此字段为空，将会使用用户�作为组�，<command>newusers</command> 自动确定"
+"的一个 GID 作为主组 ID �创建一个新组。"
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+"如果此字段包�一个�存在的组的�字(也没有由 <command>newusers</command> 在�"
+"边创建)，将使用指定的组�和 <command>newusers</command> 自动确定的 GID 创建一"
+"个组，并作为用户的主组。"
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr "pw_gecos"
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr "此字段�制到用户的 GECOS 字段。"
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr "pw_dir"
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr "此字段用于定义用户的主目录。"
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+"如果此字段指定的�是现有的目录，将会创建指定的目录，所有�设置为创建或更新的"
+"用户�其主组。"
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+"如果现有用户的主目录�更，<command>newusers</command> �会移动或者�制旧目录"
+"的内容到新�置。这需�手动完�。"
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr "pw_shell"
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr "此字段定义了用户的 shell。对此字段�进行任何检查。"
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+"<command>newusers</command> 首先�试创建或更改所有指定的用户，然�将这些更改"
+"写入用户或组数�库。如果�生错误(除�是在最�写入数�库过程中)，�会有任何更"
+"改。"
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr "此命令一般用于在大型的应用环境中，对大�账户进行一次性更新。"
+
+#: newusers.8.xml:266(para)
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr "<command>newusers</command> 命令�以使用的选项有："
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-c</option>, <option>--crypt-method</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr "使用指定的方法加密密�。"
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+"�用的方法有 DES, MD5, NONE, and SHA256 或 SHA512，��是您的 libc 支�这写方"
+"法。"
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--sha-rounds</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr "使用指定次数的轮转�加密密�。"
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr "值 0 表示让系统为加密方法选择默认的轮转次数 (5000)。"
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr "会强制最� 1,000，最大 9,9999,9999"
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr "您��以对 SHA256 或 SHA512 使用此选项。"
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"默认，轮转数由 <filename>/etc/login.defs</filename> 文件中的 "
+"SHA_CRYPT_MIN_ROUNDS 和 SHA_CRYPT_MAX_ROUNDS ��确定。"
+
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr "输入文件必须�到�护，因为它包�未加密的密�。"
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr "您需�确�你�和加密方法符�系统的密�策略。"
+
+#: newusers.8.xml:430(filename)
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/pam.d/newusers"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr "<command>newusers</command> 的 PAM �置。"
+
+#: newusers.8.xml:452(para)
+#, fuzzy
+#| msgid ""
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr "newgrp"
+
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr "登录到一个新组"
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr "group"
+
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+
+#: newgrp.1.xml:152(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr "logoutd"
+
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr "强制登录时间�制"
+
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr "/var/run/utmp"
+
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "当�登录会�的列表。"
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr "login.defs"
+
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr "影�密�套件�置"
+
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr "�供如下�置项："
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr "<option>CHFN_AUTH</option> (boolean)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"如果为 <replaceable>yes</replaceable>，<command>chfn</command> 进行任何更改�"
+"都��求认�，除�由超级用户�行。"
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr "<option>CHFN_RESTRICT</option> (string)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr "<option>CHSH_AUTH</option> (boolean)"
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"如果 <replaceable>yes</replaceable>，<command>chsh</command> 程�在�任何更改"
+"之�都会�求认�，除�是以超级用户身份�行的。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ERASECHAR</option> (number)"
+msgstr "<option>ERASECHAR</option> (number)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+"终端擦除字符 (<replaceable>010</replaceable> = backspace, <replaceable>0177</"
+"replaceable> = DEL)。"
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr "此值�以使用�缀“0�表示八进制，“0x�表示�六进制。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "<option>FAIL_DELAY</option> (number)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr "登录失败�，等待多少秒���许登录。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr "<option>FAILLOG_ENAB</option> (boolean)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr "�许登录并显示 <filename>/var/log/faillog</filename> 登录失败信�。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr "<option>FAKE_SHELL</option> (string)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+"如果设置了，<command>login</command> 将执行此 shell 而�是在 <filename>/etc/"
+"passwd</filename> 中指定的用户 shell。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr "<option>FTMP_FILE</option> (string)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr "如果定义，登录失败会以 utmp 格�记录在此文件中。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr "<option>HUSHLOGIN_FILE</option> (string)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr "<option>ISSUE_FILE</option> (string)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr "如果定义了，此文件将在�次的登录�示之�现实。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>KILLCHAR</option> (number)"
+msgstr "<option>KILLCHAR</option> (number)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr "终端 KILL 字符 (<replaceable>025</replaceable> = CTRL/U)。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr "<option>LASTLOG_ENAB</option> (boolean)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr "�许记录和显示 /var/log/lastlog 登录时间信�。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr "<option>LOG_OK_LOGINS</option> (boolean)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr "�许记录�功登录。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr "在记录到登录失败时，�许记录未知用户�。"
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+"注�：如果用户��心将密�输入到了登录�中，记录未知用户��能是一个安全�"
+"患。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "<option>LOGIN_RETRIES</option> (number)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr "密�错误时，�试的最大次数。"
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+#, fuzzy
+#| msgid ""
+#| "This will most likely be overridden by PAM, since the default pam_unix "
+#| "module has it's own built in of 3 retries. However, this is a safe "
+#| "fallback in case you are using an authentication module that does not "
+#| "enforce PAM_MAXTRIES."
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+"这很有�能被 PAM 覆盖，因为默认的 pam_unix 模�有其内建 3 次�新�试。然而，"
+"在您使用一个没有强制 PAM_MAXTRIES 的认�模�时，这是一个安全�馈。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "<option>LOGIN_TIMEOUT</option> (number)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr "最大登录时间(以秒为��)。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "<option>MOTD_FILE</option> (string)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr "如果定义了，登录时显示“:�分隔的“message of the day�。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr "<option>NOLOGINS_FILE</option> (string)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+
+#: login.defs.5.xml:208(para)
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+#, fuzzy
+#| msgid "Enable checking of time restrictions specified in /etc/porttime."
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr "�用在 /etc/porttime 中指定的时间�制检查。"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "<option>TTYGROUP</option> (string)"
+
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>TTYPERM</option> (string)"
+msgstr "<option>TTYPERM</option> (string)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "<option>TTYTYPE_FILE</option> (string)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ULIMIT</option> (number)"
+msgstr "<option>ULIMIT</option> (number)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr "默认 <command>ulimit</command> 值。"
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr "交�引用"
+
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr "如下交�引用显示影�密�套件哪个程�使用哪个�数。"
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr "chage"
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr "USE_TCB"
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr "chfn"
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr "chgpasswd"
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr "chpasswd"
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr "chsh"
+
+#: login.defs.5.xml:288(para)
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr "CHSH_AUTH LOGIN_STRING"
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr "gpasswd"
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr "groupadd"
+
+#: login.defs.5.xml:308(para)
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr "groupdel"
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr "MAX_MEMBERS_PER_GROUP"
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr "groupmems"
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr "groupmod"
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr "grpck"
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr "login"
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+
+#: login.defs.5.xml:383(term)
+msgid "newgrp / sg"
+msgstr "newgrp / sg"
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr "SYSLOG_SG_ENAB"
+
+#: login.defs.5.xml:393(para)
+#, fuzzy
+#| msgid ""
+#| "ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+#| "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+#| "\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+#| "SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:431(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+
+#: login.defs.5.xml:463(term)
+msgid "sulogin"
+msgstr "sulogin"
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+
+#: login.defs.5.xml:474(para)
+#, fuzzy
+#| msgid ""
+#| "CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+#| "PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+#| "SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb"
+#| "\">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>"
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN "
+"UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP TCB_SYMLINK "
+"USE_TCB</phrase>"
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:519(para)
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr "login.access"
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr "登录访问控制表"
+
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr "登录访问控制表的�一行有“:�分隔的三个字段："
+
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr "<emphasis>EXCEPT</emphasis> �作符让编写�常��的规则，�为�能。"
+
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr "在系统上�动回�"
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr "主机"
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr "ENV=VAR"
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+"命令解释器的�始化脚本也�能执行。请�考手册中相应的章节�获�关于此功能的更"
+"多信�。"
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr "��执行认�，用户已�预认�过。"
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr "注�：此时，<replaceable>username</replaceable> 是强制的。"
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr "-h"
+
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr "此登录的远程主机�。"
+
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr "�留环境。"
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr "为 rlogin (远程登录)执行 autologin (自动登录)�议。"
+
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+"<option>-r</option>, <option>-h</option> and <option>-f</option> �能用于 "
+"root 使用 <command>login</command> 时。"
+
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"此版本的 <command>login</command> 有很多编译选项，�有一部分�以在任何站点使"
+"用。"
+
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr "文件的�置由系统�置决定。"
+
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr "先�的登录会�列表。"
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr ""
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr "阻止� root 用户登录。"
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr "终端类型列表。"
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr "阻止现实系统信�。"
+
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr ""
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr ""
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr "资��制�述"
+
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr "�行以如下格�对一个用户�述�制："
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr "user LIMITS_STRING"
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr "或如下格�："
+
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr "@group LIMITS_STRING"
+
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+"<emphasis>LIMITS_STRING</emphasis> 是一个串�的资��制列表。���制由一个字"
+"�指示符和跟�的数字�制组�。"
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr "�用的指示符有："
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr "A：最大地�空间 (KB)"
+
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr "C：最大转储文件大� (KB)"
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr "D：最大数�大� (KB)"
+
+#: limits.5.xml:111(para)
+#, fuzzy
+#| msgid "F: maximum filesize (KB)"
+msgid "F: maximum file size (KB)"
+msgstr "F：最大文件尺寸 (KB)"
+
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"K：文件创建掩�，由 <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry> 设置。"
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr "I：最高 nice 级别，(0...39 对应 20...-19)"
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr "L：此用户的最大登录数"
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr ""
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr "N：最大的文件打开数"
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr "O：最大实时优先级"
+
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"P：进程优先级，由 <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry> 设置。"
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr ""
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr "S：最大栈尺寸 (KB)"
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr "T：最大 CPU 时间 (分钟)"
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr "U：最大处�器数目"
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+"例如，<emphasis remap=\"I\">L2D2048N5</emphasis> 就是有效的 "
+"<emphasis>LIMITS_STRING</emphasis>。为了阅读方便，如下项表示�样的��："
+
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      username L2D2048N5\n"
+"      username L2 D2048 N5\n"
+"    "
+msgstr ""
+"\n"
+"      username L2D2048N5\n"
+"      username L2 D2048 N5\n"
+"    "
+
+#: limits.5.xml:145(para)
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. An "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+
+#: limits.5.xml:159(para)
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+
+#: limits.5.xml:165(para)
+msgid ""
+"If more than one line with limits for a user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+
+#: limits.5.xml:170(para)
+msgid ""
+"If no lines are specified for a user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr "�完全�用对一个用户的�制，�以仅仅�使用一个短线“-�。"
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr "/etc/limits"
+
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr "lastlog"
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr "报告所有用户的最近登录情况，或者指定用户的最近登录情况"
+
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr "<command>lastlog</command> 命令�以接�的选项有："
+
+#: lastlog.8.xml:97(term)
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr "�显示�于 <emphasis remap=\"I\">DAYS</emphasis> 的最近登录记录。"
+
+#: lastlog.8.xml:107(term)
+#, fuzzy
+#| msgid "<option>-u</option>, <option>--user</option>"
+msgid "<option>-C</option>, <option>--clear</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: lastlog.8.xml:111(para)
+#, fuzzy
+#| msgid ""
+#| "This option is only valid in combination with the <option>-d</option> (or "
+#| "<option>--home</option>) option."
+msgid ""
+"Clear lastlog record of a user. This option can be used only together with "
+"<option>-u</option> (<option>--user</option>))."
+msgstr ""
+"这个选项�有和 <option>-d</option> (或 <option>--home</option>) 选项组�使用"
+"时�有效。"
+
+#: lastlog.8.xml:138(term)
+#, fuzzy
+#| msgid "<option>-r</option>, <option>--reset</option>"
+msgid "<option>-S</option>, <option>--set</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: lastlog.8.xml:142(para)
+msgid ""
+"Set lastlog record of a user to the current time. This option can be used "
+"only together with <option>-u</option> (<option>--user</option>))."
+msgstr ""
+
+#: lastlog.8.xml:149(term) faillog.8.xml:192(term)
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+
+#: lastlog.8.xml:153(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr "�现实新于 <emphasis remap=\"I\">DAYS</emphasis> 的最近登录记录。"
+
+#: lastlog.8.xml:160(term) faillog.8.xml:202(term)
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+
+#: lastlog.8.xml:164(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr "现实指定用户的最近登录记录。"
+
+#: lastlog.8.xml:167(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+
+#: lastlog.8.xml:179(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+"如果用户从�没有登录过，将会显示 <emphasis>** 从未登录 **</emphasis> 而�是端"
+"�和时间。"
+
+#: lastlog.8.xml:184(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+
+#: lastlog.8.xml:192(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr "注�"
+
+#: lastlog.8.xml:193(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+
+#: lastlog.8.xml:207(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+#: lastlog.8.xml:209(para)
+msgid "Database times of previous user logins."
+msgstr ""
+
+#: lastlog.8.xml:217(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr ""
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr "gshadow"
+
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr "影�化了的组文件"
+
+#: gshadow.5.xml:59(para)
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr "<filename>/etc/gshadow</filename> 包�影�化了的组账户信�。"
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr "此文件的�行包�逗�分隔的如下字段："
+
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "组�"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr "必须是系统中已�存在的有效组。"
+
+#: gshadow.5.xml:90(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+
+#: gshadow.5.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The password is used when an user who is not a member of the group wants "
+#| "to gain the permissions of this group (see "
+#| "<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>)."
+msgid ""
+"The password is used when a user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"此密�用于�是此组�员的用户获�此组的��。(�考 "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> )。"
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr "此字段�以为空，此时，�有组�员�以获�组��。"
+
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr "此密��代 <filename>/etc/group</filename> 中指定的任何密�。"
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr "管�员"
+
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr "必须是一个逗�分隔的用户�列表。"
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr "管�员�以更改组密�和�员。"
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr "管�员也有�员一样的��(请看下边)。"
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr "�员"
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr "�员�以�密�访问组。"
+
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+
+#: gshadow.5.xml:175(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr "检查组文件的完整性"
+
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr "一个唯一且有效的组�"
+
+#: grpck.8.xml:104(para)
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+"有效的组标识符 <phrase condition=\"gshadow\"> (仅 <filename>/etc/group</"
+"filename>)</phrase>"
+
+#: grpck.8.xml:111(para)
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr "有效的�员和 <phrase condition=\"gshadow\">管�员</phrase> 列表。"
+
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+
+#: grpck.8.xml:152(para)
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr "<command>grpck</command> �以接�的选项有："
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+
+#: grpck.8.xml:187(para)
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+"根� GID 在 <filename>/etc/group</filename><phrase condition=\"gshadow\"> 和 "
+"<filename>/etc/gshadow</filename></phrase> 中进行排�。"
+
+#: grpck.8.xml:196(para)
+#, fuzzy
+#| msgid ""
+#| "By default, <command>pwck</command> operates on the files <filename>/etc/"
+#| "passwd</filename> and <filename>/etc/shadow</filename><phrase condition="
+#| "\"tcb\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The "
+#| "user may select alternate files with the <replaceable>passwd</"
+#| "replaceable> and <replaceable>shadow</replaceable> parameters."
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+"默认上，<command>pwck</command> �作文件 <filename>/etc/passwd</filename> 和 "
+"<filename>/etc/shadow</filename><phrase condition=\"tcb\"> (或者在 "
+"<filename>/etc/tcb</filename> 中的文件)</phrase>。用户也�以使用 "
+"<replaceable>passwd</replaceable> 和 <replaceable>shadow</replaceable> �数�"
+"选择替代文件。"
+
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr "一个或多个�掉的组�目"
+
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr "无法打开组文件"
+
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr "无法�定组文件"
+
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr "无法更新组文件"
+
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>grpck</command> �以返回如下值：<placeholder-1/>"
+
+#: grpck.8.xml:291(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr "现实当�组�"
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr "用户"
+
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr ""
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "GROUP"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr "<command>groupmod</command> 命令�以接�的选项有："
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmod.8.xml:100(para)
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+
+#: groupmod.8.xml:104(para)
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+
+#: groupmod.8.xml:120(para)
+#, fuzzy
+#| msgid ""
+#| "The default behavior (if the <option>-g</option>, <option>-N</option>, "
+#| "and <option>-U</option> options are not specified) is defined by the "
+#| "<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+#| "filename>."
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"如果没有指定 <option>-g</option>, <option>-N</option> 和 <option>-U</option> "
+"选项，默认行为由 <filename>/etc/login.defs</filename> 中的 "
+"<option>USERGROUPS_ENAB</option> ��指定。"
+
+#: groupmod.8.xml:135(term)
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+
+#: groupmod.8.xml:150(para)
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "组�已�在使用"
+
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>groupmod</command> 命令�以返回如下值：<placeholder-1/>"
+
+#: groupmod.8.xml:287(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr ""
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr ""
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr ""
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr ""
+
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr "用户主组的管�员�员"
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr "user_name"
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr "group_name"
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr "-g <placeholder-1/>"
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+
+#: groupmems.8.xml:94(para)
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr "<command>groupmems</command> 命令�以接�的选项有："
+
+#: groupmems.8.xml:107(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+
+#: groupmems.8.xml:109(para)
+#, fuzzy
+#| msgid "Add an user to the group membership list."
+msgid "Add a user to the group membership list."
+msgstr "将一个用户添加到组�员列表。"
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+
+#: groupmems.8.xml:118(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr "从组�员列表中删除用户。"
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+"如果 <filename>/etc/gshadow</filename> 文件存在，用户将会被从组�员和管�员中"
+"移除。"
+
+#: groupmems.8.xml:134(term)
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr "超级用户�以指定修改哪个组的组�员列表。"
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr "列出组�员。"
+
+#: groupmems.8.xml:154(term)
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-p</option>, <option>--purge</option>"
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr "从组�员列表中删除所有用户。"
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr ""
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+"    "
+msgstr ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+"    "
+
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr "安全组账户信�"
+
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr "删除一个组"
+
+#: groupdel.8.xml:81(para)
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+"<command>userdel</command> 修改系统账户文件，删除与 <replaceable>GROUP</"
+"replaceable> 相关的所有项目。给出的组�必须存在。"
+
+#: groupdel.8.xml:89(para)
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr "<command>groupdel</command> 命令�以接�的选项有："
+
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr "您�能移除现有用户的主组。在移除此组之�，必须先移除此用户。"
+
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr "您需�手动检查所有文件系统，以确�没有�留的属于此组的文件。"
+
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr "�能移除用户的主组"
+
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>groupdel</command> 命令以如下值退出：<placeholder-1/>"
+
+#: groupdel.8.xml:198(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "创建一个新组"
+
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr "<command>groupadd</command> 命令�以接�的选项有："
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+
+#: groupadd.8.xml:118(para)
+#, fuzzy
+#| msgid ""
+#| "The numerical value of the user's ID. This value must be unique, unless "
+#| "the <option>-o</option> option is used. The value must be non-negative. "
+#| "The default is to use the smallest ID value greater than 999 and greater "
+#| "than every other user. Values between 0 and 999 are typically reserved "
+#| "for system accounts."
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+"用户 ID 的数字值。此值必须为唯一的，出�使用了 <option>-o</option> 选项。此值"
+"必须�负，默认使用大于 999，且大于任何其他用户 ID 最�值。0 到 999 之间的值一"
+"般�留�系统账户。"
+
+#: groupadd.8.xml:124(para)
+#, fuzzy
+#| msgid ""
+#| "Except for the <option>-A</option> and <option>-M</option> options, the "
+#| "options cannot be combined."
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr ""
+"除了 <option>-A</option> 和 <option>-M</option> 选项，其它选项�能��使用。"
+
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+
+#: groupadd.8.xml:146(para)
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"示例：<option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: groupadd.8.xml:150(para)
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+"注�：<option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> 尚�能工作。"
+
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr "此选项�许添加一个使用�唯一 GID 的组。"
+
+#: groupadd.8.xml:192(para)
+msgid "Create a system group."
+msgstr "创建一个系统组。"
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+
+#: groupadd.8.xml:258(para)
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"组�必须以�写字�或者下划线开头，跟��写字��下划线或短横线。�以由美元符"
+"�结�。用正则表达�就是：[a-z_][a-z0-9_-]*[$]?"
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr "组�最长为 &GROUP_NAME_MAX_LENGTH; 个字符。"
+
+#: groupadd.8.xml:267(para)
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr "GID �唯一 (没有使用 <option>-o</option>)"
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr "组��唯一"
+
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>groupadd</command> �能以如下值退出：<placeholder-1/>"
+
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr ""
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr ""
+
+#: gpasswd.1.xml:71(phrase)
+msgid "administer <placeholder-1/>"
+msgstr "管�员 <placeholder-1/>"
+
+#: gpasswd.1.xml:74(phrase)
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr "管�员 <placeholder-1/> 和 <placeholder-2/>"
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+msgid "option"
+msgstr "选项"
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:115(para)
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr "请注�组密�"
+
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+
+#: gpasswd.1.xml:135(para)
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr ""
+"除了 <option>-A</option> 和 <option>-M</option> 选项，其它选项�能��使用。"
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr "这些选项�能组�使用。"
+
+#: gpasswd.1.xml:142(para)
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr "<command>gpasswd</command> �以接�的选项有："
+
+#: gpasswd.1.xml:147(term)
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+
+#: gpasswd.1.xml:151(para)
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"��为 <replaceable>group</replaceable> 的组中添加用户 <replaceable>user</"
+"replaceable>。"
+
+#: gpasswd.1.xml:160(term)
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+
+#: gpasswd.1.xml:164(para)
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+"从�为 <replaceable>group</replaceable> 的组中移除用户 <replaceable>user</"
+"replaceable>。"
+
+#: gpasswd.1.xml:181(term)
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+
+#: gpasswd.1.xml:195(term)
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr "<option>-r</option>, <option>--remove-password</option>"
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:211(term)
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr "<option>-R</option>, <option>--restrict</option>"
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+
+#: gpasswd.1.xml:227(term)
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr "设置有管���的用户列表。"
+
+#: gpasswd.1.xml:239(term)
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr "设置组�员列表。"
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+
+#: gpasswd.1.xml:298(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr "faillog"
+
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr "显示登录失败记录或设置登录失败�制"
+
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr "<command>faillog</command> �以接�的选项有："
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+
+#: faillog.8.xml:102(para)
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr "用户的范围�以使用 <option>-u</option> 选项�制。"
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+
+#: faillog.8.xml:128(term)
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+
+#: faillog.8.xml:132(para)
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr "登录失败��定账户 <replaceable>SEC</replaceable> 秒。"
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr "此选项�求对 <filename>/var/log/faillog</filename> 有写入��。"
+
+#: faillog.8.xml:143(term)
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+
+#: faillog.8.xml:147(para)
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr "�置登录失败计数。"
+
+#: faillog.8.xml:195(para)
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr "显示新于 <replaceable>DAYS</replaceable> 的登录失败记录。"
+
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:224(para)
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr "/var/log/faillog"
+
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr ""
+
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr "登录失败的日志文件"
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "文件的结构是："
+
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;\n"
+"\tshort   fail_max;\n"
+"\tchar    fail_line[12];\n"
+"\ttime_t  fail_time;\n"
+"\tlong    fail_locktime;\n"
+"};"
+msgstr ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;\n"
+"\tshort   fail_max;\n"
+"\tchar    fail_line[12];\n"
+"\ttime_t  fail_time;\n"
+"\tlong    fail_locktime;\n"
+"};"
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr ""
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr "expiry"
+
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr ""
+
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+
+#: expiry.1.xml:92(para)
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr "<command>expiry</command> 选项�以接�的选项有："
+
+#: expiry.1.xml:97(term)
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr "<option>-c</option>, <option>--check</option>"
+
+#: expiry.1.xml:99(para)
+msgid "Check the password expiration of the current user."
+msgstr ""
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr "如果用户密�过期，则强制用户修改密�。"
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr "更改登录 shell"
+
+#: chsh.1.xml:85(para)
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr "<command>chsh</command> 命令�以接�的选项有："
+
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr "/etc/shells"
+
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr "�用的登录 shell 的列表。"
+
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr "批�更新密�"
+
+#: chpasswd.8.xml:83(para)
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+
+#: chpasswd.8.xml:92(para)
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+"默认必须明文�供密�，然�由 <command>chpasswd</command> 加密。如果存在密�年"
+"龄信�，也会更新之。"
+
+#: chpasswd.8.xml:97(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "ENCRYPT_METHOD variable of <filename>/etc/login.defs</filename>, and can "
+#| "be overwiten with the <option>-e</option>, <option>-m</option>, or "
+#| "<option>-c</option> options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwritten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"默认加密算法�以通过 <filename>/etc/login.defs</filename> 的 ENCRYPT_METHOD "
+"��设置，并且�以使用 <option>-e</option>, <option>-m</option> 或 <option>-"
+"c</option> 选项覆盖。"
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+
+#: chpasswd.8.xml:111(para)
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occurred for "
+"any user."
+msgstr ""
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr "此命令一般用于需�一次创建很多用户的大型系统。"
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr "<command>chpasswd</command> �以接�的选项有："
+
+#: chpasswd.8.xml:137(term)
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr "�用的方法有 DES，MD5 和 NONE。"
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr "默认，使用 PAM �加密密�。"
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr "�供的密�是已�加密了的"
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr "<option>-m</option>, <option>--md5</option>"
+
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr "如果�供的密�没有加密，则使用 MD5 加密而�是 DES。"
+
+#: chpasswd.8.xml:200(term)
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr "记��设置��或者掩��阻止其它用户对未加密文件的读�。"
+
+#: chpasswd.8.xml:276(filename)
+msgid "/etc/pam.d/chpasswd"
+msgstr "/etc/pam.d/chpasswd"
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr "<command>chpasswd</command> 的 PAM �置。"
+
+#: chpasswd.8.xml:286(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr ""
+
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr "批�更新组密�"
+
+#: chgpasswd.8.xml:79(para)
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+"<command>chgpasswd</command> 命令从标准输入读�一系列组�和密�对，并使用此信"
+"�更新这些存在的组。�行的格�如下："
+
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+
+#: chgpasswd.8.xml:88(para)
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+"默认上，�供的密�必须是明�文本，然�由 <command>chgpasswd</command> 加密。"
+
+#: chgpasswd.8.xml:92(para)
+#, fuzzy
+#| msgid ""
+#| "The default encryption algorithm can be defined for the system with the "
+#| "ENCRYPT_METHOD variable of <filename>/etc/login.defs</filename>, and can "
+#| "be overwiten with the <option>-e</option>, <option>-m</option>, or "
+#| "<option>-c</option> options."
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwritten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+"默认加密算法�以通过 <filename>/etc/login.defs</filename> 的 ENCRYPT_METHOD "
+"��设置，并且�以使用 <option>-e</option>, <option>-m</option> 或 <option>-"
+"c</option> 选项覆盖。"
+
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr "<command>chgpasswd</command> �以接�的选项有："
+
+#: chgpasswd.8.xml:238(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr "更改真�和信�"
+
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+
+#: chfn.1.xml:112(para)
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr "<command>chfn</command> 命令�以接�的选项有："
+
+#: chfn.1.xml:117(term)
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr "更改用户的全�"
+
+#: chfn.1.xml:125(term)
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr ""
+
+#: chfn.1.xml:133(term)
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+
+#: chfn.1.xml:145(term)
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr ""
+
+#: chfn.1.xml:165(term)
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-u</option>, <option>--help</option>"
+
+#: chfn.1.xml:173(term)
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr ""
+
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "更改用户密�过期信�"
+
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr "<command>chage</command> 命令�以接�的选项有："
+
+#: chage.1.xml:97(term)
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+
+#: chage.1.xml:109(term)
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+"<replaceable>EXPIRE_DATE</replaceable> 设置为 <emphasis remap=\"I\">-1</"
+"emphasis> 会移除账户的过期日期。"
+
+#: chage.1.xml:135(term)
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+"<replaceable>INACTIVE</replaceable> 设置为 <emphasis remap=\"I\">-1</"
+"emphasis> 会移除账户�用功能。"
+
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr "现实账户年龄信�。"
+
+#: chage.1.xml:164(term)
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+
+#: chage.1.xml:176(term)
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+
+#: chage.1.xml:180(para)
+#, fuzzy
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+"设置密�有效的最大天数。<replaceable>MAX_DAYS</replaceable> 加 "
+"<replaceable>LAST_DAY</replaceable> �于当�日期时，会�求用户更改密�，�则"
+"�能使用此账户。"
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+"<replaceable>MAX_DAYS</replaceable> 设置为 <emphasis remap=\"I\">-1</"
+"emphasis> 会移除密�有效性检查。"
+
+#: chage.1.xml:209(term)
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+
+#: chage.1.xml:213(para)
+#, fuzzy
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+"设置在�求更改密�之�几天开始警告。<replaceable>WARN_DAYS</replaceable> 选项"
+
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+"如果没有选择任何选项，<command>chage</command> 会进入交互模�，以所有字段的当"
+"�值�示用户。输入一个新值�以更改这些字段，或者留空使用当�值。当�值出现在 "
+"<emphasis>[ ]</emphasis> 标记对里。"
+
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr "<command>chage</command> 需�有一个影�密�文件��用。"
+
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+"�有 root ��以使用 <command>chage</command>，一个特殊情况是 <option>-l</"
+"option> 选项，用�让�特�用户觉得自己的密�或账户何时过期。"
+
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "无法找到影�密�文件"
+
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr "<command>chage</command> 命令有如下退出值：<placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr "YunQiang Su <wzssyqa@gmail.com>, 2010."
+
+#~ msgid "-M"
+#~ msgstr "-M"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "13"
+#~ msgstr "13"
+
+#~ msgid "can't create mail spool"
+#~ msgstr "无法创建邮箱"
+
+#~ msgid ""
+#~ "The SELinux user for the user's login. The default is to leave this field "
+#~ "the blank, which causes the system to select the default SELinux user."
+#~ msgstr ""
+#~ "用户登录使用的 SELinux 用户。默认值就留空，会让系统选择默认的 SELinux 用"
+#~ "户。"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "-q"
+#~ msgstr "-q"
+
+#~ msgid "-s"
+#~ msgstr "-s"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "new_users"
+#~ msgstr "新用户"
+
+#~ msgid "full_name"
+#~ msgstr "full_name"
+
+#~ msgid "-f <placeholder-1/>"
+#~ msgstr "-f <placeholder-1/>"
+
+#~ msgid "room_no"
+#~ msgstr "room_no"
+
+#~ msgid "work_ph"
+#~ msgstr "work_ph"
+
+#~ msgid "-w <placeholder-1/>"
+#~ msgstr "-w <placeholder-1/>"
+
+#~ msgid "home_ph"
+#~ msgstr "home_ph"
+
+#~ msgid "other"
+#~ msgstr "其它"
+
+#~ msgid "-o <placeholder-1/>"
+#~ msgstr "-o <placeholder-1/>"
diff --git a/man/porttime.5.xml b/man/porttime.5.xml
new file mode 100644
index 0000000..e28ce60
--- /dev/null
+++ b/man/porttime.5.xml
@@ -0,0 +1,149 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1989 - 1990, Julianne Frances Haugh
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='porttime.5'>
+  <!--  $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1989</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>porttime</refentrytitle>
+    <manvolnum>5</manvolnum>
+    <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>porttime</refname>
+    <refpurpose>port access time file</refpurpose>
+  </refnamediv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      <emphasis remap='I'>porttime</emphasis> contains a list of tty
+      devices, user names, and permitted login times.
+    </para>
+
+    <para>
+      Each entry consists of three colon separated fields. The first field
+      is a comma separated list of tty devices, or an asterisk to indicate
+      that all tty devices are matched by this entry. The second field is a
+      comma separated list of user names, or an asterisk to indicated that
+      all user names are matched by this entry. The third field is a comma
+      separated list of permitted access times.
+    </para>
+
+    <para>
+      Each access time entry consists of zero or more days of the week,
+      abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>,
+      <emphasis>Tu</emphasis>, <emphasis>We</emphasis>,
+      <emphasis>Th</emphasis>, <emphasis>Fr</emphasis>, and
+      <emphasis>Sa</emphasis>, followed by a pair of times separated by a
+      hyphen. The abbreviation <emphasis>Wk</emphasis> may be used to
+      represent Monday thru Friday, and <emphasis>Al</emphasis> may be used
+      to indicate every day. If no days are given, <emphasis>Al</emphasis>
+      is assumed.
+    </para>
+  </refsect1>
+
+  <refsect1 id='examples'>
+    <title>EXAMPLES</title>
+    <para>
+      The following entry allows access to user <emphasis
+      remap='B'>jfh</emphasis> on every port during weekdays from 9am to
+      5pm.
+    </para>
+
+    <para>	*:jfh:Wk0900-1700</para>
+
+    <para>
+      The following entries allow access only to the users
+      <emphasis>root</emphasis> and <emphasis>oper</emphasis> on
+      <filename>/dev/console</filename> at any time. This illustrates how
+      the <filename>/etc/porttime</filename> file is an ordered list of
+      access times. Any other user would match the second entry which does
+      not permit access at any time.
+    </para>
+
+    <programlisting>
+      console:root,oper:Al0000-2400
+      console:*:
+    </programlisting>
+
+    <para>
+      The following entry allows access for the user
+      <emphasis>games</emphasis> on any port during non-working hours. 
+    </para>
+
+    <para>	*:games:Wk1700-0900,SaSu0000-2400</para>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/porttime</filename></term>
+	<listitem>
+	  <para>File containing port access.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/pt_BR/Makefile.am b/man/pt_BR/Makefile.am
new file mode 100644
index 0000000..f0773a7
--- /dev/null
+++ b/man/pt_BR/Makefile.am
@@ -0,0 +1,12 @@
+
+mandir = @mandir@/pt_BR
+
+man_MANS = \
+	man1/gpasswd.1 \
+	man8/groupadd.8 \
+	man8/groupdel.8 \
+	man8/groupmod.8 \
+	man5/passwd.5 \
+	man5/shadow.5
+
+EXTRA_DIST = $(man_MANS)
diff --git a/man/pt_BR/man1/gpasswd.1 b/man/pt_BR/man1/gpasswd.1
new file mode 100644
index 0000000..cccb459
--- /dev/null
+++ b/man/pt_BR/man1/gpasswd.1
@@ -0,0 +1,93 @@
+.\" Copyright 1996, Rafal Maszkowski, rzm@pdi.net
+.\"
+.\" É permitida a confecção e distribuição deste manual, devidamente
+.\" acompanhado dos avisos de direitos autorais e desta permissão
+.\" em todas as cópias.
+.\"
+.\" É permitida a cópia e distribuição de versões modificadas deste manual
+.\" sob as condições acima, e que todo o trabalho derivado seja distribuido
+.\"  sob  as mesmas condições deste manual.
+.\" 
+.\" Uma vez que o kernel do Linux e suas bibliotecas estão constantemente
+.\" mudando, esta página de manual poderá estar incorreta ou desatualizada.
+.\" O(s) autor(es) não assumem responsabilidade por erros ou omissões, 
+.\"  ou por danos resultantes do uso das informações aqui contidas. 
+.\"
+.\" Versões formatadas ou processadas deste manual, desacompanhadas dos
+.\" fontes, devem conter a autorização e os direitos autorais dos autores do
+.\" trabalho.
+.\"
+.\" Você deve receber uma cópia da Licença Pública GNU
+.\" junto com este manual; caso contrário, escreva para a Free Software
+.\" Foundation, Inc., 675 mass Ave, Cambridge, MA 02139 USA ou
+.\" em português na Conectiva Informática \- http://www.conectiva.com.br
+.\"
+.\"	$Id$
+.\"
+.TH GPASSWD 1
+.SH NOME
+gpasswd \- administra o arquivo \fI/etc/group\fR
+.br
+.SH SINOPSE
+\fBgpasswd\fR \fIgrupo\fR
+.br
+\fBgpasswd \-a\fR \fIusuário\fR \fIgrupo\fR
+.br
+\fBgpasswd \-d\fR \fIusuário\fR \fIgrupo\fR
+.br
+\fBgpasswd \-R\fR \fIgrupo\fR
+.br
+.B gpasswd
+.B \-r
+\fIgrupo\fR
+.br
+.B gpasswd
+.RB [ \-A
+\fIusuário\fR,...]
+.RB [ \-M
+\fIusuário\fR,...]
+\fIgrupo\fR
+.br
+.SH DESCRIÇÃO
+O
+.B gpasswd
+é utilizado para administrar o arquivo \fI/etc/group\fR (e o arquivo
+\fI/etc/gshadow\fR, caso compilado com SHADOWGRP).
+Todos os grupos podem ter administradores, membros e uma senha. O
+administrador do sistema pode usar a opção \fB\-A\fR para definir o
+administrador do grupo e \fB\-M\fR para definir os membros e todos os seus
+direitos assim como os do administrador.
+.PP
+Administradores de grupos podem adicionar e excluir usuários utilizando as
+opções \fB\-a\fR e \fB\-d\fR respectivamente. Administradores podem usar a opção
+\fB\-r\fR  para remover a senha de um grupo. Quando não há senhas definidas
+para um grupo, somente os membros do grupo podem usar o comando
+.BR newgrp (1) 
+para adicionar novos usuários ao grupo . A opção  \fB\-R\fR 
+desabilita o acesso ao grupo através do comando 
+.BR newgrp (1)
+.
+.PP
+O
+.B gpasswd
+executado pelo administrador do grupo seguido pelo nome 
+solicitará a senha do grupo. Caso o comando 
+.BR newgrp (1)
+esteja habilitado para outros usuários do grupo sem o uso de senha, não
+membros podem também executar o comando, informando porém a senha do grupo.
+.SH ARQUIVOS
+\fI/etc/group\fR	\- informações do grupo
+.br
+\fI/etc/gshadow\fR	\- informações do grupo em arquivo shadow
+.SH VEJA TAMBÉM
+.BR newgrp (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR grpck (8)
+.SH TRADUÇÃO E REVISÃO PARA A L�NGUA PORTUGUESA
+Sandro Nunes Henrique <sandro@conectiva.com.br> (tradução)
+.br
+Rodrigo Stulzer Lopes <rodrigo@conectiva.com.br> (revisão)
+.br
+Guilherme de S. Pastore <gpastore@colband.com.br> (revisão)
diff --git a/man/pt_BR/man5/passwd.5 b/man/pt_BR/man5/passwd.5
new file mode 100644
index 0000000..211c789
--- /dev/null
+++ b/man/pt_BR/man5/passwd.5
@@ -0,0 +1,133 @@
+.\" -*- nroff -*-
+.\" Copyright (c) 1993 Michael Haardt (michael@moria.de), Fri Apr  2 11:32:09 MET DST 1993
+.\"
+.\" This is free documentation; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of
+.\" the License, or (at your option) any later version.
+.\"
+.\" The GNU General Public License's references to "object code"
+.\" and "executables" are to be interpreted as the output of any
+.\" document formatting or typesetting system, including
+.\" intermediate and printed output.
+.\"
+.\" This manual is distributed in the hope that it will be useful,
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+.\" GNU General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public
+.\" License along with this manual; if not, write to the Free
+.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111,
+.\" USA.
+.\"
+.\" Modified Sun Jul 25 10:46:28 1993 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Aug 21 18:12:27 1994 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Jun 18 01:53:57 1995 by Andries Brouwer (aeb@cwi.nl)
+.\" Modified Mon Jan  5 20:24:40 MET 1998 by Michael Haardt
+.\"  (michael@cantor.informatik.rwth-aachen.de)
+.TH PASSWD 5 "5/01/1998" "" "Formatos de Arquivo"
+.SH NOME
+passwd \- arquivo de senhas
+.SH DESCRIÇÃO
+.B Passwd
+é um arquivo texto, que contém a lista de contas do sistema,
+fornecendo para cada conta qualquer informação útil como identificação numérica do usuário,
+identificação numérica do grupo, diretório do usuário, interpretador de comandos, etc.
+Freqüentemente ele contém as senhas criptografadas para cada conta.
+Ele deveria ter permissão total de leitura (muitos utilitários, como
+.BR ls (1)
+usa-o para mapear as identificações dos usuários para nome de usuários), mas
+a permissão de escrita é apenas para o superusuário.
+.PP
+Nos bons e velhos dias não havia grandes problemas com esta permissão total
+de leitura. Todos podiam ler as senhas criptografadas, mas o hardware era 
+muito lento para quebrar as senhas bem escolhidas, e além disso, a suposição fundamental
+usada era que toda comunidade de usuários era amigável. Atualmente muitas 
+pessoas executam alguma versão da suite shadow password, onde
+.I /etc/passwd
+tem *'s ao invéz de senhas criptografadas, e as senhas criptorafadas estão em
+.I /etc/shadow
+o qual é legível apenas para o superusuário.
+.PP
+Apesar de que senhas shadow serem usadas, muitos administradores de 
+sistemas usam
+estrelas no campo de senhas criptografadas para ter certeza que este usuário
+autentique-se a si mesmo(a) usando uma senha. (Mas veja as Notas abaixo.)
+.PP
+Se você cria um nova conta, primeiro coloque asteriscos no campo de 
+senhas, então use
+.BR passwd (1)
+para seleciona-lá.
+.PP
+Há apenas um lançamento por linha, e cada linha tem o formato:
+.sp
+.RS
+account:password:UID:GID:GECOS:directory:shell
+.RE
+.sp
+As descrições dos campos são:
+.sp
+.RS
+.TP 1.0in
+.I account
+o nome dos usuários do sistema. Ele não deveria conter letras maiúsculas.
+.TP
+.I password
+a senha criptografada do usuários ou asteriscos.
+.TP
+.I UID
+a identificação numérica do usuário.
+.TP
+.I GID
+a identificação do grupo primário para este usuário.
+.TP
+.I GECOS
+Este campo é opcional e somente usado para propósitos informativos.
+Usualmente, ele contém o nome completo do usuário. GECOS significa General Electric
+Comprehensive Operating System, que foi renomeado para GCOS quando
+a divissão de grandes sistemas da GE foi vendida para Honeywell. Dennis Ritchie havia
+relatado: "Algumas vezes nós mandamos uma saída para a impressora ou trabalhos em lote
+para um máquina GCOS. O campo gcos no arquivo de senhas estava no lugar 
+para esconder a informação para o $IDENTcard. Não elegante."
+.TP
+.I directory
+o diretório do usuário ($HOME).
+.TP
+.I shell
+o interpretador de comando usados depois do login (se vazio, usa o
+.BR /bin/sh ).
+Se selecionado um executável que não existe, o usuário ficará incapaz de
+logar através de
+.BR login (1).
+.RE
+.SH NOTAS
+Se você quiser criar grupos de usuários, as GIDs devem ser iguais e devem
+ter um lançamento no \fI/etc/group\fP, ou o grupo não existe.
+.PP
+Se a senha criptografada é selecionada como asteriscos, o usuário ficará
+apto para logar usando
+.BR login (1),
+mas talvez logar usando
+.BR rlogin (1),
+executar processos existentes e iniciar novos através de
+.BR rsh (1)
+ou
+.BR cron (1)
+ou
+.BR at (1)
+ou filtros de correio, etc. Tentativa para fechar um conta por simples 
+mudança do campo
+shell produz o mesmo resultado e adicionalmente permite o uso de
+.BR su (1).
+.SH ARQUIVOS
+.I /etc/passwd
+.SH "VEJA TAMBÉM"
+.BR passwd (1),
+.BR login (1),
+.BR su (1),
+.BR group (5),
+.BR shadow (5)
+.SH TRADUZIDO POR LDP-BR em 21/08/2000.
+\&\fR\&\f(CWAndré L. Fassone Canova <lonelywolf@blv.com.br> (tradução)\fR
+\&\fR\&\f(CWRoberto Selbach Teixeira <robteix@zaz.com.br> (revisão)\fR
diff --git a/man/pt_BR/man5/shadow.5 b/man/pt_BR/man5/shadow.5
new file mode 100644
index 0000000..8f7c395
--- /dev/null
+++ b/man/pt_BR/man5/shadow.5
@@ -0,0 +1,81 @@
+.\" $Id$
+.\" Copyright 1989 \- 1990, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.TH SHADOW 5
+.SH NOME
+shadow \- arquivo de senhas criptografadas
+.SH DESCRIÇÃO
+.I shadow
+contém as informações de senhas criptografadas  das contas dos usuários e opcionalmente a informação de idade da senha.
+Contém:
+.IP "" .5i
+Nome de acesso.
+.IP "" .5i
+Senha criptografada.
+.IP "" .5i
+Dias decorridos entre 1 de janeiro de 1970 e a última alteração da senha.
+.IP "" .5i
+Número de dias até que a senha deva ser alterada.
+.IP "" .5i
+Número de dias após o qual a senha deve ser alterada.
+.IP "" .5i
+Número de dias antes da expiração da senha no qual o usuário será avisado.
+.IP "" .5i
+Número de dias após a expiração da senha que a conta deve ser desabilitada.
+.IP "" .5i
+Dias decorridos entre 1 de janeiro de 1970 e a data em que a conta foi desabilitada.
+.IP "" .5i
+Campo reservado.
+.PP
+O campo senha deve ser preenchido. A senha criptografada consiste de 13 a 24 caracteres entre os 64 caracteres alfabéticos \- de a até z e de A até Z, além de 0 a 9, \. e /. Verifique em \fBcrypt\fR(3) por maiores detalhes de como esta cadeia de caracteres é interpretada.
+.PP
+A data da última mudança da senha é dada pelo número de dias desde 1 de janeiro de 1970. A senha não pode ser alterada novamente até que um determinado número de dias tenha se passado, e deve ser alterada após um número máximo de dias. Se o número mínimo de dias for maior que o número máximo, a senha não pode ser alterada pelo usuário.
+.PP
+uma conta é considerada inativa e desabilitada se a senha não foi alterada dentro de um determinado número de dias após a expiração das senhas. Uma conta poderá ser desabilitada ainda no dia especificado, independentemente de qualquer informação de expiração da senha.
+.PP
+Esta informação sobrepõe\-se a qualquer senha ou idade de senha presente no arquivo.
+.PP
+Este arquivo não poderá ser acessado por usuários comuns, caso deseje manter a segurança das senhas.
+.SH ARQUIVOS
+\fI/etc/passwd\fR	\- informações das contas de usuários
+.br
+\fI/etc/shadow\fR	\- senhas de usuários criptografadas
+.SH VEJA TAMBÉM
+.BR chage (1),
+.BR login (1),
+.BR passwd (1),
+.BR su (1),
+.BR shadow (3),
+.BR passwd (5),
+.BR pwconv (8),
+.BR pwunconv (8),
+.BR sulogin (8)
+.SH AUTOR
+Julianne Frances Haugh (jfh@tab.com)
+.SH TRADUÇÃO E REVISÃO PARA A L�NGUA PORTUGUESA
+Sandro Nunes Henrique <sandro@conectiva.com.br> (tradução)
+Rodrigo Stulzer Lopes <rodrigo@conectiva.com.br> (revisão)
diff --git a/man/pt_BR/man8/groupadd.8 b/man/pt_BR/man8/groupadd.8
new file mode 100644
index 0000000..7ac0303
--- /dev/null
+++ b/man/pt_BR/man8/groupadd.8
@@ -0,0 +1,83 @@
+.\" Copyright 1991, Julianne Frances Haugh
+.\" Todos os direitos reservados.
+.\"
+.\" É permitida a confecção e distribuição deste manual, devidamente
+.\" acompanhado dos avisos de direitos autorais e desta permissão
+.\" em todas as cópias.
+.\"
+.\" É permitida a cópia e distribuição de versões modificadas deste manual
+.\" sob as condições acima, e que todo o trabalho derivado seja distribuído
+.\" sob  as mesmas condições deste manual.
+.\" 
+.\" Uma vez que o kernel do Linux e suas bibliotecas estão constantemente
+.\" mudando, esta página de manual poderá estar incorreta ou desatualizada.
+.\" O(s) autor(es) não assumem responsabilidade por erros ou omissões, 
+.\" ou por danos resultantes do uso das informações aqui contidas. 
+.\"
+.\" Versões formatadas ou processadas deste manual, desacompanhadas dos
+.\" fontes, devem conter a autorização e os direitos autorais dos autores do
+.\" trabalho.
+.\"
+.\" Você deve receber uma cópia da Licença Pública GNU
+.\" junto com este manual; caso contrário, escreva para a Free Software
+.\" Foundation, Inc., 675 mass Ave, Cambridge, MA 02139 USA ou
+.\" em português na Conectiva Informática Ltda. \- http://www.conectiva.com.br
+.\"
+.\"
+.\"
+.\"	$Id$
+.\"
+.TH GROUPADD 8
+.SH NOME
+groupadd \- Criar um novo grupo
+.SH SINOPSE
+\fBgroupadd\fR [\fB\-g\fR \fIgid\fR [\fB\-o\fR]] [\fB\-f\fR] \fIgrupo\fR
+.SH DESCRIÇÃO
+O comando \fBgroupadd\fR cria um novo grupo usando valores especificados na
+linha de comando e os valores padrões do sistema. O novo grupo será criado
+nos arquivos do sistema, conforme o requerido. As opções que aplicam\-se ao
+comando \fBgroupadd\fR são
+.IP \fB\-f\fR
+Este é o indicador \fIforce\fR . Ele não irá parar o processamento do
+\fBgroupadd\fR e não finalizará o programa, caso um grupo que esteja sendo
+criado já exista no sistema. Neste caso, o grupo não será alterado(ou
+adicionado novamente).
+.IP "\fB\-g \fIgid\fR"
+A identificação numérica do grupo é denominada ID. Este valor deve ser
+único, a menos que a opção \fB\-o\fR seja usada. O valor deve ser não
+negativo, e o padrão é o menor valor maior que 500 e o maior que qualquer
+outro grupo. Valores entre 0 e 999 são tipicamente reservados para \fIcontas
+do sistema\fR.
+.IP \fB\-r\fR
+Este indicador instrui \fBgroupadd\fR a adicionar uma  \fIconta do sistema
+\fR. A primeira identificação de grupo \fI(gid)\fR menor que 999 será
+automaticamente selecionada a menos que a opção \fB\-g\fR seja informada
+também.
+.BR
+Esta é uma informação disponibilizada pela Red Hat Software.
+.BR
+Esta opção também modifica o modo como a opção \fB\-g\fR funciona. Ao
+solicitar um \fIgid\fR que não seja único e ao não informar a opção
+\fB\-o\fR, a criação do grupo , a criação terá o comportamento padrão
+(adicionando um grupo como se as opções \fB\-g\fR ou \fB\-o\fR \fBnão\fR
+fossem especificadas).
+.BR
+.SH ARQUIVOS
+\fI/etc/group\fR \- informações sobre o grupo
+.br
+\fI/etc/gshadow\fR \- informações seguras sobre o grupo
+.br
+.SH VEJA TAMBÉM
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8)
+.SH AUTOR
+Julianne Frances Haugh (jfh@tab.com)
+.SH TRADUÇÃO E REVISÃO PARA A L�NGUA PORTUGUESA
+Sandro Nunes Henrique <sandro@conectiva.com.br> (tradução)
+Rodrigo Stulzer Lopes <rodrigo@conectiva.com.br> (revisão)
diff --git a/man/pt_BR/man8/groupdel.8 b/man/pt_BR/man8/groupdel.8
new file mode 100644
index 0000000..61292e6
--- /dev/null
+++ b/man/pt_BR/man8/groupdel.8
@@ -0,0 +1,59 @@
+.\" Copyright 1991 \- 1993, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Todos os direitos reservados.
+.\"
+.\" É permitida a confecção e distribuição deste manual, devidamente
+.\" acompanhado dos avisos de direitos autorais e desta permissão
+.\" em todas as cópias.
+.\"
+.\" É permitida a cópia e distribuição de versões modificadas deste manual
+.\" sob as condições acima, e que todo o trabalho derivado seja distribuído
+.\" sob  as mesmas condições deste manual.
+.\" 
+.\" Uma vez que o kernel do Linux e suas bibliotecas estão constantemente
+.\" mudando, esta página de manual poderá estar incorreta ou desatualizada.
+.\" O(s) autor(es) não assumem responsabilidade por erros ou omissões, 
+.\" ou por danos resultantes do uso das informações aqui contidas. 
+.\"
+.\" Versões formatadas ou processadas deste manual, desacompanhadas dos
+.\" fontes, devem conter a autorização e os direitos autorais dos autores do
+.\" trabalho.
+.\"
+.\" Você deve receber uma cópia da Licença Pública GNU
+.\" junto com este manual; caso contrário, escreva para a Free Software
+.\" Foundation, Inc., 675 mass Ave, Cambridge, MA 02139 USA ou
+.\" em português na Conectiva Informática Ltda. \- http://www.conectiva.com.br.\"
+.\"
+.\"	$Id$
+.\"
+.TH GROUPDEL 8
+.SH NOME
+groupdel \- Apaga um grupo
+.SH SINOPSE
+.B groupdel
+.I grupo
+.SH DESCRIÇÃO
+O comando \fBgroupdel\fR modifica os arquivos de contas do sistema, apagando todas as referências ao \fIgrupo\fR. O grupo a ser apagado deve existir.
+.PP
+Deve\-se manualmente checar os sistemas de arquivos para garantir que nenhum dos arquivos permanece com o grupo ou com a sua identificação.
+.SH DICAS
+Não se deve remover o grupo primário de um grupo existente. Deve\-se remover os usuários, antes de se remover o grupo.
+.SH ARQUIVOS
+\fI/etc/group\fR \- informações do grupo
+.br
+\fI/etc/gshadow\fR \- informações seguras do grupo
+.SH VEJA TAMBÉM
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR groupadd (8),
+.BR groupmod (8),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8)
+.SH AUTOR
+Julianne Frances Haugh (jfh@tab.com)
+.SH TRADUÇÃO E REVISÃO PARA A L�NGUA PORTUGUESA
+Sandro Nunes Henrique <sandro@conectiva.com.br> (tradução)
+Rodrigo Stulzer Lopes <rodrigo@conectiva.com.br> (revisão)
diff --git a/man/pt_BR/man8/groupmod.8 b/man/pt_BR/man8/groupmod.8
new file mode 100644
index 0000000..fec97d1
--- /dev/null
+++ b/man/pt_BR/man8/groupmod.8
@@ -0,0 +1,61 @@
+.\"	$Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" Todos os direitos reservados.
+.\"
+.\" É permitida a confecção e distribuição deste manual, devidamente
+.\" acompanhado dos avisos de direitos autorais e desta permissão
+.\" em todas as cópias.
+.\"
+.\" É permitida a cópia e distribuição de versões modificadas deste manual
+.\" sob as condições acima, e que todo o trabalho derivado seja distribuído
+.\" sob  as mesmas condições deste manual.
+.\" 
+.\" Uma vez que o kernel do Linux e suas bibliotecas estão constantemente
+.\" mudando, esta página de manual poderá estar incorreta ou desatualizada.
+.\" O(s) autor(es) não assumem responsabilidade por erros ou omissões, 
+.\" ou por danos resultantes do uso das informações aqui contidas. 
+.\"
+.\" Versões formatadas ou processadas deste manual, desacompanhadas dos
+.\" fontes, devem conter a autorização e os direitos autorais dos autores do
+.\" trabalho.
+.\"
+.\" Você deve receber uma cópia da Licença Pública GNU
+.\" junto com este manual; caso contrário, escreva para a Free Software
+.\" Foundation, Inc., 675 mass Ave, Cambridge, MA 02139 USA ou
+.\" em português na Conectiva Informática Ltda. \- http://www.conectiva.com.br
+.TH GROUPMOD 8
+.SH NOME
+groupmod \- Modifica um grupo
+.SH SINOPSE
+\fBgroupmod\fR [\fB\-g\fR \fIgid\fR [\fB\-o\fR]] [\fB\-n\fR \fInome_grupo\fR] \fIgrupo\fR
+.SH DESCRIÇÃO
+O comando \fBgroupmod\fR modifica os arquivos de contas do sistema para as
+novas configuraXXes informadas na linha de comando. As opXXes que aplicam\-se
+ao comando \fIgroupmod\fR sXo:
+.IP "\fB\-g\fR \fIgid\fR"
+O valor numXrico de identificaXXo do grupo X denominada GID. Este valor deve
+ser Xnico, a menos que a opXXo \fB\-o\fR seja usada. O valor dever ser nXo
+negativo. Valores entre 0 e 999 sXo tipicamente reservados para grupos do
+sistema. Quaisquer arquivos com uma identificaXXo antiga de grupo devem ter
+o ID mudado manualmente.
+.IP "\fB\-n\fR \fInome_grupo\fR"
+O nome do grupo irá ser alterado de \fIgroup\fR para
+\fInome_grupo\fR.
+.SH ARQUIVOS
+\fI/etc/group\fR	\- Informações do grupo
+.br
+\fI/etc/gshadow\fR	\- informações seguras do grupo
+.SH VEJA TAMBÉM
+.BR chfn (1),
+.BR chsh (1),
+.BR passwd (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8)
+.SH AUTOR
+Julianne Frances Haugh (jfh@tab.com)
+.SH TRADUÇÃO E REVISÃO PARA A L�NGUA PORTUGUESA
+Sandro Nunes Henrique <sandro@conectiva.com.br> (tradução)
+Rodrigo Stulzer Lopes <rodrigo@conectiva.com.br> (revisão)
diff --git a/man/pwck.8.xml b/man/pwck.8.xml
new file mode 100644
index 0000000..25952df
--- /dev/null
+++ b/man/pwck.8.xml
@@ -0,0 +1,363 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1992       , Julianne Frances Haugh
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY PASS_MAX_DAYS         SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
+<!ENTITY PASS_MIN_DAYS         SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
+<!ENTITY PASS_WARN_AGE         SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
+<!ENTITY TCB_AUTH_GROUP        SYSTEM "login.defs.d/TCB_AUTH_GROUP.xml">
+<!ENTITY TCB_SYMLINKS          SYSTEM "login.defs.d/TCB_SYMLINKS.xml">
+<!ENTITY USE_TCB               SYSTEM "login.defs.d/USE_TCB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='pwck.8'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1992</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>pwck</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>pwck</refname>
+    <refpurpose>verify integrity of password files</refpurpose>
+  </refnamediv>
+  <!-- body begins here -->
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>pwck</command>
+      <arg choice='opt'>options</arg>
+      <arg choice='opt'>
+	<arg choice='plain'>
+	  <replaceable>passwd</replaceable>
+	</arg>
+	<arg choice='opt'>
+	  <arg choice='plain'>
+	    <replaceable>shadow</replaceable>
+	  </arg>
+	</arg>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>pwck</command> command verifies the integrity of the
+      users and authentication information. It checks that all entries in
+      <filename>/etc/passwd</filename> and <filename>/etc/shadow</filename>
+      <phrase condition="tcb">(or the files in
+      <filename>/etc/tcb</filename>, when <option>USE_TCB</option> is
+      enabled)</phrase>
+      have the proper format and contain valid data.
+      The user is prompted to delete entries that are
+      improperly formatted or which have other uncorrectable errors.
+    </para>
+
+    <para>Checks are made to verify that each entry has:</para>
+    <itemizedlist mark='bullet'>
+      <listitem>
+	<para>the correct number of fields</para>
+      </listitem>
+      <listitem>
+	<para>a unique and valid user name</para>
+      </listitem>
+      <listitem>
+	<para>a valid user and group identifier</para>
+      </listitem>
+      <listitem>
+	<para>a valid primary group</para>
+      </listitem>
+      <listitem>
+	<para> a valid home directory</para>
+      </listitem>
+      <listitem>
+	<para>a valid login shell</para>
+      </listitem>
+    </itemizedlist>
+
+    <para>
+      <filename>shadow</filename> checks are enabled when a second file
+      parameter is specified or when <filename>/etc/shadow</filename>
+      exists on the system.
+    </para>
+    <para>
+      These checks are the following:
+    </para>
+    <itemizedlist mark='bullet'>
+      <listitem>
+	<para>
+	  every passwd entry has a matching shadow entry, and every shadow
+	  entry has a matching passwd entry
+	</para>
+      </listitem>
+      <listitem>
+	<para>passwords are specified in the shadowed file</para>
+      </listitem>
+      <listitem>
+	<para>shadow entries have the correct number of fields</para>
+      </listitem>
+      <listitem>
+	<para>shadow entries are unique in shadow</para>
+      </listitem>
+      <listitem>
+	<para>the last password changes are not in the future</para>
+      </listitem>
+    </itemizedlist>
+
+    <para>
+      The checks for correct number of fields and unique user name are
+      fatal. If the entry has the wrong number of fields, the user will be
+      prompted to delete the entire line. If the user does not answer
+      affirmatively, all further checks are bypassed. An entry with a
+      duplicated user name is prompted for deletion, but the remaining
+      checks will still be made. All other errors are warning and the user
+      is encouraged to run the <command>usermod</command> command to correct
+      the error.
+    </para>
+
+    <para>
+      The commands which operate on the <filename>/etc/passwd</filename>
+      file are not able to alter corrupted or duplicated entries.
+      <command>pwck</command> should be used in those circumstances to
+      remove the offending entry.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The <option>-r</option> and <option>-s</option> options cannot be
+      combined.
+    </para>
+    <para>
+      The options which apply to the <command>pwck</command> command are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-q</option>, <option>--quiet</option></term>
+	<listitem>
+	  <para>
+	    Report errors only. The warnings which do not require any
+	    action from the user won't be displayed.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-r</option>, <option>--read-only</option></term>
+	<listitem>
+	  <para>
+	    Execute the <command>pwck</command> command in read-only mode.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-s</option>, <option>--sort</option></term>
+	<listitem>
+	  <para>
+	    Sort entries in <filename>/etc/passwd</filename> and
+	    <filename>/etc/shadow</filename> by UID.
+	  </para>
+	  <para condition="tcb">
+	    This option has no effect when <option>USE_TCB</option> is enabled.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+
+    <para>
+      By default, <command>pwck</command> operates on the files
+      <filename>/etc/passwd</filename> and
+      <filename>/etc/shadow</filename><phrase condition="tcb"> (or the
+      files in <filename>/etc/tcb</filename>)</phrase>.
+      The user may select alternate files with the
+      <replaceable>passwd</replaceable> and
+      <replaceable>shadow</replaceable> parameters.
+    </para>
+    <para condition="tcb">
+      Note that when <option>USE_TCB</option> is enabled, you cannot
+      specify an alternative <replaceable>shadow</replaceable> file. In
+      future releases, this parameter could be replaced by an alternate
+      TCB directory.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &PASS_MAX_DAYS;
+      &PASS_MIN_DAYS;
+      &PASS_WARN_AGE;
+      &TCB_AUTH_GROUP;
+      &TCB_SYMLINKS;
+      &USE_TCB;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='exit_values'>
+    <title>EXIT VALUES</title>
+    <para>
+      The <command>pwck</command> command exits with the following values:
+      <variablelist>
+	<varlistentry>
+	  <term><replaceable>0</replaceable></term>
+	  <listitem>
+	    <para>success</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>1</replaceable></term>
+	  <listitem>
+	    <para>invalid command syntax</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>2</replaceable></term>
+	  <listitem>
+	    <para>one or more bad password entries</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>3</replaceable></term>
+	  <listitem>
+	    <para>can't open password files</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>4</replaceable></term>
+	  <listitem>
+	    <para>can't lock password files</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>5</replaceable></term>
+	  <listitem>
+	    <para>can't update password files</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>6</replaceable></term>
+	  <listitem>
+	    <para>can't sort password files</para>
+	  </listitem>
+	</varlistentry>
+      </variablelist>
+    </para>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/pwconv.8.xml b/man/pwconv.8.xml
new file mode 100644
index 0000000..3e26498
--- /dev/null
+++ b/man/pwconv.8.xml
@@ -0,0 +1,281 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1996 - 1998, Marek Michałkiewicz
+   Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY PASS_MAX_DAYS         SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
+<!ENTITY PASS_MIN_DAYS         SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
+<!ENTITY PASS_WARN_AGE         SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
+<!ENTITY USE_TCB               SYSTEM "login.defs.d/USE_TCB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='pwconv.8'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Marek</firstname>
+      <surname>Michałkiewicz</surname>
+      <contrib>Creation, 1996</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>pwconv</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>pwconv</refname>
+    <refname>pwunconv</refname>
+    <refname>grpconv</refname>
+    <refname>grpunconv</refname>
+    <refpurpose>convert to and from shadow passwords and groups</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>pwconv</command>
+      <arg choice='opt'>
+        <replaceable>options</replaceable>
+      </arg>
+    </cmdsynopsis>
+    <cmdsynopsis>
+      <command>pwunconv</command>
+      <arg choice='opt'>
+        <replaceable>options</replaceable>
+      </arg>
+    </cmdsynopsis>
+    <cmdsynopsis>
+      <command>grpconv</command>
+      <arg choice='opt'>
+        <replaceable>options</replaceable>
+      </arg>
+    </cmdsynopsis>
+    <cmdsynopsis>
+      <command>grpunconv</command>
+      <arg choice='opt'>
+        <replaceable>options</replaceable>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>pwconv</command> command creates <emphasis
+      remap='I'>shadow</emphasis> from <emphasis remap='I'>passwd</emphasis>
+      and an optionally existing <emphasis remap='I'>shadow</emphasis>.
+    </para>
+    <para condition="tcb">
+      <command>pwconv</command> does not work with
+      <option>USE_TCB</option> enabled. To convert to tcb passwords, you
+      should first use <command>pwconv</command> to convert to shadowed
+      passwords by disabling <option>USE_TCB</option> in
+      <filename>login.defs</filename> and then convert to tcb password
+      using <command>tcb_convert</command> (and re-enable
+      <option>USE_TCB</option> in <filename>login.defs</filename>.)
+    </para>
+
+    <para>
+      The <command>pwunconv</command> command creates <emphasis
+      remap='I'>passwd</emphasis> from <emphasis remap='I'>passwd</emphasis>
+      and <emphasis remap='I'>shadow</emphasis> and then removes <emphasis
+      remap='I'>shadow</emphasis>.
+    </para>
+    <para condition="tcb">
+      <command>pwunconv</command> does not work with
+      <option>USE_TCB</option> enabled. You should first switch back from
+      tcb to shadowed passwords using <command>tcb_unconvert</command>,
+      and then disable <option>USE_TCB</option> in
+      <filename>login.defs</filename> before using
+      <command>pwunconv</command>.
+    </para>
+
+    <para>
+      The <command>grpconv</command> command creates <emphasis
+      remap='I'>gshadow</emphasis> from <emphasis remap='I'>group</emphasis>
+      and an optionally existing <emphasis remap='I'>gshadow</emphasis>.
+    </para>
+
+    <para>
+      The <command>grpunconv</command> command creates <emphasis
+      remap='I'>group</emphasis> from <emphasis remap='I'>group</emphasis>
+      and <emphasis remap='I'>gshadow</emphasis> and then removes <emphasis
+      remap='I'>gshadow</emphasis>.
+    </para>
+
+    <para>
+      These four programs all operate on the normal and shadow password and
+      group files: <filename>/etc/passwd</filename>,
+      <filename>/etc/group</filename>, <filename>/etc/shadow</filename>, and
+      <filename>/etc/gshadow</filename>.
+    </para>
+
+    <para>
+      Each program acquires the necessary locks before conversion. 
+      <command>pwconv</command> and <command>grpconv</command> are similar. 
+      First, entries in the shadowed file which don't exist in the main file
+      are removed. Then, shadowed entries which don't have `x' as the
+      password in the main file are updated. Any missing shadowed entries
+      are added. Finally, passwords in the main file are replaced with `x'. 
+      These programs can be used for initial conversion as well to update
+      the shadowed file if the main file is edited by hand.
+    </para>
+
+    <para>
+      <command>pwconv</command> will use the values of <emphasis
+      remap='I'>PASS_MIN_DAYS</emphasis>, <emphasis
+      remap='I'>PASS_MAX_DAYS</emphasis>, and <emphasis
+      remap='I'>PASS_WARN_AGE</emphasis> from
+      <filename>/etc/login.defs</filename> when adding new entries to
+      <filename>/etc/shadow</filename>.
+    </para>
+
+    <para>
+      Likewise <command>pwunconv</command> and <command>grpunconv</command>
+      are similar. Passwords in the main file are updated from the shadowed
+      file. Entries which exist in the main file but not in the shadowed
+      file are left alone. Finally, the shadowed file is removed. Some
+      password aging information is lost by <command>pwunconv</command>. It
+      will convert what it can.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>pwconv</command>,
+      <command>pwunconv</command>, <command>grpconv</command>, and
+      <command>grpunconv</command> commands are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='bugs'>
+    <title>BUGS</title>
+    <para>
+      Errors in the password or group files (such as invalid or duplicate
+      entries) may cause these programs to loop forever or fail in other
+      strange ways. Please run <command>pwck</command> and
+      <command>grpck</command> to correct any such errors before converting
+      to or from shadow passwords or groups.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variable in
+      <filename>/etc/login.defs</filename> changes the behavior of
+      <command>grpconv</command> and <command>grpunconv</command>:
+    </para>
+    <variablelist>
+      &MAX_MEMBERS_PER_GROUP;
+    </variablelist>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of
+      <command>pwconv</command>:
+    </para>
+    <variablelist>
+      &PASS_MAX_DAYS;
+      &PASS_MIN_DAYS;
+      &PASS_WARN_AGE;
+      &USE_TCB;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/login.defs</filename></term>
+	<listitem>
+	  <para>Shadow password suite configuration.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry><phrase condition="tcb">,
+      <citerefentry>
+	<refentrytitle>tcb_convert</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>tcb_unconvert</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry></phrase>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/ru/Makefile.am b/man/ru/Makefile.am
new file mode 100644
index 0000000..8a776a8
--- /dev/null
+++ b/man/ru/Makefile.am
@@ -0,0 +1,66 @@
+
+mandir = @mandir@/ru
+
+man_MANS = \
+	man1/chage.1 \
+	man1/chfn.1 \
+	man8/chgpasswd.8 \
+	man8/chpasswd.8 \
+	man1/chsh.1 \
+	man1/expiry.1 \
+	man5/faillog.5 \
+	man8/faillog.8 \
+	man3/getspnam.3 \
+	man1/gpasswd.1 \
+	man8/groupadd.8 \
+	man8/groupdel.8 \
+	man8/groupmems.8 \
+	man8/groupmod.8 \
+	man1/groups.1 \
+	man8/grpck.8 \
+	man8/grpconv.8 \
+	man8/grpunconv.8 \
+	man5/gshadow.5 \
+	man8/lastlog.8 \
+	man1/login.1 \
+	man5/login.defs.5 \
+	man8/logoutd.8 \
+	man1/newgrp.1 \
+	man8/newusers.8 \
+	man8/nologin.8 \
+	man1/passwd.1 \
+	man5/passwd.5 \
+	man8/pwck.8 \
+	man8/pwconv.8 \
+	man8/pwunconv.8 \
+	man1/sg.1 \
+	man3/shadow.3 \
+	man5/shadow.5 \
+	man1/su.1 \
+	man5/suauth.5 \
+	man8/useradd.8 \
+	man8/userdel.8 \
+	man8/usermod.8 \
+	man8/vigr.8 \
+	man8/vipw.8
+
+man_nopam = \
+	man5/limits.5 \
+	man5/login.access.5 \
+	man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+EXTRA_DIST = \
+	$(man_MANS) \
+	man1/id.1 \
+	man8/sulogin.8
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+include ../generate_translations.mak
+
diff --git a/man/sg.1.xml b/man/sg.1.xml
new file mode 100644
index 0000000..012d9a5
--- /dev/null
+++ b/man/sg.1.xml
@@ -0,0 +1,166 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1991       , Julianne Frances Haugh
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY SYSLOG_SG_ENAB        SYSTEM "login.defs.d/SYSLOG_SG_ENAB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='sg.1'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1991</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>sg</refentrytitle>
+    <manvolnum>1</manvolnum>
+    <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>sg</refname>
+    <refpurpose>execute command as different group ID</refpurpose>
+  </refnamediv>
+  <!-- body begins here -->
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>sg</command>
+      <arg choice='opt'>- </arg>
+      <arg choice='opt'>group
+	<arg choice='opt'>-c </arg>
+	command
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+  <title>DESCRIPTION</title>
+    <para>
+      The <command>sg</command> command works similar to
+      <command>newgrp</command> but accepts a command. The command will be
+      executed with the <filename>/bin/sh</filename> shell. With most shells
+      you may run <command>sg</command> from, you need to enclose multi-word
+      commands in quotes. Another difference between
+      <command>newgrp</command> and <command>sg</command> is that some
+      shells treat <command>newgrp</command> specially, replacing themselves
+      with a new instance of a shell that <command>newgrp</command> creates.
+      This doesn't happen with <command>sg</command>, so upon exit from a
+      <command>sg</command> command you are returned to your previous group
+      ID.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &SYSLOG_SG_ENAB;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	 </listitem>
+      </varlistentry>
+      <varlistentry condition="gshadow">
+	<term><filename>/etc/gshadow</filename></term>
+	<listitem>
+	  <para>Secure group account information.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>id</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>gpasswd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry><phrase condition="gshadow">,
+	<citerefentry>
+	  <refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum>
+	</citerefentry>
+      </phrase>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/shadow.3.xml b/man/shadow.3.xml
new file mode 100644
index 0000000..edc46d5
--- /dev/null
+++ b/man/shadow.3.xml
@@ -0,0 +1,248 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1989 - 1993, Julianne Frances Haugh
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='shadow.3'>
+  <!--  $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1989</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>shadow</refentrytitle>
+    <manvolnum>3</manvolnum>
+    <refmiscinfo class="sectdesc">Library Calls</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>shadow</refname>
+    <refname>getspnam</refname>
+    <refpurpose>encrypted password file routines</refpurpose>
+  </refnamediv>
+
+  <refsect1 id='syntax'>
+    <title>SYNTAX</title>
+    <para>
+      <emphasis>#include &lt;shadow.h&gt;</emphasis>
+    </para>
+
+    <para>
+      <emphasis>struct spwd *getspent();</emphasis>
+    </para>
+
+    <para>
+      <emphasis>struct spwd *getspnam(char</emphasis> <emphasis
+      remap='I'>*name</emphasis><emphasis>);</emphasis>
+    </para>
+
+    <para>
+      <emphasis>void setspent();</emphasis>
+    </para>
+
+    <para>
+      <emphasis>void endspent();</emphasis>
+    </para>
+
+    <para>
+      <emphasis>struct spwd *fgetspent(FILE</emphasis> <emphasis
+      remap='I'>*fp</emphasis><emphasis>);</emphasis>
+    </para>
+
+    <para>
+      <emphasis>struct spwd *sgetspent(char</emphasis> <emphasis
+      remap='I'>*cp</emphasis><emphasis>);</emphasis>
+    </para>
+
+    <para>
+      <emphasis>int putspent(struct spwd</emphasis> <emphasis
+      remap='I'>*p,</emphasis> <emphasis>FILE</emphasis> <emphasis
+      remap='I'>*fp</emphasis><emphasis>);</emphasis>
+    </para>
+
+    <para>
+      <emphasis>int lckpwdf();</emphasis>
+    </para>
+
+    <para>
+      <emphasis>int ulckpwdf();</emphasis>
+    </para>
+  </refsect1>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      <emphasis remap='I'>shadow</emphasis> manipulates the contents of the
+      shadow password file, <filename>/etc/shadow</filename>. The structure
+      in the <emphasis remap='I'>#include</emphasis> file is:
+    </para>
+    <programlisting>struct spwd {
+      char		*sp_namp; /* user login name */
+      char		*sp_pwdp; /* encrypted password */
+      long int		sp_lstchg; /* last password change */
+      long int		sp_min; /* days until change allowed. */
+      long int		sp_max; /* days before change required */
+      long int		sp_warn; /* days warning for expiration */
+      long int		sp_inact; /* days before account inactive */
+      long int		sp_expire; /* date when account expires */
+      unsigned long int	sp_flag; /* reserved for future use */
+}
+    </programlisting>
+    <para>The meanings of each field are:</para>
+    <itemizedlist mark='bullet'>
+      <listitem>
+	<para>sp_namp - pointer to null-terminated user name</para>
+      </listitem>
+      <listitem>
+	<para>sp_pwdp - pointer to null-terminated password</para>
+      </listitem>
+      <listitem>
+	<para>sp_lstchg - days since Jan 1, 1970 password was last changed</para>
+      </listitem>
+      <listitem>
+	<para>sp_min - days before which password may not be changed</para>
+      </listitem>
+      <listitem>
+	<para>sp_max - days after which password must be changed</para>
+      </listitem>
+      <listitem>
+	 <para>sp_warn - days before password is to expire that user is warned of
+	   pending password expiration
+	 </para>
+      </listitem>
+      <listitem>
+	<para>sp_inact - days after password expires that account is considered
+	  inactive and disabled
+	</para>
+      </listitem>
+      <listitem>
+	<para>sp_expire - days since Jan 1, 1970 when account will be disabled</para>
+      </listitem>
+      <listitem>
+	<para>sp_flag - reserved for future use</para>
+      </listitem>
+    </itemizedlist>
+
+  </refsect1>
+
+  <refsect1 id='description2'>
+    <title>DESCRIPTION</title>
+    <para>
+      <emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>,
+      <emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis>
+      each return a pointer to a <emphasis>struct spwd</emphasis>.
+      <emphasis>getspent</emphasis> returns the next entry from the file,
+      and <emphasis>fgetspent</emphasis> returns the next entry from the
+      given stream, which is assumed to be a file of the proper format.
+      <emphasis>sgetspent</emphasis> returns a pointer to a <emphasis>struct
+      spwd</emphasis> using the provided string as input.
+      <emphasis>getspnam</emphasis> searches from the current position in
+      the file for an entry matching <emphasis>name</emphasis>.
+    </para>
+
+    <para>
+      <emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be
+      used to begin and end, respectively, access to the shadow password
+      file.
+    </para>
+    
+    <para>
+      The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis>
+      routines should be used to insure exclusive access to the
+      <filename>/etc/shadow</filename> file.  <emphasis>lckpwdf</emphasis>
+      attempts to acquire a lock using <emphasis>pw_lock</emphasis> for up
+      to 15 seconds. It continues by attempting to acquire a second lock
+      using <emphasis>spw_lock</emphasis> for the remainder of the initial
+      15 seconds. Should either attempt fail after a total of 15 seconds,
+      <emphasis>lckpwdf</emphasis> returns -1. When both locks are acquired
+      0 is returned.
+    </para>
+  </refsect1>
+
+  <refsect1 id='diagnostics'>
+    <title>DIAGNOSTICS</title>
+    <para>
+      Routines return NULL if no more entries are available or if an error
+      occurs during processing. Routines which have <emphasis>int</emphasis>
+      as the return value return 0 for success and
+      -1 for failure.
+    </para>
+  </refsect1>
+
+  <refsect1 id='caveats'>
+    <title>CAVEATS</title>
+    <para>
+      These routines may only be used by the superuser as access to the
+      shadow password file is restricted.
+    </para>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>getpwent</refentrytitle><manvolnum>3</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/shadow.5.xml b/man/shadow.5.xml
new file mode 100644
index 0000000..5d20511
--- /dev/null
+++ b/man/shadow.5.xml
@@ -0,0 +1,314 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1989 - 1990, Julianne Frances Haugh
+   Copyright (c) 2007 - 2009, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='shadow.5'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1989</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>shadow</refentrytitle>
+    <manvolnum>5</manvolnum>
+    <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>shadow</refname>
+    <refpurpose>shadowed password file</refpurpose>
+  </refnamediv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      <filename>shadow</filename> is a file which contains the password
+      information for the system's accounts and optional aging
+      information.
+    </para>
+
+    <para>
+      This file must not be readable by regular users if password security
+      is to be maintained.
+    </para>
+
+    <para>
+      Each line of this file contains 9 fields, separated by colons
+      (<quote>:</quote>), in the following order:
+    </para>
+
+    <variablelist>
+      <varlistentry>
+	<term><emphasis role="bold">login name</emphasis></term>
+	<listitem>
+	  <para>
+	    It must be a valid account name, which exist on the system.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><emphasis role="bold">encrypted password</emphasis></term>
+	<listitem>
+	  <para>
+	    Refer to <citerefentry><refentrytitle>crypt</refentrytitle>
+	    <manvolnum>3</manvolnum></citerefentry> for details on how
+	    this string is interpreted.
+	  </para>
+	  <para>
+	    If the password field contains some string that is not a valid
+	    result of <citerefentry><refentrytitle>crypt</refentrytitle>
+	    <manvolnum>3</manvolnum></citerefentry>, for instance ! or *,
+	    the user will not be able to use a unix password to log in
+	    (but the user may log in the system by other means).
+	  </para>
+	  <para>
+	    This field may be empty, in which case no passwords are
+	    required to authenticate as the specified login name.
+	    However, some applications which read the
+	    <filename>/etc/shadow</filename> file may decide not to permit
+	    any access at all if the password field is empty.
+	  </para>
+	  <para>
+	    A password field which starts with an exclamation mark means
+	    that the password is locked.  The remaining characters on the
+	    line represent the password field before the password was
+	    locked.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <emphasis role="bold">date of last password change</emphasis>
+	</term>
+	<listitem>
+	  <para>
+	    The date of the last password change, expressed as the number
+	    of days since Jan 1, 1970.
+	  </para>
+	  <para>
+	    The value 0 has a special meaning, which is that the user
+	    should change her password the next time she will log in the
+	    system.
+	  </para>
+	  <para>
+	    An empty field means that password aging features are
+	    disabled.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><emphasis role="bold">minimum password age</emphasis></term>
+	<listitem>
+	  <para>
+	    The minimum password age is the number of days the user will
+	    have to wait before she will be allowed to change her password
+	    again.
+	  </para>
+	  <para>
+	    An empty field and value 0 mean that there are no minimum
+	    password age.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><emphasis role="bold">maximum password age</emphasis></term>
+	<listitem>
+	  <para>
+	    The maximum password age is the number of days after which the
+	    user will have to change her password.
+	  </para>
+	  <para>
+	    After this number of days is elapsed, the password may still
+	    be valid.  The user should be asked to change her password the
+	    next time she will log in.
+	  </para>
+	  <para>
+	    An empty field means that there are no maximum password age,
+	    no password warning period, and no password inactivity period
+	    (see below).
+	  </para>
+	  <para>
+	    If the maximum password age is lower than the minimum password
+	    age, the user cannot change her password.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <emphasis role="bold">password warning period</emphasis>
+	</term>
+	<listitem>
+	  <para>
+	    The number of days before a password is going to expire (see
+	    the maximum password age above) during which the user should
+	    be warned.
+	  </para>
+	  <para>
+	    An empty field and value 0 mean that there are no password
+	    warning period.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <emphasis role="bold">password inactivity period</emphasis>
+	</term>
+	<listitem>
+	  <para>
+	    The number of days after a password has expired (see the
+	    maximum password age above) during which the password should
+	    still be accepted (and the user should update her password
+	    during the next login).
+	  </para>
+	  <para>
+	    After expiration of the password and this expiration period is
+	    elapsed, no login is possible using the current user's
+	    password.  The user should contact her administrator.
+	  </para>
+	  <para>
+	    An empty field means that there are no enforcement of an
+	    inactivity period.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <emphasis role="bold">account expiration date</emphasis>
+	</term>
+	<listitem>
+	  <para>
+	    The date of expiration of the account, expressed as the number
+	    of days since Jan 1, 1970.
+	  </para>
+	  <para>
+	    Note that an account expiration differs from a password
+	    expiration.  In case of an account expiration, the user shall
+	    not be allowed to login.  In case of a password expiration,
+	    the user is not allowed to login using her password.
+	  </para>
+	  <para>
+	    An empty field means that the account will never expire.
+	  </para>
+	  <para>
+	    The value 0 should not be used as it is interpreted as either
+	    an account with no expiration, or as an expiration on Jan 1,
+	    1970.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><emphasis role="bold">reserved field</emphasis></term>
+	<listitem>
+	  <para>This field is reserved for future use.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow-</filename></term>
+	<listitem>
+	  <para>Backup file for /etc/shadow.</para>
+	  <para>
+	    Note that this file is used by the tools of the shadow
+	    toolsuite, but not by all user and password management tools.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>pwunconv</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>sulogin</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/su.1.xml b/man/su.1.xml
new file mode 100644
index 0000000..24143c3
--- /dev/null
+++ b/man/su.1.xml
@@ -0,0 +1,453 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1989 - 1990, Julianne Frances Haugh
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY CONSOLE               SYSTEM "login.defs.d/CONSOLE.xml">
+<!ENTITY CONSOLE_GROUPS        SYSTEM "login.defs.d/CONSOLE_GROUPS.xml">
+<!ENTITY DEFAULT_HOME          SYSTEM "login.defs.d/DEFAULT_HOME.xml">
+<!ENTITY ENV_HZ                SYSTEM "login.defs.d/ENV_HZ.xml">
+<!ENTITY ENVIRON_FILE          SYSTEM "login.defs.d/ENVIRON_FILE.xml">
+<!ENTITY ENV_PATH              SYSTEM "login.defs.d/ENV_PATH.xml">
+<!ENTITY ENV_SUPATH            SYSTEM "login.defs.d/ENV_SUPATH.xml">
+<!ENTITY ENV_TZ                SYSTEM "login.defs.d/ENV_TZ.xml">
+<!ENTITY LOGIN_STRING          SYSTEM "login.defs.d/LOGIN_STRING.xml">
+<!ENTITY MAIL_CHECK_ENAB       SYSTEM "login.defs.d/MAIL_CHECK_ENAB.xml">
+<!ENTITY MAIL_DIR              SYSTEM "login.defs.d/MAIL_DIR.xml">
+<!ENTITY QUOTAS_ENAB           SYSTEM "login.defs.d/QUOTAS_ENAB.xml">
+<!ENTITY SULOG_FILE            SYSTEM "login.defs.d/SULOG_FILE.xml">
+<!ENTITY SU_NAME               SYSTEM "login.defs.d/SU_NAME.xml">
+<!ENTITY SU_WHEEL_ONLY         SYSTEM "login.defs.d/SU_WHEEL_ONLY.xml">
+<!ENTITY SYSLOG_SU_ENAB        SYSTEM "login.defs.d/SYSLOG_SU_ENAB.xml">
+<!ENTITY USERGROUPS_ENAB       SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='su.1'>
+  <!--  $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1989</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>su</refentrytitle>
+    <manvolnum>1</manvolnum>
+    <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>su</refname>
+    <refpurpose>change user ID or become superuser</refpurpose>
+  </refnamediv>
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>su</command>
+      <arg choice='opt'>
+	<replaceable>options</replaceable>
+      </arg>
+      <arg choice='opt'>
+	<arg choice='plain'>
+	  <replaceable>username</replaceable>
+	</arg>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>su</command> command is used to become another user during
+      a login session. Invoked without a <option>username</option>, 
+      <command>su</command> defaults to
+      becoming the superuser. The optional argument <option>-</option> may
+      be used to provide an environment similar to what the user would
+      expect had the user logged in directly.
+    </para>
+
+    <para>
+      Additional arguments may be provided after the username, in which case
+      they are supplied to the user's login shell. In particular, an
+      argument of <option>-c</option> will cause the next argument to be
+      treated as a command by most command interpreters. The command will be
+      executed by the shell specified in <filename>/etc/passwd</filename>
+      for the target user.
+    </para>
+
+    <para>
+      You can use the <option>--</option> argument to separate
+      <command>su</command> options from the arguments supplied to the shell.
+    </para>
+
+    <para>The user will be prompted for a password, if appropriate. Invalid
+      passwords will produce an error message. All attempts, both valid and
+      invalid, are logged to detect abuse of the system.
+    </para>
+
+    <para>
+      The current environment is passed to the new shell. The value of
+      <envar>$PATH</envar> is reset to <filename>/bin:/usr/bin</filename>
+      for normal users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename>
+      for the superuser. This may be changed with the
+      <option>ENV_PATH</option> and <option>ENV_SUPATH</option>
+      definitions in <filename>/etc/login.defs</filename>.
+    </para>
+
+    <para>
+      A subsystem login is indicated by the presence of a "*" as the first
+      character of the login shell. The given home directory will be used as
+      the root of a new file system which the user is actually logged into.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>The options which apply to the <command>su</command> command are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Specify a command that will be invoked by the shell using its
+	    <option>-c</option>.
+	  </para>
+	  <para>
+	    The executed command will have no controlling terminal. This
+	    option cannot be used to execute interactive programs which
+	    need a controlling TTY.
+	    <!-- This avoids TTY hijacking when su is used to lower
+	         privileges -->
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-</option>, <option>-l</option>, <option>--login</option>
+	</term>
+	<listitem>
+	  <para>
+	    Provide an environment similar to what the user would expect had
+	    the user logged in directly.
+	  </para>
+	  <para>
+	    When <option>-</option> is used, it must be specified before any
+	    <option>username</option>.  For portability it is recommended
+	    to use it as last option, before any
+	    <option>username</option>.  The other forms
+	    (<option>-l</option> and <option>--login</option>)
+	    do not have this restriction.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</replaceable>
+	</term>
+	<listitem>
+	  <para>The shell that will be invoked.</para>
+	  <para>
+	    The invoked shell is chosen from (highest priority first):
+	    <!--This should be an ordered list, but lists inside another
+	        list does not work well with current docbook.
+	        - nekral - 2009.06.03 -->
+	    <variablelist>
+	      <varlistentry><term></term><listitem>
+		<para>The shell specified with --shell.</para>
+	      </listitem></varlistentry>
+	      <varlistentry><term></term><listitem>
+		<para>
+		  If <option>--preserve-environment</option> is used, the
+		  shell specified by the <envar>$SHELL</envar> environment
+		  variable.
+		</para>
+	      </listitem></varlistentry>
+	      <varlistentry><term></term><listitem>
+		<para>
+		  The shell indicated in the <filename>/etc/passwd</filename>
+		  entry for the target user.
+		</para>
+	      </listitem></varlistentry>
+	      <varlistentry><term></term><listitem>
+		<para><filename>/bin/sh</filename> if a shell could not be
+		found by any above method.</para>
+	      </listitem></varlistentry>
+	    </variablelist>
+	  </para>
+	  <para>
+	    If the target user has a restricted shell (i.e. the shell field of
+	    this user's entry in <filename>/etc/passwd</filename> is not
+	    listed in <filename>/etc/shells</filename>), then the
+	    <option>--shell</option> option or the <envar>$SHELL</envar>
+	    environment variable won't be taken into account, unless
+	    <command>su</command> is called by root.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-m</option>, <option>-p</option>,
+	  <option>--preserve-environment</option>
+	</term>
+	<listitem>
+	  <para>
+	    Preserve the current environment, except for:
+	    <variablelist>
+	      <varlistentry>
+		<term><envar>$PATH</envar></term>
+		<listitem>
+		  <para>
+		    reset according to the
+		    <filename>/etc/login.defs</filename> options
+		    <option>ENV_PATH</option> or
+		    <option>ENV_SUPATH</option> (see below);
+		  </para>
+		</listitem>
+	      </varlistentry>
+	      <varlistentry>
+		<term><envar>$IFS</envar></term>
+		<listitem>
+		  <para>
+		    reset to
+		    <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>,
+		    if it was set.
+		  </para>
+		</listitem>
+	      </varlistentry>
+	    </variablelist>
+	  </para>
+	  <para>
+	    If the target user has a restricted shell, this option has no
+	    effect (unless <command>su</command> is called by root).
+	  </para>
+	  <para>
+	    Note that the default behavior for the environment is the
+	    following:
+	    <variablelist>
+	      <varlistentry><term></term><listitem>
+		  <para>
+		    The <envar>$HOME</envar>, <envar>$SHELL</envar>,
+		    <envar>$USER</envar>, <envar>$LOGNAME</envar>,
+		    <envar>$PATH</envar>, and <envar>$IFS</envar>
+		    environment variables are reset.
+		  </para>
+		</listitem>
+	      </varlistentry>
+	      <varlistentry><term></term><listitem>
+		  <para>
+		    If <option>--login</option> is not used, the
+		    environment is copied, except for the variables above.
+		  </para>
+		</listitem>
+	      </varlistentry>
+	      <varlistentry><term></term><listitem>
+		  <para>
+		    If <option>--login</option> is used, the
+		    <envar>$TERM</envar>, <envar>$COLORTERM</envar>,
+		    <envar>$DISPLAY</envar>, and
+		    <envar>$XAUTHORITY</envar> environment variables are
+		    copied if they were set.
+		  </para>
+		</listitem>
+	      </varlistentry>
+	      <varlistentry condition="no_pam"><term></term><listitem>
+		  <para>
+		    If <option>--login</option> is used, the
+		    <envar>$TZ</envar>, <envar>$HZ</envar>, and
+		    <envar>$MAIL</envar> environment
+		    variables are set according to the 
+		    <filename>/etc/login.defs</filename>
+		    options <option>ENV_TZ</option>,
+		    <option>ENV_HZ</option>, <option>MAIL_DIR</option>, and
+		    <option>MAIL_FILE</option> (see below).
+		  </para>
+		</listitem>
+	      </varlistentry>
+	      <varlistentry condition="no_pam"><term></term><listitem>
+		  <para>
+		    If <option>--login</option> is used, other environment
+		    variables might be set by the
+		    <option>ENVIRON_FILE</option> file (see below).
+		  </para>
+		</listitem>
+	      </varlistentry>
+	      <varlistentry condition="pam"><term></term><listitem>
+		  <para>
+		    Other environments might be set by PAM modules.
+		  </para>
+		</listitem>
+	      </varlistentry>
+	    </variablelist>
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='caveats'>
+    <title>CAVEATS</title>
+    <para>
+      This version of <command>su</command> has many compilation options,
+      only some of which may be in use at any particular site.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &CONSOLE;
+      &CONSOLE_GROUPS;
+      &DEFAULT_HOME;
+      <phrase condition="no_pam">&ENV_HZ;</phrase>
+      &ENVIRON_FILE;
+      &ENV_PATH;
+      &ENV_SUPATH;
+      &ENV_TZ;
+      <phrase condition="no_pam">&LOGIN_STRING;</phrase>
+      &MAIL_CHECK_ENAB;
+      <phrase condition="no_pam">&MAIL_DIR;</phrase>
+      &QUOTAS_ENAB;
+      &SULOG_FILE;
+      &SU_NAME;
+      &SU_WHEEL_ONLY;
+      &SYSLOG_SU_ENAB;
+      <phrase condition="no_pam">&USERGROUPS_ENAB;</phrase>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/login.defs</filename></term>
+	<listitem>
+	  <para>Shadow password suite configuration.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='exit_values'>
+    <title>EXIT VALUES</title>
+    <para>
+      On success, <command>su</command> returns the exit value of the
+      command it executed.
+    </para>
+    <para>
+      If this command was terminated by a signal, <command>su</command>
+      returns the number of this signal plus 128.
+    </para>
+    <para>
+      If su has to kill the command (because it was asked to terminate,
+      and the command did not terminate in time), <command>su</command>
+      returns 255.
+    </para>
+    <para>
+      Some exit values from <command>su</command> are independent from the
+      executed command:
+      <variablelist>
+	<varlistentry>
+	  <term><replaceable>0</replaceable></term>
+	  <listitem>
+	    <para>success (<option>--help</option> only)</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>1</replaceable></term>
+	  <listitem>
+	    <para>System or authentication failure</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>126</replaceable></term>
+	  <listitem>
+	    <para>The requested command was not found</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>127</replaceable></term>
+	  <listitem>
+	    <para>The requested command could not be executed</para>
+	  </listitem>
+	</varlistentry>
+      </variablelist>
+    </para>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para><citerefentry>
+	<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/suauth.5.xml b/man/suauth.5.xml
new file mode 100644
index 0000000..97ef6d1
--- /dev/null
+++ b/man/suauth.5.xml
@@ -0,0 +1,229 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1996       , Marek Michałkiewicz
+   Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='suauth.5'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Marek</firstname>
+      <surname>Michałkiewicz</surname>
+      <contrib>Creation, 1996</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>suauth</refentrytitle>
+    <manvolnum>5</manvolnum>
+    <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>suauth</refname>
+    <refpurpose>detailed su control file</refpurpose>
+  </refnamediv>
+  <!-- body begins here -->
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>/etc/suauth</command>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The file <filename>/etc/suauth</filename> is referenced whenever the
+      su command is called. It can change the behaviour of the su command,
+      based upon:
+    </para>
+
+    <!-- .RS -->
+    <literallayout remap='.nf'>
+      1) the user su is targeting
+    </literallayout>
+    <!-- .fi -->
+    <para>
+      2) the user executing the su command (or any groups he might be
+      a member of)
+    </para>
+
+    <para>
+      The file is formatted like this, with lines starting with a # being
+      treated as comment lines and ignored;
+    </para>
+
+    <literallayout remap='RS'>
+      to-id:from-id:ACTION
+    </literallayout>
+
+    <para>
+      Where to-id is either the word <emphasis>ALL</emphasis>, a list of
+      usernames delimited by "," or the words <emphasis>ALL
+      EXCEPT</emphasis> followed by a list of usernames delimited by ",".
+    </para>
+
+    <para>
+      from-id is formatted the same as to-id except the extra word
+      <emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT
+      GROUP</emphasis> is perfectly valid too. Following
+      <emphasis>GROUP</emphasis> appears one or more group names, delimited
+      by ",". It is not sufficient to have primary group id of the relevant
+      group, an entry in
+      <citerefentry><refentrytitle>/etc/group</refentrytitle>
+      <manvolnum>5</manvolnum></citerefentry> is necessary.
+    </para>
+
+    <para> 
+      Action can be one only of the following currently supported options.
+    </para>
+    <variablelist remap='TP'>
+      <varlistentry>
+	<term>
+	  <emphasis>DENY</emphasis>
+	</term>
+	<listitem>
+	  <para>The attempt to su is stopped before a password is
+	    even asked for.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <emphasis>NOPASS</emphasis>
+	</term>
+	<listitem>
+	  <para>
+	    The attempt to su is automatically successful; no password is
+	    asked for.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <emphasis>OWNPASS</emphasis>
+	</term>
+	<listitem>
+	  <para>
+	    For the su command to be successful, the user must enter his or
+	    her own password. They are told this.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+
+    <para>
+      Note there are three separate fields delimited by a colon. No
+      whitespace must surround this colon. Also note that the file is
+      examined sequentially line by line, and the first applicable rule is
+      used without examining the file further. This makes it possible for a
+      system administrator to exercise as fine control as he or she wishes.
+    </para>
+  </refsect1>
+
+  <refsect1 id='example'>
+    <title>EXAMPLE</title>
+    <literallayout remap='.nf'>
+      # sample /etc/suauth file
+      #
+      # A couple of privileged usernames may
+      # su to root with their own password.
+      #
+      root:chris,birddog:OWNPASS
+      #
+      # Anyone else may not su to root unless in
+      # group wheel. This is how BSD does things.
+      #
+      root:ALL EXCEPT GROUP wheel:DENY
+      #
+      # Perhaps terry and birddog are accounts
+      # owned by the same person.
+      # Access can be arranged between them
+      # with no password.
+      #
+      terry:birddog:NOPASS
+      birddog:terry:NOPASS
+      #
+    </literallayout>
+    <!-- .fi -->
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/suauth</filename></term>
+	<listitem><para></para></listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='bugs'>
+    <title>BUGS</title>
+    <para>
+      There could be plenty lurking. The file parser is particularly
+      unforgiving about syntax errors, expecting no spurious whitespace
+      (apart from beginning and end of lines), and a specific token
+      delimiting different things.
+    </para>
+  </refsect1>
+
+  <refsect1 id='diagnostics'>
+    <title>DIAGNOSTICS</title>
+    <para>
+      An error parsing the file is reported using
+      <citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+      as level ERR on facility AUTH.
+    </para>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/subgid.5.xml b/man/subgid.5.xml
new file mode 100644
index 0000000..ffdb7d8
--- /dev/null
+++ b/man/subgid.5.xml
@@ -0,0 +1,139 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 2013 Eric W. Biederman
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='subgid.5'>
+  <refmeta>
+    <refentrytitle>subgid</refentrytitle>
+    <manvolnum>5</manvolnum>
+    <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>subgid</refname>
+    <refpurpose>the subordinate gid file</refpurpose>
+  </refnamediv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      Each line in <filename>/etc/subgid</filename> contains
+      a user name and a range of subordinate group ids that user
+      is allowed to use.
+
+      This is specified with three fields delimited by colons
+      (<quote>:</quote>).
+      These fields are:
+    </para>
+    <itemizedlist mark='bullet'>
+      <listitem>
+	<para>login name or UID</para>
+      </listitem>
+      <listitem>
+	<para>numerical subordinate group ID</para>
+      </listitem>
+      <listitem>
+	<para>numerical subordinate group ID count</para>
+      </listitem>
+    </itemizedlist>
+
+    <para>
+      This file specifies the group IDs that ordinary users can use, with
+      the <command>newgidmap</command> command, to configure gid mapping
+      in a user namespace.
+    </para>
+
+    <para>
+      Multiple ranges may be specified per user.
+    </para>
+
+    <para>
+      When large number of entries (10000-100000 or more) are defined in
+      <filename>/etc/subgid</filename>, parsing performance penalty will
+      become noticeable. In this case it is recommended to use UIDs
+      instead of login names. Benchmarks have shown speed-ups up to 20x.
+    </para>
+
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/subgid</filename></term>
+	<listitem>
+	  <para>Per user subordinate group IDs.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/subgid-</filename></term>
+	<listitem>
+	  <para>Backup file for /etc/subgid.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>newgidmap</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>newuidmap</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>user_namespaces</refentrytitle><manvolnum>7</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/subuid.5.xml b/man/subuid.5.xml
new file mode 100644
index 0000000..2890661
--- /dev/null
+++ b/man/subuid.5.xml
@@ -0,0 +1,139 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 2013 Eric W. Biederman
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='subuid.5'>
+  <refmeta>
+    <refentrytitle>subuid</refentrytitle>
+    <manvolnum>5</manvolnum>
+    <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>subuid</refname>
+    <refpurpose>the subordinate uid file</refpurpose>
+  </refnamediv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      Each line in <filename>/etc/subuid</filename> contains
+      a user name and a range of subordinate user ids that user
+      is allowed to use.
+
+      This is specified with three fields delimited by colons
+      (<quote>:</quote>).
+      These fields are:
+    </para>
+    <itemizedlist mark='bullet'>
+      <listitem>
+	<para>login name or UID</para>
+      </listitem>
+      <listitem>
+	<para>numerical subordinate user ID</para>
+      </listitem>
+      <listitem>
+	<para>numerical subordinate user ID count</para>
+      </listitem>
+    </itemizedlist>
+
+    <para>
+      This file specifies the user IDs that ordinary users can use, with
+      the <command>newuidmap</command> command, to configure uid mapping
+      in a user namespace.
+    </para>
+
+    <para>
+      Multiple ranges may be specified per user.
+    </para>
+
+    <para>
+      When large number of entries (10000-100000 or more) are defined in
+      <filename>/etc/subuid</filename>, parsing performance penalty will
+      become noticeable. In this case it is recommended to use UIDs
+      instead of login names. Benchmarks have shown speed-ups up to 20x.
+    </para>
+
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/subuid</filename></term>
+	<listitem>
+	  <para>Per user subordinate user IDs.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/subuid-</filename></term>
+	<listitem>
+	  <para>Backup file for /etc/subuid.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>newgidmap</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>newuidmap</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>newusers</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>user_namespaces</refentrytitle><manvolnum>7</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/sulogin.8.xml b/man/sulogin.8.xml
new file mode 100644
index 0000000..432232c
--- /dev/null
+++ b/man/sulogin.8.xml
@@ -0,0 +1,178 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1989 - 1992, Julianne Frances Haugh
+   Copyright (c) 2007 - 2008, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY ENV_HZ                SYSTEM "login.defs.d/ENV_HZ.xml">
+<!ENTITY ENV_TZ                SYSTEM "login.defs.d/ENV_TZ.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='sulogin.8'>
+  <!--  $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1989</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>sulogin</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>sulogin</refname>
+    <refpurpose>Single-user login</refpurpose>
+  </refnamediv>
+
+  <refsect1 id='syntax'>
+    <title>SYNTAX</title>
+    <para><command>sulogin</command> [<emphasis remap='I'>tty-device</emphasis>]
+    </para>
+  </refsect1>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>sulogin</command> command is invoked by <command>init</command>
+      prior to allowing the user access to the system when in single user mode.
+      This feature may only be available on certain systems where
+      <command>init</command> has been modified accordingly, or where the
+      <filename>/etc/inittab</filename> has an entry for a single user
+      login.
+    </para>
+
+    <para>The user is prompted</para>
+
+    <para>Type control-d to proceed with normal startup,
+      <!-- .br -->
+      (or give root password for system maintenance):
+    </para>
+
+    <para>
+      Input and output will be performed with the standard file descriptors
+      unless the optional device name argument is provided.
+    </para>
+
+    <para>
+      If the user enters the correct root password, a login session is
+      initiated. When <emphasis>EOF</emphasis> is pressed instead, the
+      system enters multi-user mode.
+    </para>
+
+    <para>
+      After the user exits the single-user shell, or presses
+      <emphasis>EOF</emphasis>, the system begins the initialization process
+      required to enter multi-user mode.
+    </para>
+  </refsect1>
+
+  <refsect1 id='caveats'>
+    <title>CAVEATS</title>
+    <para>
+      This command can only be used if <command>init</command> has been
+      modified to call <command>sulogin</command> instead of
+      <filename>/bin/sh</filename>, or if the user has set the <emphasis
+      remap='I'>inittab</emphasis> to support a single user login. For
+      example, the line:
+    </para>
+
+    <para>co:s:respawn:/etc/sulogin /dev/console</para>
+
+    <para>should execute the sulogin command in single user mode.</para>
+
+    <para>
+      As complete an environment as possible is created. However, various
+      devices may be unmounted or uninitialized and many of the user
+      commands may be unavailable or nonfunctional as a result.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &ENV_HZ;
+      &ENV_TZ;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>init</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/sv/Makefile.am b/man/sv/Makefile.am
new file mode 100644
index 0000000..e64b7bc
--- /dev/null
+++ b/man/sv/Makefile.am
@@ -0,0 +1,49 @@
+mandir = @mandir@/sv
+
+# 2012.01.28 - activate manpages with more than 50% translated messages
+man_MANS = \
+	man1/chage.1 \
+	man1/chsh.1 \
+	man1/expiry.1 \
+	man5/faillog.5 \
+	man8/faillog.8 \
+	man3/getspnam.3 \
+	man8/groupadd.8 \
+	man8/groupdel.8 \
+	man8/groupmems.8 \
+	man8/groupmod.8 \
+	man1/groups.1 \
+	man8/grpck.8 \
+	man5/gshadow.5 \
+	man8/lastlog.8 \
+	man8/logoutd.8 \
+	man1/newgrp.1 \
+	man8/nologin.8 \
+	man1/passwd.1 \
+	man5/passwd.5 \
+	man8/pwck.8 \
+	man1/sg.1 \
+	man3/shadow.3 \
+	man5/suauth.5 \
+	man8/userdel.8 \
+	man8/vigr.8 \
+	man8/vipw.8
+
+man_nopam = \
+	man5/limits.5 \
+	man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+EXTRA_DIST = \
+	$(man_MANS) \
+	man1/id.1
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+include ../generate_translations.mak
+
diff --git a/man/tr/Makefile.am b/man/tr/Makefile.am
new file mode 100644
index 0000000..8d8b916
--- /dev/null
+++ b/man/tr/Makefile.am
@@ -0,0 +1,18 @@
+mandir = @mandir@/tr
+
+man_MANS = \
+	man1/chage.1 \
+	man1/chfn.1 \
+	man8/groupadd.8 \
+	man8/groupdel.8 \
+	man8/groupmod.8 \
+	man1/login.1 \
+	man1/passwd.1 \
+	man5/passwd.5 \
+	man5/shadow.5 \
+	man1/su.1 \
+	man8/useradd.8 \
+	man8/userdel.8 \
+	man8/usermod.8
+
+EXTRA_DIST = $(man_MANS)
diff --git a/man/tr/man1/chage.1 b/man/tr/man1/chage.1
new file mode 100644
index 0000000..16bbbb1
--- /dev/null
+++ b/man/tr/man1/chage.1
@@ -0,0 +1,90 @@
+
+
+.\" Copyright 1990 - 1994 Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+  
+.TH chage 1 "" "" ""
+.nh  
+.SH Ä°SÄ°M  
+chage - 
+kullanıcı parolasının son kullanma tarihini değiştirir
+  
+.SH KULLANIM
+
+.nf
+
+\fBchage\fR [\fB-m \fR\fIasgari-gün-sayısı\fR]  [\fB-M \fR\fIazami-gün-sayısı\fR]  [\fB-d \fR\fIson-gün\fR]
+      [\fB-I \fR\fIpasif\fR]  [\fB-E \fR\fIson-tarih\fR]  [\fB-W \fR\fIuyarı-gün-sayısı\fR]  \fIkullanıcı\fR
+
+\fBchage -l \fR\fIkullanıcı\fR
+
+.fi
+
+
+  
+.SH AÇIKLAMA
+
+
+\fBchage\fR, parolanın son değiştirilme tarihinden, değiştirilmesi gerekecek olan güne kadar geçen sürenin gün cinsinde miktarını değiştirir. Bu bilgi, sistem tarafından, kullanıcının ne zaman parolasını değiştirmesi gerektiğini bulmakta kullanılır. Bu komut root kullanıcıya tahsis edilmiştir. Sadece \fB-l\fR seçeneği, normal kullanıcılar tarafından, parola ve hesaplarının son kullanma tarihini görmek amacı ile kullanılabilir.
+
+\fB-m\fR seçeneği ile belirtilen \fIasgari-gün-sayısı\fR´nın değeri, parola değişiklikleri arasında geçecek  asgari gün sayısıdır. Buraya sıfır değeri verilirse, kullanıcı istediği bir zaman parolasını değiştirebilir.
+
+\fB-M\fR seçeneği ile belirtilen \fIazami-gün-sayısı\fR´nın değeri, parolanın geçerliliğinin biteceği güne kadar geçecek zamanın gün cinsinden miktarıdır.  \fIazami-gün-sayısı\fR artı \fIson-gün\fR, içinde bulunulan günden az ise, kullanıcı hesabını kullanmadan önce parolasını değiştirmek zorunda kalacaktır. Bu olay, \fB-W\fR seçeneğini kullanılarak da ayarlanabilir. Bu seçenek sayesinde kullanıcıya bu olay hakkında uyarı mesajı verebilirsiniz.
+
+\fB-d\fR seçeneği ile, \fIson-gün\fR´ün değeri 1 Ocak 1970´den parolanın son değişeceği güne kadar olan gün sayısıdır. YYYY-AA-GG biçiminde bir tarih olarak da belirtilebilir (veya  yaşadığınız bölgede kabul edilen tarih biçimi ile).
+
+\fB-E\fR seçeneği, kullanıcı hesabının hangi tarihten sonra erişilemez olduğunu ayarlamak için kullanılır. \fIson-tarih\fR´in değeri; 1 Ocak 1970´den hesabın kilitleneceği güne kadar olan sürenin gün cinsinden miktarıdır. YYYY-AA-GG biçiminde bir tarih olarak da belirtilebilir (veya  yaşadığınız bölgede kabul edilen tarih biçimi ile).  Hesabı kilitlenen bir kullanıcının hesabını tekrar kullanabilmesi için, mutlaka sistem yöneticisine baş vurması gerekmektedir.
+
+\fB-I\fR seçeneği, bir parolanın pasif hale geçmesi ile  hesabın kilitlenmesi arasında geçecek olan gün miktarını ayarlamak için kullanılır.  \fIpasif\fR seçeneği, pasif geçecek gün sayısıdır. 0 (sıfır) değeri bu özelliği etkisizleştirir.  Hesabı kilitlenen bir kullanıcının hesabını tekrar kullanabilmesi için, mutlaka sistem yöneticisine baş vurması gerekmektedir.
+
+\fB-W\fR seçeneği, bir parola değişikliğinin gerekeceği günden kaç gün önce uyarı verileceğini ayarlamak için kullanılır. \fIuyarı-gün-sayısı\fR seçeneği, kullanıcının parolasının geçersiz kalmasından önce kullanıcının uyarılacağı gün sayısıdır.
+
+Şayet hiçbir seçenek belirtilmezse, \fBchage\fR etkileşimli kipe geçer. O an için geçerli olan bütün değerleri ekrana yazar. Bu alanlardaki değerleri değiştirmek için yeni değerler girilir. Şayet geçerli değerleri kullanmak istiyorsanız bu satırları boş bırakın. Geçerli değerler \fB[ ]\fR işaretleri arasında gösterilir.
+
+.SH SINIRLAMALAR
+
+\fBchage\fR uygulamasının /etc/shadow dosyasına ihtiyacı vardır.  Şayet parolalar /etc/passwd dosyası içinde saklanıyorsa, \fBchage\fR uygulamasının işlevselliği ortadan kalkar.
+
+.SH Ä°LGÄ°LÄ° DOYALAR
+
+/etc/passwd - kullanıcı hesabı bilgileri
+.br
+/etc/shadow - gölge parolalı kullanıcı hesabı bilgileri
+
+.SH Ä°LGÄ°LÄ° DOYALAR
+
+\fBpasswd\fR(5), 
+\fBshadow\fR(5)    
+    
+.SH YAZAN
+
+Julianne Frances Haugh <jockgrrl (at) ix.netcom.com> tarafından yazılmıştır.
+    
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Kasım 2003
+
diff --git a/man/tr/man1/chfn.1 b/man/tr/man1/chfn.1
new file mode 100644
index 0000000..a867ed9
--- /dev/null
+++ b/man/tr/man1/chfn.1
@@ -0,0 +1,79 @@
+
+
+.\"  chfn.1 -- change your finger information
+.\"  (c) 1994 by salvatore valente <svalente@athena.mit.edu>
+.\"
+.\"  this program is free software.  you can redistribute it and
+.\"  modify it under the terms of the gnu general public license.
+.\"  there is no warranty.
+
+.TH chfn 1 "13 Ekim 1994" "chfn " "Linux Başvuru Kılavuzu"
+.nh
+.SH Ä°SÄ°M  
+chfn - 
+kiÅŸisel bilgilerinizi deÄŸiÅŸtirir
+
+.SH KULLANIM
+
+.nf
+
+\fBchfn\fR [ \fB-f \fR\fIAdı-Soyadı\fR ] [ \fB-o \fR\fIİşyeri\fR ]  [ \fB-p \fR\fIİş-telefonu\fR ]
+     [ \fB-h \fR\fIEv-telefonu\fR ]  [ \fB-u\fR ] [ \fB-v\fR ] [ \fIkullanıcı\fR ]
+
+.fi
+
+
+
+.SH AÇIKLAMA
+
+\fBchfn\fR, kişisel bilgilerinizi değiştirmek için kullanılır. Bu bilgiler /etc/passwd dosyası içinde saklanır ve \fBfinger\fR komutu aracılığı ile ekrana gönderilir. Linux \fBfinger\fR komutu; \fBchfn\fR tarafından değiştirilebilen dört bilgi alanı görüntüler: adınız ve soyadınız, işyeriniz, iş telefon numaranız ve ev telefon numaranız.
+.SS KOMUT SATIRI
+
+Dört parçadan oluşan bu bilgilerin herhangi biri komut satırından belirtilebilir. Şayet komut satırından bilgi girilmemiş ise, \fBchfn\fR etkileşimli kipe geçecektir.
+.SS ETKİLEŞİMLİ KİP
+
+Etkileşimli kipte, \fBchfn\fR, her bir alan için kullanıcıdan veri girmesini isteyecektir. Bu alanlara yeni bilgi girebilir ya da eski bilgiyi korumak için  enter tuşuna basıp devam edebilirsiniz. Alanları boş bırakmak için \fBnone\fR kelimesini giriniz.
+
+.SH SEÇENEKLER   
+
+
+.br
+.ns
+.TP 
+\fB-f\fR, \fB--full-name\fR
+Ad ve soyadı belirtilir.
+
+.TP 
+\fB-o\fR, \fB--office\fR
+İşyeri ya da işyerindeki bölümünüz.
+
+.TP 
+\fB-p\fR, \fB--office-phone\fR
+Ä°ÅŸ telefonunuz.
+
+.TP 
+\fB-h\fR, \fB--home-phone\fR
+Ev telefonunuz.     
+
+.TP 
+\fB-u\fR, \fB--help\fR
+Bu kullanım bilgisi görüntüler ve çıkar.        
+
+.TP 
+\fB-v\fR, \fB--version\fR
+Sürüm bilgilerini görüntüler ve çıkar.        
+
+.PP
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBfinger\fR(1),
+\fBpasswd\fR(5).
+
+.SH YAZAN
+
+Salvatore Valente <svalente (at) mit.edu> tarafından yazılmıştır.
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Aralık 2003
+
diff --git a/man/tr/man1/login.1 b/man/tr/man1/login.1
new file mode 100644
index 0000000..491a97d
--- /dev/null
+++ b/man/tr/man1/login.1
@@ -0,0 +1,114 @@
+
+
+.\" Copyright 1993 Rickard E. Faith (faith@cs.unc.edu)
+.\" May be distributed under the GNU General Public License
+
+.TH login 1 "4 Kasım 1996" "Util-linux 1.6" "Linux Yazılımcılarının Kılavuzu"
+.nh
+.SH Ä°SÄ°M  
+login - 
+Kullanıcının sisteme girişini sağlar.
+
+.SH KULLANIM
+
+
+\fBlogin\fR [ \fIisim\fR ]
+.br
+\fBlogin -p\fR
+.br
+\fBlogin -h\fR \fIkonakismi\fR
+.br
+\fBlogin -f\fR \fIisim\fR
+
+
+.SH AÇIKLAMA
+
+\fBlogin\fR, bir sisteme bağlanmak için kullanılır. Ayrıca, istenilen bir anda, bir kullanıcı adından başka birine geçiş yapmak içinde kullanılabilir (günümüzdeki pek çok kabuk, yerleşik olarak bu özelliği desteklemektedir).
+
+Herhangi bir argüman belirtilmemişse, \fBlogin\fR kullanıcı adını soracaktır.
+
+Şayet kullanıcı root değilse, ve eğer /etc/nologin dosyası varsa, bu dosyanın içeriği ekrana basılacak ve \fBlogin\fR sonlandırılacaktır. Bu genellikle, sistem kapanırken, yapılacak bağlantıları önlemek için kullanılır.
+
+Şayet kullanıcı için /etc/usertty içinde özel erişim kısıtlamaları tanımlanmışsa, kullanıcı bu şartları karşılamak zorundadır. Aksi taktirde bağlantı girişimi reddedilecek ve bir \fBsyslog\fR iletisi üretilecektir. Daha fazla bilgi için "Özel Erişim Kısıtlamaları" bölümüne bakınız.
+
+Şayet kullanıcı root ise, /etc/securetty içinde listelenen uçbirimlerden birisini kullanarak bağlanmak zorundadır. Giriş hataları \fBsyslog\fR tarafından kaydedilir. 
+
+Bütün bu şartlar kontrol edildikten sonra, parola istenecek ve kontrol edilecektir (şayet bu kullanıcı için parola gerekli ise). \fBlogin\fR sonlandırılmadan önce, 10 giriş denemesine izin vardır, fakat ilk üç denemeden sonra isteğe karşılık verme süresi uzayacaktır. Bağlantı hataları \fBsyslog\fR üzerinden rapor edilecektir. Bu, ayrıca başarılı root bağlantılarını raporlamak içinde kullanılır. 
+
+Şayet .hushlogin dosyası varsa, bir "hızlı" bağlantı gerçekleştirilir (bu özellik; e-posta kontrolünü, en son bağlantı zamanının ve günün iletisinin ekrana basılmasını engeller). Diğer yandan, şayet /var/log/lastlog dosyası varsa, son bağlantı zamanı ekrana basılacaktır (ve o anki bağlantı kaydedilecektir).
+
+Uçbirimin UID ve GID ayarlarını yapmak gibi, rastgele yönetim işleri yapılır. Şayet daha önceden belirtilmişse, TERM ortam değişkeni korunur (\fB-p\fR seçeneği kullanılmışsa diğer çevre değişkenleri de korunur).  Daha sonra HOME, PATH, SHELL, TERM, MAIL ve LOGNAME ortam değişkenleri ayarlanır. PATH değişkeni normal kullanıcılar için öntanımlı olarak /usr/local/bin:/bin:/usr/bin:. ve root kullanıcı için /bin:/usr/sbin:/usr/bin'dir. Son olarak, şayet bu bir "hızlı" bağlantı değilse; günün iletisi görüntülenir, kullanıcıya ait /var/spool/mail içindeki dosya kontrol edilir ve şayet dosya uzunluğu sıfırdan farklı ise bir ileti görüntülenir (şayet bu dosyanın uzunluğu sıfırdan farklı ise, kullanıcıya bir ileti gelmiş demektir).
+
+Daha sonra kullanıcı kabuğu başlatılır. Şayet \fB/etc/passwd\fR içinde  kullanıcı için bir kabuk tanımlı değilse, \fB/bin/sh\fR kullanılır. Şayet /etc/passwd içinde bir dizin tanımlı değilse, ev dizini olarak \fB/\fR (kök) dizini kullanılır (yukarıda bahsedilen .hushlogin dosyası için ev dizinine bakılır).
+
+
+.SH SEÇENEKLER
+
+
+.br
+.ns
+.TP 
+\fB-p\fR
+\fBgetty\fR(8) tarafından kullanılır, ortam değişkenlerinin korunmasını sağlar.
+
+.TP 
+\fB-f\fR
+İkinci bağlantı doğrulamasını atlamak için kullanılır. Özellikle root kullanıcı için çalışmaz ve Linux altında da çalıştığı görülmemiştir.        
+
+.TP 
+\fB-h\fR
+Diğer sunucular tarafından (\fBtelnetd\fR(8) gibi) uzak sunucunun adını, \fBlogin\fR´e bildirmek için kullanılır, bundan dolayı, utmp ve wtmp içine yerleştirilebilir. Bu seçenek sadece root kullanıcı içindir.
+
+.PP
+
+.SH ÖZEL ERİŞİM KISITLAMALARI
+
+/etc/securetty dosyası, root kullanıcının bağlantı yapabileceği, uçbirim isimlerinin listesini içerir. Her bir satırda, /dev/ öneki olmaksızın bir tty aygıtının adı belirtilmelidir. Şayet bu dosya yoksa, root kullanıcı herhangi bir uçbirim üzerinden bağlanabilir.
+
+Günümüzde çoğu Linux sistemi PAM (Pluggable Authentication Modules - Eklenebilir Kimlik Kantlama Modülleri) kullanmaktadır. PAM kullanılmayan sistemlerde /etc/usertty dosyası, belirlenen kullanıcılar için, ek erişim kısıtlamaları içerir. Şayet bu dosya yoksa, ek erişim kısıtlamaları yüklenemez. Bu dosya çeşitli bölümler içerir. Üç çeşit bölüm türü münkündür: CLASSES, GROUPS ve USERS. CLASSES bölümü uçbirim sınıflarının ve sunucu adlarının şablonlarını içerir. GROUPS  bölümü her bir grup için, USERS bölümü  ise her bir kullanıcı için izin verilen uçbirimleri ve sunucuları tanımlar.
+
+Bu dosya içindeki her bir satır en fazla 255 karaktere sahip olabilir. Açıklamalar \fB#\fR ile başlar ve satır sonuna kadar devam eder.
+
+.SS CLASSES Bölümü
+
+Bir CLASSES bölümü bir satırın başında tamamen büyük harflerden oluşmuş CLASSES dizgesi ile başlar. Yeni bir bölümün başlangıcına veya dosyanın sonuna kadar  her bir satır sekmeler ya da boşluklar tarafından ayrılmış sözcük dizilimleri içerir. Her bir satır uçbirim sınıfları ve sunucu şablonları içerir. 
+
+Satır başındaki sözcük, satırın kalanında tanımlanmış uçbirimler ve sunucu şablonları için ortak sınıf ismidir. Bu sınıf ismi GROUPS veya USERS bölümlerinde kullanılabilir. Yinelenmiş sınıflar oluşturma hatasından korunmak için sınıf isimleri tanımlamaların içinde kullanılmamalıdır. 
+
+Örnek bir CLASSES bölümü:
+
+.nf
+
+CLASSES
+sinif1       tty1 tty2
+sinif2       tty3 @.foo.com
+
+.fi
+
+
+Burada \fIsinif1\fR ve \fIsinif2\fR sınıfları sağ taraflarındakilerle tanımlanmıştır.
+
+.SS GROUPS Bölümü
+
+Bir GROUPS bölümü; her bir UNIX grubu için izin verilen uçbirim ve 
+sunucuları tanımlar.  Şayet bir kullanıcı /etc/passwd ve /etc/group dosyalarındaki tanımlara göre göre bir UNIX grubunun üyesi ise ve bu grup /etc/usertty içindeki GROUPS bölümünde belirtilmiş ise, kullanıcıya erişim izni verilmiş demektir.      
+
+Bir CLASSES bölümü bir satırın başında tamamen büyük harflerden oluşmuş CLASSES dizgesi ile başlar.
+Bir GROUPS bölümü bir satırda tamamen büyük harflerden oluşmuş GROUPS 
+yazısı ile başlar ve devam eden tüm satırlar, boşluklar veya tablar ile ayrılmış, kelimeler dizileridir. Satırdaki ilk kelime grup adı ve diğer kelimeler; grup elemanlarına bağlantı için izin verilen ttys´ler ve sunuculardır. Bu tanımlamalar önceki bölümde( CLASSES bölümünde) açıklanan sınıfları içerebilirler.
+
+
+.SH TEMÄ°NÄ°
+
+\fBlogin\fR, e2fsprogs  paketinin bir parçasıdır ve
+.br
+http://e2fsprogs.sourceforge.net adresinden temin edilebilir.
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBchattr\fR(1)
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Kasım 2003
+
diff --git a/man/tr/man1/passwd.1 b/man/tr/man1/passwd.1
new file mode 100644
index 0000000..afc461a
--- /dev/null
+++ b/man/tr/man1/passwd.1
@@ -0,0 +1,172 @@
+
+
+.\" Copyright Red Hat, Inc., 1998, 1999, 2002.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, and the entire permission notice in its entirety,
+.\"    including the disclaimer of warranties.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. The name of the author may not be used to endorse or promote
+.\"    products derived from this software without specific prior
+.\"    written permission.
+.\"
+.\" ALTERNATIVELY, this product may be distributed under the terms of
+.\" the GNU Public License, in which case the provisions of the GPL are
+.\" required INSTEAD OF the above restrictions.  (This clause is
+.\" necessary due to a potential bad interaction between the GPL and
+.\" the restrictions contained in a BSD-style copyright.)
+.\"
+.\"  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+.\" WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+.\" DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+.\" INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+.\" SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+.\" OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.\" Copyright (c) Cristian Gafton, 1998, <gafton@redhat.com>
+.\"
+ 
+.TH passwd 1 "3 Ocak 1998" "Red Hat Linux" "Kullanıcı Araçları"
+.nh
+.SH Ä°SÄ°M  
+passwd - 
+kullanıcının parolasını günceller
+
+.SH KULLANIM
+
+.nf
+
+\fBpasswd \fR[\fB-k\fR] [\fB-l\fR] [\fB-u \fR[\fB-f\fR]] [\fB-d\fR] [\fB-n \fR\fIasgari_ömür\fR] [\fB-x \fR\fIazami_ömür\fR] 
+       [\fB-w \fR\fIuyarı_süresi\fR] [\fB-i \fR\fIaskı_süresi\fR] [\fB-S\fR] [\fIkullanıcı\fR]
+
+.fi
+
+
+
+.SH AÇIKLAMA
+
+\fBpasswd\fR, bir kullanıcının parolasını günceller
+
+\fBpasswd\fR, \fBLinux-PAM API\fR´si aracılığı ile çalışmak üzere ayarlanmıştır. Aslında, \fBpasswd\fR, kendisini Linux-Pam ile birlikte bir "passdw" servisi olarak başlatır ve  yetkilendirme için ayarlanmış parola modüllerini kullanır. Daha sonra kullanıcının parolası güncellenir.
+
+Bu servis için, Linux-PAM ayar dosyası, basitçe, şu şekilde olurdu: 
+
+.nf
+
+#
+# bir parola güncellenmeden önce, bu önerilen parolanın sağlamlığını
+# kontrol eden passwd servis girdisi.
+#
+passwd password requisite \
+            /usr/lib/security/pam_cracklib.so retry=3
+passwd password required \
+            /usr/lib/security/pam_unix.so use_authtok
+#
+
+.fi
+
+
+NOT: Bu uygulamanın düzgün çalışması için, diğer modül türlerine ihtiyaç yoktur.
+
+.SH SEÇENEKLER
+
+
+.br
+.ns
+.TP 
+\fB-k\fR
+Bu seçenek, güncellemenin, sadece geçerlilik süresi bitmiş parolaları kapsadığı anlamaına gelir. Kullanıcı geçerlilik süresi dolmamış parolalarını kullanmaya devam edebilir.
+
+.TP 
+\fB-l\fR
+Bu seçeneği sadece root kullanıcı kullanabilir. Belirtilen hesabı 
+kilitlemeye yarar. Kilitleme işlemi; şifrelenmiş parolanın sözdizimi geçersiz hale getirilerek uygulanır (şifreli sözdiziminin başına ! getirmek suretiyle).
+
+.TP 
+\fB--stdin\fR
+Bu seçenek, yeni parolanın borulanabilen standart girdiden okunacağı anlamına gelir.     
+
+.TP 
+\fB-u\fR
+\fB-l\fR seçeneğinin tersidir. Kilitlenmiş hesap parolalarının önündeki ! önekini kaldırarak, hesabı kullanıma açar. Bu seçenek, sadece root kullanıcıya tahsis edilmiştir. Öntanımlı olarak, \fBpassdw\fR, parolasız bir hesap oluşturmayı reddedecektir (parola olarak sadece ! işaretine sahip bir hesabın kilidini kaldıramaz). \fB-f\fR seçeneği, bu korumayı aşmak için kullanılabilir. 
+
+.TP 
+\fB-d\fR
+Bu seçenek, bir hesabın parolasını yok etmenin en kolay ve hızlı yoludur. Belirtilen hesabın parolasız açılmasını sağlar. Sadece root kullanıcı bu seçeneği kullanabilir. 
+
+.TP 
+\fB-n\fR
+Kullanıcının hesabı parola için bir geçerlilik süresi tanımlanmasını destekliyorsa, bu seçenekle parolanın geçerli olduğu asgari süre gün cinsinden belirtilebilir. Sadece root kullanıcı bu seçeneği kullanabilir. 
+
+.TP 
+\fB-x\fR
+Kullanıcının hesabı parola için bir geçerlilik süresi tanımlanmasını destekliyorsa, bu seçenekle parolanın geçerli olduğu azami süre gün cinsinden belirtilebilir. Sadece root kullanıcı bu seçeneği kullanabilir. 
+
+.TP 
+\fB-w\fR
+Kullanıcının hesabı parola için bir geçerlilik süresi tanımlanmasını destekliyorsa, bu seçenekle, kullanıcının parolasının zamanaşımına uğrayacağı tarihten kaç gün önceden itibaren uyarılacağı gün cinsinden belirtilebilir. Sadece root kullanıcı bu seçeneği kullanabilir.
+
+.TP 
+\fB-i\fR
+Kullanıcının hesabı parola için bir geçerlilik süresi tanımlanmasını destekliyorsa, kullanıcı parolası zamanaşımına uğradıktan sonra kullanıcı hesabı tamamen iptal edilene kadar kaç gün süreyle bekleneceği belirtilir. Sadece root kullanıcı bu seçeneği kullanabilir.
+
+.PP
+
+.SH İKİ ÖNEMLİ KURAL
+.SS Parolanızı koruyun
+
+Parolanızı herhangi bir yere not etmeyin. Bunun yerine ezberinizde tutun. Parolanızı şifrelenmemiş bir dosya içine yazıp, ortalıkta bırakmayın. Birbirinden bağımsız parolalar kullanın. Her yere aynı parola ile üye olmayın. Bilgisayar destek veya satış görevlileri ile parolanızı paylaşmayın. Parolanızı yazarken, kimsenin sizi izlemesine izin vermeyin. Güvenli olduğuna inanmadığınız bir sistemden, parolanız aracılığı ile giriş yapmayın. Parolanız için geçerlilik süreleri tahsis edin ve parolanızı düzenli olarak değiştirin. Bir sistemdeki parolanız sizin her şeyinizdir. Bu konuda paronoyak davranmak, vurdumduymazlıktan daha mantıklı bir yöntemdir.
+
+.SS Tahmin edilmesi güç bir parola seçin
+
+\fBpasswd\fR, sizin kötü bir parola seçmenizi önlemeye çalışacaktır, fakat bu çok güvenilir bir sistem değildir. Parolalarınızı, mantıklı bir şekilde oluşturun. Herhangi bir sözlükte (hangi dilde olursa olsun) bulunabilecek kelimeler kullanmayın. Çocuğunuzun, en sevdiğiniz film kahramanınızın, evcil hayvanlarınızın, ana-babanızın, mekanların ve ünlü kişilerin adlarını parola olarak seçmeyin. Telefon numarası, araç plakanız, doğum tarihiniz, SSK numaranız gibi başkaları tarafından ulaşılabilecek bilgileri, parola olarak kullanmayınız. Basit şablonlu parolalardan uzak durun. Bunun yerine, küçük ve büyük harflerin karışımından oluşan ve mümkünse içerisinde rakamlar bulunan parolalar seçin. Uzun parolalar kullanın. Noktalama işaretlerinin kullanıldığı kelime çiftleri oldukça iyi bir seçim olacaktır. Uzun ve akılda kalır bir cümlenin ilk harflerinden oluşmuş anlamsız bir kelime de oldukça iyi bir seçim sayılır. 
+
+
+
+Sistem, sizi bu iki kurala uymak konusunda biraz zorlayacaktır ama buradaki en önemli etken "insan"dır. Sistemlerin daha güvenli hale gelmesini sağlayan en önemli etken uyanık kullanıcılardır.
+
+.SH ÇIKIŞ DURUMU
+
+Çıkış durumu olarak \fB0\fR, işlemin başarıyla tamamlandığını gösterir. Hata oluştuğu durumlarda \fB1\fR ile çıkar. Metin olarak çıktılanabilen hatalar standart hataya yazılır.
+
+.SH UYUMLULUK
+
+Linux-PAM (Linux için Eklenebilir Kimlik Kanıtlama modülleri).
+.br
+Şayet, elinizdeki Linux-PAM sürümü, Linux dosya sistemi standartları ile uyumlu ise, modülleri /usr/lib/security dizini (örnekte gösterilen) yerine /lib/security altında bulabilirsiniz.
+
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+\fB/etc/pam.d/passwd\fR - \fBLinux-PAM\fR yapılandırma dosyası
+
+.SH YAZILIM HATALARI
+
+Bilinen herhangi bir yazılım hatası yoktur.
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBpam_chauthok\fR(2),
+\fBpam\fR(8).
+
+\fBLinux-PAM\fR ile bu uygulamanın birlikte nasıl yapılandırıldığı hakkında daha ayrıntılı bilgiyi
+.br
+http://parc.power.net/morgan/Linux-PAM/index.html
+.br
+adresindeki, \fBLinux-PAM System Administrators´ Guide\fR içinde bulabilirsiniz.
+
+.SH YAZAN
+
+Cristian Gafton  <gafton (at) redhat.com> tarafından yazılmıştır.
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Aralık 2003
+
diff --git a/man/tr/man1/su.1 b/man/tr/man1/su.1
new file mode 100644
index 0000000..332c142
--- /dev/null
+++ b/man/tr/man1/su.1
@@ -0,0 +1,84 @@
+
+.TH su 1 "Eylül 2001" "GNU sh-utils 2.0.11" "FSF"
+.nh
+.SH Ä°SÄ°M  
+su - 
+başka bir kullanıcı ve grup kimliği ile bir kabuk çalıştırır
+
+.SH KULLANIM
+
+
+\fBsu\fR [\fISEÇENEK\fR]... [-] [\fIKULLANICI\fR [\fIARGÜMANLAR\fR]...]
+
+
+
+.SH AÇIKLAMA
+
+Etkin kullanıcı ve grup kimliğini \fIKULLANICI\fR´nınkilerle ile değiştirir.    
+
+
+
+.br
+.ns
+.TP 
+\fB-\fR, \fB-l\fR, \fB--login\fR
+Kabuğu, giriş kabuğu haline dönüştürür.
+
+.TP 
+\fB-c\fR, \fB--commmand\fR=\fIKOMUT \fR
+Kabuğa \fB-c\fR ile tek bir \fIKOMUT\fR aktarır.
+
+.TP 
+\fB-f\fR, \fB--fast\fR
+Kabuğa \fB-f\fR aktarır (csh veya tcsh için).
+
+.TP 
+\fB-m\fR, \fB--preserve-environment\fR
+Ortam değişkenlerini sıfırlamaz.
+
+.TP 
+\fB-p\fR
+\fB-m\fR ile aynıdır.
+
+.TP 
+\fB-s\fR, \fB--shell\fR=\fIKABUK \fR
+/etc/shells izin verdiği taktirde \fIKABUK\fR kabuğunu çalıştırır.
+
+.TP 
+\fB--help\fR
+Bu yardım metnini görüntüler ve çıkar.      
+
+.TP 
+\fB--version\fR
+Sürüm bilgilerini görüntüler ve çıkar.        
+
+.PP
+
+
+Tek başına \fB-\fR verilirse \fB-l\fR verilmiş gibi işlem yapılır. \fIKULLANICI\fR belirtilmezse, kullanıcı root kabul edilir.
+
+.SH YAZAN
+
+David MacKenzie tarafından yazılmıştır.
+.SH GERÄ°BÄ°LDÄ°RÄ°M
+
+Lütfen, böcekleri ve hataları <bug-sh-utils (at) gnu.org> adresine bildirin.
+.SH TELÄ°F HAKKI
+
+Telif hakkı © 2000 Free Software Foundation, Inc.
+.br
+Bu bir serbest yazılımdır; kopyalama koşulları için kaynak koduna bakınız. Hiçbir garantisi yoktur; hatta SATILABİLİRLİĞİ veya ŞAHSİ KULLANIMINIZA UYGUNLUĞU için bile garanti verilmez.
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBsu\fR komutu ile ilgili kapsamlı bir kılavuz Texinfo olarak mevcuttur. Şayet \fBinfo\fR ve \fBsu\fR yazılımları düzgün bir şekilde sisteminizde mevcutsa, aşağıdaki komut ile bu kılavuzu görüntüleyebilirsiniz.
+
+.IP 
+
+\fBinfo su\fR
+.PP
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Kasım 2003
+
diff --git a/man/tr/man5/passwd.5 b/man/tr/man5/passwd.5
new file mode 100644
index 0000000..2c5348b
--- /dev/null
+++ b/man/tr/man5/passwd.5
@@ -0,0 +1,113 @@
+
+
+.\" Copyright (c) 1993 Michael Haardt (michael@moria.de), Fri Apr  2 11:32:09 MET DST 1993
+.\"
+.\" This is free documentation; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of
+.\" the License, or (at your option) any later version.
+.\"
+.\" The GNU General Public License's references to "object code"
+.\" and "executables" are to be interpreted as the output of any
+.\" document formatting or typesetting system, including
+.\" intermediate and printed output.
+.\"
+.\" This manual is distributed in the hope that it will be useful,
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+.\" GNU General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public
+.\" License along with this manual; if not, write to the Free
+.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111,
+.\" USA.
+.\"
+.\" Modified Sun Jul 25 10:46:28 1993 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Aug 21 18:12:27 1994 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Jun 18 01:53:57 1995 by Andries Brouwer (aeb@cwi.nl)
+.\" Modified Mon Jan  5 20:24:40 MET 1998 by Michael Haardt
+.\"  (michael@cantor.informatik.rwth-aachen.de)
+
+.TH passwd 5 "5 Ocak 1998" "" "Dosya biçimleri"
+.nh
+.SH Ä°SÄ°M  
+passwd - 
+parola dosyası
+  
+.SH AÇIKLAMA
+
+
+
+
+
+
+\fBpasswd\fR bir metin dosyasıdır. Sistem hesaplarının bir listesini tutar. Kullanıcı kimliği, grup kimliği, ev dizini, kabuk ve benzeri bilgileri ihtiva eder. Sıklıkla, her bir hesap için şifrelenmiş parolayı da içerir. Herkes tarafından okunma iznine sahiptir (pek çok uygulama bu dosyayı kullanır, mesela \fBls\fR(1), kullanıcı ismi ile kullanıcı kimlğini birbirine eşlemek için kullanır) ama sadece süper kullanıcının yazma izni vardır.
+
+Eski güzel günlerde, bu okuma izni ile ilgili büyük bir sorun yoktu. Herkes bu şifreli parolaları okuyabiliyordu ama  iyi seçilmiş bir parolayı kırmak için yeterli donanım gücü yoktu ve kullanıcı grubu oldukça iyi niyetliydi. Günümüzde ise, pek çok kullanıcı gölgeli parola sistemini kullanmakta, /etc/passwd içinde parolanın yerinde bir `*´ görünmekte ve şifreli parola /etc/shadow içinde saklanmaktadır. Bu dosya sadece süper kullanıcı tarafından okunabilir.
+
+Gölgeli parolanın kullanılıp kullanılmadığına bakılmaksızın, pek çok sistem yöneticisi, şifrelenmiş parola alanında bir yıldız kullanır. Böylece bu kullanıcının bir parola kullanarak yetki almasını önler. (Yine de aşağıdaki \fBEK BİLGİ\fR bölümüne bakınız.
+
+Şayet yeni bir kullanıcı hesabı oluşturuyorsanız, ilk olarak parola alanına bir yıldız koyunuz, daha sonra \fBpasswd\fR(1)komutu ile parolayı belirleyin.
+
+Her satırda bir girdi yapılır ve her satır şu biçimdedir:
+.RS
+
+hesap:parola:UID:GID:GECOS:dizin:kabuk
+.RE
+
+Bu alanların açıklamaları şunlardır:
+
+
+.br
+.ns
+.TP 
+\fIhesap\fR
+Kullanıcının sistemdeki adı. Büyük harf içermemelidir.
+
+.TP 
+\fIparola\fR
+Şifreli kullanıcı parolası veya bir yıldız işareti.
+
+.TP 
+\fIUID\fR
+Sayısal kullanıcı kimliği
+
+.TP 
+\fIGID\fR
+Bu kullanıcının sayısal birincil grup kimliği
+
+.TP 
+\fIGECOS\fR
+Bu alan seçime bağlıdır ve sadece bilgilendirme amacı 
+ile kullanılır. Genellikle kullanıcının tam adı yazılır. GECOS´un anlamı General Electric  Comprehensive  Operating System´dir. General Electric´in büyük sistem bölümü Honeywell´e satıldığı zaman GCOS olarak yeniden adlandırılmıştır.    Dennis Ritchie´nin bildirdiğine göre: "bazı zamanlar yazıcı çıktılarını veya toplu işleri GCOS makineye gönderiyoruz. Parola dosyasındaki gcos alanı $IDENTcard için bilgileri biriktirme alanı olarak kullanılır. Zariflik olsun diye oraya konmamıştır."
+
+.TP 
+\fIdizin\fR
+Kullanıcının $HOME dizinidir.
+
+.TP 
+\fIkabuk\fR
+Sisteme girişte kullanılacak kabuk (belirtilmemişse \fB/bin/sh\fR kullanılır). Şayet olmayan bir uygulama belirtilirse, kullanıcı \fBlogin\fR(1) ile sisteme bağlanamaz.
+
+.PP
+.SH EK BÄ°LGÄ°
+
+Şayet bir kullanıcı grubu oluşturmak istiyorsanız, Grup numaraları aynı olmak zorundadır ve /etc/group dosyasında bir girdisi olmalıdır. Aksi taktirde bir grup oluşturulmaz.
+
+Şayet şifreli parola bir yıldız ile betimlenmişse, kullanıcı \fBlogin\fR(1)'i kullanarak bağlanamaz ama hala \fBrlogin\fR(1)'i kullanarak bağlanabilir, varolan bir süreci çalıştırabilir, \fBrsh\fR(1), \fBcron\fR(1), \fBat\fR(1) veya posta süzgeçleri üzerinden yenilerini başlatabilir. Kabuk alanını değiştirerek bir hesabı kapatmaya çalışmak da aynı sonucu verir ve ek olarak \fBsu\fR(1) komutunun kullanımına izin verir.
+
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+/etc/passwd
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBlogin\fR(1),
+\fBpasswd\fR(1),
+\fBsu\fR(1),
+\fBgroup\fR(5),
+\fBshadow\fR(5).
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Ocak 2004
+
diff --git a/man/tr/man5/shadow.5 b/man/tr/man5/shadow.5
new file mode 100644
index 0000000..8c56f05
--- /dev/null
+++ b/man/tr/man5/shadow.5
@@ -0,0 +1,96 @@
+
+
+.\" Copyright 1989 - 1990, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+
+.TH shadow 5 "" "" ""
+.nh
+.SH Ä°SÄ°M  
+shadow - 
+şifreli parola dosyası
+  
+.SH AÇIKLAMA
+
+\fBshadow\fR kullanıcı hesaplarının şifreli parola bilgilerini ve isteğe bağlı parola dönemsellik bilgilerini içerir.
+
+
+.IP 
+
+Kullanıcı adı
+
+Åžifreli parola
+
+1 Ocak 1970´den parolanın en son değiştiği güne kadar geçen gün sayısı
+
+Parolanın değişmesi gerekecek güne kadar olan sürenin gün sayısı
+
+Parolanın değişmesi gereken günden sonraki sürenin gün sayısı
+
+Parolanın zaman aşımından önce kullanıcının uyarılacağı gün sayısı
+
+Parolanın zaman aşımından hesabın kapatılacağı güne kadar geçecek sürenin gün sayısı
+
+1 ocak 1970´den hesabın kapatılacağı güne kadar geçen sürenin gün sayısı
+
+Bir yedek alan
+
+.PP
+Parola alanı mutlaka dolu olmalıdır. Şifreli parola alanı 64 karakterlik 
+bir alfabeden (a´dan z´ye, A´dan Z´ye, 0´dan 9´a, "." Ve "/" den oluşan bir alfabe) seçilen 13 ila 24 karakterden oluşur. Bu dizgenin nasıl yorumlandığını görmek için \fBcrypt\fR(3)'e bakınız.
+
+Parolanın en son değiştiği günün tarihi, 1 Ocak 1970´den beri geçen gün sayısı olarak belirtilir. Geçerli gün sayısı geçmeden parolanın tekrar değiştirilmesi önlenebilir ve belirli bir gün sayısı geçtikten sonra parolanın değişmesi için kullanıcı zorlanabilir. Şayet gerekli en az gün sayısı en çok gün sayısından daha büyük ise, parola kullanıcı tarafından değiştirilemez.
+
+Şayet parola son kullanım tarihinden sonra belirtilen süre içinde değiştirilmez ise, kullanıcı hesabı kapatılır. Parola son kullanım tarihinden bağımsız olarak, bir kullanıcı hesabı belirtilen sürenin sonunda kapatılabilir.
+
+Bu bilgiler, /etc/passwd dosyasında da varsa, /etc/shadow dosyasındaki bilgiler geçerlidir. 
+
+Parola güvenliği açısından bu dosya için normal kullanıcılara okuma izni kapalı olmalıdır.
+
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+/etc/passwd - kullanıcı hesap bilgileri
+.br
+/etc/shadow - şifreli kullanıcı parolaları
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBchage\fR(1),
+\fBlogin\fR(1),
+\fBpasswd\fR(1),
+\fBsu\fR(1),
+\fBpasswd\fR(5),
+\fBpwconv\fR(8),
+\fBpwunconv\fR(8),
+\fBsulogin\fR(8).
+
+.SH YAZAN
+
+Julianne Frances Haugh <jockgrrl (at) ix.netcom.com> tarafından yazılmıştır.
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Ocak 2004
+
diff --git a/man/tr/man8/groupadd.8 b/man/tr/man8/groupadd.8
new file mode 100644
index 0000000..1568ae2
--- /dev/null
+++ b/man/tr/man8/groupadd.8
@@ -0,0 +1,97 @@
+
+
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+
+.TH groupadd 8 "" "" ""
+.nh
+.SH Ä°SÄ°M  
+groupadd - 
+yeni bir grup oluÅŸturur
+
+.SH KULLANIM
+
+.nf
+
+\fBgroupadd\fR [\fB-g \fR\fIgrup-kimliÄŸi\fR [\fB-o\fR]] [\fB-r\fR] [\fB-f\fR] \fIgrup\fR
+
+.fi
+
+
+.SH AÇIKLAMA
+
+\fBgroupadd\fR komutu, komut satırından tanımlanan bilgiler ve sistemdeki öntanımlı bilgiler eşliğinde yeni bir grup oluşturur. Yeni grup, gerekli sistem dosyalarına girilir. \fBgroupadd\fR komutuna uygulanacak seçenekler şunlardır:
+
+
+
+.br
+.ns
+.TP 
+\fB-g \fR\fIgrup-kimliÄŸi\fR
+Grubu tanımlayan numara. \fB-o\fR seçeneği belirtilmediği sürece bu numara benzersiz olmalıdır. Negatif bir değer atanamaz. Öntanımlı olarak 500´den ve diğer bütün tanımlı grup numaralarından daha büyük olan en küçük sayı kullanılır. 0 ile 499 arasındaki değerler, geleneksel olarak, \fIsistem hesapları\fR için ayrılır.
+
+.TP 
+\fB-r\fR
+Bu seçenek \fBgroupadd\fR komutuna bir \fIsistem hesabı\fR eklemesini söyler. \fB-g\fR seçeneği belirtilmediği sürece, 499´dan küçük olan olası bir grup numarası atanır. Bu seçenek Red Hat tarafından eklenmiştir.
+
+.TP 
+\fB-f\fR
+Zorlama seçeneği. Bu seçenek, \fBgroupadd\fR komutunun eklemeye çalıştığı grup sistemde halihazırda var ise, bir hata vererek çıkmasını sağlar. Böyle bir durumda grup değişmeyecek veya tekrar eklenmeyecektir. 
+
+Bu seçenek aynı zamanda, \fB-g\fR seçeneğinin çalışma şeklini düzenler. Benzersiz olmayan bir grup numarası istediğiniz ve \fB-o\fR seçeneğini vermediğiniz zaman, grup oluşturma işlemi, standart şekline (\fB-g\fR veya \fB-o\fR seçeneği tanımlanmadığı durumda bir grup ekler gibi) geri dönecektir. Bu seçenek Red Hat tarafından eklenmiştir.
+
+.PP
+
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+.nf
+
+\fB/etc/group\fR   - grupların hesap bilgileri
+\fB/etc/gshadow\fR - güvenli grup bilgileri
+
+.fi
+
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBgroupdel\fR(8),
+\fBgroupmod\fR(8),
+\fBuseradd\fR(8),
+\fBuserdel\fR(8),
+\fBusermod\fR(8).
+
+.SH YAZAN
+
+Julianne Frances Haugh <jockgrrl (at) ix.netcom.com> tarafından yazılmıştır.
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Ocak 2004
+
diff --git a/man/tr/man8/groupdel.8 b/man/tr/man8/groupdel.8
new file mode 100644
index 0000000..eda77ac
--- /dev/null
+++ b/man/tr/man8/groupdel.8
@@ -0,0 +1,77 @@
+
+
+.\" Copyright 1991 - 1993, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+
+.TH groupdel 8 "" "" ""
+.nh
+.SH Ä°SÄ°M  
+groupdel - 
+bir grubu siler
+
+.SH KULLANIM
+\fBgroupdel \fR\fIgrup\fR
+  
+.SH AÇIKLAMA
+
+\fBgroupdel\fR komutu, sistem hesap dosyalarını düzenler ve \fIgrup\fR olarak belirtilen gruba ait bütün girdileri siler. Silinmek istenen grup, sistemde varolmalıdır.
+
+Silme işleminden sonra, silinen grup numarasına ait herhangi bir dosya kalmadığından emin olmak için bütün dosya sistemlerini kontrol etmelisiniz.
+
+.SH YETERSÄ°ZLÄ°KLER
+
+Varolan herhangi bir kullanıcının birincil grubunu silemeyebilirsiniz. Grubu silmeden önce bu kullanıcıyı sistemden kaldırmak zorundasınız.
+
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+.nf
+
+\fB/etc/group\fR   - grupların hesap bilgileri
+\fB/etc/gshadow\fR - güvenli grup bilgileri
+
+.fi
+
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBgroupadd\fR(8),
+\fBgroupmod\fR(8),
+\fBuseradd\fR(8),
+\fBuserdel\fR(8),
+\fBusermod\fR(8).
+
+.SH YAZAN
+
+Julianne Frances Haugh <jockgrrl (at) ix.netcom.com> tarafından yazılmıştır.
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Ocak 2004
+
diff --git a/man/tr/man8/groupmod.8 b/man/tr/man8/groupmod.8
new file mode 100644
index 0000000..f55a05d
--- /dev/null
+++ b/man/tr/man8/groupmod.8
@@ -0,0 +1,91 @@
+
+
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+
+.TH groupmod 8 "" "" ""
+.nh
+.SH Ä°SÄ°M  
+groupmod - 
+bir grubun niteliklerini düzenler
+
+.SH KULLANIM
+
+.nf
+
+\fBgroupmod\fR [\fB-g \fR\fIgrup-kimliÄŸi\fR [\fB-o\fR]] [\fB-n \fR\fIgrup-ismi\fR] \fIgrup\fR
+
+.fi
+
+
+.SH AÇIKLAMA
+
+\fBgroupmod\fR komutu, komut satırından tanımlanan bir gruba ait bilgilerdeki değişiklikleri, sistem hesap dosyaları üzerinde değiştirmek için kullanılır. Bu komuta verilebilecek seçenekler şunlardır: 
+
+
+
+.br
+.ns
+.TP 
+\fB-g \fR\fIgrup-kimliÄŸi\fR
+Grubu tanımlayan numara. \fB-o\fR seçeneği belirtilmediği sürece bu numara benzersiz olmalıdır. Negatif bir değer atanamaz.  0 ile 99 arasında değerler, geleneksel olarak, sistem grupları için ayrılmıştır. Dosya grup numarası, eski grup numarası olan bütün dosyaların dosya grup numaraları el ile değiştirilmelidir.
+
+.TP 
+\fB-n \fR\fIgrup-ismi\fR
+\fIgrup\fR ile belirtilen grubun alacağı yeni grup adını tanımlar.
+
+.PP
+
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+.nf
+
+\fB/etc/group\fR   - grupların hesap bilgileri
+\fB/etc/gshadow\fR - güvenli grup bilgileri
+
+.fi
+
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBgroupadd\fR(8),
+\fBgroupdel\fR(8),
+\fBuseradd\fR(8),
+\fBuserdel\fR(8),
+\fBusermod\fR(8).
+
+.SH YAZAN
+
+Julianne Frances Haugh <jockgrrl (at) ix.netcom.com> tarafından yazılmıştır.
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Ocak 2004
+
diff --git a/man/tr/man8/useradd.8 b/man/tr/man8/useradd.8
new file mode 100644
index 0000000..379b2d3
--- /dev/null
+++ b/man/tr/man8/useradd.8
@@ -0,0 +1,195 @@
+
+
+.\" Copyright 1991 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+
+.TH useradd 8 "" "" ""
+.nh
+.SH Ä°SÄ°M  
+useradd - 
+yeni bir kullanıcı oluşturur veya öntanımlı yeni kullanıcı bilgilerini günceller
+
+.SH KULLANIM
+
+.nf
+
+\fBuseradd\fR [\fB-c \fR\fIaçıklama\fR] [\fB-d \fR\fIevdizini\fR]
+        [\fB-e \fR\fIbitiş_tarihi\fR] [\fB-f \fR\fIaskı_süresi\fR]
+        [\fB-g \fR\fIbirincil_grup\fR] [\fB-G \fR\fIgrup\fR[,...]]
+        [\fB-m \fR[\fB-k \fR\fIiskelet_dizin\fR] | \fB-M\fR] [\fB-p \fR\fIparola\fR]
+        [\fB-s \fR\fIkabuk\fR] [\fB-u \fR\fIkull_kiml\fR [ \fB-o\fR]] [\fB-n\fR] [\fB-r\fR] \fIkullanıcı\fR
+
+.fi
+
+
+.nf
+    
+\fBuseradd -D\fR [\fB-g \fR\fIöntanımlı_grup\fR] [\fB-b \fR\fIöntanımlı_ev\fR]
+        [\fB-f \fR\fIöntanımlı_askı_süresi\fR] [\fB-e \fR\fIöntanımlı_bitiş_tarihi\fR]
+        [\fB-s \fR\fIöntanımlı_kabuk\fR]
+
+.fi
+
+
+.SH AÇIKLAMA
+.SS Yeni Kullanıcıların Oluşturulması
+
+\fB-D\fR seçeneği belitilmeden çağrıldığında, \fBuseradd\fR komutu, komut satırında tanımlanan değerleri ve sistemdeki öntanımlı değerleri kullanarak yeni bir kullanıcı oluşturur. Komut satırında belirtilen seçeneklere bağlı olarak, gerekli sistem dosyalarına yeni kullanıcının bilgileri girilir; ev dizini oluşturulur;  ilk dosyalar kopyalanır.  Red Hat Linux´da kullanılan sürümünde, \fB-n\fR seçeneği belirtilmediği sürece, oluşturulan her kullanıcı için yeni bir grup oluşturulur. Kullanabileceğiniz seçenekler şunlardır:
+
+
+
+.br
+.ns
+.TP 
+\fB-c \fR\fIaçıklama\fR
+Yeni kullanıcının parola dosyasındaki açıklama alanı.
+
+.TP 
+\fB-d \fR\fIevdizini\fR
+Oluşturulan yeni kullanıcının sisteme girişte kullanacağı ev dizinini belirtir. Öntanımlı olarak, \fIkullanıcı\fR ismi \fIöntanımlı_ev\fR'e eklenecek ve sisteme giriş dizini ismi olarak kullanılacaktır.
+
+.TP 
+\fB-e \fR\fIbitiÅŸ_tarihi\fR
+Kullanıcı hesabının son kullanma tarihini belirtir. Tarih YYYY-AA-GG (Y: yıl, A: ay, G: gün) şeklinde belirtilir.
+
+.TP 
+\fB-f \fR\fIaskı_süresi\fR
+Kullanıcı parolasının son kullanma tarihinden itibaren, bu hesabın 
+tamamen kapatılacağı tarihe kadar geçecek olan sürenin gün cinsinden değeri belirtilir. Bu değer 0 olarak belirtilirse, parolanın son kullanma tarihinde hesap kapatılır. -1 değeri verilirse, bu özellik iptal edilmiş olur. -1 değeri öntanımlı değerdir. 
+
+.TP 
+\fB-g \fR\fIbirincil_grup\fR
+Kullanıcının üyesi olacağı birincil grubun adı veya numarası belirtilir. Belirtilen grup, sistemde önceden tanımlanmış olmalıdır. Şayet grup numarası belirtilmiş ise, bu numara sistemde var olan bir gruba ait olmalıdır. Olmayan gruba ait bir isim veya numara kullanamazsınız. Öntanımlı değer 1 dir.
+
+.TP 
+\fB-g \fR\fIgrup\fR[,...]
+Kullanıcının üyesi olacağı ilave gruplar belirtilir. Her grup, diğerinden virgül ile ayrılır, arada boşluk bırakılmaz. Burada tanımlanan gruplar, \fB-g\fR ile tanımlanan grubun kısıtlamalarına tabidirler. Öntanımlı olarak, kullanıcının sadece \fIbirincil_grup\fR üyesi olduğu kabul edilir.
+
+.TP 
+\fB-m\fR
+Şayet sistemde kullanıcının ev dizini yok ise, yeni bir dizin oluşturulur. Eğer \fB-k\fR seçeneği belirtilmişse \fIiskelet_dizin\fR içindeki dosyalar ev dizinine kopyalanır. Aksi taktirde /etc/skel içindeki dosyalar kullanılır. \fIiskelet_dizin\fR veya /etc/skel içindeki bütün dizinler, ev dizininde de oluşturulur. \fB-k\fR seçeneği, sadece \fB-m\fR seçeneği ile birlikte kullanıldığında etkilidir. Öntanımlı olarak, dizin oluşturulmaz ve dosyalar kopyalanmaz.
+
+.TP 
+\fB-M\fR
+/etc/login.defs içinde tanımlı bütün sistemi kapsayan ayarlarda ev dizininin yaratılması gerektiği belirtilmiş olsa bile, kullanıcı ev dizini oluşturulmaz.
+
+.TP 
+\fB-n\fR
+Öntanımlı olarak, oluşturulan yeni kullanıcı ile aynı adlı yeni bir grup oluşturulur. Bu seçenek belirtilir ise, bu Red Hat Linux´a özel davranış kapatılmış olur. 
+
+.TP 
+\fB-r\fR
+Bu seçenek, yeni bir sistem hesabı açmak için kullanılır. Böylece, /etc/login.defs içinde belirtilen UID_MIN değerinden daha küçük kullanıcı kimlikli kullanıcı oluşturulabilir. /etc/login.defs içindeki öntanımlı değerler ne olursa olsun, \fBuseradd\fR komutu böyle bir kullanıcı için ev dizini oluşturmayacaktır. Oluşturulacak sistem hesabı için bir ev dizini istiyorsanız, \fB-m\fR seçeneğini kullanmak zorundasınız. Bu, Red Hat tarafından eklenmiş bir seçenektir.   
+
+.TP 
+\fB-p \fR\fIparola\fR
+\fBcrypt\fR(3) tarafından döndürülen şifrelenmiş paroladır. Öntanımlı olarak hesap kapalıdır.
+
+.TP 
+\fB-s \fR\fIkabuk\fR
+Kullanıcının sisteme girişte kullanacağı kabuğun adıdır. Öntanımlı olarak bu değer boştur, böylece sistemin öntanımlı kabuğunun seçilmesi sağlanır. 
+
+.TP 
+\fB-u \fR\fIkull_kiml\fR
+Kullanıcı kimliğinin sayısal değeridir. Bu değer, \fB-o\fR seçeneği kullanılmadığı sürece, eşsiz olmalıdır. Değer mutlaka pozitif bir sayı olmalıdır. Öntanımlı olarak, diğer kullanıcıların numaralarından ve 99´dan büyük, en küçük numara kullanılır. 0 ile 99 arasındaki değerler sistem hesapları için ayrılmıştır.
+
+.PP
+.SS Öntanımlı Değerlerin Değiştirilmesi
+
+ 
+\fB-D\fR seçeneği ile birlikte kullanıldığı zaman, \fBuseradd\fR ya geçerli değerleri görüntüler, ya da öntanımlı değerleri, komut satırından belirtilenler ile günceller. Kullanabileceğiniz seçenekler şunlardır:          
+
+
+.br
+.ns
+.TP 
+\fB-b \fR\fIöntanımlı_ev\fR
+Yeni bir kullanıcının ev dizini için ilk dosyayolu önekini belirtir. \fIYeni bir hesap açarken \fB-d\fR seçeneği belirtilmemişse\fR, yeni kullanıcının adı \fIöntanımlı_ev\fR'in sonuna eklenir ve yeni dizin oluşturulur.
+
+.TP 
+\fB-e \fR\fIöntanımlı_bitiş_tarihi\fR
+Kullanıcı hesabının kapatılacağı tarih.
+
+.TP 
+\fB-f \fR\fIöntanımlı_askı_süresi\fR
+Kullanıcı parolasının son kullanma tarihinden itibaren, bu hesabın tamamen kapatılacağı tarihe kadar geçecek olan sürenin gün cinsinden değeri.
+
+.TP 
+\fB-g \fR\fIöntanımlı_grup\fR
+Yeni bir kullanıcı için birincil grup adı veya grup kimliği. Belirtilen grup ismi sistemde mevcut olmalı ve sayısal grup kimliği için mevcut bir girdi bulunmalıdır.
+
+.TP 
+\fB-s \fR\fIöntanımlı_kabuk\fR
+Yeni bir kullanıcının sisteme girişte kullanacağı kabuğun adı. Belirtilen kabuk gelecekte açılacak bütün yeni hesaplarda kullanılır.
+
+.PP
+
+Şayet herhangi bir seçenek belirtilmezse, \fBuseradd\fR geçerli öntanımlı değerleri görüntüleyecektir.
+
+.SH NOTLAR    
+
+/etc/skel dizinindeki öntanımlı dosyaların yerleştirilmesi sistem yöneticilerinin sorumluluğundadır. \fBuseradd\fR komutunun bu sürümü, Red Hat tarafından, Red Hat kullanıcı/grup uyumluluğunu sağlayamak için düzenlenmiştir.
+
+.SH YETERSÄ°ZLÄ°KLER
+
+NIS grubuna kullanıcı ekleyemezsiniz. Bu NIS sunucusu üzerinde yapılmalıdır. 
+ 
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+.nf
+
+\fB/etc/passwd\fR          - kullanıcı hesabı bilgileri
+\fB/etc/shadow\fR          - güvenli kullanıcı hesabı bilgileri
+\fB/etc/group\fR           - grup bilgileri
+\fB/etc/gshadow\fR         - güvenli grup bilgileri
+\fB/etc/default/useradd\fR - öntanımlı bilgiler
+\fB/etc/login.defs\fR      - sistem genelinde geçerli kurallar
+\fB/etc/skel\fR            - öntanımlı dosyaları içeren dizin
+
+.fi
+
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBcrypt\fR(3),
+\fBgroupadd\fR(8),
+\fBgroupdel\fR(8),
+\fBgroupmod\fR(8),
+\fBuserdel\fR(8),
+\fBusermod\fR(8).
+
+.SH YAZAN
+
+Julianne Frances Haugh <jockgrrl (at) ix.netcom.com> tarafından yazılmıştır.
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Aralık 2003
+
diff --git a/man/tr/man8/userdel.8 b/man/tr/man8/userdel.8
new file mode 100644
index 0000000..b6f5919
--- /dev/null
+++ b/man/tr/man8/userdel.8
@@ -0,0 +1,94 @@
+
+
+.\" Copyright 1991 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+
+.TH userdel 8 "" "" ""
+.nh
+.SH Ä°SÄ°M  
+userdel - 
+Bir kullanıcı hesabını ve onunla ilgili dosyaları siler
+
+.SH KULLANIM
+
+.nf
+
+\fBuserdel\fR [ \fB-r\fR ] \fIkullanıcı\fR
+
+.fi
+
+
+.SH AÇIKLAMA
+
+\fBuserdel\fR, userdel komutu, \fIkullanıcı\fR ile belirtilen hesabı silerek, sistem hesap dosyalarını değiştirir. Silinmeye çalışan \fIkullanıcı\fR hesabı, sistemde var olan bir hesap olmalıdır. Var olmayan bir hesabı silemezsiniz.
+
+
+
+.br
+.ns
+.TP 
+\fB-r\fR
+Kullanıcının ev dizinindeki dosyalar, ev dizininin kendisi ve 
+kullanıcının posta havuzu silinir. Diğer dosya sistemlerinde bulunan dosyalar silinmez. Bu nedenle bu dosyaları bulmak ve onları silmek sistem yöneticisinin görevidir.
+
+.PP
+
+.SH Ä°LGÄ°LÄ° DOSYALAR    
+
+.nf
+
+/etc/passwd - kullanıcı hesap bilgileri
+/etc/shadow - güvenli kullanıcı hesap bilgileri
+/etc/group  - grup bilgileri 
+
+.fi
+  
+
+.SH YETERSÄ°ZLÄ°KLER    
+
+Kullanıcı sisteme bağlı ise, \fBuserdel\fR komutu ile bu hesabı 
+kaldıramazsınız.  Silmeye çalıştığınız hesaba ait çalışan bütün süreçleri öldürmek zorundasınız. Bir NIS istemcisindeki NIS özniteliklerini kaldıramayabilirsiniz. Bu işlem, NIS sunucu üzerinde gerçekleştirilmelidir.
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBgroupadd\fR(8),
+\fBgroupdel\fR(8),
+\fBgroupmod\fR(8),
+\fBuseradd\fR(8),
+\fBusermod\fR(8).
+
+.SH YAZAN
+
+Julianne Frances Haugh <jockgrrl (at) ix.netcom.com> tarafından  yazılmıştır.
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Aralık 2003
+
diff --git a/man/tr/man8/usermod.8 b/man/tr/man8/usermod.8
new file mode 100644
index 0000000..6980829
--- /dev/null
+++ b/man/tr/man8/usermod.8
@@ -0,0 +1,142 @@
+
+
+.\" Copyright 1991 - 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+
+.TH usermod 8 "" "" ""
+.nh
+.SH Ä°SÄ°M  
+usermod - 
+bir kullanıcı hesabını düzenler
+
+.SH KULLANIM
+
+.nf
+
+\fBusermod\fR [\fB-c \fR\fIaçıklama\fR] [\fB-d \fR\fIevdizini \fR[\fB-m\fR]]
+        [\fB-e \fR\fIbitiş_tarihi\fR] [\fB-f \fR\fIaskı_süresi\fR]
+        [\fB-g \fR\fIbirincil_grup\fR] [\fB-G \fR\fIgrup\fR[,...]]
+        [\fB-l \fR\fIkullanıcı-adı\fR]  [\fB-p \fR\fIparola\fR]
+        [\fB-s \fR\fIkabuk\fR] [\fB-u \fR\fIkull_kiml\fR [\fB-o\fR]] [\fB-L\fR|\fB-U\fR] \fIkullanıcı\fR
+
+.fi
+
+
+.SH AÇIKLAMA
+
+\fBusermod\fR komutu, sistem hesap dosyalarını düzenlemeye, üzerlerinde değişiklik yapmaya yarar. Bu komuta uygulanabilecek seçenekler şunlardır:
+
+
+
+.br
+.ns
+.TP 
+\fB-c \fR\fIaçıklama\fR
+Kullanıcı parola dosyasındaki açıklama alanına girilecek yeni değeri belirtir. Normalde \fBchfn\fR(1) komutu ile düzenlenir.
+
+.TP 
+\fB-d \fR\fIevdizini\fR
+Kullanıcının sisteme girişte kullanacağı ev dizinini belirtir. Şayet \fB-m\fR seçeneği belirtilmiş ise, kullanıcının hali hazırda kullanmakta olduğu ev dizininin içeriği yeni oluşturulan ev dizinine aktarılır.
+
+.TP 
+\fB-e \fR\fIbitiÅŸ_tarihi\fR
+Kullanıcı hesabının son kullanma tarihini belirtir. Tarih YYYY-AA-GG (Y: yıl, A: ay, G: gün) şeklinde belirtilir.
+
+.TP 
+\fB-f \fR\fIaskı_süresi\fR
+Kullanıcı parolasının son kullanma tarihinden itibaren, bu hesabın 
+tamamen kapatılacağı tarihe kadar geçecek olan sürenin gün cinsinden değeri belirtilir. Bu değer 0 olarak belirtilirse, parolanın son kullanma tarihinde hesap kapatılır. -1 değeri verilirse, bu özellik iptal edilmiş olur. -1 değeri öntanımlı değerdir. 
+
+.TP 
+\fB-g \fR\fIbirincil_grup\fR
+Kullanıcının üyesi olacağı birincil grubun adı veya numarası belirtilir. Belirtilen grup, sistemde önceden tanımlanmış olmalıdır. Öntanımlı değer 1 dir.
+
+.TP 
+\fB-g \fR\fIgrup\fR[,...]
+Kullanıcının üyesi olacağı ilave gruplar belirtilir. Her grup, diğerinden virgül ile ayrılır, arada boşluk bırakılmaz. Burada tanımlanan gruplar, \fB-g\fR ile tanımlanan grubun kısıtlamalarına tabidirler. Şayet kullanıcı listelenen gruplar haricinde bir grubun da üyesi ise, kullanıcı bu gruptan çıkarılır.  
+
+.TP 
+\fB-l \fR\fIkullanıcı-adı\fR
+Sisteme girişte kullanıcının kullanacağı yeni isim. Sadece isim değişir, başka hiçbir şey değişmez. Kullanıcının ev dizininin ismi, yeni kullanıcı ismi ile bağlantı yapılmasını sağlamak için \fIkullanıcı-adı\fR ile tanımlanan yeni isme dönüşür.
+
+.TP 
+\fB-p \fR\fIparola\fR
+\fBcrypt\fR(3) tarafından döndürülen şifrelenmiş paroladır.
+
+.TP 
+\fB-s \fR\fIkabuk\fR
+Kullanıcının sisteme girişte kullanacağı kabuğun adıdır. Bu alan boş bırakılırsa, sistemin öntanımlı kabuğunun seçilmesi sağlanır. 
+
+.TP 
+\fB-u \fR\fIkull_kiml\fR
+Kullanıcı kimliğinin sayısal değeridir. Bu değer, \fB-o\fR seçeneği kullanılmadığı sürece, eşsiz olmalıdır. Değer mutlaka pozitif bir sayı olmalıdır. 0 ile 99 arsındaki değerler sistem hesapları için ayrılmıştır. Bu değer değiştirildiği zaman; kullanıcının sahip olduğu bütün dosyaların ve kullanıcı ev dizinini kök dizin olarak kabul ederek, kullanıcı ev dizininin altındaki hiyeraşik yapı içindeki bütün dosyaların kullanıcı numarası otomatik olarak değişir. Kullanıcı ev dizininin dışındaki dosyaların kullanıcı iyelik numarası kullanıcı tarafından değiştirilmelidir.
+
+.TP 
+\fB-L\fR
+Kullanıcı parolasını kilitler. Parolayı devre dışı bırakmak için, şifreli parolanın önüne '!'  işareti koyar. Bu seçeneği \fB-p\fR veya \fB-U\fR seçenekleri ile birlikte kullanamazsınız.
+
+.TP 
+\fB-U\fR
+Devre dışı bırakılmış bir kullanıcı parolasını tekrar açar. Yaptığı iş şifreli parolanın önündeki '!' işaretini kaldırmaktır. Bu seçeneği \fB-p\fR veya \fB-L\fR seçenekleri ile birlikte kullanamazsınız.
+
+.PP
+.SH YETERSÄ°ZLÄ°KLER
+
+\fBusermod\fR komutu ile, sisteme bağlı bir kullanıcının adını 
+değiştiremezsiniz. Kullanıcının tanımlayıcı numarasını değiştirmeye kalktığınız zaman, kullanıcının herhangi bir süreç çalıştırmadığından emin olun. Herhangi bir \fBcrontab\fR dosyasının sahibini kendiniz değiştirmelisiniz.  Çalışan herhangi bir işin sahibini de kendiniz değiştirmelisiniz. NIS sunuculardaki NIS ile alakalı bütün değişiklikleri kendiniz yapmalısınız
+ 
+.SH Ä°LGÄ°LÄ° DOSYALAR
+
+.nf
+
+\fB/etc/passwd\fR  - kullanıcı hesabı bilgileri
+\fB/etc/shadow\fR  - güvenli kullanıcı hesabı bilgileri
+\fB/etc/group\fR   - grup bilgileri
+
+.fi
+
+
+.SH Ä°LGÄ°LÄ° BELGELER
+
+\fBchfn\fR(1),
+\fBchsh\fR(1),
+\fBpasswd\fR(1),
+\fBcrypt\fR(3),
+\fBgroupadd\fR(8),
+\fBgroupdel\fR(8),
+\fBgroupmod\fR(8),
+\fBuseradd\fR(8),
+\fBuserdel\fR(8).
+
+.SH YAZAN
+
+Julianne Frances Haugh <jockgrrl (at) ix.netcom.com> tarafından yazılmıştır.
+
+.SH ÇEVİREN
+
+Yalçın Kolukısa <yalcink01 (at) yahoo.com>, Ocak 2004
+
diff --git a/man/useradd.8.xml b/man/useradd.8.xml
new file mode 100644
index 0000000..8d56301
--- /dev/null
+++ b/man/useradd.8.xml
@@ -0,0 +1,849 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1991 - 1994, Julianne Frances Haugh
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY CREATE_HOME           SYSTEM "login.defs.d/CREATE_HOME.xml">
+<!ENTITY GID_MAX               SYSTEM "login.defs.d/GID_MAX.xml">
+<!ENTITY MAIL_DIR              SYSTEM "login.defs.d/MAIL_DIR.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY PASS_MAX_DAYS         SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
+<!ENTITY PASS_MIN_DAYS         SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
+<!ENTITY PASS_WARN_AGE         SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
+<!ENTITY SUB_GID_COUNT         SYSTEM "login.defs.d/SUB_GID_COUNT.xml">
+<!ENTITY SUB_UID_COUNT         SYSTEM "login.defs.d/SUB_UID_COUNT.xml">
+<!ENTITY SYS_GID_MAX           SYSTEM "login.defs.d/SYS_GID_MAX.xml">
+<!ENTITY SYS_UID_MAX           SYSTEM "login.defs.d/SYS_UID_MAX.xml">
+<!ENTITY UID_MAX               SYSTEM "login.defs.d/UID_MAX.xml">
+<!ENTITY UMASK                 SYSTEM "login.defs.d/UMASK.xml">
+<!ENTITY TCB_AUTH_GROUP        SYSTEM "login.defs.d/TCB_AUTH_GROUP.xml">
+<!ENTITY TCB_SYMLINKS          SYSTEM "login.defs.d/TCB_SYMLINKS.xml">
+<!ENTITY USE_TCB               SYSTEM "login.defs.d/USE_TCB.xml">
+<!ENTITY USERGROUPS_ENAB       SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='useradd.8'>
+  <!--  $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1991</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>useradd</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>useradd</refname>
+    <refpurpose>create a new user or update default new user information</refpurpose>
+  </refnamediv>
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>useradd</command>
+      <arg choice='opt'>
+	<replaceable>options</replaceable>
+      </arg>
+      <arg choice='plain'><replaceable>LOGIN</replaceable></arg>
+    </cmdsynopsis>
+    <cmdsynopsis>
+      <command>useradd</command>
+      <arg choice='plain'>-D </arg>
+    </cmdsynopsis>
+    <cmdsynopsis>
+      <command>useradd</command>
+      <arg choice='plain'>-D </arg>
+      <arg choice='opt'>
+	<replaceable>options</replaceable>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+      <para>
+	When invoked without the <option>-D</option> option, the
+	<command>useradd</command> command creates a new user account using
+	the values specified on the command line plus the default values from
+	the system. Depending on command line options, the
+	<command>useradd</command> command
+	will update system files and may also create the new user's home
+	directory and copy initial files.
+      </para>
+      <para>
+	By default, a group will also be created for the new user (see
+	<option>-g</option>, <option>-N</option>, <option>-U</option>, and
+	<option>USERGROUPS_ENAB</option>).
+      </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>The options which apply to the <command>useradd</command> command are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The default base directory for the system if <option>-d</option>&nbsp;<replaceable>HOME_DIR</replaceable> is not specified.
+	    <replaceable>BASE_DIR</replaceable> is
+	    concatenated with the account name to define the home directory. 
+	    If the <option>-m</option> option is not used,
+	    <replaceable>BASE_DIR</replaceable> must exist.
+	  </para>
+	  <para>
+	    If this option is not specified, <command>useradd</command>
+	    will use the base directory specified by the
+	    <option>HOME</option> variable in
+	    <filename>/etc/default/useradd</filename>, or
+	    <filename>/home</filename> by default.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Any text string. It is generally a short description of the
+	    login, and is currently used as the field for the user's full
+	    name.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The new user will be created using
+	    <replaceable>HOME_DIR</replaceable> as the value for the user's
+	    login directory. The default is to append the
+	    <replaceable>LOGIN</replaceable> name to
+	    <replaceable>BASE_DIR</replaceable> and use that as the login
+	    directory name. The directory <replaceable>HOME_DIR</replaceable>
+	    does not have to exist but will not be created if it is missing.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-D</option>, <option>--defaults</option>
+	</term>
+	<listitem>
+	  <para>
+	    See below, the subsection "Changing the default values".
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-e</option>, <option>--expiredate</option>&nbsp;<replaceable>EXPIRE_DATE</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The date on which the user account will be disabled. The date is
+	    specified in the format <emphasis remap='I'>YYYY-MM-DD</emphasis>.
+	  </para>
+	  <para>
+	    If not specified, <command>useradd</command> will use the
+	    default expiry date specified by the <option>EXPIRE</option>
+	    variable in <filename>/etc/default/useradd</filename>, or
+	    an empty string (no expiry) by default.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The number of days after a password expires until the account is
+	    permanently disabled. A value of 0 disables the account as soon
+	    as the password has expired, and a value of -1 disables the
+	    feature.
+	  </para>
+	  <para>
+	    If not specified, <command>useradd</command> will use the
+	    default inactivity period specified by the
+	    <option>INACTIVE</option> variable in
+	    <filename>/etc/default/useradd</filename>, or -1 by default.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The group name or number of the user's initial login group. The
+	    group name must exist. A group number must refer to an already
+	    existing group.
+	  </para>
+	  <para>
+	    If not specified, the behavior of <command>useradd</command>
+	    will depend on the <option>USERGROUPS_ENAB</option> variable
+	    in <filename>/etc/login.defs</filename>. If this variable is
+	    set to <replaceable>yes</replaceable> (or
+	    <option>-U/--user-group</option> is specified on the command
+	    line), a group will be created for the user, with the same
+	    name as her loginname. If the variable is set to
+	    <replaceable>no</replaceable> (or
+	    <option>-N/--no-user-group</option> is specified on the
+	    command line), useradd will set the primary group of the new
+	    user to the value specified by the <option>GROUP</option>
+	    variable in <filename>/etc/default/useradd</filename>, or
+	    100 by default.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</replaceable>[<emphasis remap='I'>,GROUP2,...</emphasis>[<emphasis remap='I'>,GROUPN</emphasis>]]]
+	</term>
+	<listitem>
+	  <para>
+	    A list of supplementary groups which the user is also a member
+	    of. Each group is separated from the next by a comma, with no
+	    intervening whitespace. The groups are subject to the same
+	    restrictions as the group given with the <option>-g</option>
+	    option. The default is for the user to belong only to the
+	    initial group.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The skeleton directory, which contains files and directories
+	    to be copied in the user's home directory, when the home
+	    directory is created by <command>useradd</command>.
+	  </para>
+	  <para>
+	    This option is only valid if the <option>-m</option> (or
+	    <option>--create-home</option>) option is specified.
+	  </para>
+	  <para>
+	    If this option is not set, the skeleton directory is defined
+	    by the <option>SKEL</option> variable in
+	    <filename>/etc/default/useradd</filename> or, by default,
+	    <filename>/etc/skel</filename>.
+	  </para>
+	  <para>
+	    If possible, the ACLs and extended attributes are copied.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</replaceable>=<replaceable>VALUE</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Overrides <filename>/etc/login.defs</filename> defaults
+	    (<option>UID_MIN</option>, <option>UID_MAX</option>,
+	    <option>UMASK</option>, <option>PASS_MAX_DAYS</option>
+	    and others).
+	  <para>
+	  </para>
+	    Example: <option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</replaceable>
+	    can be used when creating system account to turn off password
+	    aging, even though system account has no password at all.
+	    Multiple <option>-K</option> options can be specified, e.g.:
+	    <option>-K</option>&nbsp;<replaceable>UID_MIN</replaceable>=<replaceable>100</replaceable>&nbsp;
+	    <option>-K</option>&nbsp;<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>
+	  </para>
+	  <!--para>
+	    Note: <option>-K</option>&nbsp;<replaceable>UID_MIN</replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>
+	    doesn't work yet.
+	  </para-->
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-l</option>, <option>--no-log-init</option></term>
+	<listitem>
+	  <para>
+	    Do not add the user to the lastlog and faillog databases.
+	  </para>
+	  <para>
+	    By default, the user's entries in the lastlog and faillog
+	    databases are reset to avoid reusing the entry from a previously
+	    deleted user.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-m</option>, <option>--create-home</option>
+	</term>
+	<listitem>
+	  <para>
+	    Create the user's home directory if it does not exist. 
+	    The files and directories contained in the skeleton directory
+	    (which can be defined with the <option>-k</option> option)
+	    will be copied to the home directory.
+	  </para>
+	  <para>
+	    By default, if this option is not specified and
+	    <option>CREATE_HOME</option> is not enabled, no home
+	    directories are created.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	 <option>-M</option>, <option>--no-create-home</option>
+	</term>
+	<listitem>
+	  <para>
+	    Do no create the user's home directory, even if the system
+	    wide setting from <filename>/etc/login.defs</filename>
+	    (<option>CREATE_HOME</option>) is set to
+	    <replaceable>yes</replaceable>.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-N</option>, <option>--no-user-group</option>
+	</term>
+	<listitem>
+	  <para>
+	    Do not create a group with the same name as the user, but
+	    add the user to the group specified by the <option>-g</option>
+	    option or by the <option>GROUP</option> variable in
+	    <filename>/etc/default/useradd</filename>.
+	  </para>
+	  <para>
+	    The default behavior (if the <option>-g</option>,
+	    <option>-N</option>, and <option>-U</option> options are not
+	    specified) is defined by the <option>USERGROUPS_ENAB</option>
+	    variable in <filename>/etc/login.defs</filename>.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-o</option>, <option>--non-unique</option>
+	</term>
+	<listitem>
+	  <para>Allow the creation of a user account with a duplicate (non-unique) UID.</para>
+	  <para>
+	    This option is only valid in combination with the
+	    <option>-u</option> option.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The encrypted password, as returned by <citerefentry>
+	    <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+	    </citerefentry>. The default is to disable the password.
+	  </para>
+	  <para>
+	    <emphasis role="bold">Note:</emphasis> This option is not
+	    recommended because the password (or encrypted password) will
+	    be visible by users listing the processes.
+	  </para>
+	  <para>
+	    You should make sure the password respects the system's
+	    password policy.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-r</option>, <option>--system</option>
+	</term>
+	<listitem>
+	  <para>
+	    Create a system account.
+	  </para>
+	  <para>
+	    System users will be created with no aging information in
+	    <filename>/etc/shadow</filename>, and their numeric
+	    identifiers are chosen in the
+	    <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>
+	    range, defined in <filename>/etc/login.defs</filename>, instead of
+	    <option>UID_MIN</option>-<option>UID_MAX</option> (and their
+	    <option>GID</option> counterparts for the creation of groups).
+	  </para>
+	  <para>
+	    Note that <command>useradd</command> will not create a home
+	    directory for such a user, regardless of the default setting
+	    in <filename>/etc/login.defs</filename>
+	    (<option>CREATE_HOME</option>). You have to specify the
+	    <option>-m</option> options if you want a home directory for a
+	    system account to be created.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The name of the user's login shell. The default is to leave this
+	    field blank, which causes the system to select the default login
+	    shell specified by the <option>SHELL</option> variable in
+	    <filename>/etc/default/useradd</filename>, or an empty string
+	    by default.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The numerical value of the user's ID. This value must be unique,
+	    unless the <option>-o</option> option is used. The value must be
+	    non-negative. The default is to use the smallest ID value
+	    greater than or equal to <option>UID_MIN</option> and greater
+	    than every other user.
+	  </para>
+	  <para>
+	    See also the <option>-r</option> option and the
+	    <option>UID_MAX</option> description.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-U</option>, <option>--user-group</option>
+	</term>
+	<listitem>
+	  <para>
+	    Create a group with the same name as the user, and
+	    add the user to this group.
+	  </para>
+	  <para>
+	    The default behavior (if the <option>-g</option>,
+	    <option>-N</option>, and <option>-U</option> options are not
+	    specified) is defined by the <option>USERGROUPS_ENAB</option>
+	    variable in <filename>/etc/login.defs</filename>.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-Z</option>, <option>--selinux-user</option>&nbsp;<replaceable>SEUSER</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The SELinux user for the user's login. The default is to leave this
+	    field blank, which causes the system to select the default SELinux
+	    user.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+
+    <refsect2 id='changing_the_default_values'>
+      <title>Changing the default values</title>
+      <para>
+	When invoked with only the <option>-D</option> option,
+	<command>useradd</command> will display the current default values.
+	When invoked with <option>-D</option> plus other options,
+	<command>useradd</command> will update the default values for the
+	specified options. Valid default-changing options are:
+      </para>
+      <variablelist remap='IP'>
+	<varlistentry>
+	  <term>
+	    <option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</replaceable>
+	  </term>
+	  <listitem>
+	    <para>
+	      The path prefix for a new user's home directory. The
+	      user's name will be affixed to the end of
+	      <replaceable>BASE_DIR</replaceable> to form the new user's
+	      home directory name, if the <option>-d</option> option is not used
+	      when creating a new account.
+	    </para>
+	    <para>
+	      This option sets the <option>HOME</option> variable in
+	      <filename>/etc/default/useradd</filename>.
+	    </para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term>
+	    <option>-e</option>, <option>--expiredate</option>&nbsp;<replaceable>EXPIRE_DATE</replaceable>
+	  </term>
+	  <listitem>
+	    <para>The date on which the user account is disabled.</para>
+	    <para>
+	      This option sets the <option>EXPIRE</option> variable in
+	      <filename>/etc/default/useradd</filename>.
+	    </para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term>
+	    <option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</replaceable>
+	  </term>
+	  <listitem>
+	    <para>
+	      The number of days after a password has expired before the
+	      account will be disabled.
+	    </para>
+	    <para>
+	      This option sets the <option>INACTIVE</option> variable in
+	      <filename>/etc/default/useradd</filename>.
+	    </para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term>
+	    <option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</replaceable>
+	  </term>
+	  <listitem>
+	    <para>
+	      The group name or ID for a new user's initial group (when
+	      the <option>-N/--no-user-group</option> is used or when the
+	      <option>USERGROUPS_ENAB</option> variable is set to
+	      <replaceable>no</replaceable> in
+	      <filename>/etc/login.defs</filename>). The named
+	      group must exist, and a numerical group ID must have an
+	      existing entry.
+	    </para>
+	    <para>
+	      This option sets the <option>GROUP</option> variable in
+	      <filename>/etc/default/useradd</filename>.
+	    </para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term>
+	    <option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</replaceable>
+	  </term>
+	  <listitem>
+	    <para>
+	      The name of a new user's login shell.
+	    </para>
+	    <para>
+	      This option sets the <option>SHELL</option> variable in
+	      <filename>/etc/default/useradd</filename>.
+	    </para>
+	  </listitem>
+	</varlistentry>
+      </variablelist>
+
+    </refsect2>
+  </refsect1>
+
+  <refsect1 id='notes'>
+    <title>NOTES</title>
+    <para>The system administrator is responsible for placing the default
+      user files in the <filename>/etc/skel/</filename> directory (or any
+      other skeleton directory specified in
+      <filename>/etc/default/useradd</filename> or on the command line).
+    </para>
+  </refsect1>
+
+  <refsect1 id='caveats'>
+    <title>CAVEATS</title>
+    <para>
+      You may not add a user to a NIS or LDAP group. This must be
+      performed on the corresponding server.
+    </para>
+
+    <para>
+      Similarly, if the username already exists in an external user
+      database such as NIS or LDAP, <command>useradd</command> will deny
+      the user account creation request.
+    </para>
+
+    <para>
+      Usernames must start with a lower case letter or an underscore,
+      followed by lower case letters, digits, underscores, or dashes.
+      They can end with a dollar sign.
+      In regular expression terms: [a-z_][a-z0-9_-]*[$]?
+    </para>
+    <para>
+      Usernames may only be up to 32 characters long.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &CREATE_HOME;
+      &GID_MAX; <!-- documents also GID_MIN -->
+      &MAIL_DIR;
+      &MAX_MEMBERS_PER_GROUP;
+      &PASS_MAX_DAYS;
+      &PASS_MIN_DAYS;
+      &PASS_WARN_AGE;
+      &SUB_GID_COUNT; <!-- documents also SUB_GID_MAX and SUB_GID_MIN -->
+      &SUB_UID_COUNT; <!-- documents also SUB_UID_MAX and SUB_UID_MIN -->
+      &SYS_GID_MAX; <!-- documents also SYS_GID_MIN -->
+      &SYS_UID_MAX; <!-- documents also SYS_UID_MIN -->
+      &TCB_AUTH_GROUP;
+      &TCB_SYMLINKS;
+      &UID_MAX; <!-- documents also UID_MIN -->
+      &UMASK;
+      &USE_TCB;
+      &USERGROUPS_ENAB;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="gshadow">
+	<term><filename>/etc/gshadow</filename></term>
+	<listitem>
+	  <para>Secure group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/default/useradd</filename></term>
+	<listitem>
+	  <para>Default values for account creation.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/skel/</filename></term>
+	<listitem>
+	  <para>Directory containing default files.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="subids">
+	<term><filename>/etc/subgid</filename></term>
+	<listitem>
+	  <para>Per user subordinate group IDs.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="subids">
+	<term><filename>/etc/subuid</filename></term>
+	<listitem>
+	  <para>Per user subordinate user IDs.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/login.defs</filename></term>
+	<listitem>
+	  <para>Shadow password suite configuration.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='exit_values'>
+    <title>EXIT VALUES</title>
+    <para>
+      The <command>useradd</command> command exits with the following values:
+      <variablelist>
+	<varlistentry>
+	  <term><replaceable>0</replaceable></term>
+	  <listitem>
+	    <para>success</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>1</replaceable></term>
+	  <listitem>
+	    <para>can't update password file</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>2</replaceable></term>
+	  <listitem>
+	    <para>invalid command syntax</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>3</replaceable></term>
+	  <listitem>
+	    <para>invalid argument to option</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>4</replaceable></term>
+	  <listitem>
+	    <para>UID already in use (and no <option>-o</option>)</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>6</replaceable></term>
+	  <listitem>
+	    <para>specified group doesn't exist</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>9</replaceable></term>
+	  <listitem>
+	    <para>username already in use</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>10</replaceable></term>
+	  <listitem>
+	    <para>can't update group file</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>12</replaceable></term>
+	  <listitem>
+	    <para>can't create home directory</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>14</replaceable></term>
+	  <listitem>
+	    <para>can't update SELinux user mapping</para>
+	  </listitem>
+	</varlistentry>
+      </variablelist>
+    </para>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <phrase condition="subids">
+	<citerefentry>
+	  <refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum>
+	</citerefentry>,
+	<citerefentry>
+	  <refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum>
+	</citerefentry>,
+      </phrase>
+      <citerefentry>
+	<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/userdel.8.xml b/man/userdel.8.xml
new file mode 100644
index 0000000..3f95a8d
--- /dev/null
+++ b/man/userdel.8.xml
@@ -0,0 +1,349 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1991 - 1994, Julianne Frances Haugh
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY MAIL_DIR              SYSTEM "login.defs.d/MAIL_DIR.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY TCB_SYMLINKS          SYSTEM "login.defs.d/TCB_SYMLINKS.xml">
+<!ENTITY USE_TCB               SYSTEM "login.defs.d/USE_TCB.xml">
+<!ENTITY USERDEL_CMD           SYSTEM "login.defs.d/USERDEL_CMD.xml">
+<!ENTITY USERGROUPS_ENAB       SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='userdel.8'>
+  <!-- $Id$ -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1991</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>userdel</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>userdel</refname>
+    <refpurpose>delete a user account and related files</refpurpose>
+  </refnamediv>
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>userdel</command>
+      <arg choice='opt'>options</arg>
+      <arg choice='plain'>
+	<replaceable>LOGIN</replaceable>
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>userdel</command> command modifies the system account
+      files, deleting all entries that refer to the user name <emphasis
+      remap='I'>LOGIN</emphasis>. The named user must exist.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>userdel</command> command are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term>
+	  <option>-f</option>, <option>--force</option>
+	</term>
+	<listitem>
+	  <para>
+	    This option forces the removal of the user account, even if the
+	    user is still
+	    logged in. It also forces <command>userdel</command> to remove
+	    the user's home directory and mail spool, even if another
+	    user uses the same home directory or if the mail spool is not
+	    owned by the specified user.  If
+	    <option>USERGROUPS_ENAB</option> is defined to <emphasis
+	    remap='I'>yes</emphasis> in <filename>/etc/login.defs</filename>
+	    and if a group exists with the same name as the deleted user,
+	    then this group will be removed, even if it is still the primary
+	    group of another user.
+	  </para>
+	  <para>
+	    <emphasis>Note:</emphasis> This option is dangerous and may leave
+	    your system in an inconsistent state.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+        <term><option>-h</option>, <option>--help</option></term>
+          <listitem>
+	    <para>Display help message and exit.</para>
+	  </listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-r</option>, <option>--remove</option>
+	</term>
+	<listitem>
+	  <para>
+	    Files in the user's home directory will be removed along with
+	    the home directory itself and the user's mail spool. Files
+	    located in other file systems will have to be searched for and
+	    deleted manually.
+	  </para>
+	  <para>
+	    The mail spool is defined by the <option>MAIL_DIR</option>
+	    variable in the <filename>login.defs</filename> file.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-Z</option>, <option>--selinux-user</option>
+	</term>
+	<listitem>
+	  <para>
+	    Remove any SELinux user mapping for the user's login.
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &MAIL_DIR; <!-- documents also MAIL_FILE -->
+      &MAX_MEMBERS_PER_GROUP;
+      &TCB_SYMLINKS;
+      &USE_TCB;
+      &USERDEL_CMD;
+      &USERGROUPS_ENAB;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/login.defs</filename></term>
+	<listitem>
+	  <para>Shadow password suite configuration.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="subids">
+	<term><filename>/etc/subgid</filename></term>
+	<listitem>
+	  <para>Per user subordinate group IDs.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="subids">
+	<term><filename>/etc/subuid</filename></term>
+	<listitem>
+	  <para>Per user subordinate user IDs.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='exit_values'>
+    <title>EXIT VALUES</title>
+    <para>
+      The <command>userdel</command> command exits with the following values:
+      <variablelist>
+	<varlistentry>
+	  <term><replaceable>0</replaceable></term>
+	  <listitem>
+	    <para>success</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>1</replaceable></term>
+	  <listitem>
+	    <para>can't update password file</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>2</replaceable></term>
+	  <listitem>
+	    <para>invalid command syntax</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>6</replaceable></term>
+	  <listitem>
+	    <para>specified user doesn't exist</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>8</replaceable></term>
+	  <listitem>
+	    <para>user currently logged in</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>10</replaceable></term>
+	  <listitem>
+	    <para>can't update group file</para>
+	  </listitem>
+	</varlistentry>
+	<varlistentry>
+	  <term><replaceable>12</replaceable></term>
+	  <listitem>
+	    <para>can't remove home directory</para>
+	  </listitem>
+	</varlistentry>
+      </variablelist>
+    </para>
+  </refsect1>
+
+  <refsect1 id='caveats'>
+    <title>CAVEATS</title>
+    <para>
+      <command>userdel</command> will not allow you to remove an account if
+      there are running processes which belong to this account. In that
+      case, you may have to kill those processes or lock the user's
+      password or account and remove the account later. The
+      <option>-f</option> option can force the deletion of this account.
+    </para>
+    <para>
+      You should manually check all file systems to ensure that no files
+      remain owned by this user.
+    </para>
+    <para>You may not remove any NIS attributes on a NIS client. This must
+      be performed on the NIS server.
+    </para>
+    <para>If <option>USERGROUPS_ENAB</option> is defined to <emphasis
+      remap='I'>yes</emphasis> in <filename>/etc/login.defs</filename>,
+      <command>userdel</command> will delete the group with the same name
+      as the user. To avoid inconsistencies in the passwd and group
+      databases, <command>userdel</command> will check that this group is
+      not used as a primary group for another user, and will just warn
+      without deleting the group otherwise. The <option>-f</option> option
+      can force the deletion of this group.
+    </para>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para><citerefentry>
+	<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <phrase condition="subids">
+	<citerefentry>
+	  <refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum>
+	</citerefentry>,
+	<citerefentry>
+	  <refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum>
+	</citerefentry>,
+      </phrase>
+      <citerefentry>
+	<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/usermod.8.xml b/man/usermod.8.xml
new file mode 100644
index 0000000..6cd469c
--- /dev/null
+++ b/man/usermod.8.xml
@@ -0,0 +1,606 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1991 - 1994, Julianne Frances Haugh
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY MAIL_DIR              SYSTEM "login.defs.d/MAIL_DIR.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY SUB_GID_COUNT         SYSTEM "login.defs.d/SUB_GID_COUNT.xml">
+<!ENTITY SUB_UID_COUNT         SYSTEM "login.defs.d/SUB_UID_COUNT.xml">
+<!ENTITY TCB_SYMLINKS          SYSTEM "login.defs.d/TCB_SYMLINKS.xml">
+<!ENTITY USE_TCB               SYSTEM "login.defs.d/USE_TCB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='usermod.8'>
+  <!--  $Id$  -->
+  <refentryinfo>
+    <author>
+      <firstname>Julianne Frances</firstname>
+      <surname>Haugh</surname>
+      <contrib>Creation, 1991</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>usermod</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>usermod</refname>
+    <refpurpose>modify a user account</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>usermod</command>
+      <arg choice='opt'>
+	<replaceable>options</replaceable>
+      </arg>
+      <arg choice='plain'><replaceable>LOGIN</replaceable></arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>usermod</command> command modifies the system account
+      files to reflect the changes that are specified on the command line.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>usermod</command> command
+      are:
+    </para>
+    <variablelist>
+      <varlistentry>
+	<term>
+	  <option>-a</option>, <option>--append</option>
+	</term>
+	<listitem>
+	  <para>
+	    Add the user to the supplementary group(s). Use only with the
+	    <option>-G</option> option.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The new value of the user's password file comment field. It is
+	    normally modified using the <citerefentry>
+	    <refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+	    </citerefentry> utility.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The user's new login directory.
+	  </para>
+	  <para>
+	    If the <option>-m</option>
+	    option is given, the contents of the current home directory will
+	    be moved to the new home directory, which is created if it does
+	    not already exist.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-e</option>, <option>--expiredate</option>&nbsp;<replaceable>EXPIRE_DATE</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The date on which the user account will be disabled. The date is
+	    specified in the format <emphasis remap='I'>YYYY-MM-DD</emphasis>.
+	  </para>
+	  <para>
+	    An empty <replaceable>EXPIRE_DATE</replaceable> argument will
+	    disable the expiration of the account.
+	  </para>
+	  <para>
+	    This option requires a <filename>/etc/shadow</filename> file.
+	    A <filename>/etc/shadow</filename> entry will be created if
+	    there were none.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The number of days after a password expires until the account is
+	    permanently disabled.
+	  </para>
+	  <para>
+	    A value of 0 disables the account as soon
+	    as the password has expired, and a value of -1 disables the
+	    feature.
+	  </para>
+	  <para>
+	    This option requires a <filename>/etc/shadow</filename> file.
+	    A <filename>/etc/shadow</filename> entry will be created if
+	    there were none.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The group name or number of the user's new initial login group.
+	    The group must exist.
+	  </para>
+	  <para>
+	    Any file from the user's home directory owned by the previous
+	    primary group of the user will be owned by this new group.
+	  </para>
+	  <para>
+	    The group ownership of files outside of the user's home directory
+	    must be fixed manually.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</replaceable>[<emphasis remap='I'>,GROUP2,...</emphasis>[<emphasis remap='I'>,GROUPN</emphasis>]]]
+	</term>
+	<listitem>
+	  <para>
+	    A list of supplementary groups which the user is also a member
+	    of. Each group is separated from the next by a comma, with no
+	    intervening whitespace. The groups are subject to the same
+	    restrictions as the group given with the <option>-g</option>
+	    option.
+	  </para>
+	  <para>
+	    If the user is currently a member of a group which is
+	    not listed, the user will be removed from the group. This
+	    behaviour can be changed via the <option>-a</option> option, which
+	    appends the user to the current supplementary group list.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The name of the user will be changed from
+	    <replaceable>LOGIN</replaceable> to
+	    <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In
+	    particular, the user's home directory or mail spool should
+	    probably be renamed manually to reflect the new login name.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-L</option>, <option>--lock</option>
+	</term>
+	<listitem>
+	  <para>
+	    Lock a user's password. This puts a '!' in front of the
+	    encrypted password, effectively disabling the password. You
+	    can't use this option with <option>-p</option> or
+	    <option>-U</option>.
+	  </para>
+	  <para>
+	    Note: if you wish to lock the account (not only access with a
+	    password), you should also set the
+	    <replaceable>EXPIRE_DATE</replaceable> to
+	    <replaceable>1</replaceable>.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-m</option>, <option>--move-home</option>
+	</term>
+	<listitem>
+	  <para>
+	    Move the content of the user's home directory to the new
+	    location.
+	  </para>
+	  <para>
+	    This option is only valid in combination with the
+	    <option>-d</option> (or <option>--home</option>) option.
+	  </para>
+	  <para>
+	    <command>usermod</command> will try to adapt the ownership of the
+	    files and to copy the modes, ACL and extended attributes, but
+	    manual changes might be needed afterwards.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-o</option>, <option>--non-unique</option>
+	</term>
+	<listitem>
+	  <para>
+	    When used with the <option>-u</option> option, this option
+	    allows to change the user ID to a non-unique value.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The encrypted password, as returned by <citerefentry>
+	    <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+	    </citerefentry>.
+	  </para>
+	  <para>
+	    <emphasis role="bold">Note:</emphasis> This option is not
+	    recommended because the password (or encrypted password) will
+	    be visible by users listing the processes.
+	  </para>
+	  <para condition="pam">
+	    The password will be written in the local
+	    <filename>/etc/passwd</filename> or
+	    <filename>/etc/shadow</filename> file. This might differ from the
+	    password database configured in your PAM configuration.
+	  </para>
+	  <para>
+	    You should make sure the password respects the system's
+	    password policy.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The name of the user's new login shell. Setting this field to
+	    blank causes the system to select the default login shell.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The new numerical value of the user's ID.
+	  </para>
+	  <para>
+	    This value must be unique,
+	    unless the <option>-o</option> option is used. The value must be
+	    non-negative.
+	  </para>
+	  <para>
+	    The user's mailbox, and any files which the user owns and which are
+	    located in the user's home
+	    directory will have the file user ID changed automatically.
+	  </para>
+	  <para>
+	    The ownership of files outside of the user's home directory
+	    must be fixed manually.
+	  </para>
+	  <para>
+	    No checks will be performed with regard to the
+	    <option>UID_MIN</option>, <option>UID_MAX</option>,
+	    <option>SYS_UID_MIN</option>, or <option>SYS_UID_MAX</option>
+	    from <filename>/etc/login.defs</filename>.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-U</option>, <option>--unlock</option>
+	</term>
+	<listitem>
+	  <para>
+	    Unlock a user's password. This removes the '!' in front of the
+	    encrypted password. You can't use this option with
+	    <option>-p</option> or <option>-L</option>.
+	  </para>
+	  <para>
+	    Note: if you wish to unlock the account (not only access with a
+	    password), you should also set the
+	    <replaceable>EXPIRE_DATE</replaceable> (for example to
+	    <replaceable>99999</replaceable>, or to the
+	    <option>EXPIRE</option> value from
+	    <filename>/etc/default/useradd</filename>).
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="subids">
+	<term>
+	  <option>-v</option>, <option>--add-subuids</option>&nbsp;<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Add a range of subordinate uids to the user's account. 
+	  </para>
+	  <para>
+	    This option may be specified multiple times to add multiple ranges to a users account.
+	  </para>
+	  <para>
+	     No checks will be performed with regard to
+	     <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</option>, or
+	     <option>SUB_UID_COUNT</option> from /etc/login.defs.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="subids">
+	<term>
+	  <option>-V</option>, <option>--del-subuids</option>&nbsp;<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Remove a range of subordinate uids from the user's account.
+	  </para>
+	  <para>
+	    This option may be specified multiple times to remove multiple ranges to a users account.
+	    When both <option>--del-subuids</option> and <option>--add-subuids</option> are specified,
+	    the removal of all subordinate uid ranges happens before any subordinate uid range is added.
+	  </para>
+	  <para>
+	     No checks will be performed with regard to
+	     <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</option>, or
+	     <option>SUB_UID_COUNT</option> from /etc/login.defs.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="subids">
+	<term>
+	  <option>-w</option>, <option>--add-subgids</option>&nbsp;<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Add a range of subordinate gids to the user's account.
+	  </para>
+	  <para>
+	    This option may be specified multiple times to add multiple ranges to a users account.
+	  </para>
+	  <para>
+	     No checks will be performed with regard to
+	     <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</option>, or
+	     <option>SUB_GID_COUNT</option> from /etc/login.defs.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="subids">
+	<term>
+	  <option>-W</option>, <option>--del-subgids</option>&nbsp;<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Remove a range of subordinate gids from the user's account.
+	  </para>
+	  <para>
+	    This option may be specified multiple times to remove multiple ranges to a users account.
+	    When both <option>--del-subgids</option> and <option>--add-subgids</option> are specified,
+	    the removal of all subordinate gid ranges happens before any subordinate gid range is added.
+	  </para>
+	  <para>
+	     No checks will be performed with regard to
+	     <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</option>, or
+	     <option>SUB_GID_COUNT</option> from /etc/login.defs.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-Z</option>, <option>--selinux-user</option>&nbsp;<replaceable>SEUSER</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    The new SELinux user for the user's login.
+	  </para>
+	  <para>
+	    A blank <replaceable>SEUSER</replaceable> will remove the
+	    SELinux user mapping for user <replaceable>LOGIN</replaceable>
+	    (if any).
+	  </para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='caveats'>
+    <title>CAVEATS</title>
+    <para>
+      You must make certain that the named user is
+      not executing any processes when this command is being executed if the
+      user's numerical user ID, the user's name, or the user's home
+      directory is being changed. <command>usermod</command> checks this
+      on Linux. On other platforms it only uses utmp to check if the user is logged in.
+    </para>
+    <para>
+      You must change the owner of any <command>crontab</command> files or
+      <command>at</command> jobs manually.
+    </para>
+    <para>
+      You must make any changes involving NIS on the NIS server.
+    </para>
+  </refsect1>
+
+  <refsect1 id='configuration'>
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &MAIL_DIR; <!-- documents also MAIL_FILE -->
+      &MAX_MEMBERS_PER_GROUP;
+      &SUB_GID_COUNT; <!-- documents also SUB_GID_MAX and SUB_GID_MIN -->
+      &SUB_UID_COUNT; <!-- documents also SUB_UID_MAX and SUB_UID_MIN -->
+      &TCB_SYMLINKS;
+      &USE_TCB;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="gshadow">
+	<term><filename>/etc/gshadow</filename></term>
+	<listitem>
+	  <para>Secure group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/login.defs</filename></term>
+	<listitem>
+	  <para>Shadow password suite configuration.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="subids">
+	<term><filename>/etc/subgid</filename></term>
+	<listitem>
+	  <para>Per user subordinate group IDs.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="subids">
+	<term><filename>/etc/subuid</filename></term>
+	<listitem>
+	  <para>Per user subordinate user IDs.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>gpasswd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <phrase condition="subids">
+	<citerefentry>
+	  <refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum>
+	</citerefentry>,
+	<citerefentry>
+	  <refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum>
+	</citerefentry>,
+      </phrase>
+      <citerefentry>
+	<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/vipw.8.xml b/man/vipw.8.xml
new file mode 100644
index 0000000..810ef59
--- /dev/null
+++ b/man/vipw.8.xml
@@ -0,0 +1,250 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+   Copyright (c) 1997       , Marek Michałkiewicz
+   Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+   Copyright (c) 2007 - 2011, Nicolas François
+   All rights reserved.
+  
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   1. Redistributions of source code must retain the above copyright
+      notice, this list of conditions and the following disclaimer.
+   2. Redistributions in binary form must reproduce the above copyright
+      notice, this list of conditions and the following disclaimer in the
+      documentation and/or other materials provided with the distribution.
+   3. The name of the copyright holders or contributors may not be used to
+      endorse or promote products derived from this software without
+      specific prior written permission.
+  
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+   PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+   HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY USE_TCB               SYSTEM "login.defs.d/USE_TCB.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+<refentry id='vipw.8'>
+  <!--  $Id$  -->
+  <refentryinfo>
+    <author>
+      <firstname>Marek</firstname>
+      <surname>Michałkiewicz</surname>
+      <contrib>Creation, 1997</contrib>
+    </author>
+    <author>
+      <firstname>Thomas</firstname>
+      <surname>KÅ‚oczko</surname>
+      <email>kloczek@pld.org.pl</email>
+      <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+    </author>
+    <author>
+      <firstname>Nicolas</firstname>
+      <surname>François</surname>
+      <email>nicolas.francois@centraliens.net</email>
+      <contrib>shadow-utils maintainer, 2007 - now</contrib>
+    </author>
+  </refentryinfo>
+  <refmeta>
+    <refentrytitle>vipw</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
+    <refmiscinfo class="source">shadow-utils</refmiscinfo>
+    <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+  </refmeta>
+  <refnamediv id='name'>
+    <refname>vipw</refname>
+    <refname>vigr</refname>
+    <refpurpose>
+      edit the password, group, shadow-password or shadow-group file
+    </refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv id='synopsis'>
+    <cmdsynopsis>
+      <command>vipw</command>
+      <arg choice='opt'>
+	<replaceable>options</replaceable>                                                                                           
+      </arg>
+    </cmdsynopsis>
+    <cmdsynopsis>
+      <command>vigr</command>
+      <arg choice='opt'>
+	<replaceable>options</replaceable>                                                                                           
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id='description'>
+    <title>DESCRIPTION</title>
+    <para>
+      The <command>vipw</command> and <command>vigr</command> commands edits
+      the files <filename>/etc/passwd</filename> and
+      <filename>/etc/group</filename>, respectively. With the
+      <option>-s</option> flag, they will edit the shadow versions of those
+      files, <filename>/etc/shadow</filename> and
+      <filename>/etc/gshadow</filename>, respectively. The programs will set
+      the appropriate locks to prevent file corruption. When looking for an
+      editor, the programs will first try the environment variable
+      <envar>$VISUAL</envar>, then the environment variable
+      <envar>$EDITOR</envar>, and finally the default editor,
+      <citerefentry><refentrytitle>vi</refentrytitle>
+      <manvolnum>1</manvolnum></citerefentry>.
+    </para>
+  </refsect1>
+
+  <refsect1 id='options'>
+    <title>OPTIONS</title>
+    <para>
+      The options which apply to the <command>vipw</command> and
+      <command>vigr</command> commands are:
+    </para>
+    <variablelist remap='IP'>
+      <varlistentry>
+	<term><option>-g</option>, <option>--group</option></term>
+	<listitem>
+	  <para>Edit group database.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-p</option>, <option>--passwd</option></term>
+	<listitem>
+	  <para>Edit passwd database.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-q</option>, <option>--quiet</option></term>
+	<listitem>
+	  <para>Quiet mode.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+	    directory and use the configuration files from the
+	    <replaceable>CHROOT_DIR</replaceable> directory.
+	  </para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>-s</option>, <option>--shadow</option></term>
+	<listitem>
+	  <para>Edit shadow or gshadow database.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry condition="tcb">
+	<term><option>-u</option>, <option>--user</option></term>
+	<listitem>
+	  <para>Indicates which user's tcb shadow file to edit.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='configuration' condition="tcb">
+    <title>CONFIGURATION</title>
+    <para>
+      The following configuration variables in
+      <filename>/etc/login.defs</filename> change the behavior of this
+      tool:
+    </para>
+    <variablelist>
+      &USE_TCB;
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='environment'>
+    <title>ENVIRONMENT</title>
+    <variablelist>
+      <varlistentry>
+	<term><option>VISUAL</option></term>
+	<listitem>
+	  <para>Editor to be used.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><option>EDITOR</option></term>
+	<listitem>
+	  <para>Editor to be used if <option>VISUAL</option> is not set.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='files'>
+    <title>FILES</title>
+    <variablelist>
+      <varlistentry>
+	<term><filename>/etc/group</filename></term>
+	<listitem>
+	  <para>Group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/gshadow</filename></term>
+	<listitem>
+	  <para>Secure group account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/passwd</filename></term>
+	<listitem>
+	  <para>User account information.</para>
+	</listitem>
+      </varlistentry>
+      <varlistentry>
+	<term><filename>/etc/shadow</filename></term>
+	<listitem>
+	  <para>Secure user account information.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='see_also'>
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+	<refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>
+      <citerefentry condition="tcb">
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry condition="tcb">
+	<refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+	<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+</refentry>
diff --git a/man/zh_CN/Makefile.am b/man/zh_CN/Makefile.am
new file mode 100644
index 0000000..e9d8f2c
--- /dev/null
+++ b/man/zh_CN/Makefile.am
@@ -0,0 +1,66 @@
+
+mandir = @mandir@/zh_CN
+
+man_MANS = \
+	man1/chage.1 \
+	man1/chfn.1 \
+	man8/chgpasswd.8 \
+	man8/chpasswd.8 \
+	man1/chsh.1 \
+	man1/expiry.1 \
+	man5/faillog.5 \
+	man8/faillog.8 \
+	man3/getspnam.3 \
+	man1/gpasswd.1 \
+	man8/groupadd.8 \
+	man8/groupdel.8 \
+	man8/groupmems.8 \
+	man8/groupmod.8 \
+	man1/groups.1 \
+	man8/grpck.8 \
+	man8/grpconv.8 \
+	man8/grpunconv.8 \
+	man5/gshadow.5 \
+	man8/lastlog.8 \
+	man1/login.1 \
+	man5/login.defs.5 \
+	man8/logoutd.8 \
+	man1/newgrp.1 \
+	man8/newusers.8 \
+	man8/nologin.8 \
+	man1/passwd.1 \
+	man5/passwd.5 \
+	man8/pwck.8 \
+	man8/pwconv.8 \
+	man8/pwunconv.8 \
+	man1/sg.1 \
+	man3/shadow.3 \
+	man5/shadow.5 \
+	man1/su.1 \
+	man5/suauth.5 \
+	man8/useradd.8 \
+	man8/userdel.8 \
+	man8/usermod.8 \
+	man8/vigr.8 \
+	man8/vipw.8
+
+man_nopam = \
+	man5/limits.5 \
+	man5/login.access.5 \
+	man5/porttime.5
+
+if !USE_PAM
+man_MANS += $(man_nopam)
+endif
+
+EXTRA_DIST = \
+	$(man_MANS) \
+	man1/id.1 \
+	man8/sulogin.8
+
+if USE_PAM
+EXTRA_DIST += $(man_nopam)
+endif
+
+include ../generate_translations.mak
+
diff --git a/man/zh_TW/Makefile.am b/man/zh_TW/Makefile.am
new file mode 100644
index 0000000..c36ed2c
--- /dev/null
+++ b/man/zh_TW/Makefile.am
@@ -0,0 +1,18 @@
+# man pages encoded in Big5
+mandir = @mandir@/zh_TW
+
+man_MANS = \
+	man1/chfn.1 \
+	man1/chsh.1 \
+	man8/chpasswd.8 \
+	man1/newgrp.1 \
+	man8/groupadd.8 \
+	man8/groupdel.8 \
+	man8/groupmod.8 \
+	man5/passwd.5 \
+	man1/su.1 \
+	man8/useradd.8 \
+	man8/userdel.8 \
+	man8/usermod.8
+
+EXTRA_DIST = $(man_MANS)
diff --git a/man/zh_TW/man1/chfn.1 b/man/zh_TW/man1/chfn.1
new file mode 100644
index 0000000..b84668f
--- /dev/null
+++ b/man/zh_TW/man1/chfn.1
@@ -0,0 +1,58 @@
+.\" $Id$
+.\" (c) 1994 by salvatore valente <svalente@athena.mit.edu>
+.\"
+.\" this program is free software.  you can redistribute it and
+.\" modify it under the terms of the gnu general public license.
+.\" there is no warranty.
+.TH CHFN 1 "October 13 1994" "chfn" "Linux Reference Manual"
+.SH �稱
+chfn \- 改 變 你 的 finger 訊 �
+.SH 語法
+.B chfn
+[\ \-f\ full\-name\ ] [\ \-o\ office\ ] [\ \-p\ office\-phone\ ]
+[\ \-h\ home\-phone\ ] [\ \-u\ ] [\ \-v\ ] [\ username\ ]
+.SH �述
+.B chfn
+是 用 來 改 變 你 的 finger 訊 � 。 訊 � 是 存 放 在
+.I /etc/passwd 檔 內 。 � 藉 由
+.B finger
+來 顯 示 你 的 訊 � 。 Linux
+.B finger
+命 令 會 顯 示 四 段 訊 � ， 這 些 訊 � � � 藉 由
+.B chfn
+改 變
+: 真 實 姓 � ， 工 作 地 點 電 話 ， � 你 家 的 電 話 。
+.SS 命令列
+� 一 段 訊 � � � 在 命 令 列 上 指 定 。 如 沒 有 給 定 訊 � ，
+.B chfn
+進 入 交 談 模 �
+.SS INTERACTIVE MODE
+交談模�
+.B chfn
+會 在 � 一 欄 � � 示 。 在 � 示 狀 態 下 ， 你 就 � 輸 入 新 的 訊 � 或 
+是 按  return 而 � 改 變 。
+輸 入 "none" 則 表 示 該 欄 空 白 。
+.SH �項
+.TP
+.I "\-f, \-\-full\-name"
+真 實 姓 �
+.TP
+.I "\-h, \-\-home\-phone"
+家 裡 的 電 話
+.TP
+.I "\-o, \-\-office"
+辦 工 室 號 碼
+.TP
+.I "\-p, \-\-office\-phone"
+辦 公 室 電 話
+.TP
+.I "\-u, \-\-help"
+秀 出 使 用 說 明 短 訊 。
+.TP
+.I "\-v, \-\-version"
+秀 出 版 本 訊 � 。
+.SH "相關文件"
+.BR finger (1),
+.BR passwd (5)
+.SH 作者
+Salvatore Valente <svalente@mit.edu>
diff --git a/man/zh_TW/man1/chsh.1 b/man/zh_TW/man1/chsh.1
new file mode 100644
index 0000000..2a934c0
--- /dev/null
+++ b/man/zh_TW/man1/chsh.1
@@ -0,0 +1,45 @@
+.\" $Id$
+.\"  (c) 1994 by salvatore valente <svalente@athena.mit.edu>
+.\"
+.\"  this program is free software.  you can redistribute it and
+.\"  modify it under the terms of the gnu general public license.
+.\"  there is no warranty.
+.TH CHSH 1 "October 13 1994" "chsh" "Linux Reference Manual"
+.SH �稱
+chsh \- 更�你登入時所用的shell
+.SH 語法
+.B chsh
+[\ \-s\ shell\ ] [\ \-l\ ] [\ \-u\ ] [\ \-v\ ] [\ username\ ]
+.SH �述
+.B chsh
+用來更�你登入時所用的shell
+。在命令列沒指定shell。
+.B chsh
+會�示一個給你。
+.SS 有效的shell
+.B chsh
+�用指定路徑全�的方�來指定任何一個�執行的檔案。
+然而，如果此 shell並沒紀錄在
+.I /etc/shells
+檔上，則chsh會�出警告訊�。
+.SH �項
+.TP
+.I "\-l, \-\-list\-shells"
+列出紀錄在
+.I /etc/shells
+的shell。
+.TP
+.I "\-s, \-\-shell"
+變更你的登入shell.
+.TP
+.I "\-u, \-\-help"
+使用短訊。
+.TP
+.I "\-v, \-\-version"
+版本資訊
+.SH "相關文件"
+.BR login (1),
+.BR passwd (5),
+.BR shells (5)
+.SH 作者
+Salvatore Valente <svalente@mit.edu>
diff --git a/man/zh_TW/man1/newgrp.1 b/man/zh_TW/man1/newgrp.1
new file mode 100644
index 0000000..3fb79f6
--- /dev/null
+++ b/man/zh_TW/man1/newgrp.1
@@ -0,0 +1,38 @@
+.\" Original author unknown.  This man page is in the public domain.
+.\" Modified Sat Oct  9 17:46:48 1993 by faith@cs.unc.edu
+.TH NEWGRP 1 "9 October 1993" "Linux 1.2" "Linux Programmer's Manual"
+
+.SH NAME
+newgrp \- 登入到新的使用者組中
+
+.SH "總覽 (SYNOPSIS)"
+.BI "newgrp [ " group " ]"
+
+.SH "�述 (DESCRIPTION)"
+.B Newgrp
+改變 調用者 的 使用者組標識, 類似於
+.BR login (1).
+調用者 �舊 登入 在 系統 中, 當�目錄 也�變, 但是 檔案的訪�權� 將 根據
+新的 使用者組 ID 計算.
+.LP
+如果 沒有 指定 使用者組, GID 將 變� 登入 的 GID.
+.LP
+
+.SH "檔案 (FILES)"
+.I /etc/group
+.br
+.I /etc/passwd
+
+.SH "�見 (SEE ALSO)"
+.BR login "(1), " group (5)
+
+.SH "作者 (AUTHOR)"
+Originally by Michael Haardt. Currently maintained by 
+Peter Orbaek (poe@daimi.aau.dk).
+
+.SH "[中文版維護人]"
+.B �明 <xuming@users.sourceforge.net>
+.SH "[中文版最新更新]"
+.BR 2003/05/13
+.SH "《中國Linux論壇man手冊�翻譯計劃》"
+.BI http://cmpp.linuxforum.net
diff --git a/man/zh_TW/man1/su.1 b/man/zh_TW/man1/su.1
new file mode 100644
index 0000000..964d3d2
--- /dev/null
+++ b/man/zh_TW/man1/su.1
@@ -0,0 +1,62 @@
+.TH SU "1" "1999年8月" "GNU sh-utils 2.0"  FSF
+.SH NAME(�稱)
+su \- �行替�使用者和組標識的shell
+.SH SYNOPSIS(總覽)
+.B su
+[\fIOPTION\fR]... [\fI-\fR] [\fIUSER \fR[\fIARG\fR]...]
+.SH DESCRIPTION(�述)
+.PP
+.PP
+修改有效使用者標識和組標識為USER的.
+.TP
+-, \fB\-l\fR, \fB\-\-login\fR
+使得shell為�登入的shell
+.TP
+\fB\-c\fR, \fB\-\-commmand\fR=\fICOMMAND\fR
+傳�單個COMMAND給\fB\-c\fR的shell.
+.TP
+\fB\-f\fR, \fB\-\-fast\fR
+傳�\fB\-f\fR給shell(��csh或tcsh)
+.TP
+\fB\-m\fR, \fB\-\-preserve\-environment\fR
+��置環境變�
+.TP
+\fB\-p\fR
+與\fB\-m\fR�
+.TP
+\fB\-s\fR, \fB\-\-shell\fR=\fISHELL\fR
+如果/etc/shells�許\,�行SHELL.
+.TP
+\fB\-\-help\fR
+顯示幫助並退出
+.TP
+\fB\-\-version\fR
+輸出版本信�並退出
+.PP
+單一的-�味著\fB\-l\fR.如果沒有給定USER,則�定為root.
+.SH (報告BUGS)
+報告bugs,請發郵件到bug-sh-utils@gnu.org.
+.SH (�見)
+以Texinfo手冊形�維護的
+.B su
+完全文件.如果你正確地安�了
+.B info
+和
+.B echo
+命令
+.IP
+.B info su
+.PP
+應該�以使你訪�到整個手冊.
+.SH COPYRIGHT(版權)
+版權所有 \(co 1999 Free Software Foundation, Inc.
+.br
+這是自由軟體;�看複製�件的�檔案.�作任何擔�,更�用說商�性或者基於特殊目的的�
+用性.
+
+.SH "[中文版維護人]"
+.B riser <boomer@ccidnet.com>
+.SH "[中文版最新更新]"
+.BR 2001/08/08
+.SH "《中國linux論壇man手冊�翻譯計劃》:"
+.BI http://cmpp.linuxforum.net
diff --git a/man/zh_TW/man5/passwd.5 b/man/zh_TW/man5/passwd.5
new file mode 100644
index 0000000..57b5ea3
--- /dev/null
+++ b/man/zh_TW/man5/passwd.5
@@ -0,0 +1,132 @@
+.\" Copyright (c) 1993 Michael Haardt (michael@moria.de), Fri Apr 2 11:32:09 MET DST 1993
+.\" Chinese Version Copyright Scorpio, www.linuxforum.net, 2000
+.\"
+.\" This is free documentation; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of
+.\" the License, or (at your option) any later version.
+.\"
+.\" The GNU General Public License's references to "object code"
+.\" and "executables" are to be interpreted as the output of any
+.\" document formatting or typesetting system, including
+.\" intermediate and printed output.
+.\"
+.\" This manual is distributed in the hope that it will be useful,
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+.\" GNU General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public
+.\" License along with this manual; if not, write to the Free
+.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111,
+.\" USA.
+.\"
+.\" Modified Sun Jul 25 10:46:28 1993 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Aug 21 18:12:27 1994 by Rik Faith (faith@cs.unc.edu)
+.\" Modified Sun Jun 18 01:53:57 1995 by Andries Brouwer (aeb@cwi.nl)
+.\" Modified Mon Jan 5 20:24:40 MET 1998 by Michael Haardt
+.\" (michael@cantor.informatik.rwth-aachen.de)
+.TH PASSWD 5 "January 5, 1998" "" "File formats"
+.SH NAME �稱
+passwd \- 密碼檔案
+.SH �述
+.B Passwd
+是個純文字檔, 它包�了一個系統帳戶列表,
+給出�個帳戶一些有用的信�，比如使用者 ID,組 ID, 家目錄, shell,等.
+通常它也包�了�個使用者經�加密的密碼.
+它通常應該是�讀的（許\多命令，工具程�，�
+.BR ls (1)
+用它�使用者 Id 到使用者�稱的映射）,但是��許\超級使用者有寫方�權�.
+.PP
+在�去美好的日��，這種一般的讀許\�沒有什麼大�題.
+�個人都能讀到加密了的密碼，因為硬體太慢以至於�能解開一個
+精�的密碼，�外，這基本�定是為�好的使用團體使用的.
+�在，許\多人�行一些版本的影�密碼套件，它們在
+.I /etc/passwd
+的密碼域�是 *，而��是加密的�令，
+加密的�令放在
+.I /etc/shadow
+中，那個檔案�有超級使用者能讀．
+.PP
+�管是�使用了影�密碼，許\多系統管�員使用一個星號在加密的密碼字段
+以確�使用者�能鑒別他（她）自己的密碼. (見下�的注�)
+.PP
+如果你建立了一個新的登入，首先放個星號在密碼字段,
+然後使用
+.BR passwd (1)
+設置它.
+.PP
+（密碼檔案）��行一�記錄，並且�行有這樣的格�：
+.sp
+.RS
+account:password:UID:GID:GECOS:directory:shell
+（帳號:密碼:使用者ID:組ID:一般的信�:目錄:shell）
+.RE
+.sp
+字段�述如下:
+.sp
+.RS
+.TP 1.0in
+.I account
+使用者在系統中的�字，它�能包�大寫字�.
+.TP
+.I password
+加密的使用者密碼，或者星號。
+.TP
+.I UID
+使用者 ID 數。
+.TP
+.I GID
+使用者的主�組 ID 數。
+.TP
+.I GECOS
+這字段是��的，通常為了存放信�目的而設的．
+通常，它包�了使用者的全�. GECOS ��是通用電氣綜�作業系統（General Electric
+Comprehensive Operating System）, 當 GE 的大型系統部分割售賣給 Honeywell
+時它被改為 GCOS. Dennis Ritchie 作�報告："有時我們發��刷�或批�作業到
+GCOS機器時，gcos 字段打斷了 $IDENT �的信�，�太美觀。"（譯者：我想是太長�） 
+.TP
+.I directory
+使用者的 $HOME 目錄.
+.TP
+.I shell
+登入時�行的程�（如果空的，使用
+.BR /bin/sh ).
+如果設為�存在的執行（程�），使用者�能通�
+.BR login (1)
+登入.
+.RE
+.SH 注�
+如果你想建立使用者組，他們的 GID 必須相等並且一定是在
+\fI/etc/group\fP的一�記錄, ��然組就�存在．
+.PP
+如果加密密碼設�星號，使用者將�能用
+.BR login (1)
+來登入, 但�然�以用
+.BR rlogin (1)
+登入, 通�
+.BR rsh (1)
+或者
+.BR cron (1)
+或者
+.BR at (1)
+或者 mail �濾器等程��行已有的進程和開始新的等.
+試圖通�簡單改變 shell 字段鎖�一個使用者�果是一樣的，
+而且還附上了使用
+.B su(1) 
+的權�．
+.SH 相關檔案
+.I /etc/passwd
+.SH "�見"
+.BR passwd (1),
+.BR login (1),
+.BR su (1),
+.BR group (5),
+.BR shadow (5)
+.br
+.SH "[中文版維護人]"
+.B Scorpio <rawk@chinese.com>
+.SH "[中文版最新更新]"
+.B 2000/11/26
+.SH "《中國linux論壇man手冊�翻譯計劃》:"
+.BI http://cmpp.linuxforum.net
diff --git a/man/zh_TW/man8/chpasswd.8 b/man/zh_TW/man8/chpasswd.8
new file mode 100644
index 0000000..068cf95
--- /dev/null
+++ b/man/zh_TW/man8/chpasswd.8
@@ -0,0 +1,69 @@
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"; 中文版版權所有 soloman, Laser www.linuxforum.net 2000
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.TH CHPASSWD 8
+.SH NAME
+chpasswd \- �批更新使用者的�令
+.SH 總覽
+chpasswd [\-e]
+.SH �述
+.B chpasswd
+從系統的標準輸入讀入使用者的�稱和�令，
+並利用這些信�來更新系統上已存在的使用者的�令。
+在沒有用 \-e 這個開關�項的情�下，�令將按明文的形�接收。
+如果使用了 \-e �項，�令將�能以加密的方�傳�。
+�行的具體格�如下所示：
+.sp 1
+		\fI使用者�\fR：\fI新�令\fR
+.sp 1
+使用者�必須是系統上已存在的使用者。
+輸入的密碼在必�時進行加密處�，
+如果�令檔案具有時間特性，則�時更新。
+.PP
+此命令�用於大型的系統，在此類系統中，
+使用者一般都是一次�時生�的，而用 adduser 和
+passwd �令來�其一一進行設置一般說往往比較慢。
+.SH 注�事項
+.\" The \fBmkpasswd\fR command must be executed afterwards to update the
+.\" DBM password files.
+.\" This command may be discarded in favor of the newusers(8) command.
+因為�以使用檔案�定�進行輸入，
+�：chpasswd &lt; user&amp;passwd-filename， 
+如果輸入檔案是按�加密方�傳�的話，請�該檔案進行�當的加密。
+.SH �見
+passwd(1),useradd(8),newuser(8)
+.SH 作者
+Julianne Frances Haugh (jfh@bga.com)
+
+.SH "[中文版維護人]"
+.B 所羅門 <solomen@email.com.cn>
+.SH "[中文版最新更新]"
+2000/11/26
+.SH "[中國 Linux 論壇 man 手冊�翻譯計劃]"
+.BI http://cmpp.linuxforum.net
+
diff --git a/man/zh_TW/man8/groupadd.8 b/man/zh_TW/man8/groupadd.8
new file mode 100644
index 0000000..b88cb0a
--- /dev/null
+++ b/man/zh_TW/man8/groupadd.8
@@ -0,0 +1,88 @@
+.\" $Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.TH GROUPADD 8
+.SH �稱
+groupadd \- 建 立 新 群 組
+.SH 語法
+\fBgroupadd\fR [\fB\-g\fR \fIgid\fR [\fB\-o\fR]] [\fB\-f\fR] \fIgroup\fR
+.SH �述
+\fBgroupadd\fR
+� 指 定 群 組 � 稱 來 建 立 新 的 群 組 帳 號 。
+需 � 時 � 從 系 統 中 � 得 新 群 組 值 。
+\fBgroupadd\fR 有 下 列 � 項 � 用 。
+.IP \fB\-f\fR
+This is \fIforce\fR flag. 
+新 增 一 個 已 經 存 在 的 群 組 帳 號 ， 系 統 會 出
+� 錯 誤 訊 � 然 後 � � \fBgroupadd\fR 。
+ 如 果 是 這 樣 的 情 � ， � 會 新 增 這 個 群 組 
+( 如 果 是 這 個 情 � 下 ， 系 統 � 會 � 新 增 一 次 )
+.br
+也 � � 時 加 上 \fB\-g\fR � 項
+當 你 加 上 一 個 \fIgid\fR ， 此 時  \fIgid\fR
+就 � 用 是 唯 一 值 ， � � 加 \fB\-o\fR � 數 ，
+建 好 群 組 後 會 顯 � 果  
+(adding a group as neither \fB\-g\fR or \fB\-o\fR options were
+specified).
+
+.IP "\fB\-g \fIgid\fR"
+group's ID 值 。
+除  � 使 用 \fB\-o\fR � 數 � 然 該 值 必 須 是 唯 一 ， � � 相 � 。
+數 值 � � 為 負 。
+� 設 為 最 �  �  得 � 於 500 而 � 次 增 加 。 0~999 傳 統 上
+是 � 留 給 \fI系統帳號\fR 使 用 。
+.IP \fB\-r\fR
+此 � 數 是 用 來 建 立 \fI系統帳號\fR 。
+的  UID 會 比 定 義 在 系 統 檔 上 /etc/login.defs.
+的 UID_MIN 來 的 � 。 注 � useradd 此 用 法 所 建
+立  的 帳 號 � 會 建 立 使 用 者 目 錄 ， 也 � 會
+在 乎 紀 錄 在 /etc/login.defs. 的 定 義 值  。  如
+果  你 想 � 有 使 用 者 目 錄 須 � 外 指 定 \-m �
+數 來 建 立 系 統 帳 號 。 這 是 RED HAT �  外  增
+設 的 � 項 。
+它 會 自 動 幫 你 � 定 一 個 � 於 999 的 \fIgif\fR
+� 需 � � 加 上 \fB\-g\fR � 數 。
+.br
+這 是 RED HAT �  外  增 設 的 � 項 。
+
+.br
+這 是 RED HAT �  外  增 設 的 � 項 。
+.SH 檔案
+\fI/etc/group\fR \- 群 組 資 訊
+.br
+\fI/etc/gshadow\fR \- 群 組 資 訊 加 密
+.SH 相關文件
+.BR chfn (1),
+.BR chsh (1),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8),
+.BR passwd (1),
+.BR groupdel (8),
+.BR groupmod (8)
+.SH 作者
+Julianne Frances Haugh (jfh@tab.com)
diff --git a/man/zh_TW/man8/groupdel.8 b/man/zh_TW/man8/groupdel.8
new file mode 100644
index 0000000..ad79a2d
--- /dev/null
+++ b/man/zh_TW/man8/groupdel.8
@@ -0,0 +1,55 @@
+.\" $Id$
+.\" Copyright 1991 - 1993, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.TH GROUPDEL 8
+.SH �稱
+groupdel \- 刪除群組
+.SH 語法
+.B groupdel
+.I group
+.SH �述
+\fBgroupdel\fR 命令會修改系統帳號檔，會刪除所有已經存在的\fIgroup\fR.
+群組�須存在。
+.PP
+你須手動確�一下所有的檔案系統確�有沒有檔案還是沒修正群組�變�群組ID。
+.SH 警告
+如果有任何一個群組的使用者在線上的話就�能移除該群組。
+最好先移除使用者後�移除群組。
+.SH 檔案
+\fI/etc/group\fR \- 群組資訊
+\fI/etc/gshadow\fR \- 群組資訊加密
+.SH 相關文件
+.BR chfn (1),
+.BR chsh (1),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8),
+.BR passwd (1),
+.BR groupadd (8),
+.BR groupmod (8)
+.SH 作者
+Julianne Frances Haugh (jfh@tab.com)
diff --git a/man/zh_TW/man8/groupmod.8 b/man/zh_TW/man8/groupmod.8
new file mode 100644
index 0000000..2c1dae7
--- /dev/null
+++ b/man/zh_TW/man8/groupmod.8
@@ -0,0 +1,63 @@
+.\" $Id$
+.\" Copyright 1991, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.TH GROUPMOD 8
+.SH �稱
+groupmod \- 修 改 群 組
+.SH 語法
+\fBgroupmod\fR [\fB\-g\fR \fIgid \fR[\fB\-o\fR]] [\fB\-n\fR \fIgroup_name \fR] \fIgroup\fR
+.SH �述
+
+\fBgroupmod\fR 命 令 會 � 照 你 命 令 列 上 指 定 的 部 份 
+修 改 系 統 帳 號 檔 。 下 列 為 \fIgroupmod\fR � � 用 的 � 數 。
+
+.IP "\fB\-g\fR \fIgid\fR"
+群 組 I D 值 。
+必 須 為 唯 一 的 ID 值 ， 除 � 用 \-o � 項 。
+數 字 � � 為 負 值。� 設 為 最
+� � 得 � 於 999 而 � 次 增 加 。 0~ 499 傳 統 上
+是 � 留 給 系 統 帳 號 使 用 。
+如 果 有 檔 案 使 用 舊 的 群 組 ID ， 而 這 時 候 你 新 增 的 群 組 ID
+� 好 與 舊 的 相 � ， 這 樣 的 話
+你 � 手 動 改 一 下 這 些 檔 案 的 群 組 ID 。
+.IP "\fB\-n\fR \fIgroup_name\fR"
+更 改 群 組 � 。
+.SH 檔案
+\fI/etc/group\fR \- 群 組 資 訊 
+.br
+\fI/etc/gshadow\fR \- 群 組 資 訊 加 密
+.SH 相關文件
+.BR chfn (1),
+.BR chsh (1),
+.BR useradd (8),
+.BR userdel (8),
+.BR usermod (8),
+.BR passwd (1),
+.BR groupadd (8),
+.BR groupdel (8)
+.SH 作者
+Julianne Frances Haugh (jfh@tab.com)
diff --git a/man/zh_TW/man8/useradd.8 b/man/zh_TW/man8/useradd.8
new file mode 100644
index 0000000..a0bfd0b
--- /dev/null
+++ b/man/zh_TW/man8/useradd.8
@@ -0,0 +1,184 @@
+.\" $Id$
+.\" Copyright 1991 \- 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.TH USERADD 8
+.SH � 稱
+useradd \- 帳 號 建 立 或 更 新 新 使 用 者 的 資 訊
+.SH 語 法
+.TP 8
+.B useradd
+.\" .RB [ \-A
+.\" .RI { method | \fBDEFAULT\fR "},... ]"
+.RB [ \-c
+.IR comment ]
+.RB [ \-d
+.IR home_dir ]
+.br
+.RB [ \-e
+.IR expire_date ]
+.RB [ \-f
+.IR inactive_time ]
+.br
+.RB [ \-g
+.IR initial_group ]
+.RB [ \-G
+.IR group [,...]]
+.br
+.RB [ \-m " [" \-k
+.IR skeleton_dir ] " |" " " \-M ]
+.RB [ \-s
+.IR shell ]
+.br
+.RB [ \-u
+.IR uid " ["
+.BR \-o ]]
+.RB [ \-n ]
+.RB [ \-r ]
+.I login
+.TP 8
+\fBuseradd\fR \fB\-D\fR [\fB\-g\fR \fIdefault_group\fR] [\fB\-b\fR \fIdefault_home\fR]
+.br
+[\fB\-f\fR \fIdefault_inactive\fR] [\fB\-e\fR \fIdefault_expire_date\fR]
+.br
+[\fB\-s\fR \fIdefault_shell\fR]
+.SH � 述
+.SS 新 帳 號 建 立
+當 � 加 \fB\-D\fR � 數 , \fBuseradd\fR 指 令 使 用 命 令 列 來 指 定
+新 帳 號 的 設 定 值 and 使 用 系 統 上 的 � 設 值 .
+新 使 用 者 帳 號 將 產 生 一 些 系 統 檔 案 ， 使 用 者 目 錄 建 立 ，
+拷 備 起 始 檔 案 等
+， 這 些 � � 以 利 用 命 令列 � 項 指 定 。 此 版 本 為 Red Hat Linux � 供
+， � 幫 � 個 新 加 入 的 使 用 者 建 立 個 別 的 group , 毋 須 添 加 \fB\-n\fR
+� 項 。  
+\fBuseradd\fR � 使 用 的 � 項 為
+.IP "\fB\-c\fR \fIcomment\fR"
+新 帳 號 password 檔 的 說 明 欄 。 
+.IP "\fB\-d\fR \fIhome_dir\fR"
+新 帳 號 � 次 登 入 時 所 使 用 的 \fIhome_dir\fR 。 
+� 設 值 為 \fIdefault_home\fR 內 \fIlogin\fR � 稱 ， 並 當 � 登 入 時 目 錄 
+� 稱 。
+.IP "\fB\-e\fR \fIexpire_date\fR"
+帳 號 終 止 日 期 。 日 期 的 指 定 格 � 為 \fIMM/DD/YY\fR 。
+.IP "\fB\-f\fR \fIinactive_days\fR"
+帳 號 � 期 幾 日 後 永 久 � 權 。
+當 值 為 0 時 帳 號 則 立 刻 被 � 權 。
+而 當 值 為 \-1 時 則 關 閉 此 功\ 能 ， � 設 值 為 \-1
+.IP "\fB\-g\fR \fIinitial_group\fR"
+group � 稱 或 以 數 字 來 � 為 使 用 者 登 入 起 始 群 組 (group) 。
+群 組 � 須 為 � 有 存 在 的 � 稱 。
+群 組 數 字 也 須 為 � 有 存 在 的 群 組 。
+� 設 的 群 組 數 字 為 1 。
+.IP "\fB\-G\fR \fIgroup,[...]\fR"
+定 義 此 使 用 者 為 此 一 堆 groups 的 � 員 。
+� 個 群 組 使 用 "," � 格 開 來 ， � � 以 夾 雜 空 白 字 元 。
+ 群 組 � � \fB\-g\fR � 項 的 � 制 。
+定 義 值 為 使用 者 的 起 始 群 組 。
+.IP \fB\-m\fR
+使 用 者 目 錄 如 � 存 在 則 自 動 建 立 。
+如 使 用 \fB\-k\fR � 項 \fIskeleton_dir\fR 內 的 檔 案 將 複 製 至 使 用 者 目 
+錄 下 。
+然 而 在 \fI/etc/skel\fR 目 錄 下 的 檔 案 也 會 複 製 � 去 � 代 。
+任 何 在 \fIskeleton_dir\fR or \fI/etc/skel\fR 的 目 錄 也 相 � 會 在 使 用 者
+目 錄 下 一 一 建 立 。
+The \fB\-k\fR � \fB\-m\fR
+� 建 立 目 錄 以 � � 複 製 任 何 檔 案 為 � 設 值 。
+.IP \fB\-M\fR
+� 建 立 使 用 者 目 錄 ， � 使 \fI/etc/login.defs\fR 系 統 檔 設 定 � 建 
+立 使 用 者 目 錄 。
+.IP \fB\-n\fR
+� 設 值 使 用 者 群 組 與 使 用 者 � 稱 會 相 � 。 此 � 項 將 � 消 此 � 
+設 值 。
+.IP \fB\-r\fR
+此 � 數 是 用 來 建 立 系 統 帳 號 。 系 統 帳 號 的 UID 會 比 定 義 在 系
+統 檔 上 \fI/etc/login.defs\fR.
+的 UID_MIN 來 的 � 。 注 � \fBuseradd\fR 此 用 法 所 建 立 的 帳 號 � 會
+建 立 使 用 者 目 錄
+， 也 � 會 在 乎 紀 錄 在 \fI/etc/login.defs\fR. 的 定 義 值 。
+如 果 你 想 � 有 使 用 者 目 錄 須 � 外 指 定 \fB\-m\fR � 數 來 建 立 系 
+統 帳 號 。
+這 是 RED HAT � 外 增 設 的 � 項 。
+.IP "\fB\-s\fR \fIshell\fR"
+使 用 者 登 入 後 使 用 的 shell � 稱 。
+� 設 為 � 填 寫 ， 這 樣 系 統 會 幫 你 指 定 � 設 的 登 入 shell 。
+.IP "\fB\-u\fR \fIuid\fR"
+使 用 者 的 ID 值 。 必 須 為 唯 一 的 ID 值 ， 除 � 用 \fI\-o\fR � 項 。
+數 字 � � 為 負 值。� 設 為 最 � � 得 � 於 999 而 � 次 增 加 。
+0~ 999 傳 統 上 是 � 留 給 系 統 帳 號 使 用 。
+
+.SS 改 變 � 設 值
+當 \fB\-D\fR � 項 出 � 時 ， \fBuseradd\fR 秀 出 � 在 的 � 設 值 ， 或 是 藉 
+ç”±
+命 令 列 的 方 � 更 新 � 設 值 。
+� 用 � 項 為 ：
+.IP "\fB\-b\fR \fIdefault_home\fR"
+定 義 使 用 者 所 屬 目 錄 的 � 一 個 目 錄 。
+使 用 者 � 稱 會 附 加 在 \fIdefault_home\fR 後 �
+用 來 建 立 新 使 用 者 的 目 錄 。
+當 然 使 用 \fB\-d\fI 後 則 此 � 項 無 效 。
+.IP "\fB\-e\fR \fIdefault_expire_date\fR"
+使 用 者 帳 號 � 止 日 期 。
+.IP "\fB\-f\fR \fIdefault_inactive\fR"
+帳 號 � 期 幾 日 後 � 權 。
+.IP "\fB\-g\fR \fIdefault_group\fR"
+新 帳 號 起 始 群 組 � 或 ID 。
+群 組 � 須 為 � 有 存 在 的 � 稱 。
+群 組 I D 也 須 為 � 有 存 在 的 群 組 。
+.IP "\fB\-s\fR \fIdefault_shell\fR"
+使 用 者 登 入 後 使 用 的 shell � 稱 。
+往 後 新 加 入 的 帳 號 都 將 使 用 此 shell.
+.PP
+如 � 指 定 任 何 � 數 ， \fBuseradd\fR 顯 示 目 � � 設 的 值 。
+.SH 注 記 
+系 統 管 � 者 有 義 務 在 \fI/etc/skel\fR 目 錄 下 放 置 使 用 者 定 義 檔 。
+.br
+此 版 本 『useradd� 由 Red Hat 修 改 。
+.SH è­¦ å‘Š
+� � 新 增 使 用 者 於 NIS 群 組 中 。
+你 必 須 在 NIS 伺 � 器 上 執 行 。
+.SH 檔 案
+\fI/etc/passwd\fR \- 使 用 者 帳 號 資 訊
+.br
+\fI/etc/shadow\fR \- 使 用 者 帳 號 資 訊 加 密
+.br
+\fI/etc/group\fR \- 群 組 資 訊
+.br
+\fI/etc/default/useradd\fR \- 定 義 資 訊
+.br
+\fI/etc/login.defs\fR \- 系 統 廣 義 設 定
+.br
+\fI/etc/skel/\fR \- 內 � 定 義 檔 的 目 錄
+.SH SEE ALSO
+.BR chfn (1),
+.BR chsh (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR passwd (1),
+.BR userdel (8),
+.BR usermod (8)
+.SH AUTHOR
+Julianne Frances Haugh (jfh@tab.com)
diff --git a/man/zh_TW/man8/userdel.8 b/man/zh_TW/man8/userdel.8
new file mode 100644
index 0000000..1a255d5
--- /dev/null
+++ b/man/zh_TW/man8/userdel.8
@@ -0,0 +1,65 @@
+.\" $Id$
+.\" Copyright 1991 \- 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.TH USERDEL 8
+.SH �稱
+userdel \- 刪 除 使 用 者 帳 號 � 相 關 檔 案
+.SH 語法
+.B userdel
+[\fB\-r\fR]
+.I login
+.SH �述
+\fBuserdel\fR 命 令 修 改 系 統 帳 號 檔
+刪 除 所 有 \fIlogin\fR 會 � 考 的 部 份 。
+使 用 者 � 稱 必 須是 存 在 的 。
+.IP \fB\-r\fR
+使 用 者 目 錄 下 的 檔 案 一 並 移 除 。 在 其 他 � 置 上 的 檔
+案 也 將 一 一 找 出 並 刪 除 。
+.SH 檔案
+\fI/etc/passwd\fR \- 使 用 者 帳 號 資 料
+.br
+\fI/etc/shadow\fR \- 使 用 者 帳 號 資 訊 加 密
+.br
+\fI/etc/group\fR \- 群 組 資 訊
+.SH 警告
+\fBuserdel\fR � � 許 你 移 除 正 在線 上
+的 使 用 者 帳 號 。
+你 必 須 � 掉 此 帳 號 � 在 在 系 統 上 執 行 的 程 � � 能 進 行 帳 號
+刪 除 。
+� 能 在 NIS client 端 移 除 NIS 屬 性 的 � 西 。
+這 動 � 須 在 NIS server 端 上 執 行 。
+.SH SEE ALSO
+.BR chfn (1),
+.BR chsh (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR passwd (1),
+.BR useradd (8),
+.BR usermod (8)
+.SH 作者
+Julianne Frances Haugh (jfh@tab.com)
diff --git a/man/zh_TW/man8/usermod.8 b/man/zh_TW/man8/usermod.8
new file mode 100644
index 0000000..1c52785
--- /dev/null
+++ b/man/zh_TW/man8/usermod.8
@@ -0,0 +1,129 @@
+.\" $Id$
+.\" Copyright 1991 \- 1994, Julianne Frances Haugh
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.TH USERMOD 8
+.SH �稱
+usermod \- 修 改 使 用 者 帳 號
+.SH 語法
+.TP 8
+.B usermod
+.\" .RB [ \-A
+.\" .RI { method | \fBDEFAULT\fR "},... ]"
+.RB [ \-c
+.IR comment ]
+.RB [ \-d
+.IR home_dir " ["
+.BR \-m ]]
+.br
+.RB [ \-e
+.IR expire_date ]
+.RB [ \-f
+.IR inactive_time ]
+.br
+.RB [ \-g
+.IR initial_group ]
+.RB [ \-G
+.IR group [,...]]
+.br
+.RB [ \-l
+.IR login_name ]
+.RB [ \-s
+.IR shell ]
+.br
+.RB [ \-u
+.IR uid " ["
+.BR \-o ]]
+.I login
+.SH �述
+\fBusermod\fR 命 令 會 � 照 你 命 令 列 上 指 定 的 部 份 修 改 系 統 帳 
+號 檔 。 下 列 為 \fBusermod\fR � � 用 的 � 數 。
+
+.\" .IP "\fB\-A \fImethod\fR|\fBDEFAULT\fR"
+.\" The new value of the user's authentication method.
+.\" The authentication method is the name of a program which is responsible
+.\" for validating the user's identity.
+.\" The string \fBDEFAULT\fR may be used to change the user's authentication
+.\" method to the standard system password method.
+.IP "\fB\-c\fR \fIcomment\fR"
+更 新 使 用 者 帳 號 password 檔 中 的 注 解 欄
+， 一 般 是 使 用 \fBchfn\fR(1) 來 修 改 。
+.IP "\fB\-d\fR \fIhome_dir\fR"
+更 新 使 用 者 新 的 登 入 目 錄 。
+如 果 給 定 \fB\-m\fR � 項 ， 使 用 者 舊 目 錄 會 � 到 新 的 目 錄 去 
+，如 舊 目 錄 � 存 在 則 建 個 新 的 。
+.IP "\fB\-e\fR \fIexpire_date\fR"
+加 上 使 用 者 帳 號 � 止 日 期 。 日 期 格 � 為 \fIMM/DD/YY\fR.
+.IP "\fB\-f\fR \fIinactive_days\fR"
+帳 號 � 期 幾 日 後 永 久 � 權。當 值 為  0  時
+帳  號 則 立 刻 被 � 權 。 而 當 值 為 \-1 時 則 關閉此功\能
+。� 設 值 為 \-1。
+.IP "\fB\-g\fR \fIinitial_group\fR"
+更 新 使 用 者 新 的 起 始 登 入 群 組 。 群 組 � 須 已 存 在 
+。群 組 ID 必 須 � 照 既 有 的 的 群 組 。 群 組 ID � 設 值 為 1 。
+.IP "\fB\-G\fR \fIgroup,[...]\fR"
+定 義 使 用 者 為  一 堆 groups 的 � 員 。 �
+個 群 組 使 用 "," � 格 開 來 ， � � 以 夾 雜 空
+白 字 元 。 群 組 � � \-g � 項 的 � 制 。
+如 果 使 用 者 � 在 的 群 組 � � 此 列 ， 則 將 使 用 者 由 該 
+群 組 中 移 除 。
+.IP "\fB\-l\fR \fIlogin_name\fR"
+變 更 使 用 者 \fIlogin\fR 時 的 � 稱 為 \fIlogin_name\fR 。
+其 於 � 變 。 特 別 是 ， 使 用 者 目 錄 � 應 該 也 會 跟 著 更 動 � 新 
+的 登 入 � 。
+.IP "\fB\-s\fR \fIshell\fR"
+指 定 新 登 入 shell 。 如 此 欄 留 白 ， 系 統 將 � 用 系 統 � 設 shell 。
+.IP "\fB\-u\fR \fIuid\fR"
+使 用 者 ID 值 。必 須 為 唯 一 的 ID 值 ， 除 � 用 \fI\-o\fR � 項 。 數 
+字 � � 為 負 值。� 設 為 最 �  �  得 � 於 999 而 � 次 
+增 加 。 0~ 999 傳 統 上 是 � 留 給 系 統 帳 號 使 用 。
+使 用 者 目 錄 樹 下 所 有 的 檔 案 目 錄 其 user ID 會 自 動 改 變 。
+放 在 使 用 者 目 錄 外 的 檔 案 則 � 自 行 手 動 更 動 。
+.SH 警告
+\fBusermod\fR � � 許 你 改 變  正 在線 上 的 使 用 者 帳 號 � 稱 。
+當 usermod 用 來 改 變 user ID, 必 須 確 � 這 � user 沒 在 電 腦 上 執 
+行 任 何 程 �。
+你 需 手 動 更 改 使 用 者 的 crontab 檔 。
+也 需 手 動 更 改 使 用 者 的 at 工 作 檔 。
+採 用 NIS server 須 在 server 上 更 動 相 關 的 NIS 設 定 。
+
+.SH 檔案
+\fI/etc/passwd\fR \- 使 用 者 帳 號 資 訊
+.br
+\fI/etc/shadow\fR \- 使 用 者 帳 號 資 訊 加 密
+.br
+\fI/etc/group\fR \- 群 組 資 訊
+.SH 相關文件
+.BR chfn (1),
+.BR chsh (1),
+.BR groupadd (8),
+.BR groupdel (8),
+.BR groupmod (8),
+.BR passwd (1),
+.BR useradd (8),
+.BR userdel (8)
+.SH 作者
+Julianne Frances Haugh (jfh@tab.com)
diff --git a/po/LINGUAS b/po/LINGUAS
new file mode 100644
index 0000000..460ec38
--- /dev/null
+++ b/po/LINGUAS
@@ -0,0 +1,38 @@
+bs
+ca
+cs
+da
+de
+dz
+el
+es
+eu
+fi
+fr
+gl
+he
+hu
+id
+it
+ja
+kk
+km
+ko
+nb
+ne
+nl
+nn
+pl
+pt
+pt_BR
+ro
+ru
+sk
+sq
+sv
+tl
+tr
+uk
+vi
+zh_CN
+zh_TW
diff --git a/po/Makevars b/po/Makevars
new file mode 100644
index 0000000..c2b35f8
--- /dev/null
+++ b/po/Makevars
@@ -0,0 +1,31 @@
+# Makefile variables for PO directory in any package using GNU gettext.
+
+# Usually the message domain is the same as the package name.
+DOMAIN = $(PACKAGE)
+
+# These two variables depend on the location of this directory.
+subdir = po
+top_builddir = ..
+
+# These options get passed to xgettext.
+XGETTEXT_OPTIONS = --keyword=_ --keyword=N_ --no-location
+
+# This is the copyright holder that gets inserted into the header of the
+# $(DOMAIN).pot file.  Set this to the copyright holder of the surrounding
+# package.  (Note that the msgstr strings, extracted from the package's
+# sources, belong to the copyright holder of the package.)  Translators are
+# expected to transfer the copyright for their translations to this person
+# or entity, or to disclaim their copyright.  The empty string stands for
+# the public domain; in this case the translators are expected to disclaim
+# their copyright.
+COPYRIGHT_HOLDER = Free Software Foundation, Inc.
+
+# This is the list of locale categories, beyond LC_MESSAGES, for which the
+# message catalogs shall be used.  It is usually empty.
+EXTRA_LOCALE_CATEGORIES =
+
+MSGID_BUGS_ADDRESS = pkg-shadow-devel@lists.alioth.debian.org
+
+MSGMERGE += --previous
+MSGMERGE_UPDATE += --previous
+
diff --git a/po/POTFILES.in b/po/POTFILES.in
new file mode 100644
index 0000000..1758f49
--- /dev/null
+++ b/po/POTFILES.in
@@ -0,0 +1,116 @@
+# List of files which contain translatable strings.
+
+lib/commonio.c
+lib/encrypt.c
+lib/fields.c
+lib/fputsx.c
+lib/getdef.c
+lib/get_gid.c
+lib/getlong.c
+lib/get_uid.c
+lib/groupio.c
+lib/groupmem.c
+lib/gshadow.c
+lib/lockpw.c
+lib/nscd.c
+lib/port.c
+lib/pwauth.c
+lib/pwio.c
+lib/pwmem.c
+lib/selinux.c
+lib/semanage.c
+lib/sgetgrent.c
+lib/sgetpwent.c
+lib/sgetspent.c
+lib/sgroupio.c
+lib/shadow.c
+lib/shadowio.c
+lib/shadowmem.c
+lib/spawn.c
+lib/tcbfuncs.c
+lib/utent.c
+libmisc/addgrps.c
+libmisc/age.c
+libmisc/audit_help.c
+libmisc/basename.c
+libmisc/chkname.c
+libmisc/chowndir.c
+libmisc/chowntty.c
+libmisc/cleanup.c
+libmisc/cleanup_group.c
+libmisc/cleanup_user.c
+libmisc/console.c
+libmisc/copydir.c
+libmisc/entry.c
+libmisc/env.c
+libmisc/failure.c
+libmisc/find_new_gid.c
+libmisc/find_new_uid.c
+libmisc/getgr_nam_gid.c
+libmisc/getrange.c
+libmisc/hushed.c
+libmisc/isexpired.c
+libmisc/limits.c
+libmisc/list.c
+libmisc/log.c
+libmisc/loginprompt.c
+libmisc/mail.c
+libmisc/motd.c
+libmisc/myname.c
+libmisc/obscure.c
+libmisc/pam_pass.c
+libmisc/pwd2spwd.c
+libmisc/pwdcheck.c
+libmisc/pwd_init.c
+libmisc/remove_tree.c
+libmisc/rlogin.c
+libmisc/root_flag.c
+libmisc/salt.c
+libmisc/setugid.c
+libmisc/setupenv.c
+libmisc/shell.c
+libmisc/strtoday.c
+libmisc/sub.c
+libmisc/sulog.c
+libmisc/ttytype.c
+libmisc/tz.c
+libmisc/ulimit.c
+libmisc/utmp.c
+libmisc/valid.c
+libmisc/xgetXXbyYY.c
+libmisc/xmalloc.c
+libmisc/yesno.c
+src/chage.c
+src/chfn.c
+src/chgpasswd.c
+src/chpasswd.c
+src/chsh.c
+src/expiry.c
+src/faillog.c
+src/gpasswd.c
+src/groupadd.c
+src/groupdel.c
+src/groupmems.c
+src/groupmod.c
+src/groups.c
+src/grpck.c
+src/grpconv.c
+src/grpunconv.c
+src/id.c
+src/lastlog.c
+src/login.c
+src/login_nopam.c
+src/logoutd.c
+src/newgrp.c
+src/newusers.c
+src/passwd.c
+src/pwck.c
+src/pwconv.c
+src/pwunconv.c
+src/suauth.c
+src/su.c
+src/sulogin.c
+src/useradd.c
+src/userdel.c
+src/usermod.c
+src/vipw.c
diff --git a/po/bs.po b/po/bs.po
new file mode 100644
index 0000000..219fa70
--- /dev/null
+++ b/po/bs.po
@@ -0,0 +1,2419 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR Free Software Foundation, Inc.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2004-05-09 12:03+0100\n"
+"Last-Translator: Safir Šećerović <sapphire@linux.org.ba>\n"
+"Language-Team: Bosnian <lokal@lugbih.org>\n"
+"Language: bs\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
+"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Å ifra:"
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s's Å ifra: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: nepoznat �lan %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: nepoznat �lan %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: nepoznat �lan %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: nepoznat �lan %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: nepoznat �lan %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr ""
+
+msgid "Warning: too many groups\n"
+msgstr ""
+
+msgid "Your password has expired."
+msgstr "Vaša šifra je istekla."
+
+msgid "Your password is inactive."
+msgstr "Vaša šifra je neaktivna."
+
+msgid "Your login has expired."
+msgstr "Vaš ra�un je istekao."
+
+msgid "  Contact the system administrator."
+msgstr ""
+
+msgid "  Choose a new password."
+msgstr "  Izaberite novu Å¡ifru."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Vaša šifra isti�e za in %ld dana.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Vaša šifra isti�e sutra."
+
+msgid "Your password will expire today."
+msgstr "Vaša šifra isti�e danas."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: "
+msgstr ""
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr ""
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+msgstr[1] ""
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr ""
+
+msgid "Too many logins.\n"
+msgstr "Previše prijavljivanja.\n"
+
+msgid "You have new mail."
+msgstr "Imate novu poštu."
+
+msgid "No mail."
+msgstr "Nema pošte."
+
+msgid "You have mail."
+msgstr "Imate poštu."
+
+msgid "no change"
+msgstr ""
+
+msgid "a palindrome"
+msgstr ""
+
+msgid "case changes only"
+msgstr ""
+
+msgid "too similar"
+msgstr ""
+
+msgid "too simple"
+msgstr ""
+
+msgid "rotated"
+msgstr ""
+
+msgid "too short"
+msgstr ""
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Neispravna Å¡ifra: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr ""
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr ""
+
+#, fuzzy
+msgid "passwd: password unchanged\n"
+msgstr "Å ifra:"
+
+msgid "passwd: password updated successfully\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Mijenjam Å¡ifru za grupu %s\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr ""
+
+msgid "No directory, logging in with HOME=/"
+msgstr ""
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr ""
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr ""
+
+msgid "Unable to determine your tty name."
+msgstr ""
+
+msgid "No"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+
+msgid "Minimum Password Age"
+msgstr "Minimalna trajnost Å¡ifre"
+
+msgid "Maximum Password Age"
+msgstr "Maskimalna trajnost Å¡ifre"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr ""
+
+msgid "Password Expiration Warning"
+msgstr "Upozorenje o isteku Å¡ifre"
+
+msgid "Password Inactive"
+msgstr "Å ifra neaktivna"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Datum isteka ra�una (GGGG-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr ""
+
+#, fuzzy
+msgid "never"
+msgstr "Nikad"
+
+msgid "password must be changed"
+msgstr ""
+
+#, fuzzy
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Å ifra:"
+
+#, fuzzy
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Å ifra neaktivna"
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr ""
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: PAM: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: Pokušajte ponovo kasnije\n"
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: nepoznat �lan %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Puno ime i prezime"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr ""
+
+msgid "Room Number"
+msgstr "Broj sobe"
+
+msgid "Work Phone"
+msgstr "Poslovni telefon"
+
+msgid "Home Phone"
+msgstr "Kućni telefon"
+
+msgid "Other"
+msgstr "Ostalo"
+
+msgid "Cannot change ID to root.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: grupa %s postoji\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr ""
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: grupa %s postoji\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr ""
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr ""
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr ""
+
+#, c-format
+msgid " [%lus left]"
+msgstr ""
+
+#, c-format
+msgid " [%lds lock]"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Nepoznat korisnik: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+
+msgid "The options cannot be combined.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Mijenjam Å¡ifru za grupu %s\n"
+
+msgid "New Password: "
+msgstr "Nova Å¡ifra:"
+
+msgid "Re-enter new password: "
+msgstr "Ponovo unesite novu Å¡ifru:"
+
+msgid "They don't match; try again"
+msgstr "One se ne slažu; pokušajte ponovo"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Pokušajte ponovo kasnije\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Dodajem korisnika %s grupi %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Uklanjam korisnika %s iz grupe %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: nepoznat �lan %s\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr ""
+
+msgid "invalid group file entry"
+msgstr ""
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr ""
+
+#, fuzzy
+msgid "duplicate group entry"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr ""
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr ""
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr ""
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr ""
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr ""
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr ""
+
+msgid "duplicate shadow group entry"
+msgstr ""
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr ""
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr ""
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: nepoznat �lan %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr ""
+
+msgid "Usage: id\n"
+msgstr ""
+
+msgid " groups="
+msgstr ""
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr ""
+
+msgid "Username                Port     Latest"
+msgstr ""
+
+msgid "**Never logged in**"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr ""
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr ""
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr ""
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s login: "
+msgstr ""
+
+msgid "login: "
+msgstr ""
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr ""
+
+msgid "login: abort requested by PAM\n"
+msgstr ""
+
+msgid "Login incorrect"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: nepoznat �lan %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr ""
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr ""
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr ""
+
+#, c-format
+msgid " from %.*s"
+msgstr ""
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+
+msgid "Usage: logoutd\n"
+msgstr ""
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr ""
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Stara Å¡ifra:"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: grupa %s postoji\n"
+
+msgid "too many groups\n"
+msgstr ""
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate group range\n"
+msgstr "nepoznata grupa: %s\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Stara Å¡ifra:"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+
+msgid "New password: "
+msgstr "Nova Å¡ifra:"
+
+msgid "Try again."
+msgstr "Pokušajte ponovo."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Upozorenje: slaba šifra (unesite je ponovo ako je ipak želite koristiti)."
+
+msgid "They don't match; try again.\n"
+msgstr "One se ne slažu; pokušajte ponovo\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "Mijenjam Å¡ifru za grupu %s\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: password changed.\n"
+msgstr "Å ifra:"
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Upozorenje o isteku Å¡ifre"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid password file entry"
+msgstr "Stara Å¡ifra:"
+
+msgid "duplicate password entry"
+msgstr ""
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Adding user %s to group %s\n"
+msgid "user '%s': no group %lu\n"
+msgstr "Dodajem korisnika %s grupi %s\n"
+
+#, fuzzy, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "no tcb directory for %s\n"
+msgstr "Mijenjam Å¡ifru za grupu %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr ""
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: nepoznat �lan %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr ""
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr ""
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr ""
+
+msgid "duplicate shadow password entry"
+msgstr ""
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr ""
+
+msgid "Password authentication bypassed.\n"
+msgstr ""
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: nepoznat �lan %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr ""
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr ""
+
+#, fuzzy
+msgid "(Enter your own password)"
+msgstr "Ponovo unesite novu Å¡ifru:"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr ""
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr ""
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "Cannot execute %s\n"
+msgstr "%s: nepoznat �lan %s\n"
+
+#, fuzzy
+msgid "No password file"
+msgstr "Nova Å¡ifra:"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr ""
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+
+msgid "Entering System Maintenance Mode"
+msgstr ""
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr ""
+
+msgid "Creating mailbox file"
+msgstr ""
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+
+msgid "Setting mailbox file permissions"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: nepoznat �lan %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr ""
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: grupa %s postoji\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: unknown member %s\n"
+msgid "%s: no options\n"
+msgstr "%s: nepoznat �lan %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr ""
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr ""
+
+msgid "failed to change mailbox owner"
+msgstr ""
+
+msgid "failed to rename mailbox"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "Å ifra:"
+
+msgid "failed to create scratch directory"
+msgstr ""
+
+msgid "failed to drop privileges"
+msgstr ""
+
+msgid "Couldn't get file context"
+msgstr ""
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+msgid "failed to gain privileges"
+msgstr ""
+
+msgid "Couldn't lock file"
+msgstr ""
+
+msgid "Couldn't make backup"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s: %s\n"
+msgstr "nepoznata grupa: %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr ""
+
+msgid "failed to unlink scratch file"
+msgstr ""
+
+msgid "failed to stat edited file"
+msgstr ""
+
+msgid "failed to allocate memory"
+msgstr ""
+
+msgid "failed to create backup file"
+msgstr ""
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr ""
+
+#, fuzzy
+#~ msgid "Password set to expire."
+#~ msgstr "Vaša šifra je istekla."
+
+#, fuzzy
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "Broj sobe"
+
+#, fuzzy
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "Poslovni telefon"
+
+#, fuzzy
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "Kućni telefon"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "nepoznata grupa: %s\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Nepoznat korisnik: %s\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "nepoznata grupa: %s\n"
+
+#, fuzzy
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: nepoznat �lan %s\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Nova Å¡ifra:"
+
+#~ msgid "Sorry."
+#~ msgstr "Žalim."
diff --git a/po/ca.po b/po/ca.po
new file mode 100644
index 0000000..064a62f
--- /dev/null
+++ b/po/ca.po
@@ -0,0 +1,3722 @@
+# Shadow Catalan translation.
+# Guillem Jover <guillem@debian.org>, 2004, 2005, 2006.
+# Innocent De Marchi <tangram.peces@gmail.com>, 2011-2012
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2012-01-22 18:25+0100\n"
+"Last-Translator: Innocent De Marchi <tangram.peces@gmail.com>\n"
+"Language-Team: Catalan <debian-l10n-catalan@lists.debian.org>\n"
+"Language: ca\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=n!=1;\n"
+"X-Poedit-Language: Catalan\n"
+"X-Poedit-Country: SPAIN\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Diverses entrades de nom «%s» a %s. Corregiu això amb «pwck» o «grpck».\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "el mètode «crypt» no és compatible amb «libcrypt»? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "error en la configuració - no és possible analitzar el valor %s: «%s»"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "No s'ha pogut reservar espai per a la informació de configuració.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"error de configuració - element «%s» desconegut (notifiqueu-ho a "
+"l'administrador)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd no ha acabat correctament (senyal %d)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: «nscd» ha sortit amb l'estat %d"
+
+msgid "Password: "
+msgstr "Contrasenya: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Contrasenya de l'usuari %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "No es pot generar l'identificador de gestió SELinux\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "No és possible gestionar la directiva SELinux\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "No es pot llegir el magatzem de directives de SELinux\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "No es pot establir la connexió de gestió SELinux\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "No es pot iniciar la transacció SELinux\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "No es pot consultar el «seuser» per a %s\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "No s'ha pogut definir el «serange» per a %s\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "No es pot establir «sename» per a %s.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "No es pot modificar el mapatge d'inici de sessió per a %s\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "No es pot generar el mapatge d'inici de sessió SELinux per a %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "No s'ha pogut establir el nom per a %s\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "No s'ha pogut establir l'usuari SELinux per a %s\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "No s'ha pogut afegir l'assignació de connexió per a  %s\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "No es pot iniciar el gestor SELinux\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "No es pot generar la clau SELinux de l'usuari.\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "No es pot verificar l'usuari de SELinux\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "No es pot modificar l'assignació d'usuaris de SELinux\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "No es pot afegir l'assignació de l'usuari de SELinux\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "No es pot validar la transacció SELinux\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"L'assignació d'inici de sessió per a %s no està definida, seleccionau «OK» "
+"si s'utilitzava l'assignació per defecte\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+"L'assignació d'inici de sessió per a %s està definida a la directiva de "
+"seguretat, no és possible eliminar-la\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "No es pot eliminar el mapatge d'inici de sessió per a %s"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: s'ha exhaurit la memòria\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: no es pot generar el fitxer %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s:  %s no és ni un directori ni un enllaç simbòlic.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: no es pot llegir l'enllaç simbòlic %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: enllaç simbòlic sospitosament llarg:  %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: no es pot crear el directori %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: no es pot canviar el propietari de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: no es pot canviar el mode de %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: desvincular: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: no es pot eliminar el directori %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: no es pot reanomenar  %s a %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: no es pot eliminar %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: no es pot generar l'enllaç simbòlic %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: no es pot canviar els propietaris de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: no es pot «lstat» %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: advertència, els usuaris %s no tenen el fitxer «tcb shadow».\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: emergència: el fitxer «tcb sahdow» %s no és un fitxer regular amb "
+"st_nlink=1.\n"
+"El compte queda bloquejat.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: reanomena: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: no es pot obrir el fitxer %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Avís: el grup %s és desconegut\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Avís: hi ha massa grups\n"
+
+msgid "Your password has expired."
+msgstr "La vostra contrasenya ha caducat."
+
+msgid "Your password is inactive."
+msgstr "La vostra contrasenya està inactiva."
+
+msgid "Your login has expired."
+msgstr "El vostre accés ha caducat."
+
+msgid "  Contact the system administrator."
+msgstr "  Contacteu amb l'administrador del sistema."
+
+msgid "  Choose a new password."
+msgstr "  Escolliu una nova contrasenya."
+
+msgid "You must change your password."
+msgstr "Ha de canviar la contrasenya."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "La vostra contrasenya caduca en %ld dies.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "La vostra contrasenya caduca demà."
+
+msgid "Your password will expire today."
+msgstr "La vostra contrasenya caduca avui."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "No es pot obrir la interfície d'auditoria - cancel·lant.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr ""
+"No es pot canviar el propietari o la manera d'entrada estàndard de «tty»: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: ha fallat el desbloqueig de %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Desbordament d'entorn\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "No podeu canviar $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"S'ha produït %d fallada des de l'últim accés.\n"
+"L'últim va ser %s en %s.\n"
+msgstr[1] ""
+"S'han produït %d fallades des de l'últim accés.\n"
+"L'últim va ser %s en %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Configuració incorrecta: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Configuració incorrecta: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: no es pot assignar memòria: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: no es pot obtenir un GID de sistema únic (no hi ha més GID disponibles)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: no es pot obtenir un GID únic (no hi ha més GID disponibles)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Configuració incorrecta: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Configuració incorrecta: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: no es pot obtenir un UID únic (no hi ha més UID disponibles)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: no es pot obtenir un GID únic (no hi ha més GID disponibles)\n"
+
+msgid "Too many logins.\n"
+msgstr "Massa entrades.\n"
+
+msgid "You have new mail."
+msgstr "Teniu correu nou."
+
+msgid "No mail."
+msgstr "No hi ha correu."
+
+msgid "You have mail."
+msgstr "Teniu correu."
+
+msgid "no change"
+msgstr "no hi ha canvis"
+
+msgid "a palindrome"
+msgstr "un palíndrom"
+
+msgid "case changes only"
+msgstr "només canvis de majúscules/minúscules"
+
+msgid "too similar"
+msgstr "massa similar"
+
+msgid "too simple"
+msgstr "massa senzilla"
+
+msgid "rotated"
+msgstr "rotada"
+
+msgid "too short"
+msgstr "massa curta"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "La contrasenya és incorrecta: %s."
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() ha fallat, error %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: contrasenya sense canvis\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: s'ha actualitzat la contrasenya satisfactòriament\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "La contrasenya és incorrecta per a «%s».\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: múltiples opcions «--root»\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: l'opció '%s' requereix un argument\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: ha fallat la rebaixa de privilegis (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: camí «chroot» incorrecta  «%s»\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: no es pot accedir al directori «chroot» %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot access chroot directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: no es pot accedir al directori «chroot» %s: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: no es pot executar «chroot» en el directori %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Valor incorrecta d'ENCRYPT_METHOD: «%s».\n"
+"Valor per defecte a DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "No es pot canviar al directori «%s»\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "No hi ha directori, s'està iniciant sessió amb HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "No es pot executar %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "El directori arrel «%s» no és vàlid\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "No es pot canviar el directori arrel a «%s»\n"
+
+msgid "Unable to determine your tty name."
+msgstr "No s'ha pogut determinar el nom del vostre tty."
+
+msgid "No"
+msgstr "No"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] USUARI\n"
+"\n"
+"Opcions:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+"  -d, --lastday ÚLTIM_DIA       estableix la data de l'últim canvi de "
+"contrasenya\n"
+"                                a ÚLTIM_DIA\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -E, --expiredate DATA_EXPIRACIÓ\n"
+"                                estableix la data de caducitat del\n"
+"                                compte a DATA_EXPIRACIÓ\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr "  -h, --help                    mostra aquesta ajuda i acaba\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive INACTIVA        estableix la contrasenya com inactiva "
+"després\n"
+"                                de INACTIVA dies de caducitat \n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+"  -l, --list                    mostra informació d'envelliment del compte\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays DIES_M�N        estableix el número mínim de dies abans\n"
+"                                del canvi de contrasenya a DIES_M�N\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays DIES_MÀX        estableix el número màxim de dies abans\n"
+"                                del canvi de contrasenya a DIES_MÀX\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+"  -R, --root CHROOT_DIR         fes «chroot» en el directori CHROOT_DIR \n"
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -W, --warndays DIES_AV�S      estableix els dies d'avís de caducitat\n"
+"                                a DIES_AV�S\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Introduïu el nou valor, o premeu INTRO per al predeterminat"
+
+msgid "Minimum Password Age"
+msgstr "Duració mínima de la contrasenya"
+
+msgid "Maximum Password Age"
+msgstr "Duració màxima de la contrasenya"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Últim canvi de contrasenya (AAAA-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Avís de caducitat de la contrasenya"
+
+msgid "Password Inactive"
+msgstr "Contrasenya inactiva"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Data de caducitat per al compte (AAAA-MM-YY)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Últim canvi de contrasenya\t\t\t\t: "
+
+msgid "never"
+msgstr "mai"
+
+msgid "password must be changed"
+msgstr "s'ha de canviar la contrasenya"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "La contrasenya caduca\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Contrasenya inactiva\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "El compte caduca\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Número mínim de dies entre canvis de contrasenya\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Número màxim de dies entre canvis de contrasenya\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Número de dies d'avís abans que la contrasenya caduqui\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: la data «%s» no és vàlida\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: l'argument numèric «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: no inclogueu «l» amb altres assenyaladors\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: S'ha denegat el permís.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: No es pot determinar el seu nom d'usuari.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: no es pot blocar %s, intenteu-ho més tard\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: no es pot obrir el fitxer %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: fallada en escriure els canvis a: %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: ha fallat la preparació de la nova entrada %s: «%s»\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: el fitxer de contrasenyes ombra no és present\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: l'usuari «%s» no existeix a %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "S'està canviant la informació de caducitat per a %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: s'ha produït un error en canviar els camps\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] [LOGIN]\n"
+"\n"
+"Opcions:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr "  -f, --full-name FULL_NAME     canviar el nom complet de l'usuari\n"
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+"  -h, --home-phone HOME_PHONE   canvia el número de telèfon domestic de "
+"l'usuari\n"
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+"  -o, --other OTHER_INFO        canvia altres informacions «GECOS» de "
+"l'usuari\n"
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+"  -r, --room ROOM_NUMBER        canviar el número d'espai de l'usuari\n"
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+"  -u, --help                    mostra aquest missatge d'ajuda i surt\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+"  -w, --work-phone WORK_PHONE   canvia el número de telèfon del treball de "
+"l'usuari\n"
+
+msgid "Full Name"
+msgstr "Nom complet"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Número d'espai"
+
+msgid "Work Phone"
+msgstr "Telèfon de la feina"
+
+msgid "Home Phone"
+msgstr "Telèfon de casa"
+
+msgid "Other"
+msgstr "Altre"
+
+msgid "Cannot change ID to root.\n"
+msgstr "No es pot canviar l'ID al de root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: nom amb caràcters que no són ASCII: «%s»\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: el nom no és vàlid: «%s»\n"
+
+# traducció dubtosa
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: número d'habitació amb caràcters que no són ASCII: «%s»\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: el número d'habitació no és vàlid: «%s»\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: el telèfon de la feina no és vàlid: «%s»\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: el telèfon de casa no és vàlid: «%s»\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: «%s» conté caràcters que no són ASCII\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: «%s» conté caràcters no permesos\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: l'usuari «%s» no existeix\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: no s'ha pogut canviar l'usuari «%s» al client NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: «%s» és el mestre NIS per a aquest client.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "S'està canviant la informació d'usuari per a %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: els camps són massa llargs\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions]\n"
+"\n"
+"Opcions:\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method METHOD     el mètode de xifratge (un de %s)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+"  -e, --encrypted               les contrasenyes subministrades són "
+"xifrades\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     encriptar la contrasenya en text clar amb\n"
+"                                l'algorisme MD5\n"
+
+# traducció dubtosa
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+" -s, --sha-rounds              nombre de passos SHA pel\n"
+"                                algorisme de xifratge SHA*\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: el senyalador %s només és permet amb el senyalador %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: els senyaladors -c, -e, i -m són exclusius\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s:  mètode de xifratge no està implementat: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: línia %d: la línia és massa llarga\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: línia %d: manca la nova contrasenya\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: Error en escriure %s: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: línia %d: el grup «%s» no existeix\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: línia %d: ha fallat la preparació de la nova entrada %s: «%s»\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: s'ha detectat un error, els canvis s'han ignorat\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (línia %d, usuari %s) contrasenya sense canviar\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: línia %d: l'usuari «%s» no existeix\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+"  -s, --shell INTÈRPRET         nou intèrpret d'accés per al compte "
+"d'usuari\n"
+
+msgid "Login Shell"
+msgstr "Intèrpret d'accés"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "No podeu canviar l'intèrpret («shell») per a «%s».\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "S'està canviant l'intèrpret d'accés per a %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: L'entrada no és vàlida: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s no és un intèrpret («shell») vàlid.\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Advertència: %s no existeix\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Advertència: %s no és executable\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+"  -c, --check                   comprova la caducitat de la contrasenya de "
+"l'usuari\n"
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+"  -f, --force                   força el canvi de la contrasenya de "
+"l'usuari\n"
+"                                si ha caducat\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: opcions %s i %s conflictes\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: no s'esperava l'argument: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+"  -a, --all                     mostra els registres «faillog» per a tots "
+"els usuaris\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-secs SEC           després d'una identificació fallida, "
+"bloqueja el compte durant SEC segons\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum MAX             estableix el nombre màxim d'identificacions "
+"fallides a MAX\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+"  -r, --reset                   restableix els comptadors d'errors "
+"d'identificació\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time DAYS               mostra els registres «faillog» de menys de "
+"DAYS dies\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user LOGIN/RANGE        mostra el registre «faillog» o manté els "
+"comptadors\n"
+"                                de fallides i els límits (si s'utilitza amb  "
+"-r, -m,\n"
+"                                o -i) només per l'identificador/s LOGIN "
+"especificats\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: No s'ha pogut obtenir l'entrada de la UID %lu\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Usuari      Fallades Màxim   Últim                    A\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus restants]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [blocat %lds]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr ""
+"%s: Ha fallat el restabliment del recompte de fallades per a l'UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: S'ha produït un error en establir el màxim per a l'UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Errada en establir «locktime» per a l'UID  %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Usuari o rang desconegut: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: No es pot obtenir la mida de %s: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Error en escriure %s: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] GRUP\n"
+"\n"
+"Opcions:\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add USER                afegir USER al GROUP\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete USER             elimina USER del GROUP\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+"  -Q, --root CHROOT_DIR        fes «chroot» en el directori CHROOT_DIR\n"
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+"  -r, --remove-password         elimina la contrasenya del grup GROUP\n"
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+"  -R, --restrict                restringeix l'accés als membres del grup "
+"GROUP\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+"  -M, --members USER,...        estableix el llistat de membres del grup "
+"GROUP\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators ADMIN,...\n"
+"                                estableix la llista d'administradors del "
+"grup GROUP\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+"Amb l'excepció de les opcions «-A» i «-M», no és possible combinar opcions.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "No es pot combinar opcions.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: es requereixen contrasenyes ombra de grups per a «-A»\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: el grup «%s» no existeix a %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: Error durant el tancament (en mode de lectura) de %s\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "S'està canviant la contrasenya per al grup %s\n"
+
+msgid "New Password: "
+msgstr "Nova contrasenya: "
+
+msgid "Re-enter new password: "
+msgstr "Tornau a escriure la nova contrasenya: "
+
+msgid "They don't match; try again"
+msgstr "No coincideixen; intenteu-ho de nou."
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Intenteu-ho de nou més tard.\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "S'està afegint l'usuari %s al grup %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "S'està eliminant l'usuari %s del grup %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: l'usuari «%s» no és membre de %s\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: No és un tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] GRUP\n"
+"\n"
+"Opcions:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force                   sortir correctament si el grup ja existeix,\n"
+"                                i calcel·lar «-g» si ja s'utilitza el GID\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr "  -g, --gid GID                 fes servir GID pel nou grup\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+"  -K, --key KEY=VALUE           substitueix els valors predeterminats de «/"
+"etc/login.defs»\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              permet crear grups amb duplicats\n"
+"                                (no únics) GID\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+"  -p, --password PASSWORD       fes servir aquesta contrasenya xifrada pel "
+"nou grup\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  genera un compte del sistema\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: «%s» no és un nom de grup vàlid\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: l'ID de grup «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: «-K» requereix CLAU=VALOR\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: el grup «%s» ja existeix\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: el GID '%lu ja existeix\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: no es pot configurar el servei de neteja.\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -r, --reset                   reset the counters of login failures\n"
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+"  -r, --reset                   restableix els comptadors d'errors "
+"d'identificació\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: no es pot eliminar l'entrada «%s» de %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: no es pot eliminar el grup primari de l'usuari «%s»\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: el grup «%s» no existeix\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: el grup «%s» és un grup NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s és el mestre NIS\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: l'usuari «%s» és membre de %s\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: s'ha exhaurit la memòria. No es pot actualitzar %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] [acció]\n"
+"\n"
+"Opcions:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group groupname         canvia el nom de grup en lloc del grup de "
+"l'usuari\n"
+"                                (només «root»)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Accions:\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+"  -a, --add username            afegeix el nom d'usuari als membres del "
+"grup\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+"  -d, --delete username         elimina el nom d'usuari dels membres del "
+"grup\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr "  -p, --purge                   elimina tots els membres del grup\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    llista els membres del grup\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: el seu nom de grup no concorda amb el seu nom d'usuari\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s:només l'usuari «root» pot fer servir l'opció -g/--group\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr "  -g, --gid GID                 canvia l'ID del grup per GID\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr "  -n, --new-name NEW_GROUP      canvia el nom del grup per NEW_GROUP\n"
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              permet utilitzar un duplicat (no únics) GID\n"
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+"  -p, --password PASSWORD       canvia la contrasenya per aquesta (xifrada)\n"
+"                                PASSWORD\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: el nom de grup «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: el grup %s no és un grup NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: usuari %s desconegut\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] [grup [grup_ombra]]\n"
+"\n"
+"Opcions:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] [grup]\n"
+"\n"
+"Opcions:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+"  -r, --read-only               visualitza els errors i avisos\n"
+"                                però sense canviar els fitxers\n"
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr "  -s, --sort                    ordena les entrades per UID\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: «-s» i «-r» són incompatibles\n"
+
+msgid "invalid group file entry"
+msgstr "l'entrada del fitxer de grup no és vàlida"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "voleu eliminar la línia «%s»? "
+
+msgid "duplicate group entry"
+msgstr "l'entrada de grup està duplicada"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "el nom de grup «%s» no és vàlid\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "el nom de grup «%lu» no és vàlid\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grup %s: no existeix l'usuari %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "voleu eliminar el membre «%s»? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "no hi ha cap entrada coincident al fitxer de grup en %s\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "voleu afegir el grup «%s» a %s?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"el grup %s té una entrada a  %s, però el seu camp de contrasenya a %s no "
+"està establert a «x»\n"
+
+msgid "invalid shadow group file entry"
+msgstr "l'entrada del fitxer de grup ombra no és vàlida"
+
+msgid "duplicate shadow group entry"
+msgstr "entrada de grup ombra duplicada"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "grup ombra %s: no existeix l'usuari administratiu %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "voleu eliminar el membre administratiu «%s»? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "grup ombra %s: no existeix l'usuari %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: el fitxer s'ha actualitzat\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: no hi ha canvis\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: no es pot eliminar %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Forma d'ús: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Forma d'ús: id\n"
+
+msgid " groups="
+msgstr " grups="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+"  -b, --before DIES             mostra només els registres de lastlog més\n"
+"                                antics que DIES\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+"  -a, --all                     mostra els registres «faillog» per a tots "
+"els usuaris\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+"  -a, --all                     mostra els registres «faillog» per a tots "
+"els usuaris\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time DIES               mostra només els registres de lastlog més\n"
+"                                recents que DIES\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+"  -u, --user USUARI              mostra el registre de lastlog de l'USUARI\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "Usuari           Port     Des de           Últim"
+
+msgid "Username                Port     Latest"
+msgstr "Usuari                  Port     Últim"
+
+msgid "**Never logged in**"
+msgstr "**No ha entrat mai**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: No s'ha pogut obtenir l'entrada de la UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: no es pot actualitzar el fitxer de contrasenyes\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Forma d'ús: %s [-p] [nom]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h ordinador] [-f nom]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r ordinador\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "error de configuració - no es pot analitzar el valor %s:  '%d'"
+
+msgid "Invalid login time"
+msgstr "El temps d'accés no és vàlid"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistema tancat per a manteniment rutinari"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[S'ha evitat la desconnexió -- l'accés de «root» està permès]."
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: no es pot treballar sense ésser administrador\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"No hi ha entrada utmp. Heu d'executar «login» des del «sh» de nivell més baix"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"L'accés ha caducat després de %u segons.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: fallada de PAM, s'està cancel·lant: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s usuari: "
+
+msgid "login: "
+msgstr "usuari: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "S'ha excedit el nombre màxim d'intents (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "accés: cancel·lat a petició del PAM\n"
+
+msgid "Login incorrect"
+msgstr "Accés incorrecta"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "No es pot trobar l'usuari (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s usuari: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: fallada al fer fork: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY ha fallat a %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Avís: accés reactivat després d'un bloqueig temporal."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Últim accés: %s a %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Última accés: %.19s a %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " des de %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"temps d'accés excedit\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Forma d'ús: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Forma d'ús: newgrp [-] [grup]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Forma d'ús: sg grup [[-c] ordre]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: Error en escriure %s: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Contrasenya no vàlida.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: fallada al fer fork: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: el GID »%lu« no existeix\n"
+
+msgid "too many groups\n"
+msgstr "hi ha massa grups\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  genera els comptes del sistema\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: el grup «%s» és un grup «shadow», però no existeix a /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: l'ID d'usuari «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: el nom d'usuari «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: línia %d: la línia no és vàlida\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: no es pot actualitzar l'entrada per a l'usuari %s (no apareix a la base "
+"de dades de contrasenyes)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: línia %d: no es pot generar l'usuari\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: línia %d: no es pot generar el grup\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: line %d: l'usuari «%s» no existeix a %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: línia %d: no es pot actualitzar la contrasenya\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr ""
+"%s: línia %d: no s'ha pogut generar el directori «%s» (ordre mkdir): %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr ""
+"%s: línia %d: no s'ha pogut canviar el propietari (ordre «chown»)  %s: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: línia %d: no es pot actualitzar l'entrada\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: ha fallat la preparació de la nova entrada %s: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: no es pot generar l'usuari\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: no es pot actualitzar el fitxer de grups\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+"  -a, --all                     informa de l'estat de la contrasenya\n"
+"                                per a tots els comptes\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+"  -d, --delete                  esborra la contrasenya per al compte\n"
+"                                anomenat\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  força la caducitat de la contrasenya per\n"
+"                                al compte anomenat\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+"  -k, --keep-tokens             canvia la contrasenya només si ha caducat\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive INACTIU        estableix la contrasenya a inactiva després\n"
+"                                 d'INACTIU dies de caducitat\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr "  -l, --lock                    bloca el compte anomenat\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays DIES_M�N        estableix els dies mínims abans del canvi\n"
+"                                de contrasenya a DIES_M�N\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   mode silenciós\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr "  -r, --repository DIPÃ’SIT   canvia la contrasenya en el DIPÃ’SIT\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+"  -S, --status                  informa de l'estat de la contrasenya per\n"
+"                                al compte anomenat\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr "  -u, --unlock                  desbloca el compte anomenat\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -w, --warndays DIES_AV�S      estableix els dies d'avís de caducitat\n"
+"                                a DIES_AV�S\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays DIES_MÀX        estableix els dies màxims abans del canvi\n"
+"                                de contrasenya a DIES_MÀX\n"
+
+msgid "Old password: "
+msgstr "Contrasenya antiga: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduïu la nova contrasenya (un mínim de %d caràcters)\n"
+"Feu servir una combinació de lletres majúscules i minúscules i números.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduïu la nova contrasenya (un mínim de %d i un màxim de %d caràcters)\n"
+"Feu servir una combinació de lletres majúscules i minúscules i\n"
+"números.\n"
+
+msgid "New password: "
+msgstr "Contrasenya nova:"
+
+msgid "Try again."
+msgstr "Intenteu-ho de nou."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Avís: contrasenya feble (introduïu-la de nou per fer-la servir igualment)."
+
+msgid "They don't match; try again.\n"
+msgstr "No coincideixen; intenteu-ho de nou.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "No es pot canviar la contrasenya de %s.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Encara no es pot canviar la contrasenya de %s.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: el desbloqueig de la contrasenya deixarà el compte sense contrasenya.\n"
+"Heu d'establir una contrasenya amb «usermod-p» per desblocar la contrasenya "
+"d'aquest compte.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: el dipòsit %s no és admès\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s no està autoritzat per canviar la contrasenya de %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+"%s: No podeu veure o canviar la informació de la contrasenya per a %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "S'està canviant la contrasenya per a %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "No s'ha canviat la contrasenya per a %s.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s:  S'ha canviat la contrasenya.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: la informació de caducitat de la contrasenya ha canviat.\n"
+
+# NOTE: passwd is a file (/etc/passwd)
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] [fitxer «/etc/passwd»]\n"
+"\n"
+"Opcions:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] [passwd [shadow]]\n"
+"\n"
+"Opcions:\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr "  -q, --quiet                   informa només dels errors\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: no hi ha un fitxer «shadow» alternatiu permès quan USE_TCB està "
+"habilitat.\n"
+
+msgid "invalid password file entry"
+msgstr "l'entrada del fitxer de contrasenyes no és vàlida"
+
+msgid "duplicate password entry"
+msgstr "l'entrada de contrasenya està duplicada"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "el nom d'usuari «%s» no és vàlid\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "l'ID d'usuari «%lu» no és vàlid\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "usuari «%s»: no existeix el grup %lu\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "usuari «%s»: el directori «%s» no existeix\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "usuari «%s»: el programa «%s» no existeix\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "no es troba el directori «tcb» per a %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "genera el directori «tcb» per a %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "ha fallat la generació del directori «tcb» per a %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: no es pot blocar el fitxer %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "cap entrada del fitxer de contrasenyes concorda amb %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "voleu afegir l'usuari «%s» a %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"l'usuari %s té una entrada a %s, però el seu camp de contrasenya a %s no "
+"està establert a «x»\n"
+
+msgid "invalid shadow password file entry"
+msgstr "l'entrada del fitxer de contrasenyes ombra no és vàlida"
+
+msgid "duplicate shadow password entry"
+msgstr "entrada de contrasenya ombra duplicada"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "usuari %s: l'últim canvi de contrasenya s'ha produït en el futur\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: no es pot ordenar les entrades en el fitxer %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: no es pot treballar amb el «tcb» habilitat\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: ha fallat el canvi del mode %s a 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "L'accés de «su» a aquest compte està DENEGAT.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "S'ha evitat l'autenticació de contrasenya.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Si us plau introduïu la VOSTRA contrasenya com a autenticació.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: no es pot blocar el «shell» de l'usuari\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: senyal de mal funcionament\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: el senyal emmascara un error\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Sessió acabada, finalitzant el «shell»..."
+
+msgid " ...killed.\n"
+msgstr "...mort.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr "...esperant al fill per acabar.\n"
+
+msgid " ...terminated.\n"
+msgstr "...acabat.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Forma d'ús: su [opcions] [USUARI]\n"
+"\n"
+"Opcions:\n"
+"  -c, --command ORDRE           passa l'ORDRE a l'intèrpret d'ordres\n"
+"                                invocat\n"
+"  -h, --help                    mostra aquest missatge d'ajuda i acaba\n"
+"  -, -l, --login                fes de l'intèrpret d'ordres un d'accés\n"
+"  -m, -p,\n"
+"  --preserve-environment        manté les variables d'entorn,\n"
+"                                i el mateix intèrpret d'ordres\n"
+"  -s, --shell INTÈRPRET         fes servir INTÈRPRET en comptes del\n"
+"                                predeterminat a passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorat)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "No esteu autoritzats a usar «su %s»\n"
+
+msgid "(Enter your own password)"
+msgstr "(Introduïu la vostra pròpia contrasenya)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: l'autenticació ha fallat\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s:  No estau autoritzat a usar «su» en aquest moment\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "No hi ha entrada de contrasenya per a l'usuari «%s»\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: s'ha d'executar des d'un terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: error %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: No es pot deixar anar el terminal de control\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "No es pot executar %s\n"
+
+msgid "No password file"
+msgstr "No hi ha fitxer de contrasenyes"
+
+msgid "TIOCSCTTY failed"
+msgstr "ha fallat TIOCSCTTY"
+
+msgid "No password entry for 'root'"
+msgstr "No hi ha entrada de contrasenya per a «root»"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Pitgeu «control-d» per continuar amb l'inici normal del sistema,\n"
+"(o introduïu la contrasenya de «root» per a manteniment del sistema):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "S'està entrant en mode de manteniment del sistema"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s va ser generat, però no és possible eliminar-ho\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: la configuració %s a %s serà ignorada\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: no es pot crear un fitxer nou de preferències predeterminades\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: no es pot obrir un fitxer nou de preferències predeterminades\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: línia massa llarga a %s: %s..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: no es pot generar l'enllaç simbòlic %s: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: reanomena %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: el grup «%s» és un grup NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: s'han especificat massa grups (màx de %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Forma d'ús: %s [opcions] LOGIN\n"
+"            %s -D\n"
+"            %s -D [opcions]\n"
+"\n"
+"Opcions:\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -b, --base-dir BASE_DIR       directori base per al directori arrel del\n"
+"                                compte nou\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr "  -c, --comment COMMENT         camp GECOS del nou compte\n"
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr "  -d, --home-dir HOME_DIR       directori arrel del nou compte\n"
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+"  -D, --defaults                imprimeix o canvia la configuració "
+"predeterminada de l'usuari afegit\n"
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr "  -e, --expiredate EXPIRE_DATE  data de venciment del nou compte\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr "  -f, --inactive INACTIVE       període d'inactivitat del nou compte\n"
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+"  -g, --gid GROUP               nom o ID del grup primari del nou\n"
+"                                compte\n"
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+"  -G, --groups GROUPS           llista dels grups suplementaris del nou\n"
+"                                compte\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+"  -k, --skel SKEL_DIR           fer servir aquesta branca de directori "
+"alternativa\n"
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -l, --no-log-init             no afegir l'usuari al darrer informe i\n"
+"                                a la base de dades dels informes d'errades\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+"  -m, --create-home             genera el directori arrel dels usuaris\n"
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+"  -M, --no-create-home          no genera el directori arrel dels usuaris\n"
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+"  -N, --no-user-group           no genera el grup amb el mateix nom de\n"
+"                               l'usuari\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              permetre generar usuaris amb duplicació\n"
+"                                (no únics) UID\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr "  -p, --password PASSWORD       contrasenya xifrada del nou compte\n"
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr "  -s, --shell SHELL             «shell» d'entrada del nou compte\n"
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr "  -u, --uid UID                 ID d'usuari del nou compte\n"
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+"  -U, --user-group              generar un grup amb el mateix nom que "
+"l'usuari\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+"  -Z, --selinux-user SEUSER     utilitzar un «SEUSER» específic per a "
+"l'assignació d'usuaris «SELinux»\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: el directori base «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: el comentari «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: el directori personal «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: les contrasenyes ombra són requerides per a «-e»\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: les contrasenyes ombra són requerides per a «-f»\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: el camp «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: l'intèrpret «%s» no és vàlid\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z requereix nucli «SELinux» habilitat\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+"%s: ha fallat el restabliment de l'entrada del registre d'errors de UID %lu: "
+"%s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: ha fallat el restabliment del darrer registre de UID %lu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: ha fallat la preparació de la nova entrada %s: «%s»\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: no es pot crear el directori %s\n"
+
+msgid "Creating mailbox file"
+msgstr "S'està creant la bústia de correu"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"No s'ha trobat el grup «mail». S'està creant la bústia de correu de "
+"l'usuariamb mode 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "S'estan establint els permisos de la bústia de correu"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: l'usuari «%s» existeix\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: el grup %s existeix, si voleu afegir aquest usuari a aquest grup, useu «-"
+"g».\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: no es pot generar l'usuari\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: el UID %lu no és únic\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: no es pot generar el directori «tcb» per a %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: no es pot generar el grup\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: no es pot generar l'usuari\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: no es pot generar el grup\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: avís: el directori personal ja existeix.\n"
+"No s'hi copiarà cap fitxer del directori skel.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: avís: falla el nom d'usuari %s a %s a l'assignació d'usuaris «SELinux».\n"
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   força l'eliminació de fitxers, encara que\n"
+"                                no siguin propietat de l'usuari\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+"  -r, --remove                  elimina el directori personal i la cua\n"
+"                                de correu\n"
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+"  -Z, --selinux-user            elimina totes les assignacions SELinux per a "
+"l'usuari\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: no s'ha pogut eliminar el grup %s degut a què no és el grup primari de "
+"l'usuari %s\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: no s'eliminarà el grup %s degut a que hi ha usuaris assignats.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: no es pot eliminar el grup %s, que és el grup primari per un altre "
+"usuari.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: no es pot eliminar l'entrada «%s» de %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s no s'ha trobat la cua de correu (%s)\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: avís: no es pot eliminar %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s no és propietat de %s, no s'elimina\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+"%s: No és possible assignar memòria, l'entrada «tcb» de %s no s'elimina.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: no es poden eliminar autoritzacions: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: no es pot eliminar el contingut de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: no es pot eliminar els fitxers «tcb» de %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: l'usuari %s és un usuari NIS\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: no s'ha trobat el directori personal (%s) de %s \n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: no s'elimina el directori %s (eliminaria el directori personal de "
+"l'usuari %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: s'ha produït un error en eliminar el directori %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: avís: ha fallat l'eliminació del nom d'usuari %s de l'assignació "
+"d'usuaris SELinux.\n"
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment COMENTARI       nou valor per al camp GECOS\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+"  -d, --home DIR_PERSONAL       nou directori personal per al nou compte\n"
+"                                d'usuari\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -e, --expiredate DATA_CADUCITAT estableix la data de caducitat del compte\n"
+"                                a DATA_CADUCITAT\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive INACTIU        estableix la contrasenya a inactiva després\n"
+"                                d'INACTIU dies de caducitat\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+"  -g, --gid GRUP                força l'ús de GRUP com a nou grup inicial\n"
+"                                d'accés\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr "  -G, --groups GRUPS            llista de GRUPS addicionals\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+"  -a, --append                  afegeix l'usuari als GRUPS addicionals\n"
+"                                llistats amb la opció -G sense eliminar-los\n"
+"                                d'altres grups\n"
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login NEW_LOGIN         nou nom d'usuari\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -l, --login USUARI            nou valor per al nom d'usuari\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               mou els continguts del directori personal\n"
+"                                a la nova ubicació (usar només amb -d)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr "  -o, --non-unique              permet usar UID duplicats (no únics)\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+"  -p, --password CONTRASENYA    usa contrasenya xifrada per a la nova\n"
+"                                contrasenya\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr "  -u, --uid UID                 nou UID per al compte d'usuari\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr "  -U, --unlock                  desbloca el compte d'usuari\n"
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -Z, --selinux-user SEUSER     nova assignació SELinux per al compte "
+"d'usuari\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: el desbloqueig de la contrasenya de l'usuari deixarà el compte sense "
+"contrasenya.\n"
+"Ha d'establir una contrasenya amb «usermod-p» per desbloquejar la "
+"contrasenya de l'usuari.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: l'usuari «%s» ja existeix a %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: la data «%s» no és vàlida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: la data «%s» no és vàlida\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: sense opcions\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: els indicadors -L, -p, i -U són exclusius\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: les contrasenyes ombra són obligatòries per a «-e» i «-f»\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID '%lu' ja existeix\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s no està autoritzat per canviar la contrasenya de %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: el directori %s ja existeix\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: El directori arrel d'usuari anterior (%s) no és un directori. No s'ha "
+"eliminat i no s'han generat els directoris arrels d'usuaris.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: No s'ha pogut canviar la propietat del directori d'inici"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: avís: no s'ha pogut eliminar completament l'antic directori personal %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: no es pot reanomenar el directori %s a %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: ha fallat la còpia de l'entrada del darrer registre de l'usuari %lu al "
+"usuari  %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: ha fallat la còpia de l'entrada del registre d'errors del usuari %lu al "
+"usuari  %lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: avís: %s no és propietat de %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "no s'ha pogut canviar el propietari de la bústia de correu"
+
+msgid "failed to rename mailbox"
+msgstr "no s'ha pogut reanomenar la bústia de correu"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: ha fallat la preparació de la nova entrada %s: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: ha fallat la preparació de la nova entrada %s: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: ha fallat la preparació de la nova entrada %s: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: ha fallat la preparació de la nova entrada %s: «%s»\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Heu modificat %s.\n"
+"Cal que modifiqueu %s per mantenir la consistència.\n"
+"Feu servir l'ordre «%s» per fer-ho.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   edita la base de dades del grup\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+"  -p, --passwd                  edita la base de dades de contrasenyes\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+"  -s, --shadow                  edita la base de dades «shadow» o «gshadow»\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+"  -u, --user                    usuaris «tcb» que poden editar el fitxer "
+"«shadow»\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: fallida en eliminar %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: no s'ha canviat %s\n"
+
+msgid "failed to create scratch directory"
+msgstr "no s'ha pogut generar el directori temporal"
+
+msgid "failed to drop privileges"
+msgstr "fallida en eliminar els permisos"
+
+msgid "Couldn't get file context"
+msgstr "No s'ha pogut obtenir el context del fitxer"
+
+msgid "setfscreatecon () failed"
+msgstr "ha fallat setfscreatecon()"
+
+msgid "failed to gain privileges"
+msgstr "fallida en obtenir els permisos"
+
+msgid "Couldn't lock file"
+msgstr "No s'ha pogut blocar el fitxer"
+
+msgid "Couldn't make backup"
+msgstr "No s'ha pogut fer una còpia de seguretat"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: «nscd» ha sortit amb l'estat %d"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "no s'ha pogut obrir el fitxer de treball («scratch file»)"
+
+msgid "failed to unlink scratch file"
+msgstr "no s'ha pogut desvincular el fitxer de treball "
+
+msgid "failed to stat edited file"
+msgstr "no s'ha pogut comptabilitzar el fitxer editat"
+
+msgid "failed to allocate memory"
+msgstr "no es pot assignar memòria"
+
+msgid "failed to create backup file"
+msgstr "no es pot generar el fitxer de còpia de seguretat"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: no es pot restaurar %s: %s (els seus canvis estan a %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: no es pot trobar el directori «tcb» per %s\n"
+
+#~ msgid "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ msgstr "  -c, --crypt-method            el mètode d'encriptat (un de %s)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Forma d'ús: vipw [opcions]\n"
+#~ "\n"
+#~ "Opcions:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) ha fallat\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: chage [opcions] [USUARI]\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ "  -d, --lastday ÚLTIM_DIA          estableix l'últim canvi de "
+#~ "contrasenya\n"
+#~ "                                   a ÚLTIM_DIA\n"
+#~ "  -E, --expiredate DATA_EXPIRACIÓ  estableix la data d'expiració del\n"
+#~ "                                   compte a DATA_EXPIRACIÓ\n"
+#~ "  -h, --help                       mostra aquesta ajuda i acaba\n"
+#~ "  -I, --inactive INACTIVA          estableix la contrasenya inactiva\n"
+#~ "                                   després d'expiració a INACTIVA\n"
+#~ "  -l, --list                       mostra informació d'envelliment del\n"
+#~ "                                   compte\n"
+#~ "  -m, --mindays DIES_M�N           estableix el número mínim de dies "
+#~ "abans\n"
+#~ "                                   de canvi de contrasenya a DIES_M�N\n"
+#~ "  -M, --maxdays DIES_MÀX           estableix el número màxim de dies "
+#~ "abans\n"
+#~ "                                   de canvi de contrasenya a DIES_MÀX\n"
+#~ "  -W, --warndays DIES_AV�S         estableix els dies d'avís d'expiració\n"
+#~ "                                   a DIES_AV�S\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: l'autenticació PAM ha fallat\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Forma d'ús: %s [-f nom_complet] [-r num_habitació] [-w tel_feina]\n"
+#~ "\t[-h tel_casa] [-o altre] [usuari]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Forma d'ús: %s [-f nom_complet] [-r num_habitació] [-w tel_feina]\n"
+#~ "[-h tel_casa]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Forma d'ús: %s [opcions]\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ " -c, --crypt-method            mètode de xifrat (un de %s)\n"
+#~ "  -e, --encrypted               les contrasenyes proveïdes estan "
+#~ "xifrades\n"
+#~ "  -h, --help                    mostra aquest missatge d'ajuda i acaba\n"
+#~ "  -m, --md5                     xifra la contrasenya en text pla fent "
+#~ "servir\n"
+#~ "                                l'algorisme MD5\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: chsh [opcions] [USUARI]\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ "  -h, --help                    mostra aquest missatge d'ajuda i acaba\n"
+#~ "  -s, --shell INTÈRPRET         nou intèrpret d'accés per al compte "
+#~ "d'usuari\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Forma d'ús: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: Errada en l'obtenció de l'entrada per UID %lu\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "informe d'error: no es pot obrir %s: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: No és possible obtenir la mida de %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Forma d'ús: groupdel grup\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Forma d'ús: %s [-r] [-s] [grup [grup_ombra]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Forma d'ús: %s [-r] [-s] [grup]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: «-s» i «-r» són incompatibles\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Forma d'ús: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Forma d'ús: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: lastlog [opcions]\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ "  -b, --before DIES             mostra només els registres de lastlog "
+#~ "més\n"
+#~ "                                antics que DIES\n"
+#~ "  -h, --help                    mostra aquest missatge d'ajuda i acaba\n"
+#~ "  -t, --time DIES               mostra només els registres de lastlog "
+#~ "més\n"
+#~ "                                recents que DIES\n"
+#~ "  -u, --user USUARI             mostra el registre de lastlog per a\n"
+#~ "                                l'usuari amb USUARI especific\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: passwd [opcions] [USUARI]\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ "  -a, --all                     informa de l'estat de la contrasenya\n"
+#~ "                                per a tots els comptes\n"
+#~ "  -d, --delete                  esborra la contrasenya per al compte\n"
+#~ "                                anomenat\n"
+#~ "  -e, --expire                  força la caducitat de la contrasenya per\n"
+#~ "                                al compte anomenat\n"
+#~ "  -h, --help                    mostra aquest missatge d'ajuda i acaba\n"
+#~ "  -k, --keep-tokens             canvia la contrasenya només si ha "
+#~ "caducat\n"
+#~ "  -i, --inactive INACTIU        estableix la contrasenya a inactiva "
+#~ "després\n"
+#~ "                                d'INACTIU dies de caducitat\n"
+#~ "  -l, --lock                    bloca el compte anomenat\n"
+#~ "  -n, --mindays DIES_M�N        estableix els dies mínims abans del "
+#~ "canvi\n"
+#~ "                                de contrasenya a DIES_M�N\n"
+#~ "  -q, --quiet                   mode silenciós\n"
+#~ "  -r, --repository REPOSITORI   canvia la contrasenya en el REPOSITORI\n"
+#~ "  -S, --status                  informa de l'estat de la contrasenya per\n"
+#~ "                                al compte anomenat\n"
+#~ "  -u, --unlock                  desbloca el compte anomenat\n"
+#~ "  -w, --warndays DIES_AV�S      estableix els dies d'avís de caducitat\n"
+#~ "                                a DIES_AV�S\n"
+#~ "  -x, --maxdays DIES_MÀX        estableix els dies màxims abans del "
+#~ "canvi\n"
+#~ "                                de contrasenya a DIES_MÀX\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Forma d'ús: %s [-q] [-r] [contrasenya]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Forma d'ús: %s [-q] [-r] [-s] [contrasenya [ombra]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Forma d'ús: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Forma d'ús: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "El identificador és desconegut: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "No hi ha intèrpret d'ordres\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: userdel [opcions] USUARI\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ "  -f, --force                   força l'eliminació de fitxers, encara "
+#~ "que\n"
+#~ "                                no siguin propietat de l'usuari\n"
+#~ "  -h, --help                    mostra aquesta ajuda i acaba\n"
+#~ "  -r, --remove                  elimina el directori personal i la cua\n"
+#~ "                                de correu\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: l'usuari %s està actualment dins el sistema\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Forma d'ús: usermod [opcions] USUARI\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ "  -c, --comment COMENTARI       nou valor per al camp GECOS\n"
+#~ "  -d, --home DIR_PERSONAL       nou directori personal per al nou compte\n"
+#~ "                                d'usuari\n"
+#~ "  -e, --expiredate DATA_CADUCIT estableix la data de caducitat del "
+#~ "compte\n"
+#~ "                                a DATA_CADUCITAT\n"
+#~ "  -f, --inactive INACTIU        estableix la contrasenya a inactiva "
+#~ "després\n"
+#~ "                                d'INACTIU dies de caducitat\n"
+#~ "  -g, --gid GRUP                força l'ús de GRUP com a nou grup "
+#~ "inicial\n"
+#~ "                                d'accés\n"
+#~ "  -G, --groups GRUPS            llista de GRUPS addicionals\n"
+#~ "  -a, --append                  afegeix l'usuari als GRUPS addicionals\n"
+#~ "                                llistats amb la opció -G sense eliminar-"
+#~ "los\n"
+#~ "                                d'altres grups\n"
+#~ "  -h, --help                    mostra aquest missatge d'ajuda i surt\n"
+#~ "  -l, --login USUARI            nou valor per al nom d'usuari\n"
+#~ "  -L, --lock                    bloca el compte d'usuari\n"
+#~ "  -m, --move-home               mou els continguts del directori "
+#~ "personal\n"
+#~ "                                a la nova ubicació (usar només amb -d)\n"
+#~ "  -o, --non-unique              permet usar UID duplicats (no únics)\n"
+#~ "  -p, --password CONTRASENYA    usa contrasenya xifrada per a la nova\n"
+#~ "                                contrasenya\n"
+#~ "  -s, --shell INTÈRPRET         nou intèrpret d'accés per al compte "
+#~ "d'usuari\n"
+#~ "  -u, --uid UID                 nou UID per al compte d'usuari\n"
+#~ "  -U, --unlock                  desbloca el compte d'usuari\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: no s'han especificat assenyaladors\n"
+
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: vipw [opcions]\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ "  -g, --group                   edita la base de dades de grup\n"
+#~ "  -h, --help                    mostra aquest missatge d'ajuda i acaba\n"
+#~ "  -p, --passwd                  edita la base de dades de passwd\n"
+#~ "  -q, --quiet                   mode silenciós\n"
+#~ "  -s, --shadow                  edita la base de dades de shadow o "
+#~ "gshadow\n"
+#~ "\n"
+
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Forma d'ús: %s [entrada]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: no es pot crear %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: no es pot fer canviar el propietari a %s\n"
+
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     display faillog records for all users\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --lock-time SEC           after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| "  -m, --maximum MAX             set maximum failed login counters to "
+#~| "MAX\n"
+#~| "  -r, --reset                   reset the counters of login failures\n"
+#~| "  -t, --time DAYS               display faillog records more recent than "
+#~| "DAYS\n"
+#~| "  -u, --user LOGIN              display faillog record or maintains "
+#~| "failure\n"
+#~| "                                counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| "                                options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: faillog [opcions]\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ "  -a, --all                     mostra els registres de faillog de tots "
+#~ "els\n"
+#~ "                                usuaris\n"
+#~ "  -h, --help                    mostra aquest missatge d'ajuda i acaba\n"
+#~ "  -l, --lock-time SEG           bloca durant SEG segons després d'una\n"
+#~ "                                fallada d'accés\n"
+#~ "  -m, --maximum MÀX             especifica els comptadors màxims de\n"
+#~ "                                fallades d'accés a MÀX\n"
+#~ "  -r, --reset                   reinicialitza els comptadors de fallades\n"
+#~ "                                d'accés\n"
+#~ "  -t, --time DIES               mostra registres de faillog més recents "
+#~ "que\n"
+#~ "                                DIES\n"
+#~ "  -u, --user USUARI             mostra registre de faillog o manté\n"
+#~ "                                comptadors de fallades i límits (si es "
+#~ "fa\n"
+#~ "                                servir amb les opcions -r, -m o -l) "
+#~ "només\n"
+#~ "                                per a l'usuari amb USUARI\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: groupadd [opcions] GRUP\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ "  -f, --force                   força la sortida amb un estat d'èxit si "
+#~ "el\n"
+#~ "                                grup especificat ja existeix\n"
+#~ "  -g, --gid GID                 usa GID per al nou grup\n"
+#~ "  -h, --help                    mostra aquest missatge d'ajuda i acaba\n"
+#~ "  -K, --key CLAU=VALOR          substitueix els valors predeterminats de\n"
+#~ "                                /etc/login.defs\n"
+#~ "  -o, --non-unique              permet crear grups amb GID duplicats\n"
+#~ "                                (no únics)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: groupmod [opcions] GRUP\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ "  -g, --gid GID                 força l'ús del nou GID per a GRUP\n"
+#~ "  -h, --help                    mostra aquest missatge d'ajuda i acaba\n"
+#~ "  -n, --new-name NOU_GRUP       força l'ús del nom NOU_GRUP per a GRUP\n"
+#~ "  -o, --non-unique              permet usar GID duplicats (no únics) per\n"
+#~ "                                a GRUP\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Forma d'ús: useradd [opcions] USUARI\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ "  -b, --base-dir DIR_BASE          directori base per al directori "
+#~ "personal\n"
+#~ "                                   del nou compte d'usuari\n"
+#~ "  -c, --comment COMENTARI          estableix el camp GECOS per al nou\n"
+#~ "                                   compte d'usuari\n"
+#~ "  -d, --home-dir DIR_PERSONAL      directori personal per al nou compte\n"
+#~ "  -D, --defaults                   mostra o guarda les modificacions a "
+#~ "les\n"
+#~ "                                   d'usuari configuracions "
+#~ "predeterminades\n"
+#~ "                                   de useradd\n"
+#~ "  -e, --expiredate DATA_CADUCITAT  estableix la data de caducitat del\n"
+#~ "                                   compte a DATA_CADUCITAT\n"
+#~ "  -f, --inactive INACTIU           estableix la contrasenya a inactiva\n"
+#~ "                                   després\n"
+#~ "                                   d'INACTIU dies de caducitat\n"
+#~ "  -g, --gid GRUP                   força l'ús del GRUP per al nou compte\n"
+#~ "                                   creat\n"
+#~ "  -G, --groups GRUPS               llista de grups suplementaris per al "
+#~ "nou\n"
+#~ "                                   compte d'usuari\n"
+#~ "  -h, --help                       mostra aquest missatge d'ajuda i "
+#~ "acaba\n"
+#~ "  -k, --skel DIR_SKEL              especifica un directori skel "
+#~ "alternatiu\n"
+#~ "  -K, --key CLAU=VALOR             substitueix els valors predeterminats "
+#~ "de\n"
+#~ "                                   /etc/login.defs\n"
+#~ "  -m, --create-home                crea el directori personal per al nou\n"
+#~ "                                   compte d'usuari\n"
+#~ "  -o, --non-unique                 permet crear usuaris amb UID "
+#~ "duplicats\n"
+#~ "                                   (no únics)\n"
+#~ "  -p, --password CONTRASENYA       usa contrasenya xifrada per al nou\n"
+#~ "                                   compte d'usuari\n"
+#~ "  -s, --shell INTÈRPRET            l'intèrpret d'accés per al nou compte\n"
+#~ "                                   d'usuari\n"
+#~ "  -u, --uid UID                    força l'ús de UID per al nou compte\n"
+#~ "                                   d'usuari\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "S'ha establert la contrasenya a caducada."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de contrasenyes\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de contrasenyes\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: no es pot reescriure el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: no es pot reescriure el fitxer de contrasenyes\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: no es pot actualitzar el fitxer de contrasenyes ombra\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tNom complet: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tNúmero d'habitació: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTelèfon de la feina: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTelèfon de casa: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr ""
+#~ "No s'ha pogut blocar el fitxer de contrasenyes; intenteu-ho més tard\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "No s'ha pogut obrir el fitxer de contrasenyes.\n"
+
+#~ msgid "%s: %s not found in /etc/passwd\n"
+#~ msgstr "%s: no s'ha trobat %s a «/etc/passwd»\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Error en actualitzar l'entrada de la contrasenya.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "No es poden confirmar els canvis del fitxer de contrasenyes.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "No s'ha pogut desblocar el fitxer de contrasenyes.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de grups\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de grups\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: no s'ha pogut blocar el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: no s'ha pogut obrir el fitxer de contrasenyes ombra\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr ""
+#~ "%s: s'ha produït un error en actualitzar el fitxer de contrasenyes ombra\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: s'ha produït un error en actualitzar l'entrada de grup\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: línia %d: el grup %s és desconegut\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: línia %d: no es pot actualitzar l'entrada\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: no s'ha pogut blocar el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr ""
+#~ "%s: s'ha produït un error en actualitzar el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr ""
+#~ "%s: s'ha produït un error en actualitzar el fitxer de contrasenyes\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: línia %d: l'usuari %s és desconegut\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr ""
+#~ "%s: línia %d: no s'ha pogut actualitzar l'entrada de la contrasenya\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: l'usuari és desconegut\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "L'usuari és desconegut: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Forma d'ús: %s [-r|-R] grup\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "       %s [-a usuari] grup\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "       %s [-d usuari] grup\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "       %s [-A usuari,...] [-M usuari,...] grup\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "       %s [-M usuari,...] grup\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: no es pot obtenir el bloqueig\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr ""
+#~ "%s: no es pot obtenir el bloqueig del fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: no es pot obrir el fitxer\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: no es pot reescriure el fitxer ombra\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: no es pot desblocar el fitxer\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: no es pot actualitzar l'entrada\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr ""
+#~ "%s: no es pot actualitzar l'entrada del fitxer de contrasenyes ombra\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "El grup és desconegut: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: no es pot obrir el fitxer\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: no s'ha pogut obrir el fitxer de contrasenyes ombra\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Qui sou?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: El membre %s és desconegut\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: s'ha produït un error en afegir la nova entrada de grup\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: no es pot reescriure el fitxer de grup\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: no es pot reescriure el fitxer de grups ombra\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de grup\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de grup\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de grup ombra\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de grup ombra\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: el GID %u no és únic\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: s'ha produït un error en eliminar l'entrada de grup\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: s'ha produït un error en eliminar l'entrada de grup ombra\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: no es pot eliminar el grup primari de l'usuari.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "No s'han trobat els membres a borrar\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr "Forma d'ús: groupmems -a úsuari | -d úsuari | -D | -l [-g grup]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Només el superusuari pot afegir members a grups diferents\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "És requereix accés de grup\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "No és propietari principal del grup actual\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "l'autenticació PAM ha fallat per\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "No es pot blocar el fitxer de grup\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "No es pot obrir el fitxer de grup\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: no s'ha trobat %s a «/etc/group»\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u no és un GID únic\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s no és un nom únic\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: no es pot reescriure el fitxer de contrasenyes\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de contrasenyes\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: no es pot d'obrir el fitxer de contrasenyes\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: no es pot actualitzar l'entrada ombra per a %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: no es pot actualitzar l'entrada per al grup %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de grups ombra\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de grups ombra\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: no es pot eliminar el grup ombra %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: no es pot actualitzar el fitxer de grups ombra\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: no es pot eliminar el fitxer de grups ombra\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "El UID és desconegut: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "El GID és desconegut: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: el grup %s no existeix\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: l'usuari %s no existeix\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: el nom d'usuari «%s» no és vàlid\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: no es pot blocar «/etc/passwd».\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: no es pot blocar «/etc/passwd».\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: no es pot blocar «/etc/passwd».\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: no es pot blocar «/etc/passwd».\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: no es poden obrir els fitxers\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: s'ha produït un error en actualitzar el fitxer\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: no es pot actualitzar l'entrada de la contrasenya per a %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de contrasenyes\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de contrasenyes\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: no es pot eliminar l'entrada ombra per a %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: no es pot actualitzar el fitxer de contrasenyes\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: no es pot actualitzar l'entrada per a l'usuari %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: no es pot eliminar el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: el GID %s és desconegut\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: el grup %s és desconegut\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: sense memòria a update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: no es pot reescriure el fitxer de contrasenyes\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: no es pot reescriure el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: no es pot blocar el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de contrasenyes ombra\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: s'ha produït un error en blocar el fitxer de grups\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: s'ha produït un error en obrir el fitxer de grups\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: s'ha produït un error en blocar el fitxer de grups ombra\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: s'ha produït un error en obrir el fitxer de grups ombra\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr ""
+#~ "%s: s'ha produït un error en afegir la nova entrada de contrasenya\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr ""
+#~ "%s: s'ha produït un error en afegir la nova entrada de contrasenya ombra\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: avís: CREATE_HOME no està suportat, si us plau useu «-m» en el seu "
+#~ "lloc.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: s'ha produït un error en actualitzar l'entrada de grup\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: s'ha produït un error en actualitzar l'entrada de grup\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de grups\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: no es pot obrir el fitxer de grups ombra\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: s'ha produït un error en eliminar l'entrada de contrasenya\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr ""
+#~ "%s: s'ha produït un error en eliminar l'entrada de contrasenya ombra\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: s'ha produït un error en afegir la nova entrada de grup\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: l'UID %lu no és únic\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: s'ha produït un error en canviar l'entrada de contrasenya\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: s'ha produït un error en eliminar l'entrada de contrasenya\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr ""
+#~ "%s: s'ha produït un error en eliminar l'entrada de contrasenya ombra\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: no es pot obtenir un GID únic\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " a «%.100s» des de «%.200s»"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " a «%.100s»"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: línia %d: no es pot crear el UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: el nom %s no és únic\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Forma d'ús: chpasswd [opcions]\n"
+#~ "\n"
+#~ "Opcions:\n"
+#~ "  -e, --encrypted\tles contrasenyes proveïdes estan xifrades\n"
+#~ "  -h, --help\t\tmostra aquest missatge d'ajuda i acaba\n"
+#~ "  -m, --md5\t\tusa xifrat MD5 en comptes de DES quan les contrasenyes\n"
+#~ "\t\t\tproveïdes no estan xifrades\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "No hi ha fitxer de contrasenyes\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Disculpeu.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Disculpeu, la contrasenya per a %s encara no es pot canviar.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Disculpeu."
diff --git a/po/cs.po b/po/cs.po
new file mode 100644
index 0000000..7828ebe
--- /dev/null
+++ b/po/cs.po
@@ -0,0 +1,3686 @@
+# Czech translation of shadow-utils.
+# Jiří Pavlovský <pavlovsk@ff.cuni.cz>, 1999-2000
+# Miroslav Kuře <kurem@debian.cz>, 2004-2014
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.2\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2014-08-22 17:05+0200\n"
+"PO-Revision-Date: 2014-08-24 15:07+0200\n"
+"Last-Translator: Miroslav Kure <kurem@debian.cz>\n"
+"Language-Team: Czech <debian-l10n-czech@lists.debian.org>\n"
+"Language: cs\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
+"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Zjištěno několik záznamů pojmenovaných „%s“ v souboru %s. Napravte to prosím "
+"pomocí pwck nebo grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "typ šifry není knihovnou libcrypt podporován? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "konfigura�ní chyba - nelze zpracovat hodnotu %s: „%s“"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Nelze alokovat dostatek místa pro konfigura�ní údaje.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"konfigura�ní chyba - neznámá položka „%s“ (informujte správce systému)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd nebyl ukon�en normálně (signál %d)\n"
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd skon�il se stavem %d\n"
+
+msgid "Password: "
+msgstr "Heslo: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Heslo uživatele %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "Nelze vytvořit spojení k SELinuxovému semanage\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "Politika SELinuxu není řízená\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "Nelze �íst úložiště SELinux politik\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "Nelze navázat spojení k SELinuxovému semanage\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "Nelze zahájit SELinux transakci\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "Dotaz na „seuser“ uživatele %s selhal\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "Nelze nastavit „serange“ uživatele %s\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "Nelze nastavit „sename“ uživatele %s\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Nelze změnit mapování uživatele %s na SEuživatele\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Nelze vytvořit mapování uživatele %s na SEuživatele\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Nelze nastavit jméno uživatele %s\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "Nelze nastavit SELinux uživatele pro %s\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Nelze přidat mapování uživatele %s na SEuživatele\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "Nelze inicializovat správu SELinuxu\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "Nelze vytvořit uživatelský klí� k SELinuxu\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "Nelze ověřit SELinux uživatele\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "Nelze změnit mapování na SELinuxového uživatele\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "Nelze přidat mapování na SELinuxového uživatele\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "Nelze dokon�it SELinuxovou transakci\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"Mapování uživatele %s není definováno, OK, pokud bylo použito výchozí "
+"mapování\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr "Mapování uživatele %s je definováno v politice, nemůže být smazáno\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Nelze smazat mapování pro uživatele %s"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: došla paměť\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: nelze zavolat stat %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s není ani adresář, ani symbolický odkaz.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: Nelze �íst symbolický odkaz %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: Podezřele dlouhý symbolický odkaz: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: Nelze vytvořit adresář %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: Nelze změnit vlastníka %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: Nelze změnit oprávnění k %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: smazání: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: Nelze odstranit adresář %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: Nelze přejmenovat %s na %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: Nelze odstranit %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: Nelze vytvořit symbolický odkaz %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Nelze změnit vlastníky %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: Nelze zavolat lstat %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Varování, uživatel %s nemá v tcb svůj soubor shadow.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Krizový stav: shadow v tcb uživatele %s není běžným souborem "
+"(st_nlink=1).\n"
+"Ú�et je ponechán zamknutý.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: vytvoření adresáře: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: Nelze otevřít %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Varování: neznámá skupina %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Varování: příliš mnoho skupin\n"
+
+msgid "Your password has expired."
+msgstr "Platnost vašeho hesla vypršela."
+
+msgid "Your password is inactive."
+msgstr "Vaše heslo je vypnuto."
+
+msgid "Your login has expired."
+msgstr "Platnost vašeho ú�tu vypršela."
+
+msgid "  Contact the system administrator."
+msgstr "  Kontaktujte správce systému."
+
+msgid "  Choose a new password."
+msgstr "  Zvolte nové heslo."
+
+msgid "You must change your password."
+msgstr "Musíte si změnit heslo."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Platnost vašeho hesla vyprší za %ld dnů.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Platnost vašeho hesla vyprší zítra."
+
+msgid "Your password will expire today."
+msgstr "Platnost vašeho hesla vyprší dnes."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Nelze otevřít auditní rozhraní - kon�ím.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Nelze změnit vlastníka nebo oprávnění k tty stdin: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: nepodařilo se odemknout %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Přete�ení prostředí\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Nemůžete změnit $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d selhání od posledního přihlášení.\n"
+"Poslední: %s na %s.\n"
+msgstr[1] ""
+"%d selhání od posledního přihlášení.\n"
+"Poslední: %s na %s.\n"
+msgstr[2] ""
+"%d selhání od posledního přihlášení.\n"
+"Poslední: %s na %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Neplatné nastavení: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Neplatné nastavení: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: selhala alokace paměti: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: Nelze získat jedine�né systémové GID (volná GID neexistují)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Nelze získat jedine�né GID (volná GID neexistují)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SUB_GID_MIN (%lu), SUB_GID_MAX (%lu), "
+"SUB_GID_COUNT (%lu)\n"
+msgstr ""
+"%s: Neplatné nastavení: SUB_GID_MIN (%lu), SUB_GID_MAX (%lu), "
+"SUB_GID_COUNT (%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique subordinate GID range\n"
+msgstr "%s: Nelze získat jedine�ný rozsah podřízených GID\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SUB_UID_MIN (%lu), SUB_UID_MAX (%lu), "
+"SUB_UID_COUNT (%lu)\n"
+msgstr ""
+"%s: Neplatné nastavení: SUB_UID_MIN (%lu), SUB_UID_MAX (%lu), "
+"SUB_UID_COUNT (%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique subordinate UID range\n"
+msgstr "%s: Nelze získat jedine�ný rozsah podřízených UID\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Neplatné nastavení: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Neplatné nastavení: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: Nelze získat jedine�né systémové UID (volná UID neexistují)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: Nelze získat jedine�né UID (volná UID neexistují)\n"
+
+#, c-format
+msgid "%s: Not enough arguments to form %u mappings\n"
+msgstr "%s: Nedostatek argumentů pro vytvoření %u mapování\n"
+
+#, c-format
+msgid "%s: Memory allocation failure\n"
+msgstr "%s: Chyba alokace paměti\n"
+
+#, c-format
+msgid "%s: snprintf failed!\n"
+msgstr "%s: snprintf selhalo!\n"
+
+#, c-format
+msgid "%s: open of %s failed: %s\n"
+msgstr "%s: otevření %s selhalo: %s\n"
+
+#, c-format
+msgid "%s: write to %s failed: %s\n"
+msgstr "%s: zápis do %s selhal: %s\n"
+
+msgid "Too many logins.\n"
+msgstr "Příliš mnoho přihlášení.\n"
+
+msgid "You have new mail."
+msgstr "Máte novou poštu."
+
+msgid "No mail."
+msgstr "Nemáte žádnou poštu."
+
+msgid "You have mail."
+msgstr "Máte poštu."
+
+msgid "no change"
+msgstr "beze změny"
+
+msgid "a palindrome"
+msgstr "palindrom"
+
+msgid "case changes only"
+msgstr "pouze změna velikosti písmen"
+
+msgid "too similar"
+msgstr "příliš podobné"
+
+msgid "too simple"
+msgstr "příliš jednoduché"
+
+msgid "rotated"
+msgstr "rotované"
+
+msgid "too short"
+msgstr "příliš krátké"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Chybné heslo: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: volání pam_start() selhalo, chyba %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: heslo nebylo změněno\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: heslo bylo úspěšně změněno\n"
+
+#, c-format
+msgid "%s: PAM modules requesting echoing are not supported.\n"
+msgstr ""
+"%s: PAM moduly vyžadující zobrazování zpětné vazby nejsou podporovány.\n"
+
+#, c-format
+msgid "%s: conversation type %d not supported.\n"
+msgstr "%s: typ konverzace %d není podporován.\n"
+
+#, c-format
+msgid "%s: (user %s) pam_start failure %d\n"
+msgstr "%s: (uživatel %s) chyba pam_start %d\n"
+
+#, c-format
+msgid ""
+"%s: (user %s) pam_chauthtok() failed, error:\n"
+"%s\n"
+msgstr ""
+"%s: (uživatel %s) volání pam_chauthtok() selhalo, chyba:\n"
+"%s\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Chybné heslo pro %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: násobné použití --root\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: volba „%s“ vyžaduje argument\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: selhalo odevzdání privilegií (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: neplatná cesta k chrootu „%s“\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: nelze přistoupit k chroot adresáři %s: %s\n"
+
+#, c-format
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: nelze přejít (chdir) do chroot adresáře %s: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: nelze změnit kořen (chroot) na adresář %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Neplatná hodnota ENCRYPT_METHOD: „%s“.\n"
+"Používám DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Nelze přejít do „%s“\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Žádný adresář, nastavuji HOME na /"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s nelze spustit"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Chybný kořenový adresář „%s“\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Nelze změnit kořenový adresář na „%s“\n"
+
+#, c-format
+msgid "%s: user %s is currently logged in\n"
+msgstr "%s: uživatel %s je právě přihlášen\n"
+
+#, c-format
+msgid "%s: user %s is currently used by process %d\n"
+msgstr "%s: uživatel %s je momentálně používán procesem %d\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Nelze zjistit vaše uživatelské jméno."
+
+msgid "No"
+msgstr "Ne"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] ÚČET\n"
+"\n"
+"Volby:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+"  -d, --lastday POSL_DEN        nastaví datum poslední změny hesla na "
+"POSL_DEN\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -E, --expiredate EXP_DATUM    nastaví datum vypršení ú�tu na EXP_DATUM\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr "  -h, --help                    zobrazí tuto nápovědu a skon�í\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive NEAKTIV        zablokuje ú�et po NEAKTIV dnech od vypršení\n"
+"                                platnosti hesla\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr "  -l, --list                    zobrazí informace o ú�tu\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays MIN_DNŮ         nastaví minimální po�et dnů před změnou\n"
+"                                hesla na MIN_DNÅ®\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays MAX_DNŮ         nastaví maximální po�et dnů před změnou\n"
+"                                hesla na MAX_DNÅ®\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -R, --root CHROOT_ADRES�Ř     adresář, do kterého přejít\n"
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -W, --warndays VAR_DNŮ        nastaví varování o expiraci na VAR_DNŮ\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+"Zadejte novou hodnotu, nebo stiskněte ENTER pro použití implicitní hodnoty"
+
+msgid "Minimum Password Age"
+msgstr "Minimální stáří hesla"
+
+msgid "Maximum Password Age"
+msgstr "Maximální stáří hesla"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Poslední změna hesla (RRRR-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Varování o vypršení platnosti hesla"
+
+msgid "Password Inactive"
+msgstr "Vypnuté heslo"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Vypršení platnosti ú�tu (RRRR-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Poslední změna hesla\t\t\t\t\t: "
+
+msgid "never"
+msgstr "nikdy"
+
+msgid "password must be changed"
+msgstr "heslo musí být změněno"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Platnost hesla vyprší\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Vypnuté heslo\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Platnost ú�tu vyprší\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Minimální po�et dnů mezi změnami hesla\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Maximální po�et dnů mezi změnami hesla\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Po�et varovných dnů před vypršením platnosti hesla\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: chybné datum „%s“\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: chybný numerický argument „%s“\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: nepoužívejte „l“ s ostatními parametry\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Přístup odmítnut.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: vaše uživatelské jméno nelze zjistit.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: nelze zamknout %s, zkuste to opět později.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: nelze otevřít %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: chyba při zápisu změn do %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: selhala příprava nového %s záznamu „%s“\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: soubor se stínovými hesly není přítomen\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: uživatel „%s“ v %s neexistuje\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Měním informace o uživateli %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: chyba při změně položek\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] [ÚČET]\n"
+"\n"
+"Volby:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr "  -f, --full-name CELÉ_JMÉNO    změní uživatelovo celé jméno\n"
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr "  -h, --home-phone TEL_DOMŮ     změní užvatelovo tel. �íslo domů\n"
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr "  -o, --other JINÉ_INFORMACE    změní uživatelovy ostatní informace\n"
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr "  -r, --room Č�SLO_M�STNOSTI    změní uživatelovo �íslo místnosti\n"
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr "  -u, --help                    zobrazí tuto nápovědu a skon�í\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+"  -w, --work-phone TEL_ZAMĚSTN  změní uživatelovo tel. �íslo do kanceláře\n"
+
+msgid "Full Name"
+msgstr "Celé jméno"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Číslo místnosti"
+
+msgid "Work Phone"
+msgstr "Telefon do zaměstnání"
+
+msgid "Home Phone"
+msgstr "Telefon domů"
+
+msgid "Other"
+msgstr "Ostatní"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Nelze změnit ID na root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: jméno obsahuje jiné znaky než ASCII: „%s“\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: chybné jméno: „%s“\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: �íslo místnosti obsahuje jiné znaky než ASCII: „%s“\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: chybné �íslo místnosti: „%s“\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: chybné telefonní �íslo do zaměstnání: „%s“\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: chybné telefonní �íslo domů: „%s“\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: „%s“ obsahuje jiné znaky než ASCII\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: „%s“ obsahuje nepovolené znaky\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: uživatel „%s“ neexistuje\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: uživatele „%s“ nelze na NIS klientu změnit.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: „%s“ je hlavním NIS serverem pro tohoto klienta.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Měním informace o uživateli %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: položka je příliš dlouhá\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby]\n"
+"\n"
+"Volby:\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method TYP        typ Å¡ifry (jeden z %s)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr "  -e, --encrypted               zadaná hesla jsou zašifrovaná\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     zašifruje nešifrované heslo\n"
+"                                algoritmem MD5\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr "  -s, --sha-rounds              po�et SHA iterací algoritmu SHA*\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: přepína� %s je povolen pouze s přepína�em %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: přepína�e -c, -e a -m se navzájem vylu�ují\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: nepodporovaný typ šifry: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: řádek %d je příliš dlouhý\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: řádek %d: chybí nové heslo\n"
+
+#, c-format
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: nepodařilo se zašifrovat heslo se solí „%s“: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: řádek %d: skupina „%s“ neexistuje\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: řádek %d: selhala příprava nového %s záznamu „%s“\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: chyba, změny budou ignorovány\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (řádek %d: uživatel %s) heslo nebylo změněno\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: řádek %d: uživatel „%s“ neexistuje\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr "  -s, --shell SHELL             nový přihlašovací shell uživatele\n"
+
+msgid "Login Shell"
+msgstr "Přihlašovací shell"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Nemůžete změnit shell pro „%s“.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Měním přihlašovací shell pro %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: chybná položka %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s není platný shell\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Varování: %s neexistuje\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Varování: %s se nedá spustit\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+"  -c, --check                   zkontroluje expiraci uživatelova hesla\n"
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+"  -f, --force                   vynutí změnu hesla pokud uživatelovo heslo\n"
+"                                expirovalo\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: volby %s a %s kolidují\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: neo�ekávaný argument: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+"  -a, --all                     zobrazí záznamy faillogu o všech "
+"uživatelích\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-secs SEK           po neúspěšném přihlášení zamkne ú�et na SEC\n"
+"                                sekund\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum MAX             nastaví maximální po�et chybných přihlášení\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+"  -r, --reset                   vynuluje po�itadla chybných přihlášení\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time DNŮ                zobrazí záznamy faillogu novější než DNŮ\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user ÚČET/ROZSAH        zobrazí záznamy faillogu nebo upraví\n"
+"                                po�itadla a limity chybných přihlášení\n"
+"                                pouze pro zadané uživatele (s volbami -r, -"
+"m\n"
+"                                nebo -l)\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: nepodařilo se získat záznam pro UID %lu\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Uživatel    Chyb     Maximum Poslední                 Odkud\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus zbývá]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds zámek]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: nepodařilo se vynulovat po�et chybných přihlášení pro UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: nepodařilo se nastavit maximum pro UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: nepodařilo se nastavit délku zamknutí pro UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Neznámý uživatel nebo rozsah: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: nelze zjistit velikost %s: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Selhal zápis %s: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volba] SKUPINA\n"
+"\n"
+"Volby:\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add UŽIVATEL            přidá UŽIVATELE do SKUPINY\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete UŽIVATEL         odstraní UŽIVATELE ze SKUPINY\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -Q, --root CHROOT_ADRES�Ř     adresář, do kterého přejít\n"
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr "  -r, --remove-password         odstraní heslo SKUPINY\n"
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr "  -R, --restrict                povolí přístup ke SKUPINĚ jen �lenům\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr "  -M, --members UŽIVATEL,...    nastaví seznam �lenů SKUPINY\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators SPR�VCE,...\n"
+"                                nastaví seznam správců SKUPINY\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Kromě voleb -A a -M není možné volby kombinovat.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Volby se nedají kombinovat.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: přepína� -A funguje pouze se stínovými hesly skupin\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: skupina „%s“ v %s neexistuje\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: chyba při zavírání databáze %s otevřené jen pro �tení\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Měním heslo skupiny %s\n"
+
+msgid "New Password: "
+msgstr "Nové heslo: "
+
+msgid "Re-enter new password: "
+msgstr "Zadejte opět nové heslo: "
+
+msgid "They don't match; try again"
+msgstr "Neshodují se; zkuste to znovu"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Zkuste to později\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Přidávám uživatele %s do skupiny %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Odstraňuji uživatele %s ze skupiny %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: uživatel „%s“ není �lenem „%s“\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Nejedná se o tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] SKUPINA\n"
+"\n"
+"Volby:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force                   skon�í úspěchem pokud již skupina existuje,\n"
+"                                zruší -g pokud je již GID použito\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr "  -g, --gid GID                 pro novou skupinu použije GID\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+"  -K, --key KL�Č=HODNOTA        přebije výchozí nastavení /etc/login.defs\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              povolí vytvoření skupiny s duplicitním\n"
+"                                (nejedine�ným) GID\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+"  -p, --password HESLO          pro novou skupinu použije šifrované heslo\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  vytvoří systémový ú�et\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: „%s“ není platným jménem skupiny\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: neplatné ID skupiny „%s“\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: parametr -K vyžaduje argument typu KL�Č=HODNOTA\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: skupina „%s“ již existuje\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID „%lu“ již existuje\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: nelze nastavit úklidovou službu.\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: nelze odstranit záznam „%s“ z %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: nelze odstranit primární skupinu uživatele „%s“.\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: skupina „%s“ neexistuje\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: skupina „%s“ je NIS skupinou\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s je hlavním NIS serverem\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: uživatel „%s“ je již �lenem „%s“\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Nedostatek paměti. Nelze aktualizovat %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] [akce]\n"
+"\n"
+"Volby:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group skupina           místo uživatelovy skupiny změní zadanou\n"
+"                                skupinu (pouze root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Akce:\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr "  -a, --add uživatel            přidá uživatele mezi �leny skupiny\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+"  -d, --delete uživatel         odebere uživateli �lenství ve skupině\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+"  -p, --purge                   ze skupiny odstraní všechny uživatele\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    vypíše �leny skupiny\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: vaše skupina neodpovídá vašemu uživatelskému jménu\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: volbu -g/--group může používat pouze root\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr "  -g, --gid GID                 změní ID skupiny na GID\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr "  -n, --new-name NOV�_SKUPINA   změní jméno na NOV�_SKUPINA\n"
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              povolí použití duplicitního\n"
+"                                (nejedine�ného) GID\n"
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr "  -p, --password HESLO          změní heslo na (šifrované) HESLO\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: neplatné jméno skupiny „%s“\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: skupina %s je NIS skupinou\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: neznámý uživatel %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] [soubor se skupinami [soubor se stínovými skupinami]]\n"
+"\n"
+"Volby:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] [soubor se skupinami]\n"
+"\n"
+"Volby:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+"  -r, --read-only               zobrazí chyby a varování\n"
+"                                ale soubory nemění\n"
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr "  -s, --sort                    řadí záznamy podle UID\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s a -r nejsou slu�itelné\n"
+
+msgid "invalid group file entry"
+msgstr "chybná položka v souboru se skupinami"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "smazat řádek „%s“?"
+
+msgid "duplicate group entry"
+msgstr "tato položka se v souboru se skupinami vyskytuje vícekrát"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "jméno skupiny „%s“ je chybné\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "ID skupiny „%lu“ je chybné\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "skupina %s: uživatel %s neexistuje\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "smazat �lena „%s“? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "žádný záznam v souboru se skupinami %s neodpovídá\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "přidat skupinu „%s“ do %s?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"skupina %s má záznam v %s, ale její pole s heslem v %s není nastaveno na "
+"„x“\n"
+
+msgid "invalid shadow group file entry"
+msgstr "chybná položka v souboru se stínovými skupinami"
+
+msgid "duplicate shadow group entry"
+msgstr "duplikovaná položka v souboru se stínovými skupinami"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "stínová skupina %s: administrátor %s neexistuje\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "smazat administrátora „%s“? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "stínová skupina %s: uživatel %s neexistuje\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: soubory byly aktualizovány\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: žádné změny nebyly provedeny\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: nelze smazat %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Použití: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Použití: id\n"
+
+msgid " groups="
+msgstr " skupiny="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+"  -b, --before DNŮ              zobrazí záznamy lastlogu starší než DNŮ\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time DNŮ                zobrazí záznamy lastlogu novější než DNŮ\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+"  -u, --user ÚČET               zobrazí záznamy lastlogu pro uživatele ÚČET\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "Uživatel         Port     Z                Naposledy"
+
+msgid "Username                Port     Latest"
+msgstr "Uživatel                Port     Naposledy"
+
+msgid "**Never logged in**"
+msgstr "**Nikdy nebyl přihlášen**"
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Použití: %s [-p] [jméno]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "         %s [-p] [-h po�íta�] [-f jméno]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "         %s [-p] -r po�íta�\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "konfigura�ní chyba - nelze zpracovat hodnotu %s: „%d“"
+
+msgid "Invalid login time"
+msgstr "Chybný �as přihlášení"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Systém byl uzavřen kvůli pravidelné údržbě."
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Odpojení přesko�eno -- uživatel root smí být přihlášen.]"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Vypršel �asový limit pro přihlášení (%u sekund).\n"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Bez efektivních oprávnění uživatele root nelze pracovat\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr "utmp záznam neexistuje. Musíte spustit „login“ z nejnižšího „sh“"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: Chyba PAM, kon�ím: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "Přihlašovací jméno na %s: "
+
+msgid "login: "
+msgstr "Přihlašovací jméno: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Maximální po�et pokusů vy�erpán (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: PAM vyžádal přerušení\n"
+
+msgid "Login incorrect"
+msgstr "Chybné přihlášení"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Nelze nalézt uživatele (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"Přihlašovací jméno na %s: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: chyba rozdvojení: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY selhalo na %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Varování: po do�asném zákazu je přihlašování opět povoleno."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Poslední přihlášení: %s na %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Poslední přihlášení: %.19s na %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " z %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"Čas přihlášení vypršel\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Použití: logoutd\n"
+
+#, c-format
+msgid "%s: gid range [%lu-%lu) -> [%lu-%lu) not allowed\n"
+msgstr "%s: rozsah gid [%lu-%lu) -> [%lu-%lu) není povolen\n"
+
+#, c-format
+msgid ""
+"usage: %s <pid> <gid> <lowergid> <count> [ <gid> <lowergid> <count> ] ... \n"
+msgstr ""
+"použití: %s <pid> <gid> <spodnígid> <po�et> [ <gid> <spodnígid> <po�et> ] ...\n"
+
+#, c-format
+msgid "%s: Could not open proc directory for target %u\n"
+msgstr "%s: Nelze otevřít proc adresář cílového procesu %u\n"
+
+#, c-format
+msgid "%s: Could not stat directory for target %u\n"
+msgstr "%s: Nelze zavolat stat na adresář cílového procesu %u\n"
+
+#, c-format
+msgid "%s: Target %u is owned by a different user\n"
+msgstr "%s: Cílový proces %u je vlastněn jiným uživatelem\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Použití: newgrp [-] [skupina]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Použití: sg skupina [[-c] příkaz]\n"
+
+#, c-format
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: nepodařilo se zašifrovat heslo s předchozí solí: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Neplatné heslo.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: chyba rozdvojení: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID „%lu“ neexistuje\n"
+
+msgid "too many groups\n"
+msgstr "příliš mnoho skupin\n"
+
+#, c-format
+msgid "%s: uid range [%lu-%lu) -> [%lu-%lu) not allowed\n"
+msgstr "%s: rozsah uid [%lu-%lu) -> [%lu-%lu) není povolen\n"
+
+#, c-format
+msgid ""
+"usage: %s <pid> <uid> <loweruid> <count> [ <uid> <loweruid> <count> ] ... \n"
+msgstr ""
+"použití: %s <pid> <uid> <spodníuid> <po�et> [ <uid> <spodníuid> <po�et> ] ...\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  vytvoří systémový ú�et\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: skupina „%s“ je stínovou skupinou, ale neexistuje v /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: chybné uživatelské ID „%s“\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: chybné uživatelské jméno „%s“\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: řádek %d: chybný řádek\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: položku pro uživatele %s nelze aktualizovat (není v passwd databázi)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: řádek %d: nelze vytvořit uživatele\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: řádek %d: nelze vytvořit skupinu\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: řádek %d: uživatel „%s“ v %s neexistuje\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: řádek %d: heslo nelze aktualizovat\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: řádek %d: volání mkdir %s selhalo: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: řádek %d: volání chown %s selhalo: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: řádek %d: položku nelze aktualizovat\n"
+
+#, c-format
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: příprava nového záznamu %s selhala\n"
+
+#, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: nelze nalézt rozsah podřízených uživatelů\n"
+
+#, c-format
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: nelze nalézt rozsah podřízených skupin\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr "  -a, --all                     vypíše stav hesel na všech ú�tech\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr "  -d, --delete                  pro zadaný ú�et smaže heslo\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  pro zadaný ú�et vynutí expiraci hesla\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+"  -k, --keep-tokens             změní heslo pouze pokud mu vypršela\n"
+"                                platnost\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive NEAKTIV        zablokuje ú�et po NEAKTIV dnech od\n"
+"                                vypršení platnosti hesla\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr "  -l, --lock                    zamkne heslo zadaného ú�tu\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays MIN_DNŮ         nastaví minimální po�et dnů před změnou\n"
+"                                hesla na MIN_DNÅ®\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   tichý režim\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr "  -r, --repository REPOSIT�Ř    změní heslo v repositáři REPOSIT�Ř\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr "  -S, --status                  pro zadaný ú�et vypíše stav hesla\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr "  -u, --unlock                  odemkne heslo zadaného ú�tu\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -w, --warndays VAR_DNŮ        nastaví varování o expiraci na VAR_DNŮ\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays MAX_DNŮ         nastaví maximální po�et dnů před změnou\n"
+"                                hesla na MAX_DNÅ®\n"
+
+msgid "Old password: "
+msgstr "Staré heslo: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Zadejte nové heslo (minimální délka %d znaků).\n"
+"Použijte kombinaci velkých a malých písmen s �íslicemi.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Zadejte nové heslo (po�et znaků v intervalu %d až %d).\n"
+"Použijte kombinaci velkých a malých písmen s �íslicemi.\n"
+
+msgid "New password: "
+msgstr "Nové heslo: "
+
+msgid "Try again."
+msgstr "Zkuste to znovu."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Varování: slabé heslo (chcete-li jej opravdu použít, zadejte jej znovu)."
+
+msgid "They don't match; try again.\n"
+msgstr "Neshodují se; zkuste to znovu.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Heslo uživatele %s nelze změnit.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Heslo uživatele %s nelze zatím změnit.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s odemknutí hesla by znamenalo mít ú�et bez hesla.\n"
+"Pro odemknutí hesla tohoto ú�tu byste měli nastavit heslo pomocí usermod -"
+"p.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: úložna %s není podporována\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s není oprávněn změnit heslo %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Nemůžete prohlížet nebo měnit heslo uživatele %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Měním heslo uživatele %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Heslo uživatele %s nebylo změněno.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: heslo bylo změněno.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: informace o vypršení platnosti hesla byly změněny.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] [soubor s hesly]\n"
+"\n"
+"Volby:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] [soubor s hesly [soubor se stínovými hesly]]\n"
+"\n"
+"Volby:\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr "  -q, --quiet                   vypíše pouze chyby\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: při použití USE_TCB není povolen žádný alternativní soubor shadow.\n"
+
+msgid "invalid password file entry"
+msgstr "chybná položka v souboru s hesly"
+
+msgid "duplicate password entry"
+msgstr "duplikovaná položka v souboru s hesly"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "chybné uživatelské jméno „%s“\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "chybné uživatelské ID „%lu“\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "uživatel „%s“: skupina %lu neexistuje\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "uživatel „%s“: adresář „%s“ neexistuje\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "uživatel „%s“: program „%s“ neexistuje\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "tcb adresář uživatele %s neexistuje\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "vytvořit tcb adresář pro uživatele %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "nepodařilo se vytvořit tcb adresář uživatele %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: nelze uzamknout %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "žádný záznam v souboru s hesly %s neodpovídá\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "přidat uživatele „%s“ do %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"uživatel %s má záznam v %s, ale jeho pole s heslem v %s není nastaveno na "
+"„x“\n"
+
+msgid "invalid shadow password file entry"
+msgstr "chybná položka v souboru se stínovými hesly"
+
+msgid "duplicate shadow password entry"
+msgstr "duplikovaná položka v souboru se stínovými hesly"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "uživatel %s: poslední změna hesla v budoucnosti\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: nelze seřadit záznamy v %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: nelze pokra�ovat s povoleným tcb\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: nepodařilo se změnit oprávnění %s na 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Z tohoto ú�tu je přístup k su ZAK�Z�N.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Ověřování heslem vynecháno.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Pro ověření zadejte VAŠE vlastní heslo.\n"
+
+msgid " ...killed.\n"
+msgstr " ...zabit.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...�eká na ukon�ení potomka.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Nelze rozdvojit uživatelský shell\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: chyba signálu\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: chyba maskování signálu\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Sezení skon�eno, ukon�uji shell..."
+
+msgid " ...terminated.\n"
+msgstr " ...ukon�en.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Použití: su [volby] [ÚČET]\n"
+"\n"
+"Volby:\n"
+"  -c, --command PŘ�KAZ          vyvolanému shellu předá PŘ�KAZ\n"
+"  -h, --help                    zobrazí tuto nápovědu a skon�í\n"
+"  -, -l, --login                nastaví shell jako přihlašovací\n"
+"  -m, -p,\n"
+"  --preserve-environment        zachová proměnné prostředí a ponechá\n"
+"                                sou�asný shell\n"
+"  -s, --shell SHELL             místo výchozího shellu definovaného\n"
+"                                v passwd použije SHELL\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignoruji)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Nejste oprávněn používat su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Zadejte své heslo)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: Chyba ověření\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Toto �asu nejste oprávněni používat su\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "V databázi není záznam pro uživatele „%s“\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: musí být spuštěno z terminálu\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: chyba %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Nelze odevzdat řídící terminál\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "%s nelze spustit\n"
+
+msgid "No password file"
+msgstr "Soubor s hesly neexistuje"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY selhalo"
+
+msgid "No password entry for 'root'"
+msgstr "V databázi není položka pro uživatele 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Stiskněte control-d pro normální spuštění systému,\n"
+"(nebo zadejte heslo uživatele root pro údržbu systému):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Vstupuji do režimu údržby systému"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s byl vytvořen, ale nemůže být odstraněn\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: nastavení %s v %s bude ignorováno\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: nelze vytvořit nový soubor s výchozími hodnotami\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: nelze otevřít nový soubor s výchozími hodnotami\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: příliš dlouhý řádek v %s: %s..."
+
+#, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Nelze vytvořit záložní soubor (%s): %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: přejmenovat: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: skupina „%s“ je NIS skupinou.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: zadáno příliš mnoho skupin (max %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použití: %s [volby] ÚČET\n"
+"         %s -D\n"
+"         %s -D [volby]\n"
+"\n"
+"Volby:\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -b, --base-dir Z�KL_ADR       základní adresář pro domovský adresář "
+"nového\n"
+"                                uživatelského ú�tu\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr "  -c, --comment KOMENT�Ř        pole GECOS nového ú�tu\n"
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr "  -d, --home-dir DOMOV_ADR      domovský adresář nového ú�tu\n"
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+"  -D, --defaults                vypíše nebo změní výchozí nastavení\n"
+"                                programu useradd\n"
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr "  -e, --expiredate EXP_DATUM    datum vypršení platnosti nového ú�tu\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+"  -f, --inactive NEAKTIV        doba neaktivity pro blokaci nového ú�tu\n"
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+"  -g, --gid SKUPINA             jméno nebo ID primární skupiny nového ú�tu\n"
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+"  -G, --groups SKUPINY          seznam dodate�ných skupin, do kterých\n"
+"                                má nový ú�et patřit\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr "  -k, --skel VZOR_ADR           použije alternativní vzorový adresář\n"
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -l, --no-log-init             nepřidá uživatele do databází lastlog\n"
+"                                a faillog\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr "  -m, --create-home             vytvoří domovský adresář uživatele\n"
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr "  -M, --no-create-home          nevytvoří domovský adresář uživatele\n"
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+"  -N, --no-user-group           nevytvoří skupinu se stejným jménem jako\n"
+"                                uživatel\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              povolí vytvoření uživatele s duplicitním\n"
+"                                (nejedine�ným) UID\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr "  -p, --password HESLO          zašifrované heslo nového ú�tu\n"
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr "  -s, --shell SHELL             přihlašovací shell nového ú�tu\n"
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr "  -u, --uid UID                 uživatelské ID nového ú�tu\n"
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+"  -U, --user-group              vytvoří skupinu se stejným jménem jako\n"
+"                                uživatel\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+"  -Z, --selinux-user SEUŽIVATEL pro mapování na SELinuxového uživatele\n"
+"                                použije SEUŽIVATELe\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: chybný základní adresář „%s“\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: chybný komentář „%s“\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: chybný domácí adresář „%s“\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: přepína� -e vyžaduje stínová hesla\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: přepína� -f vyžaduje stínová hesla\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: chybná položka „%s“\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: chybný shell „%s“\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z vyžaduje jádro s povoleným SELinuxem\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: nepodařilo se vynulovat faillog záznam UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: nepodařilo se vynulovat lastlog záznam UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: selhala příprava nového záznamu %s\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: adresář %s nelze vytvořit\n"
+
+msgid "Creating mailbox file"
+msgstr "Vytvářím poštovní schránku"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Skupina „mail“ nebyla nalezena. Vytvářím uživatelovu poštovní schránku s "
+"právy 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Nastavuji oprávnění k poštovní schránce"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: uživatel „%s“ již existuje\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: skupina %s existuje - chcete-li přidat uživatele do této skupiny, "
+"použijte -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: nelze vytvořit uživatele\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu není jedine�né\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: vytvoření tcb adresáře uživatele %s selhalo\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: nelze vytvořit skupinu\n"
+
+#, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: nelze vytvořit podřízená uživatelská ID\n"
+
+#, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: nelze vytvořit podřízená skupinová ID\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: varování: domovský adresář již existuje.\n"
+"Nekopíruji do něj žádné soubory z adresáře skel.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: varování: mapování uživatele %s na uživatele SELinuxu %s selhalo.\n"
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   vynutí odstranění souborů,\n"
+"                                i když je uživatel nevlastní\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+"  -r, --remove                  odstraní domovský adresář a poštovní\n"
+"                                schránku\n"
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+"  -Z, --selinux-user            odstraní všechna mapování uživatele na\n"
+"                                uživatele SELinuxu\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: skupina %s nebyla odstraněna, protože není primární skupinou uživatele "
+"%s.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: skupina %s nebyla odstraněna, protože obsahuje další �leny.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: skupina %s je primární skupinou jiného uživatele a nelze ji odstranit.\n"
+
+#, c-format
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: nelze odstranit záznam %lu z %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s poštovní schránka (%s) nebyla nalezena\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: varování: nelze smazat %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: vlastníkem %s není %s, nemažu jej\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s: nelze alokovat paměť, tcb záznam uživatele %s nebyl odtraněn.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Nelze odevzdat privilegia: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Nelze odstranit obsah %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: Nelze odstranit tcb soubory uživatele %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: uživatel %s je NIS uživatelem\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: domovský adresář uživatele %s (%s) nebyl nalezen\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: adresář %s nebudu mazat (je to domácí adresář uživatele %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: chyba při mazání adresáře %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: varování: odstranění mapování uživatele %s na SELinuxového uživatele "
+"selhalo.\n"
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment KOMENT�Ř        nová hodnota pole GECOS\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr "  -d, --home-dir DOMOV_ADR      nový domovský adresář uživatele\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -e, --expiredate EXP_DATUM    nastaví vypršení platnosti ú�tu na "
+"EXP_DATUM\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive NEAKTIV        zablokuje ú�et po NEAKTIV dnech od vypršení\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr "  -g, --gid SKUPINA             nastaví novou primární SKUPINU\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+"  -G, --groups SKUPINY          nový seznam dodate�ných skupin, do kterých\n"
+"                                má ú�et patřit\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+"  -a, --append                  přidá uživatele do dalších SKUPIN zadaných\n"
+"                                volbou -G; neruší �lenství v ostatních sk.\n"
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login NOV�_ÚČET         nová hodnota přihlašovacího jména\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    zamkne uživatelský ú�et\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               přesune obsah původního domovského adresáře\n"
+"                                do nového umístění (používejte pouze s -d)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              povolí vytvoření uživatele s duplicitním\n"
+"                                (nejedine�ným) UID\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr "  -p, --password HESLO          použije nové zašifrované heslo\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr "  -u, --uid UID                 nové UID pro uživatelský ú�et\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr "  -U, --unlock                  odemkne uživatelský ú�et\n"
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr "  -v, --add-subuids PRVN�-POSL  přidá rozsah podřízených uid\n"
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr "  -V, --del-subuids PRVN�-POSL  odstraní rozsah podřízených uid\n"
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr "  -w, --add-subgids PRVN�-POSL  přidá rozsah podřízených gid\n"
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr "  -W, --del-subgids PRVN�-POSL  odstraní rozsah podřízených gid\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -Z, --selinux-user SEUŽIVATEL nové mapování uživatelského ú�tu na\n"
+"                                uživatele SELinuxu\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s odemknutí uživatelova hesla by znamenalo mít ú�et bez hesla.\n"
+"Pro odemknutí hesla tohoto uživatele byste měli nastavit heslo pomocí "
+"usermod -p.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: uživatel „%s“ již v %s existuje\n"
+
+#, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: neplatný rozsah podřízených uid „%s“\n"
+
+#, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: neplatný rozsah podřízených gid „%s“\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: žádné volby\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: přepína�e -L, -p a -U se navzájem vylu�ují\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: přepína�e -e a -f vyžadují stínová hesla\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID „%lu“ již existuje\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s neexistuje, nemůžete použít přepína� %s ani %s\n"
+
+#, c-format
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: odebrání rozsahu uid %lu-%lu z „%s“ selhalo\n"
+
+#, c-format
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: přidání rozsahu uid %lu-%lu z „%s“ selhalo\n"
+
+#, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: odebrání rozsahu gid %lu-%lu z „%s“ selhalo\n"
+
+#, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: přidání rozsahu gid %lu-%lu z „%s“ selhalo\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: adresář %s již existuje\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Předchozí domovský adresář (%s) nebyl adresářem. Nebyl tedy odstraněn a "
+"nebyly vytvořeny domovské adresáře.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Nepodařilo se změnit vlastníka domovského adresáře"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: varování: selhalo úplné odstranění domovského adresáře %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: adresář %s nelze na %s přejmenovat\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: nepodařilo se zkopírovat lastlog záznamy uživatele %lu uživateli %lu: "
+"%s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: nepodařilo se zkopírovat faillog záznamy uživatele %lu uživateli %lu: "
+"%s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: varování: vlastníkem %s není %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "chyba při změně vlastníka poštovní schránky"
+
+msgid "failed to rename mailbox"
+msgstr "chyba při přejmenovávání poštovní schránky"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Změnili jste %s.\n"
+"Z důvodu konzistence byste měli změnit i %s.\n"
+"Můžete to provést příkazem „%s“.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   upraví databázi skupin\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd                  upraví databázi hesel\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr "  -s, --shadow                  upraví databázi shadow nebo gshadow\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr "  -u, --user                    upraví tcb shadow soubor uživatele\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: selhalo odstranění %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s je beze změny\n"
+
+msgid "failed to create scratch directory"
+msgstr "vytvoření do�asného adresáře selhalo"
+
+msgid "failed to drop privileges"
+msgstr "odevzdání privilegií selhalo"
+
+msgid "Couldn't get file context"
+msgstr "Nelze získat kontext souboru"
+
+msgid "setfscreatecon () failed"
+msgstr "Volání setfscreatecon() selhalo"
+
+msgid "failed to gain privileges"
+msgstr "nepodařilo se získat privilegia"
+
+msgid "Couldn't lock file"
+msgstr "Soubor nelze zamknout"
+
+msgid "Couldn't make backup"
+msgstr "Zálohování nelze provést"
+
+#, c-format
+msgid "%s: %s: %s\n"
+msgstr "%s: %s: %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s skon�il se stavem %d\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr "%s: %s byl zabit signálem %d\n"
+
+msgid "failed to open scratch file"
+msgstr "otevření do�asného souboru selhalo"
+
+msgid "failed to unlink scratch file"
+msgstr "do�asný soubor se nepodařilo smazat"
+
+msgid "failed to stat edited file"
+msgstr "na upravovaný soubor se nepodařilo zavolat stat()"
+
+msgid "failed to allocate memory"
+msgstr "nepodařilo se alokovat paměť"
+
+msgid "failed to create backup file"
+msgstr "vytvoření záložního souboru selhalo"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: %s nelze obnovit: %s (změny jsou v %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: nepodařilo se nalézt tcb adresář uživatele %s\n"
+
+#~ msgid "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ msgstr "  -c, --crypt-method            typ Å¡ifry (jeden z %s)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Použití: vipw [volby]\n"
+#~ "\n"
+#~ "Volby:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "volání malloc(%d) selhalo\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: chage [volby] ÚČET\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ "  -d, --lastday POSL_DEN        nastaví datum poslední změny hesla na "
+#~ "POSL_DEN\n"
+#~ "  -E, --expiredate EXP_DATUM    nastaví datum vypršení ú�tu na EXP_DATUM\n"
+#~ "  -h, --help                    zobrazí tuto nápovědu a skon�í\n"
+#~ "  -I, --inactive NEAKTIV        zablokuje ú�et po NEAKTIV dnech od "
+#~ "vypršení\n"
+#~ "                                platnosti hesla\n"
+#~ "  -l, --list                    zobrazí informace o ú�tu\n"
+#~ "  -m, --mindays MIN_DNŮ         nastaví minimální po�et dnů před změnou\n"
+#~ "                                hesla na MIN_DNÅ®\n"
+#~ "  -M, --maxdays MAX_DNŮ         nastaví maximální po�et dnů před změnou\n"
+#~ "                                hesla na MAX_DNÅ®\n"
+#~ "  -W, --warndays VAR_DNŮ        nastaví varování o expiraci na VAR_DNŮ\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: ověření pomocí PAM selhalo\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Použití: %s [-f jméno] [-r �íslo místnosti] [-w telefon do zaměstnání]\n"
+#~ "\t[-h telefon domů] [-o ostatní] [uživatel]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Použití: %s [-f jméno] [-r �íslo místnosti] [-w telefon do zaměstnání]\n"
+#~ "\t[-h telefon domů]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Použití: %s [volby]\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ "  -c, --crypt-method            typ Å¡ifry (jeden z %s)\n"
+#~ "  -e, --encrypted               zadaná hesla jsou zašifrovaná\n"
+#~ "  -h, --help                    zobrazí tuto nápovědu a skon�í\n"
+#~ "  -m, --md5                     zašifruje nešifrované heslo\n"
+#~ "                                algoritmem MD5\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: chsh [volby] [ÚČET]\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ "  -h, --help                    zobrazí tuto nápovědu a skon�í\n"
+#~ "  -s, --shell SHELL             nový přihlašovací shell uživatele\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Použití: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: Nepodařilo se získat záznam pro UID %lu\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: Nelze otevřít %s: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: Nelze zjistit velikost %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Použití: groupdel skupina\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr ""
+#~ "Použití: %s [-r] [-s] [soubor se skupinami [soubor se stínovými "
+#~ "skupinami]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Použití: %s [-r] [-s] [soubor se skupinami]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s a -r nejsou slu�itelné\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Použití: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Použití: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: lastlog [volby]\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ "  -b, --before DNŮ              zobrazí záznamy lastlogu starší než DNŮ\n"
+#~ "  -h, --help                    zobrazí tuto nápovědu a skon�í\n"
+#~ "  -t, --time DNŮ                zobrazí záznamy lastlogu novější než DNŮ\n"
+#~ "  -u, --user ÚČET               zobrazí záznamy lastlogu pro uživatele "
+#~ "ÚČET\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: passwd [volby] [ÚČET]\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ "  -a, --all                     vypíše stav hesel na všech ú�tech\n"
+#~ "  -d, --delete                  pro zadaný ú�et smaže heslo\n"
+#~ "  -e, --expire                  pro zadaný ú�et vynutí expiraci hesla\n"
+#~ "  -h, --help                    zobrazí tuto nápovědu a skon�í\n"
+#~ "  -k, --keep-tokens             změní heslo pouze pokud mu vypršela\n"
+#~ "                                platnost\n"
+#~ "  -i, --inactive NEAKTIV        zablokuje ú�et po NEAKTIV dnech od\n"
+#~ "                                vypršení platnosti hesla\n"
+#~ "  -l, --lock                    zamkne heslo zadaného ú�tu\n"
+#~ "  -n, --mindays MIN_DNŮ         nastaví minimální po�et dnů před změnou\n"
+#~ "                                hesla na MIN_DNÅ®\n"
+#~ "  -q, --quiet                   tichý režim\n"
+#~ "  -r, --repository REPOSIT�Ř    změní heslo v repositáři REPOSIT�Ř\n"
+#~ "  -S, --status                  pro zadaný ú�et vypíše stav hesla\n"
+#~ "  -u, --unlock                  odemkne heslo zadaného ú�tu\n"
+#~ "  -w, --warndays VAR_DNŮ        nastaví varování o expiraci na VAR_DNŮ\n"
+#~ "  -x, --maxdays MAX_DNŮ         nastaví maximální po�et dnů před změnou\n"
+#~ "                                hesla na MAX_DNÅ®\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr ""
+#~ "Použití: %s [-q] [-r] [-s] [soubor s hesly [soubor se stínovými hesly]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Použití: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Použití: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Neznámé id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Žádný shell\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: userdel [volby] ÚČET\n"
+#~ "\n"
+#~ "VOLBY:\n"
+#~ "  -f, --force                   vynutí odstranění souborů,\n"
+#~ "                                i když je uživatel nevlastní\n"
+#~ "  -h, --help                    zobrazí tuto nápovědu a skon�í\n"
+#~ "  -r, --remove                  odstraní domovský adresář a poštovní\n"
+#~ "                                schránku\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Použití: usermod [volby] ÚČET\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ "  -c, --comment KOMENT�Ř        nová hodnota pole GECOS\n"
+#~ "  -d, --home-dir DOMOV_ADR      nový domovský adresář uživatele\n"
+#~ "  -e, --expiredate EXP_DATUM    nastaví vypršení platnosti ú�tu na "
+#~ "EXP_DATUM\n"
+#~ "  -f, --inactive NEAKTIV        zablokuje ú�et po NEAKTIV dnech od "
+#~ "vypršení\n"
+#~ "  -g, --gid SKUPINA             nastaví novou primární SKUPINU\n"
+#~ "  -G, --groups SKUPINY          nový seznam dodate�ných skupin, do "
+#~ "kterých\n"
+#~ "                                má ú�et patřit\n"
+#~ "  -a, --append                  přidá uživatele do dalších SKUPIN "
+#~ "zadaných\n"
+#~ "                                volbou -G; neruší �lenství v ostatních "
+#~ "sk.\n"
+#~ "  -h, --help                    zobrazí tuto nápovědu a skon�í\n"
+#~ "  -l, --login NOV�_ÚČET         nová hodnota přihlašovacího jména\n"
+#~ "  -L, --lock                    zamkne uživatelský ú�et\n"
+#~ "  -m, --move-home               přesune obsah původního domovského "
+#~ "adresáře\n"
+#~ "                                do nového umístění (používejte pouze s -"
+#~ "d)\n"
+#~ "  -o, --non-unique              povolí vytvoření uživatele s duplicitním\n"
+#~ "                                (nejedine�ným) UID\n"
+#~ "  -p, --password HESLO          použije nové zašifrované heslo\n"
+#~ "  -s, --shell SHELL             nový přihlašovací shell uživatele\n"
+#~ "  -u, --uid UID                 nové UID pro uživatelský ú�et\n"
+#~ "  -U, --unlock                  odemkne uživatelský ú�et\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: žádné přepína�e\n"
+
+#~ msgid ""
+#~ "Usage: %s [option] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --add USER                add USER to GROUP\n"
+#~ "  -d, --delete USER             remove USER from GROUP\n"
+#~ "  -r, --remove-password         remove the GROUP's password\n"
+#~ "  -R, --restrict                restrict access to GROUP to its members\n"
+#~ "  -M, --members USER,...        set the list of members of GROUP\n"
+#~ "%s\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: %s [volby] SKUPINA\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ "  -a, --add UŽIVATEL            přidá UŽIVATELE do SKUPINY\n"
+#~ "  -d, --delete UŽIVATEL         odstraní UŽIVATELE ze SKUPINY\n"
+#~ "  -r, --remove-password         odstraní heslo SKUPINY\n"
+#~ "  -R, --restrict                povolí přístup ke SKUPINĚ jen �lenům\n"
+#~ "  -M, --members UŽIVATEL,...    nastaví seznam �lenů SKUPINY\n"
+#~ "%s\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmems [options] [action]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group groupname         change groupname instead of the user's "
+#~ "group\n"
+#~ "                                (root only)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ "  -a, --add username            add username to the members of the group\n"
+#~ "  -d, --delete username         remove username from the members of the "
+#~ "group\n"
+#~ "  -p, --purge                   purge all members from the group\n"
+#~ "  -l, --list                    list the members of the group\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: groupmems [volby] [akce]\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ "  -g, --group skupina           místo uživatelovy skupiny změní zadanou\n"
+#~ "                                skupinu (pouze root)\n"
+#~ "\n"
+#~ "Akce:\n"
+#~ "  -a, --add uživatel            přidá uživatele mezi �leny skupiny\n"
+#~ "  -d, --delete uživatel         odebere uživateli �lenství ve skupině\n"
+#~ "  -p, --purge                   ze skupiny odstraní všechny uživatele\n"
+#~ "  -l, --list                    vypíše �leny skupiny\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Použití: useradd [volby] ÚČET\n"
+#~ "\n"
+#~ "Volby:\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: %s nelze vytvořit\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: volání chown pro %s selhalo\n"
+
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: faillog [volby]\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ "  -a, --all                     zobrazí záznamy faillogu o všech "
+#~ "uživatelích\n"
+#~ "  -h, --help                    zobrazí tuto nápovědu a skon�í\n"
+#~ "  -l, --lock-time SEK           po neúspěšném přihlášení zamkne ú�et na "
+#~ "SEC\n"
+#~ "                                sekund\n"
+#~ "  -m, --maximum MAX             nastaví maximální po�et chybných "
+#~ "přihlášení\n"
+#~ "                                na MAX\n"
+#~ "  -r, --reset                   vynuluje po�itadla chybných přihlášení\n"
+#~ "  -t, --time DNŮ                zobrazí záznamy faillogu novější než DNŮ\n"
+#~ "  -u, --user ÚČET               zobrazí záznamy faillogu nebo upraví\n"
+#~ "                                po�itadla a limity chybných přihlášení\n"
+#~ "                                pouze pro uživatele ÚČET (s volbami -r, -"
+#~ "m\n"
+#~ "                                nebo -l)\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: groupadd [volby] SKUPINA\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ "  -f, --force                   vynutí úspěšný návratový kód i když\n"
+#~ "                                zadaná skupina existuje\n"
+#~ "  -g, --gid GID                 pro novou skupinu použije GID\n"
+#~ "  -h, --help                    zobrazí tuto nápovědu a skon�í\n"
+#~ "  -K, --key KL�Č=HODNOTA        přebije výchozí nastavení /etc/login."
+#~ "defs\n"
+#~ "  -o, --non-unique              povolí vytvoření skupiny s duplicitním\n"
+#~ "                                (nejedine�ným) GID\n"
+#~ "  -p, --password HESLO          pro novou skupinu použije šifrované "
+#~ "heslo\n"
+#~ "  -r, --system                  vytvoří systémový ú�et\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: groupmod [volby] SKUPINA\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ "  -g, --gid GID                 pro SKUPINU vynutí nové GID\n"
+#~ "  -h, --help                    zobrazí tuto nápovědu a skon�í\n"
+#~ "  -n, --new-name NOV�_SKUPINA   vnutí SKUPINĚ jméno NOV�_SKUPINA\n"
+#~ "  -o, --non-unique              povolí skupině použít duplicitní\n"
+#~ "                                (nejedine�né) GID\n"
+#~ "  -p, --password HESLO          pro SKUPINU použije šifrované heslo\n"
+#~ "\n"
+
+#~| msgid ""
+#~| "Usage: useradd [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~| "                                home directory\n"
+#~| "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~| "account\n"
+#~| "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~| "  -D, --defaults                print or save modified default useradd\n"
+#~| "                                configuration\n"
+#~| "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -g, --gid GROUP               force use GROUP for the new user "
+#~| "account\n"
+#~| "  -G, --groups GROUPS           list of supplementary groups for the "
+#~| "new\n"
+#~| "                                user account\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~| "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~| "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~| "                                faillog databases\n"
+#~| "  -m, --create-home             create home directory for the new user\n"
+#~| "                                account\n"
+#~| "  -M, --no-create-home          do not create user's home directory\n"
+#~| "                                (overrides /etc/login.defs)\n"
+#~| "  -N, --no-user-group           do not create a group with the same name "
+#~| "as\n"
+#~| "                                the user\n"
+#~| "  -o, --non-unique              allow create user with duplicate\n"
+#~| "                                (non-unique) UID\n"
+#~| "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~| "                                account\n"
+#~| "  -r, --system                  create a system account\n"
+#~| "  -s, --shell SHELL             the login shell for the new user "
+#~| "account\n"
+#~| "  -u, --uid UID                 force use the UID for the new user "
+#~| "account\n"
+#~| "  -U, --user-group              create a group with the same name as the "
+#~| "user\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Použití: useradd [volby] ÚČET\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ "  -b, --base-dir Z�KL_ADR       základní adresář domovského adresáře "
+#~ "nového\n"
+#~ "                                uživatelského ú�tu\n"
+#~ "  -c, --comment KOMENT�Ř        nastaví pole GECOS nového ú�tu\n"
+#~ "  -d, --home-dir DOMOV_ADR      domovský adresář nového ú�tu\n"
+#~ "  -D, --defaults                vypíše nebo nastaví výchozí nastavení\n"
+#~ "                                programu useradd\n"
+#~ "  -e, --expiredate EXP_DATUM    nastaví vypršení platnosti ú�tu na "
+#~ "EXP_DATUM\n"
+#~ "  -f, --inactive NEAKTIV        zablokuje ú�et po NEAKTIV dnech od "
+#~ "vypršení\n"
+#~ "  -g, --gid SKUPINA             vynutí použití této skupiny pro nový "
+#~ "ú�et\n"
+#~ "  -G, --groups SKUPINY          seznam dodate�ných skupin, do kterých\n"
+#~ "                                má nový ú�et patřit\n"
+#~ "  -h, --help                    zobrazí tuto nápovědu a skon�í\n"
+#~ "  -k, --skel VZOR_ADR           zadá alternativní vzorový adresář\n"
+#~ "  -K, --key KL�Č=HODNOTA        přebije výchozí nastavení /etc/login."
+#~ "defs\n"
+#~ "  -l, --no-log-init             nepřidá uživatele do databází lastlog\n"
+#~ "                                a faillog\n"
+#~ "  -m, --create-home             vytvoří domovský adresář pro nový\n"
+#~ "                                uživatelský ú�et\n"
+#~ "  -M, --no-create-home          nevytvoří domovský adresář uživatele\n"
+#~ "                                (přebíjí nastavení /etc/login.defs)\n"
+#~ "  -N, --no-user-group           nevytvoří skupinu se stejným jménem jako\n"
+#~ "                                uživatel\n"
+#~ "  -o, --non-unique              povolí vytvoření uživatele s duplicitním\n"
+#~ "                                (nejedine�ným) UID\n"
+#~ "  -p, --password HESLO          použije pro nový ú�et zadané zašifrované\n"
+#~ "                                heslo\n"
+#~ "  -r, --system                  vytvoří systémový ú�et\n"
+#~ "  -s, --shell SHELL             přihlašovací shell nového ú�tu\n"
+#~ "  -u, --uid UID                 vynutí použití tohoto UID pro nový ú�et\n"
+#~ "  -U, --user-group              vytvoří skupinu se stejným jménem jako\n"
+#~ "                                uživatel\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -r, --system                  create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Použití: %s [volby] [vstup]\n"
+#~ "\n"
+#~ "  -c, --crypt-method            typ Å¡ifry (jeden z %s)\n"
+#~ "  -r, --system                  vytvoří systémové ú�ty\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Heslu byla nastavena vypršená platnost."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: soubor s hesly nelze zamknout\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: soubor s hesly nelze otevřít\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze zamknout\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze otevřít\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze přepsat\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: soubor s hesly nelze přepsat\n"
+
+#~ msgid "%s: can't update password file\n"
+#~ msgstr "%s: soubor s hesly nelze aktualizovat\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze aktualizovat\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tCelé jméno: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tČíslo místnosti: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTelefon do zaměstnání: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTelefon domů: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Nelze zamknout soubor s hesly; zkuste to později.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Soubor s hesly nelze otevřít.\n"
+
+#~ msgid "%s: %s not found in /etc/passwd\n"
+#~ msgstr "%s: %s se v /etc/passwd nenalézá\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Chyba při aktualizaci položky v souboru s hesly.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Nelze provést změny v souboru s hesly.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Soubor s hesly nelze odemknout.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: soubor se skupinami nelze zamknout\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: soubor se skupinami nelze otevřít\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: soubor stínových skupin nelze zamknout\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze otevřít\n"
+
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: chyba při aktualizaci souboru se stínovými skupinami\n"
+
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: chyba při aktualizaci souboru se skupinami\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: řádek %d: neznámá skupina %s\n"
+
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: řádek %d: položku nelze aktualizovat skupinu\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze zamknout\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: chyba při aktualizaci souboru se stínovými hesly\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: chyba při aktualizaci souboru s hesly\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: řádek %d: neznámý uživatel %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: řádek %d: položku v souboru s hesly nelze aktualizovat\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: neznámý uživatel\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Neznámý uživatel: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Použití: %s [r|-R] skupina\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "       %s [-a uživatel] skupina\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "       %s [-d uživatel] skupina\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "       %s [-A uživatel,...] [-M uživatel,...] skupina\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "       %s [-M uživatel,...] skupina\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: nelze získat zámek\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: nelze získat zámek pro soubor se stínovými hesly\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: nelze přepsat soubor se stínovými hesly\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: nelze odemknout soubor\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: nelze aktualizovat položku\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: nelze aktualizovat položku souboru se stínovými hesly\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "neznámá skupina %s\n"
+
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: nelze zavřít soubor\n"
+
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze zavřít\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Kdo jste?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: neznámý �len %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: chyba při přidávání nové skupiny\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: soubor se skupinami nelze přepsat\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: soubor se stínovými skupinami nelze přepsat\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: soubor se skupinami nelze zamknout\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: soubor se skupinami nelze otevřít\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: soubor se stínovými skupinami nelze zamknout\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: soubor se stínovými skupinami nelze otevřít\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u není jedine�né\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: chyba při odstraňování položky ze souboru se skupinami\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr ""
+#~ "%s: chyba při odstraňování položky ze souboru se stínovými skupinami\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: primární skupinu uživatele nelze odstranit.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Člen ur�ený pro odstranění nebyl nalezen\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Použití: groupmems -a uživatel | -d uživatel | -D | -l [-g skupina]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Přidávat �leny do jiných skupin může pouze uživatel root\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Je vyžadován skupinový přístup\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Nejste vlastníkem aktuální skupiny\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "Ověření pomocí PAM selhalo\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Soubor se skupinami nelze zamknout\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Soubor se skupinami nelze zavřít\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s se v /etc/group nenalézá\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u není jedine�né gid\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: jméno %s není jedine�né\n"
+
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: soubor s hesly nelze přepsat\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: soubor s hesly nelze zamknout\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: soubor s hesly nelze otevřít\n"
+
+#~ msgid ""
+#~ "%s: cannot change the primary group of user '%s' from %u to %u, since it "
+#~ "is not in the passwd file.\n"
+#~ msgstr ""
+#~ "%s: nelze změnit primární skupinu uživatele „%s“ z %u na %u, protože se "
+#~ "nenachází v souboru passwd.\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: položku %s souboru se stínovými hesly nelze aktualizovat\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: položku skupiny %s nelze odstranit\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: soubor se stínovými skupinami nelze zamknout\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: soubor se stínovými skupinami nelze otevřít\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: položku stínové skupiny %s nelze odstranit\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze aktualizovat\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: soubor se stínovými hesly skupin nelze smazat\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "neznámé UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "neznámé GID: %lu\n"
+
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: skupinové ID „%s“ není platné\n"
+
+#~ msgid ""
+#~ "%s: group %s created, failure during the creation of the corresponding "
+#~ "gshadow group\n"
+#~ msgstr ""
+#~ "%s: skupina %s byla vytvořena, ale nastala chyba při vytváření "
+#~ "odpovídající stínové skupiny\n"
+
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: uživatelské ID „%s“ není platné\n"
+
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: neplatné uživatelské jméno „%s“\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: soubor /etc/passwd nelze zamknout.\n"
+
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: soubor /etc/shadow nelze zamknout.\n"
+
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: soubor /etc/group nelze zamknout.\n"
+
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: soubor /etc/gshadow nelze zamknout.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: soubory nelze otevřít\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: chyba při aktualizaci souborů\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: položku souboru s hesly pro uživatele %s nelze aktualizovat\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: soubor s hesly nelze zamknout\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: soubor s hesly nelze otevřít\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: položku souboru s hesly pro uživatele %s nelze odstranit\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: soubor s hesly nelze aktualizovat\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: položku pro uživatele %s nelze aktualizovat\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: nemůžete smazat soubor se stínovými hesly\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: neznámé GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: neznámá skupina %s\n"
+
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr ""
+#~ "%s: Nedostatek paměti. Nelze aktualizovat databázi stínových skupin.\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: soubor s hesly nelze přepsat\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze přepsat\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze zamknout\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: soubor se stínovými hesly nelze otevřít\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: chyba při zamykání souboru se skupinami\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: chyba při otevírání souboru se skupinami\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: chyba při zamykání souboru se stínovými hesly\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: chyba při otevírání souboru se stínovými hesly\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: chyba při vytváření nové položky v souboru s hesly\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: chyba při vytváření nové položky v souboru se stínovými hesly\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: varování: CREATE_HOME není podporováno, použijte přepína� -m\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: položku souboru se skupinami nelze aktualizovat\n"
+
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: chyba při aktualizaci stínové skupiny\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: soubor se skupinami nelze otevřít\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: soubor se stínovými skupinami nelze otevřít\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: chyba při odstraňování položky ze souboru s hesly\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: chyba při odstraňování položky ze souboru se stínovými hesly\n"
+
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: chyba při přidávání nové stínové skupiny\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu není jedine�né\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: chyba při změně položky v souboru s hesly\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: chyba při odstraňování položky ze souboru s hesly\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: chyba při odstraňování položky ze souboru se stínovými hesly\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " na „%.100s“ z „%.200s“"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " na „%.100s“"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: řádek %d: nelze vytvořit UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: jméno %s není jedine�né\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použití: chgpasswd [volby]\n"
+#~ "\n"
+#~ "Volby:\n"
+#~ "  -e, --encrypted\tzadaná hesla jsou zašifrovaná\n"
+#~ "  -h, --help\t\tzobrazí tuto nápovědu a skon�í\n"
+#~ "  -m, --md5\t\tpokud zadaná hesla nejsou zašifrovaná,\n"
+#~ "\t\t\tpoužije místo DES algoritmus MD5\n"
+#~ "\n"
+
+#~ msgid "No password.\n"
+#~ msgstr "Žádné heslo.\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Lituji.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Lituji, ale heslo pro %s nelze ještě změnit.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Lituji."
diff --git a/po/da.po b/po/da.po
new file mode 100644
index 0000000..75dc020
--- /dev/null
+++ b/po/da.po
@@ -0,0 +1,2628 @@
+# Danish translation shadow.
+# Copyright (C) 2011 Free Software Foundation, Inc.
+# This file is distributed under the same license as the shadow package.
+# Claus Hindsgaul <claus.hindsgaul@gmail.com>, 2004, 2005, 2006.
+# Joe Hansen (joedalton2@yahoo.dk), 2011, 2012.
+#
+# konventioner:
+# audit -> overvågning
+# entry, entries -> punkt, punkter
+# exist -> findes
+# locktime -> låsetid
+# mapping -> kortlægning (oversættelse)
+# quiet -> tavs
+# record -> post
+# scratch -> scratch
+# shadow -> skygge
+# unlock -> åbne
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2012-01-26 23:57+0100\n"
+"Last-Translator: Joe Hansen <joedalton2@yahoo.dk>\n"
+"Language-Team: Danish <debian-l10n-danish@lists.debian.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Flere punkter med navnet »%s« i %s. Ret venligst dette med pwck eller "
+"grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "cryptmetode er ikke understøttet af libcrypt? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "konfigurationsfejl - kan ikke fortolke %s-værdi: »%s«"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Kunne ikke frigøre plads til opsætningsoplysninger.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "opsætningsfejl - ukendt punkt »%s« (informer administrator)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd afsluttedes ikke normalt (signal %d)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd afsluttede med status %d"
+
+msgid "Password: "
+msgstr "Adgangskode: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s's adgangskode: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "Kan ikke oprette SELinux-håndteringshåndtag\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "SELinux-politik ikke håndteret\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "Kan ikke læse SELinux-politiklageret\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "Kan ikke etablere SELinux-håndteringsforbindelse\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "Kan ikke begynde SELinux-transaktion\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "Kunne ikke forespørge seuser for %s\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "Kunne ikke angive serange for %s\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "Kunne ikke angive sename for %s\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Kunne ikke ændre logingkortlægningen for %s\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Kan ikke oprette SELinux-logindkortlægning for %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Kunne ikke angive navn for %s\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "Kunne ikke angive SELinux-bruger for %s\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Kunne ikke tilføje logindkortlægning for %s\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "Kan ikke initialisere SELinux-håntering\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "Kan ikke oprette SELinux-brugernøgle\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "Kan ikke verificere SELinux-brugeren\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "Kan ikke ændre SELinux-brugerkortlægning\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "Kan ikke tilføje SELinux-brugerkortlægning\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "Kan ikke indsende SELinux-transaktion\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"Logindkortlægning for %s er ikke defineret, o.k. hvis standardkortlægning "
+"blev brugt\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr "Logindkortlægning for %s er defineret i politik, kan ikke slettes\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Kunne ikke slette logindkortlægning for %s"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: Hukommelse opbrugt\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: Kan ikke stat %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s er hverken en mappe eller en symbolsk henvisning.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: Kan ikke omdøbe symbolsk henvisning %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: Mistænkelig lang symbolsk henvisning: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: Kan ikke oprette mappen %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: Kan ikke ændre ejer af %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: Kan ikke ændre tilstand for %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: Fjern henvisning: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: Kan ikke fjerne mappen %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: Kan ikke omdøbe %s til %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: Kan ikke fjerne %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: Kan ikke oprette symbolsk henvisning %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Kan ibkke ændre ejere af %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: Kan ikke lstat %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Advarsel, bruger %s har ingen tcb-skyggefil.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Nødsituation: %s's tcb-skygge er ikke en regulær fil med st_nlink=1.\n"
+"Kontoen forbliver låst.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: Kan ikke åbne %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Advarsel: Ukendt gruppe %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Advarsel: For mange grupper\n"
+
+msgid "Your password has expired."
+msgstr "Din adgangskode er udløbet."
+
+msgid "Your password is inactive."
+msgstr "Din adgangskode er inaktiv."
+
+msgid "Your login has expired."
+msgstr "Din adgangskode er udløbet."
+
+msgid "  Contact the system administrator."
+msgstr "  Kontakt systemadministratoren."
+
+msgid "  Choose a new password."
+msgstr "  Vælg en ny adgangskode."
+
+msgid "You must change your password."
+msgstr "Du skal ændre din adgangskode."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Din adgangskode udløber om %ld dage.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Din adgangskode udløber i morgen."
+
+msgid "Your password will expire today."
+msgstr "Din adgangskode udløber i dag."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Kan ikke åbne overvågningsbrugerflade (audit) - afbryder.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Kan ikke ændre ejer eller tilstand af tty stdin: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: Kunne ikke åbne %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Miljøoverløb\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Du kan ikke ændre $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d fejl siden sidste logind.\n"
+"Sidst var %s, %s.\n"
+msgstr[1] ""
+"%d fejl siden sidste logind.\n"
+"Sidst var %s, %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Ugyldig opsætning: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ugyldig opsætning: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: kunne ikke tildele hukommelse: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: Kan ikke indhente unik system-GID (ikke flere tilgængelige GID'er)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Kan ikke indhente unik GID (ikke flere tilgængelige GID'er)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Ugyldig opsætning: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ugyldig opsætning: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: Kan ikke indhente unik system-UIK (ikke flere tilgængelige UID'er)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: Kan ikke indhente unik UID (ikke flere tilgængelige UID'er)\n"
+
+msgid "Too many logins.\n"
+msgstr "Logget på for mange gange.\n"
+
+msgid "You have new mail."
+msgstr "Du har ny post."
+
+msgid "No mail."
+msgstr "Ingen post."
+
+msgid "You have mail."
+msgstr "Du har post."
+
+msgid "no change"
+msgstr "ingen ændring"
+
+msgid "a palindrome"
+msgstr "et palindrom"
+
+msgid "case changes only"
+msgstr "kun versalændringer"
+
+msgid "too similar"
+msgstr "for ens"
+
+msgid "too simple"
+msgstr "for simpelt"
+
+msgid "rotated"
+msgstr "omrokeret"
+
+msgid "too short"
+msgstr "for kort"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Ugyldig adgangskode: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() mislykkedes, fejl %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: Adgangskode uændret\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: adgangskoden blev opdateret\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Ugyldig adgangskode for %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: flere tilvalg for --root\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: tilvalg »%s« kræver et argument\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: Kunne ikke afgive rettigheder (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: Ugyldig chroot-sti »%s«\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: Kan ikke tilgå chroot-mappe %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot access chroot directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: Kan ikke tilgå chroot-mappe %s: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: Kan ikke chroot til mappe %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Ugyldig ENCRYPT_METHOD-værdi: »%s«.\n"
+"Vælger standard DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Kunne ikke skifte mappe til »%s«\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Ingen mappe, logger på med HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Kan ikke udføre %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Ugyldig rodmappe »%s«\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Kan ikke ændre rodmappen til »%s«\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Kan ikke afgøre dit tty-navn."
+
+msgid "No"
+msgstr "Nej"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] LOGIND\n"
+"\n"
+"Tilvalg:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+"  -d, --lastday SIDSTE_DAG      sæt seneste adgangskodeændring til "
+"SIDSTE_DAG\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -E, --expiredate UDLØBSDATO   sæt kontoens udløbsdato til UDLØBSDATO\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr "  -h, --help                    vis denne hjælpetekst og afslut\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive INAKTIVT       sæt inaktiv adgangskode efter udløb til\n"
+"                                INAKTIVT\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr "  -l, --list                    vis forældelsesoplysninger for konto\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays MIN_DAGE        sæt minimalt antal dage inden\n"
+"                                adgangskodeændring til MIN_DAGE\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays MAKS_DAGE       sæt maksimalt antal dage inden\n"
+"                                adgangskodeændring til MAKS_DAGE\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -R, --root CHROOT_MAPPE       mappe at chroote ind i\n"
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -W, --warndays VARSELSDAGE    sæt antallet af udløbsvarselsdage til\n"
+"                                VARSELSDAGE\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Angiv ny værdi eller tryk RETUR for standardværdien"
+
+msgid "Minimum Password Age"
+msgstr "Minimal alder for adgangskode"
+
+msgid "Maximum Password Age"
+msgstr "Maksimal alder for adgangskode"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Sidste ændring af adgangskode (ÅÅÅÅ-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Advarsel om udløb af adgangskode"
+
+msgid "Password Inactive"
+msgstr "Adgangskode inaktiv"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Udløbsdato for konto (ÅÅÅÅ-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Sidste ændring af adgangskode\t\t\t\t\t: "
+
+msgid "never"
+msgstr "aldrig"
+
+msgid "password must be changed"
+msgstr "adgangskoden skal ændres"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Adgangskode udløber\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Adgangskode inaktiv\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Konto udløber\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Minimalt antal dage mellem ændring af adgangskoden\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Maksimalt antal dage mellem ændring af adgangskoden\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Antal dages forvarsel om adgangskodens udløb\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: Ugyldig dato »%s«\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: Ugyldig numerisk parameter »%s«\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: Medtag ikke »l« med andre flag\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Adgang nægtet.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Kan ikke afgøre dit brugernavn.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: Kan ikke låse %s; prøv igen senere.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: Kan ikke åbne %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: Kunne ikke skrive ændringer til %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: Kunne ikke forberede det nye %s-punkt »%s«\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: Skyggeadgangskodefilen findes ikke\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: Brugeren »%s« findes ikke i %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Ændrer forældelsesoplysninger for %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: Fejl ved ændring af felter\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] [LOGIND]\n"
+"\n"
+"Tilvalg:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr "  -f, --full-name FULDE_NAVN          skift brugers fulde navn\n"
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr "  -h, --home-phone HJEMMETEL.   skift brugers hjemmetelefonnr.\n"
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+"  -o, --other ANDEN_INFO        skift brugers andre GECOS-information\n"
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr "  -r, --room VÆRELSESNUMMER     skift brugers værelsesnummer\n"
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr "  -u, --help                    vis denne hjælpetekst og afslut\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr "  -w, --work-phone ARBEJDSTEL.  skift brugers kontortelefonnr.\n"
+
+msgid "Full Name"
+msgstr "Fulde navn"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Værelsesnummer"
+
+msgid "Work Phone"
+msgstr "Arbejdstelefon"
+
+msgid "Home Phone"
+msgstr "Telefon"
+
+msgid "Other"
+msgstr "Andet"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Kan ikke ændre id til root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: Navn med ikke-ASCII-tegn: »%s«\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: Ugyldigt navn: »%s«\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: Værelsesnummer med ikke-ASCII-tegn: »%s«\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: Ugyldigt værelsesnummer: »%s«\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: Ugyldig arbejdstelefon: »%s«\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: Ugyldig hjemmetelefon: »%s«\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: »%s« indeholder ikke-ASCII-tegn\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: »%s« indeholder ugyldige tegn\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: Brugeren »%s« findes ikke\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: Kan ikke ændre brugeren »%s« på NIS-klienten.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: »%s« er NIS-masteren for denne klient.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Ændrer brugeroplysninger for %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: Felter for lange\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg]\n"
+"\n"
+"Tilvalg:\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method METODE     crypt-metoden (en af %s)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr "  -e, --encrypted               angivne adgangskoder er krypterede\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     krypter adgangskoden med klartekst med brug "
+"af\n"
+"                                MD5-algoritmen\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"  -s, --sha-rounds              antal SHA-runder for SHA*\n"
+"                                crypt-algoritmerne\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: Flaget %s er kun tilladt med flaget %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: Flagene -c, -e og -m udelukker hinanden\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: Crypt-metode er ikke understøttet: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: Linje %d: Linjen er for lang\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: Linje %d: Mangler ny adgangskode\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: Kunne ikke skrive %s: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: Linje %d: Gruppe »%s« findes ikke\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: Linje %d: Kunne ikke forberede det nye %s-punkt »%s«\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: Fejl opdaget, ændringerne blev ignoreret\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (Linje %d, bruger %s) adgangskode ikke ændret\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: Linje %d: Bruger »%s« findes ikke\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr "  -s, --shell SKAL              ny logindskal for brugerkontoen\n"
+
+msgid "Login Shell"
+msgstr "Logindskal"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Du kan ikke ændre skallen for »%s«.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Ændrer logindskallen for %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Ugyldigt punkt: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s er en ugyldig skal\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Advarsel: %s findes ikke\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Advarsel: %s er ikke kørbar\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+"  -c, --check                   kontroller udløb for brugerens adgangskode\n"
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+"  -f, --force                   fremtving ændring af adgangskode hvis "
+"brugerens adgangskode\n"
+"                                er udløbet\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: Tilvalg %s og %s er i konflikt\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: Uventet argument: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr "  -a, --all                     vis faillog-poster for alle brugere\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-secs SEK           efter mislykket logind lås konto for SEK "
+"sekunder\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum MAKS            angiv maksimum for mislykkede logind til "
+"MAKS\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+"  -r, --reset                   nulstil tælleren for mislykkede logind\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr "  -t, --time DAGE               vis faillog-poster nyere end DAGE\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user LOGIN/RANGE        vis kun faillog-poster eller fejltællere "
+"for\n"
+"                                vedligehold og begrænsninger (hvis brugt med "
+"-r,\n"
+"                                 -m, eller -l) for de angivne LOGIND'ER\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Kunne ikke indhente punktet for UID %lu\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Logind      Fejl     Maksimum Seneste                 Tid\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus tilbage]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds lås]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Kunne ikke nulstille fejlantal for UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Kunne ikke angive maks for UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Kunne ikke angive låsetid for UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Ukendt bruger eller interval: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Kan ikke indhente størrelsen for %s: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Kunne ikke skrive %s: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] GRUPPE\n"
+"\n"
+"Tilvalg:\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add BRUGER              tilføj BRUGER til GRUPPE\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete BRUGER           fjern BRUGER fra GRUPPE\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -Q, --root CHROOT_MAPPE       mappe at chroote ind i\n"
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr "  -r, --remove-password         fjern GRUPPENS adgangskode\n"
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+"  -R, --restrict                begræns adgang til GRUPPE til gruppens "
+"medlemmer\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr "  -M, --members BRUGER,...      angiv medlemslisten for GRUPPE\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators ADMIN,...\n"
+"                                angiv administratorlisten for GRUPPE\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+"Med undtagelse af tilvalgene -A og -M kan tilvalgene ikke kombineres.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Tilvalgene kan ikke kombineres.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: Adgangskode for shadowgruppe er krævet for -A\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: Gruppen »%s« findes ikke i %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: Fejl under lukning af skrivebeskyttet %s\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Ændrer adgangskoden for gruppen %s\n"
+
+msgid "New Password: "
+msgstr "Ny adgangskode: "
+
+msgid "Re-enter new password: "
+msgstr "Gentag ny adgangskode: "
+
+msgid "They don't match; try again"
+msgstr "De er ikke ens. Prøv igen"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Prøv igen senere\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Tilføjer brugeren %s til gruppen %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Fjerner brugeren %s fra gruppen %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: Brugeren »%s« er ikke medlem af »%s«\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Ikke en tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] GRUPPE\n"
+"\n"
+"Tilvalg:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force                   afslut hvis gruppen allerede findes,\n"
+"                                 og afbryd -g hvis GID'en allerede bruges\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr "  -g, --gid GID                 anvend GID for den nye gruppe\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr "  -K, --key NØGLE=VÆRDI         overskriv /etc/login.defs-standarder\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              tillad at oprette grupper med den samme\n"
+"                                (ikke unikke) GID\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+"  -p, --password ADGANGSKODE     brug denne krypterede adgangskode for den "
+"nye gruppe\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  opret en systemkonto\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: »%s« er ikke et gyldigt gruppenavn\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: Ugyldigt gruppe-id »%s«\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K kræver NØGLE=VÆRDI\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: gruppen »%s« findes allerede\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID »%lu« findes allerede\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Kan ikke opsætte tjenesten cleanup.\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -r, --reset                   reset the counters of login failures\n"
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+"  -r, --reset                   nulstil tælleren for mislykkede logind\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: Kan ikke fjerne punkt »%s« fra %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: Kan ikke fjerne den primære gruppe for bruger »%s«.\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: Gruppe »%s« findes ikke\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: Gruppe »%s« er en NIS-gruppe.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s er NIS-masteren\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: Bruger »%s« er allerede medlem af »%s«\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Ikke nok hukommelse. Kan ikke opdatere %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] [handling]\n"
+"\n"
+"Tilvalg:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group groupname         ændr gruppenavn i stedet for brugerens "
+"gruppe\n"
+"                                (kun root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Handlinger:\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+"  -a, --add brugernavn          tilføj brugernavn til medlemmer af gruppen\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+"  -d, --delete brugernavn       fjern brugernavn fra medlemmer af gruppen\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+"  -p, --purge                   afinstaller alle medlemmer fra gruppen\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    vis medlemmer af gruppen\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: Dit gruppenavn svarer ikke overens med dit brugernavn\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: Kun root kan bruge tilvalget -g/--group\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr "  -g, --gid GID                 ændr gruppe-id'et til GID\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr "  -n, --new-name NY_GRUPPE      ændr navnet til NY_GRUPPE\n"
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              tillad at bruge en tilsvarende (der ikke er "
+"unik) GID\n"
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+"  -p, --password ADGANGSKODE    ændr adgangskoden til denne (krypteret)\n"
+"                                ADGANGSKODE\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: Ugyldigt gruppenavn »%s«\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: Gruppen %s er en NIS-gruppe\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: Ukendt bruger %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] [gruppe [gskygge]]\n"
+"\n"
+"Tilvalg:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] [gruppe]\n"
+"\n"
+"Tilvalg:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+"  -r, --read-only               vis fejl og advarsler\n"
+"                                men ændr ikke filer\n"
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr "  -s, --sort                    sorter punkter efter UID\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s og -r er ikke kompatible\n"
+
+msgid "invalid group file entry"
+msgstr "ugyldig gruppefilspunkt"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "slet linjen »%s«? "
+
+msgid "duplicate group entry"
+msgstr "gruppepunktet er en dublet"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "ugyldigt gruppenavn »%s«\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "ugyldigt gruppe-id »%lu«\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "gruppe %s: ingen bruger %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "slet medlemmet »%s«? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "intet tilsvarende gruppefilspunkt i %s\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "tilføj gruppe »%s« i %s? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"gruppe %s har et punkt i %s, men dennes adgangskodefelt i %s er ikke angivet "
+"til »x«\n"
+
+msgid "invalid shadow group file entry"
+msgstr "ugyldigt skyggegruppefilspunkt"
+
+msgid "duplicate shadow group entry"
+msgstr "skyggegruppepunkt er en dublet"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "skyggegruppen %s: ingen administratorbruger %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "slet administratormedlemmet »%s«? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "skyggegruppen %s: Ingen bruger %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: Filerne er blevet opdateret\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: Ingen ændringer\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: Kan ikke slette %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Brug: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Brug: id\n"
+
+msgid " groups="
+msgstr " grupper="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+"  -b, --before DAGE             vis kun lastlog-poster, der er ældre\n"
+"                                end DAGE\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr "  -a, --all                     vis faillog-poster for alle brugere\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr "  -a, --all                     vis faillog-poster for alle brugere\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time DAGE               vis kun lastlog-poster, der er nyere\n"
+"                                end DAGE\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+"  -u, --user LOGIND             vis lastlog-poster for brugeren med\n"
+"                                det angivne LOGIND\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "Brugernavn       Port     Fra              Seneste"
+
+msgid "Username                Port     Latest"
+msgstr "Brugernavn              Port     Seneste"
+
+msgid "**Never logged in**"
+msgstr "**Har aldrig logget på**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Kunne ikke indhente punktet for UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: Kunne ikke nulstille lastlog-punktet for UID %lu: %s\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Brug: %s [-p] [navn]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h vært] [-f navn]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r vært\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "konfigurationsfejl - kan ikke fortolke %s-værdi: »%d«"
+
+msgid "Invalid login time"
+msgstr "Ugyldig logindtid"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Systemet er lukket for rutinemæssig vedligehold"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Afbrød ikke forbindelsen - root-logind er tilladt.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Kan umuligt arbejde uden effektiv root\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr "Intet utmp-punkt. Du skal køre »login« fra det laveste »sh-niveau«"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Logind udløb efter %u sekunder.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM-fejl, afbryder: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s logind: "
+
+msgid "login: "
+msgstr "logind: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Maksimalt antal forsøg overgået (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: PAM har anmodet om afbrydelse\n"
+
+msgid "Login incorrect"
+msgstr "Forkert logind"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Kan ikke finde bruger (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s logind: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: Fejl under forgrening: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY mislykkedes på %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Advarsel: Logind genetableret efter midlertidig udelukkelse."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Sidst logget på: %s på %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Sidst logget på: %.19s på %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " fra %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"logindtid overskredet\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Brug: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Brug: newgrp [-] [gruppe]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Brug: sg gruppe [[-c] kommando]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: Kunne ikke skrive %s: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Ugyldig adgangskode.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: fejl under forgrening: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID »%lu« findes ikke\n"
+
+msgid "too many groups\n"
+msgstr "for mange grupper\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  opret systemkontoer\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: gruppe »%s« er en skyggegruppe, men findes ikke i /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: Ugyldigt bruger-id »%s«\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: Ugyldigt brugernavn »%s«\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: Linje %d: Ugyldig linje\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: Kan ikke opdatere punktet for brugeren %s (ikke i passwd-databasen)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: Linje %d: Kan ikke oprette bruger\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: Linje %d: Kan ikke oprette gruppe\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: Linje %d: Bruger »%s« findes ikke i %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: Linje %d: Kan ikke opdatere adgangskode\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: Linje %d: mkdir %s fejlede: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: Linje %d: chown %s fejlede: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: Linje %d: Kan ikke opdatere punktet\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: Kunne ikke forberede det nye %s-punkt »%s«\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: Kan ikke oprette bruger\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: Kan ikke oprette gruppe\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+"  -a, --all                     rapporter alle kontis adgangskodestatus\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+"  -d, --delete                  slet den navngivne kontos adgangskode\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  gennemtving udløb af den navngivne kontos\n"
+"                                adgangskode\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+"  -k, --keep-tokens             skift kun adgangskode, hvis den er udløbet\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive INAKTIVE       set udløbne adgangskoder til INAKTIVE\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr "  -l, --lock                    læs den navngivne konto\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays MIN_DAGE        angiv minimale antal dage inden skift af\n"
+"                                adgangskode til MIN_DAGE\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   tavs tilstand\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+"  -r, --repository SAMLING      skift adgangskode i samlingen SAMLING\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+"  -S, --status                  raporter den navngivne kontos\n"
+"                                adgangskodestatus\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+"  -u, --unlock                  åbn adgangskoden på den navngivne konto\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr "  -w, --warndays ADVAR_DAGE     advar om udløb i ADVAR_DAGE dage\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays MAKS_DAGE       sæt det maksimale antal dage inden skift af\n"
+"                                adgangskode til MAKS_DAGE\n"
+
+msgid "Old password: "
+msgstr "Gammel adgangskode: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Angiv ny adgangskode (mindst %d tegn)\n"
+"Brug en kombination af små og store bogstaver samt tal.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Angiv ny adgangskode (mindst %d, højst %d tegn)\n"
+"Brug en kombination af små og store bogstaver samt tal.\n"
+
+msgid "New password: "
+msgstr "Ny adgangskode: "
+
+msgid "Try again."
+msgstr "Prøv igen."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Advarsel: Svag adgangskode (skriv den igen for at bruge den alligevel)."
+
+msgid "They don't match; try again.\n"
+msgstr "De er ikke ens; prøv igen.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Adgangskoden for %s kan ikke ændres.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Adgangskoden for %s kan endnu ikke ændres.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: Åbning af adgangskode vil medføre en konto uden adgangskode.\n"
+"Du bør angive en adgangskode med usermod -p for at åbne adgangskoden for "
+"denne konto.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: Arkiv %s understøttes ikke\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s er ikke godkendt til at ændre adgangskoden på %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Du har ikke lov til at se adgangskodeoplysninger for %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Ændrer adgangskode for %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Adgangskoden for %s er uændret.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: Adgangskode ændret.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: Information om udløb af adgangskode blev ændret.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] [adgangskode]\n"
+"\n"
+"Tilvalg:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] [adgangskode [skygge]]\n"
+"\n"
+"Tilvalg:\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr "  -q, --quiet                   rapporter kun fejl\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr "%s: Ingen alternativ skyggefil er tilladt, når USE_TCB er aktiveret.\n"
+
+msgid "invalid password file entry"
+msgstr "ugyldig linje i adgangskodepunkt"
+
+msgid "duplicate password entry"
+msgstr "adgangskodepunkt er en dublet"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "ugyldigt brugernavn »%s«\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "ugyldigt bruger-id »%lu«\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "bruger »%s«: Ingen gruppe %lu\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "bruger »%s«: Mappen »%s« findes ikke\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "bruger »%s«: Programmet »%s« findes ikke\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "ingen tcb-mappe for %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "opret tcb-mappe for %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "kan ikke oprette tcb-mappe for %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: Kan ikke låse %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "intet tilsvarende adgangskodepunkt i %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "tilføj brugeren »%s« i %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"bruger %s har et punkt i %s, men dets adgangskodefelt i %s er ikke angivet "
+"til »x«\n"
+
+msgid "invalid shadow password file entry"
+msgstr "ugyldigt punkt i skyggeadgangskodefil"
+
+msgid "duplicate shadow password entry"
+msgstr "skyggeadgangskodepunkt er en dublet"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "bruger %s: seneste ændring af adgangskoden skete i fremtiden\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: Kan ikke sortere punkter i %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: Kan ikke arbejde med tcb aktiveret\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: Kunne ikke ændre tilstanden for %s til 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Adgang til at udføre su til den konto er NÆGTET.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Gik uden om adgangskodegodkendelse.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Angiv din EGEN adgangskode som godkendelse.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Kan ikke forgrene brugerskal\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: Forkert signal\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: Forkert signalmasking\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Session termineret, terminerer skal..."
+
+msgid " ...killed.\n"
+msgstr " ...dræbt.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...venter på at underproces termineres.\n"
+
+msgid " ...terminated.\n"
+msgstr " ...termineret.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Brug: su [tilvalg] [LOGIND]\n"
+"\n"
+"Tilvalg:\n"
+"  -c, --command KOMMANDO        videregiv KOMMANDO til den startede skal\n"
+"  -h, --help                    vis denne hjælpebesked og afslut\n"
+"  -, -l, --login                gør skallen til en logind-skal\n"
+"  -m, -p,\n"
+"  --preserve-environment        nulstil ikke miljøvariable, og behold\n"
+"                                den samme skal\n"
+"  -s, --shell SKAL              benyt SKAL i stedet for standard-skallen\n"
+"                                i passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignoreret)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Du er ikke autoriseret til at su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Angiv din adgangskode)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: Godkendelse mislykkedes\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Du er ikke autoriseret til at su på det tidspunkt\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "Intet adgangskodepunkt for bruger »%s«\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: Skal køres fra en terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: Fejl %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Kan ikke fjerne den kontrollerende terminal\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Kan ikke udføre %s\n"
+
+msgid "No password file"
+msgstr "Ingen adgangskodefil"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY mislykkedes"
+
+msgid "No password entry for 'root'"
+msgstr "Intet adgangskodepunkt for »root«"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Tryk control-d for at fortsætte den normale opstart,\n"
+"(eller angiv root-adgangskoden for systemvedligehold):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "GÃ¥r i systemvedligeholdelsestilstand"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s blev oprettet, men kunne ikke fjernes\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: Konfigurationen %s i %s vil blive ignoreret\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: Kan ikke oprette ny standardværdifil\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: Kan ikke åbne ny standardværdifil\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: Linje for lang i %s: %s..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Kan ikke oprette symbolsk henvisning %s: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: Omdøb: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: Gruppen »%s« er en NIS-gruppe.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: Der er angivet for mange grupper (højst %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Brug: %s [tilvalg] LOGIND\n"
+"      %s -D\n"
+"      %s -D [tilvalg]\n"
+"\n"
+"Tilvalg:\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -b, --base-dir BASIS_MAP      basismappe for hjemmemappen på den nye\n"
+"                                konto\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr "  -c, --comment KOMMENTAR       GECOS-felt på den nye konto\n"
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr "  -d, --home-dir HJEMMEMAPPE    hjemmemappe på den nye konto\n"
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+"  -D, --defaults                udskriv eller ændr standard for "
+"konfigurationen af useradd\n"
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr "  -e, --expiredate UDLØBSDATO   udløbsdato på den nye konto\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+"  -f, --inactive INAKTIVE       inaktiv periode for adgangskode på den nye "
+"konto\n"
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+"  -g, --gid GRUPPE              navn eller id på den primære gruppe på den "
+"nye\n"
+"                                konto\n"
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+"  -G, --groups GROUPS           liste af suplementære grupper for den nye\n"
+"                                konto\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr "  -k, --skel SKEL_DIR           brug denne alternative skeletmappe\n"
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -l, --no-log-init             tilføj ikke brugeren til lastlog- og \n"
+"                                faillog-databaserne\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr "  -m, --create-home             opret brugerens hjemmemappe\n"
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr "  -M, --no-create-home          opret ikke brugerens hjemmemappe\n"
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+"  -N, --no-user-group           opret ikke en gruppe med det samme navn som\n"
+"                                brugeren\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              tillad oprettelse af brugere med ens\n"
+"                                (der ikke er unik) UID\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+"  -p, --password ADGANGSKODE    krypteret adgangskode for den nye konto\n"
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr "  -s, --shell SKAL              logindskal for den nye konto\n"
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr "  -u, --uid UID                 bruger-id for den nye konto\n"
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+"  -U, --user-group              opret en gruppe med det samme navn som "
+"brugeren\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+"  -Z, --selinux-user SE_BRUGER   brug en specifik SE_BRUGER for "
+"kortlægningen af SELinux-brugere\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: Ugyldig basismappe »%s«\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: Ugyldig kommentar »%s«\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: Ugyldig hjemmemappe »%s«\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: Der kræves skyggeadgangskoder for -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: Der kræves skyggeadgangskoder for -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: Ugyldigt felt »%s«\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: Ugyldig skal »%s«\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z kræver SELinux-aktiveret kerne\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: Kunne ikke nulstille faillog-punktet for UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: Kunne ikke nulstille lastlog-punktet for UID %lu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: Kunne ikke forberede det nye %s-punkt »%s«\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: Kan ikke oprette mappen %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Opretter postboksfil"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Gruppen »mail« blev ikke fundet. Opretter brugerens postboksfil med "
+"tilstanden 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Indstiller postboksfilens rettigheder"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: Brugeren »%s« findes allerede\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: Gruppen %s findes - brug -g hvis du vil tilføje denne bruger til den "
+"gruppe.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: Kan ikke oprette bruger\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu er ikke unik\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: Kan ikke oprette tcv-mappe for %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: Kan ikke oprette gruppe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: Kan ikke oprette bruger\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: Kan ikke oprette gruppe\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: Advarsel: Hjemmemappen findes allerede.\n"
+"Kopierer ikke nogen filer til den fra skelet-mappen.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: Advarsel: Brugernavnet %s til %s SELinux-brugerkortlægning mislykkedes.\n"
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   gennemtving fjernelse af filer,\n"
+"                                selvom de ikke ejers af brugeren\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr "  -r, --remove                  fjern home-mappen og postkøen\n"
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+"  -Z, --selinux-user            fjern alle SELinux-brugerkortlægninger for "
+"brugeren\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: Gruppe %s er ikke fjernet, da den ikke er den primære gruppe for bruger "
+"%s.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: Gruppe %s er ikke fjernet da gruppen har andre medlemmer.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: Gruppe %s er den primære gruppe for en anden bruger og fjernes ikke.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: Kan ikke fjerne punkt »%s« fra %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s postkø (%s) er ikke fundet\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: Advarsel: Kan ikke fjerne %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s ejes ikke af %s, fjerner ikke\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+"%s: Kan ikke allokere hukommelse, tcb-punkt for %s blev ikke fjernet.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Kan ikke smide privilegier: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Kan ikke fjerne indholdet af %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: Kan ikke fjerne tcb-filer for %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: Brugeren %s er en NIS-bruger\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s hjemmemappe (%s) er ikke fundet\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: Fjerner ikke mappen %s (det ville fjerne hjemmemappen for brugeren %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: Fejl under fjernelse af mappen %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: Advarsel: Brugernavnet %s for fjernelse af SELinux-brugerkortlægning "
+"mislykkedes.\n"
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment KOMMENTAR       ny værdi til GECOS-feltet\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr "  -d, --home-dir HJEMMEMAPPE    den nye brugerkontos hjemmemappe\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -e, --expiredate UDLØBSDATO   sæt kontoens udløbsdato til UDLØBSDATO\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive INAKTIV        sæt inaktiv adgangskode til INAKTIV efter\n"
+"                                udløb\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+"  -g, --gid GRUPPE              gennemtving brugen af GRUPPE til den nye\n"
+"                                primære gruppe\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr "  -G, --groups GRUPPER          ny liste med supplerende grupper\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+"  -a, --append                  tilføj brugeren til de supplementære "
+"GRUPPER\n"
+"                                nævnt af tilvalget -G uden at fjerne "
+"personen\n"
+"                                fra andre grupper\n"
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login NYT_LOGIND        ny værdi til logindnavnet\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    lås brugerkontoen\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               flyt indholdet af hjemmemappen til den nye\n"
+"                                placering (brug kun sammen med -d)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              tillad oprettelse af ens (der ikke er unik) "
+"UID\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+"  -p, --password ADGANGSKODE    brug krypteret adgangskode til den nye\n"
+"                                adgangskode\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr "  -u, --uid UID                 ny UID til brugerkontoen\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr "  -U, --unlock                  åbn brugerkontoen\n"
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -Z, --selinux-user SEUSER     ny SELinux-brugerkortlægning for "
+"brugerkontoen\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: Fjernelse af lås på brugerens adgangskode vil medføre en konto uden "
+"adgangskode.\n"
+"Du bør angive en adgangskode med usermod -p for at åbne lås for denne "
+"brugers adgangskode.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: Brugeren »%s« findes allerede i %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: Ugyldig dato »%s«\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: Ugyldig dato »%s«\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: Ingen tilvalg\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: Flagene -L, -p og -U udelukker hinanden\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: Skyggeadgangskoder kræves for -e og -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID »%lu« findes allerede\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s er ikke godkendt til at ændre adgangskoden på %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: Mappen %s findes\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Den tidligere hjemmemappe (%s) var ikke en mappe. Den fjernes ikke og "
+"ingen hjemmemappe oprettes.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Kunne ikke ændre ejerskab af hjemmemappen"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: Advarsel: Kunne ikke fjerne den gamle hjemmemappe %s fuldstændigt"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: Kan ikke omdøbe mappen %s til %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: Kunne ikke kopiere lastlog-punktet for bruger %lu til bruger %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: Kunne ikke kopiere faillog-punktet for bruger %lu til bruger %lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: Advarsel: %s ejes ikke af %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "kunne ikke ændre postkassens ejer"
+
+msgid "failed to rename mailbox"
+msgstr "kunne ikke omdøbe postkasse"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: Kunne ikke forberede det nye %s-punkt »%s«\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: Kunne ikke forberede det nye %s-punkt »%s«\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: Kunne ikke forberede det nye %s-punkt »%s«\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: Kunne ikke forberede det nye %s-punkt »%s«\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Du har ændret %s.\n"
+"Du skal måske ændre %s for konsistens.\n"
+"Brug venligst kommandoen »%s« til dette.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   rediger gruppedatabase\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd                  rediger passwd-database\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+"  -s, --shadow                  rediger skygge- eller gskyggedatabase\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+"  -u, --user                    hvilken brugers tcb-skyggefil at redigere\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: Kunne ikke fjerne %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s er uændret\n"
+
+msgid "failed to create scratch directory"
+msgstr "kunne ikke oprette scratch-mappe"
+
+msgid "failed to drop privileges"
+msgstr "kunne ikke afgive rettigheder"
+
+msgid "Couldn't get file context"
+msgstr "Kunne ikke indhente filkontekst"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () mislykkedes"
+
+msgid "failed to gain privileges"
+msgstr "kunne ikke opnå rettigheder"
+
+msgid "Couldn't lock file"
+msgstr "Kunne ikke låse filen"
+
+msgid "Couldn't make backup"
+msgstr "Kunne ikke lave sikkerhedskopi"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: nscd afsluttede med status %d"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "kunne ikke åbne scratch-fil"
+
+msgid "failed to unlink scratch file"
+msgstr "kunne ikke fjerne henvisning for scratch-fil"
+
+msgid "failed to stat edited file"
+msgstr "kunne ikke stat redigeret fil"
+
+msgid "failed to allocate memory"
+msgstr "kunne ikke tildele hukommelse"
+
+msgid "failed to create backup file"
+msgstr "kunne ikke oprette sikkerhedskopifil"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: Kan ikke gendanne %s: %s (dine ændringer er i %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: Kunne ikke finde tcb-mappe for %s\n"
diff --git a/po/de.po b/po/de.po
new file mode 100644
index 0000000..e2b0cd7
--- /dev/null
+++ b/po/de.po
@@ -0,0 +1,2533 @@
+# shadow de.po
+# Copyright (C) 1999 Free Software Foundation, Inc.
+# Frank Schmid <frank@cs-schmid.de>, 2002
+# Holger Wansing <linux@wansing-online.de>, 2006, 2008, 2009, 2011, 2012, 2014.
+# Patches, suggestions, etc welcome.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.2-2\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2012-05-20 19:52+0200\n"
+"PO-Revision-Date: 2014-07-27 23:06+0200\n"
+"Last-Translator: Holger Wansing <hwansing@mailbox.org>\n"
+"Language-Team: German <debian-l10n-german@lists.debian.org>\n"
+"Language: de\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Mehrere Einträge namens »%s« in %s. Bitte beheben Sie dies mit pwck oder "
+"grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "Verschlüsselungsmethode von libcrypt nicht unterstützt? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "Konfigurationsfehler - Wert für %s kann nicht ausgewertet werden: »%s«"
+
+msgid "Could not allocate space for config info.\n"
+msgstr ""
+"Es konnte kein Speicherplatz für Konfigurationsinformationen reserviert "
+"werden.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"Konfigurationsfehler - Element »%s« unbekannt (Administrator verständigen).\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd wurde nicht normal beendet (Signal %d)\n"
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd wurde mit Status %d beendet\n"
+
+msgid "Password: "
+msgstr "Passwort: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Passwort von %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "SELinux-Management-Handhabung kann nicht erstellt werden\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "SELinux-Richtlinie nicht verwaltet\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "SELinux-Richtlinien-Speicher kann nicht gelesen werden\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "SELinux-Management-Verbindung kann nicht aufgebaut werden\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "SELinux-Vorgang kann nicht gestartet werden\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "seuser für %s konnte nicht abgefragt werden\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "serange für %s konnte nicht gesetzt werden\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "sename für %s konnte nicht gesetzt werden\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Login-Zuordnung für %s konnte nicht verändert werden\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "SELinux-Login-Zuordnung für %s kann nicht erstellt werden\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Name für %s konnte nicht gesetzt werden\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "SELinux-Benutzer für %s konnte nicht gesetzt werden\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Login-Zuordnung für %s konnte nicht hinzugefügt werden\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "SELinux-Management kann nicht initialisiert werden\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "SELinux-Benutzerschlüssel kann nicht erstellt werden\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "SELinux-Benutzer kann nicht verifiziert werden\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "SELinux-Benutzer-Zuordnung kann nicht verändert werden\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "SELinux-Benutzer-Zuordnung kann nicht hinzugefügt werden\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "SELinux-Vorgang kann nicht eingepflegt werden\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"Login-Zuordnung für %s ist nicht definiert; dies ist OK, falls die Standard-"
+"Zuordnung verwendet wurde\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+"Login-Zuordnung für %s ist in der Richtlinie definiert, kann nicht gelöscht "
+"werden\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Login-Zuordnung für %s konnte nicht gelöscht werden"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: Speicher erschöpft\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: %s kann nicht mit stat abgefragt werden: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s ist weder ein Verzeichnis noch eine symbolische Verknüpfung.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: Symbolische Verknüpfung %s kann nicht gelesen werden: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: Verdächtig lange symbolische Verknüpfung: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: Verzeichnis %s kann nicht erstellt werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: Eigentümer von %s kann nicht geändert werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: Berechtigungen von %s können nicht geändert werden: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: Löschen (unlink): %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: Verzeichnis %s kann nicht entfernt werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: %s kann nicht in %s umbenannt werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: %s kann nicht entfernt werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: Symbolische Verknüpfung %s kann nicht erstellt werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Eigentümer von %s können nicht geändert werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: %s kann nicht mit lstat abgefragt werden: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Warnung: Benutzer %s hat keine tcb-shadow-Datei.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Ernstes Problem: %ss tcb-shadow ist keine reguläre Datei mit "
+"st_nlink=1.\n"
+"Der Benutzerzugang bleibt gesperrt.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir (Verzeichnis erstellen): %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: %s kann nicht geöffnet werden: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Warnung: unbekannte Gruppe %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Warnung: zu viele Gruppen\n"
+
+msgid "Your password has expired."
+msgstr "Ihr Passwort ist abgelaufen."
+
+msgid "Your password is inactive."
+msgstr "Ihr Passwort ist inaktiv."
+
+msgid "Your login has expired."
+msgstr "Ihr Benutzerzugang ist abgelaufen."
+
+msgid "  Contact the system administrator."
+msgstr "  Verständigen Sie den Systemadministrator."
+
+msgid "  Choose a new password."
+msgstr "  Wählen Sie ein neues Passwort."
+
+msgid "You must change your password."
+msgstr "Sie müssen Ihr Passwort ändern."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Ihr Passwort läuft in %ld Tagen ab.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Ihr Passwort läuft morgen ab."
+
+msgid "Your password will expire today."
+msgstr "Ihr Passwort läuft heute ab."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Audit-Schnittstelle konnte nicht geöffnet werden - Abbruch.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Eigentümer oder Modus von tty stdin kann nicht geändert werden: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: Entsperren von %s fehlgeschlagen\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Umgebungsüberlauf\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Sie dürfen $%s nicht ändern.\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d Fehlversuch seit letzter Anmeldung.\n"
+"Der letzte war am %s auf %s.\n"
+msgstr[1] ""
+"%d Fehlversuche seit letzter Anmeldung.\n"
+"Der letzte war am %s auf %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Ungültige Konfiguration: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ungültige Konfiguration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: Speicherreservierung fehlgeschlagen: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: Keine einmalige System-GID bekommen (keine GIDs mehr verfügbar)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Keine einmalige GID bekommen (keine GIDs mehr verfügbar)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Ungültige Konfiguration: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ungültige Konfiguration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: Keine einmalige System-UID bekommen (keine UIDs mehr verfügbar)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: Keine einmalige UID bekommen (keine UIDs mehr verfügbar)\n"
+
+msgid "Too many logins.\n"
+msgstr "Zu viele Anmeldungen.\n"
+
+msgid "You have new mail."
+msgstr "Neue E-Mails vorhanden."
+
+msgid "No mail."
+msgstr "Keine E-Mails vorhanden."
+
+msgid "You have mail."
+msgstr "E-Mails vorhanden."
+
+msgid "no change"
+msgstr "keine Änderungen"
+
+msgid "a palindrome"
+msgstr "ein Palindrom"
+
+msgid "case changes only"
+msgstr "nur Änderungen bei Groß-/Kleinschreibung"
+
+msgid "too similar"
+msgstr "zu ähnlich"
+
+msgid "too simple"
+msgstr "zu einfach"
+
+msgid "rotated"
+msgstr "rotiert"
+
+msgid "too short"
+msgstr "zu kurz"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Schlechtes Passwort: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() fehlgeschlagen, Fehler %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: Passwort nicht geändert\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: Passwort erfolgreich geändert\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Falsches Passwort für %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: mehrfache »--root«-Optionen\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: Option »%s« erfordert ein Argument\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: Fehler beim Entfernen der Privilegien (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: Ungültiger chroot-Pfad »%s«\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: auf chroot-Verzeichnis %s kann nicht zugegriffen werden: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: chroot-Wechsel in Verzeichnis %s nicht möglich: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Ungültiger Wert für ENCRYPT_METHOD: »%s«.\n"
+"Standard DES wird gewählt.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Es konnte nicht in das Verzeichnis »%s« gewechselt werden.\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Kein Verzeichnis, Anmeldung mit HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s konnte nicht ausgeführt werden"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Ungültiges root-Verzeichnis »%s«\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "root-Verzeichnis kann nicht auf »%s« geändert werden.\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Ihr tty-Name konnte nicht festgestellt werden."
+
+msgid "No"
+msgstr "Nein"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen] BENUTZERZUGANG\n"
+"\n"
+"Optionen:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+"  -d, --lastday LETZTER_TAG     Tag der letzten Passwortänderung auf\n"
+"                                LETZTER_TAG setzen\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -E, --expiredate ABL_DATUM    Ablaufdatum des Benutzerzugangs auf\n"
+"                                ABL_DATUM setzen\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr "  -h, --help                    Diese Hilfe anzeigen, sonst nichts\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive INAKTIV        Passwort nach Ablauf von INAKTIV\n"
+"                                deaktivieren\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+"  -l, --list                    Informationen zu Ablaufdaten usw. anzeigen\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays MIN_TAGE        Minimale Anzahl der Tage vor\n"
+"                                Passwortänderung auf MIN_TAGE setzen\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays MAX_TAGE        Maximale Anzahl der Tage vor\n"
+"                                Passwortänderung auf MAX_TAGE setzen\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -R, --root CHROOT_VERZ        Verzeichnis für chroot\n"
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -W, --warndays WARN_TAGE      Anzahl der Tage für Ablaufwarnung auf\n"
+"                                WARN_TAGE setzen\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+"Geben Sie einen neuen Wert an oder drücken Sie ENTER für den Standardwert"
+
+msgid "Minimum Password Age"
+msgstr "Minimales Passwortalter"
+
+msgid "Maximum Password Age"
+msgstr "Maximales Passwortalter"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Letzte Passwortänderung (JJJJ-MM-TT)"
+
+msgid "Password Expiration Warning"
+msgstr "Passwortablaufwarnung"
+
+msgid "Password Inactive"
+msgstr "Passwort inaktiv"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Ablaufdatum des Benutzerzugangs (JJJJ-MM-TT)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Letzte Passwortänderung\t\t\t\t\t: "
+
+msgid "never"
+msgstr "nie"
+
+msgid "password must be changed"
+msgstr "Passwort muss geändert werden"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Passwort läuft ab\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Passwort inaktiv\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Benutzerzugang läuft ab\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Minimale Anzahl der Tage zwischen Passwortänderungen\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Maximale Anzahl der Tage zwischen Passwortänderungen\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Anzahl Tage, an denen vor Passwortablauf gewarnt wird\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: Ungültiges Datum »%s«\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: Ungültiges numerisches Argument »%s«\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: benutzen Sie »l« nicht mit anderen Optionen.\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Erlaubnis verweigert.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Ihr Benutzername konnte nicht bestimmt werden.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr ""
+"%s: %s konnte nicht gesperrt werden; versuchen Sie es später noch einmal.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: %s konnte nicht geöffnet werden.\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: Fehler beim Schreiben der Änderungen nach %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: Vorbereiten des neuen %s-Eintrags »%s« fehlgeschlagen.\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: shadow-Passwortdatei ist nicht vorhanden.\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: Benutzer »%s« ist in %s nicht vorhanden.\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Passwortalterung für %s wird geändert.\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: Fehler beim Ändern der Felder\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen] [BENUTZERZUGANG]\n"
+"\n"
+"Optionen:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr "  -f, --full-name VOLLST_NAME     Vollständigen Benutzernamen ändern\n"
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+"  -h, --home-phone TEL_PRIVAT   Private Telefonnummer des Benutzers ändern\n"
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+"  -o, --other SONSTIGE_INFO     Sonst. GECOS-Information des Benutzers "
+"ändern\n"
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr "  -r, --room ZIMMERNUMMER       Zimmernummer des Benutzers ändern\n"
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr "  -u, --help                    Diese Hilfe anzeigen, sonst nichts\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+"  -w, --work-phone TEL_GESCH    Geschäftl. Telefonnummer des Benutzers "
+"ändern\n"
+
+msgid "Full Name"
+msgstr "Vollständiger Name"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Zimmernummer"
+
+msgid "Work Phone"
+msgstr "Telefon geschäftlich"
+
+msgid "Home Phone"
+msgstr "Telefon privat"
+
+msgid "Other"
+msgstr "Sonstiges"
+
+msgid "Cannot change ID to root.\n"
+msgstr "ID konnte nicht auf root geändert werden.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: Name mit Zeichen, die nicht zum ASCII-Zeichensatz gehören: »%s«\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: Ungültiger Name: »%s«\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+"%s: Zimmernummer mit Zeichen, die nicht zum ASCII-Zeichensatz gehören: »%s«\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: Ungültige Zimmernummer: »%s«\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: Ungültige Telefon-Nr. (geschäftlich): »%s«\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: Ungültige Telefon-Nr. (privat): »%s«\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: »%s« enthält Zeichen, die nicht zum ASCII-Zeichensatz gehören.\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: »%s« enthält ungültige Zeichen.\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: Benutzer »%s« ist nicht vorhanden.\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: Benutzer »%s« auf dem NIS-Client konnte nicht geändert werden.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: »%s« ist der NIS-Master für diesen Client.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Benutzerinformationen für %s werden geändert.\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: Felder zu lang\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen]\n"
+"\n"
+"Optionen:\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+"  -c, --crypt-method METHODE    Verschlüsselungsmethode (eine der\n"
+"                                folgenden: %s)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+"  -e, --encrypted               Angegebene Passwörter sind verschlüsselt\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     Die Klartext-Passwörter mittels MD5-\n"
+"                                Algorithmus verschlüsseln\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"  -s, --sha-rounds              Anzahl der SHA-Runden für den SHA*-\n"
+"                                Verschlüsselungs-Algorithmus\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: %s ist nur zusammen mit %s erlaubt.\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: -c, -e und -m können nur exklusiv genutzt werden.\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: Nicht unterstützte Verschlüsselungsmethode: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: Zeile %d: Zeile zu lang\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: Zeile %d: Neues Passwort fehlt\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: Zeile %d: Gruppe »%s« existiert nicht\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: Zeile %d: Neuer %s-Eintrag »%s« konnte nicht vorbereitet werden.\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: Fehler entdeckt, Änderungen verworfen\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (Zeile %d, Benutzer %s) Passwort nicht geändert\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: Zeile %d: Benutzer »%s« ist nicht vorhanden.\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+"  -s, --shell SHELL             Neue Login-Shell für den Benutzerzugang\n"
+
+msgid "Login Shell"
+msgstr "Login-Shell"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Sie dürfen die Shell für »%s« nicht ändern.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Login-Shell für %s wird geändert.\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Ungültiger Eintrag: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s ist eine ungültige Shell\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Warnung: %s ist nicht vorhanden.\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Warnung: %s nicht ausführbar.\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+"  -c, --check                   Ablauf des Benutzerpassworts überprüfen\n"
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+"  -f, --force                   Passwortänderung erzwingen, wenn das "
+"Benutzer-\n"
+"                                passwort abgelaufen ist\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: Optionen %s und %s stehen im Konflikt zueinander.\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: Unerwartetes Argument: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+"  -a, --all                     Aufzeichnungen fehlgeschlagener Anmeldungen\n"
+"                                für alle Benutzer anzeigen\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-time SEK           Den Benutzerzugang nach fehlgeschlagener\n"
+"                                Anmeldung für SEK Sekunden sperren\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum MAX             Maximal mögliche Anzahl fehlgeschlagener\n"
+"                                Anmeldungen auf MAX setzen\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+"  -r, --reset                   Zähler fehlgeschlagener Anmeldungen\n"
+"                                zurücksetzen\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time TAGE               Aufzeichnungen fehlgeschlagener Anmeldungen\n"
+"                                anzeigen, die jünger als TAGE sind\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user BENUTZERZUGANG/    Aufzeichnungen fehlgeschlagener Anmeldungen\n"
+"             BEREICH            anzeigen bzw. Verwalten von Zählern und Be-\n"
+"                                schränkungen (falls mit Optionen -r, -m "
+"oder\n"
+"                                -l aufgerufen) nur für BENUTZERZUGANG\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Auslesen des Eintrags für UID %lu fehlgeschlagen\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Login       Fehlver. Maximum Letzter                  Auf\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus übrig]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds Sperre]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr ""
+"%s: Zurücksetzen des Zählers fehlgeschlagener Anmeldungen für UID %lu "
+"fehlgeschlagen\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Setzen des Max-Werts für UID %lu fehlgeschlagen\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Setzen der Sperrzeit für UID %lu fehlgeschlagen\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Unbekannter Benutzer oder Bereich: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Auslesen der Größe von %s fehlgeschlagen: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Schreiben von %s fehlgeschlagen: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Option] GRUPPE\n"
+"\n"
+"Optionen:\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add BENUTZER            BENUTZER zu GRUPPE hinzufügen\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete BENUTZER         BENUTZER aus GRUPPE entfernen\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -Q, --root CHROOT_VERZ        Verzeichnis für chroot\n"
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr "  -r, --remove-password         Passwort der GRUPPE entfernen\n"
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+"  -R, --restrict                Zugriff zu GRUPPE auf ihre Mitglieder\n"
+"                                beschränken\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+"  -M, --members BENUTZER,...    Liste der Mitglieder von GRUPPE setzen\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators ADMIN,...\n"
+"                                Liste der Administratoren für GRUPPE setzen\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Außer für -A und -M können die Optionen nicht kombiniert werden.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Die Optionen können nicht kombiniert werden.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: shadow-Gruppenpasswörter für -A erforderlich\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: Gruppe »%s« existiert nicht in %s.\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: Fehler beim Schließen von %s im Nur-Lese-Modus\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Passwort für die Gruppe %s wird geändert.\n"
+
+msgid "New Password: "
+msgstr "Neues Passwort: "
+
+msgid "Re-enter new password: "
+msgstr "Passwort wiederholen: "
+
+msgid "They don't match; try again"
+msgstr "Keine Ãœbereinstimmung; versuchen Sie es noch einmal."
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Versuchen Sie es später noch einmal.\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Benutzer %s wird zur Gruppe %s hinzugefügt.\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Benutzer %s wird aus der Gruppe %s entfernt.\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: Benutzer »%s« ist kein Mitglied von »%s«.\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Kein tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen] GRUPPE\n"
+"\n"
+"Optionen:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force                   Ohne Fehler beenden, falls die Gruppe\n"
+"                                bereits existiert\n"
+"                                und Operation für -g abbrechen, falls die\n"
+"                                GID bereits verwendet wird\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr "  -g, --gid GID                 GID für die neue Gruppe benutzen\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+"  -K, --key SCHLÃœSSEL=WERT      Die Vorgabewerte in /etc/login.defs\n"
+"                                überschreiben\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              Erstellen einer Gruppe mit nicht\n"
+"                                einmaliger (doppelter) GID erlauben\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+"  -p, --password PASSWORT       Dieses verschlüsselte PASSWORT für die\n"
+"                                neue Gruppe verwenden\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  Eine Systemgruppe erstellen\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: »%s« ist kein gültiger Gruppenname.\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: Ungültige Gruppen-ID »%s«\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K erfordert SCHLÃœSSEL=WERT\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: Gruppe »%s« existiert bereits.\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID »%lu« existiert bereits.\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Ihr Benutzername konnte nicht bestimmt werden.\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: Eintrag »%s« konnte nicht aus %s entfernt werden.\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: Primäre Gruppe des Benutzers »%s« konnte nicht entfernt werden.\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: Gruppe »%s« existiert nicht.\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: Gruppe »%s« ist eine NIS-Gruppe.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s ist der NIS-Master.\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: Benutzer »%s« ist bereits ein Mitglied von »%s«.\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Zu wenig Speicher. %s kann nicht aktualisiert werden.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen [Aktion]\n"
+"\n"
+"Optionen:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group Gruppenname       Gruppenname ändern statt der Gruppe des\n"
+"                                Benutzers (nur root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Aktionen:\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+"  -a, --add Benutzername        Benutzername zu den Mitgliedern der Gruppe\n"
+"                                hinzufügen\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+"  -d, --delete Benutzername     Benutzername aus der Liste der Gruppen-\n"
+"                                mitglieder entfernen\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+"  -p, --purge                   Alle Mitglieder aus der Gruppe entfernen\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    Die Mitglieder der Gruppe auflisten\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: Ihr Gruppenname passt nicht zu Ihrem Benutzername.\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: Nur root kann die Option -g/--group nutzen.\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr "  -g, --gid GID                 Die Gruppen-ID auf GID ändern\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+"  -n, --new-name NEUE_GRUPPE    Den Gruppennamen auf NEUE_GRUPPE ändern\n"
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              Verwenden einer nicht einmaligen "
+"(doppelten)\n"
+"                                GID erlauben\n"
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+"  -p, --password PASSWORT       Das Passwort auf dieses (verschlüsselte)\n"
+"                                PASSWORT ändern\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: Ungültiger Gruppenname »%s«\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: Gruppe %s ist eine NIS-Gruppe.\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: Unbekannter Benutzer %s\n"
+
+# NOTE: group is a file (/etc/group)
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen] [Gruppe [gshadow]]\n"
+"\n"
+"Optionen:\n"
+
+# NOTE: group is a file (/etc/group)
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen] [Gruppe]\n"
+"\n"
+"Optionen:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+"  -r, --read-only               Fehler und Warnungen anzeigen,\n"
+"                                aber keine Dateien verändern\n"
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr "  -s, --sort                    Einträge nach UID sortieren\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s und -r sind nicht kompatibel.\n"
+
+msgid "invalid group file entry"
+msgstr "Ungültiger Eintrag in group-Datei"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "Zeile »%s« löschen?"
+
+msgid "duplicate group entry"
+msgstr "Doppelter Gruppeneintrag"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "Ungültiger Gruppenname »%s«\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "Ungültige Gruppen-ID »%lu«\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "Gruppe %s: Kein Benutzer %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "Mitglied »%s« löschen?"
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "Kein passender group-Datei-Eintrag in %s\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "Gruppe »%s« zu %s hinzufügen?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"Für Gruppe %s existiert ein Eintrag in %s, aber ihr Passwort-Feld in %s ist "
+"nicht auf »x« gesetzt\n"
+
+msgid "invalid shadow group file entry"
+msgstr "Ungültiger Eintrag in shadow-group-Datei"
+
+msgid "duplicate shadow group entry"
+msgstr "Doppelter Eintrag für shadow-Gruppe"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "shadow-Gruppe %s: Benutzer %s ist kein Administrator.\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "Administratives Mitglied »%s« löschen? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "shadow-Gruppe %s: Kein Benutzer %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: Die Dateien wurden aktualisiert.\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: Keine Änderungen\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: %s kann nicht gelöscht werden.\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Aufruf: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Aufruf: id\n"
+
+msgid " groups="
+msgstr " Gruppen="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+"  -b, --before TAGE             Nur lastlog-Aufzeichnungen zeigen, die "
+"älter\n"
+"                                als TAGE sind\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time TAGE               Nur lastlog-Aufzeichnungen zeigen, die "
+"jünger\n"
+"                                als TAGE sind\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+"  -u, --user BENUTZERZUGANG     lastlog-Eintrag für BENUTZERZUGANG anzeigen\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "Benutzername     Port     Von              Letzter"
+
+msgid "Username                Port     Latest"
+msgstr "Benutzername            Port     Letzter"
+
+msgid "**Never logged in**"
+msgstr "**Noch nie angemeldet**"
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Aufruf: %s [-p] [Name]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h Rechner] [-f Name]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r Rechner\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "Konfigurationsfehler - Wert für %s kann nicht ausgewertet werden: »%d«"
+
+msgid "Invalid login time"
+msgstr "Ungültige Login-Zeit"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"System wegen planmäßigen Wartungsarbeiten geschlossen"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Trennung abgebrochen -- root-Login erlaubt.]"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Login nach %u Sekunden wegen\n"
+"Zeitüberschreitung abgebrochen.\n"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Arbeit ohne effektive root-Rechte eventuell nicht möglich\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Kein utmp-Eintrag. Sie müssen »login« vom niedrigsten »sh«-Level ausführen."
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM-Fehler, Abbruch: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s Login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Maximale Anzahl der Versuche überschritten (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: Abbruch durch PAM angefordert\n"
+
+msgid "Login incorrect"
+msgstr "Login fehlerhaft"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Benutzer kann nicht gefunden werden (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s Login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: Fehler bei Prozessaufspaltung (fork): %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY auf %s fehlgeschlagen"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Warnung: Login nach temporärer Sperre reaktiviert."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Letztes Login: %s auf %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Letztes Login: %.19s auf %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " von %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"Login-Zeit überschritten\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Aufruf: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Aufruf: newgrp [-] [Gruppe]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Aufruf: sg Gruppe [[-c] Befehl]\n"
+
+msgid "Invalid password.\n"
+msgstr "Ungültiges Passwort.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: Fehler bei Prozessaufspaltung (fork): %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID »%lu« existiert nicht.\n"
+
+msgid "too many groups\n"
+msgstr "zu viele Gruppen\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  Systemzugänge erzeugen\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+"%s: Gruppe »%s« ist eine shadow-Gruppe, existiert aber nicht in /etc/group.\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: Ungültige Benutzer-ID »%s«\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: Ungültiger Benutzername »%s«\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: Zeile %d: Ungültige Zeile\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: Eintrag für Benutzer %s kann nicht aktualisiert werden (ist nicht in der "
+"passwd-Datenbank).\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: Zeile %d: Benutzer kann nicht erstellt werden.\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: Zeile %d: Gruppe kann nicht erstellt werden.\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: Zeile %d: Benutzer »%s« existiert nicht in %s.\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: Zeile %d: Passwort kann nicht aktualisiert werden.\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: Zeile %d: mkdir %s (Verzeichnis erstellen) fehlgeschlagen: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: Zeile %d: chown %s (Eigentümer ändern) fehlgeschlagen: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: Zeile %d: Eintrag kann nicht aktualisiert werden.\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+"  -a, --all                     Passwort-Status für alle Benutzerzugänge\n"
+"                                anzeigen\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+"  -d, --delete                  Passwort für den Benutzerzugang löschen\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  Ablauf des Passworts für den Benutzerzugang\n"
+"                                erzwingen\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr "  -k, --keep-tokens             Passwort nur ändern falls abgelaufen\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive INAKTIV        Passwort nach Ablauf von INAKTIV\n"
+"                                deaktivieren\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr "  -l, --lock                    Benutzerzugang sperren\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays MIN_TAGE        Minimale Anzahl der Tage vor\n"
+"                                Passwortänderung auf MIN_TAGE setzen\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   Nicht so geschwätzig verhalten\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr "  -r, --repository REPOSITORY   Passwort ändern in REPOSITORY\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+"  -S, --status                  Passwort-Status des Benutzerzugangs "
+"anzeigen\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr "  -u, --unlock                  Benutzerzugang entsperren\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -w, --warndays WARN_TAGE      Anzahl der Tage für Ablaufwarnung auf\n"
+"                                WARN_TAGE setzen\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays MAX_TAGE        Maximale Anzahl der Tage vor\n"
+"                                Passwortänderung auf MAX_TAGE setzen\n"
+
+msgid "Old password: "
+msgstr "Altes Passwort: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Geben Sie das neue Passwort ein (mindestens %d Zeichen).\n"
+"Bitte benutzen Sie eine Kombination aus Groß- und Kleinbuchstaben\n"
+"sowie Ziffern.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Geben Sie das neue Passwort ein (mindestens %d, höchstens %d Zeichen).\n"
+"Bitte benutzen Sie eine Kombination aus Groß- und Kleinbuchstaben\n"
+"sowie Ziffern.\n"
+
+msgid "New password: "
+msgstr "Neues Passwort: "
+
+msgid "Try again."
+msgstr "Versuchen Sie es noch einmal."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Warnung: Schwaches Passwort (geben Sie es noch einmal ein,\n"
+"um es trotzdem zu verwenden)."
+
+msgid "They don't match; try again.\n"
+msgstr "Nicht identisch; versuchen Sie es noch einmal.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Das Passwort für %s kann nicht geändert werden.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Das Passwort für %s kann noch nicht geändert werden.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: Das Passwort zu entsperren würde zu einem Benutzerzugang ohne\n"
+"Passwort führen. Sie sollten mit usermod -p ein Passwort setzen, um das\n"
+"Passwort für diesen Benutzerzugang zu entsperren.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: Repository %s nicht unterstützt\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s ist nicht berechtigt, das Passwort von %s zu ändern.\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+"%s: Sie dürfen die Passwortinformationen für %s nicht anzeigen oder ändern.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Passwort für %s wird geändert.\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Das Passwort für %s wurde nicht geändert.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: Passwort geändert.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: Passwortablauf-Informationen geändert.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen] [Passwort]\n"
+"\n"
+"Optionen:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen] [Passwort [shadow]]\n"
+"\n"
+"Optionen:\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr "  -q, --quiet                   Nur Fehler melden\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: keine alternative shadow-Datei erlaubt, wenn USE_TCB aktiviert ist.\n"
+
+msgid "invalid password file entry"
+msgstr "Ungültiger Eintrag in Passwortdatei"
+
+msgid "duplicate password entry"
+msgstr "Doppelter Passworteintrag"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "Ungültiger Benutzername »%s«\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "Ungültige Benutzer-ID »%lu«\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "Benutzer »%s«: Keine Gruppe %lu\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "Benutzer »%s«: Verzeichnis »%s« existiert nicht.\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "Benutzer »%s«: Programm »%s« existiert nicht.\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "kein tcb-Verzeichnis für %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "tcb-Verzeichnis für %s erstellen?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "Erstellen von tcb-Verzeichnis für %s fehlgeschlagen\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: %s kann nicht gesperrt werden.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "Kein passender Passwortdatei-Eintrag in %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "Benutzer »%s« zu %s hinzufügen? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"Für Benutzer %s existiert ein Eintrag in %s, aber sein Passwort-Feld in %s "
+"ist nicht auf »x« gesetzt.\n"
+
+msgid "invalid shadow password file entry"
+msgstr "Ungültiger shadow-Passwortdatei-Eintrag"
+
+msgid "duplicate shadow password entry"
+msgstr "Doppelter shadow-Passwort-Eintrag"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "Benutzer %s: Letzte Passwortänderung liegt in der Zukunft.\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: Einträge in %s können nicht sortiert werden.\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: Arbeit mit aktivierter tcb-Funktionalität nicht möglich\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: Änderung des Modus' von %s auf 0600 fehlgeschlagen\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Zugriff mit su zu diesem Benutzerzugang VERWEIGERT.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Passwort-Authentifizierung umgangen.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Bitte geben Sie Ihr EIGENES Passwort als Authentifizierung ein.\n"
+
+msgid " ...killed.\n"
+msgstr " ... abgeschossen.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ... Warten auf Beendigung des Kindprozesses.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Prozessaufspaltung (fork) für Benutzer-Shell nicht möglich\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: Signal-Fehlfunktion\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: Signalmaskierungs-Fehlfunktion\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Sitzung abgebrochen, Shell wird beendet ..."
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid " ...terminated.\n"
+msgstr " ... abgebrochen.\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Aufruf: su [Optionen] [BENUTZERZUGANG]\n"
+"\n"
+"Optionen:\n"
+"  -c, --command BEFEHL          BEFEHL an aufgerufene Shell weiterleiten\n"
+"  -h, --help                    Diese Hilfe anzeigen, sonst nichts\n"
+"  -, -l, --login                Die Shell als Login-Shell starten\n"
+"  -m, -p,\n"
+"  --preserve-environment        Umgebungsvariablen nicht zurücksetzen und\n"
+"                                die Shell beibehalten\n"
+"  -s, --shell SHELL             SHELL anstatt der Vorgabe aus passwd\n"
+"                                benutzen\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignoriert)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "su %s ist Ihnen nicht erlaubt.\n"
+
+msgid "(Enter your own password)"
+msgstr "(Geben Sie Ihr eigenes Passwort ein)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: Authentifizierung fehlgeschlagen\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: su ist Ihnen derzeit nicht erlaubt.\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "Kein Passworteintrag für Benutzer »%s«\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: Muss von einem Terminal gestartet werden.\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: Fehler %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Das kontrollierende Terminal kann nicht abgebrochen werden\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "%s konnte nicht ausgeführt werden\n"
+
+msgid "No password file"
+msgstr "Keine Passwortdatei"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY fehlgeschlagen"
+
+msgid "No password entry for 'root'"
+msgstr "Kein Passworteintrag für »root«"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Geben Sie Strg-D ein, um mit dem normalen Startvorgang fortzufahren\n"
+"(oder geben Sie zur Systemwartung das root-Passwort ein):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Wechsel in den Systemwartungsmodus"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s wurde erstellt, konnte aber nicht entfernt werden\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: die %s-Konfiguration in %s wird ignoriert.\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: Neue defaults-Datei kann nicht erzeugt werden.\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: Neue defaults-Datei kann nicht geöffnet werden.\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: Zeile zu lang in %s: %s..."
+
+#, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Sicherungsdatei kann nicht erstellt werden (%s): %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: Umbenennen: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: Die Gruppe »%s« ist eine NIS-Gruppe.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: Zu viele Gruppen angegeben (max. %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Aufruf: %s [Optionen] BENUTZERZUGANG\n"
+"        %s -D\n"
+"        %s -D [Optionen]\n"
+"\n"
+"Optionen:\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -b, --base-dir BASIS_VERZ     Basisverzeichnis für das\n"
+"                                Home-Verzeichnis des neuen Benutzers\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+"  -c, --comment KOMMENTAR       KOMMENTAR für das GECOS-Feld des neuen\n"
+"                                Benutzers\n"
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr "  -d, --home-dir HOME_VERZ      Home-Verzeichnis des neuen Benutzers\n"
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+"  -D, --defaults                Anzeigen oder Speichern der modifizierten\n"
+"                                Standardkonfiguration für useradd\n"
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+"  -e, --expiredate ABL_DATUM    Das Ablaufdatum des neuen Benutzerzugangs\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+"  -f, --inactive INAKTIV        Passwort nach Ablauf von INAKTIV "
+"deaktivieren\n"
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+"  -g, --gid GRUPPE              Name oder ID der primären Gruppe des neuen\n"
+"                                Benutzerzugangs\n"
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+"  -G, --groups GRUPPEN          Liste der zusätzlichen Gruppen für den\n"
+"                                neuen Benutzerzugang\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+"  -k, --skel SKEL_VERZ          Ein alternatives skeleton-Verzeichnis\n"
+"                                (Vorlagenverzeichnis) verwenden\n"
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -l, --no-log-init             Den Benutzer nicht zu den lastlog- und\n"
+"                                faillog-Datenbanken hinzufügen\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+"  -m, --create-home             Home-Verzeichnis des neuen Benutzers "
+"erstellen\n"
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+"  -M, --no-create-home          Kein Home-Verzeichnis für den Benutzer\n"
+"                                erstellen\n"
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+"  -N, --no-user-group           Keine Gruppe mit dem gleichen Namen wie dem\n"
+"                                des Benutzers erstellen\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              Benutzer mit doppelter (nicht einmaliger)\n"
+"                                UID erlauben\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+"  -p, --password PASSWORT       Verschlüsseltes Passwort für den neuen\n"
+"                                Benutzerzugang\n"
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+"  -s, --shell SHELL             Die Login-Shell des neuen Benutzerzugangs\n"
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+"  -u, --uid UID                 Benutzer-ID (UID) des neuen Benutzerzugangs\n"
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+"  -U, --user-group              Eine Gruppe mit dem gleichen Namen wie dem\n"
+"                                des Benutzers erstellen\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+"  -Z, --selinux-user SEBENUTZER Den Benutzernamen SEBENUTZER für die "
+"SELinux-\n"
+"                                Benutzer-Zuordnung verwenden\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: Ungültiges Basis-Verzeichnis »%s«\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: Ungültiger Kommentar »%s«\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: Ungültiges Home-Verzeichnis »%s«\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: shadow-Passwörter für -e erforderlich\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: shadow-Passwörter für -f erforderlich\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: Ungültiges Feld »%s«\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: Ungültige Shell »%s«\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z erfordert einen Kernel, in dem SELinux aktiviert ist.\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: Zurücksetzen des faillog-Eintrags für UID %lu fehlgeschlagen: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: Zurücksetzen des lastlog-Eintrags für UID %lu fehlgeschlagen: %s\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: Verzeichnis %s kann nicht erstellt werden.\n"
+
+msgid "Creating mailbox file"
+msgstr "Erzeugen der Mailbox-Datei"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Gruppe »mail« nicht gefunden. Mailbox-Datei des Benutzers mit Modus 0600 "
+"wird erzeugt.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Zugriffsrechte der Mailboxdatei werden gesetzt"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: Benutzer »%s« existiert bereits\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: Gruppe %s existiert - wenn Sie den Benutzer zur Gruppe hinzufügen\n"
+"möchten, benutzen Sie -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: Benutzer kann nicht erstellt werden\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu ist nicht einmalig\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: Erstellen des tcb-Verzeichnisses für %s fehlgeschlagen\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: Gruppe kann nicht erzeugt werden\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: Warnung: Das Home-Verzeichnis existiert bereits.\n"
+"Es werden keine Dateien vom skel-Verzeichnis dorthin kopiert.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: Warnung: Die SELinux-Benutzer-Zuordnung des Benutzernamens %s zu %s ist\n"
+"fehlgeschlagen.\n"
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   Entfernen von Dateien erzwingen, auch wenn\n"
+"                                sie nicht Eigentum des zu löschenden\n"
+"                                Benutzers sind\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+"  -r, --remove                  Entferne Home-Verzeichnis und\n"
+"                                Mail-Warteschlange\n"
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+"  -Z, --selinux-user            Jede SELinux-Benutzer-Zuordnung für\n"
+"                                den Benutzer entfernen\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: Gruppe %s nicht entfernt, da es nicht die primäre Gruppe des Benutzers "
+"%s ist.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: Gruppe %s nicht entfernt, da sie noch andere Mitglieder hat.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: Gruppe %s ist die primäre Gruppe eines anderen Benutzers und wird\n"
+"nicht entfernt.\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s Mail-Warteschlange (%s) nicht gefunden\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: Warnung: %s kann nicht gelöscht werden: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s nicht im Besitz von %s, wird nicht gelöscht.\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+"%s: Speicher kann nicht reserviert werden, tcb-Eintrag für %s nicht "
+"entfernt.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Privilegien können nicht entfernt werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Inhalt von %s kann nicht gelöscht werden: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: tcb-Dateien für %s können nicht gelöscht werden: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: Benutzer %s ist ein NIS-Benutzer.\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s-Home-Verzeichnis (%s) nicht gefunden\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: Verzeichnis %s wird nicht gelöscht (würde das Home-Verzeichnis des\n"
+"Benutzers %s löschen).\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: Fehler beim Löschen des Verzeichnisses %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: Warnung: Die Löschung der SELinux-Benutzer-Zuordnung für Benutzername %s "
+"ist fehlgeschlagen.\n"
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment KOMMENTAR       Neuer KOMMENTAR im GECOS-Feld\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+"  -d, --home HOME_DIR           Neues Home-Verzeichnis für den Benutzer-\n"
+"                                zugang\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr "  -e, --expiredate ABL_DATUM    Ablaufdatum auf ABL_DATUM setzen\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive INAKTIV        Passwort nach Ablauf von INAKTIV\n"
+"                                deaktivieren\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+"  -g, --gid GRUPPE              Erzwinge GRUPPE als neue primäre Gruppe\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr "  -G, --groups GRUPPEN          Neue Liste zusätzlicher GRUPPEN\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+"  -a, --append                  Benutzer zu zusätzlichen Gruppen "
+"hinzufügen,\n"
+"                                die mit der Option -G angegeben werden, "
+"ohne\n"
+"                                ihn dabei aus anderen Gruppen zu entfernen\n"
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+"  -l, --login NEUER_NAME        Neuer Wert für den Namen des "
+"Benutzerzugangs\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    Den Benutzerzugang sperren\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               Den Inhalt des Home-Verzeichnisses an den\n"
+"                                neuen Ort verschieben (nur mit -d benutzen)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              Benutzung von doppelter (nicht einmaliger)\n"
+"                                UID erlauben\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+"  -p, --password PASSWORD       Ein verschlüsseltes Passwort als neues\n"
+"                                Passwort verwenden\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr "  -u, --uid UID                 Neue UID des Benutzerzugangs\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr "  -U, --unlock                  Den Benutzerzugang entsperren\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -Z, --selinux-user SEUSER     neue SELinux-Benutzer-Zuordnung für den\n"
+"                                Benutzerzugang\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: Das Passwort dieses Benutzer zu entsperren würde zu einem "
+"Benutzerzugang\n"
+"ohne Passwort führen. Sie sollten mit usermod -p ein Passwort setzen, um\n"
+"diesen Benutzerzugang zu entsperren.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: Benutzer »%s« existiert bereits in %s.\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: keine Optionen\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: -L, -p und -U können nur exklusiv genutzt werden.\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: shadow-Passwörter für -e und -f erforderlich\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID »%lu« existiert bereits\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: Verzeichnis %s existiert\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Das vorherige Home-Verzeichnis (%s) war kein Verzeichnis. Es wird nicht "
+"gelöscht und keine Home-Verzeichnisse werden erzeugt.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Ändern des Eigentümers vom Home-Verzeichnis fehlgeschlagen"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: Warnung: Altes Home-Verzeichnis %s kann nicht komplett gelöscht werden"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: Verzeichnis %s kann nicht in %s umbenannt werden\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: Kopieren des lastlog-Eintrags von Benutzer %lu zu Benutzer %lu "
+"fehlgeschlagen: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: Kopieren des faillog-Eintrags von Benutzer %lu zu Benutzer %lu "
+"fehlgeschlagen: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: Warnung: %s nicht im Besitz von %s.\n"
+
+msgid "failed to change mailbox owner"
+msgstr "Fehler beim Ändern des mailbox-Besitzers"
+
+msgid "failed to rename mailbox"
+msgstr "Fehler beim Umbenennen von mailbox"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Sie haben %s verändert.\n"
+"Aus Konsistenzgründen müssen Sie unter Umständen auch %s ändern.\n"
+"Bitte nutzen Sie dazu den Befehl »%s«.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   Gruppen-Datenbank editieren\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd                  passwd-Datenbank editieren\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+"  -s, --shadow                  shadow- oder gshadow-Datenbank editieren\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+"  -u, --user                    Die tcb-shadow-Datei welches Benutzers\n"
+"                                editiert werden soll\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: Entfernen von %s fehlgeschlagen\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s ist unverändert.\n"
+
+msgid "failed to create scratch directory"
+msgstr "Erzeugen des scratch-Verzeichnisses fehlgeschlagen"
+
+msgid "failed to drop privileges"
+msgstr "Entfernen der Privilegien fehlgeschlagen"
+
+msgid "Couldn't get file context"
+msgstr "Dateikontext konnte nicht empfangen werden"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () fehlgeschlagen"
+
+msgid "failed to gain privileges"
+msgstr "Anlegen der Privilegien fehlgeschlagen"
+
+msgid "Couldn't lock file"
+msgstr "Datei konnte nicht gesperrt werden"
+
+msgid "Couldn't make backup"
+msgstr "Sicherung konnte nicht erstellt werden"
+
+msgid "failed to open scratch file"
+msgstr "Öffnen der scratch-Datei fehlgeschlagen"
+
+msgid "failed to unlink scratch file"
+msgstr "Löschen (unlink) der scratch-Datei fehlgeschlagen"
+
+msgid "failed to stat edited file"
+msgstr "stat-Abfrage der editierten Datei fehlgeschlagen"
+
+msgid "failed to allocate memory"
+msgstr "Speicherreservierung fehlgeschlagen"
+
+msgid "failed to create backup file"
+msgstr "Erzeugen der Sicherungsdatei fehlgeschlagen"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr ""
+"%s: Wiederherstellung von %s fehlgeschlagen: %s\n"
+"(Ihre Änderungen befinden sich in %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: tcb-Verzeichnis für %s konnte nicht gefunden werden\n"
+
diff --git a/po/dz.po b/po/dz.po
new file mode 100644
index 0000000..c9ecebd
--- /dev/null
+++ b/po/dz.po
@@ -0,0 +1,3501 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.17\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2006-06-01 15:28+0530\n"
+"Last-Translator: Jurmey Rabgay <jur_gay@yahoo.com>\n"
+"Language-Team: dzongkha <pgeyleg@dit.gov.bt>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n!=1);\n"
+"X-Poedit-Language: dzongkha\n"
+"X-Poedit-Country: bhutan\n"
+"X-Poedit-SourceCharset: utf-8\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "རིམ་སྒྲིག་བརྡ་དོན་གྱི་དོན་ལུ་ བར་སྟོང་སྤྲོད་མ་ཚུགས�\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "རིམ་སྒྲིག་འཚོལ་བ་-མ་ཤེས་པའི་རྣམ་གྲངས་ '%s'(བདག་ས�ྱོང་པ་བརྡ་བས�ུལ་འབད་)�\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "ཆོག་ཡིག་:"
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s's ཆོག་ཡིག་:"
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "རིམ་སྒྲིག་བརྡ་དོན་གྱི་དོན་ལུ་ བར་སྟོང་སྤྲོད་མ་ཚུགས�\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "%s གི་དོན་ལུ་ རྒས་པའི་བརྡ་དོན་བསྒྱུར་བཅོས་འབད་དོ�\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: �ྱོད་ཀྱི་ལག་ལེན་པའི་མིང་ ག�ན་འབེབས་བཟོ་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: གྲལ་�ིག་ %d:ལག་ལེན་པ་ %sའཚོལ་མི་ཚུགས�\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: དྲན་ཚད་ལས་བརྒལ་བ�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: ཡིག་སྣོད་ %sའདི་ དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: ནུས་མེད་�ྱིམ་གྱི་སྣོད་�ོ་  '%s'�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: སྣོད་�ོ་ %s འདི་ %s ལུ་ བས�ྱར་མིང་བ�གས་མི་ཚུགས�\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: སྣོད་�ོ་ %s གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: ཉེན་བརྡ་:རྩ་བས�ྲད་ག�ང་མི་ཚུགས�"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: ཉེན་བརྡ་:རྩ་བས�ྲད་ག�ང་མི་ཚུགས�"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: བས�ྱར་མིང་བ�གས་:%s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: སྣོད་�ོ་ %s འདི་ %s ལུ་ བས�ྱར་མིང་བ�གས་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: སྣོད་�ོ་ %s འདི་ %s ལུ་ བས�ྱར་མིང་བ�གས་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: ཉེན་བརྡ་:རྩ་བས�ྲད་ག�ང་མི་ཚུགས�"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: སྣོད་�ོ་ %s གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: ཉེན་བརྡ་:རྩ་བས�ྲད་ག�ང་མི་ཚུགས�"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: ཡིག་སྣོད་ %sའདི་ དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: གྱིབ་མའི་ཡིག་སྣོད་ དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: བས�ྱར་མིང་བ�གས་:%s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: ཡིག་སྣོད་%s �་ཕྱེ་མི་ཚུགས�\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "ཉེན་བརྡ་:མ་ཤེས་པའི་སྡེ་ཚན་%s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "ཉེན་བརྡ་:སྡེ་ཚན་མང་དྲགས་པ་\n"
+
+msgid "Your password has expired."
+msgstr "�ྱོད་ཀྱི་ཆོག་ཡིག་འདི་ དུས་ཡོལ་ནུག"
+
+msgid "Your password is inactive."
+msgstr "�ྱོད་ཀྱི་ཆོག་ཡིག་འདི་ ནུས་མེད་ཨིན་པས�"
+
+msgid "Your login has expired."
+msgstr "�ྱོད་ཀྱི་ནང་བས�ྱོད་འདི་ དུས་ཡོལ་ནུག"
+
+msgid "  Contact the system administrator."
+msgstr "རིམ་ལུགས་བདག་ས�ྱོང་པ་ལུ་ འབྲེལ་བ་འ�བ�"
+
+msgid "  Choose a new password."
+msgstr "ཆོག་ཡིག་གསརཔ་ཅིག་གདམས�"
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "�ྱོད་ཀྱི་ཆོག་ཡིག་འདི་ ཉིནམ་%ldནང་ དུས་ཡོལ་ནི་མས�\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "�ྱོད་ཀྱི་ཆོག་ཡིག་འདི་ ནངས་པར་དུས་ཡོལ་ནི་མས�"
+
+msgid "Your password will expire today."
+msgstr "�ྱོད་ཀྱི་ཆོག་ཡིག་འདི་ ད་རིས་དུས་ཡོལ་ནི་མས�"
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "ཊི་ཊི་�འི་ %s བསྒྱུར་བཅོས་འབད་མ་ཚུགས�"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: ས་སྒོ་ཚུ་རིང་དྲགས་པས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "མ�འ་འ�ོར་ལུད་སོང་བ�\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr ""
+"�ྱོད་ཀྱིས་ $%s\n"
+"བསྒྱུར་བཅོས་འབད་མི་ཚུགསཔ་འོང་�\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"མཇུག་མམ་གྱི་ནང་བས�ྱོད་འབད་ཞིནམ་ལས་ཚུར་ %dའ�ུས་ཤོར�\n"
+"མཇུག་མམ་ %s འདི་ %s གུ་ཨིན་པས�\n"
+msgstr[1] ""
+"མཇུག་མམ་གྱི་ནང་བས�ྱོད་འབད་ཞིནམ་ལས་ཚུར་ %dའ�ུས་ཤོར་ཚུ�\n"
+"མཇུག་མམ་ %s འདི་ %s གུ་ཨིན་པས�\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "ཡིག་སྒྲོམ་བདག་པོ་སོར་ནི་ལུ་ འ�ུས་ཤོར་བྱུང་ཡོདཔ�"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: �ུན་མོང་ ཡུ་ཨའི་ཌི་འ�ོབ་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: �ུན་མོང་མ་ཡིན་པའི་ ཇི་ཨའི་ཌི་འ�ོབ་མི་ཚུགས�\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: �ུན་མོང་ ཡུ་ཨའི་ཌི་འ�ོབ་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: �ུན་མོང་ ཡུ་ཨའི་ཌི་འ�ོབ་མི་ཚུགས�\n"
+
+msgid "Too many logins.\n"
+msgstr "ནང་བས�ྱོད་མང་དྲགས་པ�\n"
+
+msgid "You have new mail."
+msgstr "�ྱོད་ལུ་ཡིག་འཕྲིན་གསརཔ་ཅིག་འདུག"
+
+msgid "No mail."
+msgstr "ཡིག་འཕྲིན་མེད�"
+
+msgid "You have mail."
+msgstr "�ྱོད་ལུ་ཡིག་འཕྲིན་འདུག"
+
+msgid "no change"
+msgstr "བསྒྱུར་བཅོས་མེད�"
+
+msgid "a palindrome"
+msgstr "མདུན་རྒྱབ་སྒྲ་དང་དོན་གཅིག་�ུ་བཀླག་རུང་བ་ཅིག"
+
+msgid "case changes only"
+msgstr "ཡི་གུ་ར�ྱངམ་ཅིག་བསྒྱུར་བཅོས་འབད�་ཨིན�"
+
+msgid "too similar"
+msgstr "ཤིན་�ུ་ཆ་འདྲ་བ�"
+
+msgid "too simple"
+msgstr "ཤིན་�ུ་འཇམ་སམ�"
+
+msgid "rotated"
+msgstr "བསྒྱིར་ཡོདཔ�"
+
+msgid "too short"
+msgstr "�ུང་དྲགས་པ�"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "ཆོག་ཡིག་བྱང་ཉེས་:%s"
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "ཆོག་ཡིག་:པམ་སི་ཊཊི་()འ�ུས་ཤོར་བྱུང་ཡོདཔ་(_s) འཛོལ་བ་ %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "ཆོག་ཡིག་: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "ཆོག་ཡིག་སོར་ཡོདཔ�"
+
+msgid "passwd: password updated successfully\n"
+msgstr "ཆོག་ཡིག་:ཆོག་ཡིག་འདི་མ�ར་འ�ྱོལ་སྦེ་ དུས་མ�ུན་བཟོ་ཡི�\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "%s གི་དོན་ལུ་ བདེན་མེད་ཀྱི་ཆོག་ཡིག\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: �ེ་དབང་(%s)ཚུ་བཀོག་ནིའི་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: ནུས་མེད་ཀྱི་ �ྱིམ་གྱི་བརྒྱུད་འཕྲིན་: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: སྣོད་�ོ་ %s གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: སྣོད་�ོ་ %s གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: སྣོད་�ོ་ %s གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "'%s'ལུ་ སི་ཌི་འབད་མ་ཚུགས་\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "སྣོད་�ོ་མེད་ �ྱིམ་དང་བཅས་ ནང་བས�ྱོད་འབད་དོ་=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%sལག་ལེན་འ�བ་མི་ཚུགས�"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "ནུས་མེད་རྩ་བའི་སྣོད་�ོ་ '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr " '%s'ལུ་ རྩ་བའི་སྣོད་�ོ་བསྒྱུར་བཅོས་འབད་མི་ཚུགས�\n"
+
+msgid "Unable to determine your tty name."
+msgstr "�ྱོད་ཀྱི་ཊི་ཊི་�འི་མིང་ ག�ན་འབེབས་བཟོ་མ་ཚུགས�"
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "མེན�\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "བེ་ལུ་གསརཔ་བཙུགས་ ཡང་ཅིན་ སྔོན་སྒྲིག་གི་དོན་ལུ་ ENTERལུ་ཨེབས�"
+
+msgid "Minimum Password Age"
+msgstr "ཆོག་ཡིག་ལོ་ཉུང་མ�འ�"
+
+msgid "Maximum Password Age"
+msgstr "ཆོག་ཡིག་ལོ་མང་མ�འ�"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "མཇུག་གི་ཆོག་ཡིག་བསྒྱུར་བཅོས་(�འི་�འི་�འི་�འི་-ཨེམ་ཨེམ་-ཌི་ཌི་)�"
+
+msgid "Password Expiration Warning"
+msgstr "ཆོག་ཡིག་དུས་ཡོལ་ཉེན་བརྡ�"
+
+msgid "Password Inactive"
+msgstr "ཆོག་ཡིག་ནུས་མེད�"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "རྩིས་�ོའི་དུས་ཡོལ་ཚེས་གྲངས་(�འི་�འི་�འི་�འི་-ཨེམ་ཨེམ་-ཌི་ཌི་)�"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "མཇུག་གི་ཆོག་ཡིག་བསྒྱུར་བཅོས་\t\t\t\t\t: "
+
+msgid "never"
+msgstr "ནམ་ཡང་"
+
+msgid "password must be changed"
+msgstr "ཆོག་ཡིག་འདི་བསྒྱུར་བཅོས་འབད་དགོ"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "ཆོག་ཡིག་དུས་ཡོལ�་ཨིན་\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "ཆོག་ཡིག་ནུས་མེད་\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "རྩིས་�ོ་དུས་ཡོལ�་ཨིན་\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "ཆོག་ཡིག་བསྒྱུར་བཅོས་\t\tབར་ནའི་ཉིན་གྲངས་ཉུང་མ�འ་:%ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "ཆོག་ཡིག་བསྒྱུར་བཅོས་\t\tབར་ནའི་ཉིན་གྲངས་མང་མ�འ་:%ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "ཆོག་ཡིག་དུས་མ་ཡོལ་བའི་ཧེ་མ་ ཉེན་བརྡའི་ཉིན་གྲངས་\t:%ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: ནུས་མེད་ཚེས་གྲངས་  '%s'�\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: ནུས་མེད་ཨང་གྲངས་སྒྲུབ་རྟགས་ '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: ཟུར་རྟགས་གཞན་མི་དང་གཅིག་�ར་ \"l\" གྲངས་སུ་མི་བཙུགས�\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: སྣང་བ་ཉན་མ་བ�ུབ�\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: �ྱོད་ཀྱི་ལག་ལེན་པའི་མིང་ ག�ན་འབེབས་བཟོ་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s:ཡིག་སྣོད་ཚུ་ལྡེ་མིག་བར�ྱབ་མི་ཚུགས་ དོ་རུང་ཤུལ་ལས་འབད་རྩོལ་བས�ྱེད�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: ཡིག་སྣོད་%s �་ཕྱེ་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: �་སྤེལ་བ་འ�ུས་ཤོར་:%s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: �ེ་དབང་(%s)ཚུ་བཀོག་ནིའི་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་འདི་ མིན་འདུག\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: ལག་ལེན་པ་  %sའདི་ མེད�\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "%s གི་དོན་ལུ་ རྒས་པའི་བརྡ་དོན་བསྒྱུར་བཅོས་འབད་དོ�\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: ས་སྒོ་ཚུ་བསྒྱུར་བཅོས་འབད་བའི་བསྒང་ལུ་ འཛོལ་བ�\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "མིང་ཆ་ཚང་�"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "�ང་མིག་ཨང་�"
+
+msgid "Work Phone"
+msgstr "ལཱ་གི་བརྒྱུད་འཕྲིན�"
+
+msgid "Home Phone"
+msgstr "�ྱིམ་གྱི་བརྒྱུད་འཕྲིན�"
+
+msgid "Other"
+msgstr "གཞན�"
+
+msgid "Cannot change ID to root.\n"
+msgstr "རྩ་བ་ལུ་ ཨའི་ཌི་ བསྒྱུར་བཅོས་འབད་མི་ཚུགས�\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: ནུས་མེད་ཀྱི་མིང་:'%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: ནུས་མེད་ཀྱི་�ང་མིག་ཨང་:'%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: ནུས་མེད་ཀྱི་ལཱ་གི་བརྒྱུད་འཕྲིན་: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: ནུས་མེད་ཀྱི་ �ྱིམ་གྱི་བརྒྱུད་འཕྲིན་: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s:  '%s' ནང་ལུ་ �ྲིམས་འགལ་ཡིག་ཆ་ཚུ་ཡོད�\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s:  '%s' ནང་ལུ་ �ྲིམས་འགལ་ཡིག་ཆ་ཚུ་ཡོད�\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: ལག་ལེན་པ་  %sའདི་ མེད�\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: ཨེན་ཨའི་ཨེསི་ ཞབས་�ོག་སྤྱོད་མི་གུ་ ལག་ལེན་པ་ '%s' བསྒྱུར་བཅོས་འབད་མི་ཚུགས�\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' འདི་ ཞབས་�ོག་སྤྱོད་མི་འདི་གི་དོན་ལུ་ ཨེན་ཨའི་ཨེསི་ ཨམ་ཨིན�\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "%sགི་དོན་ལུ་ ལག་ལེན་པའི་བརྡ་དོན་ བསྒྱུར་བཅོས་འབད་དོ�\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: ས་སྒོ་ཚུ་རིང་དྲགས་པས�\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: -a ཟུར་རྟགས་འདི་ -Gཟུར་རྟགས་དང་གཅིག་�ར་ར�ྱངམ་ཅིག་ཆོག\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: གྲལ་�ིག་ %d: གྲལ་�ིག་རིང་དྲགས་པས�\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: གྲལ་�ིག་ %d: ཆོག་ཡིག་གསརཔ་ བརླག་སྟོར་ཞུགས་པ�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: �ེ་དབང་(%s)ཚུ་བཀོག་ནིའི་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: སྡེ་ཚན་ %sམེད�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: གྲལ་�ིག་ %d: �ོ་བཀོད་དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: འཛོལ་བ་ས�ྱོན་འཛིན་འབད་ཡི་ བསྒྱུར་བཅོས་ཚུ་སྣང་མེད་བཞག་ཡི�\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: ལག་ལེན་པ་  %sའདི་ མེད�\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: ལག་ལེན་པ་  %sའདི་ མེད�\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "ནང་བས�ྱོད་ཀྱི་ཤལ�"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "�ྱོད་ཀྱིས་ %sགི་དོན་ལུ་ ཤལ་བསྒྱུར་བཅོས་མི་འབད�་འོང་�\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "%sགི་དོན་ལུ་ ནང་བས�ྱོད་ཤལ་ བསྒྱུར་བཅོས་འབད་དོ�\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: ནུས་མེད་ཀྱི་�ོ་བཀོད་:%s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s འདི་ནུས་མེད་ཀྱི་ཤལ་ཨིན�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: ལག་ལེན་པ་  %sའདི་ མེད�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: ཉེན་བརྡ་: %s འདི་ %s གིས་ བདག་དབང་བཟུངམ་མེན�\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: རེ་བ་མ་བས�ྱེད་པའི་སྒྲུབ་རྟགས་:%s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: སྣོད་�ོ་ %s གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "ནང་བས�ྱོད་       མང་མ�འི་མཇུག་མ�འ་འ�ུས་ཤོར་                   ཨཱོན� \n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds གཡོན་]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds ལྡེ་མིག་]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: སྣོད་�ོ་ %s གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: �ེ་དབང་(%s)ཚུ་བཀོག་ནིའི་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: སྣོད་�ོ་ %s གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "མ་ཤེས་པའི་ལག་ལེན་པ་:%s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: སྣོད་�ོ་ %s འདི་ %s ལུ་ བས�ྱར་མིང་བ�གས་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: �ེ་དབང་(%s)ཚུ་བཀོག་ནིའི་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "%sགི་དོན་ལུ་ ཆོག་ཡིག་སོར་མི་ཚུགས�\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "%sགི་དོན་ལུ་ ཆོག་ཡིག་སོར་མི་ཚུགས�\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: -Aགི་དོན་ལུ་ གྱིབ་མའི་སྡེ་ཚན་ཆོག་ཡིག་ཚུ་དགོ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: སྡེ་ཚན་ %sམེད�\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: �་སྤེལ་བ་འ�ུས་ཤོར་:%s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "སྡེ་ཚན་ %sགི་དོན་ལུ་ ཆོག་ཡིག་སོར་དོ�\n"
+
+msgid "New Password: "
+msgstr "ཆོག་ཡིག་གསརཔ་:"
+
+msgid "Re-enter new password: "
+msgstr "ཆོག་ཡིག་གསརཔ་ ལོག་བཙུགས་:"
+
+msgid "They don't match; try again"
+msgstr "དེ་ཚུ་མ�ུན་སྒྲིག་མིན་འདུག་ དོ་རུང་འབད་རྩོལ་བས�ྱེད�"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: དོ་རུང་ཤུལ་ལས་འབད་རྩོལ་བས�ྱེད�\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "སྡེ་ཚན་ %sལུ་ ལག་ལེན་པ་ %s�་ས�ོང་འབད་དོ�\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "སྡེ་ཚན་ %sནང་ལས་ ལག་ལེན་པ་ %sརྩ་བས�ྲད་ག�ང་དོ�\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: ལག་ལེན་པ་  %sའདི་ མེད�\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: ཊི་ཊི་�འི་མེན�\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s འདི་ ནུས་ཅན་གྱི་སྡེ་ཚན་མིང་མེན་པས�\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "ནུས་མེད་སྡེཚན་གྱི་མིང་ '%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K གིས་ ལྡེ་མིག་=བེ་ལུ་ དགོཔ་ཨིན�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: སྡེ་ཚན་ %sཡོདཔ་ཨིན�\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: �ྱོད་ཀྱི་ལག་ལེན་པའི་མིང་ ག�ན་འབེབས་བཟོ་མི་ཚུགས�\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: སྣོད་�ོ་ %s འདི་ %s ལུ་ བས�ྱར་མིང་བ�གས་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: ཨེན་ཨའི་ཨེསི་ ཞབས་�ོག་སྤྱོད་མི་གུ་ ལག་ལེན་པ་ '%s' བསྒྱུར་བཅོས་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: སྡེ་ཚན་ %sམེད�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: སྡེ་ཚན་ '%s' འདི་ ཨེན་ཨའི་ཨེསི་སྡེ་ཚན་ཨིན�\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %sའདི་ ཨེན་ཇི་ཨེསི་ ཨམ་ཨིན�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: ལག་ལེན་པ་ %sའདི་ ཨེན་ཨའི་ཨེསི་ ལག་ལེན་པ་ཅིག་ཨིན�\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: དུས་མ�ུན་སྡེ་ཚན་ནང་ལུ་ དྲན་ཚད་ལས་བརྒལ་བ�\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "ནུས་མེད་སྡེཚན་གྱི་མིང་ '%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: སྡེ་ཚན་ %s འདི་ ཨེན་ཇི་ཨེསི་ སྡེ་ཚན་ཨིན�\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: མ་ཤེས་པའི་ལག་ལེན་པ་%s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s དང་ -r གཉིས་མ�ུན་འགྱུར་ཅན་མེན�\n"
+
+msgid "invalid group file entry"
+msgstr "ནུས་མེད་སྡེ་ཚན་�ོ་བཀོད�"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "གྲལ་�ིག་ '%s'བ�ོན་ག�ང་ནི་ཨིན་ན?"
+
+msgid "duplicate group entry"
+msgstr "སྡེ་ཚན་�ོ་བཀོད་ བརྫུན་མ་བཟོ�"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "ནུས་མེད་སྡེཚན་གྱི་མིང་ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "ནུས་མེད་སྡེཚན་གྱི་མིང་ '%s'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "སྡེ་ཚན་ %s: ལག་ལེན་པ་ %sམེད�\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "ཨང་གྲངས་ '%s' བ�ོན་ག�ང་ནི་ཨིན་ན?"
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "%sནང་ མ�ུན་སྒྲིག་སྡེ་ཚན་གྱི་ཡིག་སྣོད་�ོ་བཀོད་མེད�\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "%sནང་ སྡེ་ཚན་ '%s' �་ས�ོང་འབད་ནི་ཨིན་ན?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "ནུས་མེད་གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་�ོ་བཀོད�"
+
+msgid "duplicate shadow group entry"
+msgstr "ངོ་བཤུས་གྱིབ་མའི་སྡེ་ཚན་�ོ་བཀོད�"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "གྱིབ་མའི་སྡེ་ཚན་%s: བདག་ས�ྱོང་གི་ལག་ལེན་པ་ %sམེད�\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "བདག་ས�ྱོང་གི་ཨང་གྲངས་ '%s' བ�ོན་ག�ང་ནི་ཨིན་ན?"
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "གྱིབ་མའི་སྡེ་ཚན་%s: ལག་ལེན་པ་%sམེད�\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: ཡིག་སྣོད་ཚུ་དུས་མ�ུན་བཟོ་ཡི�\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: སོར་ནི་མེད�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: ཡིག་སྣོད་ %sའདི་ དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "ལག་ལེནཔ་:id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "ལག་ལེན་པ་: id\n"
+
+msgid " groups="
+msgstr "སྡེ་ཚན་="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr "ལག་ལེན་པའི་མིང་         འདྲེན་ལམ་     ལས་             མཇུག་མ�འ�"
+
+msgid "Username                Port     Latest"
+msgstr "ལག་ལེན་པའི་མིང་                འདྲེན་ལམ་    མཇུག་མ�འ�"
+
+msgid "**Never logged in**"
+msgstr "**ནམ་ཡང་ནང་བས�ྱོད་མ་འབད་**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: སྣོད་�ོ་ %s གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་ དུས་མ�ུན་བཟོ་མ་ཚུགས�\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "ལག་ལེན་: %s [-p] [མིང་]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h host] [-f name]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "ནུས་མེད་ནང་བས�ྱོད་ཀྱི་དུས་ཚོད�"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"རྒྱུན་ལས་རྒྱུན་ས�ྱོང་གི་དོན་ལུ་ རིམ་ལུགས་�་བསྡམས་ཅི�"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[མ�ུད་བ�ོག་ཟུར་�ེ་འགྱོ་ཡོདཔ་ --རྩ་བའི་ནང་བས�ྱོད་མི་ཆོག]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"utmp�ོ་བཀོད་མིན་འདུག �ྱོད་ཀྱིས་ གནས་རིམ་དམའ་ཤོས་\"sh\"གི་ནང་ལས་ \"login\"ལག་ལེན་འ�བ་དགོ"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"%d ས�ར་ཆག་གི་ཤུལ་མར་ ནང་བས�ྱོད་ངལ་མཚམས་བྱུང་ཡོདཔ�\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "ནང་བས�ྱོད་: པི་ཨེ་ཨེམ་འ�ུས་ཤོར་ བར་བཤོལ་དོ་: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s ནང་བས�ྱོད་: "
+
+msgid "login: "
+msgstr "ནང་བས�ྱོད་: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "འབད་རྩོལ་གྱི་ཨང་གྲངས་མང་མ�འ་ལྷག་ཡོདཔ་(%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "ནང་བས�ྱོད་:པི་ཨུ་ཨེམ་གྱིས་ཞུ་ཡོད་པའི་བར་བཤོལ�\n"
+
+msgid "Login incorrect"
+msgstr "ནང་བས�ྱོད་བདེན་མེད�"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: གྲལ་�ིག་ %d:ལག་ལེན་པ་ %sའཚོལ་མི་ཚུགས�\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s ནང་བས�ྱོད་: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: �་སྤེལ་བ་འ�ུས་ཤོར་:%s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "ཉེན་བརྡ་:གནས་ས�བས་ལྡེ་མིག་བར�ྱབས་པའི་ཤུལ་ལུ་ ལོག་སྟེ་ནང་བས�ྱོད་ལྕོགས་ཅན་བཟོ་ཡོདཔ�"
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "མཇུག་གི་ནང་བས�ྱོད་: %s གུ་ %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "མཇུག་གི་ནང་བས�ྱོད་: %.19s གུ་ %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " %.*sལས�"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"ནང་བས�ྱོད་དུས་ཚོད་ལྷག་ཡོདཔ�\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "ལག་ལེན་པ་: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "ལག་ལེན་: newgrp [-][ སྡེ་ཚན་]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "ལག་ལེན་: sg group [[-c]བརྡ་བཀོད་ ]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: �ེ་དབང་(%s)ཚུ་བཀོག་ནིའི་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "ཆོག་ཡིག་རྙིངམ་:"
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: �་སྤེལ་བ་འ�ུས་ཤོར་:%s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: ལག་ལེན་པ་  %sའདི་ མེད�\n"
+
+msgid "too many groups\n"
+msgstr "སྡེ་ཚན་མང་དྲགས་པ�\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: སྡེ་ཚན་ %sམེད�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: ནུས་མེད་ལག་ལེན་པའི་མིང་ '%s'�\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: ནུས་མེད་ལག་ལེན་པའི་མིང་ '%s'�\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s:གྲལ་�ིག་%d: ནུས་མེད་གྲལ་�ིག་\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: ལག་ལེན་པ་%sགི་དོན་ལུ་ �ོ་བཀོད་དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: གྲལ་�ིག་ %d: ཇི་ཨའི་ཌི་ གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: གྲལ་�ིག་ %d: ཇི་ཨའི་ཌི་ གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: ལག་ལེན་པ་  %sའདི་ མེད�\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: གྲལ་�ིག་ %d: ཆོག་ཡིག་དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: གྲལ་�ིག་ %d: mkdir འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: གྲལ་�ིག་ %d: chown འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: གྲལ་�ིག་ %d: �ོ་བཀོད་དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: �ེ་དབང་(%s)ཚུ་བཀོག་ནིའི་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: %sགསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "ཆོག་ཡིག་རྙིངམ་:"
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr "ཆོག་ཡིག་གསརཔ་བཙུགས་(%d གི་ཉུང་མ�འ་ %dཡིག་འབྲུའི་མང་མ�འ་)�\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr "ཆོག་ཡིག་གསརཔ་བཙུགས་(%d གི་ཉུང་མ�འ་ %dཡིག་འབྲུའི་མང་མ�འ་)�\n"
+
+msgid "New password: "
+msgstr "ཆོག་ཡིག་གསརཔ་:"
+
+#, fuzzy
+msgid "Try again."
+msgstr "ལོག་འབད་རྩོལ་བས�ྱེད་:"
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"ཉེན་བརྡ་:ནུས་མེད་ཀྱི་ཆོག་ཡིག་(ག་དེ་ཨིན་རུང་ལག་ལེན་འ�བ་ནིའི་དོན་ལས་ ལོག་བཙུགས་)�"
+
+msgid "They don't match; try again.\n"
+msgstr "དེ་ཚུ་མ�ུན་སྒྲིག་མིན་འདུག་ ལོག་འབད་རྩོལ་བས�ྱེད�\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "%sགི་དོན་ལུ་ ཆོག་ཡིག་སོར་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "%sགི་དོན་ལུ་ ཆོག་ཡིག་སོར་མི་ཚུགས�\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: མཛོད་གནས་ %sའདི་ རྒྱབ་ས�ྱོར་མ་འབད་བས�\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: �ྱོད་ཀྱིས་  %sགི་དོན་ལུ་ ཆོག་ཡིག་བརྡ་དོན་མ་བལྟ་འོང་ ཡང་ན་ ལེགས་བཅོས་མ་འབད�་འོང་�\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "%sགི་དོན་ལུ་ ཆོག་ཡིག་སོར་དོ�\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr " %sགི་དོན་ལུ་ ཆོག་ཡིག་འདི་མ་སོར་བས�\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "ཆོག་ཡིག་སོར་ཡོདཔ�"
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "ཆོག་ཡིག་དུས་ཡོལ་ཉེན་བརྡ�"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "ནུས་མེད་ཀྱི་ཆོག་ཡིག་ཡིག་སྣོད་�ོ་བཀོད�"
+
+msgid "duplicate password entry"
+msgstr "ཆོག་ཡིག་�ོ་བཀོད་རྫུན་མ�"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "ནུས་མེད་ལག་ལེན་པའི་མིང་ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "ནུས་མེད་ལག་ལེན་པའི་མིང་ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "ལག་ལེན་པ་ %s: སྡེ་ཚན་ %uམེད�\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "ལག་ལེན་པ་ %s: སྣོད་�ོ་ %s མེད�\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "ལག་ལེན་པ་ %s: ལས་རིམ་%s མེད�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: སྣོད་�ོ་ %s གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: སྣོད་�ོ་ %s གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: སྣོད་�ོ་ %s གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: ཡིག་སྣོད་ %sའདི་ ལྡེ་མིག་བར�ྱབ་མི་ཚུགས�\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "%sནང་ མ�ུན་སྒྲིག་ཡོད་པའི་ཆོག་ཡིག་ཡིག་སྣོད་�ོ་བཀོད་མེད�\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "%sནང་ ལག་ལེན་པ་ '%s' �་ས�ོང་འབད་ནི་ཨིན་ན?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "ནུས་མེད་གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་�ོ་བཀོད�"
+
+msgid "duplicate shadow password entry"
+msgstr "གྱིབ་མའི་ཆོག་ཡིག་�ོ་བཀོད་རྫུན་མ�"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "ལག་ལེན་པ་ %s: མ་འོངས་པ་ནང་ མཇུག་གི་ཆོག་ཡིག་སོར་ནི�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: ཡིག་སྣོད་%s �་ཕྱེ་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: ཡིག་སྣོད་ལོག་འབྲི་མི་ཚུགས�\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "རྩིས་�ོ་དེ་ལུ་ ཟླ་ལུ་འཛུལ་སྤྱོད་འབད་ནི་ ཉན་མ་བ�ུབ་པས�\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "ཆོག་ཡིག་བདེན་བཤད་ཟུར་ལས་འགྱོ་ཡོདཔ�\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "�ྱོད་རའི་ཆོག་ཡིག་འདི་ བདེན་བཤད་སྦེ་བཙུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: ཡིག་སྣོད་ %sའདི་ ལྡེ་མིག་བར�ྱབ་མི་ཚུགས�\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"ལག་ལེན་: ཟླ་ [གདམ་�་ཚུ་] [ནང་བས�ྱོད་]\n"
+"\n"
+"གདམ་�་ཚུ་:\n"
+"  -c, --command COMMAND\t\t ལས་བཀོལ་འབད་ཡོད་པའི་ཤལ་ལུ་ བརྡ་བཀོད་རྩིས་སྤྲོད་འབད�\n"
+"  -h, --help\t\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འ�ོན་འབད�\n"
+"  -, -l, --login\t\t ཤལ་འདི་ ནང་བས�ྱོད་ཤལ་བཟོ�\n"
+"  -m, -p,\n"
+"  --preserve-environment\t མ�འ་འ�ོར་འགྱུར་ཅན་ཚུ་ སླར་གཞི་སྒྲིག་མ་འབད་དགོཔ་དང་ \n"
+"\t\t\t\tཤལ་ཅོག་འ�དཔ་སྦེ་བཞག\n"
+"  -s, --shell SHELL\t\t ཆོག་ཡིག་ནང་ སྔོན་སྒྲིག་གི་ཚབ་ལུ་ ཤལ་ལག་ལེན་འ�བ�\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(སྣང་མེད་བཞག་ཡོདཔ་)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "�ྱོད་ ཟླ་%sལུ་ དབང་སྤྲོད་མ་འབད�\n"
+
+msgid "(Enter your own password)"
+msgstr "(�ྱོད་རའི་ཆོག་ཡིག་ར�ྱངམ་ཅིག་བཙུགས་)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: པི་ཨེ་ཨེམ་ བདེན་བཤད་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "�ྱོད་ ཟླ་%sལུ་ དབང་སྤྲོད་མ་འབད�\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "'རྩ་བ་'གི་དོན་ལུ་ ཆོག་ཡིག་�ོ་བཀོད་མེད�"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: ཊར་མི་ནཱལ་ལས་གཡོག་བཀོལ་དགོ\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start:འཛོལ་བ་%d(_s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: སྣོད་�ོ་ %s འདི་ %s ལུ་ བས�ྱར་མིང་བ�གས་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "%sལག་ལེན་འ�བ་མི་ཚུགས�"
+
+msgid "No password file"
+msgstr "ཆོག་ཡིག་ཡིག་སྣོད་མེད�"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "'རྩ་བ་'གི་དོན་ལུ་ ཆོག་ཡིག་�ོ་བཀོད་མེད�"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"སྤྱིར་བ�ང་འགོ་བཙུགས་ཀྱི་�ོག་ལས་ འཕྲོ་མ�ུད་ནིའི་དོན་ལུ་ ཚད་འཛིན་-ཌི་ ཡིག་དཔར་ར�ྱབས་\n"
+"(ཡང་ན་ རིམ་ལུགས་རྒྱུན་ས�ྱོང་གི་དོན་ལུ་ རྩ་བའི་ཆོག་ཡིག་ཅིག་བྱིན་):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "རིམ་ལུགས་རྒྱུན་ས�ྱོང་�བས་ལམ་བཙུགས་དོ�"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: སྔོན་སྒྲིག་ཡིག་སྣོད་གསརཔ་ གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: སྔོན་སྒྲིག་ཡིག་སྣོད་གསརཔ་ �་ཕྱེ་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: གྲལ་�ིག་ %d: chown འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: སྣོད་�ོ་ %s གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: བས�ྱར་མིང་བ�གས་:%s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: སྡེ་ཚན་ '%s' འདི་ ཨེན་ཨའི་ཨེསི་སྡེ་ཚན་ཨིན�\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: སྡེ་ཚན་མང་རབས་ཅིག་གསལ་བཀོད་འབད་ཡོདཔ་(མང་མ�འ་ %d)�\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: ནུས་མེད་གཞི་རྟེན་སྣོད་�ོ་'%s'�\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: ནུས་མེད་བསམ་བཀོད་ '%s'�\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: ནུས་མེད་�ྱིམ་གྱི་སྣོད་�ོ་  '%s'�\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: -e ལུ་དགོས་མ�ོ་ཡོད་པའི་གྱིབ་མའི་ཆོག་ཡིག་ཚུ�\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: -f  ལུ་དགོས་མ�ོ་ཡོད་པའི་གྱིབ་མའི་ཆོག་ཡིག་ཚུ�\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: ནུས་མེད་ཀྱི་ས་སྒོ་ '%s'�\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: ནུས་མེད་ཤལ་ '%s'�\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: �ེ་དབང་(%s)ཚུ་བཀོག་ནིའི་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: སྣོད་�ོ་ %s གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+msgid "Creating mailbox file"
+msgstr "ཡིག་སྒྲོམ་ཡིག་སྣོད་ གསར་བས�ྲུན་འབད་དོ�"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"སྡེ་ཚན་'mail' མ་�ོབ� ༠༦༠༠ �བས་ལམ་དང་བཅས་ ལག་ལེན་པའི་ཡིག་སྒྲ྄ོམ་ཡིག་སྣོད་ གསར་བས�ྲུན་འབད་དོ�\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "ཡིག་སྒྲོམ་ཡིག་སྣོད་གྱི་གནང་བ་ གཞི་སྒྲིག་འབད་དོ�"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: ལག་ལེན་པ་ %sཡོདཔ་ཨིན�\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: སྡེ་ཚན་%s ཡོདཔ་ཨིན་-�ྱོད་ཀྱིས་ ལག་ལེན་པ་འདི་སྡེ་ཚན་དེ་ནང་ �་ས�ོང་བར�ྱབ་ནི་ཨིན་པ་ཅིན་ -g ལག་"
+"ལེན་འ�བ�\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: %sགསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: ཡུ་ཨའི་ཌི་ %uའདི་ �ུན་མོང་མེན�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: སྣོད་�ོ་ %s གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: %sགསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: %sགསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: %sགསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: ཉེན་བརྡ་:�ྱིམ་གྱི་སྣོད་�ོ་འདི་ཧེ་མ་ལས་རང་ཡོདཔ་ཨིན�\n"
+"འདི་ནང་ལུ་ སི་ཀེལ་སྣོད་�ོ་ནང་ལས་ ཡིག་སྣོད་ག་ཅི་ཡང་འདྲ་བཤུས་མ་བར�ྱབ་ནི�\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: ཨེན་ཨའི་ཨེསི་ ཞབས་�ོག་སྤྱོད་མི་གུ་ ལག་ལེན་པ་ '%s' བསྒྱུར་བཅོས་འབད་མི་ཚུགས�\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: ལག་ལེན་པ་གཞན་གྱི་དོན་ལུ་ གཞི་རིམ་སྡེ་ཚན་ཅིག་ཨིན་མི་སྡེ་ཚན་ %sའདི་ རྩ་བས�ྲད་ག�ང་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: སྣོད་�ོ་ %s འདི་ %s ལུ་ བས�ྱར་མིང་བ�གས་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: ནུས་མེད་�ྱིམ་གྱི་སྣོད་�ོ་  '%s'�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: ཉེན་བརྡ་:རྩ་བས�ྲད་ག�ང་མི་ཚུགས�"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %sགིས་བདག་དབང་མ་བཟུང་མི་ %sའདི་ རྩ་བས�ྲད་ག�ང་ནི་མེད�\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: �ེ་དབང་(%s)ཚུ་བཀོག་ནིའི་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: སྣོད་�ོ་ %s འདི་ %s ལུ་ བས�ྱར་མིང་བ�གས་མི་ཚུགས�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: སྣོད་�ོ་ %s འདི་ %s ལུ་ བས�ྱར་མིང་བ�གས་མི་ཚུགས�\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: ལག་ལེན་པ་ %sའདི་ ཨེན་ཨའི་ཨེསི་ ལག་ལེན་པ་ཅིག་ཨིན�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: ནུས་མེད་�ྱིམ་གྱི་སྣོད་�ོ་  '%s'�\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: སྣོད་�ོ་ %sའདི་ རྩ་བས�ྲད་ག�ང་ནི་མེད་(ལག་ལེན་པ་%sགི་�ྱིམ་འདི་ རྩ་བས�ྲད་ག�ང་འོང་)�\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: སྣོད་�ོ་%s རྩ་བས�ྲད་ག�ང་པའི་ས�བས་ལུ་ འཛོལ་བ�\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: ལག་ལེན་པ་ %sཡོདཔ་ཨིན�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: ནུས་མེད་ཚེས་གྲངས་  '%s'�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: ནུས་མེད་ཚེས་གྲངས་  '%s'�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: ཡིག་སྣོད་%s �་ཕྱེ་མི་ཚུགས�\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: -e aདང་ -f གཉིས་ལུ་དངོས་མ�ོ་ཡོད་པའི་གྱིབ་མའི་ཆོག་ཡིག་ཚུ�\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: སྣོད་�ོ་  %sའདི་ཡོདཔཨིན�\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: སྣོད་�ོ་ %s གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: ཉེན་བརྡ་: �ྱིམ་གྱི་སྣོད་�ོ་%sརྙིངམ་འདི་ མ�ར་འ�ྱོལ་སྦེ་རྩ་བས�ྲད་ག�ང་ནི་ལུ་ འ�ུས་ཤོར་བྱུང་ཡོདཔ�"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: སྣོད་�ོ་ %s འདི་ %s ལུ་ བས�ྱར་མིང་བ�གས་མི་ཚུགས�\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: ཉེན་བརྡ་: %s འདི་ %s གིས་ བདག་དབང་བཟུངམ་མེན�\n"
+
+msgid "failed to change mailbox owner"
+msgstr "ཡིག་སྒྲོམ་བདག་པོ་སོར་ནི་ལུ་ འ�ུས་ཤོར་བྱུང་ཡོདཔ�"
+
+msgid "failed to rename mailbox"
+msgstr "ཡིག་སྒྲོམ་གྱི་བས�ྱར་མིང་བ�གས་ནི་ལུ་ འཛོལ་བ�"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: �ེ་དབང་(%s)ཚུ་བཀོག་ནིའི་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: �ེ་དབང་(%s)ཚུ་བཀོག་ནིའི་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: �ེ་དབང་(%s)ཚུ་བཀོག་ནིའི་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: �ེ་དབང་(%s)ཚུ་བཀོག་ནིའི་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: �ེ་དབང་(%s)ཚུ་བཀོག་ནིའི་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %sའདི་ བསྒྱུར་བཅོས་མ་འབད་བས�\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "ཡིག་སྒྲོམ་གྱི་བས�ྱར་མིང་བ�གས་ནི་ལུ་ འཛོལ་བ�"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: �ེ་དབང་(%s)ཚུ་བཀོག་ནིའི་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "ཡིག་སྣོད་ལྡེ་མིག་བར�ྱབས་མ་ཚུགས�"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: �ེ་དབང་(%s)ཚུ་བཀོག་ནིའི་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+msgid "Couldn't lock file"
+msgstr "ཡིག་སྣོད་ལྡེ་མིག་བར�ྱབས་མ་ཚུགས�"
+
+msgid "Couldn't make backup"
+msgstr "རྒྱབ་�ག་བཟོ་མ་ཚུགས�"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s:  /etc/passwd ནང་ལུ་ %s མ་�ོབ�\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+msgid "failed to open scratch file"
+msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ �་ཕྱེ་མ་ཚུགས�\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: ས་སྒོ་ཚུ་རིང་དྲགས་པས�\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "ཡིག་སྒྲོམ་གྱི་བས�ྱར་མིང་བ�གས་ནི་ལུ་ འཛོལ་བ�"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "ཡིག་སྒྲོམ་བདག་པོ་སོར་ནི་ལུ་ འ�ུས་ཤོར་བྱུང་ཡོདཔ�"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "ཡིག་སྒྲོམ་གྱི་བས�ྱར་མིང་བ�གས་ནི་ལུ་ འཛོལ་བ�"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: %sསོར་ཆུད་འབད་མ་ཚུགས་: %s (�ྱོད་ཀྱི་བསྒྱུར་བཅོས་ཚུ་ %sནང་ཨིན་)�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: ནུས་མེད་གཞི་རྟེན་སྣོད་�ོ་'%s'�\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་:chage[གདམ་�་ཚུ་]user\n"
+#~ "\n"
+#~ "གདམ་�་ཚུ་:\n"
+#~ "   -d, ---lastday LAST_DAY\t མཇུག་མམ་གྱི་ཆོག་ཡིག་འདི་ LAST_DAYལུ་ བསྒྱུར་བཅོས་གཞི་སྒྲིག་"
+#~ "འབད�\n"
+#~ "   -E, --expiredate EXPIRE_DATE\t རྩིས་�ོའི་དུས་ཡོལ་ཚེས་གྲངས་འདི་ཚུ་ EXPIRE_DATE ལུ་ "
+#~ "བསྒྱུར་བཅོས་གཞི་སྒྲིག་འབད�\n"
+#~ "   -h, --help\t\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་ བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འ�ོན་འབད�\n"
+#~ "   -I, --inactive INACTIVE\t དུས་ཡོལ་ \n"
+#~ "\t\t\t\tto INACTIVE གི་ཤུལ་མ་ཆོག་ཡིག་ནུས་མེད་འདི་ གཞི་སྒྲིག་འབད�\n"
+#~ "   -l, --list\t\t\t རྩིས་�ོ་རྒས་པའི་བརྡ་དོན་ སྟོན�\n"
+#~ "   -m, --mindays MIN_DAYS\t ཉིན་གྲངས་ཉུང་མ�འ་འདི་ཚུ་ ཆོག་ཡིག་\n"
+#~ "\t\t\t\tགི་ཧེ་མར་ MIN_DAYSལུ་བསྒྱུར་བཅོས་ གཞི་སྒྲིག་འབད�\n"
+#~ "   -M, --maxdays MAX_DAYS\t ཉིན་གྲངས་མང་མ�འ་འདི་ཚུ་ ཆོག་ཡིག་\n"
+#~ "\t\t\t\tགི་ཧེ་མར་ MAX_DAYSལུ་ བསྒྱུར་བཅོས་ གཞི་སྒྲིག་འབད�\n"
+#~ "   -W, --warndays WARN_DAYS\t དུས་ཡོལ་ཉེན་བརྡའི་ཉིནམ་འདི་ཚུ་ WARN_DAYSལུ་ གཞི་སྒྲིག་"
+#~ "འབད�\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: པི་ཨེ་ཨེམ་ བདེན་བཤད་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "ལག་ལེན་:%s[-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] user]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr "ལག་ལེན་:%s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "ལག་ལེན་: chpasswd [གདམ་�་ཚུ་]\n"
+#~ "\n"
+#~ "གདམ་�་ཚུ་:\n"
+#~ "  -e, --encrypted\t བཀྲམ་སྤེལ་འབད་ཡོད་པའི་ཆོག་ཡིག་ཚུ་ གསང་བཟོས་མ་འབད་ཡོདཔ�\n"
+#~ "  -h, --help\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་ བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འ�ོན་འབད�\n"
+#~ "  -m, --md5\t\t བཀྲམ་སྤེལ་འབད་ཡོད་པའི་\t\t\tཆོག་ཡིག་ཚུ་ གསང་བཟོས་མ་ཡིན་པའི་ས�བས་ལུ་ ཌི་"
+#~ "ཨི་ཨེསི་གི་ཚབ་ལུ་ ཨེབ་ཌི་ ༥ གསང་བཟོ་ ལག་ལེན་འ�བ�\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་: userdel [གདམ་�་ཚུ་] ནང་བས�ྱོད་\n"
+#~ "\n"
+#~ "གདམ་�་ཚུ་:\n"
+#~ "  -f, --force\t\t\t  ལག་ལེན་པ་གིས་བདག་དབང་མ་བཟུང་སྟེ་འབད་རུང་ ཡིག་སྣོད་བང་བཙོང་སྟེ་རྩ་"
+#~ "བས�ྲད་ག�ང་�\n"
+#~ "  -h, --help\t\t\t  གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འ�ོན་འབད�\n"
+#~ "  -r, --remove\t\t\t  �ྱིམ་གྱི་སྣོད་�ོ་དང་ཡིག་འཕྲིན་འཕྲལ་གསོག་རྩ་བས�ྲད་ག�ང་�\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "ལག་ལེན་: དུས་ཡོལ་{-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: ཡིག་སྣོད་%s �་ཕྱེ་མི་ཚུགས�\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "ལག་ལེན་:groupdel སྡེ་ཚན�\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "ལག་ལེན་:%s [-r] [-s] [group [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "ལག་ལེན་: %s [-r] [-s] [སྡེ་ཚན་]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s དང་ -r གཉིས་མ�ུན་འགྱུར་ཅན་མེན�\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "ལག་ལེན་:groupdel སྡེ་ཚན�\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "ལག་ལེན་:groupdel སྡེ་ཚན�\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་: lastlog [གདམ་�་ཚུ་]\n"
+#~ "\n"
+#~ "གདམ་�་ཚུ་:\n"
+#~ "  -b, --before DAYS\t ཉིན་གྲངས་ལས་རྙིང་པའི་lastlogདྲན་�ོ་ཚུ་ར�ྱངམ་ཅིག་ དཔར་བས�ྲུན་འབད�\n"
+#~ "  -h, --help\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འ�ོན་འབད�\n"
+#~ "  -t, --time DAYS\t ཉིན་གྲངས་ལས་ལྷག་པའི་འཕྲལ་གྱི་ lastlogདྲན་�ོ་ཚུ་ར�ྱངམ་ཅིག་ དཔར་བས�ྲུན་"
+#~ "འབད�\n"
+#~ "  -u, ---user LOGIN\t ལག་ལེན་པའི་དོན་ལུ་ གསལ་བཀོད་འབད་ཡོད་པའི་ནང་བས�ྱོད་དང་བཅས་ "
+#~ "lastlog དྲན་�ོ་ དཔར་བས�ྲུན་འབད�\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་: passwd [གདམ་�་ཚུ་] [ནང་བས�ྱོད་]\n"
+#~ "\n"
+#~ "གདམ་�་ཚུ་:\n"
+#~ "  -a, --all\t\t\t རྩིས་�ོ་ཆ་མཉམ་གྱི་གུ་ ཆོག་ཡིག་གནས་ཚད་ སྙན་ཞུ་འབད�\n"
+#~ "  -d, --delete\t\t\t མིང་བ�གས་ཡོད་པའི་རྩིས་�ོའི་དོན་ལུ་ ཆོག་ཡིག་བ�ོན་ག�ང་�\n"
+#~ "  -e, --expire\t\t\t མིང་བ�གས་ཡོད་པའི་རྩིས་�ོའི་དོན་ལུ་ ཆོག་ཡིག་གི་དུས་ཡོལ་བང་བཙོང་�\n"
+#~ "  -h, --help\t\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འ�ོན་འབད�\n"
+#~ "  -k, --keep-tokens\t\t དུས་ལས་ཡོལ་སོང་པ་ཅིན་ར�ྱངམ་ཅིག་ ཆོག་ཡིག་སོར�\n"
+#~ "  -i, --inactive INACTIVE\t ཆོག་ཡིག་འདི་ནུས་མེད་ལུ་ དུས་ཡོལ་\n"
+#~ "\t\t\t\t གི་ཤུལ་མར་ ནུས་མེད་སྦེ་གཞི་སྒྲིག་འབད�\n"
+#~ "  -l, --lock\t\t\t མིང་བ�གས་ཡོད་པའི་རྩིས་�ོ་ ལྡེ་མིག་ར�ྱབས�\n"
+#~ "  -n, --mindays MIN_DAYS\t ཆོག་ཡིག་ \n"
+#~ "\t\t\t\tའདི་ MIN_DAYSལུ་མ་བསྒྱུར་བའི་ཧེ་མ་ ཉིན་གྲངས་ཉུང་མ�འ་གཞི་སྒྲིག་འབད�  -q, --quiet"
+#~ "\t\t\t �ུ་སིམ་སིམ་གྱི་�བས་ལམ�\n"
+#~ "  -r, --repository REPOSITORY\t  REPOSITORYམཛོད་གནས་ནང་ལུ་ ཆོག་ཡིག་སོར�\n"
+#~ "  -s, --status\t\t\t མིང་བ�གས་ཡོད་པའི་རྩིས་�ོའི་གུ་ ཆོག་ཡིག་སྙན་ཞུ་འབད�\n"
+#~ "  -u, --unlock\t\t\t མིང་བ�གས་ཡོད་པའི་རྩིས་�ོ་འདི་ ལྡེ་མིག་ཕྱེ�\n"
+#~ "  -w, --warndays WARN_DAYS\t  WARN_DAYSལུ་ དུས་ཡོལ་ཉེན་བརྡའི་ཉིན་གྲངས་ གཞི་སྒྲིག་"
+#~ "འབད�\n"
+#~ "  -x, --maxdays MAX_DAYS\t ཆོག་ཡིག་ \n"
+#~ "\t\t\t\tའདི་ MAX_DAYSལུ་ བསྒྱུར་བཅོས་མ་འབད་བའི་ཧེ་མ་ ཉིན་གྲངས་ཉུང་མ�འ་ གཞི་སྒྲིག་འབད�\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "ལག་ལེན་:%s [-q] [-r] [-s] [passwd [གྱིབ་མ་]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "ལག་ལེན་:%s [-q] [-r] [-s] [passwd [གྱིབ་མ་]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "ལག་ལེན་པ་: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "ལག་ལེན་པ་: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "མ་ཤེས་པའི་ཨའི་ཌི་:%s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "ཤལ་མེད�\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་: userdel [གདམ་�་ཚུ་] ནང་བས�ྱོད་\n"
+#~ "\n"
+#~ "གདམ་�་ཚུ་:\n"
+#~ "  -f, --force\t\t\t  ལག་ལེན་པ་གིས་བདག་དབང་མ་བཟུང་སྟེ་འབད་རུང་ ཡིག་སྣོད་བང་བཙོང་སྟེ་རྩ་"
+#~ "བས�ྲད་ག�ང་�\n"
+#~ "  -h, --help\t\t\t  གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འ�ོན་འབད�\n"
+#~ "  -r, --remove\t\t\t  �ྱིམ་གྱི་སྣོད་�ོ་དང་ཡིག་འཕྲིན་འཕྲལ་གསོག་རྩ་བས�ྲད་ག�ང་�\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: ལག་ལེན་པ་  %sའདི་ ད་ལྟོ་རང་ནང་བས�ྱོད་འབད་ཡི�\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "ལག་ལེན་: usermod [གདམ་�་ཚུ་] ནང་བས�ྱོད་\n"
+#~ "\n"
+#~ "གདམ་�་ཚུ་:\n"
+#~ "  -a, --append GROUP\t\t  ལྷན་�བས་སྡེ་ཚན་ལུ་ ལག་ལེན་པ་མཇུག་བསྣོད་འབད� \n"
+#~ "  -c, --comment COMMENT\t\t  ཇི་ཨི་སི་ཨོ་ཨེསི་ ས་སྒོའི་བེ་ལུ་གསརཔ�\n"
+#~ "  -d, --home HOME_DIR\t\t  ལག་ལེན་པའི་རྩིས་�ོ་གསརཔ་གི་དོན་ལུ་ ནང་བས�ྱོད་སྣོད་�ོ་གསརཔ�\n"
+#~ "  -e, --expiredate EXPIRE_DATE\t  EXPIRE_DATEལུ་ རྩིས་�ོའི་དུས་ཡོལ་ཚེས་གྲངས་ གཞི་སྒྲིག་"
+#~ "འབད�\n"
+#~ "  -f, ---inactive INACTIVE\t   INACTIVEལུ་ དུས་ཡོལ་ \n"
+#~ " \t\t\t\tགི་ཤུལ་མ་ ཆོག་ཡིག་ནུས་མེད་སྦེ་ གཞི་སྒྲིག་འབད�\n"
+#~ "  -g, ---gid GROUP\t\t  འགོ་�ོག་ནང་བས�ྱོད་སྡེ་ཚན་གསརཔ་སྦེ་ སྡེ་ཚན་འདི་བང་ཅན་སྦེ་ལག་ལེན་"
+#~ "འ�བ�\n"
+#~ "  -G, --groups GROUPS\t\t  ལྷན་�བས་སྡེ་ཚན་གྱི་�ོ་ཡིག\n"
+#~ "  -h, --help\t\t\t  གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འ�ོན་འབད�\n"
+#~ "  -l, --login LOGIN\t\t  ནང་བས�ྱོད་མིང་གི་བེ་ལུ་གསརཔ�\n"
+#~ "  -L, --lock\t\t\t  ལག་ལེན་པའི་རྩིས་�ོ་ ལྡེ་མིག་ར�ྱབས�\n"
+#~ "  -m, --move-home\t\t  �ྱིམ་གྱི་སྣོད་�ོའི་ནང་དོན་ཚུ་ \n"
+#~ " \t\t\t\t གནས་�ོངས་ (-dདང་ར�ྱངམ་ཅིག་)གསརཔ་ལུ་སྤོ�\n"
+#~ "  -o, --non-unique\t\t  ཡུ་ཨའི་ཌི་ རྫུན་མ་(�ུན་མོང་)ལག་ལེན་གྱི་�ོག་ལས་ འབད་བཅུག\n"
+#~ "  -p, --password PASSWORD\t  ཆོག་ཡིག་གསརཔ་གི་དོན་ལུ་ གསང་བཟོས་ཆོག་ཡིག་ལག་ལེན་འ�བ�\n"
+#~ "  -s, --shell SHELL\t\t  ལག་ལེན་པའི་རྩིས་�ོའི་དོན་ལུ་ ནང་བས�ྱོད་ཤལ་གསརཔ�\n"
+#~ "  -u, --uid UID\t\t\t  ལག་ལེན་པའི་རྩིས་�ོའི་དོན་ལུ་ ཡུ་ཨི་ཌི་གསརཔ�\n"
+#~ "  -U, --unlock\t\t\t  ལག་ལེན་པའི་རྩིས་�ོ་ ལྡེ་མིག་ཕྱེ�\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: ཟུར་རྟགས་ཚུ་གྲ་སྒྲིག་མིན་འདུག\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་: vipw [གདམ་�་ཚུ་]\n"
+#~ "\n"
+#~ "གདམ་�་ཚུ་:\n"
+#~ "  -g, --group\t\t\t  སྡེ་ཚན་གནད་སྡུད་གཞི་རྟེན་ ཞུན་དག་འབད�\n"
+#~ "  -h, --help\t\t\t  གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འ�ོན་འབད�\n"
+#~ "  -p, --passwd\t\t\t  ཆོག་ཡིག་གནད་སྡུད་གཞི་རྟེན་ ཞུན་དག་འབད�\n"
+#~ "  -q, --quiet\t\t\t  �ུ་སིམ་སིམ་གྱི་�བས་ལམ�\n"
+#~ "  -s, --shadow\t\t\t གྱིབ་མ་ ཡང་ན་  gshadowགནད་སྡུད་གཞི་རྟེན་ ཞུན་དག་འབད�\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "ལག་ལེན་: %s [ཨིན་པུཊི་]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: %sགསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: %s chownའབད་མི་ཚུགས�\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་པ་:faillog [གདམ་�་ཚུ་]\n"
+#~ "\n"
+#~ "གདམ་�་ཚུ་:\n"
+#~ "  -a, --all\t\t\t ལག་ལེན་ཆ་མཉམ་གྱི་དོན་ལུ་ faillog དྲན་�ོ་ཚུ་བཀྲམ་སྟོན་འབད�\n"
+#~ "  -h, --help\t\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་ བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འ�ོན་འབད�\n"
+#~ "  -l, --lock-time SEC\t\t ནང་བས�ྱོད་འ�ུས་ཤོར་བྱུང་བའི་ཤུལ་ལུ་ SECདཀར་ཆག་ཚུ་ལུ་ ལྡེ་མིག་"
+#~ "རྩིས་�ོ�\n"
+#~ "  -m, --maximum MAX\t\t MAX ལུ་ འ�ུས་ཤོར་བྱུང་ཡོད་པའི་ནང་བས�ྱོད་གདོང་ལན་ གཞི་སྒྲིག་འབད�\n"
+#~ "  -r, --reset\t\t\t ནང་བས�ྱོད་འ�ུས་ཤོར་ཚུ་གི་གདོང་ལན་ སླར་གཞི་སྒྲིག་འབད�\n"
+#~ "  -t, --time DAYS\t\t   DAYSལས་ལྷག་པའི་འཕྲལ་གྱི་ཕེཡེ་ལོག་དྲན་�ོ་ཚུ་ བཀྲམ་སྟོན་འབད�\n"
+#~ "  -u, --user LOGIN\t\t ཕེ་ཡེ་ལོག་དྲན་�ོ་བཀྲམ་སྟོན་འབད་ ཡངན་ འ�ུས་ཤོར་གདོང་ལན་\n"
+#~ "\t\t\t\tཚུ་ རྒྱུན་ས�ྱོང་འབད�་ཨིནམ་དང་ ལག་ལེན་པའི་དོན་ལུ་ ནང་བས�ྱོད་ཀྱི་�ོག་ལས་ \n"
+#~ "\t\t\t\tར�ྱངམ་ཅིག་ བཅད་མཚམས་( -r, -m ཡང་ན་ -l optionsདང་བཅས་ལག་ལེན་འ�བ་ཡོད་པ་"
+#~ "ཅིན་)བཟོ�་ཨིན�\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་:groupadd [གདམ་�་ཚུ་]སྡེ་ཚན�\n"
+#~ "\n"
+#~ "གདམ་�་ཚུ་:\n"
+#~ "  -f, --force\t\t གསལ་བཀོད་འབད་ཡོད་པའི་ \n"
+#~ "\t\t\t\t སྡེ་ཚན་འདི་ཧེ་མ་ལས་ཡོད་པ་ཅིན་ མ�ར་འ�ྱོལ་གནས་ཚད་ཀྱི་�ོག་ལས་ བང་ཅན་སྦེ་ཕྱིར་འ�ོན་"
+#~ "འབད�\n"
+#~ "  -g, --gid GID\t\t སྡེ་ཚན་གསརཔ་གི་དོན་ལུ་ ཇི་ཨིའ་ཌི་ལག་ལེན་འ�བ�\n"
+#~ "  -h, --help\t\t\t   གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འ�ོན་འབད�\n"
+#~ "  -k, --key KEY=VALUE\t\t /etc/login.defs སྔོན་སྒྲིག་ཚུ་ ཟུར་བཞག་འབད�་ཨིན�\n"
+#~ "  -o, --non-unique\t\t ངོ་བཤུས་ \n"
+#~ " \t\t\t\t(�ུན་མོང་པ་)ཇི་ཨའི་ཌི་དང་བཅས་ སྡེ་ཚན་གསར་བས�ྲུན་འབད་བཅུག\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་:groupadd [གདམ་�་ཚུ་]སྡེ་ཚན�\n"
+#~ "\n"
+#~ "གདམ་�་ཚུ་:\n"
+#~ "  -f, --force\t\t གསལ་བཀོད་འབད་ཡོད་པའི་ \n"
+#~ "\t\t\t\t སྡེ་ཚན་འདི་ཧེ་མ་ལས་ཡོད་པ་ཅིན་ མ�ར་འ�ྱོལ་གནས་ཚད་ཀྱི་�ོག་ལས་ བང་ཅན་སྦེ་ཕྱིར་འ�ོན་"
+#~ "འབད�\n"
+#~ "  -g, --gid GID\t\t སྡེ་ཚན་གསརཔ་གི་དོན་ལུ་ ཇི་ཨིའ་ཌི་ལག་ལེན་འ�བ�\n"
+#~ "  -h, --help\t\t\t   གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འ�ོན་འབད�\n"
+#~ "  -k, --key KEY=VALUE\t\t /etc/login.defs སྔོན་སྒྲིག་ཚུ་ ཟུར་བཞག་འབད�་ཨིན�\n"
+#~ "  -o, --non-unique\t\t ངོ་བཤུས་ \n"
+#~ " \t\t\t\t(�ུན་མོང་པ་)ཇི་ཨའི་ཌི་དང་བཅས་ སྡེ་ཚན་གསར་བས�ྲུན་འབད་བཅུག\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "ལག་ལེན་: useradd [གདམ་�་ཚུ་] ནང་བས�ྱོད་\n"
+#~ "\n"
+#~ "གདམ་�་ཚུ་:\n"
+#~ "  -b, --base-dir BASE_DIR\t ལག་ལེན་པའི་རྩིས་�ོ་གསརཔ་ \n"
+#~ "\t\t\t\t �ྱིམ་གྱི་སྣོད་�ོའི་དོན་ལུ་ གཞི་རྟེན་སྣོད་�ོ�\n"
+#~ "  -c, --comment COMMENT\t\t ལག་ལེན་པའི་རྩིས་�ོ་གསརཔ་གི་དོན་ལུ་ ཇི་ཨི་སི་ཨོ་ཨེསི་ས་སྒོ་ གཞི་"
+#~ "སྒྲིག་འབད�\n"
+#~ "  -d, --home-dir HOME_DIR\t ལག་ལེན་པའི་རྩིས་�ོ་གསརཔ་གི་དོན་ལུ་ �ྱིམ་གྱི་སྣོད་�ོ�\n"
+#~ "  -D, --defaults\t\t ལེགས་བཅོས་འབད་ཡོད་པའི་སྔོན་སྒྲིག་ useradd\n"
+#~ "\t\t\t\t རིམ་སྒྲིག་འདི་ དཔར་བས�ྲུན་འབད་ཡང་ན་ སྲུངས� \n"
+#~ "  -e, --expiredate EXPIRE_DATE\t   EXPIRE_DATEལུ་ རྩིས་�ོའི་དུས་ཡོལ་ཚེས་གྲངས་ གཞི་"
+#~ "སྒྲིག་འབད�\n"
+#~ "  -f, --inactive INACTIVE\t དུས་ཡོལ་ \n"
+#~ "\t\t\t\t གི་ཤུལ་མར་ INACTIVEལུ་ ཆོག་ཡིག་ནུས་མེད་སྦེ་གཞི་སྒྲིག་འབད�\n"
+#~ "  -g, --gid GROUP\t\t ལག་ལེན་པའི་རྩིས་�ོ་གསརཔ་གི་དོན་ལུ་ བང་བཅོང་�ོག་ལས་ སྡེ་ཚན་ལག་ལེན་"
+#~ "འ�བ�\n"
+#~ "  -G, --groups GROUPS\t\t \n"
+#~ "  \t\t\t\tལག་ལེན་པའི་རྩིས་�ོ་གསརཔ་གི་དོན་ལུ་ ལྷན་�བས་སྡེབ་ཚན་གྱི་�ོ་ཡིག\n"
+#~ "  -h, --help\t\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་བཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འ�ོན་འབད�\n"
+#~ "  -k, --skel SKEL_DIR \t\t �བས་གཞན་སི་ཀེལ་སྣོད་�ོ་ཅིག་ གསལ་བཀོད་འབད�\n"
+#~ "  -K, --key KEY=VALUE\t\t   /etc/login.defs སྔོན་སྒྲིག་ ཟུར་བཞག་འབད�་ཨིན�\n"
+#~ "  -m, --create-home\t\t ལག་ལེན་པ་ \n"
+#~ " \t\t\t\tརྩིས་�ོ་གསརཔ་གི་དོན་ལུ་ �ྱིམ་གྱི་སྣོད་�ོ་གསར་བས�ྲུན་འབད�\n"
+#~ "  -o, --non-unique\t\t   \t\t\t\t(�ུན་མོང་) ཡུ་ཨའི་ཌི་ རྫུན་མ་\n"
+#~ "གི་�ོག་ལས་ ལག་ལེན་པ་གསར་བས�ྲུན་འབད་བཅུག\n"
+#~ "  -p, --password PASSWORD\t  ལག་ལེན་པ་གསརཔ་\n"
+#~ "  \t\t\t\tརྩིས་�ོའི་དོན་ལུ་ གསང་བཟོས་ཆོག་ཡིགལག་ལེན་འ�བ�\n"
+#~ "  -s, --shell SHELL\t\t  ལག་ལེན་པའི་རྩིས་�ོ་གསརཔ་གི་དོན་ལུ་ ནང་བས�ྱོད་ཀྱི་ཤལ�\n"
+#~ "  -u, --uid UID\t\t\t  ལག་ལེན་པའི་རྩིས་�ོ་གསརཔ་གི་དོན་ལུ་ ཡུ་ཨའི་ཌི་འདི་ བང་ཅན་སྦེ་ལག་"
+#~ "ལེན་འ�བ�\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "ཆོག་ཡིག་དུས་ཡོལ་ནིའི་དོན་ལས་་གཞི་སྒྲིག་འབད་ཡོདཔ�"
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་ ལྡེ་མིག་བར�ྱབ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་ �་ཕྱེ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་ ལྡེ་མིག་བར�ྱབ་མ་ཚུགས�\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་ �་ཕྱེ་མ་ཚུགས�\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་ ལོག་འབྲི་མ་ཚུགས�\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་ ལོག་འབྲི་མ་ཚུགས�\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་ དུས་མ�ུན་བཟོ་མ་ཚུགས�\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tམིང་ཆ་ཚང་: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\t�ང་མིག་ཨང་: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tལཱ་གི་བརྒྱུད་འཕྲིན་: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\t�ྱིམ་གྱི་བརྒྱུད་འཕྲིན་: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "ཆོག་ཡིག་ཡིག་སྣོད་ ལྡེ་མིག་བར�ྱབ་མི་ཚུགས་ ཤུལ་ལས་ལོག་སྟེ་འབད་རྩོལ་ས�ྱེད�\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "ཆོག་ཡིག་ཡིག་སྣོད་ �་ཕྱེ་མི་ཚུགས�\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "ཆོག་ཡིག་�ོ་བཀོད་དུས་མ�ུན་འབད�་ད་ལུ་ འཛོལ་བ�\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "ཆོག་ཡིག་ཡིག་སྣོད་བསྒྱུར་བཅོས་ཚུ་ དང་ལེན་འབད་མི་ཚུགས�\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "ཆོག་ཡིག་ཡིག་སྣོད་ �་ཕྱེ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ ལྡེ་མིག་བར�ྱབ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ལྡེ་མིག་ �་ཕྱེ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: gshadowཡིག་སྣོད་ ལྡེ་མིག་བར�ྱབ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཡིག་སྣོད་ �་ཕྱེ་མི་ཚུགས�\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཡིག་སྣོད་དུས་མ�ུན་བཟོ་བའི་བསྒང་ལུ་ འཛོལ་བ�\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: སྡེ་ཚན་�ོ་བཀོད་དུས་མ�ུན་བཟོ་བའི་བསྒང་ལུ་ འཛོལ་བ�\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: གྲལ་�ིག་ %d: མ་ཤེས་པའི་སྡེ་ཚན་  %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: གྲལ་�ིག་ %d: �ོ་བཀོད་དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཡིག་སྣོད་ ལྡེ་མིག་བར�ྱབ་མི་ཚུགས�\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཡིག་སྣོད་དུས་མ�ུན་བཟོ་བའི་བསྒང་ལུ་ འཛོལ་བ�\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་དུས་མ�ུན་བཟོ་བའི་བསྒང་ལུ་ འཛོལ་བ�\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: གྲལ་�ིག་ %d: མ་ཤེས་པའི་ལག་ལེན་པ་%s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: གྲལ་�ིག་ %d: ཆོག་ཡིག་�ོ་བཀོད་ དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: མ་ཤེས་པའི་ལག་ལེན་པ�\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "མ་ཤེས་པའི་ལག་ལེན་པ་:%s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "ལག་ལེན་པ་: %s [-r|-R] སྡེ་ཚན�\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "       %s [-a user] སྡེ་ཚན�\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "       %s [-d user] སྡེ་ཚན�\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "       %s [-A user,...] [-M user,...] སྡེ་ཚན�\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "       %s [-M user,...] སྡེ་ཚན�\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: ལྡེ་མིག་བར�ྱབ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: གྱིབ་མ་ལྡེ་མིག་ལྡེ་མིག་བར�ྱབ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: ཡིག་སྣོད་�་ཕྱེ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཡིག་སྣོད་ལོག་འབྲི་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: ཡིག་སྣོད་ལྡེ་མིག་ཕྱེ་མིཚུགས�\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: �ོ་བཀོད་ དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: གྱིབ་མའི་�ོ་བཀོད་ དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "མ་ཤེས་པའི་སྡེ་ཚན་:%s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: ཡིག་སྣོད་�་ཕྱེ་མི་ཚུགས�\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཡིག་སྣོད་ �་ཕྱེ་མི་ཚུགས�\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "�ྱོད་ག་སྨོ?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: མ་ཤེས་པའི་འ�ུས་མི་ %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: སྡེ་ཚན་�ོ་བཀོད་གསརཔ་�་ས�ོང་འབད་བའི་བསྒང་ལུ་ འཛོལ་བ�\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ ལོག་འབྲི་མི་ཚུགས�\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ ལོག་འབྲི་མི་ཚུགས�\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ ལྡེ་མིག་བར�ྱབ་མ་ཚུགས�\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ �་ཕྱེ་མ་ཚུགས�\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ ལྡེ་མིག་བར�ྱབ་མ་ཚུགས�\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ �་ཕྱེ་མ་ཚུགས�\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: ཇི་ཨའི་ཌི་ %uའདི་ �ུན་མོང་པ་ཨིན�\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: སྡེ་ཚན་�ོ་བཀོད་རྩ་བས�ྲད་ག�ང་པའི་བསྒང་ལུ་ འཛོལ་བ�\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་�ོ་བཀོད་རྩ་བས�ྲད་ག�ང་པའི་བསྒང་ལུ་ འཛོལ་བ�\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: ལག་ལེན་པའི་གཞི་རིམ་སྡེ་ཚན་ རྩ་བས�ྲད་ག�ང་མི་ཚུགས�\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: པི་ཨེ་ཨེམ་ བདེན་བཤད་འ�ུས་ཤོར་བྱུང་ཡོདཔ�\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ ལྡེ་མིག་བར�ྱབ་མ་ཚུགས�\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ �་ཕྱེ་མི་ཚུགས�\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s འདི་ /etc/groupནང་མི་འ�ོབ�\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u འདི་ �ུན་མོང་གི་ཇི་ཨའི་ཌི་མེན�\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s འདི་ �ུན་མོང་གི་མིང་མེན�\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་འདི་ ལོག་འབྲི་མི་བ�ུབ�\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་འདི་ ལྡེ་མིག་བར�ྱབ་མ་ཚུགས�\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་ �་ཕྱེ་མ་ཚུགས�\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: %sགི་དོན་ལུ་ གྱིབ་མའི་�ོ་བཀོད་ དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: སྡེ་ཚན་ %sགི་དོན་ལུ་ �ོ་བཀོད་དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ ལྡེ་མིག་བར�ྱབ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ �་ཕྱེ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ %sབས�ྲད་ག�ང་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ བ�ོན་ག�ང་མི་ཚུགས�\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "མ་ཤེས་པའི་ ཇི་ཨའི་ཌི་:%u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "མ་ཤེས་པའི་ ཇི་ཨའི་ཌི་:%lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: སྡེ་ཚན་ %sམེད�\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: ལག་ལེན་པ་  %sའདི་ མེད�\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: ནུས་མེད་ལག་ལེན་པའི་མིང་ '%s'�\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: /etc/passwd ལྡེ་མིག་བར�ྱབ་མི་ཚུགས�\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: /etc/passwd ལྡེ་མིག་བར�ྱབ་མི་ཚུགས�\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: /etc/passwd ལྡེ་མིག་བར�ྱབ་མི་ཚུགས�\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: /etc/passwd ལྡེ་མིག་བར�ྱབ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: ཡིག་སྣོད་ཚུ་�་ཕྱེ་མི་ཚུགས�\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: ཡིག་སྣོད་དུས་མ�ུན་བཟོ་བའི་ས�བས་ལུ་ འཛོལ་བ�\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: %sགི་དོན་ལུ་ ཆོག་ཡིག་�ོ་བཀོད་དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་ ལྡེ་མིག་བར�ྱབ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་ �་ཕྱེ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: %sགི་དོན་ལུ་ གྱིབ་མའི་�ོ་བཀོད་ རྩ་བས�ྲད་ག�ང་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་ དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: ལག་ལེན་པ་%sགི་དོན་ལུ་ �ོ་བཀོད་དུས་མ�ུན་བཟོ་མི་ཚུགས�\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་ བ�ོན་ག�ང་མི་ཚུགས�\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: མ་ཤེས་པའི་ཇི་ཨའི་ཌི་ %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: མ་ཤེས་པའི་སྡེ་ཚན་ %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: དུས་མ�ུན་gshadowནང་ལུ་ དྲན་ཚད་ལས་བརྒལ་བ�\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: ཆོག་ཡིག་ཡིག་སྣོད་འདི་ ལོག་འབྲི་མི་བ�ུབ�\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་འདི་ ལོག་འབྲི་མི་བ�ུབ�\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་ ལྡེ་མིག་བར�ྱབ་མི་ཚུགས�\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་སྣོད་ �་ཕྱེ་མི་ཚུགས�\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་འདི་ ལྡེ་མིག་བར�ྱབ་པའི་བསྒང་ལུ་འཛོལ་བ�\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་�་ཕྱེ་བའི་བསྒང་ལུ་ འཛོལ་བ�\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ལྡེ་མིག་བར�ྱབ་པའི་བསྒང་ལུ་ འཛོལབ�\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་�་ཕྱེ་བའི་བསྒང་ལུ་ འཛོལ་བ�\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: ཆོག་ཡིག་�ོ་བཀོད་གསརཔ་�་ས�ོང་འབད་བའི་ས�བས་ལུ་འཛོལ་བ�\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་�ོ་བཀོད་གསརཔ་ �་ས�ོང་འབད་བའི་ས�བས་ལུ་འཛོལ་བ�\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: ཉེན་བརྡ་: CREATE_HOME རྒྱབ་ས�ྱོར་མ་འབད་ དེའི་ཚབ་ལུ་ -mལག་ལེན་འ�བ་གནང་�\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: སྡེ་ཚན་�ོ་བཀོད་དུས་མ�ུན་བཟོ་བའི་བསྒང་ལུ་ འཛོལ་བ�\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: སྡེ་ཚན་�ོ་བཀོད་དུས་མ�ུན་བཟོ་བའི་བསྒང་ལུ་ འཛོལ་བ�\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: སྡེ་ཚན་ཡིག་སྣོད་ �་ཕྱེ་མི་ཚུགས�\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: གྱིབ་མའི་སྡེ་ཚན་ཡིག་སྣོད་ �་ཕྱེ་མི་ཚུགས�\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: ཆོག་ཡིག་�ོ་བཀོད་བ�ོན་ག�ང་པའི་ས�བས་ལུ་ འཛོལ་བ�\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་ཡིག་�ོ་བཀོད་བོ�ན་ག�ང་པའི་ས�བས་ལུ་ འཛོལ་བ�\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: སྡེ་ཚན་�ོ་བཀོད་གསརཔ་�་ས�ོང་འབད་བའི་བསྒང་ལུ་ འཛོལ་བ�\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s:  uid %luའདི་ �ུན་མོང་ཨིན�\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: ཆོག་ཡིག་�ོ་བཀོད་སོར་བའི་བསྒང་ལུ་ འཛོལ་བ�\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: ཆོག་ཡིག་�ོ་བཀོད་རྩ་བས�ྲད་ག�ང་པའི་བསྒང་ལུ་ འཛོལ་བ�\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: གྱིབ་མའི་ཆོག་ཡིག་�ོ་བཀོད་རྩ་བས�ྲད་ག�ང་པའི་བསྒང་ལུ་ འཛོལ་བ�\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: �ུན་མོང་མ་ཡིན་པའི་ ཇི་ཨའི་ཌི་འ�ོབ་མི་ཚུགས�\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr "'%.200s'ནང་ལས་  '%.100s'གུ"
+
+#~ msgid " on '%.100s'"
+#~ msgstr "'%.100s'གུ"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: གྲལ་�ིག་ %d: ཡུ་ཨའི་ཌི་ གསར་བས�ྲུན་འབད་མི་ཚུགས�\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: མིང་ %s འདི་ �ུན་མོང་པ་ཨིན�\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ལག་ལེན་:chgpasswd [གདམ་�་ཚུ་]\n"
+#~ "གདམ་�་ཚུ་:\n"
+#~ "  -e, --encrypted\t བཀྲམ་སྤེལ་འབད་ཡོད་པའི་ཆོག་ཡིག་ཚུ་ གསང་བ་བཟོ་ཡོདཔ�\n"
+#~ "  -h, --help\t\t གྲོགས་རམ་འཕྲིན་དོན་འདི་ མཀྲམ་སྟོན་འབད་ཞིནམ་ལས་ ཕྱིར་འ�ོན་འབད�\n"
+#~ "  -m, --md5\t\t བཀྲམ་སྟོན་\n"
+#~ "འབད་ཡོད་པའི་\t\t\t ཆོག་ཡིག་ཚུ་གསང་བཟོས་མེན་པ་ཅིན་ ཌི་ཨི་ཨེསི་གི་ཚབ་ལུ་ ཨེམ་ཌི་ ༥ གསང་ ལག་"
+#~ "ལེན་འ�བ�\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "ཆོག་ཡིག་ཡིག་སྣོད་མེད�\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "དགོངསམ་མ་�ྲེལ�\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "དགོསངམ་མ་�ྲེལ་ %s གི་དོན་ལུ་ ཆོག་ཡིག་འདི་ད་རུང་ཡང་སོར་མི་བ�ུབ�\n"
+
+#~ msgid "Sorry."
+#~ msgstr "དགོངསམ་མ་�ྲེལ�"
diff --git a/po/el.po b/po/el.po
new file mode 100644
index 0000000..28e7d07
--- /dev/null
+++ b/po/el.po
@@ -0,0 +1,3743 @@
+# translation of shadow_po_el.po to Greek
+# Shadow Password Suite
+# Greek Translation by Nikos Mavroyanopoulos
+# Thanks to Simos Xenitelis (S.Xenitellis@rhbnc.ac.uk) for his
+# comments about making this translation better.
+# Kostas Papadimas <pkst@gnome.org>, 2005.
+# Konstantinos Margaritis <markos@debian.org>, 2006.
+# Thomas Vasileiou <thomas-v@wildmail.com>, 2012.
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow_po_el\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2012-01-21 00:22+0200\n"
+"Last-Translator: Thomas Vasileiou <thomas-v@wildmail.com>\n"
+"Language-Team: Greek <debian-l10n-greek@lists.debian.org>\n"
+"Language: el\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: KBabel 1.10.2\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "η μέθοδος κ�υπτογ�άφησης δεν υποστη�ίζεται από το libcrypt? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "λάθος διαμό�φωση - δεν μπο�εί να αναλυθεί η τιμή %s : '%s'"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Αδυναμία δέσμευσης χώ�ου για πλη�οφο�ίες διαμό�φωσης.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"σφάλμα διαμό�φωσης - άγνωστο αντικείμενο '%s' (ειδοποιήστε το διαχει�ιστή)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: το nscd δεν τε�μάτισε κανονικά (σήμα %d)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: το ncsd τε�μάτισε με κατάσταση εξόδου %d"
+
+msgid "Password: "
+msgstr "Συνθηματικό: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Του %s το Συνθηματικό: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "Δεν μπο�ώ να δημιου�γήσω διαχει�ιστή του SELinux\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "Η πολιτική του SELinux δεν διαχει�ίζεται\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "Αδυναμία ανάγνωσης της αποθηκευμένης πολιτικής του SELinux\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "Αδυναμία δημιου�γίας σ�νδεση διαχεί�ισης του SELinux\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "Αδυναμία εκκίνησης συναλλαγής SELinux\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "Αδυναμία ανάκτησης του χ�ήστη SE για το %s\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "Αδυναμία ��θμισης του πεδίου SE για το %s\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "Αδυναμία ��θμισης του ονόματος SE για το χ�ήστη %s\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Αδυναμία τ�οποποίησης της χα�τογ�άφησης σ�νδεσης για το χ�ήστη %s\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Αδυναμία δημιου�γίας χα�τογ�άφησης σ�νδεσης SELinux για το χ�ήστη %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Αδυναμία ��θμισης του ονόματος χ�ήστη %s\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "Αδυναμία ��θμισης του SELinux χ�ήστη %s\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Αδυναμία π�οσθήκης χα�τογ�άφηση σ�νδεσης για το χ�ήστη %s\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "Αδυναμία εκκίνησης της διαχεί�ισης SELinux\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "Αδυναμία δημιου�γίας κλειδιο� για το χ�ήστη SELinux\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "Ο SELinux χ�ήστης δεν μπο�εί να επαληθευτεί\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "Αδυναμία τ�οποποίησης της χα�τογ�άφησης χ�ήστη SELinux\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "Αδυναμία π�οσθήκης της χα�τογ�άφησης χ�ήστη SELinux\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "Αδυναμία πα�άδοσης της συναλλαγής SELinux\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"Δεν έχει ο�ιστεί χα�τογ�άφηση σ�νδεσης για τον χ�ήστη %s, είναι ΟΚ εάν "
+"χ�ησιμοποιηθεί η π�οκαθο�ισμένη χα�τογ�άφηση\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+"Η χα�τογ�άφηση σ�νδεσης για το χ�ήστη %s καθο�ίζεται από το πλαίσιο της "
+"πολιτική και δεν μπο�εί να διαγ�αφεί\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Αδυναμία διαγ�αφής της χα�τογ�άφησης σ�νδεσης για το χ�ήστη %s"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: δεν υπά�χει ελε�θε�η μνήμη\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: Αδυναμία εκτέλεσης του stat %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: το %s δεν είναι ο�τε κατάλογος ο�τε συμβολικός σ�νδεσμος\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: Αδυναμία ανάγνωσης του συμβολικο� συνδέσμου %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: Ύποπτα μεγάλος συμβολικός σ�νδεσμος: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: Αδυναμία δημιου�γίας καταλόγου %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: Αδυναμία αλλαγής ιδιοκτήτη του %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: Αδυναμία αλλαγής τ�όπο λειτου�γίας του %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: αποσ�νδεση: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: Αδυναμία διαγ�αφής του καταλόγου %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: Αδυναμία μετονομασίας του %s σε %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: Αδυναμία διαγ�αφής %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: Αδυναμία δημιου�γίας συμβολικο� συνδέσμου %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Αδυναμία αλλαγή ιδιοκτητών του %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: Αδυναμία εκτέλεσης του lstat %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr ""
+"%s: Π�οειδοποίηση, δεν υπά�χει tcb α�χείο σκιωδών συνθηματικών για το χ�ήστη "
+"%s.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Επείγον: το tcb α�χείο σκιωδών συνθηματικών του %s δεν φέ�ει το σ�νηθες "
+"st_nlink=1.\n"
+"Ο λογα�ιασμός θα πα�αμείνει κλειδωμένος.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: Αδυναμία ανοίγματος α�χείου %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Π�οειδοποίηση: άγνωστη ομάδα %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Π�οειδοποίηση: Πολλές ομάδες\n"
+
+msgid "Your password has expired."
+msgstr "Το συνθηματικό σας έχει λήξει."
+
+msgid "Your password is inactive."
+msgstr "Το συνθηματικό σας είναι ανενε�γό."
+
+msgid "Your login has expired."
+msgstr "Ο κωδικός εισόδου σας έχει λήξει."
+
+msgid "  Contact the system administrator."
+msgstr "  Επικοινωνήστε με τον διαχει�ιστή του συστήματος."
+
+msgid "  Choose a new password."
+msgstr "   Επιλέξτε ένα νέο συνθηματικό."
+
+msgid "You must change your password."
+msgstr "Π�έπει να αλλάξετε το συνθηματικό σας."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Το συνθηματικό σας θα λήξει σε %ld μέ�ες.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Το συνθηματικό σας θα λήξει α��ιο."
+
+msgid "Your password will expire today."
+msgstr "Το συνθηματικό σας θα λήξει σήμε�α."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Αδυναμία εγκαθίδ�υσης διεπαφής ελέγχου - ματαίωσης.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Αδυναμία αλλαγής ιδιοκτήτη ή τ�όπο λειτου�γίας του tty stdin: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: Αποτυχία ξεκλειδώματος %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Υπε�χείλιση πε�ιβάλλοντος\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Δεν μπο�είτε να αλλάξετε το $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d αποτυχία από την τελευταία είσοδο.\n"
+" Η τελευταία ήταν στις %s στο %s.\n"
+msgstr[1] ""
+"%d αποτυχίες από την τελευταία είσοδο.\n"
+" Η τελευταία ήταν στις %s στο %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Μη έγκυ�η διαμό�φωση: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Μη έγκυ�η διαμό�φωση: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: αποτυχία εκχώ�ησης μνήμης: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: αδυναμία λήψης μοναδικο� GID συστήματος (δεν υπά�χουν διαθέσιμα GID)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: αδυναμία λήψης μοναδικο� GID (δεν υπά�χουν διαθέσιμα GID)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Μη έγκυ�η διαμό�φωση: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Μη έγκυ�η διαμό�φωση: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: αδυναμία λήψης μοναδικο� UID συστήματος (δεν υπά�χουν διαθέσιμα UID)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: αδυναμία λήψης μοναδικο� UID (δεν υπά�χουν διαθέσιμα UID)\n"
+
+msgid "Too many logins.\n"
+msgstr "Πολλές είσοδοι στο σ�στημα.\n"
+
+msgid "You have new mail."
+msgstr "Έχετε νέα γ�άμματα."
+
+msgid "No mail."
+msgstr "Κανένα γ�άμμα."
+
+msgid "You have mail."
+msgstr "Έχετε γ�άμματα."
+
+msgid "no change"
+msgstr "καμιά αλλαγή"
+
+msgid "a palindrome"
+msgstr "μια παλινδ�όμηση"
+
+msgid "case changes only"
+msgstr "αλλαγές κεφαλαίων/πεζών μόνο"
+
+msgid "too similar"
+msgstr "α�κετά πα�όμοιο"
+
+msgid "too simple"
+msgstr "πολ� απλό"
+
+msgid "rotated"
+msgstr "κυλιόμενο"
+
+msgid "too short"
+msgstr "πολ� σ�ντομο"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Κακό συνθηματικό: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "συνθηματικό: pam_start() απέτυχε, σφάλμα %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "συνθηματικό: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: Το συνθηματικό πα�έμεινε όπως είχε\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: το συνθηματικό ενημε�ώθηκε επιτυχώς\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Εσφαλμένο συνθηματικό για %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: πολλαπλές επιλογές --root\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: η επιλογή '%s' απαιτεί μία τιμή\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: αποτυχία από��ιψης π�ονομίων (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: διαδ�ομή chroot μη έγκυ�η '%s'\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: αδυναμία π�οσπέλαση του καταλόγου chroot %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot access chroot directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: αδυναμία π�οσπέλαση του καταλόγου chroot %s: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr ""
+"%s: αδυναμία αλλαγής του φαινομενικο� γονικο� καταλόγου (chroot)  %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Μη έγκυ�η τιμή για το ENCRYPT_METHOD: '%s'.\n"
+"Επιλέγεται η π�οκαθο�ισμένη DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Αδυναμία αλλαγής καταλόγου στον '%s'\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Χω�ίς κατάλογο, εισαγωγή με ΜΗΤΡΙΚΟ_ΚΑΤΑΛΟΓΟ=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Αδυναμία εκτέλεσης %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Μη έγκυ�ος π�ωτα�χικός κατάλογος '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Αδυναμία αλλαγής του π�ωτα�χικο� καταλόγου σε '%s'\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Δεν είναι δυνατόν να καθο�ιστεί το όνομα tty."
+
+msgid "No"
+msgstr "Όχι"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Χ�ήση: %s [επιλογές] Ο�ΟΜΑ\n"
+"\n"
+"Επιλογές:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+"  -d, --lastday ΤΕΛΕΤΑΙΑ_ΗΜΕΡΑ       καθο�ίζει την ημέ�α της τελευταίας "
+"αλλαγής συνθηματικο� σε ΤΕΛΕΤΑΙΑ_ΗΜΕΡΑ\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -E, --expiredate ΗΜΕΡΟΜΗ�ΙΑ_ΛΗΞΗΣ  καθο�ίζει την ημε�ομηνία λήξης του "
+"λογα�ιασμο� σε ΗΜΕΡΟΜΗ�ΙΑ_ΛΗΞΗΣ\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+"  -h, --help                    π�οβολή αυτο� του μην�ματος βοήθειας και "
+"έξοδος\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive ΜΗ_Ε�ΕΡΓΟ       καθο�ίζει το συνθηματικό μετά την λήξη\n"
+"                                σε ΜΗ_Ε�ΕΡΓΟ\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+"  -l, --list                    π�οβολή πλη�οφο�ιών ηλικίας λογα�ιασμών\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays ΕΛΑΧ_ΗΜΕΡΕΣ        καθο�ίζει ελάχιστο α�ιθμό ημε�ών π�ιν το "
+"συνθηματικό\n"
+"                                αλλάξει σε ΕΛΑΧ_ΗΜΕΡΕΣ\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays ΜΕΓ_ΗΜΕΡΕΣ        καθο�ίζει μέγιστο α�ιθμό ημε�ών π�ιν το "
+"συνθηματικό\n"
+"                                αλλάξει σε ΜΕΓ_ΗΜΕΡΕΣ\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+"  -R, --root ΚΑΤΑΛΟΓΟΣ_CHROOT         κατάλογος στον οποίο να εφα�μοστεί "
+"chroot\n"
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -W, --warndays ΠΡΟΕΙΔ_ΗΜΕΡΕΣ      καθο�ίζει τις ημέ�ες π�οειδοποίησης π�ιν "
+"τη λήξη σε ΠΡΟΕΙΔ_ΗΜΕΡΕΣ\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Εισάγετε την νέα τιμή, ή πιέστε ENTER για την π�οκαθο�ισμένη"
+
+msgid "Minimum Password Age"
+msgstr "Μικ�ότε�η διά�κεια συνθηματικο�"
+
+msgid "Maximum Password Age"
+msgstr "Μέγιστη διά�κεια συνθηματικο�"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Τελευταία αλλαγή συνθηματικο� (ΧΧΧΧ-ΜΜ-ΗΗ)"
+
+msgid "Password Expiration Warning"
+msgstr "Π�οειδοποίηση λήξης συνθηματικο�"
+
+msgid "Password Inactive"
+msgstr "Ανενε�γό συνθηματικό"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Ημε�ομηνία Λήξης Λογα�ιασμο� (ΧΧΧΧ-ΜΜ-ΗΗ)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Τελευταία αλλαγή συνθηματικο� \t\t\t\t\t: "
+
+msgid "never"
+msgstr "Ποτέ"
+
+msgid "password must be changed"
+msgstr "το συνθηματικό π�έπει να αλλαχθεί"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Το συνθηματικό λήγει\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Ανενε�γό συνθηματικό\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Ο λογα�ιασμός λήγει\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Ελάχιστος α�ιθμός ημε�ών μεταξ� των αλλαγών συνθηματικο�\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Μέγιστος α�ιθμός ημε�ών μεταξ� των αλλαγών συνθηματικο�\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Α�ιθμός ημε�ών π�ιν τη λήξη του συνθηματικο�\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: Μη έγκυ�η ημε�ομηνία '%s'\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: Μη έγκυ�η α�ιθμητική πα�άμετ�ος '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: �α μην συμπε�ιλαμβάνετε το \"l\" με τις άλλες ενδείξεις\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: άδεια απο��ίφθηκε\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Δεν είναι δυνατόν να καθο�ιστεί το όνομα χ�ήστη σας.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: αδυναμία κλειδώματος %s. Δοκιμάστε α�γότε�α.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: αδυναμία ανοίγματος του %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: σφάλμα κατά την εγγ�αφή των αλλαγών στο %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: αποτυχία π�οετοιμασίας της νέας εγγ�αφής %s '%s'\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: Το α�χείο σκιωδών συνθηματικών δεν υπά�χει\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: Ο χ�ήστης '%s' δεν υπά�χει στο %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Αλλαγή πλη�οφο�ιών χ�όνου για τον %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: Σφάλμα κατά την αλλαγή πεδίων\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Χ�ήση: %s [επιλογές] [Ο�ΟΜΑ]\n"
+"\n"
+"Επιλογές:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+"  -f, --full-name ΠΛΗΡΕΣ_Ο�ΟΜΑ     αλλαγή του πλή�ες ονόματος του χ�ήστη\n"
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+"  -h, --home-phone ΤΗΛ_ΟΙΚΕΙΑΣ   αλλαγή του τηλεφώνου οικείας του χ�ήστη\n"
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+"  -o, --other ΑΛΛΕΣ_ΠΛΗΡ        αλλαγή των υπόλοιπων πλη�οφο�ιών GECOS του "
+"χ�ήστη\n"
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+"  -r, --room ΑΡΙΘΜΟΣ_ΔΩΜ        αλλαγή του α�ιθμο� δωματίου του χ�ήστη\n"
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+"  -u, --help                    π�οβολή αυτο� του μην�ματός βοήθειας και "
+"έξοδος\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+"  -w, --work-phone ΤΗΛ_ΕΡΓΑΣΙΑΣ   αλλαγή του τηλεφώνου ε�γασίας του χ�ήστη\n"
+
+msgid "Full Name"
+msgstr "Πλή�ες όνομα"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Α�ιθμός δωματίου"
+
+msgid "Work Phone"
+msgstr "Τηλέφωνο Ε�γασίας"
+
+msgid "Home Phone"
+msgstr "Τηλέφωνο Οικίας"
+
+msgid "Other"
+msgstr "Άλλο"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Αδυναμία αλλαγής ταυτότητας χ�ήστη σε root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: όνομα με χα�ακτή�ες μη-ASCII: '%s'\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: Μη έγκυ�ο όνομα: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: α�ιθμός δωματίου με χα�ακτή�ες μη-ASCII: '%s'\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: Μη έγκυ�ος α�ιθμός δωματίου: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: Μη έγκυ�ο τηλέφωνο ε�γασίας: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: Μη έγκυ�ο τηλέφωνο οικίας: '%s'\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' πε�ιέχει μη-ASCII χα�ακτή�ες\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' πε�ιέχει μη έγκυ�ους χα�ακτή�ες\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: Ο χ�ήστης '%s' δεν υπά�χει\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: αδυναμία αλλαγής χ�ήστη '%s' στον εξυπη�ετητή NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' είναι ο κ��ιος διακομιστής NIS γι'αυτόν τον εξυπη�ετο�μενο.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Αλλαγή πλη�οφο�ιών χ�ήστη για τον %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: Πολ� μακ�ιά πεδία\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Χ�ήση: %s [επιλογές]\n"
+"\n"
+"Επιλογές:\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method ΜΕΘΟΔΟΣ     μέθοδος κ�υπτογ�άφησης (μία από %s)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+"  -e, --encrypted               τα πα�εχόμενα συνθηματικά είναι "
+"κ�υπτογ�αφημένα\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     κ�υπτογ�άφηση το κειμένου του συνθηματικο�\n"
+"                                με χ�ήση του αλγό�ιθμου MD5\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"  -s, --sha-rounds              α�ιθμός κ�κλων SHA για τους \n"
+"                                 αλγό�ιθμους κ�υπτογ�άφησης SHA*\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: η σημαία %s επιτ�έπεται μόνο με τη σημαία %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: οι σημαίες -c, -e, και -m είναι αποκλειστικές\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: η μέθοδος κ�υπτογ�άφησης δεν υποστη�ίζεται: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: γ�αμμή %d: πολ� μεγάλη γ�αμμή\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: γ�αμμή %d: έλλειψη νέου συνθηματικο�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: Αποτυχία εγγ�αφής %s: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: γ�αμμή %d: η ομάδα '%s' δεν υπά�χει\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: γ�αμμή %d: αδυναμία π�οετοιμασίας της νέας εισόδου %s '%s'\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: Ανιχνε�τηκε σφάλμα, οι αλλαγές αγνοήθηκαν\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s:  (γ�αμμή %d, χ�ήστης %s) το συνθηματικό δεν άλλαξε\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: γ�αμμή %d: ο χ�ήστης '%s' δεν υπά�χει\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+"  -s, --shell ΦΛΟΙΟΣ            νέος φλοιός εισόδου για λογα�ιασμό του "
+"χ�ήστη\n"
+
+msgid "Login Shell"
+msgstr "Κέλυφος Εισόδου"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Δεν μπο�είτε να αλλάξετε το φλοιό για το(ν) '%s'.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Αλλαγή του φλοιο� για τον %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Μη έγκυ�η καταχώ�ηση: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: ο %s δεν είναι έγκυ�ος φλοιός.\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Π�οειδοποίηση: ο χ�ήστης %s δεν υπά�χει\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Π�οειδοποίηση: το %s δεν είναι εκτελέσιμο\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+" -c, --check                   έλεγχος για τη λήξη του συνθηματικο� του "
+"χ�ήστη\n"
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+"  -f, --force                   εξαναγκασμένη αλλαγή συνθηματικο�, εάν το "
+"συνθηματικό\n"
+"                                του χ�ήστη έχει λήξει\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: συγκ�ουόμενες επιλογές %s και %s\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: μη έγκυ�η πα�άμετ�ος: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+"  -a, --all                     π�οβολή των εγγ�αφών του faillog για όλους "
+"τους χ�ήστες\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-secs ΔΕΥΤ           κλείδωμα του λογα�ιασμο� για ΔΕΥΤ "
+"δευτε�όλεπτα, μετά από αποτυχημένη είσοδο\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum ΜΕΓ             καθο�ισμός του μέγιστου α�ιθμο� αποτυχημένων "
+"εισόδων σε ΜΕΓ\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+"  -r, --reset                   επαναφο�ά μετ�ητή αποτυχημένων εισόδων\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time ΗΜΕΡΕΣ               π�οβολή των εγγ�αφών του faillog των "
+"τελευταίων ΗΜΕΡΕΣ ημε�ών\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user Ο�ΟΜΑ/ΕΥΡΟΣ        π�οβολή των εγγ�αφών του faillog ή "
+"διατή�ηση\n"
+"                                των μετ�ητών και των ο�ίων (εάν "
+"χ�ησιμοποιηθεί με τα -r, -m,\n"
+"                                ή -l) μόνο για το συγκεκ�ιμένο όνομα (ή "
+"ονόματα)\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Aδυναμία ανάκτησης της εγγ�αφής UID %lu\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Login       Αποτυχίες Μέγιστο Τελευταία                   Στις\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus απέμειναν]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds κλείδωμα]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Αποτυχία επαναφο�άς λανθασμένης μέτ�ησης UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Αποτυχία καθο�ισμο� μέγιστου για το UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Αποτυχία καθο�ισμο� χ�όνου κλειδώματος για το UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Άγνωστος χ�ήστης ή πεδίο: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Αδυναμία ανάκτησης μεγέθους του %s: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Αποτυχία εγγ�αφής %s: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Χ�ήση: %s [επιλογές] ΟΜΑΔΑ\n"
+"\n"
+"Επιλογές:\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add ΧΡΗΣΤΗ                π�οσθήκη ΧΡΗΣΤΗ στην ΟΜΑΔΑ\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete ΧΡΗΣΤΗ            διαγ�αφή ΧΡΗΣΤΗ από την ΟΜΑΔΑ\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -Q, --root ΚΑΤ_CHROOT         κατάλογος όπου εκτελείται το chroot\n"
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr "  -r, --remove-password         διαγ�αφή του συνθηματικο� της ΟΜΑΔΑΣ\n"
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+"  -R, --restrict                πε�ιο�ισμός π�όσβασης στην ΟΜΑΔΑ και τα μέλη "
+"της\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+"  -M, --members USER,...        καθο�ισμός της λίστας μελών της ΟΜΑΔΑΣ\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators ΔΙΑΧΕΙΡ,...\n"
+"                                καθο�ισμός του διαχει�ιστή της ΟΜΑΔΑΣ\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Εκτός των επιλογών -Α και -Μ, οι υπόλοιπες δεν συνδυάζονται.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Οι επιλογές δεν συνδυάζονται.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: σκιώδη συνθηματικά ομάδων απαιτο�νται για το -A\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: Η ομάδα %s δεν υπά�χει στο %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: αποτυχία κατά το κλείσιμο του α�χείου μόνο για ανάγνωση %s\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Αλλαγή του συνθήματος για την ομάδα %s\n"
+
+msgid "New Password: "
+msgstr "�έο Συνθηματικό: "
+
+msgid "Re-enter new password: "
+msgstr "Εισάγετε ξανά το νέο συνθηματικό: "
+
+msgid "They don't match; try again"
+msgstr "Δεν ται�ιάζουν. Δοκιμάστε ξανά"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Ξαναδοκιμάστε α�γότε�α\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Π�οσθήκη του χ�ήστη %s στην ομάδα %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Διαγ�αφή του χ�ήστη %s από την ομάδα %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: ο χ�ήστης %s δεν είναι μέλος του '%s'\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Δεν είναι tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Χ�ήση: %s [επιλογές] ΟΜΑΔΑ\n"
+"\n"
+"Επιλογές:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force                   επιτυχής έξοδος εάν υπά�χει ήδη η ομάδα,\n"
+"                                και ακ��ωση της επιλογής -g εάν το GID "
+"χ�ησιμοποιείται ήδη\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+"  -g, --gid GID                 χ�ήση του GID για την καινο��για ομάδα\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+"  -K, --key ΚΛΕΙΔΙ=ΤΙΜΗ           πα�άκαμψη των π�οεπιλογών του /etc/login."
+"defs\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique             επιτ�έπει τη δημιου�γία ομάδων με\n"
+"                                μη μοναδικό GID\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+"  -p, --password ΣΥ�ΘΗΜΑΤΙΚΟ       χ�ήση του κ�υπτογ�αφημένου συνθηματικο� "
+"για τη νέα ομάδα\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  δημιου�γία λογα�ιασμο� συστήματος\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: Το '%s' δεν είναι έγκυ�ο όνομα ομάδας\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: Μη έγκυ�ο ID ομάδας '%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K απαιτεί KEY=VALUE\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: Η ομάδα '%s' υπά�χει\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: το GID '%lu' υπά�χει\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Δεν ήταν δυνατή η ��θμιση της υπη�εσίας εκκαθά�ισης.\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -r, --reset                   reset the counters of login failures\n"
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+"  -r, --reset                   επαναφο�ά μετ�ητή αποτυχημένων εισόδων\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: αδυναμία απομάκ�υνσης της εγγ�αφής '%s' από το %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: αδυναμία απομάκ�υνσης της π�ωτα�χικής ομάδας χ�ηστών '%s'\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: Η ομάδα '%s' δεν υπά�χει\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: Η ομάδα '%s' είναι NIS ομάδα.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: Ο %s είναι ο κ��ιος διακομιστής NIS\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: Ο χ�ήστης '%s' είναι ήδη μέλος του '%s'\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Δεν υπά�χει ελε�θε�η μνήμη. Αδυναμία ενημέ�ωσης του %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Χ�ήση: %s [επιλογές] [ενέ�γεια]\n"
+"\n"
+"Επιλογές:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group groupname         αλλαγή του ονόματος της ομάδας αντί αλλαγής "
+"της\n"
+"                                ομάδας του χ�ήστη (μόνο ο χ�ήστης root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Ενέ�γειες:\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+"  -a, --add username            π�οσθήκη του ονόματος χ�ήστη στα μέλη της "
+"ομάδας\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+"  -d, --delete username         διαγ�αφή ονόματος χ�ήστη από τα μέλη της "
+"ομάδας\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr "  -p, --purge                   διαγ�αφή όλων των μελών της ομάδας\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    λίστα όλων των μελών της ομάδας\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: το όνομα της ομάδας σας δεν ται�ιάζει με το όνομα σας\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s:  μόνο ο root μπο�εί να χ�ησιμοποιήσει την επιλογή -g/--group\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr "  -g, --gid GID                 αλλαγή του ID της ομάδας σε GID\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr "  -n, --new-name �ΕΑ_ΟΜΑΔΑ      αλλαγή του ονόματος σε �ΕΑ_ΟΜΑΔΑ\n"
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr "  -o, --non-unique              επιτ�έπει τη χ�ήση μη μοναδικών GID\n"
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+"  -p, --password ΣΥ�ΘΗΜΑΤΙΚΟ       αλλαγή του συνθηματικο� σε "
+"(κ�υπτογ�αφημένο)\n"
+"                                ΣΥ�ΘΗΜΑΤΙΚΟ\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: μη έγκυ�ο όνομα ομάδας '%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: Η ομάδα %s είναι NIS ομάδα\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: άγνωστος χ�ήστης %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Χ�ήση: %s [επιλογές] [ομάδα [gshadow]]\n"
+"\n"
+"Επιλογές:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Χ�ήση: %s [επιλογές] [ομάδα]\n"
+"\n"
+"Επιλογές:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+"  -r, --read-only               π�οβολή λαθών και π�οειδοποιήσεων\n"
+"                                χω�ίς να γίνεται αλλαγή στα α�χεία\n"
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr "  -s, --sort                    ταξινόμηση εγγ�αφών κατά UID\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s και -r είναι ασ�μβατα\n"
+
+msgid "invalid group file entry"
+msgstr "Μη έγκυ�η καταχώ�ηση στο α�χείο ομάδων"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "διαγ�αφή γ�αμμής '%s'; "
+
+msgid "duplicate group entry"
+msgstr "αντιγ�αφή καταχώ�ησης στο α�χείο ομάδων"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "Μη έγκυ�ο όνομα ομάδας '%s'\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "Μη έγκυ�ο ID ομάδας '%lu'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "ομάδα %s: δεν υπά�χει χ�ήστης %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "διαγ�αφή μέλους '%s'; "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "δεν β�έθηκε καταχώ�ηση στο α�χείο ομάδων %s που να ται�ιάζει\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "να π�οστεθεί η ομάδα '%s' στο %s; "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"η ομάδα %s έχει καταχώ�ιση στο %s, αλλά στο πεδίο συνθηματικο� στο %s δεν "
+"έχει τεθεί 'x'\n"
+
+msgid "invalid shadow group file entry"
+msgstr "Μη έγκυ�η καταχώ�ηση στο α�χείο σκιωδών συνθηματικών ομάδων"
+
+msgid "duplicate shadow group entry"
+msgstr "αντιγ�αφή καταχώ�ησης στο α�χείο σκιωδών συνθηματικών ομάδων"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "σκιώδης ομάδα %s: Δεν υπά�χει διαχει�ιστής χ�ήστης %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "διαγ�αφή διαχει�ιστικο� μέλους '%s'; "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "σκιώδης ομάδα %s: δεν υπά�χει χ�ήστης %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: τα α�χεία ανανεώθηκαν\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: καμιά αλλαγή\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: αδυναμία διαγ�αφής του %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Χ�ήση: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Χ�ήση: id\n"
+
+msgid " groups="
+msgstr " ομάδες="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+"  -b, --before ΗΜΕΡΕΣ             π�οβολή των εγγ�αφών του lastlog που είναι "
+"παλαιότε�ες από ΗΜΕΡΕΣ\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+"  -a, --all                     π�οβολή των εγγ�αφών του faillog για όλους "
+"τους χ�ήστες\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+"  -a, --all                     π�οβολή των εγγ�αφών του faillog για όλους "
+"τους χ�ήστες\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time ΗΜΕΡΕΣ               π�οβολή των εγγ�αφών του lastlog των "
+"τελευταίων ΗΜΕΡΕΣ ημε�ών\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+"  -u, --user Ο�ΟΜΑ              π�οβολή των εγγ�αφών του lastlog για το "
+"συγκεκ�ιμένο Ο�ΟΜΑ\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "Όνομα_Χ�ήστη     Θ��α     Από              Τελευταία"
+
+msgid "Username                Port     Latest"
+msgstr "Όνομα_Χ�ήστη            Θ��α     Τελευταία"
+
+msgid "**Never logged in**"
+msgstr "**Καμιά είσοδος στο σ�στημα**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Aδυναμία ανάκτησης της εγγ�αφής UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: αδυναμία ανανέωσης α�χείου συνθηματικών\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Χ�ήση: %s [-p] [όνομα]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h σ�στημα] [-f όνομα]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r σ�στημα\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "σφάλμα δια���θμισης - αδυναμία ανάλυσης της τιμής %s: '%d'"
+
+msgid "Invalid login time"
+msgstr "Εσφαλμένη ώ�α εισόδου"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Το σ�στημα έκλεισε για συντή�ηση �ουτίνας"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Πα�άκαμψη αποσ�νδεσης -- Η είσοδος του root επετ�άπη.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Μάλλον δεν είναι δυνατή η λειτου�γία χω�ίς ενε�γό χ�ήστη root\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Δεν υπά�χει καταχώ�ιση utmp.  Π�έπει να εκτελέσετε \"login\" από το \"sh\" "
+"του πιο χαμηλο� επιπέδου"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Η διαδικασία εισόδου τε�ματίστηκε μετά από %u δευτε�όλεπτα.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: αποτυχία PAM, εγκατάλειψη: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Υπε�έβη ο μέγιστος α�ιθμός π�οσπαθειών (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: αίτημα ακ��ωσης από το PAM\n"
+
+msgid "Login incorrect"
+msgstr "Διαδικασία εισόδου απέτυχε"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Αδυναμία ε��εσης χ�ήστη (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: αποτυχία διχάλωσης: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "το TIOCSCTTY απέτυχε στο %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+"Π�οειδοποίηση: Η είσοδος επανενε�γοποιήθηκε μετά από π�οσω�ινό αποκλεισμό."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Τελευταία είσοδος: %s στο %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Τελευταία είσοδος: %.19s στο %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " από %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"υπέ�βαση ο�ίου χ�όνου εισόδου\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Χ�ήση: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Χ�ήση: newgrp [-] [ομάδα]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Χ�ήση: sg ομάδα [[-c] εντολή]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: Αποτυχία εγγ�αφής %s: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Λάθος συνθηματικό.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: αποτυχία διχάλωσης: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: Ο GID '%lu' δεν υπά�χει\n"
+
+msgid "too many groups\n"
+msgstr "πά�α πολλές ομάδες\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  δημιου�γία λογα�ιασμών συστήματος\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+"%s: Η ομάδα '%s' είναι σκιώδης ομάδα, αλλά δεν υπά�χει στο /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: μη έγκυ�ο ID χ�ήστη '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: μη έγκυ�ο όνομα χ�ήστη '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: γ�αμμή %d: μη έγκυ�η γ�αμμή\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: αδυναμία ανανέωσης καταχώ�ησης για το χ�ήστη %s (δεν β�έθηκε στη βάση "
+"δεδομένων του passwd)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: γ�αμμή %d: αδυναμία δημιου�γίας χ�ήστη\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: γ�αμμή %d: αδυναμία δημιου�γίας ομάδας\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: γ�αμμή %d: Ο χ�ήστης '%s' δεν υπά�χει στο %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: γ�αμμή %d: αδυναμία ανανέωση συνθηματικο�\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: γ�αμμή %d: αποτυχία δημιου�γίας καταλόγου %s (mkdir) : %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: γ�αμμή %d: αποτυχία αλλαγής ιδιοκτήτη %s (chown): %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: γ�αμμή %d: αδυναμία ανανέωσης καταχώ�ησης\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: αποτυχία π�οετοιμασίας της νέας εγγ�αφής %s '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: αδυναμία δημιου�γίας του χ�ήστη\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: αδυναμία ανανέωσης για το α�χείο ομάδων\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+"  -a, --all                     π�οβολή της κατάστασης των συνθηματικών για "
+"όλους τους λογα�ιασμο�ς\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+"  -d, --delete                  διαγ�αφή του συνθηματικο� για τον "
+"ονομαζόμενο λογα�ιασμό\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  εξαναγκασμένη λήξη του συνθηματικο� του "
+"ονομαζόμενου λογα�ιασμο�\n"
+
+#, fuzzy
+#| msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+"  -e, --encrypted               τα πα�εχόμενα συνθηματικά είναι "
+"κ�υπτογ�αφημένα\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive ΜΗ_Ε�ΕΡΓΟ       καθιστά το συνθηματικό μη ενε�γό μετά\n"
+"                                τη λήξη σε ΜΗ_Ε�ΕΡΓΟ\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+"  -l, --lock                    κλείδωμα του συνθηματικο� για τον "
+"ονομαζόμενο λογα�ιασμό\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays ΕΛΑΧ_ΗΜΕΡΕΣ       καθο�ισμός του ελάχιστου α�ιθμο� ημε�ών "
+"π�ιν την\n"
+"                                αλλαγή του συνθηματικο� σε ΕΛΑΧ_ΗΜΕΡΕΣ\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   σιωπηλή λειτου�γία\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+"  -r, --repository ΑΠΟΘΗΚΗ   αλλαγή του συνθηματικο� στην ΑΠΟΘΗΚΗ "
+"(repository)\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+"  -S, --status                  αναφο�ά της κατάστασης του ονομαζόμενου "
+"λογα�ιασμο�\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+"  -u, --unlock                  ξεκλείδωμα του συνθηματικο� του ονομαζόμενου "
+"λογα�ιασμο�\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -w, --warndays ΠΡΟΕΙΔ_ΗΜΕΡΕΣ      καθο�ισμός των ημε�ών π�οειδοποίησης "
+"π�ιν από τη λήξη σε ΠΡΟΕ_ΗΜΕΡΕΣ\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays ΜΕΓ_ΗΜΕΡΕΣ        καθο�ισμός του μέγιστου α�ιθμο� ημε�ών "
+"π�ιν\n"
+"                                την αλλαγή του συνθηματικο� σε ΜΕΓ_ΗΜΕΡΕΣ\n"
+
+msgid "Old password: "
+msgstr "Παλιό Συνθηματικό: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Εισάγετε το νέο συνθηματικό (ελάχιστο %d χα�ακτή�ες)\n"
+"Πα�ακαλώ χ�ησιμοποιήστε ένα συνδυασμό από κεφαλαία και μικ�ά γ�άμματα\n"
+"καθώς και α�ιθμο�ς.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Εισάγετε το νέο συνθηματικό (ελάχιστο %d, μέγιστο %d χα�ακτή�ες)\n"
+"Πα�ακαλώ χ�ησιμοποιήστε ένα συνδυασμό από κεφαλαία και μικ�ά γ�άμματα\n"
+"καθώς και α�ιθμο�ς.\n"
+
+msgid "New password: "
+msgstr "�έο Συνθηματικό: "
+
+msgid "Try again."
+msgstr "Ξαναδοκιμάστε."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Π�οσοχή: αδ�ναμο συνθηματικό (εισάγετε το πάλι για να το χ�ησιμοποιήσετε)."
+
+msgid "They don't match; try again.\n"
+msgstr "Δεν ται�ιάζουν. Δοκιμάστε ξανά.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Το συνθηματικό για τον %s δεν μπο�εί να αλλάξει.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Το συνθηματικό για το χ�ήστη %s δεν μπο�εί να αλλάξει.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: το ξεκλείδωμα του συνθηματικο� θα οδηγήσει σε λογα�ιασμό χω�ίς "
+"συνθηματικό.\n"
+"Π�έπει να καθο�ίσετε ένα συνθηματικό με χ�ήση του usermod -p, ώστε να "
+"ξεκλειδώσετε το συνθηματικό για αυτό το λογα�ιασμό.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: η αποθήκη %s δεν υποστη�ίζεται\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+"%s: ο χ�ήστης %s δεν είναι εξουσιοδοτημένος να αλλάξει το συνθηματικό του "
+"%s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Δεν μπο�είτε να δείτε αλλάξετε το συνθηματικό του %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Αλλαγή συνθηματικο� για τον %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Το συνθηματικό για τον %s δεν άλλαξε.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: το συνθηματικό άλλαξε.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: αλλαγή πλη�οφο�ιών λήξης συνθηματικο�.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Χ�ήση: %s [επιλογές] [passwd]\n"
+"\n"
+"Επιλογές:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Χ�ήση: %s [επιλογές] [passwd [shadow]]\n"
+"\n"
+"Επιλογές:\n"
+
+#, fuzzy
+#| msgid "  -q, --quiet                   quiet mode\n"
+msgid "  -q, --quiet                   report errors only\n"
+msgstr "  -q, --quiet                   σιωπηλή λειτου�γία\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: δεν επιτ�έπεται η χ�ήση εναλλακτικο� α�χείου σκιωδών συνθηματικών όταν η "
+"επιλογή USE_TCB είναι ενε�γοποιημένη.\n"
+
+msgid "invalid password file entry"
+msgstr "Μη έγκυ�η καταχώ�ηση στο α�χείο συνθηματικών"
+
+msgid "duplicate password entry"
+msgstr "διπλότυπη καταχώ�ιση στο α�χείο συνθηματικών"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "Μη έγκυ�ο όνομα χ�ήστη '%s'\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "Μη έγκυ�ο ID χ�ήστη '%lu'\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "χ�ήστης %s: καμιά ομάδα %lu\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "χ�ήστης '%s': ο κατάλογος '%s' δεν υπά�χει\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "χ�ήστης '%s': το π�όγ�αμμα '%s' δεν υπά�χει\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "δεν υπά�χει κατάλογος tcb για το χ�ήστη %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "δημιου�γία καταλόγου tcb για το χ�ήστη %s;"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "αδυναμία δημιου�γίας καταλόγου tcb για το χ�ήστη %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: αδυναμία κλειδώματος του α�χείου %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr ""
+"δεν β�έθηκε καταχώ�ιση στο α�χείο συνθηματικών που να ται�ιάζει με το %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "π�οσθήκη του χ�ήστη '%s' στο %s;"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"ο χ�ήστης %s έχει εγγ�αφεί στο %s, αλλά το πεδίο συνθηματικο� στο %s δεν "
+"έχει την τιμή 'x'\n"
+
+msgid "invalid shadow password file entry"
+msgstr "Μη έγκυ�η καταχώ�ιση στο α�χείο σκιωδών συνθηματικών"
+
+msgid "duplicate shadow password entry"
+msgstr "διπλότυπη καταχώ�ιση στο α�χείο σκιωδών συνθηματικών"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "χ�ήστης %s: τελευταία αλλαγή συνθηματικο� στο μέλλον\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: αδυναμία ταξινόμησης των εγγ�αφών στο %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: δεν μπο�ώ να ε�γαστώ με το tcb ενε�γοποιημένο\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: αδυναμία αλλαγής της κατάστασης από %s σε 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Π�όσβαση στη su σε αυτόν τον λογα�ιασμό ΑΡ�ΗΘΗΚΕ.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Πα�άκαμψη εξακ�ίβωσης με συνθηματικό.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Πα�ακαλώ εισάγετε το ΔΙΚΟ σας συνθηματικό για εξακ�ίβωση.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: αδυναμία διχάλωσης του φλοιο� του χ�ήστη\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: δυσλειτου�γία σήματος\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: δυσλειτου�γία μασκα�ίσμος του σήματος\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Συνεδ�ία τε�ματίστηκε, τε�ματισμός φλοιο�..."
+
+msgid " ...killed.\n"
+msgstr " ...σκοτώθηκε.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr " ...τε�ματίστηκε.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Χ�ήση: su [επιλογές] [Ο�ΟΜΑ]\n"
+"\n"
+"Επιλογές:\n"
+"  -c, --command Ε�ΤΟΛΗ          εκτέλεση της Ε�ΤΟΛΗΣ στο καλο�μενο κέλυφος\n"
+"  -h, --help                    π�οβολή αυτο� του μην�ματος βοήθειας και "
+"έξοδος\n"
+"  -, -l, --login                κάνει το κέλυφος ένα κέλυφος εισόδου\n"
+"  -m, -p,\n"
+"  --preserve-environment        δεν γίνεται α�χικοποίηση μεταβλητών\n"
+"                                πε�ιβάλλοντος, και διατη�εί το ίδιο κέλυφος\n"
+"  -s, --shell ΦΛΟΙΟΣ             χ�ήση ΦΛΟΙΟΣ αντί του π�οεπιλεγμένου στο\n"
+"                                passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Αγνοήθηκε)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Δεν έχετε άδεια για su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Εισάγετε το δικό σας συνθηματικό)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: Αποτυχία εξακ�ίβωσης\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Δεν έχετε άδεια για su τη δεδομένη στιγμή\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "Δεν υπά�χει καταχώ�ηση συνθηματικο� για το χ�ήστη '%s'\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: π�έπει να εκτελεστεί από τε�ματικό\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: σφάλμα %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: αδυναμία από��ιψης τε�ματικο� ελέγχου\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Αδυναμία εκτέλεσης %s\n"
+
+msgid "No password file"
+msgstr "Δεν υπά�χει α�χείο συνθηματικών"
+
+msgid "TIOCSCTTY failed"
+msgstr "το TIOCSCTTY απέτυχε"
+
+msgid "No password entry for 'root'"
+msgstr "Δεν υπά�χει καταχώ�ηση συνθηματικο� για το χ�ήστη 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Πληκτ�ολογήστε control-d για να συνεχίσετε με την κανονική ένα�ξη,\n"
+"(ή δώστε το συνθηματικό του root για συντή�ηση του συστήματος):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Ένα�ξη Κατάστασης Συντή�ησης Συστήματος"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: το %s δημιου�γήθηκε, αλλά δεν μπο�εί να διαγ�αφεί\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: η %s διαμό�φωση στο %s θα αγνοηθεί\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: αδυναμία δημιου�γίας νέου α�χείου π�οκαθο�ισμένων �υθμίσεων\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: αδυναμία ανοίγματος νέου α�χείου π�οκαθο�ισμένων �υθμίσεων\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: πολ� μακ�ιά γ�αμμή στο %s: %s..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Αδυναμία δημιου�γίας συμβολικο� συνδέσμου %s: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: μετονομασία: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: Η ομάδα '%s' είναι NIS ομάδα.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: Π�οσδιο�ίστηκαν υπε�βολικές ομάδες (μεγ. %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Χ�ήση: %s [επιλογές] Ο�ΟΜΑ\n"
+"       %s -D\n"
+"       %s -D [επιλογές]\n"
+"\n"
+"Επιλογές:\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -b, --base-dir ΒΑΣΙΚΟΣ_ΚΑΤ       βασικός κατάλογος για τον α�χικό κατάλογο "
+"του χ�ήστη γιατον\n"
+"                                καινο��γιο λογα�ιασμό\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr "  -c, --comment ΣΧΟΛΙΟ         πεδίο GECOS του νέου λογα�ιασμο�\n"
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+"  -d, --home-dir ΑΡΧ_ΚΑΤ       α�χικός κατάλογος χ�ήστη για τον νέο "
+"λογα�ιασμό\n"
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+"  -D, --defaults                εκτ�πωση ή αλλαγή της π�οκαθο�ισμένης "
+"διαμό�φωσης useradd\n"
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr "  -e, --expiredate ΗΜΕΡ_ΛΗΞΗΣ  ημε�ομηνία λήξης του νέου λογα�ιασμο�\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+"  -f, --inactive ΜΗ_Ε�ΕΡΓΟ       πε�ίοδος μη ενε�γοποίησης του συνθηματικο� "
+"για τον νέο λογα�ιασμό\n"
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+"  -g, --gid ΟΜΑΔΑ               όνομα ή ID για της π�ωτε�ουσας ομάδας του\n"
+"                                νέου λογα�ιασμο�\n"
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+"  -G, --groups ΟΜΑΔΕΣ           λίστα των συμπλη�ωματικών ομάδων του\n"
+"                                νέου λογα�ιασμο�\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+"  -k, --skel ΠΡΟΤ_ΚΑΤ           χ�ήση εναλλακτικο� π�ότυπου καταλόγου\n"
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -l, --no-log-init             μη π�οσθήκη του χ�ήστη στις βάσης δεδομένων\n"
+"                                lastlog και faillog\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr "  -m, --create-home             δημιου�γία α�χικο� καταλόγου χ�ήστη\n"
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+"  -M, --no-create-home          μη δημιου�γία α�χικο� καταλόγου χ�ήστη\n"
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+"  -N, --no-user-group           να μην δημιου�γηθεί ομάδα με το ίδιο όνομα\n"
+"                                με αυτό του χ�ήστη\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              επιτ�έπει τη δημιου�γία χ�ηστών με το ίδιο\n"
+"                                (μη μοναδικό) UID\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+"  -p, --password ΣΥ�ΘΗΜΑΤΙΚΟ       κ�υπτογ�αφημένο συνθηματικό του νέου "
+"λογα�ιασμο�\n"
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr "  -s, --shell ΦΛΟΙΟΣ             φλοιός εισόδου του νέου λογα�ιασμο�\n"
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr "  -u, --uid UID                 ID χ�ήστη του νέου λογα�ιασμο�\n"
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+"  -U, --user-group              δημιου�γεί μία ομάδα με το ίδιο όνομα με "
+"αυτό του χ�ήστη\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+"  -Z, --selinux-user ΧΡΗΣΤΗΣ_SE     χ�ήση συγκεκ�ιμένου ΧΡΗΣΤΗΣ_SE για την "
+"χα�τογ�άφηση χ�ήστη SELinux\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: Μη έγκυ�ος κατάλογος βάσης '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: Μη έγκυ�ο σχόλιο '%s'\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: Μη έγκυ�ος α�χικός κατάλογος χ�ήστη '%s'\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: σκιώδη συνθηματικά απαιτο�νται για το -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: σκιώδη συνθηματικά απαιτο�νται για -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: Μη έγκυ�ο πεδίο '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: Μη έγκυ�ος φλοιός '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z απαιτεί πυ�ήνα με ενε�γοποιημένο το SELinux\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: αποτυχία επαναφο�άς της καταχώ�ησης στο faillog του UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: αποτυχία επαναφο�άς της καταχώ�ησης στο lastlog του UID %lu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: αποτυχία π�οετοιμασίας της νέας εγγ�αφής %s '%s'\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: αδυναμία δημιου�γίας καταλόγου %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Δημιου�γία α�χείου mailbox"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Δεν β�έθηκε η ομάδα 'mail'. Δημιου�γία α�χείου mailbox σε κατάσταση 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Ρ�θμιση αδειών του α�χείου mailbox"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: Ο χ�ήστης '%s' υπά�χει ήδη\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: ομάδα %s υπά�χει - αν θέλετε να π�οσθέσετε αυτόν το χ�ήστη σε αυτή την "
+"ομάδα, χ�ησιμοποιήστε -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: αδυναμία δημιου�γίας του χ�ήστη\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: Το UID %lu δεν είναι μοναδικό\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: Αδυναμία δημιου�γίας tcb καταλόγου για το χ�ήστη %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: αδυναμία δημιου�γίας ομάδας\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: αδυναμία δημιου�γίας του χ�ήστη\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: αδυναμία δημιου�γίας ομάδας\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: π�οειδοποίηση: ο α�χικός κατάλογος χ�ήστη υπά�χει ήδη.\n"
+"Δεν έγινε αντιγ�αφή σε αυτό οποιουδήποτε καταλόγου skel.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: π�οειδοποίηση: απέτυχε η π�οσθήκη του χ�ήστη %s  στην χα�τογ�άφηση "
+"SELinux %s.\n"
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   εξαναγκασμένη απομάκ�υνση α�χείων,\n"
+"                                ακόμα και εάν ο χ�ήστης δεν είναι ιδιοκτήτης "
+"τους\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+"  -r, --remove                  απομάκ�υνση α�χικο� καταλόγου χ�ήστη και "
+"ου�άς ταχυδ�ομείου\n"
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+"  -Z, --selinux-user            απομακ��νει κάθε χα�τογ�άφηση χ�ήστη SELinux "
+"για τον χ�ήστη\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: η ομάδα %s δεν διαγ�άφηκε γιατί δεν είναι π�ωτα�χική ομάδα του χ�ήστη "
+"%s.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: η ομάδα %s δεν αφαι�έθηκε γιατί πε�ιέχει και άλλα μέλη.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: η ομάδα %s είναι π�ωτα�χική ομάδα για άλλο χ�ήστη και δεν διαγ�άφηκε.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: αδυναμία απομάκ�υνσης της εγγ�αφής '%s' από το %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s η ου�ά του ταχυδ�ομείου (%s) δεν β�έθηκε\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: π�οειδοποίηση: αδυναμία διαγ�αφής %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: Το %s δεν ανήκει στον %s, δεν αφαι�είται\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+"%s: Αδυναμία εκχώ�ησης μνήμης, η εγγ�αφή tcb για τον χ�ήστη %s δεν έχει "
+"διαγ�αφεί.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Αδυναμία από��ιψης π�ονομίων: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Αδυναμία διαγ�αφής των πε�ιεχομένων του %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: Αδυναμία διαγ�αφής των α�χείων tcb για το χ�ήστη %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: Ο χ�ήστης %s είναι NIS χ�ήστης\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s ο α�χικός κατάλογος χ�ήστη (%s) δεν β�έθηκε\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: Δεν διαγ�άφεται ο κατάλογος %s (θα αφαι�ο�σε τον α�χικό κατάλογο του "
+"χ�ήστη %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: Σφάλμα κατά την διαγ�αφή του καταλόγου %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: π�οειδοποίηση: η απομάκ�υνση του ονόματος χ�ήστη %s από την χα�τογ�άφηση "
+"χ�ηστών του SELinux απέτυχε.\n"
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment ΣΧΟΛΙΟ         νέα τιμή του πεδίου GECOS\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+"  -d, --home ΑΡΧ_ΚΑΤ           νέος α�χικός κατάλογος χ�ήστη για τον "
+"λογα�ιασμό\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -e, --expiredate ΗΜΕΡ_ΛΗΞΗΣ  καθο�ισμός της ημε�ομηνίας λήξης του "
+"λογα�ιασμο� σε ΗΜΕΡ_ΛΗΞΗΣ\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive ΜΗ_Ε�ΕΡΓΟ       καθο�ισμός συνθηματικο� μετά τη λήξη\n"
+"                                σε ΜΗ_Ε�ΕΡΓΟ\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+"  -g, --gid ΟΜΑΔΑ               εξαναγκασμός χ�ήσης της ΟΜΑΔΑ ως κ��ια "
+"ομάδα\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+"  -G, --groups ΟΜΑΔΕΣ           νέα λίστα με τις συμπλη�ωματικές ΟΜΑΔΕΣ\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+"  -a, --append                  π�οσθήκη του χ�ήστη στις συμπλη�ωματικές "
+"ΟΜΑΔΕΣ\n"
+"                                που π�οσδιο�ίζονται από την επιλογή -G, \n"
+"                                χω�ίς να διαγ�άφεται από τις άλλες ομάδες\n"
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login �ΕΟ_Ο�ΟΜΑ        νέο όνομα χ�ήστη\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    κλείδωμα του λογα�ιασμο� του χ�ήστη\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               μετακίνηση των πε�ιεχομένων του α�χικο� "
+"καταλόγου του χ�ήστη\n"
+"                                σε νέα τοποθεσία (χ�ήση μόνο με την επιλογή -"
+"d)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr "  -o, --non-unique              επιτ�έπει τη χ�ήση μη μοναδικο� UID\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+"  -p, --password ΣΥ�ΘΗΜΑΤΙΚΟ       χ�ήση κ�υπτογ�αφημένου συνθηματικο� ως "
+"νέο συνθηματικό\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr "  -u, --uid UID                 νέο UID για το λογα�ιασμό του χ�ήστη\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+"  -U, --unlock                  ξεκλείδωμα του λογα�ιασμο� του χ�ήστη\n"
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -Z, --selinux-user ΧΡΗΣΤΗΣ_SE     νέα χα�τογ�άφηση χ�ήστη SELinux για το "
+"λογα�ιασμό του χ�ήστη\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: το ξεκλείδωμα του συνθηματικο� του χ�ήστη θα οδηγο�σε σε λογα�ιασμό "
+"χω�ίς συνθηματικό.\n"
+"Π�έπει να εισάγετε ένα συνθηματικό με χ�ήση του usermod -p ώστε να "
+"ξεκλειδώσετε το συνθηματικό του συγκεκ�ιμένου χ�ήστη.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: Ο χ�ήστης %s υπά�χει ήδη στο %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: Μη έγκυ�η ημε�ομηνία '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: Μη έγκυ�η ημε�ομηνία '%s'\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: χω�ίς επιλογές\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: οι σημαίες -L, -p, και -U είναι αποκλειστικές\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: σκιώδη συνθηματικά απαιτο�νται για το -e και -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: το UID '%lu' υπά�χει ήδη\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+"%s: ο χ�ήστης %s δεν είναι εξουσιοδοτημένος να αλλάξει το συνθηματικό του "
+"%s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: ο κατάλογος %s υπά�χει\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Ο π�οηγο�μενος α�χικός κατάλογος (%s) δεν είναι κατάλογος. Δεν "
+"διαγ�άφηκε ο�τε νέοι α�χικοί κατάλογοι δημιου�γήθηκαν.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Αδυναμία αλλαγής ιδιοκτήτη του α�χικο� καταλόγου του χ�ήστη"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: π�οειδοποίηση: αποτυχία ολοκλη�ωτικής απομάκ�υνσης του παλιο� α�χικο� "
+"καταλόγου %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: αδυναμία μετονομασίας του καταλόγου %s σε %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: αποτυχία αντιγ�αφής της εγγ�αφής του lastlog από το χ�ήστη %lu στο "
+"χ�ήστη %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: αποτυχία αντιγ�αφής της εγγ�αφής του faillog από το χ�ήστη %lu στο "
+"χ�ήστη %lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: π�οειδοποίηση: Το %s δεν ανήκει στον %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "αποτυχία αλλαγής του ιδιοκτήτη του γ�αμματοκιβωτίου"
+
+msgid "failed to rename mailbox"
+msgstr "αποτυχία μετονομασίας γ�αμματοκιβωτίου"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: αποτυχία π�οετοιμασίας της νέας εγγ�αφής %s '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: αποτυχία π�οετοιμασίας της νέας εγγ�αφής %s '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: αποτυχία π�οετοιμασίας της νέας εγγ�αφής %s '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: αποτυχία π�οετοιμασίας της νέας εγγ�αφής %s '%s'\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Έχετε αλλάξει το %s.\n"
+"Ίσως χ�ειάζεται να αλλάξετε το %s για λόγους συνέπειας.\n"
+"Για να το επιτ�χετε, χ�ησιμοποιήστε την εντολή '%s'.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   επεξε�γασία βάσης δεδομένων ομάδων\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd                  επεξε�γασία βάσης δεδομένων κωδικών\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+"  -s, --shadow                  επεξε�γασία βάσης δεδομένων shadow ή "
+"gshadow\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+"  -u, --user                    επιλογή χ�ήστη, του οποίου το α�χείο σκιωδών "
+"συνθηματικών tcb θα επεξε�γαστεί\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: αποτυχία απομάκ�υνσης του %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: Το %s δεν άλλαξε\n"
+
+msgid "failed to create scratch directory"
+msgstr "αποτυχία δημιου�γίας π�οσω�ινο� καταλόγου"
+
+msgid "failed to drop privileges"
+msgstr "αποτυχία από��ιψης π�ονομίων"
+
+msgid "Couldn't get file context"
+msgstr "Αδυναμία ανάκτησης πε�ιεχομένων α�χείου"
+
+msgid "setfscreatecon () failed"
+msgstr "αποτυχία του setfscreatecon ()"
+
+msgid "failed to gain privileges"
+msgstr "αποτυχία απόκτησης π�ονομίων"
+
+msgid "Couldn't lock file"
+msgstr "Αδυναμία ξεκλειδώματος α�χείου"
+
+msgid "Couldn't make backup"
+msgstr "Αδυναμία δημιου�γίας αντιγ�άφου ασφαλείας "
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: το ncsd τε�μάτισε με κατάσταση εξόδου %d"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "αποτυχία ανοίγματος π�οσω�ινο� α�χείου"
+
+msgid "failed to unlink scratch file"
+msgstr "αποτυχία αποσ�νδεσης του π�οσω�ινο� α�χείου"
+
+msgid "failed to stat edited file"
+msgstr "αποτυχία εκτέλεσης της εφα�μογής stat για το επεξε�γασμένο α�χείο"
+
+msgid "failed to allocate memory"
+msgstr "αποτυχία κατανομής μνήμης"
+
+msgid "failed to create backup file"
+msgstr "αποτυχία δημιου�γίας αντίγ�αφου ασφαλείας"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: αδυναμία επαναφο�άς %s: %s (οι αλλαγές είναι στο %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: αποτυχία ε��εσης καταλόγου tcb %s\n"
+
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Χ�ήση: %s [είσοδος]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "Η κλήση malloc(%d) απέτυχε\n"
+
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -d, --lastday LAST_DAY        set last password change to LAST_DAY\n"
+#~| "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --list                    show account aging information\n"
+#~| "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "  -W, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Χ�ήση: change [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        ��θμιση τελευταίας αλλαγής συνθηματικο� "
+#~ "σε\n"
+#~ "                                LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  ��θμιση ημε�ομηνίας λήξης λογα�ιασμο� σε\n"
+#~ "                                EXPIRE_DATE\n"
+#~ "  -h, --help                    π�οβολή αυτο� του μην�ματος βοήθειας και\n"
+#~ "                                έξοδος\n"
+#~ "  -I, --inactive INACTIVE       ��θμιση ανενε�γο� κωδικο� μετά από τη "
+#~ "λήξη\n"
+#~ "                                του σε INACTIVE\n"
+#~ "  -l, --list                    π�οβολή πλη�οφο�ιών ηλικίας λογα�ιασμο�\n"
+#~ "  -m, --mindays MIN_DAYS        ��θμιση ελάχιστου α�ιθμο� ημε�ών π�ιν "
+#~ "την\n"
+#~ "                                αλλαγή συνθηματικο� σε MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        ��θμιση μέγιστου α�ιθμο� ημε�ών π�ιν την\n"
+#~ "                                αλλαγή συνθηματικο� σε MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      ��θμιση π�οειδοποιήσεων ημε�ών λήξης σε\n"
+#~ "                                WARN_DAYS\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: Αποτυχία εξακ�ίβωσης PAM\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Χ�ήση: %s [-f πλή�ες_όνομα] [-r α�ίθμ_δωματίου] [-w τηλ_ε�γασίας]\n"
+#~ "\t[-h τηλ_οικίας] [-o άλλο] [χ�ήστης]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Χ�ήση: %s [-f πλή�ες_όνομα] [-r α�ιθμ_δωματίου] [-w τηλ_δωματίου]\n"
+#~ "[-h τηλ_οικίας]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Χ�ήση: chpasswd [options]\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ "  -e, --encrypted               τα πα�εχόμενα συνθηματικά είναι\n"
+#~ "                                κ�υπτογ�αφημένα\n"
+#~ "  -h, --help                    π�οβολή αυτο� του μην�ματος βοήθειας και\n"
+#~ "                                έξοδος\n"
+#~ "  -m, --md5                     χ�ήση κ�υπτογ�άφησης MD5 αντί για DES "
+#~ "όταν\n"
+#~ "                                τα πα�εχόμενα συνθηματικά δεν είναι\n"
+#~ "                                κ�υπτογ�αφημένα\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Χ�ήση: expiry {-f|-c}\n"
+
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: αδυναμία ανοίγματος α�χείου %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Χ�ήση: groupdel ομάδα\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Χ�ήση: %s [-r] [-s] [group [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Χ�ήση: %s [-r] [-s] [group]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s και -r είναι ασ�μβατα\n"
+
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Χ�ήση: groupdel ομάδα\n"
+
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Χ�ήση: groupdel ομάδα\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Χ�ήση: lastlog [options]\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ "  -b, --before DAYS             εκτ�πωση μόνο των τελευταίων εγγ�αφών\n"
+#~ "                                lastlog παλαιότε�ων από DAYS\n"
+#~ "  -h, --help                    π�οβολή αυτο� του μην�ματος βοήθειας και\n"
+#~ "                                έξοδος\n"
+#~ "  -t, --time DAYS               εκτ�πωση μόνο των τελευταίων εγγ�αφών\n"
+#~ "                                lastlog πιο π�όσφατων από από DAYS\n"
+#~ "  -u, --user LOGIN              εκτ�πωση τελευταίας εγγ�αφής lastlog για\n"
+#~ "                                χ�ήστη με καθο�ισμένο LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Χ�ήση: passwd [options] [login]\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ "  -a, --all                     αναφο�ά κατάστασης συνθηματικών για "
+#~ "όλους\n"
+#~ "                                τους λογα�ιασμο�ς\n"
+#~ "  -d, --delete                  διαγ�αφή συνθηματικο� για το "
+#~ "συγκεκ�ιμένο\n"
+#~ "                                λογα�ιασμό\n"
+#~ "  -e, --expire                  εξαναγκασμός λήξης του συνθηματικο� για "
+#~ "το\n"
+#~ "                                συγκεκ�ιμένο λογα�ιασμό\n"
+#~ "  -h, --help                    π�οβολή αυτο� του μην�ματος βοήθειας και\n"
+#~ "                                έξοδος\n"
+#~ "  -k, --keep-tokens             αλλαγή συνθηματικο� μόνο αν αυτό έχει "
+#~ "λήξει\n"
+#~ "  -i, --inactive INACTIVE       ��θμιση ανενε�γο� συνθηματικο� μετά τη "
+#~ "λήξη\n"
+#~ "                                του σε Α�Ε�ΕΡΓΟ\n"
+#~ "  -l, --lock                    κλείδωμα του συγκεκ�ιμένου λογα�ιασμο�\n"
+#~ "  -n, --mindays MIN_DAYS        ��θμιση ελάχιστου α�ιθμο� ημε�ών π�ιν "
+#~ "την\n"
+#~ "                                αλλαγή συνθηματικο� σε MIN_DAYS\n"
+#~ "  -q, --quiet                   σιωπη�ή λειτου�γία\n"
+#~ "  -r, --repository REPOSITORY   αλλαγή συνθηματικο� στο REPOSITORY\n"
+#~ "                                repository\n"
+#~ "  -S, --status                  αναφο�ά κατάστασης συνθηματικο� για το\n"
+#~ "                                συγκεκ�ιμένο λογα�ιασμό\n"
+#~ "  -u, --unlock                  ξεκλείδωμα του συγκεκ�ιμένου λογα�ιασμο�\n"
+#~ "  -w, --warndays WARN_DAYS      ��θμιση ημε�ών π�οειδοποίησης λήξης σε\n"
+#~ "                                WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        ��θμιση μέγιστου α�ιθμο� ημε�ών π�ιν την\n"
+#~ "                                αλλαγή συνθηματικο� σε MAX_DAYS\n"
+#~ "\n"
+
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Χ�ήση: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Χ�ήση: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Χ�ήση: id\n"
+
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Χ�ήση: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Άγνωστη ταυτότητα: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Δεν υπά�χει φλοιός\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: Ο χ�ήστης %s β�ίσκεται στο σ�στημα\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Χ�ήση: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ "  -a, --append GROUP            π�οσθήκη του χ�ήστη σε συμπλη�ωματική "
+#~ "ΟΜΑΔΑ\n"
+#~ "  -c, --comment COMMENT         νέα τιμή του πεδίου GECOS\n"
+#~ "  -d, --home HOME_DIR           νλεος κατάλογος εισόδου για το νέο\n"
+#~ "                                λογα�ιασμό χ�ήστη\n"
+#~ "  -e, --expiredate EXPIRE_DATE  ��θμιση ημε�ομηνίας λήξης λογα�ιασμο� σε\n"
+#~ "                                EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       ��θμιση συνθηματικο� ως ανενε�γο� μετά "
+#~ "από\n"
+#~ "                                τη λήξη του σε Α�Ε�ΕΡΓΟ\n"
+#~ "  -g, --gid GROUP               εξαναγκασμός χ�ήσης ΟΜΑΔΑΣ ως τη νέα "
+#~ "α�χική\n"
+#~ "                                ομάδα εισόδου\n"
+#~ "  -G, --groups GROUPS           λίστα των συμπλη�ωματικών ΟΜΑΔΩ�\n"
+#~ "  -h, --help                    π�οβολή του μην�ματος βοήθειας και "
+#~ "έξοδος\n"
+#~ "  -l, --login LOGIN             νέα τιμή του ονόματος εισόδου\n"
+#~ "  -L, --lock                    κλείδωμα του λογα�ιασμο� χ�ήστη\n"
+#~ "  -m, --move-home               μετακινεί τα πε�ιεχόμενα του α�χικο�\n"
+#~ "                                καταλόγου στη νέατοποθεσία (χ�ήση μόνο με "
+#~ "-d)\n"
+#~ "  -o, --non-unique              επιτ�έπει τη χ�ήση διπλότυπου (μη "
+#~ "μοναδικο�) UID\n"
+#~ "  -p, --password PASSWORD       χ�ήση κ�υπτογ�αφημένου συνθηματικο� για "
+#~ "το\n"
+#~ "                                νέο συνθηματικό\n"
+#~ "  -s, --shell SHELL             νέο κέλυφος εισόδου για το λογα�ιασμό "
+#~ "χ�ήστη\n"
+#~ "  -u, --uid UID                 νέο UID για το λογα�ιασμό χ�ήστη\n"
+#~ "  -U, --unlock                  ξεκλείδωμα του λογα�ιασμο� χ�ήστη\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: Δεν δόθηκαν ενδείξεις\n"
+
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Χ�ήση: vipw [options]\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ "  -g, --group                   επεξε�γασία βάσης δεδομένων ομάδας\n"
+#~ "  -h, --help                    π�οβολή κειμένου βοήθειας και έξοδος\n"
+#~ "  -p, --passwd                  επεξε�γασία βάσης δεδομένων κωδικών\n"
+#~ "  -q, --quiet                   σιωπηλή λειτου�γία\n"
+#~ "  -s, --shadow                  επεξε�γασία βάσης δεδομένων shadow ή "
+#~ "gshadow\n"
+#~ "\n"
+
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Χ�ήση: %s [είσοδος]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: αδυναμία δημιου�γίας του %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: Αδυναμία αλλαγής ιδιοκτήτη(chown) του %s\n"
+
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     display faillog records for all users\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --lock-time SEC           after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| "  -m, --maximum MAX             set maximum failed login counters to "
+#~| "MAX\n"
+#~| "  -r, --reset                   reset the counters of login failures\n"
+#~| "  -t, --time DAYS               display faillog records more recent than "
+#~| "DAYS\n"
+#~| "  -u, --user LOGIN              display faillog record or maintains "
+#~| "failure\n"
+#~| "                                counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| "                                options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     π�οβολή καταγ�αφής faillog για όλους "
+#~ "τους\n"
+#~ "                                χ�ήστες\n"
+#~ "  -h, --help                    π�οβολή αυτο� του μην�ματος βοήθειας και\n"
+#~ "                                έξοδος\n"
+#~ "  -l, --lock-time SEC           μετά από αποτυχημένη είσοδο κλείδωμα\n"
+#~ "                                λογα�ιασμο� για SEC δευτε�όλεπτα\n"
+#~ "  -m, --maximum MAX             ��θμιση μέγιστου α�ιθμο� καταμέτ�ησης\n"
+#~ "                                αποτυχημένων π�οσπαθειών εισόδου σε MAX\n"
+#~ "  -r, --reset                   α�χικοποίηση της καταμέτ�ησης "
+#~ "αποτυχημένων\n"
+#~ "                                π�οσπαθειών εισόδου\n"
+#~ "  -t, --time DAYS               π�οβολή εγγ�αφών faillog πιο π�όσφατων "
+#~ "από DAYS\n"
+#~ "  -u, --user LOGIN              π�οβάλλει τις εγγ�αφές faillog ή\n"
+#~ "                                διαχει�ίζεται τα ό�ια καταμέτ�ησης\n"
+#~ "                                αποτυχημένων εισόδων (αν χ�ησιμοποιηθεί\n"
+#~ "                                με τις επιλογές -r, -m ή -l) μόνο\n"
+#~ "                                για το χ�ήστη με LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Χ�ήση: groupadd [options] group\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ "  -f, --force                   εξαναγκασμός εξόδου με κατάσταση "
+#~ "επιτυχίας\n"
+#~ "                                αν η καθο�ισμένη ομάδα υπά�χει ήδη\n"
+#~ "  -g, --gid GID                 χ�ήση GID για τη νέα ομάδα\n"
+#~ "  -h, --help                    π�οβολή αυτο� του μην�ματος βοήθειας και\n"
+#~ "                                έξοδος\n"
+#~ "  -K, --key KEY=VALUE           πα�άκαμψη π�οεπιλογών /etc/login.defs\n"
+#~ "  -o, --non-unique              επιτ�έπει τη δημιου�γία ομάδας με "
+#~ "διπλότυπο\n"
+#~ "                                (μη-μοναδικό) GID\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Χ�ήση: groupadd [options] group\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ "  -f, --force                   εξαναγκασμός εξόδου με κατάσταση "
+#~ "επιτυχίας\n"
+#~ "                                αν η καθο�ισμένη ομάδα υπά�χει ήδη\n"
+#~ "  -g, --gid GID                 χ�ήση GID για τη νέα ομάδα\n"
+#~ "  -h, --help                    π�οβολή αυτο� του μην�ματος βοήθειας και\n"
+#~ "                                έξοδος\n"
+#~ "  -K, --key KEY=VALUE           πα�άκαμψη π�οεπιλογών /etc/login.defs\n"
+#~ "  -o, --non-unique              επιτ�έπει τη δημιου�γία ομάδας με "
+#~ "διπλότυπο\n"
+#~ "                                (μη-μοναδικό) GID\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Χ�ήση: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ "  -b, --base-dir BASE_DIR       ο βασικός κατάλογος για τον α�χικό "
+#~ "κατάλογο\n"
+#~ "                                λογα�ιασμο� νέου χ�ήστη\n"
+#~ "  -c, --comment COMMENT         ��θμιση του πεδίου GECOS για το "
+#~ "λογα�ιασμό\n"
+#~ "                                νέου χ�ήστη\n"
+#~ "  -d, --home-dir HOME_DIR       ο α�χικός κατάλογος για το λογα�ιασμό "
+#~ "νέου\n"
+#~ "                                χ�ήστη\n"
+#~ "  -D, --defaults                εκτ�πωση ή αποθήκευση τ�οποποιημένης\n"
+#~ "                                π�οεπιλεγμένης ��θμισης tπ�οσθήκης "
+#~ "χ�ήστη\n"
+#~ "  -e, --expiredate EXPIRE_DATE  ��θμιση ημε�ομηνίας λήξης λογα�ιασμο� σε\n"
+#~ "                                EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       ��θμιση ανενε�γο� συνθηματικο� μετά τη "
+#~ "λήξη\n"
+#~ "                                σε Α�Ε�ΕΡΓΟ\n"
+#~ "  -g, --gid GROUP               εξαναγκασμός χ�ήσης GROUP για το νέο\n"
+#~ "                                λογα�ιασμό χ�ήστη\n"
+#~ "  -G, --groups GROUPS           π�οβολή λίστας συμπλη�ωματικών ομάδων "
+#~ "για\n"
+#~ "                                το νέο λογα�ιασμό χ�ήστη\n"
+#~ "  -h, --help                    π�οβολή αυτο� του μην�ματος βοήθειας και\n"
+#~ "                                έξοδος\n"
+#~ "  -k, --skel SKEL_DIR           καθο�ισμός ενός εναλλακτικο� κατάλογου "
+#~ "skel\n"
+#~ "  -K, --key KEY=VALUE           πα�άκαμψη π�οεπιλογών /etc/login.defs\n"
+#~ "  -m, --create-home             δημιου�γία α�χικο� καταλόγου για το νέο\n"
+#~ "                                λογα�ιασμό χ�ήστη\n"
+#~ "  -o, --non-unique              επιτ�έπει τη δημιου�γία χ�ήστη με "
+#~ "διπλότυπο\n"
+#~ "                                (μη μοναδικό) UID\n"
+#~ "  -p, --password PASSWORD       χ�ήση κ�υπτογ�αφημένου κωδικο� για το "
+#~ "νέο\n"
+#~ "                                λογα�ιασμό χ�ήστη\n"
+#~ "  -s, --shell SHELL             το κέλυφος σ�νδεσης για το νέο "
+#~ "λογα�ιασμό\n"
+#~ "                                χ�ήστη\n"
+#~ "  -u, --uid UID                 εξαναγκασμός χ�ήσης του UID για το νέο\n"
+#~ "                                λογα�ιασμό χ�ήστη\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Το συνθηματικό έχει �υθμιστεί να λήξει."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του α�χείου συνθηματικών\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του α�χείου συνθηματικών\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του α�χείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του α�χείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: αδυναμία επανεγγ�αφής α�χείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: αδυναμία επανεγγ�αφής α�χείου συνθηματικών\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: αδυναμία ανανέωσης του α�χείου σκιωδών συνθηματικών\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tΠλή�ες Όνομα: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tΑ�ιθμός δωματίου: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tΤηλέφωνο Ε�γασίας: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tΤηλέφωνο Οικίας: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr ""
+#~ "Αδυναμία κλειδώματος του α�χείου συνθηματικών. Δοκιμάστε α�γότε�α.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Αδυναμία ανοίγματος του α�χείου συνθηματικών.\n"
+
+#~ msgid "%s: %s not found in /etc/passwd\n"
+#~ msgstr "%s: Ο %s δεν β�έθηκε στο /etc/passwd\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Σφάλμα κατά την ανανέωση καταχώ�ησης στο α�χείο συνθηματικών.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Αδυναμία εισαγωγής των αλλαγών στο α�χείο συνθηματικών.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Αδυναμία ξεκλειδώματος του α�χείου συνθηματικών\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του α�χείου ομάδων\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του α�χείου ομάδων\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του α�χείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του α�χείου σκιωδών συνθηματικών\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά την ανανέωση καταχω�ήσεων στο α�χείο σκιωδών "
+#~ "συνθηματικών\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: Σφάλμα κατά την ανανέωση καταχώ�ισης ομάδας\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: γ�αμμή %d: άγνωστος χ�ήστης %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: γ�αμμή %d: αδυναμία ανανέωσης καταχώ�ησης\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του α�χείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά την ανανέωση καταχω�ήσεων στο α�χείο σκιωδών "
+#~ "συνθηματικών\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: Σφάλμα κατά την ανανέωση καταχω�ήσεων στο α�χείο συνθηματικών\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: γ�αμμή %d: άγνωστος χ�ήστης %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: γ�αμμή %d: αδυναμία ανανέωσης καταχώ�ησης συνθηματικο�\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: άγνωστος χ�ήστης\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Άγνωστος χ�ήστης: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Χ�ήση: %s [-r|-R] ομάδα\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "       %s [-a χ�ήστης] ομάδα\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "       %s [-d χ�ήστης] ομάδα\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "       %s [-A χ�ήστης,...] [-M χ�ήστης,...] ομάδα\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "       %s [-M χ�ήστης,...] ομάδα\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: Αδυναμία δημιου�γίας κλειδώματος\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr ""
+#~ "%s: Αδυναμία δημιου�γίας κλειδώματος του α�χείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του α�χείου\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: αδυναμία επανεγγ�αφής α�χείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: αδυναμία ξεκλειδώματος α�χείου\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: αδυναμία ανανέωσης καταχώ�ησης\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr ""
+#~ "%s: αδυναμία ανανέωσης καταχώ�ησης στο α�χείο σκιωδών συνθηματικών\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "άγνωστη ομάδα: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του α�χείου\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του α�χείου σκιωδών συνθηματικών\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Ποιος είσαι;\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: άγνωστο μέλος %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: Σφάλμα κατά την π�οσθήκη νέας καταχώ�ησης στο α�χείο ομάδων\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: αδυναμία επανεγγ�αφής του α�χείου ομάδων\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: αδυναμία επανεγγ�αφής του α�χείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: Αδυναμία κλειδώματος του α�χείου ομάδων\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: Αδυναμία ανοίγματος του α�χείου ομάδων\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: Αδυναμία κλειδώματος του α�χείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: Αδυναμία ανοίγματος του α�χείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: Το GID %u δεν είναι μοναδικό\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: Σφάλμα κατά την διαγ�αφή καταχώ�ησης ομάδας\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά την αφαί�εση καταχώ�ησης στο α�χείο σκιωδών συνθηματικών "
+#~ "ομάδων\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: αδυναμία αφαί�εσης της π�ωτα�χικής ομάδας του χ�ήστη.\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: Αποτυχία εξακ�ίβωσης PAM\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s: Αδυναμία κλειδώματος του α�χείου ομάδων\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος α�χείου ομάδων\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: Ο %s δεν β�έθηκε στο /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: Το %u δεν είναι μοναδικό GID\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: Το %s δεν είναι μοναδικό όνομα\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: αδυναμία επανεγγ�αφής του α�χείου συνθηματικών\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: Αδυναμία κλειδώματος του α�χείου συνθηματικών\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: Αδυναμία ανοίγματος του α�χείου συνθηματικών\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr ""
+#~ "%s: αδυναμία ανανέωσης καταχώ�ησης στο α�χείο σκιωδών συνθηματικών για "
+#~ "τον %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: αδυναμία ανανέωσης καταχώ�ησης για την ομάδα %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του α�χείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του α�χείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr ""
+#~ "%s: αδυναμία αφαί�εσης  της ομάδας %s, από το α�χείο σκιωδών "
+#~ "συνθηματικών\n"
+#~ "ομάδων\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: αδυναμία ανανέωσης του α�χείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr ""
+#~ "%s: Δεν είναι δυνατόν να διαγ�αφεί το α�χείο σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "άγνωστο UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "άγνωστο GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: Η ομάδα %s δεν υπά�χει\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: Ο χ�ήστης %s δεν υπά�χει\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: Μη έγκυ�ο όνομα χ�ήστη `%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: αδυναμία ανοίγματος των α�χείων\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: Σφάλμα κατά την ενημέ�ωση α�χείων\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: αδυναμία ανανέωσης καταχώ�ησης συνθηματικο� για τον %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του α�χείου συνθηματικών\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος του α�χείου συνθηματικών\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr ""
+#~ "%s: αδυναμία απομάκ�υνσης καταχώ�ησης σκιώδους συνθηματικο� για τον %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: αδυναμία ανανέωσης α�χείου συνθηματικών\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: αδυναμία ανανέωσης καταχώ�ησης για τον χ�ήστη %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: Δεν είναι δυνατόν να διαγ�αφεί το α�χείο σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: άγνωστο GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: άγνωστη ομάδα %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s:  στο update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: αδυναμία επανεγγ�αφής του α�χείου συνθηματικών\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: αδυναμία επανεγγ�αφής του α�χείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: αδυναμία κλειδώματος του α�χείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος α�χείου σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: Σφάλμα κατά το κλείδωμα του α�χείου ομάδων\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: Σφάλμα κατά το άνοιγμα του α�χείου ομάδων\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά το κλείδωμα του α�χείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά το άνοιγμα του α�χείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά την π�οσθήκη νέας καταχώ�ησης στο α�χείο συνθηματικών\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά την π�οσθήκη νέας καταχώ�ησης στο α�χείο σκιωδών "
+#~ "συνθηματικών\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: π�οειδοποίηση: το CREATE_HOME δεν υποστη�ίζεται, πα�ακαλώ "
+#~ "χ�ησιμοποιήστε το -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: Σφάλμα κατά την ανανέωση καταχώ�ισης ομάδας\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: Σφάλμα κατά την ανανέωση καταχώ�ισης ομάδας\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος α�χείου ομάδων\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: αδυναμία ανοίγματος α�χείου σκιωδών συνθηματικών ομάδων\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: Σφάλμα κατά την διαγ�αφή καταχώ�ησης στο α�χείο συνθηματικών\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά την διαγ�αφή καταχώ�ησης στο α�χείο σκιωδών συνθηματικών\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: Σφάλμα κατά την π�οσθήκη νέας καταχώ�ησης στο α�χείο ομάδων\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: Το uid %lu δεν είναι μοναδικό\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: Σφάλμα κατά την αλλαγή καταχώ�ησης συνθηματικο�\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: Σφάλμα κατά την αφαί�εση καταχώ�ησης στο α�χείο συνθηματικών\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr ""
+#~ "%s: Σφάλμα κατά την αφαί�εση καταχώ�ησης στο α�χείο σκιωδών συνθηματικών\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: αδυναμία λήψης μοναδικο� GID\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " στο `%.100s' από `%.200s'"
+
+#, fuzzy
+#~ msgid " on '%.100s'"
+#~ msgstr " στο `%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: γ�αμμή %d: αδυναμία δημιου�γίας UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: Το όνομα %s δεν είναι μοναδικό\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Χ�ήση: chpasswd [επιλογές]\n"
+#~ "\n"
+#~ "Επιλογές:\n"
+#~ "  -e, --encrypted\tτα πα�εχόμενα συνθηματικά είναι κ�υπτογ�αφημένα\n"
+#~ "  -h, --help\t\tπ�οβολή αυτο� του μην�ματος βοήθειας και έξοδος\n"
+#~ "  -m, --md5\t\tχ�ήση κ�υπτογ�άφησης MD5 αντί για DES όταν τα πα�εχόμενα\n"
+#~ "\t\t\tσυνθηματικά δεν είναι κ�υπτογ�αφημένα\n"
+#~ "\n"
+
+#~ msgid "No password.\n"
+#~ msgstr "Δεν υπά�χει συνθηματικό\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Λυπάμαι.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Συγνώμη, το συνθηματικό για τον %s δεν μπο�εί να αλλάξει ακόμη.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Λυπάμαι."
diff --git a/po/es.po b/po/es.po
new file mode 100644
index 0000000..42ef765
--- /dev/null
+++ b/po/es.po
@@ -0,0 +1,3750 @@
+# shadow po translation to Spanish
+# Copyright (C) 2004, 2011 Free Software Foundation, Inc.
+# This file is distributed under the same license as the shadow package.
+#
+# Changes:
+#   - Initial translation
+#       Rubén Porras Campo <nahoo@inicia.es>, 2004
+#
+#   - Updates
+#       Ricardo Mones <ricardo.mones@hispalinux.es>, 2004
+#       Francisco Javier Cuadrado <fcocuadrado@gmail.com>, 2011
+#
+# Traductores, si no conocen el formato PO, merece la pena leer la
+# documentación de gettext, especialmente las secciones dedicadas a este
+# formato, por ejemplo ejecutando:
+#   info -n '(gettext)PO Files'
+#   info -n '(gettext)Header Entry'
+#
+# Equipo de traducción al español, por favor lean antes de traducir
+# los siguientes documentos:
+#
+#   - El proyecto de traducción de Debian al español
+#     http://www.debian.org/intl/spanish/
+#     especialmente las notas y normas de traducción en
+#     http://www.debian.org/intl/spanish/notas
+#
+#   - La guía de traducción de po's de debconf:
+#     /usr/share/doc/po-debconf/README-trans
+#     o http://www.debian.org/intl/l10n/po-debconf/README-trans
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.1.4.2\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2011-11-23 23:56+0100\n"
+"Last-Translator: Francisco Javier Cuadrado <fcocuadrado@gmail.com>\n"
+"Language-Team: Debian l10n Spanish <debian-l10n-spanish@lists.debian.org>\n"
+"Language: es\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Hay varias entradas con el nombre «%s» en %s. Por favor, corríjalo "
+"utilizando pwck o grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "¿libcrypt no permite utilizar el método de cifrado? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "error de configuración, no se pudo procesar el valor %s: «%s»"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "No se pudo reservar espacio para la información de configuración.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"error de configuración, elemento «%s» desconocido (informe al "
+"administrador)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Contraseña: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Contraseña de %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "No se pudo reservar espacio para la información de configuración.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Cambiando la información de la edad para %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: no se pudo determinar su nombre de usuario.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: línea %d: no se puede encontrar el usuario %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: sin memoria\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: no se pudo realizar «stat» a %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s no es ni un directorio ni un enlace simbólico.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: no se pudo leer el enlace simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: enlace simbólico sospechosamente largo: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: no se pudo crear el directorio %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: no se pudo cambiar el dueño de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: no se pudo cambiar el modo de %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: unlink: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: no se pudo eliminar el directorio %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: no se pudo renombrar %s a %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: no se pudo eliminar %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s no se pudo crear el enlace simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: no se pudieron cambiar los dueños de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: no se pudo realizar «lstat» a %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: aviso, el usuario %s no tiene un fichero «tcb shadow».\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: emergencia: el tcb oculto de %s no es un fichero normal con st_nlink=1.\n"
+"La cuenta se queda bloqueada.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: no se pudo abrir %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Aviso: grupo %s desconocido\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Aviso: demasiados grupos\n"
+
+msgid "Your password has expired."
+msgstr "Su contraseña ha caducado."
+
+msgid "Your password is inactive."
+msgstr "Su contraseña está inactiva."
+
+msgid "Your login has expired."
+msgstr "Su acceso ha caducado."
+
+msgid "  Contact the system administrator."
+msgstr "  Contacte con el administrador."
+
+msgid "  Choose a new password."
+msgstr "  Elija una contraseña nueva."
+
+msgid "You must change your password."
+msgstr "Debe cambiar su contraseña."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Su contraseña caducará en %ld días.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Su contraseña caducará mañana."
+
+msgid "Your password will expire today."
+msgstr "Su contraseña caducará hoy."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "No se pudo abrir la interfaz de auditoría, abortando.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr ""
+"No se pudo cambiar el dueño o el modo de la tty de la entrada estándar "
+"(stdin): %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: se produjo un fallo al desbloquear %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Desbordamiento de entorno\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "No debe cambiar $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d fallo desde el último acceso.\n"
+"El último fue %s en %s.\n"
+msgstr[1] ""
+"%d fallos desde el último acceso.\n"
+"El último fue %s en %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: configuración incorrecta: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: configuración incorrecta: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: se produjo un fallo al reservar memoria: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: no se pudo obtener un GID único del sistema (no hay más GID "
+"disponibles)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: no se pudo obtener un GID único (no hay más GID disponibles)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: configuración incorrecta: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: configuración incorrecta: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: no se pudo obtener un UID único del sistema (no hay más UID "
+"disponibles)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: no se pudo obtener un UID único (no hay más UID disponibles)\n"
+
+msgid "Too many logins.\n"
+msgstr "Demasiados accesos.\n"
+
+msgid "You have new mail."
+msgstr "Tiene correo nuevo."
+
+msgid "No mail."
+msgstr "Sin correo."
+
+msgid "You have mail."
+msgstr "Tiene correo."
+
+msgid "no change"
+msgstr "sin cambios"
+
+msgid "a palindrome"
+msgstr "un palíndromo"
+
+msgid "case changes only"
+msgstr "sólo cambios de mayúsculas/minúsculas"
+
+msgid "too similar"
+msgstr "demasiado similar"
+
+msgid "too simple"
+msgstr "demasiado simple"
+
+msgid "rotated"
+msgstr "rotada"
+
+msgid "too short"
+msgstr "demasiado corta"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Contraseña incorrecta: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() falló, error %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: no se ha cambiado la contraseña\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: contraseña actualizada correctamente\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Contraseña incorrecta para %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: se produjo un fallo al desprenderse de los privilegios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: teléfono de casa incorrecto: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create directory %s: %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: no se pudo crear el directorio %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: no se pudo crear el directorio %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to create tcb directory for %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: se produjo un fallo al crear el directorio tcb para %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"El valor de ENCRYPT_METHOD no es válido: «%s».\n"
+"Se usará DES, el valor predeterminado.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Incapaz de cambiar el directorio a «%s»\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Sin directorio, accediendo con HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "No se puede ejecutar %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Directorio raíz «%s» incorrecto\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "No se pudo cambiar el directorio raíz a «%s»\n"
+
+msgid "Unable to determine your tty name."
+msgstr "No se pudo determinar el nombre de su tty."
+
+msgid "No"
+msgstr "No"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] USUARIO\n"
+"\n"
+"Opciones:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+"  -d, --lastday ÚLTIMO_D�A      establece el día del último cambio de la\n"
+"                                contraseña a ÚLTIMO_D�A\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -E, --expiredate FECHA_CAD    establece la fecha de caducidad a FECHA_CAD\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+"  -h, --help                    muestra este mensaje de ayuda y termina\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive INACTIVA       deshabilita la cuenta después de INACTIVA\n"
+"                                días de la fecha de caducidad\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+"  -l, --list                    muestra la información de la edad de la "
+"cuenta\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays D�AS_MIN        establece el número mínimo de días antes de\n"
+"                                cambiar la contraseña a D�AS_MIN\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays D�AS_MAX        establece el número máximo de días antes de\n"
+"                                cambiar la contraseña a D�AS_MAX\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -W, --warndays D�AS_AVISO     establece los días de aviso de expiración a\n"
+"                                D�AS_AVISO\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+"Introduzca el nuevo valor, o pulse INTRO para usar el valor predeterminado"
+
+msgid "Minimum Password Age"
+msgstr "Duración mínima de la contraseña"
+
+msgid "Maximum Password Age"
+msgstr "Duración máxima de la contraseña"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Último cambio de contraseña (AAAA-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Aviso de caducidad de la contraseña"
+
+msgid "Password Inactive"
+msgstr "Contraseña inactiva"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Fecha de caducidad de la cuenta (AAAA-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Último cambio de contraseña\t\t\t\t\t:"
+
+msgid "never"
+msgstr "nunca"
+
+msgid "password must be changed"
+msgstr "se debe cambiar la contraseña"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "La contraseña caduca\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Contraseña inactiva\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "La cuenta caduca\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Número de días mínimo entre cambio de contraseña\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Número de días máximo entre cambio de contraseña\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Número de días de aviso antes de que caduque la contraseña\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: fecha «%s» incorrecta\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: argumento numérico incorrecto «%s»\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: no incluya «l» junto a otras opciones\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: permiso denegado.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: no se pudo determinar su nombre de usuario.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: no se pudo bloquear %s, inténtelo de nuevo.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: no se pudo abrir %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: se produjo un fallo al escribir los cambios a %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: se produjo un fallo al preparar la nueva %s entrada «%s»\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: el fichero de contraseñas ocultas no está presente\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: el usuario «%s» no existe en %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Cambiando la información de la edad para %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: error cambiando los campos\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] [USUARIO]\n"
+"\n"
+"Opciones:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+"  -u, --help                    muestra este mensaje de ayuda y termina\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Nombre completo"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Número de habitación"
+
+msgid "Work Phone"
+msgstr "Teléfono del trabajo"
+
+msgid "Home Phone"
+msgstr "Teléfono de casa"
+
+msgid "Other"
+msgstr "Otro"
+
+msgid "Cannot change ID to root.\n"
+msgstr ""
+"No se puede cambiar el identificador al usuario del administrador («root»).\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: el nombre contiene caracteres ilegales (no ASCII): «%s»\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: nombre incorrecto: «%s»\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: la habitación contiene caracteres ilegales (no ASCII): «%s»\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: nombre de habitación incorrecto: «%s»\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: teléfono del trabajo incorrecto: «%s»\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: teléfono de casa incorrecto: «%s»\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: «%s» contiene caracteres ilegales (que no son ASCII)\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: «%s» contiene caracteres ilegales\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: el usuario «%s» no existe\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: no se pudo cambiar el usuario «%s» en el cliente NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: «%s» es el NIS maestro para este cliente.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Cambiando la información de usuario para %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: campos demasiado largos\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones]\n"
+"\n"
+"Opciones:\n"
+
+#, fuzzy, c-format
+#| msgid "  -c, --crypt-method <METHOD>   the crypt method (one of %s)\n"
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method <MÉTODO>   el método de cifrado (uno de %s)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+"  -e, --encrypted               se cifran las contraseñas proporcionadas\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     cifra la contraseña en claro utilizando\n"
+"                                el algoritmo MD5\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"  -s, --sha-rounds              número de rondas SHA para los algoritmos\n"
+"                                de cifrado SHA*\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: la opción %s sólo está permitida junto a la opción %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: las opciones -c, -e y -m son exclusivas\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: método de cifrado no compatible: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: línea %d: línea demasiado larga\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: línea %d: falta la nueva contraseña\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: se produjo un fallo al eliminar %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: línea %d: el grupo «%s» no existe\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+"%s: línea %d: se produjo un fallo al preparar la nueva %s entrada «%s»\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: error detectado, cambios ignorados\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (línea %d, usuario %s) la contraseña no ha cambiado\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: línea %d: el usuario «%s» no existe\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+"  -s, --shell CONSOLA           nueva consola de acceso para la cuenta del\n"
+"                                usuario\n"
+
+msgid "Login Shell"
+msgstr "Consola de acceso"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "No debería cambiar la consola para «%s».\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Cambiando la consola de acceso para %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: entrada incorrecta: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s es una consola incorrecta.\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: aviso: %s no existe\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: aviso: %s no es un ejecutable\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: las opciones %s y %s están en conflicto\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: argumento inesperado: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+"  -a, --all                     muestra los registros de faillog para\n"
+"                                todos los usuarios\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-secs SEG           después de fallar al acceder la cuenta se\n"
+"                                bloqueará después de SEG segundos\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum MAX             establece el máximo número de accesos "
+"fallidos\n"
+"                                a MAX\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+"  -r, --reset                   reinicia el contador de accesos fallidos\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time D�AS               muestra los registros de faillog más "
+"recientes\n"
+"                                que D�AS\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user USUARIO/RANGO      muestra los registros de faillog o mantiene\n"
+"                                los contadores y límites de fallos (si se\n"
+"                                utiliza con -r, -m o -l) sólo para el "
+"USUARIO\n"
+"                                indicado\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Se produjo un fallo al conseguir la entrada para el UID %lu\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Usuario     Fallos Máximo Último                   Activo\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [faltan %lus]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr "[bloqueados %lds]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr ""
+"%s: se produjo un fallo al reiniciar el contador de fallos para el UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: se produjo un fallo al establecer max para el UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr ""
+"%s: se produjo un fallo al establecer el tiempo de bloqueo para el UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: usuario o rango desconocido: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: no se pudo conseguir el tamaño de %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: se produjo un fallo al eliminar %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] GRUPO\n"
+"\n"
+"Opciones:\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add USUARIO             añade USUARIO al GRUPO\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete USUARIO          elimina USUARIO del GRUPO\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr "  -r, --remove-password         elimina la contraseña de GRUPO\n"
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+"  -R, --restrict                restringe el acceso a GRUPO a sus miembros\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+"  -M, --members USUARIO,...     establece la lista de miembros de GRUPO\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators ADMIN,...\n"
+"                                establece la lista de administradores de "
+"GRUPO\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Excepto las opciones -A y -M, las opciones no se pueden combinar.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Las opciones no se pueden combinar.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: se requieren contraseñas de los grupos de shadow para -A\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: el grupo «%s» no existe en %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: se produjo un fallo al cerrar el %s de sólo lectura\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Cambiando la contraseña para el grupo %s\n"
+
+msgid "New Password: "
+msgstr "Nueva contraseña: "
+
+msgid "Re-enter new password: "
+msgstr "Vuelva a introducir la nueva contraseña: "
+
+msgid "They don't match; try again"
+msgstr "No concuerdan, inténtelo de nuevo"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: inténtelo más tarde\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Añadiendo al usuario %s al grupo %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Eliminando al usuario %s del grupo %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: el usuario «%s» no es miembro de «%s»\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: No es una tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] GRUPO\n"
+"\n"
+"Opciones:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force                   termina si el grupo ya existe, y cancela -g\n"
+"                                si el GID ya se está en uso\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr "  -g, --gid GID                 utiliza GID para el nuevo grupo\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+"  -K, --key CLAVE=VALOR         sobrescribe los valores predeterminados de\n"
+"                                «/etc/login.defs»\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              permite crear grupos con GID (no únicos)\n"
+"                                duplicados\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+"  -p, --password CONTRASEÑA     utiliza esta contraseña cifrada para el "
+"nuevo\n"
+"                                grupo\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  crea una cuenta del sistema\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: «%s» no es un nombre de grupo válido\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: identificador de grupo «%s» incorrecto\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K requiere CLAVE=VALOR\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: el grupo «%s» ya existe\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: el GID «%lu» ya existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: no se pudo determinar su nombre de usuario.\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -r, --reset                   reset the counters of login failures\n"
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+"  -r, --reset                   reinicia el contador de accesos fallidos\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: no se pudo eliminar la entrada «%s» de %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: no se pudo eliminar el grupo primario del usuario «%s»\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: el grupo «%s» no existe\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: el grupo «%s» es un grupo NIS\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s es el NIS maestro\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: el usuario «%s» ya es un miembro de «%s»\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: sin memoria. No se pudo actualizar %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] [acción]\n"
+"\n"
+"Opciones:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group GRUPO             cambia el nombre del grupo en lugar del "
+"grupo\n"
+"                                del usuario (sólo lo puede hacer el\n"
+"                                administrador)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Acciones:\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+"  -a, --add USUARIO             añade USUARIO a los miembros del grupo\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+"  -d, --delete USUARIO          elimina USUARIO de la lista de miembros del\n"
+"                                grupo\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr "  -p, --purge                   purga todos los miembros del grupo\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    lista los miembros del grupo\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: su nombre de grupo no coincide con su nombre de usuario\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: sólo el administrador puede utilizar la opción -g/--group\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+"  -g, --gid GID                 cambia el identificador del grupo a GID\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr "  -n, --new-name GRUPO_NUEVO    cambia el nombre a GRUPO_NUEVO\n"
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              permite utilizar un GID duplicado (no "
+"único)\n"
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+"  -p, --password CONTRASEÑA     cambia la contraseña a CONTRASEÑA (cifrada)\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: nombre del grupo «%s» incorrecto\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: el grupo %s es un grupo NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: usuario desconocido %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] [grupo [gshadow]]\n"
+"\n"
+"Opciones:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] [group]\n"
+"\n"
+"Opciones:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s y -r son incompatibles\n"
+
+msgid "invalid group file entry"
+msgstr "entrada del fichero de grupos incorrecta"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "¿desea eliminar la línea «%s»? "
+
+msgid "duplicate group entry"
+msgstr "entrada de grupo duplicada"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "nombre de grupo «%s» incorrecto\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "identificador de grupo «%lu» incorrecto\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grupo %s: no existe el usuario %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "¿desea eliminar el miembro «%s»? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "no hay entradas coincidentes en el fichero de grupos en «%s»\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "¿desea añadir el grupo «%s» en %s?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"el grupo %s tiene una entrada en %s, pero su campo de contraseña en %s no "
+"está establecido a «x»\n"
+
+msgid "invalid shadow group file entry"
+msgstr "entrada del fichero shadow de grupos incorrecta"
+
+msgid "duplicate shadow group entry"
+msgstr "entrada del fichero shadow de grupos duplicada"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "grupo de shadow %s: no existe el usuario administrativo %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "¿desea eliminar el miembro administrativo «%s»? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "grupo de shadow %s: no existe el usuario %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: los ficheros se han actualizado\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: sin cambios\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: no se pudo borrar %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Modo de uso: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Modo de uso: id\n"
+
+msgid " groups="
+msgstr "grupos="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+"  -b, --before D�AS             muestra los registros de «lastlog» "
+"anteriores\n"
+"                                a D�AS\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+"  -a, --all                     muestra los registros de faillog para\n"
+"                                todos los usuarios\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+"  -a, --all                     muestra los registros de faillog para\n"
+"                                todos los usuarios\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time D�AS               muestra sólo los registros de «lastlog» más\n"
+"                                recientes que D�AS\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+"  -u, --user USUARIO            muestra el registro de «lastlog» del "
+"USUARIO\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "Nombre           Puerto   De               Último"
+
+msgid "Username                Port     Latest"
+msgstr "Nombre                  Puerto   Último"
+
+msgid "**Never logged in**"
+msgstr "**Nunca ha accedido**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Se produjo un fallo al conseguir la entrada para el UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: no puedo actualizar el fichero de contraseñas\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Modo de uso: %s [-p] [nombre]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h máquina] [-f nombre]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r máquina\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "error de configuración, no se pudo procesar el valor %s: «%d»"
+
+msgid "Invalid login time"
+msgstr "Tiempo de acceso incorrecto"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistema cerrado por mantenimiento rutinario"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Desconexión evitada -- acceso del administrador («root») permitido.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: posiblemente no se puede trabajar sin el administrador\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr "Sin entrada utmp. Debe ejecutar «login» desde el nivel «sh» más bajo"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"El acceso caducó después de %u segundos.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: fallo de PAM, abortando: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s nombre: "
+
+msgid "login: "
+msgstr "nombre: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Número de intentos máximo excedido (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: petición abortada por PAM\n"
+
+msgid "Login incorrect"
+msgstr "Identificación incorrecta"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: línea %d: no se puede encontrar el usuario %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s nombre: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: se produjo un fallo en la llamada a fork: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSTTY falló en %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Aviso: acceso restablecido después de un cierre temporal."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Último acceso: %s en %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Último acceso: %.19s en %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " desde %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"tiempo de acceso excedido\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Modo de uso: logout\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Modo de uso: newgrp [-] [grupo]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Modo de uso: sg grupo [[-c] orden]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: se produjo un fallo al eliminar %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Contraseña incorrecta.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: se produjo un fallo al realizar el «fork»: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: el GID «%lu» no existe\n"
+
+msgid "too many groups\n"
+msgstr "demasiados grupos\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  crea cuentas del sistema\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: el grupo «%s» es un grupo oculto, pero no existe en «/etc/group»\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: identificador de usuario «%s» incorrecto\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: nombre de usuario «%s» incorrecto\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: línea %d: línea incorrecta\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: no se pudo actualizar la entrada del usuario %s (no está en la base de "
+"datos de passwd)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: línea %d: no se pudo crear el usuario\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: línea %d: no se pudo crear el grupo\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: línea %d: el usuario «%s» no existe en %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: línea %d: no se puede actualizar la contraseña\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: línea %d: mkdir %s falló: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: línea %d: chown %s falló: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: línea %d: no se puede actualizar la entrada\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: se produjo un fallo al preparar la nueva %s entrada «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: no se pudo crear el usuario\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: no se puede actualizar el fichero de grupo\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+"  -a, --all                     informa del estado de las contraseñas de\n"
+"                                todas las cuentas\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+"  -d, --delete                  borra la contraseña para la cuenta indicada\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  fuerza a que la contraseña de la cuenta\n"
+"                                caduque\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+"  -k, --keep-tokens             cambia la contraseña sólo si ha caducado\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive INACTIVO       establece la contraseña inactiva después de\n"
+"                                caducar a INACTIVO\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+"  -l, --lock                    bloquea la contraseña de la cuenta indicada\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays D�AS_MIN        establece el número mínimo de días antes\n"
+"                                de que se cambie la contraseña a D�AS_MIN\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   modo silencioso\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+"  -r, --repository REP          cambia la contraseña en el repositorio REP\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+"  -S, --status                  informa del estado de la contraseña la "
+"cuenta\n"
+"                                indicada\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+"  -u, --unlock                  desbloquea la contraseña de la cuenta "
+"indicada\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -w, --warndays D�AS_AVISO     establece el aviso de caducidad a "
+"D�AS_AVISO\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays D�AS_MAX        establece el número máximo de días antes de\n"
+"                                cambiar la contraseña a D�AS_MAX\n"
+
+msgid "Old password: "
+msgstr "Contraseña antigua: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduzca la nueva contraseña (con un mínimo de %d caracteres)\n"
+"Por favor, use una combinación de letras mayúsculas, minúsculas y números.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduzca la nueva contraseña (con un mínimo de %d caracteres y un máximo "
+"de %d)\n"
+"Por favor, use una combinación de letras mayúsculas, minúsculas y números.\n"
+
+msgid "New password: "
+msgstr "Nueva contraseña: "
+
+msgid "Try again."
+msgstr "Inténtelo de nuevo."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Aviso: contraseña débil (introdúzcala de nuevo para usarla de todos modos)."
+
+msgid "They don't match; try again.\n"
+msgstr "No concuerdan, inténtelo de nuevo.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "No se puede cambiar la contraseña para %s.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Todavía no se puede cambiar la contraseña de %s.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: desbloquear la contraseña dejaría una cuenta sin contraseña.\n"
+"Debería establecer una contraseña mediante «usermod -p» para desbloquear la "
+"contraseña de esta cuenta.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: repositorio %s no soportado\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s no está autorizado a cambiar la contraseña de %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: no debe ver o cambiar la información de la contraseña para %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Cambiando la contraseña para %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "La contraseña para %s no se ha modificado.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: contraseña cambiada.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: información de caducidad de la contraseña cambiada.\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "Usage: %s [options] [action]\n"
+#| "\n"
+#| "Options:\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] [acción]\n"
+"\n"
+"Opciones:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] [passwd [shadow]]\n"
+"\n"
+"Opciones:\n"
+
+#, fuzzy
+#| msgid "  -q, --quiet                   quiet mode\n"
+msgid "  -q, --quiet                   report errors only\n"
+msgstr "  -q, --quiet                   modo silencioso\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: no se permite un fichero oculto alternativo cuando USE_TCB está "
+"habilitado.\n"
+
+msgid "invalid password file entry"
+msgstr "entrada del fichero de contraseñas incorrecta"
+
+msgid "duplicate password entry"
+msgstr "entrada de contraseña duplicada"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "nombre de usuario «%s» incorrecto\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "identificador «%lu» de usuario incorrecto\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "usuario «%s»: no existe el grupo %lu\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "usuario «%s»: el directorio «%s» no existe\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "usuario «%s»: el programa «%s» no existe\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "no existe el directorio tcb para %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "¿desea crear el directorio tcb para %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "se produjo un fallo al crear el directorio tcb para %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: no se pudo bloquear %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "ninguna entrada del fichero de contraseñas concuerda con %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "¿desea añadir el usuario «%s» a «%s»?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"el usuario %s tiene una entrada en %s, pero su campo de la contraseña en %s "
+"no está establecido a «x»\n"
+
+msgid "invalid shadow password file entry"
+msgstr "entrada del fichero shadow de contraseñas incorrecta"
+
+msgid "duplicate shadow password entry"
+msgstr "entrada del fichero shadow de contraseñas duplicada"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr ""
+"usuario %s: el último cambio de la contraseña se produjo en el futuro\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: no se pudieron ordenar las entradas en %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: no puede funcionar con tcb activado\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: se produjo un fallo al cambiar el modo de %s a 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "El acceso a «su» en esa cuenta se ha DENEGADO.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Autenticación de contraseña evitada.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Por favor, introduzca su PROPIA contraseña como autenticación.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: no se pudo realizar el «fork» de la consola del usuario\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: funcionamiento incorrecto de la señal\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: funcionamiento incorrecto del enmascaramiento de la señal\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Sesión finalizada, parando la consola ..."
+
+msgid " ...killed.\n"
+msgstr " ... finalizado.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ... esperando a que el hijo finalice.\n"
+
+msgid " ...terminated.\n"
+msgstr " ... parada.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Modo de uso: su [opciones] [USUARIO]\n"
+"\n"
+"Opciones:\n"
+"  -c, --command ORDEN           pasa la ORDEN a la consola invocada\n"
+"  -h, --help                    muestra este mensaje de ayuda y termina\n"
+"  -, -l, --login                hace que la consola sea una de acceso\n"
+"  -m, -p,\n"
+"  --preserve-environment        no reinicia las variables de entorno, y\n"
+"                                mantiene la misma consola\n"
+"  -s, --shell CONSOLA           usa CONSOLA en lugar de la predeterminada "
+"en\n"
+"                                passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorado)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "No está autorizado a usar su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Introduzca su propia contraseña)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: se produjo un fallo en la autenticación\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: no está autorizado a usar su en este momento\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Sin entrada de contraseña para el administrador («root»)"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: debe ejecutarse desde un terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: error %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot remove the content of %s: %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: no se pudo eliminar el contenido de %s: %s\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "No se puede ejecutar %s\n"
+
+msgid "No password file"
+msgstr "Sin fichero de contraseñas"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY falló"
+
+msgid "No password entry for 'root'"
+msgstr "Sin entrada de contraseña para el administrador («root»)"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Pulse control-d para continuar con un arranque normal del sistema,\n"
+"(o introduzca la contraseña del administrador («root») para entrar en el "
+"modo de mantenimiento del sistema):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Entrando en el modo de mantenimiento del sistema"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: se creó %s, pero no se pudo eliminar\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: se ignorará la configuración %s en %s\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr ""
+"%s: no se puede crear un nuevo fichero de preferencias predeterminadas\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr ""
+"%s: no se puede abrir un nuevo fichero de preferencias predeterminadas\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: línea demasiado larga en %s: %s..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s no se pudo crear el enlace simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: renombrar: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: el grupo «%s» es un grupo NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: demasiados grupos especificados (el máximo es %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Modo de uso: %s [opciones] USUARIO\n"
+"             %s -D\n"
+"             %s -D [opciones]\n"
+"\n"
+"Opciones:\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -b, --base-dir DIR_BASE       directorio base para el directorio personal\n"
+"                                de la nueva cuenta\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr "  -c, --comment COMENTARIO      campo GECOS de la nueva cuenta\n"
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+"  -d, --home-dir DIR_PERSONAL   directorio personal de la nueva cuenta\n"
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+"  -D, --defaults                imprime o cambia la configuración\n"
+"                                predeterminada de useradd\n"
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+"  -e, --expiredate FECHA_CADUCIDAD  fecha de caducidad de la nueva cuenta\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+"  -f, --inactive INACTIVO       periodo de inactividad de la contraseña\n"
+"                                de la nueva cuenta\n"
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+"  -g, --gid GRUPO               nombre o identificador del grupo primario "
+"de\n"
+"                                la nueva cuenta\n"
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+"  -G, --groups GRUPOS           lista de grupos suplementarios de la nueva\n"
+"                                cuenta\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+"  -k, --skel DIR_SKEL           utiliza este directorio «skeleton» "
+"alternativo\n"
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -l, --no-log-init             no añade el usuario a las bases de datos de\n"
+"                                lastlog y faillog\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+"  -m, --create-home             crea el directorio personal del usuario\n"
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+"  -M, --no-create-home          no crea el directorio personal del usuario\n"
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+"  -N, --no-user-group           no crea un grupo con el mismo nombre que el\n"
+"                                usuario\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              permite crear usuarios con identificadores\n"
+"                                (UID) duplicados (no únicos)\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+"  -p, --password CONTRASEÑA     contraseña cifrada de la nueva cuenta\n"
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr "  -s, --shell CONSOLA           consola de acceso de la nueva cuenta\n"
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+"  -u, --uid UID                 identificador del usuario de la nueva "
+"cuenta\n"
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+"  -U, --user-group              crea un grupo con el mismo nombre que el\n"
+"                                usuario\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+"  -Z, --selinux-user USUARIO_SE  utiliza el usuario indicado para el "
+"usuario\n"
+"                                 de SELinux\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: directorio base «%s» incorrecto\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: comentario «%s» incorrecto\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: directorio personal («home») «%s» incorrecto\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: se requieren contraseñas de shadow para -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: se requieren contraseñas de shadow para -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: campo «%s» incorrecto\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: consola «%s» incorrecta\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z necesita que el núcleo tenga activado SELinux\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+"%s: se produjo un fallo al reiniciar la entrada de faillog del UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+"%s: se produjo un fallo al reiniciar la entrada de lastlog del UID %lu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: se produjo un fallo al preparar la nueva %s entrada «%s»\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: no se puede crear el directorio %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Creando el fichero del buzón de correo"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"No se encontró el grupo «mail». Se creará el fichero del buzón de correo del "
+"usuario con el modo 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Estableciendo los permisos del fichero del buzón de correo"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: el usuario «%s» ya existe\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: el grupo %s existe - si quiere añadir este usuario a ese grupo, use -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: no se pudo crear el usuario\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: el UID %lu no es único\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: se produjo un fallo al crear el directorio tcb para %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: no se puede crear el grupo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: no se pudo crear el usuario\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: no se puede crear el grupo\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: aviso: el directorio personal ya existe.\n"
+"No se va a copiar ningún fichero del directorio «skel» en él.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: aviso: no se pudo relacionar el nombre del usuario %s con el usuario %s "
+"de SELinux.\n"
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   forzar la eliminación de los ficheros,\n"
+"                                incluso si no pertenecen al usuario\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+"  -r, --remove                  elimina el directorio personal y el buzón "
+"de\n"
+"                                correo\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -Z, --selinux-user            new SELinux user mapping for the user "
+#| "account\n"
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+"  -Z, --selinux-user            nuevo usuario de SELinux para la cuenta del\n"
+"                                usuario\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove the primary group of user '%s'\n"
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: no se pudo eliminar el grupo primario del usuario «%s»\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr "%s: grupo %s es el grupo primario de otro usuario y no se eliminará.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: no se pudo eliminar la entrada «%s» de %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s home directory (%s) not found\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s directorio personal (%s) no encontrado\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: aviso: no se puede eliminar %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s no pertenece a %s, no se eliminará\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s: no se pudo reservar memoria, la entrada tcb %s no se eliminó.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: no se pudo desprender los privilegios: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: no se pudo eliminar el contenido de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: no se pudieron eliminar los ficheros tcb para %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: el usuario %s es un usuario NIS\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s directorio personal (%s) no encontrado\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: no se elimina el directorio %s (eliminaría el directorio personal del "
+"usuario %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: error eliminando el directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: aviso: no se pudo relacionar el nombre del usuario %s con el usuario %s "
+"de SELinux.\n"
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment COMENTARIO      nuevo valor del campo GECOS\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+"  -d, --home DIR_PERSONAL       nuevo directorio personal del nuevo usuario\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -e, --expiredate FECHA_EXPIR  establece la fecha de caducidad de la\n"
+"                                cuenta a FECHA_EXPIR\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive INACTIVO       establece el tiempo de inactividad después\n"
+"                                de que caduque la cuenta a INACTIVO\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+"  -g, --gid GRUPO               fuerza el uso de GRUPO para la nueva cuenta\n"
+"                                de usuario\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr "  -G, --groups GRUPOS           lista de grupos suplementarios\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login NOMBRE            nuevo nombre para el usuario\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    bloquea la cuenta de usuario\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               mueve los contenidos del directorio\n"
+"                                personal al directorio nuevo (usar sólo\n"
+"                                junto con -d)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              permite usar UID duplicados (no únicos)\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+"  -p, --password CONTRASEÑA     usar la contraseña cifrada para la nueva "
+"cuenta\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+"  -u, --uid UID                 fuerza el uso del UID para la nueva cuenta\n"
+"                                de usuario\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr "  -U, --unlock                  desbloquea la cuenta de usuario\n"
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -Z, --selinux-user            new SELinux user mapping for the user "
+#| "account\n"
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -Z, --selinux-user            nuevo usuario de SELinux para la cuenta del\n"
+"                                usuario\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: desbloquear la contraseña dejaría una cuenta sin contraseña.\n"
+"Debería establecer una contraseña mediante «usermod -p» para desbloquear la "
+"contraseña de esta cuenta.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: el usuario «%s» ya existe en %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: fecha «%s» incorrecta\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: fecha «%s» incorrecta\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: no options\n"
+msgstr "%s: no se pudo abrir %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: las opciones -L, -p y -U son exclusivas\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: se necesitan contraseñas de shadow para -e y -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: el UID «%lu» ya existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s no está autorizado a cambiar la contraseña de %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: el directorio %s existe\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: el directorio personal anterior (%s) no era un directorio. No se "
+"eliminará y no se crearán directorios personales.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: se produjo un fallo al cambiar el dueño del directorio personal"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: aviso: no se pudo eliminar completamente el directorio personal previo %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: no se puede renombrar el directorio %s a %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: se produjo un fallo al copiar la entrada de lastlog del usuario %lu al "
+"usuario %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: se produjo un fallo al copiar la entrada de faillog del usuario %lu al "
+"usuario %lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: aviso: %s no pertenece a %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "se produjo un fallo al cambiar el propietario del buzón de correo"
+
+msgid "failed to rename mailbox"
+msgstr "se produjo un fallo al cambiar el nombre del buzón de correo"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: se produjo un fallo al preparar la nueva %s entrada «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: se produjo un fallo al preparar la nueva %s entrada «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: se produjo un fallo al preparar la nueva %s entrada «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: se produjo un fallo al preparar la nueva %s entrada «%s»\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Ha modificado %s.\n"
+"Puede que necesite modificar %s por consistencia.\n"
+"Por favor, utilice la orden «%s» para hacerlo.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   edita la base de datos del grupo\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd                  edita la base de datos de «passwd»\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+"  -s, --shadow                  edita la base de datos shadow o gshadow\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+"  -u, --user                    indica que fichero tcb de shadow del "
+"usuario\n"
+"                                editar\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: se produjo un fallo al eliminar %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: no se ha cambiado %s\n"
+
+msgid "failed to create scratch directory"
+msgstr "se produjo un fallo al crear el directorio temporal"
+
+msgid "failed to drop privileges"
+msgstr "se produjo un fallo al desprenderse de los privilegios"
+
+msgid "Couldn't get file context"
+msgstr "No se pudo conseguir el contexto del fichero"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () falló"
+
+msgid "failed to gain privileges"
+msgstr "se produjo un fallo al obtener privilegios"
+
+msgid "Couldn't lock file"
+msgstr "No se puede bloquear el fichero"
+
+msgid "Couldn't make backup"
+msgstr "No se puede realizar una copia de seguridad"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: no se encontró %s en /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "se produjo un fallo al abrir el fichero temporal"
+
+msgid "failed to unlink scratch file"
+msgstr "se produjo un fallo al borrar el fichero temporal"
+
+msgid "failed to stat edited file"
+msgstr "se produjo un fallo al realizar el «stat» del fichero editado"
+
+msgid "failed to allocate memory"
+msgstr "se produjo un fallo al reservar memoria"
+
+msgid "failed to create backup file"
+msgstr "se produjo un fallo al crear la copia de seguridad del fichero"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: no se puede restaurar %s: %s (sus cambios están en %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: se produjo un fallo al buscar el directorio tcb de %s\n"
+
+#~ msgid "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ msgstr "  -c, --crypt-method            el método de cifrado (uno de %s)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Modo de uso: vipw [opciones]\n"
+#~ "\n"
+#~ "Opciones:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) falló\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: chage [opciones] [USUARIO]\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ "  -d, --lastday ÚLTIMO_D�A      establece el día del último cambio de la\n"
+#~ "                                contraseña a ÚLTIMO_D�A\n"
+#~ "  -E, --expiredate FECHA_CAD    establece la fecha de caducidad a "
+#~ "FECHA_CAD\n"
+#~ "  -h, --help                    muestra este mensaje de ayuda y termina\n"
+#~ "  -I, --inactive INACTIVA       deshabilita la cuenta después de "
+#~ "INACTIVA\n"
+#~ "                                días de la fecha de caducidad\n"
+#~ "  -l, --list                    muestra la información de la edad de la "
+#~ "cuenta\n"
+#~ "  -m, --mindays D�AS_MIN        establece el número mínimo de días antes "
+#~ "de\n"
+#~ "                                cambiar la contraseña a D�AS_MIN\n"
+#~ "  -M, --maxdays D�AS_MAX        establece el número máximo de días antes "
+#~ "de\n"
+#~ "                                cambiar la contraseña a D�AS_MAX\n"
+#~ "  -W, --warndays D�AS_AVISO     establece los días de aviso de expiración "
+#~ "a\n"
+#~ "                                D�AS_AVISO\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: la autenticación PAM falló\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Modo de uso: %s [-f nombre_completo] [-r num_habitación] [-w "
+#~ "telf_trabajo]\n"
+#~ "\t[-h telf_casa] [-o otro] [usuario]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Modo de uso: %s [-f nombre_completo] [-r num_habitación] [-w "
+#~ "telf_trabajo]\n"
+#~ "\t[-h telf_casa]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Modo de uso: %s [opciones]\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ "  -c, --crypt-method            el método de cifrado (uno de %s)\n"
+#~ "  -e, --encrypted               las contraseñas proporcionadas están "
+#~ "cifradas\n"
+#~ "  -h, --help                    muestra este mensaje de ayuda y termina\n"
+#~ "  -m, --md5                     usa el algoritmo MD5 para cifrar las\n"
+#~ "                                contraseñas\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: chsh [opciones] [USUARIO]\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ "  -h, --help                    muestra este mensaje de ayuda y termina\n"
+#~ "  -s, --shell CONSOLA           nueva consola de acceso para la cuenta "
+#~ "del\n"
+#~ "                                usuario\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Modo de uso: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr ""
+#~ "faillog: se produjo un fallo al conseguir la entrada para el UID %lu\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: no se pudo abrir %s: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: no se pudo conseguir el tamaño de %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Modo de uso: groupdel grupo\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Modo de uso: %s [-r] [-s] [grupo [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Modo de uso: %s [-r] [-s] [grupo]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s y -r son incompatibles\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Modo de uso: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Modo de uso: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: lastlog [opciones]\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ "  -b, --before D�AS             muestra los registros de «lastlog» "
+#~ "anteriores\n"
+#~ "                                a D�AS\n"
+#~ "  -h, --help                    muestra este mensaje de ayuda y termina\n"
+#~ "  -t, --time D�AS               muestra sólo los registros de «lastlog» "
+#~ "más\n"
+#~ "                                recientes que D�AS\n"
+#~ "  -u, --user USUARIO            muestra el registro de «lastlog» del "
+#~ "USUARIO\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: passwd [opciones] [USUARIO]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     informa del estado de las contraseñas de\n"
+#~ "                                todas las cuentas\n"
+#~ "  -d, --delete                  borra la contraseña para la cuenta "
+#~ "indicada\n"
+#~ "  -e, --expire                  fuerza a que la contraseña de la cuenta\n"
+#~ "                                caduque\n"
+#~ "  -h, --help                    muestra este mensaje de ayuda y termina\n"
+#~ "  -k, --keep-tokens             cambia la contraseña sólo si ha caducado\n"
+#~ "  -i, --inactive INACTIVO       establece la contraseña inactiva después "
+#~ "de\n"
+#~ "                                caducar a INACTIVO\n"
+#~ "  -l, --lock                    bloquea la contraseña de la cuenta "
+#~ "indicada\n"
+#~ "  -n, --mindays D�AS_MIN        establece el número mínimo de días antes\n"
+#~ "                                de que se cambie la contraseña a "
+#~ "D�AS_MIN\n"
+#~ "  -q, --quiet                   modo silencioso\n"
+#~ "  -r, --repository REP          cambia la contraseña en el repositorio "
+#~ "REP\n"
+#~ "  -S, --status                  informa del estado de la contraseña la "
+#~ "cuenta\n"
+#~ "                                indicada\n"
+#~ "  -u, --unlock                  desbloquea la contraseña de la cuenta "
+#~ "indicada\n"
+#~ "  -w, --warndays D�AS_AVISO     establece el aviso de caducidad a "
+#~ "D�AS_AVISO\n"
+#~ "  -x, --maxdays D�AS_MAX        establece el número máximo de días antes "
+#~ "de\n"
+#~ "                                cambiar la contraseña a D�AS_MAX\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Modo de uso: %s [-q] [-r] [passwd]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Modo de uso: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Modo de uso: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Modo de uso: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Id desconocido: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Sin consola\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: userdel [opciones] USUARIO\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ "  -f, --force                   forzar la eliminación de los ficheros,\n"
+#~ "                                incluso si no pertenecen al usuario\n"
+#~ "  -h, --help                    muestra este mensaje de ayuda y termina\n"
+#~ "  -r, --remove                  elimina el directorio personal y el buzón "
+#~ "de\n"
+#~ "                                correo\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: el usuario %s está actualmente identificado en el sistema\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Modo de uso: usermod [opciones] USUARIO\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ "  -c, --comment COMENTARIO      nuevo valor del campo GECOS\n"
+#~ "  -d, --home DIR_PERSONAL       nuevo directorio personal del nuevo "
+#~ "usuario\n"
+#~ "  -e, --expiredate FECHA_EXPIR  establece la fecha de caducidad de la\n"
+#~ "                                cuenta a FECHA_EXPIR\n"
+#~ "  -f, --inactive INACTIVO       establece el tiempo de inactividad "
+#~ "después\n"
+#~ "                                de que caduque la cuenta a INACTIVO\n"
+#~ "  -g, --gid GRUPO               fuerza el uso de GRUPO para la nueva "
+#~ "cuenta\n"
+#~ "                                de usuario\n"
+#~ "  -G, --groups GRUPOS           lista de grupos suplementarios\n"
+#~ "  -h, --help                    muestra este mensaje de ayuda y termina\n"
+#~ "  -l, --login NOMBRE            nuevo nombre para el usuario\n"
+#~ "  -L, --lock                    bloquea la cuenta de usuario\n"
+#~ "  -m, --move-home               mueve los contenidos del directorio\n"
+#~ "                                personal al directorio nuevo (usar sólo\n"
+#~ "                                junto con -d)\n"
+#~ "  -o, --non-unique              permite usar UID duplicados (no únicos)\n"
+#~ "  -p, --password CONTRASEÑA     usar la contraseña cifrada para la nueva "
+#~ "cuenta\n"
+#~ "  -s, --shell CONSOLA           la consola de acceso para la nueva cuenta "
+#~ "de\n"
+#~ "                                usuario\n"
+#~ "  -u, --uid UID                 fuerza el uso del UID para la nueva "
+#~ "cuenta\n"
+#~ "                                de usuario\n"
+#~ "  -U, --unlock                  desbloquea la cuenta de usuario\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: no se ha proporcionado ninguna opción\n"
+
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: vipw [opciones]\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ "  -g, --group                   edita la base de datos con los grupos\n"
+#~ "  -h, --help                    muestra este mensaje de ayuda y termina\n"
+#~ "  -p, --passwd                  edita la base de datos con las "
+#~ "contraseñas\n"
+#~ "  -q, --quiet                   modo silencioso\n"
+#~ "  -s, --shadow                  edita la base de datos shadow o gshadow\n"
+#~ "\n"
+
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Modo de uso: %s [entrada]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: no se puede crear %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: no se puede chown %s\n"
+
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     display faillog records for all users\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --lock-time SEC           after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| "  -m, --maximum MAX             set maximum failed login counters to "
+#~| "MAX\n"
+#~| "  -r, --reset                   reset the counters of login failures\n"
+#~| "  -t, --time DAYS               display faillog records more recent than "
+#~| "DAYS\n"
+#~| "  -u, --user LOGIN              display faillog record or maintains "
+#~| "failure\n"
+#~| "                                counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| "                                options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: faillog [opciones]\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ "  -a, --all                     muestra los registros de faillog para\n"
+#~ "                                todos los usuarios\n"
+#~ "  -h, --help                    muestra este mensaje de ayuda y termina\n"
+#~ "  -l, --lock-time SEC           después de un fallo de acceso bloquea\n"
+#~ "                                la cuenta SEC segundos\n"
+#~ "  -m, --maximum MAX             establece el número máximo de accesos\n"
+#~ "                                fallidos a MAX\n"
+#~ "  -r, --reset                   reinicia los contadores de accesos "
+#~ "fallidos\n"
+#~ "  -t, --time ND                 muestra los registros de faillog para "
+#~ "los\n"
+#~ "                                últimos ND días\n"
+#~ "  -u, --user USUARIO            muestra el registro de faillog o "
+#~ "mantiene\n"
+#~ "                                los contadores de fallos y los límites\n"
+#~ "                                (si se usan las opciones -r, -m o -l)\n"
+#~ "                                para el usuario USUARIO\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: groupadd [opciones] grupo\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ "  -f, --force                   fuerza una salida con un estado de éxito\n"
+#~ "                                si el grupo especificado existe\n"
+#~ "  -g, --gid GID                 usa GID para el nuevo grupo\n"
+#~ "  -h, --help                    muestra esta ayuda y termina\n"
+#~ "  -K, --key NOMBRE=VALOR        prevalece sobre el valor predeterminado "
+#~ "de\n"
+#~ "                                /etc/login.defs\n"
+#~ "  -o, --non-unique              permite crear grupos con un GID "
+#~ "duplicado\n"
+#~ "                                (que no es único)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: groupadd [opciones] grupo\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ "  -f, --force                   fuerza una salida con un estado de éxito\n"
+#~ "                                si el grupo especificado existe\n"
+#~ "  -g, --gid GID                 usa GID para el nuevo grupo\n"
+#~ "  -h, --help                    muestra esta ayuda y termina\n"
+#~ "  -K, --key NOMBRE=VALOR        prevalece sobre el valor predeterminado "
+#~ "de\n"
+#~ "                                /etc/login.defs\n"
+#~ "  -o, --non-unique              permite crear grupos con un GID "
+#~ "duplicado\n"
+#~ "                                (que no es único)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Modo de uso: useradd [opciones] USUARIO\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ "  -b, --base-dir DIR_BASE       directorio base para el nuevo directorio\n"
+#~ "                                personal\n"
+#~ "  -c, --comment COMENTARIO      comentarios para el nuevo usuario (campo "
+#~ "GECOS)\n"
+#~ "  -d, --home-dir DIR_PERSONAL   directorio personal para el nuevo "
+#~ "usuario\n"
+#~ "  -D, --defaults                muestra o salva la configuración\n"
+#~ "                                predeterminada modificada para useradd\n"
+#~ "  -e, --expiredate FECHA_EXPIR  establece la fecha de caducidad de la\n"
+#~ "                                cuenta a FECHA_EXPIR\n"
+#~ "  -f, --inactive INACTIVO       establece el tiempo de inactividad "
+#~ "después\n"
+#~ "                                de que caduque la cuenta a INACTIVO\n"
+#~ "  -g, --gid GRUPO               forzar el uso de GRUPO para la nueva "
+#~ "cuenta\n"
+#~ "                                de usuario\n"
+#~ "  -G, --groups GRUPOS           lista de grupos suplementarios para la "
+#~ "nueva\n"
+#~ "                                cuenta de usuario\n"
+#~ "  -h, --help                    muestra esta ayuda y termina\n"
+#~ "  -k, --skel DIR_SKEL           especifica un directorio skel "
+#~ "alternativo\n"
+#~ "  -K, --key LLAVE=VALOR         modifica los valores predeterminados de\n"
+#~ "                                /etc/login.defs\n"
+#~ "  -m, --create-home             crea el directorio personal para la "
+#~ "nueva\n"
+#~ "                                cuenta de usuario\n"
+#~ "  -o, --non-unique              permitir crear usuarios con UIDs "
+#~ "duplicadas\n"
+#~ "  -p, --password CONTRASEÑA     usar la contraseña cifrada CONTRASEÑA "
+#~ "para\n"
+#~ "                                la nueva cuenta\n"
+#~ "  -s, --shell SHELL             la shell de entrada para la nueva cuenta\n"
+#~ "                                de usuario\n"
+#~ "  -u, --uid UID                 forzar el uso del UID para la nueva "
+#~ "cuenta\n"
+#~ "                                de usuario\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Contraseña caducada."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: no puedo bloquear el fichero de contraseñas\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: no puedo abrir el fichero de contraseñas\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: no puedo bloquear el fichero de contraseñas ocultas\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: no puedo abrir el fichero de contraseñas ocultas\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: no se puede reescribir el fichero de contraseñas ocultas\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: no se puede reescribir el fichero de contraseñas\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: no puedo actualizar el fichero de contraseñas ocultas\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tNombre completo: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tNúmero de habitación: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTeléfono del trabajo:% s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTeléfono de casa: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr ""
+#~ "No se puede bloquear el fichero de contraseñas, inténtelo más tarde.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "No se puede abrir el fichero de contraseñas.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Error actualizando la entrada de la contraseña.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "No se pueden remitir los cambios del fichero de contraseñas.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "No se puede desbloquear el fichero de contraseñas.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: no se puede bloquear el fichero de grupos\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: no se puede abrir el fichero de grupos\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: no se puede abrir el fichero de contraseñas ocultas (shadow)\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: no se puede abrir el fichero de contraseñas ocultas (shadow)\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: error actualizando el fichero de contraseñas ocultas (shadow)\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: error actualizando la entrada del grupo\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: línea %d: grupo desconocido %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: línea %d: no se puede actualizar la entrada\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr ""
+#~ "%s: no se puede bloquear el fichero de contraseñas ocultas (shadow)\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: error actualizando el fichero de contraseñas ocultas (shadow)\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: error actualizando el fichero de contraseñas\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: línea %d: usuario desconocido %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: línea %d: no se puede actualizar la entrada de la contraseña\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: usuario desconocido\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Usuario desconocido: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Modo de uso: %s [-r|-R] grupo\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "       %s [-a usuario] grupo\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "       %s [-d usuario] grupo\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "       %s [-A usuario,...] [-M usuario,...] grupo\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "       %s [-M usuario,...] grupo\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: no se puede obtener el bloqueo\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: no se puede obtener el bloqueo de shadow\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: no se puede abrir el fichero\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: no se puede reescribir el fichero oculto (shadow)\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: no se puede desbloquear el fichero\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: no se puede actualizar la entrada\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: no se puede actualizar la entrada oculta (shadow)\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "grupo desconocido: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: no se puede abrir el fichero\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: no se puede abrir el fichero de contraseñas ocultas (shadow)\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "¿Quién es?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: miembro desconocido %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: error añadiendo entrada nueva de grupo\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: no se puede reescribir el fichero grupos\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: no se puede reescribir el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: incapaz de bloquear el fichero de grupos\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: incapaz de abrir el fichero de grupos\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: incapaz de bloquear el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: incapaz de abrir el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: el GID %u no es único\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: error eliminando la entrada del grupo\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: error eliminando entrada del grupo oculto (shadow)\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: no se puede eliminar el grupo primario del usuario.\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: Autenticación PAM fallida\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s: incapaz de bloquear el fichero de grupos\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s: no se puede abrir el fichero de grupos\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: no se encontró %s en /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u no es un GID único\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s no es un nombre único\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: no se puede reescribir el fichero de contraseñas\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: incapaz de bloquear el fichero de contraseñas\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: incapaz de abrir el fichero de contraseñas\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: no se puede actualizar la entrada oculta (shadow) para %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: no se puede actualizar la entrada para el grupo %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: no se puede bloquear el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: no se puede abrir el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: no se puede eliminar el grupo oculto (shadow) %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: no se puede actualizar el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: no se puede eliminar el fichero de grupos oculto\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "UID desconocido: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "GID desconocido: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: el grupo %s no existe\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: el usuario %s no existe\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: nombre de usuario `%s' incorrecto\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: no se puede bloquear /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: no se puede bloquear /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: no se puede bloquear /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: no se puede bloquear /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: no se pueden abrir los ficheros\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: error actualizando los ficheros\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: no se puede actualizar la entrada de la contraseña para %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: no se puede bloquear el fichero passwd\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: no se puede abrir el fichero passwd\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: no se puede eliminar la entrada oculta (shadow) para %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: no se puede actualizar el fichero passwd\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: no se puede actualizar la entrada para el usuario %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr ""
+#~ "%s: no se puede eliminar el fichero de contraseñas ocultas (shadow)\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: GID %s desconocido\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: grupo %s desconocido\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: sin memoria en update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: no se puede reescribir el fichero de contraseñas\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr ""
+#~ "%s: no se puede reescribir el fichero de contraseñas ocultas (shadow)\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr ""
+#~ "%s: no se puede bloquear el fichero de contraseñas ocultas (shadow)\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: no se puede abrir el fichero de contraseñas ocultas (shadow)\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: error bloqueando el fichero de grupos\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: error abriendo el fichero de grupos\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: error bloqueando el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: error abriendo el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: error añadiendo entrada de contraseña nueva\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: error añadiendo entrada de contraseña oculta (shadow) nueva\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: aviso: CREATE_HOME no está soportado, por favor, use -m en su lugar.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: error actualizando la entrada del grupo\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: error actualizando la entrada del grupo\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: no se puede abrir el fichero de grupos\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: no se puede abrir el fichero de grupos oculto (shadow)\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: error eliminando la entrada de contraseña\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: error eliminando la entrada de contraseña oculta (shadow)\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: error añadiendo entrada nueva de grupo\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: el uid %lu no es único\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: error cambiando la entrada de la contraseña\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: error eliminando la entrada de la contraseña\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: error eliminando entrada de contraseña oculta (shadow)\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: no se puede obtener un GID único\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " en «%.100s» desde «%.200s»"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " en «%.100s»"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: línea %d: no se puede crear UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: el nombre %s no es único\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Modo de uso: chgpasswd [opciones]\n"
+#~ "\n"
+#~ "Opciones:\n"
+#~ "  -e, --encrypted\tlas contraseñas proporcionadas están cifradas\n"
+#~ "  -h, --help\t\tmuestra este mensaje de ayuda y termina\n"
+#~ "  -m, --md5\t\tusa cifrado MD5 en vez de DES cuando las\n"
+#~ "                        contraseñas proporcionadas no estén cifradas\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "No hay fichero de contraseñas\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Disculpe.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Disculpe, aún no puede cambiarse la contraseña para %s.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Disculpe."
diff --git a/po/eu.po b/po/eu.po
new file mode 100644
index 0000000..a464302
--- /dev/null
+++ b/po/eu.po
@@ -0,0 +1,3312 @@
+# translation of eu.po to Euskara
+# Copyright (C) 2004, 2005, 2006, 2008, 2009 Free Software Foundation, Inc.
+#
+# Piarres Beobide <pi@beobide.net>, 2004, 2005, 2006, 2008, 2009.
+# Inaki Larranga Murgoitio <dooteo@euskalgnu.org>, 2005.
+msgid ""
+msgstr ""
+"Project-Id-Version: eu\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2011-11-26 19:42+0100\n"
+"Last-Translator: Piarres Beobide <pi@beobide.net>\n"
+"Language-Team: Euskara <debian-l10n-eu@lists.debian.org>\n"
+"Language: eu\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Pootle 1.2.1\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"'%s' izeneko sarrera anitz %s-en. Mesedez konpondu pwck edo grpck "
+"erabiliaz.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "libcrypt-ek onartzen ez duen kriptografia metodoa? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "konfigurazio errorea - ezin da %s balioa analizatu: '%s'"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Ezin izan da lekua esleitu, konfigurazioaren informaziorako.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"konfigurazio errorea - %s item ezezaguna (eman honen berri "
+"administratzaileari)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Pasahitza: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s (r)en pasahitza: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Ezin izan da lekua esleitu, konfigurazioaren informaziorako.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "%s(r)en data informazioa aldatzen\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Ezin da Erabiltzaile izena zehaztu.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: Ezin da Erabiltzaile izena zehaztu.\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: memoriarik ez\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot delete %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: ezin da %s ezabatu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s home directory (%s) not found\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s etxe-direktorioa (%s) ez dago\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: ezin da '%s' sarrera %s-tik kendu\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "lastlog: Ezinda %s-ren tamaina eskuratu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove %s: %s\n"
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: abisua: ezin da %s ezabatu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: berrizendatu: %s: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: ezin da %s direktorioa %s gisa izenez aldatu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: ezin da %s direktorioa %s gisa izenez aldatu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove %s: %s\n"
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: abisua: ezin da %s ezabatu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "lastlog: Ezinda %s-ren tamaina eskuratu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot delete %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: ezin da %s ezabatu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: (line %d, user %s) password not changed\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: `(%d lerroa, %s erabiltzailea) pasahitza ez da aldatu\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: berrizendatu: %s: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: ezin da %s ireki\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Abisua: %s talde ezezaguna\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Abisua: talde gehiegi\n"
+
+msgid "Your password has expired."
+msgstr "Pasahitza iraungi egin da."
+
+msgid "Your password is inactive."
+msgstr "Pasahitza ezgaitua dago."
+
+msgid "Your login has expired."
+msgstr "Erabiltzaile-izena iraungi egin da."
+
+msgid "  Contact the system administrator."
+msgstr "  Jarri harremanetan sistema administratzailearekin."
+
+msgid "  Choose a new password."
+msgstr "  Aukeratu pasahitz berria."
+
+msgid "You must change your password."
+msgstr "Zure pasahitza aldatu behar duzu."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Pasahitza %ld egun barru iraungi egingo da.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Pasahitza bihar iraungi egingo da."
+
+msgid "Your password will expire today."
+msgstr "Pasahitza gaur iraungi egingo da."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Ezin da auditatzeko interfazea ireki - uzten.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Ezin da tty sarrera-estandar modu edo jabea aldatu: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: huts %s desblokeatzean\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Inguruneak gainezka egin du\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Ez zenuke $%s aldatu beharko\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d hutsegite azken saio hasieratik.\n"
+"Azkena %s izan zen %s(e)n.\n"
+msgstr[1] ""
+"%d hutsegite azken saio hasieratik.\n"
+"Azkena %s izan zen %s(e)n.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "huts egin du postontzia jabez aldatzean"
+
+#, fuzzy, c-format
+#| msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: Ezin da sistema UID bakarra lortu (ez dago UID erabilgarri gehiago)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Ezin da GID bakarra lortu (ez dago GID erabilgarri gehiago)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: Ezin da sistema UID bakarra lortu (ez dago UID erabilgarri gehiago)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: ezin da UID bakarra lortu (ez dago UID erabilgarri gehiago)\n"
+
+msgid "Too many logins.\n"
+msgstr "Gehiegizko saio hasierak.\n"
+
+msgid "You have new mail."
+msgstr "Mezu berria duzu."
+
+msgid "No mail."
+msgstr "Mezurik ez."
+
+msgid "You have mail."
+msgstr "Mezua duzu."
+
+msgid "no change"
+msgstr "aldaketarik gabe"
+
+msgid "a palindrome"
+msgstr "palindromoa"
+
+msgid "case changes only"
+msgstr "Maiuskulak/minuskula bakarrik aldatu da"
+
+msgid "too similar"
+msgstr "antzekoegia"
+
+msgid "too simple"
+msgstr "sinpleegia"
+
+msgid "rotated"
+msgstr "aldirokoa"
+
+msgid "too short"
+msgstr "laburregia"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Pasahitz okerra: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() huts egin du, errorea: %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: pasahitza ez da aldatu\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: pasahitza ongi eguneratu da\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "%s(r)en pasahitz okerra.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: huts baimenak kentzerakoan (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: etxeko tlf baliogabea: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"ENCRYPT_METHOD balio baliogabea: '%s'.\n"
+"DES-era lehenesten.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Ezin da '%s'-ra direktorioa aldatu\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Direktoriorik ez, HOME=/ erabiliz saioa hasiko da"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Ezin izan da %s exekutatu"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Baliogabeko erro direktorioa '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Ezin da erro direktorioa '%s'-ra aldatu\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Ezin da zure tty izena zehaztu."
+
+msgid "No"
+msgstr "Ez"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] IZENA\n"
+"\n"
+"Aukerak:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr "  -d, --lastday AZKEN_EGUNA     ezarri pasahitz aldaketa AZKEN_EGUNA\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -E, --expiredate IRAUNGITZE_DATA\n"
+"                                ezarri kontu iraungitze data\n"
+"                                IRAUNGITZE_DATA-ra\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+"  -h, --help                    laguntza mezu hau bistarazi eta irten\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive INACTIVE       ezarri pasahitza ezgaitua bezala\n"
+"                                -INACTIVE iraungitzean\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr "  -l, --list                    kontu denbora informazioa bistarazi\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays GUTXI_EGUN      pasahitz aldaketa gutxieneko data\n"
+"                                GUTXI_EGUN-era aldatu\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays GEHI_EGUN       pasashitz aldaketa gehienezko data\n"
+"                                GEHI_EGUN-era aldatu\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -W, --warndays ABISU_EGUN     iraungitze abisua ABISU_EGUN-era ezarri\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Idatzi balio berria, edo sakatu 'Sartu' tekla lehenetsirako"
+
+msgid "Minimum Password Age"
+msgstr "Pasahitzaren gutxiengo iraupena"
+
+msgid "Maximum Password Age"
+msgstr "Pasahitzaren gehienezko iraupena"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Azken pasahitz aldaketa (UUUU-HH-EE)"
+
+msgid "Password Expiration Warning"
+msgstr "Pasahitza iraungitzearen abisua"
+
+msgid "Password Inactive"
+msgstr "Pasahitza ezgaitua"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Kontuaren iraungitze data (UUUU-HH-EE)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Azken pasahitz aldaketa\t\t\t\t\t: "
+
+msgid "never"
+msgstr "Inoiz ere ez"
+
+msgid "password must be changed"
+msgstr "Pasahitza aldatu egin behar da"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Pasahitz iraungitze data\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Pasahitza ezgaitu egingo da\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Kontua iraungitzeko data\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Gutxiengo egunak, pasahitza aldatzeko\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Gehienezko egunak, pasahitza aldatzeko\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Abisuen egun kopurua, pasahitza iraungi aurretik\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: '%s' data baliogabea\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s:baliogabeko zenbakizko '%s' argumentua\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: ez erabili \"l\" beste bandera batzuekin\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: baimena ukatua.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Ezin da Erabiltzaile izena zehaztu.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: ezin da %s blokeatu; saiatu geroago.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: ezin da %s ireki\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: huts %s-en aldaketak idazterakoan\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: huts %s sarrera  berria prestatzean '%s'\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: ezin da itzalpeko (shadow) pasahitz fitxategia ez dago\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: `%s' erabiltzailea ez da %s-en existitzen\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "%s(r)en data informazioa aldatzen\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: errorea eremuak aldatzean\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] [IZENA]\n"
+"\n"
+"Aukerak:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+"  -u, --help                    laguntza mezu hau bistarazi eta irten\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Izen osoa"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Gela zenbakia"
+
+msgid "Work Phone"
+msgstr "Laneko telefonoa"
+
+msgid "Home Phone"
+msgstr "Etxeko telefonoa"
+
+msgid "Other"
+msgstr "Bestelakoa"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Ezin izan da IDa root-era aldatu.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: ASCII ez diren karaktereak dituen izena: '%s'\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: izen baliogabea: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: ASCII ez diren karaktereak dituen gela zenbakia: '%s'\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: gela zenbaki baliogabea: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: laneko tlf baliogabea: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: etxeko tlf baliogabea: '%s'\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s'(e)k ASCII ez diren karaktereak ditu\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s'(e)k karaktere baliogabeak ditu\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: '%s' erabiltzailea ez da existitzen\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: ezin da NIS bezeroko '%s' erabiltzailea aldatu.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' da bezero honen NIS nagusia.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "%s(r)en erabiltzaile informazioa aldatzen\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: eremu luzegiak\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak]\n"
+"\n"
+"Aukerak:\n"
+
+#, fuzzy, c-format
+#| msgid "  -c, --crypt-method            the crypt method (one of %s)\n"
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method            zifratze metodoa (%s-etako bat)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr "  -e, --encrypted               emandako pasahitzak zifraturik daude\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     zifratu testu laueko pasahitza MD5\n"
+"                                algoritmoa erabiliaz\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kriptografia algoritmoentzako\n"
+"                                SHA erronda kopurua\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: %s bandera bakarrik %s banderarekin onartzen da\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: -c, -e, eta -m banderak esklusiboak dira\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: onartzen ez den kriptografia metodoa: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: %d. lerroa: lerro luzegia\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: %d. lerroa: pasahitz berria falta da\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: huts %s kentzerakoan\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: %d lerroa: '%s' taldea ez da existitzen\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: %d lerroa: huts %s sarrera berria prestatzean '%s'\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s:errorea atzeman da, aldaketak alde batera utzi dira\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: `(%d lerroa, %s erabiltzailea) pasahitza ez da aldatu\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: %d lerroa: '%s' erabiltzailea ez da existitzen\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+"  -s, --shell SHELL             erabiltzaile kontuaren saio shell berria\n"
+
+msgid "Login Shell"
+msgstr "Saio-hasierako shell-a"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Ez zenuke '%s'-(r)en shell-a aldatu behar.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "%s(r)en saio-hasierako shell-a aldatzen\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: baliogabeko sarrera: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s shell baliogabea da\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user '%s' does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: '%s' erabiltzailea ez da existitzen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: abisua: %s ez dago %s(r)en jabegoan\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: %s eta %s aukerak elkar-jotzen dute\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: argumentu esperogabea: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+"  -a, --all                     erabiltzaile guztien faillog-en\n"
+"                                erregistroak bistaratzen ditu\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-secs SEG           saio-hasieran hutsegin ondoren kontua "
+"zenbat\n"
+"                                segundutan blokeatuta egongo den\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum GEH             saio-hasierako GEHiengo hutsegite kopurua\n"
+"                                ezartzeko\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+"  -r, --reset                   saio-hasierako hutsegiteen kontatzailea\n"
+"                                berrezartzeko\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time EGUNAK             EGUNAK baino berriagoak diren faillog-en\n"
+"                                erregistroak bistaratzeko\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user SAIOA              faillog-en erregistroak bistaratzeko edo\n"
+"                                hutsegiteen kontatzailea eta ERABILTZAILEA\n"
+"                                izeneko erabiltzailearen(-r, -m edo -l\n"
+"                                aukerekin erabiltzen bada) mantentzeko\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Huts %lu UIDaren sarrera eskuratzean\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Saio-hasiera    Hutsegiteak Gehienezkoa Azkena     Aktiboa\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus falta]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds blokeatuta]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Errorea %lu UIDaren huts kontua berrabiaraztean\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Huts %lu UIDarentzat max ezartzean\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Huts %lu UIDarentzat blokeo-ordua ezartzean\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Eremu edo erabiltzaile ezezaguna: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Ezinda %s-ren tamaina eskuratu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: huts %s kentzerakoan\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukera] TALDEA\n"
+"\n"
+"Aukerak:\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add ERAB                Gehitu ERABiltzailea TALDEra\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete ERAB             kendu ERABiltzailea TALDEtik\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -r, --remove-password         TALDEaren pasahitaz kendu\n"
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+"  -R, --restrict                mugatu sarrera TALDEra bere partaideetara\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr "  -M, --members ERAB,...        ezarri TALDEaren partaideen zerrenda\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators ADMIN,...\n"
+"                                ezarri TALDEaren kudeatzaile zerrenda\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "-A eta -M auekrekin kenduta, aukerak ezin dira nahastu.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Aukera hauek ezin dira nahastu.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: -A erabiltzeko itzalpeko talde-pasahitza eskatzen da\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: '%s' taldea ez da existitzen %s-(e)n\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: huts irakurketa-soileko %s ixtean\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "%s taldearen pasahitza aldatzen\n"
+
+msgid "New Password: "
+msgstr "Pasahitz berria: "
+
+msgid "Re-enter new password: "
+msgstr "Berretsi pasahitz berria: "
+
+msgid "They don't match; try again"
+msgstr "Ez dira berdinak, saiatu berriro"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Saiatu geroago\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "%s erabiltzailea %s taldean gehitzen\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "%s erabiltzailea %s taldetik kentzen\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: '%s' erabiltzailea ez da existitzen '%s'-ko partaide\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: ez da tty\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "Usage: %s [options]\n"
+#| "\n"
+#| "Options:\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] TALDEA\n"
+"\n"
+"Aukerak:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force                   Indartu arrakastatsuki amaitzea nahiz\n"
+"                                ezarritako taldea aurretik egon\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr "  -g, --gid GID                 GID erabili talde berrirako\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+"  -K, --key KEY=BALIO           /etc/login.defs lehenespenak gainidatzi\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              onartu bikoizutiko (ez bakarra) GID-a duen\n"
+"                                taldea sortzea\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+"  -p, --password PASSWORD       enkriptatutako pasahitza erabili talde "
+"berrirako\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  sistema kontu bat sortu\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: '%s' ez da baliozko talde-izena\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: '%s' talde ID baliogabea\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K KEY=BALIOA eskatzen du\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: '%s' taldea badago dagoeneko\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: '%lu' GIDa badago dagoeneko\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Ezin da Erabiltzaile izena zehaztu.\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -r, --reset                   reset the counters of login failures\n"
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+"  -r, --reset                   saio-hasierako hutsegiteen kontatzailea\n"
+"                                berrezartzeko\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: ezin da '%s' sarrera %s-tik kendu\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: Ezin da '%s' erabiltzailearen talde nagusia kendu\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: '%s' taldea ez da existitzen\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: '%s' taldea NIS talde bat da\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s NIS nagusia da\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s:  '%s' erabiltzailea '%s' taldeko partaide da dagoeneko\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: memoriarik ez. Ezin da %s eguneratu.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] [ekintza]\n"
+"\n"
+"Aukerak:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group groupname         aldatu talde-izena erabiltzailearen taldea "
+"ordez\n"
+"                                (root bakarrik)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Ekintzak:\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+"  -a, --add erabiltzailea       gehitu erabiltzaile-izena taldearen "
+"partaideetara\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+"  -d, --delete erabiltzailea    kendu erabiltzaile-izena taldearen "
+"partaideetatik\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr "  -p, --purge                   garbitu talde baten partaide guztiak\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    taldearen partaideak zerrendatu\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: zure talde-izena ez da erabiltzaile-izenaren berdina\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: root-ek bakarrik erabili dezake -g/--group aukera\n"
+
+#, fuzzy
+#| msgid "  -r, --system                  create system accounts\n"
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr "  -r, --system                  sortu sistema kontuak\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: '%s' talde izen baliogabea\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: %s taldea NIS talde bat da\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: %s erabiltzaile ezezaguna\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] [taldea [gshadow]]\n"
+"\n"
+"Aukerak:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] [taldea]\n"
+"\n"
+"Aukerak:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s eta -r ezin dira batera erabili\n"
+
+msgid "invalid group file entry"
+msgstr "baliogabeko talde-fitxategiko sarrera"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "'%s' lerroa ezabatu? "
+
+msgid "duplicate group entry"
+msgstr "bikoiztu taldearen sarrera"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "'%s' baliogabeko talde-izena\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "'%lu' talde ID baliogabea\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "%s taldea: %s erabiltzailea ez dago\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "'%s' kidea ezabatu? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "ez dago bat datorren talde fitxategi sarrerarik %s-(e)n\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "'%s' taldea %s(e)n gehitu? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"%s taldeak %s-n sarrera bat du, baina %s-ko pasahitza eremua ez dago 'x' "
+"bezala ezarririk\n"
+
+msgid "invalid shadow group file entry"
+msgstr "Baliogabeko itzalpeko talde-fitxategiko sarrera"
+
+msgid "duplicate shadow group entry"
+msgstr "bikoiztutako itzalpeko taldearen sarrera"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "%s itzalpeko taldea: ez dago %s erabiltzaile administratzailea\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "'%s' kide administratzailea kendu? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "%s itzalpeko taldea: %s erabiltzailea ez dago\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: fitxategiak eguneratu dira\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: aldaketarik gabe\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: ezin da %s ezabatu\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Erabilera: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Erabilera: id\n"
+
+msgid " groups="
+msgstr " taldeak="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+"  -b, --before EGUN             EGUN kopurua baino zaharragoak diren\n"
+"                                erregistroak\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+"  -a, --all                     erabiltzaile guztien faillog-en\n"
+"                                erregistroak bistaratzen ditu\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+"  -a, --all                     erabiltzaile guztien faillog-en\n"
+"                                erregistroak bistaratzen ditu\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time EGUNAK             EGUNAK baino berriagoak diren erregistroak\n"
+"                                bakarrik bistaratzen ditu\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+"  -u, --user IZENA              IZENA duen erabiltzailearen lastlog\n"
+"                                erregistroa bistaratzen du\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "Erabiltzaile-izena        Ataka      Nondik           Azkena"
+
+msgid "Username                Port     Latest"
+msgstr "Erabiltzaile-izena           Ataka          Azkena"
+
+msgid "**Never logged in**"
+msgstr "**Inoiz ez du saiorik hasi**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Huts %lu UIDaren sarrera eskuratzean\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: huts %lu UIDaren lastlog sarrera berrezartzean: %s\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Erabilera: %s [-p] [izena]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h ostalaria] [-f izena]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r ostalaria\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "konfigurazio errorea - ezin da %s balioa analizatu: '%d'"
+
+msgid "Invalid login time"
+msgstr "Baliogabeko saio-hasieraren denbora"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistema aldiko mantenuagatik itxita"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Deskonexioa saltatuta -- root-ek saio-hastea baimenduta.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Ezingo du ziurrenik funtzionatu erro efektibo bat gabe\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Ez dago utmp sarrerarik. \"login\" \"sh\" maila baxuenetik exekutatu beharko "
+"zenuke"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Saio-hasiera denboraz kanpo %u segundo igarotakoan.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "saio hasiera: PAM hutsa, uzten: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s izena: "
+
+msgid "login: "
+msgstr "izena: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Saiakera muga gainditu da (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "Saioa hastea: PAM-ek uztea eskatu du\n"
+
+msgid "Login incorrect"
+msgstr "Izen okerra"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: Ezin da Erabiltzaile izena zehaztu.\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s izena: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: huts zatitzerakoan: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY huts %s-en"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+"Abisua: saio-hasiera berriro gaitu egingo da aldi bateko blokeoaren ondoren."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Azken saio-hasiera: %s %s(e)n"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Azken saio-hasiera: %.19s  %s(e)n"
+
+#, c-format
+msgid " from %.*s"
+msgstr " %.*s(e)tik"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"saio hasiera denbora pasa da\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Erabilera: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Erabilera: newgrp [-] [taldea]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Erabilera: sg taldea [[-c] komandoa]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: huts %s kentzerakoan\n"
+
+msgid "Invalid password.\n"
+msgstr "Pasahitz baliogabea.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: huts zatitzerakoan: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: `%lu' GIDa ez da existitzen\n"
+
+msgid "too many groups\n"
+msgstr "talde gehiegi\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  sortu sistema kontuak\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: '%s' taldea itzalpeko talde bat da, baina ez dago /etc/group-en\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: '%s' erabiltzaile ID baliogabea\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: '%s' erabiltzaile-izen baliogabea\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: %d lerroa: lerro baliogabea\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: ezin da %s erabiltzailearen sarrera eguneratu (ez dago pasahitz "
+"datubasean)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: %d lerroa: ezin da erabiltzailea sortu\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: %d lerroa: ezin da taldea sortu\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: %d lerroa: `%s' erabiltzailea ez da existitzen %s-en\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: %d lerroa: ezin da pasahitza eguneratu\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: %d lerroa: mkdir %s-ek huts egin du: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: %d lerroa: chown %s-ek huts egin du: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: %d lerroa: ezin da sarrera eguneratu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: huts %s sarrera  berria prestatzean '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: ezin da erabiltzailea sortu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: ezin da taldea sortu\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+"  -a, --all                     kontu guztien pasahitzen egoera erreportea\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr "  -d, --delete                  emandako kontuaren pasahitza ezabatu\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  emandako kontuaren pasahitzaren\n"
+"                                iraungitzea behartu\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+"  -k, --keep-tokens             pasahitza iraungirik bakarrik badago\n"
+"                                aldatu\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive INAKTIBO       ezarri iraungiriko pasahitz ezgaitzea\n"
+"                                INAKTIBO-ra\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr "  -l, --lock                    emandako kontua blokeatu\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays GUTXI_EGUN      ezarri pasahitz aldaketa gutxieneko data\n"
+"                                GUTXI_EGUN-ra\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   ixilik modua\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+"  -r, --repository ERREPOSITORIOA\n"
+"                                ERREPOSITORIOA errepositorioko pashitza\n"
+"                                aldatu\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+"  -S, --status                  emandako kontuaren pasahitz egoera\n"
+"                                erreportea egin\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr "  -u, --unlock                  emandako kontuaren blokeoa kendu\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -w, --warndays ABISU_EGUN     ezarri iraungitze abisu data ABISU_EGUN-era\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays GEHI_EGUN       ezarri pasahitz aldatu aurretik gehienezko\n"
+"                                egun kopurua GEHI_EGUN-era\n"
+
+msgid "Old password: "
+msgstr "Pasahitz zaharra: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Sartu pasahitz berria (gutxienez %d eta karaktere)\n"
+"Erabili maiuskulen, minuskulen eta zenbakien arteko konbinazioa.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Sartu pasahitz berria (gutxienez %d eta gehienez %d karaktere)\n"
+"Erabili maiuskulen, minuskulen eta zenbakien arteko konbinazioa.\n"
+
+msgid "New password: "
+msgstr "Pasahitz berria: "
+
+msgid "Try again."
+msgstr "Saiatu berriro."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Oharra: pasahitza ahula da (sartu berriro erabiltzen jarraitzeko)."
+
+msgid "They don't match; try again.\n"
+msgstr "Ez dira berdinak, saiatu berriro.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "%s(r)en pasahitzak ezin dira aldatu.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "%s(r)en pasahitza ezin dira aldatu oraindik.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: taldea desblokeatzeak pasahitz gabeko kontu baten emaitza izan dezake\n"
+"Erabiltzaile hau desblokeatzeko usermod -p erabiliaz pasahitz bat ezarri "
+"behar duzu.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: %s biltegia ez da onartzen\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s ez dago %s-ren pasahitza aldatzeko baimendurik\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Ez zenuke %s(r)en shell-a aldatu behar.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "%s(r)en pasahitza aldatzen\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s(r)en pasahitza aldatu gabe dago.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: pasahitza aldatuta.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: pasahitz iraungitzea informazioa aldatua.\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "Usage: %s [options]\n"
+#| "\n"
+#| "Options:\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] [pasahitza]\n"
+"\n"
+"Aukerak:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] [pasahitza [itzalpekoa]]\n"
+"\n"
+"Aukerak:\n"
+
+#, fuzzy
+#| msgid "  -r, --system                  create system accounts\n"
+msgid "  -q, --quiet                   report errors only\n"
+msgstr "  -r, --system                  sortu sistema kontuak\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "Baliogabeko pasahitzen fitxategiko sarrera"
+
+msgid "duplicate password entry"
+msgstr "bikoiztutako pasahitz sarrera"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "%s erabiltzaile-izen baliogabea\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "'%lu' erabiltzaile ID baliogabea\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "'%s' erabiltzailea: ez da %lu talderik\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "'%s' erabiltzailea: '%s' direktorioa ez da existitzen\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "'%s' erabiltzailea: '%s' programa ez da existitzen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: ezin da %s ireki\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "ez dago bat datorren pasahitz sarrerarik %s(e)n\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "'%s' erabiltzailea %s(e)n gehitu? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"%s erabiltzaileak sarrera bat du %s-en baina %s-ko pasahitza ereemua ez dago "
+"'x' gisa ezarririk\n"
+
+msgid "invalid shadow password file entry"
+msgstr "baliogabeko itzalpeko pasahitz-fitxategiko sarrera"
+
+msgid "duplicate shadow password entry"
+msgstr "bikoiztutako itzalpeko pasahitz-fitxategiko sarrera"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "%s erabiltzailea: pasahitza etorkizunean aldatu zen azken aldiz\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: ezin dira %s fitxategiko sarrerak ordenatu\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: huts %s-ren modua 0600-ra aldatzean\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "kontu honentzako 'su' sarbidea UKATUTA.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Pasahitz autentifikazioa saltatuta.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Sartu zure pasahitz PROPIOA autentifikazio gisa.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Ezin da Erabiltzaile izena zehaztu.\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Erabilera: su [aukerak] [IZENA]\n"
+"\n"
+"Aukerak:\n"
+"  -c, --command KOMANDOA        deituriko shell-ari KOMANDOA pasa\n"
+"  -h, --help                    laguntza testu hau bistarazi eta irten\n"
+"  -, -l, --login                shell-a saio shell bihurtu\n"
+"  -m, -p,\n"
+"  --preserve-environment        ez ingurune aldagaiak berezarri eta "
+"mantendu\n"
+"                                shell berdina\n"
+"  -s, --shell SHELL             SHELL erabili lehenetsiaren ordez\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ez ikusi egin zaio)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Ez duzu 'su %s' exekutatzeko baimenik\n"
+
+msgid "(Enter your own password)"
+msgstr "(zure pasahitza idatzi)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: ¡autentifikazio errorea\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Ez duzu orain su erabiltzeko baimenik\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Ez dago 'root'-en pasahitzik"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: terminal batetik exekutatu behar da\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: %d errorea\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "lastlog: Ezinda %s-ren tamaina eskuratu: %s\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Ezin izan da %s exekutatu\n"
+
+msgid "No password file"
+msgstr "Ez dago pasahitz-fitxategirik"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY huts egin du"
+
+msgid "No password entry for 'root'"
+msgstr "Ez dago 'root'-en pasahitzik"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Sakatu Kontrol+d teklak hasiera arrunta erabiltzeko,\n"
+"(edo idatzi root-en pasahitza sistemaren mantentze-lanetarako):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Sistemaren mantentze-lanetako moduan sartzen"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: %s konfigurazioa %s-n dagoena alde batetara utziko da\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: ezin da lehenespen fitxategi berria sortu\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: ezin da lehenespen fitxategi berria ireki\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: lerro luzeegia %s-n: %s..."
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: berrizendatu: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: taldea '%s' NIS talde bat da.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: talde gehiegi zehaztu dira (geh. %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Erabilera: %s [aukerak] IZENA\n"
+"           %s -D\n"
+"           %s -D [aukerak]\n"
+"\n"
+"Aukerak:\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#| "                                home directory\n"
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -b, --base-dir BASE_DIR       Erabiltzaile kontu berriaren etxe\n"
+"                                direktorioaren oinarri direktorioa\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+"  -Z, --selinux-user SEERAB     erabili SEUSER zehatz bat SELinux "
+"erabiltzaile mapatzearentzat\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: oinarrizko '%s' direktorio baliogabea\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: '%s' iruzkin baliogabea\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: '%s' etxe-direktorio baliogabea\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: -e itzalpeko pasahitza eskatzen du\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: -f itzalpeko pasahitza eskatzen du\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: '%s' eremu baliogabea\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: '%s' shell baliogabea\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z-ek  SELinux gaituriko kernel bat behar du\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: huts %lu UIDaren faillog erregistroa berrezartzean: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: huts %lu UIDaren lastlog sarrera berrezartzean: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: huts %s sarrera  berria prestatzean '%s'\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+msgid "Creating mailbox file"
+msgstr "Postakutxa fitxategia sortzen"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Ez da 'mail' taldea aurkitu. Erabiltzaile postakutxa fitxategia 0600 moduan\n"
+"sortzen.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Postakutxa fitxategi baimenak ezartzen"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: '%s' erabiltzailea badago dagoeneko\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: %s taldea badago - erabiltzaile hau talde honetan gehitzeko -g erabili.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: ezin da erabiltzailea sortu\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: %lu UIDa ez da bakarra\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: ezin da taldea sortu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: ezin da erabiltzailea sortu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: ezin da taldea sortu\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: abisua: etxe direktorioa badago dagoeneko.\n"
+"Ez da bertara skel direktorioko fitxategirik kopiatuko.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: abisua: %s erabiltzaile izena %s SELinux erabiltzailera mapatzean huts "
+"egin du.\n"
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   fitxategien ezabatzea indartu nahiz ez\n"
+"                                erabiltzailearenak izan\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+"  -r, --remove                  etxe direktorioa eta posta hilara ezabatu\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -Z, --selinux-user            new SELinux user mapping for the user "
+#| "account\n"
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+"  -Z, --selinux-user            SELinux erabiltzaile mapatze berria "
+"erabiltzailearen kontuarentzat\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove the primary group of user '%s'\n"
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: Ezin da '%s' erabiltzailearen talde nagusia kendu\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: ezin da %s taldea ezabatu beste erabiltzaile baten talde nagusia bait "
+"da.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: ezin da '%s' sarrera %s-tik kendu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s home directory (%s) not found\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s etxe-direktorioa (%s) ez dago\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: abisua: ezin da %s ezabatu: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s ez dago %s(r)en jabetzan. ez da ezabatuko\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: huts baimenak kentzerakoan (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "lastlog: Ezinda %s-ren tamaina eskuratu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: ezin da '%s' sarrera %s-tik kendu\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s:  %s erabiltzailea NIS erabiltzaile bat da\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s etxe-direktorioa (%s) ez dago\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: ez da %s direktorioa ezabatuko (%s(r)en etxea ezabatuko luke)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: errorea %s direktorioa ezabatzean\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: abisua: %s erabiltzaile izena %s SELinux erabiltzailera mapatzean huts "
+"egin du.\n"
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment IRUZKINA         GECOS eremuaren balio berria\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+"  -d, --home-dir ETXE_DIR       erabiltzaile kontu berriaren etxe "
+"direktorioa\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr "  -e, --expiredate IRAUNG_DATA  kontu iraungitze data ezarri\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive INAKTIBO       iraungitze ondorengo pasahitz ezgaitzea\n"
+"                                to INAKTIBO-ra ezarri\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+"  -g, --gid TALDE               erabiltzaile kontu berriarekin TALDE\n"
+"                                erabiltzea behartu\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+"  -G, --groups TALDEAK          erabiltzaile kontu berriaren talde\n"
+"                                gehigarriak bistarazi\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+"  -a, --append                  gehitu erabiltzailea -G aukerak zehaztutako "
+"talde\n"
+"                                gehigarrietara beste taldeetatik kendu gabe\n"
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login IZENA             saio hasiera izenaren balio berria\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    erabiltzaile kontua blokeatu\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               etxe direktorioaren edukia kokapen berrira\n"
+"                                mugitu (--d-rekin bakarrik erabilgarri)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              onartu UID bikoiztuak (ez bakarrak) "
+"erabiltzea\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+"  -p, --password PASAHITZA      Enkriptaturiko pasahitza erabili pasahitz\n"
+"                                berriarentzat\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr "  -u, --uid UID                 erabiltzaile kontuaren UID berria\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr "  -U, --unlock                  erabiltzaile kontua desblokeatu\n"
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -Z, --selinux-user            new SELinux user mapping for the user "
+#| "account\n"
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -Z, --selinux-user            SELinux erabiltzaile mapatze berria "
+"erabiltzailearen kontuarentzat\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: erabiltzaile pasahitza  desblokeatzeak pasahitz gabeko kontu baten "
+"emaitza izan dezake\n"
+"Erabiltzaile pasahitz hau desblokeatzeko usermod -p erabiliaz pasahitz bat "
+"ezarri behar duzu.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: '%s' erabiltzailea badago dagoeneko %s-n\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: '%s' data baliogabea\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: '%s' data baliogabea\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: no options\n"
+msgstr "%s: ezin da %s ireki\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: -L, -p, eta -U banderak esklusiboak dira\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s:  -e eta -f aukerek itzalpeko pasahitzak eskatzen dute\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: '%lu' UIDa badago dagoeneko\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s ez dago %s-ren pasahitza aldatzeko baimendurik\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: %s direktorioa badago\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: ezin da %s direktorioa sortu\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: abisua: huts %s etxe direktorio zaharra guztiz ezabatzerakoan"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: ezin da %s direktorioa %s gisa izenez aldatu\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: huts %lu erabiltzailearen lastlog sarrera %lu erabiltzailera kopiatzean: "
+"%s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: huts %lu erabiltzailearen faillog sarrera %lu erabiltzailera kopiatzean: "
+"%s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: abisua: %s ez dago %s(r)en jabegoan\n"
+
+msgid "failed to change mailbox owner"
+msgstr "huts egin du postontzia jabez aldatzean"
+
+msgid "failed to rename mailbox"
+msgstr "huts egin du postontzia izenez aldatzean"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: huts %s sarrera  berria prestatzean '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: huts %s sarrera  berria prestatzean '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: huts %s sarrera  berria prestatzean '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: huts %s sarrera  berria prestatzean '%s'\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"%s eraldatu duzu\n"
+"Konsistetziagatik %s eraldatu behar duzu.\n"
+"Mesedez erabili '%s' komandoa horretarako.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   talde datu-basea editatu\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd                  pasahitz datu-basea editatu\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr "  -s, --shadow                  shadow edo gshadow datubasea editatu\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: huts %s kentzerakoan\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s ez da aldatu\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "huts egin du postontzia izenez aldatzean"
+
+msgid "failed to drop privileges"
+msgstr "huts baimenak kentzerakoan"
+
+msgid "Couldn't get file context"
+msgstr "Ezin da fitxategi testuingurua eskuratu"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () -ek huts egin du"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: huts baimenak kentzerakoan (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Ezin da fitxategia blokeatu"
+
+msgid "Couldn't make backup"
+msgstr "Ezin izan da babeskopiarik egin"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to open scratch file"
+msgstr "huts egin du postontzia izenez aldatzean"
+
+#, fuzzy
+#| msgid "%s: failed to unlock %s\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: huts %s desblokeatzean\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "huts egin du postontzia izenez aldatzean"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "huts egin du postontzia jabez aldatzean"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "huts egin du postontzia izenez aldatzean"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: ezin da %s leheneratu: %s (zure aldaketak %s(e)n daude)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: oinarrizko '%s' direktorio baliogabea\n"
+
+#~ msgid "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ msgstr "  -c, --crypt-method            zifratze metodoa (%s-etako bat)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Erabilera: vipw [aukerak]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) huts egin du\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: chage [aukerak] [IZENA]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ "  -d, --lastday AZKEN_EGUNA         ezarri pasahitz aldaketa AZKEN_EGUNA\n"
+#~ "  -E, --expiredate IRAUNGITZE_DATA  ezarri kontu iraungitze data\n"
+#~ "                                    IRAUNGITZE_DATA-ra\n"
+#~ "  -h, --help                        laguntza mezu hau bistarazi eta  "
+#~ "irten\n"
+#~ "  -I, --inactive INACTIVE           ezarri pasahitza ezgaitua bezala\n"
+#~ "                                    -INACTIVE iraungitzean\n"
+#~ "  -l, --list                        kontu denbora informazioa bistarazi\n"
+#~ "  -m, --mindays GUTXI_EGUN          pasahitz aldaketa gutxieneko data\n"
+#~ "                                    GUTXI_EGUN-era aldatu\n"
+#~ "  -M, --maxdays GEHI_EGUN           pasashitz aldaketa gehienezko data\n"
+#~ "                                    GEHI_EGUN-era aldatu\n"
+#~ "  -W, --warndays ABISU_EGUN         iraungitze abisua ABISU_EGUN-era "
+#~ "ezarri\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM autentifikazioak huts egin du\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Erabilera: %s [-f izen_osoa] [-r gela_zenb] [-w lan_tlf]\n"
+#~ "\t[-h etxe_tlf] [-o bestelakoa] [erabiltzaile-izena]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Erabilera: %s [-f izen_osoa] [-r gela_zb] [-w lan_tlf] [-h etxe_tlf]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Erabilera: %s [aukerak]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ "  -c, --crypt-method            kriptografia metodoa (%s-etako bat)\n"
+#~ "  -e, --encrypted              emandako pasahitzak enkripatzen dira\n"
+#~ "  -h, --help                    laguntzako mezu hau erakutsi eta irten\n"
+#~ "                                egiten da\n"
+#~ "  -m, --md5                     erabili MD5 enkriptatze algoritmoa ,\n"
+#~ "                                pasahitzak enkriptatuta ez daudenean\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: chsh [aukerak] [IZENA]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ "  -h, --help                    laguntza testu hau bistarazi eta irten\n"
+#~ "  -r, --shell IZENA             erabiltzaile kontukoaren shell berria\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Erabilera: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "huts-erregistroa: Huts %lu UID-arentat sarrera eskuratzean\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "huts-erregistroa: Ezin da %s ireki: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "huts-erregistroa: Ezinda %s tamaina eskuratu: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Erabilera: groupdel taldea\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Erabilera: %s [-r] [-s] [taldea [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Erabilera: %s [-r] [-s] [taldea]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s eta -r ezin dira batera erabili\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Erabilera: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Erabilera: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: lastlog [aukerak]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ "  -b, --before EGUN             EGUN kopurua baino zaharragoak diren\n"
+#~ "                                erregistroak\n"
+#~ "  -h, --help                    laguntzako mezu hau bistaratu eta irten\n"
+#~ "                                egiten da\n"
+#~ "  -t, --time EGUNAK             EGUNAK baino berriagoak diren "
+#~ "erregistroak\n"
+#~ "                                bakarrik bistaratzen ditu\n"
+#~ "  -u, --user IZENA              IZENA duen erabiltzailearen lastlog\n"
+#~ "                                erregistroa bistaratzen du\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: passwd [aukerak] [IZENA]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ "  -a, --all                        kontu guztien pasahitzen egoera "
+#~ "erreportea\n"
+#~ "  -d, --delete                     emandako kontuaren pasahitza ezabatu\n"
+#~ "  -e, --expire                     emandako kontuaren pasahitzaren\n"
+#~ "                                   iraungitzea behartu\n"
+#~ "  -h, --help                       laguntza mezu hau bistarazi eta irten\n"
+#~ "  -k, --keep-tokens                pasahitza iraungirik bakarrik badago\n"
+#~ "                                   aldatu\n"
+#~ "  -i, --inactive INAKTIBO          ezarri iraungiriko pasahitz ezgaitzea\n"
+#~ "                                   INAKTIBO-ra\n"
+#~ "  -l, --lock                       emandako kontua blokeatu\n"
+#~ "  -n, --mindays GUTXI_EGUN         ezarri pasahitz aldaketa gutxieneko "
+#~ "data\n"
+#~ "                                   GUTXI_EGUN-ra\n"
+#~ "  -q, --quiet                      ixilik modua\n"
+#~ "  -r, --repository ERREPOSITORIOA  ERREPOSITORIOA errepositorioko "
+#~ "pashitza\n"
+#~ "                                   aldatu\n"
+#~ "  -S, --status                     emandako kontuaren pasahitz egoera\n"
+#~ "                                   erreportea egin\n"
+#~ "  -u, --unlock                     emandako kontuaren blokeoa kendu\n"
+#~ "  -w, --warndays ABISU_EGUN        ezarri iraungitze abisu data "
+#~ "ABISU_EGUN-era\n"
+#~ "  -x, --maxdays GEHI_EGUN          ezarri pasahitz aldatu aurretik "
+#~ "gehienezko\n"
+#~ "                                   egun kopurua GEHI_EGUN-era\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Erabilera: %s [-q] [-r] [-s] [pasahitza [itzalpekoa]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Erabilera: %s [-q] [-r] [-s] [pasahitza [itzalpekoa]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Erabilera: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Erabilera: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "ID ezezaguna: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Ez dago shell-a\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: userdel [aukerak] IZENA\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ "  -f, --force                   fitxategien ezabatzea indartu nahiz ez\n"
+#~ "                                erabiltzailearenak izan\n"
+#~ "  -h, --help                    laguntza testu hau bistarazi eta irten\n"
+#~ "  -r, --remove                  etxe direktorioa eta posta hilara "
+#~ "ezabatu\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: une honetan %s erabiltzaileak saioan sartuta dago\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Erabilera: usermod [aukerak] IZENA\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ "  -c, --comment IRUZKINA         GECOS eremuaren balio berria\n"
+#~ "  -d, --home-dir ETXE_DIR       erabiltzaile kontu berriaren etxe "
+#~ "direktorioa\n"
+#~ "  -e, --expiredate IRAUNG_DATA  kontu iraungitze data ezarri\n"
+#~ "  -f, --inactive INAKTIBO       iraungitze ondorengo pasahitz ezgaitzea\n"
+#~ "                                to INAKTIBO-ra ezarri\n"
+#~ "  -g, --gid TALDE               erabiltzaile kontu berriarekin TALDE\n"
+#~ "                                erabiltzea behartu\n"
+#~ "  -G, --groups TALDEAK          erabiltzaile kontu berriaren talde\n"
+#~ "                                gehigarriak bistarazi\n"
+#~ "  -a, --append                  gehitu erabiltzailea -G aukerak "
+#~ "zehaztutako talde\n"
+#~ "                                gehigarrietara beste taldeetatik kendu "
+#~ "gabe\n"
+#~ "  -h, --help                    laguntza mezu hau bistarazi eta irten\n"
+#~ "  -l, --login IZENA             saio hasiera izenaren balio berria\n"
+#~ "  -L, --lock                    erabiltzaile kontua blokeatu\n"
+#~ "  -m, --move-home               etxe direktorioaren edukia kokapen "
+#~ "berrira\n"
+#~ "                                mugitu (--d-rekin bakarrik erabilgarri)\n"
+#~ "  -o, --non-unique              onartu UID bikoiztuak (ez bakarrak) "
+#~ "erabiltzea\n"
+#~ "  -p, --password PASAHITZA      Enkriptaturiko pasahitza erabili "
+#~ "pasahitz\n"
+#~ "                                berriarentzat\n"
+#~ "  -s, --shell SHELL             erabiltzaile kontuaren saio shell berria\n"
+#~ "  -u, --uid UID                 erabiltzaile kontuaren UID berria\n"
+#~ "  -U, --unlock                  erabiltzaile kontua desblokeatu\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: ez da banderarik eman\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: vipw [aukerak]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ "  -g, --group                   talde datu-basea editatu\n"
+#~ "  -h, --help                    laguntza testu hau bistarazi eta irten\n"
+#~ "  -p, --passwd                  pasahitz datu-basea editatu\n"
+#~ "  -q, --quiet                   ixiltasun modua\n"
+#~ "  -s, --shadow                  shadow edo gshadow datubasea editatu\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [option] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --add USER                add USER to GROUP\n"
+#~ "  -d, --delete USER             remove USER from GROUP\n"
+#~ "  -r, --remove-password         remove the GROUP's password\n"
+#~ "  -R, --restrict                restrict access to GROUP to its members\n"
+#~ "  -M, --members USER,...        set the list of members of GROUP\n"
+#~ "%s\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: %s [aukera] TALDEA\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ "  -a, --add ERAB                Gehitu ERABiltzailea TALDEra\n"
+#~ "  -d, --delete ERAB             kendu ERABiltzailea TALDEtik\n"
+#~ "  -r, --remove-password         TALDEaren pasahitaz kendu\n"
+#~ "  -R, --restrict                mugatu sarrera TALDEra bere "
+#~ "partaideetara\n"
+#~ "  -M, --members ERAB,...        ezarri TALDEaren partaideen zerrenda\n"
+#~ "%s\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmems [options] [action]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group groupname         change groupname instead of the user's "
+#~ "group\n"
+#~ "                                (root only)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ "  -a, --add username            add username to the members of the group\n"
+#~ "  -d, --delete username         remove username from the members of the "
+#~ "group\n"
+#~ "  -p, --purge                   purge all members from the group\n"
+#~ "  -l, --list                    list the members of the group\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: groupmems [aukerak] [ekintza]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ "  -g, --group groupname         aldatu talde-izena erabiltzailearen "
+#~ "taldea ordez\n"
+#~ "                                (root bakarrik)\n"
+#~ "\n"
+#~ "Ekintzak:\n"
+#~ "  -a, --add erabiltzailea            gehitu erabiltzaile-izena taldearen "
+#~ "partaideetara\n"
+#~ "  -d, --delete erabiltzailea         kendu erabiltzaile-izena taldearen "
+#~ "partaideetatik\n"
+#~ "  -p, --purge                   garbitu talde baten partaide guztiak\n"
+#~ "  -l, --list                    taldearen partaideak zerrendatu\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: %s [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Erabilera: %s [aukerak]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: ezin da %s sortu\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s:ezin da %s jabez aldatu\n"
+
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: faillog [aukerak]\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ "  -a, --all                     erabiltzaile guztien faillog-en\n"
+#~ "                                erregistroak bistaratzen ditu\n"
+#~ "  -h, --help                    laguntzako mezu hau bistarazi eta irten\n"
+#~ "  -l, --lock-time SEG           saio-hasieran hutsegin ondoren kontua "
+#~ "zenbat\n"
+#~ "                                segundutan blokeatuta egongo den\n"
+#~ "  -m, --maximum GEH             saio-hasierako GEHiengo hutsegite "
+#~ "kopurua\n"
+#~ "                                ezartzeko\n"
+#~ "  -r, --reset                   saio-hasierako hutsegiteen kontatzailea\n"
+#~ "                                berrezartzeko\n"
+#~ "  -t, --time EGUNAK             EGUNAK baino berriagoak diren faillog-en\n"
+#~ "                                erregistroak bistaratzeko\n"
+#~ "  -u, --user SAIOA              faillog-en erregistroak bistaratzeko edo\n"
+#~ "                                hutsegiteen kontatzailea eta "
+#~ "ERABILTZAILEA\n"
+#~ "                                izeneko erabiltzailearen(-r, -m edo -l\n"
+#~ "                                aukerekin erabiltzen bada) mantentzeko\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: groupadd [aukerak] TALDEA\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ "  -f, --force                   Indartu arrakastatsuki amaitzea nahiz\n"
+#~ "                                ezarritako taldea aurretik egon\n"
+#~ "  -g, --gid GID                 GID erabili talde berrirako\n"
+#~ "  -h, --help                    laguntza hau bistarazi eta irten\n"
+#~ "  -K, --key KEY=BALIO           /etc/login.defs lehenespenak gainidatzi\n"
+#~ "  -o, --non-unique              onartu bikoizutiko (ez bakarra) GID-a "
+#~ "duen\n"
+#~ "                                taldea sortzea\n"
+#~ "  -p, --password PASSWORD       enkriptatutako pasahitza erabili talde "
+#~ "berrirako\n"
+#~ "  -r, --system                  sistema kontu bat sortu\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Erabilera: groupmod [aukerak] TALDEA\n"
+#~ "\n"
+#~ "Aukerak::\n"
+#~ "  -g, --gid GID                 taldearentzat GID berria erabiltzea "
+#~ "indartu\n"
+#~ "  -h, --help                    laguntza hau bistarazi eta irten\n"
+#~ "  -K, --new-name TALDE_BERRIA   Taldearentzat TALDE_BERRI izena\n"
+#~ "                                erabiltzea indartu\n"
+#~ "  -o, --non-unique              onartu TALDEAK bikoizutiko (ez bakarra) "
+#~ "GID-a erabiltzea\n"
+#~ "  -p, --password PASSWORD       enkriptatutako pasahitza erabili pasahitz "
+#~ "berrirako\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Erabilera: useradd [aukerak] IZENA\n"
+#~ "\n"
+#~ "Aukerak:\n"
+#~ "  -b, --base-dir BASE_DIR       Erabiltzaile kontu berriaren etxe\n"
+#~ "                                direktorioaren oinarri direktorioa\n"
+#~ "  -c, --comment IRUZKINA        erabiltzaile kontu berriaren GECOS "
+#~ "ezarri\n"
+#~ "  -d, --home-dir HOME_DIR       erabiltzaile kontu berriaren etxe\n"
+#~ "                                direktorioa\n"
+#~ "  -D, --defaults                bistarazi edo gorde aldaturiko\n"
+#~ "                                lehenetsiriko useradd konfigurazioa\n"
+#~ "  -e, --expiredate IRAUNG_DATA  kontu iraungitze data ezarri\n"
+#~ "  -f, --inactive EZAKTIBO       ezarri pasahitza ez-aktibo gisa EZAKTIBO "
+#~ "iarungitzearen\n"
+#~ "                                ondoren\n"
+#~ "  -g, --gid TALDE               erabiltzaile kontu berriarekin TALDE\n"
+#~ "                                erabiltzea behartu\n"
+#~ "  -G, --groups TALDEAK          erabiltzaile kontu berriaren talde\n"
+#~ "                                gehiarriak bistarazi\n"
+#~ "  -h, --help                    laguntza mezu hau bistarazi eta irten\n"
+#~ "  -k, --skel SKEL_DIR           beste skel direktorio bat ezarri\n"
+#~ "  -K, --key KEY=BALIO           lehenetsiriko /etc/login.defs gainidatzi\n"
+#~ "  -l, --no-log-init             ez gehitu erabiltzailea lastlog eta "
+#~ "faillog\n"
+#~ "                                datu-baseetara\n"
+#~ "  -m, --create-home             erabiltzaile kontu berriarentzar etxe\n"
+#~ "                                direktorioa sortu\n"
+#~ "  -M, --no-create-home          ez sortu erabiltzailearen etxe-"
+#~ "direktorioa\n"
+#~ "                                (/etc/login.defs gainidazten du)\n"
+#~ "  -N, --no-user-group           ez sortu erabiltzailearen izen berdineko\n"
+#~ "                                talde bat\n"
+#~ "  -o, --non-unique              onartu erabiltzailea sortzea "
+#~ "bikoizturiko\n"
+#~ "                                (ez-bakarra) UIDa erabiliaz\n"
+#~ "  -p, --password PASAHITZA       enkriptatutako pasahitza erabili "
+#~ "erabiltzaile\n"
+#~ "                                berri kontuarentzat\n"
+#~ "  -r, --system                  sistema kontu bat sortu\n"
+#~ "  -s, --shell SHELL             Erabiltzaile kontu berriaren sarrera "
+#~ "shell-a\n"
+#~ "  -u, --uid UID                 behartu UID erabiltzea erabiltzaile kontu "
+#~ "berriarentzat\n"
+#~ "  -U, --user-group              sortu erabiltzailearen izen berdineko "
+#~ "talde bat\n"
+#~ "%s\n"
diff --git a/po/fi.po b/po/fi.po
new file mode 100644
index 0000000..b177bdc
--- /dev/null
+++ b/po/fi.po
@@ -0,0 +1,3609 @@
+# Finnish translation for shadow.
+# Copyright (C) 2004-2007 Free Software Foundation, Inc.
+# Tommi Vainikainen <Tommi.Vainikainen@iki.fi>, 2004-2007.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18.1\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2007-11-24 22:54+0100\n"
+"Last-Translator: Tommi Vainikainen <thv+debian@iki.fi>\n"
+"Language-Team: Finnish <debian-l10n-finnish@lists.debian.org>\n"
+"Language: fi\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Asetustiedoille ei voi varata tilaa.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "asetusvirhe - tuntematon kohta \"%s\" (kerro ylläpidolle)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Salasana: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Käyttäjän %s salasana: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Asetustiedoille ei voi varata tilaa.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Muutetaan käyttäjän %s vanhenemistietoja\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Käyttäjätunnusta ei voi selvittää.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: rivi %d: käyttäjää %s ei löydy\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: muisti loppui\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: tiedostoa %s ei voi päivittää\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: virheellinen kotihakemisto \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: varoitus: ei voi poistaa tiedostoa "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: varoitus: ei voi poistaa tiedostoa "
+
+# Kannattaako tuota kääntää, siinä viitataan rename()-funktioon...
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: varoitus: ei voi poistaa tiedostoa "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: varoitus: ei voi poistaa tiedostoa "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: tiedostoa %s ei voi päivittää\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: varjotiedostoa ei voi päivittää\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+# Kannattaako tuota kääntää, siinä viitataan rename()-funktioon...
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: tiedostoa %s ei voi lukita\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Varoitus: tuntematon ryhmä %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Varoitus: liian monta ryhmää\n"
+
+msgid "Your password has expired."
+msgstr "Salasanasi on vanhentunut."
+
+msgid "Your password is inactive."
+msgstr "Salasanasi ei ole käytössä."
+
+msgid "Your login has expired."
+msgstr "Käyttäjätunnuksesi on vanhentunut."
+
+msgid "  Contact the system administrator."
+msgstr "  Ota yhteys järjestelmän ylläpitoon."
+
+msgid "  Choose a new password."
+msgstr "  Valitse uusi salasana."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Salasanasi vanhenee %ld päivässä.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Salasanasi vanhenee huomenna."
+
+msgid "Your password will expire today."
+msgstr "Salasanasi vanhenee tänään."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Päätettä %s ei voi vaihtaa"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: kentät liian pitkiä\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Ympäristön ylivuoto\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Et voi muuttaa muuttujaa $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"Edellisen kirjautumisen jälkeen %d epäonnistunut yritys.\n"
+"Viimeisin oli %s päätteellä %s.\n"
+msgstr[1] ""
+"Edellisen kirjautumisen jälkeen %d epäonnistunutta yritystä.\n"
+"Viimeisin oli %s päätteellä %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "postilaatikon omistajan vaihtaminen epäonnistui"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: ei saa ainutkertaista UID:tä\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: ei saa ainutkertaista GID:iä\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: ei saa ainutkertaista UID:tä\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: ei saa ainutkertaista UID:tä\n"
+
+msgid "Too many logins.\n"
+msgstr "Liian monta sisäänkirjautumista.\n"
+
+msgid "You have new mail."
+msgstr "Sinulle on uutta postia."
+
+msgid "No mail."
+msgstr "Ei postia."
+
+msgid "You have mail."
+msgstr "Sinulle on postia."
+
+msgid "no change"
+msgstr "ei muutoksia"
+
+msgid "a palindrome"
+msgstr "palidromi"
+
+msgid "case changes only"
+msgstr "vain kirjainkoon muutoksia"
+
+msgid "too similar"
+msgstr "liian samankaltainen"
+
+msgid "too simple"
+msgstr "liian yksinkertainen"
+
+msgid "rotated"
+msgstr "pyöräytetty"
+
+msgid "too short"
+msgstr "liian lyhyt"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Huono salasana: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() epäonnistui, virhe %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Salasana vaihdettu."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: salasanan päivitys onnistui\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Väärä salasana käyttäjälle \"%s\".\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: virheellinen kotipuhelin: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Ei voi vaihtaa hakemistoon \"%s\"\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Ei hakemistoa, sisäänkirjaudutaan siten, että HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Ei voi suorittaa %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Virheellinen juurihakemisto \"%s\"\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Ei voi vaihtaa juurihakemistoksi \"%s\"\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Tty-päätteesi nimeä ei voi selvittää."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "Ei\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Syötä uusi arvo tai paina ENTER jättääksesi oletuksen"
+
+msgid "Minimum Password Age"
+msgstr "Salasanan ikä vähintään"
+
+msgid "Maximum Password Age"
+msgstr "Salasanan ikä korkeintaan"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Viimeisin salasanan vaihto (VVVV-KK-PP)"
+
+msgid "Password Expiration Warning"
+msgstr "Salasanan vanhenemisvaroitus"
+
+msgid "Password Inactive"
+msgstr "Salasana pois käytöstä"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Tunnuksen vanhenemispäiväys (VVVV-KK-PP)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Edellinen salasanan vaihto\t\t\t\t\t: "
+
+msgid "never"
+msgstr "ei koskaan"
+
+msgid "password must be changed"
+msgstr "salasana täytyy vaihtaa"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Salasana vanhenee\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Salasana pois käytöstä\t\t\t\t\t:"
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Tunnus vanhenee\t\t\t\t\t:"
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Salasanan vaihtamisten välillä vähintään päiviä\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Salasanan vaihtamisten välillä korkeintaan päiviä\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Montako päivää varoitetaan ennen salasanan vanhenemista\t\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: virheellinen päiväys \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: virheellinen numeroargumentti \"%s\"\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: älä sisällytä \"l\" muiden lippujen kanssa\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Lupa evätty.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Käyttäjätunnusta ei voi selvittää.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: tiedostoja ei voi lukita, yritä myöhemmin uudelleen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: tiedostoa %s ei voi lukita\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: fork-kutsu epäonnistui: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: varjosalasanatiedostoa ei ole\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Muutetaan käyttäjän %s vanhenemistietoja\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: virhe muutettaessa kenttiä\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Koko nimi"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Huonenumero"
+
+msgid "Work Phone"
+msgstr "Työpuhelin"
+
+msgid "Home Phone"
+msgstr "Kotipuhelin"
+
+msgid "Other"
+msgstr "Muu"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Ei voi vaihtaa tunnusta pääkäyttäjäksi.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: virheellinen nimi: \"%s\"\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: virheellinen huonenumero: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: virheellinen työpuhelin: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: virheellinen kotipuhelin: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: \"%s\" sisältää ei-sallittuja merkkejä\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: \"%s\" sisältää ei-sallittuja merkkejä\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: ei voi vaihtaa käyttäjää \"%s\" NIS-asiakkaalla.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: \"%s\" on NIS-palvelin tälle asiakkaalle.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Muutetaan käyttäjän %s tietoja\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: kentät liian pitkiä\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: Valitsinta -a voi käyttää VAIN yhdessä valitsimen -G kanssa\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: rivi %d: rivi on liian pitkä\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: rivi %d: uusi salasana puuttuu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: ryhmää %s ei ole olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: rivi %d: tietuetta ei voi päivittää\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: virhe havaittu, muutokset ohitetaan\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Sisäänkirjautumiskuori"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Et voi muuttaa käyttäjän %s kuorta.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Muutetaan käyttäjän %s sisäänkirjautumiskuorta\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Virheellinen tietue: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s on virheellinen kuori.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: varoitus: tiedoston %s omistaja ei ole %s\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: odottamaton argumentti: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Tunnus      Epäonn.  Enint.  Edellinen                Päätteellä\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds jäljellä]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds lukittu]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Tuntematon käyttäjä: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Käyttäjän %s salasanaa ei voi vaihtaa.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "Käyttäjän %s salasanaa ei voi vaihtaa.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: varjoryhmäsalanat vaaditaan valitsimelle -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: ryhmää %s ei ole olemassa\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: fork-kutsu epäonnistui: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Vaihdetaan ryhmän %s salasana\n"
+
+msgid "New Password: "
+msgstr "Uusi salasana: "
+
+msgid "Re-enter new password: "
+msgstr "Toista uusi salasana: "
+
+msgid "They don't match; try again"
+msgstr "Ne eivät täsmää. Yritä uudelleen"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Yritä myöhemmin uudelleen\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Lisätään käyttäjä %s ryhmään %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Poistetaan käyttäjä %s ryhmästä %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Ei ole pääte\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s ei ole kelpo ryhmänimi\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "virheellinen ryhmänimi \"%s\"\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K vaatii AVAIN=ARVO\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: ryhmä %s on olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "Jäsen on jo olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Käyttäjätunnusta ei voi selvittää.\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: ei voi vaihtaa käyttäjää \"%s\" NIS-asiakkaalla.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: ryhmää %s ei ole olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: ryhmä \"%s\" on NIS-ryhmä.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: isäntä %s on NIS-palvelin\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: käyttäjä %s on NIS-käyttäjä\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: muisti loppui funktiossa update_group\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "virheellinen ryhmänimi \"%s\"\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: ryhmä %s on NIS-ryhmä\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: Tuntematon käyttäjä %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: valitsimet -s ja -r eivät sovi yhteen\n"
+
+msgid "invalid group file entry"
+msgstr "virheellinen ryhmätiedostotietue"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "poista rivi \"%s\"? "
+
+msgid "duplicate group entry"
+msgstr "kaksinkertainen ryhmätietue"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "virheellinen ryhmänimi \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "virheellinen ryhmänimi \"%s\"\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "ryhmä %s: ei käyttäjää %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "poista jäsen \"%s\"? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "ei täsmäävää ryhmätiedostotietuetta tiedostossa %s\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "lisää ryhmä \"%s\" tiedostoon %s?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "virheellinen tietue varjoryhmätiedostossa"
+
+msgid "duplicate shadow group entry"
+msgstr "kaksinkertainen varjoryhmätietue"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "varjoryhmä %s: käyttäjä %s ei kuulu ylläpitoon\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "poista ylläpidon jäsen \"%s\"? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "varjoryhmä %s: ei käyttäjää %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: tiedostot päivitettiin\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: ei muutoksia\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: tiedostoa %s ei voi päivittää\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Käyttö: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Käyttö: id\n"
+
+msgid " groups="
+msgstr " ryhmät="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr "Käyttäjä         Portti   Mistä            Viimeksi"
+
+msgid "Username                Port     Latest"
+msgstr "Käyttäjä                Portti   Viimeksi"
+
+msgid "**Never logged in**"
+msgstr "**Ei koskaan kirjautunut sisään**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: salasanatiedostoa ei voi päivittää\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Käyttö: %s [-p] [nimi]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h isäntä] [-f nimi]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r isäntä\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Virheellinen kirjautumisaika"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Järjestelmä on suljettu ylläpidon ajaksi"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Yhteydenkatkaisu ohitettu -- pääkäyttäjän kirjautuminen sallittu.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr "Ei utmp-tietuetta. Suorita \"login\" alimman tason kuoresta"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Sisäänkirjautuminen keskeytetty %d sekunnin jälkeen.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM-virhe, keskeytetään: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s-tunnus: "
+
+msgid "login: "
+msgstr "tunnus: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Suurin sallittu määrä yrityksiä ylitetty (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: keskeytyspyyntö PAM:sta\n"
+
+msgid "Login incorrect"
+msgstr "Sisäänkirjautuminen epäonnistui"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: rivi %d: käyttäjää %s ei löydy\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s-tunnus: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: fork-kutsu epäonnistui: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+"Varoitus: sisäänkirjautuminen uudelleen käytössä hetkellisen eston jälkeen."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Edellinen kirjautuminen: %s päätteellä %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Edellinen kirjautuminen: %.19s päätteellä %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " osoitteesta %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"sisäänkirjautumisaika ylitetty\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Käyttö: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Käyttö: newgrp [-] [ryhmä]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Käyttö: sg ryhmä [[-c] komento]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Vanha salasana: "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: fork-kutsu epäonnistui: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+msgid "too many groups\n"
+msgstr "liian monta ryhmää\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: ryhmää %s ei ole olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: virheellinen käyttäjätunnus \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: virheellinen käyttäjätunnus \"%s\"\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: rivi %d: virheellinen rivi\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: käyttäjän %s tietuetta ei voi päivittää\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: rivi %d: GIDiä ei voi luoda\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: rivi %d: GIDiä ei voi luoda\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: rivi %d: salasanaa ei voi päivittää\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: rivi %d: mkdir epäonnistui\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: rivi %d: chown epäonnistui\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: rivi %d: tietuetta ei voi päivittää\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: tiedostoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: ryhmätiedostoa ei voi päivittää\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Vanha salasana: "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Syötä uusi salasana (vähintään %d ja korkeintaan %d merkkiä)\n"
+"Käytäthän salasanassa numeroita sekä pien- ja suuraakkosia.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Syötä uusi salasana (vähintään %d ja korkeintaan %d merkkiä)\n"
+"Käytäthän salasanassa numeroita sekä pien- ja suuraakkosia.\n"
+
+msgid "New password: "
+msgstr "Uusi salasana: "
+
+msgid "Try again."
+msgstr "Yritä uudelleen."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Varoitus: heikko salasana (syötä uudelleen käyttääksesi joka tapauksessa)."
+
+msgid "They don't match; try again.\n"
+msgstr "Ne eivät täsmää. Yritä uudelleen.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Käyttäjän %s salasanaa ei voi vaihtaa.\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Käyttäjän %s salasanaa ei voi vaihtaa.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: tietolähdettä %s ei tueta\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Et voi katsoa tai muokata käyttäjän %s salasanatietoja.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Vaihdetaan salasana käyttäjälle %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Käyttäjän %s salasanaa ei vaihdettu.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Salasana vaihdettu."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Salasanan vanhenemisvaroitus"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "virheellinen sanasanatiedostotietue"
+
+msgid "duplicate password entry"
+msgstr "kaksinkertainen salasanatietue"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "virheellinen käyttäjätunnus \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "virheellinen käyttäjätunnus \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "käyttäjä %s: ei ryhmää %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "käyttäjä %s: hakemistoa %s ei ole olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "käyttäjä %s: kuorta %s ei ole olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: tiedostoa %s ei voi lukita\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "ei täsmäävää salasanatiedostotietuetta tiedostossa %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "lisää käyttäjä \"%s\" tiedostoon %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "virheellinen tietue varjosalasanatiedostossa"
+
+msgid "duplicate shadow password entry"
+msgstr "kaksinkertainen varjosalasanatietue"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "käyttäjä %s: viimeisin salasanan vaihto tapahtunut tulevaisuudessa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: tiedostoa %s ei voi lukita\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: tiedostoa ei voi uudelleenkirjoittaa\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Tunnuksen vaihtaminen täksi käyttäjäksi EVÄTTY.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Salasanatodennus ohitettu.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Syötä OMA salasanasi todennukseksi.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: tiedostoa %s ei voi lukita\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Käyttö: su [valitsimet] [TUNNUS]\n"
+"\n"
+"Valitsimet:\n"
+"  -c, --command KOMENTO         Välitä KOMENTO käynnistyvälle kuorelle\n"
+"  -h, --help                    Näytä tämä ohje ja lopeta\n"
+"  -, -l, --login                Tee kuoresta sisäänkirjautumiskuori\n"
+"  -m, -p,\n"
+"  --preserve-environment        Älä tyhjää ympäristömuuttujia ja säilytä\n"
+"                                sama kuori\n"
+"  -s, --shell KUORI             Käytä kuorta KUORI passwd:n oletuksen "
+"sijaan\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ohitettu)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Sinulla ei ole lupaa asettua käyttäjäksi %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Syötä oma salasanasi)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: PAM-todennus epäonnistui\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Sinulla ei ole lupaa asettua käyttäjäksi %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Ei salasanatietuetta pääkäyttäjälle (\"root\")"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: täytyy suorittaa päätteessä\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: virhe %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Ei voi suorittaa %s"
+
+msgid "No password file"
+msgstr "Ei salasanatiedosto"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Ei salasanatietuetta pääkäyttäjälle (\"root\")"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Paina ctrl-d jatkaaksesi normaalia käynnistystä,\n"
+"(tai syötä pääkäyttäjän salasana järjestelmän ylläpitämiseksi):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Siirrytään järjestelmän ylläpitotilaan"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: uutta defaults-tiedostoa ei voi luoda\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: uutta defaults-tiedostoa ei voi avata\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: rivi %d: chown epäonnistui\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+# Kannattaako tuota kääntää, siinä viitataan rename()-funktioon...
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: ryhmä \"%s\" on NIS-ryhmä.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: liian monta ryhmää määritelty (korkeintaan %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Käyttö: %s [syöte]\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: virheellinen perushakemisto \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: virheellinen kommentti \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: virheellinen kotihakemisto \"%s\"\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: varjosalasanat vaaditaan valitsimelle -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: varjosalasanat vaaditaan valitsimelle -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: virheellinen kenttä \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: virheellinen kuori \"%s\"\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+msgid "Creating mailbox file"
+msgstr "Luodaan postilaatikkotiedosto"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Ryhmää \"mail\" ei löytynyt. Luodaan käyttäjälle postilaatikkotiedosto 0600-"
+"oikeuksin.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Asetetaan postilaatikkotiedoston oikeudet"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: käyttäjä %s on olemassa\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: ryhmä %s on olemassa - jos haluat lisätä tämän käyttäjän ryhmään, käytä "
+"valitsinta -g.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: tiedostoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %u ei ole ainutkertainen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: tiedostoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: tiedostoa %s ei voi luoda\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: tiedostoa %s ei voi luoda\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: varoitus: kotihakemisto on jo olemassa.\n"
+"Ei kopioida yhtään tiedostoa sinne skel-hakemistosta.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: ei voi vaihtaa käyttäjää \"%s\" NIS-asiakkaalla.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: Ryhmää %s ei voi poistaa, koska se on toisen käyttäjän ensisijainen "
+"ryhmä.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: virheellinen kotihakemisto \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: varoitus: ei voi poistaa tiedostoa "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: tiedoston %s omistaja ei ole %s, ei poisteta\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: käyttäjä %s on NIS-käyttäjä\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: virheellinen kotihakemisto \"%s\"\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: ei poisteta hakemistoa %s (poistettaisiin käyttäjän %s kotihakemisto)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: virhe poistettaessa hakemistoa %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: käyttäjä %s on olemassa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: virheellinen päiväys \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: virheellinen päiväys \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: tiedostoa %s ei voi lukita\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: varjosalasanat vaaditaan valitsimille -e ja -f\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "Jäsen on jo olemassa\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: hakemisto %s on olemassa\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: hakemistoa %s ei voi luoda\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: varoitus: vanhan kotihakemiston %s täydellinen poistaminen epäonnistui"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: hakemistoa %s ei voi uudelleennimetä hakemistoksi %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: varoitus: tiedoston %s omistaja ei ole %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "postilaatikon omistajan vaihtaminen epäonnistui"
+
+msgid "failed to rename mailbox"
+msgstr "postilaatikon uudelleennimeäminen epäonnistui"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: tiedostoa %s ei muutettu\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "postilaatikon uudelleennimeäminen epäonnistui"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Tiedostoa ei voi lukita"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: Oikeuksien pudottaminen epäonnistui (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Tiedostoa ei voi lukita"
+
+msgid "Couldn't make backup"
+msgstr "Tiedostoa ei voi varmuuskopioida"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: Käyttäjää %s ei löydy tiedostosta /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Ryhmätiedostoa ei voi avata\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: kentät liian pitkiä\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "postilaatikon uudelleennimeäminen epäonnistui"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "postilaatikon omistajan vaihtaminen epäonnistui"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "postilaatikon uudelleennimeäminen epäonnistui"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr ""
+"%s: tiedostoa %s ei voi palauttaa: %s (muutoksesi ovat tiedostossa %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: virheellinen perushakemisto \"%s\"\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Käyttö: %s [syöte]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) epäonnistui\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -d, --lastday LAST_DAY        set last password change to LAST_DAY\n"
+#~| "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --list                    show account aging information\n"
+#~| "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "  -W, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: chage [valitsimet] [TUNNUS]\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ "  -d, --lastday VIIM_PVM        Aseta edelliseksi salasanan "
+#~ "vaihtopäiväksi\n"
+#~ "                                VIIM_PVM\n"
+#~ "  -E, --expiredate VANH_PVM     Aseta tilin vanhenemispäiväykseksi "
+#~ "VANH_PVM\n"
+#~ "  -h, --help                    Näytä tämä ohje ja lopeta\n"
+#~ "  -I, --inactive POISKÄYTÖSTÄ   Ota salasana pois käytöstä POISKÄYTÖSTÄ\n"
+#~ "                                päivää vanhenemisen jälkeen\n"
+#~ "  -l, --list                    Näytä tilin vanhenemistiedot\n"
+#~ "  -m, --mindays MIN_PÄIVIÄ      Aseta pienimmäksi sallittuksi määräksi\n"
+#~ "                                päiviä ennen salasanan vaihtamista "
+#~ "MIN_PÄIVIÄ\n"
+#~ "  -M, --maxdays MAX_PÄIVIÄ      Aseta suurimmaksi sallituksi määräksi "
+#~ "päiviä\n"
+#~ "                                ennen salasanan vaihtamista MAX_PÄIVIÄ\n"
+#~ "  -W, --warndays VAR_PÄIVIÄ     Aseta vanhenemisen varoitusajaksi "
+#~ "VAR_PÄIVIÄ\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM-todennus epäonnistui\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Käyttö: %s [-f koko_nimi] [-r huonenro] [-w työpuh]\n"
+#~ "\t[-h kotipuh] [-o muu] [käyttäjä]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr "Käyttö: %s [-f koko_nimi] [-r huonenro] [-w työpuh] [-h kotipuh]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Käyttö: chpasswd [valitsimet]\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ "  -e, --encrypted               Annetut salasanat ovat salakirjoitettuja\n"
+#~ "  -h, --help                    Näytä tämä ohje ja lopeta\n"
+#~ "  -m, --md5                     Käytä MD5:tä eikä DES:iä kun annetut\n"
+#~ "                                salasanat eivät ole salakirjoitettuja\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: chsh [valitsimet] [TUNNUS]\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ "  -h, --help                    Näytä tämä ohje ja poistu\n"
+#~ "  -s, --shell KUORI             Aseta uusi sisäänkirjautumiskuori "
+#~ "käyttäjälle\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Käyttö: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: tiedostoa %s ei voi lukita\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Käyttö: groupdel ryhmä\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Käyttö: %s [-r] [-s] [ryhmä [ryhmävarjo]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Käyttö: %s [-r] [-s] [ryhmä]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: valitsimet -s ja -r eivät sovi yhteen\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Käyttö: groupdel ryhmä\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Käyttö: groupdel ryhmä\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: lastlog [valitsimet]\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ "  -b, --before PÄIVÄÄ        Tulosta vain PÄIVÄÄ vanhemmat lastlog-"
+#~ "tietueet\n"
+#~ "  -t, --time PÄIVÄÄ          Tulosta vain PÄIVÄÄ tuoreemmat lastlog-"
+#~ "tietueet\n"
+#~ "  -u, --login TUNNUS         Tulosta lastlog-tietue käyttäjälle TUNNUS\n"
+#~ "  -h, --help                 Näytä tämä ohje ja lopeta\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: passwd [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     report password status on all accounts\n"
+#~| "  -d, --delete                  delete the password for the named "
+#~| "account\n"
+#~| "  -e, --expire                  force expire the password for the named "
+#~| "account\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -k, --keep-tokens             change password only if expired\n"
+#~| "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --lock                    lock the named account\n"
+#~| "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -r, --repository REPOSITORY   change password in REPOSITORY "
+#~| "repository\n"
+#~| "  -S, --status                  report password status on the named "
+#~| "account\n"
+#~| "  -u, --unlock                  unlock the named account\n"
+#~| "  -w, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "  -x, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: passwd [valitsimet] [TUNNUS]\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ "  -a, --all                     Ilmoita jokaisen tunnuksen "
+#~ "salasanatilanne\n"
+#~ "  -d, --delete                  Poista annetun tunnuksen salasana\n"
+#~ "  -e, --expire                  Aseta annetun tunnuksen salasana\n"
+#~ "                                vanhentuneeksi\n"
+#~ "  -h, --help                    Näytä tämä ohje ja lopeta\n"
+#~ "  -k, --keep-tokens             Vaihda vain vanhentunut salasana\n"
+#~ "  -i, --inactive POISKÄYTÖSTÄ   Ota salasana pois käytöstä POISKÄYTÖSTÄ\n"
+#~ "                                päivää vanhenemisen jälkeen\n"
+#~ "  -l, --lock                    Lukitse annettu tunnus\n"
+#~ "  -n, --mindays VÄH_PÄIVÄ       Aseta vähin määrä päiviä ennen kuin\n"
+#~ "                                salasanan voi vaihtaa VÄH_PÄIVÄksi\n"
+#~ "  -q, --quiet                   Hiljainen toiminta\n"
+#~ "  -r, --repository TIETOLÄHDE   Vaihda salasana tietolähteessä "
+#~ "TIETOLÄHDE\n"
+#~ "  -S, --status                  Ilmoita annetun tunnuksen salasanan tila\n"
+#~ "  -u, --unlock                  Avaa annetun tunnuksen lukitus\n"
+#~ "  -w, --warndays VAR_PÄIVÄÄ     Aseta varoituspäiviksi VAR_PÄIVÄÄ ennen\n"
+#~ "                                vanhentumista\n"
+#~ "  -x, --maxdays KORK_PÄIVÄ      Aseta korkein määrä päivä ennen kuin\n"
+#~ "                                salasana täytyy vaihtaa KORK_PÄIVÄksi\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Käyttö: %s [-q] [-r] [-s] [passwd [varjo]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Käyttö: %s [-q] [-r] [-s] [passwd [varjo]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Käyttö: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Käyttö: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Tuntematon id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Ei kuorta\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: userdel [valitsimet] TUNNUS\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ "  -f, --force                   Pakota tiedostojen poisto vaikkei niitä\n"
+#~ "                                omistaisikaan käyttäjä\n"
+#~ "  -h, --help                    Näytä tämä ohje ja poistu\n"
+#~ "  -r, --remove                  Poista kotihakemistoja ja postilaatikko\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: käyttäjä %s on nyt sisäänkirjautuneena\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Käyttö: usermod [valitsimet] TUNNUS\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ "  -a, --append RYHMÄ            Lisää käyttäjä ryhmään RYHMÄ\n"
+#~ "                                (käytetään vain valitsimen -G kanssa)\n"
+#~ "  -c, --comment KOMMENTTI       Aseta GECOS-kenttään uusi arvo\n"
+#~ "  -d, --home KOTIHAK            Käyttäjätunnuksen uusi kotihakemisto\n"
+#~ "  -e, --expiredate VANH_PVM     Aseta tilin vanhenemispäiväykseksi "
+#~ "VANH_PVM\n"
+#~ "  -f, --inactive POISKÄYTÖSTÄ   Ota salasana pois käytöstä POISKÄYTÖSTÄ\n"
+#~ "                                päivää vanhenemisen jälkeen\n"
+#~ "  -g, --gid RYHMÄ               Aseta RYHMÄ uudeksi "
+#~ "sisäänkirjautumisryhmäksi\n"
+#~ "  -G, --groups RYHMÄT           Luettelo lisäryhmistä\n"
+#~ "  -h, --help                    Näytä tämä ohje ja lopeta\n"
+#~ "  -l, --login TUNNUS            Uusi arvo tunnukseksi\n"
+#~ "  -L, --lock                    Lukitse annettu tunnus\n"
+#~ "  -m, --move-home               Siirrä kotihakemiston sisältö uuteen\n"
+#~ "                                sijaintiin (käytä vain yhdessä "
+#~ "valitsimen\n"
+#~ "                                -d kanssa)\n"
+#~ "  -o, --non-unique              Salli UID:n uudelleenkäyttö (ei-uniikki "
+#~ "UID)\n"
+#~ "  -p, --password SALASANA       Käytä salakirjoitettua salasanaa\n"
+#~ "  -s, --shell KUORI             Käyttäjätunnuksen uusi "
+#~ "sisäänkirjautumiskuori\n"
+#~ "  -u, --uid UID                 Uusi UID käyttäjätunnukselle\n"
+#~ "  -U, --unlock                  Avaa annetun tunnuksen lukitus\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: lippuja ei annettu\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: vipw [valitsimet]\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ "  -g, --group                   Muokkaa ryhmätietokantaa\n"
+#~ "  -h, --help                    Näytä tämä ohje ja lopeta\n"
+#~ "  -p, --passwd                  Muokkaa passwd-tietokantaa\n"
+#~ "  -q, --quiet                   Hiljainen toiminta\n"
+#~ "  -s, --shadow                  Muokkaa shadow- tai gshadow-tietokantaa\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Käyttö: %s [syöte]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: tiedostoa %s ei voi luoda\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: tiedoston %s omistajaa ei voi asettaa\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     display faillog records for all users\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --lock-time SEC           after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| "  -m, --maximum MAX             set maximum failed login counters to "
+#~| "MAX\n"
+#~| "  -r, --reset                   reset the counters of login failures\n"
+#~| "  -t, --time DAYS               display faillog records more recent than "
+#~| "DAYS\n"
+#~| "  -u, --user LOGIN              display faillog record or maintains "
+#~| "failure\n"
+#~| "                                counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| "                                options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: faillog [valitsimet]\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ "  -a, --all                     Näytä faillog-tietueet kaikille "
+#~ "käyttäjille\n"
+#~ "  -h, --help                    Näytä tämä ohje ja lopeta\n"
+#~ "  -l, --lock-time SEK           Lukitse epäonnistuneen kirjautumisen "
+#~ "jälkeen\n"
+#~ "                                tunnus SEK sekunniksi\n"
+#~ "  -m, --maximum MAX             Aseta sallittujen kirjautumisyritysten\n"
+#~ "                                laskureiksi MAX\n"
+#~ "  -r, --reset                   Nollaa kirjautumisyrityslaskurit\n"
+#~ "  -t, --time PÄIVIÄ             Näytä PÄIVIÄ uudemmat faillog-tietueet\n"
+#~ "  -u, --user TUNNUS             Näytä faillog-tietue tai muuta\n"
+#~ "                                kirjautumisyrityslaskureita (kun\n"
+#~ "                                käytetään -r, -m tai -l-valitsimilla)\n"
+#~ "                                vain käyttäjälle TUNNUS\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: groupadd [valitsimet] RYHMÄ\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ "  -f, --force                   poistu onnistuneella arvolla vaikka "
+#~ "annettu\n"
+#~ "                                ryhmä olisikin jo olemassa\n"
+#~ "  -g, --gid RYHMÄID             käytä RYHMÄID:tä uudelle ryhmälle\n"
+#~ "  -h, --help                    näytä tämä ohjeviesti ja poistu\n"
+#~ "  -K, --key AVAIN=ARVO          ohita /etc/login.defs:n oletusarvot\n"
+#~ "  -o, --non-unique              salli ryhmän luominen (ei-uniikilla)\n"
+#~ "                                kopio-RYHMÄID:llä\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: groupmod [valitsimet] RYHMÄ\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ "  -g, --gid RYHMÄID             käytä RYHMÄID:tä tälle ryhmälle\n"
+#~ "  -h, --help                    näytä tämä ohjeviesti ja poistu\n"
+#~ "  -n, --new-name UUSI_RYHMÄ     aseta UUSI_RYHMÄ nimeksi RYHMÄlle\n"
+#~ "  -o, --non-unique              salli saman RYHMÄID:n käyttäminen "
+#~ "RYHMÄlle\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Käyttö: useradd [valitsimet] TUNNUS\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ "  -b, --base-dir YLÄHAK         Ylähakemisto uuden käyttäjätunnuksen\n"
+#~ "                                kotihakemistolle\n"
+#~ "  -c, --comment KOMMENTTI       Aseta GECOS-kenttä uudelle "
+#~ "käyttäjätunnukselle\n"
+#~ "  -d, --home-dir KOTIHAK        Uuden käyttäjätunnuksen kotihakemisto\n"
+#~ "  -D, --defaults                Tulosta tai tallenna useradd-työkalun\n"
+#~ "                                oletusasetukset\n"
+#~ "  -e, --expiredate VANH_PVM     Aseta tilin vanhenemispäiväykseksi "
+#~ "VANH_PVM\n"
+#~ "  -f, --inactive POISKÄYTÖSTÄ   Ota salasana pois käytöstä POISKÄYTÖSTÄ\n"
+#~ "                                päivää vanhenemisen jälkeen\n"
+#~ "  -g, --gid RYHMÄ               Valitse itse RYHMÄ uudelle "
+#~ "käyttäjätunnukselle\n"
+#~ "  -G, --groups RYHMÄT           Luettelo lisäryhmistä uudelle\n"
+#~ "                                käyttäjätunnukselle\n"
+#~ "  -h, --help                    Näytä tämä ohje ja lopeta\n"
+#~ "  -k, --skel MALLIHAK           Määritä vaihtoehtoinen mallihakemisto\n"
+#~ "  -K, --key AVAIN=ARVO          Kumoa /etc/login.defs-oletusarvot\n"
+#~ "  -m, --create-home             Luo kotihakemisto uudelle "
+#~ "käyttäjätunnukselle\n"
+#~ "  -o, --non-unique              Salli UID:n uudelleenkäyttö (ei-uniikki "
+#~ "UID)\n"
+#~ "                                luotaessa käyttäjätunnus\n"
+#~ "  -p, --password SALASANA       Käytä salakirjoitettua salasanaa uudelle\n"
+#~ "                                käyttäjätunnukselle\n"
+#~ "  -s, --shell KUORI             Uuden käyttäjätunnuksen "
+#~ "sisäänkirjautumiskuori\n"
+#~ "  -u, --uid UID                 Valitse itse UID uudelle "
+#~ "käyttäjätunnukselle\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Salasana asetettu vanhenemaan."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: salasanatiedostoa ei voi lukita\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: salasanatiedostoa ei voi avata\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: varjosalasanatiedostoa ei voi lukita\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: varjosalasanatiedostoa ei voi avata\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: varjosalasanatiedostoa ei voi uudelleenkirjoittaa\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: salasanatiedostoa ei voi uudelleenkirjoittaa\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: varjosalasanatiedostoa ei voi päivittää\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tKoko nimi: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tHuonenumero: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTyöpuhelin: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tKotipuhelin: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Salasanatiedostoa ei voi lukita. Yritä myöhemmin uudelleen.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Salasanatiedostoa ei voi avata.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Virhe päivitettäessä salasanatietuetta.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Salasanatiedoston muutoksia ei voi tallentaa.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Salasanatiedoston lukitusta ei voi avata.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: ryhmätiedostoa ei voi lukita\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: ryhmätiedostoa ei voi avata\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: gshadow-tiedostoa ei voi lukita\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: varjotiedostoa ei voi avata\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: virhe päivitettäessä varjotiedostoa\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: virhe päivitettäessä ryhmätietuetta\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: rivi %d: tuntematon ryhmä %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: rivi %d: tietuetta ei voi päivittää\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: varjotiedostoa ei voi lukita\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: virhe päivitettäessä varjotiedostoa\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: virhe päivitettäessä salasanatiedostoa\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: rivi %d: tuntematon käyttäjä %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: rivi %d: salasanatietuetta ei voi päivittää\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: tuntematon käyttäjä\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Tuntematon käyttäjä: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Käyttö: %s [-r|-R] ryhmä\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "       %s [-a käyttäjä] ryhmä\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "       %s [-d käyttäjä] ryhmä\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "       %s [-A käyttäjä,...] [-M käyttäjä,...] ryhmä\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "       %s [-M käyttäjä,...] ryhmä\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: ei voi lukita\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: varjoa ei voi lukita\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: tiedosta ei voi avata\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: varjotiedostoa ei voi uudelleenkirjoittaa\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: tiedoston lukkoa ei voi avata\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: tietuetta ei voi päivittää\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: varjotietuetta ei voi päivittää\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "tuntematon ryhmä: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: tiedosta ei voi avata\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: varjotiedostoa ei voi avata\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Kuka olet?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: tuntematon jäsen %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: virhe lisättäessä uutta ryhmätietuetta\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: ryhmätiedostoa ei voi uudelleenkirjoittaa\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: varjoryhmätiedostoa ei voi uudelleenkirjoittaa\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: ryhmätiedostoa ei voi lukita\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: ryhmätiedostoa ei voi avata\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: varjoryhmätiedostoa ei voi lukita\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: varjoryhmätiedostoa ei voi avata\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u ei ole ainutkertainen\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: virhe poistettaessa ryhmätietuetta\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: virhe poistettaessa varjoryhmätietuetta\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: käyttäjän ensisijaista ryhmää ei voi poistaa\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Poistettavaa jäsentä ei löytynyt\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr "Käyttö: groupmems -a tunnus | -d tunnus | -D | -l [-g ryhmännimi]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Vain pääkäyttäjä voi lisätä jäseniä eri ryhmiin\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Ryhmäoikeus vaaditaan\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Et ole nykyisen ryhmän ensisijainen omistaja\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "PAM-todennus epäonnistui\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Ryhmätiedostoa ei voi lukita\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Ryhmätiedostoa ei voi avata\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: Ryhmää %s ei löydy tiedostosta /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u ei ole ainutkertainen GID\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s ei ole ainutkertainen nimi\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: salasanatiedostoa ei voi uudelleenkirjoittaa\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: salasanatiedostoa ei voi lukita\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: salasanatiedostoa ei voi avata\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: varjotietuetta ryhmälle %s ei voi päivittää\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: ryhmän %s tietuetta ei voi päivittää\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: varjoryhmätiedostoa ei voi lukita\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: varjoryhmätiedostoa ei voi avata\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: varjoryhmää %s ei voi poistaa\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: varjoryhmätiedostoa ei voi päivittää\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: varjoryhmätiedostoa ei voi poistaa\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "tuntematon UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "tuntematon GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: ryhmää %s ei ole olemassa\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: käyttäjää %s ei ole olemassa\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: virheellinen käyttäjätunnus \"%s\"\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: tiedostoa /etc/passwd ei voi lukita.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: tiedostoa /etc/passwd ei voi lukita.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: tiedostoa /etc/passwd ei voi lukita.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: tiedostoa /etc/passwd ei voi lukita.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: tiedostoja ei voi avata\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: virhe päivitettäessä tiedostoja\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: salasanatietuetta %s ei voi päivittää\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: passwd-tiedostoa ei voi lukita\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: passwd-tiedostoa ei voi avata\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: varjotietuetta %s ei voi poistaa\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: salasanatiedostoa ei voi päivittää\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: käyttäjän %s tietuetta ei voi päivittää\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: varjosalasanatiedostoa ei voi poistaa\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: tuntematon GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: tuntematon ryhmä %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: muisti loppui funktiossa update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: salasanatiedostoa ei voi uudelleenkirjoittaa\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: varjosalasanatiedostoa ei voi uudelleenkirjoittaa\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: varjosalasanatiedostoa ei voi lukita\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: varjosalasanatiedostoa ei voi avata\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: virhe lukittaessa ryhmätiedostoa\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: virhe avattaessa ryhmätiedostoa\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: virhe lukittaessa varjoryhmätiedostoa\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: virhe avattaessa varjoryhmätiedostoa\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: virhe lisättäessä uutta salasanatietuetta\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: virhe lisättäessä uutta varjosalasanatietuetta\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: varoitus: CREATE_HOME ei tuettu, käytä -m sen sijaan.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: virhe päivitettäessä ryhmätietuetta\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: virhe päivitettäessä ryhmätietuetta\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: ryhmätiedostoa ei voi avata\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: varjoryhmätiedostoa ei voi avata\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: virhe poistettaessa salasanatietuetta\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: virhe poistettaessa varjosalasanatietuetta\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: virhe lisättäessä uutta ryhmätietuetta\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu ei ole ainutkertainen\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: virhe muutettaessa salasanatietuetta\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: virhe poistettaessa salasanatietuetta\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: virhe poistettaessa varjosalasanatietuetta\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: ei saa ainutkertaista GID:iä\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " päätteeltä \"%.100s\" osoitteesta \"%.200s\""
+
+#~ msgid " on '%.100s'"
+#~ msgstr " päätteeltä \"%.100s\""
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: rivi %d: UID:tä ei voi luoda\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: nimi %s ei ole ainutkertainen\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Käyttö: chgpasswd [valitsimet]\n"
+#~ "\n"
+#~ "Valitsimet:\n"
+#~ "  -e, --encrypted\tAnnetut salasanat ovat salakirjoitettuja\n"
+#~ "  -h, --help\t\tNäytä tämä ohje ja lopeta\n"
+#~ "  -m, --md5\t\tKäytä MD5:tä eikä DES:iä kun annetut salasanat\n"
+#~ "\t\t\teivät ole salakirjoitettuja\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Ei salasanatiedosto\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Pahoittelen.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Pahoittelen, käyttäjän %s salasanaa ei voi vaihtaa vielä.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Pahoittelen."
diff --git a/po/fr.po b/po/fr.po
new file mode 100644
index 0000000..8e91334
--- /dev/null
+++ b/po/fr.po
@@ -0,0 +1,11112 @@
+# translation of shadow-man.po to French
+# French translation of the shadow's man pages
+# Traduction des pages de manuel livrées avec shadow
+# Copyright (C) 2011-2013  Debian French l10n team <debian-l10n-french@lists.debian.org>
+#
+#     Certaines pages étaient déjà traduites:
+#       chpasswd: Amand Tihon <amand@alrj.org>
+#       faillog(5): Pascal Terjan <CMoi@tuxfamily.org>
+#
+# Nicolas FRANÇOIS <nicolas.francois@centraliens.net>, 2004-2009.
+# Jean-Luc Coulon <jean-luc.coulon@wanadoo.fr>, 2008.
+# ABBAS.B <abelkcem@hotmail.com>, 2009.
+#       chage: Olivier Marin, 2001.
+#       chsh, groups, passwd(1), passwd(5): Christophe Blaess, 1997.
+#       gpasswd: Maxime Mastin, 2001.
+#       shadow(5): Thierry Vignaud <tvignaud@mandrakesoft.com>, 1999.
+#       useradd: Frédéric Delanoy, 2000.
+# Christian Perrier <bubulle@debian.org>, 2009, 2012.
+# Thomas Blein <tblein@tblein.eu>, 2011, 2012, 2013, 2015.
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow-man-pages 4.0.18\n"
+"POT-Creation-Date: 2014-05-09 12:53+0200\n"
+"PO-Revision-Date: 2015-08-04 21:59+0200\n"
+"Last-Translator: Thomas Blein <tblein@tblein.eu>\n"
+"Language-Team: French <debian-l10n-french@lists.debian.org>\n"
+"Language: fr\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: Lokalize 1.5\n"
+"X-Poedit-Language: French\n"
+"X-Poedit-Country: FRANCE\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+
+#: vipw.8.xml:41(firstname) suauth.5.xml:39(firstname)
+#: pwconv.8.xml:45(firstname) login.access.5.xml:40(firstname)
+msgid "Marek"
+msgstr "Marek"
+
+#: vipw.8.xml:42(surname) suauth.5.xml:40(surname) pwconv.8.xml:46(surname)
+#: login.access.5.xml:41(surname)
+msgid "Michałkiewicz"
+msgstr "Michałkiewicz"
+
+#: vipw.8.xml:43(contrib) limits.5.xml:43(contrib)
+msgid "Creation, 1997"
+msgstr "Création, 1997"
+
+#: vipw.8.xml:46(firstname) usermod.8.xml:50(firstname)
+#: userdel.8.xml:50(firstname) useradd.8.xml:61(firstname)
+#: suauth.5.xml:44(firstname) su.1.xml:61(firstname) sg.1.xml:45(firstname)
+#: shadow.5.xml:44(firstname) shadow.3.xml:44(firstname)
+#: pwconv.8.xml:50(firstname) pwck.8.xml:50(firstname)
+#: porttime.5.xml:44(firstname) passwd.5.xml:44(firstname)
+#: passwd.1.xml:51(firstname) newusers.8.xml:59(firstname)
+#: newgrp.1.xml:45(firstname) logoutd.8.xml:44(firstname)
+#: login.defs.5.xml:109(firstname) login.access.5.xml:45(firstname)
+#: login.1.xml:77(firstname) limits.5.xml:46(firstname)
+#: lastlog.8.xml:45(firstname) grpck.8.xml:45(firstname)
+#: groups.1.xml:44(firstname) groupmod.8.xml:45(firstname)
+#: groupmems.8.xml:48(firstname) groupdel.8.xml:45(firstname)
+#: groupadd.8.xml:47(firstname) gpasswd.1.xml:49(firstname)
+#: faillog.8.xml:44(firstname) faillog.5.xml:44(firstname)
+#: expiry.1.xml:48(firstname) chsh.1.xml:47(firstname)
+#: chpasswd.8.xml:48(firstname) chgpasswd.8.xml:44(firstname)
+#: chfn.1.xml:47(firstname) chage.1.xml:45(firstname)
+msgid "Thomas"
+msgstr "Thomas"
+
+#: vipw.8.xml:47(surname) usermod.8.xml:51(surname) userdel.8.xml:51(surname)
+#: useradd.8.xml:62(surname) suauth.5.xml:45(surname) su.1.xml:62(surname)
+#: sg.1.xml:46(surname) shadow.5.xml:45(surname) shadow.3.xml:45(surname)
+#: pwconv.8.xml:51(surname) pwck.8.xml:51(surname) porttime.5.xml:45(surname)
+#: passwd.5.xml:45(surname) passwd.1.xml:52(surname)
+#: newusers.8.xml:60(surname) newgrp.1.xml:46(surname)
+#: logoutd.8.xml:45(surname) login.defs.5.xml:110(surname)
+#: login.access.5.xml:46(surname) login.1.xml:78(surname)
+#: limits.5.xml:47(surname) lastlog.8.xml:46(surname) grpck.8.xml:46(surname)
+#: groups.1.xml:45(surname) groupmod.8.xml:46(surname)
+#: groupmems.8.xml:49(surname) groupdel.8.xml:46(surname)
+#: groupadd.8.xml:48(surname) gpasswd.1.xml:50(surname)
+#: faillog.8.xml:45(surname) faillog.5.xml:45(surname)
+#: expiry.1.xml:49(surname) chsh.1.xml:48(surname) chpasswd.8.xml:49(surname)
+#: chgpasswd.8.xml:45(surname) chfn.1.xml:48(surname) chage.1.xml:46(surname)
+msgid "KÅ‚oczko"
+msgstr "KÅ‚oczko"
+
+#: vipw.8.xml:48(email) usermod.8.xml:52(email) userdel.8.xml:52(email)
+#: useradd.8.xml:63(email) suauth.5.xml:46(email) su.1.xml:63(email)
+#: sg.1.xml:47(email) shadow.5.xml:46(email) shadow.3.xml:46(email)
+#: pwconv.8.xml:52(email) pwck.8.xml:52(email) porttime.5.xml:46(email)
+#: passwd.5.xml:46(email) passwd.1.xml:53(email) newusers.8.xml:61(email)
+#: newgrp.1.xml:47(email) logoutd.8.xml:46(email) login.defs.5.xml:111(email)
+#: login.access.5.xml:47(email) login.1.xml:79(email) limits.5.xml:48(email)
+#: lastlog.8.xml:47(email) grpck.8.xml:47(email) groups.1.xml:46(email)
+#: groupmod.8.xml:47(email) groupmems.8.xml:50(email) groupdel.8.xml:47(email)
+#: groupadd.8.xml:49(email) gpasswd.1.xml:51(email) faillog.8.xml:46(email)
+#: faillog.5.xml:46(email) expiry.1.xml:50(email) chsh.1.xml:49(email)
+#: chpasswd.8.xml:50(email) chgpasswd.8.xml:46(email) chfn.1.xml:49(email)
+#: chage.1.xml:47(email)
+msgid "kloczek@pld.org.pl"
+msgstr "kloczek@pld.org.pl"
+
+#: vipw.8.xml:49(contrib) usermod.8.xml:53(contrib) userdel.8.xml:53(contrib)
+#: useradd.8.xml:64(contrib) suauth.5.xml:47(contrib) su.1.xml:64(contrib)
+#: sg.1.xml:48(contrib) shadow.5.xml:47(contrib) shadow.3.xml:47(contrib)
+#: pwconv.8.xml:53(contrib) pwck.8.xml:53(contrib) porttime.5.xml:47(contrib)
+#: passwd.5.xml:47(contrib) passwd.1.xml:54(contrib)
+#: newusers.8.xml:62(contrib) newgrp.1.xml:48(contrib)
+#: logoutd.8.xml:47(contrib) login.defs.5.xml:112(contrib)
+#: login.access.5.xml:48(contrib) login.1.xml:80(contrib)
+#: limits.5.xml:49(contrib) lastlog.8.xml:48(contrib) grpck.8.xml:48(contrib)
+#: groups.1.xml:47(contrib) groupmod.8.xml:48(contrib)
+#: groupmems.8.xml:51(contrib) groupdel.8.xml:48(contrib)
+#: groupadd.8.xml:50(contrib) gpasswd.1.xml:52(contrib)
+#: faillog.8.xml:47(contrib) faillog.5.xml:47(contrib)
+#: expiry.1.xml:51(contrib) chsh.1.xml:50(contrib) chpasswd.8.xml:51(contrib)
+#: chfn.1.xml:50(contrib) chage.1.xml:48(contrib)
+msgid "shadow-utils maintainer, 2000 - 2007"
+msgstr "Mainteneur de shadow-utils, 2000 - 2007"
+
+#: vipw.8.xml:52(firstname) usermod.8.xml:56(firstname)
+#: userdel.8.xml:56(firstname) useradd.8.xml:67(firstname)
+#: suauth.5.xml:50(firstname) su.1.xml:67(firstname) sg.1.xml:51(firstname)
+#: shadow.5.xml:50(firstname) shadow.3.xml:50(firstname)
+#: pwconv.8.xml:56(firstname) pwck.8.xml:56(firstname)
+#: porttime.5.xml:50(firstname) passwd.5.xml:50(firstname)
+#: passwd.1.xml:57(firstname) nologin.8.xml:39(firstname)
+#: newusers.8.xml:65(firstname) newgrp.1.xml:51(firstname)
+#: logoutd.8.xml:50(firstname) login.defs.5.xml:115(firstname)
+#: login.access.5.xml:51(firstname) login.1.xml:83(firstname)
+#: limits.5.xml:52(firstname) lastlog.8.xml:51(firstname)
+#: gshadow.5.xml:38(firstname) grpck.8.xml:51(firstname)
+#: groups.1.xml:50(firstname) groupmod.8.xml:51(firstname)
+#: groupmems.8.xml:54(firstname) groupdel.8.xml:51(firstname)
+#: groupadd.8.xml:53(firstname) gpasswd.1.xml:55(firstname)
+#: faillog.8.xml:50(firstname) faillog.5.xml:50(firstname)
+#: expiry.1.xml:54(firstname) chsh.1.xml:53(firstname)
+#: chpasswd.8.xml:54(firstname) chgpasswd.8.xml:50(firstname)
+#: chfn.1.xml:53(firstname) chage.1.xml:51(firstname)
+msgid "Nicolas"
+msgstr "Nicolas"
+
+#: vipw.8.xml:53(surname) usermod.8.xml:57(surname) userdel.8.xml:57(surname)
+#: useradd.8.xml:68(surname) suauth.5.xml:51(surname) su.1.xml:68(surname)
+#: sg.1.xml:52(surname) shadow.5.xml:51(surname) shadow.3.xml:51(surname)
+#: pwconv.8.xml:57(surname) pwck.8.xml:57(surname) porttime.5.xml:51(surname)
+#: passwd.5.xml:51(surname) passwd.1.xml:58(surname) nologin.8.xml:40(surname)
+#: newusers.8.xml:66(surname) newgrp.1.xml:52(surname)
+#: logoutd.8.xml:51(surname) login.defs.5.xml:116(surname)
+#: login.access.5.xml:52(surname) login.1.xml:84(surname)
+#: limits.5.xml:53(surname) lastlog.8.xml:52(surname)
+#: gshadow.5.xml:39(surname) grpck.8.xml:52(surname) groups.1.xml:51(surname)
+#: groupmod.8.xml:52(surname) groupmems.8.xml:55(surname)
+#: groupdel.8.xml:52(surname) groupadd.8.xml:54(surname)
+#: gpasswd.1.xml:56(surname) faillog.8.xml:51(surname)
+#: faillog.5.xml:51(surname) expiry.1.xml:55(surname) chsh.1.xml:54(surname)
+#: chpasswd.8.xml:55(surname) chgpasswd.8.xml:51(surname)
+#: chfn.1.xml:54(surname) chage.1.xml:52(surname)
+msgid "François"
+msgstr "François"
+
+#: vipw.8.xml:54(email) usermod.8.xml:58(email) userdel.8.xml:58(email)
+#: useradd.8.xml:69(email) suauth.5.xml:52(email) su.1.xml:69(email)
+#: sg.1.xml:53(email) shadow.5.xml:52(email) shadow.3.xml:52(email)
+#: pwconv.8.xml:58(email) pwck.8.xml:58(email) porttime.5.xml:52(email)
+#: passwd.5.xml:52(email) passwd.1.xml:59(email) nologin.8.xml:41(email)
+#: newusers.8.xml:67(email) newgrp.1.xml:53(email) logoutd.8.xml:52(email)
+#: login.defs.5.xml:117(email) login.access.5.xml:53(email)
+#: login.1.xml:85(email) limits.5.xml:54(email) lastlog.8.xml:53(email)
+#: gshadow.5.xml:40(email) grpck.8.xml:53(email) groups.1.xml:52(email)
+#: groupmod.8.xml:53(email) groupmems.8.xml:56(email) groupdel.8.xml:53(email)
+#: groupadd.8.xml:55(email) gpasswd.1.xml:57(email) faillog.8.xml:52(email)
+#: faillog.5.xml:52(email) expiry.1.xml:56(email) chsh.1.xml:55(email)
+#: chpasswd.8.xml:56(email) chgpasswd.8.xml:52(email) chfn.1.xml:55(email)
+#: chage.1.xml:53(email)
+msgid "nicolas.francois@centraliens.net"
+msgstr "nicolas.francois@centraliens.net"
+
+#: vipw.8.xml:55(contrib) usermod.8.xml:59(contrib) userdel.8.xml:59(contrib)
+#: useradd.8.xml:70(contrib) suauth.5.xml:53(contrib) su.1.xml:70(contrib)
+#: sg.1.xml:54(contrib) shadow.5.xml:53(contrib) shadow.3.xml:53(contrib)
+#: pwconv.8.xml:59(contrib) pwck.8.xml:59(contrib) porttime.5.xml:53(contrib)
+#: passwd.5.xml:53(contrib) passwd.1.xml:60(contrib) nologin.8.xml:42(contrib)
+#: newusers.8.xml:68(contrib) newgrp.1.xml:54(contrib)
+#: logoutd.8.xml:53(contrib) login.defs.5.xml:118(contrib)
+#: login.access.5.xml:54(contrib) login.1.xml:86(contrib)
+#: limits.5.xml:55(contrib) lastlog.8.xml:54(contrib)
+#: gshadow.5.xml:42(contrib) grpck.8.xml:54(contrib) groups.1.xml:53(contrib)
+#: groupmod.8.xml:54(contrib) groupmems.8.xml:57(contrib)
+#: groupdel.8.xml:54(contrib) groupadd.8.xml:56(contrib)
+#: gpasswd.1.xml:58(contrib) faillog.8.xml:53(contrib)
+#: faillog.5.xml:53(contrib) expiry.1.xml:57(contrib) chsh.1.xml:56(contrib)
+#: chpasswd.8.xml:57(contrib) chgpasswd.8.xml:53(contrib)
+#: chfn.1.xml:56(contrib) chage.1.xml:54(contrib)
+msgid "shadow-utils maintainer, 2007 - now"
+msgstr "Mainteneur de shadow-utils, 2007 - maintenant"
+
+#: vipw.8.xml:59(refentrytitle) vipw.8.xml:66(refname) vipw.8.xml:75(command)
+#: login.defs.5.xml:507(term)
+msgid "vipw"
+msgstr "vipw"
+
+#: vipw.8.xml:60(manvolnum) usermod.8.xml:64(manvolnum)
+#: userdel.8.xml:64(manvolnum) userdel.8.xml:259(replaceable)
+#: useradd.8.xml:75(manvolnum) pwconv.8.xml:64(manvolnum)
+#: pwck.8.xml:64(manvolnum) nologin.8.xml:47(manvolnum)
+#: newusers.8.xml:73(manvolnum) logoutd.8.xml:58(manvolnum)
+#: lastlog.8.xml:59(manvolnum) grpck.8.xml:59(manvolnum)
+#: groupmod.8.xml:59(manvolnum) groupmems.8.xml:62(manvolnum)
+#: groupdel.8.xml:59(manvolnum) groupdel.8.xml:181(replaceable)
+#: groupadd.8.xml:61(manvolnum) faillog.8.xml:58(manvolnum)
+#: faillog.5.xml:111(manvolnum) chpasswd.8.xml:62(manvolnum)
+#: chgpasswd.8.xml:58(manvolnum)
+msgid "8"
+msgstr "8"
+
+#: vipw.8.xml:61(refmiscinfo) usermod.8.xml:65(refmiscinfo)
+#: userdel.8.xml:65(refmiscinfo) useradd.8.xml:76(refmiscinfo)
+#: pwconv.8.xml:65(refmiscinfo) pwck.8.xml:65(refmiscinfo)
+#: nologin.8.xml:48(refmiscinfo) newusers.8.xml:74(refmiscinfo)
+#: logoutd.8.xml:59(refmiscinfo) lastlog.8.xml:60(refmiscinfo)
+#: grpck.8.xml:60(refmiscinfo) groupmod.8.xml:60(refmiscinfo)
+#: groupmems.8.xml:63(refmiscinfo) groupdel.8.xml:60(refmiscinfo)
+#: groupadd.8.xml:62(refmiscinfo) faillog.8.xml:59(refmiscinfo)
+#: chpasswd.8.xml:63(refmiscinfo) chgpasswd.8.xml:59(refmiscinfo)
+msgid "System Management Commands"
+msgstr "Commandes de gestion du système"
+
+#: vipw.8.xml:62(refmiscinfo) usermod.8.xml:66(refmiscinfo)
+#: userdel.8.xml:66(refmiscinfo) useradd.8.xml:77(refmiscinfo)
+#: suauth.5.xml:60(refmiscinfo) su.1.xml:77(refmiscinfo)
+#: sg.1.xml:61(refmiscinfo) shadow.5.xml:60(refmiscinfo)
+#: shadow.3.xml:60(refmiscinfo) pwconv.8.xml:66(refmiscinfo)
+#: pwck.8.xml:66(refmiscinfo) porttime.5.xml:60(refmiscinfo)
+#: passwd.5.xml:60(refmiscinfo) passwd.1.xml:67(refmiscinfo)
+#: nologin.8.xml:49(refmiscinfo) newusers.8.xml:75(refmiscinfo)
+#: newgrp.1.xml:61(refmiscinfo) logoutd.8.xml:60(refmiscinfo)
+#: login.defs.5.xml:125(refmiscinfo) login.access.5.xml:61(refmiscinfo)
+#: login.1.xml:93(refmiscinfo) limits.5.xml:62(refmiscinfo)
+#: lastlog.8.xml:61(refmiscinfo) gshadow.5.xml:49(refmiscinfo)
+#: grpck.8.xml:61(refmiscinfo) groups.1.xml:60(refmiscinfo)
+#: groupmod.8.xml:61(refmiscinfo) groupmems.8.xml:64(refmiscinfo)
+#: groupdel.8.xml:61(refmiscinfo) groupadd.8.xml:63(refmiscinfo)
+#: gpasswd.1.xml:65(refmiscinfo) faillog.8.xml:60(refmiscinfo)
+#: faillog.5.xml:60(refmiscinfo) expiry.1.xml:64(refmiscinfo)
+#: chsh.1.xml:63(refmiscinfo) chpasswd.8.xml:64(refmiscinfo)
+#: chgpasswd.8.xml:60(refmiscinfo) chfn.1.xml:63(refmiscinfo)
+#: chage.1.xml:61(refmiscinfo)
+msgid "shadow-utils"
+msgstr "shadow-utils"
+
+#: vipw.8.xml:67(refname) vipw.8.xml:81(command)
+msgid "vigr"
+msgstr "vigr"
+
+#: vipw.8.xml:68(refpurpose)
+msgid "edit the password, group, shadow-password or shadow-group file"
+msgstr "Éditer les fichiers passwd, group, shadow ou gshadow"
+
+#: vipw.8.xml:77(replaceable) vipw.8.xml:83(replaceable)
+#: usermod.8.xml:78(replaceable) userdel.8.xml:76(arg)
+#: useradd.8.xml:88(replaceable) useradd.8.xml:100(replaceable)
+#: su.1.xml:88(replaceable) pwconv.8.xml:81(replaceable)
+#: pwconv.8.xml:87(replaceable) pwconv.8.xml:93(replaceable)
+#: pwconv.8.xml:99(replaceable) pwck.8.xml:77(arg)
+#: passwd.1.xml:79(replaceable) newusers.8.xml:87(replaceable)
+#: lastlog.8.xml:73(replaceable) grpck.8.xml:72(arg)
+#: groupmod.8.xml:73(replaceable) groupdel.8.xml:73(replaceable)
+#: groupadd.8.xml:75(replaceable) faillog.8.xml:72(replaceable)
+#: chsh.1.xml:75(replaceable) chpasswd.8.xml:76(replaceable)
+#: chgpasswd.8.xml:72(replaceable) chfn.1.xml:75(replaceable)
+#: chage.1.xml:72(replaceable)
+msgid "options"
+msgstr "options"
+
+#: vipw.8.xml:89(title) usermod.8.xml:85(title) userdel.8.xml:84(title)
+#: useradd.8.xml:106(title) suauth.5.xml:75(title) su.1.xml:99(title)
+#: sg.1.xml:81(title) shadow.5.xml:69(title) shadow.3.xml:118(title)
+#: shadow.3.xml:174(title) pwconv.8.xml:105(title) pwck.8.xml:92(title)
+#: porttime.5.xml:69(title) passwd.5.xml:69(title) passwd.1.xml:88(title)
+#: nologin.8.xml:64(title) newusers.8.xml:96(title) newgrp.1.xml:77(title)
+#: logoutd.8.xml:75(title) login.defs.5.xml:134(title)
+#: login.access.5.xml:70(title) login.1.xml:125(title) limits.5.xml:72(title)
+#: lastlog.8.xml:79(title) gshadow.5.xml:58(title) grpck.8.xml:83(title)
+#: groups.1.xml:78(title) groupmod.8.xml:80(title) groupmems.8.xml:85(title)
+#: groupdel.8.xml:80(title) groupadd.8.xml:84(title) gpasswd.1.xml:94(title)
+#: faillog.8.xml:78(title) faillog.5.xml:69(title) expiry.1.xml:82(title)
+#: chsh.1.xml:84(title) chpasswd.8.xml:82(title) chgpasswd.8.xml:78(title)
+#: chfn.1.xml:84(title) chage.1.xml:81(title)
+msgid "DESCRIPTION"
+msgstr "DESCRIPTION"
+
+#: vipw.8.xml:90(para)
+msgid ""
+"The <command>vipw</command> and <command>vigr</command> commands edits the "
+"files <filename>/etc/passwd</filename> and <filename>/etc/group</filename>, "
+"respectively. With the <option>-s</option> flag, they will edit the shadow "
+"versions of those files, <filename>/etc/shadow</filename> and <filename>/etc/"
+"gshadow</filename>, respectively. The programs will set the appropriate "
+"locks to prevent file corruption. When looking for an editor, the programs "
+"will first try the environment variable <envar>$VISUAL</envar>, then the "
+"environment variable <envar>$EDITOR</envar>, and finally the default editor, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<command>vipw</command> et <command>vigr</command> permettent de modifier "
+"les fichiers <filename>/etc/passwd</filename> et <filename>/etc/group</"
+"filename>, respectivement. Avec l'option <option>-s</option>, ils permettent "
+"d'éditer les versions cachées de ces fichiers : <filename>/etc/shadow</"
+"filename> et <filename>/etc/gshadow</filename>, respectivement. Ces "
+"programmes placent les verrous nécessaires afin d'éviter toute corruption "
+"des fichiers. L'éditeur utilisé est choisi d'abord en fonction de la "
+"variable d'environnement <envar>$VISUAL</envar>, puis de la variable "
+"d'environnement <envar>$EDITOR</envar>. À défaut, l'éditeur, "
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> est utilisé quand ces variables ne sont pas définies."
+
+#: vipw.8.xml:107(title) usermod.8.xml:93(title) userdel.8.xml:93(title)
+#: useradd.8.xml:124(title) su.1.xml:145(title) pwconv.8.xml:187(title)
+#: pwck.8.xml:176(title) passwd.1.xml:174(title) newusers.8.xml:265(title)
+#: login.1.xml:210(title) lastlog.8.xml:91(title) grpck.8.xml:147(title)
+#: groupmod.8.xml:89(title) groupmems.8.xml:100(title)
+#: groupdel.8.xml:88(title) groupadd.8.xml:93(title) gpasswd.1.xml:134(title)
+#: faillog.8.xml:89(title) expiry.1.xml:91(title) chsh.1.xml:95(title)
+#: chpasswd.8.xml:130(title) chgpasswd.8.xml:105(title) chfn.1.xml:111(title)
+#: chage.1.xml:91(title)
+msgid "OPTIONS"
+msgstr "OPTIONS"
+
+#: vipw.8.xml:108(para)
+msgid ""
+"The options which apply to the <command>vipw</command> and <command>vigr</"
+"command> commands are:"
+msgstr ""
+"Les options applicables aux commandes <command>vipw</command> et "
+"<command>vigr</command> sont :"
+
+#: vipw.8.xml:114(term)
+msgid "<option>-g</option>, <option>--group</option>"
+msgstr "<option>-g</option>, <option>--group</option>"
+
+#: vipw.8.xml:116(para)
+msgid "Edit group database."
+msgstr "Éditer la base de données de groupes."
+
+#: vipw.8.xml:120(term) userdel.8.xml:123(term) useradd.8.xml:266(term)
+#: pwconv.8.xml:195(term) pwck.8.xml:186(term) passwd.1.xml:214(term)
+#: newusers.8.xml:283(term) lastlog.8.xml:107(term) grpck.8.xml:157(term)
+#: groupmod.8.xml:129(term) groupmems.8.xml:142(term) groupdel.8.xml:95(term)
+#: groupadd.8.xml:131(term) gpasswd.1.xml:173(term) faillog.8.xml:122(term)
+#: expiry.1.xml:112(term) chsh.1.xml:101(term) chpasswd.8.xml:171(term)
+#: chgpasswd.8.xml:131(term) chage.1.xml:129(term)
+msgid "<option>-h</option>, <option>--help</option>"
+msgstr "<option>-h</option>, <option>--help</option>"
+
+#: vipw.8.xml:122(para) userdel.8.xml:125(para) useradd.8.xml:268(para)
+#: pwconv.8.xml:197(para) pwck.8.xml:188(para) passwd.1.xml:216(para)
+#: newusers.8.xml:285(para) lastlog.8.xml:111(para) grpck.8.xml:159(para)
+#: groupmod.8.xml:131(para) groupmems.8.xml:144(para) groupdel.8.xml:97(para)
+#: groupadd.8.xml:133(para) gpasswd.1.xml:175(para) faillog.8.xml:124(para)
+#: expiry.1.xml:114(para) chsh.1.xml:103(para) chpasswd.8.xml:173(para)
+#: chgpasswd.8.xml:133(para) chfn.1.xml:169(para) chage.1.xml:131(para)
+msgid "Display help message and exit."
+msgstr "Afficher un message d'aide et quitter."
+
+#: vipw.8.xml:126(term)
+msgid "<option>-p</option>, <option>--passwd</option>"
+msgstr "<option>-p</option>, <option>--passwd</option>"
+
+#: vipw.8.xml:128(para)
+msgid "Edit passwd database."
+msgstr "Éditer la base de données passwd."
+
+#: vipw.8.xml:132(term) pwck.8.xml:192(term) passwd.1.xml:281(term)
+msgid "<option>-q</option>, <option>--quiet</option>"
+msgstr "<option>-q</option>, <option>--quiet</option>"
+
+#: vipw.8.xml:134(para) passwd.1.xml:285(para)
+msgid "Quiet mode."
+msgstr "Mode silencieux."
+
+#: vipw.8.xml:138(term) usermod.8.xml:311(term) userdel.8.xml:146(term)
+#: useradd.8.xml:445(term) pwconv.8.xml:201(term) pwck.8.xml:209(term)
+#: passwd.1.xml:301(term) newusers.8.xml:308(term) lastlog.8.xml:115(term)
+#: grpck.8.xml:173(term) groupmod.8.xml:178(term) groupmems.8.xml:165(term)
+#: groupdel.8.xml:101(term) groupadd.8.xml:204(term) faillog.8.xml:180(term)
+#: chsh.1.xml:107(term) chpasswd.8.xml:188(term) chgpasswd.8.xml:146(term)
+#: chfn.1.xml:153(term) chage.1.xml:197(term)
+#| msgid ""
+#| "<option>-R</option>, <option>--root</option><replaceable>CHROOT_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-R</option>, <option>--root</option>&nbsp;<replaceable>RÉP_CHROOT</"
+"replaceable>"
+
+#: vipw.8.xml:142(para) usermod.8.xml:315(para) userdel.8.xml:150(para)
+#: useradd.8.xml:449(para) pwconv.8.xml:205(para) pwck.8.xml:213(para)
+#: passwd.1.xml:305(para) newusers.8.xml:312(para) lastlog.8.xml:119(para)
+#: grpck.8.xml:177(para) groupmod.8.xml:182(para) groupmems.8.xml:169(para)
+#: groupdel.8.xml:105(para) groupadd.8.xml:208(para) gpasswd.1.xml:185(para)
+#: faillog.8.xml:184(para) chsh.1.xml:111(para) chpasswd.8.xml:192(para)
+#: chgpasswd.8.xml:150(para) chfn.1.xml:157(para) chage.1.xml:201(para)
+msgid ""
+"Apply changes in the <replaceable>CHROOT_DIR</replaceable> directory and use "
+"the configuration files from the <replaceable>CHROOT_DIR</replaceable> "
+"directory."
+msgstr ""
+"Appliquer les changements dans le répertoire <replaceable>RÉP_CHROOT</"
+"replaceable> et utiliser les fichiers de configuration du répertoire "
+"<replaceable>RÉP_CHROOT</replaceable>."
+
+#: vipw.8.xml:150(term)
+msgid "<option>-s</option>, <option>--shadow</option>"
+msgstr "<option>-s</option>, <option>--shadow</option>"
+
+#: vipw.8.xml:152(para)
+msgid "Edit shadow or gshadow database."
+msgstr "Éditer les bases de données shadow ou gshadow."
+
+#: vipw.8.xml:156(term)
+msgid "<option>-u</option>, <option>--user</option>"
+msgstr "<option>-u</option>, <option>--user</option>"
+
+#: vipw.8.xml:158(para)
+msgid "Indicates which user's tcb shadow file to edit."
+msgstr "Indique l'utilisateur dont le fichier shadow de tcb doit être édité."
+
+#: vipw.8.xml:165(title) usermod.8.xml:497(title) userdel.8.xml:171(title)
+#: useradd.8.xml:647(title) su.1.xml:339(title) sg.1.xml:98(title)
+#: pwconv.8.xml:227(title) pwck.8.xml:252(title) passwd.1.xml:390(title)
+#: newusers.8.xml:362(title) newgrp.1.xml:109(title) login.1.xml:294(title)
+#: grpck.8.xml:209(title) groupmod.8.xml:193(title) groupmems.8.xml:199(title)
+#: groupdel.8.xml:128(title) groupadd.8.xml:219(title)
+#: gpasswd.1.xml:264(title) chsh.1.xml:154(title) chpasswd.8.xml:239(title)
+#: chgpasswd.8.xml:198(title) chfn.1.xml:193(title) chage.1.xml:244(title)
+msgid "CONFIGURATION"
+msgstr "CONFIGURATION"
+
+#: vipw.8.xml:166(para) usermod.8.xml:498(para) userdel.8.xml:172(para)
+#: useradd.8.xml:648(para) su.1.xml:340(para) sg.1.xml:99(para)
+#: pwck.8.xml:253(para) passwd.1.xml:391(para) newusers.8.xml:363(para)
+#: newgrp.1.xml:110(para) login.1.xml:295(para) grpck.8.xml:210(para)
+#: groupmod.8.xml:194(para) groupmems.8.xml:200(para) groupdel.8.xml:129(para)
+#: groupadd.8.xml:220(para) gpasswd.1.xml:265(para) chsh.1.xml:155(para)
+#: chpasswd.8.xml:240(para) chgpasswd.8.xml:199(para) chfn.1.xml:194(para)
+#: chage.1.xml:245(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of this tool:"
+msgstr ""
+"Les variables de configuration suivantes dans <filename>/etc/login.defs</"
+"filename> modifient le comportement de cet outil :"
+
+#: vipw.8.xml:30(term) usermod.8.xml:30(term) userdel.8.xml:30(term)
+#: useradd.8.xml:30(term) pwconv.8.xml:30(term) pwck.8.xml:30(term)
+#: login.defs.5.xml:30(term) chage.1.xml:30(term)
+msgid "<option>USE_TCB</option> (boolean)"
+msgstr "<option>USE_TCB</option> (booléen)"
+
+#: vipw.8.xml:32(para) usermod.8.xml:32(para) userdel.8.xml:32(para)
+#: useradd.8.xml:32(para) pwconv.8.xml:32(para) pwck.8.xml:32(para)
+#: login.defs.5.xml:32(para) chage.1.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <citerefentry><refentrytitle>tcb</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> password shadowing "
+"scheme will be used."
+msgstr ""
+"Si <replaceable>yes</replaceable> (« oui »), le schéma de mot de passe "
+"shadow de <citerefentry><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> sera utilisé."
+
+#: vipw.8.xml:177(title)
+msgid "ENVIRONMENT"
+msgstr "ENVIRONNEMENT"
+
+#: vipw.8.xml:180(option)
+msgid "VISUAL"
+msgstr "VISUAL"
+
+#: vipw.8.xml:182(para)
+msgid "Editor to be used."
+msgstr "L'éditeur à utiliser"
+
+#: vipw.8.xml:186(option)
+msgid "EDITOR"
+msgstr "EDITOR"
+
+#: vipw.8.xml:188(para)
+msgid "Editor to be used if <option>VISUAL</option> is not set."
+msgstr "L'éditeur à utiliser si <option>VISUAL</option> n'est pas définie."
+
+#: vipw.8.xml:195(title) usermod.8.xml:514(title) userdel.8.xml:188(title)
+#: useradd.8.xml:675(title) suauth.5.xml:193(title) su.1.xml:367(title)
+#: sg.1.xml:110(title) shadow.5.xml:255(title) shadow.3.xml:226(title)
+#: pwconv.8.xml:250(title) pwck.8.xml:269(title) porttime.5.xml:130(title)
+#: passwd.5.xml:141(title) passwd.1.xml:408(title) newusers.8.xml:397(title)
+#: newgrp.1.xml:121(title) logoutd.8.xml:89(title)
+#: login.access.5.xml:121(title) login.1.xml:338(title)
+#: limits.5.xml:196(title) lastlog.8.xml:182(title) gshadow.5.xml:156(title)
+#: grpck.8.xml:221(title) groups.1.xml:100(title) groupmod.8.xml:205(title)
+#: groupmems.8.xml:211(title) groupdel.8.xml:140(title)
+#: groupadd.8.xml:233(title) gpasswd.1.xml:279(title) faillog.8.xml:243(title)
+#: faillog.5.xml:96(title) expiry.1.xml:121(title) chsh.1.xml:167(title)
+#: chpasswd.8.xml:255(title) chgpasswd.8.xml:213(title) chfn.1.xml:207(title)
+#: chage.1.xml:256(title)
+msgid "FILES"
+msgstr "FICHIERS"
+
+#: vipw.8.xml:198(filename) usermod.8.xml:517(filename)
+#: userdel.8.xml:191(filename) useradd.8.xml:690(filename)
+#: sg.1.xml:125(filename) pwck.8.xml:272(filename)
+#: newusers.8.xml:412(filename) newgrp.1.xml:136(filename)
+#: gshadow.5.xml:159(filename) grpck.8.xml:224(filename)
+#: groups.1.xml:103(filename) groupmod.8.xml:208(filename)
+#: groupmems.8.xml:214(filename) groupdel.8.xml:143(filename)
+#: groupadd.8.xml:236(filename) gpasswd.1.xml:72(filename)
+#: gpasswd.1.xml:75(filename) gpasswd.1.xml:282(filename)
+#: chgpasswd.8.xml:216(filename)
+msgid "/etc/group"
+msgstr "/etc/group"
+
+#: vipw.8.xml:200(para) usermod.8.xml:519(para) userdel.8.xml:193(para)
+#: useradd.8.xml:692(para) sg.1.xml:127(para) pwck.8.xml:274(para)
+#: newusers.8.xml:414(para) newgrp.1.xml:138(para) gshadow.5.xml:161(para)
+#: grpck.8.xml:226(para) groups.1.xml:105(para) groupmod.8.xml:210(para)
+#: groupmems.8.xml:216(para) groupdel.8.xml:145(para) groupadd.8.xml:238(para)
+#: gpasswd.1.xml:284(para) chgpasswd.8.xml:218(para)
+msgid "Group account information."
+msgstr "Informations sur les groupes."
+
+#: vipw.8.xml:204(filename) usermod.8.xml:523(filename)
+#: useradd.8.xml:696(filename) sg.1.xml:131(filename)
+#: newusers.8.xml:418(filename) newgrp.1.xml:142(filename)
+#: gshadow.5.xml:165(filename) grpck.8.xml:230(filename)
+#: groupmod.8.xml:214(filename) groupmems.8.xml:220(filename)
+#: groupdel.8.xml:149(filename) groupadd.8.xml:242(filename)
+#: gpasswd.1.xml:76(filename) gpasswd.1.xml:288(filename)
+#: chgpasswd.8.xml:222(filename)
+msgid "/etc/gshadow"
+msgstr "/etc/gshadow"
+
+#: vipw.8.xml:206(para) usermod.8.xml:525(para) useradd.8.xml:698(para)
+#: sg.1.xml:133(para) newusers.8.xml:420(para) newgrp.1.xml:144(para)
+#: gshadow.5.xml:167(para) grpck.8.xml:232(para) groupmod.8.xml:216(para)
+#: groupdel.8.xml:151(para) groupadd.8.xml:244(para) gpasswd.1.xml:290(para)
+#: chgpasswd.8.xml:224(para)
+msgid "Secure group account information."
+msgstr "Informations sécurisées sur les groupes."
+
+#: vipw.8.xml:210(filename) usermod.8.xml:535(filename)
+#: userdel.8.xml:203(filename) useradd.8.xml:678(filename)
+#: su.1.xml:370(filename) sg.1.xml:113(filename) shadow.5.xml:258(filename)
+#: pwck.8.xml:278(filename) passwd.5.xml:144(filename)
+#: passwd.1.xml:411(filename) newusers.8.xml:400(filename)
+#: newgrp.1.xml:124(filename) login.1.xml:353(filename)
+#: grpck.8.xml:236(filename) groupmod.8.xml:226(filename)
+#: expiry.1.xml:124(filename) chsh.1.xml:170(filename)
+#: chpasswd.8.xml:258(filename) chfn.1.xml:216(filename)
+#: chage.1.xml:260(filename)
+msgid "/etc/passwd"
+msgstr "/etc/passwd"
+
+#: vipw.8.xml:212(para) usermod.8.xml:537(para) userdel.8.xml:205(para)
+#: useradd.8.xml:680(para) su.1.xml:372(para) sg.1.xml:115(para)
+#: shadow.5.xml:260(para) pwck.8.xml:280(para) passwd.5.xml:146(para)
+#: passwd.1.xml:413(para) newusers.8.xml:402(para) newgrp.1.xml:126(para)
+#: login.1.xml:355(para) grpck.8.xml:238(para) groupmod.8.xml:228(para)
+#: expiry.1.xml:126(para) chsh.1.xml:172(para) chpasswd.8.xml:260(para)
+#: chfn.1.xml:218(para) chage.1.xml:263(para)
+msgid "User account information."
+msgstr "Informations sur les comptes des utilisateurs."
+
+#: vipw.8.xml:216(filename) usermod.8.xml:541(filename)
+#: userdel.8.xml:209(filename) useradd.8.xml:684(filename)
+#: su.1.xml:376(filename) sg.1.xml:119(filename) shadow.5.xml:264(filename)
+#: shadow.3.xml:229(filename) pwck.8.xml:284(filename)
+#: passwd.5.xml:150(filename) passwd.1.xml:417(filename)
+#: newusers.8.xml:406(filename) newgrp.1.xml:130(filename)
+#: login.1.xml:359(filename) expiry.1.xml:130(filename)
+#: chpasswd.8.xml:264(filename) chage.1.xml:268(filename)
+msgid "/etc/shadow"
+msgstr "/etc/shadow"
+
+#: vipw.8.xml:218(para) usermod.8.xml:543(para) userdel.8.xml:211(para)
+#: useradd.8.xml:686(para) su.1.xml:378(para) sg.1.xml:121(para)
+#: shadow.5.xml:266(para) shadow.3.xml:231(para) pwck.8.xml:286(para)
+#: passwd.1.xml:419(para) newusers.8.xml:408(para) newgrp.1.xml:132(para)
+#: login.1.xml:361(para) expiry.1.xml:132(para) chpasswd.8.xml:266(para)
+#: chage.1.xml:271(para)
+msgid "Secure user account information."
+msgstr "Informations sécurisées sur les comptes utilisateurs."
+
+#: vipw.8.xml:225(title) usermod.8.xml:562(title) userdel.8.xml:308(title)
+#: useradd.8.xml:804(title) suauth.5.xml:222(title) su.1.xml:438(title)
+#: sg.1.xml:140(title) shadow.5.xml:283(title) shadow.3.xml:238(title)
+#: pwconv.8.xml:262(title) pwck.8.xml:344(title) porttime.5.xml:142(title)
+#: passwd.5.xml:169(title) passwd.1.xml:489(title) nologin.8.xml:78(title)
+#: newusers.8.xml:451(title) newgrp.1.xml:151(title)
+#: login.defs.5.xml:534(title) login.access.5.xml:133(title)
+#: login.1.xml:398(title) limits.5.xml:206(title) gshadow.5.xml:174(title)
+#: grpck.8.xml:290(title) groups.1.xml:112(title) groupmod.8.xml:286(title)
+#: groupmems.8.xml:229(title) groupdel.8.xml:197(title)
+#: groupadd.8.xml:324(title) gpasswd.1.xml:297(title) faillog.8.xml:255(title)
+#: faillog.5.xml:108(title) expiry.1.xml:139(title) chsh.1.xml:191(title)
+#: chpasswd.8.xml:285(title) chgpasswd.8.xml:237(title) chfn.1.xml:225(title)
+#: chage.1.xml:311(title)
+msgid "SEE ALSO"
+msgstr "VOIR AUSSI"
+
+#: vipw.8.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry><citerefentry condition=\"tcb"
+"\"><refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry "
+"condition=\"tcb\"><refentrytitle>tcb</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: usermod.8.xml:45(firstname) userdel.8.xml:45(firstname)
+#: useradd.8.xml:56(firstname) su.1.xml:56(firstname) sg.1.xml:40(firstname)
+#: shadow.5.xml:39(firstname) shadow.3.xml:39(firstname)
+#: pwck.8.xml:45(firstname) porttime.5.xml:39(firstname)
+#: passwd.5.xml:39(firstname) passwd.1.xml:46(firstname)
+#: newusers.8.xml:54(firstname) newgrp.1.xml:40(firstname)
+#: logoutd.8.xml:39(firstname) login.defs.5.xml:104(firstname)
+#: login.1.xml:72(firstname) lastlog.8.xml:40(firstname)
+#: grpck.8.xml:40(firstname) groups.1.xml:39(firstname)
+#: groupmod.8.xml:40(firstname) groupdel.8.xml:40(firstname)
+#: groupadd.8.xml:42(firstname) faillog.8.xml:39(firstname)
+#: faillog.5.xml:39(firstname) expiry.1.xml:43(firstname)
+#: chsh.1.xml:42(firstname) chpasswd.8.xml:43(firstname)
+#: chfn.1.xml:42(firstname) chage.1.xml:40(firstname)
+msgid "Julianne Frances"
+msgstr "Julianne Frances"
+
+#: usermod.8.xml:46(surname) userdel.8.xml:46(surname)
+#: useradd.8.xml:57(surname) su.1.xml:57(surname) sg.1.xml:41(surname)
+#: shadow.5.xml:40(surname) shadow.3.xml:40(surname) pwck.8.xml:46(surname)
+#: porttime.5.xml:40(surname) passwd.5.xml:40(surname)
+#: passwd.1.xml:47(surname) newusers.8.xml:55(surname)
+#: newgrp.1.xml:41(surname) logoutd.8.xml:40(surname)
+#: login.defs.5.xml:105(surname) login.1.xml:73(surname)
+#: lastlog.8.xml:41(surname) grpck.8.xml:41(surname) groups.1.xml:40(surname)
+#: groupmod.8.xml:41(surname) groupdel.8.xml:41(surname)
+#: groupadd.8.xml:43(surname) faillog.8.xml:40(surname)
+#: faillog.5.xml:40(surname) expiry.1.xml:44(surname) chsh.1.xml:43(surname)
+#: chpasswd.8.xml:44(surname) chfn.1.xml:43(surname) chage.1.xml:41(surname)
+msgid "Haugh"
+msgstr "Haugh"
+
+#: usermod.8.xml:47(contrib) userdel.8.xml:47(contrib)
+#: useradd.8.xml:58(contrib) sg.1.xml:42(contrib) newusers.8.xml:56(contrib)
+#: newgrp.1.xml:42(contrib) logoutd.8.xml:41(contrib)
+#: login.defs.5.xml:106(contrib) groups.1.xml:41(contrib)
+#: groupmod.8.xml:42(contrib) groupdel.8.xml:42(contrib)
+#: groupadd.8.xml:44(contrib) chpasswd.8.xml:45(contrib)
+msgid "Creation, 1991"
+msgstr "Création, 1991"
+
+#: usermod.8.xml:63(refentrytitle) usermod.8.xml:70(refname)
+#: usermod.8.xml:76(command) login.defs.5.xml:498(term)
+msgid "usermod"
+msgstr "usermod"
+
+#: usermod.8.xml:71(refpurpose)
+msgid "modify a user account"
+msgstr "Modifier un compte utilisateur"
+
+#: usermod.8.xml:80(replaceable) userdel.8.xml:78(replaceable)
+#: useradd.8.xml:90(replaceable) passwd.1.xml:82(replaceable)
+#: chsh.1.xml:78(replaceable) chfn.1.xml:78(replaceable)
+#: chage.1.xml:75(replaceable)
+msgid "LOGIN"
+msgstr "LOGIN"
+
+#: usermod.8.xml:86(para)
+msgid ""
+"The <command>usermod</command> command modifies the system account files to "
+"reflect the changes that are specified on the command line."
+msgstr ""
+"La commande <command>usermod</command> modifie les fichiers d'administration "
+"des comptes du système selon les modifications qui ont été indiquées sur la "
+"ligne de commande."
+
+#: usermod.8.xml:94(para)
+msgid "The options which apply to the <command>usermod</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>usermod</command> sont :"
+
+#: usermod.8.xml:100(term)
+msgid "<option>-a</option>, <option>--append</option>"
+msgstr "<option>-a</option>, <option>--append</option>"
+
+#: usermod.8.xml:104(para)
+msgid ""
+"Add the user to the supplementary group(s). Use only with the <option>-G</"
+"option> option."
+msgstr ""
+"Ajouter l'utilisateur aux groupes supplémentaires. N'utilisez cette option "
+"qu'avec l'option <option>-G</option>."
+
+#: usermod.8.xml:111(term) useradd.8.xml:150(term)
+#| msgid ""
+#| "<option>-c</option>, <option>--comment</option><replaceable>COMMENT</"
+#| "replaceable>"
+msgid ""
+"<option>-c</option>, <option>--comment</option>&nbsp;<replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--comment</option>&nbsp;"
+"<replaceable>COMMENTAIRE</replaceable>"
+
+#: usermod.8.xml:115(para)
+msgid ""
+"The new value of the user's password file comment field. It is normally "
+"modified using the <citerefentry><refentrytitle>chfn</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> utility."
+msgstr ""
+"La nouvelle valeur du champ de commentaire du fichier de mots de passe pour "
+"l'utilisateur. Il est normalement modifié en utilisant l'utilitaire "
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: usermod.8.xml:124(term)
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option><replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>RÉP_PERSO</"
+"replaceable>"
+
+#: usermod.8.xml:128(para)
+msgid "The user's new login directory."
+msgstr "Le nouveau répertoire personnel de l'utilisateur."
+
+#: usermod.8.xml:131(para)
+msgid ""
+"If the <option>-m</option> option is given, the contents of the current home "
+"directory will be moved to the new home directory, which is created if it "
+"does not already exist."
+msgstr ""
+"Si l'option <option>-m</option> est fournie, le contenu du répertoire "
+"personnel actuel sera déplacé dans le nouveau répertoire personnel, qui sera "
+"créé si nécessaire."
+
+#: usermod.8.xml:140(term) useradd.8.xml:188(term) useradd.8.xml:548(term)
+#| msgid ""
+#| "<option>-e</option>, <option>--expiredate</"
+#| "option><replaceable>EXPIRE_DATE</replaceable>"
+msgid ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-e</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable>"
+
+#: usermod.8.xml:144(para) useradd.8.xml:192(para)
+msgid ""
+"The date on which the user account will be disabled. The date is specified "
+"in the format <emphasis remap=\"I\">YYYY-MM-DD</emphasis>."
+msgstr ""
+"Date à laquelle le compte utilisateur sera désactivé. La date est indiquée "
+"dans le format <emphasis remap=\"I\">AAAA-MM-JJ</emphasis>."
+
+#: usermod.8.xml:148(para)
+msgid ""
+"An empty <replaceable>EXPIRE_DATE</replaceable> argument will disable the "
+"expiration of the account."
+msgstr ""
+"Un paramètre <replaceable>DATE_FIN_VALIDITÉ</replaceable> vide désactivera "
+"l'expiration du compte."
+
+#: usermod.8.xml:152(para) usermod.8.xml:173(para)
+msgid ""
+"This option requires a <filename>/etc/shadow</filename> file. A <filename>/"
+"etc/shadow</filename> entry will be created if there were none."
+msgstr ""
+"Cette option nécessite un fichier <filename>/etc/shadow</filename>. Une "
+"entrée <filename>/etc/shadow</filename> sera créée si il n'y en avait pas."
+
+#: usermod.8.xml:160(term) useradd.8.xml:205(term) useradd.8.xml:560(term)
+#| msgid ""
+#| "<option>-f</option>, <option>--inactive</option><replaceable>INACTIVE</"
+#| "replaceable>"
+msgid ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>DURÉE_INACTIVITÉ</replaceable>"
+
+#: usermod.8.xml:164(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled."
+msgstr ""
+"Nombre de jours suivant la fin de validité d'un mot de passe après lequel le "
+"compte est définitivement désactivé."
+
+#: usermod.8.xml:168(para)
+msgid ""
+"A value of 0 disables the account as soon as the password has expired, and a "
+"value of -1 disables the feature."
+msgstr ""
+"Une valeur de 0 désactive le compte dès que le mot de passe a dépassé sa fin "
+"de validité, et une valeur de -1 désactive cette fonctionnalité."
+
+#: usermod.8.xml:181(term) useradd.8.xml:224(term) useradd.8.xml:575(term)
+#| msgid ""
+#| "<option>-g</option>, <option>--gid</option><replaceable>GROUP</"
+#| "replaceable>"
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUP</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GROUPE</"
+"replaceable>"
+
+#: usermod.8.xml:185(para)
+msgid ""
+"The group name or number of the user's new initial login group. The group "
+"must exist."
+msgstr ""
+"Nom du groupe ou identifiant numérique du groupe de connexion initial de "
+"l'utilisateur. Le groupe doit exister."
+
+#: usermod.8.xml:189(para)
+msgid ""
+"Any file from the user's home directory owned by the previous primary group "
+"of the user will be owned by this new group."
+msgstr ""
+"Tout fichier du répertoire personnel de l'utilisateur appartenant au groupe "
+"primaire précédent de l'utilisateur appartiendra à ce nouveau groupe."
+
+#: usermod.8.xml:193(para)
+msgid ""
+"The group ownership of files outside of the user's home directory must be "
+"fixed manually."
+msgstr ""
+"Le groupe propriétaire des fichiers en dehors du répertoire personnel de "
+"l'utilisateur doit être modifié manuellement."
+
+#: usermod.8.xml:200(term) useradd.8.xml:251(term)
+#| msgid ""
+#| "<option>-G</option>, <option>--groups</option><replaceable>GROUP1</"
+#| "replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap="
+#| "\"I\">,GROUPN</emphasis>]]]"
+msgid ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUP1</"
+"replaceable>[<emphasis remap=\"I\">,GROUP2,...</emphasis>[<emphasis remap=\"I"
+"\">,GROUPN</emphasis>]]]"
+msgstr ""
+"<option>-G</option>, <option>--groups</option>&nbsp;<replaceable>GROUPE1</"
+"replaceable>[<emphasis remap=\"I\">,GROUPE2,...</emphasis>[<emphasis remap="
+"\"I\">,GROUPEN</emphasis>]]]"
+
+#: usermod.8.xml:204(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option."
+msgstr ""
+"Liste de groupes supplémentaires auxquels appartient également "
+"l'utilisateur. Chaque groupe est séparé du suivant par une virgule, sans "
+"espace entre eux. Les groupes sont soumis aux mêmes restrictions que celles "
+"de l'option <option>-g</option>."
+
+#: usermod.8.xml:211(para)
+msgid ""
+"If the user is currently a member of a group which is not listed, the user "
+"will be removed from the group. This behaviour can be changed via the "
+"<option>-a</option> option, which appends the user to the current "
+"supplementary group list."
+msgstr ""
+"Si l'utilisateur fait actuellement partie d'un groupe qui n'est pas listé, "
+"l'utilisateur sera supprimé du groupe. Ce comportement peut être modifié par "
+"l'option <option>-a</option>, qui permet d'ajouter l'utilisateur à la liste "
+"actuelle des groupes supplémentaires."
+
+#: usermod.8.xml:220(term)
+#| msgid ""
+#| "<option>-l</option>, <option>--login</option><replaceable>NEW_LOGIN</"
+#| "replaceable>"
+msgid ""
+"<option>-l</option>, <option>--login</option>&nbsp;<replaceable>NEW_LOGIN</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--login</option>&nbsp;"
+"<replaceable>NOUVEAU_LOGIN</replaceable>"
+
+#: usermod.8.xml:224(para)
+msgid ""
+"The name of the user will be changed from <replaceable>LOGIN</replaceable> "
+"to <replaceable>NEW_LOGIN</replaceable>. Nothing else is changed. In "
+"particular, the user's home directory or mail spool should probably be "
+"renamed manually to reflect the new login name."
+msgstr ""
+"Le nom de l'utilisateur passera de <replaceable>LOGIN</replaceable> à "
+"<replaceable>NOUVEAU_LOGIN</replaceable>. Rien d'autre ne sera modifié. En "
+"particulier, le nom du répertoire personnel et l'emplacement de la boîte aux "
+"lettres de l'utilisateur devrontprobablement être changés pour refléter le "
+"nouveau nom de connexion."
+
+#: usermod.8.xml:234(term)
+msgid "<option>-L</option>, <option>--lock</option>"
+msgstr "<option>-L</option>, <option>--lock</option>"
+
+#: usermod.8.xml:238(para)
+msgid ""
+"Lock a user's password. This puts a '!' in front of the encrypted password, "
+"effectively disabling the password. You can't use this option with <option>-"
+"p</option> or <option>-U</option>."
+msgstr ""
+"Verrouiller le mot de passe d'un utilisateur. Cette option ajoute un « ! » "
+"devant le mot de passe chiffré, ce qui désactive le mot de passe. Vous ne "
+"pouvez pas utiliser cette option avec <option>-p</option> ou <option>-U</"
+"option>."
+
+#: usermod.8.xml:244(para)
+msgid ""
+"Note: if you wish to lock the account (not only access with a password), you "
+"should also set the <replaceable>EXPIRE_DATE</replaceable> to "
+"<replaceable>1</replaceable>."
+msgstr ""
+"Remarque : pour verrouiller le compte (et pas seulement l'accès au compte "
+"par un mot de passe), il est également nécessaire de placer "
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable> à <replaceable>1</replaceable>."
+
+#: usermod.8.xml:253(term)
+msgid "<option>-m</option>, <option>--move-home</option>"
+msgstr "<option>-m</option>, <option>--move-home</option>"
+
+#: usermod.8.xml:257(para)
+msgid "Move the content of the user's home directory to the new location."
+msgstr ""
+"Déplacer le contenu du répertoire personnel de l'utilisateur vers un nouvel "
+"emplacement."
+
+#: usermod.8.xml:261(para)
+msgid ""
+"This option is only valid in combination with the <option>-d</option> (or "
+"<option>--home</option>) option."
+msgstr ""
+"Cette option ne fonctionne que lorsqu'elle est combinée avec l'option "
+"<option>-d</option> (ou <option>--home</option>)."
+
+#: usermod.8.xml:265(para)
+msgid ""
+"<command>usermod</command> will try to adapt the ownership of the files and "
+"to copy the modes, ACL and extended attributes, but manual changes might be "
+"needed afterwards."
+msgstr ""
+"<command>usermod</command> essayera d'adapter les permissions des fichiers "
+"et de copier les modes, ACL et attributs étendus. Cependant, vous risquez de "
+"devoir procéder à des modifications vous-même."
+
+#: usermod.8.xml:273(term) useradd.8.xml:385(term) groupmod.8.xml:146(term)
+#: groupadd.8.xml:157(term)
+msgid "<option>-o</option>, <option>--non-unique</option>"
+msgstr "<option>-o</option>, <option>--non-unique</option>"
+
+#: usermod.8.xml:277(para)
+msgid ""
+"When used with the <option>-u</option> option, this option allows to change "
+"the user ID to a non-unique value."
+msgstr ""
+"En combinaison avec l'option <option>-u</option>, cette option permet de "
+"changer l'identifiant utilisateur vers une valeur déjà utilisée."
+
+#: usermod.8.xml:284(term) useradd.8.xml:397(term) groupmod.8.xml:157(term)
+#: groupadd.8.xml:167(term)
+#| msgid ""
+#| "<option>-p</option>, <option>--password</option><replaceable>PASSWORD</"
+#| "replaceable>"
+msgid ""
+"<option>-p</option>, <option>--password</option>&nbsp;<replaceable>PASSWORD</"
+"replaceable>"
+msgstr ""
+"<option>-p</option>, <option>--password</option>&nbsp;"
+"<replaceable>MOT_DE_PASSE</replaceable>"
+
+#: usermod.8.xml:288(para) groupmod.8.xml:161(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+msgstr ""
+"Mot de passe chiffré, comme renvoyé par <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>."
+
+#: usermod.8.xml:293(para) useradd.8.xml:406(para) groupmod.8.xml:166(para)
+#: groupadd.8.xml:176(para)
+msgid ""
+"<emphasis role=\"bold\">Note:</emphasis> This option is not recommended "
+"because the password (or encrypted password) will be visible by users "
+"listing the processes."
+msgstr ""
+"<emphasis role=\"bold\">Remarque :</emphasis> l'utilisation de cette option "
+"est déconseillée car le mot de passe (ou le mot de passe chiffré) peut être "
+"visible des utilisateurs qui affichent la liste des processus. "
+
+#: usermod.8.xml:298(para)
+msgid ""
+"The password will be written in the local <filename>/etc/passwd</filename> "
+"or <filename>/etc/shadow</filename> file. This might differ from the "
+"password database configured in your PAM configuration."
+msgstr ""
+"Le mot de passe sera écrit dans le fichier <filename>/etc/passwd</filename> "
+"local ou le fichier <filename>/etc/shadow</filename>. Cela peut être "
+"différent de la base de données de mots de passe définie dans la "
+"configuration de PAM."
+
+#: usermod.8.xml:304(para) useradd.8.xml:411(para) groupmod.8.xml:171(para)
+#: groupadd.8.xml:181(para)
+msgid ""
+"You should make sure the password respects the system's password policy."
+msgstr ""
+"Il est nécessaire de vérifier si le mot de passe respecte la politique de "
+"mots de passe du système."
+
+#: usermod.8.xml:323(term) useradd.8.xml:457(term) useradd.8.xml:595(term)
+#: su.1.xml:187(term) chsh.1.xml:119(term)
+#| msgid ""
+#| "<option>-s</option>, <option>--shell</option><replaceable>SHELL</"
+#| "replaceable>"
+msgid ""
+"<option>-s</option>, <option>--shell</option>&nbsp;<replaceable>SHELL</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--shell</option>&nbsp;"
+"<replaceable>INTERPRÉTEUR</replaceable>"
+
+#: usermod.8.xml:327(para) chsh.1.xml:123(para)
+msgid ""
+"The name of the user's new login shell. Setting this field to blank causes "
+"the system to select the default login shell."
+msgstr ""
+"Nom du nouvel interpréteur de commandes initial (« login shell ») de "
+"l'utilisateur. Si ce champ est vide, le système sélectionnera l'interpréteur "
+"de commandes initial par défaut."
+
+#: usermod.8.xml:334(term) useradd.8.xml:471(term)
+#| msgid ""
+#| "<option>-u</option>, <option>--uid</option><replaceable>UID</replaceable>"
+msgid ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--uid</option>&nbsp;<replaceable>UID</"
+"replaceable>"
+
+#: usermod.8.xml:338(para)
+msgid "The new numerical value of the user's ID."
+msgstr "La valeur numérique de l'identifiant de l'utilisateur."
+
+#: usermod.8.xml:341(para)
+msgid ""
+"This value must be unique, unless the <option>-o</option> option is used. "
+"The value must be non-negative."
+msgstr ""
+"Cette valeur doit être unique, à moins que l'option <option>-o</option> ne "
+"soit utilisée. La valeur ne doit pas être négative."
+
+#: usermod.8.xml:346(para)
+msgid ""
+"The user's mailbox, and any files which the user owns and which are located "
+"in the user's home directory will have the file user ID changed "
+"automatically."
+msgstr ""
+"La boîte aux lettres et tous les fichiers possédés par l'utilisateur et qui "
+"sont situés dans son répertoire personnel verront leur identifiant "
+"d'utilisateur automatiquement modifié."
+
+#: usermod.8.xml:351(para)
+msgid ""
+"The ownership of files outside of the user's home directory must be fixed "
+"manually."
+msgstr ""
+"Le propriétaire des fichiers en dehors du répertoire personnel de "
+"l'utilisateur doit être modifié manuellement."
+
+#: usermod.8.xml:355(para)
+msgid ""
+"No checks will be performed with regard to the <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+"<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Aucun contrôle ne sera effectué sur les valeurs de <option>UID_MIN</option>, "
+"<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, ou "
+"<option>SYS_UID_MAX</option> du fichier <filename>/etc/login.defs</filename>."
+
+#: usermod.8.xml:364(term)
+msgid "<option>-U</option>, <option>--unlock</option>"
+msgstr "<option>-U</option>, <option>--unlock</option>"
+
+#: usermod.8.xml:368(para)
+msgid ""
+"Unlock a user's password. This removes the '!' in front of the encrypted "
+"password. You can't use this option with <option>-p</option> or <option>-L</"
+"option>."
+msgstr ""
+"Déverrouiller le mot de passe d'un utilisateur. Cela supprime le « ! » situé "
+"devant le mot de passe chiffré. Vous ne pouvez pas utiliser cette option "
+"avec <option>-p</option> ou <option>-L</option>."
+
+#: usermod.8.xml:373(para)
+msgid ""
+"Note: if you wish to unlock the account (not only access with a password), "
+"you should also set the <replaceable>EXPIRE_DATE</replaceable> (for example "
+"to <replaceable>99999</replaceable>, or to the <option>EXPIRE</option> value "
+"from <filename>/etc/default/useradd</filename>)."
+msgstr ""
+"Remarque : pour déverrouiller le compte (et pas seulement l'accès au compte "
+"via un mot de passe), vous devriez définir la valeur "
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable> (par exemple à "
+"<replaceable>99999</replaceable> ou à la valeur <option>EXPIRE</option> dans "
+"<filename>/etc/default/useradd</filename>)."
+
+#: usermod.8.xml:384(term)
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option><replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-v</option>, <option>--add-sub-uids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-v</option>, <option>--add-sub-uids</option>&nbsp;"
+"<replaceable>PREMIER</replaceable>-<replaceable>DERNIER</replaceable>"
+
+#: usermod.8.xml:388(para)
+msgid "Add a range of subordinate uids to the user's account."
+msgstr "Ajouter une plage d'identifiants subordonnés au compte utilisateur."
+
+#: usermod.8.xml:391(para) usermod.8.xml:429(para)
+msgid ""
+"This option may be specified multiple times to add multiple ranges to a "
+"users account."
+msgstr ""
+"Cette option peut être spécifiée plusieurs fois pour ajouter plusieurs "
+"plages à un compte utilisateur."
+
+#: usermod.8.xml:394(para) usermod.8.xml:414(para)
+#| msgid ""
+#| "No checks will be performed with regard to the <option>UID_MIN</option>, "
+#| "<option>UID_MAX</option>, <option>SYS_UID_MIN</option>, or "
+#| "<option>SYS_UID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option>, or <option>SUB_UID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Aucun contrôle ne sera effectué sur les valeurs de <option>SUB_UID_MIN</"
+"option>, <option>SUB_UID_MAX</option>, ou <option>SUB_UID_COUNT</option> du "
+"fichier <filename>/etc/login.defs</filename>."
+
+#: usermod.8.xml:402(term)
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option><replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-V</option>, <option>--del-sub-uids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-V</option>, <option>--del-sub-uids</option>&nbsp;"
+"<replaceable>PREMIER</replaceable>-<replaceable>DERNIER</replaceable>"
+
+#: usermod.8.xml:406(para)
+msgid "Remove a range of subordinate uids from the user's account."
+msgstr "Retirer une plage d'identifiants subordonnés d'un compte utilisateur."
+
+#: usermod.8.xml:409(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-sub-uids</option> and <option>--add-"
+"sub-uids</option> are specified, the removal of all subordinate uid ranges "
+"happens before any subordinate uid range is added."
+msgstr ""
+"Cette option peut être spécifiée plusieurs fois pour retirer plusieurs "
+"plages à un compte utilisateur. Quand les deux options <option>--del-sub-"
+"uids</option> et <option>--add-sub-uids</option> sont spécifiées en même "
+"temps, le retrait de l'ensemble des plages d'identifiants subordonnés est "
+"effectué avant l'ajout des plages d'identifiants subordonnés."
+
+#: usermod.8.xml:422(term)
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option><replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--add-sub-gids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--add-sub-gids</option>&nbsp;"
+"<replaceable>PREMIER</replaceable>-<replaceable>DERNIER</replaceable>"
+
+#: usermod.8.xml:426(para)
+msgid "Add a range of subordinate gids to the user's account."
+msgstr ""
+"Ajouter une plage d'identifiants de groupe subordonnés au compte utilisateur."
+
+#: usermod.8.xml:432(para) usermod.8.xml:452(para)
+#| msgid ""
+#| "No checks will be performed with regard to the <option>GID_MIN</option>, "
+#| "<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+#| "<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgid ""
+"No checks will be performed with regard to <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option>, or <option>SUB_GID_COUNT</option> from /etc/"
+"login.defs."
+msgstr ""
+"Aucun contrôle ne sera effectué sur les valeurs de <option>SUB_GID_MIN</"
+"option>, <option>SUB_GID_MAX</option>, ou<option>SUB_SYS_GID_COUNT</option> "
+"du fichier <filename>/etc/login.defs</filename>."
+
+#: usermod.8.xml:440(term)
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option><replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-W</option>, <option>--del-sub-gids</option>&nbsp;"
+"<replaceable>FIRST</replaceable>-<replaceable>LAST</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--del-sub-gids</option>&nbsp;"
+"<replaceable>PREMIER</replaceable>-<replaceable>DERNIER</replaceable>"
+
+#: usermod.8.xml:444(para)
+#| msgid "Remove any SELinux user mapping for the user's login."
+msgid "Remove a range of subordinate gids from the user's account."
+msgstr ""
+"Retirer une plage d'identifiants de groupe subordonnés d'un compte "
+"utilisateur."
+
+#: usermod.8.xml:447(para)
+msgid ""
+"This option may be specified multiple times to remove multiple ranges to a "
+"users account. When both <option>--del-sub-gids</option> and <option>--add-"
+"sub-gids</option> are specified, the removal of all subordinate gid ranges "
+"happens before any subordinate gid range is added."
+msgstr ""
+"Cette option peut être spécifiée plusieurs fois pour retirer plusieurs "
+"plages à un compte utilisateur. Quand les deux options <option>--del-sub-"
+"gids</option> et <option>--add-sub-gids</option> sont spécifiées en même "
+"temps, le retrait de l'ensemble des plages d'identifiants de groupe "
+"subordonnés est effectué avant l'ajout des plages d'identifiants de groupe "
+"subordonnés."
+
+#: usermod.8.xml:460(term) useradd.8.xml:506(term)
+#| msgid ""
+#| "<option>-Z</option>, <option>--selinux-user</option><replaceable>SEUSER</"
+#| "replaceable>"
+msgid ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>SEUSER</replaceable>"
+msgstr ""
+"<option>-Z</option>, <option>--selinux-user</option>&nbsp;"
+"<replaceable>UTILISATEUR_SELINUX</replaceable>"
+
+#: usermod.8.xml:464(para)
+msgid "The new SELinux user for the user's login."
+msgstr ""
+"Le nouvel utilisateur SELinux utilisé pour la connexion de l'utilisateur."
+
+#: usermod.8.xml:467(para)
+msgid ""
+"A blank <replaceable>SEUSER</replaceable> will remove the SELinux user "
+"mapping for user <replaceable>LOGIN</replaceable> (if any)."
+msgstr ""
+"Un paramètre <replaceable>SEUSER</replaceable> vide éliminera l'association "
+"de l'utilisateur SELinux pour l'utilisateur <replaceable>LOGIN</replaceable> "
+"(si spécifiée)"
+
+#: usermod.8.xml:478(title) userdel.8.xml:281(title) useradd.8.xml:623(title)
+#: su.1.xml:331(title) shadow.3.xml:218(title) passwd.1.xml:372(title)
+#: newusers.8.xml:350(title) login.1.xml:260(title) lastlog.8.xml:194(title)
+#: groupdel.8.xml:116(title) groupadd.8.xml:257(title)
+#: gpasswd.1.xml:252(title) faillog.8.xml:232(title) chpasswd.8.xml:231(title)
+#: chgpasswd.8.xml:186(title)
+msgid "CAVEATS"
+msgstr "AVERTISSEMENTS"
+
+#: usermod.8.xml:479(para)
+msgid ""
+"You must make certain that the named user is not executing any processes "
+"when this command is being executed if the user's numerical user ID, the "
+"user's name, or the user's home directory is being changed. "
+"<command>usermod</command> checks this on Linux, but only check if the user "
+"is logged in according to utmp on other architectures."
+msgstr ""
+"Il est nécessaire de contrôler que l'identifiant indiqué n'a pas de "
+"processus en cours d'exécution si cette commande est utilisée pour modifier "
+"l'identifiant numérique de l'utilisateur, son identifiant (login) ou son "
+"répertoire personnel. <command>usermod</command> effectue ce contrôle sous "
+"Linux mais vérifie seulement les informations d'utmp sur les autres "
+"architectures."
+
+#: usermod.8.xml:487(para)
+msgid ""
+"You must change the owner of any <command>crontab</command> files or "
+"<command>at</command> jobs manually."
+msgstr ""
+"Il est nécessaire de changer manuellement le propriétaire des fichiers "
+"<command>crontab</command> ou des travaux programmés par <command>at</"
+"command>."
+
+#: usermod.8.xml:491(para)
+msgid "You must make any changes involving NIS on the NIS server."
+msgstr ""
+"Les modifications qui concernent NIS doivent être effectuées sur le serveur "
+"NIS."
+
+#: usermod.8.xml:32(term) userdel.8.xml:32(term) useradd.8.xml:32(term)
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_DIR</option> (string)"
+msgstr "<option>MAIL_DIR</option> (chaîne de caractères)"
+
+#: usermod.8.xml:34(para) userdel.8.xml:34(para) useradd.8.xml:34(para)
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"compile-time default is used."
+msgstr ""
+"Répertoire d'attente des courriels (« mail spool directory »). Ce paramètre "
+"est nécessaire pour manipuler les boîtes à lettres lorsque le compte d'un "
+"utilisateur est modifié ou supprimé. S'il n'est pas spécifié, une valeur par "
+"défaut définie à la compilation est utilisée."
+
+#: usermod.8.xml:41(term) userdel.8.xml:41(term) useradd.8.xml:41(term)
+#: su.1.xml:41(term) login.defs.5.xml:41(term) login.1.xml:41(term)
+msgid "<option>MAIL_FILE</option> (string)"
+msgstr "<option>MAIL_FILE</option> (chaîne de caractères)"
+
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"Defines the location of the users mail spool files relatively to their home "
+"directory."
+msgstr ""
+"Définir l'emplacement des boîtes aux lettres des utilisateurs relativement à "
+"leur répertoire personnel."
+
+#. FIXME: MAIL_FILE not used in useradd
+#: usermod.8.xml:50(para) userdel.8.xml:50(para) useradd.8.xml:50(para)
+#: su.1.xml:50(para) login.defs.5.xml:50(para) login.1.xml:50(para)
+msgid ""
+"The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables are "
+"used by <command>useradd</command>, <command>usermod</command>, and "
+"<command>userdel</command> to create, move, or delete the user's mail spool."
+msgstr ""
+"Les paramètres <option>MAIL_DIR</option> et <option>MAIL_FILE</option> sont "
+"utilisés par <command>useradd</command>, <command>usermod</command> et "
+"<command>userdel</command> pour créer, déplacer ou supprimer les boîtes aux "
+"lettres des utilisateurs."
+
+#: usermod.8.xml:56(para) userdel.8.xml:56(para) useradd.8.xml:56(para)
+#: su.1.xml:56(para) login.defs.5.xml:56(para) login.1.xml:56(para)
+msgid ""
+"If <option>MAIL_CHECK_ENAB</option> is set to <replaceable>yes</"
+"replaceable>, they are also used to define the <envar>MAIL</envar> "
+"environment variable."
+msgstr ""
+"Si <option>MAIL_CHECK_ENAB</option> est réglé sur <replaceable>yes</"
+"replaceable>, ces variables servent également à définir la variable "
+"d'environnement <envar>MAIL</envar>."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwconv.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: grpck.8.xml:30(term) groupmod.8.xml:30(term) groupmems.8.xml:30(term)
+#: groupdel.8.xml:30(term) groupadd.8.xml:30(term) gpasswd.1.xml:30(term)
+#: chgpasswd.8.xml:30(term)
+msgid "<option>MAX_MEMBERS_PER_GROUP</option> (number)"
+msgstr "<option>MAX_MEMBERS_PER_GROUP</option> (nombre)"
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwconv.8.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: grpck.8.xml:32(para) groupmod.8.xml:32(para) groupmems.8.xml:32(para)
+#: groupdel.8.xml:32(para) groupadd.8.xml:32(para) gpasswd.1.xml:32(para)
+#: chgpasswd.8.xml:32(para)
+msgid ""
+"Maximum members per group entry. When the maximum is reached, a new group "
+"entry (line) is started in <filename>/etc/group</filename> (with the same "
+"name, same password, and same GID)."
+msgstr ""
+"Nombre maximum de membres par entrée de groupe. Lorsque le maximum est "
+"atteint, une nouvelle entrée de groupe (ligne) est démarrée dans <filename>/"
+"etc/group</filename> (avec le même nom, même mot de passe, et même GID)."
+
+#: usermod.8.xml:37(para) userdel.8.xml:37(para) useradd.8.xml:37(para)
+#: pwconv.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+#: grpck.8.xml:37(para) groupmod.8.xml:37(para) groupmems.8.xml:37(para)
+#: groupdel.8.xml:37(para) groupadd.8.xml:37(para) gpasswd.1.xml:37(para)
+#: chgpasswd.8.xml:37(para)
+msgid ""
+"The default value is 0, meaning that there are no limits in the number of "
+"members in a group."
+msgstr ""
+"La valeur par défaut est 0, ce qui signifie qu'il n'y a pas de limites pour "
+"le nombre de membres dans un groupe."
+
+#. Note: on HP, split groups have the same ID, but different
+#.                names.
+#: usermod.8.xml:43(para) userdel.8.xml:43(para) useradd.8.xml:43(para)
+#: pwconv.8.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: grpck.8.xml:43(para) groupmod.8.xml:43(para) groupmems.8.xml:43(para)
+#: groupdel.8.xml:43(para) groupadd.8.xml:43(para) gpasswd.1.xml:43(para)
+#: chgpasswd.8.xml:43(para)
+msgid ""
+"This feature (split group) permits to limit the length of lines in the group "
+"file. This is useful to make sure that lines for NIS groups are not larger "
+"than 1024 characters."
+msgstr ""
+"Cette fonctionnalité (groupe découpé) permet de limiter la longueur des "
+"lignes dans le fichier de groupes. Ceci est utile pour s'assurer que les "
+"lignes pour les groupes NIS ne sont pas plus grandes que 1024 caractères."
+
+#: usermod.8.xml:48(para) userdel.8.xml:48(para) useradd.8.xml:48(para)
+#: pwconv.8.xml:48(para) newusers.8.xml:48(para) login.defs.5.xml:48(para)
+#: grpck.8.xml:48(para) groupmod.8.xml:48(para) groupmems.8.xml:48(para)
+#: groupdel.8.xml:48(para) groupadd.8.xml:48(para) gpasswd.1.xml:48(para)
+#: chgpasswd.8.xml:48(para)
+msgid "If you need to enforce such limit, you can use 25."
+msgstr ""
+"Si vous avez besoin de configurer cette limite, vous pouvez utiliser 25."
+
+#: usermod.8.xml:51(para) userdel.8.xml:51(para) useradd.8.xml:51(para)
+#: pwconv.8.xml:51(para) newusers.8.xml:51(para) login.defs.5.xml:51(para)
+#: grpck.8.xml:51(para) groupmod.8.xml:51(para) groupmems.8.xml:51(para)
+#: groupdel.8.xml:51(para) groupadd.8.xml:51(para) gpasswd.1.xml:51(para)
+#: chgpasswd.8.xml:51(para)
+msgid ""
+"Note: split groups may not be supported by all tools (even in the Shadow "
+"toolsuite). You should not use this variable unless you really need it."
+msgstr ""
+"Remarque : les groupes découpés ne sont peut-être pas pris en charge par "
+"tous les outils (même dans la suite d'outils Shadow). Vous ne devriez pas "
+"utiliser cette variable, sauf si vous en avez vraiment besoin."
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_MIN</option> (number)"
+msgstr "<option>SUB_GID_MIN</option> (nombre)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#| msgid "<option>SYS_GID_MAX</option> (number)"
+msgid "<option>SUB_GID_MAX</option> (number)"
+msgstr "<option>SUB_GID_MAX</option> (nombre)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#| msgid "<option>SYS_GID_MIN</option> (number)"
+msgid "<option>SUB_GID_COUNT</option> (number)"
+msgstr "<option>SUB_GID_MIN</option> (nombre)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate group IDs) allocate <option>SUB_GID_COUNT</option> unused group "
+"IDs from the range <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</"
+"option> for each new user."
+msgstr ""
+"Si <filename>/etc/subuid</filename> existe, les commandes <command>useradd</"
+"command> et <command>newusers</command> (sauf si l'utilisateur a déjà des "
+"identifiants de groupe subordonnés) allouent <option>SUB_GID_COUNT</option> "
+"identifiants de groupe inutilisés à partir de la plage <option>SUB_GID_MIN</"
+"option> à <option>SUB_GID_MAX</option> pour chaque nouvel utilisateur."
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#| msgid ""
+#| "The default value for <option>SYS_GID_MIN</option> (resp. "
+#| "<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_GID_MIN</option>, <option>SUB_GID_MAX</"
+"option>, <option>SUB_GID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Les valeurs par défaut pour <option>SUB_GID_MIN</option>, "
+"<option>SUB_GID_MAX</option> et <option>SUB_GID_COUNT</option> sont "
+"respectivement 100000, 600100000 and 10000."
+
+#: usermod.8.xml:30(term) useradd.8.xml:30(term) newusers.8.xml:30(term)
+#: login.defs.5.xml:30(term)
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_MIN</option> (number)"
+msgstr "<option>SUB_UID_MIN</option> (nombre)"
+
+#: usermod.8.xml:31(term) useradd.8.xml:31(term) newusers.8.xml:31(term)
+#: login.defs.5.xml:31(term)
+#| msgid "<option>SYS_UID_MAX</option> (number)"
+msgid "<option>SUB_UID_MAX</option> (number)"
+msgstr "<option>SUB_UID_MAX</option> (nombre)"
+
+#: usermod.8.xml:32(term) useradd.8.xml:32(term) newusers.8.xml:32(term)
+#: login.defs.5.xml:32(term)
+#| msgid "<option>SYS_UID_MIN</option> (number)"
+msgid "<option>SUB_UID_COUNT</option> (number)"
+msgstr "<option>SUB_UID_COUNT</option> (nombre)"
+
+#: usermod.8.xml:34(para) useradd.8.xml:34(para) newusers.8.xml:34(para)
+#: login.defs.5.xml:34(para)
+msgid ""
+"If <filename>/etc/subuid</filename> exists, the commands <command>useradd</"
+"command> and <command>newusers</command> (unless the user already have "
+"subordinate user IDs) allocate <option>SUB_UID_COUNT</option> unused user "
+"IDs from the range <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</"
+"option> for each new user."
+msgstr ""
+"Si <filename>/etc/subuid</filename> existe, les commandes <command>useradd</"
+"command> et <command>newusers</command> (sauf si l'utilisateur a déjà des "
+"identifiants subordonnés) allouent <option>SUB_UID_COUNT</option> "
+"identifiants inutilisés à partir de la plage <option>SUB_UID_MIN</option> à "
+"<option>SUB_UID_MAX</option> pour chaque nouvel utilisateur."
+
+#: usermod.8.xml:42(para) useradd.8.xml:42(para) newusers.8.xml:42(para)
+#: login.defs.5.xml:42(para)
+#| msgid ""
+#| "The default value for <option>SYS_UID_MIN</option> (resp. "
+#| "<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgid ""
+"The default values for <option>SUB_UID_MIN</option>, <option>SUB_UID_MAX</"
+"option>, <option>SUB_UID_COUNT</option> are respectively 100000, 600100000 "
+"and 10000."
+msgstr ""
+"Les valeurs par défaut pour <option>SUB_UID_MIN</option>, "
+"<option>SUB_UID_MAX</option> et <option>SUB_UID_COUNT</option> sont "
+"respectivement 100000, 600100000 and 10000."
+
+#: usermod.8.xml:30(term) userdel.8.xml:30(term) useradd.8.xml:30(term)
+#: pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_SYMLINKS</option> (boolean)"
+msgstr "<option>TCB_SYMLINKS</option> (booléen)"
+
+#: usermod.8.xml:37(programlisting) userdel.8.xml:37(programlisting)
+#: useradd.8.xml:37(programlisting) pwck.8.xml:37(programlisting)
+#: login.defs.5.xml:37(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"if ( UID is less than 1000) {\n"
+"  use /etc/tcb/user\n"
+"} else if ( UID is less than 1000000) {\n"
+"  kilos = UID / 1000\n"
+"  use /etc/tcb/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"} else {\n"
+"  megas = UID / 1000000\n"
+"  kilos = ( UID / megas * 1000000 ) / 1000\n"
+"  use /etc/tcb/:megas/:kilos/user\n"
+"  make symlink /etc/tcb/user to the above directory\n"
+"}\n"
+"      "
+msgstr ""
+"\n"
+"si ( UID est inférieur à 1000) {\n"
+"  utiliser /etc/tcb/user\n"
+"} sinon, et si ( UID est inférieur à 1000000) {\n"
+"  kilos = UID / 1000\n"
+"  utiliser /etc/tcb/:kilos/user\n"
+"  faire un lien symbolique de /etc/tcb/user vers le répertoire précédent\n"
+"} sinon {\n"
+"  megas = UID / 1000000\n"
+"  kilos = ( UID / megas * 1000000 ) / 1000\n"
+"  utiliser /etc/tcb/:megas/:kilos/user\n"
+"  faire un lien symbolique de /etc/tcb/user vers le répertoire précédent\n"
+"}\n"
+"      "
+
+#: usermod.8.xml:32(para) userdel.8.xml:32(para) useradd.8.xml:32(para)
+#: pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the location of the user tcb directory to "
+"be created will not be automatically set to /etc/tcb/user, but will be "
+"computed depending on the UID of the user, according to the following "
+"algorithm: <placeholder-1/>"
+msgstr ""
+"Si <replaceable>yes</replaceable> (« oui »), l'emplacement du répertoire tcb "
+"de l'utilisateur à créer ne sera pas automatiquement configuré à /etc/tcb/"
+"user, mais sera calculé en fonction de l'UID de l'utilisateur, à l'aide de "
+"l'algorithme suivant : <placeholder-1/>"
+
+#: usermod.8.xml:529(filename) userdel.8.xml:197(filename)
+#: useradd.8.xml:726(filename) su.1.xml:382(filename)
+#: pwconv.8.xml:253(filename) passwd.1.xml:423(filename)
+#: newusers.8.xml:424(filename) login.access.5.xml:124(filename)
+#: login.1.xml:389(filename) groupmod.8.xml:220(filename)
+#: groupadd.8.xml:248(filename) chsh.1.xml:182(filename)
+#: chpasswd.8.xml:270(filename) chgpasswd.8.xml:228(filename)
+#: chfn.1.xml:210(filename)
+msgid "/etc/login.defs"
+msgstr "/etc/login.defs"
+
+#: usermod.8.xml:531(para) userdel.8.xml:199(para) useradd.8.xml:728(para)
+#: su.1.xml:384(para) pwconv.8.xml:255(para) passwd.1.xml:425(para)
+#: newusers.8.xml:426(para) login.access.5.xml:126(para) login.1.xml:391(para)
+#: groupmod.8.xml:222(para) groupadd.8.xml:250(para) chsh.1.xml:184(para)
+#: chpasswd.8.xml:272(para) chgpasswd.8.xml:230(para) chfn.1.xml:212(para)
+msgid "Shadow password suite configuration."
+msgstr ""
+"Configuration de la suite des mots de passe cachés « shadow password »."
+
+#: usermod.8.xml:547(filename) userdel.8.xml:215(filename)
+#: useradd.8.xml:714(filename) newusers.8.xml:436(filename)
+#| msgid "/etc/suauth"
+msgid "/etc/subgid"
+msgstr "/etc/subgid"
+
+#: usermod.8.xml:549(para) userdel.8.xml:217(para) useradd.8.xml:716(para)
+#: newusers.8.xml:438(para)
+msgid "Per user subordinate group IDs."
+msgstr "Identifiants de groupe subordonnés par utilisateur."
+
+#: usermod.8.xml:553(filename) userdel.8.xml:221(filename)
+#: useradd.8.xml:720(filename) newusers.8.xml:442(filename)
+#| msgid "/etc/suauth"
+msgid "/etc/subuid"
+msgstr "/etc/subuid"
+
+#: usermod.8.xml:555(para) userdel.8.xml:223(para) useradd.8.xml:722(para)
+#: newusers.8.xml:444(para)
+msgid "Per user subordinate user IDs."
+msgstr "Identifiants subordonnés par utilisateur."
+
+#: usermod.8.xml:563(para)
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: userdel.8.xml:63(refentrytitle) userdel.8.xml:70(refname)
+#: userdel.8.xml:75(command) login.defs.5.xml:488(term)
+msgid "userdel"
+msgstr "userdel"
+
+#: userdel.8.xml:71(refpurpose)
+msgid "delete a user account and related files"
+msgstr "supprimer un compte utilisateur et les fichiers associés"
+
+#: userdel.8.xml:85(para)
+msgid ""
+"The <command>userdel</command> command modifies the system account files, "
+"deleting all entries that refer to the user name <emphasis remap=\"I"
+"\">LOGIN</emphasis>. The named user must exist."
+msgstr ""
+"La commande <command>userdel</command> modifie les fichiers d'administration "
+"des comptes du système, en supprimant les entrées qui se réfèrent à "
+"<emphasis remap=\"I\">LOGIN</emphasis>. L'utilisateur nommé doit exister."
+
+#: userdel.8.xml:94(para)
+msgid "The options which apply to the <command>userdel</command> command are:"
+msgstr ""
+"Les options disponibles de la commande <command>userdel</command> sont :"
+
+#: userdel.8.xml:99(term) groupadd.8.xml:100(term) expiry.1.xml:103(term)
+msgid "<option>-f</option>, <option>--force</option>"
+msgstr "<option>-f</option>, <option>--force</option>"
+
+#: userdel.8.xml:103(para)
+msgid ""
+"This option forces the removal of the user account, even if the user is "
+"still logged in. It also forces <command>userdel</command> to remove the "
+"user's home directory and mail spool, even if another user uses the same "
+"home directory or if the mail spool is not owned by the specified user. If "
+"<option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename> and if a group exists with "
+"the same name as the deleted user, then this group will be removed, even if "
+"it is still the primary group of another user."
+msgstr ""
+"Cette option impose la suppression de l'utilisateur, même s'il est encore "
+"connecté. Elle force également <command>userdel</command> à supprimer son "
+"répertoire personnel et sa file d'attente des courriels, même si un autre "
+"utilisateur utilise le même répertoire personnel ou si l'utilisateur précisé "
+"n'est pas le propriétaire de la file d'attente des courriels. Si "
+"<emphasis>USERGROUPS_ENAB</emphasis> vaut <emphasis remap=\"I\">yes</"
+"emphasis> dans <filename>/etc/login.defs</filename> et si un groupe existe "
+"avec le même nom que l'utilisateur supprimé, alors ce groupe sera supprimé, "
+"même s'il s'agit du groupe primaire d'un autre utilisateur."
+
+#: userdel.8.xml:116(para)
+msgid ""
+"<emphasis>Note:</emphasis> This option is dangerous and may leave your "
+"system in an inconsistent state."
+msgstr ""
+"<emphasis>Remarque :</emphasis> Cette option est dangereuse, elle peut "
+"laisser votre système dans un état incohérent."
+
+#: userdel.8.xml:129(term)
+msgid "<option>-r</option>, <option>--remove</option>"
+msgstr "<option>-r</option>, <option>--remove</option>"
+
+#: userdel.8.xml:133(para)
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Files located in other file "
+"systems will have to be searched for and deleted manually."
+msgstr ""
+"Les fichiers présents dans le répertoire personnel de l'utilisateur seront "
+"supprimés en même temps que le répertoire lui-même, ainsi que le répertoire "
+"d'attente des courriels. Vous devrez rechercher et éliminer vous-même les "
+"fichiers situés dans d'autres systèmes de fichiers."
+
+#: userdel.8.xml:139(para)
+msgid ""
+"The mail spool is defined by the <option>MAIL_DIR</option> variable in the "
+"<filename>login.defs</filename> file."
+msgstr ""
+"Le répertoire d'attente des courriels est défini par la variable "
+"<option>MAIL_DIR</option> dans <filename>login.defs</filename>."
+
+#: userdel.8.xml:158(term)
+msgid "<option>-Z</option>, <option>--selinux-user</option>"
+msgstr "<option>-Z</option>, <option>--selinux-user</option>"
+
+#: userdel.8.xml:162(para)
+msgid "Remove any SELinux user mapping for the user's login."
+msgstr ""
+"Élimine toute association avec tout utilisateur SELinux pour la connexion de "
+"l'utilisateur."
+
+#: userdel.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>USERDEL_CMD</option> (string)"
+msgstr "<option>USERDEL_CMD</option> (chaîne de caractères)"
+
+#: userdel.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If defined, this command is run when removing a user. It should remove any "
+"at/cron/print jobs etc. owned by the user to be removed (passed as the first "
+"argument)."
+msgstr ""
+"Si définie, la commande est exécutée lors de la suppression d'un "
+"utilisateur. Elle pourra supprimer toutes les tâches périodiques cron ou at, "
+"tous les travaux d'impression, etc. de l'utilisateur (qui sera fourni comme "
+"premier paramètre)."
+
+#: userdel.8.xml:40(para) login.defs.5.xml:40(para)
+msgid "The return code of the script is not taken into account."
+msgstr "Le code de retour du script n'est pas pris en compte."
+
+#: userdel.8.xml:46(programlisting) login.defs.5.xml:46(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+"      "
+msgstr ""
+"\n"
+"#! /bin/sh\n"
+"\n"
+"# Check for the required argument.\n"
+"if [ $# != 1 ]; then\n"
+"\techo \"Usage: $0 username\"\n"
+"\texit 1\n"
+"fi\n"
+"\n"
+"# Remove cron jobs.\n"
+"crontab -r -u $1\n"
+"\n"
+"# Remove at jobs.\n"
+"# Note that it will remove any jobs owned by the same UID,\n"
+"# even if it was shared by a different username.\n"
+"AT_SPOOL_DIR=/var/spool/cron/atjobs\n"
+"find $AT_SPOOL_DIR -name \"[^.]*\" -type f -user $1 -delete \\;\n"
+"\n"
+"# Remove print jobs.\n"
+"lprm $1\n"
+"\n"
+"# All done.\n"
+"exit 0\n"
+"      "
+
+#: userdel.8.xml:43(para) login.defs.5.xml:43(para)
+msgid ""
+"Here is an example script, which removes the user's cron, at and print jobs: "
+"<placeholder-1/>"
+msgstr ""
+"Voici un script exemple, qui supprime le fichier d'entrée de cron et d'at "
+"ainsi que les travaux d'impression en attente ;<placeholder-1/>"
+
+#: userdel.8.xml:32(term) useradd.8.xml:32(term) su.1.xml:32(term)
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>USERGROUPS_ENAB</option> (boolean)"
+msgstr "<option>USERGROUPS_ENAB</option> (booléen)"
+
+#: userdel.8.xml:34(para) useradd.8.xml:34(para) su.1.xml:34(para)
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of the umask group bits to be the same as owner bits "
+"(examples: 022 -&gt; 002, 077 -&gt; 007) for non-root users, if the uid is "
+"the same as gid, and username is the same as the primary group name."
+msgstr ""
+"Activer la mise en place de bits de masque de groupe (« umask group bits ») "
+"identiques à ceux du propriétaire (exemple : 022 -&gt; 002, 077 -&gt; 007) "
+"pour les utilisateurs non privilégiés, si l'UID est identique au GID et que "
+"l'identifiant de connexion est identique au groupe principal."
+
+#: userdel.8.xml:39(para) useradd.8.xml:39(para) su.1.xml:39(para)
+#: login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, <command>userdel</command> will "
+"remove the user's group if it contains no more members, and "
+"<command>useradd</command> will create by default a group with the name of "
+"the user."
+msgstr ""
+"Si cette variable est configurée à <replaceable>yes</replaceable>, "
+"<command>userdel</command> supprimera le groupe de l'utilisateur s'il ne "
+"contient pas d'autres membres, et <command>useradd</command> créera par "
+"défaut un groupe portant le nom de l'utilisateur."
+
+#: userdel.8.xml:230(title) useradd.8.xml:735(title) su.1.xml:391(title)
+#: pwck.8.xml:293(title) passwd.1.xml:438(title) grpck.8.xml:245(title)
+#: groupmod.8.xml:235(title) groupdel.8.xml:158(title)
+#: groupadd.8.xml:279(title) chage.1.xml:278(title)
+msgid "EXIT VALUES"
+msgstr "VALEURS DE RETOUR"
+
+#: userdel.8.xml:235(replaceable) useradd.8.xml:740(replaceable)
+#: su.1.xml:410(replaceable) pwck.8.xml:298(replaceable)
+#: passwd.1.xml:443(replaceable) grpck.8.xml:250(replaceable)
+#: groupmod.8.xml:240(replaceable) groupdel.8.xml:163(replaceable)
+#: groupadd.8.xml:284(replaceable) chage.1.xml:283(replaceable)
+msgid "0"
+msgstr "0"
+
+#: userdel.8.xml:237(para) useradd.8.xml:742(para) pwck.8.xml:300(para)
+#: passwd.1.xml:445(para) grpck.8.xml:252(para) groupmod.8.xml:242(para)
+#: groupdel.8.xml:165(para) groupadd.8.xml:286(para) chage.1.xml:285(para)
+msgid "success"
+msgstr "succès"
+
+#: userdel.8.xml:241(replaceable) useradd.8.xml:746(replaceable)
+#: su.1.xml:75(manvolnum) su.1.xml:416(replaceable) sg.1.xml:59(manvolnum)
+#: pwck.8.xml:304(replaceable) passwd.1.xml:65(manvolnum)
+#: passwd.1.xml:449(replaceable) newgrp.1.xml:59(manvolnum)
+#: login.1.xml:91(manvolnum) grpck.8.xml:256(replaceable)
+#: groups.1.xml:58(manvolnum) gpasswd.1.xml:63(manvolnum)
+#: expiry.1.xml:62(manvolnum) chsh.1.xml:61(manvolnum)
+#: chfn.1.xml:61(manvolnum) chage.1.xml:59(manvolnum)
+#: chage.1.xml:289(replaceable)
+msgid "1"
+msgstr "1"
+
+#: userdel.8.xml:243(para) useradd.8.xml:748(para)
+msgid "can't update password file"
+msgstr "impossible de mettre à jour le fichier des mots de passe"
+
+#: userdel.8.xml:247(replaceable) useradd.8.xml:752(replaceable)
+#: pwck.8.xml:310(replaceable) passwd.1.xml:455(replaceable)
+#: grpck.8.xml:262(replaceable) groupmod.8.xml:246(replaceable)
+#: groupdel.8.xml:169(replaceable) groupadd.8.xml:290(replaceable)
+#: chage.1.xml:295(replaceable)
+msgid "2"
+msgstr "2"
+
+#: userdel.8.xml:249(para) useradd.8.xml:754(para) pwck.8.xml:306(para)
+#: grpck.8.xml:258(para) groupmod.8.xml:248(para) groupdel.8.xml:171(para)
+#: groupadd.8.xml:292(para) chage.1.xml:297(para)
+msgid "invalid command syntax"
+msgstr "erreur de syntaxe"
+
+#: userdel.8.xml:253(replaceable) useradd.8.xml:770(replaceable)
+#: pwck.8.xml:334(replaceable) passwd.1.xml:479(replaceable)
+#: groupmod.8.xml:264(replaceable) groupdel.8.xml:175(replaceable)
+msgid "6"
+msgstr "6"
+
+#: userdel.8.xml:255(para)
+msgid "specified user doesn't exist"
+msgstr "l'utilisateur indiqué n'existe pas"
+
+#: userdel.8.xml:261(para)
+msgid "user currently logged in"
+msgstr "l'utilisateur est actuellement connecté"
+
+#: userdel.8.xml:265(replaceable) useradd.8.xml:782(replaceable)
+#: groupmod.8.xml:276(replaceable) groupdel.8.xml:187(replaceable)
+#: groupadd.8.xml:314(replaceable)
+msgid "10"
+msgstr "10"
+
+#: userdel.8.xml:267(para) useradd.8.xml:784(para) groupmod.8.xml:278(para)
+#: groupdel.8.xml:189(para) groupadd.8.xml:316(para)
+msgid "can't update group file"
+msgstr "impossible de mettre à jour le fichier des groupes"
+
+#: userdel.8.xml:271(replaceable) useradd.8.xml:788(replaceable)
+msgid "12"
+msgstr "12"
+
+#: userdel.8.xml:273(para)
+msgid "can't remove home directory"
+msgstr "impossible de supprimer le répertoire personnel"
+
+#: userdel.8.xml:231(para)
+msgid ""
+"The <command>userdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>userdel</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: userdel.8.xml:282(para)
+msgid ""
+"<command>userdel</command> will not allow you to remove an account if there "
+"are running processes which belong to this account. In that case, you may "
+"have to kill those processes or lock the user's password or account and "
+"remove the account later. The <option>-f</option> option can force the "
+"deletion of this account."
+msgstr ""
+"<command>userdel</command> ne permet pas la suppression d'un compte si des "
+"processus actifs lui appartiennent encore. Dans ce cas, il peut être "
+"nécessaire de tuer ces processus ou de simplement verrouiller le mot de "
+"passe ou le compte de l'utilisateur, afin de supprimer le compte plus tard. "
+"L'option <option>-f</option> permet de forcer la suppression du compte."
+
+#: userdel.8.xml:289(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this user."
+msgstr ""
+"Vous devez vérifier vous-même qu'aucun fichier possédé par l'utilisateur ne "
+"subsiste sur tous les systèmes de fichiers."
+
+#: userdel.8.xml:293(para)
+msgid ""
+"You may not remove any NIS attributes on a NIS client. This must be "
+"performed on the NIS server."
+msgstr ""
+"Vous ne pouvez supprimer aucun attribut NIS d'un client NIS. Cela doit être "
+"effectué sur le serveur NIS."
+
+#: userdel.8.xml:296(para)
+msgid ""
+"If <option>USERGROUPS_ENAB</option> is defined to <emphasis remap=\"I\">yes</"
+"emphasis> in <filename>/etc/login.defs</filename>, <command>userdel</"
+"command> will delete the group with the same name as the user. To avoid "
+"inconsistencies in the passwd and group databases, <command>userdel</"
+"command> will check that this group is not used as a primary group for "
+"another user, and will just warn without deleting the group otherwise. The "
+"<option>-f</option> option can force the deletion of this group."
+msgstr ""
+"Si <option>USERGROUPS_ENAB</option> vaut <emphasis remap=\"I\">yes</"
+"emphasis> (« oui ») dans <filename>/etc/login.defs</filename>, "
+"<command>userdel</command> supprimera le groupe ayant le même nom que "
+"l'utilisateur. Afin d'éviter des incohérences entre les fichiers passwd et "
+"group, <command>userdel</command> vérifiera que le groupe n'est pas utilisé "
+"comme groupe primaire d'un autre utilisateur ; si c'est le cas un "
+"avertissement sera affiché et le groupe ne sera pas supprimé. L'option "
+"<option>-f</option> permet d'imposer la suppression du groupe."
+
+#: userdel.8.xml:309(para)
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: useradd.8.xml:74(refentrytitle) useradd.8.xml:81(refname)
+#: useradd.8.xml:86(command) useradd.8.xml:93(command)
+#: useradd.8.xml:97(command) login.defs.5.xml:472(term)
+msgid "useradd"
+msgstr "useradd"
+
+#: useradd.8.xml:82(refpurpose)
+msgid "create a new user or update default new user information"
+msgstr ""
+"créer un nouvel utilisateur ou modifier les informations par défaut "
+"appliquées aux nouveaux utilisateurs"
+
+#: useradd.8.xml:94(arg) useradd.8.xml:98(arg)
+msgid "-D"
+msgstr "-D"
+
+#: useradd.8.xml:107(para)
+msgid ""
+"When invoked without the <option>-D</option> option, the <command>useradd</"
+"command> command creates a new user account using the values specified on "
+"the command line plus the default values from the system. Depending on "
+"command line options, the <command>useradd</command> command will update "
+"system files and may also create the new user's home directory and copy "
+"initial files."
+msgstr ""
+"Quand elle est invoquée sans l'option <option>-D</option>, la commande "
+"<command>useradd</command> crée un nouveau compte utilisateur qui utilise "
+"les valeurs indiquées sur la ligne de commande et les valeurs par défaut du "
+"système. En fonction des options de la ligne de commande, la commande "
+"<command>useradd</command> fera la mise à jour des fichiers du système, elle "
+"pourra créer le répertoire personnel et copier les fichiers initiaux."
+
+#: useradd.8.xml:116(para)
+msgid ""
+"By default, a group will also be created for the new user (see <option>-g</"
+"option>, <option>-N</option>, <option>-U</option>, and "
+"<option>USERGROUPS_ENAB</option>)."
+msgstr ""
+"Par défaut, un groupe sera également créé pour le nouvel utilisateur (voir "
+"<option>-g</option>, <option>-N</option>, <option>-U</option>, et "
+"<option>USERGROUPS_ENAB</option>)"
+
+#: useradd.8.xml:125(para)
+msgid "The options which apply to the <command>useradd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>useradd</command> sont :"
+
+#: useradd.8.xml:129(term) useradd.8.xml:530(term)
+#| msgid ""
+#| "<option>-b</option>, <option>--base-dir</option><replaceable>BASE_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>BASE_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--base-dir</option>&nbsp;<replaceable>RÉP_BASE</"
+"replaceable>"
+
+#: useradd.8.xml:133(para)
+#| msgid ""
+#| "The default base directory for the system if <option>-d</"
+#| "option><replaceable>HOME_DIR</replaceable> is not specified. "
+#| "<replaceable>BASE_DIR</replaceable> is concatenated with the account name "
+#| "to define the home directory. If the <option>-m</option> option is not "
+#| "used, <replaceable>BASE_DIR</replaceable> must exist."
+msgid ""
+"The default base directory for the system if <option>-d</option>&nbsp;"
+"<replaceable>HOME_DIR</replaceable> is not specified. <replaceable>BASE_DIR</"
+"replaceable> is concatenated with the account name to define the home "
+"directory. If the <option>-m</option> option is not used, "
+"<replaceable>BASE_DIR</replaceable> must exist."
+msgstr ""
+"Répertoire de base par défaut du système si l'option <option>-d</"
+"option>&nbsp;<replaceable>RÉP_PERSO</replaceable> n'est pas spécifiée. "
+"<replaceable>RÉP_BASE</replaceable> est concaténé avec le nom du compte pour "
+"définir le répertoire personnel. Quand l'option <option>-m</option> n'est "
+"pas utilisée, <replaceable>RÉP_BASE</replaceable> doit exister."
+
+#: useradd.8.xml:140(para)
+msgid ""
+"If this option is not specified, <command>useradd</command> will use the "
+"base directory specified by the <option>HOME</option> variable in <filename>/"
+"etc/default/useradd</filename>, or <filename>/home</filename> by default."
+msgstr ""
+"Si cette option n'est pas précisée, <command>useradd</command> utilisera le "
+"répertoire de base précisé par la variable <option>HOME</option> dans "
+"<filename>/etc/default/useradd</filename> ou <filename>/home</filename> par "
+"défaut."
+
+#: useradd.8.xml:154(para)
+msgid ""
+"Any text string. It is generally a short description of the login, and is "
+"currently used as the field for the user's full name."
+msgstr ""
+"Toute chaîne de texte. C'est généralement une description courte du compte, "
+"elle est actuellement utilisée comme champ pour le nom complet de "
+"l'utilisateur."
+
+#: useradd.8.xml:162(term)
+#| msgid ""
+#| "<option>-d</option>, <option>--home</option><replaceable>HOME_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--home-dir</option>&nbsp;<replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--home</option>&nbsp;<replaceable>RÉP_PERSO</"
+"replaceable>"
+
+#: useradd.8.xml:166(para)
+msgid ""
+"The new user will be created using <replaceable>HOME_DIR</replaceable> as "
+"the value for the user's login directory. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <replaceable>BASE_DIR</replaceable> "
+"and use that as the login directory name. The directory "
+"<replaceable>HOME_DIR</replaceable> does not have to exist but will not be "
+"created if it is missing."
+msgstr ""
+"Le nouvel utilisateur sera créé en utilisant <replaceable>RÉP_PERSO</"
+"replaceable> comme valeur de répertoire de connexion de l'utilisateur. Le "
+"comportement par défaut est de concaténer <replaceable>UTILISATEUR</"
+"replaceable> au répertoire <replaceable>RÉP_BASE</replaceable>, et de "
+"l'utiliser en tant que nom de répertoire de connexion. Il n'est pas "
+"nécessaire que le répertoire <replaceable>RÉP_PERSO</replaceable> existe "
+"mais il ne sera pas créé s'il n'existe pas."
+
+#: useradd.8.xml:178(term)
+msgid "<option>-D</option>, <option>--defaults</option>"
+msgstr "<option>-D</option>, <option>--defaults</option>"
+
+#: useradd.8.xml:182(para)
+msgid "See below, the subsection \"Changing the default values\"."
+msgstr ""
+"Consultez ci-dessous la sous-section « Modifier les valeurs par défaut »."
+
+#: useradd.8.xml:196(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default expiry "
+"date specified by the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or an empty string (no expiry) by default."
+msgstr ""
+"Si non précisé, <command>useradd</command> utilisera la date d'expiration "
+"par défaut précisée par la variable <option>EXPIRE</option> dans <filename>/"
+"etc/default/useradd</filename> ou une chaîne vide (pas d'expiration) par "
+"défaut."
+
+#: useradd.8.xml:209(para)
+msgid ""
+"The number of days after a password expires until the account is permanently "
+"disabled. A value of 0 disables the account as soon as the password has "
+"expired, and a value of -1 disables the feature."
+msgstr ""
+"Nombre de jours suivant la fin de validité d'un mot de passe après lequel le "
+"compte est définitivement désactivé. Une valeur de 0 désactive le compte dès "
+"que le mot de passe a dépassé sa fin de validité, et une valeur de -1 "
+"désactive cette fonctionnalité."
+
+#: useradd.8.xml:215(para)
+msgid ""
+"If not specified, <command>useradd</command> will use the default inactivity "
+"period specified by the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>, or -1 by default."
+msgstr ""
+"Si non précisé, <command>useradd</command> utilisera la période d'inactivité "
+"par défaut précisée par la variable <option>INACTIVE</option> dans "
+"<filename>/etc/default/useradd</filename>, ou -1 par défaut."
+
+#: useradd.8.xml:228(para)
+msgid ""
+"The group name or number of the user's initial login group. The group name "
+"must exist. A group number must refer to an already existing group."
+msgstr ""
+"Nom du groupe ou identifiant numérique du groupe de connexion initial de "
+"l'utilisateur. Le nom du groupe doit exister. Un numéro de groupe doit se "
+"référer à un groupe déjà existant."
+
+#: useradd.8.xml:233(para)
+msgid ""
+"If not specified, the behavior of <command>useradd</command> will depend on "
+"the <option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>. If this variable is set to <replaceable>yes</replaceable> (or "
+"<option>-U/--user-group</option> is specified on the command line), a group "
+"will be created for the user, with the same name as her loginname. If the "
+"variable is set to <replaceable>no</replaceable> (or <option>-N/--no-user-"
+"group</option> is specified on the command line), useradd will set the "
+"primary group of the new user to the value specified by the <option>GROUP</"
+"option> variable in <filename>/etc/default/useradd</filename>, or 100 by "
+"default."
+msgstr ""
+"Si non précisé, le comportement de <command>useradd</command> dépendra de la "
+"variable <option>USERGROUPS_ENAB</option> dans <filename>/etc/login.defs</"
+"filename>. Si cette variable est configurée à <replaceable>yes</replaceable> "
+"(ou si <option>-U/--user-group</option> est précisée sur la ligne de "
+"commandes), un groupe sera créé pour l'utilisateur, avec le même nom que son "
+"identifiant. Si la variable est configurée à <replaceable>no</replaceable> "
+"(ou si <option>-N/--no-user-group</option> est précisé sur la ligne de "
+"commandes), useradd configurera le groupe primaire du nouvel utilisateur à "
+"la valeur précisée par la variable <option>GROUP</option> dans <filename>/"
+"etc/default/useradd</filename>, ou 100 par défaut."
+
+#: useradd.8.xml:255(para)
+msgid ""
+"A list of supplementary groups which the user is also a member of. Each "
+"group is separated from the next by a comma, with no intervening whitespace. "
+"The groups are subject to the same restrictions as the group given with the "
+"<option>-g</option> option. The default is for the user to belong only to "
+"the initial group."
+msgstr ""
+"Liste de groupes supplémentaires auxquels appartient également "
+"l'utilisateur. Chaque groupe est séparé du suivant par une virgule, sans "
+"espace entre eux. Les groupes sont soumis aux mêmes restrictions que celles "
+"de l'option <option>-g</option>. Le comportement par défaut pour "
+"l'utilisateur est de n'appartenir qu'au groupe initial."
+
+#: useradd.8.xml:272(term)
+#| msgid ""
+#| "<option>-k</option>, <option>--skel</option><replaceable>SKEL_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-k</option>, <option>--skel</option>&nbsp;<replaceable>SKEL_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-k</option>, <option>--skel</option>&nbsp;"
+"<replaceable>RÉP_SQUELETTE</replaceable>"
+
+#: useradd.8.xml:276(para)
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>useradd</command>."
+msgstr ""
+"Le répertoire squelette, qui contient les fichiers et répertoires qui seront "
+"copiés dans le répertoire personnel de l'utilisateur, quand le répertoire "
+"personnel est créé par <command>useradd</command>."
+
+#: useradd.8.xml:281(para)
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified."
+msgstr ""
+"Cette option n'est valable que si l'option <option>-m</option> (ou <option>--"
+"create-home</option>) est utilisée."
+
+#: useradd.8.xml:285(para)
+msgid ""
+"If this option is not set, the skeleton directory is defined by the "
+"<option>SKEL</option> variable in <filename>/etc/default/useradd</filename> "
+"or, by default, <filename>/etc/skel</filename>."
+msgstr ""
+"Si cette option n'est pas précisée, le répertoire squelette est défini par "
+"la variable <option>SKEL</option> dans <filename>/etc/default/useradd</"
+"filename> ou, par défaut, <filename>/etc/skel</filename>."
+
+#: useradd.8.xml:291(para)
+msgid "If possible, the ACLs and extended attributes are copied."
+msgstr "Si possible, les ACL et les attributs étendus seront copiés."
+
+#: useradd.8.xml:297(term) groupadd.8.xml:137(term)
+#| msgid ""
+#| "<option>-K</option>, <option>--key</option><replaceable>KEY</"
+#| "replaceable>=<replaceable>VALUE</replaceable>"
+msgid ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>KEY</"
+"replaceable>=<replaceable>VALUE</replaceable>"
+msgstr ""
+"<option>-K</option>, <option>--key</option>&nbsp;<replaceable>CLÉ</"
+"replaceable>=<replaceable>VALEUR</replaceable>"
+
+#: useradd.8.xml:301(para)
+#| msgid ""
+#| "Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+#| "option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+#| "<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+#| "<option>-K </option><replaceable>PASS_MAX_DAYS</"
+#| "replaceable>=<replaceable>-1</replaceable> can be used when creating "
+#| "system account to turn off password ageing, even though system account "
+#| "has no password at all. Multiple <option>-K</option> options can be "
+#| "specified, e.g.: <option>-K </option><replaceable>UID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable><option>-K </"
+#| "option><replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> can be used when creating system "
+"account to turn off password ageing, even though system account has no "
+"password at all. Multiple <option>-K</option> options can be specified, e."
+"g.: <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Overrides <filename>/etc/login.defs</filename> defaults (<option>UID_MIN</"
+"option>, <option>UID_MAX</option>, <option>UMASK</option>, "
+"<option>PASS_MAX_DAYS</option> and others). <placeholder-1/> Example: "
+"<option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</"
+"replaceable>=<replaceable>-1</replaceable> peut être utilisé pour la "
+"création de comptes système pour désactiver la gestion de la durée de "
+"validité des mots de passe, même si les comptes système n'ont pas de mot de "
+"passe. Plusieurs options <option>-K</option> peuvent être précisées, comme "
+"par exemple : <option>-K</option>&nbsp;<replaceable>UID_MIN</"
+"replaceable>=<replaceable>100</replaceable> <option>-K</option>&nbsp;"
+"<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: useradd.8.xml:322(term)
+msgid "<option>-l</option>, <option>--no-log-init</option>"
+msgstr "<option>-l</option>, <option>--no-log-init</option>"
+
+#: useradd.8.xml:324(para)
+msgid "Do not add the user to the lastlog and faillog databases."
+msgstr "N'ajoute pas l'utilisateur aux bases de données lastlog et faillog."
+
+#: useradd.8.xml:327(para)
+msgid ""
+"By default, the user's entries in the lastlog and faillog databases are "
+"resetted to avoid reusing the entry from a previously deleted user."
+msgstr ""
+"Par défaut, les entrées de l'utilisateur dans les bases de données lastlog "
+"et faillog sont remises à zéro pour éviter de réutiliser les entrées d'un "
+"utilisateur précédemment supprimé."
+
+#: useradd.8.xml:335(term)
+msgid "<option>-m</option>, <option>--create-home</option>"
+msgstr "<option>-m</option>, <option>--create-home</option>"
+
+#: useradd.8.xml:339(para)
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the <option>-k</option> option) will be copied to the home directory."
+msgstr ""
+"Créé le répertoire personnel de l'utilisateur s'il n'existe pas. Les "
+"fichiers et les répertoires contenus dans le répertoire squelette (qui peut "
+"être défini avec l'option <option>-k</option>) sera copié dans le répertoire "
+"personnel."
+
+#: useradd.8.xml:345(para)
+msgid ""
+"By default, if this option is not specified and <option>CREATE_HOME</option> "
+"is not enabled, no home directories are created."
+msgstr ""
+"Par défaut, si cette option n'est pas précisée et si <option>CREATE_HOME</"
+"option> n'est pas activée, aucun répertoire personnel ne sera créé."
+
+#: useradd.8.xml:354(option)
+msgid "-M"
+msgstr "-M"
+
+#: useradd.8.xml:357(para)
+msgid ""
+"Do no create the user's home directory, even if the system wide setting from "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>) is set "
+"to <replaceable>yes</replaceable>."
+msgstr ""
+"Ne crée pas le répertoire personnel de l'utilisateur, même si la "
+"configuration globale au système contenue dans <filename>/etc/login.defs</"
+"filename> (<option>CREATE_HOME</option>) est configurée à <replaceable>yes</"
+"replaceable>."
+
+#: useradd.8.xml:366(term)
+msgid "<option>-N</option>, <option>--no-user-group</option>"
+msgstr "<option>-N</option>, <option>--no-user-group</option>"
+
+#: useradd.8.xml:370(para)
+msgid ""
+"Do not create a group with the same name as the user, but add the user to "
+"the group specified by the <option>-g</option> option or by the "
+"<option>GROUP</option> variable in <filename>/etc/default/useradd</filename>."
+msgstr ""
+"Ne crée pas de groupe avec le même nom que celui de l'utilisateur, mais "
+"ajoute l'utilisateur au groupe précisé par l'option <option>-g</option> ou "
+"par la variable <option>GROUP</option> dans <filename>/etc/default/useradd</"
+"filename>."
+
+#: useradd.8.xml:376(para) useradd.8.xml:497(para)
+msgid ""
+"The default behavior (if the <option>-g</option>, <option>-N</option>, and "
+"<option>-U</option> options are not specified) is defined by the "
+"<option>USERGROUPS_ENAB</option> variable in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"Le comportement par défaut (si les options <option>-g</option>, <option>-N</"
+"option>, et <option>-U</option> ne sont pas précisées) est défini par la "
+"variable <option>USERGROUPS_ENAB</option> dans <filename>/etc/login.defs</"
+"filename>."
+
+#: useradd.8.xml:389(para)
+msgid "Allow the creation of a user account with a duplicate (non-unique) UID."
+msgstr ""
+"Permet de créer un compte d'utilisateur avec un identifiant (« UID ») "
+"dupliqué (non unique)."
+
+#: useradd.8.xml:390(para)
+msgid ""
+"This option is only valid in combination with the <option>-u</option> option."
+msgstr "Cette option n'est valable qu'avec l'option <option>-u</option>."
+
+#: useradd.8.xml:401(para) groupadd.8.xml:171(para)
+msgid ""
+"The encrypted password, as returned by <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>. The default is to "
+"disable the password."
+msgstr ""
+"Le mot de passe chiffré, comme renvoyé par "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>. Le comportement par défaut est de désactiver le mot de passe."
+
+#: useradd.8.xml:418(term) newusers.8.xml:289(term) groupadd.8.xml:188(term)
+msgid "<option>-r</option>, <option>--system</option>"
+msgstr "<option>-r</option>, <option>--system</option>"
+
+#: useradd.8.xml:422(para) newusers.8.xml:293(para)
+msgid "Create a system account."
+msgstr "Créer un compte système."
+
+#: useradd.8.xml:425(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>/etc/login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Les utilisateurs système seront créés sans information d'expiration dans "
+"<filename>/etc/shadow</filename>, et leur identifiant numérique est choisi "
+"dans l'intervalle <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>, "
+"défini dans <filename>/etc/login.defs</filename>, au lieu de "
+"<option>UID_MIN</option>-<option>UID_MAX</option> (et leurs équivalents "
+"<option>GID</option> pour la création des groupes)."
+
+#: useradd.8.xml:434(para)
+msgid ""
+"Note that <command>useradd</command> will not create a home directory for "
+"such an user, regardless of the default setting in <filename>/etc/login."
+"defs</filename> (<option>CREATE_HOME</option>). You have to specify the "
+"<option>-m</option> options if you want a home directory for a system "
+"account to be created."
+msgstr ""
+"Notez que <command>useradd</command> ne créera pas de répertoire personnel "
+"pour ces utilisateurs, indépendamment de la configuration par défaut dans "
+"<filename>/etc/login.defs</filename> (<option>CREATE_HOME</option>). Vous "
+"devez préciser l'option <option>-m</option> si vous voulez qu'un répertoire "
+"personnel soit créé pour un compte système."
+
+#: useradd.8.xml:461(para)
+msgid ""
+"The name of the user's login shell. The default is to leave this field "
+"blank, which causes the system to select the default login shell specified "
+"by the <option>SHELL</option> variable in <filename>/etc/default/useradd</"
+"filename>, or an empty string by default."
+msgstr ""
+"Le nom de l'interpréteur de commandes initial de l'utilisateur (« login "
+"shell »). Le comportement par défaut est de laisser ce champ vide. Le "
+"système sélectionnera alors l'interpréteur par défaut indiqué par la "
+"variable <option>SHELL</option> dans <filename>/etc/default/useradd</"
+"filename>, ou une chaîne vide par défaut."
+
+#: useradd.8.xml:475(para)
+msgid ""
+"The numerical value of the user's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>UID_MIN</option> and greater than every other user."
+msgstr ""
+"La valeur numérique de l'identifiant de l'utilisateur. Cette valeur doit "
+"être unique, sauf si l'option <option>-o</option> est utilisée. La valeur ne "
+"doit pas être négative. Le comportement par défaut est d'utiliser la plus "
+"petite valeur d'identifiant à la fois supérieure ou égale à <option>UID_MIN</"
+"option> et supérieure aux identifiants de tous les autres utilisateurs."
+
+#: useradd.8.xml:482(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>UID_MAX</option> "
+"description."
+msgstr ""
+"Voir aussi aussi l'option <option>-r</option> et la description de "
+"<option>UID_MAX</option>."
+
+#: useradd.8.xml:489(term)
+msgid "<option>-U</option>, <option>--user-group</option>"
+msgstr "<option>-U</option>, <option>--user-group</option>"
+
+#: useradd.8.xml:493(para)
+msgid ""
+"Create a group with the same name as the user, and add the user to this "
+"group."
+msgstr ""
+"Crée un groupe avec le même nom que celui de l'utilisateur, et ajoute "
+"l'utilisateur à ce groupe."
+
+#: useradd.8.xml:510(para)
+msgid ""
+"The SELinux user for the user's login. The default is to leave this field "
+"blank, which causes the system to select the default SELinux user."
+msgstr ""
+"L'utilisateur SELinux utilisé pour la connexion de l'utilisateur. Le "
+"comportement par défaut est de laisser ce champ vide. Le système "
+"sélectionnera alors l'utilisateur SELinux par défaut."
+
+#: useradd.8.xml:520(title)
+msgid "Changing the default values"
+msgstr "Modifier les valeurs par défaut"
+
+#: useradd.8.xml:521(para)
+msgid ""
+"When invoked with only the <option>-D</option> option, <command>useradd</"
+"command> will display the current default values. When invoked with <option>-"
+"D</option> plus other options, <command>useradd</command> will update the "
+"default values for the specified options. Valid default-changing options are:"
+msgstr ""
+"Quand il est invoqué avec seulement l'option <option>-D</option>, "
+"<command>useradd</command> affichera les valeurs actuelles par défaut. Quand "
+"il est invoqué avec l'option <option>-D</option> et d'autres options, "
+"<command>useradd</command> mettra à jour les valeurs par défaut des options "
+"précisées. Les options valables sont :"
+
+#: useradd.8.xml:534(para)
+msgid ""
+"The path prefix for a new user's home directory. The user's name will be "
+"affixed to the end of <replaceable>BASE_DIR</replaceable> to form the new "
+"user's home directory name, if the <option>-d</option> option is not used "
+"when creating a new account."
+msgstr ""
+"Préfixe du chemin des répertoires personnels pour les nouveaux utilisateurs. "
+"Le nom de l'utilisateur sera attaché à la fin de <replaceable>RÉP_PERSO</"
+"replaceable> pour créer le nom du nouveau répertoire personnel si l'option "
+"<option>-d</option> n'est pas utilisée pendant la création d'un nouveau "
+"compte."
+
+#: useradd.8.xml:541(para)
+msgid ""
+"This option sets the <option>HOME</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>HOME</option> dans <filename>/etc/"
+"default/useradd</filename>."
+
+#: useradd.8.xml:552(para)
+msgid "The date on which the user account is disabled."
+msgstr "Date à laquelle le compte utilisateur sera désactivé."
+
+#: useradd.8.xml:553(para)
+msgid ""
+"This option sets the <option>EXPIRE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>EXPIRE</option> dans <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:564(para)
+msgid ""
+"The number of days after a password has expired before the account will be "
+"disabled."
+msgstr ""
+"Nombre de jours après la fin de validité d'un mot de passe avant que le "
+"compte ne soit désactivé."
+
+#: useradd.8.xml:568(para)
+msgid ""
+"This option sets the <option>INACTIVE</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>INACTIVE</option> dans <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:579(para)
+msgid ""
+"The group name or ID for a new user's initial group (when the <option>-N/--"
+"no-user-group</option> is used or when the <option>USERGROUPS_ENAB</option> "
+"variable is set to <replaceable>no</replaceable> in <filename>/etc/login."
+"defs</filename>). The named group must exist, and a numerical group ID must "
+"have an existing entry."
+msgstr ""
+"Le nom ou l'identifiant du groupe pour le groupe principal d'un nouvel "
+"utilisateur (quand l'option <option>-N/--no-user-group</option> est utilisée "
+"ou quand la variable <option>USERGROUPS_ENAB</option> est configurée à "
+"<replaceable>no</replaceable> dans <filename>/etc/login.defs</filename>). Le "
+"nom du groupe doit exister, et un identifiant de groupe numérique doit avoir "
+"une entrée existante."
+
+#: useradd.8.xml:588(para)
+msgid ""
+"This option sets the <option>GROUP</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>GROUP</option> dans <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:599(para)
+msgid "The name of a new user's login shell."
+msgstr "Le nom de l'interpréteur de commandes du nouvel utilisateur."
+
+#: useradd.8.xml:602(para)
+msgid ""
+"This option sets the <option>SHELL</option> variable in <filename>/etc/"
+"default/useradd</filename>."
+msgstr ""
+"Cette option configure la variable <option>SHELL</option> dans <filename>/"
+"etc/default/useradd</filename>."
+
+#: useradd.8.xml:614(title)
+msgid "NOTES"
+msgstr "NOTES"
+
+#: useradd.8.xml:615(para)
+msgid ""
+"The system administrator is responsible for placing the default user files "
+"in the <filename>/etc/skel/</filename> directory (or any other skeleton "
+"directory specified in <filename>/etc/default/useradd</filename> or on the "
+"command line)."
+msgstr ""
+"L'administrateur système doit se charger de placer les fichiers par défaut "
+"dans le répertoire <filename>/etc/skel</filename> (ou tout autre répertoire "
+"de modèles indiqué dans <filename>/etc/default/useradd</filename> ou sur la "
+"ligne de commande)."
+
+#: useradd.8.xml:624(para)
+msgid ""
+"You may not add a user to a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Vous ne pouvez pas ajouter d'utilisateur à un groupe NIS ou LDAP. Cela doit "
+"être effectué sur le serveur correspondant."
+
+#: useradd.8.xml:629(para)
+msgid ""
+"Similarly, if the username already exists in an external user database such "
+"as NIS or LDAP, <command>useradd</command> will deny the user account "
+"creation request."
+msgstr ""
+"De la même façon, si le nom de l'utilisateur existe dans une base de données "
+"externe, telle que NIS ou LDAP, <command>useradd</command> refusera de créer "
+"le compte d'utilisateur."
+
+#: useradd.8.xml:635(para)
+msgid ""
+"Usernames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Les noms d'utilisateur doivent commencer par une lettre minuscule ou un "
+"tiret bas (« underscore »), et seuls des lettres minuscules, des chiffres, "
+"des « underscore », ou des tirets peuvent suivre. Ils peuvent se terminer "
+"par un signe dollar. Soit, sous la forme d'une expression rationnelle : [a-"
+"z_][a-z0-9_-]*[$]?"
+
+#: useradd.8.xml:641(para)
+msgid "Usernames may only be up to 32 characters long."
+msgstr "Les noms d'utilisateur sont limités à 16 caractères."
+
+#: useradd.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>CREATE_HOME</option> (boolean)"
+msgstr "<option>CREATE_HOME</option> (boolean)"
+
+#: useradd.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"Indicate if a home directory should be created by default for new users."
+msgstr ""
+"Indiquer si un répertoire personnel doit être créé par défaut pour les "
+"nouveaux utilisateurs."
+
+#: useradd.8.xml:36(para) login.defs.5.xml:36(para)
+msgid ""
+"This setting does not apply to system users, and can be overridden on the "
+"command line."
+msgstr ""
+"Ce réglage ne s'applique pas pour les utilisateurs système, et peut être "
+"annulé sur la ligne de commande."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: groupadd.8.xml:32(term)
+msgid "<option>GID_MAX</option> (number)"
+msgstr "<option>GID_MAX</option> (nombre)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+#: groupadd.8.xml:33(term)
+msgid "<option>GID_MIN</option> (number)"
+msgstr "<option>GID_MIN</option> (nombre)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+#: groupadd.8.xml:35(para)
+msgid ""
+"Range of group IDs used for the creation of regular groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"Plage d'identifiants numériques de groupes que les commandes "
+"<command>useradd</command>, <command>groupadd</command> ou "
+"<command>newusers</command> peuvent utiliser pour la création des groupes "
+"normaux."
+
+#: useradd.8.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: groupadd.8.xml:40(para)
+msgid ""
+"The default value for <option>GID_MIN</option> (resp. <option>GID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"La valeur par défaut pour <option>GID_MIN</option> (respectivement "
+"<option>GID_MAX</option>) est 1000 (respectivement 60000)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_DAYS</option> (number)"
+msgstr "<option>PASS_MAX_DAYS</option> (nombre)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The maximum number of days a password may be used. If the password is older "
+"than this, a password change will be forced. If not specified, -1 will be "
+"assumed (which disables the restriction)."
+msgstr ""
+"Nombre maximum de jours de validité d'un mot de passe. Après cette durée, "
+"une modification du mot de passe est obligatoire. S'il n'est pas précisé, la "
+"valeur de -1 est utilisée (ce qui enlève toute restriction)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MIN_DAYS</option> (number)"
+msgstr "<option>PASS_MIN_DAYS</option> (nombre)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The minimum number of days allowed between password changes. Any password "
+"changes attempted sooner than this will be rejected. If not specified, -1 "
+"will be assumed (which disables the restriction)."
+msgstr ""
+"Nombre minimum de jours autorisé avant la modification d'un mot de passe. "
+"Toute tentative de modification du mot de passe avant cette durée est "
+"rejetée. S'il n'est pas précisé, la valeur de -1 est utilisée (ce qui enlève "
+"toute restriction)."
+
+#: useradd.8.xml:32(term) pwconv.8.xml:32(term) pwck.8.xml:32(term)
+#: newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_WARN_AGE</option> (number)"
+msgstr "<option>PASS_WARN_AGE</option> (nombre)"
+
+#: useradd.8.xml:34(para) pwconv.8.xml:34(para) pwck.8.xml:34(para)
+#: newusers.8.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"The number of days warning given before a password expires. A zero means "
+"warning is given only upon the day of expiration, a negative value means no "
+"warning is given. If not specified, no warning will be provided."
+msgstr ""
+"Nombre de jours durant lesquels l'utilisateur recevra un avertissement avant "
+"que son mot de passe n'arrive en fin de validité. Une valeur négative "
+"signifie qu'aucun avertissement n'est donné. S'il n'est pas précisé, aucun "
+"avertissement n'est donné."
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: groupadd.8.xml:30(term)
+msgid "<option>SYS_GID_MAX</option> (number)"
+msgstr "<option>SYS_GID_MAX</option> (nombre)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: groupadd.8.xml:31(term)
+msgid "<option>SYS_GID_MIN</option> (number)"
+msgstr "<option>SYS_GID_MIN</option> (nombre)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: groupadd.8.xml:33(para)
+msgid ""
+"Range of group IDs used for the creation of system groups by "
+"<command>useradd</command>, <command>groupadd</command>, or "
+"<command>newusers</command>."
+msgstr ""
+"Plage d'identifiants numériques de groupes que les commandes "
+"<command>useradd</command>, <command>groupadd</command> ou "
+"<command>newusers</command> peuvent utiliser pour la création de groupes "
+"système."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: groupadd.8.xml:38(para)
+msgid ""
+"The default value for <option>SYS_GID_MIN</option> (resp. "
+"<option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1)."
+msgstr ""
+"La valeur par défaut pour <option>SYS_GID_MIN</option> (respectivement "
+"<option>SYS_GID_MAX</option>) est 101 (respectivement <option>GID_MIN</"
+"option>-1)."
+
+#: useradd.8.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>SYS_UID_MAX</option> (number)"
+msgstr "<option>SYS_UID_MAX</option> (nombre)"
+
+#: useradd.8.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+msgid "<option>SYS_UID_MIN</option> (number)"
+msgstr "<option>SYS_UID_MIN</option> (nombre)"
+
+#: useradd.8.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+msgid ""
+"Range of user IDs used for the creation of system users by <command>useradd</"
+"command> or <command>newusers</command>."
+msgstr ""
+"Plage d'identifiants numériques d'utilisateurs que les commandes "
+"<command>useradd</command> ou <command>newusers</command> peuvent utiliser "
+"pour la création d'utilisateurs système."
+
+#: useradd.8.xml:37(para) newusers.8.xml:37(para) login.defs.5.xml:37(para)
+msgid ""
+"The default value for <option>SYS_UID_MIN</option> (resp. "
+"<option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1)."
+msgstr ""
+"La valeur par défaut pour <option>SYS_UID_MIN</option> (respectivement "
+"<option>SYS_UID_MAX</option>) est 101 (respectivement <option>UID_MIN</"
+"option>-1)."
+
+#: useradd.8.xml:30(term) pwck.8.xml:30(term) login.defs.5.xml:30(term)
+msgid "<option>TCB_AUTH_GROUP</option> (boolean)"
+msgstr "<option>TCB_AUTH_GROUP</option> (booléen)"
+
+#: useradd.8.xml:32(para) pwck.8.xml:32(para) login.defs.5.xml:32(para)
+msgid ""
+"If <replaceable>yes</replaceable>, newly created tcb shadow files will be "
+"group owned by the <replaceable>auth</replaceable> group."
+msgstr ""
+"Si <replaceable>yes</replaceable>, le fichier shadow de tcb nouvellement "
+"créé appartiendra au groupe <replaceable>auth</replaceable>."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>UID_MAX</option> (number)"
+msgstr "<option>UID_MAX</option> (nombre)"
+
+#: useradd.8.xml:33(term) newusers.8.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>UID_MIN</option> (number)"
+msgstr "<option>UID_MIN</option> (nombre)"
+
+#: useradd.8.xml:35(para) newusers.8.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Range of user IDs used for the creation of regular users by "
+"<command>useradd</command> or <command>newusers</command>."
+msgstr ""
+"Plage d'identifiants numériques d'utilisateurs que les commandes "
+"<command>useradd</command> ou <command>newusers</command> peuvent utiliser "
+"pour la création d'utilisateurs normaux."
+
+#: useradd.8.xml:39(para) newusers.8.xml:39(para) login.defs.5.xml:39(para)
+msgid ""
+"The default value for <option>UID_MIN</option> (resp. <option>UID_MAX</"
+"option>) is 1000 (resp. 60000)."
+msgstr ""
+"La valeur par défaut de <option>UID_MIN</option> (respectivement "
+"<option>UID_MAX</option>) est 1000 (respectivement 60000)."
+
+#: useradd.8.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: login.1.xml:32(term)
+msgid "<option>UMASK</option> (number)"
+msgstr "<option>UMASK</option> (nombre)"
+
+#: useradd.8.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: login.1.xml:34(para)
+msgid ""
+"The file mode creation mask is initialized to this value. If not specified, "
+"the mask will be initialized to 022."
+msgstr ""
+"Valeur d'initialisation du masque de permissions. S'il n'est pas précisé, le "
+"masque des permissions sera initialisé à 022."
+
+#: useradd.8.xml:38(para) newusers.8.xml:38(para) login.defs.5.xml:38(para)
+#: login.1.xml:38(para)
+msgid ""
+"<command>useradd</command> and <command>newusers</command> use this mask to "
+"set the mode of the home directory they create"
+msgstr ""
+"<command>useradd</command> et <command>newusers</command> utilisent ce "
+"masque pour définir les permissions d'accès des répertoires personnels "
+"qu'ils créent."
+
+#: useradd.8.xml:42(para) newusers.8.xml:42(para) login.defs.5.xml:42(para)
+#: login.1.xml:42(para)
+msgid ""
+"It is also used by <command>login</command> to define users' initial umask. "
+"Note that this mask can be overridden by the user's GECOS line (if "
+"<option>QUOTAS_ENAB</option> is set) or by the specification of a limit with "
+"the <emphasis>K</emphasis> identifier in "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Il est également utilisé par <command>login</command> pour définir l'umask "
+"initial de l'utilisateur. Veuillez noter que cet umask peut être redéfini "
+"par les GECOS de l'utilisateur (si <option>QUOTAS_ENAB</option> est activé) "
+"ou en précisant une limite avec l'identifiant <emphasis>K</emphasis> dans "
+"<citerefentry><refentrytitle>limits</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: useradd.8.xml:50(para) newusers.8.xml:50(para) login.defs.5.xml:50(para)
+#: login.1.xml:50(para)
+msgid ""
+"It is also used by <command>pam_umask</command> as the default umask value."
+msgstr ""
+"Il est également utilisé par <command>pam_umask</command> en tant que valeur "
+"d'umask par défaut."
+
+#: useradd.8.xml:702(filename)
+msgid "/etc/default/useradd"
+msgstr "/etc/default/useradd"
+
+#: useradd.8.xml:704(para)
+msgid "Default values for account creation."
+msgstr "Valeurs par défaut pour la création de comptes."
+
+#: useradd.8.xml:708(filename)
+msgid "/etc/skel/"
+msgstr "/etc/skel/"
+
+#: useradd.8.xml:710(para)
+msgid "Directory containing default files."
+msgstr "Répertoire contenant les fichiers par défaut."
+
+#: useradd.8.xml:758(replaceable) shadow.3.xml:58(manvolnum)
+#: pwck.8.xml:316(replaceable) passwd.1.xml:461(replaceable)
+#: grpck.8.xml:268(replaceable) groupmod.8.xml:252(replaceable)
+#: groupadd.8.xml:296(replaceable)
+msgid "3"
+msgstr "3"
+
+#: useradd.8.xml:760(para) passwd.1.xml:481(para) groupmod.8.xml:254(para)
+#: groupadd.8.xml:298(para)
+msgid "invalid argument to option"
+msgstr "paramètre non valable pour l'option"
+
+#: useradd.8.xml:764(replaceable) pwck.8.xml:322(replaceable)
+#: passwd.1.xml:467(replaceable) grpck.8.xml:274(replaceable)
+#: groupmod.8.xml:258(replaceable) groupadd.8.xml:302(replaceable)
+msgid "4"
+msgstr "4"
+
+#: useradd.8.xml:766(para)
+msgid "UID already in use (and no <option>-o</option>)"
+msgstr "UID déjà utilisé (et pas d'option <option>-o</option>)"
+
+#: useradd.8.xml:772(para) groupmod.8.xml:260(para) groupmod.8.xml:266(para)
+#: groupdel.8.xml:177(para)
+msgid "specified group doesn't exist"
+msgstr "le groupe spécifié n'existe pas"
+
+#: useradd.8.xml:776(replaceable) groupmod.8.xml:270(replaceable)
+#: groupadd.8.xml:308(replaceable)
+msgid "9"
+msgstr "9"
+
+#: useradd.8.xml:778(para)
+msgid "username already in use"
+msgstr "nom d'utilisateur déjà utilisé"
+
+#: useradd.8.xml:790(para)
+msgid "can't create home directory"
+msgstr "impossible de créer le répertoire personnel"
+
+#: useradd.8.xml:794(replaceable)
+msgid "14"
+msgstr "14"
+
+#: useradd.8.xml:796(para)
+msgid "can't update SELinux user mapping"
+msgstr "Impossible de mettre à jour la correspondance d'utilisateur SELinux"
+
+#: useradd.8.xml:736(para)
+msgid ""
+"The <command>useradd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>useradd</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: useradd.8.xml:805(para)
+#| msgid ""
+#| "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#| "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>crypt</"
+#| "refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupmod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newusers</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <phrase condition=\"subids"
+"\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: suauth.5.xml:41(contrib) pwconv.8.xml:47(contrib)
+#: login.access.5.xml:42(contrib) gpasswd.1.xml:46(contrib)
+msgid "Creation, 1996"
+msgstr "Création, 1996"
+
+#: suauth.5.xml:57(refentrytitle) suauth.5.xml:64(refname)
+msgid "suauth"
+msgstr "suauth"
+
+#: suauth.5.xml:58(manvolnum) shadow.5.xml:58(manvolnum)
+#: pwck.8.xml:328(replaceable) porttime.5.xml:58(manvolnum)
+#: passwd.5.xml:58(manvolnum) passwd.1.xml:473(replaceable)
+#: login.defs.5.xml:123(manvolnum) login.access.5.xml:59(manvolnum)
+#: limits.5.xml:60(manvolnum) gshadow.5.xml:47(manvolnum)
+#: grpck.8.xml:280(replaceable) faillog.5.xml:58(manvolnum)
+msgid "5"
+msgstr "5"
+
+#: suauth.5.xml:59(refmiscinfo) shadow.5.xml:59(refmiscinfo)
+#: porttime.5.xml:59(refmiscinfo) passwd.5.xml:59(refmiscinfo)
+#: login.defs.5.xml:124(refmiscinfo) login.access.5.xml:60(refmiscinfo)
+#: limits.5.xml:61(refmiscinfo) gshadow.5.xml:48(refmiscinfo)
+#: faillog.5.xml:59(refmiscinfo)
+msgid "File Formats and Conversions"
+msgstr "Formats et conversions de fichiers"
+
+#: suauth.5.xml:65(refpurpose)
+msgid "detailed su control file"
+msgstr "Fichier de contrôle détaillé de su"
+
+#: suauth.5.xml:70(command) suauth.5.xml:196(filename)
+msgid "/etc/suauth"
+msgstr "/etc/suauth"
+
+#: suauth.5.xml:76(para)
+msgid ""
+"The file <filename>/etc/suauth</filename> is referenced whenever the su "
+"command is called. It can change the behaviour of the su command, based upon:"
+msgstr ""
+"Le fichier <filename>/etc/suauth</filename> est lu chaque fois que su est "
+"exécuté. Il permet de modifier le comportement de la commande su, en "
+"fonction de :"
+
+#. .RS
+#: suauth.5.xml:83(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      1) the user su is targetting\n"
+"    "
+msgstr ""
+"\n"
+"      1) l'utilisateur cible de su\n"
+"    "
+
+#. .fi
+#: suauth.5.xml:87(para)
+msgid ""
+"2) the user executing the su command (or any groups he might be a member of)"
+msgstr ""
+"2) l'utilisateur qui exécute la commande su (ou un groupe dont il est membre)"
+
+#: suauth.5.xml:92(para)
+msgid ""
+"The file is formatted like this, with lines starting with a # being treated "
+"as comment lines and ignored;"
+msgstr ""
+"Le fichier est formaté de la façon suivante (les lignes commençant par un "
+"« # » sont des commentaires, et sont ignorées) :"
+
+#: suauth.5.xml:97(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      to-id:from-id:ACTION\n"
+"    "
+msgstr ""
+"\n"
+"      vers-id:par-id:ACTION\n"
+"    "
+
+#: suauth.5.xml:101(para)
+msgid ""
+"Where to-id is either the word <emphasis>ALL</emphasis>, a list of usernames "
+"delimited by \",\" or the words <emphasis>ALL EXCEPT</emphasis> followed by "
+"a list of usernames delimited by \",\"."
+msgstr ""
+"Où vers-id peut être le mot <emphasis>ALL</emphasis>, une liste de noms "
+"d'utilisateurs séparés par une virgule ou <emphasis>ALL EXCEPT</emphasis> "
+"suivi d'une liste d'utilisateurs séparés par une virgule."
+
+#: suauth.5.xml:107(para)
+msgid ""
+"from-id is formatted the same as to-id except the extra word "
+"<emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT GROUP</"
+"emphasis> is perfectly valid too. Following <emphasis>GROUP</emphasis> "
+"appears one or more group names, delimited by \",\". It is not sufficient to "
+"have primary group id of the relevant group, an entry in "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> is neccessary."
+msgstr ""
+"par-id utilise le même format que vers-id, mais accepte également le mot-clé "
+"<emphasis>GROUP</emphasis>. <emphasis>ALL EXCEPT GROUP</emphasis> est "
+"également accepté. <emphasis>GROUP</emphasis> est suivi d'un ou plusieurs "
+"noms de groupes, séparés par une virgule. Il n'est pas suffisant d'avoir "
+"comme groupe primaire le groupe approprié : une entrée dans "
+"<citerefentry><refentrytitle>/etc/group</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry> est nécessaire."
+
+#: suauth.5.xml:118(para)
+msgid "Action can be one only of the following currently supported options."
+msgstr "Les valeurs d'ACTION valables sont :"
+
+#: suauth.5.xml:124(emphasis)
+msgid "DENY"
+msgstr "DENY"
+
+#: suauth.5.xml:127(para)
+msgid "The attempt to su is stopped before a password is even asked for."
+msgstr ""
+"La tentative de changement d'utilisateur est arrêtée avant que le mot de "
+"passe ne soit demandé."
+
+#: suauth.5.xml:134(emphasis)
+msgid "NOPASS"
+msgstr "NOPASS"
+
+#: suauth.5.xml:137(para)
+msgid ""
+"The attempt to su is automatically successful; no password is asked for."
+msgstr ""
+"La tentative est automatiquement réussie. Aucun mot de passe n'est demandé."
+
+#: suauth.5.xml:145(emphasis)
+msgid "OWNPASS"
+msgstr "OWNPASS"
+
+#: suauth.5.xml:148(para)
+msgid ""
+"For the su command to be successful, the user must enter his or her own "
+"password. They are told this."
+msgstr ""
+"Pour que la commande su soit réussie, l'utilisateur doit entrer son propre "
+"mot de passe. Ceci lui est demandé."
+
+#: suauth.5.xml:156(para)
+msgid ""
+"Note there are three separate fields delimited by a colon. No whitespace "
+"must surround this colon. Also note that the file is examined sequentially "
+"line by line, and the first applicable rule is used without examining the "
+"file further. This makes it possible for a system administrator to exercise "
+"as fine control as he or she wishes."
+msgstr ""
+"Notez qu'il y a trois champs séparés par un « deux-points ». Ne pas accoler "
+"d'espace à ce « deux-points ». Notez aussi que le fichier est examiné "
+"séquentiellement ligne par ligne, et que la première règle applicable est "
+"utilisée sans que le reste du fichier ne soit examiné. Ceci permet à "
+"l'administrateur système de définir un contrôle aussi fin qu'il le souhaite."
+
+#: suauth.5.xml:166(title)
+msgid "EXAMPLE"
+msgstr "EXEMPLE"
+
+#: suauth.5.xml:167(literallayout)
+#, no-wrap
+msgid ""
+"\n"
+"      # sample /etc/suauth file\n"
+"      #\n"
+"      # A couple of privileged usernames may\n"
+"      # su to root with their own password.\n"
+"      #\n"
+"      root:chris,birddog:OWNPASS\n"
+"      #\n"
+"      # Anyone else may not su to root unless in\n"
+"      # group wheel. This is how BSD does things.\n"
+"      #\n"
+"      root:ALL EXCEPT GROUP wheel:DENY\n"
+"      #\n"
+"      # Perhaps terry and birddog are accounts\n"
+"      # owned by the same person.\n"
+"      # Access can be arranged between them\n"
+"      # with no password.\n"
+"      #\n"
+"      terry:birddog:NOPASS\n"
+"      birddog:terry:NOPASS\n"
+"      #\n"
+"    "
+msgstr ""
+"\n"
+"      # exemple de fichier /etc/suauth\n"
+"      #\n"
+"      # Deux utilisateurs privilégiés peuvent\n"
+"      # devenir root avec leur propre mot de passe.\n"
+"      #\n"
+"      root:chris,birddog:OWNPASS\n"
+"      #\n"
+"      # Les autres ne peuvent pas de venir root avec\n"
+"      # su, à l'exception des membres du groupe wheel.\n"
+"      # Ceci correspond au comportement des BSD.\n"
+"      #\n"
+"      root:ALL EXCEPT GROUP wheel:DENY\n"
+"      #\n"
+"      # terry et birddog sont des comptes possédés\n"
+"      # par la même personne.\n"
+"      # Un accès sans mot passe est aménagé\n"
+"      # entre ces deux comptes.\n"
+"      #\n"
+"      terry:birddog:NOPASS\n"
+"      birddog:terry:NOPASS\n"
+"      #\n"
+"    "
+
+#: suauth.5.xml:203(title) pwconv.8.xml:216(title) login.defs.5.xml:518(title)
+msgid "BUGS"
+msgstr "BOGUES"
+
+#: suauth.5.xml:204(para)
+msgid ""
+"There could be plenty lurking. The file parser is particularly unforgiving "
+"about syntax errors, expecting no spurious whitespace (apart from beginning "
+"and end of lines), and a specific token delimiting different things."
+msgstr ""
+"Il en reste sans doute beaucoup. L'analyseur du fichier est particulièrement "
+"impitoyable avec les erreurs de syntaxe. Il n'autorise d'espace qu'en début "
+"et fin de ligne, et seul le délimiteur spécifique doit être utilisé."
+
+#: suauth.5.xml:213(title) shadow.3.xml:208(title)
+msgid "DIAGNOSTICS"
+msgstr "DIAGNOSTICS"
+
+#: suauth.5.xml:214(para)
+msgid ""
+"An error parsing the file is reported using "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> as level ERR on facility AUTH."
+msgstr ""
+"Une erreur dans l'analyse du fichier est reportée via "
+"<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry> au niveau ERR dans la catégorie AUTH."
+
+#: suauth.5.xml:223(para)
+msgid ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: su.1.xml:58(contrib) shadow.5.xml:41(contrib) shadow.3.xml:41(contrib)
+#: porttime.5.xml:41(contrib) passwd.5.xml:41(contrib)
+#: passwd.1.xml:48(contrib) login.1.xml:74(contrib) faillog.8.xml:41(contrib)
+#: faillog.5.xml:41(contrib)
+msgid "Creation, 1989"
+msgstr "Création, 1989"
+
+#: su.1.xml:74(refentrytitle) su.1.xml:81(refname) su.1.xml:86(command)
+#: login.defs.5.xml:446(term)
+msgid "su"
+msgstr "su"
+
+#: su.1.xml:76(refmiscinfo) sg.1.xml:60(refmiscinfo)
+#: passwd.1.xml:66(refmiscinfo) newgrp.1.xml:60(refmiscinfo)
+#: login.1.xml:92(refmiscinfo) groups.1.xml:59(refmiscinfo)
+#: gpasswd.1.xml:64(refmiscinfo) expiry.1.xml:63(refmiscinfo)
+#: chsh.1.xml:62(refmiscinfo) chfn.1.xml:62(refmiscinfo)
+#: chage.1.xml:60(refmiscinfo)
+msgid "User Commands"
+msgstr "Commandes utilisateur"
+
+#: su.1.xml:82(refpurpose)
+msgid "change user ID or become superuser"
+msgstr "Changer d'identifiant d'utilisateur ou devenir superutilisateur"
+
+#: su.1.xml:92(replaceable) login.1.xml:107(replaceable)
+#: login.1.xml:115(replaceable)
+msgid "username"
+msgstr "nom_utilisateur"
+
+#: su.1.xml:100(para)
+msgid ""
+"The <command>su</command> command is used to become another user during a "
+"login session. Invoked without a <option>username</option>, <command>su</"
+"command> defaults to becoming the superuser. The optional argument <option>-"
+"</option> may be used to provide an environment similar to what the user "
+"would expect had the user logged in directly."
+msgstr ""
+"La commande <command>su</command> permet de devenir un autre utilisateur "
+"pour la durée d'une session. Invoqué sans nom d'<option>utilisateur</"
+"option>, le comportement par défaut de <command>su</command>est de devenir "
+"superutilisateur. Le paramètre optionnel <option>-</option> permet d'obtenir "
+"un environnement similaire à celui que l'utilisateur aurait obtenu lors "
+"d'une connexion directe."
+
+#: su.1.xml:109(para)
+msgid ""
+"Additional arguments may be provided after the username, in which case they "
+"are supplied to the user's login shell. In particular, an argument of "
+"<option>-c</option> will cause the next argument to be treated as a command "
+"by most command interpreters. The command will be executed by the shell "
+"specified in <filename>/etc/passwd</filename> for the target user."
+msgstr ""
+"Des paramètres supplémentaires peuvent être fournis après le nom de "
+"l'utilisateur. Dans ce cas, ils sont donnés à l'interpréteur de commandes de "
+"connexion de l'utilisateur. En particulier, le paramètre « <option>-c</"
+"option> » considère que le paramètre suivant est une commande pour la "
+"plupart des interpréteurs de commandes. La commande sera exécutée par "
+"l'interpréteur indiqué dans <filename>/etc/passwd</filename> pour "
+"l'utilisateur cible."
+
+#: su.1.xml:118(para)
+msgid ""
+"You can use the <option>--</option> argument to separate <command>su</"
+"command> options from the arguments supplied to the shell."
+msgstr ""
+"Vous pouvez utiliser le paramètre <option>--</option> pour séparer les "
+"options de <command>su</command> des paramètres fournis par l'interpréteur "
+"de commandes."
+
+#: su.1.xml:123(para)
+msgid ""
+"The user will be prompted for a password, if appropriate. Invalid passwords "
+"will produce an error message. All attempts, both valid and invalid, are "
+"logged to detect abuse of the system."
+msgstr ""
+"Un mot de passe sera demandé à l'utilisateur, si nécessaire. Les mots de "
+"passe incorrects produisent un message d'erreur. Toutes les tentatives, "
+"réussies ou non, sont enregistrées afin de détecter tout abus du système."
+
+#: su.1.xml:128(para)
+msgid ""
+"The current environment is passed to the new shell. The value of <envar>"
+"$PATH</envar> is reset to <filename>/bin:/usr/bin</filename> for normal "
+"users, or <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the "
+"superuser. This may be changed with the <option>ENV_PATH</option> and "
+"<option>ENV_SUPATH</option> definitions in <filename>/etc/login.defs</"
+"filename>."
+msgstr ""
+"L'environnement actuel est fourni au nouvel interpréteur de commandes. La "
+"valeur de <envar>$PATH</envar> est réinitialisée à <filename>/bin:/usr/bin</"
+"filename> pour les utilisateurs normaux, ou à <emphasis>/sbin:/bin:/usr/"
+"sbin:/usr/bin</emphasis> pour le superutilisateur. Ce comportement peut être "
+"modifié avec les paramètres <emphasis>ENV_PATH</emphasis> et "
+"<emphasis>ENV_SUPATH</emphasis> dans <filename>/etc/login.defs</filename>. "
+
+#: su.1.xml:137(para) login.1.xml:188(para)
+msgid ""
+"A subsystem login is indicated by the presence of a \"*\" as the first "
+"character of the login shell. The given home directory will be used as the "
+"root of a new file system which the user is actually logged into."
+msgstr ""
+"Une connexion à un sous-système est indiquée par la présence d'un « * » "
+"comme premier caractère de l'interpréteur de commandes initial. Le "
+"répertoire personnel sera utilisé comme racine d'un nouveau système de "
+"fichiers dans lequel l'utilisateur sera connecté."
+
+#: su.1.xml:146(para)
+msgid "The options which apply to the <command>su</command> command are:"
+msgstr "Les options applicables à la commande <command>su</command> sont :"
+
+#: su.1.xml:150(term)
+#| msgid ""
+#| "<option>-c</option>, <option>--command</option><replaceable>COMMAND</"
+#| "replaceable>"
+msgid ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMAND</"
+"replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--command</option>&nbsp;<replaceable>COMMANDE</"
+"replaceable>"
+
+#: su.1.xml:154(para)
+msgid ""
+"Specify a command that will be invoked by the shell using its <option>-c</"
+"option>."
+msgstr ""
+"Indiquer une commande qui sera invoquée par l'interpréteur de commandes en "
+"utilisant son option <option>-c</option>"
+
+#: su.1.xml:158(para)
+#| msgid ""
+#| "The executed command will have no controlling terminal. This option "
+#| "cannot be used to execute interractive programs which need a controlling "
+#| "TTY."
+msgid ""
+"The executed command will have no controlling terminal. This option cannot "
+"be used to execute interactive programs which need a controlling TTY."
+msgstr ""
+"La commande exécutée n'aura aucun terminal de contrôle. Cette option ne peut "
+"pas être utilisée pour exécuter des programmes interactifs qui ont besoin "
+"d'un terminal de contrôle."
+
+#: su.1.xml:168(term)
+msgid "<option>-</option>, <option>-l</option>, <option>--login</option>"
+msgstr "<option>-</option>, <option>-l</option>, <option>--login</option>"
+
+#: su.1.xml:172(para)
+msgid ""
+"Provide an environment similar to what the user would expect had the user "
+"logged in directly."
+msgstr ""
+"Fournir à l'utilisateur un environnement similaire à celui qu'il aurait "
+"obtenu s'il s'était connecté directement."
+
+#: su.1.xml:176(para)
+#| msgid ""
+#| "When <option>-</option> is used, it must be specified as the last "
+#| "<command>su</command> option. The other forms (<option>-l</option> and "
+#| "<option>--login</option>) do not have this restriction."
+msgid ""
+"When <option>-</option> is used, it must be specified before any "
+"<option>username</option>. For portability it is recommended to use it as "
+"last option, before any <option>username</option>. The other forms (<option>-"
+"l</option> and <option>--login</option>) do not have this restriction."
+msgstr ""
+"Lorsque <option>-</option> est utilisé, il doit être indiqué avant tout "
+"<option>username</option>. Pour des questions de compatibilité il est "
+"recommandé de l'utiliser en dernière option, avant tout <option>username</"
+"option>. Les autres formes (<option>-l</option> et <option>--login</option>) "
+"ne présentent pas cette restriction."
+
+#: su.1.xml:191(para)
+msgid "The shell that will be invoked."
+msgstr "Interpréteur de commande devant être appelé."
+
+#: su.1.xml:199(para)
+msgid "The shell specified with --shell."
+msgstr "Interpréteur de commande indiqué par --shell."
+
+#: su.1.xml:202(para)
+msgid ""
+"If <option>--preserve-environment</option> is used, the shell specified by "
+"the <envar>$SHELL</envar> environment variable."
+msgstr ""
+"Si <option>--preserve-environment</option> est utilisé, l'interpréteur de "
+"commandes indiqué par la variable d'environnement <envar>$SHELL</envar> sera "
+"utilisé."
+
+#: su.1.xml:209(para)
+msgid ""
+"The shell indicated in the <filename>/etc/passwd</filename> entry for the "
+"target user."
+msgstr ""
+"Interpréteur de commandes indiqué dans <filename>/etc/passwd</filename> pour "
+"l'utilisateur cible."
+
+#: su.1.xml:215(para)
+msgid ""
+"<filename>/bin/sh</filename> if a shell could not be found by any above "
+"method."
+msgstr ""
+"<filename>/bin/sh</filename> si aucun interpréteur de commandes ne peut être "
+"trouvé par l'une des méthodes ci-dessus."
+
+#: su.1.xml:192(para)
+msgid ""
+"The invoked shell is chosen from (highest priority first): <placeholder-1/>"
+msgstr ""
+"L'interpréteur de commandes à appeler est choisi parmi (le choix de plus "
+"haute priorité en tête) : <placeholder-1/>"
+
+#: su.1.xml:220(para)
+msgid ""
+"If the target user has a restricted shell (i.e. the shell field of this "
+"user's entry in <filename>/etc/passwd</filename> is not listed in <filename>/"
+"etc/shells</filename>), then the <option>--shell</option> option or the "
+"<envar>$SHELL</envar> environment variable won't be taken into account, "
+"unless <command>su</command> is called by root."
+msgstr ""
+"Si l'utilisateur cible possède un interpréteur de commande restreint (par "
+"exemple, le champ de l'interpréteur de commande dans <filename>/etc/passwd</"
+"filename> n'est pas renseigné dans <filename>/etc/shells</filename>), alors, "
+"ni l'option <option>--shell</option> ni la variable d'environnement <envar>"
+"$SHELL</envar> ne seront prises en compte à moins que <command>su</command> "
+"ne soit appelé par le superutilisateur."
+
+#: su.1.xml:231(term)
+msgid ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+msgstr ""
+"<option>-m</option>, <option>-p</option>, <option>--preserve-environment</"
+"option>"
+
+#: su.1.xml:240(envar)
+msgid "$PATH"
+msgstr "$PATH"
+
+#: su.1.xml:242(para)
+msgid ""
+"reset according to the <filename>/etc/login.defs</filename> options "
+"<option>ENV_PATH</option> or <option>ENV_SUPATH</option> (see below);"
+msgstr ""
+"réinitialise suivant les options <option>ENV_PATH</option> ou "
+"<option>ENV_SUPATH</option> dans <filename>/etc/login.defs</filename> (voir "
+"ci-dessous) :"
+
+#: su.1.xml:251(envar)
+msgid "$IFS"
+msgstr "$IFS"
+
+#: su.1.xml:253(para)
+msgid ""
+"reset to <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, if it was "
+"set."
+msgstr ""
+"réinitialise à <quote>&lt;space&gt;&lt;tab&gt;&lt;newline&gt;</quote>, s'il "
+"a été défini."
+
+#: su.1.xml:236(para)
+msgid "Preserve the current environment, except for: <placeholder-1/>"
+msgstr "Préserver l'environnement actuel, sauf pour : <placeholder-1/>"
+
+#: su.1.xml:262(para)
+msgid ""
+"If the target user has a restricted shell, this option has no effect (unless "
+"<command>su</command> is called by root)."
+msgstr ""
+"Si l'utilisateur cible possède un interpréteur de commandes restreint, cette "
+"option n'a aucun effet (à moins que <command>su</command> ne soit appelé par "
+"le superutilisateur)."
+
+#: su.1.xml:271(para)
+msgid ""
+"The <envar>$HOME</envar>, <envar>$SHELL</envar>, <envar>$USER</envar>, "
+"<envar>$LOGNAME</envar>, <envar>$PATH</envar>, and <envar>$IFS</envar> "
+"environment variables are reset."
+msgstr ""
+"Les variables d'environnement <envar>$HOME</envar>, <envar>$SHELL</envar>, "
+"<envar>$USER</envar>, <envar>$LOGNAME</envar>, <envar>$PATH</envar> et "
+"<envar>$IFS</envar> sont réinitialisées."
+
+#: su.1.xml:280(para)
+msgid ""
+"If <option>--login</option> is not used, the environment is copied, except "
+"for the variables above."
+msgstr ""
+"Si <option>--login</option> n'est pas utilisée, l'environnement est copié "
+"sauf pour les variables ci-dessus."
+
+#: su.1.xml:287(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TERM</envar>, <envar>"
+"$COLORTERM</envar>, <envar>$DISPLAY</envar>, and <envar>$XAUTHORITY</envar> "
+"environment variables are copied if they were set."
+msgstr ""
+"Si <option>--login</option> est utilisée, les variables d'environnement "
+"<envar>$TERM</envar>, <envar>$COLORTERM</envar>, <envar>$DISPLAY</envar> et "
+"<envar>$XAUTHORITY</envar> sont copiées si elles ont été définies."
+
+#: su.1.xml:297(para)
+msgid ""
+"If <option>--login</option> is used, the <envar>$TZ</envar>, <envar>$HZ</"
+"envar>, and <envar>$MAIL</envar> environment variables are set according to "
+"the <filename>/etc/login.defs</filename> options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option>, and <option>MAIL_FILE</"
+"option> (see below)."
+msgstr ""
+"Si <option>--login</option> est utilisée, les variables d'environnement "
+"<envar>$TZ</envar>, <envar>$HZ</envar> et <envar>$MAIL</envar> sont "
+"configurées en accord avec les options <option>ENV_TZ</option>, "
+"<option>ENV_HZ</option>, <option>MAIL_DIR</option> et <option>MAIL_FILE</"
+"option> de <filename>/etc/login.defs</filename> (voir ci-dessous)."
+
+#: su.1.xml:310(para)
+msgid ""
+"If <option>--login</option> is used, other environment variables might be "
+"set by the <option>ENVIRON_FILE</option> file (see below)."
+msgstr ""
+"Si <option>--login</option> est utilisée, les autres variables "
+"d'environnement peuvent être configurées par le fichier "
+"<option>ENVIRON_FILE</option> (voir ci-dessous)."
+
+#: su.1.xml:318(para)
+msgid "Other environments might be set by PAM modules."
+msgstr "D'autres environnements peuvent être configurés par des modules PAM."
+
+#: su.1.xml:266(para)
+msgid ""
+"Note that the default behavior for the environment is the following: "
+"<placeholder-1/>"
+msgstr ""
+"Notez que le comportement par défaut pour l'environnement est le suivant : "
+"<placeholder-1/>"
+
+#: su.1.xml:332(para)
+msgid ""
+"This version of <command>su</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Cette version de <command>su</command> a de nombreuses options de "
+"compilation. Seules certaines d'entre elles peuvent avoir été activées sur "
+"votre site."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE</option> (string)"
+msgstr "<option>CONSOLE</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, either full pathname of a file containing device names (one per "
+"line) or a \":\" delimited list of device names. Root logins will be allowed "
+"only upon these devices."
+msgstr ""
+"Si définie, soit un chemin complet du fichier contenant les noms de "
+"périphériques (un par ligne), soit une liste de noms du périphérique "
+"délimitée par des « : ». Les connexions d'un administrateur ne seront "
+"autorisées que depuis ces périphériques."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+msgid "If not defined, root will be allowed on any device."
+msgstr ""
+"S'il n'est pas défini, root pourra se connecter depuis n'importe quel "
+"périphérique."
+
+#: su.1.xml:42(para) login.defs.5.xml:42(para) login.1.xml:42(para)
+msgid "The device should be specified without the /dev/ prefix."
+msgstr "Le périphérique doit être précisé sans le préfixe /dev/."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>CONSOLE_GROUPS</option> (string)"
+msgstr "<option>CONSOLE_GROUPS</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"List of groups to add to the user's supplementary groups set when logging in "
+"on the console (as determined by the CONSOLE setting). Default is none. "
+"<placeholder-1/> Use with caution - it is possible for users to gain "
+"permanent access to these groups, even when not logged in on the console."
+msgstr ""
+"Une liste de groupes à rajouter aux groupes supplémentaires de l'utilisateur "
+"lors d'une connexion sur une console (déterminé par le paramètre CONSOLE). "
+"Par défaut, aucun groupe n'est ajouté. <placeholder-1/> À utiliser avec "
+"précaution : il est possible que les utilisateurs aient un accès permanent à "
+"ces groupes, et cela même s'ils ne sont pas connectés sur la console."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>DEFAULT_HOME</option> (boolean)"
+msgstr "<option>DEFAULT_HOME</option> (booléen)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Indicate if login is allowed if we can't cd to the home directory. Default "
+"is no."
+msgstr ""
+"Indiquer si la connexion est permise si on ne peut pas accéder au répertoire "
+"personnel. Le réglage par défaut est « no »."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"If set to <replaceable>yes</replaceable>, the user will login in the root "
+"(<filename>/</filename>) directory if it is not possible to cd to her home "
+"directory."
+msgstr ""
+"Si elle est configurée à <replaceable>yes</replaceable>, l'utilisateur va se "
+"connecter dans le répertoire racine (<filename>/</filename>) s'il n'est pas "
+"possible d'accéder à son répertoire personnel."
+
+#. XXX: When compiled with PAM support, only sulogin uses ENV_HZ
+#: su.1.xml:33(term) login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>ENV_HZ</option> (string)"
+msgstr "<option>ENV_HZ</option> (chaîne de caractères)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"If set, it will be used to define the HZ environment variable when a user "
+"login. The value must be preceded by <replaceable>HZ=</replaceable>. A "
+"common value on Linux is <replaceable>HZ=100</replaceable>."
+msgstr ""
+"Si définie, sera utilisée pour définir la variable d'environnement HZ "
+"lorsqu'un utilisateur se connecte. La valeur doit être précédée par "
+"<replaceable>HZ=</replaceable>. Une valeur commune sur Linux est "
+"<replaceable>HZ=100</replaceable>."
+
+#: su.1.xml:41(para) login.defs.5.xml:41(para) login.1.xml:41(para)
+msgid ""
+"The <envar>HZ</envar> environment variable is only set when the user (the "
+"superuser) logs in with <command>sulogin</command>."
+msgstr ""
+"La variable d'environnement <envar>HZ</envar> est uniquement définie quand "
+"l'utilisateur (le super-utilisateur) se connecte avec <command>sulogin</"
+"command>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENVIRON_FILE</option> (string)"
+msgstr "<option>ENVIRON_FILE</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If this file exists and is readable, login environment will be read from it. "
+"Every line should be in the form name=value."
+msgstr ""
+"Si ce fichier existe et est lisible, l'environnement de connexion sera lu à  "
+"partir de lui. Chaque ligne doit être sous la forme nom=valeur."
+
+#: su.1.xml:38(para) login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid "Lines starting with a # are treated as comment lines and ignored."
+msgstr ""
+"Les lignes commençant par un « # » sont considérées comme des commentaires, "
+"et sont ignorées."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_PATH</option> (string)"
+msgstr "<option>ENV_PATH</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when a "
+"regular user login. The value is a colon separated list of paths (for "
+"example <replaceable>/bin:/usr/bin</replaceable>) and can be preceded by "
+"<replaceable>PATH=</replaceable>. The default value is <replaceable>PATH=/"
+"bin:/usr/bin</replaceable>."
+msgstr ""
+"Si définie, sera utilisée pour définir la variable d'environnement PATH "
+"quand un utilisateur ordinaire se connecte. La valeur est une liste de "
+"chemins séparés par des deux points (par exemple <replaceable>/bin:/usr/bin</"
+"replaceable>) et peut être précédée par <replaceable>PATH=</replaceable>. La "
+"valeur par défaut est <replaceable>PATH=/bin:/usr/bin</replaceable>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_SUPATH</option> (string)"
+msgstr "<option>ENV_SUPATH</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the PATH environment variable when the "
+"superuser login. The value is a colon separated list of paths (for example "
+"<replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be "
+"preceded by <replaceable>PATH=</replaceable>. The default value is "
+"<replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>."
+msgstr ""
+"Si définie, sera utilisée pour définir la variable d'environnement PATH "
+"quand le super-utilisateur se connecte. La valeur est une liste de chemins "
+"séparés par deux points (par exemple <replaceable>/sbin:/bin:/usr/sbin:/usr/"
+"bin</replaceable>) et peut être précédée par <replaceable>PATH=</"
+"replaceable>. La valeur par défaut est <replaceable>PATH=/sbin:/bin:/usr/"
+"sbin:/usr/bin</replaceable>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ENV_TZ</option> (string)"
+msgstr "<option>ENV_TZ</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, it will be used to define the TZ environment variable when a user "
+"login. The value can be the name of a timezone preceded by <replaceable>TZ=</"
+"replaceable> (for example <replaceable>TZ=CST6CDT</replaceable>), or the "
+"full path to the file containing the timezone specification (for example "
+"<filename>/etc/tzname</filename>)."
+msgstr ""
+"Si définie, sera utilisée pour définir la variable d'environnement TZ quand "
+"un utilisateur se connecte. La valeur peut être le nom d'un fuseau horaire "
+"précédé par <replaceable>TZ=</replaceable> (par exemple "
+"<replaceable>TZ=CST6CDT</replaceable>), ou le chemin complet vers le fichier "
+"contenant la spécification du fuseau horaire (par exemple <filename>/etc/"
+"tzname</filename>)."
+
+#. TODO: it can in fact be used to set any other variable
+#: su.1.xml:43(para) login.defs.5.xml:43(para) login.1.xml:43(para)
+msgid ""
+"If a full path is specified but the file does not exist or cannot be read, "
+"the default is to use <replaceable>TZ=CST6CDT</replaceable>."
+msgstr ""
+"Si un chemin complet est spécifié mais que le fichier n'existe pas ou ne "
+"peut pas être lu, la valeur par défaut utilisée est <replaceable>TZ=CST6CDT</"
+"replaceable>."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+#: chsh.1.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>LOGIN_STRING</option> (string)"
+msgstr "<option>LOGIN_STRING</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+#: chsh.1.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"The string used for prompting a password. The default is to use \"Password: "
+"\", or a translation of that string. If you set this variable, the prompt "
+"will not be translated."
+msgstr ""
+"La chaîne de caractères utilisée pour l'invite de mot de passe. La valeur "
+"par défaut est d'utiliser \"Password: \" (« mot de passe : »), ou une "
+"traduction de cette chaîne. Si vous définissez cette variable, l'invite ne "
+"sera pas traduite."
+
+#: su.1.xml:39(para) login.defs.5.xml:39(para) login.1.xml:39(para)
+#: chsh.1.xml:39(para) chfn.1.xml:39(para)
+msgid ""
+"If the string contains <replaceable>%s</replaceable>, this will be replaced "
+"by the user's name."
+msgstr ""
+"Si la chaîne contient <replaceable>%s</replaceable>, ces caractères seront "
+"remplacés par le nom de l'utilisateur."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MAIL_CHECK_ENAB</option> (boolean)"
+msgstr "<option>MAIL_CHECK_ENAB</option> (booléen)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable checking and display of mailbox status upon login."
+msgstr ""
+"Activer le contrôle et l'affichage du statut de la boîte aux lettres durant "
+"la connexion."
+
+#: su.1.xml:37(para) login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"You should disable it if the shell startup files already check for mail "
+"(\"mailx -e\" or equivalent)."
+msgstr ""
+"Vous devriez le désactiver si les fichiers de démarrage de l'interpréteur de "
+"commandes vérifient déjà la présence de courriers (« mail -e » ou "
+"équivalent)."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>QUOTAS_ENAB</option> (boolean)"
+msgstr "<option>QUOTAS_ENAB</option> (booléen)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable setting of resource limits from <filename>/etc/limits</filename> and "
+"ulimit, umask, and niceness from the user's passwd gecos field."
+msgstr ""
+"Activer la mise en place de limites de resources depuis <filename>/etc/"
+"limits</filename> et ulimit, umask et niveau nice depuis les champs gecos de "
+"passwd."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SULOG_FILE</option> (string)"
+msgstr "<option>SULOG_FILE</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "If defined, all su activity is logged to this file."
+msgstr "Si définie, les activités de su seront enregistrées dans le fichier."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SU_NAME</option> (string)"
+msgstr "<option>SU_NAME</option> (chaîne de caractères)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"If defined, the command name to display when running \"su -\". For example, "
+"if this is defined as \"su\" then a \"ps\" will display the command is \"-su"
+"\". If not defined, then \"ps\" would display the name of the shell actually "
+"being run, e.g. something like \"-sh\"."
+msgstr ""
+"Si définie, le nom de la commande à afficher lorsque « su - » est exécutée. "
+"Par exemple, si elle est définie à « su » alors un « ps » affichera la "
+"commande comme « -su ». Si non définie, alors « ps » affichera le nom du "
+"shell qui sera en fait exécuté, par exemple quelque chose comme « -sh »."
+
+#: su.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>SU_WHEEL_ONLY</option> (boolean)"
+msgstr "<option>SU_WHEEL_ONLY</option> (booléen)"
+
+#: su.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the user must be listed as a member of "
+"the first gid 0 group in <filename>/etc/group</filename> (called "
+"<replaceable>root</replaceable> on most Linux systems) to be able to "
+"<command>su</command> to uid 0 accounts. If the group doesn't exist or is "
+"empty, no one will be able to <command>su</command> to uid 0."
+msgstr ""
+"Si <replaceable>yes</replaceable>, l'utilisateur doit faire partie des "
+"membres du groupe avec le premier gid 0 dans <filename>/etc/group</filename> "
+"(appelé <replaceable>root</replaceable> sur la plupart des systèmes Linux) "
+"pour être capable de <command>su</command> vers des comptes à uid 0. Si ce "
+"groupe n'existe pas ou est vide, personne ne pourra <command>su</command> "
+"vers un uid 0."
+
+#: su.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SU_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SU_ENAB</option> (booléen)"
+
+#: su.1.xml:34(para) login.defs.5.xml:34(para)
+msgid ""
+"Enable \"syslog\" logging of <command>su</command> activity - in addition to "
+"sulog file logging."
+msgstr ""
+"Activer la journalisation « syslog » de l'activité de <command>su</command> "
+"- en plus de la journalisation sulog."
+
+#: su.1.xml:392(para)
+msgid ""
+"On success, <command>su</command> returns the exit value of the command it "
+"executed."
+msgstr ""
+"En cas de succès, <command>su</command> renvoie la valeur de sortie de la "
+"commande qu'il a exécutée."
+
+#: su.1.xml:396(para)
+msgid ""
+"If this command was terminated by a signal, <command>su</command> returns "
+"the number of this signal plus 128."
+msgstr ""
+"Si cette commande s'est terminée par un signal, <command>su</command> y "
+"ajoute 128 et renvoie le résultat."
+
+#: su.1.xml:400(para)
+msgid ""
+"If su has to kill the command (because it was asked to terminate, and the "
+"command did not terminate in time), <command>su</command> returns 255."
+msgstr ""
+"Si <command>su</command> doit tuer la commande (parce qu'il a été demandé de "
+"terminer et que la commande ne s'est pas terminée à temps), <command>su</"
+"command> renvoie 255."
+
+#: su.1.xml:412(para)
+msgid "success (<option>--help</option> only)"
+msgstr "succès (<option>--help</option> uniquement)"
+
+#: su.1.xml:418(para)
+msgid "System or authentication failure"
+msgstr "Échec système ou d'authentification"
+
+#: su.1.xml:422(replaceable)
+msgid "126"
+msgstr "126"
+
+#: su.1.xml:424(para)
+msgid "The requested command was not found"
+msgstr "La commande demandée n'a pas été trouvée."
+
+#: su.1.xml:428(replaceable)
+msgid "127"
+msgstr "127"
+
+#: su.1.xml:430(para)
+msgid "The requested command could not be executed"
+msgstr "La commande demandée n'a pas pu être exécutée."
+
+#: su.1.xml:405(para)
+msgid ""
+"Some exit values from <command>su</command> are independent from the "
+"executed command: <placeholder-1/>"
+msgstr ""
+"Certaines valeurs de retour de <command>su</command> sont indépendantes de "
+"la commande exécutée : <placeholder-1/>"
+
+#: su.1.xml:439(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+#: sg.1.xml:58(refentrytitle) sg.1.xml:65(refname) sg.1.xml:71(command)
+msgid "sg"
+msgstr "sg"
+
+#: sg.1.xml:66(refpurpose)
+msgid "execute command as different group ID"
+msgstr "exécuter une commande avec un autre identifiant de groupe"
+
+#: sg.1.xml:72(arg) newgrp.1.xml:71(arg)
+msgid "-"
+msgstr "-"
+
+#: sg.1.xml:74(arg)
+msgid "-c"
+msgstr "-c"
+
+#: sg.1.xml:73(arg)
+msgid "group <placeholder-1/> command"
+msgstr "groupe <placeholder-1/> commande"
+
+#: sg.1.xml:82(para)
+msgid ""
+"The <command>sg</command> command works similar to <command>newgrp</command> "
+"but accepts a command. The command will be executed with the <filename>/bin/"
+"sh</filename> shell. With most shells you may run <command>sg</command> "
+"from, you need to enclose multi-word commands in quotes. Another difference "
+"between <command>newgrp</command> and <command>sg</command> is that some "
+"shells treat <command>newgrp</command> specially, replacing themselves with "
+"a new instance of a shell that <command>newgrp</command> creates. This "
+"doesn't happen with <command>sg</command>, so upon exit from a <command>sg</"
+"command> command you are returned to your previous group ID."
+msgstr ""
+"La commande <command>sg</command> fonctionne de la même manière que "
+"<command>newgrp</command>, mais prend une commande comme paramètre. Cette "
+"commande sera exécutée avec un interpréteur de commandes <filename>/bin/sh</"
+"filename>. Avec la plupart des interpréteurs de commandes permettant "
+"d'exécuter <command>sg</command>, si la commande comporte plusieurs mots, il "
+"faut la placer entre des guillemets (« \" »). Une autre différence entre "
+"<command>newgrp</command> et <command>sg</command> est que certains "
+"interpréteurs de commandes traitent <command>newgrp</command> de façon "
+"particulière, en se remplaçant eux-mêmes par une nouvelle instance d'un "
+"interpréteur que <command>newgrp</command> crée. Ceci n'est pas le cas de "
+"<command>sg</command>, ce qui permet de retrouver le groupe précédent à la "
+"sortie de <command>sg</command>."
+
+#: sg.1.xml:32(term) newgrp.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>SYSLOG_SG_ENAB</option> (boolean)"
+msgstr "<option>SYSLOG_SG_ENAB</option> (booléen)"
+
+#: sg.1.xml:34(para) newgrp.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable \"syslog\" logging of <command>sg</command> activity."
+msgstr ""
+"Activer la journalisation « syslog » de l'activité de <command>sg</command>."
+
+#: sg.1.xml:141(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, "
+"<citerefentry><refentrytitle>gshadow</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry></phrase>."
+
+#: shadow.5.xml:57(refentrytitle) shadow.5.xml:64(refname)
+#: shadow.3.xml:57(refentrytitle) shadow.3.xml:64(refname)
+#: pwck.8.xml:84(replaceable) grpck.8.xml:76(replaceable)
+msgid "shadow"
+msgstr "shadow"
+
+#: shadow.5.xml:65(refpurpose)
+msgid "shadowed password file"
+msgstr "fichier des mots de passe cachés"
+
+#: shadow.5.xml:70(para)
+msgid ""
+"<filename>shadow</filename> is a file which contains the password "
+"information for the system's accounts and optional aging information."
+msgstr ""
+"<filename>shadow</filename> est un fichier qui contient les informations "
+"cachées concernant les mots de passe des utilisateurs et leurs dates de "
+"validité."
+
+#: shadow.5.xml:76(para) gshadow.5.xml:64(para)
+msgid ""
+"This file must not be readable by regular users if password security is to "
+"be maintained."
+msgstr ""
+"Ce fichier ne doit pas être accessible en lecture par les utilisateurs "
+"normaux afin de maintenir la sécurité des mots de passe, en particuliers "
+"pour prévenir les attaques par dictionnaires."
+
+#: shadow.5.xml:81(para)
+msgid ""
+"Each line of this file contains 9 fields, separated by colons (<quote>:</"
+"quote>), in the following order:"
+msgstr ""
+"Chaque ligne de ce fichier contient 9 champs, séparés par des deux-points "
+"(<quote>:</quote>), dans l'ordre suivant :"
+
+#: shadow.5.xml:88(emphasis) passwd.5.xml:78(para)
+msgid "login name"
+msgstr "nom de connexion de l'utilisateur (« login »)"
+
+#: shadow.5.xml:90(para)
+msgid "It must be a valid account name, which exist on the system."
+msgstr "Ce doit être un nom de compte valable, qui existe sur le système."
+
+#: shadow.5.xml:96(emphasis) gshadow.5.xml:83(emphasis)
+msgid "encrypted password"
+msgstr "mot de passe chiffré"
+
+#: shadow.5.xml:98(para) gshadow.5.xml:85(para)
+msgid ""
+"Refer to <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> for details on how this string is interpreted."
+msgstr ""
+"Consultez <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry> pour plus d'informations sur le traitement de "
+"cette chaîne."
+
+#: shadow.5.xml:103(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, the user will not be able to use a unix "
+"password to log in (but the user may log in the system by other means)."
+msgstr ""
+"Si le champ du mot de passe contient une chaîne qui ne peut pas être un "
+"résultat valable de <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, par exemple si elle "
+"contient les caractères ! ou *, alors l'utilisateur ne pourra pas utiliser "
+"son mot de passe UNIX pour se connecter (mais il se peut que l'utilisateur "
+"puisse se connecter au système par d'autres moyens)."
+
+#: shadow.5.xml:110(para)
+msgid ""
+"This field may be empty, in which case no passwords are required to "
+"authenticate as the specified login name. However, some applications which "
+"read the <filename>/etc/shadow</filename> file may decide not to permit any "
+"access at all if the password field is empty."
+msgstr ""
+"Ce champ peut être vide. Dans ce cas aucun mot de passe n'est nécessaire "
+"pour s'authentifier avec l'identifiant de connexion indiqué. Cependant, "
+"certaines applications qui lisent le fichier <filename>/etc/shadow</"
+"filename> peuvent n'autoriser aucun accès si le mot de passe est vide."
+
+#: shadow.5.xml:117(para) gshadow.5.xml:107(para)
+msgid ""
+"A password field which starts with a exclamation mark means that the "
+"password is locked. The remaining characters on the line represent the "
+"password field before the password was locked."
+msgstr ""
+"Un champ de mot de passe qui commence avec un point d'exclamation indique "
+"que le mot de passe est bloqué. Les caractères restants sur la ligne "
+"représentent le champ de mot de passe avant que le mot de passe n'ait été "
+"bloqué."
+
+#: shadow.5.xml:127(emphasis)
+msgid "date of last password change"
+msgstr "date du dernier changement de mot de passe"
+
+#: shadow.5.xml:130(para)
+msgid ""
+"The date of the last password change, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"La date du dernier changement de mot de passe, exprimée en nombre de jours "
+"depuis le 1er janvier 1970."
+
+#: shadow.5.xml:134(para)
+msgid ""
+"The value 0 has a special meaning, which is that the user should change her "
+"pasword the next time she will log in the system."
+msgstr ""
+"La valeur 0 a une signification particulière : l'utilisateur devra changer "
+"son mot de passe la prochaine fois qu'il se connectera au système."
+
+#: shadow.5.xml:139(para)
+msgid "An empty field means that password aging features are disabled."
+msgstr ""
+"Un champ vide indique que les fonctionnalités de vieillissement de mot de "
+"passe sont désactivées."
+
+#: shadow.5.xml:146(emphasis)
+msgid "minimum password age"
+msgstr "âge minimum du mot de passe"
+
+#: shadow.5.xml:148(para)
+msgid ""
+"The minimum password age is the number of days the user will have to wait "
+"before she will be allowed to change her password again."
+msgstr ""
+"L'âge minimum du mot de passe est la durée (en jour) que l'utilisateur devra "
+"attendre avant de pouvoir le changer de nouveau."
+
+#: shadow.5.xml:153(para)
+msgid "An empty field and value 0 mean that there are no minimum password age."
+msgstr ""
+"Un champ vide ou une valeur de 0 signifie qu'il n'y a pas d'âge minimum pour "
+"le mot de passe."
+
+#: shadow.5.xml:160(emphasis)
+msgid "maximum password age"
+msgstr "âge maximum du mot de passe"
+
+#: shadow.5.xml:162(para)
+msgid ""
+"The maximum password age is the number of days after which the user will "
+"have to change her password."
+msgstr ""
+"L'âge maximum du mot de passe est la durée (en jour) après laquelle "
+"l'utilisateur devra changer son mot de passe."
+
+#: shadow.5.xml:166(para)
+msgid ""
+"After this number of days is elapsed, the password may still be valid. The "
+"user should be asked to change her password the next time she will log in."
+msgstr ""
+"Une fois cette durée écoulée, le mot de passe restera valable. Il sera "
+"demandé à l'utilisateur de le changer la prochaine fois qu'il se connectera."
+
+#: shadow.5.xml:171(para)
+msgid ""
+"An empty field means that there are no maximum password age, no password "
+"warning period, and no password inactivity period (see below)."
+msgstr ""
+"Un champ vide signifie qu'il n'y a pour le mot de passe aucune limite d'âge, "
+"aucune période d'avertissement d'expiration et aucune période d'inactivité "
+"(voir ci-dessous)."
+
+#: shadow.5.xml:176(para)
+msgid ""
+"If the maximum password age is lower than the minimum password age, the user "
+"cannot change her password."
+msgstr ""
+"Si l'âge maximum du mot de passe est plus petit que l'âge minimum du mot de "
+"passe, l'utilisateur ne pourra pas changer son mot de passe."
+
+#: shadow.5.xml:184(emphasis)
+msgid "password warning period"
+msgstr "période d'avertissement d'expiration du mot de passe"
+
+#: shadow.5.xml:187(para)
+msgid ""
+"The number of days before a password is going to expire (see the maximum "
+"password age above) during which the user should be warned."
+msgstr ""
+"La durée (en jour) pendant laquelle l'utilisateur sera averti avant que le "
+"mot de passe n'expire (voir l'âge maximum du mot de passe ci-dessus)."
+
+#: shadow.5.xml:192(para)
+msgid ""
+"An empty field and value 0 mean that there are no password warning period."
+msgstr ""
+"Un champ vide ou une valeur de 0 signifie qu'il n'y aura pas de période "
+"d'avertissement d'expiration du mot de passe."
+
+#: shadow.5.xml:200(emphasis)
+msgid "password inactivity period"
+msgstr "période d'inactivité du mot de passe"
+
+#: shadow.5.xml:203(para)
+msgid ""
+"The number of days after a password has expired (see the maximum password "
+"age above) during which the password should still be accepted (and the user "
+"should update her password during the next login)."
+msgstr ""
+"La durée (en jour) pendant laquelle le mot de passe sera quand même accepté "
+"après son expiration (voir l'âge maximum du mot de passe ci-dessus). "
+"L'utilisateur devra mettre à jour son mot de passe à la prochaine connexion."
+
+#: shadow.5.xml:209(para)
+msgid ""
+"After expiration of the password and this expiration period is elapsed, no "
+"login is possible using the current user's password. The user should contact "
+"her administrator."
+msgstr ""
+"Après expiration du mot de passe suivie de la période d'expiration, plus "
+"aucune connexion n'est possible en utilisant le mot de passe de "
+"l'utilisateur. L'utilisateur doit contacter son administrateur."
+
+#: shadow.5.xml:214(para)
+msgid ""
+"An empty field means that there are no enforcement of an inactivity period."
+msgstr "Un champ vide signifie qu'aucune période d'inactivité n'est imposée."
+
+#: shadow.5.xml:222(emphasis)
+msgid "account expiration date"
+msgstr "date de fin de validité du compte"
+
+#: shadow.5.xml:225(para)
+msgid ""
+"The date of expiration of the account, expressed as the number of days since "
+"Jan 1, 1970."
+msgstr ""
+"La date d'expiration du compte, exprimé en nombre de jours depuis le "
+"1er janvier 1970."
+
+#: shadow.5.xml:229(para)
+msgid ""
+"Note that an account expiration differs from a password expiration. In case "
+"of an acount expiration, the user shall not be allowed to login. In case of "
+"a password expiration, the user is not allowed to login using her password."
+msgstr ""
+"Veuillez noter que l'expiration d'un compte diffère de l'expiration d'un mot "
+"de passe. En cas d'expiration d'un compte, l'utilisateur ne sera plus "
+"autorisé à se connecter. En cas d'expiration d'un mot de passe, "
+"l'utilisateur n'est pas autorisé à se connecter en utilisant son mot de "
+"passe."
+
+#: shadow.5.xml:235(para)
+msgid "An empty field means that the account will never expire."
+msgstr "Un champ vide signifie que le compte n'expirera jamais."
+
+#: shadow.5.xml:238(para)
+msgid ""
+"The value 0 should not be used as it is interpreted as either an account "
+"with no expiration, or as an expiration on Jan 1, 1970."
+msgstr ""
+"La valeur 0 ne doit pas être utilisée puisqu'elle peut être interprétée soit "
+"comme un compte sans expiration, soit comme ayant expiré le 1er janvier 1970."
+
+#: shadow.5.xml:246(emphasis)
+msgid "reserved field"
+msgstr "champ réservé"
+
+#: shadow.5.xml:248(para)
+msgid "This field is reserved for future use."
+msgstr "Ce champ est réservé pour une utilisation future."
+
+#: shadow.5.xml:270(filename)
+msgid "/etc/shadow-"
+msgstr "/etc/shadow-"
+
+#: shadow.5.xml:272(para)
+msgid "Backup file for /etc/shadow."
+msgstr "Fichier de sauvegarde pour /etc/shadow."
+
+#: shadow.5.xml:273(para) passwd.5.xml:159(para)
+msgid ""
+"Note that this file is used by the tools of the shadow toolsuite, but not by "
+"all user and password management tools."
+msgstr ""
+"Notez que ce fichier est utilisé par les outils de la suite d'outils shadow, "
+"mais pas par tous les outils de gestion d'utilisateurs et de mot de passes."
+
+#: shadow.5.xml:284(para)
+msgid ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwunconv</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sulogin</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: shadow.3.xml:59(refmiscinfo)
+msgid "Library Calls"
+msgstr "Appels de bibliothèque"
+
+#: shadow.3.xml:65(refname)
+msgid "getspnam"
+msgstr "getspnam"
+
+#: shadow.3.xml:66(refpurpose)
+msgid "encrypted password file routines"
+msgstr "routines d'utilisation des mots de passe cachés"
+
+#: shadow.3.xml:70(title)
+msgid "SYNTAX"
+msgstr "SYNTAX"
+
+#: shadow.3.xml:72(emphasis)
+msgid "#include &lt;shadow.h&gt;"
+msgstr "#include &lt;shadow.h&gt;"
+
+#: shadow.3.xml:76(emphasis)
+msgid "struct spwd *getspent();"
+msgstr "struct spwd *getspent();"
+
+#: shadow.3.xml:80(emphasis)
+msgid "struct spwd *getspnam(char"
+msgstr "struct spwd *getspnam(char"
+
+#: shadow.3.xml:81(emphasis)
+msgid "*name"
+msgstr "*nom"
+
+#: shadow.3.xml:81(emphasis) shadow.3.xml:94(emphasis)
+#: shadow.3.xml:99(emphasis) shadow.3.xml:105(emphasis)
+msgid ");"
+msgstr ");"
+
+#: shadow.3.xml:85(emphasis)
+msgid "void setspent();"
+msgstr "void setspent();"
+
+#: shadow.3.xml:89(emphasis)
+msgid "void endspent();"
+msgstr "void endspent();"
+
+#: shadow.3.xml:93(emphasis)
+msgid "struct spwd *fgetspent(FILE"
+msgstr "struct spwd *fgetspent(FILE"
+
+#: shadow.3.xml:94(emphasis) shadow.3.xml:105(emphasis)
+msgid "*fp"
+msgstr "*fp"
+
+#: shadow.3.xml:98(emphasis)
+msgid "struct spwd *sgetspent(char"
+msgstr "struct spwd *sgetspent(char"
+
+#: shadow.3.xml:99(emphasis)
+msgid "*cp"
+msgstr "*cp"
+
+#: shadow.3.xml:103(emphasis)
+msgid "int putspent(struct spwd"
+msgstr "int putspent(struct spwd"
+
+#: shadow.3.xml:104(emphasis)
+msgid "*p,"
+msgstr "*p,"
+
+#: shadow.3.xml:104(emphasis)
+msgid "FILE"
+msgstr "FICHIER"
+
+#: shadow.3.xml:109(emphasis)
+msgid "int lckpwdf();"
+msgstr "int lckpwdf();"
+
+#: shadow.3.xml:113(emphasis)
+msgid "int ulckpwdf();"
+msgstr "int ulckpwdf();"
+
+#: shadow.3.xml:119(para)
+msgid ""
+"<emphasis remap=\"I\">shadow</emphasis> manipulates the contents of the "
+"shadow password file, <filename>/etc/shadow</filename>. The structure in the "
+"<emphasis remap=\"I\">#include</emphasis> file is:"
+msgstr ""
+"<emphasis remap=\"I\">shadow</emphasis> manipule le contenu du fichier des "
+"mots de passe cachés, <filename>/etc/shadow</filename>. La structure définie "
+"dans le fichier inclus est :"
+
+#: shadow.3.xml:124(programlisting)
+#, no-wrap
+msgid ""
+"struct spwd {\n"
+"      char\t\t*sp_namp; /* user login name */\n"
+"      char\t\t*sp_pwdp; /* encrypted password */\n"
+"      long int\t\tsp_lstchg; /* last password change */\n"
+"      long int\t\tsp_min; /* days until change allowed. */\n"
+"      long int\t\tsp_max; /* days before change required */\n"
+"      long int\t\tsp_warn; /* days warning for expiration */\n"
+"      long int\t\tsp_inact; /* days before account inactive */\n"
+"      long int\t\tsp_expire; /* date when account expires */\n"
+"      unsigned long int\tsp_flag; /* reserved for future use */\n"
+"}\n"
+"    "
+msgstr ""
+"struct spwd {\n"
+"      char\t\t*sp_namp; /* nom de connexion de l'utilisateur */\n"
+"      char\t\t*sp_pwdp; /* mot de passe chiffré */\n"
+"      long int\t\tsp_lstchg; /* dernier changement de mot de passe */\n"
+"      long int\t\tsp_min; /* jours avant de pouvoir changer de mot de passe "
+"*/\n"
+"      long int\t\tsp_max; /* jours avant l'obligation de changer de mot de "
+"passe */\n"
+"      long int\t\tsp_warn; /* jours d'avertissement avant la fin de validité "
+"*/\n"
+"      long int\t\tsp_inact; /* jours avant que le compte soit inactif */\n"
+"      long int\t\tsp_expire; /* date de fin de validité du compte */\n"
+"      unsigned long int\tsp_flag; /* réservé pour une utilisation future */\n"
+"}\n"
+"    "
+
+#: shadow.3.xml:136(para)
+msgid "The meanings of each field are:"
+msgstr "La signification de chaque champ est la suivante :"
+
+#: shadow.3.xml:139(para)
+msgid "sp_namp - pointer to null-terminated user name"
+msgstr ""
+"sp_namp - pointeur vers le nom d'utilisateur terminé par un zéro binaire "
+"(« null-terminated »)"
+
+#: shadow.3.xml:142(para)
+msgid "sp_pwdp - pointer to null-terminated password"
+msgstr ""
+"sp_pwdp - pointeur vers le mot de passe terminé par un zéro binaire (« null-"
+"terminated »)"
+
+#: shadow.3.xml:145(para)
+msgid "sp_lstchg - days since Jan 1, 1970 password was last changed"
+msgstr ""
+"sp_lstchg - nombre de jours, comptés à partir du 1er janvier 1970, depuis la "
+"dernière modification du mot de passe"
+
+#: shadow.3.xml:148(para)
+msgid "sp_min - days before which password may not be changed"
+msgstr ""
+"sp_min - nombre de jours pendant lesquels le mot de passe ne peut pas être "
+"changé"
+
+#: shadow.3.xml:151(para)
+msgid "sp_max - days after which password must be changed"
+msgstr ""
+"sp_max - nombre maximal de jours avant que le mot de passe doive être changé"
+
+#: shadow.3.xml:154(para)
+msgid ""
+"sp_warn - days before password is to expire that user is warned of pending "
+"password expiration"
+msgstr ""
+"sp_warn - nombre de jours avant que le mot de passe n'arrive en fin de "
+"validité pendant lesquels l'utilisateur est averti de la fin prochaine de la "
+"validité de son mot de passe"
+
+#: shadow.3.xml:159(para)
+msgid ""
+"sp_inact - days after password expires that account is considered inactive "
+"and disabled"
+msgstr ""
+"sp_inact - nombre de jours après la fin de validité du mot de passe avant de "
+"considérer que le compte est inactif et soit désactivé"
+
+#: shadow.3.xml:164(para)
+msgid "sp_expire - days since Jan 1, 1970 when account will be disabled"
+msgstr ""
+"sp_expire - nombre de jours, comptés à partir du 1er janvier 1970, après "
+"lesquels le compte sera désactivé"
+
+#: shadow.3.xml:167(para)
+msgid "sp_flag - reserved for future use"
+msgstr "sp_flag - réservé pour une utilisation future"
+
+#: shadow.3.xml:175(para)
+msgid ""
+"<emphasis>getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, and <emphasis>sgetspent</emphasis> each "
+"return a pointer to a <emphasis>struct spwd</emphasis>. <emphasis>getspent</"
+"emphasis> returns the next entry from the file, and <emphasis>fgetspent</"
+"emphasis> returns the next entry from the given stream, which is assumed to "
+"be a file of the proper format. <emphasis>sgetspent</emphasis> returns a "
+"pointer to a <emphasis>struct spwd</emphasis> using the provided string as "
+"input. <emphasis>getspnam</emphasis> searches from the current position in "
+"the file for an entry matching <emphasis>name</emphasis>."
+msgstr ""
+"<emphasis>Getspent</emphasis>, <emphasis>getspname</emphasis>, "
+"<emphasis>fgetspent</emphasis>, et <emphasis>sgetspent</emphasis> renvoient "
+"tous un pointeur vers une structure <emphasis>struct spwd</emphasis>. "
+"<emphasis>Getspent</emphasis> renvoie l'entrée suivante du fichier, et "
+"<emphasis>fgetspent</emphasis> renvoie l'entrée suivante du flux qui est "
+"considéré comme étant un fichier au format correct. <emphasis>Sgetspent</"
+"emphasis> renvoie un pointeur vers une structure <emphasis>struct spwd</"
+"emphasis> en utilisant la chaîne de caractère fournie en entrée. "
+"<emphasis>Getspnam</emphasis> cherche à partir de la position courante une "
+"entrée correspondant à <emphasis>nom</emphasis> dans le fichier fourni en "
+"entrée."
+
+#: shadow.3.xml:188(para)
+msgid ""
+"<emphasis>setspent</emphasis> and <emphasis>endspent</emphasis> may be used "
+"to begin and end, respectively, access to the shadow password file."
+msgstr ""
+"<emphasis>Setspent</emphasis> et <emphasis>endspent</emphasis> peuvent être "
+"utilisés pour débuter et terminer l'accès au fichier de mots de passe cachés."
+
+# TBD: vérifier tous les remap
+#: shadow.3.xml:194(para)
+msgid ""
+"The <emphasis>lckpwdf</emphasis> and <emphasis>ulckpwdf</emphasis> routines "
+"should be used to insure exclusive access to the <filename>/etc/shadow</"
+"filename> file. <emphasis>lckpwdf</emphasis> attempts to acquire a lock "
+"using <emphasis>pw_lock</emphasis> for up to 15 seconds. It continues by "
+"attempting to acquire a second lock using <emphasis>spw_lock</emphasis> for "
+"the remainder of the initial 15 seconds. Should either attempt fail after a "
+"total of 15 seconds, <emphasis>lckpwdf</emphasis> returns -1. When both "
+"locks are acquired 0 is returned."
+msgstr ""
+"Les fonctions <emphasis>lckpwdf</emphasis> et <emphasis>ulckpwdf</emphasis> "
+"doivent être utilisées pour garantir un accès exclusif au fichier <filename>/"
+"etc/shadow</filename>. <emphasis>Lckpwdf</emphasis> essaie de placer un "
+"verrou avec <emphasis>pw_lock</emphasis> pendant 15 secondes. Il essaie "
+"ensuite de placer un second verrou en utilisant <emphasis>spw_lock</"
+"emphasis> pendant le reste de ces 15 secondes. Si un de ces verrous ne peut "
+"être placé, <emphasis>lckpwdf</emphasis> renvoie -1. Quand les deux verrous "
+"peuvent être placés, la valeur 0 est renvoyée."
+
+#: shadow.3.xml:209(para)
+msgid ""
+"Routines return NULL if no more entries are available or if an error occurs "
+"during processing. Routines which have <emphasis>int</emphasis> as the "
+"return value return 0 for success and -1 for failure."
+msgstr ""
+"Les fonctions renvoient NULL si plus aucune entrée n'est disponible ou si "
+"une erreur est survenue lors du traitement. Les fonctions dont la valeur de "
+"retour est un <emphasis>int</emphasis> renvoient 0 en cas de succès et -1 en "
+"cas d'échec."
+
+#: shadow.3.xml:219(para)
+msgid ""
+"These routines may only be used by the superuser as access to the shadow "
+"password file is restricted."
+msgstr ""
+"Ces fonctions peuvent n'être utilisées que par le superutilisateur car "
+"l'accès au fichier de mots de passe cachés est restreint."
+
+#: shadow.3.xml:239(para)
+msgid ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>getpwent</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: pwconv.8.xml:63(refentrytitle) pwconv.8.xml:70(refname)
+#: pwconv.8.xml:79(command) login.defs.5.xml:429(term)
+msgid "pwconv"
+msgstr "pwconv"
+
+#: pwconv.8.xml:71(refname) pwconv.8.xml:85(command)
+#: login.defs.5.xml:438(term)
+msgid "pwunconv"
+msgstr "pwunconv"
+
+#: pwconv.8.xml:72(refname) pwconv.8.xml:91(command)
+#: login.defs.5.xml:340(term)
+msgid "grpconv"
+msgstr "grpconv"
+
+#: pwconv.8.xml:73(refname) pwconv.8.xml:97(command)
+#: login.defs.5.xml:346(term)
+msgid "grpunconv"
+msgstr "grpunconv"
+
+#: pwconv.8.xml:74(refpurpose)
+msgid "convert to and from shadow passwords and groups"
+msgstr ""
+"Convertir vers ou depuis les fichiers de mots de passe ou de groupe cachés"
+
+#: pwconv.8.xml:106(para)
+msgid ""
+"The <command>pwconv</command> command creates <emphasis remap=\"I\">shadow</"
+"emphasis> from <emphasis remap=\"I\">passwd</emphasis> and an optionally "
+"existing <emphasis remap=\"I\">shadow</emphasis>."
+msgstr ""
+"La commande <command>pwconv</command> crée le fichier <emphasis remap=\"I"
+"\">shadow</emphasis> à partir du fichier <emphasis remap=\"I\">passwd</"
+"emphasis> et d'un éventuel fichier <emphasis remap=\"I\">shadow</emphasis>."
+
+#: pwconv.8.xml:111(para)
+msgid ""
+"<command>pwconv</command> does not work with <option>USE_TCB</option> "
+"enabled. To convert to tcb passwords, you should first use <command>pwconv</"
+"command> to convert to shadowed passwords by disabling <option>USE_TCB</"
+"option> in <filename>login.defs</filename> and then convert to tcb password "
+"using <command>tcb_convert</command> (and re-enable <option>USE_TCB</option> "
+"in <filename>login.defs</filename>.)"
+msgstr ""
+"<command>pwconv</command> ne fonctionne pas avec <option>USE_TCB</option> "
+"activée. Pour convertir les mots de passe vers tcb, vous devez d'abord "
+"utiliser <command>pwconv</command> pour les convertir vers les mots de passe "
+"cachés en désactivant <option>USE_TCB</option> dans <filename>login.defs</"
+"filename> puis les convertir en mots de passe tcb avec <command>tcb_convert</"
+"command> (et en réactivant <option>USE_TCB</option> dans <filename>login."
+"defs</filename>)."
+
+#: pwconv.8.xml:121(para)
+msgid ""
+"The <command>pwunconv</command> command creates <emphasis remap=\"I"
+"\">passwd</emphasis> from <emphasis remap=\"I\">passwd</emphasis> and "
+"<emphasis remap=\"I\">shadow</emphasis> and then removes <emphasis remap=\"I"
+"\">shadow</emphasis>."
+msgstr ""
+"La commande <command>pwunconv</command> crée le fichier <emphasis remap=\"I"
+"\">passwd</emphasis> à partir des fichiers <emphasis remap=\"I\">passwd</"
+"emphasis> et <emphasis remap=\"I\">shadow</emphasis> puis supprime <emphasis "
+"remap=\"I\">shadow</emphasis>."
+
+#: pwconv.8.xml:127(para)
+msgid ""
+"<command>pwunconv</command> does not work with <option>USE_TCB</option> "
+"enabled. You should first switch back from tcb to shadowed passwords using "
+"<command>tcb_unconvert</command>, and then disable <option>USE_TCB</option> "
+"in <filename>login.defs</filename> before using <command>pwunconv</command>."
+msgstr ""
+"<command>pwunconv</command> ne fonctionne pas avec <option>USE_TCB</option> "
+"activé. Vous devez d'abord convertir les mots de passe depuis tcb vers des "
+"mots de passe cachés en utilisant <command>tcb_unconvert</command> puis "
+"désactiver <option>USE_TCB</option> dans <filename>login.defs</filename> "
+"avant d'utiliser <command>pwunconv</command>."
+
+#: pwconv.8.xml:136(para)
+msgid ""
+"The <command>grpconv</command> command creates <emphasis remap=\"I"
+"\">gshadow</emphasis> from <emphasis remap=\"I\">group</emphasis> and an "
+"optionally existing <emphasis remap=\"I\">gshadow</emphasis>."
+msgstr ""
+"La commande <command>grpconv</command> crée <emphasis remap=\"I\">gshadow</"
+"emphasis> à partir de <emphasis remap=\"I\">group</emphasis> et d'un "
+"éventuel fichier <emphasis remap=\"I\">gshadow</emphasis>."
+
+#: pwconv.8.xml:142(para)
+msgid ""
+"The <command>grpunconv</command> command creates <emphasis remap=\"I"
+"\">group</emphasis> from <emphasis remap=\"I\">group</emphasis> and "
+"<emphasis remap=\"I\">gshadow</emphasis> and then removes <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+msgstr ""
+"La commande <command>grpunconv</command> crée <emphasis remap=\"I\">group</"
+"emphasis> à partir des fichiers <emphasis remap=\"I\">group</emphasis> et "
+"<emphasis remap=\"I\">gshadow</emphasis> puis supprime <emphasis remap=\"I"
+"\">gshadow</emphasis>."
+
+#: pwconv.8.xml:149(para)
+msgid ""
+"These four programs all operate on the normal and shadow password and group "
+"files: <filename>/etc/passwd</filename>, <filename>/etc/group</filename>, "
+"<filename>/etc/shadow</filename>, and <filename>/etc/gshadow</filename>."
+msgstr ""
+"Ces quatre programmes opèrent sur les fichiers de mots de passe et "
+"d'informations sur les groupes cachés ou non : <filename>/etc/passwd</"
+"filename>, <filename>/etc/group</filename>, <filename>/etc/shadow</"
+"filename>, et <filename>/etc/gshadow</filename>."
+
+#: pwconv.8.xml:156(para)
+msgid ""
+"Each program acquires the necessary locks before conversion. "
+"<command>pwconv</command> and <command>grpconv</command> are similar. First, "
+"entries in the shadowed file which don't exist in the main file are removed. "
+"Then, shadowed entries which don't have `x' as the password in the main file "
+"are updated. Any missing shadowed entries are added. Finally, passwords in "
+"the main file are replaced with `x'. These programs can be used for initial "
+"conversion as well to update the shadowed file if the main file is edited by "
+"hand."
+msgstr ""
+"Chaque programme place les verrous nécessaires avant d'effectuer la "
+"conversion. <command>pwconv</command> et <command>grpconv</command> sont "
+"similaires. Dans un premier temps, les entrées du fichier de mots de passe "
+"cachés (<filename>/etc/shadow</filename> ou <filename>/etc/gshadow</"
+"filename>) qui n'existent pas dans le fichier principal (<filename>passwd</"
+"filename> ou <filename>group</filename>), sont retirées. Ensuite, les "
+"entrées du fichier <filename>shadow</filename> n'ayant pas pour mot de passe "
+"« x » dans le fichier <filename>passwd</filename> sont mises à jour. Enfin, "
+"les mots de passe du fichier <filename>passwd</filename> sont remplacés par "
+"« x ». Ces programmes peuvent être utilisés pour une première conversion, ou "
+"bien pour une mise à jour, si les fichiers principaux [ NdT : non cachés ] "
+"ont été édités à la main."
+
+#: pwconv.8.xml:167(para)
+msgid ""
+"<command>pwconv</command> will use the values of <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"and <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> from <filename>/etc/login."
+"defs</filename> when adding new entries to <filename>/etc/shadow</filename>."
+msgstr ""
+"Lors de l'ajout de nouvelles entrées dans <filename>/etc/shadow</filename>, "
+"<command>pwconv</command> utilisera les valeurs de <emphasis remap=\"I"
+"\">PASS_MIN_DAYS</emphasis>, <emphasis remap=\"I\">PASS_MAX_DAYS</emphasis>, "
+"et <emphasis remap=\"I\">PASS_WARN_AGE</emphasis> définies dans le fichier "
+"<filename>/etc/login.defs</filename>."
+
+#: pwconv.8.xml:176(para)
+msgid ""
+"Likewise <command>pwunconv</command> and <command>grpunconv</command> are "
+"similar. Passwords in the main file are updated from the shadowed file. "
+"Entries which exist in the main file but not in the shadowed file are left "
+"alone. Finally, the shadowed file is removed. Some password aging "
+"information is lost by <command>pwunconv</command>. It will convert what it "
+"can."
+msgstr ""
+"De même, <command>pwunconv</command> et <command>grpunconv</command> sont "
+"similaires. Les mots de passe des fichiers principaux sont mis à jour à "
+"partir des fichiers d'informations cachées (« shadowed file »). Les entrées "
+"existant dans un fichier principal, mais pas dans le fichier caché sont "
+"laissées. Enfin, le fichier caché est supprimé. Certaines informations d'âge "
+"des mots de passe sont perdues par <command>pwunconv</command>. Il ne "
+"convertit que ce qu'il peut."
+
+#: pwconv.8.xml:188(para)
+msgid ""
+"The options which apply to the <command>pwconv</command>, <command>pwunconv</"
+"command>, <command>grpconv</command>, and <command>grpunconv</command> "
+"commands are:"
+msgstr ""
+"Les options applicables aux commandes <command>pwconv</command>, "
+"<command>pwunconv</command>, <command>grpconv</command> et "
+"<command>grpunconv</command> sont :"
+
+#: pwconv.8.xml:217(para)
+msgid ""
+"Errors in the password or group files (such as invalid or duplicate entries) "
+"may cause these programs to loop forever or fail in other strange ways. "
+"Please run <command>pwck</command> and <command>grpck</command> to correct "
+"any such errors before converting to or from shadow passwords or groups."
+msgstr ""
+"Des erreurs dans les fichiers de mots de passe ou d'informations sur les "
+"groupes (comme des entrées invalides ou redondantes) peuvent conduire ces "
+"programmes à boucler indéfiniment ou à échouer d'une manière tout aussi "
+"étrange. Veuillez exécuter <command>pwck</command> et <command>grpck</"
+"command> pour corriger ces erreurs avant de lancer toute conversion."
+
+#: pwconv.8.xml:228(para)
+msgid ""
+"The following configuration variable in <filename>/etc/login.defs</filename> "
+"changes the behavior of <command>grpconv</command> and <command>grpunconv</"
+"command>:"
+msgstr ""
+"La variable de configuration suivante dans <filename>/etc/login.defs</"
+"filename> change le comportement de <command>grpconv</command> et "
+"<command>grpunconv</command> :"
+
+#: pwconv.8.xml:236(para)
+msgid ""
+"The following configuration variables in <filename>/etc/login.defs</"
+"filename> change the behavior of <command>pwconv</command>:"
+msgstr ""
+"Les variables de configuration suivantes dans <filename>/etc/login.defs</"
+"filename> changent le comportement de <command>pwconv</command> :"
+
+#: pwconv.8.xml:263(para)
+msgid ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry><phrase condition=\"tcb\">, "
+"<citerefentry><refentrytitle>tcb_convert</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>tcb_unconvert</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry></phrase>."
+
+#: pwck.8.xml:47(contrib) lastlog.8.xml:42(contrib) grpck.8.xml:42(contrib)
+msgid "Creation, 1992"
+msgstr "Création, 1992"
+
+#: pwck.8.xml:63(refentrytitle) pwck.8.xml:70(refname) pwck.8.xml:76(command)
+#: login.defs.5.xml:420(term)
+msgid "pwck"
+msgstr "pwck"
+
+#: pwck.8.xml:71(refpurpose)
+msgid "verify integrity of password files"
+msgstr "Vérifier l'intégrité des fichiers de mots de passe"
+
+#: pwck.8.xml:80(replaceable) passwd.5.xml:57(refentrytitle)
+#: passwd.5.xml:64(refname) passwd.1.xml:64(refentrytitle)
+#: passwd.1.xml:71(refname) passwd.1.xml:77(command)
+#: login.defs.5.xml:409(term)
+msgid "passwd"
+msgstr "passwd"
+
+#: pwck.8.xml:93(para)
+msgid ""
+"The <command>pwck</command> command verifies the integrity of the users and "
+"authentication information. It checks that all entries in <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\">(or the files in <filename>/etc/tcb</filename>, when <option>USE_TCB</"
+"option> is enabled)</phrase> have the proper format and contain valid data. "
+"The user is prompted to delete entries that are improperly formatted or "
+"which have other uncorrectable errors."
+msgstr ""
+"La commande <command>pwck</command> vérifie l'intégrité des informations du "
+"système concernant les utilisateurs et leur mots de passe. Toutes les "
+"entrées des fichiers <filename>/etc/passwd</filename> et <filename>/etc/"
+"shadow</filename> sont vérifiées afin de s'assurer qu'elles ont le bon "
+"format et qu'elles contiennent des données valables dans chaque champ. Une "
+"confirmation de l'utilisateur sera demandée pour détruire les entrées mal "
+"formatées ou ayant d'autres erreurs non récupérables."
+
+#: pwck.8.xml:105(para) grpck.8.xml:94(para)
+msgid "Checks are made to verify that each entry has:"
+msgstr "Voici les vérifications effectuées :"
+
+#: pwck.8.xml:108(para) grpck.8.xml:98(para)
+msgid "the correct number of fields"
+msgstr "nombre correct de champs ;"
+
+#: pwck.8.xml:111(para)
+msgid "a unique and valid user name"
+msgstr "unicité et validité des noms d'utilisateur ;"
+
+#: pwck.8.xml:114(para)
+msgid "a valid user and group identifier"
+msgstr "validité des identifiants d'utilisateur et de groupe ;"
+
+#: pwck.8.xml:117(para)
+msgid "a valid primary group"
+msgstr "validité du groupe primaire ;"
+
+#: pwck.8.xml:120(para)
+msgid "a valid home directory"
+msgstr "validité du répertoire personnel ;"
+
+#: pwck.8.xml:123(para)
+msgid "a valid login shell"
+msgstr "validité de l'interpréteur de commandes initial (« login shell »)."
+
+#: pwck.8.xml:127(para)
+msgid ""
+"<filename>shadow</filename> checks are enabled when a second file parameter "
+"is specified or when <filename>/etc/shadow</filename> exists on the system."
+msgstr ""
+"Les vérifications de <filename>shadow</filename> sont activées quand un "
+"second paramètre de fichier est indiqué ou quand <filename>/etc/shadow</"
+"filename> existe sur le système."
+
+#: pwck.8.xml:132(para)
+msgid "These checks are the following:"
+msgstr "Ces vérifications sont les suivantes :"
+
+#: pwck.8.xml:137(para)
+msgid ""
+"every passwd entry has a matching shadow entry, and every shadow entry has a "
+"matching passwd entry"
+msgstr ""
+"chaque entrée de passwd a une entrée correspondante dans shadow, et chaque "
+"entrée shadow a une entrée passwd correspondante ;"
+
+#: pwck.8.xml:143(para)
+msgid "passwords are specified in the shadowed file"
+msgstr ""
+"les mots de passe sont indiqués dans le fichier des mot de passe cachés ;"
+
+#: pwck.8.xml:146(para)
+msgid "shadow entries have the correct number of fields"
+msgstr "les entrées de shadow ont le bon nombre de champs ;"
+
+#: pwck.8.xml:149(para)
+msgid "shadow entries are unique in shadow"
+msgstr "les entrées de shadow sont uniques dans shadow ;"
+
+#: pwck.8.xml:152(para)
+msgid "the last password changes are not in the future"
+msgstr "la date du dernier changement de mot de passe n'est pas dans le futur."
+
+#: pwck.8.xml:156(para)
+msgid ""
+"The checks for correct number of fields and unique user name are fatal. If "
+"the entry has the wrong number of fields, the user will be prompted to "
+"delete the entire line. If the user does not answer affirmatively, all "
+"further checks are bypassed. An entry with a duplicated user name is "
+"prompted for deletion, but the remaining checks will still be made. All "
+"other errors are warning and the user is encouraged to run the "
+"<command>usermod</command> command to correct the error."
+msgstr ""
+"Une erreur dans le nombre de champs ou la non unicité d'un nom d'utilisateur "
+"sera fatale. Si le nombre de champs n'est pas correct, il sera demandé à "
+"l'utilisateur de supprimer la ligne. Si l'utilisateur ne répond pas par "
+"l'affirmative, les vérifications suivantes ne seront pas effectuées. Il sera "
+"également demandé de supprimer les entrées correspondant aux noms "
+"d'utilisateur redondants, mais dans ce cas, les autres vérifications seront "
+"effectuées. Toutes les autres erreurs ne sont que des avertissements et "
+"l'utilisateur est encouragé à utiliser <command>usermod</command> pour les "
+"corriger."
+
+#: pwck.8.xml:167(para)
+msgid ""
+"The commands which operate on the <filename>/etc/passwd</filename> file are "
+"not able to alter corrupted or duplicated entries. <command>pwck</command> "
+"should be used in those circumstances to remove the offending entry."
+msgstr ""
+"Les commandes qui opèrent sur le fichier <filename>/etc/passwd</filename> ne "
+"peuvent pas modifier les entrées corrompues ou redondantes. <command>pwck</"
+"command> doit être utilisé dans ce cas pour retirer ces entrées."
+
+#: pwck.8.xml:177(para) grpck.8.xml:148(para)
+msgid ""
+"The <option>-r</option> and <option>-s</option> options cannot be combined."
+msgstr ""
+"Les options <option>-r</option> et <option>-s</option> ne peuvent pas être "
+"combinées."
+
+#: pwck.8.xml:181(para)
+msgid "The options which apply to the <command>pwck</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>pwck</command> sont :"
+
+#: pwck.8.xml:194(para)
+msgid ""
+"Report errors only. The warnings which do not require any action from the "
+"user won't be displayed."
+msgstr ""
+"Ne signaler que les erreurs. Les avertissements qui ne nécessitent pas une "
+"action de la part de l'utilisateur ne seront pas affichés."
+
+#: pwck.8.xml:201(term) grpck.8.xml:163(term)
+msgid "<option>-r</option>, <option>--read-only</option>"
+msgstr "<option>-r</option>, <option>--read-only</option>"
+
+#: pwck.8.xml:203(para)
+msgid "Execute the <command>pwck</command> command in read-only mode."
+msgstr "Permet d'exécuter <command>pwck</command> dans le mode lecture seule."
+
+#: pwck.8.xml:221(term) grpck.8.xml:185(term)
+msgid "<option>-s</option>, <option>--sort</option>"
+msgstr "<option>-s</option>, <option>--sort</option>"
+
+#: pwck.8.xml:223(para)
+msgid ""
+"Sort entries in <filename>/etc/passwd</filename> and <filename>/etc/shadow</"
+"filename> by UID."
+msgstr ""
+"Trie les entrées de <filename>/etc/passwd</filename> et <filename>/etc/"
+"shadow</filename> par UID."
+
+#: pwck.8.xml:227(para)
+msgid "This option has no effect when <option>USE_TCB</option> is enabled."
+msgstr ""
+"Cette option n'a aucun effet quand <option>USE_TCB</option> est activée."
+
+#: pwck.8.xml:234(para)
+msgid ""
+"By default, <command>pwck</command> operates on the files <filename>/etc/"
+"passwd</filename> and <filename>/etc/shadow</filename><phrase condition=\"tcb"
+"\"> (or the files in <filename>/etc/tcb</filename>)</phrase>. The user may "
+"select alternate files with the <replaceable>passwd</replaceable> and "
+"<replaceable>shadow</replaceable> parameters."
+msgstr ""
+"Par défaut, <command>pwck</command> opère sur les fichiers <filename>/etc/"
+"passwd</filename> et <filename>/etc/shadow</filename><phrase condition="
+"\"tcb> (ou les fichiers dans <filename>/etc/tcb</filename>)</phrase>. "
+"L'utilisateur peut spécifier d'autres fichiers avec les paramètres "
+"<replaceable>passwd</replaceable> et <replaceable>shadow</replaceable>."
+
+#: pwck.8.xml:243(para)
+msgid ""
+"Note that when <option>USE_TCB</option> is enabled, you cannot specify an "
+"alternative <replaceable>shadow</replaceable> file. In future releases, this "
+"paramater could be replaced by an alternate TCB directory."
+msgstr ""
+"Veuillez noter que quand <option>USE_TCB</option> est activée, vous ne "
+"pouvez pas indiquer de fichier <replaceable>shadow</replaceable> alternatif. "
+"Dans les prochaines versions, ce paramètre pourra être remplacé par un "
+"répertoire TCB alternatif."
+
+#: pwck.8.xml:312(para)
+msgid "one or more bad password entries"
+msgstr "une entrée de mot de passe ou plus est incorrecte"
+
+#: pwck.8.xml:318(para)
+msgid "can't open password files"
+msgstr "impossible d'ouvrir les fichiers de mots de passe"
+
+#: pwck.8.xml:324(para)
+msgid "can't lock password files"
+msgstr "impossible de verrouiller les fichiers de mots de passe"
+
+#: pwck.8.xml:330(para)
+msgid "can't update password files"
+msgstr "impossible de mettre à jour les fichiers des mots de passe"
+
+#: pwck.8.xml:336(para)
+msgid "can't sort password files"
+msgstr "impossible de trier les fichiers de mots de passe"
+
+#: pwck.8.xml:294(para)
+msgid ""
+"The <command>pwck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>pwck</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: pwck.8.xml:345(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: porttime.5.xml:57(refentrytitle) porttime.5.xml:64(refname)
+msgid "porttime"
+msgstr "porttime"
+
+#: porttime.5.xml:65(refpurpose)
+msgid "port access time file"
+msgstr ""
+"Fichier de configuration des droits d'accès en fonction de la date et de "
+"l'heure"
+
+#: porttime.5.xml:70(para)
+msgid ""
+"<emphasis remap=\"I\">porttime</emphasis> contains a list of tty devices, "
+"user names, and permitted login times."
+msgstr ""
+"<emphasis remap=\"I\">porttime</emphasis> contient une liste de tty, noms "
+"d'utilisateurs, et horaires d'accès autorisés."
+
+#: porttime.5.xml:75(para)
+msgid ""
+"Each entry consists of three colon separated fields. The first field is a "
+"comma separated list of tty devices, or an asterisk to indicate that all tty "
+"devices are matched by this entry. The second field is a comma separated "
+"list of user names, or an asterisk to indicated that all user names are "
+"matched by this entry. The third field is a comma separated list of "
+"permitted access times."
+msgstr ""
+"Chaque entrée consiste en trois champs séparés par un caractère deux-points "
+"« : ». Le premier champ est une liste de tty séparés par des virgules, ou un "
+"astérisque « * » pour indiquer que l'entrée correspond à toutes les tty. Le "
+"second champ est une liste de noms d'utilisateurs, ou un astérisque pour "
+"indiquer que cette entrée correspond à n'importe quel utilisateur. Le "
+"troisième champ est une liste d'horaires d'accès autorisés."
+
+#: porttime.5.xml:84(para)
+msgid ""
+"Each access time entry consists of zero or more days of the week, "
+"abbreviated <emphasis>Su</emphasis>, <emphasis>Mo</emphasis>, <emphasis>Tu</"
+"emphasis>, <emphasis>We</emphasis>, <emphasis>Th</emphasis>, <emphasis>Fr</"
+"emphasis>, and <emphasis>Sa</emphasis>, followed by a pair of times "
+"separated by a hyphen. The abbreviation <emphasis>Wk</emphasis> may be used "
+"to represent Monday thru Friday, and <emphasis>Al</emphasis> may be used to "
+"indicate every day. If no days are given, <emphasis>Al</emphasis> is assumed."
+msgstr ""
+"Chaque horaire d'accès consiste en zéro ou plusieurs abréviations de jours "
+"de la semaine : <emphasis>Su</emphasis> (dimanche), <emphasis>Mo</emphasis> "
+"(lundi), <emphasis>Tu</emphasis> (mardi), <emphasis>We</emphasis> "
+"(mercredi), <emphasis>Th</emphasis> (jeudi), <emphasis>Fr</emphasis> "
+"(vendredi), <emphasis>Sa</emphasis> (samedi), suivi d'un couple d'horaires "
+"séparés par un tiret. L'abréviation <emphasis>Wk</emphasis> peut être "
+"utilisée pour représenter les jours de la semaine du lundi au vendredi, et "
+"<emphasis>Al</emphasis> permet de spécifier l'ensemble des jours de la "
+"semaine. Par défaut, si aucun jour n'est spécifié, <emphasis>Al</emphasis> "
+"est utilisé."
+
+#: porttime.5.xml:98(title)
+msgid "EXAMPLES"
+msgstr "EXEMPLES"
+
+#: porttime.5.xml:99(para)
+msgid ""
+"The following entry allows access to user <emphasis remap=\"B\">jfh</"
+"emphasis> on every port during weekdays from 9am to 5pm."
+msgstr ""
+"L'entrée suivante autorise l'accès à l'utilisateur <emphasis remap=\"B"
+"\">jfh</emphasis> sur n'importe quel port pendant la semaine de 9 heures à "
+"17 heures."
+
+#: porttime.5.xml:105(para)
+msgid "*:jfh:Wk0900-1700"
+msgstr "*:jfh:Wk0900-1700"
+
+#: porttime.5.xml:107(para)
+msgid ""
+"The following entries allow access only to the users <emphasis>root</"
+"emphasis> and <emphasis>oper</emphasis> on <filename>/dev/console</filename> "
+"at any time. This illustrates how the <filename>/etc/porttime</filename> "
+"file is an ordered list of access times. Any other user would match the "
+"second entry which does not permit access at any time."
+msgstr ""
+"L'entrée suivante autorise l'accès à /dev/console uniquement aux "
+"utilisateurs <emphasis>root</emphasis> et <emphasis>oper</emphasis> à "
+"n'importe quelle heure. Ceci permet de montrer l'importance de l'ordre des "
+"entrées dans le fichier <filename>/etc/porttime</filename>. Les autres "
+"utilisateurs ne satisferont que la deuxième entrée, qui n'autorise aucun "
+"accès."
+
+#: porttime.5.xml:116(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+msgstr ""
+"\n"
+"      console:root,oper:Al0000-2400\n"
+"      console:*:\n"
+"    "
+
+#: porttime.5.xml:121(para)
+msgid ""
+"The following entry allows access for the user <emphasis>games</emphasis> on "
+"any port during non-working hours."
+msgstr ""
+"L'entrée suivante autorise l'accès à tous les ports pour l'utilisateur "
+"<emphasis>games</emphasis>, en dehors des heures de travail."
+
+#: porttime.5.xml:126(para)
+msgid "*:games:Wk1700-0900,SaSu0000-2400"
+msgstr "*:games:Wk1700-0900,SaSu0000-2400"
+
+#: porttime.5.xml:133(filename) logoutd.8.xml:92(filename)
+msgid "/etc/porttime"
+msgstr "/etc/porttime"
+
+#: porttime.5.xml:135(para) logoutd.8.xml:94(para)
+msgid "File containing port access."
+msgstr "Fichier contenant le port d'accès."
+
+#: porttime.5.xml:143(para) login.access.5.xml:134(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: passwd.5.xml:65(refpurpose)
+msgid "the password file"
+msgstr "fichier des mots de passe"
+
+#: passwd.5.xml:70(para)
+msgid ""
+"<filename>/etc/passwd</filename> contains one line for each user account, "
+"with seven fields delimited by colons (<quote>:</quote>). These fields are:"
+msgstr ""
+"<filename>/etc/passwd</filename> contient différentes informations sur les "
+"comptes utilisateurs. Ces informations consistent en sept champs séparés par "
+"des deux-points (« : ») :"
+
+#: passwd.5.xml:81(para)
+msgid "optional encrypted password"
+msgstr "un mot de passe chiffré optionnel"
+
+#: passwd.5.xml:84(para)
+msgid "numerical user ID"
+msgstr "l'identifiant numérique de l'utilisateur"
+
+#: passwd.5.xml:87(para)
+msgid "numerical group ID"
+msgstr "l'identifiant numérique du groupe de l'utilisateur"
+
+#: passwd.5.xml:90(para)
+msgid "user name or comment field"
+msgstr "le nom complet de l'utilisateur ou un champ de commentaires"
+
+#: passwd.5.xml:93(para)
+msgid "user home directory"
+msgstr "le répertoire personnel de l'utilisateur"
+
+#: passwd.5.xml:96(para)
+msgid "optional user command interpreter"
+msgstr "l'interpréteur de commandes de l'utilisateur (optionnel)"
+
+#: passwd.5.xml:100(para)
+msgid ""
+"The encrypted password field may be blank, in which case no password is "
+"required to authenticate as the specified login name. However, some "
+"applications which read the <filename>/etc/passwd</filename> file may decide "
+"not to permit <emphasis>any</emphasis> access at all if the "
+"<emphasis>password</emphasis> field is blank. If the <emphasis>password</"
+"emphasis> field is a lower-case <quote>x</quote>, then the encrypted "
+"password is actually stored in the <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry> file instead; there "
+"<emphasis>must</emphasis> be a corresponding line in the <filename>/etc/"
+"shadow</filename> file, or else the user account is invalid. If the "
+"<emphasis>password</emphasis> field is any other string, then it will be "
+"treated as an encrypted password, as specified by "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Le champ du mot de passe chiffré peut être vide. Dans ce cas, aucun mot de "
+"passe n'est nécessaire pour s'authentifier avec le compte donné. Cependant, "
+"certaines applications qui lisent le fichier <filename>/etc/passwd</"
+"filename> peuvent décider de ne donner aucun accès si le <emphasis>mot de</"
+"emphasis> passe est vide. Si le mot de passe est un <quote>x</quote> "
+"minuscule, alors le mot de passe chiffré se trouve dans le fichier "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry> ; il <emphasis>doit</emphasis> y avoir une ligne "
+"correspondante dans le fichier <filename>shadow</filename>, sinon le compte "
+"de l'utilisateur n'est pas valide. Si le mot de passe est constitué d'une "
+"autre chaîne, alors il est considéré comme un mot de passe chiffré, comme "
+"indiqué dans <citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>."
+
+#: passwd.5.xml:119(para)
+msgid ""
+"The comment field is used by various system utilities, such as "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"Le champ de commentaire est utilisé par différents utilitaires système, tels "
+"que <citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>."
+
+#: passwd.5.xml:125(para)
+msgid ""
+"The home directory field provides the name of the initial working directory. "
+"The <command>login</command> program uses this information to set the value "
+"of the <envar>$HOME</envar> environmental variable."
+msgstr ""
+"Le champ du répertoire personnel de l'utilisateur correspond au nom du "
+"répertoire de travail initial. <command>login</command> utilise cette "
+"information pour définir la valeur de la variable d'environnement <envar>"
+"$HOME</envar>."
+
+#: passwd.5.xml:131(para)
+msgid ""
+"The command interpreter field provides the name of the user's command "
+"language interpreter, or the name of the initial program to execute. The "
+"<command>login</command> program uses this information to set the value of "
+"the <envar>$SHELL</envar> environmental variable. If this field is empty, it "
+"defaults to the value <filename>/bin/sh</filename>."
+msgstr ""
+"Le champ de l'interpréteur de commandes correspond au nom de l'interpréteur "
+"de commandes de l'utilisateur, ou au nom d'un programme initial à exécuter. "
+"<command>login</command> utilise cette information pour définir la valeur de "
+"la variable d'environnement <envar>$SHELL</envar>. Si ce champ est vide, "
+"<filename>/bin/sh</filename> est utilisé par défaut."
+
+# TBC: file ?
+#: passwd.5.xml:152(para)
+msgid "optional encrypted password file"
+msgstr "un mot de passe chiffré optionnel"
+
+#: passwd.5.xml:156(filename)
+msgid "/etc/passwd-"
+msgstr "/etc/passwd-"
+
+#: passwd.5.xml:158(para)
+msgid "Backup file for /etc/passwd."
+msgstr "Fichier de sauvegarde de /etc/passwd."
+
+#: passwd.5.xml:170(para)
+msgid ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getent</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getpwnam</refentrytitle><manvolnum>3</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pwunconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>sulogin</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: passwd.1.xml:72(refpurpose)
+msgid "change user password"
+msgstr "Modifier le mot de passe d'un utilisateur"
+
+#: passwd.1.xml:89(para)
+msgid ""
+"The <command>passwd</command> command changes passwords for user accounts. A "
+"normal user may only change the password for his/her own account, while the "
+"superuser may change the password for any account. <command>passwd</command> "
+"also changes the account or associated password validity period."
+msgstr ""
+"La commande <command>passwd</command> modifie les mots de passe des comptes "
+"d'utilisateurs. Un utilisateur normal ne peut changer que son propre mot de "
+"passe, alors que le superutilisateur peut changer le mot de passe associé à "
+"n'importe quel compte. <command>passwd</command> modifie également les dates "
+"de fin de validité du compte ou du mot de passe associé."
+
+#: passwd.1.xml:98(title)
+msgid "Password Changes"
+msgstr "Modifications du mot de passe"
+
+#: passwd.1.xml:99(para)
+msgid ""
+"The user is first prompted for his/her old password, if one is present. This "
+"password is then encrypted and compared against the stored password. The "
+"user has only one chance to enter the correct password. The superuser is "
+"permitted to bypass this step so that forgotten passwords may be changed."
+msgstr ""
+"Dans un premier temps, l'utilisateur doit fournir son ancien mot de passe, "
+"s'il en avait un. Ce mot de passe est ensuite chiffré puis comparé avec le "
+"mot de passe enregistré. L'utilisateur n'a droit qu'à un seul essai pour "
+"entrer le mot de passe correct. Le superutilisateur peut contourner cette "
+"première étape de manière à changer les mots de passe ayant été oubliés."
+
+#: passwd.1.xml:107(para)
+msgid ""
+"After the password has been entered, password aging information is checked "
+"to see if the user is permitted to change the password at this time. If not, "
+"<command>passwd</command> refuses to change the password and exits."
+msgstr ""
+"Une fois que le mot de passe a été entré, les informations de limite de "
+"validité du mot de passe sont vérifiées pour s'assurer que l'utilisateur est "
+"autorisé à modifier son mot de passe à cet instant. Dans le cas contraire, "
+"<command>passwd</command> refuse de changer le mot de passe, et quitte."
+
+#: passwd.1.xml:114(para)
+msgid ""
+"The user is then prompted twice for a replacement password. The second entry "
+"is compared against the first and both are required to match in order for "
+"the password to be changed."
+msgstr ""
+"Le nouveau mot de passe sera demandé deux fois à l'utilisateur. Le second "
+"mot de passe est comparé avec le premier. Ces deux mots de passe devront "
+"être identiques pour que le mot de passe soit changé."
+
+#: passwd.1.xml:120(para)
+msgid ""
+"Then, the password is tested for complexity. As a general guideline, "
+"passwords should consist of 6 to 8 characters including one or more "
+"characters from each of the following sets:"
+msgstr ""
+"La complexité de ce mot de passe est alors testée. Comme ligne de conduite "
+"générale, un mot de passe doit toujours être constitué de 6 à 8 caractères "
+"en en choisissant un ou plus parmi chacun des ensembles suivants :"
+
+#: passwd.1.xml:128(para)
+msgid "lower case alphabetics"
+msgstr "caractères alphabétiques minuscules"
+
+#: passwd.1.xml:131(para)
+msgid "digits 0 thru 9"
+msgstr "chiffres de 0 à 9"
+
+#: passwd.1.xml:134(para)
+msgid "punctuation marks"
+msgstr "marques de ponctuation"
+
+#: passwd.1.xml:138(para)
+msgid ""
+"Care must be taken not to include the system default erase or kill "
+"characters. <command>passwd</command> will reject any password which is not "
+"suitably complex."
+msgstr ""
+"Il faudra faire attention à ne pas utiliser les caractères de suppression ou "
+"d'effacement. <command>passwd</command> rejettera tout mot de passe dont la "
+"complexité ne sera pas suffisante."
+
+#: passwd.1.xml:147(title)
+msgid "Hints for user passwords"
+msgstr "Astuces pour les mots de passe"
+
+#: passwd.1.xml:148(para)
+msgid ""
+"The security of a password depends upon the strength of the encryption "
+"algorithm and the size of the key space. The legacy <emphasis>UNIX</"
+"emphasis> System encryption method is based on the NBS DES algorithm. More "
+"recent methods are now recommended (see <option>ENCRYPT_METHOD</option>). "
+"The size of the key space depends upon the randomness of the password which "
+"is selected."
+msgstr ""
+"La sécurité d'un mot de passe repose sur la force de l'algorithme de "
+"chiffrement et sur la taille de l'espace de clés utilisé. La méthode de "
+"chiffrement des systèmes <emphasis>UNIX</emphasis> est basée sur "
+"l'algorithme NBS DES. Des méthodes plus récentes sont maintenant "
+"recommandées (voir <option>ENCRYPT_METHOD</option>). La taille de l'espace "
+"de clés dépend de l'aléa du mot de passe utilisé."
+
+#: passwd.1.xml:157(para)
+msgid ""
+"Compromises in password security normally result from careless password "
+"selection or handling. For this reason, you should not select a password "
+"which appears in a dictionary or which must be written down. The password "
+"should also not be a proper name, your license number, birth date, or street "
+"address. Any of these may be used as guesses to violate system security."
+msgstr ""
+"Les compromissions de la sécurité des mots de passe résultent le plus "
+"souvent d'une négligence dans le choix du mot de passe, ou lors de son "
+"utilisation. Pour cette raison, vous ne devez pas sélectionner de mot de "
+"passe apparaissant dans un dictionnaire ou devant être écrit. Le mot de "
+"passe ne doit pas non plus être un nom propre, un numéro minéralogique, une "
+"date de naissance, ou une adresse. En effet ceux-ci pourraient être devinés "
+"pour violer la sécurité du système."
+
+#: passwd.1.xml:166(para)
+msgid ""
+"You can find advices on how to choose a strong password on http://en."
+"wikipedia.org/wiki/Password_strength"
+msgstr ""
+"Vous pouvez trouver des conseils sur la façon choisir un mot de passe "
+"robuste sur http://en.wikipedia.org/wiki/Password_strength (en anglais)."
+
+#: passwd.1.xml:175(para)
+msgid "The options which apply to the <command>passwd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>passwd</command> sont :"
+
+#: passwd.1.xml:180(term) faillog.8.xml:96(term)
+msgid "<option>-a</option>, <option>--all</option>"
+msgstr "<option>-a</option>, <option>--all</option>"
+
+# NOTE: pas clair
+#: passwd.1.xml:184(para)
+msgid ""
+"This option can be used only with <option>-S</option> and causes show status "
+"for all users."
+msgstr ""
+"Cette option ne peut être utilisée qu'avec <option>-S</option> et permet "
+"d'afficher l'état des mots de passe pour tous les utilisateurs."
+
+#: passwd.1.xml:191(term)
+msgid "<option>-d</option>, <option>--delete</option>"
+msgstr "<option>-d</option>, <option>--delete</option>"
+
+#: passwd.1.xml:195(para)
+msgid ""
+"Delete a user's password (make it empty). This is a quick way to disable a "
+"password for an account. It will set the named account passwordless."
+msgstr ""
+"Supprimer le mot de passe (le rendre vide) d'un utilisateur. C'est une façon "
+"rapide de supprimer l'authentification par mot de passe pour un compte. Il "
+"rend le compte indiqué sans mot de passe."
+
+#: passwd.1.xml:203(term)
+msgid "<option>-e</option>, <option>--expire</option>"
+msgstr "<option>-e</option>, <option>--expire</option>"
+
+#: passwd.1.xml:207(para)
+msgid ""
+"Immediately expire an account's password. This in effect can force a user to "
+"change his/her password at the user's next login."
+msgstr ""
+"Annuler immédiatement la validité du mot de passe d'un compte. Ceci permet "
+"d'obliger un utilisateur à changer son mot de passe lors de sa prochaine "
+"connexion."
+
+#: passwd.1.xml:220(term)
+#| msgid ""
+#| "<option>-i</option>, <option>--inactive</option><replaceable>INACTIVE</"
+#| "replaceable>"
+msgid ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-i</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>DURÉE_INACTIVITÉ</replaceable>"
+
+# NOTE: Only this user account
+#: passwd.1.xml:224(para)
+msgid ""
+"This option is used to disable an account after the password has been "
+"expired for a number of days. After a user account has had an expired "
+"password for <replaceable>INACTIVE</replaceable> days, the user may no "
+"longer sign on to the account."
+msgstr ""
+"Cette option permet de désactiver un compte quelques temps après expiration "
+"de son mot de passe. <replaceable>DURÉE_INACTIVITÉ</replaceable> jours après "
+"expiration de son mot de passe, l'utilisateur ne pourra plus se connecter "
+"avec ce compte."
+
+#: passwd.1.xml:233(term)
+msgid "<option>-k</option>, <option>--keep-tokens</option>"
+msgstr "<option>-k</option>, <option>--keep-tokens</option>"
+
+# NOTE: pas clair
+#: passwd.1.xml:237(para)
+msgid ""
+"Indicate password change should be performed only for expired authentication "
+"tokens (passwords). The user wishes to keep their non-expired tokens as "
+"before."
+msgstr ""
+"Indiquer que la modification de mot de passe ne sera effectuée que lors de "
+"l'expiration des jetons d'authentification (mots de passe). C'est utile dans "
+"le cas où l'utilisateur voudrait conserver ses jetons d'authentification "
+"encore valables."
+
+#: passwd.1.xml:245(term)
+msgid "<option>-l</option>, <option>--lock</option>"
+msgstr "<option>-l</option>, <option>--lock</option>"
+
+#: passwd.1.xml:249(para)
+msgid ""
+"Lock the password of the named account. This option disables a password by "
+"changing it to a value which matches no possible encrypted value (it adds a "
+"´!´ at the beginning of the password)."
+msgstr ""
+"Verrouiller le mot de passe du compte indiqué. Cette option désactive un mot "
+"de passe en le modifiant par une valeur qui ne correspond pas à un mot de "
+"passe chiffré possible (cela ajoute un « ! » au début du mot de passe)."
+
+#: passwd.1.xml:255(para)
+msgid ""
+"Note that this does not disable the account. The user may still be able to "
+"login using another authentication token (e.g. an SSH key). To disable the "
+"account, administrators should use <command>usermod --expiredate 1</command> "
+"(this set the account's expire date to Jan 2, 1970)."
+msgstr ""
+"Veuillez noter que cela ne désactive pas le compte. L'utilisateur peut "
+"toujours se connecter en utilisant une autre méthode d'authentification (par "
+"exemple une clé SSH). Pour désactiver un compte, les administrateurs "
+"devraient utiliser <command>usermod --expiredate 1</command> (cela définit "
+"la date d'expiration du compte au 2 janvier 1970)."
+
+#: passwd.1.xml:262(para)
+msgid "Users with a locked password are not allowed to change their password."
+msgstr ""
+"Les utilisateurs avec un mot de passe verrouillé ne sont pas autorisés à le "
+"changer."
+
+#: passwd.1.xml:269(term)
+#| msgid ""
+#| "<option>-n</option>, <option>--mindays</option><replaceable>MIN_DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--mindays</option>&nbsp;<replaceable>JOURS_MIN</"
+"replaceable>"
+
+#: passwd.1.xml:273(para) chage.1.xml:168(para)
+msgid ""
+"Set the minimum number of days between password changes to "
+"<replaceable>MIN_DAYS</replaceable>. A value of zero for this field "
+"indicates that the user may change his/her password at any time."
+msgstr ""
+"Définir le nombre minimum de jours entre chaque changement de mot de passe à "
+"<replaceable>MIN_DAYS</replaceable>. Une valeur de zéro pour ce champ "
+"indique que l'utilisateur peut changer son mot de passe quand il le souhaite."
+
+#: passwd.1.xml:291(term)
+#| msgid ""
+#| "<option>-r</option>, <option>--repository</"
+#| "option><replaceable>REPOSITORY</replaceable>"
+msgid ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--repository</option>&nbsp;"
+"<replaceable>REPOSITORY</replaceable>"
+
+#: passwd.1.xml:295(para)
+msgid "change password in <replaceable>REPOSITORY</replaceable> repository"
+msgstr ""
+"Modifier le mot de passe dans la base <replaceable>REPOSITORY</replaceable>"
+
+#: passwd.1.xml:313(term)
+msgid "<option>-S</option>, <option>--status</option>"
+msgstr "<option>-S</option>, <option>--status</option>"
+
+#: passwd.1.xml:317(para)
+msgid ""
+"Display account status information. The status information consists of 7 "
+"fields. The first field is the user's login name. The second field indicates "
+"if the user account has a locked password (L), has no password (NP), or has "
+"a usable password (P). The third field gives the date of the last password "
+"change. The next four fields are the minimum age, maximum age, warning "
+"period, and inactivity period for the password. These ages are expressed in "
+"days."
+msgstr ""
+"Afficher l'état d'un compte. Cet état est constitué de 7 champs. Le premier "
+"champ est le nom du compte. Le second champ indique si le mot de passe est "
+"bloqué (L), n'a pas de mot de passe (NP) ou a un mot de passe utilisable "
+"(P). Le troisième champ donne la date de dernière modification du mot de "
+"passe. Les quatre champs suivants sont : la durée minimum avant "
+"modification, la durée maximum de validité, la durée d'avertissement, et la "
+"durée d'inactivité autorisée pour le mot de passe. Les durées sont exprimées "
+"en jours."
+
+#: passwd.1.xml:331(term)
+msgid "<option>-u</option>, <option>--unlock</option>"
+msgstr "<option>-u</option>, <option>--unlock</option>"
+
+#: passwd.1.xml:335(para)
+msgid ""
+"Unlock the password of the named account. This option re-enables a password "
+"by changing the password back to its previous value (to the value before "
+"using the <option>-l</option> option)."
+msgstr ""
+"Déverrouiller le mot de passe du compte indiqué. Cette option réactive un "
+"mot de passe en remettant le mot de passe à sa valeur précédente (la valeur "
+"présente avant l'utilisation de l'option <option>-l</option>)."
+
+#: passwd.1.xml:344(term)
+#| msgid ""
+#| "<option>-w</option>, <option>--warndays</option><replaceable>WARN_DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>DURÉE_AVERTISSEMENT</replaceable>"
+
+#: passwd.1.xml:348(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned that his/her password is "
+"about to expire."
+msgstr ""
+"Configurer le nombre de jours d'avertissement avant que le changement de mot "
+"de passe ne soit obligatoire. La valeur <replaceable>DURÉE_AVERTISSEMENT</"
+"replaceable> est le nombre de jours précédant la fin de validité pendant "
+"lesquels un utilisateur sera prévenu que son mot de passe est sur le point "
+"d'arriver en fin de validité."
+
+#: passwd.1.xml:357(term)
+#| msgid ""
+#| "<option>-x</option>, <option>--maxdays</option><replaceable>MAX_DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-x</option>, <option>--maxdays</option>&nbsp;<replaceable>JOURS_MAX</"
+"replaceable>"
+
+#: passwd.1.xml:361(para)
+msgid ""
+"Set the maximum number of days a password remains valid. After "
+"<replaceable>MAX_DAYS</replaceable>, the password is required to be changed."
+msgstr ""
+"Configurer le nombre maximum de jours pendant lesquels un mot de passe reste "
+"valable. Après <replaceable>JOURS_MAX</replaceable>, le mot de passe devra "
+"être modifié."
+
+#: passwd.1.xml:373(para)
+msgid ""
+"Password complexity checking may vary from site to site. The user is urged "
+"to select a password as complex as he or she feels comfortable with."
+msgstr ""
+"La vérification de la complexité des mots de passe peut varier d'un site à "
+"l'autre. Il est vivement conseillé aux utilisateurs de choisir un mot de "
+"passe aussi complexe que possible dans la limite de ce qu'il est capable de "
+"mémoriser. "
+
+#: passwd.1.xml:378(para)
+msgid ""
+"Users may not be able to change their password on a system if NIS is enabled "
+"and they are not logged into the NIS server."
+msgstr ""
+"Il se peut que les utilisateurs ne puissent pas changer leur mot de passe "
+"sur un système si NIS est activé et qu'ils ne sont pas connectés au serveur "
+"NIS."
+
+#: passwd.1.xml:383(para)
+msgid ""
+"<command>passwd</command> uses PAM to authenticate users and to change their "
+"passwords."
+msgstr ""
+"<command>passwd</command> utilise PAM pour authentifier les utilisateurs et "
+"modifier leur mot de passe."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>ENCRYPT_METHOD</option> (string)"
+msgstr "<option>ENCRYPT_METHOD</option> (chaîne de caractères)"
+
+#: passwd.1.xml:32(para) newusers.8.xml:32(para) login.defs.5.xml:32(para)
+#: gpasswd.1.xml:32(para) chpasswd.8.xml:32(para) chgpasswd.8.xml:32(para)
+msgid ""
+"This defines the system default encryption algorithm for encrypting "
+"passwords (if no algorithm are specified on the command line)."
+msgstr ""
+"Définir les algorithmes de chiffrement par défaut du système pour coder les "
+"mots de passes (si aucun algorithme n'a été indiqué sur la ligne de "
+"commandes)."
+
+#: passwd.1.xml:36(para) newusers.8.xml:36(para) login.defs.5.xml:36(para)
+#: gpasswd.1.xml:36(para) chpasswd.8.xml:36(para) chgpasswd.8.xml:36(para)
+msgid ""
+"It can take one of these values: <replaceable>DES</replaceable> (default), "
+"<replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+msgstr ""
+"Les valeurs suivantes sont acceptées : <replaceable>DES</replaceable> (par "
+"défaut), <replaceable>MD5</replaceable><phrase condition=\"sha_crypt\">, "
+"<replaceable>SHA256</replaceable>, <replaceable>SHA512</replaceable></"
+"phrase>."
+
+#: passwd.1.xml:43(para) newusers.8.xml:43(para) login.defs.5.xml:43(para)
+#: gpasswd.1.xml:43(para) chpasswd.8.xml:43(para) chgpasswd.8.xml:43(para)
+msgid ""
+"Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> variable."
+msgstr ""
+"Remarque : ce paramètre remplace la variable <option>MD5_CRYPT_ENAB</option>."
+
+#: passwd.1.xml:47(para) passwd.1.xml:53(para) passwd.1.xml:62(para)
+#: newusers.8.xml:47(para) newusers.8.xml:53(para) newusers.8.xml:62(para)
+#: login.defs.5.xml:47(para) login.defs.5.xml:53(para)
+#: login.defs.5.xml:62(para) gpasswd.1.xml:47(para) gpasswd.1.xml:53(para)
+#: gpasswd.1.xml:62(para) chpasswd.8.xml:47(para) chpasswd.8.xml:53(para)
+#: chpasswd.8.xml:62(para) chgpasswd.8.xml:47(para) chgpasswd.8.xml:53(para)
+#: chgpasswd.8.xml:62(para)
+msgid ""
+"Note: This only affect the generation of group passwords. The generation of "
+"user passwords is done by PAM and subject to the PAM configuration. It is "
+"recommended to set this variable consistently with the PAM configuration."
+msgstr ""
+"Remarque : cela n'affecte que la création des mots de passe de groupe. La "
+"création de mot de passe des utilisateurs est effectuée par PAM en fonction "
+"de la configuration de PAM. Il est recommandé de définir cette variable en "
+"cohérence avec la configuration de PAM."
+
+#: passwd.1.xml:32(term) newusers.8.xml:32(term) login.defs.5.xml:32(term)
+#: gpasswd.1.xml:32(term) chpasswd.8.xml:32(term) chgpasswd.8.xml:32(term)
+msgid "<option>MD5_CRYPT_ENAB</option> (boolean)"
+msgstr "<option>MD5_CRYPT_ENAB</option> (booléen)"
+
+#: passwd.1.xml:34(para) newusers.8.xml:34(para) login.defs.5.xml:34(para)
+#: gpasswd.1.xml:34(para) chpasswd.8.xml:34(para) chgpasswd.8.xml:34(para)
+msgid ""
+"Indicate if passwords must be encrypted using the MD5-based algorithm. If "
+"set to <replaceable>yes</replaceable>, new passwords will be encrypted using "
+"the MD5-based algorithm compatible with the one used by recent releases of "
+"FreeBSD. It supports passwords of unlimited length and longer salt strings. "
+"Set to <replaceable>no</replaceable> if you need to copy encrypted passwords "
+"to other systems which don't understand the new algorithm. Default is "
+"<replaceable>no</replaceable>."
+msgstr ""
+"Indiquer si un mot de passe doit être chiffré en utilisant l'algorithme basé "
+"sur MD5. Si configurée à <replaceable>yes</replaceable>, les nouveaux mots "
+"de passe seront chiffrés en utilisant l'algorithme basé sur MD5 compatible "
+"avec celui utilisé par les versions récentes de FreeBSD. Il gère des mots de "
+"passe de longueur illimitée et des chaînes de salage plus longues. "
+"Configurez-la à <replaceable>no</replaceable> pour copier les mots de passe "
+"chiffrés sur d'autres systèmes qui ne comprennent pas le nouvel algorithme. "
+"la valeur par défaut est <replaceable>no</replaceable>."
+
+#: passwd.1.xml:44(para) newusers.8.xml:44(para) login.defs.5.xml:44(para)
+#: gpasswd.1.xml:44(para) chpasswd.8.xml:44(para) chgpasswd.8.xml:44(para)
+msgid ""
+"This variable is superseded by the <option>ENCRYPT_METHOD</option> variable "
+"or by any command line option used to configure the encryption algorithm."
+msgstr ""
+"Cette variable est écrasée par la variable <option>ENCRYPT_METHOD</option> "
+"ou par toute option de la ligne de commande utilisée pour configurer "
+"l'algorithme de chiffrement."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid ""
+"This variable is deprecated. You should use <option>ENCRYPT_METHOD</option>."
+msgstr ""
+"Cette variable est obsolète. Vous devriez utiliser <option>ENCRYPT_METHOD</"
+"option>."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>OBSCURE_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>OBSCURE_CHECKS_ENAB</option> (booléen)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Enable additional checks upon password changes."
+msgstr ""
+"Activer des vérifications supplémentaires lors des changements de mot de "
+"passe."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_ALWAYS_WARN</option> (boolean)"
+msgstr "<option>PASS_ALWAYS_WARN</option> (booléen)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Warn about weak passwords (but still allow them) if you are root."
+msgstr ""
+"Avertir en cas de mots de passe faibles (mais les accepte quand même) si "
+"vous êtes superutilisateur."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_CHANGE_TRIES</option> (number)"
+msgstr "<option>PASS_CHANGE_TRIES</option> (nombre)"
+
+#: passwd.1.xml:34(para) login.defs.5.xml:34(para)
+msgid "Maximum number of attempts to change password if rejected (too easy)."
+msgstr ""
+"Nombre maximum d'essais pour changer de mot de passe si refusé (trop facile)."
+
+#: passwd.1.xml:32(term) login.defs.5.xml:32(term)
+msgid "<option>PASS_MAX_LEN</option> (number)"
+msgstr "<option>PASS_MAX_LEN</option> (nombre)"
+
+#: passwd.1.xml:33(term) login.defs.5.xml:33(term)
+msgid "<option>PASS_MIN_LEN</option> (number)"
+msgstr "<option>PASS_MIN_LEN</option> (nombre)"
+
+#: passwd.1.xml:35(para) login.defs.5.xml:35(para)
+msgid ""
+"Number of significant characters in the password for crypt(). "
+"<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless your "
+"crypt() is better. This is ignored if <option>MD5_CRYPT_ENAB</option> set to "
+"<replaceable>yes</replaceable>."
+msgstr ""
+"Nombre de caractères significatifs dans le mot de passe pour crypt(). La "
+"valeur par défaut de <option>PASS_MAX_LEN</option> est 8. Ne la changez pas "
+"à moins que votre crypt() ne soit meilleur. Ceci est ignoré si "
+"<option>MD5_CRYPT_ENAB</option> est configurée à <replaceable>yes</"
+"replaceable>."
+
+#: passwd.1.xml:30(term) newusers.8.xml:30(term) login.defs.5.xml:30(term)
+#: gpasswd.1.xml:30(term) chpasswd.8.xml:30(term) chgpasswd.8.xml:30(term)
+msgid "<option>SHA_CRYPT_MIN_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MIN_ROUNDS</option> (nombre)"
+
+#: passwd.1.xml:31(term) newusers.8.xml:31(term) login.defs.5.xml:31(term)
+#: gpasswd.1.xml:31(term) chpasswd.8.xml:31(term) chgpasswd.8.xml:31(term)
+msgid "<option>SHA_CRYPT_MAX_ROUNDS</option> (number)"
+msgstr "<option>SHA_CRYPT_MAX_ROUNDS</option> (nombre)"
+
+#: passwd.1.xml:33(para) newusers.8.xml:33(para) login.defs.5.xml:33(para)
+#: gpasswd.1.xml:33(para) chpasswd.8.xml:33(para) chgpasswd.8.xml:33(para)
+msgid ""
+"When <option>ENCRYPT_METHOD</option> is set to <replaceable>SHA256</"
+"replaceable> or <replaceable>SHA512</replaceable>, this defines the number "
+"of SHA rounds used by the encryption algorithm by default (when the number "
+"of rounds is not specified on the command line)."
+msgstr ""
+"Quand <option>ENCRYPT_METHOD</option> est configurée à <replaceable>SHA256</"
+"replaceable> ou <replaceable>SHA512</replaceable>, cela définit le nombre de "
+"rounds de SHA utilisés par l'algorithme de chiffrement par défaut (quand le "
+"nombre de rounds n'est pas précisé sur la ligne de commande)."
+
+#: passwd.1.xml:40(para) newusers.8.xml:40(para) login.defs.5.xml:40(para)
+#: gpasswd.1.xml:40(para) chpasswd.8.xml:40(para) chgpasswd.8.xml:40(para)
+msgid ""
+"With a lot of rounds, it is more difficult to brute forcing the password. "
+"But note also that more CPU resources will be needed to authenticate users."
+msgstr ""
+"Avec beaucoup de rounds, il est plus difficile de trouver le mot de passe "
+"avec une attaque par force brute. Veuillez remarquer que plus de ressources "
+"processeur seront nécessaires pour authentifier les utilisateurs."
+
+#: passwd.1.xml:45(para) newusers.8.xml:45(para) login.defs.5.xml:45(para)
+#: gpasswd.1.xml:45(para) chpasswd.8.xml:45(para) chgpasswd.8.xml:45(para)
+msgid ""
+"If not specified, the libc will choose the default number of rounds (5000)."
+msgstr ""
+"Si non précisée, la libc utilisera le nombre de rounds par défaut (5000)."
+
+#: passwd.1.xml:49(para) newusers.8.xml:49(para) login.defs.5.xml:49(para)
+#: gpasswd.1.xml:49(para) chpasswd.8.xml:49(para) chgpasswd.8.xml:49(para)
+msgid "The values must be inside the 1000-999,999,999 range."
+msgstr ""
+"Les valeurs doivent être comprises dans l'intervalle 1 000 - 999 999 999."
+
+#: passwd.1.xml:52(para) newusers.8.xml:52(para) login.defs.5.xml:52(para)
+#: gpasswd.1.xml:52(para) chpasswd.8.xml:52(para) chgpasswd.8.xml:52(para)
+msgid ""
+"If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value will be "
+"used."
+msgstr ""
+"Si une seule des variables <option>SHA_CRYPT_MIN_ROUNDS</option> ou "
+"<option>SHA_CRYPT_MAX_ROUNDS</option> est configurée, alors cette valeur "
+"sera utilisée."
+
+#: passwd.1.xml:57(para) newusers.8.xml:57(para) login.defs.5.xml:57(para)
+#: gpasswd.1.xml:57(para) chpasswd.8.xml:57(para) chgpasswd.8.xml:57(para)
+msgid ""
+"If <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, the highest value will be used."
+msgstr ""
+"Si <option>SHA_CRYPT_MIN_ROUNDS</option> &gt; <option>SHA_CRYPT_MAX_ROUNDS</"
+"option>, la valeur la plus élevée sera utilisée."
+
+#: passwd.1.xml:429(filename)
+msgid "/etc/pam.d/passwd"
+msgstr "/etc/pam.d/passwd"
+
+#: passwd.1.xml:431(para)
+msgid "PAM configuration for <command>passwd</command>."
+msgstr "Configuration de PAM pour <command>passwd</command>."
+
+#: passwd.1.xml:451(para) chage.1.xml:291(para)
+msgid "permission denied"
+msgstr "permission refusée"
+
+#: passwd.1.xml:457(para)
+msgid "invalid combination of options"
+msgstr "combinaison d'options non valable"
+
+#: passwd.1.xml:463(para)
+msgid "unexpected failure, nothing done"
+msgstr "échec inattendu, rien n'a été fait"
+
+#: passwd.1.xml:469(para)
+msgid "unexpected failure, <filename>passwd</filename> file missing"
+msgstr "échec inattendu, le fichier <filename>passwd</filename> est manquant"
+
+#: passwd.1.xml:475(para)
+msgid "<filename>passwd</filename> file busy, try again"
+msgstr ""
+"fichier <filename>passwd</filename> en cours d'utilisation, veuillez "
+"réessayer plus tard"
+
+#: passwd.1.xml:439(para)
+msgid ""
+"The <command>passwd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>passwd</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: passwd.1.xml:490(para)
+msgid ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chpasswd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <phrase condition=\"no_pam"
+"\"><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: nologin.8.xml:46(refentrytitle) nologin.8.xml:53(refname)
+#: nologin.8.xml:59(command)
+msgid "nologin"
+msgstr "nologin"
+
+#: nologin.8.xml:54(refpurpose)
+msgid "politely refuse a login"
+msgstr "refuser poliment une connexion"
+
+#: nologin.8.xml:65(para)
+msgid ""
+"The <command>nologin</command> command displays a message that an account is "
+"not available and exits non-zero. It is intended as a replacement shell "
+"field for accounts that have been disabled."
+msgstr ""
+"La commande <command>nologin</command> affiche un message indiquant que le "
+"compte n'est pas disponible et retourne avec un code non nul. Elle peut être "
+"placée dans le champ indiquant l'interpréteur de commandes pour les comptes "
+"qui ont été désactivés."
+
+#: nologin.8.xml:70(para)
+msgid ""
+"To disable all logins, investigate <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"Pour désactiver toutes les connexions, veuillez consulter "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+#: nologin.8.xml:79(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>nologin</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: nologin.8.xml:90(title)
+msgid "HISTORY"
+msgstr "HISTORIQUE"
+
+#: nologin.8.xml:91(para)
+msgid "The <command>nologin</command> command appearred in BSD 4.4."
+msgstr "La commande <command>nologin</command> est apparue avec BSD 4.4."
+
+#: newusers.8.xml:72(refentrytitle) newusers.8.xml:79(refname)
+#: newusers.8.xml:85(command) login.defs.5.xml:391(term)
+msgid "newusers"
+msgstr "newusers"
+
+#: newusers.8.xml:80(refpurpose)
+msgid "update and create new users in batch"
+msgstr "Mettre à jour, ou créer de nouveaux utilisateurs par lots"
+
+#: newusers.8.xml:90(replaceable)
+msgid "file"
+msgstr "fichier"
+
+#: newusers.8.xml:97(para)
+msgid ""
+"The <command>newusers</command> command reads a <replaceable>file</"
+"replaceable> (or the standard input by default) and uses this information to "
+"update a set of existing users or to create new users. Each line is in the "
+"same format as the standard password file (see "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) with the exceptions explained below:"
+msgstr ""
+"La commande <command>newusers</command> lit un "
+"<replaceable>fichier<replaceable> (ou l'entrée standard par défaut) et "
+"utilise ces informations pour mettre à jour un groupe d'utilisateurs "
+"existants ou pour créer de nouveaux utilisateurs. Chaque ligne est au même "
+"format que le fichier des mots de passe (consultez "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>) avec les exceptions suivantes :"
+
+#: newusers.8.xml:105(para)
+msgid "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+msgstr "pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell"
+
+#: newusers.8.xml:110(emphasis)
+msgid "pw_name"
+msgstr "pw_name"
+
+#: newusers.8.xml:113(para)
+msgid "This is the name of the user."
+msgstr "C'est le nom de l'utilisateur."
+
+#: newusers.8.xml:116(para)
+msgid ""
+"It can be the name of a new user or the name of an existing user (or an user "
+"created before by <command>newusers</command>). In case of an existing user, "
+"the user's information will be changed, otherwise a new user will be created."
+msgstr ""
+"Il peut s'agir du nom d'un nouvel utilisateur ou du nom d'un utilisateur "
+"existant (ou d'un utilisateur créé précédemment par <command>newusers</"
+"command>). Dans le cas d'un utilisateur existant, les informations de "
+"l'utilisateur seront modifiées, sinon un nouvel utilisateur sera créé."
+
+#: newusers.8.xml:127(emphasis)
+msgid "pw_passwd"
+msgstr "pw_passwd"
+
+#: newusers.8.xml:130(para)
+msgid ""
+"This field will be encrypted and used as the new value of the encrypted "
+"password."
+msgstr ""
+"Ce champ sera chiffré et utilisé comme nouvelle valeur du mot de passe "
+"chiffré."
+
+#: newusers.8.xml:138(emphasis)
+msgid "pw_uid"
+msgstr "pw_uid"
+
+#: newusers.8.xml:141(para)
+msgid "This field is used to define the UID of the user."
+msgstr "Ce champ est utilisé pour définir l'UID de l'utilisateur."
+
+#: newusers.8.xml:144(para)
+msgid ""
+"If the field is empty, an new (unused) UID will be defined automatically by "
+"<command>newusers</command>."
+msgstr ""
+"Si ce champ est vide, un nouvel UID (non utilisé) sera défini "
+"automatiquement par <command>newusers</command>."
+
+#: newusers.8.xml:148(para)
+msgid "If this field contains a number, this number will be used as the UID."
+msgstr "Si ce champ contient un nombre, ce nombre sera utilisé comme UID."
+
+#: newusers.8.xml:152(para)
+msgid ""
+"If this field contains the name of an existing user (or the name of an user "
+"created before by <command>newusers</command>), the UID of the specified "
+"user will be used."
+msgstr ""
+"Si ce champ contient le nom d'un utilisateur existant (ou le nom d'un "
+"utilisateur créé précédemment par <command>newusers</command>), l'UID de "
+"l'utilisateur indiqué sera utilisé."
+
+#: newusers.8.xml:158(para)
+msgid ""
+"If the UID of an existing user is changed, the files ownership of the user's "
+"file should be fixed manually."
+msgstr ""
+"Si l'UID d'un utilisateur existant est modifié, vous devrez configurer vous-"
+"même le propriétaire des fichiers de l'utilisateur."
+
+#: newusers.8.xml:166(emphasis)
+msgid "pw_gid"
+msgstr "pw_gid"
+
+#: newusers.8.xml:169(para)
+msgid "This field is used to define the primary group ID for the user."
+msgstr ""
+"Ce champ est utilisé pour définir l'identifiant du groupe primaire de "
+"l'utilisateur."
+
+#: newusers.8.xml:172(para)
+msgid ""
+"If this field contains the name of an existing group (or a group created "
+"before by <command>newusers</command>), the GID of this group will be used "
+"as the primary group ID for the user."
+msgstr ""
+"Si ce champ contient le nom d'un groupe existant (ou d'un groupe créé "
+"précédemment par <command>newusers</command>), le GID de ce groupe sera "
+"utilisé comme identifiant de groupe primaire pour l'utilisateur."
+
+#: newusers.8.xml:178(para)
+msgid ""
+"If this field is a number, this number will be used as the primary group ID "
+"of the user. If no groups exist with this GID, a new group will be created "
+"with this GID, and the name of the user."
+msgstr ""
+"Si ce champ est un nombre, ce nombre sera utilisé comme identifiant de "
+"groupe primaire de cet utilisateur. Si aucun groupe n'existe avec ce GID, un "
+"nouveau groupe sera créé avec ce GID et le nom de l'utilisateur."
+
+#: newusers.8.xml:184(para)
+msgid ""
+"If this field is empty, a new group will be created with the name of the "
+"user and a GID will be automatically defined by <command>newusers</command> "
+"to be used as the primary group ID for the user and as the GID for the new "
+"group."
+msgstr ""
+"Si ce champ est vide, un nouveau groupe sera créé avec le nom de "
+"l'utilisateur et un GID sera automatiquement défini par <command>newusers</"
+"command> pour être utilisé comme identifiant de groupe primaire pour "
+"l'utilisateur et comme GID pour le nouveau groupe."
+
+#: newusers.8.xml:190(para)
+msgid ""
+"If this field contains the name of a group which does not exist (and was not "
+"created before by <command>newusers</command>), a new group will be created "
+"with the specified name and a GID will be automatically defined by "
+"<command>newusers</command> to be used as the primary group ID for the user "
+"and GID for the new group."
+msgstr ""
+"Si le champ contient le nom d'un groupe qui n'existe pas (et qui n'a pas été "
+"créé précédemment par <command>newusers</command>), un nouveau groupe sera "
+"créé avec le nom indiqué et un GID sera automatiquement défini par "
+"<command>newusers</command> pour être utilisé comme identifiant de groupe "
+"primaire pour l'utilisateur et comme identifiant pour le nouveau groupe."
+
+#: newusers.8.xml:202(emphasis)
+msgid "pw_gecos"
+msgstr "pw_gecos"
+
+#: newusers.8.xml:205(para)
+msgid "This field is copied in the GECOS field of the user."
+msgstr "Ce champ est copié dans le champ GECOS de l'utilisateur."
+
+#: newusers.8.xml:212(emphasis)
+msgid "pw_dir"
+msgstr "pw_dir"
+
+#: newusers.8.xml:215(para)
+msgid "This field is used to define the home directory of the user."
+msgstr ""
+"Ce champ est utilisé pour définir le répertoire personnel de l'utilisateur."
+
+#: newusers.8.xml:218(para)
+msgid ""
+"If this field does not specify an existing directory, the specified "
+"directory is created, with ownership set to the user being created or "
+"updated and its primary group."
+msgstr ""
+"Si ce champ n'indique pas de répertoire existant, le répertoire indiqué est "
+"créé, avec comme propriétaire l'utilisateur en cours de création ou mis à "
+"jour et son groupe primaire."
+
+#: newusers.8.xml:223(para)
+msgid ""
+"If the home directory of an existing user is changed, <command>newusers</"
+"command> does not move or copy the content of the old directory to the new "
+"location. This should be done manually."
+msgstr ""
+"Si le répertoire personnel d'un utilisateur existant est modifié, "
+"<command>newusers</command> ne déplace ni ne copie le contenu de l'ancien "
+"répertoire personnel à la nouvelle place. Vous devrez effectuer cela vous-"
+"même."
+
+#: newusers.8.xml:233(emphasis)
+msgid "pw_shell"
+msgstr "pw_shell"
+
+#: newusers.8.xml:236(para)
+msgid ""
+"This field defines the shell of the user. No checks are performed on this "
+"field."
+msgstr ""
+"Ce champ définit l'interpréteur de commande de l'utilisateur. Aucune "
+"vérification n'est effectuée sur ce champ."
+
+#: newusers.8.xml:244(para)
+msgid ""
+"<command>newusers</command> first tries to create or change all the "
+"specified users, and then write these changes to the user or group "
+"databases. If an error occurs (except in the final writes to the databases), "
+"no changes are committed to the databases."
+msgstr ""
+"<command>newusers</command> essayera d'abord de créer ou de modifier tous "
+"les utilisateurs indiqués puis écrira ces modifications dans les bases de "
+"données d'utilisateurs et de groupes. Si une erreur survient (en dehors de "
+"l'écriture finale des bases de données), aucune modification ne sera "
+"propagée dans les bases de données."
+
+#: newusers.8.xml:250(para)
+msgid ""
+"During this first pass, users are created with a locked password (and "
+"passwords are not changed for the users which are not created). A second "
+"pass is used to update the passwords using PAM. Failures to update a "
+"password are reported, but will not stop the other password updates."
+msgstr ""
+"Lors du premier passage, les utilisateurs sont créés avec un mot de passe "
+"verrouillé (les mots de passe ne sont pas modifiés pour les utilisateurs non "
+"créés). Un second passage est utilisé pour mettre à jour les mots de passe "
+"en utilisant PAM. Les échecs de mise à jour des mots de passe sont signalés, "
+"mais n'empêchent pas les mises à jour des autres mots de passe."
+
+#: newusers.8.xml:258(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are updated at a single time."
+msgstr ""
+"Cette commande a été conçue pour les gros systèmes pour lesquels un grand "
+"nombre de comptes sont mis à jour en même temps."
+
+#: newusers.8.xml:266(para)
+msgid "The options which apply to the <command>newusers</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>newusers</command> sont :"
+
+#: newusers.8.xml:271(term) chgpasswd.8.xml:112(term)
+msgid "<option>-c</option>, <option>--crypt-method</option>"
+msgstr "<option>-c</option>, <option>--crypt-method</option>"
+
+#: newusers.8.xml:273(para) chpasswd.8.xml:141(para) chgpasswd.8.xml:114(para)
+msgid "Use the specified method to encrypt the passwords."
+msgstr "Utiliser la méthode précisée pour chiffrer les mots de passe."
+
+#: newusers.8.xml:274(para) chpasswd.8.xml:145(para) chgpasswd.8.xml:118(para)
+msgid ""
+"The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc "
+"support these methods."
+msgstr ""
+"Les méthodes disponibles sont DES, MD5, NONE et SHA256 ou SHA512 si votre "
+"libc prend en charge ces méthodes."
+
+#: newusers.8.xml:296(para)
+msgid ""
+"System users will be created with no aging information in <filename>/etc/"
+"shadow</filename>, and their numeric identifiers are chosen in the "
+"<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>UID_MIN</option>-"
+"<option>UID_MAX</option> (and their <option>GID</option> counterparts for "
+"the creation of groups)."
+msgstr ""
+"Les utilisateurs système seront créés sans information d'âge dans <filename>/"
+"etc/shadow</filename> et leurs identifiants numériques sont choisis dans "
+"l'intervalle <option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>, "
+"défini dans <filename>login.defs</filename>, au lieu de <option>UID_MIN</"
+"option>-<option>UID_MAX</option> (et leur <option>GID</option> correspondant "
+"pour la création de groupes)."
+
+#: newusers.8.xml:322(term) chgpasswd.8.xml:158(term)
+msgid "<option>-s</option>, <option>--sha-rounds</option>"
+msgstr "<option>-s</option>, <option>--sha-rounds</option>"
+
+#: newusers.8.xml:324(para) chpasswd.8.xml:204(para) chgpasswd.8.xml:160(para)
+msgid "Use the specified number of rounds to encrypt the passwords."
+msgstr "Utiliser le nombre de rounds précisé pour chiffrer les mots de passe."
+
+#: newusers.8.xml:327(para) chpasswd.8.xml:207(para) chgpasswd.8.xml:163(para)
+msgid ""
+"The value 0 means that the system will choose the default number of rounds "
+"for the crypt method (5000)."
+msgstr ""
+"La valeur 0 signifie que le système choisira la valeur par défaut du nombre "
+"de rounds pour la méthode de chiffrement (5 000)."
+
+#: newusers.8.xml:331(para) chpasswd.8.xml:211(para) chgpasswd.8.xml:167(para)
+msgid ""
+"A minimal value of 1000 and a maximal value of 999,999,999 will be enforced."
+msgstr ""
+"Une valeur minimale de 1 000 et une valeur maximale de 999 999 999 seront "
+"imposées."
+
+#: newusers.8.xml:335(para) chpasswd.8.xml:215(para) chgpasswd.8.xml:171(para)
+msgid "You can only use this option with the SHA256 or SHA512 crypt method."
+msgstr ""
+"Vous ne pouvez utiliser cette méthode qu'avec les méthodes de chiffrement "
+"SHA256 ou SHA512."
+
+#: newusers.8.xml:339(para) chgpasswd.8.xml:175(para)
+msgid ""
+"By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and "
+"SHA_CRYPT_MAX_ROUNDS variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Par défaut, le nombre de rounds est défini par les variables "
+"SHA_CRYPT_MIN_ROUNDS et SHA_CRYPT_MAX_ROUNDS dans <filename>/etc/login.defs</"
+"filename>."
+
+#: newusers.8.xml:351(para)
+msgid ""
+"The input file must be protected since it contains unencrypted passwords."
+msgstr ""
+"Le fichier d'entrée doit être correctement protégé puisqu'il contient des "
+"mots de passe en clair."
+
+#: newusers.8.xml:355(para) chgpasswd.8.xml:191(para)
+msgid ""
+"You should make sure the passwords and the encryption method respect the "
+"system's password policy."
+msgstr ""
+"Vous devez vous assurer que les mots de passe et la méthode de chiffrement "
+"respectent la politique de mot de passe du système."
+
+#: newusers.8.xml:430(filename)
+msgid "/etc/pam.d/newusers"
+msgstr "/etc/pam.d/newusers"
+
+#: newusers.8.xml:432(para)
+msgid "PAM configuration for <command>newusers</command>."
+msgstr "Configuration de PAM pour <command>newusers</command>."
+
+#: newusers.8.xml:452(para)
+#| msgid ""
+#| "<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>grpck</"
+#| "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#| "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#| "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#| "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#| "manvolnum></citerefentry>."
+msgid ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, <phrase condition="
+"\"subids\"><citerefentry><refentrytitle>subgid</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>subuid</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+"phrase><citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: newgrp.1.xml:58(refentrytitle) newgrp.1.xml:65(refname)
+#: newgrp.1.xml:71(command)
+msgid "newgrp"
+msgstr "newgrp"
+
+#: newgrp.1.xml:66(refpurpose)
+msgid "log in to a new group"
+msgstr "se connecter avec un nouveau groupe"
+
+#: newgrp.1.xml:72(replaceable) grpck.8.xml:74(replaceable)
+#: groupadd.8.xml:78(replaceable) gpasswd.1.xml:88(replaceable)
+msgid "group"
+msgstr "groupe"
+
+#: newgrp.1.xml:78(para)
+msgid ""
+"The <command>newgrp</command> command is used to change the current group ID "
+"during a login session. If the optional <option>-</option> flag is given, "
+"the user's environment will be reinitialized as though the user had logged "
+"in, otherwise the current environment, including current working directory, "
+"remains unchanged."
+msgstr ""
+"La commande <command>newgrp</command> permet de changer l'identifiant de "
+"groupe de l'utilisateur au cours d'une session. Si l'option <option>-</"
+"option> est fournie, l'environnement de l'utilisateur est réinitialisé, "
+"comme si l'utilisateur venait de se connecter. Sinon, l'environnement "
+"actuel, y compris le répertoire de travail actuel est conservé."
+
+# NOTE:
+#: newgrp.1.xml:86(para)
+msgid ""
+"<command>newgrp</command> changes the current real group ID to the named "
+"group, or to the default group listed in <filename>/etc/passwd</filename> if "
+"no group name is given. <command>newgrp</command> also tries to add the "
+"group to the user groupset. If not root, the user will be prompted for a "
+"password if she does not have a password (in <filename>/etc/shadow</"
+"filename> if this user has an entry in the shadowed password file, or in "
+"<filename>/etc/passwd</filename> otherwise) and the group does, or if the "
+"user is not listed as a member and the group has a password. The user will "
+"be denied access if the group password is empty and the user is not listed "
+"as a member."
+msgstr ""
+"<command>newgrp</command> change l'identifiant de groupe réel actuel à la "
+"valeur du groupe indiqué, ou au groupe par défaut défini dans <filename>/etc/"
+"passwd</filename> si aucun nom de groupe n'est fourni. <command>newgrp</"
+"command> essaiera également d'ajouter le groupe à l'ensemble des groupes de "
+"l'utilisateur. Si l'utilisateur n'est pas superutilisateur, un mot de passe "
+"lui sera demandé s'il n'utilise pas de mot de passe (dans <filename>/etc/"
+"shadow</filename>, si cet utilisateur a une entrée dans le fichier des mots "
+"de passe cachés, ou dans <filename>/etc/passwd</filename> sinon), mais que "
+"le groupe en a un, ou si l'utilisateur n'est pas dans la liste des membres "
+"de ce groupe et que ce groupe utilise un mot de passe. L'accès sera refusé "
+"si le mot de passe du groupe est vide et que l'utilisateur ne fait pas "
+"partie de ses membres."
+
+#: newgrp.1.xml:100(para)
+msgid ""
+"If there is an entry for this group in <filename>/etc/gshadow</filename>, "
+"then the list of members and the password of this group will be taken from "
+"this file, otherwise, the entry in <filename>/etc/group</filename> is "
+"considered."
+msgstr ""
+"S'il y a une entrée pour ce groupe dans <filename>/etc/gshadow</filename>, "
+"alors la liste des membres et le mot de passe de ce groupe seront pris dans "
+"ce fichier, sinon, l'entrée du fichier <filename>/etc/group</filename> est "
+"utilisée."
+
+#: newgrp.1.xml:152(para)
+msgid ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>id</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>sg</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry><phrase condition=\"gshadow\">, <citerefentry condition="
+"\"gshadow\"><refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry></phrase>."
+
+#: logoutd.8.xml:57(refentrytitle) logoutd.8.xml:64(refname)
+#: logoutd.8.xml:70(command)
+msgid "logoutd"
+msgstr "logoutd"
+
+#: logoutd.8.xml:65(refpurpose)
+msgid "enforce login time restrictions"
+msgstr "Imposer les restrictions de connexion dans le temps"
+
+#: logoutd.8.xml:76(para)
+msgid ""
+"<command>logoutd</command> enforces the login time and port restrictions "
+"specified in <filename>/etc/porttime</filename>. <command>logoutd</command> "
+"should be started from <filename>/etc/rc</filename>. The <filename>/var/run/"
+"utmp</filename> file is scanned periodically and each user name is checked "
+"to see if the named user is permitted on the named port at the current time. "
+"Any login session which is violating the restrictions in <filename>/etc/"
+"porttime</filename> is terminated."
+msgstr ""
+"<command>logoutd</command> impose les restrictions (sur les ports, la date "
+"et l'heure de connexion) spécifiées dans <filename>/etc/porttime</filename>. "
+"<command>logoutd</command> doit être démarré depuis <filename>/etc/rc</"
+"filename>. Il analyse le fichier <filename>/var/run/utmp</filename> "
+"régulièrement et, pour chaque utilisateur, il vérifie que ce nom "
+"d'utilisateur est autorisé à être connecté à ce port à ce moment. Toute "
+"session en violation avec les restrictions de <filename>/etc/porttime</"
+"filename> est terminée."
+
+#: logoutd.8.xml:98(filename) login.1.xml:341(filename)
+msgid "/var/run/utmp"
+msgstr "/var/run/utmp"
+
+#: logoutd.8.xml:100(para) login.1.xml:343(para)
+msgid "List of current login sessions."
+msgstr "Liste des sessions de connexion en cours."
+
+#: login.defs.5.xml:122(refentrytitle) login.defs.5.xml:129(refname)
+msgid "login.defs"
+msgstr "login.defs"
+
+#: login.defs.5.xml:130(refpurpose)
+msgid "shadow password suite configuration"
+msgstr "configuration de la suite des mots de passe cachés « shadow password »"
+
+#: login.defs.5.xml:135(para)
+msgid ""
+"The <filename>/etc/login.defs</filename> file defines the site-specific "
+"configuration for the shadow password suite. This file is required. Absence "
+"of this file will not prevent system operation, but will probably result in "
+"undesirable operation."
+msgstr ""
+"Le fichier <filename>/etc/login.defs</filename> définit la configuration de "
+"la suite shadow password (mots de passe cachés) pour le système. Ce fichier "
+"est indispensable. Son absence n'empêchera pas le système de fonctionner, "
+"mais aura probablement des conséquences indésirables."
+
+#: login.defs.5.xml:142(para)
+msgid ""
+"This file is a readable text file, each line of the file describing one "
+"configuration parameter. The lines consist of a configuration name and "
+"value, separated by whitespace. Blank lines and comment lines are ignored. "
+"Comments are introduced with a \"#\" pound sign and the pound sign must be "
+"the first non-white character of the line."
+msgstr ""
+"Ce fichier est un fichier texte, dont chaque ligne décrit un paramètre de "
+"configuration. Les lignes consistent en un nom et une valeur, séparés par "
+"une espace. Les lignes blanches et les lignes de commentaires sont ignorées. "
+"Les commentaires commencent par un caractère « # », qui doit être le premier "
+"caractère non blanc de la ligne."
+
+#: login.defs.5.xml:150(para)
+msgid ""
+"Parameter values may be of four types: strings, booleans, numbers, and long "
+"numbers. A string is comprised of any printable characters. A boolean should "
+"be either the value <replaceable>yes</replaceable> or <replaceable>no</"
+"replaceable>. An undefined boolean parameter or one with a value other than "
+"these will be given a <replaceable>no</replaceable> value. Numbers (both "
+"regular and long) may be either decimal values, octal values (precede the "
+"value with <replaceable>0</replaceable>) or hexadecimal values (precede the "
+"value with <replaceable>0x</replaceable>). The maximum value of the regular "
+"and long numeric parameters is machine-dependent."
+msgstr ""
+"Les valeurs des paramètres sont de quatre types : chaînes de caractères, "
+"booléens, nombres et nombres longs. Une chaîne de caractères est constituée "
+"de n'importe quels caractères imprimables. Un booléen est soit "
+"<replaceable>yes</replaceable> (oui), soit <replaceable>no</replaceable> "
+"(non). Un paramètre booléen non défini, ou défini avec une valeur autre que "
+"celles-là prendra la valeur <replaceable>no</replaceable>. Un nombre (normal "
+"ou long) peut être soit décimal, soit octal (en précédant la valeur d'un "
+"<replaceable>0</replaceable>), ou encore hexadécimal (en précédant la valeur "
+"de <replaceable>0x</replaceable>). La valeur maximale des paramètres "
+"numériques normaux ou longs dépend de la machine."
+
+#: login.defs.5.xml:165(para)
+msgid "The following configuration items are provided:"
+msgstr "Les paramètres de configuration suivants sont fournis :"
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_AUTH</option> (boolean)"
+msgstr "<option>CHFN_AUTH</option> (booléen)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chfn</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"La valeur <replaceable>yes</replaceable> indique que le programme "
+"<command>chfn</command> nécessitera une authentification avant de procéder à "
+"tout changement, à moins qu'ils ne soient exécutés par le superutilisateur."
+
+#: login.defs.5.xml:32(term) chfn.1.xml:32(term)
+msgid "<option>CHFN_RESTRICT</option> (string)"
+msgstr "<option>CHFN_RESTRICT</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) chfn.1.xml:34(para)
+msgid ""
+"This parameter specifies which values in the <emphasis remap=\"I\">gecos</"
+"emphasis> field of the <filename>/etc/passwd</filename> file may be changed "
+"by regular users using the <command>chfn</command> program. It can be any "
+"combination of letters <replaceable>f</replaceable>, <replaceable>r</"
+"replaceable>, <replaceable>w</replaceable>, <replaceable>h</replaceable>, "
+"for Full name, Room number, Work phone, and Home phone, respectively. For "
+"backward compatibility, <replaceable>yes</replaceable> is equivalent to "
+"<replaceable>rwh</replaceable> and <replaceable>no</replaceable> is "
+"equivalent to <replaceable>frwh</replaceable>. If not specified, only the "
+"superuser can make any changes. The most restrictive setting is better "
+"achieved by not installing <command>chfn</command> SUID."
+msgstr ""
+"Ce paramètre précise quelles valeurs du champ <emphasis remap=\"I\">gecos</"
+"emphasis> du fichier <filename>passwd</filename> peuvent être modifiées par "
+"les utilisateurs ordinaires à l'aide du programme <command>chfn</command>. "
+"Il est constitué d'une combinaison de lettres parmi <replaceable>f</"
+"replaceable>, <replaceable>r</replaceable>, <replaceable>w</replaceable> et "
+"<replaceable>h</replaceable>, correspondant respectivement au nom complet, "
+"au numéro de bureau, au numéro de téléphone professionnel et au numéro de "
+"téléphone personnel. Pour des raisons de compatibilité avec des versions "
+"antérieures, <replaceable>yes</replaceable> est équivalent à "
+"<replaceable>rwh</replaceable> et <replaceable>no</replaceable> à "
+"<replaceable>frwh</replaceable>. S'il n'est pas précisé, seul le "
+"superutilisateur peut effectuer des modifications. Pour une configuration "
+"encore plus restrictive, il sera préférable de ne pas installer "
+"<command>chfn</command> avec l'indicateur SUID positionné."
+
+#: login.defs.5.xml:32(term) chsh.1.xml:32(term)
+msgid "<option>CHSH_AUTH</option> (boolean)"
+msgstr "<option>CHSH_AUTH</option> (booléen)"
+
+#: login.defs.5.xml:34(para) chsh.1.xml:34(para)
+msgid ""
+"If <replaceable>yes</replaceable>, the <command>chsh</command> program will "
+"require authentication before making any changes, unless run by the "
+"superuser."
+msgstr ""
+"La valeur <replaceable>yes</replaceable> indique que le programme "
+"<command>chsh</command> nécessitera une authentification avant de procéder à "
+"tout changement, à moins qu'ils ne soient exécutés par le superutilisateur."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ERASECHAR</option> (number)"
+msgstr "<option>ERASECHAR</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Terminal ERASE character (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+msgstr ""
+"Le caractère ERASE du terminal (<replaceable>010</replaceable> = backspace, "
+"<replaceable>0177</replaceable> = DEL)."
+
+#: login.defs.5.xml:38(para) login.defs.5.xml:37(para) login.1.xml:38(para)
+#: login.1.xml:37(para)
+msgid ""
+"The value can be prefixed \"0\" for an octal value, or \"0x\" for an "
+"hexadecimal value."
+msgstr ""
+"La valeur peut être préfixée par « 0 » pour une valeur octale, ou « 0x » "
+"pour une valeur hexadécimale."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAIL_DELAY</option> (number)"
+msgstr "<option>FAIL_DELAY</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Delay in seconds before being allowed another attempt after a login failure."
+msgstr ""
+"Le délai en secondes avant qu'un nouvel essai soit permis après un échec de "
+"connexion."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAILLOG_ENAB</option> (boolean)"
+msgstr "<option>FAILLOG_ENAB</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable logging and display of <filename>/var/log/faillog</filename> login "
+"failure info."
+msgstr ""
+"Activer l'enregistrement et l'affichage des informations d'échec de "
+"connexion de <filename>/var/log/faillog</filename>"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FAKE_SHELL</option> (string)"
+msgstr "<option>FAKE_SHELL</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If set, <command>login</command> will execute this shell instead of the "
+"users' shell specified in <filename>/etc/passwd</filename>."
+msgstr ""
+"Si définie, <command>login</command> exécutera cet interpréteur de commandes "
+"au lieu de l'interpréteur de l'utilisateur spécifié dans <filename>/etc/"
+"passwd</filename>."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>FTMP_FILE</option> (string)"
+msgstr "<option>FTMP_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, login failures will be logged in this file in a utmp format."
+msgstr ""
+"Si définie, les échecs de connexion seront enregistrés dans le fichier sous "
+"le format utmp"
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>HUSHLOGIN_FILE</option> (string)"
+msgstr "<option>HUSHLOGIN_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, this file can inhibit all the usual chatter during the login "
+"sequence. If a full pathname is specified, then hushed mode will be enabled "
+"if the user's name or shell are found in the file. If not a full pathname, "
+"then hushed mode will be enabled if the file exists in the user's home "
+"directory."
+msgstr ""
+"Si définie, le fichier peut désactiver tous les affichages habituels durant "
+"la séquence de connexion. Si un nom de chemin complet est spécifié, alors le "
+"mode taiseux sera activé si le nom ou l'interpréteur de commandes de "
+"l'utilisateur sont trouvés dans le fichier. Si ce n'est pas un nom de chemin "
+"complet, alors le mode taiseux sera activé si le fichier existe dans le "
+"répertoire personnel de l'utilisateur."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ISSUE_FILE</option> (string)"
+msgstr "<option>ISSUE_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "If defined, this file will be displayed before each login prompt."
+msgstr "Si définie, le fichier sera affiché avant chaque invite de connexion."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>KILLCHAR</option> (number)"
+msgstr "<option>KILLCHAR</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Terminal KILL character (<replaceable>025</replaceable> = CTRL/U)."
+msgstr ""
+"Le caractère KILL du terminal (<replaceable>025</replaceable> = CTRL/U)."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LASTLOG_ENAB</option> (boolean)"
+msgstr "<option>LASTLOG_ENAB</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging and display of /var/log/lastlog login time info."
+msgstr ""
+"Activer la journalisation et l'affichage des informations de dernière "
+"connexion de /var/log/lastlog."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_OK_LOGINS</option> (boolean)"
+msgstr "<option>LOG_OK_LOGINS</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable logging of successful logins."
+msgstr "Activer la journalisation des connexions réussies."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOG_UNKFAIL_ENAB</option> (boolean)"
+msgstr "<option>LOG_UNKFAIL_ENAB</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Enable display of unknown usernames when login failures are recorded."
+msgstr ""
+"Activer l'affichage des noms d'utilisateurs inconnus quand les échecs de "
+"connexions sont enregistrés."
+
+#: login.defs.5.xml:38(para) login.1.xml:38(para)
+msgid ""
+"Note: logging unknown usernames may be a security issue if an user enter her "
+"password instead of her login name."
+msgstr ""
+"Remarque : la journalisation des noms d'utilisateurs inconnus peut être un "
+"problème de sécurité si un utilisateur entre son mot de passe au lieu de son "
+"nom d'utilisateur."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_RETRIES</option> (number)"
+msgstr "<option>LOGIN_RETRIES</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Maximum number of login retries in case of bad password."
+msgstr ""
+"Le nombre maximum de tentatives de connexion en cas de mauvais mot de passe."
+
+#: login.defs.5.xml:37(para) login.1.xml:37(para)
+msgid ""
+"This will most likely be overridden by PAM, since the default pam_unix "
+"module has its own built in of 3 retries. However, this is a safe fallback "
+"in case you are using an authentication module that does not enforce "
+"PAM_MAXTRIES."
+msgstr ""
+"Ce sera probablement écrasé par PAM, puisque le module pam_unix est réglé en "
+"dur pour n'effectuer que 3 tentatives. Toutefois, il s'agit d'une solution "
+"de repli au cas où vous utilisez un module d'authentification qui ne fait "
+"pas appliquer PAM_MAXTRIES."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>LOGIN_TIMEOUT</option> (number)"
+msgstr "<option>LOGIN_TIMEOUT</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Max time in seconds for login."
+msgstr "Le temps maximum en secondes pour la connexion."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>MOTD_FILE</option> (string)"
+msgstr "<option>MOTD_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, \":\" delimited list of \"message of the day\" files to be "
+"displayed upon login."
+msgstr ""
+"Si définie, liste délimitée par des « : » de fichiers de « message du jour » "
+"à afficher lors de la connexion."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>NOLOGINS_FILE</option> (string)"
+msgstr "<option>NOLOGINS_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, name of file whose presence will inhibit non-root logins. The "
+"contents of this file should be a message indicating why logins are "
+"inhibited."
+msgstr ""
+"Si définie, nom de fichier dont la présence empêchera les connexions de "
+"quelqu'un d'autre que le superutilisateur. Le contenu de ces fichiers doit "
+"être un message indiquant pourquoi les connexions sont désactivées."
+
+#: login.defs.5.xml:208(para)
+msgid ""
+"<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and "
+"<option>PASS_WARN_AGE</option> are only used at the time of account "
+"creation. Any changes to these settings won't affect existing accounts."
+msgstr ""
+"Les paramètres <option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</"
+"option> et <option>PASS_WARN_AGE</option> ne sont utilisés qu'au moment de "
+"la création d'un compte. Les changements n'affecteront pas les comptes "
+"existants."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>PORTTIME_CHECKS_ENAB</option> (boolean)"
+msgstr "<option>PORTTIME_CHECKS_ENAB</option> (booléen)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"Enable checking of time restrictions specified in <filename>/etc/porttime</"
+"filename>."
+msgstr ""
+"Activer la vérification des restrictions de temps précisées dans <filename>/"
+"etc/porttime</filename>."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYGROUP</option> (string)"
+msgstr "<option>TTYGROUP</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:33(term) login.1.xml:33(term)
+msgid "<option>TTYPERM</option> (string)"
+msgstr "<option>TTYPERM</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:35(para) login.1.xml:35(para)
+msgid ""
+"The terminal permissions: the login tty will be owned by the "
+"<option>TTYGROUP</option> group, and the permissions will be set to "
+"<option>TTYPERM</option>."
+msgstr ""
+"Les permissions de terminal : la connexion tty appartiendra au groupe "
+"<option>TTYGROUP</option> et les permissions seront configurées à "
+"<option>TTYPERM</option>."
+
+#: login.defs.5.xml:40(para) login.1.xml:40(para)
+msgid ""
+"By default, the ownership of the terminal is set to the user's primary group "
+"and the permissions are set to <replaceable>0600</replaceable>."
+msgstr ""
+"Par défaut, le propriétaire du terminal est configuré au groupe primaire de "
+"l'utilisateur et les permissions sont configurées à <replaceable>0600</"
+"replaceable>."
+
+#: login.defs.5.xml:45(para) login.1.xml:45(para)
+msgid ""
+"<option>TTYGROUP</option> can be either the name of a group or a numeric "
+"group identifier."
+msgstr ""
+"<option>TTYGROUP</option> peut être le nom d'un groupe ou un identifiant "
+"numérique de groupe."
+
+#: login.defs.5.xml:49(para) login.1.xml:49(para)
+msgid ""
+"If you have a <command>write</command> program which is \"setgid\" to a "
+"special group which owns the terminals, define TTYGROUP to the group number "
+"and TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign "
+"TTYPERM to either 622 or 600."
+msgstr ""
+"Si vous avez un programme <command>write</command> qui est « setgid » à un "
+"groupe spécial auquel les terminaux appartiennent, définissez TTYGROUP comme "
+"l'identifiant numérique du groupe et TTYPERM à 0620. Autrement laissez "
+"TTYGROUP décommenté et TTYPERM configuré soit à 622 soit à 600."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>TTYTYPE_FILE</option> (string)"
+msgstr "<option>TTYTYPE_FILE</option> (chaîne de caractères)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid ""
+"If defined, file which maps tty line to TERM environment parameter. Each "
+"line of the file is in a format something like \"vt100 tty01\"."
+msgstr ""
+"Si définie, fichier qui lie les lignes de tty à la variable d'environnement "
+"TERM. Chaque ligne du fichier est dans un format ressemblant à « vt100 "
+"tty01 »."
+
+#: login.defs.5.xml:32(term) login.1.xml:32(term)
+msgid "<option>ULIMIT</option> (number)"
+msgstr "<option>ULIMIT</option> (nombre)"
+
+#: login.defs.5.xml:34(para) login.1.xml:34(para)
+msgid "Default <command>ulimit</command> value."
+msgstr "Valeur par défaut d'<command>ulimit</command>."
+
+#: login.defs.5.xml:241(title)
+msgid "CROSS REFERENCES"
+msgstr "RÉFÉRENCES CROISÉES"
+
+#: login.defs.5.xml:242(para)
+msgid ""
+"The following cross references show which programs in the shadow password "
+"suite use which parameters."
+msgstr ""
+"Les références croisées ci-dessous montrent quels sont les paramètres "
+"utilisés par les différents programmes de la suite shadow password."
+
+#: login.defs.5.xml:249(term) chage.1.xml:58(refentrytitle)
+#: chage.1.xml:65(refname) chage.1.xml:70(command)
+msgid "chage"
+msgstr "chage"
+
+#: login.defs.5.xml:251(para) login.defs.5.xml:441(phrase)
+#: login.defs.5.xml:510(phrase)
+msgid "USE_TCB"
+msgstr "USE_TCB"
+
+#: login.defs.5.xml:255(term) chfn.1.xml:60(refentrytitle)
+#: chfn.1.xml:67(refname) chfn.1.xml:73(command)
+msgid "chfn"
+msgstr "chfn"
+
+#: login.defs.5.xml:257(para)
+msgid ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CHFN_AUTH</phrase> CHFN_RESTRICT <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase>"
+
+#: login.defs.5.xml:265(term) chgpasswd.8.xml:57(refentrytitle)
+#: chgpasswd.8.xml:64(refname) chgpasswd.8.xml:70(command)
+msgid "chgpasswd"
+msgstr "chgpasswd"
+
+#: login.defs.5.xml:267(para) login.defs.5.xml:298(para)
+msgid ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB <phrase condition="
+"\"sha_crypt\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:275(term) chpasswd.8.xml:61(refentrytitle)
+#: chpasswd.8.xml:68(refname) chpasswd.8.xml:74(command)
+msgid "chpasswd"
+msgstr "chpasswd"
+
+#: login.defs.5.xml:278(phrase)
+msgid "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+msgstr "ENCRYPT_METHOD MD5_CRYPT_ENAB"
+
+#: login.defs.5.xml:280(phrase)
+msgid "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+msgstr "SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS"
+
+#: login.defs.5.xml:286(term) chsh.1.xml:60(refentrytitle)
+#: chsh.1.xml:67(refname) chsh.1.xml:73(command)
+msgid "chsh"
+msgstr "chsh"
+
+#: login.defs.5.xml:288(para)
+msgid "CHSH_AUTH LOGIN_STRING"
+msgstr "CHSH_AUTH LOGIN_STRING"
+
+#: login.defs.5.xml:296(term) gpasswd.1.xml:62(refentrytitle)
+#: gpasswd.1.xml:69(refname) gpasswd.1.xml:83(command)
+msgid "gpasswd"
+msgstr "gpasswd"
+
+#: login.defs.5.xml:306(term) groupadd.8.xml:60(refentrytitle)
+#: groupadd.8.xml:67(refname) groupadd.8.xml:73(command)
+msgid "groupadd"
+msgstr "groupadd"
+
+#: login.defs.5.xml:308(para)
+msgid "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+msgstr "GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN"
+
+#: login.defs.5.xml:315(term) groupdel.8.xml:58(refentrytitle)
+#: groupdel.8.xml:65(refname) groupdel.8.xml:71(command)
+msgid "groupdel"
+msgstr "groupdel"
+
+#: login.defs.5.xml:317(para) login.defs.5.xml:323(para)
+#: login.defs.5.xml:329(para) login.defs.5.xml:336(para)
+#: login.defs.5.xml:342(para) login.defs.5.xml:348(para)
+msgid "MAX_MEMBERS_PER_GROUP"
+msgstr "MAX_MEMBERS_PER_GROUP"
+
+#: login.defs.5.xml:321(term) groupmems.8.xml:61(refentrytitle)
+#: groupmems.8.xml:68(refname) groupmems.8.xml:74(command)
+msgid "groupmems"
+msgstr "groupmems"
+
+#: login.defs.5.xml:327(term) groupmod.8.xml:58(refentrytitle)
+#: groupmod.8.xml:65(refname) groupmod.8.xml:71(command)
+msgid "groupmod"
+msgstr "groupmod"
+
+#: login.defs.5.xml:334(term) grpck.8.xml:58(refentrytitle)
+#: grpck.8.xml:65(refname) grpck.8.xml:71(command)
+msgid "grpck"
+msgstr "grpck"
+
+#: login.defs.5.xml:354(term) login.1.xml:90(refentrytitle)
+#: login.1.xml:97(refname) login.1.xml:103(command) login.1.xml:111(command)
+#: login.1.xml:118(command)
+msgid "login"
+msgstr "login"
+
+#: login.defs.5.xml:356(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE</"
+"phrase> ERASECHAR FAIL_DELAY <phrase condition=\"no_pam\">FAILLOG_ENAB</"
+"phrase> FAKE_SHELL <phrase condition=\"no_pam\">FTMP_FILE</phrase> "
+"HUSHLOGIN_FILE <phrase condition=\"no_pam\">ISSUE_FILE</phrase> KILLCHAR "
+"<phrase condition=\"no_pam\">LASTLOG_ENAB</phrase> LOGIN_RETRIES <phrase "
+"condition=\"no_pam\">LOGIN_STRING</phrase> LOGIN_TIMEOUT LOG_OK_LOGINS "
+"LOG_UNKFAIL_ENAB <phrase condition=\"no_pam\">MAIL_CHECK_ENAB MAIL_DIR "
+"MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB</phrase> "
+"TTYGROUP TTYPERM TTYTYPE_FILE <phrase condition=\"no_pam\">ULIMIT UMASK</"
+"phrase> USERGROUPS_ENAB"
+
+#: login.defs.5.xml:383(term)
+msgid "newgrp / sg"
+msgstr "newgrp / sg"
+
+#: login.defs.5.xml:385(para)
+msgid "SYSLOG_SG_ENAB"
+msgstr "SYSLOG_SG_ENAB"
+
+#: login.defs.5.xml:393(para)
+#| msgid ""
+#| "ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+#| "PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+#| "\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SYS_GID_MAX "
+#| "SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgid ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+msgstr ""
+"ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB "
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase> SUB_GID_COUNT "
+"SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX "
+"SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK"
+
+#: login.defs.5.xml:411(para)
+msgid ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+msgstr ""
+"ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN "
+"PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN <phrase condition=\"sha_crypt"
+"\">SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS</phrase>"
+
+#: login.defs.5.xml:422(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb"
+"\">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:431(para)
+msgid ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+msgstr ""
+"PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE <phrase condition=\"tcb\">USE_TCB</"
+"phrase>"
+
+#: login.defs.5.xml:448(para)
+msgid ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+msgstr ""
+"<phrase condition=\"no_pam\">CONSOLE</phrase> CONSOLE_GROUPS DEFAULT_HOME "
+"<phrase condition=\"no_pam\">ENV_HZ ENVIRON_FILE</phrase> ENV_PATH "
+"ENV_SUPATH <phrase condition=\"no_pam\">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB "
+"MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> SULOG_FILE SU_NAME <phrase condition="
+"\"no_pam\">SU_WHEEL_ONLY</phrase> SYSLOG_SU_ENAB <phrase condition=\"no_pam"
+"\">USERGROUPS_ENAB</phrase>"
+
+#: login.defs.5.xml:463(term)
+msgid "sulogin"
+msgstr "sulogin"
+
+#: login.defs.5.xml:465(para)
+msgid "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+msgstr "ENV_HZ <phrase condition=\"no_pam\">ENV_TZ</phrase>"
+
+#: login.defs.5.xml:474(para)
+#| msgid ""
+#| "CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+#| "PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+#| "SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb"
+#| "\">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>"
+msgid ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+msgstr ""
+"CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS "
+"PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN "
+"SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX "
+"SYS_UID_MIN UID_MAX UID_MIN UMASK <phrase condition=\"tcb\">TCB_AUTH_GROUP "
+"TCB_SYMLINK USE_TCB</phrase>"
+
+#: login.defs.5.xml:490(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB <phrase "
+"condition=\"tcb\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:500(para)
+msgid ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+msgstr ""
+"MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP <phrase condition=\"tcb"
+"\">TCB_SYMLINKS USE_TCB</phrase>"
+
+#: login.defs.5.xml:519(para)
+msgid ""
+"Much of the functionality that used to be provided by the shadow password "
+"suite is now handled by PAM. Thus, <filename>/etc/login.defs</filename> is "
+"no longer used by <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, or less used by "
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, and <citerefentry><refentrytitle>su</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>. Please refer to the "
+"corresponding PAM configuration files instead."
+msgstr ""
+"La plupart des fonctionnalités qui étaient fournies par les mots de passe "
+"cachés (« shadow password ») sont désormais gérées par PAM. De ce fait, "
+"<filename>/etc/login.defs</filename> n'est plus utilisé par "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> et moins utilisé par <citerefentry><refentrytitle>login</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> et "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>. Veuillez plutôt vous référer aux fichiers de configuration de "
+"PAM correspondant."
+
+#: login.defs.5.xml:535(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: login.access.5.xml:58(refentrytitle) login.access.5.xml:65(refname)
+msgid "login.access"
+msgstr "login.access"
+
+#: login.access.5.xml:66(refpurpose)
+msgid "login access control table"
+msgstr "table de contrôle des connexions"
+
+#: login.access.5.xml:71(para)
+msgid ""
+"The <emphasis remap=\"I\">login.access</emphasis> file specifies (user, "
+"host) combinations and/or (user, tty) combinations for which a login will be "
+"either accepted or refused."
+msgstr ""
+"Le fichier <emphasis remap=\"I\">login.access</emphasis> permet de spécifier "
+"des paires (utilisateur, hôte) et/ou (utilisateur, tty) pour lesquelles "
+"toute connexion sera soit acceptée soit refusée."
+
+#: login.access.5.xml:77(para)
+msgid ""
+"When someone logs in, the <emphasis remap=\"I\">login.access</emphasis> is "
+"scanned for the first entry that matches the (user, host) combination, or, "
+"in case of non-networked logins, the first entry that matches the (user, "
+"tty) combination. The permissions field of that table entry determines "
+"whether the login will be accepted or refused."
+msgstr ""
+"Lorsqu'un utilisateur se connecte, le fichier <emphasis remap=\"I\">login."
+"access</emphasis> est lu jusqu'à la première entrée correspondant à la paire "
+"(utilisateur, hôte) ou, dans le cas d'une connexion ne passant pas par le "
+"réseau, à la première entrée correspondant au couple (utilisateur, tty). Le "
+"champ des permissions de la table pour cette entrée détermine alors si la "
+"connexion doit être acceptée ou refusée."
+
+#: login.access.5.xml:85(para)
+msgid ""
+"Each line of the login access control table has three fields separated by a "
+"\":\" character:"
+msgstr ""
+"Chaque ligne de la table de contrôle des connexions (« login access control "
+"table ») est composée de trois champs séparés par le caractère « : » :"
+
+#: login.access.5.xml:90(para)
+msgid ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I\">users</"
+"emphasis>:<emphasis remap=\"I\">origins</emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">permission</emphasis>:<emphasis remap=\"I"
+"\">utilisateurs</emphasis>:<emphasis remap=\"I\">origines</emphasis>"
+
+#: login.access.5.xml:94(para)
+msgid ""
+"The first field should be a \"<emphasis>+</emphasis>\" (access granted) or "
+"\"<emphasis>-</emphasis>\" (access denied) character. The second field "
+"should be a list of one or more login names, group names, or <emphasis>ALL</"
+"emphasis> (always matches). The third field should be a list of one or more "
+"tty names (for non-networked logins), host names, domain names (begin with "
+"\"<literal>.</literal>\"), host addresses, internet network numbers (end "
+"with \"<literal>.</literal>\"), <emphasis>ALL</emphasis> (always matches) or "
+"<emphasis>LOCAL</emphasis> (matches any string that does not contain a "
+"\"<literal>.</literal>\" character). If you run NIS you can use "
+"@netgroupname in host or user patterns."
+msgstr ""
+"Le premier champ est soit un « <emphasis>+</emphasis> » (accès autorisé), "
+"soit un « <emphasis>-</emphasis> » (accès refusé). Le second champ est une "
+"liste d'un ou plusieurs noms d'utilisateurs ou de groupes, ou <emphasis>ALL</"
+"emphasis> (correspond à tous les utilisateurs). Le troisième champ est une "
+"liste d'un ou plusieurs noms de tty (pour les connexions hors réseau), noms "
+"d'hôtes, noms de domaines (commençant par un « <literal>.</literal> »), "
+"adresses d'hôte, adresses de sous-réseau (terminant par un « <literal>.</"
+"literal> »), <emphasis>ALL</emphasis> (pour spécifier n'importe quelle "
+"connexion), ou <emphasis>LOCAL</emphasis> (correspond à n'importe quelle "
+"chaîne ne contenant pas de « <literal>.</literal> »). Si vous utilisez NIS, "
+"vous pouvez utiliser @nomdegroupe pour les motifs d'utilisateur et d'hôte."
+
+#: login.access.5.xml:108(para)
+msgid ""
+"The <emphasis>EXCEPT</emphasis> operator makes it possible to write very "
+"compact rules."
+msgstr ""
+"L'opérateur <emphasis>EXCEPT</emphasis> permet d'écrire des règles très "
+"compactes."
+
+#: login.access.5.xml:113(para)
+msgid ""
+"The group file is searched only when a name does not match that of the "
+"logged-in user. Only groups are matched in which users are explicitly "
+"listed: the program does not look at a user's primary group id value."
+msgstr ""
+"Le fichier d'informations sur les groupes (/etc/group) n'est utilisé que "
+"lorsqu'un nom ne correspond à aucun des utilisateurs connectés. Seuls les "
+"groupes pour lesquels la liste des utilisateurs est spécifiée sont "
+"utilisés : le programme ne recherche pas parmi les groupes primaires des "
+"utilisateurs."
+
+#: login.1.xml:98(refpurpose)
+msgid "begin session on the system"
+msgstr "Démarrer une session sur le système"
+
+#: login.1.xml:104(arg) login.1.xml:112(arg) login.1.xml:119(arg)
+#: login.1.xml:236(option) groupmems.8.xml:79(arg)
+msgid "-p"
+msgstr "-p"
+
+#: login.1.xml:105(replaceable) login.1.xml:113(replaceable)
+#: login.1.xml:120(replaceable)
+msgid "host"
+msgstr "hôte"
+
+#: login.1.xml:105(arg) login.1.xml:113(arg)
+msgid "-h <placeholder-1/>"
+msgstr "-h <placeholder-1/>"
+
+#: login.1.xml:108(replaceable)
+msgid "ENV=VAR"
+msgstr "ENV=VAR"
+
+#: login.1.xml:114(arg) login.1.xml:214(option)
+msgid "-f"
+msgstr "-f"
+
+#: login.1.xml:120(arg)
+msgid "-r <placeholder-1/>"
+msgstr "-r <placeholder-1/>"
+
+#: login.1.xml:126(para)
+msgid ""
+"The <command>login</command> program is used to establish a new session with "
+"the system. It is normally invoked automatically by responding to the "
+"<emphasis remap=\"I\">login:</emphasis> prompt on the user's terminal. "
+"<command>login</command> may be special to the shell and may not be invoked "
+"as a sub-process. When called from a shell, <command>login</command> should "
+"be executed as <emphasis remap=\"B\">exec login</emphasis> which will cause "
+"the user to exit from the current shell (and thus will prevent the new "
+"logged in user to return to the session of the caller). Attempting to "
+"execute <command>login</command> from any shell but the login shell will "
+"produce an error message."
+msgstr ""
+"Le programme <command>login</command> permet d'établir une nouvelle session "
+"sur le système. Il est généralement invoqué après avoir répondu à l'invite "
+"de connexion <emphasis remap=\"I\">login:</emphasis> sur le terminal de "
+"l'utilisateur. <command>login</command> peut être spécifique à "
+"l'interpréteur de commandes et ne devrait pas être invoqué comme un sous-"
+"processus. Lorsqu'il est appelé depuis un interpréteur de commande, "
+"<command>login</command> doit être exécuté comme <emphasis remap=\"B\">>exec "
+"login</emphasis>, ce qui entraîne la sortie de l'interpréteur de commandes "
+"en cours (et ainsi empêche le nouvel utilisateur connecté de retourner à la "
+"session de l'appelant). L'exécution de <command>login</command> depuis un "
+"interpréteur de commandes autre qu'un interpréteur de commandes initial "
+"(« login shell ») produira un message d'erreur."
+
+#: login.1.xml:140(para)
+msgid ""
+"The user is then prompted for a password, where appropriate. Echoing is "
+"disabled to prevent revealing the password. Only a small number of password "
+"failures are permitted before <command>login</command> exits and the "
+"communications link is severed."
+msgstr ""
+"Un mot de passe est ensuite demandé à l'utilisateur. L'affichage du mot de "
+"passe est désactivé pour éviter de révéler le mot de passe. Seul un petit "
+"nombre d'échecs est permis avant que <command>login</command> ne quitte et "
+"que la liaison ne soit interrompue."
+
+#: login.1.xml:147(para)
+msgid ""
+"If password aging has been enabled for your account, you may be prompted for "
+"a new password before proceeding. You will be forced to provide your old "
+"password and the new password before continuing. Please refer to "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> for more information."
+msgstr ""
+"Si une date de fin de validité du mot de passe a été définie pour ce compte, "
+"un nouveau mot de passe pourra vous être demandé. Votre ancien mot de passe "
+"et votre nouveau mot de passe vous seront alors demandés avant de pouvoir "
+"continuer. Veuillez lire la page de manuel "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> pour plus d'informations."
+
+#: login.1.xml:156(para)
+msgid ""
+"After a successful login, you will be informed of any system messages and "
+"the presence of mail. You may turn off the printing of the system message "
+"file, <filename>/etc/motd</filename>, by creating a zero-length file "
+"<filename>.hushlogin</filename> in your login directory. The mail message "
+"will be one of \"<emphasis>You have new mail.</emphasis>\", \"<emphasis>You "
+"have mail.</emphasis>\", or \"<emphasis>No Mail.</emphasis>\" according to "
+"the condition of your mailbox."
+msgstr ""
+"Après une connexion réussie, vous serez informé des messages du système et "
+"de la présence de courrier. Vous pouvez désactiver l'affichage du message du "
+"système (<filename>/etc/motd</filename>), en créant un fichier vide "
+"<filename>.hushlogin</filename> dans le répertoire de votre compte. Le "
+"message concernant les courriers sera « <emphasis>You have new mail.</"
+"emphasis> », « <emphasis>You have mail.</emphasis> », ou « <emphasis>No Mail."
+"</emphasis> » suivant l'état de votre boîte aux lettres."
+
+#: login.1.xml:167(para)
+msgid ""
+"Your user and group ID will be set according to their values in the "
+"<filename>/etc/passwd</filename> file. The value for <envar>$HOME</envar>, "
+"<envar>$SHELL</envar>, <envar>$PATH</envar>, <envar>$LOGNAME</envar>, and "
+"<envar>$MAIL</envar> are set according to the appropriate fields in the "
+"password entry. Ulimit, umask and nice values may also be set according to "
+"entries in the GECOS field."
+msgstr ""
+"Vos identifiants d'utilisateur et de groupe seront définis en fonction des "
+"valeurs spécifiées dans le fichier <filename>/etc/passwd</filename>. Les "
+"valeurs des variables d'environnement <emphasis>$HOME</emphasis>, <emphasis>"
+"$SHELL</emphasis>, <emphasis>$PATH</emphasis>, <emphasis>$LOGNAME</"
+"emphasis>, et <emphasis>$MAIL</emphasis> seront définies en fonction des "
+"champs appropriés de l'entrée qui vous correspond. Les valeurs d'ulimit, "
+"d'umask et de nice pourront également être affectées en fonction des entrées "
+"du champ GECOS."
+
+#: login.1.xml:176(para)
+msgid ""
+"On some installations, the environmental variable <envar>$TERM</envar> will "
+"be initialized to the terminal type on your tty line, as specified in "
+"<filename>/etc/ttytype</filename>."
+msgstr ""
+"Sur certains systèmes, la variable d'environnement <emphasis>$TERM</"
+"emphasis> sera initialisée au type de terminal de votre tty, comme spécifié "
+"dans <filename>/etc/ttytype</filename>."
+
+#: login.1.xml:182(para)
+msgid ""
+"An initialization script for your command interpreter may also be executed. "
+"Please see the appropriate manual section for more information on this "
+"function."
+msgstr ""
+"Un script d'initialisation pour votre interpréteur de commandes pourra "
+"également être exécuté. Veuillez vous référer à la section de manuel "
+"appropriée pour plus d'informations sur cette fonctionnalité."
+
+#: login.1.xml:194(para) login.1.xml:270(para)
+msgid ""
+"The <command>login</command> program is NOT responsible for removing users "
+"from the utmp file. It is the responsibility of "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> and <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry> to clean up apparent "
+"ownership of a terminal session. If you use <command>login</command> from "
+"the shell prompt without <command>exec</command>, the user you use will "
+"continue to appear to be logged in even after you log out of the \"subsession"
+"\"."
+msgstr ""
+"Le programme <command>login</command> n'est PAS responsable de la "
+"suppression d'utilisateurs dans le fichier utmp. Les responsables du "
+"nettoyage de l'appartenance des sessions de terminal sont "
+"<citerefentry><refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry> et <citerefentry><refentrytitle>init</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>. Si vous utilisez "
+"<command>login</command> depuis un interpréteur de commandes sans "
+"<command>exec</command>, l'utilisateur que vous utilisez continuera à "
+"apparaître comme étant connecté même après s'être déconnecté de cette « sous-"
+"session »."
+
+#: login.1.xml:217(para)
+msgid "Do not perform authentication, user is preauthenticated."
+msgstr "Ne pas réaliser d'authentification. L'utilisateur est pré-authentifié."
+
+#: login.1.xml:220(para)
+msgid "Note: In that case, <replaceable>username</replaceable> is mandatory."
+msgstr ""
+"Remarque : Dans ce cas, <replaceable>username</replaceable> est nécessaire."
+
+#: login.1.xml:228(option)
+msgid "-h"
+msgstr "-h"
+
+#: login.1.xml:231(para)
+msgid "Name of the remote host for this login."
+msgstr "Nom de l'hôte distant pour cette connexion."
+
+#: login.1.xml:239(para)
+msgid "Preserve environment."
+msgstr "Préserver l'environnement."
+
+#: login.1.xml:244(option)
+msgid "-r"
+msgstr "-r"
+
+#: login.1.xml:247(para)
+msgid "Perform autologin protocol for rlogin."
+msgstr ""
+"Exécuter le protocole de connexion automatique (autologin) pour rlogin."
+
+#: login.1.xml:252(para)
+msgid ""
+"The <option>-r</option>, <option>-h</option> and <option>-f</option> options "
+"are only used when <command>login</command> is invoked by root."
+msgstr ""
+"Les options <option>-r</option>, <option>-h</option> et <option>-f</option> "
+"ne peuvent être utilisées que par root."
+
+#: login.1.xml:261(para)
+msgid ""
+"This version of <command>login</command> has many compilation options, only "
+"some of which may be in use at any particular site."
+msgstr ""
+"Cette version de <command>login</command> comporte de nombreuses options de "
+"compilation. Seules certaines d'entre elles peuvent avoir été activées sur "
+"votre site."
+
+#: login.1.xml:266(para)
+msgid ""
+"The location of files is subject to differences in system configuration."
+msgstr ""
+"L'emplacement des fichiers peut varier suivant la configuration du système."
+
+#: login.1.xml:282(para)
+msgid ""
+"As with any program, <command>login</command>'s appearance can be faked. If "
+"non-trusted users have physical access to a machine, an attacker could use "
+"this to obtain the password of the next person coming to sit in front of the "
+"machine. Under Linux, the SAK mechanism can be used by users to initiate a "
+"trusted path and prevent this kind of attack."
+msgstr ""
+"Comme pour n'importe quel programme, l'apparence de <command>login</command> "
+"peut être imitée. Si des utilisateurs non sûrs ont un accès physique à la "
+"machine, un attaquant pourrait utiliser cet accès pour obtenir le mot de "
+"passe de la personne qui s'assiérait ensuite face à l'écran. Sous Linux, le "
+"mécanisme SAK peut être utilisé par les utilisateurs pour initier un chemin "
+"de confiance et prévenir ce genre d'attaques."
+
+#: login.1.xml:347(filename)
+msgid "/var/log/wtmp"
+msgstr "/var/log/wtmp"
+
+#: login.1.xml:349(para)
+msgid "List of previous login sessions."
+msgstr "Liste des sessions de connexion précédentes."
+
+#: login.1.xml:365(filename)
+msgid "/etc/motd"
+msgstr "/etc/motd"
+
+#: login.1.xml:367(para)
+msgid "System message of the day file."
+msgstr "Fichier contenant le message du système."
+
+#: login.1.xml:371(filename)
+msgid "/etc/nologin"
+msgstr "/etc/nologin"
+
+#: login.1.xml:373(para)
+msgid "Prevent non-root users from logging in."
+msgstr "Empêcher les utilisateurs non-root de se connecter."
+
+#: login.1.xml:377(filename)
+msgid "/etc/ttytype"
+msgstr "/etc/ttytype"
+
+#: login.1.xml:379(para)
+msgid "List of terminal types."
+msgstr "Liste des types de terminaux."
+
+#: login.1.xml:383(filename)
+msgid "$HOME/.hushlogin"
+msgstr "$HOME/.hushlogin"
+
+#: login.1.xml:385(para)
+msgid "Suppress printing of system messages."
+msgstr "Supprimer l'affichage des messages du système."
+
+#: login.1.xml:399(para)
+msgid ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>su</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>nologin</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>securetty</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getty</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: limits.5.xml:41(firstname)
+msgid "Luca"
+msgstr "Luca"
+
+#: limits.5.xml:42(surname)
+msgid "Berra"
+msgstr "Berra"
+
+#: limits.5.xml:59(refentrytitle) limits.5.xml:66(refname)
+msgid "limits"
+msgstr "limits"
+
+#: limits.5.xml:67(refpurpose)
+msgid "resource limits definition"
+msgstr "définition des limites de ressources"
+
+#: limits.5.xml:73(para)
+msgid ""
+"The <emphasis remap=\"I\">limits</emphasis> file (<filename>/etc/limits</"
+"filename> by default or LIMITS_FILE defined <filename>config.h</filename>) "
+"describes the resource limits you wish to impose. It should be owned by root "
+"and readable by root account only."
+msgstr ""
+"Le fichier <emphasis remap=\"I\">limits</emphasis> (<filename>/etc/limits</"
+"filename> par défaut ou LIMITS_FILE définit dans <filename>config.h</"
+"filename>) décrit les limites de ressource que vous voulez imposer. Il doit "
+"être possédé et ne doit être lisible que par le compte root."
+
+#: limits.5.xml:81(para)
+msgid ""
+"By default no quota is imposed on 'root'. In fact, there is no way to impose "
+"limits via this procedure to root-equiv accounts (accounts with UID 0)."
+msgstr ""
+"Par défaut, aucun quota (aucune limite) n'est imposé à « root ». En fait, il "
+"n'est pas possible d'imposer de cette façon de limite aux comptes root ou "
+"équivalents (comptes ayant un UID de 0)."
+
+#: limits.5.xml:87(para)
+msgid "Each line describes a limit for a user in the form:"
+msgstr ""
+"Chaque ligne décrit une limite pour un utilisateur, elle est de la forme "
+"suivante :"
+
+#: limits.5.xml:90(emphasis)
+msgid "user LIMITS_STRING"
+msgstr "utilisateur LISTE_DE_LIMITES"
+
+#: limits.5.xml:93(para)
+msgid "or in the form:"
+msgstr "ou sous la forme :"
+
+#: limits.5.xml:96(emphasis)
+msgid "@group LIMITS_STRING"
+msgstr "@groupe LISTE_DE_LIMITES"
+
+#: limits.5.xml:99(para)
+msgid ""
+"The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated list of "
+"resource limits. Each limit consists of a letter identifier followed by a "
+"numerical limit."
+msgstr ""
+"Où <emphasis>LISTE_DE_LIMITES</emphasis> est une chaîne construite par la "
+"concaténation d'une liste de limites de ressource. Chaque limite consiste en "
+"une lettre (identifiant le type de limite) et une valeur numérique."
+
+#: limits.5.xml:105(para)
+msgid "The valid identifiers are:"
+msgstr "Les identifiants possibles sont :"
+
+#: limits.5.xml:108(para)
+msgid "A: max address space (KB)"
+msgstr "A : espace d'adressage maximal (en kilo octets)"
+
+#: limits.5.xml:109(para)
+msgid "C: max core file size (KB)"
+msgstr ""
+"C : taille maximale d'un fichier image de la mémoire (« core », en kilo "
+"octets)"
+
+#: limits.5.xml:110(para)
+msgid "D: max data size (KB)"
+msgstr ""
+"D : taille maximale du segment de données d'un programme (en kilo octets)"
+
+#: limits.5.xml:111(para)
+msgid "F: maximum filesize (KB)"
+msgstr "F : taille maximale des fichiers (en kilo octets)"
+
+#: limits.5.xml:112(para)
+msgid ""
+"K: file creation mask, set by <citerefentry><refentrytitle>umask</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"K : masque de création de fichier, défini par "
+"<citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></"
+"citerefentry>."
+
+#: limits.5.xml:117(para)
+msgid "I: max nice value (0..39 which translates to 20..-19)"
+msgstr "I : valeur nice maximum (0..39 qui sera traduit en 20..-19)"
+
+#: limits.5.xml:119(para)
+msgid "L: max number of logins for this user"
+msgstr "L : nombre maximal de connexions simultanées pour cet utilisateur"
+
+#: limits.5.xml:120(para)
+msgid "M: max locked-in-memory address space (KB)"
+msgstr ""
+"M : taille  maximale de mémoire verrouillée (« locked-in-memory », en kilo "
+"octets)"
+
+#: limits.5.xml:121(para)
+msgid "N: max number of open files"
+msgstr "N : nombre maximal de fichiers ouverts"
+
+#: limits.5.xml:122(para)
+msgid "O: max real time priority"
+msgstr "O : priorité temps réel maximale"
+
+#: limits.5.xml:123(para)
+msgid ""
+"P: process priority, set by <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"P : priorité des processus, défini par "
+"<citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: limits.5.xml:128(para)
+msgid "R: max resident set size (KB)"
+msgstr ""
+"R : taille maximale de la mémoire résidente (« resident set size », en kilo "
+"octets)"
+
+#: limits.5.xml:129(para)
+msgid "S: max stack size (KB)"
+msgstr "S : taille maximale de la pile (en kilo octets)"
+
+#: limits.5.xml:130(para)
+msgid "T: max CPU time (MIN)"
+msgstr "T : temps processeur maximal consommé (en minutes)"
+
+#: limits.5.xml:131(para)
+msgid "U: max number of processes"
+msgstr "U : nombre maximal de processus"
+
+#: limits.5.xml:134(para)
+msgid ""
+"For example, <emphasis remap=\"I\">L2D2048N5</emphasis> is a valid "
+"<emphasis>LIMITS_STRING</emphasis>. For reading convenience, the following "
+"entries are equivalent:"
+msgstr ""
+"Par exemple, <emphasis remap=\"I\">L2D2048N5</emphasis> est une chaîne "
+"<emphasis>LISTE_DE_LIMITES</emphasis> valable. Pour faciliter la lecture, "
+"les entrées suivantes sont équivalentes :"
+
+# NOTE: elle va pas cette chaîne
+#: limits.5.xml:140(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"      username L2D2048N5\n"
+"      username L2 D2048 N5\n"
+"    "
+msgstr ""
+"\n"
+"      utilisateur L2D2048N5\n"
+"      utilisateur L2 D2048 N5\n"
+"    "
+
+#: limits.5.xml:145(para)
+msgid ""
+"Be aware that after <emphasis remap=\"I\">username</emphasis> the rest of "
+"the line is considered a limit string, thus comments are not allowed. A "
+"invalid limits string will be rejected (not considered) by the "
+"<command>login</command> program."
+msgstr ""
+"Attention : tout ce qui suit <emphasis remap=\"I\">utilisateur</emphasis> "
+"est considéré comme une limite de chaîne. Les commentaires ne sont pas "
+"autorisés. Une chaîne de limites non valable sera rejetée (non utilisée) par "
+"le programme <command>login</command>."
+
+#: limits.5.xml:152(para)
+msgid ""
+"The default entry is denoted by username \"<emphasis>*</emphasis>\". If you "
+"have multiple <emphasis remap=\"I\">default</emphasis> entries in your "
+"<emphasis>LIMITS_FILE</emphasis>, then the last one will be used as the "
+"default entry."
+msgstr ""
+"L'entrée par défaut est représentée par un utilisateur dénommé "
+"« <emphasis>*</emphasis> ». Si plusieurs entrées par défaut sont présentes "
+"dans le fichier de limites, alors seule la dernière sera prise en compte."
+
+#: limits.5.xml:159(para)
+msgid ""
+"The limits specified in the form \"<replaceable>@group</replaceable>\" apply "
+"to the members of the specified <replaceable>group</replaceable>."
+msgstr ""
+"Les limites précisées sous la forme « <replaceable>@groupe</replaceable> » "
+"s'appliquent aux membres du <replaceable>groupe</replaceable> précisé."
+
+#: limits.5.xml:165(para)
+msgid ""
+"If more than one line with limits for an user exist, only the first line for "
+"this user will be considered."
+msgstr ""
+"Si plusieurs lignes avec des limites pour un utilisateur existent, seule la "
+"première ligne pour cet utilisateur sera prise en compte."
+
+#: limits.5.xml:170(para)
+msgid ""
+"If no lines are specified for an user, the last <replaceable>@group</"
+"replaceable> line matching a group whose the user is a member of will be "
+"considered, or the last line with default limits if no groups contain the "
+"user."
+msgstr ""
+"Si aucune ligne n'est précisée pour l'utilisateur, la dernière ligne "
+"<replaceable>@groupe</replaceable> correspondant à un groupe auquel "
+"l'utilisateur appartient sera prise en compte, ou la dernière ligne avec les "
+"limites par défaut si aucun groupe ne contient l'utilisateur."
+
+#: limits.5.xml:177(para)
+msgid ""
+"To completely disable limits for a user, a single dash \"<emphasis>-</"
+"emphasis>\" will do."
+msgstr ""
+"Un simple tiret « <emphasis>-</emphasis> » sera suffisant pour désactiver "
+"toute limite à un utilisateur, "
+
+#: limits.5.xml:182(para)
+msgid ""
+"To disable a limit for a user, a single dash \"<replaceable>-</replaceable>"
+"\" can be used instead of the numerical value for this limit."
+msgstr ""
+"Afin de désactiver une limite pour un utilisateur, un simple tiret "
+"« <replaceable>-</replaceable> » peut être utilisé au lieu d'une valeur "
+"numérique pour cette limite."
+
+#: limits.5.xml:188(para)
+msgid ""
+"Also, please note that all limit settings are set PER LOGIN. They are not "
+"global, nor are they permanent. Perhaps global limits will come, but for now "
+"this will have to do ;)"
+msgstr ""
+"Notez également que les limites ne sont configurées que PAR CONNEXION. Il "
+"n'y a pas de limite globale ou permanente. Des limites globales pourraient "
+"voir le jour, mais pour l'instant, il faut faire sans."
+
+#: limits.5.xml:199(filename)
+msgid "/etc/limits"
+msgstr "/etc/limits"
+
+#: limits.5.xml:207(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>setpriority</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>."
+
+#: lastlog.8.xml:58(refentrytitle) lastlog.8.xml:65(refname)
+#: lastlog.8.xml:71(command)
+msgid "lastlog"
+msgstr "lastlog"
+
+#: lastlog.8.xml:66(refpurpose)
+msgid "reports the most recent login of all users or of a given user"
+msgstr ""
+"signaler les connexions les plus récentes de tous les utilisateurs ou d'un "
+"utilisateur donné"
+
+#: lastlog.8.xml:80(para)
+msgid ""
+"<command>lastlog</command> formats and prints the contents of the last login "
+"log <filename>/var/log/lastlog</filename> file. The <emphasis>login-name</"
+"emphasis>, <emphasis>port</emphasis>, and <emphasis>last login time</"
+"emphasis> will be printed. The default (no flags) causes lastlog entries to "
+"be printed, sorted by their order in <filename>/etc/passwd</filename>."
+msgstr ""
+"<command>lastlog</command> affiche le contenu du journal des dernières "
+"connexions (<filename>/var/log/lastlog</filename>). Les champs "
+"<emphasis>Utilisateur</emphasis>, <emphasis>Port</emphasis>, date de "
+"<emphasis>Dernière</emphasis> connexion sont affichés. Par défaut (aucune "
+"option de spécifiée), les entrées de lastlog sont affichées triées par ordre "
+"d'apparition dans <filename>/etc/passwd</filename>."
+
+#: lastlog.8.xml:92(para)
+msgid "The options which apply to the <command>lastlog</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>lastlog</command> sont :"
+
+#: lastlog.8.xml:97(term)
+#| msgid ""
+#| "<option>-b</option>, <option>--before</option><replaceable>DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-b</option>, <option>--before</option>&nbsp;<replaceable>JOURS</"
+"replaceable>"
+
+#: lastlog.8.xml:101(para)
+msgid ""
+"Print only lastlog records older than <emphasis remap=\"I\">DAYS</emphasis>."
+msgstr ""
+"N'afficher que les entrées du fichier lastlog plus anciennes que <emphasis "
+"remap=\"I\">JOURS</emphasis>."
+
+#: lastlog.8.xml:127(term) faillog.8.xml:192(term)
+#| msgid ""
+#| "<option>-t</option>, <option>--time</option><replaceable>DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-t</option>, <option>--time</option>&nbsp;<replaceable>JOURS</"
+"replaceable>"
+
+#: lastlog.8.xml:131(para)
+msgid ""
+"Print the lastlog records more recent than <emphasis remap=\"I\">DAYS</"
+"emphasis>."
+msgstr ""
+"Afficher les entrées du fichier lastlog plus récentes que <emphasis remap=\"I"
+"\">JOURS</emphasis>."
+
+#: lastlog.8.xml:138(term) faillog.8.xml:202(term)
+#| msgid ""
+#| "<option>-u</option>, <option>--user</option><replaceable>LOGIN</"
+#| "replaceable>|<replaceable>RANGE</replaceable>"
+msgid ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>RANGE</replaceable>"
+msgstr ""
+"<option>-u</option>, <option>--user</option>&nbsp;<replaceable>LOGIN</"
+"replaceable>|<replaceable>INTERVALLE</replaceable>"
+
+#: lastlog.8.xml:142(para)
+msgid "Print the lastlog record of the specified user(s)."
+msgstr "N'afficher que les entrées correspondant aux utilisateurs indiqués."
+
+#: lastlog.8.xml:145(para) faillog.8.xml:211(para)
+msgid ""
+"The users can be specified by a login name, a numerical user ID, or a "
+"<replaceable>RANGE</replaceable> of users. This <replaceable>RANGE</"
+"replaceable> of users can be specified with a min and max values "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), a max value (<replaceable>-"
+"UID_MAX</replaceable>), or a min value (<replaceable>UID_MIN-</replaceable>)."
+msgstr ""
+"Les utilisateurs peuvent être précisés par un nom de connexion, un "
+"identifiant numérique d'utilisateur ou un <replaceable>INTERVALLE</"
+"replaceable> d'utilisateurs. Cet <replaceable>INTERVALLE</replaceable> "
+"d'utilisateurs peut être précisé avec des valeurs minimale et maximale "
+"(<replaceable>UID_MIN-UID_MAX</replaceable>), seulement une valeur maximale "
+"(<replaceable>-UID_MAX</replaceable>) ou une valeur minimale "
+"(<replaceable>UID_MIN-</replaceable>)."
+
+#: lastlog.8.xml:157(para)
+msgid ""
+"If the user has never logged in the message <emphasis>** Never logged in**</"
+"emphasis> will be displayed instead of the port and time."
+msgstr ""
+"Dans le cas où l'utilisateur ne s'est jamais connecté, le message "
+"« <emphasis>**Never logged in**</emphasis> » (« <emphasis>**Jamais "
+"connecté**</emphasis> ») est affiché à la place des champs <emphasis>Port</"
+"emphasis> et date de <emphasis>Dernière</emphasis> connexion."
+
+#: lastlog.8.xml:162(para)
+msgid ""
+"Only the entries for the current users of the system will be displayed. "
+"Other entries may exist for users that were deleted previously."
+msgstr ""
+"Seules les entrées pour les utilisateurs actuels du système seront "
+"affichées. D'autres entrées peuvent exister pour les utilisateurs supprimés "
+"précédemment."
+
+#: lastlog.8.xml:170(title) groups.1.xml:90(title) chsh.1.xml:140(title)
+#: chage.1.xml:231(title)
+msgid "NOTE"
+msgstr "NOTE"
+
+#: lastlog.8.xml:171(para)
+msgid ""
+"The <filename>lastlog</filename> file is a database which contains info on "
+"the last login of each user. You should not rotate it. It is a sparse file, "
+"so its size on the disk is usually much smaller than the one shown by "
+"\"<command>ls -l</command>\" (which can indicate a really big file if you "
+"have in <filename>passwd</filename> users with a high UID). You can display "
+"its real size with \"<command>ls -s</command>\"."
+msgstr ""
+"Le fichier <filename>lastlog</filename> est une base de données qui contient "
+"des informations concernant la dernière connexion de chaque utilisateur. "
+"Vous n'avez pas à faire de rotation (avec <command>logrotate</command>) sur "
+"ce fichier. C'est un fichier « creux », donc sa taille sur le disque est "
+"bien plus petite que celle affichée par « <command>ls -l</command> » (qui "
+"peut indiquer un très gros fichier si vous avez des utilisateurs avec des "
+"UID élevés). Vous pouvez afficher sa taille réelle avec « <command>ls -s</"
+"command> »."
+
+#: lastlog.8.xml:185(filename)
+msgid "/var/log/lastlog"
+msgstr "/var/log/lastlog"
+
+#: lastlog.8.xml:187(para)
+msgid "Database times of previous user logins."
+msgstr ""
+"Base de données de l'heure des connexions précédentes des utilisateurs."
+
+#: lastlog.8.xml:195(para)
+msgid ""
+"Large gaps in UID numbers will cause the lastlog program to run longer with "
+"no output to the screen (i.e. if in lastlog database there is no entries for "
+"users with UID between 170 and 800 lastlog will appear to hang as it "
+"processes entries with UIDs 171-799)."
+msgstr ""
+"S'il y a des trous importants dans les valeurs des UID, <command>lastlog</"
+"command> s'exécutera plus lentement, sans affichage à l'écran (par exemple, "
+"s'il n'y a pas d'entrée pour les utilisateurs ayant un UID compris entre 170 "
+"et 800 dans base de données lastlog, le programme lastlog semblera bloqué "
+"comme s'il traitait les entrées correspondant aux UID 171 à 799)."
+
+#: gshadow.5.xml:41(contrib)
+msgid "Creation, 2005"
+msgstr "Création, 2005"
+
+#: gshadow.5.xml:46(refentrytitle) gshadow.5.xml:53(refname)
+msgid "gshadow"
+msgstr "gshadow"
+
+#: gshadow.5.xml:54(refpurpose)
+msgid "shadowed group file"
+msgstr "informations cachées sur les groupes"
+
+#: gshadow.5.xml:59(para)
+msgid ""
+"<filename>/etc/gshadow</filename> contains the shadowed information for "
+"group accounts."
+msgstr ""
+"<filename>/etc/gshadow</filename> contient les informations cachées sur les "
+"groupes."
+
+#: gshadow.5.xml:69(para)
+msgid "Each line of this file contains the following colon-separated fields:"
+msgstr ""
+"Chaque ligne de ce fichier contient les champs suivants, séparés par des "
+"deux-points (« : ») :"
+
+#: gshadow.5.xml:75(emphasis)
+msgid "group name"
+msgstr "nom du groupe"
+
+#: gshadow.5.xml:77(para)
+msgid "It must be a valid group name, which exist on the system."
+msgstr "Ce doit être un nom de groupe valable, qui existe sur le système."
+
+#: gshadow.5.xml:90(para)
+msgid ""
+"If the password field contains some string that is not a valid result of "
+"<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum></"
+"citerefentry>, for instance ! or *, users will not be able to use a unix "
+"password to access the group (but group members do not need the password)."
+msgstr ""
+"Si le champ du mot de passe contient une chaîne qui ne peut pas être un "
+"résultat valable de <citerefentry><refentrytitle>crypt</"
+"refentrytitle><manvolnum>3</manvolnum></citerefentry>, par exemple si elle "
+"contient les caractères « ! » ou « * », les utilisateurs ne pourront pas "
+"utiliser le mot de passe UNIX pour accéder au groupe (mais les membres du "
+"groupe n'ont pas besoin de mot de passe)."
+
+#: gshadow.5.xml:97(para)
+msgid ""
+"The password is used when an user who is not a member of the group wants to "
+"gain the permissions of this group (see <citerefentry><refentrytitle>newgrp</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>)."
+msgstr ""
+"Le mot de passe est utilisé quand un utilisateur non membre du groupe veut "
+"obtenir les permissions de ce groupe (consultez "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>)."
+
+#: gshadow.5.xml:103(para)
+msgid ""
+"This field may be empty, in which case only the group members can gain the "
+"group permissions."
+msgstr ""
+"Ce champ peut être vide. Dans ce cas seuls les membres du groupe peuvent "
+"obtenir les permissions du groupe."
+
+#: gshadow.5.xml:113(para)
+msgid ""
+"This password supersedes any password specified in <filename>/etc/group</"
+"filename>."
+msgstr ""
+"Ce mot de passe remplace tout mot de passe indiqué dans <filename>/etc/"
+"group</filename>."
+
+#: gshadow.5.xml:121(emphasis)
+msgid "administrators"
+msgstr "administrateurs"
+
+#: gshadow.5.xml:123(para) gshadow.5.xml:139(para)
+msgid "It must be a comma-separated list of user names."
+msgstr "Ce champ doit être une liste d'utilisateurs, séparés par des virgules."
+
+#: gshadow.5.xml:126(para)
+msgid "Administrators can change the password or the members of the group."
+msgstr ""
+"Les administrateurs peuvent modifier le mot de passe ou les membres du "
+"groupe."
+
+#: gshadow.5.xml:130(para)
+msgid ""
+"Administrators also have the same permissions as the members (see below)."
+msgstr ""
+"Les administrateurs peuvent aussi avoir les mêmes permissions que les "
+"membres (voir ci-dessous)."
+
+#: gshadow.5.xml:137(emphasis)
+msgid "members"
+msgstr "membres"
+
+#: gshadow.5.xml:142(para)
+msgid "Members can access the group without being prompted for a password."
+msgstr ""
+"Les membres peuvent accéder au groupe sans qu'un mot de passe ne leur soit "
+"demandé."
+
+#: gshadow.5.xml:146(para)
+msgid ""
+"You should use the same list of users as in <filename>/etc/group</filename>."
+msgstr ""
+"Vous devez utiliser la même liste d'utilisateurs que dans <filename>/etc/"
+"group</filename>."
+
+#: gshadow.5.xml:175(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>grpconv</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>."
+
+#: grpck.8.xml:66(refpurpose)
+msgid "verify integrity of group files"
+msgstr "Vérifier l'intégrité des fichiers d'administration des groupes"
+
+#: grpck.8.xml:84(para)
+msgid ""
+"The <command>grpck</command> command verifies the integrity of the groups "
+"information. It checks that all entries in <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase> have the proper format and contain valid data. The user "
+"is prompted to delete entries that are improperly formatted or which have "
+"other uncorrectable errors."
+msgstr ""
+"La commande <command>grpck</command> vérifie l'intégrité des informations "
+"sur les groupes du système. Toutes les entrées de <filename>/etc/group</"
+"filename> <phrase condition=\"gshadow\"> et <filename>/etc/gshadow</"
+"filename></phrase> sont vérifiées afin de s'assurer qu'elles ont le bon "
+"format et qu'elles contiennent des données valables dans chaque champ. Une "
+"confirmation de l'utilisateur sera demandée pour détruire les entrées mal "
+"formatées ou ayant d'autres erreurs non récupérables."
+
+#: grpck.8.xml:101(para)
+msgid "a unique and valid group name"
+msgstr "unicité et validité des noms de groupe ;"
+
+#: grpck.8.xml:104(para)
+msgid ""
+"a valid group identifier <phrase condition=\"gshadow\"> (<filename>/etc/"
+"group</filename> only)</phrase>"
+msgstr ""
+"validité des identifiants de groupe <phrase condition=\"gshadow\"> "
+"(seulement <filename>/etc/group</filename>)</phrase> ;"
+
+#: grpck.8.xml:111(para)
+msgid ""
+"a valid list of members <phrase condition=\"gshadow\"> and administrators</"
+"phrase>"
+msgstr ""
+"validité de la liste de membres <phrase condition=\"gshadow\"> et "
+"d'administrateurs</phrase> ;"
+
+#: grpck.8.xml:117(para)
+msgid ""
+"a corresponding entry in the <filename>/etc/gshadow</filename> file "
+"(respectively <filename>/etc/group</filename> for the <filename>gshadow</"
+"filename> checks)"
+msgstr ""
+"correspondance d'entrée dans le fichier <filename>/etc/gshadow</filename> "
+"(respectivement <filename>/etc/group</filename> pour les vérifications de "
+"<filename>gshadow</filename>)."
+
+#: grpck.8.xml:125(para)
+msgid ""
+"The checks for correct number of fields and unique group name are fatal. If "
+"an entry has the wrong number of fields, the user will be prompted to delete "
+"the entire line. If the user does not answer affirmatively, all further "
+"checks are bypassed. An entry with a duplicated group name is prompted for "
+"deletion, but the remaining checks will still be made. All other errors are "
+"warnings and the user is encouraged to run the <command>groupmod</command> "
+"command to correct the error."
+msgstr ""
+"Une erreur dans le nombre de champs ou la non unicité d'un nom de groupe "
+"sera fatale. Si le nombre de champs n'est pas correct, il sera demandé à "
+"l'utilisateur de supprimer la ligne. Si l'utilisateur ne répond pas par "
+"l'affirmative, les vérifications suivantes ne seront pas effectuées. Il sera "
+"également demandé de supprimer les entrées correspondant aux noms de groupe "
+"redondants, mais dans ce cas, les autres vérifications seront effectuées. "
+"Toutes les autres erreurs ne sont que des avertissements et l'utilisateur "
+"est encouragé à utiliser <command>groupmod</command> pour les corriger."
+
+#: grpck.8.xml:136(para)
+msgid ""
+"The commands which operate on the <filename>/etc/group</filename><phrase "
+"condition=\"no_gshadow\">file</phrase><phrase condition=\"gshadow\">and "
+"<filename>/etc/gshadow</filename> files</phrase> are not able to alter "
+"corrupted or duplicated entries. <command>grpck</command> should be used in "
+"those circumstances to remove the offending entries."
+msgstr ""
+"Les commandes qui opèrent sur <phrase condition=\"no_gshadow\">le fichier</"
+"phrase> <phrase condition=\"gshadow\">les fichiers</phrase> <filename>/etc/"
+"group</filename> <phrase condition=\"gshadow\">et <filename>/etc/gshadow</"
+"filename></phrase> ne peuvent pas modifier les entrées corrompues ou "
+"redondantes. <command>grpck</command> doit être utilisée dans ce cas pour "
+"supprimer ces entrées."
+
+#: grpck.8.xml:152(para)
+msgid "The options which apply to the <command>grpck</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>grpck</command> sont :"
+
+#: grpck.8.xml:165(para)
+msgid ""
+"Execute the <command>grpck</command> command in read-only mode. This causes "
+"all questions regarding changes to be answered <emphasis>no</emphasis> "
+"without user intervention."
+msgstr ""
+"Exécute la commande <command>grpck</command> en mode lecture seule. Cela "
+"signifie qu'à toutes les questions concernant des modifications il sera "
+"répondu <emphasis>no</emphasis> sans l'intervention de l'utilisateur."
+
+#: grpck.8.xml:187(para)
+msgid ""
+"Sort entries in <filename>/etc/group</filename><phrase condition=\"gshadow"
+"\">and <filename>/etc/gshadow</filename></phrase> by GID."
+msgstr ""
+"Trie les entrées de <filename>/etc/group</filename> <phrase condition="
+"\"gshadow\">et <filename>/etc/gshadow</filename></phrase> par GID."
+
+#: grpck.8.xml:196(para)
+msgid ""
+"By default, <command>grpck</command> operates on <filename>/etc/group</"
+"filename><phrase condition=\"gshadow\">and <filename>/etc/gshadow</"
+"filename></phrase>. The user may select alternate files with the <emphasis "
+"remap=\"I\">group</emphasis><phrase condition=\"no_gshadow\">parameter.</"
+"phrase><phrase condition=\"gshadow\">and <emphasis remap=\"I\">shadow</"
+"emphasis> parameters.</phrase>"
+msgstr ""
+"Par défaut, <command>grpck</command> opère sur <filename>/etc/group</"
+"filename> <phrase condition=\"gshadow\">et <filename>/etc/gshadow</"
+"filename></phrase>. L'utilisateur peut préciser d'autres fichiers avec "
+"<phrase condition=\"no_gshadow\">le paramètre</phrase><phrase condition="
+"\"gshadow\">les paramètres</phrase> <emphasis remap=\"I\">group</emphasis> "
+"<phrase condition=\"gshadow\"> et <emphasis remap=\"I\">shadow</emphasis></"
+"phrase>."
+
+#: grpck.8.xml:264(para)
+msgid "one or more bad group entries"
+msgstr "une entrée de groupe ou plus est incorrecte"
+
+#: grpck.8.xml:270(para)
+msgid "can't open group files"
+msgstr "impossible d'ouvrir les fichiers group"
+
+#: grpck.8.xml:276(para)
+msgid "can't lock group files"
+msgstr "impossible de verrouiller les fichiers group"
+
+#: grpck.8.xml:282(para)
+msgid "can't update group files"
+msgstr "impossible de mettre à jour les fichiers group"
+
+#: grpck.8.xml:246(para)
+msgid ""
+"The <command>grpck</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>grpck</command> renvoie les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: grpck.8.xml:291(para)
+msgid ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>group</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, <phrase condition="
+"\"gshadow\"><citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum>, </citerefentry>, </"
+"phrase><citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>pwck</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: groups.1.xml:57(refentrytitle) groups.1.xml:64(refname)
+#: groups.1.xml:70(command)
+msgid "groups"
+msgstr "groups"
+
+#: groups.1.xml:65(refpurpose)
+msgid "display current group names"
+msgstr "Afficher la liste des groupes auxquels appartient l'utilisateur"
+
+#: groups.1.xml:72(replaceable)
+msgid "user"
+msgstr "utilisateur"
+
+#: groups.1.xml:79(para)
+msgid ""
+"The <command>groups</command> command displays the current group names or ID "
+"values. If the value does not have a corresponding entry in <filename>/etc/"
+"group</filename>, the value will be displayed as the numerical group value. "
+"The optional <emphasis remap=\"I\">user</emphasis> parameter will display "
+"the groups for the named <emphasis remap=\"I\">user</emphasis>."
+msgstr ""
+"La commande <command>groups</command> affiche la liste des noms de groupe "
+"(ou leur identifiant numérique) de l'utilisateur courant. Si une valeur n'a "
+"pas d'entrée correspondante dans <filename>/etc/group</filename>, "
+"l'identifiant numérique du groupe est affiché. Le paramètre optionnel "
+"<emphasis remap=\"I\">utilisateur</emphasis> permet d'afficher la liste des "
+"groupes pour cet utilisateur."
+
+#: groups.1.xml:91(para)
+msgid ""
+"Systems which do not support concurrent group sets will have the information "
+"from <filename>/etc/group</filename> reported. The user must use "
+"<command>newgrp</command> or <command>sg</command> to change his current "
+"real and effective group ID."
+msgstr ""
+"Sur les systèmes qui ne gèrent pas l'appartenance à plusieurs groupes, "
+"seules les informations contenues dans <filename>/etc/group</filename> sont "
+"affichées. L'utilisateur doit utiliser <command>newgrp</command> ou "
+"<command>sg</command> pour modifier l'identifiant de groupe réel et effectif."
+
+#: groups.1.xml:113(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>getgid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>getgroups</refentrytitle><manvolnum>2</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>getuid</"
+"refentrytitle><manvolnum>2</manvolnum></citerefentry>."
+
+#: groupmod.8.xml:66(refpurpose)
+msgid "modify a group definition on the system"
+msgstr "Modifier la définition d'un groupe du système"
+
+#: groupmod.8.xml:75(replaceable) groupdel.8.xml:75(replaceable)
+msgid "GROUP"
+msgstr "GROUPE"
+
+#: groupmod.8.xml:81(para)
+msgid ""
+"The <command>groupmod</command> command modifies the definition of the "
+"specified <replaceable>GROUP</replaceable> by modifying the appropriate "
+"entry in the group database."
+msgstr ""
+"La commande <command>groupmod</command> modifie la définition du "
+"<replaceable>GROUPE</replaceable> spécifié en modifiant l'entrée "
+"correspondante de la base de données des groupes."
+
+#: groupmod.8.xml:90(para)
+msgid "The options which apply to the <command>groupmod</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>groupmod</command> sont :"
+
+#: groupmod.8.xml:96(term) groupadd.8.xml:114(term)
+#| msgid ""
+#| "<option>-g</option>, <option>--gid</option><replaceable>GID</replaceable>"
+msgid ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--gid</option>&nbsp;<replaceable>GID</"
+"replaceable>"
+
+#: groupmod.8.xml:100(para)
+msgid ""
+"The group ID of the given <replaceable>GROUP</replaceable> will be changed "
+"to <replaceable>GID</replaceable>."
+msgstr ""
+"L'identifiant numérique du groupe <replaceable>GROUPE</replaceable> sera "
+"modifié vers <emphasis remap=\"I\">GID</emphasis>."
+
+#: groupmod.8.xml:104(para)
+msgid ""
+"The value of <replaceable>GID</replaceable> must be a non-negative decimal "
+"integer. This value must be unique, unless the <option>-o</option> option is "
+"used."
+msgstr ""
+"La valeur de <replaceable>GID</replaceable> doit être un nombre décimal "
+"positif. Cette valeur doit être unique, à moins que l'option <option>-o</"
+"option> ne soit utilisée."
+
+#: groupmod.8.xml:110(para)
+msgid ""
+"Users who use the group as primary group will be updated to keep the group "
+"as their primary group."
+msgstr ""
+"Les utilisateurs qui utilisent ce groupe comme groupe primaire seront mis à "
+"jour pour garder le groupe comme groupe primaire."
+
+#: groupmod.8.xml:114(para)
+msgid ""
+"Any files that have the old group ID and must continue to belong to "
+"<replaceable>GROUP</replaceable>, must have their group ID changed manually."
+msgstr ""
+"Vous devrez modifier vous-même l'identifiant de groupe des fichiers ayant "
+"l'ancien identifiant de groupe qui doivent continuer à appartenir au "
+"<replaceable>GROUPE</replaceable>."
+
+#: groupmod.8.xml:120(para)
+msgid ""
+"No checks will be performed with regard to the <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, or "
+"<option>SYS_GID_MAX</option> from <filename>/etc/login.defs</filename>."
+msgstr ""
+"Aucun contrôle ne sera effectué sur les valeurs de <option>GID_MIN</option>, "
+"<option>GID_MAX</option>, <option>SYS_GID_MIN</option>, ou "
+"<option>SYS_GID_MAX</option> du fichier <filename>/etc/login.defs</filename>."
+
+#: groupmod.8.xml:135(term)
+#| msgid ""
+#| "<option>-n</option>, <option>--new-name</option><replaceable>NEW_GROUP</"
+#| "replaceable>"
+msgid ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NEW_GROUP</replaceable>"
+msgstr ""
+"<option>-n</option>, <option>--new-name</option>&nbsp;"
+"<replaceable>NOUVEAU_NOM_GROUPE</replaceable>"
+
+#: groupmod.8.xml:139(para)
+msgid ""
+"The name of the group will be changed from <replaceable>GROUP</replaceable> "
+"to <replaceable>NEW_GROUP</replaceable> name."
+msgstr ""
+"Le nom du groupe sera modifié de <emphasis remap=\"I\">GROUPE</emphasis> "
+"vers <emphasis remap=\"I\">NOUVEAU_NOM_GROUPE</emphasis>."
+
+#: groupmod.8.xml:150(para)
+msgid ""
+"When used with the <option>-g</option> option, allow to change the group "
+"<replaceable>GID</replaceable> to a non-unique value."
+msgstr ""
+"En combinaison avec l'option <option>-g</option>, cette option permet de "
+"changer l'identifiant du groupe (<replaceable>GID</replaceable>) vers une "
+"valeur déjà utilisée."
+
+#: groupmod.8.xml:272(para)
+msgid "group name already in use"
+msgstr "nom de groupe déjà utilisé"
+
+#: groupmod.8.xml:236(para)
+msgid ""
+"The <command>groupmod</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>groupmod</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: groupmod.8.xml:287(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupmems.8.xml:42(firstname)
+msgid "George"
+msgstr "George"
+
+#: groupmems.8.xml:43(surname)
+msgid "Kraft"
+msgstr "Kraft"
+
+#: groupmems.8.xml:44(lineage)
+msgid "IV"
+msgstr "IV"
+
+#: groupmems.8.xml:45(contrib)
+msgid "Creation, 2000"
+msgstr "Création, 2000"
+
+#: groupmems.8.xml:69(refpurpose)
+msgid "administer members of a user's primary group"
+msgstr "Administrer les membres du groupe primaire d'un utilisateur"
+
+#: groupmems.8.xml:76(replaceable) groupmems.8.xml:77(replaceable)
+msgid "user_name"
+msgstr "nom_utilisateur"
+
+#: groupmems.8.xml:76(arg)
+msgid "-a <placeholder-1/>"
+msgstr "-a <placeholder-1/>"
+
+#: groupmems.8.xml:77(arg)
+msgid "-d <placeholder-1/>"
+msgstr "-d <placeholder-1/>"
+
+#: groupmems.8.xml:78(replaceable)
+msgid "group_name"
+msgstr "nom_groupe"
+
+#: groupmems.8.xml:78(arg)
+msgid "-g <placeholder-1/>"
+msgstr "-g <placeholder-1/>"
+
+#: groupmems.8.xml:79(arg)
+msgid "-l"
+msgstr "-l"
+
+#: groupmems.8.xml:86(para)
+msgid ""
+"The <command>groupmems</command> command allows a user to administer his/her "
+"own group membership list without the requirement of superuser privileges. "
+"The <command>groupmems</command> utility is for systems that configure its "
+"users to be in their own name sake primary group (i.e., guest / guest)."
+msgstr ""
+"La commande <command>groupmems</command> permet à un utilisateur "
+"d'administrer la liste des membres de son propre groupe sans avoir les "
+"privilèges du superutilisateur. L'utilitaire <command>groupmems</command> a "
+"été conçu pour les systèmes qui configurent leurs utilisateurs de telle "
+"sorte qu'ils soient responsables de leur groupe primaire (par exemple guest/"
+"guest)."
+
+#: groupmems.8.xml:94(para)
+msgid ""
+"Only the superuser, as administrator, can use <command>groupmems</command> "
+"to alter the memberships of other groups."
+msgstr ""
+"Seul le superutilisateur, en tant qu'administrateur, peut utiliser "
+"<command>groupmems</command> pour modifier la liste des membres d'un autre "
+"groupe."
+
+#: groupmems.8.xml:101(para)
+msgid ""
+"The options which apply to the <command>groupmems</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>groupmems</command> sont :"
+
+#: groupmems.8.xml:107(term)
+#| msgid ""
+#| "<option>-a</option>, <option>--add</option><replaceable>user_name</"
+#| "replaceable>"
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;"
+"<replaceable>nom_utilisateur</replaceable>"
+
+#: groupmems.8.xml:109(para)
+msgid "Add an user to the group membership list."
+msgstr "Ajouter un utilisateur à la liste des membres du groupe."
+
+#: groupmems.8.xml:110(para) groupmems.8.xml:126(para)
+#: groupmems.8.xml:157(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, and the group has no "
+"entry in the <filename>/etc/gshadow</filename> file, a new entry will be "
+"created."
+msgstr ""
+"Si le fichier <filename>/etc/gshadow</filename> existe, et que le groupe n'y "
+"a pas d'entrée, une nouvelle entrée sera créée."
+
+#: groupmems.8.xml:118(term)
+#| msgid ""
+#| "<option>-d</option>, <option>--delete</option><replaceable>user_name</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user_name</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;"
+"<replaceable>nom_utilisateur</replaceable>"
+
+#: groupmems.8.xml:120(para)
+msgid "Delete a user from the group membership list."
+msgstr "Supprimer un utilisateur de la liste des membres du groupe."
+
+#: groupmems.8.xml:121(para)
+msgid ""
+"If the <filename>/etc/gshadow</filename> file exist, the user will be "
+"removed from the list of members and administrators of the group."
+msgstr ""
+"Si le fichier <filename>/etc/gshadow</filename> existe, l'utilisateur sera "
+"retiré de la liste des membres et des administrateurs du groupe."
+
+#: groupmems.8.xml:134(term)
+#| msgid ""
+#| "<option>-g</option>, <option>--group</option><replaceable>group_name</"
+#| "replaceable>"
+msgid ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>group_name</"
+"replaceable>"
+msgstr ""
+"<option>-g</option>, <option>--group</option>&nbsp;<replaceable>nom_groupe</"
+"replaceable>"
+
+#: groupmems.8.xml:136(para)
+msgid "The superuser can specify which group membership list to modify."
+msgstr ""
+"Le superutilisateur peut préciser la liste des membres du groupe à modifier."
+
+#: groupmems.8.xml:148(term) chage.1.xml:154(term)
+msgid "<option>-l</option>, <option>--list</option>"
+msgstr "<option>-l</option>, <option>--list</option>"
+
+#: groupmems.8.xml:150(para)
+msgid "List the group membership list."
+msgstr "Afficher la liste des membres du groupe."
+
+#: groupmems.8.xml:154(term)
+msgid "<option>-p</option>, <option>--purge</option>"
+msgstr "<option>-p</option>, <option>--purge</option>"
+
+#: groupmems.8.xml:156(para)
+msgid "Purge all users from the group membership list."
+msgstr "Supprimer tous les utilisateurs de la liste des membres du groupe."
+
+#: groupmems.8.xml:180(title)
+msgid "SETUP"
+msgstr "CONFIGURATION"
+
+#: groupmems.8.xml:181(para)
+msgid ""
+"The <command>groupmems</command> executable should be in mode <literal>2770</"
+"literal> as user <emphasis>root</emphasis> and in group <emphasis>groups</"
+"emphasis>. The system administrator can add users to group <emphasis>groups</"
+"emphasis> to allow or disallow them using the <command>groupmems</command> "
+"utility to manage their own group membership list."
+msgstr ""
+"L'exécutable <command>groupmems</command> doit être installé en mode "
+"<literal>2770</literal> avec pour utilisateur <emphasis>root</emphasis> et "
+"pour groupe <emphasis>groups</emphasis>. L'administrateur système peut "
+"ajouter des utilisateurs au groupe <emphasis>groups</emphasis> pour leur "
+"permettre ou leur interdire d'utiliser <command>groupmems</command> pour "
+"gérer leur propre liste de membres du groupe."
+
+#: groupmems.8.xml:190(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+"    "
+msgstr ""
+"\n"
+"\t$ groupadd -r groups\n"
+"\t$ chmod 2770 groupmems\n"
+"\t$ chown root.groups groupmems\n"
+"\t$ groupmems -g groups -a gk4\n"
+"    "
+
+#: groupmems.8.xml:222(para)
+msgid "secure group account information"
+msgstr "informations cachées sur les groupes"
+
+#: groupmems.8.xml:230(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: groupdel.8.xml:66(refpurpose)
+msgid "delete a group"
+msgstr "Supprimer un groupe"
+
+#: groupdel.8.xml:81(para)
+msgid ""
+"The <command>groupdel</command> command modifies the system account files, "
+"deleting all entries that refer to <replaceable>GROUP</replaceable>. The "
+"named group must exist."
+msgstr ""
+"La commande <command>groupdel</command> modifie les fichiers "
+"d'administration des comptes du système, en supprimant les entrées qui se "
+"réfèrent à <replaceable>groupe</replaceable>. Le groupe indiqué doit exister."
+
+#: groupdel.8.xml:89(para)
+msgid "The options which apply to the <command>groupdel</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>groupdel</command> sont :"
+
+#: groupdel.8.xml:117(para)
+msgid ""
+"You may not remove the primary group of any existing user. You must remove "
+"the user before you remove the group."
+msgstr ""
+"Vous ne pouvez pas supprimer le groupe primaire d'un utilisateur existant. "
+"Vous devez supprimer l'utilisateur auparavant."
+
+#: groupdel.8.xml:121(para)
+msgid ""
+"You should manually check all file systems to ensure that no files remain "
+"owned by this group."
+msgstr ""
+"Vous devriez vérifier vous-même qu'aucun fichier possédé par le groupe ne "
+"subsiste sur tous les systèmes de fichiers."
+
+#: groupdel.8.xml:183(para)
+msgid "can't remove user's primary group"
+msgstr "impossible de supprimer le groupe primaire d'un utilisateur existant"
+
+#: groupdel.8.xml:159(para)
+msgid ""
+"The <command>groupdel</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>groupdel</command> renvoie les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: groupdel.8.xml:198(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>."
+
+#: groupadd.8.xml:68(refpurpose)
+msgid "create a new group"
+msgstr "Créer un nouveau groupe"
+
+#: groupadd.8.xml:85(para)
+msgid ""
+"The <command>groupadd</command> command creates a new group account using "
+"the values specified on the command line plus the default values from the "
+"system. The new group will be entered into the system files as needed."
+msgstr ""
+"La commande <command>groupadd</command> crée un nouveau compte de groupe en "
+"utilisant les valeurs spécifiées sur la ligne de commande et les valeurs par "
+"défaut du système. Le nouveau groupe sera inséré dans les fichiers du "
+"système selon les besoins."
+
+#: groupadd.8.xml:94(para)
+msgid "The options which apply to the <command>groupadd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>groupadd</command> sont :"
+
+#: groupadd.8.xml:104(para)
+msgid ""
+"This option causes the command to simply exit with success status if the "
+"specified group already exists. When used with <option>-g</option>, and the "
+"specified GID already exists, another (unique) GID is chosen (i.e. <option>-"
+"g</option> is turned off)."
+msgstr ""
+"Avec cette option, la commande quittera juste avec un état de succès si le "
+"groupe indiqué existe déjà. Avec l'option <option>-g</option>, si "
+"l'identifiant de groupe indiqué existe déjà, un autre identifiant de groupe "
+"(non utilisé) sera choisi (c.-à-d. que <option>-g</option> est désactivée)."
+
+#: groupadd.8.xml:118(para)
+msgid ""
+"The numerical value of the group's ID. This value must be unique, unless the "
+"<option>-o</option> option is used. The value must be non-negative. The "
+"default is to use the smallest ID value greater than or equal to "
+"<option>GID_MIN</option> and greater than every other group."
+msgstr ""
+"La valeur numérique de l'identifiant du groupe (« group ID » ou GID). Cette "
+"valeur doit être unique, sauf si l'option <option>-o</option> est utilisée. "
+"La valeur ne doit pas être négative. Par défaut, le plus petit identifiant "
+"supérieur au <option>GID_MIN</option> et aux identifiants des groupes "
+"existants est utilisé."
+
+#: groupadd.8.xml:124(para)
+msgid ""
+"See also the <option>-r</option> option and the <option>GID_MAX</option> "
+"description."
+msgstr ""
+"Voir aussi aussi la description des options <option>-r</option> et "
+"<option>GID_MAX</option>."
+
+# NOTE: missing <filename>
+#: groupadd.8.xml:141(para)
+msgid ""
+"Overrides <filename>/etc/login.defs</filename> defaults (GID_MIN, GID_MAX "
+"and others). Multiple <option>-K</option> options can be specified."
+msgstr ""
+"Surcharger les valeurs par défaut du fichier <filename>/etc/login.defs</"
+"filename> (GID_MIN, GID_MAX et autres). L'option <option>-K</option> peut "
+"être indiquée plusieurs fois."
+
+#: groupadd.8.xml:146(para)
+#| msgid ""
+#| "Example: <option>-K </option><replaceable>GID_MIN</"
+#| "replaceable>=<replaceable>100</replaceable><option>-K </"
+#| "option><replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgid ""
+"Example: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+msgstr ""
+"Exemple : <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;"
+"<replaceable>GID_MAX</replaceable>=<replaceable>499</replaceable>"
+
+#: groupadd.8.xml:150(para)
+#| msgid ""
+#| "Note: <option>-K </option><replaceable>GID_MIN</"
+#| "replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+#| "replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgid ""
+"Note: <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> doesn't work yet."
+msgstr ""
+"Remarque : <option>-K</option>&nbsp;<replaceable>GID_MIN</"
+"replaceable>=<replaceable>10</replaceable>,<replaceable>GID_MAX</"
+"replaceable>=<replaceable>499</replaceable> ne fonctionne pas pour l'instant."
+
+#: groupadd.8.xml:161(para)
+msgid "This option permits to add a group with a non-unique GID."
+msgstr ""
+"Cette option permet d'ajouter un groupe avec un identifiant (« GID ») déjà "
+"utilisé."
+
+#: groupadd.8.xml:192(para)
+msgid "Create a system group."
+msgstr "Créer un groupe système."
+
+#: groupadd.8.xml:195(para)
+msgid ""
+"The numeric identifiers of new system groups are chosen in the "
+"<option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option> range, defined in "
+"<filename>login.defs</filename>, instead of <option>GID_MIN</option>-"
+"<option>GID_MAX</option>."
+msgstr ""
+"Les identifiants numériques des nouveaux groupes systèmes sont choisis dans "
+"l'intervalle <option>SYS_GID_MIN</option>-<option>SYS_GID_MAX</option>, "
+"défini dans <filename>login.defs</filename>, au lieu de <option>GID_MIN</"
+"option>-<option>GID_MAX</option>"
+
+#: groupadd.8.xml:258(para)
+msgid ""
+"Groupnames must start with a lower case letter or an underscore, followed by "
+"lower case letters, digits, underscores, or dashes. They can end with a "
+"dollar sign. In regular expression terms: [a-z_][a-z0-9_-]*[$]?"
+msgstr ""
+"Les noms de groupe doivent commencer par une lettre minuscule ou un tiret "
+"bas (« underscore »), et seuls des lettres minuscules, des chiffres, des "
+"« underscore », ou des tirets peuvent suivre. Ils peuvent se terminer par un "
+"signe dollar. Soit, sous la forme d'une expression rationnelle : [a-z_][a-"
+"z0-9_-]*[$]?"
+
+#: groupadd.8.xml:264(para)
+msgid "Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long."
+msgstr "Les noms de groupe sont limités à &GROUP_NAME_MAX_LENGTH; caractères."
+
+#: groupadd.8.xml:267(para)
+msgid ""
+"You may not add a NIS or LDAP group. This must be performed on the "
+"corresponding server."
+msgstr ""
+"Vous ne pouvez pas ajouter d'utilisateur à un groupe NIS ou LDAP. Cela doit "
+"être effectué sur le serveur correspondant."
+
+#: groupadd.8.xml:271(para)
+msgid ""
+"If the groupname already exists in an external group database such as NIS or "
+"LDAP, <command>groupadd</command> will deny the group creation request."
+msgstr ""
+"Si le nom du groupe existe dans une base de données externe, telle que NIS "
+"ou LDAP, <command>groupadd</command> refusera de créer le groupe."
+
+#: groupadd.8.xml:304(para)
+msgid "GID not unique (when <option>-o</option> not used)"
+msgstr "GID déjà utilisé (et <option>-o</option> n'est pas utilisé)"
+
+#: groupadd.8.xml:310(para)
+msgid "group name not unique"
+msgstr "nom de groupe déjà utilisé"
+
+#: groupadd.8.xml:280(para)
+msgid ""
+"The <command>groupadd</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>groupadd</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#: groupadd.8.xml:325(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>chsh</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>userdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: gpasswd.1.xml:44(firstname)
+msgid "Rafal"
+msgstr "Rafal"
+
+#: gpasswd.1.xml:45(surname)
+msgid "Maszkowski"
+msgstr "Maszkowski"
+
+#: gpasswd.1.xml:71(phrase)
+msgid "administer <placeholder-1/>"
+msgstr "Administrer <placeholder-1/>"
+
+#: gpasswd.1.xml:74(phrase)
+msgid "administer <placeholder-1/> and <placeholder-2/>"
+msgstr "Administrer <placeholder-1/> et <placeholder-2/>"
+
+#: gpasswd.1.xml:85(replaceable) expiry.1.xml:76(replaceable)
+msgid "option"
+msgstr "option"
+
+#: gpasswd.1.xml:95(para)
+msgid ""
+"The <command>gpasswd</command> command is used to administer <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\">, and <filename>/etc/gshadow</"
+"filename></phrase>. Every group can have <phrase condition=\"gshadow"
+"\">administrators,</phrase> members and a password."
+msgstr ""
+"La commande <command>gpasswd</command> est utilisée pour administrer "
+"<filename>/etc/group</filename><phrase condition=\"gshadow\"> et <filename>/"
+"etc/gshadow</filename></phrase>. Chaque groupe peut avoir <phrase condition="
+"\"gshadow\">des administrateurs,</phrase> des membres et un mot de passe."
+
+#: gpasswd.1.xml:103(para)
+msgid ""
+"System administrators can use the <option>-A</option> option to define group "
+"administrator(s) and the <option>-M</option> option to define members. They "
+"have all rights of group administrators and members."
+msgstr ""
+"Les administrateurs système peuvent utiliser l'option <option>-A</option> "
+"pour définir un ou des administrateurs de groupe et l'option <option>-M</"
+"option> pour définir les membres. Ils ont tous les droits des "
+"administrateurs et membres du groupe."
+
+#: gpasswd.1.xml:108(para)
+msgid ""
+"<command>gpasswd</command> called by <phrase condition=\"gshadow\">a group "
+"administrator</phrase><phrase condition=\"no_gshadow\">a system "
+"administrator</phrase> with a group name only prompts for the new password "
+"of the <replaceable>group</replaceable>."
+msgstr ""
+"<command>gpasswd</command> appelée par <phrase condition=\"gshadow\">un "
+"administrateur de groupe</phrase><phrase condition=\"no_gshadow\">un "
+"administrateur système</phrase> avec un nom de groupe demande seulement le "
+"nouveau mot de passe du <replaceable>groupe</replaceable>."
+
+#: gpasswd.1.xml:115(para)
+msgid ""
+"If a password is set the members can still use "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> without a password, and non-members must supply the password."
+msgstr ""
+"Si un mot de passe est configuré, les membres peuvent toujours utiliser "
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> sans mot de passe. Les non membres doivent fournir le mot de "
+"passe."
+
+#: gpasswd.1.xml:123(title)
+msgid "Notes about group passwords"
+msgstr "Notes sur les mots de passe de groupe"
+
+#: gpasswd.1.xml:124(para)
+msgid ""
+"Group passwords are an inherent security problem since more than one person "
+"is permitted to know the password. However, groups are a useful tool for "
+"permitting co-operation between different users."
+msgstr ""
+"Les mots de passe de groupe représentent naturellement un risque en matière "
+"de sécurité, puisque plusieurs personnes ont connaissance du mot de passe. "
+"Cependant, les groupes sont utiles pour permettre la coopération entre "
+"différents utilisateurs."
+
+#: gpasswd.1.xml:135(para)
+msgid ""
+"Except for the <option>-A</option> and <option>-M</option> options, the "
+"options cannot be combined."
+msgstr ""
+"À part les options <option>-A</option> et <option>-M</option>, les options "
+"ne peuvent pas être combinées."
+
+#: gpasswd.1.xml:139(para)
+msgid "The options cannot be combined."
+msgstr "Les options ne peuvent pas être combinées."
+
+#: gpasswd.1.xml:142(para)
+msgid "The options which apply to the <command>gpasswd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>gpasswd</command> sont :"
+
+#: gpasswd.1.xml:147(term)
+#| msgid ""
+#| "<option>-a</option>, <option>--add</option><replaceable>user</replaceable>"
+msgid ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>, <option>--add</option>&nbsp;<replaceable>utilisateur</"
+"replaceable>"
+
+#: gpasswd.1.xml:151(para)
+msgid ""
+"Add the <replaceable>user</replaceable> to the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Ajouter l'<replaceable>utilisateur</replaceable> à ce <replaceable>groupe</"
+"replaceable>."
+
+#: gpasswd.1.xml:160(term)
+#| msgid ""
+#| "<option>-d</option>, <option>--delete</option><replaceable>user</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--delete</option>&nbsp;"
+"<replaceable>utilisateur</replaceable>"
+
+#: gpasswd.1.xml:164(para)
+msgid ""
+"Remove the <replaceable>user</replaceable> from the named "
+"<replaceable>group</replaceable>."
+msgstr ""
+"Enlever l'<replaceable>utilisateur</replaceable> de ce <replaceable>groupe</"
+"replaceable>."
+
+#: gpasswd.1.xml:181(term)
+#| msgid ""
+#| "<option>-Q</option>, <option>--root</option><replaceable>CHROOT_DIR</"
+#| "replaceable>"
+msgid ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</"
+"replaceable>"
+msgstr ""
+"<option>-Q</option>, <option>--root</option>&nbsp;<replaceable>RÉP_CHROOT</"
+"replaceable>"
+
+#: gpasswd.1.xml:195(term)
+msgid "<option>-r</option>, <option>--remove-password</option>"
+msgstr "<option>-r</option>, <option>--remove-password</option>"
+
+#: gpasswd.1.xml:199(para)
+msgid ""
+"Remove the password from the named <replaceable>group</replaceable>. The "
+"group password will be empty. Only group members will be allowed to use "
+"<command>newgrp</command> to join the named <replaceable>group</replaceable>."
+msgstr ""
+"Enlever le mot de passe pour ce <replaceable>groupe</replaceable>. Le mot de "
+"passe du groupe sera vide. Seuls les membres du groupe seront autorisés à "
+"utiliser <command>newgrp</command> pour rejoindre ce <replaceable>groupe</"
+"replaceable>."
+
+#: gpasswd.1.xml:211(term)
+msgid "<option>-R</option>, <option>--restrict</option>"
+msgstr "<option>-R</option>, <option>--restrict</option>"
+
+#: gpasswd.1.xml:215(para)
+msgid ""
+"Restrict the access to the named <replaceable>group</replaceable>. The group "
+"password is set to \"!\". Only group members with a password will be allowed "
+"to use <command>newgrp</command> to join the named <replaceable>group</"
+"replaceable>."
+msgstr ""
+"Restreindre l'accès à ce <replaceable>groupe</replaceable>. Le mot de passe "
+"du groupe est défini à « ! ». Seuls les membres du groupe seront autorisés à "
+"utiliser <command>newgrp</command> pour rejoindre ce <replaceable>groupe</"
+"replaceable>."
+
+#: gpasswd.1.xml:227(term)
+#| msgid ""
+#| "<option>-A</option>, <option>--administrators</option><replaceable>user</"
+#| "replaceable>,..."
+msgid ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>user</replaceable>,..."
+msgstr ""
+"<option>-A</option>, <option>--administrators</option>&nbsp;"
+"<replaceable>utilisateur</replaceable>,..."
+
+#: gpasswd.1.xml:231(para)
+msgid "Set the list of administrative users."
+msgstr "Configurer la liste des administrateurs."
+
+#: gpasswd.1.xml:239(term)
+#| msgid ""
+#| "<option>-M</option>, <option>--members</option><replaceable>user</"
+#| "replaceable>,..."
+msgid ""
+"<option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</"
+"replaceable>,..."
+msgstr ""
+"<option>-M</option>, <option>--members</option>&nbsp;"
+"<replaceable>utilisateur</replaceable>,..."
+
+#: gpasswd.1.xml:243(para)
+msgid "Set the list of group members."
+msgstr "Configurer la liste des membres du groupe."
+
+#: gpasswd.1.xml:253(para)
+msgid ""
+"This tool only operates on the <filename>/etc/group</filename><phrase "
+"condition=\"gshadow\"> and <filename>/etc/gshadow</filename> files.</"
+"phrase><phrase condition=\"no_gshadow\">file.</phrase> Thus you cannot "
+"change any NIS or LDAP group. This must be performed on the corresponding "
+"server."
+msgstr ""
+"Cet outil ne fonctionne que sur <phrase condition=\"no_gshadow\">le fichier</"
+"phrase><phrase condition=\"gshadow\">les fichiers</phrase> <filename>/etc/"
+"group</filename><phrase condition=\"gshadow\"> et <filename>/etc/gshadow</"
+"filename></phrase>. Par conséquent vous ne pouvez modifier aucun groupe NIS "
+"ou LDAP. Cela doit être effectué sur le serveur correspondant."
+
+#: gpasswd.1.xml:298(para)
+msgid ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+msgstr ""
+"<citerefentry><refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>group</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry><phrase condition="
+"\"gshadow\">, <citerefentry><refentrytitle>gshadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry></phrase>."
+
+#: faillog.8.xml:57(refentrytitle) faillog.8.xml:64(refname)
+#: faillog.8.xml:70(command) faillog.5.xml:57(refentrytitle)
+#: faillog.5.xml:64(refname) faillog.5.xml:111(refentrytitle)
+msgid "faillog"
+msgstr "faillog"
+
+#: faillog.8.xml:65(refpurpose)
+msgid "display faillog records or set login failure limits"
+msgstr ""
+"Examiner le fichier faillog, et configurer les limites d'échecs de connexion"
+
+#: faillog.8.xml:79(para)
+msgid ""
+"<command>faillog</command> displays the contents of the failure log database "
+"(<filename>/var/log/faillog</filename>). It can also set the failure "
+"counters and limits. When <command>faillog</command> is run without "
+"arguments, it only displays the faillog records of the users who had a login "
+"failure."
+msgstr ""
+"<command>faillog</command> affiche le contenu du journal des échecs de "
+"connexion (<filename>/var/log/faillog</filename>). Il peut aussi configurer "
+"le décompte et les limitations de ces échecs. Exécuter <command>faillog</"
+"command> sans argument n'affiche que la liste des échecs des utilisateurs "
+"qui ont déjà eu un échec de connexion."
+
+#: faillog.8.xml:90(para)
+msgid "The options which apply to the <command>faillog</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>faillog</command> sont :"
+
+#: faillog.8.xml:98(para)
+msgid ""
+"Display (or act on) faillog records for all users having an entry in the "
+"<filename>faillog</filename> database."
+msgstr ""
+"Afficher (ou agir sur) les enregistrements d'erreurs de connexion pour tous "
+"les utilisateurs ayant une entrée dans la base de données <filename>faillog</"
+"filename>."
+
+#: faillog.8.xml:102(para)
+msgid ""
+"The range of users can be restricted with the <option>-u</option> option."
+msgstr ""
+"La liste des utilisateurs peut être limitée avec l'option <option>-u</"
+"option>."
+
+#: faillog.8.xml:106(para)
+msgid ""
+"In display mode, this is still restricted to existing users but forces the "
+"display of the faillog entries even if they are empty."
+msgstr ""
+"En mode affichage, toujours limitée aux utilisateurs existants, mais "
+"l'affichage des entrées d'erreur de connexion est imposé même si elles sont "
+"vides."
+
+#: faillog.8.xml:111(para)
+msgid ""
+"With the <option>-l</option>, <option>-m</option>, <option>-r</option>, "
+"<option>-t</option> options, the users' records are changed, even if the "
+"user does not exist on the system. This is useful to reset records of users "
+"that have been deleted or to set a policy in advance for a range of users."
+msgstr ""
+"Avec les options <option>-l</option>, <option>-m</option>, <option>-r</"
+"option> ou <option>-t</option> les enregistrements des utilisateurs sont "
+"modifiés, même si l'utilisateur n'existe pas sur le système. C'est utile "
+"pour remettre à zéro les enregistrements des utilisateurs qui ont été "
+"supprimés ou pour mettre en place une politique préventive pour un ensemble "
+"d'utilisateurs."
+
+#: faillog.8.xml:128(term)
+#| msgid ""
+#| "<option>-l</option>, <option>--lock-secs</option><replaceable>SEC</"
+#| "replaceable>"
+msgid ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+msgstr ""
+"<option>-l</option>, <option>--lock-secs</option>&nbsp;<replaceable>SEC</"
+"replaceable>"
+
+# NOTE: s/to/during/
+#: faillog.8.xml:132(para)
+msgid ""
+"Lock account for <replaceable>SEC</replaceable> seconds after failed login."
+msgstr ""
+"Verrouiller le compte pendant <replaceable>SEC</replaceable> secondes après "
+"un échec de connexion."
+
+#: faillog.8.xml:136(para) faillog.8.xml:161(para) faillog.8.xml:173(para)
+msgid ""
+"Write access to <filename>/var/log/faillog</filename> is required for this "
+"option."
+msgstr ""
+"L'accès en écriture sur <filename>/var/log/faillog</filename> est nécessaire "
+"pour cette option."
+
+#: faillog.8.xml:143(term)
+#| msgid ""
+#| "<option>-m</option>, <option>--maximum</option><replaceable>MAX</"
+#| "replaceable>"
+msgid ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--maximum</option>&nbsp;<replaceable>MAX</"
+"replaceable>"
+
+#: faillog.8.xml:147(para)
+msgid ""
+"Set the maximum number of login failures after the account is disabled to "
+"<replaceable>MAX</replaceable>."
+msgstr ""
+"Configurer le nombre maximum d'échecs de connexion après lequel le compte "
+"sera désactivé à <replaceable>MAX</replaceable>."
+
+#: faillog.8.xml:151(para)
+msgid ""
+"Selecting a <replaceable>MAX</replaceable> value of 0 has the effect of not "
+"placing a limit on the number of failed logins."
+msgstr ""
+"Sélectionner une valeur <replaceable>MAX</replaceable> de 0 a pour effet de "
+"ne placer aucune limite sur le nombre d'échecs de connexion."
+
+#: faillog.8.xml:156(para)
+msgid ""
+"The maximum failure count should always be 0 for <emphasis>root</emphasis> "
+"to prevent a denial of services attack against the system."
+msgstr ""
+"Le compteur d'erreurs maximum doit toujours être 0 pour <emphasis>root</"
+"emphasis> afin d'éviter les attaques de type déni de service sur le système."
+
+#: faillog.8.xml:168(term)
+msgid "<option>-r</option>, <option>--reset</option>"
+msgstr "<option>-r</option>, <option>--reset</option>"
+
+#: faillog.8.xml:170(para)
+msgid "Reset the counters of login failures."
+msgstr "Remettre à zéro le compteur d'échecs de connexion."
+
+#: faillog.8.xml:195(para)
+msgid ""
+"Display faillog records more recent than <replaceable>DAYS</replaceable>."
+msgstr ""
+"Afficher les entrées de faillog plus récentes que <replaceable>JOURS</"
+"replaceable>."
+
+#: faillog.8.xml:206(para)
+msgid ""
+"Display faillog record or maintains failure counters and limits (if used "
+"with <option>-l</option>, <option>-m</option> or <option>-r</option> "
+"options) only for the specified user(s)."
+msgstr ""
+"Afficher l'entrée de faillog ou maintient le décompte et les limitations "
+"(suivant que l'option <option>-l</option>, <option>-m</option> ou <option>-"
+"r</option> est utilisée) seulement pour les utilisateurs indiqués."
+
+#: faillog.8.xml:224(para)
+msgid ""
+"When none of the <option>-l</option>, <option>-m</option>, or <option>-r</"
+"option> options are used, <command>faillog</command> displays the faillog "
+"record of the specified user(s)."
+msgstr ""
+"Quand aucune des options <option>-l</option>, <option>-m</option> ou "
+"<option>-r</option> n'est utilisée, <command>faillog</command> affiche "
+"l'enregistrement des échecs de connexion des utilisateurs précisés."
+
+#: faillog.8.xml:233(para)
+msgid ""
+"<command>faillog</command> only prints out users with no successful login "
+"since the last failure. To print out a user who has had a successful login "
+"since their last failure, you must explicitly request the user with the "
+"<option>-u</option> flag, or print out all users with the <option>-a</"
+"option> flag."
+msgstr ""
+"<command>faillog</command> n'affiche que les utilisateurs n'ayant pas eu de "
+"connexion réussie depuis leur dernier échec. Pour afficher un utilisateur "
+"ayant eu une connexion réussie depuis son dernier échec, vous devez "
+"explicitement demander cet utilisateur avec l'option <option>-u</option>, ou "
+"demander l'affichage de tous les utilisateurs avec l'option <option>-a</"
+"option>."
+
+#: faillog.8.xml:246(filename) faillog.5.xml:99(filename)
+msgid "/var/log/faillog"
+msgstr "/var/log/faillog"
+
+#: faillog.8.xml:248(para) faillog.5.xml:101(para)
+msgid "Failure logging file."
+msgstr "Journal des échecs de connexion."
+
+#: faillog.8.xml:256(para)
+msgid ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>faillog</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: faillog.5.xml:65(refpurpose)
+msgid "login failure logging file"
+msgstr "journal des échecs de connexion"
+
+#: faillog.5.xml:70(para)
+msgid ""
+"<filename>/var/log/faillog</filename> maintains a count of login failures "
+"and the limits for each account."
+msgstr ""
+"<filename>/var/log/faillog</filename> maintient un compte des échecs de "
+"connexion et les limites pour chaque compte."
+
+#: faillog.5.xml:74(para)
+msgid ""
+"The file contains fixed length records, indexed by numerical UID. Each "
+"record contains the count of login failures since the last successful login; "
+"the maximum number of failures before the account is disabled; the line on "
+"which the last login failure occurred; the date of the last login failure; "
+"and the duration (in seconds) during which the account will be locked after "
+"a failure."
+msgstr ""
+"Le fichier contient un nombre constant d'enregistrements, triés par "
+"identifiant d'utilisateur numérique. Chaque enregistrement contient le "
+"nombre d'échecs de connexion depuis la dernière connexion réussie, le nombre "
+"maximum d'échecs de connexion avant désactivation du compte, la ligne sur "
+"laquelle a eu lieu le dernier échec de connexion, la date du dernier échec "
+"de connexion et la durée (en seconde) pendant laquelle le compte sera "
+"verrouillé après un échec."
+
+#: faillog.5.xml:84(para)
+msgid "The structure of the file is:"
+msgstr "La structure du fichier est la suivante :"
+
+#: faillog.5.xml:85(programlisting)
+#, no-wrap
+msgid ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;\n"
+"\tshort   fail_max;\n"
+"\tchar    fail_line[12];\n"
+"\ttime_t  fail_time;\n"
+"\tlong    fail_locktime;\n"
+"};"
+msgstr ""
+"\n"
+"struct\tfaillog {\n"
+"\tshort   fail_cnt;      /* compteur des échecs */\n"
+"\tshort   fail_max;      /* nb max avant désactivation */\n"
+"\tchar    fail_line[12]; /* ligne du dernier échec */\n"
+"\ttime_t  fail_time;     /* date du dernier échec */\n"
+"\tlong    fail_locktime;};"
+
+#: expiry.1.xml:45(contrib) chsh.1.xml:44(contrib) chfn.1.xml:44(contrib)
+#: chage.1.xml:42(contrib)
+msgid "Creation, 1990"
+msgstr "Création, 1990"
+
+#: expiry.1.xml:61(refentrytitle) expiry.1.xml:68(refname)
+#: expiry.1.xml:74(command)
+msgid "expiry"
+msgstr "expiry"
+
+#: expiry.1.xml:69(refpurpose)
+msgid "check and enforce password expiration policy"
+msgstr "Vérifier et sécuriser la durée de validité des mots de passe"
+
+#: expiry.1.xml:83(para)
+msgid ""
+"The <command>expiry</command> command checks (<option>-c</option>) the "
+"current password expiration and forces (<option>-f</option>) changes when "
+"required. It is callable as a normal user command."
+msgstr ""
+"Avec l'option <option>-c</option>, <command>expiry</command> vérifie la "
+"validité du mot de passe de l'utilisateur actuel, et force (avec l'option "
+"<option>-f</option>) des modifications si nécessaire. Il peut être appelé "
+"par un utilisateur normal."
+
+#: expiry.1.xml:92(para)
+msgid "The options which apply to the <command>expiry</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>expiry</command> sont :"
+
+#: expiry.1.xml:97(term)
+msgid "<option>-c</option>, <option>--check</option>"
+msgstr "<option>-c</option>, <option>--check</option>"
+
+#: expiry.1.xml:99(para)
+msgid "Check the password expiration of the current user."
+msgstr ""
+"Vérifier la durée de validité du mot de passe de l'utilisateur courant."
+
+#: expiry.1.xml:105(para)
+msgid "Force a password change if the current user has an expired password."
+msgstr ""
+"Forcer le changement du mot de passe si l'utilisateur courant possède un mot "
+"de passe qui a expiré."
+
+#: expiry.1.xml:140(para) chage.1.xml:312(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>shadow</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>."
+
+#: chsh.1.xml:68(refpurpose)
+msgid "change login shell"
+msgstr "Changer l'interpréteur de commandes initial"
+
+#: chsh.1.xml:85(para)
+msgid ""
+"The <command>chsh</command> command changes the user login shell. This "
+"determines the name of the user's initial login command. A normal user may "
+"only change the login shell for her own account; the superuser may change "
+"the login shell for any account."
+msgstr ""
+"La commande <command>chsh</command> modifie l'interpréteur de commandes "
+"initial (« login shell ») de l'utilisateur qui sera invoqué lors des "
+"connexions de l'utilisateur. Un utilisateur normal ne peut changer que "
+"l'interpréteur associé à son propre compte. Le superutilisateur peut changer "
+"l'interpréteur de commandes initial de n'importe quel compte."
+
+#: chsh.1.xml:96(para)
+msgid "The options which apply to the <command>chsh</command> command are:"
+msgstr "Les options applicables à la commande <command>chsh</command> sont :"
+
+#: chsh.1.xml:130(para)
+msgid ""
+"If the <option>-s</option> option is not selected, <command>chsh</command> "
+"operates in an interactive fashion, prompting the user with the current "
+"login shell. Enter the new value to change the shell, or leave the line "
+"blank to use the current one. The current shell is displayed between a pair "
+"of <emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Quand l'option <option>-s</option> n'est pas sélectionnée, <command>chsh</"
+"command> opère de façon interactive, demandant à l'utilisateur quel doit "
+"être le nouvel interpréteur de commandes initial (« login shell »). "
+"L'utilisateur pourra entrer une nouvelle valeur pour modifier "
+"l'interpréteur, ou laisser la ligne blanche pour conserver l'interpréteur "
+"actuel. L'interpréteur actuel est indiqué entre crochets (<emphasis>[ ]</"
+"emphasis>)."
+
+#: chsh.1.xml:141(para)
+msgid ""
+"The only restriction placed on the login shell is that the command name must "
+"be listed in <filename>/etc/shells</filename>, unless the invoker is the "
+"superuser, and then any value may be added. An account with a restricted "
+"login shell may not change her login shell. For this reason, placing "
+"<filename>/bin/rsh</filename> in <filename>/etc/shells</filename> is "
+"discouraged since accidentally changing to a restricted shell would prevent "
+"the user from ever changing her login shell back to its original value."
+msgstr ""
+"La seule restriction placée sur l'interpréteur de commandes initial (« login "
+"shell ») est que cette commande doit faire partie de <filename>/etc/shells</"
+"filename>, à moins qu'elle ne soit invoquée par le superutilisateur, qui "
+"peut ajouter n'importe quelle valeur. Un compte avec un interpréteur de "
+"commandes initial restreint ne peut pas changer son interpréteur. Pour cette "
+"raison, il est déconseillé de placer <filename>/bin/rsh</filename> dans "
+"<filename>/etc/shells</filename>, puisqu'une modification accidentelle vers "
+"un interpréteur restreint empêchera alors l'utilisateur de revenir ensuite à "
+"l'interpréteur précédent."
+
+#: chsh.1.xml:176(filename)
+msgid "/etc/shells"
+msgstr "/etc/shells"
+
+#: chsh.1.xml:178(para)
+msgid "List of valid login shells."
+msgstr "Liste des interpréteurs de commandes initiaux valables."
+
+#: chsh.1.xml:192(para)
+msgid ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chpasswd.8.xml:69(refpurpose)
+msgid "update passwords in batch mode"
+msgstr "Mettre à jour des mots de passe par lot"
+
+#: chpasswd.8.xml:83(para)
+msgid ""
+"The <command>chpasswd</command> command reads a list of user name and "
+"password pairs from standard input and uses this information to update a "
+"group of existing users. Each line is of the format:"
+msgstr ""
+"La commande <command>chpasswd</command> lit une liste de paires de noms "
+"d'utilisateurs et de mots de passe depuis l'entrée standard et utilise ces "
+"informations pour mettre à jour un groupe d'utilisateurs existants. Chaque "
+"ligne est au format suivant :"
+
+#: chpasswd.8.xml:88(para)
+msgid ""
+"<emphasis remap=\"I\">user_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">nom_utilisateur</emphasis>:<emphasis remap=\"I"
+"\">mot_de_passe</emphasis>"
+
+#: chpasswd.8.xml:92(para)
+msgid ""
+"By default the passwords must be supplied in clear-text, and are encrypted "
+"by <command>chpasswd</command>. Also the password age will be updated, if "
+"present."
+msgstr ""
+"Par défaut, les mots de passe doivent être fournis en clair, et sont "
+"chiffrés par <command>chpasswd</command>. L'âge du mot de passe sera "
+"également mis à jour, s'il est présent."
+
+#: chpasswd.8.xml:97(para)
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> variables "
+"of <filename>/etc/login.defs</filename>, and can be overwitten with the "
+"<option>-e</option>, <option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"L'algorithme de chiffrement par défaut peut être défini pour le système à "
+"l'aide des variables <option>ENCRYPT_METHOD</option> ou "
+"<option>MD5_CRYPT_ENAB</option> de <filename>/etc/login.defs</filename>, et "
+"peut être surchargé par les options <option>-e</option>, <option>-m</option> "
+"ou <option>-c</option>"
+
+#: chpasswd.8.xml:105(para)
+msgid ""
+"By default, passwords are encrypted by PAM, but (even if not recommended) "
+"you can select a different encryption method with the <option>-e</option>, "
+"<option>-m</option>, or <option>-c</option> options."
+msgstr ""
+"Par défaut les mots de passe sont chiffrés par PAM, mais (même si cela est "
+"déconseillé) vous pouvez sélectionner une méthode de chiffrement différente "
+"avec les options <option>-e</option>, <option>-m</option> ou <option>-c</"
+"option>."
+
+#: chpasswd.8.xml:111(para)
+msgid ""
+"<phrase condition=\"pam\">Except when PAM is used to encrypt the passwords,</"
+"phrase><command>chpasswd</command> first updates all the passwords in "
+"memory, and then commits all the changes to disk if no errors occured for "
+"any user."
+msgstr ""
+"<phrase condition=\"pam\">Sauf quand PAM est utilisé pour chiffrer les mots "
+"de passe, </phrase><command>chpasswd</command> modifie d'abord tous les mots "
+"de passe en mémoire, puis propage toutes les modifications sur le disque si "
+"aucune erreur n'a eu lieu, quelque soit l'utilisateur."
+
+#: chpasswd.8.xml:117(para)
+msgid ""
+"When PAM is used to encrypt the passwords (and update the passwords in the "
+"system database) then if a password cannot be updated <command>chpasswd</"
+"command> continues updating the passwords of the next users, and will return "
+"an error code on exit."
+msgstr ""
+"Quand PAM est utilisé pour chiffrer les mots de passe (et pour mettre à jour "
+"les mots de passe dans la base de données du système), si aucun mot de passe "
+"ne peut être mis à jour, <command>chpasswd</command> continuera la mise à "
+"jour des mots de passe pour les utilisateurs suivants, et renverra un code "
+"d'erreur en sortie."
+
+#: chpasswd.8.xml:123(para) chgpasswd.8.xml:98(para)
+msgid ""
+"This command is intended to be used in a large system environment where many "
+"accounts are created at a single time."
+msgstr ""
+"Cette commande est destinée aux gros systèmes pour lesquels un nombre "
+"importants de comptes sont créés en une seule fois."
+
+#: chpasswd.8.xml:131(para)
+msgid "The options which apply to the <command>chpasswd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>chpasswd</command> sont :"
+
+#: chpasswd.8.xml:137(term)
+#| msgid ""
+#| "<option>-c</option>, <option>--crypt-method</option><replaceable>METHOD</"
+#| "replaceable>"
+msgid ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>METHOD</replaceable>"
+msgstr ""
+"<option>-c</option>, <option>--crypt-method</option>&nbsp;"
+"<replaceable>MÉTHODE</replaceable>"
+
+#: chpasswd.8.xml:142(para) chgpasswd.8.xml:115(para)
+msgid "The available methods are DES, MD5, and NONE."
+msgstr "Les méthodes disponibles sont DES, MD5 et NONE."
+
+#: chpasswd.8.xml:149(para)
+msgid "By default, PAM is used to encrypt the passwords."
+msgstr "Par défaut, PAM est utilisé pour chiffrer les mots de passe."
+
+#: chpasswd.8.xml:152(para)
+msgid ""
+"By default (if none of the <option>-c</option>, <option>-m</option>, or "
+"<option>-e</option> options are specified), the encryption method is defined "
+"by the <option>ENCRYPT_METHOD</option> or <option>MD5_CRYPT_ENAB</option> "
+"variables of <filename>/etc/login.defs</filename>."
+msgstr ""
+"Par défaut (si aucune des options <option>-c</option>, <option>-m</option> "
+"ou <option>-e</option> n'est précisée), la méthode de chiffrement est "
+"définie par les variables <option>ENCRYPT_METHOD</option> ou "
+"<option>MD5_CRYPT_ENAB</option> de <filename>/etc/login.defs</filename>."
+
+#: chpasswd.8.xml:163(term) chgpasswd.8.xml:125(term)
+msgid "<option>-e</option>, <option>--encrypted</option>"
+msgstr "<option>-e</option>, <option>--encrypted</option>"
+
+#: chpasswd.8.xml:165(para) chgpasswd.8.xml:127(para)
+msgid "Supplied passwords are in encrypted form."
+msgstr "Indiquer que les mots de passe fournis sont chiffrés."
+
+#: chpasswd.8.xml:179(term) chgpasswd.8.xml:137(term)
+msgid "<option>-m</option>, <option>--md5</option>"
+msgstr "<option>-m</option>, <option>--md5</option>"
+
+#: chpasswd.8.xml:181(para) chgpasswd.8.xml:139(para)
+msgid ""
+"Use MD5 encryption instead of DES when the supplied passwords are not "
+"encrypted."
+msgstr ""
+"Permettre d'utiliser le chiffrement MD5, plutôt que DES, lorsque les mots de "
+"passe fournis ne sont pas chiffrés."
+
+#: chpasswd.8.xml:200(term)
+#| msgid ""
+#| "<option>-s</option>, <option>--sha-rounds</option><replaceable>ROUNDS</"
+#| "replaceable>"
+msgid ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+msgstr ""
+"<option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</"
+"replaceable>"
+
+#: chpasswd.8.xml:219(para)
+msgid ""
+"By default, the number of rounds is defined by the "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> and <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> variables in <filename>/etc/login.defs</filename>."
+msgstr ""
+"Par défaut, le nombre de rounds est défini par les variables "
+"<option>SHA_CRYPT_MIN_ROUNDS</option> et <option>SHA_CRYPT_MAX_ROUNDS</"
+"option> dans <filename>/etc/login.defs</filename>."
+
+#: chpasswd.8.xml:232(para) chgpasswd.8.xml:187(para)
+msgid ""
+"Remember to set permissions or umask to prevent readability of unencrypted "
+"files by other users."
+msgstr ""
+"Pensez à configurer les permissions ou umask afin d'empêcher la lecture des "
+"fichiers non chiffrés par les autres utilisateurs."
+
+#: chpasswd.8.xml:276(filename)
+msgid "/etc/pam.d/chpasswd"
+msgstr "/etc/pam.d/chpasswd"
+
+#: chpasswd.8.xml:278(para)
+msgid "PAM configuration for <command>chpasswd</command>."
+msgstr "Configuration de PAM pour <command>chpasswd</command>."
+
+#: chpasswd.8.xml:286(para)
+msgid ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>newusers</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<phrase><citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>, </phrase><citerefentry><refentrytitle>useradd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#: chgpasswd.8.xml:47(contrib)
+msgid "Creation, 2006"
+msgstr "Création, 2006"
+
+#: chgpasswd.8.xml:65(refpurpose)
+msgid "update group passwords in batch mode"
+msgstr "Mettre à jour par lot des mots de passe des groupes"
+
+#: chgpasswd.8.xml:79(para)
+msgid ""
+"The <command>chgpasswd</command> command reads a list of group name and "
+"password pairs from standard input and uses this information to update a set "
+"of existing groups. Each line is of the format:"
+msgstr ""
+"La commande <command>chgpasswd</command> lit une liste de paires de noms de "
+"groupes et de mots de passe depuis l'entrée standard et utilise ces "
+"informations pour mettre à jour un ensemble de groupes existants. Chaque "
+"ligne est au format suivant :"
+
+#: chgpasswd.8.xml:84(para)
+msgid ""
+"<emphasis remap=\"I\">group_name</emphasis>:<emphasis remap=\"I\">password</"
+"emphasis>"
+msgstr ""
+"<emphasis remap=\"I\">nom_utilisateur</emphasis>:<emphasis remap=\"I"
+"\">mot_de_passe</emphasis>"
+
+#: chgpasswd.8.xml:88(para)
+msgid ""
+"By default the supplied password must be in clear-text, and is encrypted by "
+"<command>chgpasswd</command>."
+msgstr ""
+"Par défaut, le mot de passe doit être fourni en clair, et est chiffré par "
+"<command>chgpasswd</command>."
+
+#: chgpasswd.8.xml:92(para)
+msgid ""
+"The default encryption algorithm can be defined for the system with the "
+"<option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</"
+"filename>, and can be overwiten with the <option>-e</option>, <option>-m</"
+"option>, or <option>-c</option> options."
+msgstr ""
+"L'algorithme de chiffrement peut être défini pour le système avec la "
+"variable <option>ENCRYPT_METHOD</option> de <filename>/etc/login.defs</"
+"filename> et peut être surchargé avec les options <option>-e</option>, "
+"<option>-m</option> ou <option>-c</option>."
+
+#: chgpasswd.8.xml:106(para)
+msgid ""
+"The options which apply to the <command>chgpasswd</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>chgpasswd</command> sont :"
+
+#: chgpasswd.8.xml:238(para)
+msgid ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>1</"
+"manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+"refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+"manvolnum></citerefentry>."
+
+#: chfn.1.xml:68(refpurpose)
+msgid "change real user name and information"
+msgstr "Modifier le nom complet et les informations associées à un utilisateur"
+
+#: chfn.1.xml:85(para)
+msgid ""
+"The <command>chfn</command> command changes user fullname, office room "
+"number, office phone number, and home phone number information for a user's "
+"account. This information is typically printed by "
+"<citerefentry><refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry> and similar programs. A normal user may only change the fields "
+"for her own account, subject to the restrictions in <filename>/etc/login."
+"defs</filename>. (The default configuration is to prevent users from "
+"changing their fullname.) The superuser may change any field for any "
+"account. Additionally, only the superuser may use the <option>-o</option> "
+"option to change the undefined portions of the GECOS field."
+msgstr ""
+"La commande <command>chfn</command> modifie le nom complet d'un utilisateur, "
+"son numéro de bureau, son numéro de téléphone professionnel, son extension, "
+"et son numéro de téléphone personnel. Ces informations sont généralement "
+"affichées par <citerefentry><refentrytitle>finger</"
+"refentrytitle><manvolnum>1</manvolnum></citerefentry> ou d'autres programmes "
+"similaires. Un utilisateur normal ne peut modifier que les informations "
+"associées à son propre compte, avec les restrictions précisées dans "
+"<filename>/etc/login.defs</filename>. (Par défaut, les utilisateurs ne "
+"peuvent pas modifier leur nom complet). Le superutilisateur peut modifier "
+"n'importe quel champ pour n'importe quel compte. De plus, seul le "
+"superutilisateur peut utiliser l'option <option>-o</option> pour modifier "
+"les parties non précisées du champ GECOS."
+
+#: chfn.1.xml:99(para)
+msgid ""
+"These fields must not contain any colons. Except for the <emphasis remap=\"I"
+"\">other</emphasis> field, they should not contain any comma or equal sign. "
+"It is also recommended to avoid non-US-ASCII characters, but this is only "
+"enforced for the phone numbers. The <emphasis remap=\"I\">other</emphasis> "
+"field is used to store accounting information used by other applications."
+msgstr ""
+"Ces champs ne doivent contenir aucun « : ». À l'exception du champ <emphasis "
+"remap=\"I\">autre</emphasis>, ils ne doivent contenir aucune virgule ou "
+"signe égal. Il est également recommandé d'éviter les caractères non US-"
+"ASCII, mais cela n'est imposé que pour les numéros de téléphone. Le champ "
+"<emphasis remap=\"I\">autre</emphasis> est utilisé pour garder des "
+"informations de compte utilisées par d'autres applications."
+
+#: chfn.1.xml:112(para)
+msgid "The options which apply to the <command>chfn</command> command are:"
+msgstr "Les options applicables à la commande <command>chfn</command> sont :"
+
+#: chfn.1.xml:117(term)
+#| msgid ""
+#| "<option>-f</option>, <option>--full-name</option><replaceable>FULL_NAME</"
+#| "replaceable>"
+msgid ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>FULL_NAME</replaceable>"
+msgstr ""
+"<option>-f</option>, <option>--full-name</option>&nbsp;"
+"<replaceable>NOM_COMPLET</replaceable>"
+
+#: chfn.1.xml:121(para)
+msgid "Change the user's full name."
+msgstr "Modifier le nom complet de l'utilisateur."
+
+#: chfn.1.xml:125(term)
+#| msgid ""
+#| "<option>-h</option>, <option>--home-phone</"
+#| "option><replaceable>HOME_PHONE</replaceable>"
+msgid ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>HOME_PHONE</replaceable>"
+msgstr ""
+"<option>-h</option>, <option>--home-phone</option>&nbsp;"
+"<replaceable>TEL_PERSO</replaceable>"
+
+#: chfn.1.xml:129(para)
+msgid "Change the user's home phone number."
+msgstr "Modifier le numéro de téléphone personnel de l'utilisateur."
+
+#: chfn.1.xml:133(term)
+#| msgid ""
+#| "<option>-o</option>, <option>--other</option><replaceable>OTHER</"
+#| "replaceable>"
+msgid ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>OTHER</"
+"replaceable>"
+msgstr ""
+"<option>-o</option>, <option>--other</option>&nbsp;<replaceable>AUTRE</"
+"replaceable>"
+
+#: chfn.1.xml:137(para)
+msgid ""
+"Change the user's other GECOS information. This field is used to store "
+"accounting information used by other applications, and can be changed only "
+"by a superuser."
+msgstr ""
+"Modifier les informations GECO de l'utilisateur. Ce champ est utilisé pour "
+"enregistrer les informations de l'utilisateur utilisées par d'autres "
+"applications et peut être changé seulement par un superutilisateur."
+
+#: chfn.1.xml:145(term)
+#| msgid ""
+#| "<option>-r</option>, <option>--room</option><replaceable>ROOM_NUMBER</"
+#| "replaceable>"
+msgid ""
+"<option>-r</option>, <option>--room</option>&nbsp;<replaceable>ROOM_NUMBER</"
+"replaceable>"
+msgstr ""
+"<option>-r</option>, <option>--room</option>&nbsp;"
+"<replaceable>NUMÉRO_DE_BUREAU</replaceable>"
+
+#: chfn.1.xml:149(para)
+msgid "Change the user's room number."
+msgstr "Modifier le numéro de bureau de l'utilisateur."
+
+#: chfn.1.xml:165(term)
+msgid "<option>-u</option>, <option>--help</option>"
+msgstr "<option>-u</option>, <option>--help</option>"
+
+#: chfn.1.xml:173(term)
+#| msgid ""
+#| "<option>-w</option>, <option>--work-phone</"
+#| "option><replaceable>WORK_PHONE</replaceable>"
+msgid ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>WORK_PHONE</replaceable>"
+msgstr ""
+"<option>-w</option>, <option>--work-phone</option>&nbsp;"
+"<replaceable>TEL_PRO</replaceable>"
+
+#: chfn.1.xml:177(para)
+msgid "Change the user's office phone number."
+msgstr "Modifier le numéro de téléphone professionnel de l'utilisateur."
+
+#: chfn.1.xml:181(para)
+msgid ""
+"If none of the options are selected, <command>chfn</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis remap=\"B\">[ ]</emphasis> marks. Without options, <command>chfn</"
+"command> prompts for the current user account."
+msgstr ""
+"Si aucune option n'est sélectionnée, <command>chfn</command> opère de "
+"manière interactive, demandant à l'utilisateur d'entrer les valeurs "
+"actuelles de chacun des champs. Entrer une nouvelle valeur pour la modifier, "
+"ou de laisser une ligne blanche pour conserver la valeur actuelle. La valeur "
+"actuelle est indiquée entre crochets (<emphasis remap=\"B\">[ ]</emphasis>). "
+"En l'absence d'option, <command>chfn</command> opère sur l'utilisateur "
+"actuel."
+
+#: chfn.1.xml:226(para)
+msgid ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+msgstr ""
+"<citerefentry><refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum></"
+"citerefentry>, <citerefentry><refentrytitle>login.defs</"
+"refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+"<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></"
+"citerefentry>."
+
+#: chage.1.xml:66(refpurpose)
+msgid "change user password expiry information"
+msgstr "Modifier les informations de validité d'un mot de passe"
+
+#: chage.1.xml:82(para)
+msgid ""
+"The <command>chage</command> command changes the number of days between "
+"password changes and the date of the last password change. This information "
+"is used by the system to determine when a user must change his/her password."
+msgstr ""
+"La commande <command>chage</command> modifie le nombre de jours entre les "
+"changements de mot de passe et la date du dernier changement. Ces "
+"informations sont utilisées par le système pour déterminer si un utilisateur "
+"doit changer son mot de passe."
+
+#: chage.1.xml:92(para)
+msgid "The options which apply to the <command>chage</command> command are:"
+msgstr ""
+"Les options disponibles pour la commande <command>chage</command> sont :"
+
+#: chage.1.xml:97(term)
+#| msgid ""
+#| "<option>-d</option>, <option>--lastday</option><replaceable>LAST_DAY</"
+#| "replaceable>"
+msgid ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;<replaceable>LAST_DAY</"
+"replaceable>"
+msgstr ""
+"<option>-d</option>, <option>--lastday</option>&nbsp;"
+"<replaceable>DERNIER_JOUR</replaceable>"
+
+#: chage.1.xml:101(para)
+msgid ""
+"Set the number of days since January 1st, 1970 when the password was last "
+"changed. The date may also be expressed in the format YYYY-MM-DD (or the "
+"format more commonly used in your area)."
+msgstr ""
+"Configurer le nombre du jour, à compter du 1er janvier 1970, où le mot de "
+"passe a été changé la dernière fois. La date peut aussi être exprimée dans "
+"le format AAAA-MM-JJ (ou le format utilisé plus communément dans votre "
+"région)."
+
+#: chage.1.xml:109(term)
+#| msgid ""
+#| "<option>-E</option>, <option>--expiredate</"
+#| "option><replaceable>EXPIRE_DATE</replaceable>"
+msgid ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>EXPIRE_DATE</replaceable>"
+msgstr ""
+"<option>-E</option>, <option>--expiredate</option>&nbsp;"
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable>"
+
+# NOTE: s/date//
+#: chage.1.xml:113(para)
+msgid ""
+"Set the date or number of days since January 1, 1970 on which the user's "
+"account will no longer be accessible. The date may also be expressed in the "
+"format YYYY-MM-DD (or the format more commonly used in your area). A user "
+"whose account is locked must contact the system administrator before being "
+"able to use the system again."
+msgstr ""
+"Configurer la date, ou le nombre de jours à compter du 1er janvier 1970, à "
+"partir de laquelle le compte de l'utilisateur ne sera plus accessible. La "
+"date peut aussi être exprimée dans le format AAAA-MM-JJ (ou le format plus "
+"communément utilisé dans votre région). Un utilisateur dont le compte est "
+"bloqué doit contacter l'administrateur système pour pouvoir utiliser à "
+"nouveau le système."
+
+#: chage.1.xml:121(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>EXPIRE_DATE</replaceable> will remove an account expiration "
+"date."
+msgstr ""
+"Une valeur de <emphasis remap=\"I\">-1</emphasis> pour "
+"<replaceable>DATE_FIN_VALIDITÉ</replaceable> aura pour effet de supprimer la "
+"date de fin de validité."
+
+#: chage.1.xml:135(term)
+#| msgid ""
+#| "<option>-I</option>, <option>--inactive</option><replaceable>INACTIVE</"
+#| "replaceable>"
+msgid ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;<replaceable>INACTIVE</"
+"replaceable>"
+msgstr ""
+"<option>-I</option>, <option>--inactive</option>&nbsp;"
+"<replaceable>DURÉE_INACTIVITÉ</replaceable>"
+
+#: chage.1.xml:139(para)
+msgid ""
+"Set the number of days of inactivity after a password has expired before the "
+"account is locked. The <replaceable>INACTIVE</replaceable> option is the "
+"number of days of inactivity. A user whose account is locked must contact "
+"the system administrator before being able to use the system again."
+msgstr ""
+"Configurer le nombre de jours d'inactivité, après qu'un mot de passe ait "
+"dépassé la date de fin de validité, avant que le compte ne soit bloqué. La "
+"valeur <replaceable>DURÉE_INACTIVITÉ</replaceable> est le nombre de jours "
+"d'inactivité. Un utilisateur dont le compte est bloqué doit contacter "
+"l'administrateur système avant de pouvoir utiliser de nouveau le système."
+
+#: chage.1.xml:146(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as the "
+"<replaceable>INACTIVE</replaceable> will remove an account's inactivity."
+msgstr ""
+"Une valeur de <emphasis remap=\"I\">-1</emphasis> pour "
+"<replaceable>DURÉE_INACTIVITÉ</replaceable> supprime la durée d'inactivité "
+"pour un compte."
+
+#: chage.1.xml:158(para)
+msgid "Show account aging information."
+msgstr "Afficher les informations sur l'âge des comptes."
+
+#: chage.1.xml:164(term)
+#| msgid ""
+#| "<option>-m</option>, <option>--mindays</option><replaceable>MIN_DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>MIN_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-m</option>, <option>--mindays</option>&nbsp;<replaceable>JOURS_MIN</"
+"replaceable>"
+
+#: chage.1.xml:176(term)
+#| msgid ""
+#| "<option>-M</option>, <option>--maxdays</option><replaceable>MAX_DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>MAX_DAYS</"
+"replaceable>"
+msgstr ""
+"<option>-M</option>, <option>--maxdays</option>&nbsp;<replaceable>JOURS_MAX</"
+"replaceable>"
+
+#: chage.1.xml:180(para)
+msgid ""
+"Set the maximum number of days during which a password is valid. When "
+"<replaceable>MAX_DAYS</replaceable> plus <replaceable>LAST_DAY</replaceable> "
+"is less than the current day, the user will be required to change his/her "
+"password before being able to use his/her account. This occurrence can be "
+"planned for in advance by use of the <option>-W</option> option, which "
+"provides the user with advance warning."
+msgstr ""
+"Configurer le nombre maximum de jours pendant lesquels un mot de passe est "
+"valable. Quand <replaceable>JOURS_MAX</replaceable> plus "
+"<replaceable>DERNIER_JOUR</replaceable> est inférieur à la date actuelle, "
+"l'utilisateur est obligé de changer son mot de passe avant de pouvoir "
+"utiliser son compte. Cet événement peut être déclenché plus tôt grâce à "
+"l'option <option>-W</option> qui prévient l'utilisateur à l'avance par un "
+"message d'alerte."
+
+#: chage.1.xml:189(para)
+msgid ""
+"Passing the number <emphasis remap=\"I\">-1</emphasis> as "
+"<replaceable>MAX_DAYS</replaceable> will remove checking a password's "
+"validity."
+msgstr ""
+"Une valeur de <emphasis remap=\"I\">-1</emphasis> pour "
+"<replaceable>JOURS_MAX</replaceable> supprime la vérification de validité."
+
+#: chage.1.xml:209(term)
+#| msgid ""
+#| "<option>-W</option>, <option>--warndays</option><replaceable>WARN_DAYS</"
+#| "replaceable>"
+msgid ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>WARN_DAYS</replaceable>"
+msgstr ""
+"<option>-W</option>, <option>--warndays</option>&nbsp;"
+"<replaceable>DURÉE_AVERTISSEMENT</replaceable>"
+
+#: chage.1.xml:213(para)
+msgid ""
+"Set the number of days of warning before a password change is required. The "
+"<replaceable>WARN_DAYS</replaceable> option is the number of days prior to "
+"the password expiring that a user will be warned his/her password is about "
+"to expire."
+msgstr ""
+"Configurer le nombre de jours d'avertissement avant que le changement de mot "
+"de passe ne soit obligatoire. La valeur <replaceable>DURÉE_AVERTISSEMENT</"
+"replaceable> est le nombre de jours précédant la fin de validité pendant "
+"lesquels un utilisateur sera prévenu que son mot de passe est sur le point "
+"d'arriver en fin de validité."
+
+#: chage.1.xml:222(para)
+msgid ""
+"If none of the options are selected, <command>chage</command> operates in an "
+"interactive fashion, prompting the user with the current values for all of "
+"the fields. Enter the new value to change the field, or leave the line blank "
+"to use the current value. The current value is displayed between a pair of "
+"<emphasis>[ ]</emphasis> marks."
+msgstr ""
+"Si aucune de ces options n'est donnée, <command>chage</command> utilise un "
+"mode interactif, demandant confirmation à l'utilisateur pour les valeurs de "
+"tous les champs. Entrez la nouvelle valeur pour modifier la valeur du champ, "
+"ou laissez la ligne vide pour conserver la valeur actuelle. La valeur "
+"actuelle est affichée entre crochets."
+
+#: chage.1.xml:232(para)
+msgid ""
+"The <command>chage</command> program requires a shadow password file to be "
+"available."
+msgstr ""
+"Le programme <command>chage</command> nécessite l'utilisation d'un fichier "
+"de mots de passe cachés (« shadow password file »)."
+
+#: chage.1.xml:236(para)
+msgid ""
+"The <command>chage</command> command is restricted to the root user, except "
+"for the <option>-l</option> option, which may be used by an unprivileged "
+"user to determine when his/her password or account is due to expire."
+msgstr ""
+"La commande <command>chage</command> est réservée à l'utilisateur root, sauf "
+"pour l'option <option>-l</option>, qui peut être utilisée par un utilisateur "
+"non privilégié pour lui permettre de savoir quand son mot de passe ou son "
+"compte arrivera en fin de validité."
+
+#: chage.1.xml:301(replaceable)
+msgid "15"
+msgstr "15"
+
+#: chage.1.xml:303(para)
+msgid "can't find the shadow password file"
+msgstr "impossible de trouver le fichier des mots de passe cachés"
+
+#: chage.1.xml:279(para)
+msgid ""
+"The <command>chage</command> command exits with the following values: "
+"<placeholder-1/>"
+msgstr ""
+"La commande <command>chage</command> retourne les valeurs suivantes en "
+"quittant : <placeholder-1/>"
+
+#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
+#: chage.1.xml:0(None)
+msgid "translator-credits"
+msgstr ""
+"Nicolas FRANÇOIS <nicolas.francois@centraliens.net>, 2005-2010Thomas Blein "
+"<tblein@tblein.eu>, 2011-2012Debian French l10n team <debian-l10n-"
+"french@lists.debian.org>, 2011-2012"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>gpasswd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupadd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupdel</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupmod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>usermod</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>."
+
+#~ msgid "Kłoczko"
+#~ msgstr "KÅ‚oczko"
+
+#~ msgid "François"
+#~ msgstr "François"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>login.defs</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>passwd</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "13"
+#~ msgstr "13"
+
+#~ msgid "can't create mail spool"
+#~ msgstr "impossible de créer le répertoire d'attente des courriels"
+
+#~ msgid ""
+#~ "The SELinux user for the user's login. The default is to leave this field "
+#~ "the blank, which causes the system to select the default SELinux user."
+#~ msgstr ""
+#~ "Identifiant SELinux du nouvel utilisateur. Cette valeur est vide par "
+#~ "défaut et, dans ce cas, le système sélectionnera l'utilisateur SELinux "
+#~ "par défaut."
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>chfn</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>chsh</"
+#~ "refentrytitle><manvolnum>1</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>1</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>gpasswd</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>groupadd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>groupdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>useradd</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>userdel</"
+#~ "refentrytitle><manvolnum>8</manvolnum></citerefentry>, "
+#~ "<citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "-q"
+#~ msgstr "-q"
+
+#~ msgid "-s"
+#~ msgstr "-s"
+
+#~ msgid ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+#~ msgstr ""
+#~ "<citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</"
+#~ "manvolnum></citerefentry>, <citerefentry><refentrytitle>shadow</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, <phrase condition="
+#~ "\"no_pam\"><citerefentry><refentrytitle>login.defs</"
+#~ "refentrytitle><manvolnum>5</manvolnum></citerefentry>, </"
+#~ "phrase><citerefentry><refentrytitle>usermod</refentrytitle><manvolnum>8</"
+#~ "manvolnum></citerefentry>."
+
+#~ msgid "new_users"
+#~ msgstr "nouveaux_utilisateurs"
+
+#~ msgid "full_name"
+#~ msgstr "nom_complet"
+
+#~ msgid "-f <placeholder-1/>"
+#~ msgstr "-f <placeholder-1/>"
+
+#~ msgid "room_no"
+#~ msgstr "no_bureau"
+
+#~ msgid "work_ph"
+#~ msgstr "tel_bureau"
+
+#~ msgid "-w <placeholder-1/>"
+#~ msgstr "-w <placeholder-1/>"
+
+#~ msgid "home_ph"
+#~ msgstr "tel_perso"
+
+#~ msgid "other"
+#~ msgstr "autre"
+
+#~ msgid "-o <placeholder-1/>"
+#~ msgstr "-o <placeholder-1/>"
+
+#~ msgid ""
+#~ "Note: <option>-K </option><replaceable>UID_MIN</"
+#~ "replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
+#~ "replaceable>=<replaceable>499</replaceable> doesn't work yet."
+#~ msgstr ""
+#~ "Note : <option>-K</option> <replaceable>UID_MIN</"
+#~ "replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</"
+#~ "replaceable>=<replaceable>499</replaceable> ne fonctionne pas pour "
+#~ "l'instant."
+
+#~ msgid "It can take one of these values: <placeholder-1/>"
+#~ msgstr "Il peut prendre une de ces valeurs : <placeholder-1/>"
+
+#~ msgid "The supplied passwords must be in clear-text."
+#~ msgstr "Les mots de passe doivent être fournis en clair."
+
+#~ msgid ""
+#~ "The encrypted password, as returned by "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>. The default is to disable the account."
+#~ msgstr ""
+#~ "Le mot de passe chiffré, comme renvoyé par "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry>. Le comportement par défaut est de désactiver "
+#~ "le compte."
+
+# NOTE: shadowed, not encrypted
+#~ msgid "encrypted password file"
+#~ msgstr "fichier des mots de passe cachés"
+
+#~ msgid "comma-separated list of group administrators"
+#~ msgstr "liste d'administrateurs du groupe séparés par des virgules"
+
+#~ msgid ""
+#~ "The group name and password fields must be filled. The encrypted password "
+#~ "consists of characters from the 64-character alphabet a thru z, A thru Z, "
+#~ "0 thru 9, \\. and /. Refer to <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry> for details on how "
+#~ "this string is interpreted. If the password field contains some string "
+#~ "that is not valid result of <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, for instance ! or "
+#~ "*, the user will not be able to use a unix password to log in, subject to "
+#~ "<citerefentry><refentrytitle>pam</refentrytitle><manvolnum>7</manvolnum></"
+#~ "citerefentry>."
+#~ msgstr ""
+#~ "Les champs « nom du groupe » et « mot de passe » doivent être remplis. Le "
+#~ "mot de passe chiffré comprend 13 caractères pris dans l'alphabet de 64 "
+#~ "caractères a-z, A-Z, 0-9, \\. et /. Consultez "
+#~ "<citerefentry><refentrytitle>crypt</refentrytitle><manvolnum>3</"
+#~ "manvolnum></citerefentry> pour plus d'informations sur le traitement de "
+#~ "cette chaîne. Si le champ du mot de passe contient une chaîne qui ne peut "
+#~ "pas être un résultat valable de <citerefentry><refentrytitle>crypt</"
+#~ "refentrytitle><manvolnum>3</manvolnum></citerefentry>, par exemple si "
+#~ "elle contient les caractères ! ou *, alors l'utilisateur ne pourra pas "
+#~ "utiliser son mot de passe UNIX pour se connecter. Ceci peut dépendre de "
+#~ "<citerefentry><refentrytitle>pam</refentrytitle><manvolnum>7</manvolnum></"
+#~ "citerefentry>."
+
+#, fuzzy
+#~ msgid ""
+#~ "The group ID of the given <replaceable>GROUP</replaceable> will be "
+#~ "changed to <replaceable>GID</replaceable>. The value of <replaceable>GID</"
+#~ "replaceable> must be a non-negative decimal integer. This value must be "
+#~ "unique, unless the <option>-o</option> option is used. Values between 0 "
+#~ "and 999 are typically reserved for system groups. Any files that have the "
+#~ "old group ID and must continue to belong to <replaceable>GROUP</"
+#~ "replaceable>, must have their group ID changed manually."
+#~ msgstr ""
+#~ "Indiquer la nouvelle Valeur numérique de l'identifiant du "
+#~ "<replaceable>GROUPE</replaceable> (« group ID » ou GID). La valeur de "
+#~ "<replaceable>GID</replaceable> doit être un entier décimal non négatif. "
+#~ "Cette valeur doit être unique, à moins que l'option <option>-o</option> "
+#~ "ne soit utilisée. Les valeurs comprises entre 0 et 999 sont généralement "
+#~ "réservées aux comptes système. Vous devrez modifier vous-même le groupe "
+#~ "propriétaire de tous les fichiers possédés par ce groupe."
+
+#~ msgid ""
+#~ "Note: if you use PAM, it is recommended to set this variable consistently "
+#~ "with the PAM modules configuration."
+#~ msgstr ""
+#~ "Remarque : si vous utilisez PAM, il est recommandé d'ajuster cette "
+#~ "variable de façon cohérente avec la configuration des modules PAM."
+
+#~| msgid ""
+#~| "<command>usermod</command> will not allow you to change the name of a "
+#~| "user who is logged in. You must make certain that the named user is not "
+#~| "executing any processes when this command is being executed if the "
+#~| "user's numerical user ID is being changed. You must change the owner of "
+#~| "any <command>crontab</command> files manually. You must change the owner "
+#~| "of any <command>at</command> jobs manually. You must make any changes "
+#~| "involving NIS on the NIS server."
+#~ msgid ""
+#~ "<command>usermod</command> will not allow you to change the name of an "
+#~ "user who is logged in. You must make certain that the named user is not "
+#~ "executing any processes when this command is being executed if the user's "
+#~ "numerical user ID is being changed. You must change the owner of any "
+#~ "<command>crontab</command> files manually. You must change the owner of "
+#~ "any <command>at</command> jobs manually. You must make any changes "
+#~ "involving NIS on the NIS server."
+#~ msgstr ""
+#~ "<command>Usermod</command> ne vous permet pas de modifier le nom d'un "
+#~ "utilisateur qui est actuellement connecté. Vous devez vous assurer que "
+#~ "l'utilisateur nommé n'est pas en train d'exécuter un quelconque programme "
+#~ "lorsque cette commande est exécutée si l'UID numérique de l'utilisateur "
+#~ "est modifié. Vous devez modifier vous-même le nom du propriétaire de tous "
+#~ "les fichiers <command>crontab</command> et des tâches <command>at</"
+#~ "command>. Vous devez effectuer toutes les modifications impliquant NIS "
+#~ "sur le serveur NIS."
+
+#~ msgid ""
+#~ "<command>userdel</command> will not allow you to remove an account if the "
+#~ "user is currently logged in. You must kill any running processes which "
+#~ "belong to an account that you are deleting."
+#~ msgstr ""
+#~ "<command>Userdel</command> ne vous permet pas de supprimer un compte si "
+#~ "l'utilisateur en question est actuellement connecté. Vous devez tuer tous "
+#~ "les processus en cours d'exécution appartenant à l'utilisateur que vous "
+#~ "êtes en train de supprimer."
+
+#~ msgid ""
+#~ "The group name or number of the user's new initial login group. The group "
+#~ "name must exist. A group number must refer to an already existing group. "
+#~ "The default group number is 1."
+#~ msgstr ""
+#~ "Nom du groupe ou identifiant numérique du groupe de connexion initial de "
+#~ "l'utilisateur. Le nom du groupe doit exister. Un numéro de groupe doit se "
+#~ "référer à un groupe déjà existant. Le numéro de groupe par défaut est de "
+#~ "1."
+
+#~ msgid ""
+#~ "The group name or number of the user's initial login group. The group "
+#~ "name must exist. A group number must refer to an already existing group. "
+#~ "The default group number is 1 or whatever is specified in <filename>/etc/"
+#~ "default/useradd</filename>."
+#~ msgstr ""
+#~ "Nom ou ou numéro du groupe de connexion initial de l'utilisateur. Le nom "
+#~ "du groupe doit exister. Un numéro de groupe doit se référer à un groupe "
+#~ "existant. Le numéro de groupe par défaut est de 1, ou la valeur indiquée "
+#~ "dans <filename>/etc/default/useradd</filename>."
+
+#~ msgid ""
+#~ "The group name or ID for a new user's initial group. The named group must "
+#~ "exist, and a numerical group ID must have an existing entry."
+#~ msgstr ""
+#~ "Nom de groupe ou identifiant numérique du groupe initial d'un nouvel "
+#~ "utilisateur. Le groupe spécifié doit exister, et un identifiant de groupe "
+#~ "numérique doit déjà exister."
+
+#~ msgid "days since Jan 1, 1970 that password was last changed"
+#~ msgstr ""
+#~ "nombre de jours, comptés à partir du 1er janvier 1970, depuis le dernier "
+#~ "changement de mot de passe"
+
+#~ msgid "days after which password must be changed"
+#~ msgstr "nombre de jours après lesquels le mot de passe doit être changé"
+
+#~ msgid "days before password is to expire that user is warned"
+#~ msgstr ""
+#~ "nombre de jours avant la fin de validité du mot de passe et pendant "
+#~ "lesquels l'utilisateur est averti"
+
+#~ msgid "days after password expires that account is disabled"
+#~ msgstr ""
+#~ "nombre de jours après la fin de validité provoquant la désactivation du "
+#~ "compte"
+
+#~ msgid "days since Jan 1, 1970 that account is disabled"
+#~ msgstr ""
+#~ "nombre de jours, comptés à partir du 1er janvier 1970, depuis que le "
+#~ "compte est désactivé"
+
+#, fuzzy
+#~ msgid ""
+#~ "The password field must be filled. The encrypted password consists of 13 "
+#~ "to 24 characters from the 64 character alphabet a thru z, A thru Z, 0 "
+#~ "thru 9, \\. and /. Optionally it can start with a \"$\" character. This "
+#~ "means the encrypted password was generated using another (not DES) "
+#~ "algorithm. For example if it starts with \"$1$\" it means the MD5-based "
+#~ "algorithm was used."
+#~ msgstr ""
+#~ "Le champ « mot de passe » doit être rempli. Le mot de passe chiffré "
+#~ "comprend 13 à 24 caractères pris dans l'alphabet de 64 caractère : a-z, A-"
+#~ "Z, 0-9, \\. et /. Il peut optionellement commencer par un caractère "
+#~ "« $ ». Ceci signifie que le mot de passe a été généré par un autre "
+#~ "algorithme (autre que DES). Par exemple, s'il commence par « $1$ », "
+#~ "l'algorithme basé sur MD5 a été utilisé."
+
+#~ msgid ""
+#~ "The date of the last password change is given as the number of days since "
+#~ "Jan 1, 1970. The password may not be changed again until the proper "
+#~ "number of days have passed, and must be changed after the maximum number "
+#~ "of days. If the minimum number of days required is greater than the "
+#~ "maximum number of day allowed, this password may not be changed by the "
+#~ "user."
+#~ msgstr ""
+#~ "La date de dernière modification du mot de passe est donnée par le nombre "
+#~ "de jours écoulés depuis le 1er janvier 1970 jusqu'au dernier changement "
+#~ "du mot de passe. Un mot de passe ne peut pas être changé de nouveau avant "
+#~ "le nombre de jours indiqués, et doit être modifié avant le nombre maximal "
+#~ "de jours spécifié. Si le nombre minimal de jours requis est plus grand "
+#~ "que le nombre maximal de jours de validité, ce mot de passe ne peut pas "
+#~ "être changé par l'utilisateur."
+
+#~ msgid ""
+#~ "An account is considered to be inactive and is disabled if the password "
+#~ "is not changed within the specified number of days after the password "
+#~ "expires. An account will also be disabled on the specified day regardless "
+#~ "of other password expiration information."
+#~ msgstr ""
+#~ "Un compte est considéré comme inactif et est désactivé si le mot de passe "
+#~ "n'est pas changé dans l'intervalle indiqué après la fin de la validité du "
+#~ "mot de passe. Un compte est également désactivé le jour indiqué quels que "
+#~ "soient les autres informations de validité."
+
+#~ msgid ""
+#~ "This information supersedes any password or password age information "
+#~ "present in <filename>/etc/passwd</filename>."
+#~ msgstr ""
+#~ "Ces informations sont prioritaires sur tous les autres champs présents "
+#~ "dans <filename>/etc/passwd</filename>."
+
+#, fuzzy
+#~ msgid ""
+#~ "This field will be checked for existence as a directory, and a new "
+#~ "directory with this name will be created if it does not already exist. "
+#~ "The ownership of the directory will be set to be that of the user being "
+#~ "created or updated."
+#~ msgstr ""
+#~ "L'existence du répertoire indiqué dans ce champ est vérifiée, et dans le "
+#~ "cas contraire, le répertoire est créé. Le propriétaire du répertoire sera "
+#~ "l'utilisateur dont le compte est créé ou mis à jour."
+
+#~ msgid "Display faillog records for all users."
+#~ msgstr "Afficher les échecs de tous les utilisateurs."
+
+#~ msgid ""
+#~ "Set maximum number of login failures after the account is disabled to "
+#~ "<replaceable>MAX</replaceable>. Selecting <replaceable>MAX</replaceable> "
+#~ "value of 0 has the effect of not placing a limit on the number of failed "
+#~ "logins. The maximum failure count should always be 0 for <emphasis>root</"
+#~ "emphasis> to prevent a denial of services attack against the system."
+#~ msgstr ""
+#~ "Fixer le nombre maximum d'échecs de connexion après lesquels le compte "
+#~ "sera désactivé à <emphasis remap=\"I\">MAX</emphasis>. Une limite "
+#~ "<replaceable>MAX</replaceable> de 0 aura pour effet de ne pas placer de "
+#~ "limite d'échec. La limite pour l'utilisateur <emphasis>root</emphasis> "
+#~ "devrait toujours être 0 pour éviter tout risque de déni de service contre "
+#~ "le système."
+
+#~ msgid ""
+#~ "The user's home directory will be created if it does not exist. The files "
+#~ "contained in <replaceable>SKEL_DIR</replaceable> will be copied to the "
+#~ "home directory if the <option>-k</option> option is used, otherwise the "
+#~ "files contained in <filename>/etc/skel</filename> will be used instead. "
+#~ "Any directories contained in <replaceable>SKEL_DIR</replaceable> or "
+#~ "<filename>/etc/skel</filename> will be created in the user's home "
+#~ "directory as well. The <option>-k</option> option is only valid in "
+#~ "conjunction with the <option>-m</option> option. The default is to not "
+#~ "create the directory and to not copy any files."
+#~ msgstr ""
+#~ "Le répertoire personnel de l'utilisateur sera créé s'il n'existe pas "
+#~ "déjà. Les fichiers contenus dans <replaceable>rép_squelette</replaceable> "
+#~ "seront copiés dans le répertoire personnel si l'option <option>-k</"
+#~ "option> est employée ; sinon, les fichiers contenus dans <filename>/etc/"
+#~ "skel</filename> seront utilisés à la place. Tous les répertoires contenus "
+#~ "dans <replaceable>rép_squelette</replaceable> ou dans <filename>/etc/"
+#~ "skel</filename> seront également créés dans le répertoire personnel de "
+#~ "l'utilisateur. L'option <option>-k</option> n'est valable qu'en "
+#~ "conjonction avec l'option <option>-m</option>. Le comportement par défaut "
+#~ "est de ne pas créer le répertoire, et de ne copier aucun fichier."
+
+#~ msgid ""
+#~ "Your password must be easily remembered so that you will not be forced to "
+#~ "write it on a piece of paper. This can be accomplished by appending two "
+#~ "small words together and separating each with a special character or "
+#~ "digit. For example, Pass%word."
+#~ msgstr ""
+#~ "Vous devez pouvoir vous souvenir facilement de votre mot de passe, afin "
+#~ "de ne pas avoir à le noter sur un morceau de papier. Pour ce faire, on "
+#~ "peut choisir d'accoler deux mots en les séparant avec un caractère "
+#~ "spécial ou un chiffre. Par exemple, Mot2passe."
+
+#~ msgid ""
+#~ "Other methods of construction involve selecting an easily remembered "
+#~ "phrase from literature and selecting the first or last letter from each "
+#~ "word. An example of this is:"
+#~ msgstr ""
+#~ "D'autres méthodes de construction utilisent une phrase facile à se "
+#~ "rappeler, et consistent à sélectionner la première ou la dernière lettre "
+#~ "de chaque mot. Voici un exemple [ NdT : en anglais ] :"
+
+#~ msgid "Ask not for whom the bell tolls"
+#~ msgstr "Ask not for whom the bell tolls."
+
+#~ msgid "which produces"
+#~ msgstr "Ce qui donne :"
+
+#~ msgid "An4wtbt"
+#~ msgstr "An4wtbt."
+
+#~ msgid ""
+#~ "You may be reasonably sure few crackers will have included this in their "
+#~ "dictionaries. You should, however, select your own methods for "
+#~ "constructing passwords and not rely exclusively on the methods given here."
+#~ msgstr ""
+#~ "Vous pouvez raisonnablement être assuré que quelques crackers ont "
+#~ "désormais inclus ces mots de passe dans leurs dictionnaires. Vous pouvez "
+#~ "également utiliser votre propre méthode de construction de mots de passe "
+#~ "et ne pas compter exclusivement sur les méthodes proposées ici."
+
+#~ msgid ""
+#~ "The only restriction placed on the contents of the fields is that no "
+#~ "control characters may be present, nor any of comma, colon, or equal "
+#~ "sign. The <emphasis remap=\"I\">other</emphasis> field does not have this "
+#~ "restriction, and is used to store accounting information used by other "
+#~ "applications."
+#~ msgstr ""
+#~ "La seule restriction pour le contenu des champs est qu'ils ne doivent "
+#~ "contenir aucun caractère de contrôle, ni aucune virgule, deux-points ou "
+#~ "signe égal. Le champ <emphasis remap=\"I\">autre</emphasis> n'a pas cette "
+#~ "limitation et peut être utilisé pour enregistrer des informations sur le "
+#~ "compte pour d'autres applications."
+
+#~ msgid ""
+#~ "Range of user IDs to choose from for the <command>useradd</command> "
+#~ "program."
+#~ msgstr ""
+#~ "Plage d'identifiants numériques d'utilisateur que <command>useradd</"
+#~ "command> peut utiliser."
+
+#~ msgid ""
+#~ "The <option>-t</option> flag overrides the use of <option>-u</option>."
+#~ msgstr ""
+#~ "L'utilisation de l'option <option>-t</option> supplante l'option <option>-"
+#~ "u</option>."
+
+# NOTE: shadow => gshadow
+#~ msgid ""
+#~ "By default, <command>grpck</command> operates on the files <filename>/etc/"
+#~ "group</filename> and <filename>/etc/gshadow</filename>. The user may "
+#~ "select alternate files with the <emphasis remap=\"I\">group</emphasis> "
+#~ "and <emphasis remap=\"I\">shadow</emphasis> parameters. Additionally, the "
+#~ "user may execute the command in read-only mode by specifying the <option>-"
+#~ "r</option> flag. This causes all questions regarding changes to be "
+#~ "answered <emphasis>no</emphasis> without user intervention. "
+#~ "<command>grpck</command> can also sort entries in <filename>/etc/group</"
+#~ "filename> and <filename>/etc/gshadow</filename> by GID. To run it in sort "
+#~ "mode pass it <option>-s</option> flag. No checks are performed then, it "
+#~ "just sorts."
+#~ msgstr ""
+#~ "Par défaut, <command>grpck</command> opère sur les fichiers <filename>/"
+#~ "etc/group</filename> et <filename>/etc/gshadow</filename>. L'utilisateur "
+#~ "peut spécifier d'autres fichiers avec les paramètres <emphasis remap=\"I"
+#~ "\">group</emphasis> et <emphasis remap=\"I\">gshadow</emphasis>. De plus, "
+#~ "l'utilisateur peut exécuter les commandes en lecture seule en utilisant "
+#~ "l'option <option>-r</option>. Ceci aura pour conséquence de répondre "
+#~ "<emphasis>no</emphasis> à toutes les questions demandant des "
+#~ "modifications, sans intervention de l'utilisateur. <command>Grpck</"
+#~ "command> permet aussi de trier les entrées de <filename>/etc/group</"
+#~ "filename> et <filename>/etc/gshadow</filename> par GID. Pour effectuer ce "
+#~ "tri, utilisez l'option <option>-s</option>. Aucune vérification n'est "
+#~ "alors effectuée, les entrées sont seulement triées."
+
+#~ msgid ""
+#~ "The name of the new user's login shell. The named program will be used "
+#~ "for all future new user accounts."
+#~ msgstr ""
+#~ "Nom de l'interpréteur de commandes initial (« login shell ») d'un nouvel "
+#~ "utilisateur. Le programme nommé sera utilisé pour tous les futurs "
+#~ "nouveaux comptes utilisateur."
+
+#~ msgid ""
+#~ "Group administrator can add and delete users using <option>-a</option> "
+#~ "and <option>-d</option> options respectively. Administrators can use "
+#~ "<option>-r</option> option to remove group password. When no password is "
+#~ "set only group members can use <command>newgrp</command> to join the "
+#~ "group. Option <option>-R</option> disables access via a password to the "
+#~ "group through <command>newgrp</command> command (however members will "
+#~ "still be able to switch to this group)."
+#~ msgstr ""
+#~ "Un administrateur de groupe peut ajouter ou supprimer des utilisateurs en "
+#~ "utilisant respectivement les options <option>-a</option> et <option>-d</"
+#~ "option>. Les administrateurs peuvent utiliser l'option <option>-r</"
+#~ "option> pour supprimer le mot de passe d'un groupe. Lorsqu'aucun mot de "
+#~ "passe n'est défini, seuls les membres d'un groupe peuvent utiliser "
+#~ "<command>newgrp</command> pour utiliser ce groupe. L'option <option>-R</"
+#~ "option> désactive l'accès au groupe via la commande <command>newgrp</"
+#~ "command> (sauf pour les membres du groupe)."
+
+#, fuzzy
+#~ msgid ""
+#~ "This field must contain name of group. When specified an existing group "
+#~ "name the named user will be added as a new member of this group. If "
+#~ "specified non-existent non-numerical group name a new group will be "
+#~ "created."
+#~ msgstr ""
+#~ "Ce champ peut être le nom d'un groupe existant, ce qui permet d'ajouter "
+#~ "l'utilisateur désigné dans la liste des membres du groupe. Si un "
+#~ "identifiant de groupe inexistant est indiqué, un nouveau groupe est créé, "
+#~ "avec cet identifiant de groupe."
diff --git a/po/gl.po b/po/gl.po
new file mode 100644
index 0000000..2a47e8b
--- /dev/null
+++ b/po/gl.po
@@ -0,0 +1,3517 @@
+# Galician translation of shadow
+# Copyright (C) 1999, 2004, 2005 Free Software Foundation, Inc.
+# Jacobo Tarrio <jtarrio@debian.org>, 2006.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2006-07-18 23:27+0200\n"
+"Last-Translator: Jacobo Tarrio <jtarrio@debian.org>\n"
+"Language-Team: Galician <trasno@ceu.fi.udc.es>\n"
+"Language: gl\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=n!=1;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Non se puido reservar espacio para a información de configuración.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"erro de configuración - elemento \"%s\" descoñecido (avise ao "
+"administrador)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Contrasinal: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Contrasinal de %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Non se puido reservar espacio para a información de configuración.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "A cambiar a información de caducidade de %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Non se pode determinar o seu nome de usuario.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: liña %d: non se pode atopar o usuario %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: memoria esgotada\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: non se pode actualizar o ficheiro %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: directorio inicial \"%s\" non válido\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: aviso: non se pode eliminar "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: aviso: non se pode eliminar "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: aviso: non se pode eliminar "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: aviso: non se pode eliminar "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: non se pode actualizar o ficheiro %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: non se pode actualizar o ficheiro shadow\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: non se pode abrir o ficheiro %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Aviso: grupo %s descoñecido\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Aviso: hai grupos de máis\n"
+
+msgid "Your password has expired."
+msgstr "O seu contrasinal caducou."
+
+msgid "Your password is inactive."
+msgstr "O seu contrasinal está inactivo."
+
+msgid "Your login has expired."
+msgstr "O seu identificador de usuario caducou."
+
+msgid "  Contact the system administrator."
+msgstr " Póñase en contacto co administrador do sistema."
+
+msgid "  Choose a new password."
+msgstr " Escolla un novo contrasinal."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "O seu contrasinal ha caducar en %ld días.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "O seu contrasinal ha caducar mañá."
+
+msgid "Your password will expire today."
+msgstr "O seu contrasinal ha caducar hoxe."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Non se puido cambiar o tty %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: campos longos de máis\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Desbordamento nas variables de ambiente\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Non pode cambiar $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d fallo desde a última entrada.\n"
+"O último foi o %s en %s.\n"
+msgstr[1] ""
+"%d fallos desde a última entrada.\n"
+"O último foi o %s en %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "non se puido cambiar o propietario da caixa do correo"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: non se pode obter un UID único\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: non se pode obter un GID único\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: non se pode obter un UID único\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: non se pode obter un UID único\n"
+
+msgid "Too many logins.\n"
+msgstr "Entrou demasiadas veces.\n"
+
+msgid "You have new mail."
+msgstr "Ten novo correo."
+
+msgid "No mail."
+msgstr "Non hai correo."
+
+msgid "You have mail."
+msgstr "Ten correo."
+
+msgid "no change"
+msgstr "ningún cambio"
+
+msgid "a palindrome"
+msgstr "un palíndromo"
+
+msgid "case changes only"
+msgstr "só cambia maiúsculas/minúsculas"
+
+msgid "too similar"
+msgstr "semellantes de máis"
+
+msgid "too simple"
+msgstr "simple de máis"
+
+msgid "rotated"
+msgstr "rotado"
+
+msgid "too short"
+msgstr "curto de máis"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Contrasinal non válido: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: a chamada a pam_start() fallou, erro %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Cambiouse o contrasinal."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: o contrasinal actualizouse con éxito\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Contrasinal incorrecto para %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: teléfono da casa non válido: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Non se puido cambiar a \"%s\"\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Non hai un directorio, éntrase con HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Non se pode executar %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Directorio raíz \"%s\" non válido\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Non se pode cambiar o directorio raíz a \"%s\"\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Non se pode determinar o nome do seu tty."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "Non\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Introduza o novo valor ou prema Intro para o valor por defecto"
+
+msgid "Minimum Password Age"
+msgstr "Idade mínima do contrasinal"
+
+msgid "Maximum Password Age"
+msgstr "Idade máxima do contrasinal"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Último cambio de contrasinal (AAAA-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Aviso de caducidade de contrasinal"
+
+msgid "Password Inactive"
+msgstr "Contrasinal inactivo"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Data de caducidade da conta (AAAA-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Último cambio de contrasinal\t\t\t\t: "
+
+msgid "never"
+msgstr "nunca"
+
+msgid "password must be changed"
+msgstr "debe cambiarse o contrasinal"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "O contrasinal caduca\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Contrasinal inactivo\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "A conta caduca\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Número mínimo de días entre cambios de contrasinal\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Número máximo de días entre cambios de contrasinal\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Número de días de aviso antes de que caduque o contrasinal: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: data \"%s\" non válida\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: argumento numérico \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: non inclúa \"l\" con outros indicadores\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Permiso denegado.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Non se pode determinar o seu nome de usuario.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: non se pode bloquear ficheiros, volva tentalo despois\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: non se pode abrir o ficheiro %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: fallo ao lanzar o proceso: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: o ficheiro de contrasinais shadow non está presente\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: o usuario %s non existe\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "A cambiar a información de caducidade de %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: erro ao cambiar os campos\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Nome completo"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Número de cuarto"
+
+msgid "Work Phone"
+msgstr "Teléfono do traballo"
+
+msgid "Home Phone"
+msgstr "Teléfono da casa"
+
+msgid "Other"
+msgstr "Outro"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Non se pode cambiar o ID a root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: nome non válido: \"%s\"\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: número de cuarto non válido: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: teléfono do traballo non válido: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: teléfono da casa non válido: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: \"%s\" contén caracteres non válidos\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: \"%s\" contén caracteres non válidos\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: o usuario %s non existe\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: non se pode cambiar o usuario \"%s\" no cliente NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: \"%s\" é o mestre NIS deste cliente.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "A cambiar a información de usuario de %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: campos longos de máis\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: o modificador -a SÓ se admite co modificador -G\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: liña %d: liña longa de máis\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: liña %d: falla o novo contrasinal\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: o grupo %s non existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: liña %d: non se pode actualizar a entrada\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: detectouse un erro, ignóranse os cambios\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: o usuario %s non existe\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: o usuario %s non existe\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Intérprete de ordes"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Non pode cambiar o intérprete de ordes de %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "A cambiar o intérprete de ordes de %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Entrada non válida: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s non é un intérprete de ordes válido.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: o usuario %s non existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: aviso: %s non pertence a %s\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: non se esperaba un argumento: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Usuario     Fallos   Máximo  Último                   O\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [fallan %lds]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [bloqueado %lds]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Usuario descoñecido: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Non se pode cambiar o contrasinal de %s.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "Non se pode cambiar o contrasinal de %s.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: precísase de contrasinais de grupo shadow para -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: o grupo %s non existe\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: fallo ao lanzar o proceso: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "A cambiar o contrasinal do grupo %s\n"
+
+msgid "New Password: "
+msgstr "Novo contrasinal: "
+
+msgid "Re-enter new password: "
+msgstr "Volva introducir o novo contrasinal: "
+
+msgid "They don't match; try again"
+msgstr "Non coinciden, volva tentalo"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Volva tentalo despois\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "A engadir o usuario %s ao grupo %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "A eliminar o usuario %s do grupo %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: o usuario %s non existe\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Non é un tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s non é un nome de grupo válido\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "nome de grupo \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K precisa de CLAVE=VALOR\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: o grupo %s existe\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "O membro xa existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Non se pode determinar o seu nome de usuario.\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: non se pode cambiar o usuario \"%s\" no cliente NIS.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: o grupo %s non existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: o grupo \"%s\" é un grupo NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s é o mestre NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: o usuario %s é un usuario NIS\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: esgotouse a memoria en update_group\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "nome de grupo \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: o grupo %s é un grupo NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: usuario %s descoñecido\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s e -r son incompatibles\n"
+
+msgid "invalid group file entry"
+msgstr "entrada do ficheiro de grupos non válida"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "¿borrar a liña \"%s\"? "
+
+msgid "duplicate group entry"
+msgstr "entrada de grupo duplicada"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "nome de grupo \"%s\" non válido\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "nome de grupo \"%s\" non válido\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grupo %s: non existe o usuario %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "¿borrar o membro \"%s\"? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "non hai unha entrada do ficheiro de grupos que coincida en %s\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "¿engadir o grupo \"%s\" en %s? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "entrada do ficheiro de grupos shadow non válida"
+
+msgid "duplicate shadow group entry"
+msgstr "entrada de grupo shadow duplicada"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "grupo shadow %s: non existe o usuario administrativo %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "¿borrar o membro administrativo \"%s\"? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "grupo shadow %s: non existe o usuario %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: actualizáronse os ficheiros\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: non hai cambios\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: non se pode actualizar o ficheiro %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Emprego: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Emprego: id\n"
+
+msgid " groups="
+msgstr " grupos="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr "Usuario          Porto    Desde            Última"
+
+msgid "Username                Port     Latest"
+msgstr "Usuario                 Porto    Última"
+
+msgid "**Never logged in**"
+msgstr "**Nunca entrou**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: non se pode actualizar o ficheiro de contrasinais\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Emprego: %s [-p] [nome]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "         %s [-p] [-h servidor] [-f nome]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "         %s [-p] -r servidor\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Hora de entrada non válida"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"O sistema está pechado por mantemento rutinario"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Omitida a desconexión -- permítese a entrada coma root.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Non hai unha entrada en utmp. Debe executar \"login\" dende o \"sh\" de "
+"nivel máis baixo"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"A entrada caducou despois de %d segundos.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: Fallo en PAM, a abortar: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Superouse o número máximo de intentos (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: cancelación solicitada por PAM\n"
+
+msgid "Login incorrect"
+msgstr "Entrada incorrecta"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: liña %d: non se pode atopar o usuario %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: fallo ao lanzar o proceso: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Aviso: vólvese permitir a entrada despois do bloqueo temporal."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Última entrada: %s en %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Última entrada: %.19s en %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " desde %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"superouse o tempo de entrada\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Emprego: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Emprego: newgrp [-] [grupo]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Emprego: sg grupo [[-c] orde]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Contrasinal antigo: "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: fallo ao lanzar o proceso: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: o usuario %s non existe\n"
+
+msgid "too many groups\n"
+msgstr "hai grupos de máis\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: o grupo %s non existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: nome de usuario \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: nome de usuario \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: liña %d: liña non válida\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: non se pode actualizar a entrada do usuario %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: liña %d: non se pode crear o GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: liña %d: non se pode crear o GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: o usuario %s non existe\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: liña %d: non se pode actualizar o contrasinal\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: liña %d: a chamada a mkdir fallou\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: liña %d: a chamada a chown fallou\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: liña %d: non se pode actualizar a entrada\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: non se pode crear %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: non se pode actualizar o ficheiro de grupos\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Contrasinal antigo: "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduza o novo contrasinal (mínimo de %d, máximo de %d caracteres)\n"
+"Empregue unha combinación de maiúsculas, minúsculas e números.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduza o novo contrasinal (mínimo de %d, máximo de %d caracteres)\n"
+"Empregue unha combinación de maiúsculas, minúsculas e números.\n"
+
+msgid "New password: "
+msgstr "Novo contrasinal: "
+
+msgid "Try again."
+msgstr "Volva tentalo."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Aviso: contrasinal feble (introdúzao outra vez para o empregar igualmente)."
+
+msgid "They don't match; try again.\n"
+msgstr "Non coinciden; volva tentalo.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Non se pode cambiar o contrasinal de %s.\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Non se pode cambiar o contrasinal de %s.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: non se soporta o repositorio %s\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Non pode ver ou modificar a información de contrasinal de %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "A cambiar o contrasinal de %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Non se cambiou o contrasinal de %s\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Cambiouse o contrasinal."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Aviso de caducidade de contrasinal"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "entrada do ficheiro de contrasinais non válida"
+
+msgid "duplicate password entry"
+msgstr "entrada de contrasinal duplicada"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "nome de usuario \"%s\" non válido\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "nome de usuario \"%s\" non válido\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "usuario %s: non existe o grupo %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "usuario %s: o directorio %s non existe\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "usuario %s: o programa %s non existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: non se pode bloquear o ficheiro %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "non hai unha entrada do ficheiro de contrasinais que coincida en %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "¿engadir o usuario \"%s\" en %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "entrada do ficheiro de contrasinais shadow non válida"
+
+msgid "duplicate shadow password entry"
+msgstr "entrada de contrasinal shadow duplicada"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "usuario %s: último cambio de contrasinal no futuro\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: non se pode abrir o ficheiro %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: non se pode rescribir o ficheiro\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "O acceso a su para esa conta está DENEGADO.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Omitiuse a autenticación por contrasinal.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Introduza O SEU PROPIO contrasinal para autenticación.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: non se pode bloquear o ficheiro %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Emprego: su [opcións] [USUARIO]\n"
+"\n"
+"Opcións:\n"
+"  -c, --command ORDE\t\tpasa a ORDE ao intérprete de ordes executado\n"
+"  -h, --help\t\t\tamosa esta mensaxe de axuda e sae\n"
+"  -, -l, --login\t\tfai que o intérprete de ordes sexa de \"login\"\n"
+"  -m, -p,\n"
+"  --preserve-environment\tnon reinicia as variables de ambiente e\n"
+"\t\t\t\tmantén o mesmo intérprete de ordes\n"
+"  -s, --shell INTÉRPRETE\temprega o INTÉRPRETE no canto do normal\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignórase)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Non está autorizado para facer su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Introduza o seu propio contrasinal)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: a autenticación con PAM fallou\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Non está autorizado para facer su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Non hai unha entrada de contrasinal para \"root\""
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: débese executar dende un terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start(): erro %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Non se pode executar %s"
+
+msgid "No password file"
+msgstr "Non é un ficheiro de contrasinais"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Non hai unha entrada de contrasinal para \"root\""
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Escriba control-d para seguir co inicio normal,\n"
+"(ou escriba o contrasinal de root para o mantemento do sistema):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "A entrar no modo de mantemento do sistema"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: non se pode crear o novo ficheiro de valores por defecto\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: non se pode abrir o novo ficheiro de valores por defecto\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: liña %d: a chamada a chown fallou\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: o grupo \"%s\" é un grupo NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: especificáronse grupos de máis (máximo %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Emprego: %s [entrada]\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: directorio base \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: comentario \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: directorio inicial \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: precísase de contrasinais shadow para -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: precísase de contrasinais shadow para -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: campo \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: intérprete de ordes \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+msgid "Creating mailbox file"
+msgstr "A crear o ficheiro da caixa do correo"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Non se atopou o grupo \"mail\". Hase crear a caixa do correo do usuario co "
+"modo 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "A estabrecer os permisos do ficheiro da caixa do correo"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: o usuario %s existe\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: o grupo %s existe - se quere engadir este usuario a este grupo, empregue "
+"-g.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: non se pode crear %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: o UID %u non é único\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: non se pode crear %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: non se pode crear %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: non se pode crear %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: aviso: o directorio inicial xa existe.\n"
+"Non se copia nel ningún ficheiro do directorio skel.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: non se pode cambiar o usuario \"%s\" no cliente NIS.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: Non se pode eliminar o grupo %s, que é o grupo primario de outro "
+"usuario.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: directorio inicial \"%s\" non válido\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: aviso: non se pode eliminar "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s non pertence a %s, non se elimina\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: o usuario %s é un usuario NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: directorio inicial \"%s\" non válido\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: non se elimina o directorio %s (había eliminar o directorio inicial do "
+"usuario %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: erro ao borrar o directorio %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: o usuario %s existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: data \"%s\" non válida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: data \"%s\" non válida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: non se pode abrir o ficheiro %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: precísase de contrasinais de shadow para -e e -f\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "O membro xa existe\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: o directorio %s existe\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: non se pode crear o directorio %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: aviso: non se puido eliminar completamente o vello directorio inicial %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: non se pode cambiar o nome do directorio %s a %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: aviso: %s non pertence a %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "non se puido cambiar o propietario da caixa do correo"
+
+msgid "failed to rename mailbox"
+msgstr "non se puido cambiar o nome da caixa do correo"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s non ten cambios\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "non se puido cambiar o nome da caixa do correo"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Non se puido bloquear o ficheiro"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: non se puido deixar os privilexios (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Non se puido bloquear o ficheiro"
+
+msgid "Couldn't make backup"
+msgstr "Non se puido facer unha copia de seguridade"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: non se atopou %s en /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Non se pode abrir o ficheiro de grupos\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: campos longos de máis\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "non se puido cambiar o nome da caixa do correo"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "non se puido cambiar o propietario da caixa do correo"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "non se puido cambiar o nome da caixa do correo"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: non se pode restaurar %s: %s (os seus cambios están en %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: directorio base \"%s\" non válido\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Emprego: %s [entrada]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "A chamada a malloc(%d) fallou\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: chage [opcións] [USUARIO]\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ "  -d, --lastday ÚLTIMO\t\tfixa o último cambio de\tcontrasinal ao\n"
+#~ "\t\t\t\tdía ÚLTIMO\n"
+#~ "  -E, --expiredate CADUCA\tfixa a data de caducidade ao día CADUCA\n"
+#~ "  -h, --help\t\t\tamosa esta mensaxe de axuda e sae\n"
+#~ "  -I, --inactive INACTIVO\tfixa o tempo de inactividade do contrasinal\n"
+#~ "\t\t\t\ttrala caducidade a INACTIVO\n"
+#~ "  -l, --list\t\t\tamosa a información de caducidade das contas\n"
+#~ "  -m, --mindays M�NIMO\t\tfixa o número mínimo de días antes do\n"
+#~ "\t\t\t\tcambio de contrasinal a M�NIMO\n"
+#~ "  -M, --maxdays M�XIMO\t\tfixa o número máximo de días antes do\n"
+#~ "\t\t\t\tcambio de contrasinal a M�XIMO\n"
+#~ "  -W, --warndays AVISO\t\tfixa o número de días de aviso de caducidade\n"
+#~ "\t\t\t\ta AVISO\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: a autenticación con PAM fallou\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Emprego: %s [-f nome] [-r num_cuarto] [-w tlf_traballo]\n"
+#~ "\t[-h tlf_casa] [-o outro] [usuario]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Emprego: %s [-f nome] [-r num_cuarto] [-w tlf_traballo] [-h tlf_casa]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Emprego: chpasswd [opcións]\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ "  -e, --encrypted\tos contrasinais fornecidos xa están cifrados\n"
+#~ "  -h, --help\t\tamosa esta mensaxe de axuda e sae\n"
+#~ "  -m, --md5\t\tempregar cifrado MD5 no canto de DES se os\n"
+#~ "\t\t\tcontrasinais fornecidos non están cifrados\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: chsh [opcións] [USUARIO]\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ "  -h, --help\t\t\tamosa esta mensaxe de axuda e sae\n"
+#~ "  -s, --shell INTÉRPRETE\tnovo intérprete de ordes da conta de usuario\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Emprego: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: non se pode abrir o ficheiro %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Emprego: groupdel grupo\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Emprego: %s [-r] [-s] [grupo [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Emprego: %s [-r] [-s] [grupo]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s e -r son incompatibles\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Emprego: groupdel grupo\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Emprego: groupdel grupo\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: lastlog [opcións]\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ "  -b, --before D�AS\tamosa só os rexistros de última entrada de máis\n"
+#~ "\t\t\tde D�AS días\n"
+#~ "  -h, --help\t\tamosa esta mensaxe de axuda e sae\n"
+#~ "  -t, --time D�AS\tamosa só os rexistros de última entrada de menos\n"
+#~ "\t\t\tde D�AS días\n"
+#~ "  -u, --user USUARIO\tamosa o rexistro de última entrada do USUARIO\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: passwd [opcións] [USUARIO]\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ "  -a, --all\t\t\tinforma do estado dos contrasinais en tódalas contas\n"
+#~ "  -d, --delete\t\t\telimina o contrasinal da conta indicada\n"
+#~ "  -e, --expire\t\t\tfai caducar o contrasinal da conta indicada\n"
+#~ "  -h, --help\t\t\tamosa esta mensaxe de axuda e sae\n"
+#~ "  -k, --keep-tokens\t\tcambia o contrasinal só se caducou\n"
+#~ "  -i, --inactive INACT\t\tcambia o tempo de inactividade trala "
+#~ "caducidade\n"
+#~ "\t\t\t\tda conta a INACT\n"
+#~ "  -l, --lock\t\t\tbloquea a conta indicada\n"
+#~ "  -n, --mindays M�N\tfixa o número mínimo de días antes do cambio de\n"
+#~ "\t\t\t\tcontrasinal a M�N\n"
+#~ "  -q, --quiet\t\t\tmodo silencioso\n"
+#~ "  -r, --repository REP\t\tcambia o contrasinal do repositorio REP\n"
+#~ "  -S, --status\t\t\tinforma do estado do contrasinal da conta indicada\n"
+#~ "  -u, --unlock\t\t\tdesbloquea a conta indicada\n"
+#~ "  -w, --warndays AVISO\tfixa o tempo de aviso antes da caducidade a "
+#~ "AVISO\n"
+#~ "\t\t\t\tdías\n"
+#~ "  -x, --maxdays M�X\t\tfixa o número máximo de días antes do cambio de\n"
+#~ "\t\t\t\tcontrasinal a M�X\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Emprego: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Emprego: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Emprego: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Emprego: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Id. descoñecido: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Non hai un intérprete de ordes\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: userdel [opcións] USUARIO\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ "  -f, --force\t\t\ttamén elimina os ficheiros se non son do usuario\n"
+#~ "  -h, --help\t\t\tamosa esta mensaxe de axuda e sae\n"
+#~ "  -r, --remove\t\t\telimina o directorio inicial e o correo\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: o usuario %s está conectado\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Emprego: usermod [opcións] USUARIO\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ "  -a, --append GRUPO\t\tengade o usuario ao GRUPO suplementario\n"
+#~ "\t\t\t\t(emprégueo só con -G)\n"
+#~ "  -c, --comment COMENTARIO\tnovo valor do campo GECOS\n"
+#~ "  -d, --home DIR_INICIAL\tnovo directorio inicial da conta de usuario\n"
+#~ "  -e, --expiredate DATA_CAD\tfixa a data de caducidade da conta a "
+#~ "DATA_CAD\n"
+#~ "  -f, --inactive INACTIVA\tfixa o tempo de inactividade do contrasinal\n"
+#~ "\t\t\t\ttrala caducidade a INACTIVA\n"
+#~ "  -g, --gid GRUPO\t\tusa o GRUPO coma novo grupo primario\n"
+#~ "  -G, --groups GRUPOS\t\tnova lista de GRUPOS suplementarios\n"
+#~ "  -h, --help\t\t\tamosa esta mensaxe de axuda e sae\n"
+#~ "  -l, --login NOVO_USUARIO\tnovo valor do nome de usuario\n"
+#~ "  -L, --lock\t\t\tbloquea a conta do usuario\n"
+#~ "  -m, --move-home\t\tmove o contido do directorio inicial á nova\n"
+#~ "\t\t\t\tlocalización (emprégueo só con -d)\n"
+#~ "  -o, --non-unique\t\tpermite empregar UIDs duplicados (non únicos)\n"
+#~ "  -p, --password CONTRASINAL\temprega o constrasinal cifrado coma novo\n"
+#~ "\t\t\t\tcontrasinal\n"
+#~ "  -s, --shell INTÉRPRETE\tnovo intérprete de ordes da conta de usuario\n"
+#~ "  -u, --uid UID\t\t\tnovo UID para a conta de usuario\n"
+#~ "  -U, --unlock\t\t\tdesbloquea a conta do usuario\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: non se forneceu ningún modificador\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: vipw [opcións]\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ "  -g, --group\t\tedita a base de datos de grupos\n"
+#~ "  -h, --help\t\tamosa esta mensaxe de axuda e sae\n"
+#~ "  -p, --passwd\t\tedita a base de datos de contrasinais\n"
+#~ "  -q, --quiet\t\tmodo silencioso\n"
+#~ "  -s, --shadow\t\tedita a base de datos shadow ou gshadow\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Emprego: %s [entrada]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: non se pode crear %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: non se pode cambiar o propietario de %s\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: faillog [opcións]\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ "  -a, --all\t\tamosa os rexistros de entradas fallidas\tpara\n"
+#~ "\t\t\ttódolos usuarios\n"
+#~ "  -h, --help\t\tamosa esta mensaxe de axuda e sae\n"
+#~ "  -l, --lock-time SEG\tdespois dunha entrada fallida bloquea a conta\n"
+#~ "\t\t\tdurante SEG segundos\n"
+#~ "  -m, --maximum M�X\tfixa os contadores de máximas entradas fallidas a "
+#~ "M�X\n"
+#~ "  -r, --reset\t\treinicia os contadores de entradas fallidas\n"
+#~ "  -t, --time D�AS\tamosa os rexistros de entradas fallidas máis\n"
+#~ "\t\t\trecentes que D�AS\n"
+#~ "  -u, --user USUARIO\tamosa o rexistro de entradas fallidas ou mantén\n"
+#~ "\t\t\tos contadores de fallos e límites (se se emprega coas\n"
+#~ "\t\t\topcións -r, -m ou -l) só do USUARIO\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: groupadd [opcións] GRUPO\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ "  -f, --force\t\tforza a saída con éxito se o grupo indicado xa existe\n"
+#~ "  -g, --gid GID\t\temprega o GID para o novo grupo\n"
+#~ "  -h, --help\t\tamosa esta mensaxe de axuda e sae\n"
+#~ "  -K, --key CLAVE=VALOR\tignora os valores de /etc/login.defs\n"
+#~ "  -o, --non-unique\tpermite crear un grupo cun GID duplicado (non único)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: groupmod [opcións] GRUPO\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ "  -g, --gid GID\t\t\temprega o GID para o novo grupo\n"
+#~ "  -h, --help\t\t\tamosa esta mensaxe de axuda e sae\n"
+#~ "  -n, --new-name NOVO_GRUPO\tcambia o nome do GRUPO por NOVO_GRUPO\n"
+#~ "  -o, --non-unique\t\tpermite crear un grupo cun GID duplicado\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Emprego: useradd [opcións] USUARIO\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ "  -b, --base-dir DIR_BASE\tdirectorio base para o directorio inicial\n"
+#~ "\t\t\t\tda nova conta de usuario\n"
+#~ "  -c, --comment COMENTARIO\tfixa o campo GECOS da nova conta de usuario\n"
+#~ "  -d, --home-dir DIR_INICIAL\tdirectorio inicial da nova conta de "
+#~ "usuario\n"
+#~ "  -D, --defaults\t\tamosa ou grave a configuración modificada\n"
+#~ "\t\t\t\tde useradd\n"
+#~ "  -e, --expiredate DATA_CAD\tfixa a data de caducidade da conta a "
+#~ "DATA_CAD\n"
+#~ "  -f, --inactive INACTIVA\tfixa o tempo de inactividade do contrasinal\n"
+#~ "\t\t\t\ttrala caducidade a INACTIVA\n"
+#~ "  -g, --gid GRUPO\t\tusa o GRUPO para a nova conta de usuario\n"
+#~ "  -G, --groups GRUPOS\t\tlista de grupos suplementarios para a nova\n"
+#~ "\t\t\t\tconta de usuario\n"
+#~ "  -h, --help\t\t\tamosa esta mensaxe de axuda e sae\n"
+#~ "  -k, --skel DIR_SKEL\t\tespecifica un directorio \"skel\" alternativo\n"
+#~ "  -K, --key CLAVE=VALOR\t\tomite os valores por defecto de /etc/login."
+#~ "defs\n"
+#~ "  -m, --create-home\t\tcrea o directorio inicial para a nova conta\n"
+#~ "\t\t\t\tde usuario\n"
+#~ "  -o, --non-unique\t\tpermite crear usuarios con UIDs duplicados\n"
+#~ "\t\t\t\t(non únicos)\n"
+#~ "  -p, --password CONTRASINAL\temprega o CONTRASINAL cifrado para a nova\n"
+#~ "\t\t\t\tconta de usuario\n"
+#~ "  -s, --shell INTÉRPRETE\to intérprete de ordes da nova conta de usuario\n"
+#~ "  -u, --uid UID\t\t\tusa o UID para a nova conta de usuario\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Vai caducar o contrasinal."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de contrasinais\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de contrasinais\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de contrasinais shadow\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de contrasinais shadow\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: non se pode rescribir o ficheiro de contrasinais shadow\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: non se pode rescribir o ficheiro de contrasinais\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: non se pode actualizar o ficheiro de contrasinais shadow\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tNome completo: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tNúmero de cuarto: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTeléfono do traballo: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTeléfono da casa: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr ""
+#~ "Non se pode bloquear o ficheiro de contrasinais; volva tentalo despois.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Non se pode abrir o ficheiro de contrasinais.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Erro ao actualizar a entrada de contrasinal.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Non se poden gravar os cambios no ficheiro de contrasinais.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Non se pode desbloquear o ficheiro de contrasinais.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de grupos\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de grupos\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro gshadow\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: erro ao actualizar o ficheiro shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: erro ao actualizar a entrada do grupo\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: liña %d: grupo %s descoñecido\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: liña %d: non se pode actualizar a entrada\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro shadow\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: erro ao actualizar o ficheiro shadow\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: erro ao actualizar o ficheiro de contrasinais\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: liña %d: usuario %s descoñecido\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: liña %d: non se pode actualizar a entrada de contrasinal\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: usuario descoñecido\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Usuario descoñecido: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Emprego: %s [-r|-R] grupo\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "         %s [-a usuario] grupo\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "         %s [-d usuario] grupo\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "         %s [-A usuario,...] [-M usuario,...] grupo\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "         %s [-M usuario,...] grupo\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: non se pode obter un bloqueo\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: non se pode obter o bloqueo de shadow\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: non se pode rescribir o ficheiro de shadow\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: non se pode desbloquear o ficheiro\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: non se pode actualizar a entrada\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: non se pode actualizar a entrada de shadow\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "grupo descoñecido: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro shadow\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "¿Quen é vostede?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: membro %s descoñecido\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: erro ao engadir a entrada do novo grupo\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: non se pode rescribir o ficheiro de grupos\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: non se pode rescribir o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de grupos\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de grupos\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: o GID %u non é único\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: erro ao eliminar a entrada do grupo\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: erro ao eliminar a entrada do grupo shadow\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: non se pode eliminar o grupo primario do usuario.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Non se atopou o membro a eliminar\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr "Emprego: groupmems -a usuario | -d usuario | -D | -l [-g grupo]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Só o administrador pode engadir membros a distintos grupos\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Precísase de acceso a grupos\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Non é o propietario primario do grupo actual\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "A autenticación con PAM fallou para\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Non se pode bloquear o ficheiro de grupos\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Non se pode pechar o ficheiro de grupos\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: non se atopou %s en /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u non é un GID único\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s non é un nome único\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: non se pode rescribir o ficheiro de contrasinais\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de contrasinais\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de contrasinais\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: non se pode actualizar a entrada shadow para %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: non se pode actualizar a entrada do grupo %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: non se pode eliminar o grupo shadow %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: non se pode actualizar o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: non se pode borrar o ficheiro de grupos shadow\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "UID descoñecido: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "GID descoñecido: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: o grupo %s non existe\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: o usuario %s non existe\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: nome de usuario \"%s\" non válido\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: non se pode bloquear /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: non se pode bloquear /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: non se pode bloquear /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: non se pode bloquear /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: non se pode abrir ficheiros\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: erro ao actualizar os ficheiros\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: non se pode actualizar a entrada de contrasinal para %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de contrasinais\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de contrasinais\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: non se pode eliminar a entrada shadow para %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: non se pode actualizar o ficheiro de contrasinais\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: non se pode actualizar a entrada do usuario %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: non se pode borrar o ficheiro de contrasinais shadow\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: GID %s descoñecido\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: grupo %s descoñecido\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: esgotouse a memoria en update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: non se pode rescribir o ficheiro de contrasinais\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: non se pode rescribir o ficheiro de contrasinais shadow\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: non se pode bloquear o ficheiro de contrasinais shadow\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de contrasinais shadow\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: erro ao bloquear o ficheiro de grupos\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: erro ao abrir o ficheiro de grupos\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: erro ao bloquear o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: erro ao abrir o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: erro ao engadir a nova entrada de contrasinal\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: erro ao engadir a nova entrada de contrasinal shadow\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: aviso: CREATE_HOME non está soportado, empregue -m no seu canto.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: erro ao actualizar a entrada do grupo\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: erro ao actualizar a entrada do grupo\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de grupos\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: non se pode abrir o ficheiro de grupos shadow\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: erro ao eliminar a entrada de contrasinal\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: erro ao eliminar a entrada de contrasinal shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: erro ao engadir a entrada do novo grupo\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: o uid %lu non é único\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: erro ao cambiar a entrada de contrasinal\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: erro ao eliminar a entrada de contrasinal\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: erro ao eliminar a entrada de contrasinal shadow\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: non se pode obter un GID único\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " en \"%.100s\" desde \"%.200s\""
+
+#~ msgid " on '%.100s'"
+#~ msgstr " en \"%.100s\""
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: liña %d: non se pode crear o UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: o nome %s non é único\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Emprego: chgpasswd [opcións]\n"
+#~ "\n"
+#~ "Opcións:\n"
+#~ "  -e, --encrypted\tos contrasinais fornecidos xa están cifrados\n"
+#~ "  -h, --help\t\tamosa esta mensaxe de axuda e sae\n"
+#~ "  -m, --md5\t\tempregar cifrado MD5 no canto de DES se os\n"
+#~ "\t\t\tcontrasinais fornecidos non están cifrados\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Non é un ficheiro de contrasinais\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Perdón.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Aínda non se pode cambiar o contrasinal de %s.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Perdón."
diff --git a/po/he.po b/po/he.po
new file mode 100644
index 0000000..ec42d1c
--- /dev/null
+++ b/po/he.po
@@ -0,0 +1,2554 @@
+# Hebrew translation of shadow.
+# Copyright (C) 2004 THE shadow'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the shadow package.
+# Lior Kaplan <webmaster@guides.co.il>, 2004.
+#
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2004-07-21 23:59+0300\n"
+"Last-Translator: Lior Kaplan <webmaster@guides.co.il>\n"
+"Language-Team: Hebrew <en@li.org>\n"
+"Language: he\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "ל� יכול להקצות מקו� בשביל מידע על הקונפיגורציה.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "שגי�ת הגדרות - רכיב ל� ידוע '%s' (הודע למנהל)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "סיסמה: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "הסיסמה של %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "ל� יכול להקצות מקו� בשביל מידע על הקונפיגורציה.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "שנה מידע הזדקות בשביל %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: ל� יכול לקבוע �ת ש� המשתמש שלך.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: ל� יכול לקבוע �ת ש� המשתמש שלך.\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "ספרית שורש ל� חוקית \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: ל� יכול לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: ל� יכול לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: ל� יכול לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: ל� יכול לכתוב מחדש קובץ סיסמ�ות\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't open shadow file\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: ל� יכול לפתוח קובץ צל\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "�זהרה: קבוצה ל� מוכרת %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "�זהרה: יותר מידי קבוצות\n"
+
+msgid "Your password has expired."
+msgstr "תוקף הסיסמה שלך פג."
+
+msgid "Your password is inactive."
+msgstr "הסיסמה שלך �ינה פעילה."
+
+msgid "Your login has expired."
+msgstr "תוקף הכניסה שלך למערכת פג."
+
+msgid "  Contact the system administrator."
+msgstr "  צור קשר ע� מנהל המערכת."
+
+msgid "  Choose a new password."
+msgstr "  בחר סיסמה חדשה."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "תוקף הסיסמה שלך יפוג בתוך %ld ימי�.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "תוקף הסיסמה שלך יפוג מחר."
+
+msgid "Your password will expire today."
+msgstr "תוקף הסיסמה שלך פג היו�."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "ל� יכול לשנות tty %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: שדות �רוכי� מידי\n"
+
+#, fuzzy, c-format
+msgid "%s: "
+msgstr "passwd: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "הצפת סביבה\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "�ינך רש�י לשנות �ת $%s\n"
+
+#, fuzzy, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] "%d שגי�ה מ�ז כניסה �חרונה למערכת. ה�חרונה היתה %s על %s.\n"
+msgstr[1] "%d שגי�ה מ�ז כניסה �חרונה למערכת. ה�חרונה היתה %s על %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: שדות �רוכי� מידי\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+msgid "Too many logins.\n"
+msgstr "יותר מידי כניסות למערכת.\n"
+
+msgid "You have new mail."
+msgstr "יש לך דו�ר חדש."
+
+msgid "No mail."
+msgstr "�ין דו�ר."
+
+msgid "You have mail."
+msgstr "יש לך דו�ר."
+
+msgid "no change"
+msgstr ""
+
+msgid "a palindrome"
+msgstr ""
+
+msgid "case changes only"
+msgstr ""
+
+msgid "too similar"
+msgstr ""
+
+msgid "too simple"
+msgstr ""
+
+msgid "rotated"
+msgstr ""
+
+msgid "too short"
+msgstr ""
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "סיסמה ל� טובה: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr ""
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+msgid "passwd: password unchanged\n"
+msgstr "סיסמה: "
+
+msgid "passwd: password updated successfully\n"
+msgstr ""
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: מספר טלפון בבית ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: ל� יכול לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: ל� יכול לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "ספרית שורש ל� חוקית \"%s\"\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "ל� יכול לבצע cd ל-\"%s\"\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "�ין ספריה, נכנס למערכת ע� HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "ל� יכול להריץ %s"
+
+#, fuzzy, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "ספרית שורש ל� חוקית \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "ל� יכול לשנות ספרית שורש ל-\"%s\"\n"
+
+#, fuzzy
+msgid "Unable to determine your tty name."
+msgstr "%s: ל� יכול לקבוע �ת ש� המשתמש שלך.\n"
+
+msgid "No"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "הכנס ערך חדש, �ו לחץ ENTER לברירת המחדל"
+
+msgid "Minimum Password Age"
+msgstr "גיל סיסמה מינימלי"
+
+msgid "Maximum Password Age"
+msgstr "גיל סיסמה מקסימלי"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "שינוי סיסמה �חרון (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "�זהרת תוקף סיסמה"
+
+msgid "Password Inactive"
+msgstr "סיסמה ל� פעילה"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "ת�ריך תוקף חשבון (YYYY-MM-DD)"
+
+#, fuzzy
+msgid "Last password change\t\t\t\t\t: "
+msgstr "שינוי סיסמה �חרון (YYYY-MM-DD)"
+
+#, fuzzy
+msgid "never"
+msgstr "�ף פע�"
+
+msgid "password must be changed"
+msgstr ""
+
+#, fuzzy
+msgid "Password expires\t\t\t\t\t: "
+msgstr "תוקף סיסמה:\t"
+
+#, fuzzy
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "חסור פעילות סיסמה:\t"
+
+#, fuzzy
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "תוקף חשבון:\t"
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: הגישה נ�סרה\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: ל� יכול לקבוע �ת ש� המשתמש שלך.\n"
+
+#, fuzzy, c-format
+msgid "%s: PAM: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot lock the password file; try again later.\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "ל� יכול לנעול קובץ סיסמ�ות; נסה שוב מ�וחר יותר\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't open shadow file\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: ל� יכול לפתוח קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: מספר טלפון בעבודה ל� חוקי: \"%s\"\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: ל� יכול לפתוח קובץ סיסמ�ות צל\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "שנה מידע הזדקות בשביל %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: שגי�ה בשינוי שדות\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "ש� מל�"
+
+#, fuzzy, c-format
+msgid "\t%s: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "Room Number"
+msgstr "מספר חדר"
+
+msgid "Work Phone"
+msgstr "מספר טלפון בעבודה"
+
+msgid "Home Phone"
+msgstr "מספר טלפון בבית"
+
+msgid "Other"
+msgstr "�חר"
+
+msgid "Cannot change ID to root.\n"
+msgstr "ל� יכול לשנות ID ל-root\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: מספר חדר ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: מספר טלפון בעבודה ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: מספר טלפון בבית ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: \"%s\" מכיל תווי� ל� חוקיי�\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: \"%s\" מכיל תווי� ל� חוקיי�\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: ל� יכול לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "משנה מידע בשביל המשתמש %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: שדות �רוכי� מידי\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: שורה %d: שורה �רוכה מידי\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: שורה %d: חסרה סיסמה חדשה\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: מספר טלפון בעבודה ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: שורה %d: משתמש ל� מוכר %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: שגי�ה זוהתה, מתעל� משינויי�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: unknown user %s\n"
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: שורה %d: משתמש ל� מוכר %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: unknown user %s\n"
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: שורה %d: משתמש ל� מוכר %s\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "מעטפת כניסה למערכת"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "�ינך רש�י לשנות �ת המעטפת בשביל %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "משנה מעטפת כניסה למערכת בשביל %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: רשומה ל� חוקית: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s הי� מעטפת ל� חוקית.\n"
+
+#, fuzzy, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "ספרית שורש ל� חוקית \"%s\"\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr ""
+
+#, c-format
+msgid " [%lus left]"
+msgstr ""
+
+#, c-format
+msgid " [%lds lock]"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "ספרית שורש ל� חוקית \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: מספר טלפון בעבודה ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "ספרית שורש ל� חוקית \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: ל� יכול לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: מספר טלפון בעבודה ל� חוקי: \"%s\"\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+
+msgid "The options cannot be combined.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: מספר טלפון בעבודה ל� חוקי: \"%s\"\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr ""
+
+msgid "New Password: "
+msgstr ""
+
+msgid "Re-enter new password: "
+msgstr ""
+
+msgid "They don't match; try again"
+msgstr ""
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr ""
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr ""
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: ל� יכול לקבוע �ת ש� המשתמש שלך.\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: ל� יכול לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: ל� יכול לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "שימוש: %s [-r|-R] group\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid group file entry"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr ""
+
+#, fuzzy
+msgid "duplicate group entry"
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "invalid group name '%s'\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr ""
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr ""
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr ""
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr ""
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid shadow group file entry"
+msgstr "%s: שגי�ה בעדכון קובץ צל\n"
+
+#, fuzzy
+msgid "duplicate shadow group entry"
+msgstr "%s: שגי�ה בעדכון קובץ צל\n"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr ""
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr ""
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "שימוש: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "שימוש: id\n"
+
+msgid " groups="
+msgstr ""
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr ""
+
+msgid "Username                Port     Latest"
+msgstr ""
+
+msgid "**Never logged in**"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "ספרית שורש ל� חוקית \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: ל� יכול לעדכן קובץ סיסמ�ות\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "שימוש: %s [-p] [name]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr ""
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr ""
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s login: "
+msgstr ""
+
+msgid "login: "
+msgstr ""
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr ""
+
+msgid "login: abort requested by PAM\n"
+msgstr ""
+
+msgid "Login incorrect"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: ל� יכול לקבוע �ת ש� המשתמש שלך.\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr ""
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr ""
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr ""
+
+#, c-format
+msgid " from %.*s"
+msgstr ""
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "שימוש: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr ""
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: מספר טלפון בעבודה ל� חוקי: \"%s\"\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "סיסמה ל� טובה: %s.  "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: מספר טלפון בעבודה ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+msgid "too many groups\n"
+msgstr ""
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: unknown user %s\n"
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: שורה %d: משתמש ל� מוכר %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: missing new password\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: שורה %d: חסרה סיסמה חדשה\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr ""
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+
+msgid "New password: "
+msgstr ""
+
+msgid "Try again."
+msgstr ""
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+
+msgid "They don't match; try again.\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "�ינך רש�י לשנות �ת המעטפת בשביל %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: password changed.\n"
+msgstr "סיסמה: "
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "�זהרת תוקף סיסמה"
+
+#, fuzzy, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "שימוש: %s [-p] [name]\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid password file entry"
+msgstr "ל� יכול לנעול קובץ סיסמ�ות; נסה שוב מ�וחר יותר"
+
+#, fuzzy
+msgid "duplicate password entry"
+msgstr "שגי�ה בעדכון רשומת הסיסמה."
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "%s: שורה %d: משתמש ל� מוכר %s\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "no tcb directory for %s\n"
+msgstr "ספרית שורש ל� חוקית \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "create tcb directory for %s?"
+msgstr "ל� יכול לשנות ספרית שורש ל-\"%s\"\n"
+
+#, fuzzy, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "ל� יכול לשנות ספרית שורש ל-\"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't open shadow file\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: ל� יכול לפתוח קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "ל� יכול לנעול קובץ סיסמ�ות; נסה שוב מ�וחר יותר\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr ""
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid shadow password file entry"
+msgstr "%s: ל� יכול לנעול קובץ סיסמ�ות צל"
+
+#, fuzzy
+msgid "duplicate shadow password entry"
+msgstr "%s: ל� יכול לעדכן קובץ סיסמ�ות צל"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: ל� יכול לכתוב מחדש קובץ סיסמ�ות\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock shadow file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr ""
+
+msgid "Password authentication bypassed.\n"
+msgstr ""
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: ל� יכול לקבוע �ת ש� המשתמש שלך.\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s\n"
+msgstr "passwd: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr ""
+
+msgid "(Enter your own password)"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: זיהוי PAM נכשל\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr ""
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr ""
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: ל� יכול לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "ל� יכול להריץ %s"
+
+#, fuzzy
+msgid "No password file"
+msgstr "  בחר סיסמה חדשה.\n"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr ""
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+
+msgid "Entering System Maintenance Mode"
+msgstr ""
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: ל� יכול לכתוב מחדש קובץ סיסמ�ות\n"
+
+#, fuzzy, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "ספרית שורש ל� חוקית \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "ספרית שורש ל� חוקית \"%s\"\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr ""
+
+msgid "Creating mailbox file"
+msgstr ""
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+
+msgid "Setting mailbox file permissions"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "ספרית שורש ל� חוקית \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: ל� יכול לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: ל� יכול לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "ספרית שורש ל� חוקית \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: ל� יכול לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: ל� יכול לשנות משתמש `%s' על לקוח NIS.\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "ספרית שורש ל� חוקית \"%s\"\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't open shadow file\n"
+msgid "%s: no options\n"
+msgstr "%s: ל� יכול לפתוח קובץ צל\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr ""
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "ספרית שורש ל� חוקית \"%s\"\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr ""
+
+msgid "failed to change mailbox owner"
+msgstr ""
+
+msgid "failed to rename mailbox"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: מספר טלפון בעבודה ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: שדות �רוכי� מידי\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: מספר טלפון בעבודה ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "ספרית שורש ל� חוקית \"%s\"\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: מספר טלפון בעבודה ל� חוקי: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "סיסמה: "
+
+msgid "failed to create scratch directory"
+msgstr ""
+
+#, fuzzy
+msgid "failed to drop privileges"
+msgstr "%s: מספר טלפון בעבודה ל� חוקי: \"%s\"\n"
+
+msgid "Couldn't get file context"
+msgstr ""
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+msgid "failed to gain privileges"
+msgstr ""
+
+msgid "Couldn't lock file"
+msgstr ""
+
+msgid "Couldn't make backup"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s: %s\n"
+msgstr "passwd: %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: שדות �רוכי� מידי\n"
+
+msgid "failed to stat edited file"
+msgstr ""
+
+msgid "failed to allocate memory"
+msgstr ""
+
+msgid "failed to create backup file"
+msgstr ""
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "ספרית שורש ל� חוקית \"%s\"\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) נכשל\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: זיהוי PAM נכשל\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "שימוש: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "שימוש: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "שימוש: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "שימוש: id\n"
+
+#, fuzzy
+#~ msgid "Password set to expire."
+#~ msgstr "תוקף הסיסמה שלך פג."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: ל� יכול לנעול קובץ סיסמ�ות\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: ל� יכול לפתוח קובץ סיסמ�ות\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: ל� יכול לנעול קובץ סיסמ�ות צל\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: ל� יכול לפתוח קובץ סיסמ�ות צל\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: ל� יכול לכתוב מחדש קובץ סיסמ�ות צל\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: ל� יכול לכתוב מחדש קובץ סיסמ�ות\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: ל� יכול לעדכן קובץ סיסמ�ות צל\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tש� מל�: %s\n"
+
+#, fuzzy
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "מספר חדר"
+
+#, fuzzy
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "מספר טלפון בעבודה"
+
+#, fuzzy
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "מספר טלפון בבית"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "ל� יכול לפתוח �ת קובץ הסיסמ�ות.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "שגי�ה בעדכון רשומת הסיסמה.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "ל� יכול לבצע שינויי� בקובץ הסיסמ�ות.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "ל� יכול לשחרר נעילה של קובץ הסיסמ�ות.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: שגי�ה בעדכון קובץ צל\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: שגי�ה בעדכון קובץ צל\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: שגי�ה בעדכון קובץ צל\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: שגי�ה בעדכון קובץ סיסמ�ות\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: שורה %d: ל� יכול לעדכן רשומת סיסמה\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: ל� יכול לפתוח קובץ צל\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: זיהוי PAM נכשל\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "ל� יכול לבצע cd ל-\"%s\"\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "ל� יכול לשחרר נעילה של קובץ הסיסמ�ות.\n"
+
+#, fuzzy
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: ש� ל� חוקי: \"%s\"\n"
+
+#, fuzzy
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "%s: שורה %d: משתמש ל� מוכר %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: ל� יכול לנעול קובץ צל\n"
+
+#, fuzzy
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: שורה %d: משתמש ל� מוכר %s\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: שגי�ה בעדכון קובץ צל\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: שגי�ה בעדכון קובץ צל\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "  בחר סיסמה חדשה.\n"
diff --git a/po/hu.po b/po/hu.po
new file mode 100644
index 0000000..310034b
--- /dev/null
+++ b/po/hu.po
@@ -0,0 +1,3641 @@
+# Gabor Kelemen <kelemeng@gnome.hu>, 2006.
+msgid ""
+msgstr ""
+"Project-Id-Version: 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2007-11-25 20:56+0100\n"
+"Last-Translator: SZERV�C Attila <sas@321.hu>\n"
+"Language-Team: Hungarian <gnome@gnome.hu>\n"
+"Language: hu\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Poedit-Language: Hungarian\n"
+"X-Poedit-Country: HUNGARY\n"
+"X-Generator: KBabel 1.11.2\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Sikertelen helyfoglalás a beállítási infónak.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "beállítási hiba - ismeretlen '%s' elem (értesítsd a rendszergazdát)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Jelszó: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s jelszava: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Sikertelen helyfoglalás a beállítási infónak.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "%s elévülési információinak módosítása\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: A felhasználóneved megállapítása sikertelen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: %d. sor: nem találom e felhasználót: %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: a memória elfogyott\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: %s fájl nem frissíthető\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: érvénytelen saját könyvtár: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: figyelem: nem törölhető: "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: figyelem: nem törölhető: "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: átnevezés: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: figyelem: nem törölhető: "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: figyelem: nem törölhető: "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: %s fájl nem frissíthető\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: nem tudom frissíteni a \"shadow\" fájlt\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: átnevezés: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: %s fájl nem nyitható meg\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Figyelem: ismeretlen %s csoport\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Figyelem: túl sok csoport\n"
+
+msgid "Your password has expired."
+msgstr "A jelszó lejárt"
+
+msgid "Your password is inactive."
+msgstr "A jelszó inaktív"
+
+msgid "Your login has expired."
+msgstr "A bejelentkezés lejárt"
+
+msgid "  Contact the system administrator."
+msgstr "  Fordulj a rendszergazdához."
+
+msgid "  Choose a new password."
+msgstr "  Adj új jelszót"
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "A jelszó %ld nap múlva lejár.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Jelszavad már csak holnapig érvényes"
+
+msgid "Your password will expire today."
+msgstr "Jelszavad érvényessége ma lejár"
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Nem lehet a következő terminálra váltani: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: túl hosszú mezők\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Környezeti túlcsordulás\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Nem módosítható a következő: $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d hiba az utolsó bejelentkezés óta\n"
+"A legutóbbi: %s itt: %s\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "a postafiók tulajdonosának váltása sikertelen"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: nem kérhető le egyedi felhasználói azonosító\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: nem szerezhető be egyedi csoportazonosító\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: nem kérhető le egyedi felhasználói azonosító\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: nem kérhető le egyedi felhasználói azonosító\n"
+
+msgid "Too many logins.\n"
+msgstr "Túl sok bejelentkezés\n"
+
+msgid "You have new mail."
+msgstr "Új leveled érkezett"
+
+msgid "No mail."
+msgstr "Nincs leveled"
+
+msgid "You have mail."
+msgstr "Levelek kiolvasva"
+
+msgid "no change"
+msgstr "nem változott"
+
+msgid "a palindrome"
+msgstr "egy palindróma"
+
+msgid "case changes only"
+msgstr "csak változások esetén"
+
+msgid "too similar"
+msgstr "túl hasonló"
+
+msgid "too simple"
+msgstr "túl egyszerű"
+
+msgid "rotated"
+msgstr "fordított"
+
+msgid "too short"
+msgstr "túl rövid"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Rossz jelszó: %s."
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() sikertelen, hibakód: %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Jelszó módosítva."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: a jelszó sikeresen frissült\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Hibás jelszó ehhez: %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: érvénytelen otthoni telefonszám: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "nem lehet könyvtárat váltani ide: \"%s\"\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Ismeretlen könyvtár, bejelentkezés így: HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s nem futtatható"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Érvénytelen gyökérkönyvtár: \"%s\"\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Nem lehet a gyökérkönyvtárba váltani: \"%s\"\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Sikertelen tty név meghatározás."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "Nem\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Add meg az új értéket vagy üss ENTER-t az alapértelmezetthez"
+
+msgid "Minimum Password Age"
+msgstr "Minimum jelszó-kor"
+
+msgid "Maximum Password Age"
+msgstr "Maximum jelszó-kor"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Utolsó jelszóváltás (ÉÉÉÉ-HH-NN)"
+
+msgid "Password Expiration Warning"
+msgstr "Jelszó elévülési figyelmeztetés"
+
+msgid "Password Inactive"
+msgstr "Inaktív jelszó"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Hozzáférés elévülési dátum (ÉÉÉÉ-HH-NN)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Utolsó jelszóváltás\t\t\t\t\t: "
+
+msgid "never"
+msgstr "soha"
+
+msgid "password must be changed"
+msgstr "jelszóváltás kötelező"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Jelszó lejár\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Jelszó inaktív\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Hozzáférés lejár\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "A jelszómódosítások közti legkevesebb nap\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "A jelszómódosítások közti legtöbb nap\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "A jelszó lejárata előtt figyelmeztetés napok száma\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: érvénytelen dátum: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: érvénytelen numerikus argumentum: \"%s\"\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: ne add meg más jelzőkkel a \"l\"-t\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Hozzáférés megtagadva.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: A felhasználóneved megállapítása sikertelen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: fájlok zárolása sikertelen, próbáld később\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: %s fájl nem nyitható meg\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: hiba a következő indításakor: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: nincs meg az árnyék jelszófájl\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: %s felhasználó nem létezik\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "%s elévülési információinak módosítása\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: hiba a mezők módosításakor\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "TELJES Név"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Szobaszám"
+
+msgid "Work Phone"
+msgstr "Munkahelyi telefon"
+
+msgid "Home Phone"
+msgstr "Otthoni telefon"
+
+msgid "Other"
+msgstr "Egyéb"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Az ID nem cserélhető root-ra.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: érvénytelen név: \"%s\"\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: érvénytelen szobaszám: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: érvénytelen munkahelyi telefonszám: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: érvénytelen otthoni telefonszám: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: \"%s\" illegális karaktereket tartalmaz\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: \"%s\" illegális karaktereket tartalmaz\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: %s felhasználó nem létezik\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: `%s' felhasználó nem módosítható NIS kliensen.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: `%s' a NIS mester ehhez a klienshez.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "%s felhasználói információinak cseréje\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: túl hosszú mezők\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: -a kapcsoló CSAK -G-vel megy\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: %d. sor: túl hosszú\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: %d. sor: hiányzó új jelszó\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: %s csoport nem létezik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: %d. sor: nem tudom frissíteni a bejegyzést\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: hibákat észleltem, a változások elvetve\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: %s felhasználó nem létezik\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: %s felhasználó nem létezik\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Bejelentkező héj"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Nem módosíthatod %s parancsértelmezőjét.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Bejelentkező héj ehhez: %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Érvénytelen bejegyzés: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s érvénytelen héj.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: %s felhasználó nem létezik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: figyelem: %s tulajdonosa nem %s\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: váratlan argumentum: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Név         Hibás Maximális Legutóbbi                   Ezen\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds van hátra]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds zárolva]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Ismeretlen felhasználó: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "%s jelszava nem változtatható\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "%s jelszava nem változtatható\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: árnyék csoport jelszavak kellenek ehhez: -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: %s csoport nem létezik\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: hiba a következő indításakor: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "%s csoport jelszavának cseréje\n"
+
+msgid "New Password: "
+msgstr "Új jelszó: "
+
+msgid "Re-enter new password: "
+msgstr "Új jelszó ismét: "
+
+msgid "They don't match; try again"
+msgstr "Nem egyeznek; próbáld újra"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Próbáld később\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "%s felhasználó hozzáadása %s csoporthoz\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "%s felhasználó törlése %s csoportból\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: %s felhasználó nem létezik\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Nem tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s rossz csoport név\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "érvénytelen csoportnév: `%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K KULCS=ÉRTÉK párost kíván\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: %s csoport létezik\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "A tag már létezik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: A felhasználóneved megállapítása sikertelen\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: `%s' felhasználó nem módosítható NIS kliensen.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: %s csoport nem létezik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: a(z) \"%s\" csoport egy NIS csoport.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s a NIS mester\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: %s egy NIS felhasználó\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: elfogyott a memória az update_group során\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "érvénytelen csoportnév: `%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: %s egy NIS csoport\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: ismeretlen %s felhasználó\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s és -r inkompatibilisek\n"
+
+msgid "invalid group file entry"
+msgstr "érvénytelen csoport fájl bejegyzés"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "törlöd a következő sort: `%s'? "
+
+msgid "duplicate group entry"
+msgstr "dupla csoport bejegyzés"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "érvénytelen csoportnév: `%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "érvénytelen csoportnév: `%s'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "%s csoport: nincs %s felhasználó\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "törlöd a következő tagot: `%s'? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "nincs megfelelő csoportfájl bejegyzés a következőben: %s\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "hozzáadod a(z) %s csoportot a következőhöz: %s ?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "érvénytelen árnyék csoport fájl bejegyzés"
+
+msgid "duplicate shadow group entry"
+msgstr "dupla árnyék csoport bejegyzés"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "%s árnyék csoport: nincs %s adminisztratív felhasználó\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "törlöd az adminisztratív %s tagot? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "%s árnyék csoport: nincs %s felhasználó\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: fájlok frissítve\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: nincs változás\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: %s fájl nem frissíthető\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Használat: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Használat: id\n"
+
+msgid " groups="
+msgstr " csoportok="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr "Felhasználónév   Port     Innen            Legutóbb"
+
+msgid "Username                Port     Latest"
+msgstr "Felhasználónév          Port     Legutóbb"
+
+msgid "**Never logged in**"
+msgstr "**Sosem lépett be**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: a jelszófájl frissítése sikertelen\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Használat: %s [-p] [név]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h host] [-f név]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Érvénytelen bejelentkezési idő"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Rendszer lezárva rutin karbantartásra"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Leválasztás átlépve -- root bejelentkezés engedélyezett]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Nincs utmp bejegyzés.  Futtasd a \"login\"-t a legalacsonyabb szintű \"sh\"-"
+"ból."
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"A bejelentkezés %d mp. után elkésett\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM hiba, törölve: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s bejelentkezés: "
+
+msgid "login: "
+msgstr "bejelentkezés: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Próbálkozások megengedett száma átlépve (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: a PAM törlést kért\n"
+
+msgid "Login incorrect"
+msgstr "Hibás bejelentkezés"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: %d. sor: nem találom e felhasználót: %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s bejelentkezés: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: hiba a következő indításakor: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Figyelem: a bejelentkezés ismét lehetséges az átmeneti kizárás után."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Utolsó bejelentkezés: %s ide: %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Utolsó bejelentkezés: %.19s ide: %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " innen: %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"bejelentkezési idő átlépve\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Használat: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Használat: newgrp [-] [csoport]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Használat: sg csoport [[-c] parancs]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Régi jelszó: "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: hiba a következő indításakor: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: %s felhasználó nem létezik\n"
+
+msgid "too many groups\n"
+msgstr "túl sok csoport\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: %s csoport nem létezik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: érvénytelen '%s' felhasználónév\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: érvénytelen '%s' felhasználónév\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: %d. sor: érvénytelen sor\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: nem tudom frissíteni %s felhasználó bejegyzését\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: %d. sor: GID létrehozása sikertelen\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: %d. sor: GID létrehozása sikertelen\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: %s felhasználó nem létezik\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: %d. sor: jelszó frissítése sikertelen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: %d. sor: mkdir sikertelen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: %d. sor: chown sikertelen\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: %d. sor: nem tudom frissíteni a bejegyzést\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: %s létrehozása sikertelen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: nem tudom frissíteni a csoport fájlt\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Régi jelszó: "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Add meg az új jelszót (minimum %d, maximum %d karakter)\n"
+"Biztonság: kérlek használj vegyesen Nagy és kisbetűket és számokat.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Add meg az új jelszót (minimum %d, maximum %d karakter)\n"
+"Biztonság: kérlek használj vegyesen Nagy és kisbetűket és számokat.\n"
+
+msgid "New password: "
+msgstr "Új jelszó: "
+
+msgid "Try again."
+msgstr "Próbáld újra"
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Figyelem: Gyenge jelszó! (add meg újra, ha tényleg ezt akarod)."
+
+msgid "They don't match; try again.\n"
+msgstr "Nem egyeznek; próbáld újra\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "%s jelszava nem változtatható\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "%s jelszava nem változtatható\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: %s tár nem támogatott\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: %s jelszavát nem olvashatod és cserélheted.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "%s jelszavának cseréje\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s jelszava változatlan.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Jelszó módosítva."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Jelszó elévülési figyelmeztetés"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "Érvénytelen jelszófájl bejegyzés"
+
+msgid "duplicate password entry"
+msgstr "dupla jelszó bejegyzés"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "érvénytelen '%s' felhasználó név\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "érvénytelen '%s' felhasználó név\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "%s felhasználó: nincs %u csoport\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "%s felhasználó: %s könyvtár nem létezik\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "%s felhasználó: %s program nem létezik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: %s fájl nem zárolható\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "nincs megfelelő jelszófájl bejegyzés a következőben: %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "hozzáadja \"%s\" felhasználót a következőbe: %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "érvénytelen árnyék jelszófájl bejegyzés"
+
+msgid "duplicate shadow password entry"
+msgstr "dupla árnyék jelszó bejegyzés"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "%s felhasználó: az utolsó jelszómódosítás időpontja a jövőben van\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: %s fájl nem nyitható meg\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: nem tudom újraírni a fájlt\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "A su-zás e hozzáféréshez ELUTAS�TVA.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Jelszó hitelesítés átlépve.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Add meg SAJ�T jelszavad a hitelesítéshez.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: %s fájl nem zárolható\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+# CHECK!
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Használat: su [kapcsolók] [NÉV]\n"
+"\n"
+"Kapcsolók:\n"
+"  -c, --command PARANCS         a PARANCS átadása a meghívott héjnak\n"
+"  -h, --help                    kiírja e súgót és kilép\n"
+"  -, -l, --login                a héj bejelentkezési héjjá tétele\n"
+"  -m, -p,\n"
+"  --preserve-environment        nem állítja vissza a környezeti változókat\n"
+"                                és megtartja ugyanazt a héjat\n"
+"  -s, --shell HÉJ               a HÉJ használata a\n"
+"                                passwd-ben megadott alapértelmezett helyett\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(�tlépve)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Nem vagy jogosult ehhez: su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Add meg saját jelszavad)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: PAM hitelesítési hiba\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Nem vagy jogosult ehhez: su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Nincs 'root' jelszó bejegyzés"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: terminálból kell futnia\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: hiba: %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "%s nem futtatható"
+
+msgid "No password file"
+msgstr "Nincs jelszófájl"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Nincs 'root' jelszó bejegyzés"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Üsd le a control-d a szokásos indítás továbblépéséhez\n"
+"(vagy add meg a root jelszót a rendszer karbantartásához):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Belépés a rendszerkarbantartó módba"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: nem tudom létrehozni az új defaults fájlt\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: nem tudom megnyitni az új defaults fájlt\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: %d. sor: chown sikertelen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: átnevezés: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: a(z) \"%s\" csoport egy NIS csoport.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: túl sok csoport van megadva (max %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Használat: %s [bemenet]\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: érvénytelen alapkönyvtár: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: érvénytelen megjegyzés: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: érvénytelen saját könyvtár: \"%s\"\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: a -e árnyék jelszavakat vár\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: a -f árnyék jelszavakat vár\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: érvénytelen mező: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: érvénytelen parancsértelmező: \"%s\"\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+msgid "Creating mailbox file"
+msgstr "Postafiókfájl létrehozása"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"A \"mail\" csoport nem található. A felhasználó postafiókfájlja 0600 "
+"móddalkerül létrehozásra.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "A postafiókfájl jogosultságainak beállítása"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: %s felhasználó létezik\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: %s csoport létezik - ha e felhasználót e csoporthoz akarod adni, "
+"használd a -g-t.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: %s létrehozása sikertelen\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %u nem egyedi\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: %s létrehozása sikertelen\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: %s létrehozása sikertelen\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: %s létrehozása sikertelen\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: figyelem: a saját könyvtár már létezik.\n"
+"Nem másolok semmit bele a vázkönyvtárból.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: `%s' felhasználó nem módosítható NIS kliensen.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: Nem tudom %s csoportot törölni, ami egy másik felhasználó elsődleges "
+"csoportja.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: érvénytelen saját könyvtár: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: figyelem: nem törölhető: "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s tulajdonosa nem %s, nem törlöm\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: %s egy NIS felhasználó\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: érvénytelen saját könyvtár: \"%s\"\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: nem törlöm %s könyvtárat (%s saját könyvtára)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: hiba %s könyvtár törlésekor\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: %s felhasználó létezik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: érvénytelen dátum: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: érvénytelen dátum: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: %s fájl nem nyitható meg\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: -e és -f árnyék jelszavakat vár\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "A tag már létezik\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: %s könyvtár létezik\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: %s könyvtár nem hozható létre\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: figyelem: nem sikerült a régi %s saját könyvtár teljes törlése"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: nem tudom átnevezni %s könyvtárat erre: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: figyelem: %s tulajdonosa nem %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "a postafiók tulajdonosának váltása sikertelen"
+
+msgid "failed to rename mailbox"
+msgstr "a postafiók átnevezése sikertelen"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s is változatlan\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "a postafiók átnevezése sikertelen"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Nem tudtam zárolni a fájlt"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: a jogosultságok eldobása meghiúsult (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Nem tudtam zárolni a fájlt"
+
+msgid "Couldn't make backup"
+msgstr "Nem tudtam biztonsági másolatot készíteni"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s nem található a /etc/passwd-ben\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Csoport fájl megnyitása sikertelen\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: túl hosszú mezők\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "a postafiók átnevezése sikertelen"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "a postafiók tulajdonosának váltása sikertelen"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "a postafiók átnevezése sikertelen"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: nem tudom visszaállítani %s-t: %s (módosításaid itt vannak: %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: érvénytelen alapkönyvtár: \"%s\"\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Használat: %s [bemenet]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "Sikertelen malloc(%d)\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -d, --lastday LAST_DAY        set last password change to LAST_DAY\n"
+#~| "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --list                    show account aging information\n"
+#~| "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "  -W, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: chage [kapcsolók] [NÉV]\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ "  -d, --lastday UTOLSÓ_NAP         utolsó jelszómódosítás beállítása az\n"
+#~ "                                   UTOLSÓ_NAPRA\n"
+#~ "  -E, --expiredate LEJ�RATI_D�TUM  fiók lejárati dátumának beállítása a\n"
+#~ "                                   LEJ�RATI_D�TUMRA\n"
+#~ "  -h, --help                       ezen súgószöveg megjelenítése és "
+#~ "kilépés\n"
+#~ "  -I, --inactive INAKT�V           a jelszó inaktívvá tétele lejárat "
+#~ "után\n"
+#~ "                                   az INAKT�V értékre\n"
+#~ "  -l, --list                       fiókelévülési információk "
+#~ "megjelenítése\n"
+#~ "  -m, --mindays MIN_NAPOK          napok minimális számának beállítása\n"
+#~ "                                   jelszómódosítás előtt a MIN_NAPOK "
+#~ "értékre\n"
+#~ "  -M, --maxdays MAX_NAPOK          napok maximális számának beállítása\n"
+#~ "                                   jelszómódosítás előtt a MAX_NAPOK "
+#~ "értékre\n"
+#~ "  -W, --warndays FIGYELM_NAPOK     a lejáratra figyelmeztetés napjai\n"
+#~ "                                   számának beállítása FIGYELM_NAPOK-ra\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM hitelesítési hiba\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Használat: %s [-f TELJES_Név] [-r szobaszám] [-w munka_tel]\n"
+#~ "\t[-h otthoni_tel] [-o egyéb] [felhasználónév]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Használat: %s [-f TELJES_Név] [-r szobaszám] [-w munka_tel] \t[-h "
+#~ "otthoni_tel]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Használat: chpasswd [kapcsolók]\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ "  -e, --encrypted               a megadott jelszavak titkosítottak\n"
+#~ "  -h, --help                    ezen súgó megjelenítése és kilépés\n"
+#~ "  -m, --md5                     MD5 titkosítás használata DES helyett,ha "
+#~ "a\n"
+#~ "                                megadott jelszavak nem titkosítottak\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: chsh [kapcsolók] NÉV\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ "  -h, --help                    kiírja e súgót és kilép\n"
+#~ "  -s, --shell                   új bejelentkező héj a felhasználói "
+#~ "fiókhoz\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Használat: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: %s fájl nem nyitható meg\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Használat: groupdel csoport\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Használat: %s [-r] [-s] [csoport [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Használat: %s [-r] [-s] [csoport]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s és -r inkompatibilisek\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Használat: groupdel csoport\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Használat: groupdel csoport\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: lastlog [kapcsolók]\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ "  -b, --before NAP              csak a NAPOK számánál régebbi lastlog\n"
+#~ "                                rekordok megjelenítése\n"
+#~ "  -h, --help                    ezen súgószöveg megjelenítése és kilépés\n"
+#~ "  -t, --time NAP                csak a megadott NAPN�L újabb lastlog\n"
+#~ "                                rekordok kiírása\n"
+#~ "  -u, --user NÉV                a megadott NEVŰ felhasználó lastlog\n"
+#~ "                                rekordjainak kiírása\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: passwd [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     report password status on all accounts\n"
+#~| "  -d, --delete                  delete the password for the named "
+#~| "account\n"
+#~| "  -e, --expire                  force expire the password for the named "
+#~| "account\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -k, --keep-tokens             change password only if expired\n"
+#~| "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --lock                    lock the named account\n"
+#~| "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -r, --repository REPOSITORY   change password in REPOSITORY "
+#~| "repository\n"
+#~| "  -S, --status                  report password status on the named "
+#~| "account\n"
+#~| "  -u, --unlock                  unlock the named account\n"
+#~| "  -w, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "  -x, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: passwd [kapcsolók] [NÉV]\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ "  -a, --all                     jelszóállapot jelentés az összes fiókon\n"
+#~ "  -d, --delete                  a megadott fiók jelszavának törlése\n"
+#~ "  -e, --expire                  a megadott fiók jelszava lejáratának\n"
+#~ "                                kényszerítése\n"
+#~ "  -h, --help                    kiírja e súgót és kilép\n"
+#~ "  -k, --keep-tokens             a jelszót csak annak lejáratakor "
+#~ "módosítsa\n"
+#~ "  -i, --inactive INAKT�V        a jelszó inaktívvá tétele lejárat után\n"
+#~ "                                az INAKT�V értékre\n"
+#~ "  -l, --lock                    a megadott fiók zárolása\n"
+#~ "  -n, --mindays MIN_NAPOK       napok minimális számának beállítása\n"
+#~ "                                jelszómódosítás előtt a MIN_NAPOK "
+#~ "értékre\n"
+#~ "  -q, --quiet                   csendes mód\n"
+#~ "  -r, --repository LERAKAT      jelszó módosítása a LERAKAT lerakatban\n"
+#~ "  -S, --status                  jelentés a megadott fiók "
+#~ "jelszóállapotáról\n"
+#~ "  -u, --unlock                  a megadott fiók zárolásának feloldása\n"
+#~ "  -w, --warndays FIGYELEM_NAPOK a lejáratra figyelmeztetés napjai "
+#~ "számának\n"
+#~ "  -x, --maxdays MAX_NAPOK       napok maximális számának beállítása\n"
+#~ "                                jelszómódosítás előtt a MAX_NAPOK "
+#~ "értékre\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Használat: %s [-q] [-r] [-s] [jelszó [árnyék]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Használat: %s [-q] [-r] [-s] [jelszó [árnyék]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Használat: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Használat: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Ismeretlen azonosító: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Nincs héj\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: userdel [kapcsolók] NÉV\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ "  -f, --force                   fájlok eltávolításának kényszerítése, "
+#~ "még\n"
+#~ "                                ha nem a felhasználó a tulajdonos is\n"
+#~ "  -h, --help                    ezen súgószöveg megjelenítése és kilépés\n"
+#~ "  -r, --remove                  saját könyvtár és levelezési sor "
+#~ "eltávolítása\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: %s felhasználó most be van jelentkezve\n"
+
+# FIXME
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Használat: usermod [kapcsolók] NÉV\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ "  -a, --append                     felhasználó adása a kiegészítő "
+#~ "CSOPORTHOZ\n"
+#~ "                                   (csak -G-vel használd)\n"
+#~ "  -c, --comment MEGJEGYZÉS         a GECOS mező új értéke\n"
+#~ "  -d, --home SAJ�T_KVT             új bejelentkezési könyvtár az új\n"
+#~ "                                   felhasználói\n"
+#~ "  -e, --expiredate LEJ�RATI_D�TUM  fiók lejárati dátumának beállítása a\n"
+#~ "                                   LEJ�RATI_D�TUMRA\n"
+#~ "  -f, --inactive INAKT�V           a jelszó inaktívvá tétele lejárat "
+#~ "után\n"
+#~ "                                   az INAKT�V értékre\n"
+#~ "  -g, --gid CSOPORT                a CSOPORT használatának kényszerítése\n"
+#~ "                                   az új felhasználói fiókhoz\n"
+#~ "  -G, --groups CSOPORTOK           kiegészítő csoportok felsorolása az "
+#~ "új\n"
+#~ "                                   felhasználói fiókhoz\n"
+#~ "  -h, --help                       ezen súgószöveg megjelenítése és "
+#~ "kilépés\n"
+#~ "  -l, --login NÉV                  a bejelentkezési név új értéke\n"
+#~ "  -L, --lock                       a megadott fiók zárolása\n"
+#~ "  -m, --move-home                  a saját könyvtár tartalmának "
+#~ "áthelyezése az\n"
+#~ "                                   új helyre (csak a -d kapcsolóval "
+#~ "használd)\n"
+#~ "  -o, --non-unique                 engedélyezi a csoport létrehozását "
+#~ "többször\n"
+#~ "                                   szereplő (nem egyedi) GID értékkel\n"
+#~ "  -p, --password JELSZÓ            az új jelszó titkosított\n"
+#~ "  -s, --shell PARANCSÉRTELMEZ�     a PARANCSÉRTELMEZ� használata a\n"
+#~ "                                   passwd-ben megadott alapértelmezett "
+#~ "helyett\n"
+#~ "  -u, --uid UID                    új UID a felhasználó fiókjához\n"
+#~ "  -U, --unlock                     a felhasználói fiók zárolásának "
+#~ "feloldása\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: nincs kapcsoló megadva\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: vipw [kapcsolók]\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ "  -g, --group                   csoportadatbázis szerkesztése\n"
+#~ "  -h, --help                    ezen súgószöveg megjelenítése\n"
+#~ "  -p, --passwd                  a passwd adatbázis szerkesztése\n"
+#~ "  -q, --quiet                   csendes mód\n"
+#~ "  -s, --shadow                  a shadow vagy gshadow adatbázis "
+#~ "szerkesztése\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Használat: %s [bemenet]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: %s létrehozása sikertelen\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: chown %s sikertelen\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     display faillog records for all users\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --lock-time SEC           after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| "  -m, --maximum MAX             set maximum failed login counters to "
+#~| "MAX\n"
+#~| "  -r, --reset                   reset the counters of login failures\n"
+#~| "  -t, --time DAYS               display faillog records more recent than "
+#~| "DAYS\n"
+#~| "  -u, --user LOGIN              display faillog record or maintains "
+#~| "failure\n"
+#~| "                                counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| "                                options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: faillog [kapcsolók]\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ "  -a, --all                     az összes felhasználó faillog "
+#~ "bejegyzésének\n"
+#~ "                                megjelenítése\n"
+#~ "  -h, --help                    ezen súgószöveg megjelenítése és kilépés\n"
+#~ "  -l, --lock-time MP            a sikertelen bejelentkezés után a fiók\n"
+#~ "                                zárolása MP másodpercre\n"
+#~ "  -m, --maximum MAX             a sikertelen bejelentkezések "
+#~ "számlálójának\n"
+#~ "                                beállítása a MAX értékre\n"
+#~ "  -r, --reset                   a bejelentkezési hibák számának "
+#~ "visszaállítása\n"
+#~ "  -t, --time NAPOK              az adott NAPOK számánál régebbi faillog\n"
+#~ "                                rekordok megjelenítése\n"
+#~ "  -u, --user NÉV                faillog rekord megjelenítése, vagy csak\n"
+#~ "                                (ha a -r, -m vagy -l kapcsolókkal "
+#~ "használja) a\n"
+#~ "                                NÉV bejelentkezési nevű felhasználó "
+#~ "számára\n"
+#~ "                                karbantartja a hibaszámlálókat és "
+#~ "értékeket.\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: groupadd [kapcsolók] CSOPORT\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ "  -f, --force                   kilépés kényszerítése sikeres "
+#~ "állapottal,\n"
+#~ "                                ha a megadott csoport már létezik\n"
+#~ "  -g, --gid GID                 a GID használata az új csoporthoz\n"
+#~ "  -h, --help                    kiírja e súgót és kilép\n"
+#~ "  -K, --key KULCS=ÉRTÉK         felülbírálja az /etc/login.defs\n"
+#~ "                                alapértelmezéseit\n"
+#~ "  -o, --non-unique              engedélyezi a csoport létrehozását "
+#~ "többször\n"
+#~ "                                szereplő (nem egyedi) GID értékkel\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: groupmod [kapcsolók] CSOPORT\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ "  -g, --gid GID                 a GID használata az új csoporthoz\n"
+#~ "  -h, --help                    kiírja e súgót és kilép\n"
+#~ "  -n, --new-name Új_CSOPORT     a CSOPORTot az ÚJ_CSOPORT névre bírja\n"
+#~ "  -o, --non-unique              engedélyezi a CSOPORT létrehozását "
+#~ "többször\n"
+#~ "                                szereplő (nem egyedi) GID értékkel\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Használat: useradd [kapcsolók] NÉV\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ "  -b, --base-dir ALAP_KVT          az új felhasználói fiók saját\n"
+#~ "                                   könyvtárának alapkönyvtára\n"
+#~ "  -c, --comment MEGJEGYZÉS         az új felhasználói fiók GECOS "
+#~ "mezőjének\n"
+#~ "                                   beállítása\n"
+#~ "  -d, --home-dir SAJ�T_KVT         az új felhasználói fiók saját "
+#~ "könyvtára\n"
+#~ "  -D, --defaults                   az alapértelmezett useradd "
+#~ "beállítások\n"
+#~ "                                   kiírása vagy mentése\n"
+#~ "  -e, --expiredate LEJ�RATI_D�TUM  a fiók lejárati dátumának beállítása\n"
+#~ "  -f, --inactive INAKT�V           a jelszó inaktívvá tétele lejárat "
+#~ "után\n"
+#~ "                                   az INAKT�V értékre\n"
+#~ "  -g, --gid CSOPORT                a CSOPORT használatának kényszerítése\n"
+#~ "                                   az új felhasználói fiókhoz\n"
+#~ "  -G, --groups CSOPORTOK           kiegészítő csoportok felsorolása az "
+#~ "új\n"
+#~ "                                   felhasználói fiókhoz\n"
+#~ "  -h, --help                       ezen súgószöveg megjelenítése és "
+#~ "kilépés\n"
+#~ "  -k, --skel V�Z_KVT               alternatív vázkönyvtár megadása\n"
+#~ "  -K, --key KULCS=ÉRTÉK            felülbírálja az /etc/login.defs\n"
+#~ "                                   alapértelmezéseit\n"
+#~ "  -m, --create-home                az új felhasználói fiók saját\n"
+#~ "                                   könyvtárának létrehozása\n"
+#~ "  -o, --non-unique                 engedélyezi a csoport létrehozását "
+#~ "többször\n"
+#~ "                                   szereplő (nem egyedi) GID értékkel\n"
+#~ "  -p, --password JELSZÓ            titkosított jelszó használata az új\n"
+#~ "                                   felhasználói fiókhoz\n"
+#~ "  -s, --shell PARANCSÉRTELMEZ�     a bejelentkezési parancsértelmező az\n"
+#~ "                                   új felhasználói fiókhoz\n"
+#~ "  -u, --uid UID                    az UID használatának kényszerítése az "
+#~ "új\n"
+#~ "                                   felhasználói fiókhoz\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Jelszó lejárata beállítva."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: nem tudom zárolni a jelszófájlt\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: a jelszófájl nem nyitható meg\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: az árnyék jelszófájl zárolása sikertelen\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: az árnyék jelszófájl megnyitása sikertelen\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: az árnyék jelszófájl újraírása sikertelen\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: a jelszófájl újraírása sikertelen\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: az árnyék jelszófájl frissítése sikertelen\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tTELJES Név: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tSzobaszám: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tMunkahelyi telefon: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tOtthoni telefon: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Nem zárolható a jelszófájl; próbáld később\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "A jelszófájl nem nyitható meg.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Hiba a jelszó bejegyzés frissítésekor\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Nem tudom megtenni a jelszófájl módosításokat.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Nem tudom feloldani a jelszófájl zárolását.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: nem tudom lezárni a 'group' fájlt\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: nem tudom megnyitni a 'group' fájlt\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: nem tudom lezárni a 'gshadow' fájlt\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: nem tudom megnyitni a 'gshadow' fájlt\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: hiba az árnyék fájl frissítésekor\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: Hiba a csoport bejegyzés frissítésekor\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: %d.: ismeretlen %s csoport\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: %d. sor: nem tudom frissíteni a bejegyzést\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: nem tudom zárolni az árnyék fájlt\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: hiba az árnyék fájl frissítésekor\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: hiba a jelszófájl frissítésekor\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: %d. sor: ismeretlen %s felhasználó\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: %d. sor: a jelszó bejegyzés nem frissíthető\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: ismeretlen felhasználó\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Ismeretlen felhasználó: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Használat: %s [-r|-R] group\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "       %s [-a felhasználó] csoport\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "       %s [-d felhasználó] csoport\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "       %s [-A felhasználó,...] [-M felhasználó,...] csoport\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "       %s [-M felhasználó,...] csoport\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: nem szerezhető zár\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: nem szerezhető árnyékzár\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: nem tudom megnyitni a fájlt\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: nem tudom újraírni az árnyék fájlt\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: nem tudom feloldani a fájlt\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: nem tudom frissíteni a bejegyzést\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: nem tudom frissíteni az árnyék bejegyzést\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "ismeretlen csoport: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: nem tudom megnyitni a fájlt\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: nem tudom megnyitni a 'gshadow' fájlt\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Ki vagy?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: ismeretlen %s tag\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: hiba az új csoport bejegyzés hozzáadásakor\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: nem tudom újraírni a csoport fájlt\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: nem tudom újraírni az árnyék csoport fájlt\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: nem tudom zárolni a csoport fájlt\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: nem tudom megnyitni a csoport fájlt\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: nem tudom zárolni az árnyék csoport fájlt\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: nem tudom megnyitni az árnyék csoport fájlt\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: %u GID nem egyedi\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: nem tudom törölni a csoport bejegyzést\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: nem tudom törölni az árnyék csoport bejegyzést\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: nem tudom törölni a felhasználó elsődleges csoportját\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Az eltávolítandó tag nem található\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Használat: groupmems -a felhasználónév | -d felhasználónév | -D | -l [-g "
+#~ "csoportnév]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Csak a root adhat tagokat különböző csoportokhoz\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Csoport hozzáférés kell\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Nem a jelen csoport elsődleges tulajdonosa\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "PAM hitelesítési hiba ehhez:\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Csoport fájl zárolása sikertelen\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Csoport fájl bezárása sikertelen\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s nincs a /etc/group-ban\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u nem egyedi GID\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s nem egyedi név\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: nem tudom újraírni a jelszófájlt\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: nem tudom zárolni a jelszófájlt\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: nem tudom megnyitni a jelszófájlt\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: nem tudom frissíteni %s árnyék bejegyzését\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: nem tudom frissíteni %s csoport bejegyzését\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: nem tudom zárolni az árnyék csoport fájlt\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: nem tudom megnyitni az árnyék csoport fájlt\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: nem tudom törölni %s árnyék csoportot\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: nem tudom frissíteni az árnyék csoport fájlt\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: nem tudom törölni az árnyék csoport fájlt\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "ismeretlen UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "ismeretlen GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: %s csoport nem létezik\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: %s felhasználó nem létezik\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: érvénytelen '%s' felhasználónév\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: nem tudom zárolni a /etc/passwd fájlt.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: nem tudom zárolni a /etc/passwd fájlt.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: nem tudom zárolni a /etc/passwd fájlt.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: nem tudom zárolni a /etc/passwd fájlt.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: fájlok megnyitása sikertelen\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: hiba a fájlok frissítésekor\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: nem tudom frissíteni %s jelszó bejegyzését\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: nem tudom lezárni a passwd fájlt\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: nem tudom megnyitni a passwd fájlt\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: nem tudom törölni %s árnyék bejegyzését\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: nem tudom frissíteni a \"passwd\" fájlt\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: nem tudom frissíteni %s felhasználó bejegyzését\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: nem tudom törülni az árnyék jelszófájlt\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: ismeretlen %s GID\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: ismeretlen %s csoport\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: elfogyott a memória az update_gshadow során\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: nem tudom újraírni a jelszófájlt\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: nem tudom újraírni az árnyék jelszófájlt\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: nem tudom zárolni az árnyék jelszófájlt\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: nem tudom megnyitni az árnyék jelszófájlt\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: hiba a csoportfájl zárolásakor\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: hiba a csoportfájl megnyitásakor\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: hiba az árnyék csoportfájl zárolásakor\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: hiba az árnyék csoportfájl megnyitásakor\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: hiba az új jelszó bejegyzés hozzáadásakor\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: hiba az új árnyék jelszó bejegyzés hozzáadásakor\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: figyelem: a CREATE_HOME nem támogatott, használd a -m-et helyette.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: Hiba a csoport bejegyzés frissítésekor\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: Hiba a csoport bejegyzés frissítésekor\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: nem tudom megnyitni a csoport fájlt\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: nem tudom megnyitni az árnyék csoport fájlt\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: hiba a jelszó bejegyzés törlésekor\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: hiba az árnyék jelszó bejegyzés törlésekor\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: hiba az új csoport bejegyzés hozzáadásakor\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu nem egyedi\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: hiba a jelszó bejegyzés cseréjekor\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: hiba a jelszó bejegyzés törlésekor\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: hiba az árnyék jelszó bejegyzés törlésekor\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: nem szerezhető be egyedi csoportazonosító\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " erre: `%.100s' erről: `%.200s'"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " erre: `%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: %d. sor: UID létrehozása sikertelen\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: %s név nem egyedi\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Használat: chgpasswd [kapcsolók]\n"
+#~ "\n"
+#~ "Kapcsolók:\n"
+#~ "  -e, --encrypted\ta megadott jelszavak titkosítottak\n"
+#~ "  -h, --help\t\tezen súgó megjelenítése és kilépés\n"
+#~ "  -m, --md5\t\tMD5 titkosítás használata DES helyett,ha a megadott\n"
+#~ "\t\t\tjelszavak nem titkosítottak\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Nincs jelszófájl\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Bocs.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Bocsi, %s jelszava még nem változtatható...\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Bocs."
diff --git a/po/id.po b/po/id.po
new file mode 100644
index 0000000..8aae75e
--- /dev/null
+++ b/po/id.po
@@ -0,0 +1,3510 @@
+# Terjemahan Bahasa Indonesia: shadow
+# Parlin Imanuel Toh <parlin@ui.edu>, 2004.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.15\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2007-11-25 20:58+0100\n"
+"Last-Translator: Parlin Imanuel Toh <parlin_i@yahoo.com>\n"
+"Language-Team: Debian Indonesia <debid@yahoogroups.com>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Tidak dapat mengalokasikan ruang untuk informasi konfigurasi.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"Kesalahan konfigurasi - item tidak dikenal '%s' (beritahu administrator)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Kata sandi:"
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Kata sandi dari %s:"
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Tidak dapat mengalokasikan ruang untuk informasi konfigurasi.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Mengubah informasi umur akun untuk %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Tidak dapat menentukan nama pengguna anda.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: baris %d: tak menemukan pengguna %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: kehabisan memori\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: tidak dapat memperbaharui berkas %s\n"
+
+#, fuzzy, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: direktori rumah `%s' tak sah\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: perhatian: tak dapat menghapus "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: perhatian: tak dapat menghapus "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: ubah nama: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: perhatian: tak dapat menghapus "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: perhatian: tak dapat menghapus "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: tidak dapat memperbaharui berkas %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: tak dapat memperbaharui berkas shadow\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: ubah nama: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: tidak dapat membuka berkas %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Peringatan: grup tidak dikenal %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Peringatan: terlalu banyak grup\n"
+
+msgid "Your password has expired."
+msgstr "Kata sandi anda telah kadaluarsa."
+
+msgid "Your password is inactive."
+msgstr "Kata sandi anda tidak aktif."
+
+msgid "Your login has expired."
+msgstr "Login anda telah kadaluarsa."
+
+msgid "  Contact the system administrator."
+msgstr "  Hubungi administrator sistem."
+
+msgid "  Choose a new password."
+msgstr "  Pilih sebuah kata sandi baru."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Kata sandi anda akan kadaluarsa dalam %ld hari.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Kata sandi anda akan kadaluarsa besok."
+
+msgid "Your password will expire today."
+msgstr "Kata sandi anda akan kadaluarsa hari ini."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Tidak dapat mengubah tts %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: ruas terlalu panjang\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Lingkungan overflow\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Anda tidak boleh mengubah $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d sejak login terakhir.\n"
+"Terakhir %s pada %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "gagal mengganti pemilik kotak-surat"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: tidak bisa mendapatkan UID yang unik\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: tak mampu mendapatkan GID yang unik\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: tidak bisa mendapatkan UID yang unik\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: tidak bisa mendapatkan UID yang unik\n"
+
+msgid "Too many logins.\n"
+msgstr "Terlalu banyak login.\n"
+
+msgid "You have new mail."
+msgstr "Anda memiliki surat baru."
+
+msgid "No mail."
+msgstr "Tidak ada surat."
+
+msgid "You have mail."
+msgstr "Anda memiliki surat."
+
+msgid "no change"
+msgstr "tak ada perubahan"
+
+msgid "a palindrome"
+msgstr "sebuah palindrom"
+
+msgid "case changes only"
+msgstr "hanya perubahan huruf besar/kecil"
+
+msgid "too similar"
+msgstr "terlalu mirip"
+
+msgid "too simple"
+msgstr "terlalu sederhana"
+
+msgid "rotated"
+msgstr "pernah dipakai"
+
+msgid "too short"
+msgstr "terlalu pendek"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Kata sandi buruk: %s."
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() gagal, kesalahan nomor %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Password telah diubah."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: kata sandi diperbaharui dengan sukses\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Kata sandi tidak tepat untuk %s\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: telepon rumah tidak sah: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Tidak dapat cd ke \"%s\"\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Tidak terdapat direktori, masuk dengan HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Tidak dapat menjalankan %s"
+
+#, fuzzy, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Direktori root tidak sah \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Tidak dapat mengubah direktori root ke \"%s\"\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Tak dapat menentukan nama tty anda."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "Tidak\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Masukkan nilai baru atau tekan ENTER untuk nilai bawaan"
+
+msgid "Minimum Password Age"
+msgstr "Umur Kata Sandi Minimal"
+
+msgid "Maximum Password Age"
+msgstr "Umur Kata Sandi Maksimal"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Penggantian Kata Sandi Terakhir (TTTT-MM-HH)"
+
+msgid "Password Expiration Warning"
+msgstr "Peringatan Kadaluarsanya Kata Sandi"
+
+msgid "Password Inactive"
+msgstr "Kata Sandi Tak-aktif"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Waktu Kadaluarsa Akun (TTTT-MM-HH)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Penggantian kata sandi terakhir\t\t\t\t\t: "
+
+msgid "never"
+msgstr "tak pernah"
+
+msgid "password must be changed"
+msgstr "password mesti diubah"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Kata sandi kadaluarsa\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Kata sandi tak aktif\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Akun kadaluarsa\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Jumlah hari minimum antara penggantian password\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Jumlah hari maksimum antara penggantian password\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Jumlah hari pemberian peringatan sebelum kadaluarsa\t: %ld\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: tanggal `%s' tak sah\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: argumen numerik tak sah `%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: jangan gabungkan \"l\" dengan flag lain\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: ijin ditolak.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Tidak dapat menentukan nama pengguna anda.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: tidak dapat mengunci berkas-berkas, coba lagi nanti\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: tidak dapat membuka berkas %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: gagal membuat proses: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: tak terdapat berkas kata sandi bayangan\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: pengguna %s tak ada\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Mengubah informasi umur akun untuk %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: kesalahan saat mengubah ruas-ruas isian\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Nama Lengkap"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Nomor Ruangan"
+
+msgid "Work Phone"
+msgstr "Telepon Kantor"
+
+msgid "Home Phone"
+msgstr "Telepon Rumah"
+
+msgid "Other"
+msgstr "Lain-lain"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Tidak dapat mengubah ID menjadi root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: nama tidak sah: \"%s\"\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: nomor ruang tidak sah: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: telepon kantor tidak sah: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: telepon rumah tidak sah: \"%s\"\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: \"%s\" berisi karakter-karakter ilegal\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: \"%s\" berisi karakter-karakter ilegal\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: pengguna %s tak ada\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: tidak dapat mengubah pengguna '%s' pada klien NIS.\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: `%s' merupakan master NIS untuk klien ini.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Mengubah informasi pengguna dari %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: ruas terlalu panjang\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: -a hanya diperbolehkan dengan -G\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: baris %d: baris terlalu panjang\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: baris %d: kata sandi baru hilang\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: grup %s tidak ada\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: baris %d: tak dapat memperbaharui entri\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: kesalahan terdeteksi, perubahan diabaikan\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: pengguna %s tak ada\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: pengguna %s tak ada\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Login Shell"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Anda tidak boleh mengubah shell untuk %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Mengubah login shell untuk %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Entri tidak sah: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s merupakan shell yang tidak sah.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: pengguna %s tak ada\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: perhatian %s tak dimiliki oleh %s\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: argumen tak terduga: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Login       Gagal    Maks.   Terakhir                 Pada\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds tersisa]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds terkunci]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Pengguna tak dikenal: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Kata sandi untuk %s tidak dapat diganti.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "Kata sandi untuk %s tidak dapat diganti.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: kata sandi bayangan grup diperlukan untuk -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: grup %s tidak ada\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: gagal membuat proses: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Mengubah kata sandi untuk grup %s\n"
+
+msgid "New Password: "
+msgstr "Kata sandi baru: "
+
+msgid "Re-enter new password: "
+msgstr "Masukkan lagi kata sandi baru: "
+
+msgid "They don't match; try again"
+msgstr "Kedua kata sandi tidak identik; coba lagi"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Coba lagi nanti\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Menambahkan pengguna %s ke grup %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Mengeluarkan pengguna %s dari grup %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: pengguna %s tak ada\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Bukan sebuah tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: nama grup %s tidak sah\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "nama grup `%s' tidak sah\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K memerlukan NAMA=NILAI\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: grup %s telah ada\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Tidak dapat menentukan nama pengguna anda.\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: tidak dapat mengubah pengguna '%s' pada klien NIS.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: grup %s tidak ada\n"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: grup `%s' merupakan grup NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s merupakan master NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: pengguna %s merupakan pengguna NIS\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: kehabisan memori saat update_group\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "nama grup `%s' tidak sah\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: grup %s merupakan sebuah grup NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: pengguna %s tak dikenal\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s dan -r tidak kompatible\n"
+
+msgid "invalid group file entry"
+msgstr "entri berkas grup tidak sah"
+
+#, fuzzy, c-format
+msgid "delete line '%s'? "
+msgstr "hapus baris `%s'? "
+
+msgid "duplicate group entry"
+msgstr "entri grup berulang"
+
+#, fuzzy, c-format
+msgid "invalid group name '%s'\n"
+msgstr "nama grup `%s' tidak sah\n"
+
+#, fuzzy, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "nama grup `%s' tidak sah\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grup %s: tak ada pengguna %s\n"
+
+#, fuzzy, c-format
+msgid "delete member '%s'? "
+msgstr "hapus anggota `%s'? "
+
+#, fuzzy, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "entri tidak ditemukan pada berkas grup\n"
+
+#, fuzzy, c-format
+msgid "add group '%s' in %s? "
+msgstr "grup bayangan %s: tak ada pengguna %s\n"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "entri berkas grup bayangan tidak sah"
+
+msgid "duplicate shadow group entry"
+msgstr "entri grup bayangan berulang"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "grup bayangan %s: tak ada pengguna administratif %s\n"
+
+#, fuzzy, c-format
+msgid "delete administrative member '%s'? "
+msgstr "hapus anggota administratif `%s'? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "grup bayangan %s: tak ada pengguna %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: berkas-berkas telah diperbaharui\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: tak ada perubahan\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: tidak dapat memperbaharui berkas %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Penggunaan: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Penggunaan: id\n"
+
+msgid " groups="
+msgstr " grup="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr "Nama pengguna    Port     Dari             Terakhir"
+
+msgid "Username                Port     Latest"
+msgstr "Nama pengguna           Port     Terakhir"
+
+msgid "**Never logged in**"
+msgstr "**Tak pernah log in**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: tidak dapat memperbaharui berkas kata sandi\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Penggunaan: %s [-p] [nama]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "            %s [-p] [-h host] [-f nama]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "            %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Waktu login tidak sah"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistem ditutup untuk pengelolaan rutin"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Pemutusan hubungan diabaikan -- login root diperbolehkan.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Tanpa entri utmp. Anda mesti menjalankan \"login\" dari level terendah \"sh\""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Login time out setelah %d detik.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: Kegagalan PAM, berhenti: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Jumlah pengulangan maksimum terlampaui (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: penghentian diminta oleh PAM\n"
+
+msgid "Login incorrect"
+msgstr "Login tidak tepat"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: baris %d: tak menemukan pengguna %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: gagal membuat proses: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Perhatian: login dibolehkan setelah penguncian sementara."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Login terakhir: %s pada %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Login terakhir: %.19s pada %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " dari %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"waktu login telah berlebihan\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Penggunaan: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Penggunaan: newgrp [-] [grup]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Penggunaan: sg grup [[-c] perintah]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Kata sandi lama: "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: gagal membuat proses: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: pengguna %s tak ada\n"
+
+msgid "too many groups\n"
+msgstr "terlalu banyak grup\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: grup %s tidak ada\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: nama pengguna `%s' tak sah\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: nama pengguna `%s' tak sah\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: baris %d: baris tidak sah\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: tak dapat memperbaharui entri untuk pengguna %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: baris %d: tak dapat membuat GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: baris %d: tak dapat membuat GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: pengguna %s tak ada\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: baris %d: tak dapat memperbaharui kata sandi\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: baris %d: mkdir gagal\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: baris %d: chown gagal\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: baris %d: tak dapat memperbaharui entri\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: tak dapat membuat %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: tidak dapat memperbaharui berkas grup\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Kata sandi lama: "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Masukkan password baru (minimim %d, maksimum %d karakter)\n"
+"Mohon gunakan kombinasi huruf besar, huruf kecil dan angka.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Masukkan password baru (minimim %d, maksimum %d karakter)\n"
+"Mohon gunakan kombinasi huruf besar, huruf kecil dan angka.\n"
+
+msgid "New password: "
+msgstr "kata sandi baru: "
+
+msgid "Try again."
+msgstr "Coba lagi."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Kata sandi lemah (masukkan lagi untuk tetap menggunakannya)."
+
+msgid "They don't match; try again.\n"
+msgstr "Kata sandi tidak sama; coba lagi.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Kata sandi untuk %s tidak dapat diganti.\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Kata sandi untuk %s tidak dapat diganti.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: repositori %s tidak didukung\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Anda tak boleh melihat atau mengubah info kata sandi untuk %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Mengganti kata sandi untuk %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Kata sandi untuk %s tidak diubah.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Password telah diubah."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Peringatan Kadaluarsanya Kata Sandi"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "entri kata sandi tak sah"
+
+msgid "duplicate password entry"
+msgstr "entri kata sandi berduplikat"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "nama pengguna tak sah '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "nama pengguna tak sah '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "pengguna %s: tak ada grup %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "pengguna %s: tak terdapat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "pengguna %s: tak terdapat program %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: tidak dapat mengunci berkas %s\n"
+
+#, fuzzy, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "tak terdapat entri kata sandi yang cocok\n"
+
+#, fuzzy, c-format
+msgid "add user '%s' in %s? "
+msgstr "grup bayangan %s: tak ada pengguna %s\n"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "entri kata sandi bayangan tak sah"
+
+msgid "duplicate shadow password entry"
+msgstr "entri kata sandi bayangan terduplikasi"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "pengguna %s: pergantian kata sandi terakhir terjadi dimasa depan\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: tidak dapat membuka berkas %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: tidak dapat menuliskan kembali berkas\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Akses su untuk account itu DITOLAK.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Otentikasi kata sandi diabaikan.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Silakan masukkan kata sandi anda SENDIRI sebagai otentikasi.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: tidak dapat mengunci berkas %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Penggunaan: su [pilihan-pilihan] [login]\n"
+"\n"
+"Pilihan-pilihan:\n"
+"  -c, --command PERINTAH        berikan PERINTAH yang akan diberikan\n"
+"                                pada shell\n"
+"  -h, --help                    tampilkan pesan bantuan ini dan keluar\n"
+"  -, -l, --login                buat shell menjadi shell login\n"
+"  -m, -p,\n"
+"  --preserve-environment        jangan reset  variabel lingkungan, dan\n"
+"                                pertahankan shell yang sama\n"
+"  -s, --shell SHELL             gunakan shell SHELL daripada bawaan\n"
+"                                di passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Diabaikan)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Anda tak diperbolehkan untuk su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Masukkan kata sandi anda sendiri)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: Otentikasi PAM gagal\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Anda tak diperbolehkan untuk su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Tak ada entri kata sandi untuk 'root'"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: mesti dijalankan dari sebuah terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: kesalahan %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Tidak dapat menjalankan %s"
+
+msgid "No password file"
+msgstr "Tak ada berkas kata sandi"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Tak ada entri kata sandi untuk 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Ketikkan control-d untuk melanjutkan startup normal,\n"
+"(atau berikan kata sandi root untuk pengelolaan sistem):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Memasuki Mode Pengelolaan Sistem"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: tak dapat membuat berkas-berkas bawaan yang baru\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: tak dapat membuka berkas-berkas bawaan yang baru\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: baris %d: chown gagal\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: ubah nama: %s"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: grup `%s' merupakan grup NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: grup yang diberikan terlalu banyak (maks %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Penggunaan: %s [input]\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: direktori awal `%s' tak sah\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: komentar `%s' tak sah\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: direktori rumah `%s' tak sah\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: kata sandi bayangan dibutuhkan untuk -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: kata sandi banyangan diperlukan untuk -f\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: ruas `%s' tak sah\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: shell `%s' tak sah\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+msgid "Creating mailbox file"
+msgstr ""
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+
+msgid "Setting mailbox file permissions"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: pengguna %s telah ada\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: grup %s telah ada - jika ingin menambah pengguna ke grup itu, pakai -g.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: tak dapat membuat %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %u tidak unik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: tak dapat membuat %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: tak dapat membuat %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: tak dapat membuat %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: perhatian: direktori rumah telah ada.\n"
+"Tak menyalin berkas apapun dari direktori skel ke situ.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: tidak dapat mengubah pengguna '%s' pada klien NIS.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: tidak dapat menghapus grup %s yg merupakan grup utama dari pengguna "
+"lain.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, fuzzy, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: direktori rumah `%s' tak sah\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: perhatian: tak dapat menghapus "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s tak dimiliki oleh %s, tidak menghapus\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: pengguna %s merupakan pengguna NIS\n"
+
+#, fuzzy, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: direktori rumah `%s' tak sah\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: tak menghapus dir %s (karena akan menghapus rumah dari %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: kesalahan saat menghapus direktori %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: pengguna %s telah ada\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: tanggal `%s' tak sah\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: tanggal `%s' tak sah\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: tidak dapat membuka berkas %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: diperlukan kata sandi bayangan untuk -e dan -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: direktori %s telah ada\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: tak dapat membuat direktori %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: perhatian: gagal menghapus direktori rumah lama %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: tak dapat mengubah nama direktori %s menjadi %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: perhatian %s tak dimiliki oleh %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "gagal mengganti pemilik kotak-surat"
+
+msgid "failed to rename mailbox"
+msgstr "gagal mengubah nama kotak-surat"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s tidak berubah\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "gagal mengubah nama kotak-surat"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Tidak dapat mengunci berkas"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: gagal membuang hak (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Tidak dapat mengunci berkas"
+
+msgid "Couldn't make backup"
+msgstr "Tidak dapat membuat backup"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s tidak ditemukan pada /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+msgid "failed to open scratch file"
+msgstr "%s: tidak dapat membuka berkas grup\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: ruas terlalu panjang\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "gagal mengubah nama kotak-surat"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "gagal mengganti pemilik kotak-surat"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "gagal mengubah nama kotak-surat"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: tidak dapat mengembalikan %s: %s (perubahan ada dalam %s)\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: direktori awal `%s' tak sah\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Penggunaan: %s [input]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) gagal\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -d, --lastday LAST_DAY        set last password change to LAST_DAY\n"
+#~| "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --list                    show account aging information\n"
+#~| "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "  -W, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Penggunaan: chage [pilihan-pilihan] [NAMA-LOGIN]\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ "  -d, --lastday LAST_DAY        atur pergantian password terakhir pada "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  atur kadaluarsa akun pada tanggal\n"
+#~ "                                EXPIRE_DATE\n"
+#~ "  -h, --help                    tampilkan pesan bantuan ini dan keluar\n"
+#~ "  -I, --inactive INACTIVE       atur masa inaktif kata sandi setelah\n"
+#~ "                                kadaluarsa pada INACTIVE\n"
+#~ "  -l, --list                    tampilkan informasi umur akun\n"
+#~ "  -m, --mindays MIN_DAYS        atur jumlah hari minimum sebelum kata "
+#~ "sandi\n"
+#~ "                                diganti menjadi MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        atur jumlah hari maksimum sebelum kata "
+#~ "sandi\n"
+#~ "                                diganti menjadi MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      atur hari peringatan kadaluarsa menjadi\n"
+#~ "                                WARN_DAYS\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: Otentikasi PAM gagal\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Penggunaan: %s [-f nama_lkp] [-r no_ruang] [-w telp_ktr]\n"
+#~ "\t[-h telp_rmh] [-o lain_lain] [pengguna]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Penggunaan: %s [-f nama_lkp] [-r no_ruang] [-w telp_ktr] [-h telp_rmh]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Penggunaan: chpasswd [pilihan-pilihan]\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ "  -e, --encrypted               kata sandi yang diberikan telah "
+#~ "terenkripsi\n"
+#~ "  -h, --help                    tampilkan pesan bantuan ini dan keluar\n"
+#~ "  -m, --md5                     gunakan enkripsi MD5 daripada DES bila "
+#~ "kata\n"
+#~ "                                sandi yang diberikan tak terenkripsi\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Penggunaan: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: tidak dapat membuka berkas %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Penggunaan: groupdel grup\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Penggunaan: %s [-r] [-s] [grup [gbayangan]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Penggunaan: %s [-r] [-s] [grup]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s dan -r tidak kompatible\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Penggunaan: groupdel grup\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Penggunaan: groupdel grup\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Penggunaan: lastlog [pilihan-pilihan]\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ "  -b, --before HARI     cetak hanya record lastlog yang lebih tua dari "
+#~ "HARI\n"
+#~ "  -h, --help            tampilkan pesan bantuan ini dan keluar\n"
+#~ "  -t, --time HARI       cetak hanya record lastlog yang lebih baru dari "
+#~ "HARI\n"
+#~ "  -u, --user NAMA       cetak record lastlog untuk pengguna dengan nama "
+#~ "NAMA\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Penggunaan: passwd [pilihan-pilihan] [nama-pengguna]\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ "  -a, --all                     laporkan status kata sandi untuk semua "
+#~ "akun\n"
+#~ "  -d, --delete                  hapus password untuk pengguna yang "
+#~ "diberikan\n"
+#~ "  -e, --expire                  paksakan kadaluarsa kata sandi untuk "
+#~ "akun\n"
+#~ "                                pengguna\n"
+#~ "  -h, --help                    tampilkan pesan bantuan ini dan keluar\n"
+#~ "  -k, --keep-tokens             ganti kata sandi hanya bila telah "
+#~ "kadaluarsa\n"
+#~ "  -i, --inactive INAKTIF        atur masa inaktif kata sandi setelah\n"
+#~ "                                kadaluarsa pada INAKTIF\n"
+#~ "  -l, --lock                    blok akun pengguna\n"
+#~ "  -n, --mindays HARI_MIN        atur jumlah hari minimum sebelum kata "
+#~ "sandi\n"
+#~ "                                diganti pada HARI_MIN\n"
+#~ "  -q, --quiet                   mode tenang\n"
+#~ "  -r, --repository REPOSITORI   ubah kata sandi pada repositori "
+#~ "REPOSITORI\n"
+#~ "  -S, --status                  laporkan status kata sandi dari akun "
+#~ "pengguna\n"
+#~ "  -u, --unlock                  buka bloking akun pengguna\n"
+#~ "  -w, --warndays HARI           atur hari peringatan kadaluarsa pada "
+#~ "HARI\n"
+#~ "  -x, --maxdays HARI_MAKS       atur jumlah hari maksimum sebelum kata "
+#~ "sandi\n"
+#~ "                                diganti pada HARI_MAKS\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Penggunaan: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Penggunaan: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Penggunaan: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Penggunaan: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Id tak dikenal: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Tak ada shell\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: pengguna %s saat ini sedang login\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Penggunaan: usermod [pilihan-pilihan] NAMA-LOGIN\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ "  -a, --append GRUP             tambahkan pengguna ke grup tambahan GRUP\n"
+#~ "  -c, --comment KOMENTAR        nilai baru dari ruas GECOS\n"
+#~ "  -d, --home DIR_RUMAH          direktori rumah baru dari pengguna baru\n"
+#~ "  -e, --expiredate TANGGAL      atur tanggal kadaluarsa akun pada "
+#~ "TANGGAL\n"
+#~ "  -f, --inactive INAKTIF        atur masa inaktif setelah kadaluarsa\n"
+#~ "                                pada INAKTIF\n"
+#~ "  -g, --gid GRUP                paksakan GRUP sebagai grup login awalan\n"
+#~ "  -G, --groups GRUP-GRUP        daftar grup-grup tambahan\n"
+#~ "  -h, --help                    tampilkan pesan bantuan ini dan keluar\n"
+#~ "  -l, --login LOGIN             nilai baru dari nama pengguna\n"
+#~ "  -L, --lock                    blok akun pengguna\n"
+#~ "  -m, --move-home               pindahkan isi direktori rumah ke lokasi "
+#~ "baru\n"
+#~ "                                (hanya gunakan dengan -d)\n"
+#~ "  -o, --non-unique              perbolehkan UID terduplikasi (tak-unik)\n"
+#~ "  -p, --password PASSWORD       gunakan kata sandi baru yang terenkripsi\n"
+#~ "  -s, --shell SHELL             shell login baru bagi pengguna\n"
+#~ "  -u, --uid UID                 UID baru untuk pengguna\n"
+#~ "  -U, --unlock                  buka bloking pengguna\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: tak diberikan tanda-tanda/bendera\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Penggunaan: vipw [pilihan-pilihan]\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ "  -g, --group                   sunting basisdata grup\n"
+#~ "  -h, --help                    tampilkan pesan bantuan ini dan keluar\n"
+#~ "  -p, --passwd                  sunting basisdata kata sandi\n"
+#~ "  -q, --quiet                   mode tenang\n"
+#~ "  -s, --shadow                  sunting basisdata shadow atau gshadow\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Penggunaan: %s [input]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: tak dapat membuat %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: tak dapat chown %s\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     display faillog records for all users\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --lock-time SEC           after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| "  -m, --maximum MAX             set maximum failed login counters to "
+#~| "MAX\n"
+#~| "  -r, --reset                   reset the counters of login failures\n"
+#~| "  -t, --time DAYS               display faillog records more recent than "
+#~| "DAYS\n"
+#~| "  -u, --user LOGIN              display faillog record or maintains "
+#~| "failure\n"
+#~| "                                counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| "                                options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Penggunaan: faillog [pilihan-pilihan]\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ "  -a, --all                     tampilkan record faillog records untuk\n"
+#~ "                                semua pengguna\n"
+#~ "  -h, --help                    tampilkan pesan bantuan ini dan keluar\n"
+#~ "  -l, --lock-time DTK           setelah kegagalan login blok akun selama\n"
+#~ "                                DTK detik\n"
+#~ "  -m, --maximum MAX             atur penghitung kegagalan login maksimum\n"
+#~ "                                pada MAX\n"
+#~ "  -r, --reset                   reset penghitung kegagalan login\n"
+#~ "  -t, --time HARI               tampilkan record faillog yang lebih baru\n"
+#~ "                                dari HARI\n"
+#~ "  -u, --user NAMA               tampilkan record faillog atau atur\n"
+#~ "                                penghitung kegagalan dan batasnya (bila\n"
+#~ "                                digunakan dengan -r, -m atau -l) hanya\n"
+#~ "                                untuk pengguna dengan nama NAMA\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Usage: groupadd [pilihan-pilihan] namagroup\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ "  -f, --force                   paksa status sukses saat keluar bila "
+#~ "grup\n"
+#~ "                                telah ada\n"
+#~ "  -g, --gid GID                 gunakan GID untuk grup yang baru ini\n"
+#~ "  -h, --help                    tampilkan pesan bantuan ini dan keluar\n"
+#~ "  -K, --key KEY=VALUE           ganti nilai bawaan pada /etc/login.defs\n"
+#~ "  -o, --non-unique              perbolehkan pembuatan grup dengan GID\n"
+#~ "                                terduplikasi (tak-unik)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Usage: groupadd [pilihan-pilihan] namagroup\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ "  -f, --force                   paksa status sukses saat keluar bila "
+#~ "grup\n"
+#~ "                                telah ada\n"
+#~ "  -g, --gid GID                 gunakan GID untuk grup yang baru ini\n"
+#~ "  -h, --help                    tampilkan pesan bantuan ini dan keluar\n"
+#~ "  -K, --key KEY=VALUE           ganti nilai bawaan pada /etc/login.defs\n"
+#~ "  -o, --non-unique              perbolehkan pembuatan grup dengan GID\n"
+#~ "                                terduplikasi (tak-unik)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Penggunaan: useradd [pilihan-pilihan] NAMA-LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       direktori awal untuk direktori rumah "
+#~ "dari\n"
+#~ "                                pengguna baru\n"
+#~ "  -c, --comment KOMENTAR        atur ruas GECOS untuk pengguna baru\n"
+#~ "  -d, --home-dir DIR_RUMAH      direktori rumah untuk pengguna baru\n"
+#~ "  -D, --defaults                cetak atau simpan konfigurasi bawaan "
+#~ "useradd\n"
+#~ "  -e, --expiredate KADALUARSA   atur tanggal kadaluarsa pada KADALUARSA\n"
+#~ "  -f, --inactive INAKTIF        atur masa inaktif kata sandi setelah\n"
+#~ "                                kadaluarsa menjadi INAKTIF\n"
+#~ "  -g, --gid GRUP                paksakan grup GRUP untuk pengguna baru\n"
+#~ "  -G, --groups GRUP-GRUP        daftar grup-grup tambahan untuk\n"
+#~ "                                pengguna baru\n"
+#~ "  -h, --help                    tampilkan pesan bantuan ini dan keluar\n"
+#~ "  -k, --skel SKEL_DIR           berikan direktori skel alternatif\n"
+#~ "  -K, --key KEY=VALUE           ganti nilai-nilai bawaan pada /etc/login."
+#~ "defs\n"
+#~ "  -m, --create-home             buat direktori rumah untuk pengguna baru\n"
+#~ "  -o, --non-unique              perbolehkan pembuatan pengguna dengan\n"
+#~ "                                UID terduplikasi (tak-unik)\n"
+#~ "  -p, --password PASSWORD       gunakan kata sandi terenkripsi untuk\n"
+#~ "                                pengguna baru\n"
+#~ "  -s, --shell SHELL             shell login untuk pengguna baru\n"
+#~ "  -u, --uid UID                 paksakan uid UID untuk pengguna baru\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Kata sandi dibuat kadaluarsa."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas kata sandi\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: tidak dapat membuka berkas kata sandi\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas kata sandi bayangan\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: tidak dapat membuka berkas kata sandi bayangan\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: tidak dapat menulis kembali berkas kata sandi bayangan\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: tidak dapat menulis kembali berkas kata sandi\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: tidak dapat memperbaharui berkas kata sandi bayangan\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tNama Lengkap: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tNomor Ruangan: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTelepon Kantor: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTelepon Rumah: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Tidak dapat mengunci berkas kata sandi; coba lagi nanti.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Tidak dapat membuka berkas kata sandi.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Kesalahan saat memperbaharui entri kata sandi.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Tidak dapat menyimpan perubahan berkas kata sandi.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Tidak dapat membuka kunci berkas kata sandi.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas grup\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: tidak dapat membuka berkas grup\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas gshadow\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: tidak dapat membuka berkas kata sandi bayangan\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: kesalahan saat memperbaharui berkas kata sandi bayangan\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: errot memperbaharui entri grup\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: baris %d: grup %s tak dikenal\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: baris %d: tak dapat memperbaharui entri\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas kata sandi bayangan\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: kesalahan saat memperbaharui berkas kata sandi bayangan\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: kesalahan saat memperbaharui berkas kata sandi\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: baris %d: pengguna %s tak dikenal\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: baris %d: tidak dapat memperbaharui entri kata sandi\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: pengguna tak dikenal\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Pengguna tak dikenal: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Penggunaan: %s [-r|-R] grup\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "       %s [-a pengguna] grup\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "       %s [-d pengguna] grup\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "       %s [-A pengguna,...] [-M pengguna,...] grup\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "       %s [-M pengguna,...] grup\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: tidak mendapatkan kunci\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: tidak mendapatkan kunci untuk berkas bayangan\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: tidak dapat membuka berkas\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: tidak dapat menuliskan kembali berkas bayangan\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: tidak dapat membuka kunci berkas\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: tidak dapat memperbaharui entri\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: tidak dapat memperbaharui entri bayangan\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "grup tak dikenal: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: tidak dapat membuka berkas\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: tidak dapat membuka berkas kata sandi bayangan\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Anda siapa?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: anggota tak dikenal %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: kesalahan saat menambahkan entri grup yang baru\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: tidak dapat menuliskan kembali berkas grup\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: tidak dapat menuliskan kembali berkas grup bayangan\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas grup\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: tidak dapat membuka berkas grup\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas grup bayangan\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: tidak dapat membuka berkas grup bayangan\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u tidak unik\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: kesalahan saat menghapus entri grup\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: kesalahan saat menghapus entri group bayangan\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: tidak dapat menghapus grup utama dari pengguna.\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: Otentikasi PAM gagal\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas grup\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s: tak dapat membuka berkas grup\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s tidak ditemukan dalam /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u bukan GID yang unik\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s bukan nama yang unik\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: tak dapat menulis kembali berkas kata sandi\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: tak dapat mengunci berkas kata sandi\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: tak dapat membuka berkas kata sandi\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: tidak dapat memperbaharui entri bayangan untuk %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: tidak dapat memperbaharui entri untuk grup %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: tidak dapat mengunci berkas grup bayangan\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: tidak dapat membuka berkas grup banyangan\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: tidak dapat menghapus grup bayangan %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: tidak dapat memperbaharui berkas grup bayangan\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: tidak dapat menghapus berkas grup bayangan\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "UID tak dikenal: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "GID tidak dikenal: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: grup %s tidak ada\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: pengguna %s tak ada\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: nama pengguna `%s' tak sah\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: tidak dapat mengunci /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: tidak dapat mengunci /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: tidak dapat mengunci /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: tidak dapat mengunci /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: tidak dapat membuka berkas-berkas\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: kesalahan saat memperbaharui berkas-berkas\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: tak dapat menghapus entri passwd untuk %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: tak dapat mengunci berkas passwd\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: tak dapat membuka berkas passwd\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: tak dapat menghapus entri bayangan untuk %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: tak dapat memperbaharui berkas passwd\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: tak dapat memperbaharui entri untuk pengguna %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: tak dapat menghapus berkas kata sandi bayangan\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: GID %s tak dikenal\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: grup %s tak dikenal\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: kehabisan memori saat update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: tak dapat menulis kembali berkas kata sandi\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: tak dapat menulis kembali berkas kata sandi bayangan\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: tak dapat mengunci berkas kata sandi bayangan\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: tak dapat membuka berkas kata sandi bayangan\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: kesalahan saat mengunci berkas grup\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: kesalahan saat membuka berkas grup\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: kesalahan saat mengunci berkas grup bayangan\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: kesalahan saat membuka berkas grup bayangan\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: kesalahan saat menambah entri baru kata sandi\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: kesalahan saat menambah entri baru kata sandi bayangan\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: perhatian: CREATE_HOME tak didukung, sebaiknya gunakan -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: errot memperbaharui entri grup\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: errot memperbaharui entri grup\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: tak dapat membuka berkas grup\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: tak dapat membuka berkas grup bayangan\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: kesalahan saat menghapus entri kata sandi\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: kesalahan saat menghapus entri kata sandi bayangan\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: kesalahan saat menambahkan entri grup yang baru\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu tak unik\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: kesalahan saat mengganti entri kata sandi\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: kesalahan saat menghapus entri kata sandi\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: kesalahan saat menghapus entri kata sandi bayangan\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: tak mampu mendapatkan GID yang unik\n"
+
+#, fuzzy
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " pada `%.100s' dari `%.200s'"
+
+#, fuzzy
+#~ msgid " on '%.100s'"
+#~ msgstr " pada `%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: baris %d: tak dapat membuat UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: nama %s tidak unik\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Penggunaan: chgpasswd [pilihan-pilihan]\n"
+#~ "\n"
+#~ "Pilihan-pilihan:\n"
+#~ "  -e, --encrypted\tkata sandi yang diberikan telah terenkripsi\n"
+#~ "  -h, --help\t\ttampilkan pesan bantuan ini dan keluar\n"
+#~ "  -m, --md5\t\tgunakan enkripsi MD5 daripada DES bila kata sandi\n"
+#~ "\t\t\tyang diberikan tak terenkripsi\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Tak ada berkas kata sandi\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Maaf.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Maaf, kata sandi untuk %s belum dapat diganti.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Maaf."
diff --git a/po/it.po b/po/it.po
new file mode 100644
index 0000000..ea7332a
--- /dev/null
+++ b/po/it.po
@@ -0,0 +1,3859 @@
+# Italian translations for shadow package.
+# Copyright (C) 2004 Free Software Foundation, Inc.
+# This file is distributed under the same license as the shadow package.
+# Giuseppe Sacco <eppesuig@debian.org>, 2004.
+# Danilo Piazzalunga <danilopiazza@gmail.com>, 2004-2006.
+#
+# Convenzioni utilizzate per tradurre i termini più frequenti:
+#
+# “faillog (record)�..................: «(record degli) accessi falliti»
+# “group file�........................: «file dei gruppi»
+# “logged in�.........................: «collegato»
+# “login�.............................: «accesso» (nella maggioranza dei casi)
+# “login� [user account]..............: «login»
+# “mail spool�........................: «spool di posta»
+# “primary group�.....................: «gruppo principale»
+# “shadow file�.......................: «file shadow»
+# “shadow group�......................: «gruppo shadow»
+# “(shadow) group file�...............: «file dei gruppi (shadow)»
+# “shadow password�...................: «shadow password»
+# “(shadow) password file�............: «file delle (shadow) password»
+# “superuser�.........................: «root» o «amministratore»
+# “user name�.........................: «nome utente»
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.1.1\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2008-03-27 14:40+0100\n"
+"Last-Translator: Danilo Piazzalunga <danilopiazza@gmail.com>\n"
+"Language-Team: Italian <tp@lists.linux.it>\n"
+"Language: it\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Più di una voce chiamata «%s» in %s. Correggere il problema con pwck o "
+"grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "metodo di cifratura non supportato da libcrypt? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Impossibile allocare spazio per le informazioni di configurazione.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"errore di configurazione: oggetto «%s» sconosciuto (avvisare "
+"l'amministratore)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Password: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Password di %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Impossibile allocare spazio per le informazioni di configurazione.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Modifica delle informazioni sulla durata dell'account di %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: impossibile determinare il proprio nome utente.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: riga %d: impossibile trovare l'utente %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: memoria esaurita\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: impossibile aggiornare il file %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: directory home «%s» non valida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: attenzione: impossibile rimuovere "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: attenzione: impossibile rimuovere "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: attenzione: impossibile rimuovere "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: attenzione: impossibile rimuovere "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: impossibile aggiornare il file %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: impossibile aggiornare il file shadow\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: impossibile aprire il file %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Attenzione: gruppo «%s» sconosciuto\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Attenzione: troppi gruppi\n"
+
+msgid "Your password has expired."
+msgstr "La password in uso è scaduta."
+
+msgid "Your password is inactive."
+msgstr "La password in uso è inattiva."
+
+msgid "Your login has expired."
+msgstr "Il login in uso è scaduto."
+
+msgid "  Contact the system administrator."
+msgstr "  Contattare l'amministratore del sistema."
+
+msgid "  Choose a new password."
+msgstr "  Scegliere una nuova password."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "La password in uso scadrà tra %ld giorni.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "La password in uso scadrà domani."
+
+msgid "Your password will expire today."
+msgstr "La password in uso scade oggi."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Impossibile cambiare i permessi al device %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: lunghezza dei campi eccessiva\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Dimensione dell'ambiente eccessiva\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Non si può modificare $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d tentativo fallito dall'ultimo accesso.\n"
+"L'ultimo è stato %s su %s.\n"
+msgstr[1] ""
+"%d tentativi falliti dall'ultimo accesso.\n"
+"L'ultimo è stato %s su %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "impossibile cambiare il proprietario della casella di posta"
+
+#, fuzzy, c-format
+#| msgid "Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "Impossibile ottenere un UID univoco (nessun UID disponibile)\n"
+
+#, fuzzy, c-format
+#| msgid "Can't get unique GID (no more available GIDs)\n"
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "Impossibile ottenere un GID univoco (nessun GID disponibile)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "Impossibile ottenere un UID univoco (nessun UID disponibile)\n"
+
+#, fuzzy, c-format
+#| msgid "Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "Impossibile ottenere un UID univoco (nessun UID disponibile)\n"
+
+# NdT: Riferito al numero massimo di accessi concorrenti per un utente.
+msgid "Too many logins.\n"
+msgstr "Troppi accessi.\n"
+
+msgid "You have new mail."
+msgstr "C'è nuova posta."
+
+msgid "No mail."
+msgstr "Nessun messaggio di posta."
+
+msgid "You have mail."
+msgstr "C'è la solita posta."
+
+msgid "no change"
+msgstr "nessuna modifica"
+
+msgid "a palindrome"
+msgstr "palindromo"
+
+msgid "case changes only"
+msgstr "cambiano solo maiuscole/minuscole"
+
+msgid "too similar"
+msgstr "simile alla precedente"
+
+msgid "too simple"
+msgstr "troppo semplice"
+
+msgid "rotated"
+msgstr "rotazione"
+
+msgid "too short"
+msgstr "troppo corta"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Password non valida: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() ha restituito l'errore %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Password cambiata."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: password aggiornata correttamente\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Password sbagliata per %s\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: telefono di casa «%s» non valido\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Valore di ENCRYPT_METHOD «%s» non valido.\n"
+"Viene usato il valore predefinito, DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Impossibile spostarsi nella directory «%s»\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Directory non presente, accesso con HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Impossibile eseguire %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Directory root «%s» non valida\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Impossibile cambiare la directory root in «%s»\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Impossibile determinare il nome del terminale."
+
+msgid "No"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Inserire il nuovo valore o premere INVIO per quello predefinito"
+
+msgid "Minimum Password Age"
+msgstr "Durata minima della password"
+
+msgid "Maximum Password Age"
+msgstr "Durata massima della password"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Ultimo cambio della password (AAAA-MM-GG)"
+
+msgid "Password Expiration Warning"
+msgstr "Avviso di scadenza della password"
+
+msgid "Password Inactive"
+msgstr "Inattività della password"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Data di scadenza dell'account (AAAA-MM-GG)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Ultimo cambio della password\t\t\t\t: "
+
+msgid "never"
+msgstr "mai"
+
+msgid "password must be changed"
+msgstr "la password deve essere cambiata"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Scadenza della password\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Inattività della password\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Scadenza dell'account\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Numero minimo di giorni tra i cambi di password\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Numero massimo di giorni tra i cambi di password\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Giorni di preavviso prima della scadenza della password\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: data «%s» non valida\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: argomento numerico «%s» non valido\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: non includere «l» con altri flag\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Permesso negato.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: impossibile determinare il proprio nome utente.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot lock the password file; try again later.\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr ""
+"Impossibile fare il lock del file delle password; riprovare più tardi.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: impossibile aprire il file %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failure forking: %s\n"
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: impossibile eseguire fork(): %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: manca il file delle shadow password\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: l'utente «%s» non esiste\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Modifica delle informazioni sulla durata dell'account di %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: errore nel cambiare i campi\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Nome completo"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Stanza n°"
+
+msgid "Work Phone"
+msgstr "Numero telefonico di lavoro"
+
+msgid "Home Phone"
+msgstr "Numero telefonico di casa"
+
+msgid "Other"
+msgstr "Altro"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Impossibile cambiare ID a root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: nome «%s» non valido\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: numero di stanza «%s» non valido\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: telefono di lavoro «%s» non valido\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: telefono di casa «%s» non valido\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: «%s» contiene caratteri non ammessi\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: «%s» contiene caratteri non ammessi\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: l'utente «%s» non esiste\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: impossibile modificare l'utente «%s» sul client NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: «%s» è il NIS master per questo client.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Modifica delle informazioni relative all'utente %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: lunghezza dei campi eccessiva\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s flag is ONLY allowed with the %s flag\n"
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: è permesso usare il flag %s solo con il flag %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: i flag -c, -e e -m sono mutuamente esclusivi\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: metodo di cifratura «%s» non supportato\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: riga %d: riga troppo lunga\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: riga %d: manca la nuova password\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: gruppo «%s» inesistente\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: riga %d: impossibile aggiornare la voce\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: rilevato un errore; le modifiche vengono ignorate\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: l'utente «%s» non esiste\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: l'utente «%s» non esiste\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Shell di login"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Non è permesso cambiare la shell di %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Cambio della shell di login di %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: voce «%s» non valida\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s non è una shell valida.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: l'utente %s non esiste\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: attenzione: %s non appartiene a %s\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: le opzioni %s e %s sono mutuamente esclusive\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: argomento «%s» non previsto\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+# NdT: Vedere faillog(5) per il significato dei campi. Il campo "On"
+# è il device tty su cui è avvenuto l'ultimo accesso fallito.
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Login       Errori   Massimo Ultimo accesso           Su\n"
+
+# NdT: La «s» indica l'unità di misura (secondi).
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds rimasti]"
+
+# NdT: La «s» indica l'unità di misura (secondi).
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds blocco]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "Unknown user or range: %s\n"
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Utente o intervallo «%s» sconosciuto\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "La password di %s non può essere cambiata.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "La password di %s non può essere cambiata.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: l'opzione -A richiede le shadow password per i gruppi\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: gruppo «%s» inesistente\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failure forking: %s\n"
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: impossibile eseguire fork(): %s\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Cambio della password del gruppo %s\n"
+
+msgid "New Password: "
+msgstr "Nuova password: "
+
+msgid "Re-enter new password: "
+msgstr "Reimmettere la nuova password: "
+
+msgid "They don't match; try again"
+msgstr "Non corrispondono; provare di nuovo"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: riprovare più tardi\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Aggiunta dell'utente %s al gruppo %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Rimozione dell'utente %s dal gruppo %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: l'utente «%s» non esiste\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: non è un terminale\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s non è un nome di gruppo valido\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid group name `%s'\n"
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: nome di gruppo «%s» non valido\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K richiede NOME=VALORE\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: gruppo «%s» già esistente\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "Membro già esistente\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: impossibile determinare il proprio nome utente.\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot change the primary group of user '%s' from %u to %u.\n"
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr ""
+"%s: impossibile modificare il gruppo principale dell'utente «%s» da %u a "
+"%u.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: gruppo «%s» inesistente\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: il gruppo «%s» è un gruppo NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s è il NIS master\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: l'utente %s è un utente NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Out of memory. Cannot update the group database.\n"
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: memoria esaurita. Impossibila aggiornare il database dei gruppi.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: invalid group name `%s'\n"
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: nome di gruppo «%s» non valido\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: il gruppo «%s» è un gruppo NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: utente «%s» sconosciuto\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Uso: %s [-r] [-s] [GRUPPO [GSHADOW]]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [-r] [-s] [group]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Uso: %s [-r] [-s] [GRUPPO]\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s e -r sono incompatibili\n"
+
+msgid "invalid group file entry"
+msgstr "voce non valida nel file dei gruppi"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "eliminare la riga «%s»? "
+
+msgid "duplicate group entry"
+msgstr "voce duplicata nel file dei gruppi"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "nome di gruppo «%s» non valido\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "nome di gruppo «%s» non valido\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "gruppo %s: nessun utente %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "eliminare il membro «%s»? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "nessuna voce corrispondente nel file dei gruppi %s\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "aggiungere il gruppo «%s» in %s? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "voce non valida nel file dei gruppi shadow"
+
+msgid "duplicate shadow group entry"
+msgstr "voce duplicata nel file dei gruppi shadow"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "gruppo shadow %s: nessun utente amministrativo %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "eliminare il membro amministrativo «%s»? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "gruppo shadow %s: nessun utente %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: i file sono stati aggiornati\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: nessuna modifica\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: impossibile aggiornare il file %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Uso: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Uso: id\n"
+
+msgid " groups="
+msgstr " gruppi="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr "Nome utente      Porta    Da               Ultimo accesso"
+
+msgid "Username                Port     Latest"
+msgstr "Nome utente             Porta    Ultimo accesso"
+
+msgid "**Never logged in**"
+msgstr "**Nessun accesso effettuato**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: impossibile aggiornare il file delle password\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Uso: %s [-p] [NOME]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "     %s [-p] [-h HOST] [-f NOME]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "     %s [-p] -r HOST\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+# NdT: Non è l'ora giusta per accedere da questo tty (con questo utente).
+msgid "Invalid login time"
+msgstr "Orario di accesso non permesso"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistema chiuso per lavori di ordinaria manutenzione"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Disconnessione obbligatoria evitata: root può accedere.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr "Nessuna voce utmp. Eseguire «login» dalla shell di livello più basso"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Login scaduto dopo %d secondi.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM ha restituito un errore: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Superato il numero massimo di tentativi (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: PAM ha richiesto l'uscita immediata\n"
+
+msgid "Login incorrect"
+msgstr "Login non corretto"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: riga %d: impossibile trovare l'utente %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: impossibile eseguire fork(): %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY non riuscita su %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+"Attenzione: accesso nuovamente abilitato dopo una proibizione temporanea."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Ultimo accesso: %s su %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Ultimo accesso: %.19s su %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " da %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"orario di accesso terminato\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Uso: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Uso: newgrp [-] [GRUPPO]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Uso: sg GRUPPO [[-c] COMANDO]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+msgid "Invalid password.\n"
+msgstr "Password non valida.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: impossibile eseguire fork(): %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: l'utente «%s» non esiste\n"
+
+msgid "too many groups\n"
+msgstr "troppi gruppi\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: group %s is a shadow group, but does not exist in /etc/group\n"
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: il gruppo «%s» è un gruppo shadow, ma non esiste in /etc/group\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: nome utente «%s» non valido\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: nome utente «%s» non valido\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: riga %d: riga non valida\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: impossibile aggiornare la voce dell'utente %s (non presente nel database "
+"delle password)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: riga %d: impossibile creare l'utente\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: riga %d: impossibile creare il gruppo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: l'utente «%s» non esiste\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: riga %d: impossibile aggiornare la password\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: riga %d: la chiamata mkdir ha restituito un errore\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: riga %d: la chiamata chown ha restituito un errore\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: riga %d: impossibile aggiornare la voce\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: impossibile creare l'utente\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: impossibile aggiornare il file dei gruppi\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid "Old password: "
+msgstr "Vecchia password: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Inserire la nuova password (minimo %d caratteri)\n"
+"Utilizzare una combinazione di lettere maiuscole, minuscole e numeri.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Inserire la nuova password (minimo %d caratteri, massimo %d)\n"
+"Utilizzare una combinazione di lettere maiuscole, minuscole e numeri.\n"
+
+msgid "New password: "
+msgstr "Nuova password: "
+
+msgid "Try again."
+msgstr "Provare di nuovo."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Attenzione: password troppo debole (inserirla di nuovo per usarla comunque)."
+
+msgid "They don't match; try again.\n"
+msgstr "Non corrispondono; provare di nuovo.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "La password di %s non può essere cambiata.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "La password di %s non può ancora essere cambiata.\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: unlocking the user would result in a passwordless account.\n"
+#| "You should set a password with usermod -p to unlock this user account.\n"
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: sbloccando l'utente si otterrebbe un account senza password.\n"
+"È necessario impostare una password con «usermod -p» per sbloccare questo "
+"account.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: repository %s non supportato\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+"%s: non è permesso vedere o cambiare le informazioni sulla password di %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Cambio della password di %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "La password di %s non è cambiata.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Password cambiata."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Avviso di scadenza della password"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Uso: %s [-q] [-r] [-s] [PASSWD [SHADOW]]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Uso: %s [-q] [-r] [-s] [PASSWD [SHADOW]]\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "voce non valida nel file delle password"
+
+msgid "duplicate password entry"
+msgstr "voce duplicata nel file delle password"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "nome utente «%s» non valido\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "nome utente «%s» non valido\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "utente %s: nessun gruppo %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "utente %s: la directory %s non esiste\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "utente %s: il programma %s non esiste\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: impossibile fare il lock del file %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "nessuna voce corrispondente nel file delle password %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "aggiungere l'utente «%s» in %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "voce non valida nel file delle shadow password"
+
+msgid "duplicate shadow password entry"
+msgstr "voce duplicata nel file delle shadow password"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "utente %s: l'ultimo cambio di password reca una data futura\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: impossibile aprire il file %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: impossibile riscrivere il file\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "L'accesso all'account tramite «su» è NEGATO.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Evitata l'autenticazione tramite password.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Inserire la PROPRIA password per autenticarsi.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: impossibile fare il lock del file %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Uso: su [OPZIONI] [LOGIN]\n"
+"\n"
+"Opzioni:\n"
+"  -c, --command COMANDO         passa il COMANDO alla shell invocata\n"
+"  -h, --help                    mostra questo messaggio di aiuto ed esce\n"
+"  -, -l, --login                rende la shell una shell di login\n"
+"  -m, -p,\n"
+"  --preserve-environment        non azzera le variabili d'ambiente e\n"
+"                                mantiene la stessa shell\n"
+"  -s, --shell SHELL             usa la SHELL specificata anziché quella\n"
+"                                predefinita in passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorato)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Non si è autorizzati a diventare %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Immettere la propria password)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: autenticazione PAM non riuscita\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Non si è autorizzati a diventare %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Manca una voce per «root» nel file delle password"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: si deve avviare da un terminale\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: errore %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Impossibile eseguire %s"
+
+msgid "No password file"
+msgstr "Manca il file delle password"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY non riuscita"
+
+msgid "No password entry for 'root'"
+msgstr "Manca una voce per «root» nel file delle password"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Premere Ctrl-D per procedere con l'avvio regolare, oppure\n"
+"inserire la password di root per la manutenzione del sistema:"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Avvio modalità manutenzione del sistema"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: impossibile creare il nuovo file dei valori predefiniti\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: impossibile aprire il nuovo file dei valori predefiniti\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: riga %d: la chiamata chown ha restituito un errore\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: rename: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: il gruppo «%s» è un gruppo NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: troppi gruppi specificati (max %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: directory di base «%s» non valida\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: commento «%s» non valido\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: directory home «%s» non valida\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: le shadow password sono necessarie per -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: le shadow password sono necessarie per -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: campo «%s» non valido\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: shell «%s» non valida\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Creazione del file della casella di posta"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Impossibile trovare il gruppo «mail». Creazione del file della casella di "
+"posta dell'utente con il modo 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Impostazione dei permessi del file della casella di posta"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: l'utente «%s» esiste già\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: il gruppo «%s» esiste già; usare -g per aggiungere questo utente a tale "
+"gruppo.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: impossibile creare l'utente\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %u non univoco\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: impossibile creare il gruppo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: impossibile creare l'utente\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: impossibile creare il gruppo\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: attenzione: la directory home esiste già.\n"
+"Non verrà copiato nessun file dalla directory skel.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot change the primary group of user '%s' from %u to %u.\n"
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: impossibile modificare il gruppo principale dell'utente «%s» da %u a "
+"%u.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: impossibile rimuovere il gruppo «%s» in quanto gruppo principale di un "
+"altro utente.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: directory home «%s» non valida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: attenzione: impossibile rimuovere "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s non appartiene a %s, quindi non viene rimosso\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: l'utente %s è un utente NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: directory home «%s» non valida\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: la directory %s non viene rimossa (verrebbe eliminata la home "
+"dell'utente %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: errore nel rimuovere la directory %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -s, --sha-rounds              il numero di passaggi SHA per gli\n"
+"                                algoritmi di cifratura SHA*\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: unlocking the user would result in a passwordless account.\n"
+#| "You should set a password with usermod -p to unlock this user account.\n"
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: sbloccando l'utente si otterrebbe un account senza password.\n"
+"È necessario impostare una password con «usermod -p» per sbloccare questo "
+"account.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: l'utente «%s» esiste già\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: data «%s» non valida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: data «%s» non valida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: impossibile aprire il file %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: i flag -L, -p e -U sono mutuamente esclusivi\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: le shadow password sono necessarie per le opzioni -e e -f\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "Membro già esistente\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: la directory %s esiste già\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: impossibile creare la directory %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: attenzione: impossibile rimuovere completamente la vecchia directory "
+"home %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: impossibile rinominare la directory %s in %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: attenzione: %s non appartiene a %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "impossibile cambiare il proprietario della casella di posta"
+
+msgid "failed to rename mailbox"
+msgstr "impossibile rinominare la casella di posta"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "You have modified %s.\n"
+#| "You may need to modify %s for consistency.\n"
+#| "Please use the command `%s' to do so.\n"
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"%s è stato modificato.\n"
+"Per coerenza, potrebbe essere necessario modificare anche %s.\n"
+"Usare il comando «%s» per compiere questa operazione.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s non modificato\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "impossibile rinominare la casella di posta"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Impossibile fare il lock del file"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: impossibile abbandonare i privilegi (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Impossibile fare il lock del file"
+
+msgid "Couldn't make backup"
+msgstr "Impossibile effettuare il backup"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: impossibile trovare «%s» in /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Impossibile aprire il file dei gruppi\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: lunghezza dei campi eccessiva\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "impossibile rinominare la casella di posta"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "impossibile cambiare il proprietario della casella di posta"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "impossibile rinominare la casella di posta"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr ""
+"%s: impossibile ripristinare %s: %s (le modifiche effettuate sono in %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: directory di base «%s» non valida\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) non riuscita\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -d, --lastday LAST_DAY        set last password change to LAST_DAY\n"
+#~| "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --list                    show account aging information\n"
+#~| "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "  -W, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: chage [OPZIONI] [LOGIN]\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ "  -d, --lastday ULTIMO_CAMBIO   imposta la data dell'ULTIMO_CAMBIO della\n"
+#~ "                                password\n"
+#~ "  -E, --expiredate SCADENZA     imposta la data di SCADENZA dell'account\n"
+#~ "  -h, --help                    mostra questo messaggio di aiuto ed esce\n"
+#~ "  -i, --inactive INATTIVITÀ     imposta il numero di giorni di "
+#~ "INATTIVITÀ\n"
+#~ "                                della password oltre la sua scadenza\n"
+#~ "  -l, --list                    mostra le informazioni sulla durata\n"
+#~ "                                dell'account\n"
+#~ "  -m, --mindays MINIMO          imposta a il numero MINIMO di giorni tra "
+#~ "i\n"
+#~ "                                cambi di password\n"
+#~ "  -M, --maxdays MASSIMO         imposta il numero MASSIMO di giorni tra "
+#~ "i\n"
+#~ "                                cambi di password\n"
+#~ "  -w, --warndays PREAVVISO      imposta il numero di giorni di PREAVVISO\n"
+#~ "                                prima della scadenza della password\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: autenticazione PAM non riuscita\n"
+
+# NdT: L'output è allineato se "%s" == "chfn".
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Uso: %s [-f NOME_COMPLETO] [-r NUM_STANZA] [-w TEL_LAVORO]\n"
+#~ "          [-h TEL_CASA] [-o ALTRO] [UTENTE]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Uso: %s [-f NOME_COMPLETO] [-r NUM_STANZA] [-w TEL_LAVORO] [-h TEL_CASA]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Uso: %s [OPZIONI]\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ "  -c, --crypt-method            il metodo di cifratura (uno di %s)\n"
+#~ "  -e, --encrypted               le password fornite sono cifrate\n"
+#~ "  -h, --help                    mostra questo messaggio di aiuto ed esce\n"
+#~ "  -m, --md5                     cifra la password in chiaro usando\n"
+#~ "                                l'algoritmo MD5\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: chsh [OPZIONI] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    mostra questo messaggio di aiuto ed esce\n"
+#~ "  -s, --shell SHELL             nuova shell di login per l'utente\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Uso: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: impossibile aprire il file %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Uso: groupdel GRUPPO\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s e -r sono incompatibili\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Uso: groupdel GRUPPO\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Uso: groupdel GRUPPO\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: lastlog [OPZIONI]\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ "  -b, --before GIORNI           mostra solo i record di ultimo accesso "
+#~ "più\n"
+#~ "                                vecchi di un numero di GIORNI\n"
+#~ "  -h, --help                    mostra questo messaggio di aiuto ed esce\n"
+#~ "  -t, --time GIORNI             mostra solo i record di ultimo accesso "
+#~ "più\n"
+#~ "                                recenti di un numero di GIORNI\n"
+#~ "  -u, --user LOGIN              mostra il record di ultimo accesso per\n"
+#~ "                                l'utente specificato da LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: passwd [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     report password status on all accounts\n"
+#~| "  -d, --delete                  delete the password for the named "
+#~| "account\n"
+#~| "  -e, --expire                  force expire the password for the named "
+#~| "account\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -k, --keep-tokens             change password only if expired\n"
+#~| "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --lock                    lock the named account\n"
+#~| "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -r, --repository REPOSITORY   change password in REPOSITORY "
+#~| "repository\n"
+#~| "  -S, --status                  report password status on the named "
+#~| "account\n"
+#~| "  -u, --unlock                  unlock the named account\n"
+#~| "  -w, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "  -x, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: passwd [OPZIONI] [LOGIN]\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ "  -a, --all                     mostra lo stato delle password di tutti "
+#~ "gli\n"
+#~ "                                account\n"
+#~ "  -d, --delete                  elimina la password dell'account "
+#~ "specificato\n"
+#~ "  -e, --expire                  segna come scaduta la password "
+#~ "dell'account\n"
+#~ "                                specificato\n"
+#~ "  -h, --help                    mostra questo messaggio di aiuto ed esce\n"
+#~ "  -k, --keep-tokens             cambia la password solo se è scaduta\n"
+#~ "  -i, --inactive INATTIVITÀ     imposta il numero di giorni di "
+#~ "INATTIVITÀ\n"
+#~ "                                della password oltre la sua scadenza\n"
+#~ "  -l, --lock                    blocca l'account specificato\n"
+#~ "  -n, --mindays MINIMO          imposta a il numero MINIMO di giorni tra "
+#~ "i\n"
+#~ "                                cambi di password\n"
+#~ "  -q, --quiet                   opera in modalità silenziosa\n"
+#~ "  -r, --repository REPOSITORY   cambia la password nel REPOSITORY\n"
+#~ "                                specificato\n"
+#~ "  -S, --status                  mostra lo stato della password "
+#~ "dell'account\n"
+#~ "                                specificato\n"
+#~ "  -u, --unlock                  sblocca l'account specificato\n"
+#~ "  -w, --warndays PREAVVISO      imposta il numero di giorni di PREAVVISO\n"
+#~ "                                prima della scadenza della password\n"
+#~ "  -x, --maxdays MASSIMO         imposta il numero MASSIMO di giorni tra "
+#~ "i\n"
+#~ "                                cambi di password\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Uso: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Uso: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Id «%s» sconosciuto\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Nessuna shell\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: userdel [OPZIONI] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   rimuove comunuque i file, anche se non\n"
+#~ "                                appartengono all'utente\n"
+#~ "  -h, --help                    mostra questo messaggio di aiuto ed esce\n"
+#~ "  -r, --remove                  rimuove directory home e spool di posta\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: l'utente %s è attualmente collegato\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: usermod [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~| "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~| "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~| "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~| "  -a, --append                  append the user to the supplemental "
+#~| "GROUPS\n"
+#~| "                                mentioned by the -G option without "
+#~| "removing\n"
+#~| "                                him/her from other groups\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~| "  -L, --lock                    lock the user account\n"
+#~| "  -m, --move-home               move contents of the home directory to "
+#~| "the\n"
+#~| "                                new location (use only with -d)\n"
+#~| "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~| "  -p, --password PASSWORD       use encrypted password for the new "
+#~| "password\n"
+#~| "  -s, --shell SHELL             new login shell for the user account\n"
+#~| "  -u, --uid UID                 new UID for the user account\n"
+#~| "  -U, --unlock                  unlock the user account\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Uso: usermod [OPZIONI] LOGIN\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ "  -c, --comment COMMENTO        imposta il nuovo valore del campo GECOS\n"
+#~ "  -d, --home DIR_HOME           imposta la nuova directory home "
+#~ "dell'utente\n"
+#~ "  -e, --expiredate SCADENZA     imposta la data di SCADENZA dell'account\n"
+#~ "  -f, --inactive INATTIVITÀ     imposta il numero di giorni di "
+#~ "INATTIVITÀ\n"
+#~ "                                della password oltre la sua scadenza\n"
+#~ "  -g, --gid GRUPPO              impone l'uso di GRUPPO come nuovo gruppo\n"
+#~ "iniziale\n"
+#~ "  -G, --groups GRUPPI           nuovo elenco di GRUPPI aggiuntivi\n"
+#~ "  -a, --append                  aggiunge l'utente a ulteriori GRUPPI\n"
+#~ "                                specificati dall'opzione -G senza\n"
+#~ "                                rimuoverlo da altri gruppi\n"
+#~ "  -h, --help                    mostra questo messaggio di aiuto ed esce\n"
+#~ "  -l, --login NUOVO_LOGIN       imposta il nuovo nome di login "
+#~ "dell'utente\n"
+#~ "  -L, --lock                    blocca l'account dell'utente\n"
+#~ "  -m, --move-home               sposta il contenuto della directory home\n"
+#~ "                                nella nuova posizione (usare solo con -"
+#~ "d)\n"
+#~ "  -o, --non-unique              permette di usare un UID duplicato (non\n"
+#~ "                                univoco)\n"
+#~ "  -p, --password PASSWORD       imposta la nuova PASSWORD cifrata\n"
+#~ "  -s, --shell SHELL             la nuova shell di login dell'utente\n"
+#~ "  -u, --uid UID                 imposta il nuovo UID dell'utente\n"
+#~ "  -U, --unlock                  sblocca l'account dell'utente\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: non è stata fornita nessuna opzione\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: vipw [OPZIONI]\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ "  -g, --group                   modifica il database dei gruppi\n"
+#~ "  -h, --help                    mostra questo messaggio di aiuto ed esce\n"
+#~ "  -p, --passwd                  modifica il database delle password\n"
+#~ "  -q, --quiet                   opera in modalità silenziosa\n"
+#~ "  -s, --shadow                  modifica il database shadow o gshadow\n"
+#~ "\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: impossibile creare %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: chown di %s non riuscito\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     display faillog records for all users\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --lock-time SEC           after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| "  -m, --maximum MAX             set maximum failed login counters to "
+#~| "MAX\n"
+#~| "  -r, --reset                   reset the counters of login failures\n"
+#~| "  -t, --time DAYS               display faillog records more recent than "
+#~| "DAYS\n"
+#~| "  -u, --user LOGIN              display faillog record or maintains "
+#~| "failure\n"
+#~| "                                counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| "                                options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: faillog [OPZIONI]\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ "  -a, --all                     mostra i record degli accessi falliti "
+#~ "per\n"
+#~ "                                tutti gli utenti\n"
+#~ "  -h, --help                    mostra questo messaggio di aiuto ed esce\n"
+#~ "  -l, --lock-time SEC           blocca l'account per SEC secondi dopo un\n"
+#~ "                                tentativo di accesso fallito\n"
+#~ "  -m, --maximum MAX             imposta a MAX il numero massimo di\n"
+#~ "                                tentativi di accesso falliti\n"
+#~ "  -r, --reset                   azzera i conteggi degli accessi falliti\n"
+#~ "  -t, --time GIORNI             mostra i record degli accessi falliti "
+#~ "più\n"
+#~ "                                recenti di un numero di GIORNI\n"
+#~ "  -u, --user LOGIN              mostra il record degli accessi falliti "
+#~ "o,\n"
+#~ "                                se sono state usate con le opzioni -r, -"
+#~ "m\n"
+#~ "                                o -l, imposta conteggi e limiti solo per\n"
+#~ "                                l'utente specificato da LOGIN\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: groupadd [OPZIONI] GRUPPO\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ "  -f, --force                   termina con successo anche se il gruppo\n"
+#~ "                                specificato esiste già\n"
+#~ "  -g, --gid GID                 usa GID per il nuovo gruppo\n"
+#~ "  -h, --help                    mostra questo messaggio di aiuto ed esce\n"
+#~ "  -K, --key CHIAVE=VALORE       specifica un valore diverso da quello\n"
+#~ "                                predefinito in /etc/login.defs\n"
+#~ "  -o, --non-unique              permette di creare un gruppo con un GID\n"
+#~ "                                duplicato (non univoco)\n"
+#~ "  -p, --password PASSWORD       imposta la nuova PASSWORD cifrata\n"
+#~ "  -r, --system                  crea un account di sistema\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: groupmod [OPZIONI] GRUPPO\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ "  -g, --gid GID                 impone l'uso di GID per il GRUPPO\n"
+#~ "  -h, --help                    mostra questo messaggio di aiuto ed esce\n"
+#~ "  -n, --new-name NUOVO_GRUPPO   impone l'uso del nome NUOVO_GRUPPO per "
+#~ "il\n"
+#~ "                                GRUPPO\n"
+#~ "  -o, --non-unique              permette di che il GRUPPO usi un GID\n"
+#~ "                                duplicato (non univoco)\n"
+#~ "  -p, --password PASSWORD       imposta la nuova PASSWORD cifrata\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: useradd [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~| "                                home directory\n"
+#~| "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~| "account\n"
+#~| "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~| "  -D, --defaults                print or save modified default useradd\n"
+#~| "                                configuration\n"
+#~| "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -g, --gid GROUP               force use GROUP for the new user "
+#~| "account\n"
+#~| "  -G, --groups GROUPS           list of supplementary groups for the "
+#~| "new\n"
+#~| "                                user account\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~| "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~| "  -l,                           do not add the user to the lastlog and\n"
+#~| "                                faillog databases\n"
+#~| "  -m, --create-home             create home directory for the new user\n"
+#~| "                                account\n"
+#~| "  -N, --no-user-group           do not create a group with the same name "
+#~| "as\n"
+#~| "                                the user\n"
+#~| "  -o, --non-unique              allow create user with duplicate\n"
+#~| "                                (non-unique) UID\n"
+#~| "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~| "                                account\n"
+#~| "  -r, --system                  create a system account\n"
+#~| "  -s, --shell SHELL             the login shell for the new user "
+#~| "account\n"
+#~| "  -u, --uid UID                 force use the UID for the new user "
+#~| "account\n"
+#~| "  -U, --user-group              create a group with the same name as the "
+#~| "user\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Uso: useradd [OPZIONI] LOGIN\n"
+#~ "\n"
+#~ "Opzioni:\n"
+#~ "  -b, --base-dir DIR_BASE       specifica la directory di base in cui "
+#~ "creare\n"
+#~ "                                la directory home per il nuovo account\n"
+#~ "  -c, --comment COMMENTO        imposta il campo GECOS per il nuovo "
+#~ "account\n"
+#~ "  -d, --home-dir DIR_HOME       specifica la directory home per il nuovo\n"
+#~ "                                account\n"
+#~ "  -D, --defaults                mostra o imposta i valori predefiniti "
+#~ "della\n"
+#~ "                                configurazione di useradd\n"
+#~ "  -e, --expiredate SCADENZA     imposta la data di SCADENZA dell'account\n"
+#~ "  -f, --inactive INATTIVITÀ     imposta il numero di giorni di "
+#~ "INATTIVITÀ\n"
+#~ "                                della password oltre la sua scadenza\n"
+#~ "  -g, --gid GRUPPO              impone l'uso di GRUPPO per il nuovo "
+#~ "account\n"
+#~ "  -G, --groups GRUPPI           elenco di GRUPPI aggiuntivi per il nuovo\n"
+#~ "                                account\n"
+#~ "  -h, --help                    mostra questo messaggio di aiuto ed esce\n"
+#~ "  -k, --skel DIR_SKEL           specifica una directory skel alternativa\n"
+#~ "  -K, --key CHIAVE=VALORE       specifica un valore diverso da quello\n"
+#~ "                                predefinito in /etc/login.defs\n"
+#~ "  -l                            non aggiunge l'utente ai database lastlog "
+#~ "e\n"
+#~ "                                faillog\n"
+#~ "  -m, --create-home             crea la directory home per il nuovo "
+#~ "account\n"
+#~ "  -N, --no-user-group           non crea un gruppo con lo stesso nome\n"
+#~ "                                dell'utente\n"
+#~ "  -o, --non-unique              permette di creare un utente con un UID\n"
+#~ "                                duplicato (non univoco)\n"
+#~ "  -p, --password PASSWORD       usa la PASSWORD cifrata per il nuovo "
+#~ "account\n"
+#~ "  -r, --system                  crea un account di sistema\n"
+#~ "  -s, --shell SHELL             la shell di login per il nuovo account\n"
+#~ "  -u, --uid UID                 impone l'uso di UID per il nuovo account\n"
+#~ "  -U, --user-group              crea un gruppo con lo stesso nome\n"
+#~ "                                dell'utente\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -r, --system                  create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Uso: %s [OPZIONI] [INPUT]\n"
+#~ "\n"
+#~ "  -c, --crypt-method            il metodo di cifratura (uno di %s)\n"
+#~ "  -r, --system                  crea gli account di sistema\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Password segnata come scaduta."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: impossibile fare il lock del file delle password\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: impossibile aprire il file delle password\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: impossibile fare il lock del file delle shadow password\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: impossibile aprire il file delle shadow password\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: impossibile riscrivere il file delle shadow password\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: impossibile riscrivere il file delle password\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: impossibile aggiornare il file delle shadow password\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tNome completo: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tStanza n°: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tNumero telefonico di lavoro: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tNumero telefonico di casa: %s\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Impossibile aprire il file delle password.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Errore nell'aggiornare la voce nel file delle password.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Impossibile effettuare le modifiche al file delle password.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Impossibile togliere il lock dal file delle password.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: impossibile fare il lock del file dei gruppi\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: impossibile aprire il file dei gruppi\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: impossibile fare il lock del file gshadow\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: impossibile aprire il file shadow\n"
+
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: errore nell'aggiornare il file gshadow\n"
+
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: errore nell'aggiornare il file dei gruppi\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: riga %d: gruppo «%s» sconosciuto\n"
+
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: riga %d: impossibile aggiornare la voce nel file dei gruppi\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: impossibile fare il lock del file shadow\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: errore nell'aggiornare il file shadow\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: errore nell'aggiornare il file delle password\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: riga %d: utente «%s» sconosciuto\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr ""
+#~ "%s: riga %d: impossibile aggiornare la voce nel file delle password\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: utente sconosciuto\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Utente «%s» sconosciuto\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Uso: %s [-r|-R] GRUPPO\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "     %s [-a UTENTE] GRUPPO\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "     %s [-d UTENTE] GRUPPO\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "     %s [-A UTENTE,...] [-M UTENTE,...] GRUPPO\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "     %s [-M UTENTE,...] GRUPPO\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: impossibile fare il lock\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: impossibile fare il lock del file shadow\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: impossibile aprire il file\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: impossibile riscrivere il file shadow\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: impossibile togliere il lock dal file\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: impossibile aggiornare la voce\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: impossibile aggiornare la voce nel file shadow\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "gruppo «%s» sconosciuto\n"
+
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: impossibile chiudere il file\n"
+
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: impossibile chiudere il file shadow\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Chi sei?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: membro «%s» sconosciuto\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: errore nell'aggiungere la nuova voce al file dei gruppi\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: impossibile riscrivere il file dei gruppi\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: impossibile riscrivere il file dei gruppi shadow\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: impossibile fare il lock del file dei gruppi\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: impossibile aprire il file dei gruppi\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: impossibile fare il lock del file dei gruppi shadow\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: impossibile aprire il file dei gruppi shadow\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u non univoco\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: errore nel rimuovere la voce dal file dei gruppi\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: errore nel rimuovere la voce dal file dei gruppi shadow\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: impossibile rimuovere il gruppo principale dell'utente.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Impossibile trovare il membro da rimuovere\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Uso: groupmems -a NOME_UTENTE | -d NOME_UTENTE | -D | -l [ -g "
+#~ "NOME_GRUPPO]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Solo root può aggiungere membri a gruppi diversi\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "È necessario l'accesso al gruppo\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Non si è il proprietario principale del gruppo\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "Autenticazione PAM non riuscita per\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Impossibile fare il lock del file dei gruppi\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Impossibile chiudere il file dei gruppi\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: «%s» non trovato in /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u non è un GID univoco\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s non è un nome univoco\n"
+
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: impossibile riscrivere il file delle password\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: impossibile fare il lock del file delle password\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: impossibile aprire il file delle password\n"
+
+#~ msgid ""
+#~ "%s: cannot change the primary group of user '%s' from %u to %u, since it "
+#~ "is not in the passwd file.\n"
+#~ msgstr ""
+#~ "%s: impossibile modificare il gruppo principale dell'utente «%s» da %u a "
+#~ "%u, in quanto non è presente nel file delle password.\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: impossibile aggiornare la voce relativa a %s nel file shadow\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: impossibile aggiornare la voce del gruppo %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: impossibile fare il lock del file dei gruppi shadow\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: impossibile aprire il file dei gruppi shadow\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: impossibile rimuovere il gruppo shadow %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: impossibile aggiornare il file dei gruppi shadow\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: impossibile eliminare il file dei gruppi shadow\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "UID %u sconosciuto\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "GID %lu sconosciuto\n"
+
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: ID gruppo «%s» non valido\n"
+
+#~ msgid ""
+#~ "%s: group %s created, failure during the creation of the corresponding "
+#~ "gshadow group\n"
+#~ msgstr ""
+#~ "%s: creato il gruppo «%s»; errore nel creare il corrispondente gruppo "
+#~ "gshadow\n"
+
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: ID utente «%s» non valido\n"
+
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: nome utente «%s» non valido\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: impossibile fare il lock di /etc/passwd.\n"
+
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: impossibile fare il lock di /etc/shadow.\n"
+
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: impossibile fare il lock di /etc/group.\n"
+
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: impossibile fare il lock di /etc/gshadow.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: impossibile aprire i file\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: errore nell'aggiornare i file\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: impossibile aggiornare la voce relativa a %s nel file passwd\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: impossibile fare il lock del file passwd\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: impossibile aprire il file passwd\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: impossibile rimuovere la voce relativa a %s dal file shadow\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: impossibile aggiornare il file passwd\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: impossibile aggiornare la voce relativa all'utente %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: impossibile eliminare il file delle shadow password\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: GID «%s» sconosciuto\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: gruppo «%s» sconosciuto\n"
+
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr ""
+#~ "%s: memoria esaurita. Impossibile aggiornare il database dei grupppi "
+#~ "shadow.\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: impossibile riscrivere il file delle password\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: impossibile riscrivere il file delle shadow password\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: impossibile fare il lock del file delle shadow password\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: impossibile aprire il file delle shadow password\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: errore nel fare il lock del file dei gruppi\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: errore nell'aprire il file dei gruppi\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: errore nel fare il lock del file dei gruppi shadow\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: errore nell'aprire il file dei gruppi shadow\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: errore nell'aggiungere la nuova voce al file delle password\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr ""
+#~ "%s: errore nell'aggiungere la nuova voce al file delle shadow password\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: attenzione: CREATE_HOME non è supportata; usare -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: errore nell'aggiornare la voce nel file dei gruppi\n"
+
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: errore nell'aggiornare la voce nel file dei gruppi shadow\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: impossibile aprire il file dei gruppi\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: impossibile aprire il file dei gruppi shadow\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: errore nel rimuovere la voce dal file delle password\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: errore nel rimuovere la voce dal file delle shadow password\n"
+
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr ""
+#~ "%s: errore nell'aggiungere la nuova voce al file dei gruppi shadow\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid «%lu» non univoco\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: errore nel cambio della voce nel file delle password\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: errore nel rimuovere la voce dal file delle password\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: errore nel rimuovere la voce dal file delle shadow password\n"
diff --git a/po/ja.po b/po/ja.po
new file mode 100644
index 0000000..3125e5f
--- /dev/null
+++ b/po/ja.po
@@ -0,0 +1,2890 @@
+# Shadow utils japanese message catalog
+# Copyright (C) YEAR Free Software Foundation, Inc.
+# Yasuyuki Furukawa <furukawa@vinelinux.org>, 2000.
+# revised by NAKANO Takeo <nakano@webmasters.gr.jp> since 2004-09-05
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.1.5\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2012-05-21 02:52+0900\n"
+"Last-Translator: NAKANO Takeo <nakano@webmasters.gr.jp>\n"
+"Language-Team: Japanese <debian-japanese@lists.debian.org>\n"
+"Language: ja\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"'%s' ���エントリ� %s �複数�り��。pwck � grpck �修正������。\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "暗�化手法� libcrypt �よ��サ�ート�れ����？ (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "設定エラー - %s �値 '%s' を正��解釈����ん"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "設定情報用�空�容��確�����ん���。\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "設定エラー: �明�項目 '%s' (管�者�連絡������)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd �正常�終了���ん��� (シグナル %d)\n"
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd �ステータス %d �終了����\n"
+
+msgid "Password: "
+msgstr "パスワード: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s �パスワード: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "SELinux �管��ンドルを作�����ん\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "SELinux �リシー�管��れ����ん\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "SELinux ��リシー�存領域を読���ん\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "SELinux �管�接続�確立����ん\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "SELinux �トランザクションを開始����ん\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "%s � seuser �����������ん\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "%s � serange を設定����ん\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "%s � sename を設定����ん\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "%s �ログインマッピングを修正����ん\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "%s � SELinux ログインマッピングを生�����ん\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "%s ���を設定����ん\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "%s � SELinux ユーザを設定����ん\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "%s �ログインマッピングを追加����ん\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "SELinux �管�を�期化����ん\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "SELinux �ユーザキーを生�����ん\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "�� SELinux ユーザを検証����ん\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "SELinux �ユーザマッピングを修正����ん\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "SELinux �ユーザマッピングを追加����ん\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "SELinux �トランザクションをコミット����ん\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"%s �ログインマッピング�定義�れ����ん。デフォルト�マッピングを\n"
+"用���ら� OK ��。\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr "%s �ログインマッピング��リシー�定義�れ��り�削除����ん\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "%s �ログインマピングを削除����ん"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: メモリ�足り��ん\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: %s �状態を�得����ん: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s �ディレクトリ�もシンボリックリンク�も�り��ん\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: シンボリックリンク %s を読���ん: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: シンボリックリンク�長��るよ���: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: ディレクトリ %s を作�����ん: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: %s �所有者を変更����ん: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: : %s �モードを変更����ん: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: アンリンク: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: ディレクトリ %s を削除����ん: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: %s ���を %s �変更����ん: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: %s を削除����ん: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: シンボリックリンク %s を作�����ん: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: %s �所有者を変更����ん: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: %s を lstat ����ん: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: 警告: ユーザ %s �� tcb shadow ファイル��り��ん\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: 緊急事態: %s � tcb shadow � st_nlink=1 �通常ファイル���り��ん。\n"
+"アカウント�ロック�れ�����り��。\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: %s を開���ん: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "警告: �明�グループ %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "警告: グループ�多����\n"
+
+msgid "Your password has expired."
+msgstr "����パスワード�期��切れ����。"
+
+msgid "Your password is inactive."
+msgstr "����パスワード��在使���ん。"
+
+msgid "Your login has expired."
+msgstr "����アカウント�期��切れ���。"
+
+msgid "  Contact the system administrator."
+msgstr "  システム管�者�連絡������。"
+
+msgid "  Choose a new password."
+msgstr "  新��パスワードを�択������。"
+
+msgid "You must change your password."
+msgstr "パスワードを変更������。"
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "����パスワード��� %ld 日�期��切れ��。\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "����パスワード�明日�期��切れ��。"
+
+msgid "Your password will expire today."
+msgstr "����パスワード�本日�期��切れ��。"
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "audit インターフェースを開���ん - 終了���。\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "tty stdin �所有者�モードを変更����ん: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: %s �アンロック����ん���\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "環境変数領域�オー�ーフロー\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "$%s を変更����ん\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"最後�ログイン�ら %d 回失敗。\n"
+"最後�ログイン� %s (マシン %s)。\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: 設定��正: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr "%s: 設定��正: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: メモリ割当�失敗����: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: 他���ら��システム GID を�得����ん (利用��る GID ��り��"
+"ã‚“)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr ""
+"%s: 他���ら��グループ ID を�得����ん (利用��る GID ��り��"
+"ã‚“)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: 設定��正: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr "%s: 設定��正: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: 他���ら��システム UID を�得����ん (利用��る UID ��り��"
+"ã‚“)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr ""
+"%s: 他���ら��ユーザ ID を�得����ん (利用��る UID ��り��ん)\n"
+
+msgid "Too many logins.\n"
+msgstr "ログイン試行数�制�を越����。\n"
+
+msgid "You have new mail."
+msgstr "新��メール��り��。"
+
+msgid "No mail."
+msgstr "メール��り��ん。"
+
+msgid "You have mail."
+msgstr "メール��り��。"
+
+msgid "no change"
+msgstr "変更�れ����ん"
+
+msgid "a palindrome"
+msgstr "回文��"
+
+msgid "case changes only"
+msgstr "大文字�文字��変更�れ����ん"
+
+msgid "too similar"
+msgstr "似������"
+
+msgid "too simple"
+msgstr "�純����"
+
+msgid "rotated"
+msgstr "循環�������"
+
+msgid "too short"
+msgstr "短�����"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "良���パスワード��: %s "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() �エラー %d �失敗����\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "パスワード: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: パスワード�変更�れ��ん���\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: パスワード�正��更新�れ���\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "%s �パスワード�正���り��ん。\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: --root オプション�複数�り��\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: オプション '%s' ��引�数を指定������\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: 特権を�����ん��� (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: chroot �パス'%s' ��正��\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: chroot ディレクトリ%s �アクセス����ん: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot access chroot directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: chroot ディレクトリ%s �アクセス����ん: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: ディレクトリ %s � chroot ����ん���: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"ENCRYPT_METHOD �値�正���り��ん: '%s'\n"
+"デフォルト� DES を用���。\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "'%s' �ディレクトリを変更����ん\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "ディレクトリ��り��ん。HOME=/ ���ログイン���"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s を実行����ん"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "ルートディレクトリ '%s' ��正��\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "ルートディレクトリを '%s' �変更����ん\n"
+
+msgid "Unable to determine your tty name."
+msgstr "����端末 (tty) �を決定����ん。"
+
+msgid "No"
+msgstr "No"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使�方: %s [オプション] LOGIN\n"
+"\n"
+"オプション:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+"  -d, --lastday LAST_DAY        パスワード�最終変更日を LAST_DAY ��る\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -E, --expiredate EXPIRE_DATE  アカウント期�切れ�日を EXPIRE_DATE ��る\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr "  -h, --help                    ��ヘルプを表示��終了�る\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive INACTIVE       パスワードを期�切れ後�無効化�る日数を\n"
+"                                INACTIVE��る\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr "  -l, --list                    アカウント�経時情報を表示�る\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays MIN_DAYS        パスワード�変更��る���最短日数を\n"
+"                                MIN_DAYS �変更�る\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays MAX_DAYS        パスワード�変更��る期間�最長日数を\n"
+"                                MAX_DAYS �変更�る\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -R, --root CHROOT_DIR         chroot �るディレクトリ\n"
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -W, --warndays WARN_DAYS      期�切れ警告�日数を WARN_DAYS ��る\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+"新��値を入力������。標準設定値を使��らリターンを押������"
+
+msgid "Minimum Password Age"
+msgstr "パスワード変更�能���最短日数"
+
+msgid "Maximum Password Age"
+msgstr "パスワード変更�能期間�最長日数"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "最後�パスワード変更��日付 (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "パスワード期�切れ警告日数"
+
+msgid "Password Inactive"
+msgstr "パスワード無効日数"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "アカウント期�切れ日付 (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "最終パスワード変更日\t\t\t\t:"
+
+msgid "never"
+msgstr "��"
+
+msgid "password must be changed"
+msgstr "パスワード�変更���れ��り��ん"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "パスワード期�:\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "パスワード無効化中\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "アカウント期�切れ\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "パスワード�変更��る���最短日数\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "パスワードを変更����よ�最長日数\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "パスワード期��切れる��警告�れる日数\t\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: 日付 '%s' ��正��\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: 数値引数 '%s' �正���り��ん\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: \"l\" オプション�他�フラグ��時��指定����ん\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: 権���り��ん。\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: ����ユーザ�を判定����ん。\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: %s をロック����ん。後�も�一度試������。\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: %s を開���ん\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: 変更を %s �書�込���ん���\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: %s �新��エントリ '%s' を準備����ん���。\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: シャドウパスワードファイル��り��ん\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: ユーザ %s � %s �存在���ん\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "%s �期�情報を変更中\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: フィールド変更�際�エラー�起����\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使�方: %s [オプション] [LOGIN]\n"
+"\n"
+"オプション:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr "  -f, --full-name FULL_NAME     ユーザ�フル�ームを変更�る\n"
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr "  -h, --home-phone HOME_PHONE   ユーザ�電話番�を変更�る\n"
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr "  -o, --other OTHER_INFO        ユーザ�他� GECOS 情報を変更�る\n"
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr "  -r, --room ROOM_NUMBER        ユーザ�部屋番�を変更�る\n"
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr "  -u, --help                    ��ヘルプを表示��終了�る\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr "  -w, --work-phone WORK_PHONE   ユーザ��場�電話番�を変更�る\n"
+
+msgid "Full Name"
+msgstr "フル�ーム"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "部屋番�"
+
+msgid "Work Phone"
+msgstr "�場電話番�"
+
+msgid "Home Phone"
+msgstr "自宅電話番�"
+
+msgid "Other"
+msgstr "��他"
+
+msgid "Cannot change ID to root.\n"
+msgstr "ID を root �変更����ん。\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: � ASCII 文字���: '%s'\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: ユーザ���正��: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: � ASCII 文字�部屋番�: '%s'\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: 部屋番���正��: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: �場電話番���正��: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: 自宅電話番���正��: '%s'\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' ��� ASCII 文字���れ����\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' ��利用����文字���れ����\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: ユーザ '%s' �存在���ん\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: NIS クライアント��ユーザ '%s' を変更����ん。\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' ���クライアント� NIS マスター��。\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "%s �ユーザ情報を変更中\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: 入力内容�長����\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使�方: %s [オプション]\n"
+"\n"
+"オプション:\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method METHOD     暗�化�方法 (%s ��れ����)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr "  -e, --encrypted               与��パスワードを暗�化�る\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     平文テキスト�パスワードを\n"
+"                                MD5 アルゴリズム�暗�化�る\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* 暗�化アルゴリズム� SHA ラウンド回数\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: %s フラグ� %s フラグ�共�指定�る必���り��\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: -c, -e, -m フラグ��時�指定����ん\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: サ�ート�れ����暗�化手法��: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: %d 行: 行�長����\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: %d 行: 新�パスワード��り��ん\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: %s �書�込���ん���: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: %d 行: グループ '%s' �存在���ん\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: %d 行: %s �新��エントリ '%s' を用�����ん\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: エラー�検出�れ���。変更�行���ん\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (%d 行目, ユーザ %s) パスワード�変更�れ��ん���\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: %d 行目: ユーザ '%s' �存在���ん\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr "  -s, --shell SHELL             ユーザ�シェルを新�� SHELL ��る\n"
+
+msgid "Login Shell"
+msgstr "ログインシェル"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "���� '%s' �シェルを変更����ん。\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "%s �ログインシェルを変更中\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: �正�エントリ: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s �シェル�指定����ん\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: 警告: %s �存在���ん\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: 警告: %s �実行�能���り��ん\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+"  -c, --check                   ユーザ�パスワード�期�切れを�ェック�る\n"
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+"  -f, --force                   ユーザ�パスワード�期�切れ���ら\n"
+"                                パスワード変更を強制�る\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: オプション %s � %s ��時�指定����ん\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: ��引�数��正��: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr "  -a, --all                     全ユーザ� faillog 記録を表示�る\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-secs SEC           ログイン�失敗��らアカウントを\n"
+"                                SEC 秒ロック�る\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum MAX             ログイン失敗カウンタ�最大値を MAX ��る\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr "  -r, --reset                   ログイン失敗�カウンタをリセット�る\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time DAYS               �� DAYS 日分� faillog 記録を表示�る\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user LOGIN/RANGE        指定�� LOGIN (RANGE) ������\n"
+"                                faillog 記録を表示�る。�る�� -r,\n"
+"                                -m, -l ��を指定��場���指定 LOGIN\n"
+"                                ������失敗カウンタや制�値を変更�る\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: UID %lu �エントリを�得����ん���\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "ログイン�  失敗     最大    最新                     場所\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr "[残り %lu 秒]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr "[ロック %ld 秒]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: UID %lu �失敗回数をリセット����ん���\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: UID %lu �最大回数を設定����ん���\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: UID %lu �ロック時間を設定����ん���\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: �明�ユーザ���範囲��: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: %s �サイズを�得����ん���: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: %s �書�込���ん���: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使�方: %s [オプション] GROUP\n"
+"\n"
+"オプション:\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add USER                USER を GROUP �追加�る\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete USER             USER を GROUP �ら削除�る\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -Q, --root CHROOT_DIR         chroot �るディレクトリ\n"
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr "  -r, --remove-password         GROUP �パスワードを削除�る\n"
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+"  -R, --restrict                GROUP ��アクセスをメン�ー���制��る\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr "  -M, --members USER,...        GROUP �メン�ー�リストを設定�る\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators ADMIN,...\n"
+"                                GROUP �管�者�リストを設定�る\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+"-A �よ� -M オプションを除���れら�オプション��時�指定����ん\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "�れら�オプション��時�指定����ん。\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: -A ��シャドウグループパスワード�必���\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: グループ '%s' � %s �存在���ん\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: リードオンリー� %s �クローズ中�失敗\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "グループ %s �パスワードを変更中\n"
+
+msgid "New Password: "
+msgstr "新�パスワード: "
+
+msgid "Re-enter new password: "
+msgstr "新�パスワード�入力: "
+
+msgid "They don't match; try again"
+msgstr "一致���ん; も�一度�願����"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: 後�も�一度�願����\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "ユーザ %s をグループ %s �追加\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "ユーザ %s をグループ %s �ら削除\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: ユーザ '%s' � '%s' �メン�ー���り��ん\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: 端末���り��ん\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使�方: %s [オプション] GROUP\n"
+"\n"
+"オプション:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force                   グループ����存在����ら正常終了��"
+"�。\n"
+"                                �� GID �既�用�られ���ら -g をキャンセ"
+"ル\n"
+"                                ���\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr "  -g, --gid GID                 ��新�グループ� GID を用���\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+"  -K, --key KEY=VALUE           /etc/login.defs �デフォルトより優先�れる\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              �� GID を��複数�グループ�作�を\n"
+"                                許����\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+"  -p, --password PASSWORD       新�グループ���暗�化済パスワードを用�"
+"ã‚‹\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  システムアカウントを作����\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: '%s' �グループ����正���り��ん\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: '%s' �グループ ID ���正���り��ん\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K �� KEY=VALUE �必���\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: グループ '%s' �既�存在���\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID '%lu' �既�存在���\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: クリーンアップサービスを設定����ん。\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -r, --reset                   reset the counters of login failures\n"
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr "  -r, --reset                   ログイン失敗�カウンタをリセット�る\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: '%s' �エントリを %s �ら削除����ん\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: ユーザ '%s' �プライマリグループ�削除����ん。\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: グループ '%s' �存在���ん\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: グループ '%s' � NIS グループ��\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s � NIS マスター��\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: ユーザ '%s' ���� '%s' �メン�ー��\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: メモリ�足��。%s を更新����ん。\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使�方: %s [オプション] [アクション]\n"
+"\n"
+"オプション:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group groupname         ユーザ�所属�����グループを変更���\n"
+"                                (root ��)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "アクション:\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+"  -a, --add username            username をグループ�メン�ー�追加���\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+"  -d, --delete username         グループ�メン�ー�ら username を削除�る\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+"  -p, --purge                   グループ�ら����メン�ーを削除���\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    グループ�メン�ーを表示���。\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: ����グループ������ユーザ��マッ����ん\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: -g/--group オプション� root ���指定����\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr "  -g, --gid GID                 グループ� ID を GID �変更���\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr "  -n, --new-name NEW_GROUP      ��を NEW_GROUP �変更�る\n"
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr "  -o, --non-unique              他���る GID を許��る\n"
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+"  -p, --password PASSWORD       パスワードを�� (暗�化�れ�) PASSWORD\n"
+"                                �変更�る\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s '%s' �グループ����正���り��ん\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: グループ %s � NIS �グループ��\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: ユーザ %s ��明��\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使�方: %s [オプション] [group [gshadow]]\n"
+"\n"
+"オプション:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使�方: %s [オプション] [group]\n"
+"\n"
+"オプション:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+"  -r, --read-only               エラーや警告を表示�る��\n"
+"                                ファイルを変更���\n"
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr "  -s, --sort                    エントリを UID �ソート�る\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s � -r ��時�指定����ん\n"
+
+msgid "invalid group file entry"
+msgstr "�正�グループファイルエントリ��"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "行 '%s' を削除����? "
+
+msgid "duplicate group entry"
+msgstr "グループエントリ��複�����"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "'%s' �グループ����正���り��ん\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "'%lu' �グループ ID ���正���り��ん\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "グループ %s: ユーザ %s ����ん\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "メン�ー '%s' を削除����? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "%s ��一致�るグループファイルエントリ��り��ん\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "グループ '%s' を %s �追加����?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"グループ %s �エントリ� %s ��り����%s �パスワードフィールド� 'x' �"
+"������ん\n"
+
+msgid "invalid shadow group file entry"
+msgstr "シャドウグループファイル�エントリ�正���り��ん"
+
+msgid "duplicate shadow group entry"
+msgstr "シャドウグループエントリ��複�����"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "シャドウグループ %s: 管�ユーザ %s �存在���ん\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "管�ユーザ '%s' を削除����?"
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "シャドウグループ %s: ユーザ %s �存在���ん\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: ファイル�更新�れ���\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: 変更��り��ん\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: %s を削除����ん\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "使�方: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "使�方: id\n"
+
+msgid " groups="
+msgstr " グループ="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+"  -b, --before DAYS             DAYS 日より以�� lastlog 記録��を表示�"
+"ã‚‹\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr "  -a, --all                     全ユーザ� faillog 記録を表示�る\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr "  -a, --all                     全ユーザ� faillog 記録を表示�る\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time DAYS               DAYS 日�以�� lastlog 記録��を表示�る\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+"  -u, --user LOGIN              指定ユーザ LOGIN � lastlog 記録を表示�る\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "ユーザ�         �ート   場所             最近�ログイン"
+
+msgid "Username                Port     Latest"
+msgstr "ユーザ�                �ート   最近�ログイン"
+
+msgid "**Never logged in**"
+msgstr "**一度もログイン�����ん**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: UID %lu �エントリを�得����ん���\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: UID %lu � lastlog エントリをリセット����ん���: %s\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "使�方: %s [-p] [ユーザ�]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h ホスト] [-f ユーザ�]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r ホスト\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "設定エラー - %s �値 '%d' をパース����ん"
+
+msgid "Invalid login time"
+msgstr "ログイン時間��正��"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"システム�定期メンテナンス���利用����ん"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[切断を迂回 -- root ログイン��能��。]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: ��ら�実効 root ����動作����ん\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"utmp �エントリ��り��ん。\"login\" を \"sh\" �最低レベル�ら行�必���"
+"り��"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"�� %u 秒�ログイン�タイムアウト���。\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM �失敗�����終了���: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "最大試行回数 (%u) を越����\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: PAM �ら中断�請��り���\n"
+
+msgid "Login incorrect"
+msgstr "ログイン�����"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "ユーザ�見��り��ん (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: fork �失敗����: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY � %s �失敗����"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+"警告: 一時的�ロックアウト���。��ら�経���らやり直������。"
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "最近�ログイン: %s on %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "最近�ログイン: %.19s on %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " from %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"ログイン時間切れ\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "使�方: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "使�方: newgrp [-] [グループ]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "使�方: sg グループ [[-c] コマンド]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: %s �書�込���ん���: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "��パスワード�使���ん。\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: fork �失敗����: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID '%lu' �存在���ん\n"
+
+msgid "too many groups\n"
+msgstr "グループ�多����\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  システムアカウントを作��る\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+"%s: グループ '%s' �シャドウグループ����/etc/group �存在���ん\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: '%s' �ユ−ザ ID �使���ん\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: '%s' �ユーザ��使���ん\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: %d 行: �正�行��\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: ユーザ %s �エントリを更新����ん (passwd データベース�存在���"
+"ã‚“)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: %d 行: ユーザを作�����ん\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: %d 行: グループを作�����ん\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: %d 行: ユーザ '%s' � %s �存在���ん\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: %d 行: パスワードを更新����ん\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: %d 行: mkdir %s �失敗����: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: %d 行: chown %s �失敗����: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: %d 行: エントリを更新����ん\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: %s �新��エントリ '%s' を準備����ん���。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: ユーザを作�����ん\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: グループを作�����ん\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+"  -a, --all                     全アカウント�パスワード状態をレ�ート�る\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr "  -d, --delete                  指定アカウント�パスワードを削除�る\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  指定アカウント�パスワードを期�切れ��る\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+"  -k, --keep-tokens             期�切れ�場����パスワードを変更�る\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive INACTIVE       期�切れ後�パスワード無効化日数を\n"
+"                                INACTIVE ��る\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr "  -l, --lock                    指定アカウントをロック�る\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays MIN_DAYS        パスワード�変更��る���最短日数を\n"
+"                                MIN_DAYS �変更�る\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   表示抑制モード\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+"  -r, --repository REPOSITORY   リ�ジトリ REPOSITORY �パスワードを変更�"
+"ã‚‹\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+"  -S, --status                  指定アカウント�パスワード�状態を報告�る\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr "  -u, --unlock                  指定アカウント�ロックを解除�る\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -w, --warndays WARN_DAYS      期�切れ警告�日数を WARN_DAYS ��る\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays MAX_DAYS        パスワード�変更��る期間�最長日数を\n"
+"                                MAX_DAYS �変更�る\n"
+
+msgid "Old password: "
+msgstr "��パスワード: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"新��パスワードを入れ����� (最短 %d 文字)\n"
+"大文字・�文字・数字を混��使�よ��������。\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"新��パスワードを入れ����� (最低 %d 文字�最高 %d 文字)\n"
+"大文字・�文字・数字を混��使�よ��������。\n"
+
+msgid "New password: "
+msgstr "新��パスワード: "
+
+msgid "Try again."
+msgstr "も�一度�願����。"
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"警告: 弱�パスワード�� (����も�れを使���れ�も�一度入力)。"
+
+msgid "They don't match; try again.\n"
+msgstr "一致���ん。も�一度�願����。\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "%s �パスワード�変更����ん。\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "%s �パスワード���変更����ん。\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: パスワードをアンロック�る�パスワード���アカウント�����。\n"
+"��アカウント�パスワードをアンロック�る�� usermod -p �パスワードを\n"
+"設定�����。\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: レ�ジトリ %s �サ�ート�����ん\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s � %s �パスワードを変更�る権���り��ん\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: ���� %s �パスワード情報を閲覧���変更����ん。\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "%s �パスワードを変更�����\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s �パスワード�変更�れ��ん。\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: パスワード�変更�れ���。\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: パスワード期�切れ情報を変更����\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使�方: %s [オプション] [passwd]\n"
+"\n"
+"オプション:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使�方: %s [オプション] [passwd [shadow]]\n"
+"\n"
+"オプション:\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr "  -q, --quiet                   エラー��報告�る\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr "%s: USE_TCB �有効��他�l shadow ファイルを使��������ん\n"
+
+msgid "invalid password file entry"
+msgstr "パスワードファイル�エントリ��正��"
+
+msgid "duplicate password entry"
+msgstr "パスワードエントリ��複�����"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "ユーザ� '%s' ��正��\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "'%lu' �ユーザ ID �使���ん\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "ユーザ '%s': グループ %lu ��り��ん\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "ユーザ %s: ディレクトリ '%s' �存在���ん\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "ユーザ '%s': プログラム '%s' �存在���ん\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "%s � tcb ディレクトリ��り��ん\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "%s � tcb ディレクトリを作�����?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s � tcb ディレクトリを作�����ん���\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: %s をロック����ん\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "一致�るパスワードファイルエントリ� %s ��り��ん\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "ユーザ '%s' を '%s' �追加����?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"ユーザ %s �エントリ� %s ��り����%s �パスワードフィールド� 'x' �"
+"������ん\n"
+
+msgid "invalid shadow password file entry"
+msgstr "�正�シャドウパスワード�エントリ��"
+
+msgid "duplicate shadow password entry"
+msgstr "シャドウパスワードエントリ��複�����"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "ユーザ %s: 最後�パスワード変更�未��������\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: %s �エントリをソート����ん\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: tcb �有効�����る�利用����ん\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: %s �モードを 0600 �変更����ん���\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "��アカウント�� su アクセス��止�れ����。\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "パスワード�証を迂回���。\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "「���自身�パスワード�を入力���証������。\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: ユーザシェルを起動����ん。\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: シグナル�異常��\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: シグナル�マスキング�異常��\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "セッション�終了����。シェルを終了�����..."
+
+msgid " ...killed.\n"
+msgstr " ...kill �れ���。\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...�プロセス�終了を待���。\n"
+
+msgid " ...terminated.\n"
+msgstr " ...終了����。\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"使�方: su [オプション] [ユーザ�]\n"
+"\n"
+"オプション:\n"
+"  -c, --command COMMAND   起動��シェル�コマンド COMMAND を渡�\n"
+"  -h, --help              ��ヘルプを表示��終了�る\n"
+"  -, -l, --login          ��シェルをログインシェル��る\n"
+"  -m, -p,\n"
+"  --preserve-environment  環境変数をリセット���シェルも��も�を使�\n"
+"  -s, --shell SHELL       passwd ��るデフォルト値���シェル SHELL を使"
+"�\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(無視)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "����� su %s �る権���り��ん\n"
+
+msgid "(Enter your own password)"
+msgstr "(����パスワードを入力������)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: �証�失敗����\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: �����時点�� su �る権���り��ん\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "ユーザ '%s' �パスワードエントリ��り��ん\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: 端末�ら実行������\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: エラー %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: 制御端末を�����ん���\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "%s を実行����ん\n"
+
+msgid "No password file"
+msgstr "パスワードファイル��り��ん"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY �失敗����"
+
+msgid "No password entry for 'root'"
+msgstr "'root' �パスワードエントリ��り��ん"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"通常�起動を継続�る�� Ctrl-D を押������。\n"
+"(システムメンテナンスを�る�� root �パスワードを入力):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "システムメンテナンスモード�入り��"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s を作�������削除����ん\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%1$s: %3$s 中�設定 %2$s �無視�れ��\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: 新��デフォルトファイルを作れ��ん\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: 新��デフォルトファイルを開���ん\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: %s �行�長����: %s..."
+
+#, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: �ックアップファイル (%s) を作�����ん: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: ファイル�変更: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: グループ '%s' � NIS グループ��。\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: 指定��グループ数�多���� (最大 %d 個)。\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"使�方: %s [オプション] LOGIN\n"
+"        %s -D\n"
+"        %s -D [オプション]\n"
+"\n"
+"オプション:\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -b, --base-dir BASE_DIR       新アカウント�ホームディクトリ�\n"
+"                                ベースディレクトリ\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr "  -c, --comment COMMENT         新アカウント� GECOS フィールド\n"
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr "  -d, --home-dir HOME_DIR       新アカウント�ホームディレクトリ\n"
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+"  -D, --defaults                useradd �デフォルト設定を表示���変更\n"
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr "  -e, --expiredate EXPIRE_DATE  新アカウント�期�切れ日付\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr "  -f, --inactive INACTIVE       新アカウント�パスワード無効化日数\n"
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+"  -g, --gid GROUP               新アカウント�主グループ������ ID\n"
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr "  -G, --groups GROUPS           新アカウント�補助グループ�リスト\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr "  -k, --skel SKEL_DIR           雛型ディレクトリ�指定�も�を使�\n"
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -l, --no-log-init             ユーザを lastlog, faillog �データベース�\n"
+"                                追加���\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr "  -m, --create-home             ユーザ�ホームディレクトリを作��る\n"
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+"  -M, --no-create-home          ユーザ�ホームディレクトリを作����\n"
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr "  -N, --no-user-group           ユーザ����グループを作����\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr "  -o, --non-unique              UID ���ユーザ�作�を許�\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr "  -p, --password PASSWORD       新アカウント�暗�化�れ�パスワード\n"
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr "  -s, --shell SHELL             新アカウント�ログインシェル\n"
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr "  -u, --uid UID                 新アカウント�ユーザ ID\n"
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr "  -U, --user-group              ユーザ������グループを作��る\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+"  -Z, --selinux-user SEUSER     SELinux �ユーザマッピング�指定��\n"
+"                                SEUSER を使�\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: ベースディレクトリ '%s' ��正��\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: コメント '%s' ��正��\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: ホームディレクトリ '%s' ��正��\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: シャドウパスワード�� -e �必���\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: シャドウパスワード�� -f �必���\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: フィールド '%s' ��正��\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: シェル '%s' ��正��\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z � SELinux カー�ル以外��使���ん\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: UID %lu � faillog エントリをリセット����ん���: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: UID %lu � lastlog エントリをリセット����ん���: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: %s �新��エントリ '%s' を準備����ん���。\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: ディレクトリ %s を作�����ん\n"
+
+msgid "Creating mailbox file"
+msgstr "メールボックスファイルを作����"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"グループ 'mail' �見付�り��ん。ユーザ�メールボックスファイルを\n"
+"モード 0600 �作����\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "メールボックスファイル�許�属性を設定���"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: ユーザ '%s' �既�存在���\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: グループ %s �存在���。��ユーザを��グループ�追加�る�� -g を用"
+"������。\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: ユーザを作�����ん\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: ユーザ ID %lu ��複�����\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: %s � tcb ディレクトリ�作��失敗����\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: グループを作�����ん\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: ユーザを作�����ん\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: グループを作�����ん\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: 警告: ホームディレクトリ�既�存在���。\n"
+"skel ディレクトリ�ら�コピー�行���ん。\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: 警告: ユーザ� %s �ら %s �� SELinux ユーザマッピング�失敗����。\n"
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   当該ユーザ�所有���ファイルも削除�る\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+"  -r, --remove                  ホームディレクトリ�メールスプールを削除�"
+"ã‚‹\n"
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+"  -Z, --selinux-user            ��ユーザ� SELinux ユーザマッピングを\n"
+"                                全�削除�る\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: グループ %s �ユーザ %s �プライマリグループ������削除���ん。\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: グループ %s ��他�メン�ー��る��削除���ん���\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr "%s: グループ %s �他�ユーザ�プライマリグループ���削除���ん。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: '%s' �エントリを %s �ら削除����ん\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s �メールスプール (%s) ��り��ん\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: 警告: %s を削除����ん: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s � %s �所有���り��ん。削除�行���ん\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s: メモリを割当����ん。%s � tcb エントリ�削除�れ��ん。\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: 特権を�����ん��� %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: %s �内容を削除����ん���: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: %s � tcb ファイルを削除����ん: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: ユーザ %s � NIS ユーザ��\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s �ホームディレクトリ (%s) ��り��ん\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: ディレクトリ %s �削除�行���ん (ユーザ %s �ホームディレクトリ��)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: ディレクトリ %s �削除�エラー�起����\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: 警告: ユーザ� %s �ら SELinux ��ユーザマッピング�削除�失敗���"
+"�。\n"
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment COMMENT         GECOS フィールド�値を�設定�る\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+"  -d, --home HOME_DIR           ユーザアカウント�ホームディレクトリを\n"
+"                                �設定�る\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -e, --expiredate EXPIRE_DATE  アカウント期�切れ�日を EXPIRE_DATE ��る\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive INACTIVE       パスワードを期�切れ後�無効化�る日数を\n"
+"                                INACTIVE��る\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr "  -g, --gid GROUP               主グループを GROUP �変更�る\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr "  -G, --groups GROUPS           新��補助グループ�リストを与�る\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+"  -a, --append                  ユーザを (-G �指定�れ�) 補助グループ群\n"
+"                                GROUPS �追加�る。他�グループ�ら�削除�\n"
+"                                行���。\n"
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login NEW_LOGIN         ログイン�を変更�る\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    ��ユーザアカウントをロック�る\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               �ホームディレクトリ�内容を新��場所�\n"
+"                                移動�る (-d �指定�れ�場���)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              一����ユーザ (UID ���るユーザ) を\n"
+"                                許��る\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr "  -p, --password PASSWORD       新��暗�化済�パスワードを与�る\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr "  -u, --uid UID                 ��ユーザ� UID を変更�る\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+"  -U, --unlock                  ��ユーザアカウント�ロックを解除�る\n"
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -Z, --selinux-user            ��ユーザアカウント��新� SELinux\n"
+"                                ユーザマッピング\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: ユーザ�パスワードをアンロック�る�パスワード���アカウント����"
+"�。\n"
+"��ユーザ�パスワードをアンロック�る�� usermod -p �パスワードを設定\n"
+"�����。\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: ユーザ '%s' �既� %s �存在���\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: 日付 '%s' ��正��\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: 日付 '%s' ��正��\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: オプション��り��ん\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: -L, -p, -U フラグ��時�指定����ん\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: -e �よ� -f ��シャドウパスワード�必���\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID '%lu' �既�存在���\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s � %s �パスワードを変更�る権���り��ん\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: ディレクトリ %s �存在���\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: 以��ホームディレクトリ (%s) �ディレクトリ���り��ん。�れ�削除�"
+"れ��ホームディレクトリ�作����ん。\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: ホームディレクトリ�所有モードを変更����ん"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: 警告: ��ホームディレクトリ %s を完全削除����ん���"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: ディレクトリ %s ���を %s �変更����ん\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: ユーザ %lu � lastlog エントリをユーザ %lu �コピー����ん���: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: ユーザ %lu � faillog エントリをユーザ %lu �コピー����ん���: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: 警告: %s � %s �所有���り��ん\n"
+
+msgid "failed to change mailbox owner"
+msgstr "mailbox 所有者�変更�失敗����"
+
+msgid "failed to rename mailbox"
+msgstr "mailbox ���変更�失敗����"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: %s �新��エントリ '%s' を準備����ん���。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: %s �新��エントリ '%s' を準備����ん���。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: %s �新��エントリ '%s' を準備����ん���。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: %s �新��エントリ '%s' を準備����ん���。\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"%s を変更����。\n"
+"整�性を����� %s を変更�る必���る�も�れ��ん。\n"
+"��場��コマンド '%s' を使������。\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   group データベースを編集�る\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd                  passwd データベースを編集�る\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr "  -s, --shadow                  shadow データベースを編集�る\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr "  -u, --user                    編集�る tcb shadow ファイル�ユーザ\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: %s を削除����ん���\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s �変更�れ��ん\n"
+
+msgid "failed to create scratch directory"
+msgstr "スクラッ�ディレクトリを作�����ん���"
+
+msgid "failed to drop privileges"
+msgstr "特権を�����ん���"
+
+msgid "Couldn't get file context"
+msgstr "ファイルコンテキストを�得����ん"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () �失敗����"
+
+msgid "failed to gain privileges"
+msgstr "特権を�得����ん���"
+
+msgid "Couldn't lock file"
+msgstr "ファイルをロック����ん"
+
+msgid "Couldn't make backup"
+msgstr "�ックアップを作�����ん"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: nscd �ステータス %d �終了����\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "スクラッ�ファイルをオープン����ん���"
+
+msgid "failed to unlink scratch file"
+msgstr "スクラッ�ファイルを削除����ん���"
+
+msgid "failed to stat edited file"
+msgstr "編集��ファイル�状態を�得����ん���"
+
+msgid "failed to allocate memory"
+msgstr "メモリ割当�失敗����"
+
+msgid "failed to create backup file"
+msgstr "�ックアップファイルを作�����ん���"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: %s を復旧����ん���: %s (����変更� %s ��り��)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: %s � tcb ディレクトリ�見付�り��ん���\n"
+
+#~ msgid "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ msgstr "  -c, --crypt-method            暗�化�方法 (%s ��れ����)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "使�方: vipw [オプション]\n"
+#~ "\n"
+#~ "オプション:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) �失敗����\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "使�方: chage [オプション] [ログイン�]\n"
+#~ "\n"
+#~ "オプション\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM �証�失敗����\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "使�方: %s [-f フル�ーム] [-r 部屋番�] [-w �場TEL]\n"
+#~ "\t[-h 自宅TEL] [-o ��他] [ユーザ]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "使�方: %s [-f フル�ーム] [-r 部屋番�] [-w �場TEL] [-h 自宅TEL]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "使�方: %s [オプション]\n"
+#~ "\n"
+#~ "オプション:\n"
+#~ "  -c, --crypt-method            暗�化�方法 (%s ��れ�)\n"
+#~ "  -e, --encrypted               パスワードを暗�化��状態�渡�\n"
+#~ "  -h, --help                    ��ヘルプメッセージを表示��終了�る\n"
+#~ "  -m, --md5                     与��パスワード�暗�化�れ����場"
+#~ "��\n"
+#~ "                                MD5 アルゴリズム�暗�化�る\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "使�方: chsh [オプション]\n"
+#~ "\n"
+#~ "オプション:\n"
+#~ "  -h, --help                    ��ヘルプメッセージを表示��終了�る\n"
+#~ "  -s, --shell SHELL             ユーザ�シェルを新�� SHELL ��る\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "使�方: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: UID %lu �エントリを�得����ん���\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: ファイル %s を開���ん: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: %s �サイズを�得����ん���: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "使�方: groupdel グループ\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "使�方: %s [-r] [-s] [group [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "使�方: %s [-r] [-s] [group]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s � -r ��時�指定����ん\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "使�方: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "使�方: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "使�方: lastlog [オプション]\n"
+#~ "\n"
+#~ "オプション:\n"
+#~ "  -b, --before DAYS             DAYS 日より以�� lastlog 記録��を表示�"
+#~ "ã‚‹\n"
+#~ "  -h, --help                    ��ヘルプメッセージを表示��終了�る\n"
+#~ "  -t, --time DAYS               DAYS 日�以�� lastlog 記録��を表示�"
+#~ "ã‚‹\n"
+#~ "  -u, --user LOGIN              指定ユーザ LOGIN � lastlog 記録を表示�"
+#~ "ã‚‹\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "使�方: passwd [オプション] [ログイン�]\n"
+#~ "\n"
+#~ "オプション:\n"
+#~ "  -a, --all                     全アカウント�パスワード状態をレ�ート�"
+#~ "ã‚‹\n"
+#~ "  -d, --delete                  指定アカウント�パスワードを削除�る\n"
+#~ "  -e, --expire                  指定アカウント�パスワードを期�切れ��"
+#~ "ã‚‹\n"
+#~ "  -h, --help                    ��ヘルプメッセージを表示��終了�る\n"
+#~ "  -k, --keep-tokens             期�切れ�場����パスワードを変更�る\n"
+#~ "  -i, --inactive INACTIVE       期�切れ後�パスワード無効化日数を\n"
+#~ "                                INACTIVE ��る\n"
+#~ "  -l, --lock                    指定アカウントをロック�る\n"
+#~ "  -n, --mindays MIN_DAYS        パスワード�変更��る���最短日数を\n"
+#~ "                                MIN_DAYS �変更�る\n"
+#~ "  -q, --quiet                   表示抑制モード\n"
+#~ "  -r, --repository REPOSITORY   リ�ジトリ REPOSITORY �パスワードを変更�"
+#~ "ã‚‹\n"
+#~ "  -S, --status                  指定アカウント�パスワード�状態を報告�"
+#~ "ã‚‹\n"
+#~ "  -u, --unlock                  指定アカウント�ロックを解除�る\n"
+#~ "  -w, --warndays WARN_DAYS      期�切れ警告�日数を WARN_DAYS ��る\n"
+#~ "  -x, --maxdays MAX_DAYS        パスワード�変更��る期間�最長日数を\n"
+#~ "                                MAX_DAYS �変更�る\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "使�方: %s [-q] [-r] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "使�方: %s [-q] [-r] [-s] [パスワード [シャドウ]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "使�方: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "使�方: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "�明� ID ��: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "シェル��り��ん\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "使�方: userdel [オプション] ログイン�\n"
+#~ "\n"
+#~ "オプション:\n"
+#~ "  -f, --force                   当該ユーザ�所有���ファイルも削除�る\n"
+#~ "  -h, --help                    ��ヘルプを表示��終了�る\n"
+#~ "  -r, --remove                  ホームディレクトリ�メールスプールを削除�"
+#~ "ã‚‹\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: ユーザ %s ��在ログイン中��\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "使�方: usermod [オプション] ログイン�\n"
+#~ "\n"
+#~ "オプション:\n"
+#~ "  -c, --comment COMMENT         GECOS フィールド�値を�設定�る\n"
+#~ "  -d, --home HOME_DIR           ユーザアカウント�ホームディレクトリを\n"
+#~ "                                �設定�る\n"
+#~ "  -e, --expiredate EXPIRE_DATE  アカウント期�切れ�日を EXPIRE_DATE ��"
+#~ "ã‚‹\n"
+#~ "  -f, --inactive INACTIVE       パスワードを期�切れ後�無効化�る日数を\n"
+#~ "                                INACTIVE��る\n"
+#~ "  -g, --gid GROUP               主グループを GROUP �変更�る\n"
+#~ "  -G, --groups GROUPS           新��補助グループ�リストを与�る\n"
+#~ "  -a, --append                  ユーザを (-G �指定�れ�) 補助グループ"
+#~ "群\n"
+#~ "                                GROUPS �追加�る。他�グループ�ら�削除"
+#~ "�\n"
+#~ "                                行���。\n"
+#~ "  -h, --help                    ��ヘルプを表示��終了�る\n"
+#~ "  -l, --login NEW_LOGIN         ログイン�を変更�る\n"
+#~ "  -L, --lock                    ��ユーザアカウントをロック�る\n"
+#~ "  -m, --move-home               �ホームディレクトリ�内容を新��場所�\n"
+#~ "                                移動�る (-d �指定�れ�場���)\n"
+#~ "  -o, --non-unique              一����ユーザ (UID ���るユーザ) を\n"
+#~ "                                許��る\n"
+#~ "  -p, --password PASSWORD       新��暗�化済�パスワードを与�る\n"
+#~ "  -s, --shell SHELL             ��ユーザ�ログインシェルを変更�る\n"
+#~ "  -u, --uid UID                 ��ユーザ� UID を変更�る\n"
+#~ "  -U, --unlock                  ��ユーザアカウント�ロックを解除�る\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: ���もフラグ�指定�れ����ん\n"
diff --git a/po/kk.po b/po/kk.po
new file mode 100644
index 0000000..a5c446b
--- /dev/null
+++ b/po/kk.po
@@ -0,0 +1,2944 @@
+# shadowutils to kazakh.
+# Copyright (C) 2009 Free Software Foundation, Inc.
+# This file is distributed under the same license as the PACKAGE package.
+# Baurzhan Muftakhidinov <baurthefirst@gmail.com>, 2009-2017.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadowutils\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2017-02-07 17:09+0500\n"
+"Last-Translator: Baurzhan Muftakhidinov <baurthefirst@gmail.com>\n"
+"Language-Team: Kazakh <kk_KZ@googlegroups.com>\n"
+"Language: kk\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=utf-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Generator: Poedit 1.8.11\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"'%s' атындағы %s ішінде бірнеше жазба бар. Оны pwck не grpck көмегімен "
+"дұры�таңыз.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "шифрлеу тә�іліне libcrypt-тан қолдау жоқ па? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "баптаулар қате�і - %s мәнін талдау мүмкін еме�: '%s'"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Баптауларды жүктеу үшін орын жоқ.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "баптау қате�і - белгі�із �лемент '%s' (админи�траторға хабарла�ыңыз)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd өз жұмы�ын дұры� а�қтаған жоқ (%d �игналымен)\n"
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd %d қалып-күймен өз жұмы�ын а�қтады\n"
+
+msgid "Password: "
+msgstr "Пароль: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s пайдаланушының паролі: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "SELinux ба�қарушы ұ�тағышын жа�ау мүмкін еме�\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "SELinux �а��аты ба�қарылып жатқан жоқ\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "SELinux �а��аттарын �ақтау қорын оқу �әт�із\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "SELinux ба�қарушы байланы�ын орнату мүмкін еме�\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "SELinux әрекетін ба�тау мүмкін еме�\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "seuser %s үшін �ұрау �әт�із\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "%s үшін serange орнату мүмкін еме�\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "%s үшін sename орнату мүмкін еме�\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "%s үшін тіркелгі �әйке�тігін түзету мүмкін еме�\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "%s үшін SELinux тіркелгі �әйке�тігін жа�ау мүмкін еме�\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "%s үшін атын орнату мүмкін еме�\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "%s үшін SELinux пайдаланушы�ын орнату мүмкін еме�\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "%s үшін тіркелгі �әйке�тігін қо�у мүмкін еме�\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "SELinux ба�қаруын і�ке қо�у мүмкін еме�\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "SELinux пайд.-шы кілтін жа�ау мүмкін еме�\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "SELinux пайдаланушы�ын тек�еру мүмкін еме�\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "SELinux пайд. �әйке�тігін түзету мүмкін еме�\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "SELinux пайд. �әйке�тігін қо�у мүмкін еме�\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "SELinux әрекетін і�ке а�ыру мүмкін еме�\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"%s үшін тіркелгі �әйке�тігі анықталмаған, ба�тапқы �әйке�тк қолданылған "
+"бол�а ОК\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr "%s үшін тіркелгі �әйке�тігі �а��атта анықталған, өшіруге мүмкін еме�\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "%s үшін тіркелгі �әйке�тігін өшіру мүмкін еме�"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: жады жеткілік�із\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: %s табылмады: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s бума да, �ілтеме де еме�.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: %s �имволдық �ілтеме�ін оқу мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: Күдіктілі ұзын �имволдық �ілтеме: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: %s бума�ын жа�ау мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: %s үшін иені ауы�тыру мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: %s үшін режимді ауы�тыру мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: unlink: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: %s бума�ын өшіру мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: %s атын %s етіп орнату мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: %s өшіру мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: %s �имволдық �ілтеме�ін жа�ау мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: %s үшін иелерді өзгерту мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: lstat %s мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Е�керту, %s пайдаланушы�ында tcb shadow файлы жоқ.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Төтенше жағдай: %s үшін tcb shadow қалыпты, st_nlink=1, файл еме�.\n"
+"Тіркелгі блокталған күйінде қалдырылады.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: %s ашу мүмкін еме�: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Е�керту: белгі�із топ %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Е�керту: топ �аны тым көп\n"
+
+msgid "Your password has expired."
+msgstr "Пароліңіздің мерзімі а�қталған."
+
+msgid "Your password is inactive."
+msgstr "Пароліңіз бел�енді еме�."
+
+msgid "Your login has expired."
+msgstr "Тіркелгіңіздің мерзімі а�қталған."
+
+msgid "  Contact the system administrator."
+msgstr "  Жүйелік админи�траторыңызға хабарла�ыңыз."
+
+msgid "  Choose a new password."
+msgstr "  Жаңа парольді таңдаңыз."
+
+msgid "You must change your password."
+msgstr "Сіз пароліңізді ауы�тыруға тиі�ті�із."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Пароліңіздің мерзімі %ld күнде а�қталады.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Пароліңіздің мерзімі ертең а�қталады."
+
+msgid "Your password will expire today."
+msgstr "Пароліңіздің мерзімі бүгін а�қталады."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "�удит интерфей�ін ашу мүмкін еме� - шығу.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Терминал ие�ін не рұқ�татын өзгерту мүмкін еме�: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: %s бо�ату �әт�із\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Орындалу орта айнымалыларының шектен көп �аны\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Сіз $%s өзгерте алмай�ыз\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"Жүйеге кірудің %d-ші қате талабы.\n"
+"Соңғы�ы %s болған, терминал %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Қате баптаулар: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Қате баптаулар: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: жадыны бөлу �әт�із: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s:  Ерекше жүйелік GID алу мүмкін еме� (бо� GID-тар қалмады)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s:  Ерекше GID алу мүмкін еме� (бо� GID-тар қалмады)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Қате баптаулар: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Қате баптаулар: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s:  Ерекше жүйелік UID алу мүмкін еме� (бо� UID-тар қалмады)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s:  Ерекше жүйелік UID алу мүмкін еме� (бо� UID-тар қалмады)\n"
+
+msgid "Too many logins.\n"
+msgstr "Жүйеге кірудің шектен көп талап �аны.\n"
+
+msgid "You have new mail."
+msgstr "Сізде жаңа пошта бар."
+
+msgid "No mail."
+msgstr "Пошта жоқ."
+
+msgid "You have mail."
+msgstr "Сізде пошта бар."
+
+msgid "no change"
+msgstr "өзгері�тер жоқ"
+
+msgid "a palindrome"
+msgstr "палиндром"
+
+msgid "case changes only"
+msgstr "өзгері�тер тек таңбалардың реги�трінде ғана"
+
+msgid "too similar"
+msgstr "өте ұқ�а�"
+
+msgid "too simple"
+msgstr "өте оңай"
+
+msgid "rotated"
+msgstr "аударылған"
+
+msgid "too short"
+msgstr "өте қы�қа"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Пароль жаман: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() ішіндегі %d қате�і\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: пароль өзгертілмеді\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: пароль �әтті жаңартылды\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "%s үшін қате пароль.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: бірнеше --root опци��ы\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: '%s' опци��ы аргументті талап етеді\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: привилеги�лар деңгейін төмендету мүмкін еме� (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: '%s' chroot жолы қате\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: %s chroot бума�ына қатынау мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: %s chroot бума�ына өту (chdir) мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: %s бума�ына chroot жа�ау мүмкін еме�: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Қате ENCRYPT_METHOD мәні: '%s'.\n"
+"Ба�тапқы DES мәні қолданылады.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "'%s' бума�ына ауы�у мүмкін еме�\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Бума табылмады, HOME=/ бума�ына кіру орындалады"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s орындау мүмкін еме�"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "'%s' түбірлік бума�ы қате\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Түбірлік бума�ын '%s' мәніне ауы�тыру мүмкін еме�\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Терминалыңыздың атын анықтау мүмкін еме�."
+
+msgid "No"
+msgstr "Жоқ"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опци�лар] ТІРКЕЛГІ\n"
+"\n"
+"Опци�лар:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+"  -d, --lastday LAST_DAY        парольдің а�қталу мерзімін LAST_DAY күніне "
+"орнату\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -E, --expiredate EXPIRE_DATE  тіркелгінің а�қталу мерзімі EXPIRE_DATE "
+"күніне орнату\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr "  -h, --help                    о�ы көмек ақпаратын көр�ету мен шығу\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive INACTIVE       парольдің мерзімі біткен �оң оны INACTIVE "
+"болып\n"
+"                                орнату үшін өтетін күн �аны\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+"  -l, --list                    тіркелгінің жұмы� уақыты ақпаратын көр�ету\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays MIN_DAYS        парольді ауы�тыру ара�ында өту керек ең аз "
+"күн �анын\n"
+"                                MIN_DAYS мәніне орнату\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays MAX_DAYS        парольді ауы�тыру ара�ында өту керек ең көп "
+"�үн �анын\n"
+"                                MAX_DAYS мәніне орнату\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -R, --root CHROOT_DIR         chroot үшін бума\n"
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -W, --warndays WARN_DAYS      мерзімі а�қталу туралы хабарламаны WARN_DAYS "
+"күн қалғанда көр�ете ба�тау\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Жаңа мәнді енгізіңіз, неме�е ұ�ынылатынды қабылдау үшін ENTER ба�ыңыз"
+
+msgid "Minimum Password Age"
+msgstr "Парольдің ең аз жа�ау мерзімі (күн)"
+
+msgid "Maximum Password Age"
+msgstr "Парольдің ең көп жа�ау мерзімі (күн)"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Парольді �оңғы ауы�тыру (ЖЖЖЖ-��-КК)"
+
+msgid "Password Expiration Warning"
+msgstr "Мерзімі а�қталу туралы хабарламаны көр�ету (күн �аны)"
+
+msgid "Password Inactive"
+msgstr "Тіркелгіні күн өткенде �өндіру (күн �аны)"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Тіркелгінің мерзімі а�қталатын күні (ЖЖЖЖ-��-КК)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Парольді �оңғы ауы�тыру\t\t\t\t\t: "
+
+msgid "never"
+msgstr "ешқашан"
+
+msgid "password must be changed"
+msgstr "пароль өзгертілу керек"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Парольдің мерзімі бітеді\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Пароль �өндіріледі\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Тіркелгі �өндіріледі\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Парольді ауы�тыру ара�ында өту керек ең аз күн �аны\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Парольді ауы�тыру ара�ында өту керек ең көп күн �аны\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Пароль а�қталуы туралы хабарлауды ба�тау, күн �аны\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: '%s' күні қате\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: қате �ан аргументі '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: \"l\" опци��ын ба�қалармен бірге қолданбаңыз\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Рұқ�ат жоқ.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Сіздің пайдаланушы атын анықтау мүмкін еме�.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: %s оқшаулау �әт�із; кейін қайталаңыз.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: %s ашу мүмкін еме�\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: %s ішіне өзгері�терді �ақтау кезінде қате кетті\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: жаңа %s '%s' жазбаны дайындау мүмкін еме�\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: көлеңкелі парольдер файлын жоқ болып тұр\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: '%s' пайдаланушы�ы %s ішінде жоқ\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "%s үшін мерзім ақпаратын өзгерту\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: жолдарды өзгерту қате�і\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опци�лар] [ТІРКЕЛГІ]\n"
+"\n"
+"Опци�лар:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr "  -f, --full-name FULL_NAME     пайд.-ның толық атын ауы�тыру\n"
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+"  -h, --home-phone HOME_PHONE   пайд.-ның үй телефон нөмірін ауы�тыру\n"
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+"  -o, --other OTHER_INFO        пайд.-ның ба�қа GECOS ақпаратын өзгерту\n"
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr "  -r, --room ROOM_NUMBER        пайд.-ның бөлме нөмірін ауы�тыру\n"
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr "  -u, --help                    о�ы көмек ақпаратын көр�ету мен шығу\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+"  -w, --work-phone WORK_PHONE   пайд.-ның жұмы� телефон нөмірін ауы�тыру\n"
+
+msgid "Full Name"
+msgstr "Толық аты"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Бөлме нөмірі"
+
+msgid "Work Phone"
+msgstr "Жұмы� телефон нөмірі"
+
+msgid "Home Phone"
+msgstr "Үй телефон нөмірі"
+
+msgid "Other"
+msgstr "Ба�қа"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Суперпайдаланушы (root) құқығын алу мүмкін еме�.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: ASCII-еме� таңбалары бар аты: '%s'\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: пайдаланушы аты қате: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: ASCII-еме� таңбалары бар бөлме: '%s'\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: бөлме нөмірі қате: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: жұмы� телефон нөмірі қате: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: үй телефон нөмірі қате: '%s'\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' құрамында ASCII-еме� таңбалар бар\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' құрамында қате таңбалар бар\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: пайдаланушы '%s' жоқ болып тұр\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: NIS клиентінде '%s' пайдаланушыны ауы�тыруға мүмкін еме�.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' - бұл клиент үшін NIS �ервері.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "%s үшін пайдаланушы ақпаратын өзгерту\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: жолдар өте ұзын\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опци�лар]\n"
+"\n"
+"Опци�лар:\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method METHOD     шифрлеу тә�ілі (келе�іден біреу: %s)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr "  -e, --encrypted               берілген парольдер шифрленген\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     MD5 алгоритмін пайдаланып, таза мәтінді\n"
+"                                парольді шифрлеу\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* текте� алгоритмдер үшін SHA\n"
+"                                раундтар �аны\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: %s жалауша�ын тек %s жалауша�ымен бірге қолдануға болады\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: -c, -e, және -m жалаушалары өзара үйле�пейді\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: қолдауы жоқ шифрлеу тә�ілі: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: жол %d: жол өте ұзын\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: жол %d: жаңа пароль жоқ\n"
+
+#, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: парольді '%s' тұзымен шифрлеу �әт�із а�қталды: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: жол %d: '%s' тобы жоқ болып тұр\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: жол %d: жаңа %s '%s' жазбаны дайындау мүмкін еме�\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: қателер орын алды, өзгері�тер �ақталмады\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (жол %d, пайдаланушы %s) пароль өзгертілмеген\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: жол %d: пайдаланушы '%s' жоқ болып тұр\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+"  -s, --shell SHELL             пайдаланушы тіркелгі�і үшін жаңа қоршам\n"
+
+msgid "Login Shell"
+msgstr "Қоршам"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Сіз '%s' үшін қоршамды өзгерте алмай�ыз.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "%s үшін қоршамды өзгерту\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Қате мән: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s дұры� қоршам еме�\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Е�керту: %s жоқ болып тұр\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Е�керту: %s орындалатын еме�\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+"  -c, --check                   пайд.-шы паролінің а�қталу мерзімін тек�еру\n"
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+"  -f, --force                   пайд.-шы паролінің мерзімі біт�е, парольді\n"
+"                                ауы�тыруға мәжбүрлету\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: %s пен %s опци�лары өзара ерегі�еді\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: күтпеген аргумент: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+"  -a, --all                     барлық пайдаланушылар үшін faillog "
+"жазбаларын көр�ету\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-secs СЕК           �әт�із кіру талабынан кейін тіркелгіні СЕК "
+"�екундқа блоктау\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum М�КС            �әт�із кіру талап �ан мак�имумын М�КС етіп "
+"орнату\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr "  -r, --reset                   �әт�із кіру талап �анағышын нөлдеу\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time КҮ�                КҮ�нен кейін болған faillog жазбаларын "
+"көр�ету\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user ТІРКЕЛГІ/�Р�ЛЫҚ    тек көр�етілген ТІРКЕЛГІ(лер) үшін faillog "
+"жазба�ын\n"
+"                                көр�ету не �анағыштарды мен лимиттерді (егер "
+"-r, -m,\n"
+"                                не -l бірге көр�етіл�е) ба�қару\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: UID %lu үшін жазбаны алу мүмкін еме�\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Пайд.-шы Сәт�із кірулер Мак�. Соңғы         Қайда\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus қалды]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds оқшаулар �аны]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr ""
+"%s: UID %lu үшін �әт�із кіру талаптар �анағышын нөлдеу �әт�із а�қталды\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: UID %lu үшін мак� мәнін орнату �әт�із а�қталды\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: UID %lu үшін блоктау уақытын орнату �әт�із а�қталды\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Белгі�із пайдаланушы не аралық: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: %s өлшемін алу мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: %s жазу �әт�із: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опци�] ТОП\n"
+"\n"
+"Опци�лар:\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add П�ЙД                П�ЙДаланушыны ТОПқа қо�у\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete П�ЙД             П�ЙДаланушыны ТОПтан өшіру\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -Q, --root CHROOT_DIR         chroot үшін бума\n"
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr "  -r, --remove-password         ТОП паролін өшіру\n"
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+"  -R, --restrict                ТОПқа қатынауды тек оның мүшелерімен шектеу\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr "  -M, --members П�ЙД,...        ТОП мүшелерін орнату\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators ӘКІМШІ,...\n"
+"                                ТОП үшін әкімшілер тізімін орнату\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+"Бұл опци�ларды, -A және -M опци�ларынан ба�қа, бірге қолдануға болмайды.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Бұл опци�ларды бірге қолдануға болмайды.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: -A үшін көлеңкелі парольдер файлына қолдау керек\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: '%s' тобы %s ішінде жоқ болып тұр\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: тек оқу үшін %s жабу қате�і\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "%s тобы үшін парольді өзгерту\n"
+
+msgid "New Password: "
+msgstr "Жаңа пароль:"
+
+msgid "Re-enter new password: "
+msgstr "Жаңа парольді қайта енгізіңіз:"
+
+msgid "They don't match; try again"
+msgstr "Олар �әйке� еме�; қайтадан енгізіңіз"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Кейінірек қайталап көріңіз\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "%s пайдаланушы�ын %s тобына қо�у\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "%s пайдаланушы�ын %s тобынан өшіру\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: '%s' пайдаланушы�ы '%s' мүше�і еме�\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Терминал еме�\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опци�лар] ТОП\n"
+"\n"
+"Опци�лар:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force                   топ бар бол�а �әтті шығу, ал GID қолдануда "
+"бол�а,\n"
+"                                -g опци��ынан ба� тарту\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr "  -g, --gid GID                 жаңа топ үшін GID қолдану\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+"  -K, --key KEY=VALUE           /etc/login.defs ба�тапқы мәндерін алма�тыру\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              қайталанатын (ерекше еме�) GID бар топтарды\n"
+"                                жа�ауға рұқ�ат ету\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+"  -p, --password П�РОЛЬ         бұл шифрленген парольді жаңа топ үшін "
+"қолдану\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  жүйелік тіркелгіні жа�ау\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: '%s' дұры� топ аты еме�\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: қате топ ID-і '%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K талап етеді KEY=МӘ�І\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: '%s' тобы бар болып тұр\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID '%lu' бар болып тұр\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Тазарту қызметін орнату мүмкін еме�.\n"
+
+#| msgid ""
+#| "  -r, --reset                   reset the counters of login failures\n"
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+"  -f, --force                   топты өшіру, егер ол пайдаланушының "
+"біріншілік тобы бол�а да\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: '%s' жазба�ын %s ішінен өшіру мүмкін еме�\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: '%s' пайдаланушының ба�ты тобын өшіру мүмкін еме�\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: '%s' тобы жоқ болып тұр\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: '%s' тобы NIS тобы болып тұр\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s қазір NIS �ервері болып тұр\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: '%s' пайдаланушы�ы '%s' тобының мүше�і болып тұр\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Жады жеткілік�із. %s жаңарту мүмкін еме�.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опци�лар] [әрекет]\n"
+"\n"
+"Опци�лар:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group топ_аты           пайд. тобы орнына топты көр�ету\n"
+"                                (тек root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Әрекеттер:\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+"  -a, --add пайд_аты            пайдаланушыны топтың мүшелер тізіміне қо�у\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr "  -d, --delete пайд_аты         пайдаланушыны топтан өшіру\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr "  -p, --purge                   топтан барлық мүшелерді өшіру\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    топ мүшелердің тізімін шығару\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: �іздің топ атыңыз пайдаланушы атыңызға �әйке� келмейді\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: тек root -g/--group опци��ын қолдана алады\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr "  -g, --gid GID                 топ ID-ін GID мәніне орнату\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr "  -n, --new-name Ж�Ң�_ТОП       атын жаңа Ж�Ң�_ТОП атына орнату\n"
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              қайталанатын (ерекше еме�) GID қолдануға "
+"рұқ�ат ету\n"
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+"  -p, --password П�РОЛЬ         парольді о�ы П�РОЛЬге (шифрленген) оранту\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: қате топ аты '%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: %s тобы NIS тобы болып тұр\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: белгі�із пайдаланушы %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опци�лар] [group [gshadow]]\n"
+"\n"
+"Опци�лар:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опци�лар] [group]\n"
+"\n"
+"Опци�лар:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+"  -r, --read-only               қателер мен е�кертулерді көр�ету,\n"
+"                                бірақ файлдарға тиі�пеу\n"
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr "  -s, --sort                    жазбаларды UID б/ша �ұрыптау\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s пен -r өзара үйле�пейді\n"
+
+msgid "invalid group file entry"
+msgstr "group файл ішінде қате жазба"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "'%s' жолын өшіру керек пе? "
+
+msgid "duplicate group entry"
+msgstr "қайталанатын топ жазба�ы"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "қате топ аты '%s'\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "қате топ ID-і '%lu'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "%s тобы: %s пайдаланушы жоқ\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "'%s' қаты�ушыны өшіру керек пе? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "%s ішінде �әйке� көлеңкелі топ жазба�ы жоқ\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "'%s' тобын %s ішіне қо�у керек пе?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"%s тобының %s ішінде жазба�ы бар, бірақ оның %s ішіндегі пароль жазба�ы 'x' "
+"етіп орнатылмаған\n"
+
+msgid "invalid shadow group file entry"
+msgstr "көлеңкелі топтар файлының қате жазба�ы"
+
+msgid "duplicate shadow group entry"
+msgstr "қайталанатын көлеңкелі топтар жазба�ы"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "көлеңкелі топ %s: %s әкімші пайдаланушы�ы жоқ\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "'%s' әкімші пайдаланушы�ын өшіру керек пе? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "көлеңкелі топ %s: %s пайдаланушы�ы жоқ\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: файлдар жаңартылды\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: өзгері�тер жоқ\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: %s өшіру мүмкін еме�\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Қолданылуы: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Қолданылуы: id\n"
+
+msgid " groups="
+msgstr " топтар="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+"  -b, --before КҮ�              мерзімі КҮ�нен үлкен ғана lastlog жазбаларын "
+"көр�ету\n"
+
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+"  -C, --clear                   пайдаланушының lastlog жазба�ын тазарту (тек "
+"-u опци��ымен бірге пайдаланылады)\n"
+
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+"  -S, --set                     lastlog жазба�ын ағымдағы уақытқа орнату "
+"(тек -u опци��ымен бірге пайдаланылады)\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time КҮ�                мерзімі КҮ�нен кіші ғана lastlog жазбаларын "
+"көр�ету\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+"  -u, --user ТІРКЕЛГІ           көр�етілген ТІРКЕЛГІ үшін lastlog жазбаларын "
+"көр�ету\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "Пайдаланушы      Порт     Қайдан           Соңғы"
+
+msgid "Username                Port     Latest"
+msgstr "Пайдаланушы             Порт     Соңғы"
+
+msgid "**Never logged in**"
+msgstr "**Жүйеге ешқашан кірмеген**"
+
+#, c-format
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: UID %lu үшін жазбаны жаңарту �әт�із а�қталды\n"
+
+#, c-format
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: lastlog файлын жаңарту �әт�із а�қталды\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr "%s: -C опци��ын -S опци��ымен бірге қолдануға болмайды\n"
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+"%s: -C және -S опци�лары пайдаланушыны көр�ету үшін -u опци��ын талап етеді\n"
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Қолданылуы: %s [-p] [аты]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h хо�т] [-f аты]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r хо�т\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "баптау қате�і - %s мәнің өндеу мүмкін еме�: '%d'"
+
+msgid "Invalid login time"
+msgstr "Жүйеге кірудің қате уақыты"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Жүйе техникалық жөндеуді өткізу үшін жабылған"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Жүйеден мәжбүрлі шығу орындалмады -- root үшін жүйеге кіруге рұқ�ат "
+"етілген.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Эффективті root-�ыз жұмы� і�темеуі мүмкін\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Utmp жазба�ы жоқ. Сізге exec \"login\" команда�ын бірінші деңгейден \"sh\" "
+"қо�у керек"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Жүйеге кіру уақыты %u �екундтан кейін а�қталды.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM қате�і, тоқтатылды: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s пайдаланушы аты: "
+
+msgid "login: "
+msgstr "пайдаланушы аты:"
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Талаптар �аны шектен а�ты (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: тоқтатуды PAM �ұраған\n"
+
+msgid "Login incorrect"
+msgstr "Жүйеге кіру орындалмады"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Пайдаланушыны табу мүмкін еме� (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s пайдаланушы аты: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: үрді�ті ба�тау қате�і: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "%s үшін TIOCSCTTY орындау қатемен а�қталды"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Е�керту: тіркелгі уақытша �өндірілгеннен кейін қайта қо�ылған."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Жүйеге �оңғы кіру: %s, терминал %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Жүйеге �оңғы кіру: %.19s, терминал %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " қайдан: %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"жүйеге кіру уақыты өтті\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Қолданылуы: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Қолданылуы: newgrp [-] [топ]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Қолданылуы: sg топ [[-c] команда�ы]\n"
+
+#, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: парольді алдыңғы тұзбен шифрлеу �әт�із а�қталды: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "пароль қате.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: үрді�ті ба�тау қате�і: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: '%lu' GID-і жоқ болып тұр\n"
+
+msgid "too many groups\n"
+msgstr "топ �аны шектен ты�\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  жүйелік тіркелгіні жа�ау\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+"%s: топ '%s' shadow тобы болып тұр, бірақ /etc/group ішінен табылмады\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: пайдаланушы ID-і '%s' қате\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: '%s' пайдаланушы аты қате\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: жол %d: жол қате\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: %s пайдаланушы жазба�ын жаңарту мүмкін еме� (passwd дерекқорында жоқ)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: жол %d: пайдаланушыны жа�ау мүмкін еме�\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: жол %d: топты жа�ау мүмкін еме�\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: жол %d: '%s' пайдаланушы�ы %s ішінде жоқ\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: жол %d: парольді жаңарту мүмкін еме�\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: жол %d: mkdir %s �әт�із: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: жол %d: chown %s �әт�із: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: жол %d: жазбаны жаңарту мүмкін еме�\n"
+
+#, c-format
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: жаңа %s жазба�ын дайындау �әт�із а�қталды\n"
+
+#, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: бағынышты пайдаланушы ауқымын табу мүмкін еме�\n"
+
+#, c-format
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: бағынышты топ ауқымын табу мүмкін еме�\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+"  -a, --all                     барлық тіркелгілер үшін парольдер күйін "
+"шығару\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+"  -d, --delete                  көр�етілген тіркелгі үшін парольді өшіру\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  көр�етілген тіркелгі үшін пароль мерзімінің "
+"а�қталуын мәжбүрлету\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+"  -k, --keep-tokens             парольді тек мерзімі а�қтал�а ғана өзгерту\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive INACTIVE       мерзімі а�қталғаннан кейін тіркелгіні "
+"�өндіру үшін\n"
+"                                керек күн �анын INACTIVE мәніне орнату\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr "  -l, --lock                    көр�етілген тіркелгіні оқшаулау\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays MIN_DAYS        парольді өзгерту ара�ында ең аз рұқ�ат "
+"етілген күн �анын\n"
+"                                MIN_DAYS мәніне орнату\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   тыныш режимі\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+"  -r, --repository REPOSITORY   REPOSITORY репозиторийінде парольді өзгерту\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+"  -S, --status                  көр�етілген тіркелгі үшін пароль күйін "
+"шығару\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+"  -u, --unlock                  көр�етілген тіркелгіні оқшаулаудан бо�ату\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -w, --warndays WARN_DAYS      мерзімі а�қталуы туралы WARN_DAYS қалғанда "
+"е�керте ба�тау\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays MAX_DAYS        парольді өзгерту ара�ында ең көп рұқ�ат "
+"етілген күн �анын\n"
+"                                MAX_DAYS мәніне орнату\n"
+
+msgid "Old password: "
+msgstr "�ғымдағы пароль:"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Жаңа парольді енгізіңіз (минимум %d белгі бол�ын)\n"
+"Парольді ба�, кіші әріптер және �андарды арала�тыра қолданып құраңыз.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Жаңа парольді енгізіңіз (минимум %d, мак�имум %d белгі бол�ын)\n"
+"Парольді ба�, кіші әріптер және �андарды арала�тыра қолданып құраңыз.\n"
+
+msgid "New password: "
+msgstr "Жаңа пароль:"
+
+msgid "Try again."
+msgstr "Қайталап көріңіз."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Е�керту: өте оңай пароль (қолданам де�еңіз қайта енгізіңіз)."
+
+msgid "They don't match; try again.\n"
+msgstr "Олар өзара �әйке� еме�; қайтадан көріңіз.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "%s үшін парольді өзгертуге болмайды.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "%s үшін парольді қазір өзгертуге болмайды.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: пайдаланушыны оқшаулаудан бо�ату пароль�із тіркелгіге әкелуі мүмкін.\n"
+"О�ыны жа�ау үшін �із оған парольді usermod -p қолданып орнатуыңыз керек.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: %s репозиторийіне қолдау жоқ\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s пайдаланушының %s үшін паролді өзгертуге құқығы жоқ\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Сізде%s үшін парольдік ақпаратты оқи не өзгерте алмай�ыз.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "%s үшін парольді өзгерту\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s пайдаланушының паролі өзгертілмеді.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: пароль өзгертілді.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: пароль мерзімі туралы ақпарат өзгертілді.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опци�лар] [passwd]\n"
+"\n"
+"Опци�лар:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опци�лар] [passwd [shadow]]\n"
+"\n"
+"Опци�лар:\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr "  -q, --quiet                   тек қателерді хабарлау\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: USE_TCB і�ке қо�улы бол�а, альтернативті shadow файлына рұқ�ат жоқ.\n"
+
+msgid "invalid password file entry"
+msgstr "парольдер файлының қате жазба�ы"
+
+msgid "duplicate password entry"
+msgstr "қайталанатын пароль жазба�ы"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "қате пайдаланушы аты '%s'\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "пайдаланушы ID-і '%lu' қате\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "пайдаланушы '%s':  %lu тобы жоқ\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "пайдаланушы '%s':  '%s' бума�ы жоқ болып тұр\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "пайдаланушы '%s': '%s' бағдарлама�ы жоқ болып тұр\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "%s үшін tcb бума�ы жоқ\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "%s үшін tcb бума�ын жа�ау керек пе?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s үшін tcb бума�ын жа�ау �әт�із а�қталды\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: %s оқшаулау мүмкін еме�.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "%s ішінде �әйке� парольдер файлының жазба�ы жоқ\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "'%s' пайдаланушыны %s ішіне қо�у керек пе? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"%s пайдаланушы�ының %s ішінде жазба�ы бар, бірақ оның %s ішіндегі пароль "
+"жазба�ы 'x' етіп орнатылмаған\n"
+
+msgid "invalid shadow password file entry"
+msgstr "көлеңкелі парольдер файлының қате жазба�ы"
+
+msgid "duplicate shadow password entry"
+msgstr "қайталанатын көлеңкелі пароль жазба�ы"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "пайдаланушы %s: �оңғы парольді өзгерту уақыты болашақта\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: %s ішіндегі жазбаралды �ұрыптау мүмкін еме�\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: tcb і�ке қо�улы бол�а, жұмы� і�теу мүмкін еме�\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: %s режимін 0600 мәніне орнату �әт�із а�қталды\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "О�ы тіркелгі үшін su орындауға РҰҚС�Т ЖОҚ.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Парольдік аутентификаци�ны аттап өтеміз.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Шындылықты тек�еру үшін ӨЗІҢІЗДІҢ пароліңізді енгізіңіз.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Пайдаланушы қоршамын і�ке қо�у мүмкін еме�\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: �игнал ақаулығы\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: �игналды ба�қару ақаулығы\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Се��и� тоқтатылды, қоршамды тоқтату..."
+
+msgid " ...killed.\n"
+msgstr " ...өлтірілді.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...ұрпақ үрді�тің тоқтатылуын күту.\n"
+
+msgid " ...terminated.\n"
+msgstr " ...тоқтатылды.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Қолданылуы: su [опци�лар] [ТІРКЕЛГІ]\n"
+"\n"
+"Опци�лары:\n"
+"  -c, --command COMMAND         шақырылатын қоршамға COMMAND команда�ын "
+"беру\n"
+"  -h, --help                    о�ы көмек ақпаратын көр�ету және шығу\n"
+"  -, -l, --login                қоршамды тіркелгі қоршамына ауы�тыру\n"
+"  -m, -p,\n"
+"  --preserve-environment        орта айнымалыларының мәндерін мен қоршамды "
+"�ақтау\n"
+"  -s, --shell SHELL             passwd-да көр�етілгеннің орнына SHELL "
+"қоршамын қолдану\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Елемеу)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Сізде su %s жа�ау үшін құқығыңыз жоқ\n"
+
+msgid "(Enter your own password)"
+msgstr "(Өзіңіздің пароліңізді енгізіңіз)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: �утентификаци� қате�і\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Сізде қазір su жа�ау үшін құқығыңыз жоқ\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "'%s' пайд.-�ы үшін passwd жазба�ы жоқ\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: терминалда орындалуы керек\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: қате %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Ба�қару терминалын та�тау мүмкін еме�\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "%s орындау мүмкін еме�\n"
+
+msgid "No password file"
+msgstr "Парольдер файлы жоқ"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY қате�і"
+
+msgid "No password entry for 'root'"
+msgstr "'root' үшін пароль жазба�ы жоқ"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Кәдімгі жүктелу үшін control-d ба�ыңыз,\n"
+"(неме�е жүйені жөндеу режиміне өту үшін root паролін енгізіңіз):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Жүйені жөндеу режиміне өту"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s жа�алды, бірақ оны өшіру мүмкін еме�\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: %s баптауы,  ол %s ішінде, е�епке алынбайды\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: жаңа defaults файлын жа�ау мүмкін еме�\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: жаңа defaults файлын ашу мүмкін еме�\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: %s ішіндегі жол тым ұзын: %s..."
+
+#, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Қор көшірме файлын жа�ау мүмкін еме� (%s): %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: атын ауы�тыру: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: '%s' тобы NIS тобы болып тұр.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: шектен көп топ �аны көр�етілген (мак�имум %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Қолданылуы: %s [опци�лар] ТІРКЕЛГІ\n"
+"            %s -D\n"
+"            %s -D [опци�лар]\n"
+"\n"
+"Опци�лар:\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -b, --base-dir �ЕГ_БУМ�       жаңа тіркелгінің үй бума�ы орнала�атын\n"
+"                                негізгі бума\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr "  -c, --comment COMMENT         жаңа тіркелгінің GECOS өрі�і\n"
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr "  -d, --home-dir ҮЙ_БУМ�СЫ      жаңа тіркелгі үшін үй бума�ы\n"
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+"  -D, --defaults                useradd-ң ба�тапқы баптауларын шығару не "
+"өзгерту\n"
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+"  -e, --expiredate �ЯҚТ�ЛУ_КҮ�І жаңа тіркелгінің мерзімі а�қталатын күні\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+"  -f, --inactive INACTIVE       жаңа тіркелгі паролінің бел�енді еме� уақыт "
+"аралығы\n"
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+"  -g, --gid ТОП                 жаңа тіркелгі үшін ба�ты топтың аты не ID-і\n"
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+"  -G, --groups ТОПТ�Р           жаңа тіркелгі үшін қо�ымша топтар тізімі\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr "  -k, --skel SKEL_DIR          ба�қа үлгілер бума�ын қолдану\n"
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -l, --no-log-init             пайдаланушыны lastlog пен faillog\n"
+"                                дерекқорларына қо�пау\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr "  -m, --create-home             пайдаланушы үй бума�ын жа�ау\n"
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr "  -M, --no-create-home          пайдаланушы үй бума�ын жа�амау\n"
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr "  -N, --no-user-group           пайдаланушымен атта� топты жа�амау\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              қайталанатын (ерекше еме�) UID бар\n"
+"                                пайдаланушыларды жа�ауға рұқ�ат ету\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr "  -p, --password П�РОЛЬ         жаңа тіркелгі үшін шифрленген пароль\n"
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr "  -s, --shell ҚОРШ�М            жаңа тіркелгі үшін кіру қоршамы\n"
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr "  -u, --uid UID                 жаңа тіркелгі үшін пайдаланушы ID-і\n"
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr "  -U, --user-group              пайдаланушымен атта� топты жа�ау\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+"  -Z, --selinux-user SEUSER     SELinux пайдаланушы �әйке�тігі үшін "
+"көр�етілген SEUSER қолдану\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: '%s' негізгі бума�ы қате\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: '%s' тү�ініктеме�і қате\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: '%s' үй бума�ы қате\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: -e үшін көлеңкелі парольдер керек\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: -f үшін көлеңкелі парольдер керек\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: '%s' өрі�і қате\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: '%s' қоршамы қате\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z өз алдында SELinux қо�улы �дроны талап етеді\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: %lu UID-і үшін faillog жазба�ын нөлдеу �әт�із: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: %lu UID-і үшін lastlog жазба�ын нөлдеу �әт�із: %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: жаңа %s жазба�ын дайындау �әт�із а�қталды\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: %s бума�ын жа�ау мүкін еме�\n"
+
+msgid "Creating mailbox file"
+msgstr "Пошта файлын құру"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"'mail' тобы табылмады. Пайдаланушының пошта файлы 0600 түрінде құрылады.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Пошта файлына рұқ�аттарды орнату"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: '%s' пайдаланушы�ы бар болып тұр\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: %s тобы бар болып тұр - егер оған жаңа пайдаланушыны қо�қыңыз кел�е, -g "
+"қолданыңыз.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: пайдаланушыны жа�ау мүмкін еме�\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu бар болып тұр\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: %s үшін tcb бума�ын жа�ау мүмкін еме�\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: топты құру мүмкін еме�\n"
+
+#, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: бағынышты пайдаланушы ID-ын жа�ау мүмкін еме�\n"
+
+#, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: бағынышты топ ID-ын жа�ау мүмкін еме�\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: е�керту: үй бума�ы бар болып тұр.\n"
+"Оның ішіне skel бума�ынан бірде-бір файл көшірілмеді.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr "%s: е�керту: %s пайдаланушы атын %s SELinux �әйке�тендіру �әт�із.\n"
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   файлдарды өшіруді мәжбүрлеу,\n"
+"                                пайдаланушы иелігінде болма�а да\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr "  -r, --remove                  үй бума�ын мен пошта�ын өшіру\n"
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+"  -Z, --selinux-user            пайд.-ның барлық SELinux пайд. "
+"�әйке�тіктерін жою\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: %s тобы өшірілмейді, өйткені ол %s пайд.-ның негізгі тобы еме�.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: %s тобы өшірілмейді, өйткені онда ба�қа мүшелері бар.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: %s тобын өшіру мүмкін еме�, ол ба�қа пайдаланушы үшін ба�ыңқы топ болып "
+"табылады.\n"
+
+#, c-format
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: %lu жазба�ын %s ішінен өшіру мүмкін еме�\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s пошта �пулы (%s) табылмады\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: е�керту: %s өшіру мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s қазір %s иелігінде еме�, өшірілмейді\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s: Жадыны бөлу мүмкін еме�, %s үшін tcb жазба�ы өшірілмеді.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Привилеги�ларды та�тау мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: %s құрама�ын өшіру мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: %s үшін tcb файлдарын өшіру мүмкін еме�: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: %s қазір NIS пайдаланушы�ы болып тұр\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s үшін үй бума�ы (%s) табылмады\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: %s бума�ы өшірілмеді (%s пайдаланушының үй бума�ын өшіру талабы)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: %s бума�ын өшіру қатемен а�қталды\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: е�керту: %s пайдаланушы атына SELinux пайд. �әйке�тендіруін өшіру "
+"�әт�із.\n"
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment COMMENT         GECOS жазба�ы үшін жаңа мәні\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+"  -d, --home HOME_DIR           пайдаланушы тіркелгі�і үшін жаңа үй бума�ы\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -e, --expiredate EXPIRE_DATE  тіркелгінің а�қталу мерзімін EXPIRE_DATE "
+"күніне орнату\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive INACTIVE       мерзімі а�қталғаннан кейін пароль "
+"�өндірілетін күн\n"
+"                                �анын INACTIVE мәніне орнату\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+"  -g, --gid ТОП                 жаңа ба�ыңқы топ ретінде ТОПты қолдануды "
+"мәжбүрлету\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr "  -G, --groups ТОПТ�Р           пайдаланушыны қо�ымша ТОПТ�Рға қо�у\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+"  -a, --append                  пайдаланушыны қо�ымша ТОПТ�Р ішіне қо�у\n"
+"                                -G опци��ы �и�қты, пайдаланушыны ба�қа "
+"топтардан\n"
+"                                өшірмейді\n"
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login NEW_LOGIN         тіркелгі үшін жаңа аты\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    пайдаланушы тіркелгі�ін оқшаулау\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               үй бума�ының құрама�ын жаңа жерге ауы�тыру\n"
+"                                (тек -d опци��ымен бірге қолданыңыз)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              қайталанатын (ерекше еме�) UID-тарды "
+"қолдануды рұқ�ат ету\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+"  -p, --password PASSWORD       жаңа пароль ретінде шифрленген парольді "
+"қолдану\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+"  -u, --uid UID                 жаңа тіркелгі үшін пайдаланушы ID-і\n"
+"  -u, --uid UID                 пайдаланушы тіркелгі�і үшін жаңа UID\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+"  -U, --unlock                  пайдаланушы тіркелгі�ін оқшаулаудан бо�ату\n"
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr "  -v, --add-subuids БІРІ�ШІ-СОҢҒЫ  бағынышты uid-тар ауқымын қо�у\n"
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr "  -V, --del-subuids БІРІ�ШІ-СОҢҒЫ  бағынышты uid-тар ауқымын өшіру\n"
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr "  -w, --add-subgids БІРІ�ШІ-СОҢҒЫ  бағынышты gid-тар ауқымын қо�у\n"
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr "  -W, --del-subgids БІРІ�ШІ-СОҢҒЫ  бағынышты gid-тар ауқымын өшіру\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -Z, --selinux-user SEUSER     пайдаланушы тіркелгі�і үшін жаңа SELinux "
+"�әйке�тігі\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: пайдаланушыны оқшаулаудан бо�ату пароль�із тіркелгіге әкеп �оғады.\n"
+"О�ыны жа�ау үшін �із оған парольді usermod -p қолданып орнатуыңыз керек.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: '%s' пайдаланушы�ы %s ішінде бар болып тұр\n"
+
+#, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: жарам�ыз бағынышты uid ауқымы '%s'\n"
+
+#, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: жарам�ыз бағынышты gid ауқымы '%s'\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: опци�лар жоқ\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: -L, -p және -U жалаушаларын бірге қолдануға болмайды\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: -e пен -f үшін көлеңкелі парольдер керек\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: '%lu' UID-і бар болып тұр\n"
+
+#, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s жоқ болып тұр, %s неме�е %s жалаушаларын қолдануға болмайды\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: %s бума�ы бар болып тұр\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: �лдыңғы үй бума�ы (%s) бума еме� болған. Ол өшірілмеді де, ешбір үй "
+"бума�ы жа�алмады.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Үй бума�ының иелігін ауы�тыру мүмкін еме�"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: е�керту: %s е�кі үй бума�ын толығымен өшіру мүмкін еме�"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: %s бума�ының атын %s атына ауы�тыру мүмкін еме�\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: %lu пайд.-нан %lu пайдаланушы�ына lastlog жазба�ын көшіру �әт�із: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: %lu пайд.-нан %lu пайдаланушы�ына faillog жазба�ын көшіру �әт�із: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: е�керту: %s қазір %s иелігінде еме�\n"
+
+msgid "failed to change mailbox owner"
+msgstr "mailbox ие�ін ауы�тыру қатемен а�қталды"
+
+msgid "failed to rename mailbox"
+msgstr "mailbox атын ауы�тыру қатемен а�қталды"
+
+#, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: %lu-%lu uid-тар ауқымын '%s' ішінен өшіру �әт�із а�қталды\n"
+
+#, c-format
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: %lu-%lu uid ауқымын '%s' ішіне қо�у �әт�із а�қталды\n"
+
+#, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: %lu-%lu gid-тар ауқымын '%s' ішінен өшіру �әт�із а�қталды\n"
+
+#, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: %lu-%lu gid ауқымын '%s' ішіне қо�у �әт�із а�қталды\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Сіз %s түзеттіңіз.\n"
+"Сізге %s құрама�ын түзетуге керек болуы мүмкін.\n"
+"Оны орындау үшін '%s' команда�ын қолданыңыз.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   топ дерекқорын түзету\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd                  passwd дерекқорын түзету\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr "  -s, --shadow                  shadow не gshadow дерекқорын түзету\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+"  -u, --user                    қай пайдаланушының tcb shadow файлын түзету "
+"керек\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: %s өшіру �әт�із а�қталды\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s өзгертілмеді\n"
+
+msgid "failed to create scratch directory"
+msgstr "scratch бума�ын жа�ау �әт�із"
+
+msgid "failed to drop privileges"
+msgstr "привилеги�ларды та�тау �әт�із"
+
+msgid "Couldn't get file context"
+msgstr "Файлға қол жеткізу мүмкін еме�"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () �әт�із"
+
+msgid "failed to gain privileges"
+msgstr "привилеги�ларды алу мүмкін еме�"
+
+msgid "Couldn't lock file"
+msgstr "Файлды оқшаулау мүмкін еме�"
+
+msgid "Couldn't make backup"
+msgstr "Қор көшірмені жа�ау мүмкін еме�"
+
+#, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s: %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s %d қалып-күймен өз жұмы�ын а�қтады\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr "%s: %s %d �игналымен тоқтатылды\n"
+
+msgid "failed to open scratch file"
+msgstr "scratch файлын ашу �әт�із"
+
+msgid "failed to unlink scratch file"
+msgstr "scratch файлын жою �әт�із"
+
+msgid "failed to stat edited file"
+msgstr "түзетілген файлды табу �әт�із"
+
+msgid "failed to allocate memory"
+msgstr "жадыны бөлу �әт�із"
+
+msgid "failed to create backup file"
+msgstr "резервті көшірме файлын жа�ау �әт�із"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: %s қайтару мүмкін еме�: %s (�іздің өзгертулеріңіз %s ішінде)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: %s үшін tcb бума�ын табу �әт�із\n"
+
+#~ msgid "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ msgstr "  -c, --crypt-method            шифрлеу тә�ілі (%s ішінен біреу)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Қолданылуы: vipw [опци�лар]\n"
+#~ "\n"
+#~ "Опци�лар:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "жадыдан %d байт бөлу мүмкін еме�\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Қолданылуы: chage [опци�лар] [П�ЙД�Л��УШЫ_�ТЫ]\n"
+#~ "\n"
+#~ "Опци�лар:\n"
+#~ "  -d, --lastday LAST_DAY        парольдің а�қталу мерзімін LAST_DAY "
+#~ "күніне орнату\n"
+#~ "  -E, --expiredate EXPIRE_DATE  тіркелгінің а�қталу мерзімі EXPIRE_DATE "
+#~ "күніне орнату\n"
+#~ "  -h, --help                    о�ы көмек ақпаратын көр�етіп, шығу\n"
+#~ "  -I, --inactive INACTIVE       парольдің мерзімі біткен �оң оны INACTIVE "
+#~ "болып\n"
+#~ "                                орнату үшін өтетін күн �аны\n"
+#~ "  -l, --list                    тіркелгінің жұмы� уақыты ақпаратын "
+#~ "көр�ету\n"
+#~ "  -m, --mindays MIN_DAYS        парольді ауы�тыру ара�ында өту керек ең "
+#~ "аз күн �анын\n"
+#~ "                                MIN_DAYS мәніне орнату\n"
+#~ "  -M, --maxdays MAX_DAYS        парольді ауы�тыру ара�ында өту керек ең "
+#~ "көп �үн �анын\n"
+#~ "                                MAX_DAYS мәніне орнату\n"
+#~ "  -W, --warndays WARN_DAYS      мерзімі а�қталу туралы хабарламаны "
+#~ "WARN_DAYS күн қалғанда көр�ете ба�тау\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM көмегімен шындылықты тек�еру қатемен а�қталды\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Қолданылуы: %s [-f толықl_аты] [-r бөлме_нөмірі] [-w жұмы�_тел]\n"
+#~ "\t[-h үй_тел] [-o ба�қа] [пайдаланушы аты]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Қолданылуы: %s [-f толық_аты] [-r бөлме_нөмірі] [-w жұмы�_тел] [-h "
+#~ "үй_тел]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Қолданылуы: %s [опци�лар]\n"
+#~ "\n"
+#~ "Опци�лары:\n"
+#~ "  -c, --crypt-method            шифрлеу тә�іл (%s-дан біреу)\n"
+#~ "  -e, --encrypted               шифрленген пароль енгізіледі\n"
+#~ "  -h, --help                    о�ы көмек ақпаратын көр�ету және шығу\n"
+#~ "  -m, --md5                     DES орнына MD5 алгоритмін қолдану, егер "
+#~ "пароль\n"
+#~ "                                шифрленбеген түрде енгізіл�е\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Қолданылуы: chsh [опци�лар] [LOGIN]\n"
+#~ "\n"
+#~ "Опци�лары:\n"
+#~ "  -h, --help                    о�ы көмек ақпаратын көр�ету және шығу\n"
+#~ "  -s, --shell SHELL             пайдаланушы тіркелгі�і үшін жаңа қоршам\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Қолданылуы: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: UID %lu үшін жазбаны алу мүмкін еме�\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: %s ашу мүмкін еме�: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: %s өлшемін алу мүмкін еме�: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Қолданылуы: groupdel топ\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Қолданылуы: %s [-r] [-s] [group [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Қолданылуы: %s [-r] [-s] [топ]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s пен -r өзара үйле�пейді\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Қолданылуы: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Қолданылуы: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Қолданылуы: lastlog [опци�лар]\n"
+#~ "\n"
+#~ "Опци�лары:\n"
+#~ "  -b, --before КҮ�             мерзімі КҮ�нен үлкен ғана lastlog "
+#~ "жазбаларын көр�ету\n"
+#~ "  -h, --help                    о�ы көмек ақпаратын көр�ету және шығу\n"
+#~ "  -t, --time КҮ�               мерзімі КҮ�нен кіші ғана lastlog "
+#~ "жазбаларын көр�ету\n"
+#~ "  -u, --user ТІРКЕЛГІ          көр�етілген ТІРКЕЛГІ үшін lastlog "
+#~ "жазбаларын көр�ету\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Қолданылуы: passwd [опци�лар] [ТІРКЕЛГІ]\n"
+#~ "\n"
+#~ "Опци�лары:\n"
+#~ "  -a, --all                     барлық тіркелгілер үшін парольдер күйін "
+#~ "шығару\n"
+#~ "  -d, --delete                  көр�етілген тіркелгі үшін парольді өшіру\n"
+#~ "  -e, --expire                  көр�етілген тіркелгі үшін пароль "
+#~ "мерзімінің а�қталуын мәжбүрлету\n"
+#~ "  -h, --help                    о�ы көмек ақпаратын көр�ету және шығу\n"
+#~ "  -k, --keep-tokens             парольді тек мерзімі а�қтал�а ғана "
+#~ "өзгерту\n"
+#~ "  -i, --inactive INACTIVE       мерзімі а�қталғаннан кейін тіркелгіні "
+#~ "�өндіру үшін\n"
+#~ "                                керек күн �анын INACTIVE мәніне орнату\n"
+#~ "  -l, --lock                    көр�етілген тіркелгіні оқшаулау\n"
+#~ "  -n, --mindays MIN_DAYS        парольді өзгерту ара�ында ең аз рұқ�ат "
+#~ "етілген күн �анын\n"
+#~ "                                MIN_DAYS мәніне орнату\n"
+#~ "  -q, --quiet                   тыныш түрі\n"
+#~ "  -r, --repository REPOSITORY   REPOSITORY репозиторийінде парольді "
+#~ "өзгерту\n"
+#~ "  -S, --status                  көр�етілген тіркелгі үшін пароль күйін "
+#~ "шығару\n"
+#~ "  -u, --unlock                  көр�етілген тіркелгіні оқшаулаудан "
+#~ "бо�ату\n"
+#~ "  -w, --warndays WARN_DAYS      мерзімі а�қталуы туралы WARN_DAYS "
+#~ "қалғанда е�керте ба�тау\n"
+#~ "  -x, --maxdays MAX_DAYS        парольді өзгерту ара�ында ең көп рұқ�ат "
+#~ "етілген күн �анын\n"
+#~ "                                MAX_DAYS мәніне орнату\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Қолданылуы: %s [-q] [-r] [passwd]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Қолданылуы: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Қолданылуы: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Қолданылуы: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Белгі�із id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Қоршам жоқ\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Қолданылуы: userdel [опци�лар] ТІРКЕЛГІ\n"
+#~ "\n"
+#~ "Опци�лары:\n"
+#~ "  -f, --force                   файлдарды өшіруді мәжбүрлеу,\n"
+#~ "                                пайдаланушы иелігінде болма�а да\n"
+#~ "  -h, --help                    о�ы көмек ақпаратын көр�ету және шығу\n"
+#~ "  -r, --remove                  үй бума�ын мен пошта�ын өшіру\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: %s пайдаланушы�ы қазір жүйеге кіріп тұр\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Қолданылуы: usermod [опци�лар] ТІРКЕЛГІ\n"
+#~ "\n"
+#~ "Опци�лары:\n"
+#~ "  -c, --comment COMMENT         GECOS жазба�ы үшін жаңа мәні\n"
+#~ "  -d, --home HOME_DIR          пайдаланушы тіркелгі�і үшін жаңа үй "
+#~ "бума�ы\n"
+#~ "  -e, --expiredate EXPIRE_DATE  тіркелгінің а�қталу мерзімін EXPIRE_DATE "
+#~ "күніне орнату\n"
+#~ "  -f, --inactive INACTIVE       мерзімі а�қталғаннан кейін пароль "
+#~ "�өндірілетін күн\n"
+#~ "                                �анын INACTIVE мәніне орнату\n"
+#~ "  -g, --gid ТОП                 жаңа ба�ыңқы топ ретінде ТОПты қолдануды "
+#~ "мәжбүрлету\n"
+#~ "  -G, --groups ТОПТ�Р           пайдаланушыны қо�ымша ТОПТ�Рға қо�у\n"
+#~ "  -a, --append                  пайдаланушыны қо�ымша ТОПТ�Р ішіне қо�у\n"
+#~ "                                -G опци��ы �и�қты, пайдаланушыны ба�қа "
+#~ "топтардан\n"
+#~ "                                өшірмейді\n"
+#~ "  -h, --help                    о�ы көмек ақпаратын көр�ету және шығу\n"
+#~ "  -l, --login NEW_LOGIN         тіркелгі үшін жаңа аты\n"
+#~ "  -L, --lock                    пайдаланушы тіркелгі�ін оқшаулау\n"
+#~ "  -m, --move-home               үй бума�ының құрама�ын жаңа жерге "
+#~ "ауы�тыру\n"
+#~ "                                (тек -d опци��ымен бірге қолданыңыз)\n"
+#~ "  -o, --non-unique              қайталанатын (ерекше еме�) UID-тарды "
+#~ "қолдануды рұқ�ат ету\n"
+#~ "  -p, --password PASSWORD       жаңа пароль ретінде шифрленген парольді "
+#~ "қолдану\n"
+#~ "  -s, --shell SHELL             пайдаланушы тіркелгі�і үшін жаңа қоршам\n"
+#~ "  -u, --uid UID                 пайдаланушы тіркелгі�і үшін жаңа UID\n"
+#~ "  -U, --unlock                  пайдаланушы тіркелгі�ін оқшаулаудан "
+#~ "бо�ату\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: жалаушалар көр�етілмеген\n"
diff --git a/po/km.po b/po/km.po
new file mode 100644
index 0000000..5047530
--- /dev/null
+++ b/po/km.po
@@ -0,0 +1,3506 @@
+# translation of shadow_po_km.po to Khmer
+# translation of shadow_po_km.po to
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+#
+# Khoem Sokhem <khoemsokhem@khmeros.info>, 2006.
+# Poch Sokun <sokun_poch@khmeros.info>, 2006.
+# auk piseth <piseth_dv@khmeros.info>, 2006.
+# Leang Chumsoben <soben@khmeros.info>, 2006.
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow_po_km\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2006-06-28 10:08+0700\n"
+"Last-Translator: Khoem Sokhem <khoemsokhem@khmeros.info>\n"
+"Language-Team: Khmer <support@khmeros.info>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.11.2\n"
+"Plural-Forms: nplurals=2; plural=(n != 1)\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "មិន​អាច​បម្រុង​ទុក​ទំហំ​សម្រាប់​ព��៌មាន​​កំណ�់​រចនាសម្ព�ន្ធទ�​ ។\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "កំហុស​ការ​កំណ�់​រចនាសម្ព�ន្ធ​ - មិន​ស្គាល់​ធា�ុ '%s' (ជូន​ដំណឹង​អ្នក​គ្រប់គ្រង​)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "ពាក្យ​សម្ងា�់​ ៖ "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "ពាក្យសម្ងា�់​របស់ %sសម្ងា�់ ៖ "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "មិន​អាច​បម្រុង​ទុក​ទំហំ​សម្រាប់​ព��៌មាន​​កំណ�់​រចនាសម្ព�ន្ធទ�​ ។\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "ការផ្លាស់​ប្�ូរ​ព��៌មាន​ចាស់​សម្រាប់​ %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s ៖ មិន​អាចកំណ�់​ឈ្មោះ​អ្នកប្រើ​របស់​អ្នក​បាន​ទ� ។\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s ៖ បន្ទា�់​ %d ៖ មិន​អាច​រក​អ្នកប្រើ​ %s ឃើញឡើយ\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s ៖ អស់​ស�ិ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s ៖ មិនអាច​ធ្វើឲ្យឯកសារ %s ទាន់សម�យ​បានទ�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s ៖ ��​ផ្ទះ​មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​��​ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើ�​��​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s  ៖ ការព្រមាន​ ៖ មិន​អាច​យកច�ញបានឡើយ "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s  ៖ ការព្រមាន​ ៖ មិន​អាច​យកច�ញបានឡើយ "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s ៖​ ប្�ូរ​ឈ្មោះ​ ៖ %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​��​ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​��​ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s  ៖ ការព្រមាន​ ៖ មិន​អាច​យកច�ញបានឡើយ "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើ�​��​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s  ៖ ការព្រមាន​ ៖ មិន​អាច​យកច�ញបានឡើយ "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s ៖ មិនអាច​ធ្វើឲ្យឯកសារ %s ទាន់សម�យ​បានទ�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s ៖ មិនអាច​ធ្វើឲ្យឯកសារស្រមោល​ទាន់សម�យបានឡើយ​\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s ៖​ ប្�ូរ​ឈ្មោះ​ ៖ %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s ៖ មិនអាច​បើក​ឯកសារ​ %s បានទ�\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "ការ​ព្រមាន ៖ មិន​ស្គាល់​ក្រុម %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "ការព្រមាន​ ៖ មាន​ច្រើន​ក្រុម​ព�ក\n"
+
+msgid "Your password has expired."
+msgstr "ពាក្យ​សម្ងា�់​របស់​អ្នក​បាន​ផុ�​កំណ�់ហើយ​ ។"
+
+msgid "Your password is inactive."
+msgstr "ពាក្យ​សម្ងា�់​របស់​អ្នកអសកម្ម​ ។"
+
+msgid "Your login has expired."
+msgstr "ការចូល​របស់អ្នក​បាន​ផុ�​កំណ�់ហើយ​ ។"
+
+#, fuzzy
+msgid "  Contact the system administrator."
+msgstr "  ទាក់ទងទៅ​អ្នកគ្រប់គ្រងប្រព�ន្ធ​ ។\n"
+
+#, fuzzy
+msgid "  Choose a new password."
+msgstr "  ជ្រើស​ពាក្យ​សម្ងា�់​មួយ ។\n"
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "ពាក្យ​សម្ងា�់​របស់​អ្នក​នឹង​ផុ�​កំណ�់ក្នុងព�ល​ %ld �្ងៃ ។\n"
+
+#, fuzzy
+msgid "Your password will expire tomorrow."
+msgstr "ពាក្យ​សម្ងា�់​របស់​អ្នក​នឹងផុ�​កំណ�់នៅ​�្ងៃ​ស្អែក​ ។​\n"
+
+#, fuzzy
+msgid "Your password will expire today."
+msgstr "ពាក្យ​សម្ងា�់​របស់​អ្នក​នឹងផុ�​កំណ�់នៅ​�្ងៃ​ន�ះ ។\n"
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "មិន​អាច​ប្�ូរ​ tty %s បានឡើយ"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s ៖ វាល គឺ​វែងវែងព�ក​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s ៖ %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "​លើស​ចំណុះ​បរិស្�ាន\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "អ្នក​ប្រហែល​មិន​បាន​ប្�ូរ​ $%s បានទ�\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d បានបរាជ�យ ចាប់�ាំងពីចូលលើក​ចុងក្រោយ​គ�មក​ ។\n"
+"ចុងក្រោយគ�នៅ​ %s លើ %s ។\n"
+msgstr[1] ""
+"%d ចូល​ចុងក្រោយ​បានបរាជ�យ​ ។\n"
+"ចុងក្រោម​ %s  %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "បរាជ�យ​ក្នុងការ​ផ្លាស់ប្ដូរ​ម្ចាស់​ប្រអប់សំបុ�្រ"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s ៖ មិនអាចយក​ UID ដែលមាន�ែមួយ​បានទ�\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s ៖ មិនអាច​យក​​ GID ​ដែលមាន�ែមួយ​បានឡើយ​\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s ៖ មិនអាចយក​ UID ដែលមាន�ែមួយ​បានទ�\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s ៖ មិនអាចយក​ UID ដែលមាន�ែមួយ​បានទ�\n"
+
+msgid "Too many logins.\n"
+msgstr "ចូល​ច្រើន​ព�ក​ ។\n"
+
+msgid "You have new mail."
+msgstr "អ្នក​មានសំបុ�្រ​�្មី​ ។​"
+
+msgid "No mail."
+msgstr "គ្មាន​សំបុ�្រ​​​ទ�​ ។"
+
+msgid "You have mail."
+msgstr "អ្នក​មាន​សំបុ�្រ ។"
+
+msgid "no change"
+msgstr "គ្មាន​​ផ្លាស់ប្�ូរ​ "
+
+msgid "a palindrome"
+msgstr "ឃ្លាដែលអាច​អាន​�្រឡប់​ចុះ�្រឡប់ឡើងបាន"
+
+msgid "case changes only"
+msgstr "ករណី​បាន​�ែ​ប្�ូរ​"
+
+msgid "too similar"
+msgstr "ស្រដៀងគ្នា​ព�ក"
+
+msgid "too simple"
+msgstr "ធម្ម�ា​ព�ក"
+
+msgid "rotated"
+msgstr "បានបង្វិល​"
+
+msgid "too short"
+msgstr "�្លីព�ក​"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "ពាក្យ​សម្ងា�់​មិន​�្រឹម�្រូវ​ ៖ %s ។  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "ពាក្យ​សម្ងា�់​ ៖ pam_start() បាន​បរាជ�យ​, កំហុស​ %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "ពាក្យសម្ងា�់ ៖ %s\n"
+
+#, fuzzy
+msgid "passwd: password unchanged\n"
+msgstr "ពាក្យ​សម្ងា�់​បាន​ប្�ូរ​ ។\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "ពាក្យសម្ងា�់ ៖ ពាក្យ​សម្ងា�់​បាន​ធ្វើ​ឲ្យ​ទាន់​សម�យ​ដោយ​ជោគជ�យ​\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "ពាក្យ​សម្ងា�់​មិន​�្រឹម�្រូវ​សម្រាប់​ %s ។\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s ៖ បរាជ�យ​ក្នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s ៖ ល��​ទូរស�ព្ទនៅផ្ទះ​មិន​�្រឹម�្រូវ​ ៖ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើ�​��​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើ�​��​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើ�​��​ %s បានឡើយ\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "មិន​អាច​​ cd ចូលទៅ​ '%s' បានទ�\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "គ្មាន​��​ ការចូល​ជាមួយ​ HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "មិន​អាចប្រ�ិប�្�ិ​ %s បានទ�"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "��​ root មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "មិន​អាច​ប្�ូរ​�� root ទៅ​ '%s'បាន​ទ�​\n"
+
+msgid "Unable to determine your tty name."
+msgstr "មិន​អាច​កំណ�់​ឈ្មោះ​ tty របស់​អ្នកបានទ�​ ។"
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "ទ�\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+#, fuzzy
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "បញ្ចូល​�ម្លៃ​�្មី​ ឬ ​សង្ក�់​ បញ្ចូល សម្រាប់​លំនាំដើម​\n"
+
+msgid "Minimum Password Age"
+msgstr "អាយុ​ពាក្យសម្ងា�់​អប្បរមា"
+
+msgid "Maximum Password Age"
+msgstr "អាយុ​ពាក្យសម្ងា�់​អ�ិបរមាsword Age"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "ការប្ដូរ​ពាក្យ​សម្ងា�់​ជាលើកចុងក្រោយ (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "ការព្រមាន​ការផុ�​កំណ�់​នៃ​ពាក្យ​សម្ងា�់​"
+
+msgid "Password Inactive"
+msgstr "ពាក្យ​សម្ងា�់​អសកម្ម​"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "កាលបរិច្ឆ�ទ​ការផុ�​កំណ�់របស់​​គណនី​ (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "ការប្�ូរ​ពាក្យ​សម្ងា�់​លើកចុង​ក្រោយ​\t\t\t\t\t ៖ "
+
+#, fuzzy
+msgid "never"
+msgstr "កុំ\n"
+
+#, fuzzy
+msgid "password must be changed"
+msgstr "ពាក្យ​សម្ងា�់​�្រូវ​�ែ​ប្�ូរ​\n"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "ពាក្យ​សម្ងា�់​ផុ�​កំណ�់​\t\t\t\t\t ៖ "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "ពាក្យ​សម្ងា�់ អសកម្ម \t\t\t\t\t ៖ "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "គណនី​ផុ�​កំណ�់​\t\t\t\t\t\t ៖ "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "ចំនួន​�្ងៃ​អប្បបរមា​រវាង​ការផ្លាស់​ប្�ូរ​ពាក្យ​សម្ងា�់​\t\t ៖ %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "ចំនួន�្ងៃ​អ�ិបរមា​រវាង​ការផ្លាស់ប្�ូរ​ពាក្យ​សម្ងា�់​\t\t ៖ %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "ចំនួន​�្ងៃ​នៃការព្រមាន​ មុនព�ល​ពាក្យសម្ងា�់​ផុ�កំណ�់\t ៖ %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s ៖ កាលបរិច្ឆទ​មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s ៖ អាគុយម៉ង់​ជាល��​មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s ៖ មិន​រូមបញ្ចូល​ទាំង​ \"l\" ជាមួយ​ទង់​ដទៃទៀ�​ទ�\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s ៖ សិទ្ធ​�្រូវ​បាន​បដិស�ធ ។\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s ៖ មិន​អាចកំណ�់​ឈ្មោះ​អ្នកប្រើ​របស់​អ្នក​បាន​ទ� ។\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s ៖ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s ៖ មិន​អាច​ចាក់សោ​ឯកសារ​បានឡើយ សូមព្យាយាម​ម្�ង​ទៀ�នៅព�លក្រោយ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s ៖ មិនអាច​បើក​ឯកសារ​ %s បានទ�\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s ៖ ការចែកជាពីរវិធី​​បានបរាជ�យ​ ៖ %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s ៖ បរាជ�យ​ក្នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s ៖ គ្មាន​វ�្�មាន​​ឯកសារ​ពាក្យ​សម្ងា�់ស្រមោលទ�​\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s ទ�​\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "ការផ្លាស់​ប្�ូរ​ព��៌មាន​ចាស់​សម្រាប់​ %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s ៖ កំហុស​ការផ្លាស់ប្�ូរ​វាល​\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "ឈ្មោះ​ព�ញ"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s ៖ %s\n"
+
+msgid "Room Number"
+msgstr "ល��បន្ទប់​"
+
+msgid "Work Phone"
+msgstr "ទូរស�ព្ទ​​​កន្លែង​​​ធ្វើការ"
+
+msgid "Home Phone"
+msgstr "ទូរស�ព្ទនៅ​ផ្ទះ"
+
+msgid "Other"
+msgstr "ផ្ស�ងៗ"
+
+msgid "Cannot change ID to root.\n"
+msgstr "មិន​អាចផ្លាស់ប្�ូរ​ល��​សម្គាល់​ទៅ​ជា​ root បាន​ឡើយ​ ។\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s ៖ ឈ្មោះ​មិន​�្រឹម�្រូវ​ ៖ '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s ៖ ចំនួន​បន្ទប់​មិន​�្រឹម�្រូវ​ ៖ '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s ៖ ល��ទូរស�ព្ទ​នៅ​កន្លែង​ធ្វើការ​មិន​�្រឹម�្រូវ​ ៖ '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s ៖ ល��​ទូរស�ព្ទនៅផ្ទះ​មិន​�្រឹម�្រូវ​ ៖ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s ៖ '%s' មាន​�ួអក្សរ​មិន​�្រឹម�្រូវ​\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s ៖ '%s' មាន​�ួអក្សរ​មិន​�្រឹម�្រូវ​\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s ទ�​\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s ៖ មិនអាចផ្លាស់​​ប្�ូរ​អ្នក​ប្រើបានទ�​ '%s' លើ​ម៉ាស៊ីន​ភ្ញៀវ NIS បានទ� ។\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s ៖ '%s' ជាម�​ NIS សម្រាប់​ម៉ាស៊ីន​ភ្ញៀវ​ន�ះ​ ។\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "កំពុងផ្លាស់​​ប្�ូរ​ព��៌មាន​អ្នកប្រើ​សម្រាប់​ %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s ៖ វាល គឺ​វែងវែងព�ក​\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: ទង់ -a គឺ�្រូវបានអនុញ្ញា�​បាន�ែជាមួយទង់ -G ប៉ុណ្ណោះ\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s ៖ បន្ទា�់​ %d ៖ បន្ទា�់​វែងព�ក​\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s ៖ បន្ទា�់​ %d ៖ បា�់បង់​ពាក្យ​សម្ងា�់​�្មី​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s ៖ បរាជ�យ​ក្នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s ៖ មិនមានក្រុម​ %sឡើយ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s ៖ បន្ទា�់​ %d ៖ មិនអាចធ្វើឲ្យ​ធា�ុបញ្ចូល​ទាន់សម�យបានឡើយ\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s ៖ បានរកឃើញ​កំហុស មិនអើពើនឹងការផ្លាស់ប្ដូរ​\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s ទ�​\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s ទ�​\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "សែលចូល"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "អ្នក​មិនអាច​​ប្�ូរ​សែល​សម្រាប់​ %s បានទ� ។\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "កំពុង​ផ្លាស់ប្ដូរ​សែល​ចូល​សម្រាប់ %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s ៖ ធា�ុបញ្ចូល​​មិន​�្រឹម�្រូវ​ ៖ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s គឺជា​សែល​មិន​�្រឹម�្រូវ​ ។\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s ទ�​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s ៖ ការព្រមាន ៖​ %s មិន�្រូវបានទទួល​យក​ដោយ %s ឡើយ\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "កំណ�់�្រាចុងក្រោយ ៖ អាគុយម៉ង់​មិន​រំពឹង​ទុក​ ៖ %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើ�​��​ %s បានឡើយ\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "ចូល       ភាពបរាជ�យ​នៃការចូល​ចុងក្រោយ​ជាអ�ិបរមា                   លើ\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds នៅសល់]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds ជាប់សោ]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើ�​��​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s ៖ បរាជ�យ​ក្នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើ�​��​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "មិន​ស្គាល់​អ្នក​ប្រើ ៖ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​��​ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s ៖ បរាជ�យ​ក្នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "មិនអាចប្ដូរ​ពាក្យ​សម្ងា�់​សម្រាប់​ %s បានឡើយ ។\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "មិនអាចប្ដូរ​ពាក្យ​សម្ងា�់​សម្រាប់​ %s បានឡើយ ។\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s ៖ បានទាមទារ​ពាក្យសម្ងា�់​ក្រុម​ស្រមោល​សម្រាប់​ -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s ៖ មិនមានក្រុម​ %sឡើយ​\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s ៖ ការចែកជាពីរវិធី​​បានបរាជ�យ​ ៖ %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "កំពុង​ប្�ូរ​ពាក្យ​សម្ងា�់​សម្រាប់​ក្រុម​ %s\n"
+
+msgid "New Password: "
+msgstr "ពាក្យសម្ងា�់​�្មី ៖ "
+
+msgid "Re-enter new password: "
+msgstr "បញ្ចូល​ពាក្យ​សម្ងា�់​�្មី​ឡើង​វិញ ៖ "
+
+msgid "They don't match; try again"
+msgstr "ពួកគ�​មិន​បាន​​ផ្គូរផ្គងទ� ។ សូមព្យាយាម​ម្�ង​ទៀ�​"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s ៖ សូមព្យាយាមម្ដងទៀ�​នៅព�លក្រោយ\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "កំពុង​បន្�ែម​អ្នកប្រើ​ %s ទៅក្រុម​ %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "កំពុង​យក​អ្នក​ប្រើ​ %s ច�ញពី​ក្រុម​ %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s ទ�​\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s ៖ មិនមែន​ tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s  ៖ %s ជា​ឈ្មោះ​ក្រុម​មិន​�្រឹម�្រូវ​\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "ឈ្មោះ​ក្រុម​ '%s' មិន�្រឹម�្រូវ\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K ទាមទារ​ KEY=VALUE\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s ៖ មានក្រុម​ %s រួច​ហើយ​\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s ៖ មិន​អាចកំណ�់​ឈ្មោះ​អ្នកប្រើ​របស់​អ្នក​បាន​ទ� ។\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​��​ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s ៖ មិនអាចផ្លាស់​​ប្�ូរ​អ្នក​ប្រើបានទ�​ '%s' លើ​ម៉ាស៊ីន​ភ្ញៀវ NIS បានទ� ។\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s ៖ មិនមានក្រុម​ %sឡើយ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s ៖ ក្រុម​ '%s' គឺជាក្រុម​ NIS ។\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s ៖ %s គឺជា​ម� NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s ៖ អ្នកប្រើ​ %s គឺជា​អ្នក​​ប្រើ​ NIS\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: អស់​ស�ិ​ក្នុង​ក្នុងការធ្វើឲ្យ​ក្រុមទាន់សម�យ\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "ឈ្មោះ​ក្រុម​ '%s' មិន�្រឹម�្រូវ\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s ៖ ក្រុម​ %s គឺជា​ក្រុម NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s ៖ មិន​ស្គាល់​អ្នកប្រើ​ %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s ៖ -s និង​ -r គឺមិន​�្រូវ​គ្នាទ�​\n"
+
+#, fuzzy
+msgid "invalid group file entry"
+msgstr "ធា�ុបញ្ចូល​ឯកសារក្រុម​មិន�្រឹម�្រូវ​\n"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "លុប​បន្ទា�់​ '%s' ឬ ? "
+
+#, fuzzy
+msgid "duplicate group entry"
+msgstr "ធា�ុបញ្ចូល​​ក្រុម​ស្ទួន​\n"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "ឈ្មោះ​ក្រុម​ '%s' មិន�្រឹម�្រូវ\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "ឈ្មោះ​ក្រុម​ '%s' មិន�្រឹម�្រូវ\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "ក្រុម​ %s ៖ គ្មាន​អ្នកប្រើ​ %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "លុប​សមាជិក​ '%s' ឬ ? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "គ្មាន​ធា�ុបញ្ចូល​ឯកសារ​ក្រុមផ្គូរផ្គង​នៅក្នុង​​ %s ទ�\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "បន្�ែម​ក្រុម​ '%s' ទៅក្នុង​ %s ឬ ?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid shadow group file entry"
+msgstr "ធា�ុ​ឯកសារ​ក្រុម​ស្រមោល​មិន​�្រឹម�្រូវ\n"
+
+#, fuzzy
+msgid "duplicate shadow group entry"
+msgstr "ធា�ុ​ក្រុម​ស្រមោល​ស្ទួន​\n"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "ក្រុម​ស្រមោល​ %s ៖ គ្មានអ្នកប្រើដែលគ្រប់គ្រង​ %s ទ�\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "លុប​សមាជិក​ដែល​គ្រប់គ្រង​ '%s' ឬ ? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "ក្រុម​ស្រមោល​ %s ៖ គ្មាន​អ្នក​ប្រើ​ %s ទ�\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s ៖ មិនបានធ្វើឲ្យ​ឯកសារទាន់សម�យឡើយ​\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s ៖គ្មាន​ការផ្លាស់ប្ដូរ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s ៖ មិនអាច​ធ្វើឲ្យឯកសារ %s ទាន់សម�យ​បានទ�\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "របៀបប្រើ ៖ ល��សម្គាល់ [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "របៀបប្រើ​ ៖ ល��សម្គាល់\n"
+
+msgid " groups="
+msgstr " ក្រុម​="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+#, fuzzy
+msgid "Username         Port     From             Latest"
+msgstr "ឈ្មោះ​អ្នក​ប្រើ         ច្រក     ពី             ចុង​ក្រោយ​បំផុ�\n"
+
+#, fuzzy
+msgid "Username                Port     Latest"
+msgstr "ឈ្មោះ​អ្នក​ប្រើ                ច្រក     ចុង​ក្រោយ​បំផុ�​\n"
+
+msgid "**Never logged in**"
+msgstr "**មិន​ដែល​ចូល​សោះ**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើ�​��​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s ៖ មិនអាច​ធ្វើឲ្យ​ឯកសារ​ពាក្យ​សម្ងា�់​ទាន់សម�យ​បានទ�\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "របៀបប្រើ ៖ %s [-p] [name]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h ម៉ាស៊ីន] [-f ឈ្មោះ]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r ម៉ាស៊ីន​\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+#, fuzzy
+msgid "Invalid login time"
+msgstr "ព�លវ�លា​ចូល​មិន​�្រឹម�្រូវ​\n"
+
+#, fuzzy
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"ប្រព�ន្ធ​បាន​បិទ​សម្រាប់​�ំហែទាំ​ទម្រង់ការ\n"
+
+#, fuzzy
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[បាន​វៀង​ការ​ផ្ដាច់ -- បាន​អនុញ្ញា�​ការ​ចូល​ជា root ។]\n"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr "គ្មាន​ធា�ុ​ utmp ឡើយ ។ អ្នក​�្រូវ​ប្រ�ិប�្�ិ​ \"login\" ពី​កម្រិ�​ទាប​បំផុ�​ \"sh\""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"អស់​ព�ល​ចូល​បន្ទាប់ពី %d វិនាទី ។\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "ចូល ៖ PAM បរាជ�យ​ កំពុង​បោះបង់​ ៖ %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s ចូល ៖ "
+
+msgid "login: "
+msgstr "ចូល​ ៖ "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "បាន​លើសពី​ចំនួន​អ�ិបរ​មា​នៃ​ការ​សាកល្បង​ (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "ចូល​ ៖  PAM បានស្នើឲ្យ​បោះបង់ចោល​\n"
+
+msgid "Login incorrect"
+msgstr "ចូល​មិន​�្រឹម�្រូវ​"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s ៖ បន្ទា�់​ %d ៖ មិន​អាច​រក​អ្នកប្រើ​ %s ឃើញឡើយ\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s ចូល​ ៖ "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s ៖ ការចែកជាពីរវិធី​​បានបរាជ�យ​ ៖ %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+#, fuzzy
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "ការព្រមាន ៖ បាន​អនុញ្ញា�ឲ្យចូល​ម្�ង​ទៀ�​បន្ទាប់​ពី ច�ញ​បណ្�ោះអាសន្ន​​\n"
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "ចូល​ចុងក្រោយ ៖​ %s លើ​ %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "ចូល​ចុងក្រោយ​ ៖ %.19s លើ​ %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr "ពី​ %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"បានហួសព�លវ�លា​ចូល​​\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "របៀបប្រើ​ ៖ ល��សម្គាល់\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "របៀបប្រើ ៖ newgrp [-] [group]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "របៀបប្រើ​ ៖ ក្រុម sg [[-c] command]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s ៖ បរាជ�យ​ក្នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "ពាក្យ​សម្ងា�់​ចាស់ ៖ "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s ៖ ការចែកជាពីរវិធី​​បានបរាជ�យ​ ៖ %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s ទ�​\n"
+
+msgid "too many groups\n"
+msgstr "ច្រើន​ក្រុមព�ក​\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s ៖ មិនមានក្រុម​ %sឡើយ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s ៖ឈ្មោះ​អ្នក​ប្រើ​មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s ៖ឈ្មោះ​អ្នក​ប្រើ​មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s ៖ បន្ទា�់​ %d ៖ បន្ទា�់​មិន​�្រឹម�្រូវ​\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s ៖ មិនអាច​ធ្វើឲ្យធា�ុបញ្ចូល​ទាន់សម�យ​សម្រាប់ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s ៖ បន្ទា�់​ %d ៖ មិន​អាច​បង្កើ�​ GID បានឡើយ\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s ៖ បន្ទា�់​ %d ៖ មិន​អាច​បង្កើ�​ GID បានឡើយ\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s ទ�​\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s ៖ បន្ទា�់​ %d ៖ មិន​អាច​ធ្វើ​ឲ្យ​ពាក្យ​សម្ងា�់​ទាន់សម�យ​បានឡើយ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s ៖ បន្ទា�់​ %d ៖ mkdir បានបរាជ�យ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s ៖ បន្ទា�់​ %d ៖ chown បានបរាជ�យ​\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s ៖ បន្ទា�់​ %d ៖ មិនអាចធ្វើឲ្យ​ធា�ុបញ្ចូល​ទាន់សម�យបានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s ៖ បរាជ�យ​ក្នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s ៖ មិន​អាច​បង្កើ�​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s ៖ មិនអាច​ធ្វើឲ្យ​ឯកសារក្រុម​ទាន់សម�យបានទ�​\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "ពាក្យ​សម្ងា�់​ចាស់ ៖ "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"បញ្ចូល​ពាក្យ​សម្ងា�់​�្មី​ (�ួអក្សរ​​អប្បបរមានៃ​ %d អ�ិបរមានៃ %d)\n"
+"សូម​ប្រើ​អក្សរ​ធំ​ អក្សរ​�ូច​ ​និង ល��​ចូល​គ្នា​ ។\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"បញ្ចូល​ពាក្យ​សម្ងា�់​�្មី​ (�ួអក្សរ​​អប្បបរមានៃ​ %d អ�ិបរមានៃ %d)\n"
+"សូម​ប្រើ​អក្សរ​ធំ​ អក្សរ​�ូច​ ​និង ល��​ចូល​គ្នា​ ។\n"
+
+msgid "New password: "
+msgstr "ពាក្យ​សម្ងា�់​�្មី​ ៖ "
+
+#, fuzzy
+msgid "Try again."
+msgstr "សូមព្យាយាម​ម្�ង​ទៀ�​ ។\n"
+
+#, fuzzy
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"ការព្រមាន ៖ ពាក្យ​សម្ងា�់មិនសូវមានសុវ�្�ិភាព​ (សូម​បញ្ចូល​វា​ម្�ង​ទៀ�​​ដើម្បី​ប្រើវា​) ។\n"
+
+msgid "They don't match; try again.\n"
+msgstr "ពួកវាមិនផ្គូរផ្គងគ្នាទ� ។ សូមព្យាយាម​ម្�ង​ទៀ�​ ។\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "មិនអាចប្ដូរ​ពាក្យ​សម្ងា�់​សម្រាប់​ %s បានឡើយ ។\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "មិនអាចប្ដូរ​ពាក្យ​សម្ងា�់​សម្រាប់​ %s បានឡើយ ។\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s ៖ ឃ្លាំង​ %s មិន​បាន​គាំទ្រឡើយ​\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s ៖ អ្នក​មិនអាច​មើល​ ឬ កែប្រែ​ព��៌មាន​ពាក្យ​សម្ងា�់​សម្រាប់​ %s បានឡើយ ។\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "កំពុង​ប្�ូរ​ពាក្យ​សម្ងា�់​សម្រាប់​ %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "មិនបានប្ដូរ​ពាក្យ​សម្ងា�់​សម្រាប់​ %s ឡើយ ។\n"
+
+#, fuzzy, c-format
+msgid "%s: password changed.\n"
+msgstr "ពាក្យ​សម្ងា�់​បាន​ប្�ូរ​ ។\n"
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "ការព្រមាន​ការផុ�​កំណ�់​នៃ​ពាក្យ​សម្ងា�់​"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid password file entry"
+msgstr "ធា�ុបញ្ចូល​ឯកសារ​ពាក្យសម្ងា�់​មិន�្រឹម�្រូវ\n"
+
+#, fuzzy
+msgid "duplicate password entry"
+msgstr "ធា�ុបញ្ចូល​ពាក្យ​សម្ងា�់​ស្ទួន​\n"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "ឈ្មោះ​អ្នក​ប្រើ​មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "ឈ្មោះ​អ្នក​ប្រើ​មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "អ្នក​ប្រើ​ %s ៖ គ្មាន​ក្រុម​ %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "អ្នក​ប្រើ %s ៖ មិនទាន់មាន​��​ %s នៅ​ឡើយ​ទ�​\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "អ្នកប្រើ​ %s ៖ មិនទាន់មាន​កម្មវិធី​ %s នៅឡើយទ�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើ�​��​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s ៖ មិន​​អាច​បង្កើ�​��​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើ�​��​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s ៖ មិន​អាច​ចាក់សោ​ឯកសារ​ %s បានទ�\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "មិនមាន​ធា�ុបញ្ចូល​ឯកសារ​ពាក្យសម្ងា�់​ដែលផ្គូរផ្គង​នៅក្នុង​ %s ឡើយ\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "បន្�ែម​អ្នក​ប្រើ​ '%s'ក្នុង​ %s ឬ ? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid shadow password file entry"
+msgstr "ធា�ុបញ្ចូល​ឯកសារ​ពាក្យ​សម្ងា�់​ស្រមោល​មិន�្រឹម�្រូវ​\n"
+
+#, fuzzy
+msgid "duplicate shadow password entry"
+msgstr "ធា�ុ​បញ្ចូល​ពាក្យសម្ងា�់​ស្រមោល​ស្ទួន​\n"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "អ្នកប្រើ​ %s ៖ ពាក្យ​សម្ងា�់​ចុងក្រោយ​​ប្ដូរនៅក្នុង​អនាគ�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s ៖ មិនអាច​បើក​ឯកសារ​ %s បានទ�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s ៖ មិន​អាច​សរស�រ​ឯកសារ​ឡើង​វិញបានទ�​\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "ដំណើរការ​ជា​ su ទៅ​កាន់​គណនី​នោះ​ DENIED ។\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "ការ​ផ្ទៀងផ្ទា�់​ភាព​�្រឹម�្រូវពាក្យ​សម្ងា�់ bypassed ។\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "សូម​បញ្ចូល​ពាក្យ​សម្ងា�់ផ្ទាល់�្លួន​របស់អ្នក​ ជា​ការផ្ទៀងផ្ទា�់ភាព�្រឹម�្រូវ​ ។\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s ៖ មិន​អាច​ចាក់សោ​ឯកសារ​ %s បានទ�\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s ៖ %s\n"
+
+#, fuzzy
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"របៀបប្រើ ៖ su [ជម្រើស] [ការចូល]\n"
+"\n"
+"ជម្រើស ៖\n"
+"  -c, --command COMMAND\t\tហុច COMMAND ទៅសែលដែលបានហៅ\n"
+"  -h, --help\t\t\tបង្ហាញ​​សា​រ​ជំ​នួយ​​ន�ះ និង​ច�ញ\n"
+"  -, -l, --login\t\tធ្វើ​ឲ្យ​សែល​ជា​សែល​ចូល\n"
+"  -m, -p,\n"
+"  --preserve-environment\tកុំ​កំណ�់​អ��រ​បរិស្�ាន និង​រក្សាទុក\n"
+"\t\t\t\tសែលដដែល\n"
+"  -s, --shell SHELL\t\tប្រើ SHELL ជំនួស​​ឲ្យលំនាំដើម​នៅ​ក្នុង passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(មិន​អើពើ​)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "អ្នកគ្មាន​ការ​អនុញ្ញា�ឲ្យ​ចូល​ទៅ​កាន់​ su ទ�​ %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(បញ្ចូល​ពាក្យ​សម្ងា�់​ផ្ទាល់​�្លួនរបស់អ្នក​)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s ៖ PAM ការ​ផ្ទៀងផ្ទា�់​ភាព​�្រឹម�្រូវបាន​បរាជ�យ​\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "អ្នកគ្មាន​ការ​អនុញ្ញា�ឲ្យ​ចូល​ទៅ​កាន់​ su ទ�​ %s\n"
+
+#, fuzzy, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "គ្មាន​ធា�ុ​ពាក្យ​សម្ងា�់​សម្រាប់ 'root'​ ឡើយ\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s ៖ �្រូវ​�ែ​រ�់​ពី ស្�ានីយមួយ\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s ៖ pam_start ៖ កំហុស​ %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​��​ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "មិន​អាចប្រ�ិប�្�ិ​ %s បានទ�"
+
+#, fuzzy
+msgid "No password file"
+msgstr "គ្មាន​ឯកសារ​ពាក្យ​សម្ងា�់ឡើយ​\n"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+#, fuzzy
+msgid "No password entry for 'root'"
+msgstr "គ្មាន​ធា�ុ​ពាក្យ​សម្ងា�់​សម្រាប់ 'root'​ ឡើយ\n"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"ចុចគ្រាប់ចុច បញ្ជា-d ដើម្បី​បន្�​ជាមួយ​ការ​ចាប់ផ្ដើម​ធម្ម�ា\n"
+"(ឬ ផ្ដល់​ពាក្យសម្ងា�់ root ដើម្បី​ជួសជុល​ប្រព�ន្ធ) ៖"
+
+#, fuzzy
+msgid "Entering System Maintenance Mode"
+msgstr "កំពុង​បញ្ចូល​របៀប​�ំហែទាំ​ប្រព�ន្ធ​\n"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s ៖ មិន​អាច​បង្កើ�​ឯកសារ​លំនាំ​ដើម​�្មី​បានឡើយ​\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s ៖ មិន​អាច​បើក​ឯកសារ​លំនាំដើម​�្មី​​បានលឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s ៖ បន្ទា�់​ %d ៖ chown បានបរាជ�យ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើ�​��​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s ៖​ ប្�ូរ​ឈ្មោះ​ ៖ %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s ៖ ក្រុម​ '%s' គឺជាក្រុម​ NIS ។\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s ៖ ក្រុម​ដែលបានបញ្ជាក់​ច្រើនព�ក​ (អ�ិ​ %d) ។\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s  ៖ ��​មូលដ្ឋាន​មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s ៖ ស�ចក្�ី​អ�្�ាធិប្បាយ​មិន�្រឹម�្រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s ៖ ��​ផ្ទះ​មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s ៖ បានទាមទារ​ពាក្យ​សម្ងា�់​ស្រមោល​​សម្រាប់​-e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s ៖ បានទាមទារពាក្យ​សម្ងា�់​ស្រមោល​​សម្រាប់​ -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s ៖ វាល​មិន�្រឹម�្រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s ៖ សែល​មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s ៖ បរាជ�យ​ក្នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើ�​��​ %s បានឡើយ\n"
+
+msgid "Creating mailbox file"
+msgstr "កំពុង​បង្កើ�​ឯកសារ​ប្រអប់​សំបុ�្រ​"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr "រក​ក្រុម​​ 'សំបុ�្រ​' មិន​ឃើញ​ឡើយ ។ កំពុង​បង្កើ�​ឯកសារប្រអប់​សំបុ�្រ​អ្នក​ប្រើ​ជាមួយ​របៀប​ 0600 ។\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "ការកំណ�់​សិទ្ធ​លើ​ឯកសារ​ប្រអប់​សំបុ�្រ​"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s ៖ អ្នក​ប្រើ​ %s មាន​រួច​ហើយ​\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr "%s ៖ ក្រុម​ %s មាន​រួច​ហើយ​ - ប្រសិនបើ​អ្នក​ចង់​បន្�ែម​អ្នក​ប្រើទៅ​កាន់​ក្រុម​នោះ​ ប្រើ​ -g ។\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s ៖ មិន​អាច​បង្កើ�​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s ៖ UID %u មិន​មែន​មាន​�ែមួយទ�​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s ៖ មិន​​អាច​បង្កើ�​��​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s ៖ មិន​អាច​បង្កើ�​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s ៖ មិន​អាច​បង្កើ�​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s ៖ មិន​អាច​បង្កើ�​ %s បានឡើយ\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s ៖ ការព្រមាន​ ៖ មាន��ផ្ទះ​រួចហើយ ។\n"
+"មិនចម្លង​​ឯកសារណាមួយ​ពី��​ skel ចូលក្នុង​វានោះទ� ។\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s ៖ មិនអាចផ្លាស់​​ប្�ូរ​អ្នក​ប្រើបានទ�​ '%s' លើ​ម៉ាស៊ីន​ភ្ញៀវ NIS បានទ� ។\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr "%s ៖ មិនអាច​យកក្រុម %s ដែលជា​ក្រុម​ចម្បង​សម្រាប់​អ្នកប្រើដទៃទៀ�ច�ញបានទ� ។\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​��​ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s ៖ ��​ផ្ទះ​មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s  ៖ ការព្រមាន​ ៖ មិន​អាច​យកច�ញបានឡើយ "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s ៖ %s មិន​បានទទួលយក​​ %s ទ�, មិនយកច�ញ​\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s ៖ បរាជ�យ​ក្នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​��​ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​��​ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s ៖ អ្នកប្រើ​ %s គឺជា​អ្នក​​ប្រើ​ NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s ៖ ��​ផ្ទះ​មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s ៖ មិនយក​��​ %s ច�ញ​ឡើយ (នឹងយក​��ផ្ទះ​របស់អ្នកប្រើ %s ច�ញ)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s ៖ មានកំហុស​ក្នុងការយក​��​ %s ច�ញ\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s ៖ អ្នក​ប្រើ​ %s មាន​រួច​ហើយ​\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s ៖ កាលបរិច្ឆទ​មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s ៖ កាលបរិច្ឆទ​មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s ៖ មិនអាច​បើក​ឯកសារ​ %s បានទ�\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s ៖ ពាក្យ​សម្ងា�់​ស្រមោល​បាន�្រូវការ​​ -e និង -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s ៖ មាន��​ %s ​រួច​ហើយ​\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s ៖ មិន​​អាច​បង្កើ�​��​ %s បានឡើយ\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s ៖ ការព្រមាន ៖ បរាជ�យ​ក្នុងការ​បញ្ចប់​ការយក��ផ្ទះ %s ចាស់ច�ញ"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s ៖ មិនអាចប្ដូរឈ្មោះ​��​ %s ទៅ​ជា​ %s បានឡើយ\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s ៖ ការព្រមាន ៖​ %s មិន�្រូវបានទទួល​យក​ដោយ %s ឡើយ\n"
+
+msgid "failed to change mailbox owner"
+msgstr "បរាជ�យ​ក្នុងការ​ផ្លាស់ប្ដូរ​ម្ចាស់​ប្រអប់សំបុ�្រ"
+
+msgid "failed to rename mailbox"
+msgstr "​បរាជ�យ​ក្នុងការប្ដូរឈ្មោះប្រអប់"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s ៖ បរាជ�យ​ក្នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s ៖ បរាជ�យ​ក្នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s ៖ បរាជ�យ​ក្នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s ៖ បរាជ�យ​ក្នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s ៖ បរាជ�យ​ក្នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s ៖ %s មិន�្រូវបានប្ដូរឡើយ​\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "​បរាជ�យ​ក្នុងការប្ដូរឈ្មោះប្រអប់"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s ៖ បរាជ�យ​ក្នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "មិនអាច​ចាក់សោ​ឯកសារបានឡើយ"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s ៖ បរាជ�យ​ក្នុងការ​ទម្លាក់​សិទ្ធ (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "មិនអាច​ចាក់សោ​ឯកសារបានឡើយ"
+
+msgid "Couldn't make backup"
+msgstr "មិនអាច​បង្កើ�​ព��៌មាន​បម្រុងទុក​បានឡើយ"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s ៖ %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s ៖ %s រក​មិន​ឃើញ​ក្នុង​ /etc/passwd ទ�\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+msgid "failed to open scratch file"
+msgstr "%s ៖ មិនអាច​បើក​ឯកសារក្រុម​បានទ�​\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s ៖ វាល គឺ​វែងវែងព�ក​\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "​បរាជ�យ​ក្នុងការប្ដូរឈ្មោះប្រអប់"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "បរាជ�យ​ក្នុងការ​ផ្លាស់ប្ដូរ​ម្ចាស់​ប្រអប់សំបុ�្រ"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "​បរាជ�យ​ក្នុងការប្ដូរឈ្មោះប្រអប់"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s ៖ មិន​អាច​ស្�ារ %s ៖ %s (ការប្ដូរ​របស់អ្នក​គឺនៅក្នុង​ %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s  ៖ ��​មូលដ្ឋាន​មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) បាន​បរាជ�យ​\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "ការ​ប្រើប្រាស់​ ៖ ប្�ូរ​អ្នកប្រើ​ [options]​\n"
+#~ "ជម្រើស​ ៖\n"
+#~ "  -d, --�្ងៃ​មុន​ LAST_DAY\t កំណ�់​ការប្ដូរ​ពាក្យ​សម្ងា�់​មុន ​ទៅ​ជា​ LAST_DAY\n"
+#~ "  -E, --កាលបរិច្ឆ�ទ​ផុ�​កំណ�់​ EXPIRE_DATE\t កំណ�់​កាលបរិច្ឆ�ទ​ការផុ�​កំណ�់​​របស់គណនីទៅ​ជា​ "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --ជំនួយ​\t\t\t បង្ហាញ​សារ​ជំនួយន�ះ ហើយ​ ច�ញ​\n"
+#~ "  -I, --អសកម្ម​ INACTIVE\t កំណ�់​ពាក្យ​សម្ងា�់​ឲ្យ​​អសកម្ម ​បន្ទាប់​ពី​ការផុ�​កំណ�់​\n"
+#~ "\t\t\t\tទៅជា INACTIVE\n"
+#~ "  -l, --បញ្ជី​\t\t\t បង្ហាញព��៌មាន​ចាស់​របស់​​គណនី​\n"
+#~ "  -m, --ចំនួន�្ងៃ​អប្បរមា MIN_DAYS\t កំណ�់​ចំនួន​�្ងៃ​អប្បបរមា ​មុន​ពាក្យ​សម្ងា�់​ \n"
+#~ "\t\t\t\tប្�ូរទៅ​ជា​ MIN_DAYS\n"
+#~ "  -M, --ចំនួន�្ងៃ​អ�ិបរមា MAX_DAYS\t កំណ�់​ចំនួន​�្ងៃ​អ�ិបរមា ​មុន​ពាក្យ​សម្ងា�់​\n"
+#~ "\t\t\t\tប្�ូរ​ទៅ​ជា​ MAX_DAYS\n"
+#~ "  -W, --�្ងៃព្រមាន WARN_DAYS\tកំណ�់ការព្រមាន​�្ងៃ​ផុ�​កំណ�់​ទៅជា​ WARN_DAYS\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s ៖ PAM ការ​ផ្ទៀងផ្ទា�់​ភាព​�្រឹម�្រូវបាន​បរាជ�យ​\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "កា​រប្រើប្រាស់​ ៖ %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ chpasswd [ជម្រើស]\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ "  -e, --encrypted\tពាក្យសម្ងា�់​ដែល​បាន​ផ្ដល់​�្រូវ​បាន​អ៊ិនគ្រីប\n"
+#~ "  -h, --help\t\tបង្ហាញ​សារ​ជំនួយ​​ន�ះ និង​ច�ញ\n"
+#~ "  -m, --md5\t\tប្រើ​ការ​អ៊ិនគ្រីប MD5 ជំនួស​ឲ្យ DES នៅ​ព�ល​ដែល​ពាក្យសម្ងា�់\n"
+#~ "\t\t\tដែល​បាន​ផ្ដល់​មិន​�្រូវបាន​អ៊ិនគ្រីប​ទ�\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ userdel [ជម្រើស] LOGIN\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ "  -f, --force\t\t\tបង្�ំ​ឲ្យ​យក​ឯកសារ​ច�ញ ទោះបី​ជា​មិន​បាន​គ្រប់គ្រង​ដោយ​អ្នកប្រើ​ក�ដោយ\n"
+#~ "  -h, --help\t\t\tបង្ហាញ​សារ​ជំនួយ​ន�ះ និង​ច�ញ\n"
+#~ "  -r, --remove\t\t\tយក�​�​ផ្ទះ  និង​ហុង​សំបុ�្រ​ច�ញ\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "របៀបប្រើ ៖ ការផុ�កំណ�់ {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s ៖ មិនអាច​បើក​ឯកសារ​ %s បានទ�\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "របៀបប្រើ​ ៖ ក្រុម​ groupdel \n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "របៀបប្រើ ៖​ %s [-r] [-s] [group [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "របៀបប្រើ ៖ %s [-r] [-s] [group]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s ៖ -s និង​ -r គឺមិន​�្រូវ​គ្នាទ�​\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "របៀបប្រើ​ ៖ ក្រុម​ groupdel \n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "របៀបប្រើ​ ៖ ក្រុម​ groupdel \n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ lastlog [ជម្រើស]\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ "  -b, --before DAYS\tបោះពុម្ពកំណ�់កំណ�់ហ��ុចុងក្រោយចាស់ជាង DAYS\n"
+#~ "  -h, --help\t\tបង្ហាញ​សារ​ជំនួយ​ន�ះ និង​ច�ញ\n"
+#~ "  -t, --time DAYS\tបោះពុម្ព​�ែ​កំណ�់�្រា​កំណ�់​ហ��ុ​ចុង​ក្រោយ​ដែល​�្មី​ជាង DAYS ប៉ុណ្ណោះ\n"
+#~ "  -u, --user LOGIN\tបោះពុម្ព​កំណ�់�្រា​កំណ�់ហ��ុ​ចុង​ក្រោយ​សម្រាប់​អ្នក​ប្រើ​ដែល​មាន LOGIN ដែល​បាន​"
+#~ "បញ្ជាក់\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ passwd [ជម្រើស] [ការចូល]\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ "  -a, --all\t\t\tរាយការណ�​ស្�ានភាព​ពាក្យសម្ងា�់​អំពី​គណនី​ទាំងអស់\n"
+#~ "  -d, --delete\t\t\tលុប​ពាក្យសម្ងា�់​សម្រាប់​គណនី​ដែល​មាន​ឈ្មោះ\n"
+#~ "  -e, --expire\t\t\tបង្ហាញ​ឲ្យ​ពាក្យសម្ងា�់​ផុ�​កំណ�់​សម្រាប់​គណនី​ដែល​មាន​ឈ្មោះ\n"
+#~ "  -h, --help\t\t\tបង្ហាញ​សារ​ជំនួយ​ន�ះ និង​ច�ញ\n"
+#~ "  -k, --keep-tokens\t\tផ្លាស់ប្ដូរ​ពាក្យសម្ងា�់ ក្នុ​ង​ក​រណី​​ដែល​ផុ�​កំណ�់\n"
+#~ "  -i, --inactive INACTIVE\tកំណ�់​ពាក្យសម្ងា�់​ឲ្យ​អសកម្ម​បន្ទាប់​ពី​ផុ�​កំណ�់\n"
+#~ "\t\t\t\tto INACTIVE\n"
+#~ "  -l, --lock\t\t\tចាក់សោ​គណនី​ដែល​មាន​ឈ្មោះ\n"
+#~ "  -n, --mindays MIN_DAYS\tកំណ�់ចំនួន​�្ងៃ​អប្បបរមា​មុន​ពាក្យសម្ងា�់\n"
+#~ "\t\t\t\tផ្លាស់ប្ដូរទៅ MIN_DAYS\n"
+#~ "  -q, --quiet\t\t\tរបៀប​ស្ងា�់\n"
+#~ "  -r, --repository REPOSITORY\tផ្លាស់ប្ដូរ​ពាក្យសម្ងា�់​នៅ​ក្នុង​ឃ្លាំង REPOSITORY\n"
+#~ "  -S, --status\t\t\tរាយការណ�​ស្�ានភាព​ពាក្យសម្ងា�់​អំពី​គណនី​ដែល​មាន​ឈ្មោះ\n"
+#~ "  -u, --unlock\t\t\tដោះសោ​គណនី​ដែល​មាន​ឈ្មោះ\n"
+#~ "  -w, --warndays WARN_DAYS\tកំណ�់​�្ងៃ​ព្រមាន​ផុ�​កំណ�់​ទៅ​ជា WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS\tកំណ�់​ចំនួន�្ងៃ​អ�ិបរមា​មុន​ពាក្យសម្ងា�់\n"
+#~ "\t\t\t\tផ្លាស់ប្ដូរ​ទៅ​ជា MAX_DAYS\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "របៀបប្រើ ៖ %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "របៀបប្រើ ៖ %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "របៀបប្រើ​ ៖ ល��សម្គាល់\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "របៀបប្រើ​ ៖ ល��សម្គាល់\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "មិន​ស្គាល់​ល��​សម្គាល់​ ៖ %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "គ្មានសែល​\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ userdel [ជម្រើស] LOGIN\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ "  -f, --force\t\t\tបង្�ំ​ឲ្យ​យក​ឯកសារ​ច�ញ ទោះបី​ជា​មិន​បាន​គ្រប់គ្រង​ដោយ​អ្នកប្រើ​ក�ដោយ\n"
+#~ "  -h, --help\t\t\tបង្ហាញ​សារ​ជំនួយ​ន�ះ និង​ច�ញ\n"
+#~ "  -r, --remove\t\t\tយក�​�​ផ្ទះ  និង​ហុង​សំបុ�្រ​ច�ញ\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s ៖ បច្ចុប្បន្ន ​អ្នក​ប្រើ​ %s បាន​ចូលហើយ​\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ usermod [ជម្រើស] LOGIN\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ "  -a, --append GROUP\t\tបន្�ែម​អ្នក​ប្រើ​ទៅ​�ាង​ចុង​ក្រុម​បន្ទាប់បន្សំ\n"
+#~ "  -c, --comment COMMENT\t\t�ម្លៃ​�្មី​របស់​វាល GECOS\n"
+#~ "  -d, --home HOME_DIR\t\t��ផ្ទះ​�្មី​សម្រាប់​គណនី​អ្នកប្រើ​�្មី\n"
+#~ "  -e, --expiredate EXPIRE_DATE\tកំណ�់​កាលបរិច្ឆ�ទ​ផុ�​កំណ�់​ទៅ​ជា EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE\tកំណ�់​ពាក្យសម្ងា�់​ឲ្យ​អសកម្ម​បន្ទាប់​ពី​ផុ�​កំណ�់\n"
+#~ "\t\t\t\tto INACTIVE\n"
+#~ "  -g, --gid GROUP\t\tបង្�ំ​ឲ្យ​ប្រើ GROUP ជា​ក្រុម​សំ�ាន់​�្មី\n"
+#~ "  -G, --groups GROUPS\t\tបញ្ជី​�្មី​របស់​ក្រុម​បន្ទាប់បន្សំ\n"
+#~ "  -h, --help\t\t\tបង្ហាញ​សារ​ជំនួ​យន�ះ និង​ច�ញ\n"
+#~ "  -l, --login NEW_LOGIN\t\t�ម្លៃ​�្មី​របស់​ឈ្មោះ​ចូល\n"
+#~ "  -L, --lock\t\t\tចាក់សោ​គណនី​អ្នកប្រើ\n"
+#~ "  -m, --move-home\t\tផ្លាស់ទី​មា�ិកា​របស់​��ផ្ទះ​ទៅ\n"
+#~ "\t\t\t\tទី�ាំង​�្មី (ប្រើ​�ែជា​មួយ -d ប៉ុណ្ណោះ)\n"
+#~ "  -o, --non-unique\t\tអនុញ្ញា�​ឲ្យ​ប្រើ UID (មិនមាន​�ែ​មួយគ�់) ស្ទួន\n"
+#~ "  -p, --password PASSWORD\tប្រើ​​ពាក្យសម្ងា​�់​​ដែ​ល​បាន​អ៊ិនគ្រីប​សម្រាប់​​ពាក្យសម្ងា​�់​�្មី\n"
+#~ "  -s, --shell SHELL\t\tសែល​​ចូ​ល​​�្មី​​សម្រាប់​​គណនី​អ្នកប្រើ\n"
+#~ "  -u, --uid UID\t\t\t UID �្មី​សម្រាប់​គណនី​អ្នកប្រើ\n"
+#~ "  -U, --unlock\t\t\tដោះសោ​គណនី​អ្នកប្រើ\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s ៖ មិន​ផ្�ល់​ទង់​ឲ្យឡើយ​\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ vipw [ជម្រើស]\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ "  -g, --group\t\t\tកែសម្រួល​មូលដ្ឋាន​ទិន្នន�យ​ក្រុម\n"
+#~ "  -h, --help\t\t\tបង្ហាញ​សារ​ជំនួយ​ន�ះ និង​ច�ញ\n"
+#~ "  -p, --passwd\t\t\tកែសម្រួល​មូលដ្ឋាន​ទិន្នន�យ passwd\n"
+#~ "  -q, --quiet\t\t\tរបៀប​ស្ងា�់\n"
+#~ "  -s, --shadow\t\t\tកែសម្រួល​មូលដ្ឋាន​ទិន្នន�យ​ស្រមោល ឬ gshadow\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "របៀបប្រើ ៖ %s [input]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s ៖ មិន​អាច​បង្កើ�​ %s បានឡើយ\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s ៖ មិន​អាច​ chown %s បានឡើយ\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀប​ប្រើ ៖ faillog [ជម្រើស]\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ "  -a, --all\t\t\tបង្ហាញ​កំណ�់�្រា​កំណ�់ហ��ុ​បរាជ�យ សម្រាប់​អ្នក​ប្រើ​ទាំងអស់\n"
+#~ "  -h, --help\t\t\tបង្ហាញ​សារ​ជំនួយ​ន�ះ ហើយ​ច�ញ\n"
+#~ "  -l, --lock-time វិ.\t\tបន្ទាប់​ពី​ចូល​បរាជ�យ �្រូវ​ចាក់សោ​គណនី​រយៈព�ល វិ. វិនាទី\n"
+#~ "  -m, --maximum អ�ិ.\t\tកំណ�់​ចំនួន​អ�ិបរមា​នៃ​ការ​ចូល​ដែល​បរាជ�យ ចំនួន អ�ិ.\n"
+#~ "  -r, --reset\t\t\tកំណ�់​អ��រ​រាប់​នៃ​ការ​ចូល​ដែល​បរាជ�យ​ឡើង​វិញ\n"
+#~ "  -t, --time �្ងៃ\t\tបង្ហាញ​កំណ�់�្រា​កំណ�់ហ��ុ​បរាជ�យ �្មីៗ​ជាង \"�្ងៃ\" �្ងៃ\n"
+#~ "  -u, --user ឈ្មោះចូល\t\tបង្ហាញ​កំណ�់�្រា​កំណ�់ហ��ុ​បរាជ�យ ឬ �ែទាំ​អ��រ​រាប់​ការ​បរាជ�យ\n"
+#~ "\t\t\t\tនិង កំណ�់ (បើ​ប្រើ​ជាមួយ​ជម្រើស -r, -m ឬ -l) សម្រាប់​�ែ\n"
+#~ "\t\t\t\tអ្នកប្រើ​ដែល​មាន​ឈ្មោះ​ចូល \"ឈ្មោះចូល\"\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ groupadd [ជម្រើស] ក្រុម\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ "  -f, --force\t\t\tបង្�ំឲ្យ​ច�ញ​ជា​មួយ​នឹង​ស្�ានភាព​ជោគជ�យ ប្រសិន​បើ​ក្រុម\n"
+#~ "\t\t\t\tដែល​បាន​បញ្ជាក់​មាន​រួច​ហើយ\n"
+#~ "  -g, --gid GID\t\t\tប្រើ GID សម្រាប់​ក្រុម�្មី\n"
+#~ "  -h, --help\t\t\tបង្ហាញ​សារ​ជំនួយ​ន�ះ និង​ច�ញ\n"
+#~ "  -K, --key KEY=VALUE\t\tបដិស�ធលំនាំដើមរបស់ /etc/login.defs \n"
+#~ "  -o, --non-unique\t\tអនុញ្ញា�​ឲ្យ​បង្កើ�​ក្រុម​ដែល​មាន\n"
+#~ "\t\t\t\t GID (មិនមាន​�ែមួយ​គ�់) ស្ទួន\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ groupadd ក្រុម [options]​\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ "  -f, --បង្�ំ​ \t\t បង្�ំឲ្យ​​ច�ញ​ជាមួយ​ស្�ានភាព​ជោគជ�យ​ ប្រសិនបើ​មាន​\n"
+#~ "\t\t\t\tក្រុមដែលបានបញ្ជាក់​​មាន​រួច​ហើយ​\n"
+#~ "  -g, --gid GID\t\tប្រើ​ GID សម្រាប់​ក្រុម​�្មី​\n"
+#~ "  -h, --ជំនួយ\t\t\tបង្ហាញ​សារជំនួយ​​ន�ះ​ ហើយ​ ច�ញ​\n"
+#~ "  -K, --កូនសោ KEY=VALUE\t\tបដិស�ធ​ /etc/login.defs លំនាំ​ដើម​\n"
+#~ "  -o, --មិនមែនមាន�ែមួយ\t\t អនុញ្ញា�ឲ្យ​​បង្កើ�​ក្រុម​ស្ទួន​\n"
+#~ "\t\t\t\t(មិនមែនមាន�ែមួយ) GID\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ useradd [ជម្រើស] LOGIN\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ "  -b, --base-dir BASE_DIR\t��​មូលដ្ឋាន​សម្រាប់​គណនី​អ្នក​ប្រើ​�្មី\n"
+#~ "\t\t\t\t��ផ្ទះ\n"
+#~ "  -c, --comment COMMENT\t\tកំណ�់វាល GECOS សម្រាប់​គណនី​អ្នកប្រើ​�្មី\n"
+#~ "  -d, --home-dir HOME_DIR\t��​ផ្ទះ​សម្រាប់​គណនី​អ្នក​ប្រើ​�្មី\n"
+#~ "  -D, --defaults\t\tបោះពុម្ព ឬ​រក្សាទុក useradd លំនាំដើម​ដែល​បាន​កែប្រែ\n"
+#~ "\t\t\t\tconfiguration\n"
+#~ "  -e, --expiredate EXPIRE_DATE\tកំណ�់​កាលបរិច្ឆ�ទ​គណនី​ទៅ​ជា EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE\tកំណ�់​ពាក្យ​សម្ងា�់​ឲ្យ​អសកម្ម​បន្ទាប់​ពី​ផុ�កំណ�់\n"
+#~ "\t\t\t\tto INACTIVE\n"
+#~ "  -g, --gid GROUP\t\tបង្�ំ​ឲ្យ​ប្រើ GROUP សម្រាប់​គណនី​អ្នក​ប្រើ​�្មី\n"
+#~ "  -G, --groups GROUPS\t\tបញ្ជី​របស់​ក្រុម​ផ្ដល់​សម្រាប់\n"
+#~ "\t\t\t\tគណនី​អ្នក​ប្រើ​�្មី\n"
+#~ "  -h, --help\t\t\tបង្ហាញ​សារ​ជំនួយ​ន�ះ និង​ច�ញ\n"
+#~ "  -k, --skel SKEL_DIR\t\tបញ្ជាក់�� skel ជំនួស\n"
+#~ "  -K, --key KEY=VALUE\t\tបដិស�ធលំនាំដើម /etc/login.defs\n"
+#~ "  -m, --create-home\t\tបង្កើ�​��​ផ្ទះ​សម្រាប់​អ្នកប្រើ​�្មី\n"
+#~ "\t\t\t\taccount\n"
+#~ "  -o, --non-unique\t\tអនុញ្ញា​ឲ្យ​បង្កើ�​អ្នកប្រើ​ដែល​មាន\n"
+#~ "\t\t\t\t UID(មិនមែន​�ែ​មួយគ�់) ស្ទួន \n"
+#~ "  -p, --password PASSWORD\tប្រើ​ពាក្យសម្ងា�់​ដែល​បាន​អ៊ិនគ្រីប​សម្រាប់\n"
+#~ "\t\t\t\tគណនី​អ្នកប្រើ​�្មី\n"
+#~ "  -s, --shell SHELL\t\tសែល​ចូល​សម្រាប់​គណនី​អ្នកប្រើ​�្មី\n"
+#~ "  -u, --uid UID\t\t\tបង្�ំឲ្យប្រើ UID សម្រាប់​គណនី​អ្នកប្រើ​�្មី\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "Password set to expire."
+#~ msgstr "កំណ�់​ពាក្យ​សម្ងា�់​ឲ្យ​ផុ�​កំណ�់​ ។\n"
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់សោ​ឯកសារ​ពាក្យ​សម្ងា�់​បានទ�​\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារ​ពាក្យ​សម្ងា�់​\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់សោ​​ឯកសារ​ពាក្យ​សម្ងា�់ស្រមោល​បានទ�\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារពាក្យ​សម្ងា�់​ស្រមោលបានទ�\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s ៖ មិនអាច​សរស�រ​ឯកសារពាក្យសម្ងា�់ស្រមោល​ឡើងវិញ​បានទ�​\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s ៖ មិនអាច​សរស�រ​ឯកសារពាក្យសម្ងា�់​ឡើងវិញបានទ�​\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s ៖ មិនអាច​ធ្វើ​ឲ្យ​ឯកសារពាក្យសម្ងា�់​ស្រមោលទាន់សម�យបានទ�\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tឈ្មោះព�ញ​ ៖ %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tល��​បន្ទប់​ ៖ %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tទូរស�ព្ទ​​​កន្លែង​​​ធ្វើការ ៖ %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tទូរស�ព្ទនៅ​ផ្ទះ ៖ %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "មិន​អាច​ចាក់សោ​ឯកសារ​ពាក្យ​សម្ងា�់​បានទ� ។ សូមព្យាយាម​ម្�ង​ទៀ�នៅ​ព�ល​ក្រោយ​ ។\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "មិនអាច​បើក​ឯកសារ​ពាក្យសម្ងា�់​បានឡើយ ។\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "មានកំហុស​ក្នុងការ​ធ្វើ​ឲ្យ​​ធា�ុបញ្ចូល​​ពាក្យសម្ងា�់ទាន់សម�យ ។\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "មិនអាច​ដាក់ស្នើ​ការផ្លាស់ប្ដូរ​ឯកសារពាក្យសម្ងា�់​បានឡើយ​ ។\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "មិន​អាច​ដោះសោ​ឯកសារ​ពាក្យ​សម្ងា�់បានឡើយ​ ។\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s ៖ មិន​អាច​ចាក់​សោ​​​ឯកសារជា​​ក្រុម​បាន​ទ�\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារ​ជា​ក្រុម​បាន​ទ�​\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s ៖មិន​អាច​ចាក់សោ​ឯកសារ​ gshadow បានទ�\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារ​ស្រមោល​បានទ�\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s ៖ មានកំហុស​ក្នុងការ​ធ្វើឲ្យឯកសារស្រមោល​ទាន់សម�យ​\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s  ៖ មានកំហុស​ក្នុងការ​ធ្វើឲ្យ​ធា�ុ​បញ្ចូល​ក្រុម​​ទាន់សម�យ\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s ៖ បន្ទា�់​ %d ៖ មិន​ស្គាល់​ក្រុម​ %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s ៖ បន្ទា�់​ %d ៖ មិនអាចធ្វើឲ្យ​ធា�ុបញ្ចូល​ទាន់សម�យបានឡើយ\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់​សោ​ឯកសារ​ស្រមោល​បានទ�​\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s ៖ មានកំហុស​ក្នុងការ​ធ្វើឲ្យឯកសារស្រមោល​ទាន់សម�យ​\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s ៖ កំហុស​ក្នុងការធ្វើឲ្យ​ឯកសារពាក្យសម្ងា�់ទាន់សម�យ\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s ៖ បន្ទា�់​ %d ៖ មិនស្គាល់​អ្នកប្រើ​ %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s ៖ បន្ទា�់​ %d ៖ មិនអាច​ធ្វើឲ្យធា�ុបញ្ចូល​ពាក្យសម្ងា�់​ទាន់សម�យ​បានឡើយ​\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s  ៖ មិន​ស្គាល់​អ្នក​ប្រើ​\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "មិន​ស្គាល់​អ្នក​ប្រើ ៖ %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "របៀបប្រើ ៖ %s ក្រុម [-r|-R] \n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "       %s ក្រុម [-a user]​\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "       %s ក្រុម [-d user]​\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "       %s ក្រុម [-A user,...] [-M user,...]\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "       %s ក្រុម [-M user,...]\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់សោ​បានឡើយ\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់សោ​ស្រមោល​បានឡើយ​\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​​ឯកសារ​បានទ�\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s ៖ មិន​អាច​សរស�រ​​​​​ឯកសារ​ស្រមោល​ឡើង​វិញ បាន​ទ�​\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s ៖ មិនអាច​ដោះសោ​ឯកសារបានទ�\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s ៖ មិន​អាចធ្វើ​ឲ្យ​ធា�ុបញ្ចូល​​ទាន់សម�យ​បានទ�​\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s ៖ មិនអាច​ធ្វើឲ្យ​​ធា�ុបញ្ចូល​​ស្រមោល​ទាន់សម�យបានទ�​\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "មិន​ស្គាល់​ក្រុម​ ​ ៖ %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​​ឯកសារ​បានទ�\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារ​ស្រមោល​បានទ�\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "�ើអ្នក​ជា​នណា​ ?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s ៖ មិន​ស្គាល់​សមាជិក​ %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s ៖ កំហុស​ក្នុងការ​បន្�ែម​ធា�ុបញ្ចូល​​ក្រុម​�្មី​\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s ៖​ មិនអាច​សរស�រ​ឯកសារក្រុមឡើងវិញ​បានទ�​\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s ៖ មិនអាច​សរស�រ​ឯកសារក្រុម​ស្រមោល​ឡើងវិញ​បានទ�​\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់សោ​ឯកសារក្រុម​បានទ�\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s ៖ មិនអាច​បើក​ឯកសារក្រុម​បានទ�​\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់សោ​ឯកសារក្រុមស្រមោល​បានទ�\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s ៖ មិនអាច​បើក​ឯកសារក្រុម​ស្រមោល​បានទ�​\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s ៖ GID %u គឺមិនមែន​មាន​�ែមួយទ�​\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s ៖ កំហុស​ក្នុងការយក​ធា�ុបញ្ចូល​ក្រុមច�ញ\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s ៖ កំហុស​ក្នុងការយក​ធា�ុបញ្ចូល​ក្រុម​ស្រមោល​ច�ញ\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s ៖ មិនអាចយក​ក្រុម​ចម្បង​របស់អ្នកប្រើ​ច�ញ​បានទ� ។\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s ៖ PAM ការ​ផ្ទៀងផ្ទា�់​ភាព​�្រឹម�្រូវបាន​បរាជ�យ​\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់សោ​ឯកសារក្រុម​បានទ�\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s ៖ មិនអាចបើក​ឯកសារក្រុម​បានឡើយ​\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s ៖ %s រក​មិនឃើញ​នៅក្នុង​ /etc/group ទ�\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s ៖ %u មិនមែន​​ GID ដែលមាន�ែមួយ​ទ�\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s ៖ %s គឺមិនមែនជាឈ្មោះ​ដែលមាន�ែមួយទ�​\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s ៖ មិន​អាច​សរស�រ​ឯកសារ​ពាក្យ​សម្ងា�់​ឡើង​វិញ​បានឡើយ\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s ​៖ មិន​អាច​ចាក់​សោ​ឯកសារ​ពាក្យ​សម្ងា�់បានឡើយ​\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារ​ពាក្យ​សម្ងា�់​បានឡើយ\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s ៖ មិន​អាច​ធ្វើ​ឲ្យ​ធា�ុ​ស្រមោល​សម្រាប់​​ %s ទាន់សម�យបានឡើយ\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s ៖ មិនអាច​ធ្វើឲ្យធា�ុ​បញ្ចូល​សម្រាប់ក្រុម​ %s ទាន់សម�យ​បានទ�\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s ៖ មិនអាច​ចាក់សោ​ឯកសារក្រុមស្រមោល​បានទ�​\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s ៖ មិនអាច​បើក​ឯកសារក្រុមស្រមោល​បានទ�​\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s ៖ មិនអាច​យក​ក្រុម​ស្រមោល %s ច�ញ​បានទ�\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s ៖ មិនអាច​ធ្វើឲ្យ​ឯកសារ​ក្រុម​ស្រមោល​ទាន់សម�យ​បានទ�​\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s ៖ មិនអាច​លុប​ឯកសារក្រុម​ស្រមោលបានទ�​\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "មិន​ស្គាល់​ UID ៖ %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "មិន​ស្គាល់​ GID ៖ %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s ៖ មិនមានក្រុម​ %sឡើយ​\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s ៖ មិនទាន់មានអ្នក​ប្រើ​ %s ទ�​\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s ៖ឈ្មោះ​អ្នក​ប្រើ​មិន​�្រឹម�្រូវ​ '%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s ៖ មិន​អាច​ចាក់​សោ​ /etc/passwd បានឡើយ ។\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s ៖ មិន​អាច​ចាក់​សោ​ /etc/passwd បានឡើយ ។\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s ៖ មិន​អាច​ចាក់​សោ​ /etc/passwd បានឡើយ ។\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s ៖ មិន​អាច​ចាក់​សោ​ /etc/passwd បានឡើយ ។\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារបានឡើយ​\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s ៖ មានកំហុសក្នុងការ​ធ្វើឲ្យ​ឯកសារទាន់សម�យ\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s ៖ មិនអាច​ធ្វើឲ្យ​ធា�ុបញ្ចូលពាក្យសម្ងា�់​ទាន់សម�យ​សម្រាប់​​ %s បានឡើយ\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s ៖ មិន​អាច​ចាក់​សោ​ឯកសារ​​ពាក្យសម្ងា�់បានឡើយ\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារ​ឯកសារពាក្យសម្ងា�់បានឡើយ\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s ៖ មិន​អាច​យក​ធា�ុបញ្ចូល​​ស្រមោលច�ញ​​សម្រាប់ %s បានឡើយ\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s ៖ មិនអាច​ធ្វើឲ្យ​ឯកសារពាក្យសម្ងា�់​ទាន់សម�យបានឡើយ\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s ៖ មិនអាច​ធ្វើឲ្យធា�ុបញ្ចូល​ទាន់សម�យ​សម្រាប់ %s បានឡើយ\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s ៖ មិន​អាច​លុប​ឯកសារ​ពាក្យ​សម្ងា�់​ស្រមោល​បានឡើយ\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s ៖ មិន​ស្គាល់​ GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s ៖ មិន​ស្គាល់​ក្រុម​ %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s ៖ អស់​ស�ិ​ក្នុងការធ្វើឲ្យ gshadow ទាន់សម�៧\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s ៖ មិន​អាច​សរស�រ​ឯកសារ​ពាក្យ​សម្ងា�់​ឡើង​វិញ​បានឡើយ\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s ៖ មិន​អាច​សរស�រ​ឯកសារ​ពាក្យ​សម្ងា�់​ស្រមោលឡើងវិញ​​បានឡើយ​\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s ៖ មិន​អាច​ចាក់​សោ​ឯកសារ​ពាក្យ​សម្ងា�់ស្រមោល​បានឡើយ\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s ៖ មិន​អាច​បើក​ឯកសារ​ពាក្យ​សម្ងា�់​ស្រមោលបានឡើយ\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s ៖ មានកំហុសក្នុងការ​ចាក់សោ​ឯកសារក្រុម​\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s ៖ មានកំហុស​ក្នុងការ​បើក​ឯកសារក្រុម\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s ៖មានកំហុសក្នុងការ​ចាក់សោ​ឯកសារក្រុម​ស្រមោល​\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s ៖ មានកំហុស​ក្នុងការ​បើក​ឯកសារក្រុម​ស្រមោល\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s ៖ មានកំហុសក្នុងការ​បន្�ែម​ធា�ុបញ្ចូល​ពាក្យសម្ងា�់​�្មី​\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s ៖ មានកំហុស​ក្នុងការ​បន្�ែម​ធា�ុបញ្ចូល​ពាក្យសម្ងា�់​ស្រមោល​�្មី​\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s ៖ ការព្រមាន ៖ CREATE_HOME មិន​បាន​គាំទ្រទ�​ សូម​ប្រើ​ -m ជំនួសវិញ ។\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s  ៖ មានកំហុស​ក្នុងការ​ធ្វើឲ្យ​ធា�ុ​បញ្ចូល​ក្រុម​​ទាន់សម�យ\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s  ៖ មានកំហុស​ក្នុងការ​ធ្វើឲ្យ​ធា�ុ​បញ្ចូល​ក្រុម​​ទាន់សម�យ\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s ៖ មិនអាចបើក​ឯកសារក្រុម​បានឡើយ​\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s ៖ មិនអាច​បើក​ឯកសារក្រុម​ស្រមោល​បានឡើយ\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s ៖ មានកំហុស​ក្នុងការ​លុប​ធា�ុ​បញ្ចូល​ពាក្យសម្ងា�់​\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s ៖ មានកំហុស​ក្នុងការ​លុប​ធា�ុបញ្ចូល​ពាក្យសម្ងា�់​ស្រមោល​\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s ៖ កំហុស​ក្នុងការ​បន្�ែម​ធា�ុបញ្ចូល​​ក្រុម​�្មី​\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s ៖ uid %lu មិនមែន​មាន​�ែ​មួយទ�​\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s  ​៖ មានកំហុស​ក្នុងការ​ផ្លាស់ប្ដូរ​ធា�ុបញ្ចូល​ពាក្យសម្ងា�់​\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s ៖ មានកំហុស​ក្នុងការ​យក​ធា�ុបញ្ចូល​ពាក្យសម្ងា�់ច�ញ\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s ៖ មានកំហុសក្នុងការ​យក​ធា�ុបញ្ចូល​ពាក្យសម្ងា�់​ស្រមោល​ច�ញ\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s ៖ មិនអាច​យក​​ GID ​ដែលមាន�ែមួយ​បានឡើយ​\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " លើ '%.100s' ពី '%.200s'"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " លើ '%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s ៖ បន្ទា�់​ %d ៖ មិន​អាច​បង្កើ�​ UID បានឡើយ\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s ៖ ឈ្មោះ​ %s គឺមិន​មែន​មាន​�ែមួយ​ទ�\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "របៀបប្រើ ៖ chgpasswd [ជម្រើស]\n"
+#~ "\n"
+#~ "ជម្រើស ៖\n"
+#~ "  -e, --encrypted\tពាក្យ​សម្ងា�់​ដែល​បាន​ផ្ដល់​�្រូវ​បាន​អ៊ិនគ្រីប\n"
+#~ "  -h, --help\t\tបង្ហា​ញសារ​ជំនួយ​ន�ះ និង​ច�ញ\n"
+#~ "  -m, --md5\t\tប្រើ​ការ​អ៊ិនគ្រីប MD5 ជំនួស​ឲ្យ DES នៅ​ព�ល​បាន​ផ្ដល់​ឲ្យ\n"
+#~ "\t\t\tពាក្យសម្ងា�់​មិន​�្រូវបាន​អ៊ិនគ្រីប\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "គ្មាន​ឯកសារ​ពាក្យ​សម្ងា�់ឡើយ​\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "សូមអភ�យទោស ។\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "សូមអភ�យទោស ពាក្យ​សម្ងា�់​សម្រាប់​ %s មិន​ទាន់​ប្�ូរ​នូវ​ឡើយ​ទ�​ ។\n"
+
+#~ msgid "Sorry."
+#~ msgstr "សូមអភ�យទោស​ ។"
diff --git a/po/ko.po b/po/ko.po
new file mode 100644
index 0000000..1b00e99
--- /dev/null
+++ b/po/ko.po
@@ -0,0 +1,3292 @@
+# shadow korean translations
+# Hwang, SangJin <accel@accellinux.org>, 1999.
+# Changwoo Ryu <cwryu@debian.org>, 2004, 2005, 2006, 2008, 2009.
+# Sunjae Park <darehanl@gmail.com>, 2006.
+#
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.1.1\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2009-04-19 21:32+0900\n"
+"Last-Translator: Changwoo Ryu <cwryu@debian.org>\n"
+"Language-Team: Korean <debian-l10n-korean@lists.debian.org>\n"
+"Language: ko\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"�름� '%s'� 항목� %s 안� 여러 개 있습니다. pwck 혹� grpck 명령으로 � 문"
+"제를 바로잡으십시오.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "libcrypt가 지�하지 않는 암호화 방법? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "설정 정보를 위한 공간� 확보할 수 없습니다.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "설정 오류 - 알 수 없는 항목 '%s'(관리��게 알리시기 바�니다)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "암호: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s� 암호: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "설정 정보를 위한 공간� 확보할 수 없습니다.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "%s� 사용기한 정보를 바꿉니다\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: 사용� �름� ��할 수 없습니다.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: 사용� �름� ��할 수 없습니다.\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: 메모리 부족\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot delete %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: '%s'�(를) 삭제할 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: 홈 디렉터리 '%s'�(는) 잘못�었습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: '%s' 항목� %s�서 제거할 수 없습니다\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: 디렉터리 %s�(를) 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "lastlog: %s� �기를 �� 수 없습니다: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove %s: %s"
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: 경고: %s�(를) 제거할 수 없습니다: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: �름 다시 설정: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: 디렉터리 %s� �름� %s(으)로 바꿀 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: 디렉터리 %s� �름� %s(으)로 바꿀 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove %s: %s"
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: 경고: %s�(를) 제거할 수 없습니다: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: 디렉터리 %s�(를) 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "lastlog: %s� �기를 �� 수 없습니다: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot delete %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: '%s'�(를) 삭제할 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: user '%s' does not exist\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: %d번 줄: '%s' 사용�가 없습니다\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: �름 다시 설정: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: %s�(를) 열 수 없습니다\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "경고: 알 수 없는 그룹(%s)\n"
+
+msgid "Warning: too many groups\n"
+msgstr "경고: 그룹� 너무 많�\n"
+
+msgid "Your password has expired."
+msgstr "암호 사용기한� 지났습니다."
+
+msgid "Your password is inactive."
+msgstr "암호 사용기간 초과로 비활성화 �었습니다."
+
+msgid "Your login has expired."
+msgstr "로그� 사용기한� 지났습니다."
+
+msgid "  Contact the system administrator."
+msgstr "  시스템 관리��게 연�하십시오."
+
+msgid "  Choose a new password."
+msgstr "  새로운 암호를 선�하십시오."
+
+msgid "You must change your password."
+msgstr "암호를 바꿔야 합니다."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "암호 사용기한� %ld� 후� �납니다.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "암호 사용기한� 내� �납니다."
+
+msgid "Your password will expire today."
+msgstr "암호 사용기한� 오늘 �납니다."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "검� �터페�스를 열 수 없습니다. 중지합니다.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "TTY 표준 입력� 소유� 혹� 모드를 바꿀 수 없습니다: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: %s� 잠금� 푸는� 실패했습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "환경 변수 오버플로우\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "$%s 변수를 바꿀 수 없습니다\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"마지막 로그� �후 %d번 실패.\n"
+"마지막 로그�� %s, %s�서.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "메�함 소유�를 바꾸는 � 실패했습니다"
+
+#, fuzzy, c-format
+#| msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: 유�한 UID를 얻� 수 없습니다 (UID가 남아 있지 않습니다)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: 유�한 GID를 얻� 수 없습니다 (GID가 남아 있지 않습니다)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: 유�한 UID를 얻� 수 없습니다 (UID가 남아 있지 않습니다)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: 유�한 UID를 얻� 수 없습니다 (UID가 남아 있지 않습니다)\n"
+
+msgid "Too many logins.\n"
+msgstr "로그� 횟수가 너무 많�.\n"
+
+msgid "You have new mail."
+msgstr "새 메�� �착하였습니다."
+
+msgid "No mail."
+msgstr "메� 없습니다."
+
+msgid "You have mail."
+msgstr "메�� 있습니다."
+
+msgid "no change"
+msgstr "바� �� 없습니다"
+
+msgid "a palindrome"
+msgstr "앞뒤로 같� 단어입니다"
+
+msgid "case changes only"
+msgstr "대소문�만 바뀌었습니다"
+
+msgid "too similar"
+msgstr "너무 비슷합니다"
+
+msgid "too simple"
+msgstr "너무 간단합니다"
+
+msgid "rotated"
+msgstr "순서만 순환�었습니다"
+
+msgid "too short"
+msgstr "너무 짧습니다"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "잘못� 암호: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "암호: pam_start() 실패했습니다, 오류 %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "암호: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: 암호를 바꿨습니다\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: 암호를 성공�으로 업��트했습니다\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "'%s'� 암호가 맞지 않습니다.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: 관리� 권한� 버릴 수 없습니다 (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: 잘못� 집 전화번호: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: 디렉터리 %s�(를) 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: 디렉터리 %s�(를) 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: 디렉터리 %s�(를) 만들 수 없습니다\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"쓸 수 없는 ENCRYPT_METHOD 값: '%s'.\n"
+"기본값� DES로 설정합니다.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "'%s' 디렉터리로 ��할 수 없습니다\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "디렉터리 없�, 루트 디렉터리(/)로 로그�합니다"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s�(를) 실행할 수 없습니다"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "루트 디렉터리 '%s'�(가) 잘못�었습니다\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "루트 디렉터리를 '%s'(으)로 바꿀 수 없습니다\n"
+
+msgid "Unable to determine your tty name."
+msgstr "TTY �름� 확�할 수 없습니다."
+
+msgid "No"
+msgstr "아니오"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "새로운 값� 넣거나, 기본값� �하시면 엔터를 치세요"
+
+msgid "Minimum Password Age"
+msgstr "암호� 최소 유효 기간"
+
+msgid "Maximum Password Age"
+msgstr "암호� 최대 유효 기간"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "마지막으로 암호를 바꾼 날 (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "암호 사용만료 예고"
+
+msgid "Password Inactive"
+msgstr "암호를 사용할 수 없�"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "계정 만료 날짜 (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "마지막으로 암호를 바꾼 날\t\t\t\t\t:"
+
+msgid "never"
+msgstr "안함"
+
+msgid "password must be changed"
+msgstr "암호를 바꿔야 합니다"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "암호 만료\t\t\t\t\t:"
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "암호가 비활성화 기간\t\t\t\t\t:"
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "계정 만료\t\t\t\t\t\t:"
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "암호를 바꿀 수 있는 최소 날 수\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "암호를 바꿔야 하는 최대 날 수\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "암호 만료 예고를 하는 날 수\t\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: 날짜 '%s'�(는) 잘못�었습니다\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: 잘못� 숫� �� '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: \"l\" 플래그를 다른 플래그와 함께 �함하지 � 것\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: 권한� 거부�었습니다.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: 사용� �름� ��할 수 없습니다.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: %s�(를) 잠글 수 없습니다. 나중� 다시 시�하십시오.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: %s�(를) 열 수 없습니다\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: 바� 사항� %s� 쓰는 � 실패했습니다\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: 새 %s 항목 '%s'�(를) 준비하는� 실패했습니다\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: 셰�우 암호 파�� 없습니다\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: '%s' 사용�가 %s� 없습니다\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "%s� 사용기한 정보를 바꿉니다\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: 항목� 변경하는 �중 오류가 발�했습니다\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "�름"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "방 번호"
+
+msgid "Work Phone"
+msgstr "�장 번화번호"
+
+msgid "Home Phone"
+msgstr "집 전화번호"
+
+msgid "Other"
+msgstr "기타"
+
+msgid "Cannot change ID to root.\n"
+msgstr "아�디를 루트로 바꿀 수는 없습니다.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: �름� ASCII가 아닌 문�가 들어 있습니다: '%s'\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: 잘못� �름: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: 방 번호� ASCII가 아닌 문�가 들어 있습니다: '%s'\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: 잘못� 방 번호: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: 잘못� �장 전화번호: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: 잘못� 집 전화번호: '%s'\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s'� ASCII가 아닌 문�가 들어 있습니다\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s'� 사용할 수 없는 글�가 들어 있습니다\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: '%s' 사용�가 없습니다\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: NIS ���언트�서 '%s' 사용�를 바꿀 수 없습니다.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s'�(가) 현재� ���언트� NIS 마스터입니다.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "%s� 사용�� 정보를 바꿉니다\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: 입력범위가 너무 �니다\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: %s 플래그는 %s 플래그와 함께 사용해야 합니다\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: -c, -e, -m 옵션� 하나만 쓸 수 있습니다\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: 지�하지 않는 암호화 방법: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: %d번 줄: 너무 �니다\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: %d번 줄: 새 암호가 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: %s�(를) 제거하는� 실패했습니다\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: %d번 줄: '%s' 그룹� 없습니다\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: %d번 줄: 새 %s 항목 '%s'�(를) 준비하는 � 실패했습니다\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: 오류 발견, 바� 내역� 무시합니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: user '%s' does not exist\n"
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: %d번 줄: '%s' 사용�가 없습니다\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: %d번 줄: '%s' 사용�가 없습니다\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "로그� 쉘"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "'%s'� 쉘� 바꿀 수 없습니다.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "%s� 로그� 쉘� 변경하고 있습니다\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: 부�절한 입력: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s�(는) 사용할 수 없는 쉘입니다.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user '%s' does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: '%s' 사용�가 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: 경고: %s�(는) %s�(가) 소유하고 있지 않습니다\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: %s 옵션 � %s 충�\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: 올 수 없는 ��입니다: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: Failed to get the entry for UID %d\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "lastlog: UID %d번� 항목� �는� 실패했습니다\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "로그�       실패     최대값  최근                     사용\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lu초 남�]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%ld초 잠금]"
+
+#, fuzzy, c-format
+#| msgid "faillog: Failed to reset fail count for UID %d\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "faillog: UID %d� 실패 횟수를 초기화하는� 실패했습니다\n"
+
+#, fuzzy, c-format
+#| msgid "faillog: Failed to set max for UID %d\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "faillog: UID %d� 최대값� 설정하는� 실패했습니다\n"
+
+#, fuzzy, c-format
+#| msgid "faillog: Failed to set locktime for UID %d\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "faillog: UID %d� 잠금시�� 설정하는� 실패했습니다\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Unknown user or range: %s\n"
+msgid "%s: Unknown user or range: %s\n"
+msgstr "lastlog: 알 수 없는 사용� 혹� 범위: %s\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "lastlog: %s� �기를 �� 수 없습니다: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: %s�(를) 제거하는� 실패했습니다\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -A, --administrators ADMIN,...\n"
+#| "                                set the list of administrators for GROUP\n"
+#| "Except for the -A and -M options, the options cannot be combined.\n"
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators <관리�>,...\n"
+"                                <그룹>� 관리� 목�� 설정합니다\n"
+"� 옵션� 같� 쓸 수 없습니다. 예외로 -A와 -M 옵션� 같� 쓸 수 있습니다.\n"
+
+#, fuzzy
+#| msgid "The options cannot be combined.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "� 옵션� 같� 쓸 수 없습니다.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "� 옵션� 같� 쓸 수 없습니다.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: -A를 사용할 때�는 셰�우 그룹 암호가 필요합니다\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: '%s' 그룹� %s� 없습니다\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: �기 전용 %s�(를) 닫는� 실패했습니다\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "%s 그룹� 암호를 바꾸는 중\n"
+
+msgid "New Password: "
+msgstr "새 암호: "
+
+msgid "Re-enter new password: "
+msgstr "새 암호를 다시 입력하십시오: "
+
+msgid "They don't match; try again"
+msgstr "입력값� �치하지 않습니다. 다시 시�하십시오"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: 나중� 다시 시�하십시오\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "사용� %s�(를) %s 그룹� 등� 중\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "사용� %s�(를) 그룹 %s�서 제거하는 중\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: `%s' 사용�는 '%s'� 멤버가 아닙니다\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: TTY가 아닙니다\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: '%s'�(는) 사용할 수 없는 그룹 �름입니다\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "'%s' `%s' 그룹 ID는 쓸 수 없습니다\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K 옵션�는 <키>=<값> 형태� 입력� 필요합니다\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: '%s' 그룹� �미 있습니다\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: '%lu' GID가 �미 있습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: 사용� �름� ��할 수 없습니다.\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: '%s' 항목� %s�서 제거할 수 없습니다\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: '%s' 사용�� 주요 그룹� 제거할 수 없습니다\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: '%s' 그룹� 없습니다\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: '%s' 그룹� NIS 그룹입니다\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s�(는) NIS 마스터입니다\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: '%s' 사용�는 �미 '%s'� 멤버입니다\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: 메모리가 부족합니다. %s�(를) 업��트할 수 없습니다.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: 그룹 �름� 사용� �름과 맞지 않습니다\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: root만 -g/--group 옵션� 쓸 수 있습니다\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: '%s' 그룹 �름� 쓸 수 없습니다\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: %s 그룹� NIS 그룹입니다\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: 알 수 없는 사용� %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "사용법: %s [-r] [-s] [그룹 [gshadow]]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [-r] [-s] [group]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "사용법: %s [-r] [-s] [그룹]\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s 옵션과 -r 옵션� �시� 쓸 수 없습니다\n"
+
+msgid "invalid group file entry"
+msgstr "쓸 수 없는 그룹 파� 입력값입니다"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "'%s' 줄� 삭제하시겠습니까?"
+
+msgid "duplicate group entry"
+msgstr "그룹 입력값 복제"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "'%s' 그룹 �름� 쓸 수 없습니다\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "'%lu' 그룹 ID는 쓸 수 없습니다\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "그룹 %s: %s 사용�가 없습니다\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "'%s' 그룹 멤버를 삭제하시겠습니까? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "%s� �치하는 그룹 파� 입력값� 없습니다\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "%2$s 그룹� %1$s 안� 추가하시겠습니까?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "쓸 수 없는 셰�우 그룹파� 입력값"
+
+msgid "duplicate shadow group entry"
+msgstr "셰�우 그룹 입력값 복제"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "셰�우 그룹 %s: 관리용 사용� %s�(가) 없습니다\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "관리용 멤버 '%s'�(를) 삭제하시겠습니까? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "셰�우 그룹 %s: %s(�)�는 사용�가 없습니다\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: 파�� 업��트 �었습니다\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: 바� �� 없�\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: '%s'�(를) 삭제할 수 없습니다\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "사용법: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "사용법: id\n"
+
+msgid " groups="
+msgstr " 그룹 목�="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr "사용��름       �트     어디서           최근정보"
+
+msgid "Username                Port     Latest"
+msgstr "사용��름              �트     최근정보"
+
+msgid "**Never logged in**"
+msgstr "**한번� 로그�한 �� 없습니다**"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Failed to get the entry for UID %d\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "lastlog: UID %d번� 항목� �는� 실패했습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: UID %lu번� 최근 기� 항목� 초기화하는� 실패했습니다: %s\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "사용법: %s [-p] [�름]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h 호스트�름] [-f �름]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r 호스트\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "잘못� 로그� 시간"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"정기 �검� 위해 시스템� 종료�었습니다"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[접�해제가 무시�었습니다 -- 루트 로그� 허용.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"UTMP 항목� 없습니다. 가장 낮� \"sh\"�서 \"login\"� 실행해야 합니다."
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"%d 초 후 로그�� 종료�었습니다.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM 실패. 중지 중: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s 로그�: "
+
+msgid "login: "
+msgstr "로그�: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "로그� 시� 횟수 최대값� 초과했습니다(%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: PAM�서 종료를 요청했습니다\n"
+
+msgid "Login incorrect"
+msgstr "로그�� 맞지 않습니다"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: 사용� �름� ��할 수 없습니다.\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s 로그�: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: fork 실패: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY 실패, 위치는 %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "경고: 로그�� �시�으로 �쇄� 후 다시 로그�� 허용합니다."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "마지막 로그�: %s on %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "마지막 로그�: %.19s on %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " %.*s �서"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"로그� 시간� 지나갔습니다\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "사용법: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "사용법: newgrp [-] [그룹]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "사용법: sg group [[-c] 명령]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: %s�(를) 제거하는� 실패했습니다\n"
+
+msgid "Invalid password.\n"
+msgstr "쓸 수 없는 암호입니다.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: 프로세스 만들기 실패: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: '%lu' GID가 없습니다\n"
+
+msgid "too many groups\n"
+msgstr "그룹� 너무 많습니다\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: '%s' 그룹� 셰�우 그룹�지만, /etc/group� 없습니다\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: 사용할 수 없는 사용� ID '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: 쓸 수 없는 사용� �름 '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: %d번 줄: 올바른 줄� 아닙니다\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: %s 사용�� 항목� 업��트 할 수 없습니다 (passwd ��터베�스� 없습니"
+"다)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: %d번 줄: 사용�를 만들 수 없습니다\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: %d번 줄: 그룹� 만들 수 없습니다\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: %d번 줄: `%s' 사용�가 %s 안� 없습니다\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: %d번 줄: 암호를 업��트 할 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: %d번 줄: 디렉터리 만들기� 실패했습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: %d번 줄: chown 실패했습니다\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: %d번 줄: 입력값� 업��트 할 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: 새 %s 항목 '%s'�(를) 준비하는� 실패했습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: 사용�를 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: 그룹� 만들 수 없습니다\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid "Old password: "
+msgstr "예전 암호: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"새 암호를 입력하십시오 (최소 %d글�)\n"
+"대소문�와 숫�를 조합하여 사용하십시오.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"새 암호를 입력하십시오(최소 %d, 최대 %d 글�)\n"
+"�어 대소문�와 숫�를 조합하여 사용하십시오.\n"
+
+msgid "New password: "
+msgstr "새 암호: "
+
+msgid "Try again."
+msgstr "다시 시�하십시오."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"경고: 보안성� 없는 암호 (그래� 사용하길 �하신다면 다시 입력하십시오)."
+
+msgid "They don't match; try again.\n"
+msgstr "입력값� �치하지 않습니다. 다시 시�하십시오.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "%s� 암호는 바꿀 수 없습니다.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "%s� 암호는 아� 바꿀 수 없습니다.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: 암호� 잠금� 해제하면 암호 없는 계정� �니다. � 암호� 잠금�\n"
+"풀려면 usermod -p 명령으로 � 계정� 암호 잠금� 해제해야 합니다.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: %s 저장소는 지�하지 않습니다\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s 사용�는 %s� 암호를 바꿀 권한� 없습니다\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: %s� 암호 정보를 보거나 바꿀 수 없습니다.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "%s� 대한 암호를 바꾸는 중\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s� 암호를 바꾸지 않았습니다.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "암호를 바꿨습니다."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "암호 사용만료 예고"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "사용법: %s [-q] [-r] [-s] [암호 [shadow]]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "사용법: %s [-q] [-r] [-s] [암호 [shadow]]\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "올바르지 않� 암호 파� 항목"
+
+msgid "duplicate password entry"
+msgstr "암호 입력값 복제"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "올바르지 않� 사용� �름 '%s'\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "올바르지 않� 사용� ID '%lu'\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "사용� '%s': %lu 그룹� 없습니다\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "사용� '%s': '%s' 디렉터리가 없습니다\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "사용� '%s': '%s' 프로그램� 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: 디렉터리 %s�(를) 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: 디렉터리 %s�(를) 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: 디렉터리 %s�(를) 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: %s�(를) 열 수 없습니다\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "%s� 있는 암호 파� 입력값� �치하지 않습니다\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "사용� '%s'�(를) %s� 추가하시겠습니까?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "쓸 수 없는 셰�우 암호 파� 입력값입니다"
+
+msgid "duplicate shadow password entry"
+msgstr "셰�우 암호 입력값 복제"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "사용� %s: 마지막 암호 바꾼 때가 미래입니다\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: %s 안� 항목� 정렬할 수 없습니다\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: %s� 모드를 0600으로 바꾸는� 실패했습니다\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "su를 통해 � 계정으로 접근하는 것� 거부�었습니다.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "암호 ��� 무시�었습니다.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "��하기 위해 본�� 암호를 입력하십시오.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: 사용� �름� ��할 수 없습니다.\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"사용법: su [옵션] [<로그�>]\n"
+"\n"
+"옵션:\n"
+"  -c, --command <명령어>        실행� 쉘� <명령어>를 보냅니다\n"
+"  -h, --help                    � �움� 메시지를 표시하고 �냅니다\n"
+"  -, -l, --login                쉘� 로그� 쉘로 합니다\n"
+"  -m, -p,\n"
+"  --preserve-environment        환경변수를 초기화하지 않고 같� 쉘�\n"
+"                                사용합니다\n"
+"  -s, --shell <쉘>              암호 파�� 기본 쉘 대신 <쉘>를 사용합니다\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(무시�)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "su %s�(를) 하�� ��� �지 않았습니다\n"
+
+msgid "(Enter your own password)"
+msgstr "(본�� 암호를 입력하십시오)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: ��� 실패했습니다\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: 현재 su 명령� 실행할 권한� 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "'루트'� 대한 암호 파� 입력값� 없�"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: 터미��서 받드시 실행�어야 합니다\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: 오류 %d\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "lastlog: %s� �기를 �� 수 없습니다: %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "%s�(를) 실행할 수 없습니다"
+
+msgid "No password file"
+msgstr "암호 파� 없�"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY 실패"
+
+msgid "No password entry for 'root'"
+msgstr "'루트'� 대한 암호 파� 입력값� 없�"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"�반�으로 시작(normal startup)� 하려면 control-d를 입력하십시오,\n"
+"(그렇지 않으면 시스템 정비를 위하여 루트 암호를 입력하십시오)"
+
+msgid "Entering System Maintenance Mode"
+msgstr "시스템 정비 모드로 들어가고 있습니다"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: 새로운 기본값 파�� 만들 수 없습니다\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: 새로운 기본값 파�� 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: %d번 줄: chown 실패했습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: 디렉터리 %s�(를) 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: �름 다시 설정: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: '%s' 그룹� NIS 그룹입니다.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: 그룹� 너무 많� 명시�었습니다 (최대 %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: 기본 디렉터리 '%s' 잘못�었습니다\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: 주� '%s'�(가) 잘못�었습니다\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: 홈 디렉터리 '%s'�(는) 잘못�었습니다\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: -e 옵션� 사용할 경우 셰�우 암호가 필요합니다\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: -f 옵션� 사용할 경우 셰�우 암호가 필요합니다\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: 올바르지 않� 필드 '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: 올바르지 않� 쉘 '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+"%s: UID %lu번� 로그� 실패 기� 항목� 초기화하는� 실패했습니다: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: UID %lu번� 최근 기� 항목� 초기화하는� 실패했습니다: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: 새 %s 항목 '%s'�(를) 준비하는� 실패했습니다\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: 디렉터리 %s�(를) 만들 수 없습니다\n"
+
+msgid "Creating mailbox file"
+msgstr "메�함 파�� 만드는 중"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr "'mail' 그룹� 없습니다. 사용�� 메�함 파�� 0600 모드로 만듭니다.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "메�함� 파� 권한� 설정 중"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: '%s' 사용�가 �미 있습니다\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: %s 그룹� �미 있습니다. � 사용�를 � 그룹� 추가하려면, -g 옵션� 사용"
+"하십시오.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: 사용�를 만들 수 없습니다\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu번� 유�하지 않습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: 디렉터리 %s�(를) 만들 수 없습니다\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: 그룹� 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: 사용�를 만들 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: 그룹� 만들 수 없습니다\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: 경고: 홈디렉터리가 �미 있습니다.\n"
+"skel 디렉터리�서 파�� 복사하지 않습니다.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove the primary group of user '%s'\n"
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: '%s' 사용�� 주요 그룹� 제거할 수 없습니다\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr "%s: %s 그룹� 다른 사용�� 주요 그룹�므로 제거하지 않습니다.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: '%s' 항목� %s�서 제거할 수 없습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: 홈 디렉터리 '%s'�(는) 잘못�었습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove %s: %s"
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: 경고: %s�(를) 제거할 수 없습니다: %s"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s�(는) %s� 소유가 아닙니다, 제거하지 않습니다\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: 관리� 권한� 버릴 수 없습니다 (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "lastlog: %s� �기를 �� 수 없습니다: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: '%s' 항목� %s�서 제거할 수 없습니다\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: %s 사용�는 NIS 사용� 입니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: 홈 디렉터리 '%s'�(는) 잘못�었습니다\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: 디렉터리 %s�(는) 제거하지 않습니다 (사용� %s� 홈 디렉터리를\n"
+"제거하게 �니다)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: 디렉터리 %s�(를) 제거하는 � 오류가 발�했습니다\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr "  -s, --sha-rounds              SHA* 암호화 알고리즘� SHA �운드 수\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: 사용�� 암호 잠금� 해제하면 암호 없는 계정� �니다. � 사용��\n"
+"암호 잠금� 풀려면 usermod -p 명령으로 암호 잠금� 해제해야 합니다.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: '%s' 사용�가 �미 %s 안� 있습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: 날짜 '%s'�(는) 잘못�었습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: 날짜 '%s'�(는) 잘못�었습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: no options\n"
+msgstr "%s: %s�(를) 열 수 없습니다\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: -L, -p, -U 옵션� 한 번� 하나만 쓸 수 있습니다\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: -e 옵션과 -f 옵션� 셰�우 암호가 필요합니다\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: '%lu' UID가 �미 있습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s 사용�는 %s� 암호를 바꿀 권한� 없습니다\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: 디렉터리 %s�(는) �미 있습니다\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: 디렉터리 %s�(를) 만들 수 없습니다\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: 경고: �전 홈 디렉터리 %s�(를) 완전히 제거하는 � 실패했습니다"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: 디렉터리 %s� �름� %s(으)로 바꿀 수 없습니다\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: 사용� %lu� 최근 기� 항목� 사용� %lu� 복사하는� 실패했습니다: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: 사용� %lu� 로그� 실패 기� 항목� 사용� %lu� 복사하는� 실패했습니"
+"다: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: 경고: %s�(는) %s�(가) 소유하고 있지 않습니다\n"
+
+msgid "failed to change mailbox owner"
+msgstr "메�함 소유�를 바꾸는 � 실패했습니다"
+
+msgid "failed to rename mailbox"
+msgstr "메�함� �름� 바꾸는 � 실패했습니다"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: 새 %s 항목 '%s'�(를) 준비하는� 실패했습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: 새 %s 항목 '%s'�(를) 준비하는� 실패했습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: 새 %s 항목 '%s'�(를) 준비하는� 실패했습니다\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: 새 %s 항목 '%s'�(를) 준비하는� 실패했습니다\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"%s�(를) 수정했습니다.\n"
+"앞뒤가 맞으려면 %s� 바꿔야 합니다.\n"
+"수정하려면 '%s' 명령� �용하십시오.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: %s�(를) 제거하는� 실패했습니다\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s�(는) 바뀌지 않았습니다\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "메�함� �름� 바꾸는 � 실패했습니다"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: 관리� 권한� 버릴 수 없습니다 (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "파�� 잠글 수 없습니다"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: 관리� 권한� 버릴 수 없습니다 (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "파�� 잠글 수 없습니다"
+
+msgid "Couldn't make backup"
+msgstr "백업� 만들 수 없습니다"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to open scratch file"
+msgstr "메�함� �름� 바꾸는 � 실패했습니다"
+
+#, fuzzy
+#| msgid "%s: failed to unlock %s\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: %s� 잠금� 푸는� 실패했습니다\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "메�함� �름� 바꾸는 � 실패했습니다"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "메�함 소유�를 바꾸는 � 실패했습니다"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "메�함� �름� 바꾸는 � 실패했습니다"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: %s�(를) 복구할 수 없습니다: %s (바� 사항� %s� 있습니다)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: 기본 디렉터리 '%s' 잘못�었습니다\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d)� 실패\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -d, --lastday LAST_DAY        set last password change to LAST_DAY\n"
+#~| "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --list                    show account aging information\n"
+#~| "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "  -W, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: chage [옵션] [로그�]\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ "  -d, --lastday <최근날짜>       최근 암호를 바꾼 날짜를 <최근날짜>로 합니"
+#~ "다.\n"
+#~ "  -E, --expiredate <만료날짜>    계정 만료날짜를 <만료날짜>로 합니다.\n"
+#~ "  -h, --help                     � �움�� 표시하고 �냅니다.\n"
+#~ "  -I, --inactive <비활성화기간>  만료� 후 비활성화 기간� <비활성화기간>"
+#~ "으로\n"
+#~ "                                 합니다\n"
+#~ "  -l, --list                     계정� 사용기한 정보를 표시합니다.\n"
+#~ "  -m, --mindays <최소날수>       암호를 바꾸기 전� 최소 날짜 수를 <최소날"
+#~ "수>로\n"
+#~ "                                 합니다.\n"
+#~ "  -M, --maxdays <최대날수>       암호를 바꾸기 전� 최대 날짜 수를 <최대날"
+#~ "수>로\n"
+#~ "                                 합니다.\n"
+#~ "  -W, --warndays <경고날수>      만료 경고 기간� <경고날수>으로 합니다.\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM ��� 실패했습니다\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "사용법: %s [-f �름] [-r 방_번호] [-w �장_전화번호]\n"
+#~ "\t[-h 집_전화번호] [-o 기타] [사용�]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "사용법: %s [-f �름] [-r 방_번호] [-w �장_전화번호] [-h 집_전화번호]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "사용법: %s [옵션]\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ "  -c, --crypt-method            암호화 방법 (다� 중 하나: %s)\n"
+#~ "  -e, --encrypted               입력하는 암호가 암호화�어 있습니다\n"
+#~ "  -h, --help                    � �움� 메시지를 표시하고 �냅니다\n"
+#~ "  -m, --md5                     �반 �스트 암호를 MD5 알고리즘� 사용해\n"
+#~ "                                암호화합니다\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: chsh [옵션] [<로그�>]\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ "  -h, --help                    � �움� 메시지를 표시하고 �냅니다\n"
+#~ "  -s, --shelll <쉘>             사용� 계정� 새 로그� 쉘\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "사용법: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "faillog: Failed to get the entry for UID %d\n"
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: UID %d번� 항목� �는� 실패했습니다\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: %s�(를) 열 수 없습니다: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: %s� �기를 얻� 수 없습니다: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "사용법: groupdel 그룹\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s 옵션과 -r 옵션� �시� 쓸 수 없습니다\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "사용법: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "사용법: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: lastlog [옵션]\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ "  -b, --before <날짜>           <날짜>� �전� 최근 기�� 표시합니다\n"
+#~ "  -h, --help                    � �움� 메시지를 표시하고 �냅니다\n"
+#~ "  -t, --time <날짜>             <날짜>� 내� 최근 기�만 표시합니다\n"
+#~ "  -u, --user <로그�>           <로그�> 사용�� 최근 기�만 표시합니다\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: passwd [옵션] [<로그�>]\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ "  -a, --all                     모든 계정� 암호 �태를 보고합니다\n"
+#~ "  -d, --delete                  지정� 계정� 암호를 지�니다\n"
+#~ "  -e, --expire                  지정� 계정 암호를 강제로 만료시킵니다\n"
+#~ "  -h, --help                    � �움� 메시지를 표시하고 �냅니다\n"
+#~ "  -k, --keep-tokens             암호가 만료했� 때만 바꿉니다\n"
+#~ "  -i, --inactive <비활성화기간> 만료� 후 비활성화 기간� \n"
+#~ "                                <비활성화기간>으로 합니다\n"
+#~ "  -l, --lock                    지정� 계정� 암호를 잠급니다\n"
+#~ "  -n, --mindays <최소날수>      암호를 다시 바꿀 수 있는 최소 �\n"
+#~ "                                수를 <최소날수>로 합니다\n"
+#~ "  -q, --quiet                   조용한 모드\n"
+#~ "  -r, --repository <저장소>     <저장소> 저장소� 있는 암호를 바꿉니다\n"
+#~ "  -S, --status                  지정� 계정� 암호 �태를 보고합니다\n"
+#~ "  -u, --unlock                  지정� 계정� 암호 잠금� 해제합니다\n"
+#~ "  -w, --warndays <경고날수>     암호 만료 예고를 <경고날수> �전부터 합니"
+#~ "다\n"
+#~ "  -x, --maxdays <최대날수>      암호를 바꾸지 않� 수 있는 최대 �\n"
+#~ "                                수를 <최대날수>로 합니다\n"
+#~ "\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "사용법: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "사용법: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "알 수 없는 아�디: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "쉘� 없�\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: userdel [옵션] <로그�>\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ "  -f, --force                   파�� 사용� 소유�가 아니��� 강제로\n"
+#~ "                                지�니다\n"
+#~ "  -h, --help                    � �움� 메시지를 표시하고 �냅니다\n"
+#~ "  -r, --remove                  홈 디렉터리와 메� 저장소� 지�니다\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: %s 사용�는 현재 로그�한 �태 입니다\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: usermod [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~| "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~| "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~| "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~| "  -a, --append                  append the user to the supplemental "
+#~| "GROUPS\n"
+#~| "                                mentioned by the -G option without "
+#~| "removing\n"
+#~| "                                him/her from other groups\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~| "  -L, --lock                    lock the user account\n"
+#~| "  -m, --move-home               move contents of the home directory to "
+#~| "the\n"
+#~| "                                new location (use only with -d)\n"
+#~| "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~| "  -p, --password PASSWORD       use encrypted password for the new "
+#~| "password\n"
+#~| "  -s, --shell SHELL             new login shell for the user account\n"
+#~| "  -u, --uid UID                 new UID for the user account\n"
+#~| "  -U, --unlock                  unlock the user account\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "사용법: usermod [옵션] <로그�>\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ "  -c, --comment <설명>          GECOS필드� 값� 새로 설정합니다\n"
+#~ "  -d, --home <홈디렉터리>       지정� 사용� 계정� 새 홈 디렉터리를\n"
+#~ "                                지정합니다\n"
+#~ "  -e, --expiredate <만료날짜>   계정 만료 날짜를 <만료날짜>로 합니다\n"
+#~ "  -f, --inactive <비활성화기간> 만료� 후 비활성화 기간� <비활성화기간>으"
+#~ "로\n"
+#~ "                                합니다\n"
+#~ "  -g, --gid <그룹>              새 주요 그룹� <그룹>으로 강제로 지정합니"
+#~ "다\n"
+#~ "  -G, --groups <그룹목�>       보조 그룹� 목�� 새로 지정합니다\n"
+#~ "  -a, --append                  사용�를 보조 그룹 <그룹>� 추가합니다\n"
+#~ "                                (그룹 목�� -G 옵션� 나타나고 다른\n"
+#~ "                                그룹� 추가 삭제 �태는 변하지 않습니다)\n"
+#~ "  -h, --help                    � �움�� 표시하고 �냅니다\n"
+#~ "  -l, --login <새로그�>        로그� �름� 새로 지정합니다\n"
+#~ "  -L, --lock                    지정� 사용� 계정� 잠급니다\n"
+#~ "  -m, --move-home               홈 디렉터리� 내용� 새 홈 디렉터리로 옮�"
+#~ "니다\n"
+#~ "                                (-d 옵션과 함께 사용해야 합니다)\n"
+#~ "  -o, --non-unique              중복�는 UID� 허용합니다\n"
+#~ "  -p, --password <암호>         새로 사용할 암호를 암호화하여 사용합니다\n"
+#~ "  -s, --shell <쉘>              지정� 사용� 계정� 로그� 쉘� 지정합니"
+#~ "다\n"
+#~ "  -u, --uid <UID>               지정� 사용� 계정� 새 <UID> 값� 지정합"
+#~ "니다\n"
+#~ "  -U, --unlock                  사용� 계정� 잠금� 해제합니다\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: 주어진 플래그가 없습니다\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: vipw [옵션]\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ "  -g, --group                   그룹 ��터베�스를 편집합니다\n"
+#~ "  -h, --help                    � �움� 메시지를 표시하고 �냅니다\n"
+#~ "  -p, --passwd                  passwd ��터베�스를 편집합니다\n"
+#~ "  -q, --quiet                   조용한 모드\n"
+#~ "  -s, --shadow                  셰�우 ��터베�스나 그룹 셰�우 \n"
+#~ "                                ��터베�스를 수정합니다\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [option] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --add USER                add USER to GROUP\n"
+#~ "  -d, --delete USER             remove USER from GROUP\n"
+#~ "  -r, --remove-password         remove the GROUP's password\n"
+#~ "  -R, --restrict                restrict access to GROUP to its members\n"
+#~ "  -M, --members USER,...        set the list of members of GROUP\n"
+#~ "%s\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: %s [옵션] <그룹>\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ "  -a, --add <사용�>            <사용�>를 <그룹>� 추가합니다\n"
+#~ "  -d, --delete <사용�>         <사용�>를 <그룹>�서 제거합니다\n"
+#~ "  -r, --remove-password         <그룹>� 암호를 제거합니다\n"
+#~ "  -R, --restrict                <그룹>� 접근하는 권한� 멤버로 제한합니"
+#~ "다\n"
+#~ "  -M, --members <사용�>,...    그룹� 멤버 목�� 설정합니다\n"
+#~ "%s\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmems [options] [action]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group groupname         change groupname instead of the user's "
+#~ "group\n"
+#~ "                                (root only)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ "  -a, --add username            add username to the members of the group\n"
+#~ "  -d, --delete username         remove username from the members of the "
+#~ "group\n"
+#~ "  -p, --purge                   purge all members from the group\n"
+#~ "  -l, --list                    list the members of the group\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: groupmems [옵션] [�작]\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ "  -g, --group <그룹�름>        사용�� 그룹� 아닌 <그룹�름>� 바꿉니"
+#~ "다\n"
+#~ "                                (root ì „ìš©)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ "  -a, --add <사용��름>        <사용��름>� 그룹� 멤버로 추가합니다\n"
+#~ "  -d, --delete <사용��름>     그룹 멤버�서 <사용��름>� 제거합니다\n"
+#~ "  -p, --purge                   그룹�서 모든 멤버를 없앱니다\n"
+#~ "  -l, --list                    그룹� 멤버 목�� 표시합니다\n"
+#~ "\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: %s�(를) 만들 수 없습니다\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: %s�(를) chown할 수 없습니다\n"
+
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: faillog [옵션]\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ "  -a, --all                  모든 사용�� 로그� 실패 기�� 표시합니다\n"
+#~ "  -h, --help                 � �움� 메시지를 표시하고 �냅니다\n"
+#~ "  -l, --lock-time <초>       로그�� 실패하면 <초>초 �안 계정� 잠급니"
+#~ "다\n"
+#~ "  -m, --maximum <최대값>     로그� 실패 횟수� 최대값� <최대값>으로 합니"
+#~ "다\n"
+#~ "  -r, --reset                로그� 실패 횟수를 초기화합니다\n"
+#~ "  -t, --time <날짜>          <날짜>� 내� 로그� 실패 기�만 표시합니다\n"
+#~ "  -u, --user <로그�>        <로그�> 사용�� 로그� 실패 기�� 표시하거"
+#~ "나,\n"
+#~ "                             -r, -m, -l 옵션� 사용할 때�는 <로그�> 사용"
+#~ "��\n"
+#~ "                             로그� 실패 횟수와 한계값만 관리합니다\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: groupadd [옵션] <그룹>\n"
+#~ "\n"
+#~ "옵션\n"
+#~ "  -f, --force                   지정한 그룹� �미 있� 경우�� �내고 \n"
+#~ "                                성공한 것으로 표시합니다\n"
+#~ "  -g, --gid <GID>               새 그룹� gid를 <GID>로 합니다\n"
+#~ "  -h, --help                    � �움� 메시지를 표시하고 �냅니다\n"
+#~ "  -K, --key <키>=<값>           /etc/login.defs� 기본값� 무시하고 설정합"
+#~ "니다\n"
+#~ "  -o, --non-unique              GID가 중복����(유�하지 않���)\n"
+#~ "                                그룹 만들기를 허용합니다\n"
+#~ "  -p, --password <암호>         새 그룹� 암호화한 암호를 사용합니다\n"
+#~ "  -r, --system                  시스템 계정� 만듭니다\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "사용법: groupmod [옵션] <그룹>\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ "  -g, --gid <GID>               <그룹>� 새 <GID>를 사용합니다\n"
+#~ "  -h, --help                    � �움�� 출력하고 �납니다\n"
+#~ "  -n, --new-name <새그룹>       <그룹>� <새그룹> �름� 강제로 사용합니"
+#~ "다\n"
+#~ "  -o, --non-unique              <그룹>� 중복� (유�하지 않�) GID로 그룹"
+#~ "� \n"
+#~ "                                만듭니다\n"
+#~ "  -p, --password <암호>         새 암호� 암호화한 암호를 사용합니다\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: useradd [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~| "                                home directory\n"
+#~| "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~| "account\n"
+#~| "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~| "  -D, --defaults                print or save modified default useradd\n"
+#~| "                                configuration\n"
+#~| "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -g, --gid GROUP               force use GROUP for the new user "
+#~| "account\n"
+#~| "  -G, --groups GROUPS           list of supplementary groups for the "
+#~| "new\n"
+#~| "                                user account\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~| "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~| "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~| "                                faillog databases\n"
+#~| "  -m, --create-home             create home directory for the new user\n"
+#~| "                                account\n"
+#~| "  -M, --no-create-home          do not create user's home directory\n"
+#~| "                                (overrides /etc/login.defs)\n"
+#~| "  -N, --no-user-group           do not create a group with the same name "
+#~| "as\n"
+#~| "                                the user\n"
+#~| "  -o, --non-unique              allow create user with duplicate\n"
+#~| "                                (non-unique) UID\n"
+#~| "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~| "                                account\n"
+#~| "  -r, --system                  create a system account\n"
+#~| "  -s, --shell SHELL             the login shell for the new user "
+#~| "account\n"
+#~| "  -u, --uid UID                 force use the UID for the new user "
+#~| "account\n"
+#~| "  -U, --user-group              create a group with the same name as the "
+#~| "user\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "사용법: useradd [옵션] <로그�>\n"
+#~ "\n"
+#~ "옵션:\n"
+#~ "  -b, --base-dir <기본디렉터리>  새 사용� 계정� 홈 디렉터리� 기본 디렉"
+#~ "토리\n"
+#~ "  -c, --comment <설명>           새 사용� 계정� GECOS 필드를 설정합니"
+#~ "다\n"
+#~ "  -d, --home-dir <홈디렉터리>    새 사용� 계정� 홈 디렉터리\n"
+#~ "  -D, --defaults                 기본 useradd 설정� 표시하거나 변경합니"
+#~ "다\n"
+#~ "  -e, --expiredate <만료�>      계정 만료 날짜를 <만료�>로 합니다\n"
+#~ "  -f, --inactive <비활성화기간>  만료� 후 비활성화 기간� <비활성화기간>"
+#~ "으로\n"
+#~ "                                 합니다\n"
+#~ "  -g, --gid <그룹>               새 주요 그룹� <그룹>으로 강제로 지정합니"
+#~ "다\n"
+#~ "  -G, --groups <그룹목�>        보조 그룹� 목�� 새로 지정합니다\n"
+#~ "  -h, --help                     � �움�� 표시하고 �냅니다\n"
+#~ "  -k, --skel <SKEL디렉터리>      다른 skel 디렉터리를 지정합니다\n"
+#~ "  -K, --key <키>=<값>            /etc/login.defs� 기본값� 무시하고 설정"
+#~ "합니다\n"
+#~ "  -l, --no-log-init              사용�를 최근 기� � 로그� 실패\n"
+#~ "                                 ��터베�스� 추가하지 않습니다\n"
+#~ "  -m, --create-home              새 사용� 계정� 홈 디렉터리를 만듭니다\n"
+#~ "  -M, --no-create-home           홈 디렉터리를 만들지 않습니다\n"
+#~ "                                 (/etc/login.defs� 설정� 무시합니다)\n"
+#~ "  -o, --non-user-group           사용�와 같� �름� 그룹� 만들지 않습니"
+#~ "다\n"
+#~ "  -o, --non-unique               중복�는 UID� 허용합니다\n"
+#~ "  -p, --password <암호>          새로 사용할 암호를 암호화하여 사용합니"
+#~ "다\n"
+#~ "  -s, --shell <쉘>               지정한 사용� 계정� 로그� 쉘� 지정합니"
+#~ "다\n"
+#~ "  -u, --uid <UID>                지정한 사용� 계정� 새 <UID> 값� 지정합"
+#~ "니다\n"
+#~ "  -U, --user-group               사용�와 같� �름� 그룹� 만듭니다\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -r, --system                  create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "사용법: %s [옵션] [입력]\n"
+#~ "\n"
+#~ "  -c, --crypt-method            암호화 방법 (다� 중 하나: %s)\n"
+#~ "  -r, --system                  시스템 계정� 만듭니다\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "암호가 만료하�� 설정했습니다."
diff --git a/po/nb.po b/po/nb.po
new file mode 100644
index 0000000..7ad1ecb
--- /dev/null
+++ b/po/nb.po
@@ -0,0 +1,3828 @@
+# translation of shadow.po to Norwegian Bokmål
+# Copyright (C) 2004, 2006 Free Software Foundation, Inc.
+# Knut Yrvin <knuty@skolelinux.no>, 2004.
+# Klaus Ade Johnstad <klaus.johnstad@holmlia.gs.oslo.no>, 2004.
+# Klaus Ade Johnstad <klaus@skolelinux.no>, 2004.
+# HÃ¥vard Korsvoll <korsvoll@skulelinux.no>, 2004.
+# Bjørn Steensrud <bjornst@powertech.no>, 2006.
+# Bjørn Steensrud <bjornst@skogkatt.homelinux.org>, 2009, 2012.
+# Hans Fredrik Nordhaug <hans@nordhaug.priv.no>, 2012.
+# Lars Bahner <bahner@debian.org>, 2015
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.17\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2015-09-30 18:15+0100\n"
+"Last-Translator: Bjørn Steensrud <bjornst@skogkatt.homelinux.org>\n"
+"Language-Team: Norwegian Bokmål <i18n-nb@lister.ping.uio.no>\n"
+"Language: nb\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Poedit 1.7.5\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Det er flere innslag med navnet «%s» i %s. Rett på dette med pwck eller "
+"grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "støtter ikke libcrypt crypt-metoden? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "feil med oppsettet –  kan ikke tolke %s-verdi: «%s»"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Fant ikke plass til oppsettsinformasjonen.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "feil med oppsettet - ukjent element «%s» (kontakt administrator)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd avsluttet ikke normallt (signal %d)\n"
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd avsluttet med status %d\n"
+
+msgid "Password: "
+msgstr "Passord: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s's Passord: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "Kan ikke opprette styringshåndtak for SELinux\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "SELinux-praksis blir ikke håndtert\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "Kan ikke lese praksislager for SELinux\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "Kan ikke opprette styringskontakt med SELinux\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "Kan ikke begynne SELinux-transaksjon\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "Klarte ikke spørre seuser etter %s\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "Klarte ikke oppgi serange for %s\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "Klarte ikke oppgi sename for %s\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Klarte ikke endre login-avbildning for %s\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Kan ikke opprette SELinux login-avbildning for %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Klarte ikke å oppgi navn for %s\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "Klarte ikke å oppgi SELinux-bruker for %s\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Klarte ikke legge til login-avbildning for %s\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "Kan ikke klargjøre SELinux-styring\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "Kan ikke opprette SELinux brukernøkkel\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "Kan ikke verifisere SELinux-brukeren\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "Kan ikke endre SELinux login-avbildning\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "Kan ikke legge til SELinux brukeravbildning\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "Kan ikke utføre SELinux-transaksjon\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"Login-avbildning for %s er ikke definert, OK hvis standard avbildning ble "
+"brukt\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+"Login-avbildning for %s er definert i oppsatt praksis, kan ikke slettes\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Kunne ikke slette login-avbildning for %s"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: slapp opp for minne\n"
+
+# , c-format
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: Kan ikke kjøre stat for %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s er verken en mappe eller en symlenke.\n"
+
+# , c-format
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: Kan ikke lese symbolsk lenke %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: Mistenkelig lang symlenke: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: Kan ikke opprette mappa %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: Kan ikke endre eier for %s: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: Kan ikke endre modus for %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: avlenk: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: Kan ikke slette mappa %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: Kan ikke endre navn på  %s til %s: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: Kan ikke fjerne %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: Kan ikke opprette symbolsk lenke %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Kan ikke endre eiere for %s: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: Kan ikke kjøre lstat for %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Advarsel, bruker %s har ingen tcb skyggefil.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Kritisk: %s' tcb-skygge er ikke en regulær fil med st_nlink=1.\n"
+"Kontoen forblir låst.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: Kan ikke åpne %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Advarsel: ukjent gruppe %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Advarsel: for mange grupper\n"
+
+msgid "Your password has expired."
+msgstr "Ditt passord har utgått på dato."
+
+msgid "Your password is inactive."
+msgstr "Ditt passord er ikke aktivert."
+
+msgid "Your login has expired."
+msgstr "Din login har utgått på dato."
+
+msgid "  Contact the system administrator."
+msgstr "  Kontakt systemadministrator."
+
+msgid "  Choose a new password."
+msgstr "  Velg et nytt passord."
+
+msgid "You must change your password."
+msgstr "Du må endre passordet ditt."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Ditt passord vil utløpe om %ld dager.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Ditt passord vil utløpe i morgen."
+
+msgid "Your password will expire today."
+msgstr "Ditt passord vil utløpe i dag."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Kan ikke åpne kontrollgrensesnitt – avbryter.\n"
+
+# , c-format
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Kan ikke endre eier eller rettigheter til tty stdin: %s"
+
+# , c-format
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: klarte ikke å låse opp %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Miljøet er overfylt\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Du kan ikke endre $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d mislykket siden forrige innlogging.\n"
+"Forrige var %s på %s.\n"
+msgstr[1] ""
+"%d mislykte siden forrige innlogging.\n"
+"Forrige var %s på %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Ugyldige innstillinger: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ugyldige innstillinger: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: klarte ikke å tilordne minne: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: Klarer ikke å få entydig system-GID (ingen flere GID-er tilgjengelig)\n"
+
+# , c-format
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Klarer ikke å få entydig GID (ingen flere GID-er tilgjengelig)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Ugyldige innstillinger: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ugyldige innstillinger: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+# , c-format
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: Klarer ikke å få entydig system-UID (ingen flere UID-er tilgjengelig)\n"
+
+# , c-format
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: klarer ikke å få entydig UID (ingen flere UID-er tilgjengelig)\n"
+
+msgid "Too many logins.\n"
+msgstr "For mange innlogginger.\n"
+
+msgid "You have new mail."
+msgstr "Du har fått ny epost."
+
+msgid "No mail."
+msgstr "Ingen epost."
+
+msgid "You have mail."
+msgstr "Du har epost."
+
+msgid "no change"
+msgstr "ingen endring"
+
+msgid "a palindrome"
+msgstr "et palindrom"
+
+msgid "case changes only"
+msgstr "bare endring i store/små bokstaver"
+
+msgid "too similar"
+msgstr "for likt"
+
+msgid "too simple"
+msgstr "for enkelt"
+
+msgid "rotated"
+msgstr "rotert"
+
+msgid "too short"
+msgstr "for kort"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "DÃ¥rlig passord: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() mislyktes, feil %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: passordet er uendret\n"
+
+#, fuzzy
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: passordet ble oppdatert\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Feil passord for «%s».\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: flere --root-valg\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: valget «%s» må ha et argument\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: klarte ikke minske privilegier (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: ugyldig chroot-sti «%s»\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: kan ikke få tilgang til chroot-mappa %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot access chroot directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: kan ikke få tilgang til chroot-mappa %s: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: kan ikke chroot til mappa %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Ugyldig verdi for ENCRYPT_METHOD: «%s»\n"
+"Faller tilbake til DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Klarte ikke endre mappe til «%s»\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Ingen hjemmemappe, logger inn med HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Kan ikke utføre %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Ugyldig rot-mappe «%s»\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Kan ikke endre rot-mappa til «%s»\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Kan ikke finne ut ditt terminalnavn."
+
+msgid "No"
+msgstr "Nei"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] LOGIN\n"
+"\n"
+"Valg:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+"  -d, --lastday SISTE_DAG        sett dato for siste passordendring til "
+"SISTE_DAG\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr " -E --expiredate UTLØPSDATO sett kontoens utløpsdato til UTLØPSDATO\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr "  -h, --help                    vis denne hjelpen og avslutt\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive INAKTIV        når kontoen er utløpt, så sett passordet til "
+"INAKTIV\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr "  -l, --list                    vis aldringsinformasjon for kontoen\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays MIN_DAGER     sett minste antall dager før passord\n"
+"                                må endres til MIN_DAGER\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -m, --maxdays MAX_DAGER     sett største antall dager før passord\n"
+"                                må endres til MAX_DAGER\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -R, --root CHROOT_MAPPE     mappe det shal chrootes til\n"
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -W, --warndays VARSLE_DGR     varsle om at kontoen går ut på dato når det "
+"er VARSLE_DGR igjen\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+"Skriv inn den nye verdien, eller trykk ENTER for å bruke forvalgt "
+"standardverdi"
+
+msgid "Minimum Password Age"
+msgstr "Minimum gyldighetsperiode på passord"
+
+msgid "Maximum Password Age"
+msgstr "Maksimum gyldighetsperiode på passord"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Siste endring av passord (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Varsel når passordet snart går ut på dato"
+
+msgid "Password Inactive"
+msgstr "Inaktivt passord"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Konto utløper (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Siste endring av passord\t\t\t\t\t: "
+
+msgid "never"
+msgstr "aldri"
+
+msgid "password must be changed"
+msgstr "passordet må endres"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Passord utløper\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Passordet inaktivt\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Kontoen utløper\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Minste antall dager mellom passord-endring\t\t\t:%ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Største antall dager mellom passord-endring\t\t\t:%ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Antall dager med varsling før passordet utløper:\t\t%ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: ugyldig dato «%s»\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: ugyldig numerisk argument «%s»\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: ikke ta med «l» sammen med andre valg\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Ikke tillatelse.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Kan ikke avgjøre ditt brukernavn.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: kan ikke låse %s; prøv igjen senere.\n"
+
+# , c-format
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: kan ikke åpne %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: feilet mens endringer skrives til %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: klarte ikke lage det nye %s-innslaget «%s»\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: skyggepassordfila finnes ikke\n"
+
+# , c-format
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: bruker «%s» finnes ikke i %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Endrer aldringsinformasjon for %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: feil ved endring i feltene\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] [LOGIN]\n"
+"\n"
+"Valg:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr "  -f, --full-name FULLT_NAVN    endre brukerens fulle navn\n"
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr "  -h, --home-phone HJEMMETLF   endre brukerens hjemme-telefonnummer\n"
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+"  -o, --other ANNEN_INFO        endre brukerens annen informasjon i GECOS\n"
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr "  -r, --room ROM_NUMMER        endre brukerens romnummer\n"
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr "  -h, --help                    vis denne hjelpen og avslutt\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr "  -w, --work-phone JOBBTELEFON     endre brukerens jobbtelefonnummer\n"
+
+msgid "Full Name"
+msgstr "Fullt navn"
+
+# , c-format
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Romnummer"
+
+msgid "Work Phone"
+msgstr "Jobbtelefon"
+
+msgid "Home Phone"
+msgstr "Hjemmetelefon"
+
+msgid "Other"
+msgstr "Annet"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Kan ikke endre ID til root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: navn med ikke-ASCII tegn: «%s»\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: ugyldig navn: «%s»\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: romnummer med ikke-ASCII tegn: «%s»\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: ugyldig romnummer: «%s»\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: ugyldig jobbtelefon: «%s»\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: ugyldig hjemmetelefon: «%s»\n"
+
+# , c-format
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: «%s» inneholder tegn som ikke er i ASCII\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: «%s» inneholder ugyldige tegn\n"
+
+# , c-format
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: bruker «%s» finnes ikke\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: kan ikke endre bruker «%s» på NIS-klienten.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: «%s» er NIS-sjefen for denne klienten.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Endrer brukerinformasjon for %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: feltene er for lange\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] \n"
+"\n"
+"Valg:\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method METODE     crypt-metoden (en av %s)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+"  -e, --encrypted               passord som blir oppgitt er krypterte\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     krypter klartekst-passordet med \n"
+"                                MD5-algoritmen\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"  -s, --sha-rounds              antall SHA-runder for  SHA*\n"
+"                                kryptoalgoritmene\n"
+
+# , c-format
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: %s er bare tillatt sammen med %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: valgene -c, -e og -m utelukker hverandre\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: ikke støtte for krypteringsmetode: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: linje %d: linja er for lang\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: linje %d: mangler nytt passord\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: Klarte ikke skrive %s: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: linje %d: gruppa «%s» finnes ikke\n"
+
+# , c-format
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: linje %d: klarte ikke lage det nye %s-innslaget «%s»\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: feil funnet, endringer er ikke utført\n"
+
+# , c-format
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (linje %d: bruker %s) passordet er ikke endret\n"
+
+# , c-format
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: linje %d: bruker «%s» finnes ikke\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+"  -s, --shell SHELL             nytt innloggingsskall for brukerkontoen\n"
+
+msgid "Login Shell"
+msgstr "Innloggingsskall"
+
+# , c-format
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Du kan ikke endre skallet til «%s».\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Endrer innloggingsskall for %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Ugyldig inntasting: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s er et ugyldig skall\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Advarsel: %s finnes ikke\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Advarsel: %s er ikke kjørbar\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+"  -c, --check                   kontroller foreldelse for brukerens passord\n"
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+"  -f, --force                   tving fram passordendring hvis brukerens "
+"passord\n"
+"                                er utløpt\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: konflikt mellom valgene %s og %s\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: uventet argument: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+"  -a, --all                     vis faillog -oppføringer for alle brukere\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-secs SEK           etter mislykket innlogging lås kontoen i SEK "
+"sekunder\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum MAKS            sett tellere for høyeste antall mislykket "
+"innlogginger til MAKS\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+"  -r, --reset                   tilbakestill tellere for mislykte "
+"innlogginger\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr "  -t, --time DAGER              vis faillog-poster nyere enn DAGER\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user LOGIN/OMRÃ…DE  vis faillog-poster eller behandle tellere og \n"
+"                                grenser for innloggingsfeil (hvis brukt med -"
+"r,\n"
+"                                -m eller -l ) bare for oppgitte LOGIN(er)\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Klarte ikke hente innslag for UID %lu\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Logginn       Mislykt Maksimum Siste                   PÃ¥\n"
+
+# , c-format
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus igjen]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds lås]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Klarte ikke tilbakestille mislykt-telling for UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Klarte ikke sette maksimum for UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Klarte ikke sette låsetid for UID %lu\n"
+
+# , c-format
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Ukjent bruker eller område: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Kan ikke finne størrelse på %s: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Klarte ikke skrive %s: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] GRUPPE\n"
+"\n"
+"Valg:\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add BRUKER             legg til BRUKER til GRUPPE\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete BRUKER           fjern BRUKER fra GRUPPE\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -Q, --root CHROOT_MAPPE     mappe det shal chrootes til\n"
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr "  -r, --remove-password         fjern GRUPPEs passord\n"
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+"  -R, --restrict                la bare medlemmer få adgang til GRUPPE\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr "  -M, --members BRUKER,...      sett liste over medlemmer av GRUPPE\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators ADMIN,...\n"
+"                                oppgi liste over administratorer for GRUPPE\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Valgene kan ikke kombineres, unntatt -A og -M.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Valgene kan ikke kombineres.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: skygge-gruppepassord kreves for -A\n"
+
+# , c-format
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: gruppa «%s» finnes ikke i %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: feilet mens skrivebeskyttet %s ble lukket\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Endrer passordet for gruppa %s\n"
+
+msgid "New Password: "
+msgstr "Nytt passord: "
+
+msgid "Re-enter new password: "
+msgstr "Skriv inn passordet på nytt: "
+
+msgid "They don't match; try again"
+msgstr "Passordene var ikke like, prøv igjen"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Prøv igjen senere\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Legger til brukere i  %s gruppa %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Fjerner brukeren %s fra gruppa %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: bruker «%s» er ikke medlem i «%s»\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Ikke en tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] GRUPPE\n"
+"\n"
+"Valg:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force                  avslutt normalt hvis gruppa finnes fra før\n"
+"                                og kanseller -g hvis GID-en er i bruk fra "
+"før\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr "  -g, --gid GID                 bruk GID for den nye gruppa\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+" -K. --key NØKKEL=VERDI     overstyr standarverdier fra /etc/login.defs\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              tillat å opprette grupper med dupliserte\n"
+"                                (ikke-unike) GID-er\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+"  -p, --password PASSWORD       bruk dette krypterte passordet for den nye "
+"gruppa\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  opprett en systemkonto\n"
+
+# , c-format
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: «%s» er ikke et gyldig gruppenavn\n"
+
+# , c-format
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: ugyldig gruppe-ID «%s»\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K krever NØKKEL=VERDI\n"
+
+# , c-format
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: gruppa «%s» finnes fra før\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s; GID «%lu» finnes fra før.\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Kan ikke sette opp oppryddingstjeneste.\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -r, --reset                   reset the counters of login failures\n"
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+"  -r, --reset                   tilbakestill tellere for mislykte "
+"innlogginger\n"
+
+# , c-format
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: kunne ikke fjerne innslaget «%s» fra %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: kan ikke fjerne hovedgruppa til bruker «%s».\n"
+
+# , c-format
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: gruppa «%s» finnes ikke\n"
+
+# , c-format
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: gruppe «%s» er en NIS gruppe\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s er NIS sjefen\n"
+
+# , c-format
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: bruker «%s» er allerede medlem av «%s»\n"
+
+# , c-format
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: slapp opp for minne. Kan ikke oppdatere %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] [handling]\n"
+"\n"
+"Valg:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group gruppenavn         endre gruppenavn i stedet for brukerens "
+"gruppe\n"
+"                                (bare root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Handlinger:\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+"  -a, --add brukernavn             legg til brukernavn til medlemmene av "
+"gruppa\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+"  -d, --delete brukernavn        fjern brukernavn fra medlemmene av gruppa\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr "  -p, --purge                   rens ut alle medlemmer fra gruppa\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    list medlemmene av gruppa\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: gruppenavnet ditt passer ikke med brukernavnet ditt\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: bare root kan bruke valget -g/--group\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr "  -g, --gid GID                 endre gruppe-ID til GID\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr "  -n, --new-name NY_GRUPPE      endre navnet til NY-GRUPPE\n"
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              tillat å bruke en duplisert (ikke-unik) GID\n"
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+"  -p, --password PASSORD       endre passordet til dette (krypterte)\n"
+"                                PASSORDet\n"
+
+# , c-format
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: ugyldig gruppenavn «%s»\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: gruppa %s er en NIS gruppe\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: ukjent bruker %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] [gruppe [gskygge]]\n"
+"\n"
+"Valg:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] [gruppe]\n"
+"\n"
+"Valg:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+"  -r, --read-only               vis advarsler og feilmeldinger\n"
+"                                men ikke endre noen filer\n"
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr "  -s, --sort                    sorter oppføringer etter UID\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s og -r passer ikke sammen\n"
+
+msgid "invalid group file entry"
+msgstr "ugyldig oppføring i gruppefila"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "slette linje «%s»? "
+
+msgid "duplicate group entry"
+msgstr "duplisert gruppeoppføring"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "ugyldig gruppenavn «%s»\n"
+
+# , c-format
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "ugyldig gruppe-ID «%lu»\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "gruppe %s: ingen bruker %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "slett medlem «%s»? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "fant ingen tilsvarende oppføring i %s\n"
+
+# , c-format
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "legg til gruppe «%s» i %s? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"gruppe %s har en oppføring i %s, men passordfeltet i %s er ikke satt til "
+"«x»\n"
+
+msgid "invalid shadow group file entry"
+msgstr "ugyldig oppføring i skygge-gruppefila"
+
+msgid "duplicate shadow group entry"
+msgstr "duplisert skygge-gruppeoppføring"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "skygge-gruppe %s: ingen administrativ bruker %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "slett administrativt medlem «%s»? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "skygge-gruppe %s: ingen bruker %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: filene er blitt oppdatert\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: ingen endringer\n"
+
+# , c-format
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: kan ikke slette %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Bruk: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Bruk: id\n"
+
+msgid " groups="
+msgstr " grupper="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+"  -b, --before DAGER            skriv ut bare lastlog-poster eldre enn "
+"DAGER\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+"  -a, --all                     vis faillog -oppføringer for alle brukere\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+"  -a, --all                     vis faillog -oppføringer for alle brukere\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time DAGER            skriv ut bare lastlog-poster nyere enn DAGER\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+"  -u, --user LOGIN              skriv ut lastlog for den oppgitte LOGIN\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "Brukernavn         Port     Fra             Sist"
+
+msgid "Username                Port     Latest"
+msgstr "Brukernavn                Port     Sist"
+
+msgid "**Never logged in**"
+msgstr "**Aldri vært innlogget**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Klarte ikke hente innslag for UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: kan ikke oppdatere passordfila\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Bruk: %s [-p] [navn]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "      %s [-p] [-h host] [-f navn]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "      %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "feil med oppsettet –  kan ikke tolke %s-verdi: «%d»"
+
+msgid "Invalid login time"
+msgstr "Ugyldig tidspunkt for innlogging"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Systemet stengt for rutinemessig vedlikehold"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Frakobling omgått - root-innlogging tillatt.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Kan umulig virke uten effektiv root\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr "Ingen oppføring i utmp. Du må kjøre «login» fra «sh» på laveste nivå"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Innlogging avbrutt på tid etter %u sekunder.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM mislyktes, avbryter: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Maks. antall forsøk er overskredet (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: PAM ber om avbrytelse\n"
+
+msgid "Login incorrect"
+msgstr "Ugyldig innlogging"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Kan ikke finne bruker (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: mislykket utspalting: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSTTY mislyktes på %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Advarsel: innlogging reaktivert etter midlertidig stenging."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Forrige login: %s på %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Forrige login: %.19s på %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " fra %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"innloggingstid overskredet\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Bruk: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Bruk: newgrp [-] [gruppe]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Bruk: sg group [[-c] command]\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: Klarte ikke skrive %s: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Ugyldig passord.\n"
+
+# , c-format
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: mislykket utspalting: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID «%lu» finnes ikke\n"
+
+msgid "too many groups\n"
+msgstr "for mange grupper\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  opprett systemkontoer\n"
+
+# , c-format
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: gruppa «%s» er en skyggegruppe, men finnes ikke i /etc/group\n"
+
+# , c-format
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: ugyldig bruker-ID «%s»\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: ugyldig brukernavn «%s»\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: linje %d: ugyldig linje\n"
+
+# , c-format
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: klarer ikke å oppdatere oppføring for bruker %s (ikke i passwd-"
+"databasen)\n"
+
+# , c-format
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: linje %d: kan ikke opprette bruker\n"
+
+# , c-format
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: linje %d: kan ikke opprette gruppe\n"
+
+# , c-format
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: linje %d: bruker «%s» finnes ikke i %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: linje %d: kan ikke oppdatere passord\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: linje %d: mkdir %s mislyktes: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: linje %d: chown %s mislyktes: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: linje %d: kan ikke oppdatere oppføring\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: klarte ikke lage det nye %s-innslaget «%s»\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: kan ikke opprette bruker\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: kan ikke oppdatere gruppefila\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+"  -a, --all                     rapporter passordstatus for alle kontoer\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+"  -d, --delete                  slett passordet for den oppgitte kontoen\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  la passordet for den oppgitte kontoen "
+"utløpe\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+"  -k, --keep-tokens             endre passord bare hvis det er utløpt\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive INAKTIV        når kontoen er utløpt, så sett passordet til "
+"INAKTIV\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr "  -L, --lock                  lås passordet for den oppgitte kontoen\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays MIN_DAGER     sett minste antall dager før passord\n"
+"                                må endres til MIN_DAGER\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   stille modus\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr "  -r, --repository LAGER        endre passord i lageret LAGER\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+"  -S, --status                     rapporter passordstatus for den oppgitte "
+"kontoen\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+"  -u, --unlock                  lås opp passordet for den oppgitte kontoen\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -w, --warndays VARSLE_DGR     varsle om at kontoen går ut på dato når det "
+"er VARSLE_DGR igjen\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays MAX_DAGER     sett største antall dager før passord\n"
+"                                må endres til MAX_DAGER\n"
+
+msgid "Old password: "
+msgstr "Gammelt passord: "
+
+# , c-format
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Skriv inn det nye passordet (minst %d tegn)\n"
+"Bruk en kombinasjon av store og små bokstaver, og tall.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Skriv inn det nye passordet (minst %d, høyst %d tegn)\n"
+"Bruk en kombinasjon av store og små bokstaver, og tall.\n"
+
+msgid "New password: "
+msgstr "Nytt passord: "
+
+msgid "Try again."
+msgstr "Prøv igjen."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Advarsel: svakt passord (skriv det inn igjen for å bruke det likevel)."
+
+msgid "They don't match; try again.\n"
+msgstr "Passordene var ikke like, prøv igjen.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Passordet for %s kan ikke endres.\n"
+
+# , c-format
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Passordet for %s kan ikke endres ennå.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: om passordet låses opp dannes en konto uten passord.\n"
+"Du bør oppgi et passord med usermod -p for å låse opp passordet for denne "
+"kontoen.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: ikke støtte for lager %s\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s har ikke rett til å endre passord for %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Du kan ikke vise eller endre passordinformasjon for %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Endrer passordet for %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Passordet for %s er uendret.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: passordet er endret.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: informasjon om utløp av passord er endret.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] [passord]\n"
+"\n"
+"Valg:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] [passord] [skygge]\n"
+"\n"
+"Valg:\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr "  -q, --quiet                   meld fra bare om feil\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: det er ikke tillatt med alternativ skyggefil når USE_TCB er slått på.\n"
+
+msgid "invalid password file entry"
+msgstr "ugyldig oppføring i passordfila"
+
+msgid "duplicate password entry"
+msgstr "duplisert oppføring i passordfila"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "ugyldig brukernavn «%s»\n"
+
+# , c-format
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "ugyldig bruker-ID  «%lu»\n"
+
+# , c-format
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "bruker «%s»: ingen gruppe %lu\n"
+
+# , c-format
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "bruker «%s»: mappe «%s» finnes ikke\n"
+
+# , c-format
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "bruker «%s»: programmet «%s» finnes ikke\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "ingen tcb-mappe for %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "opprette tcb-mappe for %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "klarte ikke opprette tcb-mappe for %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: kan ikke låse %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "fant ingen tilsvarende passordoppføring i %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "legg til bruker «%s» i %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"bruker %s har en oppføring i %s, men passordfeltet i %s er ikke satt til "
+"«x»\n"
+
+msgid "invalid shadow password file entry"
+msgstr "ugyldig oppføring i skygge-passordfila"
+
+msgid "duplicate shadow password entry"
+msgstr "duplisert oppføring i skygge-passordfila"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "bruker %s: siste passordendring i fremtiden\n"
+
+# , c-format
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: kan ikke sortere oppføringer i %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: kan ikke virke med tcb slått på\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: klarte ikke endre rettigheter på %s til 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "NEKTET tilgang til su til den kontoen.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Passordautentisering forbi-koblet.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Oppgi ditt EGET passord som autentisering.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Kan ikke spalte ut brukerskall\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: funksjonsfeil ved signal\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: funksjonsfeil ved signalmasking\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Økt avsluttet, avslutter skall ..."
+
+msgid " ...killed.\n"
+msgstr " … drept.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ... venter på at barneprosess avslutter.\n"
+
+msgid " ...terminated.\n"
+msgstr " … avsluttet.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Bruk: su [valg] [konto]\n"
+"\n"
+"Valg:\n"
+"  -c, --command KOMMANDO        send KOMMANDO til det skallet som startes\n"
+"  -h, --help                    vis denne hjelpeteksten og avslutt\n"
+"  -, -l, --login                gjør det nye skallet til en login-skall\n"
+"  -m, -p,\n"
+"  --preserve-environment        ikke endre miljøvariabler, og behold\n"
+"                                det samme skalletn\n"
+"  -s, --shell SKALL             bruk SKALL i stedet for standardskallet i "
+"passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorert)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Du har ikke adgang til å su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Oppgi ditt eget passord)"
+
+# , c-format
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: Autentisering mislyktes\n"
+
+# , c-format
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Du har ikke adgang til å su på den tiden\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "Ingen oppføring for bruker «%s» i passordfila\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: må kjøres fra en terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: feil %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Kan ikke slippe den styrende terminalen\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Kan ikke kjøre %s\n"
+
+msgid "No password file"
+msgstr "Ingen passordfil"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSTTY mislyktes"
+
+msgid "No password entry for 'root'"
+msgstr "Ingen oppføring for «root» i passordfila"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Bruk control-d for å fortsette med normal oppstart,\n"
+"(eller skriv inn root passordet for å starte maskinen i vedlikeholdsmodus):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Starter systemvedlikeholds-modus"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s ble opprettet, men kunne ikke fjernes\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: oppsettet for %s i %s vil bli ignorert\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: klarer ikke å opprette ny «defaults»-fil\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: klarer ikke å åpne ny «defaults»-fil\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: for lang linje i %s: %s ..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Kan ikke opprette symbolsk lenke %s: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: gi nytt navn: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: gruppe «%s» er en NIS gruppe.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: for mange grupper oppgitt (maks %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Bruk: %s [valg] LOGIN\n"
+"       %s -D\n"
+"       %s -D [valg]\n"
+"\n"
+"Valg:\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -b, --base-dir BASIS       basismappe for hjemmemappa til den\n"
+"                                nye kontoen\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr "  -c, --comment KOMMENTAR       GECOS-feltet for den nye kontoen\n"
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr "  -d, --home-dir HJEMMEMAPPE    hjemmemappe for den nye kontoen\n"
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+"  -D, --defaults                skriv ut eller endre standard useradd-"
+"oppsett\n"
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr " -e --expiredate UTLØPSDATO    utløpsdato for den nye kontoen\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+"  -f, --inactive INAKTIVE        hvor lenge etter utløp kan passordet ennå "
+"brukes\n"
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+"  -g, --gid GRUPPE              navn eller ID for primærgruppe for den nye "
+"kontoen\n"
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+"  -G, --groups GRUPPER          liste over ekstra GRUPPER for den nye "
+"kontoen\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr "  -k, --skel SKEL_DIR           bruk denne alternative skjelettmappa\n"
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -l, --no-log-init             ikke legg til brukeren i databasene lastlog "
+"og faillog\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr "  -m, --create-home          opprett brukerens hjemmemappe\n"
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr "  -M, --no-create-home          ikke opprett brukerens hjemmemappe\n"
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+"  -N, --no-user-group           ikke opprett en gruppe med samme navn som "
+"brukeren\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              tillat å opprette brukere med dupliserte "
+"(ikke-unike) UID-er\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr "  -p, --password PASSORD        kryptert passord for den nye kontoen\n"
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr "  -s, --shell SHELL             innloggingsskall for den nye kontoen\n"
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr "  -u, --uid UID                 bruker-ID for den nye kontoen\n"
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+"  -U, --user-group              opprett en gruppe med samme navn som "
+"brukeren\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+"  -Z, --selinux-user SEBRUKER     bruk en bestemt bruker SEBRUKER for "
+"SELinux brukeravbildning\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: ugyldig basismappe «%s»\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: ugyldig kommentar «%s»\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: ugyldig hjemmemappe «%s»\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: skyggepassord kreves for -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: skyggepassord kreves for -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: ugyldig felt «%s»\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: ugyldig skall «%s»\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z krever kjerne som har SELinux slått på\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: klarte ikke nullstille faillog-innslaget for UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: klarte ikke nullstille lastlog-innslaget for UID %lu: %s\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: klarte ikke lage det nye %s-innslaget «%s»\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: kan ikke opprette mappa %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Oppretter postkasse-fil"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Gruppa «mail» finnes ikke. Oppretter brukerens postkassefil med rettighet "
+"0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Setter rettigheter for postkassefil"
+
+# , c-format
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: bruker «%s» finnes fra før\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: gruppa %s finnes - hvis du vil legge til denne brukeren til denne "
+"gruppa, bruk -g.\n"
+
+# , c-format
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: kan ikke opprette bruker\n"
+
+# , c-format
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu er ikke entydig\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: Klarte ikke opprette tcb-mappe for %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: kan ikke opprette gruppa\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: kan ikke opprette bruker\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: kan ikke opprette gruppa\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: advarsel: hjemmemappa finnes fra før.\n"
+"Kopierer ikke filer dit fra skel-mappa.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: advarsel: klarte ikke å avbilde brukernavn %s til %s SELinux-bruker.\n"
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   fjern filer «med makt»,\n"
+"                                selv om brukeren ikke eier dem\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr "  -r, --remove                  fjern hjemmemappe og e-postlager\n"
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+"  -Z, --selinux-user            fjern SELinux avbildninger for brukeren\n"
+
+# , c-format
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: gruppa %s ikke fjernet fordi den ikke er  hovedgruppa til bruker %s.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: gruppa %s ble ikke fjernet fordi den har andre medlemmer.\n"
+
+# , c-format
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: gruppa %s er en primærgruppe for en annen bruker og blir ikke fjernet.\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: kunne ikke fjerne innslaget «%s» fra %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s e-postlager (%s) ikke funnet.\n"
+
+# , c-format
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: advarsel: kan ikke fjerne %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s ikke eid av %s, ikke fjernet\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s: Kan ikke tilordne minne, tcb-oppføring for %s er ikke fjernet.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Kan ikke minske privilegier: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Kan ikke fjerne innholdet i %s: %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: Kan ikke fjerne tcb-filer for %s:  %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: bruker %s er en NIS bruker\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: fant ikke hjemmemappe for %s (%s)\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: fjerner ikke mappa %s (det ville fjerne hjemmemappa til bruker %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: feil ved fjerning av mappe %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: advarsel: klarte ikke å fjerne avbildning av brukernavn %s til SELinux-"
+"bruker.\n"
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment KOMMENTAR       ny verdi for GECOS-feltet\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr "  -d, --home HJEMMEMAPPE      ny hjemmemappe for brukerkontoen\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -e, --expiredate UTLØPSDATO  sett kontoens utløpsdato til UTLØPSDATO\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive INAKTIV        når kontoen er utløpt og inaktiv, så sett\n"
+"                                 passordet til INAKTIV\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr "  -g, --gid GRUPPE              bruk GRUPPE som ny primærgruppe\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr "  -G, --groups GRUPPER          ny liste over ekstra GRUPPEr\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+"  -a, --append                  legg til brukeren i de ekstra gruppene "
+"listet i \n"
+"                                 valget -G option uten å fjerne ham/henne\n"
+"                                fra andre grupper\n"
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login NY_LOGIN         ny verdi for login-navnet\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    lås brukerkontoen\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home      flytt innholdet i hjemmemappa til det nye stedet\n"
+"                                  (brukes bare med -d)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              tillat bruk av dupliserte (ikke-unike) UID-"
+"er\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+"  -p, --password PASSWORD       bruk kryptert passord for det nye passordet\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr "  -u, --uid UID                 ny UID for brukerkontoen\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr "  -U, --unlock                  lås opp brukerkontoen\n"
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -Z, --selinux-user SEUSER     ny SELinux brukeravbildning for "
+"brukerkontoen\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: om brukerens passord låses opp oppstår det en passordløs konto.\n"
+"For å låse opp denne brukerens passord bør du bruke usermod -p.\n"
+
+# , c-format
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: bruker «%s» finnes fra før i %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: ugyldig dato «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: ugyldig dato «%s»\n"
+
+# , c-format
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: ingen valg\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: valgene -L, -p og -U utelukker hverandre\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: skyggepassord kreves for -e og -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID «%lu» finnes fra før\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s har ikke rett til å endre passord for %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: mappa %s finnes\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Forrige hjemmemappe (%s) var ikke en mappe. Den er ikke fjernet og ingen "
+"hjemmemaper er opprettet.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Klarte ikke å endre eierskap til hjemmemappa"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: advarsel: klarte ikke å fullstendig fjerne den gamle hjemmemappa %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: kunne ikke endre navn på mappa %s til %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: klarte ikke å kopiere lastlog-innslaget for bruker %lu til bruker %lu: "
+"%s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: klarte ikke å kopiere faillog-innslaget for bruker %lu til bruker %lu: "
+"%s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: advarsel: %s er ikke eid av %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "klarte ikke å endre eier av mailbox"
+
+msgid "failed to rename mailbox"
+msgstr "klarte ikke å endre navn på mailbox"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: klarte ikke lage det nye %s-innslaget «%s»\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: klarte ikke lage det nye %s-innslaget «%s»\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: klarte ikke lage det nye %s-innslaget «%s»\n"
+
+# , c-format
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: klarte ikke lage det nye %s-innslaget «%s»\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Du har endret %s.\n"
+"Det kan være du må endre %s for sammenhengen.\n"
+"Bruk kommandoen «%s» til dette.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group              rediger group-database\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd              rediger passwd-database\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr "  -s,--shadow             rediger shadow eller gshadow-database\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr "  -u, --user         hvilken brukers tcb skyggefil skal redigeres\n"
+
+# , c-format
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: klarte ikke fjerne %s\n"
+
+# , c-format
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s er ikke endret\n"
+
+msgid "failed to create scratch directory"
+msgstr "klarte ikke å opprette kladdemappe"
+
+msgid "failed to drop privileges"
+msgstr "klarte ikke minske privilegier"
+
+msgid "Couldn't get file context"
+msgstr "Klarte ikke finne kontekst for fil"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () mislyktes"
+
+msgid "failed to gain privileges"
+msgstr "klarte ikke skaffe privile"
+
+msgid "Couldn't lock file"
+msgstr "Kunne ikke låse fil"
+
+msgid "Couldn't make backup"
+msgstr "Kunne ikke lage backup"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: nscd avsluttet med status %d"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "klarte ikke å åpne kladdefil"
+
+# , c-format
+msgid "failed to unlink scratch file"
+msgstr "klarte ikke å avlenke kladdefila"
+
+msgid "failed to stat edited file"
+msgstr "klarte ikke å kjøre «stat» på redigert fil"
+
+msgid "failed to allocate memory"
+msgstr "klarte ikke å tilordne minne"
+
+msgid "failed to create backup file"
+msgstr "klarte ikke å opprette sikringskopi-fil"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: kan ikke gjenopprette %s: %s (dine endringer befinner seg i %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: klarte ikke å finne tcb-mappe for %s\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Bruk: %s [input]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) mislyktes\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -d, --lastday LAST_DAY        set last password change to LAST_DAY\n"
+#~| "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --list                    show account aging information\n"
+#~| "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "  -W, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: chage [valg] [bruker]\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ "  -d, --lastday SISTE_DAG       angi at siste passord-endring skjedde "
+#~ "SISTE_DAG\n"
+#~ "  -E, --expiredate UTLØPSDATO   angi at kontoen utløper UTLØPSDATO\n"
+#~ "  -h, .--help                   vis denne hjelpeteksten og avslutt\n"
+#~ "  -I, --inaktive INAKTIV        angi at passordet settes inaktivt etter "
+#~ "utløp\n"
+#~ "  -l, --list                    vis informasjon om kontoens aldring og "
+#~ "utløp\n"
+#~ "  m, --mindays MIN_DAGER        oppgir at passordet først kan endres "
+#~ "etter\n"
+#~ "                                MIN_DAGER\n"
+#~ "  M, --maxdays MAKS_DAGER       oppgir at passordet må endres før det er\n"
+#~ "                                gått MAKS_DAGER\n"
+#~ "  -W, --warndays VARSLDAGER     etter VARSLDAGER varsles bruker om at\n"
+#~ "                                passordet snart utløper\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM autentisering mislyktes\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Bruk: %s [-f fullt_navn] [-r rom_nr] [-w jobbtlf]\n"
+#~ "\t[-h hjemmetlf] [-o annet] [bruker]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr "Bruk: %s [-f fullt_navn] [-r rom_nr] [-w jobbtlf] [-h hjemmetlf]\n"
+
+# , c-format
+#, fuzzy
+#~| msgid ""
+#~| "Usage: %s [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~| "  -e, --encrypted               supplied passwords are encrypted\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -m, --md5                     encrypt the clear text password using\n"
+#~| "                                the MD5 algorithm\n"
+#~| "%s\n"
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Bruk: %s [valg]\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ "  -c, --crypt-method        krypteringsmetode (en av %s)\n"
+#~ "  -e, --encrypted               oppgitte passord er krypterte\n"
+#~ "  h, --help                     vis denne hjelpeteksten og avslutt\n"
+#~ "  -m, --md5                     krypter klartekst-passordene med\n"
+#~ "                                 MD5-algoritmen\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: chsh [valg] LOGIN\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ "  -h, --help        vis denne meldingen og avslutt\n"
+#~ "  -s, --shell SKALL      nytt innloggingsskall for brukerkontoen\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Bruk: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "faillog: Failed to get the entry for UID %d\n"
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: klarte ikke finne oppføring for UID %d\n"
+
+# , c-format
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: Kan ikke åpne %s:%s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: Kan ikke finne størrelse av %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Bruk: groupdel gruppe\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Bruk: %s [-r] [-s] [gruppe [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Bruk: %s [-r] [-s] [gruppe]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s og -r kan ikke brukes samtidig\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Bruk: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Bruk: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: lastlog [valg]\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ "  -b, --before DAGER            skriv bare oppføringer eldre enn DAGER\n"
+#~ "  -h, --help                    vis denne hjelpeteksten og avslutt\n"
+#~ "  -t, --time DAGER              skriv bare oppføringer nyere enn DAGER\n"
+#~ "  -u, --user BRUKER             skriv oppføringer for bruker BRUKER\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: passwd [valg] [bruker]\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ "  -a, --all                     rapporter passordstatus for alle kontoer\n"
+#~ "  -d, --delete                  slett passordet for oppgitt konto\n"
+#~ "  -e, --expire                  angi at passordet for konten er utgått\n"
+#~ "  -h, --help                    vis denne hjelpeteksten og avslutt\n"
+#~ "  -k, --keep-tokens             endre passord bare hvis utgått\n"
+#~ "  -i, --inactive INAKTIV        set passord inaktivt etter utløp til "
+#~ "INAKTIV\n"
+#~ "  -l, --lock                    lås oppgitt konto\n"
+#~ "  -n, --mindays MIN_DAGER       angi at passord ikke kan endres før "
+#~ "etter\n"
+#~ "                                MIN_DAGER\n"
+#~ "  -q, --quiet                   ordknapp kjøremåte\n"
+#~ "  -r, --repository LAGER        endre passord i lageret LAGER\n"
+#~ "  -S, --status                  rapporter passordstatus på oppgitt konto\n"
+#~ "  -u, .--unlock                 lås opp oppgitt konto\n"
+#~ "  -w, --warndays DAGER          varsle om utgått passord DAGER før utløp\n"
+#~ "  -x, --maxdays MAX_DAGER           passordet må endres før det er gått "
+#~ "MAX_DAGER\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Bruk: %s [-q] [-r] [-s] [passord [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Bruk: %s [-q] [-r] [-s] [passord [shadow]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Bruk: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Bruk: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Ukjent id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Mangler skall\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: userdel [valg] LOGIN\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ "  -f, --force                   slett filer, selv om det ikke er\n"
+#~ "                                brukeren som eier dem\n"
+#~ "  -h, --help                    vis denne meldingen og avslutt\n"
+#~ "  -r, --remove                  slett hjemmemappa og postkassa\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: brukeren %s er pålogget\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: usermod [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~| "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~| "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~| "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~| "  -a, --append                  append the user to the supplemental "
+#~| "GROUPS\n"
+#~| "                                mentioned by the -G option without "
+#~| "removing\n"
+#~| "                                him/her from other groups\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~| "  -L, --lock                    lock the user account\n"
+#~| "  -m, --move-home               move contents of the home directory to "
+#~| "the\n"
+#~| "                                new location (use only with -d)\n"
+#~| "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~| "  -p, --password PASSWORD       use encrypted password for the new "
+#~| "password\n"
+#~| "  -s, --shell SHELL             new login shell for the user account\n"
+#~| "  -u, --uid UID                 new UID for the user account\n"
+#~| "  -U, --unlock                  unlock the user account\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Bruk: usermod [valg] konto\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ "  -a, --append                     legg til bruker i tilleggsgruppene "
+#~ "GRUPPER\n"
+#~ "                                         nevnt i valget -G uten å fjerne "
+#~ "ham/henne fra\n"
+#~ "                                         andre grupper\n"
+#~ "   -c, --comment KOMMENTAR       ny verdi i GECOS-feltet\n"
+#~ "  -d, --home HJEMME             hjemmemappe for den nye kontoen\n"
+#~ "  -e, --expiredate DATO         kontoen utgår på datoen DATE\n"
+#~ "  -f, --inactive INAKTIV        passordet settes inaktivt etter utløp\n"
+#~ "  -g, --gid GRUPPE              bruk GRUPPE som ny primærgruppe\n"
+#~ "  -G, --groups GRUPPER      ny  liste over tilleggsgrupper\n"
+#~ "  -h, --help                         vis denne hjelpeteksten og avslutt\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: ingen flagg oppgitt\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: vipw [valg]\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ "  -g, --group                   rediger gruppedatabasen\n"
+#~ "  -h, --help                    vis denne hjelpeteksten og avslutt\n"
+#~ "  -p, --passwd                  rediger passwd-databasen\n"
+#~ "  -q., --quiet                  ordknapp kjøremåte\n"
+#~ "  -s, --shadow                  rediger shadow- eller gshadow-databasen\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [option] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --add USER                add USER to GROUP\n"
+#~ "  -d, --delete USER             remove USER from GROUP\n"
+#~ "  -r, --remove-password         remove the GROUP's password\n"
+#~ "  -R, --restrict                restrict access to GROUP to its members\n"
+#~ "  -M, --members USER,...        set the list of members of GROUP\n"
+#~ "%s\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: %s [option] GRUPPE\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ "  -a, --add BRUKER             legg til BRUKER i GRUPPE\n"
+#~ "  -d, --delete BRUKER         fjern BRUKER fra GRUPPE\n"
+#~ "  -r, --remove-password      fjern GRUPPEs passord\n"
+#~ "  -R, --restrict                     tilgang til GRUPPE bare for "
+#~ "medlemmer\n"
+#~ "  -M, --members BRUKER –  oppgi lista over medlemmer i GRUPPE\n"
+#~ "%s\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmems [options] [action]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group groupname         change groupname instead of the user's "
+#~ "group\n"
+#~ "                                (root only)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ "  -a, --add username            add username to the members of the group\n"
+#~ "  -d, --delete username         remove username from the members of the "
+#~ "group\n"
+#~ "  -p, --purge                   purge all members from the group\n"
+#~ "  -l, --list                    list the members of the group\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Brul: groupmems [valg] [handling]\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ "  -g, --group gruppenavn         endre gruppenavn i stedet for brukerens "
+#~ "gruppe\n"
+#~ "                                (bare root)\n"
+#~ "\n"
+#~ "Handlinger:\n"
+#~ "  -a, --add brukernavn           legg til brukernavn til medlemmer av "
+#~ "gruppa\n"
+#~ "  -d, --delete brukernavn        fjern brukernavn fra medlemmer av "
+#~ "gruppa\n"
+#~ "  -p, --purge                   slett alle medlemmer av gruppa\n"
+#~ "  -l, --list                    list opp medlemmer av gruppa\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Bruk: %s [input]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: kan ikke opprette %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: kan ikke chown %s\n"
+
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: faillog [valg]\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ "  -a, --all                     vis faillog-oppføringer for alle brukere\n"
+#~ "  -h, --help                    vis denne hjelpeteksten og avslutt\n"
+#~ "  -l, --lock-time SEK           etter mislykket innlogging, lås kontoen\n"
+#~ "                                i SEK sekunder\n"
+#~ "  -m, --maximum MAX             sett største antall mislykte "
+#~ "innlogginger\n"
+#~ "                                til MAX\n"
+#~ "  -r, --reset                   nullstill tellerne for mislykte "
+#~ "innlogginger\n"
+#~ "  -t, --time DAGER              vis mislykte innlogginger nyere enn "
+#~ "DAGER\n"
+#~ "  -u, --user BRUKER             vis mislykte innlogginger eller styr\n"
+#~ "                                tellene og grenseverdiene (med -r, -m\n"
+#~ "                                eller -l) bare for bruker BRUKER\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: groupadd [valg] GRUPPE\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ "  -f, --force                   tving fram normal avslutning hvis den\n"
+#~ "                                oppgitte gruppa finnes fra før\n"
+#~ "  -g, --gid GID                 bruk GID for den nye gruppa\n"
+#~ "  -h, --help                    vis denne hjelpeteksten og avslutt\n"
+#~ "  -K, --key NØKKEL=VERDI        overstyrer standardverdier\n"
+#~ "                                fra /etc/login.defs\n"
+#~ "  -o, --non-unique              tillat å opprette en gruppe med "
+#~ "duplisert\n"
+#~ "                                GID\n"
+#~ "  -p, --password PASSORD   bruk kryptert passord for den nye gruppa\n"
+#~ "  -r, --system               opprett en systemkonto\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: groupmod [valg] gruppe\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ "  -g, --gid GID                 bruk GID for den nye gruppa\n"
+#~ "  -h, --help                    vis denne hjelpeteksten og avslutt\n"
+#~ "  -n, --new-name NY_GRUPPE  tving fram nytt navn NY_GRUPPE\n"
+#~ "                                   på GRUPPE\n"
+#~ "  -o, --non-unique              tillat å opprette en gruppe med "
+#~ "duplisert\n"
+#~ "                                GID\n"
+#~ "  -p, --password PASSORD  bruk kryptert passord som nytt passord\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: useradd [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~| "                                home directory\n"
+#~| "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~| "account\n"
+#~| "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~| "  -D, --defaults                print or save modified default useradd\n"
+#~| "                                configuration\n"
+#~| "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -g, --gid GROUP               force use GROUP for the new user "
+#~| "account\n"
+#~| "  -G, --groups GROUPS           list of supplementary groups for the "
+#~| "new\n"
+#~| "                                user account\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~| "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~| "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~| "                                faillog databases\n"
+#~| "  -m, --create-home             create home directory for the new user\n"
+#~| "                                account\n"
+#~| "  -M, --no-create-home          do not create user's home directory\n"
+#~| "                                (overrides /etc/login.defs)\n"
+#~| "  -N, --no-user-group           do not create a group with the same name "
+#~| "as\n"
+#~| "                                the user\n"
+#~| "  -o, --non-unique              allow create user with duplicate\n"
+#~| "                                (non-unique) UID\n"
+#~| "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~| "                                account\n"
+#~| "  -r, --system                  create a system account\n"
+#~| "  -s, --shell SHELL             the login shell for the new user "
+#~| "account\n"
+#~| "  -u, --uid UID                 force use the UID for the new user "
+#~| "account\n"
+#~| "  -U, --user-group              create a group with the same name as the "
+#~| "user\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Bruk: useradd [valg] KONTO\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ "  -b, --base-dir BASIS          basis-mappe for hjemmemappa til den nye\n"
+#~ "                                brukerkontoen\n"
+#~ "  -c, --comment KOMMENTAR       sett i GECOS-feltet for den nye\n"
+#~ "                                brukerkontoen\n"
+#~ "  -d, --home-dir HJEMME         hjemmemappe for den nye brukerkontoen\n"
+#~ "  -D, --defaults                skriv ut eller lagre endret "
+#~ "standardoppsett\n"
+#~ "                                for useradd\n"
+#~ "  -e, --expiredate DATO         angi at kontoen utgår på DATO\n"
+#~ "  -f, --inactive INAKTIV        sett passordet inaktivt etter utløp til "
+#~ "INAKTIV\n"
+#~ "  -g, --gid GRUPPE              angi GRUPPE for den nye brukerkontoen\n"
+#~ "  -h, --help                    vis denne hjelpeteksten og avslutt\n"
+#~ "  -k, --skel SKJELETT           oppgi en annen skel-mappe\n"
+#~ "  -K, --key NØKKEL=VERDI        overstyrer oppsett fra /etc/login.defs\n"
+#~ "  -m, --create-home             opprett hjemmemappe for den nye "
+#~ "brukerkontoen\n"
+#~ "  -M, --no-create-home        ikke opprett hjemmemappe for den nye \n"
+#~ "                                   brukeren (overstyrer /etc/login.defs)\n"
+#~ "  -N, --no-user-group          ikke opprett en gruppe med samme navn som\n"
+#~ "                                   brukeren  -o, --non-"
+#~ "unique              tillat å opprette bruker med duplisert UID\n"
+#~ "  -p, --password PASSORD        bruk dette krypterte passordet for\n"
+#~ "                                den nye brukerkontoen\n"
+#~ "  -s, --shell SKALL             innloggingsskall for den nye "
+#~ "brukerkontoen\n"
+#~ "  -u, --uid UID                 bruk UID for den nye brukerkontoen\n"
+#~ "  -U, --user-group           opprett en gruppe med samme navn som\n"
+#~ "                                    brukeren\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -r, --system                  create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Bruk: %s [valg] [inndata]\n"
+#~ "\n"
+#~ "  -c, --crypt-method           krypteringsmetode (en av %s)\n"
+#~ "  -r, --system                  opprett systemkontoer\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Passordet vil utgå på dato."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: kan ikke låse passordfila\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: kan ikke åpne passordfila\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: kan ikke låse skyggepassordfila\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: kan ikke åpne skyggepassordfila\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: kan ikke gjenskrive skyggepassordfila\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: kan ikke gjenskrive passordfila\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: kan ikke oppdatere skyggepassordfila\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tFullstendig navn: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tRomnummer: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tJobbtelefon: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tHjemtelefon: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Kan ikke låse passordfila; forsøk senere.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Kan ikke åpne passordfila.\n"
+
+#~ msgid "%s: %s not found in /etc/passwd\n"
+#~ msgstr "%s: %s ikke funnet i /etc/passwd\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Feil ved oppdatering av passord.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Kan ikke sende inn endringer til passordfila.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Kan ikke låse opp passordfila.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: klarer ikke å låse gruppefila\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: klarer ikke å åpne gruppefila\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: klarer ikke å låse gshadow-fila\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: kan ikke åpne shadow-fila\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: feil ved oppdatering av shadow-fila\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: feil ved oppdatering av gruppe-oppføring\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: linje %d: ukjent gruppe %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: linje %d: kan ikke oppdatere oppføring\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: kan ikke låse shadow-fila\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: feil ved oppdatering av shadow-fila\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: feil ved oppdatering av passordfila\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: linje %d: ukjent bruker %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: linje %d: kan ikke oppdatere passordlinja\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: ukjent bruker\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Ukjent bruker: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Bruk: %s [-r|-R] gruppe\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "      %s [-a bruker] gruppe\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "      %s [-d bruker] gruppe\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "      %s [-A bruker,...] [-M bruker,...] gruppe\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "      %s [-M bruker,...] gruppe\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: kan ikke låse\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: klarer ikke å låse shadow-fila\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: kan ikke åpne fila\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: klarer ikke å omskrive shadow-fila\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: kan ikke låse opp filen\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: klarer ikke å oppdatere oppføringen\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: klarer ikke å oppdatere oppføringen i shadow-fila\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "ukjent gruppe: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: kan ikke åpne fila\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: kan ikke åpne shadow-fila\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Hvem er du?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: ukjent medlem %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: feil ved oppretting av ny gruppeoppføring\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: klarer ikke å omskrive gruppefila\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: klarer ikke å omskrive shadow-fila\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: klarer ikke å låse gruppefila\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: klarer ikke å åpne gruppefila\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: klarer ikke å låse shadow-gruppefila\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: klarer ikke å åpne shadow-gruppefila\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u er ikke entydig\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: feil ved fjerning av gruppeoppføring\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: feil ved sletting av shadow-gruppeoppføring\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: kan ikke fjerne brukerens primærgruppe.\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: PAM autentisering mislyktes\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s: klarer ikke å låse gruppefila\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s: kan ikke åpne gruppefila\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s ikke funnet i /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u er ikke en entydig GID\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s er ikke et entydig navn\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: kan ikke skrive passordfila på nytt\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: klarte ikke å låse passordfila\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: klarte ikke å åpne passordfila\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: kan ikke oppdatere shadow-oppføringen for %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: kan ikke oppdatere oppføringen for gruppa %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: kan ikke låse shadow-gruppefila\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: kan ikke åpne shadow-gruppefila\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: kan ikke fjerne shadow-gruppe %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: kan ikke oppdatere shadow-gruppefila\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: kan ikke slette shadow-gruppefila\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "ukjent UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "ukjent GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: gruppa %s finnes ikke\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: bruker %s finnes ikke\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: ugyldig brukernavn «%s»\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: kan ikke låse /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: kan ikke låse /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: kan ikke låse /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: kan ikke låse /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: kan ikke åpne filer\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: feil ved oppdatering av filer\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: klarer ikke å endre passord-oppføringen for %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: klarte ikke å låse passordfila\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: klarte ikke å åpne passordfila\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: klarte ikke å fjerne shadow-oppføring for %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: klarer ikke å oppdatere passordfila\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: klarer ikke å oppdatere oppføring for bruker %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: kan ikke slette shadow-passordfila\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: ukjent GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: ukjent gruppe %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: slapp opp for minne i update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: kan ikke skrive passordfila på nytt\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: kan ikke skrive shadow-passordfila på nytt\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: klarte ikke å låse shadow-passordfila\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: klarte ikke å åpne shadow-passordfila\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: feil ved låsing av gruppefila\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: feil ved åpning av gruppefila\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: feil ved låsing av shadow-gruppefila\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: feil ved åpning av shadow-gruppefila\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: feil ved innlegging av ny passord-oppføring\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: feil ved innlegging av ny shadow passord-oppføring\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: advarsel: CREATE_HOME ikke støttet, bruk -m istedenfor.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: feil ved oppdatering av gruppe-oppføring\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: feil ved oppdatering av gruppe-oppføring\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: kan ikke åpne gruppefila\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: kan ikke åpne shadow-gruppefila\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: feil ved sletting av passord-oppføring\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: feil ved sletting av shadow passordoppføring\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: feil ved oppretting av ny gruppeoppføring\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu er ikke entydig\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: feil ved endring av passordoppføring\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: feil ved sletting av passordoppføring\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: feil ved sletting av shadow passord-oppføring\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: klarer ikke å få entydig GID\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " på «%.100s» fra «%.200s»"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " på «%.100s»"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: linje %d: kan ikke opprette UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: navn %s er ikke entydig\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Bruk: chgpasswd [valg]\n"
+#~ "\n"
+#~ "Valg:\n"
+#~ "  -e, --encrypted\toppgitte passord er krypterte\n"
+#~ "  h, --help\t\tvis denne hjelpeteksten og avslutt\n"
+#~ "  -m, --md5\t\tbruk MD5-kryptering i stedet for DES når de oppgitte\n"
+#~ "\t\t\tpassordene ikke er krypterte\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Ingen passordfil.\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Beklager.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Passordet for %s kan ikke endres ennå.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Beklager."
diff --git a/po/ne.po b/po/ne.po
new file mode 100644
index 0000000..e40129b
--- /dev/null
+++ b/po/ne.po
@@ -0,0 +1,3497 @@
+# translation of shadow_po.po to Nepali
+# translation of shadow_po.po to Nepali
+# This file is distributed under the same license as the PACKAGE package.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER.
+# Shiva Pokharel <pokharelshiva@hotmail.com>, 2006.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.17\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2006-06-16 14:30+0545\n"
+"Last-Translator: Shiva Pokharel <pokharelshiva@hotmail.com>\n"
+"Language-Team: Nepali <info@mpp.org.np>\n"
+"Language: ne\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2;plural=(n!=1)\n"
+"X-Generator: KBabel 1.10.2\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "कनफिगरेसन सूचनाको लागि खाली ठाऊ� बा�ड�न सकिदैन ।\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "कन�फिगरेसन त�र�टि - अज�ञात वस�त� '%s' (प�रशासकलाई सूचना गर�न�होस)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "पासवर�ड: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "'%s' को पासवर�ड: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "कनफिगरेसन सूचनाको लागि खाली ठाऊ� बा�ड�न सकिदैन ।\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "%s का लागि अवधि सूचना परिवर�तन गरिदैछ\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: तपाई�को प�रयोगकर�ता नाम निर�धारण गर�न सकि�न ।\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: रेखा %d: प�रयोगकर�ता फेला पार�न सकि�न %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: स�मृति भन�दा बाहिर\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: फाइल %s अद�यावधिक गर�न सकि�न\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: अवैध गृह डाइरेक�ट�री '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: डाइरेक�ट�री %s लाई %s मा प�न:नामकरण गर�न सकिदैन\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: डाइरेकट�री सिर�जना गर�न सकि�न %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: चेतावनी: हट�न सक�दैन "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: चेतावनी: हट�न सक�दैन "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: प�न:नामकरण गर�न�होस�: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: डाइरेक�ट�री %s लाई %s मा प�न:नामकरण गर�न सकिदैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: डाइरेक�ट�री %s लाई %s मा प�न:नामकरण गर�न सकिदैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: चेतावनी: हट�न सक�दैन "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: डाइरेकट�री सिर�जना गर�न सकि�न %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: चेतावनी: हट�न सक�दैन "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: फाइल %s अद�यावधिक गर�न सकि�न\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: स�याडो फाइल अद�यावधिक ह�न सकेन\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: प�न:नामकरण गर�न�होस�: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: फाइल %s खोल�न सकि�न\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "चेतावनी: अज�ञात समूह %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "चेतावनी: अति धेरै समूहहरू\n"
+
+msgid "Your password has expired."
+msgstr "तपाई�को पासवर�डको म�याद समाप�त भ�को छ।"
+
+msgid "Your password is inactive."
+msgstr "तपाई�को पासवर�ड निष�क�रिय छ।"
+
+msgid "Your login has expired."
+msgstr "तपाई�को लगइनको म�याद समाप�त भ�को छ।"
+
+msgid "  Contact the system administrator."
+msgstr "  प�रणाली प�रशासक संग सम�पर�क गर�न�होस� ।"
+
+msgid "  Choose a new password."
+msgstr "  नया� पासवर�ड रोज�न�होस� ।"
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "तपाई�को पासवर�डको म�याद %ld दिनमा समाप�त ह�न�छ ।\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "तपाई�को पासवर�डको म�याद भोली समाप�त ह�नेछ ।"
+
+msgid "Your password will expire today."
+msgstr "तपाई�को पासवर�डको म�याद आज समाप�त ह�नेछ ।"
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "tty %s लाई परिवर�तन गर�न असक�षम भयो"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: अति लामो फा�ट\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "परिवेशको अतिप�रवाह\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "तपाई�ले $%s परिवर�तन गर�न सक�न�ह�न�न\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d अन�तिम लगइन देखिअसफल भयो ।\n"
+"अन�तिम %s मा %s थियो ।\n"
+msgstr[1] ""
+"%d अन�तिम लगइन देखिअसफल भयो ।\n"
+"अन�तिम %s मा %s थियो ।\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "मेलबक�स प�रापक परिवर�तन गर�न असफल भयो"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: अद�वितिय UID प�राप�त गर�न सकि�न\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: अद�वितिय GID प�राप�त गर�न सकि�न\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: अद�वितिय UID प�राप�त गर�न सकि�न\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: अद�वितिय UID प�राप�त गर�न सकि�न\n"
+
+msgid "Too many logins.\n"
+msgstr "अति धेरै लगइनहरू ।\n"
+
+msgid "You have new mail."
+msgstr "तपाई�स�ग नया� मेल छ।"
+
+msgid "No mail."
+msgstr "मेल छैन।"
+
+msgid "You have mail."
+msgstr "तपाई�को मेल छ।"
+
+msgid "no change"
+msgstr "परिवर�तन छैन"
+
+msgid "a palindrome"
+msgstr "�उटा श�लोक"
+
+msgid "case changes only"
+msgstr "केस परिवर�तनहरू मात�र"
+
+msgid "too similar"
+msgstr "अति मिल�दो"
+
+msgid "too simple"
+msgstr "अति सजिलो"
+
+msgid "rotated"
+msgstr "घ�मिरहेको"
+
+msgid "too short"
+msgstr "अति छोटो"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "खराब पासवर�ड: %s. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "पासवर�ड: pam_start() असफल भयो, त�र�टि %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "पासवर�ड: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "पासवर�ड परिवर�तन भयो ।"
+
+msgid "passwd: password updated successfully\n"
+msgstr "पासवर�ड: पासवर�ड सफलतापूर�वक अद�यावधिक भयो\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr " %s को लागि गलत पासवर�ड ।\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: विशेषधिकारहरू छोड�न असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: अवैध गृह फोन: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: डाइरेकट�री सिर�जना गर�न सकि�न %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: डाइरेकट�री सिर�जना गर�न सकि�न %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: डाइरेकट�री सिर�जना गर�न सकि�न %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "'%s' मा सि डि गर�न असफल\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "डाइरेक�ट�री होइन, HOME=/ संगै लगइन भइरहेको"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s कार�यान�वयन गर�न सकि�न"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "अवैध मूल डाइरेकट�री '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "'%s' मा मूल डाइरेकट�री परिवर�तन गर�न सकिदैन\n"
+
+msgid "Unable to determine your tty name."
+msgstr "तपाई�को tty नाम निर�धारण गर�न सकि�न।"
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "होइन\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "नया� मान प�रविष�टि गर�न�होस�, वा पूर�वनिर�धारितको लागि ENTER थिच�न�होस�"
+
+msgid "Minimum Password Age"
+msgstr "न�यूनतम पासवर�ड अवधि"
+
+msgid "Maximum Password Age"
+msgstr "अधिकतम पासवर�ड अवधि"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "अन�तिम पासवर�ड परिवर�तन गर�न�होस� (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "पासवर�ड समाप�ति चेतावनी"
+
+msgid "Password Inactive"
+msgstr "पासवर�ड निष�क�रिय"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "लेखा समाप�ति मिति (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "अन�तिम पासवर�ड परिवर�तन भयो\t\t\t\t\t: "
+
+msgid "never"
+msgstr "कहिल�यै पनि"
+
+msgid "password must be changed"
+msgstr "पासवर�ड परिवर�तन ह�न�पर�छ"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "पासवर�ड समाप�त ह�न�छ\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "पासवर�ड निष�क�रिय पार�न�होस�\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "लेखा समाप�त ह�न�छ\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "पासवर�ड परिवर�तन बीचको दिनहर�को न�यूनतम संख�या\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "पासवर�ड परिवर�तन बीचको दिनहर�को अधिक�तम संख�या\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "पासवर�ड समाप�त ह�न� अगाडि चेतावनीको दिनहर�को संख�या\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: अवैध मिति '%s'\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: अवैध संख�यात�मक तर�क '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: अन�य �ण�डाहरू संग \"l\" समावेश भ�न\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: अन�मति अस�वीकार गरियो ।\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: तपाई�को प�रयोगकर�ता नाम निर�धारण गर�न सकि�न ।\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: फाइलहरू ताल�चा मार�न सकि�न, पछि फेरी प�रयास गर�न�होस�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: फाइल %s खोल�न सकि�न\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: फोर�क गर�दा असफल: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: विशेषधिकारहरू छोड�न असफल भयो (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: स�याडो पासवर�ड फाइल प�रस�त�त भ�को छैन\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: प�रयोगकर�ता %s अवस�थित छैन\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "%s का लागि अवधि सूचना परिवर�तन गरिदैछ\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: त�र�टि परिवर�तन फा�ट\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "प�रा नाम"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "कोठा नम�बर"
+
+msgid "Work Phone"
+msgstr "कार�य फोन"
+
+msgid "Home Phone"
+msgstr "गृह फोन"
+
+msgid "Other"
+msgstr "अन�य"
+
+msgid "Cannot change ID to root.\n"
+msgstr "ID लाई मूलमा परिवर�तन गर�न सकिदैन ।\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: अवैध नाम: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: अवैध कोठा नम�बर: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: अवैध कार�य फोन: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: अवैध गृह फोन: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' ले गैरकानूनी क�यारेक�टरहरू समाविष�ट गर�दछ\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' ले गैरकानूनी क�यारेक�टरहरू समाविष�ट गर�दछ\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: प�रयोगकर�ता %s अवस�थित छैन\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: NIS ग�राहकमा प�रयोगकर�ता '%s' परिवर�तन गर�न सकिदैन ।\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' यो ग�राहकको लागि NIS मास�टर हो ।\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr " %s को लागि प�रयोगकर�ता सूचना परिवर�तन गरिदैछ\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: अति लामो फा�ट\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: -a फ�ल�याग -G फ�ल�याग संग मात�र अन�मति छ\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: रेखा %d: अति लामो रेखा\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: रेखा %d: नया� पासवर�ड हराइरहेको छ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: विशेषधिकारहरू छोड�न असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: समूह %s अवस�थित छैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: रेखा %d: प�रविष�टि अद�यावधिक गर�न सकि�न\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: त�र�टि पत�ता लाग�यो, परिवर�तनहरू उपेक�षा गरियो\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: प�रयोगकर�ता %s अवस�थित छैन\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: प�रयोगकर�ता %s अवस�थित छैन\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "शेल लगइन"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "तपाई� यस को लागि शेल परिवर�तन गर�न सक�न�ह�न�न %s ।\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr " %s को लागि शेलको लगइन परिवर�तन गरिदैछ\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: अवैध प�रविष�टि: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s अवैध शेल हो ।\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: प�रयोगकर�ता %s अवस�थित छैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: चेतावनी: %s चा�हि %s को स�वामित�वमा छैन\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "अन�तिम लग: अनपेक�षित तर�क: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: डाइरेकट�री सिर�जना गर�न सकि�न %s\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "सबैभन�दा पछि                  असफल भ�को                           लगइन\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds left]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds lock]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: डाइरेकट�री सिर�जना गर�न सकि�न %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: विशेषधिकारहरू छोड�न असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: डाइरेकट�री सिर�जना गर�न सकि�न %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "अज�ञात प�रयोगकर�ता: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: डाइरेक�ट�री %s लाई %s मा प�न:नामकरण गर�न सकिदैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: विशेषधिकारहरू छोड�न असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "%s को लागि पासवर�ड परिवर�तन गर�न सकिदैन ।\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "%s को लागि पासवर�ड परिवर�तन गर�न सकिदैन ।\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: स�याडो समूह पासवर�डहर�लाई -A को आवश�यक छ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: समूह %s अवस�थित छैन\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: फोर�क गर�दा असफल: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "समूह %s को लागि पासवर�ड परिवर�तन गरिदैछ\n"
+
+msgid "New Password: "
+msgstr "नया� पासवर�ड: "
+
+msgid "Re-enter new password: "
+msgstr "नया� पासवर�ड प�न:प�रविष�ट गर�न�होस�: "
+
+msgid "They don't match; try again"
+msgstr "तिनीहरू मेल खा�दैनन�, फेरी प�रयास गर�न�होस�"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: पछि फेरी प�रयास गर�न�होस�\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "समूह %s मा प�रयोगकर�ता %s थप गरिदैछ\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "समूह %s बाट प�रयोगकर�ता %s हटाइदैछ\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: प�रयोगकर�ता %s अवस�थित छैन\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: tty होइन\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s वैध समूह नाम होइन\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "अवैध समूह नाम '%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K लाई KEY=VALUE को आवश�यक पर�दछ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: समूह %s अवस�थित छ\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: तपाई�को प�रयोगकर�ता नाम निर�धारण गर�न सकि�न ।\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: डाइरेक�ट�री %s लाई %s मा प�न:नामकरण गर�न सकिदैन\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: NIS ग�राहकमा प�रयोगकर�ता '%s' परिवर�तन गर�न सकिदैन ।\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: समूह %s अवस�थित छैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: समूह '%s' NIS समूह हो ।\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s NIS मास�टर हो\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: प�रयोगकर�ता %s NIS प�रयोगकर�ता हो\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: update_group मा स�मृति भन�दा बाहिर\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "अवैध समूह नाम '%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: समूह %s NIS समूह हो\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: अज�ञात प�रयोगकर�ता %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s र -r मिल�दोज�ल�दो छैन\n"
+
+msgid "invalid group file entry"
+msgstr "अवैध समूह फाइल प�रविष�टि"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "लाइन '%s' मेट�न�ह�न�छ ? "
+
+msgid "duplicate group entry"
+msgstr "नक�कली समूह प�रविष�टि"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "अवैध समूह नाम '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "अवैध समूह नाम '%s'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "समूह %s: प�रयोगकर�ता छैन %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "सदस�य '%s' मेट�न�ह�न�छ ? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "यो %s मा समूह फाइल प�रविष�टि मेल खा�को छैन\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "यस %s मा '%s' समूह थप�न�ह�न�छ ?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "अवैध स�याडो समूह फाइल प�रविष�टि"
+
+msgid "duplicate shadow group entry"
+msgstr "नक�कली स�याडो समूह प�रविष�टि"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "स�याडो समूह %s: प�रशासनिक प�रयोगकर�ता छैन %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "प�रशासनिक सदस�य '%s' मेट�न�ह�न�छ ? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "स�याडो समूह %s: प�रयोगकर�ता छैन %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: फाइलहरू अद�यावधिक ह�न�पर�छ\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: क�नै परिवर�तनहरू छैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: फाइल %s अद�यावधिक गर�न सकि�न\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "उपयोग: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "उपयोग: id\n"
+
+msgid " groups="
+msgstr " समूहहरू="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr "सबै भन�दा पछिल�लो        बाट                पोर�ट        प�रयोगकर�ता नाम"
+
+msgid "Username                Port     Latest"
+msgstr "सबैभन�दा पछिल�लो              पोर�ट            प�रयोगकर�ता नाम"
+
+msgid "**Never logged in**"
+msgstr "**Never logged in**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: डाइरेकट�री सिर�जना गर�न सकि�न %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: पासवर�ड फाइल अद�यावधिक गर�न सकि�न\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "उपयोग: %s [-p] [name]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h host] [-f name]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "अवैध लगइन समय"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"र�टिन संभारको लागि प�रणाली बन�द गरियो"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[बाइपास जडान विच�छेदन भयो --मूल लगइनलाई अन�मति छ । ]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"utmp प�रविष�टि भ�न । तपाई�ले \"login\" गर�दा ज�यादै न�यून तह \"sh\" बाट कार�यन�वयन "
+"गर�न�पर�छ"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"%d सेकेण�ड पछि लगइन समय समाप�त भयो ।\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "लगइन: PAM असफल भयो, परित�याग गरिदै: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s लगइन: "
+
+msgid "login: "
+msgstr "लगइन: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "बढेको प�रयासहरको अधिक�तम संख�या (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "लगइन: PAM द�वारा अन�रोध गरि�को परित�याग\n"
+
+msgid "Login incorrect"
+msgstr "लगइन गलत छ"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: रेखा %d: प�रयोगकर�ता फेला पार�न सकि�न %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s लगइन: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: फोर�क गर�दा असफल: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "चेतावनी: अस�थायी लगआउट पछि लगइन प�न: सक�षम गर�न�होस� ।"
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "अन�तिम लगइन: %s मा %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "अन�तिम लगइन: %s मा %.19s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " %.*s बाट"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"लगइन समय बढ�यो\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "उपयोग: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "उपयोग: newgrp [-] [group]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "उपयोग: sg group [[-c] आदेश]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: विशेषधिकारहरू छोड�न असफल भयो (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "प�रानो पासवर�ड: "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: फोर�क गर�दा असफल: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: प�रयोगकर�ता %s अवस�थित छैन\n"
+
+msgid "too many groups\n"
+msgstr "अति धेरै समूहहरू\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: समूह %s अवस�थित छैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: अवैध प�रयोगकर�ता नाम '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: अवैध प�रयोगकर�ता नाम '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: रेखा %d: अवैध रेखा\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: प�रयोगकर�ता %s का लागि प�रविष�टि अद�यावधिक गर�न सकि�न\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: रेखा %d: GID सिर�जना गर�न सकि�न\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: रेखा %d: GID सिर�जना गर�न सकि�न\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: प�रयोगकर�ता %s अवस�थित छैन\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: रेखा %d: पासवर�ड अद�यावधिक गर�न सकि�न\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: रेखा %d: mkdir असफल भयो\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: रेखा %d: chown असफल भयो\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: रेखा %d: प�रविष�टि अद�यावधिक गर�न सकि�न\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: विशेषधिकारहरू छोड�न असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: यो %s सिर�जना गर�न सकिदैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: समूह फाइल अद�यावधिक गर�न सकि�न\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "प�रानो पासवर�ड: "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"नया� पासवर�ड प�रविष�ट गर�न�होस� (%d को न�य�नतम, %d को अधिक�तम क�यारेक�टरहरू)\n"
+"कृपया सानो र ठूलो अक�षरहरू र नम�बरहर�को मिलान प�रयोग गर�न�होस� ।\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"नया� पासवर�ड प�रविष�ट गर�न�होस� (%d को न�य�नतम, %d को अधिक�तम क�यारेक�टरहरू)\n"
+"कृपया सानो र ठूलो अक�षरहरू र नम�बरहर�को मिलान प�रयोग गर�न�होस� ।\n"
+
+msgid "New password: "
+msgstr "नया� पासवर�ड : "
+
+msgid "Try again."
+msgstr "फेरी प�रयास गर�न�होस� ।"
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"चेतावनी: कम�जोर पासवर�ड (जे भ� पनि यसलाई प�रयोग गर�न फेरी यसलाई प�रविष�ट गर�न�होस�) ।"
+
+msgid "They don't match; try again.\n"
+msgstr "तिनीहरू मेल खा�दैनन�; फेरी प�रयास गर�न�होस� ।\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "%s को लागि पासवर�ड परिवर�तन गर�न सकिदैन ।\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "%s को लागि पासवर�ड परिवर�तन गर�न सकिदैन ।\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: रेपोजिटरी %s समर�थित छैन\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+"%s: यस %s को लागि तपाईवले पासवर�ड सूचना दृश�य गर�न वा परिमार�जन गर�न सक�न�ह�न�न ।\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "%s को लागि पासवर�ड परिवर�तन गरिदैछ\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s को लागि पासवर�ड परिवर�तन ह�न सकिदैन ।\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "पासवर�ड परिवर�तन भयो ।"
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "पासवर�ड समाप�ति चेतावनी"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "अवैध पासवर�ड फाइल प�रविष�टि"
+
+msgid "duplicate password entry"
+msgstr "नक�कली पासवर�ड प�रविष�टि"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "अवैध प�रयोगकर�ता नाम '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "अवैध प�रयोगकर�ता नाम '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "प�रयोगकर�ता %s: समूह छैन %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "प�रयोगकर�ता %s: डाइरेक�ट�री %s अवस�थित छैन\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "प�रयोगकर�ता %s: कार�यक�रम %s अवस�थित छैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: डाइरेकट�री सिर�जना गर�न सकि�न %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: डाइरेकट�री सिर�जना गर�न सकि�न %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: डाइरेकट�री सिर�जना गर�न सकि�न %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: फाइल %s ताल�चा मार�न सकिदैन\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "यो %s मा मेल खाने पासवर�ड फाइल प�रविष�टि छैन\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "'%s' मा %s प�रयोगकर�ता थप�न�ह�न�छ ? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "अवैध स�याडो पासवर�ड फाइल प�रविष�टि"
+
+msgid "duplicate shadow password entry"
+msgstr "नक�कलि स�याडो पासवर�ड प�रविष�टि"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "प�रयोगकर�ता %s: अन�तिम पासवर�ड भविष�यमा परिवर�तन ह�नेछ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: फाइल %s खोल�न सकि�न\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: फाइल प�न:लेखन गर�न सकि�न\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "su बाट त�यो खातामा पह��च गर�न अस�वीकार गरियो ।\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "पासवर�ड प�रमाणीकरण बाइपास गरियो ।\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr " कृपया प�रमाणीकरणको र�पमा तपाई�को आफ�नो पासवर�ड प�रविष�ट गर�न�होस� ।\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: फाइल %s ताल�चा मार�न सकिदैन\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"उपयोग: su [options] [login]\n"
+"\n"
+"विकल�पहरू:\n"
+"  -c, --आदेश COMMAND\t\t शेल आह�वान गर�न आदेश पास गर�न�होस�\n"
+"  -h, --मद�दत\t\t\t ले यो मद�दत संदेशलाई प�रदर�शन गर�दछ र बन�द गर�दछ\n"
+"  -, -l, --लगइन\t\tशेललाई �उटा लगइन शेल बनाउ�छ \n"
+"  -m, -p,\n"
+"  --preserve-environment\t ले परिवेश चलहरू प�न: सेट गर�दैन\n"
+" र उही शेल\t\t\t\t राख�दछ\n"
+"  -s, --शेल SHELL\t\t पूर�वनिर�धारित पासवर�डको सट�टामा SHELL प�रयोग गर�दछ\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(उपेक�षा गरियो)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "तपाई� su %s मा प�रमाणिकरण ह�न�ह�न�न\n"
+
+msgid "(Enter your own password)"
+msgstr "(तपाई�को आफ�नै पासवर�ड प�रविष�ट गर�न�होस�)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: PAM आधिकरण असफल भयो\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "तपाई� su %s मा प�रमाणिकरण ह�न�ह�न�न\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "मूलको लागि पासवर�ड प�रविष�टि छैन'"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: टर�मिनलबाट चल�न�पर�छ\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: त�र�टि %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: डाइरेक�ट�री %s लाई %s मा प�न:नामकरण गर�न सकिदैन\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "%s कार�यान�वयन गर�न सकि�न"
+
+msgid "No password file"
+msgstr "पासवर�ड फाइल होइन"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "मूलको लागि पासवर�ड प�रविष�टि छैन'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"सामन�य स�र�वात संगै प�रक�रिया गर�न control-d टाइप गर�न�होस�,\n"
+"(वा प�रणाली संभारको लागि मूल पासवर�ड दिन�होस�):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "प�रणाली संभार मोड प�रविष�टि गरिदैछ"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: नया� पूर�वनिर�धारित फाइल सिर�जना गर�न सकि�न\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: नया� पूर�वनिर�धारित फाइल खोल�न सकि�न\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: रेखा %d: chown असफल भयो\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: डाइरेकट�री सिर�जना गर�न सकि�न %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: प�न:नामकरण गर�न�होस�: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: समूह '%s' NIS समूह हो ।\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: अति धेरै समूहरू निर�दिष�ट गरि�को छ (max %d) ।\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "उपयोग: %s [आगत]\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: अवैध डाइरेक�ट�री '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: अवैध टिप�पणी '%s'\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: अवैध गृह डाइरेक�ट�री '%s'\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: स�याडो पासवर�डहर�को लागि -e को आवश�यक पर�दछ\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: स�याडो पासवर�डहर�को लागि -f को आवश�यक पर�दछ\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: अवैध फा�ट '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: अवैध शेल '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: विशेषधिकारहरू छोड�न असफल भयो (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: डाइरेकट�री सिर�जना गर�न सकि�न %s\n"
+
+msgid "Creating mailbox file"
+msgstr "मेल बाकस फाइल सिर�जना गर�दै"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr "समूह मेल फेला परेन । ०६०० मोड द�वारा प�रयोगकर�ता मेल बाकस फाइल सिर�जना गर�दैछ ।\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "मेल बाकस फाइल अन�मतिहरू मिलाउदै"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: प�रयोगकर�ता %s अवस�थित छ\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: समूह %s अवस�थित छ - यदि तपाई� यो प�रयोगकर�तालाई त�यो समूहमा थप�न चाहन�ह�न�छ भने, -g "
+"प�रयोग गर�न�होस� ।\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: यो %s सिर�जना गर�न सकिदैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %u अद�वितिय होइन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: डाइरेकट�री सिर�जना गर�न सकि�न %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: यो %s सिर�जना गर�न सकिदैन\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: यो %s सिर�जना गर�न सकिदैन\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: यो %s सिर�जना गर�न सकिदैन\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: चेतावनी: गृह डाइरेक�ट�री पहिल�यै अवस�थित छ ।\n"
+"यसमा स�केल डाइरेक�ट�रीबाट क�नै फाइल प�रतिलिपी भ�को छैन ।\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: NIS ग�राहकमा प�रयोगकर�ता '%s' परिवर�तन गर�न सकिदैन ।\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr "%s: समूह %s हटाउन सकिदैन ज�न अर�को प�रयोगकर�ताको लागि प�राथमिक समूह हो ।\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: डाइरेक�ट�री %s लाई %s मा प�न:नामकरण गर�न सकिदैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: अवैध गृह डाइरेक�ट�री '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: चेतावनी: हट�न सक�दैन "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s चा�हि %s को स�वामित�वमा छैन, हटिरहेको छैन\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: विशेषधिकारहरू छोड�न असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: डाइरेक�ट�री %s लाई %s मा प�न:नामकरण गर�न सकिदैन\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: डाइरेक�ट�री %s लाई %s मा प�न:नामकरण गर�न सकिदैन\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: प�रयोगकर�ता %s NIS प�रयोगकर�ता हो\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: अवैध गृह डाइरेक�ट�री '%s'\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: हट�ने डाइरेक�ट�री होइन %s (प�रयोगकर�ता %s को गृह हटाउ�छ)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: डाइरेक�ट�री हटाउ�दा त�र�टि %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: प�रयोगकर�ता %s अवस�थित छ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: अवैध मिति '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: अवैध मिति '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: फाइल %s खोल�न सकि�न\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: -e र -f को लागि स�याडो पासवर�डहर�को आवश�यक छ\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: डाइरेक�ट�री %s अवस�थित छ\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: डाइरेकट�री सिर�जना गर�न सकि�न %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: चेतावनी: प�रानो गृह डाइरेक�ट�री पूर�णर�पले हटाउन असफल भयो %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: डाइरेक�ट�री %s लाई %s मा प�न:नामकरण गर�न सकिदैन\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: चेतावनी: %s चा�हि %s को स�वामित�वमा छैन\n"
+
+msgid "failed to change mailbox owner"
+msgstr "मेलबक�स प�रापक परिवर�तन गर�न असफल भयो"
+
+msgid "failed to rename mailbox"
+msgstr "मेल बक�सलाई प�न:नामकरण गर�न असफल भयो"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: विशेषधिकारहरू छोड�न असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: विशेषधिकारहरू छोड�न असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: विशेषधिकारहरू छोड�न असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: विशेषधिकारहरू छोड�न असफल भयो (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: विशेषधिकारहरू छोड�न असफल भयो (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s परिवर�तन ह�दैन\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "मेल बक�सलाई प�न:नामकरण गर�न असफल भयो"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: विशेषधिकारहरू छोड�न असफल भयो (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "फाइल ताल�चा मार�न सकिदैन"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: विशेषधिकारहरू छोड�न असफल भयो (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "फाइल ताल�चा मार�न सकिदैन"
+
+msgid "Couldn't make backup"
+msgstr "जगेडा बनाउ�न सकिदैन"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s /etc/passwd मा फेला परेन\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+msgid "failed to open scratch file"
+msgstr "%s: समूह फाइल खोल�न असक�षम भयो\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: अति लामो फा�ट\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "मेल बक�सलाई प�न:नामकरण गर�न असफल भयो"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "मेलबक�स प�रापक परिवर�तन गर�न असफल भयो"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "मेल बक�सलाई प�न:नामकरण गर�न असफल भयो"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: प�न:भण�डारण गर�न सकिदैन %s: %s (तपाई�को परिवर�तनहरू %s मा छ)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: अवैध डाइरेक�ट�री '%s'\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "उपयोग: %s [आगत]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) असफल भयो\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग:प�रयोगकर�ता [विकल�पहरू] परिवर�तन गर�न�होस�\n"
+#~ "\n"
+#~ " विकल�पहरू:\n"
+#~ "  -d, --अन�तिम दिन LAST_DAY\t ले LAST_DAY मा परिवर�तन भ�को अन�तिम पासवर�ड सेट\n"
+#~ "\t\t\t\tगर�दछ\n"
+#~ "  -E, --समाप�त मिति EXPIRE_DATE\t ले EXPIRE_DATE मा खाता समाप�त मिति सेट "
+#~ "गर�दछ\n"
+#~ "  -h, --help\t\t\t ले यो मद�दत संदेशलाई प�रदर�शित र बन�द गर�दछ\n"
+#~ "  -I, --निष�क�रिय INACTIVE\t ले म�याद समाप�त भ�पछि निष�क�रिय पासवर�ड सेट गर�दछ\n"
+#~ "\t\t\t\tto INACTIVE\n"
+#~ "  -l, --सूचि\t\t\t ले खाता अवधि सूचना देखाउ�छ\n"
+#~ "  -m, --न�य�नतम दिन MIN_DAYS\tपासवर�ड अघि दिनहर�को न�य�नतम संख�या सेट गर�दछ\n"
+#~ "\t\t\t\tchange to MIN_DAYS\n"
+#~ "  -M, --अधिकमत दिन MAX_DAYS\tपासवर�ड अघि दिनहर�को न�य�नतम संख�या सेट गर�दछ\n"
+#~ "\t\t\t\tchange to MAX_DAYS\n"
+#~ "  -W, --चेतावनी दिन WARN_DAYS\t ले WARN_DAYS मा समाप�त भ�को चेतावनी दिनहरू "
+#~ "सेट \n"
+#~ "\t\t\t\tगर�दछ\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM आधिकरण असफल भयो\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "उपयोग: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr "उपयोग: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "उपयोग: पासवर�ड परिवर�तन गर�न�होस� [options]\n"
+#~ "\n"
+#~ "विकल�पहरू:\n"
+#~ "  -e, --ग�प�तिकृत\tआपूर�ति भ�का पासवर�डहरू ग�प�तिकृत छन\n"
+#~ "  -h, --मद�दत\t\tले यो मद�दत संदेशलाई प�रदर�शित र बन�द गर�छ\n"
+#~ "  -m, --md5\t\tले DES को सट�टामा MD5 प�रयोग गर�छ जब आपूर�ति भ�को\n"
+#~ "\t\t\tपासवर�डहरू ग�प�तिकृत भ�को ह�दैन\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "विकल�पहरू:\n"
+#~ "  -f, --force\t\t\tप�रयोगकर�ताले प�राप�त नगरेता पनि, फाइलहर�को हटाईमा जोड गर�दछ\n"
+#~ "  -h, --help\t\t\tयो मद�दत संदेशलाई प�रदर�शन गर�छ र बनद गर�दछ\n"
+#~ "  -r, --remove\t\t\tगृह डाइरेक�ट�री र मेल स�पूललाई हटाउ�छ \n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "उपयोग: अवधि {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: फाइल %s खोल�न सकि�न\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "उपयोग: groupdel समूह नाम\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "उपयोग: %s [-r] [-s] [group [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "उपयोग: %s [-r] [-s] [group]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s र -r मिल�दोज�ल�दो छैन\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "उपयोग: groupdel समूह नाम\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "उपयोग: groupdel समूह नाम\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: lastlog [options]\n"
+#~ "\n"
+#~ "विकल�पहरू:\n"
+#~ "  -b, --DAYS अगाडि\t DAYS भन�दा प�रानो अन�तिम लग रेकर�ड म�द�रण गर�दछ\n"
+#~ "  -h, --मद�दत\t\tयो मद�दत संदेशलाई प�रदर�शन गर�छ र बन�द गर�दछ\n"
+#~ "  -t, --समय DAYS\t DAYS भन�दा धेरै नविन अन�तिम लग रेकर�डहरू मात�र म�द�रण गर�दछ\n"
+#~ "  -u, --प�रयोगकर�ता LOGIN\t निर�दिष�ट गरि�को LOGIN संगै अन�तिम लग रेकर�डहरू म�द�रण "
+#~ "गर�दछ\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: पासवर�ड [विकल�पहरू] [लगइन]\n"
+#~ "\n"
+#~ "विकल�पहरू:\n"
+#~ "  -a, --सबै\t\t\t सबै खातामा पासवर�ड स�थिति प�रतिवेदन गर�दछ\n"
+#~ "  -d, --मेट�न�होस�\t\t\t नामकरण गरि�को खाताको लागि पासवर�ड मेट�दछ\n"
+#~ "  -e, --समाप�त ह�न�\t\t\t नामकरण गरि�को खाताको लागि पासवर�ड समाप�त गर�न जोड "
+#~ "गर�दछ\n"
+#~ "  -h, --मद�दत\t\t\t यो मद�दत संदेशलाई प�रदर�शन गर�दछ र बन�द गर�दछ\n"
+#~ "  -k, --टोकनहरू राख�न�होस�\t\tयदि समाप�त भ�मा मात�र पासवर�ड परिवर�तन गर�न�होस�\n"
+#~ "  -i, --निस�क�रिय INACTIVE\t समाप�ति पछ निस�क�रियमा निस�क�रिय पासवर�ड सेट गर�न�होस�\n"
+#~ "  -l, --ताल�चा मार�न�होस�\t\t\t नामकरण गरि�को खाता ताल�चा मार�न�होस�\n"
+#~ "  -n, --न�य�नतम दिनहरू MIN_DAYS\t ले MIN_DAYS मा पासवर�ड\n"
+#~ "\t\t\t\t परिवर�तन गर�न� अघि दिनहर�को न�य�नतम नम�बरलाई सेट गर�दछ\n"
+#~ "  -q, --अन�त�य गर�न�होस�\t\t\tअन�त�य मोड\n"
+#~ "  -r, --रेपोजिटरी REPOSITORY\t रेपोजिटरीमा पासवर�ड परिवर�तन गर�न�होस� "
+#~ "REPOSITORY \n"
+#~ "  -S, --वस�त�स�थिति\t\t\t नामकरण गरि�को खातामा पासवर�ड वस�त�स�थिति प�रतिवेदन गर�दछ\n"
+#~ "  -u, --अनलग गर�न�होस�\t\t\t नामकरण गरि�को खाता अनलग गर�न�होस�\n"
+#~ "  -w, --चेतावनी दिनहरू WARN_DAYS\t WARN_DAYS मा समाप�त भ�को चेतावनी दिनहरू सेट\n"
+#~ "\t\t\t\tगर�न�होस�\n"
+#~ "  -x, --अधिक�तम दिनहरू MAX_DAYS\t ले MAX_DAYS मा\n"
+#~ "\t\t\t\tपासवरड परिवर�तन गर�न� अघि दिनहर�को अधिक�तम नम�बरलाई सेट गर�दछ\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "उपयोग: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "उपयोग: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "उपयोग: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "उपयोग: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "अज�ञात id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "शेल होइन\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "विकल�पहरू:\n"
+#~ "  -f, --force\t\t\tप�रयोगकर�ताले प�राप�त नगरेता पनि, फाइलहर�को हटाईमा जोड गर�दछ\n"
+#~ "  -h, --help\t\t\tयो मद�दत संदेशलाई प�रदर�शन गर�छ र बनद गर�दछ\n"
+#~ "  -r, --remove\t\t\tगृह डाइरेक�ट�री र मेल स�पूललाई हटाउ�छ \n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: प�रयोगकर�ता %s हालै लग गरियो\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "उपयोगिता: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "विकल�पहरू:\n"
+#~ "  -a, --append GROUP\t\tबा�कि GROUP मा प�रयोगकर�ता थप गर�न�होस� \n"
+#~ "  -c, --comment COMMENT\t\t GECOS फा�टको नया� मान\n"
+#~ "  -d, --home HOME_DIR\t\tप�रयोगकर�ता खाताका लागि नया� गृह डाइरेक�टरी\n"
+#~ "  -e, --expiredate EXPIRE_DATE\tखाता म�याद समाप�ति EXPIRE_DATE मा सेट "
+#~ "गर�न�होस�\n"
+#~ "  -f, --inactive INACTIVE\tम�याद समाप�ति पछि पासवर�ड निस�क�रिय पार�न�होस�\n"
+#~ "\t\t\t\tto INACTIVE\n"
+#~ "  -g, --gid GROUP\t\t GROUP लाई नया� प�राथमिक समूहको र�पमा प�रयोग गर�न दवाद "
+#~ "दिन�होस�\n"
+#~ "  -G, --groups GROUPS\t\tबा�कि GROUPS को नया� सूची\n"
+#~ "  -h, --help\t\t\tयो मद�दत सन�देश प�रदर�शन गर�न�होस� र निस�कन�होस�\n"
+#~ "  -l, --login NEW_LOGIN\t\tलगइन नामको नया� मान\n"
+#~ "  -L, --lock\t\t\tप�रयोगकरता खाता ताल�चा मार�न�होस�\n"
+#~ "  -m, --move-home\t\tगृह डाइरेक�टरिको सामग�रिहरू नया� स�थानमा सार�न�होस� \n"
+#~ "\t\t\t\tlocation ( -d संग मात�रै प�रयोग गर�न�होस�)\n"
+#~ "  -o, --non-unique\t\tनक�कली प�रयोग गर�न अन�मति दिन�होस� (अमौलिक) UID\n"
+#~ "  -p, --password PASSWORD\tनया� पासवर�डका लागि ग�प�तिकृत प�रयोग गर�न�होस�\n"
+#~ "  -s, --shell SHELL\t\tप�रयोगकर�ता खाताका लागि नया� लगइन शेल\n"
+#~ "  -u, --uid UID\t\t\tप�रयोगकर�ता खाताका लागि नया� UID\n"
+#~ "  -U, --unlock\t\t\tप�रयोगकर�ता खाताको ताल�चा खोल�न�होस�\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: �ण�डाहरू दि�को छैन\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: vipw [options]\n"
+#~ "\n"
+#~ "विकल�पहरू:\n"
+#~ "  -g, --group\t\t\tसमूह डेटाबेस सम�पादन गर�दछ\n"
+#~ "  -h, --help\t\t\tयो मद�दत संदेशलाई प�रदर�शन गर�छ र बन�द गर�दछ\n"
+#~ "  -p, --passwd\t\t\tपासवर�ड डेटाबेस सम�पादन गर�दछ\n"
+#~ "  -q, --quiet \t\t\tअन�त�य मोड\n"
+#~ "  -s, --shadow\t\t\t स�याडो वा जि स�याडो डेटाबेस सम�पादन गर�दछ\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "उपयोग: %s [आगत]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: यो %s सिर�जना गर�न सकिदैन\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: स�वामित�व परिवर�तन गर�न सकिदैन %s\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: असफल लग [options]\n"
+#~ "\n"
+#~ "विकल�पहरू:\n"
+#~ "  -a, --सबै\t\t\t ले सबै प�रयोगकर�ताहर�को लागि असफल लगको रेकर�डहरू प�रदर�शन गर�दछ\n"
+#~ "  -h, --मद�दत\t\t\t ले यो मद�दत संदेशलाई प�रदर�शन गर�छ र बन�द गर�दछ\n"
+#~ "  -l, --ताल�चा मार�ने समय SEC\t\t ले SEC सेकेण�डमा लगइन लग खाता असफल भ�पछि \n"
+#~ "  -m, --अधिक�तम MAX\t\t ले अधिक�तम असफल लगइन काउन�टरहरू MAX मा सेट गर�दछ\n"
+#~ "  -r, --प�न:सेट गर�न�\t\t\t ले असफल लगइनहर�को काउन�टरलाई प�न:सेट गर�दछ\n"
+#~ "  -t, --समय DAYS\t\t ले समयको भन�दा धेरै नया� असफल लग रेकर�डहरू प�रदर�शन गर�दछ\n"
+#~ "  -u, --प�रयोगकर�ता LOGIN\t\t ले असफल लगइन प�रदर�शन गर�छ वा असफल काउन�टरहरू\n"
+#~ "\t\t\t\tर सीमाहरू (यदि -r, -m वा -l विकल�पहरू संगै प�रयोग भयो भने) मात�र संभार "
+#~ "गर�दछ\n"
+#~ "\t\t\t\tप�रयोगकर�ताको लागि LOGIN संगै \n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: groupadd [विकल�प] समूह\n"
+#~ "\n"
+#~ "विकल�पहरू:\n"
+#~ "  -f, --जोड दिन�होस�\t\t यदि निर�दिष�ट गरि�को छ भने सफल स�थिति सहित जोड दिन "
+#~ "बन�द \n"
+#~ "\t\t\t\tह�न�छ समूह पहिल�यै अवस�थित छ\n"
+#~ "  -g, --gid GID\t\tनया� समूहको लागि GID प�रयोग गर�न�होस�\n"
+#~ "  -h, --मद�दत\t\t\t ले यो मद�दत संदेशलाई प�रदर�शन गर�छ र बन�द गर�छ\n"
+#~ "  -K, --key KEY=VALUE\t\toverrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique\t\t ले नक�कली संगै समूह सिर�जना गर�न अन�मति दिन�छ\n"
+#~ "\t\t\t\t(non-unique) GID\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: groupadd [विकल�प] समूह\n"
+#~ "\n"
+#~ "विकल�पहरू:\n"
+#~ "  -f, --जोड दिन�होस�\t\t यदि निर�दिष�ट गरि�को छ भने सफल स�थिति सहित जोड दिन "
+#~ "बन�द \n"
+#~ "\t\t\t\tह�न�छ समूह पहिल�यै अवस�थित छ\n"
+#~ "  -g, --gid GID\t\tनया� समूहको लागि GID प�रयोग गर�न�होस�\n"
+#~ "  -h, --मद�दत\t\t\t ले यो मद�दत संदेशलाई प�रदर�शन गर�छ र बन�द गर�छ\n"
+#~ "  -K, --key KEY=VALUE\t\toverrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique\t\t ले नक�कली संगै समूह सिर�जना गर�न अन�मति दिन�छ\n"
+#~ "\t\t\t\t(non-unique) GID\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "उपयोग: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "विकल�पहरू:\n"
+#~ "  -b, --base-dir BASE_DIR\tनया� प�रयोगकर�ता खाताको लागि बेस डाइरेक�ट�री\n"
+#~ "\t\t\t\tगृह डाइरेक�ट�री\n"
+#~ "  -c, --comment COMMENT\t\tनया� प�रयोगकर�ता खाताको लागि GECOS फा�ट सेट गर�दछ\n"
+#~ "  -d, --home-dir HOME_DIR\t नया� प�रयोगकर�ता खाताको लागि गृह डाइरेक�ट�री\n"
+#~ "  -D, --defaults\t\tपरिमार�जित पूर�वनिर�धारित थप प�रयोगकर�ता म�द�रण गर�न�होस� वा "
+#~ "बचत\n"
+#~ "\t\t\t\tगर�न�होस� कनफिगरेसन\n"
+#~ "  -e, --expiredate EXPIRE_DATE\t ले EXPIRE_DATE मा खाता समाप�ति मिति सेट "
+#~ "गर�दछ\n"
+#~ "  -f, --inactive INACTIVE\tले मिति समाप�ति पछि पासवर�डलाई INACTIVE मा सेट "
+#~ "गर�दछ\n"
+#~ "  -g, --gid GROUP\t\tनया� प�रयोगकर�ता खाताको लागि GROUP प�रयोग गर�न जोड गर�दछ\n"
+#~ "  -G, --groups GROUPS\t\t नया�को लागि परिपूरक समूहहर�को सूचि\n"
+#~ "\t\t\t\tप�रयोगकर�ता खाता\n"
+#~ "  -h, --help\t\t\tयो मद�दत संदेशलाई प�रदर�शन गर�छ र बन�द गर�दछ\n"
+#~ "  -k, --skel SKEL_DIR\t\t�उटा वैकल�पिक स�केल डाइरेक�ट�री निर�दिष�ट गर�न�होस�\n"
+#~ "  -K, --key KEY=VALUE\t\t /etc/login.defs पूर�वनिर�धारणहरू अधिलेखन गर�दछ\n"
+#~ "  -m, --create-home\t\tनया� प�रयोगकर�ताको लागि गृह डाइरेक�ट�री सिर�जना गर�दछ\n"
+#~ "\t\t\t\tखाता\n"
+#~ "  -o, --non-unique\t\tनक�कली संग प�रयोगकर�ता सिर�जना गर�न अन�मति दिन�छ\n"
+#~ "\t\t\t\t(non-unique) UID\n"
+#~ "  -p, --password PASSWORD\t नया� प�रयोगकर�ताको लागि ग�प�तिकृत पासवर�ड प�रयोग "
+#~ "गर�दछ\n"
+#~ "\t\t\t\tखाता\n"
+#~ "  -s, --shell SHELL\t\t नया� प�रयोगकर�ता खाताको लागि लगइन शेल\n"
+#~ "  -u, --uid UID\t\t\t नया� प�रयोगकर�ता खाताको लागि UID प�रयोग गर�न जोड दिन�छ\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "समाप�तिलाई पासवर�ड सेट गरियो ।"
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: पासवर�ड फाइलमा ताल�चा मार�न सकिदैन\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: पासवर�ड फाइल खोल�न सकि�न\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: स�याडो पासवर�ड फाइल ताल�चा मार�न सकि�न\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: स�याडो पासवर�ड फाइल खोल�न सकि�न\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: स�याडो पासवर�ड फाइल प�न:लेखन गर�न सकि�न\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: पासवर�ड फाइल प�न:लेखन गर�न सकि�न\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: स�याडो पासवर�ड फाइल अद�यावधिक गर�न सकि�न\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tपूरा नाम: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tकोठा नम�बर: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tकार�य फोन: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tगृह फोन: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "पासवर�ड फाइल ताल�चा मार�न सकि�न; फेरी पछि प�रयास गर�न�होस� ।\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "पासवर�ड फाइल खोल�न सकि�न ।\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "पासवर�ड प�रविष�टिमा त�र�टि अद�यावधिक गरिदैछ ।\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "पासवर�ड फाइल परिवर�तनहरू कमिट गर�न� सकि�न ।\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "पासवर�ड फाइलबाट ताल�चा हटाउन सकिदैन ।\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: समूह फाइल ताल�चा मार�न सकिदैन\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: समूह फाइल खोल�न सकिदैन\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: जि स�याडो फाइल ताल�चा मार�न सकि�न\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: स�याडो फाइल खोल�न सकि�न\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: स�याडो फाइल अद�यावधिक गर�दा त�र�टि\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: समूह प�रविष�टि अद�यावधिक गर�दा त�र�टि\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: रेखा %d: अज�ञात समूह %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: रेखा %d: प�रविष�टि अद�यावधिक गर�न सकि�न\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: स�याडो फाइल ताल�चा मार�न सकि�न\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: स�याडो फाइल अद�यावधिक गर�दा त�र�टि\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: पासवर�ड फाइल अद�यावधिक गर�दा त�र�टि\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: रेखा %d: अज�ञात प�रयोगकर�ता %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: रेखा %d: पासवर�ड प�रविष�टि अद�यावधिक गर�न सकिदैन\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: अज�ञात प�रयोगकर�ता\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "अज�ञात प�रयोगकर�ता: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "उपयोग: %s [-r|-R] समूह\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "       %s [-�उटा प�रयोगकर�ता] समूह\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "       %s [-d प�रयोगकर�ता] समूह\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "       %s [-A प�रयोगकर�ता,...] [-M प�रयोगकर�ता,...] समूह\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "       %s [-M प�रयोगकर�ता,...] समूह\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: ताल�चा प�राप�त गर�न सकि�न\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: स�याडो ताल�चा प�राप�त गर�न सकि�न\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: फाइल खोल�न सकि�न\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: स�याडो फाइल प�न:लेखन गर�न सकि�न\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: फाइल अनलग गर�न सकि�न\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: प�रविष�टि अद�यावधिक गर�न सकि�न\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: स�याडो प�रविष�टि अद�यावधिक गर�न सकि�न\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "अज�ञात समूह: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: फाइल खोल�न सकि�न\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: स�याडो फाइल खोल�न सकि�न\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "तपाई� को हो ?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: अज�ञात सदस�य %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: नया� समूह प�रविष�टि थप गर�दा त�र�टि\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: समूह फाइल प�न:लेखन गर�न सकि�न\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: स�याडो समूह फाइल प�न:लेखन गर�न सकि�न\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: समूह फाइल ताल�चा मार�न असक�षम भयो\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: समूह फाइल खोल�न असक�षम भयो\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: स�याडो समूह फाइल ताल�चा मार�न असफल भयो\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: स�याडो समूह फाइल खोल�न असक�षम भयो\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u अद�वितिय होइन\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: समूह प�रविष�टि हटाउ�दा त�र�टि\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: स�याडो समूह प�रविष�टि हटाउ�दा त�र�टि\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: प�रयोगकर�ताको प�राइमेरी समूह हटाउन सकि�न ।\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: PAM आधिकरण असफल भयो\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s: समूह फाइल ताल�चा मार�न असक�षम भयो\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s: समूह फाइल खोल�न सकिदैन\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s /etc/group मा फेला परेन\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u अद�वितिय GID होइन\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s अद�वितिय नाम होइन\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: पासवर�ड फाइल प�न:लेखन गर�न सकि�न\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: पासवर�ड फाइल ताल�चा मार�न असक�षम छ\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: पासवर�ड फाइल खोल�न असक�षम भयो\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: यस %s का लागि स�याडो प�रविष�टि अद�यावधिक गर�न सकि�न\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: यस %s समूहका लागि प�रविष�टि अद�यावधिक गर�न सकि�न\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: स�याडो समूह फाइल ताल�चा मार�न सकिदैन\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: स�याडो समूह फाइल खोल�न सकि�न\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: स�याडो समूह %s हटाउन सकि�न\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: स�याडो समूह फाइल अद�यावधिक गर�न सकि�न\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: स�याडो समूह फाइल मेट�न सकि�न\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "अज�ञात UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "अज�ञात GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: समूह %s अवस�थित छैन\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: प�रयोगकर�ता %s अवस�थित छैन\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: अवैध प�रयोगकर�ता नाम '%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: /etc/passwd ताल�चा मार�न सकि�न ।\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: /etc/passwd ताल�चा मार�न सकि�न ।\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: /etc/passwd ताल�चा मार�न सकि�न ।\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: /etc/passwd ताल�चा मार�न सकि�न ।\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: फाइलहरू खओल�न सकि�न\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: फाइलहरू अद�यावधिक गर�दा त�र�टि\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: %s को लागि पासवर�ड प�रविष�टि अद�यावधिक गर�न सकि�न\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: पासवर�ड फाइल ताल�चा मार�न सकि�न\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: पासवर�ड फाइल खोल�न सकि�न\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: यो %s का लागि स�याडो प�रविष�टि हटाउन सकि�न\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: पासवर�ड फाइल अद�यावधिक ह�न सकेन\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: प�रयोगकर�ता %s का लागि प�रविष�टि अद�यावधिक गर�न सकि�न\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: स�याडो पासवर�ड फाइल मेट�न सकि�न\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: अज�ञात GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: अज�ञात समूह %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: gshadow_group मा स�मृति भन�दा बाहिर\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: पासवर�ड फाइल प�न:लेखन गर�न सकि�न\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: स�याडो पासवर�ड फाइल प�न:लेखन गर�न सकि�न\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: स�याडो पासवर�ड फाइल ताल�चा मार�न सकि�न\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: स�याडो पासवर�ड फाइल खोल�न सकि�न\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: समूह फाइल ताल�चा मार�दा त�र�टि\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: समूह फाइल खोल�दा त�र�टि\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: स�याडो समूह फाइल ताल�चा मार�दा त�र�टि\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: स�याडो समूह फाइल खोल�दा त�र�टि\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: नया� पासवर�ड प�रविष�टि थप�दा त�र�टि\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: नया� स�याडो पासवर�ड प�रविष�टि थप�दा त�र�टि\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: चेतावनी: CREATE_HOME समर�थित छैन, कृपया सट�टामा -m प�रयोग गर�न�होस� ।\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: समूह प�रविष�टि अद�यावधिक गर�दा त�र�टि\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: समूह प�रविष�टि अद�यावधिक गर�दा त�र�टि\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: समूह फाइल खोल�न सकिदैन\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: स�याडो समूह फाइल खोल�न सकिदैन\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: पासवर�ड प�रविष�टि मेट�दा त�र�टि\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: स�याडो पासवर�ड प�रविष�टि मेट�दा त�र�टि\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: नया� समूह प�रविष�टि थप गर�दा त�र�टि\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu अद�वितिय होइन\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: पासवर�ड प�रविष�टि परिवर�तन गर�दा त�र�टि\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: पासवर�ड प�रविष�टि हटाउ�दा त�र�टि\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: स�याडो पासवर�ड प�रविष�टि हटाउ�दा त�र�टि\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: अद�वितिय GID प�राप�त गर�न सकि�न\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr "'%'.200s' बाट %.100s'मा"
+
+#~ msgid " on '%.100s'"
+#~ msgstr "'%.100s' मा"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: रेखा %d: UID सिर�जना गर�न सकि�न\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: नाम %s अद�वितिय होइन\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "उपयोग: पासवर�ड परिवर�तन गर�न�होस� [options]\n"
+#~ "\n"
+#~ "विकल�पहरू:\n"
+#~ "  -e, --ग�प�तिकृत\tआपूर�ति भ�का पासवर�डहरू ग�प�तिकृत छन\n"
+#~ "  -h, --मद�दत\t\tले यो मद�दत संदेशलाई प�रदर�शित र बन�द गर�छ\n"
+#~ "  -m, --md5\t\tले DES को सट�टामा MD5 प�रयोग गर�छ जब आपूर�ति भ�को\n"
+#~ "\t\t\tपासवर�डहरू ग�प�तिकृत भ�को ह�दैन\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "पासवर�ड फाइल होइन\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "माफ दिन�होस� ।\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "माफ दिन�होस�, %s को लागि अहिले पासवर�ड परिवर�तन गर�न सकिदैन ।\n"
+
+#~ msgid "Sorry."
+#~ msgstr "माफ गर�न�होस�।"
diff --git a/po/nl.po b/po/nl.po
new file mode 100644
index 0000000..6cbabdd
--- /dev/null
+++ b/po/nl.po
@@ -0,0 +1,3731 @@
+# dutch po-file for shadow
+# Copyright (C) 2004 Free Software Foundation, Inc.
+# Bart Cornelis <cobaco@linux.be>, 2004, 2006.
+# Frans Spiesschaert <Frans.Spiesschaert@yucom.be>, 2014.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2012-05-20 19:52+0200\n"
+"PO-Revision-Date: 2014-11-15 00:03+0100\n"
+"Last-Translator: Frans Spiesschaert <Frans.Spiesschaert@yucom.be>\n"
+"Language-Team: Debian Dutch l10n Team <debian-l10n-dutch@lists.debian.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.3.1\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"In %s staan meerdere regels met als naam '%s'. Gelieve dit met pwck of grpck "
+"te repareren.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "niet door libcrypt ondersteunde encryptiemethode? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "configuratiefout - kan waarde %s niet ontleden: '%s'"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Kon geen ruimte toewijzen voor de configuratie-info.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"configuratiefout - onbekend item '%s' (waarschuw een systeembeheerder)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd werd niet normaal beëindigd (signaal %d)\n"
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd sloot af met satus %d\n"
+
+msgid "Password: "
+msgstr "Wachtwoord: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Wachtwoord van %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "Kan geen instrument voor SELinux-beheer creëren\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "SELinux-beleid wordt niet beheerd\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "Kan het gebied met het SELinux-beleid niet lezen\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "Kan geen verbinding leggen om SELinux te beheren\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "Kan de SELinux-transactie niet beginnen\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "Kon de seuser van %s niet opvragen\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "Kon de serange van %s niet instellen\n"
+
+#, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Kon de sename van %s niet instellen\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Kon de aanmeldkoppeling van %s niet veranderen\n"
+
+#, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Kan voor %s geen SELinux-aanmeldkoppeling maken\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Kon voor %s geen naam instellen\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "Kon voor %s geen SELinuxgebruiker instellen\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Kon voor %s geen aanmeldkoppeling toevoegen\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "Kan SELinuxbeheer niet initialiseren\n"
+
+#, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "Kan de gebruikerssleutel voor SELinux niet aanmaken\n"
+
+#, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "Kan de SELinuxgebruiker niet verifiëren\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "Kon de gebruikerskoppeling in SELinux niet veranderen\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "Kan in SELinux geen gebruikerskoppeling toevoegen\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "Kan de SELinux-transactie niet vastleggen\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"Geen aanmeldkoppeling gedefinieerd voor %s. OK als de standaardkoppeling "
+"gebruikt werd\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+"Aanmeldkoppeling van %s werd in het beleid gedefinieerd en kan niet gewist "
+"worden\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Kon de aanmeldkoppeling van %s niet wissen"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: onvoldoende geheugen\n"
+
+#, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: kan de status niet opvragen van %s: %s\n"
+
+#, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s is geen map en ook geen symbolische koppeling.\n"
+
+#, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: kan symbolische koppeling %s niet lezen: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: verdacht lange symbolische koppeling: %s\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: kan map %s niet aanmaken: %s\n"
+
+#, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: kan eigenaar van %s niet wijzigen: %s\n"
+
+#, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: kan modus van %s niet wijzigen: %s\n"
+
+#, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: ontkoppelen: %s: %s\n"
+
+#, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: kan map %s niet verwijderen: %s\n"
+
+#, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: kan %s niet hernoemen naar %s: %s\n"
+
+#, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: kan %s niet verwijderen: %s\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: kan symbolische koppeling %s niet aanmaken: %s\n"
+
+#, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: kan eigenaars van %s niet wijzigen: %s\n"
+
+#, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: kan status van symbolische koppeling %s niet opvragen: %s\n"
+
+#, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: waarschuwing: gebruiker %s heeft geen tcb-schaduwbestand.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: noodsituatie: het tcb-schaduwbestand van %s is geen gewoon bestand met "
+"st_nlink=1.\n"
+"Het account is vergrendeld gebleven.\n"
+
+#, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: kan bestand %s niet openen: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Waarschuwing: onbekende groep %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Waarschuwing: te veel groepen\n"
+
+msgid "Your password has expired."
+msgstr "Uw wachtwoord is vervallen."
+
+msgid "Your password is inactive."
+msgstr "Uw wachtwoord is niet actief."
+
+msgid "Your login has expired."
+msgstr "Uw gebruikersnaam is vervallen."
+
+msgid "  Contact the system administrator."
+msgstr "  Neem contact op met de systeembeheerder."
+
+msgid "  Choose a new password."
+msgstr "  Kies een nieuw wachtwoord."
+
+msgid "You must change your password."
+msgstr "U moet uw wachtwoord veranderen."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Uw wachtwoord vervalt binnen %ld dagen.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Uw wachtwoord vervalt morgen."
+
+msgid "Your password will expire today."
+msgstr "Uw wachtwoord vervalt vandaag."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Kan auditinterface niet openen - er wordt gestopt.\n"
+
+#, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Kan eigenaar of modus van tty stdin niet veranderen: %s"
+
+#, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: ontgrendelen van %s is mislukt\n"
+
+#, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Omgeving wordt te groot\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "U mag $%s niet veranderen\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d mislukte poging sinds u zich de laatste keer aanmeldde.\n"
+"Die mislukte poging %s was op %s.\n"
+msgstr[1] ""
+"%d mislukte pogingen sinds u zich de laatste keer aanmeldde.\n"
+"De laatste mislukte poging %s was op %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: ongeldige configuratie: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: ongeldige configuratie: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: toewijzen van geheugen is mislukt: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: kan geen uniek systeem-GID verkrijgen (er zijn geen GID's meer "
+"beschikbaar)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr ""
+"%s: kan geen uniek GID verkrijgen (er zijn geen GID's meer beschikbaar)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: ongeldige configuratie: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: ongeldige configuratie: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: kan geen uniek systeem-UID verkrijgen (er zijn geen UID's meer "
+"beschikbaar)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr ""
+"%s: kan geen uniek UID verkrijgen (er zijn geen UID's meer beschikbaar)\n"
+
+msgid "Too many logins.\n"
+msgstr "Te veel aanmeldingen.\n"
+
+msgid "You have new mail."
+msgstr "U heeft nieuwe e-mail ontvangen."
+
+msgid "No mail."
+msgstr "Geen e-mail."
+
+msgid "You have mail."
+msgstr "U heeft e-mail."
+
+msgid "no change"
+msgstr "geen veranderingen"
+
+msgid "a palindrome"
+msgstr "een palindroom"
+
+msgid "case changes only"
+msgstr "enkel veranderingen van grote naar kleine letters (of omgekeerd)"
+
+msgid "too similar"
+msgstr "te gelijkaardig"
+
+msgid "too simple"
+msgstr "te simpel"
+
+msgid "rotated"
+msgstr "geroteerd"
+
+msgid "too short"
+msgstr "te kort"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Slecht wachtwoord: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() is mislukt, fout %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "passwd: wachtwoord is niet veranderd\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: wachtwoord is met succes aangepast\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Onjuist wachtwoord voor %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: meerdere --root-opties\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: optie '%s' vereist een argument\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: afgeven van rechten is mislukt (%s)\n"
+
+#, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: ongeldig chroot-pad '%s'\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: krijg geen toegang tot chroot-map %s: %s\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: chroot naar map %s lukt niet: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Ongeldige ENCRYPT_METHOD-waarde: '%s'.\n"
+"Terugvallen op standaard DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Kan niet van map veranderen (cd) naar '%s'\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Geen thuismap, er wordt aangemeld met HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Kan %s niet uitvoeren"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Ongeldige basismap '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Kan de basismap niet veranderen naar '%s'\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Kan de naam van uw tty niet bepalen."
+
+#| msgid "No\n"
+msgid "No"
+msgstr "Nee"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] LOGIN\n"
+"\n"
+"Opties:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+"  -d, --lastday LAATSTE_DAG     stel datum van laatste wachtwoordwijziging\n"
+"                                in op LAATSTE_DAG\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -E, --expiredate VERVAL_DATUM stel account-vervaldag in op VERVAL_DATUM\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr "  -h, --help                    toon deze hulptekst en sluit af\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive INACTIEF       stel na het verlopen van het wachtwoord de\n"
+"                                niet-actieve periode ervan in op INACTIEF\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+"  -l, --list                    toon informatie over veroudering van "
+"accounts\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays MIN_DAYS        stel het minimum aantal dagen vooraleer het\n"
+"                                wachtwoord gewijzigd mag worden in op "
+"MIN_DAYS\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays MAX_DAYS        stel het maximum aantal dagen vooraleer een\n"
+"                                wachtwoordwijziging moet gebeuren in op "
+"MAX_DAYS\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -R, --root CHROOT_MAP         basismap voor chroot\n"
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -W, --warndays WARN_DAYS      stel het aantal waarschuwingsdagen voor "
+"het \n"
+"                                vervallen van het wachtwoord in op "
+"WARN_DAYS\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Voer de nieuwe waarde in of druk op Enter voor de standaardwaarde"
+
+msgid "Minimum Password Age"
+msgstr "Minimumleeftijd voor wachtwoord"
+
+msgid "Maximum Password Age"
+msgstr "Maximumleeftijd voor wachtwoord"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Laatste wachtwoordverandering (JJJJ-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Waarschuwing voor wachtwoordverval"
+
+msgid "Password Inactive"
+msgstr "Wachtwoord niet actief"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Vervaldatum van account (JJJJ-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Laatste wachtwoordverandering\t\t\t\t: "
+
+msgid "never"
+msgstr "nooit"
+
+msgid "password must be changed"
+msgstr "wachtwoord moet veranderd worden"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Wachtwoord vervalt\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Wachtwoord niet actief\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Account vervalt\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Minimum aantal dagen tussen wachtwoordwijzigingen\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Maximum aantal dagen tussen wachtwoordwijzigingen\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Aantal waarschuwingsdagen voor wachtwoordverval\t\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: ongeldige datum '%s'\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: ongeldig numeriek argument '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: gebruik \"-l\" niet samen met andere opties\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: toegang geweigerd.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: kan uw gebruikersnaam niet bepalen.\n"
+
+#, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: kan %s niet vergrendelen; probeer het later nog eens.\n"
+
+#, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: kan %s niet openen\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr ""
+"%s: er trad een fout op tijdens het wegschrijven van veranderingen naar %s\n"
+
+#, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: voorbereiden van het nieuwe %s-element '%s' is mislukt\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: het schaduwwachtwoordenbestand is afwezig\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: gebruiker '%s' bestaat niet in %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Verouderingsinformatie voor %s wordt aangepast\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: fout bij het aanpassen van de velden\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] [LOGIN]\n"
+"\n"
+"Opties:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+"  -f, --full-name VOLLEDIGE_NAAM  wijzig de volledige naam van de gebruiker\n"
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+"  -h, --home-phone TEL_THUIS    wijzig het thuistelefoonnummer van de "
+"gebruiker\n"
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+"  -o, --other OVERIGE_INFO      wijzig de overige GECOS-informatie van de "
+"gebruiker\n"
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+"  -r, --room KAMER_NUMMER       verander het kamernummer van de gebruiker\n"
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr "  -u, --help                    toon deze hulptekst en sluit af\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+"  -w, --work-phone TEL_WERK     wijzig het kantoortelefoonnummer van de "
+"gebruiker\n"
+
+msgid "Full Name"
+msgstr "Volledige naam"
+
+#, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Kamernummer"
+
+msgid "Work Phone"
+msgstr "Telefoon werk"
+
+msgid "Home Phone"
+msgstr "Telefoon thuis"
+
+msgid "Other"
+msgstr "Varia"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Kan ID niet veranderen naar root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: naam bevat niet-ASCII tekens: '%s'\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: ongeldige naam: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: kamernummer bevat niet-ASCII tekens: '%s'\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: ongeldig kamernummer: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: '%s' voor 'telefoon werk' is ongeldig\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: '%s' voor 'telefoon thuis' is ongeldig\n"
+
+#, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' bevat niet-ASCII tekens\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' bevat ongeldige tekens\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: gebruiker '%s' bestaat niet\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: kan gebruiker '%s' niet veranderen op NIS-client.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' is de NIS-master voor deze client.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "De gebruikersinformatie over %s wordt veranderd\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: velden zijn te lang\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties]\n"
+"\n"
+"Opties:\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method METHODE    de encryptiemethode (een van %s)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+"  -e, --encrypted               ingevoerde wachtwoorden worden versleuteld\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     versleutel het wachtwoord in klare tekst\n"
+"                                met het MD5-algoritme\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"  -s, --sha-rounds              aantal SHA-rondes voor de SHA*\n"
+"                                encryptie-algoritmes\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: optie %s is enkel toegelaten in combinatie met de optie %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: de opties -c, -e, en -m zijn exclusief\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: niet-ondersteunde encryptiemethode: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: regel %d: regel is te lang\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: regel %d: nieuw wachtwoord ontbreekt\n"
+
+#, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: regel %d: groep '%s' bestaan niet\n"
+
+#, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: regel %d: kon het nieuwe %s-item '%s' niet voorbereiden\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: fout gevonden, aanpassingen genegeerd\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (regel %d, gebruiker %s) wachtwoord niet gewijzigd\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: regel %d: gebruiker '%s' bestaat niet\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+"  -s, --shell SHELL             nieuwe aanmeld-shell voor het "
+"gebruikersaccount\n"
+
+msgid "Login Shell"
+msgstr "Aanmeld-shell"
+
+#, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "U mag de shell voor '%s' niet aanpassen.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "De aanmeld-shell voor %s wordt aangepast\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: ongeldig element: %s\n"
+
+#, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s is geen geldige shell\n"
+
+#, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: waarschuwing: %s bestaat niet\n"
+
+#, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: waarschuwing: %s is niet uitvoerbaar\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+"  -c, --check                   controleer de wachtwoordvervaldatum van "
+"gebruiker\n"
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+"  -f, --force                   verplicht wachtwoordwijziging als het\n"
+"                                wachtwoord van gebruiker vervallen is\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: opties %s en %s zijn strijdig\n"
+
+#, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: onverwachte parameter: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+"  -a, --all                     toon aanmeldfouten van alle gebruikers\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-secs SEC           vergrendel het account gedurende SEC "
+"seconden\n"
+"                                na een mislukte aanmelding\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum MAX             stel maximum aantal toegelaten mislukte\n"
+"                                aanmeldingen in op MAX\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+"  -r, --reset                   stel tellers van mislukte aanmeldingen\n"
+"                                terug op nul\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time DAGEN              toon aanmeldfouten recenter dan DAGEN\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user GEBRUIKER/BEREIK   toon aanmeldfouten of beheer tellers en "
+"limieten\n"
+"                                van mislukte aanmeldingen (indien "
+"gecombineerd\n"
+"                                met -r, -m of -l) voor de gegeven GEBRUIKERS"
+"(s)\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: kon regel betreffende UID %lu niet opvragen\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Gebruiker Mislukkingen Maximum Laatste                Op\n"
+
+#, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lus over]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds grendel]"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr ""
+"%s: terugzetten van teller van mislukte aanmeldingen mislukt voor UID %lu\n"
+
+#, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: instellen van een maximum voor UID %lu is mislukt\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: kan vergrendelingstijd voor UID %lu niet instellen\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: onbekende gebruiker of bereik: %s\n"
+
+#, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: kan grootte van %s niet opvragen: %s\n"
+
+#, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: wegschrijven van %s is mislukt: %s\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [optie] GROEP\n"
+"\n"
+"Opties:\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add GEBRUIKER           voeg GEBRUIKER toe aan GROEP\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete GEBRUIKER        verwijder GEBRUIKER uit GROEP\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -Q, --root CHROOT_DIR         basismap voor chroot\n"
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr "  -r, --remove-password         verwijder het wachtwoord van GROEP\n"
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+"  -R, --restrict                beperk toegang tot GROEP tot zijn leden\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr "  -M, --members GEBRUIKER       stel de ledenlijst van GROEP in\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators ADMIN,...\n"
+"                                stel de lijst in van beheerders van GROEP\n"
+
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+"Opties kunnen niet gecombineerd worden, met uitzondering van de opties -A en "
+"-M.\n"
+
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "De opties kunnen niet gecombineerd worden.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: schaduwgroepswachtwoorden zijn vereist voor -A\n"
+
+#, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: groep '%s' bestaan niet in %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: fout bij het sluiten van alleen-lezen %s\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Het wachtwoord van groep %s wordt veranderd\n"
+
+msgid "New Password: "
+msgstr "Nieuw wachtwoord: "
+
+msgid "Re-enter new password: "
+msgstr "Nieuw wachtwoord bevestigen: "
+
+msgid "They don't match; try again"
+msgstr "Wachtwoorden komen niet overeen; probeer het nog eens"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: U kunt het later nog eens proberen\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Gebruiker %s wordt toegevoegd aan groep %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Gebruiker %s wordt verwijderd uit groep %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: gebruiker '%s' is geen lid van '%s'\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Is geen tty\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] GROEP\n"
+"\n"
+"Opties:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force                   sluit met succes af als de groep al "
+"bestaat,\n"
+"                                en annuleer -g als de GID al in gebruik is\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr "  -g, --gid GID                 gebruik GID voor de nieuwe groep\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+"  -K, --key SLEUTEL=WAARDE      overschrijf de standaarden uit /etc/login."
+"defs\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              sta het aanmaken van groepen met een "
+"identiek\n"
+"                                (niet-uniek) GID toe\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+"  -p, --password WACHTWOORD     gebruik dit versleuteld wachtwoord\n"
+"                                voor de nieuwe groep\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  maak een systeem-account aan\n"
+
+#, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: '%s' is geen geldige groepsnaam\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: ongeldige groeps-ID '%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K vereist SLEUTEL=WAARDE\n"
+
+#, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: groep '%s' bestaat reeds\n"
+
+#, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID '%lu' bestaat reeds\n"
+
+#, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: kan opschoningsdienst niet instellen.\n"
+
+#, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: kan item '%s' uit %s niet verwijderen\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: kan de primaire groep van gebruiker '%s' niet verwijderen\n"
+
+#, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: groep '%s' bestaan niet\n"
+
+#, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: groep '%s' is een NIS-groep\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s is de NIS-master\n"
+
+#, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: gebruiker '%s' is reeds lid van '%s'\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: onvoldoende geheugen. Kan %s niet bijwerken.\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] [actie]\n"
+"\n"
+"Opties:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group groepsnaam        wijzig de groepsnaam in plaats van de groep\n"
+"                                van de gebruiker (uitsluitend "
+"systeembeheerder)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Acties:\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr "  -a, --add gebruikersnaam      voeg gebruikersnaam toe aan de groep\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+"  -d, --delete gebruikersnaam   verwijder gebruikersnaam uit de groep\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr "  -p, --purge                   verwijder alle leden uit de groep\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    toon de leden van de groep\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: uw groepsnaam komt niet overeen met uw gebruikersnaam\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: enkel de systeembeheerder kan de optie -g/--group gebruiken\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr "  -g, --gid GID                 verander het groeps-ID naar GID\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr "  -n, --new-name NIEUWE_GROEP   verander de naam in NIEUWE_GROEP\n"
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              sta gebruik van een identiek (niet-uniek) "
+"GID toe\n"
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+"  -p, --password WACHTWOORD     verander het wachtwoord naar dit "
+"(versleuteld)\n"
+"                                WACHTWOORD\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: ongeldige groepsnaam '%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: groep %s is een NIS-groep\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: onbekende gebruiker %s\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] [group [gshadow]]\n"
+"\n"
+"Opties:\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] [group]\n"
+"\n"
+"Opties:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+"  -r, --read-only               toon fouten en waarschuwingen\n"
+"                                maar verander bestanden niet\n"
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr "  -s, --sort                    sorteer elementen volgens UID\n"
+
+#, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s en -r zijn niet compatibel\n"
+
+msgid "invalid group file entry"
+msgstr "ongeldige regel in het bestand group"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "regel '%s' verwijderen?"
+
+msgid "duplicate group entry"
+msgstr "identiek element in het bestand group"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "ongeldige groepsnaam '%s'\n"
+
+#, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "ongeldig groeps-ID '%lu'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "groep %s: geen gebruiker %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "lid '%s' verwijderen? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "geen element in %s dat overeenkomt met dat in het bestand group\n"
+
+#, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "groep '%s' toevoegen in %s?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"groep %s heeft een regel in %s, maar het wachtwoordveld in %s is niet 'x'\n"
+
+msgid "invalid shadow group file entry"
+msgstr "ongeldig element in het schaduwgroepsbestand"
+
+msgid "duplicate shadow group entry"
+msgstr "identiek element in schaduwgroepsbestand"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "schaduwgroep %s: geen gebruiker %s met systeembeheerdersrechten \n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "over systeembeheerdersrechten beschikkende gebruiker '%s' verwijderen?"
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "schaduwgroep %s: geen gebruiker %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: de bestanden zijn bijgewerkt\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: geen aanpassingen\n"
+
+#, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: kan %s niet verwijderen\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Gebruik: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Gebruik: id\n"
+
+msgid " groups="
+msgstr " groepen="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+"  -b, --before DAGEN            toon enkel informatie uit lastlog ouder dan "
+"DAGEN\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time DAYS               toon enkel informatie uit lastlog recenter "
+"dan DAGEN\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+"  -u, --user GEBRUIKER          toon informatie uit lastlog over GEBRUIKER\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "Gebruikersnaam   Poort    Vanaf            Laatste"
+
+msgid "Username                Port     Latest"
+msgstr "Gebruikersnaam          Poort    Laatste"
+
+msgid "**Never logged in**"
+msgstr "**Heeft zich nog nooit aangemeld**"
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Gebruik: %s [-p] [naam]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h computer] [-f naam]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r computer\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "configuratiefout - kan waarde %s niet ontleden: '%d'"
+
+msgid "Invalid login time"
+msgstr "Ongeldig aanmeldtijdstip"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Systeem gesloten wegens routineonderhoud"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Verbinding verbreken omzeild -- aanmelden van root is toegelaten.]"
+
+#, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Aanmelding is na %u seconden verlopen.\n"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Kan mogelijk niet functioneren zonder effectieve root\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Er is geen utmp-item. U dient \"login\" uit te voeren vanaf het laagste "
+"niveau \"sh\""
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "aanmelding: PAM-fout, er wordt afgebroken: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s gebruikersnaam: "
+
+msgid "login: "
+msgstr "gebruikersnaam: "
+
+#, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Maximaal aantal pogingen overschreden (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "aanmelding: afgebroken op verzoek van PAM\n"
+
+msgid "Login incorrect"
+msgstr "Gebruikersnaam is onjuist"
+
+#, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "Kan gebruiker (%s) niet vinden\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s gebruikersnaam: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: nieuw proces beginnen is mislukt: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY is mislukt op %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+"Waarschuwing: aanmelden is opnieuw geactiveerd na tijdelijke uitsluiting."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Laatst aangemeld: %s om %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Laatst aangemeld: %.19s om %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " vanaf %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"aanmeldtijd overschreden\n"
+"\n"
+
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Gebruik: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Gebruik: newgrp [-] [groep]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Gebruik: sg groep [[-c] commando]\n"
+
+msgid "Invalid password.\n"
+msgstr "Ongeldig wachtwoord.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: nieuw proces beginnen is mislukt: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID '%lu' bestaat niet\n"
+
+msgid "too many groups\n"
+msgstr "te veel groepen\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  maak systeem-accounts aan\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: groep '%s' is een shaduwgroep, maar bestaat niet in /etc/group\n"
+
+#, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: ongeldig gebruikers-ID '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: ongeldige gebruikersnaam '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: regel %d: ongeldige regel\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: kan gegevens over gebruiker %s niet bijwerken (niet in de passwd-"
+"database)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: regel %d: kan de gebruiker niet aanmaken\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: regel %d: kan de groep niet aanmaken\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: regel %d: gebruiker '%s' bestaat niet in %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: regel %d: kan wachtwoord niet bijwerken\n"
+
+#, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: regel %d: mkdir %s is mislukt: %s\n"
+
+#, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: regel %d: chown %s is mislukt: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: regel %d: kan element niet bijwerken\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+"  -a, --all                     geef wachtwoordstatus voor alle accounts\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+"  -d, --delete                  verwijder het wachtwoord van het gegeven "
+"account\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  forceer vervallen wachtwoord voor gegeven "
+"account\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+"  -k, --keep-tokens             wijzig wachtwoord enkel indien vervallen\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive INACTIEF       stel na het vervallen van het wachtwoord de\n"
+"                                niet-actieve periode ervan in op INACTIEF\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+"  -l, --lock                    vergrendel het wachtwoord van het gegeven "
+"account\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays MIN_DAYS        stel het minimum aantal dagen vooraleer het\n"
+"                                wachtwoord gewijzigd mag worden in op "
+"MIN_DAYS\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   stille modus\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+"  -r, --repository DEPOT        wijzig wachtwoord in opslagplaats DEPOT\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+"  -S, --status                  toon wachtwoordstatus voor het gegeven "
+"account\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+"  -u, --unlock                  ontgrendel het wachtwoord van het gegeven "
+"account\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -w, --warndays WARN_DAYS      stel het aantal waarschuwingsdagen voor "
+"het \n"
+"                                vervallen van het wachtwoord in op "
+"WARN_DAYS\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays MAX_DAYS        stel het maximum aantal dagen vooraleer een\n"
+"                                wachtwoordwijziging moet gebeuren in op "
+"MAX_DAYS\n"
+
+msgid "Old password: "
+msgstr "Oud wachtwoord: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Voer het nieuwe wachtwoord in (minimaal %d tekens)\n"
+"Gebruik een combinatie van grote en kleine letters en cijfers.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Voer het nieuwe wachtwoord in (minimaal %d en maximaal %d tekens)\n"
+"Gebruik een combinatie van grote en kleine letters en cijfers.\n"
+
+msgid "New password: "
+msgstr "Nieuw wachtwoord: "
+
+msgid "Try again."
+msgstr "Probeer het nog eens."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Waarschuwing: zwak wachtwoord (voer het nogmaals in om het toch te "
+"gebruiken)."
+
+msgid "They don't match; try again.\n"
+msgstr "Ze komen niet overeen; probeer het nog eens.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Het wachtwoord van %s kan niet veranderd worden.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Het wachtwoord van %s kan nog niet veranderd worden.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: het wachtwoord ontgrendelen zou resulteren in een account zonder "
+"wachtwoord.\n"
+"U zou een wachtwoord moeten instellen met 'usermod -p' om het wachtwoord "
+"van\n"
+"dit account te ontgrendelen.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: opslagplaats %s wordt niet ondersteund\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s heeft niet het recht om het wachtwoord van %s te wijzigen\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: U mag wachtwoordinformatie van %s niet bekijken of aanpassen.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Wachtwoord van %s wordt veranderd\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Het wachtwoord van %s is niet veranderd.\n"
+
+#, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "%s: wachtwoord is veranderd.\n"
+
+#, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: gegevens in verband met wachtwoordverval zijn gewijzigd.\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] [passwd]\n"
+"\n"
+"Opties:\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] [passwd [shadow]]\n"
+"\n"
+"Opties:\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr "  -q, --quiet                   rapporteer enkel fouten\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: alternatief schaduwbestand niet toegestaan als USE_TCB actief is.\n"
+
+msgid "invalid password file entry"
+msgstr "ongeldige regel in het wachtwoordbestand"
+
+msgid "duplicate password entry"
+msgstr "identieke regel in wachtwoordbestand"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "ongeldige gebruikersnaam '%s'\n"
+
+#, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "ongeldig gebruikers-ID '%lu'\n"
+
+#, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "gebruiker '%s': geen groep %lu\n"
+
+#, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "gebruiker '%s': map '%s' bestaat niet\n"
+
+#, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "gebruiker '%s': programma '%s' bestaat niet\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "geen tcb-map voor %s\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "tcb-map aanmaken voor %s?"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "tcb-map aanmaken voor %s is mislukt\n"
+
+#, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: kan %s niet vergrendelen.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "geen element in %s dat overeenkomt met die in het wachtwoordbestand\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "gebruiker '%s' toevoegen in %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"gebruiker %s heeft een regel in %s, maar zijn wachtwoordveld in %s is niet "
+"'x'\n"
+
+msgid "invalid shadow password file entry"
+msgstr "ongeldige regel in het schaduwwachtwoordbestand"
+
+msgid "duplicate shadow password entry"
+msgstr "identieke regel in het schaduwwachtwoordbestand"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "gebruiker %s: laatste wachtwoordverandering is in de toekomst\n"
+
+#, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: kan regels van %s niet sorteren\n"
+
+#, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: kan niet functioneren als tcb actief is\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: modus van %s instellen op 0600 is mislukt\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Gebruik van 'su' is voor dat account NIET TOEGESTAAN.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Wachtwoordauthenticatie is omzeild.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Gelieve uw EIGEN wachtwoord in te voeren voor authenticatie.\n"
+
+msgid " ...killed.\n"
+msgstr " ...gedood.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...wachten op het beëindigen van kind-proces.\n"
+
+#, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: kan geen nieuwe gebruikersshell starten\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: signaal werkt slecht\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: signaalmaskering werkt slecht\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Sessie beëindigd, shell wordt afgesloten..."
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid " ...terminated.\n"
+msgstr " ...beëindigd.\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Gebruik: su [opties] [GEBRUIKERSNAAM]\n"
+"\n"
+"Opties:\n"
+"  -c, --command COMMANDO        geef COMMANDO mee aan de aangeroepen shell\n"
+"  -h, --help                    toon deze hulptekst en sluit af\n"
+"  -, -l, --login                maak van de shell een aanmeld-shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        stel de omgevingsvariabelen niet opnieuw\n"
+"                                in, en behoud dezelfde shell\n"
+"  -s, --shell SHELL             gebruik SHELL i.p.v. de standaardshell\n"
+"                                opgegeven in /etc/passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Genegeerd)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "U bent niet gerechtigd om 'su %s' uit te voeren\n"
+
+msgid "(Enter your own password)"
+msgstr "(U dient uw eigen wachtwoord in te voeren)"
+
+#, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: authenticatie is mislukt\n"
+
+#, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: U bent niet gerechtigd om op dat tijdstip 'su' uit te voeren\n"
+
+#, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Geen wachtwoordregel voor gebruiker '%s'\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: dient uitgevoerd te worden vanaf een terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: fout %d\n"
+
+#, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: kan de sturende terminal niet sluiten\n"
+
+#, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Kan %s niet uitvoeren\n"
+
+msgid "No password file"
+msgstr "Geen wachtwoordbestand"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY is mislukt"
+
+msgid "No password entry for 'root'"
+msgstr "Geen wachtwoordregel voor 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"U dient control-d in te tikken om op de normale manier op te starten,\n"
+"(of het beheerderswachtwoord om de systeemonderhoudsmodus in te gaan):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Systeemonderhoudsmodus wordt opgestart"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s werd aangemaakt, maar kon niet verwijderd worden\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: de %s-instellingen in %s zullen genegeerd worden\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: kan geen nieuw bestand met standaardwaarden aanmaken\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: kan het nieuwe bestand met standaardwaarden niet openen\n"
+
+#, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: de regel in %s is te lang: %s..."
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: kan back-upbestand (%s) niet aanmaken: %s\n"
+
+#, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: hernoemen: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: groep '%s' is een NIS-groep.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: te veel groepen gespecificeerd (max %d).\n"
+
+#, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Gebruik: %s [opties] GEBRUIKERSNAAM\n"
+"       %s -D\n"
+"       %s -D [opties]\n"
+"\n"
+"Opties:\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -b, --base-dir BASIS_MAP      basismap voor de thuismap van het nieuwe\n"
+"                                account\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr "  -c, --comment COMMENTAAR      GECOS-veld van het nieuwe account\n"
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr "  -d, --home-dir THUIS_MAP      thuismap van het nieuwe account\n"
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+"  -D, --defaults                toon of wijzig de standaardinstellingen\n"
+"                                van het commando useradd\n"
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+"  -e, --expiredate VERVAL_DATUM  datum waarop het nieuwe account vervalt\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+"  -f, --inactive INACTIEF       periode waarin het wachtwoord van het\n"
+"                                nieuwe account niet-actief kan zijn\n"
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+"  -g, --gid GROUP               naam of ID van de primaire groep van het\n"
+"                                nieuwe account\n"
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+"  -G, --groups GROEPEN          lijst van bijkomende groepen voor het "
+"nieuwe\n"
+"                                account\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr "  -k, --skel SKELET_MAP         gebruik deze alternatieve skelet-map\n"
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -l, --no-log-init             voeg de gebruiker niet toe aan de\n"
+"                                gegevensbestanden van lastlog en faillog\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+"  -m, --create-home             maak de thuismap voor de gebruiker aan\n"
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+"  -M, --no-create-home          maak de thuismap voor de gebruiker niet aan\n"
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+"  -N, --no-user-group           maak geen groep aan met dezelfde naam\n"
+"                                als de gebruiker\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              laat toe om gebruikers aan te maken\n"
+"                                met identiek (niet-uniek) UID\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+"  -p, --password WACHTWOORD     versleuteld wachtwoord voor het nieuwe "
+"account\n"
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+"  -s, --shell SHELL             aanmeld-shell voor het nieuwe account\n"
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr "  -u, --uid UID                 gebruikers-ID van het nieuwe account\n"
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+"  -U, --user-group              maak een groep met de naam van de gebruiker\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+"  -Z, --selinux-user SEUSER     gebruik een specifieke SEUSER om de\n"
+"                                gebruikerskoppeling voor SELinux te maken\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: ongeldige basismap '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: ongeldig commentaar '%s'\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: ongeldige thuismap '%s'\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: schaduwwachtwoorden zijn vereist voor -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: schaduwwachtwoorden zijn vereist voor -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: ongeldig veld '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: ongeldige shell '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z vereist dat SELinux geactiveerd is in de kernel\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+"%s: opnieuw instellen van de faillog-post voor UID %lu is mislukt: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+"%s: opnieuw instellen van de lastlog-post voor UID %lu is mislukt: %s\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: kan map %s niet aanmaken\n"
+
+msgid "Creating mailbox file"
+msgstr "Postvak-bestand wordt aangemaakt"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"De 'mail'-groep is niet gevonden. Het postvak-bestand van de gebruiker wordt "
+"aangemaakt met rechten-modus 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Bestandsrechten van postvak-bestand worden ingesteld"
+
+#, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: gebruiker '%s' bestaat al\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: groep %s bestaat - om deze gebruiker aan die groep toe te voegen dient u "
+"-g te gebruiken.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: kan gebruiker niet aanmaken\n"
+
+#, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu is niet uniek\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: tcb-map voor %s aanmaken is mislukt\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: kan groep niet aanmaken\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: waarschuwing: de thuismap bestaat reeds.\n"
+"Er worden geen bestanden uit de skelet-map ernaartoe gekopieerd.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: waarschuwing: de koppeling van gebruikersnaam %s aan SELinux-gebruiker "
+"%s is mislukt.\n"
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   geforceerde verwijdering van bestanden,\n"
+"                                ook als ze geen eigendom van gebruiker zijn\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr "  -r, --remove                  verwijder thuismap en postvak\n"
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+"  -Z, --selinux-user            verwijder elke koppeling met een SELinux-"
+"gebruiker\n"
+"                                voor de gebruiker\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: groep %s wordt niet verwijderd omdat het niet de primaire groep is van "
+"gebruiker %s.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: groep %s wordt niet verwijderd omdat hij nog andere leden telt.\n"
+
+#, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: groep %s is de primaire groep van een andere gebruiker en wordt niet "
+"verwijderd.\n"
+
+#, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s postvak (%s) niet gevonden\n"
+
+#, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: waarschuwing: kan %s niet verwijderen: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s is niet van %s, wordt niet verwijderd\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s: kan geen geheugen toekennen, tcb-item van %s niet verwijderd.\n"
+
+#, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: afgeven van rechten is mislukt: %s\n"
+
+#, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: kan de inhoud van %s niet verwijderen: %s\n"
+
+#, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: kan de tcb-bestanden voor %s niet verwijderen: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: gebruiker %s is een NIS-gebruiker\n"
+
+#, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s thuismap (%s) niet gevonden\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: map %s wordt niet verwijderd (het zou de thuismap van gebruiker %s "
+"verwijderen)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: fout tijdens verwijderen van map %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: waarschuwing: verwijderen van de koppeling van gebruikersnaam %s aan een "
+"SELinux-gebruiker is mislukt.\n"
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment COMMENTAAR      nieuwe inhoud van het GECOS-veld\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+"  -d, --home THUIS_MAP          nieuwe thuismap voor het gebruikersaccount\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -e, --expiredate VERVAL_DATUM  stel account-vervaldag in op VERVAL_DATUM\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive INACTIEF       stel na het verlopen van het wachtwoord de\n"
+"                                niet-actieve periode ervan in op INACTIEF\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+"  -g, --gid GROEP               forceer het gebruik van GROEP als nieuwe "
+"primaire\n"
+"                                groep\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr "  -G, --groups GROEPEN          nieuwe lijst van bijkomende GROEPEN\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+"  -a, --append                  voeg de gebruiker toe aan de bijkomende "
+"GROEPEN,\n"
+"                                vermeld bij de optie -G, zonder hem/haar\n"
+"                                te verwijderen uit andere groepen\n"
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login NIEUWE_NAAM       nieuwe waarde voor de gebruikersnaam\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    vergrendel het gebruikersaccount\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               verplaats de inhoud van de thuismap naar de\n"
+"                                nieuwe locatie (enkel gebruiken met -d)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              gebruik van een identiek (niet-uniek) UID "
+"toestaan\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+"  -p, --password WACHTWOORD     gebruik versleuteld wachtwoord als nieuw "
+"wachtwoord\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr "  -u, --uid UID                 nieuw UID voor het gebruikersaccount\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr "  -U, --unlock                  ontgrendel het gebruikersaccount\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -Z, --selinux-user SEUSER     nieuwe koppeling met SELinux-gebruiker voor "
+"het\n"
+"                                gebruikersaccount\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: het wachtwoord van de gebruiker ontgrendelen zou resulteren in een "
+"account\n"
+"zonder wachtwoord.\n"
+"U zou een wachtwoord moeten instellen met 'usermod -p' om het wachtwoord "
+"van\n"
+"deze gebruiker te ontgrendelen.\n"
+
+#, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: gebruiker '%s' bestaat al in %s\n"
+
+#, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: geen opties\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: de opties -L, -p, en -U zijn exclusief\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: schaduwwachtwoorden zijn vereist voor opties -e en -f\n"
+
+#, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID '%lu' bestaat reeds\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: map %s bestaat al\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: De vroegere thuismap (%s) was geen map. Ze werd niet verwijderd en er "
+"werden geen thuismappen aangemaakt.\n"
+
+#, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: de thuismap van eigenaar veranderen is mislukt"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: waarschuwing: volledig verwijderen van de oude thuismap %s is mislukt"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: kan map %s niet hernoemen naar %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: kopiëren van de lastlog-post van gebruiker %lu naar gebruiker %lu is "
+"mislukt: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: kopiëren van de faillog-post van gebruiker %lu naar gebruiker %lu is "
+"mislukt: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: waarschuwing: %s is niet van %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "aanpassen van de postvak-eigenaar is mislukt"
+
+msgid "failed to rename mailbox"
+msgstr "hernoemen van het postvak is mislukt"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"U heeft %s gewijzigd.\n"
+"Uit consistentieoverwegingen zou u %s moeten wijzigen.\n"
+"Gebruik het commando '%s' om dit te doen.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   bewerk de groepsdatabase\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd                  bewerk de wachtwoorddatabase\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+"  -s, --shadow                  bewerk de shadow- of de gshadow-database\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+"  -u, --user                    tcb-schaduwbestand van bepaalde gebruiker "
+"bewerken\n"
+
+#, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: verwijderen van %s is mislukt\n"
+
+#, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s is niet veranderd\n"
+
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "aanmaken van initiële map is mislukt"
+
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "afgeven van rechten is mislukt"
+
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Kon bestandscontext niet verkrijgen"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () is mislukt"
+
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "verwerven van rechten is mislukt"
+
+msgid "Couldn't lock file"
+msgstr "Kon bestand niet vergrendelen"
+
+msgid "Couldn't make backup"
+msgstr "Kon geen reservekopie maken"
+
+#| msgid "Unable to open group file"
+msgid "failed to open scratch file\n"
+msgstr "initieel bestand openen is mislukt\n"
+
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "ontkoppelen van initieel bestand is mislukt"
+
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "opvragen van status van bewerkt bestand is mislukt"
+
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "geheugen toekennen is mislukt"
+
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "maken van reservekopie is mislukt"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: kan %s niet herstellen: %s (uw aanpassingen staan in %s)\n"
+
+#, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: tcb-map van %s vinden is mislukt\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Gebruik: %s [invoer]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) is mislukt\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -d, --lastday LAST_DAY        set last password change to LAST_DAY\n"
+#~| "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --list                    show account aging information\n"
+#~| "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "  -W, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: chage [opties] [GEBRUIKERSNAAM]\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ "  -d, --lastday LAATSTE_DAG     stel 'laatste wachtwoordaanpassing' in "
+#~ "op\n"
+#~ "                                LAATSTE_DAG\n"
+#~ "  -E, --expiredate VERVALDATUM  stel account-vervaldatum in op "
+#~ "VERVALDATUM\n"
+#~ "  -h, --help                    geef deze boodschap weer en sluit af\n"
+#~ "  -I, --inactive INACTIEF       stel 'wachtwoord inactief na "
+#~ "vervaldatum'\n"
+#~ "                                in op INACTIEF\n"
+#~ "  -l, --list                    geef account-verouderingsinformatie weer\n"
+#~ "  -m, --mindays MIN_DAGEN       stel minimum aantal dagen tussen\n"
+#~ "                                wachtwoordaanpassingen in op MIN_DAGEN\n"
+#~ "  -M, --maxdays MAX_DAGEN       stel maximum aantal dagen tussen\n"
+#~ "                                wachtwoordaanpassingen in op MAX_DAGEN\n"
+#~ "  -W, --warndays WAARSCH_DAGEN  stel aantal dagen met waarschuwing voor\n"
+#~ "                                vervallen account in op WAARSCH_DAGEN\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM-authentificatie is mislukt\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Gebruik: %s [-f volledige_naam] [-r kamer_nr] [-w tel_werk]\n"
+#~ "         [-h tel_thuis] [-o varia] [gebruiker]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Gebruik: %s [-f volledige_naam] [-r kamer_nr] [-w tel_werk] [-h "
+#~ "tel_thuis]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Gebruik: chpasswd [opties]\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ "  -e, --encrypted     opgegeven wachtwoorden zijn versleuteld\n"
+#~ "  -h, --help          toon dit bericht en sluit af\n"
+#~ "  -m, --md5           maak gebruik van MD5-versleuteling i.p.v. DES "
+#~ "wanneer\n"
+#~ "                      opgegeven wachtwoorden niet versleuteld zijn\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: chsh [opties] GEBRUIKERSNAAM\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ "  -h, --help                    toon deze boodschap en sluit af\n"
+#~ "  -r, --shell SHELL             nieuwe aanmeld-shell voor "
+#~ "gebruikersaccount\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Gebruik: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: kan bestand %s niet openen\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Gebruik: groupdel groep\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Gebruik: %s [-r] [-s] [groep [gshaduw]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Gebruik: %s [-r] [-s] [groep]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s en -r zijn niet compatibel\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Gebruik: groupdel groep\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Gebruik: groupdel groep\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: lastlog [opties]\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ "  -b, --before DAGEN  toon enkel de lastlog-ingangen die ouder zijn dan\n"
+#~ "                      DAGEN\n"
+#~ "  -h, --help          toon dit bericht en sluit af\n"
+#~ "  -t, --time DAGEN    print enkel lastlog-records van de laatste DAGEN "
+#~ "dagen\n"
+#~ "  -u, --user LOGIN    print het lastlog-record van de gebruiker LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: passwd [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     report password status on all accounts\n"
+#~| "  -d, --delete                  delete the password for the named "
+#~| "account\n"
+#~| "  -e, --expire                  force expire the password for the named "
+#~| "account\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -k, --keep-tokens             change password only if expired\n"
+#~| "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --lock                    lock the named account\n"
+#~| "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -r, --repository REPOSITORY   change password in REPOSITORY "
+#~| "repository\n"
+#~| "  -S, --status                  report password status on the named "
+#~| "account\n"
+#~| "  -u, --unlock                  unlock the named account\n"
+#~| "  -w, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "  -x, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: passwd [opties] [GEBRUIKERSNAAM]\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ "  -a, --all                     geef wachtwoordstatus van alle accounts "
+#~ "weer\n"
+#~ "  -d, --delete                  verwijder het wachtwoord voor de\n"
+#~ "                                genoemde account\n"
+#~ "  -e, --expire                  doe het wachtwoord vervallen voor de\n"
+#~ "                                genoemde account\n"
+#~ "  -h, --help                    toon deze boodschap en sluit af\n"
+#~ "  -k, --keep-tokens             verander wachtwoord indien het vervallen "
+#~ "is\n"
+#~ "  -i, --inactive INACTIEF       maak wachtwoord inactief als INACTIEF\n"
+#~ "                                wanneer het vervalt\n"
+#~ "  -l, --lock                    vergrendel de genoemde account\n"
+#~ "  -n, --mindays MIN_DAGEN       stel het minimum aantal dagen voor\n"
+#~ "                                veranderen van het wachtwoord in op "
+#~ "MIN_DAGEN\n"
+#~ "  -q, --quiet                   stille modus\n"
+#~ "  -r, --repository REPOSITORY   verander wachtwoord in REPOSITORY "
+#~ "opslagplaats\n"
+#~ "  -S, --status                  geef de wachtwoordstatus van de genoemde\n"
+#~ "                                account weer\n"
+#~ "  -u, --unlock                  ontgrendel de genoemde account\n"
+#~ "  -w, --warndays WAARSCH_DAGEN  stel het aantal dagen met waarschuwing "
+#~ "in\n"
+#~ "                                op WAARSCH_DAGEN\n"
+#~ "  -x, --maxdays MAX_DAGEN       stel het maximum aantal dagen voor\n"
+#~ "                                wachtwoordverandering in op MAX_DAGEN\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Gebruik: %s [-q] [-r] [-s] [wachtwoord [shaduw]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Gebruik: %s [-q] [-r] [-s] [wachtwoord [shaduw]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Gebruik: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Gebruik: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Onbekend ID: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Geen shell\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: userdel [opties] GEBRUIKERSNAAM\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ "  -f, --force                   dwing verwijderen van bestanden af,\n"
+#~ "                                ook wanneer de gebruiker niet de eigenaar "
+#~ "is\n"
+#~ "  -h, --help                    toon deze helbboodschap en sluit af\n"
+#~ "  -r, --remove                  verwijder de thuismap en het mailbox-"
+#~ "bestand\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: gebruiker %s is momenteel aangemeld\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Gebruik: usermod [opties] GEBRUIKERSNAAM\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ "  -a, --append GROEP            voeg gebruiker toe aan de extra groep "
+#~ "GROEP\n"
+#~ "  -c, --comment OPMERKING       de nieuwe waarde voor het GECOS-veld\n"
+#~ "  -d, --home-dir THUIS_MAP      nieuwe thuismap voor de "
+#~ "gebruikersaccount\n"
+#~ "  -e, --expiredate VERVALDATUM  stel de vervaldatum in op VERVALDATUM\n"
+#~ "  -f, --inactive INACTIEF       stel het 'wachtwoord inactief na verval'\n"
+#~ "                                in op INACTIEF\n"
+#~ "  -g, --gid GROEP               dwing gebruik van GROEP af als de nieuwe\n"
+#~ "                                aanmeldgroep\n"
+#~ "  -G, --groups GROEPEN          lijst met aanvullende groepen\n"
+#~ "  -h, --help                    geef deze boodschap weer en sluit af\n"
+#~ "  -l, --login GEBRUIKERSNAAM    nieuwe gebruikersnaam\n"
+#~ "  -L, --lock                    vergrendel de gebruikersaccount\n"
+#~ "  -m, --move-home               verplaats de thuismap naar een nieuwe "
+#~ "locatie\n"
+#~ "                                (enkel gebruiken in combinatie met optie -"
+#~ "d)\n"
+#~ "  -o, --non-unique              laat dubbele (niet-unieke) UID toe\n"
+#~ "  -p, --password WACHTWOORD     gebruik versleuteld wachtwoord als het\n"
+#~ "                                nieuwe wachtwoord\n"
+#~ "  -s, --shell SHELL             gebruik gegeven shell als aanmeld-shell\n"
+#~ "                                voor de gebruikersaccount\n"
+#~ "  -u, --uid UID                 nieuwe UID voor de gebruikersaccount\n"
+#~ "  -U, --unlock                  ontgrendel de gebruikersaccount\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: geen opties gegeven\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: vipw [opties]\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ "  -g, --group                   de groepdatabase bewerken\n"
+#~ "  -h, --help                    toon deze boodschap en sluit af\n"
+#~ "  -p, --passwd                  passwd-database bewerken\n"
+#~ "  -q, --quiet                   stille modus\n"
+#~ "  -s, --shadow                  shadow- of gshadow-database bewerken\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Gebruik: %s [invoer]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: kan %s niet aanmaken\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: kan chown %s niet uitvoeren\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     display faillog records for all users\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --lock-time SEC           after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| "  -m, --maximum MAX             set maximum failed login counters to "
+#~| "MAX\n"
+#~| "  -r, --reset                   reset the counters of login failures\n"
+#~| "  -t, --time DAYS               display faillog records more recent than "
+#~| "DAYS\n"
+#~| "  -u, --user LOGIN              display faillog record or maintains "
+#~| "failure\n"
+#~| "                                counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| "                                options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: faillog [opties]\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ "  -a, --all             toon de faillog-records van alle gebruikers\n"
+#~ "  -h, --help            toon dit bericht en sluit af\n"
+#~ "  -l, --lock-time SEC   Bevries accounts SEC seconden na mislukt "
+#~ "aanmelden\n"
+#~ "  -m, --maximum MAX     stel maximaal aantal mislukte aanmeldingen in op "
+#~ "MAX\n"
+#~ "  -r, --reset           herbegin de tellers voor mislukte aanmeldingen\n"
+#~ "  -t, --time AANTAL     geef alle faillog records van de laatste AANTAL\n"
+#~ "                        dagen weer\n"
+#~ "   -u, --user LOGIN     geef faillog-record weer en onderhoud "
+#~ "mislukking-\n"
+#~ "                        tellers en limieten (indien de -r, -m or -l "
+#~ "opties\n"
+#~ "                        gebruikt worden), maar enkel voor gebruiker "
+#~ "LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: groupadd [opties] GROEP\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ "  -f, --force                   succesvolle afsluitstatus afdwingen ook\n"
+#~ "                                als de opgegeven groep reeds bestaat\n"
+#~ "  -g, --gid GID                 nieuwe groep krijgt de opgegeven GID\n"
+#~ "  -h, --help                    geef deze boodschap weer en sluit af\n"
+#~ "  -K, --key SLEUTEL=WAARDE      overstijgt standaardwaarden\n"
+#~ "                                uit /etc/login.defs\n"
+#~ "  -o, --non-unique              laat aanmaken van groep met dubbele\n"
+#~ "                                (niet-unieke) GID toe\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: groupmod [opties] GROEP\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ "  -g, --gid GID                 groep krijgt deze nieuwe GID\n"
+#~ "  -h, --help                    geef deze boodschap weer en sluit af\n"
+#~ "  -n, --new-name NIEUWE_NAAM    groep krijgt deze nieuwe naam\n"
+#~ "  -o, --non-unique              laat aanmaken van groep met dubbele\n"
+#~ "                                (niet-unieke) GID toe\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Gebruik: useradd [opties] GEBRUIKERSNAAM\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ "  -b, --base-dir BASIS_MAP      basismap voor de thuismap van de nieuwe\n"
+#~ "                                gebruikersaccount\n"
+#~ "  -c, --comment OPMERKING       stel het GECOS-veld voor de nieuwe\n"
+#~ "                                gebruikersaccount in\n"
+#~ "  -d, --home-dir THUIS_MAP      thuismap voor de nieuwe "
+#~ "gebruikersaccount\n"
+#~ "  -D, --defaults                print de aangepaste useradd-"
+#~ "configuratie,\n"
+#~ "                                of sla deze op\n"
+#~ "  -e, --expiredate VERVALDATUM  stel de vervaldatum in op VERVALDATUM\n"
+#~ "  -f, --inactive INACTIVE       stel het 'wachtwoord inactief na verval'\n"
+#~ "                                in op INACTIEF\n"
+#~ "  -g, --gid GROEP               dwing gebruik van GROEP voor de nieuwe\n"
+#~ "                                gebruikersaccount af\n"
+#~ "  -G, --groups GROEPEN          lijst met aanvullende groepen voor de\n"
+#~ "                                gebruikersaccount\n"
+#~ "  -h, --help                    geef deze boodschap weer en sluit af\n"
+#~ "  -k, --skel SKEL_MAP           gebruik een alternatief map-skelet\n"
+#~ "  -K, --key SLEUTEL=WAARDE      overstijg de standaardwaarden uit\n"
+#~ "                                /etc/login.defs\n"
+#~ "  -m, --create-home             maak een thuismap aan voor de nieuwe\n"
+#~ "                                gebruikersaccount\n"
+#~ "  -o, --non-unique              laat het aanmaken van gebruikersaccounts\n"
+#~ "                                met een dubbele (niet-unieke) UID toe\n"
+#~ "  -p, --password WACHTWOORD     gebruik versleuteld wachtwoord voor de\n"
+#~ "                                nieuwe gebruikersaccount\n"
+#~ "  -s, --shell SHELL             gebruik gegeven shell als aanmeld-shell\n"
+#~ "                                voor de gebruikersaccount\n"
+#~ "  -u, --uid UID                 gebruik UID voor de nieuwe "
+#~ "gebruikersaccount\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Uw wachtwoord gaat vervallen."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: kan wachtwoordbestand niet vergrendelen\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: kan wachtwoordbestand niet openen\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: kan schaduwwachtwoordenbestand niet vergrendelen\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: kan schaduwwachtwoordenbestand niet openen\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: kan het schaduwwachtwoordbestand niet herschrijven\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: kan het wachtwoordbestand niet herschrijven\n"
+
+#~ msgid "%s: can't update password file\n"
+#~ msgstr "%s: kan wachtwoordbestand niet bijwerken\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: kan schaduwwachtwoordbestand niet bijwerken\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tVolledige naam: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tKamernummer: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTelefoon werk: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTelefoon thuis: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr ""
+#~ "Kan het wachtwoordbestand niet vergrendelen; probeer het later nog eens.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Kan het wachtwoordbestand niet openen.\n"
+
+#~ msgid "%s: %s not found in /etc/passwd\n"
+#~ msgstr "%s: %s is niet gevonden in /etc/passwd\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Fout tijdens het bijwerken van de wachtwoordingang.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Kan de aanpassingen aan het wachtwoordbestand niet vastleggen.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Kan het wachtwoordbestand niet ontgrendelen.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: kan groepbestand niet vergrendelen\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: kan groepbestand niet openen\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: kan het 'gshadow'-bestand niet vergrendelen\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: kan het schaduwbestand niet openen\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: fout tijdens bijwerken van schaduwbestand\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr ":%s: fout tijdens bijwerken groepingang\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: regel %d: onbekende groep %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: regel %d: kan ingang niet bijwerken\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: kan het 'shadow'-bestand niet vergrendelen\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: fout tijdens bijwerken van schaduwbestand\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: fout tijdens bijwerken van wachtwoordbestand\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: regel %d: onbekende gebruiker %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: regel %d: kan wachtwoordingang niet bijwerken\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: onbekende gebruiker\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Onbekende gebruiker %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Gebruik: %s [-r|-R] groep\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "         %s [-a gebruiker] groep\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "         %s [-d gebruiker] groep\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "         %s [-A gebruiker,...] [-M gebruiker,...] groep\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "         %s [-M gebruiker,...] groep\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: kan geen vergrendeling verkrijgen\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: kan geen schaduwvergrendeling verkrijgen\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: kan bestand niet openen\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: kan schaduwbestand niet herschrijven\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: kan bestand niet ontgrendelen\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: kan ingang niet bijwerken\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: kan schaduwingang niet bijwerken\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "onbekende groep: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: kan bestand niet openen\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: kan het schaduwbestand niet openen\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Wie bent u?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: onbekende gebruiker %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: fout tijdens toevoegen nieuwe groepingang\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: kan groepbestand niet herschrijven\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: kan schaduwgroepbestand niet herschrijven\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: kan groepbestand niet vergrendelen\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: kan groepbestand niet openen\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: kan schaduwgroepbestand niet vergrendelen\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: kan schaduwgroepbestand niet openen\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u is niet uniek\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: fout bij het verwijderen van de groepingang\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: fout tijdens het verwijderen van de schaduwgroepingang\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: kan de primaire groep van een gebruiker niet verwijderen.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Te verwijderen lid kon niet gevonden worden\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Gebruik: groupmems -a GEBRUIKERSNAAM | -d GEBRUIKERSNAAM | -D | -l [-g "
+#~ "GROEPNAAM]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Alleen root kan gebruikers toevoegen aan verschillende groepen\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Groeptoegang is vereist\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Niet de primaire eigenaar van de huidige groep\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "PAM-authentificatie is mislukt\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Kan groepbestand niet vergrendelen\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Kan groepbestand niet sluiten\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s is niet gevonden in /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u is geen unieke GID\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s is geen unieke naam\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: kan wachtwoordbestand niet herschrijven\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: kan wachtwoordbestand niet vergrendelen\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: kan wachtwoordbestand niet openen\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: kan schaduwingang voor %s niet bijwerken\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: kan ingang voor groep %s niet bijwerken\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: kan schaduwgroepbestand niet vergrendelen\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: kan schaduwgroepbestand niet openen\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: kan schaduwgroep %s niet verwijderen\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: kan schaduwgroepbestand niet bijwerken\n"
+
+#~ msgid "%s: can't update group file\n"
+#~ msgstr "%s: kan groepbestand niet bijwerken\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: kan schaduwgroepbestand niet verwijderen\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "onbekende UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "onbekende GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: groep %s bestaan niet\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: gebruiker %s bestaat niet\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: ongeldige gebruikersnaam '%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: kan /etc/passwd niet vergrendelen.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: kan /etc/passwd niet vergrendelen.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: kan /etc/passwd niet vergrendelen.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: kan /etc/passwd niet vergrendelen.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: kan bestanden niet openen\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: fout tijdens bijwerken bestanden\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: kan 'passwd'-ingang voor %s niet bijwerken\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: kan 'passwd'-bestand niet vergrendelen\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: kan 'passwd'-bestand niet openen\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: kan schaduwingang voor %s niet verwijderen\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: kan 'passwd'-bestand niet bijwerken\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: kan ingang voor gebruiker %s niet bijwerken\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: kan schaduwwachtwoordbestand niet verwijderen\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: onbekende GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: onbekende groep %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: onvoldoende geheugen in update_gshadow()\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: kan wachtwoordbestand niet herschrijven\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: kan schaduwwachtwoordbestand niet herschrijven\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: kan schaduwwachtwoordbestand niet vergrendelen\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: kan schaduwwachtwoordbestand niet openen\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: fout tijdens vergrendelen groepbestand\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: fout tijdens openen groepbestand\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: fout tijdens vergrendelen schaduwgroepbestand\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: fout tijdens openen schaduwgroepbestand\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: fout tijdens toevoegen nieuwe wachtwoordingang\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: fout tijdens toevoegen schaduwwachtwoordingang\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: waarschuwing: CREATE_HOME wordt niet ondersteund, u dient in plaats "
+#~ "hiervan -m te gebruiken.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr ":%s: fout tijdens bijwerken groepingang\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr ":%s: fout tijdens bijwerken groepingang\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: kan groepbestand niet openen\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: kan schaduwgroepbestand niet openen\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: fout tijdens verwijderen wachtwoordingang\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: fout tijdens verwijderen schaduwwachtwoordingang\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: fout tijdens toevoegen nieuwe groepingang\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: UID %lu is niet uniek\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: fout tijdens aanpassen wachtwoordingang\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: fout tijdens verwijderen wachtwoordingang\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: fout tijdens verwijderen schaduwwachtwoordingang\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: kan geen unieke GID verkrijgen\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " op `%.100s' vanaf `%.200s'"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " op `%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: regel %d: kan geen UID aanmaken\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: naam %s is niet uniek\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Gebruik: chpasswd [opties]\n"
+#~ "\n"
+#~ "Opties:\n"
+#~ "  -e, --encrypted\topgegeven wachtwoorden zijn versleuteld\n"
+#~ "  -h, --help\t\ttoon dit bericht en sluit af\n"
+#~ "  -m, --md5\t\tmaak gebruik van MD5-versleuteling wanneer\n"
+#~ "\t\t\tde opgegeven wachtwoorden niet versleuteld zijn\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Geen wachtwoordbestand\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Sorry.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Sorry, het wachtwoord voor %s kan nog niet veranderd worden.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Sorry."
diff --git a/po/nn.po b/po/nn.po
new file mode 100644
index 0000000..59890ce
--- /dev/null
+++ b/po/nn.po
@@ -0,0 +1,3025 @@
+# translation of shadow.po to Norwegian (Nynorsk)
+# Copyright (C) 2004 Free Software Foundation, Inc.
+# HÃ¥vard Korsvoll <korsvoll@skulelinux.no>, 2004.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2004-06-03 21:41+0200\n"
+"Last-Translator: HÃ¥vard Korsvoll <korsvoll@skulelinux.no>\n"
+"Language-Team: Norwegian (Nynorsk) <i18n-nn@lister.ping.uio.no>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.3.1\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Klarte ikkje finna plass for oppsettsinformasjon.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "oppsettsfeil - ukjent element «%s» (gje melding til administrator)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Passord: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s sitt passord: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Klarte ikkje finna plass for oppsettsinformasjon.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Endrar aldringsformasjonen for %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Klarer ikkje avgjere brukarnamnet ditt.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: linje %d: klarer ikkje finne brukar %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: tomt for minne\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: klarer ikkje oppdatere fila %s\n"
+
+#, fuzzy, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: ugyldig heimemappe «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: åtvaring: kan ikkje fjerna "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: åtvaring: kan ikkje fjerna "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: gje nytt namn: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: åtvaring: kan ikkje fjerna "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: åtvaring: kan ikkje fjerna "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: klarer ikkje oppdatere fila %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: klarer ikkje oppdatere skuggepassordfil\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: gje nytt namn: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: klarer ikkje opna fila %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Ã…tvaring: ukjent gruppe %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Ã…tvaring: for mange grupper\n"
+
+msgid "Your password has expired."
+msgstr "Passordet ditt er utgått."
+
+msgid "Your password is inactive."
+msgstr "Passordet ditt er inaktivt."
+
+msgid "Your login has expired."
+msgstr "Innlogginga di er utgått."
+
+msgid "  Contact the system administrator."
+msgstr "  Ta kontakt med systemadministrator."
+
+msgid "  Choose a new password."
+msgstr "  Lag eit nytt passord."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Passordet ditt vil utgå om %ld dagar.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Passordet ditt vil utgå i morgon."
+
+msgid "Your password will expire today."
+msgstr "Passordet ditt vil utgå i dag."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Klarer ikkje skifta tty %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: felta er for lange\n"
+
+#, fuzzy, c-format
+msgid "%s: "
+msgstr "passwd: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Miljø overflyt\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Du klarer ikkje endra $%s\n"
+
+#, fuzzy, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] "%d %s sidan førre innlogging. Førre var %s på %s.\n"
+msgstr[1] "%d %s sidan førre innlogging. Førre var %s på %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "klarte ikke å endra eigar av mailbox"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: klarer ikkje få unikt gid\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: klarer ikkje få unikt gid\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: klarer ikkje få unikt gid\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: klarer ikkje få unikt gid\n"
+
+msgid "Too many logins.\n"
+msgstr "For mange innloggingar.\n"
+
+msgid "You have new mail."
+msgstr "Du har ny e-post."
+
+msgid "No mail."
+msgstr "Ingen e-post."
+
+msgid "You have mail."
+msgstr "Du har e-post."
+
+#, fuzzy
+msgid "no change"
+msgstr "%s: ingen endringar\n"
+
+msgid "a palindrome"
+msgstr ""
+
+msgid "case changes only"
+msgstr ""
+
+msgid "too similar"
+msgstr ""
+
+msgid "too simple"
+msgstr ""
+
+msgid "rotated"
+msgstr ""
+
+msgid "too short"
+msgstr ""
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Feil passord: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() feila, feil %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Passord er endra."
+
+msgid "passwd: password updated successfully\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Feil passord for «%s»\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: ugyldig telefonnummer, heime: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Klarer ikkje cd til «%s»\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Inga mappe, loggar inn med HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Klarer ikkje køyra %s"
+
+#, fuzzy, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Ugyldig rotmappe «%s»\n"
+
+#, fuzzy, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Klarer ikkje endra rotmappe til «%s»\n"
+
+#, fuzzy
+msgid "Unable to determine your tty name."
+msgstr "%s: Klarer ikkje avgjere brukarnamnet ditt.\n"
+
+#, fuzzy
+msgid "No"
+msgstr "Nei"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Skriv inn den nye verdien eller trykk Enter for standard"
+
+msgid "Minimum Password Age"
+msgstr "Minimum alder på passord"
+
+msgid "Maximum Password Age"
+msgstr "Maksimum alder på passord"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Førre passordendring (ÅÅÅÅ-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Åtvaring for utgått passord"
+
+msgid "Password Inactive"
+msgstr "Passord inaktivt"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Dato for når kontoen utgår (ÅÅÅÅ-MM-DD)"
+
+#, fuzzy
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Førre passordendring (ÅÅÅÅ-MM-DD)"
+
+#, fuzzy
+msgid "never"
+msgstr "Aldri"
+
+msgid "password must be changed"
+msgstr "Passord er endra"
+
+#, fuzzy
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Passord utgår:\t"
+
+#, fuzzy
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Passord inaktiv:\t"
+
+#, fuzzy
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Konto utgår:\t"
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: ugyldig dato «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: ugyldig nummerisk argument «%s»\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: ta ikkje med «l» med andre flagg\n"
+
+#, fuzzy, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: nekta tilgang\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Klarer ikkje avgjere brukarnamnet ditt.\n"
+
+#, fuzzy, c-format
+msgid "%s: PAM: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: klarer ikkje låsa filer, prøv igjen seinare\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: klarer ikkje opna fila %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: klarer ikkje opna skuggepassordfila\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: brukar %s finst ikkje\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Endrar aldringsformasjonen for %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: feil ved endring av felt\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Fullt namn"
+
+#, fuzzy, c-format
+msgid "\t%s: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "Room Number"
+msgstr "Romnummer"
+
+msgid "Work Phone"
+msgstr "Telefon, arbeid"
+
+msgid "Home Phone"
+msgstr "Telefon, heime"
+
+msgid "Other"
+msgstr "Anna"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Klarer ikkje endra ID til root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: ugyldig namn: «%s»\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: ugyldig romnummer: «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: ugyldig telefonnummer, heime: «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: «%s» inneheld ulovlege teikn\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: «%s» inneheld ulovlege teikn\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: brukar %s finst ikkje\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: klarer ikkje endra brukar «%s» på NIS-klient.\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: «%s» er NIS-hovud for denne klienten.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Endrar brukarinformasjon for %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: felta er for lange\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: do not include \"l\" with other flags\n"
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: ta ikkje med «l» med andre flagg\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: linje %d: linja er for lang\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: linje %d: manglar nytt passord\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: gruppe %s eksisterer ikkje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: linje %d: kan ikkje oppdatere oppføring\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: feil funne, endringar er ikkje utført\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: brukar %s finst ikkje\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: brukar %s finst ikkje\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Innloggingskal"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Du treng ikkje endra skal for %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Endra innloggingskal for %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Ugyldig inntasting: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s er eit ugyldig skal.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: brukar %s finst ikkje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: åtvaring: %s er ikkje eigd av %s\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: ugyldig nummerisk argument «%s»\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds igjen]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds lås]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Ukjent brukar: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Passordet for %s kan ikkje endrast.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "Passordet for %s kan ikkje endrast.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: skuggepassord for gruppe krevst for -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: gruppe %s eksisterer ikkje\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Endrar passordet for gruppa %s\n"
+
+msgid "New Password: "
+msgstr "Nytt passord: "
+
+msgid "Re-enter new password: "
+msgstr "Gjenta det nye passordet: "
+
+msgid "They don't match; try again"
+msgstr "Passorda er ikkje like, prøv igjen"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Prøv igjen seinare\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Legg brukaren %s til gruppa %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Fjernar brukaren %s frå gruppa %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: brukar %s finst ikkje\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Ikkje ein tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s er ikkje eit gyldig gruppenamn\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "ugyldig gruppenamn «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -O krev NAME=VERDI\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: gruppa %s finst allereie\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Klarer ikkje avgjere brukarnamnet ditt.\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: klarer ikkje endra brukar «%s» på NIS-klient.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: gruppe %s eksisterer ikkje\n"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: gruppe «%s» er ei NIS-gruppe.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s er NIS-hovudet\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: brukar %s er ikkje ein NIS brukar\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: slapp opp for minne i update_group\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "ugyldig gruppenamn «%s»\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: gruppe %s er ei NIS-gruppe\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: ukjend brukar %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s og -r er inkompatible\n"
+
+msgid "invalid group file entry"
+msgstr "ugyldig oppføring for gruppefil"
+
+#, fuzzy, c-format
+msgid "delete line '%s'? "
+msgstr "slett linja «%s»? "
+
+msgid "duplicate group entry"
+msgstr "duplisert gruppeoppføring"
+
+#, fuzzy, c-format
+msgid "invalid group name '%s'\n"
+msgstr "ugyldig gruppenamn «%s»\n"
+
+#, fuzzy, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "ugyldig gruppenamn «%s»\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "gruppe %s: ingen brukar %s\n"
+
+#, fuzzy, c-format
+msgid "delete member '%s'? "
+msgstr "slett medlem «%s»?"
+
+#, fuzzy, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "ingen passande oppføring for gruppefil\n"
+
+#, fuzzy, c-format
+msgid "add group '%s' in %s? "
+msgstr "skuggegruppe %s: ingen brukar %s\n"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "ugyldig oppføring av skuggegruppefil"
+
+msgid "duplicate shadow group entry"
+msgstr "duplisert oppføring for skuggegruppe"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "skuggegruppe %s: ingen administratorbrukar %s\n"
+
+#, fuzzy, c-format
+msgid "delete administrative member '%s'? "
+msgstr "slett administratormedlem «%s»?"
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "skuggegruppe %s: ingen brukar %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: filene er oppdaterte\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: ingen endringar\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: klarer ikkje oppdatere fila %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Bruk: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Bruk: id\n"
+
+msgid " groups="
+msgstr " grupper="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr "Brukarnamn       Port     Frå              Siste"
+
+msgid "Username                Port     Latest"
+msgstr "Brukarnamn              Port     Siste"
+
+msgid "**Never logged in**"
+msgstr "**Aldri vore innlogga**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: klarer ikkje oppdatere passordfil\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Bruk: %s [-p] [namn]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "      %s [-p] [-h vert] [-f namn]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "      %s [-p] -r vert\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Ugyldig innloggingstid"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Systemet stengt for rutinemessig vedlikehald"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Fråkopling omgått -- innlogging av root er tillete.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Innlogging gjekk ut på tid etter %d sekund.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s login: "
+msgstr ""
+"\n"
+"%s brukarnamn: "
+
+#, fuzzy
+msgid "login: "
+msgstr ""
+"\n"
+"%s brukarnamn: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr ""
+
+msgid "login: abort requested by PAM\n"
+msgstr ""
+
+msgid "Login incorrect"
+msgstr "Feil innlogging"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: linje %d: klarer ikkje finne brukar %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s brukarnamn: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr ""
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Ã…tvaring: innlogging gjort mogeleg igjen etter mellombels utestenging."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Førre innlogging: %s på %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Førre inlogging: %.19s på %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " frå %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Bruk: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Bruk: newgrp [-] [gruppe]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Bruk: sg gruppe [[-c] kommando]\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Gamalt passord:"
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: brukar %s finst ikkje\n"
+
+msgid "too many groups\n"
+msgstr "for mange grupper\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: gruppe %s eksisterer ikkje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: ugyldig brukarnamn «%s»\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: ugyldig brukarnamn «%s»\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: linje %d: ugyldig linje\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: klarer ikkje oppdatere oppføring for brukar %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: linje %d: klarer ikkje laga GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: linje %d: klarer ikkje laga GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: brukar %s finst ikkje\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: linje %d: klarer ikkje oppdatere passord\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: linje %d: mkdir feila\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: linje %d: chown feila\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: linje %d: kan ikkje oppdatere oppføring\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: linje %d: kan ikkje oppdatere oppføring\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: kan ikkje oppretta %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: klarer ikkje oppdatere gruppefil\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Gamalt passord:"
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Skriv inn det nye passordet (minimum %d, maksimum %d teikn)\n"
+"Bruk ein kombinasjon av store og små bokstavar og tal.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Skriv inn det nye passordet (minimum %d, maksimum %d teikn)\n"
+"Bruk ein kombinasjon av store og små bokstavar og tal.\n"
+
+msgid "New password: "
+msgstr "Nytt passord: "
+
+msgid "Try again."
+msgstr "Prøv igjen."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Åtvaring: Svakt passord (skriv det inn ein gong til for å bruka det likevel)."
+
+msgid "They don't match; try again.\n"
+msgstr "Passorda er ikkje like, prøv igjen.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Passordet for %s kan ikkje endrast.\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Passordet for %s kan ikkje endrast.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: arkiv %s er ikkje støtta\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "Du treng ikkje endra skal for %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Enrar passord for %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Passordet til %s er ikkje endra.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Passord er endra."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Åtvaring for utgått passord"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "Ugyldig oppføring i passordfila"
+
+msgid "duplicate password entry"
+msgstr "duplisert oppføring i passordfila"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "ugyldig brukarnamn «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "ugyldig brukarnamn «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "brukar %s: inga gruppe %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "brukar %s: mappe %s finst ikkje\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "brukar %s: program %s finst ikkje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: klarer ikkje låse fila %s\n"
+
+#, fuzzy, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "ingen oppføringar i passordfila som passar\n"
+
+#, fuzzy, c-format
+msgid "add user '%s' in %s? "
+msgstr "skuggegruppe %s: ingen brukar %s\n"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "ugyldig oppføring i skuggepassordfila"
+
+msgid "duplicate shadow password entry"
+msgstr "duplisert oppføring i skuggepassordfila"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "brukar %s: siste passordendring i framtida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: klarer ikkje opna fila %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: klarer ikkje skriva ny fila\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Tilgang til su for den kontoen er AVVIST.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Passordautentisering er forbigått.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Oppgje ditt EIGE passord for autentisering.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: klarer ikkje låse fila %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s\n"
+msgstr "passwd: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorert)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Du er ikkje autorisert til su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Skriv inn ditt eige passord)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: PAM-autentisering feila\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Du er ikkje autorisert til su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Inga passordoppføring for «root»"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: må køyrast frå ein terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: feil %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Klarer ikkje køyra %s"
+
+msgid "No password file"
+msgstr "Inga passordfil"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Inga passordoppføring for «root»"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Trykk Ctrl-d for å halda fram med normal oppstart,\n"
+"(eller oppgje root-passord for systemvedlikehald):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Startar modus for systemvedlikehald"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: klarer ikkje opprette fil for standardverdiar\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: klarer ikkje opna fil for standardverdiar\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: linje %d: chown feila\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: gje nytt namn: %s"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: gruppe «%s» er ei NIS-gruppe.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: for mange grupper spesifisert (maks %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Bruk: %s [inndata]\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: ugyldig startmappe «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: ugyldig kommentar «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: ugyldig heimemappe «%s»\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: skuggepassord krevst for -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: skuggepassord krevst for -f\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: ugyldig felt «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: ugyldig skal «%s»\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: linje %d: kan ikkje oppdatere oppføring\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+msgid "Creating mailbox file"
+msgstr ""
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+
+msgid "Setting mailbox file permissions"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: brukar %s finst\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: gruppa %s finst - viss du ønskjer å leggja brukaren til denne gruppa, "
+"bruk -g.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: kan ikkje oppretta %s\n"
+
+#, fuzzy, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: gid %u er ikkje unikt\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: kan ikkje oppretta %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: kan ikkje oppretta %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: kan ikkje oppretta %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: klarer ikkje endra brukar «%s» på NIS-klient.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr "%s: klarer ikkje fjerna primærgruppa til brukaren.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, fuzzy, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: ugyldig heimemappe «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: åtvaring: kan ikkje fjerna "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s ikkje eigd av %s, ikkje fjerna\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: klarer ikkje oppdatere fila %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: brukar %s er ikkje ein NIS brukar\n"
+
+#, fuzzy, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: ugyldig heimemappe «%s»\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: fjernar ikkje mappa %s (det ville fjerna heimemappa til brukar %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: feil ved fjerning av mappe %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: brukar %s finst\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: ugyldig dato «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: ugyldig dato «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: klarer ikkje opna fila %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: skuggepassord krevst for -e og -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: mappa %s finst\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: kan ikkje oppretta mappa %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: klarte ikkje endra namn på mappa %s til %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: åtvaring: %s er ikkje eigd av %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "klarte ikke å endra eigar av mailbox"
+
+msgid "failed to rename mailbox"
+msgstr "klarte ikkje endra namn på mailbox"
+
+#, fuzzy, c-format
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: felta er for lange\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: ugyldig startmappe «%s»\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s er ikkje endra\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "klarte ikkje endra namn på mailbox"
+
+#, fuzzy
+msgid "failed to drop privileges"
+msgstr "%s: ugyldig telefonnummer, arbeid: «%s»\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Klarte ikkje låsa fil"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+msgid "failed to gain privileges"
+msgstr ""
+
+msgid "Couldn't lock file"
+msgstr "Klarte ikkje låsa fil"
+
+msgid "Couldn't make backup"
+msgstr "Klarte ikkje laga reservekopi"
+
+#, fuzzy, c-format
+msgid "%s: %s: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s ikkje funne i /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+msgid "failed to open scratch file"
+msgstr "%s: klarer ikkje opna gruppefil\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: felta er for lange\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "klarte ikkje endra namn på mailbox"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "klarte ikke å endra eigar av mailbox"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "klarte ikkje endra namn på mailbox"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: klarer ikkje gjenoppretta %s: %s (endringane dine er i %s)\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: ugyldig startmappe «%s»\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Bruk: %s [inndata]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) feila\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM-autentisering feila\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Bruk: %s [-f fullt_namn] [-r romnr] [-w tlf_arb]\n"
+#~ "\t[-h tlf_heime] [-o anna] [brukar]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr "Bruk: %s [-f fullt_namn] [-r romnr] [-w tlf_arb] [-h tlf_heime]\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Bruk: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: klarer ikkje opna fila %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Bruk: goupdel gruppe\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Bruk: %s [-r] [-s] [gruppe [gskugge]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Bruk: %s [-r] [-s] [gruppe]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s og -r er inkompatible\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Bruk: goupdel gruppe\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Bruk: goupdel gruppe\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Bruk: %s [-q] [-r] [-s] [passord [skugge]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Bruk: %s [-q] [-r] [-s] [passord [skugge]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Bruk: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Bruk: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Ukjent id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Ingen skal\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: brukaren %s er pålogga\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: ingen flagg oppgjeve\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Bruk: %s [inndata]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: kan ikkje oppretta %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: kan ikkje chown %s\n"
+
+#, fuzzy
+#~ msgid "Password set to expire."
+#~ msgstr "Passordet ditt er utgått."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: klarer ikkje låsa passordfil\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: klarer ikkje opna passordfil\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: klarer ikkje låsa skuggepassordfila\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: klarer ikkje opna skuggepassordfila\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: klarer ikkje skriva ny skuggepassordfil\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: klarer ikkje skriva ny passordfil\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: klarer ikkje oppdatere skuggepassordfil\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tFullt namn: %s\n"
+
+#, fuzzy
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "Romnummer"
+
+#, fuzzy
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "Telefon, arbeid"
+
+#, fuzzy
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "Telefon, heime"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Klarer ikkje låsa passordfila, prøv igjen seinare.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Klarer ikkje opna passordfila.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Feil ved oppdatering av passordet.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Klarer ikkje utføra endringar i passordfila.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Klarer ikkje låsa opp passordfila.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: klarer ikkje låsa gruppefil\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: klarer ikkje opna gruppefil\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: klarer ikkje låsa skuggepassordfila\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: klarer ikkje opna skuggepassordfila\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: feil ved oppdatering av skuggepassordfila\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: feil ved oppdatering av gruppeoppføring\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: linje %d: ukjent brukar %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: linje %d: kan ikkje oppdatere oppføring\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: klarer ikkje låsa skuggepassordfila\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: feil ved oppdatering av skuggepassordfila\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: feil ved oppdatering av passordfila\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: linje %d: ukjent brukar %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: linje %d: klarer ikkje oppdatere passordet\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: ukjent brukar\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Ukjent brukar: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Bruk: %s [-r|-R] gruppe\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "      %s [-a brukar] gruppe\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "      %s [-d brukar] gruppe\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "      %s [-A brukar,...] [-M brukar,...] gruppe\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "      %s [-M brukar,...] gruppe\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: klarer ikkje få lås\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: klarer ikkje få lås på skuggefil\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: klarer ikkje opna fil\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: klarer ikkje skriva ny skuggefil\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: klarer ikkje låsa opp fil\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: klarer ikkje oppdatere oppføring\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: klarer ikkje oppdatere skuggeoppføring\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "ukjent gruppe: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: klarer ikkje opna fil\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: klarer ikkje opna skuggepassordfila\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Kven er du?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: ukjent medlem %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: feil ved oppretting av ny gruppeoppføring\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: klarer ikkje skriva ny gruppefil\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: klarer ikkje skriva ny skuggegruppefil\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: klarer ikkje låsa gruppefil\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: klarer ikkje opna gruppefil\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: klarer ikkje låsa skuggegruppefil\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: klarer ikkje opna skuggegruppefil\n"
+
+#, fuzzy
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: gid %u er ikkje unikt\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: feil ved fjerning av gruppeoppføring\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: feil ved fjerning av oppføring for skuggegruppe\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: klarer ikkje fjerna primærgruppa til brukaren.\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: PAM-autentisering feila\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s: klarer ikkje låsa gruppefil\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s: klarer ikkje opna gruppefila\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s ikkje funne i /etc/group\n"
+
+#, fuzzy
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u er ikkje ein unik gid\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s er ikkje eit unikt namn\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: klarer ikkje skriva ny passordfil\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: klarer ikkje låsa passordfil\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: klarer ikkje opna passordfil\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: klarer ikkje oppdatere skuggeoppføring for %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: klarer ikkje oppdatere oppføring for gruppa %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: klarer ikkje låsa skuggegruppefil\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: klarer ikkje opna skuggegruppefil\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: klarer ikkje fjerna skuggegruppe %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: klarer ikkje oppdatere skuggegruppefil\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: klan ikkje slette skuggegruppefil\n"
+
+#, fuzzy
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "ukjent GID: %lu\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "ukjent GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: gruppe %s eksisterer ikkje\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: brukar %s finst ikkje\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: ugyldig brukarnamn «%s»\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: klarer ikkje låsa /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: klarer ikkje låsa /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: klarer ikkje låsa /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: klarer ikkje låsa /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: klarer ikkje opna filer\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: feil ved oppdatering av filer\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: klarer ikkje oppdatere oppføring i passordfila for %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: klarer ikkje låda passordfil\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: klarer ikkje opna passordfil\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: klarer ikkje fjerna oppføring for %s i skuggepassordfila\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: klarer ikkje oppdatere passordfil\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: klarer ikkje oppdatere oppføring for brukar %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: klarer ikkje sletta skuggepassordfil\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: ukjent GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: ukjent gruppe %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: slapp opp for minne i update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: klarer ikkje skriva ny passordfil\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: klarer ikkje skriva ny skuggepassordfil\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: klarer ikkje låsa skuggepassordfil\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: klarer ikkje opna skuggepassordfil\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: feil ved låsing av gruppefil\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: feil ved opning av gruppefil\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: feil ved låsing av skuggegruppefil\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: feil ved opning av skuggegruppefil\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: feil når passordoppføring blei lagt til\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: feil når oppføring av skuggepassord blei lag til\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: åtvaring: CREATE_HOME ikkje støtta, bruk -m istaden.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: feil ved oppdatering av gruppeoppføring\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: feil ved oppdatering av gruppeoppføring\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: klarer ikkje opna gruppefila\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: klarer ikkje opna skuggepassordfila\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: feil ved sletting av passordoppføring\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: feil ved sletting av skuggepassordoppføring\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: feil ved oppretting av ny gruppeoppføring\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu er ikkje unik\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: feil ved endring av passordoppføring\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: feil ved sletting av passordoppføring\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: feil ved sletting av oppføring for skuggepassord\n"
+
+#, fuzzy
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: klarer ikkje få unikt gid\n"
+
+#, fuzzy
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " på «%.100s» frå «%.200s»"
+
+#, fuzzy
+#~ msgid " on '%.100s'"
+#~ msgstr " på «%.100s»"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: linje %d: klarer ikkje laga UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: namn %s er ikkje unikt\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Inga passordfil\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Ã…rsak.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Passordet for %s kan ikkje endrast enno.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Ã…rsak."
diff --git a/po/pl.po b/po/pl.po
new file mode 100644
index 0000000..6078661
--- /dev/null
+++ b/po/pl.po
@@ -0,0 +1,3625 @@
+# Polish translation for shadow.
+# Copyright (C) 1999 Free Software Foundation, Inc.
+# Arkadiusz Miśkiewicz <misiek@misiek.eu.org>, 1999.
+# Jakub Bogusz <qboosh@pld-linux.org>, 2003-2004.
+# Tomasz KÅ‚oczko <kloczek@pld.org.pl>, 2004-2006
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2007-11-25 20:53+0100\n"
+"Last-Translator: Tomasz KÅ‚oczko <kloczek@pld.org.pl>\n"
+"Language-Team: Polish <translation-team-pl@lists.sourceforge.net>\n"
+"Language: pl\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 "
+"|| n%100>=20) ? 1 : 2);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Nie można przydzielić miejsca dla informacji o konfiguracji.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"błąd w konfiguracji - nieznana pozycja '%s' (powiadom administratora)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Hasło: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Hasło użytkownika %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Nie można przydzielić miejsca dla informacji o konfiguracji.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Zmieniam informację o użytkowniku %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Nie można ustalić twojej nazwy użytkownika.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: linia %d: nie można znaleźć użytkownika %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: brak pamięci\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: nie można zaktualizować pliku %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: nieprawidłowy katalog domowy '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: ostrzeżenie: nie można usunąć "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: ostrzeżenie: nie można usunąć "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: zmiana nazwy: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: ostrzeżenie: nie można usunąć "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: ostrzeżenie: nie można usunąć "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: nie można zaktualizować pliku %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: nie można zaktualizować pliku z ukrytymi hasłami\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: zmiana nazwy: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: nie można otworzyć pliku %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Ostrzeżenie: nieznana grupa %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Ostrzeżenie: zbyt wiele grup\n"
+
+msgid "Your password has expired."
+msgstr "Twoje hasło straciło ważność."
+
+msgid "Your password is inactive."
+msgstr "Twoje hasło jest nieaktywne."
+
+msgid "Your login has expired."
+msgstr "Twoje konto straciło ważność."
+
+msgid "  Contact the system administrator."
+msgstr "  Skontaktuj siÄ™ z administratorem systemu."
+
+msgid "  Choose a new password."
+msgstr "  Wybierz nowe hasło."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Twoje hasło straci ważność w ciągu %ld dni.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Jutro twoje hasło straci ważność."
+
+msgid "Your password will expire today."
+msgstr "Dziś twoje hasło straci ważność."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Nie można zmienić tty %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: pola zbyt długie\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Przepełnienie środowiska\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Nie możesz zmieniać $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d nieudana próba logowania od ostatniego logowania.\n"
+"Ostatnie logowanie: dnia %s na terminalu %s.\n"
+msgstr[1] ""
+"%d nieudane próby logowania od ostatniego logowania.\n"
+"Ostatnie logowanie: dnia %s na terminalu %s.\n"
+msgstr[2] ""
+"%d nieudanych prób logowania od ostatniego logowania.\n"
+"Ostatnie logowanie: dnia %s na terminalu %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "zmiana właściciela skrzynki pocztowej nie powiodła się"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: nie można uzyskać niepowtarzalnego UID\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: nie można uzyskać niepowtarzalnego GID\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: nie można uzyskać niepowtarzalnego UID\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: nie można uzyskać niepowtarzalnego UID\n"
+
+msgid "Too many logins.\n"
+msgstr "Zbyt wiele otwartych sesji.\n"
+
+msgid "You have new mail."
+msgstr "Masz nowÄ… pocztÄ™."
+
+msgid "No mail."
+msgstr "Nie masz poczty."
+
+msgid "You have mail."
+msgstr "Masz pocztÄ™."
+
+msgid "no change"
+msgstr "bez zmian"
+
+msgid "a palindrome"
+msgstr "palindrom"
+
+msgid "case changes only"
+msgstr "zmieniona tylko wielkości liter"
+
+msgid "too similar"
+msgstr "zbyt podobne"
+
+msgid "too simple"
+msgstr "za proste"
+
+msgid "rotated"
+msgstr "rotacja"
+
+msgid "too short"
+msgstr "za krótkie"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Złe hasło: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() nie powiodło się, błąd %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Hasło zmienione."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: hasło zostało zmienione\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Nieprawidłowe hasło %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: nieprawidłowy numer telefonu domowego: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Nie można zmienić katalogu na '%s'\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Brak katalogu, logujÄ™ z HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Nie można uruchomić %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Nieprawidłowy katalog główny '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Nie można zmienić głównego katalogu na '%s'\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Nie można ustalić nazwy twojego terminala."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "Nie\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Wpisz nową wartość lub wciśnij ENTER by przyjąć wartość domyślną"
+
+msgid "Minimum Password Age"
+msgstr "Minimalny wiek hasła"
+
+msgid "Maximum Password Age"
+msgstr "Maksymalny wiek hasła"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Ostatnia zmiana hasła (RRRR-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Ostrzeżenie o utracie ważności hasła"
+
+msgid "Password Inactive"
+msgstr "Hasło nieaktywne"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Data utraty ważności konta (RRRR-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Ostatnia zmiana hasła\t\t\t\t\t: "
+
+msgid "never"
+msgstr "nigdy"
+
+msgid "password must be changed"
+msgstr "Hasło musi zostać zmienione"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Hasło traci ważność\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Hasło nieaktywne\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Konto traci ważność\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Minimalna ilość dni pomiędzy zmianami hasła\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Maksymalna ilość dni pomiędzy zmianami hasła\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Liczba dni ostrzeżenia, zanim ważność hasła upłynie\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: nieprawidłowa data '%s'\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: nieprawidłowy argument numeryczny '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: nie Å‚Ä…cz \"l\" z innymi flagami\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Operacja niedozwolona.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Nie można ustalić twojej nazwy użytkownika.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: nie można zablokować plików, spróbuj później\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: nie można otworzyć pliku %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: failure forking: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: brak pliku z ukrytymi hasłami\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: użytkownik %s nie istnieje\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Zmieniam informację o użytkowniku %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: błąd podczas zmieniania pól\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "ImiÄ™ i nazwisko"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Numer pokoju"
+
+msgid "Work Phone"
+msgstr "Telefon do pracy"
+
+msgid "Home Phone"
+msgstr "Telefon domowy"
+
+msgid "Other"
+msgstr "Inne"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Nie można zmienić ID na root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: nieprawidłowa nazwa: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: nieprawidłowy numer pokoju: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: nieprawidłowy numer telefonu do pracy: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: nieprawidłowy numer telefonu domowego: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' zawiera nieprawidłowe znaki\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' zawiera nieprawidłowe znaki\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: użytkownik %s nie istnieje\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: nie można zmienić użytkownika '%s' na kliencie NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' jest nadrzędnym serwerem NIS dla tego klienta.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Zmieniam informację o użytkowniku %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: pola zbyt długie\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: opcja -a można użyć TYLKO z pcją -G\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: linia %d: linia zbyt długa\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: linia %d: brakuje nowego hasła\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: grupa %s nie istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: linia %d: nie można zaktualizować wpisu\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: wykryto błąd, zignorowano modyfikacje\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: użytkownik %s nie istnieje\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: użytkownik %s nie istnieje\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Powłoka logowania"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Nie możesz zmieniać powłoki dla %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Zmieniam powłokę logowania dla %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Nieprawidłowy wpis: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s jest nieprawidłową powłoką.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: użytkownik %s nie istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: ostrzeżenie: właścicielem %s nie jest %s\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: nieoczekiwany argument: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Login       Nieudane Maks.   Ostanio                  Na\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [pozostało %lds]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [blokada %lds]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Nieznany użytkownik: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Hasło dla %s nie może być zmienione.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "Hasło dla %s nie może być zmienione.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: plik z ukrytymi hasłami grup wymagany dla -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: grupa %s nie istnieje\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: failure forking: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Zmieniam hasło dla grupy %s\n"
+
+msgid "New Password: "
+msgstr "Nowe hasło: "
+
+msgid "Re-enter new password: "
+msgstr "Wpisz hasło ponownie: "
+
+msgid "They don't match; try again"
+msgstr "Nie zgadzają się; spróbuj ponownie"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Spróbuj ponownie później\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Dodaję nowego użytkownika %s do grupy %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Usuwam użytkownika %s z grupy %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: użytkownik %s nie istnieje\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: To nie tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s: nie jest prawidłową nazwą grupy\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "nieprawidłowa nazwa grupy '%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K wymaga KLUCZ=WARTOŚĆ\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: grupa %s istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "Członek grupy już istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Nie można ustalić twojej nazwy użytkownika.\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: nie można zmienić użytkownika '%s' na kliencie NIS.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: grupa %s nie istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: grupa '%s' jest grupÄ… NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s jest głównym serwerem NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: użytkownik %s jest użytkownikiem NIS\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: zabrakło pamięci w update_group\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "nieprawidłowa nazwa grupy '%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: grupa %s jest grupÄ… NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: nieznany użytkownik %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s i -r sÄ… niekompatybilne\n"
+
+msgid "invalid group file entry"
+msgstr "nieprawidłowy wpis do pliku grup"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "usunąć linię '%s'? "
+
+msgid "duplicate group entry"
+msgstr "powtórzony wpis w pliku grup"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "nieprawidłowa nazwa grupy '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "nieprawidłowa nazwa grupy '%s'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grupa %s: nie ma użytkownika %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "skasować członka '%s'? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "brak pasujÄ…cego wpisu w pliku group %s\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "dodać grupę '%s' w %s ?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "nieprawidłowy wpis w pliku z ukrytymi hasłami grup"
+
+msgid "duplicate shadow group entry"
+msgstr "powtórzony wpis w pliku z ukrytymi hasłami grup"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr ""
+"grupa %s: użytkownik administracyjny %s z pliku ukrytych haseł grup nie "
+"istnieje\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "usunąć członka administracyjnego '%s'? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "grupa %s: użytkownik %s z pliku ukrytych haseł grup nie istnieje\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: pliki zostały zaktualizowane\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: bez zmian\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: nie można zaktualizować pliku %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Użycie: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Użycie: id\n"
+
+msgid " groups="
+msgstr " grupy="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr "Użytkownik       Port     Z                Ostatnio"
+
+msgid "Username                Port     Latest"
+msgstr "Użytkownik             Port     Ostatnio"
+
+msgid "**Never logged in**"
+msgstr "**Nigdy nie zalogowany**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: nie można zaktualizować pliku z hasłami\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Użycie: %s [-p] [nazwa]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "        %s [-p] [-h host] [-f nazwa]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "        %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Nieprawidłowy czas logowania"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"System zamknięty do rutynowej konserwacji."
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Rozłączenie pominięte -- zezwolenie na logowanie się roota.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Brak wpisu w utmp.  Musisz wykonać \"login\" z najniższego poziomu \"sh\""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Limit czasu logowania przekroczony po %d sekundach.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM niepowodzenie, przerwane: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Maksymalna ilość prób przekroczona (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: przerwanie wywołane przez PAM\n"
+
+msgid "Login incorrect"
+msgstr "Nieprawidłowe logowanie"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: linia %d: nie można znaleźć użytkownika %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: failure forking: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Ostrzeżenie: logowanie ponownie odblokowanie po czasowej blokadzie."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Ostatnie logowanie: %s na %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Ostatnie logowanie: %s na %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " z %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"przekroczony czas logowania\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Użycie: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Użycie: newgrp [-] [grupa]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Użycie: sg grupa [[-c] polecenie]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Stare hasło: "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: failure forking: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: użytkownik %s nie istnieje\n"
+
+msgid "too many groups\n"
+msgstr "zbyt wiele grup\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: grupa %s nie istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: nieprawidłowa nazwa użytkownika '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: nieprawidłowa nazwa użytkownika '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: linia %d: nieprawidłowa linia\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: nie można zaktualizować wpisu dla użytkownika %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: linia %d: nie można utworzyć GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: linia %d: nie można utworzyć GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: użytkownik %s nie istnieje\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: linia %d: nie można zaktualizować pliku z hasłami\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: linia %d: mkdir nie powiodło się\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: linia %d: chown nie powiodło się\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: linia %d: nie można zaktualizować wpisu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: nie można utworzyć %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: nie można zaktualizować pliku z grupami\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Stare hasło: "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Wpisz nowe hasło (minimum %d, maksimum %d znaków)\n"
+"Proszę użyj kombinacji wielkich i małych znaków oraz cyfr.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Wpisz nowe hasło (minimum %d, maksimum %d znaków)\n"
+"Proszę użyj kombinacji wielkich i małych znaków oraz cyfr.\n"
+
+msgid "New password: "
+msgstr "Nowe hasło: "
+
+msgid "Try again."
+msgstr "Spróbuj ponownie."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Ostrzeżenie: słabe hasło (wpisz je ponowie jeśli jednak chcesz go użyć)."
+
+msgid "They don't match; try again.\n"
+msgstr "Nie zgadzają się; spróbuj ponownie.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Hasło dla %s nie może być zmienione.\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Hasło dla %s nie może być zmienione.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: repozytorium %s nie jest obsługiwane\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Nie możesz przeglądać lub zmieniać informacji o haśle dla %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Zmieniam hasło dla %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Hasło dla %s pozostaje niezmienione.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Hasło zmienione."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Ostrzeżenie o utracie ważności hasła"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "nieprawidłowy wpis do pliku z hasłami"
+
+msgid "duplicate password entry"
+msgstr "powtórzony wpis w pliku z hasłami"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "nieprawidłowa nazwa użytkownika '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "nieprawidłowa nazwa użytkownika '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "użytkownik %s: brak grupy %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "użytkownik %s: katalog %s nie istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "użytkownik %s: program %s nie istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: nie można zablokować pliku %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "brak pasującego wpisu w pliku z hasłami %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "dodać grupę '%s' w %s ?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "nieprawidłowy wpis w pliku z hasłami"
+
+msgid "duplicate shadow password entry"
+msgstr "powtórzony wpis w pliku z ukrytymi hasłami"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "użytkownik %s: ostatnia zmiana hasła w przyszłości\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: nie można otworzyć pliku %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: nie można przepisać pliku\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Dostęp do polecenia su z tego konta ZABRONIONY.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Uwierzytelnianie na podstawie hasła pominięte.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Proszę wpisz swoje W�ASNE hasło jako hasło uwierzytelniające.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: nie można zablokować pliku %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Użycie: su [opcje] [LOGIN]\n"
+"\n"
+"Opcje:\n"
+"  -c, --command POLECENIE   uruchom POLECENIE w to wywoływanym shellu\n"
+"  -h, --help                wyświetlenie tego opisu i zakończenie działania\n"
+"  -, -l, --login            uruchom z  powłoką z powłoką zgłoszeniową\n"
+"  -m, -p,\n"
+"  --preserve-environment    uruchomienie z zachowaniem zmiennych środowiska\n"
+"  -s, --shell SHELL         użyj SHELL zamiast domyślny shell z passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Zignorowano)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Nie masz autoryzacji by używać su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Wpisz swoje własne hasło)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: błąd podczas uwierzytelniania przez PAM\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Nie masz autoryzacji by używać su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Brak wpisu do bazy haseł dla 'root'"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: musisz uruchamiać z terminala\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: błąd %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Nie można uruchomić %s"
+
+msgid "No password file"
+msgstr "Brak pliku z hasłami"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Brak wpisu do bazy haseł dla 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Naciśnij control-d by kontynuować normalny start\n"
+"(lub podaj hasło roota by przejść do trybu konserwacji systemu):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "WchodzÄ™ w tryb konserwacji systemu"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: nie można utworzyć nowego pliku z ustawieniami domyślnymi\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: nie można otworzyć nowego pliku z ustawieniami domyślnymi\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: linia %d: chown nie powiodło się\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: zmiana nazwy: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: grupa '%s' jest grupÄ… NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: podano zbyt wiele grup (maks %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Użycie: %s [wejście]\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: nieprawidłowy katalog bazowy '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: nieprawidłowy komentarz '%s'\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: nieprawidłowy katalog domowy '%s'\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: ukryte hasła wymagane dla -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: ukryte hasła wymagane dla -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: nieprawidłowe pole '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: nieprawidłowa powłoka '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Tworzenie pliku mailbox"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Nie znaleziono grupy 'mail'. Tworzenie pliku mailbox użytkownika z prawami "
+"dostępu 600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Ustawianie praw dostępu do pliku mailbox"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: użytkownik %s istnieje\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: grupa %s istnieje - aby dodać tego użytkownika do tej grupy, użyj -g.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: nie można utworzyć %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %u nie jest niepowtarzalny\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: nie można utworzyć %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: nie można utworzyć %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: nie można utworzyć %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: uwaga: katalog domowy już istnieje.\n"
+"Pliki z katalogu skel nie sÄ… kopiowane.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: nie można zmienić użytkownika '%s' na kliencie NIS.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: nie można usunąć grupy %s która jest grupą podstawową\n"
+"dla innego użytkownika.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: nieprawidłowy katalog domowy '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: ostrzeżenie: nie można usunąć "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: właścicielem %s nie jest %s, nie usuwam\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: użytkownik %s jest użytkownikiem NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: nieprawidłowy katalog domowy '%s'\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: nie usuwam katalogu %s (usunęłoby to katalog domowy użytkownika %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: błąd podczas usuwania katalogu %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: użytkownik %s istnieje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: nieprawidłowa data '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: nieprawidłowa data '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: nie można otworzyć pliku %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: ukryte hasła wymagane dla -e i -f\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "Członek grupy już istnieje\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: katalog %s istnieje\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: nie można utworzyć katalogu %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: uwaga: nie powiodło się całkowite usuniecie starego katalogu domovego %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: nie można zmienić nazwy katalogu z %s na %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: ostrzeżenie: właścicielem %s nie jest %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "zmiana właściciela skrzynki pocztowej nie powiodła się"
+
+msgid "failed to rename mailbox"
+msgstr "zmiana nazwy skrzynki pocztowej nie powiodła się"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s jest niezmieniony\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "zmiana nazwy skrzynki pocztowej nie powiodła się"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Nie można zablokować pliku"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: niepowiodło się porzucenie uprawnień (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Nie można zablokować pliku"
+
+msgid "Couldn't make backup"
+msgstr "Nie można wykonać kopii zapasowej"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: nie znaleziono %s w /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Nie można otworzyć pliku z grupami\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: pola zbyt długie\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "zmiana nazwy skrzynki pocztowej nie powiodła się"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "zmiana właściciela skrzynki pocztowej nie powiodła się"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "zmiana nazwy skrzynki pocztowej nie powiodła się"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: nie można odzyskać %s: %s (twoje zmiany są w %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: nieprawidłowy katalog bazowy '%s'\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Użycie: %s [wejście]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) nie powiodło się\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -d, --lastday LAST_DAY        set last password change to LAST_DAY\n"
+#~| "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --list                    show account aging information\n"
+#~| "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "  -W, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: chage [opcje] [LOGIN]\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ "  -d, --lastday OSTATNI         ustawia date ostatniej zmiany hasła na "
+#~ "OSTATNI\n"
+#~ "  -E, --expiredate DATA_WAŻN    ustawia datę ważności konta na DATA_WAŻN\n"
+#~ "  -h, --help                    wyświetlenie tego opisu i zakończenie "
+#~ "działania\n"
+#~ "  -I, --inactive NIEAKTYWNE     ustwia liczbę dni nieaktywności konta po\n"
+#~ "                                których konta jest blokowane na "
+#~ "NIEAKTYWNE\n"
+#~ "  -l, --list                    wyświetlenie informacji o terminach "
+#~ "ważności\n"
+#~ "                                konta i hasła\n"
+#~ "  -m, --mindays MIN_DNI         ustawia minimalną liczbę dni pomiędzy\n"
+#~ "                                zmianami hasła na wartość MIN_DNI\n"
+#~ "  -M, --maxdays MAX_DNI         ustawia maksymalnÄ… liczbÄ™ dni, przez "
+#~ "jakie\n"
+#~ "                                hasło jest ważne na wartość MAX_DNI\n"
+#~ "  -W, --warndays DNI_OSTRZ      ustawia na DNI_OSTRZ liczbÄ™ dni przed\n"
+#~ "                                upływem ważności hasła\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: błąd podczas uwierzytelniania przez PAM\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Użycie: %s [-f imię_nazwisko] [-r nr_pokoju] [-w tel_praca]\n"
+#~ "\t[-h tel_dom] [-o inne] [użytkownik]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Użycie: %s [-f imię_nazwisko] [-r nr_pokoju] [-w tel_praca] [-h tel_dom]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Użycie: chpasswd [opcje]\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ "  -e, --encrypted       przekazywane hasła są w postaci zakodowane\n"
+#~ "  -h, --help            wyświetlenie tego opisu i zakończenie działania\n"
+#~ "  -m, --md5             użyj kodowania MD5 zamiast DES w przypadku kiedy\n"
+#~ "                        przekazywane hasła nie są zakodowane\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: chsh [opcje] [LOGIN]\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ "  -h, --help            wyświetlenie tego opisu i zakończenie działania\n"
+#~ "  -s, --shell SHELL     nowy SHELL dla użytkownika LOGIN\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Użycie: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: nie można otworzyć pliku %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Użycie: groupdel grupa\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Użycie: %s [-r] [-s] [grupa [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Użycie: %s [-r] [-s] [grupa]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s i -r sÄ… niekompatybilne\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Użycie: groupdel grupa\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Użycie: groupdel grupa\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: lastlog [opcje]\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ "  -b, --before DNI      wyświetl tylko rekordy lastlog starsze niż DNI\n"
+#~ "  -h, --help            wyświetlenie tego opisu i zakończenie działania\n"
+#~ "  -t, --time DNI        wyświetl tylko rekordy lastlog nie starsze niż "
+#~ "DNI\n"
+#~ "  -u, --user LOGIN      wyświetl rekord lastlog tylko dla użytkownika\n"
+#~ "                        o loginie LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: passwd [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     report password status on all accounts\n"
+#~| "  -d, --delete                  delete the password for the named "
+#~| "account\n"
+#~| "  -e, --expire                  force expire the password for the named "
+#~| "account\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -k, --keep-tokens             change password only if expired\n"
+#~| "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --lock                    lock the named account\n"
+#~| "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -r, --repository REPOSITORY   change password in REPOSITORY "
+#~| "repository\n"
+#~| "  -S, --status                  report password status on the named "
+#~| "account\n"
+#~| "  -u, --unlock                  unlock the named account\n"
+#~| "  -w, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "  -x, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: passwd [opcje] [LOGIN]\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ "  -a, --all                     raportuj status hasła dla wszystkich "
+#~ "kont\n"
+#~ "  -d, --delete                  kasuje hasło użytkowanika\n"
+#~ "  -e, --expire                  wymuś przeterminowanie hasła\n"
+#~ "  -h, --help                    wyświetlenie tego opisu i zakończenie "
+#~ "działania\n"
+#~ "  -k, --keep-tokens             zmiana hasła tylko w przypadku kiedy\n"
+#~ "                                jest przeterminowane\n"
+#~ "  -i, --inactive NIEAKTYWNE     konto przeterminowane po upływie "
+#~ "NIEAKTYWNE\n"
+#~ "                                dni po wygaśnięciu hasła\n"
+#~ "  -l, --lock                    zablokuj konto\n"
+#~ "  -n, --mindays MIN_DNI         ustaw minimalną ilość dni prezed kolejną\n"
+#~ "                                zmianą hasła na MIN_DNI\n"
+#~ "  -n, --mindays MIN_DNI         ustawia minimalną liczbę dni pomiędzy\n"
+#~ "                                zmianami hasła na MIN_DNI\n"
+#~ "  -q, --quiet                   cichy tryb pracy\n"
+#~ "  -r, --repository REPOZYTORIUM zmień hasło w repozytorium REPOZYTORIUM\n"
+#~ "  -S, --status                  raportuj status hasła\n"
+#~ "  -u, --unlock                  odblokuj konto\n"
+#~ "  -w, --warndays DNI_OSTRZ      ustawia na DNI_OSTRZ liczbÄ™ dni przed\n"
+#~ "                                upływem ważności hasła\n"
+#~ "  -x, --maxdays MAX_DNI         ustawia maksymalnÄ… liczbÄ™ dni, przez "
+#~ "jakie\n"
+#~ "                                hasło jest ważne na wartość MAX_DNI\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Użycie: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Użycie: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Użycie: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Użycie: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Nieznany id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Brak powłoki\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: userdel [opcje] LOGIN\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ "  -f, --force               wymuś usunięcie plików nawet jeżeli nie "
+#~ "należą\n"
+#~ "                            do usuwanego użytkownika\n"
+#~ "  -h, --help                wyświetlenie tego opisu i zakończenie "
+#~ "działania\n"
+#~ "  -r, --remove              usuń katalog domowy i spool pocztowy\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: użytkownik %s jest aktualnie zalogowany\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Użycie: usermod [opcje] LOGIN\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ "  -a, --append GRUPA          dołącz użytkownika do do dodatkowej grupy "
+#~ "GRUPA\n"
+#~ "  -c, --comment KOMENTARZ     ustaw pole komentarza (GECOS) dla konta\n"
+#~ "  -d, --home-dir KAT_DOMOWY   nowy katalog domowy użytkownika\n"
+#~ "  -e, --expiredate DATA_WAŻN  ustawia datę wazności dla konta na "
+#~ "DATA_WAŻN\n"
+#~ "  -f, --inactive NIEAKTYWNE   ustwia liczbę dni po których konto jest\n"
+#~ "                              blokowane na NIEAKTYWNE\n"
+#~ "  -g, --gid GRUPA             wymuś użycie grupy GRUPA jako grupy\n"
+#~ "                              podstawowej użytkownika\n"
+#~ "  -G, --groups GRUPY          lista dodatkowych grup uzytkownika\n"
+#~ "  -h, --help                  wyświetlenie tego opisu i zakończenie "
+#~ "działania\n"
+#~ "  -l, --login NOWY_LOGIN      nowa nawana logina użytkownika\n"
+#~ "  -L, --lock                  blokuj konto użytkowqnika\n"
+#~ "  -m, --move-home             przenieś zawartość katalogu domowego\n"
+#~ "                              użytkownika (może być użyte tylko z opcją -"
+#~ "d)\n"
+#~ "  -o, --non-unique            pozwól na użycie nieunikalnego UID dla "
+#~ "konta\n"
+#~ "  -p, --password HAS�O        użyj nowe zakodowane HAS�O dla użytkonta\n"
+#~ "  -s, --shell SHELL           nowy SHELL dla użytkownika LOGIN\n"
+#~ "  -U, --unlock                odblokuj konto użytkownika\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: nie podano flag\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: vipw [opcje]\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ "  -g, --group           edycja bazy group\n"
+#~ "  -h, --help            wyświetlenie tego opisu i zakończenie działania\n"
+#~ "  -p, --passwd          edycja bazy passwd\n"
+#~ "  -q, --quiet           cichy tryb pracy\n"
+#~ "  -s, --shadow          edycja bazy shadow lub gshadow\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Użycie: %s [wejście]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: nie można utworzyć %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: nie można zmienić właściciela %s\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     display faillog records for all users\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --lock-time SEC           after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| "  -m, --maximum MAX             set maximum failed login counters to "
+#~| "MAX\n"
+#~| "  -r, --reset                   reset the counters of login failures\n"
+#~| "  -t, --time DAYS               display faillog records more recent than "
+#~| "DAYS\n"
+#~| "  -u, --user LOGIN              display faillog record or maintains "
+#~| "failure\n"
+#~| "                                counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| "                                options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: faillog [opcje]\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ "  -a, --all             wyświetlaj rekordy failloga dla wszystkich "
+#~ "użytkowników\n"
+#~ "  -h, --help            wyświetlenie tego opisu i zakończenie działania\n"
+#~ "  -l, --lock-time SEK   ustaw na SEK sekund blokadÄ™ konta po nieudanym\n"
+#~ "                        logowaniu\n"
+#~ "  -m, --maximum MAX     ustaw maksymalną ilość niepoprawnych logowań na "
+#~ "MAX\n"
+#~ "  -r, --reset           wyzeruj licznik niepoprawnych logowań\n"
+#~ "  -t, --time DNI        wyświetlaj rekordy nie starsze niż DNI\n"
+#~ "  -u, --user LOGIN      wyświetlaj rekordy lub zarządzaj licznikami\n"
+#~ "                        i limitami faillog (w połaczeniu z opcjami -r,\n"
+#~ "                        -m lub -l) tylko dla użytkownika o loginie LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: groupadd [opcje] GRUPA\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ "  -f, --force                wymyś zakończenie programu z poprawnym\n"
+#~ "                             statusem jeżeli grupa już istnieje\n"
+#~ "  -g, --gid GID              użyj GID dla tworzonej grupy\n"
+#~ "  -h, --help                 wyświetlenie tego opisu i zakończenie "
+#~ "działania\n"
+#~ "  -K, --key KLUCZ=WARTOŚĆ    przysłoń wartość domyślną z /etc/login.defs\n"
+#~ "  -o, --non-unique           pozwól na utworzenie grupy z nieunikalnym "
+#~ "GID\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: groupmod [opcje] GRUPA\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ "  -g, --gid GID                 wymuś użycie nowego GID dla grupy GRUPA\n"
+#~ "  -h, --help                    wyświetlenie tego opisu i zakończenie "
+#~ "działania\n"
+#~ "  -n, --new-name NOWA_GRUPA     wymuś użycie nazwy grupy NOWA_GRUPA "
+#~ "zamiast\n"
+#~ "                                GRUPA\n"
+#~ "  -o, --non-unique              pozwól na utworzenie grupy z nieunikalnym "
+#~ "GID\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Użycie: useradd [opcje] LOGIN\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ "  -b, --base-dir KAT_BAZOWY     katalog bazowy dla katalogu domowego "
+#~ "nowo\n"
+#~ "                                tworzonego konta\n"
+#~ "  -c, --comment COMMENT         ustaw pole komentarza (GECOS) dla nowo\n"
+#~ "                                tworzonego konta\n"
+#~ "  -d, --home-dir KAT_DOMOWY     katalog domowy dla nowo tworzonego konta\n"
+#~ "  -D, --defaults                wypisz lub zapisz domyślną konfigurację\n"
+#~ "                                programu useradd\n"
+#~ "  -e, --expiredate DATA_WAŻN.   ustawia datę wazności dla nowo "
+#~ "tworzonego\n"
+#~ "                                konta na DATA_WAŻN.\n"
+#~ "  -f, --inactive NIEAKTYWNE     ustwia liczbę dni po których konto jest\n"
+#~ "                                blokowane na NIEAKTYWNE\n"
+#~ "  -h, --help                    wyświetlenie tego opisu i zakończenie\n"
+#~ "                                działania\n"
+#~ "  -g, --gid GROUP               wymuś użycie konkretnej grupy dla nowo\n"
+#~ "                                tworzonego konta\n"
+#~ "  -G, --groups GROUPS           lista dodatkowych grup dla nowo "
+#~ "tworzonego\n"
+#~ "                                konta\n"
+#~ "  -k, --skel SKEL_DIR           podaj alternatywną ścieżkę do katalogu "
+#~ "skel\n"
+#~ "  -K, --key KLUCZ=WARTOŚĆ       przysłoń wartość domyślną z /etc/login."
+#~ "defs\n"
+#~ "  -m, --create-home             twórz katalog domowy dla nowego "
+#~ "użytkownika\n"
+#~ "  -o, --non-unique              pozwól na utworzenie konta z nieunikalnym "
+#~ "UID\n"
+#~ "  -p, --password PASSWORD       użyj zakodowane hasło dla nowego "
+#~ "tworzonego\n"
+#~ "                                konta\n"
+#~ "  -s, --shell SHELL             tshell dla nowo tworzonego konta\n"
+#~ "  -u, --uid UID                 wymuś użycie konkretnego UID dla nowo\n"
+#~ "                                tworzonego konta\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Hasłu zaznaczone jako przeterminowane."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: nie można zablokować pliku z hasłami\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: nie można otworzyć pliku z hasłami\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: nie można zablokować pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: nie można otworzyć pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: nie można przepisać pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: nie można przepisać pliku z hasłami\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: nie można zaktualizować pliku z ukrytymi hasłami\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tImiÄ™ i nazwisko: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tNumer pokoju: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTelefon do pracy: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTelefon domowy: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Nie można zablokować pliku z hasłami; spróbuj później.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Nie można otworzyć pliku z hasłami.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Błąd podczas aktualizacji wpisu do bazy haseł.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Wprowadzenie zmian do pliku passwd jest niemożliwe.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Nie można usunąć blokady z pliku z hasłami.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: nie można zablokować pliku z grupami\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: nie można otworzyć pliku z grupami\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: nie można zablokować pliku gshadow\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: nie można otworzyć pliku z ukrytymi hasłami\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: błąd podczas aktualizacji pliku z ukrytymi hasłami\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: błąd podczas aktualizacji wpisu grupy\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: linia %d: nieznana grupa %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: linia %d: nie można zaktualizować wpisu\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: nie można zablokować pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: błąd podczas aktualizacji pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: błąd podczas aktualizacji pliku z hasłami\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: linia %d: nieznany użytkownik %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: linia %d: nie można zaktualizować wpisu do bazy haseł\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: nieznany użytkownik\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Nieznany użytkownik: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Użycie: %s [-r|-R] grupa\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "        %s [-a użytkownik] grupa\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "        %s [-d użytkownik] grupa\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "        %s [-A użytkownik,...] [-M użytkownik,...] grupa\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "        %s [-M użytkownik,...] grupa\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: nie można zablokować\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: nie można zablokować pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: nie można otworzyć pliku\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: nie można przepisać pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: nie można usunąć blokady z pliku\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: nie można zaktualizować wpisu\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: nie można zaktualizować wpisu do pliku z ukrytymi hasłami\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "nieznana grupa: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: nie można otworzyć pliku\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: nie można otworzyć pliku z ukrytymi hasłami\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Kim jesteÅ›?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: nieznany członek %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: błąd podczas dodawania nowej grupy\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: nie można przepisać pliku z grupami\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: nie można przepisać pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: nie można zablokować pliku z grupami\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: nie można otworzyć pliku z grupami\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: nie można zablokować pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: nie można otworzyć pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u nie jest niepowtarzalny\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: błąd podczas usuwania grupy\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: błąd podczas usuwania wpisu z pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: nie można usunąć podstawowej grupy użytkowników.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Nie znaleziony członek grupy do usunięcia\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Tylko root może dodać członka do różnych grup\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Wymagane prawa dostępu do grupy\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Nie jesteś głównym właścicielem bieżącej grupy\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "BÅ‚Ä…d uwierzytelniania przez PAM dla\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Nie można zablokować pliku z grupami\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Nie można zamknąć pliku z grupami\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: nie znaleziono %s w /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u nie jest niepowtarzalnym GID\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s nie jest niepowtarzalnÄ… nazwÄ…\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: nie można przepisać pliku z hasłami\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: nie można zablokować pliku z hasłami\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: nie można otworzyć pliku z hasłami\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr ""
+#~ "%s: nie można zaktualizować wpisu w pliku z ukrytymi hasłami dla %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: nie można zaktualizować wpisu dla grupy %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: nie można zablokować pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: nie można otworzyć pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: nie można usunąć grupy %s z pliku ukrytych haseł grup\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: nie można zaktualizować pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: nie można skasować pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "nieznany UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "nieznany GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: grupa %s nie istnieje\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: użytkownik %s nie istnieje\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: nieprawidłowa nazwa użytkownika '%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: nie można zablokować /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: nie można zablokować /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: nie można zablokować /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: nie można zablokować /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: nie można otworzyć plików\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: błąd podczas aktualizowania plików\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: nie można zaktualizować wpisu w pliku z hasłami dla %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: nie można zablokować pliku z hasłami\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: nie można otworzyć pliku z hasłami\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: nie można usunąć wpisu z pliku z ukrytymi hasłami dla %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: nie można zaktualizować pliku z hasłami\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: nie można zaktualizować wpisu dla użytkownika %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: nie można skasować pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: nieznany GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: nieznana grupa %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: zabrakło pamięci w update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: nie można przepisać pliku z hasłami\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: nie można przepisać pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: nie można zablokować pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: nie można otworzyć pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: błąd podczas blokowania pliku z grupami\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: błąd podczas otwierania pliku z grupami\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: błąd podczas blokowania pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: błąd podczas otwierania pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: błąd podczas dodawania nowego wpisu do pliku z hasłami\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr ""
+#~ "%s: błąd podczas dodawania nowego wpisu do pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: uwaga: CREATE_HOME nie jest obsługiwane, użyj opcji -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: błąd podczas aktualizacji wpisu grupy\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: błąd podczas aktualizacji wpisu grupy\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: nie można otworzyć pliku z grupami\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: nie można otworzyć pliku z ukrytymi hasłami grup\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: błąd podczas usuwania wpisu z pliku z hasłami\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: błąd podczas usuwania wpisu z pliku z ukrytymi hasłami\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: błąd podczas dodawania nowej grupy\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu nie jest niepowtarzalny\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: błąd podczas zmiany wpisu w pliku z hasłami\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: błąd podczas usuwania wpisu z pliku z hasłami\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: błąd podczas usuwania wpisu z pliku z ukrytymi hasłami\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: nie można uzyskać niepowtarzalnego GID\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " na '%.100s' z '%.200s'"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " na '%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: linia %d: nie można utworzyć UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: nazwa %s nie jest niepowtarzalny\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Użycie: chgpasswd [opcje]\n"
+#~ "\n"
+#~ "Opcje:\n"
+#~ "  -e, --encrypted\tprzekazywane hasła są w postaci zakodowane\n"
+#~ "  -h, --help\t\twyświetlenie tego opisu i zakończenie działania\n"
+#~ "  -m, --md5\t\tużyj kodowania MD5 zamiast DES w przypadku kiedy "
+#~ "przekazywane\n"
+#~ "\t\t\thasła nie są zakodowane\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Brak pliku z hasłami\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Wybacz.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Wybacz, hasło dla %s nie może być jeszcze zmienione.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Wybacz."
diff --git a/po/pt.po b/po/pt.po
new file mode 100644
index 0000000..0bd1e31
--- /dev/null
+++ b/po/pt.po
@@ -0,0 +1,3304 @@
+# Portuguese (Portugal) Translation Project (traduz@debianpt.org)
+#
+# Nuno Sénica <njs@av.it.pt>, 2004.
+# Miguel Figueiredo <elmig@debianpt.org>, 2005, 2006, 2008, 2009, 2011, 2012.
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2012-01-14 12:41+0000\n"
+"Last-Translator: Miguel Figueiredo <elmig@debianpt.org>\n"
+"Language-Team: Portuguese <traduz@debianpt.org>\n"
+"Language: pt\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Lokalize 1.2\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Existem várias entradas chamadas '%s' em %s. Por favor corrija isto com pwck "
+"ou grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "método de encriptação não suportado por libcrypt? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+"erro de configuração - não foi possível interpretar o valor de %s: '%s'"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Não foi possível alocar o espaço para a informação de configuração.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"erro de configuração - item '%s' desconhecido (notifique o administrador)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscp não terminou normalmente (sinal %d)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd saiu com o estado %d"
+
+msgid "Password: "
+msgstr "Palavra-passe: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Palavra-passe de %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "Não foi possível criar handle de gestão SELinux\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "Política SELinux não gerida\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "Não foi possível ler armazenamento de políticas SELinux\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "Não foi possível establecer ligação de gestão SELinux\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "Não foi possível iniciar transacção SELinux\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "Não foi possível consultar seuser para %s\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "Não pode definir serange para %s\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "Não foi possível definir sename para %s\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Não foi possível modificar o mapeamento do login para %s\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Não foi possível criar mapeamento de login SELinux para %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Não foi possível definir nome para %s\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "Não foi possível definir utilizador SELinux para %s\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Não foi possível acrescentar mapeamento de login para %s\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "Não foi possível inicia a gestão do SELinux\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "Não pode criar a chave de utilizador SELinux\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "Não foi possível verificar o utilizador SELinux\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "Não foi possível alterar o mapeamento de utilizador SELinux\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "Não foi possível acrescentar o mapeamento de utilizador SELinux\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "Não foi possível o 'commit' à transacção SELinux\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"Não está definido o mapeamento de login para %s, OK se foi utilizado o "
+"mapeamento predefinido\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+"O mapeamento de login para %s é definido na política, não pode ser apagado\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Não foi possível apagar o mapeamento do login para %s"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: memória esgotada\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: não é possível fazer stat a %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s não é nem um directório, nem um symlink.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: não é possível ler o link simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: link simbólico longo suspeito: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: não é possível criar o directório %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: Não pode alterar o dono de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: Não é possível alterar o modo de %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: unlink: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: Não é possível remover o directório %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: Não é possível renomear %s para %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: Não é possível remover %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: Não é possível criar link simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Não conseguiu alterar os donos de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: Não é possível lstat %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Aviso, o utilizador '%s' não tem ficheiro shadow tcb.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Emergência: o ficheiro shadow tcb de %s não é um ficheiro normal com "
+"st_nlink=1.\n"
+"A conta é mantida bloqueada.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: não é possível abrir %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Aviso: grupo desconhecido %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Aviso: demasiados grupos\n"
+
+msgid "Your password has expired."
+msgstr "A sua palavra-passe caducou."
+
+msgid "Your password is inactive."
+msgstr "A sua palavra-passe está inactiva."
+
+msgid "Your login has expired."
+msgstr "O seu login caducou."
+
+msgid "  Contact the system administrator."
+msgstr "  Contacte o administrador do sistema."
+
+msgid "  Choose a new password."
+msgstr "  Escolha uma nova palavra-passe."
+
+msgid "You must change your password."
+msgstr "Tem de alterar a sua palavra-passe."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "A sua palavra-passe irá caducar em %ld dias.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "A sua palavra-passe irá caducar amanhã."
+
+msgid "Your password will expire today."
+msgstr "A sua palavra-passe irá caducar hoje."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Não é possível abrir o interface de auditoria - a abortar.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Foi impossível mudar o dono ou o modo do tty stdin: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: falha ao desbloquear %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Overflow do ambiente\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Não pode alterar $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d falha desde o último login.\n"
+"O último foi %s em %s.\n"
+msgstr[1] ""
+"%d falhas desde o último login.\n"
+"O último foi %s em %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Configuração inválida: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Configuração inválida: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: falhou alocar memória: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: Não foi possível obter um GID de sistema único (não existem mais GIDs "
+"disponíveis)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr ""
+"%s: Não foi possível obter um GID único (não existem mais GIDs disponíveis)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Configuração inválida: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Configuração inválida: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: Não foi possível obter um UID de sistema único (não existem mais UIDs "
+"disponíveis)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr ""
+"%s: Não foi possível obter um UID único (não existem mais UIDs disponíveis)\n"
+
+msgid "Too many logins.\n"
+msgstr "Demasiados logins.\n"
+
+msgid "You have new mail."
+msgstr "Tem novo correio."
+
+msgid "No mail."
+msgstr "Não tem correio."
+
+msgid "You have mail."
+msgstr "Tem correio."
+
+msgid "no change"
+msgstr "sem alterações"
+
+msgid "a palindrome"
+msgstr "um palíndromo"
+
+msgid "case changes only"
+msgstr "apenas alteração de maiúsculas/minúsculas"
+
+msgid "too similar"
+msgstr "demasiado parecido"
+
+msgid "too simple"
+msgstr "demasiado simples"
+
+msgid "rotated"
+msgstr "rodado"
+
+msgid "too short"
+msgstr "demasiado curto"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Palavra-passe inválida: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() falhou, erro %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: a palavra-passe não foi alterada\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: a palavra-passe foi actualizada com sucesso\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Palavra-passe incorrecta para %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: múltiplas opções --root\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: opção '%s' necessita de um argumento\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: falhou baixar privilégios (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: caminho de chroot inválido: '%s'\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: não pode aceder ao directório chroot %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot access chroot directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: não pode aceder ao directório chroot %s: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: não foi possível fazer chroot para o directório %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Valor inválido de ENCRYPT_METHOD: '%s'.\n"
+"A utilizar o valor predefinido DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Não foi possível mudar para o directório '%s'\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Directório não encontrado, a entrar para HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Não foi possível executar %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Directório raiz inválido '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Não é possível mudar o directório raiz para '%s'\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Não é possível determinar o nome do seu tty."
+
+msgid "No"
+msgstr "Não"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] LOGIN\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+"  -d, --lastday ÚLTIMO_DIA      definir data da última alteração da\n"
+"                                palavra-passe para ÚLTIMO_DIA\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -E, --expiredate DATA_EXPIRA  definir a data em que a conta caduca\n"
+"                                para DATA_EXPIRA\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+"  -h, --help                    mostrar esta mensagem de ajuda e sair\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive INACTIVO       definir a palavra-passe como inactiva após\n"
+"                                expirar em INACTIVO\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+"  -l, --list                    mostrar informação de envelhecimento da \n"
+"                                conta\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays MIN_DIAS        definir para MIN_DIAS o número mínimo de\n"
+"                                dias para alterar a palavra-passe\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays MAX_DIAS        definir para MAX_DIAS o número máximo de\n"
+"                                dias para alterar a palavra-passe\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -R, --root CHROOT_DIR\t\tdirectório para onde fazer chroot\n"
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -W, --warndays DIAS_AVISO     definir para DIAS_AVISO o número de dias\n"
+"                                para aviso de caducar\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Introduza o novo valor, ou carregue em ENTER para o valor pré-definido"
+
+msgid "Minimum Password Age"
+msgstr "Idade Mínima da palavra-passe"
+
+msgid "Maximum Password Age"
+msgstr "Idade Máxima da palavra-passe"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Última Alteração da palavra-passe (AAAA-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Aviso de Caducidade da palavra-passe"
+
+msgid "Password Inactive"
+msgstr "Palavra-passe Inactiva"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Data de Caducidade da Conta (AAAA-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Última alteração da palavra-passe\t\t\t\t\t: "
+
+msgid "never"
+msgstr "nunca"
+
+msgid "password must be changed"
+msgstr "a palavra-passe tem de ser alterada"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "A palavra-passe caduca em\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Palavra-passe inactiva\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "A conta caduca\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Número mínimo de dias entre alterações da palavra-passe\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Número máximo de dias entre alterações de palavra-passe\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Número de dias de aviso antes da palavra-passe caducar\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: a data '%s' é inválida\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: argumento numérico inválido '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: não incluir \"l\" com outras flags\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Permissão negada.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Não é possível determinar o seu nome de utilizador.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: não é possível bloquear %s, tente novamente mais tarde\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: não é possível abrir %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: falha ao escrever as alterações em %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: falhou a preparação para a nova %s entrada '%s'\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: o ficheiro de palavras-passe shadow não está presente\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: o utilizador `%s' não existe em %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "A alterar a informação de envelhecimento para %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: erro na alteração de campos\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] [LOGIN]\n"
+"\n"
+"Opções:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+"  -f, --full-name NOME_COMPLETO alterar o nome completo do utilizador\n"
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+"  -h, --home-phone TEL_CASA\talterar o número de telefone de casa do "
+"utilizador\n"
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr "  -o, --other OUTRA_INFO\talterar outra info GECOS do utilizador\n"
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr "  -r, --root NUMERO_PORTA\talterar o número da porta do utilizador\n"
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+"  -u, --help                    mostrar esta mensagem de ajuda e sair\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+"  -w, --work-phone TEL_EMPREGO alterar o número de telefone do emprego do "
+"utilizador\n"
+
+msgid "Full Name"
+msgstr "Nome Completo"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Número da Sala"
+
+msgid "Work Phone"
+msgstr "Telefone do Emprego"
+
+msgid "Home Phone"
+msgstr "Telefone de Casa"
+
+msgid "Other"
+msgstr "Outra Informação"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Não é possível alterar o ID para root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: nome com caracteres não-ASCII: '%s'\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: nome inválido: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: número da sala com caracteres não-ASCII: '%s'\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: número de sala inválido: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: telefone do emprego inválido: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: telefone de casa inválido: '%s'\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' contém caracteres não-ASCII\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' contém caracteres não permitidos.\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: o utilizador '%s' não existe\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: não é possível alterar o utilizador '%s' no cliente NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' é o mestre NIS para este cliente.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "A alterar a informação de utilizador de %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: valores demasiado grandes\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções]\n"
+"\n"
+"Opções:\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method MÉTODO\to método crypt (um de %s)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+"  -e, --encrypted               as palavras-passe fornecidas são "
+"encriptadas\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     encriptar a palavra-passe de texto\n"
+"                                utilizando o algoritmo MD5\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"  -s, --sha-rounds              número de iterações SHA para algoritmos\n"
+"                                de encriptação SHA*\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: a flag %s só é permitida com a flag %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: as flags -c, -e e -m são exclusivas\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: método de encriptação não suportado: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: linha %d: linha demasiado comprida\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: linha %d: falta a nova palavra-passe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: Falhou ao escrever %s: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: linha %d: o grupo '%s' não existe\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: linha %d: falhou preparar o novo %s registo '%s'\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: foi detectado um erro, as alterações foram ignoradas\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (linha %d, utilizador %s) palavra passe não mudou\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: linha %d: o utilizador '%s' não existe\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+"  -s, --shell SHELL             nova shell de login para a conta do\n"
+"                                utilizador\n"
+
+msgid "Login Shell"
+msgstr "Shell de Login"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Não pode alterar a shell para '%s'.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "A alterar a shell de entrada de %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Entrada inválida: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s é uma shell inválida\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Aviso: %s não existe\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Aviso: %s não é executável\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+"  -c, --check\t\t\tverificar quando expira a palavra-passe do utilizador\n"
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+"  -f, --force\t\t\tforçar a alteração da palavra-passe se a palavra-passe do "
+"utilizador já tiver expirado\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: conflito entre as opções %s e %s\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: argumento inesperado: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+"  -a, --all                     mostrar registos do faillog para todos os "
+"utilizadores\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-secs SEG           depois de login falhado bloquear por SEG "
+"segundos\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum MAX             definir os contadores de máximo de logins "
+"falhados para MAX\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr "  -r, --reset                   apagar o contador de logins falhados\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time DIAS               mostrar os registos do faillog mais recentes "
+"do que DIAS\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user LOGIN/RANGE        mostrar registo faillog ou manter "
+"contadores\n"
+"                                de falhas e limites (se utilizado com -r, -"
+"m\n"
+"                                ou -l) apenas para LOGIN(s) especificado(s)\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Falhou obter a entrada para UID %lu\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Login       Falhas   Máximo  Última                   Em\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [faltam %lus]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds bloqueio]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Falhou reiniciar a contagem de falhas para o UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Falhou definir o máximo para UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Falhou definir a hora de bloqueio para UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Utilizador ou gama desconhecida: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Não conseguiu obter o tamanho de %s: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Falhou ao escrever %s: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opção] GRUPO\n"
+"\n"
+"Opções:\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add UTILIZADOR          acrescentar UTILIZADOR ao GRUPO\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete UTILIZADOR       remover UTILIZADOR do GRUPO\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -Q, --root CHROOT_DIR\t\tdirectório para onde fazer chroot\n"
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr "  -r, --remove-password         remover a palavra-passe do GRUPO\n"
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+"  -R, --restrict          restringir acesso ao grupo aos seus membros\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr "  -M, --members UTILIZADOR,...  definir a lista de membros do GRUPO\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators ADMIN,...\n"
+"                                definir a lista de administradores do GRUPO\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Excepto para as opções -A e -M, as opções não podem ser combinadas.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "As opções não podem ser combinadas.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: são necessárias palavras-passe shadow de grupo para -A\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: o grupo '%s' não existe em %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: falha ao fechar %s de apenas leitura\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "A alterar a palavra-passe para o grupo %s\n"
+
+msgid "New Password: "
+msgstr "Nova Palavra-passe: "
+
+msgid "Re-enter new password: "
+msgstr "Introduza novamente a nova palavra-passe: "
+
+msgid "They don't match; try again"
+msgstr "Não coincidem; tente de novo"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Tente de novo mais tarde\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "A adicionar o utilizador %s ao grupo %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "A remover o utilizador %s do grupo %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: o utilizador '%s' não é membro de '%s'\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Não é um tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] GRUPO\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force                   sair com sucesso se o grupo já existir,\n"
+"                                e cancelar -g se o GID já for utilizado\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr "  -g, --gid GID                 utilizar GID para o novo grupo\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+"  -K, --key KEY=VALOR           ultrapassar as predefinições de /etc/login."
+"defs\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              permitir criar grupos com GIDs duplicados\n"
+"                                (não-únicos)\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+"  -p, --password PALAVRA-PASSE  utilizar a palavra-passe encriptada para o "
+"novo grupo\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  criar uma conta de sistema\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: '%s' não é um nome válido para o grupo\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: ID de grupo '%s' inválido\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K necessita de KEY=VALOR\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: o grupo '%s' já existe\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: o GID '%lu' já existe\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Não é possível configurar o serviço cleanup.\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -r, --reset                   reset the counters of login failures\n"
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr "  -r, --reset                   apagar o contador de logins falhados\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: não é possível remover a entrada '%s' de %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: não é possível remover o grupo primário do utilizador '%s'\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: o grupo '%s' não existe.\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: o grupo '%s' é um grupo NIS\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s é o mestre NIS\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: o utilizador '%s' já é um membro de '%s'\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Memória esgotada. Não é possível actualizar %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] [acção]\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group nomegrupo         mudar nomegrupo em vez do grupo do "
+"utilizador\n"
+"                                (apenas root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Acções:\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+"  -a, --add NomeUtilizador      acrescentar NomeUtilizador aos membros do "
+"grupo\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+"  -d, --delete NomeUtilizador   remover NomeUtilizador dos membros do grupo\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr "  -p, --purge                   purgar todos os membros do grupo\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    listar os membros do grupo\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: o seu nome de grupo não coincide com o seu nome de utilizador\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: apenas o root pode utilizar a opção -g/--group\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr "  -g, --gid GID                 mudar o ID do grupo para GID\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr " --n, --new-name NOVO_GRUPO     mudar o nome para NOVO_GRUPO\n"
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+"  -o, ..non-unique              permitir utilizar um GID duplicado (não-"
+"único)\n"
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+"  -p, --password PALAVRAPASSE   mudar a palavra-passe para esta "
+"PALAVRAPASSE\n"
+"                                (encriptada)\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: nome de grupo '%s' inválido\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: o grupo %s é um grupo NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: utilizador desconhecido %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] [grupo [gshadow]]\n"
+"\n"
+"Opções:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] [grupo]\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+"  -r, --read-only\t\tmostrar erros e avisos\n"
+"\t\t\t\tmas não alterar ficheiros\n"
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr "  -s, --sort\t\t\tordenar entradas por UID\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s e -r são incompatíveis\n"
+
+msgid "invalid group file entry"
+msgstr "entrada no ficheiro dos grupos inválida"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "apagar a linha '%s'? "
+
+msgid "duplicate group entry"
+msgstr "entrada de grupo duplicada"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "o nome de grupo '%s' é inválido\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "ID '%lu' de grupo é inválido\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grupo %s: não existe o utilizador %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "apagar o membro '%s'? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "nenhuma entrada coincidente de ficheiro de grupo em %s\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "adicionar o grupo '%s' em %s? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"o grupo %s tem uma entrada em %s, mas o campo da palavra-passe em %s não "
+"está definido para 'x'\n"
+
+msgid "invalid shadow group file entry"
+msgstr "a entrada no ficheiro de shadow dos grupos é inválida"
+
+msgid "duplicate shadow group entry"
+msgstr "entrada de grupo em shadow duplicada"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "grupo shadow %s: nenhum utilizador administrador %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "apagar o membro administrativo '%s'? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "grupo shadow %s: o utilizador %s não existe\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: os ficheiros foram actualizados\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: sem alterações\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: não é possível apagar %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Utilização: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Utilização: id\n"
+
+msgid " groups="
+msgstr " grupos="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+"  -b, --before DIAS             escrever apenas registos de lastlog mais\n"
+"                                antigos que DIAS\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+"  -a, --all                     mostrar registos do faillog para todos os "
+"utilizadores\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+"  -a, --all                     mostrar registos do faillog para todos os "
+"utilizadores\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time DIAS               escrever apenas registos de lastlog mais\n"
+"                                recentes que DIAS\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+"  -u, --user LOGIN              mostra o registo de lastlog para o\n"
+"                                utilizador LOGIN\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "Utilizador       Porto    De               Último"
+
+msgid "Username                Port     Latest"
+msgstr "Utilizador              Porto     Último"
+
+msgid "**Never logged in**"
+msgstr "**Nunca entrou no sistema**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Falhou obter a entrada para UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: falhou apagar o registo lastlog para o UID %lu: %s\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Utilização: %s [-p] [nome]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "            %s [-p] [-h máquina] [-f nome]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "            %s [-p] -r máquina\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "erro de configuração - não foi possível processar o valor %s: '%d'"
+
+msgid "Invalid login time"
+msgstr "Tempo de login inválido"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistema encerrado para manutenção de rotina"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Encerramento ultrapassado -- login de root permitido.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Não é possível trabalhar sem root\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Sem entrada utmp.  Tem de executar \"login\" a partir do \"sh\" de nível "
+"mais baixo"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Tempo de login caducou após %u segundos.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: Falha de PAM, a abortar: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Número máximo de tentativas excedidas (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: abortar pedido por PAM\n"
+
+msgid "Login incorrect"
+msgstr "Login incorrecto"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Não pode encontrar utilizador (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: falha ao bifurcar: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSTTY falhou em %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Aviso: o login foi novamente permitido após um tempo de bloqueio."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Última entrada no sistema: %s em %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Última entrada no sistema: %.19s em %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " de %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"tempo para login excedido\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Utilização: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Utilização: newgrp [-] [grupo]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Utilização: sg grupo [[-c] comando]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: Falhou ao escrever %s: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Palavra-passe inválida.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: falhou a bifurcação de: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: o GID '%lu' não existe\n"
+
+msgid "too many groups\n"
+msgstr "demasiados grupos\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  criar contas de sistema\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: o grupo '%s' é um grupo shadow, mas não existe em /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: ID '%s' de utilizador inválido\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: o nome de utilizador '%s' é inválido\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: linha %d: linha inválida\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: não é possível actualizar a entrada do utilizador %s (não está na base "
+"de dados passwd)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: linha %d: não é possível criar o utilizador\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: linha %d: não é possível criar o grupo\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: linha %d: o utilizador '%s' não existe em %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: linha %d: não é possível actualizar a palavra-passe\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: linha %d: mkdir %s falhou: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: linha %d: chown %s falhou: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: linha %d: não é possível actualizar o registo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: falhou a preparação para a nova %s entrada '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: não é possível criar o utilizador\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: não é possível criar grupo\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+"  -a, --all                     reportar o estado das palavras-passe de\n"
+"                                todas as contas\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+"  -d, --delete                  apagar a palavra-passe para a conta "
+"indicada\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  forçar que a palavra-passe caduque para a\n"
+"                                conta indicada\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+"  -k, --keep-tokens             apenas mudar a palavra-passe se tiver\n"
+"                                caducado\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive INACTIVA       definir a palavra-passe como inactiva após\n"
+"                                caducar para INACTIVA\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+"  -l, --lock                    bloquear a palavra-passe da conta indicada\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays MIN_DIAS        definir para MIN_DIAS o número de dias\n"
+"                                antes de alterar a palavra-passe\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   modo silencioso\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+"  -r, --repository REPOSITÓRIO  mudar a palavra-passe no repositório\n"
+"                                REPOSITÓRIO\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+"  -S, --status                  reportar estado da palavra-passe na conta\n"
+"                                indicada\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+"  -u, --unlock                  desbloquear a palavra-passe da conta\n"
+"                                indicada\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -w, --warndays AVISAR_DIAS    definir para AVISAR_DIAS o número de dias\n"
+"                                para alerta de caducar\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays MAX_DIAS        definir para MAX_DIAS o número de dias\n"
+"                                máximo antes de alterar a palavra-passe\n"
+
+msgid "Old password: "
+msgstr "Palavra-passe antiga: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduza a nova palavra-passe (mínimo de %d caracteres)\n"
+"Por favor utilize uma combinação de letras maiúsculas e minúsculas e de "
+"números.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduza a nova palavra-passe (mínimo de %d, máximo de %d caracteres)\n"
+"Por favor utilize um combinação de letras maiúsculas e minúsculas e de "
+"números.\n"
+
+msgid "New password: "
+msgstr "Nova palavra-passe: "
+
+msgid "Try again."
+msgstr "Tente de novo."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Aviso: palavra-passe fraca (introduza-a de novo para usá-la mesmo assim)."
+
+msgid "They don't match; try again.\n"
+msgstr "Não coincidem; tente de novo.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "A palavra-passe para %s não pode ser alterada.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "A palavra-passe para %s ainda não pode ser alterada.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: desbloquear a palavra-passe iria resultar numa conta sem palavra-passe.\n"
+"Você deve definir a palavra-passe com usermod -p para desbloquear a palavra-"
+"passe desta conta.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: o repositório %s não é suportado\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s não está autorizado a alterar a palavra-passe de %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Não pode ver ou alterar a informação da palavra-passe para %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "A alterar a palavra-passe de %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "A palavra-passe de %s não foi alterada.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: palavra-passe alterada.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: informação de caducidade da palavra-passe alterada.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] [passwd]\n"
+"\n"
+"Opções:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] [passwd [shadow]]\n"
+"\n"
+"Opções:\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr "  -q, --quiet                   apenas relatar erros\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: não é permitido utilizar ficheiro shadow alternativo quando USE_TCB está "
+"habilitado.\n"
+
+msgid "invalid password file entry"
+msgstr "entrada no ficheiro de palavras-passe inválida"
+
+msgid "duplicate password entry"
+msgstr "entrada de palavra-passe duplicada"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "o nome de utilizador '%s' é inválido\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "ID '%lu' de utilizador inválido\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "utilizador '%s': grupo %lu não existe\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "utilizador '%s': o directório '%s' não existe\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "utilizador '%s': o programa '%s' não existe\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "nenhum directório tcb para %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "criar o directório tcb para %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "falhou a criação do directório tcb para %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: não é possível bloquear %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "nenhuma entrada de ficheiro de palavra-passe coincidente em %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "acrescentar utilizador '%s' em %s?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"o utilizador %s tem uma entrada em %s, mas o seu campo de palavra-passe em "
+"%s não está definido como 'x'\n"
+
+msgid "invalid shadow password file entry"
+msgstr "entrada no ficheiro de shadow de palavras-passe inválida"
+
+msgid "duplicate shadow password entry"
+msgstr "entrada da palavra-passe shadow duplicada"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "utilizador %s: a última alteração de palavra-passe foi no futuro\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: não é possível ordenar registos em %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: não pode trabalhar com tcb habilitado\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: falhou mudar o modo de %s para 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Acesso a su para essa conta foi NEGADO.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Autenticação por palavra-passe foi contornada.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Por favor introduza a SUA palavra-passe como autenticação.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Não é possível fazer fork à shell de utilizador.\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: mau funcionamento de sinal\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: mau funcionamento de máscara de sinal\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Sessão terminada, a terminar shell..."
+
+msgid " ...killed.\n"
+msgstr " ...morto.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...á espera que o processo-filho termine.\n"
+
+msgid " ...terminated.\n"
+msgstr " ...terminado.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Utilização: su [opções] [LOGIN]\n"
+"\n"
+"Opções:\n"
+"  -c, --command COMANDO         passar COMANDO à shell invocada\n"
+"  -h, --help                    mostrar esta mensagem de ajuda e sair\n"
+"  -, -l, --login                tornar a shell numa shell de login\n"
+"  -m, -p,\n"
+"  --preserve-environment        não reiniciar as variáveis de ambiente, e\n"
+"                                manter a mesma shell\n"
+"  -s, --shell SHELL             utilizar SHELL em vez da omissão em passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorado)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Não está autorizado a fazer su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Introduza a sua palavra-passe)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: A autenticação falhou\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Não está autorizado a fazer su nessa altura\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "Nenhuma palavra-passe para o utilizador '%s'\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: deve ser executado a partir de um terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: erro %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Não pode remover o terminal de controlo\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Não foi possível executar %s\n"
+
+msgid "No password file"
+msgstr "Ficheiro de palavras-passe não existe"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY falhou"
+
+msgid "No password entry for 'root'"
+msgstr "Não está definida nenhuma palavra-passe para 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Pressione control-d para continuar com o arranque normal,\n"
+"(ou introduza a palavra-passe de root para manutenção do sistema):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "A Entrar no Modo de Manutenção do Sistema"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: foi criado %s, mas não pode ser removido\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: a configuração %s em %s será ignorada\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr ""
+"%s: não é possível criar um novo ficheiro de configurações pré-definidas\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr ""
+"%s: não é possível abrir um novo ficheiro de configurações pré-definidas\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: linha demasiado longa em %s: %s..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Não é possível criar link simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: renomear: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: o grupo '%s' é um grupo NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: estão especificados demasiados grupos (max %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Utilização: %s [opções] LOGIN\n"
+"            %s -D\n"
+"            %s -D [opções]\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -b, --base-dir BASE_DIR       directório base para o directório home da\n"
+"                                nova conta\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr "  -c, --comment COMENT�RIO      campo GECOS da nova conta\n"
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr "  -d, --home-dir HOME_DIR       directório home para a nova conta\n"
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+"  -D, --defauls                 escrever ou alterar a configuração "
+"predefinida de useradd\n"
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr "  -e, --expiredate DATA_EXPIRA  data de expiração para a nova conta\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+"  -f, --inactiva INACTIVA       período de inactividade da palavra-passe "
+"para a nova conta\n"
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr "  -g, --gid GRUPO        nome ou ID do grupo primário da nova conta\n"
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+"  -G, --groups GRUPOS           lista de grupos suplementares da nova conta\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+"  -k, --skel SKEL_DIR           utilizar este directório skeleton como "
+"alternativa\n"
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -l, --no-log-init             não acrescentar o utilizador às bases de\n"
+"                                dados lastlog e faillog\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+"  -m, --create-home             criar o directório home do utilizador\n"
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+"  -M, --no-create-home          não criar o directório home do utilizador\n"
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+"  -N, --no-user-group           não criar um grupo com o mesmo nome do "
+"utilizador\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              permitir criar utilizadores com UID\n"
+"                                duplicado (não-único)\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+"  -p, --password PALAVRA-PASSE  palavra-passe encriptada para a nova conta\n"
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr "  -s, --shell SHELL      shell de login para a nova conta\n"
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr "  -u, --uid UID          ID do utilizador para a nova conta\n"
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+"  -U, --user-group       criar um grupo com o mesmo nome do utilizador\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+"  -Z, --selinux-user SEUSER     utilizar um SEUSER especifico para o\n"
+"                                mapeamento do utilizador de SELinux\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: directório base inválido '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: o comentário '%s' é inválido\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: o directório home '%s' é inválida\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: são necessárias palavras-passe shadow para -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: são necessárias palavras-passes shadow para -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: o campo '%s' é inválido\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: a shell '%s' é inválida\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z necessita de um kernel com SELinux activo\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: falhou apagar o registo faillog para o UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: falhou apagar o registo lastlog para o UID %lu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: falhou a preparação para a nova %s entrada '%s'\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: não é possível criar o directório %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Criar ficheiro mailbox"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Não foi encontrado o grupo 'mail'.\n"
+"A criar o ficheiro mailbox do utilizador com o modo 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "A definir as permissões do ficheiro mailbox"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: o utilizador '%s' já existe\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: o grupo %s existe - se pretende adicionar este utilizador a esse grupo, "
+"utilize -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: não é possível criar o utilizador\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu não é único\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: Falhou a criação do directório tcb para %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: não é possível criar grupo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: não é possível criar o utilizador\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: não é possível criar grupo\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: aviso: o directório home já existe.\n"
+"Não irá copiar quaisquer ficheiros o directório skel para lá.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: aviso: falhou o mapeamento do nome de utilizador %s para o nome de "
+"utilizador SELinux %s.\n"
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   forçar a remoção de ficheiros,\n"
+"                                mesmo que não pertençam ao utilizador\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+"  -r, --remove                  remover o directório home e o spool de mail\n"
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+"  -Z, --selinux-user            remover qualquer mapeamento de utilizador "
+"SELinux para o utilizador\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: grupo %s não foi removido porque não é o grupo primário do utilizador "
+"%s\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: grupo %s não foi removido porque tem outros membros.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: o grupo %s é o grupo primário de outro utilizador e não é removido.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: não é possível remover a entrada '%s' de %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s spool de mail (%s) não foi encontrado\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: aviso: não é possível remover %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: o %s não pertence a %s, não será removido\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+"%s: Não é possível alocar memória, a entrada tcb para %s não foi removida.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Falhou baixar privilégios %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Não pode remover o conteúdo de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: não é possível remover os ficheiros tcb para '%s': %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: o utilizador %s é um utilizador NIS\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: o directório home %s (%s) não foi encontrado\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: o directório %s não será removido (iria remover a home do utilizador "
+"%s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: erro ao remover o directório %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: aviso: falhou a remoção do mapeamento do nome de utilizador %s para "
+"utilizador SELinux.\n"
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment COMENT�RIO      novo valor do campo GECOS\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+"  -d, --home HOME_DIR           novo directório home para a conta do\n"
+"                                utilizador\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -e, --expiredate DATA_EXPIRAR definir a data em que a conta caduca\n"
+"                                para DATA_EXPIRAR\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive INACTIVA       definir para INACTIVA o número de dias após\n"
+"                                os quais uma palavra-passe caducada passa\n"
+"                                a inactiva\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+"  -g, --gid GRUPO               forçar a utilização do GRUPO como novo\n"
+"                                grupo primário\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr "  -G, --groups GRUPOS           nova lista de grupos adicionais\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+"  -a, --append                  juntar o utilizador aos GRUPOS\n"
+"                                suplementares mencionados pela opção -G\n"
+"                                sem o/a remover dos outros grupos\n"
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login NEW_LOGIN         novo valor para o nome de login\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    bloquear a conta do utilizador\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               mover o conteúdo do directório home para\n"
+"                                o novo local (usar apenas com -d)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              permitir utilizar UID duplicado\n"
+"                                (não único)\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+"  -p, --password PALAVRA-PASSE  utilizar PALAVRA-PASSE encriptada para a\n"
+"                                nova palavra-passe\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr "  -u, --uid UID                 novo UID para a conta do utilizador\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr "  -U, --unlock                  desbloquear a conta do utilizador\n"
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -Z, --selinux-user SEUSER\tnovo mapeamento de utilizador SELinux para a "
+"conta do utilizador\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: desbloquear a palavra-passe do utilizador iria resultar numa conta sem "
+"palavra-passe.\n"
+"Você deve definir a palavra-passe com usermod -p para desbloquear a  palavra-"
+"passe deste utilizador.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: o utilizador %s já existe em %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: a data '%s' é inválida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: a data '%s' é inválida\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: sem opções\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: as flags -L, -p e -U são exclusivas\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: são necessárias palavras-passe shadow para -e e -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: O UID '%lu' já existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s não está autorizado a alterar a palavra-passe de %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: o directório %s existe\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: O directório home anterior (%s) não era um directório. Não é removido e "
+"não foram criados directórios home.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Falhou a alteração do dono do directório home"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: aviso: falhou remover completamente remover o antigo directório home %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: não é possível renomear o directório %s para %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: falhou copiar o registo lastlog do utilizador %lu para o utilizador %lu: "
+"%s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: falhou copiar o registo faillog do utilizador %lu para o utilizador %lu: "
+"%s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: aviso: o %s não pertence a %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "a alteração do dono da caixa de correio falhou"
+
+msgid "failed to rename mailbox"
+msgstr "falha ao renomear a caixa do correio"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: falhou a preparação para a nova %s entrada '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: falhou a preparação para a nova %s entrada '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: falhou a preparação para a nova %s entrada '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: falhou a preparação para a nova %s entrada '%s'\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Você alterou %s.\n"
+"Poderá ter de modificar %s para manter a consistência.\n"
+"Por favor utilize o comando '%s' para o fazer.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   editar base de dados de grupos\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd                  editar a base de dados passwd\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+"  -s, --shadow                  editar a base de dados shadow ou gshadow\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+"  -u, --user                    qual o ficheiro shadow tcb do utilizador a "
+"editar\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: falhou remover %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s não foi alterado\n"
+
+msgid "failed to create scratch directory"
+msgstr "falhou a criação de directório 'scratch'"
+
+msgid "failed to drop privileges"
+msgstr "falhou baixar privilégios"
+
+msgid "Couldn't get file context"
+msgstr "Não foi possível obter contexto do ficheiro"
+
+msgid "setfscreatecon () failed"
+msgstr "falhou setfscreatecon ()"
+
+msgid "failed to gain privileges"
+msgstr "falhou ganhar privilégios"
+
+msgid "Couldn't lock file"
+msgstr "Não é possível obter acesso exclusivo ao ficheiro"
+
+msgid "Couldn't make backup"
+msgstr "Não é possível efectuar cópia de segurança"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: nscd saiu com o estado %d"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "falhou abrir ficheiro 'scratch'"
+
+msgid "failed to unlink scratch file"
+msgstr "falhou o unlink a ficheiro 'scratch'"
+
+msgid "failed to stat edited file"
+msgstr "falhou fazer stat ao ficheiro editado"
+
+msgid "failed to allocate memory"
+msgstr "falhou alocar memória"
+
+msgid "failed to create backup file"
+msgstr "falhou criar ficheiro de backup"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: não é possível restaurar %s: %s (a suas alterações estão em %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: falhou encontrar o directório tcb para %s\n"
+
+#~ msgid "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ msgstr ""
+#~ "  -c, --crypt-method            o método de encriptação (um de %s)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Utilização: vipw [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "O malloc(%d) falhou\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: chage [opções] [LOGIN]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -d, --lastday ÚLTIMO_DIA      definir data da última alteração da\n"
+#~ "\t\t\t\t palavra-passe para ÚLTIMO_DIA\n"
+#~ "  -E, --expiredate DATA_EXPIRA  definir a data em que a conta caduca\n"
+#~ "\t\t\t\t para DATA_EXPIRA  -h, --help                    mostrar esta "
+#~ "mensagem de ajuda e sair\n"
+#~ "  -I, --inactive INACTIVO       definir a palavra-passe como inactiva "
+#~ "após\n"
+#~ "\t\t\t\t expirar em INACTIVO\n"
+#~ "  -l, --list                    mostrar informação de envelhecimento da \n"
+#~ "                                conta\n"
+#~ "  -m, --mindays MIN_DIAS        definir para MIN_DIAS o número mínimo de\n"
+#~ "                                dias para alterar a palavra-passe\n"
+#~ "  -M, --maxdays MAX_DIAS        definir para MAX_DIAS o número máximo de\n"
+#~ "                                dias para alterar a palavra-passe\n"
+#~ "  -W, --warndays DIAS_AVISO     definir para DIAS_AVISO o número de dias\n"
+#~ "                                para aviso de caducar\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: A autenticação PAM falhou\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Utilização: %s [-f nome_completo] [-r num_sala] [-w telefone_trabalho]\n"
+#~ "\t[-h telefone_casa] [-o outra_info] [utilizador]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Utilização: %s [-f nome_completo] [-r num_sala] [-w telefone_trabalho] [-"
+#~ "h telefone_casa]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Utilização: %s [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -c, --crypt-method            o método de encriptação (um de %s)\n"
+#~ "  -e, --encrypted               as palavras-passe fornecidas são "
+#~ "encriptadas\n"
+#~ "  -h, --help                    mostrar esta mensagem de ajuda e "
+#~ "terminar\n"
+#~ "  -m, --md5                     encriptar a palavra-passe de texto com o\n"
+#~ "\t\t\t\t algoritmo MD5\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: chsh [opções] [LOGIN]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -h, --help                    mostrar esta mensagem de ajuda e sair\n"
+#~ "  -s, --shell SHELL             nova shell de login para a conta do\n"
+#~ "                                utilizador\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Utilização: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: Falhou obter a entrada para UID %lu\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: Não é possível abrir %s: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: Não foi possível obter o tamanho de %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Utilização: groupdel grupo\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Utilização: %s [-r] [-s] [grupo [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Utilização: %s [-r] [-s] [grupo]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s e -r são incompatíveis\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Utilização: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Utilização: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: lastlog [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -b, --before DIAS             escrever apenas registos de lastlog mais\n"
+#~ "                                antigos que DIAS\n"
+#~ "  -h, --help                    mostrar esta mensagem e sai\n"
+#~ "  -t, --time DIAS               escrever apenas registos de lastlog mais\n"
+#~ "                                recentes que DIAS\n"
+#~ "  -u, --user LOGIN              mostra o registo de lastlog para o\n"
+#~ "                                utilizador LOGIN\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: passwd [opções] [LOGIN]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -a, --all                     reportar o estado das palavras-passe de\n"
+#~ "                                todas as contas\n"
+#~ "  -d, --delete                  apagar a palavra-passe para a conta "
+#~ "indicada\n"
+#~ "  -e, --expire                  forçar que a palavra-passe caduque para "
+#~ "a\n"
+#~ "\t\t\t\t conta indicada\n"
+#~ "  -h, --help                    mostrar esta mensagem de ajuda e sair\n"
+#~ "  -k, --keep-tokens             apenas mudar a palavra-passe se tiver\n"
+#~ "\t\t\t\t caducado\n"
+#~ "  -i, --inactive INACTIVA       definir a palavra-passe como inactiva "
+#~ "após\n"
+#~ "\t\t\t\t caducar para INACTIVA\n"
+#~ "  -l, --lock                    bloquear a palavra-passe da conta "
+#~ "indicada\n"
+#~ "  -n, --mindays MIN_DIAS        definir para MIN_DIAS o número de dias\n"
+#~ "                                antes de alterar a palavra-passe\n"
+#~ "  -q, --quiet                   modo discreto\n"
+#~ "  -r, --repository REPOSITÓRIO  mudar a palavra-passe no repositório\n"
+#~ "\t\t\t\t REPOSITÓRIO\n"
+#~ "  -S, --status                  reportar estado da palavra-passe na "
+#~ "conta\n"
+#~ "                                indicada\n"
+#~ "  -u, --unlock                  desbloquear a palavra-passe da conta\n"
+#~ "\t\t\t\t indicada\n"
+#~ "  -w, --warndays AVISAR_DIAS    definir para AVISAR_DIAS o número de "
+#~ "dias\n"
+#~ "                                para alerta de caducar\n"
+#~ "  -x, --maxdays MAX_DIAS        definir para MAX_DIAS o número de dias\n"
+#~ "                                máximo antes de alterar a palavra-passe\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Utilização: %s [-q] [-r] [passwd]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Utilização: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Utilização: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Utilização: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Id desconhecido: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Sem shell\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: userdel [opções] LOGIN\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -f, --force                   forçar a remoção de ficheiros,\n"
+#~ "                                mesmo que não pertençam ao utilizador\n"
+#~ "  -h, --help                    mostrar esta mensagem de ajuda e sair\n"
+#~ "  -r, --remove                  remover o directório home e o spool de "
+#~ "mail\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: o utilizador %s está actualmente no sistema\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Utilização: usermod [opções] LOGIN\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -c, --comment COMENT�RIO      novo valor do campo GECOS\n"
+#~ "  -d, --home HOME_DIR           novo directório home para a conta do\n"
+#~ "                                utilizador\n"
+#~ "  -e, --expiredate DATA_EXPIRAR definir a data em que a conta caduca\n"
+#~ "                                para DATA_EXPIRAR\n"
+#~ "  -f, --inactive INACTIVA       definir para INACTIVA o número de dias "
+#~ "após\n"
+#~ "                                os quais uma palavra-passe caducada "
+#~ "passa\n"
+#~ "                                a inactiva\n"
+#~ "  -g, --gid GRUPO               forçar a utilização do GRUPO como novo\n"
+#~ "                                grupo primário\n"
+#~ "  -G, --groups GRUPOS           nova lista de grupos adicionais\n"
+#~ "  -a, --append                  juntar o utilizador aos GRUPOS\n"
+#~ "\t\t\t\t suplementares mencionados pela opção -G\n"
+#~ "\t\t\t\t sem o/a remover dos outros grupos\n"
+#~ "  -h, --help                    mostrar esta mensagem de ajuda e sair\n"
+#~ "  -l, --login NEW_LOGIN         novo valor para o nome de login\n"
+#~ "  -L, --lock                    bloquear a conta do utilizador\n"
+#~ "  -m, --move-home               mover o conteúdo do directório home para\n"
+#~ "                                o novo local (usar apenas com -d)\n"
+#~ "  -o, --non-unique              permitir utilizar UID duplicado\n"
+#~ "\t\t\t\t (não único)\n"
+#~ "  -p, --password PALAVRA-PASSE  utilizar PALAVRA-PASSE encriptada para a\n"
+#~ "                                nova palavra-passe\n"
+#~ "  -s, --shell SHELL             nova shell de login para a conta do\n"
+#~ "\t\t\t\t utilizador\n"
+#~ "  -u, --uid UID                 novo UID para a conta do utilizador\n"
+#~ "  -U, --unlock                  desbloquear a conta do utilizador\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: não foram especificadas flags\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: vipw [opções]\n"
+#~ "  -g, --group                   editar a base de dados group\n"
+#~ "  -h, --help                    mostrar esta mensagem de ajuda e "
+#~ "terminar\n"
+#~ "  -p, --passwd                  editar a base de dados passwd\n"
+#~ "  -q, --quit                    modo silencioso\n"
+#~ "  -s, --shadow                  editar a base de dados shadow ou gshadow\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [option] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --add USER                add USER to GROUP\n"
+#~ "  -d, --delete USER             remove USER from GROUP\n"
+#~ "  -r, --remove-password         remove the GROUP's password\n"
+#~ "  -R, --restrict                restrict access to GROUP to its members\n"
+#~ "  -M, --members USER,...        set the list of members of GROUP\n"
+#~ "%s\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: %s [opção] GRUPO\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -a, --add UTILIZADOR\t\tacrescentar UTILIZADOR ao GRUPO\n"
+#~ "  -d, --delete UTILIZADOR\tremover UTILIZADOR do GRUPO\n"
+#~ "  -r, --remove-password\tremover a palavra-passe do GRUPO\n"
+#~ "  -R, --restrict\t\trestringir o acesso ao GRUPO aos seus membros\n"
+#~ "  -M, --members UTILIZADOR,...\tdefinir a lista de membros do GRUPO\n"
+#~ "%s\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmems [options] [action]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group groupname         change groupname instead of the user's "
+#~ "group\n"
+#~ "                                (root only)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ "  -a, --add username            add username to the members of the group\n"
+#~ "  -d, --delete username         remove username from the members of the "
+#~ "group\n"
+#~ "  -p, --purge                   purge all members from the group\n"
+#~ "  -l, --list                    list the members of the group\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: groupmems [opções] [acção]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -g, --group nomegrupo\tmudar nomegrupo em vez do grupo do utilizador\n"
+#~ "\t\t\t\t(apenas root)\n"
+#~ "\n"
+#~ "Acções:\n"
+#~ "  -a, --add nomeutilizador\tacrescentar nomeutilizador aos membros do "
+#~ "grupo\n"
+#~ "  -d, --delete nomeutilizador\tremover nomeutilizador dos membros do "
+#~ "grupo\n"
+#~ "  -p, --purge\t\t\tpurgar todos os membros do grupo\n"
+#~ "  -l, --list\t\t\tlistar todos os membros do grupo\n"
+#~ "\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: não é possível criar %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: não é possível efectuar o chown a %s\n"
+
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: faillog [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -a, --all                     mostrar os registos de faillog para "
+#~ "todos\n"
+#~ "                                os utilizadores\n"
+#~ "  -h, --help                    mostrar esta mensagem de ajuda e sair\n"
+#~ "  -l, --lock-time SEG           após login falhado bloquear conta por\n"
+#~ "                                SEG segundos\n"
+#~ "  -m, --maximum MAX             definir contadores de máximo de logins\n"
+#~ "                                falhados para MAX\n"
+#~ "  -r, --reset                   esvaziar os contadores de login falhados\n"
+#~ "  -t, --time DIAS               mostrar registos do faillog mais "
+#~ "recentes\n"
+#~ "                                do que DIAS\n"
+#~ "  -u, --user LOGIN              mostra o registo de faillog ou "
+#~ "contadores\n"
+#~ "\t\t\t\t de falhas mantidos e limites (se utilizado\n"
+#~ "\t\t\t\t com as opções -r, -m ou -l) apenas para o\n"
+#~ "                                utilizador com LOGIN\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: groupadd [opções] GRUPO\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -f, --force                   forçar sair com estado de sucesso se o\n"
+#~ "                                grupo especificado já existir\n"
+#~ "  -g, --gid GID                 utilizar GID para o novo grupo\n"
+#~ "  -h, --help                    mostrar esta mensagem de ajuda e sair\n"
+#~ "  -k, --key KEY=VALOR           ultrapassar os valores pré-definidos em\n"
+#~ "                                /etc/login.defs\n"
+#~ "  -o, --non-unique              permitir criar grupo com GID duplicado\n"
+#~ "                                (não-único)\n"
+#~ "  -p, --password PALAVRA-PASSE  utilizar a palavra-passe encriptada para "
+#~ "o\n"
+#~ "                                novo grupo\n"
+#~ "  -r, --system                  criar uma conta de sistema\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilização: groupmod [opções] GRUPO\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -g, --gid GID                 forçar utilizar novo GID pelo GRUPO\n"
+#~ "  -h, --help                    mostrar esta mensagem de ajuda e sair\n"
+#~ "  -n, --new-name NOVO_GRUPO     forçar utilizar NOVO_GRUPO pelo GRUPO\n"
+#~ "  -o, --non-unique              permitir utilizar, pelo GRUPO, GIDs\n"
+#~ "                                duplicados (não-únicos)\n"
+#~ "  -p, --password PALAVRA-PASSE  utilizar palavra-passe encriptada para a\n"
+#~ "                                nova palavra-passe\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Utilização: useradd [opções] LOGIN\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -b, --base-dir BASE_DIR       directório base para o directório home\n"
+#~ "                                da conta do novo utilizador\n"
+#~ "  -c, --comment COMENT�RIO      define o campo GECOS para a conta do "
+#~ "novo\n"
+#~ "                                utilizador\n"
+#~ "  -d, --home-dir HOME_DIR       directório home para a conta do novo\n"
+#~ "                                utilizador\n"
+#~ "  -D, --defaults                mostrar ou gravar a configuração\n"
+#~ "                                pré-definida alterada do useradd\n"
+#~ "  -e, --expiredate EXPIRE_DATE  define para EXPIRE_DATE a data de \t\t\t"
+#~ "\t caducidade da conta\n"
+#~ "  -f, --inactive INACTIVA       definir para INACTIVA o número de dias "
+#~ "após\n"
+#~ "                                os quais uma palavra-passe caducada "
+#~ "passa\n"
+#~ "                                a inactiva\n"
+#~ "  -g, --gid GRUPO               forçar a utilização do GRUPO para a "
+#~ "conta\n"
+#~ "\t\t\t\t do novo utilizador\n"
+#~ "  -G, --groups GRUPOS           listar grupos adicionais para a conta\n"
+#~ "                                do novo utilizador\n"
+#~ "  -h, --help                    mostrar esta mensagem de ajuda e sair\n"
+#~ "  -k, --skel SKEL_DIR           especificar um directório SKEL "
+#~ "alternativo\n"
+#~ "  -K, --key KEY=VALUE           ultrapassar as pré-definições de\n"
+#~ "\t\t\t\t /etc/login.defs\n"
+#~ "  -l, --no-log-init             não acrescentar o utilizador às bases de\n"
+#~ "                                dados lastlog e faillog\n"
+#~ "  -m, --create-home             criar directório home para a conta\n"
+#~ "                                do novo utilizador\n"
+#~ "  -M, no-create-home\t\t não criar o directório home para o\n"
+#~ "\t\t\t \t utilizador (ultrapassa /etc/login.defs)\n"
+#~ "  -o, --non-unique              deixar criar utilizador com UID "
+#~ "duplicado\n"
+#~ "                                (não-único)\n"
+#~ "  -p, --password PALAVRA-PASSE  utilizar palavra-passe encriptada para a\n"
+#~ "                                conta do novo utilizador\n"
+#~ "  -r, --system                  criar uma conta de sistema\n"
+#~ "  -s, --shell SHELL             shell de login para a conta do novo\n"
+#~ "\t\t\t\t utilizador\n"
+#~ "  -u, --uid UID                 forçar a utilização do UID para a conta\n"
+#~ "\t\t\t\t do novo utilizador\n"
+#~ "  -U, --user-group              criar um grupo com o mesmo nome do\n"
+#~ "\t\t\t\t utilizador\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -r, --system                  create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Utilização: %s [opções] [input]\n"
+#~ "\n"
+#~ "  -c, --crypt-method            o método de encriptação (um de %s)\n"
+#~ "  -r, --system                  criar contas de sistema\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Palavra-passe definida para caducar."
diff --git a/po/pt_BR.po b/po/pt_BR.po
new file mode 100644
index 0000000..6305f56
--- /dev/null
+++ b/po/pt_BR.po
@@ -0,0 +1,3696 @@
+# Brazilian Portuguese translation of Debian's shadow package.
+# Copyright (C) 2004 Free Software Foundation, Inc.
+# André Luís Lopes <andrelop@debian.org>, 2004.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.15\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2011-11-25 20:20+0100\n"
+"Last-Translator: Fred Ulisses Maranhão <fred.maranhao@gmail.com>\n"
+"Language-Team: Debian-BR Project <debian-l10n-portuguese@lists.debian.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Cadastro de nome multiplos '%s' in %s. Por Favor conserte-o com pwck ou "
+"grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "metodo de encriptacao não suportado por libcrypt? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "erro de configuração - não consigo verificar o valor %s: '%s'"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Não foi possível alocar espaço para a informação de configuração.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"erro de configuração - item '%s' desconhecido (notifique o administrador)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Senha : "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Senha de %s : "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Não foi possível alocar espaço para a informação de configuração.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Mudando a informação de idade para %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s : Não foi possível determinar seu nome de usuário.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s : linha %d : não foi possível encontrar usuário %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s : sem memória\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: não foi possível fazer stat %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s não é diretório, nem link simbólico.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: Não foi possível ler o link simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: link simbólico longo suspeito: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: não foi possível criar o diretório %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: não foi possível mudar o proprietário de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: não foi possível mudar o modo de %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: removendo link: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: não foi possível remover diretório %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: Não foi possível renomear %s para %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: Não foi possível remover %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: não foi possível criar link simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Não foi possível mudar proprietários de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: Não foi possível fazer lstat %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Atenção, usuário %s não tem arquivo tcb shadow.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Emergência: shadow tcb de %s não é um arquivo regular com st_nlink=1.\n"
+"A conta permanece travada.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: Não foi possível abrir %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Aviso : grupo desconhecido %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Aviso : muitos grupos\n"
+
+msgid "Your password has expired."
+msgstr "Sua senha expirou."
+
+msgid "Your password is inactive."
+msgstr "Sua senha está inativa."
+
+msgid "Your login has expired."
+msgstr "Seu login expirou."
+
+msgid "  Contact the system administrator."
+msgstr "  Entre em contato com o adminisrador do sistema."
+
+msgid "  Choose a new password."
+msgstr "  Escolha uma nova senha."
+
+msgid "You must change your password."
+msgstr "Você deve trocar a sua senha."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Sua senha irá expirar em %ld dias.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Sua senha irá expirar amanhã."
+
+msgid "Your password will expire today."
+msgstr "Sua senha irá expirar hoje."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Não posso abrir interface de audit - abortando.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Não consegui mudar o proprietário ou modo do tty stdin: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: falha ao destravar %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Overflow de ambiente\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Você não pode mudar $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d falhas desde o último login.\n"
+"O último foi %s em %s.\n"
+msgstr[1] ""
+"%d falhas desde o último login.\n"
+"O último foi %s em %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Configuração inválida: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Configuração inválida: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: falha ao alocar memória: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: Não foi possível obter GID de sistema único (não há mais GIDs "
+"disponíveis)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Não foi possível obter GID único (não há mais GIDs disponíveis)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Configuração inválida: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Configuração inválida: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: Não foi possível obter UID de sistema único (não há mais UIDs "
+"disponíveis)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: Não foi possível obter UID único (não há mais UIDs disponíveis)\n"
+
+msgid "Too many logins.\n"
+msgstr "Muitos logins.\n"
+
+msgid "You have new mail."
+msgstr "Você possui novas mensagens."
+
+msgid "No mail."
+msgstr "Sem mensagens."
+
+msgid "You have mail."
+msgstr "Você possui mensagens."
+
+msgid "no change"
+msgstr "nenhuma mudança"
+
+msgid "a palindrome"
+msgstr "um palíndromo"
+
+msgid "case changes only"
+msgstr "mudanças de caixa somente"
+
+msgid "too similar"
+msgstr "muito similar"
+
+msgid "too simple"
+msgstr "muito simples"
+
+msgid "rotated"
+msgstr "rotacionado"
+
+msgid "too short"
+msgstr "muita pequena"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Senha ruim : %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd : pam_start() falhou, erro %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd : %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: senha inalterada\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: senha atualizada com sucesso\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Senha incorreta para %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: falha ao abandonar privilégios (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: telefone residencial inválido: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create directory %s: %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: não foi possível criar o diretório %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: não foi possível criar o diretório %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to create tcb directory for %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: Falha ao criar diretório tcb para %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"inválido ENCRYPT_METHOD valor: '%s'.\n"
+"falta de DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Não consegui ir para o diretório '%s'\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Sem diretório, logando com HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Não foi possível executar %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Diretório raíz inválido '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Não foi possível mudar o diretório raíz para '%s'\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Não foi possível determinar o nome de seu tty."
+
+msgid "No"
+msgstr "Não"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] LOGIN\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+"  -d, --lastday ULTIMO_DIA      define última mudança de senha para "
+"ULTIMO_DIA\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -E, --expiredate DATA_EXPIRAÇÃO\n"
+"                                define data de expiração de conta para\n"
+"                                DATA_EXPIRAÇÃO\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+"  -h, --help                    mostrar esta mensagem de ajuda e sair\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive INATIVO        define senha inativa após expiração\n"
+"                                para INATIVO\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+"  -l, --list                    exibe informação sobre idade da conta\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays MIN_DIAS        define número mínimo de dias antes da\n"
+"                                troca de senha para MIN_DIAS\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays MAX_DIAS        define número máximo de dias antes da\n"
+"                                troca de senha para MAX_DIAS\n"
+"  -W, --warndays AVISO_DIAS     define dias para aviso de expiração para\n"
+"                                AVISO_DIAS\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Informe o novo valor ou pressione ENTER para aceitar o padrão"
+
+msgid "Minimum Password Age"
+msgstr "Idade Mínima da Senha"
+
+msgid "Maximum Password Age"
+msgstr "Idade Máxima da Senha"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Última Mudança de Senha (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Aviso de Expiração de Senha"
+
+msgid "Password Inactive"
+msgstr "Senha Inativa"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Data de Expiração de Senha (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Última mudança de senha\t\t\t\t\t: "
+
+msgid "never"
+msgstr "nunca"
+
+msgid "password must be changed"
+msgstr "Senha modificada"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Senha expira\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Senha inativa\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Conta expira\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Número mínimo de dias entre troca de senhas\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Número máximo de dias entre troca de senhas\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Número de dias de avisos antes da expiração da senha\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: data `%s' inválida\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: argumento numérico `%s' inválido\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s : não inclua \"l\" com outras flags\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s : Permissão negada.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s : Não foi possível determinar seu nome de usuário.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: não foi possível travar %s; tente novamente mais tarde.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: não consegui abrir %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: falha ao escrever mudanças em %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: falha ao preparar a nova entrada %s '%s'\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s : o arquivo de senhas shadow não está presente\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: usuário '%s' não existe em %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Mudando a informação de idade para %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s : erro modificando campos\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] [LOGIN]\n"
+"\n"
+"Opções:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+"  -u, --help                    mostrar esta mensagem de ajuda e sair\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Nome Completo"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Número da Sala"
+
+msgid "Work Phone"
+msgstr "Fone de Trabalho"
+
+msgid "Home Phone"
+msgstr "Fone Residencial"
+
+msgid "Other"
+msgstr "Outro"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Não foi possível mudar o ID para root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: nome com caracteres não-ASCII: '%s'\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: nome inválido: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: número da sala com caracteres não-ASCII: '%s'\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: número de sala inválido: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: telefone do trabalho inválido: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: telefone residencial inválido: '%s'\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' contém caracteres não-ASCII\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' contém caracteres ilegais\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: usuário '%s' não existe\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: não foi possível mudar o usuário '%s' no cliente NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' é o NIS mestre para este cliente.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Modificando as informações de usuário para %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s : campos muito extensos\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções]\n"
+"\n"
+"Opções:\n"
+
+#, fuzzy, c-format
+#| msgid "  -c, --crypt-method <METHOD>   the crypt method (one of %s)\n"
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method <MÉTODO>   método de criptografia (dentre %s)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr "  -e, --encrypted               senhas fornecidas são criptografadas\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     criptografa a senha em texto plano usando o\n"
+"                                algoritmo MD5\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"-s, --sha-rounds                Números de SHA rodadas para a SHA *\n"
+"                                algoritmos criptografados\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: flag %s é permitida somente com a flag %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: the -c, -e, and -m flags são exclusivos\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: metodo de encriptação não suportado : %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s : linha %d : linha muito extensa\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s : linha %d : nova senha faltando\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: falha ao remover %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: linha %d: grupo %s não existe\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: linha %d: falhou ao preparar a nova entrada %s '%s'\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s : erro detectado, mudanças ignoradas\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (linha %d, usuário %s) senha inalterada\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: linha %d: usuário '%s' não existe\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+"  -s, --shell SHELL             novo shell de login para a conta de usuário\n"
+
+msgid "Login Shell"
+msgstr "Shell de Login"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Você não pode mudar o shell para '%s'.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Mudando o shell de login para %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s : Entrada inválida : %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s é um shell inválido\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Atenção: %s não existe\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Atenção: %s não é executável\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: opções %s e %s em conflito\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: argumento inesperado: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+"  -a, --all                     mostrar registros de faillog de todos os "
+"usuários\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-secs SEG           depois de login falhar, travar a conta por "
+"SEG segundos\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum MAX             ajustar o máximo de contadores de falha de "
+"logins para MAX\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+"  -r, --reset                   zera os contadores de falhas de login\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time DIAS               mostra os registros do faillog mais recentes "
+"que DIAS dias\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user LOGIN/RANGE        mostra o registro do faillog ou mantém\n"
+"                                contadores e limites de falhas (se usado "
+"com\n"
+"                                -r, -m ou -l) apenas para os LOGIN(s)\n"
+"                                especificados\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Falha ao obter a entrada para o UID %lu\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Login       Falhas   Máximo  Último                   Em\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus restante]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds lock]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Falha em zerar o contador de falhas para o UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Falha ao ajustar o max para o UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Falha ao ajustar o tempo de trava para o UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Usuário ou intervalo desconhecidos: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Não foi possível obter o tamanho de %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: falha ao remover %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opção] GRUPO\n"
+"\n"
+"Opções:\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add USU�RIO             adiciona o USU�RIO ao GRUPO\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete USU�RIO          remove USU�RIO do GRUPO\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr "  -r, --remove-password         remove a senha do GRUPO\n"
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+"  -R, --restrict                restringe acesso dos membros ao GRUPO\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr "  -M, --members USU�RIO,...     ajusta a lista de membros do GRUPO\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators ADMIN,...\n"
+"                                ajusta a lista de administradores para o "
+"GRUPO\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Exceto para as opções -A e -M, as opções não podem ser combinadas.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "As opções não podem ser combinadas.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s : senhas de grupo shadow requeridas para -A\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: grupo '%s' não existe em %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: falha ao fechar %s somente leitura\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Mudando a senha para o grupo %s\n"
+
+msgid "New Password: "
+msgstr "Nova Senha : "
+
+msgid "Re-enter new password: "
+msgstr "Informe a nova senha novamente : "
+
+msgid "They don't match; try again"
+msgstr "As senhas não são iguais; tente novamente"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s : Tente novamente mais tarde\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Adicionando usuário %s ao grupo %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Removendo usuário %s do grupo %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: usuário '%s' não é um membro de '%s'\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s : Não é um tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] GRUPO\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force                   sai com sucesso se o grupo já existe,\n"
+"                                e cancela -g se o GID já está em uso\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr "  -g, --gid GID                 usa GID para o novo grupo\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+"  -K, --key CHAVE=VALOR         sobreescreve os padrões de /etc/login.defs\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              permite criar grupos com GID duplicado\n"
+"                                (não-único)\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+"  -p, --password SENHA          usa a senha criptografada para o novo grupo\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  cria uma conta de sistema\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: '%s' não é um nome de grupo válido\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: ID de grupo '%s' inválido\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s : -K requer CHAVE=VALOR\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: grupo '%s' já existe\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID '%lu' já existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s : Não foi possível determinar seu nome de usuário.\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -r, --reset                   reset the counters of login failures\n"
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+"  -r, --reset                   zera os contadores de falhas de login\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: não é possível remover entrada '%s' de %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: não é possível remover o grupo primário do usuário '%s'\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: grupo '%s' não existe\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: grupo '%s' é um grupo NIS\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s : %s é o mestre NIS\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: usuário '%s' já é um membro de '%s'\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Sem memória. Não pode atualizar %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] [ação]\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group nome_do_grupo     muda nome_do_grupo ao invés do grupo do "
+"usuário\n"
+"                                (apenas root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Ações:\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+"  -a, --add username            adiciona username aos membros do grupo\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr "  -d, --delete username         remove username dos membros do grupo\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr "  -p, --purge                   remove todos os membros do grupo\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    lista os membros do grupo\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: seu nome de grupo não casa com seu nome de usuário\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: apenas o root pode usar a opção -g/--group\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr "  -g, --gid GID                 muda o ID do grupo para GID\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr "  -n, --new-name NOVO_GRUPO     muda o nome para NOVO_GRUPO\n"
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              permite usar um GID (não-único) duplicado\n"
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+"  -p, --password SENHA          muda a senha para esta SENHA "
+"(criptografada)\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: nome de grupo '%s' inválido\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s : grupo %s é um grupo NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s : usuário %s desconhecido\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] [group [gshadow]]\n"
+"\n"
+"Opções:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] [group]\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s e -r são incompatíveis\n"
+
+msgid "invalid group file entry"
+msgstr "entrada inválida no arquivo de grupo"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "remover a linha '%s'? "
+
+msgid "duplicate group entry"
+msgstr "entrada de grupo duplicada"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "nome de grupo '%s' inválido\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "ID de grupo '%lu' inválido\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grupo %s : nenhum usuário %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "remover membro '%s'? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "não há entrada no arquivo de grupos em %s compatível\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "adicionar grupo '%s' em %s? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"o grupo %s tem uma entrada em %s, mas seu campo de senha em %s não está com "
+"o valor 'x'\n"
+
+msgid "invalid shadow group file entry"
+msgstr "entrada inválida no arquivo de grupo shadow"
+
+msgid "duplicate shadow group entry"
+msgstr "entrada de grupo shadow duplicada"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "grupo shadow %s : nenhum usuário administrativo %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "remover membro administrativo '%s'? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "grupo shadow %s : nenhum usuário %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s : os arquivos foram atualizados\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s : nenhuma mudança\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: não é possível apagar %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Uso : id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Uso : id\n"
+
+msgid " groups="
+msgstr " grupos="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+"  -b, --before DIAS             imprime somente registros lastlog mais\n"
+"                                antigos que DIAS\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+"  -a, --all                     mostrar registros de faillog de todos os "
+"usuários\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+"  -a, --all                     mostrar registros de faillog de todos os "
+"usuários\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time DIAS               imprime somente registros lastlog mais\n"
+"                                recentes que DIAS\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+"  -u, --user LOGIN              imprime registro lastlog para usuário com\n"
+"                                LOGIN especificado\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "Nome de Usuário         Porta     De             Último"
+
+msgid "Username                Port     Latest"
+msgstr "Nome de Usuário               Porta    Último"
+
+msgid "**Never logged in**"
+msgstr "**Nunca logou**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Falha ao obter a entrada para o UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s : não foi possível atualizar arquivo de senhas\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Uso : %s [-p] [nome]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "      %s [-p] [-h host] [-f nome]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "      %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "erro de configuração - não foi possível verificar o valor %s: '%d'"
+
+msgid "Invalid login time"
+msgstr "Hora de login inválida"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistema fechado para manutenção de rotina"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Desconexão contornada -- login de root permitido.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: talvez não seja possível trabalhar sem o root efetivamente\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Nenhuma entrada utmp. Voce deve executar \"login\" do \"sh\" de nível mais "
+"baixo"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Login expirou após %u segundos.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: Falha do PAM, abortando: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "Login %s: "
+
+msgid "login: "
+msgstr "login:"
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Número máximo de tentativas excedido (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: abortar requesitado pelo PAM\n"
+
+msgid "Login incorrect"
+msgstr "Login incorreto"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s : linha %d : não foi possível encontrar usuário %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login : "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: falha iniciando: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY falha na %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Aviso : login rehabilitado após travamento temporário."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Último login : %s em %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Último login : %.19s em %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " de %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"tempo de login excedido\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Uso: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Uso : newgrp [-] [grupo]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Uso : sg group [[-c] comando]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: falha ao remover %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Senha inválida.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: falha ramificando: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID '%lu' não existe\n"
+
+msgid "too many groups\n"
+msgstr "muitos grupos\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  cria contas de sistema\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: grupo '%s' é um grupo shadow, mas não existe em /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: ID de usuário '%s' inválido\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s : nome de usuário '%s' inválido\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s : linha %d : linha inválida\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: não conseguiu atualizar a entrada do usuário %s (não está no banco de "
+"dados passwd)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: linha %d: não foi possível criar usuário\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: linha %d: não foi possível criar grupo\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: linha %d: usuário '%s' não existe em %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s : linha %d : não foi possível atualizar a senha\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: linha %d: mkdir %s falhou: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: linha %d: chown %s falhou: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s : linha %d : não foi possível atualizar entrada\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: falha ao preparar a nova entrada %s '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: não foi possível criar usuário\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s : não foi possível atualizar arquivo de grupo\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+"  -a, --all                     reportar estado de senhas em toda as contas\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+"  -d, --delete                  remover a senha para a conta indicada\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  forçar expiração da senha para a conta "
+"indicada\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr "  -k, --keep-tokens             mudar senha somente caso expirada\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive INATIVO        definir senha inativa após expiração para\n"
+"                                INATIVO\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr "  -l, --lock                    trava a conta indicada\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays MIN_DIAS        define número mínimo de dias antes da troca\n"
+"                                de senhas para MIN_DIAS\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   modo silencioso\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+"  -r, --repository REPOSITÓRIO  mudar senha no repositório REPOSITÓRIO\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+"  -S, --status                  reportar estado de senha para a conta "
+"indicada\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr "  -u, --unlock                  destravar a conta indicada\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -w, --warndays DIAS_AVISO     define dias de aviso de expiração para\n"
+"                                DIAS_AVISO\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays MAX_DIAS        define número máximo de dias antes da troca\n"
+"                                de senhas para MAX_DIAS\n"
+
+msgid "Old password: "
+msgstr "Senha antiga : "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Informe a nova senha (mínimo de %d caracteres)\n"
+"Por favor, use uma combinação de letras em maiúsculas e minúsculas\n"
+"e de números.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Informe a nova senha (mínimo de %d, máximo de %d caracteres)\n"
+"Por favor, use uma combinação de letras em maiúsculas e minúsculas\n"
+"e de números.\n"
+
+msgid "New password: "
+msgstr "Nova senha : "
+
+msgid "Try again."
+msgstr "Tente novamente."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Aviso : senha fraca (informe-a novamente para usá-la de qualquer forma)."
+
+msgid "They don't match; try again.\n"
+msgstr "As senhas não são iguais; tente novamente.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "A senha para %s não pode ser modificada.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "A senha para %s ainda não pode ser modificada.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: Desbloquear a senha pode resultar em uma conta sem senha.\n"
+"Você deve ajustar a senha com usermod -p para desbloquear esta conta.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s : repositório %s não suportado\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s não está autorizado a trocar a senha de %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+"%s: Você não pode visualizar ou modificar informações de senha para %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Modificando a senha para %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "A senha para %s não foi modificada.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: senha modificada.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: informação de expiração de senha alterada.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] [passwd]\n"
+"\n"
+"Opções:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] [passwd [shadow]]\n"
+"\n"
+"Opções:\n"
+
+#, fuzzy
+#| msgid "  -q, --quiet                   quiet mode\n"
+msgid "  -q, --quiet                   report errors only\n"
+msgstr "  -q, --quiet                   modo silencioso\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: não é permitido arquivo shadow alternativo quando USE_TCB está "
+"habilitado.\n"
+
+msgid "invalid password file entry"
+msgstr "entrada de arquivo de senha inválida"
+
+msgid "duplicate password entry"
+msgstr "entrada de senha duplicada"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "nome de usuário '%s' inválido\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "ID de usuário '%lu' inválido\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "usuário '%s': nenhum grupo %lu\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "usuário '%s': diretório '%s' não existe\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "usuário '%s': programa '%s' não existe\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "não há diretório tcb para %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "criar diretório tcb para %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "falhou ao criar diretório tcb para %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: não posso travar %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "não há entrada no arquivo de senhas em %s compatível\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "adicionar usuário '%s' em %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"usuário %s tem uma entrada em %s, mas seu campo de senha em %s não está com "
+"o valor 'x'\n"
+
+msgid "invalid shadow password file entry"
+msgstr "entrada de arquivos de senhas shadow inválida"
+
+msgid "duplicate shadow password entry"
+msgstr "entrada de senha shadow inválida"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "usuário %s : última mudança de senha no futuro\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: não é possível ordenar entradas em %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: não é possível funcionar com tcb habilitado\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: falha ao mudar o modo de %s para 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Acesso ao su para esta conta NEGADO.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Autenticação por senha contornada.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Por favor, informe sua PRÓPRIA senha como autenticação.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Não posso ramificar shell de usuário\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: mal funcionamento do sinal\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: al funcionamento da máscara do sinal\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Sessão terminada, encerrando o shell..."
+
+msgid " ...killed.\n"
+msgstr " ...morto.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...esperando o filho terminar.\n"
+
+msgid " ...terminated.\n"
+msgstr " ...encerrado.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Uso: su [opções] [LOGIN]\n"
+"\n"
+"Opções:\n"
+"  -c, --command COMANDO         passa COMANDO para o shell invocado\n"
+"  -h, --help                    exibe esta mensagem de ajuda e finaliza\n"
+"  -, -l, --login                torna o shell um shell de login\n"
+"  -m, -p,\n"
+"  --preserve-environment       não zera variáveis de ambiente e\n"
+"                                mantém o mesmo shell\n"
+"  -s, --shell SHELL             utiliza SHELL ao invés do padrão no passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s : %s\n"
+"(Ignorado)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Você não está autorizado a usar o su para %s\n"
+
+msgid "(Enter your own password)"
+msgstr "{Informe sua própria senha)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: Falha de autenticação\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Você não está autorizado a usar o su agora\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Nenhuma entrada de senha para 'root'"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s : deve ser executado a partir de um terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s : pam_start : erro %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot remove the content of %s: %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Não é possível remover o conteúdo de %s: %s\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Não foi possível executar %s\n"
+
+msgid "No password file"
+msgstr "Sem arquivo de senhas"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY falhou"
+
+msgid "No password entry for 'root'"
+msgstr "Nenhuma entrada de senha para 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Digite Control-D para continuar com a inicialização normal,\n"
+"(ou forneça a senha de root para administração do sistema) :"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Entrando em Modo de Manutenção do Sistema"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s foi criado, mas não pode ser removido\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: a configuração %s em %s será ignorada\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: não foi possível criar novo arquivo de padrões\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: não foi possível abrir novo arquivo de padrões\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: linha muito longa em %s: %s..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: não foi possível criar link simbólico %s: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: renomear: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: grupo '%s' é um grupo NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: muitos grupos especificados (máximo %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Uso: %s [opções] LOGIN\n"
+"     %s -D\n"
+"     %s -D [opções]\n"
+"\n"
+"Opções:\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -b, --base-dir BASE_DIR       diretório base para o diretório pessoal da\n"
+"                                nova conta\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr "  -c, --comment COMENT�RIO      campo GECOS da nova conta\n"
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr "  -d, --home-dir DIR_PESSOAL    diretório pessoal da nova conta\n"
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+"  -D, --defaults                exibe ou altera configuração padrão do "
+"useradd\n"
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+"  -e, --expiredate DATA_DE_EXPIRAÇÃO  data de expiração da nova conta\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+"  -f, --inactive INATIVO        período de inatividade de senha da nova "
+"conta\n"
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+"  -g, --gid GRUPO               nome ou ID do grupo primário da nova\n"
+"                                conta\n"
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+"  -G, --groups GRUPOS           lista de grupos complementares da nova\n"
+"                                conta\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+"  -k, --skel SKEL_DIR           use este diretório esqueleto (skeleton) "
+"alternativo\n"
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -l, --no-log-init             não adiciona o usuário aos bancos de dados\n"
+"                                lastlog e faillog\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr "  -m, --create-home             cria o diretório pessoal do usuário\n"
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+"  -M, --no-create-home          não cria o diretório pessoal do usuário\n"
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+"  -N, --no-user-group           não cria um grupo com o mesmo nome do "
+"usuário\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              permite criar usuários com UID duplicado\n"
+"                                (não-único)\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr "  -p, --password SENHA          senha criptografada da nova conta\n"
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr "  -s, --shell SHELL             shell de login da nova conta\n"
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr "  -u, --uid UID                 ID de usuário da nova conta\n"
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+"  -U, --user-group              cria um grupo com o mesmo nome do usuário\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+"  -Z, --selinux-user USU�RIO_SE  usa um USU�RIO_SE específico para o "
+"mapeamento de\n"
+"                                 usuário SELinux\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: diretório base '%s' inválido\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: comentário '%s' inválido\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: diretório pessoal '%s' inválido\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s : senhas shadow necessárias para -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s : senhas shadow necessárias para -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: campo '%s' inválido\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: shell '%s' inválida\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z precisa de um núcleo com o SELinux habilitado\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: falha ao zerar a entrada do faillog de UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: falha ao zerar a entrada do lastlog do UID %lu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: falha ao preparar a nova entrada %s '%s'\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s : não foi possível criar diretório %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Criando caixa-postal"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Grupo 'mail' não encontrado.Criando o usuário caixa-postal arquivo no modo "
+"0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Configurando caixa-postal arquivos de permissao"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: usuário '%s' já existe\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s : grupo %s existe - caso você ueira adicionar esse usuário a esse\n"
+"grupo, utilize -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: não foi possível criar usuário\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu não é único\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: Falha ao criar diretório tcb para %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: não é possível criar grupo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: não foi possível criar usuário\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: não é possível criar grupo\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: aviso: o diretório pessoal já existe.\n"
+"Não copiando nenhum arquivo do diretótio skel.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: atenção: o relacionamento do nome de usuário %s para o usuário SELinux "
+"%s falhou.\n"
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   força remoção dos arquivos,\n"
+"                                mesmo se não forem do usuário\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+"  -r, --remove                  remove o diretório pessoal e spool de "
+"mensagens\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -Z, --selinux-user            new SELinux user mapping for the user "
+#| "account\n"
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+"  -Z, --selinux-user            novo mapeamento de usuário SELinux para a "
+"conta de usuário\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove the primary group of user '%s'\n"
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: não é possível remover o grupo primário do usuário '%s'\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: grupo %s é o grupo primário de outro usuário e não será removido.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: não é possível remover entrada '%s' de %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s home directory (%s) not found\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: diretório pessoal %s (%s) não encontrado\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: atenção: não é possível remover %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s : %s não é propriedade de %s, não removendo\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+"%s: Não é possível alocar memória, a entrada tcb para %s não foi removida.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Não é possível retirar privilégios: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Não é possível remover o conteúdo de %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: Não é possível remover arquivos tcb para %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s : usuário %s é um usuário NIS\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: diretório pessoal %s (%s) não encontrado\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s : não removendo diretório %s (removeria o home do usuário %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s : erro removendo diretório %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: atenção: o relacionamento do nome de usuário %s para o usuário SELinux "
+"%s falhou.\n"
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment COMENT�RIO      novo valor do campo GECOS\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+"  -d, --home DIR_PESSOAL        novo diretório de login para a nova conta "
+"de\n"
+"                                usuário\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -e, --expiredate DATA_EXPIRA  define data de expiração de conta para\n"
+"                                DATA_EXPIRA\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive INATIVO        define inatividade de senha após expiração\n"
+"                                para INATIVO\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+"  -g, --gid GRUPO               forçar usar GRUPO como novo grupo primário\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr "  -G, --groups GRUPOS           nova lista de GRUPOS suplementares\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+"  -a, --append                  anexa o usuário para os GRUPOS "
+"suplementares\n"
+"                                mencionados pela opção -G sem remove-lo de\n"
+"                                outros grupos\n"
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login LOGIN             novo valor do nome de login\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    trava a conta de usuário\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               move o conteúdo do diretório pessoal para\n"
+"                                a novo localização (use somente com -d)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              permitir usar UID duplicados (não-únicos)\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+"  -p, --password SENHA          usar senha criptografada para a nova senha\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr "  -u, --uid UID                 novo UID para a conta de usuário\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr "  -U, --unlock                  destravar a conta de usuário\n"
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -Z, --selinux-user            new SELinux user mapping for the user "
+#| "account\n"
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -Z, --selinux-user            novo mapeamento de usuário SELinux para a "
+"conta de usuário\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: Desbloquear a senha do usuario pode resultar em conta sem senha.\n"
+"Você deve ajustar a senha com usermod -p para desbloquear a senha\n"
+"deste usuário.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: usuário '%s' já existe em %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: data `%s' inválida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: data `%s' inválida\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: no options\n"
+msgstr "%s: não consegui abrir %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: the -L, -p, and -U flags são exclusivas\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s : senhas shadow necessárias para -e e -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID '%lu' já existe\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s não está autorizado a trocar a senha de %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s : diretório %s existe\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: O diretório pessoal anterior (%s) não é um diretório. Ele não foi "
+"removido e nenhum diretório pessoal foi criado.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Falha ao mudar o proprietário do diretório pessoal"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: aviso: falha completa ao remover antigo diretório pessoal %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s : não foi possível renomear diretório %s para %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: falha ao copiar a entrada lastlog do usuário %lu para o usuário %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr "%s: falha ao copiar a entrada faillog do usuário %lu para o %lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s : aviso : %s não é propriedade de %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "falha au mudar o dono da caixa-postal"
+
+msgid "failed to rename mailbox"
+msgstr "falha ao renomear caixa-postal"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: falha ao preparar a nova entrada %s '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: falha ao preparar a nova entrada %s '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: falha ao preparar a nova entrada %s '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: falha ao preparar a nova entrada %s '%s'\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Você modificou %s.\n"
+"Talvez você precise modificar %s para ter coerência.\n"
+"Por favor use o comando '%s' para faze-lo.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   edita banco de dados de grupo\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd                  edita banco de dados passwd\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+"  -s, --shadow                  editar o banco de dados shadow ou gshadow\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+"  -u, --user                    que arquivo shadow tcb de usuário editar\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: falha ao remover %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s está inalterado\n"
+
+msgid "failed to create scratch directory"
+msgstr "falha ao criar diretório rascunho"
+
+msgid "failed to drop privileges"
+msgstr "falha ao remover privilégios"
+
+msgid "Couldn't get file context"
+msgstr "Não posso obter contexto de arquivo"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () falhou"
+
+msgid "failed to gain privileges"
+msgstr "falha ao obter privilégios"
+
+msgid "Couldn't lock file"
+msgstr "Não foi possível obter lock em arquivo"
+
+msgid "Couldn't make backup"
+msgstr "Não foi possível fazer backup"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s : %s não encontrado em /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "falha ao abrir arquivo de rascunho"
+
+msgid "failed to unlink scratch file"
+msgstr "falha ao desvincular arquivo de rascunho"
+
+msgid "failed to stat edited file"
+msgstr "falha ao fazer stat de arquivo editado"
+
+msgid "failed to allocate memory"
+msgstr "falha ao alocar memória"
+
+msgid "failed to create backup file"
+msgstr "falha ao criar arquivo de backup"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s : não foi possível restaurar %s : %s (suas mudanças estão em %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: falha ao procurar o diretório tcb para %s\n"
+
+#~ msgid "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ msgstr ""
+#~ "  -c, --crypt-method            o método de criptografia (dentre %s)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Uso: vipw [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) falhou\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: chage [opções] [LOGIN]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -d, --lastday ULTIMO_DIA         define última mudança de senha para "
+#~ "ULTIMO_DIA\n"
+#~ "  -E, --expiredate DATA_EXPIRAÇÃO  define data de expiração de conta "
+#~ "para\n"
+#~ "                                   DATA_EXPIRAÇÃO\n"
+#~ "  -h, --help                       exibe esta mensagem de ajuda e sai\n"
+#~ "  -I, --inactive INATIVO           define senha inativa após expiração\n"
+#~ "                                   para INATIVO\n"
+#~ "  -l, --list                       exibe informação sobre idade da conta\n"
+#~ "  -m, --mindays MIN_DIAS           define número mínimo de dias antes da\n"
+#~ "                                   troca de senha para MIN_DIAS\n"
+#~ "  -M, --maxdays MAX_DIAS           define número máximo de dias antes da\n"
+#~ "                                   troca de senha para MAX_DIAS\n"
+#~ "  -W, --warndays AVISO_DIAS        define dias para aviso de expiração "
+#~ "para\n"
+#~ "                                   AVISO_DIAS\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s : autenticação PAM falhou\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Uso : %s [-f nome_completo] [-r número_sala] [-w fone_trabalho]\n"
+#~ "\t[-h fone_residencial] [-o outro] [usuário]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Uso : %s [-f nome_completo] [-r número_sala] [-w fone_rabalho] [-h "
+#~ "fone_residencial]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Uso: %s [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -c, --crypt-method            o método de criptografia (dentre %s)\n"
+#~ "  -e, --encrypted               senhas fornecidas estão criptografadas\n"
+#~ "  -h, --help                    exibir esta mensagem de ajuda e "
+#~ "finalizar\n"
+#~ "  -m, --md5                     criptografar a senha em texto plano "
+#~ "usando\n"
+#~ "                                o algoritmo MD5\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Use: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    exibir a mensagem de ajuda e sair\n"
+#~ "  -s, --shell SHELL             novo login shell para conta de usuario\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Uso : expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: Falha em conseguir a entrada para o UID %lu\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: não foi possível abrir %s: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: Não foi possível obter o tamanho de %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Uso: groupdel grupo\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Uso : %s [-r] [-s] [grupo [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Uso : %s [-r] [-s] [grupo]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s : -s e -r são incompatíveis\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Uso: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Uso: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: lastlog [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -b, --before DIAS             imprime somente registros lastlog mais\n"
+#~ "                                antigos que DIAS\n"
+#~ "  -h, --help                    exibe esta mensagem de ajuda e finaliza\n"
+#~ "  -t, --time DIAS               imprime somente registros lastlog mais\n"
+#~ "                                recentes que DIAS\n"
+#~ "  -u, --user LOGIN              imprime registro lastlog para usuário "
+#~ "com\n"
+#~ "                                LOGIN especificado\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: passwd [opções] [LOGIN]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -a, --all                     reportar estado de senhas em toda as "
+#~ "contas\n"
+#~ "  -d, --delete                  remover a senha para a conta indicada\n"
+#~ "  -e, --expire                  forçar expiração da senha para a conta "
+#~ "indicada\n"
+#~ "  -h, --help                    exibir esta mensagem de ajuda e sai\n"
+#~ "  -k, --keep-tokens             mudar senha somente caso expirada\n"
+#~ "  -i, --inactive INATIVO        definir senha inativa após expiração "
+#~ "para\n"
+#~ "                                INATIVO\n"
+#~ "  -l, --lock                    trava a conta indicada\n"
+#~ "  -n, --mindays MIN_DIAS        define número mínimo de dias antes da "
+#~ "troca\n"
+#~ "                                de senhas para MIN_DIAS\n"
+#~ "  -q, --quiet                   modo silencioso\n"
+#~ "  -r, --repository REPOSITÓRIO  mudar senha no repositório REPOSITÓRIO\n"
+#~ "  -S, --status                  reportar estado de senha para a conta "
+#~ "indicada\n"
+#~ "  -u, --unlock                  destravar a conta indicada\n"
+#~ "  -w, --warndays DIAS_AVISO     define dias de aviso de expiração para\n"
+#~ "                                DIAS_AVISO\n"
+#~ "  -x, --maxdays MAX_DIAS        define número máximo de dias antes da "
+#~ "troca\n"
+#~ "                                de senhas para MAX_DIAS\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Uso: %s [-q] [-r] [passwd]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Uso : %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Uso: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Uso: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Id desconhecido : %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Sem shell\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -f, --force                   força remoção dos arquivos,\n"
+#~ "                                mesmo se não forem do usuário\n"
+#~ "  -h, --help                    exibe esta mensagem de ajuda e sai\n"
+#~ "  -r, --remove                  remove o diretório pessoal e spool de "
+#~ "mensagens\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s : o usuário %s está logado no momento\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Uso: usermod [opções] LOGIN\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -c, --comment COMENT�RIO      novo valor do campo GECOS\n"
+#~ "  -d, --home DIR_PESSOAL        novo diretório de login para a nova conta "
+#~ "de\n"
+#~ "                                usuário\n"
+#~ "  -e, --expiredate DATA_EXPIRA  define data de expiração de conta para\n"
+#~ "                                DATA_EXPIRA\n"
+#~ "  -f, --inactive INATIVO        define inatividade de senha após "
+#~ "expiração\n"
+#~ "                                para INATIVO\n"
+#~ "  -g, --gid GRUPO               forçar usar GRUPO como novo grupo "
+#~ "primário\n"
+#~ "  -G, --groups GRUPOS           nova lista de GRUPOS suplementares\n"
+#~ "  -a, --append                  anexa o usuário para os GRUPOS "
+#~ "suplementares\n"
+#~ "                                mencionados pela opção -G sem remove-lo "
+#~ "de\n"
+#~ "                                outros grupos\n"
+#~ "  -h, --help                    exibe esta mensagem de ajuda e sai\n"
+#~ "  -l, --login LOGIN             novo valor do nome de login\n"
+#~ "  -L, --lock                    trava a conta de usuário\n"
+#~ "  -m, --move-home               move o conteúdo do diretório pessoal "
+#~ "para\n"
+#~ "                                a novo localização (use somente com -d)\n"
+#~ "  -o, --non-unique              permitir usar UID duplicados (não-"
+#~ "únicos)\n"
+#~ "  -p, --password SENHA          usar senha criptografada para a nova "
+#~ "senha\n"
+#~ "  -s, --shell SHELL             novo shell de login para a conta de "
+#~ "usuário\n"
+#~ "  -u, --uid UID                 novo UID para a conta de usuário\n"
+#~ "  -U, --unlock                  destravar a conta de usuário\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s : nenhuma flag informada\n"
+
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: vipw [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -g, --group                   editar base de dados de grupo\n"
+#~ "  -h, --help                    exibir esta mensagem de ajuda e "
+#~ "finalizar\n"
+#~ "  -p, --passwd                  editar base de dados de senhas\n"
+#~ "  -q, --quiet                   modo quieto\n"
+#~ "  -s, --shadow                  editar base de dados shadow ou gshadow\n"
+#~ "\n"
+
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Uso : %s [entrada]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s : não foi possível criar %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s : não foi possível executar chown %s\n"
+
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     display faillog records for all users\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --lock-time SEC           after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| "  -m, --maximum MAX             set maximum failed login counters to "
+#~| "MAX\n"
+#~| "  -r, --reset                   reset the counters of login failures\n"
+#~| "  -t, --time DAYS               display faillog records more recent than "
+#~| "DAYS\n"
+#~| "  -u, --user LOGIN              display faillog record or maintains "
+#~| "failure\n"
+#~| "                                counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| "                                options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: faillog [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -a, --all             exibir registros faillog para todos os usuários\n"
+#~ "  -h, --help            exibiri esta mensagem de ajuda e finalizar\n"
+#~ "  -l, --lock-time SEG   após falha de login travar conta por SEG "
+#~ "segundos\n"
+#~ "  -m, --maximum MAX     define contadores de logins falhos para MAX\n"
+#~ "  -r, --reset           zerar os contadores de falhas de login\n"
+#~ "  -t, --time DIAS       exibir registros faillog mais recentes que DIAS\n"
+#~ "  -u, --user LOGIN      exibir registros faillog ou manter somente\n"
+#~ "                        contadores de falhas e limites (caso usado com\n"
+#~ "                        as opções -r, -m ou -l) para usuário com LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: groupadd [opções] grupo\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -f, --force                   forçar sair com estado de sucesso caso\n"
+#~ "                                grupo especificado já exista\n"
+#~ "  -g, --gid GID                 utilizar GID para o novo grupo\n"
+#~ "  -h, --help                    exibir esta mensagem de ajuda e "
+#~ "finalizar\n"
+#~ "  -K, --key CHAVE=VALOR         sobrepõe os padrões em /etc/login.defs\n"
+#~ "  -o, --non-unique              permiti criar grupo com GID duplicado\n"
+#~ "                                (não-único)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: groupadd [opções] grupo\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -f, --force                   forçar sair com estado de sucesso caso\n"
+#~ "                                grupo especificado já exista\n"
+#~ "  -g, --gid GID                 utilizar GID para o novo grupo\n"
+#~ "  -h, --help                    exibir esta mensagem de ajuda e "
+#~ "finalizar\n"
+#~ "  -K, --key CHAVE=VALOR         sobrepõe os padrões em /etc/login.defs\n"
+#~ "  -o, --non-unique              permiti criar grupo com GID duplicado\n"
+#~ "                                (não-único)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Uso: useradd [opções] LOGIN\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -b, --base-dir DIR_BASE       diretório base para o diretório pessoal\n"
+#~ "                                da nova conta de usuário\n"
+#~ "  -c, --comment COMENT�RIO      define o campo GECOS para a nova conta "
+#~ "de\n"
+#~ "                                usuário\n"
+#~ "  -d, --home-dir DIR_PESSOAL    diretório pessoal para a nova conta de\n"
+#~ "                                usuário\n"
+#~ "  -D, --defaults                imprime ou salva configuração padrão do\n"
+#~ "                                useradd modificada\n"
+#~ "  -e, --expiredate DATA_EXPIRA  define data de expiração de conta para\n"
+#~ "                                DATA_EXPIRA\n"
+#~ "  -f, --inactive INATIVO        define inatividade de senha após "
+#~ "expiração\n"
+#~ "                                para INATIVO\n"
+#~ "  -g, --gid GRUPO               força utilização de GRUPO para nova "
+#~ "conta\n"
+#~ "                                de usuário\n"
+#~ "  -G, --groups GRUPOS           lista de grupos suplementares para a "
+#~ "nova\n"
+#~ "                                conta de usuário\n"
+#~ "  -h, --help                    exibe esta mensagem de ajuda e finaliza\n"
+#~ "  -k, --skel DIR_SKEL           especifica um diretório skel alternativo\n"
+#~ "  -K, --key CHAVE=VALOR         sobrepões os padrões do /etc/login.defs\n"
+#~ "  -m, --create-home             cria diretório pessoal para a nova conta "
+#~ "de\n"
+#~ "                                usuário\n"
+#~ "  -o, --non-unique              permite cirar usuário com UID duplicado\n"
+#~ "                                (não-único)\n"
+#~ "  -p, --password SENHA          utiliza senha encriptada para a nova "
+#~ "conta\n"
+#~ "                                de usuário\n"
+#~ "  -s, --shell SHELL             o shell de login para a nova conta\n"
+#~ "                                de usuário\n"
+#~ "  -u, --uid UID                 força o uso de UID para a nova conta\n"
+#~ "                                de usuário\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -r, --system                  create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Use: %s [opções] [input]\n"
+#~ "\n"
+#~ "  -c, --crypt-method            metodo de criptacao (um de %s)\n"
+#~ "  -r, --system                  criar sistema de contas\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Senha configurada para expirar."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivo de senhas\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s : não foi possível abrir o arquivo de senhas\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivos de senhas shadow\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de senhas shadow\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s : não foi possível reescrever arquivo de senhas shadow\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s : não foi possível reescrever arquivo de senhas\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s : não foi possível atualizar arquivos de senhas shadow\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tNome Completo : %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tNúmero da Sala: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tFone de Trabalho: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tFone Doméstico: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr ""
+#~ "Não foi possível fazer local em arquivo de senhas; tente novamente mais "
+#~ "tarde.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Não foi possível abrir arquivo de senhas.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Erro atualizando a entrada de senha.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Não foi possível gravar as mudanças no arquivo de senhas.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Não foi possível remover o locak do arquivo de senhas.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s : não foi possível obter lock no arquivo de grupo\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de grupo\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s : nao foi possível obter lock no arquivo gshadow\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s : não foi possível abrir arquivo shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s : erro atualizando arquivo shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s : erro atualizando entrada de grupo\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s : linha %d : grupo %s desconhecido\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s : linha %d : não foi possível atualizar entrada\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s : nao foi possível obter lock em arquivo shadow\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s : erro atualizando arquivo shadow\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s : erro atualizando arquivo de senhas\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s : linha %d : usuário %s desconhecido\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s : linha %d : não foi possível atualizar entrada de senha\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s : usuário desconhecido\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Usuário Desconhecido : %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Uso : %s [-r|-R] grupo\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "      %s [-a usuário] grupo\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "      %s [-d usuário] grupo\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "      %s [-A usuário,...] [-M usuário,...] grupo\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "      %s [-M usuário,...] grupo\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s : não foi possível obter lock\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s : nõ foi possível obter lock shadow\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s : não foi possível abrir arquivo\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s : não foi possível regravar arquivo shadow\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s : não foi possível remover o lock do arquivo\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s : não foi possível atualizar entrada\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s : não foi possível atualizar entrada shadow\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "grupo desconhecido : %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s : não foi possível abrir arquivo\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s : não foi possível abrir arquivo shadow\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Quem é você ?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s : membro %s desconhecido\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s : erro adicionando nova entrada de grupo\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s : não foi possível regravar arquivo de grupo\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s : não foi possível regravar arquivo de grupo shadow\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivo de grupo\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de grupo\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivo de grupo shadow\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de grupo shadow\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s : GID %u não é único\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s : erro removendo entrada de grupo\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s : erro removendo entrada de grupo shadow\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s : não foi possível remover grupo primário do usuário.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Não foi possivel encontrar membro para remover\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Uso :  membrosdogrupo -a nomedousuario | -d nomedousuario | -D | -l [-g "
+#~ "nomedogrupo]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Somente o root pode adicionar membros para diferentes grupos\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Acesso ao grupo é necessário\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "proprietario do grupo atual\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s : autenticação PAM falhou\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivo de grupo\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de grupo\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s : %s não encontrado em /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s : %u não é um GID único\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s : %s não é um nome único\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s : não foi possível reescrever arquivo de senhas\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivo de senhas\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de senhas\n"
+
+#~ msgid ""
+#~ "%s: cannot change the primary group of user '%s' from %u to %u, since it "
+#~ "is not in the passwd file.\n"
+#~ msgstr ""
+#~ "%s: não foi possivel mudar o grupo primário do usuario '%s' de %u para "
+#~ "%u, uma vez que  não se encontra no arquivo passwd.\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s : não foi possível atualizar entrada shadow para %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s : não foi possível atualizar entrada para grupo %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivo de grupo shadow\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de grupo shadow\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s : não foi possível remover grupo shadow %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s : não foi possível atualizar arquivo de grupo shadow\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s : não foi possível remover arquivo de grupo shadow\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "GID desconhecido : %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "GID desconhecido : %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s : grupo %s não existe\n"
+
+#~ msgid ""
+#~ "%s: group %s created, failure during the creation of the corresponding "
+#~ "gshadow group\n"
+#~ msgstr ""
+#~ "%s: grupo %s criado, falha durante a criação do grupo correspondente ao "
+#~ "gshadow\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s : usuário %s não existe\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s : nome de usuário '%s' inválido\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s : não foi possível obter de /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s : não foi possível obter de /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s : não foi possível obter de /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s : não foi possível obter de /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s : não foi possível abrir arquivos\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s : erro atualizando arquivos\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s : não foi possível atualizar entrada passwd para %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivo passwd\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s : não foi possível abrir arquivo passwd.\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s : não foi possível remover entrada shadow para %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s : não foi possível atualizar arquivo passwd\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s : não foi possível atualizar entrada para usuário %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s : não foi possível remover arquivo de senhas shadow\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s : GID %s desconhecido\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s : grupo %s desconhecido\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s : sem memória em update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s : não foi possível reescrever arquivo de senhas\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s : não foi possível reescrever arquivo de senhas shadow\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s : não foi possível obter lock em arquivo de senhas shadow\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de senhas shadow\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s : erro obtendo lock em arquivo de grupo\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s : erro abrindo arquivo de grupo\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s : erro obtendo lock em arquivo de grupo shadow\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s : erro abrindo arquivo de grupo shadow\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s : erro adicionando nova entrada de senha\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s : erro adicionando nova entrada de senha shadow\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s : aviso CREATE_HOME não é suportado, por favor, utilize -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s : erro atualizando entrada de grupo\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s : erro atualizando entrada de grupo\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de grupo\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s : não foi possível abrir arquivo de grupo shadow\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s : erro removendo entrada de senha\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s : erro removendo entrada de senha shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s : erro adicionando nova entrada de grupo\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s : o uid %lu não é único\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s : erro modificando entrada de senha\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s : erro removendo entrada de senha\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s erro removendo entrada de senha shadow\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s : não foi possível obter GID único\n"
+
+#, fuzzy
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " em `%.100s' de `%.200s'"
+
+#, fuzzy
+#~ msgid " on '%.100s'"
+#~ msgstr " em `%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s : linha %d : não foi possível criar UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s : o nome %s não é único\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Uso: chgpasswd [opções]\n"
+#~ "\n"
+#~ "Opções:\n"
+#~ "  -e, --encrypted\tsenhas fornecidas estão encriptadas\n"
+#~ "  -h, --help\t\texibir esta mensagem de ajuda e finalizar\n"
+#~ "  -m, --md5\t\tutilizar encriptação MD5 ao invés de DES quando as\n"
+#~ "\t\t\tsenhas fornecidas não estiverem encriptadas\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Sem arquivo de senhas\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Desculpe.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Desculpe, a senha para %s ainda não pode ser modificada.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Desculpe."
diff --git a/po/ro.po b/po/ro.po
new file mode 100644
index 0000000..9baeff7
--- /dev/null
+++ b/po/ro.po
@@ -0,0 +1,3575 @@
+# translation of shadow_ro.po to Romanian
+# This file is distributed under the same license as the PACKAGE package.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER.
+# Sorin Batariuc <sorin@bonbon.net>, 2004, 2005, 2006.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.17\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2007-11-26 18:18+0100\n"
+"Last-Translator: Sorin Batariuc <sorin@bonbon.net>\n"
+"Language-Team: Romanian <debian-l10n-romanian@lists.debian.org>\n"
+"Language: ro\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=n>1\n"
+"X-Generator: KBabel 1.10.2\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Nu pot aloca spaţiu pentru informaţiile despre configurare.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"eroare de configurare - element necunoscut '%s' (anunţaţi administratorul)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Parola: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Parola pentru %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Nu pot aloca spaţiu pentru informaţiile despre configurare.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Modific informaţia de temporalitate pentru %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Nu vă pot determina numele de utilizator.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: linia %d: nu pot găsi utilizatorul %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: nu mai este memorie\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: nu pot actualiza fiÅŸierul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: director personal nevalid '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: avertisment: nu pot ÅŸterge "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: avertisment: nu pot ÅŸterge "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: redenumire: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: avertisment: nu pot ÅŸterge "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: avertisment: nu pot ÅŸterge "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: nu pot actualiza fiÅŸierul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: nu pot actualiza fiÅŸierul shadow\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: redenumire: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: nu pot deschide fiÅŸierul %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Avertisment: grup necunoscut %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Avertisment: prea multe grupuri\n"
+
+msgid "Your password has expired."
+msgstr "Parola dvs a expirat."
+
+msgid "Your password is inactive."
+msgstr "Parola dvs este inactivă."
+
+msgid "Your login has expired."
+msgstr "Autentificarea dvs a expirat."
+
+msgid "  Contact the system administrator."
+msgstr "  Contactaţi administratorul de sistem."
+
+msgid "  Choose a new password."
+msgstr "  Alegeţi o parolă nouă."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Parola dvs va expira în %ld zile.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Parola dvs va expira mâine."
+
+msgid "Your password will expire today."
+msgstr "Parola dvs va expira azi."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Nu pot schimba tty %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: câmpuri prea lungi\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Inundaţie de mediu\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Nu puteţi schimba $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d eÅŸuare de la ultima autentificare.\n"
+"Ultima oară a fost %s în %s.\n"
+msgstr[1] ""
+"%d eşuări de la ultima autentificare.\n"
+"Ultima oară a fost %s în %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "eşuare în schimbarea proprietarului căsuţei poştale"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: nu pot prelua UID\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: nu pot prelua GID unic\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: nu pot prelua UID\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: nu pot prelua UID\n"
+
+msgid "Too many logins.\n"
+msgstr "Prea multe autentificări.\n"
+
+msgid "You have new mail."
+msgstr "Aveţi mesaje noi."
+
+msgid "No mail."
+msgstr "N-aveţi mesaje."
+
+msgid "You have mail."
+msgstr "Aveţi mesaje."
+
+msgid "no change"
+msgstr "nici o schimbare"
+
+msgid "a palindrome"
+msgstr "palindrome"
+
+msgid "case changes only"
+msgstr "doar schimbări de caz"
+
+msgid "too similar"
+msgstr "prea asemănător"
+
+msgid "too simple"
+msgstr "prea simplu"
+
+msgid "rotated"
+msgstr "rotit"
+
+msgid "too short"
+msgstr "prea scurt"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Parolă incorectă: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() a eÅŸuat, eroare %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Parolă schimbată."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: parolă actualizată cu succes\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Parolă incorectă pentru %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: număr telefon acasă nevalid: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Nu pot schimba directorul către'%s'\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Fără director personal, autentificare cu HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Nu pot executa %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Director rădăcină invalid '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Nu pot schimba directorul rădăcină la '%s'\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Nu vă pot determina numele tty."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "Nu\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Introduceţi noua valoare, sau apăsaţi ENTER pentru cea implicită"
+
+msgid "Minimum Password Age"
+msgstr "Vârsta minimă a parolei"
+
+msgid "Maximum Password Age"
+msgstr "Vârsta maximă a parolei"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Ultima schimbare de parolă (AAAA-LL-ZZ)"
+
+msgid "Password Expiration Warning"
+msgstr "Avertisment de expirare a parolei"
+
+msgid "Password Inactive"
+msgstr "Parolă inactivă"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Data expirării contului (AAAA-LL-ZZ)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Ultima schimbare de parolă\t\t\t\t\t: "
+
+msgid "never"
+msgstr "Niciodată"
+
+msgid "password must be changed"
+msgstr "parola trebuie schimbată"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Parola expiră\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Parolă inactivă\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Contul expiră\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Numărul minim de zile dintre schimbările de parolă\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Numărul maxim de zile dintre schimbările de parolă\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Numărul de zile de avertismente înaintea expirării parolei\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: dată nevalidă '%s'\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: argument numeric nevalid '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: nu include \"l\" cu alte semnalizatoare\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Permisiune refuzată.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Nu vă pot determina numele de utilizator.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: nu pot încuia fişierele, încercaţi mai târziu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: nu pot deschide fiÅŸierul %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s : eşuare la bifurcare: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: fiÅŸierul shadow nu este prezent\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: utilizatorul %s nu există\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Modific informaţia de temporalitate pentru %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: eroare la modificarea câmpurilor\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Nume complet"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Număr cameră"
+
+msgid "Work Phone"
+msgstr "Telefon birou"
+
+msgid "Home Phone"
+msgstr "Telefon acasă"
+
+msgid "Other"
+msgstr "Altele"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Nu pot schimba identificatorul la root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: nume nevalid: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: număr de cameră nevalid: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: număr telefon de birou nevalid: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: număr telefon acasă nevalid: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' conţine caractere ilegale\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' conţine caractere ilegale\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: utilizatorul %s nu există\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: nu pot schimba utilizatorul '%s' pe un client NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' este stăpânul NIS pentru acest client.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Modificare informaţii utilizator pentru %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: câmpuri prea lungi\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: semnalizatorul -a este permis DOAR împreună cu semnalizatorul -G\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: linia %d: linie prea lungă\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: linia %d: lipseşte noua parolă\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: grupul %s nu există\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: linia %d: nu pot actualiza intrarea\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: a fost detectată o eroare, schimbările sunt ignorate\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: utilizatorul %s nu există\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: utilizatorul %s nu există\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Autentificare consolă"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Nu puteţi schimba consola pentru %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Schimb consola de autentificare pentru %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Intrare nevalidă: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s este o consolă nevalidă.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: utilizatorul %s nu există\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: avertisment: %s nu este deţinut de către %s\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: argument neaÅŸteptat: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Autentificare       Eşuări Maximum Ultima dată                   La\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds rămase]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds rămase]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Utilizator necunoscut: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Parola pentru %s nu poate fi schimbată.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "Parola pentru %s nu poate fi schimbată.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: sunt cerute parole criptate de grup pentru -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: grupul %s nu există\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s : eşuare la bifurcare: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Schimbare parolă pentru grupul %s\n"
+
+msgid "New Password: "
+msgstr "Parola nouă: "
+
+msgid "Re-enter new password: "
+msgstr "Reintroduceţi noua parolă: "
+
+msgid "They don't match; try again"
+msgstr "Acestea nu se potrivesc, mai încercaţi odată"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Mai încercaţi mai târziu\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Adaug utilizatorul %s la grupul %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Åžterg utilizatorul %s din grupul %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: utilizatorul %s nu există\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: nu este un tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s nu este un nume de grup valid\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "nume de grup nevalid '%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K cere KEY=VALUE\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: grupul %s există\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Nu vă pot determina numele de utilizator.\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: nu pot schimba utilizatorul '%s' pe un client NIS.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: grupul %s nu există\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: grupul '%s' este un grup NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s este stăpân NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: utilizatorul %s este un utilizator NIS\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: nu mai este memorie pentru update_group\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "nume de grup nevalid '%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: grupul %s este un grup NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: utilizator necunoscut %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s ÅŸi -r sunt incompatibile\n"
+
+msgid "invalid group file entry"
+msgstr "intrare nevalidă în fişierul de grupuri"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "ÅŸterg linia '%s'? "
+
+msgid "duplicate group entry"
+msgstr "intrare de grup duplicată"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "nume de grup nevalid '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "nume de grup nevalid '%s'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grupul %s: nici un utilizator %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "ÅŸterg membrul '%s'? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "nici o potrivire între intrările din fişierul de grupuri în %s\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "adaug grupul '%s' în '%s'?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "intrare nevalidă în fişierul gshadow"
+
+msgid "duplicate shadow group entry"
+msgstr "intrare duplicată în gshadow"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "gshadow %s: nici un utilizator administrativ %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "ÅŸterg membrul administrativ '%s'? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "gshadow %s: nici un utilizator %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: fiÅŸierele au fost actualizate\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: nici o schimbare\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: nu pot actualiza fiÅŸierul %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Utilizare: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Utilizare: id\n"
+
+msgid " groups="
+msgstr " grupuri="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr "Nume utilizator       Port      De la          Cel mai recent"
+
+msgid "Username                Port     Latest"
+msgstr "Nume utilizator                Port      Cel mai recent"
+
+msgid "**Never logged in**"
+msgstr "**Niciodată autentificat**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: nu pot actualiza fiÅŸierul passwd\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Utilizare: %s [-p] [nume]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h gazdă] [-f nume]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r gazdă\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Timp de autentificare nevalid"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistem închis pentru întreţinere de rutină"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Deconectare ocolită -- autentificare permisă pentru root.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Nici o intrare utmp. Trebuie să executaţi \"login\" de la nivelul cel mai de "
+"jos \"sh\""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Timp expirat pentru autentificare după %d secunde.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "autentificare: eşuare PAM, abandonare : %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s autentificare: "
+
+msgid "login: "
+msgstr "autentificare: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Numărul maxim de încercări a depăşit (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "autentificare: renunţare cerută de PAM\n"
+
+msgid "Login incorrect"
+msgstr "Autentificare incorectă"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: linia %d: nu pot găsi utilizatorul %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s autentificare: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s : eşuare la bifurcare: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Avertisment: autentificare reactivată după blocarea temporară."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Ultima autentificare: %s în %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Ultima autentificare: %.19s în %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " de la %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"depăşirea timpului de autentificare\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Utilizare: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Utilizare: newgrp [-] [grup]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Utilizare: sg grup [[-c] comanda]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Parola veche: "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s : eşuare la bifurcare: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: utilizatorul %s nu există\n"
+
+msgid "too many groups\n"
+msgstr "prea multe grupuri\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: grupul %s nu există\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: nume utilizator nevalid '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: nume utilizator nevalid '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: linia %d: linie nevalidă\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: nu pot actualiza intrarea pentru utilizatorul %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: linia %d: nu pot crea GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: linia %d: nu pot crea GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: utilizatorul %s nu există\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: linia %d: nu pot actualiza parola\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: linia %d: eÅŸuare mkdir\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: linia %d: eÅŸuare chown\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: linia %d: nu pot actualiza intrarea\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: nu pot crea %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: nu pot actualiza fiÅŸierul de grupuri\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Parola veche: "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduceţi noua parolă (minimum %d, maximum %d caractere)\n"
+"Vă rog utilizaţi o combinaţie de litere mari şi mici şi numere.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Introduceţi noua parolă (minimum %d, maximum %d caractere)\n"
+"Vă rog utilizaţi o combinaţie de litere mari şi mici şi numere.\n"
+
+msgid "New password: "
+msgstr "Parola nouă: "
+
+msgid "Try again."
+msgstr "Mai încercaţi."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Avertisment: parolă slabă (mai introduceţi-o odată pentru a o folosi oricum)."
+
+msgid "They don't match; try again.\n"
+msgstr "Nu se potrivesc, mai încercaţi odată.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Parola pentru %s nu poate fi schimbată.\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Parola pentru %s nu poate fi schimbată.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: depozitul %s nu este suportat\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+"%s: Nu puteţi vizualiza sau modifica informaţiile despre parola lui %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Schimbare parolă pentru %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Parola pentru %s este neschimbată.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Parolă schimbată."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Avertisment de expirare a parolei"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "intrare nevalidă în fişierul passwd"
+
+msgid "duplicate password entry"
+msgstr "intrare duplicată în passwd"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "nume de utilizator nevalid '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "nume de utilizator nevalid '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "utilizatorul %s: fără grup %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "utilizatorul %s: directorul %s nu există\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "utilizatorul %s: programul %s nu există\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: nu pot încuia fişierul %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "nici o potrivire între intrările fişierului passwd în %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "adaug utilizatorul '%s' în '%s'?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "intrare nevalidă în fişierul shadow"
+
+msgid "duplicate shadow password entry"
+msgstr "intrare duplicată în shadow"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "utilizatorul %s: ultima schimbare de parolă s-a făcut în viitor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: nu pot deschide fiÅŸierul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: nu pot rescrie fiÅŸierul\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Acces INTERZIS către su spre acest cont.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Autentificare cu parolă ocolită.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Vă rog introduceţi PROPRIA parolă pentru autentificare.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: nu pot încuia fişierul %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Utilizare: su [opţiuni] [autentificare]\n"
+"\n"
+"Opţiuni:\n"
+"  -c, --command COMANDA         trimite COMANDA la consola invocată\n"
+"  -h, --help                    afişează acest mesaj de ajutor şi ieşi\n"
+"  -, -l, --login                face din consolă una de autentificare\n"
+"  -m, -p,\n"
+"  --preserve-environment        nu reface variabilele de mediu, ÅŸi\n"
+"                                păstrează aceeaşi consolă\n"
+"  -s, --shell SHELL             foloseşte SHELL în locul celei implicite\n"
+"                                din passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorat)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Nu sunteţi autorizat pentru su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Introduceţi propria parolă)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: autentificare PAM eşuată\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Nu sunteţi autorizat pentru su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Fără intrare în passwd pentru 'root'"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: trebuie pornit de la un terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: eroare %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Nu pot executa %s"
+
+msgid "No password file"
+msgstr "Fără fişier passwd"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Fără intrare în passwd pentru 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Apăsaţi ctrl-D pentru pornire normală,\n"
+"(sau introduceţi parola de root pentru întreţinerea sistemului):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Intrare în modul de întreţinere sistem"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: nu pot crea noile fiÅŸiere implicite\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: nu pot deschide noile fiÅŸiere implicite\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: linia %d: eÅŸuare chown\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: redenumire: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: grupul '%s' este un grup NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: prea multe grupuri specificate (maximum %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Utilizare: %s [input]\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: director de bază nevalid '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: comentariu nevalid '%s'\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: director personal nevalid '%s'\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: parole criptate cerute pentru -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s; parole criptate cerute pentru -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: fiÅŸier nevalid '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: consolă nevalidă '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Crearea fişierului căsuţă pentru mesaje"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Grupul 'mail' nu a fost găsit. Se crează fişierul căsuţă de mesaje pentru "
+"utilizator cu modul 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Se atribuie permisiunile fişierului căsuţă de mesaje"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: utilizatorul %s există\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: grupul %s există - dacă vreţi să adăugaţi un utilizator la acest grup, "
+"folosiţi -g.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: nu pot crea %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %u nu este unic\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: nu pot crea %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: nu pot crea %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: nu pot crea %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: avertisment: directorul personal există deja.\n"
+"Nu se copiază nici un fişier în el din directorul schelet.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: nu pot schimba utilizatorul '%s' pe un client NIS.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: Nu pot ÅŸterge grupul %s care este un grup primar pentru alt utilizator.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: director personal nevalid '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: avertisment: nu pot ÅŸterge "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s nu aparţine de %s, nu se şterge\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: utilizatorul %s este un utilizator NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: director personal nevalid '%s'\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: nu se ÅŸterge directorul %s (s-ar ÅŸterge directorul personal al "
+"utilizatorului %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: eroare la ÅŸtergerea directorului %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: utilizatorul %s există\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: dată nevalidă '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: dată nevalidă '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: nu pot deschide fiÅŸierul %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: sunt necesare parole criptate pentru -e ÅŸi -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: directorul %s există\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: nu pot crea directorul %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: avertisment: eşuare în a elimina complet vechiul director personal %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: nu pot redenumi directorul %s în %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: avertisment: %s nu este deţinut de către %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "eşuare în schimbarea proprietarului căsuţei poştale"
+
+msgid "failed to rename mailbox"
+msgstr "eşuare în redenumirea căsuţei poştale"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s este neschimbat\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "eşuare în redenumirea căsuţei poştale"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "N-am putut încuia fişierul"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s : eşuare în abandonarea privilegiilor (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "N-am putut încuia fişierul"
+
+msgid "Couldn't make backup"
+msgstr "N-am putut face o copie de rezervă"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s negăsit în /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+msgid "failed to open scratch file"
+msgstr "%s: nu pot deschide fiÅŸierul de grupuri\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: câmpuri prea lungi\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "eşuare în redenumirea căsuţei poştale"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "eşuare în schimbarea proprietarului căsuţei poştale"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "eşuare în redenumirea căsuţei poştale"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: nu pot reface %s: %s (schimbările dvs. sunt în %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: director de bază nevalid '%s'\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Utilizare: %s [input]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) a eÅŸuat\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Folosire: chage [opţiuni] utilizator\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ "  -d, --lastday ULTIMA_ZI        setează ultima schimbare de parolă\n"
+#~ "                                 la ULTIMA_ZI\n"
+#~ "  -E, --expiredate DATA_EXPIRARE setează data expirării contului la\n"
+#~ "                                 DATA_EXPIRARE\n"
+#~ "  -h, --help                     afişează acest mesaj de ajutor şi ieşi\n"
+#~ "  -I, --inactive INACTIVĂ        setează parolă inactivă după expirare\n"
+#~ "                                 la INACTIVÄ‚\n"
+#~ "  -l, --list                     arată informaţiile de temporalitate ale\n"
+#~ "                                 contului\n"
+#~ "  -m, --mindays MIN_ZILE         setează numărul minim de zile înainde "
+#~ "de\n"
+#~ "                                 schimbarea parolei to MIN_ZILE\n"
+#~ "  -M, --maxdays MAX_ZILE         setează numărul maxim de zile înainte "
+#~ "de\n"
+#~ "                                 schimbarea parolei la MAX_ZILE\n"
+#~ "  -W, --warndays AVERTIZ_ZILE    setează zilele de avertisment pentru\n"
+#~ "                                 expirare la AVERTIZ_ZILE\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: autentificare PAM eşuată\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Utilizare: %s [-f nume_complet] [-r nr_cameră] [-w cale_lucru]\n"
+#~ "\t[-h cale_acasă] [-o altele] [utilizator]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Utilizare: %s [-f nume_complet] [-r nr_cameră] [-w cale_lucru] [-h "
+#~ "cale_acasă]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Folosire: chpasswd [opţiuni]\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ "  -e, --encrypted               parolele oferite sunt criptate\n"
+#~ "  -h, --help                    afişează acest mesaj de ajutor şi ieşi\n"
+#~ "  -m, --md5                     foloseşte criptarea MD5 în loc de DES "
+#~ "atunci\n"
+#~ "                                când parolele oferite nu sunt criptate\n"
+#~ "%s\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Folosire: userdel [opţiuni] NUME\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ "  -f, --force                   forţează ştergerea fişierelor, chiar\n"
+#~ "                                dacă nu sunt proprietatea utilizatorului\n"
+#~ "  -h, --help                    afişează acest mesaj de ajutor şi ieşi\n"
+#~ "  -r, --remove                  ÅŸterge directorul personal ÅŸi cel pentru "
+#~ "mesaje\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Utilizare: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Utilizare: groupdel grup\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Utilizare: %s [-r] [-s] [grup [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Utilizare: %s [-r] [-s] [grup]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s ÅŸi -r sunt incompatibile\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Utilizare: groupdel grup\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Utilizare: groupdel grup\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilizaree: lastlog [opţiuni]\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ "  -b, --before ZILE             afişează doar înregistrările ultimului\n"
+#~ "                                jurnal mai vechi de ZILE\n"
+#~ "  -h, --help                    afişează acest mesaj de ajutor şi ieşi\n"
+#~ "  -t, --time ZILE               afişează doar înregistrările ultimului\n"
+#~ "                                jurnal mai recente de ZILE\n"
+#~ "  -u, --user LOGIN              afişează înregistrarea ultimului jurnal "
+#~ "pentru\n"
+#~ "                                utilizatorul cu autentificarea "
+#~ "specificată\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilizare: passwd [opţiuni] [nume_cont]\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ "  -a, --all                     afişează starea parolelor din toate "
+#~ "conturile\n"
+#~ "  -d, --delete                  ÅŸterge parola respectivului cont\n"
+#~ "  -e, --expire                  forţează expirarea parolei pentru\n"
+#~ "                                respectivul cont\n"
+#~ "  -h, --help                    afisează acest mesaj de ajutor şi ieşi\n"
+#~ "  -k, --keep-tokens             schimbă parola doar dacă este expirată\n"
+#~ "  -i, --inactive INACTIV        fixează durata de inactivitate a parolei "
+#~ "la\n"
+#~ "                                INACTIV după expirarea sa\n"
+#~ "  -l, --lock                    blochează respectivul cont\n"
+#~ "  -n, --mindays ZILE_MIN        fixează numărul minim de zile la "
+#~ "ZILE_MIN\n"
+#~ "                                înainte de schimbarea parolei\n"
+#~ "  -q, --quiet                   modul silenţios\n"
+#~ "  -r, --repository DEPOZIT      schimbă parola în depozitul DEPOZIT\n"
+#~ "  -S, --status                  raportează starea parolei respectivului "
+#~ "cont\n"
+#~ "  -u, --unlock                  deblochează respectivul cont\n"
+#~ "  -w, --warndays ZILE_AVERT     fixează numărul de zile de avertisment "
+#~ "de\n"
+#~ "                                expirare la ZILE_AVERT\n"
+#~ "  -x, --maxdays ZILE__MAX       fixează numărul maxim de zile înainde de\n"
+#~ "                                schimbarea parolei la ZILE_MAX\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Folosire: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Folosire: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Utilizare: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Utilizare: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Identificator necunoscut: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Fără consolă\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Folosire: userdel [opţiuni] NUME\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ "  -f, --force                   forţează ştergerea fişierelor, chiar "
+#~ "dacă\n"
+#~ "                                nu sunt proprietatea utilizatorului\n"
+#~ "  -h, --help                    afişează acest mesaj de ajutor şi ieşi\n"
+#~ "  -r, --remove                  ÅŸterge directorul personal ÅŸi cel pentru "
+#~ "mesaje\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: utilizatorul %s este autentificat în acest moment\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Folosire: usermod [opţiuni] NUME\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ "  -a, --append GRUP               tadaugă utilizatorul în GRUPUL "
+#~ "suplimentar\n"
+#~ "  -c, --comment COMENTARIU        valoarea nouă a câmpului GECOS\n"
+#~ "  -d, --home DIR_ACASA            noul director personal pentru noul "
+#~ "cont\n"
+#~ "  -e, --expiredate DATA_EXPIRĂRII setează data expirării contului la\n"
+#~ "                                  DATA_EXPIRÄ‚RII\n"
+#~ "  -f, --inactive INACTIVĂ         setează parola inactivă după expirare\n"
+#~ "                                  la INACTIVÄ‚\n"
+#~ "  -g, --gid GRUP                  forţează folosirea GRUPULUI ca nou\n"
+#~ "                                  iniţial grup\n"
+#~ "  -G, --groups GRUPURI            afişează grupurile suplimentare "
+#~ "GRUPURI\n"
+#~ "  -h, --help                      afişează acest mesaj de ajutor şi ieşi\n"
+#~ "  -l, --login NUME_NOU            noua valoare a numelui de "
+#~ "autentificare\n"
+#~ "  -L, --lock                      blochează contul\n"
+#~ "  -m, --move-home                 mută conţinutul directorului personal "
+#~ "în\n"
+#~ "                                  noua locaţie (foloseşte doar cu -d)\n"
+#~ "  -o, --non-unique                permite folosirea UID-urilor duplicate\n"
+#~ "                                  (non-unice)\n"
+#~ "  -p, --password PAROLA           foloseşte criptarea pentru noua parolă\n"
+#~ "  -s, --shell SHELL               noul mediu de autentificare pentru\n"
+#~ "                                  contul utilizator\n"
+#~ "  -u, --uid UID                   noul UID pentru contul utilizator\n"
+#~ "  -U, --unlock                    deblochează contul utilizator\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: nu s-au atribuit semnalizatoare\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilizare: vipw [opţiuni]\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ "  -g, --group                   editează baza de date de grupuri\n"
+#~ "  -h, --help                    afişează acest mesaj de ajutor şi ieşi\n"
+#~ "  -p, --passwd                  editează baza de date de conturi\n"
+#~ "  -q, --quiet                   modul tăcut\n"
+#~ "  -s, --shadow                  editează baza de date shadow sau gshadow\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Utilizare: %s [input]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: nu pot crea %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: nu pot schimba proprietarul %s\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     display faillog records for all users\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --lock-time SEC           after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| "  -m, --maximum MAX             set maximum failed login counters to "
+#~| "MAX\n"
+#~| "  -r, --reset                   reset the counters of login failures\n"
+#~| "  -t, --time DAYS               display faillog records more recent than "
+#~| "DAYS\n"
+#~| "  -u, --user LOGIN              display faillog record or maintains "
+#~| "failure\n"
+#~| "                                counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| "                                options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilizare: faillog [opţiuni]\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ "  -a, --all                     afişează jurnalul înregistrărilor de "
+#~ "eşuări\n"
+#~ "                                pentru toţi utilizatorii\n"
+#~ "  -h, --help                    afişează acest mesaj de ajutor şi ieşi\n"
+#~ "  -l, --lock-time SEC           blochează contul la SEC secunde după o\n"
+#~ "                                autentificare eşuată\n"
+#~ "  -m, --maximum MAX             setează numărul maxim de autentificări\n"
+#~ "                                eÅŸuate la MAX\n"
+#~ "  -r, --reset                   resetează contorul de autentificări "
+#~ "eÅŸuate\n"
+#~ "  -t, --time DAYS               afişează jurnalul înregistrărilor de "
+#~ "eşuări\n"
+#~ "                                mai recente de DAYS zile\n"
+#~ "  -u, --user LOGIN              afişează jurnalul înregistrărilor de "
+#~ "eşuări\n"
+#~ "                                sau menţine contoarele de eşuări şi "
+#~ "limite\n"
+#~ "                                (dacă este folosit cu opţiunile -r, -m "
+#~ "sau\n"
+#~ "                                -l) doar pentru utilizatorul LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilizare: groupadd [opţiuni] grup\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ "  -f, --force                   forţează terminarea cu starea de succes\n"
+#~ "                                dacă grupul specificat există deja\n"
+#~ "  -g, --gid GID                 foloseÅŸte GID pentru noul grup\n"
+#~ "  -h, --help                    afişează acest mesaj de ajutor şi ieşi\n"
+#~ "  -K, --key KEY=VALUE           înlocuieşte cu setările implicite\n"
+#~ "                                /etc/login.defs\n"
+#~ "  -o, --non-unique              permite crearea grupului cu GID duplicat\n"
+#~ "                                (ne-unic)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Utilizare: groupadd [opţiuni] grup\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ "  -f, --force           forţează terminarea cu starea de succes\n"
+#~ "                        dacă grupul specificat există deja\n"
+#~ "  -g, --gid GID         foloseÅŸte GID pentru noul grup\n"
+#~ "  -h, --help            afişează acest mesaj de ajutor şi ieşi\n"
+#~ "  -K, --key KEY=VALUE   înlocuieşte cu setările implicite /etc/login."
+#~ "defs\n"
+#~ "  -o, --non-unique      permite crearea grupului cu GID duplicat\n"
+#~ "                        (ne-unic)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Folosire: useradd [opţiuni] LOGIN\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ "  -b, --base-dir DIR_BAZA         baza directorului pentru noul director\n"
+#~ "                                  personal al contului\n"
+#~ "  -c, --comment COMENTARIU        setează câmpul GECOS pentru noul cont\n"
+#~ "  -d, --home-dir DIR_ACASA        directorul personal pentru noul cont\n"
+#~ "  -D, --defaults                  afişează sau salvează configuraţia "
+#~ "useradd\n"
+#~ "                                  implicită modificată\n"
+#~ "  -e, --expiredate DATA_EXPIRĂRII setează data expirării contului la\n"
+#~ "                                  DATA_EXPIRÄ‚RII\n"
+#~ "  -f, --inactive INACTIVĂ         setează parola inactivă după expirare\n"
+#~ "                                  la INACTIVÄ‚\n"
+#~ "  -g, --gid GRUP                  forţează folosirea GRUPULUI pentru noul "
+#~ "cont\n"
+#~ "  -G, --groups GRUPURI            afişează grupurile suplimentare pentru\n"
+#~ "                                  noul cont utilizator\n"
+#~ "  -h, --help                      afişează acest mesaj de ajutor şi ieşi\n"
+#~ "  -k, --skel DIR_SKELET           specifică un schelet director "
+#~ "alternativ\n"
+#~ "  -K, --key KEY=VALOARE           suprascrie valorile implicite ale\n"
+#~ "                                  /etc/login.defs\n"
+#~ "  -m, --create-home               crează directorul personal pentru noul\n"
+#~ "                                  cont utilizator\n"
+#~ "  -o, --non-unique                permite creare unui utilizator cu un "
+#~ "UID\n"
+#~ "                                  duplicat (non-unic)\n"
+#~ "  -p, --password PAROLA           foloseşte parola criptată pentru noul "
+#~ "cont\n"
+#~ "                                  utilizator\n"
+#~ "  -s, --shell SHELL               mediul de autentificare pentru noul\n"
+#~ "                                  cont utilizator\n"
+#~ "  -u, --uid UID                   forţează utilizarea UID pentru noul\n"
+#~ "                                  cont utilizator\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Parola setata pentru expirare."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: nu pot închide fişierul passwd\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul passwd\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s nu pot încuia fişierul shadow\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul shadow\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: nu pot rescrie fiÅŸierul shadow\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: nu pot rescrie fiÅŸierul passwd\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: nu pot actualiza fiÅŸierul shadow\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tNume complet: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tNumăr cameră: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTelefon birou: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTelefon acasă: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Nu pot încuia fişierul passwd; încercaţi mai târziu.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Nu pot deschide fiÅŸierul passwd.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Eroare la actualizarea intrării în passwd.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Nu pot face modificările în fişierul passwd.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Nu pot debloca fiÅŸierul passwd.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: nu pot încuia fişierul de grupuri\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul de grupuri\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: nu pot închide fişierul gshadow\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: eroare la actualizarea fiÅŸierului shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: eroare la actualizarea intrărilor de grupuri\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: linia %d: grup necunoscut %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: linia %d: nu pot actualiza intrarea\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: nu pot închide fişierul shadow\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: eroare la actualizarea fiÅŸierului shadow\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: eroare la actualizarea fiÅŸierului passwd\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: linia %d: utilizator necunoscut %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: linia %d: nu pot actualiza intrarea în passwd\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: utilizator necunoscut\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Utilizator necunoscut: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Utilizare: %s [-r|-R] grup\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "       %s [-a utilizator] grup\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "       %s [-d utilizator] grup\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "       %s [-A utilizator,...] [-M utilizator,...] grup\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "       %s [-M utilizator,...] grup\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: nu pot obţine închiderea\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: nu pot obţine închiderea shadow\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: nu pot rescrie fiÅŸierul shadow\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: nu pot descuia fiÅŸierul\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: nu pot actualiza intrarea\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: nu pot actualiza intrarea shadow\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "grup necunoscut: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul shadow\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Cine sunteţi?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: membru necunoscut %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: eroare la adăugarea unei noi intrări de grup\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: nu pot rescrie fiÅŸierul de grupuri\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: nu pot rescrie fiÅŸierul gshadow\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: nu pot încuia fişierul de grupuri\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul de grupuri\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: nu pot încuia fişierul gshadow\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul gshadow\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u nu este unic\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: eroare la ştergerea intrării de grup\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: eroare la ştergerea intrării din gshadow\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: nu pot ÅŸterge grupul primar al utilizatorului.\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s: autentificare PAM eşuată\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s: nu pot încuia fişierul de grupuri\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul de grupuri\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s nu s-a găsit în /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u nu este un GID unic\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s nu este un nume unic\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: nu pot rescrie fiÅŸierul passwd\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: nu pot încuia fişierul passwd\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul passwd\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: nu pot actualiza intrarea parolei criptate pentru %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: nu pot actualiza intrarea pentru grupul %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: nu pot încuia fişierul gshadow\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul gshadow\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: nu pot ÅŸterge gshadow %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: nu pot actualiza fiÅŸierul gshadow\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: nu pot ÅŸterge fiÅŸierul gshadow\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "UID necunoscut: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "GID necunoscut: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: grupul %s nu există\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: utilizatorul %s nu există\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: nume utilizator nevalid '%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: nu pot încuia /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: nu pot încuia /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: nu pot încuia /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: nu pot încuia /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierele\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: eroare la actualizarea fiÅŸierelor\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: nu pot actualiza intrarea passwd pentru %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: nu pot încuia fişierul passwd\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul passwd\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: nu pot ÅŸterge intrarea shadow pentru %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: nu pot actualiza fiÅŸierul passwd\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: nu pot actualiza intrarea pentru utilizatorul %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: nu pot ÅŸterge fiÅŸierul shadow\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: GID necunoscut %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: grup necunoscut %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: nu mai este memorie pentru update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: nu pot rescrie fiÅŸierul passwd\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: nu pot rescrie fiÅŸierul shadow\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: nu pot încuia fişierul shadow\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul shadow\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: eroare la închiderea fişierului de grupuri\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: eroare la deschiderea fiÅŸierului de grupuri\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: eroare la închiderea fişierului gshadow\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: eroare la deschiderea fiÅŸierului gshadow\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: eroare la adăugarea unei noi intrări în passwd\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: eroare la adăugarea unei noi intrări în shadow\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: avertisment: CREATE_HOME nu este suportat, vă rog folosiţi -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: eroare la actualizarea intrărilor de grupuri\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: eroare la actualizarea intrărilor de grupuri\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul de grupuri\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: nu pot deschide fiÅŸierul gshadow\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: eroare la ştergerea intrării din passwd\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: eroare la ştergerea intrării din shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: eroare la adăugarea unei noi intrări de grup\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu nu este unic\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: eroare la schimbarea intrării în passwd\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: eroare la ştergerea intrării passwd\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: eroare la ştergerea intrării din shadow\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: nu pot prelua GID unic\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " pe '%.100s' din '%.200s'"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " pe '%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: linia %d: nu pot crea UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: numele %s nu este unic\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Folosire: chgpasswd [opţiuni]\n"
+#~ "\n"
+#~ "Opţiuni:\n"
+#~ "  -e, --encrypted\tparolele oferite sunt criptate\n"
+#~ "  -h, --help\t\tafişează acest mesaj de ajutor şi ieşi\n"
+#~ "  -m, --md5\t\tfoloseşte criptarea MD5 în loc de DES atunci când "
+#~ "parolele\n"
+#~ "\t\t\toferite nu sunt criptate\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Fără fişier passwd\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Scuze.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Scuze, parola pentru %s încă nu poate fi schimbată.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Scuze."
diff --git a/po/ru.po b/po/ru.po
new file mode 100644
index 0000000..9391e38
--- /dev/null
+++ b/po/ru.po
@@ -0,0 +1,3310 @@
+# translation of ru.po to Russian
+# Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc.
+#
+# Nikolai Prokoschenko <nikolai@prokoschenko.de>, 2004.
+# Eugene Konev <ejka@imfi.kspu.ru>, 2004.
+# alyoshin.s@gmail.com <alyoshin.s@gmail.com>, 2008.
+# Yuri Kozlov <kozlov.y@gmail.com>, 2004, 2005, 2006, 2007, 2008.
+# Yuri Kozlov <yuray@komyakino.ru>, 2009, 2011, 2012, 2017.
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.1.5.1-1\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2017-03-05 11:14+0300\n"
+"Last-Translator: Yuri Kozlov <yuray@komyakino.ru>\n"
+"Language-Team: Russian <debian-l10n-russian@lists.debian.org>\n"
+"Language: ru\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: Lokalize 2.0\n"
+"Plural-Forms:  nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
+"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Суще�твует �разу не�колько запи�ей � именем «%s» в %s. И�правьте �то � "
+"помощью pwck или grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "алгоритм шифровани� не поддерживает�� libcrypt? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "ошибка на�тройки: не удало�ь разобрать значение %s: «%s»"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "�е удало�ь выделить пам�ть дл� загрузки на�троек.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "ошибка на�тройки: неизве�тный �лемент «%s» (�ообщите админи�тратору)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd завершил�� � ошибкой (по �игналу %d)\n"
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd завершил�� � кодом выхода %d\n"
+
+msgid "Password: "
+msgstr "Пароль: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Пароль пользовател� %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "�евозможно �оздать управл�ющий опи�атель SELinux\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "Политика SELinux не управл�ема\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "�евозможно прочитать хранилище политики SELinux\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "�евозможно у�тановить управл�ющее подключение SELinux\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "�евозможно начать транзакцию SELinux\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "�е удало�ь запро�ить seuser дл� %s\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "�е удало�ь назначить serange дл� %s\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "�е удало�ь назначить sename дл� %s\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "�е удало�ь изменить �опо�тавление входа дл� %s\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "�евозможно �оздать �опо�тавление входа SELinux дл� %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "�евозможно задать им� дл� %s\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "�евозможно задать пользовател� SELinux дл� %s\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "�евозможно добавить �опо�тавление входа дл� %s\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "�евозможно инициализировать управление SELinux\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "�евозможно �оздать ключ пользовател� SELinux\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "�евозможно проверить пользовател� SELinux\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "�евозможно изменить пользователь�кое �опо�тавление SELinux\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "�евозможно добавить пользователь�кое �опо�тавление SELinux\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "�евозможно зафик�ировать транзакцию SELinux\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"Сопо�тавление входа дл� %s не определено; нормально, е�ли и�пользовало�ь "
+"�опо�тавление по умолчанию\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+"Сопо�тавление входа дл� %s определено в политике и не может быть удалено\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "�евозможно удалить �опо�тавление входа дл� %s"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: нехватка пам�ти\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: не удало�ь выполнить функцию stat дл� %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s не �вл�ет�� каталогом или �имвольной ��ылкой\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: не удало�ь прочитать �имвольную ��ылку %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: веро�тно, �лишком длинна� �имвольна� ��ылка: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: не удало�ь �оздать каталог %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: не удало�ь изменить владельца %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: не удало�ь изменить права до�тупа %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: unlink: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: не удало�ь удалить каталог %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: не удало�ь переименовать каталог %s в %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: не удало�ь удалить %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: не удало�ь �оздать �имвольную ��ылку %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: не удало�ь изменить владельцев %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: не удало�ь выполнить функцию lstat дл� %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr ""
+"%s: предупреждение: у пользовател� %s от�ут�твует файл shadow в �труктуре "
+"tcb.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: чрезвычайна� �итуаци�: файл shadow у %s в �труктуре tcb не �вл�ет��\n"
+"обычным файлом � st_nlink=1. Учётна� запи�ь о�таёт�� заблокированной.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: не удало�ь открыть %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Предупреждение: неизве�тна� группа %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Предупреждение: �лишком много групп\n"
+
+msgid "Your password has expired."
+msgstr "Срок дей�тви� вашего парол� и�тёк."
+
+msgid "Your password is inactive."
+msgstr "Дей�твие вашего парол� прио�тановлено."
+
+msgid "Your login has expired."
+msgstr "Срок дей�тви� вашей учётной запи�и и�тёк."
+
+msgid "  Contact the system administrator."
+msgstr "  Обратите�ь к �и�темному админи�тратору."
+
+msgid "  Choose a new password."
+msgstr "  Выберите и введите новый пароль."
+
+msgid "You must change your password."
+msgstr "Вы должны изменить �вой пароль."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Срок дей�тви� вашего парол� и�текает через %ld дней.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Срок дей�тви� вашего парол� и�текает завтра."
+
+msgid "Your password will expire today."
+msgstr "Срок дей�тви� вашего парол� и�текает �егодн�."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+"�е удало�ь открыть интерфей� протоколировани� (audit) — прекращение работы.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "�е удало�ь изменить владельца или права на tty stdin: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: не удало�ь разблокировать %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Слишком большое количе�тво переменных окружени�\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Вы не можете изменить $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d неудачна� попытка входа в �и�тему.\n"
+"По�ледн�� была %s на %s.\n"
+msgstr[1] ""
+"%d неудачных попытки входа в �и�тему.\n"
+"По�ледн�� была %s на %s.\n"
+msgstr[2] ""
+"%d неудачных попыток входа в �и�тему.\n"
+"По�ледн�� была %s на %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: неверна� на�тройка: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: неверна� на�тройка: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: не удало�ь выделить пам�ть: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: не удало�ь получить уникальный �и�темный GID (кончили�ь �вободные GID-"
+"Ñ‹)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: не удало�ь получить уникальный GID (кончили�ь �вободные GID-ы)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: неверна� на�тройка: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: неверна� на�тройка: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: не удало�ь получить уникальный �и�темный UID (кончили�ь �вободные UID-"
+"Ñ‹)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: не удало�ь получить уникальный UID (кончили�ь �вободные UID-ы)\n"
+
+msgid "Too many logins.\n"
+msgstr "Слишком много попыток входа в �и�тему.\n"
+
+msgid "You have new mail."
+msgstr "Дл� ва� е�ть новые почтовые �ообщени�."
+
+msgid "No mail."
+msgstr "Дл� ва� нет почтовых �ообщений."
+
+msgid "You have mail."
+msgstr "Дл� ва� е�ть почтовые �ообщени�."
+
+msgid "no change"
+msgstr "изменений не вне�ено"
+
+msgid "a palindrome"
+msgstr "палиндром"
+
+msgid "case changes only"
+msgstr "изменение только в реги�тре �имволов"
+
+msgid "too similar"
+msgstr "�лишком похожий"
+
+msgid "too simple"
+msgstr "�лишком про�той"
+
+msgid "rotated"
+msgstr "пере�тановка �имволов"
+
+msgid "too short"
+msgstr "�лишком короткий"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "�еверный пароль: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: не удало�ь выполнить pam_start(), ошибка %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#
+msgid "passwd: password unchanged\n"
+msgstr "passwd: пароль не изменён\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: пароль у�пешно обновлён\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "�еверный пароль дл� %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: не�колько параметров --root\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: дл� параметра «%s» требует�� аргумент\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: не удало�ь �низить уровень привилегий (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: некорректное значение пути chroot «%s»\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: нет до�тупа к каталогу chroot %s: %s\n"
+
+#, c-format
+#| msgid "%s: cannot access chroot directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: не удало�ь выполнить chdir в chroot-каталог %s: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: не удало�ь выполнить chroot в каталог %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"�еправильное значение дл� ENCRYPT_METHOD: «%s».\n"
+"И�пользует�� значение по умолчанию DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "�евозможно перейти в каталог «%s»\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr ""
+"Каталог от�ут�твует или недо�тупен, вход в �и�тему выполн�ет�� � HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "�е удало�ь выполнить %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "�еверный корневой каталог «%s»\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "�е удало�ь изменить корневой каталог на «%s»\n"
+
+msgid "Unable to determine your tty name."
+msgstr "�е удало�ь определить название вашего tty."
+
+msgid "No"
+msgstr "�ет"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"И�пользование: %s [параметры] ПОЛЬЗОВ�ТЕЛЬ\n"
+"\n"
+"Параметры:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+"  -d, --lastday ПОСЛ_ДЕ�Ь       у�тановить по�ледний день �мены парол�\n"
+"                                в ПОСЛ_ДЕ�Ь\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -E, --expiredate Д�Т�_УСТ     у�тановить дату окончани� дей�тви�\n"
+"                                учётной запи�и в Д�Т�_УСТ\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+"  -h, --help                    показать данное �ообщение и закончить "
+"работу\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive �Е�КТИВ�ОСТЬ   у�тановить неактивно�ть парол� по�ле\n"
+"                                у�таревани� в значение �Е�КТИВ�ОСТЬ\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr "  -l, --list                    показать «возра�т» учётной запи�и\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays МИ�_Д�ЕЙ        у�тановить минимальное чи�ло дней перед\n"
+"                                �меной парол� в МИ�_Д�ЕЙ\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays М�КС_Д�ЕЙ       у�тановить мак�имальное чи�ло дней перед\n"
+"                                �меной парол� в М�КС_Д�ЕЙ\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+"  -R, --root К�Т_CHROOT         каталог, в который выполн�ет�� chroot\n"
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -W, --warndays ПРЕДУП_Д�ЕЙ    у�тановить количе�тво дней � выдачей\n"
+"                                предупреждени� в ПРЕДУП_Д�ЕЙ\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+"Введите новое значение или нажмите ENTER дл� выбора значени� по умолчанию"
+
+msgid "Minimum Password Age"
+msgstr "Минимальный �рок дей�тви� парол�"
+
+msgid "Maximum Password Age"
+msgstr "Мак�имальный �рок дей�тви� парол�"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "По�ледний раз пароль был изменён (ГГГГ-ММ-ДД)"
+
+msgid "Password Expiration Warning"
+msgstr "Предупреждать об и�течении �рока дей�тви� парол� за"
+
+msgid "Password Inactive"
+msgstr "Деактивировать учётную запи�ь через"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Дата и�течени� �рока дей�тви� учётной запи�и (ГГГГ-ММ-ДД)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "По�ледний раз пароль был изменён\t\t\t\t: "
+
+msgid "never"
+msgstr "никогда"
+
+msgid "password must be changed"
+msgstr "пароль должен быть изменён"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Срок дей�тви� парол� и�текает\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Пароль будет деактивирован через\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Срок дей�тви� учётной запи�и и�текает\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Минимальное количе�тво дней между �меной парол�\t\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Мак�имальное количе�тво дней между �меной парол�\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Количе�тво дней � предупреждением перед деактивацией парол�\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: неверна� дата «%s»\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: неверное чи�ловое значение параметра «%s»\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: не и�пользуйте «l» �овме�тно � другими параметрами\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: до�туп запрещён.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: не удало�ь определить им� пользовател�.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: не удало�ь заблокировать %s; попробуйте ещё раз позже.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: не удало�ь открыть %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: ошибка при запи�и изменений в %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: не удало�ь подготовить новую %s запи�ь «%s»\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: от�ут�твует файл паролей shadow\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: пользователь «%s» не �уще�твует в %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Изменение информации о �роках дей�тви� дл� %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: ошибка при изменении полей\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"И�пользование: %s [параметры] [ПОЛЬЗОВ�ТЕЛЬ]\n"
+"\n"
+"Параметры:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr "  -f, --full-name ПОЛ�_ИМЯ      �мена полного имени пользовател�\n"
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr "  -h, --home-phone ДОМ_ТЕЛЕФО�  �мена домашнего тел. пользовател�\n"
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+"  -o, --other ДРУГ�Я_И�Ф        �мена другой инф. GECOS о пользователе\n"
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr "  -r, --room �ОМЕР_КОМ��ТЫ      �мена номера комнаты пользовател�\n"
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+"  -u, --help                    показать данное �ообщение и закончить "
+"работу\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+"  -w, --work-phone Р�БОЧИЙ_ТЕЛ  �мена офи�ного номера тел. пользовател�\n"
+
+msgid "Full Name"
+msgstr "Полное им�"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "�омер комнаты"
+
+msgid "Work Phone"
+msgstr "Рабочий телефон"
+
+msgid "Home Phone"
+msgstr "Домашний телефон"
+
+msgid "Other"
+msgstr "Другое"
+
+msgid "Cannot change ID to root.\n"
+msgstr "�е удало�ь получить права �уперпользовател�.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: им� «%s» �одержит не ASCII-�имволы\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: неверное им� «%s»\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: номер комнаты «%s» �одержит не ASCII-�имволы\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: некорректное значение номера комнаты «%s»\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: некорректное значение номера телефона «%s»\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: некорректное значение номера домашнего телефона «%s»\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: в «%s» �одержат�� не ASCII-�имволы\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: в «%s» �одержат�� недопу�тимые �имволы\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: пользователь «%s» не �уще�твует\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: невозможно изменить пользовател� «%s» в клиенте NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: «%s» �вл�ет�� ма�тером NIS дл� �того клиента.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Изменение информации о пользователе %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: пол� �лишком длинные\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"И�пользование: %s [параметры]\n"
+"\n"
+"Параметры:\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method МЕТОД      алгоритм шифровани� (один из: %s)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr "  -e, --encrypted               пароли передают�� зашифрованными\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     шифровать видимые пароли � помощью \n"
+"                                алгоритма MD5\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"  -s, --sha-rounds      количе�тво раундов SHA дл� алгоритмов\n"
+"                        шифровани� SHA*\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: параметр %s разрешено и�пользовать только вме�те � параметром %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: параметры -c, -e и -m �вл�ют�� взаимои�ключающими\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: алгоритм шифровани� %s не поддерживает��\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: �трока %d: �лишком длинна� �трока\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: �трока %d: от�ут�твует новый пароль\n"
+
+#, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: не удало�ь зашифровать пароль � �олью «%s»: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: �трока %d: группа «%s» не �уще�твует\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: �трока %d: не удало�ь подготовить новую %s запи�ь «%s»\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: обнаружена ошибка, изменени� не были �охранены\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (�трока %d, пользователь %s) пароль не изменён\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: �трока %d: пользователь «%s» не �уще�твует\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+"  -s, --shell ОБОЛОЧК�          нова� реги�трационна� оболочка дл� учётной\n"
+"                                запи�и\n"
+
+msgid "Login Shell"
+msgstr "Командна� оболочка"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Вы не можете измен�ть командную оболочку у «%s».\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Изменение командной оболочки дл� %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: неверное значение %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s не �вл�ет�� допу�тимой оболочкой\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: предупреждение: %s не �уще�твует\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: предупреждение: %s не �вл�ет�� и�полн�емым\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+"  -c, --check                   проверить �рок дей�тви� парол� пользовател�\n"
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+"  -f, --force                   принудительно �менить пароль, е�ли �рок\n"
+"                                дей�тви� парол� и�тёк\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: конфликт параметров %s и %s\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: неожиданный параметр: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+"  -a, --all                     показать запи�и faillog дл� в�ех "
+"пользователей\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-secs СЕК           заблокировать учётную запи�ь по�ле "
+"неудачных\n"
+"                                попытки входа на СЕК �екунд\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum М�КС             у�тановить мак�имальное количе�тво "
+"неудачных\n"
+"                                попыток входа равным М�КС\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+"  -r, --reset                   �бро�ить �чётчик неудачных попыток входа\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time Д�ЕЙ               показать запи�и faillog за по�леднее\n"
+"                                количе�тво Д�ЕЙ\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user ПОЛЬЗ/ДИ�П�ЗО�     показать запи�и faillog или отказы по "
+"�чётчикам\n"
+"                                поддержки и ограничений (е�ли и�пользует��\n"
+"                                � -r, -m или -l) только дл� указанного\n"
+"                                ПОЛЬЗОВ�ТЕЛЯ(ЕЙ)\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: не удало�ь получить запи�ь дл� UID %lu\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Уч.запи�ь      �еуд. попыток  Мак�имум  По�ледний раз\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [о�тало�ь %lu]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%ld блокировок]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: не удало�ь �бро�ить �чётчик неудачных попыток дл� UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: не удало�ь у�тановить мак�имальное чи�ло попыток дл� UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: не удало�ь у�тановить врем� блокировки дл� UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: неизве�тный пользователь или диапазон: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: не удало�ь получить размер %s: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: не удало�ь запи�ать %s: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"И�пользование: %s [параметр] ГРУПП�\n"
+"\n"
+"Параметры:\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add ПОЛЬЗ               добавить ПОЛЬЗОВ�ТЕЛЯ в ГРУППУ\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete ПОЛЬЗ            удалить ПОЛЬЗОВ�ТЕЛЯ из ГРУППЫ\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -Q, --root К�Т_CHROOT         каталог, который выполн�ет�� chroot\n"
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr "  -r, --remove-password         удалить пароль ГРУППЫ\n"
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+"  -R, --restrict                ограничить до�туп в ГРУППУ её членами\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr "  -M, --members ПОЛЬЗ,…         задать �пи�ок членов ГРУППЫ\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators �ДМИ�,…\n"
+"                                задать �пи�ок админи�траторов ГРУППЫ\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+"За и�ключением параметров -A и -M, о�тальные не могут указывать��\n"
+"одновременно.\n"
+
+#
+msgid "The options cannot be combined.\n"
+msgstr "Параметры не могут быть указаны одновременно.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: дл� -A требует�� поддержка теневого файла паролей групп\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: группа «%s» не �уще�твует в %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: ошибка при закрытии только дл� чтени� %s\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Изменение парол� дл� группы %s\n"
+
+msgid "New Password: "
+msgstr "�овый пароль: "
+
+msgid "Re-enter new password: "
+msgstr "Повторите новый пароль: "
+
+msgid "They don't match; try again"
+msgstr "Пароли не �овпадают, попробуйте ещё раз"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: попробуйте позже\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Добавление пользовател� %s в группу %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Удаление пользовател� %s из группы %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: пользователь «%s» не �вл�ет�� членом «%s»\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: не tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"И�пользование: %s [параметры] ГРУПП�\n"
+"\n"
+"Параметры:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force                   закончить работу без ошибки, е�ли группа\n"
+"                                �уще�твует и отменить -g, е�ли GID уже\n"
+"                                и�пользует��\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+"  -g, --gid GID                 дл� новой группы и�пользовать указанный GID\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+"  -K, --key КЛЮЧ=З��ЧЕ�ИЕ       заменить значение по умолчанию\n"
+"                                из /etc/login.defs\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              разрешить �оздание групп � повтор�ющим��\n"
+"                                (не уникальным) GID\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+"  -p, --password П�РОЛЬ         и�пользовать �тот шифрованный пароль дл�\n"
+"                                новой группы\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  �оздавать �и�темную группу\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: «%s» не может быть именем группы\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: неверный ID группы «%s»\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: дл� -К необходимо ИМЯ=З��ЧЕ�ИЕ\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: группа «%s» уже �уще�твует\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID «%lu» уже �уще�твует\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: не удало�ь на�троить �лужбу очи�тки.\n"
+
+#| msgid ""
+#| "  -r, --reset                   reset the counters of login failures\n"
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+"  -f, --force                   удалить группу, даже е�ли она �вл�ет��"
+" первичной\n"
+"                                группой пользовател�\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: не удало�ь удалить запи�ь «%s» из %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: не удало�ь удалить первичную группу пользовател� «%s»\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: группа «%s» не �уще�твует\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: группа «%s» �вл�ет�� группой NIS\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s �вл�ет�� ма�тером NIS\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: пользователь «%s» �вл�ет�� членом «%s»\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: недо�таточно пам�ти. �е удало�ь обновить %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"И�пользование: %s [параметры] [дей�твие]\n"
+"\n"
+"Параметры:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group им�_группы         и�пользовать им�_группы вме�то группы � "
+"именем\n"
+"                                пользовател� (только дл� �уперпользовател�)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Дей�тви�:\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr "  -a, --add пользователь        добавить пользовател� в группу\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr "  -d, --delete пользователь     удалить пользовател� из группы\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr "  -p, --purge                   удалить в�ех пользователей из группы\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    перечи�лить в�ех членов группы\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: ваше им�_группы не �овпадает � вашим пользователь�ким именем\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: только �уперпользователь может и�пользовать параметр -g/--group\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr "  -g, --gid GID                 изменить ID группы на GID\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr "  -n, --new-name �ОВ�Я_ГРУПП�   изменить им� на �ОВУЮ_ГРУППУ\n"
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              разрешить повтор�ющие�� (не уникальные) GID\n"
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+"  -p, --password П�РОЛЬ         изменить пароль на заданный (шифрованный)\n"
+"                                П�РОЛЬ\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: неверное им� группы «%s»\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: группа %s �вл�ет�� группой NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: неизве�тный пользователь %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"И�пользование: %s [параметры] [файл_group [файл_gshadow]]\n"
+"\n"
+"Параметры:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"И�пользование: %s [параметры] [группа]\n"
+"\n"
+"Параметры:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+"  -r, --read-only               показывать ошибки и предупреждени�,\n"
+"                                но не измен�ть файлы\n"
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr "  -s, --sort                    �ортировать запи�и по UID\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s и -r не могут и�пользовать�� одновременно\n"
+
+msgid "invalid group file entry"
+msgstr "неверна� запи�ь в файле групп"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "удалить �троку «%s»? "
+
+msgid "duplicate group entry"
+msgstr "повтор�юща��� запи�ь в файле групп"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "неверное им� группы «%s»\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "неверный ID группы «%lu»\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "группа %s: пользователь %s не �уще�твует\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "удалить члена группы «%s»? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "от�ут�твует �оответ�твующа� группа в файле %s\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "добавить группу «%s» в %s ? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr "дл� группы %s е�ть запи�ь в %s, но её поле парол� в %s не равно «x»\n"
+
+msgid "invalid shadow group file entry"
+msgstr "неверна� запи�ь в теневом файле групп"
+
+msgid "duplicate shadow group entry"
+msgstr "повтор�юща��� запи�ь в теневом файле групп"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "тенева� группа %s: админи�тративный пользователь %s не �уще�твует\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "удалить админи�тративного члена «%s»? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "тенева� группа %s: пользователь %s не �уще�твует\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: файлы были изменены\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: изменени� не вне�ены\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: не удало�ь удалить %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "И�пользование: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "И�пользование: id\n"
+
+msgid " groups="
+msgstr " группы="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+"  -b, --before Д�ЕЙ             показать запи�и lastlog за по�ледние Д�ЕЙ "
+"дней\n"
+
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+"  -C, --clear                   очи�тить запи�ь lastlog пользовател�\n"
+"                                (только вме�те � -u)\n"
+
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+"  -S, --set                     по�тавить в запи�и lastlog текущее врем�\n"
+"                                (только вме�те � -u)\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time Д�ЕЙ               показать запи�и lastlog за по�ледние Д�ЕЙ "
+"дней\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+"  -u, --user ИМЯ                показать запи�ь lastlog дл� учётной запи�и "
+"ИМЯ\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "Пользователь     Порт     С                По�ледний раз"
+
+msgid "Username                Port     Latest"
+msgstr "Пользователь            Порт     По�ледний раз"
+
+msgid "**Never logged in**"
+msgstr "**�икогда не входил в �и�тему**"
+
+#, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: не удало�ь обновить запи�ь дл� UID %lu\n"
+
+#, c-format
+#| msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: не удало�ь обновить файл lastlog\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr "%s: параметр -C нельз� и�пользовать вме�те � параметром -S\n"
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+"%s: дл� параметров -C и -S требует�� указать пользовател� в параметре -u\n"
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "И�пользование: %s [-p] [им� пользовател�]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "                    %s [-p] [-h узел] [-f им� пользовател�]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "                    %s [-p] -r узел\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "ошибка на�тройки: не удало�ь разобрать значение %s: «%d»"
+
+msgid "Invalid login time"
+msgstr "Вход в �и�тему �ейча� запрещён"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Си�тема закрыта дл� проведени� техниче�кого об�луживани�"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Отключение не выполнено — вход в �и�тему дл� �уперпользовател� разрешён.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: невозможно выполнить без прав �уперпользовател�\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"�ет запи�и в utmp. Вы должны запу�кать «login» из �амого первого уровн� «sh»"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Врем� выполнени� входа в �и�тему и�текло (%u �екунд).\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: ошибка PAM, аварийное завершение работы: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s им� пользовател�: "
+
+msgid "login: "
+msgstr "им� пользовател�: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Превышено мак�имальное чи�ло попыток (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: аварийное завершение работы по запро�у PAM\n"
+
+msgid "Login incorrect"
+msgstr "�еверное им� пользовател�"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "�евозможно найти пользовател� (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"Им� пользовател� %s: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: ошибка при вызове fork: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "�е удало�ь у�тановить флаг TIOCSCTTY на %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Предупреждение: вход в �и�тему �нова возможен."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "По�ледний вход в �и�тему: %s на %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "По�ледний вход в �и�тему: %.19s на %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " � %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"врем� входа в �и�тему и�текло\n"
+"\n"
+
+#
+msgid "Usage: logoutd\n"
+msgstr "И�пользование: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "И�пользование: newgrp [-] [группа]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "И�пользование: sg группа [[-c] команда]\n"
+
+#, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: не удало�ь зашифровать пароль � предыдущей �олью: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "�еправильный пароль.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: ошибка при вызове fork: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID «%lu» не �уще�твует\n"
+
+msgid "too many groups\n"
+msgstr "�лишком много групп\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  �оздать �и�темные учётные запи�и\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+"%s: группа «%s» �вл�ет�� теневой группой, но не �уще�твует в /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: неверный пользователь�кий ID «%s»\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: неверное им� пользовател� «%s»\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: �трока %d: некорректна� �трока\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: не удало�ь обновить запи�ь дл� пользовател� %s (его нет в базе данных "
+"passwd)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: �трока %d: не удало�ь �оздать пользовател�\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: �трока %d: не удало�ь �оздать группу\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: �трока %d: пользователь «%s» не �уще�твует в %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: �трока %d: не удало�ь обновить пароль\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: �трока %d: вызов mkdir %s завершил�� неудачно: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: �трока %d: вызов chown %s завершил�� неудачно: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: �трока %d: не удало�ь обновить запи�ь\n"
+
+#, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: не удало�ь подготовить новую %s запи�ь\n"
+
+#, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: не удало�ь найти подчинённый диапазон пользователей\n"
+
+#, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: не удало�ь найти подчинённый диапазон групп\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+"  -a, --all                     показать �о�то�ние паролей в�ех учётных\n"
+"                                запи�ей\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+"  -d, --delete                  удалить пароль заданной учётной запи�и\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  про�рочить пароль заданной учётной запи�и\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+"  -k, --keep-tokens             измен�ть пароль только � и�тёкшим �роком\n"
+"                                дей�тви�\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive �Е�КТИВ�ОСТЬ   у�тановить неактивно�ть парол� по�ле\n"
+"                                и�течени� �рока в значение �Е�КТИВ�ОСТЬ\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+"  -l, --lock                    заблокировать заданную учётную запи�ь\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays МИ�_Д�ЕЙ        у�тановить минимальное чи�ло дней перед\n"
+"                                �меной парол� в МИ�_Д�ЕЙ\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+"  -q, --quiet                   �ократить количе�тво выводимых �ообщений\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr "  -r, --repository РЕПОЗИТОРИЙ  изменить пароль в РЕПОЗИТОРИИ\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+"  -S, --status                  показать �о�то�ние парол� заданной учётной\n"
+"                                запи�и\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+"  -u, --unlock                  разблокировать заданную учётную запи�ь\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -w, --warndays ПРЕДУП_Д�ЕЙ    у�тановить количе�тво дней �\n"
+"                                выдачей предупреждени� в ПРЕДУП_Д�ЕЙ\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays М�КС_Д�ЕЙ       у�тановить мак�имальное чи�ло дней перед\n"
+"                                �меной парол� в М�КС_Д�ЕЙ\n"
+
+msgid "Old password: "
+msgstr "Старый пароль: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Введите новый пароль (минимальна� длина %d �имволов)\n"
+"И�пользуйте комбинацию из �имволов в верхнем и нижнем реги�тре и цифры.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Введите новый пароль (минимальна� длина %d, мак�имальна� длина %d �имволов)\n"
+"И�пользуйте комбинацию из �имволов в верхнем и нижнем реги�тре и цифры.\n"
+
+msgid "New password: "
+msgstr "�овый пароль: "
+
+msgid "Try again."
+msgstr "Попробуйте ещё раз."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Предупреждение: �лишком про�той пароль (чтобы в�ё равно и�пользовать �тот "
+"пароль, введите его ещё раз)."
+
+msgid "They don't match; try again.\n"
+msgstr "Пароли не �овпадают, попробуйте ещё раз.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Пароль пользовател� %s не может быть изменён.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Пароль дл� %s пока не может быть изменён.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: разблокировка парол� приведёт к по�влению бе�парольной учётной\n"
+"запи�и. Вы должны задать пароль � помощью usermod -p дл� разблокировки "
+"учётной запи�и пользовател�.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: хранилище %s не поддерживает��\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: у %s нет прав измен�ть пароль %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: вы не можете по�мотреть или изменить пароль %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Изменение парол� дл� %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Пароль дл� %s не был изменён.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: пароль изменён.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: информаци� об и�течении �рока дей�тви� парол� изменена.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"И�пользование: %s [параметры] [passwd]\n"
+"\n"
+"Параметры:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"И�пользование: %s [параметры] [passwd [shadow]]\n"
+"\n"
+"Параметры:\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+"  -q, --quiet                   показывать только �ообщени� об ошибках\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: нельз� указать альтернативный файл shadow, е�ли включён режим USE_TCB.\n"
+
+msgid "invalid password file entry"
+msgstr "неверна� запи�ь в файле паролей"
+
+msgid "duplicate password entry"
+msgstr "повтор�юща��� запи�ь в файле паролей"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "неверное им� пользовател� «%s»\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "неверный пользователь�кий ID «%lu»\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "пользователь «%s»: группа %lu не �уще�твует\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "пользователь «%s: каталог «%s» не �уще�твует\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "пользователь «%s»: программа «%s» не �уще�твует\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "нет каталога tcb дл� %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "�оздать каталог tcb дл� %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "не удало�ь �оздать каталог tcb дл� %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: не удало�ь заблокировать %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "от�ут�твует �оответ�твующа� запи�ь %s в файле паролей\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "добавить пользовател� «%s» в %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"дл� пользовател� %s е�ть запи�ь в %s, но её поле парол� в %s не равно «x»\n"
+
+msgid "invalid shadow password file entry"
+msgstr "неверна� запи�ь в теневом файле паролей"
+
+msgid "duplicate shadow password entry"
+msgstr "повтор�юща��� запи�ь в теневом файле паролей"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "пользователь %s: врем� по�леднего изменени� парол� в будущем\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: не удало�ь от�ортировать запи�и в %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: � включённым режимом tcb работа невозможна\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: не удало�ь изменить права %s на 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "До�туп к su дл� �той учётной запи�и З�ПРЕЩ��.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Проверка подлинно�ти по паролю пропущена.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Введите ваш СОБСТВЕ��ЫЙ пароль дл� аутентификации.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: невозможно выполнить fork пользователь�кой оболочки\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: неи�правно�ть в �игналах\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: неи�правно�ть в ма�кировке �игналов\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Сеан� завершён, выполн�ет�� завершение оболочки…"
+
+msgid " ...killed.\n"
+msgstr " … завершён.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " … ожидает завершени� потомка.\n"
+
+msgid " ...terminated.\n"
+msgstr " … завершён.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"И�пользование: su [параметры] [ПОЛЬЗОВ�ТЕЛЬ]\n"
+"\n"
+"Параметры:\n"
+"  -c, --command КОМ��Д�         передать КОМ��ДУ вызываемой оболочке\n"
+"  -h, --help                    показать данное �ообщение и закончить "
+"работу\n"
+"  -, -l, --login                запу�кать оболочку как реги�трационную\n"
+"  -m, -p,\n"
+"  --preserve-environment        не �бра�ывать переменные окружени� и\n"
+"                                �охранить запу�тившую оболочку\n"
+"  -s, --shell ОБОЛОЧК�          и�пользовать ОБОЛОЧКУ\n"
+"                                вме�то значени� из файла passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Игнорировано)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "У ва� нет прав на выполнение su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Введите ваш �об�твенный пароль)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: не удало�ь пройти проверку подлинно�ти\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: у ва� нет прав выполн�ть su в данный момент\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "От�ут�твует passwd-запи�ь дл� пользовател� «%s»\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: должен запу�кать�� из терминала\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: ошибка %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: не удало�ь �бро�ить управл�ющий терминал\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "�е удало�ь выполнить %s\n"
+
+msgid "No password file"
+msgstr "От�ут�твует файл паролей"
+
+msgid "TIOCSCTTY failed"
+msgstr "�е удало�ь у�тановить флаг TIOCSCTTY"
+
+msgid "No password entry for 'root'"
+msgstr "От�ут�твует запи�ь дл� «root»"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"�ажмите control-d дл� продолжени� загрузки в обычном режиме,\n"
+"(или введите пароль �уперпользовател� дл� об�луживани� �и�темы):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Вход в режим �и�темного об�луживани�"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: каталог %s �оздан, но не может быть удалён\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: на�тройка %s в %s будет проигнорирована\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: не удало�ь �оздать новый файл значений по умолчанию\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: не удало�ь открыть новый файл значений по умолчанию\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: �лишком длинна� �трока в %s: %s…"
+
+#, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: не удало�ь �оздать резервную копию файла (%s): %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: rename: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: группа «%s» �вл�ет�� группой NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: указано �лишком много групп (мак�имум %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"И�пользование: %s [параметры] ПОЛЬЗОВ�ТЕЛЬ\n"
+"               %s -D\n"
+"               %s -D [параметры]\n"
+"\n"
+"Параметры:\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -b, --base-dir Б�З_К�Т        базовый каталог дл� домашнего каталога "
+"новой\n"
+"                                учётной запи�и\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr "  -c, --comment КОММЕ�Т�РИЙ     поле GECOS новой учётной запи�и\n"
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+"  -d, --home-dir ДОМ_К�Т        домашний каталог новой учётной запи�и\n"
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+"  -D, --defaults                показать или изменить на�тройки\n"
+"                                по умолчанию дл� useradd\n"
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+"  -e, --expiredate Д�Т�_УСТ     дата у�таревани� новой учётной запи�и\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+"  -f, --inactive �Е�КТИВ�ОСТЬ   период неактивно�ти парол� новой учётной "
+"запи�и\n"
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+"  -g, --gid ГРУПП�              им� или ID первичной группы новой\n"
+"                                учётной запи�и\n"
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+"  -G, --groups ГРУППЫ           �пи�ок дополнительных групп новой\n"
+"                                учётной запи�и\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+"  -k, --skel К�Б_Ш�Б            и�пользовать альтернативный каталог � "
+"шаблонами\n"
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -l, --no-log-init             не добавл�ть пользовател� в базы данных "
+"lastlog и\n"
+"                                faillog\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+"  -m, --create-home             �оздать домашний каталог пользовател�\n"
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+"  -M, --no-create-home          не �оздавать домашний каталог пользовател�\n"
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+"  -N, --no-user-group           не �оздавать группу � тем же именем что и у\n"
+"                                пользовател�\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              разрешить �оздание пользователей �\n"
+"                                повтор�ющими�� (не уникальными) UID\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+"  -p, --password П�РОЛЬ         зашифрованный пароль новой учётной запи�и\n"
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+"  -s, --shell ОБОЛОЧК�          реги�трационна� оболочка новой\n"
+"                                учётной запи�и\n"
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+"  -u, --uid UID                 пользователь�кий ID новой учётной запи�и\n"
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+"  -U, --user-group              �оздать группу � тем же именем что и у\n"
+"                                пользовател�\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+"  -Z, --selinux-user SEUSER     и�пользовать указанного SEUSER дл�\n"
+"                                пользователь�кого �опо�тавлени� SELinux\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: неверный базовый каталог «%s»\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: неверный комментарий «%s»\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: неверный домашний каталог «%s»\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: дл� параметра -e необходима поддержка теневых паролей\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: дл� параметра -f необходима поддержка теневых паролей\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: неверное поле «%s»\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: неверна� оболочка «%s»\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: дл� -Z в �дре требует�� включить SELinux\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: не удало�ь �бро�ить запи�ь в faillog дл� UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: не удало�ь �бро�ить запи�ь в lastlog дл� UID %lu: %s\n"
+
+#, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: не удало�ь подготовить новую %s запи�ь\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: не удало�ь �оздать каталог %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Создание почтового �щика"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"�е найдена группа «mail». Создаёт�� пользователь�кий почтовый �щик � правами "
+"0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "У�тановка прав на файл почтового �щика"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: пользователь «%s» уже �уще�твует\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: группа %s �уще�твует — дл� добавлени� в неё �того пользовател�, "
+"и�пользуйте -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: не удало�ь �оздать пользовател�\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu не �вл�ет�� уникальным\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: не удало�ь �оздать tcb-каталог дл� %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: не удало�ь �оздать группу\n"
+
+#, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: не удало�ь �оздать подчинённые пользователь�кие ID\n"
+
+#, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: не удало�ь �оздать подчинённые групповые ID\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: предупреждение: домашний каталог уже �уще�твует.\n"
+"�икакие файлы из каталога шаблонов копировать�� не будут.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: предупреждение: не удало�ь �опо�тавить им� пользовател� %s � "
+"пользователем SELinux %s.\n"
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   удал�ть файлы, даже е�ли они\n"
+"                                не принадлежат пользователю\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+"  -r, --remove                  удалить домашний каталог и почтовый �щик\n"
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+"  -Z, --selinux-user            удалить в�е пользователь�кие �опо�тавлени�\n"
+"                                SELinux дл� пользовател�\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: группа %s не удалена, так как �то не первична� группа пользовател� %s.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: группа %s не удалена, так как в ней е�ть другие члены.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: группа %s �вл�ет�� первичной дл� другого пользовател� и не может быть "
+"удалена.\n"
+
+#, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: не удало�ь удалить запи�ь %lu из %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: почтовый �щик %s (%s) не найден\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: предупреждение: не удало�ь удалить %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s не принадлежит %s, удаление не выполнено\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s: не удало�ь выделить пам�ть, �лемент tcb дл� %s не удалён.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: не удало�ь �низить уровень привилегий: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: не удало�ь удалить �одержимое %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: не удало�ь удалить файлы tcb дл� %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: пользователь %s �вл�ет�� пользователем NIS\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: домашний каталог пользовател� %s (%s) не найден\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: каталог %s не удалён (�вл�ет�� домашним каталогом пользовател� %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: ошибка удалени� каталога %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+"%s: предупреждение: не удало�ь удалить пользователь�кое �опо�тавление "
+"SELinux в им� пользовател� %s.\n"
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment КОММЕ�Т�РИЙ     новое значение пол� GECOS\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+"  -d, --home ДОМ_К�Т            новый домашний каталог учётной запи�и\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -e, --expiredate Д�Т�_УСТ     у�тановить дату окончани� дей�тви�\n"
+"                                учётной запи�и в Д�Т�_УСТ\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive �Е�КТИВ�ОСТЬ   у�тановить период неактивно�ти парол� по�ле\n"
+"                                у�таревани� учётной запи�и равным "
+"�Е�КТИВ�ОСТЬ\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+"  -g, --gid ГРУПП�              принудительно назначить первичную ГРУППУ\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr "  -G, --groups ГРУППЫ           �пи�ок дополнительных ГРУПП\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+"  -a, --append                  добавить пользовател� в дополнительные\n"
+"                                ГРУППЫ, указанные в параметре -G не удал��\n"
+"                                пользовател� из других групп\n"
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login �ОВОЕ_ИМЯ         новое значение имени учётной запи�и\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    заблокировать учётную запи�ь\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               переме�тить �одержимое домашнего каталога в\n"
+"                                новое ме�то (и�пользовать только вме�те � -"
+"d)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              разрешить �оздание учётной запи�и � уже\n"
+"                                имеющим�� (не уникальным) UID\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+"  -p, --password П�РОЛЬ         задать новый шифрованный пароль дл�\n"
+"                                учётной запи�и\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr "  -u, --uid UID                 новый UID дл� учётной запи�и\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr "  -U, --unlock                  разблокировать учётную запи�ь\n"
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr "  -v, --add-subuids ПЕРВ-ПОСЛ   добавить диапазон подчинённых uid\n"
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr "  -V, --del-subuids ПЕРВ-ПОСЛ   удалить диапазон подчинённых uid\n"
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr "  -w, --add-subgids ПЕРВ-ПОСЛ   добавить диапазон подчинённых gid\n"
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr "  -W, --del-subgids ПЕРВ-ПОСЛ   удалить диапазон подчинённых gid\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -Z, --selinux-user SEUSER     новое пользователь�кое �опо�тавление\n"
+"                                SELinux дл� учётной запи�и\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: разблокировка парол� пользовател� приведёт к по�влению бе�парольной\n"
+"учётной запи�и. Вы должны задать пароль � помощью usermod -p дл� "
+"разблокировки парол� пользовател�.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: пользователь «%s» уже �уще�твует в %s\n"
+
+#, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: некорректный диапазон подчинённых uid «%s»\n"
+
+#, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: некорректный диапазон подчинённых gid «%s»\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: не указаны параметры\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: параметры -L, -p и -U �вл�ют�� взаимои�ключающими\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr ""
+"%s: дл� параметров -e и -f требует�� поддержка теневых файлов паролей\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID «%lu» уже �уще�твует\n"
+
+#, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s не �уще�твует, нельз� указывать флаги %s или %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: каталог %s �уще�твует\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Предыдущий домашний каталог (%s) не �вл�л�� домашним каталогом. Он не "
+"удалён и домашний каталог не �оздан.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: не удало�ь изменить владельца домашнего каталога"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: предупреждение: не удало�ь полно�тью удалить �тарый домашний каталог %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: не удало�ь переименовать каталог %s в %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: не удало�ь �копировать запи�ь lastlog о пользователе %lu в пользовател� "
+"%lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: не удало�ь �копировать запи�ь faillog о пользователе %lu в пользовател� "
+"%lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: предупреждение: %s не принадлежит %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "не удало�ь �менить владельца почтового �щика"
+
+msgid "failed to rename mailbox"
+msgstr "не удало�ь переименовать почтовый �щик"
+
+#, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: не удало�ь удалить диапазон uid %lu-%lu из «%s»\n"
+
+#, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: не удало�ь добавить диапазон uid %lu-%lu в «%s»\n"
+
+#, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: не удало�ь удалить диапазон gid %lu-%lu из «%s»\n"
+
+#, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: не удало�ь добавить диапазон gid %lu-%lu в «%s»\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Вы изменили %s.\n"
+"Дл� обе�печени� �огла�ованно�ти вам может потребовать�� изменить %s.\n"
+"Дл� �того и�пользуйте команду «%s».\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   редактировать базу данных групп\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd                  редактировать базу данных паролей\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+"  -s, --shadow                  редактировать базу данных shadow или "
+"gshadow\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+"  -u, --user                    редактировать пользователь�кий файл\n"
+"                                shadow �труктуры tcb\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: не удало�ь удалить %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s не был изменён\n"
+
+msgid "failed to create scratch directory"
+msgstr "не удало�ь �оздать черновой каталог"
+
+msgid "failed to drop privileges"
+msgstr "не удало�ь �низить уровень привилегий"
+
+#
+msgid "Couldn't get file context"
+msgstr "�е удало�ь получить файловый контек�т"
+
+msgid "setfscreatecon () failed"
+msgstr "Вызов setfscreatecon () завершил�� неудачно"
+
+msgid "failed to gain privileges"
+msgstr "не удало�ь повы�ить уровень привилегий"
+
+msgid "Couldn't lock file"
+msgstr "�е удало�ь заблокировать файл"
+
+msgid "Couldn't make backup"
+msgstr "�е удало�ь �оздать резервную копию"
+
+#, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s: %s\n"
+
+#, c-format
+#| msgid "%s: nscd exited with status %d\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s завершил�� � кодом выхода %d\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr "%s: %s убит по �игналу %d\n"
+
+msgid "failed to open scratch file"
+msgstr "не удало�ь открыть черновой файл"
+
+msgid "failed to unlink scratch file"
+msgstr "не удало�ь удалить черновой файл"
+
+msgid "failed to stat edited file"
+msgstr "не удало�ь получить атрибуты редактируемого файла"
+
+msgid "failed to allocate memory"
+msgstr "не удало�ь выделить пам�ть"
+
+msgid "failed to create backup file"
+msgstr "не удало�ь �оздать резервную копию файла"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: не удало�ь во��тановить %s: %s (ваши изменени� в %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: не удало�ь найти каталог tcb дл� %s\n"
+
+#~ msgid "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ msgstr "  -c, --crypt-method            алгоритм шифровани� (один из: %s)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "И�пользование: vipw [параметры]\n"
+#~ "\n"
+#~ "Параметры:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "не удало�ь выполнить malloc(%d)\n"
+
+#
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "И�пользование: chage [параметры] [ПОЛЬЗОВ�ТЕЛЬ]\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ "  -d, --lastday LAST_DAY        у�тановить по�ледний день �мены парол�\n"
+#~ "                                в LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  у�тановить дату окончани� дей�тви�\n"
+#~ "                                учётной запи�и в EXPIRE_DATE\n"
+#~ "  -h, --help                    показать �то �ообщение и закончить "
+#~ "работу\n"
+#~ "  -I, --inactive INACTIVE       у�тановить неактивно�ть парол� по�ле\n"
+#~ "                                у�таревани� в значение INACTIVE\n"
+#~ "  -l, --list                    показать «возра�т» учётной запи�и\n"
+#~ "  -m, --mindays MIN_DAYS        у�тановить минимальное чи�ло дней перед\n"
+#~ "                                �меной парол� в MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        у�тановить мак�имальное чи�ло дней перед\n"
+#~ "                                �меной парол� в MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      у�тановить количе�тво дней � выдачей\n"
+#~ "                                предупреждени� в WARN_DAYS\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: проверка подлинно�ти PAM завершила�ь неудачно\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "И�пользование: %s [-f полное им�] [-r номер комнаты] [-w рабочий "
+#~ "телефон]\n"
+#~ "\t[-h домашний телефон] [-o другое] [пользователь]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "И�пользование: %s [-f полное им�] [-r номер комнаты] [-w рабочий телефон] "
+#~ "[-h домашний телефон]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "И�пользование: %s [параметры]\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ "  -c, --crypt-method    алгоритм шифровани� (один из %s)\n"
+#~ "  -e, --encrypted       вводит�� уже шифрованный пароль\n"
+#~ "  -h, --help            показать �то �ообщение и завершить работу "
+#~ "программы\n"
+#~ "  -m, --md5             и�пользовать шифрование MD5 вме�то DES, е�ли "
+#~ "пароль\n"
+#~ "                        вводит�� не шифрованным\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "И�пользование: chsh [параметры] [ПОЛЬЗОВ�ТЕЛЬ]\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ "  -h, --help            показать данное �ообщение и закончить работу\n"
+#~ "  -s, --shell SHELL     нова� реги�трационна� оболочка дл� учётной "
+#~ "запи�и\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "И�пользование: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: не удало�ь получить запи�ь дл� UID %lu\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: не удало�ь открыть %s: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: не удало�ь получить размер %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "И�пользование: groupdel группа\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "И�пользование: %s [-r] [-s] [файл_group [файл_gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "И�пользование: %s [-r] [-s] [файл_group]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s и -r не могут и�пользовать�� одновременно\n"
+
+#
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "И�пользование: grpconv\n"
+
+#
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "И�пользование: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "И�пользование: lastlog [параметры]\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ "  -b, --before Д�ЕЙ     показать запи�и lastlog за по�ледние Д�ЕЙ дней\n"
+#~ "  -h, --help            показать �то �ообщение и завершить работу "
+#~ "программы\n"
+#~ "  -t, --time Д�ЕЙ       показать запи�и lastlog за по�ледние Д�ЕЙ дней\n"
+#~ "  -u, --user ИМЯ        показать запи�ь lastlog дл� учётной запи�и ИМЯ\n"
+#~ "\n"
+
+#
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "И�пользование: passwd [параметры] [ПОЛЬЗОВ�ТЕЛЬ]\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ "  -a, --all                     показать �о�то�ние паролей в�ех учётных\n"
+#~ "                                запи�ей\n"
+#~ "  -d, --delete                  удалить пароль заданной учётной запи�и\n"
+#~ "  -e, --expire                  про�рочить пароль заданной учётной "
+#~ "запи�и\n"
+#~ "  -h, --help                    показать �то �ообщение и завершить "
+#~ "работу\n"
+#~ "                                программы\n"
+#~ "  -k, --keep-tokens             измен�ть пароль только � и�тёкшим �роком\n"
+#~ "                                дей�тви�\n"
+#~ "  -i, --inactive INACTIVE       у�тановить неактивно�ть парол� по�ле\n"
+#~ "                                и�течени� �рока в значение INACTIVE\n"
+#~ "  -l, --lock                    заблокировать заданную учётную запи�ь\n"
+#~ "  -n, --mindays MIN_DAYS        у�тановить минимальное чи�ло дней перед\n"
+#~ "                                �меной парол� в MIN_DAYS\n"
+#~ "  -q, --quiet                   не показывать �ообщений\n"
+#~ "  -r, --repository REPOSITORY   изменить пароль в репозитории REPOSITORY\n"
+#~ "  -S, --status                  показать �о�то�ние парол� заданной "
+#~ "учётной\n"
+#~ "                                запи�и\n"
+#~ "  -u, --unlock                  разблокировать заданную учётную запи�ь\n"
+#~ "  -w, --warndays WARN_DAYS      у�тановить количе�тво дней �\n"
+#~ "                                выдачей предупреждени� в WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        у�тановить мак�имальное чи�ло дней перед\n"
+#~ "                                �меной парол� в MAX_DAYS\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "И�пользование: %s [-q] [-r] [passwd]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "И�пользование: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "И�пользование: pwconv\n"
+
+#
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "И�пользование: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "�еизве�тный id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "От�ут�твует оболочка\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "И�пользование: userdel [параметры] ПОЛЬЗОВ�ТЕЛЬ\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ "  -f, --force                   удал�ть файлы, даже е�ли они\n"
+#~ "                                не принадлежат пользователю\n"
+#~ "  -h, --help                    показать данное �ообщение и закончить "
+#~ "работу\n"
+#~ "  -r, --remove                  удалить домашний каталог и почтовый �щик\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: пользователь %s �ейча� работает в �и�теме\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "И�пользование: usermod [параметры] ПОЛЬЗОВ�ТЕЛЬ\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ "  -c, --comment КОММЕ�Т�РИЙ     новое значение пол� GECOS\n"
+#~ "  -d, --home ДОМ_К�Т            новый домашний каталог учётной запи�и\n"
+#~ "  -e, --expiredate Д�Т�_УСТ     у�тановить дату окончани� дей�тви�\n"
+#~ "                                учётной запи�и в Д�Т�_УСТ\n"
+#~ "  -f, --inactive �Е�КТИВ�ОСТЬ   у�тановить период неактивно�ти парол� "
+#~ "по�ле\n"
+#~ "                                у�таревани� учётной запи�и равным "
+#~ "�Е�КТИВ�ОСТЬ\n"
+#~ "  -g, --gid ГРУПП�              принудительно назначить первичную ГРУППУ\n"
+#~ "  -G, --groups ГРУППЫ           �пи�ок дополнительных ГРУПП\n"
+#~ "  -a, --append                  добавить пользовател� в дополнительные\n"
+#~ "                                ГРУППЫ, указанные в параметре -G не "
+#~ "удал��\n"
+#~ "                                пользовател� из других групп\n"
+#~ "  -h, --help                    показать данное �ообщение и закончить "
+#~ "работу\n"
+#~ "  -l, --login �ОВОЕ_ИМЯ         новое значение имени учётной запи�и\n"
+#~ "  -L, --lock                    заблокировать учётную запи�ь\n"
+#~ "  -m, --move-home               переме�тить �одержимое домашнего каталога "
+#~ "в\n"
+#~ "                                новое ме�то (и�пользовать только вме�те � "
+#~ "-d)\n"
+#~ "  -o, --non-unique              разрешить �оздание учётной запи�и � уже\n"
+#~ "                                имеющим�� (не уникальным) UID\n"
+#~ "  -p, --password П�РОЛЬ         задать новый шифрованный пароль дл�\n"
+#~ "                                учётной запи�и\n"
+#~ "  -s, --shell ОБОЛОЧК�          задать новую оболочку дл�\n"
+#~ "                                учётной запи�и\n"
+#~ "  -u, --uid UID                 новый UID дл� учётной запи�и\n"
+#~ "  -U, --unlock                  разблокировать учётную запи�ь\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: не заданы параметры\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "И�пользование: vipw [параметры]\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ "  -g, --group                   редактировать базу данных групп\n"
+#~ "  -h, --help                    показать данное �ообщение и закончить "
+#~ "работу\n"
+#~ "  -p, --passwd                  редактировать базу данных паролей\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  редактировать базу данных теневых\n"
+#~ "                                паролей пользователей или групп\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [option] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --add USER                add USER to GROUP\n"
+#~ "  -d, --delete USER             remove USER from GROUP\n"
+#~ "  -r, --remove-password         remove the GROUP's password\n"
+#~ "  -R, --restrict                restrict access to GROUP to its members\n"
+#~ "  -M, --members USER,...        set the list of members of GROUP\n"
+#~ "%s\n"
+#~ "\n"
+#~ msgstr ""
+#~ "И�пользование: %s [параметр] ГРУПП�\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ "  -a, --add ПОЛЬЗОВ�ТЕЛЬ          добавить ПОЛЬЗОВ�ТЕЛЯ в ГРУППУ\n"
+#~ "  -d, --delete ПОЛЬЗОВ�ТЕЛЬ       удалить ПОЛЬЗОВ�ТЕЛЯ из ГРУППЫ\n"
+#~ "  -r, --remove-password           удалить пароль ГРУППЫ\n"
+#~ "  -R, --restrict                  ограничить до�туп к ГРУППЕ её членам\n"
+#~ "  -M, --members ПОЛЬЗОВ�ТЕЛЬ,...  задать �пи�ок членов ГРУППЫ\n"
+#~ "%s\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmems [options] [action]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group groupname         change groupname instead of the user's "
+#~ "group\n"
+#~ "                                (root only)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ "  -a, --add username            add username to the members of the group\n"
+#~ "  -d, --delete username         remove username from the members of the "
+#~ "group\n"
+#~ "  -p, --purge                   purge all members from the group\n"
+#~ "  -l, --list                    list the members of the group\n"
+#~ "\n"
+#~ msgstr ""
+#~ "И�пользование: groupmems [параметры] [дей�твие]\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ "  -g, --group им�_группы          изменить им�_группы вме�то "
+#~ "пользователь�кой\n"
+#~ "                                  группы (только дл� root)\n"
+#~ "\n"
+#~ "Дей�тви�:\n"
+#~ "  -a, --add им�_польз             добавить им�_польз в члены группы\n"
+#~ "  -d, --delete им�_польз          удалить им�_польз из членов группы\n"
+#~ "  -p, --purge                     удалить в�ех членов из группы\n"
+#~ "  -l, --list                      показать в�ех членов группы\n"
+#~ "\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: не удало�ь �оздать %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: не удало�ь �менить владельца %s\n"
+
+#
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "И�пользование: faillog [параметры]\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ "  -a, --all             показать запи�и faillog обо в�ех пользовател�х\n"
+#~ "  -h, --help            показать �то �ообщение и завершить работу "
+#~ "программы\n"
+#~ "  -l, --lock-time СЕК   при неудачной попытке входа блокировать\n"
+#~ "                        учётную запи�ь на СЕК �екунд\n"
+#~ "  -m, --maximum М�КС    у�тановить мак�имальное чи�ло неудачных попыток\n"
+#~ "                        входа равным М�КС\n"
+#~ "  -r, --reset           обнулить �чётчики неудачных попыток входа\n"
+#~ "  -t, --time Д�ЕЙ       показать запи�и faillog за по�ледние Д�ЕЙ дней\n"
+#~ "  -u, --user ИМЯ        показать запи�ь faillog или на�троить �чётчики\n"
+#~ "                        неудачных попыток и ограничени� (вме�те � -r, -m\n"
+#~ "                        или -l) только дл� учётной запи�и � заданным "
+#~ "ИМЕ�ЕМ\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "И�пользование: groupadd [параметры] ГРУПП�\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ "  -f, --force           закончить работу � у�пешным кодом возврата, е�ли\n"
+#~ "                        заданна� группа уже �уще�твует\n"
+#~ "  -g, --gid GID         дл� новой группы и�пользовать GID\n"
+#~ "  -h, --help            показать данное �ообщение и закончить работу\n"
+#~ "  -K, --key KEY=VALUE   изменить значени� по умолчанию из /etc/login."
+#~ "defs\n"
+#~ "  -o, --non-unique      разрешить �оздание группы � уже имеющим��\n"
+#~ "                        (не уникальным) GID\n"
+#~ "  -p, --password PASS   и�пользовать шифрованный пароль дл� новой группы\n"
+#~ "  -r, --system          �оздать �и�темную учётную запи�ь\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "И�пользование: groupmod [параметры] ГРУПП�\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ "  -g, --gid GID         дл� новой ГРУППЫ и�пользовать GID\n"
+#~ "  -h, --help            показать данное �ообщение и закончить работу\n"
+#~ "  -n, --new-name �ОВ_ГР и�пользовать им� �ОВ_ГР дл� ГРУППЫ\n"
+#~ "  -o, --non-unique      разрешить �оздание ГРУППЫ � уже имеющим��\n"
+#~ "                        (не уникальным) GID\n"
+#~ "  -p, --password PASS   и�пользовать шифрованный пароль дл� нового "
+#~ "парол�\n"
+#~ "\n"
+
+#
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "И�пользование: useradd [параметры] им� пользовател�\n"
+#~ "\n"
+#~ "Параметры:\n"
+#~ "  -b, --base-dir BASE_DIR       базовый каталог дл� домашнего каталога\n"
+#~ "                                новой учётной запи�и\n"
+#~ "  -c, --comment COMMENT         заполнить поле GECOS новой учётной "
+#~ "запи�и\n"
+#~ "  -d, --home-dir HOME_DIR       домашний каталог новой учётной запи�и\n"
+#~ "  -D, --defaults                показать или �охранить изменённые "
+#~ "на�тройки\n"
+#~ "                                useradd по умолчанию\n"
+#~ "  -e, --expiredate EXPIRE_DATE  у�тановить дату окончани� дей�тви�\n"
+#~ "                                учётной запи�и равной EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       у�тановить пароль дл� у�таревших учётных\n"
+#~ "                                запи�ей в INACTIVE\n"
+#~ "  -g, --gid GROUP               принудительно назначить группу GROUP\n"
+#~ "                                дл� новой учётной запи�и\n"
+#~ "  -G, --groups GROUPS           задать �пи�ок групп дл� новой\n"
+#~ "                                учётной запи�и\n"
+#~ "  -h, --help                    показать данное �ообщение и закончить "
+#~ "работу\n"
+#~ "  -k, --skel SKEL_DIR           указать альтернативный каталог � "
+#~ "шаблонами\n"
+#~ "  -K, --key KEY=VALUE           изменить значени� по умолчанию из\n"
+#~ "                                /etc/login.defs\n"
+#~ "  -l, --no-log-init             не добавл�ть пользовател� в базы данных\n"
+#~ "                                lastlog и faillog\n"
+#~ "  -m, --create-home             �оздать домашний каталог дл� новой\n"
+#~ "                                учётной запи�и\n"
+#~ "  -M, --no-create-home          не �оздавать домашний каталог дл� новой\n"
+#~ "                                учётной запи�и (измен�ет значение\n"
+#~ "                                 из /etc/login.defs)\n"
+#~ "  -N, --no-user-group           не �оздавать группу � именем как у\n"
+#~ "                                пользовател�\n"
+#~ "  -o, --non-unique              разрешить �оздание учётной запи�и � уже\n"
+#~ "                                имеющим�� (не уникальным) UID\n"
+#~ "  -p, --password PASSWORD       задать шифрованный пароль дл� новой\n"
+#~ "                                учётной запи�и\n"
+#~ "  -r, --system                  �оздать �и�темную учётную запи�ь\n"
+#~ "  -s, --shell SHELL             задать командную оболочку дл� новой\n"
+#~ "                                учётной запи�и\n"
+#~ "  -u, --uid UID                 принудительно назначить UID дл� новой\n"
+#~ "                                учётной запи�и\n"
+#~ "  -U, --user-group              �оздать группу � именем как у "
+#~ "пользовател�\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -r, --system                  create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "И�пользование: %s [параметры] [ввод]\n"
+#~ "\n"
+#~ "  -c, --crypt-method    метод шифровани� (один из %s)\n"
+#~ "  -r, --system          �оздать �и�темную учётную запи�ь\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Срок дей�тви� парол� и�тёк."
+
+#~ msgid "setfscreatecon() failed"
+#~ msgstr "Вызов setfscreatecon() завершил�� неудачно"
diff --git a/po/shadow.pot b/po/shadow.pot
new file mode 100644
index 0000000..5fa6d34
--- /dev/null
+++ b/po/shadow.pot
@@ -0,0 +1,2346 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR Free Software Foundation, Inc.
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <LL@li.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=CHARSET\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr ""
+
+#, c-format
+msgid "%s's Password: "
+msgstr ""
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr ""
+
+msgid "Warning: too many groups\n"
+msgstr ""
+
+msgid "Your password has expired."
+msgstr ""
+
+msgid "Your password is inactive."
+msgstr ""
+
+msgid "Your login has expired."
+msgstr ""
+
+msgid "  Contact the system administrator."
+msgstr ""
+
+msgid "  Choose a new password."
+msgstr ""
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr ""
+
+msgid "Your password will expire tomorrow."
+msgstr ""
+
+msgid "Your password will expire today."
+msgstr ""
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: "
+msgstr ""
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr ""
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+msgstr[1] ""
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr ""
+
+msgid "Too many logins.\n"
+msgstr ""
+
+msgid "You have new mail."
+msgstr ""
+
+msgid "No mail."
+msgstr ""
+
+msgid "You have mail."
+msgstr ""
+
+msgid "no change"
+msgstr ""
+
+msgid "a palindrome"
+msgstr ""
+
+msgid "case changes only"
+msgstr ""
+
+msgid "too similar"
+msgstr ""
+
+msgid "too simple"
+msgstr ""
+
+msgid "rotated"
+msgstr ""
+
+msgid "too short"
+msgstr ""
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr ""
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr ""
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr ""
+
+msgid "passwd: password unchanged\n"
+msgstr ""
+
+msgid "passwd: password updated successfully\n"
+msgstr ""
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr ""
+
+msgid "No directory, logging in with HOME=/"
+msgstr ""
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr ""
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr ""
+
+msgid "Unable to determine your tty name."
+msgstr ""
+
+msgid "No"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+
+msgid "Minimum Password Age"
+msgstr ""
+
+msgid "Maximum Password Age"
+msgstr ""
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr ""
+
+msgid "Password Expiration Warning"
+msgstr ""
+
+msgid "Password Inactive"
+msgstr ""
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr ""
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr ""
+
+msgid "never"
+msgstr ""
+
+msgid "password must be changed"
+msgstr ""
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr ""
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr ""
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr ""
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr ""
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr ""
+
+msgid "Room Number"
+msgstr ""
+
+msgid "Work Phone"
+msgstr ""
+
+msgid "Home Phone"
+msgstr ""
+
+msgid "Other"
+msgstr ""
+
+msgid "Cannot change ID to root.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr ""
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr ""
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr ""
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr ""
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr ""
+
+#, c-format
+msgid " [%lus left]"
+msgstr ""
+
+#, c-format
+msgid " [%lds lock]"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+
+msgid "The options cannot be combined.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr ""
+
+msgid "New Password: "
+msgstr ""
+
+msgid "Re-enter new password: "
+msgstr ""
+
+msgid "They don't match; try again"
+msgstr ""
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr ""
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr ""
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr ""
+
+msgid "invalid group file entry"
+msgstr ""
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr ""
+
+msgid "duplicate group entry"
+msgstr ""
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr ""
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr ""
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr ""
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr ""
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr ""
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr ""
+
+msgid "duplicate shadow group entry"
+msgstr ""
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr ""
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr ""
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr ""
+
+msgid "Usage: id [-a]\n"
+msgstr ""
+
+msgid "Usage: id\n"
+msgstr ""
+
+msgid " groups="
+msgstr ""
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr ""
+
+msgid "Username                Port     Latest"
+msgstr ""
+
+msgid "**Never logged in**"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to update the lastlog file\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr ""
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr ""
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr ""
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s login: "
+msgstr ""
+
+msgid "login: "
+msgstr ""
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr ""
+
+msgid "login: abort requested by PAM\n"
+msgstr ""
+
+msgid "Login incorrect"
+msgstr ""
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr ""
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr ""
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr ""
+
+#, c-format
+msgid " from %.*s"
+msgstr ""
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+
+msgid "Usage: logoutd\n"
+msgstr ""
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr ""
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr ""
+
+msgid "Invalid password.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr ""
+
+msgid "too many groups\n"
+msgstr ""
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to prepare new %s entry\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't find subordinate group range\n"
+msgstr ""
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr ""
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+
+msgid "New password: "
+msgstr ""
+
+msgid "Try again."
+msgstr ""
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+
+msgid "They don't match; try again.\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr ""
+
+msgid "duplicate password entry"
+msgstr ""
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr ""
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr ""
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr ""
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr ""
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr ""
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr ""
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr ""
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr ""
+
+msgid "duplicate shadow password entry"
+msgstr ""
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr ""
+
+msgid "Password authentication bypassed.\n"
+msgstr ""
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr ""
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr ""
+
+msgid "(Enter your own password)"
+msgstr ""
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr ""
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr ""
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr ""
+
+msgid "No password file"
+msgstr ""
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr ""
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+
+msgid "Entering System Maintenance Mode"
+msgstr ""
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr ""
+
+msgid "Creating mailbox file"
+msgstr ""
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+
+msgid "Setting mailbox file permissions"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr ""
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr ""
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr ""
+
+msgid "failed to change mailbox owner"
+msgstr ""
+
+msgid "failed to rename mailbox"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr ""
+
+msgid "failed to create scratch directory"
+msgstr ""
+
+msgid "failed to drop privileges"
+msgstr ""
+
+msgid "Couldn't get file context"
+msgstr ""
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+msgid "failed to gain privileges"
+msgstr ""
+
+msgid "Couldn't lock file"
+msgstr ""
+
+msgid "Couldn't make backup"
+msgstr ""
+
+#, c-format
+msgid "%s: %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr ""
+
+msgid "failed to unlink scratch file"
+msgstr ""
+
+msgid "failed to stat edited file"
+msgstr ""
+
+msgid "failed to allocate memory"
+msgstr ""
+
+msgid "failed to create backup file"
+msgstr ""
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr ""
diff --git a/po/sk.po b/po/sk.po
new file mode 100644
index 0000000..9828382
--- /dev/null
+++ b/po/sk.po
@@ -0,0 +1,3801 @@
+# Slovak translation of shadow-utils.
+#
+# Ivan Masár <helix84@centrum.sk>, 2008, 2009.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.17\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2011-11-26 22:06+0100\n"
+"Last-Translator: Ivan Masár <helix84@centrum.sk>\n"
+"Language-Team: Slovak <sk-i18n@lists.linux.sk>\n"
+"Language: sk\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural= (n==1) ? 1 : (n>=2 && n<=4) ? 2 : 0;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Existuje viac záznamov s názvom „%s“ v %s. Prosím, napravte to pomocou pwck "
+"alebo grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "libcrypt nepodporuje metódy šifrovania? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Na konfigura�né údaje sa nedá vyhradiť dostatok miesta.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"konfigura�ná chyba - neznámy predmet „%s“ (informujte správcu systému)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Heslo: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Heslo používateľa %s:"
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Na konfigura�né údaje sa nedá vyhradiť dostatok miesta.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Menia sa informácie vypršania platnosti pre používateľa %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: vaše používateľské meno sa nedá zistiť.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: riadok %d: nedá sa nájsť používateľ %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: nedostatok pamäti\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot delete %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: nie je možné zmazať %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: chybný domovský adresár „%s“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: nie je možné odstrániť položku „%s“ z %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "lastlog: Nepodarilo sa zistiť veľkosť %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove %s: %s"
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: upozornenie: nemôžem odstrániť %s: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: premenovať: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: adresár %s sa nedá premenovať na %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: adresár %s sa nedá premenovať na %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove %s: %s"
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: upozornenie: nemôžem odstrániť %s: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "lastlog: Nepodarilo sa zistiť veľkosť %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot delete %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: nie je možné zmazať %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: súbor s tieňovými heslami sa nedá aktualizovať\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: premenovať: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: súbor %s sa nedá otvoriť\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Upozornenie: skupina %s je neznáma\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Upozornenie: príliš mnoho skupín\n"
+
+msgid "Your password has expired."
+msgstr "Uplynula platnosť vášho hesla."
+
+msgid "Your password is inactive."
+msgstr "Vaše heslo je neaktívne."
+
+msgid "Your login has expired."
+msgstr "Uplynula platnosť vášho ú�tu."
+
+msgid "  Contact the system administrator."
+msgstr "  Kontaktujte správcu systému."
+
+msgid "  Choose a new password."
+msgstr "  Zvoľte nové heslo."
+
+msgid "You must change your password."
+msgstr "Musíte si zmeniť heslo."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "O %ld dní uplynie platnosť vášho hesla.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Zajtra uplynie platnosť vášho hesla."
+
+msgid "Your password will expire today."
+msgstr "Dnes uplynie platnosť vášho hesla."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Nie je možné otvoriť rozhranie pre audit - prerušuje sa.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Nedá sa zmeniť režim vlastníka TTY štandardného vstupu: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: nepodarilo sa odmknúť %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Preplnenie prostredia\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Nemôžete zmeniť $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d chybný pokus o prihlásenie od posledného prihlásenia.\n"
+"Bol to %s na %s.\n"
+msgstr[1] ""
+"%d chybné pokusy o prihlásenie od posledného prihlásenia.\n"
+"Posledné bolo %s na %s.\n"
+msgstr[2] ""
+"%d chybných pokusov o prihlásenie od posledného prihlásenia.\n"
+"Posledné bolo %s na %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "chyba pri zmene vlastníka schránky"
+
+#, fuzzy, c-format
+#| msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: Nedá sa získať jedine�ný UID (už nie sú dostupné žiadne UID)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Nedá sa získať jedine�ný GID (už nie sú dostupné žiadne GID)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: Nedá sa získať jedine�ný UID (už nie sú dostupné žiadne UID)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: Nedá sa získať jedine�ný UID (už nie sú dostupné žiadne UID)\n"
+
+msgid "Too many logins.\n"
+msgstr "Príliš mnoho prihlásení.\n"
+
+msgid "You have new mail."
+msgstr "Máte novú poštu."
+
+msgid "No mail."
+msgstr "Nemáte žiadnu poštu."
+
+msgid "You have mail."
+msgstr "Máte poštu."
+
+msgid "no change"
+msgstr "žiadna zmena"
+
+msgid "a palindrome"
+msgstr "palindróm"
+
+msgid "case changes only"
+msgstr "iba zmeny vo veľkosti písmen"
+
+msgid "too similar"
+msgstr "veľmi podobné"
+
+msgid "too simple"
+msgstr "veľmi jednoduché"
+
+msgid "rotated"
+msgstr "opakované"
+
+msgid "too short"
+msgstr "veľmi krátke"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Heslo %s je chybné. "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: volanie pam_start() zlyhalo, chyba %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: heslo nezmenené\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: heslo bolo úspešne zmenené\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Chybné heslo pre %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: zlyhalo odstránenie právomocí (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: chybné telefónne �íslo domov: „%s“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"neplatná hodnota ENCRYPT_METHOD: „%s“.\n"
+"Používa sa štandardná hodnota DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Aktuálny adresár sa nedá nastaviť na „%s“\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Žiadny adresár, prihlásenie s HOME na /"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s sa nedá spustiť."
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Chybný koreňový adresár „%s“\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Koreňový adresár sa nedá zmeniť na „%s“\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Nedá sa zistiť názov vášho tty."
+
+msgid "No"
+msgstr "Nie"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] ÚČET\n"
+"\n"
+"Voľby:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+"  -d, --lastday POSL_DEN        nastaví dátum poslednej zmeny hesla na "
+"POSL_DEN\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -E, --expiredate EXP_DATUM    nastaví dátum vypršania platnosti ú�tu na\n"
+"                                EXP_DATUM\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr "  -h, --help                    zobrazí tohto pomocníka a ukon�í sa\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive NEAKTIV        nastaví nefunk�nosť hesla na NEAKTIV dní\n"
+"                                po vypršaní platnosti ú�tu\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr "  -l, --list                    zobrazí �asové údaje o ú�te\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays MIN_DN�         nastaví minimálny po�et dní pred zmenou\n"
+"                                hesla na MIN_DN�\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays MAX_DN�         nastaví maximálny po�et dní pred zmenou\n"
+"                                hesla na MAX_DN�\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -W, --warndays UPOZ_DN�       nastaví upozornenie o platnosti ú�tu na "
+"UPOZ_DN�\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+"Zadajte novú hodnotu alebo stla�te ENTER pre použitie predvolenej hodnoty"
+
+msgid "Minimum Password Age"
+msgstr "Minimálna doba platnosti hesla"
+
+msgid "Maximum Password Age"
+msgstr "Maximálna doba platnosti hesla"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Posledná zmena hesla (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Upozornenie o uplynutí doby platnosti hesla"
+
+msgid "Password Inactive"
+msgstr "Ne�inné heslo"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Uplynutie platnosti ú�tu (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Posledná zmena hesla\t\t\t\t\t: "
+
+msgid "never"
+msgstr "nikdy"
+
+msgid "password must be changed"
+msgstr "heslo je potrebné zmeniť"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Platnosť hesla uplynie\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Neaktívne heslo\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Platnosť ú�tu uplynie\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Minimálny po�et dní medzi zmenami hesla\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Maximálny po�et dní medzi zmenami hesla\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Po�et dní upozornenia pred vypršaním platnosti hesla\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: chybný dátum „%s“\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: chybný �íselný parameter „%s“\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: nepoužívajte „l“ s ostatnými príznakmi\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Odmietnutý prístup.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: vaše používateľské meno sa nedá zistiť.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: nedá sa zamknúť %s, skúste to opäť neskôr\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: súbor %s sa nedá otvoriť\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: chyba pri zapisovaní zmien do %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: zlyhalo pripravenie novej položky %s „%s“\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: súbor s tieňovými heslami nie je dostupný\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: používateľ „%s“ neexistuje v %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Menia sa informácie vypršania platnosti pre používateľa %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: chyba pri zmene položiek\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] [ÚČET]\n"
+"\n"
+"Voľby:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr "  -u, --help                    zobrazí tohto pomocníka a ukon�í sa\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Celé meno"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Číslo miestnosti"
+
+msgid "Work Phone"
+msgstr "Telefón do zamestnania"
+
+msgid "Home Phone"
+msgstr "Telefón domov"
+
+msgid "Other"
+msgstr "Ostatné"
+
+msgid "Cannot change ID to root.\n"
+msgstr "ID sa nedá zmeniť na root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: meno so znakmi, ktoré nie sú v ASCII: „%s“\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: chybné meno: „%s“\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: �íslo miestnosti so znakmi, ktoré nie sú v ASCII: „%s“\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: chybné �íslo miestnosti: „%s“\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: chybné telefónne �íslo do zamestnania: „%s“\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: chybné telefónne �íslo domov: „%s“\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: „%s“ obsahuje znaky, ktoré nie sú v ASCII\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: „%s“ obsahuje chybné znaky\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: používateľ „%s“ neexistuje\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: na NIC klientovi sa nedá zmeniť používateľ „%s“.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: „%s“ je hlavným NIS serverom pre tohto klienta.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Mením informácie o používateľovi %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: položka je príliš dlhá\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby]\n"
+"\n"
+"Voľby:\n"
+
+#, fuzzy, c-format
+#| msgid "  -c, --crypt-method            the crypt method (one of %s)\n"
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method            metóda šifrovania (jedna z %s)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr "  -e, --encrypted               zadané heslá sú zakódované\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     použije MD5 kódovanie namiesto DES, ak\n"
+"                                zadané heslá nie sú zakódované\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"  -s, --sha-rounds              po�et cyklov šifrovacích\n"
+"                                algoritmov SHA*\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: prepína� %s je povolený iba s prepína�om %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: voľby -c, -e a -m sa navzájom vylu�ujú\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: nepodporovaná metóda šifrovania: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: riadok %d je príliš dlhý\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: riadok %d: chýba nové heslo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: zlyhalo odstránenie %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: riadok %d: skupina „%s“ neexistuje\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: riadok %d: nepodarilo sa pripraviť novú položku %s „%s“\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: zistená chyba, zmeny budú zamietnuté\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: user '%s' does not exist\n"
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: riadok %d: používateľ „%s“ neexistuje\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: riadok %d: používateľ „%s“ neexistuje\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Predvolený shell"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Nemôžete zmeniť shell pre „%s“.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Mením predvolený shell pre %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Chybná položka: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s je neplatný shell\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: používateľ %s neexistuje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: upozornenie: vlastníkom %s nie je %s\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: voľby %s a %s sú v konflikte\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: neo�akávaný argument: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+"  -a, --all                     zobrazí faillog záznamy všetkých "
+"používateľov\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-secs SEC           po chybnom prihlásení zablokuje ú�et na SEC\n"
+"                                sekúnd\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum MAX             nastaví maximálny po�et chybných prihlásení\n"
+"                                na MAX\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+"  -r, --reset                   vynuluje po�ítadlá chybných prihlásení\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time DAYS               zobrazí záznamy faillog nie staršie ako\n"
+"                                DAYS dní\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user LOGIN              zobrazí záznam faillog alebo nastaví "
+"po�ítadlá\n"
+"                                chybných prihlásení a limitov (iba s "
+"použitím\n"
+"                                volieb -r, -m or -l) pre používateľa s "
+"loginom\n"
+"                                LOGIN\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Nepodarilo sa získať položku s UID %lu\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Login       Chybné   Najviac Posledné                 Na\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus ostalo]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds zámok]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Nepodarilo sa znulovať po�et chýb pre UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Nepodarilo sa nastaviť max. pre UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Nepodarilo sa nastaviť �as zamknutia pre UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Neznámy používateľ alebo rozsah: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Nepodarilo sa zistiť veľkosť %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: zlyhalo odstránenie %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Použitie: %s [vstup]\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -A, --administrators ADMIN,...\n"
+#| "                                set the list of administrators for GROUP\n"
+#| "Except for the -A and -M options, the options cannot be combined.\n"
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators ADMIN,...\n"
+"                                nastaviť zoznam správcov SKUPINY\n"
+"Okrem volieb -A a -M nie je možné voľby kombinovať.\n"
+
+#, fuzzy
+#| msgid "The options cannot be combined.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Voľby nie je možné kombinovať.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Voľby nie je možné kombinovať.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: prepína� -A funguje iba s tieňovými heslami skupín\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: skupina „%s“ neexistuje v %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: chyba pri zatváraní %s iba na �ítanie\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Menísa heslo skupiny %s\n"
+
+msgid "New Password: "
+msgstr "Nové heslo: "
+
+msgid "Re-enter new password: "
+msgstr "Zadajte znova nové heslo: "
+
+msgid "They don't match; try again"
+msgstr "Nezhodujú sa; skúste to znova"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Skúste to neskôr\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Pridáva sa používateľ %s do skupiny %s.\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Odstraňuje sa používateľ %s zo skupiny %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: používateľ „%s“ nie je �lenom „%s“\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Nejedná sa o tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] SKUPINA\n"
+"\n"
+"Voľby:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr "  -g, --gid GID                 pre novú skupinu použije GID\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  vytvorí systémový ú�et\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: „%s“ nie je platným názvom skupiny\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: chybný ID skupiny „%s“\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: prepína� -K vyžaduje argument typu MENO=HODNOTA\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: skupina „%s“ už existuje\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID „%lu“ už existuje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: vaše používateľské meno sa nedá zistiť.\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -r, --reset                   reset the counters of login failures\n"
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+"  -r, --reset                   vynuluje po�ítadlá chybných prihlásení\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: nie je možné odstrániť položku „%s“ z %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: nie je možné odstrniť primárnu skupinu používateľa „%s“.\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: skupina „%s“ neexistuje\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: skupina „%s“ je skupinou NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s je hlavným NIS serverom\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: používateľ „%s“ je �lenom „%s“\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Nedostatok pamäte. Nie je možné aktualizovať %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] [operácia]\n"
+"\n"
+"Voľby:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group groupname         zmeniť názov skupiny namiesto skupiny\n"
+"                                používateľa (iba root)\n"
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+"  -a, --add používateľ          pridať používateľa medzi �lenov skupiny\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+"  -d, --delete používateľ       odobrať používateľa spomedzi �lenov skupiny\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr "  -p, --purge                   odstrániť všetkých �lenov skupiny\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    vypísať �lenov skupiny\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: meno vašej skupiny sa nezhoduje s vašim používateľským menom\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: iba root môže používať voľbu -g/--group\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: chybné pomenovanie skupiny „%s“\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: skupina %s je NIS skupinou\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: používateľ %s je neznámy\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] [súbor_so_skupinami [súbor_s_tieňovými_skupinami]]\n"
+"\n"
+"Voľby:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] [súbor_so_skupinami]\n"
+"\n"
+"Voľby:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s a -r nie sú zlu�iteľné\n"
+
+msgid "invalid group file entry"
+msgstr "chybná položka v súbore so skupinami"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "zmazať riadok „%s“? "
+
+msgid "duplicate group entry"
+msgstr "v súbore so skupinami sa vyskytuje zdvojená položka"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "chybné pomenovanie skupiny „%s“\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "chybný ID skupiny „%lu“\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "skupina %s: používateľ %s neexistuje\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "zmazať �lena „%s“? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "neexistuje zodpovedajúca položka skupiny v súbore %s\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "pridať skupinu „%s“ do %s?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "chybná položka v súbore s tieňovými skupinami"
+
+msgid "duplicate shadow group entry"
+msgstr "v súbore s tieňovými skupinami sa vyskytuje zdvojená položka"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "tieňová skupina %s: správca %s neexistuje\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "zmazať správcu „%s“? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "tieňová skupina %s: používateľ %s neexistuje\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: súbory boli aktualizované\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: bezo zmien\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: nie je možné zmazať %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Použitie: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Použitie: id\n"
+
+msgid " groups="
+msgstr " skupiny="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+"  -a, --all                     zobrazí faillog záznamy všetkých "
+"používateľov\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+"  -a, --all                     zobrazí faillog záznamy všetkých "
+"používateľov\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr "Používateľ       Port     Z                Naposledy"
+
+msgid "Username                Port     Latest"
+msgstr "Používateľ              Port     Naposledy"
+
+msgid "**Never logged in**"
+msgstr "**Nebol nikdy prihlásený**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Nepodarilo sa získať položku s UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: súbor s heslami sa nedá aktualizovaťt\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Použitie: %s [-p] [meno]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "          %s [-p] [-h po�íta�] [-f meno]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "          %s [-p] -r po�íta�\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Chybný �as prihlásenia"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Systém je uzavretý kvôli pravidelnej údržbe."
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Odpojenie vynechané -- používateľ root sa môže prihlásiť.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr "Žiaden utmp záznam. Musíte spustiť „login“ z najnižšej inštancie „sh“"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Uplynul �asový limit (%u sekúnd) na prihlásenie.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "prihlásenie: Chyba PAM, ukon�uje sa: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s prihlasovacie meno: "
+
+msgid "login: "
+msgstr "Prihlasovacie meno: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Prekro�ený maximálny po�et pokusov (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "prihlásenie: PAM prerušenie\n"
+
+msgid "Login incorrect"
+msgstr "Chybné prihlásenie"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: riadok %d: nedá sa nájsť používateľ %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"Prihlasovacie meno na %s: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: chybné vetvenie: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY zlyhalo na %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Upozornenie: po do�asnom zákaze je prihlasovanie opäť povolené."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Posledné prihlásenie: %s na %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Posledné prihlásenie: %.19s na %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " z %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"�as na prihlásenie uplynul\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Použitie: logout\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Použitie: newgrp [-] [skupina]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Použitie: sg skupina [[-c] príkaz]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: zlyhalo odstránenie %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Neplatné heslo.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: chybné vetvenie: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID „%lu“ neexistuje\n"
+
+msgid "too many groups\n"
+msgstr "príliš mnoho skupín\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: skupina „%s“ je tieňová skupina, ale neexistuje v /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: chybný ID používateľa „%s“\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: chybné používateľské meno „%s“\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: riadok %d: chybný riadok\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: záznam používateľa %s sa nedá aktualizovať (nie je v databáze passwd)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: riadok %d: nedá sa vytvoriť používateľ\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: riadok %d: nedá sa vytvoriť skupina\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: riadok %d: používateľ „%s“ neexistuje v %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: riadok %d: heslo sa nedá aktualizovať\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: riadok %d: volanie mkdir zlyhalo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: riadok %d: volanie chown zlyhalo\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: riadok %d: položka sa nedá aktualizovať\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: zlyhalo pripravenie novej položky %s „%s“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: nie je možné vytvoriť používateľa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: súbor s heslami sa nedá aktualizovať\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr "  -a, --all                     zobrazí stav hesiel pre všetky ú�ty\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr "  -d, --delete                  odstráni heslo pre zadaný ú�et\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  vynúti platnosť hesla pre zadaný ú�et\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+"  -k, --keep-tokens             zmení heslo iba v prípade vypršania �asu\n"
+"                                jeho platnosti\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive INACTIVE       nastaví neplatnosť hesla po vypršaní �asu\n"
+"                                platnosti na INACTIVE dní\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr "  -l, --lock                    zablokuje zadaný ú�et\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays MIN_DN�         nastaví minimálny po�et dní pred zmenou\n"
+"                                hesla na MIN_DN� dní\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   stru�ný režim\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr "  -r, --repository REPOSITORY   zmení heslo v repozitári REPOSITORY\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr "  -S, --status                  zobrazí stav hesla pre zadaný ú�et\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr "  -u, --unlock                  odblokuje zadaný ú�et\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -w, --warndays WARN_DAYS      nastaví po�et dní na upozornenie o vypršaní\n"
+"                                platnosti na WARN_DAYS dní\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays MAX_DN�         nastaví maximálny po�et dní pred zmenou\n"
+"                                hesla na MAX_DN� dní\n"
+
+msgid "Old password: "
+msgstr "Staré heslo: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Zadajte nové heslo (po�et znakov najmenej %d).\n"
+"Použijte kombináciu veľkých a malých písmen s �íslicami.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Zadajte nové heslo (po�et znakov v intervale %d až %d).\n"
+"Použijte kombináciu veľkých a malých písmen s �íslicami.\n"
+
+msgid "New password: "
+msgstr "Nové heslo: "
+
+msgid "Try again."
+msgstr "Skúste to znova."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Upozornenie: slabé heslo (ak ho chcete naozaj použiť, znova ho zadajte)."
+
+msgid "They don't match; try again.\n"
+msgstr "Nezhodujú sa; skúste to znova.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Heslo pre %s sa nedá zmeniť.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Heslo pre %s sa zatiaľ nedá zmeniť.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: odomknutie používateľa by malo za následok ú�et bez hesla.\n"
+"Tento ú�et by ste mali odomknúť nastavením hesla pomocou usermod -p.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: úložisko %s nie je podporované\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s nemá oprávnenie zmeniť heslo %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Nemôžete prezerať alebo meniť informácie o hesle pre %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Mení sa heslo používateľovi %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Heslo používateľa %s nebolo zmenené.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: heslo bolo zmenené.\n"
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Upozornenie o uplynutí doby platnosti hesla"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] [súbor_s_heslami]\n"
+"\n"
+"Voľby:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] [súbor_s_heslami [súbor_s_tieňovými_heslami]]\n"
+"\n"
+"Voľby:\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "chybná položka v súbore s heslami"
+
+msgid "duplicate password entry"
+msgstr "duplikovaná položka v súbore s heslami"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "chybné používateľské meno „%s“\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "chybný ID používateľa „%lu“\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "používateľ „%s“: skupina %lu neexistuje\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "používateľ „%s“: adresár „%s“ neexistuje\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "používateľ „%s“: program „%s“ neexistuje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: súbor %s sa nedá zamknúť\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "neexistuje zodpovedajúca položka hesla v súbore %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "pridať používateľa „%s“ do %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "chybná položka v súbore s tieňovými heslami"
+
+msgid "duplicate shadow password entry"
+msgstr "duplicitná položka v súbore s tieňovými heslami"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "používateľ %s: posledná zmena hesla v budúcnosti\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: nie je možné zoradiť položdy v %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: súbor sa nedá prepísať\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: lastlog: Nepodarilo sa zmeniť režim %s na 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Z tohto ú�tu je prístup k su ZAK�ZAN�.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Overenie hesla vynechané.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Pre overenie zadajte VAŠE vlastné heslo.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: súbor %s sa nedá zamknúť\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Použitie: su [voľby] [ÚČET]\n"
+"\n"
+"Voľby:\n"
+"  -c, --command PR�KAZ          odovzdá PR�KAZ vyvolanému shell-u\n"
+"  -h, --help                    zobrazí tohto pomocníka a ukon�í sa\n"
+"  -, -l, --login                nastaví shell ako prihlasovací shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        zachová premenné prostredia a ponechá\n"
+"                                ten istý shell\n"
+"  -s, --shell SHELL             použije SHELL namiesto predvoleného v "
+"passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorujem)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Nie ste oprávnení používať su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Zadajte vaše heslo)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: Autentifikácia zlyhala\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Nie ste momentálne oprávnení používať su\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "V súbore passwd nie je položka pre používateľa „root“"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: musí byť spustené z terminálu\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: chyba %d\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "lastlog: Nepodarilo sa zistiť veľkosť %s: %s\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "%s sa nedá spustiť\n"
+
+msgid "No password file"
+msgstr "Súbor s heslami neexistuje"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY zlyhalo"
+
+msgid "No password entry for 'root'"
+msgstr "V súbore passwd nie je položka pre používateľa „root“"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Stla�te control-d pre normálne spustenie systému,\n"
+"(alebo zadajte heslo používateľa root pre údržbu systému):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Prepnutie do režimu údržby systému"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: nedá sa vytvoriť nový súbor s predvolenými hodnotami\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: nedá sa otvoriť nový súbor s predvolenými hodnotami\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: riadok %d: volanie chown zlyhalo\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: premenovať: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: skupina „%s“ je skupinou NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: bolo zadaných príliš veľa skupín (max %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Použitie: %s [voľby] ÚČET\n"
+"          %s -D\n"
+"          %s -D [voľby]\n"
+"\n"
+"Voľby:\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -l, --no-log-init             nepridávať používateľa do databáz\n"
+"                                lastlog a faillog \n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+"  -N, --no-user-group           nevytvorí skupinu s rovnakým menom\n"
+"                                ako má používateľ\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: chybný základný adresár „%s“\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: chybný komentár „%s“\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: chybný domovský adresár „%s“\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: prepína� -e vyžaduje tieňové heslá\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: prepína� -f vyžaduje tieňové heslá\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: chybná položka „%s“\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: chybný shell „%s“\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: Nepodarilo sa obnoviť položku faillog s UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: Nepodarilo sa obnoviť položku lastlog s UID %lu: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: zlyhalo pripravenie novej položky %s „%s“\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Vytvára sa súbor mailbox"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Nebola nájdená skupina „mail“. Používateľský mailbox súbor sa vytvára s "
+"oprávneniami 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Nastavujú sa prístupové práva súboru mailbox"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: používateľ „%s“ už existuje\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: skupina %s už existuje - ak chcete pridať tohto používateľa do tejto "
+"skupiny, použijte -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: nie je možné vytvoriť používateľa\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu nie je jedine�ný\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: sa nedá vytvoriť skupina\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: nie je možné vytvoriť používateľa\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: sa nedá vytvoriť skupina\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: upozornenie: domovský adresár už existuje.\n"
+"Zo skel adresára sa tam neskopíruje žiaden súbor.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   vynúti odstránenie súborov, aj ke�\n"
+"                                používateľ nie je ich vlastníkom\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+"  -r, --remove                  odstráni domovský adresár a súbory s poštou\n"
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove the primary group of user '%s'\n"
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: nie je možné odstrniť primárnu skupinu používateľa „%s“.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: skupina %s sa nedá odstrániť, pretože je primárnou skupinou iného "
+"používateľa.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: nie je možné odstrániť položku „%s“ z %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: chybný domovský adresár „%s“\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: upozornenie: nemôžem odstrániť %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: vlastníkom %s nie je %s, nemažem ho\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: zlyhalo odstránenie právomocí (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: Cannot get the size of %s: %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "lastlog: Nepodarilo sa zistiť veľkosť %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: nie je možné odstrániť položku „%s“ z %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: používateľ %s je NIS používateľom\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: chybný domovský adresár „%s“\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: adresár %s nebudem mazať (je to domovský adresár používateľa %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: chyba pri mazaní adresára %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment KOMENT�R        nová hodnota poľa GECOS\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+"  -d, --home DOM_ADR            nový domovský adresár pre nový "
+"používateľský\n"
+"                                ú�et\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -e, --expiredate EXP_DATUM    nastaví �as vypršania platnosti ú�tu na\n"
+"                                EXP_DATUM\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive NEAKTIV        zablokuje platnosť hesla po NEAKTIV dňoch\n"
+"                                od �asu vypršania platnosti\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+"  -g, --gid SKUPINA             vynúti použitie skupiny SKUPINA ako novej\n"
+"                                prvotnej prihlasovacej skupiny\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr "  -G, --groups SKUPINY          zobrazí prídavné skupiny\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login LOGIN             nová hodnota prihlasovacieho mena\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    zablokuje používateľský ú�et\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               presunie obsah domovského adresára do "
+"nového\n"
+"                                umiestnenia (používať iba s -d)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              dovolí použitie duplicitného\n"
+"                                (nejedine�ného) UID\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+"  -p, --password HESLO          ako nové heslo použije zadané zašifrované\n"
+"                                HESLO\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr "  -u, --uid UID                 nový UID pre používateľský ú�et\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr "  -U, --unlock                  odblokuje používateľský ú�et\n"
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -d, --home HOME_DIR           new home directory for the user account\n"
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -d, --home DOM_ADR            nový domovský adresár pre nový "
+"používateľský\n"
+"                                ú�et\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: odomknutie používateľa by malo za následok ú�et bez hesla.\n"
+"Tento ú�et by ste mali odomknúť nastavením hesla pomocou usermod -p.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: používateľ %s už existuje v %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: chybný dátum „%s“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: chybný dátum „%s“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: no options\n"
+msgstr "%s: súbor %s sa nedá otvoriť\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: prepína�e -L, -p a -U sa navzájom vylu�ujú\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: prepína�e -e a -f vyžadujú tieňové heslá\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID „%lu“ už existuje\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s nemá oprávnenie zmeniť heslo %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: adresár %s už existuje\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: nedá sa vytvoriť adresár %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: upozornenie: chyba pri úplnom odstraňovaní starého domovského adresára %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: adresár %s sa nedá premenovať na %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: Nepodarilo sa skopírovať položku lastlog používateľa %lu používateľovi "
+"%lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: Nepodarilo sa skopírovať položku faillog používateľa %lu používateľovi "
+"%lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: upozornenie: vlastníkom %s nie je %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "chyba pri zmene vlastníka schránky"
+
+msgid "failed to rename mailbox"
+msgstr "chyba pri premenovaní schránky"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: zlyhalo pripravenie novej položky %s „%s“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: zlyhalo pripravenie novej položky %s „%s“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: zlyhalo pripravenie novej položky %s „%s“\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: zlyhalo pripravenie novej položky %s „%s“\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Zmenili ste %s.\n"
+"Kvôli zachovaniu konzistentnosti budete možno musieť zmeniť %s.\n"
+"Prosím, urobte tak príkazom „%s“.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   upraví databázu skupín\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd                  upraví databázu passwd\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr "  -s, --shadow                  upraví databázu shadow alebo gshadow\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: zlyhalo odstránenie %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s je bez zmien\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "chyba pri premenovaní schránky"
+
+msgid "failed to drop privileges"
+msgstr "zlyhalo odstránenie právomocí"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Súbor sa nedá zamknúť"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: zlyhalo odstránenie právomocí (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Súbor sa nedá zamknúť"
+
+msgid "Couldn't make backup"
+msgstr "Nedá sa vytvoriť záloha"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s sa nenachádza v /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Súbor so skupinami sa nedá otvoriť\n"
+
+#, fuzzy
+#| msgid "%s: failed to unlock %s\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: nepodarilo sa odmknúť %s\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "chyba pri premenovaní schránky"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "chyba pri zmene vlastníka schránky"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "chyba pri premenovaní schránky"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: %s sa nedá obnoviť: %s (zmeny sú v %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: chybný základný adresár „%s“\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Použitie: vipw [voľby]\n"
+#~ "\n"
+#~ "Voľby:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "volanie malloc(%d) zlyhalo\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -d, --lastday LAST_DAY        set last password change to LAST_DAY\n"
+#~| "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --list                    show account aging information\n"
+#~| "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "  -W, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: chage [voľby] používateľ\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday POSL_DEN        nastaví dátum poslednej zmeny hesla na "
+#~ "POSL_DEN\n"
+#~ "  -E, --expiredate EXP_DATUM    nastaví dátum vypršania platnosti ú�tu "
+#~ "na\n"
+#~ "                                EXP_DATUM\n"
+#~ "  -h, --help                    zobrazí tohto pomocníka a ukon�í sa\n"
+#~ "  -I, --inactive NEAKTIV        nastaví nefunk�nosť hesla na NEAKTIV dní\n"
+#~ "                                po vypršaní platnosti ú�tu\n"
+#~ "  -l, --list                    zobrazí �asové údaje o ú�te\n"
+#~ "  -m, --mindays MIN_DN�         nastaví minimálny po�et dní pred zmenou\n"
+#~ "                                hesla na MIN_DN�\n"
+#~ "  -M, --maxdays MAX_DN�         nastaví maximálny po�et dní pred zmenou\n"
+#~ "                                hesla na MAX_DN�\n"
+#~ "  -W, --warndays UPOZ_DN�       nastaví upozornenie o platnosti ú�tu na "
+#~ "UPOZ_DN�\n"
+#~ "\n"
+
+#  c-format
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM autentifikácia zlyhala\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Použitie: %s [-f celé_meno] [-r �íslo_miestnosti] [-w "
+#~ "telefón_do_zamestnania]\n"
+#~ "\t[-h telefón_domov] [-o ostatné] [používateľ]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Použitie: %s [-f celé_meno] [-r �íslo_miestnosti] [-w "
+#~ "telefón_do_zamestnania]\n"
+#~ "\t[-h telefón_domov]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Použitie: %s [voľby]\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ "  -c, --crypt-method            metóda šifrovania (jedna z %s)\n"
+#~ "  -e, --encrypted               zadané heslá sú zakódované\n"
+#~ "  -h, --help                    vypíše tohto pomocníka a ukon�í sa\n"
+#~ "  -m, --md5                     použije MD5 kódovanie namiesto DES, ak\n"
+#~ "                                zadané heslá nie sú zakódované\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: chsh [voľby] ÚČET\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ "  -h, --help                    zobrazí tohto pomocníka a ukon�í sa\n"
+#~ "  -s, --shell SHELL             nový prihlasovací shell používateľského "
+#~ "ú�tu\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Použitie: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "faillog: Failed to get the entry for UID %d\n"
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: Nepodarilo sa získať položku s UID %d\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: Súbor %s sa nedá otvoriť: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: Nepodarilo sa zistiť veľkosť %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Použitie: groupdel skupina\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr ""
+#~ "Použitie: %s [-r] [-s] [súbor_so_skupinami "
+#~ "[súbor_s_tieňovými_skupinami]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Použitie: %s [-r] [-s] [súbor_so_skupinami]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s a -r nie sú zlu�iteľné\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Použitie: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Použitie: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: lastlog [voľby]\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ "  -b, --before DAYS     vypíše posledné prihlásenia staršie ako DAYS dní\n"
+#~ "  -h, --help            zobrazí tohto pomocníka a ukon�í sa\n"
+#~ "  -t, --time DAYS       vypíše posledné prihlásenia nie staršie ako DAYS "
+#~ "dní\n"
+#~ "  -u, --user LOGIN      vypíše posledné prihlásenia používateľa "
+#~ "uvedeného\n"
+#~ "                        ako LOGIN\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: passwd [voľby] [ÚČET]\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ "  -a, --all                     zobrazí stav hesiel pre všetky ú�ty\n"
+#~ "  -d, --delete                  odstráni heslo pre zadaný ú�et\n"
+#~ "  -e, --expire                  vynúti platnosť hesla pre zadaný ú�et\n"
+#~ "  -h, --help                    zobrazí tohto pomocníka a ukon�í sa\n"
+#~ "  -k, --keep-tokens             zmení heslo iba v prípade vypršania �asu\n"
+#~ "                                jeho platnosti\n"
+#~ "  -i, --inactive INACTIVE       nastaví neplatnosť hesla po vypršaní "
+#~ "�asu\n"
+#~ "                                platnosti na INACTIVE dní\n"
+#~ "  -l, --lock                    zablokuje zadaný ú�et\n"
+#~ "  -n, --mindays MIN_DN�         nastaví minimálny po�et dní pred zmenou\n"
+#~ "                                hesla na MIN_DN� dní\n"
+#~ "  -q, --quiet                   stru�ný režim\n"
+#~ "  -r, --repository REPOSITORY   zmení heslo v repozitári REPOSITORY\n"
+#~ "  -S, --status                  zobrazí stav hesla pre zadaný ú�et\n"
+#~ "  -u, --unlock                  odblokuje zadaný ú�et\n"
+#~ "  -w, --warndays WARN_DAYS      nastaví po�et dní na upozornenie o "
+#~ "vypršaní\n"
+#~ "                                platnosti na WARN_DAYS dní\n"
+#~ "  -x, --maxdays MAX_DN�         nastaví maximálny po�et dní pred zmenou\n"
+#~ "                                hesla na MAX_DN� dní\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr ""
+#~ "Použitie: %s [-q] [-r] [-s] [súbor_s_heslami "
+#~ "[súbor_s_tieňovými_heslami]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr ""
+#~ "Použitie: %s [-q] [-r] [-s] [súbor_s_heslami "
+#~ "[súbor_s_tieňovými_heslami]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Použitie: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Použitie: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Id %s je neznáme.\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Žiadny shell\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: userdel [voľby] LOGIN\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ "  -f, --force                   vynúti odstránenie súborov, aj ke�\n"
+#~ "                                používateľ nie je ich vlastníkom\n"
+#~ "  -h, --help                    zobrazí tohto pomocníka a ukon�í sa\n"
+#~ "  -r, --remove                  odstráni domovský adresár a súbory s "
+#~ "poštou\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: používateľ %s je práve prihlásený\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: usermod [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~| "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~| "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~| "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~| "  -a, --append                  append the user to the supplemental "
+#~| "GROUPS\n"
+#~| "                                mentioned by the -G option without "
+#~| "removing\n"
+#~| "                                him/her from other groups\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~| "  -L, --lock                    lock the user account\n"
+#~| "  -m, --move-home               move contents of the home directory to "
+#~| "the\n"
+#~| "                                new location (use only with -d)\n"
+#~| "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~| "  -p, --password PASSWORD       use encrypted password for the new "
+#~| "password\n"
+#~| "  -s, --shell SHELL             new login shell for the user account\n"
+#~| "  -u, --uid UID                 new UID for the user account\n"
+#~| "  -U, --unlock                  unlock the user account\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Použitie: usermod [voľby] ÚČET\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ "  -c, --comment KOMENT�R        nová hodnota poľa GECOS\n"
+#~ "  -d, --home DOM_ADR            nový domovský adresár pre nový "
+#~ "používateľský\n"
+#~ "                                ú�et\n"
+#~ "  -e, --expiredate EXP_DATUM    nastaví �as vypršania platnosti ú�tu na\n"
+#~ "                                EXP_DATUM\n"
+#~ "  -f, --inactive NEAKTIV        zablokuje platnosť hesla po NEAKTIV "
+#~ "dňoch\n"
+#~ "                                od �asu vypršania platnosti\n"
+#~ "  -g, --gid SKUPINA             vynúti použitie skupiny SKUPINA ako "
+#~ "novej\n"
+#~ "                                prvotnej prihlasovacej skupiny\n"
+#~ "  -G, --groups SKUPINY          zobrazí prídavné skupiny\n"
+#~ "  -a, --append SKUPINA          pridá používateľa do �alšej skupiny\n"
+#~ "  -h, --help                    zobrazí tohto pomocníka a ukon�í sa\n"
+#~ "  -l, --login LOGIN             nová hodnota prihlasovacieho mena\n"
+#~ "  -L, --lock                    zablokuje používateľský ú�et\n"
+#~ "  -m, --move-home               presunie obsah domovského adresára do "
+#~ "nového\n"
+#~ "                                umiestnenia (používať iba s -d)\n"
+#~ "  -o, --non-unique              dovolí použitie duplicitného\n"
+#~ "                                (nejedine�ného) UID\n"
+#~ "  -p, --password HESLO          ako nové heslo použije zadané "
+#~ "zašifrované\n"
+#~ "                                HESLO\n"
+#~ "  -s, --shell SHELL             nový prihlasovací shell pre "
+#~ "používateľský\n"
+#~ "                                ú�et\n"
+#~ "  -u, --uid UID                 nový UID pre používateľský ú�et\n"
+#~ "  -U, --unlock                  odblokuje používateľský ú�et\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: žiadne prepína�e\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: vipw [voľby]\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ "  -g, --group                   upraví databázu skupín\n"
+#~ "  -h, --help                    zobrazí tohto pomocníka a ukon�í sa\n"
+#~ "  -p, --passwd                  upraví databázu passwd\n"
+#~ "  -q, --quiet                   stru�ný režim\n"
+#~ "  -s, --shadow                  upraví databázu shadow alebo gshadow\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [option] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --add USER                add USER to GROUP\n"
+#~ "  -d, --delete USER             remove USER from GROUP\n"
+#~ "  -r, --remove-password         remove the GROUP's password\n"
+#~ "  -R, --restrict                restrict access to GROUP to its members\n"
+#~ "  -M, --members USER,...        set the list of members of GROUP\n"
+#~ "%s\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: %s [voľba] SKUPINA\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ "  -a, --add POUŽ                pridať POUŽ do SKUPINY\n"
+#~ "  -d, --delete POUŽ             odstrániť POUŽ zo SKUPINY\n"
+#~ "  -r, --remove-password         odstrániť heslo SKUPINY\n"
+#~ "  -R, --restrict                obmedziť prístup do SKUPINY iba na jej "
+#~ "�lenov\n"
+#~ "  -M, --members POUŽ,...        nastaviť zoznam �lenov SKUPINY\n"
+#~ "%s\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmems [options] [action]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group groupname         change groupname instead of the user's "
+#~ "group\n"
+#~ "                                (root only)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ "  -a, --add username            add username to the members of the group\n"
+#~ "  -d, --delete username         remove username from the members of the "
+#~ "group\n"
+#~ "  -p, --purge                   purge all members from the group\n"
+#~ "  -l, --list                    list the members of the group\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: groupmems [voľby] [operácia]\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ "  -g, --group groupname         zmeniť názov skupiny namiesto skupiny "
+#~ "používateľa\n"
+#~ "                                (iba root)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ "  -a, --add používateľ           pridať používateľa medzi �lenov skupiny\n"
+#~ "  -d, --delete používateľ       odobrať používateľa spomedzi �lenov "
+#~ "skupiny\n"
+#~ "  -p, --purge                   odstrániť všetkých �lenov skupiny\n"
+#~ "  -l, --list                    vypísať �lenov skupiny\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Použitie: %s [vstup]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: %s sa nedá vytvoriť\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: volanie chown pre %s zlyhalo\n"
+
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: faillog [voľby]\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ "  -a, --all             zobrazí faillog záznamy všetkých používateľov\n"
+#~ "  -h, --help            zobrazí tohto pomocníka a ukon�í sa\n"
+#~ "  -l, --lock-time SEC   po chybnom prihlásení zablokuje ú�et na SEC "
+#~ "sekúnd\n"
+#~ "  -m, --maximum MAX     nastaví maximálny po�et chybných prihlásení na "
+#~ "MAX\n"
+#~ "  -r, --reset           vynuluje po�ítadlá chybných prihlásení\n"
+#~ "  -t, --time DAYS       zobrazí záznamy faillog nie staršie ako DAYS dní\n"
+#~ "  -u, --user LOGIN      zobrazí záznam faillog alebo nastaví po�ítadlá\n"
+#~ "                        chybných prihlásení a limitov (iba s použitím "
+#~ "volieb\n"
+#~ "                        -r, -m or -l) pre používateľa s loginom LOGIN\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: groupadd [voľby] SKUPINA\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ "  -f, --force                   vynúti úspešnú návratovú hodnotu aj "
+#~ "napriek\n"
+#~ "                                existencii zadanej skupiny\n"
+#~ "  -g, --gid GID                 pre novú skupinu použije GID\n"
+#~ "  -h, --help                    zobrazí tohto pomocníka a ukon�í sa\n"
+#~ "  -K, --key KEY=VALUE           nahradí predvolené hodnoty z /etc/login."
+#~ "defs\n"
+#~ "  -o, --non-unique              povolí vytvorenie skupiny s duplicitným\n"
+#~ "                                (nejedine�ným) GID\n"
+#~ "  -p, --password PASSWORD       použije pre novú skupinu šifrované heslo\n"
+#~ "  -r, --system                  vytvorí systémový ú�et\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: groupmod [voľby] SKUPINA\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ "  -g, --gid GID                 pre novú skupinu použije GID\n"
+#~ "  -h, --help                    zobrazí tohto pomocníka a ukon�í sa\n"
+#~ "  -n, --new-name NOV�_SKUP      vynúti pre SKUPINu meno NOV�_SKUP\n"
+#~ "  -o, --non-unique              povolí vytvorenie skupiny s duplicitným\n"
+#~ "                                (nejedine�ným) GID\n"
+#~ "  -p, --password PASSWORD       nové heslo bude šifrované\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: useradd [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~| "                                home directory\n"
+#~| "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~| "account\n"
+#~| "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~| "  -D, --defaults                print or save modified default useradd\n"
+#~| "                                configuration\n"
+#~| "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -g, --gid GROUP               force use GROUP for the new user "
+#~| "account\n"
+#~| "  -G, --groups GROUPS           list of supplementary groups for the "
+#~| "new\n"
+#~| "                                user account\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~| "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~| "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~| "                                faillog databases\n"
+#~| "  -m, --create-home             create home directory for the new user\n"
+#~| "                                account\n"
+#~| "  -M, --no-create-home          do not create user's home directory\n"
+#~| "                                (overrides /etc/login.defs)\n"
+#~| "  -N, --no-user-group           do not create a group with the same name "
+#~| "as\n"
+#~| "                                the user\n"
+#~| "  -o, --non-unique              allow create user with duplicate\n"
+#~| "                                (non-unique) UID\n"
+#~| "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~| "                                account\n"
+#~| "  -r, --system                  create a system account\n"
+#~| "  -s, --shell SHELL             the login shell for the new user "
+#~| "account\n"
+#~| "  -u, --uid UID                 force use the UID for the new user "
+#~| "account\n"
+#~| "  -U, --user-group              create a group with the same name as the "
+#~| "user\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Použitie: useradd [voľby] ÚČET\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ "  -b, --base-dir Z�KL_ADR       základný adresár domovského adresára "
+#~ "nového\n"
+#~ "                                používateľského ú�tu\n"
+#~ "  -c, --comment KOMENT�R        nastaví pole GECOS nového ú�tu\n"
+#~ "  -d, --home-dir DOM_ADR        domovský adresár nového ú�tu\n"
+#~ "  -D, --defaults                vypíše alebo nastaví predvolené "
+#~ "nastavenia\n"
+#~ "                                programu useradd\n"
+#~ "  -e, --expiredate EXP_DATUM    nastaví �as vypršania platnosti ú�tu na\n"
+#~ "                                EXP_DATUM\n"
+#~ "  -f, --inactive NEAKTIV        zablokuje ú�et po NEAKTIV dňoch od �asu\n"
+#~ "                                vypršania platnosti\n"
+#~ "  -g, --gid SKUPINA             vynúti použitie tejto skupiny pre nový "
+#~ "ú�et\n"
+#~ "  -G, --groups SKUPINY          zoznam �alších skupín, do ktorých má\n"
+#~ "                                patriť nový ú�et\n"
+#~ "  -h, --help                    zobrazí tohto pomocníka a skon�í\n"
+#~ "  -k, --skel VZOR_ADR           zadá alternatívny vzorový adresár\n"
+#~ "  -K, --key KĽÚČ=HODNOTA        nahradí predvolené nastavenia /etc/login."
+#~ "defs\n"
+#~ "  -l, --no-log-init             nepridávať používateľa do databáz\n"
+#~ "                                lastlog a faillog \n"
+#~ "  -m, --create-home             vytvorí domovský adresár pre nový\n"
+#~ "                                používateľský ú�et\n"
+#~ "  -N, --no-user-group           nevytvorí skupinu s rovnakým menom\n"
+#~ "                                ako má používateľ\n"
+#~ "  -o, --non-unique              povolí vytvorenie používateľa s "
+#~ "duplicitným\n"
+#~ "                                (nejedine�ným) UID\n"
+#~ "  -p, --password HESLO          pre nový ú�et použije zadané zašifrované\n"
+#~ "                                heslo\n"
+#~ "  -r, --system                  vytvorí systémový ú�et\n"
+#~ "  -s, --shell SHELL             prihlasovací shell nového ú�tu\n"
+#~ "  -u, --uid UID                 vynúti použitie tohto UID pre nový ú�et\n"
+#~ "  -U, --user-group              vytvorí skupinu s rovnakým menom\n"
+#~ "                                ako má používateľ\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -r, --system                  create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Použitie: %s [voľby] [vstup]\n"
+#~ "\n"
+#~ "  -c, --crypt-method            metóda šifrovania (jedna z %s)\n"
+#~ "  -r, --system                  vytorí systémové ú�ty\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Uplynula platnosť vášho hesla."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: súbor s heslami sa nedá zamknúť\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: súbor s heslami sa nedá otvoriť\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá zamknúť\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá otvoriť\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá prepísať\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: súbor s heslami sa nedá prepísať\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá aktualizovať\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tCelé meno: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tČíslo miestnosti: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTelefón do zamestnania: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTelefón domov: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Nedá sa zamknúť súbor s heslami; skúste to neskôr.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Súbor s heslami sa nedá otvoriť.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Chyba pri aktualizácii záznamu hesla.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Nedajú sa vykonať zmeny v súbore s heslami.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Súbor s heslami sa nedá odomknúť.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: súbor so skupinami sa nedá zamknúť\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: súbor so skupinami sa nedá otvoriť\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: súbor s tieňovými heslami skupín sa nedá zamknúť\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá otvoriť\n"
+
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: chyba pri aktualizácii súboru gshadow\n"
+
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: chyba pri aktualizácii súboru so skupinami\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: riadok %d: skupina %s je neznáma\n"
+
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: riadok %d: sa nedá aktualizovať položka súboru so skupinami\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá zamknúť\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: chyba pri aktualizácii súboru s tieňovými heslami\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: chyba pri aktualizácii súboru s heslami\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: riadok %d: používateľ %s je neznámy\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: riadok %d: záznam hesla sa nedá aktualizovať\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: neznámy používateľ\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Používateľ %s je neznámy.\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Použitie: %s [-r|-R] skupina\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "       %s [-a používateľ] skupina\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "       %s [-d používateľ] skupina\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "       %s [-A používateľ,...] [-M používateľ,...] skupina\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "       %s [-M používateľ,...] skupina\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: nedá sa získať zámok\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: nedá sa získať zámok pre súbor s tieňovými heslami\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: nedá sa otvoriť súbor\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá prepísať\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: súbor sa nedá odomknúť\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: položka sa nedá aktualizovať\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: položka súboru s tieňovými heslami sa nedá aktualizovať\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "skupina %s je neznáma\n"
+
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: nedá sa zatvoriť súbor\n"
+
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá zatvoriť\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Kto ste?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: �len %s je neznámy\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: chyba pri pridávaní položky do súboru so skupinami\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: súbor so skupinami sa nedá prepísať\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: súbor s tieňovými skupinami sa nedá prepísať\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: súbor so skupinami sa nedá zamknúť\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: súbor so skupinami sa nedá otvoriť\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: súbor s tieňovými skupinami sa nedá zamknúť\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: súbor s tieňovými skupinami sa nedá otvoriť\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u nie je jedine�ný\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: chyba pri odstraňovaní položky zo súboru so skupinami\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr ""
+#~ "%s: chyba pri odstraňovaní položky zo súboru s tieňovými skupinami\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: primárna skupina používateľa sa nedá odstrániť\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Nebolo možné nájsť �lena, ktorého chcete odstrániť\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Použitie: groupmems -a používateľ | -d používateľ | -D | -l [-g skupina]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Iba root môže pridávať používateľov do rôznych skupín\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Vyžaduje sa prístup pre skupinu\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Nie ste primárnym vlastníkom aktuálnej skupiny\n"
+
+#  c-format
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "zlyhalo overenie PAM\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Súbor so skupinami sa nedá zamknúť\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Súbor so skupinami sa nedá zatvoriť\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s sa nenachádza v /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: GID %u nie je jedine�ný\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: meno %s nie je jedine�né\n"
+
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: súbor passwd sa nedá prepísať\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: súbor s heslami sa nedá zamknúť\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: súbor s heslami sa nedá otvoriť\n"
+
+#~ msgid ""
+#~ "%s: cannot change the primary group of user '%s' from %u to %u, since it "
+#~ "is not in the passwd file.\n"
+#~ msgstr ""
+#~ "%s: nie je možné zmeniť primárnu skupinu používateľa „%s“ z %u na %u, "
+#~ "pretože nie je v súbore passwd.\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: položka %s súboru s tieňovými heslami sa nedá aktualizovať\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: položka skupiny %s sa nedá odstrániť\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: súbor s tieňovými skupinami sa nedá zamknúť\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: súbor s tieňovými skupinami sa nedá otvoriť\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: položka tieňovej skupiny %s sa nedá odstrániť\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá aktualizovať\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: súbor s tieňovými heslami skupín sa nedá zmazať\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "neznámy UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "neznámy GID %lu\n"
+
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: ID skupiny „%s“ nie je platn7\n"
+
+#~ msgid ""
+#~ "%s: group %s created, failure during the creation of the corresponding "
+#~ "gshadow group\n"
+#~ msgstr ""
+#~ "%s: skupina %s bola vytvorená, zlyhalo vytvorenie zodpovedajúcej skupiny "
+#~ "gshadow\n"
+
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: ID používateľa „%s“ nie je platný\n"
+
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: chybné používateľské meno „%s“\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: súbor /etc/passwd sa nedá zamknúť\n"
+
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: súbor /etc/passwd sa nedá zamknúť\n"
+
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: súbor /etc/group sa nedá zamknúť\n"
+
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: súbor /etc/gshadow sa nedá zamknúť\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: súbory sa nedajú otvoriť\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: chyba pri aktualizácii súborov\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr ""
+#~ "%s: položka súboru s heslami pre používateľe %s sa nedá aktualizovať\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: súbor s heslami sa nedá zamknúť\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: súbor s heslami sa nedá otvoriť\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: položka súboru s heslami pre používateľe %s sa nedá odstrániť\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: súbor s heslami sa nedá aktualizovať\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: položka pre používateľa %s sa nedá aktualizovať\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: nemôžete zmazať súbor s tieňovými heslami\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: neznámy GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: neznáma skupina %s\n"
+
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr ""
+#~ "%s: Nedostatok pamäti. Nie je možné aktualizovať databázu tieňových "
+#~ "skupín.\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: súbor s heslami sa nedá prepísať\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá prepísať\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá zamknúť\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: súbor s tieňovými heslami sa nedá otvoriť\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: chyba pri zamykaní súboru so skupinami\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: chyba pri otváraní súboru so skupinami\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: chyba pri zamykaní súboru s tieňovými heslami\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: chyba pri otváraní súboru s tieňovými heslami\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: chyba pri vytváraní novej položky v súbore s heslami\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr ""
+#~ "%s: chyba pri vytváraní novej položky v súbore s tieňovými heslami\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: varovanie: CREATE_HOME nie je podporované, použijte prepína� -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: položka súboru so skupinami sa nedá aktualizovať\n"
+
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: chyba pri aktualizácii záznamu súboru so skupinami\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: súbor so skupinami sa nedá otvoriť\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: súbor s tieňovými skupinami sa nedá otvoriť\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: chyba pri odstraňovaní položky zo súboru s heslami\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: chyba pri odstraňovaní položky zo súboru s tieňovými heslami\n"
+
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: chyba pri pridávaní položky do súboru so skupinami\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s uid %lu nie je jedine�ný\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: chyba pri zmene položky v súbore s heslami\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: chyba pri odstraňovaní položky zo súboru s heslami\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: chyba pri odstraňovaní položky zo súboru s tieňovými heslami\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: nedá sa vytvoriť jedine�ný GID\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " na '%.100s' z '%.200s'"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " na '%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: riadok %d: nedá sa vytvoriť UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: meno %s nie je jedine�né\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Použitie: chgpasswd [voľby]\n"
+#~ "\n"
+#~ "Voľby:\n"
+#~ "  -e, --encrypted\tzadané heslá sú zakódované\n"
+#~ "  -h, --help\t\tvypíše túto nápovedu a ukon�í sa\n"
+#~ "  -m, --md5\t\tpoužije MD5 kódovanie namiesto DES, ak zadané\n"
+#~ "\t\t\theslá nie sú zakódované\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Súbor s heslami neexistuje\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Ľutujem.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Ľutujem, ale heslo pre %s sa ešte nedá zmeniť.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Ľutujem."
diff --git a/po/sq.po b/po/sq.po
new file mode 100644
index 0000000..e71064e
--- /dev/null
+++ b/po/sq.po
@@ -0,0 +1,2365 @@
+# Albanian translation of shadow.
+# Copyright (C) 2004 Free Software Foundation, Inc.
+# Elian Myftiu <elian@lycos.com>, 2004.
+#
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.3\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2004-11-20 03:28+0100\n"
+"Last-Translator: Elian Myftiu <pinguini AT fastwebnet DOT it>\n"
+"Language-Team: Albanian <gnome-albanian-perkthyesit@lists.sourceforge.net>\n"
+"Language: sq\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr ""
+
+#, c-format
+msgid "%s's Password: "
+msgstr ""
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Kujdes: ka shumë grupe\n"
+
+msgid "Your password has expired."
+msgstr "Fjalëkalimi yt ka skaduar."
+
+msgid "Your password is inactive."
+msgstr "Fjalëkalimi yt nuk është aktiv."
+
+msgid "Your login has expired."
+msgstr "Login-i yt ka skaduar."
+
+msgid "  Contact the system administrator."
+msgstr "   Kontakto administratorin e sistemit."
+
+msgid "  Choose a new password."
+msgstr "   Zgjidh një fjalëkalim të ri."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr ""
+
+#, fuzzy
+msgid "Your password will expire tomorrow."
+msgstr "Fjalëkalimi yt ka skaduar."
+
+#, fuzzy
+msgid "Your password will expire today."
+msgstr "Fjalëkalimi yt ka skaduar."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: "
+msgstr ""
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr ""
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+msgstr[1] ""
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr ""
+
+msgid "Too many logins.\n"
+msgstr ""
+
+msgid "You have new mail."
+msgstr ""
+
+msgid "No mail."
+msgstr ""
+
+msgid "You have mail."
+msgstr ""
+
+msgid "no change"
+msgstr ""
+
+msgid "a palindrome"
+msgstr ""
+
+msgid "case changes only"
+msgstr ""
+
+msgid "too similar"
+msgstr ""
+
+msgid "too simple"
+msgstr ""
+
+msgid "rotated"
+msgstr ""
+
+msgid "too short"
+msgstr ""
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr ""
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr ""
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr ""
+
+#, fuzzy
+msgid "passwd: password unchanged\n"
+msgstr "Fjalëkalimi yt ka skaduar."
+
+msgid "passwd: password updated successfully\n"
+msgstr ""
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr ""
+
+msgid "No directory, logging in with HOME=/"
+msgstr ""
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr ""
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr ""
+
+msgid "Unable to determine your tty name."
+msgstr ""
+
+msgid "No"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr ""
+
+msgid "Minimum Password Age"
+msgstr ""
+
+msgid "Maximum Password Age"
+msgstr ""
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr ""
+
+msgid "Password Expiration Warning"
+msgstr ""
+
+msgid "Password Inactive"
+msgstr ""
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr ""
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr ""
+
+msgid "never"
+msgstr ""
+
+msgid "password must be changed"
+msgstr ""
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr ""
+
+#, fuzzy
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Fjalëkalimi yt nuk është aktiv."
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr ""
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: PAM: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot open %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr ""
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr ""
+
+msgid "Room Number"
+msgstr ""
+
+msgid "Work Phone"
+msgstr ""
+
+msgid "Home Phone"
+msgstr ""
+
+msgid "Other"
+msgstr ""
+
+msgid "Cannot change ID to root.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr ""
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr ""
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr ""
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr ""
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr ""
+
+#, c-format
+msgid " [%lus left]"
+msgstr ""
+
+#, c-format
+msgid " [%lds lock]"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr ""
+
+msgid "The options cannot be combined.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr ""
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr ""
+
+msgid "New Password: "
+msgstr ""
+
+msgid "Re-enter new password: "
+msgstr ""
+
+msgid "They don't match; try again"
+msgstr ""
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr ""
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr ""
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr ""
+
+msgid "invalid group file entry"
+msgstr ""
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr ""
+
+#, fuzzy
+msgid "duplicate group entry"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr ""
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr ""
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr ""
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr ""
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr ""
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr ""
+
+msgid "duplicate shadow group entry"
+msgstr ""
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr ""
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr ""
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr ""
+
+msgid "Usage: id\n"
+msgstr ""
+
+msgid " groups="
+msgstr ""
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr ""
+
+msgid "Username                Port     Latest"
+msgstr ""
+
+msgid "**Never logged in**"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr ""
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr ""
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr ""
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s login: "
+msgstr ""
+
+msgid "login: "
+msgstr ""
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr ""
+
+msgid "login: abort requested by PAM\n"
+msgstr ""
+
+msgid "Login incorrect"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr ""
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr ""
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr ""
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr ""
+
+#, c-format
+msgid " from %.*s"
+msgstr ""
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+
+msgid "Usage: logoutd\n"
+msgstr ""
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr ""
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "   Zgjidh një fjalëkalim të ri.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr ""
+
+msgid "too many groups\n"
+msgstr ""
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate group range\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr ""
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+
+msgid "New password: "
+msgstr ""
+
+msgid "Try again."
+msgstr ""
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+
+msgid "They don't match; try again.\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr ""
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: password changed.\n"
+msgstr "Fjalëkalimi yt ka skaduar."
+
+#, fuzzy, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "Fjalëkalimi yt ka skaduar."
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+#, fuzzy
+msgid "invalid password file entry"
+msgstr "   Zgjidh një fjalëkalim të ri.\n"
+
+msgid "duplicate password entry"
+msgstr ""
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr ""
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr ""
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr ""
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr ""
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr ""
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr ""
+
+msgid "duplicate shadow password entry"
+msgstr ""
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr ""
+
+msgid "Password authentication bypassed.\n"
+msgstr ""
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr ""
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr ""
+
+msgid "(Enter your own password)"
+msgstr ""
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr ""
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr ""
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "Cannot execute %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy
+msgid "No password file"
+msgstr "Fjalëkalimi yt ka skaduar."
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr ""
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+
+msgid "Entering System Maintenance Mode"
+msgstr ""
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr ""
+
+msgid "Creating mailbox file"
+msgstr ""
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+
+msgid "Setting mailbox file permissions"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr ""
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy, c-format
+msgid "%s: no options\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr ""
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr ""
+
+msgid "failed to change mailbox owner"
+msgstr ""
+
+msgid "failed to rename mailbox"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "Fjalëkalimi yt ka skaduar."
+
+msgid "failed to create scratch directory"
+msgstr ""
+
+msgid "failed to drop privileges"
+msgstr ""
+
+msgid "Couldn't get file context"
+msgstr ""
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+msgid "failed to gain privileges"
+msgstr ""
+
+msgid "Couldn't lock file"
+msgstr ""
+
+msgid "Couldn't make backup"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s: %s\n"
+msgstr "Kujdes: grup i panjohur %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr ""
+
+msgid "failed to unlink scratch file"
+msgstr ""
+
+msgid "failed to stat edited file"
+msgstr ""
+
+msgid "failed to allocate memory"
+msgstr ""
+
+msgid "failed to create backup file"
+msgstr ""
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr ""
+
+#, fuzzy
+#~ msgid "Password set to expire."
+#~ msgstr "Fjalëkalimi yt ka skaduar."
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "Kujdes: grup i panjohur %s\n"
+
+#, fuzzy
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "Kujdes: grup i panjohur %s\n"
diff --git a/po/stats b/po/stats
new file mode 100644
index 0000000..386d765
--- /dev/null
+++ b/po/stats
@@ -0,0 +1,20 @@
+#!/bin/sh
+export LANG=C
+echo "language  translated  fuzzy  untranslated"
+echo "-----------------------------------------"
+for i in $(cat LINGUAS | xargs); do
+	echo -n "  $i	"
+	msgfmt -c --statistics -o /dev/null $i.po 2>&1 |
+		awk -v LNG="$1" '{
+		    gsub(/ untranslated/, "");
+		    gsub(/ translated/, "");
+		    gsub(/ messages/, "");
+		    gsub(/ message/, "");
+		    gsub(/ translations/, "");
+		    gsub(/ translation/, "");
+		    gsub(/ fuzzy/, "");
+		    gsub(/[.,]/, "");
+		    {printf "%8s %8s %8s\n", $1, $2, $3}
+		    }'
+done
+echo "-----------------------------------------"
diff --git a/po/sv.po b/po/sv.po
new file mode 100644
index 0000000..4be82ba
--- /dev/null
+++ b/po/sv.po
@@ -0,0 +1,3073 @@
+# Swedish translation of shadow.
+# Copyright (C) 2006, 2008, 2011 Free Software Foundation, Inc.
+# This file is distributed under the same license as the shadow package.
+# Daniel Nylander <po@danielnylander.se>, 2006, 2008, 2011.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.1.1\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2011-11-25 22:08+0100\n"
+"Last-Translator: Daniel Nylander <yeager@ubuntu.com>\n"
+"Language-Team: Swedish <debian-l10n-swedish@lists.debian.org>\n"
+"Language: sv\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=n != 1;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Flera poster med namnet \"%s\" finns i %s. Rätta till detta med pwck eller "
+"grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "krypteringsmetoden stöds inte av libcrypt? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "konfigurationsfel - kan inte tolka %s-värde: \"%s\""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Kunde inte allokera plats för konfigurationsinformationen.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "konfigurationsfel - okänd post \"%s\" (informera administratören)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Lösenord: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s lösenord: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Kunde inte allokera plats för konfigurationsinformationen.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Ändrar åldersinformationen för %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Kan inte fastställa ditt användarnamn.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot fork user shell\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: Kan inte grena användarskal\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: slut på minne\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: Kan inte ta status på %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s är varken en katalog eller symbolisk länk.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: Kan inte läsa symboliska länken %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: Misstänkt lång symbolisk länk: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: Kan inte skapa katalogen %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: Kan inte byta ägare för %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: Kan inte ändra rättigheter för %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: Kan inte ta bort katalogen %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: Kan inte byta namn på %s till %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: Kan inte ta bort %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: Kan inte skapa symboliska länken %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Kan inte byta ägare för %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: Kan inte lstat %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Varning, användaren %s har ingen tcb shadow-fil.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Nödläge:  tcb shadow för %s är inte en vanlig fil med st_nlink=1.\n"
+"Kontot lämnas kvar som låst.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: Kan inte öppna %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Varning: okänd grupp %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Varning: för många grupper\n"
+
+msgid "Your password has expired."
+msgstr "Ditt lösenord har upphört att gälla."
+
+msgid "Your password is inactive."
+msgstr "Ditt lösenord är inaktivt."
+
+msgid "Your login has expired."
+msgstr "Ditt inloggningskonto har upphört att gälla."
+
+msgid "  Contact the system administrator."
+msgstr "  Kontakta systemadministratören."
+
+msgid "  Choose a new password."
+msgstr "  Välj ett nytt lösenord."
+
+msgid "You must change your password."
+msgstr "Du måste ändra ditt lösenord."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Ditt lösenord upphör att gälla om %ld dagar.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Ditt lösenord upphör att gälla imorgon."
+
+msgid "Your password will expire today."
+msgstr "Ditt lösenord upphör att gälla idag."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Kunde inte ändra ägare eller rättigheter för tty standard in: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: misslyckades med att låsa upp %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Överskott av miljövariabler\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Du får inte ändra $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d misslyckade sedan förra inloggningen\n"
+"Senast var %s den %s.\n"
+msgstr[1] ""
+"%d misslyckanden sedan förra inloggningen\n"
+"Senast var %s den %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Ogiltig konfiguration: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ogiltig konfiguration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: misslyckades att allokera minne: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: Kan inte få unikt system GID (inga fler tillgängliga GID)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Kan inte få unik GID (inga fler tillgängliga GID)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Ogiltig konfiguration: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Ogiltig konfiguration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: Kan inte få unikt system UID (inga fler tillgängliga UID)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: Kan inte få unikt UID (inga fler tillgängliga UID)\n"
+
+msgid "Too many logins.\n"
+msgstr "För många inloggningsförsök.\n"
+
+msgid "You have new mail."
+msgstr "Du har ny post."
+
+msgid "No mail."
+msgstr "Ingen post."
+
+msgid "You have mail."
+msgstr "Du har post."
+
+msgid "no change"
+msgstr "ingen ändring"
+
+msgid "a palindrome"
+msgstr "en palindrom"
+
+msgid "case changes only"
+msgstr "endast ändring av gemener/versaler"
+
+msgid "too similar"
+msgstr "för likt"
+
+msgid "too simple"
+msgstr "för enkelt"
+
+msgid "rotated"
+msgstr "roterat"
+
+msgid "too short"
+msgstr "för kort"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Felaktigt lösenord: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() misslyckades, fel %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: lösenordet är oförändrat\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: uppdatering av lösenord lyckades\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Felaktigt lösenord för %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: misslyckades med att kasta rättigheterna (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: ogiltigt telefonnummer (hem): \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create directory %s: %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: Kan inte skapa katalogen %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: Kan inte skapa katalogen %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to create tcb directory for %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: Misslyckades med att skapa tcb-katalog för %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Ogiltigt värde för ENCRYPT_METHOD: \"%s\".\n"
+"Faller tillbaka på DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Kunde inte byta katalog till \"%s\"\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Ingen katalog, loggar in med HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Kunde inte starta %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Felaktig rotkatalog \"%s\"\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Kan inte ändra rotkatalog till \"%s\"\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Kunde inte fastställa ditt tty-namn."
+
+msgid "No"
+msgstr "Nej"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] INLOGGNINGSNAMN\n"
+"\n"
+"Flaggor:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+"  -d, --lastday SISTA_DAG       ställ in datum för sista lösenordsändring "
+"till SISTA_DAG\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -E, --expiredate UTGÅNGSDATUM ställ in kontots utgångsdatum till "
+"UTGÃ…NGSDATUM\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+"  -h, --help                    visa detta hjälpmeddelande och avsluta\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive INAKTIV        ställ in lösenordet till inaktivt efter "
+"utgång\n"
+"                                till INAKTIV\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr "  -l, --list                    visa åldringsinformation om kontot\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays MIN_DAGAR       ställ in minimum antal dagar innan "
+"lösenords-\n"
+"                                ändring till MIN_DAGAR\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays MAX_DAGAR       ställ in maximalt antal dagar innan "
+"lösenords-\n"
+"                                ändring till MAX_DAGAR\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -W, --warndays VARN_DAGAR     ställ in dagar för utgångsvarning till "
+"VARN_DAGAR\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Ange det nya värdet eller tryck ENTER för standardvärdet"
+
+msgid "Minimum Password Age"
+msgstr "Minimum lösenordsålder"
+
+msgid "Maximum Password Age"
+msgstr "Maximum lösenordsålder"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Senaste lösenordsändringen (ÅÅÅÅ-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Utlöpsvarning för lösenord"
+
+msgid "Password Inactive"
+msgstr "Lösenordet inaktivt"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Utlöpsdatum för kontot (ÅÅÅÅ-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Senaste lösenordsändringen\t\t\t\t: "
+
+msgid "never"
+msgstr "aldrig"
+
+msgid "password must be changed"
+msgstr "lösenordet måste ändras"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Lösenordet löper ut\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Lösenordet inaktivt\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Kontot löper ut\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Minimum antal dagar mellan lösenordsändringar\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Maximum antal dagar mellan lösenordsändringar\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Antal dagar med varningar före lösenordet löper ut\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: ogiltigt datum \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: ogiltigt numeriskt argument \"%s\"\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: inkludera inte \"l\" med andra flaggor\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Ã…tkomst nekad.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Kan inte fastställa ditt användarnamn.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: kan inte låsa %s; försök igen senare.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: kan inte öppna %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: fel vid skrivning av ändringar till %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: misslyckades med att förbereda den nya %s-posten \"%s\"\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: skugglösenordsfilen finns inte\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: användaren \"%s\" finns inte i %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Ändrar åldersinformationen för %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: fel vid ändring av fält\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] [INLOGGNINGSNAMN]\n"
+"\n"
+"Flaggor:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+"  -u, --help                    visa detta hjälpmeddelande och avsluta\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Helt namn"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Rumsnummer"
+
+msgid "Work Phone"
+msgstr "Telefonnummer (arbete)"
+
+msgid "Home Phone"
+msgstr "Telefonnummer (hem)"
+
+msgid "Other"
+msgstr "Övrigt"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Kan inte ändra ID till root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: namn med icke-ASCII-tecken: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: ogiltigt namn: \"%s\"\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: rumsnummer med icke-ASCII-tecken: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: ogiltigt rumsnummer: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: ogiltigt telefonnummer (arbete): \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: ogiltigt telefonnummer (hem): \"%s\"\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: \"%s\" innehåller icke-ASCII-tecken\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: \"%s\" innehåller ogiltiga tecken\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: användaren \"%s\" finns inte\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: kan inte ändra användare \"%s\" på en NIS-klient.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: \"%s\" är NIS-master för denna klient.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Ändrar användarinformationen för %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: fälten för långa\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor]\n"
+"\n"
+"Flaggor:\n"
+
+#, fuzzy, c-format
+#| msgid "  -c, --crypt-method <METHOD>   the crypt method (one of %s)\n"
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method <METOD>    krypteringsmetoden (en av %s)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr "  -e, --encrypted               angivna lösenord är krypterade\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     kryptera klartextlösenordet med\n"
+"                                MD5-algoritmen\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"  -s, --sha-rounds              antal SHA-rundor för SHA*-\n"
+"                                krypteringsalgoritmerna\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: flaggan %s tillåts endast med flaggan %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: flaggorna -c, -e och -m är uteslutande\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: krypteringsmetoden stöds inte: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: rad %d: raden för lång\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: rad %d: saknar nytt lösenord\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: misslyckades med att ta bort %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: rad %d: gruppen \"%s\" finns inte\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: rad %d: misslyckades med att förbereda den nya %s-posten \"%s\"\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: ett fel upptäcktes, ändringar ignorerade\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (rad %d, användare %s) lösenordet har inte ändrats\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: rad %d: användaren \"%s\" finns inte\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+"  -s, --shell SHELL             nytt inloggningsskal för användarkontot\n"
+
+msgid "Login Shell"
+msgstr "Inloggningsskal"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Du får inte ändra skalet för \"%s\".\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Ändrar inloggningsskal för %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Ogiltig post: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s är ett ogiltigt skal\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Varning: %s finns inte\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Varning: %s är inte en körbar fil\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: flaggorna %s och %s står i konflikt\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: oväntat argument: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+"  -a, --all                     visa faillog-poster för alla användare\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-secs S             efter misslyckad inloggning lås kontot i S "
+"sekunder\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum MAX             ställ in maximalt antal misslyckade "
+"inloggningar till MAX\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+"  -r, --reset                   nollställd räknarna för inloggningsfel\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Misslyckades med att få posten för UID %lu\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Användare       Fel      Max Senaste                  På\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [%lus kvar]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds låsta]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Misslyckades med att ställa in låstid för UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Misslyckades med att ställa in max för UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Misslyckades med att ställa in låstid för UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Okänd användare eller intervall: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Kan inte få storleken för %s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: misslyckades med att ta bort %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flagga] GRUPP\n"
+"\n"
+"Flaggor:\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add ANVÄNDARE           lägg till ANVÄNDARE till GRUPP\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete ANVÄNDARE        ta bort ANVÄNDARE från GRUPP\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr "  -r, --remove-password         ta bort GRUPPens lösenord\n"
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+"  -R, --restrict                begränsa åtkomst till GRUPP till dess "
+"medlemmar\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+"  -M, --members ANVÄNDARE,...   ställ in listan för medlemmar av GRUPP\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators ADMIN,...\n"
+"                                ställ in listan för administratörer för "
+"GRUPP\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Förutom för flaggorna -A och -M, flaggorna kan inte kombineras.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Flaggorna kan inte kombineras.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: lösenord för skuggrupper krävs för -A\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: gruppen \"%s\" finns inte i %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: fel vid stängning av skrivskyddad %s\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Ändrar lösenordet för gruppen %s\n"
+
+msgid "New Password: "
+msgstr "Nytt lösenord: "
+
+msgid "Re-enter new password: "
+msgstr "Ange nytt lösenord igen: "
+
+msgid "They don't match; try again"
+msgstr "De stämde inte överens, försök igen"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Försök igen senare\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Lägger till användaren %s till gruppen %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Ta bort användaren %s från gruppen %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: användaren \"%s\" är inte en medlem av \"%s\"\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Inte en tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] GRUPP\n"
+"\n"
+"Flaggor:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force                   avsluta normalt om gruppen redan finns,\n"
+"                                och avbryt -g om GID redan används\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr "  -g, --gid GID                 använd GID för den nya gruppen\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+"  -K, --key NYCKEL=VÄRDE        åsidosätt standardvärden i /etc/login.defs\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              tillåt att skapa grupper med dubletta\n"
+"                                (icke-unika) GID\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+"  -p, --password LÖSENORD       använd detta krypterade lösenord för nya "
+"gruppen\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  skapa ett systemkonto\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: \"%s\" är inte ett giltigt gruppnamn\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: ogiltigt grupp-id \"%s\"\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K kräver KEY=VÄRDE\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: gruppen \"%s\" finns redan\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID \"%lu\" finns redan\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Kan inte fastställa ditt användarnamn.\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -r, --reset                   reset the counters of login failures\n"
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+"  -r, --reset                   nollställd räknarna för inloggningsfel\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: kan inte ta bort posten \"%s\" från %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: kan inte ta bort primära gruppen för användaren \"%s\"\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: gruppen \"%s\" finns inte\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: gruppen \"%s\" är en NIS-grupp\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s är NIS master\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: användaren \"%s\" är redan medlem av \"%s\"\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Slut på minne. Kan inte uppdatera %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] [åtgärd]\n"
+"\n"
+"Flaggor:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group gruppnamn         ändra gruppnamn istället för användarens "
+"grupp\n"
+"                                (endast root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Åtgärder:\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+"  -a, --add användarnamn        lägg till användarnamn till medlemmarna av "
+"gruppen\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+"  -d, --delete användarnamn     ta bort användarnamn från medlemmarna av "
+"gruppen\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr "  -p, --purge                   ta bort alla medlemmar från gruppen\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    lista medlemmarna av gruppen\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: ditt gruppnamn matchar inte ditt användarnamn\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: endast root kan använda flaggan -g/--group\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr "  -g, --gid GID                 ändra grupp-id till GID\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr "  -n, --new-name NY_GRUPP       ändra namnet till NY_GRUPP\n"
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              tillåt användning av dubletta (icke-unika) "
+"GID\n"
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+"  -p, --password LÖSENORD       ändra lösenordet till detta (krypterade)\n"
+"                                LÖSENORD\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: ogiltigt gruppnamn \"%s\"\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: gruppen %s är en NIS-grupp\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: okänd användare %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] [grupp [gshadow]]\n"
+"\n"
+"Flaggor:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] [grupp]\n"
+"\n"
+"Flaggor:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s och -r är inkompatibla\n"
+
+msgid "invalid group file entry"
+msgstr "ogiltig post i gruppfil"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "ta bort rad \"%s\"? "
+
+msgid "duplicate group entry"
+msgstr "dubblerade grupposter"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "ogiltigt gruppnamn \"%s\"\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "ogiltigt grupp-id \"%lu\"\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grupp %s: ingen användare %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "ta bort medlem \"%s\"? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "ingen matchande gruppfilspost i %s\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "lägg till gruppen \"%s\" i %s? "
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"gruppen %s har en post i %s, men dess lösenordsfält i %s är inte inställt "
+"till \"x\"\n"
+
+msgid "invalid shadow group file entry"
+msgstr "ogiltig post i fil för skuggrupper"
+
+msgid "duplicate shadow group entry"
+msgstr "duplikata poster i skuggrupp"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "skuggrupp %s: ingen administrativ användare %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "ta bort administrativ medlem \"%s\"? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "skuggrupp %s: ingen användare %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: filerna har uppdaterats\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: inga ändringar\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: kan inte ta bort %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Usage: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Användning: id\n"
+
+msgid " groups="
+msgstr " grupper="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+"  -b, --before DAGAR            skriv endast ut lastlog information äldre "
+"än\n"
+"                                DAGAR\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+"  -a, --all                     visa faillog-poster för alla användare\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+"  -a, --all                     visa faillog-poster för alla användare\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time DAGAR              skriv endast ut lastlog information senare "
+"än\n"
+"                                DAGAR\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+"  -u, --user LOGIN              skriv ut lastlog information för användare\n"
+"                                angiven med LOGIN\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "Användarnamn      Port     Från             Senast"
+
+msgid "Username                Port     Latest"
+msgstr "Användarnamn        Port     Senast"
+
+msgid "**Never logged in**"
+msgstr "**Aldrig varit inloggad**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Misslyckades med att få posten för UID %lu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: Misslyckades med att få posten för UID %lu\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Användning: %s [-p] [namn]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h värd] [-f namn]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r värd\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "konfigurationsfel - kan inte tolka %s-värde: \"%d\""
+
+msgid "Invalid login time"
+msgstr "Ogiltig inloggningstid"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Systemet nedstängt för rutinmässigt underhåll"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Nedkoppling kringgådd -- rootinloggning tillåten.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Kan inte fungera utan en användbar root\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr "Ingen utmp post.  Du måste köra \"login\" från den lägsta nivån \"sh\""
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Inloggningen översteg tidsgränsen efter %u sekunder.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM misslyckades, avbryter: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s inloggning: "
+
+msgid "login: "
+msgstr "inloggning: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Maximalt antal försök har överstigits (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: avbryt begärdes av PAM\n"
+
+msgid "Login incorrect"
+msgstr "Inloggning misslyckad"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot fork user shell\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: Kan inte grena användarskal\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s inloggning: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: fel vid processdelning: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY misslyckades på %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Varning: inloggning återaktiverad efter temporär nedstängning."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Senast inloggad: %s på %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Senast inloggad: %.19s på %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " från %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"inloggningstid överskriden\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Användning: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Användning: newgrp [-] [grupp]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Användning: sg grupp [[-c] kommando]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to remove %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: misslyckades med att ta bort %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Ogiltigt lösenord.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: fel vid processgrening: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID \"%lu\" finns inte\n"
+
+msgid "too many groups\n"
+msgstr "för många grupper\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  skapa systemkonton\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: gruppen \"%s\" är en skuggrupp men den finns inte i /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: ogiltigt användar-id \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: ogiltigt användarnamn \"%s\"\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: rad %d: ogiltig rad\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: kan inte uppdatera posten för användaren %s (finns inte i passwd-"
+"databasen)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: rad %d: kan inte skapa användare\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: rad %d: kan inte skapa grupp\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: rad %d: användaren \"%s\" finns inte i %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: rad %d: kan inte uppdatera lösenord\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: rad %d: mkdir %s misslyckades: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: rad %d: chown %s misslyckades: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: rad %d: kan inte uppdatera post\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: misslyckades med att förbereda den nya %s-posten \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: kan inte skapa användare\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: kan inte skapa grupp\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+"  -a, --all                     rapportera lösenordsstatus för alla konton\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr "  -d, --delete                  ta bort lösenordet för angivet konto\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  tvinga utgång för lösenordet för det angivna "
+"kontot\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr "  -k, --keep-tokens             ändra lösenord endast om utgånget\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive INAKTIV        ställ in lösenordet som inaktivt efter "
+"utgång\n"
+"                                till INAKTIV\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+"  -l, --lock                    lås lösenordet för det angivna kontot\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays MIN_DAGAR       ställ in minsta antal dagar innan "
+"lösenords-\n"
+"                                ändring till MIN_DAGAR\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   tyst läge\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr "  -r, --repository FÖRRÅD       ändra lösenord i förrådet FÖRRÅD\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+"  -S, --status                  rapportera lösenordsstatus för det angivna "
+"kontot\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+"  -u, --unlock                  lås upp lösenordet för det angivna kontot\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -w, --warndays VARN_DAGAR     ställ in dagar för utgångsvarning till "
+"VARN_DAGAR\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays MAX_DAGAR       ställ in maximalt antal dagar innan "
+"lösenords-\n"
+"                                ändring till MAX_DAGAR\n"
+
+msgid "Old password: "
+msgstr "Gammalt lösenord: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Ange det nya lösenordet (minimum %d tecken)\n"
+"Använd en kombination av stora och små bokstäver samt siffror.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Ange det nya lösenordet (minimum %d, maximum %d tecken)\n"
+"Använd en kombination av gemener, versaler och siffror.\n"
+
+msgid "New password: "
+msgstr "Nytt lösenord: "
+
+msgid "Try again."
+msgstr "Försök igen."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Varning: svagt lösenord (ange det igen för att använda det ändå)."
+
+msgid "They don't match; try again.\n"
+msgstr "De stämde inte, försök igen.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Lösenordet för %s kan inte ändras.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Lösenordet för %s kan inte ändras ännu.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: upplåsning av lösenordet kommer att resultera i ett konto utan "
+"lösenord.\n"
+"Du bör ange ett lösenord med usermod -p för att låsa upp lösenordet för "
+"detta konto.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: repository %s stöds inte\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s är inte behörig att ändra lösenordet för %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Du kan inte visa eller modifiera lösenordsinformationen för %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Ändrar lösenord för %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Lösenordet för %s är oförändrat.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: lösenordet ändrades.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: information om lösenordets utgång har ändrats.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] [lösenord]\n"
+"\n"
+"Flaggor:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] [lösenord [skugga]]\n"
+"\n"
+"Flaggor:\n"
+
+#, fuzzy
+#| msgid "  -q, --quiet                   quiet mode\n"
+msgid "  -q, --quiet                   report errors only\n"
+msgstr "  -q, --quiet                   tyst läge\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr "%s: ingen alternativ shadow-fil tillåts när USE_TCB är aktiverad.\n"
+
+msgid "invalid password file entry"
+msgstr "ogiltig post i lösenordsfil"
+
+msgid "duplicate password entry"
+msgstr "duplikata lösenordsposter"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "ogiltigt användarnamn \"%s\"\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "ogiltigt användar-id \"%lu\"\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "användare \"%s\": ingen grupp %lu\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "användare \"%s\": katalogen \"%s\" finns inte\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "användare \"%s\": programmet \"%s\" finns inte\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "ingen tcb-katalog för %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "skapa tcb-katalog för %s?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "misslyckades med att skapa tcb-katalog för %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: kan inte låsa %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "ingen matchande lösenordfilpost i %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "lägg till grupp \"%s\" i %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"användaren %s har en post i %s, men dess lösenordsfält i %s är inte inställt "
+"till \"x\"\n"
+
+msgid "invalid shadow password file entry"
+msgstr "ogiltig post i skugglösenordsfil"
+
+msgid "duplicate shadow password entry"
+msgstr "duplikat post för skugglösenord"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "användare %s: senaste lösenordsändringen i framtiden\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: kan inte sortera poster i %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: kan inte fungera med tcb aktiverat\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: misslyckades med att ändra rättigheter för %s till 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Tillgång med su till det kontot NEKAS.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Lösenordsautentisering kringgådd.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Vänligen ange ditt EGNA lösenord för autentisering.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Kan inte grena användarskal\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: signalfel\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr "Sessionen terminerad, terminerar skal..."
+
+msgid " ...killed.\n"
+msgstr " ...dödad.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...väntar på att barn ska termineras.\n"
+
+msgid " ...terminated.\n"
+msgstr " ...terminerad.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Användning: su [flaggor] [KONTO]\n"
+"\n"
+"Flaggor:\n"
+"  -c, --command KOMMANDO        skicka KOMMANDO till anropade skalet\n"
+"  -h, --help                    visa detta hjälpmeddelande och avsluta\n"
+"  -, -l, --login                gör skalet till inloggningsskal\n"
+"  -m, -p,\n"
+"  --preserve-environment        återställ inte miljövariabler och behåll\n"
+"                                samma skal\n"
+"  -s, --shell SKAL              använd SKAL istället för det angivna i "
+"passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ignorerad)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Du är inte bemyndigad att su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Ange ditt egna lösenord)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: Autentiseringsfel\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s: Du är inte behörig att använda su för tillfället\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Ingen lösenordspost för \"root\""
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: måste köras från en terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: fel %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot remove the content of %s: %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Kan inte ta bort innehållet i %s: %s\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Kunde inte starta %s\n"
+
+msgid "No password file"
+msgstr "Ingen lösenordsfil"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY misslyckades"
+
+msgid "No password entry for 'root'"
+msgstr "Ingen lösenordspost för \"root\""
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Tryck Control-D för att fortsätta med normal uppstart,\n"
+"(eller ange root-lösenordet för systemunderhåll):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Går över till läge för systemunderhåll"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s skapades men kunde inte tas bort\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: %s-konfigurationen i %s kommer att ignoreras\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: kan inte skapa ny standardfil\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: kan inte öppna ny fil med standardvärden\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: raden är för lång i %s: %s..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Kan inte skapa symboliska länken %s: %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: byt namn: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: gruppen \"%s\" är en NIS-grupp.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: för många grupper angivna (max %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Användning: %s [flaggor] INLOGGNINGSNAMN\n"
+"            %s -D\n"
+"            %s -D [flaggor]\n"
+"\n"
+"Flaggor:\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -b, --base-dir BASKATALOG     baskatalog för hemkatalogen för\n"
+"                                det nya kontot\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr "  -c, --comment KOMMENTAR       GECOS-fält för det nya kontot\n"
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr "  -d, --home-dir HEM_KAT        hemkatalog för det nya kontot\n"
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+"  -D, --defaults                skriv ut eller ändra standardkonfiguration "
+"för useradd\n"
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr "  -e, --expiredate UTGÅNGSDATUM utgångsdatum för det nya kontot\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+"  -f, --inactive INAKTIV        lösenordets inaktivitetsperiod för det nya "
+"kontot\n"
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+"  -g, --gid GRUPP               namn eller ID för den primära gruppen för "
+"det\n"
+"                                nya kontot\n"
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+"  -k, --skel SKEL-KAT           använd denna alternativa skelett-katalog\n"
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -l, --no-log-init             lägg inte till användaren till databaserna "
+"lastlog\n"
+"                                och faillog\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr "  -m, --create-home             skapa användarens hemkatalog\n"
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr "  -M, --no-create-home          skapa inte användarens hemkatalog\n"
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+"  -N, --no-user-group           skapa inte en grupp med samma namn som\n"
+"                                användaren\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              tillåt att skapa användare med dubletta\n"
+"                                (icke-unika) UID\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+"  -p, --password LÖSENORD       krypterat lösenord för det nya kontot\n"
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr "  -s, --shell SKAL              inloggningsskal för det nya kontot\n"
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr "  -u, --uid UID                 användare-ID för det nya kontot\n"
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+"  -U, --user-group              skapa en grupp med samma namn som "
+"användaren\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: ogiltig baskatalog \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: ogiltig kommentar \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: ogiltig hemkatalog \"%s\"\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: skugglösenord krävs för -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: skugglösenord krävs för -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: ogiltigt fält \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: ogiltigt skal \"%s\"\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z kräver en SELinux-aktiverad kärna\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: misslyckades med att förbereda den nya %s-posten \"%s\"\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: kan inte skapa katalog %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Skapar postlådefil"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Gruppen \"mail\" hittades inte. Skapar användarens postlådefil med läget "
+"0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Ställer in rättigheter för postlådefil"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: användaren \"%s\" finns redan\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: gruppen %s finns redan - om du vill lägga till denna användare till den "
+"gruppen, använd -g.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: kan inte skapa användare\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu är inte unikt\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: Misslyckades med att skapa tcb-katalog för %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: kan inte skapa grupp\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: kan inte skapa användare\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: kan inte skapa grupp\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: varning: hem-katalogen finns redan.\n"
+"Kopierar ingen fil från skel-katalogen till den.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   tvinga borttagning av filer, även om\n"
+"                                de inte ägs av användaren\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr "  -r, --remove                  ta bort hemkatalog och postkö\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --shell SHELL             new login shell for the user account\n"
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+"  -s, --shell SHELL             nytt inloggningsskal för användarkontot\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove the primary group of user '%s'\n"
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: kan inte ta bort primära gruppen för användaren \"%s\"\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: gruppen %s är den primära gruppen för en annan användare och tas inte "
+"bort.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: kan inte ta bort posten \"%s\" från %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s home directory (%s) not found\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s hemkatalogen (%s) hittades inte\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: varning: kan inte ta bort %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s ägs inte av %s, tar inte bort\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Kan inte släppa privilegier: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Kan inte ta bort innehållet i %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: Kan inte ta bort tcb-filer för %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: användaren %s är en NIS-användare\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s hemkatalogen (%s) hittades inte\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: tar inte bort katalogen %s (skulle ta bort hemmet för användaren %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: fel vid borttagning av katalogen %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment KOMMENTAR       nytt värde för GECOS-fältet\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr "  -d, --home HEMKAT             ny hemkatalog för användarkontot\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -e, --expiredate UTGÅNGSDATUM ställ in kontots utgångsdatum\n"
+"                                till UTGÃ…NGSDATUM\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive INAKTIV        ställ in lösenordet som inaktivt efter\n"
+"                                utgångsdatum till INAKTIV\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+"  -g, --gid GRUPP               tvinga användning av GRUPP som ny "
+"primärgrupp\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr "  -G, --groups GRUPPER          ny lista över ytterligare GRUPPER\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+"  -a, --append                  lägg till användaren till ytterligare "
+"GRUPPER\n"
+"                                som nämns av flaggan -G utan att ta bort\n"
+"                                honom/henne från andra grupper\n"
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login NYTT_NAMN         nytt värde för inloggningsnamnet\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    lås användarkontot\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               flytta innehållet i hemkatalogen till\n"
+"                                en ny plats (använd endast med -d)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              tillåt användning av dubbletta (icke-unika) "
+"UID\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+"  -p, --password LÖSENORD       använd krypterat lösenord som nytt lösenord\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr "  -u, --uid UID                 nytt UID för användarkontot\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr "  -U, --unlock                  lås upp användarkontot\n"
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --shell SHELL             new login shell for the user account\n"
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -s, --shell SHELL             nytt inloggningsskal för användarkontot\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: upplåsning av användarens lösenord skulle resultera i ett konto utan "
+"lösenord.\n"
+"Du bör ställa in ett lösenord med usermod -p för att låsa upp användarens "
+"lösenord.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: användaren \"%s\" finns redan i %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: ogiltigt datum \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: ogiltigt datum \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open %s\n"
+msgid "%s: no options\n"
+msgstr "%s: kan inte öppna %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: flaggorna -L, -p och -U är uteslutande\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: skugglösenord krävs för -e och -f\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID \"%lu\" finns redan\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s är inte behörig att ändra lösenordet för %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: katalogen %s finns redan\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Tidigare hemkatalogen (%s) var inte en katalog. Den har inte tagits bort "
+"och inga hemkataloger har skapats.\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Misslyckades med att ändra ägarskap för hemkatalogen"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: varning: misslyckades med att ta bort hela den gamla hemkatalogen %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: kunde inte byta namn på katalogen %s till %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: misslyckades med att kopiera lastlog-posten för användaren %lu till "
+"användaren %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: misslyckades med att kopiera faillog-posten för användaren %lu till "
+"användaren %lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: varning: %s ägs inte av %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "misslyckades med att byta ägare på postlåda"
+
+msgid "failed to rename mailbox"
+msgstr "misslyckades med att byta namn på postlåda"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: misslyckades med att förbereda den nya %s-posten \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: misslyckades med att förbereda den nya %s-posten \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: misslyckades med att förbereda den nya %s-posten \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: misslyckades med att förbereda den nya %s-posten \"%s\"\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Du har ändrat %s.\n"
+"Du kan behöva ändra %s för att stämma överens.\n"
+"Använd kommandot \"%s\" för att göra det.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   redigera gruppdatabas\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd                  redigera lösenordsdatabas\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+"  -s, --shadow                  redigera shadow- eller gshadow-databasen\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+"  -u, --user                    vilken användares tcb shadow-fil att "
+"redigera\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: misslyckades med att ta bort %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s är oförändrad\n"
+
+msgid "failed to create scratch directory"
+msgstr ""
+
+msgid "failed to drop privileges"
+msgstr "misslyckades med att släppa privilegier"
+
+msgid "Couldn't get file context"
+msgstr ""
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () misslyckades"
+
+msgid "failed to gain privileges"
+msgstr "misslyckades med att få privilegier"
+
+msgid "Couldn't lock file"
+msgstr "Kunde inte låsa fil"
+
+msgid "Couldn't make backup"
+msgstr "Kunde inte göra en säkerhetskopia"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr ""
+
+msgid "failed to unlink scratch file"
+msgstr ""
+
+msgid "failed to stat edited file"
+msgstr "misslyckades med att ta status på redigerade filen"
+
+msgid "failed to allocate memory"
+msgstr "misslyckades att allokera minne"
+
+msgid "failed to create backup file"
+msgstr "misslyckades med att skapa säkerhetskopia"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: kan inte återställa %s: %s (dina ändringar finns i %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: misslyckades med att hitta tcb-katalog för %s\n"
+
+#~ msgid "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ msgstr "  -c, --crypt-method            krypteringsmetoden (en av %s)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Användning: vipw [flaggor]\n"
+#~ "\n"
+#~ "Flaggor:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) misslyckades\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Användning: chage [flaggor] [INLOGGNINGSNAMN]\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ "  -d, --lastday SISTA_DAG       ställ in datum för sista lösenordsändring "
+#~ "till SISTA_DAG\n"
+#~ "  -E, --expiredate UTGÅNGSDATUM ställ in kontots utgångsdatum till "
+#~ "UTGÃ…NGSDATUM\n"
+#~ "  -h, --help                    visa detta hjälpmeddelande och avsluta\n"
+#~ "  -I, --inactive INAKTIV        ställ in lösenordet till inaktivt efter "
+#~ "utgång\n"
+#~ "                                till INAKTIV\n"
+#~ "  -l, --list                    visa åldringsinformation om kontot\n"
+#~ "  -m, --mindays MIN_DAGAR       ställ in minimum antal dagar innan "
+#~ "lösenords-\n"
+#~ "                                ändring till MIN_DAGAR\n"
+#~ "  -M, --maxdays MAX_DAGAR       ställ in maximalt antal dagar innan "
+#~ "lösenords-\n"
+#~ "                                ändring till MAX_DAGAR\n"
+#~ "  -W, --warndays VARN_DAGAR     ställ in dagar för utgångsvarning till "
+#~ "VARN_DAGAR\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM autentisering misslyckades\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Användning: %s [-f fullt_namn] [-r rums_nr] [-w arb_tel]\n"
+#~ "\t[-h hem_tel] [-o annat] [användare]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Användning: %s [-f fullt_namn] [-r rums_nr] [-w arb_tel] [-h hem_tel]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Användning: %s [flaggor]\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ "  -c, --crypt-method            krypteringsmetoden (en av %s)\n"
+#~ "  -e, --encrypted               angivna lösenord är krypterade\n"
+#~ "  -h, --help                    visa detta hjälpmeddelande och avsluta.\n"
+#~ "  -m, --md5                     kryptera klartextlösenordet med\n"
+#~ "                                MD5-algoritmen\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Användning: chsh [flaggor] [KONTO]\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ "  -h, --help                    visa detta hjälpmeddelande och avsluta\n"
+#~ "  -s, --shell SHELL             nytt inloggningsskal för användarkontot\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Användning: expiry {-f|-c}\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: Kan inte öppna %s: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: Kan inte få storleken för %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Användning: groupdel grupp\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Användning: %s [-r] [-s] [grupp [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Användning: %s [-r] [-s] [grupp]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s och -r är inkompatibla\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Användning: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Användning: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Användning: lastlog [flaggor]\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ "  -b, --before DAGAR    skriv endast ut lastlog information äldre än "
+#~ "DAGAR\n"
+#~ "  -h, --help            visa detta hjälpmeddelande och avsluta\n"
+#~ "  -t, --time DAGAR      skriv endast ut lastlog information senare än "
+#~ "DAGAR\n"
+#~ "  -u, --user LOGIN      skriv ut lastlog information för användare\n"
+#~ "                        angiven med LOGIN\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Användning: passwd [flaggor] [INLOGGNINGSNAMN]\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ "  -a, --all                     rapportera lösenordsstatus för alla "
+#~ "konton\n"
+#~ "  -d, --delete                  ta bort lösenordet för angivet konto\n"
+#~ "  -e, --expire                  tvinga utgång för lösenordet för det "
+#~ "angivna kontot\n"
+#~ "  -h, --help                    visa detta hjälpmeddelande och avsluta\n"
+#~ "  -k, --keep-tokens             ändra lösenord endast om utgånget\n"
+#~ "  -i, --inactive INAKTIV        ställ in lösenordet som inaktivt efter "
+#~ "utgång\n"
+#~ "                                till INAKTIV\n"
+#~ "  -l, --lock                    lås lösenordet för det angivna kontot\n"
+#~ "  -n, --mindays MIN_DAGAR       ställ in minsta antal dagar innan "
+#~ "lösenords-\n"
+#~ "                                ändring till MIN_DAGAR\n"
+#~ "  -q, --quiet                   tyst läge\n"
+#~ "  -r, --repository FÖRRÅD       ändra lösenord i förrådet FÖRRÅD\n"
+#~ "  -S, --status                  rapportera lösenordsstatus för det "
+#~ "angivna kontot\n"
+#~ "  -u, --unlock                  lås upp lösenordet för det angivna "
+#~ "kontot\n"
+#~ "  -w, --warndays VARN_DAGAR     ställ in dagar för utgångsvarning till "
+#~ "VARN_DAGAR\n"
+#~ "  -x, --maxdays MAX_DAGAR       ställ in maximalt antal dagar innan "
+#~ "lösenords-\n"
+#~ "                                ändring till MAX_DAGAR\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Användning: %s [-q] [-r] [passwd]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Användning: %s [-q] [-r] [-s] [lösenord [skugga]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Användning: pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Användning: pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Okänt id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Inget skal\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Användning: userdel [flaggor] KONTO\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ "  -f, --force                   tvinga borttagning av filer, även om\n"
+#~ "                                de inte ägs av användaren\n"
+#~ "  -h, --help                    visa detta hjälpmeddelandet och avsluta\n"
+#~ "  -r, --remove                  ta bort hemkatalog och postkö\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: användaren %s är för närvarande inloggad\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Användning: usermod [flaggor] INLOGGNINGSNAMN\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ "  -c, --comment KOMMENTAR       nytt värde för GECOS-fältet\n"
+#~ "  -d, --home HEMKAT             ny hemkatalog för användarkontot\n"
+#~ "  -e, --expiredate UTGÅNGSDATUM ställ in kontots utgångsdatum\n"
+#~ "                                till UTGÃ…NGSDATUM\n"
+#~ "  -f, --inactive INAKTIV        ställ in lösenordet som inaktivt efter\n"
+#~ "                                utgångsdatum till INAKTIV\n"
+#~ "  -g, --gid GRUPP               tvinga användning av GRUPP som ny "
+#~ "primärgrupp\n"
+#~ "  -G, --groups GRUPPER         ny lista över ytterligare GRUPPER\n"
+#~ "  -a, --append                  lägg till användaren till ytterligare "
+#~ "GRUPPER\n"
+#~ "                                som nämns av flaggan -G utan att ta bort\n"
+#~ "                                honom/henne från andra grupper\n"
+#~ "  -h, --help                    visa detta hjälpmeddelande och avsluta\n"
+#~ "  -l, --login NYTT_NAMN         nytt värde för inloggningsnamnet\n"
+#~ "  -L, --lock                    lås användarkontot\n"
+#~ "  -m, --move-home               flytta innehållet i hemkatalogen till\n"
+#~ "                                en ny plats (använd endast med -d)\n"
+#~ "  -o, --non-unique              tillåt användning av dubbletta (icke-"
+#~ "unika) UID\n"
+#~ "  -p, --password LÖSENORD       använd krypterat lösenord som nytt "
+#~ "lösenord\n"
+#~ "  -s, --shell SKAL              nytt inloggningsskal för användarkontot\n"
+#~ "  -u, --uid UID                 nytt UID för användarkontot\n"
+#~ "  -U, --unlock                  lås upp användarkontot\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: inga flaggor angivna\n"
+
+#~ msgid "%s: %s is an invalid shell.\n"
+#~ msgstr "%s: %s är ett ogiltigt skal.\n"
+
+#~ msgid ""
+#~ "  -l, --lock-time SEC           after failed login lock account for SEC "
+#~ "seconds\n"
+#~ msgstr ""
+#~ "  -l, --lock-time S             efter misslyckad inloggning lås kontot i "
+#~ "S sekunder\n"
+
+#~ msgid ""
+#~ "Usage: %s [option] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --add USER                add USER to GROUP\n"
+#~ "  -d, --delete USER             remove USER from GROUP\n"
+#~ "  -r, --remove-password         remove the GROUP's password\n"
+#~ "  -R, --restrict                restrict access to GROUP to its members\n"
+#~ "  -M, --members USER,...        set the list of members of GROUP\n"
+#~ "%s\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Användning: %s [flagga] GRUPP\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ "  -a, --add ANVÄNDARE           lägg till ANVÄNDARE till GRUPP\n"
+#~ "  -d, --delete ANVÄNDARE        ta bort ANVÄNDARE från GRUPP\n"
+#~ "  -r, --remove-password         ta bort GRUPPens lösenord\n"
+#~ "  -R, --restrict                begränsa åtkomst till GRUPP till dess "
+#~ "medlemmar\n"
+#~ "  -M, --members ANVÄNDARE,...   ställ in listan över medlemmar för GRUPP\n"
+#~ "%s\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "  -A, --administrators ADMIN,...\n"
+#~ "                                set the list of administrators for GROUP\n"
+#~ "Except for the -A and -M options, the options cannot be combined.\n"
+#~ msgstr ""
+#~ "  -A, --administrators ADMIN,...\n"
+#~ "                                ställ in listan över administratörer för "
+#~ "GRUPP\n"
+#~ "Förutom för flaggorna -A och -M, flaggorna kan inte kombineras.\n"
+
+#~ msgid ""
+#~ "Usage: groupmems [options] [action]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group groupname         change groupname instead of the user's "
+#~ "group\n"
+#~ "                                (root only)\n"
+#~ "\n"
+#~ "Actions:\n"
+#~ "  -a, --add username            add username to the members of the group\n"
+#~ "  -d, --delete username         remove username from the members of the "
+#~ "group\n"
+#~ "  -p, --purge                   purge all members from the group\n"
+#~ "  -l, --list                    list the members of the group\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Användning: groupmems [flaggor] [åtgärd]\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ "  -g, --group gruppnamn         ändra gruppnamn istället för användarens "
+#~ "grupp\n"
+#~ "                                (endast root)\n"
+#~ "\n"
+#~ "Åtgärder:\n"
+#~ "  -a, --add användarnamn        lägg till användarnamn till medlemmar av "
+#~ "gruppen\n"
+#~ "  -d, --delete användarnamn     ta bort användarnamn från medlemmar av "
+#~ "gruppen\n"
+#~ "  -p, --purge                   ta bort alla medlemmar från gruppen\n"
+#~ "  -l, --list                    lista medlemmarna i gruppen\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Användning: useradd [flaggor] INLOGGNINGSNAMN\n"
+#~ "\n"
+#~ "Flaggor:\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: kan inte skapa %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: kan inte chown %s\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Användning: vipw [flaggor]\n"
+#~ "\n"
+#~ "Flaggor:\n"
+#~ "  -g, --group                   redigera gruppdatabas\n"
+#~ "  -h, --help                    visa detta hjälpmeddelande och avsluta\n"
+#~ "  -p, --passwd                  redigera lösenordsdatabas\n"
+#~ "  -q, --quiet                   tyst läge\n"
+#~ "  -s, --shadow                  redigera databaserna shadow eller "
+#~ "gshadow\n"
+#~ "\n"
diff --git a/po/tl.po b/po/tl.po
new file mode 100644
index 0000000..ef0fe7d
--- /dev/null
+++ b/po/tl.po
@@ -0,0 +1,3612 @@
+# Tagalog messages for shadow
+# shadow/po/tl.po 
+# Copyright (C) 2005 Software in the Public Interest, Inc.
+# This file is distributed under the same license as shadow
+# Itong talaksan ay ipinamamahagi sa parehong lisensya ng shadow
+# Eric Pareja <xenos@upm.edu.ph>, 2005
+# This file is maintained by Eric Pareja <xenos@upm.edu.ph>
+# Itong talaksan ay inaalagaan ni Eric Pareja <xenos@upm.edu.ph>
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2007-11-26 21:34+0100\n"
+"Last-Translator: Eric Pareja <xenos@upm.edu.ph>\n"
+"Language-Team: Tagalog <debian-tl@banwa.upm.edu.ph>\n"
+"Language: tl\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=n>1;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Hindi makapaglaan ng lugar para sa impormasyong pagsasaayos.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"may mali sa pagsasaayos - hindi kilalang item '%s' (ipaalam sa "
+"tagapangasiwa)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Kontrasenyas: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Kontrasenyas ni %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Hindi makapaglaan ng lugar para sa impormasyong pagsasaayos.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Pinapalitan ang impormasyong pagtanda para kay %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Hindi makilala ang inyong pangalan.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: linya %d: hindi mahanap ang gumagamit %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: nagkulang ng memory\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: hindi ma-apdeyt ang talaksang %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: hindi tanggap na directory na tahanan '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: babala: hindi matanggal "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: babala: hindi matanggal "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: baguhin ang pangalan: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: babala: hindi matanggal "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: babala: hindi matanggal "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: hindi ma-apdeyt ang talaksang %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: hindi maapdeyt ang talaksang shadow\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: baguhin ang pangalan: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: hindi mabuksan ang talaksang %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Babala: hindi kilalang grupo %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Babala: labis ang dami ng mga grupo\n"
+
+msgid "Your password has expired."
+msgstr "Lumampas sa taning ang inyong kontrasenyas."
+
+msgid "Your password is inactive."
+msgstr "Ang inyong kontrasenyas ay hindi aktibo."
+
+msgid "Your login has expired."
+msgstr "Lumampas sa taning ang inyong login."
+
+msgid "  Contact the system administrator."
+msgstr "  Kausapin ang tagapangasiwa ng sistema."
+
+msgid "  Choose a new password."
+msgstr "  Pumili ng bagong kontrasenyas."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Ang inyong kontrasenyas ay may taning na %ld na araw.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Hanggang bukas ang taning ng inyong kontrasenyas."
+
+msgid "Your password will expire today."
+msgstr "Mapapaso ang inyong kontrasenyas ngayong araw na ito."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Hindi mabago ang tty %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: mahaba masyado ang mga field\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Umapaw ang kapaligiran\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Hindi niyo maaaring baguhin ang $%s\n"
+
+#, fuzzy, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"May %d kabiguan magmula ng huling pagpasok.\n"
+"Ang huli ay %s noong %s.\n"
+"May %d na kabiguan magmula ng huling pagpasok.\n"
+"Ang huli ay %s noong %s.\n"
+msgstr[1] ""
+"May %d kabiguan magmula ng huling pagpasok.\n"
+"Ang huli ay %s noong %s.\n"
+"May %d na kabiguan magmula ng huling pagpasok.\n"
+"Ang huli ay %s noong %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "bigo sa pagpalit ng may-ari ng mailbox"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: hindi makakuha ng kakaibang UID\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: hindi makakuha ng kakaibang GID\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: hindi makakuha ng kakaibang UID\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: hindi makakuha ng kakaibang UID\n"
+
+msgid "Too many logins.\n"
+msgstr "Labis ang mga login.\n"
+
+msgid "You have new mail."
+msgstr "May bago kang email."
+
+msgid "No mail."
+msgstr "Walang email."
+
+msgid "You have mail."
+msgstr "Mayroon kang email."
+
+msgid "no change"
+msgstr "walang pagbabago"
+
+msgid "a palindrome"
+msgstr "isang palindromo"
+
+msgid "case changes only"
+msgstr "nagpalit lamang ng laki ng titik"
+
+msgid "too similar"
+msgstr "labis na magkatulad"
+
+msgid "too simple"
+msgstr "labis na simple"
+
+msgid "rotated"
+msgstr "inikot"
+
+msgid "too short"
+msgstr "labis ng ikli"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Maling kontrasenyas: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: bigo ang pam_start(), error %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Napalitan ang password."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: tagumpay sa pagpalit ng kontrasenyas\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Maling kontrasenyas para kay %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: hindi tanggap na telepono sa bahay: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Hindi makalipat sa '%s'\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Walang directory, pumapasok na ang HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Hindi mapatakbo ang %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Hindi tanggap na root directory '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Hindi mapalitan ang root directory sa '%s'\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Hindi malaman ang pangalan ng tty ninyo."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "Hindi\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Ibigay ang bagong halaga, o pindutin ang ENTER para sa default"
+
+msgid "Minimum Password Age"
+msgstr "Pinakamaliit na Tanda ng Password"
+
+msgid "Maximum Password Age"
+msgstr "Pinakamalaking Tanda ng Password"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Huling Pagpalit ng Password (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "Babala ng Paglipas ng Taning ng Password"
+
+msgid "Password Inactive"
+msgstr "Inaktibo ang Password"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Hangganan ng Account (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Huling Pagpalit ng Password : "
+
+msgid "never"
+msgstr "Hindi kailanman"
+
+msgid "password must be changed"
+msgstr "kailangan palitan ang password"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Taning ng Password:\t"
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Inaktibong Password:\t"
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Mapapaso ang Account:\t"
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Bilang ng mga araw bago magpalit ng password  : %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Bilang ng mga araw na dapat magpalit na ng password : %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Bilang ng mga araw bago mapaso ang password na may babala : %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: hindi tanggap na petsa '%s'\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: hindi tanggap na argumentong numero '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: huwag isama ang \"l\" sa ibang mga flag\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Walang pahintulot.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Hindi makilala ang inyong pangalan.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: hindi makapag-aldaba ng mga talaksan, subukan muli mamaya.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: hindi mabuksan ang talaksang %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: bigo sa pag-fork: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: wala ang talaksan ng shadow password\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Pinapalitan ang impormasyong pagtanda para kay %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: error sa pagbabago ng mga field\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Buong Pangalan"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Bilang ng Silid"
+
+msgid "Work Phone"
+msgstr "Telepono sa Trabaho"
+
+msgid "Home Phone"
+msgstr "Telepono sa Bahay"
+
+msgid "Other"
+msgstr "Iba pa"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Hindi mabago ang ID sa root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: hindi tanggap na pangalan: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: hindi tanggap na bilang ng silid: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: hindi tanggap na telepono sa trabaho: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: hindi tanggap na telepono sa bahay: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' ay may hindi legal na mga karakter\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' ay may hindi legal na mga karakter\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: hindi mapalitan ang gumagamit '%s' sa NIS client.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: '%s' ay ang NIS master ng klienteng ito.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Pinapalitan ang impormasyon tungkol sa gumagamit na si %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: mahaba masyado ang mga field\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: ang flag na -a ay pinapayagan LAMANG kung kasama ang flag na -G\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: linya %d: sobrang haba ng linya\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: linya %d: walang bagong password\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: walang grupong %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: linya %d: hindi ma-apdeyt ang ipinasok\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: may error na naganap, di pinansin ang mga pagbabago\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Login Shell"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Hindi niyo mapapalitan ang shell para kay %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Pinapalitan ang login shell ni %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Hindi tanggap na entry: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "Ang %s ay hindi tanggap na shell.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: babala: %s ay hindi pag-aari ni %s\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: hindi inaasahang argumento: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Login       Kabiguan Maximum Pinakahuli               On\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds naiwan]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds lock]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Di kilalang Gumagamit: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Ang password ni %s ay hindi mapapalitan.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "Ang password ni %s ay hindi mapapalitan.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: kailangan ng password ng grupong shadow para sa -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: walang grupong %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: bigo sa pag-fork: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Pinapalitan ang password ng grupong %s\n"
+
+msgid "New Password: "
+msgstr "Bagong Password: "
+
+msgid "Re-enter new password: "
+msgstr "Ibigay muli ang bagong password: "
+
+msgid "They don't match; try again"
+msgstr "Hindi magkapareho; subukan muli"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Subukan muli mamaya\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Dinadagdag ang gumagamit na si %s sa grupong %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Tinatanggal ang gumagamit na si %s mula sa grupong %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Hindi tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: hindi tanggap na pangalan ng grupo ang %s\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "hindi tanggap na pangalan ng grupo '%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: kinakailangan ng -O ang PANGALAN=HALAGA\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: mayroon nang grupong %s\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "Mayroon nang kasapi na ganito\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Hindi makilala ang inyong pangalan.\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: hindi mapalitan ang gumagamit '%s' sa NIS client.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: walang grupong %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: ang grupong '%s' ay grupong NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s ay ang NIS master\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: ang gumagamit na %s ay nasa NIS\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: naubos ang memory sa update_group\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "hindi tanggap na pangalan ng grupo '%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: ang grupong %s ay grupong NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: di kilalang gumagamit %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s at -r ay hindi maaring magkasabay\n"
+
+msgid "invalid group file entry"
+msgstr "hindi tanggap na entry ng talaksang grupo"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "burahin ang linyang '%s'? "
+
+msgid "duplicate group entry"
+msgstr "pangalawang entry ng grupo"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "hindi tanggap na pangalan ng grupo '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "hindi tanggap na pangalan ng grupo '%s'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grupong %s: walang gumagamit %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "tanggalin ang miyembrong '%s'? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "walang katumbas na entry sa talaksang grupo sa %s\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "idagdag ang grupong '%s' sa %s ?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "hindi tanggap na entry sa talaksang shadow group"
+
+msgid "duplicate shadow group entry"
+msgstr "dalawahan ang shadow group entry"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "grupong shadow %s: walang tagapamahalang %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "tanggaling ang miyembrong tagapamahala '%s'? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "grupong shadow %s: walang gumagamit na %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: ang mga talaksan ay na-apdeyt\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: walang pagbabago\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: hindi ma-apdeyt ang talaksang %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Pag-gamit: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Pag-gamit: id\n"
+
+msgid " groups="
+msgstr " mga grupo="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr "Pangalan         Puerta   Mula            Hulihan"
+
+msgid "Username                Port     Latest"
+msgstr "Pangalan                Puerta  Hulihan"
+
+msgid "**Never logged in**"
+msgstr "**Di pumasok kailanman**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: hindi maapdeyt ang talaksang password\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Pag-gamit: %s [-p] [pangalan]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h host] [-f pangalan]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Di tamang oras ng pagpasok"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sarado ang sistema para sa kinagawiang pagtaguyod"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Nilaktawan ang pag-diskonek -- pinayagang makapasok ang root.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Walang nakapasok sa utmp. Kailangan niyong mag-exec \"login\" mula sa "
+"pinakamababang antas ng \"sh\""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Lumipas ang taning ng pagpasok ng %d segundo.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: kabiguan sa PAM, humihinto: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s login: "
+
+msgid "login: "
+msgstr "login: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Lumampas sa bilang ng maaaring pagsubok : (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: hiniling na mag-abort ng PAM\n"
+
+msgid "Login incorrect"
+msgstr "Maling pagpasok"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: linya %d: hindi mahanap ang gumagamit %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s login: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: bigo sa pag-fork: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Babala: pagpasok ay enabled muli matapos ng panandalian pagbawal."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Huling pagpasok: %s sa %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Huling pagpasok: %.19s sa %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " mula %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"lumampas sa taning ng pagpasok\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Pag-gamit: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Pag-gamit: newgrp [-] [grupo]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Pag-gamit: sg grupo [[-c] utos]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Lumang kontrasenyas:"
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: bigo sa pag-fork: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+msgid "too many groups\n"
+msgstr "labis ang dami ng mga grupo\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: walang grupong %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: hindi tanggap na pangalan `%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: hindi tanggap na pangalan `%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: linya %d: hindi tanggap na linya\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: hindi maapdeyt ang ipinasok para kay %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: linya %d: hindi makalikha ng GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: linya %d: hindi makalikha ng GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: linya %d: hindi ma-apdeyt ang kontrasenyas\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: linya %d: bigo ang mkdir\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: linya %d: bigo ang chown\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: linya %d: hindi ma-apdeyt ang ipinasok\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: hindi malikha ang %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: hindi ma-apdeyt ang talaksang grupo\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Lumang kontrasenyas:"
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Ibigay ang bagong kontrasenyas (minimum na %d, maximum na %d karakter)\n"
+"Gumamit ng kombinasyon ng malaki at maliit na titik at mga numero.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Ibigay ang bagong kontrasenyas (minimum na %d, maximum na %d karakter)\n"
+"Gumamit ng kombinasyon ng malaki at maliit na titik at mga numero.\n"
+
+msgid "New password: "
+msgstr "Bagong password: "
+
+msgid "Try again."
+msgstr "Subukan muli."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Babala: mahinang password (ibigay ito muli upang gamitin pa rin)."
+
+msgid "They don't match; try again.\n"
+msgstr "Hindi sila magkapareho; subukan muli.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Ang password ni %s ay hindi mapapalitan.\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Ang password ni %s ay hindi mapapalitan.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: hindi suportado ang repositoryong %s\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+"%s: Hindi niyo matatanaw o mapapalitan ang impormasyong password ni %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Pinapalitan ang password ni %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Ang password ni %s ay hindi napalitan.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Napalitan ang password."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Babala ng Paglipas ng Taning ng Password"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "hindi tanggap na ipinasok sa talaksang password"
+
+msgid "duplicate password entry"
+msgstr "nadobleng ipinasok sa password"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "hindi tanggap na pangalan '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "hindi tanggap na pangalan '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "gumagamit %s: walang grupo %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "gumagamit %s: walang directory na %s\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "gumagamit %s: walang programang %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: hindi maaldaba ang talaksang %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "walang kaparehas na kontrasenyas sa %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "idagdag ang gumagamit na si '%s' sa %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "hindi tanggap na ipinasok sa talaksang password na shadow"
+
+msgid "duplicate shadow password entry"
+msgstr "nadobleng ipinasok sa talaksang password ng shadow"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "gumagamit %s: huling pagpalit ng password ay nasa hinaharap\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: hindi mabuksan ang talaksang %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: hindi maisulat muli ang talaksan\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Ang paggamit ng su sa account na iyan ay IPINAGBAWAL.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Linampasan ang password authentication.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Ibigay ang inyong SARILING kontrasenyas bilang authentication.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: hindi maaldaba ang talaksang %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Pag-gamit: su [mga opsiyon] [login]\n"
+"\n"
+"Mga opsiyon:\n"
+"  -c, --command UTOS            ipasa ang UTOS sa tinawag na shell\n"
+"  -h, --help                    ipakita ang payo na ito\n"
+"  -, -l, --login                gawing login shell ang shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        huwag i-reset ang mga variable\n"
+"                                na pangkapaligiran at gamitin\n"
+"                                ang parehong shell\n"
+"  -s, --shell SHELL             gamitin ang SHELL sa halip ng\n"
+"                                default sa passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Di pinansin)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Hindi kayo awtorisadong gumamit ng su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Ibigay ang sarili niyong password.)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: bigo ang pagpapakilalang PAM\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Hindi kayo awtorisadong gumamit ng su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Walang ipinasok sa password para sa 'root'"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: kinakailangang patakbuhin mula sa isang terminal\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: error %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "Hindi mapatakbo ang %s"
+
+msgid "No password file"
+msgstr "Walang talaksang password"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Walang ipinasok sa password para sa 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Itiklado ang control-d upang magpatuloy ng normal na startup,\n"
+"(o ibigay ang password ng root para sa pagtataguyod ng sistema):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Pumapasok sa Modang Pagtataguyod ng Sistema"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: hindi malikha ang bagong talaksan ng mga default\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: hindi mabuksan ang bagong talaksan ng mga default\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: linya %d: bigo ang chown\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: baguhin ang pangalan: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: ang grupong '%s' ay grupong NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: sobrang dami ng grupo ang nakatakda (max %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Pag-gamit: %s [input]\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: hindi tanggap na batayang directory '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: hindi tanggap na komento '%s'\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: hindi tanggap na directory na tahanan '%s'\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: kailangan ng shadow password para sa -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: kailangan ng shadow password para sa -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: hindi tanggap na saklaw '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: hindi tanggap na shell '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Inililikha ang talaksang mailbox"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Grupong 'mail' ay hindi nahanap. Inililikha ang talaksang mailbox ng "
+"gumagamit na may modong 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Itinatakda ang pahintulot sa talaksang mailbox"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: mayroon nang gumagamit na %s\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: mayroon nang grupong %s - kung nais niyong idagdag ang gumagamit na ito "
+"sa grupong iyon, gamitin ang -g.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: hindi malikha ang %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: hindi kakaiba ang UID %u\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: hindi malikha ang %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: hindi malikha ang %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: hindi malikha ang %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: babala: mayroon nang tahanang directory.\n"
+"Walang kokopyahing talaksan mula sa skel directory dito.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: hindi mapalitan ang gumagamit '%s' sa NIS client.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: hindi matanggal ang grupong %s dahil ito'y pangunahing grupo ng ibang "
+"gumagamit.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: hindi tanggap na directory na tahanan '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: babala: hindi matanggal "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s ay hindi pag-aari ni %s, hindi tatanggalin\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: ang gumagamit na %s ay nasa NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: hindi tanggap na directory na tahanan '%s'\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: hindi tatanggalin ang directory %s (mawawalan ng bahay si %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: error sa pagtanggal ng directory %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: mayroon nang gumagamit na %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: hindi tanggap na petsa '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: hindi tanggap na petsa '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: hindi mabuksan ang talaksang %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: kailangan ang shadow password para sa -e at -f\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "Mayroon nang kasapi na ganito\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: mayroon nang directory na %s\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: hindi malikha ang directory %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+"%s: babala: bigo sa pagtanggal ng buo ng lumang directory na tahanan %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: hindi mapalitan ng pangalan ang directory %s sa %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: babala: %s ay hindi pag-aari ni %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "bigo sa pagpalit ng may-ari ng mailbox"
+
+msgid "failed to rename mailbox"
+msgstr "bigo sa pagpalit ng pangalan ng mailbox"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s ay hindi binago\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "bigo sa pagpalit ng pangalan ng mailbox"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Hindi maaldaba ang talaksan"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: bigo sa pagtanggal ng mga pribilehiyo (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Hindi maaldaba ang talaksan"
+
+msgid "Couldn't make backup"
+msgstr "Hindi makagawa ng backup"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: hindi nahanap ang %s sa /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Hindi mabuksan ang talaksang grupo\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: mahaba masyado ang mga field\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "bigo sa pagpalit ng pangalan ng mailbox"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "bigo sa pagpalit ng may-ari ng mailbox"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "bigo sa pagpalit ng pangalan ng mailbox"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: hindi maibalik ang %s: %s (ang mga pagbabago ay nasa %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: hindi tanggap na batayang directory '%s'\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Pag-gamit: %s [input]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "bigo ang malloc(%d)\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -d, --lastday LAST_DAY        set last password change to LAST_DAY\n"
+#~| "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --list                    show account aging information\n"
+#~| "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "  -W, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: chage [mga opsiyon] [LOGIN]\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ "  -d, --lastday HULING_ARAW     itakda ang huling pagpalit ng "
+#~ "kontrasenyas\n"
+#~ "                                sa HULING_ARAW\n"
+#~ "  -E, --expiredate EXPIRE_DATE  itakda ang pagkapaso ng account sa\n"
+#~ "                                EXPIRE_DATE\n"
+#~ "  -h, --help                    ipakita ang tulong at lumabas\n"
+#~ "  -I, --inactive INACTIVE       itakda ang kontrasenyas na inaktibo "
+#~ "matapos\n"
+#~ "                                mapaso at gawin itong INACTIVE\n"
+#~ "  -l, --list                    ipakita ang impormasyon tungkol sa "
+#~ "account\n"
+#~ "  -m, --mindays MIN_DAYS        itakda na hindi kukulang sa MIN_DAYS\n"
+#~ "                                bago palitan ang kontrasenyas\n"
+#~ "  -M, --maxdays MAX_DAYS        itakda na hindi hihigit sa MAX_DAYS\n"
+#~ "                                bago palitan ang kontrasenyas\n"
+#~ "  -W, --warndays WARN_DAYS      itakda ang babala tungkol sa pagpaso sa\n"
+#~ "                                WARN_DAYS\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: bigo ang pagpapakilalang PAM\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Pag-gamit: %s [-f buong_pangalan] [-r bilang_ng_silid] [-w "
+#~ "telepono_trabaho]\n"
+#~ "\t[-h telepono_bahay] [-o iba] [gumagamit]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Pag-gamit: %s [-f buong_pangalan] [-r bilang_ng_silid] [-w trabaho] [-h "
+#~ "bahay]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Pag-gamit: chpasswd [mga opsiyon]\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ "  -e, --encrypted   ang mga bigay na mga kontrasenyas ay naka-encrypt\n"
+#~ "  -h, --help        ipakita itong payo na ito at lumabas\n"
+#~ "  -m, --md5         gamitin ang MD5 encryption imbes na DES kapag ang\n"
+#~ "                    mga ibinigay na mga kontrasenyas ay hindi naka-"
+#~ "encrypt\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: chsh [mga opsiyon] [LOGIN]\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ "  -h, --help                    ipakita ito at lumabas\n"
+#~ "  -s, --shell SHELL             bagong login shell para sa gumagamit\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Pag-gamit: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Pag-gamit: groupdel grupo\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Pag-gamit: %s [-r] [-s] [grupo [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Pag-gamit: %s [-r] [-s] [grupo]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s at -r ay hindi maaring magkasabay\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Pag-gamit: groupdel grupo\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Pag-gamit: groupdel grupo\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: lastlog [mga option]\n"
+#~ "\n"
+#~ "Mga option:\n"
+#~ "  -b, --before ARAW     ipakita lamang ang lastlog record na mas-luma sa "
+#~ "ARAW\n"
+#~ "  -h, --help            ipakita ang tulong na ito at lumabas\n"
+#~ "  -t, --time ARAW       ipakita lamang ang lastlog record na mas-bagos sa "
+#~ "ARAW\n"
+#~ "  -u, --user LOGIN      ipakita lamang ang gumagamit na LOGIN\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: passwd [mga opsiyon] [login]\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ "  -a, --all                     mag-ulat tungkol sa kalagayan ng\n"
+#~ "                                kontrasenyas ng lahat\n"
+#~ "  -d, --delete                  burahin ang kontrasenyas ng account\n"
+#~ "  -e, --expire                  piliting mapaso ang kontrasenyas ng "
+#~ "account\n"
+#~ "  -h, --help                    ipakita ang tulong na ito at lumabas\n"
+#~ "  -k, --keep-tokens             palitan ang kontrasenyas kung paso "
+#~ "lamang\n"
+#~ "  -i, --inactive INACTIVE       itakdang inaktibo matapos na mapaso\n"
+#~ "                                sa INACTIVE\n"
+#~ "  -l, --lock                    i-lock ang account\n"
+#~ "  -n, --mindays MIN_ARAW\n"
+#~ "  -q, --quiet                   tahimik lamang\n"
+#~ "  -r, --repository REPOSITORYO  palitan ang kontrasenyas sa REPOSITORYO\n"
+#~ "  -S, --status                  iulat ang kalagayan ng kontrasenyas ng\n"
+#~ "                                ibinigay na account\n"
+#~ "  -u, --unlock                  tanggalin ang pagkaaldaba ng account\n"
+#~ "  -w, --warndays BABALA_ARAW    itakda ang pagbabala ng taning sa\n"
+#~ "                                BABALA_ARAW\n"
+#~ "  -x, --maxdays MAX_ARAW        itakda kung hanggang ilang araw bago\n"
+#~ "                                magpalit ng kontrasenyas sa MAX_ARAW\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Pag-gamit: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Pag-gamit: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Pag-gamit: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Pag-gamit: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Di kilalang id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Walang shell\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Paggamit: userdel [mga opsiyon] LOGIN\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ "  -f, --force                   ipilit ang pagtanggal ng mga talaksan,\n"
+#~ "                                kahit hindi pag-aari ng gumagamit\n"
+#~ "  -h, --help                    ipakita ang patalastas na ito at lumabas\n"
+#~ "  -r, --remove                  tanggalin ang home directory at mail "
+#~ "spool\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: gumagamit na si %s ay kasalukuyang nakapasok\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Pag-gamit: usermod [mga opsiyon] LOGIN\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ "  -a, --append GRUPO            idagdag ang gumagamit sa karagdagang "
+#~ "GRUPO\n"
+#~ "  -c, --comment KOMENTO         itakda ang GECOS field\n"
+#~ "  -d, --home HOME_DIR           ang tahanang directory ng bagong account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  itakda ang petsa ng expiration ng "
+#~ "account\n"
+#~ "                                sa EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       itakda ang password na inaktibo matapos "
+#~ "ng\n"
+#~ "                                pagkapaso na INACTIVE\n"
+#~ "  -g, --gid GRUPO               ipilit na gamitin ang GRUPO para sa "
+#~ "bagong\n"
+#~ "                                account\n"
+#~ "  -G, --groups MGAGRUPO         idagdag ang mga grupo sa MGAGRUPO sa "
+#~ "bagong\n"
+#~ "                                account\n"
+#~ "  -h, --help                    ipakita ang payo na ito\n"
+#~ "  -l, --login LOGIN             bagong halaga ng pangalang panglogin\n"
+#~ "  -L, --lock                    ialdaba ang account ng gumagamit\n"
+#~ "  -m, --move-home               ilipat ang laman ng tahanang directory "
+#~ "sa\n"
+#~ "                                bagong lugar (gamitin lamang kasama ng -"
+#~ "d)\n"
+#~ "  -o, --non-unique              payagang lumikha ng user na may "
+#~ "kaparehong UID\n"
+#~ "  -p, --password PASSWOWRD      gumamit ng encrypted password para sa "
+#~ "bagong\n"
+#~ "                                account\n"
+#~ "  -s, --shell SHELL             itakda ang login shell para sa bagong "
+#~ "account\n"
+#~ "  -u, --uid UID                 gamitin ang UID para sa bagong account\n"
+#~ "  -U, --unlock                  tanggalin ang pagkaaldaba ng account ng\n"
+#~ "                                gumagamit\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: walang binigay na mga flag\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: vipw [mga opsiyon]\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ "  -g, --group                   baguhin ang database ng mga grupo\n"
+#~ "  -h, --help                    ipakita ang payo na ito\n"
+#~ "  -p, --passwd                  baguhin ang database na passwd\n"
+#~ "  -q, --quiet                   modong tahimik\n"
+#~ "  -s, --shadow                  baguhin ang database na shadow o gshadow\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Pag-gamit: %s [input]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: hindi malikha ang %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: hindi ma-chown %s\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     display faillog records for all users\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --lock-time SEC           after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| "  -m, --maximum MAX             set maximum failed login counters to "
+#~| "MAX\n"
+#~| "  -r, --reset                   reset the counters of login failures\n"
+#~| "  -t, --time DAYS               display faillog records more recent than "
+#~| "DAYS\n"
+#~| "  -u, --user LOGIN              display faillog record or maintains "
+#~| "failure\n"
+#~| "                                counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| "                                options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: faillog [mga opsiyon]\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ "  -a, --all             ipakita ang mga record ng faillog para sa lahat\n"
+#~ "  -h, --help            ipakita ang tulong na ito at lumabas\n"
+#~ "  -l, --lock-time SEG   matapos mabigo sa pagpasok, i-lock ng SEG "
+#~ "segundo\n"
+#~ "                        ang account\n"
+#~ "  -m, --maximum MAX     itakda ang maximum na bilang ng kabiguan sa "
+#~ "pagpasok\n"
+#~ "                        na hanggang MAX lamang\n"
+#~ "  -r, --reset           ireset ang mga tagabilang ng kabiguan sa "
+#~ "pagpasok\n"
+#~ "  -t, --time ARAW       ipakita ang faillog records na hindi tatanda sa "
+#~ "ARAW\n"
+#~ "  -u, --user LOGIN      ipakita ang faillog record o pangasiwaan ang "
+#~ "tagabilang\n"
+#~ "                        ng pagkabigo at mga palugit (kung gamit ang -r, -"
+#~ "m o\n"
+#~ "                        -l na opsiyon) para sa gumagamit ng LOGIN lamang\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: groupadd [mga opsiyon] GRUPO\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ "  -f, --force           ipilit ang paglabas na kalagayang matagumpay "
+#~ "kung\n"
+#~ "                        ang ibinigay na grupo ay mayroon na\n"
+#~ "  -g, --gid GID         gamitin ang GID para sa bagong grupo\n"
+#~ "  -h, --help            ipakita ang patalastas na ito at lumabas\n"
+#~ "  -K, --key KEY=HALAGA  nangingibabaw sa mga default sa /etc/login.defs\n"
+#~ "  -o, --non-unique      payagang gumawa ng grupo na may GID na kapareho\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: groupmod [mga opsiyon] GRUPO\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ "  -g, --gid GID                 gamitin ang bagong GID ng GRUPO\n"
+#~ "  -h, --help                    ipakita ang tulong na ito at lumabas\n"
+#~ "  -n, --new-name BAGONG_GRUPO   ipilit na gamitin ang BAGONG_GRUPO ng "
+#~ "GRUPO\n"
+#~ "  -o, --non-unique              payagang gumawa ng grupo na may "
+#~ "kaparehong\n"
+#~ "                                GID ng GRUPO\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Pag-gamit: useradd [mga opsiyon] LOGIN\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ "  -b, --base-dir BASE_DIR       punong directory para sa bagong mga "
+#~ "tahanang\n"
+#~ "                                directory ng account\n"
+#~ "  -c, --comment KOMENTO         itakda ang GECOS field ng bagong account\n"
+#~ "  -d, --home-dir HOME_DIR       ang tahanang directory ng bagong account\n"
+#~ "  -D, --defaults                ipakita o imbakin ang binagong default "
+#~ "na\n"
+#~ "                                pagkaayos ng useradd\n"
+#~ "  -e, --expiredate EXPIRE_DATE  itakda ang petsa ng expiration ng "
+#~ "account\n"
+#~ "                                sa EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       itakda ang password na inaktibo matapos "
+#~ "ng\n"
+#~ "                                pagkapaso na INACTIVE\n"
+#~ "  -g, --gid GRUPO               ipilit na gamitin ang GRUPO para sa "
+#~ "bagong\n"
+#~ "                                account\n"
+#~ "  -G, --groups MGAGRUPO         idagdag ang mga grupo sa MGAGRUPO sa "
+#~ "bagong\n"
+#~ "                                account\n"
+#~ "  -h, --help                    ipakita itong tulong na ito at lumabas\n"
+#~ "  -k, --skel SKEL_DIR           itakda ang alternatibong skel directory\n"
+#~ "  -K, --key KEY=HALAGA          nangingibabaw sa default sa /etc/login."
+#~ "defs\n"
+#~ "  -m, --create-home             likhain ang tahanang directory para sa\n"
+#~ "                                bagong account\n"
+#~ "  -o, --non-unique              payagang lumikha ng user na may "
+#~ "kaparehong UID\n"
+#~ "  -p, --password PASSWOWRD      gumamit ng encrypted password para sa "
+#~ "bagong\n"
+#~ "                                account\n"
+#~ "  -s, --shell SHELL             itakda ang login shell para sa bagong "
+#~ "account\n"
+#~ "  -u, --uid UID                 gamitin ang UID para sa bagong account\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Itinakdang lumampas sa taning ang password."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksan ng mga kontrasenyas\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang password\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang shadow password\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang shadow password\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: hindi maisulat-muli ang talaksang shadow password\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: hindi maisulat-muli ang talaksang password\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: hindi maapdeyt ang talaksang shadow password\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tBuong Pangalan: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tBilang ng Silid: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tTelepono sa Trabaho: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tTelepono sa Bahay: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Hindi maaldaba ang talaksang password; subukan muli mamaya.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Hindi mabuksan ang talaksang password\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Error sa pag-apdeyt ng password entry.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Hindi maisulat ang pagbabago sa talaksang password.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Hindi maalis ang aldaba sa talaksang password.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang grupo\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang grupo\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang gshadow\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: error sa pag-apdeyt ng talaksang shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: error sa pag-apdeyt ng ipinasok sa grupo\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: linya %d: di kilalang grupo %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: linya %d: hindi ma-apdeyt ang ipinasok\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang shadow\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: error sa pag-apdeyt ng talaksang shadow\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: error sa pag-apdeyt ng talaksang password\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: linya %d: di kilalang gumagamit %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: linya %d: hindi ma-apdeyt password entry\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: hindi kilalang gumagamit\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Di kilalang Gumagamit: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Pag-gamit: %s [-r|-R] grupo\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "       %s [-a gumagamit] grupo\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "       %s [-d gumagamit] grupo\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "       %s [-A gumagamit,...] [-M gumagamit,...] grupo\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "       %s [-M gumagamit,...] grupo\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: hindi makakuha ng aldaba\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: hindi makuha ang aldaba ng shadow\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksan\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: hindi maisulat muli ang talaksang shadow\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: hindi matanggal ang aldaba ng talaksan\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: hindi ma-apdeyt ang entry\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: hindi ma-apdeyt ang entry na shadow\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "di kilalang grupo: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksan\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang shadow\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Sino ka?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: di kilalang miyembro %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: error sa pagdagdag ng entry ng bagong grupo\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: hindi maisulat muli ang talaksang grupo\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: hindi maisulat muli ang talaksang grupo ng shadow\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang grupo\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang grupo\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang grupo ng shadow\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang grupo ng shadow\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: hindi kakaiba ang gid na %u\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: error sa pagtanggal ng entry ng grupo\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: error sa pagtanggal ng entry ng grupong shadow\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: hindi matanggal ang pangunahing grupo ng gumagamit.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Hindi mahanap ang kasapi na tatanggalin\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Pag-gamit: groupmems -a pangalan | -d pangalan | -D | -l [-g pangalan-ng-"
+#~ "grupo]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr ""
+#~ "Ang root lamang ang maaaring magdagdag ng kasapi sa ibang mga grupo\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Kinakailangan ng akses sa grupo\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Hindi pangunahing may-ari ng kasalukuyang grupo\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "Bigo ang pagpapakilalang PAM para kay\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Hindi maaldaba ang talaksang grupo\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Hindi maisara ang talaksang grupo\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s hindi nahanap sa /etc/group\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: hindi kakaibang GID ang %u\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s ay hindi kakaibang pangalan\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: hindi maisulat muli ang talaksang password\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang password\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang password\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: hindi ma-apdeyt ang ipinasok sa shadow para kay %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: hindi ma-apdeyt ang ipinasok para sa grupong %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang grupo na shadow\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang grupo na shadow\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: hindi matanggal ang grupong shadow %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: hindi ma-apdeyt ang talaksang grupo na shadow\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: hindi matanggal ang talaksang grupo na shadow\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "di kilalang GID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "di kilalang GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: walang grupong %s\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: walang gumagamit na nagngangalang %s\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: hindi tanggap na pangalan `%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: hindi maaldaba ang /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: hindi maaldaba ang /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: hindi maaldaba ang /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: hindi maaldaba ang /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: hindi mabuksan ang mga talaksan\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: error sa pag-apdeyt ng mga talaksan\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: hindi maapdeyt ang ipinasok sa passwd para kay %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang passwd\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang passwd\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: hindi matanggal ang ipinasok sa shadow para kay %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: hindi maapdeyt ang talaksang passwd\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: hindi maapdeyt ang ipinasok para kay %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: hindi matanggal ang talaksang password ng shadow\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: di kilalang GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: di kilalang grupo %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: naubos ang memory sa update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: hindi maisulat muli ang talaksang password\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: hindi maisulat muli ang talaksang password na shadow\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: hindi maaldaba ang talaksang password ng shadow\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang password ng shadow\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: error sa pagaldaba ng talaksang grupo\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: error sa pagbukas ng talaksang grupo\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: error sa pagaldaba ng talaksang grupo ng shadow\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: error sa pagbukas ng talaksang grupo ng shadow\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: error sa pagdagdag ng bagong ipapasok sa password\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: error sa pagdagdag ng bagong ipinasok na password sa shadow\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: babala: CREATE_HOME hindi suportado, gamitin na lamang ang -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: error sa pag-apdeyt ng ipinasok sa grupo\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: error sa pag-apdeyt ng ipinasok sa grupo\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang grupo\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: hindi mabuksan ang talaksang grupo ng shadow\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: error sa pagtanggal ng ipinasok na password\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: error sa pagtanggal ng ipinasok na password sa shadow\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: error sa pagdagdag ng entry ng bagong grupo\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu ay hindi kakaiba\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: error sa pagpalit ng ipinasok na password\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: error sa pagtanggal ng ipinasok na password\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: error sa pagtanggal ng ipinasok na shadow password\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: hindi makakuha ng kakaibang GID\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " noong '%.100s' mula sa '%.200s'"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " noong `%.100s'"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: linya %d: hindi makalikha ng UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: hindi kakaiba ang pangalang %s\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Pag-gamit: chpasswd [mga opsiyon]\n"
+#~ "\n"
+#~ "Mga opsiyon:\n"
+#~ "  -e, --encrypted\tang mga bigay na mga password ay naka-encrypt\n"
+#~ "  -h, --help\t\tipakita itong payo na ito at lumabas\n"
+#~ "  -m, --md5\t\tgamitin ang MD5 encryption imbes na DES kapag ang\n"
+#~ "\t\t\tmga ibinigay na mga password ay hindi naka-encrypt\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Walang talaksang password\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Ipagpaumanhin.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Ipagpaumanhin, ang password ni %s ay hindi pa mapapalitan.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Pasensya na."
diff --git a/po/tr.po b/po/tr.po
new file mode 100644
index 0000000..a67f47f
--- /dev/null
+++ b/po/tr.po
@@ -0,0 +1,3916 @@
+# translation of shadow.po to Türkçe
+# Turkish translation of shadow.
+# This file is distributed under the same license as the shadow package.
+#
+# Mehmet Türker <mturker@innova.com.tr>, 2004.
+# Murat Åženel <muratasenel@gmail.com>, 2006.
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2008-03-29 20:31+0200\n"
+"Last-Translator: Mehmet Türker <mturker@innova.com.tr>\n"
+"Language-Team: Türkçe <tr@li.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Generator: KBabel 1.11.1\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"'%s' içinde '%s' isminde birden fazla giriş mevcut. Lütfen bunu pwck yada "
+"grpck kullanarak düzeltin.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "kripto medotu libcrypt tarafından desteklenmiyor? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Yapılandırma bilgileri için yer ayrılamadı.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"yapılandırma hatası - bilinmeyen öğe '%s' (sistem yöneticisine bildirin)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Parola: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s kullanıcı parolası: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "Yapılandırma bilgileri için yer ayrılamadı.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "%s için ömür bilgisi değiştiriliyor\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: Kullanıcı isminiz belirlenemedi.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: satır %d: kullanıcı %s bulunamadı\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: yetersiz bellek\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: %s dosyası güncellenemiyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: geçersiz ev dizini '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: uyarı: silinemiyor "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: uyarı: silinemiyor "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: yeniden adlandırma: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: uyarı: silinemiyor "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: uyarı: silinemiyor "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: %s dosyası güncellenemiyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: gölge dosyası güncellenemedi\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: yeniden adlandırma: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: %s dosyası açılamıyor\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Uyarı: bilinmeyen grup %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Uyarı: grup sayısı çok fazla\n"
+
+msgid "Your password has expired."
+msgstr "Parolanızın kullanım süresi doldu."
+
+msgid "Your password is inactive."
+msgstr "Parolanız etkin değil."
+
+msgid "Your login has expired."
+msgstr "Hesabınızın kullanım süresi doldu."
+
+msgid "  Contact the system administrator."
+msgstr "  Sistem yöneticisine başvurunuz."
+
+msgid "  Choose a new password."
+msgstr "Yeni bir parola seçin."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Parolanızın kullanım süresi %ld gün sonra dolacaktır.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Parolanızın kullanım süresi yarın dolacaktır."
+
+msgid "Your password will expire today."
+msgstr "Parolanızın kullanım süresi bugün dolacaktır."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "Geçilemeyen tty: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: alanlar çok uzun\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Ortam taşması\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "$%s deÄŸiÅŸtirilemez\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"Son girişten beri %d başarısız girişim.  En sonuncusu %s üzerinde %s idi.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "postakutusu sahibi deÄŸiÅŸtirilmedi"
+
+#, fuzzy, c-format
+#| msgid "Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "Benzersiz bir UID alınamıyor (mevcut UID yok)\n"
+
+#, fuzzy, c-format
+#| msgid "Can't get unique GID (no more available GIDs)\n"
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "Tek (benzersiz) bir GID alınamadı (kullanılabilecek mevcut GID yok)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "Benzersiz bir UID alınamıyor (mevcut UID yok)\n"
+
+#, fuzzy, c-format
+#| msgid "Can't get unique UID (no more available UIDs)\n"
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "Benzersiz bir UID alınamıyor (mevcut UID yok)\n"
+
+msgid "Too many logins.\n"
+msgstr "Çok fazla oturum.\n"
+
+msgid "You have new mail."
+msgstr "Yeni e-postanız var."
+
+msgid "No mail."
+msgstr "E-Posta yok."
+
+msgid "You have mail."
+msgstr "E-Postanız var."
+
+msgid "no change"
+msgstr "deÄŸiÅŸiklik yok"
+
+msgid "a palindrome"
+msgstr "bu bir palindrome (tersinden de aynı şekilde okunabilen kelime)"
+
+msgid "case changes only"
+msgstr "sadece durum deÄŸiÅŸiklikleri"
+
+msgid "too similar"
+msgstr "çok benzer"
+
+msgid "too simple"
+msgstr "çok basit"
+
+msgid "rotated"
+msgstr "döndürülmüş"
+
+msgid "too short"
+msgstr "çok kısa"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Hatalı parola: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() başarısız, hata %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Parola deÄŸiÅŸti "
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: şifre başarıyla güncellendi\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "`%s' için yanlış parola\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: geçersiz ev telefonu: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Geçersiz ENCRYPT_METHOD değeri: '%s'.\n"
+"Varsayılan olarak DES kullanılacak.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "\"%s\" dizinine geçilemiyor\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Dizin yok, HOME=/ ile giriş yapılıyor"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "%s çalıştırılamıyor"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Geçersiz kök dizin '%s'\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Kök dizin '%s' olarak değiştirilemiyor\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Kullanıcı isminiz belirlenemedi."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "Hayır\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Yeni değeri girin, veya varsayılan değer için ENTER'a basın"
+
+msgid "Minimum Password Age"
+msgstr "Asgari Parola Ömrü"
+
+msgid "Maximum Password Age"
+msgstr "Azami Parola Ömrü"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Son Parola DeÄŸiÅŸimi (YYYY-AA-GG)"
+
+msgid "Password Expiration Warning"
+msgstr "Parola Kullanım Süresi Bitti Uyarısı"
+
+msgid "Password Inactive"
+msgstr "Parola Pasif"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Hesap Bitimi Tarihi (YYYY-AA-GG)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Son Parola DeÄŸiÅŸimi\t\t\t\t\t: "
+
+msgid "never"
+msgstr "Hiçbir zaman"
+
+msgid "password must be changed"
+msgstr "Parola deÄŸiÅŸtirilmeli"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Parola Kullanım Süresi Dolumu\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Parola Pasif\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Hesap Bitimi\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Şifre değişiklikleri arasındaki en az gün sayısı\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Maksimum giriş denemesi sayısı aşıldı \t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Şifre süresinin dolumundan önceki uyarı gün sayısı\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: geçersiz tarih '%s'\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: geçersiz sayısal argüman '%s'\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: diğer bayraklarla beraber \"l\" yi kullanmayınız\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: Ä°zin verilmedi\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Kullanıcı isminiz belirlenemedi.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: dosyalar kilitlenemiyor, daha sonra tekrar deneyin\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: %s dosyası açılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failure forking: %s\n"
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: çatallama (fork) hatası: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: shadow parola dosyası açılamadı\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: kullanıcı `%s' mevcut değil\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "%s için ömür bilgisi değiştiriliyor\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: alanları değiştirirken hata oluştu\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Tam Ä°sim"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "Oda Numarası"
+
+msgid "Work Phone"
+msgstr "Ä°ÅŸ Telefonu"
+
+msgid "Home Phone"
+msgstr "Ev Telefonu"
+
+msgid "Other"
+msgstr "DiÄŸer"
+
+msgid "Cannot change ID to root.\n"
+msgstr "ID root kullanıcısı olarak değiştirilemiyor.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: geçersiz isim: '%s'\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: geçersiz oda numarası: '%s'\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: geçersiz iş telefonu: '%s'\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: geçersiz ev telefonu: '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: '%s' geçersiz karakterler içeriyor\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: '%s' geçersiz karakterler içeriyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: kullanıcı `%s' mevcut değil\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: kullanıcı `%s' NIS istemcisinde değiştirilemedi.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: `%s' bu istemci için NIS efendisidir.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "%s için kullanıcı bilgileri değiştiriliyor\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: alanlar çok uzun\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s flag is ONLY allowed with the %s flag\n"
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: %s bayrağına SADECE %s bayrağı ile kullanıldığında izin verilir\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: -c, -e, ve -m bayrakları özel bayraklardır\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: desteklenmeyen kripto metodu: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: satır %d: satır çok uzun\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: satır %d: yeni parola eksik\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: grup %s mevcut deÄŸil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: satır %d: kayıt güncellenemiyor\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: hata algılandı, değişiklikler görmezden gelindi\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: kullanıcı `%s' mevcut değil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: kullanıcı `%s' mevcut değil\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Oturum KabuÄŸu"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "%s için kabuğu değiştiremezsiniz.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "%s için oturum kabuğu değiştiriliyor\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: Geçersiz kayıt: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s geçersiz bir kabuk.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: kullanıcı %s mevcut değil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: uyarı: %s %s kullanıcısına ait değil\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: %s ve %s seçenekleri çakışıyor\n"
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: bilinmeyen argüman: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Oturum Aç       Failures Maximum Latest                   Açık\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds kaldı]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds kilitli]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "Unknown user or range: %s\n"
+msgid "%s: Unknown user or range: %s\n"
+msgstr "Bilinmeyen kullanıcı veya aralık: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "%s için parola değiştirilemedi.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "%s için parola değiştirilemedi.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: -A için gölge grup parolaları gerekli\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: grup %s mevcut deÄŸil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failure forking: %s\n"
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: çatallama (fork) hatası: %s\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "%s grubu için parola değiştiriliyor\n"
+
+msgid "New Password: "
+msgstr "Yeni parola: "
+
+msgid "Re-enter new password: "
+msgstr "Yeni parolayı tekrar girin: "
+
+msgid "They don't match; try again"
+msgstr "EÅŸleÅŸmiyorlar; tekrar deneyin"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Daha sonra tekrar deneyin\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "%s kullanıcısı %s grubuna ekleniyor\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "%s kullanıcısı %s grubundan çıkarılıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: kullanıcı `%s' mevcut değil\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: Bir tty deÄŸil\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s geçerli bir grup adı değil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid group name `%s'\n"
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: geçersiz grup adı `%s'\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K seçeneği ANAHTAR=DEĞER gerektirir\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: grup %s zaten var\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "Ãœye zaten mevcut\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Kullanıcı isminiz belirlenemedi.\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot change the primary group of user '%s' from %u to %u.\n"
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr ""
+"%s: '%s' kullanıcısı için birincil grup %u grubundan %u grubuna "
+"deÄŸiÅŸtirilemiyor.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: grup %s mevcut deÄŸil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: grup '%s' bir NIS grubu.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s NIS efendisidir\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: kullanıcı %s bir NIS kullanıcısı\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Out of memory. Cannot update the group database.\n"
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Bellek yetersiz. Grup veritabanı güncellenemiyor.\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: invalid group name `%s'\n"
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: geçersiz grup adı `%s'\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: grup %s bir NIS grubudur\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: bilinmeyen kullanıcı %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s ve -r uyumsuz\n"
+
+msgid "invalid group file entry"
+msgstr "geçersiz grup dosyası kaydı"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "`%s' satırı silinsin mi? "
+
+msgid "duplicate group entry"
+msgstr "mükerrer grup kaydı"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "geçersiz grup adı '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "geçersiz grup adı '%s'\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "grup %s: %s kullanıcısı yok\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "'%s' üyesi silinsin mi? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "%s girişi içinde grup dosyası kaydı eşleşmedi\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "Grup %s, %s'in içine eklensin mi?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "geçersiz gölge grup dosyası kaydı"
+
+msgid "duplicate shadow group entry"
+msgstr "mükerrer gölge grup kaydı"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "gölge grubu %s: %s yönetici kullanıcı değil\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "yönetici üye '%s' silinsin mi? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "gölge grubu %s: kullanıcı %s mevcut değil\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: dosyalar güncellendi\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: deÄŸiÅŸiklik yok\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: %s dosyası güncellenemiyor\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Kullanım: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Kullanım: id\n"
+
+msgid " groups="
+msgstr ".gruplar="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr "Kullanıcı adı         Port     Kimden             Sonuncu"
+
+msgid "Username                Port     Latest"
+msgstr "Kullanıcı adı                Port     Sonuncu"
+
+msgid "**Never logged in**"
+msgstr "**Hiç giriş yapmadı**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: parola dosyası güncellenemedi\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Kullanım: %s [-p] [isim]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "          %s [-p] [-h host] [-f isim]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "          %s [-p] -r host\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "Geçersiz giriş zamanı"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Sistem rutin bakımlar için kapalı"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Bağlantı kesilmesi atlandı -- root girişi olanaklı.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Bu bir utmp girişi değil.  En düşük \"sh\" düzeyinde \"login\" i "
+"çalıştırmalısınız. "
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Giriş %d saniye sonra zaman aşımına uğradı.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM başarısızlığa uğradı, çıkıyor: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s giriÅŸ: "
+
+msgid "login: "
+msgstr "giriÅŸ: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Maksimum giriş denemesi sayısı aşıldı (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "Giriş PAM tarafından iptal edildi\n"
+
+msgid "Login incorrect"
+msgstr "Giriş geçersiz"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: satır %d: kullanıcı %s bulunamadı\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s giriÅŸ: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: çatallama hatası: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY  %s için başarısız oldu"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Uyarı: geçici bir kilitlenme sonrasında giriş tekrar olanaklı kılındı."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "Son giriş: %s üzerinden %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "Son giriş: %s üzerinden %.19s"
+
+#, c-format
+msgid " from %.*s"
+msgstr "%.*s'den"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"oturum açma süresi aşıldı\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Kullanım: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Kullanım: newgrp [-] [grup]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Kullanım: sg grup [[-c] komut]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+msgid "Invalid password.\n"
+msgstr "Geçersiz parola.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: çatallama (fork) hatası: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: kullanıcı `%s' mevcut değil\n"
+
+msgid "too many groups\n"
+msgstr "çok fazla grup\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: group %s is a shadow group, but does not exist in /etc/group\n"
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: %s grubu bir shadow grubu, fakat /etc/group içinde mevcut değil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: geçersiz kullanıcı adı '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: geçersiz kullanıcı adı '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: satır %d: geçersiz satır\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: kullanıcı %s için kayıt güncellenemiyor (passwd veritabanında mevcut "
+"deÄŸil)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: satır %d: kullanıcı yaratılamıyor\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: satır %d: grup yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user `%s' does not exist\n"
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: kullanıcı `%s' mevcut değil\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: satır %d: parola güncellenemiyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: satır %d: mkdir başarısız oldu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: satır %d: chown başarısız oldu\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: satır %d: kayıt güncellenemiyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: kullanıcı yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: grup dosyası güncellenemiyor\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid "Old password: "
+msgstr "Eski parola: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Yeni parolayı girin (en az %d karakter)\n"
+"Lütfen büyük, küçük harf ve rakamların bir kombinasyonunu kullanın.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Yeni parolayı girin (asgari %d, azami %d karakter)\n"
+"Lütfen büyük, küçük harf ve rakamların bir kombinasyonunu kullanın.\n"
+
+msgid "New password: "
+msgstr "Yeni parola: "
+
+msgid "Try again."
+msgstr "Yeniden deneyin."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Uyarı: zayıf parola (yine de kullanmak için aynısını tekrar girin)."
+
+msgid "They don't match; try again.\n"
+msgstr "EÅŸleÅŸmediler, tekrar deneyin.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "%s için parola değiştirilemedi.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "%s için parola henüz değiştirilemiyor.\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: unlocking the user would result in a passwordless account.\n"
+#| "You should set a password with usermod -p to unlock this user account.\n"
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: kullanıcının kilidini kaldırmak şifresiz bir hesabın oluşmasına yol "
+"açacaktı.\n"
+"Bu kullanıcı hesabının kilidini kaldırmak için usermod -p ile bir parola "
+"belirlemelisiniz.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: depo %s desteklenmiyor\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: %s için şifre bilgisini göremez ve değiştiremezsiniz..\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "%s için parola değiştiriliyor\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s için parola değişmedi\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Parola deÄŸiÅŸti "
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "Parola Kullanım Süresi Bitti Uyarısı"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "geçersiz parola dosyası kaydı"
+
+msgid "duplicate password entry"
+msgstr "mükerrer parola kaydı"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "geçersiz kullanıcı adı '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "geçersiz kullanıcı adı '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "kullanıcı %s: %u grubu mevcut değil\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "kullanıcı %s: %s dizini mevcut değil\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "kullanıcı %s: uygulama %s mevcut değil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: %s dosyası kilitlenemiyor\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "%s içinde eşleşen parola dosyası kaydı yok\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "'%s' adlı kullanıyı %s'e ekle?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "geçersiz gölge parola dosyası kaydı"
+
+msgid "duplicate shadow password entry"
+msgstr "mükerrer gölge parola kaydı"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "kullanıcı %s: gelecekteki son parola değişimi\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: %s dosyası açılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: dosya tekrar yazılamıyor\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Bu hesap için 'su'ya erişim ENGELLENDİ.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Parola yetkilendirmesi atlandı.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Lütfen yetkilendirme için KENDİ parolanızı girin.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: %s dosyası kilitlenemiyor\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Kullanım: su [seçenekler] [KULLANICI]\n"
+"\n"
+"Seçenekler:\n"
+"  -c  --command KOMUT           KOMUT u istenen kabuğa geçir\n"
+"  -h, --help                    bu yardım dosyasını göster ve çık\n"
+"  -, -l, --login                kabuğu oturum açma kabuğu haline getirir\n"
+"  -m, -p,\n"
+"  --preserve-environment        çevre değişkenlerini sıfırlama ve \n"
+"                                aynı kabuğu sakla\n"
+"  -s, --shell KABUK(SHELL)      passwd dosyasındaki öntanımlı kabuk yerine\n"
+"                                KABUK kabuÄŸunu kullan\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Dikkate alınmadı)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "su %s için yetkili değilsiniz\n"
+
+msgid "(Enter your own password)"
+msgstr "(Kendi parolanızı girin)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: PAM yetkilendirmesi başarısız oldu\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "su %s için yetkili değilsiniz\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "'root' için parola kaydı yok"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: bir terminalden çalıştırılmalı\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: hata %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "%s çalıştırılamıyor"
+
+msgid "No password file"
+msgstr "Parola dosyası yok"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY başarısız oldu"
+
+msgid "No password entry for 'root'"
+msgstr "'root' için parola kaydı yok"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Normal başlangıç için control-d ye basın,\n"
+"(ya da sistem bakımı için root parolasını verin):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Sistem Bakımı Kipine Giriliyor"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: yeni varsayılanlar dosyası oluşturulamadı\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: yeni varsayılanlar dosyası açılamadı\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: satır %d: chown başarısız oldu\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: yeniden adlandırma: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: grup '%s' bir NIS grubu.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: çok fazla grup verildi (azami %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Kullanım: %s [girdi]\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: geçersiz ana dizin '%s'\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: geçersiz açıklama '%s'\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: geçersiz ev dizini '%s'\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: -e için gölge parolalar gerekli\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: -f için gölge parolalar gerekli\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: geçersiz alan '%s'\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: geçersiz kabuk '%s'\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+msgid "Creating mailbox file"
+msgstr "Mesaj kutusu dosyası yaratılıyor"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"'mail' grubu bulunamadı. Kullanıcının mail kutusu dosyası 0600 dosya "
+"yetkileriyle yaratılıyor.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "Mail kutusu dosyası için yetkiler ayarlanıyor"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: kullanıcı %s mevcut\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: grup %s mevcut - eğer bu kullanıcıyı bu gruba eklemek istiyorsanız, -g "
+"kullanın.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: kullanıcı yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: GID %u tek deÄŸil\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: grup yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: kullanıcı yaratılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: grup yaratılamıyor\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: uyarı: Ev dizini zaten mevcut.\n"
+"Temel dizinden hiçbir dosya kopyalanmıyor.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot change the primary group of user '%s' from %u to %u.\n"
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: '%s' kullanıcısı için birincil grup %u grubundan %u grubuna "
+"deÄŸiÅŸtirilemiyor.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: Başka bir kullanıcı için birincil grub olan %s grubu kaldırılamıyor.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: geçersiz ev dizini '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: uyarı: silinemiyor "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s %s kullanıcısına ait değil, silinmiyor\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: kullanıcı %s bir NIS kullanıcısı\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: geçersiz ev dizini '%s'\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: %s dizini silinmiyor (%s kullanıcısının ev dizinini silecekti)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: %s dizini silinirken hata oluÅŸtu\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+#| "                                crypt algorithms\n"
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -s, --sha-rounds              SHA* kripto algoritmaları için kullanılacak\n"
+"                                SHA yuvarlamaları sayısı\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: unlocking the user would result in a passwordless account.\n"
+#| "You should set a password with usermod -p to unlock this user account.\n"
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: kullanıcının kilidini kaldırmak şifresiz bir hesabın oluşmasına yol "
+"açacaktı.\n"
+"Bu kullanıcı hesabının kilidini kaldırmak için usermod -p ile bir parola "
+"belirlemelisiniz.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: kullanıcı %s mevcut\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: geçersiz tarih '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: geçersiz tarih '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: %s dosyası açılamıyor\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: -L, -p, ve -U bayrakları özel bayraklardır\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: -e ve -f için gölge parolalar gerekli\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "Ãœye zaten mevcut\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: %s dizini mevcut\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: %s dizini yaratılamıyor\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: uyarı: eski Ev dizinindeki tüm dosyalar kaldırılamadı %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: %s dizini %s olarak yeniden adlandırılamıyor\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: uyarı: %s %s kullanıcısına ait değil\n"
+
+msgid "failed to change mailbox owner"
+msgstr "postakutusu sahibi deÄŸiÅŸtirilmedi"
+
+msgid "failed to rename mailbox"
+msgstr "postakutusu isim değişikliği başarısız"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "You have modified %s.\n"
+#| "You may need to modify %s for consistency.\n"
+#| "Please use the command `%s' to do so.\n"
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Değişiklik yapıldı: %s.\n"
+"Uyumu sağlamak için değiştirilmesi gerekiyor: %s.\n"
+"Bunu yapmak için lütfen `%s' komutunu kullanın.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s deÄŸiÅŸtirilmedi\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "postakutusu isim değişikliği başarısız"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "Dosya kilitlenemedi"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: ayrıcalıklar iptal edilemedi (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "Dosya kilitlenemedi"
+
+msgid "Couldn't make backup"
+msgstr "Yedek alınamadı"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s /etc/passwd içinde bulunamadı\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "Grup dosyası açılamıyor\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: alanlar çok uzun\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "postakutusu isim değişikliği başarısız"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "postakutusu sahibi deÄŸiÅŸtirilmedi"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "postakutusu isim değişikliği başarısız"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: %s geri yüklenemiyor: %s (değişiklikleriniz %s içinde)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: geçersiz ana dizin '%s'\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Kullanım: %s [girdi]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) başarısız oldu\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -d, --lastday LAST_DAY        set last password change to LAST_DAY\n"
+#~| "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --list                    show account aging information\n"
+#~| "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "  -W, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: chage [seçenekler] kullanıcı\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ "  -d, --lastday SON_GÃœN(LAST_DAY)\n"
+#~ "                                son şifre değiştirme gününü SON_GÜN "
+#~ "olarak\n"
+#~ "                                belirle\n"
+#~ "  -E, --expiredate GEÇERLİLİK_TARİHİ(EXPIRE_DATE)\n"
+#~ "                                hesap geçerlilik tarihini "
+#~ "GEÇERLİLİK_TARİHİ\n"
+#~ "                                olarak belirle\n"
+#~ "  -h, --help                    bu yardım mesajını görüntüle ve çık\n"
+#~ "  -I, --inactive INACTIVE       kullanım süresi dolduktan sonra şifreyi\n"
+#~ "                                INACTIVE olarak belirle\n"
+#~ "  -l, --list                    hesap aging bilgisini göster\n"
+#~ "  -m, --mindays ASGARÄ°_GÃœN(MIN_DAYS)\n"
+#~ "                                şifre değişikliği için asgari gün\n"
+#~ "                                sayısını ASGARİ_GÜN olarak belirle\n"
+#~ "  -M, --maxdays AZAMÄ°_GÃœN(MAX_DAYS)\n"
+#~ "                                şifre değişikliği için azami gün\n"
+#~ "                                sayısını AZAMİ_GÜN olarak belirle\n"
+#~ "  -W, --warndays UYARI_GÃœN_SAYISI (WARN_DAYS)\n"
+#~ "                                zorunlu şifre değişikliği uyarısından "
+#~ "önceki\n"
+#~ "                                gün sayısını UYARI_GÜN_SAYISI olarak "
+#~ "belirle\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM yetkilendirmesi başarısız oldu\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Kullanım: %s [-f tam_isim] [-r oda_no] [-w iş_tel]\n"
+#~ "\t[-h ev_tel] [-o diğer] [kullanıcı]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr "Kullanım: %s [-f tam_isim] [-r oda_no] [-w iş_tel] [-h ev_tel]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Kullanım: %s [seçenekler]\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ "  -c, --crypt-method           kripto metodu (bunlardan biri: %s)\n"
+#~ "  -e, --encrypted              verilen parolalar kriptolu\n"
+#~ "  -h, --help                   bu yardım dosyasını göster ve çık\n"
+#~ "  -m, --md5                    şifresiz metin parolayı MD5 algoritması "
+#~ "ile ÅŸifrele\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: chsh [seçenekler] [KULLANICI]\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ "  -h, --help                    bu yardım mesajını göster ve çık\n"
+#~ "  -s, --shell KABUK(SHELL)      kullanıcı hesabı için yeni kabuk\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Kullanım: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: %s dosyası açılamıyor\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Kullanım: groupdel grup_adı\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Kullanım: %s [-r] [-s] [grup [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Kullanım: %s [-r] [-s] [grup]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s ve -r uyumsuz\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Kullanım: groupdel grup_adı\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Kullanım: groupdel grup_adı\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: lastlog [seçenekler]\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ "  -b, --before GÜN_SAYISI(DAYS) GÜN_SAYISI kadar günden daha eski olan\n"
+#~ "                                lastlog kayıtlarını gösterir\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time GÜN_SAYISI(DAYS)   GÜN_SAYISI kadar günden daha yeni olan\n"
+#~ "                                lastlog kayıtlarını gösterir\n"
+#~ "  -u, --user KULLANICI          KULLANICI ile belirtilen kullanıcının\n"
+#~ "                                kastlog yıtlarını gösterir\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: passwd [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     report password status on all accounts\n"
+#~| "  -d, --delete                  delete the password for the named "
+#~| "account\n"
+#~| "  -e, --expire                  force expire the password for the named "
+#~| "account\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -k, --keep-tokens             change password only if expired\n"
+#~| "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --lock                    lock the named account\n"
+#~| "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -r, --repository REPOSITORY   change password in REPOSITORY "
+#~| "repository\n"
+#~| "  -S, --status                  report password status on the named "
+#~| "account\n"
+#~| "  -u, --unlock                  unlock the named account\n"
+#~| "  -w, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "  -x, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: passwd [seçenekler] [KULLANICI]\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ "  -a, --all                 tüm hesaplardaki şifre durumunu bildirir\n"
+#~ "  -d, --delete              ismi belirtilen hesabın şifresini siler\n"
+#~ "  -e, --expire              ismi belirtilen hesaba ait şifrenin süresini "
+#~ "bitirir\n"
+#~ "  -h, --help                bu yardım dosyasını göster ve çık\n"
+#~ "  -k, --keep-tokens         sadece süresi dolduğunda şifreleri "
+#~ "deÄŸiÅŸtirir\n"
+#~ "  -i, --inactive INACTIVE   şifre süresi dolduktan sonra, şifreyi "
+#~ "INACTIVE\n"
+#~ "                            olarak ayarlar\n"
+#~ "  -l, --lock                ismi belirtilen hesabı kilitler\n"
+#~ "  -n, --mindays ASGARÄ°_GÃœN_SAYISI(MIN_DAYS)\n"
+#~ "                            şifre değiştirilmeden önceki en az gün "
+#~ "sayısını\n"
+#~ "                            ASGARÄ°_GÃœN_SAYISI olarak ayarlar\n"
+#~ "  -q, --quiet               sessiz kip\n"
+#~ "  -r, --repository DEPO(REPOSITORY)\n"
+#~ "                            DEPO deposundaki ÅŸifreyi deÄŸiÅŸtirir\n"
+#~ "  -S, --status              ismi belirtilen hesaptaki ÅŸifre durumunu "
+#~ "bildirir\n"
+#~ "  -u, --unlock              ismi belirtilen hesabın kilidini açar\n"
+#~ "  -w, --warndays UYARI_GÃœN_SAYISI(WARN_DAYS)\n"
+#~ "                            şifre dolum uyarı gününü UYARI_GÜN_SAYISI\n"
+#~ "                            olarak ayarlar\n"
+#~ "  -x, --maxdays AZAMÄ°_GÃœN_SAYISI(MAX_DAYS)\n"
+#~ "                            şifre değiştirilmeden önceki en fazla gün\n"
+#~ "                            sayısını AZAMİ_GÜN_SAYISI olarak ayarlar\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Kullanım: %s [-q] [-r] [-s] [parola [gölge]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Kullanım: %s [-q] [-r] [-s] [parola [gölge]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Kullanım: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Kullanım: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "Bilinmeyen id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "Kabuk yok\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: userdel [seçenekler] KULLANICI\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ "  -f, --force                   dosyalar kullanıcıya ait değilse bile "
+#~ "sil\n"
+#~ "  -h, --help                    bu yardım mesajını göster ve çık\n"
+#~ "  -r, --remove                  ev dizinini ve mesaj arÅŸivini sil\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: kullanıcı %s şu an oturumda\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: usermod [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~| "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~| "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~| "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~| "  -a, --append                  append the user to the supplemental "
+#~| "GROUPS\n"
+#~| "                                mentioned by the -G option without "
+#~| "removing\n"
+#~| "                                him/her from other groups\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~| "  -L, --lock                    lock the user account\n"
+#~| "  -m, --move-home               move contents of the home directory to "
+#~| "the\n"
+#~| "                                new location (use only with -d)\n"
+#~| "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~| "  -p, --password PASSWORD       use encrypted password for the new "
+#~| "password\n"
+#~| "  -s, --shell SHELL             new login shell for the user account\n"
+#~| "  -u, --uid UID                 new UID for the user account\n"
+#~| "  -U, --unlock                  unlock the user account\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Kullanım: usermod [seçenekler] LOGIN\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ "  -c, --comment YORUM           GECOS alanının yeni değeri\n"
+#~ "  -d, --home EV_DIZINI          kullanıcı hesabı için yeni oturum açma "
+#~ "dizini\n"
+#~ "  -e, --expiredate GEÇERLİLİK_TARİHİ hesap dolum süresini "
+#~ "GEÇERLİLİK_TARİHİ\n"
+#~ "                                (EXPIRE_DATE) olarak ayarla\n"
+#~ "  -f, --inactive PASIF          şifre süresi dolduktan sonra şifreyi\n"
+#~ "                                PASIF olarak ayarla\n"
+#~ "  -g, --gid GRUP                birincil grup olarak GRUP kullanımını "
+#~ "zorla\n"
+#~ "  -G, --groups GRUPLAR          ilave grupları yeni listesi\n"
+#~ "  -a, --append                  kullanıcıyı ilave grupların sonuna ekle\n"
+#~ "                                -G seçeneğinde bahsedildiği gibi\n"
+#~ "                                diğer gruplardan çıkarmadan\n"
+#~ "  -h, --help                    bu yardım dosyasını göster ve çık\n"
+#~ "  -l, --login YENI_LOGIN        oturum açma ismi için yeni değer\n"
+#~ "  -L, --lock                    kullanıcı hesabını kilitle\n"
+#~ "  -m, --move-home               Ev dizininin içeriğini yeni bir\n"
+#~ "                                dizine kopyalar(sadece -d ile "
+#~ "kullanılır)\n"
+#~ "  -o, --non-unique              aynı UID yi kullanmaya izin verir\n"
+#~ "  -p, --password PAROLA         yeni parolalar için şifrelenmiş parola "
+#~ "kullan\n"
+#~ "  -s, --shell SHELL             kullanıcı hesabı için yeni oturum açma "
+#~ "kabuÄŸu\n"
+#~ "  -u, --uid UID                 kullanıcı hesabı için yeni UID\n"
+#~ "  -U, --unlock                  kullanıcı hesabı kilidini aç\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: herhangi bir bayrak verilmedi\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: vipw [seçenekler]\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ "  -g, --group                   grub veri tabanını düzenler\n"
+#~ "  -h, --help                    bu yardım dosyasını gösterir ve çıkar\n"
+#~ "  -p, --passwd                  şifre veri tabanını düzenler\n"
+#~ "  -q, --quiet                   sessiz kip\n"
+#~ "  -s, --shadow                  shadow veya gshadow veri tabanını "
+#~ "düzenler\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Kullanım: %s [girdi]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: %s yaratılamıyor\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: chown %s gerçekleştirilemiyor\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     display faillog records for all users\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --lock-time SEC           after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| "  -m, --maximum MAX             set maximum failed login counters to "
+#~| "MAX\n"
+#~| "  -r, --reset                   reset the counters of login failures\n"
+#~| "  -t, --time DAYS               display faillog records more recent than "
+#~| "DAYS\n"
+#~| "  -u, --user LOGIN              display faillog record or maintains "
+#~| "failure\n"
+#~| "                                counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| "                                options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: faillog [seçenekler]\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ "  -a, --all                     tüm kullanıcılar için faillog "
+#~ "kayıtlarını\n"
+#~ "                                gösterir\n"
+#~ " -h, --help                     bu yardım dosyasını göster ve çık\n"
+#~ "  -l, --lock-time SANİYE(SEC)   hatalı oturum açılımından sonra, hesabı\n"
+#~ "                                SANÄ°YE kadar saniye kilitler\n"
+#~ "  -m, --maximum AZAMİ(MAX)      en fazla hatalı oturum açılış sayacını "
+#~ "AZAMÄ°\n"
+#~ "                                deÄŸerine ayarlar\n"
+#~ "  -r, --reset                   oturum açılış sayacını sıfırlar\n"
+#~ "  -t, --time GÜN_SAYISI(DAYS)   GÜN_SAYISI kadar günden daha güncel olan\n"
+#~ "                                faillog kayıtlarını gösterir\n"
+#~ "  -u, --user KULLANICI(LOGIN)   faillog kaydını gösterir veya hata\n"
+#~ "                                sayacını onarır ve sadece KULLANICI ile\n"
+#~ "                                belirtilen kullanıcıları sınırlar (-r, -"
+#~ "m\n"
+#~ "                                veya -l seçenekleri ile kullanıldıysa)\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: groupadd [seçenekler] GRUP\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ "  -f, --force                   belirtilen grub mevcutsa bile, çıkışta\n"
+#~ "                                başarılı kodu verecek şekilde zorla\n"
+#~ "  -g, --gid GID                 yeni grub için bu GID yi kullan\n"
+#~ "  -h, --help                    bu yardım dosyasını göster ve çık\n"
+#~ "  -K, --key ANAHTAR=DEĞER       /etc/login.defs dosyasındaki\n"
+#~ "                                öntanımlı değerlerin üzerine yazar\n"
+#~ "  -o, --non-unique              aynı GID ile grub oluşturulmasına izin "
+#~ "ver\n"
+#~ "  -p, --password PAROLA         yeni grup için şifreli olarak PAROLA "
+#~ "kullan\n"
+#~ "  -r, --system                  bir sistem hesabı yarat\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Usage: groupmod [seçenekler] GRUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 bu grubu yeni GID ile kullanıma zorla\n"
+#~ "  -h, --help                    bu yardım dosyasını göster ve çık\n"
+#~ "  -n, --new-name YENÄ°_GRUP      grubu YENÄ°_GRUP ismini kullanmaya zorla\n"
+#~ "  -o, --non-unique              grubun aynı GID yi kullanmasına izin ver\n"
+#~ "  -p, --password PAROLA         yani parola için şifreli olarak PAROLA "
+#~ "kullan\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: useradd [options] LOGIN\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~| "                                home directory\n"
+#~| "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~| "account\n"
+#~| "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~| "  -D, --defaults                print or save modified default useradd\n"
+#~| "                                configuration\n"
+#~| "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -g, --gid GROUP               force use GROUP for the new user "
+#~| "account\n"
+#~| "  -G, --groups GROUPS           list of supplementary groups for the "
+#~| "new\n"
+#~| "                                user account\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~| "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~| "  -l,                           do not add the user to the lastlog and\n"
+#~| "                                faillog databases\n"
+#~| "  -m, --create-home             create home directory for the new user\n"
+#~| "                                account\n"
+#~| "  -N, --no-user-group           do not create a group with the same name "
+#~| "as\n"
+#~| "                                the user\n"
+#~| "  -o, --non-unique              allow create user with duplicate\n"
+#~| "                                (non-unique) UID\n"
+#~| "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~| "                                account\n"
+#~| "  -r, --system                  create a system account\n"
+#~| "  -s, --shell SHELL             the login shell for the new user "
+#~| "account\n"
+#~| "  -u, --uid UID                 force use the UID for the new user "
+#~| "account\n"
+#~| "  -U, --user-group              create a group with the same name as the "
+#~| "user\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Kullanım: useradd [seçenekler] KULLANICI\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ "  -b, --base-dir EV_DÄ°ZÄ°NÄ°(BASE_DIR)\n"
+#~ "                                yeni kullanıcı hesabının ev dizini için\n"
+#~ "                                ana dizin\n"
+#~ "  -c, --comment YORUM(COMMENT)\n"
+#~ "                                yeni kullanıcı için GECOS alanını "
+#~ "ayarlar\n"
+#~ "  -d, --home-dir EV_DÄ°ZÄ°NÄ°(HOME_DIR)\n"
+#~ "                                yeni kullanıcı hesabı için ev dizini\n"
+#~ "  -D, --defaults                değiştirilmiş öntanımlı "
+#~ "useradd                                 yapılandırmasını görüntüle veya "
+#~ "kaydet\n"
+#~ "  -e, --expiredate TARIH  hesap süresi dolumunu TARIH olarak\n"
+#~ "                                ayarla\n"
+#~ "  -f, --inactive PASIF          şifre süresi dolduktan sonra şifreyi\n"
+#~ "                                PASIF olarak ayarla\n"
+#~ "  -g, --gid GRUP                yeni kullanıcı hesabı için GRUP "
+#~ "kullanımını\n"
+#~ "                                zorla\n"
+#~ "  -G, --groups GRUPLAR          yeni kullanıcı hesabı için\n"
+#~ "                                ilave grubları listesi\n"
+#~ "  -h, --help                    bu yardım dosyasını göster ve çık\n"
+#~ "  -k, --skel TEMEL_DİZİN        farklı bir temel dizin belirtir\n"
+#~ "  -K, --key ANAHTAR=DEĞER       /etc/login.defs dosyasındaki öntanımlı\n"
+#~ "                                değerlerin üzerine yazar\n"
+#~ "  -l,                           kullanıcıyı lastlog ve faillog "
+#~ "veritabanlarına\n"
+#~ "                                ekleme\n"
+#~ "  -m, --create-home             yeni kullanıcı hesabı için ev dizini "
+#~ "yarat\n"
+#~ "  -N, --non-user-group          kullanıcı adıyla aynı isimde bir grup "
+#~ "yaratma\n"
+#~ "  -o, --non-unique              aynı UID ile kullanıcı yaratılmasına izin "
+#~ "ver\n"
+#~ "  -p, --password PAROLA         yeni kullanıcı hesabı için şifrelenmiş "
+#~ "parola\n"
+#~ "  -r, --system                  bir sistem hesabı yarat\n"
+#~ "  -s, --shell KABUK             yeni kullanıcı hesabı için oturum açma "
+#~ "kabuÄŸu\n"
+#~ "  -u, --uid UID                 yeni kullanıcı hesabı için UID "
+#~ "kullanımını\n"
+#~ "                                zorla\n"
+#~ "  -U, --user-group              kullanıcı ile aynı isimde bir grup yarat\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: %s [options] [input]\n"
+#~ "\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -r, --system                  create system accounts\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Kullanım: %s [seçenekler] [girdi]\n"
+#~ "\n"
+#~ "  -c, --crypt-method            kripto metodu (bunlardan biri: %s)\n"
+#~ "  -r, --system                  sistem hesaplarını yarat\n"
+#~ "%s\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Parolanızın kullanım süresi doldu."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: parola dosyası kilitlenemedi\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: parola dosyası açılamadı\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: gölge parola dosyası kilitlenemedi\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: gölge parola dosyası açılamadı\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: gölge parola dosyasının üzerine yazılamadı\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: parola dosyasına yazılamadı\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: gölge parola dosyası güncellenemedi\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tTam Ä°sim: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\tOda Numarası: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tÄ°ÅŸ Telefonu: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tEv Telefonu: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "Parola dosyası kilitlenemiyor, daha sonra tekrar deneyin.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "Parola dosyası açılamıyor.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "Parola kaydı güncellenmesinde hata.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "Parola dosyası değişiklikleri işlenemiyor.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "Parola dosyası kilidi açılamıyor.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: grup dosyası kilitlenemiyor\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: grup dosyası açılamıyor\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: gölge dosyası kilitlenemiyor\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: gölge dosyası açılamıyor\n"
+
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: gshadow dosyası güncellenmesinde hata\n"
+
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: grup dosyası güncellenirken hata oluştu\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: satır %d: bilinmeyen kullanıcı %s\n"
+
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: satır %d: grup kaydı güncellenemiyor\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: gölge dosyası kilitlenemiyor\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: gölge (shadow9 dosyası güncellenmesinde hata\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: parola dosyası güncellenmesinde hata\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: satır %d: bilinmeyen kullanıcı %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: satır %d: parola kaydı güncellenemiyor\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: bilinmeyen kullanıcı\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "Bilinmeyen Kullanıcı: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Kullanım: %s [-r|-R] grup\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "       %s [-a kullanıcı] grup\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "       %s [-d kullanıcı] grup\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "        %s [-A kullanıcı,...] [-M kullanıcı,...] grup\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "       %s [-M kullanıcı,...] grup\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: kilitlenemiyor\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: gölge kilidi koyulamıyor\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: dosya açılamıyor\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: gölge dosyası tekrar yazılamıyor\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: dosya kilidi açılamıyor\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: kayıt güncellenemiyor\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: gölge kaydı güncellenemiyor\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "bilinmeyen grup: %s\n"
+
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: dosya kapatılamıyor\n"
+
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: shadow dosyası kapatılamıyor\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Siz kimsiniz?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: bilinmeyen üye %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: yeni grup kaydı eklenirken hata oluştu\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: grup dosyasına yazılamıyor\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: gölge grup dosyasına yazılamıyor\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: grup dosyası kilitlenemiyor\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: grup dosyası açılamıyor\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası kilitlenemiyor\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası açılamıyor\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u tek deÄŸil\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: grup kaydını silerken hata oluştu\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: gölge grup kaydını silerken hata oluştu\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: kullanıcının birincil grubu silinemez\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Silinecek üye bulunamadı\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Kullanım: groupmems -a kullanıcıadı | -d kullanıcıadı | -D | -l[-g "
+#~ "grupadı]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Sadece root kullacısı üyeleri başka gruplara ekleyebilir\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "Grup hakkı gerekli\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "Åžu anki grubun birincil sahibi deÄŸil\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "PAM yetkilendirmesi başarısız oldu\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "Grup dosyası kilitlenemiyor\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "Grup dosyası kapatılamıyor\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s /etc/group dosyasında bulunamadı\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u benzersiz bir GID deÄŸil\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s benzersiz bir isim deÄŸil\n"
+
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: passwd dosyasına yazılamıyor\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: parola dosyası kilitlenemiyor\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: parola dosyası açılamıyor\n"
+
+#~ msgid ""
+#~ "%s: cannot change the primary group of user '%s' from %u to %u, since it "
+#~ "is not in the passwd file.\n"
+#~ msgstr ""
+#~ "%s: '%s' kullanıcısının birincil grubu %u grubundan %u grubuna\n"
+#~ "değiştirilemiyor, çünkü bu kullanıcı passwd dosyasında yok.\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: %s için gölge kaydı güncellenemiyor\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: %s grubu için kayıt güncellenemiyor\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası kilitlenemiyor\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası açılamıyor\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s gölge grubu %s silinemiyor\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası güncellenemiyor\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası silinemiyor\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "bilinmeyen UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "bilinmeyen GID: %lu\n"
+
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: grup `%s' geçerli değil\n"
+
+#~ msgid ""
+#~ "%s: group %s created, failure during the creation of the corresponding "
+#~ "gshadow group\n"
+#~ msgstr ""
+#~ "%s: %s grubu yaratıldı, uygun olan gshadow grubu yaratılırken hata "
+#~ "oluÅŸtu\n"
+
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: kullanıcı `%s' mevcut değil\n"
+
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: geçersiz kullanıcı adı `%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: /etc/passwd kilitlenemiyor.\n"
+
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: /etc/shadow kilitlenemiyor.\n"
+
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: /etc/group kilitlenemiyor.\n"
+
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: /etc/gshadow kilitlenemiyor.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: dosyalar açılamıyor\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: dosyaların güncellenmesinde hata oluştu\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: %s için passwd kaydı güncellenemedi\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: passwd dosyası kilitlenemedi\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: passwd dosyası açılamadı\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: %s için gölge kaydı silinemedi\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: passwd dosyası güncellenemedi\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: kullanıcı %s için kayıt güncellenemiyor\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: gölge parola dosyası silinemiyor\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: bilinmeyen GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: bilinmeyen grup %s\n"
+
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: Bellek yetersiz. Shadow grup veritabanı güncellenemiyor.\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: parola dosyası yazılamıyor\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: gölge parola dosyası yazılamıyor\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: gölge parola dosyası kilitlenemiyor\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: gölge parola dosyası açılamıyor\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: grup dosyası kilitlenmesinde hata\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: grup dosyası açılırken hata\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası kilitlenirken hata\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası açılırken hata\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: yeni parola kaydı eklenirken hata\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: yeni gölge parola kaydı eklenirken hata\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr ""
+#~ "%s: uyarı: CREATE_HOME desteklenmiyor, lütfen bunun yerine -m kullanın.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: grup kaydı güncellenirken hata oluştu\n"
+
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: shadow grup kaydı güncellenirken hata oluştu\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: grup dosyası açılamıyor\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: gölge grup dosyası açılamıyor\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: parola kaydı silinirken hata oluştu\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: gölge parola kaydı silinirken hata oluştu\n"
+
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: yeni shadow grup kaydı eklenirken hata oluştu\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu benzersiz deÄŸil\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: parola kaydı değiştirilirken hata oluştu\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: parola kaydı silinirken hata oluştu\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: gölge parola kaydı silinirken hata oluştu\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: tek (benzersiz) bir GID alınamadı\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " '%.200s'den '%.100s' üzerinde"
+
+#~ msgid " on '%.100s'"
+#~ msgstr " '%.100s' üzerinde"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: satır %d: UID yaratılamıyor\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: %s ismi tek deÄŸil\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Kullanım: chgpasswd [seçenekler]\n"
+#~ "\n"
+#~ "Seçenekler:\n"
+#~ "  -e, --encrypted\tverilen parolalar, ÅŸifrelendirilir\n"
+#~ "  -h, --help\t\tbu yardım dosyasını gösterir ve çıkar\n"
+#~ "  -m, --md5\t\tgirilen parolalar ÅŸifrelenmediÄŸinde, DES yerine MD5\n"
+#~ "\t\t\t\tşifrelemesi kullanır\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "Parola dosyası yok\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Üzgünüm.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Üzgünüm, %s için parola henüz değiştirilemedi.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Üzgünüm."
diff --git a/po/uk.po b/po/uk.po
new file mode 100644
index 0000000..03a3498
--- /dev/null
+++ b/po/uk.po
@@ -0,0 +1,3624 @@
+# translation of uk.po to Ukrainian
+# Roman Festchook <linux@polesye.net>, 2001-2005.
+# Eugeniy Meshcheryakov <eugen@univ.kiev.ua>, 2005, 2006.
+# translation of uk.po to
+# shadow.pot Ukrainian translation.
+# Comments and bug-reports are welcomed
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.18\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2007-11-26 22:52+0100\n"
+"Last-Translator: Eugeniy Meshcheryakov <eugen@univ.kiev.ua>\n"
+"Language-Team: Ukrainian\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms:  nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n"
+"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+"X-Generator: KBabel 1.11.2\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "�е можу виділити ре�ур�и дл� конфігураційних даних.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr ""
+"помилка у конфігурації - невідома позиці� '%s' (повідомте адміні�тратора)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "Пароль: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Пароль кори�тувача %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "�е можу виділити ре�ур�и дл� конфігураційних даних.\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Змінюю вікову інформацію дл� %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s: �е можу визначити Ваше ім'� кори�тувача.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s: р�док %d: не можу знайти кори�тувача %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: брак пам'�ті\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: неможливо оновити файл %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: невірна домашн� тека \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: не можу �творити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: за�тереженн�: не можу видалити "
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: за�тереженн�: не можу видалити "
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: перейменуванн�: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: за�тереженн�: не можу видалити "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: не можу �творити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: за�тереженн�: не можу видалити "
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: неможливо оновити файл %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: не можу оновити файл прихованих паролів\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: перейменуванн�: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: не можу відкрити файл %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "За�тереженн�: невідома група %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "За�тереженн�: забагато груп\n"
+
+msgid "Your password has expired."
+msgstr "Ваш пароль про�трочено."
+
+msgid "Your password is inactive."
+msgstr "Ваш пароль є неактивним."
+
+msgid "Your login has expired."
+msgstr "Ваш логін про�трочено."
+
+msgid "  Contact the system administrator."
+msgstr "  Зв'�жіть�� з �и�темним адміні�тратором."
+
+msgid "  Choose a new password."
+msgstr "  Оберіть новий пароль."
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Ваш пароль буде про�трочено за %ld днів.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Ваш пароль буде про�трочено завтра."
+
+msgid "Your password will expire today."
+msgstr "Ваш пароль буде про�трочено �ьогодні."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "�е можу змінити tty %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: пол� занадто довгі\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: "
+msgstr "%s: %s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "Переповненн� оточенн�\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Ви не можете змінити $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d помилка з ча�у о�таннього входу.\n"
+"О�танній вхід: %s з %s.\n"
+msgstr[1] "%d помилки з ча�у о�таннього входу. О�танній вхід: %s з %s.\n"
+msgstr[2] "%d помилок з ча�у о�таннього входу. О�танній вхід: %s з %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "не можу змінити вла�ника поштової �криньки"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s: не можу отримати унікальний UID\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: не можу отримати унікальний GID\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s: не можу отримати унікальний UID\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: не можу отримати унікальний UID\n"
+
+msgid "Too many logins.\n"
+msgstr "Забагато входів.\n"
+
+msgid "You have new mail."
+msgstr "Ви маєте нову пошту."
+
+msgid "No mail."
+msgstr "Пошти не має."
+
+msgid "You have mail."
+msgstr "Ви маєте пошту."
+
+msgid "no change"
+msgstr "без змін"
+
+msgid "a palindrome"
+msgstr "паліндром"
+
+msgid "case changes only"
+msgstr "тільки зміна регі�тру"
+
+msgid "too similar"
+msgstr "занадто подібні"
+
+msgid "too simple"
+msgstr "занадто про�тий"
+
+msgid "rotated"
+msgstr "пере�тавлені літери"
+
+msgid "too short"
+msgstr "закороткий"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Поганий пароль: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() не виконано, помилка %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "Пароль змінено."
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: пароль вдало змінено\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "�евірний пароль дл� %s.\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: не вдало�� �кинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home phone: '%s'\n"
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: невірний домашній телефон: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: не можу �творити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: не можу �творити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: не можу �творити теку %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "�еможливо перейти до теки \"%s\"\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "�емає теки, входимо з HOME=/"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "�е можу виконати %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "�евірна коренева тека \"%s\"\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "�еможливо змінити кореневу теку на \"%s\"\n"
+
+msgid "Unable to determine your tty name."
+msgstr "�еможливо визначити назву вашого термінала."
+
+#, fuzzy
+#| msgid "No\n"
+msgid "No"
+msgstr "�і\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "Викори�танн�: %s [вхідні_данні]\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Введіть нове значенн� або нати�ніть ENTER дл� значенн� за замовчанн�м"
+
+msgid "Minimum Password Age"
+msgstr "Мінімальний вік парол�"
+
+msgid "Maximum Password Age"
+msgstr "Мак�имальний вік парол�"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "О�танн� зміна парол� (РРРР-ММ-ДД)"
+
+msgid "Password Expiration Warning"
+msgstr "За�тереженн� про про�троченн� парол�"
+
+msgid "Password Inactive"
+msgstr "Пароль неактивний"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Дата про�троченн� рахунку (РРРР-ММ-ДД)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "О�танн� зміна парол�\t\t\t\t\t: "
+
+msgid "never"
+msgstr "ніколи"
+
+msgid "password must be changed"
+msgstr "Пароль змінено"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Пароль �тає про�троченим\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Пароль неактивний\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Рахунок �тає про�троченим\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Мінімальна кількі�ть днів між змінами паролю\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Мак�имальна кількі�ть днів між змінами паролю\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Кількі�ть днів дл� за�тереженн� про про�троченн� паролю\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: невірна дата \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: невірний чи�ловий аргумент \"%s\"\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: не викори�товуйте \"l\" з іншими прапорц�ми\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: У до�тупі відмовлено.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: �е можу визначити Ваше ім'� кори�тувача.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: PAM: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: не можу блокувати файли, �пробуйте пізніше\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s: не можу відкрити файл %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: помилка відгалудженн�: %s"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: не вдало�� �кинути привілеї (%s)\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: не можу відкрити файл прихованих паролів\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: кори�тувач %s не і�нує\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "Змінюю вікову інформацію дл� %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: помилка зміни полів\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "Викори�танн�: %s [вхідні_данні]\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "Повне ім'�"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "\t%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid "Room Number"
+msgstr "�омер кімнати"
+
+msgid "Work Phone"
+msgstr "Робочій телефон"
+
+msgid "Home Phone"
+msgstr "Домашній телефон"
+
+msgid "Other"
+msgstr "Інше"
+
+msgid "Cannot change ID to root.\n"
+msgstr "�е можу змінити ID на root.\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: невірне ім'�: \"%s\"\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: невірний номер кімнати: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: невірний робочий телефон: \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: невірний домашній телефон: \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: '%s' contains illegal characters\n"
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: \"%s\" мі�тить заборонені �имволи\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: \"%s\" мі�тить заборонені �имволи\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: кори�тувач %s не і�нує\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: неможливо змінити кори�тувача \"%s\" у клієнті NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: \"%s\" є NIS-�ервером дл� цього клієнта.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "Зміна інформації про кори�тувача %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: пол� занадто довгі\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "Викори�танн�: %s [вхідні_данні]\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: прапорець -a можна викори�товувати ТІЛЬКИ з прапорцем -G\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: р�док %d: р�док занадто довгий\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: р�док %d: бракує нового парол�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: не вдало�� �кинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: група %s не і�нує\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: р�док %d: не можу оновити запи�\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: ви�влено помилку, зміни ігнорують��\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: кори�тувач %s не і�нує\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: кори�тувач %s не і�нує\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "Логін-оболонка"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "�е можна змінити оболонку дл� %s.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "Змінюю оболонку дл� %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: �евірний запи�: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s є невірна оболонка.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: кори�тувач %s не і�нує\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: за�тереженн�: %s не належить %s\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "lastlog: unexpected argument: %s\n"
+msgid "%s: unexpected argument: %s\n"
+msgstr "lastlog: неочікуваний аргумент: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: не можу �творити теку %s\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "Логін       Помилок Мак�имум О�таннє                 �а\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [%lds залишило�ь]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds блоковано]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: не можу �творити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: не вдало�� �кинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: не можу �творити теку %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "�евідомий кори�тувач: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: не вдало�� �кинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Викори�танн�: %s [вхідні_данні]\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Пароль дл� %s не може бути змінений.\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "Пароль дл� %s не може бути змінений.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: приховані паролі груп потрібні дл� -A\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: група %s не і�нує\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: помилка відгалудженн�: %s"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "Зміна парол� дл� групи %s\n"
+
+msgid "New Password: "
+msgstr "�овий пароль: "
+
+msgid "Re-enter new password: "
+msgstr "Повторіть новий пароль: "
+
+msgid "They don't match; try again"
+msgstr "не �півпадає; �пробуйте знову"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Спробуйте знову пізніше\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "Додано нового кори�тувача %s до групи %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "Видалено кори�тувача %s з групи %s\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: кори�тувач %s не і�нує\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: �е є tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "Викори�танн�: %s [вхідні_данні]\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: %s: то не є вірне ім'� групи\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "невірна назва групи \"%s\"\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K вимагає ЗМІ���=З��ЧЕ��Я\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: група %s і�нує\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: GID '%lu' already exists\n"
+msgstr "Член вже і�нує\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: �е можу визначити Ваше ім'� кори�тувача.\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: неможливо змінити кори�тувача \"%s\" у клієнті NIS.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: група %s не і�нує\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group '%s' is a NIS group.\n"
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: група \"%s\" є групою NIS.\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s є �ервер NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: кори�тувач %s є кори�тувачем NIS\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: бракує пам'�ті у update_group\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "Викори�танн�: %s [вхідні_данні]\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "невірна назва групи \"%s\"\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: група %s є групою NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: невідомий кори�тувач %s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Викори�танн�: %s [вхідні_данні]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "Викори�танн�: %s [вхідні_данні]\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: -s та -r не�умі�ні\n"
+
+msgid "invalid group file entry"
+msgstr "невірний запи� у файлі груп"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "видалити р�док \"%s\"? "
+
+msgid "duplicate group entry"
+msgstr "дублюючий запи� у базі груп"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "невірна назва групи \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "invalid group name '%s'\n"
+msgid "invalid group ID '%lu'\n"
+msgstr "невірна назва групи \"%s\"\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "група %s: немає кори�тувача %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "видалити члена \"%s\"? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "відповідний запи� файлу груп від�утній у %s\n"
+
+#, fuzzy, c-format
+#| msgid "add group '%s' in %s ?"
+msgid "add group '%s' in %s? "
+msgstr "додати групу \"%s\" у %s?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "невірний запи� у файлі прихованих груп"
+
+msgid "duplicate shadow group entry"
+msgstr "дублюючий запи� у файлі прихованих груп"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "прихована група %s: не має адміні�тратора %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "видалити адміні�тратора \"%s\"? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "прихована група %s: немає кори�тувача %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: файли було оновлено\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: без змін\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s: неможливо оновити файл %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Викори�танн�: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Викори�танн�: id\n"
+
+msgid " groups="
+msgstr " групи="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr "Кори�тувач       Порт  Звідки           О�танній вхід"
+
+msgid "Username                Port     Latest"
+msgstr "Кори�тувач             Порт     О�танній вхід"
+
+msgid "**Never logged in**"
+msgstr "**�іколи не входив**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: не можу �творити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: не можу оновити файл паролів\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Викори�танн�: %s [-p] [ім'�]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "                %s [-p] [-h вузол] [-f ім'�]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "                %s [-p] -r вузол\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "�евірний ча� дл� входу"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Си�тему закрито дл� профілактики."
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Стало�� відключенн� -- дозволено лише вхід root-a.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"�емає запи�у utmp.  Вам потрібно виконати \"login\" з \"sh\" найнижчого рівн�"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"Ча� логіну буде вичерпано за %d �екунд.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: Помилка PAM, перервано: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s логін: "
+
+msgid "login: "
+msgstr "логін: "
+
+#, fuzzy, c-format
+#| msgid "Maximum number of tries exceeded (%d)\n"
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Перевищено мак�имальну кількі�ть �проб (%d)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: �и�тема PAM запро�ила перериванн�\n"
+
+msgid "Login incorrect"
+msgstr "�евірний логін"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s: р�док %d: не можу знайти кори�тувача %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s логін: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: помилка відгалудженн�: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "За�тереженн�: login поновлено пі�л� тимча�ового блокуванн�."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "О�танній вхід в �и�тему: %s на %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "О�танній вхід в �и�тему: %.19s на %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " з %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"вичерпано ча� логіну\n"
+"\n"
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "Викори�танн�: id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "Викори�танн�: newgrp [-] [група]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "Викори�танн�: sg група [[-c] команда]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: не вдало�� �кинути привілеї (%s)\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "Старий пароль: "
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: помилка відгалудженн�: %s"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: кори�тувач %s не і�нує\n"
+
+msgid "too many groups\n"
+msgstr "занадто багато груп\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s: група %s не і�нує\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: невірне ім'� кори�тувача '%s'\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: невірне ім'� кори�тувача '%s'\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: р�док %d: невірний р�док\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s: не можу оновити запи� дл� кори�тувача %s\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: р�док %d: не можу �творити GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: р�док %d: не можу �творити GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: кори�тувач %s не і�нує\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: р�док %d: не можу оновити пароль\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: р�док %d: mkdir не виконав��\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: р�док %d: chown не виконав��\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: р�док %d: не можу оновити запи�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: не вдало�� �кинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: не можу �творити %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: не можу оновити файл груп\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "Старий пароль: "
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Введіть новий пароль (від %d до %d знаків)\n"
+"Змішуйте великі та малі літери та цифри.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Введіть новий пароль (від %d до %d знаків)\n"
+"Змішуйте великі та малі літери та цифри.\n"
+
+msgid "New password: "
+msgstr "�овий пароль: "
+
+msgid "Try again."
+msgstr "Спробуйте ще."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"За�тереженн�: Поганий пароль (введіть його знову, �кщо в�е одно бажаєте його "
+"викори�товувати)."
+
+msgid "They don't match; try again.\n"
+msgstr "�е �півпадає; �пробуйте знову.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Пароль дл� %s не може бути змінений.\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Пароль дл� %s не може бути змінений.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: �ховище %s не підтримуєть��\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s: Ви не можете дивити�� та змінювати парольну інформацію дл� %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "Зміна парол� дл� %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Пароль дл� %s не змінено.\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "Пароль змінено."
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "За�тереженн� про про�троченн� парол�"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "Викори�танн�: %s [вхідні_данні]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "Викори�танн�: %s [вхідні_данні]\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "невірний запи� у файлі паролів"
+
+msgid "duplicate password entry"
+msgstr "дублюючий запи� у файлі паролів"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "невірне ім'� кори�тувача '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "невірне ім'� кори�тувача '%s'\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "кори�тувач %s: не має групи %u\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "кори�тувач %s: тека %s не і�нує\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "кори�тувач %s: програма %s не і�нує\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s: не можу �творити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s: не можу �творити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s: не можу �творити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: не можу заблокувати файл %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "від�утній відповідний запи� у файлі паролів %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "додати кори�тувача \"%s\" в %s? "
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "невірний запи� у файлі прихованих паролів"
+
+msgid "duplicate shadow password entry"
+msgstr "дублюючий запи� у файлі прихованих паролів"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "кори�тувач %s: о�танн� зміна парол� у майбутньому\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: не можу відкрити файл %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: не можу перепи�ати файл\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "До�туп цього кори�тувача до su З�БОРО�Е�О.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "�утентифікацію пройдено.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Будь ла�ка введіть Ваш вла�ний пароль дл� аутентифікації.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: не можу заблокувати файл %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Викори�танн�: su [параметри] [ЛОГІ�]\n"
+"\n"
+"Параметри:\n"
+"  -c, --command КОМ��Д�     передати КОМ��ДУ запущеній оболонці\n"
+"  -h, --help                виве�ти це довідкове повідомленн� та вийти\n"
+"  -, -l, --login            зробити оболонку вхідною\n"
+"  -m, -p,\n"
+"  --preserve-environment    не �кидувати змінні оточенн� і залишити\n"
+"                            таку �аму оболонку\n"
+"  -s, --shell ОБОЛО�К�      викори�тати ОБОЛО�КУ замі�ть вказаної в passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Ігнорую)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Ви не авторизовані дл� su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(Введіть ваш пароль)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s: PAM автентифікаці� не пройшла\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "Ви не авторизовані дл� su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "Бракує запи�у у базі паролів дл� 'root'"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: повинно бути запущено з терміналу\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: помилка %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "�е можу виконати %s"
+
+msgid "No password file"
+msgstr "�емає файлу паролів"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "Бракує запи�у у базі паролів дл� 'root'"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"�ати�ніть control-d дл� виконанн� звичайного завантаженн�,\n"
+"(або введіть пароль адміні�тратора дл� відновленн� �и�теми):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "Входимо у режим відновленн� �и�теми"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: не можу �творити новий файл із значенн�ми по замовчуванню\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: не можу відкрити новий файл із значенн�ми по замовчуванню\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: р�док %d: chown не виконав��\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: не можу �творити теку %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: перейменуванн�: %s"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: група \"%s\" є групою NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: вказано забагато груп (мак� %d).\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "Викори�танн�: %s [вхідні_данні]\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: невірна базова тека \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: невірний коментар \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: невірна домашн� тека \"%s\"\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: приховані паролі потрібні дл� -e\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: приховані паролі потрібні дл� -f\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: невірне поле \"%s\"\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: невірна оболонка \"%s\"\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: не вдало�� �кинути привілеї (%s)\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: не можу �творити теку %s\n"
+
+msgid "Creating mailbox file"
+msgstr "Створюєть�� файл поштової �криньки"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Групу \"mail\" не знайдено. Поштова �кринька кори�тувача �творюєть�� з "
+"правами до�тупу 0600\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "В�тановлюють�� права до�тупу на файл поштової �криньки"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: кори�тувач %s і�нує\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s: група %s і�нує - �кщо ви бажаєте додати кори�тувача до цієї групи, "
+"викори�товуйте -g.\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: не можу �творити %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: UID %u is not unique\n"
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %u не є унікальним\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: не можу �творити теку %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: не можу �творити %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: не можу �творити %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: не можу �творити %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: увага: домашн� тека вже і�нує.\n"
+"Жоден файл з директорії кі�т�ка не копіюєть��.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s: неможливо змінити кори�тувача \"%s\" у клієнті NIS.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "%s: Cannot remove group %s which is a primary group for another user.\n"
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: не можу видалити групу %s �ка є первинною групою іншого кори�тувача.\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: невірна домашн� тека \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: за�тереженн�: не можу видалити "
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s не належить %s, не видалено\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: не вдало�� �кинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: кори�тувач %s є кори�тувачем NIS\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid home directory '%s'\n"
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: невірна домашн� тека \"%s\"\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s: не видалено теку %s (можна видалити домашню теку кори�тувача %s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: помилка видаленн� теки %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: кори�тувач %s і�нує\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: невірна дата \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: невірна дата \"%s\"\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s: не можу відкрити файл %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: приховані паролі потрібні дл� -e і -f\n"
+
+#, fuzzy, c-format
+#| msgid "Member already exists\n"
+msgid "%s: UID '%lu' already exists\n"
+msgstr "Член вже і�нує\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: тека %s і�нує\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: не можу �творити теку %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: увага: не вдало�� повні�тю видалити �тару домашню теку %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: не можу перейменувати теку з %s на %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: за�тереженн�: %s не належить %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "не можу змінити вла�ника поштової �криньки"
+
+msgid "failed to rename mailbox"
+msgstr "не можу перейменувати поштову �криньку"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: не вдало�� �кинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: не вдало�� �кинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: не вдало�� �кинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: не вдало�� �кинути привілеї (%s)\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "%s: failed to remove %s\n"
+msgstr "%s: не вдало�� �кинути привілеї (%s)\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s: %s не змінено\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "не можу перейменувати поштову �криньку"
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to drop privileges"
+msgstr "%s: не вдало�� �кинути привілеї (%s)\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "�е можу блокувати файл"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+#, fuzzy
+#| msgid "%s: failed to drop privileges (%s)\n"
+msgid "failed to gain privileges"
+msgstr "%s: не вдало�� �кинути привілеї (%s)\n"
+
+msgid "Couldn't lock file"
+msgstr "�е можу блокувати файл"
+
+msgid "Couldn't make backup"
+msgstr "�е можу зробити резервну копію"
+
+#, fuzzy, c-format
+#| msgid "%s: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s не знайдено у /etc/passwd\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Unable to open group file\n"
+msgid "failed to open scratch file"
+msgstr "�еможливо відкрити файл груп\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s: пол� занадто довгі\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "не можу перейменувати поштову �криньку"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "не можу змінити вла�ника поштової �криньки"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "не можу перейменувати поштову �криньку"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: не можу відновити %s: %s (ваші зміни у %s)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid base directory '%s'\n"
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: невірна базова тека \"%s\"\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Викори�танн�: %s [вхідні_данні]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) не виконано\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: chage [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -d, --lastday LAST_DAY        set last password change to LAST_DAY\n"
+#~| "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~| "EXPIRE_DATE\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --list                    show account aging information\n"
+#~| "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "  -W, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Викори�танн�: chage [параметри] [LOGIN]\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ "  -d, --lastday ОСТ���ІЙ_ДЕ�Ь   в�тановити дату о�танньої зміни парол� в\n"
+#~ "                                ОСТ���ІЙ_ДЕ�Ь\n"
+#~ "  -E, --expiredate Д�Т�_ПРОСТР  в�тановити дату про�троченн� облікового\n"
+#~ "                                запи�у у Д�Т�_ПРОСТР\n"
+#~ "  -h, --help                    виве�ти це довідкове повідомленн� та "
+#~ "вийти\n"
+#~ "  -I, --inactive �Е�КТИВ�ИЙ     зробити пароль неактивним пі�л� "
+#~ "про�троченн�\n"
+#~ "  -l, --list                    показати інформацію про вік облікового "
+#~ "запи�у\n"
+#~ "  -m, --mindays МІ�_Д�ІВ        в�тановити найменшу кількі�ть днів перед "
+#~ "зміною\n"
+#~ "                                парол� у МІ�_Д�ІВ\n"
+#~ "  -M, --maxdays М�КС_Д�ІВ       в�тановити мак�имальну кількі�ть днів "
+#~ "перед\n"
+#~ "                                зміною парол� у М�КС_Д�ІВ\n"
+#~ "  -W, --warndays ПОПЕРЕДЖЕ�ЯЯ   в�тоновити кількі�ть днів перед\n"
+#~ "                                попередженн�м про про�троченн� у "
+#~ "ПОПЕРЕДЖЕ��Я\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: PAM автентифікаці� не пройшла\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Викори�танн�: %s [-f повне_ім'�] [-r номер_кімнати] [-w робочій_телефон]\n"
+#~ "\t[-h домашній_телефон] [-o інше] [кори�тувач]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Викори�танн�: %s [-f повне_ім'�] [-r номер_кімнати]\n"
+#~ "\t[-w робочій_телефон] [-h домашній_телефон]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Викори�танн�: chpasswd [опції]\n"
+#~ "\n"
+#~ "Опції:\n"
+#~ "  -e, --encrypted               вказаний пароль зашифровано\n"
+#~ "  -h, --help                    показати цю допомогу та вийти\n"
+#~ "  -m, --md5                     викори�товувати MD5 шифруванн� замі�ть "
+#~ "DES,\n"
+#~ "                                �кщо вказані паролі не зашифровано\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Викори�танн�: chsh [параметри] [LOGIN]\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ "  -h, --help                    виве�ти це довідкове повідомленн� та "
+#~ "вийти\n"
+#~ "  -s, --shell ОБОЛО�К�          нова вхідна оболонка дл� облікового "
+#~ "запи�у\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "Викори�танн�: expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s: не можу відкрити файл %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "Викори�танн�: groupdel група\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Викори�танн�: %s [-r] [-s] [група [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Викори�танн�: %s [-r] [-s] [група]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: -s та -r не�умі�ні\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Викори�танн�: groupdel група\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Викори�танн�: groupdel група\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Викори�танн�: lastlog [параметри]\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ "  -b, --before Д�І              друкувати лише запи�и �таріші за Д�І\n"
+#~ "  -h, --help                    виве�ти допомогу та вийти\n"
+#~ "  -t, --time Д�ІВ               виве�ти лише запи�и �віжіші за Д�ІВ\n"
+#~ "  -u, --user ЛОГІ�              виве�ти запи�и о�танніх входів дл�\n"
+#~ "                                кори�тувача з ЛОГІ�ом\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: passwd [options] [LOGIN]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     report password status on all accounts\n"
+#~| "  -d, --delete                  delete the password for the named "
+#~| "account\n"
+#~| "  -e, --expire                  force expire the password for the named "
+#~| "account\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -k, --keep-tokens             change password only if expired\n"
+#~| "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~| "                                to INACTIVE\n"
+#~| "  -l, --lock                    lock the named account\n"
+#~| "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~| "password\n"
+#~| "                                change to MIN_DAYS\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -r, --repository REPOSITORY   change password in REPOSITORY "
+#~| "repository\n"
+#~| "  -S, --status                  report password status on the named "
+#~| "account\n"
+#~| "  -u, --unlock                  unlock the named account\n"
+#~| "  -w, --warndays WARN_DAYS      set expiration warning days to "
+#~| "WARN_DAYS\n"
+#~| "  -x, --maxdays MAX_DAYS        set maximim number of days before "
+#~| "password\n"
+#~| "                                change to MAX_DAYS\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Викори�танн�: passwd [параметри] [ЛОГІ�]\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ "  -a, --all                     звітувати про �тан паролів у�іх запи�ів\n"
+#~ "  -d, --delete                  видалити пароль дл� вказаного запи�у\n"
+#~ "  -e, --expire                  про�трочити пароль дл� вказаного запи�у\n"
+#~ "  -h, --help                    виве�ти це довідкове повідомленн� та "
+#~ "вийти\n"
+#~ "  -k, --keep-tokens             змінити пароль лише �кщо його "
+#~ "про�трочено\n"
+#~ "  -i, --inactive INACTIVE       зробити пароль неактивним пі�л� "
+#~ "про�троченн�\n"
+#~ "  -l, --lock                    заблокувати вказаний запи�\n"
+#~ "  -n, --mindays МІ�_Д�ІВ        в�тановити найменшу кількі�ть днів перед\n"
+#~ "                                зміною парол� у МІ�_Д�ІВ\n"
+#~ "  -q, --quiet                   тихий режим\n"
+#~ "  -r, --repository СХОВИЩЕ      змінити пароль у вказаному СХОВИЩІ\n"
+#~ "  -S, --status                  звітувати про �тан парол� вказаного "
+#~ "запи�у\n"
+#~ "  -u, --unlock                  розблокувати вказаний запи�\n"
+#~ "  -w, --warndays ПОП_Д�ІВ       в�тановити кількі�ть днів перед\n"
+#~ "                                повідомленн�м про про�троченн� у "
+#~ "ПОП_Д�ІВ\n"
+#~ "  -x, --maxdays М�КС_Д�ІВ       в�тановити мак�имальну кількі�ть днів "
+#~ "перед\n"
+#~ "                                зміною парол� у М�КС_Д�ІВ\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "Викори�танн�: %s [-q] [-r] [-s] [пароль [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "Викори�танн�: %s [-q] [-r] [-s] [пароль [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "Викори�танн�: id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "Викори�танн�: id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "�евідомий id: %s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "�емає оболонки\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Викори�танн�: userdel [параметри] ЛОГІ�\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ "  -f, --force                   видал�ти файли навіть �кщо вказаний\n"
+#~ "                                кори�тувач не є їх володарем\n"
+#~ "  -h, --help                    виве�ти це довідкове повідомленн� та "
+#~ "вийти\n"
+#~ "  -r, --remove                  видалити домашню теку і поштову �криньку\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s: кори�тувач %s на даний момент у �и�темі\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Викори�танн�: useradd [параметри] ЛОГІ�\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ "  -a, --append                  додати кори�тувача до додаткових ГРУП\n"
+#~ "                                (викори�товувати тільки з -G)\n"
+#~ "  -c, --comment КОМЕ�Т�Р        в�тановити поле GECOS дл� нового запи�у\n"
+#~ "                                кори�тувача\n"
+#~ "  -d, --home ДОМ_ТЕК�           домашн� тека дл� нового запи�у "
+#~ "кори�тувача\n"
+#~ "  -e, --expiredate Д�Т�_ПРОСТР  в�тановити дату про�троченн� запи�у\n"
+#~ "  -f, --inactive �Е�КТИВ�ИЙ     зробити пароль неактивним пі�л� "
+#~ "про�троченн�\n"
+#~ "  -g, --gid ГРУП�               викори�товувати ГРУПУ дл� нового запи�у\n"
+#~ "                                кори�тувача\n"
+#~ "  -G, --groups ГРУПИ            �пи�ок додаткових груп дл� нового запи�у\n"
+#~ "                                кори�тувача\n"
+#~ "  -h, --help                    показати це довідкове повідомленн� і "
+#~ "вийти\n"
+#~ "  -l, --login �ОВИЙ_ЛОГІ�       нове значенн� реє�траційного імені\n"
+#~ "  -L, --lock                    заблокувати обліковий запи� кори�тувача\n"
+#~ "  -m, --move-home               перене�ти вмі�т домашньої теки в нове "
+#~ "мі�це\n"
+#~ "                                (викори�товувати тільки з -d)\n"
+#~ "  -o, --non-unique              дозволювати �творювати кори�тувачів з UID "
+#~ "що\n"
+#~ "                                повторюють��\n"
+#~ "  -p, --password П�РОЛЬ         викори�товувати зашифрований пароль дл�\n"
+#~ "                                нового запи�у кори�тувача\n"
+#~ "  -s, --shell ОБОЛО�К�          вхідна оболонка дл� нового запи�у "
+#~ "кори�тувача\n"
+#~ "  -u, --uid UID                 викори�товувати UID дл� нового запи�у\n"
+#~ "                                кори�тувача\n"
+#~ "  -U, --unlock                  розблокувати обліковий запи� кори�тувача\n"
+#~ "\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s: не подано прапорців\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: vipw [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -g, --group                   edit group database\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -p, --passwd                  edit passwd database\n"
+#~| "  -q, --quiet                   quiet mode\n"
+#~| "  -s, --shadow                  edit shadow or gshadow database\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Викори�танн�: vipw [параметри]\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ "  -g, --group                   редагувати базу даних груп\n"
+#~ "  -h, --help                    виве�ти це довідкове повідомленн� та "
+#~ "вийти\n"
+#~ "  -p, --passwd                  редагувати базу даних паролів\n"
+#~ "  -q, --quiet                   тихий режим\n"
+#~ "  -s, --shadow                  редагувати базу даних shadow або gshadow\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "Викори�танн�: %s [вхідні_данні]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s: не можу �творити %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s: не можу змінити вла�ника %s\n"
+
+#, fuzzy
+#~| msgid ""
+#~| "Usage: faillog [options]\n"
+#~| "\n"
+#~| "Options:\n"
+#~| "  -a, --all                     display faillog records for all users\n"
+#~| "  -h, --help                    display this help message and exit\n"
+#~| "  -l, --lock-time SEC           after failed login lock accout to SEC "
+#~| "seconds\n"
+#~| "  -m, --maximum MAX             set maximum failed login counters to "
+#~| "MAX\n"
+#~| "  -r, --reset                   reset the counters of login failures\n"
+#~| "  -t, --time DAYS               display faillog records more recent than "
+#~| "DAYS\n"
+#~| "  -u, --user LOGIN              display faillog record or maintains "
+#~| "failure\n"
+#~| "                                counters and limits (if used with -r, -m "
+#~| "or -l\n"
+#~| "                                options) only for user with LOGIN\n"
+#~| "\n"
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Викори�танн�: faillog [опції]\n"
+#~ "\n"
+#~ "Опції:\n"
+#~ "  -a, --all             показати помилки входу дл� в�іх кори�тувачів\n"
+#~ "  -h, --help            показати цю допомогу та вийти\n"
+#~ "  -l, --lock-time СЕК   пі�л� помилки входу блокувати рахунок на СЕК\n"
+#~ "                        �екунд\n"
+#~ " -m, --maximum М�КС     в�тановити мак�имальну кількі�ть помилок входу "
+#~ "до\n"
+#~ "                        М�КС\n"
+#~ "  -r, --reset           перезавантажити лічільник помилок входу\n"
+#~ "  -t, --time Д�ІВ       показати помилки входу новіші за Д�ІВ\n"
+#~ "  -u, --user ЛОГІ�      показати помилки входу або ве�ти лічільники "
+#~ "помилок\n"
+#~ "                        та ліміти (�кщо викори�товуєть�� з -r, -m або -l\n"
+#~ "                        опці�ми) лише дл� кори�тувача з логіном ЛОГІ�\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Викори�танн�: groupadd [параметри] ГРУП�\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ "  -f, --force               приму�ити не повертати помилку �кщо вказана\n"
+#~ "                            група вже і�нує\n"
+#~ "  -g, --gid GID             викори�тати GID дл� нової групи\n"
+#~ "  -h, --help                показати це довідкове повідомленн� та вийти\n"
+#~ "  -K, --key КЛЮЧ=З��ЧЕ��Я   змінити значенн� за замовченн�м\n"
+#~ "                            з /etc/login.defs\n"
+#~ "  -o, --non-unique          дозволити �творювати групи з GID що "
+#~ "повторюють��\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Викори�танн�: groupmod [параметри] ГРУП�\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ "  -g, --gid GID                 в�тановити GID дл� групи\n"
+#~ "  -h, --help                    показати це довідкове повідомленн� та "
+#~ "вийти\n"
+#~ "  -n, --new-name �ОВ�_ГРУП�     викори�товувати назву �ОВ�_ГРУП� дл� "
+#~ "ГРУПИ\n"
+#~ "  -o, --non-unique              дозволити �творювати групи з GID що "
+#~ "повторюють��\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Викори�танн�: useradd [параметри] ЛОГІ�\n"
+#~ "\n"
+#~ "Параметри:\n"
+#~ "  -b, --base-dir Б�ЗОВ�_ТЕК�    базова тека дл� домашніх тек нових\n"
+#~ "                                кори�тувацьких облікових запи�ів\n"
+#~ "  -c, --comment КОМЕ�Т�Р        в�тановити поле GECOS дл� нового запи�у\n"
+#~ "                                кори�тувача\n"
+#~ "  -d, --home-dir ДОМ_ТЕК�       домашн� тека дл� нового запи�у "
+#~ "кори�тувача\n"
+#~ "  -D, --defaults                друкувати або зберегти змінені "
+#~ "налаштуванн�\n"
+#~ "                                useradd\n"
+#~ "  -e, --expiredate Д�Т�_ПРОСТР  в�тановити дату про�троченн� запи�у\n"
+#~ "  -f, --inactive �Е�КТИВ�ИЙ     зробити пароль неактивним пі�л� "
+#~ "про�троченн�\n"
+#~ "  -g, --gid ГРУП�               викори�товувати ГРУПУ дл� нового запи�у\n"
+#~ "                                кори�тувача\n"
+#~ "  -G, --groups ГРУПИ            �пи�ок додаткових груп дл� нового запи�у\n"
+#~ "                                кори�тувача\n"
+#~ "  -h, --help                    показати це довідкове повідомленн� і "
+#~ "вийти\n"
+#~ "  -k, --skel ТЕК�_КІСТЯК�       вказати альтернативну теку дл� кі�т�ка\n"
+#~ "  -K, --key КЛЮЧ=З��ЧЕ��Я       перепи�ати значенн� з /etc/login.defs\n"
+#~ "  -m, --create-home             �творити домашню теку дл� запи�у нового\n"
+#~ "                                кори�тувача\n"
+#~ "  -o, --non-unique              дозволювати �творювати кори�тувачів з UID "
+#~ "що\n"
+#~ "                                повторюють��\n"
+#~ "  -p, --password П�РОЛЬ         викори�товувати зашифрований пароль дл�\n"
+#~ "                                нового запи�у кори�тувача\n"
+#~ "  -s, --shell ОБОЛО�К�          вхідна оболонка дл� нового запи�у\n"
+#~ "                                кори�тувача\n"
+#~ "  -u, --uid UID                 викори�товувати UID дл� нового запи�у\n"
+#~ "                                кори�тувача\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "Пароль про�трочений."
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s: не можу заблокувати файл паролів\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s: не можу відкрити файл паролів\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s: не можу заблокувати файл прихованих паролів\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s: не можу відкрити файл прихованих паролів\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s: не можу перепи�ати файл прихованих паролів\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s: не можу перепи�ати файл паролів\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s: не можу оновити файл прихованих паролів\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\tПовне ім'�: %s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\t�омер кімнати: %s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\tРобочій телефон: %s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\tДомашній телефон: %s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "�е можу блокувати файл паролів; �пробуйте пізніше.\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "�е можу відкрити файл паролів.\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "�е можу оновити запи� у файлі паролів.\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "�е можу запи�ати зміни до файлу паролів.\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "�е можу розблокувати файл паролів.\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s: не можу блокувати файл груп\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s: не можу відкрити файл груп\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s: неможливо заблокувати файл gshadow\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s: не можу відкрити файл з прихованими парол�ми\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s: помилка оновленн� файлу з прихованими парол�ми\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s: помилка оновленн� запи�у у базі груп\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s: р�док %d: невідома група %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s: р�док %d: не можу оновити запи�\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s: не можу заблокувати файл з прихованими парол�ми\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s: помилка оновленн� файлу з прихованими парол�ми\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s: помилка оновленн� файлу з парол�ми\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s: р�док %d: невідомий кори�тувач %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s: р�док %d: не можу оновити запи� у базі паролів\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s: невідомий кори�тувач\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "�евідомий кори�тувач: %s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "Викори�танн�: %s [-r|-R] група\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "                %s [-a кори�тувач] група\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "                %s [-d кори�тувач] група\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "                %s [-A кори�тувач,...] [-M кори�тувач,...] група\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "                %s [-M кори�тувач,...] група\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s: не можу заблокувати\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s: не можу заблокувати базу прихований паролів\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s: не можу відкрити файл\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s: не можу перепи�ати файл прихованих паролів\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s: не можу розблокувати файл\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s: не можу оновити запи�\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s: не можу оновити запи� у базі прихованих паролів\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "невідома група: %s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s: не можу відкрити файл\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s: не можу відкрити файл з прихованими парол�ми\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "Ви хто?\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s: невідомий член %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s: помилка доданн� нового запи�у у файл груп\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s: не можу перепи�ати файл груп\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s: не можу перепи�ати файл прихованих груп\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s: не можу заблокувати файл груп\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s: не можу відкрити файл груп\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s: не можу блокувати файл прихованих груп\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s: не можу відкрити файл прихованих груп\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s: GID %u не є унікальним\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s: помилка видаленн� запи�у з бази груп\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s: помилка видаленн� запи�у з бази прихованих груп\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s: не можу видалити головну групу кори�тувача.\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "Член, �кого потрібно видалити, не знайдений\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr ""
+#~ "Викори�танн�: groupmems -a кори�тувач | -d кори�тувач | -D | -l [-g "
+#~ "група]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "Тільки root може додавати членів до інших груп\n"
+
+#~ msgid "Group access is required\n"
+#~ msgstr "�еобхідний до�туп до групи\n"
+
+#~ msgid "Not primary owner of current group\n"
+#~ msgstr "�е є первинним володарем поточної групи\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "PAM автентифікаці� не пройшла\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "�еможливо заблокувати файл груп\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "�еможливо закрити файл груп\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s: %s не знайдено у /etc/passwd\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s: %u не є унікальний GID\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s: %s не є унікальне ім'�\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s: не можу перепи�ати файл паролів\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s: не можу блокувати файл паролів\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s: не можу відкрити файл паролів\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s: не можу оновити прихований запи� дл� %s\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s: не можу оновити запи� дл� групи %s\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s: не можу блокувати файл прихованих груп\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s: не можу відкрити файл прихованих груп\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s: не можу видалити приховану групу %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s: не можу оновити файл прихованих груп\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s: не можу видалити файл прихованих груп\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "невідомий UID: %u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "невідомий GID: %lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s: група %s не і�нує\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s: кори�тувач %s не і�нує\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s: невірне ім'� кори�тувача '%s'\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s: не можу блокувати /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s: не можу блокувати /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s: не можу блокувати /etc/passwd.\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s: не можу блокувати /etc/passwd.\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s: не можу відкрити файл\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s: помилка оновленн� файлу\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s: не можу оновити запи� у файлі паролів дл� %s\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s: не можу блокувати файл паролів\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s: не можу відкрити файл паролів\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s: не можу видалити запи� у файлі прихованих паролів дл� %s\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s: не можу оновити файл паролів\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s: не можу оновити запи� дл� кори�тувача %s\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s: не можу видалити файл прихованих паролів\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s: невідомий GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s: невідома група %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s: бракує пам'�ті у update_gshadow\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s: не можу перепи�ати файл паролів\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s: не можу перепи�ати файл прихованих паролів\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s: не можу блокувати файл прихованих паролів\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s: не можу відкрити файл прихованих паролів\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s: не можу заблокувати файл груп\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s: не можу відкрити файл груп\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s: не можу заблокувати файл прихованих груп\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s: не можу відкрити файл прихованих груп\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s: помилка доданн� нового запи�у у базу паролів\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s: помилка доданн� нового запи�у у базу прихованих паролів\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s: за�тереженн�: CREATE_HOME не підтримуєть��, кори�туйте�ь -m.\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s: помилка оновленн� запи�у у базі груп\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s: помилка оновленн� запи�у у базі груп\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s: не можу відкрити файл груп\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s: не можу відкрити файл прихованих груп\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s: помилка видаленн� запи�у з бази паролів\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s: помилка видаленн� запи�у з бази прихованих паролів\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s: помилка доданн� нового запи�у у файл груп\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s: uid %lu не є унікальним\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s: помилка зміни запи�у в базі паролів\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s: помилка видаленн� запи�у з бази паролів\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s: помилка видаленн� запи�у з бази прихованих паролів\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s: не можу отримати унікальний GID\n"
+
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " на \"%.100s\" з \"%.200s\""
+
+#~ msgid " on '%.100s'"
+#~ msgstr " на \"%.100s\""
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s: р�док %d: не можу �творити UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s: ім'� %s не є унікальним\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Викори�танн�: chpasswd [опції]\n"
+#~ "\n"
+#~ "Опції:\n"
+#~ "  -e, --encrypted\tвказані паролі зашифровано\n"
+#~ "  -h, --help\t\tпоказати цю допомогу та вийти\n"
+#~ "  -m, --md5\t\tвикори�товувати MD5 шифруванн� замі�ть DES, �кщо вказані\n"
+#~ "\t\t\tпаролі не зашифровано\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "�емає файлу паролів\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "Вибачте.\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "Вибачте, пароль дл� %s не може бути змінено зараз.\n"
+
+#~ msgid "Sorry."
+#~ msgstr "Вибачте."
diff --git a/po/vi.po b/po/vi.po
new file mode 100644
index 0000000..16a29e7
--- /dev/null
+++ b/po/vi.po
@@ -0,0 +1,2833 @@
+# Vietnamese translation for Shadow.
+# Bản dịch tiếng Việt dành cho shadow.
+# Copyright © 2015 Free Software Foundation, Inc.
+# Clytie Siddall <clytie@riverland.net.au>, 2005-2008.
+# Trần Ng�c Quân <vnwildman@gmail.com>, 2014, 2015, 2016.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow master\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2016-10-04 07:07+0700\n"
+"Last-Translator: Trần Ng�c Quân <vnwildman@gmail.com>\n"
+"Language-Team: Vietnamese <debian-l10n-vietnamese@lists.debian.org>\n"
+"Language: vi\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Generator: Gtranslator 2.91.7\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+"Có nhi�u mục tin mang tên “%s� trong %s. Hãy sửa chữa trư�ng hợp này, dùng "
+"pwck hoặc grpck.\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "Phương pháp mã hóa không được thư viện libcrypt hỗ trợ? (%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "lỗi cấu hình — không thể phân tích cú pháp của giá trị %s: “%s�"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "Không thể cấp phát sức chứa cho thông tin cấu hình.\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "lỗi cấu hình - không hiểu mục tin “%s� (báo cho ngư�i quản trị).\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd đã kết thúc bất thư�ng (tín hiệu %d)\n"
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd đã thoát với mã là %d\n"
+
+msgid "Password: "
+msgstr "Mật khẩu: "
+
+#, c-format
+msgid "%s's Password: "
+msgstr "Mật khẩu của %s: "
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "Không thể tạo bộ tiếp hợp quản lý SELinux\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr "Chính sách cho SELinux chưa được quản lý\n"
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr "Không thể đ�c kho lưu chính sách SELinux\n"
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "Không thể thiết lập kết nối quản lý SELinux\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "Không thể bắt đầu phiên giao dịch SELinux\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "Không thể truy vấn seuser cho %s\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "Không thể đặt serange cho %s\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "Không thể đặt sename cho %s\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "Không thể sửa đổi ánh xạ đăng nhập cho %s\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "Không thể tạo ánh xạ đăng nhập SELinux cho %s\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "Không thể đặt tên %s\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "Không thể đặt ngư�i dùng SELinux cho %s\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "Không thể thêm ánh xạ đăng nhập cho %s\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr "Không thể khởi tạo bộ quản lý SELinux\n"
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "Không thể tạo khóa ngư�i dùng SELinux\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "Không thể thẩm định ngư�i dùng SELinux\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "Không thể sửa đổi ánh xạ ngư�i dùng SELinux\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "Không thể thêm ánh xạ ngư�i dùng SELinux\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "Không thể chuyển giao giao dịch SELinux\n"
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+"�nh xạ đăng nhập cho %s chưa được định nghĩa, OK nếu ánh xạ mặc định được "
+"dùng\n"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+"�nh xạ đăng nhập cho %s được định nghĩa trong chính sách, không thể xóa đi\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "Không thể xóa ánh xạ đăng nhập cho %s"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s: hết bộ nhớ\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s: Không thể lấy thống kê v� %s: %s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s: %s không phải là thư mục mà cũng không phải là liên kết m�m.\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s: Không thể đ�c liên kết m�m %s: %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s: Liên kết m�m dài một cách điên rồ: %s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s: Không thể tạo thư mục %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s: Không thể thay đổi ngư�i sở hữu của %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s: Không thể thay đổi chế độ của %s: %s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s: unlink: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s: Không thể gỡ b� thư mục %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s: Không thể đổi tên %s thành %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s: Không thể gỡ b� %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s: Không thể tạo liên kết m�m %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s: Không thể thay đổi chủ sở hữu của %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s: Không thể lstat %s: %s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s: Cảnh báo, ngư�i dùng  %s không có tập tin shadow tcb.\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s: Khẩn cấp: shadow tcb của %s không phải là tập tin thư�ng với "
+"st_nlink=1.\n"
+"Tài khoản vẫn bị khóa.\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s: mkdir: %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s: Không thể mở %s: %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "Cảnh báo: không biết nhóm %s.\n"
+
+msgid "Warning: too many groups\n"
+msgstr "Cảnh báo: quá nhi�u nhóm\n"
+
+msgid "Your password has expired."
+msgstr "Mật khẩu của bạn đã hết hạn dùng."
+
+msgid "Your password is inactive."
+msgstr "Mật khẩu của bạn là không hoạt động."
+
+msgid "Your login has expired."
+msgstr "�ăng nhập của bạn đã hết hạn dùng."
+
+msgid "  Contact the system administrator."
+msgstr "  Hãy liên lạc với ngư�i quản trị hệ thống."
+
+msgid "  Choose a new password."
+msgstr "  Hãy ch�n mật khẩu mới."
+
+msgid "You must change your password."
+msgstr "Bạn cần phải thay đổi mật khẩu."
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "Mật khẩu của bạn sẽ hết hạn sau %ld ngày.\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "Mật khẩu của bạn sễ hết hạn vào ngày mai."
+
+msgid "Your password will expire today."
+msgstr "Mật khẩu của bạn sẽ hết hạn vào hôm nay."
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "Không thể mở giao diện thử, kiểm nghiệm nên hủy b�.\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr ""
+"Không thể thay đổi chủ sở hữu hay chế độ của đầu vào tiêu chuẩn tty: %s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s: gặp lỗi khi mở khóa %s\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s: "
+
+msgid ": "
+msgstr ": "
+
+msgid "Environment overflow\n"
+msgstr "Tràn môi trư�ng\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "Không cho phép bạn thay đổi $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"%d lần bị lỗi sau khi đăng nhập cuối cùng.\n"
+"Lần gần nhất là %s vào %s.\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s: Cấu hình không hợp lệ: GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Cấu hình không hợp lệ: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s: gặp lỗi khi cấp phát bộ nhớ: %s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr ""
+"%s: Không thể lấy GID hệ thống duy nhất (không còn có sẵn GID thêm nữa)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s: Không thể lấy GID duy nhất (không còn có sẵn GID thêm nữa)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s: Cấu hình không hợp lệ: UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+"%s: Cấu hình không hợp lệ: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr ""
+"%s: Không thể lấy UID hệ thống duy nhất (không còn có sẵn UID thêm nữa)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s: Không thể lấy UID duy nhất (không còn có sẵn UID thêm nữa)\n"
+
+msgid "Too many logins.\n"
+msgstr "Quá nhi�u lần đăng nhập.\n"
+
+msgid "You have new mail."
+msgstr "Bạn có thư mới."
+
+msgid "No mail."
+msgstr "Không có thư."
+
+msgid "You have mail."
+msgstr "Bạn có thư."
+
+msgid "no change"
+msgstr "chưa thay đổi gì"
+
+msgid "a palindrome"
+msgstr "từ đ�c xuôi ngược đ�u giống như nhau"
+
+msgid "case changes only"
+msgstr "chỉ thay đổi HOA/thư�ng"
+
+msgid "too similar"
+msgstr "quá tương tự"
+
+msgid "too simple"
+msgstr "quá đơn giản"
+
+msgid "rotated"
+msgstr "đã xoay"
+
+msgid "too short"
+msgstr "quá ngắn"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "Mật khẩu sai: %s.  "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() (mật khẩu: bắt đầu pam) đã thất bại với lỗi %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd: %s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd: chưa đổi mật khẩu\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd: mật khẩu đã được cập nhật\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "Mật khẩu không đúng cho %s .\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr "%s: nhi�u tùy ch�n --root\n"
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: tùy ch�n “%s� cần một đối số\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s: gặp lỗi khi xóa b� đặc quy�n (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s: đư�ng dẫn chroot không hợp lệ “%s�\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s: không thể truy cập thư mục chroot %s: %s\n"
+
+#, c-format
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s: không thể chuyển sang thư mục chroot %s: %s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s: không thể thay đổi thư mục gốc thành %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"Phương pháp mã hóa (ENCRYPT_METHOD) không hợp lệ: “%s�\n"
+"nên hoàn nguyên v� giá trị mặc định: DES.\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "Không thể cd (chuyển đổi thư mục) sang “%s�.\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "Không có thư mục nên đăng nhập với “HOME=/�"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "Không thể thực hiện %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "Thư mục gốc không hợp lệ “%s�\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "Không thể thay đổi thư mục gốc thành “%s�\n"
+
+msgid "Unable to determine your tty name."
+msgstr "Không thể quyết định tên TTY của bạn."
+
+msgid "No"
+msgstr "Không"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [các_tuỳ_ch�n] �ĂNG_NHẬP\n"
+"\n"
+"Tùy ch�n:\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+"  -d, --lastday NGÀY_CU�I       đặt ngày thay đổi mật khẩu cuối cùng thành "
+"ngày này\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -E, --expiredate NGÀY_HẾT_HẠN đặt ngày hết hạn dùng tài khoản thành ngày "
+"này\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr "  -h, --help                    hiển thị trợ giúp này, sau đó thoát\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive INACTIVE       đặt mật khẩu không còn hoạt động lại sau khi "
+"hết hạn dùng,\n"
+"                                thành INACTIVE\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+"  -l, --list                    hiển thị thông tin v� khoảng th�i gian sử "
+"dụng tài khoản\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays S�              đặt thành số này số tối thiểu các ngày "
+"trÆ°á»›c\n"
+"                                        khi thay đổi mật khẩu\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays S�              đặt thành số này số tối đa các ngày trước "
+"khi thay đổi mật khẩu\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -R, --root THƯ_MỤC_�ỔI        thư mục để chuyển gốc đến\n"
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -W, --warndays S�_NGÀY        đặt thành số này số các ngày gây ra cảnh báo "
+"v� hết hạn dùng\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "Nhập giá trị mới, hoạc bấm phím Enter đặt ch�n giá trị mặc định"
+
+msgid "Minimum Password Age"
+msgstr "Th�i gian hoạt động tối thiểu cho mật khẩu"
+
+msgid "Maximum Password Age"
+msgstr "Th�i gian hoạt động tối đa cho mật khẩu"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "Thay đổi mật khẩu cuối cùng (NNNN-TT-Ng)"
+
+msgid "Password Expiration Warning"
+msgstr "Cảnh báo hết hạn dùng mật khẩu"
+
+msgid "Password Inactive"
+msgstr "Mật khẩu không hoạt động"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "Ngày hết hạn dùng tài khoản (NNNN-TT-Ng)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "Thay đổi mặt khẩu cuối cùng\t\t\t\t\t: "
+
+msgid "never"
+msgstr "chưa bao gi�"
+
+msgid "password must be changed"
+msgstr "mật khẩu phải thay đổi"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "Mật khẩu hết hạn dùng:\t\t\t\t\t: "
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "Mật khẩu không hoạt động\t\t\t\t\t: "
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "Tài khoản hết hạn dùng\t\t\t\t\t\t: "
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "Số ngày tối thiểu giữa hai lần thay đổi mật khẩu\t\t: %ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "Số ngày tối đa giữa hai lần thay đổi mật khẩu\t\t: %ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "Số ngày cảnh báo trước khi mật khẩu hết hạn\t: %ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s: ngày không hợp lệ “%s�\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s: đối số thuộc số không hợp lệ “%s�\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s: đừng dùng “l� cùng với c� khác\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s: không đủ quy�n.\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s: Không thể phân giải tên ngư�i dùng của bạn.\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s: Không thể khóa %s; hãy thử lại sau.\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s: không thể mở %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s: gặp lỗi trong khi ghi thay đổi vào %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: gặp lỗi khi chuẩn bị mục tin %s mới “%s�\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s: không có tập tin mật khẩu shadow\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s: ngư�i dùng “%s� không tồn tại trong %s\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "�ang thay đổi thông tin v� th�i gian hoạt động đối với %s\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s: gặp lỗi khi thay đổi trư�ng\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [tuỳ_ch�n …] [�ĂNG_NHẬP]\n"
+"\n"
+"Tùy ch�n:\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr "  -f, --full-name HỌ_TÊN        đổi tên thật của ngư�i dùng\n"
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr "  -h, --home-phone �IỆN_THOẠI   đổi số điện thoại nhà của ngư�i dùng\n"
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr "  -o, --other THÔNG_TIN_KH�C    đổi thông tin GECOS khác\n"
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr "  -r, --room S�_PHÒNG           đổi số phòng của ngư�i dùng\n"
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr "  -u, --help                    hiển thị trợ giúp này, sau đó thoát\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+"  -w, --work-phone �IỆN_THOẠI_LÀM   thay đổi số điện thoại nơi làm của ngư�i "
+"dùng\n"
+
+msgid "Full Name"
+msgstr "H� và tên"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s: %s\n"
+
+msgid "Room Number"
+msgstr "Số phòng"
+
+msgid "Work Phone"
+msgstr "�iện thoại nơi làm việc"
+
+msgid "Home Phone"
+msgstr "�iện thoại ở nhà"
+
+msgid "Other"
+msgstr "Khác"
+
+msgid "Cannot change ID to root.\n"
+msgstr "Không thể thay đổi mã số thành siêu quản trị (root).\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s: tên chứa ký tự khác ASCII: “%s�\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s: tên không hợp lệ: “%s�\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s: số thứ tự phòng chứa ký tự khác ASCII: “%s�\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s: số thứ tự phòng không hợp lệ: “%s�\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s: số điện thoại chỗ làm không hợp lệ: “%s�\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s: số điện thoại ở nhà không hợp lệ: “%s�\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s: “%s� chứa ký tự không thuộc bảng mã ASCII\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s: “%s� chứa ký tự bị cấm\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s: ngư�i dùng “%s� không tồn tại\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s: không thể thay đổi ngư�i dùng “%s� trên ứng dụng khách NIS.\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s: “%s� là NIS cái cho ứng dụng khách này.\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "�ang thay đổi thông tin v� ngư�i dùng đối với %s\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s: trư�ng quá dài\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [tuỳ_ch�n …]\n"
+"\n"
+"Tùy ch�n:\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method PHƯƠNG_THỨC phương pháp mật mã (một trong %s)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+"  -e, --encrypted               các mật khẩu đã cung cấp cũng được mật mã\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+"  -m, --md5                     mật mã hóa mật khẩu chữ thô, dùng thuật toán "
+"MD5\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+"  -s, --sha-rounds              số vòng SHA cho thuật toán mã hóa SHA*\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s: cho phép c� %s chỉ cùng với c� %s\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s: các c� “-c�, “-e� và “-m� loại từ lẫn nhau\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s: phương pháp mã hóa không được hỗ trợ: %s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s: dòng %d: dòng quá dài\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s: dòng %d: thiếu mật khẩu mới\n"
+
+#, c-format
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s: gặp lỗi khi mã hóa mật khẩu với muối “%s�: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s: dòng %d, nhóm “%s� không tồn tại\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s: dòng %d: gặp lỗi khi chuẩn bị mục tin %s mới “%s�\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s: gặp lỗi nên b� qua các thay đổi\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s: (dòng %d, ngư�i dùng %s) mật khẩu chưa thay đổi\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s: dòng %d: ngư�i dùng “%s� không tồn tại\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+"  -s, --shell HỆ_VỎ             dùng hệ v� đăng nhập mới\n"
+"                                 cho tài khoản ngư�i dùng\n"
+
+msgid "Login Shell"
+msgstr "Hệ v� �ăng nhập"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "Không cho phép bạn thay đổi hệ v� đối với “%s�.\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "�ang thay đổi hệ v� đăng nhập đối với %s\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s: mục tin không hợp lệ: %s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s: %s không phải là hệ v� hợp lệ\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s: Cảnh báo: %s không tồn tại\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s: Cảnh báo: %s không có quy�n thực thi\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+"  -c, --check                   kiểm tra sự hết hạn của mật khẩu ngư�i dùng\n"
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+"  -f, --force                   ép buộc đổi mật khẩu nếu mật khẩu của ngư�i\n"
+"                                 dùng hết hạn\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s: hai tùy ch�n %s và %s xung đột với nhau\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s: đối số bất thư�ng: %s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+"  -a, --all                     hiển thị các mục ghi faillog cho m�i ngư�i "
+"dùng\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+"  -l, --lock-secs GIÂY          sau khi không đăng nhập được thì khóa tài "
+"khoản trong vòng số GIÂY này\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+"  -m, --maximum S�              đặt thành S� này số tối đa các bộ đếm lần "
+"không đăng nhập được\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+"  -r, --reset                   đặt lại các bộ đếm lần không đăng nhập được\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time NGÀY               hiển thị các mục ghi faillog mới hơn số NGÀY "
+"này\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user �ĂNG_NHẬP/PHẠM_VI  hiển thị mục ghi faillog hoặc duy trì các bộ "
+"đếm\n"
+"                                lần không đăng nhập được và các giới hạn như "
+"thế\n"
+"                                (nếu dùng với c� “-r�, “-m� hay “-l� riêng "
+"từng cái)\n"
+"                                chỉ cho mỗi tên đăng nhập đưa ra\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s: Không lấy được mục tin cho UID %lu\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "�ăng nhập   Bị lỗi   Tối đa  Mới nhất                 Vào\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [còn %lus]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [%lds khóa]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s: Gặp lỗi khi đặt lại số đếm cho UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s: Gặp lỗi khi đặt số tối đa cho UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s: Gặp lỗi khi đặt th�i gian khóa cho UID %lu\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s: Không nhận ra ngư�i dùng hay phạm vi: %s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s: Không thể lấy kích cỡ của %s: %s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s: Gặp lỗi khi ghi %s: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [tuỳ_ch�n] NHÓM\n"
+"\n"
+"Tùy ch�n:\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add NGƯỜI_DÙNG          thêm ngư�i dùng này vào NHÓM\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete NGƯỜI_DÙNG       gỡ b� ngư�i dùng này kh�i NHÓM\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -Q, --root THƯ_MỤC_�ỔI        thư mục gốc sẽ chuyển đến\n"
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr "  -r, --remove-password         gỡ b� mật khẩu của NHÓM\n"
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+"  -R, --restrict                hạn chế truy cập đến NHÓM thành các thành "
+"viên của nó\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+"  -M, --members NGƯỜI_DÙNG,…    đặt danh sách các thành viên của NHÓM\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+"  -A, --administrators QUẢN_TRỊ,…\n"
+"                                đặt danh sách các quản trị cho NHÓM\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "Trừ hai tùy ch�n “-A� và “-M�, không thể tổ hợp các tùy ch�n.\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "Không thể tổ hợp các tùy ch�n.\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s: mật khẩu nhóm shadow cần cho tùy ch�n “-A�\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s: nhóm “%s� không tồn tại trong %s\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s: gặp lỗi trong khi đóng %s chỉ-đ�c\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "�ang thay đổi mật khẩu cho nhóm %s\n"
+
+msgid "New Password: "
+msgstr "Mật khẩu mới: "
+
+msgid "Re-enter new password: "
+msgstr "Nhập lại mật khẩu mới: "
+
+msgid "They don't match; try again"
+msgstr "Hai mật khẩu không khớp nhau, hãy thử lại"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s: Hãy thử lại sau\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "�ang thêm ngư�i dung %s vào nhóm %s\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "�ang gỡ b� ngư�i dùng %s kh�i nhóm %s\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s: ngư�i dùng “%s� không thuộc v� “%s�\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s: không phải là TTY\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [tuỳ_ch�n …] NHÓM\n"
+"\n"
+"Tùy ch�n:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force                   thoát thành công nếu nhóm đã có, và \n"
+"                                hủy b� “-g� nếu GID đã được dùng\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr "  -g, --gid GID                 dùng GID này cho nhóm mới\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+"  -K, --key KHÓA=GI�_TRỊ        ghi đè lên các giá trị mặc định “/etc/login."
+"defs�\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              cho phép tạo nhóm có GID trùng (không duy "
+"nhất)\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+"  -p, --password MẬT_KHẨU       dùng mật khẩu đã mật mã này cho nhóm mới\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  tạo một tài khoản hệ thống\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s: “%s� không phải là tên nhóm hợp lệ\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s: mã số nhóm (GID) không hợp lệ “%s�\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s: -K cần cú pháp KHÓA=GI�_TRỊ\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s: nhóm “%s� đã có\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s: GID “%lu� đã có\n"
+
+#, c-format
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s: Không thể cài đặt dịch vụ d�n dẹp.\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+"  -f, --force                   xóa nhóm ngay cả khi nó là nhóm chính của "
+"ngư�i dùng\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s: không thể gỡ b� mục tin “%s� kh�i %s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s: không thể gỡ b� nhóm chính của ngư�i dùng “%s�\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s: nhóm “%s� không tồn tại\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s: nhóm “%s� là một nhóm kiểu NIS\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s: %s là NIS chủ\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s: ngư�i dùng “%s� đã thuộc v� “%s�\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s: Hết bộ nhớ. Không thể cập nhật %s.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [tuỳ_ch�n …] [hành_vi]\n"
+"\n"
+"Tùy ch�n:\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group TÊN_NHÓM          thay đổi tên của nhóm này thay cho nhóm của\n"
+"                                  ngư�i dùng (chỉ siêu quản trị)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "Hành động là:\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr "  -a, --add TÊN                 thêm tên ngư�i dùng này vào nhóm\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr "  -d, --delete TÊN              gỡ b� tên này kh�i nhóm\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr "  -p, --purge                   tẩy m�i ngư�i ra nhóm\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    liệt kê những ngư�i trong nhóm\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s: tên nhóm của bạn không tương ứng với tên ngư�i dùng\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s: chỉ siêu quản trị có quy�n sử dụng tùy ch�n “-g/--group�\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr "  -g, --gid GID                 thay đổi mã số nhóm sang GID này\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr "  -n, --new-name NHÓM_MỚI       thay đổi tên sang tên này\n"
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+"  -o, --non-unique              cho phép sử dụng một GID trùng (không duy "
+"nhất)\n"
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+"  -p, --password MẬT_KHẨU       thay đổi mật khẩu thành MẬT_KHẨU (đã mật mã) "
+"này\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s: tên nhóm không hợp lệ “%s�\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s: nhóm %s là một nhóm kiểu NIS\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s: không rõ ngư�i dùng %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [các_tuỳ_ch�n] [group [gshadow]]\n"
+"\n"
+"Tùy ch�n:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [các_tuỳ_ch�n] [group]\n"
+"\n"
+"Tùy ch�n:\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+"  -r, --read-only               hiển thị lỗi và cảnh báo\n"
+"                                nhưng không thay đổi các tập tin\n"
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr "  -s, --sort                    sắp xếp các mục tin theo UID\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s: hai tùy ch�n “-s� và “-r� không tương thích với nhau\n"
+
+msgid "invalid group file entry"
+msgstr "mục tin tập tin nhóm không hợp lệ"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "xóa dòng “%s� không? "
+
+msgid "duplicate group entry"
+msgstr "mục tin nhóm trùng"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "tên nhóm không hợp lệ “%s�\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "mã số nhóm không hợp lệ “%lu�\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "nhóm %s: không có ngư�i dùng %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "xóa thành viên “%s� không? "
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "không có mục tin tập tin nhóm tương ứng trong %s\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "thêm nhóm “%s� trong %s không?"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"nhóm %s có một mục tin trong %s, còn trư�ng mật khẩu trong %s không phải "
+"được đặt thành “x�\n"
+
+msgid "invalid shadow group file entry"
+msgstr "mục tin tập tin nhóm shadow không hợp lệ"
+
+msgid "duplicate shadow group entry"
+msgstr "mục tin nhóm shadow trùng"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "nhóm shadow %s: không có ngư�i dùng quản trị %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "xóa thành viên quản trị “%s� không? "
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "nhóm shadow %s: không có ngư�i dùng %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s: các tập tin đã được cập nhật\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s: chưa thay đổi gì\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s: không thể xóa %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "Cách dùng: id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "Cách dùng: id\n"
+
+msgid " groups="
+msgstr " nhóm="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+"  -b, --before S�               hiển thị chỉ những bản ghi lastlog cũ hơn S� "
+"ngày\n"
+"                                cũ hơn số ngày này (_trước_)\n"
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+"  -C, --clear                   xóa bản ghi lastlog của ngư�i dùng (chỉ dùng "
+"được với -u)\n"
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+"  -S, --set                     đặt bản ghi lastlog thành th�i điểm hiện tại "
+"(chỉ dùng được với -u)\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+"  -t, --time S�                 hiển thị chỉ những mục ghi lastlog\n"
+"                                 mới hơn số ngày này (_th�i gian_)\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+"  -u, --user �ĂNG_NHẬP          hiển thị mục ghi lastlog cho _ngư�i dùng_ "
+"tên này\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "Tài_khoản        Cổng     Từ               Mới nhất"
+
+msgid "Username                Port     Latest"
+msgstr "Ngư�i dùng              Cổng     Mới nhất"
+
+msgid "**Never logged in**"
+msgstr "**Chưa bao gi� đăng nhập**"
+
+#, c-format
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s: Gặp lỗi khi cập nhật mục tin cho UID %lu\n"
+
+#, c-format
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s: Gặp lỗi khi cập nhật tập tin lastlog\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr "%s: Tùy ch�n -C không thể dùng cùng với -S\n"
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr "%s: Các tùy ch�n -C và -S cần tùy ch�n -u để chỉ định ngư�i dùng\n"
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "Cách dùng: %s [-p] [tên]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h máy] [-f tên]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r máy\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "lỗi cấu hình — không thể phân tích cú pháp của giá trị %s: “%d�"
+
+msgid "Invalid login time"
+msgstr "Th�i gian đăng nhập không hợp lệ"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"Hệ thông bị tắt với lý do bảo dưỡng theo thủ tục."
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[Chức năng ngắt kết nối đã bị vòng: cho phép siêu quản trị đăng nhập.]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s: Không thể làm việc mà không có gốc có hiệu lực\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+"Không có mục tin utmp. Vì thế bạn cần phải thực hiện “login� (đăng nhập) từ "
+"“sh� (hệ v�) cấp dưới cùng."
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"�ăng nhập đã quá hạn sau %u giây.\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: (đăng nhập) PAM bị lỗi nên hủy b�: %s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s đăng nhập: "
+
+msgid "login: "
+msgstr "đăng nhập: "
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "Vượt quá số tối đa các lần thử lại (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: (đăng nhập) PAM đã yêu cầu hủy b�\n"
+
+msgid "Login incorrect"
+msgstr "�ăng nhập không đúng"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "Không thể tìm thấy ngư�i dùng (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s đăng nhập: "
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s: lỗi tạo tiến trình con: %s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "TIOCSCTTY bị lỗi vào %s"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "Cảnh báo: đăng nhập đã bật lại sau bị khóa ra tạm th�i."
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "�ang nhập cuối cùng: %s vào %s"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "�ang nhập cuối cùng: %.19s vào %s"
+
+#, c-format
+msgid " from %.*s"
+msgstr " từ %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"vượt quá th�i gian đăng nhập\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "Cách dùng: logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr ""
+"Cách dùng: newgrp [-] [nhóm]\n"
+"[newgrp: nhóm mới]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr ""
+"Cách dùng: sg group [[-c] lệnh]\n"
+"[group: nhóm]\n"
+
+#, c-format
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s: gặp lỗi khi mã hóa mật khẩu bằng muối trước đó: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "Mật khẩu không hợp lệ.\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s: lỗi tạo tiến trình con: %s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s: GID “%lu� không tồn tại\n"
+
+msgid "too many groups\n"
+msgstr "quá nhi�u nhóm\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  tạo các tài khoản hệ thống\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr ""
+"%s: nhóm “%s� là một nhóm shadow, nhưng không tồn tại trong “/etc/group�\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s: mã số ngư�i dùng không hợp lệ “%s�\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s: tên dùng không hợp lệ “%s�\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s: dòng %d: dòng không hợp lệ\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr ""
+"%s: không thể cập nhật mục tin của ngư�i dùng %s (không có trong cơ sở dữ "
+"liệu mật khẩu passwd)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s: dòng %d: không thể tạo ngư�i dùng\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s: dòng %d: không thể tạo nhóm\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s: dòng %d: ngư�i dùng “%s� không tồn tại trong %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s: dòng %d: không thể cập nhật mật khẩu\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s: dòng %d: lỗi mkdir (tạo thư mục) %s: %s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s: dòng %d: lỗi chown (thay đổi quy�n sở hữu) %s: %s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s: dòng %d: không thể cập nhật mục tin\n"
+
+#, c-format
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s: gặp lỗi khi chuẩn bị mục tin mới “%s�\n"
+
+#, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s: không thể tìm thấy vùng ngư�i dùng lệ thuộc\n"
+
+#, c-format
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s: không thể tìm thấy vùng nhóm phụ thuộc\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+"  -a, --all                     thông báo trạng thái mật khẩu v� m�i tài "
+"khoản\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr "  -d, --delete                  xóa mật khẩu cho tài khoản đặt tên\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+"  -e, --expire                  ép buộc hết hạn dùng mật khẩu cho tài khoản "
+"đặt tên\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+"  -k, --keep-tokens             thay đổi mật khẩu chỉ nếu bị hết hạn dùng\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -i, --inactive INACTIVE       đặt thành INACTIVE mật khẩu không còn hoạt "
+"động lại\n"
+"                                sau khi hết hạn dùng\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr "  -l, --lock                    khóa mật khẩu của tài khoản đặt tên\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays S�              đặt thành số này số tối thiểu các ngày\n"
+"                                        trước khi mật khẩu thay đổi được\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   chế độ không xuất chi tiết\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr "  -r, --repository KHO          thay đổi mật khẩu trong kho lưu này\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+"  -S, --status                  thông báo trạng thái mật khẩu v� tài khoản "
+"đặt tên\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+"  -u, --unlock                  mở khóa mật khẩu của tài khoản đặt tên\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+"  -w, --warndays NGÀY           đặt thành số này số các ngày cảnh báo v� hết "
+"hạn dùng\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays NGÀY            đặt thành số này số tối đa các ngày trước "
+"khi\n"
+"                                        thay đổi được mật khẩu\n"
+
+msgid "Old password: "
+msgstr "Mật khẩu cũ: "
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Nhập mật khẩu mới (số ký tự tối thiểu %d).\n"
+"Hãy tổ hợp các chữ hoa, chữ thư�ng và chữ số để tạo một mật khẩu mạnh.\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"Nhập mật khẩu mới (số ký tự tối thiểu %d, tối đa %d).\n"
+"Hãy tổ hợp các chữ hoa, chữ thư�ng và chữ số để tạo một mật khẩu mạnh.\n"
+
+msgid "New password: "
+msgstr "Mật khẩu mới: "
+
+msgid "Try again."
+msgstr "Hãy thử lại."
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"Cảnh báo: mật khẩu yếu (nhập lại để vẫn dùng nó)"
+
+msgid "They don't match; try again.\n"
+msgstr "Hai mật khẩu không trùng nhau: hãy thử lại.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "Không thể thay đổi mật khẩu cho %s.\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "Chưa có thể thay đổi mật khẩu cho %s.\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s: mở khóa mật khẩu thì gây ra một tài khoản không có mật khẩu.\n"
+"Bạn nên đặt một mật khẩu dùng câu lệnh “usermod -p� để mở khóa mật khẩu của "
+"tài khoản này.\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s: kho lưu %s không được hỗ trợ\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s: %s không có quy�n thay đổi mật khẩu của %s\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr ""
+"%s: không cho phép bạn xem hoặc sửa đổi thông tin mật khẩu đối với %s.\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "�ang thay đổi mật khẩu cho %s\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "Mật khẩu cho %s chưa thay đổi.\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s: mật khẩu đã thay đổi.\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s: thông tin đã thay đổi v� sự hết hạn sử dụng mật khẩu.\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [các_tuỳ_ch�n] [passwd]\n"
+"\n"
+"Tùy ch�n:\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [các_tuỳ_ch�n] [passwd [shadow]]\n"
+"\n"
+"Tùy ch�n:\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr "  -q, --quiet                   chỉ báo cáo lỗi\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+"%s: không cho phép tập tin shadow thay thế khi mà biến USE_TCB được đặt.\n"
+
+msgid "invalid password file entry"
+msgstr "mục tin tập tin mật khẩu không hợp lệ"
+
+msgid "duplicate password entry"
+msgstr "mục tin mật khẩu trùng"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "tên ngư�i dùng không hợp lệ “%s�\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "mã số ngư�i dùng không hợp lệ “%lu�\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "ngư�i dùng “%s�: không có nhóm %lu\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "ngư�i dùng “%s�: thư mục “%s� không tồn tại\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "ngư�i dùng “%s�: chương trình “%s� không tồn tại\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "không có thư mục tcb cho %s\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "tạo thư mục tcb %s không?"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "gặp lỗi khi tạo thư mục tcb cho %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s: không thể khóa %s.\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "không có mục tin tập tin mật khẩu tương ứng trong %s\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "thêm ngư�i dùng “%s� trong %s không?"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+"ngư�i dùng %s có một mục tin trong %s, còn trư�ng mật khẩu trong %s không "
+"phải được đặt thành “s�\n"
+
+msgid "invalid shadow password file entry"
+msgstr "mục tin tập tin mật khẩu shadow không hợp lệ"
+
+msgid "duplicate shadow password entry"
+msgstr "mục tin mật khẩu shadow trùng"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "ngư�i dùng %s: lần thay đổi mật khẩu cuối cùng nằm trong tương lai\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s: không thể sắp xếp các mục tin trong %s\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s: không thể làm việc khi tcb được bật\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s: không thay đổi được chế độ của %s thành 0600\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "Truy cập “su� vào tài khoản đó BỊ TỪ CH�I.\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "Xác thực mật khẩu bị đi vòng.\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "Hãy nhập mật khẩu của MÌNH để xác thực.\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s: Không thể rẽ nhánh tiến trình hệ v� ngư�i dùng\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s: tín hiệu trục trặc\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s: trục trặc mặt nạ tín hiệu\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "Phiên làm việc đã kết thúc, nên kết thúc hệ v�…"
+
+msgid " ...killed.\n"
+msgstr " …đã chết.\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " …đang đợi tiến con chấm dứt.\n"
+
+msgid " ...terminated.\n"
+msgstr " …đã chấm dứt.\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s: %s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"Cách dùng: su [tùy_ch�n…] [đăng_nhập]\n"
+"\n"
+"[su: siêu ngư�i dùng]\n"
+"\n"
+"Tùy ch�n:\n"
+"  -c, --command LỆNH            gửi lệnh này qua cho hệ v� đã g�i\n"
+"  -h, --help                    hiển thị _trợ giúp_ này rồi thoát\n"
+"  -, -l, --login                lập hệ v� là hệ v� _đăng nhập_\n"
+"  -m, -p,\n"
+"  --preserve-environment        đừng đặt lại các biến _môi trư�ng_, và "
+"_giữ_\n"
+"                                hệ v� hiện có\n"
+"  -s, --shell HỆ_VỎ             dùng hệ v� này thay cho trình mặc định trong "
+"passwd\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s: %s\n"
+"(Bị b� qua)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "Bạn không có quy�n sử dụng lệnh “su� (siêu ngư�i dùng) với %s.\n"
+
+msgid "(Enter your own password)"
+msgstr "(Nhập mật khẩu của mình)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s: lỗi xác thực\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr ""
+"%s: Bạn không có quy�n sử dụng lệnh “su� (siêu ngư�i dùng) vào lúc đó\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "Không có mục tin mật khẩu cho tài khoản “%s�\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s: phải chạy từ thiết bị cuối\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s: pam_start: (pam bắt đầu) lỗi %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s: Không thể xóa thiết bị cuối đi�u khiển\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "Không thể thực thi %s\n"
+
+msgid "No password file"
+msgstr "Không có tập tin mật khẩu"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY bị lỗi"
+
+msgid "No password entry for 'root'"
+msgstr "Không có mục tin mật khẩu cho “root� (siêu quản trị)"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"Hãy gõ tổ hợp phím Ctrl-D để tiếp tục khởi động bình thư�ng,\n"
+"(hoặc nhập mật khẩu siêu quản trị để bảo dưỡng hệ thống):"
+
+msgid "Entering System Maintenance Mode"
+msgstr "�ang vào Chế độ Bảo dưỡng Hệ thống"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s: %s đã được tạo, nhưng không thể bị gỡ b�\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: cấu hình %s trong %s sẽ bị b� qua\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s: không thể tạo tập tin mặc định mới\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s: không thể mở tập tin mặc định mới\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s: dòng quá dài trong %s: %s…"
+
+#, c-format
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s: Không thể tạo tập tin sao lưu dự phòng (%s): %s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s: thay tên: %s: %s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s: nhóm “%s� là nhóm kiểu NIS.\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s: ghi rõ quá nhi�u nhóm (tối đa %d).\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"Cách dùng: %s [các_tuỳ_ch�n] �ĂNG_NHẬP\n"
+"       %s -D\n"
+"       %s -D [các-tùy-ch�n]\n"
+"\n"
+"Tùy ch�n:\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+"  -b, --base-dir THƯ_MỤC       đặt thư mục cơ bản cho thư mục riêng của tài "
+"khoản mới\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr "  -c, --comment GHI_CHÚ         trư�ng GECOS của tài khoản mới\n"
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr "  -d, --home-dir THƯ_MỤC        thư mục riêng của tài khoản mới\n"
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+"  -D, --defaults                in hay thay đổi cấu hình useradd mặc định\n"
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr "  -e, --expiredate NGÀY         ngày hết hạn sử dụng tài khoản mới\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+"  -f, --inactive KHOẢNG         khoảng th�i gian không hoạt động của tài "
+"khoản mới\n"
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+"  -g, --gid NHÓM                tên của mã số của nhóm chính của tài khoản "
+"má»›i\n"
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+"  -G, --groups NHÓM             danh sách các nhóm phụ của tài khoản mới\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr "  -k, --skel THƯ_MỤC            dùng thư mục khung sư�n thay thế\n"
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+"  -l, --no-log-init             đừng thêm ngư�i dùng vào các cơ sở \n"
+"                                 dữ liệu faillog và lastlog\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr "  -m, --create-home             tạo thư mục riêng của ngư�i dùng\n"
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+"  -M, --no-create-home          không tạo thư mục riêng của ngư�i dùng\n"
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+"  -N, --no-user-group           đừng tạo một nhóm cùng tên với ngư�i dùng\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              cho phép tạo ngư�i dùng có UID trùng\n"
+"                                 (không duy nhất)\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+"  -p, --password MẬT_KHẨU       mật khẩu được mật mã của tài khoản mới\n"
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr "  -s, --shell HỆ_VỎ             hệ v� đăng nhập của tài khoản mới\n"
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr "  -u, --uid UID                 mã số ngư�i dùng của tài khoản mới\n"
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr "  -U, --user-group              tạo một nhóm cùng tên với ngư�i dùng\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+"  -Z, --selinux-user SEUSER     dùng một ngư�i dùng SE (SEUSER) riêng cho sự "
+"ánh xạ ngư�i dùng SELinux\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s: thư mục cơ sở không hợp lệ “%s�\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s: ghi chú không hợp lệ “%s�\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s: thư mục riêng không hợp lệ “%s�\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s: cần mật khẩu shadow cho tùy ch�n “-e�\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s: cần mật khẩu shadow cho tùy ch�n “-f�\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s: trư�ng không hợp lệ “%s�\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s: hệ v� không hợp lệ “%s�\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: “-Z� yêu cầu hạt nhân bật tính năng hỗ trợ SELinux\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s: không đặt lại được mục tin faillog của UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s: gặp lỗi khi đặt lại mục tin lastlog của UID %lu: %s\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s: gặp lỗi khi chuẩn bị %s mục tin mới\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s: không thể tạo thư mục %s\n"
+
+msgid "Creating mailbox file"
+msgstr "�ang tạo tập tin hộp thư"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+"Không tìm thấy nhóm “mail� (thư tín). Vì thế đang tạo tập tin hộp thư ngư�i "
+"dùng với chế độ 0600.\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "�ang đặt quy�n truy cập tập tin hộp thư"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s: ngư�i dùng “%s� đã có\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr "%s: nhóm %s đã có. Muốn thêm h� vào nhóm đó thì dùng tùy ch�n “-g�.\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s: không thể tạo ngư�i dùng\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s: UID %lu không phải duy nhất\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s: Gặp lỗi khi tạo thư mục tcb cho %s\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s: không thể tạo nhóm\n"
+
+#, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s: không thể tạo mã số ngư�i dùng lệ thuộc\n"
+
+#, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s: không thể tạo mã nhóm phụ thuộc\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s: cảnh báo: thư mục riêng đã có.\n"
+"Vì vậy không sao chép vào nó tập tin nào từ thư mục “skel�.\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+"%s: cảnh báo: lỗi ánh xạ tên ngư�i dùng %s tới ngư�i dùng SELinux %s.\n"
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+"  -f, --force                   ép buộc gỡ b� tập tin, thậm chí nếu không\n"
+"                                được sở hữu bởi ngư�i dùng\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+"  -r, --remove                  gỡ b� thư mục riêng và ống chỉ thư tín\n"
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+"  -Z, --selinux-user            gỡ b� bất kỳ ánh xạ SELinux nào cho tài "
+"khoản ngư�i dùng\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr ""
+"%s: không gỡ b� nhóm %s bởi vì nó không phải là nhóm chính của ngư�i dùng "
+"“%s�.\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s: không thể gỡ b� nhóm %s bởi vì nó có thành viên khác nữa.\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr ""
+"%s: nhóm %s là nhóm chính của một ngư�i dùng khác thì không bị gỡ b�.\n"
+
+#, c-format
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s: không thể gỡ b� %lu mục tin kh�i %s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: không tìm thấy bể thư %s (%s)\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s: cảnh báo: không thể gỡ b� %s: %s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s: %s không phải được %s sở hữu nên không gỡ b� nó\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s: Không thể phân bổ bộ nhớ, mục tin tcb cho %s chưa được gỡ b�.\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s: Gặp lỗi khi xóa b� đặc quy�n: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s: Không thể gỡ b� nội dung của %s: %s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s: Không thể gỡ b� tập tin tcb cho %s: %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s: ngư�i dùng %s là ngư�i dùng kiểu NIS\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s: %s không tìm thấy thư mục riêng (%s)\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr ""
+"%s: sẽ không gỡ b� thư mục %s (vì cũng gỡ b� thư mục riêng của ngư�i dùng "
+"%s)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s: gặp lỗi khi gỡ b� thư mục %s\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr "%s: cảnh báo: gặp lỗi khi gỡ b� ánh xạ ngư�i dùng %s tới SELinux.\n"
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment GHI_LƯU         giá trị mới của trư�ng GECOS\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+"  -d, --home THƯ_MỤC            thư mục riêng mới cho tài khoản ngư�i dùng\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+"  -e, --expiredate NGÀY         đặt thành ngày này ngày hết hạn dùng tài "
+"khoản\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive INACTIVE       đặt thành INACTIVE mật khẩu không còn hoạt "
+"động lại\n"
+"                                sau khi hết hạn dùng\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+"  -g, --gid NHÓM                ép buộc sử dụng nhóm này làm nhóm chính mới\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr "  -G, --groups NHÓM             danh sách mới chứa các nhóm phụ\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+"  -a, --append                  thêm ngư�i dùng vào các nhóm phụ\n"
+"                                đưa ra bởi tùy ch�n “-G� mà không gỡ b� ta "
+"kh�i nhóm khác\n"
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login �ĂNG_NHẬP         giá trị mới của tên đăng nhập\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    khóa tài khoản ngư�i dùng\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               di chuyển nội dung của thư mục riêng sang vị "
+"trí mới\n"
+"                                (chỉ dùng cùng với “-d�)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+"  -o, --non-unique              cho phép sử dụng UID trùng (không duy nhất)\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr "  -p, --password MẬT_KHẨU       mật mã hóa mật khẩu mới\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr "  -u, --uid UID                 UID mới cho tài khoản ngư�i dùng\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr "  -U, --unlock                  mở khóa tài khoản ngư�i dùng\n"
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr "  -v, --add-subuids �ẦU-CU�I    thêm vùng mã ngư�i dùng lệ thuộc\n"
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr "  -V, --del-subuids �ẦU-CU�I    xóa vùng mã ngư�i dùng lệ thuộc\n"
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr "  -w, --add-subgids �ẦU-CU�I    thêm vùng mã nhóm lệ thuộc\n"
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr "  -W, --del-subgids �ẦU-CU�I    xóa vùng mã nhóm lệ thuộc\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+"  -Z, --selinux-user SEUSER     ánh xạ SELinux mới cho tài khoản ngư�i dùng\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s: mở khóa mật khẩu của ngư�i dùng thì gây ra một tài khoản không có mật "
+"khẩu.\n"
+"Bạn nên đặt một mật khẩu dùng “usermod -p� để mở khóa mật khẩu của ngư�i "
+"dùng này.\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s: ngư�i dùng “%s� đã có trong %s\n"
+
+#, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s: vùng mã số ngư�i dùng lệ thuộc không hợp lệ “%s�\n"
+
+#, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s: vùng mã số nhóm lệ thuộc không hợp lệ “%s�\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s: không tùy ch�n\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s: các c� “-L�, “-p� và “-U� loại từ lẫn nhau\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s: mật khẩu shadow cần cho hai tùy ch�n “-e� và “-f�\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s: UID “%lu� đã có\n"
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s: %s không tồn tại, bạn không thể dùng c� %s hay %s\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s: thư mục %s đã có\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+"%s: Thư mục riêng trước đó (%s) không là một thư mục. Nó chưa được gỡ b� và "
+"chưa tạo thư mục riêng (home).\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s: Gặp lỗi khi thay đổi chủ sở hữu của thư mục home (riêng)"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s: cảnh báo: gặp lỗi khi gỡ b� hoàn toàn thư mục riêng cũ %s"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s: không thể thay đổi lại tên thư mục %s thành %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: gặp lỗi khi sao chép mục tin lastlog của ngư�i dùng %lu sang ngư�i dùng "
+"%lu: %s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+"%s: không sao chép được mục tin faillog của ngư�i dùng %lu sang ngư�i dùng "
+"%lu: %s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s: cảnh báo: %s không do %s sở hữu\n"
+
+msgid "failed to change mailbox owner"
+msgstr "gặp lỗi khi đổi chủ sở hữu hộp thư"
+
+msgid "failed to rename mailbox"
+msgstr "gặp lỗi khi đổi tên của hộp thư"
+
+#, c-format
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s: gặp lỗi khi xóa b� vùng mã ngư�i dùng %lu-%lu kh�i “%s�\n"
+
+#, c-format
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s: gặp lỗi khi thêm vùng mã ngư�i dùng %lu-%lu vào “%s�\n"
+
+#, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s: gặp lỗi khi gỡ b� vùng mã số nhóm %lu-%lu kh�i “%s�\n"
+
+#, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s: gặp lỗi khi thêm vùng mã số nhóm %lu-%lu vào “%s�\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"Bạn đã sửa đổi %s.\n"
+"�ể thống nhất thì bạn cũng có thể cần sửa đổi %s.\n"
+"Hãy sử dụng câu lệnh “%s� để làm như thế.\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   sửa đổi cơ sở dữ liệu nhóm\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd                  sửa đổi cơ sở dữ liệu passwd\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+"  -s, --shadow                  sửa đổi cơ sở dữ liệu shadow hay gshadow\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr "  -u, --user                    sửa tập tin shadow tcb của ngư�i này\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s: gặp lỗi khi gỡ b� %s\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s: %s chưa thay đổi\n"
+
+msgid "failed to create scratch directory"
+msgstr "gặp lỗi khi tạo thư mục hỗn tạp"
+
+msgid "failed to drop privileges"
+msgstr "gặp lỗi khi xóa đặc quy�n"
+
+msgid "Couldn't get file context"
+msgstr "Không thể lấy ngữ cảnh tập tin"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () bị lỗi"
+
+msgid "failed to gain privileges"
+msgstr "gặp lỗi khi cấp đặc quy�n"
+
+msgid "Couldn't lock file"
+msgstr "Không thể khóa tập tin"
+
+msgid "Couldn't make backup"
+msgstr "Không thể sao lưu"
+
+#, c-format
+msgid "%s: %s: %s\n"
+msgstr "%s: %s: %s\n"
+
+#, c-format
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: %s trả v� với trạng thái là %d\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr "%s: %s bị giết bởi tín hiệu %d\n"
+
+msgid "failed to open scratch file"
+msgstr "gặp lỗi khi mở tập tin hỗn tạp"
+
+msgid "failed to unlink scratch file"
+msgstr "gặp lỗi khi b� liên kết tập tin hỗn tạp"
+
+msgid "failed to stat edited file"
+msgstr "gặp lỗi khi lấy thống kê tập tin đã sửa"
+
+msgid "failed to allocate memory"
+msgstr "gặp lỗi khi phân bổ bộ nhớ"
+
+msgid "failed to create backup file"
+msgstr "không thể tạo tập tin sao lưu dự phòng"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s: không thể phục hồi %s: %s (các thay đổi của bạn nằm trong %s)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s: gặp lỗi khi tìm thư mục tcb cho %s\n"
+
+#~ msgid "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ msgstr "  -c, --crypt-method            phương pháp mật mã (một của %s)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "Cách dùng: vipw [tuỳ_ch�n …]\n"
+#~ "\n"
+#~ "Tùy ch�n:\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) (cấp phát bộ nhớ) bị lỗi\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Cách dùng: chage [tuỳ_ch�n …] [�ĂNG_NHẬP]\n"
+#~ "\n"
+#~ "Tùy ch�n:\n"
+#~ "  -d, --lastday NGÀY_CU�I        đặt ngày thay đổi mật khẩu cuối cùng "
+#~ "thành ngày này\n"
+#~ "  -E, --expiredate NGÀY_HẾT_HẠN    đặt ngày hết hạn dùng tài khoản thành "
+#~ "ngày này\n"
+#~ "  -h, --help                    \t\thiển thị trợ giúp này, sau đó thoát\n"
+#~ "  -I, --inactive INACTIVE       \tđặt mật khẩu không còn hoạt động lại "
+#~ "sau khi hết hạn dùng,\n"
+#~ "\t\t\t\t\t\tthành INACTIVE\n"
+#~ "  -l, --list                    \t\t\thiển thị thông tin v� khoảng th�i "
+#~ "gian sử dụng tài khoản\n"
+#~ "  -m, --mindays S�        \t\tđặt thành số này số tối thiểu các ngày "
+#~ "trước khi thay đổi mật khẩu\n"
+#~ "  -M, --maxdays S�\t\t\tđặt thành số này số tối đa các ngày trước khi "
+#~ "thay đổi mật khẩu\n"
+#~ "  -W, --warndays S�      \t\tđặt thành số này số các ngày gây ra cảnh báo "
+#~ "v� hết hạn dùng\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s: lỗi xác thực PAM\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "Cách dùng: %s [-f h�_tên] [-r số_phòng] [-w điện_thoại_chỗ_làm]\n"
+#~ "\t[-h điện_thoại_ở_nhà] [-o khác] [ngư�i_dùng]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr ""
+#~ "Cách dùng: %s [-f h�_tên] [-r số_phòng] [-w điện_thoại_chỗ_làm]\n"
+#~ "\t[-h điện_thoại_ở_nhà]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "Cách dùng: %s [tùy_ch�n]\n"
+#~ "\n"
+#~ "Tùy ch�n:\n"
+#~ "  -c, --crypt-method            phương pháp mã hóa (một của %s)\n"
+#~ "  -e, --encrypted               mã hóa mỗi mật khẩu đã cung cấp\n"
+#~ "  -h, --help                    hiển thị trợ giúp này rồi thoát\n"
+#~ "  -m, --md5           mã hóa mật khẩu nhập thô, dùng thuật toán MD5\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Cách dùng: chsh [tùy_ch�n…] [�ĂNG_NHẬP]\n"
+#~ "\n"
+#~ "Tùy ch�n:\n"
+#~ "  -h, --help                    hiện _trợ giúp_ này rồi thoát\n"
+#~ "  -s, --shell TRÌNH_BAO        hệ v� đăng nhập mới\n"
+#~ "\t\t\t\t\t\tcho tài khoản ngư�i dùng\n"
+#~ "\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr ""
+#~ "Cách dùng: expiry {-f|-c}\n"
+#~ "[expiry: mãn hạn]\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "faillog: không lấy được mục tin cho UID %lu\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "faillog: không thể mở %s: %s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "faillog: không thể lấy kích cỡ của %s: %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr ""
+#~ "Cách dùng: groupdel nhóm\n"
+#~ "[groupdel: xóa nhóm]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "Cách dùng: %s [-r] [-s] [nhóm [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "Cách dùng: %s [-r] [-s] [nhóm]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s: hai tùy ch�n “-s� và “-r� không tương thích với nhau\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "Cách dùng: grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "Cách dùng: grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Cách dùng: lastlog [tùy_ch�n…]\n"
+#~ "\n"
+#~ "[lastlog: bản ghi cuối cùng]\n"
+#~ "\n"
+#~ "Tùy ch�n:\n"
+#~ "  -b, --before S�       hiển thị chỉ những bản ghi lastlog\n"
+#~ "                        cũ hơn số ngày này (_trước_)\n"
+#~ "  -h, --help            hiển thị _trợ giúp_ này rồi thoát\n"
+#~ "  -t, --time S�         hiển thị chỉ những mục ghi lastlog\n"
+#~ "                        mới hơn số ngày này (_th�i gian_)\n"
+#~ "  -u, --user �ĂNG_NHẬP   hiển thị mục ghi lastlog cho _ngư�i dùng_ tên "
+#~ "này\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "Cách dùng: passwd [tuỳ_ch�n …] [�ĂNG_NHẬP]\n"
+#~ "\n"
+#~ "Tùy ch�n:\n"
+#~ "  -a, --all\t\t\tthông báo trạng thái mật khẩu v� m�i tài khoản\n"
+#~ "  -d, --delete           \txóa mật khẩu cho tài khoản đặt tên\n"
+#~ "  -e, --expire         \tép buộc hết hạn dùng mật khẩu cho tài khoản đặt "
+#~ "tên\n"
+#~ "  -h, --help                  \thiển thị trợ giúp này, sau đó thoát\n"
+#~ "  -k, --keep-tokens\tthay đổi mật khẩu chỉ nếu bị hết hạn dùng\n"
+#~ "  -i, --inactive INACTIVE\tđặt thành INACTIVE mật khẩu không còn hoạt "
+#~ "động lại\n"
+#~ "\t\t\t\t\tsau khi hết hạn dùng\n"
+#~ "  -l, --lock                  \tkhóa mật khẩu của tài khoản đặt tên\n"
+#~ "  -n, --mindays S�\tđặt thành số này số tối thiểu các ngày trước khi mật "
+#~ "khẩu thay đổi được\n"
+#~ "  -q, --quiet                 \tchế độ không xuất chi tiết\n"
+#~ "  -r, --repository KHO\t\tthay đổi mật khẩu trong kho lưu này\n"
+#~ "  -S, --status          \tthông báo trạng thái mật khẩu v� tài khoản đặt "
+#~ "tên\n"
+#~ "  -u, --unlock\t\tmở khóa mật khẩu của tài khoản đặt tên\n"
+#~ "  -w, --warndays NGÀY\tđặt thành số này số các ngày cảnh báo v� hết hạn "
+#~ "dùng\n"
+#~ "  -x, --maxdays NGÀY\tđặt thành số này số tối đa các ngày trước khi thay "
+#~ "đổi được mật khẩu\n"
+#~ "\n"
diff --git a/po/zh_CN.po b/po/zh_CN.po
new file mode 100644
index 0000000..7a84df7
--- /dev/null
+++ b/po/zh_CN.po
@@ -0,0 +1,3444 @@
+# Simplified Chinese translation to shadow
+# This file is distributed under the same license as the shadow package.
+# Copyright:
+# Ming Hua <minghua@ubuntu.com>, 2005,2006,2007.
+# Carlos Z.F. Liu <carlosliu@users.sourceforge.net>, 2004,2006.
+# YunQiang Su <wzssyqa@gmail.com>, 2010, 2012.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.15\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2012-01-10 01:23+0800\n"
+"Last-Translator: YunQiang Su <wzssyqa@gmail.com>\n"
+"Language-Team: Chinese (simplified) <i18n-zh@googlegroups.com>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bits\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr "多个�为“%s�的�目�时存在于 %s 中，请使用 pwck 或 grpck �修�。\n"
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr "libcrypt �支�此加密方法？(%s)\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr "�置错误 - 无法解� %s 值：“%s�"
+
+msgid "Could not allocate space for config info.\n"
+msgstr "无法为�置信�分�空间。\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "�置错误 - 未知项目“%s�(请通知管�员)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr "%s: nscd 异常结� (信� %d)\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: nscd exited with status %d\n"
+msgstr "%s: nscd 以状� %d 退出"
+
+msgid "Password: "
+msgstr "密�："
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s 的密�："
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr "[libsemanage]: %s\n"
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr "无法创建 SELinux 管��柄\n"
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr "无法建立 SELinux 管�连接\n"
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr "无法开始 SELinux 事务\n"
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr "无法为 %s 查询 seuser\n"
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr "无法为 %s 设置 serange\n"
+
+#, c-format
+msgid "Could not set sename for %s\n"
+msgstr "无法为 %s 设置 sename\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr "无法为 %s 修改登录映射\n"
+
+#, c-format
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "无法为 %s 创建登录映射\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr "无法为 %s 设置�称\n"
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr "无法为 %s 设置 SELinux 用户\n"
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr "无法为 %s 添加登录映射\n"
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux user key\n"
+msgstr "无法创建 SELinux 用户密钥\n"
+
+#, c-format
+msgid "Cannot verify the SELinux user\n"
+msgstr "无法验� SELinux 用户\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr "无法修改 SELinux 用户映射\n"
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr "无法添加 SELinux 用户映射\n"
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr "无法�交 SELinux 事务\n"
+
+#, fuzzy, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr "%s 的登录映射已�定义，如果"
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr "策略中，已�定义了 %s 的登录映射，无法删除\n"
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr "无法删除 %s 的登录映射"
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s：内存溢出\n"
+
+#, c-format
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s：无法获�文件 %s 的信�：%s\n"
+
+#, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr ""
+"%s：%s 既�是目录也�是符�链接。\n"
+"\n"
+
+#, c-format
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s：无法读�符�链接 %s：%s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr "%s：�疑的长符�链接：%s\n"
+
+#, c-format
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s：无法创建目录 %s：%s\n"
+
+#, c-format
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s：无法更改 %s 的属主：%s\n"
+
+#, c-format
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s：无法更改 %s 的模�：%s\n"
+
+#, c-format
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s：删除(unlink)：%s：%s\n"
+
+#, c-format
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s：无法删除目录 %s：%s\n"
+
+#, c-format
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s：无法将目录 %s 改�为 %s：%s\n"
+
+#, c-format
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s：无法删除 %s：%s\n"
+
+#, c-format
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s：无法创建符�链接 %s：%s\n"
+
+#, c-format
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s：无法更改 %s 的属主：%s\n"
+
+#, c-format
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s：无法获�符�链接 %s 自身的信�(lstat)：%s\n"
+
+#, c-format
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr ""
+"%s：警告，用户 %s 没有 tcb 影�文件。\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+"%s：紧急：%s 的 tcb 影��是一个 st_nlink=1 的普通文件。\n"
+"��将�定。\n"
+
+#, c-format
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s：创建目录：%s：%s\n"
+
+#, c-format
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s：无法打开 %s：%s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "警告：未知组 %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "警告：用户组过多\n"
+
+msgid "Your password has expired."
+msgstr "您的密�已过期。"
+
+msgid "Your password is inactive."
+msgstr "您的密�已失效。"
+
+msgid "Your login has expired."
+msgstr "您的�户已过期。"
+
+msgid "  Contact the system administrator."
+msgstr "  请与系统管�员�系。"
+
+msgid "  Choose a new password."
+msgstr "  请选择一个新密�。"
+
+msgid "You must change your password."
+msgstr "您必须�更改自己的密�。"
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "您的密�将在 %ld 天内过期。\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "您的密�将在明天过期。"
+
+msgid "Your password will expire today."
+msgstr "您的密�今天过期。"
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr "无法打开审计接� - 退出。\n"
+
+#, c-format
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "�能改� tty 标准输入的属主或模�：%s"
+
+#, c-format
+msgid "%s: failed to unlock %s\n"
+msgstr "%s：解� %s 失败\n"
+
+#, c-format
+msgid "%s: "
+msgstr "%s："
+
+msgid ": "
+msgstr "："
+
+msgid "Environment overflow\n"
+msgstr "环境溢出\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "您�应该改� $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"自上一次登录以�已有 %d 次登录失败。\n"
+"最�一次是 %s 在 %s 上。\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr "%s：无效的�置：GID_MIN (%lu), GID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr "%s：无效的�置：SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "%s：申请内存失败：%s\n"
+
+#, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s：无法获�独有的系统 GID (没有更多�用的 GID 了)\n"
+
+#, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s：无法获�独有的 GID (no more available GIDs)\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr "%s：无效的�置：UID_MIN (%lu), UID_MAX (%lu)\n"
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr "%s：无效的�置：SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX (%lu)\n"
+
+#, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s：无法获�独有的系统 UID (没有更多�用的 UID 了)\n"
+
+#, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s：无法获�独有的系统 UID (没有更多�用的 UID 了)\n"
+
+msgid "Too many logins.\n"
+msgstr "登录数�过多。\n"
+
+msgid "You have new mail."
+msgstr "您有新信件。"
+
+msgid "No mail."
+msgstr "无信件。"
+
+msgid "You have mail."
+msgstr "您有信件。"
+
+msgid "no change"
+msgstr "没有改�"
+
+msgid "a palindrome"
+msgstr "一个回文�"
+
+msgid "case changes only"
+msgstr "仅有大�写改动"
+
+msgid "too similar"
+msgstr "太相似"
+
+msgid "too simple"
+msgstr "太简�"
+
+msgid "rotated"
+msgstr "已轮转"
+
+msgid "too short"
+msgstr "太短"
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "错误的密�：%s。 "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() 失败，错误 %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd：%s\n"
+
+msgid "passwd: password unchanged\n"
+msgstr "passwd：密�未更改\n"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd：已�功更新密�\n"
+
+#, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "%s 的密��正确。\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr "%s: 选项“%s�需�一个选项\n"
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr "%s：放弃特�时失败 (%s)\n"
+
+#, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s：无效的 chroot 路径“%s�\n"
+
+#, c-format
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s：无法访问 chroot 目录 %s：%s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot access chroot directory %s: %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s：无法访问 chroot 目录 %s：%s\n"
+
+#, c-format
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s：无法 chroot 到目录 %s: %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+"无效的 ENCRYPT_METHOD 值：“%s�。\n"
+"默认为 DES。\n"
+
+#, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "无法 cd 进入“%s�\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "没有目录，将以 HOME=/ 登录"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "无法执行 %s"
+
+#, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "无效的根目录“%s�\n"
+
+#, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "无法将根目录改�为“%s�\n"
+
+msgid "Unable to determine your tty name."
+msgstr "无法确定您的 tty 终端�。"
+
+msgid "No"
+msgstr "�"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法：%s [选项] 登录\n"
+"\n"
+"选项：\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr "  -d, --lastday 最近日期        将最近一次密�设置时间设为“最近日期�\n"
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr "  -E, --expiredate 过期日期     将�户过期时间设为“过期日期�\n"
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr "  -h, --help                    显示此帮助信�并推出\n"
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -I, --inactive INACITVE       过期 INACTIVE 天数�，设定密�为失效状�\n"
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr "  -l, --list                    显示�户年龄信�\n"
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -m, --mindays 最�天数        将两次改�密�之间相�的最�天数设为“最�天"
+"数�\n"
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -M, --maxdays 最大天数        将两次改�密�之间相�的最大天数设为“最大天"
+"数�\n"
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -R, --root CHROOT_DIR         chroot 到的目录\n"
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr "  -W, --warndays 警告天数       将过期警告天数设为“警告天数�\n"
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "请输入新值，或直接敲回车键以使用默认值"
+
+msgid "Minimum Password Age"
+msgstr "最�密�年龄"
+
+msgid "Maximum Password Age"
+msgstr "最大密�年龄"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "最近一次密�修改时间 (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "密�过期警告"
+
+msgid "Password Inactive"
+msgstr "密�失效"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "�户过期时间 (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "最近一次密�修改时间\t\t\t\t\t："
+
+msgid "never"
+msgstr "从�"
+
+msgid "password must be changed"
+msgstr "密�必须更改"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "密�过期时间\t\t\t\t\t："
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "密�失效时间\t\t\t\t\t："
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "�户过期时间\t\t\t\t\t\t："
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "两次改�密�之间相�的最�天数\t\t：%ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "两次改�密�之间相�的最大天数\t\t：%ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "在密�过期之�警告的天数\t：%ld\n"
+
+#, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s：无效的日期“%s�\n"
+
+#, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s：无效的数字�数“%s�\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s：请��与其它标志一�使用“l�\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s：没有��。\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s：无法确定您的用户�。\n"
+
+#, c-format
+msgid "%s: PAM: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, c-format
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s：无法�定 %s，请���试。\n"
+
+#, c-format
+msgid "%s: cannot open %s\n"
+msgstr "%s：无法打开 %s\n"
+
+#, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s：将更改写入 %s 时失败\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr "%s：准备新 %s �目“%s�失败\n"
+
+#, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s：影�密�文件�存在\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s：用户 %s �存在于 %s 中\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "正在为 %s 修改年龄信�\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s：改�字段时出错\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法：%s [选项] [登录]\n"
+"\n"
+"选项：\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr "  -f, --full-name FULL_NAME     更改用户的全�\n"
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr "  -h, --home-phone HOME_PHONE   更改用户的家庭电���\n"
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr "  -o, --other OTHER_INFO        更改用户的其它 GECOS 信�\n"
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr "  -r, --room ROOM_NUMBER        更改用户的房间�\n"
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr "  -u, --help                    显示此帮助信�并推出\n"
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr "  -w, --work-phone WORK_PHONE   更改用户的办公室电���\n"
+
+msgid "Full Name"
+msgstr "全�"
+
+#, c-format
+msgid "\t%s: %s\n"
+msgstr "\t%s：%s\n"
+
+msgid "Room Number"
+msgstr "房间��"
+
+msgid "Work Phone"
+msgstr "工作电�"
+
+msgid "Home Phone"
+msgstr "家庭电�"
+
+msgid "Other"
+msgstr "其它"
+
+msgid "Cannot change ID to root.\n"
+msgstr "无法改� ID 到 root。\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr "%s：�称中有� ASCII 字符：“%s�\n"
+
+#, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s：无效的�称：“%s�\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr "%s：房间�包�� ASCII 字符：“%s�\n"
+
+#, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s：无效的房间��：“%s�\n"
+
+#, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s：无效的工作电�：“%s�\n"
+
+#, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s：无效的家庭电�：“%s�\n"
+
+#, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s：“%s�包�� ASCII 字符\n"
+
+#, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s：“%s�包��法字符\n"
+
+#, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s：用户“%s��存在\n"
+
+#, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s：�能在 NIS 客户端上修改用户“%s�。\n"
+
+#, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s：“%s�是此客户端的 NIS 管�员。\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "正在改� %s 的用户信�\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s：字段太长\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法：%s [选项]\n"
+"\n"
+"选项：\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr "  -c, --crypt-method 方法        加密方法(%s 中的一个)\n"
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr "  -e, --encrypted\t\t�供的密�已�加密\n"
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr "  -m, --md5\t\t使用 MD5 算法加密明文密�\n"
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr "  -s, --sha-rounds\t\tSHA* 加密算法中的 SHA �边的数字\n"
+
+#, c-format
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s：%s 标记�能和 %s 标记一起使用\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr "%s：-c, -e 和 -m 选项互斥\n"
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr "%s：�支�的加密方法：%s\n"
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s：第 %d 行：此行太长\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s：第 %d 行：缺少新密�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s： 写入 %s 失败: %s\n"
+
+#, c-format
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s：第 %d 行：组“%s��存在\n"
+
+#, c-format
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+"%s：第 %d 行：准备新 %s �目“%s�失败\n"
+"\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s：�现错误，忽略改动\n"
+
+#, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s：(第 %d 行，用户 %s) �存在\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s：第 %d 行：用户“%s��存在\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr "  -s, --shell SHELL             该用户��的新登录 shell\n"
+
+msgid "Login Shell"
+msgstr "登录 Shell"
+
+#, c-format
+msgid "You may not change the shell for '%s'.\n"
+msgstr "您�能为“%s�更改 shell。\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "正在更改 %s 的 shell\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s：无效的�目：%s\n"
+
+#, c-format
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s：%s 是无效的 shell。\n"
+
+#, c-format
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s：警告：%s �存在\n"
+
+#, c-format
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s：警告：%s ��执行\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr "  -c, --check                   检查用户密�是�过期\n"
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr "  -f, --force                   如果用户密�过期，则强制�求更改密�\n"
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr "%s：选项 %s 和 %s 冲�\n"
+
+#, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s：�外的�数：%s\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr "  -a, --all\t\t\t为所有用户显示登陆失败记录\n"
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr "  -l, --lock-secs SEC\t登陆失败�临时�定账户 %s 秒\n"
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr "  -m, --maximum MAX\t\t将最大登陆失败计数设置为 MAX\n"
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr "  -r, --reset\t\t�置登陆失败计数\n"
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr "  -t, --time DAYS\t\t显示 DAYS 天�的登陆失败记录\n"
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+"  -u, --user LOGIN/RANGE\t�为指定的登录显示登录失败记录或维护失败\n"
+"\t\t\t\t\t计数和�制(如果使用了 -r, -m 或 -l)\n"
+
+#, c-format
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s：获� UID %lu 的�目失败\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "登录        失败次数  最多   最近                     于\n"
+
+#, c-format
+msgid " [%lus left]"
+msgstr " [还剩 %lus]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [�定 %lds]"
+
+#, c-format
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s：为 UID %lu �置失败计数失败\n"
+
+#, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s：为 UID %lu 设置最大值失败\n"
+
+#, c-format
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s：为 UID %lu 设置�定时间失败\n"
+
+#, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "%s：未知用户或范围：%s\n"
+
+#, c-format
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s：无法获得 %s 的大�：%s\n"
+
+#, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s： 写入 %s 失败: %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法：%s [选项] 组\n"
+"\n"
+"选项：\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr "  -a, --add USER                �组 GROUP 中添加用户 USER\n"
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr "  -d, --delete USER             从组 GROUP 中添加或删除用户\n"
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr "  -Q, --root CHROOT_DIR         � chroot 进的目录\n"
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr "  -r, --remove-password         移除组 GROUP 的密�\n"
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr "  -R, --restrict                �其�员�制访问组 GROUP\n"
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr "  -M, --members USER,...        设置组 GROUP 的�员列表\n"
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr "  -A, --administrators ADMIN,...\t设置组的管�员列表\n"
+
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "除�使用 -A 或 -M 选项，�能结�使用这些选项。\n"
+
+msgid "The options cannot be combined.\n"
+msgstr "选项�能结�。\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s：-A 需�影�组密�\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s：%s 组�存在于 %s 中\n"
+
+#, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s：关闭�读 %s 时失败\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "正在修改 %s 组的密�\n"
+
+msgid "New Password: "
+msgstr "新密�："
+
+msgid "Re-enter new password: "
+msgstr "请�新输入新密�："
+
+msgid "They don't match; try again"
+msgstr "他们并�匹�；请�试"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s：请���试\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "正在将用户“%s�加入到“%s�组中\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "正在将用户“%s�从“%s�组中删除\n"
+
+#, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s：用户“%s��是“%s�的�员\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s：�是 tty\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法：%s [选项] 组\n"
+"\n"
+"选项:\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+"  -f, --force\t\t如果组已�存在则�功退出\n"
+"\t\t\t并且如果 GID 已�存在则�消 -g\n"
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr "  -g, --gid GID                 为新组使用 GID\n"
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr "  -K, --key KEY=VALUE           �使用 /etc/login.defs 中的默认值\n"
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr "  -o, --non-unique              �许创建有�� GID 的组\n"
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr "  -p, --password PASSWORD       为新组使用此加密过的密�\n"
+
+msgid "  -r, --system                  create a system account\n"
+msgstr "  -r, --system                  创建一个系统账户\n"
+
+#, c-format
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s：“%s��是有效的组�\n"
+
+#, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "%s：无效的组 ID “%s�\n"
+
+#, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s：-K 需� KEY=VALUE\n"
+
+#, c-format
+msgid "%s: group '%s' already exists\n"
+msgstr "%s：“%s�组已存在\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr "%s：GID “%lu�已�存在\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s：无法确定您的用户�。\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -r, --reset                   reset the counters of login failures\n"
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr "  -r, --reset\t\t�置登陆失败计数\n"
+
+#, c-format
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%1$s：无法从 %3$s 中移除 %2$s\n"
+
+#, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s：�能移除用户“%s�的主组\n"
+
+#, c-format
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s：“%s�组�存在\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s：“%s�组是一个 NIS 组。\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s：%s 是 NIS 管�员\n"
+
+#, c-format
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s：用户“%s�已�是 %s 的�员\n"
+
+#, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s：超出内存。�能更新 %s。\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法：%s [选项] [动作]\n"
+"\n"
+"选项：\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+"  -g, --group groupname         更改组 groupname，而�是用户的组(� root)\n"
+
+msgid "\n"
+msgstr "\n"
+
+msgid "Actions:\n"
+msgstr "动作：\n"
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr "  -a, --add username            将用户 username 添加到组�员中\n"
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr "  -d, --delete username         从组的�员中删除用户 username\n"
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr "  -p, --purge                   从组中移除所有�员\n"
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr "  -l, --list                    列出组中的所有�员\n"
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr "%s：您的组�和用户��匹�\n"
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr "%s：�有 root ��以使用 -g/--group 选项\n"
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr "  -g, --gid GID                 将组 ID 改为 GID\n"
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr "  -n, --new-name NEW_GROUP      改�为 NEW_GROUP\n"
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr "  -o, --non-unique              �许使用��的 GID\n"
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr "  -p, --password PASSWORD\t将密�更改为(加密过的) PASSWORD\n"
+
+#, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "%s：无效的组�“%s�\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s：%s 组是一个 NIS 组\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s：未知用户 %s\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法：%s [选项] [组 [gshadow]]\n"
+"\n"
+"选项：\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法：%s [选项] [组]\n"
+"\n"
+"选项：\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr "  -r, --read-only               显示错误和警告，但�改�文件\n"
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr "  -s, --sort                    通过 UID 排�项目\n"
+
+#, c-format
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s：-s 和 -r �兼容\n"
+
+msgid "invalid group file entry"
+msgstr "无效的组文件�目"
+
+#, c-format
+msgid "delete line '%s'? "
+msgstr "删除“%s�一行？"
+
+msgid "duplicate group entry"
+msgstr "�制组�目"
+
+#, c-format
+msgid "invalid group name '%s'\n"
+msgstr "无效的组�“%s�\n"
+
+#, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "无效的组 ID “%lu�\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "%s 组：无用户 %s\n"
+
+#, c-format
+msgid "delete member '%s'? "
+msgstr "删除�员“%s��？"
+
+#, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "在 %s 中没有找到匹�的组文件�目\n"
+
+#, c-format
+msgid "add group '%s' in %s? "
+msgstr "将组“%s�添加到 %s？"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr "组 %s 在 %s 中有一个�目，但是 %s 中它的密�字段�是“x�\n"
+
+msgid "invalid shadow group file entry"
+msgstr "无效的影�组文件�目"
+
+msgid "duplicate shadow group entry"
+msgstr "��的影�组�目"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "%s 影�组：无管�员用户 %s\n"
+
+#, c-format
+msgid "delete administrative member '%s'? "
+msgstr "删除有管���的�员“%s��？"
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "%s 影�组：无用户 %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s：文件已更新\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s：无改�\n"
+
+#, c-format
+msgid "%s: cannot delete %s\n"
+msgstr "%s：无法删除 %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "用法：id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "用法：id\n"
+
+msgid " groups="
+msgstr " 组="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr "  -b, --before DAYS             仅打�早于 DAYS 的最近登录记录\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr "  -a, --all\t\t\t为所有用户显示登陆失败记录\n"
+
+#, fuzzy
+#| msgid ""
+#| "  -a, --all                     display faillog records for all users\n"
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr "  -a, --all\t\t\t为所有用户显示登陆失败记录\n"
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr "  -t, --time DAYS               仅打�晚于 DAYS 的最近登录记录\n"
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr "  -u, --user LOGIN              打� LOGIN 用户的最近登录记录\n"
+
+msgid "Username         Port     From             Latest"
+msgstr "用户�           端�     �自             最�登陆时间"
+
+msgid "Username                Port     Latest"
+msgstr "用户�                  端�     最�登陆时间"
+
+msgid "**Never logged in**"
+msgstr "**从未登录过**"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to get the entry for UID %lu\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s：获� UID %lu 的�目失败\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s：无法更新密�文件\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "用法：%s [-p] [�称]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h 主机] [-f �称]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r 主机\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr "�置出错 - 无法解� %s 值：�%d“"
+
+msgid "Invalid login time"
+msgstr "无效的登录时间"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"系统关闭，例行维护"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[忽略断线�求 -- �许 root 登录。]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr "%s：没有有效 root 的情况下，��能工作\n"
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr "没有 utmp �目。您必须在最底层的“sh�里执行“login�"
+
+#, c-format
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"%u 秒�登录超时。\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr "login: PAM 错误，正在退出：%s\n"
+
+#, c-format
+msgid "%s login: "
+msgstr "%s 用户�："
+
+msgid "login: "
+msgstr "用户�："
+
+#, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "已�超过最大�试次数 (%u)\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr "login: PAM 中止请求\n"
+
+msgid "Login incorrect"
+msgstr "登录错误"
+
+#, c-format
+msgid "Cannot find user (%s)\n"
+msgstr "无法找到用户 (%s)\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+"%s 用户�："
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr "%s：fork 失败：%s"
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr "%s 上 TIOCSCTTY 失败"
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "警告：在短暂的�定�将��登录。"
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "上次登录：%s 在 %s 上"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "上次登录：%.19s 在 %s 上"
+
+#, c-format
+msgid " from %.*s"
+msgstr " �自 %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+"超过登录时间\n"
+"\n"
+
+msgid "Usage: logoutd\n"
+msgstr "用法：logoutd\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "用法：newgrp [-] [组]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "用法：sg 组 [[-c] 命令]\n"
+
+#, fuzzy, c-format
+#| msgid "%s: Failed to write %s: %s\n"
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s： 写入 %s 失败: %s\n"
+
+msgid "Invalid password.\n"
+msgstr "无效的密�。\n"
+
+#, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s：fork 失败：%s\n"
+
+#, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s：GID“%lu��存在\n"
+
+msgid "too many groups\n"
+msgstr "用户组过多\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr "  -r, --system                  创建系统��\n"
+
+#, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s：“%s�组是影�组，但是�存在于 /etc/group\n"
+
+#, c-format
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s：无效的用户 ID“%s�\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s：无效的用户�“%s�\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s：第 %d 行：无效行\n"
+
+#, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s：�能更新用户 %s 的�目 (�存在于 passwd 数�库)\n"
+
+#, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s：第 %d 行：无法创建用户\n"
+
+#, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s：第 %d 行：无法创建组\n"
+
+#, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s：第 %d 行：用户�%s“�存在于 %s 中\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s：第 %d 行：无法更新密�\n"
+
+#, c-format
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s：第 %d 行：创建目录 %s 失败：%s\n"
+
+#, c-format
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s：第 %d 行：改� %s 的属主失败：%s\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s：第 %d 行：无法更新�目\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s：准备新 %s �目“%s�失败\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s：无法创建用户\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s 无法更新组文件\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr "  -a, --all                     报告所有�户的密�状�\n"
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr "  -d, --delete                  删除指定�户的密�\n"
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr "  -e, --expire                  强制使指定�户的密�过期\n"
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr "  -k, --keep-tokens             仅在过期�修改密�\n"
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr "  -i, --inactive INACTIVE       密�过期�设置密��活动为 INACTIVE\n"
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr "  -l, --lock                    �定指定的�户\n"
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+"  -n, --mindays MIN_DAYS        设置到下次修改密�所须等待的最短天数\n"
+"                                为 MIN_DAYS\n"
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr "  -q, --quiet                   安�模�\n"
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr "  -r, --repository REPOSITORY   在 REPOSITORY 库中改�密�\n"
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr "  -S, --status                  报告指定�户密�的状�\n"
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr "  -u, --unlock                  解�被指定�户\n"
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr "  -w, --warndays WARN_DAYS      设置过期警告天数为 WARN_DAYS\n"
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+"  -x, --maxdays MAX_DAYS        设置到下次修改密�所须等待的最多天数\n"
+"                                为 MAX_DAYS\n"
+
+msgid "Old password: "
+msgstr "旧密�："
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"请输入新密�(最少 %d 个字符)\n"
+"请混�使用大�写字�和数字。\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"请输入新密�(最少 %d 最多 %d 个字符)\n"
+"请混�使用大�写字�和数字。\n"
+
+msgid "New password: "
+msgstr "新密�："
+
+msgid "Try again."
+msgstr "�试。"
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"警告：脆弱的密�(�新输入以强制使用它)。"
+
+msgid "They don't match; try again.\n"
+msgstr "它们并�匹�；请�试。\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "无法更改 %s 的密�。\n"
+
+#, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "尚无法更改 %s 的密�。\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+"%s：解�密�将产生一个没有密�的账户。\n"
+"您应该使用 usermod -p �为此账户设置密�并解�。\n"
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s：�支� %s 存储。\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr "%s：%s 没有被授�更改 %s 的密�\n"
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s：您�能查看或更改 %s 的密�信�。\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "正在为 %s 修改密�\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s 的密�未被改�。\n"
+
+#, c-format
+msgid "%s: password changed.\n"
+msgstr "%s：密�已更改。\n"
+
+#, c-format
+msgid "%s: password expiry information changed.\n"
+msgstr "%s：密�过期信�已更改。\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法：%s [选项] [passwd]\n"
+"\n"
+"选项：\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法：%s [选项] [passwd [shadow]]\n"
+"\n"
+"选项：\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr "  -q, --quiet                   �报告错误\n"
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr "%s：USE_TCB �用时没有�许的替代影�文件。\n"
+
+msgid "invalid password file entry"
+msgstr "无效的密�文件项"
+
+msgid "duplicate password entry"
+msgstr "��的密�项"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "无效的用户�“%s�\n"
+
+#, c-format
+msgid "invalid user ID '%lu'\n"
+msgstr "无效的用户 ID“%lu�\n"
+
+#, c-format
+msgid "user '%s': no group %lu\n"
+msgstr "用户“%s�：无 %lu 组\n"
+
+#, c-format
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "用户“%s�：目录 %s �存在\n"
+
+#, c-format
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "用户“%s�：程� %s �存在\n"
+
+#, c-format
+msgid "no tcb directory for %s\n"
+msgstr "没有 %s 的 tcb 目录\n"
+
+#, c-format
+msgid "create tcb directory for %s?"
+msgstr "为 %s 创建 tcb 文件？"
+
+#, c-format
+msgid "failed to create tcb directory for %s\n"
+msgstr "为 %s 创建 tcb 目录失败\n"
+
+#, c-format
+msgid "%s: cannot lock %s.\n"
+msgstr "%s：无法�定 %s\n"
+
+#, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "在 %s 中没有匹�的密�文件项\n"
+
+#, c-format
+msgid "add user '%s' in %s? "
+msgstr "在 %s 中添加用户“%s�？"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr "用户 %s 在 %s 中有一个�目，但是它在 %s 中的密�字段没有设置为“x�\n"
+
+msgid "invalid shadow password file entry"
+msgstr "无效的影�密�文件项"
+
+msgid "duplicate shadow password entry"
+msgstr "��的影�密�文项"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "用户 %s：未�最近的密�改动\n"
+
+#, c-format
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s：在 %s 中无法排��目\n"
+
+#, c-format
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s：�能与 tcb ��使用\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr "%s：将 %s 的模�更改为 0600 失败\n"
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "su 到该�户被拒。\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "忽略密�认�\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "请输入您*自己*的密�作为验�。\n"
+
+#, c-format
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s：无法 fork 用户 shell\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr "%s：信�故障\n"
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr "%s：信��蔽(mask)故障\n"
+
+msgid "Session terminated, terminating shell..."
+msgstr "会�结�，结� shell ..."
+
+msgid " ...killed.\n"
+msgstr " ...已被�死。\n"
+
+msgid " ...waiting for child to terminate.\n"
+msgstr " ...等待�进程结�。\n"
+
+msgid " ...terminated.\n"
+msgstr " ...已结�。\n"
+
+#, c-format
+msgid "%s: %s\n"
+msgstr "%s：%s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+"用法：su [选项] [登录]\n"
+"\n"
+"选项：\n"
+"  -c, --command COMMAND\t\t将 COMMAND 传递至�动的 shell\n"
+"  -h, --help\t\t\t显示此帮助信�并退出\n"
+"  -, -l, --login\t\t将 shell 设为登录 shell\n"
+"  -m, -p,\n"
+"  --preserve-environment\t��置环境��并���一 shell\n"
+"  -s, --shell SHELL\t\t使用 SHELL 而� passwd 中的默认值\n"
+"\n"
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s：%s\n"
+"(忽略)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "您没有被授� su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(请输入您自己的密�)"
+
+#, c-format
+msgid "%s: Authentication failure\n"
+msgstr "%s：验�失败\n"
+
+#, c-format
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "%s：那时，您没有被授� su\n"
+
+#, c-format
+msgid "No passwd entry for user '%s'\n"
+msgstr "没有用户“%s�的密�项\n"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s：必须从终端中执行\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s：pam_start：错误 %d\n"
+
+#, c-format
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s：无法放弃控制终端\n"
+
+#, c-format
+msgid "Cannot execute %s\n"
+msgstr "无法执行 %s\n"
+
+msgid "No password file"
+msgstr "没有密�文件"
+
+msgid "TIOCSCTTY failed"
+msgstr "TIOCSCTTY 失败"
+
+msgid "No password entry for 'root'"
+msgstr "没有“root�的密�项"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"敲击 control-d 继续使用普通�户环境，\n"
+"(或者输入 root 密�以进行系统维护)："
+
+msgid "Entering System Maintenance Mode"
+msgstr "正在进入系统维护模�"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr "%s：%s 已�创建，但是�能删除\n"
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr "%s: %s �置(�于 %s) 将被忽略\n"
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s：无法创建新的默认文件\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s：无法打开新的默认文件\n"
+
+#, c-format
+msgid "%s: line too long in %s: %s..."
+msgstr "%s：%s 中行太长：%s..."
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot create symbolic link %s: %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s：无法创建符�链接 %s：%s\n"
+
+#, c-format
+msgid "%s: rename: %s: %s\n"
+msgstr "%s：改�：%s：%s\n"
+
+#, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s：“%s�组是一个 NIS 组。\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s：指定了过多组(最多 %d)。\n"
+
+#, c-format
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr ""
+"用法：%s [选项] 登录\n"
+"      %s -D\n"
+"      %s -D [选项]\n"
+"\n"
+"选项：\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr "  -b, --base-dir BASE_DIR\t新账户的主目录的基目录\n"
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr "  -c, --comment COMMENT         新账户的 GECOS 字段\n"
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr "  -d, --home-dir HOME_DIR       新账户的主目录\n"
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr "  -D, --defaults\t\t显示或更改默认的 useradd �置\n"
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr " -e, --expiredate EXPIRE_DATE  新账户的过期日期\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr "  -f, --inactive INACTIVE       新账户的密��活动期\n"
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr "  -g, --gid GROUP\t\t新账户主组的�称或 ID\n"
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr "  -G, --groups GROUPS\t新账户的附加组列表\n"
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr "  -k, --skel SKEL_DIR\t使用此目录作为骨架目录\n"
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr "  -l, --no-log-init\t��将此用户添加到最近登录和登录失败数�库\n"
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr "  -m, --create-home\t创建用户的主目录\n"
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr "  -M, --no-create-home\t\t�创建用户的主目录\n"
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr "  -N, --no-user-group\t�创建��的组\n"
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr "  -o, --non-unique\t\t�许使用��的 UID 创建用户\n"
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr "  -p, --password PASSWORD\t\t加密�的新账户密�\n"
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr "  -s, --shell SHELL\t\t新账户的登录 shell\n"
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr "  -u, --uid UID\t\t\t新账户的用户 ID\n"
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr "  -U, --user-group\t\t创建与用户��的组\n"
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr "  -Z, --selinux-user SEUSER\t\t为 SELinux 用户映射使用指定 SEUSER\n"
+
+#, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s：无效的基目录“%s�\n"
+
+#, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s：无效的注释“%s�\n"
+
+#, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s：无效的主目录“%s�\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s：-e �数需�有影�密�\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s：-f �数需�有影�密�\n"
+
+#, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s：无效的字段“%s�\n"
+
+#, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s：无效的 shell“%s�\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr "%s: -Z 选项�求内核�用 SELinux\n"
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr "%s：�置 UID %lu 的登录失败�目失败：%s\n"
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr "%s：�置 UID %lu 的最近登录�目失败：%s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s：准备新 %s �目“%s�失败\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s：无法创建目录 %s\n"
+
+msgid "Creating mailbox file"
+msgstr "正在创建信箱文件"
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr "没有找到“mail�组。以 0600 ��模�创建用户的信箱文件。\n"
+
+msgid "Setting mailbox file permissions"
+msgstr "正在设置信箱文件访问��"
+
+#, c-format
+msgid "%s: user '%s' already exists\n"
+msgstr "%s：用户“%s�已存在\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr "%s：%s 组已�存在 - 如果您想将此用户加入到该组，请使用 -g �数。\n"
+
+#, c-format
+msgid "%s: can't create user\n"
+msgstr "%s：无法创建用户\n"
+
+#, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s：UID %lu 并�唯一\n"
+
+#, c-format
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s：为 %s 创建 tcb 目录失败\n"
+
+#, c-format
+msgid "%s: can't create group\n"
+msgstr "%s：无法创建用户组\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create user\n"
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s：无法创建用户\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't create group\n"
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s：无法创建用户组\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+"%s：警告：此主目录已�存在。\n"
+"�从 skel 目录里�其中�制任何文件。\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr "%s：警告：将用户� %s 到 %s SELinux 的用户映射失败。\n"
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr "  -f, --force                   �使�属于此用户，也强制删除文件\n"
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr "  -r, --remove                  删除主目录和邮件池\n"
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr "  -Z, --selinux-user            为用户删除所有的 SELinux 用户映射\n"
+
+#, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s：组“%s�没有移除，因为它�是用户 %s 的主组\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr "%s：组“%s�没有移除，因为它包�其它�员。\n"
+
+#, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr "%s：没有删除 %s 组，因为它是�外一个用户的主组。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot remove entry '%s' from %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%1$s：无法从 %3$s 中移除 %2$s\n"
+
+#, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s: %s 邮件池 (%s) 未找到\n"
+
+#, c-format
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s：警告：无法删除 %s：%s\n"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s：%s 并�属于 %s，所以�会删除\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr "%s：无法申请内存，%s 的 tcb �目没有移除。\n"
+
+#, c-format
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s：无法放弃特�：%s\n"
+
+#, c-format
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s：无法删除 %s 的内容：%s\n"
+
+#, c-format
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s：无法从 %s 中删除 tcb 文件：%s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s：用户 %s 是 NIS 用户\n"
+
+#, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s：未找到 %s 的主目录“%s�\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s：�删除目录 %s (因为这将删除用户 %s 的主目录)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s：删除目录 %s 时出错\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr "%s：警告：将用户� %s 到 SELinux 的用户映射失败。\n"
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr "  -c, --comment 注释            GECOS 字段的新值\n"
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr "  -d, --home HOME_DIR           用户的新主目录\n"
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr "  -e, --expiredate EXPIRE_DATE  设定�户过期的日期为 EXPIRE_DATE\n"
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+"  -f, --inactive INACTIVE       过期 INACTIVE 天数�，设定密�为失效状�\n"
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr "  -g, --gid GROUP               强制使用 GROUP 为新主组\n"
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr "  -G, --groups GROUPS           新的附加组列表 GROUPS\n"
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+"  -a, --append GROUP            将用户追加至上边 -G 中�到的附加组中，\n"
+"                                并�从其它组中删除此用户\n"
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr "  -l, --login LOGIN             新的登录�称\n"
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr "  -L, --lock                    �定用户��\n"
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+"  -m, --move-home               将家目录内容移至新�置 (仅于 -d 一起使用)\n"
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr "  -o, --non-unique              �许使用��的(�唯一的) UID\n"
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr "  -p, --password PASSWORD       将加密过的密� (PASSWORD) 设为新密�\n"
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr "  -u, --uid UID                 用户��的新 UID\n"
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr "  -U, --unlock                  解�用户��\n"
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr "  -Z, --selinux-user  SEUSER       用户账户的新 SELinux 用户映射\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+"%s：解�用户密�将产生没有密�的账户。\n"
+"您应该使用 usermod -p 设置密�并解�用户密�。\n"
+
+#, c-format
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s：用户 %s 已存在于 %s 中\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s：无效的日期“%s�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid date '%s'\n"
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s：无效的日期“%s�\n"
+
+#, c-format
+msgid "%s: no options\n"
+msgstr "%s：无选项\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr "%s：-L ，-p 和 -U 标志互斥\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s：-e 和 -f �数需�影�密�\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr "%s：UID “%lu�已�存在\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not authorized to change the password of %s\n"
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr "%s：%s 没有被授�更改 %s 的密�\n"
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s：目录 %s �存在\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr "%s：先�的用户目录 (%s) �是目录。没有移除它也没有创建主目录。\n"
+
+#, c-format
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s：更改主目录的属主失败"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr "%s：警告：无法将旧的主目录 %s 完全删除"
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s：无法将目录 %s 改�为 %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr "%s：将用户 %lu 的登录失败�目�制给用户 %lu 失败：%s\n"
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr "%s：将用户 %lu 的登录失败�目�制给用户 %lu 失败：%s\n"
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s：警告：%s �属于 %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "改�信箱所有者失败"
+
+msgid "failed to rename mailbox"
+msgstr "无法为信箱改�"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s：准备新 %s �目“%s�失败\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s：准备新 %s �目“%s�失败\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s：准备新 %s �目“%s�失败\n"
+
+#, fuzzy, c-format
+#| msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s：准备新 %s �目“%s�失败\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+"您已�修改了 %s。\n"
+"出于一致性的考虑，您�能需�修改 %s。\n"
+"请使用命令“%s��进行这个工作。\n"
+
+msgid "  -g, --group                   edit group database\n"
+msgstr "  -g, --group                   编辑 group 数�库\n"
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr "  -p, --passwd                  编辑 passwd 数�库\n"
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr "  -s, --shadow                  编辑 shadow 或 gshadow 数�库\n"
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr "  -u, --user                    �编辑哪个用户的 tcb 影�文件\n"
+
+#, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s：移除 %s 失败\n"
+
+#, c-format
+msgid "%s: %s is unchanged\n"
+msgstr "%s：%s 没有更改\n"
+
+msgid "failed to create scratch directory"
+msgstr "创建临时目录失败"
+
+msgid "failed to drop privileges"
+msgstr "放弃特�失败"
+
+msgid "Couldn't get file context"
+msgstr "无法获�上下文"
+
+msgid "setfscreatecon () failed"
+msgstr "setfscreatecon () 失败"
+
+msgid "failed to gain privileges"
+msgstr "获�特�失败"
+
+msgid "Couldn't lock file"
+msgstr "无法�定文件"
+
+msgid "Couldn't make backup"
+msgstr "无法备份"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM: %s\n"
+msgid "%s: %s: %s\n"
+msgstr "%s: PAM: %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: nscd exited with status %d"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s: nscd 以状� %d 退出"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+msgid "failed to open scratch file"
+msgstr "打开临时文件失败"
+
+msgid "failed to unlink scratch file"
+msgstr "删除(unlink)临时文件失败"
+
+msgid "failed to stat edited file"
+msgstr "获�编辑过的文件的信�失败"
+
+msgid "failed to allocate memory"
+msgstr "申请内存失败"
+
+msgid "failed to create backup file"
+msgstr "创建备份文件失败"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s：无法�� %s：%s (您的修改在 %s 中)\n"
+
+#, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s：无法为“%s�找到 tcb 目录\n"
+
+#~ msgid "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ msgstr "  -c, --crypt-method            加密方法 (%s 之一)\n"
+
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr ""
+#~ "用法：vipw [选项]\n"
+#~ "\n"
+#~ "选项：\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) 失败\n"
+
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法：chage [选项] [登录]\n"
+#~ "\n"
+#~ "选项：\n"
+#~ "  -d, --lastday 最近日期\t将最近一次密�设置时间设为“最近日期�\n"
+#~ "  -E, --expiredate 过期日期\t将�户过期时间设为“过期日期�\n"
+#~ "  -h, --help\t\t\t显示此帮助信�并退出\n"
+#~ "  -I, --inactive INACITVE\t过期 INACTIVE 天数�，设定密�为失效状�\n"
+#~ "  -l, --list\t\t\t显示�户年龄信�\n"
+#~ "  -m, --mindays 最�天数\t将两次改�密�之间相�的最�天数设为“最�天数�\n"
+#~ "  -M, --maxdays 最大天数\t将两次改�密�之间相�的最大天数设为“最大天数�\n"
+#~ "  -W, --warndays 警告天数\t将过期警告天数设为“警告天数�\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s：PAM 验�失败\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "用法：%s [-f 全�] [-r 房间�] [-w 工作电�]\n"
+#~ "\t[-h 家庭电�] [-o 其它] [用户]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr "用法：%s [-f 全�] [-r 房间�] [-w 工作电�] [-h 家庭电�]\n"
+
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "用法：%s [选项]\n"
+#~ "\n"
+#~ "选项：\n"
+#~ "  -c, --crypt-method\t加密方法 (%s 中的一个)\n"
+#~ "  -e, --encrypted\t\t�供的密�是加密过的\n"
+#~ "  -h, --help\t\t\t显示此帮助信�然�推出\n"
+#~ "  -m, --md5\t\t\t使用 MD5 算法加密明文密�\n"
+#~ "%s\n"
+
+#~ msgid ""
+#~ "Usage: chsh [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法：chsh [选项] [登录]\n"
+#~ "\n"
+#~ "选项：\n"
+#~ "  -h, --help\t\t\t\t显示此帮助信�并退出\n"
+#~ "  -s, --shell SHELL\t\t\t该用户��的新登录 shell\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "用法：expiry {-f|-c}\n"
+
+#~ msgid "faillog: Failed to get the entry for UID %lu\n"
+#~ msgstr "登录失败：获� UID %lu 的�目失败\n"
+
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "登录失败：无法打开 %s：%s\n"
+
+#~ msgid "faillog: Cannot get the size of %s: %s\n"
+#~ msgstr "登录失败：无法获� %s 的大�：%s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "用法：groupdel 组\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "用法：%s [-r] [-s] [组 [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "用法：%s [-r] [-s] [组]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s：-s 和 -r �兼容\n"
+
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "用法：grpconv\n"
+
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "用法：grpunconv\n"
+
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法：lastlog [选项]\n"
+#~ "\n"
+#~ "选项：\n"
+#~ "  -b, --before DAYS\t仅打�早于 DAYS 的最近登录记录\n"
+#~ "  -h, --help\t\t显示此帮助信�并退出\n"
+#~ "  -t, --time DAYS\t仅打�晚于 DAYS 的最近登录记录\n"
+#~ "  -u, --user LOGIN\t打� LOGIN 用户的最近登录记录\n"
+#~ "\n"
+
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法：passwd [选项] [用户�]\n"
+#~ "\n"
+#~ "选项：\n"
+#~ "  -a, --all\t\t\t报告所有�户的密�状�\n"
+#~ "  -d, --delete\t\t\t删除指定�户的密�\n"
+#~ "  -e, --expire\t\t\t强制使指定�户的密�过期\n"
+#~ "  -h, --help\t\t\t显示此帮助信�并退出\n"
+#~ "  -k, --keep-tokens\t\t仅在过期�修改密�\n"
+#~ "  -i, --inactive INACTIVE\t密�过期�设置密��活动为 INACTIVE\n"
+#~ "  -l, --lock\t\t\t�定指定的�户\n"
+#~ "  -n, --mindays MIN_DAYS\t设置到下次修改密�所须等待的最短天数\n"
+#~ "\t\t\t\t为 MIN_DAYS\n"
+#~ "  -q, --quiet\t\t\t安�模�\n"
+#~ "  -r, --repository REPOSITORY\t在 REPOSITORY 库中改�密�\n"
+#~ "  -S, --status\t\t\t报告指定�户密�的状�\n"
+#~ "  -u, --unlock\t\t\t解�被指定�户\n"
+#~ "  -w, --warndays WARN_DAYS\t设置过期警告天数为 WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS\t设置到下次修改密�所须等待的最多天数\n"
+#~ "\t\t\t\t为 MAX_DAYS\n"
+#~ "\n"
+
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "用法：%s [-q] [-r] [passwd]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "用法：%s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "用法：pwconv\n"
+
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "用法：pwunconv\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "未知 id：%s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "没有 shell\n"
+
+#~ msgid ""
+#~ "Usage: userdel [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force removal of files,\n"
+#~ "                                even if not owned by user\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -r, --remove                  remove home directory and mail spool\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法：userdel [选项] 登录\n"
+#~ "\n"
+#~ "选项：\n"
+#~ "  -f, --force\t\t�使�属于此用户，也强制删除文件\n"
+#~ "  -h, --help\t\t显示此帮组文件并退出\n"
+#~ "  -r, --remove\t\t删除主目录和邮箱\n"
+#~ "\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s：用户 %s 目�已登录\n"
+
+#~ msgid ""
+#~ "Usage: usermod [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --comment COMMENT         new value of the GECOS field\n"
+#~ "  -d, --home HOME_DIR           new home directory for the user account\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP as new primary group\n"
+#~ "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+#~ "  -a, --append                  append the user to the supplemental "
+#~ "GROUPS\n"
+#~ "                                mentioned by the -G option without "
+#~ "removing\n"
+#~ "                                him/her from other groups\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --login NEW_LOGIN         new value of the login name\n"
+#~ "  -L, --lock                    lock the user account\n"
+#~ "  -m, --move-home               move contents of the home directory to "
+#~ "the\n"
+#~ "                                new location (use only with -d)\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "  -s, --shell SHELL             new login shell for the user account\n"
+#~ "  -u, --uid UID                 new UID for the user account\n"
+#~ "  -U, --unlock                  unlock the user account\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "用法：usermod [选项] 登录\n"
+#~ "\n"
+#~ "选项：\n"
+#~ "  -c, --comment 注释\t\tGECOS 字段的新值\n"
+#~ "  -d, --home HOME_DIR\t\t用户的新主目录\n"
+#~ "  -e, --expiredate EXPIRE_DATE\t设定�户过期的日期为 EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE\t过期 INACTIVE 天数�，设定密�为失效状�\n"
+#~ "  -g, --gid GROUP\t\t强制使用 GROUP 为新主组\n"
+#~ "  -G, --groups GROUPS\t\t新的附加组列表 GROUPS\n"
+#~ "  -a, --append GROUP\t将用户追加至上边 -G 中�到的附加组中，\n"
+#~ "\t\t\t\t\t并�从其它组中删除此用户\n"
+#~ "  -h, --help\t\t\t显示此帮助信�并退出\n"
+#~ "  -l, --login LOGIN\t\t新的登录�称\n"
+#~ "  -L, --lock\t\t\t�定用户��\n"
+#~ "  -m, --move-home\t\t将家目录内容移至新�置 (仅于 -d 一起使用)\n"
+#~ "  -o, --non-unique\t\t�许使用��的(�唯一的) UID\n"
+#~ "  -p, --password PASSWORD\t将加密过的密� (PASSWORD) 设为新密�\n"
+#~ "  -s, --shell SHELL\t\t用户��的新登录 shell\n"
+#~ "  -u, --uid UID\t\t\t用户��的新 UID\n"
+#~ "  -U, --unlock\t\t\t解�用户��\n"
+#~ "%s\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s：没有指定标志\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法：vipw [选项]\n"
+#~ "\n"
+#~ "选项：\n"
+#~ "  -g, --group\t\t\t编辑组数�库\n"
+#~ "  -h, --help\t\t\t显示此帮助信�并退出\n"
+#~ "  -p, --passwd\t\t\t编辑 passwd 数�库\n"
+#~ "  -q, --quiet\t\t\t安�模�\n"
+#~ "  -s, --shadow\t\t\t编辑 shadow 或 gshadow 数�库\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "用法：%s [输入]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s：无法创建 %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s：无法改� %s 的所有者和组别\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法：faillog [选项]\n"
+#~ "\n"
+#~ "选项：\n"
+#~ "  -a, --all\t\t\t显示所有用户的登录失败记录\n"
+#~ "  -h, --help\t\t\t显示本帮助信�并退出\n"
+#~ "  -l, --lock-time 秒数\t\t在登录失败��定�户“秒数�秒\n"
+#~ "  -m, --maximum 最大值\t\t将最大登录失败次数设为“最大值�\n"
+#~ "  -r, --reset\t\t\t将登录失败计数器归零\n"
+#~ "  -t, --time 天数\t\t显示最近“天数�天以�的登录失败记录\n"
+#~ "  -u, --user 登录\t\t仅显示用户“登录�的登录失败记录，或设置用户“登\n"
+#~ "\t\t\t\t录�的登录失败计数器��制(如果和 -r�-m 或 -l 选\n"
+#~ "\t\t\t\t项�用)\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupadd [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -f, --force                   force exit with success status if the\n"
+#~ "                                specified group already exists\n"
+#~ "  -g, --gid GID                 use GID for the new group\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -o, --non-unique              allow create group with duplicate\n"
+#~ "                                (non-unique) GID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new group\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法：groupadd [选项] 组\n"
+#~ "\n"
+#~ "选项：\n"
+#~ "  -f, --force\t\t如果指组已�存在，则强制以正常状�退出\n"
+#~ "  -g, --gid GID\t\t新组使用 GID\n"
+#~ "  -h, --help\t\t\t显示此帮助信�并退出\n"
+#~ "  -K, --key KEY=VALUE\t\t覆盖 /etc/login.defs 默认值\n"
+#~ "  -o, --non-unique\t\t�许使用��的(�唯一的) GID 创建组\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: groupmod [options] GROUP\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --gid GID                 force use new GID by GROUP\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -n, --new-name NEW_GROUP      force use NEW_GROUP name by GROUP\n"
+#~ "  -o, --non-unique              allow using duplicate (non-unique) GID by "
+#~ "GROUP\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new "
+#~ "password\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法：groupadd [选项] 组\n"
+#~ "\n"
+#~ "选项：\n"
+#~ "  -f, --force\t\t如果指组已�存在，则强制以正常状�退出\n"
+#~ "  -g, --gid GID\t\t新组使用 GID\n"
+#~ "  -h, --help\t\t\t显示此帮助信�并退出\n"
+#~ "  -K, --key KEY=VALUE\t\t覆盖 /etc/login.defs 默认值\n"
+#~ "  -o, --non-unique\t\t�许使用��的(�唯一的) GID 创建组\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR       base directory for the new user account\n"
+#~ "                                home directory\n"
+#~ "  -c, --comment COMMENT         set the GECOS field for the new user "
+#~ "account\n"
+#~ "  -d, --home-dir HOME_DIR       home directory for the new user account\n"
+#~ "  -D, --defaults                print or save modified default useradd\n"
+#~ "                                configuration\n"
+#~ "  -e, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -g, --gid GROUP               force use GROUP for the new user account\n"
+#~ "  -G, --groups GROUPS           list of supplementary groups for the new\n"
+#~ "                                user account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --skel SKEL_DIR           specify an alternative skel directory\n"
+#~ "  -K, --key KEY=VALUE           overrides /etc/login.defs defaults\n"
+#~ "  -l, --no-log-init             do not add the user to the lastlog and\n"
+#~ "                                faillog databases\n"
+#~ "  -m, --create-home             create home directory for the new user\n"
+#~ "                                account\n"
+#~ "  -M, --no-create-home          do not create user's home directory\n"
+#~ "                                (overrides /etc/login.defs)\n"
+#~ "  -N, --no-user-group           do not create a group with the same name "
+#~ "as\n"
+#~ "                                the user\n"
+#~ "  -o, --non-unique              allow create user with duplicate\n"
+#~ "                                (non-unique) UID\n"
+#~ "  -p, --password PASSWORD       use encrypted password for the new user\n"
+#~ "                                account\n"
+#~ "  -r, --system                  create a system account\n"
+#~ "  -s, --shell SHELL             the login shell for the new user account\n"
+#~ "  -u, --uid UID                 force use the UID for the new user "
+#~ "account\n"
+#~ "  -U, --user-group              create a group with the same name as the "
+#~ "user\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "用法：useradd [选项] 用户�\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --base-dir BASE_DIR\t新用户��家目录的主目录(base directory)\n"
+#~ "  -c, --comment 注释\t\t为新用户��设置“注释��\n"
+#~ "  -d, --home-dir HOME_DIR\t新用户��的家目录\n"
+#~ "  -D, --defaults\t\t打�或�存修改过的 useradd 默认设置\n"
+#~ "  -e, --expiredate EXPIRE_DATE\t设定�户过期的日期为 EXPIRE_DATE\n"
+#~ "  -f, --inactive INACTIVE\t过期 INACTIVE 天数�，设定密�为失效状�\n"
+#~ "  -g, --gid GROUP\t\t强制将新用户��的组设置为 GROUP\n"
+#~ "  -G, --groups GROUPS\t\t新用户��的补充组列表\n"
+#~ "  -h, --help\t\t\t显示此帮助信�并退出\n"
+#~ "  -k, --skel SKEL_DIR\t\t指定�一替代的 skel 目录\n"
+#~ "  -K, --key KEY=VALUE\t\t覆盖 /etc/login.defs 默认值\n"
+#~ "  -m, --create-home\t\t为新用户��创建家目录\n"
+#~ "  -o, --non-unique\t\t�许以��的(�唯一的) UID 创建用户\n"
+#~ "  -p, --password PASSWORD\t为新用户��设定加密过的密� (PASSWORD)\n"
+#~ "  -s, --shell SHELL\t\t新用户��的登录 shell\n"
+#~ "  -u, --uid UID\t\t\t强制将新用户��的 id 设为 UID\n"
+#~ "\n"
+
+#~ msgid "Password set to expire."
+#~ msgstr "已设定密�过期时间。"
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s：无法�定密�文件\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s：无法打开密�文件\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s：无法�定影�密�文件\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s：无法打开影�密�文件\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s：无法�写影�密�文件\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s：无法�写密�文件\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s：无法更新影�密�文件\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\t全�：%s\n"
+
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "\t房间��：%s\n"
+
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "\t工作电�：%s\n"
+
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "\t家庭电�：%s\n"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "无法�定密�文件；���试。\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "无法打开密�文件。\n"
+
+#~ msgid "%s: %s not found in /etc/passwd\n"
+#~ msgstr "%s：未在 /etc/passwd 中找到 %s\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "更改密��目时出错。\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "无法�交密�文件改动。\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "无法解�密�文件。\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s：无法�定组文件\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s：无法打开组文件\n"
+
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s：无法�定 gshadow 文件\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s：无法打开影�文件\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s：更新影�文件时出错。\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s：更新组�目时出错\n"
+
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s：第 %d 行：未知组 %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s：第 %d 行：无法更新�目\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s：无法�定影�文件\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s：更新影�文件时出错。\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s：更新密�文件时出错。\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s：第 %d 行：未知用户 %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s：第 %d 行：无法更新密��目\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s：未知用户\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "未知用户：%s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "用法：%s [-r|-R] 组\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "       %s [-a 用户] 组\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "       %s [-d 用户] 组\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "       %s [-A 用户,...] [-M 用户,...] 组\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "       %s [-M 用户,...] 组\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s：无法获得�\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s：无法获得影��\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s：无法打开文件\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s：无法�写影�文件\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s 无法解�文件。\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s：无法更新�目\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s：无法更新影��目\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "未知组：%s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s：无法打开文件\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s：无法打开影�文件\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "你是�？\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s：未知�员 %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s：增加新组�目时出错\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s：无法�写组文件\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s：无法�写影�组文件\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s：无法�定组文件\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s：无法打开组文件\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s：无法�定影�组文件\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s：无法打开影�组文件\n"
+
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s：GID %u 并�唯一\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s：删除组�目时出错\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s：删除影�组�目时出错\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s：�能删除用户的主组。\n"
+
+#~ msgid "Member to remove could not be found\n"
+#~ msgstr "没有找到�删除的�员\n"
+
+#~ msgid ""
+#~ "Usage: groupmems -a username | -d username | -D | -l [-g groupname]\n"
+#~ msgstr "用法：groupmems -a 用户� | -d 用户� | -D | -l [-g 组�]\n"
+
+#~ msgid "Only root can add members to different groups\n"
+#~ msgstr "�有 root 能���的组里添加�员\n"
+
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "PAM 验�失败于\n"
+
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "无法�定组文件\n"
+
+#~ msgid "Cannot close group file\n"
+#~ msgstr "无法关闭组文件\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s：未在 /etc/group 中找到 %s\n"
+
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s：%u �是一个独有的 GID\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s：%s �是一个独有的�称\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s：无法�写密�文件\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s：无法�定密�文件\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s：无法打开密�文件\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s：无法为 %s 更新影��目\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s：无法更新 %s 组的�目\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s：无法�定影�组文件\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s：无法打开影�组文件\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s：无法删除影�组 %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s：无法更新影�组文件\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s：无法删除影�组文件\n"
+
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "未知的 UID：%u\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "未知的 GID：%lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s：%s 组�存在\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s：用户 %s �存在\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s：无效的用户�“%s�\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s：无法�定 /etc/passwd。\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s：无法�定 /etc/passwd。\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s：无法�定 /etc/passwd。\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s：无法�定 /etc/passwd。\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s：无法打开文件\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s：更新文件出错\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s：无法为 %s 更新密��目\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s：无法�定密�文件\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s：无法打开密�文件\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s：无法为 %s 删除影��目\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s：无法更新密�文件\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s：�能更新用户 %s 的�目\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s：无法删除影�密�文件\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s：未知的 GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s：未知的组 %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s：update_gshadow 内存溢出\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s：无法�写密�文件\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s：无法�写影�密�文件\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s：无法�定影�密�文件\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s：无法打开影�密�文件\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s：�定组文件时出错\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s：打开组文件时出错\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s：�定影�组文件时出错\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s：打开影�组文件时出错\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s：加入新密�项时出错\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s：加入新影�密�项时出错\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s：警告：CREATE_HOME 未被支�，请使用 -m �数。\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s：更新组�目时出错\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s：更新组�目时出错\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s：无法打开组文件\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s：无法打开影�组文件\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s：删除密�项时出错\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s：删除影�密�项时出错\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s：增加新组�目时出错\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s：uid %lu �唯一\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s：改�密�项时出错\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s：删除密�项时出错\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s：删除影�密�项时出错\n"
+
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s：无法获�独有的 GID\n"
+
+#, fuzzy
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " 在“%.100s�上，�自“%.200s�"
+
+#, fuzzy
+#~ msgid " on '%.100s'"
+#~ msgstr "在“%.100s�上"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s：第 %d 行：无法创建 UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s：�称 %s 并�唯一\n"
+
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法：chpasswd [选项]\n"
+#~ "\n"
+#~ "选项：\n"
+#~ "  -e, --encrypted\t所�供的密�是加密过的\n"
+#~ "  -h, --help\t\t显示此帮助信�并退出\n"
+#~ "  -m, --md5\t\t如果所�供的密�尚未被加密，使用 MD5 而� DES 进行加密\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "没有密�文件\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "抱歉。\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "抱歉，无法更改 %s 的密�。\n"
+
+#~ msgid "Sorry."
+#~ msgstr "抱歉"
+
+#~ msgid "Usage: %s [-s shell] [name]\n"
+#~ msgstr "用法：%s [-s shell] [�称]\n"
+
+#~ msgid "Usage: groupmod [-g gid [-o]] [-n name] group\n"
+#~ msgstr "用法：groupmod [-g gid [-o]] [-n �称] 组\n"
+
+#~ msgid ""
+#~ "No group named \"mail\" exists, creating mail spool with mode 0600.\n"
+#~ msgstr "�存在��“mail�的组，将以 0600 的文件��创建邮件 spool。\n"
+
+#~ msgid "Can't create mail spool for user %s.\n"
+#~ msgstr "�能为用户 %s 创建邮件 spool。\n"
+
+#~ msgid "Usage: %s [-r] name\n"
+#~ msgstr "用法：%s [-r] �称\n"
+
+#~ msgid ""
+#~ "\n"
+#~ "Login incorrect\n"
+#~ msgstr ""
+#~ "\n"
+#~ "登录错误\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage:\n"
+#~ "`vipw' edits /etc/passwd        `vipw -s' edits /etc/shadow\n"
+#~ "`vigr' edits /etc/group         `vigr -s' edits /etc/gshadow\n"
+#~ "`{vipw|vigr} -q' quiet mode\n"
+#~ msgstr ""
+#~ "用法：\n"
+#~ "“vipw� 编辑 /etc/passwd      “vipw -s� 编辑 /etc/shadow\n"
+#~ "“vigr� 编辑 /etc/group       “vigr -s� 编辑 /etc/gshadow\n"
+
+#~ msgid "%s: PAM chauthtok failed\n"
+#~ msgstr "%s：PAM chauthtok 失败\n"
+
+#, fuzzy
+#~ msgid "Usage: %s\t[-u uid [-o]] [-g group] [[-G group,...] [-a]] \n"
+#~ msgstr "用法：%s\t[-u uid [-o]] [-g 组] [-G 组,...] \n"
+
+#~ msgid "\t\t[-d home [-m]] [-s shell] [-c comment] [-l new_name]\n"
+#~ msgstr "\t\t[-d 主目录 [-m]] [-s shell] [-c 注释] [-l 新�称]\n"
+
+#~ msgid "[-f inactive] [-e expire] "
+#~ msgstr "[-f 失效日] [-e 过期日] "
+
+#~ msgid "[-p passwd] [-L|-U] name\n"
+#~ msgstr "[-p 密�] [-L|-U] �称\n"
diff --git a/po/zh_TW.po b/po/zh_TW.po
new file mode 100644
index 0000000..d43bc13
--- /dev/null
+++ b/po/zh_TW.po
@@ -0,0 +1,3214 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# Asho S.Y. Yeg <asho@debian.org.tw>, 2004.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: shadow 4.0.9\n"
+"Report-Msgid-Bugs-To: pkg-shadow-devel@lists.alioth.debian.org\n"
+"POT-Creation-Date: 2016-09-18 14:03-0500\n"
+"PO-Revision-Date: 2005-06-02 22:20+0800\n"
+"Last-Translator: Asho Yeh <asho@debian.org.tw>\n"
+"Language-Team: Chinese (traditional) <zh-l10n@linux.org.tw>\n"
+"Language: zh_TW\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Poedit-Language: Chinese\n"
+"X-Poedit-Country: TAIWAN\n"
+
+#, c-format
+msgid ""
+"Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"
+msgstr ""
+
+#, c-format
+msgid "crypt method not supported by libcrypt? (%s)\n"
+msgstr ""
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%s'"
+msgstr ""
+
+msgid "Could not allocate space for config info.\n"
+msgstr "無法為設定訊��置空間。\n"
+
+#, c-format
+msgid "configuration error - unknown item '%s' (notify administrator)\n"
+msgstr "�置錯誤 - 未知項目“%s�(請通知管�員)\n"
+
+#, c-format
+msgid "%s: nscd did not terminate normally (signal %d)\n"
+msgstr ""
+
+#, c-format
+msgid "%s: nscd exited with status %d\n"
+msgstr ""
+
+msgid "Password: "
+msgstr "密碼："
+
+#, c-format
+msgid "%s's Password: "
+msgstr "%s 的密碼："
+
+#, c-format
+msgid "[libsemanage]: %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot create SELinux management handle\n"
+msgstr ""
+
+#, c-format
+msgid "SELinux policy not managed\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot read SELinux policy store\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot establish SELinux management connection\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot begin SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Could not query seuser for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set serange for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Could not allocate space for config info.\n"
+msgid "Could not set sename for %s\n"
+msgstr "無法為設定訊��置空間。\n"
+
+#, c-format
+msgid "Could not modify login mapping for %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Changing the aging information for %s\n"
+msgid "Cannot create SELinux login mapping for %s\n"
+msgstr "正在為 %s 修改年齡訊�\n"
+
+#, c-format
+msgid "Could not set name for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not set SELinux user for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Could not add login mapping for %s\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot init SELinux management\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "Cannot create SELinux user key\n"
+msgstr "%s：無法確定您的使用者�稱。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot verify the SELinux user\n"
+msgstr "%s：第 %d 行：無法找到使用者 %s\n"
+
+#, c-format
+msgid "Cannot modify SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot add SELinux user mapping\n"
+msgstr ""
+
+#, c-format
+msgid "Cannot commit SELinux transaction\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is not defined, OK if default mapping was used\n"
+msgstr ""
+
+#, c-format
+msgid "Login mapping for %s is defined in policy, cannot be deleted\n"
+msgstr ""
+
+#, c-format
+msgid "Could not delete login mapping for %s"
+msgstr ""
+
+#, c-format
+msgid "%s: out of memory\n"
+msgstr "%s：記憶體�足\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot stat %s: %s\n"
+msgstr "%s：無法更新檔案 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: %s is neither a directory, nor a symlink.\n"
+msgstr "%s：無效的主目錄“%s�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot read symbolic link %s: %s\n"
+msgstr "%s：無法將目錄 %s 改�為 %s\n"
+
+#, c-format
+msgid "%s: Suspiciously long symlink: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create directory %s: %s\n"
+msgstr "%s：無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owner of %s: %s\n"
+msgstr "%s：警告：無法刪除"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change mode of %s: %s\n"
+msgstr "%s：警告：無法刪除"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: unlink: %s: %s\n"
+msgstr "%s：更�：%s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove directory %s: %s\n"
+msgstr "%s：無法將目錄 %s 改�為 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot rename %s to %s: %s\n"
+msgstr "%s：無法將目錄 %s 改�為 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot remove %s: %s\n"
+msgstr "%s：警告：無法刪除"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create symbolic link %s: %s\n"
+msgstr "%s：無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: Cannot change owners of %s: %s\n"
+msgstr "%s：警告：無法刪除"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot lstat %s: %s\n"
+msgstr "%s：無法更新檔案 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update shadow file\n"
+msgid "%s: Warning, user %s has no tcb shadow file.\n"
+msgstr "%s：無法更新shadow檔案\n"
+
+#, c-format
+msgid ""
+"%s: Emergency: %s's tcb shadow is not a regular file with st_nlink=1.\n"
+"The account is left locked.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: mkdir: %s: %s\n"
+msgstr "%s：更�：%s"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: Cannot open %s: %s\n"
+msgstr "%s：無法打開檔案 %s\n"
+
+#, c-format
+msgid "Warning: unknown group %s\n"
+msgstr "警告：未知群組 %s\n"
+
+msgid "Warning: too many groups\n"
+msgstr "警告：使用者群組�多\n"
+
+msgid "Your password has expired."
+msgstr "您的密碼已�期。"
+
+msgid "Your password is inactive."
+msgstr "您的密碼已失效。"
+
+msgid "Your login has expired."
+msgstr "您的帳戶已�期。"
+
+msgid "  Contact the system administrator."
+msgstr "  請�繫系統管�員。"
+
+msgid "  Choose a new password."
+msgstr "  請�擇一個新密碼。"
+
+msgid "You must change your password."
+msgstr ""
+
+#, c-format
+msgid "Your password will expire in %ld days.\n"
+msgstr "您的密碼將在 %ld 天內�期。\n"
+
+msgid "Your password will expire tomorrow."
+msgstr "您的密碼將在明天�期。"
+
+msgid "Your password will expire today."
+msgstr "您的密碼今天�期。"
+
+msgid "Cannot open audit interface - aborting.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "Unable to change tty %s"
+msgid "Unable to change owner or mode of tty stdin: %s"
+msgstr "無法改變 tty %s"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to unlock %s\n"
+msgstr "%s：字段太長\n"
+
+#, fuzzy, c-format
+msgid "%s: "
+msgstr "passwd：%s\n"
+
+msgid ": "
+msgstr ""
+
+msgid "Environment overflow\n"
+msgstr "環境溢�\n"
+
+#, c-format
+msgid "You may not change $%s\n"
+msgstr "您�應該改變 $%s\n"
+
+#, c-format
+msgid ""
+"%d failure since last login.\n"
+"Last was %s on %s.\n"
+msgid_plural ""
+"%d failures since last login.\n"
+"Last was %s on %s.\n"
+msgstr[0] ""
+"�離上一次登錄已有 %d 次登錄失敗。\n"
+"最後一次是 %s 在 %s 上。\n"
+
+#, c-format
+msgid "%s: Invalid configuration: GID_MIN (%lu), GID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_GID_MIN (%lu), GID_MIN (%lu), SYS_GID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "failed to change mailbox owner"
+msgid "%s: failed to allocate memory: %s\n"
+msgstr "改變信箱所有者失敗"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system GID (no more available GIDs)\n"
+msgstr "%s：無法���有的 gid\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique GID (no more available GIDs)\n"
+msgstr "%s：無法���有的 gid\n"
+
+#, c-format
+msgid "%s: Invalid configuration: UID_MIN (%lu), UID_MAX (%lu)\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: Invalid configuration: SYS_UID_MIN (%lu), UID_MIN (%lu), SYS_UID_MAX "
+"(%lu)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique system UID (no more available UIDs)\n"
+msgstr "%s：無法���有的 gid\n"
+
+#, fuzzy, c-format
+msgid "%s: Can't get unique UID (no more available UIDs)\n"
+msgstr "%s：無法���有的 gid\n"
+
+msgid "Too many logins.\n"
+msgstr "�多登錄數�。\n"
+
+msgid "You have new mail."
+msgstr "您有新信件。"
+
+msgid "No mail."
+msgstr "無信件。"
+
+msgid "You have mail."
+msgstr "您有信件。"
+
+#, fuzzy
+msgid "no change"
+msgstr "%s：無改變\n"
+
+msgid "a palindrome"
+msgstr ""
+
+msgid "case changes only"
+msgstr ""
+
+msgid "too similar"
+msgstr ""
+
+msgid "too simple"
+msgstr ""
+
+msgid "rotated"
+msgstr ""
+
+msgid "too short"
+msgstr ""
+
+#, c-format
+msgid "Bad password: %s.  "
+msgstr "錯誤的密碼：%s。 "
+
+#, c-format
+msgid "passwd: pam_start() failed, error %d\n"
+msgstr "passwd: pam_start() 失敗，錯誤 %d\n"
+
+#, c-format
+msgid "passwd: %s\n"
+msgstr "passwd：%s\n"
+
+#, fuzzy
+#| msgid "Password changed."
+msgid "passwd: password unchanged\n"
+msgstr "密碼已更改。"
+
+msgid "passwd: password updated successfully\n"
+msgstr "passwd：密碼已�功地變更\n"
+
+#, fuzzy, c-format
+msgid "Incorrect password for %s.\n"
+msgstr "“%s�的密碼�正確\n"
+
+#, c-format
+msgid "%s: multiple --root options\n"
+msgstr ""
+
+#, c-format
+msgid "%s: option '%s' requires an argument\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to drop privileges (%s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid chroot path '%s'\n"
+msgstr "%s：無效的�家電話：“%s�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot access chroot directory %s: %s\n"
+msgstr "%s：無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: cannot chdir to chroot directory %s: %s\n"
+msgstr "%s：無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: unable to chroot to directory %s: %s\n"
+msgstr "%s：無法建立目錄 %s\n"
+
+#, c-format
+msgid ""
+"Invalid ENCRYPT_METHOD value: '%s'.\n"
+"Defaulting to DES.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "Unable to cd to '%s'\n"
+msgstr "無法進入“%s�目錄\n"
+
+msgid "No directory, logging in with HOME=/"
+msgstr "沒有目錄，將以 HOME=/ 登入"
+
+#, c-format
+msgid "Cannot execute %s"
+msgstr "無法執行 %s"
+
+#, fuzzy, c-format
+msgid "Invalid root directory '%s'\n"
+msgstr "無效的根目錄“%s�\n"
+
+#, fuzzy, c-format
+msgid "Can't change root directory to '%s'\n"
+msgstr "無法將根目錄改變為“%s�\n"
+
+#, fuzzy
+msgid "Unable to determine your tty name."
+msgstr "%s：無法確定您的使用者�稱。\n"
+
+#, fuzzy
+msgid "No"
+msgstr "�消"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"\n"
+"Options:\n"
+msgstr "用法：%s [輸入]\n"
+
+msgid ""
+"  -d, --lastday LAST_DAY        set date of last password change to "
+"LAST_DAY\n"
+msgstr ""
+
+msgid ""
+"  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid "  -h, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid ""
+"  -I, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -l, --list                    show account aging information\n"
+msgstr ""
+
+msgid ""
+"  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "  -R, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid ""
+"  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid "Enter the new value, or press ENTER for the default"
+msgstr "請輸入新值，或直接按 ENTER �以使用�設值"
+
+msgid "Minimum Password Age"
+msgstr "密碼期�最�值"
+
+msgid "Maximum Password Age"
+msgstr "密碼期�最大值"
+
+msgid "Last Password Change (YYYY-MM-DD)"
+msgstr "最近一次密碼修改時間 (YYYY-MM-DD)"
+
+msgid "Password Expiration Warning"
+msgstr "密碼�期警告"
+
+msgid "Password Inactive"
+msgstr "密碼失效"
+
+msgid "Account Expiration Date (YYYY-MM-DD)"
+msgstr "帳戶�期時間 (YYYY-MM-DD)"
+
+msgid "Last password change\t\t\t\t\t: "
+msgstr "最近一次密碼修改時間\t\t\t\t\t："
+
+msgid "never"
+msgstr "從�"
+
+msgid "password must be changed"
+msgstr "密碼已更改。"
+
+msgid "Password expires\t\t\t\t\t: "
+msgstr "密碼�期\t\t\t\t\t："
+
+msgid "Password inactive\t\t\t\t\t: "
+msgstr "密碼失效\t\t\t\t\t："
+
+msgid "Account expires\t\t\t\t\t\t: "
+msgstr "帳戶�期\t\t\t\t\t："
+
+#, c-format
+msgid "Minimum number of days between password change\t\t: %ld\n"
+msgstr "最少必須相隔幾天�能改變密碼\t\t\t\t：%ld\n"
+
+#, c-format
+msgid "Maximum number of days between password change\t\t: %ld\n"
+msgstr "最多必須相隔幾天�能改變密碼\t\t\t\t：%ld\n"
+
+#, c-format
+msgid "Number of days of warning before password expires\t: %ld\n"
+msgstr "在密碼將��期之�多少天會發出警告\t\t\t\t：%ld\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid date '%s'\n"
+msgstr "%s：無效日期“%s�\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid numeric argument '%s'\n"
+msgstr "%s：無效的數字�數“%s�\n"
+
+#, c-format
+msgid "%s: do not include \"l\" with other flags\n"
+msgstr "%s：請��與其它標誌一�使用“l�\n"
+
+#, c-format
+msgid "%s: Permission denied.\n"
+msgstr "%s：權�被拒。\n"
+
+#, c-format
+msgid "%s: Cannot determine your user name.\n"
+msgstr "%s：無法確定您的使用者�稱。\n"
+
+#, fuzzy, c-format
+msgid "%s: PAM: %s\n"
+msgstr "passwd：%s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't lock files, try again later\n"
+msgid "%s: cannot lock %s; try again later.\n"
+msgstr "%s：無法鎖定檔案，請�後�試。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot open %s\n"
+msgstr "%s：無法打開檔案 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while writing changes to %s\n"
+msgstr "%s：無效的工作電話：“%s�\n"
+
+#, c-format
+msgid "%s: failed to prepare the new %s entry '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: the shadow password file is not present\n"
+msgstr "%s：無法打開影�密碼文件\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist in %s\n"
+msgstr "%s：使用者 %s �存在\n"
+
+#, c-format
+msgid "Changing the aging information for %s\n"
+msgstr "正在為 %s 修改年齡訊�\n"
+
+#, c-format
+msgid "%s: error changing fields\n"
+msgstr "%s：改變字段時出錯\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+msgstr "用法：%s [輸入]\n"
+
+msgid "  -f, --full-name FULL_NAME     change user's full name\n"
+msgstr ""
+
+msgid "  -h, --home-phone HOME_PHONE   change user's home phone number\n"
+msgstr ""
+
+msgid "  -o, --other OTHER_INFO        change user's other GECOS information\n"
+msgstr ""
+
+msgid "  -r, --room ROOM_NUMBER        change user's room number\n"
+msgstr ""
+
+msgid "  -u, --help                    display this help message and exit\n"
+msgstr ""
+
+msgid "  -w, --work-phone WORK_PHONE   change user's office phone number\n"
+msgstr ""
+
+msgid "Full Name"
+msgstr "全�"
+
+#, fuzzy, c-format
+msgid "\t%s: %s\n"
+msgstr "passwd：%s\n"
+
+msgid "Room Number"
+msgstr "房間號碼"
+
+msgid "Work Phone"
+msgstr "工作電話"
+
+msgid "Home Phone"
+msgstr "�家電話"
+
+msgid "Other"
+msgstr "其它"
+
+msgid "Cannot change ID to root.\n"
+msgstr "無法改變 ID � root。\n"
+
+#, c-format
+msgid "%s: name with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid name: '%s'\n"
+msgstr "%s：無效的�稱：“%s�\n"
+
+#, c-format
+msgid "%s: room number with non-ASCII characters: '%s'\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid room number: '%s'\n"
+msgstr "%s：無效的房間號碼：“%s�\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid work phone: '%s'\n"
+msgstr "%s：無效的工作電話：“%s�\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid home phone: '%s'\n"
+msgstr "%s：無效的�家電話：“%s�\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' contains non-ASCII characters\n"
+msgstr "%s：“%s�包�無效字元\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' contains illegal characters\n"
+msgstr "%s：“%s�包�無效字元\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' does not exist\n"
+msgstr "%s：使用者 %s �存在\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot change user '%s' on NIS client.\n"
+msgstr "%s：�能在 NIS 用戶端上修改使用者“%s�。\n"
+
+#, fuzzy, c-format
+msgid "%s: '%s' is the NIS master for this client.\n"
+msgstr "%s：“%s�是用戶端的 NIS 管�員。\n"
+
+#, c-format
+msgid "Changing the user information for %s\n"
+msgstr "正在改變 %s 的使用者訊�\n"
+
+#, c-format
+msgid "%s: fields too long\n"
+msgstr "%s：字段太長\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options]\n"
+"\n"
+"Options:\n"
+msgstr "用法：%s [輸入]\n"
+
+#, c-format
+msgid "  -c, --crypt-method METHOD     the crypt method (one of %s)\n"
+msgstr ""
+
+msgid "  -e, --encrypted               supplied passwords are encrypted\n"
+msgstr ""
+
+msgid ""
+"  -m, --md5                     encrypt the clear text password using\n"
+"                                the MD5 algorithm\n"
+msgstr ""
+
+msgid ""
+"  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+"                                crypt algorithms\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: do not include \"l\" with other flags\n"
+msgid "%s: %s flag is only allowed with the %s flag\n"
+msgstr "%s：請��與其它標誌一�使用“l�\n"
+
+#, c-format
+msgid "%s: the -c, -e, and -m flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: unsupported crypt method: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: line %d: line too long\n"
+msgstr "%s：第 %d 行：此行太長\n"
+
+#, c-format
+msgid "%s: line %d: missing new password\n"
+msgstr "%s：第 %d 行：缺少新密碼\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with salt '%s': %s\n"
+msgstr "%s：無效的工作電話：“%s�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: line %d: group '%s' does not exist\n"
+msgstr "%s：%s 群組�存在\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: line %d: failed to prepare the new %s entry '%s'\n"
+msgstr "%s：第 %d 行：無法更新項目\n"
+
+#, c-format
+msgid "%s: error detected, changes ignored\n"
+msgstr "%s：發�錯誤，忽略更動\n"
+
+#, fuzzy, c-format
+msgid "%s: (line %d, user %s) password not changed\n"
+msgstr "%s：使用者 %s �存在\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist\n"
+msgstr "%s：使用者 %s �存在\n"
+
+msgid "  -s, --shell SHELL             new login shell for the user account\n"
+msgstr ""
+
+msgid "Login Shell"
+msgstr "登入 Shell"
+
+#, fuzzy, c-format
+#| msgid "You may not change the shell for %s.\n"
+msgid "You may not change the shell for '%s'.\n"
+msgstr "您�能為 %s 更改 shell。\n"
+
+#, c-format
+msgid "Changing the login shell for %s\n"
+msgstr "正在更改 %s 的 shell\n"
+
+#, c-format
+msgid "%s: Invalid entry: %s\n"
+msgstr "%s：無效的項目：%s\n"
+
+#, fuzzy, c-format
+#| msgid "%s is an invalid shell.\n"
+msgid "%s: %s is an invalid shell\n"
+msgstr "%s 是無效的 shell。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s does not exist\n"
+msgid "%s: Warning: %s does not exist\n"
+msgstr "%s：使用者 %s �存在\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: %s not owned by %s\n"
+msgid "%s: Warning: %s is not executable\n"
+msgstr "%s：警告：%s �屬於 %s\n"
+
+msgid "  -c, --check                   check the user's password expiration\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force password change if the user's "
+"password\n"
+"                                is expired\n"
+msgstr ""
+
+#, c-format
+msgid "%s: options %s and %s conflict\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: unexpected argument: %s\n"
+msgstr "%s：無效的數字�數“%s�\n"
+
+msgid "  -a, --all                     display faillog records for all users\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock-secs SEC           after failed login lock account for SEC "
+"seconds\n"
+msgstr ""
+
+msgid ""
+"  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+msgstr ""
+
+msgid "  -r, --reset                   reset the counters of login failures\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               display faillog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+"                                counters and limits (if used with -r, -m,\n"
+"                                or -l) only for the specified LOGIN(s)\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to get the entry for UID %lu\n"
+msgstr "%s：無法建立目錄 %s\n"
+
+msgid "Login       Failures Maximum Latest                   On\n"
+msgstr "登入        失敗     最多    最後                     在\n"
+
+#, fuzzy, c-format
+#| msgid " [%lds left]"
+msgid " [%lus left]"
+msgstr " [還剩 %lds]"
+
+#, c-format
+msgid " [%lds lock]"
+msgstr " [鎖定 %lds]"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to reset fail count for UID %lu\n"
+msgstr "%s：無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to set max for UID %lu\n"
+msgstr "%s：無效的工作電話：“%s�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to set locktime for UID %lu\n"
+msgstr "%s：無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Unknown user or range: %s\n"
+msgstr "未知使用者：%s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot get the size of %s: %s\n"
+msgstr "%s：無法將目錄 %s 改�為 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: Failed to write %s: %s\n"
+msgstr "%s：無效的工作電話：“%s�\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [option] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "用法：%s [輸入]\n"
+
+msgid "  -a, --add USER                add USER to GROUP\n"
+msgstr ""
+
+msgid "  -d, --delete USER             remove USER from GROUP\n"
+msgstr ""
+
+msgid "  -Q, --root CHROOT_DIR         directory to chroot into\n"
+msgstr ""
+
+msgid "  -r, --remove-password         remove the GROUP's password\n"
+msgstr ""
+
+msgid ""
+"  -R, --restrict                restrict access to GROUP to its members\n"
+msgstr ""
+
+msgid "  -M, --members USER,...        set the list of members of GROUP\n"
+msgstr ""
+
+msgid ""
+"  -A, --administrators ADMIN,...\n"
+"                                set the list of administrators for GROUP\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "Except for the -A and -M options, the options cannot be combined.\n"
+msgstr "無法更改 %s 的密碼。\n"
+
+#, fuzzy
+#| msgid "The password for %s cannot be changed.\n"
+msgid "The options cannot be combined.\n"
+msgstr "無法更改 %s 的密碼。\n"
+
+#, c-format
+msgid "%s: shadow group passwords required for -A\n"
+msgstr "%s：-A 需�shadow群組密碼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist in %s\n"
+msgstr "%s：%s 群組�存在\n"
+
+#, fuzzy, c-format
+msgid "%s: failure while closing read-only %s\n"
+msgstr "%s：無效的工作電話：“%s�\n"
+
+#, c-format
+msgid "Changing the password for group %s\n"
+msgstr "正在修改 %s 群組的密碼\n"
+
+msgid "New Password: "
+msgstr "新密碼："
+
+msgid "Re-enter new password: "
+msgstr "請�新輸入新密碼："
+
+msgid "They don't match; try again"
+msgstr "他們並�匹�﹔請�試"
+
+#, c-format
+msgid "%s: Try again later\n"
+msgstr "%s：請�後�試\n"
+
+#, c-format
+msgid "Adding user %s to group %s\n"
+msgstr "正在將使用者“%s�加入到“%s�群組中\n"
+
+#, c-format
+msgid "Removing user %s from group %s\n"
+msgstr "正在將使用者“%s�從“%s�群組中刪除\n"
+
+#, fuzzy, c-format
+msgid "%s: user '%s' is not a member of '%s'\n"
+msgstr "%s：使用者 %s �存在\n"
+
+#, c-format
+msgid "%s: Not a tty\n"
+msgstr "%s：�是 tty\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] GROUP\n"
+"\n"
+"Options:\n"
+msgstr "用法：%s [輸入]\n"
+
+msgid ""
+"  -f, --force                   exit successfully if the group already "
+"exists,\n"
+"                                and cancel -g if the GID is already used\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 use GID for the new group\n"
+msgstr ""
+
+msgid "  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create groups with duplicate\n"
+"                                (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use this encrypted password for the new "
+"group\n"
+msgstr ""
+
+msgid "  -r, --system                  create a system account\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: %s is not a valid group name\n"
+msgid "%s: '%s' is not a valid group name\n"
+msgstr "%s：%s �是有效的群組�\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid group ID '%s'\n"
+msgstr "無效的群組�“%s�\n"
+
+#, fuzzy, c-format
+msgid "%s: -K requires KEY=VALUE\n"
+msgstr "%s：-O 需� NAME=VALUE\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s exists\n"
+msgid "%s: group '%s' already exists\n"
+msgstr "%s：%s 群組已存在\n"
+
+#, c-format
+msgid "%s: GID '%lu' already exists\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: Cannot determine your user name.\n"
+msgid "%s: Cannot setup cleanup service.\n"
+msgstr "%s：無法確定您的使用者�稱。\n"
+
+msgid ""
+"  -f, --force                   delete group even if it is the primary group "
+"of a user\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry '%s' from %s\n"
+msgstr "%s：無法將目錄 %s 改�為 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot remove the primary group of user '%s'\n"
+msgstr "%s：�能在 NIS 用戶端上修改使用者“%s�。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: group %s does not exist\n"
+msgid "%s: group '%s' does not exist\n"
+msgstr "%s：%s 群組�存在\n"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group\n"
+msgstr "%s：“%s�群組是一個 NIS 群組。\n"
+
+#, c-format
+msgid "%s: %s is the NIS master\n"
+msgstr "%s：%s 是 NIS 管�員\n"
+
+#, fuzzy, c-format
+#| msgid "%s: user %s is a NIS user\n"
+msgid "%s: user '%s' is already a member of '%s'\n"
+msgstr "%s：使用者 %s 是 NIS 使用者\n"
+
+#, fuzzy, c-format
+msgid "%s: Out of memory. Cannot update %s.\n"
+msgstr "%s：update_group 時記憶體�足\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [action]\n"
+"\n"
+"Options:\n"
+msgstr "用法：%s [輸入]\n"
+
+msgid ""
+"  -g, --group groupname         change groupname instead of the user's "
+"group\n"
+"                                (root only)\n"
+msgstr ""
+
+msgid "\n"
+msgstr ""
+
+msgid "Actions:\n"
+msgstr ""
+
+msgid ""
+"  -a, --add username            add username to the members of the group\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete username         remove username from the members of the "
+"group\n"
+msgstr ""
+
+msgid "  -p, --purge                   purge all members from the group\n"
+msgstr ""
+
+msgid "  -l, --list                    list the members of the group\n"
+msgstr ""
+
+#, c-format
+msgid "%s: your groupname does not match your username\n"
+msgstr ""
+
+#, c-format
+msgid "%s: only root can use the -g/--group option\n"
+msgstr ""
+
+msgid "  -g, --gid GID                 change the group ID to GID\n"
+msgstr ""
+
+msgid "  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       change the password to this (encrypted)\n"
+"                                PASSWORD\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid group name '%s'\n"
+msgstr "無效的群組�“%s�\n"
+
+#, c-format
+msgid "%s: group %s is a NIS group\n"
+msgstr "%s：%s 群組是一個 NIS 群組\n"
+
+#, c-format
+msgid "%s: unknown user %s\n"
+msgstr "%s：未知使用者：%s\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group [gshadow]]\n"
+"\n"
+"Options:\n"
+msgstr "用法：%s [輸入]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [group]\n"
+"\n"
+"Options:\n"
+msgstr "用法：%s [輸入]\n"
+
+msgid ""
+"  -r, --read-only               display errors and warnings\n"
+"                                but do not change files\n"
+msgstr ""
+
+msgid "  -s, --sort                    sort entries by UID\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: -s and -r are incompatibile\n"
+msgid "%s: -s and -r are incompatible\n"
+msgstr "%s：-s 和 -r 是互�相容的\n"
+
+msgid "invalid group file entry"
+msgstr "無效的群組檔案項目"
+
+#, fuzzy, c-format
+msgid "delete line '%s'? "
+msgstr "刪除“%s�行？\""
+
+msgid "duplicate group entry"
+msgstr "複製群組項目"
+
+#, fuzzy, c-format
+msgid "invalid group name '%s'\n"
+msgstr "無效的群組�“%s�\n"
+
+#, fuzzy, c-format
+msgid "invalid group ID '%lu'\n"
+msgstr "無效的群組�“%s�\n"
+
+#, c-format
+msgid "group %s: no user %s\n"
+msgstr "%s 群組：無使用者 %s\n"
+
+#, fuzzy, c-format
+msgid "delete member '%s'? "
+msgstr "刪除使用者�員“%s�嗎？"
+
+#, fuzzy, c-format
+msgid "no matching group file entry in %s\n"
+msgstr "沒有找到匹�的群組檔案項目\n"
+
+#, fuzzy, c-format
+msgid "add group '%s' in %s? "
+msgstr "%s shadow群組：無使用者 %s\n"
+
+#, c-format
+msgid ""
+"group %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow group file entry"
+msgstr "無效的shadow群組檔案項目"
+
+msgid "duplicate shadow group entry"
+msgstr "複製shadow群組項目"
+
+#, c-format
+msgid "shadow group %s: no administrative user %s\n"
+msgstr "%s shadow群組：無系統管�者 %s\n"
+
+#, fuzzy, c-format
+msgid "delete administrative member '%s'? "
+msgstr "刪除系統管�者“%s�嗎？"
+
+#, c-format
+msgid "shadow group %s: no user %s\n"
+msgstr "%s shadow群組：無使用者 %s\n"
+
+#, c-format
+msgid "%s: the files have been updated\n"
+msgstr "%s：檔案已被更新\n"
+
+#, c-format
+msgid "%s: no changes\n"
+msgstr "%s：無改變\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: cannot delete %s\n"
+msgstr "%s：無法更新檔案 %s\n"
+
+msgid "Usage: id [-a]\n"
+msgstr "用法：id [-a]\n"
+
+msgid "Usage: id\n"
+msgstr "用法：id\n"
+
+msgid " groups="
+msgstr " 群組="
+
+msgid ""
+"  -b, --before DAYS             print only lastlog records older than DAYS\n"
+msgstr ""
+
+msgid ""
+"  -C, --clear                   clear lastlog record of an user (usable only "
+"with -u)\n"
+msgstr ""
+
+msgid ""
+"  -S, --set                     set lastlog record to current time (usable "
+"only with -u)\n"
+msgstr ""
+
+msgid ""
+"  -t, --time DAYS               print only lastlog records more recent than "
+"DAYS\n"
+msgstr ""
+
+msgid ""
+"  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"
+msgstr ""
+
+msgid "Username         Port     From             Latest"
+msgstr "使用者�         埠號     來自             最後登入時間"
+
+msgid "Username                Port     Latest"
+msgstr "使用者�                  埠號     最後登入時間"
+
+msgid "**Never logged in**"
+msgstr "**從未登入�**"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to update the entry for UID %lu\n"
+msgstr "%s：無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update password file\n"
+msgid "%s: Failed to update the lastlog file\n"
+msgstr "%s：無法更新密碼檔案\n"
+
+#, c-format
+msgid "%s: Option -C cannot be used together with option -S\n"
+msgstr ""
+
+#, c-format
+msgid "%s: Options -C and -S require option -u to specify the user\n"
+msgstr ""
+
+#, c-format
+msgid "Usage: %s [-p] [name]\n"
+msgstr "用法：%s [-p] [�稱]\n"
+
+#, c-format
+msgid "       %s [-p] [-h host] [-f name]\n"
+msgstr "       %s [-p] [-h 主機] [-f �稱]\n"
+
+#, c-format
+msgid "       %s [-p] -r host\n"
+msgstr "       %s [-p] -r 主機\n"
+
+#, c-format
+msgid "configuration error - cannot parse %s value: '%d'"
+msgstr ""
+
+msgid "Invalid login time"
+msgstr "無效的登入時間"
+
+msgid ""
+"\n"
+"System closed for routine maintenance"
+msgstr ""
+"\n"
+"系統關閉，例行維護"
+
+msgid ""
+"\n"
+"[Disconnect bypassed -- root login allowed.]"
+msgstr ""
+"\n"
+"[忽略斷線�求 -- �許 root 登入。]"
+
+#, c-format
+msgid "%s: Cannot possibly work without effective root\n"
+msgstr ""
+
+msgid "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "Login timed out after %d seconds.\n"
+msgid ""
+"\n"
+"Login timed out after %u seconds.\n"
+msgstr ""
+"\n"
+"登入逾時 %d 秒\n"
+
+#, c-format
+msgid "login: PAM Failure, aborting: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s login: "
+msgstr ""
+"\n"
+" %s 使用者�稱："
+
+#, fuzzy
+msgid "login: "
+msgstr ""
+"\n"
+" %s 使用者�稱："
+
+#, fuzzy, c-format
+msgid "Maximum number of tries exceeded (%u)\n"
+msgstr "最多必須相隔幾天�能改變密碼\t\t\t\t：%ld\n"
+
+msgid "login: abort requested by PAM\n"
+msgstr ""
+
+msgid "Login incorrect"
+msgstr "登入錯誤"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: cannot find user %s\n"
+msgid "Cannot find user (%s)\n"
+msgstr "%s：第 %d 行：無法找到使用者 %s\n"
+
+#, c-format
+msgid ""
+"\n"
+"%s login: "
+msgstr ""
+"\n"
+" %s 使用者�稱："
+
+#, c-format
+msgid "%s: failure forking: %s"
+msgstr ""
+
+#, c-format
+msgid "TIOCSCTTY failed on %s"
+msgstr ""
+
+msgid "Warning: login re-enabled after temporary lockout."
+msgstr "警告：在短暫的鎖定後將�復登入。"
+
+#, c-format
+msgid "Last login: %s on %s"
+msgstr "上次登入：%s 在 %s 上"
+
+#, c-format
+msgid "Last login: %.19s on %s"
+msgstr "上次登入：%.19s 在 %s 上"
+
+#, c-format
+msgid " from %.*s"
+msgstr " 來自 %.*s"
+
+msgid ""
+"login time exceeded\n"
+"\n"
+msgstr ""
+
+#, fuzzy
+#| msgid "Usage: id\n"
+msgid "Usage: logoutd\n"
+msgstr "用法：id\n"
+
+msgid "Usage: newgrp [-] [group]\n"
+msgstr "用法：newgrp [-] [群組]\n"
+
+msgid "Usage: sg group [[-c] command]\n"
+msgstr "用法：sg 群組 [[-c] 命令]\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to crypt password with previous salt: %s\n"
+msgstr "%s：無效的工作電話：“%s�\n"
+
+#, fuzzy
+msgid "Invalid password.\n"
+msgstr "舊密碼："
+
+#, fuzzy, c-format
+msgid "%s: failure forking: %s\n"
+msgstr "%s：無效的工作電話：“%s�\n"
+
+#, fuzzy, c-format
+msgid "%s: GID '%lu' does not exist\n"
+msgstr "%s：使用者 %s �存在\n"
+
+msgid "too many groups\n"
+msgstr "使用者群組�多\n"
+
+msgid "  -r, --system                  create system accounts\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a shadow group, but does not exist in /etc/group\n"
+msgstr "%s：%s 群組�存在\n"
+
+#, fuzzy, c-format
+#| msgid "%s: invalid user name '%s'\n"
+msgid "%s: invalid user ID '%s'\n"
+msgstr "%s：無效使用者�稱“%s�\n"
+
+#, c-format
+msgid "%s: invalid user name '%s'\n"
+msgstr "%s：無效使用者�稱“%s�\n"
+
+#, c-format
+msgid "%s: line %d: invalid line\n"
+msgstr "%s：第 %d 行：無效行\n"
+
+#, fuzzy, c-format
+msgid "%s: cannot update the entry of user %s (not in the passwd database)\n"
+msgstr "%s：�能更新使用者 %s 的項目\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create user\n"
+msgstr "%s：第 %d 行：無法建立 GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: can't create group\n"
+msgstr "%s：第 %d 行：無法建立 GID\n"
+
+#, fuzzy, c-format
+msgid "%s: line %d: user '%s' does not exist in %s\n"
+msgstr "%s：使用者 %s �存在\n"
+
+#, c-format
+msgid "%s: line %d: can't update password\n"
+msgstr "%s：第 %d 行：無法更新密碼\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: mkdir failed\n"
+msgid "%s: line %d: mkdir %s failed: %s\n"
+msgstr "%s：第 %d 行：建立目錄失敗\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line %d: chown %s failed: %s\n"
+msgstr "%s：第 %d 行：改變�有者或群組失敗\n"
+
+#, c-format
+msgid "%s: line %d: can't update entry\n"
+msgstr "%s：第 %d 行：無法更新項目\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: failed to prepare new %s entry\n"
+msgstr "%s：第 %d 行：無法更新項目\n"
+
+#, fuzzy, c-format
+msgid "%s: can't find subordinate user range\n"
+msgstr "%s：無法建立 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't update group file\n"
+msgid "%s: can't find subordinate group range\n"
+msgstr "%s 無法更新群組檔案\n"
+
+msgid ""
+"  -a, --all                     report password status on all accounts\n"
+msgstr ""
+
+msgid ""
+"  -d, --delete                  delete the password for the named account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expire                  force expire the password for the named "
+"account\n"
+msgstr ""
+
+msgid "  -k, --keep-tokens             change password only if expired\n"
+msgstr ""
+
+msgid ""
+"  -i, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid ""
+"  -l, --lock                    lock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+"                                change to MIN_DAYS\n"
+msgstr ""
+
+msgid "  -q, --quiet                   quiet mode\n"
+msgstr ""
+
+msgid ""
+"  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+msgstr ""
+
+msgid ""
+"  -S, --status                  report password status on the named account\n"
+msgstr ""
+
+msgid ""
+"  -u, --unlock                  unlock the password of the named account\n"
+msgstr ""
+
+msgid ""
+"  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+msgstr ""
+
+msgid ""
+"  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+"                                change to MAX_DAYS\n"
+msgstr ""
+
+msgid "Old password: "
+msgstr "舊密碼："
+
+#, fuzzy, c-format
+msgid ""
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"請輸入新密碼(最少 %d 最多 %d 個字元)\n"
+"請混�使用大�寫字�和數字。\n"
+
+#, c-format
+msgid ""
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"
+msgstr ""
+"請輸入新密碼(最少 %d 最多 %d 個字元)\n"
+"請混�使用大�寫字�和數字。\n"
+
+msgid "New password: "
+msgstr "新密碼："
+
+msgid "Try again."
+msgstr "�試。"
+
+msgid ""
+"\n"
+"Warning: weak password (enter it again to use it anyway)."
+msgstr ""
+"\n"
+"警告：脆弱的密碼(�新輸入以強制使用它)。"
+
+msgid "They don't match; try again.\n"
+msgstr "他們並�匹�﹔請�試。\n"
+
+#, c-format
+msgid "The password for %s cannot be changed.\n"
+msgstr "無法更改 %s 的密碼。\n"
+
+#, fuzzy, c-format
+msgid "The password for %s cannot be changed yet.\n"
+msgstr "無法更改 %s 的密碼。\n"
+
+#, c-format
+msgid ""
+"%s: unlocking the password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock the password of this "
+"account.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: repository %s not supported\n"
+msgstr "%s：�支� %s 套件存庫。\n"
+
+#, c-format
+msgid "%s: %s is not authorized to change the password of %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: You may not view or modify password information for %s.\n"
+msgstr "%s：您無法替 %s 檢視或修改密碼資訊。\n"
+
+#, c-format
+msgid "Changing password for %s\n"
+msgstr "正在為 %s 修改密碼\n"
+
+#, c-format
+msgid "The password for %s is unchanged.\n"
+msgstr "%s 的密碼未被改變。\n"
+
+#, fuzzy, c-format
+#| msgid "Password changed."
+msgid "%s: password changed.\n"
+msgstr "密碼已更改。"
+
+#, fuzzy, c-format
+#| msgid "Password Expiration Warning"
+msgid "%s: password expiry information changed.\n"
+msgstr "密碼�期警告"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd]\n"
+"\n"
+"Options:\n"
+msgstr "用法：%s [輸入]\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] [passwd [shadow]]\n"
+"\n"
+"Options:\n"
+msgstr "用法：%s [輸入]\n"
+
+msgid "  -q, --quiet                   report errors only\n"
+msgstr ""
+
+#, c-format
+msgid "%s: no alternative shadow file allowed when USE_TCB is enabled.\n"
+msgstr ""
+
+msgid "invalid password file entry"
+msgstr "無效的密碼檔案項目"
+
+msgid "duplicate password entry"
+msgstr "�復的密碼項目"
+
+#, c-format
+msgid "invalid user name '%s'\n"
+msgstr "無效的使用者�稱“%s�\n"
+
+#, fuzzy, c-format
+#| msgid "invalid user name '%s'\n"
+msgid "invalid user ID '%lu'\n"
+msgstr "無效的使用者�稱“%s�\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: no group %u\n"
+msgid "user '%s': no group %lu\n"
+msgstr "使用者 %s：無 %u 群組\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: directory %s does not exist\n"
+msgid "user '%s': directory '%s' does not exist\n"
+msgstr "使用者 %s：目錄 %s �存在\n"
+
+#, fuzzy, c-format
+#| msgid "user %s: program %s does not exist\n"
+msgid "user '%s': program '%s' does not exist\n"
+msgstr "使用者 %s：程� %s �存在\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "no tcb directory for %s\n"
+msgstr "%s：無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "create tcb directory for %s?"
+msgstr "%s：無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "failed to create tcb directory for %s\n"
+msgstr "%s：無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: cannot lock %s.\n"
+msgstr "%s：無法鎖定檔案 %s\n"
+
+#, fuzzy, c-format
+msgid "no matching password file entry in %s\n"
+msgstr "無匹�的密碼檔案項目\n"
+
+#, fuzzy, c-format
+msgid "add user '%s' in %s? "
+msgstr "%s shadow群組：無使用者 %s\n"
+
+#, c-format
+msgid ""
+"user %s has an entry in %s, but its password field in %s is not set to 'x'\n"
+msgstr ""
+
+msgid "invalid shadow password file entry"
+msgstr "無效的shadow密碼檔案項目"
+
+msgid "duplicate shadow password entry"
+msgstr "�復的shadow密碼項目"
+
+#, c-format
+msgid "user %s: last password change in the future\n"
+msgstr "使用者 %s：最近一次密碼更動\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: cannot sort entries in %s\n"
+msgstr "%s：無法打開檔案 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: can't re-write file\n"
+msgid "%s: can't work with tcb enabled\n"
+msgstr "%s：無法�寫檔案\n"
+
+#, c-format
+msgid "%s: failed to change the mode of %s to 0600\n"
+msgstr ""
+
+msgid "Access to su to that account DENIED.\n"
+msgstr "su 到該帳戶被拒。\n"
+
+msgid "Password authentication bypassed.\n"
+msgstr "忽略密碼�証\n"
+
+msgid "Please enter your OWN password as authentication.\n"
+msgstr "請輸入您自己的密碼作為驗証。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot lock file %s\n"
+msgid "%s: Cannot fork user shell\n"
+msgstr "%s：無法鎖定檔案 %s\n"
+
+#, c-format
+msgid "%s: signal malfunction\n"
+msgstr ""
+
+#, c-format
+msgid "%s: signal masking malfunction\n"
+msgstr ""
+
+msgid "Session terminated, terminating shell..."
+msgstr ""
+
+msgid " ...killed.\n"
+msgstr ""
+
+msgid " ...waiting for child to terminate.\n"
+msgstr ""
+
+msgid " ...terminated.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: %s\n"
+msgstr "passwd：%s\n"
+
+msgid ""
+"Usage: su [options] [LOGIN]\n"
+"\n"
+"Options:\n"
+"  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+"  -h, --help                    display this help message and exit\n"
+"  -, -l, --login                make the shell a login shell\n"
+"  -m, -p,\n"
+"  --preserve-environment        do not reset environment variables, and\n"
+"                                keep the same shell\n"
+"  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+"\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: %s\n"
+"(Ignored)\n"
+msgstr ""
+"%s：%s\n"
+"(忽略)\n"
+
+#, c-format
+msgid "You are not authorized to su %s\n"
+msgstr "您沒有被授權 su %s\n"
+
+msgid "(Enter your own password)"
+msgstr "(請輸入您自己的密碼)"
+
+#, fuzzy, c-format
+#| msgid "%s: PAM authentication failed\n"
+msgid "%s: Authentication failure\n"
+msgstr "%s：PAM 驗証失敗\n"
+
+#, fuzzy, c-format
+#| msgid "You are not authorized to su %s\n"
+msgid "%s: You are not authorized to su at that time\n"
+msgstr "您沒有被授權 su %s\n"
+
+#, fuzzy, c-format
+#| msgid "No password entry for 'root'"
+msgid "No passwd entry for user '%s'\n"
+msgstr "沒有“root�的密碼項目"
+
+#, c-format
+msgid "%s: must be run from a terminal\n"
+msgstr "%s：必須從終端中執行\n"
+
+#, c-format
+msgid "%s: pam_start: error %d\n"
+msgstr "%s：pam_start：錯誤 %d\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot drop the controlling terminal\n"
+msgstr "%s：無法將目錄 %s 改�為 %s\n"
+
+#, fuzzy, c-format
+#| msgid "Cannot execute %s"
+msgid "Cannot execute %s\n"
+msgstr "無法執行 %s"
+
+msgid "No password file"
+msgstr "沒有密碼檔案"
+
+msgid "TIOCSCTTY failed"
+msgstr ""
+
+msgid "No password entry for 'root'"
+msgstr "沒有“root�的密碼項目"
+
+msgid ""
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"
+msgstr ""
+"\n"
+"按下 control-d ��繼續使用普通帳戶環境，\n"
+"(或者輸入 root 密碼以進行系統維護)："
+
+msgid "Entering System Maintenance Mode"
+msgstr "正在進入系統維護模�"
+
+#, c-format
+msgid "%s: %s was created, but could not be removed\n"
+msgstr ""
+
+#, c-format
+msgid "%s: the %s configuration in %s will be ignored\n"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot create new defaults file\n"
+msgstr "%s：無法建立新的�設檔案\n"
+
+#, c-format
+msgid "%s: cannot open new defaults file\n"
+msgstr "%s：無法打開新的�設檔案\n"
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: chown failed\n"
+msgid "%s: line too long in %s: %s..."
+msgstr "%s：第 %d 行：改變�有者或群組失敗\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Cannot create backup file (%s): %s\n"
+msgstr "%s：無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: rename: %s"
+msgid "%s: rename: %s: %s\n"
+msgstr "%s：更�：%s"
+
+#, fuzzy, c-format
+msgid "%s: group '%s' is a NIS group.\n"
+msgstr "%s：“%s�群組是一個 NIS 群組。\n"
+
+#, c-format
+msgid "%s: too many groups specified (max %d).\n"
+msgstr "%s：指定了�多群組(最多 %d)。\n"
+
+#, fuzzy, c-format
+#| msgid "Usage: %s [input]\n"
+msgid ""
+"Usage: %s [options] LOGIN\n"
+"       %s -D\n"
+"       %s -D [options]\n"
+"\n"
+"Options:\n"
+msgstr "用法：%s [輸入]\n"
+
+msgid ""
+"  -b, --base-dir BASE_DIR       base directory for the home directory of "
+"the\n"
+"                                new account\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         GECOS field of the new account\n"
+msgstr ""
+
+msgid "  -d, --home-dir HOME_DIR       home directory of the new account\n"
+msgstr ""
+
+msgid ""
+"  -D, --defaults                print or change default useradd "
+"configuration\n"
+msgstr ""
+
+msgid "  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       password inactivity period of the new "
+"account\n"
+msgstr ""
+
+msgid ""
+"  -g, --gid GROUP               name or ID of the primary group of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -G, --groups GROUPS           list of supplementary groups of the new\n"
+"                                account\n"
+msgstr ""
+
+msgid ""
+"  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"
+msgstr ""
+
+msgid ""
+"  -l, --no-log-init             do not add the user to the lastlog and\n"
+"                                faillog databases\n"
+msgstr ""
+
+msgid "  -m, --create-home             create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -M, --no-create-home          do not create the user's home directory\n"
+msgstr ""
+
+msgid ""
+"  -N, --no-user-group           do not create a group with the same name as\n"
+"                                the user\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow to create users with duplicate\n"
+"                                (non-unique) UID\n"
+msgstr ""
+
+msgid "  -p, --password PASSWORD       encrypted password of the new account\n"
+msgstr ""
+
+msgid "  -s, --shell SHELL             login shell of the new account\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 user ID of the new account\n"
+msgstr ""
+
+msgid ""
+"  -U, --user-group              create a group with the same name as the "
+"user\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user "
+"mapping\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: invalid base directory '%s'\n"
+msgstr "%s：無效的主目錄“%s�\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid comment '%s'\n"
+msgstr "%s：無效注釋“%s�\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid home directory '%s'\n"
+msgstr "%s：無效的主目錄“%s�\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -e\n"
+msgstr "%s：-e �數需�有shadow密碼\n"
+
+#, c-format
+msgid "%s: shadow passwords required for -f\n"
+msgstr "%s：-f �數需�有shadow密碼\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid field '%s'\n"
+msgstr "%s：無效字段 “%s�\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid shell '%s'\n"
+msgstr "%s：無效 shell“%s�\n"
+
+#, c-format
+msgid "%s: -Z requires SELinux enabled kernel\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the faillog entry of UID %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to reset the lastlog entry of UID %lu: %s\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: line %d: can't update entry\n"
+msgid "%s: failed to prepare the new %s entry\n"
+msgstr "%s：第 %d 行：無法更新項目\n"
+
+#, c-format
+msgid "%s: cannot create directory %s\n"
+msgstr "%s：無法建立目錄 %s\n"
+
+msgid "Creating mailbox file"
+msgstr ""
+
+msgid ""
+"Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"
+msgstr ""
+
+msgid "Setting mailbox file permissions"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists\n"
+msgstr "%s：使用者 %s 已存在\n"
+
+#, c-format
+msgid ""
+"%s: group %s exists - if you want to add this user to that group, use -g.\n"
+msgstr ""
+"%s：%s 群組已經存在 - 如果您想將此使用者加入到該群組，請使用 -g �數。\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create user\n"
+msgstr "%s：無法建立 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: UID %lu is not unique\n"
+msgstr "%s：gid %u 並�唯一\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to create tcb directory for %s\n"
+msgstr "%s：無法建立目錄 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create group\n"
+msgstr "%s：無法建立 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate user IDs\n"
+msgstr "%s：無法建立 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: can't create subordinate group IDs\n"
+msgstr "%s：無法建立 %s\n"
+
+#, c-format
+msgid ""
+"%s: warning: the home directory already exists.\n"
+"Not copying any file from skel directory into it.\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: the user name %s to %s SELinux user mapping failed.\n"
+msgstr ""
+
+msgid ""
+"  -f, --force                   force removal of files,\n"
+"                                even if not owned by user\n"
+msgstr ""
+
+msgid "  -r, --remove                  remove home directory and mail spool\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user            remove any SELinux user mapping for the "
+"user\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid ""
+"%s: group %s not removed because it is not the primary group of user %s.\n"
+msgstr "%s：�能在 NIS 用戶端上修改使用者“%s�。\n"
+
+#, c-format
+msgid "%s: group %s not removed because it has other members.\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: group %s is the primary group of another user and is not removed.\n"
+msgstr "%s：�能刪除使用者的主群組。\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: cannot remove entry %lu from %s\n"
+msgstr "%s：無法將目錄 %s 改�為 %s\n"
+
+#, fuzzy, c-format
+msgid "%s: %s mail spool (%s) not found\n"
+msgstr "%s：無效的主目錄“%s�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: warning: can't remove "
+msgid "%s: warning: can't remove %s: %s\n"
+msgstr "%s：警告：無法刪除"
+
+#, c-format
+msgid "%s: %s not owned by %s, not removing\n"
+msgstr "%s：%s 並�屬於 %s，所以�會刪除\n"
+
+#, c-format
+msgid "%s: Can't allocate memory, tcb entry for %s not removed.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot update file %s\n"
+msgid "%s: Cannot drop privileges: %s\n"
+msgstr "%s：無法更新檔案 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove the content of %s: %s\n"
+msgstr "%s：無法將目錄 %s 改�為 %s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot rename directory %s to %s\n"
+msgid "%s: Cannot remove tcb files for %s: %s\n"
+msgstr "%s：無法將目錄 %s 改�為 %s\n"
+
+#, c-format
+msgid "%s: user %s is a NIS user\n"
+msgstr "%s：使用者 %s 是 NIS 使用者\n"
+
+#, fuzzy, c-format
+msgid "%s: %s home directory (%s) not found\n"
+msgstr "%s：無效的主目錄“%s�\n"
+
+#, c-format
+msgid "%s: not removing directory %s (would remove home of user %s)\n"
+msgstr "%s：�能刪除目錄 %s (因為這將刪除使用者 %s 的主目錄)\n"
+
+#, c-format
+msgid "%s: error removing directory %s\n"
+msgstr "%s：刪除目錄 %s 時出錯\n"
+
+#, c-format
+msgid "%s: warning: the user name %s to SELinux user mapping removal failed.\n"
+msgstr ""
+
+msgid "  -c, --comment COMMENT         new value of the GECOS field\n"
+msgstr ""
+
+msgid ""
+"  -d, --home HOME_DIR           new home directory for the user account\n"
+msgstr ""
+
+msgid ""
+"  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"
+msgstr ""
+
+msgid ""
+"  -f, --inactive INACTIVE       set password inactive after expiration\n"
+"                                to INACTIVE\n"
+msgstr ""
+
+msgid "  -g, --gid GROUP               force use GROUP as new primary group\n"
+msgstr ""
+
+msgid "  -G, --groups GROUPS           new list of supplementary GROUPS\n"
+msgstr ""
+
+msgid ""
+"  -a, --append                  append the user to the supplemental GROUPS\n"
+"                                mentioned by the -G option without removing\n"
+"                                him/her from other groups\n"
+msgstr ""
+
+msgid "  -l, --login NEW_LOGIN         new value of the login name\n"
+msgstr ""
+
+msgid "  -L, --lock                    lock the user account\n"
+msgstr ""
+
+msgid ""
+"  -m, --move-home               move contents of the home directory to the\n"
+"                                new location (use only with -d)\n"
+msgstr ""
+
+msgid ""
+"  -o, --non-unique              allow using duplicate (non-unique) UID\n"
+msgstr ""
+
+msgid ""
+"  -p, --password PASSWORD       use encrypted password for the new password\n"
+msgstr ""
+
+msgid "  -u, --uid UID                 new UID for the user account\n"
+msgstr ""
+
+msgid "  -U, --unlock                  unlock the user account\n"
+msgstr ""
+
+msgid "  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"
+msgstr ""
+
+msgid "  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"
+msgstr ""
+
+msgid "  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"
+msgstr ""
+
+msgid "  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"
+msgstr ""
+
+msgid ""
+"  -Z, --selinux-user SEUSER     new SELinux user mapping for the user "
+"account\n"
+msgstr ""
+
+#, c-format
+msgid ""
+"%s: unlocking the user's password would result in a passwordless account.\n"
+"You should set a password with usermod -p to unlock this user's password.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: user %s exists\n"
+msgid "%s: user '%s' already exists in %s\n"
+msgstr "%s：使用者 %s 已存在\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate uid range '%s'\n"
+msgstr "%s：無效日期“%s�\n"
+
+#, fuzzy, c-format
+msgid "%s: invalid subordinate gid range '%s'\n"
+msgstr "%s：無效日期“%s�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: cannot open file %s\n"
+msgid "%s: no options\n"
+msgstr "%s：無法打開檔案 %s\n"
+
+#, c-format
+msgid "%s: the -L, -p, and -U flags are exclusive\n"
+msgstr ""
+
+#, c-format
+msgid "%s: shadow passwords required for -e and -f\n"
+msgstr "%s：-e 和 -f �數需�shadow密碼\n"
+
+#, c-format
+msgid "%s: UID '%lu' already exists\n"
+msgstr ""
+
+#, c-format
+msgid "%s: %s does not exist, you cannot use the flags %s or %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: directory %s exists\n"
+msgstr "%s：目錄 %s �存在\n"
+
+#, c-format
+msgid ""
+"%s: The previous home directory (%s) was not a directory. It is not removed "
+"and no home directories are created.\n"
+msgstr ""
+
+#, fuzzy, c-format
+#| msgid "%s: cannot create directory %s\n"
+msgid "%s: Failed to change ownership of the home directory"
+msgstr "%s：無法建立目錄 %s\n"
+
+#, c-format
+msgid "%s: warning: failed to completely remove old home directory %s"
+msgstr ""
+
+#, c-format
+msgid "%s: cannot rename directory %s to %s\n"
+msgstr "%s：無法將目錄 %s 改�為 %s\n"
+
+#, c-format
+msgid "%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"
+msgstr ""
+
+#, c-format
+msgid "%s: warning: %s not owned by %s\n"
+msgstr "%s：警告：%s �屬於 %s\n"
+
+msgid "failed to change mailbox owner"
+msgstr "改變信箱所有者失敗"
+
+msgid "failed to rename mailbox"
+msgstr "無法為信箱改�"
+
+#, fuzzy, c-format
+msgid "%s: failed to remove uid range %lu-%lu from '%s'\n"
+msgstr "%s：無效的工作電話：“%s�\n"
+
+#, fuzzy, c-format
+#| msgid "%s: fields too long\n"
+msgid "%s: failed to add uid range %lu-%lu from '%s'\n"
+msgstr "%s：字段太長\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to remove gid range %lu-%lu from '%s'\n"
+msgstr "%s：無效的工作電話：“%s�\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to add gid range %lu-%lu from '%s'\n"
+msgstr "%s：無效的主目錄“%s�\n"
+
+#, c-format
+msgid ""
+"You have modified %s.\n"
+"You may need to modify %s for consistency.\n"
+"Please use the command '%s' to do so.\n"
+msgstr ""
+
+msgid "  -g, --group                   edit group database\n"
+msgstr ""
+
+msgid "  -p, --passwd                  edit passwd database\n"
+msgstr ""
+
+msgid "  -s, --shadow                  edit shadow or gshadow database\n"
+msgstr ""
+
+msgid "  -u, --user                    which user's tcb shadow file to edit\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "%s: failed to remove %s\n"
+msgstr "%s：無效的工作電話：“%s�\n"
+
+#, fuzzy, c-format
+#| msgid ""
+#| "\n"
+#| "%s: %s is unchanged\n"
+msgid "%s: %s is unchanged\n"
+msgstr ""
+"\n"
+"%s：%s 沒有更改\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create scratch directory"
+msgstr "無法為信箱改�"
+
+#, fuzzy
+msgid "failed to drop privileges"
+msgstr "%s：無效的工作電話：“%s�\n"
+
+#, fuzzy
+#| msgid "Couldn't lock file"
+msgid "Couldn't get file context"
+msgstr "無法鎖定檔案"
+
+msgid "setfscreatecon () failed"
+msgstr ""
+
+msgid "failed to gain privileges"
+msgstr ""
+
+msgid "Couldn't lock file"
+msgstr "無法鎖定檔案"
+
+msgid "Couldn't make backup"
+msgstr "無法備份"
+
+#, fuzzy, c-format
+msgid "%s: %s: %s\n"
+msgstr "passwd：%s\n"
+
+#, fuzzy, c-format
+#| msgid "%s: %s not found in /etc/passwd\n"
+msgid "%s: %s returned with status %d\n"
+msgstr "%s：未在 /etc/passwd 中找到 %s\n"
+
+#, c-format
+msgid "%s: %s killed by signal %d\n"
+msgstr ""
+
+#, fuzzy
+msgid "failed to open scratch file"
+msgstr "%s：無法打開群組檔案\n"
+
+#, fuzzy
+#| msgid "%s: fields too long\n"
+msgid "failed to unlink scratch file"
+msgstr "%s：字段太長\n"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to stat edited file"
+msgstr "無法為信箱改�"
+
+#, fuzzy
+#| msgid "failed to change mailbox owner"
+msgid "failed to allocate memory"
+msgstr "改變信箱所有者失敗"
+
+#, fuzzy
+#| msgid "failed to rename mailbox"
+msgid "failed to create backup file"
+msgstr "無法為信箱改�"
+
+#, c-format
+msgid "%s: can't restore %s: %s (your changes are in %s)\n"
+msgstr "%s：無法復原 %s：%s (您的修改在 %s 中)\n"
+
+#, fuzzy, c-format
+msgid "%s: failed to find tcb directory for %s\n"
+msgstr "%s：無效的主目錄“%s�\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "用法：%s [輸入]\n"
+
+#~ msgid "malloc(%d) failed\n"
+#~ msgstr "malloc(%d) 失敗\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chage [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -d, --lastday LAST_DAY        set date of last password change to "
+#~ "LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE  set account expiration date to "
+#~ "EXPIRE_DATE\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -I, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --list                    show account aging information\n"
+#~ "  -m, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -M, --maxdays MAX_DAYS        set maximim number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法：chage [�項] 使用者\n"
+#~ "\n"
+#~ "�項：\n"
+#~ "  -d, --lastday LAST_DAY\t設定密碼的最後修改日期為 LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE\t設定帳號�期的日期為 EXPIRE\n"
+#~ "  -h, --help\t\t\t顯示這份說明文字然後��\n"
+#~ "  -I, --inactive INACTIVE\t設定密碼在 INACTIVE 天後失效\n"
+#~ "  -l, --list\t\t\t顯示帳號期�的相關資訊\n"
+#~ "  -m, --mindays MIN_DAYS\t最少必須相隔 MIN_DAYS 天�能改變密碼\n"
+#~ "  -M, --maxdays MAX_DAYS\t最多必須相隔 MIN_DAYS 天�能改變密碼\n"
+#~ "  -W, --warndays WARN_DAYS\t密碼在�期� WARN_DAYS 天會發出警告\n"
+#~ "\n"
+
+#~ msgid "%s: PAM authentication failed\n"
+#~ msgstr "%s：PAM 驗証失敗\n"
+
+#~ msgid ""
+#~ "Usage: %s [-f full_name] [-r room_no] [-w work_ph]\n"
+#~ "\t[-h home_ph] [-o other] [user]\n"
+#~ msgstr ""
+#~ "用法：%s [-f 全�] [-r 房間號] [-w 工作電話]\n"
+#~ "\t[-h �家電話] [-o 其它] [使用者]\n"
+
+#~ msgid "Usage: %s [-f full_name] [-r room_no] [-w work_ph] [-h home_ph]\n"
+#~ msgstr "用法：%s [-f 全�] [-r 房間號] [-w 工作電話] [-h �家電話]\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: %s [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -c, --crypt-method            the crypt method (one of %s)\n"
+#~ "  -e, --encrypted               supplied passwords are encrypted\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -m, --md5                     encrypt the clear text password using\n"
+#~ "                                the MD5 algorithm\n"
+#~ "%s\n"
+#~ msgstr ""
+#~ "用法：chpasswd [�項]\n"
+#~ "\n"
+#~ "�項：\n"
+#~ "  -e, --encrypted\t所�供的密碼已經�加密\n"
+#~ "  -h, --help\t\t顯示這份說明文字然後��\n"
+#~ "  -m,  --md5\t\t如果所�供的密碼沒有加密，則使用 MD5 加密法\n"
+#~ "\t\t\t來替代 DES。\n"
+
+#~ msgid "Usage: expiry {-f|-c}\n"
+#~ msgstr "用法：expiry {-f|-c}\n"
+
+#, fuzzy
+#~| msgid "%s: cannot open file %s\n"
+#~ msgid "faillog: Cannot open %s: %s\n"
+#~ msgstr "%s：無法打開檔案 %s\n"
+
+#~ msgid "Usage: groupdel group\n"
+#~ msgstr "用法：groupdel 群組\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group [gshadow]]\n"
+#~ msgstr "用法：%s [-r] [-s] [群組 [gshadow]]\n"
+
+#~ msgid "Usage: %s [-r] [-s] [group]\n"
+#~ msgstr "用法：%s [-r] [-s] [群組]\n"
+
+#~ msgid "%s: -s and -r are incompatibile\n"
+#~ msgstr "%s：-s 和 -r 是互�相容的\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpconv\n"
+#~ msgstr "用法：groupdel 群組\n"
+
+#, fuzzy
+#~| msgid "Usage: groupdel group\n"
+#~ msgid "Usage: grpunconv\n"
+#~ msgstr "用法：groupdel 群組\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: lastlog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -b, --before DAYS             print only lastlog records older than "
+#~ "DAYS\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -t, --time DAYS               print only lastlog records more recent "
+#~ "than DAYS\n"
+#~ "  -u, --user LOGIN              print lastlog record of the specified "
+#~ "LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法：lastlog [�項]\n"
+#~ "\n"
+#~ "�項：\n"
+#~ "  -h, --help\t\t顯示這份說明文字然後��\n"
+#~ "  -t, --time DAYS\t�列出 DAYS 天內的歷�記錄\n"
+#~ "  -u, --user LOGIN\t根據指定的 LOGIN 列出該使用者最後的歷�記錄\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: passwd [options] [LOGIN]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     report password status on all accounts\n"
+#~ "  -d, --delete                  delete the password for the named "
+#~ "account\n"
+#~ "  -e, --expire                  force expire the password for the named "
+#~ "account\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -k, --keep-tokens             change password only if expired\n"
+#~ "  -i, --inactive INACTIVE       set password inactive after expiration\n"
+#~ "                                to INACTIVE\n"
+#~ "  -l, --lock                    lock the password of the named account\n"
+#~ "  -n, --mindays MIN_DAYS        set minimum number of days before "
+#~ "password\n"
+#~ "                                change to MIN_DAYS\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"
+#~ "  -S, --status                  report password status on the named "
+#~ "account\n"
+#~ "  -u, --unlock                  unlock the password of the named account\n"
+#~ "  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"
+#~ "  -x, --maxdays MAX_DAYS        set maximum number of days before "
+#~ "password\n"
+#~ "                                change to MAX_DAYS\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法：chage [�項] 使用者\n"
+#~ "\n"
+#~ "�項：\n"
+#~ "  -d, --lastday LAST_DAY\t設定密碼的最後修改日期為 LAST_DAY\n"
+#~ "  -E, --expiredate EXPIRE_DATE\t設定帳號�期的日期為 EXPIRE\n"
+#~ "  -h, --help\t\t\t顯示這份說明文字然後��\n"
+#~ "  -I, --inactive INACTIVE\t設定密碼在 INACTIVE 天後失效\n"
+#~ "  -l, --list\t\t\t顯示帳號期�的相關資訊\n"
+#~ "  -m, --mindays MIN_DAYS\t最少必須相隔 MIN_DAYS 天�能改變密碼\n"
+#~ "  -M, --maxdays MAX_DAYS\t最多必須相隔 MIN_DAYS 天�能改變密碼\n"
+#~ "  -W, --warndays WARN_DAYS\t密碼在�期� WARN_DAYS 天會發出警告\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgid "Usage: %s [-q] [-r] [passwd]\n"
+#~ msgstr "用法：%s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#~ msgid "Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"
+#~ msgstr "用法：%s [-q] [-r] [-s] [passwd [shadow]]\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwconv\n"
+#~ msgstr "用法：id\n"
+
+#, fuzzy
+#~| msgid "Usage: id\n"
+#~ msgid "Usage: pwunconv\n"
+#~ msgstr "用法：id\n"
+
+#~ msgid "Unknown id: %s\n"
+#~ msgstr "未知 id：%s\n"
+
+#~ msgid "No shell\n"
+#~ msgstr "沒有 shell\n"
+
+#~ msgid "%s: user %s is currently logged in\n"
+#~ msgstr "%s：使用者 %s 目�已登入\n"
+
+#~ msgid "%s: no flags given\n"
+#~ msgstr "%s：沒有指定標誌\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: vipw [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -g, --group                   edit group database\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -p, --passwd                  edit passwd database\n"
+#~ "  -q, --quiet                   quiet mode\n"
+#~ "  -s, --shadow                  edit shadow or gshadow database\n"
+#~ "  -u, --user                    which user's tcb shadow file to edit\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法：lastlog [�項]\n"
+#~ "\n"
+#~ "�項：\n"
+#~ "  -h, --help\t\t顯示這份說明文字然後��\n"
+#~ "  -t, --time DAYS\t�列出 DAYS 天內的歷�記錄\n"
+#~ "  -u, --user LOGIN\t根據指定的 LOGIN 列出該使用者最後的歷�記錄\n"
+#~ "\n"
+
+#, fuzzy
+#~| msgid "Usage: %s [input]\n"
+#~ msgid ""
+#~ "Usage: useradd [options] LOGIN\n"
+#~ "\n"
+#~ "Options:\n"
+#~ msgstr "用法：%s [輸入]\n"
+
+#~ msgid "%s: can't create %s\n"
+#~ msgstr "%s：無法建立 %s\n"
+
+#~ msgid "%s: can't chown %s\n"
+#~ msgstr "%s：無法改變 %s 的所有者和群組\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: faillog [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -a, --all                     display faillog records for all users\n"
+#~ "  -h, --help                    display this help message and exit\n"
+#~ "  -l, --lock-time SEC           after failed login lock account to SEC "
+#~ "seconds\n"
+#~ "  -m, --maximum MAX             set maximum failed login counters to MAX\n"
+#~ "  -r, --reset                   reset the counters of login failures\n"
+#~ "  -t, --time DAYS               display faillog records more recent than "
+#~ "DAYS\n"
+#~ "  -u, --user LOGIN              display faillog record or maintains "
+#~ "failure\n"
+#~ "                                counters and limits (if used with -r, -m "
+#~ "or -l\n"
+#~ "                                options) only for user with LOGIN\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法：faillog [�項]\n"
+#~ "\n"
+#~ "�項：\n"
+#~ "  -a, --all\t\t\t顯示所有的使用者的失敗記錄\n"
+#~ "  -h, --help\t\t\t顯示這份說明文字然後��\n"
+#~ "  -l, --lock-time SEC\t\t在登入失敗後，關閉帳號 SEC 秒\n"
+#~ "  -m, --maximum MAX\t\t設定最多能登入失敗 MAX 次\n"
+#~ "  -r, --reset\t\t\t�新設定登入失敗計數\n"
+#~ "  -t, --time DAYS\t\t顯示最近 DAYS 內的失敗記錄。\n"
+#~ "  -u, --user LOGIN\t\t根據指定的 LOGIN 顯示其失敗記錄�目�的失敗計數\n"
+#~ "\t\t\t\t��制（當和 -r�-m 或 -l �項��使用時）\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "Password set to expire."
+#~ msgstr "您的密碼已�期。"
+
+#~ msgid "%s: can't lock password file\n"
+#~ msgstr "%s：無法鎖定密碼檔\n"
+
+#~ msgid "%s: can't open password file\n"
+#~ msgstr "%s：無法打開密碼文件\n"
+
+#~ msgid "%s: can't lock shadow password file\n"
+#~ msgstr "%s：無法鎖定shadow密碼文件\n"
+
+#~ msgid "%s: can't open shadow password file\n"
+#~ msgstr "%s：無法打開影�密碼文件\n"
+
+#~ msgid "%s: can't rewrite shadow password file\n"
+#~ msgstr "%s：無法�寫shadow密碼檔案\n"
+
+#~ msgid "%s: can't rewrite password file\n"
+#~ msgstr "%s：無法�寫密碼檔案\n"
+
+#~ msgid "%s: can't update shadow password file\n"
+#~ msgstr "%s：無法更新shadow密碼檔案\n"
+
+#~ msgid "\tFull Name: %s\n"
+#~ msgstr "\t全�：%s\n"
+
+#, fuzzy
+#~ msgid "\tRoom Number: %s\n"
+#~ msgstr "房間號碼"
+
+#, fuzzy
+#~ msgid "\tWork Phone: %s\n"
+#~ msgstr "工作電話"
+
+#, fuzzy
+#~ msgid "\tHome Phone: %s\n"
+#~ msgstr "�家電話"
+
+#~ msgid "Cannot lock the password file; try again later.\n"
+#~ msgstr "無法鎖定密碼檔案﹔�後�試。\n"
+
+#~ msgid "Cannot open the password file.\n"
+#~ msgstr "無法打開密碼檔案。\n"
+
+#~ msgid "Error updating the password entry.\n"
+#~ msgstr "更改密碼項目時出錯。\n"
+
+#~ msgid "Cannot commit password file changes.\n"
+#~ msgstr "無法�交密碼檔案變動。\n"
+
+#~ msgid "Cannot unlock the password file.\n"
+#~ msgstr "無法解鎖密碼檔案。\n"
+
+#~ msgid "%s: can't lock group file\n"
+#~ msgstr "%s：無法鎖定群組檔案\n"
+
+#~ msgid "%s: can't open group file\n"
+#~ msgstr "%s：無法打開群組檔案\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock gshadow file\n"
+#~ msgstr "%s：無法鎖定 shadow 檔\n"
+
+#~ msgid "%s: can't open shadow file\n"
+#~ msgstr "%s：無法打開 shadow 檔\n"
+
+#, fuzzy
+#~ msgid "%s: error updating gshadow file\n"
+#~ msgstr "%s：更新shadow檔案時出錯。\n"
+
+#, fuzzy
+#~ msgid "%s: error updating group file\n"
+#~ msgstr "%s：更新群組項目時出錯\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: unknown group %s\n"
+#~ msgstr "%s：第 %d 行：未知使用者 %s\n"
+
+#, fuzzy
+#~ msgid "%s: line %d: cannot update group entry\n"
+#~ msgstr "%s：第 %d 行：無法更新項目\n"
+
+#~ msgid "%s: can't lock shadow file\n"
+#~ msgstr "%s：無法鎖定 shadow 檔\n"
+
+#~ msgid "%s: error updating shadow file\n"
+#~ msgstr "%s：更新shadow檔案時出錯。\n"
+
+#~ msgid "%s: error updating password file\n"
+#~ msgstr "%s：更新密碼檔案時出錯。\n"
+
+#~ msgid "%s: line %d: unknown user %s\n"
+#~ msgstr "%s：第 %d 行：未知使用者 %s\n"
+
+#~ msgid "%s: line %d: cannot update password entry\n"
+#~ msgstr "%s：第 %d 行：無法更新密碼項目\n"
+
+#~ msgid "%s: unknown user\n"
+#~ msgstr "%s：未知使用者\n"
+
+#~ msgid "Unknown User: %s\n"
+#~ msgstr "未知使用者：%s\n"
+
+#~ msgid "Usage: %s [-r|-R] group\n"
+#~ msgstr "用法：%s [-r|-R] 群組\n"
+
+#~ msgid "       %s [-a user] group\n"
+#~ msgstr "       %s [-a 使用者] 群組\n"
+
+#~ msgid "       %s [-d user] group\n"
+#~ msgstr "       %s [-d 使用者] 群組\n"
+
+#~ msgid "       %s [-A user,...] [-M user,...] group\n"
+#~ msgstr "       %s [-A 使用者,...] [-M 使用者,...] 群組\n"
+
+#~ msgid "       %s [-M user,...] group\n"
+#~ msgstr "       %s [-M 使用者,...] 群組\n"
+
+#~ msgid "%s: can't get lock\n"
+#~ msgstr "%s：無法�得鎖定\n"
+
+#~ msgid "%s: can't get shadow lock\n"
+#~ msgstr "%s：無法�得shadow鎖定\n"
+
+#~ msgid "%s: can't open file\n"
+#~ msgstr "%s：無法打開檔案\n"
+
+#~ msgid "%s: can't re-write shadow file\n"
+#~ msgstr "%s：無法�寫shadow檔案\n"
+
+#~ msgid "%s: can't unlock file\n"
+#~ msgstr "%s 無法解鎖檔案。\n"
+
+#~ msgid "%s: can't update entry\n"
+#~ msgstr "%s：無法更新項目\n"
+
+#~ msgid "%s: can't update shadow entry\n"
+#~ msgstr "%s：無法更新shadow項目\n"
+
+#~ msgid "unknown group: %s\n"
+#~ msgstr "未知群組：%s\n"
+
+#, fuzzy
+#~ msgid "%s: can't close file\n"
+#~ msgstr "%s：無法打開檔案\n"
+
+#, fuzzy
+#~ msgid "%s: can't close shadow file\n"
+#~ msgstr "%s：無法打開 shadow 檔\n"
+
+#~ msgid "Who are you?\n"
+#~ msgstr "你是誰？\n"
+
+#~ msgid "%s: unknown member %s\n"
+#~ msgstr "%s：未知�員 %s\n"
+
+#~ msgid "%s: error adding new group entry\n"
+#~ msgstr "%s：增加新群組項目時出錯\n"
+
+#~ msgid "%s: cannot rewrite group file\n"
+#~ msgstr "%s：無法�寫群組檔案\n"
+
+#~ msgid "%s: cannot rewrite shadow group file\n"
+#~ msgstr "%s：無法�寫shadow群組檔案\n"
+
+#~ msgid "%s: unable to lock group file\n"
+#~ msgstr "%s：無法鎖定群組檔案\n"
+
+#~ msgid "%s: unable to open group file\n"
+#~ msgstr "%s：無法打開群組檔案\n"
+
+#~ msgid "%s: unable to lock shadow group file\n"
+#~ msgstr "%s：無法鎖定shadow群組檔案\n"
+
+#~ msgid "%s: unable to open shadow group file\n"
+#~ msgstr "%s：無法打開shadow群組檔案\n"
+
+#, fuzzy
+#~ msgid "%s: GID %u is not unique\n"
+#~ msgstr "%s：gid %u 並�唯一\n"
+
+#~ msgid "%s: error removing group entry\n"
+#~ msgstr "%s：刪除群組項目時出錯\n"
+
+#~ msgid "%s: error removing shadow group entry\n"
+#~ msgstr "%s：刪除shadow群組項目時出錯\n"
+
+#~ msgid "%s: cannot remove user's primary group.\n"
+#~ msgstr "%s：�能刪除使用者的主群組。\n"
+
+#, fuzzy
+#~ msgid "PAM authentication failed for\n"
+#~ msgstr "%s：PAM 驗証失敗\n"
+
+#, fuzzy
+#~ msgid "Unable to lock group file\n"
+#~ msgstr "%s：無法鎖定群組檔案\n"
+
+#, fuzzy
+#~ msgid "Cannot close group file\n"
+#~ msgstr "%s：無法打開群組檔案\n"
+
+#~ msgid "%s: %s not found in /etc/group\n"
+#~ msgstr "%s：未在 /etc/group 中找到 %s\n"
+
+#, fuzzy
+#~ msgid "%s: %u is not a unique GID\n"
+#~ msgstr "%s：%u �是一個唯一的 gid\n"
+
+#~ msgid "%s: %s is not a unique name\n"
+#~ msgstr "%s：%s �是一個唯一的�稱\n"
+
+#, fuzzy
+#~ msgid "%s: cannot rewrite passwd file\n"
+#~ msgstr "%s：無法�寫密碼檔案\n"
+
+#~ msgid "%s: unable to lock password file\n"
+#~ msgstr "%s：無法鎖定密碼檔案\n"
+
+#~ msgid "%s: unable to open password file\n"
+#~ msgstr "%s：無法打開密碼檔案\n"
+
+#~ msgid "%s: can't update shadow entry for %s\n"
+#~ msgstr "%s：無法為 %s 更新shadow項目\n"
+
+#~ msgid "%s: can't update entry for group %s\n"
+#~ msgstr "%s：無法更新 %s 群組的項目\n"
+
+#~ msgid "%s: can't lock shadow group file\n"
+#~ msgstr "%s：無法鎖定shadow群組檔案\n"
+
+#~ msgid "%s: can't open shadow group file\n"
+#~ msgstr "%s：無法打開shadow群組檔案\n"
+
+#~ msgid "%s: can't remove shadow group %s\n"
+#~ msgstr "%s：無法移除shadow群組 %s\n"
+
+#~ msgid "%s: can't update shadow group file\n"
+#~ msgstr "%s：無法更新shadow群組檔案\n"
+
+#~ msgid "%s: can't delete shadow group file\n"
+#~ msgstr "%s：無法刪除shadow群組檔案\n"
+
+#, fuzzy
+#~ msgid "unknown UID: %u\n"
+#~ msgstr "未知的 GID：%lu\n"
+
+#~ msgid "unknown GID: %lu\n"
+#~ msgstr "未知的 GID：%lu\n"
+
+#, fuzzy
+#~ msgid "%s: group ID `%s' is not valid\n"
+#~ msgstr "%s：%s 群組�存在\n"
+
+#, fuzzy
+#~ msgid "%s: user ID `%s' is not valid\n"
+#~ msgstr "%s：使用者 %s �存在\n"
+
+#, fuzzy
+#~ msgid "%s: invalid user name `%s'\n"
+#~ msgstr "%s：無效使用者�稱“%s�\n"
+
+#~ msgid "%s: can't lock /etc/passwd.\n"
+#~ msgstr "%s：無法鎖定 /etc/passwd。\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/shadow.\n"
+#~ msgstr "%s：無法鎖定 /etc/passwd。\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/group.\n"
+#~ msgstr "%s：無法鎖定 /etc/passwd。\n"
+
+#, fuzzy
+#~ msgid "%s: can't lock /etc/gshadow.\n"
+#~ msgstr "%s：無法鎖定 /etc/passwd。\n"
+
+#~ msgid "%s: can't open files\n"
+#~ msgstr "%s：無法打開檔案\n"
+
+#~ msgid "%s: error updating files\n"
+#~ msgstr "%s：更新檔案出錯\n"
+
+#~ msgid "%s: can't update passwd entry for %s\n"
+#~ msgstr "%s：無法為 %s 更新密碼項目\n"
+
+#~ msgid "%s: can't lock passwd file\n"
+#~ msgstr "%s：無法鎖定密碼檔案\n"
+
+#~ msgid "%s: can't open passwd file\n"
+#~ msgstr "%s：無法打開密碼檔案\n"
+
+#~ msgid "%s: can't remove shadow entry for %s\n"
+#~ msgstr "%s：無法為 %s 刪除shadow項目\n"
+
+#~ msgid "%s: can't update passwd file\n"
+#~ msgstr "%s：無法更新密碼檔案\n"
+
+#~ msgid "%s: can't update entry for user %s\n"
+#~ msgstr "%s：�能更新使用者 %s 的項目\n"
+
+#~ msgid "%s: can't delete shadow password file\n"
+#~ msgstr "%s：無法刪除shadow密碼檔案\n"
+
+#~ msgid "%s: unknown GID %s\n"
+#~ msgstr "%s：未知的 GID %s\n"
+
+#~ msgid "%s: unknown group %s\n"
+#~ msgstr "%s：未知的群組 %s\n"
+
+#, fuzzy
+#~ msgid "%s: Out of memory. Cannot update the shadow group database.\n"
+#~ msgstr "%s：update_gshadow 時記憶體�足\n"
+
+#~ msgid "%s: cannot rewrite password file\n"
+#~ msgstr "%s：無法�寫密碼檔案\n"
+
+#~ msgid "%s: cannot rewrite shadow password file\n"
+#~ msgstr "%s：無法�寫shadow密碼檔案\n"
+
+#~ msgid "%s: cannot lock shadow password file\n"
+#~ msgstr "%s：無法鎖定shadow密碼檔案\n"
+
+#~ msgid "%s: cannot open shadow password file\n"
+#~ msgstr "%s：無法打開shadow密碼檔案\n"
+
+#~ msgid "%s: error locking group file\n"
+#~ msgstr "%s：鎖定群組檔案時出錯\n"
+
+#~ msgid "%s: error opening group file\n"
+#~ msgstr "%s：打開群組檔案時出錯\n"
+
+#~ msgid "%s: error locking shadow group file\n"
+#~ msgstr "%s：鎖定shadow群組檔案時出錯\n"
+
+#~ msgid "%s: error opening shadow group file\n"
+#~ msgstr "%s：打開shadow群組檔案時出錯\n"
+
+#~ msgid "%s: error adding new password entry\n"
+#~ msgstr "%s：加入新密碼項目時出錯\n"
+
+#~ msgid "%s: error adding new shadow password entry\n"
+#~ msgstr "%s：加入新shadow密碼項時出錯\n"
+
+#~ msgid "%s: warning: CREATE_HOME not supported, please use -m instead.\n"
+#~ msgstr "%s：警告：CREATE_HOME �支�，請使用 -m �數。\n"
+
+#~ msgid "%s: error updating group entry\n"
+#~ msgstr "%s：更新群組項目時出錯\n"
+
+#, fuzzy
+#~ msgid "%s: error updating shadow group entry\n"
+#~ msgstr "%s：更新群組項目時出錯\n"
+
+#~ msgid "%s: cannot open group file\n"
+#~ msgstr "%s：無法打開群組檔案\n"
+
+#~ msgid "%s: cannot open shadow group file\n"
+#~ msgstr "%s：無法打開shadow群組檔案\n"
+
+#~ msgid "%s: error deleting password entry\n"
+#~ msgstr "%s：刪除密碼項目時出錯\n"
+
+#~ msgid "%s: error deleting shadow password entry\n"
+#~ msgstr "%s：刪除shadow密碼項目時出錯\n"
+
+#, fuzzy
+#~ msgid "%s: error adding new shadow group entry\n"
+#~ msgstr "%s：增加新群組項目時出錯\n"
+
+#~ msgid "%s: uid %lu is not unique\n"
+#~ msgstr "%s：uid %lu �唯一\n"
+
+#~ msgid "%s: error changing password entry\n"
+#~ msgstr "%s：改變密碼項目時出錯\n"
+
+#~ msgid "%s: error removing password entry\n"
+#~ msgstr "%s：移除密碼項時出錯\n"
+
+#~ msgid "%s: error removing shadow password entry\n"
+#~ msgstr "%s：刪除shadow密碼項目時出錯\n"
+
+#, fuzzy
+#~ msgid "%s: can't get unique GID\n"
+#~ msgstr "%s：無法���有的 gid\n"
+
+#, fuzzy
+#~ msgid " on '%.100s' from '%.200s'"
+#~ msgstr " 在“%.100s�上，來自“%.200s�"
+
+#, fuzzy
+#~ msgid " on '%.100s'"
+#~ msgstr "在“%.100s�上"
+
+#~ msgid "%s: line %d: can't create UID\n"
+#~ msgstr "%s：第 %d 行：無法建立 UID\n"
+
+#~ msgid "%s: name %s is not unique\n"
+#~ msgstr "%s：�稱 %s 並�唯一\n"
+
+#, fuzzy
+#~ msgid ""
+#~ "Usage: chgpasswd [options]\n"
+#~ "\n"
+#~ "Options:\n"
+#~ "  -e, --encrypted\tsupplied passwords are encrypted\n"
+#~ "  -h, --help\t\tdisplay this help message and exit\n"
+#~ "  -m, --md5\t\tuse MD5 encryption instead DES when the supplied\n"
+#~ "\t\t\tpasswords are not encrypted\n"
+#~ "\n"
+#~ msgstr ""
+#~ "用法：chpasswd [�項]\n"
+#~ "\n"
+#~ "�項：\n"
+#~ "  -e, --encrypted\t所�供的密碼已經�加密\n"
+#~ "  -h, --help\t\t顯示這份說明文字然後��\n"
+#~ "  -m,  --md5\t\t如果所�供的密碼沒有加密，則使用 MD5 加密法\n"
+#~ "\t\t\t來替代 DES。\n"
+#~ "\n"
+
+#, fuzzy
+#~ msgid "No password.\n"
+#~ msgstr "沒有密碼檔案\n"
+
+#~ msgid "Sorry.\n"
+#~ msgstr "抱歉。\n"
+
+#~ msgid "Sorry, the password for %s cannot be changed yet.\n"
+#~ msgstr "抱歉，無法更改 %s 的密碼。\n"
+
+#~ msgid "Sorry."
+#~ msgstr "抱歉"
diff --git a/shadow.spec.in b/shadow.spec.in
new file mode 100644
index 0000000..0f9a958
--- /dev/null
+++ b/shadow.spec.in
@@ -0,0 +1,93 @@
+# shadow-utils.spec generated automatically from shadow-utils.spec.in
+# $Id$
+
+Summary:	Shadow password file utilities for Linux
+Name:		shadow-utils
+Version:	@VERSION@
+Release:	1
+Copyright:	Free
+Group:		Utilities/System
+Source:		ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/%{name}-%{version}.tar.gz
+BuildRoot:	%{_tmppath}/%{name}-%{version}-root
+Obsoletes:	adduser
+
+%description
+This package includes the programs necessary to convert traditional
+V7 UNIX password files to the SVR4 shadow password format and additional
+tools to work with shadow passwords.
+	- 'pwconv' converts everything to the shadow password format.
+	- 'pwunconv' converts back to non-shadow passwords.
+	- 'pwck' checks the integrity of the password and shadow files.
+	- 'lastlog' prints out the last login times of all users.
+	- 'useradd', 'userdel', 'usermod' to manage user accounts.
+	- 'groupadd', 'groupdel', 'groupmod' to manage groups.
+
+A number of man pages are also included that relate to these utilities,
+and shadow passwords in general.
+
+%prep
+%setup
+
+%build
+%configure \
+	--disable-shared \
+	--prefix=/usr \
+	--exec-prefix=/usr
+make
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+make install DESTDIR=$RPM_BUILD_ROOT
+
+mkdir -p $RPM_BUILD_ROOT/etc/default
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files
+%doc doc/ANNOUNCE doc/CHANGES doc/HOWTO
+%doc doc/LICENSE doc/README doc/README.linux
+%dir /etc/default
+%config /etc/default/useradd
+%config /etc/login.defs
+%{_bindir}/chage
+%{_bindir}/gpasswd
+%{_bindir}/lastlog
+%{_mandir}/man1/chage.1*
+%{_mandir}/man1/gpasswd.1*
+%{_mandir}/man3/shadow.3*
+%{_mandir}/man5/shadow.5*
+%{_mandir}/man8/chpasswd.8*
+%{_mandir}/man8/groupadd.8*
+%{_mandir}/man8/groupdel.8*
+%{_mandir}/man8/groupmod.8*
+%{_mandir}/man8/grpck.8*
+%{_mandir}/man8/lastlog.8*
+%{_mandir}/man8/newusers.8*
+%{_mandir}/man8/pwck.8*
+%{_mandir}/man8/pwconv.8*
+%{_mandir}/man8/useradd.8*
+%{_mandir}/man8/userdel.8*
+%{_mandir}/man8/usermod.8*
+%{_sbindir}/chpasswd
+%{_sbindir}/groupadd
+%{_sbindir}/groupdel
+%{_sbindir}/groupmod
+%{_sbindir}/grpck
+%{_sbindir}/grpconv
+%{_sbindir}/grpunconv
+%{_sbindir}/newusers
+%{_sbindir}/pwck
+%{_sbindir}/pwconv
+%{_sbindir}/pwunconv
+%{_sbindir}/useradd
+%{_sbindir}/userdel
+%{_sbindir}/usermod
+
+%changelog
+* Sun Dec 14 1997 Marek Michalkiewicz <marekm@piast.t19.ds.pwr.wroc.pl>
+- Lots of changes, see doc/CHANGES for more details
+
+* Sun Jun 08 1997 Timo Karjalainen <timok@iki.fi>
+- Initial release
diff --git a/src/.gitignore b/src/.gitignore
new file mode 100644
index 0000000..d5716b9
--- /dev/null
+++ b/src/.gitignore
@@ -0,0 +1,35 @@
+/chage
+/chfn
+/chgpasswd
+/chpasswd
+/chsh
+/expiry
+/faillog
+/gpasswd
+/groupadd
+/groupdel
+/groupmems
+/groupmod
+/groups
+/grpck
+/grpconv
+/grpunconv
+/id
+/lastlog
+/login
+/logoutd
+/newgrp
+/newgidmap
+/newuidmap
+/newusers
+/nologin
+/passwd
+/pwck
+/pwconv
+/pwunconv
+/su
+/sulogin
+/useradd
+/userdel
+/usermod
+/vipw
diff --git a/src/.indent.pro b/src/.indent.pro
new file mode 100644
index 0000000..fe572bb
--- /dev/null
+++ b/src/.indent.pro
@@ -0,0 +1,5 @@
+-kr
+-i8
+-bad
+-pcs
+-l80
diff --git a/src/Makefile.am b/src/Makefile.am
new file mode 100644
index 0000000..12ef630
--- /dev/null
+++ b/src/Makefile.am
@@ -0,0 +1,138 @@
+
+EXTRA_DIST = \
+	.indent.pro
+
+ubindir = ${prefix}/bin
+usbindir = ${prefix}/sbin
+suidperms = 4755
+sgidperms = 2755
+
+AM_CPPFLAGS = \
+	-I${top_srcdir}/lib \
+	-I$(top_srcdir)/libmisc \
+	-DLOCALEDIR=\"$(datadir)/locale\"
+
+# XXX why are login and su in /bin anyway (other than for
+# historical reasons)?
+#
+# if the system is screwed so badly that it can't mount /usr,
+# you can (hopefully) boot single user, and then you're root
+# so you don't need these programs for recovery.
+#
+# also /lib/libshadow.so.x.xx (if any) could be moved to /usr/lib
+# and installation would be much simpler (just two directories,
+# $prefix/bin and $prefix/sbin, no install-data hacks...)
+
+bin_PROGRAMS   = groups login su
+sbin_PROGRAMS  = nologin
+ubin_PROGRAMS  = faillog lastlog chage chfn chsh expiry gpasswd newgrp passwd
+if ENABLE_SUBIDS
+ubin_PROGRAMS += newgidmap newuidmap
+endif
+usbin_PROGRAMS = \
+	chgpasswd \
+	chpasswd \
+	groupadd \
+	groupdel \
+	groupmems \
+	groupmod \
+	grpck \
+	grpconv \
+	grpunconv \
+	logoutd \
+	newusers \
+	pwck \
+	pwconv \
+	pwunconv \
+	useradd \
+	userdel \
+	usermod \
+	vipw
+
+# id and groups are from gnu, sulogin from sysvinit
+noinst_PROGRAMS = id sulogin
+
+suidbins       = su
+suidubins      = chage chfn chsh expiry gpasswd newgrp passwd
+if ACCT_TOOLS_SETUID
+suidubins += chage chgpasswd chpasswd groupadd groupdel groupmod newusers useradd userdel usermod
+endif
+if ENABLE_SUBIDS
+suidubins += newgidmap newuidmap
+endif
+
+if WITH_TCB
+suidubins -= passwd
+shadowsgidubins = passwd
+endif
+
+LDADD          = $(INTLLIBS) \
+		 $(LIBTCB) \
+		 $(top_builddir)/libmisc/libmisc.a \
+		 $(top_builddir)/lib/libshadow.la
+
+if ACCT_TOOLS_SETUID
+LIBPAM_SUID  = $(LIBPAM)
+else
+LIBPAM_SUID  =
+endif
+
+if USE_PAM
+LIBCRYPT_NOPAM =
+else
+LIBCRYPT_NOPAM = $(LIBCRYPT)
+endif
+
+chage_LDADD    = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
+newuidmap_LDADD    = $(LDADD) $(LIBSELINUX)
+newgidmap_LDADD    = $(LDADD) $(LIBSELINUX)
+chfn_LDADD     = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
+chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBCRYPT)
+chsh_LDADD     = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
+chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT)
+gpasswd_LDADD  = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT)
+groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
+groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
+groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX)
+groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
+grpck_LDADD    = $(LDADD) $(LIBSELINUX)
+grpconv_LDADD  = $(LDADD) $(LIBSELINUX)
+grpunconv_LDADD = $(LDADD) $(LIBSELINUX)
+lastlog_LDADD   = $(LDADD) $(LIBAUDIT)
+login_SOURCES  = \
+	login.c \
+	login_nopam.c
+login_LDADD    = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
+newgrp_LDADD   = $(LDADD) $(LIBAUDIT) $(LIBCRYPT)
+newusers_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT)
+nologin_LDADD  =
+passwd_LDADD   = $(LDADD) $(LIBPAM) $(LIBCRACK) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM)
+pwck_LDADD     = $(LDADD) $(LIBSELINUX)
+pwconv_LDADD   = $(LDADD) $(LIBSELINUX)
+pwunconv_LDADD = $(LDADD) $(LIBSELINUX)
+su_SOURCES     = \
+	su.c \
+	suauth.c
+su_LDADD       = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
+sulogin_LDADD  = $(LDADD) $(LIBCRYPT)
+useradd_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR)
+userdel_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE)
+usermod_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR)
+vipw_LDADD     = $(LDADD) $(LIBSELINUX)
+
+install-am: all-am
+	$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+	ln -sf newgrp	$(DESTDIR)$(ubindir)/sg
+	ln -sf vipw	$(DESTDIR)$(usbindir)/vigr
+	for i in $(suidbins); do \
+		chmod $(suidperms) $(DESTDIR)$(bindir)/$$i; \
+	done
+	for i in $(suidubins); do \
+		chmod $(suidperms) $(DESTDIR)$(ubindir)/$$i; \
+	done
+if WITH_TCB
+	for i in $(shadowsgidubins); do \
+		chown root:shadow $(DESTDIR)$(ubindir)/$$i; \
+		chmod $(sgidperms) $(DESTDIR)$(ubindir)/$$i; \
+	done
+endif
diff --git a/src/chage.c b/src/chage.c
new file mode 100644
index 0000000..617e90f
--- /dev/null
+++ b/src/chage.c
@@ -0,0 +1,948 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <ctype.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <time.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+#include <pwd.h>
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#include <selinux/av_permissions.h>
+#endif
+#include "prototypes.h"
+#include "defines.h"
+#include "pwio.h"
+#include "shadowio.h"
+#ifdef WITH_TCB
+#include "tcbfuncs.h"
+#endif
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool
+    dflg = false,		/* set last password change date */
+    Eflg = false,		/* set account expiration date */
+    Iflg = false,		/* set password inactive after expiration */
+    lflg = false,		/* show account aging information */
+    mflg = false,		/* set minimum number of days before password change */
+    Mflg = false,		/* set maximum number of days before password change */
+    Wflg = false;		/* set expiration warning days */
+static bool amroot = false;
+
+static bool pw_locked  = false;	/* Indicate if the password file is locked */
+static bool spw_locked = false;	/* Indicate if the shadow file is locked */
+/* The name and UID of the user being worked on */
+static char user_name[BUFSIZ] = "";
+static uid_t user_uid = -1;
+
+static long mindays;
+static long maxdays;
+static long lstchgdate;
+static long warndays;
+static long inactdays;
+static long expdate;
+
+/* local function prototypes */
+static /*@noreturn@*/void usage (int status);
+static void date_to_str (char *buf, size_t maxsize, time_t date);
+static int new_fields (void);
+static void print_date (time_t date);
+static void list_fields (void);
+static void process_flags (int argc, char **argv);
+static void check_flags (int argc, int opt_index);
+static void check_perms (void);
+static void open_files (bool readonly);
+static void close_files (void);
+static /*@noreturn@*/void fail_exit (int code);
+
+/*
+ * fail_exit - do some cleanup and exit with the given error code
+ */
+static /*@noreturn@*/void fail_exit (int code)
+{
+	if (spw_locked) {
+		if (spw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+			/* continue */
+		}
+	}
+	if (pw_locked) {
+		if (pw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+			/* continue */
+		}
+	}
+	closelog ();
+
+#ifdef WITH_AUDIT
+	if (E_SUCCESS != code) {
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              "change age",
+		              user_name, (unsigned int) user_uid, 0);
+	}
+#endif
+
+	exit (code);
+}
+
+/*
+ * usage - print command line syntax and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options] LOGIN\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -d, --lastday LAST_DAY        set date of last password change to LAST_DAY\n"), usageout);
+	(void) fputs (_("  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"), usageout);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -I, --inactive INACTIVE       set password inactive after expiration\n"
+	                "                                to INACTIVE\n"), usageout);
+	(void) fputs (_("  -l, --list                    show account aging information\n"), usageout);
+	(void) fputs (_("  -m, --mindays MIN_DAYS        set minimum number of days before password\n"
+	                "                                change to MIN_DAYS\n"), usageout);
+	(void) fputs (_("  -M, --maxdays MAX_DAYS        set maximim number of days before password\n"
+	                "                                change to MAX_DAYS\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs (_("  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"), usageout);
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+static void date_to_str (char *buf, size_t maxsize, time_t date)
+{
+	struct tm *tp;
+
+	tp = gmtime (&date);
+#ifdef HAVE_STRFTIME
+	(void) strftime (buf, maxsize, "%Y-%m-%d", tp);
+#else
+	(void) snprintf (buf, maxsize, "%04d-%02d-%02d",
+	                 tp->tm_year + 1900, tp->tm_mon + 1, tp->tm_mday);
+#endif				/* HAVE_STRFTIME */
+}
+
+/*
+ * new_fields - change the user's password aging information interactively.
+ *
+ * prompt the user for all of the password age values. set the fields
+ * from the user's response, or leave alone if nothing was entered. The
+ * value (-1) is used to indicate the field should be removed if possible.
+ * any other negative value is an error. very large positive values will
+ * be handled elsewhere.
+ */
+static int new_fields (void)
+{
+	char buf[200];
+
+	(void) puts (_("Enter the new value, or press ENTER for the default"));
+	(void) puts ("");
+
+	(void) snprintf (buf, sizeof buf, "%ld", mindays);
+	change_field (buf, sizeof buf, _("Minimum Password Age"));
+	if (   (getlong (buf, &mindays) == 0)
+	    || (mindays < -1)) {
+		return 0;
+	}
+
+	(void) snprintf (buf, sizeof buf, "%ld", maxdays);
+	change_field (buf, sizeof buf, _("Maximum Password Age"));
+	if (   (getlong (buf, &maxdays) == 0)
+	    || (maxdays < -1)) {
+		return 0;
+	}
+
+	if (-1 == lstchgdate) {
+		strcpy (buf, "-1");
+	} else {
+		date_to_str (buf, sizeof buf, (time_t) lstchgdate * SCALE);
+	}
+
+	change_field (buf, sizeof buf, _("Last Password Change (YYYY-MM-DD)"));
+
+	if (strcmp (buf, "-1") == 0) {
+		lstchgdate = -1;
+	} else {
+		lstchgdate = strtoday (buf);
+		if (lstchgdate <= -1) {
+			return 0;
+		}
+	}
+
+	(void) snprintf (buf, sizeof buf, "%ld", warndays);
+	change_field (buf, sizeof buf, _("Password Expiration Warning"));
+	if (   (getlong (buf, &warndays) == 0)
+	    || (warndays < -1)) {
+		return 0;
+	}
+
+	(void) snprintf (buf, sizeof buf, "%ld", inactdays);
+	change_field (buf, sizeof buf, _("Password Inactive"));
+	if (   (getlong (buf, &inactdays) == 0)
+	    || (inactdays < -1)) {
+		return 0;
+	}
+
+	if (-1 == expdate) {
+		strcpy (buf, "-1");
+	} else {
+		date_to_str (buf, sizeof buf, (time_t) expdate * SCALE);
+	}
+
+	change_field (buf, sizeof buf,
+	              _("Account Expiration Date (YYYY-MM-DD)"));
+
+	if (strcmp (buf, "-1") == 0) {
+		expdate = -1;
+	} else {
+		expdate = strtoday (buf);
+		if (expdate <= -1) {
+			return 0;
+		}
+	}
+
+	return 1;
+}
+
+static void print_date (time_t date)
+{
+#ifdef HAVE_STRFTIME
+	struct tm *tp;
+	char buf[80];
+
+	tp = gmtime (&date);
+	if (NULL == tp) {
+		(void) printf ("time_t: %lu\n", (unsigned long)date);
+	} else {
+		(void) strftime (buf, sizeof buf, "%b %d, %Y", tp);
+		(void) puts (buf);
+	}
+#else
+	struct tm *tp;
+	char *cp = NULL;
+
+	tp = gmtime (&date);
+	if (NULL != tp) {
+		cp = asctime (tp);
+	}
+	if (NULL != cp) {
+		(void) printf ("%6.6s, %4.4s\n", cp + 4, cp + 20);
+	} else {
+		(void) printf ("time_t: %lu\n", date);
+	}
+#endif
+}
+
+/*
+ * list_fields - display the current values of the expiration fields
+ *
+ * display the password age information from the password fields. Date
+ * values will be displayed as a calendar date, or the word "never" if
+ * the date is 1/1/70, which is day number 0.
+ */
+static void list_fields (void)
+{
+	long changed = 0;
+	long expires;
+
+	/*
+	 * The "last change" date is either "never" or the date the password
+	 * was last modified. The date is the number of days since 1/1/1970.
+	 */
+	(void) fputs (_("Last password change\t\t\t\t\t: "), stdout);
+	if (lstchgdate < 0) {
+		(void) puts (_("never"));
+	} else if (lstchgdate == 0) {
+		(void) puts (_("password must be changed"));
+	} else {
+		changed = lstchgdate * SCALE;
+		print_date ((time_t) changed);
+	}
+
+	/*
+	 * The password expiration date is determined from the last change
+	 * date plus the number of days the password is valid for.
+	 */
+	(void) fputs (_("Password expires\t\t\t\t\t: "), stdout);
+	if (lstchgdate == 0) {
+		(void) puts (_("password must be changed"));
+	} else if (   (lstchgdate < 0)
+	           || (maxdays >= (10000 * (DAY / SCALE)))
+	           || (maxdays < 0)) {
+		(void) puts (_("never"));
+	} else {
+		expires = changed + maxdays * SCALE;
+		print_date ((time_t) expires);
+	}
+
+	/*
+	 * The account becomes inactive if the password is expired for more
+	 * than "inactdays". The expiration date is calculated and the
+	 * number of inactive days is added. The resulting date is when the
+	 * active will be disabled.
+	 */
+	(void) fputs (_("Password inactive\t\t\t\t\t: "), stdout);
+	if (lstchgdate == 0) {
+		(void) puts (_("password must be changed"));
+	} else if (   (lstchgdate < 0)
+	           || (inactdays < 0)
+	           || (maxdays >= (10000 * (DAY / SCALE)))
+	           || (maxdays < 0)) {
+		(void) puts (_("never"));
+	} else {
+		expires = changed + (maxdays + inactdays) * SCALE;
+		print_date ((time_t) expires);
+	}
+
+	/*
+	 * The account will expire on the given date regardless of the
+	 * password expiring or not.
+	 */
+	(void) fputs (_("Account expires\t\t\t\t\t\t: "), stdout);
+	if (expdate < 0) {
+		(void) puts (_("never"));
+	} else {
+		expires = expdate * SCALE;
+		print_date ((time_t) expires);
+	}
+
+	/*
+	 * Start with the easy numbers - the number of days before the
+	 * password can be changed, the number of days after which the
+	 * password must be chaged, the number of days before the password
+	 * expires that the user is told, and the number of days after the
+	 * password expires that the account becomes unusable.
+	 */
+	printf (_("Minimum number of days between password change\t\t: %ld\n"),
+	        mindays);
+	printf (_("Maximum number of days between password change\t\t: %ld\n"),
+	        maxdays);
+	printf (_("Number of days of warning before password expires\t: %ld\n"),
+	        warndays);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ *	It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+	/*
+	 * Parse the command line options.
+	 */
+	int c;
+	static struct option long_options[] = {
+		{"lastday",    required_argument, NULL, 'd'},
+		{"expiredate", required_argument, NULL, 'E'},
+		{"help",       no_argument,       NULL, 'h'},
+		{"inactive",   required_argument, NULL, 'I'},
+		{"list",       no_argument,       NULL, 'l'},
+		{"mindays",    required_argument, NULL, 'm'},
+		{"maxdays",    required_argument, NULL, 'M'},
+		{"root",       required_argument, NULL, 'R'},
+		{"warndays",   required_argument, NULL, 'W'},
+		{NULL, 0, NULL, '\0'}
+	};
+
+	while ((c = getopt_long (argc, argv, "d:E:hI:lm:M:R:W:",
+	                         long_options, NULL)) != -1) {
+		switch (c) {
+		case 'd':
+			dflg = true;
+			lstchgdate = strtoday (optarg);
+			if (lstchgdate < -1) {
+				fprintf (stderr,
+				         _("%s: invalid date '%s'\n"),
+				         Prog, optarg);
+				usage (E_USAGE);
+			}
+			break;
+		case 'E':
+			Eflg = true;
+			expdate = strtoday (optarg);
+			if (expdate < -1) {
+				fprintf (stderr,
+				         _("%s: invalid date '%s'\n"),
+				         Prog, optarg);
+				usage (E_USAGE);
+			}
+			break;
+		case 'h':
+			usage (E_SUCCESS);
+			/*@notreached@*/break;
+		case 'I':
+			Iflg = true;
+			if (   (getlong (optarg, &inactdays) == 0)
+			    || (inactdays < -1)) {
+				fprintf (stderr,
+				         _("%s: invalid numeric argument '%s'\n"),
+				         Prog, optarg);
+				usage (E_USAGE);
+			}
+			break;
+		case 'l':
+			lflg = true;
+			break;
+		case 'm':
+			mflg = true;
+			if (   (getlong (optarg, &mindays) == 0)
+			    || (mindays < -1)) {
+				fprintf (stderr,
+				         _("%s: invalid numeric argument '%s'\n"),
+				         Prog, optarg);
+				usage (E_USAGE);
+			}
+			break;
+		case 'M':
+			Mflg = true;
+			if (   (getlong (optarg, &maxdays) == 0)
+			    || (maxdays < -1)) {
+				fprintf (stderr,
+				         _("%s: invalid numeric argument '%s'\n"),
+				         Prog, optarg);
+				usage (E_USAGE);
+			}
+			break;
+		case 'R': /* no-op, handled in process_root_flag () */
+			break;
+		case 'W':
+			Wflg = true;
+			if (   (getlong (optarg, &warndays) == 0)
+			    || (warndays < -1)) {
+				fprintf (stderr,
+				         _("%s: invalid numeric argument '%s'\n"),
+				         Prog, optarg);
+				usage (E_USAGE);
+			}
+			break;
+		default:
+			usage (E_USAGE);
+		}
+	}
+
+	check_flags (argc, optind);
+}
+
+/*
+ * check_flags - check flags and parameters consistency
+ *
+ *	It will not return if an error is encountered.
+ */
+static void check_flags (int argc, int opt_index)
+{
+	/*
+	 * Make certain the flags do not conflict and that there is a user
+	 * name on the command line.
+	 */
+
+	if (argc != opt_index + 1) {
+		usage (E_USAGE);
+	}
+
+	if (lflg && (mflg || Mflg || dflg || Wflg || Iflg || Eflg)) {
+		fprintf (stderr,
+		         _("%s: do not include \"l\" with other flags\n"),
+		         Prog);
+		usage (E_USAGE);
+	}
+}
+
+/*
+ * check_perms - check if the caller is allowed to add a group
+ *
+ *	Non-root users are only allowed to display their aging information.
+ *	(we will later make sure that the user is only listing her aging
+ *	information)
+ *
+ *	With PAM support, the setuid bit can be set on chage to allow
+ *	non-root users to groups.
+ *	Without PAM support, only users who can write in the group databases
+ *	can add groups.
+ *
+ *	It will not return if the user is not allowed.
+ */
+static void check_perms (void)
+{
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+	pam_handle_t *pamh = NULL;
+	struct passwd *pampw;
+	int retval;
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+
+	/*
+	 * An unprivileged user can ask for their own aging information, but
+	 * only root can change it, or list another user's aging
+	 * information.
+	 */
+
+	if (!amroot && !lflg) {
+		fprintf (stderr, _("%s: Permission denied.\n"), Prog);
+		fail_exit (E_NOPERM);
+	}
+
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+	pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+	if (NULL == pampw) {
+		fprintf (stderr,
+		         _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		exit (E_NOPERM);
+	}
+
+	retval = pam_start ("chage", pampw->pw_name, &conv, &pamh);
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_authenticate (pamh, 0);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_acct_mgmt (pamh, 0);
+	}
+
+	if (PAM_SUCCESS != retval) {
+		fprintf (stderr, _("%s: PAM: %s\n"),
+		         Prog, pam_strerror (pamh, retval));
+		SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+		if (NULL != pamh) {
+			(void) pam_end (pamh, retval);
+		}
+		fail_exit (E_NOPERM);
+	}
+	(void) pam_end (pamh, retval);
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+}
+
+/*
+ * open_files - open the shadow database
+ *
+ *	In read-only mode, the databases are not locked and are opened
+ *	only for reading.
+ */
+static void open_files (bool readonly)
+{
+	/*
+	 * Lock and open the password file. This loads all of the password
+	 * file entries into memory. Then we get a pointer to the password
+	 * file entry for the requested user.
+	 */
+	if (!readonly) {
+		if (pw_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, pw_dbname ());
+			fail_exit (E_NOPERM);
+		}
+		pw_locked = true;
+	}
+	if (pw_open (readonly ? O_RDONLY: O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ()));
+		fail_exit (E_NOPERM);
+	}
+
+	/*
+	 * For shadow password files we have to lock the file and read in
+	 * the entries as was done for the password file. The user entries
+	 * does not have to exist in this case; a new entry will be created
+	 * for this user if one does not exist already.
+	 */
+	if (!readonly) {
+		if (spw_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, spw_dbname ());
+			fail_exit (E_NOPERM);
+		}
+		spw_locked = true;
+	}
+	if (spw_open (readonly ? O_RDONLY: O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot open %s\n"), Prog, spw_dbname ());
+		SYSLOG ((LOG_WARN, "cannot open %s", spw_dbname ()));
+		fail_exit (E_NOPERM);
+	}
+}
+
+/*
+ * close_files - close and unlock the password/shadow databases
+ */
+static void close_files (void)
+{
+	/*
+	 * Now close the shadow password file, which will cause all of the
+	 * entries to be re-written.
+	 */
+	if (spw_close () == 0) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"), Prog, spw_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
+		fail_exit (E_NOPERM);
+	}
+
+	/*
+	 * Close the password file. If any entries were modified, the file
+	 * will be re-written.
+	 */
+	if (pw_close () == 0) {
+		fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+		fail_exit (E_NOPERM);
+	}
+	if (spw_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+		/* continue */
+	}
+	spw_locked = false;
+	if (pw_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+		/* continue */
+	}
+	pw_locked = false;
+}
+
+/*
+ * update_age - update the aging information in the database
+ *
+ *	It will not return in case of error
+ */
+static void update_age (/*@null@*/const struct spwd *sp,
+                        /*@notnull@*/const struct passwd *pw)
+{
+	struct spwd spwent;
+
+	/*
+	 * There was no shadow entry. The new entry will have the encrypted
+	 * password transferred from the normal password file along with the
+	 * aging information.
+	 */
+	if (NULL == sp) {
+		struct passwd pwent = *pw;
+
+		memzero (&spwent, sizeof spwent);
+		spwent.sp_namp = xstrdup (pwent.pw_name);
+		spwent.sp_pwdp = xstrdup (pwent.pw_passwd);
+		spwent.sp_flag = SHADOW_SP_FLAG_UNSET;
+
+		pwent.pw_passwd = SHADOW_PASSWD_STRING;	/* XXX warning: const */
+		if (pw_update (&pwent) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"), Prog, pw_dbname (), pwent.pw_name);
+			fail_exit (E_NOPERM);
+		}
+	} else {
+		spwent.sp_namp = xstrdup (sp->sp_namp);
+		spwent.sp_pwdp = xstrdup (sp->sp_pwdp);
+		spwent.sp_flag = sp->sp_flag;
+	}
+
+	/*
+	 * Copy the fields back to the shadow file entry and write the
+	 * modified entry back to the shadow file. Closing the shadow and
+	 * password files will commit any changes that have been made.
+	 */
+	spwent.sp_max = maxdays;
+	spwent.sp_min = mindays;
+	spwent.sp_lstchg = lstchgdate;
+	spwent.sp_warn = warndays;
+	spwent.sp_inact = inactdays;
+	spwent.sp_expire = expdate;
+
+	if (spw_update (&spwent) == 0) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry '%s'\n"), Prog, spw_dbname (), spwent.sp_namp);
+		fail_exit (E_NOPERM);
+	}
+
+}
+
+/*
+ * get_defaults - get the value of the fields not set from the command line
+ */
+static void get_defaults (/*@null@*/const struct spwd *sp)
+{
+	/*
+	 * Set the fields that aren't being set from the command line from
+	 * the password file.
+	 */
+	if (NULL != sp) {
+		if (!Mflg) {
+			maxdays = sp->sp_max;
+		}
+		if (!mflg) {
+			mindays = sp->sp_min;
+		}
+		if (!dflg) {
+			lstchgdate = sp->sp_lstchg;
+		}
+		if (!Wflg) {
+			warndays = sp->sp_warn;
+		}
+		if (!Iflg) {
+			inactdays = sp->sp_inact;
+		}
+		if (!Eflg) {
+			expdate = sp->sp_expire;
+		}
+	} else {
+		/*
+		 * Use default values that will not change the behavior of the
+		 * account.
+		 */
+		if (!Mflg) {
+			maxdays = -1;
+		}
+		if (!mflg) {
+			mindays = -1;
+		}
+		if (!dflg) {
+			lstchgdate = -1;
+		}
+		if (!Wflg) {
+			warndays = -1;
+		}
+		if (!Iflg) {
+			inactdays = -1;
+		}
+		if (!Eflg) {
+			expdate = -1;
+		}
+	}
+}
+
+/*
+ * chage - change a user's password aging information
+ *
+ *	This command controls the password aging information.
+ *
+ *	The valid options are
+ *
+ *	-d	set last password change date (*)
+ *	-E	set account expiration date (*)
+ *	-I	set password inactive after expiration (*)
+ *	-l	show account aging information
+ *	-M	set maximim number of days before password change (*)
+ *	-m	set minimum number of days before password change (*)
+ *	-W	set expiration warning days (*)
+ *
+ *	(*) requires root permission to execute.
+ *
+ *	All of the time fields are entered in the internal format which is
+ *	either seconds or days.
+ */
+
+int main (int argc, char **argv)
+{
+	const struct spwd *sp;
+	uid_t ruid;
+	gid_t rgid;
+	const struct passwd *pw;
+
+	/*
+	 * Get the program name so that error messages can use it.
+	 */
+	Prog = Basename (argv[0]);
+
+	sanitize_env ();
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+#ifdef WITH_AUDIT
+	audit_help_open ();
+#endif
+	OPENLOG ("chage");
+
+	ruid = getuid ();
+	rgid = getgid ();
+	amroot = (ruid == 0);
+#ifdef WITH_SELINUX
+	if (amroot && (is_selinux_enabled () > 0)) {
+		amroot = (selinux_check_passwd_access (PASSWD__ROOTOK) == 0);
+	}
+#endif
+
+	process_flags (argc, argv);
+
+	check_perms ();
+
+	if (!spw_file_present ()) {
+		fprintf (stderr,
+		         _("%s: the shadow password file is not present\n"),
+		         Prog);
+		SYSLOG ((LOG_WARN, "can't find the shadow password file"));
+		closelog ();
+		exit (E_SHADOW_NOTFOUND);
+	}
+
+	open_files (lflg);
+	/* Drop privileges */
+	if (lflg && (   (setregid (rgid, rgid) != 0)
+	             || (setreuid (ruid, ruid) != 0))) {
+		fprintf (stderr, _("%s: failed to drop privileges (%s)\n"),
+		         Prog, strerror (errno));
+		fail_exit (E_NOPERM);
+	}
+
+	pw = pw_locate (argv[optind]);
+	if (NULL == pw) {
+		fprintf (stderr, _("%s: user '%s' does not exist in %s\n"),
+		         Prog, argv[optind], pw_dbname ());
+		closelog ();
+		fail_exit (E_NOPERM);
+	}
+
+	STRFCPY (user_name, pw->pw_name);
+#ifdef WITH_TCB
+	if (shadowtcb_set_user (pw->pw_name) == SHADOWTCB_FAILURE) {
+		fail_exit (E_NOPERM);
+	}
+#endif
+	user_uid = pw->pw_uid;
+
+	sp = spw_locate (argv[optind]);
+	get_defaults (sp);
+
+	/*
+	 * Print out the expiration fields if the user has requested the
+	 * list option.
+	 */
+	if (lflg) {
+		if (!amroot && (ruid != user_uid)) {
+			fprintf (stderr, _("%s: Permission denied.\n"), Prog);
+			fail_exit (E_NOPERM);
+		}
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              "display aging info",
+		              user_name, (unsigned int) user_uid, 1);
+#endif
+		list_fields ();
+		fail_exit (E_SUCCESS);
+	}
+
+	/*
+	 * If none of the fields were changed from the command line, let the
+	 * user interactively change them.
+	 */
+	if (!mflg && !Mflg && !dflg && !Wflg && !Iflg && !Eflg) {
+		printf (_("Changing the aging information for %s\n"),
+		        user_name);
+		if (new_fields () == 0) {
+			fprintf (stderr, _("%s: error changing fields\n"),
+			         Prog);
+			fail_exit (E_NOPERM);
+		}
+#ifdef WITH_AUDIT
+		else {
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			              "change all aging information",
+			              user_name, (unsigned int) user_uid, 1);
+		}
+#endif
+	} else {
+#ifdef WITH_AUDIT
+		if (Mflg) {
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			              "change max age",
+			              user_name, (unsigned int) user_uid, 1);
+		}
+		if (mflg) {
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			              "change min age",
+			              user_name, (unsigned int) user_uid, 1);
+		}
+		if (dflg) {
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			              "change last change date",
+			              user_name, (unsigned int) user_uid, 1);
+		}
+		if (Wflg) {
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			              "change passwd warning",
+			              user_name, (unsigned int) user_uid, 1);
+		}
+		if (Iflg) {
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			              "change inactive days",
+			              user_name, (unsigned int) user_uid, 1);
+		}
+		if (Eflg) {
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			              "change passwd expiration",
+			              user_name, (unsigned int) user_uid, 1);
+		}
+#endif
+	}
+
+	update_age (sp, pw);
+
+	close_files ();
+
+	SYSLOG ((LOG_INFO, "changed password expiry for %s", user_name));
+
+	closelog ();
+	exit (E_SUCCESS);
+}
+
diff --git a/src/chfn.c b/src/chfn.c
new file mode 100644
index 0000000..18aa3de
--- /dev/null
+++ b/src/chfn.c
@@ -0,0 +1,753 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <pwd.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <getopt.h>
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#include <selinux/av_permissions.h>
+#endif
+#include "defines.h"
+#include "getdef.h"
+#include "nscd.h"
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif
+#include "prototypes.h"
+#include "pwauth.h"
+#include "pwio.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables.
+ */
+const char *Prog;
+static char fullnm[BUFSIZ];
+static char roomno[BUFSIZ];
+static char workph[BUFSIZ];
+static char homeph[BUFSIZ];
+static char slop[BUFSIZ];
+static bool amroot;
+/* Flags */
+static bool fflg = false;		/* -f - set full name                */
+static bool rflg = false;		/* -r - set room number              */
+static bool wflg = false;		/* -w - set work phone number        */
+static bool hflg = false;		/* -h - set home phone number        */
+static bool oflg = false;		/* -o - set other information        */
+static bool pw_locked = false;
+
+/*
+ * External identifiers
+ */
+
+/* local function prototypes */
+static void fail_exit (int code);
+static /*@noreturn@*/void usage (int status);
+static bool may_change_field (int);
+static void new_fields (void);
+static char *copy_field (char *, char *, char *);
+static void process_flags (int argc, char **argv);
+static void check_perms (const struct passwd *pw);
+static void update_gecos (const char *user, char *gecos);
+static void get_old_fields (const char *gecos);
+
+/*
+ * fail_exit - exit with an error and do some cleanup
+ */
+static void fail_exit (int code)
+{
+	if (pw_locked) {
+		if (pw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+			/* continue */
+		}
+	}
+	pw_locked = false;
+
+	closelog ();
+
+	exit (code);
+}
+
+/*
+ * usage - print command line syntax and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options] [LOGIN]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -f, --full-name FULL_NAME     change user's full name\n"), usageout);
+	(void) fputs (_("  -h, --home-phone HOME_PHONE   change user's home phone number\n"), usageout);
+	(void) fputs (_("  -o, --other OTHER_INFO        change user's other GECOS information\n"), usageout);
+	(void) fputs (_("  -r, --room ROOM_NUMBER        change user's room number\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs (_("  -u, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -w, --work-phone WORK_PHONE   change user's office phone number\n"), usageout);
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+/*
+ * may_change_field - indicate if the user is allowed to change a given field
+ *                    of her gecos information
+ *
+ *	root can change any field.
+ *
+ *	field should be one of 'f', 'r', 'w', 'h'
+ *
+ *	Return true if the user can change the field and false otherwise.
+ */
+static bool may_change_field (int field)
+{
+	const char *cp;
+
+	/*
+	 * CHFN_RESTRICT can now specify exactly which fields may be changed
+	 * by regular users, by using any combination of the following
+	 * letters:
+	 *  f - full name
+	 *  r - room number
+	 *  w - work phone
+	 *  h - home phone
+	 *
+	 * This makes it possible to disallow changing the room number
+	 * information, for example - this feature was suggested by Maciej
+	 * 'Tycoon' Majchrowski.
+	 *
+	 * For backward compatibility, "yes" is equivalent to "rwh",
+	 * "no" is equivalent to "frwh". Only root can change anything
+	 * if the string is empty or not defined at all.
+	 */
+	if (amroot) {
+		return true;
+	}
+
+	cp = getdef_str ("CHFN_RESTRICT");
+	if (NULL == cp) {
+		cp = "";
+	} else if (strcmp (cp, "yes") == 0) {
+		cp = "rwh";
+	} else if (strcmp (cp, "no") == 0) {
+		cp = "frwh";
+	}
+
+	if (strchr (cp, field) != NULL) {
+		return true;
+	}
+
+	return false;
+}
+
+/*
+ * new_fields - change the user's GECOS information interactively
+ *
+ * prompt the user for each of the four fields and fill in the fields from
+ * the user's response, or leave alone if nothing was entered.
+ */
+static void new_fields (void)
+{
+	puts (_("Enter the new value, or press ENTER for the default"));
+
+	if (may_change_field ('f')) {
+		change_field (fullnm, sizeof fullnm, _("Full Name"));
+	} else {
+		printf (_("\t%s: %s\n"), _("Full Name"), fullnm);
+	}
+
+	if (may_change_field ('r')) {
+		change_field (roomno, sizeof roomno, _("Room Number"));
+	} else {
+		printf (_("\t%s: %s\n"), _("Room Number"), fullnm);
+	}
+
+	if (may_change_field ('w')) {
+		change_field (workph, sizeof workph, _("Work Phone"));
+	} else {
+		printf (_("\t%s: %s\n"), _("Work Phone"), fullnm);
+	}
+
+	if (may_change_field ('h')) {
+		change_field (homeph, sizeof homeph, _("Home Phone"));
+	} else {
+		printf (_("\t%s: %s\n"), _("Home Phone"), fullnm);
+	}
+
+	if (amroot) {
+		change_field (slop, sizeof slop, _("Other"));
+	}
+}
+
+/*
+ * copy_field - get the next field from the gecos field
+ *
+ * copy_field copies the next field from the gecos field, returning a
+ * pointer to the field which follows, or NULL if there are no more fields.
+ *
+ *	in - the current GECOS field
+ *	out - where to copy the field to
+ *	extra - fields with '=' get copied here
+ */
+static char *copy_field (char *in, char *out, char *extra)
+{
+	char *cp = NULL;
+
+	while (NULL != in) {
+		cp = strchr (in, ',');
+		if (NULL != cp) {
+			*cp++ = '\0';
+		}
+
+		if (strchr (in, '=') == NULL) {
+			break;
+		}
+
+		if (NULL != extra) {
+			if ('\0' != extra[0]) {
+				strcat (extra, ",");
+			}
+
+			strcat (extra, in);
+		}
+		in = cp;
+	}
+	if ((NULL != in) && (NULL != out)) {
+		strcpy (out, in);
+	}
+
+	return cp;
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ *	It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+	int c;		/* flag currently being processed    */
+	static struct option long_options[] = {
+		{"full-name",  required_argument, NULL, 'f'},
+		{"home-phone", required_argument, NULL, 'h'},
+		{"other",      required_argument, NULL, 'o'},
+		{"room",       required_argument, NULL, 'r'},
+		{"root",       required_argument, NULL, 'R'},
+		{"help",       no_argument,       NULL, 'u'},
+		{"work-phone", required_argument, NULL, 'w'},
+		{NULL, 0, NULL, '\0'}
+	};
+
+	/* 
+	 * The remaining arguments will be processed one by one and executed
+	 * by this command. The name is the last argument if it does not
+	 * begin with a "-", otherwise the name is determined from the
+	 * environment and must agree with the real UID. Also, the UID will
+	 * be checked for any commands which are restricted to root only.
+	 */
+	while ((c = getopt_long (argc, argv, "f:h:o:r:R:uw:",
+	                         long_options, NULL)) != -1) {
+		switch (c) {
+		case 'f':
+			if (!may_change_field ('f')) {
+				fprintf (stderr,
+				         _("%s: Permission denied.\n"), Prog);
+				exit (E_NOPERM);
+			}
+			fflg = true;
+			STRFCPY (fullnm, optarg);
+			break;
+		case 'h':
+			if (!may_change_field ('h')) {
+				fprintf (stderr,
+				         _("%s: Permission denied.\n"), Prog);
+				exit (E_NOPERM);
+			}
+			hflg = true;
+			STRFCPY (homeph, optarg);
+			break;
+		case 'o':
+			if (!amroot) {
+				fprintf (stderr,
+				         _("%s: Permission denied.\n"), Prog);
+				exit (E_NOPERM);
+			}
+			oflg = true;
+			STRFCPY (slop, optarg);
+			break;
+		case 'r':
+			if (!may_change_field ('r')) {
+				fprintf (stderr,
+				         _("%s: Permission denied.\n"), Prog);
+				exit (E_NOPERM);
+			}
+			rflg = true;
+			STRFCPY (roomno, optarg);
+			break;
+		case 'R': /* no-op, handled in process_root_flag () */
+			break;
+		case 'u':
+			usage (E_SUCCESS);
+			/*@notreached@*/break;
+		case 'w':
+			if (!may_change_field ('w')) {
+				fprintf (stderr,
+				         _("%s: Permission denied.\n"), Prog);
+				exit (E_NOPERM);
+			}
+			wflg = true;
+			STRFCPY (workph, optarg);
+			break;
+		default:
+			usage (E_USAGE);
+		}
+	}
+}
+
+/*
+ * check_perms - check if the caller is allowed to add a group
+ *
+ *	Non-root users are only allowed to change their gecos field.
+ *	(see also may_change_field())
+ *
+ *	Non-root users must be authenticated.
+ *
+ *	It will not return if the user is not allowed.
+ */
+static void check_perms (const struct passwd *pw)
+{
+#ifdef USE_PAM
+	pam_handle_t *pamh = NULL;
+	int retval;
+	struct passwd *pampw;
+#endif
+
+	/*
+	 * Non-privileged users are only allowed to change the gecos field
+	 * if the UID of the user matches the current real UID.
+	 */
+	if (!amroot && pw->pw_uid != getuid ()) {
+		fprintf (stderr, _("%s: Permission denied.\n"), Prog);
+		closelog ();
+		exit (E_NOPERM);
+	}
+#ifdef WITH_SELINUX
+	/*
+	 * If the UID of the user does not match the current real UID,
+	 * check if the change is allowed by SELinux policy.
+	 */
+	if ((pw->pw_uid != getuid ())
+	    && (is_selinux_enabled () > 0)
+	    && (selinux_check_passwd_access (PASSWD__CHFN) != 0)) {
+		fprintf (stderr, _("%s: Permission denied.\n"), Prog);
+		closelog ();
+		exit (E_NOPERM);
+	}
+#endif
+
+#ifndef USE_PAM
+	/*
+	 * Non-privileged users are optionally authenticated (must enter the
+	 * password of the user whose information is being changed) before
+	 * any changes can be made. Idea from util-linux chfn/chsh. 
+	 * --marekm
+	 */
+	if (!amroot && getdef_bool ("CHFN_AUTH")) {
+		passwd_check (pw->pw_name, pw->pw_passwd, "chfn");
+	}
+
+#else				/* !USE_PAM */
+	pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+	if (NULL == pampw) {
+		fprintf (stderr,
+		         _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		exit (E_NOPERM);
+	}
+
+	retval = pam_start ("chfn", pampw->pw_name, &conv, &pamh);
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_authenticate (pamh, 0);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_acct_mgmt (pamh, 0);
+	}
+
+	if (PAM_SUCCESS != retval) {
+		fprintf (stderr, _("%s: PAM: %s\n"),
+		         Prog, pam_strerror (pamh, retval));
+		SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+		if (NULL != pamh) {
+			(void) pam_end (pamh, retval);
+		}
+		exit (E_NOPERM);
+	}
+	(void) pam_end (pamh, retval);
+#endif				/* USE_PAM */
+}
+
+/*
+ * update_gecos - update the gecos fields in the password database
+ *
+ *	Commit the user's entry after changing her gecos field.
+ */
+static void update_gecos (const char *user, char *gecos)
+{
+	const struct passwd *pw;	/* The user's password file entry */
+	struct passwd pwent;		/* modified password file entry */
+
+	/*
+	 * Before going any further, raise the ulimit to prevent colliding
+	 * into a lowered ulimit, and set the real UID to root to protect
+	 * against unexpected signals. Any keyboard signals are set to be
+	 * ignored.
+	 */
+	if (setuid (0) != 0) {
+		fputs (_("Cannot change ID to root.\n"), stderr);
+		SYSLOG ((LOG_ERR, "can't setuid(0)"));
+		fail_exit (E_NOPERM);
+	}
+	pwd_init ();
+
+	/*
+	 * The passwd entry is now ready to be committed back to the
+	 * password file. Get a lock on the file and open it.
+	 */
+	if (pw_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, pw_dbname ());
+		fail_exit (E_NOPERM);
+	}
+	pw_locked = true;
+	if (pw_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot open %s\n"), Prog, pw_dbname ());
+		fail_exit (E_NOPERM);
+	}
+
+	/*
+	 * Get the entry to update using pw_locate() - we want the real one
+	 * from /etc/passwd, not the one from getpwnam() which could contain
+	 * the shadow password if (despite the warnings) someone enables
+	 * AUTOSHADOW (or SHADOW_COMPAT in libc).  --marekm
+	 */
+	pw = pw_locate (user);
+	if (NULL == pw) {
+		fprintf (stderr,
+		         _("%s: user '%s' does not exist in %s\n"),
+		         Prog, user, pw_dbname ());
+		fail_exit (E_NOPERM);
+	}
+
+	/*
+	 * Make a copy of the entry, then change the gecos field. The other
+	 * fields remain unchanged.
+	 */
+	pwent = *pw;
+	pwent.pw_gecos = gecos;
+
+	/*
+	 * Update the passwd file entry. If there is a DBM file, update that
+	 * entry as well.
+	 */
+	if (pw_update (&pwent) == 0) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry '%s'\n"),
+		         Prog, pw_dbname (), pwent.pw_name);
+		fail_exit (E_NOPERM);
+	}
+
+	/*
+	 * Changes have all been made, so commit them and unlock the file.
+	 */
+	if (pw_close () == 0) {
+		fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+		fail_exit (E_NOPERM);
+	}
+	if (pw_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+		/* continue */
+	}
+	pw_locked = false;
+}
+
+/*
+ * get_old_fields - parse the old gecos and use the old value for the fields
+ *                  which are not set on the command line
+ */
+static void get_old_fields (const char *gecos)
+{
+	char *cp;		/* temporary character pointer       */
+	char old_gecos[BUFSIZ];	/* buffer for old GECOS fields       */
+	STRFCPY (old_gecos, gecos);
+
+	/*
+	 * Now get the full name. It is the first comma separated field in
+	 * the GECOS field.
+	 */
+	cp = copy_field (old_gecos, fflg ? (char *) 0 : fullnm, slop);
+
+	/*
+	 * Now get the room number. It is the next comma separated field,
+	 * if there is indeed one.
+	 */
+	if (NULL != cp) {
+		cp = copy_field (cp, rflg ? (char *) 0 : roomno, slop);
+	}
+
+	/*
+	 * Now get the work phone number. It is the third field.
+	 */
+	if (NULL != cp) {
+		cp = copy_field (cp, wflg ? (char *) 0 : workph, slop);
+	}
+
+	/*
+	 * Now get the home phone number. It is the fourth field.
+	 */
+	if (NULL != cp) {
+		cp = copy_field (cp, hflg ? (char *) 0 : homeph, slop);
+	}
+
+	/*
+	 * Anything left over is "slop".
+	 */
+	if ((NULL != cp) && !oflg) {
+		if ('\0' != slop[0]) {
+			strcat (slop, ",");
+		}
+
+		strcat (slop, cp);
+	}
+}
+
+/*
+ * check_fields - check all of the fields for valid information
+ *
+ *	It will not return if a field is not valid.
+ */
+static void check_fields (void)
+{
+	int err;
+	err = valid_field (fullnm, ":,=\n");
+	if (err > 0) {
+		fprintf (stderr, _("%s: name with non-ASCII characters: '%s'\n"), Prog, fullnm);
+	} else if (err < 0) {
+		fprintf (stderr, _("%s: invalid name: '%s'\n"), Prog, fullnm);
+		fail_exit (E_NOPERM);
+	}
+	err = valid_field (roomno, ":,=\n");
+	if (err > 0) {
+		fprintf (stderr, _("%s: room number with non-ASCII characters: '%s'\n"), Prog, roomno);
+	} else if (err < 0) {
+		fprintf (stderr, _("%s: invalid room number: '%s'\n"),
+		         Prog, roomno);
+		fail_exit (E_NOPERM);
+	}
+	if (valid_field (workph, ":,=\n") != 0) {
+		fprintf (stderr, _("%s: invalid work phone: '%s'\n"),
+		         Prog, workph);
+		fail_exit (E_NOPERM);
+	}
+	if (valid_field (homeph, ":,=\n") != 0) {
+		fprintf (stderr, _("%s: invalid home phone: '%s'\n"),
+		         Prog, homeph);
+		fail_exit (E_NOPERM);
+	}
+	err = valid_field (slop, ":\n");
+	if (err > 0) {
+		fprintf (stderr, _("%s: '%s' contains non-ASCII characters\n"), Prog, slop);
+	} else if (err < 0) {
+		fprintf (stderr,
+		         _("%s: '%s' contains illegal characters\n"),
+		         Prog, slop);
+		fail_exit (E_NOPERM);
+	}
+}
+
+/*
+ * chfn - change a user's password file information
+ *
+ *	This command controls the GECOS field information in the password
+ *	file entry.
+ *
+ *	The valid options are
+ *
+ *	-f	full name
+ *	-r	room number
+ *	-w	work phone number
+ *	-h	home phone number
+ *	-o	other information (*)
+ *
+ *	(*) requires root permission to execute.
+ */
+int main (int argc, char **argv)
+{
+	const struct passwd *pw;	/* password file entry               */
+	char new_gecos[BUFSIZ];	/* buffer for new GECOS fields       */
+	char *user;
+
+	/*
+	 * Get the program name. The program name is used as a
+	 * prefix to most error messages.
+	 */
+	Prog = Basename (argv[0]);
+
+	sanitize_env ();
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	/*
+	 * This command behaves different for root and non-root
+	 * users.
+	 */
+	amroot = (getuid () == 0);
+
+	OPENLOG ("chfn");
+
+	/* parse the command line options */
+	process_flags (argc, argv);
+
+	/*
+	 * Get the name of the user to check. It is either the command line
+	 * name, or the name getlogin() returns.
+	 */
+	if (optind < argc) {
+		user = argv[optind];
+		pw = xgetpwnam (user);
+		if (NULL == pw) {
+			fprintf (stderr, _("%s: user '%s' does not exist\n"), Prog,
+			         user);
+			fail_exit (E_NOPERM);
+		}
+	} else {
+		pw = get_my_pwent ();
+		if (NULL == pw) {
+			fprintf (stderr,
+			         _("%s: Cannot determine your user name.\n"),
+			         Prog);
+			SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
+			         (unsigned long) getuid ()));
+			fail_exit (E_NOPERM);
+		}
+		user = xstrdup (pw->pw_name);
+	}
+
+#ifdef	USE_NIS
+	/*
+	 * Now we make sure this is a LOCAL password entry for this user ...
+	 */
+	if (__ispwNIS ()) {
+		char *nis_domain;
+		char *nis_master;
+
+		fprintf (stderr,
+		         _("%s: cannot change user '%s' on NIS client.\n"),
+		         Prog, user);
+
+		if (!yp_get_default_domain (&nis_domain) &&
+		    !yp_master (nis_domain, "passwd.byname", &nis_master)) {
+			fprintf (stderr,
+			         _
+			         ("%s: '%s' is the NIS master for this client.\n"),
+			         Prog, nis_master);
+		}
+		fail_exit (E_NOPERM);
+	}
+#endif
+
+	/* Check that the caller is allowed to change the gecos of the
+	 * specified user */
+	check_perms (pw);
+
+	/* If some fields were not set on the command line, load the value from
+	 * the old gecos fields. */
+	get_old_fields (pw->pw_gecos);
+
+	/*
+	 * If none of the fields were changed from the command line, let the
+	 * user interactively change them.
+	 */
+	if (!fflg && !rflg && !wflg && !hflg && !oflg) {
+		printf (_("Changing the user information for %s\n"), user);
+		new_fields ();
+	}
+
+	/*
+	 * Check all of the fields for valid information
+	 */
+	check_fields ();
+
+	/*
+	 * Build the new GECOS field by plastering all the pieces together,
+	 * if they will fit ...
+	 */
+	if ((strlen (fullnm) + strlen (roomno) + strlen (workph) +
+	     strlen (homeph) + strlen (slop)) > (unsigned int) 80) {
+		fprintf (stderr, _("%s: fields too long\n"), Prog);
+		fail_exit (E_NOPERM);
+	}
+	snprintf (new_gecos, sizeof new_gecos, "%s,%s,%s,%s%s%s",
+	          fullnm, roomno, workph, homeph,
+	          ('\0' != slop[0]) ? "," : "", slop);
+
+	/* Rewrite the user's gecos in the passwd file */
+	update_gecos (user, new_gecos);
+
+	SYSLOG ((LOG_INFO, "changed user '%s' information", user));
+
+	nscd_flush_cache ("passwd");
+
+	closelog ();
+	exit (E_SUCCESS);
+}
+
diff --git a/src/chgpasswd.c b/src/chgpasswd.c
new file mode 100644
index 0000000..13203a4
--- /dev/null
+++ b/src/chgpasswd.c
@@ -0,0 +1,587 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 2006       , Tomasz KÅ‚oczko
+ * Copyright (c) 2006       , Jonas Meurer
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <getopt.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+#include "defines.h"
+#include "nscd.h"
+#include "prototypes.h"
+#include "groupio.h"
+#ifdef	SHADOWGRP
+#include "sgroupio.h"
+#endif
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+static bool eflg   = false;
+static bool md5flg = false;
+#ifdef USE_SHA_CRYPT
+static bool sflg   = false;
+#endif
+
+static /*@null@*//*@observer@*/const char *crypt_method = NULL;
+#define cflg (NULL != crypt_method)
+#ifdef USE_SHA_CRYPT
+static long sha_rounds = 5000;
+#endif
+
+#ifdef SHADOWGRP
+static bool is_shadow_grp;
+static bool sgr_locked = false;
+#endif
+static bool gr_locked = false;
+
+/* local function prototypes */
+static void fail_exit (int code);
+static /*@noreturn@*/void usage (int status);
+static void process_flags (int argc, char **argv);
+static void check_flags (void);
+static void check_perms (void);
+static void open_files (void);
+static void close_files (void);
+
+/*
+ * fail_exit - exit with a failure code after unlocking the files
+ */
+static void fail_exit (int code)
+{
+	if (gr_locked) {
+		if (gr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+			/* continue */
+		}
+	}
+
+#ifdef	SHADOWGRP
+	if (sgr_locked) {
+		if (sgr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+			/* continue */
+		}
+	}
+#endif
+
+	exit (code);
+}
+
+/*
+ * usage - display usage message and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fprintf (usageout,
+	                _("  -c, --crypt-method METHOD     the crypt method (one of %s)\n"),
+#ifndef USE_SHA_CRYPT
+	                "NONE DES MD5"
+#else				/* USE_SHA_CRYPT */
+	                "NONE DES MD5 SHA256 SHA512"
+#endif				/* USE_SHA_CRYPT */
+	               );
+	(void) fputs (_("  -e, --encrypted               supplied passwords are encrypted\n"), usageout);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -m, --md5                     encrypt the clear text password using\n"
+	                "                                the MD5 algorithm\n"),
+	              usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+#ifdef USE_SHA_CRYPT
+	(void) fputs (_("  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+	                "                                crypt algorithms\n"),
+	              usageout);
+#endif				/* USE_SHA_CRYPT */
+	(void) fputs ("\n", usageout);
+
+	exit (status);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ *	It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+	int c;
+	static struct option long_options[] = {
+		{"crypt-method", required_argument, NULL, 'c'},
+		{"encrypted",    no_argument,       NULL, 'e'},
+		{"help",         no_argument,       NULL, 'h'},
+		{"md5",          no_argument,       NULL, 'm'},
+		{"root",         required_argument, NULL, 'R'},
+#ifdef USE_SHA_CRYPT
+		{"sha-rounds",   required_argument, NULL, 's'},
+#endif
+		{NULL, 0, NULL, '\0'}
+	};
+
+	while ((c = getopt_long (argc, argv,
+#ifdef USE_SHA_CRYPT
+	                         "c:ehmR:s:",
+#else
+	                         "c:ehmR:",
+#endif
+	                         long_options, NULL)) != -1) {
+		switch (c) {
+		case 'c':
+			crypt_method = optarg;
+			break;
+		case 'e':
+			eflg = true;
+			break;
+		case 'h':
+			usage (E_SUCCESS);
+			/*@notreached@*/break;
+		case 'm':
+			md5flg = true;
+			break;
+		case 'R': /* no-op, handled in process_root_flag () */
+			break;
+#ifdef USE_SHA_CRYPT
+		case 's':
+			sflg = true;
+			if (getlong(optarg, &sha_rounds) == 0) {
+				fprintf (stderr,
+				         _("%s: invalid numeric argument '%s'\n"),
+				         Prog, optarg);
+				usage (E_USAGE);
+			}
+			break;
+#endif
+		default:
+			usage (E_USAGE);
+			/*@notreached@*/break;
+		}
+	}
+
+	/* validate options */
+	check_flags ();
+}
+
+/*
+ * check_flags - check flags and parameters consistency
+ *
+ *	It will not return if an error is encountered.
+ */
+static void check_flags (void)
+{
+#ifdef USE_SHA_CRYPT
+	if (sflg && !cflg) {
+		fprintf (stderr,
+		         _("%s: %s flag is only allowed with the %s flag\n"),
+		         Prog, "-s", "-c");
+		usage (E_USAGE);
+	}
+#endif
+
+	if ((eflg && (md5flg || cflg)) ||
+	    (md5flg && cflg)) {
+		fprintf (stderr,
+		         _("%s: the -c, -e, and -m flags are exclusive\n"),
+		         Prog);
+		usage (E_USAGE);
+	}
+
+	if (cflg) {
+		if (   (0 != strcmp (crypt_method, "DES"))
+		    && (0 != strcmp (crypt_method, "MD5"))
+		    && (0 != strcmp (crypt_method, "NONE"))
+#ifdef USE_SHA_CRYPT
+		    && (0 != strcmp (crypt_method, "SHA256"))
+		    && (0 != strcmp (crypt_method, "SHA512"))
+#endif
+		    ) {
+			fprintf (stderr,
+			         _("%s: unsupported crypt method: %s\n"),
+			         Prog, crypt_method);
+			usage (E_USAGE);
+		}
+	}
+}
+
+/*
+ * check_perms - check if the caller is allowed to add a group
+ *
+ *	With PAM support, the setuid bit can be set on chgpasswd to allow
+ *	non-root users to groups.
+ *	Without PAM support, only users who can write in the group databases
+ *	can add groups.
+ *
+ *	It will not return if the user is not allowed.
+ */
+static void check_perms (void)
+{
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+	pam_handle_t *pamh = NULL;
+	int retval;
+	struct passwd *pampw;
+
+	pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+	if (NULL == pampw) {
+		fprintf (stderr,
+		         _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		exit (1);
+	}
+
+	retval = pam_start ("chgpasswd", pampw->pw_name, &conv, &pamh);
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_authenticate (pamh, 0);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_acct_mgmt (pamh, 0);
+	}
+
+	if (PAM_SUCCESS != retval) {
+		fprintf (stderr, _("%s: PAM: %s\n"),
+		         Prog, pam_strerror (pamh, retval));
+		SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+		if (NULL != pamh) {
+			(void) pam_end (pamh, retval);
+		}
+		exit (1);
+	}
+	(void) pam_end (pamh, retval);
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+}
+
+/*
+ * open_files - lock and open the group databases
+ */
+static void open_files (void)
+{
+	/*
+	 * Lock the group file and open it for reading and writing. This will
+	 * bring all of the entries into memory where they may be updated.
+	 */
+	if (gr_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, gr_dbname ());
+		fail_exit (1);
+	}
+	gr_locked = true;
+	if (gr_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot open %s\n"), Prog, gr_dbname ());
+		fail_exit (1);
+	}
+
+#ifdef SHADOWGRP
+	/* Do the same for the shadowed database, if it exist */
+	if (is_shadow_grp) {
+		if (sgr_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, sgr_dbname ());
+			fail_exit (1);
+		}
+		sgr_locked = true;
+		if (sgr_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr, _("%s: cannot open %s\n"),
+			         Prog, sgr_dbname ());
+			fail_exit (1);
+		}
+	}
+#endif
+}
+
+/*
+ * close_files - close and unlock the group databases
+ */
+static void close_files (void)
+{
+#ifdef SHADOWGRP
+	if (is_shadow_grp) {
+		if (sgr_close () == 0) {
+			fprintf (stderr,
+			         _("%s: failure while writing changes to %s\n"),
+			         Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
+			fail_exit (1);
+		}
+		if (sgr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+			/* continue */
+		}
+		sgr_locked = false;
+	}
+#endif
+
+	if (gr_close () == 0) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"),
+		         Prog, gr_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
+		fail_exit (1);
+	}
+	if (gr_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+		/* continue */
+	}
+	gr_locked = false;
+}
+
+int main (int argc, char **argv)
+{
+	char buf[BUFSIZ];
+	char *name;
+	char *newpwd;
+	char *cp;
+
+#ifdef	SHADOWGRP
+	const struct sgrp *sg;
+	struct sgrp newsg;
+#endif
+
+	const struct group *gr;
+	struct group newgr;
+	int errors = 0;
+	int line = 0;
+
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	process_flags (argc, argv);
+
+	OPENLOG ("chgpasswd");
+
+	check_perms ();
+
+#ifdef SHADOWGRP
+	is_shadow_grp = sgr_file_present ();
+#endif
+
+	open_files ();
+
+	/*
+	 * Read each line, separating the group name from the password. The
+	 * group entry for each group will be looked up in the appropriate
+	 * file (gshadow or group) and the password changed.
+	 */
+	while (fgets (buf, (int) sizeof buf, stdin) != (char *) 0) {
+		line++;
+		cp = strrchr (buf, '\n');
+		if (NULL != cp) {
+			*cp = '\0';
+		} else {
+			fprintf (stderr, _("%s: line %d: line too long\n"),
+			         Prog, line);
+			errors++;
+			continue;
+		}
+
+		/*
+		 * The group's name is the first field. It is separated from
+		 * the password with a ":" character which is replaced with a
+		 * NUL to give the new password. The new password will then
+		 * be encrypted in the normal fashion with a new salt
+		 * generated, unless the '-e' is given, in which case it is
+		 * assumed to already be encrypted.
+		 */
+
+		name = buf;
+		cp = strchr (name, ':');
+		if (NULL != cp) {
+			*cp = '\0';
+			cp++;
+		} else {
+			fprintf (stderr,
+			         _("%s: line %d: missing new password\n"),
+			         Prog, line);
+			errors++;
+			continue;
+		}
+		newpwd = cp;
+		if (   (!eflg)
+		    && (   (NULL == crypt_method)
+		        || (0 != strcmp (crypt_method, "NONE")))) {
+			void *arg = NULL;
+			const char *salt;
+			if (md5flg) {
+				crypt_method = "MD5";
+			}
+#ifdef USE_SHA_CRYPT
+			if (sflg) {
+				arg = &sha_rounds;
+			}
+#endif
+			salt = crypt_make_salt (crypt_method, arg);
+			cp = pw_encrypt (newpwd, salt);
+			if (NULL == cp) {
+				fprintf (stderr,
+				         _("%s: failed to crypt password with salt '%s': %s\n"),
+				         Prog, salt, strerror (errno));
+				fail_exit (1);
+			}
+		}
+
+		/*
+		 * Get the group file entry for this group. The group must
+		 * already exist.
+		 */
+		gr = gr_locate (name);
+		if (NULL == gr) {
+			fprintf (stderr,
+			         _("%s: line %d: group '%s' does not exist\n"), Prog,
+			         line, name);
+			errors++;
+			continue;
+		}
+#ifdef SHADOWGRP
+		if (is_shadow_grp) {
+			/* The gshadow entry should be updated if the
+			 * group entry has a password set to 'x'.
+			 * But on the other hand, if there is already both
+			 * a group and a gshadow password, it's preferable
+			 * to update both.
+			 */
+			sg = sgr_locate (name);
+
+			if (   (NULL == sg)
+			    && (strcmp (gr->gr_passwd,
+			                SHADOW_PASSWD_STRING) == 0)) {
+				static char *empty = NULL;
+				/* If the password is set to 'x' in
+				 * group, but there are no entries in
+				 * gshadow, create one.
+				 */
+				newsg.sg_name   = name;
+				/* newsg.sg_passwd = NULL; will be set later */
+				newsg.sg_adm    = &empty;
+				newsg.sg_mem    = dup_list (gr->gr_mem);
+				sg = &newsg;
+			}
+		} else {
+			sg = NULL;
+		}
+#endif
+
+		/*
+		 * The freshly encrypted new password is merged into the
+		 * group's entry.
+		 */
+#ifdef SHADOWGRP
+		if (NULL != sg) {
+			newsg = *sg;
+			newsg.sg_passwd = cp;
+		}
+		if (   (NULL == sg)
+		    || (strcmp (gr->gr_passwd, SHADOW_PASSWD_STRING) != 0))
+#endif
+		{
+			newgr = *gr;
+			newgr.gr_passwd = cp;
+		}
+
+		/* 
+		 * The updated group file entry is then put back and will
+		 * be written to the group file later, after all the
+		 * other entries have been updated as well.
+		 */
+#ifdef SHADOWGRP
+		if (NULL != sg) {
+			if (sgr_update (&newsg) == 0) {
+				fprintf (stderr,
+				         _("%s: line %d: failed to prepare the new %s entry '%s'\n"),
+				         Prog, line, sgr_dbname (), newsg.sg_name);
+				errors++;
+				continue;
+			}
+		}
+		if (   (NULL == sg)
+		    || (strcmp (gr->gr_passwd, SHADOW_PASSWD_STRING) != 0))
+#endif
+		{
+			if (gr_update (&newgr) == 0) {
+				fprintf (stderr,
+				         _("%s: line %d: failed to prepare the new %s entry '%s'\n"),
+				         Prog, line, gr_dbname (), newgr.gr_name);
+				errors++;
+				continue;
+			}
+		}
+	}
+
+	/*
+	 * Any detected errors will cause the entire set of changes to be
+	 * aborted. Unlocking the group file will cause all of the
+	 * changes to be ignored. Otherwise the file is closed, causing the
+	 * changes to be written out all at once, and then unlocked
+	 * afterwards.
+	 */
+	if (0 != errors) {
+		fprintf (stderr,
+		         _("%s: error detected, changes ignored\n"), Prog);
+		fail_exit (1);
+	}
+
+	close_files ();
+
+	nscd_flush_cache ("group");
+
+	return (0);
+}
+
diff --git a/src/chpasswd.c b/src/chpasswd.c
new file mode 100644
index 0000000..f985672
--- /dev/null
+++ b/src/chpasswd.c
@@ -0,0 +1,630 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <getopt.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif				/* USE_PAM */
+#include "defines.h"
+#include "nscd.h"
+#include "getdef.h"
+#include "prototypes.h"
+#include "pwio.h"
+#include "shadowio.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+static bool eflg   = false;
+static bool md5flg = false;
+#ifdef USE_SHA_CRYPT
+static bool sflg   = false;
+#endif				/* USE_SHA_CRYPT */
+
+static /*@null@*//*@observer@*/const char *crypt_method = NULL;
+#define cflg (NULL != crypt_method)
+#ifdef USE_SHA_CRYPT
+static long sha_rounds = 5000;
+#endif				/* USE_SHA_CRYPT */
+
+static bool is_shadow_pwd;
+static bool pw_locked = false;
+static bool spw_locked = false;
+
+/* local function prototypes */
+static void fail_exit (int code);
+static /*@noreturn@*/void usage (int status);
+static void process_flags (int argc, char **argv);
+static void check_flags (void);
+static void check_perms (void);
+static void open_files (void);
+static void close_files (void);
+
+/*
+ * fail_exit - exit with a failure code after unlocking the files
+ */
+static void fail_exit (int code)
+{
+	if (pw_locked) {
+		if (pw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+			/* continue */
+		}
+	}
+
+	if (spw_locked) {
+		if (spw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+			/* continue */
+		}
+	}
+
+	exit (code);
+}
+
+/*
+ * usage - display usage message and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fprintf (usageout,
+	                _("  -c, --crypt-method METHOD     the crypt method (one of %s)\n"),
+#ifndef USE_SHA_CRYPT
+	                "NONE DES MD5"
+#else				/* USE_SHA_CRYPT */
+	                "NONE DES MD5 SHA256 SHA512"
+#endif				/* USE_SHA_CRYPT */
+	               );
+	(void) fputs (_("  -e, --encrypted               supplied passwords are encrypted\n"), usageout);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -m, --md5                     encrypt the clear text password using\n"
+	                "                                the MD5 algorithm\n"),
+	              usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+#ifdef USE_SHA_CRYPT
+	(void) fputs (_("  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+	                "                                crypt algorithms\n"),
+	              usageout);
+#endif				/* USE_SHA_CRYPT */
+	(void) fputs ("\n", usageout);
+
+	exit (status);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ *	It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+	int c;
+	static struct option long_options[] = {
+		{"crypt-method", required_argument, NULL, 'c'},
+		{"encrypted",    no_argument,       NULL, 'e'},
+		{"help",         no_argument,       NULL, 'h'},
+		{"md5",          no_argument,       NULL, 'm'},
+		{"root",         required_argument, NULL, 'R'},
+#ifdef USE_SHA_CRYPT
+		{"sha-rounds",   required_argument, NULL, 's'},
+#endif				/* USE_SHA_CRYPT */
+		{NULL, 0, NULL, '\0'}
+	};
+
+	while ((c = getopt_long (argc, argv,
+#ifdef USE_SHA_CRYPT
+	                         "c:ehmR:s:",
+#else				/* !USE_SHA_CRYPT */
+	                         "c:ehmR:",
+#endif				/* !USE_SHA_CRYPT */
+	                         long_options, NULL)) != -1) {
+		switch (c) {
+		case 'c':
+			crypt_method = optarg;
+			break;
+		case 'e':
+			eflg = true;
+			break;
+		case 'h':
+			usage (E_SUCCESS);
+			/*@notreached@*/break;
+		case 'm':
+			md5flg = true;
+			break;
+		case 'R': /* no-op, handled in process_root_flag () */
+			break;
+#ifdef USE_SHA_CRYPT
+		case 's':
+			sflg = true;
+			if (getlong(optarg, &sha_rounds) == 0) {
+				fprintf (stderr,
+				         _("%s: invalid numeric argument '%s'\n"),
+				         Prog, optarg);
+				usage (E_USAGE);
+			}
+			break;
+#endif				/* USE_SHA_CRYPT */
+		default:
+			usage (E_USAGE);
+			/*@notreached@*/break;
+		}
+	}
+
+	/* validate options */
+	check_flags ();
+}
+
+/*
+ * check_flags - check flags and parameters consistency
+ *
+ *	It will not return if an error is encountered.
+ */
+static void check_flags (void)
+{
+#ifdef USE_SHA_CRYPT
+	if (sflg && !cflg) {
+		fprintf (stderr,
+		         _("%s: %s flag is only allowed with the %s flag\n"),
+		         Prog, "-s", "-c");
+		usage (E_USAGE);
+	}
+#endif
+
+	if ((eflg && (md5flg || cflg)) ||
+	    (md5flg && cflg)) {
+		fprintf (stderr,
+		         _("%s: the -c, -e, and -m flags are exclusive\n"),
+		         Prog);
+		usage (E_USAGE);
+	}
+
+	if (cflg) {
+		if (   (0 != strcmp (crypt_method, "DES"))
+		    && (0 != strcmp (crypt_method, "MD5"))
+		    && (0 != strcmp (crypt_method, "NONE"))
+#ifdef USE_SHA_CRYPT
+		    && (0 != strcmp (crypt_method, "SHA256"))
+		    && (0 != strcmp (crypt_method, "SHA512"))
+#endif				/* USE_SHA_CRYPT */
+		    ) {
+			fprintf (stderr,
+			         _("%s: unsupported crypt method: %s\n"),
+			         Prog, crypt_method);
+			usage (E_USAGE);
+		}
+	}
+}
+
+/*
+ * check_perms - check if the caller is allowed to add a group
+ *
+ *	With PAM support, the setuid bit can be set on chpasswd to allow
+ *	non-root users to groups.
+ *	Without PAM support, only users who can write in the group databases
+ *	can add groups.
+ *
+ *	It will not return if the user is not allowed.
+ */
+static void check_perms (void)
+{
+#ifdef USE_PAM
+#ifdef ACCT_TOOLS_SETUID
+	/* If chpasswd uses PAM and is SUID, check the permissions,
+	 * otherwise, the permissions are enforced by the access to the
+	 * passwd and shadow files.
+	 */
+	pam_handle_t *pamh = NULL;
+	int retval;
+	struct passwd *pampw;
+
+	pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+	if (NULL == pampw) {
+		fprintf (stderr,
+		         _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		exit (1);
+	}
+
+	retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh);
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_authenticate (pamh, 0);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_acct_mgmt (pamh, 0);
+	}
+
+	if (PAM_SUCCESS != retval) {
+		fprintf (stderr, _("%s: PAM: %s\n"),
+		         Prog, pam_strerror (pamh, retval));
+		SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+		if (NULL != pamh) {
+			(void) pam_end (pamh, retval);
+		}
+		exit (1);
+	}
+	(void) pam_end (pamh, retval);
+#endif				/* ACCT_TOOLS_SETUID */
+#endif				/* USE_PAM */
+}
+
+/*
+ * open_files - lock and open the password databases
+ */
+static void open_files (void)
+{
+	/*
+	 * Lock the password file and open it for reading and writing. This
+	 * will bring all of the entries into memory where they may be updated.
+	 */
+	if (pw_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, pw_dbname ());
+		fail_exit (1);
+	}
+	pw_locked = true;
+	if (pw_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot open %s\n"), Prog, pw_dbname ());
+		fail_exit (1);
+	}
+
+	/* Do the same for the shadowed database, if it exist */
+	if (is_shadow_pwd) {
+		if (spw_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, spw_dbname ());
+			fail_exit (1);
+		}
+		spw_locked = true;
+		if (spw_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, spw_dbname ());
+			fail_exit (1);
+		}
+	}
+}
+
+/*
+ * close_files - close and unlock the password databases
+ */
+static void close_files (void)
+{
+	if (is_shadow_pwd) {
+		if (spw_close () == 0) {
+			fprintf (stderr,
+			         _("%s: failure while writing changes to %s\n"),
+			         Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
+			fail_exit (1);
+		}
+		if (spw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+			/* continue */
+		}
+		spw_locked = false;
+	}
+
+	if (pw_close () == 0) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"),
+		         Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+		fail_exit (1);
+	}
+	if (pw_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+		/* continue */
+	}
+	pw_locked = false;
+}
+
+int main (int argc, char **argv)
+{
+	char buf[BUFSIZ];
+	char *name;
+	char *newpwd;
+	char *cp;
+
+#ifdef USE_PAM
+	bool use_pam = true;
+#endif				/* USE_PAM */
+
+	int errors = 0;
+	int line = 0;
+
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	process_flags (argc, argv);
+
+#ifdef USE_PAM
+	if (md5flg || eflg || cflg) {
+		use_pam = false;
+	}
+#endif				/* USE_PAM */
+
+	OPENLOG ("chpasswd");
+
+	check_perms ();
+
+#ifdef USE_PAM
+	if (!use_pam)
+#endif				/* USE_PAM */
+	{
+		is_shadow_pwd = spw_file_present ();
+
+		open_files ();
+	}
+
+	/*
+	 * Read each line, separating the user name from the password. The
+	 * password entry for each user will be looked up in the appropriate
+	 * file (shadow or passwd) and the password changed. For shadow
+	 * files the last change date is set directly, for passwd files the
+	 * last change date is set in the age only if aging information is
+	 * present.
+	 */
+	while (fgets (buf, (int) sizeof buf, stdin) != (char *) 0) {
+		line++;
+		cp = strrchr (buf, '\n');
+		if (NULL != cp) {
+			*cp = '\0';
+		} else {
+			if (feof (stdin) == 0) {
+				fprintf (stderr,
+				         _("%s: line %d: line too long\n"),
+				         Prog, line);
+				errors++;
+				continue;
+			}
+		}
+
+		/*
+		 * The username is the first field. It is separated from the
+		 * password with a ":" character which is replaced with a
+		 * NUL to give the new password. The new password will then
+		 * be encrypted in the normal fashion with a new salt
+		 * generated, unless the '-e' is given, in which case it is
+		 * assumed to already be encrypted.
+		 */
+
+		name = buf;
+		cp = strchr (name, ':');
+		if (NULL != cp) {
+			*cp = '\0';
+			cp++;
+		} else {
+			fprintf (stderr,
+			         _("%s: line %d: missing new password\n"),
+			         Prog, line);
+			errors++;
+			continue;
+		}
+		newpwd = cp;
+
+#ifdef USE_PAM
+		if (use_pam){
+			if (do_pam_passwd_non_interractive ("chpasswd", name, newpwd) != 0) {
+				fprintf (stderr,
+				         _("%s: (line %d, user %s) password not changed\n"),
+				         Prog, line, name);
+				errors++;
+			}
+		} else
+#endif				/* USE_PAM */
+		{
+		const struct spwd *sp;
+		struct spwd newsp;
+		const struct passwd *pw;
+		struct passwd newpw;
+
+		if (   !eflg
+		    && (   (NULL == crypt_method)
+		        || (0 != strcmp (crypt_method, "NONE")))) {
+			void *arg = NULL;
+			const char *salt;
+			if (md5flg) {
+				crypt_method = "MD5";
+			}
+#ifdef USE_SHA_CRYPT
+			if (sflg) {
+				arg = &sha_rounds;
+			}
+#endif
+			salt = crypt_make_salt (crypt_method, arg);
+			cp = pw_encrypt (newpwd, salt);
+			if (NULL == cp) {
+				fprintf (stderr,
+				         _("%s: failed to crypt password with salt '%s': %s\n"),
+				         Prog, salt, strerror (errno));
+				fail_exit (1);
+			}
+		}
+
+		/*
+		 * Get the password file entry for this user. The user must
+		 * already exist.
+		 */
+		pw = pw_locate (name);
+		if (NULL == pw) {
+			fprintf (stderr,
+			         _("%s: line %d: user '%s' does not exist\n"), Prog,
+			         line, name);
+			errors++;
+			continue;
+		}
+		if (is_shadow_pwd) {
+			/* The shadow entry should be updated if the
+			 * passwd entry has a password set to 'x'.
+			 * But on the other hand, if there is already both
+			 * a passwd and a shadow password, it's preferable
+			 * to update both.
+			 */
+			sp = spw_locate (name);
+
+			if (   (NULL == sp)
+			    && (strcmp (pw->pw_passwd,
+			                SHADOW_PASSWD_STRING) == 0)) {
+				/* If the password is set to 'x' in
+				 * passwd, but there are no entries in
+				 * shadow, create one.
+				 */
+				newsp.sp_namp  = name;
+				/* newsp.sp_pwdp  = NULL; will be set later */
+				/* newsp.sp_lstchg= 0;    will be set later */
+				newsp.sp_min   = getdef_num ("PASS_MIN_DAYS", -1);
+				newsp.sp_max   = getdef_num ("PASS_MAX_DAYS", -1);
+				newsp.sp_warn  = getdef_num ("PASS_WARN_AGE", -1);
+				newsp.sp_inact = -1;
+				newsp.sp_expire= -1;
+				newsp.sp_flag  = SHADOW_SP_FLAG_UNSET;
+				sp = &newsp;
+			}
+		} else {
+			sp = NULL;
+		}
+
+		/*
+		 * The freshly encrypted new password is merged into the
+		 * user's password file entry and the last password change
+		 * date is set to the current date.
+		 */
+		if (NULL != sp) {
+			newsp = *sp;
+			newsp.sp_pwdp = cp;
+			newsp.sp_lstchg = (long) gettime () / SCALE;
+			if (0 == newsp.sp_lstchg) {
+				/* Better disable aging than requiring a
+				 * password change */
+				newsp.sp_lstchg = -1;
+			}
+		}
+
+		if (   (NULL == sp)
+		    || (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) != 0)) {
+			newpw = *pw;
+			newpw.pw_passwd = cp;
+		}
+
+		/* 
+		 * The updated password file entry is then put back and will
+		 * be written to the password file later, after all the
+		 * other entries have been updated as well.
+		 */
+		if (NULL != sp) {
+			if (spw_update (&newsp) == 0) {
+				fprintf (stderr,
+				         _("%s: line %d: failed to prepare the new %s entry '%s'\n"),
+				         Prog, line, spw_dbname (), newsp.sp_namp);
+				errors++;
+				continue;
+			}
+		}
+		if (   (NULL == sp)
+		    || (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) != 0)) {
+			if (pw_update (&newpw) == 0) {
+				fprintf (stderr,
+				         _("%s: line %d: failed to prepare the new %s entry '%s'\n"),
+				         Prog, line, pw_dbname (), newpw.pw_name);
+				errors++;
+				continue;
+			}
+		}
+		}
+	}
+
+	/*
+	 * Any detected errors will cause the entire set of changes to be
+	 * aborted. Unlocking the password file will cause all of the
+	 * changes to be ignored. Otherwise the file is closed, causing the
+	 * changes to be written out all at once, and then unlocked
+	 * afterwards.
+	 *
+	 * With PAM, it is not possible to delay the update of the
+	 * password database.
+	 */
+	if (0 != errors) {
+#ifdef USE_PAM
+		if (!use_pam)
+#endif				/* USE_PAM */
+		{
+			fprintf (stderr,
+			         _("%s: error detected, changes ignored\n"),
+			         Prog);
+		}
+		fail_exit (1);
+	}
+
+#ifdef USE_PAM
+	if (!use_pam)
+#endif				/* USE_PAM */
+	{
+	/* Save the changes */
+		close_files ();
+	}
+
+	nscd_flush_cache ("passwd");
+
+	return (0);
+}
+
diff --git a/src/chsh.c b/src/chsh.c
new file mode 100644
index 0000000..c89708b
--- /dev/null
+++ b/src/chsh.c
@@ -0,0 +1,564 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <getopt.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <sys/types.h>
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#include <selinux/av_permissions.h>
+#endif
+#include "defines.h"
+#include "getdef.h"
+#include "nscd.h"
+#include "prototypes.h"
+#include "pwauth.h"
+#include "pwio.h"
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+#ifndef SHELLS_FILE
+#define SHELLS_FILE "/etc/shells"
+#endif
+/*
+ * Global variables
+ */
+const char *Prog;		/* Program name */
+static bool amroot;		/* Real UID is root */
+static char loginsh[BUFSIZ];	/* Name of new login shell */
+/* command line options */
+static bool sflg = false;	/* -s - set shell from command line  */
+static bool pw_locked = false;
+
+/* external identifiers */
+
+/* local function prototypes */
+static /*@noreturn@*/void fail_exit (int code);
+static /*@noreturn@*/void usage (int status);
+static void new_fields (void);
+static bool shell_is_listed (const char *);
+static bool is_restricted_shell (const char *);
+static void process_flags (int argc, char **argv);
+static void check_perms (const struct passwd *pw);
+static void update_shell (const char *user, char *loginsh);
+
+/*
+ * fail_exit - do some cleanup and exit with the given error code
+ */
+static /*@noreturn@*/void fail_exit (int code)
+{
+	if (pw_locked) {
+		if (pw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+			/* continue */
+		}
+	}
+
+	closelog ();
+
+	exit (code);
+}
+
+/*
+ * usage - print command line syntax and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options] [LOGIN]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs (_("  -s, --shell SHELL             new login shell for the user account\n"), usageout);
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+/*
+ * new_fields - change the user's login shell information interactively
+ *
+ * prompt the user for the login shell and change it according to the
+ * response, or leave it alone if nothing was entered.
+ */
+static void new_fields (void)
+{
+	puts (_("Enter the new value, or press ENTER for the default"));
+	change_field (loginsh, sizeof loginsh, _("Login Shell"));
+}
+
+/*
+ * is_restricted_shell - return true if the shell is restricted
+ *
+ */
+static bool is_restricted_shell (const char *sh)
+{
+	/*
+	 * Shells not listed in /etc/shells are considered to be restricted.
+	 * Changed this to avoid confusion with "rc" (the plan9 shell - not
+	 * restricted despite the name starting with 'r').  --marekm
+	 */
+	return !shell_is_listed (sh);
+}
+
+/*
+ * shell_is_listed - see if the user's login shell is listed in /etc/shells
+ *
+ * The /etc/shells file is read for valid names of login shells.  If the
+ * /etc/shells file does not exist the user cannot set any shell unless
+ * they are root.
+ *
+ * If getusershell() is available (Linux, *BSD, possibly others), use it
+ * instead of re-implementing it.
+ */
+static bool shell_is_listed (const char *sh)
+{
+	char *cp;
+	bool found = false;
+
+#ifndef HAVE_GETUSERSHELL
+	char buf[BUFSIZ];
+	FILE *fp;
+#endif
+
+#ifdef HAVE_GETUSERSHELL
+	setusershell ();
+	while ((cp = getusershell ())) {
+		if (strcmp (cp, sh) == 0) {
+			found = true;
+			break;
+		}
+	}
+	endusershell ();
+#else
+	fp = fopen (SHELLS_FILE, "r");
+	if (NULL == fp) {
+		return false;
+	}
+
+	while (fgets (buf, sizeof (buf), fp) == buf) {
+		cp = strrchr (buf, '\n');
+		if (NULL != cp) {
+			*cp = '\0';
+		}
+
+		if (buf[0] == '#') {
+			continue;
+		}
+
+		if (strcmp (buf, sh) == 0) {
+			found = true;
+			break;
+		}
+	}
+	fclose (fp);
+#endif
+	return found;
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ *	It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+	int c;
+	static struct option long_options[] = {
+		{"help",  no_argument,       NULL, 'h'},
+		{"root",  required_argument, NULL, 'R'},
+		{"shell", required_argument, NULL, 's'},
+		{NULL, 0, NULL, '\0'}
+	};
+
+	while ((c = getopt_long (argc, argv, "hR:s:",
+	                         long_options, NULL)) != -1) {
+		switch (c) {
+		case 'h':
+			usage (E_SUCCESS);
+			/*@notreached@*/break;
+		case 'R': /* no-op, handled in process_root_flag () */
+			break;
+		case 's':
+			sflg = true;
+			STRFCPY (loginsh, optarg);
+			break;
+		default:
+			usage (E_USAGE);
+		}
+	}
+
+	/*
+	 * There should be only one remaining argument at most and it should
+	 * be the user's name.
+	 */
+	if (argc > (optind + 1)) {
+		usage (E_USAGE);
+	}
+}
+
+/*
+ * check_perms - check if the caller is allowed to add a group
+ *
+ *	Non-root users are only allowed to change their shell, if their current
+ *	shell is not a restricted shell.
+ *
+ *	Non-root users must be authenticated.
+ *
+ *	It will not return if the user is not allowed.
+ */
+static void check_perms (const struct passwd *pw)
+{
+#ifdef USE_PAM
+	pam_handle_t *pamh = NULL;
+	int retval;
+	struct passwd *pampw;
+#endif
+
+	/*
+	 * Non-privileged users are only allowed to change the shell if the
+	 * UID of the user matches the current real UID.
+	 */
+	if (!amroot && pw->pw_uid != getuid ()) {
+		SYSLOG ((LOG_WARN, "can't change shell for '%s'", pw->pw_name));
+		fprintf (stderr,
+		         _("You may not change the shell for '%s'.\n"),
+		         pw->pw_name);
+		fail_exit (1);
+	}
+
+	/*
+	 * Non-privileged users are only allowed to change the shell if it
+	 * is not a restricted one.
+	 */
+	if (!amroot && is_restricted_shell (pw->pw_shell)) {
+		SYSLOG ((LOG_WARN, "can't change shell for '%s'", pw->pw_name));
+		fprintf (stderr,
+		         _("You may not change the shell for '%s'.\n"),
+		         pw->pw_name);
+		fail_exit (1);
+	}
+#ifdef WITH_SELINUX
+	/*
+	 * If the UID of the user does not match the current real UID,
+	 * check if the change is allowed by SELinux policy.
+	 */
+	if ((pw->pw_uid != getuid ())
+	    && (is_selinux_enabled () > 0)
+	    && (selinux_check_passwd_access (PASSWD__CHSH) != 0)) {
+		SYSLOG ((LOG_WARN, "can't change shell for '%s'", pw->pw_name));
+		fprintf (stderr,
+		         _("You may not change the shell for '%s'.\n"),
+		         pw->pw_name);
+		fail_exit (1);
+	}
+#endif
+
+#ifndef USE_PAM
+	/*
+	 * Non-privileged users are optionally authenticated (must enter
+	 * the password of the user whose information is being changed)
+	 * before any changes can be made. Idea from util-linux
+	 * chfn/chsh.  --marekm
+	 */
+	if (!amroot && getdef_bool ("CHSH_AUTH")) {
+		passwd_check (pw->pw_name, pw->pw_passwd, "chsh");
+        }
+
+#else				/* !USE_PAM */
+	pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+	if (NULL == pampw) {
+		fprintf (stderr,
+		         _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		exit (E_NOPERM);
+	}
+
+	retval = pam_start ("chsh", pampw->pw_name, &conv, &pamh);
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_authenticate (pamh, 0);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_acct_mgmt (pamh, 0);
+	}
+
+	if (PAM_SUCCESS != retval) {
+		fprintf (stderr, _("%s: PAM: %s\n"),
+		         Prog, pam_strerror (pamh, retval));
+		SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+		if (NULL != pamh) {
+			(void) pam_end (pamh, retval);
+		}
+		exit (E_NOPERM);
+	}
+	(void) pam_end (pamh, retval);
+#endif				/* USE_PAM */
+}
+
+/*
+ * update_shell - update the user's shell in the passwd database
+ *
+ *	Commit the user's entry after changing her shell field.
+ *
+ *	It will not return in case of error.
+ */
+static void update_shell (const char *user, char *newshell)
+{
+	const struct passwd *pw;	/* Password entry from /etc/passwd   */
+	struct passwd pwent;		/* New password entry                */
+
+	/*
+	 * Before going any further, raise the ulimit to prevent
+	 * colliding into a lowered ulimit, and set the real UID
+	 * to root to protect against unexpected signals. Any
+	 * keyboard signals are set to be ignored.
+	 */
+	if (setuid (0) != 0) {
+		SYSLOG ((LOG_ERR, "can't setuid(0)"));
+		fputs (_("Cannot change ID to root.\n"), stderr);
+		fail_exit (1);
+	}
+	pwd_init ();
+
+	/*
+	 * The passwd entry is now ready to be committed back to
+	 * the password file. Get a lock on the file and open it.
+	 */
+	if (pw_lock () == 0) {
+		fprintf (stderr, _("%s: cannot lock %s; try again later.\n"),
+		         Prog, pw_dbname ());
+		fail_exit (1);
+	}
+	pw_locked = true;
+	if (pw_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ()));
+		fail_exit (1);
+	}
+
+	/*
+	 * Get the entry to update using pw_locate() - we want the real
+	 * one from /etc/passwd, not the one from getpwnam() which could
+	 * contain the shadow password if (despite the warnings) someone
+	 * enables AUTOSHADOW (or SHADOW_COMPAT in libc).  --marekm
+	 */
+	pw = pw_locate (user);
+	if (NULL == pw) {
+		fprintf (stderr,
+		         _("%s: user '%s' does not exist in %s\n"),
+		         Prog, user, pw_dbname ());
+		fail_exit (1);
+	}
+
+	/*
+	 * Make a copy of the entry, then change the shell field. The other
+	 * fields remain unchanged.
+	 */
+	pwent = *pw;
+	pwent.pw_shell = newshell;
+
+	/*
+	 * Update the passwd file entry. If there is a DBM file, update
+	 * that entry as well.
+	 */
+	if (pw_update (&pwent) == 0) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry '%s'\n"),
+		         Prog, pw_dbname (), pwent.pw_name);
+		fail_exit (1);
+	}
+
+	/*
+	 * Changes have all been made, so commit them and unlock the file.
+	 */
+	if (pw_close () == 0) {
+		fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+		fail_exit (1);
+	}
+	if (pw_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+		/* continue */
+	}
+	pw_locked= false;
+}
+
+/*
+ * chsh - this command controls changes to the user's shell
+ *
+ *	The only supported option is -s which permits the the login shell to
+ *	be set from the command line.
+ */
+int main (int argc, char **argv)
+{
+	char *user;		/* User name                         */
+	const struct passwd *pw;	/* Password entry from /etc/passwd   */
+
+	sanitize_env ();
+
+	/*
+	 * Get the program name. The program name is used as a prefix to
+	 * most error messages.
+	 */
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	/*
+	 * This command behaves different for root and non-root users.
+	 */
+	amroot = (getuid () == 0);
+
+	OPENLOG ("chsh");
+
+	/* parse the command line options */
+	process_flags (argc, argv);
+
+	/*
+	 * Get the name of the user to check. It is either the command line
+	 * name, or the name getlogin() returns.
+	 */
+	if (optind < argc) {
+		user = argv[optind];
+		pw = xgetpwnam (user);
+		if (NULL == pw) {
+			fprintf (stderr,
+			         _("%s: user '%s' does not exist\n"), Prog, user);
+			fail_exit (1);
+		}
+	} else {
+		pw = get_my_pwent ();
+		if (NULL == pw) {
+			fprintf (stderr,
+			         _("%s: Cannot determine your user name.\n"),
+			         Prog);
+			SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
+			         (unsigned long) getuid ()));
+			fail_exit (1);
+		}
+		user = xstrdup (pw->pw_name);
+	}
+
+#ifdef	USE_NIS
+	/*
+	 * Now we make sure this is a LOCAL password entry for this user ...
+	 */
+	if (__ispwNIS ()) {
+		char *nis_domain;
+		char *nis_master;
+
+		fprintf (stderr,
+		         _("%s: cannot change user '%s' on NIS client.\n"),
+		         Prog, user);
+
+		if (!yp_get_default_domain (&nis_domain) &&
+		    !yp_master (nis_domain, "passwd.byname", &nis_master)) {
+			fprintf (stderr,
+			         _("%s: '%s' is the NIS master for this client.\n"),
+			         Prog, nis_master);
+		}
+		fail_exit (1);
+	}
+#endif
+
+	check_perms (pw);
+
+	/*
+	 * Now get the login shell. Either get it from the password
+	 * file, or use the value from the command line.
+	 */
+	if (!sflg) {
+		STRFCPY (loginsh, pw->pw_shell);
+	}
+
+	/*
+	 * If the login shell was not set on the command line, let the user
+	 * interactively change it.
+	 */
+	if (!sflg) {
+		printf (_("Changing the login shell for %s\n"), user);
+		new_fields ();
+	}
+
+	/*
+	 * Check all of the fields for valid information. The shell
+	 * field may not contain any illegal characters. Non-privileged
+	 * users are restricted to using the shells in /etc/shells.
+	 * The shell must be executable by the user.
+	 */
+	if (valid_field (loginsh, ":,=\n") != 0) {
+		fprintf (stderr, _("%s: Invalid entry: %s\n"), Prog, loginsh);
+		fail_exit (1);
+	}
+	if (   !amroot
+	    && (   is_restricted_shell (loginsh)
+	        || (access (loginsh, X_OK) != 0))) {
+		fprintf (stderr, _("%s: %s is an invalid shell\n"), Prog, loginsh);
+		fail_exit (1);
+	}
+
+	/* Even for root, warn if an invalid shell is specified. */
+	if (access (loginsh, F_OK) != 0) {
+		fprintf (stderr, _("%s: Warning: %s does not exist\n"), Prog, loginsh);
+	} else if (access (loginsh, X_OK) != 0) {
+		fprintf (stderr, _("%s: Warning: %s is not executable\n"), Prog, loginsh);
+	}
+
+	update_shell (user, loginsh);
+
+	SYSLOG ((LOG_INFO, "changed user '%s' shell to '%s'", user, loginsh));
+
+	nscd_flush_cache ("passwd");
+
+	closelog ();
+	exit (E_SUCCESS);
+}
+
diff --git a/src/expiry.c b/src/expiry.c
new file mode 100644
index 0000000..41add94
--- /dev/null
+++ b/src/expiry.c
@@ -0,0 +1,210 @@
+/*
+ * Copyright (c) 1994       , Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <pwd.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <getopt.h>
+#include "defines.h"
+#include "prototypes.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/* Global variables */
+const char *Prog;
+static bool cflg = false;
+
+/* local function prototypes */
+static RETSIGTYPE catch_signals (unused int sig);
+static /*@noreturn@*/void usage (int status);
+static void process_flags (int argc, char **argv);
+
+/*
+ * catch_signals - signal catcher
+ */
+static RETSIGTYPE catch_signals (unused int sig)
+{
+	_exit (10);
+}
+
+/*
+ * usage - print syntax message and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -c, --check                   check the user's password expiration\n"), usageout);
+	(void) fputs (_("  -f, --force                   force password change if the user's password\n"
+	                "                                is expired\n"), usageout);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ *	It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+	bool fflg = false;
+	int c;
+	static struct option long_options[] = {
+		{"check", no_argument, NULL, 'c'},
+		{"force", no_argument, NULL, 'f'},
+		{"help",  no_argument, NULL, 'h'},
+		{NULL, 0, NULL, '\0'}
+	};
+
+	while ((c = getopt_long (argc, argv, "cfh",
+	                         long_options, NULL)) != -1) {
+		switch (c) {
+		case 'c':
+			cflg = true;
+			break;
+		case 'f':
+			fflg = true;
+			break;
+		case 'h':
+			usage (E_SUCCESS);
+			/*@notreached@*/break;
+		default:
+			usage (E_USAGE);
+		}
+	}
+
+	if (! (cflg || fflg)) {
+		usage (E_USAGE);
+	}
+
+	if (cflg && fflg) {
+		fprintf (stderr,
+		         _("%s: options %s and %s conflict\n"),
+		         Prog, "-c", "-f");
+		usage (E_USAGE);
+	}
+
+	if (argc != optind) {
+		fprintf (stderr,
+		         _("%s: unexpected argument: %s\n"),
+		         Prog, argv[optind]);
+		usage (E_USAGE);
+	}
+}
+
+/* 
+ * expiry - check and enforce password expiration policy
+ *
+ *	expiry checks (-c) the current password expiration and forces (-f)
+ *	changes when required. It is callable as a normal user command.
+ */
+int main (int argc, char **argv)
+{
+	struct passwd *pwd;
+	struct spwd *spwd;
+
+	Prog = Basename (argv[0]);
+
+	sanitize_env ();
+
+	/* 
+	 * Start by disabling all of the keyboard signals.
+	 */
+	(void) signal (SIGHUP, catch_signals);
+	(void) signal (SIGINT, catch_signals);
+	(void) signal (SIGQUIT, catch_signals);
+#ifdef	SIGTSTP
+	(void) signal (SIGTSTP, catch_signals);
+#endif
+
+	/*
+	 * expiry takes one of two arguments. The default action is to give
+	 * the usage message.
+	 */
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	OPENLOG ("expiry");
+
+	process_flags (argc, argv);
+
+	/*
+	 * Get user entries for /etc/passwd and /etc/shadow
+	 */
+	pwd = get_my_pwent ();
+	if (NULL == pwd) {
+		fprintf (stderr, _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
+		         (unsigned long) getuid ()));
+		exit (10);
+	}
+	spwd = getspnam (pwd->pw_name); /* !USE_PAM, No need for xgetspnam */
+
+	/*
+	 * If checking accounts, use agecheck() function.
+	 */
+	if (cflg) {
+		/*
+		 * Print out number of days until expiration.
+		 */
+		agecheck (spwd);
+
+		/*
+		 * Exit with status indicating state of account.
+		 */
+		exit (isexpired (pwd, spwd));
+	}
+
+	/*
+	 * Otherwise, force a password change with the expire() function.
+	 * It will force the change or give a message indicating what to
+	 * do.
+	 * It won't return unless the account is unexpired.
+	 */
+	(void) expire (pwd, spwd);
+
+	return E_SUCCESS;
+}
+
diff --git a/src/faillog.c b/src/faillog.c
new file mode 100644
index 0000000..073561c
--- /dev/null
+++ b/src/faillog.c
@@ -0,0 +1,741 @@
+/*
+ * Copyright (c) 1989 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <getopt.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <time.h>
+#include <assert.h>
+#include "defines.h"
+#include "faillog.h"
+#include "prototypes.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/* local function prototypes */
+static /*@noreturn@*/void usage (int status);
+static void print_one (/*@null@*/const struct passwd *pw, bool force);
+static void set_locktime (long locktime);
+static bool set_locktime_one (uid_t uid, long locktime);
+static void setmax (short max);
+static bool setmax_one (uid_t uid, short max);
+static void print (void);
+static bool reset_one (uid_t uid);
+static void reset (void);
+
+/*
+ * Global variables
+ */
+const char *Prog;		/* Program name */
+static FILE *fail;		/* failure file stream */
+static time_t seconds;		/* that number of days in seconds */
+static unsigned long umin;	/* if uflg and has_umin, only display users with uid >= umin */
+static bool has_umin = false;
+static unsigned long umax;	/* if uflg and has_umax, only display users with uid <= umax */
+static bool has_umax = false;
+static bool errors = false;
+
+static bool aflg = false;	/* set if all users are to be printed always */
+static bool uflg = false;	/* set if user is a valid user id */
+static bool tflg = false;	/* print is restricted to most recent days */
+static bool lflg = false;	/* set the locktime */
+static bool mflg = false;	/* set maximum failed login counters */
+static bool rflg = false;	/* reset the counters of login failures */
+
+static struct stat statbuf;	/* fstat buffer for file size */
+
+#define	NOW	(time((time_t *) 0))
+
+static /*@noreturn@*/void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -a, --all                     display faillog records for all users\n"), usageout);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -l, --lock-secs SEC           after failed login lock account for SEC seconds\n"), usageout);
+	(void) fputs (_("  -m, --maximum MAX             set maximum failed login counters to MAX\n"), usageout);
+	(void) fputs (_("  -r, --reset                   reset the counters of login failures\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs (_("  -t, --time DAYS               display faillog records more recent than DAYS\n"), usageout);
+	(void) fputs (_("  -u, --user LOGIN/RANGE        display faillog record or maintains failure\n"
+	                "                                counters and limits (if used with -r, -m,\n"
+	                "                                or -l) only for the specified LOGIN(s)\n"), usageout);
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+static void print_one (/*@null@*/const struct passwd *pw, bool force)
+{
+	static bool once = false;
+	struct tm *tm;
+	off_t offset;
+	struct faillog fl;
+	time_t now;
+
+#ifdef HAVE_STRFTIME
+	char *cp;
+	char ptime[80];
+#endif
+
+	if (NULL == pw) {
+		return;
+	}
+
+	offset = (off_t) pw->pw_uid * sizeof (fl);
+	if (offset + sizeof (fl) <= statbuf.st_size) {
+		/* fseeko errors are not really relevant for us. */
+		int err = fseeko (fail, offset, SEEK_SET);
+		assert (0 == err);
+		/* faillog is a sparse file. Even if no entries were
+		 * entered for this user, which should be able to get the
+		 * empty entry in this case.
+		 */
+		if (fread ((char *) &fl, sizeof (fl), 1, fail) != 1) {
+			fprintf (stderr,
+			         _("%s: Failed to get the entry for UID %lu\n"),
+			         Prog, (unsigned long int)pw->pw_uid);
+			return;
+		}
+	} else {
+		/* Outsize of the faillog file.
+		 * Behave as if there were a missing entry (same behavior
+		 * as if we were reading an non existing entry in the
+		 * sparse faillog file).
+		 */
+		memzero (&fl, sizeof (fl));
+	}
+
+	/* Nothing to report */
+	if (!force && (0 == fl.fail_time)) {
+		return;
+	}
+
+	(void) time(&now);
+
+	/* Filter out entries that do not match with the -t option */
+	if (tflg && ((now - fl.fail_time) > seconds)) {
+		return;
+	}
+
+	/* Print the header only once */
+	if (!once) {
+		puts (_("Login       Failures Maximum Latest                   On\n"));
+		once = true;
+	}
+
+	tm = localtime (&fl.fail_time);
+#ifdef HAVE_STRFTIME
+	strftime (ptime, sizeof (ptime), "%D %H:%M:%S %z", tm);
+	cp = ptime;
+#endif
+	printf ("%-9s   %5d    %5d   ",
+	        pw->pw_name, fl.fail_cnt, fl.fail_max);
+	/* FIXME: cp is not defined ifndef HAVE_STRFTIME */
+	printf ("%s  %s", cp, fl.fail_line);
+	if (0 != fl.fail_locktime) {
+		if (   ((fl.fail_time + fl.fail_locktime) > now)
+		    && (0 != fl.fail_cnt)) {
+			printf (_(" [%lus left]"),
+			        (unsigned long) fl.fail_time + fl.fail_locktime - now);
+		} else {
+			printf (_(" [%lds lock]"),
+			        fl.fail_locktime);
+		}
+	}
+	putchar ('\n');
+}
+
+static void print (void)
+{
+	if (uflg && has_umin && has_umax && (umin==umax)) {
+		print_one (getpwuid ((uid_t)umin), true);
+	} else {
+		/* We only print records for existing users.
+		 * Loop based on the user database instead of reading the
+		 * whole file. We will have to query the database anyway
+		 * so except for very small ranges and large user
+		 * database, this should not be a performance issue.
+		 */
+		struct passwd *pwent;
+
+		setpwent ();
+		while ( (pwent = getpwent ()) != NULL ) {
+			if (   uflg
+			    && (   (has_umin && (pwent->pw_uid < (uid_t)umin))
+			        || (has_umax && (pwent->pw_uid > (uid_t)umax)))) {
+				continue;
+			}
+			print_one (pwent, aflg);
+		}
+		endpwent ();
+	}
+}
+
+/*
+ * reset_one - Reset the fail count for one user
+ *
+ * This returns a boolean indicating if an error occurred.
+ */
+static bool reset_one (uid_t uid)
+{
+	off_t offset;
+	struct faillog fl;
+
+	offset = (off_t) uid * sizeof (fl);
+	if (offset + sizeof (fl) <= statbuf.st_size) {
+		/* fseeko errors are not really relevant for us. */
+		int err = fseeko (fail, offset, SEEK_SET);
+		assert (0 == err);
+		/* faillog is a sparse file. Even if no entries were
+		 * entered for this user, which should be able to get the
+		 * empty entry in this case.
+		 */
+		if (fread ((char *) &fl, sizeof (fl), 1, fail) != 1) {
+			fprintf (stderr,
+			         _("%s: Failed to get the entry for UID %lu\n"),
+			         Prog, (unsigned long int)uid);
+			return true;
+		}
+	} else {
+		/* Outsize of the faillog file.
+		 * Behave as if there were a missing entry (same behavior
+		 * as if we were reading an non existing entry in the
+		 * sparse faillog file).
+		 */
+		memzero (&fl, sizeof (fl));
+	}
+
+	if (0 == fl.fail_cnt) {
+		/* If the count is already null, do not write in the file.
+		 * This avoids writing 0 when no entries were present for
+		 * the user.
+		 */
+		return false;
+	}
+
+	fl.fail_cnt = 0;
+
+	if (   (fseeko (fail, offset, SEEK_SET) == 0)
+	    && (fwrite ((char *) &fl, sizeof (fl), 1, fail) == 1)) {
+		(void) fflush (fail);
+		return false;
+	}
+
+	fprintf (stderr,
+	         _("%s: Failed to reset fail count for UID %lu\n"),
+	         Prog, (unsigned long int)uid);
+	return true;
+}
+
+static void reset (void)
+{
+	if (uflg && has_umin && has_umax && (umin==umax)) {
+		if (reset_one ((uid_t)umin)) {
+			errors = true;
+		}
+	} else {
+		/* There is no need to reset outside of the faillog
+		 * database.
+		 */
+		uid_t uidmax = statbuf.st_size / sizeof (struct faillog);
+		if (uidmax > 1) {
+			uidmax--;
+		}
+		if (has_umax && (uid_t)umax < uidmax) {
+			uidmax = (uid_t)umax;
+		}
+
+		/* Reset all entries in the specified range.
+		 * Non existing entries will not be touched.
+		 */
+		if (aflg) {
+			/* Entries for non existing users are also reset.
+			 */
+			uid_t uid = 0;
+
+			/* Make sure we stay in the umin-umax range if specified */
+			if (has_umin) {
+				uid = (uid_t)umin;
+			}
+
+			while (uid <= uidmax) {
+				if (reset_one (uid)) {
+					errors = true;
+				}
+				uid++;
+			}
+		} else {
+			/* Only reset records for existing users.
+			 */
+			struct passwd *pwent;
+
+			setpwent ();
+			while ( (pwent = getpwent ()) != NULL ) {
+				if (   uflg
+				    && (   (has_umin && (pwent->pw_uid < (uid_t)umin))
+				        || (pwent->pw_uid > (uid_t)uidmax))) {
+					continue;
+				}
+				if (reset_one (pwent->pw_uid)) {
+					errors = true;
+				}
+			}
+			endpwent ();
+		}
+	}
+}
+
+/*
+ * setmax_one - Set the maximum failed login counter for one user
+ *
+ * This returns a boolean indicating if an error occurred.
+ */
+static bool setmax_one (uid_t uid, short max)
+{
+	off_t offset;
+	struct faillog fl;
+
+	offset = (off_t) uid * sizeof (fl);
+	if (offset + sizeof (fl) <= statbuf.st_size) {
+		/* fseeko errors are not really relevant for us. */
+		int err = fseeko (fail, offset, SEEK_SET);
+		assert (0 == err);
+		/* faillog is a sparse file. Even if no entries were
+		 * entered for this user, which should be able to get the
+		 * empty entry in this case.
+		 */
+		if (fread ((char *) &fl, sizeof (fl), 1, fail) != 1) {
+			fprintf (stderr,
+			         _("%s: Failed to get the entry for UID %lu\n"),
+			         Prog, (unsigned long int)uid);
+			return true;
+		}
+	} else {
+		/* Outsize of the faillog file.
+		 * Behave as if there were a missing entry (same behavior
+		 * as if we were reading an non existing entry in the
+		 * sparse faillog file).
+		 */
+		memzero (&fl, sizeof (fl));
+	}
+
+	if (max == fl.fail_max) {
+		/* If the max is already set to the right value, do not
+		 * write in the file.
+		 * This avoids writing 0 when no entries were present for
+		 * the user and the max argument is 0.
+		 */
+		return false;
+	}
+
+	fl.fail_max = max;
+
+	if (   (fseeko (fail, offset, SEEK_SET) == 0)
+	    && (fwrite ((char *) &fl, sizeof (fl), 1, fail) == 1)) {
+		(void) fflush (fail);
+		return false;
+	}
+
+	fprintf (stderr,
+	         _("%s: Failed to set max for UID %lu\n"),
+	         Prog, (unsigned long int)uid);
+	return true;
+}
+
+static void setmax (short max)
+{
+	if (uflg && has_umin && has_umax && (umin==umax)) {
+		if (setmax_one ((uid_t)umin, max)) {
+			errors = true;
+		}
+	} else {
+		/* Set max for entries in the specified range.
+		 * If max is unchanged for an entry, the entry is not touched.
+		 * If max is null, and no entries exist for this user, no
+		 * entries will be created.
+		 */
+		if (aflg) {
+			/* Entries for non existing user are also taken into
+			 * account (in order to define policy for future users).
+			 */
+			uid_t uid = 0;
+			/* The default umax value is based on the size of the
+			 * faillog database.
+			 */
+			uid_t uidmax = statbuf.st_size / sizeof (struct faillog);
+			if (uidmax > 1) {
+				uidmax--;
+			}
+
+			/* Make sure we stay in the umin-umax range if specified */
+			if (has_umin) {
+				uid = (uid_t)umin;
+			}
+			if (has_umax) {
+				uidmax = (uid_t)umax;
+			}
+
+			while (uid <= uidmax) {
+				if (setmax_one (uid, max)) {
+					errors = true;
+				}
+				uid++;
+			}
+		} else {
+			/* Only change records for existing users.
+			 */
+			struct passwd *pwent;
+
+			setpwent ();
+			while ( (pwent = getpwent ()) != NULL ) {
+				if (   uflg
+				    && (   (has_umin && (pwent->pw_uid < (uid_t)umin))
+				        || (has_umax && (pwent->pw_uid > (uid_t)umax)))) {
+					continue;
+				}
+				if (setmax_one (pwent->pw_uid, max)) {
+					errors = true;
+				}
+			}
+			endpwent ();
+		}
+	}
+}
+
+/*
+ * set_locktime_one - Set the locktime for one user
+ *
+ * This returns a boolean indicating if an error occurred.
+ */
+static bool set_locktime_one (uid_t uid, long locktime)
+{
+	off_t offset;
+	struct faillog fl;
+
+	offset = (off_t) uid * sizeof (fl);
+	if (offset + sizeof (fl) <= statbuf.st_size) {
+		/* fseeko errors are not really relevant for us. */
+		int err = fseeko (fail, offset, SEEK_SET);
+		assert (0 == err);
+		/* faillog is a sparse file. Even if no entries were
+		 * entered for this user, which should be able to get the
+		 * empty entry in this case.
+		 */
+		if (fread ((char *) &fl, sizeof (fl), 1, fail) != 1) {
+			fprintf (stderr,
+			         _("%s: Failed to get the entry for UID %lu\n"),
+			         Prog, (unsigned long int)uid);
+			return true;
+		}
+	} else {
+		/* Outsize of the faillog file.
+		 * Behave as if there were a missing entry (same behavior
+		 * as if we were reading an non existing entry in the
+		 * sparse faillog file).
+		 */
+		memzero (&fl, sizeof (fl));
+	}
+
+	if (locktime == fl.fail_locktime) {
+		/* If the locktime is already set to the right value, do not
+		 * write in the file.
+		 * This avoids writing 0 when no entries were present for
+		 * the user and the locktime argument is 0.
+		 */
+		return false;
+	}
+
+	fl.fail_locktime = locktime;
+
+	if (   (fseeko (fail, offset, SEEK_SET) == 0)
+	    && (fwrite ((char *) &fl, sizeof (fl), 1, fail) == 1)) {
+		(void) fflush (fail);
+		return false;
+	}
+
+	fprintf (stderr,
+	         _("%s: Failed to set locktime for UID %lu\n"),
+	         Prog, (unsigned long int)uid);
+	return true;
+}
+
+static void set_locktime (long locktime)
+{
+	if (uflg && has_umin && has_umax && (umin==umax)) {
+		if (set_locktime_one ((uid_t)umin, locktime)) {
+			errors = true;
+		}
+	} else {
+		/* Set locktime for entries in the specified range.
+		 * If locktime is unchanged for an entry, the entry is not touched.
+		 * If locktime is null, and no entries exist for this user, no
+		 * entries will be created.
+		 */
+		if (aflg) {
+			/* Entries for non existing user are also taken into
+			 * account (in order to define policy for future users).
+			 */
+			uid_t uid = 0;
+			/* The default umax value is based on the size of the
+			 * faillog database.
+			 */
+			uid_t uidmax = statbuf.st_size / sizeof (struct faillog);
+			if (uidmax > 1) {
+				uidmax--;
+			}
+
+			/* Make sure we stay in the umin-umax range if specified */
+			if (has_umin) {
+				uid = (uid_t)umin;
+			}
+			if (has_umax) {
+				uidmax = (uid_t)umax;
+			}
+
+			while (uid <= uidmax) {
+				if (set_locktime_one (uid, locktime)) {
+					errors = true;
+				}
+				uid++;
+			}
+		} else {
+			/* Only change records for existing users.
+			 */
+			struct passwd *pwent;
+
+			setpwent ();
+			while ( (pwent = getpwent ()) != NULL ) {
+				if (   uflg
+				    && (   (has_umin && (pwent->pw_uid < (uid_t)umin))
+				        || (has_umax && (pwent->pw_uid > (uid_t)umax)))) {
+					continue;
+				}
+				if (set_locktime_one (pwent->pw_uid, locktime)) {
+					errors = true;
+				}
+			}
+			endpwent ();
+		}
+	}
+}
+
+int main (int argc, char **argv)
+{
+	long fail_locktime;
+	short fail_max;
+	long days;
+
+	/*
+	 * Get the program name. The program name is used as a prefix to
+	 * most error messages.
+	 */
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	{
+		int c;
+		static struct option long_options[] = {
+			{"all",       no_argument,       NULL, 'a'},
+			{"help",      no_argument,       NULL, 'h'},
+			{"lock-secs", required_argument, NULL, 'l'},
+			{"maximum",   required_argument, NULL, 'm'},
+			{"reset",     no_argument,       NULL, 'r'},
+			{"root",      required_argument, NULL, 'R'},
+			{"time",      required_argument, NULL, 't'},
+			{"user",      required_argument, NULL, 'u'},
+			{NULL, 0, NULL, '\0'}
+		};
+		while ((c = getopt_long (argc, argv, "ahl:m:rR:t:u:",
+		                         long_options, NULL)) != -1) {
+			switch (c) {
+			case 'a':
+				aflg = true;
+				break;
+			case 'h':
+				usage (E_SUCCESS);
+				/*@notreached@*/break;
+			case 'l':
+				if (getlong (optarg, &fail_locktime) == 0) {
+					fprintf (stderr,
+					         _("%s: invalid numeric argument '%s'\n"),
+					         Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				lflg = true;
+				break;
+			case 'm':
+			{
+				long int lmax;
+				if (   (getlong (optarg, &lmax) == 0)
+				    || ((long int)(short) lmax != lmax)) {
+					fprintf (stderr,
+					         _("%s: invalid numeric argument '%s'\n"),
+					         Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				fail_max = (short) lmax;
+				mflg = true;
+				break;
+			}
+			case 'r':
+				rflg = true;
+				break;
+			case 'R': /* no-op, handled in process_root_flag () */
+				break;
+			case 't':
+				if (getlong (optarg, &days) == 0) {
+					fprintf (stderr,
+					         _("%s: invalid numeric argument '%s'\n"),
+					         Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				seconds = (time_t) days * DAY;
+				tflg = true;
+				break;
+			case 'u':
+			{
+				/*
+				 * The user can be:
+				 *  - a login name
+				 *  - numerical
+				 *  - a numerical login ID
+				 *  - a range (-x, x-, x-y)
+				 */
+				struct passwd *pwent;
+
+				uflg = true;
+				/* local, no need for xgetpwnam */
+				pwent = getpwnam (optarg);
+				if (NULL != pwent) {
+					umin = (unsigned long) pwent->pw_uid;
+					has_umin = true;
+					umax = umin;
+					has_umax = true;
+				} else {
+					if (getrange (optarg,
+					              &umin, &has_umin,
+					              &umax, &has_umax) == 0) {
+						fprintf (stderr,
+						         _("%s: Unknown user or range: %s\n"),
+						         Prog, optarg);
+						exit (E_BAD_ARG);
+					}
+				}
+
+				break;
+			}
+			default:
+				usage (E_USAGE);
+			}
+		}
+		if (argc > optind) {
+			fprintf (stderr,
+			         _("%s: unexpected argument: %s\n"),
+			         Prog, argv[optind]);
+			usage (EXIT_FAILURE);
+		}
+	}
+
+	if (tflg && (lflg || mflg || rflg)) {
+		usage (E_USAGE);
+	}
+
+	/* Open the faillog database */
+	if (lflg || mflg || rflg) {
+		fail = fopen (FAILLOG_FILE, "r+");
+	} else {
+		fail = fopen (FAILLOG_FILE, "r");
+	}
+	if (NULL == fail) {
+		fprintf (stderr,
+		         _("%s: Cannot open %s: %s\n"),
+		         Prog, FAILLOG_FILE, strerror (errno));
+		exit (E_NOPERM);
+	}
+
+	/* Get the size of the faillog */
+	if (fstat (fileno (fail), &statbuf) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot get the size of %s: %s\n"),
+		         Prog, FAILLOG_FILE, strerror (errno));
+		exit (E_NOPERM);
+	}
+
+	if (lflg) {
+		set_locktime (fail_locktime);
+	}
+
+	if (mflg) {
+		setmax (fail_max);
+	}
+
+	if (rflg) {
+		reset ();
+	}
+
+	if (!(lflg || mflg || rflg)) {
+		print ();
+	}
+
+	if (lflg || mflg || rflg) {
+		if (   (ferror (fail) != 0)
+		    || (fflush (fail) != 0)
+		    || (fsync  (fileno (fail)) != 0)
+		    || (fclose (fail) != 0)) {
+			fprintf (stderr,
+			         _("%s: Failed to write %s: %s\n"),
+			         Prog, FAILLOG_FILE, strerror (errno));
+			(void) fclose (fail);
+			errors = true;
+		}
+	} else {
+		(void) fclose (fail);
+	}
+
+	exit (errors ? E_NOPERM : E_SUCCESS);
+}
+
diff --git a/src/gpasswd.c b/src/gpasswd.c
new file mode 100644
index 0000000..c4a492b
--- /dev/null
+++ b/src/gpasswd.c
@@ -0,0 +1,1207 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <errno.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <grp.h>
+#include <pwd.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include "defines.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "prototypes.h"
+#ifdef SHADOWGRP
+#include "sgroupio.h"
+#endif
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables
+ */
+/* The name of this command, as it is invoked */
+const char *Prog;
+
+#ifdef SHADOWGRP
+/* Indicate if shadow groups are enabled on the system
+ * (/etc/gshadow present) */
+static bool is_shadowgrp;
+#endif
+
+/* Flags set by options */
+static bool aflg = false;
+static bool Aflg = false;
+static bool dflg = false;
+static bool Mflg = false;
+static bool rflg = false;
+static bool Rflg = false;
+/* The name of the group that is being affected */
+static char *group = NULL;
+/* The name of the user being added (-a) or removed (-d) from group */
+static char *user = NULL;
+/* The new list of members set with -M */
+static char *members = NULL;
+#ifdef SHADOWGRP
+/* The new list of group administrators set with -A */
+static char *admins = NULL;
+#endif
+/* The name of the caller */
+static char *myname = NULL;
+/* The UID of the caller */
+static uid_t bywho;
+/* Indicate if gpasswd was called by root */
+#define amroot	(0 == bywho)
+
+/* The number of retries for th user to provide and repeat a new password */
+#ifndef	RETRIES
+#define	RETRIES	3
+#endif
+
+/* local function prototypes */
+static void usage (int status);
+static RETSIGTYPE catch_signals (int killed);
+static bool is_valid_user_list (const char *users);
+static void process_flags (int argc, char **argv);
+static void check_flags (int argc, int opt_index);
+static void open_files (void);
+static void close_files (void);
+#ifdef SHADOWGRP
+static void get_group (struct group *gr, struct sgrp *sg);
+static void check_perms (const struct group *gr, const struct sgrp *sg);
+static void update_group (struct group *gr, struct sgrp *sg);
+static void change_passwd (struct group *gr, struct sgrp *sg);
+#else
+static void get_group (struct group *gr);
+static void check_perms (const struct group *gr);
+static void update_group (struct group *gr);
+static void change_passwd (struct group *gr);
+#endif
+static void log_gpasswd_failure (const char *suffix);
+static void log_gpasswd_failure_system (/*@null@*/unused void *arg);
+static void log_gpasswd_failure_group (/*@null@*/unused void *arg);
+#ifdef SHADOWGRP
+static void log_gpasswd_failure_gshadow (/*@null@*/unused void *arg);
+#endif
+static void log_gpasswd_success (const char *suffix);
+static void log_gpasswd_success_system (/*@null@*/unused void *arg);
+static void log_gpasswd_success_group (/*@null@*/unused void *arg);
+
+/*
+ * usage - display usage message
+ */
+static void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [option] GROUP\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -a, --add USER                add USER to GROUP\n"), usageout);
+	(void) fputs (_("  -d, --delete USER             remove USER from GROUP\n"), usageout);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -Q, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs (_("  -r, --remove-password         remove the GROUP's password\n"), usageout);
+	(void) fputs (_("  -R, --restrict                restrict access to GROUP to its members\n"), usageout);
+	(void) fputs (_("  -M, --members USER,...        set the list of members of GROUP\n"), usageout);
+#ifdef SHADOWGRP
+	(void) fputs (_("  -A, --administrators ADMIN,...\n"
+	                "                                set the list of administrators for GROUP\n"), usageout);
+	(void) fputs (_("Except for the -A and -M options, the options cannot be combined.\n"), usageout);
+#else
+	(void) fputs (_("The options cannot be combined.\n"), usageout);
+#endif
+	exit (status);
+}
+
+/*
+ * catch_signals - set or reset termio modes.
+ *
+ *	catch_signals() is called before processing begins. signal() is then
+ *	called with catch_signals() as the signal handler. If signal later
+ *	calls catch_signals() with a signal number, the terminal modes are
+ *	then reset.
+ */
+static RETSIGTYPE catch_signals (int killed)
+{
+	static TERMIO sgtty;
+
+	if (0 != killed) {
+		STTY (0, &sgtty);
+	} else {
+		GTTY (0, &sgtty);
+	}
+
+	if (0 != killed) {
+		(void) write (STDOUT_FILENO, "\n", 1);
+		_exit (killed);
+	}
+}
+
+/*
+ * is_valid_user_list - check a comma-separated list of user names for validity
+ *
+ *	is_valid_user_list scans a comma-separated list of user names and
+ *	checks that each listed name exists is the user database.
+ *
+ *	It returns true if the list of users is valid.
+ */
+static bool is_valid_user_list (const char *users)
+{
+	const char *username;
+	char *end;
+	bool is_valid = true;
+	/*@owned@*/char *tmpusers = xstrdup (users);
+
+	for (username = tmpusers;
+	     (NULL != username) && ('\0' != *username);
+	     username = end) {
+		end = strchr (username, ',');
+		if (NULL != end) {
+			*end = '\0';
+			end++;
+		}
+
+		/*
+		 * This user must exist.
+		 */
+
+		/* local, no need for xgetpwnam */
+		if (getpwnam (username) == NULL) {
+			fprintf (stderr, _("%s: user '%s' does not exist\n"),
+			         Prog, username);
+			is_valid = false;
+		}
+	}
+
+	free (tmpusers);
+
+	return is_valid;
+}
+
+static void failure (void)
+{
+	fprintf (stderr, _("%s: Permission denied.\n"), Prog);
+	log_gpasswd_failure (": Permission denied");
+	exit (E_NOPERM);
+}
+
+/*
+ * process_flags - process the command line options and arguments
+ */
+static void process_flags (int argc, char **argv)
+{
+	int c;
+	static struct option long_options[] = {
+		{"add",             required_argument, NULL, 'a'},
+		{"administrators",  required_argument, NULL, 'A'},
+		{"delete",          required_argument, NULL, 'd'},
+		{"help",            no_argument,       NULL, 'h'},
+		{"members",         required_argument, NULL, 'M'},
+		{"root",            required_argument, NULL, 'Q'},
+		{"remove-password", no_argument,       NULL, 'r'},
+		{"restrict",        no_argument,       NULL, 'R'},
+		{NULL, 0, NULL, '\0'}
+		};
+
+	while ((c = getopt_long (argc, argv, "a:A:d:ghM:Q:rR",
+	                         long_options, NULL)) != -1) {
+		switch (c) {
+		case 'a':	/* add a user */
+			aflg = true;
+			user = optarg;
+			/* local, no need for xgetpwnam */
+			if (getpwnam (user) == NULL) {
+				fprintf (stderr,
+				         _("%s: user '%s' does not exist\n"),
+				         Prog, user);
+				exit (E_BAD_ARG);
+			}
+			break;
+#ifdef SHADOWGRP
+		case 'A':	/* set the list of administrators */
+			if (!is_shadowgrp) {
+				fprintf (stderr,
+				         _("%s: shadow group passwords required for -A\n"),
+				         Prog);
+				exit (E_GSHADOW_NOTFOUND);
+			}
+			admins = optarg;
+			if (!is_valid_user_list (admins)) {
+				exit (E_BAD_ARG);
+			}
+			Aflg = true;
+			break;
+#endif				/* SHADOWGRP */
+		case 'd':	/* delete a user */
+			dflg = true;
+			user = optarg;
+			break;
+		case 'g':	/* no-op from normal password */
+			break;
+		case 'h':
+			usage (E_SUCCESS);
+			break;
+		case 'M':	/* set the list of members */
+			members = optarg;
+			if (!is_valid_user_list (members)) {
+				exit (E_BAD_ARG);
+			}
+			Mflg = true;
+			break;
+		case 'Q':	/* no-op, handled in process_root_flag () */
+			break;
+		case 'r':	/* remove group password */
+			rflg = true;
+			break;
+		case 'R':	/* restrict group password */
+			Rflg = true;
+			break;
+		default:
+			usage (E_USAGE);
+		}
+	}
+
+	/* Get the name of the group that is being affected. */
+	group = argv[optind];
+
+	check_flags (argc, optind);
+}
+
+/*
+ * check_flags - check the validity of options
+ */
+static void check_flags (int argc, int opt_index)
+{
+	int exclusive = 0;
+	/*
+	 * Make sure exclusive flags are exclusive
+	 */
+	if (aflg) {
+		exclusive++;
+	}
+	if (dflg) {
+		exclusive++;
+	}
+	if (rflg) {
+		exclusive++;
+	}
+	if (Rflg) {
+		exclusive++;
+	}
+	if (Aflg || Mflg) {
+		exclusive++;
+	}
+	if (exclusive > 1) {
+		usage (E_USAGE);
+	}
+
+	/*
+	 * Make sure one (and only one) group was provided
+	 */
+	if ((argc != (opt_index+1)) || (NULL == group)) {
+		usage (E_USAGE);
+	}
+}
+
+/*
+ * open_files - lock and open the group databases
+ *
+ *	It will call exit in case of error.
+ */
+static void open_files (void)
+{
+	if (gr_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, gr_dbname ());
+		exit (E_NOPERM);
+	}
+	add_cleanup (cleanup_unlock_group, NULL);
+
+#ifdef SHADOWGRP
+	if (is_shadowgrp) {
+		if (sgr_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, sgr_dbname ());
+			exit (E_NOPERM);
+		}
+		add_cleanup (cleanup_unlock_gshadow, NULL);
+	}
+#endif				/* SHADOWGRP */
+
+	add_cleanup (log_gpasswd_failure_system, NULL);
+
+	if (gr_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot open %s\n"),
+		         Prog, gr_dbname ());
+		SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
+		exit (E_NOPERM);
+	}
+
+#ifdef SHADOWGRP
+	if (is_shadowgrp) {
+		if (sgr_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, sgr_dbname ());
+			SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
+			exit (E_NOPERM);
+		}
+		add_cleanup (log_gpasswd_failure_gshadow, NULL);
+	}
+#endif				/* SHADOWGRP */
+
+	add_cleanup (log_gpasswd_failure_group, NULL);
+	del_cleanup (log_gpasswd_failure_system);
+}
+
+static void log_gpasswd_failure (const char *suffix)
+{
+#ifdef WITH_AUDIT
+	char buf[1024];
+#endif
+	if (aflg) {
+		SYSLOG ((LOG_ERR,
+		         "%s failed to add user %s to group %s%s",
+		         myname, user, group, suffix));
+#ifdef WITH_AUDIT
+		snprintf (buf, 1023,
+		          "%s failed to add user %s to group %s%s",
+		          myname, user, group, suffix);
+		buf[1023] = '\0';
+		audit_logger (AUDIT_USER_ACCT, Prog,
+		              buf,
+		              group, AUDIT_NO_ID,
+		              SHADOW_AUDIT_FAILURE);
+#endif
+	} else if (dflg) {
+		SYSLOG ((LOG_ERR,
+		         "%s failed to remove user %s from group %s%s",
+		         myname, user, group, suffix));
+#ifdef WITH_AUDIT
+		snprintf (buf, 1023,
+		          "%s failed to remove user %s from group %s%s",
+		          myname, user, group, suffix);
+		buf[1023] = '\0';
+		audit_logger (AUDIT_USER_ACCT, Prog,
+		              buf,
+		              group, AUDIT_NO_ID,
+		              SHADOW_AUDIT_FAILURE);
+#endif
+	} else if (rflg) {
+		SYSLOG ((LOG_ERR,
+		         "%s failed to remove password of group %s%s",
+		         myname, group, suffix));
+#ifdef WITH_AUDIT
+		snprintf (buf, 1023,
+		          "%s failed to remove password of group %s%s",
+		          myname, group, suffix);
+		buf[1023] = '\0';
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              buf,
+		              group, AUDIT_NO_ID,
+		              SHADOW_AUDIT_FAILURE);
+#endif
+	} else if (Rflg) {
+		SYSLOG ((LOG_ERR,
+		         "%s failed to restrict access to group %s%s",
+		         myname, group, suffix));
+#ifdef WITH_AUDIT
+		snprintf (buf, 1023,
+		          "%s failed to restrict access to group %s%s",
+		          myname, group, suffix);
+		buf[1023] = '\0';
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              buf,
+		              group, AUDIT_NO_ID,
+		              SHADOW_AUDIT_FAILURE);
+#endif
+	} else if (Aflg || Mflg) {
+#ifdef SHADOWGRP
+		if (Aflg) {
+			SYSLOG ((LOG_ERR,
+			         "%s failed to set the administrators of group %s to %s%s",
+			         myname, group, admins, suffix));
+#ifdef WITH_AUDIT
+			snprintf (buf, 1023,
+			          "%s failed to set the administrators of group %s to %s%s",
+			          myname, group, admins, suffix);
+			buf[1023] = '\0';
+			audit_logger (AUDIT_USER_ACCT, Prog,
+			              buf,
+			              group, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+		}
+#endif				/* SHADOWGRP */
+		if (Mflg) {
+			SYSLOG ((LOG_ERR,
+			         "%s failed to set the members of group %s to %s%s",
+			         myname, group, members, suffix));
+#ifdef WITH_AUDIT
+			snprintf (buf, 1023,
+			          "%s failed to set the members of group %s to %s%s",
+			          myname, group, members, suffix);
+			buf[1023] = '\0';
+			audit_logger (AUDIT_USER_ACCT, Prog,
+			              buf,
+			              group, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+		}
+	} else {
+		SYSLOG ((LOG_ERR,
+		         "%s failed to change password of group %s%s",
+		         myname, group, suffix));
+#ifdef WITH_AUDIT
+		snprintf (buf, 1023,
+		          "%s failed to change password of group %s%s",
+		          myname, group, suffix);
+		buf[1023] = '\0';
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              buf,
+		              group, AUDIT_NO_ID,
+		              SHADOW_AUDIT_FAILURE);
+#endif
+	}
+}
+
+static void log_gpasswd_failure_system (unused void *arg)
+{
+	log_gpasswd_failure ("");
+}
+
+static void log_gpasswd_failure_group (unused void *arg)
+{
+	char buf[1024];
+	snprintf (buf, 1023, " in %s", gr_dbname ());
+	buf[1023] = '\0';
+	log_gpasswd_failure (buf);
+}
+
+#ifdef SHADOWGRP
+static void log_gpasswd_failure_gshadow (unused void *arg)
+{
+	char buf[1024];
+	snprintf (buf, 1023, " in %s", sgr_dbname ());
+	buf[1023] = '\0';
+	log_gpasswd_failure (buf);
+}
+#endif				/* SHADOWGRP */
+
+static void log_gpasswd_success (const char *suffix)
+{
+#ifdef WITH_AUDIT
+	char buf[1024];
+#endif
+	if (aflg) {
+		SYSLOG ((LOG_INFO,
+		         "user %s added by %s to group %s%s",
+		         user, myname, group, suffix));
+#ifdef WITH_AUDIT
+		snprintf (buf, 1023,
+		          "user %s added by %s to group %s%s",
+		          user, myname, group, suffix);
+		buf[1023] = '\0';
+		audit_logger (AUDIT_USER_ACCT, Prog,
+		              buf,
+		              group, AUDIT_NO_ID,
+		              SHADOW_AUDIT_SUCCESS);
+#endif
+	} else if (dflg) {
+		SYSLOG ((LOG_INFO,
+		         "user %s removed by %s from group %s%s",
+		         user, myname, group, suffix));
+#ifdef WITH_AUDIT
+		snprintf (buf, 1023,
+		          "user %s removed by %s from group %s%s",
+		          user, myname, group, suffix);
+		buf[1023] = '\0';
+		audit_logger (AUDIT_USER_ACCT, Prog,
+		              buf,
+		              group, AUDIT_NO_ID,
+		              SHADOW_AUDIT_SUCCESS);
+#endif
+	} else if (rflg) {
+		SYSLOG ((LOG_INFO,
+		         "password of group %s removed by %s%s",
+		         group, myname, suffix));
+#ifdef WITH_AUDIT
+		snprintf (buf, 1023,
+		          "password of group %s removed by %s%s",
+		          group, myname, suffix);
+		buf[1023] = '\0';
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              buf,
+		              group, AUDIT_NO_ID,
+		              SHADOW_AUDIT_SUCCESS);
+#endif
+	} else if (Rflg) {
+		SYSLOG ((LOG_INFO,
+		         "access to group %s restricted by %s%s",
+		         group, myname, suffix));
+#ifdef WITH_AUDIT
+		snprintf (buf, 1023,
+		          "access to group %s restricted by %s%s",
+		          group, myname, suffix);
+		buf[1023] = '\0';
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              buf,
+		              group, AUDIT_NO_ID,
+		              SHADOW_AUDIT_SUCCESS);
+#endif
+	} else if (Aflg || Mflg) {
+#ifdef SHADOWGRP
+		if (Aflg) {
+			SYSLOG ((LOG_INFO,
+			         "administrators of group %s set by %s to %s%s",
+			         group, myname, admins, suffix));
+#ifdef WITH_AUDIT
+			snprintf (buf, 1023,
+			          "administrators of group %s set by %s to %s%s",
+			          group, myname, admins, suffix);
+			buf[1023] = '\0';
+			audit_logger (AUDIT_USER_ACCT, Prog,
+			              buf,
+			              group, AUDIT_NO_ID,
+			              SHADOW_AUDIT_SUCCESS);
+#endif
+		}
+#endif				/* SHADOWGRP */
+		if (Mflg) {
+			SYSLOG ((LOG_INFO,
+			         "members of group %s set by %s to %s%s",
+			         group, myname, members, suffix));
+#ifdef WITH_AUDIT
+			snprintf (buf, 1023,
+			          "members of group %s set by %s to %s%s",
+			          group, myname, members, suffix);
+			buf[1023] = '\0';
+			audit_logger (AUDIT_USER_ACCT, Prog,
+			              buf,
+			              group, AUDIT_NO_ID,
+			              SHADOW_AUDIT_SUCCESS);
+#endif
+		}
+	} else {
+		SYSLOG ((LOG_INFO,
+		         "password of group %s changed by %s%s",
+		         group, myname, suffix));
+#ifdef WITH_AUDIT
+		snprintf (buf, 1023,
+		          "password of group %s changed by %s%s",
+		          group, myname, suffix);
+		buf[1023] = '\0';
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              buf,
+		              group, AUDIT_NO_ID,
+		              SHADOW_AUDIT_SUCCESS);
+#endif
+	}
+}
+
+static void log_gpasswd_success_system (unused void *arg)
+{
+	log_gpasswd_success ("");
+}
+
+static void log_gpasswd_success_group (unused void *arg)
+{
+	char buf[1024];
+	snprintf (buf, 1023, " in %s", gr_dbname ());
+	buf[1023] = '\0';
+	log_gpasswd_success (buf);
+}
+
+/*
+ * close_files - close and unlock the group databases
+ *
+ *	This cause any changes in the databases to be committed.
+ *
+ *	It will call exit in case of error.
+ */
+static void close_files (void)
+{
+	if (gr_close () == 0) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"),
+		         Prog, gr_dbname ());
+		exit (E_NOPERM);
+	}
+	add_cleanup (log_gpasswd_success_group, NULL);
+	del_cleanup (log_gpasswd_failure_group);
+
+	cleanup_unlock_group (NULL);
+	del_cleanup (cleanup_unlock_group);
+
+#ifdef SHADOWGRP
+	if (is_shadowgrp) {
+		if (sgr_close () == 0) {
+			fprintf (stderr,
+			         _("%s: failure while writing changes to %s\n"),
+			         Prog, sgr_dbname ());
+			exit (E_NOPERM);
+		}
+		del_cleanup (log_gpasswd_failure_gshadow);
+
+		cleanup_unlock_gshadow (NULL);
+		del_cleanup (cleanup_unlock_gshadow);
+	}
+#endif				/* SHADOWGRP */
+
+	log_gpasswd_success_system (NULL);
+	del_cleanup (log_gpasswd_success_group);
+}
+
+/*
+ * check_perms - check if the user is allowed to change the password of
+ *               the specified group.
+ *
+ *	It only returns if the user is allowed.
+ */
+#ifdef SHADOWGRP
+static void check_perms (const struct group *gr, const struct sgrp *sg)
+#else
+static void check_perms (const struct group *gr)
+#endif
+{
+	/*
+	 * Only root can use the -M and -A options.
+	 */
+	if (!amroot && (Aflg || Mflg)) {
+		failure ();
+	}
+
+#ifdef SHADOWGRP
+	if (is_shadowgrp) {
+		/*
+		 * The policy here for changing a group is that
+		 * 1) you must be root or
+		 * 2) you must be listed as an administrative member.
+		 * Administrative members can do anything to a group that
+		 * the root user can.
+		 */
+		if (!amroot && !is_on_list (sg->sg_adm, myname)) {
+			failure ();
+		}
+	} else
+#endif				/* SHADOWGRP */
+	{
+#ifdef FIRST_MEMBER_IS_ADMIN
+		/*
+		 * The policy here for changing a group is that
+		 * 1) you must be root or
+		 * 2) you must be the first listed member of the group.
+		 * The first listed member of a group can do anything to
+		 * that group that the root user can. The rationale for
+		 * this hack is that the FIRST user is probably the most
+		 * important user in this entire group.
+		 *
+		 * This feature enabled by default could be a security
+		 * problem when installed on existing systems where the
+		 * first group member might be just a normal user.
+		 * --marekm
+		 */
+		if (!amroot) {
+			if (gr->gr_mem[0] == (char *) 0) {
+				failure ();
+			}
+
+			if (strcmp (gr->gr_mem[0], myname) != 0) {
+				failure ();
+			}
+		}
+#else				/* ! FIRST_MEMBER_IS_ADMIN */
+		if (!amroot) {
+			failure ();
+		}
+#endif
+	}
+}
+
+/*
+ * update_group - Update the group information in the databases
+ */
+#ifdef SHADOWGRP
+static void update_group (struct group *gr, struct sgrp *sg)
+#else
+static void update_group (struct group *gr)
+#endif
+{
+	if (gr_update (gr) == 0) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry '%s'\n"),
+		         Prog, gr_dbname (), gr->gr_name);
+		exit (1);
+	}
+#ifdef SHADOWGRP
+	if (is_shadowgrp && (sgr_update (sg) == 0)) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry '%s'\n"),
+		         Prog, sgr_dbname (), sg->sg_name);
+		exit (1);
+	}
+#endif				/* SHADOWGRP */
+}
+
+/*
+ * get_group - get the current information for the group
+ *
+ *	The information are copied in group structure(s) so that they can be
+ *	modified later.
+ *
+ *	Note: If !is_shadowgrp, *sg will not be initialized.
+ */
+#ifdef SHADOWGRP
+static void get_group (struct group *gr, struct sgrp *sg)
+#else
+static void get_group (struct group *gr)
+#endif
+{
+	struct group const*tmpgr = NULL;
+#ifdef SHADOWGRP
+	struct sgrp const*tmpsg = NULL;
+#endif
+
+	if (gr_open (O_RDONLY) == 0) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
+		SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
+		exit (E_NOPERM);
+	}
+
+	tmpgr = gr_locate (group);
+	if (NULL == tmpgr) {
+		fprintf (stderr,
+		         _("%s: group '%s' does not exist in %s\n"),
+		         Prog, group, gr_dbname ());
+		exit (E_BAD_ARG);
+	}
+
+	*gr = *tmpgr;
+	gr->gr_name = xstrdup (tmpgr->gr_name);
+	gr->gr_passwd = xstrdup (tmpgr->gr_passwd);
+	gr->gr_mem = dup_list (tmpgr->gr_mem);
+
+	if (gr_close () == 0) {
+		fprintf (stderr,
+		         _("%s: failure while closing read-only %s\n"),
+		         Prog, gr_dbname ());
+		SYSLOG ((LOG_ERR,
+		         "failure while closing read-only %s",
+		         gr_dbname ()));
+		exit (E_NOPERM);
+	}
+
+#ifdef SHADOWGRP
+	if (is_shadowgrp) {
+		if (sgr_open (O_RDONLY) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, sgr_dbname ());
+			SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
+			exit (E_NOPERM);
+		}
+		tmpsg = sgr_locate (group);
+		if (NULL != tmpsg) {
+			*sg = *tmpsg;
+			sg->sg_name = xstrdup (tmpsg->sg_name);
+			sg->sg_passwd = xstrdup (tmpsg->sg_passwd);
+
+			sg->sg_mem = dup_list (tmpsg->sg_mem);
+			sg->sg_adm = dup_list (tmpsg->sg_adm);
+		} else {
+			sg->sg_name = xstrdup (group);
+			sg->sg_passwd = gr->gr_passwd;
+			gr->gr_passwd = SHADOW_PASSWD_STRING;	/* XXX warning: const */
+
+			sg->sg_mem = dup_list (gr->gr_mem);
+
+			sg->sg_adm = (char **) xmalloc (sizeof (char *) * 2);
+#ifdef FIRST_MEMBER_IS_ADMIN
+			if (sg->sg_mem[0]) {
+				sg->sg_adm[0] = xstrdup (sg->sg_mem[0]);
+				sg->sg_adm[1] = NULL;
+			} else
+#endif
+			{
+				sg->sg_adm[0] = NULL;
+			}
+
+		}
+		if (sgr_close () == 0) {
+			fprintf (stderr,
+			         _("%s: failure while closing read-only %s\n"),
+			         Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR,
+			         "failure while closing read-only %s",
+			         sgr_dbname ()));
+			exit (E_NOPERM);
+		}
+	}
+#endif				/* SHADOWGRP */
+}
+
+/*
+ * change_passwd - change the group's password
+ *
+ *	Get the new password from the user and update the password in the
+ *	group's structure.
+ *
+ *	It will call exit in case of error.
+ */
+#ifdef SHADOWGRP
+static void change_passwd (struct group *gr, struct sgrp *sg)
+#else
+static void change_passwd (struct group *gr)
+#endif
+{
+	char *cp;
+	static char pass[BUFSIZ];
+	int retries;
+	const char *salt;
+
+	/*
+	 * A new password is to be entered and it must be encrypted, etc.
+	 * The password will be prompted for twice, and both entries must be
+	 * identical. There is no need to validate the old password since
+	 * the invoker is either the group owner, or root.
+	 */
+	printf (_("Changing the password for group %s\n"), group);
+
+	for (retries = 0; retries < RETRIES; retries++) {
+		cp = getpass (_("New Password: "));
+		if (NULL == cp) {
+			exit (1);
+		}
+
+		STRFCPY (pass, cp);
+		strzero (cp);
+		cp = getpass (_("Re-enter new password: "));
+		if (NULL == cp) {
+			exit (1);
+		}
+
+		if (strcmp (pass, cp) == 0) {
+			strzero (cp);
+			break;
+		}
+
+		strzero (cp);
+		memzero (pass, sizeof pass);
+
+		if (retries + 1 < RETRIES) {
+			puts (_("They don't match; try again"));
+		}
+	}
+
+	if (retries == RETRIES) {
+		fprintf (stderr, _("%s: Try again later\n"), Prog);
+		exit (1);
+	}
+
+	salt = crypt_make_salt (NULL, NULL);
+	cp = pw_encrypt (pass, salt);
+	if (NULL == cp) {
+		fprintf (stderr,
+		         _("%s: failed to crypt password with salt '%s': %s\n"),
+		         Prog, salt, strerror (errno));
+		exit (1);
+	}
+	memzero (pass, sizeof pass);
+#ifdef SHADOWGRP
+	if (is_shadowgrp) {
+		gr->gr_passwd = SHADOW_PASSWD_STRING;
+		sg->sg_passwd = cp;
+	} else
+#endif
+	{
+		gr->gr_passwd = cp;
+	}
+}
+
+/*
+ * gpasswd - administer the /etc/group file
+ */
+int main (int argc, char **argv)
+{
+	struct group grent;
+#ifdef SHADOWGRP
+	struct sgrp sgent;
+#endif
+	struct passwd *pw = NULL;
+
+#ifdef WITH_AUDIT
+	audit_help_open ();
+#endif
+
+	sanitize_env ();
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	/*
+	 * Make a note of whether or not this command was invoked by root.
+	 * This will be used to bypass certain checks later on. Also, set
+	 * the real user ID to match the effective user ID. This will
+	 * prevent the invoker from issuing signals which would interfere
+	 * with this command.
+	 */
+	bywho = getuid ();
+	Prog = Basename (argv[0]);
+
+	OPENLOG ("gpasswd");
+	setbuf (stdout, NULL);
+	setbuf (stderr, NULL);
+
+	process_root_flag ("-Q", argc, argv);
+
+#ifdef SHADOWGRP
+	is_shadowgrp = sgr_file_present ();
+#endif
+
+	/*
+	 * Determine the name of the user that invoked this command. This
+	 * is really hit or miss because there are so many ways that command
+	 * can be executed and so many ways to trip up the routines that
+	 * report the user name.
+	 */
+	pw = get_my_pwent ();
+	if (NULL == pw) {
+		fprintf (stderr, _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		SYSLOG ((LOG_WARN,
+		         "Cannot determine the user name of the caller (UID %lu)",
+		         (unsigned long) getuid ()));
+		exit (E_NOPERM);
+	}
+	myname = xstrdup (pw->pw_name);
+
+	/*
+	 * Register an exit function to warn for any inconsistency that we
+	 * could create.
+	 */
+	if (atexit (do_cleanups) != 0) {
+		fprintf(stderr, "%s: cannot set exit function\n", Prog);
+		exit (1);
+	}
+
+	/* Parse the options */
+	process_flags (argc, argv);
+
+	/*
+	 * Replicate the group so it can be modified later on.
+	 */
+#ifdef SHADOWGRP
+	get_group (&grent, &sgent);
+#else
+	get_group (&grent);
+#endif
+
+	/*
+	 * Check if the user is allowed to change the password of this group.
+	 */
+#ifdef SHADOWGRP
+	check_perms (&grent, &sgent);
+#else
+	check_perms (&grent);
+#endif
+
+	/*
+	 * Removing a password is straight forward. Just set the password
+	 * field to a "".
+	 */
+	if (rflg) {
+#ifdef SHADOWGRP
+		if (is_shadowgrp) {
+			grent.gr_passwd = SHADOW_PASSWD_STRING;	/* XXX warning: const */
+			sgent.sg_passwd = "";	/* XXX warning: const */
+		} else
+#endif				/* SHADOWGRP */
+		{
+			grent.gr_passwd = "";	/* XXX warning: const */
+		}
+		goto output;
+	} else if (Rflg) {
+		/*
+		 * Same thing for restricting the group. Set the password
+		 * field to "!".
+		 */
+#ifdef SHADOWGRP
+		if (is_shadowgrp) {
+			grent.gr_passwd = SHADOW_PASSWD_STRING;	/* XXX warning: const */
+			sgent.sg_passwd = "!";	/* XXX warning: const */
+		} else
+#endif				/* SHADOWGRP */
+		{
+			grent.gr_passwd = "!";	/* XXX warning: const */
+		}
+		goto output;
+	}
+
+	/*
+	 * Adding a member to a member list is pretty straightforward as
+	 * well. Call the appropriate routine and split.
+	 */
+	if (aflg) {
+		printf (_("Adding user %s to group %s\n"), user, group);
+		grent.gr_mem = add_list (grent.gr_mem, user);
+#ifdef SHADOWGRP
+		if (is_shadowgrp) {
+			sgent.sg_mem = add_list (sgent.sg_mem, user);
+		}
+#endif
+		goto output;
+	}
+
+	/*
+	 * Removing a member from the member list is the same deal as adding
+	 * one, except the routine is different.
+	 */
+	if (dflg) {
+		bool removed = false;
+
+		printf (_("Removing user %s from group %s\n"), user, group);
+
+		if (is_on_list (grent.gr_mem, user)) {
+			removed = true;
+			grent.gr_mem = del_list (grent.gr_mem, user);
+		}
+#ifdef SHADOWGRP
+		if (is_shadowgrp) {
+			if (is_on_list (sgent.sg_mem, user)) {
+				removed = true;
+				sgent.sg_mem = del_list (sgent.sg_mem, user);
+			}
+		}
+#endif
+		if (!removed) {
+			fprintf (stderr,
+			         _("%s: user '%s' is not a member of '%s'\n"),
+			         Prog, user, group);
+			exit (E_BAD_ARG);
+		}
+		goto output;
+	}
+#ifdef SHADOWGRP
+	/*
+	 * Replacing the entire list of administrators is simple. Check the
+	 * list to make sure everyone is a real user. Then slap the new list
+	 * in place.
+	 */
+	if (Aflg) {
+		sgent.sg_adm = comma_to_list (admins);
+		if (!Mflg) {
+			goto output;
+		}
+	}
+#endif				/* SHADOWGRP */
+
+	/*
+	 * Replacing the entire list of members is simple. Check the list to
+	 * make sure everyone is a real user. Then slap the new list in
+	 * place.
+	 */
+	if (Mflg) {
+#ifdef SHADOWGRP
+		sgent.sg_mem = comma_to_list (members);
+#endif
+		grent.gr_mem = comma_to_list (members);
+		goto output;
+	}
+
+	/*
+	 * If the password is being changed, the input and output must both
+	 * be a tty. The typical keyboard signals are caught so the termio
+	 * modes can be restored.
+	 */
+	if ((isatty (0) == 0) || (isatty (1) == 0)) {
+		fprintf (stderr, _("%s: Not a tty\n"), Prog);
+		exit (E_NOPERM);
+	}
+
+	catch_signals (0);	/* save tty modes */
+
+	(void) signal (SIGHUP, catch_signals);
+	(void) signal (SIGINT, catch_signals);
+	(void) signal (SIGQUIT, catch_signals);
+	(void) signal (SIGTERM, catch_signals);
+#ifdef SIGTSTP
+	(void) signal (SIGTSTP, catch_signals);
+#endif
+
+	/* Prompt for the new password */
+#ifdef SHADOWGRP
+	change_passwd (&grent, &sgent);
+#else
+	change_passwd (&grent);
+#endif
+
+	/*
+	 * This is the common arrival point to output the new group file.
+	 * The freshly crafted entry is in allocated space. The group file
+	 * will be locked and opened for writing. The new entry will be
+	 * output, etc.
+	 */
+      output:
+	if (setuid (0) != 0) {
+		fputs (_("Cannot change ID to root.\n"), stderr);
+		SYSLOG ((LOG_ERR, "can't setuid(0)"));
+		closelog ();
+		exit (E_NOPERM);
+	}
+	pwd_init ();
+
+	open_files ();
+
+#ifdef SHADOWGRP
+	update_group (&grent, &sgent);
+#else
+	update_group (&grent);
+#endif
+
+	close_files ();
+
+	nscd_flush_cache ("group");
+
+	exit (E_SUCCESS);
+}
+
diff --git a/src/groupadd.c b/src/groupadd.c
new file mode 100644
index 0000000..179438f
--- /dev/null
+++ b/src/groupadd.c
@@ -0,0 +1,624 @@
+/*
+ * Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <ctype.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <grp.h>
+#include <stdio.h>
+#include <sys/types.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#include <pwd.h>
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+#include "chkname.h"
+#include "defines.h"
+#include "getdef.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "prototypes.h"
+#ifdef	SHADOWGRP
+#include "sgroupio.h"
+#endif
+
+/*
+ * exit status values
+ */
+/*@-exitarg@*/
+#define E_SUCCESS	0	/* success */
+#define E_USAGE		2	/* invalid command syntax */
+#define E_BAD_ARG	3	/* invalid argument to option */
+#define E_GID_IN_USE	4	/* gid not unique (when -o not used) */
+#define E_NAME_IN_USE	9	/* group name not unique */
+#define E_GRP_UPDATE	10	/* can't update group file */
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static /*@null@*/char *group_name;
+static gid_t group_id;
+static /*@null@*/char *group_passwd;
+static /*@null@*/char *empty_list = NULL;
+
+static bool oflg = false;	/* permit non-unique group ID to be specified with -g */
+static bool gflg = false;	/* ID value for the new group */
+static bool fflg = false;	/* if group already exists, do nothing and exit(0) */
+static bool rflg = false;	/* create a system account */
+static bool pflg = false;	/* new encrypted password */
+
+#ifdef SHADOWGRP
+static bool is_shadow_grp;
+#endif
+
+/* local function prototypes */
+static /*@noreturn@*/void usage (int status);
+static void new_grent (struct group *grent);
+
+#ifdef SHADOWGRP
+static void new_sgent (struct sgrp *sgent);
+#endif
+static void grp_update (void);
+static void check_new_name (void);
+static void close_files (void);
+static void open_files (void);
+static void process_flags (int argc, char **argv);
+static void check_flags (void);
+static void check_perms (void);
+
+/*
+ * usage - display usage message and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options] GROUP\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -f, --force                   exit successfully if the group already exists,\n"
+	                "                                and cancel -g if the GID is already used\n"), usageout);
+	(void) fputs (_("  -g, --gid GID                 use GID for the new group\n"), usageout);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"), usageout);
+	(void) fputs (_("  -o, --non-unique              allow to create groups with duplicate\n"
+	                "                                (non-unique) GID\n"), usageout);
+	(void) fputs (_("  -p, --password PASSWORD       use this encrypted password for the new group\n"), usageout);
+	(void) fputs (_("  -r, --system                  create a system account\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+/*
+ * new_grent - initialize the values in a group file entry
+ *
+ *	new_grent() takes all of the values that have been entered and fills
+ *	in a (struct group) with them.
+ */
+static void new_grent (struct group *grent)
+{
+	memzero (grent, sizeof *grent);
+	grent->gr_name = group_name;
+	if (pflg) {
+		grent->gr_passwd = group_passwd;
+	} else {
+		grent->gr_passwd = SHADOW_PASSWD_STRING;	/* XXX warning: const */
+	}
+	grent->gr_gid = group_id;
+	grent->gr_mem = &empty_list;
+}
+
+#ifdef	SHADOWGRP
+/*
+ * new_sgent - initialize the values in a shadow group file entry
+ *
+ *	new_sgent() takes all of the values that have been entered and fills
+ *	in a (struct sgrp) with them.
+ */
+static void new_sgent (struct sgrp *sgent)
+{
+	memzero (sgent, sizeof *sgent);
+	sgent->sg_name = group_name;
+	if (pflg) {
+		sgent->sg_passwd = group_passwd;
+	} else {
+		sgent->sg_passwd = "!";	/* XXX warning: const */
+	}
+	sgent->sg_adm = &empty_list;
+	sgent->sg_mem = &empty_list;
+}
+#endif				/* SHADOWGRP */
+
+/*
+ * grp_update - add new group file entries
+ *
+ *	grp_update() writes the new records to the group files.
+ */
+static void grp_update (void)
+{
+	struct group grp;
+
+#ifdef	SHADOWGRP
+	struct sgrp sgrp;
+#endif				/* SHADOWGRP */
+
+	/*
+	 * To add the group, we need to update /etc/group.
+	 * Make sure failures will be reported.
+	 */
+	add_cleanup (cleanup_report_add_group_group, group_name);
+#ifdef	SHADOWGRP
+	if (is_shadow_grp) {
+		/* We also need to update /etc/gshadow */
+		add_cleanup (cleanup_report_add_group_gshadow, group_name);
+	}
+#endif
+
+	/*
+	 * Create the initial entries for this new group.
+	 */
+	new_grent (&grp);
+#ifdef	SHADOWGRP
+	new_sgent (&sgrp);
+	if (is_shadow_grp && pflg) {
+		grp.gr_passwd = SHADOW_PASSWD_STRING;	/* XXX warning: const */
+	}
+#endif				/* SHADOWGRP */
+
+	/*
+	 * Write out the new group file entry.
+	 */
+	if (gr_update (&grp) == 0) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry '%s'\n"),
+		         Prog, gr_dbname (), grp.gr_name);
+		exit (E_GRP_UPDATE);
+	}
+#ifdef	SHADOWGRP
+	/*
+	 * Write out the new shadow group entries as well.
+	 */
+	if (is_shadow_grp && (sgr_update (&sgrp) == 0)) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry '%s'\n"),
+		         Prog, sgr_dbname (), sgrp.sg_name);
+		exit (E_GRP_UPDATE);
+	}
+#endif				/* SHADOWGRP */
+}
+
+/*
+ * check_new_name - check the new name for validity
+ *
+ *	check_new_name() insures that the new name doesn't contain any
+ *	illegal characters.
+ */
+static void check_new_name (void)
+{
+	if (is_valid_group_name (group_name)) {
+		return;
+	}
+
+	/*
+	 * All invalid group names land here.
+	 */
+
+	fprintf (stderr, _("%s: '%s' is not a valid group name\n"),
+	         Prog, group_name);
+
+	exit (E_BAD_ARG);
+}
+
+/*
+ * close_files - close all of the files that were opened
+ *
+ *	close_files() closes all of the files that were opened for this new
+ *	group. This causes any modified entries to be written out.
+ */
+static void close_files (void)
+{
+	/* First, write the changes in the regular group database */
+	if (gr_close () == 0) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"),
+		         Prog, gr_dbname ());
+		exit (E_GRP_UPDATE);
+	}
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_ADD_GROUP, Prog,
+	              "adding group to /etc/group",
+	              group_name, (unsigned int) group_id,
+	              SHADOW_AUDIT_SUCCESS);
+#endif
+	SYSLOG ((LOG_INFO, "group added to %s: name=%s, GID=%u",
+	         gr_dbname (), group_name, (unsigned int) group_id));
+	del_cleanup (cleanup_report_add_group_group);
+
+	cleanup_unlock_group (NULL);
+	del_cleanup (cleanup_unlock_group);
+
+	/* Now, write the changes in the shadow database */
+#ifdef	SHADOWGRP
+	if (is_shadow_grp) {
+		if (sgr_close () == 0) {
+			fprintf (stderr,
+			         _("%s: failure while writing changes to %s\n"),
+			         Prog, sgr_dbname ());
+			exit (E_GRP_UPDATE);
+		}
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_ADD_GROUP, Prog,
+		              "adding group to /etc/gshadow",
+		              group_name, (unsigned int) group_id,
+		              SHADOW_AUDIT_SUCCESS);
+#endif
+		SYSLOG ((LOG_INFO, "group added to %s: name=%s",
+		         sgr_dbname (), group_name));
+		del_cleanup (cleanup_report_add_group_gshadow);
+
+		cleanup_unlock_gshadow (NULL);
+		del_cleanup (cleanup_unlock_gshadow);
+	}
+#endif				/* SHADOWGRP */
+
+	/* Report success at the system level */
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_ADD_GROUP, Prog,
+	              "",
+	              group_name, (unsigned int) group_id,
+	              SHADOW_AUDIT_SUCCESS);
+#endif
+	SYSLOG ((LOG_INFO, "new group: name=%s, GID=%u",
+	         group_name, (unsigned int) group_id));
+	del_cleanup (cleanup_report_add_group);
+}
+
+/*
+ * open_files - lock and open the group files
+ *
+ *	open_files() opens the two group files.
+ */
+static void open_files (void)
+{
+	/* First, lock the databases */
+	if (gr_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, gr_dbname ());
+		exit (E_GRP_UPDATE);
+	}
+	add_cleanup (cleanup_unlock_group, NULL);
+
+#ifdef	SHADOWGRP
+	if (is_shadow_grp) {
+		if (sgr_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, sgr_dbname ());
+			exit (E_GRP_UPDATE);
+		}
+		add_cleanup (cleanup_unlock_gshadow, NULL);
+	}
+#endif				/* SHADOWGRP */
+
+	/*
+	 * Now if the group is not added, it's our fault.
+	 * Make sure failures will be reported.
+	 */
+	add_cleanup (cleanup_report_add_group, group_name);
+
+	/* And now open the databases */
+	if (gr_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
+		SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
+		exit (E_GRP_UPDATE);
+	}
+
+#ifdef	SHADOWGRP
+	if (is_shadow_grp) {
+		if (sgr_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, sgr_dbname ());
+			SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
+			exit (E_GRP_UPDATE);
+		}
+	}
+#endif				/* SHADOWGRP */
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ *	It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+	/*
+	 * Parse the command line options.
+	 */
+	char *cp;
+	int c;
+	static struct option long_options[] = {
+		{"force",      no_argument,       NULL, 'f'},
+		{"gid",        required_argument, NULL, 'g'},
+		{"help",       no_argument,       NULL, 'h'},
+		{"key",        required_argument, NULL, 'K'},
+		{"non-unique", no_argument,       NULL, 'o'},
+		{"password",   required_argument, NULL, 'p'},
+		{"system",     no_argument,       NULL, 'r'},
+		{"root",       required_argument, NULL, 'R'},
+		{NULL, 0, NULL, '\0'}
+	};
+
+	while ((c = getopt_long (argc, argv, "fg:hK:op:rR:",
+		                 long_options, NULL)) != -1) {
+		switch (c) {
+		case 'f':
+			/*
+			 * "force" - do nothing, just exit(0), if the
+			 * specified group already exists. With -g, if
+			 * specified gid already exists, choose another
+			 * (unique) gid (turn off -g). Based on the RedHat's
+			 * patch from shadow-utils-970616-9.
+			 */
+			fflg = true;
+			break;
+		case 'g':
+			gflg = true;
+			if (   (get_gid (optarg, &group_id) == 0)
+			    || (group_id == (gid_t)-1)) {
+				fprintf (stderr,
+				         _("%s: invalid group ID '%s'\n"),
+				         Prog, optarg);
+				exit (E_BAD_ARG);
+			}
+			break;
+		case 'h':
+			usage (E_SUCCESS);
+			/*@notreached@*/break;
+		case 'K':
+			/*
+			 * override login.defs defaults (-K name=value)
+			 * example: -K GID_MIN=100 -K GID_MAX=499
+			 * note: -K GID_MIN=10,GID_MAX=499 doesn't work yet
+			 */
+			cp = strchr (optarg, '=');
+			if (NULL == cp) {
+				fprintf (stderr,
+				         _("%s: -K requires KEY=VALUE\n"),
+				         Prog);
+				exit (E_BAD_ARG);
+			}
+			/* terminate name, point to value */
+			*cp++ = '\0';
+			if (putdef_str (optarg, cp) < 0) {
+				exit (E_BAD_ARG);
+			}
+			break;
+		case 'o':
+			oflg = true;
+			break;
+		case 'p':
+			pflg = true;
+			group_passwd = optarg;
+			break;
+		case 'r':
+			rflg = true;
+			break;
+		case 'R': /* no-op, handled in process_root_flag () */
+			break;
+		default:
+			usage (E_USAGE);
+		}
+	}
+
+	/*
+	 * Check the flags consistency
+	 */
+	if (optind != argc - 1) {
+		usage (E_USAGE);
+	}
+	group_name = argv[optind];
+
+	check_flags ();
+}
+
+/*
+ * check_flags - check flags and parameters consistency
+ *
+ *	It will not return if an error is encountered.
+ */
+static void check_flags (void)
+{
+	/* -o does not make sense without -g */
+	if (oflg && !gflg) {
+		usage (E_USAGE);
+	}
+
+	check_new_name ();
+
+	/*
+	 * Check if the group already exist.
+	 */
+	/* local, no need for xgetgrnam */
+	if (getgrnam (group_name) != NULL) {
+		/* The group already exist */
+		if (fflg) {
+			/* OK, no need to do anything */
+			exit (E_SUCCESS);
+		}
+		fprintf (stderr,
+		         _("%s: group '%s' already exists\n"),
+		         Prog, group_name);
+		exit (E_NAME_IN_USE);
+	}
+
+	if (gflg && (getgrgid (group_id) != NULL)) {
+		/* A GID was specified, and a group already exist with that GID
+		 *  - either we will use this GID anyway (-o)
+		 *  - either we ignore the specified GID and
+		 *    we will use another one (-f)
+		 *  - either it is a failure
+		 */
+		if (oflg) {
+			/* Continue with this GID */
+		} else if (fflg) {
+			/* Turn off -g, we can use any GID */
+			gflg = false;
+		} else {
+			fprintf (stderr,
+			         _("%s: GID '%lu' already exists\n"),
+			         Prog, (unsigned long int) group_id);
+			exit (E_GID_IN_USE);
+		}
+	}
+}
+
+/*
+ * check_perms - check if the caller is allowed to add a group
+ *
+ *	With PAM support, the setuid bit can be set on groupadd to allow
+ *	non-root users to groups.
+ *	Without PAM support, only users who can write in the group databases
+ *	can add groups.
+ *
+ *	It will not return if the user is not allowed.
+ */
+static void check_perms (void)
+{
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+	pam_handle_t *pamh = NULL;
+	int retval;
+	struct passwd *pampw;
+
+	pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+	if (NULL == pampw) {
+		fprintf (stderr,
+		         _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		exit (1);
+	}
+
+	retval = pam_start ("groupadd", pampw->pw_name, &conv, &pamh);
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_authenticate (pamh, 0);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_acct_mgmt (pamh, 0);
+	}
+
+	if (PAM_SUCCESS != retval) {
+		fprintf (stderr, _("%s: PAM: %s\n"),
+		         Prog, pam_strerror (pamh, retval));
+		SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+		if (NULL != pamh) {
+			(void) pam_end (pamh, retval);
+		}
+		exit (1);
+	}
+	(void) pam_end (pamh, retval);
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+}
+
+/*
+ * main - groupadd command
+ */
+int main (int argc, char **argv)
+{
+	/*
+	 * Get my name so that I can use it to report errors.
+	 */
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	OPENLOG ("groupadd");
+#ifdef WITH_AUDIT
+	audit_help_open ();
+#endif
+
+	if (atexit (do_cleanups) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot setup cleanup service.\n"),
+		         Prog);
+		exit (1);
+	}
+
+	/*
+	 * Parse the command line options.
+	 */
+	process_flags (argc, argv);
+
+	check_perms ();
+
+#ifdef SHADOWGRP
+	is_shadow_grp = sgr_file_present ();
+#endif
+
+	/*
+	 * Do the hard stuff - open the files, create the group entries,
+	 * then close and update the files.
+	 */
+	open_files ();
+
+	if (!gflg) {
+		if (find_new_gid (rflg, &group_id, NULL) < 0) {
+			exit (E_GID_IN_USE);
+		}
+	}
+
+	grp_update ();
+	close_files ();
+
+	nscd_flush_cache ("group");
+
+	return E_SUCCESS;
+}
+
diff --git a/src/groupdel.c b/src/groupdel.c
new file mode 100644
index 0000000..11e522b
--- /dev/null
+++ b/src/groupdel.c
@@ -0,0 +1,491 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <ctype.h>
+#include <fcntl.h>
+#include <grp.h>
+#include <pwd.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+#include <stdio.h>
+#include <sys/types.h>
+#include <getopt.h>
+#include "defines.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "prototypes.h"
+#ifdef	SHADOWGRP
+#include "sgroupio.h"
+#endif
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static char *group_name;
+static gid_t group_id = -1;
+static bool check_group_busy = true;
+
+#ifdef	SHADOWGRP
+static bool is_shadow_grp;
+#endif
+
+/*
+ * exit status values
+ */
+/*@-exitarg@*/
+#define E_SUCCESS	0	/* success */
+#define E_USAGE		2	/* invalid command syntax */
+#define E_NOTFOUND	6	/* specified group doesn't exist */
+#define E_GROUP_BUSY	8	/* can't remove user's primary group */
+#define E_GRP_UPDATE	10	/* can't update group file */
+
+/* local function prototypes */
+static /*@noreturn@*/void usage (int status);
+static void grp_update (void);
+static void close_files (void);
+static void open_files (void);
+static void group_busy (gid_t gid);
+static void process_flags (int argc, char **argv);
+
+/*
+ * usage - display usage message and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options] GROUP\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs (_("  -f, --force                   delete group even if it is the primary group of a user\n"), usageout);
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+/*
+ * grp_update - update group file entries
+ *
+ *	grp_update() writes the new records to the group files.
+ */
+static void grp_update (void)
+{
+	/*
+	 * To add the group, we need to update /etc/group.
+	 * Make sure failures will be reported.
+	 */
+	add_cleanup (cleanup_report_del_group_group, group_name);
+#ifdef	SHADOWGRP
+	if (is_shadow_grp) {
+		/* We also need to update /etc/gshadow */
+		add_cleanup (cleanup_report_del_group_gshadow, group_name);
+	}
+#endif
+
+	/*
+	 * Delete the group entry.
+	 */
+	if (gr_remove (group_name) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot remove entry '%s' from %s\n"),
+		         Prog, group_name, gr_dbname ());
+		exit (E_GRP_UPDATE);
+	}
+
+#ifdef	SHADOWGRP
+	/*
+	 * Delete the shadow group entries as well.
+	 */
+	if (is_shadow_grp && (sgr_locate (group_name) != NULL)) {
+		if (sgr_remove (group_name) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot remove entry '%s' from %s\n"),
+			         Prog, group_name, sgr_dbname ());
+			exit (E_GRP_UPDATE);
+		}
+	}
+#endif				/* SHADOWGRP */
+}
+
+/*
+ * close_files - close all of the files that were opened
+ *
+ *	close_files() closes all of the files that were opened for this
+ *	new group.  This causes any modified entries to be written out.
+ */
+static void close_files (void)
+{
+	/* First, write the changes in the regular group database */
+	if (gr_close () == 0) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"),
+		         Prog, gr_dbname ());
+		exit (E_GRP_UPDATE);
+	}
+
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_DEL_GROUP, Prog,
+	              "removing group from /etc/group",
+	              group_name, (unsigned int) group_id,
+	              SHADOW_AUDIT_SUCCESS);
+#endif
+	SYSLOG ((LOG_INFO,
+	         "group '%s' removed from %s",
+	         group_name, gr_dbname ()));
+	del_cleanup (cleanup_report_del_group_group);
+
+	cleanup_unlock_group (NULL);
+	del_cleanup (cleanup_unlock_group);
+
+
+	/* Then, write the changes in the shadow database */
+#ifdef	SHADOWGRP
+	if (is_shadow_grp) {
+		if (sgr_close () == 0) {
+			fprintf (stderr,
+			         _("%s: failure while writing changes to %s\n"),
+			         Prog, sgr_dbname ());
+			exit (E_GRP_UPDATE);
+		}
+
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_DEL_GROUP, Prog,
+		              "removing group from /etc/gshadow",
+		              group_name, (unsigned int) group_id,
+		              SHADOW_AUDIT_SUCCESS);
+#endif
+		SYSLOG ((LOG_INFO,
+		         "group '%s' removed from %s",
+		         group_name, sgr_dbname ()));
+		del_cleanup (cleanup_report_del_group_gshadow);
+
+		cleanup_unlock_gshadow (NULL);
+		del_cleanup (cleanup_unlock_gshadow);
+	}
+#endif				/* SHADOWGRP */
+
+	/* Report success at the system level */
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_DEL_GROUP, Prog,
+	              "",
+	              group_name, (unsigned int) group_id,
+	              SHADOW_AUDIT_SUCCESS);
+#endif
+	SYSLOG ((LOG_INFO, "group '%s' removed\n", group_name));
+	del_cleanup (cleanup_report_del_group);
+}
+
+/*
+ * open_files - lock and open the group files
+ *
+ *	open_files() opens the two group files.
+ */
+static void open_files (void)
+{
+	/* First, lock the databases */
+	if (gr_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, gr_dbname ());
+		exit (E_GRP_UPDATE);
+	}
+	add_cleanup (cleanup_unlock_group, NULL);
+#ifdef	SHADOWGRP
+	if (is_shadow_grp) {
+		if (sgr_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, sgr_dbname ());
+			exit (E_GRP_UPDATE);
+		}
+		add_cleanup (cleanup_unlock_gshadow, NULL);
+	}
+#endif
+
+	/*
+	 * Now, if the group is not removed, it's our fault.
+	 * Make sure failures will be reported.
+	 */
+	add_cleanup (cleanup_report_del_group, group_name);
+
+	/* An now open the databases */
+	if (gr_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot open %s\n"),
+		         Prog, gr_dbname ());
+		SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
+		exit (E_GRP_UPDATE);
+	}
+#ifdef	SHADOWGRP
+	if (is_shadow_grp) {
+		if (sgr_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, sgr_dbname ());
+			SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
+			exit (E_GRP_UPDATE);
+		}
+	}
+#endif				/* SHADOWGRP */
+}
+
+/*
+ * group_busy - check if this is any user's primary group
+ *
+ *	group_busy verifies that this group is not the primary group
+ *	for any user.  You must remove all users before you remove
+ *	the group.
+ */
+static void group_busy (gid_t gid)
+{
+	struct passwd *pwd;
+
+	/*
+	 * Nice slow linear search.
+	 */
+
+	setpwent ();
+
+	while ( ((pwd = getpwent ()) != NULL) && (pwd->pw_gid != gid) );
+
+	endpwent ();
+
+	/*
+	 * If pwd isn't NULL, it stopped because the gid's matched.
+	 */
+
+	if (pwd == (struct passwd *) 0) {
+		return;
+	}
+
+	/*
+	 * Can't remove the group.
+	 */
+	fprintf (stderr,
+	         _("%s: cannot remove the primary group of user '%s'\n"),
+	         Prog, pwd->pw_name);
+	exit (E_GROUP_BUSY);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ *	It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+	/*
+	 * Parse the command line options.
+	 */
+	int c;
+	static struct option long_options[] = {
+		{"help", no_argument,       NULL, 'h'},
+		{"root", required_argument, NULL, 'R'},
+		{NULL, 0, NULL, '\0'}
+	};
+
+	while ((c = getopt_long (argc, argv, "hfR:",
+	                         long_options, NULL)) != -1) {
+		switch (c) {
+		case 'h':
+			usage (E_SUCCESS);
+			/*@notreached@*/break;
+		case 'R': /* no-op, handled in process_root_flag () */
+			break;
+		case 'f':
+			check_group_busy = false;
+			break;
+		default:
+			usage (E_USAGE);
+		}
+	}
+
+	if (optind != argc - 1) {
+		usage (E_USAGE);
+	}
+	group_name = argv[optind];
+}
+
+/*
+ * main - groupdel command
+ *
+ *	The syntax of the groupdel command is
+ *	
+ *	groupdel group
+ *
+ *	The named group will be deleted.
+ */
+
+int main (int argc, char **argv)
+{
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+	pam_handle_t *pamh = NULL;
+	int retval;
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+
+	/*
+	 * Get my name so that I can use it to report errors.
+	 */
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	OPENLOG ("groupdel");
+#ifdef WITH_AUDIT
+	audit_help_open ();
+#endif
+
+	if (atexit (do_cleanups) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot setup cleanup service.\n"),
+		         Prog);
+		exit (1);
+	}
+
+	process_flags (argc, argv);
+
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+	{
+		struct passwd *pampw;
+		pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+		if (pampw == NULL) {
+			fprintf (stderr,
+			         _("%s: Cannot determine your user name.\n"),
+			         Prog);
+			exit (1);
+		}
+
+		retval = pam_start ("groupdel", pampw->pw_name, &conv, &pamh);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_authenticate (pamh, 0);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_acct_mgmt (pamh, 0);
+	}
+
+	if (PAM_SUCCESS != retval) {
+		fprintf (stderr, _("%s: PAM: %s\n"),
+		         Prog, pam_strerror (pamh, retval));
+		SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+		if (NULL != pamh) {
+			(void) pam_end (pamh, retval);
+		}
+		exit (1);
+	}
+	(void) pam_end (pamh, retval);
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+
+#ifdef SHADOWGRP
+	is_shadow_grp = sgr_file_present ();
+#endif
+
+	{
+		struct group *grp;
+		/*
+		 * Start with a quick check to see if the group exists.
+		 */
+		grp = getgrnam (group_name); /* local, no need for xgetgrnam */
+		if (NULL == grp) {
+			fprintf (stderr,
+			         _("%s: group '%s' does not exist\n"),
+			         Prog, group_name);
+			exit (E_NOTFOUND);
+		}
+
+		group_id = grp->gr_gid;
+	}
+
+#ifdef	USE_NIS
+	/*
+	 * Make sure this isn't a NIS group
+	 */
+	if (__isgrNIS ()) {
+		char *nis_domain;
+		char *nis_master;
+
+		fprintf (stderr,
+		         _("%s: group '%s' is a NIS group\n"),
+		         Prog, group_name);
+
+		if (!yp_get_default_domain (&nis_domain) &&
+		    !yp_master (nis_domain, "group.byname", &nis_master)) {
+			fprintf (stderr,
+			         _("%s: %s is the NIS master\n"),
+			         Prog, nis_master);
+		}
+		exit (E_NOTFOUND);
+	}
+#endif
+
+	/*
+	 * Make sure this isn't the primary group of anyone.
+	 */
+	if (check_group_busy) {
+		group_busy (group_id);
+	}
+
+	/*
+	 * Do the hard stuff - open the files, delete the group entries,
+	 * then close and update the files.
+	 */
+	open_files ();
+
+	grp_update ();
+
+	close_files ();
+
+	nscd_flush_cache ("group");
+
+	return E_SUCCESS;
+}
+
diff --git a/src/groupmems.c b/src/groupmems.c
new file mode 100644
index 0000000..4a49e10
--- /dev/null
+++ b/src/groupmems.c
@@ -0,0 +1,652 @@
+/*
+ * Copyright (c) 2000       , International Business Machines
+ *                            George Kraft IV, gk4@us.ibm.com, 03/23/2000
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <fcntl.h>
+#include <getopt.h>
+#include <grp.h>
+#include <stdio.h>
+#include <sys/types.h>
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif				/* USE_PAM */
+#include <pwd.h>
+#include "defines.h"
+#include "prototypes.h"
+#include "groupio.h"
+#ifdef SHADOWGRP
+#include "sgroupio.h"
+#endif
+
+/* Exit Status Values */
+/*@-exitarg@*/
+#define EXIT_SUCCESS		0	/* success */
+#define EXIT_USAGE		1	/* invalid command syntax */
+#define EXIT_GROUP_FILE		2	/* group file access problems */
+#define EXIT_NOT_ROOT		3	/* not superuser  */
+#define EXIT_NOT_EROOT		4	/* not effective superuser  */
+#define EXIT_NOT_PRIMARY	5	/* not primary owner of group  */
+#define EXIT_NOT_MEMBER		6	/* member of group does not exist */
+#define EXIT_MEMBER_EXISTS	7	/* member of group already exists */
+#define EXIT_INVALID_USER	8	/* specified user does not exist */
+#define EXIT_INVALID_GROUP	9	/* specified group does not exist */
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static char *adduser = NULL;
+static char *deluser = NULL;
+static char *thisgroup = NULL;
+static bool purge = false;
+static bool list = false;
+static int exclusive = 0;
+static bool gr_locked = false;
+#ifdef SHADOWGRP
+/* Indicate if shadow groups are enabled on the system
+ * (/etc/gshadow present) */
+static bool is_shadowgrp;
+static bool sgr_locked = false;
+#endif
+
+/* local function prototypes */
+static char *whoami (void);
+static void add_user (const char *user,
+                      const struct group *grp);
+static void remove_user (const char *user, 
+                         const struct group *grp);
+static void purge_members (const struct group *grp);
+static void display_members (const char *const *members);
+static /*@noreturn@*/void usage (int status);
+static void process_flags (int argc, char **argv);
+static void check_perms (void);
+static void fail_exit (int code);
+#define isroot()		(getuid () == 0)
+
+static char *whoami (void)
+{
+	/* local, no need for xgetgrgid */
+	struct group *grp = getgrgid (getgid ());
+	/* local, no need for xgetpwuid */
+	struct passwd *usr = getpwuid (getuid ());
+
+	if (   (NULL != usr)
+	    && (NULL != grp)
+	    && (0 == strcmp (usr->pw_name, grp->gr_name))) {
+		return xstrdup (usr->pw_name);
+	} else {
+		return NULL;
+	}
+}
+
+/*
+ * add_user - Add an user to the specified group
+ */
+static void add_user (const char *user,
+                      const struct group *grp)
+{
+	struct group *newgrp;
+
+	/* Make sure the user is not already part of the group */
+	if (is_on_list (grp->gr_mem, user)) {
+		fprintf (stderr,
+		         _("%s: user '%s' is already a member of '%s'\n"),
+		         Prog, user, grp->gr_name);
+		fail_exit (EXIT_MEMBER_EXISTS);
+	}
+
+	newgrp = __gr_dup(grp);
+	if (NULL == newgrp) {
+		fprintf (stderr,
+		         _("%s: Out of memory. Cannot update %s.\n"),
+		         Prog, gr_dbname ());
+		fail_exit (13);
+	}
+
+	/* Add the user to the /etc/group group */
+	newgrp->gr_mem = add_list (newgrp->gr_mem, user);
+
+#ifdef SHADOWGRP
+	if (is_shadowgrp) {
+		const struct sgrp *sg = sgr_locate (newgrp->gr_name);
+		struct sgrp *newsg;
+
+		if (NULL == sg) {
+			/* Create a shadow group based on this group */
+			static struct sgrp sgrent;
+			sgrent.sg_name = xstrdup (newgrp->gr_name);
+			sgrent.sg_mem = dup_list (newgrp->gr_mem);
+			sgrent.sg_adm = (char **) xmalloc (sizeof (char *));
+#ifdef FIRST_MEMBER_IS_ADMIN
+			if (sgrent.sg_mem[0]) {
+				sgrent.sg_adm[0] = xstrdup (sgrent.sg_mem[0]);
+				sgrent.sg_adm[1] = NULL;
+			} else
+#endif
+			{
+				sgrent.sg_adm[0] = NULL;
+			}
+
+			/* Move any password to gshadow */
+			sgrent.sg_passwd = newgrp->gr_passwd;
+			newgrp->gr_passwd = SHADOW_PASSWD_STRING;
+
+			newsg = &sgrent;
+		} else {
+			newsg = __sgr_dup (sg);
+			if (NULL == newsg) {
+				fprintf (stderr,
+				         _("%s: Out of memory. Cannot update %s.\n"),
+				         Prog, sgr_dbname ());
+				fail_exit (13);
+			}
+			/* Add the user to the members */
+			newsg->sg_mem = add_list (newsg->sg_mem, user);
+			/* Do not touch the administrators */
+		}
+
+		if (sgr_update (newsg) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, sgr_dbname (), newsg->sg_name);
+			fail_exit (13);
+		}
+	}
+#endif
+
+	if (gr_update (newgrp) == 0) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry '%s'\n"),
+		         Prog, gr_dbname (), newgrp->gr_name);
+		fail_exit (13);
+	}
+}
+
+/*
+ * remove_user - Remove an user from a given group
+ */
+static void remove_user (const char *user, 
+                         const struct group *grp)
+{
+	struct group *newgrp;
+
+	/* Check if the user is a member of the specified group */
+	if (!is_on_list (grp->gr_mem, user)) {
+		fprintf (stderr,
+		         _("%s: user '%s' is not a member of '%s'\n"),
+		         Prog, user, grp->gr_name);
+		fail_exit (EXIT_NOT_MEMBER);
+	}
+
+	newgrp = __gr_dup (grp);
+	if (NULL == newgrp) {
+		fprintf (stderr,
+		         _("%s: Out of memory. Cannot update %s.\n"),
+		         Prog, gr_dbname ());
+		fail_exit (13);
+	}
+
+	/* Remove the user from the /etc/group group */
+	newgrp->gr_mem = del_list (newgrp->gr_mem, user);
+
+#ifdef SHADOWGRP
+	if (is_shadowgrp) {
+		const struct sgrp *sg = sgr_locate (newgrp->gr_name);
+		struct sgrp *newsg;
+
+		if (NULL == sg) {
+			/* Create a shadow group based on this group */
+			static struct sgrp sgrent;
+			sgrent.sg_name = xstrdup (newgrp->gr_name);
+			sgrent.sg_mem = dup_list (newgrp->gr_mem);
+			sgrent.sg_adm = (char **) xmalloc (sizeof (char *));
+#ifdef FIRST_MEMBER_IS_ADMIN
+			if (sgrent.sg_mem[0]) {
+				sgrent.sg_adm[0] = xstrdup (sgrent.sg_mem[0]);
+				sgrent.sg_adm[1] = NULL;
+			} else
+#endif
+			{
+				sgrent.sg_adm[0] = NULL;
+			}
+
+			/* Move any password to gshadow */
+			sgrent.sg_passwd = newgrp->gr_passwd;
+			newgrp->gr_passwd = SHADOW_PASSWD_STRING;
+
+			newsg = &sgrent;
+		} else {
+			newsg = __sgr_dup (sg);
+			if (NULL == newsg) {
+				fprintf (stderr,
+				         _("%s: Out of memory. Cannot update %s.\n"),
+				         Prog, sgr_dbname ());
+				fail_exit (13);
+			}
+			/* Remove the user from the members */
+			newsg->sg_mem = del_list (newsg->sg_mem, user);
+			/* Remove the user from the administrators */
+			newsg->sg_adm = del_list (newsg->sg_adm, user);
+		}
+
+		if (sgr_update (newsg) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, sgr_dbname (), newsg->sg_name);
+			fail_exit (13);
+		}
+	}
+#endif
+
+	if (gr_update (newgrp) == 0) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry '%s'\n"),
+		         Prog, gr_dbname (), newgrp->gr_name);
+		fail_exit (13);
+	}
+}
+
+/*
+ * purge_members - Rmeove every members of the specified group
+ */
+static void purge_members (const struct group *grp)
+{
+	struct group *newgrp = __gr_dup (grp);
+
+	if (NULL == newgrp) {
+		fprintf (stderr,
+		         _("%s: Out of memory. Cannot update %s.\n"),
+		         Prog, gr_dbname ());
+		fail_exit (13);
+	}
+
+	/* Remove all the members of the /etc/group group */
+	newgrp->gr_mem[0] = NULL;
+
+#ifdef SHADOWGRP
+	if (is_shadowgrp) {
+		const struct sgrp *sg = sgr_locate (newgrp->gr_name);
+		struct sgrp *newsg;
+
+		if (NULL == sg) {
+			/* Create a shadow group based on this group */
+			static struct sgrp sgrent;
+			sgrent.sg_name = xstrdup (newgrp->gr_name);
+			sgrent.sg_mem = (char **) xmalloc (sizeof (char *));
+			sgrent.sg_mem[0] = NULL;
+			sgrent.sg_adm = (char **) xmalloc (sizeof (char *));
+			sgrent.sg_adm[0] = NULL;
+
+			/* Move any password to gshadow */
+			sgrent.sg_passwd = newgrp->gr_passwd;
+			newgrp->gr_passwd = xstrdup(SHADOW_PASSWD_STRING);
+
+			newsg = &sgrent;
+		} else {
+			newsg = __sgr_dup (sg);
+			if (NULL == newsg) {
+				fprintf (stderr,
+				         _("%s: Out of memory. Cannot update %s.\n"),
+				         Prog, sgr_dbname ());
+				fail_exit (13);
+			}
+			/* Remove all the members of the /etc/gshadow
+			 * group */
+			newsg->sg_mem[0] = NULL;
+			/* Remove all the administrators of the
+			 * /etc/gshadow group */
+			newsg->sg_adm[0] = NULL;
+		}
+
+		if (sgr_update (newsg) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, sgr_dbname (), newsg->sg_name);
+			fail_exit (13);
+		}
+	}
+#endif
+
+	if (gr_update (newgrp) == 0) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry '%s'\n"),
+		         Prog, gr_dbname (), newgrp->gr_name);
+		fail_exit (13);
+	}
+}
+
+static void display_members (const char *const *members)
+{
+	int i;
+
+	for (i = 0; NULL != members[i]; i++) {
+		printf ("%s ", members[i]);
+
+		if (NULL == members[i + 1]) {
+			printf ("\n");
+		} else {
+			printf (" ");
+		}
+	}
+}
+
+static /*@noreturn@*/void usage (int status)
+{
+	FILE *usageout = (EXIT_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options] [action]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -g, --group groupname         change groupname instead of the user's group\n"
+	                "                                (root only)\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs (_("\n"), usageout);
+	(void) fputs (_("Actions:\n"), usageout);
+	(void) fputs (_("  -a, --add username            add username to the members of the group\n"), usageout);
+	(void) fputs (_("  -d, --delete username         remove username from the members of the group\n"), usageout);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -p, --purge                   purge all members from the group\n"), usageout);
+	(void) fputs (_("  -l, --list                    list the members of the group\n"), usageout);
+	exit (status);
+}
+
+/*
+ * process_flags - perform command line argument setting
+ */
+static void process_flags (int argc, char **argv)
+{
+	int c;
+	static struct option long_options[] = {
+		{"add",    required_argument, NULL, 'a'},
+		{"delete", required_argument, NULL, 'd'},
+		{"group",  required_argument, NULL, 'g'},
+		{"help",   no_argument,       NULL, 'h'},
+		{"list",   no_argument,       NULL, 'l'},
+		{"purge",  no_argument,       NULL, 'p'},
+		{"root",   required_argument, NULL, 'R'},
+		{NULL, 0, NULL, '\0'}
+	};
+
+	while ((c = getopt_long (argc, argv, "a:d:g:hlpR:",
+	                         long_options, NULL)) != EOF) {
+		switch (c) {
+		case 'a':
+			adduser = xstrdup (optarg);
+			++exclusive;
+			break;
+		case 'd':
+			deluser = xstrdup (optarg);
+			++exclusive;
+			break;
+		case 'g':
+			thisgroup = xstrdup (optarg);
+			break;
+		case 'h':
+			usage (EXIT_SUCCESS);
+			/*@notreached@*/break;
+		case 'l':
+			list = true;
+			++exclusive;
+			break;
+		case 'p':
+			purge = true;
+			++exclusive;
+			break;
+		case 'R': /* no-op, handled in process_root_flag () */
+			break;
+		default:
+			usage (EXIT_USAGE);
+		}
+	}
+
+	if ((exclusive > 1) || (optind < argc)) {
+		usage (EXIT_USAGE);
+	}
+
+	/* local, no need for xgetpwnam */
+	if (   (NULL != adduser)
+	    && (getpwnam (adduser) == NULL)) {
+		fprintf (stderr, _("%s: user '%s' does not exist\n"),
+		         Prog, adduser);
+		fail_exit (EXIT_INVALID_USER);
+	}
+
+}
+
+static void check_perms (void)
+{
+	if (!list) {
+#ifdef USE_PAM
+		pam_handle_t *pamh = NULL;
+		int retval;
+		struct passwd *pampw;
+
+		pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+		if (NULL == pampw) {
+			fprintf (stderr,
+			         _("%s: Cannot determine your user name.\n"),
+			         Prog);
+			fail_exit (1);
+		}
+
+		retval = pam_start ("groupmems", pampw->pw_name, &conv, &pamh);
+
+		if (PAM_SUCCESS == retval) {
+			retval = pam_authenticate (pamh, 0);
+		}
+
+		if (PAM_SUCCESS == retval) {
+			retval = pam_acct_mgmt (pamh, 0);
+		}
+
+		if (PAM_SUCCESS != retval) {
+			fprintf (stderr, _("%s: PAM: %s\n"),
+			         Prog, pam_strerror (pamh, retval));
+			SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+			if (NULL != pamh) {
+				(void) pam_end (pamh, retval);
+			}
+			fail_exit (1);
+		}
+		(void) pam_end (pamh, retval);
+#endif
+	}
+}
+
+static void fail_exit (int code)
+{
+	if (gr_locked) {
+		if (gr_unlock () == 0) {
+			fprintf (stderr,
+			         _("%s: failed to unlock %s\n"),
+			         Prog, gr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+			/* continue */
+		}
+	}
+
+#ifdef SHADOWGRP
+	if (sgr_locked) {
+		if (sgr_unlock () == 0) {
+			fprintf (stderr,
+			         _("%s: failed to unlock %s\n"),
+			         Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+			/* continue */
+		}
+	}
+#endif
+
+	exit (code);
+}
+
+static void open_files (void)
+{
+	if (!list) {
+		if (gr_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, gr_dbname ());
+			fail_exit (EXIT_GROUP_FILE);
+		}
+		gr_locked = true;
+
+#ifdef SHADOWGRP
+		if (is_shadowgrp) {
+			if (sgr_lock () == 0) {
+				fprintf (stderr,
+				         _("%s: cannot lock %s; try again later.\n"),
+				         Prog, sgr_dbname ());
+				fail_exit (EXIT_GROUP_FILE);
+			}
+			sgr_locked = true;
+		}
+#endif
+	}
+
+	if (gr_open (list ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
+		fail_exit (EXIT_GROUP_FILE);
+	}
+
+#ifdef SHADOWGRP
+	if (is_shadowgrp) {
+		if (sgr_open (list ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ());
+			fail_exit (EXIT_GROUP_FILE);
+		}
+	}
+#endif
+}
+
+static void close_files (void)
+{
+	if ((gr_close () == 0) && !list) {
+		fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, gr_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
+		fail_exit (EXIT_GROUP_FILE);
+	}
+	if (gr_locked) {
+		if (gr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+			/* continue */
+		}
+		gr_locked = false;
+	}
+
+#ifdef SHADOWGRP
+	if (is_shadowgrp) {
+		if ((sgr_close () == 0) && !list) {
+			fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
+			fail_exit (EXIT_GROUP_FILE);
+		}
+		if (sgr_locked) {
+			if (sgr_unlock () == 0) {
+				fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+				SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+				/* continue */
+			}
+			sgr_locked = false;
+		}
+	}
+#endif
+}
+
+int main (int argc, char **argv) 
+{
+	char *name;
+	const struct group *grp;
+
+	/*
+	 * Get my name so that I can use it to report errors.
+	 */
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	OPENLOG ("groupmems");
+
+#ifdef SHADOWGRP
+	is_shadowgrp = sgr_file_present ();
+#endif
+
+	process_flags (argc, argv);
+
+	if (NULL == thisgroup) {
+		name = whoami ();
+		if (!list && (NULL == name)) {
+			fprintf (stderr, _("%s: your groupname does not match your username\n"), Prog);
+			fail_exit (EXIT_NOT_PRIMARY);
+		}
+	} else {
+		name = thisgroup;
+		if (!list && !isroot ()) {
+			fprintf (stderr, _("%s: only root can use the -g/--group option\n"), Prog);
+			fail_exit (EXIT_NOT_ROOT);
+		}
+	}
+
+	check_perms ();
+
+	open_files ();
+
+	grp = gr_locate (name);
+	if (NULL == grp) {
+		fprintf (stderr, _("%s: group '%s' does not exist in %s\n"),
+		         Prog, name, gr_dbname ());
+		fail_exit (EXIT_INVALID_GROUP);
+	}
+
+	if (list) {
+		display_members ((const char *const *)grp->gr_mem);
+	} else if (NULL != adduser) {
+		add_user (adduser, grp);
+	} else if (NULL != deluser) {
+		remove_user (deluser, grp);
+	} else if (purge) {
+		purge_members (grp);
+	}
+
+	close_files ();
+
+	exit (EXIT_SUCCESS);
+}
+
diff --git a/src/groupmod.c b/src/groupmod.c
new file mode 100644
index 0000000..757c1a4
--- /dev/null
+++ b/src/groupmod.c
@@ -0,0 +1,871 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <ctype.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <grp.h>
+#include <stdio.h>
+#include <sys/types.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#include <pwd.h>
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+#include "chkname.h"
+#include "defines.h"
+#include "groupio.h"
+#include "pwio.h"
+#include "nscd.h"
+#include "prototypes.h"
+#ifdef	SHADOWGRP
+#include "sgroupio.h"
+#endif
+/*
+ * exit status values
+ */
+/*@-exitarg@*/
+#define E_SUCCESS	0	/* success */
+#define E_USAGE		2	/* invalid command syntax */
+#define E_BAD_ARG	3	/* invalid argument to option */
+#define E_GID_IN_USE	4	/* gid already in use (and no -o) */
+#define E_NOTFOUND	6	/* specified group doesn't exist */
+#define E_NAME_IN_USE	9	/* group name already in use */
+#define E_GRP_UPDATE	10	/* can't update group file */
+/*
+ * Global variables
+ */
+const char *Prog;
+
+#ifdef	SHADOWGRP
+static bool is_shadow_grp;
+#endif				/* SHADOWGRP */
+static char *group_name;
+static char *group_newname;
+static char *group_passwd;
+static gid_t group_id;
+static gid_t group_newid;
+
+static struct cleanup_info_mod info_passwd;
+static struct cleanup_info_mod info_group;
+#ifdef	SHADOWGRP
+static struct cleanup_info_mod info_gshadow;
+#endif
+
+static bool
+    oflg = false,		/* permit non-unique group ID to be specified with -g */
+    gflg = false,		/* new ID value for the group */
+    nflg = false,		/* a new name has been specified for the group */
+    pflg = false;		/* new encrypted password */
+
+/* local function prototypes */
+static void usage (int status);
+static void new_grent (struct group *);
+
+#ifdef SHADOWGRP
+static void new_sgent (struct sgrp *);
+#endif
+static void grp_update (void);
+static void check_new_gid (void);
+static void check_new_name (void);
+static void process_flags (int, char **);
+static void lock_files (void);
+static void prepare_failure_reports (void);
+static void open_files (void);
+static void close_files (void);
+static void update_primary_groups (gid_t ogid, gid_t ngid);
+
+/*
+ * usage - display usage message and exit
+ */
+
+static void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options] GROUP\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -g, --gid GID                 change the group ID to GID\n"), usageout);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -n, --new-name NEW_GROUP      change the name to NEW_GROUP\n"), usageout);
+	(void) fputs (_("  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"), usageout);
+	(void) fputs (_("  -p, --password PASSWORD       change the password to this (encrypted)\n"
+	                "                                PASSWORD\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+/*
+ * new_grent - updates the values in a group file entry
+ *
+ *	new_grent() takes all of the values that have been entered and fills
+ *	in a (struct group) with them.
+ */
+static void new_grent (struct group *grent)
+{
+	if (nflg) {
+		grent->gr_name = xstrdup (group_newname);
+	}
+
+	if (gflg) {
+		grent->gr_gid = group_newid;
+	}
+
+	if (   pflg
+#ifdef SHADOWGRP
+	    && (   (!is_shadow_grp)
+	        || (strcmp (grent->gr_passwd, SHADOW_PASSWD_STRING) != 0))
+#endif
+		) {
+		/* Update the password in group if there is no gshadow
+		 * file or if the password is currently in group
+		 * (gr_passwd != "x").  We do not force the usage of
+		 * shadow passwords if it was not the case before.
+		 */
+		grent->gr_passwd = group_passwd;
+	}
+}
+
+#ifdef	SHADOWGRP
+/*
+ * new_sgent - updates the values in a shadow group file entry
+ *
+ *	new_sgent() takes all of the values that have been entered and fills
+ *	in a (struct sgrp) with them.
+ */
+static void new_sgent (struct sgrp *sgent)
+{
+	if (nflg) {
+		sgent->sg_name = xstrdup (group_newname);
+	}
+
+	/* Always update the shadowed password if there is a shadow entry
+	 * (even if shadowed passwords might not be enabled for this group
+	 * (gr_passwd != "x")).
+	 * It seems better to update the password in both places in case a
+	 * shadow and a non shadow entry exist.
+	 * This might occur only if there were already both entries.
+	 */
+	if (pflg) {
+		sgent->sg_passwd = group_passwd;
+	}
+}
+#endif				/* SHADOWGRP */
+
+/*
+ * grp_update - update group file entries
+ *
+ *	grp_update() updates the new records in the memory databases.
+ */
+static void grp_update (void)
+{
+	struct group grp;
+	const struct group *ogrp;
+
+#ifdef	SHADOWGRP
+	struct sgrp sgrp;
+	const struct sgrp *osgrp = NULL;
+#endif				/* SHADOWGRP */
+
+	/*
+	 * Get the current settings for this group.
+	 */
+	ogrp = gr_locate (group_name);
+	if (NULL == ogrp) {
+		fprintf (stderr,
+		         _("%s: group '%s' does not exist in %s\n"),
+		         Prog, group_name, gr_dbname ());
+		exit (E_GRP_UPDATE);
+	}
+	grp = *ogrp;
+	new_grent (&grp);
+#ifdef	SHADOWGRP
+	if (   is_shadow_grp
+	    && (pflg || nflg)) {
+		osgrp = sgr_locate (group_name);
+		if (NULL != osgrp) {
+			sgrp = *osgrp;
+			new_sgent (&sgrp);
+		} else if (   pflg
+		           && (strcmp (grp.gr_passwd, SHADOW_PASSWD_STRING) == 0)) {
+			static char *empty = NULL;
+			/* If there is a gshadow file with no entries for
+			 * the group, but the group file indicates a
+			 * shadowed password, we force the creation of a
+			 * gshadow entry when a new password is requested.
+			 */
+			memset (&sgrp, 0, sizeof sgrp);
+			sgrp.sg_name   = xstrdup (grp.gr_name);
+			sgrp.sg_passwd = xstrdup (grp.gr_passwd);
+			sgrp.sg_adm    = &empty;
+			sgrp.sg_mem    = dup_list (grp.gr_mem);
+			new_sgent (&sgrp);
+			osgrp = &sgrp; /* entry needs to be committed */
+		}
+	}
+#endif				/* SHADOWGRP */
+
+	if (gflg) {
+		update_primary_groups (ogrp->gr_gid, group_newid);
+	}
+
+	/*
+	 * Write out the new group file entry.
+	 */
+	if (gr_update (&grp) == 0) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry '%s'\n"),
+		         Prog, gr_dbname (), grp.gr_name);
+		exit (E_GRP_UPDATE);
+	}
+	if (nflg && (gr_remove (group_name) == 0)) {
+		fprintf (stderr,
+		         _("%s: cannot remove entry '%s' from %s\n"),
+		         Prog, grp.gr_name, gr_dbname ());
+		exit (E_GRP_UPDATE);
+	}
+
+#ifdef	SHADOWGRP
+	/*
+	 * Make sure there was a shadow entry to begin with.
+	 */
+	if (NULL != osgrp) {
+		/*
+		 * Write out the new shadow group entries as well.
+		 */
+		if (sgr_update (&sgrp) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, sgr_dbname (), sgrp.sg_name);
+			exit (E_GRP_UPDATE);
+		}
+		if (nflg && (sgr_remove (group_name) == 0)) {
+			fprintf (stderr,
+			         _("%s: cannot remove entry '%s' from %s\n"),
+			         Prog, group_name, sgr_dbname ());
+			exit (E_GRP_UPDATE);
+		}
+	}
+#endif				/* SHADOWGRP */
+}
+
+/*
+ * check_new_gid - check the new GID value for uniqueness
+ *
+ *	check_new_gid() insures that the new GID value is unique.
+ */
+static void check_new_gid (void)
+{
+	/*
+	 * First, the easy stuff. If the ID can be duplicated, or if the ID
+	 * didn't really change, just return. If the ID didn't change, turn
+	 * off those flags. No sense doing needless work.
+	 */
+	if (group_id == group_newid) {
+		gflg = 0;
+		return;
+	}
+
+	if (oflg ||
+	    (getgrgid (group_newid) == NULL) /* local, no need for xgetgrgid */
+	   ) {
+		return;
+	}
+
+	/*
+	 * Tell the user what they did wrong.
+	 */
+	fprintf (stderr,
+	         _("%s: GID '%lu' already exists\n"),
+	         Prog, (unsigned long int) group_newid);
+	exit (E_GID_IN_USE);
+}
+
+/*
+ * check_new_name - check the new name for uniqueness
+ *
+ *	check_new_name() insures that the new name does not exist already.
+ *	You can't have the same name twice, period.
+ */
+static void check_new_name (void)
+{
+	/*
+	 * Make sure they are actually changing the name.
+	 */
+	if (strcmp (group_name, group_newname) == 0) {
+		nflg = 0;
+		return;
+	}
+
+	if (is_valid_group_name (group_newname)) {
+
+		/*
+		 * If the entry is found, too bad.
+		 */
+		/* local, no need for xgetgrnam */
+		if (getgrnam (group_newname) != NULL) {
+			fprintf (stderr,
+			         _("%s: group '%s' already exists\n"),
+			         Prog, group_newname);
+			exit (E_NAME_IN_USE);
+		}
+		return;
+	}
+
+	/*
+	 * All invalid group names land here.
+	 */
+
+	fprintf (stderr,
+	         _("%s: invalid group name '%s'\n"),
+	         Prog, group_newname);
+	exit (E_BAD_ARG);
+}
+
+/*
+ * process_flags - perform command line argument setting
+ *
+ *	process_flags() interprets the command line arguments and sets the
+ *	values that the user will be created with accordingly. The values
+ *	are checked for sanity.
+ */
+static void process_flags (int argc, char **argv)
+{
+	int c;
+	static struct option long_options[] = {
+		{"gid",        required_argument, NULL, 'g'},
+		{"help",       no_argument,       NULL, 'h'},
+		{"new-name",   required_argument, NULL, 'n'},
+		{"non-unique", no_argument,       NULL, 'o'},
+		{"password",   required_argument, NULL, 'p'},
+		{"root",       required_argument, NULL, 'R'},
+		{NULL, 0, NULL, '\0'}
+	};
+	while ((c = getopt_long (argc, argv, "g:hn:op:R:",
+		                 long_options, NULL)) != -1) {
+		switch (c) {
+		case 'g':
+			gflg = true;
+			if (   (get_gid (optarg, &group_newid) == 0)
+			    || (group_newid == (gid_t)-1)) {
+				fprintf (stderr,
+				         _("%s: invalid group ID '%s'\n"),
+				         Prog, optarg);
+				exit (E_BAD_ARG);
+			}
+			break;
+		case 'h':
+			usage (E_SUCCESS);
+			break;
+		case 'n':
+			nflg = true;
+			group_newname = optarg;
+			break;
+		case 'o':
+			oflg = true;
+			break;
+		case 'p':
+			group_passwd = optarg;
+			pflg = true;
+			break;
+		case 'R': /* no-op, handled in process_root_flag () */
+			break;
+		default:
+			usage (E_USAGE);
+		}
+	}
+
+	if (oflg && !gflg) {
+		usage (E_USAGE);
+	}
+
+	if (optind != (argc - 1)) {
+		usage (E_USAGE);
+	}
+
+	group_name = argv[argc - 1];
+}
+
+/*
+ * close_files - close all of the files that were opened
+ *
+ *	close_files() closes all of the files that were opened for this new
+ *	group. This causes any modified entries to be written out.
+ */
+static void close_files (void)
+{
+	if (gr_close () == 0) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"),
+		         Prog, gr_dbname ());
+		exit (E_GRP_UPDATE);
+	}
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_USER_ACCT, Prog,
+	              info_group.audit_msg,
+	              group_name, AUDIT_NO_ID,
+	              SHADOW_AUDIT_SUCCESS);
+#endif
+	SYSLOG ((LOG_INFO,
+	         "group changed in %s (%s)",
+	         gr_dbname (), info_group.action));
+	del_cleanup (cleanup_report_mod_group);
+
+	cleanup_unlock_group (NULL);
+	del_cleanup (cleanup_unlock_group);
+
+#ifdef	SHADOWGRP
+	if (   is_shadow_grp
+	    && (pflg || nflg)) {
+		if (sgr_close () == 0) {
+			fprintf (stderr,
+			         _("%s: failure while writing changes to %s\n"),
+			         Prog, sgr_dbname ());
+			exit (E_GRP_UPDATE);
+		}
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_ACCT, Prog,
+		              info_gshadow.audit_msg,
+		              group_name, AUDIT_NO_ID,
+		              SHADOW_AUDIT_SUCCESS);
+#endif
+		SYSLOG ((LOG_INFO,
+		         "group changed in %s (%s)",
+		         sgr_dbname (), info_gshadow.action));
+		del_cleanup (cleanup_report_mod_gshadow);
+
+		cleanup_unlock_gshadow (NULL);
+		del_cleanup (cleanup_unlock_gshadow);
+	}
+#endif				/* SHADOWGRP */
+
+	if (gflg) {
+		if (pw_close () == 0) {
+			fprintf (stderr,
+			         _("%s: failure while writing changes to %s\n"),
+			         Prog, pw_dbname ());
+			exit (E_GRP_UPDATE);
+		}
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_ACCT, Prog,
+		              info_passwd.audit_msg,
+		              group_name, AUDIT_NO_ID,
+		              SHADOW_AUDIT_SUCCESS);
+#endif
+		SYSLOG ((LOG_INFO,
+		         "group changed in %s (%s)",
+		         pw_dbname (), info_passwd.action));
+		del_cleanup (cleanup_report_mod_passwd);
+
+		cleanup_unlock_passwd (NULL);
+		del_cleanup (cleanup_unlock_passwd);
+	}
+
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_USER_ACCT, Prog,
+	              "modifying group",
+	              group_name, AUDIT_NO_ID,
+	              SHADOW_AUDIT_SUCCESS);
+#endif
+}
+
+/*
+ * prepare_failure_reports - Prepare the cleanup_info structure for logging
+ * of success and failure to syslog or audit.
+ */
+static void prepare_failure_reports (void)
+{
+	info_group.name   = group_name;
+#ifdef	SHADOWGRP
+	info_gshadow.name = group_name;
+#endif
+	info_passwd.name  = group_name;
+
+	info_group.audit_msg   = xmalloc (512);
+#ifdef	SHADOWGRP
+	info_gshadow.audit_msg = xmalloc (512);
+#endif
+	info_passwd.audit_msg  = xmalloc (512);
+
+	(void) snprintf (info_group.audit_msg, 511,
+	                 "changing %s; ", gr_dbname ());
+#ifdef	SHADOWGRP
+	(void) snprintf (info_gshadow.audit_msg, 511,
+	                 "changing %s; ", sgr_dbname ());
+#endif
+	(void) snprintf (info_passwd.audit_msg, 511,
+	                 "changing %s; ", pw_dbname ());
+
+	info_group.action   =   info_group.audit_msg
+	                      + strlen (info_group.audit_msg);
+#ifdef	SHADOWGRP
+	info_gshadow.action =   info_gshadow.audit_msg
+	                      + strlen (info_gshadow.audit_msg);
+#endif
+	info_passwd.action  =   info_passwd.audit_msg
+	                      + strlen (info_passwd.audit_msg);
+
+	(void) snprintf (info_group.action,
+	                 511 - strlen (info_group.audit_msg),
+	                 "group %s/%lu",
+	                 group_name, (unsigned long int) group_id);
+#ifdef	SHADOWGRP
+	(void) snprintf (info_gshadow.action,
+	                 511 - strlen (info_group.audit_msg),
+	                 "group %s", group_name);
+#endif
+	(void) snprintf (info_passwd.action,
+	                 511 - strlen (info_group.audit_msg),
+	                 "group %s/%lu",
+	                 group_name, (unsigned long int) group_id);
+
+	if (nflg) {
+		strncat (info_group.action, ", new name: ",
+		         511 - strlen (info_group.audit_msg));
+		strncat (info_group.action, group_newname,
+		         511 - strlen (info_group.audit_msg));
+
+#ifdef	SHADOWGRP
+		strncat (info_gshadow.action, ", new name: ",
+		         511 - strlen (info_gshadow.audit_msg));
+		strncat (info_gshadow.action, group_newname,
+		         511 - strlen (info_gshadow.audit_msg));
+#endif
+
+		strncat (info_passwd.action, ", new name: ",
+		         511 - strlen (info_passwd.audit_msg));
+		strncat (info_passwd.action, group_newname,
+		         511 - strlen (info_passwd.audit_msg));
+	}
+	if (pflg) {
+		strncat (info_group.action, ", new password",
+		         511 - strlen (info_group.audit_msg));
+
+#ifdef	SHADOWGRP
+		strncat (info_gshadow.action, ", new password",
+		         511 - strlen (info_gshadow.audit_msg));
+#endif
+	}
+	if (gflg) {
+		strncat (info_group.action, ", new gid: ",
+		         511 - strlen (info_group.audit_msg));
+		(void) snprintf (info_group.action+strlen (info_group.action),
+		                 511 - strlen (info_group.audit_msg),
+		                 "%lu", (unsigned long int) group_newid);
+
+		strncat (info_passwd.action, ", new gid: ",
+		         511 - strlen (info_passwd.audit_msg));
+		(void) snprintf (info_passwd.action+strlen (info_passwd.action),
+		                 511 - strlen (info_passwd.audit_msg),
+		                 "%lu", (unsigned long int) group_newid);
+	}
+	info_group.audit_msg[511]   = '\0';
+#ifdef	SHADOWGRP
+	info_gshadow.audit_msg[511] = '\0';
+#endif
+	info_passwd.audit_msg[511]  = '\0';
+
+// FIXME: add a system cleanup
+	add_cleanup (cleanup_report_mod_group, &info_group);
+#ifdef	SHADOWGRP
+	if (   is_shadow_grp
+	    && (pflg || nflg)) {
+		add_cleanup (cleanup_report_mod_gshadow, &info_gshadow);
+	}
+#endif
+	if (gflg) {
+		add_cleanup (cleanup_report_mod_passwd, &info_passwd);
+	}
+
+}
+
+/*
+ * lock_files - lock the accounts databases
+ *
+ *	lock_files() locks the group, gshadow, and passwd databases.
+ */
+static void lock_files (void)
+{
+	if (gr_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, gr_dbname ());
+		exit (E_GRP_UPDATE);
+	}
+	add_cleanup (cleanup_unlock_group, NULL);
+
+#ifdef	SHADOWGRP
+	if (   is_shadow_grp
+	    && (pflg || nflg)) {
+		if (sgr_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, sgr_dbname ());
+			exit (E_GRP_UPDATE);
+		}
+		add_cleanup (cleanup_unlock_gshadow, NULL);
+	}
+#endif
+
+	if (gflg) {
+		if (pw_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, pw_dbname ());
+			exit (E_GRP_UPDATE);
+		}
+		add_cleanup (cleanup_unlock_passwd, NULL);
+	}
+}
+
+
+/*
+ * open_files - open the accounts databases
+ *
+ *	open_files() opens the group, gshadow, and passwd databases.
+ */
+static void open_files (void)
+{
+	if (gr_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
+		SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
+		exit (E_GRP_UPDATE);
+	}
+
+#ifdef	SHADOWGRP
+	if (   is_shadow_grp
+	    && (pflg || nflg)) {
+		if (sgr_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, sgr_dbname ());
+			SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
+			exit (E_GRP_UPDATE);
+		}
+	}
+#endif				/* SHADOWGRP */
+
+	if (gflg) {
+		if (pw_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, pw_dbname ());
+			SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
+			exit (E_GRP_UPDATE);
+		}
+	}
+}
+
+void update_primary_groups (gid_t ogid, gid_t ngid)
+{
+	struct passwd *pwd;
+
+	setpwent ();
+	while ((pwd = getpwent ()) != NULL) {
+		if (pwd->pw_gid == ogid) {
+			const struct passwd *lpwd;
+			struct passwd npwd;
+			lpwd = pw_locate (pwd->pw_name);
+			if (NULL == lpwd) {
+				fprintf (stderr,
+				         _("%s: user '%s' does not exist in %s\n"),
+				         Prog, pwd->pw_name, pw_dbname ());
+				exit (E_GRP_UPDATE);
+			} else {
+				npwd = *lpwd;
+				npwd.pw_gid = ngid;
+				if (pw_update (&npwd) == 0) {
+					fprintf (stderr,
+					         _("%s: failed to prepare the new %s entry '%s'\n"),
+					         Prog, pw_dbname (), npwd.pw_name);
+					exit (E_GRP_UPDATE);
+				}
+			}
+		}
+	}
+	endpwent ();
+}
+
+/*
+ * main - groupmod command
+ *
+ */
+int main (int argc, char **argv)
+{
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+	pam_handle_t *pamh = NULL;
+	int retval;
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+
+	/*
+	 * Get my name so that I can use it to report errors.
+	 */
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	OPENLOG ("groupmod");
+#ifdef WITH_AUDIT
+	audit_help_open ();
+#endif
+
+	if (atexit (do_cleanups) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot setup cleanup service.\n"),
+		         Prog);
+		exit (1);
+	}
+
+	process_flags (argc, argv);
+
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+	{
+		struct passwd *pampw;
+		pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+		if (NULL == pampw) {
+			fprintf (stderr,
+			         _("%s: Cannot determine your user name.\n"),
+			         Prog);
+			exit (1);
+		}
+
+		retval = pam_start ("groupmod", pampw->pw_name, &conv, &pamh);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_authenticate (pamh, 0);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_acct_mgmt (pamh, 0);
+	}
+
+	if (PAM_SUCCESS != retval) {
+		fprintf (stderr, _("%s: PAM: %s\n"),
+		         Prog, pam_strerror (pamh, retval));
+		SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+		if (NULL != pamh) {
+			(void) pam_end (pamh, retval);
+		}
+		exit (1);
+	}
+	(void) pam_end (pamh, retval);
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+
+#ifdef SHADOWGRP
+	is_shadow_grp = sgr_file_present ();
+#endif
+	{
+		struct group *grp;
+		/*
+		 * Start with a quick check to see if the group exists.
+		 */
+		grp = getgrnam (group_name); /* local, no need for xgetgrnam */
+		if (NULL == grp) {
+			fprintf (stderr,
+			         _("%s: group '%s' does not exist\n"),
+			         Prog, group_name);
+			exit (E_NOTFOUND);
+		} else {
+			group_id = grp->gr_gid;
+		}
+	}
+
+#ifdef	USE_NIS
+	/*
+	 * Now make sure it isn't an NIS group.
+	 */
+	if (__isgrNIS ()) {
+		char *nis_domain;
+		char *nis_master;
+
+		fprintf (stderr,
+		         _("%s: group %s is a NIS group\n"),
+		         Prog, group_name);
+
+		if (!yp_get_default_domain (&nis_domain) &&
+		    !yp_master (nis_domain, "group.byname", &nis_master)) {
+			fprintf (stderr,
+			         _("%s: %s is the NIS master\n"),
+			         Prog, nis_master);
+		}
+		exit (E_NOTFOUND);
+	}
+#endif
+
+	if (gflg) {
+		check_new_gid ();
+	}
+
+	if (nflg) {
+		check_new_name ();
+	}
+
+	lock_files ();
+
+	/*
+	 * Now if the group is not changed, it's our fault.
+	 * Make sure failures will be reported.
+	 */
+	prepare_failure_reports ();
+
+	/*
+	 * Do the hard stuff - open the files, create the group entries,
+	 * then close and update the files.
+	 */
+	open_files ();
+
+	grp_update ();
+
+	close_files ();
+
+	nscd_flush_cache ("group");
+
+	return E_SUCCESS;
+}
+
diff --git a/src/groups.c b/src/groups.c
new file mode 100644
index 0000000..fcd669b
--- /dev/null
+++ b/src/groups.c
@@ -0,0 +1,218 @@
+/*
+ * Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <grp.h>
+#include <pwd.h>
+#include <stdio.h>
+#include "defines.h"
+#include "prototypes.h"
+/*
+ * Global variables
+ */
+const char *Prog;
+
+/* local function prototypes */
+static void print_groups (const char *member);
+
+/*
+ * print_groups - print the groups which the named user is a member of
+ *
+ *	print_groups() scans the groups file for the list of groups which
+ *	the user is listed as being a member of.
+ */
+static void print_groups (const char *member)
+{
+	int groups = 0;
+	struct group *grp;
+	struct passwd *pwd;
+	bool flag = false;
+
+	pwd = getpwnam (member); /* local, no need for xgetpwnam */
+	if (NULL == pwd) {
+		(void) fprintf (stderr, _("%s: unknown user %s\n"),
+		                Prog, member);
+		exit (EXIT_FAILURE);
+	}
+
+	setgrent ();
+	while ((grp = getgrent ()) != NULL) {
+		if (is_on_list (grp->gr_mem, member)) {
+			if (0 != groups) {
+				(void) putchar (' ');
+			}
+			groups++;
+
+			(void) printf ("%s", grp->gr_name);
+			if (grp->gr_gid == pwd->pw_gid) {
+				flag = true;
+			}
+		}
+	}
+	endgrent ();
+
+	/* The user may not be in the list of members of its primary group */
+	if (!flag) {
+		grp = getgrgid (pwd->pw_gid); /* local, no need for xgetgrgid */
+		if (NULL != grp) {
+			if (0 != groups) {
+				(void) putchar (' ');
+			}
+			groups++;
+
+			(void) printf ("%s", grp->gr_name);
+		}
+	}
+
+	if (0 != groups) {
+		(void) putchar ('\n');
+	}
+}
+
+/*
+ * groups - print out the groups a process is a member of
+ */
+int main (int argc, char **argv)
+{
+#ifdef HAVE_GETGROUPS
+	long sys_ngroups;
+	GETGROUPS_T *groups;
+#else
+	char *logname;
+	char *getlogin ();
+#endif
+
+#ifdef HAVE_GETGROUPS
+	sys_ngroups = sysconf (_SC_NGROUPS_MAX);
+	groups = (GETGROUPS_T *) malloc (sizeof (GETGROUPS_T) * sys_ngroups);
+#endif
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	/*
+	 * Get the program name so that error messages can use it.
+	 */
+	Prog = Basename (argv[0]);
+
+	if (argc == 1) {
+
+		/*
+		 * Called with no arguments - give the group set for the
+		 * current user.
+		 */
+
+#ifdef HAVE_GETGROUPS
+		int i;
+		int pri_grp; /* TODO: should be GETGROUPS_T */
+		/*
+		 * This system supports concurrent group sets, so I can ask
+		 * the system to tell me which groups are currently set for
+		 * this process.
+		 */
+		int ngroups = getgroups (sys_ngroups, groups);
+		if (ngroups < 0) {
+			perror ("getgroups");
+			exit (EXIT_FAILURE);
+		}
+
+		/*
+		 * The groupset includes the primary group as well.
+		 */
+		pri_grp = getegid ();
+		for (i = 0; i < ngroups; i++) {
+			if (pri_grp == (int) groups[i]) {
+				break;
+			}
+		}
+
+		if (i != ngroups) {
+			pri_grp = -1;
+		}
+
+		/*
+		 * Print out the name of every group in the current group
+		 * set. Unknown groups are printed as their decimal group ID
+		 * values.
+		 */
+		if (-1 != pri_grp) {
+			struct group *gr;
+			/* local, no need for xgetgrgid */
+			gr = getgrgid (pri_grp);
+			if (NULL != gr) {
+				(void) printf ("%s", gr->gr_name);
+			} else {
+				(void) printf ("%d", pri_grp);
+			}
+		}
+
+		for (i = 0; i < ngroups; i++) {
+			struct group *gr;
+			if ((0 != i) || (-1 != pri_grp)) {
+				(void) putchar (' ');
+			}
+
+			/* local, no need for xgetgrgid */
+			gr = getgrgid (groups[i]);
+			if (NULL != gr) {
+				(void) printf ("%s", gr->gr_name);
+			} else {
+				(void) printf ("%ld", (long) groups[i]);
+			}
+		}
+		(void) putchar ('\n');
+#else
+		/*
+		 * This system does not have the getgroups() system call, so
+		 * I must check the groups file directly.
+		 */
+		logname = getlogin ();
+		if (NULL != logname) {
+			print_groups (logname);
+		} else {
+			exit (EXIT_FAILURE);
+		}
+#endif
+	} else {
+
+		/*
+		 * The invoker wanted to know about some other user. Use
+		 * that name to look up the groups instead.
+		 */
+		print_groups (argv[1]);
+	}
+	return EXIT_SUCCESS;
+}
+
diff --git a/src/grpck.c b/src/grpck.c
new file mode 100644
index 0000000..ea5d3b3
--- /dev/null
+++ b/src/grpck.c
@@ -0,0 +1,887 @@
+/*
+ * Copyright (c) 1992 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001       , Michał Moskal
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <grp.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <getopt.h>
+#include "chkname.h"
+#include "commonio.h"
+#include "defines.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "prototypes.h"
+
+#ifdef SHADOWGRP
+#include "sgroupio.h"
+#endif
+
+/*
+ * Exit codes
+ */
+/*@-exitarg@*/
+#define	E_OKAY		0
+#define	E_SUCCESS	0
+#define	E_USAGE		1
+#define	E_BAD_ENTRY	2
+#define	E_CANT_OPEN	3
+#define	E_CANT_LOCK	4
+#define	E_CANT_UPDATE	5
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static const char *grp_file = GROUP_FILE;
+static bool use_system_grp_file = true;
+
+#ifdef	SHADOWGRP
+static const char *sgr_file = SGROUP_FILE;
+static bool use_system_sgr_file = true;
+static bool is_shadow = false;
+static bool sgr_locked = false;
+#endif
+static bool gr_locked = false;
+/* Options */
+static bool read_only = false;
+static bool sort_mode = false;
+
+/* local function prototypes */
+static void fail_exit (int status);
+static /*@noreturn@*/void usage (int status);
+static void delete_member (char **, const char *);
+static void process_flags (int argc, char **argv);
+static void open_files (void);
+static void close_files (bool changed);
+static int check_members (const char *groupname,
+                          char **members,
+                          const char *fmt_info,
+                          const char *fmt_prompt,
+                          const char *fmt_syslog,
+                          int *errors);
+static void check_grp_file (int *errors, bool *changed);
+#ifdef SHADOWGRP
+static void compare_members_lists (const char *groupname,
+                                   char **members,
+                                   char **other_members,
+                                   const char *file,
+                                   const char *other_file);
+static void check_sgr_file (int *errors, bool *changed);
+#endif
+
+/*
+ * fail_exit - exit with an error code after unlocking files
+ */
+static void fail_exit (int status)
+{
+	if (gr_locked) {
+		if (gr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+			/* continue */
+		}
+	}
+
+#ifdef	SHADOWGRP
+	if (sgr_locked) {
+		if (sgr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+			/* continue */
+		}
+	}
+#endif
+
+	closelog ();
+
+	exit (status);
+}
+
+/*
+ * usage - print syntax message and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+#ifdef	SHADOWGRP
+	(void) fprintf (usageout,
+	                _("Usage: %s [options] [group [gshadow]]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+#else				/* !SHADOWGRP */
+	(void) fprintf (usageout,
+	                _("Usage: %s [options] [group]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+#endif				/* !SHADOWGRP */
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -r, --read-only               display errors and warnings\n"
+	                "                                but do not change files\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs (_("  -s, --sort                    sort entries by UID\n"), usageout);
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+/*
+ * delete_member - delete an entry in a list of members
+ *
+ * It only deletes the first entry with the given name.
+ * The member is defined by its address, no string comparison are
+ * performed.
+ */
+static void delete_member (char **list, const char *member)
+{
+	int i;
+
+	for (i = 0; NULL != list[i]; i++) {
+		if (list[i] == member) {
+			break;
+		}
+	}
+
+	for (; NULL != list[i]; i++) {
+		list[i] = list[i + 1];
+	}
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ *	It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+	int c;
+	static struct option long_options[] = {
+		{"help",      no_argument,       NULL, 'h'},
+		{"quiet",     no_argument,       NULL, 'q'},
+		{"read-only", no_argument,       NULL, 'r'},
+		{"root",      required_argument, NULL, 'R'},
+		{"sort",      no_argument,       NULL, 's'},
+		{NULL, 0, NULL, '\0'}
+	};
+
+	/*
+	 * Parse the command line arguments
+	 */
+	while ((c = getopt_long (argc, argv, "hqrR:s",
+	                         long_options, NULL)) != -1) {
+		switch (c) {
+		case 'h':
+			usage (E_SUCCESS);
+			/*@notreached@*/break;
+		case 'q':
+			/* quiet - ignored for now */
+			break;
+		case 'r':
+			read_only = true;
+			break;
+		case 'R': /* no-op, handled in process_root_flag () */
+			break;
+		case 's':
+			sort_mode = true;
+			break;
+		default:
+			usage (E_USAGE);
+		}
+	}
+
+	if (sort_mode && read_only) {
+		fprintf (stderr, _("%s: -s and -r are incompatible\n"), Prog);
+		exit (E_USAGE);
+	}
+
+	/*
+	 * Make certain we have the right number of arguments
+	 */
+#ifdef	SHADOWGRP
+	if (argc > (optind + 2))
+#else
+	if (argc > (optind + 1))
+#endif
+	{
+		usage (E_USAGE);
+	}
+
+	/*
+	 * If there are two left over filenames, use those as the group and
+	 * group password filenames.
+	 */
+	if (optind != argc) {
+		grp_file = argv[optind];
+		gr_setdbname (grp_file);
+		use_system_grp_file = false;
+	}
+#ifdef	SHADOWGRP
+	if ((optind + 2) == argc) {
+		sgr_file = argv[optind + 1];
+		sgr_setdbname (sgr_file);
+		is_shadow = true;
+		use_system_sgr_file = false;
+	} else if (optind == argc) {
+		is_shadow = sgr_file_present ();
+	}
+#endif
+}
+
+/*
+ * open_files - open the shadow database
+ *
+ *	In read-only mode, the databases are not locked and are opened
+ *	only for reading.
+ */
+static void open_files (void)
+{
+	/*
+	 * Lock the files if we aren't in "read-only" mode
+	 */
+	if (!read_only) {
+		if (gr_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, grp_file);
+			fail_exit (E_CANT_LOCK);
+		}
+		gr_locked = true;
+#ifdef	SHADOWGRP
+		if (is_shadow) {
+			if (sgr_lock () == 0) {
+				fprintf (stderr,
+				         _("%s: cannot lock %s; try again later.\n"),
+				         Prog, sgr_file);
+				fail_exit (E_CANT_LOCK);
+			}
+			sgr_locked = true;
+		}
+#endif
+	}
+
+	/*
+	 * Open the files. Use O_RDONLY if we are in read_only mode,
+	 * O_RDWR otherwise.
+	 */
+	if (gr_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog,
+		         grp_file);
+		if (use_system_grp_file) {
+			SYSLOG ((LOG_WARN, "cannot open %s", grp_file));
+		}
+		fail_exit (E_CANT_OPEN);
+	}
+#ifdef	SHADOWGRP
+	if (is_shadow && (sgr_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0)) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog,
+		         sgr_file);
+		if (use_system_sgr_file) {
+			SYSLOG ((LOG_WARN, "cannot open %s", sgr_file));
+		}
+		fail_exit (E_CANT_OPEN);
+	}
+#endif
+}
+
+/*
+ * close_files - close and unlock the group/gshadow databases
+ *
+ *	If changed is not set, the databases are not closed, and no
+ *	changes are committed in the databases. The databases are
+ *	unlocked anyway.
+ */
+static void close_files (bool changed)
+{
+	/*
+	 * All done. If there were no change we can just abandon any
+	 * changes to the files.
+	 */
+	if (changed) {
+		if (gr_close () == 0) {
+			fprintf (stderr, _("%s: failure while writing changes to %s\n"),
+			         Prog, grp_file);
+			fail_exit (E_CANT_UPDATE);
+		}
+#ifdef	SHADOWGRP
+		if (is_shadow && (sgr_close () == 0)) {
+			fprintf (stderr, _("%s: failure while writing changes to %s\n"),
+			         Prog, sgr_file);
+			fail_exit (E_CANT_UPDATE);
+		}
+#endif
+	}
+
+	/*
+	 * Don't be anti-social - unlock the files when you're done.
+	 */
+#ifdef	SHADOWGRP
+	if (sgr_locked) {
+		if (sgr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+			/* continue */
+		}
+		sgr_locked = false;
+	}
+#endif
+	if (gr_locked) {
+		if (gr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+			/* continue */
+		}
+		gr_locked = false;
+	}
+}
+
+/*
+ * check_members - check that every members of a group exist
+ *
+ *	If an error is detected, *errors is incremented.
+ *
+ *	The user will be prompted for the removal of the non-existent
+ *	user.
+ *
+ *	If any changes are performed, the return value will be 1,
+ *	otherwise check_members() returns 0.
+ *
+ *	fmt_info, fmt_prompt, and fmt_syslog are used for logging.
+ *	  * fmt_info must contain two string flags (%s): for the group's
+ *	    name and the missing member.
+ *	  * fmt_prompt must contain one string flags (%s): the missing
+ *	    member.
+ *	  * fmt_syslog must contain two string flags (%s): for the
+ *	    group's name and the missing member.
+ */
+static int check_members (const char *groupname,
+                          char **members,
+                          const char *fmt_info,
+                          const char *fmt_prompt,
+                          const char *fmt_syslog,
+                          int *errors)
+{
+	int i;
+	int members_changed = 0;
+
+	/*
+	 * Make sure each member exists
+	 */
+	for (i = 0; NULL != members[i]; i++) {
+		/* local, no need for xgetpwnam */
+		if (getpwnam (members[i]) != NULL) {
+			continue;
+		}
+		/*
+		 * Can't find this user. Remove them
+		 * from the list.
+		 */
+		*errors += 1;
+		printf (fmt_info, groupname, members[i]);
+		printf (fmt_prompt, members[i]);
+
+		if (!yes_or_no (read_only)) {
+			continue;
+		}
+
+		SYSLOG ((LOG_INFO, fmt_syslog, members[i], groupname));
+		members_changed = 1;
+		delete_member (members, members[i]);
+
+		/* Rewind in case of removal */
+		i--;
+	}
+
+	return members_changed;
+}
+
+#ifdef SHADOWGRP
+/*
+ * compare_members_lists - make sure the list of members is contained in
+ *                         another list.
+ *
+ *	compare_members_lists() checks that all the members of members are
+ *	also in other_members.
+ *	file and other_file are used for logging.
+ *
+ *	TODO: No changes are performed on the lists.
+ */
+static void compare_members_lists (const char *groupname,
+                                   char **members,
+                                   char **other_members,
+                                   const char *file,
+                                   const char *other_file)
+{
+	char **pmem, **other_pmem;
+
+	for (pmem = members; NULL != *pmem; pmem++) {
+		for (other_pmem = other_members; NULL != *other_pmem; other_pmem++) {
+			if (strcmp (*pmem, *other_pmem) == 0) {
+				break;
+			}
+		}
+		if (*other_pmem == NULL) {
+			printf
+			    ("'%s' is a member of the '%s' group in %s but not in %s\n",
+			     *pmem, groupname, file, other_file);
+		}
+	}
+}
+#endif				/* SHADOWGRP */
+
+/*
+ * check_grp_file - check the content of the group file
+ */
+static void check_grp_file (int *errors, bool *changed)
+{
+	struct commonio_entry *gre, *tgre;
+	struct group *grp;
+#ifdef SHADOWGRP
+	struct sgrp *sgr;
+#endif
+
+	/*
+	 * Loop through the entire group file.
+	 */
+	for (gre = __gr_get_head (); NULL != gre; gre = gre->next) {
+		/*
+		 * Skip all NIS entries.
+		 */
+
+		if ((gre->line[0] == '+') || (gre->line[0] == '-')) {
+			continue;
+		}
+
+		/*
+		 * Start with the entries that are completely corrupt. They
+		 * have no (struct group) entry because they couldn't be
+		 * parsed properly.
+		 */
+		if (NULL == gre->eptr) {
+
+			/*
+			 * Tell the user this entire line is bogus and ask
+			 * them to delete it.
+			 */
+			(void) puts (_("invalid group file entry"));
+			printf (_("delete line '%s'? "), gre->line);
+			*errors += 1;
+
+			/*
+			 * prompt the user to delete the entry or not
+			 */
+			if (!yes_or_no (read_only)) {
+				continue;
+			}
+
+			/*
+			 * All group file deletions wind up here. This code
+			 * removes the current entry from the linked list.
+			 * When done, it skips back to the top of the loop
+			 * to try out the next list element.
+			 */
+		      delete_gr:
+			SYSLOG ((LOG_INFO, "delete group line '%s'",
+			         gre->line));
+			*changed = true;
+
+			__gr_del_entry (gre);
+			continue;
+		}
+
+		/*
+		 * Group structure is good, start using it.
+		 */
+		grp = gre->eptr;
+
+		/*
+		 * Make sure this entry has a unique name.
+		 */
+		for (tgre = __gr_get_head (); NULL != tgre; tgre = tgre->next) {
+
+			const struct group *ent = tgre->eptr;
+
+			/*
+			 * Don't check this entry
+			 */
+			if (tgre == gre) {
+				continue;
+			}
+
+			/*
+			 * Don't check invalid entries.
+			 */
+			if (NULL == ent) {
+				continue;
+			}
+
+			if (strcmp (grp->gr_name, ent->gr_name) != 0) {
+				continue;
+			}
+
+			/*
+			 * Tell the user this entry is a duplicate of
+			 * another and ask them to delete it.
+			 */
+			(void) puts (_("duplicate group entry"));
+			printf (_("delete line '%s'? "), gre->line);
+			*errors += 1;
+
+			/*
+			 * prompt the user to delete the entry or not
+			 */
+			if (yes_or_no (read_only)) {
+				goto delete_gr;
+			}
+		}
+
+		/*
+		 * Check for invalid group names.  --marekm
+		 */
+		if (!is_valid_group_name (grp->gr_name)) {
+			*errors += 1;
+			printf (_("invalid group name '%s'\n"), grp->gr_name);
+		}
+
+		/*
+		 * Check for invalid group ID.
+		 */
+		if (grp->gr_gid == (gid_t)-1) {
+			printf (_("invalid group ID '%lu'\n"), (long unsigned int)grp->gr_gid);
+			*errors += 1;
+		}
+
+		/*
+		 * Workaround for a NYS libc 5.3.12 bug on RedHat 4.2 -
+		 * groups with no members are returned as groups with one
+		 * member "", causing grpck to fail.  --marekm
+		 */
+		if (   (NULL != grp->gr_mem[0])
+		    && (NULL == grp->gr_mem[1])
+		    && ('\0' == grp->gr_mem[0][0])) {
+			grp->gr_mem[0] = NULL;
+		}
+
+		if (check_members (grp->gr_name, grp->gr_mem,
+		                   _("group %s: no user %s\n"),
+		                   _("delete member '%s'? "),
+		                   "delete member '%s' from group '%s'",
+		                   errors) == 1) {
+			*changed = true;
+			gre->changed = true;
+			__gr_set_changed ();
+		}
+
+#ifdef	SHADOWGRP
+		/*
+		 * Make sure this entry exists in the /etc/gshadow file.
+		 */
+
+		if (is_shadow) {
+			sgr = (struct sgrp *) sgr_locate (grp->gr_name);
+			if (sgr == NULL) {
+				printf (_("no matching group file entry in %s\n"),
+				        sgr_file);
+				printf (_("add group '%s' in %s? "),
+				        grp->gr_name, sgr_file);
+				*errors += 1;
+				if (yes_or_no (read_only)) {
+					struct sgrp sg;
+					struct group gr;
+					static char *empty = NULL;
+
+					sg.sg_name = grp->gr_name;
+					sg.sg_passwd = grp->gr_passwd;
+					sg.sg_adm = &empty;
+					sg.sg_mem = grp->gr_mem;
+					SYSLOG ((LOG_INFO,
+					         "add group '%s' to '%s'",
+					         grp->gr_name, sgr_file));
+					*changed = true;
+
+					if (sgr_update (&sg) == 0) {
+						fprintf (stderr,
+						         _("%s: failed to prepare the new %s entry '%s'\n"),
+						         Prog, sgr_dbname (), sg.sg_name);
+						fail_exit (E_CANT_UPDATE);
+					}
+					/* remove password from /etc/group */
+					gr = *grp;
+					gr.gr_passwd = SHADOW_PASSWD_STRING;	/* XXX warning: const */
+					if (gr_update (&gr) == 0) {
+						fprintf (stderr,
+						         _("%s: failed to prepare the new %s entry '%s'\n"),
+						         Prog, gr_dbname (), gr.gr_name);
+						fail_exit (E_CANT_UPDATE);
+					}
+				}
+			} else {
+				/**
+				 * Verify that all the members defined in /etc/group are also
+				 * present in /etc/gshadow.
+				 */
+				compare_members_lists (grp->gr_name,
+				                       grp->gr_mem, sgr->sg_mem,
+				                       grp_file, sgr_file);
+
+				/* The group entry has a gshadow counterpart.
+				 * Make sure no passwords are in group.
+				 */
+				if (strcmp (grp->gr_passwd, SHADOW_PASSWD_STRING) != 0) {
+					printf (_("group %s has an entry in %s, but its password field in %s is not set to 'x'\n"),
+					        grp->gr_name, sgr_file, grp_file);
+					*errors += 1;
+				}
+			}
+		}
+#endif
+
+	}
+}
+
+#ifdef SHADOWGRP
+/*
+ * check_sgr_file - check the content of the shadowed group file (gshadow)
+ */
+static void check_sgr_file (int *errors, bool *changed)
+{
+	struct group *grp;
+	struct commonio_entry *sge, *tsge;
+	struct sgrp *sgr;
+
+	/*
+	 * Loop through the entire shadow group file.
+	 */
+	for (sge = __sgr_get_head (); NULL != sge; sge = sge->next) {
+
+		/*
+		 * Start with the entries that are completely corrupt. They
+		 * have no (struct sgrp) entry because they couldn't be
+		 * parsed properly.
+		 */
+		if (NULL == sge->eptr) {
+
+			/*
+			 * Tell the user this entire line is bogus and ask
+			 * them to delete it.
+			 */
+			(void) puts (_("invalid shadow group file entry"));
+			printf (_("delete line '%s'? "), sge->line);
+			*errors += 1;
+
+			/*
+			 * prompt the user to delete the entry or not
+			 */
+			if (!yes_or_no (read_only)) {
+				continue;
+			}
+
+			/*
+			 * All shadow group file deletions wind up here. 
+			 * This code removes the current entry from the
+			 * linked list. When done, it skips back to the top
+			 * of the loop to try out the next list element.
+			 */
+		      delete_sg:
+			SYSLOG ((LOG_INFO, "delete shadow line '%s'",
+			         sge->line));
+			*changed = true;
+
+			__sgr_del_entry (sge);
+			continue;
+		}
+
+		/*
+		 * Shadow group structure is good, start using it.
+		 */
+		sgr = sge->eptr;
+
+		/*
+		 * Make sure this entry has a unique name.
+		 */
+		for (tsge = __sgr_get_head (); NULL != tsge; tsge = tsge->next) {
+
+			const struct sgrp *ent = tsge->eptr;
+
+			/*
+			 * Don't check this entry
+			 */
+			if (tsge == sge) {
+				continue;
+			}
+
+			/*
+			 * Don't check invalid entries.
+			 */
+			if (NULL == ent) {
+				continue;
+			}
+
+			if (strcmp (sgr->sg_name, ent->sg_name) != 0) {
+				continue;
+			}
+
+			/*
+			 * Tell the user this entry is a duplicate of
+			 * another and ask them to delete it.
+			 */
+			(void) puts (_("duplicate shadow group entry"));
+			printf (_("delete line '%s'? "), sge->line);
+			*errors += 1;
+
+			/*
+			 * prompt the user to delete the entry or not
+			 */
+			if (yes_or_no (read_only)) {
+				goto delete_sg;
+			}
+		}
+
+		/*
+		 * Make sure this entry exists in the /etc/group file.
+		 */
+		grp = (struct group *) gr_locate (sgr->sg_name);
+		if (grp == NULL) {
+			printf (_("no matching group file entry in %s\n"),
+			        grp_file);
+			printf (_("delete line '%s'? "), sge->line);
+			*errors += 1;
+			if (yes_or_no (read_only)) {
+				goto delete_sg;
+			}
+		} else {
+			/**
+			 * Verify that the all members defined in /etc/gshadow are also
+			 * present in /etc/group.
+			 */
+			compare_members_lists (sgr->sg_name,
+			                       sgr->sg_mem, grp->gr_mem,
+			                       sgr_file, grp_file);
+		}
+
+		/*
+		 * Make sure each administrator exists
+		 */
+		if (check_members (sgr->sg_name, sgr->sg_adm,
+		                   _("shadow group %s: no administrative user %s\n"),
+		                   _("delete administrative member '%s'? "),
+		                   "delete admin '%s' from shadow group '%s'",
+		                   errors) == 1) {
+			*changed = true;
+			sge->changed = true;
+			__sgr_set_changed ();
+		}
+
+		/*
+		 * Make sure each member exists
+		 */
+		if (check_members (sgr->sg_name, sgr->sg_mem,
+		                   _("shadow group %s: no user %s\n"),
+		                   _("delete member '%s'? "),
+		                   "delete member '%s' from shadow group '%s'",
+		                   errors) == 1) {
+			*changed = true;
+			sge->changed = true;
+			__sgr_set_changed ();
+		}
+	}
+}
+#endif				/* SHADOWGRP */
+
+/*
+ * grpck - verify group file integrity
+ */
+int main (int argc, char **argv)
+{
+	int errors = 0;
+	bool changed = false;
+
+	/*
+	 * Get my name so that I can use it to report errors.
+	 */
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	OPENLOG ("grpck");
+
+	/* Parse the command line arguments */
+	process_flags (argc, argv);
+
+	open_files ();
+
+	if (sort_mode) {
+		gr_sort ();
+#ifdef	SHADOWGRP
+		if (is_shadow) {
+			sgr_sort ();
+		}
+		changed = true;
+#endif
+	} else {
+		check_grp_file (&errors, &changed);
+#ifdef	SHADOWGRP
+		if (is_shadow) {
+			check_sgr_file (&errors, &changed);
+		}
+#endif
+	}
+
+	/* Commit the change in the database if needed */
+	close_files (changed);
+
+	nscd_flush_cache ("group");
+
+	/*
+	 * Tell the user what we did and exit.
+	 */
+	if (0 != errors) {
+		if (changed) {
+			printf (_("%s: the files have been updated\n"), Prog);
+		} else {
+			printf (_("%s: no changes\n"), Prog);
+		}
+	}
+
+	return ((0 != errors) ? E_BAD_ENTRY : E_OKAY);
+}
+
diff --git a/src/grpconv.c b/src/grpconv.c
new file mode 100644
index 0000000..f681f07
--- /dev/null
+++ b/src/grpconv.c
@@ -0,0 +1,286 @@
+/*
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2011       , Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * grpconv - create or update /etc/gshadow with information from
+ * /etc/group.
+ *
+ */
+
+#include <config.h>
+#ident "$Id$"
+
+#include <errno.h>
+#include <fcntl.h>
+#include <grp.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <unistd.h>
+#include <getopt.h>
+#include "nscd.h"
+#include "prototypes.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+#ifdef SHADOWGRP
+#include "groupio.h"
+#include "sgroupio.h"
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool gr_locked  = false;
+static bool sgr_locked = false;
+
+/* local function prototypes */
+static void fail_exit (int status);
+static void usage (int status);
+static void process_flags (int argc, char **argv);
+
+static void fail_exit (int status)
+{
+	if (gr_locked) {
+		if (gr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+			/* continue */
+		}
+	}
+
+	if (sgr_locked) {
+		if (sgr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+			/* continue */
+		}
+	}
+
+	exit (status);
+}
+
+static void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ *	It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+	/*
+	 * Parse the command line options.
+	 */
+	int c;
+	static struct option long_options[] = {
+		{"help", no_argument,       NULL, 'h'},
+		{"root", required_argument, NULL, 'R'},
+		{NULL, 0, NULL, '\0'}
+	};
+
+	while ((c = getopt_long (argc, argv, "hR:",
+	                         long_options, NULL)) != -1) {
+		switch (c) {
+		case 'h':
+			usage (E_SUCCESS);
+			/*@notreached@*/break;
+		case 'R': /* no-op, handled in process_root_flag () */
+			break;
+		default:
+			usage (E_USAGE);
+		}
+	}
+
+	if (optind != argc) {
+		usage (E_USAGE);
+	}
+}
+
+int main (int argc, char **argv)
+{
+	const struct group *gr;
+	struct group grent;
+	const struct sgrp *sg;
+	struct sgrp sgent;
+
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	OPENLOG ("grpconv");
+
+	process_flags (argc, argv);
+
+	if (gr_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, gr_dbname ());
+		fail_exit (5);
+	}
+	gr_locked = true;
+	if (gr_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
+		fail_exit (1);
+	}
+
+	if (sgr_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, sgr_dbname ());
+		fail_exit (5);
+	}
+	sgr_locked = true;
+	if (sgr_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ());
+		fail_exit (1);
+	}
+
+	/*
+	 * Remove /etc/gshadow entries for groups not in /etc/group.
+	 */
+	(void) sgr_rewind ();
+	while ((sg = sgr_next ()) != NULL) {
+		if (gr_locate (sg->sg_name) != NULL) {
+			continue;
+		}
+
+		if (sgr_remove (sg->sg_name) == 0) {
+			/*
+			 * This shouldn't happen (the entry exists) but...
+			 */
+			fprintf (stderr,
+			         _("%s: cannot remove entry '%s' from %s\n"),
+			         Prog, sg->sg_name, sgr_dbname ());
+			fail_exit (3);
+		}
+	}
+
+	/*
+	 * Update shadow group passwords if non-shadow password is not "x".
+	 * Add any missing shadow group entries.
+	 */
+	(void) gr_rewind ();
+	while ((gr = gr_next ()) != NULL) {
+		sg = sgr_locate (gr->gr_name);
+		if (NULL != sg) {
+			/* update existing shadow group entry */
+			sgent = *sg;
+			if (strcmp (gr->gr_passwd, SHADOW_PASSWD_STRING) != 0)
+				sgent.sg_passwd = gr->gr_passwd;
+		} else {
+			static char *empty = 0;
+
+			/* add new shadow group entry */
+			memset (&sgent, 0, sizeof sgent);
+			sgent.sg_name = gr->gr_name;
+			sgent.sg_passwd = gr->gr_passwd;
+			sgent.sg_adm = &empty;
+		}
+		/*
+		 * XXX - sg_mem is redundant, it is currently always a copy
+		 * of gr_mem. Very few programs actually use sg_mem, and all
+		 * of them are in the shadow suite. Maybe this field could
+		 * be used for something else? Any suggestions?
+		 */
+		sgent.sg_mem = gr->gr_mem;
+
+		if (sgr_update (&sgent) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, sgr_dbname (), sgent.sg_name);
+			fail_exit (3);
+		}
+		/* remove password from /etc/group */
+		grent = *gr;
+		grent.gr_passwd = SHADOW_PASSWD_STRING;	/* XXX warning: const */
+		if (gr_update (&grent) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, gr_dbname (), grent.gr_name);
+			fail_exit (3);
+		}
+	}
+
+	if (sgr_close () == 0) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"),
+		         Prog, sgr_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
+		fail_exit (3);
+	}
+	if (gr_close () == 0) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"),
+		         Prog, gr_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
+		fail_exit (3);
+	}
+	if (sgr_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+		/* continue */
+	}
+	if (gr_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+		/* continue */
+	}
+
+	nscd_flush_cache ("group");
+
+	return 0;
+}
+#else				/* !SHADOWGRP */
+int main (int unused(argc), char **argv)
+{
+	fprintf (stderr,
+		 "%s: not configured for shadow group support.\n", argv[0]);
+	exit (1);
+}
+#endif				/* !SHADOWGRP */
+
diff --git a/src/grpunconv.c b/src/grpunconv.c
new file mode 100644
index 0000000..253f06f
--- /dev/null
+++ b/src/grpunconv.c
@@ -0,0 +1,250 @@
+/*
+ * Copyright (c) 1996       , Michael Meskes
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * grpunconv - update /etc/group with information from /etc/gshadow.
+ *
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <fcntl.h>
+#include <time.h>
+#include <unistd.h>
+#include <grp.h>
+#include <getopt.h>
+#include "nscd.h"
+#include "prototypes.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+#ifdef SHADOWGRP
+#include "groupio.h"
+#include "sgroupio.h"
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool gr_locked  = false;
+static bool sgr_locked = false;
+
+/* local function prototypes */
+static void fail_exit (int status);
+static void usage (int status);
+static void process_flags (int argc, char **argv);
+
+static void fail_exit (int status)
+{
+	if (gr_locked) {
+		if (gr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+			/* continue */
+		}
+	}
+
+	if (sgr_locked) {
+		if (sgr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+			/* continue */
+		}
+	}
+
+	exit (status);
+}
+
+static void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ *	It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+	/*
+	 * Parse the command line options.
+	 */
+	int c;
+	static struct option long_options[] = {
+		{"help", no_argument,       NULL, 'h'},
+		{"root", required_argument, NULL, 'R'},
+		{NULL, 0, NULL, '\0'}
+	};
+
+	while ((c = getopt_long (argc, argv, "hR:",
+	                         long_options, NULL)) != -1) {
+		switch (c) {
+		case 'h':
+			usage (E_SUCCESS);
+			/*@notreached@*/break;
+		case 'R': /* no-op, handled in process_root_flag () */
+			break;
+		default:
+			usage (E_USAGE);
+		}
+	}
+
+	if (optind != argc) {
+		usage (E_USAGE);
+	}
+}
+
+int main (int argc, char **argv)
+{
+	const struct group *gr;
+	struct group grent;
+	const struct sgrp *sg;
+
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	OPENLOG ("grpunconv");
+
+	process_flags (argc, argv);
+
+	if (sgr_file_present () == 0) {
+		exit (0);	/* no /etc/gshadow, nothing to do */
+	}
+
+	if (gr_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, gr_dbname ());
+		fail_exit (5);
+	}
+	gr_locked = true;
+	if (gr_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot open %s\n"), Prog, gr_dbname ());
+		fail_exit (1);
+	}
+
+	if (sgr_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, sgr_dbname ());
+		fail_exit (5);
+	}
+	sgr_locked = true;
+	if (sgr_open (O_RDONLY) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot open %s\n"), Prog, sgr_dbname ());
+		fail_exit (1);
+	}
+
+	/*
+	 * Update group passwords if non-shadow password is "x".
+	 */
+	(void) gr_rewind ();
+	while ((gr = gr_next ()) != NULL) {
+		sg = sgr_locate (gr->gr_name);
+		if (   (NULL != sg)
+		    && (strcmp (gr->gr_passwd, SHADOW_PASSWD_STRING) == 0)) {
+			/* add password to /etc/group */
+			grent = *gr;
+			grent.gr_passwd = sg->sg_passwd;
+			if (gr_update (&grent) == 0) {
+				fprintf (stderr,
+				         _("%s: failed to prepare the new %s entry '%s'\n"),
+				         Prog, gr_dbname (), grent.gr_name);
+				fail_exit (3);
+			}
+		}
+	}
+
+	(void) sgr_close (); /* was only open O_RDONLY */
+
+	if (gr_close () == 0) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"),
+		         Prog, gr_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
+		fail_exit (3);
+	}
+
+	if (unlink (SGROUP_FILE) != 0) {
+		fprintf (stderr,
+		         _("%s: cannot delete %s\n"),
+		         Prog, SGROUP_FILE);
+		SYSLOG ((LOG_ERR, "cannot delete %s", SGROUP_FILE));
+		fail_exit (3);
+	}
+
+	if (gr_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+		/* continue */
+	}
+
+	if (sgr_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+		/* continue */
+	}
+
+	nscd_flush_cache ("group");
+
+	return 0;
+}
+#else				/* !SHADOWGRP */
+int main (int unused(argc), char **argv)
+{
+	fprintf (stderr,
+		 "%s: not configured for shadow group support.\n", argv[0]);
+	exit (1);
+}
+#endif				/* !SHADOWGRP */
+
diff --git a/src/id.c b/src/id.c
new file mode 100644
index 0000000..4462ae0
--- /dev/null
+++ b/src/id.c
@@ -0,0 +1,207 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * id - print current process user identification information
+ *
+ *	Print the current process identifiers. This includes the
+ *	UID, GID, effective-UID and effective-GID. Optionally print
+ *	the concurrent group set if the current system supports it.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <grp.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include "defines.h"
+/* local function prototypes */
+static void usage (void);
+
+static void usage (void)
+{
+#ifdef HAVE_GETGROUPS
+	(void) fputs (_("Usage: id [-a]\n"), stderr);
+#else
+	(void) fputs (_("Usage: id\n"), stderr);
+#endif
+	exit (EXIT_FAILURE);
+}
+
+ /*ARGSUSED*/ int main (int argc, char **argv)
+{
+	uid_t ruid, euid;
+	gid_t rgid, egid;
+	long sys_ngroups;
+
+/*
+ * This block of declarations is particularly strained because of several
+ * different ways of doing concurrent groups. Old BSD systems used int for
+ * gid's, but short for the type passed to getgroups(). Newer systems use
+ * gid_t for everything. Some systems have a small and fixed NGROUPS,
+ * usually about 16 or 32. Others use bigger values.
+ */
+#ifdef HAVE_GETGROUPS
+	GETGROUPS_T *groups;
+	int ngroups;
+	bool aflg = 0;
+#endif
+	struct passwd *pw;
+	struct group *gr;
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	/*
+	 * Dynamically get the maximum number of groups from system, instead
+	 * of using the symbolic constant NGROUPS_MAX. This ensures that the
+	 * group limit is not hard coded into the binary, so it will still
+	 * work if the system library is recompiled.
+	 */
+	sys_ngroups = sysconf (_SC_NGROUPS_MAX);
+#ifdef HAVE_GETGROUPS
+	groups = (GETGROUPS_T *) malloc (sizeof (GETGROUPS_T) * sys_ngroups);
+	/*
+	 * See if the -a flag has been given to print out the concurrent
+	 * group set.
+	 */
+
+	if (argc > 1) {
+		if ((argc > 2) || (strcmp (argv[1], "-a") != 0)) {
+			usage ();
+		} else {
+			aflg = true;
+		}
+	}
+#else
+	if (argc > 1) {
+		usage ();
+	}
+#endif
+
+	ruid = getuid ();
+	euid = geteuid ();
+	rgid = getgid ();
+	egid = getegid ();
+
+	/*
+	 * Print out the real user ID and group ID. If the user or group
+	 * does not exist, just give the numerical value.
+	 */
+
+	pw = getpwuid (ruid); /* local, no need for xgetpwuid */
+	if (NULL != pw) {
+		(void) printf ("UID=%lu(%s)",
+		               (unsigned long) ruid, pw->pw_name);
+	} else {
+		(void) printf ("UID=%lu", (unsigned long) ruid);
+	}
+
+	gr = getgrgid (rgid);; /* local, no need for xgetgrgid */
+	if (NULL != gr) {
+		(void) printf (" GID=%lu(%s)",
+		               (unsigned long) rgid, gr->gr_name);
+	} else {
+		(void) printf (" GID=%lu", (unsigned long) rgid);
+	}
+
+	/*
+	 * Print out the effective user ID and group ID if they are
+	 * different from the real values.
+	 */
+
+	if (ruid != euid) {
+		pw = getpwuid (euid); /* local, no need for xgetpwuid */
+		if (NULL != pw) {
+			(void) printf (" EUID=%lu(%s)",
+			               (unsigned long) euid, pw->pw_name);
+		} else {
+			(void) printf (" EUID=%lu", (unsigned long) euid);
+		}
+	}
+	if (rgid != egid) {
+		gr = getgrgid (egid); /* local, no need for xgetgrgid */
+		if (NULL != gr) {
+			(void) printf (" EGID=%lu(%s)",
+			               (unsigned long) egid, gr->gr_name);
+		} else {
+			(void) printf (" EGID=%lu", (unsigned long) egid);
+		}
+	}
+#ifdef HAVE_GETGROUPS
+	/*
+	 * Print out the concurrent group set if the user has requested it.
+	 * The group numbers will be printed followed by their names.
+	 */
+	if (aflg && (ngroups = getgroups (sys_ngroups, groups)) != -1) {
+		int i;
+
+		/*
+		 * Start off the group message. It will be of the format
+		 *
+		 *      groups=###(aaa),###(aaa),###(aaa)
+		 *
+		 * where "###" is a numerical value and "aaa" is the
+		 * corresponding name for each respective numerical value.
+		 */
+		(void) puts (_(" groups="));
+		for (i = 0; i < ngroups; i++) {
+			if (0 != i)
+				(void) putchar (',');
+
+			/* local, no need for xgetgrgid */
+			gr = getgrgid (groups[i]);
+			if (NULL != gr) {
+				(void) printf ("%lu(%s)",
+				               (unsigned long) groups[i],
+				               gr->gr_name);
+			} else {
+				(void) printf ("%lu",
+				               (unsigned long) groups[i]);
+			}
+		}
+	}
+	free (groups);
+#endif
+
+	/*
+	 * Finish off the line.
+	 */
+	(void) putchar ('\n');
+
+	return EXIT_SUCCESS;
+}
+
diff --git a/src/lastlog.c b/src/lastlog.c
new file mode 100644
index 0000000..965691d
--- /dev/null
+++ b/src/lastlog.c
@@ -0,0 +1,428 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <getopt.h>
+#include <lastlog.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <time.h>
+#include <assert.h>
+#include "defines.h"
+#include "prototypes.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Needed for MkLinux DR1/2/2.1 - J.
+ */
+#ifndef LASTLOG_FILE
+#define LASTLOG_FILE "/var/log/lastlog"
+#endif
+
+/*
+ * Global variables
+ */
+const char *Prog;		/* Program name */
+static FILE *lastlogfile;	/* lastlog file stream */
+static unsigned long umin;	/* if uflg and has_umin, only display users with uid >= umin */
+static bool has_umin = false;
+static unsigned long umax;	/* if uflg and has_umax, only display users with uid <= umax */
+static bool has_umax = false;
+static time_t seconds;		/* that number of days in seconds */
+static time_t inverse_seconds;	/* that number of days in seconds */
+static struct stat statbuf;	/* fstat buffer for file size */
+
+
+static bool uflg = false;	/* print only an user of range of users */
+static bool tflg = false;	/* print is restricted to most recent days */
+static bool bflg = false;	/* print excludes most recent days */
+static bool Cflg = false;	/* clear record for user */
+static bool Sflg = false;	/* set record for user */
+
+#define	NOW	(time ((time_t *) 0))
+
+static /*@noreturn@*/void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -b, --before DAYS             print only lastlog records older than DAYS\n"), usageout);
+	(void) fputs (_("  -C, --clear                   clear lastlog record of an user (usable only with -u)\n"), usageout);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs (_("  -S, --set                     set lastlog record to current time (usable only with -u)\n"), usageout);
+	(void) fputs (_("  -t, --time DAYS               print only lastlog records more recent than DAYS\n"), usageout);
+	(void) fputs (_("  -u, --user LOGIN              print lastlog record of the specified LOGIN\n"), usageout);
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+static void print_one (/*@null@*/const struct passwd *pw)
+{
+	static bool once = false;
+	char *cp;
+	struct tm *tm;
+	time_t ll_time;
+	off_t offset;
+	struct lastlog ll;
+
+#ifdef HAVE_STRFTIME
+	char ptime[80];
+#endif
+
+	if (NULL == pw) {
+		return;
+	}
+
+
+	offset = (off_t) pw->pw_uid * sizeof (ll);
+	if (offset + sizeof (ll) <= statbuf.st_size) {
+		/* fseeko errors are not really relevant for us. */
+		int err = fseeko (lastlogfile, offset, SEEK_SET);
+		assert (0 == err);
+		/* lastlog is a sparse file. Even if no entries were
+		 * entered for this user, which should be able to get the
+		 * empty entry in this case.
+		 */
+		if (fread ((char *) &ll, sizeof (ll), 1, lastlogfile) != 1) {
+			fprintf (stderr,
+			         _("%s: Failed to get the entry for UID %lu\n"),
+			         Prog, (unsigned long int)pw->pw_uid);
+			exit (EXIT_FAILURE);
+		}
+	} else {
+		/* Outsize of the lastlog file.
+		 * Behave as if there were a missing entry (same behavior
+		 * as if we were reading an non existing entry in the
+		 * sparse lastlog file).
+		 */
+		memzero (&ll, sizeof (ll));
+	}
+
+	/* Filter out entries that do not match with the -t or -b options */
+	if (tflg && ((NOW - ll.ll_time) > seconds)) {
+		return;
+	}
+
+	if (bflg && ((NOW - ll.ll_time) < inverse_seconds)) {
+		return;
+	}
+
+	/* Print the header only once */
+	if (!once) {
+#ifdef HAVE_LL_HOST
+		puts (_("Username         Port     From             Latest"));
+#else
+		puts (_("Username                Port     Latest"));
+#endif
+		once = true;
+	}
+
+	ll_time = ll.ll_time;
+	tm = localtime (&ll_time);
+#ifdef HAVE_STRFTIME
+	strftime (ptime, sizeof (ptime), "%a %b %e %H:%M:%S %z %Y", tm);
+	cp = ptime;
+#else
+	cp = asctime (tm);
+	cp[24] = '\0';
+#endif
+
+	if (ll.ll_time == (time_t) 0) {
+		cp = _("**Never logged in**\0");
+	}
+
+#ifdef HAVE_LL_HOST
+	printf ("%-16s %-8.8s %-16.16s %s\n",
+	        pw->pw_name, ll.ll_line, ll.ll_host, cp);
+#else
+	printf ("%-16s\t%-8.8s %s\n",
+	        pw->pw_name, ll.ll_line, cp);
+#endif
+}
+
+static void print (void)
+{
+	const struct passwd *pwent;
+	if (uflg && has_umin && has_umax && (umin == umax)) {
+		print_one (getpwuid ((uid_t)umin));
+	} else {
+		setpwent ();
+		while ( (pwent = getpwent ()) != NULL ) {
+			if (   uflg
+			    && (   (has_umin && (pwent->pw_uid < (uid_t)umin))
+			        || (has_umax && (pwent->pw_uid > (uid_t)umax)))) {
+				continue;
+			}
+			print_one (pwent);
+		}
+		endpwent ();
+	}
+}
+
+static void update_one (/*@null@*/const struct passwd *pw)
+{
+	off_t offset;
+	struct lastlog ll;
+	int err;
+
+	if (NULL == pw) {
+		return;
+	}
+
+	offset = (off_t) pw->pw_uid * sizeof (ll);
+	/* fseeko errors are not really relevant for us. */
+	err = fseeko (lastlogfile, offset, SEEK_SET);
+	assert (0 == err);
+
+	memzero (&ll, sizeof (ll));
+
+	if (Sflg) {
+		ll.ll_time = NOW;
+#ifdef HAVE_LL_HOST
+		strcpy (ll.ll_host, "localhost");
+#endif
+		strcpy (ll.ll_line, "lastlog");
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_ACCT_UNLOCK, Prog,
+			"clearing-lastlog",
+			pw->pw_name, (unsigned int) pw->pw_uid, SHADOW_AUDIT_SUCCESS);
+#endif
+	}
+#ifdef WITH_AUDIT
+	else {
+		audit_logger (AUDIT_ACCT_UNLOCK, Prog,
+			"refreshing-lastlog",
+			pw->pw_name, (unsigned int) pw->pw_uid, SHADOW_AUDIT_SUCCESS);
+	}
+#endif
+
+	if (fwrite (&ll, sizeof(ll), 1, lastlogfile) != 1) {
+			fprintf (stderr,
+			         _("%s: Failed to update the entry for UID %lu\n"),
+			         Prog, (unsigned long int)pw->pw_uid);
+			exit (EXIT_FAILURE);
+	}
+}
+
+static void update (void)
+{
+	const struct passwd *pwent;
+
+	if (!uflg) /* safety measure */
+		return;
+
+	if (has_umin && has_umax && (umin == umax)) {
+		update_one (getpwuid ((uid_t)umin));
+	} else {
+		setpwent ();
+		while ( (pwent = getpwent ()) != NULL ) {
+			if ((has_umin && (pwent->pw_uid < (uid_t)umin))
+				|| (has_umax && (pwent->pw_uid > (uid_t)umax))) {
+				continue;
+			}
+			update_one (pwent);
+		}
+		endpwent ();
+	}
+
+	if (fflush (lastlogfile) != 0 || fsync (fileno (lastlogfile)) != 0) {
+			fprintf (stderr,
+			         _("%s: Failed to update the lastlog file\n"),
+			         Prog);
+			exit (EXIT_FAILURE);
+	}
+}
+
+int main (int argc, char **argv)
+{
+	/*
+	 * Get the program name. The program name is used as a prefix to
+	 * most error messages.
+	 */
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+#ifdef WITH_AUDIT
+	audit_help_open ();
+#endif
+
+	{
+		int c;
+		static struct option const longopts[] = {
+			{"before", required_argument, NULL, 'b'},
+			{"clear",  no_argument,       NULL, 'C'},
+			{"help",   no_argument,       NULL, 'h'},
+			{"root",   required_argument, NULL, 'R'},
+			{"set",    no_argument,       NULL, 'S'},
+			{"time",   required_argument, NULL, 't'},
+			{"user",   required_argument, NULL, 'u'},
+			{NULL, 0, NULL, '\0'}
+		};
+
+		while ((c = getopt_long (argc, argv, "b:ChR:St:u:", longopts,
+		                         NULL)) != -1) {
+			switch (c) {
+			case 'b':
+			{
+				unsigned long inverse_days;
+				if (getulong (optarg, &inverse_days) == 0) {
+					fprintf (stderr,
+					         _("%s: invalid numeric argument '%s'\n"),
+					         Prog, optarg);
+					exit (EXIT_FAILURE);
+				}
+				inverse_seconds = (time_t) inverse_days * DAY;
+				bflg = true;
+				break;
+			}
+			case 'C':
+			{
+				Cflg = true;
+				break;
+			}
+			case 'h':
+				usage (EXIT_SUCCESS);
+				/*@notreached@*/break;
+			case 'R': /* no-op, handled in process_root_flag () */
+				break;
+			case 'S':
+			{
+				Sflg = true;
+				break;
+			}
+			case 't':
+			{
+				unsigned long days;
+				if (getulong (optarg, &days) == 0) {
+					fprintf (stderr,
+					         _("%s: invalid numeric argument '%s'\n"),
+					         Prog, optarg);
+					exit (EXIT_FAILURE);
+				}
+				seconds = (time_t) days * DAY;
+				tflg = true;
+				break;
+			}
+			case 'u':
+			{
+				const struct passwd *pwent;
+				/*
+				 * The user can be:
+				 *  - a login name
+				 *  - numerical
+				 *  - a numerical login ID
+				 *  - a range (-x, x-, x-y)
+				 */
+				uflg = true;
+				/* local, no need for xgetpwnam */
+				pwent = getpwnam (optarg);
+				if (NULL != pwent) {
+					umin = (unsigned long) pwent->pw_uid;
+					has_umin = true;
+					umax = umin;
+					has_umax = true;
+				} else {
+					if (getrange (optarg,
+					              &umin, &has_umin,
+					              &umax, &has_umax) == 0) {
+						fprintf (stderr,
+						         _("%s: Unknown user or range: %s\n"),
+						         Prog, optarg);
+						exit (EXIT_FAILURE);
+					}
+				}
+				break;
+			}
+			default:
+				usage (EXIT_FAILURE);
+				/*@notreached@*/break;
+			}
+		}
+		if (argc > optind) {
+			fprintf (stderr,
+			         _("%s: unexpected argument: %s\n"),
+			         Prog, argv[optind]);
+			usage (EXIT_FAILURE);
+		}
+		if (Cflg && Sflg) {
+			fprintf (stderr,
+			         _("%s: Option -C cannot be used together with option -S\n"),
+			         Prog);
+			usage (EXIT_FAILURE);
+		}
+		if ((Cflg || Sflg) && !uflg) {
+			fprintf (stderr,
+			         _("%s: Options -C and -S require option -u to specify the user\n"),
+			         Prog);
+			usage (EXIT_FAILURE);
+		}
+	}
+
+	lastlogfile = fopen (LASTLOG_FILE, (Cflg || Sflg)?"r+":"r");
+	if (NULL == lastlogfile) {
+		perror (LASTLOG_FILE);
+		exit (EXIT_FAILURE);
+	}
+
+	/* Get the lastlog size */
+	if (fstat (fileno (lastlogfile), &statbuf) != 0) {
+		fprintf (stderr,
+		         _("%s: Cannot get the size of %s: %s\n"),
+		         Prog, LASTLOG_FILE, strerror (errno));
+		exit (EXIT_FAILURE);
+	}
+
+	if (Cflg || Sflg)
+		update ();
+	else
+		print ();
+
+	(void) fclose (lastlogfile);
+
+	return EXIT_SUCCESS;
+}
+
diff --git a/src/login.c b/src/login.c
new file mode 100644
index 0000000..2d2e704
--- /dev/null
+++ b/src/login.c
@@ -0,0 +1,1339 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2001, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2012, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <errno.h>
+#include <grp.h>
+#ifndef USE_PAM
+#include <lastlog.h>
+#endif				/* !USE_PAM */
+#include <pwd.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/ioctl.h>
+#include <assert.h>
+#include "defines.h"
+#include "faillog.h"
+#include "failure.h"
+#include "getdef.h"
+#include "prototypes.h"
+#include "pwauth.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+#ifdef USE_PAM
+#include "pam_defs.h"
+
+static pam_handle_t *pamh = NULL;
+
+#define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \
+	fprintf(stderr,"\n%s\n",pam_strerror(pamh, retcode)); \
+	SYSLOG((LOG_ERR,"%s",pam_strerror(pamh, retcode))); \
+	(void) pam_end(pamh, retcode); \
+	exit(1); \
+   }
+#define PAM_END { retcode = pam_close_session(pamh,0); \
+		(void) pam_end(pamh,retcode); }
+
+#endif				/* USE_PAM */
+
+#ifndef USE_PAM
+/*
+ * Needed for MkLinux DR1/2/2.1 - J.
+ */
+#ifndef LASTLOG_FILE
+#define LASTLOG_FILE "/var/log/lastlog"
+#endif
+#endif				/* !USE_PAM */
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static const char *hostname = "";
+static /*@null@*/ /*@only@*/char *username = NULL;
+static int reason = PW_LOGIN;
+
+#ifndef USE_PAM
+static struct lastlog ll;
+#endif				/* !USE_PAM */
+static bool pflg = false;
+static bool fflg = false;
+
+#ifdef RLOGIN
+static bool rflg = false;
+#else				/* RLOGIN */
+#define rflg false
+#endif				/* !RLOGIN */
+static bool hflg = false;
+static bool preauth_flag = false;
+
+static bool amroot;
+static char tmsg[256];
+
+/*
+ * External identifiers.
+ */
+
+extern char **newenvp;
+extern size_t newenvc;
+extern char **environ;
+
+#ifndef	ALARM
+#define	ALARM	60
+#endif
+
+#ifndef	RETRIES
+#define	RETRIES	3
+#endif
+
+/* local function prototypes */
+static void usage (void);
+static void setup_tty (void);
+static void process_flags (int argc, char *const *argv);
+static /*@observer@*/const char *get_failent_user (/*@returned@*/const char *user);
+static void update_utmp (const char *user,
+                         const char *tty,
+                         const char *host,
+                         /*@null@*/const struct utmp *utent);
+
+#ifndef USE_PAM
+static struct faillog faillog;
+
+static void bad_time_notify (void);
+static void check_nologin (bool login_to_root);
+#else
+static void get_pam_user (char **ptr_pam_user);
+#endif
+
+static void init_env (void);
+static RETSIGTYPE alarm_handler (int);
+
+/*
+ * usage - print login command usage and exit
+ *
+ * login [ name ]
+ * login -r hostname	(for rlogind)
+ * login -h hostname	(for telnetd, etc.)
+ * login -f name	(for pre-authenticated login: datakit, xterm, etc.)
+ */
+static void usage (void)
+{
+	fprintf (stderr, _("Usage: %s [-p] [name]\n"), Prog);
+	if (!amroot) {
+		exit (1);
+	}
+	fprintf (stderr, _("       %s [-p] [-h host] [-f name]\n"), Prog);
+#ifdef RLOGIN
+	fprintf (stderr, _("       %s [-p] -r host\n"), Prog);
+#endif				/* RLOGIN */
+	exit (1);
+}
+
+static void setup_tty (void)
+{
+	TERMIO termio;
+
+	if (GTTY (0, &termio) == 0) {	/* get terminal characteristics */
+		int erasechar;
+		int killchar;
+
+		/*
+		 * Add your favorite terminal modes here ...
+		 */
+		termio.c_lflag |= ISIG | ICANON | ECHO | ECHOE;
+		termio.c_iflag |= ICRNL;
+
+#if defined(ECHOKE) && defined(ECHOCTL)
+		termio.c_lflag |= ECHOKE | ECHOCTL;
+#endif
+#if defined(ECHOPRT) && defined(NOFLSH) && defined(TOSTOP)
+		termio.c_lflag &= ~(ECHOPRT | NOFLSH | TOSTOP);
+#endif
+#ifdef ONLCR
+		termio.c_oflag |= ONLCR;
+#endif
+
+		/* leave these values unchanged if not specified in login.defs */
+		erasechar = getdef_num ("ERASECHAR", (int) termio.c_cc[VERASE]);
+		killchar = getdef_num ("KILLCHAR", (int) termio.c_cc[VKILL]);
+		termio.c_cc[VERASE] = (cc_t) erasechar;
+		termio.c_cc[VKILL] = (cc_t) killchar;
+		/* Make sure the values were valid.
+		 * getdef_num cannot validate this.
+		 */
+		if (erasechar != (int) termio.c_cc[VERASE]) {
+			fprintf (stderr,
+			         _("configuration error - cannot parse %s value: '%d'"),
+			         "ERASECHAR", erasechar);
+			exit (1);
+		}
+		if (killchar != (int) termio.c_cc[VKILL]) {
+			fprintf (stderr,
+			         _("configuration error - cannot parse %s value: '%d'"),
+			         "KILLCHAR", killchar);
+			exit (1);
+		}
+
+		/*
+		 * ttymon invocation prefers this, but these settings
+		 * won't come into effect after the first username login 
+		 */
+		(void) STTY (0, &termio);
+	}
+}
+
+
+#ifndef USE_PAM
+/*
+ * Tell the user that this is not the right time to login at this tty
+ */
+static void bad_time_notify (void)
+{
+	(void) puts (_("Invalid login time"));
+	(void) fflush (stdout);
+}
+
+static void check_nologin (bool login_to_root)
+{
+	char *fname;
+
+	/*
+	 * Check to see if system is turned off for non-root users.
+	 * This would be useful to prevent users from logging in
+	 * during system maintenance. We make sure the message comes
+	 * out for root so she knows to remove the file if she's
+	 * forgotten about it ...
+	 */
+	fname = getdef_str ("NOLOGINS_FILE");
+	if ((NULL != fname) && (access (fname, F_OK) == 0)) {
+		FILE *nlfp;
+
+		/*
+		 * Cat the file if it can be opened, otherwise just
+		 * print a default message
+		 */
+		nlfp = fopen (fname, "r");
+		if (NULL != nlfp) {
+			int c;
+			while ((c = getc (nlfp)) != EOF) {
+				if (c == '\n') {
+					(void) putchar ('\r');
+				}
+
+				(void) putchar (c);
+			}
+			(void) fflush (stdout);
+			(void) fclose (nlfp);
+		} else {
+			(void) puts (_("\nSystem closed for routine maintenance"));
+		}
+		/*
+		 * Non-root users must exit. Root gets the message, but
+		 * gets to login.
+		 */
+
+		if (!login_to_root) {
+			closelog ();
+			exit (0);
+		}
+		(void) puts (_("\n[Disconnect bypassed -- root login allowed.]"));
+	}
+}
+#endif				/* !USE_PAM */
+
+static void process_flags (int argc, char *const *argv)
+{
+	int arg;
+	int flag;
+
+	/*
+	 * Check the flags for proper form. Every argument starting with
+	 * "-" must be exactly two characters long. This closes all the
+	 * clever rlogin, telnet, and getty holes.
+	 */
+	for (arg = 1; arg < argc; arg++) {
+		if (argv[arg][0] == '-' && strlen (argv[arg]) > 2) {
+			usage ();
+		}
+		if (strcmp(argv[arg], "--") == 0) {
+			break; /* stop checking on a "--" */
+		}
+	}
+
+	/*
+	 * Process options.
+	 */
+	while ((flag = getopt (argc, argv, "d:fh:pr:")) != EOF) {
+		switch (flag) {
+		case 'd':
+			/* "-d device" ignored for compatibility */
+			break;
+		case 'f':
+			fflg = true;
+			break;
+		case 'h':
+			hflg = true;
+			hostname = optarg;
+			reason = PW_TELNET;
+			break;
+#ifdef	RLOGIN
+		case 'r':
+			rflg = true;
+			hostname = optarg;
+			reason = PW_RLOGIN;
+			break;
+#endif				/* RLOGIN */
+		case 'p':
+			pflg = true;
+			break;
+		default:
+			usage ();
+		}
+	}
+
+#ifdef RLOGIN
+	/*
+	 * Neither -h nor -f should be combined with -r.
+	 */
+
+	if (rflg && (hflg || fflg)) {
+		usage ();
+	}
+#endif				/* RLOGIN */
+
+	/*
+	 * Allow authentication bypass only if real UID is zero.
+	 */
+
+	if ((rflg || fflg || hflg) && !amroot) {
+		fprintf (stderr, _("%s: Permission denied.\n"), Prog);
+		exit (1);
+	}
+
+	/*
+	 *  Get the user name.
+	 */
+	if (optind < argc) {
+		assert (NULL == username);
+		username = xstrdup (argv[optind]);
+		strzero (argv[optind]);
+		++optind;
+	}
+
+#ifdef	RLOGIN
+	if (rflg && (NULL != username)) {
+		usage ();
+	}
+#endif				/* RLOGIN */
+	if (fflg && (NULL == username)) {
+		usage ();
+	}
+
+}
+
+
+static void init_env (void)
+{
+#ifndef USE_PAM
+	char *cp;
+#endif
+	char *tmp;
+
+	tmp = getenv ("LANG");
+	if (NULL != tmp) {
+		addenv ("LANG", tmp);
+	}
+
+	/*
+	 * Add the timezone environmental variable so that time functions
+	 * work correctly.
+	 */
+	tmp = getenv ("TZ");
+	if (NULL != tmp) {
+		addenv ("TZ", tmp);
+	}
+#ifndef USE_PAM
+	else {
+		cp = getdef_str ("ENV_TZ");
+		if (NULL != cp) {
+			addenv (('/' == *cp) ? tz (cp) : cp, NULL);
+		}
+	}
+#endif				/* !USE_PAM */
+	/* 
+	 * Add the clock frequency so that profiling commands work
+	 * correctly.
+	 */
+	tmp = getenv ("HZ");
+	if (NULL != tmp) {
+		addenv ("HZ", tmp);
+	}
+#ifndef USE_PAM
+	else {
+		cp = getdef_str ("ENV_HZ");
+		if (NULL != cp) {
+			addenv (cp, NULL);
+		}
+	}
+#endif				/* !USE_PAM */
+}
+
+
+static RETSIGTYPE alarm_handler (unused int sig)
+{
+	write (STDERR_FILENO, tmsg, strlen (tmsg));
+	_exit (0);
+}
+
+#ifdef USE_PAM
+/*
+ * get_pam_user - Get the username according to PAM
+ *
+ * ptr_pam_user shall point to a malloc'ed string (or NULL).
+ */
+static void get_pam_user (char **ptr_pam_user)
+{
+	int retcode;
+	void *ptr_user;
+
+	assert (NULL != ptr_pam_user);
+
+	retcode = pam_get_item (pamh, PAM_USER, (const void **)&ptr_user);
+	PAM_FAIL_CHECK;
+
+	if (NULL != *ptr_pam_user) {
+		free (*ptr_pam_user);
+	}
+	if (NULL != ptr_user) {
+		*ptr_pam_user = xstrdup ((const char *)ptr_user);
+	} else {
+		*ptr_pam_user = NULL;
+	}
+}
+#endif
+
+/*
+ * get_failent_user - Return a string that can be used to log failure
+ *                    from an user.
+ *
+ * This will be either the user argument, or "UNKNOWN".
+ *
+ * It is quite common to mistyped the password for username, and passwords
+ * should not be logged.
+ */
+static /*@observer@*/const char *get_failent_user (/*@returned@*/const char *user)
+{
+	const char *failent_user = "UNKNOWN";
+	bool log_unkfail_enab = getdef_bool("LOG_UNKFAIL_ENAB");
+
+	if ((NULL != user) && ('\0' != user[0])) {
+		if (   log_unkfail_enab
+		    || (getpwnam (user) != NULL)) {
+			failent_user = user;
+		}
+	}
+
+	return failent_user;
+}
+
+/*
+ * update_utmp - Update or create an utmp entry in utmp, wtmp, utmpw, and
+ *               wtmpx
+ *
+ *	utent should be the utmp entry returned by get_current_utmp (or
+ *	NULL).
+ */
+static void update_utmp (const char *user,
+                         const char *tty,
+                         const char *host,
+                         /*@null@*/const struct utmp *utent)
+{
+	struct utmp  *ut  = prepare_utmp  (user, tty, host, utent);
+#ifdef USE_UTMPX
+	struct utmpx *utx = prepare_utmpx (user, tty, host, utent);
+#endif				/* USE_UTMPX */
+
+	(void) setutmp  (ut);	/* make entry in the utmp & wtmp files */
+	free (ut);
+
+#ifdef USE_UTMPX
+	(void) setutmpx (utx);	/* make entry in the utmpx & wtmpx files */
+	free (utx);
+#endif				/* USE_UTMPX */
+}
+
+/*
+ * login - create a new login session for a user
+ *
+ *	login is typically called by getty as the second step of a
+ *	new user session. getty is responsible for setting the line
+ *	characteristics to a reasonable set of values and getting
+ *	the name of the user to be logged in. login may also be
+ *	called to create a new user session on a pty for a variety
+ *	of reasons, such as X servers or network logins.
+ *
+ *	the flags which login supports are
+ *	
+ *	-p - preserve the environment
+ *	-r - perform autologin protocol for rlogin
+ *	-f - do not perform authentication, user is preauthenticated
+ *	-h - the name of the remote host
+ */
+int main (int argc, char **argv)
+{
+	const char *tmptty;
+	char tty[BUFSIZ];
+
+#ifdef RLOGIN
+	char term[128] = "";
+#endif				/* RLOGIN */
+#if defined(HAVE_STRFTIME) && !defined(USE_PAM)
+	char ptime[80];
+#endif
+	unsigned int delay;
+	unsigned int retries;
+	bool subroot = false;
+#ifndef USE_PAM
+	bool is_console;
+#endif
+	int err;
+	unsigned int timeout;
+	const char *cp;
+	const char *tmp;
+	char fromhost[512];
+	struct passwd *pwd = NULL;
+	char **envp = environ;
+	const char *failent_user;
+	/*@null@*/struct utmp *utent;
+
+#ifdef USE_PAM
+	int retcode;
+	pid_t child;
+	char *pam_user = NULL;
+#else
+	struct spwd *spwd = NULL;
+#endif
+	/*
+	 * Some quick initialization.
+	 */
+
+	sanitize_env ();
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	initenv ();
+
+	amroot = (getuid () == 0);
+	Prog = Basename (argv[0]);
+
+	if (geteuid() != 0) {
+		fprintf (stderr, _("%s: Cannot possibly work without effective root\n"), Prog);
+		exit (1);
+	}
+
+	process_flags (argc, argv);
+
+	if ((isatty (0) == 0) || (isatty (1) == 0) || (isatty (2) == 0)) {
+		exit (1);	/* must be a terminal */
+	}
+
+	utent = get_current_utmp ();
+	/*
+	 * Be picky if run by normal users (possible if installed setuid
+	 * root), but not if run by root. This way it still allows logins
+	 * even if your getty is broken, or if something corrupts utmp,
+	 * but users must "exec login" which will use the existing utmp
+	 * entry (will not overwrite remote hostname).  --marekm
+	 */
+	if (!amroot && (NULL == utent)) {
+		(void) puts (_("No utmp entry.  You must exec \"login\" from the lowest level \"sh\""));
+		exit (1);
+	}
+	/* NOTE: utent might be NULL afterwards */
+
+	tmptty = ttyname (0);
+	if (NULL == tmptty) {
+		tmptty = "UNKNOWN";
+	}
+	STRFCPY (tty, tmptty);
+
+#ifndef USE_PAM
+	is_console = console (tty);
+#endif
+
+	if (rflg || hflg) {
+		/*
+		 * Add remote hostname to the environment. I think
+		 * (not sure) I saw it once on Irix.  --marekm
+		 */
+		addenv ("REMOTEHOST", hostname);
+	}
+	if (fflg) {
+		preauth_flag = true;
+	}
+	if (hflg) {
+		reason = PW_RLOGIN;
+	}
+#ifdef RLOGIN
+	if (rflg) {
+		assert (NULL == username);
+		username = xmalloc (USER_NAME_MAX_LENGTH + 1);
+		username[USER_NAME_MAX_LENGTH] = '\0';
+		if (do_rlogin (hostname, username, USER_NAME_MAX_LENGTH, term, sizeof term)) {
+			preauth_flag = true;
+		} else {
+			free (username);
+			username = NULL;
+		}
+	}
+#endif				/* RLOGIN */
+
+	OPENLOG ("login");
+
+	setup_tty ();
+
+#ifndef USE_PAM
+	(void) umask (getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
+
+	{
+		/* 
+		 * Use the ULIMIT in the login.defs file, and if
+		 * there isn't one, use the default value. The
+		 * user may have one for themselves, but otherwise,
+		 * just take what you get.
+		 */
+		long limit = getdef_long ("ULIMIT", -1L);
+
+		if (limit != -1) {
+			set_filesize_limit (limit);
+		}
+	}
+
+#endif
+	/*
+	 * The entire environment will be preserved if the -p flag
+	 * is used.
+	 */
+	if (pflg) {
+		while (NULL != *envp) {	/* add inherited environment, */
+			addenv (*envp, NULL); /* some variables change later */
+			envp++;
+		}
+	}
+
+#ifdef RLOGIN
+	if (term[0] != '\0') {
+		addenv ("TERM", term);
+	} else
+#endif				/* RLOGIN */
+	{
+		/* preserve TERM from getty */
+		if (!pflg) {
+			tmp = getenv ("TERM");
+			if (NULL != tmp) {
+				addenv ("TERM", tmp);
+			}
+		}
+	}
+
+	init_env ();
+
+	if (optind < argc) {	/* now set command line variables */
+		set_env (argc - optind, &argv[optind]);
+	}
+
+	if (rflg || hflg) {
+		cp = hostname;
+#ifdef	HAVE_STRUCT_UTMP_UT_HOST
+	} else if ((NULL != utent) && ('\0' != utent->ut_host[0])) {
+		cp = utent->ut_host;
+#endif				/* HAVE_STRUCT_UTMP_UT_HOST */
+	} else {
+		cp = "";
+	}
+
+	if ('\0' != *cp) {
+		snprintf (fromhost, sizeof fromhost,
+		          " on '%.100s' from '%.200s'", tty, cp);
+	} else {
+		snprintf (fromhost, sizeof fromhost,
+		          " on '%.100s'", tty);
+	}
+
+      top:
+	/* only allow ALARM sec. for login */
+	timeout = getdef_unum ("LOGIN_TIMEOUT", ALARM);
+	snprintf (tmsg, sizeof tmsg,
+	          _("\nLogin timed out after %u seconds.\n"), timeout);
+	(void) signal (SIGALRM, alarm_handler);
+	if (timeout > 0) {
+		(void) alarm (timeout);
+	}
+
+	environ = newenvp;	/* make new environment active */
+	delay   = getdef_unum ("FAIL_DELAY", 1);
+	retries = getdef_unum ("LOGIN_RETRIES", RETRIES);
+
+#ifdef USE_PAM
+	retcode = pam_start ("login", username, &conv, &pamh);
+	if (retcode != PAM_SUCCESS) {
+		fprintf (stderr,
+		         _("login: PAM Failure, aborting: %s\n"),
+		         pam_strerror (pamh, retcode));
+		SYSLOG ((LOG_ERR, "Couldn't initialize PAM: %s",
+		         pam_strerror (pamh, retcode)));
+		exit (99);
+	}
+
+	/*
+	 * hostname & tty are either set to NULL or their correct values,
+	 * depending on how much we know. We also set PAM's fail delay to
+	 * ours.
+	 *
+	 * PAM_RHOST and PAM_TTY are used for authentication, only use
+	 * information coming from login or from the caller (e.g. no utmp)
+	 */
+	retcode = pam_set_item (pamh, PAM_RHOST, hostname);
+	PAM_FAIL_CHECK;
+	retcode = pam_set_item (pamh, PAM_TTY, tty);
+	PAM_FAIL_CHECK;
+#ifdef HAS_PAM_FAIL_DELAY
+	retcode = pam_fail_delay (pamh, 1000000 * delay);
+	PAM_FAIL_CHECK;
+#endif
+	/* if fflg, then the user has already been authenticated */
+	if (!fflg) {
+		unsigned int failcount = 0;
+		char hostn[256];
+		char loginprompt[256];	/* That's one hell of a prompt :) */
+
+		/* Make the login prompt look like we want it */
+		if (gethostname (hostn, sizeof (hostn)) == 0) {
+			snprintf (loginprompt,
+			          sizeof (loginprompt),
+			          _("%s login: "), hostn);
+		} else {
+			strncpy (loginprompt, _("login: "),
+			         sizeof (loginprompt));
+		}
+
+		retcode = pam_set_item (pamh, PAM_USER_PROMPT, loginprompt);
+		PAM_FAIL_CHECK;
+
+		/* if we didn't get a user on the command line,
+		   set it to NULL */
+		get_pam_user (&pam_user);
+		if ((NULL != pam_user) && ('\0' == pam_user[0])) {
+			retcode = pam_set_item (pamh, PAM_USER, NULL);
+			PAM_FAIL_CHECK;
+		}
+
+		/*
+		 * There may be better ways to deal with some of
+		 * these conditions, but at least this way I don't
+		 * think we'll be giving away information. Perhaps
+		 * someday we can trust that all PAM modules will
+		 * pay attention to failure count and get rid of
+		 * MAX_LOGIN_TRIES?
+		 */
+		failcount = 0;
+		while (true) {
+			bool failed = false;
+
+			failcount++;
+#ifdef HAS_PAM_FAIL_DELAY
+			if (delay > 0) {
+				retcode = pam_fail_delay(pamh, 1000000*delay);
+				PAM_FAIL_CHECK;
+			}
+#endif
+
+			retcode = pam_authenticate (pamh, 0);
+
+			get_pam_user (&pam_user);
+			failent_user = get_failent_user (pam_user);
+
+			if (retcode == PAM_MAXTRIES) {
+				SYSLOG ((LOG_NOTICE,
+				         "TOO MANY LOGIN TRIES (%u)%s FOR '%s'",
+				         failcount, fromhost, failent_user));
+				fprintf (stderr,
+				         _("Maximum number of tries exceeded (%u)\n"),
+				         failcount);
+				PAM_END;
+				exit(0);
+			} else if (retcode == PAM_ABORT) {
+				/* Serious problems, quit now */
+				(void) fputs (_("login: abort requested by PAM\n"), stderr);
+				SYSLOG ((LOG_ERR,"PAM_ABORT returned from pam_authenticate()"));
+				PAM_END;
+				exit(99);
+			} else if (retcode != PAM_SUCCESS) {
+				SYSLOG ((LOG_NOTICE,"FAILED LOGIN (%u)%s FOR '%s', %s",
+				         failcount, fromhost, failent_user,
+				         pam_strerror (pamh, retcode)));
+				failed = true;
+			}
+
+			if (!failed) {
+				break;
+			}
+
+#ifdef WITH_AUDIT
+			audit_fd = audit_open ();
+			audit_log_acct_message (audit_fd,
+			                        AUDIT_USER_LOGIN,
+			                        NULL,    /* Prog. name */
+			                        "login",
+			                        failent_user,
+			                        AUDIT_NO_ID,
+			                        hostname,
+			                        NULL,    /* addr */
+			                        tty,
+			                        0);      /* result */
+			close (audit_fd);
+#endif				/* WITH_AUDIT */
+
+			(void) puts ("");
+			(void) puts (_("Login incorrect"));
+
+			if (failcount >= retries) {
+				SYSLOG ((LOG_NOTICE,
+				         "TOO MANY LOGIN TRIES (%u)%s FOR '%s'",
+				         failcount, fromhost, failent_user));
+				fprintf (stderr,
+				         _("Maximum number of tries exceeded (%u)\n"),
+				         failcount);
+				PAM_END;
+				exit(0);
+			}
+
+			/*
+			 * Let's give it another go around.
+			 * Even if a username was given on the command
+			 * line, prompt again for the username.
+			 */
+			retcode = pam_set_item (pamh, PAM_USER, NULL);
+			PAM_FAIL_CHECK;
+		}
+
+		/* We don't get here unless they were authenticated above */
+		(void) alarm (0);
+	}
+
+	/* Check the account validity */
+	retcode = pam_acct_mgmt (pamh, 0);
+	if (retcode == PAM_NEW_AUTHTOK_REQD) {
+		retcode = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
+	}
+	PAM_FAIL_CHECK;
+
+	/* Open the PAM session */
+	get_pam_user (&pam_user);
+	retcode = pam_open_session (pamh, hushed (pam_user) ? PAM_SILENT : 0);
+	PAM_FAIL_CHECK;
+
+	/* Grab the user information out of the password file for future usage
+	 * First get the username that we are actually using, though.
+	 *
+	 * From now on, we will discard changes of the user (PAM_USER) by
+	 * PAM APIs.
+	 */
+	get_pam_user (&pam_user);
+	if (NULL != username) {
+		free (username);
+	}
+	username = xstrdup (pam_user);
+	failent_user = get_failent_user (username);
+
+	pwd = xgetpwnam (username);
+	if (NULL == pwd) {
+		SYSLOG ((LOG_ERR, "cannot find user %s", failent_user));
+		fprintf (stderr,
+		         _("Cannot find user (%s)\n"),
+		         username);
+		exit (1);
+	}
+
+	/* This set up the process credential (group) and initialize the
+	 * supplementary group access list.
+	 * This has to be done before pam_setcred
+	 */
+	if (setup_groups (pwd) != 0) {
+		exit (1);
+	}
+
+	retcode = pam_setcred (pamh, PAM_ESTABLISH_CRED);
+	PAM_FAIL_CHECK;
+	/* NOTE: If pam_setcred changes PAM_USER, this will not be taken
+	 * into account.
+	 */
+
+#else				/* ! USE_PAM */
+	while (true) {	/* repeatedly get login/password pairs */
+		bool failed;
+		/* user_passwd is always a pointer to this constant string
+		 * or a passwd or shadow password that will be memzero by
+		 * pw_free / spw_free.
+		 * Do not free() user_passwd. */
+		const char *user_passwd = "!";
+
+		/* Do some cleanup to avoid keeping entries we do not need
+		 * anymore. */
+		if (NULL != pwd) {
+			pw_free (pwd);
+			pwd = NULL;
+		}
+		if (NULL != spwd) {
+			spw_free (spwd);
+			spwd = NULL;
+		}
+
+		failed = false;	/* haven't failed authentication yet */
+		if (NULL == username) {	/* need to get a login id */
+			if (subroot) {
+				closelog ();
+				exit (1);
+			}
+			preauth_flag = false;
+			username = xmalloc (USER_NAME_MAX_LENGTH + 1);
+			username[USER_NAME_MAX_LENGTH] = '\0';
+			login_prompt (_("\n%s login: "), username, USER_NAME_MAX_LENGTH);
+
+			if ('\0' == username[0]) {
+				/* Prompt for a new login */
+				free (username);
+				username = NULL;
+				continue;
+			}
+		}
+		/* Get the username to be used to log failures */
+		failent_user = get_failent_user (username);
+
+		pwd = xgetpwnam (username);
+		if (NULL == pwd) {
+			preauth_flag = false;
+			failed = true;
+		} else {
+			user_passwd = pwd->pw_passwd;
+			/*
+			 * If the encrypted password begins with a "!",
+			 * the account is locked and the user cannot
+			 * login, even if they have been
+			 * "pre-authenticated."
+			 */
+			if (   ('!' == user_passwd[0])
+			    || ('*' == user_passwd[0])) {
+				failed = true;
+			}
+		}
+
+		if (strcmp (user_passwd, SHADOW_PASSWD_STRING) == 0) {
+			spwd = xgetspnam (username);
+			if (NULL != spwd) {
+				user_passwd = spwd->sp_pwdp;
+			} else {
+				/* The user exists in passwd, but not in
+				 * shadow. SHADOW_PASSWD_STRING indicates
+				 * that the password shall be in shadow.
+				 */
+				SYSLOG ((LOG_WARN,
+				         "no shadow password for '%s'%s",
+				         username, fromhost));
+			}
+		}
+
+		/*
+		 * The -r and -f flags provide a name which has already
+		 * been authenticated by some server.
+		 */
+		if (preauth_flag) {
+			goto auth_ok;
+		}
+
+		if (pw_auth (user_passwd, username, reason, (char *) 0) == 0) {
+			goto auth_ok;
+		}
+
+		SYSLOG ((LOG_WARN, "invalid password for '%s' %s",
+		         failent_user, fromhost));
+		failed = true;
+
+	      auth_ok:
+		/*
+		 * This is the point where all authenticated users wind up.
+		 * If you reach this far, your password has been
+		 * authenticated and so on.
+		 */
+		if (   !failed
+		    && (NULL != pwd)
+		    && (0 == pwd->pw_uid)
+		    && !is_console) {
+			SYSLOG ((LOG_CRIT, "ILLEGAL ROOT LOGIN %s", fromhost));
+			failed = true;
+		}
+		if (   !failed
+		    && !login_access (username, ('\0' != *hostname) ? hostname : tty)) {
+			SYSLOG ((LOG_WARN, "LOGIN '%s' REFUSED %s",
+			         username, fromhost));
+			failed = true;
+		}
+		if (   (NULL != pwd)
+		    && getdef_bool ("FAILLOG_ENAB")
+		    && !failcheck (pwd->pw_uid, &faillog, failed)) {
+			SYSLOG ((LOG_CRIT,
+			         "exceeded failure limit for '%s' %s",
+			         username, fromhost));
+			failed = true;
+		}
+		if (!failed) {
+			break;
+		}
+
+		/* don't log non-existent users */
+		if ((NULL != pwd) && getdef_bool ("FAILLOG_ENAB")) {
+			failure (pwd->pw_uid, tty, &faillog);
+		}
+		if (getdef_str ("FTMP_FILE") != NULL) {
+#ifdef USE_UTMPX
+			struct utmpx *failent =
+				prepare_utmpx (failent_user,
+				               tty,
+			/* FIXME: or fromhost? */hostname,
+				               utent);
+#else				/* !USE_UTMPX */
+			struct utmp *failent =
+				prepare_utmp (failent_user,
+				              tty,
+				              hostname,
+				              utent);
+#endif				/* !USE_UTMPX */
+			failtmp (failent_user, failent);
+			free (failent);
+		}
+
+		retries--;
+		if (retries <= 0) {
+			SYSLOG ((LOG_CRIT, "REPEATED login failures%s",
+			         fromhost));
+		}
+
+		/*
+		 * If this was a passwordless account and we get here, login
+		 * was denied (securetty, faillog, etc.). There was no
+		 * password prompt, so do it now (will always fail - the bad
+		 * guys won't see that the passwordless account exists at
+		 * all).  --marekm
+		 */
+		if (user_passwd[0] == '\0') {
+			pw_auth ("!", username, reason, (char *) 0);
+		}
+
+		/*
+		 * Authentication of this user failed.
+		 * The username must be confirmed in the next try.
+		 */
+		free (username);
+		username = NULL;
+
+		/*
+		 * Wait a while (a la SVR4 /usr/bin/login) before attempting
+		 * to login the user again. If the earlier alarm occurs
+		 * before the sleep() below completes, login will exit.
+		 */
+		if (delay > 0) {
+			(void) sleep (delay);
+		}
+
+		(void) puts (_("Login incorrect"));
+
+		/* allow only one attempt with -r or -f */
+		if (rflg || fflg || (retries <= 0)) {
+			closelog ();
+			exit (1);
+		}
+	}			/* while (true) */
+#endif				/* ! USE_PAM */
+	assert (NULL != username);
+	assert (NULL != pwd);
+
+	(void) alarm (0);		/* turn off alarm clock */
+
+#ifndef USE_PAM			/* PAM does this */
+	/*
+	 * porttime checks moved here, after the user has been
+	 * authenticated. now prints a message, as suggested
+	 * by Ivan Nejgebauer <ian@unsux.ns.ac.yu>.  --marekm
+	 */
+	if (   getdef_bool ("PORTTIME_CHECKS_ENAB")
+	    && !isttytime (username, tty, time ((time_t *) 0))) {
+		SYSLOG ((LOG_WARN, "invalid login time for '%s'%s",
+		         username, fromhost));
+		closelog ();
+		bad_time_notify ();
+		exit (1);
+	}
+
+	check_nologin (pwd->pw_uid == 0);
+#endif
+
+	if (getenv ("IFS")) {	/* don't export user IFS ... */
+		addenv ("IFS= \t\n", NULL);	/* ... instead, set a safe IFS */
+	}
+
+	if (pwd->pw_shell[0] == '*') {	/* subsystem root */
+		pwd->pw_shell++;	/* skip the '*' */
+		subsystem (pwd);	/* figure out what to execute */
+		subroot = true;	/* say I was here again */
+		endpwent ();	/* close all of the file which were */
+		endgrent ();	/* open in the original rooted file */
+		endspent ();	/* system. they will be re-opened */
+#ifdef	SHADOWGRP
+		endsgent ();	/* in the new rooted file system */
+#endif
+		goto top;	/* go do all this all over again */
+	}
+
+#ifdef WITH_AUDIT
+	audit_fd = audit_open ();
+	audit_log_acct_message (audit_fd,
+	                        AUDIT_USER_LOGIN,
+	                        NULL,    /* Prog. name */
+	                        "login",
+	                        username,
+	                        AUDIT_NO_ID,
+	                        hostname,
+	                        NULL,    /* addr */
+	                        tty,
+	                        1);      /* result */
+	close (audit_fd);
+#endif				/* WITH_AUDIT */
+
+#ifndef USE_PAM			/* pam_lastlog handles this */
+	if (getdef_bool ("LASTLOG_ENAB")) {	/* give last login and log this one */
+		dolastlog (&ll, pwd, tty, hostname);
+	}
+#endif
+
+#ifndef USE_PAM			/* PAM handles this as well */
+	/*
+	 * Have to do this while we still have root privileges, otherwise we
+	 * don't have access to /etc/shadow.
+	 */
+	if (NULL != spwd) {		/* check for age of password */
+		if (expire (pwd, spwd)) {
+			/* The user updated her password, get the new
+			 * entries.
+			 * Use the x variants because we need to keep the
+			 * entry for a long time, and there might be other
+			 * getxxyy in between.
+			 */
+			pw_free (pwd);
+			pwd = xgetpwnam (username);
+			if (NULL == pwd) {
+				SYSLOG ((LOG_ERR,
+				         "cannot find user %s after update of expired password",
+				         username));
+				exit (1);
+			}
+			spw_free (spwd);
+			spwd = xgetspnam (username);
+		}
+	}
+	setup_limits (pwd);	/* nice, ulimit etc. */
+#endif				/* ! USE_PAM */
+	chown_tty (pwd);
+
+#ifdef USE_PAM
+	/*
+	 * We must fork before setuid() because we need to call
+	 * pam_close_session() as root.
+	 */
+	(void) signal (SIGINT, SIG_IGN);
+	child = fork ();
+	if (child < 0) {
+		/* error in fork() */
+		fprintf (stderr, _("%s: failure forking: %s"),
+		         Prog, strerror (errno));
+		PAM_END;
+		exit (0);
+	} else if (child != 0) {
+		/*
+		 * parent - wait for child to finish, then cleanup
+		 * session
+		 */
+		wait (NULL);
+		PAM_END;
+		exit (0);
+	}
+	/* child */
+#endif
+
+	/* If we were init, we need to start a new session */
+	if (getppid() == 1) {
+		setsid();
+		if (ioctl(0, TIOCSCTTY, 1) != 0) {
+			fprintf (stderr, _("TIOCSCTTY failed on %s"), tty);
+		}
+	}
+
+	/*
+	 * The utmp entry needs to be updated to indicate the new status
+	 * of the session, the new PID and SID.
+	 */
+	update_utmp (username, tty, hostname, utent);
+
+	/* The pwd and spwd entries for the user have been copied.
+	 *
+	 * Close all the files so that unauthorized access won't occur.
+	 */
+	endpwent ();		/* stop access to password file */
+	endgrent ();		/* stop access to group file */
+	endspent ();		/* stop access to shadow passwd file */
+#ifdef	SHADOWGRP
+	endsgent ();		/* stop access to shadow group file */
+#endif
+
+	/* Drop root privileges */
+#ifndef USE_PAM
+	if (setup_uid_gid (pwd, is_console))
+#else
+	/* The group privileges were already dropped.
+	 * See setup_groups() above.
+	 */
+	if (change_uid (pwd))
+#endif
+	{
+		exit (1);
+	}
+
+	setup_env (pwd);	/* set env vars, cd to the home dir */
+
+#ifdef USE_PAM
+	{
+		const char *const *env;
+
+		env = (const char *const *) pam_getenvlist (pamh);
+		while ((NULL != env) && (NULL != *env)) {
+			addenv (*env, NULL);
+			env++;
+		}
+	}
+#endif
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	if (!hushed (username)) {
+		addenv ("HUSHLOGIN=FALSE", NULL);
+		/*
+		 * pam_unix, pam_mail and pam_lastlog should take care of
+		 * this
+		 */
+#ifndef USE_PAM
+		motd ();	/* print the message of the day */
+		if (   getdef_bool ("FAILLOG_ENAB")
+		    && (0 != faillog.fail_cnt)) {
+			failprint (&faillog);
+			/* Reset the lockout times if logged in */
+			if (   (0 != faillog.fail_max)
+			    && (faillog.fail_cnt >= faillog.fail_max)) {
+				(void) puts (_("Warning: login re-enabled after temporary lockout."));
+				SYSLOG ((LOG_WARN,
+				         "login '%s' re-enabled after temporary lockout (%d failures)",
+				         username, (int) faillog.fail_cnt));
+			}
+		}
+		if (   getdef_bool ("LASTLOG_ENAB")
+		    && (ll.ll_time != 0)) {
+			time_t ll_time = ll.ll_time;
+
+#ifdef HAVE_STRFTIME
+			(void) strftime (ptime, sizeof (ptime),
+			                 "%a %b %e %H:%M:%S %z %Y",
+			                 localtime (&ll_time));
+			printf (_("Last login: %s on %s"),
+			        ptime, ll.ll_line);
+#else
+			printf (_("Last login: %.19s on %s"),
+			        ctime (&ll_time), ll.ll_line);
+#endif
+#ifdef HAVE_LL_HOST		/* __linux__ || SUN4 */
+			if ('\0' != ll.ll_host[0]) {
+				printf (_(" from %.*s"),
+				        (int) sizeof ll.ll_host, ll.ll_host);
+			}
+#endif
+			printf (".\n");
+		}
+		agecheck (spwd);
+
+		mailcheck ();	/* report on the status of mail */
+#endif				/* !USE_PAM */
+	} else {
+		addenv ("HUSHLOGIN=TRUE", NULL);
+	}
+
+	ttytype (tty);
+
+	(void) signal (SIGQUIT, SIG_DFL);	/* default quit signal */
+	(void) signal (SIGTERM, SIG_DFL);	/* default terminate signal */
+	(void) signal (SIGALRM, SIG_DFL);	/* default alarm signal */
+	(void) signal (SIGHUP, SIG_DFL);	/* added this.  --marekm */
+	(void) signal (SIGINT, SIG_DFL);	/* default interrupt signal */
+
+	if (0 == pwd->pw_uid) {
+		SYSLOG ((LOG_NOTICE, "ROOT LOGIN %s", fromhost));
+	} else if (getdef_bool ("LOG_OK_LOGINS")) {
+		SYSLOG ((LOG_INFO, "'%s' logged in %s", username, fromhost));
+	}
+	closelog ();
+	tmp = getdef_str ("FAKE_SHELL");
+	if (NULL != tmp) {
+		err = shell (tmp, pwd->pw_shell, newenvp); /* fake shell */
+	} else {
+		/* exec the shell finally */
+		err = shell (pwd->pw_shell, (char *) 0, newenvp);
+	}
+
+	return ((err == ENOENT) ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
+}
+
diff --git a/src/login_nopam.c b/src/login_nopam.c
new file mode 100644
index 0000000..68a3775
--- /dev/null
+++ b/src/login_nopam.c
@@ -0,0 +1,336 @@
+/* Taken from logdaemon-5.0, only minimal changes.  --marekm */
+
+/************************************************************************
+* Copyright 1995 by Wietse Venema.  All rights reserved. Individual files
+* may be covered by other copyrights (as noted in the file itself.)
+*
+* This material was originally written and compiled by Wietse Venema at
+* Eindhoven University of Technology, The Netherlands, in 1990, 1991,
+* 1992, 1993, 1994 and 1995.
+*
+* Redistribution and use in source and binary forms are permitted
+* provided that this entire copyright notice is duplicated in all such
+* copies.  
+*
+* This software is provided "as is" and without any expressed or implied
+* warranties, including, without limitation, the implied warranties of
+* merchantibility and fitness for any particular purpose.
+************************************************************************/
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#ifndef USE_PAM
+#ident "$Id$"
+
+#include "prototypes.h"
+    /*
+     * This module implements a simple but effective form of login access
+     * control based on login names and on host (or domain) names, internet
+     * addresses (or network numbers), or on terminal line names in case of
+     * non-networked logins. Diagnostics are reported through syslog(3).
+     * 
+     * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
+     */
+#include <sys/types.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <ctype.h>
+#ifdef HAVE_NETDB_H
+#include <netdb.h>
+#endif
+#include <grp.h>
+#ifdef PRIMARY_GROUP_MATCH
+#include <pwd.h>
+#endif
+#include <errno.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>		/* for inet_ntoa() */
+
+#if !defined(MAXHOSTNAMELEN) || (MAXHOSTNAMELEN < 64)
+#undef MAXHOSTNAMELEN
+#define MAXHOSTNAMELEN 256
+#endif
+
+ /* Path name of the access control file. */
+#ifndef	TABLE
+#define TABLE	"/etc/login.access"
+#endif
+
+/* Delimiters for fields and for lists of users, ttys or hosts. */
+static char fs[] = ":";		/* field separator */
+static char sep[] = ", \t";	/* list-element separator */
+
+static bool list_match (char *list, const char *item, bool (*match_fn) (const char *, const char *));
+static bool user_match (const char *tok, const char *string);
+static bool from_match (const char *tok, const char *string);
+static bool string_match (const char *tok, const char *string);
+static const char *resolve_hostname (const char *string);
+
+/* login_access - match username/group and host/tty with access control file */
+int login_access (const char *user, const char *from)
+{
+	FILE *fp;
+	char line[BUFSIZ];
+	char *perm;		/* becomes permission field */
+	char *users;		/* becomes list of login names */
+	char *froms;		/* becomes list of terminals or hosts */
+	bool match = false;
+
+	/*
+	 * Process the table one line at a time and stop at the first match.
+	 * Blank lines and lines that begin with a '#' character are ignored.
+	 * Non-comment lines are broken at the ':' character. All fields are
+	 * mandatory. The first field should be a "+" or "-" character. A
+	 * non-existing table means no access control.
+	 */
+	fp = fopen (TABLE, "r");
+	if (NULL != fp) {
+		int lineno = 0;	/* for diagnostics */
+		while (   !match
+		       && (fgets (line, (int) sizeof (line), fp) == line)) {
+			int end;
+			lineno++;
+			end = (int) strlen (line) - 1;
+			if (line[end] != '\n') {
+				SYSLOG ((LOG_ERR,
+					 "%s: line %d: missing newline or line too long",
+					 TABLE, lineno));
+				continue;
+			}
+			if (line[0] == '#') {
+				continue;	/* comment line */
+			}
+			while (end > 0 && isspace (line[end - 1])) {
+				end--;
+			}
+			line[end] = '\0';	/* strip trailing whitespace */
+			if (line[0] == '\0') {	/* skip blank lines */
+				continue;
+			}
+			if (   ((perm = strtok (line, fs)) == NULL)
+			    || ((users = strtok ((char *) 0, fs)) == NULL)
+			    || ((froms = strtok ((char *) 0, fs)) == NULL)
+			    || (strtok ((char *) 0, fs) != NULL)) {
+				SYSLOG ((LOG_ERR,
+					 "%s: line %d: bad field count",
+					 TABLE, lineno));
+				continue;
+			}
+			if (perm[0] != '+' && perm[0] != '-') {
+				SYSLOG ((LOG_ERR,
+					 "%s: line %d: bad first field",
+					 TABLE, lineno));
+				continue;
+			}
+			match = (   list_match (froms, from, from_match)
+			         && list_match (users, user, user_match));
+		}
+		(void) fclose (fp);
+	} else if (errno != ENOENT) {
+		int err = errno;
+		SYSLOG ((LOG_ERR, "cannot open %s: %s", TABLE, strerror (err)));
+	}
+	return (!match || (line[0] == '+'))?1:0;
+}
+
+/* list_match - match an item against a list of tokens with exceptions */
+static bool list_match (char *list, const char *item, bool (*match_fn) (const char *, const char*))
+{
+	char *tok;
+	bool match = false;
+
+	/*
+	 * Process tokens one at a time. We have exhausted all possible matches
+	 * when we reach an "EXCEPT" token or the end of the list. If we do find
+	 * a match, look for an "EXCEPT" list and recurse to determine whether
+	 * the match is affected by any exceptions.
+	 */
+	for (tok = strtok (list, sep); tok != NULL; tok = strtok ((char *) 0, sep)) {
+		if (strcasecmp (tok, "EXCEPT") == 0) {	/* EXCEPT: give up */
+			break;
+		}
+		match = (*match_fn) (tok, item);
+		if (match) {
+			break;
+		}
+	}
+
+	/* Process exceptions to matches. */
+	if (match) {
+		while (   ((tok = strtok ((char *) 0, sep)) != NULL)
+		       && (strcasecmp (tok, "EXCEPT") != 0))
+			/* VOID */ ;
+		if (tok == 0 || !list_match ((char *) 0, item, match_fn)) {
+			return (match);
+		}
+	}
+	return false;
+}
+
+/* myhostname - figure out local machine name */
+static char *myhostname (void)
+{
+	static char name[MAXHOSTNAMELEN + 1] = "";
+
+	if (name[0] == '\0') {
+		gethostname (name, sizeof (name));
+		name[MAXHOSTNAMELEN] = '\0';
+	}
+	return (name);
+}
+
+#if HAVE_INNETGR
+/* netgroup_match - match group against machine or user */
+static bool
+netgroup_match (const char *group, const char *machine, const char *user)
+{
+	static char *mydomain = (char *)0;
+
+	if (mydomain == (char *)0) {
+		static char domain[MAXHOSTNAMELEN + 1];
+
+		getdomainname (domain, MAXHOSTNAMELEN);
+		mydomain = domain;
+	}
+
+	return (innetgr (group, machine, user, mydomain) != 0);
+}
+#endif
+
+/* user_match - match a username against one token */
+static bool user_match (const char *tok, const char *string)
+{
+	struct group *group;
+
+#ifdef PRIMARY_GROUP_MATCH
+	struct passwd *userinf;
+#endif
+	char *at;
+
+	/*
+	 * If a token has the magic value "ALL" the match always succeeds.
+	 * Otherwise, return true if the token fully matches the username, or if
+	 * the token is a group that contains the username.
+	 */
+	at = strchr (tok + 1, '@');
+	if (NULL != at) {	/* split user@host pattern */
+		*at = '\0';
+		return (   user_match (tok, string)
+		        && from_match (at + 1, myhostname ()));
+#if HAVE_INNETGR
+	} else if (tok[0] == '@') {	/* netgroup */
+		return (netgroup_match (tok + 1, (char *) 0, string));
+#endif
+	} else if (string_match (tok, string)) {	/* ALL or exact match */
+		return true;
+	/* local, no need for xgetgrnam */
+	} else if ((group = getgrnam (tok)) != NULL) {	/* try group membership */
+		int i;
+		for (i = 0; NULL != group->gr_mem[i]; i++) {
+			if (strcasecmp (string, group->gr_mem[i]) == 0) {
+				return true;
+			}
+		}
+#ifdef PRIMARY_GROUP_MATCH
+		/*
+		 * If the string is an user whose initial GID matches the token,
+		 * accept it. May avoid excessively long lines in /etc/group.
+		 * Radu-Adrian Feurdean <raf@licj.soroscj.ro>
+		 *
+		 * XXX - disabled by default for now.  Need to verify that
+		 * getpwnam() doesn't have some nasty side effects.  --marekm
+		 */
+		/* local, no need for xgetpwnam */
+		userinf = getpwnam (string);
+		if (NULL != userinf) {
+			if (userinf->pw_gid == group->gr_gid) {
+				return true;
+			}
+		}
+#endif
+	}
+	return false;
+}
+
+static const char *resolve_hostname (const char *string)
+{
+	/*
+	 * Resolve hostname to numeric IP address, as suggested
+	 * by Dave Hagewood <admin@arrowweb.com>.  --marekm
+	 */
+	struct hostent *hp;
+
+	hp = gethostbyname (string);
+	if (NULL != hp) {
+		return inet_ntoa (*((struct in_addr *) *(hp->h_addr_list)));
+	}
+
+	SYSLOG ((LOG_ERR, "%s - unknown host", string));
+	return string;
+}
+
+/* from_match - match a host or tty against a list of tokens */
+
+static bool from_match (const char *tok, const char *string)
+{
+	size_t tok_len;
+
+	/*
+	 * If a token has the magic value "ALL" the match always succeeds. Return
+	 * true if the token fully matches the string. If the token is a domain
+	 * name, return true if it matches the last fields of the string. If the
+	 * token has the magic value "LOCAL", return true if the string does not
+	 * contain a "." character. If the token is a network number, return true
+	 * if it matches the head of the string.
+	 */
+#if HAVE_INNETGR
+	if (tok[0] == '@') {	/* netgroup */
+		return (netgroup_match (tok + 1, string, (char *) 0));
+	} else
+#endif
+	if (string_match (tok, string)) {	/* ALL or exact match */
+		return true;
+	} else if (tok[0] == '.') {	/* domain: match last fields */
+		size_t str_len;
+		str_len = strlen (string);
+		tok_len = strlen (tok);
+		if (   (str_len > tok_len)
+		    && (strcasecmp (tok, string + str_len - tok_len) == 0)) {
+			return true;
+		}
+	} else if (strcasecmp (tok, "LOCAL") == 0) {	/* local: no dots */
+		if (strchr (string, '.') == NULL) {
+			return true;
+		}
+	} else if (   (tok[(tok_len = strlen (tok)) - 1] == '.') /* network */
+		   && (strncmp (tok, resolve_hostname (string), tok_len) == 0)) {
+		return true;
+	}
+	return false;
+}
+
+/* string_match - match a string against one token */
+static bool string_match (const char *tok, const char *string)
+{
+
+	/*
+	 * If the token has the magic value "ALL" the match always succeeds.
+	 * Otherwise, return true if the token fully matches the string.
+	 */
+	if (strcasecmp (tok, "ALL") == 0) {	/* all: always matches */
+		return true;
+	} else if (strcasecmp (tok, string) == 0) {	/* try exact match */
+		return true;
+	}
+	return false;
+}
+
+#else				/* !USE_PAM */
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/* !USE_PAM */
diff --git a/src/logoutd.c b/src/logoutd.c
new file mode 100644
index 0000000..1503a74
--- /dev/null
+++ b/src/logoutd.c
@@ -0,0 +1,299 @@
+/*
+ * Copyright (c) 1991 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include "defines.h"
+#include "prototypes.h"
+/*
+ * Global variables
+ */
+const char *Prog;
+
+#ifndef DEFAULT_HUP_MESG
+#define DEFAULT_HUP_MESG _("login time exceeded\n\n")
+#endif
+
+#ifndef HUP_MESG_FILE
+#define HUP_MESG_FILE "/etc/logoutd.mesg"
+#endif
+
+/* local function prototypes */
+#ifdef USE_UTMPX
+static int check_login (const struct utmpx *ut);
+#else				/* !USE_UTMPX */
+static int check_login (const struct utmp *ut);
+#endif				/* !USE_UTMPX */
+static void send_mesg_to_tty (int tty_fd);
+
+/*
+ * check_login - check if user (struct utmpx/utmp) allowed to stay logged in
+ */
+#ifdef USE_UTMPX
+static int check_login (const struct utmpx *ut)
+#else				/* !USE_UTMPX */
+static int check_login (const struct utmp *ut)
+#endif				/* !USE_UTMPX */
+{
+	char user[sizeof (ut->ut_user) + 1];
+	time_t now;
+
+	/*
+	 * ut_user may not have the terminating NUL.
+	 */
+	strncpy (user, ut->ut_user, sizeof (ut->ut_user));
+	user[sizeof (ut->ut_user)] = '\0';
+
+	(void) time (&now);
+
+	/*
+	 * Check if they are allowed to be logged in right now.
+	 */
+	if (!isttytime (user, ut->ut_line, now)) {
+		return 0;
+	}
+	return 1;
+}
+
+
+static void send_mesg_to_tty (int tty_fd)
+{
+	TERMIO oldt, newt;
+	FILE *mesg_file, *tty_file;
+	bool is_tty;
+
+	tty_file = fdopen (tty_fd, "w");
+	if (NULL == tty_file) {
+		return;
+	}
+
+	is_tty = (GTTY (tty_fd, &oldt) == 0);
+	if (is_tty) {
+		/* Suggested by Ivan Nejgebauar <ian@unsux.ns.ac.yu>:
+		   set OPOST before writing the message. */
+		newt = oldt;
+		newt.c_oflag |= OPOST;
+		STTY (tty_fd, &newt);
+	}
+
+	mesg_file = fopen (HUP_MESG_FILE, "r");
+	if (NULL != mesg_file) {
+		int c;
+		while ((c = getc (mesg_file)) != EOF) {
+			if (c == '\n') {
+				putc ('\r', tty_file);
+			}
+			putc (c, tty_file);
+		}
+		fclose (mesg_file);
+	} else {
+		fputs (DEFAULT_HUP_MESG, tty_file);
+	}
+	fflush (tty_file);
+	fclose (tty_file);
+
+	if (is_tty) {
+		STTY (tty_fd, &oldt);
+	}
+}
+
+
+/*
+ * logoutd - logout daemon to enforce /etc/porttime file policy
+ *
+ *	logoutd is started at system boot time and enforces the login
+ *	time and port restrictions specified in /etc/porttime. The
+ *	utmpx/utmp file is periodically scanned and offending users are logged
+ *	off from the system.
+ */
+int main (int argc, char **argv)
+{
+	int i;
+	int status;
+	pid_t pid;
+
+#ifdef USE_UTMPX
+	struct utmpx *ut;
+#else				/* !USE_UTMPX */
+	struct utmp *ut;
+#endif				/* !USE_UTMPX */
+	char user[sizeof (ut->ut_user) + 1];	/* terminating NUL */
+	char tty_name[sizeof (ut->ut_line) + 6];	/* /dev/ + NUL */
+	int tty_fd;
+
+	if (1 != argc) {
+		(void) fputs (_("Usage: logoutd\n"), stderr);
+	}
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+#ifndef DEBUG
+	for (i = 0; close (i) == 0; i++);
+
+	setpgrp ();
+
+	/*
+	 * Put this process in the background.
+	 */
+	pid = fork ();
+	if (pid > 0) {
+		/* parent */
+		exit (EXIT_SUCCESS);
+	} else if (pid < 0) {
+		/* error */
+		perror ("fork");
+		exit (EXIT_FAILURE);
+	}
+#endif				/* !DEBUG */
+
+	/*
+	 * Start syslogging everything
+	 */
+	Prog = Basename (argv[0]);
+
+	OPENLOG ("logoutd");
+
+	/*
+	 * Scan the utmpx/utmp file once per minute looking for users that
+	 * are not supposed to still be logged in.
+	 */
+	while (true) {
+
+		/* 
+		 * Attempt to re-open the utmpx/utmp file. The file is only
+		 * open while it is being used.
+		 */
+#ifdef USE_UTMPX
+		setutxent ();
+#else				/* !USE_UTMPX */
+		setutent ();
+#endif				/* !USE_UTMPX */
+
+		/*
+		 * Read all of the entries in the utmpx/utmp file. The entries
+		 * for login sessions will be checked to see if the user
+		 * is permitted to be signed on at this time.
+		 */
+#ifdef USE_UTMPX
+		while ((ut = getutxent ()) != NULL)
+#else				/* !USE_UTMPX */
+		while ((ut = getutent ()) != NULL)
+#endif				/* !USE_UTMPX */
+		{
+			if (ut->ut_type != USER_PROCESS) {
+				continue;
+			}
+			if (ut->ut_user[0] == '\0') {
+				continue;
+			}
+			if (check_login (ut)) {
+				continue;
+			}
+
+			/*
+			 * Put the rest of this in a child process. This
+			 * keeps the scan from waiting on other ports to die.
+			 */
+
+			pid = fork ();
+			if (pid > 0) {
+				/* parent */
+				continue;
+			} else if (pid < 0) {
+				/* failed - give up until the next scan */
+				break;
+			}
+			/* child */
+
+			if (strncmp (ut->ut_line, "/dev/", 5) != 0) {
+				strcpy (tty_name, "/dev/");
+			} else {
+				tty_name[0] = '\0';
+			}
+
+			strcat (tty_name, ut->ut_line);
+#ifndef O_NOCTTY
+#define O_NOCTTY 0
+#endif
+			tty_fd =
+			    open (tty_name, O_WRONLY | O_NDELAY | O_NOCTTY);
+			if (tty_fd != -1) {
+				send_mesg_to_tty (tty_fd);
+				close (tty_fd);
+				sleep (10);
+			}
+
+			if (ut->ut_pid > 1) {
+				kill (-ut->ut_pid, SIGHUP);
+				sleep (10);
+				kill (-ut->ut_pid, SIGKILL);
+			}
+
+			strncpy (user, ut->ut_user, sizeof (user) - 1);
+			user[sizeof (user) - 1] = '\0';
+
+			SYSLOG ((LOG_NOTICE,
+				 "logged off user '%s' on '%s'", user,
+				 tty_name));
+
+			/*
+			 * This child has done all it can, drop dead.
+			 */
+			exit (EXIT_SUCCESS);
+		}
+
+#ifdef USE_UTMPX
+		endutxent ();
+#else				/* !USE_UTMPX */
+		endutent ();
+#endif				/* !USE_UTMPX */
+
+#ifndef DEBUG
+		sleep (60);
+#endif
+		/*
+		 * Reap any dead babies ...
+		 */
+		while (wait (&status) != -1);
+	}
+
+	return EXIT_FAILURE;
+}
+
diff --git a/src/newgidmap.c b/src/newgidmap.c
new file mode 100644
index 0000000..b1e3351
--- /dev/null
+++ b/src/newgidmap.c
@@ -0,0 +1,186 @@
+/*
+ * Copyright (c) 2013 Eric Biederman
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <stdbool.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include "defines.h"
+#include "prototypes.h"
+#include "subordinateio.h"
+#include "idmapping.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool verify_range(struct passwd *pw, struct map_range *range)
+{
+	/* An empty range is invalid */
+	if (range->count == 0)
+		return false;
+
+	/* Test /etc/subgid */
+	if (have_sub_gids(pw->pw_name, range->lower, range->count))
+		return true;
+
+	/* Allow a process to map its own gid */
+	if ((range->count == 1) && (pw->pw_gid == range->lower))
+		return true;
+
+	return false;
+}
+
+static void verify_ranges(struct passwd *pw, int ranges,
+	struct map_range *mappings)
+{
+	struct map_range *mapping;
+	int idx;
+
+	mapping = mappings;
+	for (idx = 0; idx < ranges; idx++, mapping++) {
+		if (!verify_range(pw, mapping)) {
+			fprintf(stderr, _( "%s: gid range [%lu-%lu) -> [%lu-%lu) not allowed\n"),
+				Prog,
+				mapping->upper,
+				mapping->upper + mapping->count,
+				mapping->lower,
+				mapping->lower + mapping->count);
+			exit(EXIT_FAILURE);
+		}
+	}
+}
+
+static void usage(void)
+{
+	fprintf(stderr, _("usage: %s <pid> <gid> <lowergid> <count> [ <gid> <lowergid> <count> ] ... \n"), Prog);
+	exit(EXIT_FAILURE);
+}
+
+/*
+ * newgidmap - Set the gid_map for the specified process
+ */
+int main(int argc, char **argv)
+{
+	char proc_dir_name[32];
+	char *target_str;
+	pid_t target, parent;
+	int proc_dir_fd;
+	int ranges;
+	struct map_range *mappings;
+	struct stat st;
+	struct passwd *pw;
+	int written;
+
+	Prog = Basename (argv[0]);
+
+	/*
+	 * The valid syntax are
+	 * newgidmap target_pid
+	 */
+	if (argc < 2)
+		usage();
+
+	/* Find the process that needs its user namespace
+	 * gid mapping set.
+	 */
+	target_str = argv[1];
+	if (!get_pid(target_str, &target))
+		usage();
+
+	/* max string length is 6 + 10 + 1 + 1 = 18, allocate 32 bytes */
+	written = snprintf(proc_dir_name, sizeof(proc_dir_name), "/proc/%u/",
+		target);
+	if ((written <= 0) || (written >= sizeof(proc_dir_name))) {
+		fprintf(stderr, "%s: snprintf of proc path failed: %s\n",
+			Prog, strerror(errno));
+	}
+
+	proc_dir_fd = open(proc_dir_name, O_DIRECTORY);
+	if (proc_dir_fd < 0) {
+		fprintf(stderr, _("%s: Could not open proc directory for target %u\n"),
+			Prog, target);
+		return EXIT_FAILURE;
+	}
+
+	/* Who am i? */
+	pw = get_my_pwent ();
+	if (NULL == pw) {
+		fprintf (stderr,
+			_("%s: Cannot determine your user name.\n"),
+			Prog);
+		SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
+				(unsigned long) getuid ()));
+		return EXIT_FAILURE;
+	}
+	
+	/* Get the effective uid and effective gid of the target process */
+	if (fstat(proc_dir_fd, &st) < 0) {
+		fprintf(stderr, _("%s: Could not stat directory for target %u\n"),
+			Prog, target);
+		return EXIT_FAILURE;
+	}
+
+	/* Verify real user and real group matches the password entry
+	 * and the effective user and group of the program whose
+	 * mappings we have been asked to set.
+	 */
+	if ((getuid() != pw->pw_uid) ||
+	    (getgid() != pw->pw_gid) ||
+	    (pw->pw_uid != st.st_uid) ||
+	    (pw->pw_gid != st.st_gid)) {
+		fprintf(stderr, _( "%s: Target %u is owned by a different user: uid:%lu pw_uid:%lu st_uid:%lu, gid:%lu pw_gid:%lu st_gid:%lu\n" ),
+			Prog, target,
+			(unsigned long int)getuid(), (unsigned long int)pw->pw_uid, (unsigned long int)st.st_uid,
+			(unsigned long int)getgid(), (unsigned long int)pw->pw_gid, (unsigned long int)st.st_gid);
+		return EXIT_FAILURE;
+	}
+
+	if (!sub_gid_open(O_RDONLY)) {
+		return EXIT_FAILURE;
+	}
+
+	ranges = ((argc - 2) + 2) / 3;
+	mappings = get_map_ranges(ranges, argc - 2, argv + 2);
+	if (!mappings)
+		usage();
+
+	verify_ranges(pw, ranges, mappings);
+
+	write_mapping(proc_dir_fd, ranges, mappings, "gid_map");
+	sub_gid_close();
+
+	return EXIT_SUCCESS;
+}
diff --git a/src/newgrp.c b/src/newgrp.c
new file mode 100644
index 0000000..b8d3ddc
--- /dev/null
+++ b/src/newgrp.c
@@ -0,0 +1,853 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <errno.h>
+#include <grp.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <assert.h>
+#include "defines.h"
+#include "getdef.h"
+#include "prototypes.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+extern char **newenvp;
+extern char **environ;
+
+#ifdef HAVE_SETGROUPS
+static int ngroups;
+static /*@null@*/ /*@only@*/GETGROUPS_T *grouplist;
+#endif
+
+static bool is_newgrp;
+
+#ifdef WITH_AUDIT
+static char audit_buf[80];
+#endif
+
+/* local function prototypes */
+static void usage (void);
+static void check_perms (const struct group *grp,
+                         struct passwd *pwd,
+                         const char *groupname);
+static void syslog_sg (const char *name, const char *group);
+
+/*
+ * usage - print command usage message
+ */
+static void usage (void)
+{
+	if (is_newgrp) {
+		(void) fputs (_("Usage: newgrp [-] [group]\n"), stderr);
+	} else {
+		(void) fputs (_("Usage: sg group [[-c] command]\n"), stderr);
+	}
+}
+
+/*
+ * find_matching_group - search all groups of a given group id for
+ *                       membership of a given username
+ */
+static /*@null@*/struct group *find_matching_group (const char *name, gid_t gid)
+{
+	struct group *gr;
+	char **look;
+	bool notfound = true;
+
+	setgrent ();
+	while ((gr = getgrent ()) != NULL) {
+		if (gr->gr_gid != gid) {
+			continue;
+		}
+
+		/*
+		 * A group with matching GID was found.
+		 * Test for membership of 'name'.
+		 */
+		look = gr->gr_mem;
+		while ((NULL != *look) && notfound) {
+			notfound = (strcmp (*look, name) != 0);
+			look++;
+		}
+		if (!notfound) {
+			break;
+		}
+	}
+	endgrent ();
+	return gr;
+}
+
+/*
+ * check_perms - check if the user is allowed to switch to this group
+ *
+ *	If needed, the user will be authenticated.
+ *
+ *	It will not return if the user could not be authenticated.
+ */
+static void check_perms (const struct group *grp,
+                         struct passwd *pwd,
+                         const char *groupname)
+{
+	bool needspasswd = false;
+	struct spwd *spwd;
+	char *cp;
+	const char *cpasswd;
+
+	/*
+	 * see if she is a member of this group (i.e. in the list of
+	 * members of the group, or if the group is her primary group).
+	 *
+	 * If she isn't a member, she needs to provide the group password.
+	 * If there is no group password, she will be denied access
+	 * anyway.
+	 *
+	 */
+	if (   (grp->gr_gid != pwd->pw_gid)
+	    && !is_on_list (grp->gr_mem, pwd->pw_name)) {
+		needspasswd = true;
+	}
+
+	/*
+	 * If she does not have either a shadowed password, or a regular
+	 * password, and the group has a password, she needs to give the
+	 * group password.
+	 */
+	spwd = xgetspnam (pwd->pw_name);
+	if (NULL != spwd) {
+		pwd->pw_passwd = spwd->sp_pwdp;
+	}
+
+	if ((pwd->pw_passwd[0] == '\0') && (grp->gr_passwd[0] != '\0')) {
+		needspasswd = true;
+	}
+
+	/*
+	 * Now I see about letting her into the group she requested. If she
+	 * is the root user, I'll let her in without having to prompt for
+	 * the password. Otherwise I ask for a password if she flunked one
+	 * of the tests above.
+	 */
+	if ((getuid () != 0) && needspasswd) {
+		/*
+		 * get the password from her, and set the salt for
+		 * the decryption from the group file.
+		 */
+		cp = getpass (_("Password: "));
+		if (NULL == cp) {
+			goto failure;
+		}
+
+		/*
+		 * encrypt the key she gave us using the salt from the
+		 * password in the group file. The result of this encryption
+		 * must match the previously encrypted value in the file.
+		 */
+		cpasswd = pw_encrypt (cp, grp->gr_passwd);
+		strzero (cp);
+
+		if (NULL == cpasswd) {
+			fprintf (stderr,
+			         _("%s: failed to crypt password with previous salt: %s\n"),
+			         Prog, strerror (errno));
+			SYSLOG ((LOG_INFO,
+			         "Failed to crypt password with previous salt of group '%s'",
+			         groupname));
+			goto failure;
+		}
+
+		if (grp->gr_passwd[0] == '\0' ||
+		    strcmp (cpasswd, grp->gr_passwd) != 0) {
+#ifdef WITH_AUDIT
+			snprintf (audit_buf, sizeof(audit_buf),
+			          "authentication new-gid=%lu",
+			          (unsigned long) grp->gr_gid);
+			audit_logger (AUDIT_GRP_AUTH, Prog,
+			              audit_buf, NULL,
+			              (unsigned int) getuid (), 0);
+#endif
+			SYSLOG ((LOG_INFO,
+				 "Invalid password for group '%s' from '%s'",
+				 groupname, pwd->pw_name));
+			(void) sleep (1);
+			(void) fputs (_("Invalid password.\n"), stderr);
+			goto failure;
+		}
+#ifdef WITH_AUDIT
+		snprintf (audit_buf, sizeof(audit_buf),
+		          "authentication new-gid=%lu",
+		          (unsigned long) grp->gr_gid);
+		audit_logger (AUDIT_GRP_AUTH, Prog,
+		              audit_buf, NULL,
+		              (unsigned int) getuid (), 1);
+#endif
+	}
+
+	return;
+
+failure:
+	/* The closelog is probably unnecessary, but it does no
+	 * harm.  -- JWP
+	 */
+	closelog ();
+#ifdef WITH_AUDIT
+	if (groupname) {
+		snprintf (audit_buf, sizeof(audit_buf),
+		          "changing new-group=%s", groupname);
+		audit_logger (AUDIT_CHGRP_ID, Prog,
+		              audit_buf, NULL,
+		              (unsigned int) getuid (), 0);
+	} else {
+		audit_logger (AUDIT_CHGRP_ID, Prog,
+		              "changing", NULL,
+		              (unsigned int) getuid (), 0);
+	}
+#endif
+	exit (EXIT_FAILURE);
+}
+
+#ifdef USE_SYSLOG
+/*
+ * syslog_sg - log the change of group to syslog
+ *
+ *	The loggout will also be logged when the user will quit the
+ *	sg/newgrp session.
+ */
+static void syslog_sg (const char *name, const char *group)
+{
+	const char *loginname = getlogin ();
+	const char *tty = ttyname (0);
+	char *free_login = NULL, *free_tty = NULL;
+
+	if (loginname != NULL) {
+		free_login = xstrdup (loginname);
+		loginname = free_login;
+	}
+	if (tty != NULL) {
+		free_tty = xstrdup (tty);
+		tty = free_tty;
+	}
+
+	if (loginname == NULL) {
+		loginname = "???";
+	}
+	if (tty == NULL) {
+		tty = "???";
+	} else if (strncmp (tty, "/dev/", 5) == 0) {
+		tty += 5;
+	}
+	SYSLOG ((LOG_INFO,
+		 "user '%s' (login '%s' on %s) switched to group '%s'",
+		 name, loginname, tty, group));
+#ifdef USE_PAM
+	/*
+	 * We want to fork and exec the new shell in the child, leaving the
+	 * parent waiting to log the session close.
+	 *
+	 * The parent must ignore signals generated from the console
+	 * (SIGINT, SIGQUIT, SIGHUP) which might make the parent terminate
+	 * before its child. When bash is exec'ed as the subshell, it
+	 * generates a new process group id for itself, and consequently
+	 * only SIGHUP, which is sent to all process groups in the session,
+	 * can reach the parent. However, since arbitrary programs can be
+	 * specified as login shells, there is no such guarantee in general.
+	 * For the same reason, we must also ignore stop signals generated
+	 * from the console (SIGTSTP, SIGTTIN, and SIGTTOU) in order to
+	 * avoid any possibility of the parent being stopped when it
+	 * receives SIGCHLD from the terminating subshell.  -- JWP
+	 */
+	{
+		pid_t child;
+
+		/* Ignore these signals. The signal handlers will later be
+		 * restored to the default handlers. */
+		(void) signal (SIGINT, SIG_IGN);
+		(void) signal (SIGQUIT, SIG_IGN);
+		(void) signal (SIGHUP, SIG_IGN);
+		(void) signal (SIGTSTP, SIG_IGN);
+		(void) signal (SIGTTIN, SIG_IGN);
+		(void) signal (SIGTTOU, SIG_IGN);
+		child = fork ();
+		if ((pid_t)-1 == child) {
+			/* error in fork() */
+			fprintf (stderr, _("%s: failure forking: %s\n"),
+				 is_newgrp ? "newgrp" : "sg", strerror (errno));
+#ifdef WITH_AUDIT
+			if (group) {
+				snprintf (audit_buf, sizeof(audit_buf),
+				          "changing new-group=%s", group);
+				audit_logger (AUDIT_CHGRP_ID, Prog,
+				              audit_buf, NULL,
+				              (unsigned int) getuid (), 0);
+			} else {
+				audit_logger (AUDIT_CHGRP_ID, Prog,
+				              "changing", NULL,
+				              (unsigned int) getuid (), 0);
+			}
+#endif
+			exit (EXIT_FAILURE);
+		} else if (child != 0) {
+			/* parent - wait for child to finish, then log session close */
+			int cst = 0;
+			gid_t gid = getgid();
+			struct group *grp = getgrgid (gid);
+			pid_t pid;
+
+			do {
+				errno = 0;
+				pid = waitpid (child, &cst, WUNTRACED);
+				if ((pid == child) && (WIFSTOPPED (cst) != 0)) {
+					/* The child (shell) was suspended.
+					 * Suspend sg/newgrp. */
+					kill (getpid (), SIGSTOP);
+					/* wake child when resumed */
+					kill (child, SIGCONT);
+				}
+			} while (   ((pid == child) && (WIFSTOPPED (cst) != 0))
+			         || ((pid != child) && (errno == EINTR)));
+			/* local, no need for xgetgrgid */
+			if (NULL != grp) {
+				SYSLOG ((LOG_INFO,
+				         "user '%s' (login '%s' on %s) returned to group '%s'",
+				         name, loginname, tty, grp->gr_name));
+			} else {
+				SYSLOG ((LOG_INFO,
+				         "user '%s' (login '%s' on %s) returned to group '%lu'",
+				         name, loginname, tty,
+				         (unsigned long) gid));
+				/* Either the user's passwd entry has a
+				 * GID that does not match with any group,
+				 * or the group was deleted while the user
+				 * was in a newgrp session.*/
+				SYSLOG ((LOG_WARN,
+				         "unknown GID '%lu' used by user '%s'",
+				         (unsigned long) gid, name));
+			}
+			closelog ();
+			exit ((0 != WIFEXITED (cst)) ? WEXITSTATUS (cst)
+			                             : WTERMSIG (cst) + 128);
+		}
+
+		/* child - restore signals to their default state */
+		(void) signal (SIGINT, SIG_DFL);
+		(void) signal (SIGQUIT, SIG_DFL);
+		(void) signal (SIGHUP, SIG_DFL);
+		(void) signal (SIGTSTP, SIG_DFL);
+		(void) signal (SIGTTIN, SIG_DFL);
+		(void) signal (SIGTTOU, SIG_DFL);
+	}
+#endif				/* USE_PAM */
+	free(free_login);
+	free(free_tty);
+}
+#endif				/* USE_SYSLOG */
+
+/*
+ * newgrp - change the invokers current real and effective group id
+ */
+int main (int argc, char **argv)
+{
+	bool initflag = false;
+	int i;
+	bool cflag = false;
+	int err = 0;
+	gid_t gid;
+	char *cp;
+	const char *name, *prog;
+	char *group = NULL;
+	char *command = NULL;
+	char **envp = environ;
+	struct passwd *pwd;
+	/*@null@*/struct group *grp;
+
+#ifdef SHADOWGRP
+	struct sgrp *sgrp;
+#endif
+
+#ifdef WITH_AUDIT
+	audit_help_open ();
+#endif
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	/*
+	 * Save my name for error messages and save my real gid incase of
+	 * errors. If there is an error i have to exec a new login shell for
+	 * the user since her old shell won't have fork'd to create the
+	 * process. Skip over the program name to the next command line
+	 * argument.
+	 *
+	 * This historical comment, and the code itself, suggest that the
+	 * behavior of the system/shell on which it was written differed
+	 * significantly from the one I am using. If this process was
+	 * started from a shell (including the login shell), it was fork'ed
+	 * and exec'ed as a child by that shell. In order to get the user
+	 * back to that shell, it is only necessary to exit from this
+	 * process which terminates the child of the fork. The parent shell,
+	 * which is blocked waiting for a signal, will then receive a
+	 * SIGCHLD and will continue; any changes made to the process
+	 * persona or the environment after the fork never occurred in the
+	 * parent process.
+	 *
+	 * Bottom line: we want to save the name and real gid for messages,
+	 * but we do not need to restore the previous process persona and we
+	 * don't need to re-exec anything.  -- JWP
+	 */
+	Prog = Basename (argv[0]);
+	is_newgrp = (strcmp (Prog, "newgrp") == 0);
+	OPENLOG (is_newgrp ? "newgrp" : "sg");
+	gid = getgid ();
+	argc--;
+	argv++;
+
+	initenv ();
+
+	pwd = get_my_pwent ();
+	if (NULL == pwd) {
+		fprintf (stderr, _("%s: Cannot determine your user name.\n"),
+		         Prog);
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_CHGRP_ID, Prog,
+		              "changing", NULL,
+		              (unsigned int) getuid (), 0);
+#endif
+		SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
+		         (unsigned long) getuid ()));
+		closelog ();
+		exit (EXIT_FAILURE);
+	}
+	name = pwd->pw_name;
+
+	/*
+	 * Parse the command line. There are two accepted flags. The first
+	 * is "-", which for newgrp means to re-create the entire
+	 * environment as though a login had been performed, and "-c", which
+	 * for sg causes a command string to be executed.
+	 *
+	 * The next argument, if present, must be the new group name. Any
+	 * remaining remaining arguments will be used to execute a command
+	 * as the named group. If the group name isn't present, I just use
+	 * the login group ID of the current user.
+	 *
+	 * The valid syntax are
+	 *      newgrp [-] [groupid]
+	 *      newgrp [-l] [groupid]
+	 *      sg [-]
+	 *      sg [-] groupid [[-c command]
+	 */
+	if (   (argc > 0)
+	    && (   (strcmp (argv[0], "-")  == 0)
+	        || (strcmp (argv[0], "-l") == 0))) {
+		argc--;
+		argv++;
+		initflag = true;
+	}
+	if (!is_newgrp) {
+		/* 
+		 * Do the command line for everything that is
+		 * not "newgrp".
+		 */
+		if ((argc > 0) && (argv[0][0] != '-')) {
+			group = argv[0];
+			argc--;
+			argv++;
+		} else {
+			usage ();
+			closelog ();
+			exit (EXIT_FAILURE);
+		}
+		if (argc > 0) {
+
+			/*
+			 * skip -c if specified so both forms work:
+			 * "sg group -c command" (as in the man page) or
+			 * "sg group command" (as in the usage message).
+			 */
+			if ((argc > 1) && (strcmp (argv[0], "-c") == 0)) {
+				command = argv[1];
+			} else {
+				command = argv[0];
+			}
+			cflag = true;
+		}
+	} else {
+		/*
+		 * Do the command line for "newgrp". It's just making sure
+		 * there aren't any flags and getting the new group name.
+		 */
+		if ((argc > 0) && (argv[0][0] == '-')) {
+			usage ();
+			goto failure;
+		} else if (argv[0] != (char *) 0) {
+			group = argv[0];
+		} else {
+			/*
+			 * get the group file entry for her login group id. 
+			 * the entry must exist, simply to be annoying.
+			 *
+			 * Perhaps in the past, but the default behavior now depends on the
+			 * group entry, so it had better exist.  -- JWP
+			 */
+			grp = xgetgrgid (pwd->pw_gid);
+			if (NULL == grp) {
+				fprintf (stderr,
+				         _("%s: GID '%lu' does not exist\n"),
+				         Prog, (unsigned long) pwd->pw_gid);
+				SYSLOG ((LOG_CRIT, "GID '%lu' does not exist",
+				        (unsigned long) pwd->pw_gid));
+				goto failure;
+			} else {
+				group = grp->gr_name;
+			}
+		}
+	}
+
+#ifdef HAVE_SETGROUPS
+	/*
+	 * get the current users groupset. The new group will be added to
+	 * the concurrent groupset if there is room, otherwise you get a
+	 * nasty message but at least your real and effective group id's are
+	 * set.
+	 */
+	/* don't use getgroups(0, 0) - it doesn't work on some systems */
+	i = 16;
+	for (;;) {
+		grouplist = (GETGROUPS_T *) xmalloc (i * sizeof (GETGROUPS_T));
+		ngroups = getgroups (i, grouplist);
+		if (i > ngroups && !(ngroups == -1 && errno == EINVAL)) {
+			break;
+		}
+		/* not enough room, so try allocating a larger buffer */
+		free (grouplist);
+		i *= 2;
+	}
+	if (ngroups < 0) {
+		perror ("getgroups");
+#ifdef WITH_AUDIT
+		if (group) {
+			snprintf (audit_buf, sizeof(audit_buf),
+			          "changing new-group=%s", group);
+			audit_logger (AUDIT_CHGRP_ID, Prog,
+			              audit_buf, NULL,
+			              (unsigned int) getuid (), 0);
+		} else {
+			audit_logger (AUDIT_CHGRP_ID, Prog,
+			              "changing", NULL,
+			              (unsigned int) getuid (), 0);
+		}
+#endif
+		exit (EXIT_FAILURE);
+	}
+#endif				/* HAVE_SETGROUPS */
+
+	/*
+	 * now we put her in the new group. The password file entry for her
+	 * current user id has been gotten. If there was no optional group
+	 * argument she will have her real and effective group id set to the
+	 * set to the value from her password file entry.  
+	 *
+	 * If run as newgrp, or as sg with no command, this process exec's
+	 * an interactive subshell with the effective GID of the new group. 
+	 * If run as sg with a command, that command is exec'ed in this
+	 * subshell. When this process terminates, either because the user
+	 * exits, or the command completes, the parent of this process
+	 * resumes with the current GID.
+	 *
+	 * If a group is explicitly specified on the command line, the
+	 * interactive shell or command is run with that effective GID. 
+	 * Access will be denied if no entry for that group can be found in
+	 * /etc/group. If the current user name appears in the members list
+	 * for that group, access will be granted immediately; if not, the
+	 * user will be challenged for that group's password. If the
+	 * password response is incorrect, if the specified group does not
+	 * have a password, or if that group has been locked by gpasswd -R,
+	 * access will be denied. This is true even if the group specified
+	 * has the user's login GID (as shown in /etc/passwd). If no group
+	 * is explicitly specified on the command line, the effect is
+	 * exactly the same as if a group name matching the user's login GID
+	 * had been explicitly specified. Root, however, is never
+	 * challenged for passwords, and is always allowed access.
+	 *
+	 * The previous behavior was to allow access to the login group if
+	 * no explicit group was specified, irrespective of the group
+	 * control file(s). This behavior is usually not desirable. A user
+	 * wishing to return to the login group has only to exit back to the
+	 * login shell. Generating yet more shell levels in order to
+	 * provide a convenient "return" to the default group has the
+	 * undesirable side effects of confusing the user, scrambling the
+	 * history file, and consuming system resources. The default now is
+	 * to lock out such behavior. A sys admin can allow it by explicitly
+	 * including the user's name in the member list of the user's login
+	 * group.  -- JWP
+	 */
+	grp = getgrnam (group); /* local, no need for xgetgrnam */
+	if (NULL == grp) {
+		fprintf (stderr, _("%s: group '%s' does not exist\n"), Prog, group);
+		goto failure;
+	}
+
+	/*
+	 * For splitted groups (due to limitations of NIS), check all 
+	 * groups of the same GID like the requested group for
+	 * membership of the current user.
+	 */
+	grp = find_matching_group (name, grp->gr_gid);
+	if (NULL == grp) {
+		/*
+		 * No matching group found. As we already know that
+		 * the group exists, this happens only in the case
+		 * of a requested group where the user is not member.
+		 *
+		 * Re-read the group entry for further processing.
+		 */
+		grp = xgetgrnam (group);
+		assert (NULL != grp);
+	}
+#ifdef SHADOWGRP
+	sgrp = getsgnam (group);
+	if (NULL != sgrp) {
+		grp->gr_passwd = sgrp->sg_passwd;
+		grp->gr_mem = sgrp->sg_mem;
+	}
+#endif
+
+	/*
+	 * Check if the user is allowed to access this group.
+	 */
+	check_perms (grp, pwd, group);
+
+	/*
+	 * all successful validations pass through this point. The group id
+	 * will be set, and the group added to the concurrent groupset.
+	 */
+#ifdef	USE_SYSLOG
+	if (getdef_bool ("SYSLOG_SG_ENAB")) {
+		syslog_sg (name, group);
+	}
+#endif				/* USE_SYSLOG */
+
+	gid = grp->gr_gid;
+
+#ifdef HAVE_SETGROUPS
+	/*
+	 * I am going to try to add her new group id to her concurrent group
+	 * set. If the group id is already present i'll just skip this part. 
+	 * If the group doesn't fit, i'll complain loudly and skip this
+	 * part.
+	 */
+	for (i = 0; i < ngroups; i++) {
+		if (gid == grouplist[i]) {
+			break;
+		}
+	}
+	if (i == ngroups) {
+		if (ngroups >= sysconf (_SC_NGROUPS_MAX)) {
+			(void) fputs (_("too many groups\n"), stderr);
+		} else {
+			grouplist[ngroups++] = gid;
+			if (setgroups (ngroups, grouplist) != 0) {
+				perror ("setgroups");
+			}
+		}
+	}
+#endif
+
+	/*
+	 * Close all files before changing the user/group IDs.
+	 *
+	 * The needed structure should have been copied before, or
+	 * permission to read the database will be required.
+	 */
+	endspent ();
+#ifdef	SHADOWGRP
+	endsgent ();
+#endif
+	endpwent ();
+	endgrent ();
+
+	/*
+	 * Set the effective GID to the new group id and the effective UID
+	 * to the real UID. For root, this also sets the real GID to the
+	 * new group id.
+	 */
+	if (setgid (gid) != 0) {
+		perror ("setgid");
+#ifdef WITH_AUDIT
+		snprintf (audit_buf, sizeof(audit_buf),
+		          "changing new-gid=%lu", (unsigned long) gid);
+		audit_logger (AUDIT_CHGRP_ID, Prog,
+		              audit_buf, NULL,
+		              (unsigned int) getuid (), 0);
+#endif
+		exit (EXIT_FAILURE);
+	}
+
+	if (setuid (getuid ()) != 0) {
+		perror ("setuid");
+#ifdef WITH_AUDIT
+		snprintf (audit_buf, sizeof(audit_buf),
+		          "changing new-gid=%lu", (unsigned long) gid);
+		audit_logger (AUDIT_CHGRP_ID, Prog,
+		              audit_buf, NULL,
+		              (unsigned int) getuid (), 0);
+#endif
+		exit (EXIT_FAILURE);
+	}
+
+	/*
+	 * See if the "-c" flag was used. If it was, i just create a shell
+	 * command for her using the argument that followed the "-c" flag.
+	 */
+	if (cflag) {
+		closelog ();
+		execl (SHELL, "sh", "-c", command, (char *) 0);
+#ifdef WITH_AUDIT
+		snprintf (audit_buf, sizeof(audit_buf),
+		          "changing new-gid=%lu", (unsigned long) gid);
+		audit_logger (AUDIT_CHGRP_ID, Prog,
+		              audit_buf, NULL,
+		              (unsigned int) getuid (), 0);
+#endif
+		perror (SHELL);
+		exit ((errno == ENOENT) ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
+	}
+
+	/*
+	 * I have to get the pathname of her login shell. As a favor, i'll
+	 * try her environment for a $SHELL value first, and then try the
+	 * password file entry. Obviously this shouldn't be in the
+	 * restricted command directory since it could be used to leave the
+	 * restricted environment.
+	 *
+	 * Note that the following assumes this user's entry in /etc/passwd
+	 * does not have a chroot * prefix. If it does, the * will be copied
+	 * verbatim into the exec path. This is probably not an issue
+	 * because if this user is operating in a chroot jail, her entry in
+	 * the version of /etc/passwd that is accessible here should
+	 * probably never have a chroot shell entry (but entries for other
+	 * users might). If I have missed something, and this causes you a
+	 * problem, try using $SHELL as a workaround; also please notify me
+	 * at jparmele@wildbear.com -- JWP
+	 */
+	cp = getenv ("SHELL");
+	if (!initflag && (NULL != cp)) {
+		prog = cp;
+	} else if ((NULL != pwd->pw_shell) && ('\0' != pwd->pw_shell[0])) {
+		prog = pwd->pw_shell;
+	} else {
+		prog = SHELL;
+	}
+
+	/*
+	 * Now I try to find the basename of the login shell. This will
+	 * become argv[0] of the spawned command.
+	 */
+	cp = Basename ((char *) prog);
+
+	/*
+	 * Switch back to her home directory if i am doing login
+	 * initialization.
+	 */
+	if (initflag) {
+		if (chdir (pwd->pw_dir) != 0) {
+			perror ("chdir");
+		}
+
+		while (NULL != *envp) {
+			if (strncmp (*envp, "PATH=", 5) == 0 ||
+			    strncmp (*envp, "HOME=", 5) == 0 ||
+			    strncmp (*envp, "SHELL=", 6) == 0 ||
+			    strncmp (*envp, "TERM=", 5) == 0)
+				addenv (*envp, NULL);
+
+			envp++;
+		}
+	} else {
+		while (NULL != *envp) {
+			addenv (*envp, NULL);
+			envp++;
+		}
+	}
+
+#ifdef WITH_AUDIT
+	snprintf (audit_buf, sizeof(audit_buf), "changing new-gid=%lu",
+	          (unsigned long) gid);
+	audit_logger (AUDIT_CHGRP_ID, Prog,
+	              audit_buf, NULL,
+	              (unsigned int) getuid (), 1);
+#endif
+	/*
+	 * Exec the login shell and go away. We are trying to get back to
+	 * the previous environment which should be the user's login shell.
+	 */
+	err = shell (prog, initflag ? (char *) 0 : cp, newenvp);
+	exit ((err == ENOENT) ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
+	/*@notreached@*/
+      failure:
+
+	/*
+	 * The previous code, when run as newgrp, re-exec'ed the shell in
+	 * the current process with the original gid on error conditions. 
+	 * See the comment above. This historical behavior now has the
+	 * effect of creating unlogged extraneous shell layers when the
+	 * command line has an error or there is an authentication failure.
+	 * We now just want to exit with error status back to the parent
+	 * process. The closelog is probably unnecessary, but it does no
+	 * harm.  -- JWP
+	 */
+	closelog ();
+#ifdef WITH_AUDIT
+	if (NULL != group) {
+		snprintf (audit_buf, sizeof(audit_buf),
+		          "changing new-group=%s", group);
+		audit_logger (AUDIT_CHGRP_ID, Prog, 
+		              audit_buf, NULL,
+		              (unsigned int) getuid (), 0);
+	} else {
+		audit_logger (AUDIT_CHGRP_ID, Prog,
+		              "changing", NULL,
+		              (unsigned int) getuid (), 0);
+	}
+#endif
+	exit (EXIT_FAILURE);
+}
+
diff --git a/src/newuidmap.c b/src/newuidmap.c
new file mode 100644
index 0000000..1ba25e7
--- /dev/null
+++ b/src/newuidmap.c
@@ -0,0 +1,186 @@
+/*
+ * Copyright (c) 2013 Eric Biederman
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <stdbool.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include "defines.h"
+#include "prototypes.h"
+#include "subordinateio.h"
+#include "idmapping.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool verify_range(struct passwd *pw, struct map_range *range)
+{
+	/* An empty range is invalid */
+	if (range->count == 0)
+		return false;
+
+	/* Test /etc/subuid */
+	if (have_sub_uids(pw->pw_name, range->lower, range->count))
+		return true;
+
+	/* Allow a process to map its own uid */
+	if ((range->count == 1) && (pw->pw_uid == range->lower))
+		return true;
+
+	return false;
+}
+
+static void verify_ranges(struct passwd *pw, int ranges,
+	struct map_range *mappings)
+{
+	struct map_range *mapping;
+	int idx;
+
+	mapping = mappings;
+	for (idx = 0; idx < ranges; idx++, mapping++) {
+		if (!verify_range(pw, mapping)) {
+			fprintf(stderr, _( "%s: uid range [%lu-%lu) -> [%lu-%lu) not allowed\n"),
+				Prog,
+				mapping->upper,
+				mapping->upper + mapping->count,
+				mapping->lower,
+				mapping->lower + mapping->count);
+			exit(EXIT_FAILURE);
+		}
+	}
+}
+
+void usage(void)
+{
+	fprintf(stderr, _("usage: %s <pid> <uid> <loweruid> <count> [ <uid> <loweruid> <count> ] ... \n"), Prog);
+	exit(EXIT_FAILURE);
+}
+
+/*
+ * newuidmap - Set the uid_map for the specified process
+ */
+int main(int argc, char **argv)
+{
+	char proc_dir_name[32];
+	char *target_str;
+	pid_t target, parent;
+	int proc_dir_fd;
+	int ranges;
+	struct map_range *mappings;
+	struct stat st;
+	struct passwd *pw;
+	int written;
+
+	Prog = Basename (argv[0]);
+
+	/*
+	 * The valid syntax are
+	 * newuidmap target_pid
+	 */
+	if (argc < 2)
+		usage();
+
+	/* Find the process that needs its user namespace
+	 * uid mapping set.
+	 */
+	target_str = argv[1];
+	if (!get_pid(target_str, &target))
+		usage();
+
+	/* max string length is 6 + 10 + 1 + 1 = 18, allocate 32 bytes */
+	written = snprintf(proc_dir_name, sizeof(proc_dir_name), "/proc/%u/",
+		target);
+	if ((written <= 0) || (written >= sizeof(proc_dir_name))) {
+		fprintf(stderr, "%s: snprintf of proc path failed: %s\n",
+			Prog, strerror(errno));
+	}
+
+	proc_dir_fd = open(proc_dir_name, O_DIRECTORY);
+	if (proc_dir_fd < 0) {
+		fprintf(stderr, _("%s: Could not open proc directory for target %u\n"),
+			Prog, target);
+		return EXIT_FAILURE;
+	}
+
+	/* Who am i? */
+	pw = get_my_pwent ();
+	if (NULL == pw) {
+		fprintf (stderr,
+			_("%s: Cannot determine your user name.\n"),
+			Prog);
+		SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
+				(unsigned long) getuid ()));
+		return EXIT_FAILURE;
+	}
+	
+	/* Get the effective uid and effective gid of the target process */
+	if (fstat(proc_dir_fd, &st) < 0) {
+		fprintf(stderr, _("%s: Could not stat directory for target %u\n"),
+			Prog, target);
+		return EXIT_FAILURE;
+	}
+
+	/* Verify real user and real group matches the password entry
+	 * and the effective user and group of the program whose
+	 * mappings we have been asked to set.
+	 */
+	if ((getuid() != pw->pw_uid) ||
+	    (getgid() != pw->pw_gid) ||
+	    (pw->pw_uid != st.st_uid) ||
+	    (pw->pw_gid != st.st_gid)) {
+		fprintf(stderr, _( "%s: Target process %u is owned by a different user: uid:%lu pw_uid:%lu st_uid:%lu, gid:%lu pw_gid:%lu st_gid:%lu\n" ),
+			Prog, target,
+			(unsigned long int)getuid(), (unsigned long int)pw->pw_uid, (unsigned long int)st.st_uid,
+			(unsigned long int)getgid(), (unsigned long int)pw->pw_gid, (unsigned long int)st.st_gid);
+		return EXIT_FAILURE;
+	}
+
+	if (!sub_uid_open(O_RDONLY)) {
+		return EXIT_FAILURE;
+	}
+
+	ranges = ((argc - 2) + 2) / 3;
+	mappings = get_map_ranges(ranges, argc - 2, argv + 2);
+	if (!mappings)
+		usage();
+
+	verify_ranges(pw, ranges, mappings);
+
+	write_mapping(proc_dir_fd, ranges, mappings, "uid_map");
+	sub_uid_close();
+
+	return EXIT_SUCCESS;
+}
diff --git a/src/newusers.c b/src/newusers.c
new file mode 100644
index 0000000..c38aec4
--- /dev/null
+++ b/src/newusers.c
@@ -0,0 +1,1251 @@
+/*
+ * Copyright (c) 1990 - 1993, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ *	newusers - create users from a batch file
+ *
+ *	newusers creates a collection of entries in /etc/passwd
+ *	and related files by reading a passwd-format file and
+ *	adding entries in the related directories.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdio.h>
+#include <pwd.h>
+#include <grp.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <ctype.h>
+#include <errno.h>
+#include <string.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+#include "prototypes.h"
+#include "defines.h"
+#include "getdef.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "pwio.h"
+#include "sgroupio.h"
+#include "shadowio.h"
+#ifdef ENABLE_SUBIDS
+#include "subordinateio.h"
+#endif				/* ENABLE_SUBIDS */
+#include "chkname.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool rflg = false;	/* create a system account */
+#ifndef USE_PAM
+static /*@null@*//*@observer@*/char *crypt_method = NULL;
+#define cflg (NULL != crypt_method)
+#ifdef USE_SHA_CRYPT
+static bool sflg = false;
+static long sha_rounds = 5000;
+#endif				/* USE_SHA_CRYPT */
+#endif				/* !USE_PAM */
+
+static bool is_shadow;
+#ifdef SHADOWGRP
+static bool is_shadow_grp;
+static bool sgr_locked = false;
+#endif
+static bool pw_locked = false;
+static bool gr_locked = false;
+static bool spw_locked = false;
+#ifdef ENABLE_SUBIDS
+static bool is_sub_uid = false;
+static bool is_sub_gid = false;
+static bool sub_uid_locked = false;
+static bool sub_gid_locked = false;
+#endif				/* ENABLE_SUBIDS */
+
+/* local function prototypes */
+static void usage (int status);
+static void fail_exit (int);
+static int add_group (const char *, const char *, gid_t *, gid_t);
+static int get_user_id (const char *, uid_t *);
+static int add_user (const char *, uid_t, gid_t);
+#ifndef USE_PAM
+static int update_passwd (struct passwd *, const char *);
+#endif				/* !USE_PAM */
+static int add_passwd (struct passwd *, const char *);
+static void process_flags (int argc, char **argv);
+static void check_flags (void);
+static void check_perms (void);
+static void open_files (void);
+static void close_files (void);
+
+/*
+ * usage - display usage message and exit
+ */
+static void usage (int status)
+{
+	FILE *usageout = (EXIT_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+#ifndef USE_PAM
+	(void) fprintf (usageout,
+	                _("  -c, --crypt-method METHOD     the crypt method (one of %s)\n"),
+#ifndef USE_SHA_CRYPT
+	                "NONE DES MD5"
+#else				/* USE_SHA_CRYPT */
+	                "NONE DES MD5 SHA256 SHA512"
+#endif				/* USE_SHA_CRYPT */
+	               );
+#endif				/* !USE_PAM */
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -r, --system                  create system accounts\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+#ifndef USE_PAM
+#ifdef USE_SHA_CRYPT
+	(void) fputs (_("  -s, --sha-rounds              number of SHA rounds for the SHA*\n"
+	                "                                crypt algorithms\n"),
+	              usageout);
+#endif				/* USE_SHA_CRYPT */
+#endif				/* !USE_PAM */
+	(void) fputs ("\n", usageout);
+
+	exit (status);
+}
+
+/*
+ * fail_exit - undo as much as possible
+ */
+static void fail_exit (int code)
+{
+	if (spw_locked) {
+		if (spw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+			/* continue */
+		}
+	}
+	if (pw_locked) {
+		if (pw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+			/* continue */
+		}
+	}
+	if (gr_locked) {
+		if (gr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+			/* continue */
+		}
+	}
+#ifdef	SHADOWGRP
+	if (sgr_locked) {
+		if (sgr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+			/* continue */
+		}
+	}
+#endif
+#ifdef ENABLE_SUBIDS
+	if (sub_uid_locked) {
+		if (sub_uid_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
+			/* continue */
+		}
+	}
+	if (sub_gid_locked) {
+		if (sub_gid_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
+			/* continue */
+		}
+	}
+#endif				/* ENABLE_SUBIDS */
+
+	exit (code);
+}
+
+/*
+ * add_group - create a new group or add a user to an existing group
+ */
+static int add_group (const char *name, const char *gid, gid_t *ngid, uid_t uid)
+{
+	const struct group *grp;
+	struct group grent;
+	char *members[1];
+#ifdef SHADOWGRP
+	const struct sgrp *sg;
+#endif
+
+	/*
+	 * Start by seeing if the named group already exists. This will be
+	 * very easy to deal with if it does.
+	 */
+	grp = getgrnam (gid);
+	if (NULL == grp) {
+		grp = gr_locate (gid);
+	}
+	if (NULL != grp) {
+		/* The user will use this ID for her primary group */
+		*ngid = grp->gr_gid;
+		/* Don't check gshadow */
+		return 0;
+	}
+
+	if (isdigit (gid[0])) {
+		/*
+		 * The GID is a number, which means either this is a brand
+		 * new group, or an existing group.
+		 */
+
+		if (get_gid (gid, &grent.gr_gid) == 0) {
+			fprintf (stderr,
+			         _("%s: invalid group ID '%s'\n"),
+			         Prog, gid);
+			return -1;
+		}
+
+		/* Look in both the system database (getgrgid) and in the
+		 * internal database (gr_locate_gid), which may contain
+		 * uncommitted changes */
+		if (   (getgrgid ((gid_t) grent.gr_gid) != NULL)
+		    || (gr_locate_gid ((gid_t) grent.gr_gid) != NULL)) {
+			/* The user will use this ID for her
+			 * primary group */
+			*ngid = (gid_t) grent.gr_gid;
+			return 0;
+		}
+
+		/* Do not create groups with GID == (gid_t)-1 */
+		if (grent.gr_gid == (gid_t)-1) {
+			fprintf (stderr,
+			         _("%s: invalid group ID '%s'\n"),
+			         Prog, gid);
+			return -1;
+		}
+	} else {
+		/* The gid parameter can be "" or a name which is not
+		 * already the name of an existing group.
+		 * In both cases, figure out what group ID can be used.
+		 */
+		if (find_new_gid(rflg, &grent.gr_gid, &uid) < 0) {
+			return -1;
+		}
+	}
+
+	/*
+	 * Now I have all of the fields required to create the new group.
+	 */
+	if (('\0' != gid[0]) && (!isdigit (gid[0]))) {
+		grent.gr_name = xstrdup (gid);
+	} else {
+		grent.gr_name = xstrdup (name);
+/* FIXME: check if the group exists */
+	}
+
+	/* Check if this is a valid group name */
+	if (!is_valid_group_name (grent.gr_name)) {
+		fprintf (stderr,
+		         _("%s: invalid group name '%s'\n"),
+		         Prog, grent.gr_name);
+		free (grent.gr_name);
+		return -1;
+	}
+
+	grent.gr_passwd = "*";	/* XXX warning: const */
+	members[0] = NULL;
+	grent.gr_mem = members;
+
+	*ngid = grent.gr_gid;
+
+#ifdef SHADOWGRP
+	if (is_shadow_grp) {
+		sg = sgr_locate (grent.gr_name);
+
+		if (NULL != sg) {
+			fprintf (stderr,
+			         _("%s: group '%s' is a shadow group, but does not exist in /etc/group\n"),
+			         Prog, grent.gr_name);
+			return -1;
+		}
+	}
+#endif
+
+#ifdef SHADOWGRP
+	if (is_shadow_grp) {
+		struct sgrp sgrent;
+		char *admins[1];
+		sgrent.sg_name = grent.gr_name;
+		sgrent.sg_passwd = "*";	/* XXX warning: const */
+		grent.gr_passwd  = "x";	/* XXX warning: const */
+		admins[0] = NULL;
+		sgrent.sg_adm = admins;
+		sgrent.sg_mem = members;
+
+		if (sgr_update (&sgrent) == 0) {
+			return -1;
+		}
+	}
+#endif
+
+	if (gr_update (&grent) == 0) {
+		return -1;
+	}
+
+	return 0;
+}
+
+static int get_user_id (const char *uid, uid_t *nuid) {
+
+	/*
+	 * The first guess for the UID is either the numerical UID that the
+	 * caller provided, or the next available UID.
+	 */
+	if (isdigit (uid[0])) {
+		if ((get_uid (uid, nuid) == 0) || (*nuid == (uid_t)-1)) {
+			fprintf (stderr,
+			         _("%s: invalid user ID '%s'\n"),
+			         Prog, uid);
+			return -1;
+		}
+	} else {
+		if ('\0' != uid[0]) {
+			const struct passwd *pwd;
+			/* local, no need for xgetpwnam */
+			pwd = getpwnam (uid);
+			if (NULL == pwd) {
+				pwd = pw_locate (uid);
+			}
+
+			if (NULL != pwd) {
+				*nuid = pwd->pw_uid;
+			} else {
+				fprintf (stderr,
+				         _("%s: user '%s' does not exist\n"),
+				         Prog, uid);
+				return -1;
+			}
+		} else {
+			if (find_new_uid (rflg, nuid, NULL) < 0) {
+				return -1;
+			}
+		}
+	}
+
+	return 0;
+}
+
+/*
+ * add_user - create a new user ID
+ */
+static int add_user (const char *name, uid_t uid, gid_t gid)
+{
+	struct passwd pwent;
+
+	/* Check if this is a valid user name */
+	if (!is_valid_user_name (name)) {
+		fprintf (stderr,
+		         _("%s: invalid user name '%s'\n"),
+		         Prog, name);
+		return -1;
+	}
+
+	/*
+	 * I don't want to fill in the entire password structure members
+	 * JUST YET, since there is still more data to be added. So, I fill
+	 * in the parts that I have.
+	 */
+	pwent.pw_name = xstrdup (name);
+	pwent.pw_uid = uid;
+	pwent.pw_passwd = "x";	/* XXX warning: const */
+	pwent.pw_gid = gid;
+	pwent.pw_gecos = "";	/* XXX warning: const */
+	pwent.pw_dir = "";	/* XXX warning: const */
+	pwent.pw_shell = "";	/* XXX warning: const */
+
+	return (pw_update (&pwent) == 0) ? -1 : 0;
+}
+
+#ifndef USE_PAM
+/* 
+ * update_passwd - update the password in the passwd entry
+ *
+ * Return 0 if successful.
+ */
+static int update_passwd (struct passwd *pwd, const char *password)
+{
+	void *crypt_arg = NULL;
+	char *cp;
+	if (crypt_method != NULL) {
+#ifdef USE_SHA_CRYPT
+		if (sflg) {
+			crypt_arg = &sha_rounds;
+		}
+#endif
+	}
+
+	if ((crypt_method != NULL) && (0 == strcmp(crypt_method, "NONE"))) {
+		pwd->pw_passwd = (char *)password;
+	} else {
+		const char *salt = crypt_make_salt (crypt_method, crypt_arg);
+		cp = pw_encrypt (password, salt);
+		if (NULL == cp) {
+			fprintf (stderr,
+			         _("%s: failed to crypt password with salt '%s': %s\n"),
+			         Prog, salt, strerror (errno));
+			return 1;
+		}
+		pwd->pw_passwd = cp;
+	}
+
+	return 0;
+}
+#endif				/* !USE_PAM */
+
+/*
+ * add_passwd - add or update the encrypted password
+ */
+static int add_passwd (struct passwd *pwd, const char *password)
+{
+	const struct spwd *sp;
+	struct spwd spent;
+	char *cp;
+
+#ifndef USE_PAM
+	void *crypt_arg = NULL;
+	if (crypt_method != NULL) {
+#ifdef USE_SHA_CRYPT
+		if (sflg) {
+			crypt_arg = &sha_rounds;
+		}
+#endif				/* USE_SHA_CRYPT */
+	}
+
+	/*
+	 * In the case of regular password files, this is real easy - pwd
+	 * points to the entry in the password file. Shadow files are
+	 * harder since there are zillions of things to do ...
+	 */
+	if (!is_shadow) {
+		return update_passwd (pwd, password);
+	}
+#endif				/* USE_PAM */
+
+	/*
+	 * Do the first and easiest shadow file case. The user already
+	 * exists in the shadow password file.
+	 */
+	sp = spw_locate (pwd->pw_name);
+#ifndef USE_PAM
+	if (NULL != sp) {
+		spent = *sp;
+		if (   (NULL != crypt_method)
+		    && (0 == strcmp(crypt_method, "NONE"))) {
+			spent.sp_pwdp = (char *)password;
+		} else {
+			const char *salt = crypt_make_salt (crypt_method,
+			                                    crypt_arg);
+			cp = pw_encrypt (password, salt);
+			if (NULL == cp) {
+				fprintf (stderr,
+				         _("%s: failed to crypt password with salt '%s': %s\n"),
+				         Prog, salt, strerror (errno));
+				return 1;
+			}
+			spent.sp_pwdp = cp;
+		}
+		spent.sp_lstchg = (long) gettime () / SCALE;
+		if (0 == spent.sp_lstchg) {
+			/* Better disable aging than requiring a password
+			 * change */
+			spent.sp_lstchg = -1;
+		}
+		return (spw_update (&spent) == 0);
+	}
+
+	/*
+	 * Pick the next easiest case - the user has an encrypted password
+	 * which isn't equal to "x". The password was set to "x" earlier
+	 * when the entry was created, so this user would have to have had
+	 * the password set someplace else.
+	 */
+	if (strcmp (pwd->pw_passwd, "x") != 0) {
+		return update_passwd (pwd, password);
+	}
+#else				/* USE_PAM */
+	/*
+	 * If there is already a shadow entry, do not touch it.
+	 * If there is already a passwd entry with a password, do not
+	 * touch it.
+	 * The password will be updated later for all users using PAM.
+	 */
+	if (   (NULL != sp)
+	    || (strcmp (pwd->pw_passwd, "x") != 0)) {
+		return 0;
+	}
+#endif				/* USE_PAM */
+
+	/*
+	 * Now the really hard case - I need to create an entirely new
+	 * shadow password file entry.
+	 */
+	spent.sp_namp = pwd->pw_name;
+#ifndef USE_PAM
+	if ((crypt_method != NULL) && (0 == strcmp(crypt_method, "NONE"))) {
+		spent.sp_pwdp = (char *)password;
+	} else {
+		const char *salt = crypt_make_salt (crypt_method, crypt_arg);
+		cp = pw_encrypt (password, salt);
+		if (NULL == cp) {
+			fprintf (stderr,
+			         _("%s: failed to crypt password with salt '%s': %s\n"),
+			         Prog, salt, strerror (errno));
+			return 1;
+		}
+		spent.sp_pwdp = cp;
+	}
+#else
+	/*
+	 * Lock the password.
+	 * The password will be updated later for all users using PAM.
+	 */
+	spent.sp_pwdp = "!";
+#endif
+	spent.sp_lstchg = (long) gettime () / SCALE;
+	if (0 == spent.sp_lstchg) {
+		/* Better disable aging than requiring a password change */
+		spent.sp_lstchg = -1;
+	}
+	spent.sp_min    = getdef_num ("PASS_MIN_DAYS", 0);
+	/* 10000 is infinity this week */
+	spent.sp_max    = getdef_num ("PASS_MAX_DAYS", 10000);
+	spent.sp_warn   = getdef_num ("PASS_WARN_AGE", -1);
+	spent.sp_inact  = -1;
+	spent.sp_expire = -1;
+	spent.sp_flag   = SHADOW_SP_FLAG_UNSET;
+
+	return (spw_update (&spent) == 0);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ *	It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+	int c;
+	static struct option long_options[] = {
+#ifndef USE_PAM
+		{"crypt-method", required_argument, NULL, 'c'},
+#endif				/* !USE_PAM */
+		{"help",         no_argument,       NULL, 'h'},
+		{"system",       no_argument,       NULL, 'r'},
+		{"root",         required_argument, NULL, 'R'},
+#ifndef USE_PAM
+#ifdef USE_SHA_CRYPT
+		{"sha-rounds",   required_argument, NULL, 's'},
+#endif				/* USE_SHA_CRYPT */
+#endif				/* !USE_PAM */
+		{NULL, 0, NULL, '\0'}
+	};
+
+	while ((c = getopt_long (argc, argv,
+#ifndef USE_PAM
+#ifdef USE_SHA_CRYPT
+	                         "c:hrs:",
+#else				/* !USE_SHA_CRYPT */
+	                         "c:hr",
+#endif				/* !USE_SHA_CRYPT */
+#else				/* USE_PAM */
+	                         "hr",
+#endif
+	                         long_options, NULL)) != -1) {
+		switch (c) {
+#ifndef USE_PAM
+		case 'c':
+			crypt_method = optarg;
+			break;
+#endif				/* !USE_PAM */
+		case 'h':
+			usage (EXIT_SUCCESS);
+			break;
+		case 'r':
+			rflg = true;
+			break;
+		case 'R': /* no-op, handled in process_root_flag () */
+			break;
+#ifndef USE_PAM
+#ifdef USE_SHA_CRYPT
+		case 's':
+			sflg = true;
+			if (getlong(optarg, &sha_rounds) == 0) {
+				fprintf (stderr,
+				         _("%s: invalid numeric argument '%s'\n"),
+				         Prog, optarg);
+				usage (EXIT_FAILURE);
+			}
+			break;
+#endif				/* USE_SHA_CRYPT */
+#endif				/* !USE_PAM */
+		default:
+			usage (EXIT_FAILURE);
+			break;
+		}
+	}
+
+	if (   (optind != argc)
+	    && (optind + 1 != argc)) {
+		usage (EXIT_FAILURE);
+	}
+
+	if (argv[optind] != NULL) {
+		if (freopen (argv[optind], "r", stdin) == NULL) {
+			char buf[BUFSIZ];
+			snprintf (buf, sizeof buf, "%s: %s", Prog, argv[1]);
+			perror (buf);
+			fail_exit (EXIT_FAILURE);
+		}
+	}
+
+	/* validate options */
+	check_flags ();
+}
+
+/*
+ * check_flags - check flags and parameters consistency
+ *
+ *	It will not return if an error is encountered.
+ */
+static void check_flags (void)
+{
+#ifndef USE_PAM
+#ifdef USE_SHA_CRYPT
+	if (sflg && !cflg) {
+		fprintf (stderr,
+		         _("%s: %s flag is only allowed with the %s flag\n"),
+		         Prog, "-s", "-c");
+		usage (EXIT_FAILURE);
+	}
+#endif				/* USE_SHA_CRYPT */
+
+	if (cflg) {
+		if (   (0 != strcmp (crypt_method, "DES"))
+		    && (0 != strcmp (crypt_method, "MD5"))
+		    && (0 != strcmp (crypt_method, "NONE"))
+#ifdef USE_SHA_CRYPT
+		    && (0 != strcmp (crypt_method, "SHA256"))
+		    && (0 != strcmp (crypt_method, "SHA512"))
+#endif				/* USE_SHA_CRYPT */
+		    ) {
+			fprintf (stderr,
+			         _("%s: unsupported crypt method: %s\n"),
+			         Prog, crypt_method);
+			usage (EXIT_FAILURE);
+		}
+	}
+#endif				/* !USE_PAM */
+}
+
+/*
+ * check_perms - check if the caller is allowed to add a group
+ *
+ *	With PAM support, the setuid bit can be set on groupadd to allow
+ *	non-root users to groups.
+ *	Without PAM support, only users who can write in the group databases
+ *	can add groups.
+ *
+ *	It will not return if the user is not allowed.
+ */
+static void check_perms (void)
+{
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+	pam_handle_t *pamh = NULL;
+	int retval;
+	struct passwd *pampw;
+
+	pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+	if (NULL == pampw) {
+		fprintf (stderr,
+		         _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		fail_exit (EXIT_FAILURE);
+	}
+
+	retval = pam_start ("newusers", pampw->pw_name, &conv, &pamh);
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_authenticate (pamh, 0);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_acct_mgmt (pamh, 0);
+	}
+
+	if (PAM_SUCCESS != retval) {
+		fprintf (stderr, _("%s: PAM: %s\n"),
+		         Prog, pam_strerror (pamh, retval));
+		SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+		if (NULL != pamh) {
+			(void) pam_end (pamh, retval);
+		}
+		fail_exit (EXIT_FAILURE);
+	}
+	(void) pam_end (pamh, retval);
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+}
+
+/*
+ * open_files - lock and open the password, group and shadow databases
+ */
+static void open_files (void)
+{
+	/*
+	 * Lock the password files and open them for update. This will bring
+	 * all of the entries into memory where they may be searched for an
+	 * modified, or new entries added. The password file is the key - if
+	 * it gets locked, assume the others can be locked right away.
+	 */
+	if (pw_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, pw_dbname ());
+		fail_exit (EXIT_FAILURE);
+	}
+	pw_locked = true;
+	if (is_shadow) {
+		if (spw_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, spw_dbname ());
+			fail_exit (EXIT_FAILURE);
+		}
+		spw_locked = true;
+	}
+	if (gr_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, gr_dbname ());
+		fail_exit (EXIT_FAILURE);
+	}
+	gr_locked = true;
+#ifdef SHADOWGRP
+	if (is_shadow_grp) {
+		if (sgr_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, sgr_dbname ());
+			fail_exit (EXIT_FAILURE);
+		}
+		sgr_locked = true;
+	}
+#endif
+#ifdef ENABLE_SUBIDS
+	if (is_sub_uid) {
+		if (sub_uid_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, sub_uid_dbname ());
+			fail_exit (EXIT_FAILURE);
+		}
+		sub_uid_locked = true;
+	}
+	if (is_sub_gid) {
+		if (sub_gid_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, sub_gid_dbname ());
+			fail_exit (EXIT_FAILURE);
+		}
+		sub_gid_locked = true;
+	}
+#endif				/* ENABLE_SUBIDS */
+
+	if (pw_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ());
+		fail_exit (EXIT_FAILURE);
+	}
+	if (is_shadow && (spw_open (O_CREAT | O_RDWR) == 0)) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ());
+		fail_exit (EXIT_FAILURE);
+	}
+	if (gr_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
+		fail_exit (EXIT_FAILURE);
+	}
+#ifdef SHADOWGRP
+	if (is_shadow_grp && (sgr_open (O_CREAT | O_RDWR) == 0)) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ());
+		fail_exit (EXIT_FAILURE);
+	}
+#endif
+#ifdef ENABLE_SUBIDS
+	if (is_sub_uid) {
+		if (sub_uid_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, sub_uid_dbname ());
+			fail_exit (EXIT_FAILURE);
+		}
+	}
+	if (is_sub_gid) {
+		if (sub_gid_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, sub_gid_dbname ());
+			fail_exit (EXIT_FAILURE);
+		}
+	}
+#endif				/* ENABLE_SUBIDS */
+}
+
+/*
+ * close_files - close and unlock the password, group and shadow databases
+ */
+static void close_files (void)
+{
+	if (pw_close () == 0) {
+		fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+		fail_exit (EXIT_FAILURE);
+	}
+	if (pw_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+		/* continue */
+	}
+	pw_locked = false;
+
+	if (is_shadow) {
+		if (spw_close () == 0) {
+			fprintf (stderr,
+			         _("%s: failure while writing changes to %s\n"),
+			         Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
+			fail_exit (EXIT_FAILURE);
+		}
+		if (spw_unlock () == 0) {
+			fprintf (stderr,
+			         _("%s: failed to unlock %s\n"),
+			         Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+			/* continue */
+		}
+		spw_locked = false;
+	}
+
+	if (gr_close () == 0) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"),
+		         Prog, gr_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
+		fail_exit (EXIT_FAILURE);
+	}
+#ifdef ENABLE_SUBIDS
+	if (is_sub_uid  && (sub_uid_close () == 0)) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"), Prog, sub_uid_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_uid_dbname ()));
+		fail_exit (EXIT_FAILURE);
+	}
+	if (is_sub_gid  && (sub_gid_close () == 0)) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"), Prog, sub_gid_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_gid_dbname ()));
+		fail_exit (EXIT_FAILURE);
+	}
+#endif				/* ENABLE_SUBIDS */
+
+	if (gr_unlock () == 0) {
+		fprintf (stderr,
+		         _("%s: failed to unlock %s\n"),
+		         Prog, gr_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+		/* continue */
+	}
+	gr_locked = false;
+
+#ifdef SHADOWGRP
+	if (is_shadow_grp) {
+		if (sgr_close () == 0) {
+			fprintf (stderr,
+			         _("%s: failure while writing changes to %s\n"),
+			         Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
+			fail_exit (EXIT_FAILURE);
+		}
+		if (sgr_unlock () == 0) {
+			fprintf (stderr,
+			         _("%s: failed to unlock %s\n"),
+			         Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+			/* continue */
+		}
+		sgr_locked = false;
+	}
+#endif
+#ifdef ENABLE_SUBIDS
+	if (is_sub_uid) {
+		if (sub_uid_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
+			/* continue */
+		}
+		sub_uid_locked = false;
+	}
+	if (is_sub_gid) {
+		if (sub_gid_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
+			/* continue */
+		}
+		sub_gid_locked = false;
+	}
+#endif				/* ENABLE_SUBIDS */
+}
+
+int main (int argc, char **argv)
+{
+	char buf[BUFSIZ];
+	char *fields[8];
+	int nfields;
+	char *cp;
+	const struct passwd *pw;
+	struct passwd newpw;
+	int errors = 0;
+	int line = 0;
+	uid_t uid;
+	gid_t gid;
+#ifdef USE_PAM
+	int *lines = NULL;
+	char **usernames = NULL;
+	char **passwords = NULL;
+	unsigned int nusers = 0;
+#endif				/* USE_PAM */
+
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	/* FIXME: will not work with an input file */
+	process_root_flag ("-R", argc, argv);
+
+	OPENLOG ("newusers");
+
+	process_flags (argc, argv);
+
+	check_perms ();
+
+	is_shadow = spw_file_present ();
+
+#ifdef SHADOWGRP
+	is_shadow_grp = sgr_file_present ();
+#endif
+#ifdef ENABLE_SUBIDS
+	is_sub_uid = sub_uid_file_present () && !rflg;
+	is_sub_gid = sub_gid_file_present () && !rflg;
+#endif				/* ENABLE_SUBIDS */
+
+	open_files ();
+
+	/*
+	 * Read each line. The line has the same format as a password file
+	 * entry, except that certain fields are not constrained to be
+	 * numerical values. If a group ID is entered which does not already
+	 * exist, an attempt is made to allocate the same group ID as the
+	 * numerical user ID. Should that fail, the next available group ID
+	 * over 100 is allocated. The pw_gid field will be updated with that
+	 * value.
+	 */
+	while (fgets (buf, (int) sizeof buf, stdin) != (char *) 0) {
+		line++;
+		cp = strrchr (buf, '\n');
+		if (NULL != cp) {
+			*cp = '\0';
+		} else {
+			if (feof (stdin) == 0) {
+				fprintf (stderr,
+				         _("%s: line %d: line too long\n"),
+				         Prog, line);
+				errors++;
+				continue;
+			}
+		}
+
+		/*
+		 * Break the string into fields and screw around with them.
+		 * There MUST be 7 colon separated fields, although the
+		 * values aren't that particular.
+		 */
+		for (cp = buf, nfields = 0; nfields < 7; nfields++) {
+			fields[nfields] = cp;
+			cp = strchr (cp, ':');
+			if (NULL != cp) {
+				*cp = '\0';
+				cp++;
+			} else {
+				break;
+			}
+		}
+		if (nfields != 6) {
+			fprintf (stderr, _("%s: line %d: invalid line\n"),
+			         Prog, line);
+			errors++;
+			continue;
+		}
+
+		/*
+		 * First check if we have to create or update an user
+		 */
+		pw = pw_locate (fields[0]);
+		/* local, no need for xgetpwnam */
+		if (   (NULL == pw)
+		    && (getpwnam (fields[0]) != NULL)) {
+			fprintf (stderr, _("%s: cannot update the entry of user %s (not in the passwd database)\n"), Prog, fields[0]);
+			errors++;
+			continue;
+		}
+
+		if (   (NULL == pw)
+		    && (get_user_id (fields[2], &uid) != 0)) {
+			fprintf (stderr,
+			         _("%s: line %d: can't create user\n"),
+			         Prog, line);
+			errors++;
+			continue;
+		}
+
+		/*
+		 * Processed is the group name. A new group will be
+		 * created if the group name is non-numeric and does not
+		 * already exist. If the group name is a number (which is not
+		 * an existing GID), a group with the same name as the user
+		 * will be created, with the given GID. The given or created
+		 * group will be the primary group of the user. If
+		 * there is no named group to be a member of, the UID will
+		 * be figured out and that value will be a candidate for a
+		 * new group, if that group ID exists, a whole new group ID
+		 * will be made up.
+		 */
+		if (   (NULL == pw)
+		    && (add_group (fields[0], fields[3], &gid, uid) != 0)) {
+			fprintf (stderr,
+			         _("%s: line %d: can't create group\n"),
+			         Prog, line);
+			errors++;
+			continue;
+		}
+
+		/*
+		 * Now we work on the user ID. It has to be specified either
+		 * as a numerical value, or left blank. If it is a numerical
+		 * value, that value will be used, otherwise the next
+		 * available user ID is computed and used. After this there
+		 * will at least be a (struct passwd) for the user.
+		 */
+		if (   (NULL == pw)
+		    && (add_user (fields[0], uid, gid) != 0)) {
+			fprintf (stderr,
+			         _("%s: line %d: can't create user\n"),
+			         Prog, line);
+			errors++;
+			continue;
+		}
+
+		/*
+		 * The password, gecos field, directory, and shell fields
+		 * all come next.
+		 */
+		pw = pw_locate (fields[0]);
+		if (NULL == pw) {
+			fprintf (stderr,
+			         _("%s: line %d: user '%s' does not exist in %s\n"),
+			         Prog, line, fields[0], pw_dbname ());
+			errors++;
+			continue;
+		}
+		newpw = *pw;
+
+#ifdef USE_PAM
+		/* keep the list of user/password for later update by PAM */
+		nusers++;
+		lines     = realloc (lines,     sizeof (lines[0])     * nusers);
+		usernames = realloc (usernames, sizeof (usernames[0]) * nusers);
+		passwords = realloc (passwords, sizeof (passwords[0]) * nusers);
+		lines[nusers-1]     = line;
+		usernames[nusers-1] = strdup (fields[0]);
+		passwords[nusers-1] = strdup (fields[1]);
+#endif				/* USE_PAM */
+		if (add_passwd (&newpw, fields[1]) != 0) {
+			fprintf (stderr,
+			         _("%s: line %d: can't update password\n"),
+			         Prog, line);
+			errors++;
+			continue;
+		}
+		if ('\0' != fields[4][0]) {
+			newpw.pw_gecos = fields[4];
+		}
+
+		if ('\0' != fields[5][0]) {
+			newpw.pw_dir = fields[5];
+		}
+
+		if ('\0' != fields[6][0]) {
+			newpw.pw_shell = fields[6];
+		}
+
+		if (   ('\0' != fields[5][0])
+		    && (access (newpw.pw_dir, F_OK) != 0)) {
+/* FIXME: should check for directory */
+			mode_t msk = 0777 & ~getdef_num ("UMASK",
+			                                 GETDEF_DEFAULT_UMASK);
+			if (mkdir (newpw.pw_dir, msk) != 0) {
+				fprintf (stderr,
+				         _("%s: line %d: mkdir %s failed: %s\n"),
+				         Prog, line, newpw.pw_dir,
+				         strerror (errno));
+			} else if (chown (newpw.pw_dir,
+			                  newpw.pw_uid,
+			                  newpw.pw_gid) != 0) {
+				fprintf (stderr,
+				         _("%s: line %d: chown %s failed: %s\n"),
+				         Prog, line, newpw.pw_dir,
+				         strerror (errno));
+			}
+		}
+
+		/*
+		 * Update the password entry with the new changes made.
+		 */
+		if (pw_update (&newpw) == 0) {
+			fprintf (stderr,
+			         _("%s: line %d: can't update entry\n"),
+			         Prog, line);
+			errors++;
+			continue;
+		}
+
+#ifdef ENABLE_SUBIDS
+		/*
+		 * Add subordinate uids if the user does not have them.
+		 */
+		if (is_sub_uid && !sub_uid_assigned(fields[0])) {
+			uid_t sub_uid_start = 0;
+			unsigned long sub_uid_count = 0;
+			if (find_new_sub_uids(fields[0], &sub_uid_start, &sub_uid_count) == 0) {
+				if (sub_uid_add(fields[0], sub_uid_start, sub_uid_count) == 0) {
+					fprintf (stderr,
+						_("%s: failed to prepare new %s entry\n"),
+						Prog, sub_uid_dbname ());
+				}
+			} else {
+				fprintf (stderr,
+					_("%s: can't find subordinate user range\n"),
+					Prog);
+				errors++;
+			}
+		}
+
+		/*
+		 * Add subordinate gids if the user does not have them.
+		 */
+		if (is_sub_gid && !sub_gid_assigned(fields[0])) {
+			gid_t sub_gid_start = 0;
+			unsigned long sub_gid_count = 0;
+			if (find_new_sub_gids(fields[0], &sub_gid_start, &sub_gid_count) == 0) {
+				if (sub_gid_add(fields[0], sub_gid_start, sub_gid_count) == 0) {
+					fprintf (stderr,
+						_("%s: failed to prepare new %s entry\n"),
+						Prog, sub_uid_dbname ());
+				}
+			} else {
+				fprintf (stderr,
+					_("%s: can't find subordinate group range\n"),
+					Prog);
+				errors++;
+			}
+		}
+#endif				/* ENABLE_SUBIDS */
+	}
+
+	/*
+	 * Any detected errors will cause the entire set of changes to be
+	 * aborted. Unlocking the password file will cause all of the
+	 * changes to be ignored. Otherwise the file is closed, causing the
+	 * changes to be written out all at once, and then unlocked
+	 * afterwards.
+	 */
+	if (0 != errors) {
+		fprintf (stderr,
+		         _("%s: error detected, changes ignored\n"), Prog);
+		fail_exit (EXIT_FAILURE);
+	}
+
+	close_files ();
+
+	nscd_flush_cache ("passwd");
+	nscd_flush_cache ("group");
+
+#ifdef USE_PAM
+	unsigned int i;
+	/* Now update the passwords using PAM */
+	for (i = 0; i < nusers; i++) {
+		if (do_pam_passwd_non_interractive ("newusers", usernames[i], passwords[i]) != 0) {
+			fprintf (stderr,
+			         _("%s: (line %d, user %s) password not changed\n"),
+			         Prog, lines[i], usernames[i]);
+			errors++;
+		}
+	}
+#endif				/* USE_PAM */
+
+	return ((0 == errors) ? EXIT_SUCCESS : EXIT_FAILURE);
+}
+
diff --git a/src/nologin.c b/src/nologin.c
new file mode 100644
index 0000000..7fe8a6a
--- /dev/null
+++ b/src/nologin.c
@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 2004 The FreeBSD Project.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <syslog.h>
+#include <unistd.h>
+
+int main (void)
+{
+	const char *user, *tty;
+
+	tty = ttyname (0);
+	if (NULL == tty) {
+		tty = "UNKNOWN";
+	}
+	user = getlogin ();
+	if (NULL == user) {
+		user = "UNKNOWN";
+	}
+	openlog ("nologin", LOG_CONS, LOG_AUTH);
+	syslog (LOG_CRIT, "Attempted login by %s on %s", user, tty);
+	closelog ();
+
+	printf ("%s", "This account is currently not available.\n");
+
+	return EXIT_FAILURE;
+}
diff --git a/src/passwd.c b/src/passwd.c
new file mode 100644
index 0000000..3af3e65
--- /dev/null
+++ b/src/passwd.c
@@ -0,0 +1,1168 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <errno.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <pwd.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/types.h>
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#include <selinux/flask.h>
+#include <selinux/av_permissions.h>
+#include <selinux/context.h>
+#endif				/* WITH_SELINUX */
+#include <time.h>
+#include "defines.h"
+#include "getdef.h"
+#include "nscd.h"
+#include "prototypes.h"
+#include "pwauth.h"
+#include "pwio.h"
+#include "shadowio.h"
+
+/*
+ * exit status values
+ */
+/*@-exitarg@*/
+#define E_SUCCESS	0	/* success */
+#define E_NOPERM	1	/* permission denied */
+#define E_USAGE		2	/* invalid combination of options */
+#define E_FAILURE	3	/* unexpected failure, nothing done */
+#define E_MISSING	4	/* unexpected failure, passwd file missing */
+#define E_PWDBUSY	5	/* passwd file busy, try again later */
+#define E_BAD_ARG	6	/* invalid argument to option */
+/*
+ * Global variables
+ */
+const char *Prog;		/* Program name */
+
+static char *name;		/* The name of user whose password is being changed */
+static char *myname;		/* The current user's name */
+static bool amroot;		/* The caller's real UID was 0 */
+
+static bool
+    aflg = false,			/* -a - show status for all users */
+    dflg = false,			/* -d - delete password */
+    eflg = false,			/* -e - force password change */
+    iflg = false,			/* -i - set inactive days */
+    kflg = false,			/* -k - change only if expired */
+    lflg = false,			/* -l - lock the user's password */
+    nflg = false,			/* -n - set minimum days */
+    qflg = false,			/* -q - quiet mode */
+    Sflg = false,			/* -S - show password status */
+    uflg = false,			/* -u - unlock the user's password */
+    wflg = false,			/* -w - set warning days */
+    xflg = false;			/* -x - set maximum days */
+
+/*
+ * set to 1 if there are any flags which require root privileges,
+ * and require username to be specified
+ */
+static bool anyflag = false;
+
+static long age_min = 0;	/* Minimum days before change   */
+static long age_max = 0;	/* Maximum days until change     */
+static long warn = 0;		/* Warning days before change   */
+static long inact = 0;		/* Days without change before locked */
+
+#ifndef USE_PAM
+static bool do_update_age = false;
+#endif				/* ! USE_PAM */
+
+static bool pw_locked = false;
+static bool spw_locked = false;
+
+#ifndef USE_PAM
+/*
+ * Size of the biggest passwd:
+ *   $6$	3
+ *   rounds=	7
+ *   999999999	9
+ *   $		1
+ *   salt	16
+ *   $		1
+ *   SHA512	123
+ *   nul	1
+ *
+ *   total	161
+ */
+static char crypt_passwd[256];
+static bool do_update_pwd = false;
+#endif				/* !USE_PAM */
+
+/*
+ * External identifiers
+ */
+
+/* local function prototypes */
+static /*@noreturn@*/void usage (int);
+
+#ifndef USE_PAM
+static bool reuse (const char *, const struct passwd *);
+static int new_password (const struct passwd *);
+
+static void check_password (const struct passwd *, const struct spwd *);
+#endif				/* !USE_PAM */
+static /*@observer@*/const char *date_to_str (time_t);
+static /*@observer@*/const char *pw_status (const char *);
+static void print_status (const struct passwd *);
+static /*@noreturn@*/void fail_exit (int);
+static /*@noreturn@*/void oom (void);
+static char *update_crypt_pw (char *);
+static void update_noshadow (void);
+
+static void update_shadow (void);
+#ifdef WITH_SELINUX
+static int check_selinux_access (const char *changed_user,
+                                 uid_t changed_uid,
+                                 access_vector_t requested_access);
+#endif				/* WITH_SELINUX */
+
+/*
+ * usage - print command usage and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options] [LOGIN]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -a, --all                     report password status on all accounts\n"), usageout);
+	(void) fputs (_("  -d, --delete                  delete the password for the named account\n"), usageout);
+	(void) fputs (_("  -e, --expire                  force expire the password for the named account\n"), usageout);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -k, --keep-tokens             change password only if expired\n"), usageout);
+	(void) fputs (_("  -i, --inactive INACTIVE       set password inactive after expiration\n"
+	                "                                to INACTIVE\n"), usageout);
+	(void) fputs (_("  -l, --lock                    lock the password of the named account\n"), usageout);
+	(void) fputs (_("  -n, --mindays MIN_DAYS        set minimum number of days before password\n"
+	                "                                change to MIN_DAYS\n"), usageout);
+	(void) fputs (_("  -q, --quiet                   quiet mode\n"), usageout);
+	(void) fputs (_("  -r, --repository REPOSITORY   change password in REPOSITORY repository\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs (_("  -S, --status                  report password status on the named account\n"), usageout);
+	(void) fputs (_("  -u, --unlock                  unlock the password of the named account\n"), usageout);
+	(void) fputs (_("  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS\n"), usageout);
+	(void) fputs (_("  -x, --maxdays MAX_DAYS        set maximum number of days before password\n"
+	                "                                change to MAX_DAYS\n"), usageout);
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+#ifndef USE_PAM
+static bool reuse (const char *pass, const struct passwd *pw)
+{
+#ifdef HAVE_LIBCRACK_HIST
+	const char *reason;
+
+#ifdef HAVE_LIBCRACK_PW
+	const char *FascistHistoryPw (const char *, const struct passwd *);
+
+	reason = FascistHistory (pass, pw);
+#else				/* !HAVE_LIBCRACK_PW */
+	const char *FascistHistory (const char *, int);
+
+	reason = FascistHistory (pass, pw->pw_uid);
+#endif				/* !HAVE_LIBCRACK_PW */
+	if (NULL != reason) {
+		(void) printf (_("Bad password: %s.  "), reason);
+		return true;
+	}
+#endif				/* HAVE_LIBCRACK_HIST */
+	return false;
+}
+
+/*
+ * new_password - validate old password and replace with new (both old and
+ * new in global "char crypt_passwd[128]")
+ */
+static int new_password (const struct passwd *pw)
+{
+	char *clear;		/* Pointer to clear text */
+	char *cipher;		/* Pointer to cipher text */
+	const char *salt;	/* Pointer to new salt */
+	char *cp;		/* Pointer to getpass() response */
+	char orig[200];		/* Original password */
+	char pass[200];		/* New password */
+	int i;			/* Counter for retries */
+	bool warned;
+	int pass_max_len = -1;
+	const char *method;
+
+#ifdef HAVE_LIBCRACK_HIST
+	int HistUpdate (const char *, const char *);
+#endif				/* HAVE_LIBCRACK_HIST */
+
+	/*
+	 * Authenticate the user. The user will be prompted for their own
+	 * password.
+	 */
+
+	if (!amroot && ('\0' != crypt_passwd[0])) {
+		clear = getpass (_("Old password: "));
+		if (NULL == clear) {
+			return -1;
+		}
+
+		cipher = pw_encrypt (clear, crypt_passwd);
+
+		if (NULL == cipher) {
+			strzero (clear);
+			fprintf (stderr,
+			         _("%s: failed to crypt password with previous salt: %s\n"),
+			         Prog, strerror (errno));
+			SYSLOG ((LOG_INFO,
+			         "Failed to crypt password with previous salt of user '%s'",
+			         pw->pw_name));
+			return -1;
+		}
+
+		if (strcmp (cipher, crypt_passwd) != 0) {
+			strzero (clear);
+			strzero (cipher);
+			SYSLOG ((LOG_WARN, "incorrect password for %s",
+			         pw->pw_name));
+			(void) sleep (1);
+			(void) fprintf (stderr,
+			                _("Incorrect password for %s.\n"),
+			                pw->pw_name);
+			return -1;
+		}
+		STRFCPY (orig, clear);
+		strzero (clear);
+		strzero (cipher);
+	} else {
+		orig[0] = '\0';
+	}
+
+	/*
+	 * Get the new password. The user is prompted for the new password
+	 * and has five tries to get it right. The password will be tested
+	 * for strength, unless it is the root user. This provides an escape
+	 * for initial login passwords.
+	 */
+	method = getdef_str ("ENCRYPT_METHOD");
+	if (NULL == method) {
+		if (!getdef_bool ("MD5_CRYPT_ENAB")) {
+			pass_max_len = getdef_num ("PASS_MAX_LEN", 8);
+		}
+	} else {
+		if (   (strcmp (method, "MD5")    == 0)
+#ifdef USE_SHA_CRYPT
+		    || (strcmp (method, "SHA256") == 0)
+		    || (strcmp (method, "SHA512") == 0)
+#endif				/* USE_SHA_CRYPT */
+		    ) {
+			pass_max_len = -1;
+		} else {
+			pass_max_len = getdef_num ("PASS_MAX_LEN", 8);
+		}
+	}
+	if (!qflg) {
+		if (pass_max_len == -1) {
+			(void) printf (_(
+"Enter the new password (minimum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"),
+				getdef_num ("PASS_MIN_LEN", 5));
+		} else {
+			(void) printf (_(
+"Enter the new password (minimum of %d, maximum of %d characters)\n"
+"Please use a combination of upper and lower case letters and numbers.\n"),
+				getdef_num ("PASS_MIN_LEN", 5), pass_max_len);
+		}
+	}
+
+	warned = false;
+	for (i = getdef_num ("PASS_CHANGE_TRIES", 5); i > 0; i--) {
+		cp = getpass (_("New password: "));
+		if (NULL == cp) {
+			memzero (orig, sizeof orig);
+			return -1;
+		}
+		if (warned && (strcmp (pass, cp) != 0)) {
+			warned = false;
+		}
+		STRFCPY (pass, cp);
+		strzero (cp);
+
+		if (!amroot && (!obscure (orig, pass, pw) || reuse (pass, pw))) {
+			(void) puts (_("Try again."));
+			continue;
+		}
+
+		/*
+		 * If enabled, warn about weak passwords even if you are
+		 * root (enter this password again to use it anyway). 
+		 * --marekm
+		 */
+		if (amroot && !warned && getdef_bool ("PASS_ALWAYS_WARN")
+		    && (!obscure (orig, pass, pw) || reuse (pass, pw))) {
+			(void) puts (_("\nWarning: weak password (enter it again to use it anyway)."));
+			warned = true;
+			continue;
+		}
+		cp = getpass (_("Re-enter new password: "));
+		if (NULL == cp) {
+			memzero (orig, sizeof orig);
+			return -1;
+		}
+		if (strcmp (cp, pass) != 0) {
+			(void) fputs (_("They don't match; try again.\n"), stderr);
+		} else {
+			strzero (cp);
+			break;
+		}
+	}
+	memzero (orig, sizeof orig);
+
+	if (i == 0) {
+		memzero (pass, sizeof pass);
+		return -1;
+	}
+
+	/*
+	 * Encrypt the password, then wipe the cleartext password.
+	 */
+	salt = crypt_make_salt (NULL, NULL);
+	cp = pw_encrypt (pass, salt);
+	memzero (pass, sizeof pass);
+
+	if (NULL == cp) {
+		fprintf (stderr,
+		         _("%s: failed to crypt password with salt '%s': %s\n"),
+		         Prog, salt, strerror (errno));
+		return -1;
+	}
+
+#ifdef HAVE_LIBCRACK_HIST
+	HistUpdate (pw->pw_name, crypt_passwd);
+#endif				/* HAVE_LIBCRACK_HIST */
+	STRFCPY (crypt_passwd, cp);
+	return 0;
+}
+
+/*
+ * check_password - test a password to see if it can be changed
+ *
+ *	check_password() sees if the invoker has permission to change the
+ *	password for the given user.
+ */
+static void check_password (const struct passwd *pw, const struct spwd *sp)
+{
+	time_t now;
+	int exp_status;
+
+	exp_status = isexpired (pw, sp);
+
+	/*
+	 * If not expired and the "change only if expired" option (idea from
+	 * PAM) was specified, do nothing. --marekm
+	 */
+	if (kflg && (0 == exp_status)) {
+		exit (E_SUCCESS);
+	}
+
+	/*
+	 * Root can change any password any time.
+	 */
+	if (amroot) {
+		return;
+	}
+
+	(void) time (&now);
+
+	/*
+	 * Expired accounts cannot be changed ever. Passwords which are
+	 * locked may not be changed. Passwords where min > max may not be
+	 * changed. Passwords which have been inactive too long cannot be
+	 * changed.
+	 */
+	if (   (sp->sp_pwdp[0] == '!')
+	    || (exp_status > 1)
+	    || (   (sp->sp_max >= 0)
+	        && (sp->sp_min > sp->sp_max))) {
+		(void) fprintf (stderr,
+		                _("The password for %s cannot be changed.\n"),
+		                sp->sp_namp);
+		SYSLOG ((LOG_WARN, "password locked for '%s'", sp->sp_namp));
+		closelog ();
+		exit (E_NOPERM);
+	}
+
+	/*
+	 * Passwords may only be changed after sp_min time is up.
+	 */
+	if (sp->sp_lstchg > 0) {
+		time_t ok;
+		ok = (time_t) sp->sp_lstchg * SCALE;
+		if (sp->sp_min > 0) {
+			ok += (time_t) sp->sp_min * SCALE;
+		}
+
+		if (now < ok) {
+			(void) fprintf (stderr,
+			                _("The password for %s cannot be changed yet.\n"),
+			                pw->pw_name);
+			SYSLOG ((LOG_WARN, "now < minimum age for '%s'", pw->pw_name));
+			closelog ();
+			exit (E_NOPERM);
+		}
+	}
+}
+#endif				/* !USE_PAM */
+
+static /*@observer@*/const char *date_to_str (time_t t)
+{
+	static char buf[80];
+	struct tm *tm;
+
+	tm = gmtime (&t);
+#ifdef HAVE_STRFTIME
+	(void) strftime (buf, sizeof buf, "%m/%d/%Y", tm);
+#else				/* !HAVE_STRFTIME */
+	(void) snprintf (buf, sizeof buf, "%02d/%02d/%04d",
+	                 tm->tm_mon + 1, tm->tm_mday, tm->tm_year + 1900);
+#endif				/* !HAVE_STRFTIME */
+	return buf;
+}
+
+static /*@observer@*/const char *pw_status (const char *pass)
+{
+	if (*pass == '*' || *pass == '!') {
+		return "L";
+	}
+	if (*pass == '\0') {
+		return "NP";
+	}
+	return "P";
+}
+
+/*
+ * print_status - print current password status
+ */
+static void print_status (const struct passwd *pw)
+{
+	struct spwd *sp;
+
+	sp = getspnam (pw->pw_name); /* local, no need for xgetspnam */
+	if (NULL != sp) {
+		(void) printf ("%s %s %s %lld %lld %lld %lld\n",
+		               pw->pw_name,
+		               pw_status (sp->sp_pwdp),
+		               date_to_str (sp->sp_lstchg * SCALE),
+		               ((long long)sp->sp_min * SCALE) / DAY,
+		               ((long long)sp->sp_max * SCALE) / DAY,
+		               ((long long)sp->sp_warn * SCALE) / DAY,
+		               ((long long)sp->sp_inact * SCALE) / DAY);
+	} else {
+		(void) printf ("%s %s\n",
+		               pw->pw_name, pw_status (pw->pw_passwd));
+	}
+}
+
+
+static /*@noreturn@*/void fail_exit (int status)
+{
+	if (pw_locked) {
+		if (pw_unlock () == 0) {
+			(void) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+			/* continue */
+		}
+	}
+
+	if (spw_locked) {
+		if (spw_unlock () == 0) {
+			(void) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+			/* continue */
+		}
+	}
+
+	exit (status);
+}
+
+static /*@noreturn@*/void oom (void)
+{
+	(void) fprintf (stderr, _("%s: out of memory\n"), Prog);
+	fail_exit (E_FAILURE);
+}
+
+static char *update_crypt_pw (char *cp)
+{
+#ifndef USE_PAM
+	if (do_update_pwd) {
+		cp = xstrdup (crypt_passwd);
+	}
+#endif				/* !USE_PAM */
+
+	if (dflg) {
+		*cp = '\0';
+	}
+
+	if (uflg && *cp == '!') {
+		if (cp[1] == '\0') {
+			(void) fprintf (stderr,
+			                _("%s: unlocking the password would result in a passwordless account.\n"
+			                  "You should set a password with usermod -p to unlock the password of this account.\n"),
+			                Prog);
+			fail_exit (E_FAILURE);
+		} else {
+			cp++;
+		}
+	}
+
+	if (lflg && *cp != '!') {
+		char *newpw = xmalloc (strlen (cp) + 2);
+
+		strcpy (newpw, "!");
+		strcat (newpw, cp);
+		cp = newpw;
+	}
+	return cp;
+}
+
+
+static void update_noshadow (void)
+{
+	const struct passwd *pw;
+	struct passwd *npw;
+
+	if (pw_lock () == 0) {
+		(void) fprintf (stderr,
+		                _("%s: cannot lock %s; try again later.\n"),
+		                Prog, pw_dbname ());
+		exit (E_PWDBUSY);
+	}
+	pw_locked = true;
+	if (pw_open (O_CREAT | O_RDWR) == 0) {
+		(void) fprintf (stderr,
+		                _("%s: cannot open %s\n"),
+		                Prog, pw_dbname ());
+		SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ()));
+		fail_exit (E_MISSING);
+	}
+	pw = pw_locate (name);
+	if (NULL == pw) {
+		(void) fprintf (stderr,
+		                _("%s: user '%s' does not exist in %s\n"),
+		                Prog, name, pw_dbname ());
+		fail_exit (E_NOPERM);
+	}
+	npw = __pw_dup (pw);
+	if (NULL == npw) {
+		oom ();
+	}
+	npw->pw_passwd = update_crypt_pw (npw->pw_passwd);
+	if (pw_update (npw) == 0) {
+		(void) fprintf (stderr,
+		                _("%s: failed to prepare the new %s entry '%s'\n"),
+		                Prog, pw_dbname (), npw->pw_name);
+		fail_exit (E_FAILURE);
+	}
+	if (pw_close () == 0) {
+		(void) fprintf (stderr,
+		                _("%s: failure while writing changes to %s\n"),
+		                Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+		fail_exit (E_FAILURE);
+	}
+	if (pw_unlock () == 0) {
+		(void) fprintf (stderr,
+		                _("%s: failed to unlock %s\n"),
+		                Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+		/* continue */
+	}
+	pw_locked = false;
+}
+
+static void update_shadow (void)
+{
+	const struct spwd *sp;
+	struct spwd *nsp;
+
+	if (spw_lock () == 0) {
+		(void) fprintf (stderr,
+		                _("%s: cannot lock %s; try again later.\n"),
+		                Prog, spw_dbname ());
+		exit (E_PWDBUSY);
+	}
+	spw_locked = true;
+	if (spw_open (O_CREAT | O_RDWR) == 0) {
+		(void) fprintf (stderr,
+		                _("%s: cannot open %s\n"),
+		                Prog, spw_dbname ());
+		SYSLOG ((LOG_WARN, "cannot open %s", spw_dbname ()));
+		fail_exit (E_FAILURE);
+	}
+	sp = spw_locate (name);
+	if (NULL == sp) {
+		/* Try to update the password in /etc/passwd instead. */
+		(void) spw_close ();
+		update_noshadow ();
+		if (spw_unlock () == 0) {
+			(void) fprintf (stderr,
+			                _("%s: failed to unlock %s\n"),
+			                Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+			/* continue */
+		}
+		spw_locked = false;
+		return;
+	}
+	nsp = __spw_dup (sp);
+	if (NULL == nsp) {
+		oom ();
+	}
+	nsp->sp_pwdp = update_crypt_pw (nsp->sp_pwdp);
+	if (xflg) {
+		nsp->sp_max = (age_max * DAY) / SCALE;
+	}
+	if (nflg) {
+		nsp->sp_min = (age_min * DAY) / SCALE;
+	}
+	if (wflg) {
+		nsp->sp_warn = (warn * DAY) / SCALE;
+	}
+	if (iflg) {
+		nsp->sp_inact = (inact * DAY) / SCALE;
+	}
+#ifndef USE_PAM
+	if (do_update_age) {
+		nsp->sp_lstchg = (long) gettime () / SCALE;
+		if (0 == nsp->sp_lstchg) {
+			/* Better disable aging than requiring a password
+			 * change */
+			nsp->sp_lstchg = -1;
+		}
+	}
+#endif				/* !USE_PAM */
+
+	/*
+	 * Force change on next login, like SunOS 4.x passwd -e or Solaris
+	 * 2.x passwd -f. Solaris 2.x seems to do the same thing (set
+	 * sp_lstchg to 0).
+	 */
+	if (eflg) {
+		nsp->sp_lstchg = 0;
+	}
+
+	if (spw_update (nsp) == 0) {
+		(void) fprintf (stderr,
+		                _("%s: failed to prepare the new %s entry '%s'\n"),
+		                Prog, spw_dbname (), nsp->sp_namp);
+		fail_exit (E_FAILURE);
+	}
+	if (spw_close () == 0) {
+		(void) fprintf (stderr,
+		                _("%s: failure while writing changes to %s\n"),
+		                Prog, spw_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
+		fail_exit (E_FAILURE);
+	}
+	if (spw_unlock () == 0) {
+		(void) fprintf (stderr,
+		                _("%s: failed to unlock %s\n"),
+		                Prog, spw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+		/* continue */
+	}
+	spw_locked = false;
+}
+
+#ifdef WITH_SELINUX
+static int check_selinux_access (const char *changed_user,
+                                 uid_t changed_uid,
+                                 access_vector_t requested_access)
+{
+	int status = -1;
+	security_context_t user_context;
+	context_t c;
+	const char *user;
+
+	/* if in permissive mode then allow the operation */
+	if (security_getenforce() == 0) {
+		return 0;
+	}
+
+	/* get the context of the process which executed passwd */
+	if (getprevcon(&user_context) != 0) {
+		return -1;
+	}
+
+	/* get the "user" portion of the context (the part before the first
+	   colon) */
+	c = context_new(user_context);
+	user = context_user_get(c);
+
+	/* if changing a password for an account with UID==0 or for an account
+	   where the identity matches then return success */
+	if (changed_uid != 0 && strcmp(changed_user, user) == 0) {
+		status = 0;
+	} else {
+		struct av_decision avd;
+		int retval;
+		retval = security_compute_av(user_context,
+		                             user_context,
+		                             SECCLASS_PASSWD,
+		                             requested_access,
+		                             &avd);
+		if ((retval == 0) &&
+		    ((requested_access & avd.allowed) == requested_access)) {
+			status = 0;
+		}
+	}
+	context_free(c);
+	freecon(user_context);
+	return status;
+}
+
+#endif				/* WITH_SELINUX */
+
+/*
+ * passwd - change a user's password file information
+ *
+ *	This command controls the password file and commands which are used
+ * 	to modify it.
+ *
+ *	The valid options are
+ *
+ *	-d	delete the password for the named account (*)
+ *	-e	expire the password for the named account (*)
+ *	-f	execute chfn command to interpret flags
+ *	-g	execute gpasswd command to interpret flags
+ *	-i #	set sp_inact to # days (*)
+ *	-k	change password only if expired
+ *	-l	lock the password of the named account (*)
+ *	-n #	set sp_min to # days (*)
+ *	-r #	change password in # repository
+ *	-s	execute chsh command to interpret flags
+ *	-S	show password status of named account
+ *	-u	unlock the password of the named account (*)
+ *	-w #	set sp_warn to # days (*)
+ *	-x #	set sp_max to # days (*)
+ *
+ *	(*) requires root permission to execute.
+ *
+ *	All of the time fields are entered in days and converted to the
+ * 	appropriate internal format. For finer resolute the chage
+ *	command must be used.
+ */
+int main (int argc, char **argv)
+{
+	const struct passwd *pw;	/* Password file entry for user      */
+
+#ifndef USE_PAM
+	char *cp;		/* Miscellaneous character pointing  */
+
+	const struct spwd *sp;	/* Shadow file entry for user   */
+#endif				/* !USE_PAM */
+
+	sanitize_env ();
+
+	/*
+	 * Get the program name. The program name is used as a prefix to
+	 * most error messages.
+	 */
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	/*
+	 * The program behaves differently when executed by root than when
+	 * executed by a normal user.
+	 */
+	amroot = (getuid () == 0);
+
+	OPENLOG ("passwd");
+
+	{
+		/*
+		 * Parse the command line options.
+		 */
+		int c;
+		static struct option long_options[] = {
+			{"all",         no_argument,       NULL, 'a'},
+			{"delete",      no_argument,       NULL, 'd'},
+			{"expire",      no_argument,       NULL, 'e'},
+			{"help",        no_argument,       NULL, 'h'},
+			{"inactive",    required_argument, NULL, 'i'},
+			{"keep-tokens", no_argument,       NULL, 'k'},
+			{"lock",        no_argument,       NULL, 'l'},
+			{"mindays",     required_argument, NULL, 'n'},
+			{"quiet",       no_argument,       NULL, 'q'},
+			{"repository",  required_argument, NULL, 'r'},
+			{"root",        required_argument, NULL, 'R'},
+			{"status",      no_argument,       NULL, 'S'},
+			{"unlock",      no_argument,       NULL, 'u'},
+			{"warndays",    required_argument, NULL, 'w'},
+			{"maxdays",     required_argument, NULL, 'x'},
+			{NULL, 0, NULL, '\0'}
+		};
+
+		while ((c = getopt_long (argc, argv, "adehi:kln:qr:R:Suw:x:",
+		                         long_options, NULL)) != -1) {
+			switch (c) {
+			case 'a':
+				aflg = true;
+				break;
+			case 'd':
+				dflg = true;
+				anyflag = true;
+				break;
+			case 'e':
+				eflg = true;
+				anyflag = true;
+				break;
+			case 'h':
+				usage (E_SUCCESS);
+				/*@notreached@*/break;
+			case 'i':
+				if (   (getlong (optarg, &inact) == 0)
+				    || (inact < -1)) {
+					fprintf (stderr,
+					         _("%s: invalid numeric argument '%s'\n"),
+					         Prog, optarg);
+					usage (E_BAD_ARG);
+				}
+				iflg = true;
+				anyflag = true;
+				break;
+			case 'k':
+				/* change only if expired, like Linux-PAM passwd -k. */
+				kflg = true;	/* ok for users */
+				break;
+			case 'l':
+				lflg = true;
+				anyflag = true;
+				break;
+			case 'n':
+				if (   (getlong (optarg, &age_min) == 0)
+				    || (age_min < -1)) {
+					fprintf (stderr,
+					         _("%s: invalid numeric argument '%s'\n"),
+					         Prog, optarg);
+					usage (E_BAD_ARG);
+				}
+				nflg = true;
+				anyflag = true;
+				break;
+			case 'q':
+				qflg = true;	/* ok for users */
+				break;
+			case 'r':
+				/* -r repository (files|nis|nisplus) */
+				/* only "files" supported for now */
+				if (strcmp (optarg, "files") != 0) {
+					fprintf (stderr,
+					         _("%s: repository %s not supported\n"),
+						 Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				break;
+			case 'R': /* no-op, handled in process_root_flag () */
+				break;
+			case 'S':
+				Sflg = true;	/* ok for users */
+				break;
+			case 'u':
+				uflg = true;
+				anyflag = true;
+				break;
+			case 'w':
+				if (   (getlong (optarg, &warn) == 0)
+				    || (warn < -1)) {
+					(void) fprintf (stderr,
+					                _("%s: invalid numeric argument '%s'\n"),
+					                Prog, optarg);
+					usage (E_BAD_ARG);
+				}
+				wflg = true;
+				anyflag = true;
+				break;
+			case 'x':
+				if (   (getlong (optarg, &age_max) == 0)
+				    || (age_max < -1)) {
+					(void) fprintf (stderr,
+					                _("%s: invalid numeric argument '%s'\n"),
+					                Prog, optarg);
+					usage (E_BAD_ARG);
+				}
+				xflg = true;
+				anyflag = true;
+				break;
+			default:
+				usage (E_BAD_ARG);
+			}
+		}
+	}
+
+	/*
+	 * Now I have to get the user name. The name will be gotten from the
+	 * command line if possible. Otherwise it is figured out from the
+	 * environment.
+	 */
+	pw = get_my_pwent ();
+	if (NULL == pw) {
+		(void) fprintf (stderr,
+		                _("%s: Cannot determine your user name.\n"),
+		                Prog);
+		SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
+		         (unsigned long) getuid ()));
+		exit (E_NOPERM);
+	}
+	myname = xstrdup (pw->pw_name);
+	if (optind < argc) {
+		name = argv[optind];
+	} else {
+		name = myname;
+	}
+
+	/*
+	 * Make sure that at most one username was specified.
+	 */
+	if (argc > (optind+1)) {
+		usage (E_USAGE);
+	}
+
+	/*
+	 * The -a flag requires -S, no other flags, no username, and
+	 * you must be root.  --marekm
+	 */
+	if (aflg) {
+		if (anyflag || !Sflg || (optind < argc)) {
+			usage (E_USAGE);
+		}
+		if (!amroot) {
+			(void) fprintf (stderr,
+			                _("%s: Permission denied.\n"),
+			                Prog);
+			exit (E_NOPERM);
+		}
+		setpwent ();
+		while ( (pw = getpwent ()) != NULL ) {
+			print_status (pw);
+		}
+		endpwent ();
+		exit (E_SUCCESS);
+	}
+#if 0
+	/*
+	 * Allow certain users (administrators) to change passwords of
+	 * certain users. Not implemented yet. --marekm
+	 */
+	if (may_change_passwd (myname, name))
+		amroot = 1;
+#endif
+
+	/*
+	 * If any of the flags were given, a user name must be supplied on
+	 * the command line. Only an unadorned command line doesn't require
+	 * the user's name be given. Also, -x, -n, -w, -i, -e, -d,
+	 * -l, -u may appear with each other. -S, -k must appear alone.
+	 */
+
+	/*
+	 * -S now ok for normal users (check status of my own account), and
+	 * doesn't require username.  --marekm
+	 */
+	if (anyflag && optind >= argc) {
+		usage (E_USAGE);
+	}
+
+	if (   (Sflg && kflg)
+	    || (anyflag && (Sflg || kflg))) {
+		usage (E_USAGE);
+	}
+
+	if (anyflag && !amroot) {
+		(void) fprintf (stderr, _("%s: Permission denied.\n"), Prog);
+		exit (E_NOPERM);
+	}
+
+	pw = xgetpwnam (name);
+	if (NULL == pw) {
+		(void) fprintf (stderr,
+		                _("%s: user '%s' does not exist\n"),
+		                Prog, name);
+		exit (E_NOPERM);
+	}
+#ifdef WITH_SELINUX
+	/* only do this check when getuid()==0 because it's a pre-condition for
+	   changing a password without entering the old one */
+	if ((is_selinux_enabled() > 0) && (getuid() == 0) &&
+	    (check_selinux_access (name, pw->pw_uid, PASSWD__PASSWD) != 0)) {
+		security_context_t user_context = NULL;
+		const char *user = "Unknown user context";
+		if (getprevcon (&user_context) == 0) {
+			user = user_context; /* FIXME: use context_user_get? */
+		}
+		SYSLOG ((LOG_ALERT,
+		         "%s is not authorized to change the password of %s",
+		         user, name));
+		(void) fprintf(stderr,
+		               _("%s: %s is not authorized to change the password of %s\n"),
+		               Prog, user, name);
+		if (NULL != user_context) {
+			freecon (user_context);
+		}
+		exit (E_NOPERM);
+	}
+#endif				/* WITH_SELINUX */
+
+	/*
+	 * If the UID of the user does not match the current real UID,
+	 * check if I'm root.
+	 */
+	if (!amroot && (pw->pw_uid != getuid ())) {
+		(void) fprintf (stderr,
+		                _("%s: You may not view or modify password information for %s.\n"),
+		                Prog, name);
+		SYSLOG ((LOG_WARN,
+		         "%s: can't view or modify password information for %s",
+		         Prog, name));
+		closelog ();
+		exit (E_NOPERM);
+	}
+
+	if (Sflg) {
+		print_status (pw);
+		exit (E_SUCCESS);
+	}
+#ifndef USE_PAM
+	/*
+	 * The user name is valid, so let's get the shadow file entry.
+	 */
+	sp = getspnam (name); /* !USE_PAM, no need for xgetspnam */
+	if (NULL == sp) {
+		if (errno == EACCES) {
+			(void) fprintf (stderr,
+			                _("%s: Permission denied.\n"),
+			                Prog);
+			exit (E_NOPERM);
+		}
+		sp = pwd_to_spwd (pw);
+	}
+
+	cp = sp->sp_pwdp;
+
+	/*
+	 * If there are no other flags, just change the password.
+	 */
+	if (!anyflag) {
+		STRFCPY (crypt_passwd, cp);
+
+		/*
+		 * See if the user is permitted to change the password. 
+		 * Otherwise, go ahead and set a new password.
+		 */
+		check_password (pw, sp);
+
+		/*
+		 * Let the user know whose password is being changed.
+		 */
+		if (!qflg) {
+			(void) printf (_("Changing password for %s\n"), name);
+		}
+
+		if (new_password (pw) != 0) {
+			(void) fprintf (stderr,
+			                _("The password for %s is unchanged.\n"),
+			                name);
+			closelog ();
+			exit (E_NOPERM);
+		}
+		do_update_pwd = true;
+		do_update_age = true;
+	}
+#endif				/* !USE_PAM */
+	/*
+	 * Before going any further, raise the ulimit to prevent colliding
+	 * into a lowered ulimit, and set the real UID to root to protect
+	 * against unexpected signals. Any keyboard signals are set to be
+	 * ignored.
+	 */
+	pwd_init ();
+
+#ifdef USE_PAM
+	/*
+	 * Don't set the real UID for PAM...
+	 */
+	if (!anyflag) {
+		do_pam_passwd (name, qflg, kflg);
+		exit (E_SUCCESS);
+	}
+#endif				/* USE_PAM */
+	if (setuid (0) != 0) {
+		(void) fputs (_("Cannot change ID to root.\n"), stderr);
+		SYSLOG ((LOG_ERR, "can't setuid(0)"));
+		closelog ();
+		exit (E_NOPERM);
+	}
+	if (spw_file_present ()) {
+		update_shadow ();
+	} else {
+		update_noshadow ();
+	}
+
+	nscd_flush_cache ("passwd");
+	nscd_flush_cache ("group");
+
+	SYSLOG ((LOG_INFO, "password for '%s' changed by '%s'", name, myname));
+	closelog ();
+	if (!qflg) {
+		if (!anyflag) {
+#ifndef USE_PAM
+			(void) printf (_("%s: password changed.\n"), Prog);
+#endif				/* USE_PAM */
+		} else {
+			(void) printf (_("%s: password expiry information changed.\n"), Prog);
+		}
+	}
+
+	return E_SUCCESS;
+}
+
diff --git a/src/pwck.c b/src/pwck.c
new file mode 100644
index 0000000..523135f
--- /dev/null
+++ b/src/pwck.c
@@ -0,0 +1,893 @@
+/*
+ * Copyright (c) 1992 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001       , Michał Moskal
+ * Copyright (c) 2001 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <grp.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <getopt.h>
+#include "chkname.h"
+#include "commonio.h"
+#include "defines.h"
+#include "prototypes.h"
+#include "pwio.h"
+#include "shadowio.h"
+#include "getdef.h"
+#include "nscd.h"
+#ifdef WITH_TCB
+#include "tcbfuncs.h"
+#endif				/* WITH_TCB */
+
+/*
+ * Exit codes
+ */
+/*@-exitarg@*/
+#define	E_OKAY		0
+#define	E_SUCCESS	0
+#define	E_USAGE		1
+#define	E_BADENTRY	2
+#define	E_CANTOPEN	3
+#define	E_CANTLOCK	4
+#define	E_CANTUPDATE	5
+#define	E_CANTSORT	6
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool use_system_pw_file = true;
+static bool use_system_spw_file = true;
+
+static bool is_shadow = false;
+
+static bool spw_opened = false;
+
+static bool pw_locked  = false;
+static bool spw_locked = false;
+
+/* Options */
+static bool read_only = false;
+static bool sort_mode = false;
+static bool quiet = false;		/* don't report warnings, only errors */
+
+/* local function prototypes */
+static void fail_exit (int code);
+static /*@noreturn@*/void usage (int status);
+static void process_flags (int argc, char **argv);
+static void open_files (void);
+static void close_files (bool changed);
+static void check_pw_file (int *errors, bool *changed);
+static void check_spw_file (int *errors, bool *changed);
+
+/*
+ * fail_exit - do some cleanup and exit with the given error code
+ */
+static void fail_exit (int code)
+{
+	if (spw_locked) {
+		if (spw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+			if (use_system_spw_file) {
+				SYSLOG ((LOG_ERR, "failed to unlock %s",
+				         spw_dbname ()));
+			}
+			/* continue */
+		}
+	}
+
+	if (pw_locked) {
+		if (pw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+			if (use_system_pw_file) {
+				SYSLOG ((LOG_ERR, "failed to unlock %s",
+				         pw_dbname ()));
+			}
+			/* continue */
+		}
+	}
+
+	closelog ();
+
+	exit (code);
+}
+/*
+ * usage - print syntax message and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+#ifdef WITH_TCB
+	if (getdef_bool ("USE_TCB")) {
+		(void) fprintf (usageout,
+		                _("Usage: %s [options] [passwd]\n"
+		                  "\n"
+		                  "Options:\n"),
+		                Prog);
+	} else
+#endif				/* WITH_TCB */
+	{
+		(void) fprintf (usageout,
+		                _("Usage: %s [options] [passwd [shadow]]\n"
+		                  "\n"
+		                  "Options:\n"),
+		                Prog);
+	}
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -q, --quiet                   report errors only\n"), usageout);
+	(void) fputs (_("  -r, --read-only               display errors and warnings\n"
+	                "                                but do not change files\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+#ifdef WITH_TCB
+	if (!getdef_bool ("USE_TCB"))
+#endif				/* !WITH_TCB */
+	{
+		(void) fputs (_("  -s, --sort                    sort entries by UID\n"), usageout);
+	}
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ *	It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+	int c;
+	static struct option long_options[] = {
+		{"help",      no_argument,       NULL, 'h'},
+		{"quiet",     no_argument,       NULL, 'q'},
+		{"read-only", no_argument,       NULL, 'r'},
+		{"root",      required_argument, NULL, 'R'},
+		{"sort",      no_argument,       NULL, 's'},
+		{NULL, 0, NULL, '\0'}
+	};
+
+	/*
+	 * Parse the command line arguments
+	 */
+	while ((c = getopt_long (argc, argv, "ehqrR:s",
+	                         long_options, NULL)) != -1) {
+		switch (c) {
+		case 'h':
+			usage (E_SUCCESS);
+			/*@notreached@*/break;
+		case 'e':	/* added for Debian shadow-961025-2 compatibility */
+		case 'q':
+			quiet = true;
+			break;
+		case 'r':
+			read_only = true;
+			break;
+		case 'R': /* no-op, handled in process_root_flag () */
+			break;
+		case 's':
+			sort_mode = true;
+			break;
+		default:
+			usage (E_USAGE);
+		}
+	}
+
+	if (sort_mode && read_only) {
+		fprintf (stderr, _("%s: -s and -r are incompatible\n"), Prog);
+		exit (E_USAGE);
+	}
+
+	/*
+	 * Make certain we have the right number of arguments
+	 */
+	if (argc > (optind + 2)) {
+		usage (E_USAGE);
+	}
+
+	/*
+	 * If there are two left over filenames, use those as the password
+	 * and shadow password filenames.
+	 */
+	if (optind != argc) {
+		pw_setdbname (argv[optind]);
+		use_system_pw_file = false;
+	}
+	if ((optind + 2) == argc) {
+#ifdef WITH_TCB
+		if (getdef_bool ("USE_TCB")) {
+			fprintf (stderr,
+			         _("%s: no alternative shadow file allowed when USE_TCB is enabled.\n"),
+			         Prog);
+			usage (E_USAGE);
+		}
+#endif				/* WITH_TCB */
+		spw_setdbname (argv[optind + 1]);
+		is_shadow = true;
+		use_system_spw_file = false;
+	} else if (optind == argc) {
+		is_shadow = spw_file_present ();
+	}
+}
+
+/*
+ * open_files - open the shadow database
+ *
+ *	In read-only mode, the databases are not locked and are opened
+ *	only for reading.
+ */
+static void open_files (void)
+{
+	bool use_tcb = false;
+#ifdef WITH_TCB
+	use_tcb = getdef_bool ("USE_TCB");
+#endif				/* WITH_TCB */
+
+	/*
+	 * Lock the files if we aren't in "read-only" mode
+	 */
+	if (!read_only) {
+		if (pw_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, pw_dbname ());
+			fail_exit (E_CANTLOCK);
+		}
+		pw_locked = true;
+		if (is_shadow && !use_tcb) {
+			if (spw_lock () == 0) {
+				fprintf (stderr,
+				         _("%s: cannot lock %s; try again later.\n"),
+				         Prog, spw_dbname ());
+				fail_exit (E_CANTLOCK);
+			}
+			spw_locked = true;
+		}
+	}
+
+	/*
+	 * Open the files. Use O_RDONLY if we are in read_only mode, O_RDWR
+	 * otherwise.
+	 */
+	if (pw_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr, _("%s: cannot open %s\n"),
+		         Prog, pw_dbname ());
+		if (use_system_pw_file) {
+			SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ()));
+		}
+		fail_exit (E_CANTOPEN);
+	}
+	if (is_shadow && !use_tcb) {
+		if (spw_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr, _("%s: cannot open %s\n"),
+			         Prog, spw_dbname ());
+			if (use_system_spw_file) {
+				SYSLOG ((LOG_WARN, "cannot open %s",
+				         spw_dbname ()));
+			}
+			fail_exit (E_CANTOPEN);
+		}
+		spw_opened = true;
+	}
+}
+
+/*
+ * close_files - close and unlock the password/shadow databases
+ *
+ *	If changed is not set, the databases are not closed, and no
+ *	changes are committed in the databases. The databases are
+ *	unlocked anyway.
+ */
+static void close_files (bool changed)
+{
+	/*
+	 * All done. If there were no change we can just abandon any
+	 * changes to the files.
+	 */
+	if (changed) {
+		if (pw_close () == 0) {
+			fprintf (stderr,
+			         _("%s: failure while writing changes to %s\n"),
+			         Prog, pw_dbname ());
+			if (use_system_pw_file) {
+				SYSLOG ((LOG_ERR,
+				         "failure while writing changes to %s",
+				         pw_dbname ()));
+			}
+			fail_exit (E_CANTUPDATE);
+		}
+		if (spw_opened && (spw_close () == 0)) {
+			fprintf (stderr,
+			         _("%s: failure while writing changes to %s\n"),
+			         Prog, spw_dbname ());
+			if (use_system_spw_file) {
+				SYSLOG ((LOG_ERR,
+				         "failure while writing changes to %s",
+				         spw_dbname ()));
+			}
+			fail_exit (E_CANTUPDATE);
+		}
+		spw_opened = false;
+	}
+
+	/*
+	 * Don't be anti-social - unlock the files when you're done.
+	 */
+	if (spw_locked) {
+		if (spw_unlock () == 0) {
+			fprintf (stderr,
+			         _("%s: failed to unlock %s\n"),
+			         Prog, spw_dbname ());
+			if (use_system_spw_file) {
+				SYSLOG ((LOG_ERR, "failed to unlock %s",
+				         spw_dbname ()));
+			}
+			/* continue */
+		}
+	}
+	spw_locked = false;
+	if (pw_locked) {
+		if (pw_unlock () == 0) {
+			fprintf (stderr,
+			         _("%s: failed to unlock %s\n"),
+			         Prog, pw_dbname ());
+			if (use_system_pw_file) {
+				SYSLOG ((LOG_ERR, "failed to unlock %s",
+				         pw_dbname ()));
+			}
+			/* continue */
+		}
+	}
+	pw_locked = false;
+}
+
+/*
+ * check_pw_file - check the content of the passwd file
+ */
+static void check_pw_file (int *errors, bool *changed)
+{
+	struct commonio_entry *pfe, *tpfe;
+	struct passwd *pwd;
+	struct spwd *spw;
+
+	/*
+	 * Loop through the entire password file.
+	 */
+	for (pfe = __pw_get_head (); NULL != pfe; pfe = pfe->next) {
+		/*
+		 * If this is a NIS line, skip it. You can't "know" what NIS
+		 * is going to do without directly asking NIS ...
+		 */
+		if (('+' == pfe->line[0]) || ('-' == pfe->line[0])) {
+			continue;
+		}
+
+		/*
+		 * Start with the entries that are completely corrupt.  They
+		 * have no (struct passwd) entry because they couldn't be
+		 * parsed properly.
+		 */
+		if (NULL == pfe->eptr) {
+			/*
+			 * Tell the user this entire line is bogus and ask
+			 * them to delete it.
+			 */
+			puts (_("invalid password file entry"));
+			printf (_("delete line '%s'? "), pfe->line);
+			*errors += 1;
+
+			/*
+			 * prompt the user to delete the entry or not
+			 */
+			if (!yes_or_no (read_only)) {
+				continue;
+			}
+
+			/*
+			 * All password file deletions wind up here. This
+			 * code removes the current entry from the linked
+			 * list. When done, it skips back to the top of the
+			 * loop to try out the next list element.
+			 */
+		      delete_pw:
+			if (use_system_pw_file) {
+				SYSLOG ((LOG_INFO, "delete passwd line '%s'",
+				         pfe->line));
+			}
+			*changed = true;
+
+			__pw_del_entry (pfe);
+			continue;
+		}
+
+		/*
+		 * Password structure is good, start using it.
+		 */
+		pwd = pfe->eptr;
+
+		/*
+		 * Make sure this entry has a unique name.
+		 */
+		for (tpfe = __pw_get_head (); NULL != tpfe; tpfe = tpfe->next) {
+			const struct passwd *ent = tpfe->eptr;
+
+			/*
+			 * Don't check this entry
+			 */
+			if (tpfe == pfe) {
+				continue;
+			}
+
+			/*
+			 * Don't check invalid entries.
+			 */
+			if (NULL == ent) {
+				continue;
+			}
+
+			if (strcmp (pwd->pw_name, ent->pw_name) != 0) {
+				continue;
+			}
+
+			/*
+			 * Tell the user this entry is a duplicate of
+			 * another and ask them to delete it.
+			 */
+			puts (_("duplicate password entry"));
+			printf (_("delete line '%s'? "), pfe->line);
+			*errors += 1;
+
+			/*
+			 * prompt the user to delete the entry or not
+			 */
+			if (yes_or_no (read_only)) {
+				goto delete_pw;
+			}
+		}
+
+		/*
+		 * Check for invalid usernames.  --marekm
+		 */
+		if (!is_valid_user_name (pwd->pw_name)) {
+			printf (_("invalid user name '%s'\n"), pwd->pw_name);
+			*errors += 1;
+		}
+
+		/*
+		 * Check for invalid user ID.
+		 */
+		if (pwd->pw_uid == (uid_t)-1) {
+			printf (_("invalid user ID '%lu'\n"), (long unsigned int)pwd->pw_uid);
+			*errors += 1;
+		}
+
+		/*
+		 * Make sure the primary group exists
+		 */
+		/* local, no need for xgetgrgid */
+		if (!quiet && (NULL == getgrgid (pwd->pw_gid))) {
+
+			/*
+			 * No primary group, just give a warning
+			 */
+
+			printf (_("user '%s': no group %lu\n"),
+			        pwd->pw_name, (unsigned long) pwd->pw_gid);
+			*errors += 1;
+		}
+
+		/*
+		 * Make sure the home directory exists
+		 */
+		if (!quiet && (access (pwd->pw_dir, F_OK) != 0)) {
+			/*
+			 * Home directory doesn't exist, give a warning
+			 */
+			printf (_("user '%s': directory '%s' does not exist\n"),
+			        pwd->pw_name, pwd->pw_dir);
+			*errors += 1;
+		}
+
+		/*
+		 * Make sure the login shell is executable
+		 */
+		if (   !quiet
+		    && ('\0' != pwd->pw_shell[0])
+		    && (access (pwd->pw_shell, F_OK) != 0)) {
+
+			/*
+			 * Login shell doesn't exist, give a warning
+			 */
+			printf (_("user '%s': program '%s' does not exist\n"),
+			        pwd->pw_name, pwd->pw_shell);
+			*errors += 1;
+		}
+
+		/*
+		 * Make sure this entry exists in the /etc/shadow file.
+		 */
+
+		if (is_shadow) {
+#ifdef WITH_TCB
+			if (getdef_bool ("USE_TCB")) {
+				if (shadowtcb_set_user (pwd->pw_name) == SHADOWTCB_FAILURE) {
+					printf (_("no tcb directory for %s\n"),
+					        pwd->pw_name);
+					printf (_("create tcb directory for %s?"),
+					        pwd->pw_name);
+					*errors += 1;
+					if (yes_or_no (read_only)) {
+						if (shadowtcb_create (pwd->pw_name, pwd->pw_uid) == SHADOWTCB_FAILURE) {
+							*errors += 1;
+							printf (_("failed to create tcb directory for %s\n"), pwd->pw_name);
+							continue;
+						}
+					} else {
+						continue;
+					}
+				}
+				if (spw_lock () == 0) {
+					*errors += 1;
+					fprintf (stderr,
+					         _("%s: cannot lock %s.\n"),
+					         Prog, spw_dbname ());
+					continue;
+				}
+				spw_locked = true;
+				if (spw_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
+					fprintf (stderr,
+					         _("%s: cannot open %s\n"),
+					         Prog, spw_dbname ());
+					*errors += 1;
+					if (spw_unlock () == 0) {
+						fprintf (stderr,
+						         _("%s: failed to unlock %s\n"),
+						         Prog, spw_dbname ());
+						if (use_system_spw_file) {
+							SYSLOG ((LOG_ERR,
+							         "failed to unlock %s",
+							         spw_dbname ()));
+						}
+					}
+					continue;
+				}
+				spw_opened = true;
+			}
+#endif				/* WITH_TCB */
+			spw = (struct spwd *) spw_locate (pwd->pw_name);
+			if (NULL == spw) {
+				printf (_("no matching password file entry in %s\n"),
+				        spw_dbname ());
+				printf (_("add user '%s' in %s? "),
+				        pwd->pw_name, spw_dbname ());
+				*errors += 1;
+				if (yes_or_no (read_only)) {
+					struct spwd sp;
+					struct passwd pw;
+
+					sp.sp_namp   = pwd->pw_name;
+					sp.sp_pwdp   = pwd->pw_passwd;
+					sp.sp_min    =
+					    getdef_num ("PASS_MIN_DAYS", -1);
+					sp.sp_max    =
+					    getdef_num ("PASS_MAX_DAYS", -1);
+					sp.sp_warn   =
+					    getdef_num ("PASS_WARN_AGE", -1);
+					sp.sp_inact  = -1;
+					sp.sp_expire = -1;
+					sp.sp_flag   = SHADOW_SP_FLAG_UNSET;
+					sp.sp_lstchg = (long) time ((time_t *) 0) / SCALE;
+					if (0 == sp.sp_lstchg) {
+						/* Better disable aging than
+						 * requiring a password change
+						 */
+						sp.sp_lstchg = -1;
+					}
+					*changed = true;
+
+					if (spw_update (&sp) == 0) {
+						fprintf (stderr,
+						         _("%s: failed to prepare the new %s entry '%s'\n"),
+						         Prog, spw_dbname (), sp.sp_namp);
+						fail_exit (E_CANTUPDATE);
+					}
+					/* remove password from /etc/passwd */
+					pw = *pwd;
+					pw.pw_passwd = SHADOW_PASSWD_STRING;	/* XXX warning: const */
+					if (pw_update (&pw) == 0) {
+						fprintf (stderr,
+						         _("%s: failed to prepare the new %s entry '%s'\n"),
+						         Prog, pw_dbname (), pw.pw_name);
+						fail_exit (E_CANTUPDATE);
+					}
+				}
+			} else {
+				/* The passwd entry has a shadow counterpart.
+				 * Make sure no passwords are in passwd.
+				 */
+				if (   !quiet
+				    && (strcmp (pwd->pw_passwd,
+				                SHADOW_PASSWD_STRING) != 0)) {
+					printf (_("user %s has an entry in %s, but its password field in %s is not set to 'x'\n"),
+					        pwd->pw_name, spw_dbname (), pw_dbname ());
+					*errors += 1;
+				}
+			}
+		}
+#ifdef WITH_TCB
+		if (getdef_bool ("USE_TCB") && spw_locked) {
+			if (spw_opened && (spw_close () == 0)) {
+				fprintf (stderr,
+				         _("%s: failure while writing changes to %s\n"),
+				         Prog, spw_dbname ());
+				if (use_system_spw_file) {
+					SYSLOG ((LOG_ERR,
+					         "failure while writing changes to %s",
+					         spw_dbname ()));
+				}
+			} else {
+				spw_opened = false;
+			}
+			if (spw_unlock () == 0) {
+				fprintf (stderr,
+				         _("%s: failed to unlock %s\n"),
+				         Prog, spw_dbname ());
+				if (use_system_spw_file) {
+					SYSLOG ((LOG_ERR, "failed to unlock %s",
+					         spw_dbname ()));
+				}
+			} else {
+				spw_locked = false;
+			}
+		}
+#endif				/* WITH_TCB */
+	}
+}
+
+/*
+ * check_spw_file - check the content of the shadowed password file (shadow)
+ */
+static void check_spw_file (int *errors, bool *changed)
+{
+	struct commonio_entry *spe, *tspe;
+	struct spwd *spw;
+
+	/*
+	 * Loop through the entire shadow password file.
+	 */
+	for (spe = __spw_get_head (); NULL != spe; spe = spe->next) {
+		/*
+		 * Do not treat lines which were missing in shadow
+		 * and were added earlier.
+		 */
+		if (NULL == spe->line) {
+			continue;
+		}
+
+		/*
+		 * If this is a NIS line, skip it. You can't "know" what NIS
+		 * is going to do without directly asking NIS ...
+		 */
+		if (('+' == spe->line[0]) || ('-' == spe->line[0])) {
+			continue;
+		}
+
+		/*
+		 * Start with the entries that are completely corrupt. They
+		 * have no (struct spwd) entry because they couldn't be
+		 * parsed properly.
+		 */
+		if (NULL == spe->eptr) {
+			/*
+			 * Tell the user this entire line is bogus and ask
+			 * them to delete it.
+			 */
+			puts (_("invalid shadow password file entry"));
+			printf (_("delete line '%s'? "), spe->line);
+			*errors += 1;
+
+			/*
+			 * prompt the user to delete the entry or not
+			 */
+			if (!yes_or_no (read_only)) {
+				continue;
+			}
+
+			/*
+			 * All shadow file deletions wind up here. This code
+			 * removes the current entry from the linked list.
+			 * When done, it skips back to the top of the loop
+			 * to try out the next list element.
+			 */
+		      delete_spw:
+			if (use_system_spw_file) {
+				SYSLOG ((LOG_INFO, "delete shadow line '%s'",
+				         spe->line));
+			}
+			*changed = true;
+
+			__spw_del_entry (spe);
+			continue;
+		}
+
+		/*
+		 * Shadow password structure is good, start using it.
+		 */
+		spw = spe->eptr;
+
+		/*
+		 * Make sure this entry has a unique name.
+		 */
+		for (tspe = __spw_get_head (); NULL != tspe; tspe = tspe->next) {
+			const struct spwd *ent = tspe->eptr;
+
+			/*
+			 * Don't check this entry
+			 */
+			if (tspe == spe) {
+				continue;
+			}
+
+			/*
+			 * Don't check invalid entries.
+			 */
+			if (NULL == ent) {
+				continue;
+			}
+
+			if (strcmp (spw->sp_namp, ent->sp_namp) != 0) {
+				continue;
+			}
+
+			/*
+			 * Tell the user this entry is a duplicate of
+			 * another and ask them to delete it.
+			 */
+			puts (_("duplicate shadow password entry"));
+			printf (_("delete line '%s'? "), spe->line);
+			*errors += 1;
+
+			/*
+			 * prompt the user to delete the entry or not
+			 */
+			if (yes_or_no (read_only)) {
+				goto delete_spw;
+			}
+		}
+
+		/*
+		 * Make sure this entry exists in the /etc/passwd
+		 * file.
+		 */
+		if (pw_locate (spw->sp_namp) == NULL) {
+			/*
+			 * Tell the user this entry has no matching
+			 * /etc/passwd entry and ask them to delete it.
+			 */
+			printf (_("no matching password file entry in %s\n"),
+			        pw_dbname ());
+			printf (_("delete line '%s'? "), spe->line);
+			*errors += 1;
+
+			/*
+			 * prompt the user to delete the entry or not
+			 */
+			if (yes_or_no (read_only)) {
+				goto delete_spw;
+			}
+		}
+
+		/*
+		 * Warn if last password change in the future.  --marekm
+		 */
+		if (!quiet) {
+			time_t t = time ((time_t *) 0);
+			if (   (t != 0)
+			    && (spw->sp_lstchg > (long) t / SCALE)) {
+				printf (_("user %s: last password change in the future\n"),
+			                spw->sp_namp);
+				*errors += 1;
+			}
+		}
+	}
+}
+
+/*
+ * pwck - verify password file integrity
+ */
+int main (int argc, char **argv)
+{
+	int errors = 0;
+	bool changed = false;
+
+	/*
+	 * Get my name so that I can use it to report errors.
+	 */
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	OPENLOG ("pwck");
+
+	/* Parse the command line arguments */
+	process_flags (argc, argv);
+
+	open_files ();
+
+	if (sort_mode) {
+		if (pw_sort () != 0) {
+			fprintf (stderr,
+			         _("%s: cannot sort entries in %s\n"),
+			         Prog, pw_dbname ());
+			fail_exit (E_CANTSORT);
+		}
+		if (is_shadow) {
+			if (spw_sort () != 0) {
+				fprintf (stderr,
+				         _("%s: cannot sort entries in %s\n"),
+				         Prog, spw_dbname ());
+				fail_exit (E_CANTSORT);
+			}
+		}
+		changed = true;
+	} else {
+		check_pw_file (&errors, &changed);
+
+		if (is_shadow) {
+			check_spw_file (&errors, &changed);
+		}
+	}
+
+	close_files (changed);
+
+	nscd_flush_cache ("passwd");
+
+	/*
+	 * Tell the user what we did and exit.
+	 */
+	if (0 != errors) {
+		printf (changed ?
+		        _("%s: the files have been updated\n") :
+		        _("%s: no changes\n"), Prog);
+	}
+
+	closelog ();
+	return ((0 != errors) ? E_BADENTRY : E_OKAY);
+}
+
diff --git a/src/pwconv.c b/src/pwconv.c
new file mode 100644
index 0000000..e2d61f8
--- /dev/null
+++ b/src/pwconv.c
@@ -0,0 +1,333 @@
+/*
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2009 - 2012, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * pwconv - create or update /etc/shadow with information from
+ * /etc/passwd.
+ *
+ * It is more like SysV pwconv, slightly different from the original Shadow
+ * pwconv. Depends on "x" as password in /etc/passwd which means that the
+ * password has already been moved to /etc/shadow. There is no need to move
+ * /etc/npasswd to /etc/passwd, password files are updated using library
+ * routines with proper locking.
+ *
+ * Can be used to update /etc/shadow after adding/deleting users by editing
+ * /etc/passwd. There is no man page yet, but this program should be close
+ * to pwconv(1M) on Solaris 2.x.
+ *
+ * Warning: make sure that all users have "x" as the password in /etc/passwd
+ * before running this program for the first time on a system which already
+ * has shadow passwords. Anything else (like "*" from old versions of the
+ * shadow suite) will replace the user's encrypted password in /etc/shadow.
+ *
+ * Doesn't currently support pw_age information in /etc/passwd, and doesn't
+ * support DBM files. Add it if you need it...
+ *
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <errno.h>
+#include <fcntl.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <unistd.h>
+#include <getopt.h>
+#include "defines.h"
+#include "getdef.h"
+#include "prototypes.h"
+#include "pwio.h"
+#include "shadowio.h"
+#include "nscd.h"
+
+/*
+ * exit status values
+ */
+/*@-exitarg@*/
+#define E_SUCCESS	0	/* success */
+#define E_NOPERM	1	/* permission denied */
+#define E_USAGE		2	/* invalid command syntax */
+#define E_FAILURE	3	/* unexpected failure, nothing done */
+#define E_MISSING	4	/* unexpected failure, passwd file missing */
+#define E_PWDBUSY	5	/* passwd file(s) busy */
+#define E_BADENTRY	6	/* bad shadow entry */
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool spw_locked = false;
+static bool pw_locked = false;
+
+/* local function prototypes */
+static void fail_exit (int status);
+static void usage (int status);
+static void process_flags (int argc, char **argv);
+
+static void fail_exit (int status)
+{
+	if (pw_locked) {
+		if (pw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+			/* continue */
+		}
+	}
+
+	if (spw_locked) {
+		if (spw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+			/* continue */
+		}
+	}
+
+	exit (status);
+}
+
+static void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ *	It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+	/*
+	 * Parse the command line options.
+	 */
+	int c;
+	static struct option long_options[] = {
+		{"help", no_argument,       NULL, 'h'},
+		{"root", required_argument, NULL, 'R'},
+		{NULL, 0, NULL, '\0'}
+	};
+
+	while ((c = getopt_long (argc, argv, "hR:",
+	                         long_options, NULL)) != -1) {
+		switch (c) {
+		case 'h':
+			usage (E_SUCCESS);
+			/*@notreached@*/break;
+		case 'R': /* no-op, handled in process_root_flag () */
+			break;
+		default:
+			usage (E_USAGE);
+		}
+	}
+
+	if (optind != argc) {
+		usage (E_USAGE);
+	}
+}
+
+int main (int argc, char **argv)
+{
+	const struct passwd *pw;
+	struct passwd pwent;
+	const struct spwd *sp;
+	struct spwd spent;
+
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	OPENLOG ("pwconv");
+
+	process_flags (argc, argv);
+
+#ifdef WITH_TCB
+	if (getdef_bool("USE_TCB")) {
+		fprintf (stderr, _("%s: can't work with tcb enabled\n"), Prog);
+		exit (E_FAILURE);
+	}
+#endif				/* WITH_TCB */
+
+	if (pw_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, pw_dbname ());
+		fail_exit (E_PWDBUSY);
+	}
+	pw_locked = true;
+	if (pw_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot open %s\n"), Prog, pw_dbname ());
+		fail_exit (E_MISSING);
+	}
+
+	if (spw_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, spw_dbname ());
+		fail_exit (E_PWDBUSY);
+	}
+	spw_locked = true;
+	if (spw_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot open %s\n"), Prog, spw_dbname ());
+		fail_exit (E_FAILURE);
+	}
+
+	/*
+	 * Remove /etc/shadow entries for users not in /etc/passwd.
+	 */
+	(void) spw_rewind ();
+	while ((sp = spw_next ()) != NULL) {
+		if (pw_locate (sp->sp_namp) != NULL) {
+			continue;
+		}
+
+		if (spw_remove (sp->sp_namp) == 0) {
+			/*
+			 * This shouldn't happen (the entry exists) but...
+			 */
+			fprintf (stderr,
+			         _("%s: cannot remove entry '%s' from %s\n"),
+			         Prog, sp->sp_namp, spw_dbname ());
+			fail_exit (E_FAILURE);
+		}
+	}
+
+	/*
+	 * Update shadow entries which don't have "x" as pw_passwd. Add any
+	 * missing shadow entries.
+	 */
+	(void) pw_rewind ();
+	while ((pw = pw_next ()) != NULL) {
+		sp = spw_locate (pw->pw_name);
+		if (NULL != sp) {
+			/* do we need to update this entry? */
+			if (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) == 0) {
+				continue;
+			}
+			/* update existing shadow entry */
+			spent = *sp;
+		} else {
+			/* add new shadow entry */
+			memset (&spent, 0, sizeof spent);
+			spent.sp_namp   = pw->pw_name;
+			spent.sp_min    = getdef_num ("PASS_MIN_DAYS", -1);
+			spent.sp_max    = getdef_num ("PASS_MAX_DAYS", -1);
+			spent.sp_warn   = getdef_num ("PASS_WARN_AGE", -1);
+			spent.sp_inact  = -1;
+			spent.sp_expire = -1;
+			spent.sp_flag   = SHADOW_SP_FLAG_UNSET;
+		}
+		spent.sp_pwdp = pw->pw_passwd;
+		spent.sp_lstchg = (long) time ((time_t *) 0) / SCALE;
+		if (0 == spent.sp_lstchg) {
+			/* Better disable aging than requiring a password
+			 * change */
+			spent.sp_lstchg = -1;
+		}
+		if (spw_update (&spent) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, spw_dbname (), spent.sp_namp);
+			fail_exit (E_FAILURE);
+		}
+
+		/* remove password from /etc/passwd */
+		pwent = *pw;
+		pwent.pw_passwd = SHADOW_PASSWD_STRING;	/* XXX warning: const */
+		if (pw_update (&pwent) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, pw_dbname (), pwent.pw_name);
+			fail_exit (E_FAILURE);
+		}
+	}
+
+	if (spw_close () == 0) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"),
+		         Prog, spw_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
+		fail_exit (E_FAILURE);
+	}
+	if (pw_close () == 0) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"),
+		         Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+		fail_exit (E_FAILURE);
+	}
+
+	/* /etc/passwd- (backup file) */
+	errno = 0;
+	if ((chmod (PASSWD_FILE "-", 0600) != 0) && (errno != ENOENT)) {
+		fprintf (stderr,
+		         _("%s: failed to change the mode of %s to 0600\n"),
+		         Prog, PASSWD_FILE "-");
+		SYSLOG ((LOG_ERR, "failed to change the mode of %s to 0600", PASSWD_FILE "-"));
+		/* continue */
+	}
+
+	if (pw_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+		/* continue */
+	}
+
+	if (spw_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+		/* continue */
+	}
+
+	nscd_flush_cache ("passwd");
+
+	return E_SUCCESS;
+}
+
diff --git a/src/pwunconv.c b/src/pwunconv.c
new file mode 100644
index 0000000..fabf023
--- /dev/null
+++ b/src/pwunconv.c
@@ -0,0 +1,256 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2001 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2008 - 2012, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <getopt.h>
+#include "defines.h"
+#include "nscd.h"
+#include "prototypes.h"
+#include "pwio.h"
+#include "shadowio.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static bool spw_locked = false;
+static bool pw_locked = false;
+
+/* local function prototypes */
+static void fail_exit (int status);
+static void usage (int status);
+static void process_flags (int argc, char **argv);
+
+static void fail_exit (int status)
+{
+	if (spw_locked) {
+		if (spw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+			/* continue */
+		}
+	}
+	if (pw_locked) {
+		if (pw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+			/* continue */
+		}
+	}
+	exit (status);
+}
+
+static void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+/*
+ * process_flags - parse the command line options
+ *
+ *	It will not return if an error is encountered.
+ */
+static void process_flags (int argc, char **argv)
+{
+	/*
+	 * Parse the command line options.
+	 */
+	int c;
+	static struct option long_options[] = {
+		{"help", no_argument,       NULL, 'h'},
+		{"root", required_argument, NULL, 'R'},
+		{NULL, 0, NULL, '\0'}
+	};
+
+	while ((c = getopt_long (argc, argv, "hR:",
+	                         long_options, NULL)) != -1) {
+		switch (c) {
+		case 'h':
+			usage (E_SUCCESS);
+			/*@notreached@*/break;
+		case 'R': /* no-op, handled in process_root_flag () */
+			break;
+		default:
+			usage (E_USAGE);
+		}
+	}
+
+	if (optind != argc) {
+		usage (E_USAGE);
+	}
+}
+
+int main (int argc, char **argv)
+{
+	const struct passwd *pw;
+	struct passwd pwent;
+	const struct spwd *spwd;
+
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	OPENLOG ("pwunconv");
+
+	process_flags (argc, argv);
+
+#ifdef WITH_TCB
+	if (getdef_bool("USE_TCB")) {
+		fprintf (stderr, _("%s: can't work with tcb enabled\n"), Prog);
+		exit (1);
+	}
+#endif				/* WITH_TCB */
+
+	if (!spw_file_present ()) {
+		/* shadow not installed, do nothing */
+		exit (0);
+	}
+
+	if (pw_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, pw_dbname ());
+		fail_exit (5);
+	}
+	pw_locked = true;
+	if (pw_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot open %s\n"),
+		         Prog, pw_dbname ());
+		fail_exit (1);
+	}
+
+	if (spw_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, spw_dbname ());
+		fail_exit (5);
+	}
+	spw_locked = true;
+	if (spw_open (O_RDONLY) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot open %s\n"),
+		         Prog, spw_dbname ());
+		fail_exit (1);
+	}
+
+	(void) pw_rewind ();
+	while ((pw = pw_next ()) != NULL) {
+		spwd = spw_locate (pw->pw_name);
+		if (NULL == spwd) {
+			continue;
+		}
+
+		pwent = *pw;
+
+		/*
+		 * Update password if non-shadow is "x".
+		 */
+		if (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) == 0) {
+			pwent.pw_passwd = spwd->sp_pwdp;
+		}
+
+		/*
+		 * Password aging works differently in the two different
+		 * systems. With shadow password files you apparently must
+		 * have some aging information. The maxweeks or minweeks
+		 * may not map exactly. In pwconv we set max == 10000,
+		 * which is about 30 years. Here we have to undo that
+		 * kludge. So, if maxdays == 10000, no aging information is
+		 * put into the new file. Otherwise, the days are converted
+		 * to weeks and so on.
+		 */
+		if (pw_update (&pwent) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, pw_dbname (), pwent.pw_name);
+			fail_exit (3);
+		}
+	}
+
+	(void) spw_close (); /* was only open O_RDONLY */
+
+	if (pw_close () == 0) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"),
+		         Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+		fail_exit (3);
+	}
+
+	if (unlink (SHADOW) != 0) {
+		fprintf (stderr,
+			 _("%s: cannot delete %s\n"), Prog, SHADOW);
+		SYSLOG ((LOG_ERR, "cannot delete %s", SHADOW));
+		fail_exit (3);
+	}
+
+	if (spw_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+		/* continue */
+	}
+	if (pw_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+		/* continue */
+	}
+
+	nscd_flush_cache ("passwd");
+
+	return 0;
+}
+
diff --git a/src/su.c b/src/su.c
new file mode 100644
index 0000000..974048e
--- /dev/null
+++ b/src/su.c
@@ -0,0 +1,1222 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2013, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* Some parts substantially derived from an ancestor of:
+   su for GNU.  Run a shell with substitute user and group IDs.
+
+   Copyright (C) 1992-2003 Free Software Foundation, Inc.
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2, or (at your option)
+   any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin Street, Fifth Floor,
+   Boston, MA 02110-1301, USA.  */
+
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <getopt.h>
+#include <grp.h>
+#include <pwd.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <unistd.h>
+#ifndef USE_PAM
+#include <sys/ioctl.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#endif				/* !USE_PAM */
+#include "prototypes.h"
+#include "defines.h"
+#include "pwauth.h"
+#include "getdef.h"
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif				/* USE_PAM */
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+static /*@observer@*/const char *caller_tty = NULL;	/* Name of tty SU is run from */
+static bool caller_is_root = false;
+static uid_t caller_uid;
+#ifndef USE_PAM
+static bool caller_on_console = false;
+#ifdef SU_ACCESS
+static /*@only@*/char *caller_pass;
+#endif
+#endif				/* !USE_PAM */
+static bool doshell = false;
+static bool fakelogin = false;
+static /*@observer@*/const char *shellstr;
+static /*@null@*/char *command = NULL;
+
+
+/* not needed by sulog.c anymore */
+static char name[BUFSIZ];
+static char caller_name[BUFSIZ];
+
+/* If nonzero, change some environment vars to indicate the user su'd to. */
+static bool change_environment = true;
+
+#ifdef USE_PAM
+static char kill_msg[256];
+static char wait_msg[256];
+static pam_handle_t *pamh = NULL;
+static int caught = 0;
+/* PID of the child, in case it needs to be killed */
+static pid_t pid_child = 0;
+#endif
+
+/*
+ * External identifiers
+ */
+
+extern char **newenvp; /* libmisc/env.c */
+extern size_t newenvc; /* libmisc/env.c */
+
+/* local function prototypes */
+
+static void execve_shell (const char *shellname,
+                          char *args[],
+                          char *const envp[]);
+#ifdef USE_PAM
+static RETSIGTYPE kill_child (int unused(s));
+static void prepare_pam_close_session (void);
+#else				/* !USE_PAM */
+static RETSIGTYPE die (int);
+static bool iswheel (const char *);
+#endif				/* !USE_PAM */
+static bool restricted_shell (const char *shellname);
+static /*@noreturn@*/void su_failure (const char *tty, bool su_to_root);
+static /*@only@*/struct passwd * check_perms (void);
+#ifdef USE_PAM
+static void check_perms_pam (const struct passwd *pw);
+#else				/* !USE_PAM */
+static void check_perms_nopam (const struct passwd *pw);
+#endif				/* !USE_PAM */
+static void save_caller_context (char **argv);
+static void process_flags (int argc, char **argv);
+static void set_environment (struct passwd *pw);
+
+#ifndef USE_PAM
+/*
+ * die - set or reset termio modes.
+ *
+ *	die() is called before processing begins. signal() is then called
+ *	with die() as the signal handler. If signal later calls die() with a
+ *	signal number, the terminal modes are then reset.
+ */
+static RETSIGTYPE die (int killed)
+{
+	static TERMIO sgtty;
+
+	if (killed != 0) {
+		STTY (0, &sgtty);
+	} else {
+		GTTY (0, &sgtty);
+	}
+
+	if (killed != 0) {
+		_exit (128+killed);
+	}
+}
+
+static bool iswheel (const char *username)
+{
+	struct group *grp;
+
+	grp = getgrnam ("wheel"); /* !USE_PAM, no need for xgetgrnam */
+	if (   (NULL ==grp)
+	    || (NULL == grp->gr_mem)) {
+		return false;
+	}
+	return is_on_list (grp->gr_mem, username);
+}
+#else				/* USE_PAM */
+static RETSIGTYPE kill_child (int unused(s))
+{
+	if (0 != pid_child) {
+		(void) kill (-pid_child, SIGKILL);
+		(void) write (STDERR_FILENO, kill_msg, strlen (kill_msg));
+	} else {
+		(void) write (STDERR_FILENO, wait_msg, strlen (wait_msg));
+	}
+	_exit (255);
+}
+#endif				/* USE_PAM */
+
+/* borrowed from GNU sh-utils' "su.c" */
+static bool restricted_shell (const char *shellname)
+{
+	/*@observer@*/const char *line;
+
+	setusershell ();
+	while ((line = getusershell ()) != NULL) {
+		if (('#' != *line) && (strcmp (line, shellname) == 0)) {
+			endusershell ();
+			return false;
+		}
+	}
+	endusershell ();
+	return true;
+}
+
+static /*@noreturn@*/void su_failure (const char *tty, bool su_to_root)
+{
+	sulog (tty, false, caller_name, name);	/* log failed attempt */
+#ifdef USE_SYSLOG
+	if (getdef_bool ("SYSLOG_SU_ENAB")) {
+		SYSLOG ((su_to_root ? LOG_NOTICE : LOG_INFO,
+		         "- %s %s:%s", tty,
+		         ('\0' != caller_name[0]) ? caller_name : "???",
+		         ('\0' != name[0]) ? name : "???"));
+	}
+	closelog ();
+#endif
+
+#ifdef WITH_AUDIT
+	audit_fd = audit_open ();
+	audit_log_acct_message (audit_fd,
+				AUDIT_USER_ROLE_CHANGE,
+				NULL,    /* Prog. name */
+				"su",
+				('\0' != caller_name[0]) ? caller_name : "???",
+				AUDIT_NO_ID,
+				"localhost",
+				NULL,    /* addr */
+				tty,
+				0);      /* result */
+	close (audit_fd);
+#endif				/* WITH_AUDIT */
+
+	exit (1);
+}
+
+/*
+ * execve_shell - Execute a shell with execve, or interpret it with
+ * /bin/sh
+ */
+static void execve_shell (const char *shellname,
+                          char *args[],
+                          char *const envp[])
+{
+	int err;
+	(void) execve (shellname, (char **) args, envp);
+	err = errno;
+
+	if (access (shellname, R_OK|X_OK) == 0) {
+		/*
+		 * Assume this is a shell script (with no shebang).
+		 * Interpret it with /bin/sh
+		 */
+		size_t n_args = 0;
+		char **targs;
+		while (NULL != args[n_args]) {
+			n_args++;
+		}
+		targs = (char **) xmalloc ((n_args + 3) * sizeof (args[0]));
+		targs[0] = "sh";
+		targs[1] = "-";
+		targs[2] = xstrdup (shellname);
+		targs[n_args+2] = NULL;
+		while (1 != n_args) {
+			targs[n_args+1] = args[n_args - 1];
+			n_args--;
+		}
+
+		(void) execve (SHELL, targs, envp);
+	} else {
+		errno = err;
+	}
+}
+
+#ifdef USE_PAM
+/* Signal handler for parent process later */
+static void catch_signals (int sig)
+{
+	caught = sig;
+}
+
+/*
+ * prepare_pam_close_session - Fork and wait for the child to close the session
+ *
+ *	Only the child returns. The parent will wait for the child to
+ *	terminate and exit.
+ */
+static void prepare_pam_close_session (void)
+{
+	sigset_t ourset;
+	int status;
+	int ret;
+
+	pid_child = fork ();
+	if (pid_child == 0) {	/* child shell */
+		return; /* Only the child will return from pam_create_session */
+	} else if ((pid_t)-1 == pid_child) {
+		(void) fprintf (stderr,
+		                _("%s: Cannot fork user shell\n"),
+		                Prog);
+		SYSLOG ((LOG_WARN, "Cannot execute %s", shellstr));
+		closelog ();
+		exit (1);
+		/* Only the child returns. See above. */
+	}
+
+	/* parent only */
+	sigfillset (&ourset);
+	if (sigprocmask (SIG_BLOCK, &ourset, NULL) != 0) {
+		(void) fprintf (stderr,
+		                _("%s: signal malfunction\n"),
+		                Prog);
+		caught = SIGTERM;
+	}
+	if (0 == caught) {
+		struct sigaction action;
+
+		action.sa_handler = catch_signals;
+		sigemptyset (&action.sa_mask);
+		action.sa_flags = 0;
+		sigemptyset (&ourset);
+
+		if (   (sigaddset (&ourset, SIGTERM) != 0)
+		    || (sigaddset (&ourset, SIGALRM) != 0)
+		    || (sigaction (SIGTERM, &action, NULL) != 0)
+		    || (   !doshell /* handle SIGINT (Ctrl-C), SIGQUIT
+		                     * (Ctrl-\), and SIGTSTP (Ctrl-Z)
+		                     * since the child will not control
+		                     * the tty.
+		                     */
+		        && (   (sigaddset (&ourset, SIGINT)  != 0)
+		            || (sigaddset (&ourset, SIGQUIT) != 0)
+		            || (sigaddset (&ourset, SIGTSTP) != 0)
+		            || (sigaction (SIGINT,  &action, NULL) != 0)
+		            || (sigaction (SIGQUIT, &action, NULL) != 0)
+		            || (sigaction (SIGTSTP,  &action, NULL) != 0)))
+		    || (sigprocmask (SIG_UNBLOCK, &ourset, NULL) != 0)
+		    ) {
+			fprintf (stderr,
+			         _("%s: signal masking malfunction\n"),
+			         Prog);
+			caught = SIGTERM;
+		}
+	}
+
+	if (0 == caught) {
+		bool stop = true;
+
+		do {
+			pid_t pid;
+			stop = true;
+
+			pid = waitpid (-1, &status, WUNTRACED);
+
+			/* When interrupted by signal, the signal will be
+			 * forwarded to the child, and termination will be
+			 * forced later.
+			 */
+			if (   ((pid_t)-1 == pid)
+			    && (EINTR == errno)
+			    && (SIGTSTP == caught)) {
+				caught = 0;
+				/* Except for SIGTSTP, which request to
+				 * stop the child.
+				 * We will SIGSTOP ourself on the next
+				 * waitpid round.
+				 */
+				kill (pid_child, SIGSTOP);
+				stop = false;
+			} else if (   ((pid_t)-1 != pid)
+			           && (0 != WIFSTOPPED (status))) {
+				/* The child (shell) was suspended.
+				 * Suspend su. */
+				kill (getpid (), SIGSTOP);
+				/* wake child when resumed */
+				kill (pid, SIGCONT);
+				stop = false;
+			} else if (   (pid_t)-1 != pid) {
+				pid_child = 0;
+			}
+		} while (!stop);
+	}
+
+	if (0 != caught && 0 != pid_child) {
+		(void) fputs ("\n", stderr);
+		(void) fputs (_("Session terminated, terminating shell..."),
+		              stderr);
+		(void) kill (-pid_child, caught);
+
+		snprintf (kill_msg, sizeof kill_msg, _(" ...killed.\n"));
+		snprintf (wait_msg, sizeof wait_msg, _(" ...waiting for child to terminate.\n"));
+
+		(void) signal (SIGALRM, kill_child);
+		(void) signal (SIGCHLD, catch_signals);
+		(void) alarm (2);
+
+		sigemptyset (&ourset);
+		if ((sigaddset (&ourset, SIGALRM) != 0)
+		    || (sigprocmask (SIG_BLOCK, &ourset, NULL) != 0)) {
+			fprintf (stderr, _("%s: signal masking malfunction\n"), Prog);
+			kill_child (0);
+		} else {
+			while (0 == waitpid (pid_child, &status, WNOHANG)) {
+				sigsuspend (&ourset);
+			}
+			pid_child = 0;
+			(void) sigprocmask (SIG_UNBLOCK, &ourset, NULL);
+		}
+
+		(void) fputs (_(" ...terminated.\n"), stderr);
+	}
+
+	ret = pam_close_session (pamh, 0);
+	if (PAM_SUCCESS != ret) {
+		SYSLOG ((LOG_ERR, "pam_close_session: %s",
+		         pam_strerror (pamh, ret)));
+		fprintf (stderr, _("%s: %s\n"), Prog, pam_strerror (pamh, ret));
+	}
+
+	(void) pam_setcred (pamh, PAM_DELETE_CRED);
+	(void) pam_end (pamh, PAM_SUCCESS);
+
+	exit ((0 != WIFEXITED (status)) ? WEXITSTATUS (status)
+	                                : WTERMSIG (status) + 128);
+	/* Only the child returns. See above. */
+}
+#endif				/* USE_PAM */
+
+/*
+ * usage - print command line syntax and exit
+ */
+static void usage (int status)
+{
+	(void)
+	fputs (_("Usage: su [options] [LOGIN]\n"
+	         "\n"
+	         "Options:\n"
+	         "  -c, --command COMMAND         pass COMMAND to the invoked shell\n"
+	         "  -h, --help                    display this help message and exit\n"
+	         "  -, -l, --login                make the shell a login shell\n"
+	         "  -m, -p,\n"
+	         "  --preserve-environment        do not reset environment variables, and\n"
+	         "                                keep the same shell\n"
+	         "  -s, --shell SHELL             use SHELL instead of the default in passwd\n"
+	         "\n"), (E_SUCCESS != status) ? stderr : stdout);
+	exit (status);
+}
+
+#ifdef USE_PAM
+static void check_perms_pam (const struct passwd *pw)
+{
+	int ret;
+	ret = pam_authenticate (pamh, 0);
+	if (PAM_SUCCESS != ret) {
+		SYSLOG (((pw->pw_uid != 0)? LOG_NOTICE : LOG_WARN, "pam_authenticate: %s",
+		         pam_strerror (pamh, ret)));
+		fprintf (stderr, _("%s: %s\n"), Prog, pam_strerror (pamh, ret));
+		(void) pam_end (pamh, ret);
+		su_failure (caller_tty, 0 == pw->pw_uid);
+	}
+
+	ret = pam_acct_mgmt (pamh, 0);
+	if (PAM_SUCCESS != ret) {
+		if (caller_is_root) {
+			fprintf (stderr,
+			         _("%s: %s\n(Ignored)\n"),
+			         Prog, pam_strerror (pamh, ret));
+		} else if (PAM_NEW_AUTHTOK_REQD == ret) {
+			ret = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
+			if (PAM_SUCCESS != ret) {
+				SYSLOG ((LOG_ERR, "pam_chauthtok: %s",
+				         pam_strerror (pamh, ret)));
+				fprintf (stderr,
+				         _("%s: %s\n"),
+				         Prog, pam_strerror (pamh, ret));
+				(void) pam_end (pamh, ret);
+				su_failure (caller_tty, 0 == pw->pw_uid);
+			}
+		} else {
+			SYSLOG ((LOG_ERR, "pam_acct_mgmt: %s",
+			         pam_strerror (pamh, ret)));
+			fprintf (stderr,
+			         _("%s: %s\n"),
+			         Prog, pam_strerror (pamh, ret));
+			(void) pam_end (pamh, ret);
+			su_failure (caller_tty, 0 == pw->pw_uid);
+		}
+	}
+}
+#else				/* !USE_PAM */
+static void check_perms_nopam (const struct passwd *pw)
+{
+	/*@observer@*/const struct spwd *spwd = NULL;
+	/*@observer@*/const char *password = pw->pw_passwd;
+	RETSIGTYPE (*oldsig) (int);
+
+	if (caller_is_root) {
+		return;
+	}
+
+	/*
+	 * BSD systems only allow "wheel" to SU to root. USG systems don't,
+	 * so we make this a configurable option.
+	 */
+
+	/* The original Shadow 3.3.2 did this differently. Do it like BSD:
+	 *
+	 * - check for UID 0 instead of name "root" - there are systems with
+	 *   several root accounts under different names,
+	 *
+	 * - check the contents of /etc/group instead of the current group
+	 *   set (you must be listed as a member, GID 0 is not sufficient).
+	 *
+	 * In addition to this traditional feature, we now have complete su
+	 * access control (allow, deny, no password, own password).  Thanks
+	 * to Chris Evans <lady0110@sable.ox.ac.uk>.
+	 */
+
+	if (   (0 == pw->pw_uid)
+	    && getdef_bool ("SU_WHEEL_ONLY")
+	    && !iswheel (caller_name)) {
+		fprintf (stderr,
+		         _("You are not authorized to su %s\n"),
+		         name);
+		exit (1);
+	}
+	spwd = getspnam (name); /* !USE_PAM, no need for xgetspnam */
+#ifdef SU_ACCESS
+	if (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) == 0) {
+		if (NULL != spwd) {
+			password = spwd->sp_pwdp;
+		}
+	}
+
+	switch (check_su_auth (caller_name, name, 0 == pw->pw_uid)) {
+	case 0:	/* normal su, require target user's password */
+		break;
+	case 1:	/* require no password */
+		password = "";	/* XXX warning: const */
+		break;
+	case 2:	/* require own password */
+		(void) puts (_("(Enter your own password)"));
+		password = caller_pass;
+		break;
+	default:	/* access denied (-1) or unexpected value */
+		fprintf (stderr,
+		         _("You are not authorized to su %s\n"),
+		         name);
+		exit (1);
+	}
+#endif				/* SU_ACCESS */
+	/*
+	 * Set up a signal handler in case the user types QUIT.
+	 */
+	die (0);
+	oldsig = signal (SIGQUIT, die);
+
+	/*
+	 * See if the system defined authentication method is being used. 
+	 * The first character of an administrator defined method is an '@'
+	 * character.
+	 */
+	if (pw_auth (password, name, PW_SU, (char *) 0) != 0) {
+		SYSLOG (((pw->pw_uid != 0)? LOG_NOTICE : LOG_WARN,
+		         "Authentication failed for %s", name));
+		fprintf(stderr, _("%s: Authentication failure\n"), Prog);
+		su_failure (caller_tty, 0 == pw->pw_uid);
+	}
+	(void) signal (SIGQUIT, oldsig);
+
+	/*
+	 * Check to see if the account is expired. root gets to ignore any
+	 * expired accounts, but normal users can't become a user with an
+	 * expired password.
+	 */
+	if (NULL != spwd) {
+		(void) expire (pw, spwd);
+	}
+
+	/*
+	 * Check to see if the account permits "su". root gets to ignore any
+	 * restricted accounts, but normal users can't become a user if
+	 * there is a "SU" entry in the /etc/porttime file denying access to
+	 * the account.
+	 */
+	if (!isttytime (name, "SU", time ((time_t *) 0))) {
+		SYSLOG (((0 != pw->pw_uid) ? LOG_WARN : LOG_CRIT,
+		         "SU by %s to restricted account %s",
+		         caller_name, name));
+		fprintf (stderr,
+		         _("%s: You are not authorized to su at that time\n"),
+		         Prog);
+		su_failure (caller_tty, 0 == pw->pw_uid);
+	}
+}
+#endif				/* !USE_PAM */
+
+/*
+ * check_perms - check permissions to switch to the user 'name'
+ *
+ *	In case of subsystem login, the user is first authenticated in the
+ *	caller's root subsystem, and then in the user's target subsystem.
+ */
+static /*@only@*/struct passwd * check_perms (void)
+{
+#ifdef USE_PAM
+	const char *tmp_name;
+	int ret;
+#endif				/* !USE_PAM */
+	/*
+	 * The password file entries for the user is gotten and the account
+	 * validated.
+	 */
+	struct passwd *pw = xgetpwnam (name);
+	if (NULL == pw) {
+		(void) fprintf (stderr,
+		                _("No passwd entry for user '%s'\n"), name);
+		SYSLOG ((LOG_NOTICE, "No passwd entry for user '%s'", name));
+		su_failure (caller_tty, true);
+	}
+
+	(void) signal (SIGINT, SIG_IGN);
+	(void) signal (SIGQUIT, SIG_IGN);
+
+#ifdef USE_PAM
+	check_perms_pam (pw);
+	/* PAM authentication can request a change of account */
+	ret = pam_get_item(pamh, PAM_USER, (const void **) &tmp_name);
+	if (ret != PAM_SUCCESS) {
+		SYSLOG((LOG_ERR, "pam_get_item: internal PAM error\n"));
+		(void) fprintf (stderr,
+		                "%s: Internal PAM error retrieving username\n",
+		                Prog);
+		(void) pam_end (pamh, ret);
+		su_failure (caller_tty, 0 == pw->pw_uid);
+	}
+	if (strcmp (name, tmp_name) != 0) {
+		SYSLOG ((LOG_INFO,
+		         "Change user from '%s' to '%s' as requested by PAM",
+		         name, tmp_name));
+		strncpy (name, tmp_name, sizeof(name) - 1);
+		name[sizeof(name) - 1] = '\0';
+		pw = xgetpwnam (name);
+		if (NULL == pw) {
+			(void) fprintf (stderr,
+			                _("No passwd entry for user '%s'\n"),
+			                name);
+			SYSLOG ((LOG_NOTICE,
+			         "No passwd entry for user '%s'", name));
+			su_failure (caller_tty, true);
+		}
+	}
+#else				/* !USE_PAM */
+	check_perms_nopam (pw);
+#endif				/* !USE_PAM */
+
+	(void) signal (SIGINT, SIG_DFL);
+	(void) signal (SIGQUIT, SIG_DFL);
+
+	/*
+	 * Even if --shell is specified, the subsystem login test is based on
+	 * the shell specified in /etc/passwd (not the one specified with
+	 * --shell, which will be the one executed in the chroot later).
+	 */
+	if ('*' == pw->pw_shell[0]) {	/* subsystem root required */
+		subsystem (pw);	/* change to the subsystem root */
+		endpwent ();		/* close the old password databases */
+		endspent ();
+		pw_free (pw);
+		return check_perms ();	/* authenticate in the subsystem */
+	}
+
+	return pw;
+}
+
+/*
+ * save_caller_context - save information from the call context
+ *
+ *	Save the program's name (Prog), caller's UID (caller_uid /
+ *	caller_is_root), name (caller_name), and password (caller_pass),
+ *	the TTY (ttyp), and whether su was called from a console
+ *	(is_console) for further processing and before they might change.
+ */
+static void save_caller_context (char **argv)
+{
+	struct passwd *pw = NULL;
+#ifndef USE_PAM
+#ifdef SU_ACCESS
+	const char *password = NULL;
+#endif				/* SU_ACCESS */
+#endif				/* !USE_PAM */
+	/*
+	 * Get the program name. The program name is used as a prefix to
+	 * most error messages.
+	 */
+	Prog = Basename (argv[0]);
+
+	caller_uid = getuid ();
+	caller_is_root = (caller_uid == 0);
+
+	/*
+	 * Get the tty name. Entries will be logged indicating that the user
+	 * tried to change to the named new user from the current terminal.
+	 */
+	caller_tty = ttyname (0);
+	if ((isatty (0) != 0) && (NULL != caller_tty)) {
+#ifndef USE_PAM
+		caller_on_console = console (caller_tty);
+#endif				/* !USE_PAM */
+	} else {
+		/*
+		 * Be more paranoid, like su from SimplePAMApps.  --marekm
+		 */
+		if (!caller_is_root) {
+			fprintf (stderr,
+			         _("%s: must be run from a terminal\n"),
+			         Prog);
+			exit (1);
+		}
+		caller_tty = "???";
+	}
+
+	/*
+	 * Get the user's real name. The current UID is used to determine
+	 * who has executed su. That user ID must exist.
+	 */
+	pw = get_my_pwent ();
+	if (NULL == pw) {
+		fprintf (stderr,
+		         _("%s: Cannot determine your user name.\n"),
+		         Prog);
+		SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
+		         (unsigned long) caller_uid));
+		su_failure (caller_tty, true); /* unknown target UID*/
+	}
+	STRFCPY (caller_name, pw->pw_name);
+
+#ifndef USE_PAM
+#ifdef SU_ACCESS
+	/*
+	 * Sort out the password of user calling su, in case needed later
+	 * -- chris
+	 */
+	password = pw->pw_passwd;
+	if (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) == 0) {
+		const struct spwd *spwd = getspnam (caller_name);
+		if (NULL != spwd) {
+			password = spwd->sp_pwdp;
+		}
+	}
+	free (caller_pass);
+	caller_pass = xstrdup (password);
+#endif				/* SU_ACCESS */
+#endif				/* !USE_PAM */
+	pw_free (pw);
+}
+
+/*
+ * process_flags - Process the command line arguments
+ *
+ *	process_flags() interprets the command line arguments and sets
+ *	the values that the user will be created with accordingly. The
+ *	values are checked for sanity.
+ */
+static void process_flags (int argc, char **argv)
+{
+	int c;
+	static struct option long_options[] = {
+		{"command",              required_argument, NULL, 'c'},
+		{"help",                 no_argument,       NULL, 'h'},
+		{"login",                no_argument,       NULL, 'l'},
+		{"preserve-environment", no_argument,       NULL, 'p'},
+		{"shell",                required_argument, NULL, 's'},
+		{NULL, 0, NULL, '\0'}
+	};
+
+	while ((c = getopt_long (argc, argv, "c:hlmps:",
+	                         long_options, NULL)) != -1) {
+		switch (c) {
+		case 'c':
+			command = optarg;
+			break;
+		case 'h':
+			usage (E_SUCCESS);
+			break;
+		case 'l':
+			fakelogin = true;
+			break;
+		case 'm':
+		case 'p':
+			/* This will only have an effect if the target
+			 * user do not have a restricted shell, or if
+			 * su is called by root.
+			 */
+			change_environment = false;
+			break;
+		case 's':
+			shellstr = optarg;
+			break;
+		default:
+			usage (E_USAGE);	/* NOT REACHED */
+		}
+	}
+
+	if ((optind < argc) && (strcmp (argv[optind], "-") == 0)) {
+		fakelogin = true;
+		optind++;
+		if (   (optind < argc)
+		    && (strcmp (argv[optind], "--") == 0)) {
+			optind++;
+		}
+	}
+
+	/*
+	 * The next argument must be either a user ID, or some flag to a
+	 * subshell. Pretty sticky since you can't have an argument which
+	 * doesn't start with a "-" unless you specify the new user name.
+	 * Any remaining arguments will be passed to the user's login shell.
+	 */
+	if ((optind < argc) && ('-' != argv[optind][0])) {
+		STRFCPY (name, argv[optind++]);	/* use this login id */
+		if ((optind < argc) && (strcmp (argv[optind], "--") == 0)) {
+			optind++;
+		}
+	}
+	if ('\0' == name[0]) {		/* use default user */
+		struct passwd *root_pw = getpwnam ("root");
+		if ((NULL != root_pw) && (0 == root_pw->pw_uid)) {
+			(void) strcpy (name, "root");
+		} else {
+			root_pw = getpwuid (0);
+			if (NULL == root_pw) {
+				SYSLOG ((LOG_CRIT, "There is no UID 0 user."));
+				su_failure (caller_tty, true);
+			}
+			(void) strcpy (name, root_pw->pw_name);
+		}
+	}
+
+	doshell = (argc == optind);	/* any arguments remaining? */
+	if (NULL != command) {
+		doshell = false;
+	}
+}
+
+static void set_environment (struct passwd *pw)
+{
+	const char *cp;
+	/*
+	 * If a new login is being set up, the old environment will be
+	 * ignored and a new one created later on.
+	 */
+	if (change_environment && fakelogin) {
+		/*
+		 * The terminal type will be left alone if it is present in
+		 * the environment already.
+		 */
+		cp = getenv ("TERM");
+		if (NULL != cp) {
+			addenv ("TERM", cp);
+		}
+
+		/*
+		 * For some terminals COLORTERM seems to be the only way
+		 * for checking for that specific terminal. For instance,
+		 * gnome-terminal sets its TERM as "xterm" but its
+		 * COLORTERM as "gnome-terminal". The COLORTERM variable
+		 * is also of use when running GNU screen since it sets
+		 * TERM to "screen" but doesn't touch COLORTERM.
+		 */
+		cp = getenv ("COLORTERM");
+		if (NULL != cp) {
+			addenv ("COLORTERM", cp);
+		}
+
+#ifndef USE_PAM
+		cp = getdef_str ("ENV_TZ");
+		if (NULL != cp) {
+			addenv (('/' == *cp) ? tz (cp) : cp, NULL);
+		}
+
+		/*
+		 * The clock frequency will be reset to the login value if required
+		 */
+		cp = getdef_str ("ENV_HZ");
+		if (NULL != cp) {
+			addenv (cp, NULL);	/* set the default $HZ, if one */
+		}
+#endif				/* !USE_PAM */
+
+		/*
+		 * Also leave DISPLAY and XAUTHORITY if present, else
+		 * pam_xauth will not work.
+		 */
+		cp = getenv ("DISPLAY");
+		if (NULL != cp) {
+			addenv ("DISPLAY", cp);
+		}
+		cp = getenv ("XAUTHORITY");
+		if (NULL != cp) {
+			addenv ("XAUTHORITY", cp);
+		}
+	} else {
+		char **envp = environ;
+		while (NULL != *envp) {
+			addenv (*envp, NULL);
+			envp++;
+		}
+	}
+
+	cp = getdef_str ((pw->pw_uid == 0) ? "ENV_SUPATH" : "ENV_PATH");
+	if (NULL == cp) {
+		addenv ((pw->pw_uid == 0) ? "PATH=/sbin:/bin:/usr/sbin:/usr/bin" : "PATH=/bin:/usr/bin", NULL);
+	} else if (strchr (cp, '=') != NULL) {
+		addenv (cp, NULL);
+	} else {
+		addenv ("PATH", cp);
+	}
+
+	if (getenv ("IFS") != NULL) {	/* don't export user IFS ... */
+		addenv ("IFS= \t\n", NULL);	/* ... instead, set a safe IFS */
+	}
+
+#ifdef USE_PAM
+	/* we need to setup the environment *after* pam_open_session(),
+	 * else the UID is changed before stuff like pam_xauth could
+	 * run, and we cannot access /etc/shadow and co
+	 */
+	environ = newenvp;	/* make new environment active */
+
+	if (change_environment) {
+		/* update environment with all pam set variables */
+		char **envcp = pam_getenvlist (pamh);
+		if (NULL != envcp) {
+			while (NULL != *envcp) {
+				addenv (*envcp, NULL);
+				envcp++;
+			}
+		}
+	}
+
+#else				/* !USE_PAM */
+	environ = newenvp;	/* make new environment active */
+#endif				/* !USE_PAM */
+
+	if (change_environment) {
+		if (fakelogin) {
+			if (shellstr != pw->pw_shell) {
+				free (pw->pw_shell);
+				pw->pw_shell = xstrdup (shellstr);
+			}
+			setup_env (pw);
+		} else {
+			addenv ("HOME", pw->pw_dir);
+			addenv ("USER", pw->pw_name);
+			addenv ("LOGNAME", pw->pw_name);
+			addenv ("SHELL", shellstr);
+		}
+	}
+
+}
+
+/*
+ * su - switch user id
+ *
+ *	su changes the user's ids to the values for the specified user.  if
+ *	no new user name is specified, "root" or UID 0 is used by default.
+ *
+ *	Any additional arguments are passed to the user's shell. In
+ *	particular, the argument "-c" will cause the next argument to be
+ *	interpreted as a command by the common shell programs.
+ */
+int main (int argc, char **argv)
+{
+	const char *cp;
+	struct passwd *pw = NULL;
+
+#ifdef USE_PAM
+	int ret;
+#endif				/* USE_PAM */
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	save_caller_context (argv);
+
+	OPENLOG ("su");
+
+	process_flags (argc, argv);
+
+	initenv ();
+
+#ifdef USE_PAM
+	ret = pam_start ("su", name, &conv, &pamh);
+	if (PAM_SUCCESS != ret) {
+		SYSLOG ((LOG_ERR, "pam_start: error %d", ret);
+		fprintf (stderr,
+		         _("%s: pam_start: error %d\n"),
+		         Prog, ret));
+		exit (1);
+	}
+
+	ret = pam_set_item (pamh, PAM_TTY, (const void *) caller_tty);
+	if (PAM_SUCCESS == ret) {
+		ret = pam_set_item (pamh, PAM_RUSER, (const void *) caller_name);
+	}
+	if (PAM_SUCCESS != ret) {
+		SYSLOG ((LOG_ERR, "pam_set_item: %s",
+		         pam_strerror (pamh, ret)));
+		fprintf (stderr, _("%s: %s\n"), Prog, pam_strerror (pamh, ret));
+		pam_end (pamh, ret);
+		exit (1);
+	}
+#endif				/* USE_PAM */
+
+	pw = check_perms ();
+
+	/* If the user do not want to change the environment,
+	 * use the current SHELL.
+	 * (unless another shell is required by the command line)
+	 */
+	if ((NULL == shellstr) && !change_environment) {
+		shellstr = getenv ("SHELL");
+	}
+
+	/* If su is not called by root, and the target user has a
+	 * restricted shell, the environment must be changed and the shell
+	 * must be the one specified in /etc/passwd.
+	 */
+	if (   !caller_is_root
+	    && restricted_shell (pw->pw_shell)) {
+		shellstr = NULL;
+		change_environment = true;
+	}
+
+	/* If the shell is not set at this time, use the shell specified
+	 * in /etc/passwd.
+	 */
+	if (NULL == shellstr) {
+		shellstr = pw->pw_shell;
+	}
+
+	/*
+	 * Set the default shell.
+	 */
+	if ((NULL == shellstr) || ('\0' == shellstr[0])) {
+		shellstr = SHELL;
+	}
+
+	sulog (caller_tty, true, caller_name, name);	/* save SU information */
+#ifdef USE_SYSLOG
+	if (getdef_bool ("SYSLOG_SU_ENAB")) {
+		SYSLOG ((LOG_INFO, "+ %s %s:%s", caller_tty,
+		         ('\0' != caller_name[0]) ? caller_name : "???",
+		         ('\0' != name[0]) ? name : "???"));
+	}
+#endif
+
+#ifdef USE_PAM
+	/* set primary group id and supplementary groups */
+	if (setup_groups (pw) != 0) {
+		pam_end (pamh, PAM_ABORT);
+		exit (1);
+	}
+
+	/*
+	 * pam_setcred() may do things like resource limits, console groups,
+	 * and much more, depending on the configured modules
+	 */
+	ret = pam_setcred (pamh, PAM_ESTABLISH_CRED);
+	if (PAM_SUCCESS != ret) {
+		SYSLOG ((LOG_ERR, "pam_setcred: %s", pam_strerror (pamh, ret)));
+		fprintf (stderr, _("%s: %s\n"), Prog, pam_strerror (pamh, ret));
+		(void) pam_end (pamh, ret);
+		exit (1);
+	}
+
+	ret = pam_open_session (pamh, 0);
+	if (PAM_SUCCESS != ret) {
+		SYSLOG ((LOG_ERR, "pam_open_session: %s",
+		         pam_strerror (pamh, ret)));
+		fprintf (stderr, _("%s: %s\n"), Prog, pam_strerror (pamh, ret));
+		pam_setcred (pamh, PAM_DELETE_CRED);
+		(void) pam_end (pamh, ret);
+		exit (1);
+	}
+
+	prepare_pam_close_session ();
+
+	/* become the new user */
+	if (change_uid (pw) != 0) {
+		exit (1);
+	}
+#else				/* !USE_PAM */
+	/* no limits if su from root (unless su must fake login's behavior) */
+	if (!caller_is_root || fakelogin) {
+		setup_limits (pw);
+	}
+
+	if (setup_uid_gid (pw, caller_on_console) != 0) {
+		exit (1);
+	}
+#endif				/* !USE_PAM */
+
+#ifdef WITH_AUDIT
+	audit_fd = audit_open ();
+	audit_log_acct_message (audit_fd,
+				AUDIT_USER_ROLE_CHANGE,
+				NULL,    /* Prog. name */
+				"su",
+				('\0' != caller_name[0]) ? caller_name : "???",
+				AUDIT_NO_ID,
+				"localhost",
+				NULL,    /* addr */
+				caller_tty,
+				1);      /* result */
+	close (audit_fd);
+#endif				/* WITH_AUDIT */
+
+	set_environment (pw);
+
+	if (!doshell) {
+		/* There is no need for a controlling terminal.
+		 * This avoids the callee to inject commands on
+		 * the caller's tty. */
+		int err = -1;
+
+#ifdef USE_PAM
+		/* When PAM is used, we are on the child */
+		err = setsid ();
+#else
+		/* Otherwise, we cannot use setsid */
+		int fd = open ("/dev/tty", O_RDWR);
+
+		if (fd >= 0) {
+			err = ioctl (fd, TIOCNOTTY, (char *) 0);
+			(void) close (fd);
+		} else if (ENXIO == errno) {
+			/* There are no controlling terminal already */
+			err = 0;
+		}
+#endif				/* USE_PAM */
+
+		if (-1 == err) {
+			(void) fprintf (stderr,
+			                _("%s: Cannot drop the controlling terminal\n"),
+			                Prog);
+			exit (1);
+		}
+	}
+
+	/*
+	 * PAM_DATA_SILENT is not supported by some modules, and
+	 * there is no strong need to clean up the process space's
+	 * memory since we will either call exec or exit.
+	pam_end (pamh, PAM_SUCCESS | PAM_DATA_SILENT);
+	 */
+
+	endpwent ();
+	endspent ();
+	/*
+	 * This is a workaround for Linux libc bug/feature (?) - the
+	 * /dev/log file descriptor is open without the close-on-exec flag
+	 * and used to be passed to the new shell. There is "fcntl(LogFile,
+	 * F_SETFD, 1)" in libc/misc/syslog.c, but it is commented out (at
+	 * least in 5.4.33). Why?  --marekm
+	 */
+	closelog ();
+
+	/*
+	 * See if the user has extra arguments on the command line. In that
+	 * case they will be provided to the new user's shell as arguments.
+	 */
+	if (fakelogin) {
+		char *arg0;
+
+		cp = getdef_str ("SU_NAME");
+		if (NULL == cp) {
+			cp = Basename (shellstr);
+		}
+
+		arg0 = xmalloc (strlen (cp) + 2);
+		arg0[0] = '-';
+		strcpy (arg0 + 1, cp);
+		cp = arg0;
+	} else {
+		cp = Basename (shellstr);
+	}
+
+	if (!doshell) {
+		int err;
+		/* Position argv to the remaining arguments */
+		argv += optind;
+		if (NULL != command) {
+			argv -= 2;
+			argv[0] = "-c";
+			argv[1] = command;
+		}
+		/*
+		 * Use the shell and create an argv
+		 * with the rest of the command line included.
+		 */
+		argv[-1] = cp;
+		execve_shell (shellstr, &argv[-1], environ);
+		err = errno;
+		(void) fprintf (stderr,
+		                _("Cannot execute %s\n"), shellstr);
+		errno = err;
+	} else {
+		(void) shell (shellstr, cp, environ);
+	}
+
+	pw_free (pw);
+
+	return (errno == ENOENT ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
+}
+
diff --git a/src/suauth.c b/src/suauth.c
new file mode 100644
index 0000000..a5bbe4c
--- /dev/null
+++ b/src/suauth.c
@@ -0,0 +1,239 @@
+/*
+ * Copyright (c) 1990 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2005, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2008, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+#include <errno.h>
+#include <grp.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include "defines.h"
+#include "prototypes.h"
+
+#ifndef SUAUTHFILE
+#define SUAUTHFILE "/etc/suauth"
+#endif
+
+#define	NOACTION	0
+#define	NOPWORD		1
+#define	DENY		-1
+#define	OWNPWORD	2
+
+#ifdef SU_ACCESS
+
+/* Really, I could do with a few const char's here defining all the 
+ * strings output to the user or the syslog. -- chris
+ */
+static int applies (const char *, char *);
+
+static int isgrp (const char *, const char *);
+
+static int lines = 0;
+
+
+int check_su_auth (const char *actual_id,
+                   const char *wanted_id,
+                   bool su_to_root)
+{
+	int posn, endline;
+	const char field[] = ":";
+	FILE *authfile_fd;
+	char temp[1024];
+	char *to_users;
+	char *from_users;
+	char *action;
+
+	if (!(authfile_fd = fopen (SUAUTHFILE, "r"))) {
+		int err = errno;
+		/*
+		 * If the file doesn't exist - default to the standard su
+		 * behaviour (no access control).  If open fails for some
+		 * other reason - maybe someone is trying to fool us with
+		 * file descriptors limit etc., so deny access.  --marekm
+		 */
+		if (ENOENT == err) {
+			return NOACTION;
+		}
+		SYSLOG ((LOG_ERR,
+		         "could not open/read config file '%s': %s\n",
+		         SUAUTHFILE, strerror (err)));
+		return DENY;
+	}
+
+	while (fgets (temp, sizeof (temp), authfile_fd) != NULL) {
+		lines++;
+
+		if (temp[endline = strlen (temp) - 1] != '\n') {
+			SYSLOG ((LOG_ERR,
+				 "%s, line %d: line too long or missing newline",
+				 SUAUTHFILE, lines));
+			continue;
+		}
+
+		while (endline > 0 && (temp[endline - 1] == ' '
+				       || temp[endline - 1] == '\t'
+				       || temp[endline - 1] == '\n'))
+			endline--;
+		temp[endline] = '\0';
+
+		posn = 0;
+		while (temp[posn] == ' ' || temp[posn] == '\t')
+			posn++;
+
+		if (temp[posn] == '\n' || temp[posn] == '#'
+		    || temp[posn] == '\0') {
+			continue;
+		}
+		if (!(to_users = strtok (temp + posn, field))
+		    || !(from_users = strtok ((char *) NULL, field))
+		    || !(action = strtok ((char *) NULL, field))
+		    || strtok ((char *) NULL, field)) {
+			SYSLOG ((LOG_ERR,
+				 "%s, line %d. Bad number of fields.\n",
+				 SUAUTHFILE, lines));
+			continue;
+		}
+
+		if (!applies (wanted_id, to_users))
+			continue;
+		if (!applies (actual_id, from_users))
+			continue;
+		if (!strcmp (action, "DENY")) {
+			SYSLOG ((su_to_root ? LOG_WARN : LOG_NOTICE,
+				 "DENIED su from '%s' to '%s' (%s)\n",
+				 actual_id, wanted_id, SUAUTHFILE));
+			fputs (_("Access to su to that account DENIED.\n"),
+			       stderr);
+			fclose (authfile_fd);
+			return DENY;
+		} else if (!strcmp (action, "NOPASS")) {
+			SYSLOG ((su_to_root ? LOG_NOTICE : LOG_INFO,
+				 "NO password asked for su from '%s' to '%s' (%s)\n",
+				 actual_id, wanted_id, SUAUTHFILE));
+			fputs (_("Password authentication bypassed.\n"),stderr);
+			fclose (authfile_fd);
+			return NOPWORD;
+		} else if (!strcmp (action, "OWNPASS")) {
+			SYSLOG ((su_to_root ? LOG_NOTICE : LOG_INFO,
+				 "su from '%s' to '%s': asking for user's own password (%s)\n",
+				 actual_id, wanted_id, SUAUTHFILE));
+			fputs (_("Please enter your OWN password as authentication.\n"),
+			       stderr);
+			fclose (authfile_fd);
+			return OWNPWORD;
+		} else {
+			SYSLOG ((LOG_ERR,
+				 "%s, line %d: unrecognised action!\n",
+				 SUAUTHFILE, lines));
+		}
+	}
+	fclose (authfile_fd);
+	return NOACTION;
+}
+
+static int applies (const char *single, char *list)
+{
+	const char split[] = ", ";
+	char *tok;
+
+	int state = 0;
+
+	for (tok = strtok (list, split); tok != NULL;
+	     tok = strtok (NULL, split)) {
+
+		if (!strcmp (tok, "ALL")) {
+			if (state != 0) {
+				SYSLOG ((LOG_ERR,
+					 "%s, line %d: ALL in bad place\n",
+					 SUAUTHFILE, lines));
+				return 0;
+			}
+			state = 1;
+		} else if (!strcmp (tok, "EXCEPT")) {
+			if (state != 1) {
+				SYSLOG ((LOG_ERR,
+					 "%s, line %d: EXCEPT in bas place\n",
+					 SUAUTHFILE, lines));
+				return 0;
+			}
+			state = 2;
+		} else if (!strcmp (tok, "GROUP")) {
+			if ((state != 0) && (state != 2)) {
+				SYSLOG ((LOG_ERR,
+					 "%s, line %d: GROUP in bad place\n",
+					 SUAUTHFILE, lines));
+				return 0;
+			}
+			state = (state == 0) ? 3 : 4;
+		} else {
+			switch (state) {
+			case 0:	/* No control words yet */
+				if (!strcmp (tok, single))
+					return 1;
+				break;
+			case 1:	/* An all */
+				SYSLOG ((LOG_ERR,
+					 "%s, line %d: expect another token after ALL\n",
+					 SUAUTHFILE, lines));
+				return 0;
+			case 2:	/* All except */
+				if (!strcmp (tok, single))
+					return 0;
+				break;
+			case 3:	/* Group */
+				if (isgrp (single, tok))
+					return 1;
+				break;
+			case 4:	/* All except group */
+				if (isgrp (single, tok))
+					return 0;
+				/* FALL THRU */
+			}
+		}
+	}
+	if ((state != 0) && (state != 3))
+		return 1;
+	return 0;
+}
+
+static int isgrp (const char *name, const char *group)
+{
+	struct group *grp;
+
+	grp = getgrnam (group); /* local, no need for xgetgrnam */
+
+	if (!grp || !grp->gr_mem)
+		return 0;
+
+	return is_on_list (grp->gr_mem, name);
+}
+#endif				/* SU_ACCESS */
diff --git a/src/sulogin.c b/src/sulogin.c
new file mode 100644
index 0000000..4264099
--- /dev/null
+++ b/src/sulogin.c
@@ -0,0 +1,257 @@
+/*
+ * Copyright (c) 1989 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2010, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <fcntl.h>
+#include <pwd.h>
+#include <signal.h>
+#include <stdio.h>
+#include <sys/ioctl.h>
+#include "defines.h"
+#include "getdef.h"
+#include "prototypes.h"
+#include "pwauth.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static char name[BUFSIZ];
+static char pass[BUFSIZ];
+
+static struct passwd pwent;
+
+extern char **newenvp;
+extern size_t newenvc;
+
+extern char **environ;
+
+#ifndef	ALARM
+#define	ALARM	60
+#endif
+
+/* local function prototypes */
+static RETSIGTYPE catch_signals (int);
+
+static RETSIGTYPE catch_signals (unused int sig)
+{
+	_exit (1);
+}
+
+/*
+ * syslogd is usually not running at the time when sulogin is typically
+ * called, cluttering the screen with unnecessary messages. Suggested by
+ * Ivan Nejgebauer <ian@unsux.ns.ac.yu>.  --marekm
+ */
+#undef USE_SYSLOG
+
+ /*ARGSUSED*/ int main (int argc, char **argv)
+{
+#ifndef USE_PAM
+	const char *env;
+#endif				/* !USE_PAM */
+	char **envp = environ;
+	TERMIO termio;
+	int err = 0;
+
+#ifdef	USE_TERMIO
+	ioctl (0, TCGETA, &termio);
+	termio.c_iflag |= (ICRNL | IXON);
+	termio.c_oflag |= (OPOST | ONLCR);
+	termio.c_cflag |= (CREAD);
+	termio.c_lflag |= (ISIG | ICANON | ECHO | ECHOE | ECHOK);
+	ioctl (0, TCSETAF, &termio);
+#endif
+#ifdef	USE_TERMIOS
+	tcgetattr (0, &termio);
+	termio.c_iflag |= (ICRNL | IXON);
+	termio.c_oflag |= (CREAD);
+	termio.c_lflag |= (ECHO | ECHOE | ECHOK | ICANON | ISIG);
+	tcsetattr (0, TCSANOW, &termio);
+#endif
+
+	Prog = Basename (argv[0]);
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+#ifdef	USE_SYSLOG
+	OPENLOG ("sulogin");
+#endif
+	initenv ();
+	if (argc > 1) {
+		close (0);
+		close (1);
+		close (2);
+
+		if (open (argv[1], O_RDWR) >= 0) {
+			dup (0);
+			dup (0);
+		} else {
+#ifdef	USE_SYSLOG
+			SYSLOG (LOG_WARN, "cannot open %s\n", argv[1]);
+			closelog ();
+#endif
+			exit (1);
+		}
+	}
+	if (access (PASSWD_FILE, F_OK) == -1) {	/* must be a password file! */
+		(void) puts (_("No password file"));
+#ifdef	USE_SYSLOG
+		SYSLOG (LOG_WARN, "No password file\n");
+		closelog ();
+#endif
+		exit (1);
+	}
+#if !defined(DEBUG) && defined(SULOGIN_ONLY_INIT)
+	if (getppid () != 1) {	/* parent must be INIT */
+#ifdef	USE_SYSLOG
+		SYSLOG (LOG_WARN, "Pid == %d, not 1\n", getppid ());
+		closelog ();
+#endif
+		exit (1);
+	}
+#endif
+	if ((isatty (0) == 0) || (isatty (1) == 0) || (isatty (2) == 0)) {
+#ifdef	USE_SYSLOG
+		closelog ();
+#endif
+		exit (1);	/* must be a terminal */
+	}
+	/* If we were init, we need to start a new session */
+	if (getppid() == 1) {
+		setsid();
+		if (ioctl(0, TIOCSCTTY, 1) != 0) {
+			(void) fputs (_("TIOCSCTTY failed"), stderr);
+		}
+	}
+	while (NULL != *envp) {		/* add inherited environment, */
+		addenv (*envp, NULL);	/* some variables change later */
+		envp++;
+	}
+
+#ifndef USE_PAM
+	env = getdef_str ("ENV_TZ");
+	if (NULL != env) {
+		addenv (('/' == *env) ? tz (env) : env, NULL);
+	}
+	env = getdef_str ("ENV_HZ");
+	if (NULL != env) {
+		addenv (env, NULL);	/* set the default $HZ, if one */
+	}
+#endif				/* !USE_PAM */
+
+	(void) strcpy (name, "root");	/* KLUDGE!!! */
+
+	(void) signal (SIGALRM, catch_signals);	/* exit if the timer expires */
+	(void) alarm (ALARM);		/* only wait so long ... */
+
+	while (true) {		/* repeatedly get login/password pairs */
+		char *cp;
+		pw_entry (name, &pwent);	/* get entry from password file */
+		if (pwent.pw_name == (char *) 0) {
+			/*
+			 * Fail secure
+			 */
+			(void) puts (_("No password entry for 'root'"));
+#ifdef	USE_SYSLOG
+			SYSLOG (LOG_WARN, "No password entry for 'root'\n");
+			closelog ();
+#endif
+			exit (1);
+		}
+
+		/*
+		 * Here we prompt for the root password, or if no password
+		 * is given we just exit.
+		 */
+
+		/* get a password for root */
+		cp = getpass (_(
+"\n"
+"Type control-d to proceed with normal startup,\n"
+"(or give root password for system maintenance):"));
+		/*
+		 * XXX - can't enter single user mode if root password is
+		 * empty.  I think this doesn't happen very often :-). But
+		 * it will work with standard getpass() (no NULL on EOF). 
+		 * --marekm
+		 */
+		if ((NULL == cp) || ('\0' == *cp)) {
+#ifdef	USE_SYSLOG
+			SYSLOG (LOG_INFO, "Normal startup\n");
+			closelog ();
+#endif
+			(void) puts ("");
+#ifdef	TELINIT
+			execl (PATH_TELINIT, "telinit", RUNLEVEL, (char *) 0);
+#endif
+			exit (0);
+		} else {
+			STRFCPY (pass, cp);
+			strzero (cp);
+		}
+		if (valid (pass, &pwent)) {	/* check encrypted passwords ... */
+			break;	/* ... encrypted passwords matched */
+		}
+
+#ifdef	USE_SYSLOG
+		SYSLOG (LOG_WARN, "Incorrect root password\n");
+#endif
+		sleep (2);
+		(void) puts (_("Login incorrect"));
+	}
+	strzero (pass);
+	(void) alarm (0);
+	(void) signal (SIGALRM, SIG_DFL);
+	environ = newenvp;	/* make new environment active */
+
+	(void) puts (_("Entering System Maintenance Mode"));
+#ifdef	USE_SYSLOG
+	SYSLOG (LOG_INFO, "System Maintenance Mode\n");
+#endif
+
+#ifdef	USE_SYSLOG
+	closelog ();
+#endif
+	/* exec the shell finally. */
+	err = shell (pwent.pw_shell, (char *) 0, environ);
+
+	return ((err == ENOENT) ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
+}
+
diff --git a/src/useradd.c b/src/useradd.c
new file mode 100644
index 0000000..0e0fa1f
--- /dev/null
+++ b/src/useradd.c
@@ -0,0 +1,2315 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2012, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <assert.h>
+#include <ctype.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <grp.h>
+#include <lastlog.h>
+#include <pwd.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+#include <stdio.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <time.h>
+#include <unistd.h>
+#include "chkname.h"
+#include "defines.h"
+#include "faillog.h"
+#include "getdef.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "prototypes.h"
+#include "pwauth.h"
+#include "pwio.h"
+#ifdef	SHADOWGRP
+#include "sgroupio.h"
+#endif
+#include "shadowio.h"
+#ifdef ENABLE_SUBIDS
+#include "subordinateio.h"
+#endif				/* ENABLE_SUBIDS */
+#ifdef WITH_TCB
+#include "tcbfuncs.h"
+#endif
+
+#ifndef SKEL_DIR
+#define SKEL_DIR "/etc/skel"
+#endif
+#ifndef USER_DEFAULTS_FILE
+#define USER_DEFAULTS_FILE "/etc/default/useradd"
+#define NEW_USER_FILE "/etc/default/nuaddXXXXXX"
+#endif
+/*
+ * Needed for MkLinux DR1/2/2.1 - J.
+ */
+#ifndef LASTLOG_FILE
+#define LASTLOG_FILE "/var/log/lastlog"
+#endif
+/*
+ * Global variables
+ */
+const char *Prog;
+
+/*
+ * These defaults are used if there is no defaults file.
+ */
+static gid_t def_group = 100;
+static const char *def_gname = "other";
+static const char *def_home = "/home";
+static const char *def_shell = "";
+static const char *def_template = SKEL_DIR;
+static const char *def_create_mail_spool = "no";
+
+static long def_inactive = -1;
+static const char *def_expire = "";
+
+#define	VALID(s)	(strcspn (s, ":\n") == strlen (s))
+
+static const char *user_name = "";
+static const char *user_pass = "!";
+static uid_t user_id;
+static gid_t user_gid;
+static const char *user_comment = "";
+static const char *user_home = "";
+static const char *user_shell = "";
+static const char *create_mail_spool = "";
+#ifdef WITH_SELINUX
+static /*@notnull@*/const char *user_selinux = "";
+#endif				/* WITH_SELINUX */
+
+static long user_expire = -1;
+static bool is_shadow_pwd;
+
+#ifdef SHADOWGRP
+static bool is_shadow_grp;
+static bool sgr_locked = false;
+#endif
+#ifdef ENABLE_SUBIDS
+static bool is_sub_uid = false;
+static bool is_sub_gid = false;
+static bool sub_uid_locked = false;
+static bool sub_gid_locked = false;
+static uid_t sub_uid_start;	/* New subordinate uid range */
+static unsigned long sub_uid_count;
+static gid_t sub_gid_start;	/* New subordinate gid range */
+static unsigned long sub_gid_count;
+#endif				/* ENABLE_SUBIDS */
+static bool pw_locked = false;
+static bool gr_locked = false;
+static bool spw_locked = false;
+static char **user_groups;	/* NULL-terminated list */
+static long sys_ngroups;
+static bool do_grp_update = false;	/* group files need to be updated */
+
+static bool
+    bflg = false,		/* new default root of home directory */
+    cflg = false,		/* comment (GECOS) field for new account */
+    dflg = false,		/* home directory for new account */
+    Dflg = false,		/* set/show new user default values */
+    eflg = false,		/* days since 1970-01-01 when account is locked */
+    fflg = false,		/* days until account with expired password is locked */
+    gflg = false,		/* primary group ID for new account */
+    Gflg = false,		/* secondary group set for new account */
+    kflg = false,		/* specify a directory to fill new user directory */
+    lflg = false,		/* do not add user to lastlog/faillog databases */
+    mflg = false,		/* create user's home directory if it doesn't exist */
+    Mflg = false,		/* do not create user's home directory even if CREATE_HOME is set */
+    Nflg = false,		/* do not create a group having the same name as the user, but add the user to def_group (or the group specified with -g) */
+    oflg = false,		/* permit non-unique user ID to be specified with -u */
+    rflg = false,		/* create a system account */
+    sflg = false,		/* shell program for new account */
+    uflg = false,		/* specify user ID for new account */
+    Uflg = false;		/* create a group having the same name as the user */
+
+#ifdef WITH_SELINUX
+#define Zflg ('\0' != *user_selinux)
+#endif				/* WITH_SELINUX */
+
+static bool home_added = false;
+
+/*
+ * exit status values
+ */
+/*@-exitarg@*/
+#define E_SUCCESS	0	/* success */
+#define E_PW_UPDATE	1	/* can't update password file */
+#define E_USAGE		2	/* invalid command syntax */
+#define E_BAD_ARG	3	/* invalid argument to option */
+#define E_UID_IN_USE	4	/* UID already in use (and no -o) */
+#define E_NOTFOUND	6	/* specified group doesn't exist */
+#define E_NAME_IN_USE	9	/* username already in use */
+#define E_GRP_UPDATE	10	/* can't update group file */
+#define E_HOMEDIR	12	/* can't create home directory */
+#define E_SE_UPDATE	14	/* can't update SELinux user mapping */
+#ifdef ENABLE_SUBIDS
+#define E_SUB_UID_UPDATE 16	/* can't update the subordinate uid file */
+#define E_SUB_GID_UPDATE 18	/* can't update the subordinate gid file */
+#endif				/* ENABLE_SUBIDS */
+
+#define DGROUP			"GROUP="
+#define DHOME			"HOME="
+#define DSHELL			"SHELL="
+#define DINACT			"INACTIVE="
+#define DEXPIRE			"EXPIRE="
+#define DSKEL			"SKEL="
+#define DCREATE_MAIL_SPOOL	"CREATE_MAIL_SPOOL="
+
+/* local function prototypes */
+static void fail_exit (int);
+static void get_defaults (void);
+static void show_defaults (void);
+static int set_defaults (void);
+static int get_groups (char *);
+static void usage (int status);
+static void new_pwent (struct passwd *);
+
+static long scale_age (long);
+static void new_spent (struct spwd *);
+static void grp_update (void);
+
+static void process_flags (int argc, char **argv);
+static void close_files (void);
+static void open_files (void);
+static void open_shadow (void);
+static void faillog_reset (uid_t);
+static void lastlog_reset (uid_t);
+static void tallylog_reset (char *);
+static void usr_update (void);
+static void create_home (void);
+static void create_mail (void);
+
+/*
+ * fail_exit - undo as much as possible
+ */
+static void fail_exit (int code)
+{
+	if (home_added) {
+		if (rmdir (user_home) != 0) {
+			fprintf (stderr,
+			         _("%s: %s was created, but could not be removed\n"),
+			         Prog, user_home);
+			SYSLOG ((LOG_ERR, "failed to remove %s", user_home));
+		}
+	}
+
+	if (spw_locked) {
+		if (spw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "unlocking shadow file",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+			/* continue */
+		}
+	}
+	if (pw_locked) {
+		if (pw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "unlocking passwd file",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+			/* continue */
+		}
+	}
+	if (gr_locked) {
+		if (gr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "unlocking group file",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+			/* continue */
+		}
+	}
+#ifdef	SHADOWGRP
+	if (sgr_locked) {
+		if (sgr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "unlocking gshadow file",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+			/* continue */
+		}
+	}
+#endif
+#ifdef ENABLE_SUBIDS
+	if (sub_uid_locked) {
+		if (sub_uid_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "unlocking subordinate user file",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+			/* continue */
+		}
+	}
+	if (sub_gid_locked) {
+		if (sub_gid_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "unlocking subordinate group file",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+			/* continue */
+		}
+	}
+#endif				/* ENABLE_SUBIDS */
+
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_ADD_USER, Prog,
+	              "adding user",
+	              user_name, AUDIT_NO_ID,
+	              SHADOW_AUDIT_FAILURE);
+#endif
+	SYSLOG ((LOG_INFO, "failed adding user '%s', data deleted", user_name));
+	exit (code);
+}
+
+#define MATCH(x,y) (strncmp((x),(y),strlen(y)) == 0)
+
+/*
+ * get_defaults - read the defaults file
+ *
+ *	get_defaults() reads the defaults file for this command. It sets the
+ *	various values from the file, or uses built-in default values if the
+ *	file does not exist.
+ */
+static void get_defaults (void)
+{
+	FILE *fp;
+	char buf[1024];
+	char *cp;
+
+	/*
+	 * Open the defaults file for reading.
+	 */
+
+	fp = fopen (USER_DEFAULTS_FILE, "r");
+	if (NULL == fp) {
+		return;
+	}
+
+	/*
+	 * Read the file a line at a time. Only the lines that have relevant
+	 * values are used, everything else can be ignored.
+	 */
+	while (fgets (buf, (int) sizeof buf, fp) == buf) {
+		cp = strrchr (buf, '\n');
+		if (NULL != cp) {
+			*cp = '\0';
+		}
+
+		cp = strchr (buf, '=');
+		if (NULL == cp) {
+			continue;
+		}
+
+		cp++;
+
+		/*
+		 * Primary GROUP identifier
+		 */
+		if (MATCH (buf, DGROUP)) {
+			const struct group *grp = getgr_nam_gid (cp);
+			if (NULL == grp) {
+				fprintf (stderr,
+				         _("%s: group '%s' does not exist\n"),
+				         Prog, cp);
+				fprintf (stderr,
+				         _("%s: the %s configuration in %s will be ignored\n"),
+				         Prog, DGROUP, USER_DEFAULTS_FILE);
+			} else {
+				def_group = grp->gr_gid;
+				def_gname = xstrdup (grp->gr_name);
+			}
+		}
+
+		/*
+		 * Default HOME filesystem
+		 */
+		else if (MATCH (buf, DHOME)) {
+			def_home = xstrdup (cp);
+		}
+
+		/*
+		 * Default Login Shell command
+		 */
+		else if (MATCH (buf, DSHELL)) {
+			def_shell = xstrdup (cp);
+		}
+
+		/*
+		 * Default Password Inactive value
+		 */
+		else if (MATCH (buf, DINACT)) {
+			if (   (getlong (cp, &def_inactive) == 0)
+			    || (def_inactive < -1)) {
+				fprintf (stderr,
+				         _("%s: invalid numeric argument '%s'\n"),
+				         Prog, cp);
+				fprintf (stderr,
+				         _("%s: the %s configuration in %s will be ignored\n"),
+				         Prog, DINACT, USER_DEFAULTS_FILE);
+				def_inactive = -1;
+			}
+		}
+
+		/*
+		 * Default account expiration date
+		 */
+		else if (MATCH (buf, DEXPIRE)) {
+			def_expire = xstrdup (cp);
+		}
+
+		/*
+		 * Default Skeleton information
+		 */
+		else if (MATCH (buf, DSKEL)) {
+			if ('\0' == *cp) {
+				cp = SKEL_DIR;	/* XXX warning: const */
+			}
+
+			def_template = xstrdup (cp);
+		}
+
+		/*
+		 * Create by default user mail spool or not ?
+		 */
+		else if (MATCH (buf, DCREATE_MAIL_SPOOL)) {
+			if (*cp == '\0') {
+				cp = "no";	/* XXX warning: const */
+			}
+
+			def_create_mail_spool = xstrdup (cp);
+		}
+	}
+	(void) fclose (fp);
+}
+
+/*
+ * show_defaults - show the contents of the defaults file
+ *
+ *	show_defaults() displays the values that are used from the default
+ *	file and the built-in values.
+ */
+static void show_defaults (void)
+{
+	printf ("GROUP=%u\n", (unsigned int) def_group);
+	printf ("HOME=%s\n", def_home);
+	printf ("INACTIVE=%ld\n", def_inactive);
+	printf ("EXPIRE=%s\n", def_expire);
+	printf ("SHELL=%s\n", def_shell);
+	printf ("SKEL=%s\n", def_template);
+	printf ("CREATE_MAIL_SPOOL=%s\n", def_create_mail_spool);
+}
+
+/*
+ * set_defaults - write new defaults file
+ *
+ *	set_defaults() re-writes the defaults file using the values that
+ *	are currently set. Duplicated lines are pruned, missing lines are
+ *	added, and unrecognized lines are copied as is.
+ */
+static int set_defaults (void)
+{
+	FILE *ifp;
+	FILE *ofp;
+	char buf[1024];
+	static char new_file[] = NEW_USER_FILE;
+	char *cp;
+	int ofd;
+	int wlen;
+	bool out_group = false;
+	bool out_home = false;
+	bool out_inactive = false;
+	bool out_expire = false;
+	bool out_shell = false;
+	bool out_skel = false;
+	bool out_create_mail_spool = false;
+
+	/*
+	 * Create a temporary file to copy the new output to.
+	 */
+	ofd = mkstemp (new_file);
+	if (-1 == ofd) {
+		fprintf (stderr,
+		         _("%s: cannot create new defaults file\n"),
+		         Prog);
+		return -1;
+	}
+
+	ofp = fdopen (ofd, "w");
+	if (NULL == ofp) {
+		fprintf (stderr,
+		         _("%s: cannot open new defaults file\n"),
+		         Prog);
+		return -1;
+	}
+
+	/*
+	 * Open the existing defaults file and copy the lines to the
+	 * temporary file, using any new values. Each line is checked
+	 * to insure that it is not output more than once.
+	 */
+	ifp = fopen (USER_DEFAULTS_FILE, "r");
+	if (NULL == ifp) {
+		fprintf (ofp, "# useradd defaults file\n");
+		goto skip;
+	}
+
+	while (fgets (buf, (int) sizeof buf, ifp) == buf) {
+		cp = strrchr (buf, '\n');
+		if (NULL != cp) {
+			*cp = '\0';
+		} else {
+			/* A line which does not end with \n is only valid
+			 * at the end of the file.
+			 */
+			if (feof (ifp) == 0) {
+				fprintf (stderr,
+				         _("%s: line too long in %s: %s..."),
+				         Prog, USER_DEFAULTS_FILE, buf);
+				(void) fclose (ifp);
+				return -1;
+			}
+		}
+
+		if (!out_group && MATCH (buf, DGROUP)) {
+			fprintf (ofp, DGROUP "%u\n", (unsigned int) def_group);
+			out_group = true;
+		} else if (!out_home && MATCH (buf, DHOME)) {
+			fprintf (ofp, DHOME "%s\n", def_home);
+			out_home = true;
+		} else if (!out_inactive && MATCH (buf, DINACT)) {
+			fprintf (ofp, DINACT "%ld\n", def_inactive);
+			out_inactive = true;
+		} else if (!out_expire && MATCH (buf, DEXPIRE)) {
+			fprintf (ofp, DEXPIRE "%s\n", def_expire);
+			out_expire = true;
+		} else if (!out_shell && MATCH (buf, DSHELL)) {
+			fprintf (ofp, DSHELL "%s\n", def_shell);
+			out_shell = true;
+		} else if (!out_skel && MATCH (buf, DSKEL)) {
+			fprintf (ofp, DSKEL "%s\n", def_template);
+			out_skel = true;
+		} else if (!out_create_mail_spool
+			   && MATCH (buf, DCREATE_MAIL_SPOOL)) {
+			fprintf (ofp,
+			         DCREATE_MAIL_SPOOL "%s\n",
+			         def_create_mail_spool);
+			out_create_mail_spool = true;
+		} else
+			fprintf (ofp, "%s\n", buf);
+	}
+	(void) fclose (ifp);
+
+      skip:
+	/*
+	 * Check each line to insure that every line was output. This
+	 * causes new values to be added to a file which did not previously
+	 * have an entry for that value.
+	 */
+	if (!out_group)
+		fprintf (ofp, DGROUP "%u\n", (unsigned int) def_group);
+	if (!out_home)
+		fprintf (ofp, DHOME "%s\n", def_home);
+	if (!out_inactive)
+		fprintf (ofp, DINACT "%ld\n", def_inactive);
+	if (!out_expire)
+		fprintf (ofp, DEXPIRE "%s\n", def_expire);
+	if (!out_shell)
+		fprintf (ofp, DSHELL "%s\n", def_shell);
+	if (!out_skel)
+		fprintf (ofp, DSKEL "%s\n", def_template);
+
+	if (!out_create_mail_spool)
+		fprintf (ofp, DCREATE_MAIL_SPOOL "%s\n", def_create_mail_spool);
+
+	/*
+	 * Flush and close the file. Check for errors to make certain
+	 * the new file is intact.
+	 */
+	(void) fflush (ofp);
+	if (   (ferror (ofp) != 0)
+	    || (fsync (fileno (ofp)) != 0)
+	    || (fclose (ofp) != 0)) {
+		unlink (new_file);
+		return -1;
+	}
+
+	/*
+	 * Rename the current default file to its backup name.
+	 */
+	wlen = snprintf (buf, sizeof buf, "%s-", USER_DEFAULTS_FILE);
+	assert (wlen < (int) sizeof buf);
+	unlink (buf);
+	if ((link (USER_DEFAULTS_FILE, buf) != 0) && (ENOENT != errno)) {
+		int err = errno;
+		fprintf (stderr,
+		         _("%s: Cannot create backup file (%s): %s\n"),
+		         Prog, buf, strerror (err));
+		unlink (new_file);
+		return -1;
+	}
+
+	/*
+	 * Rename the new default file to its correct name.
+	 */
+	if (rename (new_file, USER_DEFAULTS_FILE) != 0) {
+		int err = errno;
+		fprintf (stderr,
+		         _("%s: rename: %s: %s\n"),
+		         Prog, new_file, strerror (err));
+		return -1;
+	}
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_USYS_CONFIG, Prog,
+	              "changing useradd defaults",
+	              NULL, AUDIT_NO_ID,
+	              SHADOW_AUDIT_SUCCESS);
+#endif
+	SYSLOG ((LOG_INFO,
+	         "useradd defaults: GROUP=%u, HOME=%s, SHELL=%s, INACTIVE=%ld, "
+	         "EXPIRE=%s, SKEL=%s, CREATE_MAIL_SPOOL=%s",
+	         (unsigned int) def_group, def_home, def_shell,
+	         def_inactive, def_expire, def_template,
+	         def_create_mail_spool));
+	return 0;
+}
+
+/*
+ * get_groups - convert a list of group names to an array of group IDs
+ *
+ *	get_groups() takes a comma-separated list of group names and
+ *	converts it to a NULL-terminated array. Any unknown group
+ *	names are reported as errors.
+ */
+static int get_groups (char *list)
+{
+	char *cp;
+	const struct group *grp;
+	int errors = 0;
+	int ngroups = 0;
+
+	if ('\0' == *list) {
+		return 0;
+	}
+
+	/*
+	 * So long as there is some data to be converted, strip off
+	 * each name and look it up. A mix of numerical and string
+	 * values for group identifiers is permitted.
+	 */
+	do {
+		/*
+		 * Strip off a single name from the list
+		 */
+		cp = strchr (list, ',');
+		if (NULL != cp) {
+			*cp++ = '\0';
+		}
+
+		/*
+		 * Names starting with digits are treated as numerical
+		 * GID values, otherwise the string is looked up as is.
+		 */
+		grp = getgr_nam_gid (list);
+
+		/*
+		 * There must be a match, either by GID value or by
+		 * string name.
+		 * FIXME: It should exist according to gr_locate,
+		 *        otherwise, we can't change its members
+		 */
+		if (NULL == grp) {
+			fprintf (stderr,
+			         _("%s: group '%s' does not exist\n"),
+			         Prog, list);
+			errors++;
+		}
+		list = cp;
+
+		/*
+		 * If the group doesn't exist, don't dump core...
+		 * Instead, try the next one.  --marekm
+		 */
+		if (NULL == grp) {
+			continue;
+		}
+
+#ifdef	USE_NIS
+		/*
+		 * Don't add this group if they are an NIS group. Tell
+		 * the user to go to the server for this group.
+		 */
+		if (__isgrNIS ()) {
+			fprintf (stderr,
+			         _("%s: group '%s' is a NIS group.\n"),
+			         Prog, grp->gr_name);
+			continue;
+		}
+#endif
+
+		if (ngroups == sys_ngroups) {
+			fprintf (stderr,
+			         _("%s: too many groups specified (max %d).\n"),
+			         Prog, ngroups);
+			break;
+		}
+
+		/*
+		 * Add the group name to the user's list of groups.
+		 */
+		user_groups[ngroups++] = xstrdup (grp->gr_name);
+	} while (NULL != list);
+
+	user_groups[ngroups] = (char *) 0;
+
+	/*
+	 * Any errors in finding group names are fatal
+	 */
+	if (0 != errors) {
+		return -1;
+	}
+
+	return 0;
+}
+
+/*
+ * usage - display usage message and exit
+ */
+static void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options] LOGIN\n"
+	                  "       %s -D\n"
+	                  "       %s -D [options]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog, Prog, Prog);
+	(void) fputs (_("  -b, --base-dir BASE_DIR       base directory for the home directory of the\n"
+	                "                                new account\n"), usageout);
+	(void) fputs (_("  -c, --comment COMMENT         GECOS field of the new account\n"), usageout);
+	(void) fputs (_("  -d, --home-dir HOME_DIR       home directory of the new account\n"), usageout);
+	(void) fputs (_("  -D, --defaults                print or change default useradd configuration\n"), usageout);
+	(void) fputs (_("  -e, --expiredate EXPIRE_DATE  expiration date of the new account\n"), usageout);
+	(void) fputs (_("  -f, --inactive INACTIVE       password inactivity period of the new account\n"), usageout);
+	(void) fputs (_("  -g, --gid GROUP               name or ID of the primary group of the new\n"
+	                "                                account\n"), usageout);
+	(void) fputs (_("  -G, --groups GROUPS           list of supplementary groups of the new\n"
+	                "                                account\n"), usageout);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -k, --skel SKEL_DIR           use this alternative skeleton directory\n"), usageout);
+	(void) fputs (_("  -K, --key KEY=VALUE           override /etc/login.defs defaults\n"), usageout);
+	(void) fputs (_("  -l, --no-log-init             do not add the user to the lastlog and\n"
+	                "                                faillog databases\n"), usageout);
+	(void) fputs (_("  -m, --create-home             create the user's home directory\n"), usageout);
+	(void) fputs (_("  -M, --no-create-home          do not create the user's home directory\n"), usageout);
+	(void) fputs (_("  -N, --no-user-group           do not create a group with the same name as\n"
+	                "                                the user\n"), usageout);
+	(void) fputs (_("  -o, --non-unique              allow to create users with duplicate\n"
+	                "                                (non-unique) UID\n"), usageout);
+	(void) fputs (_("  -p, --password PASSWORD       encrypted password of the new account\n"), usageout);
+	(void) fputs (_("  -r, --system                  create a system account\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs (_("  -s, --shell SHELL             login shell of the new account\n"), usageout);
+	(void) fputs (_("  -u, --uid UID                 user ID of the new account\n"), usageout);
+	(void) fputs (_("  -U, --user-group              create a group with the same name as the user\n"), usageout);
+#ifdef WITH_SELINUX
+	(void) fputs (_("  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping\n"), usageout);
+#endif				/* WITH_SELINUX */
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+/*
+ * new_pwent - initialize the values in a password file entry
+ *
+ *	new_pwent() takes all of the values that have been entered and
+ *	fills in a (struct passwd) with them.
+ */
+static void new_pwent (struct passwd *pwent)
+{
+	memzero (pwent, sizeof *pwent);
+	pwent->pw_name = (char *) user_name;
+	if (is_shadow_pwd) {
+		pwent->pw_passwd = (char *) SHADOW_PASSWD_STRING;
+	} else {
+		pwent->pw_passwd = (char *) user_pass;
+	}
+
+	pwent->pw_uid = user_id;
+	pwent->pw_gid = user_gid;
+	pwent->pw_gecos = (char *) user_comment;
+	pwent->pw_dir = (char *) user_home;
+	pwent->pw_shell = (char *) user_shell;
+}
+
+static long scale_age (long x)
+{
+	if (x <= 0) {
+		return x;
+	}
+
+	return x * (DAY / SCALE);
+}
+
+/*
+ * new_spent - initialize the values in a shadow password file entry
+ *
+ *	new_spent() takes all of the values that have been entered and
+ *	fills in a (struct spwd) with them.
+ */
+static void new_spent (struct spwd *spent)
+{
+	memzero (spent, sizeof *spent);
+	spent->sp_namp = (char *) user_name;
+	spent->sp_pwdp = (char *) user_pass;
+	spent->sp_lstchg = (long) gettime () / SCALE;
+	if (0 == spent->sp_lstchg) {
+		/* Better disable aging than requiring a password change */
+		spent->sp_lstchg = -1;
+	}
+	if (!rflg) {
+		spent->sp_min = scale_age (getdef_num ("PASS_MIN_DAYS", -1));
+		spent->sp_max = scale_age (getdef_num ("PASS_MAX_DAYS", -1));
+		spent->sp_warn = scale_age (getdef_num ("PASS_WARN_AGE", -1));
+		spent->sp_inact = scale_age (def_inactive);
+		spent->sp_expire = scale_age (user_expire);
+	} else {
+		spent->sp_min = -1;
+		spent->sp_max = -1;
+		spent->sp_warn = -1;
+		spent->sp_inact = -1;
+		spent->sp_expire = -1;
+	}
+	spent->sp_flag = SHADOW_SP_FLAG_UNSET;
+}
+
+/*
+ * grp_update - add user to secondary group set
+ *
+ *	grp_update() takes the secondary group set given in user_groups
+ *	and adds the user to each group given by that set.
+ *
+ *	The group files are opened and locked in open_files().
+ *
+ *	close_files() should be called afterwards to commit the changes
+ *	and unlocking the group files.
+ */
+static void grp_update (void)
+{
+	const struct group *grp;
+	struct group *ngrp;
+
+#ifdef	SHADOWGRP
+	const struct sgrp *sgrp;
+	struct sgrp *nsgrp;
+#endif
+
+	/*
+	 * Scan through the entire group file looking for the groups that
+	 * the user is a member of.
+	 * FIXME: we currently do not check that all groups of user_groups
+	 *        were completed with the new user.
+	 */
+	for (gr_rewind (), grp = gr_next (); NULL != grp; grp = gr_next ()) {
+
+		/*
+		 * See if the user specified this group as one of their
+		 * concurrent groups.
+		 */
+		if (!is_on_list (user_groups, grp->gr_name)) {
+			continue;
+		}
+
+		/*
+		 * Make a copy - gr_update() will free() everything
+		 * from the old entry, and we need it later.
+		 */
+		ngrp = __gr_dup (grp);
+		if (NULL == ngrp) {
+			fprintf (stderr,
+			         _("%s: Out of memory. Cannot update %s.\n"),
+			         Prog, gr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", gr_dbname (), user_name));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "adding user to group",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+			fail_exit (E_GRP_UPDATE);	/* XXX */
+		}
+
+		/* 
+		 * Add the username to the list of group members and
+		 * update the group entry to reflect the change.
+		 */
+		ngrp->gr_mem = add_list (ngrp->gr_mem, user_name);
+		if (gr_update (ngrp) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, gr_dbname (), ngrp->gr_name);
+			SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", gr_dbname (), user_name));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "adding user to group",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+			fail_exit (E_GRP_UPDATE);
+		}
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_ADD_USER, Prog,
+		              "adding user to group",
+		              user_name, AUDIT_NO_ID,
+		              SHADOW_AUDIT_SUCCESS);
+#endif
+		SYSLOG ((LOG_INFO,
+		         "add '%s' to group '%s'",
+		         user_name, ngrp->gr_name));
+	}
+
+#ifdef	SHADOWGRP
+	if (!is_shadow_grp)
+		return;
+
+	/*
+	 * Scan through the entire shadow group file looking for the groups
+	 * that the user is a member of. The administrative list isn't
+	 * modified.
+	 */
+	for (sgr_rewind (), sgrp = sgr_next (); NULL != sgrp; sgrp = sgr_next ()) {
+
+		/*
+		 * See if the user specified this group as one of their
+		 * concurrent groups.
+		 * FIXME: is it really needed?
+		 *        This would be important only if the group is in
+		 *        user_groups. All these groups should be checked
+		 *        for existence with gr_locate already.
+		 */
+		if (gr_locate (sgrp->sg_name) == NULL) {
+			continue;
+		}
+
+		if (!is_on_list (user_groups, sgrp->sg_name)) {
+			continue;
+		}
+
+		/*
+		 * Make a copy - sgr_update() will free() everything
+		 * from the old entry, and we need it later.
+		 */
+		nsgrp = __sgr_dup (sgrp);
+		if (NULL == nsgrp) {
+			fprintf (stderr,
+			         _("%s: Out of memory. Cannot update %s.\n"),
+			         Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", sgr_dbname (), user_name));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "adding user to shadow group",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+			fail_exit (E_GRP_UPDATE);	/* XXX */
+		}
+
+		/* 
+		 * Add the username to the list of group members and
+		 * update the group entry to reflect the change.
+		 */
+		nsgrp->sg_mem = add_list (nsgrp->sg_mem, user_name);
+		if (sgr_update (nsgrp) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, sgr_dbname (), nsgrp->sg_name);
+			SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", sgr_dbname (), user_name));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "adding user to shadow group",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+			fail_exit (E_GRP_UPDATE);
+		}
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_ADD_USER, Prog,
+		              "adding user to shadow group",
+		              user_name, AUDIT_NO_ID,
+		              SHADOW_AUDIT_SUCCESS);
+#endif
+		SYSLOG ((LOG_INFO,
+		         "add '%s' to shadow group '%s'",
+		         user_name, nsgrp->sg_name));
+	}
+#endif				/* SHADOWGRP */
+}
+
+/*
+ * process_flags - perform command line argument setting
+ *
+ *	process_flags() interprets the command line arguments and sets
+ *	the values that the user will be created with accordingly. The
+ *	values are checked for sanity.
+ */
+static void process_flags (int argc, char **argv)
+{
+	const struct group *grp;
+	bool anyflag = false;
+	char *cp;
+
+	{
+		/*
+		 * Parse the command line options.
+		 */
+		int c;
+		static struct option long_options[] = {
+			{"base-dir",       required_argument, NULL, 'b'},
+			{"comment",        required_argument, NULL, 'c'},
+			{"home-dir",       required_argument, NULL, 'd'},
+			{"defaults",       no_argument,       NULL, 'D'},
+			{"expiredate",     required_argument, NULL, 'e'},
+			{"inactive",       required_argument, NULL, 'f'},
+			{"gid",            required_argument, NULL, 'g'},
+			{"groups",         required_argument, NULL, 'G'},
+			{"help",           no_argument,       NULL, 'h'},
+			{"skel",           required_argument, NULL, 'k'},
+			{"key",            required_argument, NULL, 'K'},
+			{"no-log-init",    no_argument,       NULL, 'l'},
+			{"create-home",    no_argument,       NULL, 'm'},
+			{"no-create-home", no_argument,       NULL, 'M'},
+			{"no-user-group",  no_argument,       NULL, 'N'},
+			{"non-unique",     no_argument,       NULL, 'o'},
+			{"password",       required_argument, NULL, 'p'},
+			{"system",         no_argument,       NULL, 'r'},
+			{"root",           required_argument, NULL, 'R'},
+			{"shell",          required_argument, NULL, 's'},
+			{"uid",            required_argument, NULL, 'u'},
+			{"user-group",     no_argument,       NULL, 'U'},
+#ifdef WITH_SELINUX
+			{"selinux-user",   required_argument, NULL, 'Z'},
+#endif				/* WITH_SELINUX */
+			{NULL, 0, NULL, '\0'}
+		};
+		while ((c = getopt_long (argc, argv,
+#ifdef WITH_SELINUX
+		                         "b:c:d:De:f:g:G:hk:K:lmMNop:rR:s:u:UZ:",
+#else				/* !WITH_SELINUX */
+		                         "b:c:d:De:f:g:G:hk:K:lmMNop:rR:s:u:U",
+#endif				/* !WITH_SELINUX */
+		                         long_options, NULL)) != -1) {
+			switch (c) {
+			case 'b':
+				if (   ( !VALID (optarg) )
+				    || ( optarg[0] != '/' )) {
+					fprintf (stderr,
+					         _("%s: invalid base directory '%s'\n"),
+					         Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				def_home = optarg;
+				bflg = true;
+				break;
+			case 'c':
+				if (!VALID (optarg)) {
+					fprintf (stderr,
+					         _("%s: invalid comment '%s'\n"),
+					         Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				user_comment = optarg;
+				cflg = true;
+				break;
+			case 'd':
+				if (   ( !VALID (optarg) )
+				    || ( optarg[0] != '/' )) {
+					fprintf (stderr,
+					         _("%s: invalid home directory '%s'\n"),
+					         Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				user_home = optarg;
+				dflg = true;
+				break;
+			case 'D':
+				if (anyflag) {
+					usage (E_USAGE);
+				}
+				Dflg = true;
+				break;
+			case 'e':
+				if ('\0' != *optarg) {
+					user_expire = strtoday (optarg);
+					if (user_expire < -1) {
+						fprintf (stderr,
+						         _("%s: invalid date '%s'\n"),
+						         Prog, optarg);
+						exit (E_BAD_ARG);
+					}
+				} else {
+					user_expire = -1;
+				}
+
+				/*
+				 * -e "" is allowed without /etc/shadow
+				 * (it's a no-op in such case)
+				 */
+				if ((-1 != user_expire) && !is_shadow_pwd) {
+					fprintf (stderr,
+					         _("%s: shadow passwords required for -e\n"),
+					         Prog);
+					exit (E_USAGE);
+				}
+				if (Dflg) {
+					def_expire = optarg;
+				}
+				eflg = true;
+				break;
+			case 'f':
+				if (   (getlong (optarg, &def_inactive) == 0)
+				    || (def_inactive < -1)) {
+					fprintf (stderr,
+					         _("%s: invalid numeric argument '%s'\n"),
+					         Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				/*
+				 * -f -1 is allowed
+				 * it's a no-op without /etc/shadow
+				 */
+				if ((-1 != def_inactive) && !is_shadow_pwd) {
+					fprintf (stderr,
+					         _("%s: shadow passwords required for -f\n"),
+					         Prog);
+					exit (E_USAGE);
+				}
+				fflg = true;
+				break;
+			case 'g':
+				grp = getgr_nam_gid (optarg);
+				if (NULL == grp) {
+					fprintf (stderr,
+					         _("%s: group '%s' does not exist\n"),
+					         Prog, optarg);
+					exit (E_NOTFOUND);
+				}
+				if (Dflg) {
+					def_group = grp->gr_gid;
+					def_gname = optarg;
+				} else {
+					user_gid = grp->gr_gid;
+				}
+				gflg = true;
+				break;
+			case 'G':
+				if (get_groups (optarg) != 0) {
+					exit (E_NOTFOUND);
+				}
+				if (NULL != user_groups[0]) {
+					do_grp_update = true;
+				}
+				Gflg = true;
+				break;
+			case 'h':
+				usage (E_SUCCESS);
+				break;
+			case 'k':
+				def_template = optarg;
+				kflg = true;
+				break;
+			case 'K':
+				/*
+				 * override login.defs defaults (-K name=value)
+				 * example: -K UID_MIN=100 -K UID_MAX=499
+				 * note: -K UID_MIN=10,UID_MAX=499 doesn't work yet
+				 */
+				cp = strchr (optarg, '=');
+				if (NULL == cp) {
+					fprintf (stderr,
+					         _("%s: -K requires KEY=VALUE\n"),
+					         Prog);
+					exit (E_BAD_ARG);
+				}
+				/* terminate name, point to value */
+				*cp = '\0';
+				cp++;
+				if (putdef_str (optarg, cp) < 0) {
+					exit (E_BAD_ARG);
+				}
+				break;
+			case 'l':
+				lflg = true;
+				break;
+			case 'm':
+				mflg = true;
+				break;
+			case 'M':
+				Mflg = true;
+				break;
+			case 'N':
+				Nflg = true;
+				break;
+			case 'o':
+				oflg = true;
+				break;
+			case 'p':	/* set encrypted password */
+				if (!VALID (optarg)) {
+					fprintf (stderr,
+					         _("%s: invalid field '%s'\n"),
+					         Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				user_pass = optarg;
+				break;
+			case 'r':
+				rflg = true;
+				break;
+			case 'R': /* no-op, handled in process_root_flag () */
+				break;
+			case 's':
+				if (   ( !VALID (optarg) )
+				    || (   ('\0' != optarg[0])
+				        && ('/'  != optarg[0])
+				        && ('*'  != optarg[0]) )) {
+					fprintf (stderr,
+					         _("%s: invalid shell '%s'\n"),
+					         Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				user_shell = optarg;
+				def_shell = optarg;
+				sflg = true;
+				break;
+			case 'u':
+				if (   (get_uid (optarg, &user_id) == 0)
+				    || (user_id == (gid_t)-1)) {
+					fprintf (stderr,
+					         _("%s: invalid user ID '%s'\n"),
+					         Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				uflg = true;
+				break;
+			case 'U':
+				Uflg = true;
+				break;
+#ifdef WITH_SELINUX
+			case 'Z':
+				if (is_selinux_enabled () > 0) {
+					user_selinux = optarg;
+				} else {
+					fprintf (stderr,
+					         _("%s: -Z requires SELinux enabled kernel\n"),
+					         Prog);
+
+					exit (E_BAD_ARG);
+				}
+				break;
+#endif				/* WITH_SELINUX */
+			default:
+				usage (E_USAGE);
+			}
+			anyflag = true;
+		}
+	}
+
+	if (!gflg && !Nflg && !Uflg) {
+		/* Get the settings from login.defs */
+		Uflg = getdef_bool ("USERGROUPS_ENAB");
+	}
+
+	/*
+	 * Certain options are only valid in combination with others.
+	 * Check it here so that they can be specified in any order.
+	 */
+	if (oflg && !uflg) {
+		fprintf (stderr,
+		         _("%s: %s flag is only allowed with the %s flag\n"),
+		         Prog, "-o", "-u");
+		usage (E_USAGE);
+	}
+	if (kflg && !mflg) {
+		fprintf (stderr,
+		         _("%s: %s flag is only allowed with the %s flag\n"),
+		         Prog, "-k", "-m");
+		usage (E_USAGE);
+	}
+	if (Uflg && gflg) {
+		fprintf (stderr,
+		         _("%s: options %s and %s conflict\n"),
+		         Prog, "-U", "-g");
+		usage (E_USAGE);
+	}
+	if (Uflg && Nflg) {
+		fprintf (stderr,
+		         _("%s: options %s and %s conflict\n"),
+		         Prog, "-U", "-N");
+		usage (E_USAGE);
+	}
+	if (mflg && Mflg) {
+		fprintf (stderr,
+		         _("%s: options %s and %s conflict\n"),
+		         Prog, "-m", "-M");
+		usage (E_USAGE);
+	}
+
+	/*
+	 * Either -D or username is required. Defaults can be set with -D
+	 * for the -b, -e, -f, -g, -s options only.
+	 */
+	if (Dflg) {
+		if (optind != argc) {
+			usage (E_USAGE);
+		}
+
+		if (uflg || Gflg || dflg || cflg || mflg) {
+			usage (E_USAGE);
+		}
+	} else {
+		if (optind != argc - 1) {
+			usage (E_USAGE);
+		}
+
+		user_name = argv[optind];
+		if (!is_valid_user_name (user_name)) {
+			fprintf (stderr,
+			         _("%s: invalid user name '%s'\n"),
+			         Prog, user_name);
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "adding user",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+			exit (E_BAD_ARG);
+		}
+		if (!dflg) {
+			char *uh;
+			size_t len = strlen (def_home) + strlen (user_name) + 2;
+			int wlen;
+
+			uh = xmalloc (len);
+			wlen = snprintf (uh, len, "%s/%s", def_home, user_name);
+			assert (wlen == (int) len -1);
+
+			user_home = uh;
+		}
+	}
+
+	if (!eflg) {
+		user_expire = strtoday (def_expire);
+	}
+
+	if (!gflg) {
+		user_gid = def_group;
+	}
+
+	if (!sflg) {
+		user_shell = def_shell;
+	}
+
+	create_mail_spool = def_create_mail_spool;
+
+	if (!rflg) {
+		/* for system accounts defaults are ignored and we
+		 * do not create a home dir */
+		if (getdef_bool ("CREATE_HOME")) {
+			mflg = true;
+		}
+	}
+
+	if (Mflg) {
+		/* absolutely sure that we do not create home dirs */
+		mflg = false;
+	}
+}
+
+/*
+ * close_files - close all of the files that were opened
+ *
+ *	close_files() closes all of the files that were opened for this
+ *	new user. This causes any modified entries to be written out.
+ */
+static void close_files (void)
+{
+	if (pw_close () == 0) {
+		fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+		fail_exit (E_PW_UPDATE);
+	}
+	if (is_shadow_pwd && (spw_close () == 0)) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"), Prog, spw_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
+		fail_exit (E_PW_UPDATE);
+	}
+	if (do_grp_update) {
+		if (gr_close () == 0) {
+			fprintf (stderr,
+			         _("%s: failure while writing changes to %s\n"), Prog, gr_dbname ());
+			SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
+			fail_exit (E_GRP_UPDATE);
+		}
+#ifdef	SHADOWGRP
+		if (is_shadow_grp && (sgr_close () == 0)) {
+			fprintf (stderr,
+			         _("%s: failure while writing changes to %s\n"),
+			         Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
+			fail_exit (E_GRP_UPDATE);
+		}
+#endif
+	}
+#ifdef ENABLE_SUBIDS
+	if (is_sub_uid  && (sub_uid_close () == 0)) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"), Prog, sub_uid_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_uid_dbname ()));
+		fail_exit (E_SUB_UID_UPDATE);
+	}
+	if (is_sub_gid  && (sub_gid_close () == 0)) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"), Prog, sub_gid_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_gid_dbname ()));
+		fail_exit (E_SUB_GID_UPDATE);
+	}
+#endif				/* ENABLE_SUBIDS */
+	if (is_shadow_pwd) {
+		if (spw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "unlocking shadow file",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+			/* continue */
+		}
+		spw_locked = false;
+	}
+	if (pw_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_ADD_USER, Prog,
+		              "unlocking passwd file",
+		              user_name, AUDIT_NO_ID,
+		              SHADOW_AUDIT_FAILURE);
+#endif
+		/* continue */
+	}
+	pw_locked = false;
+	if (gr_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_ADD_USER, Prog,
+		              "unlocking group file",
+		              user_name, AUDIT_NO_ID,
+		              SHADOW_AUDIT_FAILURE);
+#endif
+		/* continue */
+	}
+	gr_locked = false;
+#ifdef	SHADOWGRP
+	if (is_shadow_grp) {
+		if (sgr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "unlocking gshadow file",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+			/* continue */
+		}
+		sgr_locked = false;
+	}
+#endif
+#ifdef ENABLE_SUBIDS
+	if (is_sub_uid) {
+		if (sub_uid_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+				"unlocking subordinate user file",
+				user_name, AUDIT_NO_ID,
+				SHADOW_AUDIT_FAILURE);
+#endif
+			/* continue */
+		}
+		sub_uid_locked = false;
+	}
+	if (is_sub_gid) {
+		if (sub_gid_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+				"unlocking subordinate group file",
+				user_name, AUDIT_NO_ID,
+				SHADOW_AUDIT_FAILURE);
+#endif
+			/* continue */
+		}
+		sub_gid_locked = false;
+	}
+#endif				/* ENABLE_SUBIDS */
+}
+
+/*
+ * open_files - lock and open the password files
+ *
+ *	open_files() opens the two password files.
+ */
+static void open_files (void)
+{
+	if (pw_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, pw_dbname ());
+		exit (E_PW_UPDATE);
+	}
+	pw_locked = true;
+	if (pw_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ());
+		fail_exit (E_PW_UPDATE);
+	}
+
+	/* shadow file will be opened by open_shadow(); */
+
+	/*
+	 * Lock and open the group file.
+	 */
+	if (gr_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, gr_dbname ());
+		fail_exit (E_GRP_UPDATE);
+	}
+	gr_locked = true;
+	if (gr_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
+		fail_exit (E_GRP_UPDATE);
+	}
+#ifdef  SHADOWGRP
+	if (is_shadow_grp) {
+		if (sgr_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, sgr_dbname ());
+			fail_exit (E_GRP_UPDATE);
+		}
+		sgr_locked = true;
+		if (sgr_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, sgr_dbname ());
+			fail_exit (E_GRP_UPDATE);
+		}
+	}
+#endif
+#ifdef ENABLE_SUBIDS
+	if (is_sub_uid) {
+		if (sub_uid_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, sub_uid_dbname ());
+			fail_exit (E_SUB_UID_UPDATE);
+		}
+		sub_uid_locked = true;
+		if (sub_uid_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, sub_uid_dbname ());
+			fail_exit (E_SUB_UID_UPDATE);
+		}
+	}
+	if (is_sub_gid) {
+		if (sub_gid_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, sub_gid_dbname ());
+			fail_exit (E_SUB_GID_UPDATE);
+		}
+		sub_gid_locked = true;
+		if (sub_gid_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, sub_gid_dbname ());
+			fail_exit (E_SUB_GID_UPDATE);
+		}
+	}
+#endif				/* ENABLE_SUBIDS */
+}
+
+static void open_shadow (void)
+{
+	if (!is_shadow_pwd) {
+		return;
+	}
+	if (spw_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, spw_dbname ());
+		fail_exit (E_PW_UPDATE);
+	}
+	spw_locked = true;
+	if (spw_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot open %s\n"),
+		         Prog, spw_dbname ());
+		fail_exit (E_PW_UPDATE);
+	}
+}
+
+static char *empty_list = NULL;
+
+/*
+ * new_grent - initialize the values in a group file entry
+ *
+ *      new_grent() takes all of the values that have been entered and fills
+ *      in a (struct group) with them.
+ */
+
+static void new_grent (struct group *grent)
+{
+	memzero (grent, sizeof *grent);
+	grent->gr_name = (char *) user_name;
+#ifdef  SHADOWGRP
+	if (is_shadow_grp) {
+		grent->gr_passwd = SHADOW_PASSWD_STRING;	/* XXX warning: const */
+	} else
+#endif				/* SHADOWGRP */
+	{
+		grent->gr_passwd = "!";	/* XXX warning: const */
+	}
+	grent->gr_gid = user_gid;
+	grent->gr_mem = &empty_list;
+}
+
+#ifdef  SHADOWGRP
+/*
+ * new_sgent - initialize the values in a shadow group file entry
+ *
+ *      new_sgent() takes all of the values that have been entered and fills
+ *      in a (struct sgrp) with them.
+ */
+
+static void new_sgent (struct sgrp *sgent)
+{
+	memzero (sgent, sizeof *sgent);
+	sgent->sg_name = (char *) user_name;
+	sgent->sg_passwd = "!";	/* XXX warning: const */
+	sgent->sg_adm = &empty_list;
+	sgent->sg_mem = &empty_list;
+}
+#endif				/* SHADOWGRP */
+
+
+/*
+ * grp_add - add new group file entries
+ *
+ *      grp_add() writes the new records to the group files.
+ */
+
+static void grp_add (void)
+{
+	struct group grp;
+
+#ifdef  SHADOWGRP
+	struct sgrp sgrp;
+#endif				/* SHADOWGRP */
+
+	/*
+	 * Create the initial entries for this new group.
+	 */
+	new_grent (&grp);
+#ifdef  SHADOWGRP
+	new_sgent (&sgrp);
+#endif				/* SHADOWGRP */
+
+	/*
+	 * Write out the new group file entry.
+	 */
+	if (gr_update (&grp) == 0) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry '%s'\n"),
+		         Prog, gr_dbname (), grp.gr_name);
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_ADD_GROUP, Prog,
+		              "adding group",
+		              grp.gr_name, AUDIT_NO_ID,
+		              SHADOW_AUDIT_FAILURE);
+#endif
+		fail_exit (E_GRP_UPDATE);
+	}
+#ifdef  SHADOWGRP
+	/*
+	 * Write out the new shadow group entries as well.
+	 */
+	if (is_shadow_grp && (sgr_update (&sgrp) == 0)) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry '%s'\n"),
+		         Prog, sgr_dbname (), sgrp.sg_name);
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_ADD_GROUP, Prog,
+		              "adding group",
+		              grp.gr_name, AUDIT_NO_ID,
+		              SHADOW_AUDIT_FAILURE);
+#endif
+		fail_exit (E_GRP_UPDATE);
+	}
+#endif				/* SHADOWGRP */
+	SYSLOG ((LOG_INFO, "new group: name=%s, GID=%u", user_name, user_gid));
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_ADD_GROUP, Prog,
+	              "adding group",
+	              grp.gr_name, AUDIT_NO_ID,
+	              SHADOW_AUDIT_SUCCESS);
+#endif
+	do_grp_update = true;
+}
+
+static void faillog_reset (uid_t uid)
+{
+	struct faillog fl;
+	int fd;
+	off_t offset_uid = (off_t) (sizeof fl) * uid;
+
+	if (access (FAILLOG_FILE, F_OK) != 0) {
+		return;
+	}
+
+	memzero (&fl, sizeof (fl));
+
+	fd = open (FAILLOG_FILE, O_RDWR);
+	if (   (-1 == fd)
+	    || (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
+	    || (write (fd, &fl, sizeof (fl)) != (ssize_t) sizeof (fl))
+	    || (fsync (fd) != 0)
+	    || (close (fd) != 0)) {
+		fprintf (stderr,
+		         _("%s: failed to reset the faillog entry of UID %lu: %s\n"),
+		         Prog, (unsigned long) uid, strerror (errno));
+		SYSLOG ((LOG_WARN, "failed to reset the faillog entry of UID %lu", (unsigned long) uid));
+		/* continue */
+	}
+}
+
+static void lastlog_reset (uid_t uid)
+{
+	struct lastlog ll;
+	int fd;
+	off_t offset_uid = (off_t) (sizeof ll) * uid;
+
+	if (access (LASTLOG_FILE, F_OK) != 0) {
+		return;
+	}
+
+	memzero (&ll, sizeof (ll));
+
+	fd = open (LASTLOG_FILE, O_RDWR);
+	if (   (-1 == fd)
+	    || (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
+	    || (write (fd, &ll, sizeof (ll)) != (ssize_t) sizeof (ll))
+	    || (fsync (fd) != 0)
+	    || (close (fd) != 0)) {
+		fprintf (stderr,
+		         _("%s: failed to reset the lastlog entry of UID %lu: %s\n"),
+		         Prog, (unsigned long) uid, strerror (errno));
+		SYSLOG ((LOG_WARN, "failed to reset the lastlog entry of UID %lu", (unsigned long) uid));
+		/* continue */
+	}
+}
+
+static void tallylog_reset (char *user_name)
+{
+	const char pam_tally2[] = "/sbin/pam_tally2";
+	const char *pname;
+	pid_t childpid;
+	int failed;
+	int status;
+
+	if (access(pam_tally2, X_OK) == -1)
+		return;
+
+	failed = 0;
+	switch (childpid = fork())
+	{
+	case -1: /* error */
+		failed = 1;
+		break;
+	case 0: /* child */
+		pname = strrchr(pam_tally2, '/');
+		if (pname == NULL)
+			pname = pam_tally2;
+		else
+			pname++;        /* Skip the '/' */
+		execl(pam_tally2, pname, "--user", user_name, "--reset", "--quiet", NULL);
+		/* If we come here, something has gone terribly wrong */
+		perror(pam_tally2);
+		exit(42);       /* don't continue, we now have 2 processes running! */
+		/* NOTREACHED */
+		break;
+	default: /* parent */
+		if (waitpid(childpid, &status, 0) == -1 || !WIFEXITED(status) || WEXITSTATUS(status) != 0)
+			failed = 1;
+		break;
+	}
+
+	if (failed)
+	{
+		fprintf (stderr,
+		         _("%s: failed to reset the tallylog entry of user \"%s\"\n"),
+		         Prog, user_name);
+		SYSLOG ((LOG_WARN, "failed to reset the tallylog entry of user \"%s\"", user_name));
+	}
+
+	return;
+}
+
+/*
+ * usr_update - create the user entries
+ *
+ *	usr_update() creates the password file entries for this user
+ *	and will update the group entries if required.
+ */
+static void usr_update (void)
+{
+	struct passwd pwent;
+	struct spwd spent;
+
+	/*
+	 * Fill in the password structure with any new fields, making
+	 * copies of strings.
+	 */
+	new_pwent (&pwent);
+	new_spent (&spent);
+
+	/*
+	 * Create a syslog entry. We need to do this now in case anything
+	 * happens so we know what we were trying to accomplish.
+	 */
+	SYSLOG ((LOG_INFO,
+	         "new user: name=%s, UID=%u, GID=%u, home=%s, shell=%s",
+	         user_name, (unsigned int) user_id,
+	         (unsigned int) user_gid, user_home, user_shell));
+
+	/*
+	 * Initialize faillog and lastlog entries for this UID in case
+	 * it belongs to a previously deleted user. We do it only if
+	 * no user with this UID exists yet (entries for shared UIDs
+	 * are left unchanged).  --marekm
+	 */
+	/* local, no need for xgetpwuid */
+	if ((!lflg) && (getpwuid (user_id) == NULL)) {
+		faillog_reset (user_id);
+		lastlog_reset (user_id);
+	}
+
+	/*
+	 * Put the new (struct passwd) in the table.
+	 */
+	if (pw_update (&pwent) == 0) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry '%s'\n"),
+		         Prog, pw_dbname (), pwent.pw_name);
+		fail_exit (E_PW_UPDATE);
+	}
+
+	/*
+	 * Put the new (struct spwd) in the table.
+	 */
+	if (is_shadow_pwd && (spw_update (&spent) == 0)) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry '%s'\n"),
+		         Prog, spw_dbname (), spent.sp_namp);
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_ADD_USER, Prog,
+		              "adding shadow password",
+		              user_name, (unsigned int) user_id,
+		              SHADOW_AUDIT_FAILURE);
+#endif
+		fail_exit (E_PW_UPDATE);
+	}
+#ifdef ENABLE_SUBIDS
+	if (is_sub_uid &&
+	    (sub_uid_add(user_name, sub_uid_start, sub_uid_count) == 0)) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry\n"),
+		         Prog, sub_uid_dbname ());
+		fail_exit (E_SUB_UID_UPDATE);
+	}
+	if (is_sub_gid &&
+	    (sub_gid_add(user_name, sub_gid_start, sub_gid_count) == 0)) {
+		fprintf (stderr,
+		         _("%s: failed to prepare the new %s entry\n"),
+		         Prog, sub_uid_dbname ());
+		fail_exit (E_SUB_GID_UPDATE);
+	}
+#endif				/* ENABLE_SUBIDS */
+
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_ADD_USER, Prog,
+	              "adding user",
+	              user_name, (unsigned int) user_id,
+	              SHADOW_AUDIT_SUCCESS);
+#endif
+	/*
+	 * Do any group file updates for this user.
+	 */
+	if (do_grp_update) {
+		grp_update ();
+	}
+}
+
+/*
+ * create_home - create the user's home directory
+ *
+ *	create_home() creates the user's home directory if it does not
+ *	already exist. It will be created mode 755 owned by the user
+ *	with the user's default group.
+ */
+static void create_home (void)
+{
+	if (access (user_home, F_OK) != 0) {
+#ifdef WITH_SELINUX
+		if (set_selinux_file_context (user_home) != 0) {
+			fprintf (stderr,
+			         _("%s: cannot set SELinux context for home directory %s\n"),
+			         Prog, user_home);
+			fail_exit (E_HOMEDIR);
+		}
+#endif
+		/* XXX - create missing parent directories.  --marekm */
+		if (mkdir (user_home, 0) != 0) {
+			fprintf (stderr,
+			         _("%s: cannot create directory %s\n"),
+			         Prog, user_home);
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "adding home directory",
+			              user_name, (unsigned int) user_id,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+			fail_exit (E_HOMEDIR);
+		}
+		chown (user_home, user_id, user_gid);
+		chmod (user_home,
+		       0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
+		home_added = true;
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_ADD_USER, Prog,
+		              "adding home directory",
+		              user_name, (unsigned int) user_id,
+		              SHADOW_AUDIT_SUCCESS);
+#endif
+#ifdef WITH_SELINUX
+		/* Reset SELinux to create files with default contexts */
+		if (reset_selinux_file_context () != 0) {
+			fprintf (stderr,
+			         _("%s: cannot reset SELinux file creation context\n"),
+			         Prog);
+			fail_exit (E_HOMEDIR);
+		}
+#endif
+	}
+}
+
+/*
+ * create_mail - create the user's mail spool
+ *
+ *	create_mail() creates the user's mail spool if it does not already
+ *	exist. It will be created mode 660 owned by the user and group
+ *	'mail'
+ */
+static void create_mail (void)
+{
+	if (strcasecmp (create_mail_spool, "yes") == 0) {
+		const char *spool;
+		char *file;
+		int fd;
+		struct group *gr;
+		gid_t gid;
+		mode_t mode;
+
+		spool = getdef_str ("MAIL_DIR");
+		if (NULL == spool) {
+			spool = "/var/mail";
+		}
+		file = alloca (strlen (spool) + strlen (user_name) + 2);
+		sprintf (file, "%s/%s", spool, user_name);
+		fd = open (file, O_CREAT | O_WRONLY | O_TRUNC | O_EXCL, 0);
+		if (fd < 0) {
+			perror (_("Creating mailbox file"));
+			return;
+		}
+
+		gr = getgrnam ("mail"); /* local, no need for xgetgrnam */
+		if (NULL == gr) {
+			fputs (_("Group 'mail' not found. Creating the user mailbox file with 0600 mode.\n"),
+			       stderr);
+			gid = user_gid;
+			mode = 0600;
+		} else {
+			gid = gr->gr_gid;
+			mode = 0660;
+		}
+
+		if (   (fchown (fd, user_id, gid) != 0)
+		    || (fchmod (fd, mode) != 0)) {
+			perror (_("Setting mailbox file permissions"));
+		}
+
+		fsync (fd);
+		close (fd);
+	}
+}
+
+/*
+ * main - useradd command
+ */
+int main (int argc, char **argv)
+{
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+	pam_handle_t *pamh = NULL;
+	int retval;
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+
+#ifdef ENABLE_SUBIDS
+	uid_t uid_min;
+	uid_t uid_max;
+#endif
+
+	/*
+	 * Get my name so that I can use it to report errors.
+	 */
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	OPENLOG ("useradd");
+#ifdef WITH_AUDIT
+	audit_help_open ();
+#endif
+
+	sys_ngroups = sysconf (_SC_NGROUPS_MAX);
+	user_groups = (char **) xmalloc ((1 + sys_ngroups) * sizeof (char *));
+	/*
+	 * Initialize the list to be empty
+	 */
+	user_groups[0] = (char *) 0;
+
+
+	is_shadow_pwd = spw_file_present ();
+#ifdef SHADOWGRP
+	is_shadow_grp = sgr_file_present ();
+#endif
+
+	get_defaults ();
+
+	process_flags (argc, argv);
+
+#ifdef ENABLE_SUBIDS
+	uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
+	uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
+	is_sub_uid = sub_uid_file_present () && !rflg &&
+	    (!user_id || (user_id <= uid_max && user_id >= uid_min));
+	is_sub_gid = sub_gid_file_present () && !rflg &&
+	    (!user_id || (user_id <= uid_max && user_id >= uid_min));
+#endif				/* ENABLE_SUBIDS */
+
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+	{
+		struct passwd *pampw;
+		pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+		if (pampw == NULL) {
+			fprintf (stderr,
+			         _("%s: Cannot determine your user name.\n"),
+			         Prog);
+			fail_exit (1);
+		}
+
+		retval = pam_start ("useradd", pampw->pw_name, &conv, &pamh);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_authenticate (pamh, 0);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_acct_mgmt (pamh, 0);
+	}
+
+	if (PAM_SUCCESS != retval) {
+		fprintf (stderr, _("%s: PAM: %s\n"),
+		         Prog, pam_strerror (pamh, retval));
+		SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+		if (NULL != pamh) {
+			(void) pam_end (pamh, retval);
+		}
+		fail_exit (1);
+	}
+	(void) pam_end (pamh, retval);
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+
+	/*
+	 * See if we are messing with the defaults file, or creating
+	 * a new user.
+	 */
+	if (Dflg) {
+		if (gflg || bflg || fflg || eflg || sflg) {
+			exit ((set_defaults () != 0) ? 1 : 0);
+		}
+
+		show_defaults ();
+		exit (E_SUCCESS);
+	}
+
+	/*
+	 * Start with a quick check to see if the user exists.
+	 */
+	if (getpwnam (user_name) != NULL) { /* local, no need for xgetpwnam */
+		fprintf (stderr, _("%s: user '%s' already exists\n"), Prog, user_name);
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_ADD_USER, Prog,
+		              "adding user",
+		              user_name, AUDIT_NO_ID,
+		              SHADOW_AUDIT_FAILURE);
+#endif
+		fail_exit (E_NAME_IN_USE);
+	}
+
+	/*
+	 * Don't blindly overwrite a group when a user is added...
+	 * If you already have a group username, and want to add the user
+	 * to that group, use useradd -g username username.
+	 * --bero
+	 */
+	if (Uflg) {
+		/* local, no need for xgetgrnam */
+		if (getgrnam (user_name) != NULL) {
+			fprintf (stderr,
+			         _("%s: group %s exists - if you want to add this user to that group, use -g.\n"),
+			         Prog, user_name);
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "adding group",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif
+			fail_exit (E_NAME_IN_USE);
+		}
+	}
+
+	/*
+	 * Do the hard stuff:
+	 * - open the files,
+	 * - create the user entries,
+	 * - create the home directory,
+	 * - create user mail spool,
+	 * - flush nscd caches for passwd and group services,
+	 * - then close and update the files.
+	 */
+	open_files ();
+
+	if (!oflg) {
+		/* first, seek for a valid uid to use for this user.
+		 * We do this because later we can use the uid we found as
+		 * gid too ... --gafton */
+		if (!uflg) {
+			if (find_new_uid (rflg, &user_id, NULL) < 0) {
+				fprintf (stderr, _("%s: can't create user\n"), Prog);
+				fail_exit (E_UID_IN_USE);
+			}
+		} else {
+			if (getpwuid (user_id) != NULL) {
+				fprintf (stderr,
+				         _("%s: UID %lu is not unique\n"),
+				         Prog, (unsigned long) user_id);
+#ifdef WITH_AUDIT
+				audit_logger (AUDIT_ADD_USER, Prog,
+				              "adding user",
+				              user_name, (unsigned int) user_id,
+				              SHADOW_AUDIT_FAILURE);
+#endif
+				fail_exit (E_UID_IN_USE);
+			}
+		}
+	}
+
+#ifdef WITH_TCB
+	if (getdef_bool ("USE_TCB")) {
+		if (shadowtcb_create (user_name, user_id) == SHADOWTCB_FAILURE) {
+			fprintf (stderr,
+			         _("%s: Failed to create tcb directory for %s\n"),
+			         Prog, user_name);
+			fail_exit (E_UID_IN_USE);
+		}
+	}
+#endif
+	open_shadow ();
+
+	/* do we have to add a group for that user? This is why we need to
+	 * open the group files in the open_files() function  --gafton */
+	if (Uflg) {
+		if (find_new_gid (rflg, &user_gid, &user_id) < 0) {
+			fprintf (stderr,
+			         _("%s: can't create group\n"),
+			         Prog);
+			fail_exit (4);
+		}
+		grp_add ();
+	}
+
+#ifdef ENABLE_SUBIDS
+	if (is_sub_uid) {
+		if (find_new_sub_uids(user_name, &sub_uid_start, &sub_uid_count) < 0) {
+			fprintf (stderr,
+			         _("%s: can't create subordinate user IDs\n"),
+			         Prog);
+			fail_exit(E_SUB_UID_UPDATE);
+		}
+	}
+	if (is_sub_gid) {
+		if (find_new_sub_gids(user_name, &sub_gid_start, &sub_gid_count) < 0) {
+			fprintf (stderr,
+			         _("%s: can't create subordinate group IDs\n"),
+			         Prog);
+			fail_exit(E_SUB_GID_UPDATE);
+		}
+	}
+#endif				/* ENABLE_SUBIDS */
+
+	usr_update ();
+
+	if (mflg) {
+		create_home ();
+		if (home_added) {
+			copy_tree (def_template, user_home, false, false,
+			           (uid_t)-1, user_id, (gid_t)-1, user_gid);
+		} else {
+			fprintf (stderr,
+			         _("%s: warning: the home directory already exists.\n"
+			           "Not copying any file from skel directory into it.\n"),
+			         Prog);
+		}
+
+	}
+
+	/* Do not create mail directory for system accounts */
+	if (!rflg) {
+		create_mail ();
+	}
+
+	close_files ();
+
+	/*
+	 * tallylog_reset needs to be able to lookup
+	 * a valid existing user name,
+	 * so we canot call it before close_files()
+	 */
+	if (!lflg && getpwuid (user_id) != NULL) {
+		tallylog_reset (user_name);
+	}
+
+#ifdef WITH_SELINUX
+	if (Zflg) {
+		if (set_seuser (user_name, user_selinux) != 0) {
+			fprintf (stderr,
+			         _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
+			         Prog, user_name, user_selinux);
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "adding SELinux user mapping",
+			              user_name, (unsigned int) user_id, 0);
+#endif				/* WITH_AUDIT */
+			fail_exit (E_SE_UPDATE);
+		}
+	}
+#endif				/* WITH_SELINUX */
+
+	nscd_flush_cache ("passwd");
+	nscd_flush_cache ("group");
+
+	return E_SUCCESS;
+}
+
diff --git a/src/userdel.c b/src/userdel.c
new file mode 100644
index 0000000..9092b5c
--- /dev/null
+++ b/src/userdel.c
@@ -0,0 +1,1283 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2012, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <errno.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <grp.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/stat.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+#include "defines.h"
+#include "getdef.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "prototypes.h"
+#include "pwauth.h"
+#include "pwio.h"
+#include "shadowio.h"
+#ifdef	SHADOWGRP
+#include "sgroupio.h"
+#endif				/* SHADOWGRP */
+#ifdef WITH_TCB
+#include <tcb.h>
+#include "tcbfuncs.h"
+#endif				/* WITH_TCB */
+/*@-exitarg@*/
+#include "exitcodes.h"
+#ifdef ENABLE_SUBIDS
+#include "subordinateio.h"
+#endif				/* ENABLE_SUBIDS */
+
+/*
+ * exit status values
+ */
+#define E_PW_UPDATE	1	/* can't update password file */
+#define E_NOTFOUND	6	/* specified user doesn't exist */
+#define E_USER_BUSY	8	/* user currently logged in */
+#define E_GRP_UPDATE	10	/* can't update group file */
+#define E_HOMEDIR	12	/* can't remove home directory */
+#define E_SE_UPDATE	14	/* can't update SELinux user mapping */
+#ifdef ENABLE_SUBIDS
+#define E_SUB_UID_UPDATE 16	/* can't update the subordinate uid file */
+#define E_SUB_GID_UPDATE 18	/* can't update the subordinate gid file */
+#endif				/* ENABLE_SUBIDS */
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static char *user_name;
+static uid_t user_id;
+static gid_t user_gid;
+static char *user_home;
+
+static bool fflg = false;
+static bool rflg = false;
+static bool Zflg = false;
+
+static bool is_shadow_pwd;
+
+#ifdef SHADOWGRP
+static bool is_shadow_grp;
+static bool sgr_locked = false;
+#endif				/* SHADOWGRP */
+static bool pw_locked  = false;
+static bool gr_locked   = false;
+static bool spw_locked  = false;
+#ifdef ENABLE_SUBIDS
+static bool is_sub_uid;
+static bool is_sub_gid;
+static bool sub_uid_locked = false;
+static bool sub_gid_locked = false;
+#endif				/* ENABLE_SUBIDS */
+
+/* local function prototypes */
+static void usage (int status);
+static void update_groups (void);
+static void remove_usergroup (void);
+static void close_files (void);
+static void fail_exit (int);
+static void open_files (void);
+static void update_user (void);
+static void user_cancel (const char *);
+
+#ifdef EXTRA_CHECK_HOME_DIR
+static bool path_prefix (const char *, const char *);
+#endif				/* EXTRA_CHECK_HOME_DIR */
+static int is_owner (uid_t, const char *);
+static int remove_mailbox (void);
+#ifdef WITH_TCB
+static int remove_tcbdir (const char *user_name, uid_t user_id);
+#endif				/* WITH_TCB */
+
+/*
+ * usage - display usage message and exit
+ */
+static void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options] LOGIN\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -f, --force                   force removal of files,\n"
+	                "                                even if not owned by user\n"),
+	              usageout);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -r, --remove                  remove home directory and mail spool\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+#ifdef WITH_SELINUX
+	(void) fputs (_("  -Z, --selinux-user            remove any SELinux user mapping for the user\n"), usageout);
+#endif				/* WITH_SELINUX */
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+/*
+ * update_groups - delete user from secondary group set
+ *
+ *	update_groups() takes the user name that was given and searches
+ *	the group files for membership in any group.
+ *
+ *	we also check to see if they have any groups they own (the same
+ *	name is their user name) and delete them too (only if USERGROUPS_ENAB
+ *	is enabled).
+ */
+static void update_groups (void)
+{
+	const struct group *grp;
+	struct group *ngrp;
+
+#ifdef	SHADOWGRP
+	const struct sgrp *sgrp;
+	struct sgrp *nsgrp;
+#endif				/* SHADOWGRP */
+
+	/*
+	 * Scan through the entire group file looking for the groups that
+	 * the user is a member of.
+	 */
+	for (gr_rewind (), grp = gr_next (); NULL != grp; grp = gr_next ()) {
+
+		/*
+		 * See if the user specified this group as one of their
+		 * concurrent groups.
+		 */
+		if (!is_on_list (grp->gr_mem, user_name)) {
+			continue;
+		}
+
+		/*
+		 * Delete the username from the list of group members and
+		 * update the group entry to reflect the change.
+		 */
+		ngrp = __gr_dup (grp);
+		if (NULL == ngrp) {
+			fprintf (stderr,
+			         _("%s: Out of memory. Cannot update %s.\n"),
+			         Prog, gr_dbname ());
+			exit (13);	/* XXX */
+		}
+		ngrp->gr_mem = del_list (ngrp->gr_mem, user_name);
+		if (gr_update (ngrp) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, gr_dbname (), ngrp->gr_name);
+			exit (E_GRP_UPDATE);
+		}
+
+		/*
+		 * Update the DBM group file with the new entry as well.
+		 */
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_DEL_USER, Prog,
+		              "deleting user from group",
+		              user_name, (unsigned int) user_id,
+		              SHADOW_AUDIT_SUCCESS);
+#endif				/* WITH_AUDIT */
+		SYSLOG ((LOG_INFO, "delete '%s' from group '%s'\n",
+			 user_name, ngrp->gr_name));
+	}
+
+	if (getdef_bool ("USERGROUPS_ENAB")) {
+		remove_usergroup ();
+	}
+
+#ifdef	SHADOWGRP
+	if (!is_shadow_grp) {
+		return;
+	}
+
+	/*
+	 * Scan through the entire shadow group file looking for the groups
+	 * that the user is a member of. Both the administrative list and
+	 * the ordinary membership list is checked.
+	 */
+	for (sgr_rewind (), sgrp = sgr_next ();
+	     NULL != sgrp;
+	     sgrp = sgr_next ()) {
+		bool was_member, was_admin;
+
+		/*
+		 * See if the user specified this group as one of their
+		 * concurrent groups.
+		 */
+		was_member = is_on_list (sgrp->sg_mem, user_name);
+		was_admin = is_on_list (sgrp->sg_adm, user_name);
+
+		if (!was_member && !was_admin) {
+			continue;
+		}
+
+		nsgrp = __sgr_dup (sgrp);
+		if (NULL == nsgrp) {
+			fprintf (stderr,
+			         _("%s: Out of memory. Cannot update %s.\n"),
+			         Prog, sgr_dbname ());
+			exit (13);	/* XXX */
+		}
+
+		if (was_member) {
+			nsgrp->sg_mem = del_list (nsgrp->sg_mem, user_name);
+		}
+
+		if (was_admin) {
+			nsgrp->sg_adm = del_list (nsgrp->sg_adm, user_name);
+		}
+
+		if (sgr_update (nsgrp) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, sgr_dbname (), nsgrp->sg_name);
+			exit (E_GRP_UPDATE);
+		}
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_DEL_USER, Prog,
+		              "deleting user from shadow group",
+		              user_name, (unsigned int) user_id,
+		              SHADOW_AUDIT_SUCCESS);
+#endif				/* WITH_AUDIT */
+		SYSLOG ((LOG_INFO, "delete '%s' from shadow group '%s'\n",
+		         user_name, nsgrp->sg_name));
+	}
+#endif				/* SHADOWGRP */
+}
+
+/*
+ * remove_usergroup - delete the user's group if it is a usergroup
+ *
+ *	An usergroup is removed if
+ *	  + it has the same name as the user
+ *	  + it is the primary group of the user
+ *	  + it has no other members
+ *	  + it is not the primary group of any other user
+ */
+static void remove_usergroup (void)
+{
+	const struct group *grp;
+	const struct passwd *pwd = NULL;
+
+	grp = gr_locate (user_name);
+	if (NULL == grp) {
+		/* This user has no usergroup. */
+		return;
+	}
+
+	if (grp->gr_gid != user_gid) {
+		fprintf (stderr,
+		         _("%s: group %s not removed because it is not the primary group of user %s.\n"),
+		         Prog, grp->gr_name, user_name);
+		return;
+	}
+
+	if (NULL != grp->gr_mem[0]) {
+		/* The usergroup has other members. */
+		fprintf (stderr,
+		         _("%s: group %s not removed because it has other members.\n"),
+		         Prog, grp->gr_name);
+		return;
+	}
+
+	if (!fflg) {
+		/*
+		 * Scan the passwd file to check if this group is still
+		 * used as a primary group.
+		 */
+		setpwent ();
+		while ((pwd = getpwent ()) != NULL) {
+			if (strcmp (pwd->pw_name, user_name) == 0) {
+				continue;
+			}
+			if (pwd->pw_gid == grp->gr_gid) {
+				fprintf (stderr,
+				         _("%s: group %s is the primary group of another user and is not removed.\n"),
+				         Prog, grp->gr_name);
+				break;
+			}
+		}
+		endpwent ();
+	}
+
+	if (NULL == pwd) {
+		/*
+		 * We can remove this group, it is not the primary
+		 * group of any remaining user.
+		 */
+		if (gr_remove (user_name) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot remove entry '%s' from %s\n"),
+			         Prog, user_name, gr_dbname ());
+			fail_exit (E_GRP_UPDATE);
+		}
+
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_DEL_GROUP, Prog,
+		              "deleting group",
+		              user_name, AUDIT_NO_ID,
+		              SHADOW_AUDIT_SUCCESS);
+#endif				/* WITH_AUDIT */
+		SYSLOG ((LOG_INFO,
+		         "removed group '%s' owned by '%s'\n",
+		         user_name, user_name));
+
+#ifdef	SHADOWGRP
+		if (sgr_locate (user_name) != NULL) {
+			if (sgr_remove (user_name) == 0) {
+				fprintf (stderr,
+				         _("%s: cannot remove entry '%s' from %s\n"),
+				         Prog, user_name, sgr_dbname ());
+				fail_exit (E_GRP_UPDATE);
+			}
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_DEL_GROUP, Prog,
+			              "deleting shadow group",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_SUCCESS);
+#endif				/* WITH_AUDIT */
+			SYSLOG ((LOG_INFO,
+			         "removed shadow group '%s' owned by '%s'\n",
+			         user_name, user_name));
+
+		}
+#endif				/* SHADOWGRP */
+	}
+}
+
+/*
+ * close_files - close all of the files that were opened
+ *
+ *	close_files() closes all of the files that were opened for this
+ *	new user. This causes any modified entries to be written out.
+ */
+static void close_files (void)
+{
+	if (pw_close () == 0) {
+		fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+		fail_exit (E_PW_UPDATE);
+	}
+	if (pw_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+		/* continue */
+	}
+	pw_locked = false;
+
+	if (is_shadow_pwd) {
+		if (spw_close () == 0) {
+			fprintf (stderr,
+			         _("%s: failure while writing changes to %s\n"), Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
+			fail_exit (E_PW_UPDATE);
+		}
+		if (spw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+			/* continue */
+		}
+		spw_locked = false;
+	}
+
+	if (gr_close () == 0) {
+		fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, gr_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
+		fail_exit (E_GRP_UPDATE);
+	}
+	if (gr_unlock () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+		/* continue */
+	}
+	gr_locked = false;
+
+#ifdef	SHADOWGRP
+	if (is_shadow_grp) {
+		if (sgr_close () == 0) {
+			fprintf (stderr,
+			         _("%s: failure while writing changes to %s\n"), Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
+			fail_exit (E_GRP_UPDATE);
+		}
+
+		if (sgr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+			/* continue */
+		}
+		sgr_locked = false;
+	}
+#endif				/* SHADOWGRP */
+
+#ifdef ENABLE_SUBIDS
+	if (is_sub_uid) {
+		if (sub_uid_close () == 0) {
+			fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sub_uid_dbname ());
+			SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_uid_dbname ()));
+			fail_exit (E_SUB_UID_UPDATE);
+		}
+		if (sub_uid_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
+			/* continue */
+		}
+		sub_uid_locked = false;
+	}
+
+	if (is_sub_gid) {
+		if (sub_gid_close () == 0) {
+			fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sub_gid_dbname ());
+			SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_gid_dbname ()));
+			fail_exit (E_SUB_GID_UPDATE);
+		}
+		if (sub_gid_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
+			/* continue */
+		}
+		sub_gid_locked = false;
+	}
+#endif				/* ENABLE_SUBIDS */
+}
+
+/*
+ * fail_exit - exit with a failure code after unlocking the files
+ */
+static void fail_exit (int code)
+{
+	if (pw_locked) {
+		if (pw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+			/* continue */
+		}
+	}
+	if (gr_locked) {
+		if (gr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+			/* continue */
+		}
+	}
+	if (spw_locked) {
+		if (spw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+			/* continue */
+		}
+	}
+#ifdef	SHADOWGRP
+	if (sgr_locked) {
+		if (sgr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+			/* continue */
+		}
+	}
+#endif				/* SHADOWGRP */
+#ifdef ENABLE_SUBIDS
+	if (sub_uid_locked) {
+		if (sub_uid_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
+			/* continue */
+		}
+	}
+	if (sub_gid_locked) {
+		if (sub_gid_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
+			/* continue */
+		}
+	}
+#endif				/* ENABLE_SUBIDS */
+
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_DEL_USER, Prog,
+	              "deleting user",
+	              user_name, (unsigned int) user_id,
+	              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+
+	exit (code);
+}
+
+/*
+ * open_files - lock and open the password files
+ *
+ *	open_files() opens the two password files.
+ */
+
+static void open_files (void)
+{
+	if (pw_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, pw_dbname ());
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_DEL_USER, Prog,
+		              "locking password file",
+		              user_name, (unsigned int) user_id,
+		              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+		fail_exit (E_PW_UPDATE);
+	}
+	pw_locked = true;
+	if (pw_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot open %s\n"), Prog, pw_dbname ());
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_DEL_USER, Prog,
+		              "opening password file",
+		              user_name, (unsigned int) user_id,
+		              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+		fail_exit (E_PW_UPDATE);
+	}
+	if (is_shadow_pwd) {
+		if (spw_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, spw_dbname ());
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_DEL_USER, Prog,
+			              "locking shadow password file",
+			              user_name, (unsigned int) user_id,
+			              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+			fail_exit (E_PW_UPDATE);
+		}
+		spw_locked = true;
+		if (spw_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, spw_dbname ());
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_DEL_USER, Prog,
+			              "opening shadow password file",
+			              user_name, (unsigned int) user_id,
+			              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+			fail_exit (E_PW_UPDATE);
+		}
+	}
+	if (gr_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, gr_dbname ());
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_DEL_USER, Prog,
+		              "locking group file",
+		              user_name, (unsigned int) user_id,
+		              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+		fail_exit (E_GRP_UPDATE);
+	}
+	gr_locked = true;
+	if (gr_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_DEL_USER, Prog,
+		              "opening group file",
+		              user_name, (unsigned int) user_id,
+		              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+		fail_exit (E_GRP_UPDATE);
+	}
+#ifdef	SHADOWGRP
+	if (is_shadow_grp) {
+		if (sgr_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, sgr_dbname ());
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_DEL_USER, Prog,
+			              "locking shadow group file",
+			              user_name, (unsigned int) user_id,
+			              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+			fail_exit (E_GRP_UPDATE);
+		}
+		sgr_locked= true;
+		if (sgr_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr, _("%s: cannot open %s\n"),
+			         Prog, sgr_dbname ());
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_DEL_USER, Prog,
+			              "opening shadow group file",
+			              user_name, (unsigned int) user_id,
+			              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+			fail_exit (E_GRP_UPDATE);
+		}
+	}
+#endif				/* SHADOWGRP */
+#ifdef ENABLE_SUBIDS
+	if (is_sub_uid) {
+		if (sub_uid_lock () == 0) {
+			fprintf (stderr,
+				_("%s: cannot lock %s; try again later.\n"),
+				Prog, sub_uid_dbname ());
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_DEL_USER, Prog,
+				"locking subordinate user file",
+				user_name, (unsigned int) user_id,
+				SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+			fail_exit (E_SUB_UID_UPDATE);
+		}
+		sub_uid_locked = true;
+		if (sub_uid_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+				_("%s: cannot open %s\n"), Prog, sub_uid_dbname ());
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_DEL_USER, Prog,
+				"opening subordinate user file",
+				user_name, (unsigned int) user_id,
+				SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+			fail_exit (E_SUB_UID_UPDATE);
+		}
+	}
+	if (is_sub_gid) {
+		if (sub_gid_lock () == 0) {
+			fprintf (stderr,
+				_("%s: cannot lock %s; try again later.\n"),
+				Prog, sub_gid_dbname ());
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_DEL_USER, Prog,
+				"locking subordinate group file",
+				user_name, (unsigned int) user_id,
+				SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+			fail_exit (E_SUB_GID_UPDATE);
+		}
+		sub_gid_locked = true;
+		if (sub_gid_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+				_("%s: cannot open %s\n"), Prog, sub_gid_dbname ());
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_DEL_USER, Prog,
+				"opening subordinate group file",
+				user_name, (unsigned int) user_id,
+				SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+			fail_exit (E_SUB_GID_UPDATE);
+		}
+	}
+#endif				/* ENABLE_SUBIDS */
+}
+
+/*
+ * update_user - delete the user entries
+ *
+ *	update_user() deletes the password file entries for this user
+ *	and will update the group entries as required.
+ */
+static void update_user (void)
+{
+	if (pw_remove (user_name) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot remove entry '%s' from %s\n"),
+		         Prog, user_name, pw_dbname ());
+		fail_exit (E_PW_UPDATE);
+	}
+	if (   is_shadow_pwd
+	    && (spw_locate (user_name) != NULL)
+	    && (spw_remove (user_name) == 0)) {
+		fprintf (stderr,
+		         _("%s: cannot remove entry '%s' from %s\n"),
+		         Prog, user_name, spw_dbname ());
+		fail_exit (E_PW_UPDATE);
+	}
+#ifdef ENABLE_SUBIDS
+	if (is_sub_uid && sub_uid_remove(user_name, 0, ULONG_MAX) == 0) {
+		fprintf (stderr,
+			_("%s: cannot remove entry %lu from %s\n"),
+			Prog, (unsigned long)user_id, sub_uid_dbname ());
+		fail_exit (E_SUB_UID_UPDATE);
+	}
+	if (is_sub_gid && sub_gid_remove(user_name, 0, ULONG_MAX) == 0) {
+		fprintf (stderr,
+			_("%s: cannot remove entry %lu from %s\n"),
+			Prog, (unsigned long)user_id, sub_gid_dbname ());
+		fail_exit (E_SUB_GID_UPDATE);
+	}
+#endif				/* ENABLE_SUBIDS */
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_DEL_USER, Prog,
+	              "deleting user entries",
+	              user_name, (unsigned int) user_id,
+	              SHADOW_AUDIT_SUCCESS);
+#endif				/* WITH_AUDIT */
+	SYSLOG ((LOG_INFO, "delete user '%s'\n", user_name));
+}
+
+/*
+ * user_cancel - cancel cron and at jobs
+ *
+ *	user_cancel calls a script for additional cleanups like removal of
+ *	cron, at, or print jobs.
+ */
+
+static void user_cancel (const char *user)
+{
+	const char *cmd;
+	const char *argv[3];
+	int status;
+
+	cmd = getdef_str ("USERDEL_CMD");
+	if (NULL == cmd) {
+		return;
+	}
+	argv[0] = cmd;
+	argv[1] = user;
+	argv[2] = (char *)0;
+	(void) run_command (cmd, argv, NULL, &status);
+}
+
+#ifdef EXTRA_CHECK_HOME_DIR
+static bool path_prefix (const char *s1, const char *s2)
+{
+	return (   (strncmp (s2, s1, strlen (s1)) == 0)
+	        && (   ('\0' == s2[strlen (s1)])
+	            || ('/'  == s2[strlen (s1)])));
+}
+#endif				/* EXTRA_CHECK_HOME_DIR */
+
+/*
+ * is_owner - Check if path is owned by uid
+ *
+ * Return
+ *  1: path exists and is owned by uid
+ *  0: path is not owned by uid, or a failure occurred
+ * -1: path does not exist
+ */
+static int is_owner (uid_t uid, const char *path)
+{
+	struct stat st;
+
+	errno = 0;
+	if (stat (path, &st) != 0) {
+		if ((ENOENT == errno) || (ENOTDIR == errno)) {
+			/* The file or directory does not exist */
+			return -1;
+		} else {
+			return 0;
+		}
+	}
+	return (st.st_uid == uid) ? 1 : 0;
+}
+
+static int remove_mailbox (void)
+{
+	const char *maildir;
+	char mailfile[1024];
+	int i;
+	int errors = 0;
+
+	maildir = getdef_str ("MAIL_DIR");
+#ifdef MAIL_SPOOL_DIR
+	if ((NULL == maildir) && (getdef_str ("MAIL_FILE") == NULL)) {
+		maildir = MAIL_SPOOL_DIR;
+	}
+#endif				/* MAIL_SPOOL_DIR */
+	if (NULL == maildir) {
+		return 0;
+	}
+	snprintf (mailfile, sizeof mailfile, "%s/%s", maildir, user_name);
+
+	if (access (mailfile, F_OK) != 0) {
+		if (ENOENT == errno) {
+			fprintf (stderr,
+			         _("%s: %s mail spool (%s) not found\n"),
+			         Prog, user_name, mailfile);
+			return 0;
+		} else {
+			fprintf (stderr,
+			         _("%s: warning: can't remove %s: %s\n"),
+			         Prog, mailfile, strerror (errno));
+			SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_DEL_USER, Prog,
+			              "deleting mail file",
+			              user_name, (unsigned int) user_id,
+			              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+			return -1;
+		}
+	}
+
+	if (fflg) {
+		if (unlink (mailfile) != 0) {
+			fprintf (stderr,
+			         _("%s: warning: can't remove %s: %s\n"),
+			         Prog, mailfile, strerror (errno));
+			SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_DEL_USER, Prog,
+			              "deleting mail file",
+			              user_name, (unsigned int) user_id,
+			              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+			errors = 1;
+			/* continue */
+		}
+#ifdef WITH_AUDIT
+		else
+		{
+			audit_logger (AUDIT_DEL_USER, Prog,
+			              "deleting mail file",
+			              user_name, (unsigned int) user_id,
+			              SHADOW_AUDIT_SUCCESS);
+		}
+#endif				/* WITH_AUDIT */
+		return errors;
+	}
+	i = is_owner (user_id, mailfile);
+	if (i == 0) {
+		fprintf (stderr,
+		         _("%s: %s not owned by %s, not removing\n"),
+		         Prog, mailfile, user_name);
+		SYSLOG ((LOG_ERR,
+		         "%s not owned by %s, not removed",
+		         mailfile, strerror (errno)));
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_DEL_USER, Prog,
+		              "deleting mail file",
+		              user_name, (unsigned int) user_id,
+		              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+		return 1;
+	} else if (i == -1) {
+		return 0;		/* mailbox doesn't exist */
+	}
+	if (unlink (mailfile) != 0) {
+		fprintf (stderr,
+		         _("%s: warning: can't remove %s: %s\n"),
+		         Prog, mailfile, strerror (errno));
+		SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_DEL_USER, Prog,
+		              "deleting mail file",
+		              user_name, (unsigned int) user_id,
+		              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+		errors = 1;
+		/* continue */
+	}
+#ifdef WITH_AUDIT
+	else
+	{
+		audit_logger (AUDIT_DEL_USER, Prog,
+		              "deleting mail file",
+		              user_name, (unsigned int) user_id,
+		              SHADOW_AUDIT_SUCCESS);
+	}
+#endif				/* WITH_AUDIT */
+	return errors;
+}
+
+#ifdef WITH_TCB
+static int remove_tcbdir (const char *user_name, uid_t user_id)
+{
+	char *buf;
+	int ret = 0;
+	size_t bufsize = (sizeof TCB_DIR) + strlen (user_name) + 2;
+
+	if (!getdef_bool ("USE_TCB")) {
+		return 0;
+	}
+
+	buf = malloc (buflen);
+	if (NULL == buf) {
+		fprintf (stderr, _("%s: Can't allocate memory, "
+		                   "tcb entry for %s not removed.\n"),
+		         Prog, user_name);
+		return 1;
+	}
+	snprintf (buf, buflen, TCB_DIR "/%s", user_name);
+	if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) {
+		fprintf (stderr, _("%s: Cannot drop privileges: %s\n"),
+		         Prog, strerror (errno));
+		shadowtcb_gain_priv ();
+		free (buf);
+		return 1;
+	}
+	/* Only remove directory contents with dropped privileges.
+	 * We will regain them and remove the user's tcb directory afterwards.
+	 */
+	if (remove_tree (buf, false) != 0) {
+		fprintf (stderr, _("%s: Cannot remove the content of %s: %s\n"),
+		         Prog, buf, strerror (errno));
+		shadowtcb_gain_priv ();
+		free (buf);
+		return 1;
+	}
+	shadowtcb_gain_priv ();
+	free (buf);
+	if (shadowtcb_remove (user_name) == SHADOWTCB_FAILURE) {
+		fprintf (stderr, _("%s: Cannot remove tcb files for %s: %s\n"),
+		         Prog, user_name, strerror (errno));
+		ret = 1;
+	}
+	return ret;
+}
+#endif				/* WITH_TCB */
+
+/*
+ * main - userdel command
+ */
+int main (int argc, char **argv)
+{
+	int errors = 0; /* Error in the removal of the home directory */
+
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+	pam_handle_t *pamh = NULL;
+	int retval;
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+
+	/*
+	 * Get my name so that I can use it to report errors.
+	 */
+	Prog = Basename (argv[0]);
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	OPENLOG ("userdel");
+#ifdef WITH_AUDIT
+	audit_help_open ();
+#endif				/* WITH_AUDIT */
+
+	{
+		/*
+		 * Parse the command line options.
+		 */
+		int c;
+		static struct option long_options[] = {
+			{"force",        no_argument,       NULL, 'f'},
+			{"help",         no_argument,       NULL, 'h'},
+			{"remove",       no_argument,       NULL, 'r'},
+			{"root",         required_argument, NULL, 'R'},
+#ifdef WITH_SELINUX
+			{"selinux-user", no_argument,       NULL, 'Z'},
+#endif				/* WITH_SELINUX */
+			{NULL, 0, NULL, '\0'}
+		};
+		while ((c = getopt_long (argc, argv,
+#ifdef WITH_SELINUX             
+		                         "fhrR:Z",
+#else				/* !WITH_SELINUX */
+		                         "fhrR:",
+#endif				/* !WITH_SELINUX */
+		                         long_options, NULL)) != -1) {
+			switch (c) {
+			case 'f':	/* force remove even if not owned by user */
+				fflg = true;
+				break;
+			case 'h':
+				usage (E_SUCCESS);
+				break;
+			case 'r':	/* remove home dir and mailbox */
+				rflg = true;
+				break;
+			case 'R': /* no-op, handled in process_root_flag () */
+				break;
+#ifdef WITH_SELINUX             
+			case 'Z':
+				if (is_selinux_enabled () > 0) {
+					Zflg = true;
+				} else {
+					fprintf (stderr,
+					         _("%s: -Z requires SELinux enabled kernel\n"),
+					         Prog);
+
+					exit (E_BAD_ARG);
+				}
+				break;
+#endif				/* WITH_SELINUX */
+			default:
+				usage (E_USAGE);
+			}
+		}
+	}
+
+	if ((optind + 1) != argc) {
+		usage (E_USAGE);
+	}
+
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+	{
+		struct passwd *pampw;
+		pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+		if (pampw == NULL) {
+			fprintf (stderr,
+			         _("%s: Cannot determine your user name.\n"),
+			         Prog);
+			exit (E_PW_UPDATE);
+		}
+
+		retval = pam_start ("userdel", pampw->pw_name, &conv, &pamh);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_authenticate (pamh, 0);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_acct_mgmt (pamh, 0);
+	}
+
+	if (PAM_SUCCESS != retval) {
+		fprintf (stderr, _("%s: PAM: %s\n"),
+		         Prog, pam_strerror (pamh, retval));
+		SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+		if (NULL != pamh) {
+			(void) pam_end (pamh, retval);
+		}
+		exit (E_PW_UPDATE);
+	}
+	(void) pam_end (pamh, retval);
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+
+	is_shadow_pwd = spw_file_present ();
+#ifdef SHADOWGRP
+	is_shadow_grp = sgr_file_present ();
+#endif				/* SHADOWGRP */
+#ifdef ENABLE_SUBIDS
+	is_sub_uid = sub_uid_file_present ();
+	is_sub_gid = sub_gid_file_present ();
+#endif				/* ENABLE_SUBIDS */
+
+	/*
+	 * Start with a quick check to see if the user exists.
+	 */
+	user_name = argv[argc - 1];
+	{
+		struct passwd *pwd;
+		pwd = getpwnam (user_name); /* local, no need for xgetpwnam */
+		if (NULL == pwd) {
+			fprintf (stderr, _("%s: user '%s' does not exist\n"),
+				 Prog, user_name);
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_DEL_USER, Prog,
+			              "deleting user not found",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+			exit (E_NOTFOUND);
+		}
+		user_id = pwd->pw_uid;
+		user_gid = pwd->pw_gid;
+		user_home = xstrdup (pwd->pw_dir);
+	}
+#ifdef WITH_TCB
+	if (shadowtcb_set_user (user_name) == SHADOWTCB_FAILURE) {
+		exit (E_NOTFOUND);
+	}
+#endif				/* WITH_TCB */
+#ifdef	USE_NIS
+
+	/*
+	 * Now make sure it isn't an NIS user.
+	 */
+	if (__ispwNIS ()) {
+		char *nis_domain;
+		char *nis_master;
+
+		fprintf (stderr,
+		         _("%s: user %s is a NIS user\n"), Prog, user_name);
+		if (   !yp_get_default_domain (&nis_domain)
+		    && !yp_master (nis_domain, "passwd.byname", &nis_master)) {
+			fprintf (stderr,
+			         _("%s: %s is the NIS master\n"),
+			         Prog, nis_master);
+		}
+		exit (E_NOTFOUND);
+	}
+#endif				/* USE_NIS */
+	/*
+	 * Check to make certain the user isn't logged in.
+	 * Note: This is a best effort basis. The user may log in between,
+	 * a cron job may be started on her behalf, etc.
+	 */
+	if (user_busy (user_name, user_id) != 0) {
+		if (!fflg) {
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_DEL_USER, Prog,
+			              "deleting user logged in",
+			              user_name, AUDIT_NO_ID,
+			              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+			exit (E_USER_BUSY);
+		}
+	}
+
+	/*
+	 * Do the hard stuff - open the files, create the user entries,
+	 * create the home directory, then close and update the files.
+	 */
+	open_files ();
+	update_user ();
+	update_groups ();
+
+	if (rflg) {
+		errors += remove_mailbox ();
+	}
+	if (rflg) {
+		int home_owned = is_owner (user_id, user_home);
+		if (-1 == home_owned) {
+			fprintf (stderr,
+			         _("%s: %s home directory (%s) not found\n"),
+			         Prog, user_name, user_home);
+			rflg = 0;
+		} else if ((0 == home_owned) && !fflg) {
+			fprintf (stderr,
+			         _("%s: %s not owned by %s, not removing\n"),
+			         Prog, user_home, user_name);
+			rflg = 0;
+			errors++;
+			/* continue */
+		}
+	}
+
+#ifdef EXTRA_CHECK_HOME_DIR
+	/* This may be slow, the above should be good enough. */
+	if (rflg && !fflg) {
+		struct passwd *pwd;
+		/*
+		 * For safety, refuse to remove the home directory if it
+		 * would result in removing some other user's home
+		 * directory. Still not perfect so be careful, but should
+		 * prevent accidents if someone has /home or / as home
+		 * directory...  --marekm
+		 */
+		setpwent ();
+		while ((pwd = getpwent ())) {
+			if (strcmp (pwd->pw_name, user_name) == 0) {
+				continue;
+			}
+			if (path_prefix (user_home, pwd->pw_dir)) {
+				fprintf (stderr,
+				         _("%s: not removing directory %s (would remove home of user %s)\n"),
+				         Prog, user_home, pwd->pw_name);
+				rflg = false;
+				errors++;
+				/* continue */
+				break;
+			}
+		}
+		endpwent ();
+	}
+#endif				/* EXTRA_CHECK_HOME_DIR */
+
+	if (rflg) {
+		if (remove_tree (user_home, true) != 0) {
+			fprintf (stderr,
+			         _("%s: error removing directory %s\n"),
+			         Prog, user_home);
+			errors++;
+			/* continue */
+		}
+#ifdef WITH_AUDIT
+		else
+		{
+			audit_logger (AUDIT_DEL_USER, Prog,
+			              "deleting home directory",
+			              user_name, (unsigned int) user_id,
+			              SHADOW_AUDIT_SUCCESS);
+		}
+#endif				/* WITH_AUDIT */
+	}
+#ifdef WITH_AUDIT
+	if (0 != errors) {
+		audit_logger (AUDIT_DEL_USER, Prog,
+		              "deleting home directory",
+		              user_name, AUDIT_NO_ID,
+		              SHADOW_AUDIT_FAILURE);
+	}
+#endif				/* WITH_AUDIT */
+
+#ifdef WITH_SELINUX
+	if (Zflg) {
+		if (del_seuser (user_name) != 0) {
+			fprintf (stderr,
+			         _("%s: warning: the user name %s to SELinux user mapping removal failed.\n"),
+			         Prog, user_name);
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "removing SELinux user mapping",
+			              user_name, (unsigned int) user_id,
+			              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+			fail_exit (E_SE_UPDATE);
+		}
+	}
+#endif				/* WITH_SELINUX */
+
+	/*
+	 * Cancel any crontabs or at jobs. Have to do this before we remove
+	 * the entry from /etc/passwd.
+	 */
+	user_cancel (user_name);
+	close_files ();
+
+#ifdef WITH_TCB
+	errors += remove_tcbdir (user_name, user_id);
+#endif				/* WITH_TCB */
+
+	nscd_flush_cache ("passwd");
+	nscd_flush_cache ("group");
+
+	return ((0 != errors) ? E_HOMEDIR : E_SUCCESS);
+}
+
diff --git a/src/usermod.c b/src/usermod.c
new file mode 100644
index 0000000..9c5e479
--- /dev/null
+++ b/src/usermod.c
@@ -0,0 +1,2285 @@
+/*
+ * Copyright (c) 1991 - 1994, Julianne Frances Haugh
+ * Copyright (c) 1996 - 2000, Marek Michałkiewicz
+ * Copyright (c) 2000 - 2006, Tomasz KÅ‚oczko
+ * Copyright (c) 2007 - 2011, Nicolas François
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the copyright holders or contributors may not be used to
+ *    endorse or promote products derived from this software without
+ *    specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <ctype.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <getopt.h>
+#include <grp.h>
+#include <lastlog.h>
+#include <pwd.h>
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+#include "pam_defs.h"
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <time.h>
+#include "chkname.h"
+#include "defines.h"
+#include "faillog.h"
+#include "getdef.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "prototypes.h"
+#include "pwauth.h"
+#include "pwio.h"
+#ifdef	SHADOWGRP
+#include "sgroupio.h"
+#endif
+#include "shadowio.h"
+#ifdef ENABLE_SUBIDS
+#include "subordinateio.h"
+#endif				/* ENABLE_SUBIDS */
+#ifdef WITH_TCB
+#include "tcbfuncs.h"
+#endif
+
+/*
+ * exit status values
+ * for E_GRP_UPDATE and E_NOSPACE (not used yet), other update requests
+ * will be implemented (as documented in the Solaris 2.x man page).
+ */
+/*@-exitarg@*/
+#define E_SUCCESS	0	/* success */
+#define E_PW_UPDATE	1	/* can't update password file */
+#define E_USAGE		2	/* invalid command syntax */
+#define E_BAD_ARG	3	/* invalid argument to option */
+#define E_UID_IN_USE	4	/* UID already in use (and no -o) */
+/* #define E_BAD_PWFILE	5	   passwd file contains errors */
+#define E_NOTFOUND	6	/* specified user/group doesn't exist */
+#define E_USER_BUSY	8	/* user to modify is logged in */
+#define E_NAME_IN_USE	9	/* username already in use */
+#define E_GRP_UPDATE	10	/* can't update group file */
+/* #define E_NOSPACE	11	   insufficient space to move home dir */
+#define E_HOMEDIR	12	/* unable to complete home dir move */
+#define E_SE_UPDATE	13	/* can't update SELinux user mapping */
+#ifdef ENABLE_SUBIDS
+#define E_SUB_UID_UPDATE 16	/* can't update the subordinate uid file */
+#define E_SUB_GID_UPDATE 18	/* can't update the subordinate gid file */
+#endif				/* ENABLE_SUBIDS */
+
+#define	VALID(s)	(strcspn (s, ":\n") == strlen (s))
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static char *user_name;
+static char *user_newname;
+static char *user_pass;
+static uid_t user_id;
+static uid_t user_newid;
+static gid_t user_gid;
+static gid_t user_newgid;
+static char *user_comment;
+static char *user_newcomment;
+static char *user_home;
+static char *user_newhome;
+static char *user_shell;
+#ifdef WITH_SELINUX
+static const char *user_selinux = "";
+#endif				/* WITH_SELINUX */
+static char *user_newshell;
+static long user_expire;
+static long user_newexpire;
+static long user_inactive;
+static long user_newinactive;
+static long sys_ngroups;
+static char **user_groups;	/* NULL-terminated list */
+
+static bool
+    aflg = false,		/* append to existing secondary group set */
+    cflg = false,		/* new comment (GECOS) field */
+    dflg = false,		/* new home directory */
+    eflg = false,		/* days since 1970-01-01 when account becomes expired */
+    fflg = false,		/* days until account with expired password is locked */
+    gflg = false,		/* new primary group ID */
+    Gflg = false,		/* new secondary group set */
+    Lflg = false,		/* lock the password */
+    lflg = false,		/* new user name */
+    mflg = false,		/* create user's home directory if it doesn't exist */
+    oflg = false,		/* permit non-unique user ID to be specified with -u */
+    pflg = false,		/* new encrypted password */
+    sflg = false,		/* new shell program */
+#ifdef WITH_SELINUX
+    Zflg = false,		/* new selinux user */
+#endif
+#ifdef ENABLE_SUBIDS
+    vflg = false,		/*    add subordinate uids */
+    Vflg = false,		/* delete subordinate uids */
+    wflg = false,		/*    add subordinate gids */
+    Wflg = false,		/* delete subordinate gids */
+#endif				/* ENABLE_SUBIDS */
+    uflg = false,		/* specify new user ID */
+    Uflg = false;		/* unlock the password */
+
+static bool is_shadow_pwd;
+
+#ifdef SHADOWGRP
+static bool is_shadow_grp;
+#endif
+
+#ifdef ENABLE_SUBIDS
+static bool is_sub_uid = false;
+static bool is_sub_gid = false;
+#endif				/* ENABLE_SUBIDS */
+
+static bool pw_locked  = false;
+static bool spw_locked = false;
+static bool gr_locked  = false;
+#ifdef SHADOWGRP
+static bool sgr_locked = false;
+#endif
+#ifdef ENABLE_SUBIDS
+static bool sub_uid_locked = false;
+static bool sub_gid_locked = false;
+#endif				/* ENABLE_SUBIDS */
+
+
+/* local function prototypes */
+static void date_to_str (/*@unique@*//*@out@*/char *buf, size_t maxsize,
+                         long int date);
+static int get_groups (char *);
+static /*@noreturn@*/void usage (int status);
+static void new_pwent (struct passwd *);
+static void new_spent (struct spwd *);
+static /*@noreturn@*/void fail_exit (int);
+static void update_group (void);
+
+#ifdef SHADOWGRP
+static void update_gshadow (void);
+#endif
+static void grp_update (void);
+
+static void process_flags (int, char **);
+static void close_files (void);
+static void open_files (void);
+static void usr_update (void);
+static void move_home (void);
+static void update_lastlog (void);
+static void update_faillog (void);
+
+#ifndef NO_MOVE_MAILBOX
+static void move_mailbox (void);
+#endif
+
+static void date_to_str (/*@unique@*//*@out@*/char *buf, size_t maxsize,
+                         long int date)
+{
+	struct tm *tp;
+
+	if (date < 0) {
+		strncpy (buf, "never", maxsize);
+	} else {
+		time_t t = (time_t) date;
+		tp = gmtime (&t);
+#ifdef HAVE_STRFTIME
+		strftime (buf, maxsize, "%Y-%m-%d", tp);
+#else
+		(void) snprintf (buf, maxsize, "%04d-%02d-%02d",
+		                 tp->tm_year + 1900,
+		                 tp->tm_mon + 1,
+		                 tp->tm_mday);
+#endif				/* HAVE_STRFTIME */
+	}
+	buf[maxsize - 1] = '\0';
+}
+
+/*
+ * get_groups - convert a list of group names to an array of group IDs
+ *
+ *	get_groups() takes a comma-separated list of group names and
+ *	converts it to a NULL-terminated array. Any unknown group names are
+ *	reported as errors.
+ */
+static int get_groups (char *list)
+{
+	char *cp;
+	const struct group *grp;
+	int errors = 0;
+	int ngroups = 0;
+
+	/*
+	 * Initialize the list to be empty
+	 */
+	user_groups[0] = (char *) 0;
+
+	if ('\0' == *list) {
+		return 0;
+	}
+
+	/*
+	 * So long as there is some data to be converted, strip off each
+	 * name and look it up. A mix of numerical and string values for
+	 * group identifiers is permitted.
+	 */
+	do {
+		/*
+		 * Strip off a single name from the list
+		 */
+		cp = strchr (list, ',');
+		if (NULL != cp) {
+			*cp = '\0';
+			cp++;
+		}
+
+		/*
+		 * Names starting with digits are treated as numerical GID
+		 * values, otherwise the string is looked up as is.
+		 */
+		grp = getgr_nam_gid (list);
+
+		/*
+		 * There must be a match, either by GID value or by
+		 * string name.
+		 */
+		if (NULL == grp) {
+			fprintf (stderr, _("%s: group '%s' does not exist\n"),
+			         Prog, list);
+			errors++;
+		}
+		list = cp;
+
+		/*
+		 * If the group doesn't exist, don't dump core. Instead,
+		 * try the next one.  --marekm
+		 */
+		if (NULL == grp) {
+			continue;
+		}
+
+#ifdef	USE_NIS
+		/*
+		 * Don't add this group if they are an NIS group. Tell the
+		 * user to go to the server for this group.
+		 */
+		if (__isgrNIS ()) {
+			fprintf (stderr,
+			         _("%s: group '%s' is a NIS group.\n"),
+			         Prog, grp->gr_name);
+			gr_free ((struct group *)grp);
+			continue;
+		}
+#endif
+
+		if (ngroups == sys_ngroups) {
+			fprintf (stderr,
+			         _("%s: too many groups specified (max %d).\n"),
+			         Prog, ngroups);
+			gr_free ((struct group *)grp);
+			break;
+		}
+
+		/*
+		 * Add the group name to the user's list of groups.
+		 */
+		user_groups[ngroups++] = xstrdup (grp->gr_name);
+		gr_free ((struct group *)grp);
+	} while (NULL != list);
+
+	user_groups[ngroups] = (char *) 0;
+
+	/*
+	 * Any errors in finding group names are fatal
+	 */
+	if (0 != errors) {
+		return -1;
+	}
+
+	return 0;
+}
+
+#ifdef ENABLE_SUBIDS
+struct ulong_range
+{
+	unsigned long first;
+	unsigned long last;
+};
+
+static struct ulong_range getulong_range(const char *str)
+{
+	struct ulong_range result = { .first = ULONG_MAX, .last = 0 };
+	long long first, last;
+	char *pos;
+
+	errno = 0;
+	first = strtoll(str, &pos, 10);
+	if (('\0' == *str) || ('-' != *pos ) || (ERANGE == errno) ||
+	    (first != (unsigned long int)first))
+		goto out;
+
+	errno = 0;
+	last = strtoll(pos + 1, &pos, 10);
+	if (('\0' != *pos ) || (ERANGE == errno) ||
+	    (last != (unsigned long int)last))
+		goto out;
+
+	if (first > last)
+		goto out;
+
+	result.first = (unsigned long int)first;
+	result.last = (unsigned long int)last;
+out:
+	return result;
+	
+}
+
+struct ulong_range_list_entry {
+	struct ulong_range_list_entry *next;
+	struct ulong_range range;
+};
+
+static struct ulong_range_list_entry *add_sub_uids = NULL, *del_sub_uids = NULL;
+static struct ulong_range_list_entry *add_sub_gids = NULL, *del_sub_gids = NULL;
+
+static int prepend_range(const char *str, struct ulong_range_list_entry **head)
+{
+	struct ulong_range range;
+	struct ulong_range_list_entry *entry;
+	range = getulong_range(str);
+	if (range.first > range.last)
+		return 0;
+
+	entry = malloc(sizeof(*entry));
+	if (!entry) {
+		fprintf (stderr,
+			_("%s: failed to allocate memory: %s\n"),
+			Prog, strerror (errno));
+		return 0;
+	}
+	entry->next = *head;
+	entry->range = range;
+	*head = entry;
+	return 1;
+}
+#endif				/* ENABLE_SUBIDS */
+
+/*
+ * usage - display usage message and exit
+ */
+static /*@noreturn@*/void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (usageout,
+	                _("Usage: %s [options] LOGIN\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -c, --comment COMMENT         new value of the GECOS field\n"), usageout);
+	(void) fputs (_("  -d, --home HOME_DIR           new home directory for the user account\n"), usageout);
+	(void) fputs (_("  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE\n"), usageout);
+	(void) fputs (_("  -f, --inactive INACTIVE       set password inactive after expiration\n"
+	                "                                to INACTIVE\n"), usageout);
+	(void) fputs (_("  -g, --gid GROUP               force use GROUP as new primary group\n"), usageout);
+	(void) fputs (_("  -G, --groups GROUPS           new list of supplementary GROUPS\n"), usageout);
+	(void) fputs (_("  -a, --append                  append the user to the supplemental GROUPS\n"
+	                "                                mentioned by the -G option without removing\n"
+	                "                                him/her from other groups\n"), usageout);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -l, --login NEW_LOGIN         new value of the login name\n"), usageout);
+	(void) fputs (_("  -L, --lock                    lock the user account\n"), usageout);
+	(void) fputs (_("  -m, --move-home               move contents of the home directory to the\n"
+	                "                                new location (use only with -d)\n"), usageout);
+	(void) fputs (_("  -o, --non-unique              allow using duplicate (non-unique) UID\n"), usageout);
+	(void) fputs (_("  -p, --password PASSWORD       use encrypted password for the new password\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs (_("  -s, --shell SHELL             new login shell for the user account\n"), usageout);
+	(void) fputs (_("  -u, --uid UID                 new UID for the user account\n"), usageout);
+	(void) fputs (_("  -U, --unlock                  unlock the user account\n"), usageout);
+#ifdef ENABLE_SUBIDS
+	(void) fputs (_("  -v, --add-subuids FIRST-LAST  add range of subordinate uids\n"), usageout);
+	(void) fputs (_("  -V, --del-subuids FIRST-LAST  remove range of subordinate uids\n"), usageout);
+	(void) fputs (_("  -w, --add-subgids FIRST-LAST  add range of subordinate gids\n"), usageout);
+	(void) fputs (_("  -W, --del-subgids FIRST-LAST  remove range of subordinate gids\n"), usageout);
+#endif				/* ENABLE_SUBIDS */
+#ifdef WITH_SELINUX
+	(void) fputs (_("  -Z, --selinux-user SEUSER     new SELinux user mapping for the user account\n"), usageout);
+#endif				/* WITH_SELINUX */
+	(void) fputs ("\n", usageout);
+	exit (status);
+}
+
+/*
+ * update encrypted password string (for both shadow and non-shadow
+ * passwords)
+ */
+static char *new_pw_passwd (char *pw_pass)
+{
+	if (Lflg && ('!' != pw_pass[0])) {
+		char *buf = xmalloc (strlen (pw_pass) + 2);
+
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              "updating passwd",
+		              user_newname, (unsigned int) user_newid, 0);
+#endif
+		SYSLOG ((LOG_INFO, "lock user '%s' password", user_newname));
+		strcpy (buf, "!");
+		strcat (buf, pw_pass);
+		pw_pass = buf;
+	} else if (Uflg && pw_pass[0] == '!') {
+		char *s;
+
+		if (pw_pass[1] == '\0') {
+			fprintf (stderr,
+			         _("%s: unlocking the user's password would result in a passwordless account.\n"
+			           "You should set a password with usermod -p to unlock this user's password.\n"),
+			         Prog);
+			return pw_pass;
+		}
+
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              "updating password",
+		              user_newname, (unsigned int) user_newid, 0);
+#endif
+		SYSLOG ((LOG_INFO, "unlock user '%s' password", user_newname));
+		s = pw_pass;
+		while ('\0' != *s) {
+			*s = *(s + 1);
+			s++;
+		}
+	} else if (pflg) {
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              "changing password",
+		              user_newname, (unsigned int) user_newid, 1);
+#endif
+		SYSLOG ((LOG_INFO, "change user '%s' password", user_newname));
+		pw_pass = xstrdup (user_pass);
+	}
+	return pw_pass;
+}
+
+/*
+ * new_pwent - initialize the values in a password file entry
+ *
+ *	new_pwent() takes all of the values that have been entered and fills
+ *	in a (struct passwd) with them.
+ */
+static void new_pwent (struct passwd *pwent)
+{
+	if (lflg) {
+		if (pw_locate (user_newname) != NULL) {
+			/* This should never happen.
+			 * It was already checked that the user doesn't
+			 * exist on the system.
+			 */
+			fprintf (stderr,
+			         _("%s: user '%s' already exists in %s\n"),
+			         Prog, user_newname, pw_dbname ());
+			fail_exit (E_NAME_IN_USE);
+		}
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              "changing name",
+		              user_newname, (unsigned int) user_newid, 1);
+#endif
+		SYSLOG ((LOG_INFO,
+		         "change user name '%s' to '%s'",
+		         pwent->pw_name, user_newname));
+		pwent->pw_name = xstrdup (user_newname);
+	}
+	/* Update the password in passwd if there is no shadow file or if
+	 * the password is currently in passwd (pw_passwd != "x").
+	 * We do not force the usage of shadow passwords if they are not
+	 * used for this account.
+	 */
+	if (   (!is_shadow_pwd)
+	    || (strcmp (pwent->pw_passwd, SHADOW_PASSWD_STRING) != 0)) {
+		pwent->pw_passwd = new_pw_passwd (pwent->pw_passwd);
+	}
+
+	if (uflg) {
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              "changing uid",
+		              user_newname, (unsigned int) user_newid, 1);
+#endif
+		SYSLOG ((LOG_INFO,
+		         "change user '%s' UID from '%d' to '%d'",
+		         pwent->pw_name, pwent->pw_uid, user_newid));
+		pwent->pw_uid = user_newid;
+	}
+	if (gflg) {
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              "changing primary group",
+		              user_newname, (unsigned int) user_newid, 1);
+#endif
+		SYSLOG ((LOG_INFO,
+		         "change user '%s' GID from '%d' to '%d'",
+		         pwent->pw_name, pwent->pw_gid, user_newgid));
+		pwent->pw_gid = user_newgid;
+	}
+	if (cflg) {
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              "changing comment",
+		              user_newname, (unsigned int) user_newid, 1);
+#endif
+		pwent->pw_gecos = user_newcomment;
+	}
+
+	if (dflg) {
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              "changing home directory",
+		              user_newname, (unsigned int) user_newid, 1);
+#endif
+		SYSLOG ((LOG_INFO,
+		         "change user '%s' home from '%s' to '%s'",
+		         pwent->pw_name, pwent->pw_dir, user_newhome));
+		pwent->pw_dir = user_newhome;
+	}
+	if (sflg) {
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              "changing user shell",
+		              user_newname, (unsigned int) user_newid, 1);
+#endif
+		SYSLOG ((LOG_INFO,
+		         "change user '%s' shell from '%s' to '%s'",
+		         pwent->pw_name, pwent->pw_shell, user_newshell));
+		pwent->pw_shell = user_newshell;
+	}
+}
+
+/*
+ * new_spent - initialize the values in a shadow password file entry
+ *
+ *	new_spent() takes all of the values that have been entered and fills
+ *	in a (struct spwd) with them.
+ */
+static void new_spent (struct spwd *spent)
+{
+	if (lflg) {
+		if (spw_locate (user_newname) != NULL) {
+			fprintf (stderr,
+			         _("%s: user '%s' already exists in %s\n"),
+			         Prog, user_newname, spw_dbname ());
+			fail_exit (E_NAME_IN_USE);
+		}
+		spent->sp_namp = xstrdup (user_newname);
+	}
+
+	if (fflg) {
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              "changing inactive days",
+		              user_newname, (unsigned int) user_newid, 1);
+#endif
+		SYSLOG ((LOG_INFO,
+		         "change user '%s' inactive from '%ld' to '%ld'",
+		         spent->sp_namp, spent->sp_inact, user_newinactive));
+		spent->sp_inact = user_newinactive;
+	}
+	if (eflg) {
+		/* log dates rather than numbers of days. */
+		char new_exp[16], old_exp[16];
+		date_to_str (new_exp, sizeof(new_exp),
+		             user_newexpire * DAY);
+		date_to_str (old_exp, sizeof(old_exp),
+		             user_expire * DAY);
+#ifdef WITH_AUDIT
+		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+		              "changing expiration date",
+		              user_newname, (unsigned int) user_newid, 1);
+#endif
+		SYSLOG ((LOG_INFO,
+		         "change user '%s' expiration from '%s' to '%s'",
+		         spent->sp_namp, old_exp, new_exp));
+		spent->sp_expire = user_newexpire;
+	}
+
+	/* Always update the shadowed password if there is a shadow entry
+	 * (even if shadowed passwords might not be enabled for this
+	 * account (pw_passwd != "x")).
+	 * It seems better to update the password in both places in case a
+	 * shadow and a non shadow entry exist.
+	 * This might occur if:
+	 *  + there were already both entries
+	 *  + aging has been requested
+	 */
+	spent->sp_pwdp = new_pw_passwd (spent->sp_pwdp);
+
+	if (pflg) {
+		spent->sp_lstchg = (long) gettime () / SCALE;
+		if (0 == spent->sp_lstchg) {
+			/* Better disable aging than requiring a password
+			 * change. */
+			spent->sp_lstchg = -1;
+		}
+	}
+}
+
+/*
+ * fail_exit - exit with an error code after unlocking files
+ */
+static /*@noreturn@*/void fail_exit (int code)
+{
+	if (gr_locked) {
+		if (gr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+			/* continue */
+		}
+	}
+#ifdef	SHADOWGRP
+	if (sgr_locked) {
+		if (sgr_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+			/* continue */
+		}
+	}
+#endif
+	if (spw_locked) {
+		if (spw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+			/* continue */
+		}
+	}
+	if (pw_locked) {
+		if (pw_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+			/* continue */
+		}
+	}
+#ifdef ENABLE_SUBIDS
+	if (sub_uid_locked) {
+		if (sub_uid_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
+			/* continue */
+		}
+	}
+	if (sub_gid_locked) {
+		if (sub_gid_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
+			/* continue */
+		}
+	}
+#endif				/* ENABLE_SUBIDS */
+
+#ifdef WITH_AUDIT
+	audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+	              "modifying account",
+	              user_name, AUDIT_NO_ID, 0);
+#endif
+	exit (code);
+}
+
+
+static void update_group (void)
+{
+	bool is_member;
+	bool was_member;
+	bool changed;
+	const struct group *grp;
+	struct group *ngrp;
+
+	changed = false;
+
+	/*
+	 * Scan through the entire group file looking for the groups that
+	 * the user is a member of.
+	 */
+	while ((grp = gr_next ()) != NULL) {
+		/*
+		 * See if the user specified this group as one of their
+		 * concurrent groups.
+		 */
+		was_member = is_on_list (grp->gr_mem, user_name);
+		is_member = Gflg && (   (was_member && aflg)
+		                     || is_on_list (user_groups, grp->gr_name));
+
+		if (!was_member && !is_member) {
+			continue;
+		}
+
+		ngrp = __gr_dup (grp);
+		if (NULL == ngrp) {
+			fprintf (stderr,
+			         _("%s: Out of memory. Cannot update %s.\n"),
+			         Prog, gr_dbname ());
+			fail_exit (E_GRP_UPDATE);
+		}
+
+		if (was_member) {
+			if ((!Gflg) || is_member) {
+				/* User was a member and is still a member
+				 * of this group.
+				 * But the user might have been renamed.
+				 */
+				if (lflg) {
+					ngrp->gr_mem = del_list (ngrp->gr_mem,
+					                         user_name);
+					ngrp->gr_mem = add_list (ngrp->gr_mem,
+					                         user_newname);
+					changed = true;
+#ifdef WITH_AUDIT
+					audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+					              "changing group member",
+					              user_newname, AUDIT_NO_ID, 1);
+#endif
+					SYSLOG ((LOG_INFO,
+					         "change '%s' to '%s' in group '%s'",
+					         user_name, user_newname,
+					         ngrp->gr_name));
+				}
+			} else {
+				/* User was a member but is no more a
+				 * member of this group.
+				 */
+				ngrp->gr_mem = del_list (ngrp->gr_mem, user_name);
+				changed = true;
+#ifdef WITH_AUDIT
+				audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+				              "removing group member",
+				              user_name, AUDIT_NO_ID, 1);
+#endif
+				SYSLOG ((LOG_INFO,
+				         "delete '%s' from group '%s'",
+				         user_name, ngrp->gr_name));
+			}
+		} else {
+			/* User was not a member but is now a member this
+			 * group.
+			 */
+			ngrp->gr_mem = add_list (ngrp->gr_mem, user_newname);
+			changed = true;
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			              "adding user to group",
+			              user_name, AUDIT_NO_ID, 1);
+#endif
+			SYSLOG ((LOG_INFO, "add '%s' to group '%s'",
+			         user_newname, ngrp->gr_name));
+		}
+		if (!changed) {
+			continue;
+		}
+
+		changed = false;
+		if (gr_update (ngrp) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, gr_dbname (), ngrp->gr_name);
+			SYSLOG ((LOG_WARN, "failed to prepare the new %s entry '%s'", gr_dbname (), ngrp->gr_name));
+			fail_exit (E_GRP_UPDATE);
+		}
+	}
+}
+
+#ifdef SHADOWGRP
+static void update_gshadow (void)
+{
+	bool is_member;
+	bool was_member;
+	bool was_admin;
+	bool changed;
+	const struct sgrp *sgrp;
+	struct sgrp *nsgrp;
+
+	changed = false;
+
+	/*
+	 * Scan through the entire shadow group file looking for the groups
+	 * that the user is a member of.
+	 */
+	while ((sgrp = sgr_next ()) != NULL) {
+
+		/*
+		 * See if the user was a member of this group
+		 */
+		was_member = is_on_list (sgrp->sg_mem, user_name);
+
+		/*
+		 * See if the user was an administrator of this group
+		 */
+		was_admin = is_on_list (sgrp->sg_adm, user_name);
+
+		/*
+		 * See if the user specified this group as one of their
+		 * concurrent groups.
+		 */
+		is_member = Gflg && (   (was_member && aflg)
+		                     || is_on_list (user_groups, sgrp->sg_name));
+
+		if (!was_member && !was_admin && !is_member) {
+			continue;
+		}
+
+		nsgrp = __sgr_dup (sgrp);
+		if (NULL == nsgrp) {
+			fprintf (stderr,
+			         _("%s: Out of memory. Cannot update %s.\n"),
+			         Prog, sgr_dbname ());
+			fail_exit (E_GRP_UPDATE);
+		}
+
+		if (was_admin && lflg) {
+			/* User was an admin of this group but the user
+			 * has been renamed.
+			 */
+			nsgrp->sg_adm = del_list (nsgrp->sg_adm, user_name);
+			nsgrp->sg_adm = add_list (nsgrp->sg_adm, user_newname);
+			changed = true;
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			              "changing admin name in shadow group",
+			              user_name, AUDIT_NO_ID, 1);
+#endif
+			SYSLOG ((LOG_INFO,
+			         "change admin '%s' to '%s' in shadow group '%s'",
+			         user_name, user_newname, nsgrp->sg_name));
+		}
+
+		if (was_member) {
+			if ((!Gflg) || is_member) {
+				/* User was a member and is still a member
+				 * of this group.
+				 * But the user might have been renamed.
+				 */
+				if (lflg) {
+					nsgrp->sg_mem = del_list (nsgrp->sg_mem,
+					                          user_name);
+					nsgrp->sg_mem = add_list (nsgrp->sg_mem,
+					                          user_newname);
+					changed = true;
+#ifdef WITH_AUDIT
+					audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+					              "changing member in shadow group",
+					              user_name, AUDIT_NO_ID, 1);
+#endif
+					SYSLOG ((LOG_INFO,
+					         "change '%s' to '%s' in shadow group '%s'",
+					         user_name, user_newname,
+					         nsgrp->sg_name));
+				}
+			} else {
+				/* User was a member but is no more a
+				 * member of this group.
+				 */
+				nsgrp->sg_mem = del_list (nsgrp->sg_mem, user_name);
+				changed = true;
+#ifdef WITH_AUDIT
+				audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+				              "removing user from shadow group",
+				              user_name, AUDIT_NO_ID, 1);
+#endif
+				SYSLOG ((LOG_INFO,
+				         "delete '%s' from shadow group '%s'",
+				         user_name, nsgrp->sg_name));
+			}
+		} else if (is_member) {
+			/* User was not a member but is now a member this
+			 * group.
+			 */
+			nsgrp->sg_mem = add_list (nsgrp->sg_mem, user_newname);
+			changed = true;
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			              "adding user to shadow group",
+			              user_newname, AUDIT_NO_ID, 1);
+#endif
+			SYSLOG ((LOG_INFO, "add '%s' to shadow group '%s'",
+			         user_newname, nsgrp->sg_name));
+		}
+		if (!changed) {
+			continue;
+		}
+
+		changed = false;
+
+		/* 
+		 * Update the group entry to reflect the changes.
+		 */
+		if (sgr_update (nsgrp) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, sgr_dbname (), nsgrp->sg_name);
+			SYSLOG ((LOG_WARN, "failed to prepare the new %s entry '%s'",
+			         sgr_dbname (), nsgrp->sg_name));
+			fail_exit (E_GRP_UPDATE);
+		}
+	}
+}
+#endif				/* SHADOWGRP */
+
+/*
+ * grp_update - add user to secondary group set
+ *
+ *	grp_update() takes the secondary group set given in user_groups and
+ *	adds the user to each group given by that set.
+ */
+static void grp_update (void)
+{
+	update_group ();
+#ifdef SHADOWGRP
+	if (is_shadow_grp) {
+		update_gshadow ();
+	}
+#endif
+}
+
+/*
+ * process_flags - perform command line argument setting
+ *
+ *	process_flags() interprets the command line arguments and sets the
+ *	values that the user will be created with accordingly. The values
+ *	are checked for sanity.
+ */
+static void process_flags (int argc, char **argv)
+{
+	const struct group *grp;
+
+	bool anyflag = false;
+
+	{
+		/*
+		 * Parse the command line options.
+		 */
+		int c;
+		static struct option long_options[] = {
+			{"append",       no_argument,       NULL, 'a'},
+			{"comment",      required_argument, NULL, 'c'},
+			{"home",         required_argument, NULL, 'd'},
+			{"expiredate",   required_argument, NULL, 'e'},
+			{"inactive",     required_argument, NULL, 'f'},
+			{"gid",          required_argument, NULL, 'g'},
+			{"groups",       required_argument, NULL, 'G'},
+			{"help",         no_argument,       NULL, 'h'},
+			{"login",        required_argument, NULL, 'l'},
+			{"lock",         no_argument,       NULL, 'L'},
+			{"move-home",    no_argument,       NULL, 'm'},
+			{"non-unique",   no_argument,       NULL, 'o'},
+			{"password",     required_argument, NULL, 'p'},
+			{"root",         required_argument, NULL, 'R'},
+			{"shell",        required_argument, NULL, 's'},
+			{"uid",          required_argument, NULL, 'u'},
+			{"unlock",       no_argument,       NULL, 'U'},
+#ifdef ENABLE_SUBIDS
+			{"add-subuids",  required_argument, NULL, 'v'},
+			{"del-subuids",  required_argument, NULL, 'V'},
+ 			{"add-subgids",  required_argument, NULL, 'w'},
+ 			{"del-subgids",  required_argument, NULL, 'W'},
+#endif				/* ENABLE_SUBIDS */
+#ifdef WITH_SELINUX
+			{"selinux-user", required_argument, NULL, 'Z'},
+#endif				/* WITH_SELINUX */
+			{NULL, 0, NULL, '\0'}
+		};
+		while ((c = getopt_long (argc, argv,
+		                         "ac:d:e:f:g:G:hl:Lmop:R:s:u:U"
+#ifdef ENABLE_SUBIDS
+		                         "v:w:V:W:"
+#endif				/* ENABLE_SUBIDS */
+#ifdef WITH_SELINUX
+			                 "Z:"
+#endif				/* WITH_SELINUX */
+			                 , long_options, NULL)) != -1) {
+			switch (c) {
+			case 'a':
+				aflg = true;
+				break;
+			case 'c':
+				if (!VALID (optarg)) {
+					fprintf (stderr,
+					         _("%s: invalid field '%s'\n"),
+					         Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				user_newcomment = optarg;
+				cflg = true;
+				break;
+			case 'd':
+				if (!VALID (optarg)) {
+					fprintf (stderr,
+					         _("%s: invalid field '%s'\n"),
+					         Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				dflg = true;
+				user_newhome = optarg;
+				break;
+			case 'e':
+				if ('\0' != *optarg) {
+					user_newexpire = strtoday (optarg);
+					if (user_newexpire < -1) {
+						fprintf (stderr,
+						         _("%s: invalid date '%s'\n"),
+						         Prog, optarg);
+						exit (E_BAD_ARG);
+					}
+					user_newexpire *= DAY / SCALE;
+				} else {
+					user_newexpire = -1;
+				}
+				eflg = true;
+				break;
+			case 'f':
+				if (   (getlong (optarg, &user_newinactive) == 0)
+				    || (user_newinactive < -1)) {
+					fprintf (stderr,
+					         _("%s: invalid numeric argument '%s'\n"),
+					         Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				fflg = true;
+				break;
+			case 'g':
+				grp = getgr_nam_gid (optarg);
+				if (NULL == grp) {
+					fprintf (stderr,
+					         _("%s: group '%s' does not exist\n"),
+					         Prog, optarg);
+					exit (E_NOTFOUND);
+				}
+				user_newgid = grp->gr_gid;
+				gflg = true;
+				break;
+			case 'G':
+				if (get_groups (optarg) != 0) {
+					exit (E_NOTFOUND);
+				}
+				Gflg = true;
+				break;
+			case 'h':
+				usage (E_SUCCESS);
+				/*@notreached@*/break;
+			case 'l':
+				if (!is_valid_user_name (optarg)) {
+					fprintf (stderr,
+					         _("%s: invalid user name '%s'\n"),
+					         Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				lflg = true;
+				user_newname = optarg;
+				break;
+			case 'L':
+				Lflg = true;
+				break;
+			case 'm':
+				mflg = true;
+				break;
+			case 'o':
+				oflg = true;
+				break;
+			case 'p':
+				user_pass = optarg;
+				pflg = true;
+				break;
+			case 'R': /* no-op, handled in process_root_flag () */
+				break;
+			case 's':
+				if (!VALID (optarg)) {
+					fprintf (stderr,
+					         _("%s: invalid field '%s'\n"),
+					         Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				user_newshell = optarg;
+				sflg = true;
+				break;
+			case 'u':
+				if (   (get_uid (optarg, &user_newid) ==0)
+				    || (user_newid == (uid_t)-1)) {
+					fprintf (stderr,
+					         _("%s: invalid user ID '%s'\n"),
+					         Prog, optarg);
+					exit (E_BAD_ARG);
+				}
+				uflg = true;
+				break;
+			case 'U':
+				Uflg = true;
+				break;
+#ifdef ENABLE_SUBIDS
+			case 'v':
+				if (prepend_range (optarg, &add_sub_uids) == 0) {
+					fprintf (stderr,
+						_("%s: invalid subordinate uid range '%s'\n"),
+						Prog, optarg);
+					exit(E_BAD_ARG);
+				}
+				vflg = true;
+				break;
+			case 'V':
+				if (prepend_range (optarg, &del_sub_uids) == 0) {
+					fprintf (stderr,
+						_("%s: invalid subordinate uid range '%s'\n"),
+						Prog, optarg);
+					exit(E_BAD_ARG);
+				}
+				Vflg = true;
+				break;
+			case 'w':
+				if (prepend_range (optarg, &add_sub_gids) == 0) {
+					fprintf (stderr,
+						_("%s: invalid subordinate gid range '%s'\n"),
+						Prog, optarg);
+					exit(E_BAD_ARG);
+				}
+				wflg = true;
+                break;
+			case 'W':
+				if (prepend_range (optarg, &del_sub_gids) == 0) {
+					fprintf (stderr,
+						_("%s: invalid subordinate gid range '%s'\n"),
+						Prog, optarg);
+					exit(E_BAD_ARG);
+				}
+				Wflg = true;
+				break;
+#endif				/* ENABLE_SUBIDS */
+#ifdef WITH_SELINUX
+			case 'Z':
+				if (is_selinux_enabled () > 0) {
+					user_selinux = optarg;
+					Zflg = true;
+				} else {
+					fprintf (stderr,
+					         _("%s: -Z requires SELinux enabled kernel\n"),
+					         Prog);
+					exit (E_BAD_ARG);
+				}
+				break;
+#endif				/* WITH_SELINUX */
+			default:
+				usage (E_USAGE);
+			}
+			anyflag = true;
+		}
+	}
+
+	if (optind != argc - 1) {
+		usage (E_USAGE);
+	}
+
+	user_name = argv[argc - 1];
+
+	{
+		const struct passwd *pwd;
+		/* local, no need for xgetpwnam */
+		pwd = getpwnam (user_name);
+		if (NULL == pwd) {
+			fprintf (stderr,
+			         _("%s: user '%s' does not exist\n"),
+			         Prog, user_name);
+			exit (E_NOTFOUND);
+		}
+
+		user_id = pwd->pw_uid;
+		user_gid = pwd->pw_gid;
+		user_comment = xstrdup (pwd->pw_gecos);
+		user_home = xstrdup (pwd->pw_dir);
+		user_shell = xstrdup (pwd->pw_shell);
+	}
+
+	/* user_newname, user_newid, user_newgid can be used even when the
+	 * options where not specified. */
+	if (!lflg) {
+		user_newname = user_name;
+	}
+	if (!uflg) {
+		user_newid = user_id;
+	}
+	if (!gflg) {
+		user_newgid = user_gid;
+	}
+
+#ifdef	USE_NIS
+	/*
+	 * Now make sure it isn't an NIS user.
+	 */
+	if (__ispwNIS ()) {
+		char *nis_domain;
+		char *nis_master;
+
+		fprintf (stderr,
+		         _("%s: user %s is a NIS user\n"),
+		         Prog, user_name);
+
+		if (   !yp_get_default_domain (&nis_domain)
+		    && !yp_master (nis_domain, "passwd.byname", &nis_master)) {
+			fprintf (stderr,
+			         _("%s: %s is the NIS master\n"),
+			         Prog, nis_master);
+		}
+		exit (E_NOTFOUND);
+	}
+#endif
+
+	{
+		const struct spwd *spwd = NULL;
+		/* local, no need for xgetspnam */
+		if (is_shadow_pwd && ((spwd = getspnam (user_name)) != NULL)) {
+			user_expire = spwd->sp_expire;
+			user_inactive = spwd->sp_inact;
+		}
+	}
+
+	if (!anyflag) {
+		fprintf (stderr, _("%s: no options\n"), Prog);
+		usage (E_USAGE);
+	}
+
+	if (aflg && (!Gflg)) {
+		fprintf (stderr,
+		         _("%s: %s flag is only allowed with the %s flag\n"),
+		         Prog, "-a", "-G");
+		usage (E_USAGE);
+	}
+
+	if ((Lflg && (pflg || Uflg)) || (pflg && Uflg)) {
+		fprintf (stderr,
+		         _("%s: the -L, -p, and -U flags are exclusive\n"),
+		         Prog);
+		usage (E_USAGE);
+	}
+
+	if (oflg && !uflg) {
+		fprintf (stderr,
+		         _("%s: %s flag is only allowed with the %s flag\n"),
+		         Prog, "-o", "-u");
+		usage (E_USAGE);
+	}
+
+	if (mflg && !dflg) {
+		fprintf (stderr,
+		         _("%s: %s flag is only allowed with the %s flag\n"),
+		         Prog, "-m", "-d");
+		usage (E_USAGE);
+	}
+
+	if (user_newid == user_id) {
+		uflg = false;
+		oflg = false;
+	}
+	if (user_newgid == user_gid) {
+		gflg = false;
+	}
+	if (   (NULL != user_newshell)
+	    && (strcmp (user_newshell, user_shell) == 0)) {
+		sflg = false;
+	}
+	if (strcmp (user_newname, user_name) == 0) {
+		lflg = false;
+	}
+	if (user_newinactive == user_inactive) {
+		fflg = false;
+	}
+	if (user_newexpire == user_expire) {
+		eflg = false;
+	}
+	if (   (NULL != user_newhome)
+	    && (strcmp (user_newhome, user_home) == 0)) {
+		dflg = false;
+		mflg = false;
+	}
+	if (   (NULL != user_newcomment)
+	    && (strcmp (user_newcomment, user_comment) == 0)) {
+		cflg = false;
+	}
+
+	if (!(Uflg || uflg || sflg || pflg || mflg || Lflg ||
+	      lflg || Gflg || gflg || fflg || eflg || dflg || cflg
+#ifdef ENABLE_SUBIDS
+	      || vflg || Vflg || wflg || Wflg
+#endif				/* ENABLE_SUBIDS */
+#ifdef WITH_SELINUX
+	      || Zflg
+#endif				/* WITH_SELINUX */
+	)) {
+		fprintf (stderr, _("%s: no changes\n"), Prog);
+		exit (E_SUCCESS);
+	}
+
+	if (!is_shadow_pwd && (eflg || fflg)) {
+		fprintf (stderr,
+		         _("%s: shadow passwords required for -e and -f\n"),
+		         Prog);
+		exit (E_USAGE);
+	}
+
+	/* local, no need for xgetpwnam */
+	if (lflg && (getpwnam (user_newname) != NULL)) {
+		fprintf (stderr,
+		         _("%s: user '%s' already exists\n"),
+		         Prog, user_newname);
+		exit (E_NAME_IN_USE);
+	}
+
+	/* local, no need for xgetpwuid */
+	if (uflg && !oflg && (getpwuid (user_newid) != NULL)) {
+		fprintf (stderr,
+		         _("%s: UID '%lu' already exists\n"),
+		         Prog, (unsigned long) user_newid);
+		exit (E_UID_IN_USE);
+	}
+
+#ifdef ENABLE_SUBIDS
+	if (   (vflg || Vflg)
+	    && !is_sub_uid) {
+		fprintf (stderr,
+		         _("%s: %s does not exist, you cannot use the flags %s or %s\n"),
+		         Prog, sub_uid_dbname (), "-v", "-V");
+		exit (E_USAGE);
+	}
+
+	if (   (wflg || Wflg)
+	    && !is_sub_gid) {
+		fprintf (stderr,
+		         _("%s: %s does not exist, you cannot use the flags %s or %s\n"),
+		         Prog, sub_gid_dbname (), "-w", "-W");
+		exit (E_USAGE);
+	}
+#endif				/* ENABLE_SUBIDS */
+}
+
+/*
+ * close_files - close all of the files that were opened
+ *
+ *	close_files() closes all of the files that were opened for this new
+ *	user. This causes any modified entries to be written out.
+ */
+static void close_files (void)
+{
+	if (pw_close () == 0) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"),
+		         Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+		fail_exit (E_PW_UPDATE);
+	}
+	if (is_shadow_pwd && (spw_close () == 0)) {
+		fprintf (stderr,
+		         _("%s: failure while writing changes to %s\n"),
+		         Prog, spw_dbname ());
+		SYSLOG ((LOG_ERR,
+		         "failure while writing changes to %s",
+		         spw_dbname ()));
+		fail_exit (E_PW_UPDATE);
+	}
+
+	if (Gflg || lflg) {
+		if (gr_close () == 0) {
+			fprintf (stderr,
+			         _("%s: failure while writing changes to %s\n"),
+			         Prog, gr_dbname ());
+			SYSLOG ((LOG_ERR,
+			         "failure while writing changes to %s",
+			         gr_dbname ()));
+			fail_exit (E_GRP_UPDATE);
+		}
+#ifdef SHADOWGRP
+		if (is_shadow_grp) {
+			if (sgr_close () == 0) {
+				fprintf (stderr,
+				         _("%s: failure while writing changes to %s\n"),
+				         Prog, sgr_dbname ());
+				SYSLOG ((LOG_ERR,
+				         "failure while writing changes to %s",
+				         sgr_dbname ()));
+				fail_exit (E_GRP_UPDATE);
+			}
+		}
+#endif
+#ifdef SHADOWGRP
+		if (is_shadow_grp) {
+			if (sgr_unlock () == 0) {
+				fprintf (stderr,
+				         _("%s: failed to unlock %s\n"),
+				         Prog, sgr_dbname ());
+				SYSLOG ((LOG_ERR,
+				         "failed to unlock %s",
+				         sgr_dbname ()));
+				/* continue */
+			}
+		}
+#endif
+		if (gr_unlock () == 0) {
+			fprintf (stderr,
+			         _("%s: failed to unlock %s\n"),
+			         Prog, gr_dbname ());
+			SYSLOG ((LOG_ERR,
+			         "failed to unlock %s",
+			         gr_dbname ()));
+			/* continue */
+		}
+	}
+
+	if (is_shadow_pwd) {
+		if (spw_unlock () == 0) {
+			fprintf (stderr,
+			         _("%s: failed to unlock %s\n"),
+			         Prog, spw_dbname ());
+			SYSLOG ((LOG_ERR,
+			         "failed to unlock %s",
+			         spw_dbname ()));
+			/* continue */
+		}
+	}
+	if (pw_unlock () == 0) {
+		fprintf (stderr,
+		         _("%s: failed to unlock %s\n"),
+		         Prog, pw_dbname ());
+		SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+		/* continue */
+	}
+
+	pw_locked = false;
+	spw_locked = false;
+	gr_locked = false;
+#ifdef	SHADOWGRP
+	sgr_locked = false;
+#endif
+
+#ifdef ENABLE_SUBIDS
+	if (vflg || Vflg) {
+		if (sub_uid_close () == 0) {
+			fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sub_uid_dbname ());
+			SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_uid_dbname ()));
+			fail_exit (E_SUB_UID_UPDATE);
+		}
+		if (sub_uid_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
+			/* continue */
+		}
+		sub_uid_locked = false;
+	}
+	if (wflg || Wflg) {
+		if (sub_gid_close () == 0) {
+			fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sub_gid_dbname ());
+			SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_gid_dbname ()));
+			fail_exit (E_SUB_GID_UPDATE);
+		}
+		if (sub_gid_unlock () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
+			SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
+			/* continue */
+		}
+		sub_gid_locked = false;
+	}
+#endif				/* ENABLE_SUBIDS */
+
+	/*
+	 * Close the DBM and/or flat files
+	 */
+	endpwent ();
+	endspent ();
+	endgrent ();
+#ifdef	SHADOWGRP
+	endsgent ();
+#endif
+}
+
+/*
+ * open_files - lock and open the password files
+ *
+ *	open_files() opens the two password files.
+ */
+static void open_files (void)
+{
+	if (pw_lock () == 0) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, pw_dbname ());
+		fail_exit (E_PW_UPDATE);
+	}
+	pw_locked = true;
+	if (pw_open (O_CREAT | O_RDWR) == 0) {
+		fprintf (stderr,
+		         _("%s: cannot open %s\n"),
+		         Prog, pw_dbname ());
+		fail_exit (E_PW_UPDATE);
+	}
+	if (is_shadow_pwd && (spw_lock () == 0)) {
+		fprintf (stderr,
+		         _("%s: cannot lock %s; try again later.\n"),
+		         Prog, spw_dbname ());
+		fail_exit (E_PW_UPDATE);
+	}
+	spw_locked = true;
+	if (is_shadow_pwd && (spw_open (O_CREAT | O_RDWR) == 0)) {
+		fprintf (stderr,
+		         _("%s: cannot open %s\n"),
+		         Prog, spw_dbname ());
+		fail_exit (E_PW_UPDATE);
+	}
+
+	if (Gflg || lflg) {
+		/*
+		 * Lock and open the group file. This will load all of the
+		 * group entries.
+		 */
+		if (gr_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, gr_dbname ());
+			fail_exit (E_GRP_UPDATE);
+		}
+		gr_locked = true;
+		if (gr_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, gr_dbname ());
+			fail_exit (E_GRP_UPDATE);
+		}
+#ifdef SHADOWGRP
+		if (is_shadow_grp && (sgr_lock () == 0)) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, sgr_dbname ());
+			fail_exit (E_GRP_UPDATE);
+		}
+		sgr_locked = true;
+		if (is_shadow_grp && (sgr_open (O_CREAT | O_RDWR) == 0)) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, sgr_dbname ());
+			fail_exit (E_GRP_UPDATE);
+		}
+#endif
+	}
+#ifdef ENABLE_SUBIDS
+	if (vflg || Vflg) {
+		if (sub_uid_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, sub_uid_dbname ());
+			fail_exit (E_SUB_UID_UPDATE);
+		}
+		sub_uid_locked = true;
+		if (sub_uid_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, sub_uid_dbname ());
+			fail_exit (E_SUB_UID_UPDATE);
+		}
+	}
+	if (wflg || Wflg) {
+		if (sub_gid_lock () == 0) {
+			fprintf (stderr,
+			         _("%s: cannot lock %s; try again later.\n"),
+			         Prog, sub_gid_dbname ());
+			fail_exit (E_SUB_GID_UPDATE);
+		}
+		sub_gid_locked = true;
+		if (sub_gid_open (O_CREAT | O_RDWR) == 0) {
+			fprintf (stderr,
+			         _("%s: cannot open %s\n"),
+			         Prog, sub_gid_dbname ());
+			fail_exit (E_SUB_GID_UPDATE);
+		}
+	}
+#endif				/* ENABLE_SUBIDS */
+}
+
+/*
+ * usr_update - create the user entries
+ *
+ *	usr_update() creates the password file entries for this user and
+ *	will update the group entries if required.
+ */
+static void usr_update (void)
+{
+	struct passwd pwent;
+	const struct passwd *pwd;
+
+	struct spwd spent;
+	const struct spwd *spwd = NULL;
+
+	/*
+	 * Locate the entry in /etc/passwd, which MUST exist.
+	 */
+	pwd = pw_locate (user_name);
+	if (NULL == pwd) {
+		fprintf (stderr,
+		         _("%s: user '%s' does not exist in %s\n"),
+		         Prog, user_name, pw_dbname ());
+		fail_exit (E_NOTFOUND);
+	}
+	pwent = *pwd;
+	new_pwent (&pwent);
+
+
+	/* If the shadow file does not exist, it won't be created */
+	if (is_shadow_pwd) {
+		spwd = spw_locate (user_name);
+		if (NULL != spwd) {
+			/* Update the shadow entry if it exists */
+			spent = *spwd;
+			new_spent (&spent);
+		} else if (   (    pflg
+		               && (strcmp (pwent.pw_passwd, SHADOW_PASSWD_STRING) == 0))
+		           || eflg || fflg) {
+			/* In some cases, we force the creation of a
+			 * shadow entry:
+			 *  + new password requested and passwd indicates
+			 *    a shadowed password
+			 *  + aging information is requested
+			 */
+			memset (&spent, 0, sizeof spent);
+			spent.sp_namp   = user_name;
+
+			/* The user explicitly asked for a shadow feature.
+			 * Enable shadowed passwords for this new account.
+			 */
+			spent.sp_pwdp   = xstrdup (pwent.pw_passwd);
+			pwent.pw_passwd = xstrdup (SHADOW_PASSWD_STRING);
+
+			spent.sp_lstchg = (long) gettime () / SCALE;
+			if (0 == spent.sp_lstchg) {
+				/* Better disable aging than
+				 * requiring a password change */
+				spent.sp_lstchg = -1;
+			}
+			spent.sp_min    = getdef_num ("PASS_MIN_DAYS", -1);
+			spent.sp_max    = getdef_num ("PASS_MAX_DAYS", -1);
+			spent.sp_warn   = getdef_num ("PASS_WARN_AGE", -1);
+			spent.sp_inact  = -1;
+			spent.sp_expire = -1;
+			spent.sp_flag   = SHADOW_SP_FLAG_UNSET;
+			new_spent (&spent);
+			spwd = &spent; /* entry needs to be committed */
+		}
+	}
+
+	if (lflg || uflg || gflg || cflg || dflg || sflg || pflg
+	    || Lflg || Uflg) {
+		if (pw_update (&pwent) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, pw_dbname (), pwent.pw_name);
+			fail_exit (E_PW_UPDATE);
+		}
+		if (lflg && (pw_remove (user_name) == 0)) {
+			fprintf (stderr,
+			         _("%s: cannot remove entry '%s' from %s\n"),
+			         Prog, user_name, pw_dbname ());
+			fail_exit (E_PW_UPDATE);
+		}
+	}
+	if ((NULL != spwd) && (lflg || eflg || fflg || pflg || Lflg || Uflg)) {
+		if (spw_update (&spent) == 0) {
+			fprintf (stderr,
+			         _("%s: failed to prepare the new %s entry '%s'\n"),
+			         Prog, spw_dbname (), spent.sp_namp);
+			fail_exit (E_PW_UPDATE);
+		}
+		if (lflg && (spw_remove (user_name) == 0)) {
+			fprintf (stderr,
+			         _("%s: cannot remove entry '%s' from %s\n"),
+			         Prog, user_name, spw_dbname ());
+			fail_exit (E_PW_UPDATE);
+		}
+	}
+}
+
+/*
+ * move_home - move the user's home directory
+ *
+ *	move_home() moves the user's home directory to a new location. The
+ *	files will be copied if the directory cannot simply be renamed.
+ */
+static void move_home (void)
+{
+	struct stat sb;
+
+	if (access (user_newhome, F_OK) == 0) {
+		/*
+		 * If the new home directory already exist, the user
+		 * should not use -m.
+		 */
+		fprintf (stderr,
+		         _("%s: directory %s exists\n"),
+		         Prog, user_newhome);
+		fail_exit (E_HOMEDIR);
+	}
+
+	if (stat (user_home, &sb) == 0) {
+		/*
+		 * Don't try to move it if it is not a directory
+		 * (but /dev/null for example).  --marekm
+		 */
+		if (!S_ISDIR (sb.st_mode)) {
+			fprintf (stderr,
+			         _("%s: The previous home directory (%s) was "
+			           "not a directory. It is not removed and no "
+			           "home directories are created.\n"),
+			         Prog, user_home);
+			fail_exit (E_HOMEDIR);
+		}
+
+#ifdef WITH_AUDIT
+		if (uflg || gflg) {
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+				      "changing home directory owner",
+				      user_newname, (unsigned int) user_newid, 1);
+		}
+#endif
+
+		if (rename (user_home, user_newhome) == 0) {
+			/* FIXME: rename above may have broken symlinks
+			 *        pointing to the user's home directory
+			 *        with an absolute path. */
+			if (chown_tree (user_newhome,
+			                user_id,  uflg ? user_newid  : (uid_t)-1,
+			                user_gid, gflg ? user_newgid : (gid_t)-1) != 0) {
+				fprintf (stderr,
+				         _("%s: Failed to change ownership of the home directory"),
+				         Prog);
+				fail_exit (E_HOMEDIR);
+			}
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			              "moving home directory",
+			              user_newname, (unsigned int) user_newid,
+			              1);
+#endif
+			return;
+		} else {
+			if (EXDEV == errno) {
+				if (copy_tree (user_home, user_newhome, true,
+				               true,
+				               user_id,
+				               uflg ? user_newid : (uid_t)-1,
+				               user_gid,
+				               gflg ? user_newgid : (gid_t)-1) == 0) {
+					if (remove_tree (user_home, true) != 0) {
+						fprintf (stderr,
+						         _("%s: warning: failed to completely remove old home directory %s"),
+						         Prog, user_home);
+					}
+#ifdef WITH_AUDIT
+					audit_logger (AUDIT_USER_CHAUTHTOK,
+					              Prog,
+					              "moving home directory",
+					              user_newname,
+					              (unsigned int) user_newid,
+					              1);
+#endif
+					return;
+				}
+
+				(void) remove_tree (user_newhome, true);
+			}
+			fprintf (stderr,
+			         _("%s: cannot rename directory %s to %s\n"),
+			         Prog, user_home, user_newhome);
+			fail_exit (E_HOMEDIR);
+		}
+	}
+}
+
+/*
+ * update_lastlog - update the lastlog file
+ *
+ * Relocate the "lastlog" entries for the user. The old entry is
+ * left alone in case the UID was shared. It doesn't hurt anything
+ * to just leave it be.
+ */
+static void update_lastlog (void)
+{
+	struct lastlog ll;
+	int fd;
+	off_t off_uid = (off_t) user_id * sizeof ll;
+	off_t off_newuid = (off_t) user_newid * sizeof ll;
+
+	if (access (LASTLOG_FILE, F_OK) != 0) {
+		return;
+	}
+
+	fd = open (LASTLOG_FILE, O_RDWR);
+
+	if (-1 == fd) {
+		fprintf (stderr,
+		         _("%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"),
+		         Prog, (unsigned long) user_id, (unsigned long) user_newid, strerror (errno));
+		return;
+	}
+
+	if (   (lseek (fd, off_uid, SEEK_SET) == off_uid)
+	    && (read (fd, &ll, sizeof ll) == (ssize_t) sizeof ll)) {
+		/* Copy the old entry to its new location */
+		if (   (lseek (fd, off_newuid, SEEK_SET) != off_newuid)
+		    || (write (fd, &ll, sizeof ll) != (ssize_t) sizeof ll)
+		    || (fsync (fd) != 0)
+		    || (close (fd) != 0)) {
+			fprintf (stderr,
+			         _("%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"),
+			         Prog, (unsigned long) user_id, (unsigned long) user_newid, strerror (errno));
+		}
+	} else {
+		/* Assume lseek or read failed because there is
+		 * no entry for the old UID */
+
+		/* Check if the new UID already has an entry */
+		if (   (lseek (fd, off_newuid, SEEK_SET) == off_newuid)
+		    && (read (fd, &ll, sizeof ll) == (ssize_t) sizeof ll)) {
+			/* Reset the new uid's lastlog entry */
+			memzero (&ll, sizeof (ll));
+			if (   (lseek (fd, off_newuid, SEEK_SET) != off_newuid)
+			    || (write (fd, &ll, sizeof ll) != (ssize_t) sizeof ll)
+			    || (fsync (fd) != 0)
+			    || (close (fd) != 0)) {
+				fprintf (stderr,
+				         _("%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"),
+				         Prog, (unsigned long) user_id, (unsigned long) user_newid, strerror (errno));
+			}
+		} else {
+			(void) close (fd);
+		}
+	}
+}
+
+/*
+ * update_faillog - update the faillog file
+ *
+ * Relocate the "faillog" entries for the user. The old entry is
+ * left alone in case the UID was shared. It doesn't hurt anything
+ * to just leave it be.
+ */
+static void update_faillog (void)
+{
+	struct faillog fl;
+	int fd;
+	off_t off_uid = (off_t) user_id * sizeof fl;
+	off_t off_newuid = (off_t) user_newid * sizeof fl;
+
+	if (access (FAILLOG_FILE, F_OK) != 0) {
+		return;
+	}
+
+	fd = open (FAILLOG_FILE, O_RDWR);
+
+	if (-1 == fd) {
+		fprintf (stderr,
+		         _("%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"),
+		         Prog, (unsigned long) user_id, (unsigned long) user_newid, strerror (errno));
+		return;
+	}
+
+	if (   (lseek (fd, off_uid, SEEK_SET) == off_uid)
+	    && (read (fd, (char *) &fl, sizeof fl) == (ssize_t) sizeof fl)) {
+		/* Copy the old entry to its new location */
+		if (   (lseek (fd, off_newuid, SEEK_SET) != off_newuid)
+		    || (write (fd, &fl, sizeof fl) != (ssize_t) sizeof fl)
+		    || (fsync (fd) != 0)
+		    || (close (fd) != 0)) {
+			fprintf (stderr,
+			         _("%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"),
+			         Prog, (unsigned long) user_id, (unsigned long) user_newid, strerror (errno));
+		}
+	} else {
+		/* Assume lseek or read failed because there is
+		 * no entry for the old UID */
+
+		/* Check if the new UID already has an entry */
+		if (   (lseek (fd, off_newuid, SEEK_SET) == off_newuid)
+		    && (read (fd, &fl, sizeof fl) == (ssize_t) sizeof fl)) {
+			/* Reset the new uid's faillog entry */
+			memzero (&fl, sizeof (fl));
+			if (   (lseek (fd, off_newuid, SEEK_SET) != off_newuid)
+			    || (write (fd, &fl, sizeof fl) != (ssize_t) sizeof fl)
+			    || (close (fd) != 0)) {
+				fprintf (stderr,
+				         _("%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"),
+				         Prog, (unsigned long) user_id, (unsigned long) user_newid, strerror (errno));
+			}
+		} else {
+			(void) close (fd);
+		}
+	}
+}
+
+#ifndef NO_MOVE_MAILBOX
+/*
+ * This is the new and improved code to carefully chown/rename the user's
+ * mailbox. Maybe I am too paranoid but the mail spool dir sometimes
+ * happens to be mode 1777 (this makes mail user agents work without
+ * being setgid mail, but is NOT recommended; they all should be fixed
+ * to use movemail).  --marekm
+ */
+static void move_mailbox (void)
+{
+	const char *maildir;
+	char mailfile[1024], newmailfile[1024];
+	int fd;
+	struct stat st;
+
+	maildir = getdef_str ("MAIL_DIR");
+#ifdef MAIL_SPOOL_DIR
+	if ((NULL == maildir) && (getdef_str ("MAIL_FILE") == NULL)) {
+		maildir = MAIL_SPOOL_DIR;
+	}
+#endif
+	if (NULL == maildir) {
+		return;
+	}
+
+	/*
+	 * O_NONBLOCK is to make sure open won't hang on mandatory locks.
+	 * We do fstat/fchown to make sure there are no races (someone
+	 * replacing /var/spool/mail/luser with a hard link to /etc/passwd
+	 * between stat and chown).  --marekm
+	 */
+	(void) snprintf (mailfile, sizeof mailfile, "%s/%s",
+	                 maildir, user_name);
+	mailfile[(sizeof mailfile) - 1] = '\0';
+	fd = open (mailfile, O_RDONLY | O_NONBLOCK, 0);
+	if (fd < 0) {
+		/* no need for warnings if the mailbox doesn't exist */
+		if (errno != ENOENT) {
+			perror (mailfile);
+		}
+		return;
+	}
+	if (fstat (fd, &st) < 0) {
+		perror ("fstat");
+		(void) close (fd);
+		return;
+	}
+	if (st.st_uid != user_id) {
+		/* better leave it alone */
+		fprintf (stderr, _("%s: warning: %s not owned by %s\n"),
+		         Prog, mailfile, user_name);
+		(void) close (fd);
+		return;
+	}
+	if (uflg) {
+		if (fchown (fd, user_newid, (gid_t) -1) < 0) {
+			perror (_("failed to change mailbox owner"));
+		}
+#ifdef WITH_AUDIT
+		else {
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			              "changing mail file owner",
+			              user_newname, (unsigned int) user_newid, 1);
+		}
+#endif
+	}
+
+	(void) close (fd);
+
+	if (lflg) {
+		(void) snprintf (newmailfile, sizeof newmailfile, "%s/%s",
+		                 maildir, user_newname);
+		newmailfile[(sizeof newmailfile) - 1] = '\0';
+		if (   (link (mailfile, newmailfile) != 0)
+		    || (unlink (mailfile) != 0)) {
+			perror (_("failed to rename mailbox"));
+		}
+#ifdef WITH_AUDIT
+		else {
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			              "changing mail file name",
+			              user_newname, (unsigned int) user_newid, 1);
+		}
+#endif
+	}
+}
+#endif
+
+/*
+ * main - usermod command
+ */
+int main (int argc, char **argv)
+{
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+	pam_handle_t *pamh = NULL;
+	int retval;
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+
+	/*
+	 * Get my name so that I can use it to report errors.
+	 */
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	OPENLOG ("usermod");
+#ifdef WITH_AUDIT
+	audit_help_open ();
+#endif
+
+	sys_ngroups = sysconf (_SC_NGROUPS_MAX);
+	user_groups = (char **) malloc (sizeof (char *) * (1 + sys_ngroups));
+	user_groups[0] = (char *) 0;
+
+	is_shadow_pwd = spw_file_present ();
+#ifdef SHADOWGRP
+	is_shadow_grp = sgr_file_present ();
+#endif
+#ifdef ENABLE_SUBIDS
+	is_sub_uid = sub_uid_file_present ();
+	is_sub_gid = sub_gid_file_present ();
+#endif				/* ENABLE_SUBIDS */
+
+	process_flags (argc, argv);
+
+	/*
+	 * The home directory, the username and the user's UID should not
+	 * be changed while the user is logged in.
+	 */
+	if (   (uflg || lflg || dflg
+#ifdef ENABLE_SUBIDS
+	        || Vflg || Wflg
+#endif				/* ENABLE_SUBIDS */
+	       )
+	    && (user_busy (user_name, user_id) != 0)) {
+		exit (E_USER_BUSY);
+	}
+
+#ifdef ACCT_TOOLS_SETUID
+#ifdef USE_PAM
+	{
+		struct passwd *pampw;
+		pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+		if (pampw == NULL) {
+			fprintf (stderr,
+			         _("%s: Cannot determine your user name.\n"),
+			         Prog);
+			exit (1);
+		}
+
+		retval = pam_start ("usermod", pampw->pw_name, &conv, &pamh);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_authenticate (pamh, 0);
+	}
+
+	if (PAM_SUCCESS == retval) {
+		retval = pam_acct_mgmt (pamh, 0);
+	}
+
+	if (PAM_SUCCESS != retval) {
+		fprintf (stderr, _("%s: PAM: %s\n"),
+		         Prog, pam_strerror (pamh, retval));
+		SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+		if (NULL != pamh) {
+			(void) pam_end (pamh, retval);
+		}
+		exit (1);
+	}
+	(void) pam_end (pamh, retval);
+#endif				/* USE_PAM */
+#endif				/* ACCT_TOOLS_SETUID */
+
+#ifdef WITH_TCB
+	if (shadowtcb_set_user (user_name) == SHADOWTCB_FAILURE) {
+		exit (E_PW_UPDATE);
+	}
+#endif
+
+	/*
+	 * Do the hard stuff - open the files, change the user entries,
+	 * change the home directory, then close and update the files.
+	 */
+	open_files ();
+	if (   cflg || dflg || eflg || fflg || gflg || Lflg || lflg || pflg
+	    || sflg || uflg || Uflg) {
+		usr_update ();
+	}
+	if (Gflg || lflg) {
+		grp_update ();
+	}
+#ifdef ENABLE_SUBIDS
+	if (Vflg) {
+		struct ulong_range_list_entry *ptr;
+		for (ptr = del_sub_uids; ptr != NULL; ptr = ptr->next) {
+			unsigned long count = ptr->range.last - ptr->range.first + 1;
+			if (sub_uid_remove(user_name, ptr->range.first, count) == 0) {
+				fprintf (stderr,
+					_("%s: failed to remove uid range %lu-%lu from '%s'\n"),
+					Prog, ptr->range.first, ptr->range.last, 
+					sub_uid_dbname ());
+				fail_exit (E_SUB_UID_UPDATE);
+			}
+		}
+	}
+	if (vflg) {
+		struct ulong_range_list_entry *ptr;
+		for (ptr = add_sub_uids; ptr != NULL; ptr = ptr->next) {
+			unsigned long count = ptr->range.last - ptr->range.first + 1;
+			if (sub_uid_add(user_name, ptr->range.first, count) == 0) {
+				fprintf (stderr,
+					_("%s: failed to add uid range %lu-%lu to '%s'\n"),
+					Prog, ptr->range.first, ptr->range.last, 
+					sub_uid_dbname ());
+				fail_exit (E_SUB_UID_UPDATE);
+			}
+		}
+	}
+	if (Wflg) {
+		struct ulong_range_list_entry *ptr;
+		for (ptr = del_sub_gids; ptr != NULL; ptr = ptr->next) {
+			unsigned long count = ptr->range.last - ptr->range.first + 1;
+			if (sub_gid_remove(user_name, ptr->range.first, count) == 0) {
+				fprintf (stderr,
+					_("%s: failed to remove gid range %lu-%lu from '%s'\n"),
+					Prog, ptr->range.first, ptr->range.last, 
+					sub_gid_dbname ());
+				fail_exit (E_SUB_GID_UPDATE);
+			}
+		}
+	}
+	if (wflg) {
+		struct ulong_range_list_entry *ptr;
+		for (ptr = add_sub_gids; ptr != NULL; ptr = ptr->next) {
+			unsigned long count = ptr->range.last - ptr->range.first + 1;
+			if (sub_gid_add(user_name, ptr->range.first, count) == 0) {
+				fprintf (stderr,
+					_("%s: failed to add gid range %lu-%lu to '%s'\n"),
+					Prog, ptr->range.first, ptr->range.last, 
+					sub_gid_dbname ());
+				fail_exit (E_SUB_GID_UPDATE);
+			}
+		}
+	}
+#endif				/* ENABLE_SUBIDS */
+	close_files ();
+
+#ifdef WITH_TCB
+	if (   (lflg || uflg)
+	    && (shadowtcb_move (user_newname, user_newid) == SHADOWTCB_FAILURE) ) {
+		exit (E_PW_UPDATE);
+	}
+#endif
+
+	nscd_flush_cache ("passwd");
+	nscd_flush_cache ("group");
+
+#ifdef WITH_SELINUX
+	if (Zflg) {
+		if ('\0' != *user_selinux) {
+			if (set_seuser (user_name, user_selinux) != 0) {
+				fprintf (stderr,
+				         _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
+				         Prog, user_name, user_selinux);
+#ifdef WITH_AUDIT
+				audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+				              "modifying User mapping ",
+				              user_name, (unsigned int) user_id,
+				              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+				fail_exit (E_SE_UPDATE);
+			}
+		} else {
+			if (del_seuser (user_name) != 0) {
+				fprintf (stderr,
+				         _("%s: warning: the user name %s to SELinux user mapping removal failed.\n"),
+				         Prog, user_name);
+#ifdef WITH_AUDIT
+				audit_logger (AUDIT_ADD_USER, Prog,
+				              "removing SELinux user mapping",
+				              user_name, (unsigned int) user_id,
+				              SHADOW_AUDIT_FAILURE);
+#endif				/* WITH_AUDIT */
+				fail_exit (E_SE_UPDATE);
+			}
+		}
+	}
+#endif				/* WITH_SELINUX */
+
+	if (mflg) {
+		move_home ();
+	}
+
+#ifndef NO_MOVE_MAILBOX
+	if (lflg || uflg) {
+		move_mailbox ();
+	}
+#endif				/* NO_MOVE_MAILBOX */
+
+	if (uflg) {
+		update_lastlog ();
+		update_faillog ();
+	}
+
+	if (!mflg && (uflg || gflg)) {
+		if (access (dflg ? user_newhome : user_home, F_OK) == 0) {
+			/*
+			 * Change the UID on all of the files owned by
+			 * `user_id' to `user_newid' in the user's home
+			 * directory.
+			 *
+			 * move_home() already takes care of changing the
+			 * ownership.
+			 *
+			 */
+#ifdef WITH_AUDIT
+			if (uflg || gflg) {
+				audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+					      "changing home directory owner",
+					      user_newname, (unsigned int) user_newid, 1);
+			}
+#endif
+			if (chown_tree (dflg ? user_newhome : user_home,
+			                user_id,
+			                uflg ? user_newid  : (uid_t)-1,
+			                user_gid,
+			                gflg ? user_newgid : (gid_t)-1) != 0) {
+				fprintf (stderr,
+				         _("%s: Failed to change ownership of the home directory"),
+				         Prog);
+				fail_exit (E_HOMEDIR);
+			}
+		}
+	}
+
+	return E_SUCCESS;
+}
+
diff --git a/src/vipw.c b/src/vipw.c
new file mode 100644
index 0000000..6d730f6
--- /dev/null
+++ b/src/vipw.c
@@ -0,0 +1,562 @@
+/*
+  vipw, vigr  edit the password or group file
+  with -s will edit shadow or gshadow file
+
+  Copyright (c) 1997       , Guy Maor <maor@ece.utexas.edu>
+  Copyright (c) 1999 - 2000, Marek Michałkiewicz
+  Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko
+  Copyright (c) 2007 - 2013, Nicolas François
+  All rights reserved.
+
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free Software Foundation; either version 2 of the License, or
+  (at your option) any later version.
+
+  This program is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  General Public License for more details.
+
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 51 Franklin Street, Fifth Floor,
+  Boston, MA 02110-1301, USA.  */
+
+#include <config.h>
+
+#ident "$Id$"
+
+#include <errno.h>
+#include <getopt.h>
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#endif				/* WITH_SELINUX */
+#include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <utime.h>
+#include "defines.h"
+#include "groupio.h"
+#include "nscd.h"
+#include "prototypes.h"
+#include "pwio.h"
+#include "sgroupio.h"
+#include "shadowio.h"
+/*@-exitarg@*/
+#include "exitcodes.h"
+#ifdef WITH_TCB
+#include <tcb.h>
+#include "tcbfuncs.h"
+#endif				/* WITH_TCB */
+
+#define MSG_WARN_EDIT_OTHER_FILE _( \
+	"You have modified %s.\n"\
+	"You may need to modify %s for consistency.\n"\
+	"Please use the command '%s' to do so.\n")
+
+/*
+ * Global variables
+ */
+const char *Prog;
+
+static const char *filename, *fileeditname;
+static bool filelocked = false;
+static bool createedit = false;
+static int (*unlock) (void);
+static bool quiet = false;
+#ifdef WITH_TCB
+static const char *user = NULL;
+static bool tcb_mode = false;
+#define SHADOWTCB_SCRATCHDIR ":tmp"
+#endif				/* WITH_TCB */
+
+/* local function prototypes */
+static void usage (int status);
+static int create_backup_file (FILE *, const char *, struct stat *);
+static void vipwexit (const char *msg, int syserr, int ret);
+static void vipwedit (const char *, int (*)(void), int (*)(void));
+
+/*
+ * usage - display usage message and exit
+ */
+static void usage (int status)
+{
+	FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+	(void) fprintf (stderr,
+	                _("Usage: %s [options]\n"
+	                  "\n"
+	                  "Options:\n"),
+	                Prog);
+	(void) fputs (_("  -g, --group                   edit group database\n"), usageout);
+	(void) fputs (_("  -h, --help                    display this help message and exit\n"), usageout);
+	(void) fputs (_("  -p, --passwd                  edit passwd database\n"), usageout);
+	(void) fputs (_("  -q, --quiet                   quiet mode\n"), usageout);
+	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
+	(void) fputs (_("  -s, --shadow                  edit shadow or gshadow database\n"), usageout);
+#ifdef WITH_TCB
+	(void) fputs (_("  -u, --user                    which user's tcb shadow file to edit\n"), usageout);
+#endif				/* WITH_TCB */
+	(void) fputs (_("\n"), usageout);
+	exit (status);
+}
+
+/*
+ *
+ */
+static int create_backup_file (FILE * fp, const char *backup, struct stat *sb)
+{
+	struct utimbuf ub;
+	FILE *bkfp;
+	int c;
+	mode_t mask;
+
+	mask = umask (077);
+	bkfp = fopen (backup, "w");
+	(void) umask (mask);
+	if (NULL == bkfp) {
+		return -1;
+	}
+
+	c = 0;
+	if (fseeko (fp, 0, SEEK_SET) == 0)
+		while ((c = getc (fp)) != EOF) {
+			if (putc (c, bkfp) == EOF) {
+				break;
+			}
+		}
+	if ((EOF != c) || (ferror (fp) != 0) || (fflush (bkfp) != 0)) {
+		fclose (bkfp);
+		unlink (backup);
+		return -1;
+	}
+	if (fsync (fileno (bkfp)) != 0) {
+		(void) fclose (bkfp);
+		unlink (backup);
+		return -1;
+	}
+	if (fclose (bkfp) != 0) {
+		unlink (backup);
+		return -1;
+	}
+
+	ub.actime = sb->st_atime;
+	ub.modtime = sb->st_mtime;
+	if (   (utime (backup, &ub) != 0)
+	    || (chmod (backup, sb->st_mode) != 0)
+	    || (chown (backup, sb->st_uid, sb->st_gid) != 0)) {
+		unlink (backup);
+		return -1;
+	}
+	return 0;
+}
+
+/*
+ *
+ */
+static void vipwexit (const char *msg, int syserr, int ret)
+{
+	int err = errno;
+
+	if (createedit) {
+		if (unlink (fileeditname) != 0) {
+			fprintf (stderr, _("%s: failed to remove %s\n"), Prog, fileeditname);
+			/* continue */
+		}
+	}
+	if (filelocked) {
+		if ((*unlock) () == 0) {
+			fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, fileeditname);
+			SYSLOG ((LOG_ERR, "failed to unlock %s", fileeditname));
+			/* continue */
+		}
+	}
+	if (NULL != msg) {
+		fprintf (stderr, "%s: %s", Prog, msg);
+	}
+	if (0 != syserr) {
+		fprintf (stderr, ": %s", strerror (err));
+	}
+	if (   (NULL != msg)
+	    || (0 != syserr)) {
+		(void) fputs ("\n", stderr);
+	}
+	if (!quiet) {
+		fprintf (stdout, _("%s: %s is unchanged\n"), Prog,
+			 filename);
+	}
+	exit (ret);
+}
+
+#ifndef DEFAULT_EDITOR
+#define DEFAULT_EDITOR "vi"
+#endif
+
+/*
+ *
+ */
+static void
+vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void))
+{
+	const char *editor;
+	pid_t pid;
+	struct stat st1, st2;
+	int status;
+	FILE *f;
+	/* FIXME: the following should have variable sizes */
+	char filebackup[1024], fileedit[1024];
+	char *to_rename;
+
+	snprintf (filebackup, sizeof filebackup, "%s-", file);
+#ifdef WITH_TCB
+	if (tcb_mode) {
+		if (   (mkdir (TCB_DIR "/" SHADOWTCB_SCRATCHDIR, 0700) != 0)
+		    && (errno != EEXIST)) {
+			vipwexit (_("failed to create scratch directory"), errno, 1);
+		}
+		if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) {
+			vipwexit (_("failed to drop privileges"), errno, 1);
+		}
+		snprintf (fileedit, sizeof fileedit,
+		          TCB_DIR "/" SHADOWTCB_SCRATCHDIR "/.vipw.shadow.%s",
+		          user);
+	} else {
+#endif				/* WITH_TCB */
+		snprintf (fileedit, sizeof fileedit, "%s.edit", file);
+#ifdef WITH_TCB
+	}
+#endif				/* WITH_TCB */
+	unlock = file_unlock;
+	filename = file;
+	fileeditname = fileedit;
+
+	if (access (file, F_OK) != 0) {
+		vipwexit (file, 1, 1);
+	}
+#ifdef WITH_SELINUX
+	/* if SE Linux is enabled then set the context of all new files
+	   to be the context of the file we are editing */
+	if (is_selinux_enabled () != 0) {
+		security_context_t passwd_context=NULL;
+		int ret = 0;
+		if (getfilecon (file, &passwd_context) < 0) {
+			vipwexit (_("Couldn't get file context"), errno, 1);
+		}
+		ret = setfscreatecon (passwd_context);
+		freecon (passwd_context);
+		if (0 != ret) {
+			vipwexit (_("setfscreatecon () failed"), errno, 1);
+		}
+	}
+#endif				/* WITH_SELINUX */
+#ifdef WITH_TCB
+	if (tcb_mode && (shadowtcb_gain_priv () == SHADOWTCB_FAILURE)) {
+		vipwexit (_("failed to gain privileges"), errno, 1);
+	}
+#endif				/* WITH_TCB */
+	if (file_lock () == 0) {
+		vipwexit (_("Couldn't lock file"), errno, 5);
+	}
+	filelocked = true;
+#ifdef WITH_TCB
+	if (tcb_mode && (shadowtcb_drop_priv () == SHADOWTCB_FAILURE)) {
+		vipwexit (_("failed to drop privileges"), errno, 1);
+	}
+#endif				/* WITH_TCB */
+
+	/* edited copy has same owners, perm */
+	if (stat (file, &st1) != 0) {
+		vipwexit (file, 1, 1);
+	}
+	f = fopen (file, "r");
+	if (NULL == f) {
+		vipwexit (file, 1, 1);
+	}
+#ifdef WITH_TCB
+	if (tcb_mode && (shadowtcb_gain_priv () == SHADOWTCB_FAILURE))
+		vipwexit (_("failed to gain privileges"), errno, 1);
+#endif				/* WITH_TCB */
+	if (create_backup_file (f, fileedit, &st1) != 0) {
+		vipwexit (_("Couldn't make backup"), errno, 1);
+	}
+	(void) fclose (f);
+	createedit = true;
+
+	editor = getenv ("VISUAL");
+	if (NULL == editor) {
+		editor = getenv ("EDITOR");
+	}
+	if (NULL == editor) {
+		editor = DEFAULT_EDITOR;
+	}
+
+	pid = fork ();
+	if (-1 == pid) {
+		vipwexit ("fork", 1, 1);
+	} else if (0 == pid) {
+		/* use the system() call to invoke the editor so that it accepts
+		   command line args in the EDITOR and VISUAL environment vars */
+		char *buf;
+		int status;
+
+		buf = (char *) malloc (strlen (editor) + strlen (fileedit) + 2);
+		snprintf (buf, strlen (editor) + strlen (fileedit) + 2,
+		          "%s %s", editor, fileedit);
+		status = system (buf);
+		if (-1 == status) {
+			fprintf (stderr, _("%s: %s: %s\n"), Prog, editor,
+			         strerror (errno));
+			exit (1);
+		} else if (   WIFEXITED (status)
+		           && (WEXITSTATUS (status) != 0)) {
+			fprintf (stderr, _("%s: %s returned with status %d\n"),
+			         Prog, editor, WEXITSTATUS (status));
+			exit (WEXITSTATUS (status));
+		} else if (WIFSIGNALED (status)) {
+			fprintf (stderr, _("%s: %s killed by signal %d\n"),
+			         Prog, editor, WTERMSIG (status));
+			exit (1);
+		} else {
+			exit (0);
+		}
+	}
+
+	for (;;) {
+		pid = waitpid (pid, &status, WUNTRACED);
+		if ((pid != -1) && (WIFSTOPPED (status) != 0)) {
+			/* The child (editor) was suspended.
+			 * Suspend vipw. */
+			kill (getpid (), SIGSTOP);
+			/* wake child when resumed */
+			kill (pid, SIGCONT);
+		} else {
+			break;
+		}
+	}
+
+	if (-1 == pid) {
+		vipwexit (editor, 1, 1);
+	} else if (   WIFEXITED (status)
+	           && (WEXITSTATUS (status) != 0)) {
+		vipwexit (NULL, 0, WEXITSTATUS (status));
+	} else if (WIFSIGNALED (status)) {
+		fprintf (stderr, _("%s: %s killed by signal %d\n"),
+		         Prog, editor, WTERMSIG(status));
+		vipwexit (NULL, 0, 1);
+	}
+
+	if (stat (fileedit, &st2) != 0) {
+		vipwexit (fileedit, 1, 1);
+	}
+	if (st1.st_mtime == st2.st_mtime) {
+		vipwexit (0, 0, 0);
+	}
+#ifdef WITH_SELINUX
+	/* unset the fscreatecon */
+	if (is_selinux_enabled () != 0) {
+		if (setfscreatecon (NULL) != 0) {
+			vipwexit (_("setfscreatecon () failed"), errno, 1);
+		}
+	}
+#endif				/* WITH_SELINUX */
+
+	/*
+	 * XXX - here we should check fileedit for errors; if there are any,
+	 * ask the user what to do (edit again, save changes anyway, or quit
+	 * without saving). Use pwck or grpck to do the check.  --marekm
+	 */
+	createedit = false;
+#ifdef WITH_TCB
+	if (tcb_mode) {
+		f = fopen (fileedit, "r");
+		if (NULL == f) {
+			vipwexit (_("failed to open scratch file"), errno, 1);
+		}
+		if (unlink (fileedit) != 0) {
+			vipwexit (_("failed to unlink scratch file"), errno, 1);
+		}
+		if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) {
+			vipwexit (_("failed to drop privileges"), errno, 1);
+		}
+		if (stat (file, &st1) != 0) {
+			vipwexit (_("failed to stat edited file"), errno, 1);
+		}
+		to_rename = malloc (strlen (file) + 2);
+		if (NULL == to_rename) {
+			vipwexit (_("failed to allocate memory"), errno, 1);
+		}
+		snprintf (to_rename, strlen (file) + 2, "%s+", file);
+		if (create_backup_file (f, to_rename, &st1) != 0) {
+			free (to_rename);
+			vipwexit (_("failed to create backup file"), errno, 1);
+		}
+		(void) fclose (f);
+	} else {
+#endif				/* WITH_TCB */
+		to_rename = fileedit;
+#ifdef WITH_TCB
+	}
+#endif				/* WITH_TCB */
+	unlink (filebackup);
+	link (file, filebackup);
+	if (rename (to_rename, file) == -1) {
+		fprintf (stderr,
+		         _("%s: can't restore %s: %s (your changes are in %s)\n"),
+		         Prog, file, strerror (errno), to_rename);
+#ifdef WITH_TCB
+		if (tcb_mode) {
+			free (to_rename);
+		}
+#endif				/* WITH_TCB */
+		vipwexit (0, 0, 1);
+	}
+
+#ifdef WITH_TCB
+	if (tcb_mode) {
+		free (to_rename);
+		if (shadowtcb_gain_priv () == SHADOWTCB_FAILURE) {
+			vipwexit (_("failed to gain privileges"), errno, 1);
+		}
+	}
+#endif				/* WITH_TCB */
+
+	if ((*file_unlock) () == 0) {
+		fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, fileeditname);
+		SYSLOG ((LOG_ERR, "failed to unlock %s", fileeditname));
+		/* continue */
+	}
+	SYSLOG ((LOG_INFO, "file %s edited", fileeditname));
+}
+
+int main (int argc, char **argv)
+{
+	bool editshadow = false;
+	bool do_vipw;
+
+	Prog = Basename (argv[0]);
+
+	(void) setlocale (LC_ALL, "");
+	(void) bindtextdomain (PACKAGE, LOCALEDIR);
+	(void) textdomain (PACKAGE);
+
+	process_root_flag ("-R", argc, argv);
+
+	do_vipw = (strcmp (Prog, "vigr") != 0);
+
+	OPENLOG (do_vipw ? "vipw" : "vigr");
+
+	{
+		/*
+		 * Parse the command line options.
+		 */
+		int c;
+		static struct option long_options[] = {
+			{"group",  no_argument,       NULL, 'g'},
+			{"help",   no_argument,       NULL, 'h'},
+			{"passwd", no_argument,       NULL, 'p'},
+			{"quiet",  no_argument,       NULL, 'q'},
+			{"root",   required_argument, NULL, 'R'},
+			{"shadow", no_argument,       NULL, 's'},
+#ifdef WITH_TCB
+			{"user",   required_argument, NULL, 'u'},
+#endif				/* WITH_TCB */
+			{NULL, 0, NULL, '\0'}
+		};
+		while ((c = getopt_long (argc, argv,
+#ifdef WITH_TCB
+		                         "ghpqR:su:",
+#else				/* !WITH_TCB */
+		                         "ghpqR:s",
+#endif				/* !WITH_TCB */
+		                         long_options, NULL)) != -1) {
+			switch (c) {
+			case 'g':
+				do_vipw = false;
+				break;
+			case 'h':
+				usage (E_SUCCESS);
+				break;
+			case 'p':
+				do_vipw = true;
+				break;
+			case 'q':
+				quiet = true;
+				break;
+			case 'R': /* no-op, handled in process_root_flag () */
+				break;
+			case 's':
+				editshadow = true;
+				break;
+#ifdef WITH_TCB
+			case 'u':
+				user = optarg;
+				break;
+#endif				/* WITH_TCB */
+			default:
+				usage (E_USAGE);
+			}
+		}
+
+		if (optind != argc) {
+			usage (E_USAGE);
+		}
+	}
+
+	if (do_vipw) {
+		if (editshadow) {
+#ifdef WITH_TCB
+			if (getdef_bool ("USE_TCB") && (NULL != user)) {
+				if (shadowtcb_set_user (user) == SHADOWTCB_FAILURE) {
+					fprintf (stderr,
+					         _("%s: failed to find tcb directory for %s\n"),
+					         Prog, user);
+					return E_SHADOW_NOTFOUND;
+				}
+				tcb_mode = true;
+			}
+#endif				/* WITH_TCB */
+			vipwedit (spw_dbname (), spw_lock, spw_unlock);
+			printf (MSG_WARN_EDIT_OTHER_FILE,
+			        spw_dbname (),
+			        pw_dbname (),
+			        "vipw");
+		} else {
+			vipwedit (pw_dbname (), pw_lock, pw_unlock);
+			if (spw_file_present ()) {
+				printf (MSG_WARN_EDIT_OTHER_FILE,
+				        pw_dbname (),
+				        spw_dbname (),
+				        "vipw -s");
+			}
+		}
+	} else {
+#ifdef SHADOWGRP
+		if (editshadow) {
+			vipwedit (sgr_dbname (), sgr_lock, sgr_unlock);
+			printf (MSG_WARN_EDIT_OTHER_FILE,
+			        sgr_dbname (),
+			        gr_dbname (),
+			        "vigr");
+		} else {
+#endif				/* SHADOWGRP */
+			vipwedit (gr_dbname (), gr_lock, gr_unlock);
+#ifdef SHADOWGRP
+			if (sgr_file_present ()) {
+				printf (MSG_WARN_EDIT_OTHER_FILE,
+				        gr_dbname (),
+				        sgr_dbname (),
+				        "vigr -s");
+			}
+		}
+#endif				/* SHADOWGRP */
+	}
+
+	nscd_flush_cache ("passwd");
+	nscd_flush_cache ("group");
+
+	return E_SUCCESS;
+}
+
diff --git a/tests/README b/tests/README
new file mode 100644
index 0000000..54844a5
--- /dev/null
+++ b/tests/README
@@ -0,0 +1,21 @@
+This testsuite is NOT SECURE: it will temporarily change your passwords file
+with known passwords.
+You should run it on a chroot, or on a secured dedicated system.
+
+
+
+To test a Debian system:
+	$ mkdir sid-chroot
+	$ sudo debootstrap sid sid-chroot/ http://ftp.fr.debian.org/debian/
+edit or copy a sources.list
+	$ sudo cp /etc/apt/sources.list sid-chroot/etc/apt/
+edit or copy a resolv.conf
+	$ sudo cp /etc/resolv.conf sid-chroot/etc/
+	$ su - root -c "chroot sid-chroot/ /bin/bash"
+	# mount -t proc proc /proc
+	# mount -t devpts devpts /dev/pts
+	# aptitude update
+	# aptitude install expect
+	# cd /dev ; mknod --mode=666 /dev/ptmx c 5 2
+
+
diff --git a/tests/bug332198-test.exp b/tests/bug332198-test.exp
new file mode 100755
index 0000000..fd365bb
--- /dev/null
+++ b/tests/bug332198-test.exp
@@ -0,0 +1,61 @@
+#!/usr/bin/expect -f
+
+# This is a script for repeatedly logging into the localhost
+# using `rlogin` in order to apparently see a symptoms described
+# in bug #332198.
+# As described in the bug log, sometimes `rlogind` will fail to
+# establish a connection, because it starts "login" process and
+# the latter fails with "unable to determine TTY name, got /dev/pts/1"
+# message.
+# 
+# BUGS
+# 
+# * the script rlogins to localhost
+# * the script doesn't handle passwdord prompt, because it's intended
+#   to use .rhosts auth and expects shell prompt immediately after
+#   `rlogin`
+# * the regexp for shell prompt is hardcoded
+
+log_user 0
+match_max 8192
+
+while {1} {
+    set rlogin_spawn [spawn rlogin localhost]
+    if { $rlogin_spawn == 0 } { exit 1 }
+    expect {
+	-timeout 10 -re "^.*(Last login\[^\r\n\]*).*\n(\[^\r\n\]*\[#$\] )$" {
+	    send_error "$expect_out(1,string)\n"
+	    send_error "$expect_out(2,string)\n"
+#	    send_error "$expect_out(0,string)\n"
+	}
+	timeout {
+	    send_error "TIMEOUT/prompt\n"
+	    send_error "$expect_out(buffer)\n"
+	    send_error "RETRYING\n"
+	    log_user 1
+	    send "tty /\r"
+	    expect -timeout 2 -re "^.*\r?\n(\[^\r\n\]*# )$" {}
+	    send "tty /\r"
+	    expect -timeout 2 -re "^.*\r?\n(\[^\r\n\]*# )$" {}
+	    send_error "\n"
+	    exit 2
+	}
+    }
+    send "tty\r"
+    expect {
+	-timeout 4 -re "tty\r?\n(\[^\r\n\]*)\r?\n(\[^\r\n\]*\[#$\] )$" {
+	    send_error "$expect_out(2,string)$expect_out(1,string)\n"
+#	    send_error "$expect_out(0,string)\n"
+	}
+	timeout { send_error "TIMEOUT/tty\n" ; exit 3 }
+    }
+    send "exit\r"
+    expect {
+	-timeout 2 eof {
+#	    send_error "OK4: EOF\n"
+	}
+	timeout { send_error "TIMEOUT/eof\n" ; exit 4 }
+    }
+    wait
+}
+# vi: set sw=4:
diff --git a/tests/bug334803-test.exp b/tests/bug334803-test.exp
new file mode 100755
index 0000000..05c7a91
--- /dev/null
+++ b/tests/bug334803-test.exp
@@ -0,0 +1,83 @@
+#!/usr/bin/expect --
+
+# This is a script for switching to another user and then
+# suspending (`suspend -f`) and resuming (`fg`) his shell
+
+package require cmdline
+set opts {
+    {s.arg "sudo su -"	"user switching method"}
+    {u.arg ""		"username to switch to"}
+}
+set usage ": \[options]\noptions:"
+array set conf [::cmdline::getoptions argv $opts $usage]
+
+log_user 1
+match_max 8192
+expect_after {
+    timeout { send_error "TIMEOUT\n" ; exit 1 }
+    eof     { send_error "EXITED\n" ; exit 2 }
+}
+set timeout 2
+
+# user switching command, by default `sudo su -`
+set swcmd $conf(s)
+# ending of typicall shell prompt (zsh/sh):
+set shpmt "(%|#|\\$) \\Z"
+catch {set shpmt $env(EXPECT_PROMPT)}
+# initial username:
+set user0 [exec id -un]
+# user we switch to (with $swcmd), by default initial user
+if {$conf(u) != ""} {set swuser $conf(u)} else {set swuser $user0}
+
+# 1. start shell
+spawn bash
+expect -re "$shpmt" {}
+
+# 2. sudo-ing swuser's shell:
+send "$swcmd $swuser\r"
+expect {
+    -re "$swuser.*$shpmt" {}
+    -re "assword: ?\\Z" {
+	stty -echo
+	expect_user -timeout -1 -re "(.*)\n" {set swpwd $expect_out(1,string)}
+	stty echo
+	send "$swpwd\r"
+	expect -re "$swuser.*$shpmt" {}
+    }
+}
+
+# 3. getting pid and ppid of swuser's shell (needed for 5b):
+send "echo \$\$:\$PPID\r"
+expect -re "(?n)^(\[\[:digit:\]\]*):(\[\[:digit:\]\]*)\r?\n(.*)$shpmt" {}
+set swpid  $expect_out(1,string)
+set swppid $expect_out(2,string)
+
+#send_error "$user0:$swpid:$swppid\n"
+
+# 4. suspending swuser's shell (trying to return to parent shell):
+send "suspend -f\r"
+expect {
+    -re "$shpmt" {
+	# 5a. got to parent shell -- resuming swuser's shell by `fg`:
+	send "fg\r"
+	set hung no
+    }
+    timeout {
+	# 5b. `suspend -f` has hung -- resuming swuser's shell by SIGCONT:
+	send_error "kill $swppid\n"
+	send_error [exec kill -CONT $swppid]
+	set hung yes
+    }
+}
+expect -re "$shpmt" {}
+
+# 6. exiting [both] shells
+#set swstat [wait -nowait]
+#send_error [pid]:[exp_pid]:$swstat\n
+send "exit\rexit\r"
+expect eof {}
+#send_error [wait -nowait]\n
+#exec kill -KILL -[exp_pid]
+if {$hung} {send_error "BUGGY\n" ; exit 3 }
+
+# vi:set sw=4:
diff --git a/tests/chage/01/data/chage1 b/tests/chage/01/data/chage1
new file mode 100644
index 0000000..64754ca
--- /dev/null
+++ b/tests/chage/01/data/chage1
@@ -0,0 +1,7 @@
+Last password change					: Jul 27, 2005
+Password expires					: never
+Password inactive					: never
+Account expires						: never
+Minimum number of days between password change		: 0
+Maximum number of days between password change		: 99999
+Number of days of warning before password expires	: 7
diff --git a/tests/chage/01/data/chage2 b/tests/chage/01/data/chage2
new file mode 100644
index 0000000..7efdc0c
--- /dev/null
+++ b/tests/chage/01/data/chage2
@@ -0,0 +1,7 @@
+Last password change					: Jul 28, 2005
+Password expires					: never
+Password inactive					: never
+Account expires						: never
+Minimum number of days between password change		: 1
+Maximum number of days between password change		: 99996
+Number of days of warning before password expires	: 5
diff --git a/tests/chage/01/data/chage3 b/tests/chage/01/data/chage3
new file mode 100644
index 0000000..a263db9
--- /dev/null
+++ b/tests/chage/01/data/chage3
@@ -0,0 +1,7 @@
+Last password change					: Jul 27, 2005
+Password expires					: never
+Password inactive					: never
+Account expires						: Jan 01, 1970
+Minimum number of days between password change		: 0
+Maximum number of days between password change		: 99999
+Number of days of warning before password expires	: 7
diff --git a/tests/chage/01/data/chage4 b/tests/chage/01/data/chage4
new file mode 100644
index 0000000..11e2f2d
--- /dev/null
+++ b/tests/chage/01/data/chage4
@@ -0,0 +1,7 @@
+Last password change					: Jul 27, 2005
+Password expires					: never
+Password inactive					: never
+Account expires						: Jan 02, 1970
+Minimum number of days between password change		: 0
+Maximum number of days between password change		: 99999
+Number of days of warning before password expires	: 7
diff --git a/tests/chage/01/data/chage5 b/tests/chage/01/data/chage5
new file mode 100644
index 0000000..64754ca
--- /dev/null
+++ b/tests/chage/01/data/chage5
@@ -0,0 +1,7 @@
+Last password change					: Jul 27, 2005
+Password expires					: never
+Password inactive					: never
+Account expires						: never
+Minimum number of days between password change		: 0
+Maximum number of days between password change		: 99999
+Number of days of warning before password expires	: 7
diff --git a/tests/chage/01/data/chage6 b/tests/chage/01/data/chage6
new file mode 100644
index 0000000..64754ca
--- /dev/null
+++ b/tests/chage/01/data/chage6
@@ -0,0 +1,7 @@
+Last password change					: Jul 27, 2005
+Password expires					: never
+Password inactive					: never
+Account expires						: never
+Minimum number of days between password change		: 0
+Maximum number of days between password change		: 99999
+Number of days of warning before password expires	: 7
diff --git a/tests/chage/01/data/chage7 b/tests/chage/01/data/chage7
new file mode 100644
index 0000000..64754ca
--- /dev/null
+++ b/tests/chage/01/data/chage7
@@ -0,0 +1,7 @@
+Last password change					: Jul 27, 2005
+Password expires					: never
+Password inactive					: never
+Account expires						: never
+Minimum number of days between password change		: 0
+Maximum number of days between password change		: 99999
+Number of days of warning before password expires	: 7
diff --git a/tests/chage/01/data/chage7b b/tests/chage/01/data/chage7b
new file mode 100644
index 0000000..0cea901
--- /dev/null
+++ b/tests/chage/01/data/chage7b
@@ -0,0 +1,7 @@
+Last password change					: Jul 26, 2005
+Password expires					: Aug 09, 2005
+Password inactive					: Sep 13, 2005
+Account expires						: Jul 27, 2012
+Minimum number of days between password change		: 13
+Maximum number of days between password change		: 14
+Number of days of warning before password expires	: 9
diff --git a/tests/chage/01/data/chage8 b/tests/chage/01/data/chage8
new file mode 100644
index 0000000..25151a2
--- /dev/null
+++ b/tests/chage/01/data/chage8
@@ -0,0 +1 @@
+chage: user 'myuser8' does not exist in /etc/passwd
diff --git a/tests/chage/01/data/group b/tests/chage/01/data/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/01/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/01/data/gshadow b/tests/chage/01/data/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/01/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/01/data/passwd b/tests/chage/01/data/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/01/data/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/01/data/shadow b/tests/chage/01/data/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/01/data/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/01/data/usage b/tests/chage/01/data/usage
new file mode 100644
index 0000000..31df15c
--- /dev/null
+++ b/tests/chage/01/data/usage
@@ -0,0 +1,16 @@
+Usage: chage [options] LOGIN
+
+Options:
+  -d, --lastday LAST_DAY        set date of last password change to LAST_DAY
+  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -h, --help                    display this help message and exit
+  -I, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -l, --list                    show account aging information
+  -m, --mindays MIN_DAYS        set minimum number of days before password
+                                change to MIN_DAYS
+  -M, --maxdays MAX_DAYS        set maximim number of days before password
+                                change to MAX_DAYS
+  -R, --root CHROOT_DIR         directory to chroot into
+  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS
+
diff --git a/tests/chage/01/run b/tests/chage/01/run
new file mode 100755
index 0000000..df64325
--- /dev/null
+++ b/tests/chage/01/run
@@ -0,0 +1,206 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test chage options
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save()
+{
+	[ ! -d tmp ] && mkdir tmp
+	for i in passwd group shadow gshadow
+	do
+		[ -f /etc/$i  ] && cp /etc/$i  tmp/$i
+		[ -f /etc/$i- ] && cp /etc/$i- tmp/$i-
+	done
+
+	true
+}
+
+restore()
+{
+	for i in passwd group shadow gshadow
+	do
+		[ -f tmp/$i  ] && cp tmp/$i  /etc/$i  && rm tmp/$i
+		[ -f tmp/$i- ] && cp tmp/$i- /etc/$i- && rm tmp/$i-
+	done
+	rm -f tmp/out
+	rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'if [ "$?" != "0" ]; then echo "FAIL"; fi; restore' 0
+
+for i in passwd group shadow gshadow
+do
+	cp data/$i /etc
+done
+
+echo -n "testing option -l"
+chage -l myuser1 > tmp/out
+diff -au data/chage1 tmp/out
+echo -n .
+chage -l myuser2 > tmp/out
+diff -au data/chage2 tmp/out
+echo -n .
+chage -l myuser3 > tmp/out
+diff -au data/chage3 tmp/out
+echo -n .
+chage -l myuser4 > tmp/out
+diff -au data/chage4 tmp/out
+echo -n .
+chage -l myuser5 > tmp/out
+diff -au data/chage5 tmp/out
+echo -n .
+chage -l myuser6 > tmp/out
+diff -au data/chage6 tmp/out
+echo -n .
+chage --list myuser7 > tmp/out
+diff -au data/chage7 tmp/out
+echo -n .
+msg=$(chage -l myuser8 2> tmp/out) || err=$?
+[ "$err" = "1" ] && [ "$msg" = "" ] || exit 1
+diff -au data/chage8 tmp/out
+echo .
+
+echo "testing option -d"
+chage -d 2001-10-02 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:11597:0:99999:7:1::' ] || exit 1
+echo "testing option -d -1"
+chage -d -1 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::0:99999:7:1::' ] || exit 1
+echo "testing option -d 0"
+chage -d 0 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:0:0:99999:7:1::' ] || exit 1
+echo "testing option --lastday"
+chage --lastday 2011-11-02 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:1::' ] || exit 1
+
+echo "testing option -E"
+chage -E 2010-10-02 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:1:14884:' ] || exit 1
+echo "testing option -E -1"
+chage -E -1 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:1::' ] || exit 1
+echo "testing option -E 0"
+chage -E 0 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:1:0:' ] || exit 1
+echo "testing option --expiredate"
+chage --expiredate 2020-02-02 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:1:18294:' ] || exit 1
+
+echo "testing option -I"
+# NOTE: I could pass a date to -I
+chage -I 42 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:42:18294:' ] || exit 1
+echo "testing option -I -1"
+# NOTE: this behavior is not documented
+chage -I -1 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7::18294:' ] || exit 1
+echo "testing option -I 0"
+# NOTE: We should check that this is the expected behavior
+chage -I 0 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:0:18294:' ] || exit 1
+echo "testing option --inactive"
+chage --inactive  12 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:12:18294:' ] || exit 1
+
+echo "testing option -m"
+chage -m 24 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:24:99999:7:12:18294:' ] || exit 1
+echo "testing option -m -1"
+# NOTE: this behavior is not documented
+chage -m -1 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280::99999:7:12:18294:' ] || exit 1
+echo "testing option -m 0"
+chage -m 0 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:0:99999:7:12:18294:' ] || exit 1
+echo "testing option --mindays"
+chage --min 1 myuser7
+# NOTE: that shouldn't have work
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:99999:7:12:18294:' ] || exit 1
+
+echo "testing option -M"
+chage -M 25 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:25:7:12:18294:' ] || exit 1
+echo "testing option -M -1"
+# NOTE: this behavior is not documented
+chage -M -1 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1::7:12:18294:' ] || exit 1
+echo "testing option -M 0"
+chage -M 0 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:0:7:12:18294:' ] || exit 1
+echo "testing option --maxdays"
+chage --max 2 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:2:7:12:18294:' ] || exit 1
+
+echo "testing option -W"
+chage -W 26 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:2:26:12:18294:' ] || exit 1
+echo "testing option -W -1"
+# NOTE: this behavior is not documented
+chage -W -1 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:2::12:18294:' ] || exit 1
+echo "testing option -W 0"
+chage -W 0 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:2:0:12:18294:' ] || exit 1
+echo "testing option --warndays"
+chage --warndays 3 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:15280:1:2:3:12:18294:' ] || exit 1
+
+echo "testing with all options"
+chage -d 2030-03-02 -E 1979-11-24 -I 10 -m 11 -M 12 --warndays 4 myuser7
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:21975:11:12:4:10:3614:' ] || exit 1
+
+echo "interractive test"
+./run1.exp
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12990:13:14:9:35:15548:' ] || exit 1
+
+echo "interractive test (default)"
+./run2.exp
+ent=$(getent shadow myuser7)
+[ "$ent" = 'myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12990:13:14:9:35:15548:' ] || exit 1
+chage -l myuser7 > tmp/out
+diff -au data/chage7b tmp/out
+
+echo "usage"
+chage -h > tmp/out || {
+	if [ "$?" != "2" ]; then false; fi
+}
+diff -au data/usage tmp/out
+
+echo "OK"
diff --git a/tests/chage/01/run1.exp b/tests/chage/01/run1.exp
new file mode 100755
index 0000000..0160fb1
--- /dev/null
+++ b/tests/chage/01/run1.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser7
+expect -re "Minimum Password Age .11\]: "
+send "13\r"
+expect -re "Maximum Password Age .12\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2030-03-02\]: "
+send "2005-07-26\r"
+expect -re "Password Expiration Warning .4\]: "
+send "9\r"
+expect -re "Password Inactive .10\]: "
+send "35\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .1979-11-24\]: "
+send "2012-07-27\r"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/01/run2.exp b/tests/chage/01/run2.exp
new file mode 100755
index 0000000..f4f342f
--- /dev/null
+++ b/tests/chage/01/run2.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser7
+expect -re "Minimum Password Age .13\]: "
+send "\r"
+expect -re "Maximum Password Age .14\]: "
+send "\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-26\]: "
+send "\r"
+expect -re "Password Expiration Warning .9\]: "
+send "\r"
+expect -re "Password Inactive .35\]: "
+send "\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .2012-07-27\]: "
+send "\r"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/02/data/group b/tests/chage/02/data/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/02/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/02/data/gshadow b/tests/chage/02/data/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/02/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/02/data/passwd b/tests/chage/02/data/passwd
new file mode 100644
index 0000000..5bec374
--- /dev/null
+++ b/tests/chage/02/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/02/data/shadow b/tests/chage/02/data/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chage/02/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chage/02/run b/tests/chage/02/run
new file mode 100755
index 0000000..74ac268
--- /dev/null
+++ b/tests/chage/02/run
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test chage with bogus inputs
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save()
+{
+	[ ! -d tmp ] && mkdir tmp
+	for i in passwd group shadow gshadow
+	do
+		[ -f /etc/$i  ] && cp /etc/$i  tmp/$i
+		[ -f /etc/$i- ] && cp /etc/$i- tmp/$i-
+	done
+
+	true
+}
+
+restore()
+{
+	for i in passwd group shadow gshadow
+	do
+		[ -f tmp/$i  ] && cp tmp/$i  /etc/$i  && rm tmp/$i
+		[ -f tmp/$i- ] && cp tmp/$i- /etc/$i- && rm tmp/$i-
+	done
+	rm -f tmp/out
+	rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'if [ "$?" != "0" ]; then echo "FAIL"; fi; restore' 0
+
+for i in passwd group shadow gshadow
+do
+	cp data/$i /etc
+done
+
+echo "interractive test"
+./run.exp $(date "+%Y-%m-%d")
+
+echo "OK"
diff --git a/tests/chage/02/run.exp b/tests/chage/02/run.exp
new file mode 100755
index 0000000..0dbb27d
--- /dev/null
+++ b/tests/chage/02/run.exp
@@ -0,0 +1,83 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+proc expect_error {} {
+	expect {
+		"chage: error changing fields" {
+			expect {
+				eof {
+				} default {
+					puts "\nFAIL"
+					exit 1
+				}
+			}
+		} default {
+			puts "\nFAIL"
+			exit 1
+		}
+	}
+}
+
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser
+expect -re "Minimum Password Age .0\]: "
+send -- "-2\r"
+expect_error
+
+spawn /usr/bin/chage myuser
+expect -re "Minimum Password Age .0\]: "
+send "foo\r"
+expect_error
+
+# chage accepts to be given only spaces
+#spawn /usr/bin/chage myuser
+#expect -re "Minimum Password Age .0\]: "
+#send -- "   \r"
+#expect_error
+#
+#chage may not parse all the arguments.
+#This may be a problem is a date is provided instead of just a number
+#spawn /usr/bin/chage myuser
+#expect -re "Minimum Password Age .0\]: "
+#send -- "1 2\r"
+#expect_error
+
+spawn /usr/bin/chage myuser
+expect -re "Minimum Password Age .0\]: "
+send "11\r"
+expect -re "Maximum Password Age .99999\]: "
+send -- "-2\r"
+expect_error
+
+spawn /usr/bin/chage myuser
+expect -re "Minimum Password Age .0\]: "
+send "\r"
+expect -re "Maximum Password Age .99999\]: "
+send "foo\r"
+expect_error
+
+# chage should verify the range of the arguments
+#spawn /usr/bin/chage myuser
+#expect -re "Minimum Password Age .0\]: "
+#send "\r"
+#expect -re "Maximum Password Age .99999\]: "
+#send "100000\r"
+#expect_error
+
+#spawn /usr/bin/chage myuser
+#expect -re "Minimum Password Age .0\]: "
+#send "\r"
+#expect -re "Maximum Password Age .99999\]: "
+#send "\r"
+#expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-25]: "
+#send "12\n"
+#expect_error
+
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/03_chsh_usage/chage.test b/tests/chage/03_chsh_usage/chage.test
new file mode 100755
index 0000000..db6200c
--- /dev/null
+++ b/tests/chage/03_chsh_usage/chage.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get chage usage (chage -h)..."
+chage -h >tmp/usage.out
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/03_chsh_usage/config.txt b/tests/chage/03_chsh_usage/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/03_chsh_usage/config.txt
diff --git a/tests/chage/03_chsh_usage/config/etc/group b/tests/chage/03_chsh_usage/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/03_chsh_usage/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/03_chsh_usage/config/etc/gshadow b/tests/chage/03_chsh_usage/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/03_chsh_usage/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/03_chsh_usage/config/etc/passwd b/tests/chage/03_chsh_usage/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/03_chsh_usage/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/03_chsh_usage/config/etc/shadow b/tests/chage/03_chsh_usage/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/03_chsh_usage/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/03_chsh_usage/data/usage.out b/tests/chage/03_chsh_usage/data/usage.out
new file mode 100644
index 0000000..31df15c
--- /dev/null
+++ b/tests/chage/03_chsh_usage/data/usage.out
@@ -0,0 +1,16 @@
+Usage: chage [options] LOGIN
+
+Options:
+  -d, --lastday LAST_DAY        set date of last password change to LAST_DAY
+  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -h, --help                    display this help message and exit
+  -I, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -l, --list                    show account aging information
+  -m, --mindays MIN_DAYS        set minimum number of days before password
+                                change to MIN_DAYS
+  -M, --maxdays MAX_DAYS        set maximim number of days before password
+                                change to MAX_DAYS
+  -R, --root CHROOT_DIR         directory to chroot into
+  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS
+
diff --git a/tests/chage/04_chsh_usage_invalid_option/chage.test b/tests/chage/04_chsh_usage_invalid_option/chage.test
new file mode 100755
index 0000000..1ba8163
--- /dev/null
+++ b/tests/chage/04_chsh_usage_invalid_option/chage.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage displays its usage message when an invalid option is used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use chage with an invalid option (chage -Z bin)..."
+chage -Z bin 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/04_chsh_usage_invalid_option/config.txt b/tests/chage/04_chsh_usage_invalid_option/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/04_chsh_usage_invalid_option/config.txt
diff --git a/tests/chage/04_chsh_usage_invalid_option/config/etc/group b/tests/chage/04_chsh_usage_invalid_option/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/04_chsh_usage_invalid_option/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/04_chsh_usage_invalid_option/config/etc/gshadow b/tests/chage/04_chsh_usage_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/04_chsh_usage_invalid_option/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/04_chsh_usage_invalid_option/config/etc/passwd b/tests/chage/04_chsh_usage_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/04_chsh_usage_invalid_option/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/04_chsh_usage_invalid_option/config/etc/shadow b/tests/chage/04_chsh_usage_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/04_chsh_usage_invalid_option/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/04_chsh_usage_invalid_option/data/usage.out b/tests/chage/04_chsh_usage_invalid_option/data/usage.out
new file mode 100644
index 0000000..21f71d6
--- /dev/null
+++ b/tests/chage/04_chsh_usage_invalid_option/data/usage.out
@@ -0,0 +1,17 @@
+chage: invalid option -- 'Z'
+Usage: chage [options] LOGIN
+
+Options:
+  -d, --lastday LAST_DAY        set date of last password change to LAST_DAY
+  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -h, --help                    display this help message and exit
+  -I, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -l, --list                    show account aging information
+  -m, --mindays MIN_DAYS        set minimum number of days before password
+                                change to MIN_DAYS
+  -M, --maxdays MAX_DAYS        set maximim number of days before password
+                                change to MAX_DAYS
+  -R, --root CHROOT_DIR         directory to chroot into
+  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS
+
diff --git a/tests/chage/05_chsh_usage_2_users/chage.test b/tests/chage/05_chsh_usage_2_users/chage.test
new file mode 100755
index 0000000..5860393
--- /dev/null
+++ b/tests/chage/05_chsh_usage_2_users/chage.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage displays its usage message when 2 users are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use chage with 2 users (chage -I 12 bin nobody)..."
+chage -I 12 bin nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/05_chsh_usage_2_users/config.txt b/tests/chage/05_chsh_usage_2_users/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/05_chsh_usage_2_users/config.txt
diff --git a/tests/chage/05_chsh_usage_2_users/config/etc/group b/tests/chage/05_chsh_usage_2_users/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/05_chsh_usage_2_users/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/05_chsh_usage_2_users/config/etc/gshadow b/tests/chage/05_chsh_usage_2_users/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/05_chsh_usage_2_users/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/05_chsh_usage_2_users/config/etc/passwd b/tests/chage/05_chsh_usage_2_users/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/05_chsh_usage_2_users/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/05_chsh_usage_2_users/config/etc/shadow b/tests/chage/05_chsh_usage_2_users/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/05_chsh_usage_2_users/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/05_chsh_usage_2_users/data/usage.out b/tests/chage/05_chsh_usage_2_users/data/usage.out
new file mode 100644
index 0000000..31df15c
--- /dev/null
+++ b/tests/chage/05_chsh_usage_2_users/data/usage.out
@@ -0,0 +1,16 @@
+Usage: chage [options] LOGIN
+
+Options:
+  -d, --lastday LAST_DAY        set date of last password change to LAST_DAY
+  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -h, --help                    display this help message and exit
+  -I, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -l, --list                    show account aging information
+  -m, --mindays MIN_DAYS        set minimum number of days before password
+                                change to MIN_DAYS
+  -M, --maxdays MAX_DAYS        set maximim number of days before password
+                                change to MAX_DAYS
+  -R, --root CHROOT_DIR         directory to chroot into
+  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS
+
diff --git a/tests/chage/06_chsh_usage_no_users/chage.test b/tests/chage/06_chsh_usage_no_users/chage.test
new file mode 100755
index 0000000..0851d6e
--- /dev/null
+++ b/tests/chage/06_chsh_usage_no_users/chage.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage displays its usage message when no users are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use chage without an user (chage -I 12)..."
+chage -I 12 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/06_chsh_usage_no_users/config.txt b/tests/chage/06_chsh_usage_no_users/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/06_chsh_usage_no_users/config.txt
diff --git a/tests/chage/06_chsh_usage_no_users/config/etc/group b/tests/chage/06_chsh_usage_no_users/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/06_chsh_usage_no_users/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/06_chsh_usage_no_users/config/etc/gshadow b/tests/chage/06_chsh_usage_no_users/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/06_chsh_usage_no_users/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/06_chsh_usage_no_users/config/etc/passwd b/tests/chage/06_chsh_usage_no_users/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/06_chsh_usage_no_users/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/06_chsh_usage_no_users/config/etc/shadow b/tests/chage/06_chsh_usage_no_users/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/06_chsh_usage_no_users/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/06_chsh_usage_no_users/data/usage.out b/tests/chage/06_chsh_usage_no_users/data/usage.out
new file mode 100644
index 0000000..31df15c
--- /dev/null
+++ b/tests/chage/06_chsh_usage_no_users/data/usage.out
@@ -0,0 +1,16 @@
+Usage: chage [options] LOGIN
+
+Options:
+  -d, --lastday LAST_DAY        set date of last password change to LAST_DAY
+  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -h, --help                    display this help message and exit
+  -I, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -l, --list                    show account aging information
+  -m, --mindays MIN_DAYS        set minimum number of days before password
+                                change to MIN_DAYS
+  -M, --maxdays MAX_DAYS        set maximim number of days before password
+                                change to MAX_DAYS
+  -R, --root CHROOT_DIR         directory to chroot into
+  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS
+
diff --git a/tests/chage/07_chsh_usage-l_exclusive/chage.test b/tests/chage/07_chsh_usage-l_exclusive/chage.test
new file mode 100755
index 0000000..9036f09
--- /dev/null
+++ b/tests/chage/07_chsh_usage-l_exclusive/chage.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage displays its usage message when -l is used with another option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+for opt in "-m 12" "-M 12" "-d 2011-09-11" "-W 12" "-I 12" "-E 2011-09-11"
+do
+	echo -n "Use chage with -l and $opt (chage -l $opt bin)..."
+	chage -l $opt bin 2>tmp/usage.out && exit 1 || {
+		status=$?
+	}
+	echo "OK"
+
+	echo -n "Check returned status ($status)..."
+	test "$status" = "2"
+	echo "OK"
+
+	echo "chage reported:"
+	echo "======================================================================="
+	cat tmp/usage.out
+	echo "======================================================================="
+	echo -n "Check the usage message..."
+	diff -au data/usage.out tmp/usage.out
+	echo "usage message OK."
+	rm -f tmp/usage.out
+done
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/07_chsh_usage-l_exclusive/config.txt b/tests/chage/07_chsh_usage-l_exclusive/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/07_chsh_usage-l_exclusive/config.txt
diff --git a/tests/chage/07_chsh_usage-l_exclusive/config/etc/group b/tests/chage/07_chsh_usage-l_exclusive/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/07_chsh_usage-l_exclusive/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/07_chsh_usage-l_exclusive/config/etc/gshadow b/tests/chage/07_chsh_usage-l_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/07_chsh_usage-l_exclusive/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/07_chsh_usage-l_exclusive/config/etc/passwd b/tests/chage/07_chsh_usage-l_exclusive/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/07_chsh_usage-l_exclusive/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/07_chsh_usage-l_exclusive/config/etc/shadow b/tests/chage/07_chsh_usage-l_exclusive/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/07_chsh_usage-l_exclusive/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/07_chsh_usage-l_exclusive/data/usage.out b/tests/chage/07_chsh_usage-l_exclusive/data/usage.out
new file mode 100644
index 0000000..b006b60
--- /dev/null
+++ b/tests/chage/07_chsh_usage-l_exclusive/data/usage.out
@@ -0,0 +1,17 @@
+chage: do not include "l" with other flags
+Usage: chage [options] LOGIN
+
+Options:
+  -d, --lastday LAST_DAY        set date of last password change to LAST_DAY
+  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -h, --help                    display this help message and exit
+  -I, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -l, --list                    show account aging information
+  -m, --mindays MIN_DAYS        set minimum number of days before password
+                                change to MIN_DAYS
+  -M, --maxdays MAX_DAYS        set maximim number of days before password
+                                change to MAX_DAYS
+  -R, --root CHROOT_DIR         directory to chroot into
+  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS
+
diff --git a/tests/chage/08_chsh_usage_invalid_date/chage.test b/tests/chage/08_chsh_usage_invalid_date/chage.test
new file mode 100755
index 0000000..90007fc
--- /dev/null
+++ b/tests/chage/08_chsh_usage_invalid_date/chage.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage displays its usage message when -l is used with another option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+for opt in "-d 2011-09" "-E 2011-09-09-11"
+do
+	echo -n "Use chage with an invalid date (chage $opt bin)..."
+	chage $opt bin 2>tmp/usage.out && exit 1 || {
+		status=$?
+	}
+	echo "OK"
+
+	echo -n "Check returned status ($status)..."
+	test "$status" = "2"
+	echo "OK"
+
+	echo "chage reported:"
+	echo "======================================================================="
+	cat tmp/usage.out
+	echo "======================================================================="
+	d=$(echo $opt | cut -d' ' -f2)
+	sed -e "s/'$d'/'DATE'/" -i tmp/usage.out
+	echo -n "Check the usage message..."
+	diff -au data/usage.out tmp/usage.out
+	echo "usage message OK."
+	rm -f tmp/usage.out
+done
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/08_chsh_usage_invalid_date/config.txt b/tests/chage/08_chsh_usage_invalid_date/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/08_chsh_usage_invalid_date/config.txt
diff --git a/tests/chage/08_chsh_usage_invalid_date/config/etc/group b/tests/chage/08_chsh_usage_invalid_date/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/08_chsh_usage_invalid_date/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/08_chsh_usage_invalid_date/config/etc/gshadow b/tests/chage/08_chsh_usage_invalid_date/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/08_chsh_usage_invalid_date/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/08_chsh_usage_invalid_date/config/etc/passwd b/tests/chage/08_chsh_usage_invalid_date/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/08_chsh_usage_invalid_date/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/08_chsh_usage_invalid_date/config/etc/shadow b/tests/chage/08_chsh_usage_invalid_date/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/08_chsh_usage_invalid_date/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/08_chsh_usage_invalid_date/data/usage.out b/tests/chage/08_chsh_usage_invalid_date/data/usage.out
new file mode 100644
index 0000000..cb49bf8
--- /dev/null
+++ b/tests/chage/08_chsh_usage_invalid_date/data/usage.out
@@ -0,0 +1,17 @@
+chage: invalid date 'DATE'
+Usage: chage [options] LOGIN
+
+Options:
+  -d, --lastday LAST_DAY        set date of last password change to LAST_DAY
+  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -h, --help                    display this help message and exit
+  -I, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -l, --list                    show account aging information
+  -m, --mindays MIN_DAYS        set minimum number of days before password
+                                change to MIN_DAYS
+  -M, --maxdays MAX_DAYS        set maximim number of days before password
+                                change to MAX_DAYS
+  -R, --root CHROOT_DIR         directory to chroot into
+  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS
+
diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/chage.test b/tests/chage/09_chsh_usage_invalid_numeric_arg/chage.test
new file mode 100755
index 0000000..36d11e5
--- /dev/null
+++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/chage.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage displays its usage message when -l is used with another option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+for opt in "-I -12" "-m -12" "-M -12" "-W -12" "-I a" "-m 12.5" "-M 12a" "-W a12"
+do
+	echo -n "Use chage with an invalid date (chage $opt bin)..."
+	chage $opt bin 2>tmp/usage.out && exit 1 || {
+		status=$?
+	}
+	echo "OK"
+
+	echo -n "Check returned status ($status)..."
+	test "$status" = "2"
+	echo "OK"
+
+	echo "chage reported:"
+	echo "======================================================================="
+	cat tmp/usage.out
+	echo "======================================================================="
+	v=$(echo $opt | cut -d' ' -f2)
+	sed -e "s/'$v'/'VAL'/" -i tmp/usage.out
+	echo -n "Check the usage message..."
+	diff -au data/usage.out tmp/usage.out
+	echo "usage message OK."
+	rm -f tmp/usage.out
+done
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/config.txt b/tests/chage/09_chsh_usage_invalid_numeric_arg/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/config.txt
diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/group b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/gshadow b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/passwd b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/shadow b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/09_chsh_usage_invalid_numeric_arg/data/usage.out b/tests/chage/09_chsh_usage_invalid_numeric_arg/data/usage.out
new file mode 100644
index 0000000..9fb70d6
--- /dev/null
+++ b/tests/chage/09_chsh_usage_invalid_numeric_arg/data/usage.out
@@ -0,0 +1,17 @@
+chage: invalid numeric argument 'VAL'
+Usage: chage [options] LOGIN
+
+Options:
+  -d, --lastday LAST_DAY        set date of last password change to LAST_DAY
+  -E, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -h, --help                    display this help message and exit
+  -I, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -l, --list                    show account aging information
+  -m, --mindays MIN_DAYS        set minimum number of days before password
+                                change to MIN_DAYS
+  -M, --maxdays MAX_DAYS        set maximim number of days before password
+                                change to MAX_DAYS
+  -R, --root CHROOT_DIR         directory to chroot into
+  -W, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS
+
diff --git a/tests/chage/10_chsh-l/chage.test b/tests/chage/10_chsh-l/chage.test
new file mode 100755
index 0000000..394c981
--- /dev/null
+++ b/tests/chage/10_chsh-l/chage.test
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage displays its usage message when -l is used with another option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+for user in $(ls data/)
+do
+	echo -n "Get $user aging info (chage -l $user)..."
+	chage -l $user >tmp/$user
+	echo "OK"
+
+	echo "chage reported:"
+	echo "======================================================================="
+	cat tmp/$user
+	echo "======================================================================="
+	echo -n "Compare with expected output..."
+	diff -au data/$user tmp/$user
+	echo "OK"
+	rm -f tmp/$user
+done
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/10_chsh-l/config.txt b/tests/chage/10_chsh-l/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/10_chsh-l/config.txt
diff --git a/tests/chage/10_chsh-l/config/etc/group b/tests/chage/10_chsh-l/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/10_chsh-l/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/10_chsh-l/config/etc/gshadow b/tests/chage/10_chsh-l/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/10_chsh-l/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/10_chsh-l/config/etc/passwd b/tests/chage/10_chsh-l/config/etc/passwd
new file mode 100644
index 0000000..31046cf
--- /dev/null
+++ b/tests/chage/10_chsh-l/config/etc/passwd
@@ -0,0 +1,32 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
+myuser8:x:424249:424242::/home:/bin/bash
+myuser9:x:424250:424242::/home:/bin/bash
+myuser10:x:424251:424242::/home:/bin/bash
+myuser11:x:424252:424242::/home:/bin/bash
+myuser12:x:424253:424242::/home:/bin/bash
+myuser13:x:424254:424242::/home:/bin/bash
diff --git a/tests/chage/10_chsh-l/config/etc/shadow b/tests/chage/10_chsh-l/config/etc/shadow
new file mode 100644
index 0000000..4b81469
--- /dev/null
+++ b/tests/chage/10_chsh-l/config/etc/shadow
@@ -0,0 +1,30 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:9999:7:1::
+myuser8:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::0:9999:7:1::
+myuser9:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:0:0:9999:7:1::
+myuser10:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0::7:1::
+#myuser11:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:9999:7:1::
diff --git a/tests/chage/10_chsh-l/data/myuser1 b/tests/chage/10_chsh-l/data/myuser1
new file mode 100644
index 0000000..64754ca
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser1
@@ -0,0 +1,7 @@
+Last password change					: Jul 27, 2005
+Password expires					: never
+Password inactive					: never
+Account expires						: never
+Minimum number of days between password change		: 0
+Maximum number of days between password change		: 99999
+Number of days of warning before password expires	: 7
diff --git a/tests/chage/10_chsh-l/data/myuser10 b/tests/chage/10_chsh-l/data/myuser10
new file mode 100644
index 0000000..8a9e5d1
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser10
@@ -0,0 +1,7 @@
+Last password change					: Jul 27, 2005
+Password expires					: never
+Password inactive					: never
+Account expires						: never
+Minimum number of days between password change		: 0
+Maximum number of days between password change		: -1
+Number of days of warning before password expires	: 7
diff --git a/tests/chage/10_chsh-l/data/myuser11 b/tests/chage/10_chsh-l/data/myuser11
new file mode 100644
index 0000000..a54ec7a
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser11
@@ -0,0 +1,7 @@
+Last password change					: never
+Password expires					: never
+Password inactive					: never
+Account expires						: never
+Minimum number of days between password change		: -1
+Maximum number of days between password change		: -1
+Number of days of warning before password expires	: -1
diff --git a/tests/chage/10_chsh-l/data/myuser2 b/tests/chage/10_chsh-l/data/myuser2
new file mode 100644
index 0000000..7efdc0c
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser2
@@ -0,0 +1,7 @@
+Last password change					: Jul 28, 2005
+Password expires					: never
+Password inactive					: never
+Account expires						: never
+Minimum number of days between password change		: 1
+Maximum number of days between password change		: 99996
+Number of days of warning before password expires	: 5
diff --git a/tests/chage/10_chsh-l/data/myuser3 b/tests/chage/10_chsh-l/data/myuser3
new file mode 100644
index 0000000..a263db9
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser3
@@ -0,0 +1,7 @@
+Last password change					: Jul 27, 2005
+Password expires					: never
+Password inactive					: never
+Account expires						: Jan 01, 1970
+Minimum number of days between password change		: 0
+Maximum number of days between password change		: 99999
+Number of days of warning before password expires	: 7
diff --git a/tests/chage/10_chsh-l/data/myuser4 b/tests/chage/10_chsh-l/data/myuser4
new file mode 100644
index 0000000..11e2f2d
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser4
@@ -0,0 +1,7 @@
+Last password change					: Jul 27, 2005
+Password expires					: never
+Password inactive					: never
+Account expires						: Jan 02, 1970
+Minimum number of days between password change		: 0
+Maximum number of days between password change		: 99999
+Number of days of warning before password expires	: 7
diff --git a/tests/chage/10_chsh-l/data/myuser5 b/tests/chage/10_chsh-l/data/myuser5
new file mode 100644
index 0000000..64754ca
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser5
@@ -0,0 +1,7 @@
+Last password change					: Jul 27, 2005
+Password expires					: never
+Password inactive					: never
+Account expires						: never
+Minimum number of days between password change		: 0
+Maximum number of days between password change		: 99999
+Number of days of warning before password expires	: 7
diff --git a/tests/chage/10_chsh-l/data/myuser6 b/tests/chage/10_chsh-l/data/myuser6
new file mode 100644
index 0000000..64754ca
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser6
@@ -0,0 +1,7 @@
+Last password change					: Jul 27, 2005
+Password expires					: never
+Password inactive					: never
+Account expires						: never
+Minimum number of days between password change		: 0
+Maximum number of days between password change		: 99999
+Number of days of warning before password expires	: 7
diff --git a/tests/chage/10_chsh-l/data/myuser7 b/tests/chage/10_chsh-l/data/myuser7
new file mode 100644
index 0000000..63debfb
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser7
@@ -0,0 +1,7 @@
+Last password change					: Jul 27, 2005
+Password expires					: Dec 11, 2032
+Password inactive					: Dec 12, 2032
+Account expires						: never
+Minimum number of days between password change		: 0
+Maximum number of days between password change		: 9999
+Number of days of warning before password expires	: 7
diff --git a/tests/chage/10_chsh-l/data/myuser8 b/tests/chage/10_chsh-l/data/myuser8
new file mode 100644
index 0000000..4a3f4bd
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser8
@@ -0,0 +1,7 @@
+Last password change					: never
+Password expires					: never
+Password inactive					: never
+Account expires						: never
+Minimum number of days between password change		: 0
+Maximum number of days between password change		: 9999
+Number of days of warning before password expires	: 7
diff --git a/tests/chage/10_chsh-l/data/myuser9 b/tests/chage/10_chsh-l/data/myuser9
new file mode 100644
index 0000000..09f6fdc
--- /dev/null
+++ b/tests/chage/10_chsh-l/data/myuser9
@@ -0,0 +1,7 @@
+Last password change					: password must be changed
+Password expires					: password must be changed
+Password inactive					: password must be changed
+Account expires						: never
+Minimum number of days between password change		: 0
+Maximum number of days between password change		: 9999
+Number of days of warning before password expires	: 7
diff --git a/tests/chage/11_chsh_usage_invalid_user/chage.test b/tests/chage/11_chsh_usage_invalid_user/chage.test
new file mode 100755
index 0000000..46d9d65
--- /dev/null
+++ b/tests/chage/11_chsh_usage_invalid_user/chage.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage warns in case of invalid user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use chage with an invalid user (chage -I 12 foo)..."
+chage -I 12 foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/11_chsh_usage_invalid_user/config.txt b/tests/chage/11_chsh_usage_invalid_user/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/11_chsh_usage_invalid_user/config.txt
diff --git a/tests/chage/11_chsh_usage_invalid_user/config/etc/group b/tests/chage/11_chsh_usage_invalid_user/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/11_chsh_usage_invalid_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/11_chsh_usage_invalid_user/config/etc/gshadow b/tests/chage/11_chsh_usage_invalid_user/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/11_chsh_usage_invalid_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/11_chsh_usage_invalid_user/config/etc/passwd b/tests/chage/11_chsh_usage_invalid_user/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/11_chsh_usage_invalid_user/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/11_chsh_usage_invalid_user/config/etc/shadow b/tests/chage/11_chsh_usage_invalid_user/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/11_chsh_usage_invalid_user/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/11_chsh_usage_invalid_user/data/usage.out b/tests/chage/11_chsh_usage_invalid_user/data/usage.out
new file mode 100644
index 0000000..cdc8a1f
--- /dev/null
+++ b/tests/chage/11_chsh_usage_invalid_user/data/usage.out
@@ -0,0 +1 @@
+chage: user 'foo' does not exist in /etc/passwd
diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/chage.test b/tests/chage/12_chsh_usage-l_invalid_user2/chage.test
new file mode 100755
index 0000000..d3b5255
--- /dev/null
+++ b/tests/chage/12_chsh_usage-l_invalid_user2/chage.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage warns in case of invalid user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use chage with an invalid user (chage -l foo)..."
+chage -l foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/config.txt b/tests/chage/12_chsh_usage-l_invalid_user2/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/12_chsh_usage-l_invalid_user2/config.txt
diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/group b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/gshadow b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/passwd b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/shadow b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/12_chsh_usage-l_invalid_user2/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/12_chsh_usage-l_invalid_user2/data/usage.out b/tests/chage/12_chsh_usage-l_invalid_user2/data/usage.out
new file mode 100644
index 0000000..cdc8a1f
--- /dev/null
+++ b/tests/chage/12_chsh_usage-l_invalid_user2/data/usage.out
@@ -0,0 +1 @@
+chage: user 'foo' does not exist in /etc/passwd
diff --git a/tests/chage/13_chsh_locked_passwd/chage.test b/tests/chage/13_chsh_locked_passwd/chage.test
new file mode 100755
index 0000000..aeeb412
--- /dev/null
+++ b/tests/chage/13_chsh_locked_passwd/chage.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage warns when passwd is already locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Use chage with an invalid user (chage -I 12 bin)..."
+chage -I 12 bin 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/13_chsh_locked_passwd/config.txt b/tests/chage/13_chsh_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/13_chsh_locked_passwd/config.txt
diff --git a/tests/chage/13_chsh_locked_passwd/config/etc/group b/tests/chage/13_chsh_locked_passwd/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/13_chsh_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/13_chsh_locked_passwd/config/etc/gshadow b/tests/chage/13_chsh_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/13_chsh_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/13_chsh_locked_passwd/config/etc/passwd b/tests/chage/13_chsh_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/13_chsh_locked_passwd/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/13_chsh_locked_passwd/config/etc/shadow b/tests/chage/13_chsh_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/13_chsh_locked_passwd/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/13_chsh_locked_passwd/data/usage.out b/tests/chage/13_chsh_locked_passwd/data/usage.out
new file mode 100644
index 0000000..caa44b5
--- /dev/null
+++ b/tests/chage/13_chsh_locked_passwd/data/usage.out
@@ -0,0 +1,2 @@
+chage: existing lock file /etc/passwd.lock without a PID
+chage: cannot lock /etc/passwd; try again later.
diff --git a/tests/chage/14_chsh_locked_shadow/chage.test b/tests/chage/14_chsh_locked_shadow/chage.test
new file mode 100755
index 0000000..3474d95
--- /dev/null
+++ b/tests/chage/14_chsh_locked_shadow/chage.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage warns when shadow is already locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Use chage with an invalid user (chage -I 12 bin)..."
+chage -I 12 bin 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+rm -f /etc/shadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/14_chsh_locked_shadow/config.txt b/tests/chage/14_chsh_locked_shadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/14_chsh_locked_shadow/config.txt
diff --git a/tests/chage/14_chsh_locked_shadow/config/etc/group b/tests/chage/14_chsh_locked_shadow/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/14_chsh_locked_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/14_chsh_locked_shadow/config/etc/gshadow b/tests/chage/14_chsh_locked_shadow/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/14_chsh_locked_shadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/14_chsh_locked_shadow/config/etc/passwd b/tests/chage/14_chsh_locked_shadow/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/14_chsh_locked_shadow/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/14_chsh_locked_shadow/config/etc/shadow b/tests/chage/14_chsh_locked_shadow/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/14_chsh_locked_shadow/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/14_chsh_locked_shadow/data/usage.out b/tests/chage/14_chsh_locked_shadow/data/usage.out
new file mode 100644
index 0000000..f396f3c
--- /dev/null
+++ b/tests/chage/14_chsh_locked_shadow/data/usage.out
@@ -0,0 +1,2 @@
+chage: existing lock file /etc/shadow.lock without a PID
+chage: cannot lock /etc/shadow; try again later.
diff --git a/tests/chage/15_chage-I_no_shadow_entry/chage.test b/tests/chage/15_chage-I_no_shadow_entry/chage.test
new file mode 100755
index 0000000..77a06a2
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change bin's inactivity period (chage -I 12 bin)..."
+chage -I 12 bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/15_chage-I_no_shadow_entry/config.txt b/tests/chage/15_chage-I_no_shadow_entry/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/15_chage-I_no_shadow_entry/config/etc/group b/tests/chage/15_chage-I_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/15_chage-I_no_shadow_entry/config/etc/gshadow b/tests/chage/15_chage-I_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/15_chage-I_no_shadow_entry/config/etc/login.defs b/tests/chage/15_chage-I_no_shadow_entry/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/15_chage-I_no_shadow_entry/config/etc/passwd b/tests/chage/15_chage-I_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/15_chage-I_no_shadow_entry/config/etc/shadow b/tests/chage/15_chage-I_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..88faec2
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/chage/15_chage-I_no_shadow_entry/data/passwd b/tests/chage/15_chage-I_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..d9ad1e2
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/15_chage-I_no_shadow_entry/data/shadow b/tests/chage/15_chage-I_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..d32d937
--- /dev/null
+++ b/tests/chage/15_chage-I_no_shadow_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bin:*:::::12::
diff --git a/tests/chage/16_chage-m_no_shadow_entry/chage.test b/tests/chage/16_chage-m_no_shadow_entry/chage.test
new file mode 100755
index 0000000..778a65a
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change bin's mindays (chage -m 12 bin)..."
+chage -m 12 bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/16_chage-m_no_shadow_entry/config.txt b/tests/chage/16_chage-m_no_shadow_entry/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/16_chage-m_no_shadow_entry/config/etc/group b/tests/chage/16_chage-m_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/16_chage-m_no_shadow_entry/config/etc/gshadow b/tests/chage/16_chage-m_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/16_chage-m_no_shadow_entry/config/etc/login.defs b/tests/chage/16_chage-m_no_shadow_entry/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/16_chage-m_no_shadow_entry/config/etc/passwd b/tests/chage/16_chage-m_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/16_chage-m_no_shadow_entry/config/etc/shadow b/tests/chage/16_chage-m_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..88faec2
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/chage/16_chage-m_no_shadow_entry/data/passwd b/tests/chage/16_chage-m_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..d9ad1e2
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/16_chage-m_no_shadow_entry/data/shadow b/tests/chage/16_chage-m_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..dc6bc8b
--- /dev/null
+++ b/tests/chage/16_chage-m_no_shadow_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bin:*::12:::::
diff --git a/tests/chage/17_chage-M_no_shadow_entry/chage.test b/tests/chage/17_chage-M_no_shadow_entry/chage.test
new file mode 100755
index 0000000..6b70f06
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change bin's mindays (chage -M 12 bin)..."
+chage -M 12 bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/17_chage-M_no_shadow_entry/config.txt b/tests/chage/17_chage-M_no_shadow_entry/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/17_chage-M_no_shadow_entry/config/etc/group b/tests/chage/17_chage-M_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/17_chage-M_no_shadow_entry/config/etc/gshadow b/tests/chage/17_chage-M_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/17_chage-M_no_shadow_entry/config/etc/login.defs b/tests/chage/17_chage-M_no_shadow_entry/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/17_chage-M_no_shadow_entry/config/etc/passwd b/tests/chage/17_chage-M_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/17_chage-M_no_shadow_entry/config/etc/shadow b/tests/chage/17_chage-M_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..88faec2
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/chage/17_chage-M_no_shadow_entry/data/passwd b/tests/chage/17_chage-M_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..d9ad1e2
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/17_chage-M_no_shadow_entry/data/shadow b/tests/chage/17_chage-M_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..fb623f7
--- /dev/null
+++ b/tests/chage/17_chage-M_no_shadow_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bin:*:::12::::
diff --git a/tests/chage/18_chage-d_no_shadow_entry/chage.test b/tests/chage/18_chage-d_no_shadow_entry/chage.test
new file mode 100755
index 0000000..fb56cef
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change bin's mindays (chage -d 2011-09-11 bin)..."
+chage -d 2011-09-11 bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/18_chage-d_no_shadow_entry/config.txt b/tests/chage/18_chage-d_no_shadow_entry/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/18_chage-d_no_shadow_entry/config/etc/group b/tests/chage/18_chage-d_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/18_chage-d_no_shadow_entry/config/etc/gshadow b/tests/chage/18_chage-d_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/18_chage-d_no_shadow_entry/config/etc/login.defs b/tests/chage/18_chage-d_no_shadow_entry/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/18_chage-d_no_shadow_entry/config/etc/passwd b/tests/chage/18_chage-d_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/18_chage-d_no_shadow_entry/config/etc/shadow b/tests/chage/18_chage-d_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..88faec2
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/chage/18_chage-d_no_shadow_entry/data/passwd b/tests/chage/18_chage-d_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..d9ad1e2
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/18_chage-d_no_shadow_entry/data/shadow b/tests/chage/18_chage-d_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..df82e6c
--- /dev/null
+++ b/tests/chage/18_chage-d_no_shadow_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bin:*:15228::::::
diff --git a/tests/chage/19_chage-W_no_shadow_entry/chage.test b/tests/chage/19_chage-W_no_shadow_entry/chage.test
new file mode 100755
index 0000000..410ccbb
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change bin's mindays (chage -W 12 bin)..."
+chage -W 12 bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/19_chage-W_no_shadow_entry/config.txt b/tests/chage/19_chage-W_no_shadow_entry/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/19_chage-W_no_shadow_entry/config/etc/group b/tests/chage/19_chage-W_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/19_chage-W_no_shadow_entry/config/etc/gshadow b/tests/chage/19_chage-W_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/19_chage-W_no_shadow_entry/config/etc/login.defs b/tests/chage/19_chage-W_no_shadow_entry/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/19_chage-W_no_shadow_entry/config/etc/passwd b/tests/chage/19_chage-W_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/19_chage-W_no_shadow_entry/config/etc/shadow b/tests/chage/19_chage-W_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..88faec2
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/chage/19_chage-W_no_shadow_entry/data/passwd b/tests/chage/19_chage-W_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..d9ad1e2
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/19_chage-W_no_shadow_entry/data/shadow b/tests/chage/19_chage-W_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..3265423
--- /dev/null
+++ b/tests/chage/19_chage-W_no_shadow_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bin:*::::12:::
diff --git a/tests/chage/20_chage-E_no_shadow_entry/chage.test b/tests/chage/20_chage-E_no_shadow_entry/chage.test
new file mode 100755
index 0000000..52079f7
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change bin's mindays (chage -E 2011-09-11 bin)..."
+chage -E 2011-09-11 bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/20_chage-E_no_shadow_entry/config.txt b/tests/chage/20_chage-E_no_shadow_entry/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/20_chage-E_no_shadow_entry/config/etc/group b/tests/chage/20_chage-E_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/20_chage-E_no_shadow_entry/config/etc/gshadow b/tests/chage/20_chage-E_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/20_chage-E_no_shadow_entry/config/etc/login.defs b/tests/chage/20_chage-E_no_shadow_entry/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/20_chage-E_no_shadow_entry/config/etc/passwd b/tests/chage/20_chage-E_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/20_chage-E_no_shadow_entry/config/etc/shadow b/tests/chage/20_chage-E_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..88faec2
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/chage/20_chage-E_no_shadow_entry/data/passwd b/tests/chage/20_chage-E_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..d9ad1e2
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/chage/20_chage-E_no_shadow_entry/data/shadow b/tests/chage/20_chage-E_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..752a49a
--- /dev/null
+++ b/tests/chage/20_chage-E_no_shadow_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bin:*::::::15228:
diff --git a/tests/chage/21_chage_no_shadow_file/chage.test b/tests/chage/21_chage_no_shadow_file/chage.test
new file mode 100755
index 0000000..c2e8d0e
--- /dev/null
+++ b/tests/chage/21_chage_no_shadow_file/chage.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage warns when shadow is not enabled"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Use chage with an invalid user (chage -I 12 bin)..."
+chage -I 12 bin 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "15"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/21_chage_no_shadow_file/config.txt b/tests/chage/21_chage_no_shadow_file/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/21_chage_no_shadow_file/config.txt
diff --git a/tests/chage/21_chage_no_shadow_file/config/etc/group b/tests/chage/21_chage_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/21_chage_no_shadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/21_chage_no_shadow_file/config/etc/gshadow b/tests/chage/21_chage_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/21_chage_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/21_chage_no_shadow_file/config/etc/passwd b/tests/chage/21_chage_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/21_chage_no_shadow_file/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/21_chage_no_shadow_file/config/etc/shadow b/tests/chage/21_chage_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/21_chage_no_shadow_file/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/21_chage_no_shadow_file/data/usage.out b/tests/chage/21_chage_no_shadow_file/data/usage.out
new file mode 100644
index 0000000..07d7a30
--- /dev/null
+++ b/tests/chage/21_chage_no_shadow_file/data/usage.out
@@ -0,0 +1 @@
+chage: the shadow password file is not present
diff --git a/tests/chage/22_chage_myuser-l/chage.test b/tests/chage/22_chage_myuser-l/chage.test
new file mode 100755
index 0000000..34ad36d
--- /dev/null
+++ b/tests/chage/22_chage_myuser-l/chage.test
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage can be used to show one's aging info"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+for user in $(ls data/)
+do
+	echo -n "Get $user aging info (chage -l $user)..."
+	su myuser1 -c "chage -l $user" >tmp/$user
+	echo "OK"
+
+	echo "chage reported:"
+	echo "======================================================================="
+	cat tmp/$user
+	echo "======================================================================="
+	echo -n "Compare with expected output..."
+	diff -au data/$user tmp/$user
+	echo "OK"
+	rm -f tmp/$user
+done
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/22_chage_myuser-l/config.txt b/tests/chage/22_chage_myuser-l/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/22_chage_myuser-l/config.txt
diff --git a/tests/chage/22_chage_myuser-l/config/etc/group b/tests/chage/22_chage_myuser-l/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/22_chage_myuser-l/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/22_chage_myuser-l/config/etc/gshadow b/tests/chage/22_chage_myuser-l/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/22_chage_myuser-l/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/22_chage_myuser-l/config/etc/passwd b/tests/chage/22_chage_myuser-l/config/etc/passwd
new file mode 100644
index 0000000..31046cf
--- /dev/null
+++ b/tests/chage/22_chage_myuser-l/config/etc/passwd
@@ -0,0 +1,32 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
+myuser8:x:424249:424242::/home:/bin/bash
+myuser9:x:424250:424242::/home:/bin/bash
+myuser10:x:424251:424242::/home:/bin/bash
+myuser11:x:424252:424242::/home:/bin/bash
+myuser12:x:424253:424242::/home:/bin/bash
+myuser13:x:424254:424242::/home:/bin/bash
diff --git a/tests/chage/22_chage_myuser-l/config/etc/shadow b/tests/chage/22_chage_myuser-l/config/etc/shadow
new file mode 100644
index 0000000..4b81469
--- /dev/null
+++ b/tests/chage/22_chage_myuser-l/config/etc/shadow
@@ -0,0 +1,30 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:9999:7:1::
+myuser8:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::0:9999:7:1::
+myuser9:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:0:0:9999:7:1::
+myuser10:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0::7:1::
+#myuser11:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:9999:7:1::
diff --git a/tests/chage/22_chage_myuser-l/data/myuser1 b/tests/chage/22_chage_myuser-l/data/myuser1
new file mode 100644
index 0000000..64754ca
--- /dev/null
+++ b/tests/chage/22_chage_myuser-l/data/myuser1
@@ -0,0 +1,7 @@
+Last password change					: Jul 27, 2005
+Password expires					: never
+Password inactive					: never
+Account expires						: never
+Minimum number of days between password change		: 0
+Maximum number of days between password change		: 99999
+Number of days of warning before password expires	: 7
diff --git a/tests/chage/23_chage_myuser-I/chage.test b/tests/chage/23_chage_myuser-I/chage.test
new file mode 100755
index 0000000..0bd7043
--- /dev/null
+++ b/tests/chage/23_chage_myuser-I/chage.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage forbids to change aging info"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myusers1 uses chage to change myuser1 aging info (chage -I 12 myuser2)..."
+su myuser1 -c "chage -I 12 myuser1" 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/23_chage_myuser-I/config.txt b/tests/chage/23_chage_myuser-I/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/23_chage_myuser-I/config.txt
diff --git a/tests/chage/23_chage_myuser-I/config/etc/group b/tests/chage/23_chage_myuser-I/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/23_chage_myuser-I/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/23_chage_myuser-I/config/etc/gshadow b/tests/chage/23_chage_myuser-I/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/23_chage_myuser-I/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/23_chage_myuser-I/config/etc/passwd b/tests/chage/23_chage_myuser-I/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/23_chage_myuser-I/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/23_chage_myuser-I/config/etc/shadow b/tests/chage/23_chage_myuser-I/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/23_chage_myuser-I/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/23_chage_myuser-I/data/usage.out b/tests/chage/23_chage_myuser-I/data/usage.out
new file mode 100644
index 0000000..dc0d6ca
--- /dev/null
+++ b/tests/chage/23_chage_myuser-I/data/usage.out
@@ -0,0 +1 @@
+chage: Permission denied.
diff --git a/tests/chage/24_chage_myuser-l_other/chage.test b/tests/chage/24_chage_myuser-l_other/chage.test
new file mode 100755
index 0000000..ef2f8e2
--- /dev/null
+++ b/tests/chage/24_chage_myuser-l_other/chage.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage forbids to get other accounts aging info"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myusers1 uses chage to get myuser2 aging info (chage -l myuser2)..."
+su myuser1 -c "chage -l myuser2" 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/24_chage_myuser-l_other/config.txt b/tests/chage/24_chage_myuser-l_other/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chage/24_chage_myuser-l_other/config.txt
diff --git a/tests/chage/24_chage_myuser-l_other/config/etc/group b/tests/chage/24_chage_myuser-l_other/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chage/24_chage_myuser-l_other/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chage/24_chage_myuser-l_other/config/etc/gshadow b/tests/chage/24_chage_myuser-l_other/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chage/24_chage_myuser-l_other/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chage/24_chage_myuser-l_other/config/etc/passwd b/tests/chage/24_chage_myuser-l_other/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/24_chage_myuser-l_other/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/24_chage_myuser-l_other/config/etc/shadow b/tests/chage/24_chage_myuser-l_other/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/24_chage_myuser-l_other/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/24_chage_myuser-l_other/data/usage.out b/tests/chage/24_chage_myuser-l_other/data/usage.out
new file mode 100644
index 0000000..dc0d6ca
--- /dev/null
+++ b/tests/chage/24_chage_myuser-l_other/data/usage.out
@@ -0,0 +1 @@
+chage: Permission denied.
diff --git a/tests/chage/25_chage_interractive/chage.test b/tests/chage/25_chage_interractive/chage.test
new file mode 100755
index 0000000..01f957f
--- /dev/null
+++ b/tests/chage/25_chage_interractive/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/25_chage_interractive/config.txt b/tests/chage/25_chage_interractive/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/25_chage_interractive/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/25_chage_interractive/config/etc/group b/tests/chage/25_chage_interractive/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/25_chage_interractive/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/25_chage_interractive/config/etc/gshadow b/tests/chage/25_chage_interractive/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/25_chage_interractive/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/25_chage_interractive/config/etc/login.defs b/tests/chage/25_chage_interractive/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/25_chage_interractive/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/25_chage_interractive/config/etc/passwd b/tests/chage/25_chage_interractive/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/25_chage_interractive/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/25_chage_interractive/config/etc/shadow b/tests/chage/25_chage_interractive/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/25_chage_interractive/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/25_chage_interractive/data/shadow b/tests/chage/25_chage_interractive/data/shadow
new file mode 100644
index 0000000..334494a
--- /dev/null
+++ b/tests/chage/25_chage_interractive/data/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12990:13:14:9:35:15548:
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/25_chage_interractive/run.exp b/tests/chage/25_chage_interractive/run.exp
new file mode 100755
index 0000000..5b4b1d0
--- /dev/null
+++ b/tests/chage/25_chage_interractive/run.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "2005-07-26\r"
+expect -re "Password Expiration Warning .7\]: "
+send "9\r"
+expect -re "Password Inactive .-1\]: "
+send "35\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+send "2012-07-27\r"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/26_chage_interractive_date_0/chage.test b/tests/chage/26_chage_interractive_date_0/chage.test
new file mode 100755
index 0000000..01f957f
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/26_chage_interractive_date_0/config.txt b/tests/chage/26_chage_interractive_date_0/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/26_chage_interractive_date_0/config/etc/group b/tests/chage/26_chage_interractive_date_0/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/26_chage_interractive_date_0/config/etc/gshadow b/tests/chage/26_chage_interractive_date_0/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/26_chage_interractive_date_0/config/etc/login.defs b/tests/chage/26_chage_interractive_date_0/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/26_chage_interractive_date_0/config/etc/passwd b/tests/chage/26_chage_interractive_date_0/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/26_chage_interractive_date_0/config/etc/shadow b/tests/chage/26_chage_interractive_date_0/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/26_chage_interractive_date_0/data/shadow b/tests/chage/26_chage_interractive_date_0/data/shadow
new file mode 100644
index 0000000..293987c
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/data/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:0:13:14:9:35:0:
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/26_chage_interractive_date_0/run.exp b/tests/chage/26_chage_interractive_date_0/run.exp
new file mode 100755
index 0000000..2f97abb
--- /dev/null
+++ b/tests/chage/26_chage_interractive_date_0/run.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "0\r"
+expect -re "Password Expiration Warning .7\]: "
+send "9\r"
+expect -re "Password Inactive .-1\]: "
+send "35\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+send "0\r"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/27_chage_interractive_date_-1/chage.test b/tests/chage/27_chage_interractive_date_-1/chage.test
new file mode 100755
index 0000000..01f957f
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/27_chage_interractive_date_-1/config.txt b/tests/chage/27_chage_interractive_date_-1/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/27_chage_interractive_date_-1/config/etc/group b/tests/chage/27_chage_interractive_date_-1/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/27_chage_interractive_date_-1/config/etc/gshadow b/tests/chage/27_chage_interractive_date_-1/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/27_chage_interractive_date_-1/config/etc/login.defs b/tests/chage/27_chage_interractive_date_-1/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/27_chage_interractive_date_-1/config/etc/passwd b/tests/chage/27_chage_interractive_date_-1/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/27_chage_interractive_date_-1/config/etc/shadow b/tests/chage/27_chage_interractive_date_-1/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/27_chage_interractive_date_-1/data/shadow b/tests/chage/27_chage_interractive_date_-1/data/shadow
new file mode 100644
index 0000000..800f1a2
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/data/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::13:14:9:35::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/27_chage_interractive_date_-1/run.exp b/tests/chage/27_chage_interractive_date_-1/run.exp
new file mode 100755
index 0000000..f4c20a1
--- /dev/null
+++ b/tests/chage/27_chage_interractive_date_-1/run.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send -- "-1\r"
+expect -re "Password Expiration Warning .7\]: "
+send "9\r"
+expect -re "Password Inactive .-1\]: "
+send "35\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+send -- "-1\r"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/chage.test b/tests/chage/28_chage_interractive_date_EPOCH/chage.test
new file mode 100755
index 0000000..01f957f
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config.txt b/tests/chage/28_chage_interractive_date_EPOCH/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config/etc/group b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config/etc/gshadow b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config/etc/login.defs b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config/etc/passwd b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/config/etc/shadow b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/data/shadow b/tests/chage/28_chage_interractive_date_EPOCH/data/shadow
new file mode 100644
index 0000000..293987c
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/data/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:0:13:14:9:35:0:
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/28_chage_interractive_date_EPOCH/run.exp b/tests/chage/28_chage_interractive_date_EPOCH/run.exp
new file mode 100755
index 0000000..a93e8cc
--- /dev/null
+++ b/tests/chage/28_chage_interractive_date_EPOCH/run.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "1970-01-01\r"
+expect -re "Password Expiration Warning .7\]: "
+send "9\r"
+expect -re "Password Inactive .-1\]: "
+send "35\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+send "1970-01-01\r"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/chage.test b/tests/chage/29_chage_interractive_date_pre-EPOCH/chage.test
new file mode 100755
index 0000000..99f2df4
--- /dev/null
+++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config.txt b/tests/chage/29_chage_interractive_date_pre-EPOCH/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/group b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/gshadow b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/login.defs b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/passwd b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/shadow b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/29_chage_interractive_date_pre-EPOCH/run.exp b/tests/chage/29_chage_interractive_date_pre-EPOCH/run.exp
new file mode 100755
index 0000000..a43fd04
--- /dev/null
+++ b/tests/chage/29_chage_interractive_date_pre-EPOCH/run.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "1900-01-01\r"
+expect "chage: error changing fields\r\n"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/chage.test b/tests/chage/30_chage_interractive_date_pre-EPOCH2/chage.test
new file mode 100755
index 0000000..99f2df4
--- /dev/null
+++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config.txt b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/group b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/gshadow b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/login.defs b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/passwd b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/shadow b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/30_chage_interractive_date_pre-EPOCH2/run.exp b/tests/chage/30_chage_interractive_date_pre-EPOCH2/run.exp
new file mode 100755
index 0000000..9c3c5db
--- /dev/null
+++ b/tests/chage/30_chage_interractive_date_pre-EPOCH2/run.exp
@@ -0,0 +1,32 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "1970-01-01\r"
+expect -re "Password Expiration Warning .7\]: "
+send "9\r"
+expect -re "Password Inactive .-1\]: "
+send "35\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+send "1900-01-01\r"
+expect "chage: error changing fields\r\n"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/31_chage_interractive_date_invalid/chage.test b/tests/chage/31_chage_interractive_date_invalid/chage.test
new file mode 100755
index 0000000..84e9390
--- /dev/null
+++ b/tests/chage/31_chage_interractive_date_invalid/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock /etc/shadow.lock' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/31_chage_interractive_date_invalid/config.txt b/tests/chage/31_chage_interractive_date_invalid/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/31_chage_interractive_date_invalid/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/31_chage_interractive_date_invalid/config/etc/group b/tests/chage/31_chage_interractive_date_invalid/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/31_chage_interractive_date_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/31_chage_interractive_date_invalid/config/etc/gshadow b/tests/chage/31_chage_interractive_date_invalid/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/31_chage_interractive_date_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/31_chage_interractive_date_invalid/config/etc/login.defs b/tests/chage/31_chage_interractive_date_invalid/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/31_chage_interractive_date_invalid/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/31_chage_interractive_date_invalid/config/etc/passwd b/tests/chage/31_chage_interractive_date_invalid/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/31_chage_interractive_date_invalid/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/31_chage_interractive_date_invalid/config/etc/shadow b/tests/chage/31_chage_interractive_date_invalid/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/31_chage_interractive_date_invalid/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/31_chage_interractive_date_invalid/run.exp b/tests/chage/31_chage_interractive_date_invalid/run.exp
new file mode 100755
index 0000000..91551d4
--- /dev/null
+++ b/tests/chage/31_chage_interractive_date_invalid/run.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "2000-13-42\r"
+expect "chage: error changing fields\r\n"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/32_chage_interractive_date_invalid2/chage.test b/tests/chage/32_chage_interractive_date_invalid2/chage.test
new file mode 100755
index 0000000..99f2df4
--- /dev/null
+++ b/tests/chage/32_chage_interractive_date_invalid2/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/32_chage_interractive_date_invalid2/config.txt b/tests/chage/32_chage_interractive_date_invalid2/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/32_chage_interractive_date_invalid2/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/32_chage_interractive_date_invalid2/config/etc/group b/tests/chage/32_chage_interractive_date_invalid2/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/32_chage_interractive_date_invalid2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/32_chage_interractive_date_invalid2/config/etc/gshadow b/tests/chage/32_chage_interractive_date_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/32_chage_interractive_date_invalid2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/32_chage_interractive_date_invalid2/config/etc/login.defs b/tests/chage/32_chage_interractive_date_invalid2/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/32_chage_interractive_date_invalid2/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/32_chage_interractive_date_invalid2/config/etc/passwd b/tests/chage/32_chage_interractive_date_invalid2/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/32_chage_interractive_date_invalid2/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/32_chage_interractive_date_invalid2/config/etc/shadow b/tests/chage/32_chage_interractive_date_invalid2/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/32_chage_interractive_date_invalid2/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/32_chage_interractive_date_invalid2/run.exp b/tests/chage/32_chage_interractive_date_invalid2/run.exp
new file mode 100755
index 0000000..edc3f78
--- /dev/null
+++ b/tests/chage/32_chage_interractive_date_invalid2/run.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "2000-mm-42\r"
+expect "chage: error changing fields\r\n"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/33_chage_interractive-W_invalid1/chage.test b/tests/chage/33_chage_interractive-W_invalid1/chage.test
new file mode 100755
index 0000000..fc4dd9d
--- /dev/null
+++ b/tests/chage/33_chage_interractive-W_invalid1/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage interractive session checks field validity"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/33_chage_interractive-W_invalid1/config.txt b/tests/chage/33_chage_interractive-W_invalid1/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/33_chage_interractive-W_invalid1/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/33_chage_interractive-W_invalid1/config/etc/group b/tests/chage/33_chage_interractive-W_invalid1/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/33_chage_interractive-W_invalid1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/33_chage_interractive-W_invalid1/config/etc/gshadow b/tests/chage/33_chage_interractive-W_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/33_chage_interractive-W_invalid1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/33_chage_interractive-W_invalid1/config/etc/login.defs b/tests/chage/33_chage_interractive-W_invalid1/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/33_chage_interractive-W_invalid1/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/33_chage_interractive-W_invalid1/config/etc/passwd b/tests/chage/33_chage_interractive-W_invalid1/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/33_chage_interractive-W_invalid1/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/33_chage_interractive-W_invalid1/config/etc/shadow b/tests/chage/33_chage_interractive-W_invalid1/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/33_chage_interractive-W_invalid1/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/33_chage_interractive-W_invalid1/run.exp b/tests/chage/33_chage_interractive-W_invalid1/run.exp
new file mode 100755
index 0000000..ac50231
--- /dev/null
+++ b/tests/chage/33_chage_interractive-W_invalid1/run.exp
@@ -0,0 +1,32 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "0\r"
+expect -re "Password Expiration Warning .7\]: "
+send "9a\r"
+#expect -re "Password Inactive .-1\]: "
+#send "35\r"
+#expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+#send "0\r"
+expect "chage: error changing fields\r\n"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/34_chage_interractive-W_invalid2/chage.test b/tests/chage/34_chage_interractive-W_invalid2/chage.test
new file mode 100755
index 0000000..fc4dd9d
--- /dev/null
+++ b/tests/chage/34_chage_interractive-W_invalid2/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage interractive session checks field validity"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/34_chage_interractive-W_invalid2/config.txt b/tests/chage/34_chage_interractive-W_invalid2/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/34_chage_interractive-W_invalid2/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/34_chage_interractive-W_invalid2/config/etc/group b/tests/chage/34_chage_interractive-W_invalid2/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/34_chage_interractive-W_invalid2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/34_chage_interractive-W_invalid2/config/etc/gshadow b/tests/chage/34_chage_interractive-W_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/34_chage_interractive-W_invalid2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/34_chage_interractive-W_invalid2/config/etc/login.defs b/tests/chage/34_chage_interractive-W_invalid2/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/34_chage_interractive-W_invalid2/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/34_chage_interractive-W_invalid2/config/etc/passwd b/tests/chage/34_chage_interractive-W_invalid2/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/34_chage_interractive-W_invalid2/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/34_chage_interractive-W_invalid2/config/etc/shadow b/tests/chage/34_chage_interractive-W_invalid2/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/34_chage_interractive-W_invalid2/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/34_chage_interractive-W_invalid2/run.exp b/tests/chage/34_chage_interractive-W_invalid2/run.exp
new file mode 100755
index 0000000..04b6f57
--- /dev/null
+++ b/tests/chage/34_chage_interractive-W_invalid2/run.exp
@@ -0,0 +1,32 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "13\r"
+expect -re "Maximum Password Age .99999\]: "
+send "14\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "0\r"
+expect -re "Password Expiration Warning .7\]: "
+send -- "-2\r"
+#expect -re "Password Inactive .-1\]: "
+#send "35\r"
+#expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+#send "0\r"
+expect "chage: error changing fields\r\n"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/35_chage_interractive-W-1/chage.test b/tests/chage/35_chage_interractive-W-1/chage.test
new file mode 100755
index 0000000..01f957f
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/35_chage_interractive-W-1/config.txt b/tests/chage/35_chage_interractive-W-1/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/35_chage_interractive-W-1/config/etc/group b/tests/chage/35_chage_interractive-W-1/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/35_chage_interractive-W-1/config/etc/gshadow b/tests/chage/35_chage_interractive-W-1/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/35_chage_interractive-W-1/config/etc/login.defs b/tests/chage/35_chage_interractive-W-1/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/35_chage_interractive-W-1/config/etc/passwd b/tests/chage/35_chage_interractive-W-1/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/35_chage_interractive-W-1/config/etc/shadow b/tests/chage/35_chage_interractive-W-1/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/35_chage_interractive-W-1/data/shadow b/tests/chage/35_chage_interractive-W-1/data/shadow
new file mode 100644
index 0000000..4b74f15
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/data/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999::::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/35_chage_interractive-W-1/run.exp b/tests/chage/35_chage_interractive-W-1/run.exp
new file mode 100755
index 0000000..84fd749
--- /dev/null
+++ b/tests/chage/35_chage_interractive-W-1/run.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "\r"
+expect -re "Maximum Password Age .99999\]: "
+send "\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "\r"
+expect -re "Password Expiration Warning .7\]: "
+send -- "-1\r"
+expect -re "Password Inactive .-1\]: "
+send "\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+send "\r"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/36_chage_interractive-I_invalid1/chage.test b/tests/chage/36_chage_interractive-I_invalid1/chage.test
new file mode 100755
index 0000000..fc4dd9d
--- /dev/null
+++ b/tests/chage/36_chage_interractive-I_invalid1/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage interractive session checks field validity"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/36_chage_interractive-I_invalid1/config.txt b/tests/chage/36_chage_interractive-I_invalid1/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/36_chage_interractive-I_invalid1/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/36_chage_interractive-I_invalid1/config/etc/group b/tests/chage/36_chage_interractive-I_invalid1/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/36_chage_interractive-I_invalid1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/36_chage_interractive-I_invalid1/config/etc/gshadow b/tests/chage/36_chage_interractive-I_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/36_chage_interractive-I_invalid1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/36_chage_interractive-I_invalid1/config/etc/login.defs b/tests/chage/36_chage_interractive-I_invalid1/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/36_chage_interractive-I_invalid1/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/36_chage_interractive-I_invalid1/config/etc/passwd b/tests/chage/36_chage_interractive-I_invalid1/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/36_chage_interractive-I_invalid1/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/36_chage_interractive-I_invalid1/config/etc/shadow b/tests/chage/36_chage_interractive-I_invalid1/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/36_chage_interractive-I_invalid1/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/36_chage_interractive-I_invalid1/run.exp b/tests/chage/36_chage_interractive-I_invalid1/run.exp
new file mode 100755
index 0000000..1e3087b
--- /dev/null
+++ b/tests/chage/36_chage_interractive-I_invalid1/run.exp
@@ -0,0 +1,32 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "\r"
+expect -re "Maximum Password Age .99999\]: "
+send "\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "\r"
+expect -re "Password Expiration Warning .7\]: "
+send "\r"
+expect -re "Password Inactive .-1\]: "
+send "9a\r"
+#expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+#send "0\r"
+expect "chage: error changing fields\r\n"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/37_chage_interractive-I_invalid2/chage.test b/tests/chage/37_chage_interractive-I_invalid2/chage.test
new file mode 100755
index 0000000..fc4dd9d
--- /dev/null
+++ b/tests/chage/37_chage_interractive-I_invalid2/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage interractive session checks field validity"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/37_chage_interractive-I_invalid2/config.txt b/tests/chage/37_chage_interractive-I_invalid2/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/37_chage_interractive-I_invalid2/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/37_chage_interractive-I_invalid2/config/etc/group b/tests/chage/37_chage_interractive-I_invalid2/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/37_chage_interractive-I_invalid2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/37_chage_interractive-I_invalid2/config/etc/gshadow b/tests/chage/37_chage_interractive-I_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/37_chage_interractive-I_invalid2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/37_chage_interractive-I_invalid2/config/etc/login.defs b/tests/chage/37_chage_interractive-I_invalid2/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/37_chage_interractive-I_invalid2/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/37_chage_interractive-I_invalid2/config/etc/passwd b/tests/chage/37_chage_interractive-I_invalid2/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/37_chage_interractive-I_invalid2/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/37_chage_interractive-I_invalid2/config/etc/shadow b/tests/chage/37_chage_interractive-I_invalid2/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/37_chage_interractive-I_invalid2/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/37_chage_interractive-I_invalid2/run.exp b/tests/chage/37_chage_interractive-I_invalid2/run.exp
new file mode 100755
index 0000000..b059117
--- /dev/null
+++ b/tests/chage/37_chage_interractive-I_invalid2/run.exp
@@ -0,0 +1,32 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "\r"
+expect -re "Maximum Password Age .99999\]: "
+send "\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "\r"
+expect -re "Password Expiration Warning .7\]: "
+send "\r"
+expect -re "Password Inactive .-1\]: "
+send -- "-2\r"
+#expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+#send "0\r"
+expect "chage: error changing fields\r\n"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/38_chage_interractive-I-1/chage.test b/tests/chage/38_chage_interractive-I-1/chage.test
new file mode 100755
index 0000000..01f957f
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/38_chage_interractive-I-1/config.txt b/tests/chage/38_chage_interractive-I-1/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/38_chage_interractive-I-1/config/etc/group b/tests/chage/38_chage_interractive-I-1/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/38_chage_interractive-I-1/config/etc/gshadow b/tests/chage/38_chage_interractive-I-1/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/38_chage_interractive-I-1/config/etc/login.defs b/tests/chage/38_chage_interractive-I-1/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/38_chage_interractive-I-1/config/etc/passwd b/tests/chage/38_chage_interractive-I-1/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/38_chage_interractive-I-1/config/etc/shadow b/tests/chage/38_chage_interractive-I-1/config/etc/shadow
new file mode 100644
index 0000000..922d955
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:3::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/38_chage_interractive-I-1/data/shadow b/tests/chage/38_chage_interractive-I-1/data/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/data/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/38_chage_interractive-I-1/run.exp b/tests/chage/38_chage_interractive-I-1/run.exp
new file mode 100755
index 0000000..94eb463
--- /dev/null
+++ b/tests/chage/38_chage_interractive-I-1/run.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "\r"
+expect -re "Maximum Password Age .99999\]: "
+send "\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .2005-07-27\]: "
+send "\r"
+expect -re "Password Expiration Warning .7\]: "
+send "\r"
+expect -re "Password Inactive .3\]: "
+send -- "-1\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+send "\r"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chage/39_chage_interractive-d-1/chage.test b/tests/chage/39_chage_interractive-d-1/chage.test
new file mode 100755
index 0000000..01f957f
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/chage.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chage creates a shadow entry if there were none"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "chage interractive session as myuser1..."
+./run.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chage/39_chage_interractive-d-1/config.txt b/tests/chage/39_chage_interractive-d-1/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/chage/39_chage_interractive-d-1/config/etc/group b/tests/chage/39_chage_interractive-d-1/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/chage/39_chage_interractive-d-1/config/etc/gshadow b/tests/chage/39_chage_interractive-d-1/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/chage/39_chage_interractive-d-1/config/etc/login.defs b/tests/chage/39_chage_interractive-d-1/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chage/39_chage_interractive-d-1/config/etc/passwd b/tests/chage/39_chage_interractive-d-1/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chage/39_chage_interractive-d-1/config/etc/shadow b/tests/chage/39_chage_interractive-d-1/config/etc/shadow
new file mode 100644
index 0000000..a1afc12
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::0:99999:7:3::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/39_chage_interractive-d-1/data/shadow b/tests/chage/39_chage_interractive-d-1/data/shadow
new file mode 100644
index 0000000..a1afc12
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/data/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::0:99999:7:3::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chage/39_chage_interractive-d-1/run.exp b/tests/chage/39_chage_interractive-d-1/run.exp
new file mode 100755
index 0000000..362436b
--- /dev/null
+++ b/tests/chage/39_chage_interractive-d-1/run.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+# I've not been able to put the opening bracket in the regular expressions
+# If anyone knows...
+
+spawn /usr/bin/chage myuser1
+expect -re "Minimum Password Age .0\]: "
+send "\r"
+expect -re "Maximum Password Age .99999\]: "
+send "\r"
+expect -re "Last Password Change \[(]YYYY-MM-DD\[)] .-1\]: "
+send -- "-1\r"
+expect -re "Password Expiration Warning .7\]: "
+send "\r"
+expect -re "Password Inactive .3\]: "
+send "\r"
+expect -re "Account Expiration Date \[(]YYYY-MM-DD\[)] .-1\]: "
+send "\r"
+expect {
+	eof {
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chroot/chage/01_chage--root/chage.test b/tests/chroot/chage/01_chage--root/chage.test
new file mode 100755
index 0000000..df9aad5
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/chage.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chage can change user's data in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Change root's last day in chroot (chage --root $PWD/tmp/root -d 2012-12-12 root)..."
+chage --root $PWD/tmp/root -d 2012-12-12 root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/chage/01_chage--root/config.txt b/tests/chroot/chage/01_chage--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/chage/01_chage--root/config/etc/default/useradd b/tests/chroot/chage/01_chage--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/chage/01_chage--root/config/etc/group b/tests/chroot/chage/01_chage--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/chage/01_chage--root/config/etc/gshadow b/tests/chroot/chage/01_chage--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/chage/01_chage--root/config/etc/passwd b/tests/chroot/chage/01_chage--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/chage/01_chage--root/config/etc/shadow b/tests/chroot/chage/01_chage--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/chage/01_chage--root/config_chroot/etc/group b/tests/chroot/chage/01_chage--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/chage/01_chage--root/config_chroot/etc/gshadow b/tests/chroot/chage/01_chage--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/chage/01_chage--root/config_chroot/etc/login.defs b/tests/chroot/chage/01_chage--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/chage/01_chage--root/config_chroot/etc/passwd b/tests/chroot/chage/01_chage--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/chage/01_chage--root/config_chroot/etc/shadow b/tests/chroot/chage/01_chage--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/chage/01_chage--root/data/shadow b/tests/chroot/chage/01_chage--root/data/shadow
new file mode 100644
index 0000000..c9e698b
--- /dev/null
+++ b/tests/chroot/chage/01_chage--root/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:15686:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/chgpasswd.test b/tests/chroot/chgpasswd/01_chgpasswd--root/chgpasswd.test
new file mode 100755
index 0000000..afbdb4b
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/chgpasswd.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can change a group in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Change nobody and lp's password in chroot..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --root $PWD/tmp/root -c SHA256
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config.txt b/tests/chroot/chgpasswd/01_chgpasswd--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/default/useradd b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/group b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/gshadow b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/passwd b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/shadow b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/group b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/group
new file mode 100644
index 0000000..d2a4b10
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+staff:x:50:
+root:x:0:
+tty:x:5:
+daemon:x:1:
+bin:x:2:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+sys:x:3:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+adm:x:4:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+disk:x:6:
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/gshadow b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/login.defs b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/passwd b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/shadow b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/chgpasswd/01_chgpasswd--root/data/gshadow b/tests/chroot/chgpasswd/01_chgpasswd--root/data/gshadow
new file mode 100644
index 0000000..2ea5fca
--- /dev/null
+++ b/tests/chroot/chgpasswd/01_chgpasswd--root/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_SHA256 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA256 test@::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/chpasswd.test b/tests/chroot/chpasswd/01_chpasswd--root_nopam/chpasswd.test
new file mode 100755
index 0000000..17282f9
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/chpasswd.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can change a group in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Change nobody and lp's password in chroot..."
+echo 'nobody:test
+lp:test2' | chpasswd --root $PWD/tmp/root -c SHA256
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/shadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config.txt b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/default/useradd b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/group b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/gshadow b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/passwd b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/shadow b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/group b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/group
new file mode 100644
index 0000000..d2a4b10
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/group
@@ -0,0 +1,42 @@
+staff:x:50:
+root:x:0:
+tty:x:5:
+daemon:x:1:
+bin:x:2:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+sys:x:3:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+adm:x:4:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+disk:x:6:
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/gshadow b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/login.defs b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/passwd b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/shadow b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/chpasswd/01_chpasswd--root_nopam/data/shadow b/tests/chroot/chpasswd/01_chpasswd--root_nopam/data/shadow
new file mode 100644
index 0000000..8a67bed
--- /dev/null
+++ b/tests/chroot/chpasswd/01_chpasswd--root_nopam/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA256 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/chpasswd.test b/tests/chroot/chpasswd/02_chpasswd--root_pam/chpasswd.test
new file mode 100755
index 0000000..2e2f895
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/chpasswd.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can change a group in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Change nobody and lp's password in chroot..."
+echo 'nobody:test
+lp:test2' | chpasswd --root $PWD/tmp/root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/shadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config.txt b/tests/chroot/chpasswd/02_chpasswd--root_pam/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/default/useradd b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/group b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/gshadow b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/passwd b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/shadow b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/group b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/group
new file mode 100644
index 0000000..d2a4b10
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/group
@@ -0,0 +1,42 @@
+staff:x:50:
+root:x:0:
+tty:x:5:
+daemon:x:1:
+bin:x:2:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+sys:x:3:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+adm:x:4:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+disk:x:6:
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/gshadow b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/login.defs b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/chpasswd b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/chpasswd
new file mode 100644
index 0000000..da2adcc
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/chpasswd
@@ -0,0 +1,5 @@
+# The PAM configuration file for the Shadow 'chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/common-password b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/common-password
new file mode 100644
index 0000000..cb8c7b7
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords.  Without this option,
+# the default is Unix crypt.  Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/passwd b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/shadow b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/chpasswd/02_chpasswd--root_pam/data/shadow b/tests/chroot/chpasswd/02_chpasswd--root_pam/data/shadow
new file mode 100644
index 0000000..5839a29
--- /dev/null
+++ b/tests/chroot/chpasswd/02_chpasswd--root_pam/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA512 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/chsh/01_chsh--root/chsh.test b/tests/chroot/chsh/01_chsh--root/chsh.test
new file mode 100755
index 0000000..b99cbb4
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/chsh.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chsh can change a user in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Change user in chroot (chsh --root $PWD/tmp/root -s /bin/dash root)..."
+chsh --root $PWD/tmp/root -s /bin/dash root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/chsh/01_chsh--root/config.txt b/tests/chroot/chsh/01_chsh--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/chsh/01_chsh--root/config/etc/default/useradd b/tests/chroot/chsh/01_chsh--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/chsh/01_chsh--root/config/etc/group b/tests/chroot/chsh/01_chsh--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/chsh/01_chsh--root/config/etc/gshadow b/tests/chroot/chsh/01_chsh--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/chsh/01_chsh--root/config/etc/passwd b/tests/chroot/chsh/01_chsh--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/chsh/01_chsh--root/config/etc/shadow b/tests/chroot/chsh/01_chsh--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot.list b/tests/chroot/chsh/01_chsh--root/config_chroot.list
new file mode 100644
index 0000000..166e521
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot.list
@@ -0,0 +1 @@
+/bin/dash
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/group b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/gshadow b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/login.defs b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/chsh b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/chsh
new file mode 100644
index 0000000..7eb604d
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/chsh
@@ -0,0 +1,20 @@
+#
+# The PAM configuration file for the Shadow `chsh' service
+#
+
+# This will not allow a user to change their shell unless
+# their current one is listed in /etc/shells. This keeps
+# accounts with special shells from changing them.
+auth       required   pam_shells.so
+
+# This allows root to change user shell without being
+# prompted for a password
+auth		sufficient	pam_rootok.so
+
+# The standard Unix authentication modules, used with
+# NIS (man nsswitch) as well as normal /etc/passwd and
+# /etc/shadow entries.
+@include common-auth
+@include common-account
+@include common-session
+
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-account b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-account
new file mode 100644
index 0000000..316b173
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-account
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-account - authorization settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authorization modules that define
+# the central access policy for use on the system.  The default is to
+# only deny service to users whose accounts are expired in /etc/shadow.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+#
+
+# here are the per-package modules (the "Primary" block)
+account	[success=1 new_authtok_reqd=done default=ignore]	pam_unix.so 
+# here's the fallback if no module succeeds
+account	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+account	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-auth b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-auth
new file mode 100644
index 0000000..5facfa2
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-auth
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-auth - authentication settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authentication modules that define
+# the central authentication scheme for use on the system
+# (e.g., /etc/shadow, LDAP, Kerberos, etc.).  The default is to use the
+# traditional Unix authentication mechanisms.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+auth	[success=1 default=ignore]	pam_unix.so nullok_secure
+# here's the fallback if no module succeeds
+auth	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+auth	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-session b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-session
new file mode 100644
index 0000000..4ad1729
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/pam.d/common-session
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-session - session-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define tasks to be performed
+# at the start and end of sessions of *any* kind (both interactive and
+# non-interactive).
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+session	[default=1]			pam_permit.so
+# here's the fallback if no module succeeds
+session	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+session	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+session	required	pam_unix.so 
+# end of pam-auth-update config
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/passwd b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shadow b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shells b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shells
new file mode 100644
index 0000000..3cf5cc4
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/config_chroot/etc/shells
@@ -0,0 +1,3 @@
+# /etc/shells: valid login shells
+/bin/bash
+/bin/dash
diff --git a/tests/chroot/chsh/01_chsh--root/data/passwd b/tests/chroot/chsh/01_chsh--root/data/passwd
new file mode 100644
index 0000000..72c8a86
--- /dev/null
+++ b/tests/chroot/chsh/01_chsh--root/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/dash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config.txt b/tests/chroot/gpasswd/01_gpasswd--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config/etc/default/useradd b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config/etc/group b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config/etc/gshadow b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config/etc/passwd b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config/etc/shadow b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/group b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/group
new file mode 100644
index 0000000..d2a4b10
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+staff:x:50:
+root:x:0:
+tty:x:5:
+daemon:x:1:
+bin:x:2:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+sys:x:3:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+adm:x:4:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+disk:x:6:
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/gshadow b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/login.defs b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/passwd b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/shadow b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/data/group b/tests/chroot/gpasswd/01_gpasswd--root/data/group
new file mode 100644
index 0000000..5c28b63
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/data/group
@@ -0,0 +1,42 @@
+staff:x:50:
+root:x:0:
+tty:x:5:
+daemon:x:1:
+bin:x:2:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+sys:x:3:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+adm:x:4:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+disk:x:6:
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/data/gshadow b/tests/chroot/gpasswd/01_gpasswd--root/data/gshadow
new file mode 100644
index 0000000..7b869c2
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/gpasswd/01_gpasswd--root/gpasswd.test b/tests/chroot/gpasswd/01_gpasswd--root/gpasswd.test
new file mode 100755
index 0000000..8e861aa
--- /dev/null
+++ b/tests/chroot/gpasswd/01_gpasswd--root/gpasswd.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change a group in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+ls tmp/root/lib
+
+echo -n "Chang group in chroot (gpasswd -a root users -Q $PWD/tmp/root)..."
+gpasswd -a root users -Q $PWD/tmp/root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/groupadd/01_groupadd--root/config.txt b/tests/chroot/groupadd/01_groupadd--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/groupadd/01_groupadd--root/config/etc/default/useradd b/tests/chroot/groupadd/01_groupadd--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/groupadd/01_groupadd--root/config/etc/group b/tests/chroot/groupadd/01_groupadd--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/groupadd/01_groupadd--root/config/etc/gshadow b/tests/chroot/groupadd/01_groupadd--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/groupadd/01_groupadd--root/config/etc/passwd b/tests/chroot/groupadd/01_groupadd--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/groupadd/01_groupadd--root/config/etc/shadow b/tests/chroot/groupadd/01_groupadd--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/group b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/gshadow b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/login.defs b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/passwd b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/shadow b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/groupadd/01_groupadd--root/data/group b/tests/chroot/groupadd/01_groupadd--root/data/group
new file mode 100644
index 0000000..ffc452f
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+foo:x:1000:
diff --git a/tests/chroot/groupadd/01_groupadd--root/data/gshadow b/tests/chroot/groupadd/01_groupadd--root/data/gshadow
new file mode 100644
index 0000000..e4b350d
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
+foo:!::
diff --git a/tests/chroot/groupadd/01_groupadd--root/groupadd.test b/tests/chroot/groupadd/01_groupadd--root/groupadd.test
new file mode 100755
index 0000000..26f4c9b
--- /dev/null
+++ b/tests/chroot/groupadd/01_groupadd--root/groupadd.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can add a group in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Add group foo in chroot (groupadd --root $PWD/tmp/root foo)..."
+groupadd --root $PWD/tmp/root foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/groupdel/01_groupdel--root/config.txt b/tests/chroot/groupdel/01_groupdel--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/groupdel/01_groupdel--root/config/etc/default/useradd b/tests/chroot/groupdel/01_groupdel--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/groupdel/01_groupdel--root/config/etc/group b/tests/chroot/groupdel/01_groupdel--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/groupdel/01_groupdel--root/config/etc/gshadow b/tests/chroot/groupdel/01_groupdel--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/groupdel/01_groupdel--root/config/etc/passwd b/tests/chroot/groupdel/01_groupdel--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/groupdel/01_groupdel--root/config/etc/shadow b/tests/chroot/groupdel/01_groupdel--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/group b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/gshadow b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/login.defs b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/passwd b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/shadow b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/groupdel/01_groupdel--root/data/group b/tests/chroot/groupdel/01_groupdel--root/data/group
new file mode 100644
index 0000000..9ee4d56
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/groupdel/01_groupdel--root/data/gshadow b/tests/chroot/groupdel/01_groupdel--root/data/gshadow
new file mode 100644
index 0000000..b969cf2
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/groupdel/01_groupdel--root/groupdel.test b/tests/chroot/groupdel/01_groupdel--root/groupdel.test
new file mode 100755
index 0000000..6d7fa5a
--- /dev/null
+++ b/tests/chroot/groupdel/01_groupdel--root/groupdel.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmodd can delete a group in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Delete group users in chroot (groupdel --root $PWD/tmp/root users)..."
+groupdel --root $PWD/tmp/root users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/groupmod/01_groupmod--root/config.txt b/tests/chroot/groupmod/01_groupmod--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/groupmod/01_groupmod--root/config/etc/default/useradd b/tests/chroot/groupmod/01_groupmod--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/groupmod/01_groupmod--root/config/etc/group b/tests/chroot/groupmod/01_groupmod--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/groupmod/01_groupmod--root/config/etc/gshadow b/tests/chroot/groupmod/01_groupmod--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/groupmod/01_groupmod--root/config/etc/passwd b/tests/chroot/groupmod/01_groupmod--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/groupmod/01_groupmod--root/config/etc/shadow b/tests/chroot/groupmod/01_groupmod--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/group b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/gshadow b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/login.defs b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/passwd b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/shadow b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/groupmod/01_groupmod--root/data/group b/tests/chroot/groupmod/01_groupmod--root/data/group
new file mode 100644
index 0000000..068bdf5
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+utilisateurs:x:100:
diff --git a/tests/chroot/groupmod/01_groupmod--root/data/gshadow b/tests/chroot/groupmod/01_groupmod--root/data/gshadow
new file mode 100644
index 0000000..249ec49
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
+utilisateurs:*::
diff --git a/tests/chroot/groupmod/01_groupmod--root/groupmod.test b/tests/chroot/groupmod/01_groupmod--root/groupmod.test
new file mode 100755
index 0000000..853df8f
--- /dev/null
+++ b/tests/chroot/groupmod/01_groupmod--root/groupmod.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change a group in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Change group in chroot (groupmod --root $PWD/tmp/root -n utilisateurs users)..."
+groupmod --root $PWD/tmp/root -n utilisateurs users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/grpck/01_grpck--root/config.txt b/tests/chroot/grpck/01_grpck--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/grpck/01_grpck--root/config/etc/default/useradd b/tests/chroot/grpck/01_grpck--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/grpck/01_grpck--root/config/etc/group b/tests/chroot/grpck/01_grpck--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/grpck/01_grpck--root/config/etc/gshadow b/tests/chroot/grpck/01_grpck--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/grpck/01_grpck--root/config/etc/passwd b/tests/chroot/grpck/01_grpck--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/grpck/01_grpck--root/config/etc/shadow b/tests/chroot/grpck/01_grpck--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/grpck/01_grpck--root/config_chroot/etc/group b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/group
new file mode 100644
index 0000000..d2a4b10
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+staff:x:50:
+root:x:0:
+tty:x:5:
+daemon:x:1:
+bin:x:2:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+sys:x:3:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+adm:x:4:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+disk:x:6:
diff --git a/tests/chroot/grpck/01_grpck--root/config_chroot/etc/gshadow b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/grpck/01_grpck--root/config_chroot/etc/login.defs b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/grpck/01_grpck--root/config_chroot/etc/passwd b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/grpck/01_grpck--root/config_chroot/etc/shadow b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/grpck/01_grpck--root/data/group b/tests/chroot/grpck/01_grpck--root/data/group
new file mode 100644
index 0000000..dd74ea8
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+crontab:x:101:
+Debian-exim:x:102:
+nogroup:x:65534:
+myuser:x:424242:
diff --git a/tests/chroot/grpck/01_grpck--root/data/gshadow b/tests/chroot/grpck/01_grpck--root/data/gshadow
new file mode 100644
index 0000000..5b9b1d4
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
+nogroup:*::
+myuser:x::
diff --git a/tests/chroot/grpck/01_grpck--root/grpck.test b/tests/chroot/grpck/01_grpck--root/grpck.test
new file mode 100755
index 0000000..93867d0
--- /dev/null
+++ b/tests/chroot/grpck/01_grpck--root/grpck.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck can sort groups in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Sort groups in chroot (grpck --sort --root $PWD/tmp/root)..."
+grpck --sort --root $PWD/tmp/root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/grpconv/01_grpconv--root/config.txt b/tests/chroot/grpconv/01_grpconv--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/grpconv/01_grpconv--root/config/etc/default/useradd b/tests/chroot/grpconv/01_grpconv--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/grpconv/01_grpconv--root/config/etc/group b/tests/chroot/grpconv/01_grpconv--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/grpconv/01_grpconv--root/config/etc/gshadow b/tests/chroot/grpconv/01_grpconv--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/grpconv/01_grpconv--root/config/etc/passwd b/tests/chroot/grpconv/01_grpconv--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/grpconv/01_grpconv--root/config/etc/shadow b/tests/chroot/grpconv/01_grpconv--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/group b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/group
new file mode 100644
index 0000000..27f1e9a
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:
+daemon:*:1:
+bin:*:2:
+sys:*:3:
+adm:*:4:
+tty:*:5:
+disk:*:6:
+lp:*:7:
+mail:*:8:
+news:*:9:
+uucp:*:10:
+man:*:12:
+proxy:*:13:
+kmem:*:15:
+dialout:*:20:
+fax:*:21:
+voice:*:22:
+cdrom:*:24:
+floppy:*:25:
+tape:*:26:
+sudo:*:27:
+audio:*:29:
+dip:*:30:
+www-data:*:33:
+backup:*:34:
+operator:*:37:
+list:*:38:
+irc:*:39:
+src:*:40:
+gnats:*:41:
+shadow:*:42:
+utmp:*:43:
+video:*:44:
+sasl:*:45:
+plugdev:*:46:
+staff:*:50:
+games:*:60:
+users:foo:100:
+nogroup::65534:
+crontab:*:101:
+Debian-exim:!:102:
+myuser:*:424242:
diff --git a/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/login.defs b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/passwd b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/shadow b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/grpconv/01_grpconv--root/data/group b/tests/chroot/grpconv/01_grpconv--root/data/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/grpconv/01_grpconv--root/data/gshadow b/tests/chroot/grpconv/01_grpconv--root/data/gshadow
new file mode 100644
index 0000000..5f81b8f
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/data/gshadow
@@ -0,0 +1,42 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:foo::
+nogroup:::
+crontab:*::
+Debian-exim:!::
+myuser:*::
diff --git a/tests/chroot/grpconv/01_grpconv--root/grpconv.test b/tests/chroot/grpconv/01_grpconv--root/grpconv.test
new file mode 100755
index 0000000..92e1bf0
--- /dev/null
+++ b/tests/chroot/grpconv/01_grpconv--root/grpconv.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpconv can change a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "grpconv in a chroot (grpconv --root $PWD/tmp/root)..."
+grpconv --root $PWD/tmp/root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/gshadow
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config.txt b/tests/chroot/grpunconv/01_grpunconv--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config/etc/default/useradd b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config/etc/group b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config/etc/gshadow b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/gshadow
new file mode 100644
index 0000000..b21489b
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config/etc/passwd b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config/etc/shadow b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/group b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/gshadow b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..86f5654
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.::
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/login.defs b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/passwd b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/shadow b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/data/group b/tests/chroot/grpunconv/01_grpunconv--root/data/group
new file mode 100644
index 0000000..9a03703
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/data/group
@@ -0,0 +1,42 @@
+root:*:0:
+daemon:*:1:
+bin:*:2:
+sys:*:3:
+adm:*:4:
+tty:*:5:
+disk:*:6:
+lp:*:7:
+mail:*:8:
+news:*:9:
+uucp:*:10:
+man:*:12:
+proxy:*:13:
+kmem:*:15:
+dialout:*:20:
+fax:*:21:
+voice:*:22:
+cdrom:*:24:
+floppy:*:25:
+tape:*:26:
+sudo:*:27:
+audio:*:29:
+dip:*:30:
+www-data:*:33:
+backup:*:34:
+operator:*:37:
+list:*:38:
+irc:*:39:
+src:*:40:
+gnats:*:41:
+shadow:*:42:
+utmp:*:43:
+video:*:44:
+sasl:*:45:
+plugdev:*:46:
+staff:*:50:
+games:*:60:
+users:*:100:
+nogroup:*:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:424242:
diff --git a/tests/chroot/grpunconv/01_grpunconv--root/grpunconv.test b/tests/chroot/grpunconv/01_grpunconv--root/grpunconv.test
new file mode 100755
index 0000000..5d6edd5
--- /dev/null
+++ b/tests/chroot/grpunconv/01_grpunconv--root/grpunconv.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpunconv can change a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "grpunconv in a chroot (grpunconv --root $PWD/tmp/root)..."
+grpunconv --root $PWD/tmp/root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+test ! -f tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/lastlog/01_lastlog--root/config.txt b/tests/chroot/lastlog/01_lastlog--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/lastlog/01_lastlog--root/config/etc/default/useradd b/tests/chroot/lastlog/01_lastlog--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/lastlog/01_lastlog--root/config/etc/group b/tests/chroot/lastlog/01_lastlog--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/lastlog/01_lastlog--root/config/etc/gshadow b/tests/chroot/lastlog/01_lastlog--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/lastlog/01_lastlog--root/config/etc/passwd b/tests/chroot/lastlog/01_lastlog--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/lastlog/01_lastlog--root/config/etc/shadow b/tests/chroot/lastlog/01_lastlog--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/group b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/group
new file mode 100644
index 0000000..d2a4b10
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+staff:x:50:
+root:x:0:
+tty:x:5:
+daemon:x:1:
+bin:x:2:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+sys:x:3:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+adm:x:4:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+disk:x:6:
diff --git a/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/gshadow b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/login.defs b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/passwd b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/shadow b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/lastlog/01_lastlog--root/data/group b/tests/chroot/lastlog/01_lastlog--root/data/group
new file mode 100644
index 0000000..5c28b63
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/data/group
@@ -0,0 +1,42 @@
+staff:x:50:
+root:x:0:
+tty:x:5:
+daemon:x:1:
+bin:x:2:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+sys:x:3:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+adm:x:4:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+disk:x:6:
diff --git a/tests/chroot/lastlog/01_lastlog--root/data/gshadow b/tests/chroot/lastlog/01_lastlog--root/data/gshadow
new file mode 100644
index 0000000..7b869c2
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/lastlog/01_lastlog--root/data/lastlog.list b/tests/chroot/lastlog/01_lastlog--root/data/lastlog.list
new file mode 100644
index 0000000..e95b205
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/data/lastlog.list
@@ -0,0 +1,2 @@
+Username
+myuser
diff --git a/tests/chroot/lastlog/01_lastlog--root/lastlog.test b/tests/chroot/lastlog/01_lastlog--root/lastlog.test
new file mode 100755
index 0000000..d61d9a7
--- /dev/null
+++ b/tests/chroot/lastlog/01_lastlog--root/lastlog.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change a group in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; rm -f tmp/root/var/log/lastlog; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Create an empty /var/log/lastlog in the chroot..."
+> tmp/root/var/log/lastlog
+echo "OK"
+
+echo -n "lastlog --root $PWD/tmp/root -u 424242..."
+lastlog --root $PWD/tmp/root -u 424242> tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+rm -f tmp/root/var/log/lastlog
+
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/login/01_login_sublogin/config.txt b/tests/chroot/login/01_login_sublogin/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/chroot/login/01_login_sublogin/config/etc/group b/tests/chroot/login/01_login_sublogin/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/login/01_login_sublogin/config/etc/gshadow b/tests/chroot/login/01_login_sublogin/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/login/01_login_sublogin/config/etc/login.defs b/tests/chroot/login/01_login_sublogin/config/etc/login.defs
new file mode 100644
index 0000000..8605f43
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+#ENV_SUPATH	/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+#ENV_PATH	/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/login/01_login_sublogin/config/etc/passwd b/tests/chroot/login/01_login_sublogin/config/etc/passwd
new file mode 100644
index 0000000..7b82b88
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/nonexistent:*/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/login/01_login_sublogin/config/etc/shadow b/tests/chroot/login/01_login_sublogin/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot.list b/tests/chroot/login/01_login_sublogin/config_chroot.list
new file mode 100644
index 0000000..e22e8e8
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot.list
@@ -0,0 +1,3 @@
+/bin/dash
+/bin/sh
+/usr/bin/id
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/group b/tests/chroot/login/01_login_sublogin/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/gshadow b/tests/chroot/login/01_login_sublogin/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/login.defs b/tests/chroot/login/01_login_sublogin/config_chroot/etc/login.defs
new file mode 100644
index 0000000..8605f43
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+#ENV_SUPATH	/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+#ENV_PATH	/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-account b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-account
new file mode 100644
index 0000000..316b173
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-account
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-account - authorization settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authorization modules that define
+# the central access policy for use on the system.  The default is to
+# only deny service to users whose accounts are expired in /etc/shadow.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+#
+
+# here are the per-package modules (the "Primary" block)
+account	[success=1 new_authtok_reqd=done default=ignore]	pam_unix.so 
+# here's the fallback if no module succeeds
+account	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+account	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-auth b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-auth
new file mode 100644
index 0000000..5facfa2
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-auth
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-auth - authentication settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authentication modules that define
+# the central authentication scheme for use on the system
+# (e.g., /etc/shadow, LDAP, Kerberos, etc.).  The default is to use the
+# traditional Unix authentication mechanisms.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+auth	[success=1 default=ignore]	pam_unix.so nullok_secure
+# here's the fallback if no module succeeds
+auth	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+auth	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-password b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-password
new file mode 100644
index 0000000..cb8c7b7
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords.  Without this option,
+# the default is Unix crypt.  Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session
new file mode 100644
index 0000000..4ad1729
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-session - session-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define tasks to be performed
+# at the start and end of sessions of *any* kind (both interactive and
+# non-interactive).
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+session	[default=1]			pam_permit.so
+# here's the fallback if no module succeeds
+session	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+session	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+session	required	pam_unix.so 
+# end of pam-auth-update config
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session-noninteractive b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session-noninteractive
new file mode 100644
index 0000000..c9144d5
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/common-session-noninteractive
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-session-noninteractive - session-related modules
+# common to all non-interactive services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define tasks to be performed
+# at the start and end of all non-interactive sessions.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+session	[default=1]			pam_permit.so
+# here's the fallback if no module succeeds
+session	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+session	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+session	required	pam_unix.so 
+# end of pam-auth-update config
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/login b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/login
new file mode 100644
index 0000000..f1e43b2
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/login
@@ -0,0 +1,107 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/other b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/other
new file mode 100644
index 0000000..59d776c
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/pam.d/other
@@ -0,0 +1,16 @@
+#
+# /etc/pam.d/other - specify the PAM fallback behaviour
+#
+# Note that this file is used for any unspecified service; for example
+#if /etc/pam.d/cron  specifies no session modules but cron calls
+#pam_open_session, the session module out of /etc/pam.d/other is
+#used.  If you really want nothing to happen then use pam_permit.so or
+#pam_deny.so as appropriate.
+
+# We fall back to the system default in /etc/pam.d/common-*
+# 
+
+@include common-auth
+@include common-account
+@include common-password
+@include common-session
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/passwd b/tests/chroot/login/01_login_sublogin/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/securetty b/tests/chroot/login/01_login_sublogin/config_chroot/etc/securetty
new file mode 100644
index 0000000..4d70544
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/securetty
@@ -0,0 +1,390 @@
+# /etc/securetty: list of terminals on which root is allowed to login.
+# See securetty(5) and login(1).
+
+console
+
+# Local X displays (allows empty passwords with pam_unix's nullok_secure)
+:0
+:0.0
+:0.1
+:1
+:1.0
+:1.1
+:2
+:2.0
+:2.1
+:3
+:3.0
+:3.1
+#...
+
+
+# ==========================================================
+#
+# TTYs sorted by major number according to Documentation/devices.txt
+#
+# ==========================================================
+
+# Virtual consoles
+tty1
+tty2
+tty3
+tty4
+tty5
+tty6
+tty7
+tty8
+tty9
+tty10
+tty11
+tty12
+tty13
+tty14
+tty15
+tty16
+tty17
+tty18
+tty19
+tty20
+tty21
+tty22
+tty23
+tty24
+tty25
+tty26
+tty27
+tty28
+tty29
+tty30
+tty31
+tty32
+tty33
+tty34
+tty35
+tty36
+tty37
+tty38
+tty39
+tty40
+tty41
+tty42
+tty43
+tty44
+tty45
+tty46
+tty47
+tty48
+tty49
+tty50
+tty51
+tty52
+tty53
+tty54
+tty55
+tty56
+tty57
+tty58
+tty59
+tty60
+tty61
+tty62
+tty63
+
+# UART serial ports
+ttyS0
+ttyS1
+ttyS2
+ttyS3
+ttyS4
+ttyS5
+#...ttyS191
+
+# Serial Mux devices	(Linux/PA-RISC only)
+ttyB0
+ttyB1
+#...
+
+# Chase serial card
+ttyH0
+ttyH1
+#...
+
+# Cyclades serial cards
+ttyC0
+ttyC1
+#...ttyC31
+
+# Digiboard serial cards
+ttyD0
+ttyD1
+#...
+
+# Stallion serial cards
+ttyE0
+ttyE1
+#...ttyE255
+
+# Specialix serial cards
+ttyX0
+ttyX1
+#...
+
+# Comtrol Rocketport serial cards
+ttyR0
+ttyR1
+#...
+
+# SDL RISCom serial cards
+ttyL0
+ttyL1
+#...
+
+# Hayes ESP serial card
+ttyP0
+ttyP1
+#...
+
+# Computone IntelliPort II serial card
+ttyF0
+ttyF1
+#...ttyF255
+
+# Specialix IO8+ serial card
+ttyW0
+ttyW1
+#...
+
+# Comtrol VS-1000 serial controller
+ttyV0
+ttyV1
+#...
+
+# ISI serial card
+ttyM0
+ttyM1
+#...
+
+# Technology Concepts serial card
+ttyT0
+ttyT1
+#...
+
+# Specialix RIO serial card
+ttySR0
+ttySR1
+#...ttySR511
+
+# Chase Research AT/PCI-Fast serial card
+ttyCH0
+ttyCH1
+#...ttyCH63
+
+# Moxa Intellio serial card
+ttyMX0
+ttyMX1
+#...ttyMX127
+
+# SmartIO serial card
+ttySI0
+ttySI1
+#...
+
+# USB dongles
+ttyUSB0
+ttyUSB1
+ttyUSB2
+#...
+
+# LinkUp Systems L72xx UARTs
+ttyLU0
+ttyLU1
+ttyLU2
+ttyLU3
+
+# StrongARM builtin serial ports
+ttySA0
+ttySA1
+ttySA2
+
+# SCI serial port (SuperH) ports and SC26xx serial ports
+ttySC0
+ttySC1
+ttySC2
+ttySC3
+
+# ARM "AMBA" serial ports
+ttyAM0
+ttyAM1
+ttyAM2
+ttyAM3
+ttyAM4
+ttyAM5
+ttyAM6
+ttyAM7
+ttyAM8
+ttyAM9
+ttyAM10
+ttyAM11
+ttyAM12
+ttyAM13
+ttyAM14
+ttyAM15
+
+# Embedded ARM AMBA PL011 ports (e.g. emulated by QEMU)
+ttyAMA0
+ttyAMA1
+ttyAMA2
+ttyAMA3
+
+# DataBooster serial ports
+ttyDB0
+ttyDB1
+ttyDB2
+ttyDB3
+ttyDB4
+ttyDB5
+ttyDB6
+ttyDB7
+
+# SGI Altix console ports
+ttySG0
+
+# Motorola i.MX ports
+ttySMX0
+ttySMX1
+ttySMX2
+
+# Marvell MPSC ports
+ttyMM0
+ttyMM1
+
+# PPC CPM (SCC or SMC) ports
+ttyCPM0
+ttyCPM1
+ttyCPM2
+ttyCPM3
+ttyCPM4
+ttyCPM5
+
+# Altix serial cards
+ttyIOC0
+ttyIOC1
+#...ttyIOC31
+
+# NEC VR4100 series SIU
+ttyVR0
+
+# NEC VR4100 series SSIU
+ttyVR1
+
+# Altix ioc4 serial cards
+ttyIOC84
+ttyIOC85
+#...ttyIOC115
+
+# Altix ioc3 serial cards
+ttySIOC0
+ttySIOC1
+#...ttySIOC31
+
+# PPC PSC ports
+ttyPSC0
+ttyPSC1
+ttyPSC2
+ttyPSC3
+ttyPSC4
+ttyPSC5
+
+# ATMEL serial ports
+ttyAT0
+ttyAT1
+#...ttyAT15
+
+# Hilscher netX serial port
+ttyNX0
+ttyNX1
+#...ttyNX15
+
+# Xilinx uartlite - port
+ttyUL0
+ttyUL1
+ttyUL2
+ttyUL3
+
+# Xen virtual console - port 0
+xvc0
+
+# pmac_zilog - port
+ttyPZ0
+ttyPZ1
+ttyPZ2
+ttyPZ3
+
+# TX39/49 serial port
+ttyTX0
+ttyTX1
+ttyTX2
+ttyTX3
+ttyTX4
+ttyTX5
+ttyTX6
+ttyTX7
+
+# SC26xx serial ports (see SCI serial ports (SuperH))
+
+# MAX3100 serial ports
+ttyMAX0
+ttyMAX1
+ttyMAX2
+ttyMAX3
+
+# OMAP serial ports
+ttyO0
+ttyO1
+ttyO2
+ttyO3
+
+# User space serial ports
+ttyU0
+ttyU1
+
+# A2232 serial card
+ttyY0
+ttyY1
+
+# IBM 3270 terminal Unix tty access
+3270/tty1
+3270/tty2
+#...
+
+# IBM iSeries/pSeries virtual console
+hvc0
+hvc1
+#...
+#IBM pSeries console ports
+hvsi0
+hvsi1
+hvsi2
+
+# Equinox SST multi-port serial boards
+ttyEQ0
+ttyEQ1
+#...ttyEQ1027
+
+# ==========================================================
+#
+# Not in Documentation/Devicess.txt
+#
+# ==========================================================
+
+# Embedded Freescale i.MX ports
+ttymxc0
+ttymxc1
+ttymxc2
+ttymxc3
+ttymxc4
+ttymxc5
+
+# Serial Console for MIPS Swarm
+duart0
+duart1
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/security/limits.conf b/tests/chroot/login/01_login_sublogin/config_chroot/etc/security/limits.conf
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/security/limits.conf
diff --git a/tests/chroot/login/01_login_sublogin/config_chroot/etc/shadow b/tests/chroot/login/01_login_sublogin/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/login/01_login_sublogin/login.exp b/tests/chroot/login/01_login_sublogin/login.exp
new file mode 100755
index 0000000..86253bc
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/login.exp
@@ -0,0 +1,25 @@
+#!/usr/bin/expect
+
+set timeout 10
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "strace -s 1000 -o /tmp/login.strace login\r"
+expect " login: "
+send "myuser\r"
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "$ "
+
+send "# expect uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+send "id\r"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+send "exit\r"
+
+exit 0
diff --git a/tests/chroot/login/01_login_sublogin/login.test b/tests/chroot/login/01_login_sublogin/login.test
new file mode 100755
index 0000000..f5d271b
--- /dev/null
+++ b/tests/chroot/login/01_login_sublogin/login.test
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+testname=$(basename $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "try regular login with user prompt"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+usermod -d $PWD/tmp/root myuser 
+
+prepare_chroot
+
+./login.exp
+echo
+
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/pwck/01_pwck--root/config.txt b/tests/chroot/pwck/01_pwck--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/pwck/01_pwck--root/config/etc/default/useradd b/tests/chroot/pwck/01_pwck--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/pwck/01_pwck--root/config/etc/group b/tests/chroot/pwck/01_pwck--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/pwck/01_pwck--root/config/etc/gshadow b/tests/chroot/pwck/01_pwck--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/pwck/01_pwck--root/config/etc/passwd b/tests/chroot/pwck/01_pwck--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/pwck/01_pwck--root/config/etc/shadow b/tests/chroot/pwck/01_pwck--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/pwck/01_pwck--root/config_chroot/etc/group b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/pwck/01_pwck--root/config_chroot/etc/gshadow b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/pwck/01_pwck--root/config_chroot/etc/login.defs b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/pwck/01_pwck--root/config_chroot/etc/passwd b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..76c6fc3
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/passwd
@@ -0,0 +1,23 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
+testsuite::424244:424244::/home:/bin/bash
+testsuite1::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/pwck/01_pwck--root/config_chroot/etc/shadow b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/pwck/01_pwck--root/data/pwck.out b/tests/chroot/pwck/01_pwck--root/data/pwck.out
new file mode 100644
index 0000000..92a5670
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/data/pwck.out
@@ -0,0 +1,59 @@
+user 'root': program '/bin/bash' does not exist
+user 'daemon': directory '/usr/sbin' does not exist
+user 'daemon': program '/bin/sh' does not exist
+user 'bin': directory '/bin' does not exist
+user 'bin': program '/bin/sh' does not exist
+user 'sys': directory '/dev' does not exist
+user 'sys': program '/bin/sh' does not exist
+user 'sync': directory '/bin' does not exist
+user 'sync': program '/bin/sync' does not exist
+user 'games': directory '/usr/games' does not exist
+user 'games': program '/bin/sh' does not exist
+user 'man': directory '/var/cache/man' does not exist
+user 'man': program '/bin/sh' does not exist
+user 'lp': directory '/var/spool/lpd' does not exist
+user 'lp': program '/bin/sh' does not exist
+user 'mail': directory '/var/mail' does not exist
+user 'mail': program '/bin/sh' does not exist
+user 'news': directory '/var/spool/news' does not exist
+user 'news': program '/bin/sh' does not exist
+user 'uucp': directory '/var/spool/uucp' does not exist
+user 'uucp': program '/bin/sh' does not exist
+user 'proxy': directory '/bin' does not exist
+user 'proxy': program '/bin/sh' does not exist
+user 'www-data': directory '/var/www' does not exist
+user 'www-data': program '/bin/sh' does not exist
+user 'backup': directory '/var/backups' does not exist
+user 'backup': program '/bin/sh' does not exist
+user 'list': directory '/var/list' does not exist
+user 'list': program '/bin/sh' does not exist
+user 'irc': directory '/var/run/ircd' does not exist
+user 'irc': program '/bin/sh' does not exist
+user 'gnats': directory '/var/lib/gnats' does not exist
+user 'gnats': program '/bin/sh' does not exist
+user 'nobody': directory '/nonexistent' does not exist
+user 'nobody': program '/bin/sh' does not exist
+user 'Debian-exim': directory '/var/spool/exim4' does not exist
+user 'Debian-exim': program '/bin/false' does not exist
+user 'myuser': directory '/home/' does not exist
+user 'myuser': program '/bin/sh' does not exist
+duplicate password entry
+delete line 'testsuite::424243:424243::/home:/bin/bash'? No
+user 'testsuite': no group 424243
+user 'testsuite': directory '/home' does not exist
+user 'testsuite': program '/bin/bash' does not exist
+no matching password file entry in /etc/shadow
+add user 'testsuite' in /etc/shadow? No
+duplicate password entry
+delete line 'testsuite::424244:424244::/home:/bin/bash'? No
+user 'testsuite': no group 424244
+user 'testsuite': directory '/home' does not exist
+user 'testsuite': program '/bin/bash' does not exist
+no matching password file entry in /etc/shadow
+add user 'testsuite' in /etc/shadow? No
+user 'testsuite1': no group 424243
+user 'testsuite1': directory '/home' does not exist
+user 'testsuite1': program '/bin/bash' does not exist
+no matching password file entry in /etc/shadow
+add user 'testsuite1' in /etc/shadow? No
+pwck: no changes
diff --git a/tests/chroot/pwck/01_pwck--root/pwck.test b/tests/chroot/pwck/01_pwck--root/pwck.test
new file mode 100755
index 0000000..25cba9f
--- /dev/null
+++ b/tests/chroot/pwck/01_pwck--root/pwck.test
@@ -0,0 +1,67 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck can change a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "pwck in a chroot (pwck --read-only --root $PWD/tmp/root)..."
+pwck --read-only --root $PWD/tmp/root >tmp/pwck.out && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.out
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.out tmp/pwck.out
+echo "error message OK."
+rm -f tmp/pwck.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/pwconv/01_pwconv--root/config.txt b/tests/chroot/pwconv/01_pwconv--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/pwconv/01_pwconv--root/config/etc/default/useradd b/tests/chroot/pwconv/01_pwconv--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/pwconv/01_pwconv--root/config/etc/group b/tests/chroot/pwconv/01_pwconv--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/pwconv/01_pwconv--root/config/etc/gshadow b/tests/chroot/pwconv/01_pwconv--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/pwconv/01_pwconv--root/config/etc/passwd b/tests/chroot/pwconv/01_pwconv--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/pwconv/01_pwconv--root/config/etc/shadow b/tests/chroot/pwconv/01_pwconv--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/group b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/gshadow b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/login.defs b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/passwd b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..1a85284
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:!:102:102::/var/spool/exim4:/bin/false
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/pwconv/01_pwconv--root/data/passwd b/tests/chroot/pwconv/01_pwconv--root/data/passwd
new file mode 100644
index 0000000..89b6962
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite:x:424243:424243::/home:/bin/bash
diff --git a/tests/chroot/pwconv/01_pwconv--root/data/shadow b/tests/chroot/pwconv/01_pwconv--root/data/shadow
new file mode 100644
index 0000000..38bf30c
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/data/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:@TODAY@:0:99999:7:::
+daemon:*:@TODAY@:0:99999:7:::
+bin:*:@TODAY@:0:99999:7:::
+sys:*:@TODAY@:0:99999:7:::
+sync:*:@TODAY@:0:99999:7:::
+games:*:@TODAY@:0:99999:7:::
+man:*:@TODAY@:0:99999:7:::
+lp:*:@TODAY@:0:99999:7:::
+mail:*:@TODAY@:0:99999:7:::
+news:*:@TODAY@:0:99999:7:::
+uucp:*:@TODAY@:0:99999:7:::
+proxy:*:@TODAY@:0:99999:7:::
+www-data:*:@TODAY@:0:99999:7:::
+backup:*:@TODAY@:0:99999:7:::
+list:*:@TODAY@:0:99999:7:::
+irc:*:@TODAY@:0:99999:7:::
+gnats:*:@TODAY@:0:99999:7:::
+nobody:*:@TODAY@:0:99999:7:::
+Debian-exim:!:@TODAY@:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:@TODAY@:0:99999:7:::
+testsuite::@TODAY@:0:99999:7:::
diff --git a/tests/chroot/pwconv/01_pwconv--root/pwconv.test b/tests/chroot/pwconv/01_pwconv--root/pwconv.test
new file mode 100755
index 0000000..3b92ab4
--- /dev/null
+++ b/tests/chroot/pwconv/01_pwconv--root/pwconv.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwconv can change a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "pwconv in a chroot (pwconv --root $PWD/tmp/root)..."
+pwconv --root $PWD/tmp/root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/shadow
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config.txt b/tests/chroot/pwunconv/01_pwunconv--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config/etc/default/useradd b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config/etc/group b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config/etc/gshadow b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config/etc/passwd b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config/etc/shadow b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/group b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/gshadow b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/login.defs b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/passwd b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/shadow b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/data/passwd b/tests/chroot/pwunconv/01_pwunconv--root/data/passwd
new file mode 100644
index 0000000..1a85284
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/data/passwd
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:!:102:102::/var/spool/exim4:/bin/false
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/pwunconv/01_pwunconv--root/pwunconv.test b/tests/chroot/pwunconv/01_pwunconv--root/pwunconv.test
new file mode 100755
index 0000000..60c2552
--- /dev/null
+++ b/tests/chroot/pwunconv/01_pwunconv--root/pwunconv.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwunconv can change a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "pwunconv in a chroot (pwunconv --root $PWD/tmp/root)..."
+pwunconv --root $PWD/tmp/root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+test ! -f tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/useradd/01_useradd--root/config.txt b/tests/chroot/useradd/01_useradd--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/useradd/01_useradd--root/config/etc/default/useradd b/tests/chroot/useradd/01_useradd--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/useradd/01_useradd--root/config/etc/group b/tests/chroot/useradd/01_useradd--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/useradd/01_useradd--root/config/etc/gshadow b/tests/chroot/useradd/01_useradd--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/useradd/01_useradd--root/config/etc/passwd b/tests/chroot/useradd/01_useradd--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/useradd/01_useradd--root/config/etc/shadow b/tests/chroot/useradd/01_useradd--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/useradd/01_useradd--root/config_chroot/etc/group b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/useradd/01_useradd--root/config_chroot/etc/gshadow b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/useradd/01_useradd--root/config_chroot/etc/login.defs b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/useradd/01_useradd--root/config_chroot/etc/passwd b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/useradd/01_useradd--root/config_chroot/etc/shadow b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/useradd/01_useradd--root/data/group b/tests/chroot/useradd/01_useradd--root/data/group
new file mode 100644
index 0000000..ffc452f
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+foo:x:1000:
diff --git a/tests/chroot/useradd/01_useradd--root/data/gshadow b/tests/chroot/useradd/01_useradd--root/data/gshadow
new file mode 100644
index 0000000..e4b350d
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
+foo:!::
diff --git a/tests/chroot/useradd/01_useradd--root/data/passwd b/tests/chroot/useradd/01_useradd--root/data/passwd
new file mode 100644
index 0000000..102186a
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/data/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
+foo:x:1000:1000::/home/foo:
diff --git a/tests/chroot/useradd/01_useradd--root/data/shadow b/tests/chroot/useradd/01_useradd--root/data/shadow
new file mode 100644
index 0000000..258cf2b
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/data/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:::
diff --git a/tests/chroot/useradd/01_useradd--root/useradd.test b/tests/chroot/useradd/01_useradd--root/useradd.test
new file mode 100755
index 0000000..aa9dd35
--- /dev/null
+++ b/tests/chroot/useradd/01_useradd--root/useradd.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd can add an user in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Add user foo in chroot (useradd --root $PWD/tmp/root foo)..."
+useradd --root $PWD/tmp/root foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config.txt b/tests/chroot/useradd/02_useradd--root_login.defs/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/default/useradd b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/group b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/gshadow b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/passwd b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/shadow b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/group b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/gshadow b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/login.defs b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/login.defs
new file mode 100644
index 0000000..419eb13
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 2000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1500
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/passwd b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/shadow b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/data/group b/tests/chroot/useradd/02_useradd--root_login.defs/data/group
new file mode 100644
index 0000000..eb04ced
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+foo:x:2000:
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/data/gshadow b/tests/chroot/useradd/02_useradd--root_login.defs/data/gshadow
new file mode 100644
index 0000000..e4b350d
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
+foo:!::
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/data/passwd b/tests/chroot/useradd/02_useradd--root_login.defs/data/passwd
new file mode 100644
index 0000000..25d10d6
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/data/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
+foo:x:2000:2000::/home/foo:
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/data/shadow b/tests/chroot/useradd/02_useradd--root_login.defs/data/shadow
new file mode 100644
index 0000000..258cf2b
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/data/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:::
diff --git a/tests/chroot/useradd/02_useradd--root_login.defs/useradd.test b/tests/chroot/useradd/02_useradd--root_login.defs/useradd.test
new file mode 100755
index 0000000..aa9dd35
--- /dev/null
+++ b/tests/chroot/useradd/02_useradd--root_login.defs/useradd.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd can add an user in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Add user foo in chroot (useradd --root $PWD/tmp/root foo)..."
+useradd --root $PWD/tmp/root foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config.txt b/tests/chroot/useradd/03_useradd--root_useradd.default/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/default/useradd b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/group b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/gshadow b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/passwd b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/shadow b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/default/useradd b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/default/useradd
new file mode 100644
index 0000000..5051e1d
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/group b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/gshadow b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/login.defs b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/passwd b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/shadow b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/data/group b/tests/chroot/useradd/03_useradd--root_useradd.default/data/group
new file mode 100644
index 0000000..ffc452f
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
+foo:x:1000:
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/data/gshadow b/tests/chroot/useradd/03_useradd--root_useradd.default/data/gshadow
new file mode 100644
index 0000000..e4b350d
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
+foo:!::
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/data/passwd b/tests/chroot/useradd/03_useradd--root_useradd.default/data/passwd
new file mode 100644
index 0000000..22fa744
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/data/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
+foo:x:1000:1000::/tmp/foo:/bin/sh
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/data/shadow b/tests/chroot/useradd/03_useradd--root_useradd.default/data/shadow
new file mode 100644
index 0000000..f4c9dfb
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/data/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/chroot/useradd/03_useradd--root_useradd.default/useradd.test b/tests/chroot/useradd/03_useradd--root_useradd.default/useradd.test
new file mode 100755
index 0000000..aa9dd35
--- /dev/null
+++ b/tests/chroot/useradd/03_useradd--root_useradd.default/useradd.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd can add an user in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Add user foo in chroot (useradd --root $PWD/tmp/root foo)..."
+useradd --root $PWD/tmp/root foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config.txt b/tests/chroot/useradd/04_useradd--root_useradd-D/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/default/useradd b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/group b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/gshadow b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/passwd b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/shadow b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/default/useradd b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/default/useradd
new file mode 100644
index 0000000..5051e1d
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/group b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/gshadow b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/login.defs b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/passwd b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/shadow b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/data/useradd.out b/tests/chroot/useradd/04_useradd--root_useradd-D/data/useradd.out
new file mode 100644
index 0000000..581c055
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/data/useradd.out
@@ -0,0 +1,7 @@
+GROUP=10
+HOME=/tmp
+INACTIVE=12
+EXPIRE=2007-12-02
+SHELL=/bin/sh
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/chroot/useradd/04_useradd--root_useradd-D/useradd.test b/tests/chroot/useradd/04_useradd--root_useradd-D/useradd.test
new file mode 100755
index 0000000..069e704
--- /dev/null
+++ b/tests/chroot/useradd/04_useradd--root_useradd-D/useradd.test
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd can list defaults from a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "List defaults in chroot (useradd --root $PWD/tmp/root foo)..."
+useradd -D --root $PWD/tmp/root > tmp/useradd.out
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.out tmp/useradd.out
+echo "OK."
+rm -f tmp/useradd.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc//group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config.txt b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/default/useradd b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/group b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/gshadow b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/passwd b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/shadow b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/default/useradd b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/default/useradd
new file mode 100644
index 0000000..d1406e4
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/group b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/gshadow b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/login.defs b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/passwd b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/shadow b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/data/useradd.default b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/data/useradd.default
new file mode 100644
index 0000000..aaca91a
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/data/useradd.default
@@ -0,0 +1,38 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=424242
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2012-12-12
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/useradd.test b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/useradd.test
new file mode 100755
index 0000000..97059da
--- /dev/null
+++ b/tests/chroot/useradd/05_useradd--root_useradd-D-e-g/useradd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd can list defaults from a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "List defaults in chroot (useradd -D --root $PWD/tmp/root -e 2012-12-12 -g 424242)..."
+useradd -D --root $PWD/tmp/root -e 2012-12-12 -g 424242
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl config_chroot/etc/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc//group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+echo -n "Check the useradd's default file..."
+diff -au data/useradd.default tmp/root/etc/default/useradd
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+rm -f tmp/root/etc/default/useradd-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/userdel/01_userdel--root/config.txt b/tests/chroot/userdel/01_userdel--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/userdel/01_userdel--root/config/etc/default/useradd b/tests/chroot/userdel/01_userdel--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/userdel/01_userdel--root/config/etc/group b/tests/chroot/userdel/01_userdel--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/userdel/01_userdel--root/config/etc/gshadow b/tests/chroot/userdel/01_userdel--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/userdel/01_userdel--root/config/etc/passwd b/tests/chroot/userdel/01_userdel--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/userdel/01_userdel--root/config/etc/shadow b/tests/chroot/userdel/01_userdel--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/userdel/01_userdel--root/config_chroot/etc/group b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/userdel/01_userdel--root/config_chroot/etc/gshadow b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/userdel/01_userdel--root/config_chroot/etc/login.defs b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/userdel/01_userdel--root/config_chroot/etc/passwd b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/userdel/01_userdel--root/config_chroot/etc/shadow b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/userdel/01_userdel--root/data/group b/tests/chroot/userdel/01_userdel--root/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/userdel/01_userdel--root/data/gshadow b/tests/chroot/userdel/01_userdel--root/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/userdel/01_userdel--root/data/passwd b/tests/chroot/userdel/01_userdel--root/data/passwd
new file mode 100644
index 0000000..4736f1c
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/userdel/01_userdel--root/data/shadow b/tests/chroot/userdel/01_userdel--root/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/userdel/01_userdel--root/userdel.test b/tests/chroot/userdel/01_userdel--root/userdel.test
new file mode 100755
index 0000000..4ee203e
--- /dev/null
+++ b/tests/chroot/userdel/01_userdel--root/userdel.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel can change a user in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Delete a user in chroot (userdel --root $PWD/tmp/root myuser)..."
+userdel --root $PWD/tmp/root myuser
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chroot/usermod/01_usermod--root/config.txt b/tests/chroot/usermod/01_usermod--root/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/chroot/usermod/01_usermod--root/config/etc/default/useradd b/tests/chroot/usermod/01_usermod--root/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/chroot/usermod/01_usermod--root/config/etc/group b/tests/chroot/usermod/01_usermod--root/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/chroot/usermod/01_usermod--root/config/etc/gshadow b/tests/chroot/usermod/01_usermod--root/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/chroot/usermod/01_usermod--root/config/etc/passwd b/tests/chroot/usermod/01_usermod--root/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/chroot/usermod/01_usermod--root/config/etc/shadow b/tests/chroot/usermod/01_usermod--root/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/chroot/usermod/01_usermod--root/config_chroot/etc/group b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chroot/usermod/01_usermod--root/config_chroot/etc/gshadow b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chroot/usermod/01_usermod--root/config_chroot/etc/login.defs b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/chroot/usermod/01_usermod--root/config_chroot/etc/passwd b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/usermod/01_usermod--root/config_chroot/etc/shadow b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/config_chroot/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chroot/usermod/01_usermod--root/data/passwd b/tests/chroot/usermod/01_usermod--root/data/passwd
new file mode 100644
index 0000000..1f47aaf
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:100:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/chroot/usermod/01_usermod--root/usermod.test b/tests/chroot/usermod/01_usermod--root/usermod.test
new file mode 100755
index 0000000..14f7a08
--- /dev/null
+++ b/tests/chroot/usermod/01_usermod--root/usermod.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can change a user in a chroot"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; clean_chroot; restore_config' 0
+
+change_config
+
+prepare_chroot
+
+echo -n "Change user in chroot (usermod --root $PWD/tmp/root -g users root)..."
+usermod --root $PWD/tmp/root -g users root
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/root/etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl config_chroot/etc/group tmp/root/etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl config_chroot/etc/shadow tmp/root/etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl config_chroot/etc/gshadow tmp/root/etc/gshadow
+echo "OK"
+
+rm -f tmp/root/etc/.pwd.lock
+rm -f tmp/root/etc/passwd-
+rm -f tmp/root/etc/group-
+rm -f tmp/root/etc/shadow-
+rm -f tmp/root/etc/gshadow-
+clean_chroot
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/01/data/chsh1 b/tests/chsh/01/data/chsh1
new file mode 100644
index 0000000..01b3d53
--- /dev/null
+++ b/tests/chsh/01/data/chsh1
@@ -0,0 +1 @@
+You may not change the shell for 'myuser'.
diff --git a/tests/chsh/01/data/chsh2 b/tests/chsh/01/data/chsh2
new file mode 100644
index 0000000..b017d6d
--- /dev/null
+++ b/tests/chsh/01/data/chsh2
@@ -0,0 +1 @@
+You may not change the shell for 'myuser2'.
diff --git a/tests/chsh/01/data/group b/tests/chsh/01/data/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/01/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/01/data/gshadow b/tests/chsh/01/data/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/01/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/01/data/passwd b/tests/chsh/01/data/passwd
new file mode 100644
index 0000000..37b0467
--- /dev/null
+++ b/tests/chsh/01/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/01/data/shadow b/tests/chsh/01/data/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/01/data/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/01/data/shells b/tests/chsh/01/data/shells
new file mode 100644
index 0000000..4fd4378
--- /dev/null
+++ b/tests/chsh/01/data/shells
@@ -0,0 +1,16 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+/bin/zsh
+/usr/bin/esh
+/bin/bash
+/bin/rbash
diff --git a/tests/chsh/01/run b/tests/chsh/01/run
new file mode 100755
index 0000000..72760c2
--- /dev/null
+++ b/tests/chsh/01/run
@@ -0,0 +1,143 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test chage options
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save()
+{
+	[ ! -d tmp ] && mkdir tmp
+	for i in passwd group shadow gshadow shells
+	do
+		[ -f /etc/$i  ] && cp /etc/$i  tmp/$i
+		[ -f /etc/$i- ] && cp /etc/$i- tmp/$i-
+	done
+
+	true
+}
+
+restore()
+{
+	for i in passwd group shadow gshadow shells
+	do
+		[ -f tmp/$i  ] && cp tmp/$i  /etc/$i  && rm tmp/$i
+		[ -f tmp/$i- ] && cp tmp/$i- /etc/$i- && rm tmp/$i-
+	done
+	rm -f tmp/out
+	rm -f tmp/shell tmp/sh:ell
+	rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'if [ "$?" != "0" ]; then echo "FAIL"; fi; restore' 0
+
+for i in passwd group shadow gshadow shells
+do
+	cp data/$i /etc
+done
+
+echo -n "changing to a restricted shell, by root..."
+cp /bin/bash tmp/shell
+chsh -s $(pwd)/tmp/shell myuser
+ent=$(getent passwd myuser)
+[ "$ent" = "myuser:x:424242:424242::/home:"$(pwd)"/tmp/shell" ] || exit 1
+echo "OK"
+
+echo -n "changing from a restricted shell, by myuser..."
+su myuser -c "chsh -s /bin/bash" 2> tmp/out && exit 1
+ent=$(getent passwd myuser)
+[ "$ent" = "myuser:x:424242:424242::/home:"$(pwd)"/tmp/shell" ] || exit 1
+diff -au data/chsh1 tmp/out
+echo "OK"
+
+echo -n "changing from a restricted shell, by root..."
+chsh -s /bin/bash myuser
+ent=$(getent passwd myuser)
+[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
+echo "OK"
+
+# Need to be done by expect now (chage asks for a passwd if not root)
+#echo -n "changing to a restricted shell, by myuser..."
+#su myuser -c "chsh -s $(pwd)/tmp/shell" 2> tmp/out && exit 1
+#ent=$(getent passwd myuser)
+#[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
+#grep "/tmp/shell is an invalid shell." tmp/out > /dev/null
+#[ $(wc -l tmp/out| cut -d" " -f1) = "1" ] || exit 1
+#echo "OK"
+
+#echo -n "changing to a new valid shell, by myuser..."
+#echo $(pwd)/tmp/shell >> /tmp/shells
+#su myuser -c "chsh -s $(pwd)/tmp/shell" 2> tmp/out && exit 1
+#ent=$(getent passwd myuser)
+#[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
+#grep "/tmp/shell is an invalid shell." tmp/out > /dev/null
+#[ $(wc -l tmp/out| cut -d" " -f1) = "1" ] || exit 1
+#echo "OK"
+
+echo -n "changing another user's shell..."
+su myuser -c "chsh -s /bin/sh myuser2" 2> tmp/out && exit 1
+ent=$(getent passwd myuser2)
+[ "$ent" = "myuser2:x:424243:424242::/home:/bin/sh" ] || exit 1
+diff -au data/chsh2 tmp/out
+echo "OK"
+
+#echo -n "changing to a non-executable shell..."
+#chmod a-x tmp/shell
+#su myuser -c "chsh -s $(pwd)/tmp/shell myuser" 2> tmp/out && exit 1
+#ent=$(getent passwd myuser)
+#[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
+#grep "/tmp/shell is an invalid shell." tmp/out > /dev/null
+#[ $(wc -l tmp/out| cut -d" " -f1) = "1" ] || exit 1
+#echo "OK"
+
+echo -n "changing to an invalid shell name..."
+cp /bin/bash tmp/sh:ell
+echo $(pwd)/tmp/sh:ell >> /etc/shells
+chsh -s $(pwd)/tmp/sh:ell myuser 2> tmp/out && exit 1
+ent=$(getent passwd myuser)
+[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
+egrep "chsh: Invalid entry: .*/tmp/sh:ell" tmp/out > /dev/null
+[ $(wc -l tmp/out| cut -d" " -f1) = "1" ] || exit 1
+echo "OK"
+
+echo "testing the interactive mode (1)..."
+rm -f tmp/out
+./run.exp /bin/bash myuser
+[ -f tmp/out ] && exit 1
+ent=$(getent passwd myuser)
+[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
+echo "OK"
+
+#echo "testing the interactive mode (2)..."
+#rm -f tmp/out
+#su myuser -c "./run.exp /bin/bash"
+#[ -f tmp/out ] && exit 1
+#ent=$(getent passwd myuser)
+#[ "$ent" = "myuser:x:424242:424242::/home:/bin/bash" ] || exit 1
+#echo "OK"
+
+echo "testing the interactive mode (3)..."
+rm -f tmp/out
+./run.exp /bin/sh myuser
+[ -f tmp/out ] && exit 1
+ent=$(getent passwd myuser)
+[ "$ent" = "myuser:x:424242:424242::/home:/bin/sh" ] || exit 1
+echo "OK"
+
+echo "testing the interactive mode (4)..."
+rm -f tmp/out
+./run.exp $(pwd)/tmp/sh:ell myuser && exit 1
+egrep "chsh: Invalid entry: .*/tmp/sh:ell" tmp/out > /dev/null
+ent=$(getent passwd myuser)
+[ "$ent" = "myuser:x:424242:424242::/home:/bin/sh" ] || exit 1
+echo "OK"
+
diff --git a/tests/chsh/01/run.exp b/tests/chsh/01/run.exp
new file mode 100755
index 0000000..4890193
--- /dev/null
+++ b/tests/chsh/01/run.exp
@@ -0,0 +1,38 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+if {$argc < 1} {
+	puts "usage: run.exp \[shell] \[user]"
+	exit 1
+}
+set shell     [lindex $argv 0]
+
+if {$argc == 2} {
+	spawn /usr/bin/chsh [lindex $argv 1]
+} else {
+	spawn /usr/bin/chsh
+}
+
+expect "Changing the login shell for myuser"
+expect "Enter the new value, or press ENTER for the default"
+expect -re "Login Shell .*\]: "
+send "$shell\r"
+expect "$shell\r\n"
+expect {
+	eof {
+		if ([string compare $expect_out(buffer) ""]) {
+			set fp [open "tmp/out" w]
+			puts $fp "$expect_out(buffer)"
+			puts "\nFAIL"
+			exit 1
+		}
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chsh/02_chsh_usage/chsh.test b/tests/chsh/02_chsh_usage/chsh.test
new file mode 100755
index 0000000..3a6e656
--- /dev/null
+++ b/tests/chsh/02_chsh_usage/chsh.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get chsh usage (chsh -h)..."
+chsh -h >tmp/usage.out
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/02_chsh_usage/config.txt b/tests/chsh/02_chsh_usage/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/02_chsh_usage/config.txt
diff --git a/tests/chsh/02_chsh_usage/config/etc/group b/tests/chsh/02_chsh_usage/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/02_chsh_usage/config/etc/group
diff --git a/tests/chsh/02_chsh_usage/config/etc/gshadow b/tests/chsh/02_chsh_usage/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/02_chsh_usage/config/etc/gshadow
diff --git a/tests/chsh/02_chsh_usage/config/etc/passwd b/tests/chsh/02_chsh_usage/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/02_chsh_usage/config/etc/passwd
diff --git a/tests/chsh/02_chsh_usage/config/etc/shadow b/tests/chsh/02_chsh_usage/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/02_chsh_usage/config/etc/shadow
diff --git a/tests/chsh/02_chsh_usage/data/usage.out b/tests/chsh/02_chsh_usage/data/usage.out
new file mode 100644
index 0000000..ef576ec
--- /dev/null
+++ b/tests/chsh/02_chsh_usage/data/usage.out
@@ -0,0 +1,7 @@
+Usage: chsh [options] [LOGIN]
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             new login shell for the user account
+
diff --git a/tests/chsh/03_chsh_usage_invalid_option/chsh.test b/tests/chsh/03_chsh_usage_invalid_option/chsh.test
new file mode 100755
index 0000000..4552cc3
--- /dev/null
+++ b/tests/chsh/03_chsh_usage_invalid_option/chsh.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh displays its usage message is case of invalid option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use wrong chsh option (chsh -Z)..."
+chsh -Z 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/03_chsh_usage_invalid_option/config.txt b/tests/chsh/03_chsh_usage_invalid_option/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/03_chsh_usage_invalid_option/config.txt
diff --git a/tests/chsh/03_chsh_usage_invalid_option/config/etc/group b/tests/chsh/03_chsh_usage_invalid_option/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/03_chsh_usage_invalid_option/config/etc/group
diff --git a/tests/chsh/03_chsh_usage_invalid_option/config/etc/gshadow b/tests/chsh/03_chsh_usage_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/03_chsh_usage_invalid_option/config/etc/gshadow
diff --git a/tests/chsh/03_chsh_usage_invalid_option/config/etc/passwd b/tests/chsh/03_chsh_usage_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/03_chsh_usage_invalid_option/config/etc/passwd
diff --git a/tests/chsh/03_chsh_usage_invalid_option/config/etc/shadow b/tests/chsh/03_chsh_usage_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/03_chsh_usage_invalid_option/config/etc/shadow
diff --git a/tests/chsh/03_chsh_usage_invalid_option/data/usage.out b/tests/chsh/03_chsh_usage_invalid_option/data/usage.out
new file mode 100644
index 0000000..e930bab
--- /dev/null
+++ b/tests/chsh/03_chsh_usage_invalid_option/data/usage.out
@@ -0,0 +1,8 @@
+chsh: invalid option -- 'Z'
+Usage: chsh [options] [LOGIN]
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             new login shell for the user account
+
diff --git a/tests/chsh/04_chsh_usage_2_users/chsh.test b/tests/chsh/04_chsh_usage_2_users/chsh.test
new file mode 100755
index 0000000..ef1c181
--- /dev/null
+++ b/tests/chsh/04_chsh_usage_2_users/chsh.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh displays its usage message is case multiple users are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use chsh with 2 users (chsh -s /bin/sh root bin)..."
+chsh -s /bin/sh root bin 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/04_chsh_usage_2_users/config.txt b/tests/chsh/04_chsh_usage_2_users/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/04_chsh_usage_2_users/config.txt
diff --git a/tests/chsh/04_chsh_usage_2_users/config/etc/group b/tests/chsh/04_chsh_usage_2_users/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/04_chsh_usage_2_users/config/etc/group
diff --git a/tests/chsh/04_chsh_usage_2_users/config/etc/gshadow b/tests/chsh/04_chsh_usage_2_users/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/04_chsh_usage_2_users/config/etc/gshadow
diff --git a/tests/chsh/04_chsh_usage_2_users/config/etc/passwd b/tests/chsh/04_chsh_usage_2_users/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/04_chsh_usage_2_users/config/etc/passwd
diff --git a/tests/chsh/04_chsh_usage_2_users/config/etc/shadow b/tests/chsh/04_chsh_usage_2_users/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/04_chsh_usage_2_users/config/etc/shadow
diff --git a/tests/chsh/04_chsh_usage_2_users/data/usage.out b/tests/chsh/04_chsh_usage_2_users/data/usage.out
new file mode 100644
index 0000000..ef576ec
--- /dev/null
+++ b/tests/chsh/04_chsh_usage_2_users/data/usage.out
@@ -0,0 +1,7 @@
+Usage: chsh [options] [LOGIN]
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             new login shell for the user account
+
diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/chsh.test b/tests/chsh/05_chsh_myuser_restricted_shell/chsh.test
new file mode 100755
index 0000000..4844266
--- /dev/null
+++ b/tests/chsh/05_chsh_myuser_restricted_shell/chsh.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+chmod a+w tmp
+
+echo -n "execute chsh..."
+su myuser -c "./run.exp /bin/sh"
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config.txt b/tests/chsh/05_chsh_myuser_restricted_shell/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/05_chsh_myuser_restricted_shell/config.txt
diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/group b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/gshadow b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/passwd b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/passwd
new file mode 100644
index 0000000..37b0467
--- /dev/null
+++ b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shadow b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shells b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shells
new file mode 100644
index 0000000..16e922a
--- /dev/null
+++ b/tests/chsh/05_chsh_myuser_restricted_shell/config/etc/shells
@@ -0,0 +1,15 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+#/bin/zsh
+/usr/bin/esh
+/bin/rbash
diff --git a/tests/chsh/05_chsh_myuser_restricted_shell/run.exp b/tests/chsh/05_chsh_myuser_restricted_shell/run.exp
new file mode 100755
index 0000000..1abf085
--- /dev/null
+++ b/tests/chsh/05_chsh_myuser_restricted_shell/run.exp
@@ -0,0 +1,34 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+if {$argc < 1} {
+	puts "usage: run.exp \[shell] \[user]"
+	exit 1
+}
+set shell     [lindex $argv 0]
+
+if {$argc == 2} {
+	spawn /usr/bin/chsh [lindex $argv 1]
+} else {
+	spawn /usr/bin/chsh
+}
+
+expect "You may not change the shell for 'myuser'.\r\n"
+expect {
+	eof {
+		if ([string compare $expect_out(buffer) ""]) {
+			set fp [open "tmp/out" w]
+			puts $fp "$expect_out(buffer)"
+			puts "\nFAIL"
+			exit 1
+		}
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/chsh.test b/tests/chsh/06_chsh_myuser_non_restricted_shell/chsh.test
new file mode 100755
index 0000000..d8d88ac
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/chsh.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+chmod a+w tmp
+
+echo -n "execute chsh..."
+su myuser -c "./run.exp /bin/sh"
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config.txt b/tests/chsh/06_chsh_myuser_non_restricted_shell/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config.txt
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/group b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/gshadow b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/passwd b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/passwd
new file mode 100644
index 0000000..37b0467
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shadow b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shells b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shells
new file mode 100644
index 0000000..d52a3bf
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/config/etc/shells
@@ -0,0 +1,16 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+#/bin/zsh
+/usr/bin/esh
+/bin/bash
+/bin/rbash
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/data/passwd b/tests/chsh/06_chsh_myuser_non_restricted_shell/data/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/06_chsh_myuser_non_restricted_shell/run.exp b/tests/chsh/06_chsh_myuser_non_restricted_shell/run.exp
new file mode 100755
index 0000000..0c0e023
--- /dev/null
+++ b/tests/chsh/06_chsh_myuser_non_restricted_shell/run.exp
@@ -0,0 +1,40 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+if {$argc < 1} {
+	puts "usage: run.exp \[shell] \[user]"
+	exit 1
+}
+set shell     [lindex $argv 0]
+
+if {$argc == 2} {
+	spawn /usr/bin/chsh [lindex $argv 1]
+} else {
+	spawn /usr/bin/chsh
+}
+
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "Changing the login shell for myuser"
+expect "Enter the new value, or press ENTER for the default"
+expect -re "Login Shell .*\]: "
+send "$shell\r"
+expect "$shell\r\n"
+expect {
+	eof {
+		if ([string compare $expect_out(buffer) ""]) {
+			set fp [open "tmp/out" w]
+			puts $fp "$expect_out(buffer)"
+			puts "\nFAIL"
+			exit 1
+		}
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chsh/07_chsh_usage_invalid_user/chsh.test b/tests/chsh/07_chsh_usage_invalid_user/chsh.test
new file mode 100755
index 0000000..5d76de2
--- /dev/null
+++ b/tests/chsh/07_chsh_usage_invalid_user/chsh.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh checks that the user exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use chsh for an invalid user (chsh wronguser)..."
+chsh wronguser 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/07_chsh_usage_invalid_user/config.txt b/tests/chsh/07_chsh_usage_invalid_user/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/07_chsh_usage_invalid_user/config.txt
diff --git a/tests/chsh/07_chsh_usage_invalid_user/config/etc/group b/tests/chsh/07_chsh_usage_invalid_user/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/07_chsh_usage_invalid_user/config/etc/group
diff --git a/tests/chsh/07_chsh_usage_invalid_user/config/etc/gshadow b/tests/chsh/07_chsh_usage_invalid_user/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/07_chsh_usage_invalid_user/config/etc/gshadow
diff --git a/tests/chsh/07_chsh_usage_invalid_user/config/etc/passwd b/tests/chsh/07_chsh_usage_invalid_user/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/07_chsh_usage_invalid_user/config/etc/passwd
diff --git a/tests/chsh/07_chsh_usage_invalid_user/config/etc/shadow b/tests/chsh/07_chsh_usage_invalid_user/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/07_chsh_usage_invalid_user/config/etc/shadow
diff --git a/tests/chsh/07_chsh_usage_invalid_user/data/usage.out b/tests/chsh/07_chsh_usage_invalid_user/data/usage.out
new file mode 100644
index 0000000..f57326c
--- /dev/null
+++ b/tests/chsh/07_chsh_usage_invalid_user/data/usage.out
@@ -0,0 +1 @@
+chsh: user 'wronguser' does not exist
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/chsh.test b/tests/chsh/08_chsh_myuser_to_restricted_shell/chsh.test
new file mode 100755
index 0000000..611d1a6
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/chsh.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+chmod a+w tmp
+
+echo -n "execute chsh..."
+su myuser -c "./run.exp /bin/bash"
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config.txt b/tests/chsh/08_chsh_myuser_to_restricted_shell/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config.txt
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/group b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/gshadow b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/passwd b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shadow b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shells b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shells
new file mode 100644
index 0000000..16e922a
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/config/etc/shells
@@ -0,0 +1,15 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+#/bin/zsh
+/usr/bin/esh
+/bin/rbash
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/data/passwd b/tests/chsh/08_chsh_myuser_to_restricted_shell/data/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/08_chsh_myuser_to_restricted_shell/run.exp b/tests/chsh/08_chsh_myuser_to_restricted_shell/run.exp
new file mode 100755
index 0000000..b1bd8d6
--- /dev/null
+++ b/tests/chsh/08_chsh_myuser_to_restricted_shell/run.exp
@@ -0,0 +1,41 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+if {$argc < 1} {
+	puts "usage: run.exp \[shell] \[user]"
+	exit 1
+}
+set shell     [lindex $argv 0]
+
+if {$argc == 2} {
+	spawn /usr/bin/chsh [lindex $argv 1]
+} else {
+	spawn /usr/bin/chsh
+}
+
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "Changing the login shell for myuser"
+expect "Enter the new value, or press ENTER for the default"
+expect -re "Login Shell .*\]: "
+send "$shell\r"
+expect "$shell\r\n"
+expect "chsh: $shell is an invalid shell\r\n"
+expect {
+	eof {
+		if ([string compare $expect_out(buffer) ""]) {
+			set fp [open "tmp/out" w]
+			puts $fp "$expect_out(buffer)"
+			puts "\nFAIL"
+			exit 1
+		}
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/chsh.test b/tests/chsh/09_chsh_myuser_to_missing_shell/chsh.test
new file mode 100755
index 0000000..6248780
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/chsh.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+chmod a+w tmp
+
+echo /tmp/bash >> /etc/shells
+echo -n "execute chsh..."
+su myuser -c "./run.exp /tmp/bash"
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config.txt b/tests/chsh/09_chsh_myuser_to_missing_shell/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config.txt
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/group b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/gshadow b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/passwd b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shadow b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shells b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shells
new file mode 100644
index 0000000..16e922a
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/config/etc/shells
@@ -0,0 +1,15 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+#/bin/zsh
+/usr/bin/esh
+/bin/rbash
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/data/passwd b/tests/chsh/09_chsh_myuser_to_missing_shell/data/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/09_chsh_myuser_to_missing_shell/run.exp b/tests/chsh/09_chsh_myuser_to_missing_shell/run.exp
new file mode 100755
index 0000000..b1bd8d6
--- /dev/null
+++ b/tests/chsh/09_chsh_myuser_to_missing_shell/run.exp
@@ -0,0 +1,41 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+if {$argc < 1} {
+	puts "usage: run.exp \[shell] \[user]"
+	exit 1
+}
+set shell     [lindex $argv 0]
+
+if {$argc == 2} {
+	spawn /usr/bin/chsh [lindex $argv 1]
+} else {
+	spawn /usr/bin/chsh
+}
+
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "Changing the login shell for myuser"
+expect "Enter the new value, or press ENTER for the default"
+expect -re "Login Shell .*\]: "
+send "$shell\r"
+expect "$shell\r\n"
+expect "chsh: $shell is an invalid shell\r\n"
+expect {
+	eof {
+		if ([string compare $expect_out(buffer) ""]) {
+			set fp [open "tmp/out" w]
+			puts $fp "$expect_out(buffer)"
+			puts "\nFAIL"
+			exit 1
+		}
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/chsh.test b/tests/chsh/10_chsh_myuser_to_non_executable_shell/chsh.test
new file mode 100755
index 0000000..7dd4642
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/chsh.test
@@ -0,0 +1,46 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /tmp/bash' 0
+
+change_config
+
+chmod a+w tmp
+
+echo /tmp/bash >> /etc/shells
+cp /bin/bash /tmp/bash
+chmod a-x /tmp/bash
+
+echo -n "execute chsh..."
+su myuser -c "./run.exp /tmp/bash"
+echo "OK"
+rm -f /tmp/bash
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config.txt b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config.txt
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/group b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/gshadow b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/passwd b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shadow b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shells b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shells
new file mode 100644
index 0000000..16e922a
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/config/etc/shells
@@ -0,0 +1,15 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+#/bin/zsh
+/usr/bin/esh
+/bin/rbash
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/data/passwd b/tests/chsh/10_chsh_myuser_to_non_executable_shell/data/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/10_chsh_myuser_to_non_executable_shell/run.exp b/tests/chsh/10_chsh_myuser_to_non_executable_shell/run.exp
new file mode 100755
index 0000000..b1bd8d6
--- /dev/null
+++ b/tests/chsh/10_chsh_myuser_to_non_executable_shell/run.exp
@@ -0,0 +1,41 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+if {$argc < 1} {
+	puts "usage: run.exp \[shell] \[user]"
+	exit 1
+}
+set shell     [lindex $argv 0]
+
+if {$argc == 2} {
+	spawn /usr/bin/chsh [lindex $argv 1]
+} else {
+	spawn /usr/bin/chsh
+}
+
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "Changing the login shell for myuser"
+expect "Enter the new value, or press ENTER for the default"
+expect -re "Login Shell .*\]: "
+send "$shell\r"
+expect "$shell\r\n"
+expect "chsh: $shell is an invalid shell\r\n"
+expect {
+	eof {
+		if ([string compare $expect_out(buffer) ""]) {
+			set fp [open "tmp/out" w]
+			puts $fp "$expect_out(buffer)"
+			puts "\nFAIL"
+			exit 1
+		}
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chsh/11_chsh_auth_failure/chsh.test b/tests/chsh/11_chsh_auth_failure/chsh.test
new file mode 100755
index 0000000..dda9bc6
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/chsh.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh checks password for non root"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+chmod a+w tmp
+
+echo -n "execute chsh..."
+su myuser -c "./run.exp /bin/bash"
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/11_chsh_auth_failure/config.txt b/tests/chsh/11_chsh_auth_failure/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/config.txt
diff --git a/tests/chsh/11_chsh_auth_failure/config/etc/group b/tests/chsh/11_chsh_auth_failure/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/11_chsh_auth_failure/config/etc/gshadow b/tests/chsh/11_chsh_auth_failure/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/11_chsh_auth_failure/config/etc/passwd b/tests/chsh/11_chsh_auth_failure/config/etc/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/11_chsh_auth_failure/config/etc/shadow b/tests/chsh/11_chsh_auth_failure/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/11_chsh_auth_failure/config/etc/shells b/tests/chsh/11_chsh_auth_failure/config/etc/shells
new file mode 100644
index 0000000..16e922a
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/config/etc/shells
@@ -0,0 +1,15 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+#/bin/zsh
+/usr/bin/esh
+/bin/rbash
diff --git a/tests/chsh/11_chsh_auth_failure/data/passwd b/tests/chsh/11_chsh_auth_failure/data/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/11_chsh_auth_failure/run.exp b/tests/chsh/11_chsh_auth_failure/run.exp
new file mode 100755
index 0000000..67e3455
--- /dev/null
+++ b/tests/chsh/11_chsh_auth_failure/run.exp
@@ -0,0 +1,36 @@
+#!/usr/bin/expect
+
+set timeout 5
+
+if {$argc < 1} {
+	puts "usage: run.exp \[shell] \[user]"
+	exit 1
+}
+set shell     [lindex $argv 0]
+
+if {$argc == 2} {
+	spawn /usr/bin/chsh [lindex $argv 1]
+} else {
+	spawn /usr/bin/chsh
+}
+
+expect "Password: "
+send "wrong pass\r"
+expect "chsh: PAM: Authentication failure\r\n"
+expect {
+	eof {
+		if ([string compare $expect_out(buffer) ""]) {
+			set fp [open "tmp/out" w]
+			puts $fp "$expect_out(buffer)"
+			puts "\nFAIL"
+			exit 1
+		}
+	} default {
+		puts "\nFAIL"
+		exit 1
+	}
+}
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/chsh/12_chsh_warning_missing_shell/chsh.test b/tests/chsh/12_chsh_warning_missing_shell/chsh.test
new file mode 100755
index 0000000..de12b13
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/chsh.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change shell to a missing shell (chsh -s /tmp/bash bin)..."
+chsh -s /tmp/bash bin 2>tmp/chsh.err
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/chsh.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/chsh.err tmp/chsh.err
+echo "usage message OK."
+rm -f tmp/chsh.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/12_chsh_warning_missing_shell/config.txt b/tests/chsh/12_chsh_warning_missing_shell/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/config.txt
diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/group b/tests/chsh/12_chsh_warning_missing_shell/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/gshadow b/tests/chsh/12_chsh_warning_missing_shell/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/pam.d/chsh b/tests/chsh/12_chsh_warning_missing_shell/config/etc/pam.d/chsh
new file mode 100644
index 0000000..7eb604d
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/pam.d/chsh
@@ -0,0 +1,20 @@
+#
+# The PAM configuration file for the Shadow `chsh' service
+#
+
+# This will not allow a user to change their shell unless
+# their current one is listed in /etc/shells. This keeps
+# accounts with special shells from changing them.
+auth       required   pam_shells.so
+
+# This allows root to change user shell without being
+# prompted for a password
+auth		sufficient	pam_rootok.so
+
+# The standard Unix authentication modules, used with
+# NIS (man nsswitch) as well as normal /etc/passwd and
+# /etc/shadow entries.
+@include common-auth
+@include common-account
+@include common-session
+
diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/passwd b/tests/chsh/12_chsh_warning_missing_shell/config/etc/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/shadow b/tests/chsh/12_chsh_warning_missing_shell/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/12_chsh_warning_missing_shell/config/etc/shells b/tests/chsh/12_chsh_warning_missing_shell/config/etc/shells
new file mode 100644
index 0000000..4fd4378
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/config/etc/shells
@@ -0,0 +1,16 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+/bin/zsh
+/usr/bin/esh
+/bin/bash
+/bin/rbash
diff --git a/tests/chsh/12_chsh_warning_missing_shell/data/chsh.err b/tests/chsh/12_chsh_warning_missing_shell/data/chsh.err
new file mode 100644
index 0000000..7801a16
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/data/chsh.err
@@ -0,0 +1 @@
+chsh: Warning: /tmp/bash does not exist
diff --git a/tests/chsh/12_chsh_warning_missing_shell/data/passwd b/tests/chsh/12_chsh_warning_missing_shell/data/passwd
new file mode 100644
index 0000000..7e745d9
--- /dev/null
+++ b/tests/chsh/12_chsh_warning_missing_shell/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/tmp/bash
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/13_chsh_warning_non_executable/chsh.test b/tests/chsh/13_chsh_warning_non_executable/chsh.test
new file mode 100755
index 0000000..c98bad7
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/chsh.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /tmp/bash' 0
+
+change_config
+
+cp /bin/bash /tmp/bash
+chmod a-x /tmp/bash
+
+echo -n "Change shell to a missing shell (chsh -s /tmp/bash bin)..."
+chsh -s /tmp/bash bin 2>tmp/chsh.err
+echo "OK"
+rm -f /tmp/bash
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/chsh.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/chsh.err tmp/chsh.err
+echo "usage message OK."
+rm -f tmp/chsh.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/13_chsh_warning_non_executable/config.txt b/tests/chsh/13_chsh_warning_non_executable/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/config.txt
diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/group b/tests/chsh/13_chsh_warning_non_executable/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/gshadow b/tests/chsh/13_chsh_warning_non_executable/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/pam.d/chsh b/tests/chsh/13_chsh_warning_non_executable/config/etc/pam.d/chsh
new file mode 100644
index 0000000..7eb604d
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/pam.d/chsh
@@ -0,0 +1,20 @@
+#
+# The PAM configuration file for the Shadow `chsh' service
+#
+
+# This will not allow a user to change their shell unless
+# their current one is listed in /etc/shells. This keeps
+# accounts with special shells from changing them.
+auth       required   pam_shells.so
+
+# This allows root to change user shell without being
+# prompted for a password
+auth		sufficient	pam_rootok.so
+
+# The standard Unix authentication modules, used with
+# NIS (man nsswitch) as well as normal /etc/passwd and
+# /etc/shadow entries.
+@include common-auth
+@include common-account
+@include common-session
+
diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/passwd b/tests/chsh/13_chsh_warning_non_executable/config/etc/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/shadow b/tests/chsh/13_chsh_warning_non_executable/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/chsh/13_chsh_warning_non_executable/config/etc/shells b/tests/chsh/13_chsh_warning_non_executable/config/etc/shells
new file mode 100644
index 0000000..4fd4378
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/config/etc/shells
@@ -0,0 +1,16 @@
+# /etc/shells: valid login shells
+/bin/ash
+/bin/csh
+/bin/sh
+/usr/bin/es
+/usr/bin/ksh
+/bin/ksh
+/usr/bin/rc
+/usr/bin/tcsh
+/bin/tcsh
+/usr/bin/zsh
+/bin/sash
+/bin/zsh
+/usr/bin/esh
+/bin/bash
+/bin/rbash
diff --git a/tests/chsh/13_chsh_warning_non_executable/data/chsh.err b/tests/chsh/13_chsh_warning_non_executable/data/chsh.err
new file mode 100644
index 0000000..4a87ec2
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/data/chsh.err
@@ -0,0 +1 @@
+chsh: Warning: /tmp/bash is not executable
diff --git a/tests/chsh/13_chsh_warning_non_executable/data/passwd b/tests/chsh/13_chsh_warning_non_executable/data/passwd
new file mode 100644
index 0000000..7e745d9
--- /dev/null
+++ b/tests/chsh/13_chsh_warning_non_executable/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/tmp/bash
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/chsh/14_chsh_locked_passwd/chsh.test b/tests/chsh/14_chsh_locked_passwd/chsh.test
new file mode 100755
index 0000000..c41e1eb
--- /dev/null
+++ b/tests/chsh/14_chsh_locked_passwd/chsh.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh warns when passwd is already locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Change shell (chsh -s /bin/bash bin)..."
+chsh -s /bin/bash bin 2>tmp/chsh.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/chsh.err
+echo "======================================================================="
+echo -n "Check the error message..."
+diff -au data/chsh.err tmp/chsh.err
+echo "error message OK."
+rm -f tmp/chsh.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/14_chsh_locked_passwd/config.txt b/tests/chsh/14_chsh_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/14_chsh_locked_passwd/config.txt
diff --git a/tests/chsh/14_chsh_locked_passwd/config/etc/group b/tests/chsh/14_chsh_locked_passwd/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/14_chsh_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/14_chsh_locked_passwd/config/etc/gshadow b/tests/chsh/14_chsh_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/14_chsh_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/14_chsh_locked_passwd/config/etc/passwd b/tests/chsh/14_chsh_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chsh/14_chsh_locked_passwd/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chsh/14_chsh_locked_passwd/config/etc/shadow b/tests/chsh/14_chsh_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chsh/14_chsh_locked_passwd/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chsh/14_chsh_locked_passwd/data/chsh.err b/tests/chsh/14_chsh_locked_passwd/data/chsh.err
new file mode 100644
index 0000000..c5ebce9
--- /dev/null
+++ b/tests/chsh/14_chsh_locked_passwd/data/chsh.err
@@ -0,0 +1,2 @@
+chsh: existing lock file /etc/passwd.lock without a PID
+chsh: cannot lock /etc/passwd; try again later.
diff --git a/tests/chsh/15_chsh_PAM_error/chsh.test b/tests/chsh/15_chsh_PAM_error/chsh.test
new file mode 100755
index 0000000..c900e0c
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/chsh.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "chsh warns when the chsh PAM configuration is invalid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the PAM configuration (/etc/pam.d/chsh /etc/pam.d/other)..."
+rm -f /etc/pam.d/chsh /etc/pam.d/other
+echo OK
+
+echo -n "Change shell (chsh -s /bin/bash bin)..."
+chsh -s /bin/bash bin 2>tmp/chsh.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/chsh.err
+echo "======================================================================="
+echo -n "Check the error message..."
+diff -au data/chsh.err tmp/chsh.err
+echo "error message OK."
+rm -f tmp/chsh.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/chsh/15_chsh_PAM_error/config.txt b/tests/chsh/15_chsh_PAM_error/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/config.txt
diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/group b/tests/chsh/15_chsh_PAM_error/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/gshadow b/tests/chsh/15_chsh_PAM_error/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/chsh b/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/chsh
new file mode 100644
index 0000000..9152969
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/chsh
@@ -0,0 +1 @@
+This file will be removed
diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/other b/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/other
new file mode 100644
index 0000000..9152969
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/config/etc/pam.d/other
@@ -0,0 +1 @@
+This file will be removed
diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/passwd b/tests/chsh/15_chsh_PAM_error/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/chsh/15_chsh_PAM_error/config/etc/shadow b/tests/chsh/15_chsh_PAM_error/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/chsh/15_chsh_PAM_error/data/chsh.err b/tests/chsh/15_chsh_PAM_error/data/chsh.err
new file mode 100644
index 0000000..5c039d5
--- /dev/null
+++ b/tests/chsh/15_chsh_PAM_error/data/chsh.err
@@ -0,0 +1 @@
+chsh: PAM: Critical error - immediate abort
diff --git a/tests/cktools/01/data/group b/tests/cktools/01/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/01/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/01/data/gshadow b/tests/cktools/01/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/01/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/01/data/passwd b/tests/cktools/01/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/cktools/01/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/cktools/01/data/run2.err b/tests/cktools/01/data/run2.err
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cktools/01/data/run2.err
diff --git a/tests/cktools/01/data/run2.out b/tests/cktools/01/data/run2.out
new file mode 100644
index 0000000..00df312
--- /dev/null
+++ b/tests/cktools/01/data/run2.out
@@ -0,0 +1,13 @@
+user 'lp': directory '/var/spool/lpd' does not exist
+user 'news': directory '/var/spool/news' does not exist
+user 'uucp': directory '/var/spool/uucp' does not exist
+user 'www-data': directory '/var/www' does not exist
+user 'list': directory '/var/list' does not exist
+user 'irc': directory '/var/run/ircd' does not exist
+user 'gnats': directory '/var/lib/gnats' does not exist
+user 'nobody': directory '/nonexistent' does not exist
+user 'Debian-exim': directory '/var/spool/exim4' does not exist
+user 'test': no group 10002
+no matching password file entry in /etc/shadow
+add user 'test' in /etc/shadow? No
+pwck: no changes
diff --git a/tests/cktools/01/data/shadow b/tests/cktools/01/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/cktools/01/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cktools/01/run1 b/tests/cktools/01/run1
new file mode 100755
index 0000000..04aa793
--- /dev/null
+++ b/tests/cktools/01/run1
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test that useradd can add an user and userdel removes it.
+
+save()
+{
+	[ ! -d tmp ] && mkdir tmp
+	for i in passwd group shadow gshadow
+	do
+		[ -f /etc/$i  ] && cp /etc/$i  tmp/$i
+	done
+
+	true
+}
+
+restore()
+{
+	for i in passwd group shadow gshadow
+	do
+		[ -f tmp/$i  ] && cp tmp/$i  /etc/$i  && rm tmp/$i
+	done
+	rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'restore' 0
+
+for i in passwd group shadow gshadow
+do
+	cp data/$i /etc
+done
+
+lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ")
+lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ")
+lines_group=$(wc -l /etc/group | cut -f1 -d" ")
+lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ")
+
+echo "pwck accepts valid password file "
+msg=$(pwck -r | grep -v "^user .*: directory .* does not exist$")
+echo msg: $msg
+test "$msg" = "pwck: no changes"
+echo "  OK"
+echo "grpck accepts valid password file "
+msg=$(grpck -r)
+test "$msg" = ""
+echo "  OK"
+
diff --git a/tests/cktools/01/run2 b/tests/cktools/01/run2
new file mode 100755
index 0000000..df1e277
--- /dev/null
+++ b/tests/cktools/01/run2
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test that useradd can add an user and userdel removes it.
+
+save()
+{
+	[ ! -d tmp ] && mkdir tmp
+	for i in passwd group shadow gshadow
+	do
+		[ -f /etc/$i  ] && cp /etc/$i  tmp/$i
+	done
+
+	true
+}
+
+restore()
+{
+	rm -f tmp/err tmp/out
+	for i in passwd group shadow gshadow
+	do
+		[ -f tmp/$i  ] && cp tmp/$i  /etc/$i  && rm tmp/$i
+	done
+	rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'restore' 0
+
+for i in passwd group shadow gshadow
+do
+	cp data/$i /etc
+done
+
+lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ")
+lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ")
+lines_group=$(wc -l /etc/group | cut -f1 -d" ")
+lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ")
+
+echo -n "Add an user without an entry in shadow "
+echo "test:x:10002:10002::/tmp:/bin/false" >> /etc/passwd
+echo "OK"
+
+echo "Check that pwck detects it "
+pwck -r > tmp/out 2> tmp/err || true
+diff -au data/run2.out tmp/out
+diff -au data/run2.err tmp/err
+echo "  OK"
+echo "grpck accepts valid password file "
+msg=$(grpck -r)
+test "$msg" = ""
+echo "  OK"
+
+#echo -n "Make sure pwck can fix it "
+#pwcd
+#echo "OK"
diff --git a/tests/cktools/02_pwck_sort/config.txt b/tests/cktools/02_pwck_sort/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/02_pwck_sort/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/02_pwck_sort/config/etc/group b/tests/cktools/02_pwck_sort/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/cktools/02_pwck_sort/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/02_pwck_sort/config/etc/gshadow b/tests/cktools/02_pwck_sort/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/02_pwck_sort/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/02_pwck_sort/config/etc/passwd b/tests/cktools/02_pwck_sort/config/etc/passwd
new file mode 100644
index 0000000..e69a810
--- /dev/null
+++ b/tests/cktools/02_pwck_sort/config/etc/passwd
@@ -0,0 +1,20 @@
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+root:x:0:0:root:/root:/bin/bash
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+games:x:5:60:games:/usr/games:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/02_pwck_sort/config/etc/shadow b/tests/cktools/02_pwck_sort/config/etc/shadow
new file mode 100644
index 0000000..42cf133
--- /dev/null
+++ b/tests/cktools/02_pwck_sort/config/etc/shadow
@@ -0,0 +1,20 @@
+daemon:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/02_pwck_sort/data/passwd b/tests/cktools/02_pwck_sort/data/passwd
new file mode 100644
index 0000000..5b45b52
--- /dev/null
+++ b/tests/cktools/02_pwck_sort/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
diff --git a/tests/cktools/02_pwck_sort/data/shadow b/tests/cktools/02_pwck_sort/data/shadow
new file mode 100644
index 0000000..8033f27
--- /dev/null
+++ b/tests/cktools/02_pwck_sort/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
diff --git a/tests/cktools/02_pwck_sort/pwck.test b/tests/cktools/02_pwck_sort/pwck.test
new file mode 100755
index 0000000..9d6afb1
--- /dev/null
+++ b/tests/cktools/02_pwck_sort/pwck.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwck can sort the passwd entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort the passwd entries (pwck -s)..."
+pwck -s
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/03_grpck_sort/config.txt b/tests/cktools/03_grpck_sort/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/03_grpck_sort/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/03_grpck_sort/config/etc/group b/tests/cktools/03_grpck_sort/config/etc/group
new file mode 100644
index 0000000..afbb01e
--- /dev/null
+++ b/tests/cktools/03_grpck_sort/config/etc/group
@@ -0,0 +1,42 @@
+daemon:x:1:
+bin:x:2:
+kmem:x:15:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+root:x:0:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+shadow:x:42:
+gnats:x:41:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/03_grpck_sort/config/etc/gshadow b/tests/cktools/03_grpck_sort/config/etc/gshadow
new file mode 100644
index 0000000..8182ad7
--- /dev/null
+++ b/tests/cktools/03_grpck_sort/config/etc/gshadow
@@ -0,0 +1,42 @@
+daemon:*::
+bin:*::
+kmem:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+root:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+shadow:*::
+gnats:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/03_grpck_sort/config/etc/passwd b/tests/cktools/03_grpck_sort/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/03_grpck_sort/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/03_grpck_sort/config/etc/shadow b/tests/cktools/03_grpck_sort/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/03_grpck_sort/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/03_grpck_sort/data/group b/tests/cktools/03_grpck_sort/data/group
new file mode 100644
index 0000000..1265953
--- /dev/null
+++ b/tests/cktools/03_grpck_sort/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+nogroup:x:65534:
diff --git a/tests/cktools/03_grpck_sort/data/gshadow b/tests/cktools/03_grpck_sort/data/gshadow
new file mode 100644
index 0000000..f2209e3
--- /dev/null
+++ b/tests/cktools/03_grpck_sort/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+nogroup:*::
diff --git a/tests/cktools/03_grpck_sort/grpck.test b/tests/cktools/03_grpck_sort/grpck.test
new file mode 100755
index 0000000..75e62cf
--- /dev/null
+++ b/tests/cktools/03_grpck_sort/grpck.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpck can sort the group entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort the group entries (grpck -s)..."
+grpck -s
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/config.txt b/tests/cktools/04_pwck_sort_missing_shadow_user/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/04_pwck_sort_missing_shadow_user/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/group b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/gshadow b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/passwd b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/passwd
new file mode 100644
index 0000000..e69a810
--- /dev/null
+++ b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/passwd
@@ -0,0 +1,20 @@
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+root:x:0:0:root:/root:/bin/bash
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+games:x:5:60:games:/usr/games:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/shadow b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/shadow
new file mode 100644
index 0000000..64573fa
--- /dev/null
+++ b/tests/cktools/04_pwck_sort_missing_shadow_user/config/etc/shadow
@@ -0,0 +1,19 @@
+daemon:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/data/passwd b/tests/cktools/04_pwck_sort_missing_shadow_user/data/passwd
new file mode 100644
index 0000000..5b45b52
--- /dev/null
+++ b/tests/cktools/04_pwck_sort_missing_shadow_user/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/data/shadow b/tests/cktools/04_pwck_sort_missing_shadow_user/data/shadow
new file mode 100644
index 0000000..f1e4d80
--- /dev/null
+++ b/tests/cktools/04_pwck_sort_missing_shadow_user/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
diff --git a/tests/cktools/04_pwck_sort_missing_shadow_user/pwck.test b/tests/cktools/04_pwck_sort_missing_shadow_user/pwck.test
new file mode 100755
index 0000000..9d6afb1
--- /dev/null
+++ b/tests/cktools/04_pwck_sort_missing_shadow_user/pwck.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwck can sort the passwd entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort the passwd entries (pwck -s)..."
+pwck -s
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/config.txt b/tests/cktools/05_grpck_sort_missing_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/05_grpck_sort_missing_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/group b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/group
new file mode 100644
index 0000000..afbb01e
--- /dev/null
+++ b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+daemon:x:1:
+bin:x:2:
+kmem:x:15:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+root:x:0:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+shadow:x:42:
+gnats:x:41:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/gshadow b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..695bf8f
--- /dev/null
+++ b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+daemon:*::
+bin:*::
+kmem:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+root:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+shadow:*::
+gnats:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+foo:*::
diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/passwd b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/shadow b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/05_grpck_sort_missing_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/data/group b/tests/cktools/05_grpck_sort_missing_shadow_group/data/group
new file mode 100644
index 0000000..1265953
--- /dev/null
+++ b/tests/cktools/05_grpck_sort_missing_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+nogroup:x:65534:
diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/data/gshadow b/tests/cktools/05_grpck_sort_missing_shadow_group/data/gshadow
new file mode 100644
index 0000000..7dcb3e5
--- /dev/null
+++ b/tests/cktools/05_grpck_sort_missing_shadow_group/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+foo:*::
+nogroup:*::
diff --git a/tests/cktools/05_grpck_sort_missing_shadow_group/grpck.test b/tests/cktools/05_grpck_sort_missing_shadow_group/grpck.test
new file mode 100755
index 0000000..75e62cf
--- /dev/null
+++ b/tests/cktools/05_grpck_sort_missing_shadow_group/grpck.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpck can sort the group entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort the group entries (grpck -s)..."
+grpck -s
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/06_pwck_sort_NIS_server/config.txt b/tests/cktools/06_pwck_sort_NIS_server/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/06_pwck_sort_NIS_server/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/06_pwck_sort_NIS_server/config/etc/group b/tests/cktools/06_pwck_sort_NIS_server/config/etc/group
new file mode 100644
index 0000000..18eb6c2
--- /dev/null
+++ b/tests/cktools/06_pwck_sort_NIS_server/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
++:::
diff --git a/tests/cktools/06_pwck_sort_NIS_server/config/etc/gshadow b/tests/cktools/06_pwck_sort_NIS_server/config/etc/gshadow
new file mode 100644
index 0000000..7a7ef3a
--- /dev/null
+++ b/tests/cktools/06_pwck_sort_NIS_server/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
++:::
diff --git a/tests/cktools/06_pwck_sort_NIS_server/config/etc/passwd b/tests/cktools/06_pwck_sort_NIS_server/config/etc/passwd
new file mode 100644
index 0000000..365af62
--- /dev/null
+++ b/tests/cktools/06_pwck_sort_NIS_server/config/etc/passwd
@@ -0,0 +1,24 @@
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+root:x:0:0:root:/root:/bin/bash
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+games:x:5:60:games:/usr/games:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
++miquels::::::
++:*:::::/etc/NoShell
+tester:*:299:10:Just a test account:/tmp:
+miquels:1234567890123:101:10:Miquel van Smoorenburg:/home/miquels:/bin/zsh
diff --git a/tests/cktools/06_pwck_sort_NIS_server/config/etc/shadow b/tests/cktools/06_pwck_sort_NIS_server/config/etc/shadow
new file mode 100644
index 0000000..5a24e78
--- /dev/null
+++ b/tests/cktools/06_pwck_sort_NIS_server/config/etc/shadow
@@ -0,0 +1,21 @@
+daemon:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
++::::::::
diff --git a/tests/cktools/06_pwck_sort_NIS_server/data/passwd b/tests/cktools/06_pwck_sort_NIS_server/data/passwd
new file mode 100644
index 0000000..c12f8a9
--- /dev/null
+++ b/tests/cktools/06_pwck_sort_NIS_server/data/passwd
@@ -0,0 +1,24 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
++miquels::::::
++:*:::::/etc/NoShell
+tester:*:299:10:Just a test account:/tmp:
+miquels:1234567890123:101:10:Miquel van Smoorenburg:/home/miquels:/bin/zsh
diff --git a/tests/cktools/06_pwck_sort_NIS_server/data/shadow b/tests/cktools/06_pwck_sort_NIS_server/data/shadow
new file mode 100644
index 0000000..6a626df
--- /dev/null
+++ b/tests/cktools/06_pwck_sort_NIS_server/data/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
++::::::::
diff --git a/tests/cktools/06_pwck_sort_NIS_server/pwck.test b/tests/cktools/06_pwck_sort_NIS_server/pwck.test
new file mode 100755
index 0000000..9d6afb1
--- /dev/null
+++ b/tests/cktools/06_pwck_sort_NIS_server/pwck.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwck can sort the passwd entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort the passwd entries (pwck -s)..."
+pwck -s
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/07_pwck_sort_NIS_client/config.txt b/tests/cktools/07_pwck_sort_NIS_client/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/07_pwck_sort_NIS_client/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/07_pwck_sort_NIS_client/config/etc/group b/tests/cktools/07_pwck_sort_NIS_client/config/etc/group
new file mode 100644
index 0000000..f914b38
--- /dev/null
+++ b/tests/cktools/07_pwck_sort_NIS_client/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
++:::
++miquels:::
++foo:::
diff --git a/tests/cktools/07_pwck_sort_NIS_client/config/etc/gshadow b/tests/cktools/07_pwck_sort_NIS_client/config/etc/gshadow
new file mode 100644
index 0000000..7a7ef3a
--- /dev/null
+++ b/tests/cktools/07_pwck_sort_NIS_client/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
++:::
diff --git a/tests/cktools/07_pwck_sort_NIS_client/config/etc/passwd b/tests/cktools/07_pwck_sort_NIS_client/config/etc/passwd
new file mode 100644
index 0000000..913d7fc
--- /dev/null
+++ b/tests/cktools/07_pwck_sort_NIS_client/config/etc/passwd
@@ -0,0 +1,22 @@
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+root:x:0:0:root:/root:/bin/bash
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+games:x:5:60:games:/usr/games:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
++miquels::::::
++:*:::::/etc/NoShell
diff --git a/tests/cktools/07_pwck_sort_NIS_client/config/etc/shadow b/tests/cktools/07_pwck_sort_NIS_client/config/etc/shadow
new file mode 100644
index 0000000..8f31dfb
--- /dev/null
+++ b/tests/cktools/07_pwck_sort_NIS_client/config/etc/shadow
@@ -0,0 +1,22 @@
+daemon:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
++::::::::
++foo2:!:::::::
diff --git a/tests/cktools/07_pwck_sort_NIS_client/data/passwd b/tests/cktools/07_pwck_sort_NIS_client/data/passwd
new file mode 100644
index 0000000..032bdd2
--- /dev/null
+++ b/tests/cktools/07_pwck_sort_NIS_client/data/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
++miquels::::::
++:*:::::/etc/NoShell
diff --git a/tests/cktools/07_pwck_sort_NIS_client/data/shadow b/tests/cktools/07_pwck_sort_NIS_client/data/shadow
new file mode 100644
index 0000000..5350e77
--- /dev/null
+++ b/tests/cktools/07_pwck_sort_NIS_client/data/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
++::::::::
++foo2:!:::::::
diff --git a/tests/cktools/07_pwck_sort_NIS_client/pwck.test b/tests/cktools/07_pwck_sort_NIS_client/pwck.test
new file mode 100755
index 0000000..9d6afb1
--- /dev/null
+++ b/tests/cktools/07_pwck_sort_NIS_client/pwck.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwck can sort the passwd entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort the passwd entries (pwck -s)..."
+pwck -s
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/config.txt b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/group b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/gshadow b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/passwd b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/shadow b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/group b/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/gshadow b/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.exp b/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.exp
new file mode 100755
index 0000000..6d0be77
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "invalid group file entry"
+expect "delete line 'foo:x'? "
+send "yes\r"
+expect "no matching group file entry in /etc/group"
+expect "delete line 'foo:*::'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.test b/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.test
new file mode 100755
index 0000000..906d629
--- /dev/null
+++ b/tests/cktools/grpck/04_grpck_missing_field_group_delete/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/config.txt b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/group b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/gshadow b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/passwd b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/shadow b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/data/gshadow b/tests/cktools/grpck/05_grpck_missing_field_group_keep/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.exp b/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.exp
new file mode 100755
index 0000000..cfd779f
--- /dev/null
+++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "invalid group file entry"
+expect "delete line 'foo:x'? "
+send "no\r"
+expect "no matching group file entry in /etc/group"
+expect "delete line 'foo:*::'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.test b/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.test
new file mode 100755
index 0000000..dcfa249
--- /dev/null
+++ b/tests/cktools/grpck/05_grpck_missing_field_group_keep/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config.txt b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/group b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/gshadow b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/passwd b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/shadow b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.exp b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.exp
new file mode 100755
index 0000000..48adf7a
--- /dev/null
+++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "invalid group file entry"
+expect "delete line 'foo:x'? "
+send "no\r"
+expect "no matching group file entry in /etc/group"
+expect "delete line 'foo:*::'? "
+send "no\r"
+expect "grpck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.test b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.test
new file mode 100755
index 0000000..81bf12c
--- /dev/null
+++ b/tests/cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config.txt b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config.txt
new file mode 100644
index 0000000..52fad51
--- /dev/null
+++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in gshadow
diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/group b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/gshadow b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/gshadow
new file mode 100644
index 0000000..b8fb234
--- /dev/null
+++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*:
diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/passwd b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/shadow b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/data/gshadow b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/data/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.exp b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.exp
new file mode 100755
index 0000000..5229ab5
--- /dev/null
+++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "no matching group file entry in /etc/gshadow"
+expect "add group 'foo' in /etc/gshadow? "
+send "yes\r"
+expect "invalid shadow group file entry"
+expect "delete line 'foo:*:'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.test b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.test
new file mode 100755
index 0000000..dcfa249
--- /dev/null
+++ b/tests/cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config.txt b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config.txt
new file mode 100644
index 0000000..52fad51
--- /dev/null
+++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in gshadow
diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/group b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/gshadow b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/gshadow
new file mode 100644
index 0000000..b8fb234
--- /dev/null
+++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*:
diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/passwd b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/shadow b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/data/gshadow b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.exp b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.exp
new file mode 100755
index 0000000..5181eba
--- /dev/null
+++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "no matching group file entry in /etc/gshadow"
+expect "add group 'foo' in /etc/gshadow? "
+send "no\r"
+expect "invalid shadow group file entry"
+expect "delete line 'foo:*:'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.test b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.test
new file mode 100755
index 0000000..dcfa249
--- /dev/null
+++ b/tests/cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config.txt b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config.txt
new file mode 100644
index 0000000..52fad51
--- /dev/null
+++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in gshadow
diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/group b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/gshadow b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..b8fb234
--- /dev/null
+++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*:
diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/passwd b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/shadow b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.exp b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.exp
new file mode 100755
index 0000000..3ac4abe
--- /dev/null
+++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "no matching group file entry in /etc/gshadow"
+expect "add group 'foo' in /etc/gshadow? "
+send "no\r"
+expect "invalid shadow group file entry"
+expect "delete line 'foo:*:'? "
+send "no\r"
+expect "grpck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.test b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.test
new file mode 100755
index 0000000..81bf12c
--- /dev/null
+++ b/tests/cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/config.txt b/tests/cktools/grpck/10_grpck_missing_field_group_local/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/group b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/gshadow b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/passwd b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/shadow b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/data/group b/tests/cktools/grpck/10_grpck_missing_field_group_local/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/data/gshadow b/tests/cktools/grpck/10_grpck_missing_field_group_local/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.exp b/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.exp
new file mode 100755
index 0000000..f8228c2
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck tmp/group tmp/gshadow\r"
+expect "invalid group file entry"
+expect "delete line 'foo:x'? "
+send "yes\r"
+expect "no matching group file entry in tmp/group"
+expect "delete line 'foo:*::'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.test b/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.test
new file mode 100755
index 0000000..63c75aa
--- /dev/null
+++ b/tests/cktools/grpck/10_grpck_missing_field_group_local/grpck.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "copy group and gshadow localy..."
+cp /etc/group /etc/gshadow tmp/
+echo "OK"
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/gshadow
+echo "OK"
+
+rm -f tmp/group tmp/group- tmp/gshadow tmp/gshadow-
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config.txt b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config.txt
new file mode 100644
index 0000000..52fad51
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in gshadow
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/group b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/gshadow b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/gshadow
new file mode 100644
index 0000000..b8fb234
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*:
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/passwd b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/shadow b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/group b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/gshadow b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/shadow b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.exp b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.exp
new file mode 100755
index 0000000..d111afc
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck tmp/group tmp/gshadow\r"
+expect "no matching group file entry in tmp/gshadow"
+expect "add group 'foo' in tmp/gshadow? "
+send "yes\r"
+expect "invalid shadow group file entry"
+expect "delete line 'foo:*:'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.test b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.test
new file mode 100755
index 0000000..63c75aa
--- /dev/null
+++ b/tests/cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "copy group and gshadow localy..."
+cp /etc/group /etc/gshadow tmp/
+echo "OK"
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+../../../common/compare_file.pl data/gshadow tmp/gshadow
+echo "OK"
+
+rm -f tmp/group tmp/group- tmp/gshadow tmp/gshadow-
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/config.txt b/tests/cktools/grpck/12_grpck_unknown_user_group/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/12_grpck_unknown_user_group/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/group b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/group
new file mode 100644
index 0000000..757aef8
--- /dev/null
+++ b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon,foo2,bin
diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/gshadow b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/gshadow
new file mode 100644
index 0000000..3e97ea4
--- /dev/null
+++ b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::daemon,bin
diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/passwd b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/shadow b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/12_grpck_unknown_user_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/data/group b/tests/cktools/grpck/12_grpck_unknown_user_group/data/group
new file mode 100644
index 0000000..cf18eb5
--- /dev/null
+++ b/tests/cktools/grpck/12_grpck_unknown_user_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon,bin
diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.exp b/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.exp
new file mode 100755
index 0000000..1dd1d01
--- /dev/null
+++ b/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "group foo: no user foo2"
+expect "delete member 'foo2'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.test b/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.test
new file mode 100755
index 0000000..741bfe1
--- /dev/null
+++ b/tests/cktools/grpck/12_grpck_unknown_user_group/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config.txt b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/group b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/group
new file mode 100644
index 0000000..cf18eb5
--- /dev/null
+++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon,bin
diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/gshadow b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..d2a1782
--- /dev/null
+++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::daemon,foo2,bin
diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/passwd b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/shadow b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/data/gshadow b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/data/gshadow
new file mode 100644
index 0000000..3e97ea4
--- /dev/null
+++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::daemon,bin
diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.exp b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.exp
new file mode 100755
index 0000000..b470a90
--- /dev/null
+++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.exp
@@ -0,0 +1,21 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "'foo2' is a member of the 'foo' group in /etc/gshadow but not in /etc/group"
+expect "shadow group foo: no user foo2"
+expect "delete member 'foo2'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.test b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.test
new file mode 100755
index 0000000..dcfa249
--- /dev/null
+++ b/tests/cktools/grpck/13_grpck_unknown_user_gshadow/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config.txt b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/group b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/group
new file mode 100644
index 0000000..cf18eb5
--- /dev/null
+++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon,bin
diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/gshadow b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..a7d227e
--- /dev/null
+++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*:foo3,foo4:foo3,daemon,bin,foo2
diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/passwd b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/shadow b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/data/gshadow b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/data/gshadow
new file mode 100644
index 0000000..3e97ea4
--- /dev/null
+++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::daemon,bin
diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.exp b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.exp
new file mode 100755
index 0000000..ec5378b
--- /dev/null
+++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "'foo3' is a member of the 'foo' group in /etc/gshadow but not in /etc/group"
+expect "'foo2' is a member of the 'foo' group in /etc/gshadow but not in /etc/group"
+expect "shadow group foo: no administrative user foo3"
+expect "delete administrative member 'foo3'? "
+send "yes\r"
+expect "shadow group foo: no administrative user foo4"
+expect "delete administrative member 'foo4'? "
+send "yes\r"
+expect "shadow group foo: no user foo3"
+expect "delete member 'foo3'? "
+send "yes\r"
+expect "shadow group foo: no user foo2"
+expect "delete member 'foo2'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.test b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.test
new file mode 100755
index 0000000..dcfa249
--- /dev/null
+++ b/tests/cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config.txt b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/group b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/group
new file mode 100644
index 0000000..4eeb1ff
--- /dev/null
+++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon,foo2,foo2,bin
diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/gshadow b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/gshadow
new file mode 100644
index 0000000..3e97ea4
--- /dev/null
+++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::daemon,bin
diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/passwd b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/shadow b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/data/group b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/data/group
new file mode 100644
index 0000000..cf18eb5
--- /dev/null
+++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon,bin
diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.exp b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.exp
new file mode 100755
index 0000000..c12fbd8
--- /dev/null
+++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "group foo: no user foo2"
+expect "delete member 'foo2'? "
+send "yes\r"
+expect "group foo: no user foo2"
+expect "delete member 'foo2'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.test b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.test
new file mode 100755
index 0000000..741bfe1
--- /dev/null
+++ b/tests/cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/config.txt b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/group b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/group
new file mode 100644
index 0000000..7351800
--- /dev/null
+++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon
+foo:x:1000:bin
diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/gshadow b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/passwd b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/shadow b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/data/group b/tests/cktools/grpck/16_grpck_duplicate_entry_group/data/group
new file mode 100644
index 0000000..5c08ae1
--- /dev/null
+++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:bin
diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.exp b/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.exp
new file mode 100755
index 0000000..cce6802
--- /dev/null
+++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "duplicate group entry"
+expect "delete line 'foo:x:1000:daemon'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.test b/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.test
new file mode 100755
index 0000000..741bfe1
--- /dev/null
+++ b/tests/cktools/grpck/16_grpck_duplicate_entry_group/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config.txt b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/group b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/group
new file mode 100644
index 0000000..fda0a6d
--- /dev/null
+++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon
diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/gshadow b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..124c805
--- /dev/null
+++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+foo:*::daemon
+crontab:x::
+Debian-exim:x::
+foo:*::bin
diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/passwd b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/shadow b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/data/gshadow b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/data/gshadow
new file mode 100644
index 0000000..bdd8388
--- /dev/null
+++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::bin
diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.exp b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.exp
new file mode 100755
index 0000000..1b123f1
--- /dev/null
+++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "duplicate shadow group entry"
+expect "delete line 'foo:*::daemon'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.test b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.test
new file mode 100755
index 0000000..dcfa249
--- /dev/null
+++ b/tests/cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config.txt b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/group b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/group
new file mode 100644
index 0000000..7351800
--- /dev/null
+++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon
+foo:x:1000:bin
diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/gshadow b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/passwd b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/shadow b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.exp b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.exp
new file mode 100755
index 0000000..7e54415
--- /dev/null
+++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.exp
@@ -0,0 +1,24 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "duplicate group entry"
+expect "delete line 'foo:x:1000:daemon'? "
+send "no\r"
+expect "'daemon' is a member of the 'foo' group in /etc/group but not in /etc/gshadow"
+expect "duplicate group entry"
+expect "delete line 'foo:x:1000:bin'? "
+send "no \r"
+expect "grpck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.test b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.test
new file mode 100755
index 0000000..81bf12c
--- /dev/null
+++ b/tests/cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config.txt b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/group b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/group
new file mode 100644
index 0000000..fda0a6d
--- /dev/null
+++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon
diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/gshadow b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..124c805
--- /dev/null
+++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+foo:*::daemon
+crontab:x::
+Debian-exim:x::
+foo:*::bin
diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/passwd b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/shadow b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.exp b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.exp
new file mode 100755
index 0000000..aa7f11f
--- /dev/null
+++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "duplicate shadow group entry"
+expect "delete line 'foo:*::daemon'? "
+send "no\r"
+expect "duplicate shadow group entry"
+expect "delete line 'foo:*::bin'? "
+send "no\r"
+expect "grpck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.test b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.test
new file mode 100755
index 0000000..81bf12c
--- /dev/null
+++ b/tests/cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config.txt b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/group b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/group
new file mode 100644
index 0000000..fda0a6d
--- /dev/null
+++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon
diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/gshadow b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/gshadow
new file mode 100644
index 0000000..124c805
--- /dev/null
+++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+foo:*::daemon
+crontab:x::
+Debian-exim:x::
+foo:*::bin
diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/passwd b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/shadow b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/data/gshadow b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/data/gshadow
new file mode 100644
index 0000000..a1a4f31
--- /dev/null
+++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+foo:*::daemon
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.exp b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.exp
new file mode 100755
index 0000000..ce6cb2e
--- /dev/null
+++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "duplicate shadow group entry"
+expect "delete line 'foo:*::daemon'? "
+send "no\r"
+expect "duplicate shadow group entry"
+expect "delete line 'foo:*::bin'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.test b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.test
new file mode 100755
index 0000000..dcfa249
--- /dev/null
+++ b/tests/cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/config.txt b/tests/cktools/grpck/21_grpck_invalid_group_name/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/21_grpck_invalid_group_name/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/group b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/group
new file mode 100644
index 0000000..220f375
--- /dev/null
+++ b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+f o o:x:1000:
diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/gshadow b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/gshadow
new file mode 100644
index 0000000..8337b65
--- /dev/null
+++ b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+f o o:*::
diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/passwd b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/shadow b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/21_grpck_invalid_group_name/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.exp b/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.exp
new file mode 100755
index 0000000..cb758db
--- /dev/null
+++ b/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "invalid group name 'f o o'"
+expect "grpck: no changes"
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.test b/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.test
new file mode 100755
index 0000000..81bf12c
--- /dev/null
+++ b/tests/cktools/grpck/21_grpck_invalid_group_name/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config.txt b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/group b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/group
new file mode 100644
index 0000000..e9efa8b
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:-1:
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/gshadow b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/passwd b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/shadow b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/group b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/gshadow b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.exp b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.exp
new file mode 100755
index 0000000..40f22df
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "invalid group file entry"
+expect "delete line 'foo:x:-1:'? "
+send "yes\r"
+expect "no matching group file entry in /etc/group"
+expect "delete line 'foo:*::'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.test b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.test
new file mode 100755
index 0000000..906d629
--- /dev/null
+++ b/tests/cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config.txt b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/group b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/group
new file mode 100644
index 0000000..c6a2e19
--- /dev/null
+++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:4294967295:
diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/gshadow b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/passwd b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/shadow b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.exp b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.exp
new file mode 100755
index 0000000..5c10a62
--- /dev/null
+++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.exp
@@ -0,0 +1,18 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "invalid group ID '4294967295'"
+expect "grpck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.test b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.test
new file mode 100755
index 0000000..81bf12c
--- /dev/null
+++ b/tests/cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config.txt b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/group b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/group
new file mode 100644
index 0000000..cb278ce
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:4294967296:
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/gshadow b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/passwd b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/shadow b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/group b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/gshadow b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.exp b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.exp
new file mode 100755
index 0000000..d5e5ddf
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "invalid group file entry"
+expect "delete line 'foo:x:4294967296:'? "
+send "yes\r"
+expect "no matching group file entry in /etc/group"
+expect "delete line 'foo:*::'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.test b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.test
new file mode 100755
index 0000000..906d629
--- /dev/null
+++ b/tests/cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config.txt b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/group b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/group
new file mode 100644
index 0000000..757aef8
--- /dev/null
+++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon,foo2,bin
diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/gshadow b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..d2a1782
--- /dev/null
+++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::daemon,foo2,bin
diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/passwd b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/shadow b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.exp b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.exp
new file mode 100755
index 0000000..da5dee5
--- /dev/null
+++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "group foo: no user foo2"
+expect "delete member 'foo2'? "
+send "no\r"
+expect "shadow group foo: no user foo2"
+expect "delete member 'foo2'? "
+send "no\r"
+expect "grpck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.test b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.test
new file mode 100755
index 0000000..81bf12c
--- /dev/null
+++ b/tests/cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/config.txt b/tests/cktools/grpck/26_grpck_no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/group b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..9303fe2
--- /dev/null
+++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+daemon:x:1:
+bin:x:2:
+kmem:x:15:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+root:x:0:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+shadow:x:42:
+gnats:x:41:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:bar
diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/gshadow b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..695bf8f
--- /dev/null
+++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+daemon:*::
+bin:*::
+kmem:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+root:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+shadow:*::
+gnats:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+foo:*::
diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/passwd b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/shadow b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/data/grpck.out b/tests/cktools/grpck/26_grpck_no_gshadow_file/data/grpck.out
new file mode 100644
index 0000000..929e0e8
--- /dev/null
+++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/data/grpck.out
@@ -0,0 +1,3 @@
+group foo: no user bar
+delete member 'bar'? No
+grpck: no changes
diff --git a/tests/cktools/grpck/26_grpck_no_gshadow_file/grpck.test b/tests/cktools/grpck/26_grpck_no_gshadow_file/grpck.test
new file mode 100755
index 0000000..0ccd682
--- /dev/null
+++ b/tests/cktools/grpck/26_grpck_no_gshadow_file/grpck.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck can check the group entries when there are no gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the gshadow file..."
+rm -f /etc/gshadow
+echo "done"
+
+echo -n "Check the group entries (grpck -r)..."
+grpck -r >tmp/grpck.out && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.out
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.out tmp/grpck.out
+echo "error message OK."
+rm -f tmp/grpck.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config.txt b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/group b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..afbb01e
--- /dev/null
+++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+daemon:x:1:
+bin:x:2:
+kmem:x:15:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+root:x:0:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+shadow:x:42:
+gnats:x:41:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/gshadow b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..695bf8f
--- /dev/null
+++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+daemon:*::
+bin:*::
+kmem:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+root:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+shadow:*::
+gnats:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+foo:*::
diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/passwd b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/shadow b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/data/group b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/data/group
new file mode 100644
index 0000000..1265953
--- /dev/null
+++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+nogroup:x:65534:
diff --git a/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/grpck.test b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/grpck.test
new file mode 100755
index 0000000..31a6e9e
--- /dev/null
+++ b/tests/cktools/grpck/27_grpck_sort_no_gshadow_file/grpck.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck can sort the group entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the gshadow file..."
+rm -f /etc/gshadow
+echo "done"
+
+echo -n "Sort the group entries (grpck -s)..."
+grpck -s
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/28_grpck_usage/config.txt b/tests/cktools/grpck/28_grpck_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/grpck/28_grpck_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/grpck/28_grpck_usage/config/etc/default/useradd b/tests/cktools/grpck/28_grpck_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/cktools/grpck/28_grpck_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/cktools/grpck/28_grpck_usage/config/etc/group b/tests/cktools/grpck/28_grpck_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/28_grpck_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/28_grpck_usage/config/etc/gshadow b/tests/cktools/grpck/28_grpck_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/28_grpck_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/28_grpck_usage/config/etc/passwd b/tests/cktools/grpck/28_grpck_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/cktools/grpck/28_grpck_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/cktools/grpck/28_grpck_usage/config/etc/shadow b/tests/cktools/grpck/28_grpck_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/cktools/grpck/28_grpck_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/28_grpck_usage/data/usage.out b/tests/cktools/grpck/28_grpck_usage/data/usage.out
new file mode 100644
index 0000000..899e2d7
--- /dev/null
+++ b/tests/cktools/grpck/28_grpck_usage/data/usage.out
@@ -0,0 +1,9 @@
+Usage: grpck [options] [group [gshadow]]
+
+Options:
+  -h, --help                    display this help message and exit
+  -r, --read-only               display errors and warnings
+                                but do not change files
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sort                    sort entries by UID
+
diff --git a/tests/cktools/grpck/28_grpck_usage/grpck.test b/tests/cktools/grpck/28_grpck_usage/grpck.test
new file mode 100755
index 0000000..e397aaf
--- /dev/null
+++ b/tests/cktools/grpck/28_grpck_usage/grpck.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get grpck usage (grpck -h)..."
+grpck -h >tmp/usage.out
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config.txt b/tests/cktools/grpck/29_grpck_sort_readonly/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/grpck/29_grpck_sort_readonly/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/default/useradd b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/group b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/gshadow b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/passwd b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/shadow b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/cktools/grpck/29_grpck_sort_readonly/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/data/usage.out b/tests/cktools/grpck/29_grpck_sort_readonly/data/usage.out
new file mode 100644
index 0000000..cd278fa
--- /dev/null
+++ b/tests/cktools/grpck/29_grpck_sort_readonly/data/usage.out
@@ -0,0 +1 @@
+grpck: -s and -r are incompatible
diff --git a/tests/cktools/grpck/29_grpck_sort_readonly/grpck.test b/tests/cktools/grpck/29_grpck_sort_readonly/grpck.test
new file mode 100755
index 0000000..417584f
--- /dev/null
+++ b/tests/cktools/grpck/29_grpck_sort_readonly/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck report failure when sorting and read only are enabled"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get grpck usage (grpck -r -s)..."
+grpck -r -s 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/30_grpck_3_files/config.txt b/tests/cktools/grpck/30_grpck_3_files/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/grpck/30_grpck_3_files/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/grpck/30_grpck_3_files/config/etc/default/useradd b/tests/cktools/grpck/30_grpck_3_files/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/cktools/grpck/30_grpck_3_files/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/cktools/grpck/30_grpck_3_files/config/etc/group b/tests/cktools/grpck/30_grpck_3_files/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/30_grpck_3_files/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/30_grpck_3_files/config/etc/gshadow b/tests/cktools/grpck/30_grpck_3_files/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/30_grpck_3_files/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/30_grpck_3_files/config/etc/passwd b/tests/cktools/grpck/30_grpck_3_files/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/cktools/grpck/30_grpck_3_files/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/cktools/grpck/30_grpck_3_files/config/etc/shadow b/tests/cktools/grpck/30_grpck_3_files/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/cktools/grpck/30_grpck_3_files/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/30_grpck_3_files/data/usage.out b/tests/cktools/grpck/30_grpck_3_files/data/usage.out
new file mode 100644
index 0000000..899e2d7
--- /dev/null
+++ b/tests/cktools/grpck/30_grpck_3_files/data/usage.out
@@ -0,0 +1,9 @@
+Usage: grpck [options] [group [gshadow]]
+
+Options:
+  -h, --help                    display this help message and exit
+  -r, --read-only               display errors and warnings
+                                but do not change files
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sort                    sort entries by UID
+
diff --git a/tests/cktools/grpck/30_grpck_3_files/grpck.test b/tests/cktools/grpck/30_grpck_3_files/grpck.test
new file mode 100755
index 0000000..e2614d9
--- /dev/null
+++ b/tests/cktools/grpck/30_grpck_3_files/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck checks its number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get grpck usage (grpck -r foo bar baz)..."
+grpck -r foo bar baz 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config.txt b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/group b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/gshadow b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/passwd b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/shadow b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/data/group b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.exp b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.exp
new file mode 100755
index 0000000..84b7354
--- /dev/null
+++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck tmp/group\r"
+expect "invalid group file entry"
+expect "delete line 'foo:x'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.test b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.test
new file mode 100755
index 0000000..744dd07
--- /dev/null
+++ b/tests/cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "copy group and gshadow localy..."
+cp /etc/group tmp/
+echo "OK"
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+../../../common/compare_file.pl data/group tmp/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+rm -f tmp/group tmp/group- tmp/gshadow tmp/gshadow-
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/32_grpck_sort_nis/config.txt b/tests/cktools/grpck/32_grpck_sort_nis/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/grpck/32_grpck_sort_nis/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/grpck/32_grpck_sort_nis/config/etc/group b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/group
new file mode 100644
index 0000000..e644ed9
--- /dev/null
+++ b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/group
@@ -0,0 +1,45 @@
+daemon:x:1:
+bin:x:2:
+kmem:x:15:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+root:x:0:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+shadow:x:42:
+gnats:x:41:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
++:::
++foo1:::
+-foo2:
diff --git a/tests/cktools/grpck/32_grpck_sort_nis/config/etc/gshadow b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/gshadow
new file mode 100644
index 0000000..8182ad7
--- /dev/null
+++ b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/gshadow
@@ -0,0 +1,42 @@
+daemon:*::
+bin:*::
+kmem:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+root:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+shadow:*::
+gnats:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/32_grpck_sort_nis/config/etc/passwd b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/32_grpck_sort_nis/config/etc/shadow b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/32_grpck_sort_nis/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/32_grpck_sort_nis/data/group b/tests/cktools/grpck/32_grpck_sort_nis/data/group
new file mode 100644
index 0000000..23467d3
--- /dev/null
+++ b/tests/cktools/grpck/32_grpck_sort_nis/data/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+nogroup:x:65534:
++:::
++foo1:::
+-foo2:
diff --git a/tests/cktools/grpck/32_grpck_sort_nis/data/gshadow b/tests/cktools/grpck/32_grpck_sort_nis/data/gshadow
new file mode 100644
index 0000000..f2209e3
--- /dev/null
+++ b/tests/cktools/grpck/32_grpck_sort_nis/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+nogroup:*::
diff --git a/tests/cktools/grpck/32_grpck_sort_nis/grpck.test b/tests/cktools/grpck/32_grpck_sort_nis/grpck.test
new file mode 100755
index 0000000..d509689
--- /dev/null
+++ b/tests/cktools/grpck/32_grpck_sort_nis/grpck.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck can sort the group entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort the group entries (grpck -s)..."
+grpck -s
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/33_grpck_locked_group/config.txt b/tests/cktools/grpck/33_grpck_locked_group/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cktools/grpck/33_grpck_locked_group/config.txt
diff --git a/tests/cktools/grpck/33_grpck_locked_group/config/etc/default/useradd b/tests/cktools/grpck/33_grpck_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/cktools/grpck/33_grpck_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/cktools/grpck/33_grpck_locked_group/config/etc/group b/tests/cktools/grpck/33_grpck_locked_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cktools/grpck/33_grpck_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/grpck/33_grpck_locked_group/config/etc/gshadow b/tests/cktools/grpck/33_grpck_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cktools/grpck/33_grpck_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/33_grpck_locked_group/config/etc/passwd b/tests/cktools/grpck/33_grpck_locked_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/cktools/grpck/33_grpck_locked_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/cktools/grpck/33_grpck_locked_group/config/etc/shadow b/tests/cktools/grpck/33_grpck_locked_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/33_grpck_locked_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/33_grpck_locked_group/data/grpck.err b/tests/cktools/grpck/33_grpck_locked_group/data/grpck.err
new file mode 100644
index 0000000..1f6325d
--- /dev/null
+++ b/tests/cktools/grpck/33_grpck_locked_group/data/grpck.err
@@ -0,0 +1,2 @@
+grpck: existing lock file /etc/group.lock without a PID
+grpck: cannot lock /etc/group; try again later.
diff --git a/tests/cktools/grpck/33_grpck_locked_group/grpck.test b/tests/cktools/grpck/33_grpck_locked_group/grpck.test
new file mode 100755
index 0000000..0aa139c
--- /dev/null
+++ b/tests/cktools/grpck/33_grpck_locked_group/grpck.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Check groups (grpck)..."
+grpck 2>tmp/grpck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.err tmp/grpck.err
+echo "error message OK."
+rm -f tmp/grpck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config.txt b/tests/cktools/grpck/34_grpck_locked_gshadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config.txt
diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/default/useradd b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/group b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/gshadow b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/passwd b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/shadow b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/34_grpck_locked_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/data/grpck.err b/tests/cktools/grpck/34_grpck_locked_gshadow/data/grpck.err
new file mode 100644
index 0000000..868dee1
--- /dev/null
+++ b/tests/cktools/grpck/34_grpck_locked_gshadow/data/grpck.err
@@ -0,0 +1,2 @@
+grpck: existing lock file /etc/gshadow.lock without a PID
+grpck: cannot lock /etc/gshadow; try again later.
diff --git a/tests/cktools/grpck/34_grpck_locked_gshadow/grpck.test b/tests/cktools/grpck/34_grpck_locked_gshadow/grpck.test
new file mode 100755
index 0000000..4c6ea0c
--- /dev/null
+++ b/tests/cktools/grpck/34_grpck_locked_gshadow/grpck.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Check groups (grpck)..."
+grpck 2>tmp/grpck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.err tmp/grpck.err
+echo "error message OK."
+rm -f tmp/grpck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config.txt b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/group b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/group
new file mode 100644
index 0000000..213b065
--- /dev/null
+++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:daemon
++:::
+-bar:::
+foo:x:1000:bin
diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/gshadow b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/passwd b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/shadow b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/data/group b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/data/group
new file mode 100644
index 0000000..6c080ef
--- /dev/null
+++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
++:::
+-bar:::
+foo:x:1000:bin
diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.exp b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.exp
new file mode 100755
index 0000000..cce6802
--- /dev/null
+++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "grpck\r"
+expect "duplicate group entry"
+expect "delete line 'foo:x:1000:daemon'? "
+send "yes\r"
+expect "grpck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.test b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.test
new file mode 100755
index 0000000..741bfe1
--- /dev/null
+++ b/tests/cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./grpck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/config.txt b/tests/cktools/grpck/36_grpck_password_group_gshadow/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/group b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/group
new file mode 100644
index 0000000..52cf2af
--- /dev/null
+++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+daemon:x:1:
+bin:x:2:
+kmem:x:15:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+root:x:0:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+shadow:x:42:
+gnats:x:41:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:toto:1000:
diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/gshadow b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..817f174
--- /dev/null
+++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+daemon:*::
+bin:*::
+kmem:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+root:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+shadow:*::
+gnats:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+foo:foo::
+Debian-exim:*::
diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/passwd b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/shadow b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/data/grpck.out b/tests/cktools/grpck/36_grpck_password_group_gshadow/data/grpck.out
new file mode 100644
index 0000000..476a798
--- /dev/null
+++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/data/grpck.out
@@ -0,0 +1,2 @@
+group foo has an entry in /etc/gshadow, but its password field in /etc/group is not set to 'x'
+grpck: no changes
diff --git a/tests/cktools/grpck/36_grpck_password_group_gshadow/grpck.test b/tests/cktools/grpck/36_grpck_password_group_gshadow/grpck.test
new file mode 100755
index 0000000..d32ae67
--- /dev/null
+++ b/tests/cktools/grpck/36_grpck_password_group_gshadow/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck can sort the group entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check the group entries (grpck -r)..."
+grpck -r >tmp/grpck.out && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.out
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.out tmp/grpck.out
+echo "error message OK."
+rm -f tmp/grpck.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/grpck/37_grpck_invalid_option/config.txt b/tests/cktools/grpck/37_grpck_invalid_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/grpck/37_grpck_invalid_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/grpck/37_grpck_invalid_option/config/etc/group b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/grpck/37_grpck_invalid_option/config/etc/gshadow b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/grpck/37_grpck_invalid_option/config/etc/passwd b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/cktools/grpck/37_grpck_invalid_option/config/etc/shadow b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/cktools/grpck/37_grpck_invalid_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cktools/grpck/37_grpck_invalid_option/data/usage.out b/tests/cktools/grpck/37_grpck_invalid_option/data/usage.out
new file mode 100644
index 0000000..1142051
--- /dev/null
+++ b/tests/cktools/grpck/37_grpck_invalid_option/data/usage.out
@@ -0,0 +1,10 @@
+grpck: unrecognized option '--invalid'
+Usage: grpck [options] [group [gshadow]]
+
+Options:
+  -h, --help                    display this help message and exit
+  -r, --read-only               display errors and warnings
+                                but do not change files
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sort                    sort entries by UID
+
diff --git a/tests/cktools/grpck/37_grpck_invalid_option/grpck.test b/tests/cktools/grpck/37_grpck_invalid_option/grpck.test
new file mode 100755
index 0000000..b556148
--- /dev/null
+++ b/tests/cktools/grpck/37_grpck_invalid_option/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck reports usage when called withan invalid option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call grpck with an invalid option (grpck --invalid)..."
+grpck --invalid 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config.txt b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config.txt
new file mode 100644
index 0000000..b3c3e75
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config.txt
@@ -0,0 +1,2 @@
+group foo
+user foo with typo in passwd
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/group b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/gshadow b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/passwd b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/passwd
new file mode 100644
index 0000000..4ee448d
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/shadow b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/passwd b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/passwd
new file mode 100644
index 0000000..2b911d1
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/passwd
@@ -0,0 +1,10 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/shadow b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/shadow
new file mode 100644
index 0000000..0a2fddb
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/data/shadow
@@ -0,0 +1,10 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.exp b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.exp
new file mode 100755
index 0000000..e9c675d
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "invalid password file entry"
+expect "delete line 'foo:x:1000:1000::'? "
+send "yes\r"
+expect "no matching password file entry in /etc/passwd"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.test b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.test
new file mode 100755
index 0000000..9f8c33a
--- /dev/null
+++ b/tests/cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config.txt b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/group b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/gshadow b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/passwd b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/passwd
new file mode 100644
index 0000000..4ee448d
--- /dev/null
+++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::
diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/shadow b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/data/shadow b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/data/shadow
new file mode 100644
index 0000000..0a2fddb
--- /dev/null
+++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/data/shadow
@@ -0,0 +1,10 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.exp b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.exp
new file mode 100755
index 0000000..89341ff
--- /dev/null
+++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.exp
@@ -0,0 +1,22 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "invalid password file entry"
+expect "delete line 'foo:x:1000:1000::'? "
+send "no\r"
+expect "no matching password file entry in /etc/passwd"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "yes\r"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.test b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.test
new file mode 100755
index 0000000..688759d
--- /dev/null
+++ b/tests/cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config.txt b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/group b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/gshadow b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/passwd b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/passwd
new file mode 100644
index 0000000..4ee448d
--- /dev/null
+++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::
diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/shadow b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.exp b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.exp
new file mode 100755
index 0000000..bd4003d
--- /dev/null
+++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "invalid password file entry"
+expect "delete line 'foo:x:1000:1000::'? "
+send "no\r"
+expect "no matching password file entry in /etc/passwd"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "no\r"
+expect "pwck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.test b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.test
new file mode 100755
index 0000000..b9f4a13
--- /dev/null
+++ b/tests/cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck check the number of fields and does not change the system database if requested"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config.txt b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config.txt
new file mode 100644
index 0000000..52fad51
--- /dev/null
+++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in gshadow
diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/group b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/gshadow b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/passwd b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/passwd
new file mode 100644
index 0000000..6377a5d
--- /dev/null
+++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/shadow b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/shadow
new file mode 100644
index 0000000..3a064c0
--- /dev/null
+++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7::
diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/data/shadow b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/data/shadow
new file mode 100644
index 0000000..c9a0314
--- /dev/null
+++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/data/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:x:@TODAY@:0:99999:7:::
diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.exp b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.exp
new file mode 100755
index 0000000..5a9b856
--- /dev/null
+++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "no matching password file entry in /etc/shadow"
+expect "add user 'foo' in /etc/shadow? "
+send "yes\r"
+expect "invalid shadow password file entry"
+expect "delete line 'foo:!:12977:0:99999:7::'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.test b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.test
new file mode 100755
index 0000000..688759d
--- /dev/null
+++ b/tests/cktools/pwck/07_pwck_missing_field_shadow_add/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config.txt b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config.txt
new file mode 100644
index 0000000..52fad51
--- /dev/null
+++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in gshadow
diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/group b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/gshadow b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/passwd b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/passwd
new file mode 100644
index 0000000..6377a5d
--- /dev/null
+++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/shadow b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/shadow
new file mode 100644
index 0000000..3a064c0
--- /dev/null
+++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7::
diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/data/shadow b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/data/shadow
new file mode 100644
index 0000000..0a2fddb
--- /dev/null
+++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/data/shadow
@@ -0,0 +1,10 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.exp b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.exp
new file mode 100755
index 0000000..38a613d
--- /dev/null
+++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "no matching password file entry in /etc/shadow"
+expect "add user 'foo' in /etc/shadow? "
+send "no\r"
+expect "invalid shadow password file entry"
+expect "delete line 'foo:!:12977:0:99999:7::'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.test b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.test
new file mode 100755
index 0000000..688759d
--- /dev/null
+++ b/tests/cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config.txt b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config.txt
new file mode 100644
index 0000000..52fad51
--- /dev/null
+++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in gshadow
diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/group b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/gshadow b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/passwd b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/passwd
new file mode 100644
index 0000000..6377a5d
--- /dev/null
+++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/shadow b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/shadow
new file mode 100644
index 0000000..3a064c0
--- /dev/null
+++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7::
diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.exp b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.exp
new file mode 100755
index 0000000..b445102
--- /dev/null
+++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "no matching password file entry in /etc/shadow"
+expect "add user 'foo' in /etc/shadow? "
+send "no\r"
+expect "invalid shadow password file entry"
+expect "delete line 'foo:!:12977:0:99999:7::'? "
+send "no\r"
+expect "pwck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.test b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.test
new file mode 100755
index 0000000..893ba6e
--- /dev/null
+++ b/tests/cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck check the number of fields and can change the system database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config.txt b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/group b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/gshadow b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/passwd b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/passwd
new file mode 100644
index 0000000..4ee448d
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/shadow b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/passwd b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/passwd
new file mode 100644
index 0000000..2b911d1
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/passwd
@@ -0,0 +1,10 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/shadow b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/shadow
new file mode 100644
index 0000000..0a2fddb
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/data/shadow
@@ -0,0 +1,10 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.exp b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.exp
new file mode 100755
index 0000000..31af089
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck tmp/passwd tmp/shadow\r"
+expect "invalid password file entry"
+expect "delete line 'foo:x:1000:1000::'? "
+send "yes\r"
+expect "no matching password file entry in tmp/passwd"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.test b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.test
new file mode 100755
index 0000000..4ca903f
--- /dev/null
+++ b/tests/cktools/pwck/10_pwck_missing_field_passwd_local/pwck.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck check the number of fields and can change local databases"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "copy passwd and shadow localy..."
+cp /etc/passwd /etc/shadow tmp/
+echo "OK"
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+rm -f tmp/passwd tmp/passwd- tmp/shadow tmp/shadow-
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config.txt b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config.txt
new file mode 100644
index 0000000..52fad51
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in gshadow
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/group b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/gshadow b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/passwd b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/passwd
new file mode 100644
index 0000000..6377a5d
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/shadow b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/shadow
new file mode 100644
index 0000000..3a064c0
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7::
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/passwd b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/passwd
new file mode 100644
index 0000000..6377a5d
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/shadow b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/shadow
new file mode 100644
index 0000000..c9a0314
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/data/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:x:@TODAY@:0:99999:7:::
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.exp b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.exp
new file mode 100755
index 0000000..2b2a09d
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck tmp/passwd tmp/shadow\r"
+expect "no matching password file entry in tmp/shadow"
+expect "add user 'foo' in tmp/shadow? "
+send "yes\r"
+expect "invalid shadow password file entry"
+expect "delete line 'foo:*:'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.test b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.test
new file mode 100755
index 0000000..fd3f4e6
--- /dev/null
+++ b/tests/cktools/pwck/11_pwck_missing_field_shadow_local/pwck.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the number of fields and can change local databases"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "copy passwd and shadow localy..."
+cp /etc/passwd /etc/shadow tmp/
+echo "OK"
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+../../../common/compare_file.pl data/passwd tmp/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+../../../common/compare_file.pl data/shadow tmp/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+rm -f tmp/passwd tmp/passwd- tmp/shadow tmp/shadow-
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config.txt b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/group b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/gshadow b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/passwd b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/passwd
new file mode 100644
index 0000000..58f2d75
--- /dev/null
+++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1001::/home:/bin/sh
diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/shadow b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.exp b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.exp
new file mode 100755
index 0000000..fb8cba1
--- /dev/null
+++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.exp
@@ -0,0 +1,18 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "user 'foo': no group 1001"
+expect "pwck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.test b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.test
new file mode 100755
index 0000000..8df5482
--- /dev/null
+++ b/tests/cktools/pwck/12_pwck_unknown_user_group_ID/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check that the user's GID matches an existing group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config.txt b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/group b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/gshadow b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/passwd b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/passwd
new file mode 100644
index 0000000..33debc5
--- /dev/null
+++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/passwd
@@ -0,0 +1,12 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
+foo:x:1001:1001::/home:/bin/sh
diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/shadow b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/data/passwd b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/data/passwd
new file mode 100644
index 0000000..a45f378
--- /dev/null
+++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/data/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1001:1001::/home:/bin/sh
diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.exp b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.exp
new file mode 100755
index 0000000..9c460ce
--- /dev/null
+++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "duplicate password entry"
+expect "delete line 'foo:x:1000:1000::/home:/bin/sh'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.test b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.test
new file mode 100755
index 0000000..4d4b957
--- /dev/null
+++ b/tests/cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check that user are uniq"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config.txt b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/group b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/gshadow b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/passwd b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/passwd
new file mode 100644
index 0000000..6377a5d
--- /dev/null
+++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/shadow b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/shadow
new file mode 100644
index 0000000..a5344f5
--- /dev/null
+++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/config/etc/shadow
@@ -0,0 +1,12 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/data/shadow b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/data/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/data/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.exp b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.exp
new file mode 100755
index 0000000..c7affdc
--- /dev/null
+++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "duplicate shadow password entry"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.test b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.test
new file mode 100755
index 0000000..4430d1a
--- /dev/null
+++ b/tests/cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check unicity of users in the shadow database"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config.txt b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/group b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/gshadow b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/passwd b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/passwd
new file mode 100644
index 0000000..69c72ff
--- /dev/null
+++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/passwd
@@ -0,0 +1,12 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
+foo:x:1000:1000::/home:/bin/bash
diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/shadow b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.exp b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.exp
new file mode 100755
index 0000000..61c6c6b
--- /dev/null
+++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "duplicate password entry"
+expect "delete line 'foo:x:1000:1000::/home:/bin/sh'? "
+send "no\r"
+expect "duplicate password entry"
+expect "delete line 'foo:x:1000:1000::/home:/bin/bash'? "
+send "no\r"
+expect "pwck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.test b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.test
new file mode 100755
index 0000000..9ceb60e
--- /dev/null
+++ b/tests/cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check unicity of users in passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config.txt b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/group b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/gshadow b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/passwd b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/passwd
new file mode 100644
index 0000000..6377a5d
--- /dev/null
+++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/shadow b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/shadow
new file mode 100644
index 0000000..a5344f5
--- /dev/null
+++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/config/etc/shadow
@@ -0,0 +1,12 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.exp b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.exp
new file mode 100755
index 0000000..dc9ef89
--- /dev/null
+++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "duplicate shadow password entry"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "no\r"
+expect "duplicate shadow password entry"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "no\r"
+expect "pwck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.test b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.test
new file mode 100755
index 0000000..8eed716
--- /dev/null
+++ b/tests/cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck checks unicity of users in shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config.txt b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/group b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/gshadow b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/passwd b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/passwd
new file mode 100644
index 0000000..69c72ff
--- /dev/null
+++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/passwd
@@ -0,0 +1,12 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
+foo:x:1000:1000::/home:/bin/bash
diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/shadow b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/data/passwd b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/data/passwd
new file mode 100644
index 0000000..6377a5d
--- /dev/null
+++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/data/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.exp b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.exp
new file mode 100755
index 0000000..d6ec869
--- /dev/null
+++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "duplicate password entry"
+expect "delete line 'foo:x:1000:1000::/home:/bin/sh'? "
+send "no\r"
+expect "duplicate password entry"
+expect "delete line 'foo:x:1000:1000::/home:/bin/bash'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.test b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.test
new file mode 100755
index 0000000..d61a946
--- /dev/null
+++ b/tests/cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck checks the unicity of users in passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/config.txt b/tests/cktools/pwck/18_pwck_invalid_user_name/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/18_pwck_invalid_user_name/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/group b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/gshadow b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/passwd b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/passwd
new file mode 100644
index 0000000..a82dbf6
--- /dev/null
+++ b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+f o o:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/shadow b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/shadow
new file mode 100644
index 0000000..f771b66
--- /dev/null
+++ b/tests/cktools/pwck/18_pwck_invalid_user_name/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+f o o:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.exp b/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.exp
new file mode 100755
index 0000000..a75ef35
--- /dev/null
+++ b/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.exp
@@ -0,0 +1,18 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "invalid user name 'f o o'"
+expect "pwck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.test b/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.test
new file mode 100755
index 0000000..587f11c
--- /dev/null
+++ b/tests/cktools/pwck/18_pwck_invalid_user_name/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the validity of usernames"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config.txt b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/group b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/gshadow b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/passwd b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/passwd
new file mode 100644
index 0000000..850768a
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:-1:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/shadow b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/passwd b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/passwd
new file mode 100644
index 0000000..2b911d1
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/passwd
@@ -0,0 +1,10 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/shadow b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/shadow
new file mode 100644
index 0000000..0a2fddb
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/data/shadow
@@ -0,0 +1,10 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.exp b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.exp
new file mode 100755
index 0000000..cde86e5
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "invalid password file entry"
+expect "delete line 'foo:x:-1:1000::/home:/bin/sh'? "
+send "yes\r"
+expect "no matching password file entry in /etc/passwd"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.test b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.test
new file mode 100755
index 0000000..8b56894
--- /dev/null
+++ b/tests/cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck checks the validity of UIDs"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config.txt b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/group b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/gshadow b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/passwd b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/passwd
new file mode 100644
index 0000000..e438734
--- /dev/null
+++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:4294967295:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/shadow b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.exp b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.exp
new file mode 100755
index 0000000..315a72b
--- /dev/null
+++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.exp
@@ -0,0 +1,18 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "invalid user ID '4294967295'"
+expect "pwck: no changes"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.test b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.test
new file mode 100755
index 0000000..19d157f
--- /dev/null
+++ b/tests/cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck check the validity of the UID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config.txt b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/group b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/gshadow b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/passwd b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/passwd
new file mode 100644
index 0000000..de8dd66
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/passwd
@@ -0,0 +1,11 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:4294967296:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/shadow b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/passwd b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/passwd
new file mode 100644
index 0000000..2b911d1
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/passwd
@@ -0,0 +1,10 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/shadow b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/shadow
new file mode 100644
index 0000000..0a2fddb
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/data/shadow
@@ -0,0 +1,10 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.exp b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.exp
new file mode 100755
index 0000000..83575ac
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "pwck\r"
+expect "invalid password file entry"
+expect "delete line 'foo:x:4294967296:1000::/home:/bin/sh'? "
+send "yes\r"
+expect "no matching password file entry in /etc/passwd"
+expect "delete line 'foo:!:12977:0:99999:7:::'? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.test b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.test
new file mode 100755
index 0000000..8b56894
--- /dev/null
+++ b/tests/cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck checks the validity of UIDs"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/22_pwck_usage/config.txt b/tests/cktools/pwck/22_pwck_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/pwck/22_pwck_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/pwck/22_pwck_usage/config/etc/group b/tests/cktools/pwck/22_pwck_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/pwck/22_pwck_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/pwck/22_pwck_usage/config/etc/gshadow b/tests/cktools/pwck/22_pwck_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/pwck/22_pwck_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/pwck/22_pwck_usage/config/etc/passwd b/tests/cktools/pwck/22_pwck_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/cktools/pwck/22_pwck_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/cktools/pwck/22_pwck_usage/config/etc/shadow b/tests/cktools/pwck/22_pwck_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/cktools/pwck/22_pwck_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/22_pwck_usage/data/usage.out b/tests/cktools/pwck/22_pwck_usage/data/usage.out
new file mode 100644
index 0000000..fa62941
--- /dev/null
+++ b/tests/cktools/pwck/22_pwck_usage/data/usage.out
@@ -0,0 +1,10 @@
+Usage: pwck [options] [passwd [shadow]]
+
+Options:
+  -h, --help                    display this help message and exit
+  -q, --quiet                   report errors only
+  -r, --read-only               display errors and warnings
+                                but do not change files
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sort                    sort entries by UID
+
diff --git a/tests/cktools/pwck/22_pwck_usage/pwck.test b/tests/cktools/pwck/22_pwck_usage/pwck.test
new file mode 100755
index 0000000..ccca31a
--- /dev/null
+++ b/tests/cktools/pwck/22_pwck_usage/pwck.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get pwck usage (pwck -h)..."
+pwck -h >tmp/usage.out
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/config.txt b/tests/cktools/pwck/23_pwck_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cktools/pwck/23_pwck_locked_passwd/config.txt
diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/group b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/gshadow b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/passwd b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/shadow b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/pwck/23_pwck_locked_passwd/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/data/pwck.err b/tests/cktools/pwck/23_pwck_locked_passwd/data/pwck.err
new file mode 100644
index 0000000..798e427
--- /dev/null
+++ b/tests/cktools/pwck/23_pwck_locked_passwd/data/pwck.err
@@ -0,0 +1,2 @@
+pwck: existing lock file /etc/passwd.lock without a PID
+pwck: cannot lock /etc/passwd; try again later.
diff --git a/tests/cktools/pwck/23_pwck_locked_passwd/pwck.test b/tests/cktools/pwck/23_pwck_locked_passwd/pwck.test
new file mode 100755
index 0000000..8731b28
--- /dev/null
+++ b/tests/cktools/pwck/23_pwck_locked_passwd/pwck.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck checks if the passwd file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Check user database (pwck)..."
+pwck 2>tmp/pwck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/config.txt b/tests/cktools/pwck/24_pwck_locked_shadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cktools/pwck/24_pwck_locked_shadow/config.txt
diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/group b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/gshadow b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/passwd b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/shadow b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/pwck/24_pwck_locked_shadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/data/pwck.err b/tests/cktools/pwck/24_pwck_locked_shadow/data/pwck.err
new file mode 100644
index 0000000..f8112fb
--- /dev/null
+++ b/tests/cktools/pwck/24_pwck_locked_shadow/data/pwck.err
@@ -0,0 +1,2 @@
+pwck: existing lock file /etc/shadow.lock without a PID
+pwck: cannot lock /etc/shadow; try again later.
diff --git a/tests/cktools/pwck/24_pwck_locked_shadow/pwck.test b/tests/cktools/pwck/24_pwck_locked_shadow/pwck.test
new file mode 100755
index 0000000..61e2926
--- /dev/null
+++ b/tests/cktools/pwck/24_pwck_locked_shadow/pwck.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck checks if the shadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Check user database (pwck)..."
+pwck 2>tmp/pwck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/shadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/config.txt b/tests/cktools/pwck/25_pwck_usage_invalid_option/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/config.txt
diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/group b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/gshadow b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/passwd b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/shadow b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/data/pwck.err b/tests/cktools/pwck/25_pwck_usage_invalid_option/data/pwck.err
new file mode 100644
index 0000000..b08f13f
--- /dev/null
+++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/data/pwck.err
@@ -0,0 +1,11 @@
+pwck: invalid option -- 'Z'
+Usage: pwck [options] [passwd [shadow]]
+
+Options:
+  -h, --help                    display this help message and exit
+  -q, --quiet                   report errors only
+  -r, --read-only               display errors and warnings
+                                but do not change files
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sort                    sort entries by UID
+
diff --git a/tests/cktools/pwck/25_pwck_usage_invalid_option/pwck.test b/tests/cktools/pwck/25_pwck_usage_invalid_option/pwck.test
new file mode 100755
index 0000000..a8d5941
--- /dev/null
+++ b/tests/cktools/pwck/25_pwck_usage_invalid_option/pwck.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck displays its usage message when called with an invalid option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call pwck with an invalid option (pwck -Z)..."
+pwck -Z 2>tmp/pwck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/config.txt b/tests/cktools/pwck/26_pwck_usage-s-r/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cktools/pwck/26_pwck_usage-s-r/config.txt
diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/group b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/gshadow b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/passwd b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/shadow b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/pwck/26_pwck_usage-s-r/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/data/pwck.err b/tests/cktools/pwck/26_pwck_usage-s-r/data/pwck.err
new file mode 100644
index 0000000..e44d375
--- /dev/null
+++ b/tests/cktools/pwck/26_pwck_usage-s-r/data/pwck.err
@@ -0,0 +1 @@
+pwck: -s and -r are incompatible
diff --git a/tests/cktools/pwck/26_pwck_usage-s-r/pwck.test b/tests/cktools/pwck/26_pwck_usage-s-r/pwck.test
new file mode 100755
index 0000000..6f0a3b5
--- /dev/null
+++ b/tests/cktools/pwck/26_pwck_usage-s-r/pwck.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck warns that -r and -s are exclusive"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call pwck with the -r and -s options (pwck -r -s)..."
+pwck -r -s 2>tmp/pwck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/config.txt b/tests/cktools/pwck/27_pwck_usage_3_files/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cktools/pwck/27_pwck_usage_3_files/config.txt
diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/group b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/gshadow b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/passwd b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/shadow b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/pwck/27_pwck_usage_3_files/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/data/pwck.err b/tests/cktools/pwck/27_pwck_usage_3_files/data/pwck.err
new file mode 100644
index 0000000..fa62941
--- /dev/null
+++ b/tests/cktools/pwck/27_pwck_usage_3_files/data/pwck.err
@@ -0,0 +1,10 @@
+Usage: pwck [options] [passwd [shadow]]
+
+Options:
+  -h, --help                    display this help message and exit
+  -q, --quiet                   report errors only
+  -r, --read-only               display errors and warnings
+                                but do not change files
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sort                    sort entries by UID
+
diff --git a/tests/cktools/pwck/27_pwck_usage_3_files/pwck.test b/tests/cktools/pwck/27_pwck_usage_3_files/pwck.test
new file mode 100755
index 0000000..9c8c81d
--- /dev/null
+++ b/tests/cktools/pwck/27_pwck_usage_3_files/pwck.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck displays its usage message when called with 3 files"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call pwck with 3 files (pwck data/passwd data/shadow data/foo)..."
+pwck data/passwd data/shadow data/foo 2>tmp/pwck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/config.txt b/tests/cktools/pwck/28_pwck_no_shadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/pwck/28_pwck_no_shadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/group b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/gshadow b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/passwd b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..57434e6
--- /dev/null
+++ b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/passwd
@@ -0,0 +1,23 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/tmp:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/tmp:/bin/sh
+uucp:x:10:10:uucp:/tmp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/tmp:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/tmp:/bin/sh
+irc:x:39:39:ircd:/tmp:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/tmp:/bin/sh
+nobody:x:65534:65534:nobody:/tmp:/bin/sh
+Debian-exim:x:102:102::/tmp:/bin/false
+foo:pass:1000:1000::/home/foo:/bin/sh
+foo:pass:1001:1000::/tmp:/bin/sh
+foo2:pass:1000:1000::/tmp:/bin/shs
+foo3:x:1000:1000::/tmp:
diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/shadow b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/pwck/28_pwck_no_shadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/data/pwck.out b/tests/cktools/pwck/28_pwck_no_shadow_file/data/pwck.out
new file mode 100644
index 0000000..e0cac3d
--- /dev/null
+++ b/tests/cktools/pwck/28_pwck_no_shadow_file/data/pwck.out
@@ -0,0 +1,7 @@
+duplicate password entry
+delete line 'foo:pass:1000:1000::/home/foo:/bin/sh'? No
+user 'foo': directory '/home/foo' does not exist
+duplicate password entry
+delete line 'foo:pass:1001:1000::/tmp:/bin/sh'? No
+user 'foo2': program '/bin/shs' does not exist
+pwck: no changes
diff --git a/tests/cktools/pwck/28_pwck_no_shadow_file/pwck.test b/tests/cktools/pwck/28_pwck_no_shadow_file/pwck.test
new file mode 100755
index 0000000..e792f78
--- /dev/null
+++ b/tests/cktools/pwck/28_pwck_no_shadow_file/pwck.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck report issues when the shadow file does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Check user database (pwck -r)..."
+pwck -r >tmp/pwck.out && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.out
+echo "======================================================================="
+echo -n "Check the report..."
+diff -au data/pwck.out tmp/pwck.out
+echo "report OK."
+rm -f tmp/pwck.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/config.txt b/tests/cktools/pwck/29_pwck_password_change_in_future/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/pwck/29_pwck_password_change_in_future/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/group b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/gshadow b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/passwd b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/passwd
new file mode 100644
index 0000000..ded978d
--- /dev/null
+++ b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/tmp:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/tmp:/bin/sh
+uucp:x:10:10:uucp:/tmp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/tmp:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/tmp:/bin/sh
+irc:x:39:39:ircd:/tmp:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/tmp:/bin/sh
+nobody:x:65534:65534:nobody:/tmp:/bin/sh
+Debian-exim:x:102:102::/tmp:/bin/false
+foo:x:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/shadow b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/shadow
new file mode 100644
index 0000000..3781988
--- /dev/null
+++ b/tests/cktools/pwck/29_pwck_password_change_in_future/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:99997:0:99999:7:::
diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/data/pwck.out b/tests/cktools/pwck/29_pwck_password_change_in_future/data/pwck.out
new file mode 100644
index 0000000..12d2fbf
--- /dev/null
+++ b/tests/cktools/pwck/29_pwck_password_change_in_future/data/pwck.out
@@ -0,0 +1,2 @@
+user foo: last password change in the future
+pwck: no changes
diff --git a/tests/cktools/pwck/29_pwck_password_change_in_future/pwck.test b/tests/cktools/pwck/29_pwck_password_change_in_future/pwck.test
new file mode 100755
index 0000000..6ccd810
--- /dev/null
+++ b/tests/cktools/pwck/29_pwck_password_change_in_future/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck checks that the password was set in the past"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check user database (pwck -r)..."
+pwck -r >tmp/pwck.out && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.out
+echo "======================================================================="
+echo -n "Check the report..."
+diff -au data/pwck.out tmp/pwck.out
+echo "report OK."
+rm -f tmp/pwck.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/config.txt b/tests/cktools/pwck/30_pwck_NIS_entries/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/pwck/30_pwck_NIS_entries/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/group b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/gshadow b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/passwd b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/passwd
new file mode 100644
index 0000000..e5bbc07
--- /dev/null
+++ b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/passwd
@@ -0,0 +1,23 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/tmp:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/tmp:/bin/sh
+uucp:x:10:10:uucp:/tmp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/tmp:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/tmp:/bin/sh
+irc:x:39:39:ircd:/tmp:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/tmp:/bin/sh
+nobody:x:65534:65534:nobody:/tmp:/bin/sh
+Debian-exim:x:102:102::/tmp:/bin/false
+foo:x:1000:1000::/home:/bin/sh
++::::::
+-bar::::::
+foo:x:1001:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/shadow b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/shadow
new file mode 100644
index 0000000..d3c0765
--- /dev/null
+++ b/tests/cktools/pwck/30_pwck_NIS_entries/config/etc/shadow
@@ -0,0 +1,23 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:99997:0:99999:7:::
++::::::::
+-bar::::::::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/data/pwck.out b/tests/cktools/pwck/30_pwck_NIS_entries/data/pwck.out
new file mode 100644
index 0000000..56dce35
--- /dev/null
+++ b/tests/cktools/pwck/30_pwck_NIS_entries/data/pwck.out
@@ -0,0 +1,10 @@
+duplicate password entry
+delete line 'foo:x:1000:1000::/home:/bin/sh'? No
+duplicate password entry
+delete line 'foo:x:1001:1000::/home:/bin/sh'? No
+duplicate shadow password entry
+delete line 'Debian-exim:!:12977:0:99999:7:::'? No
+user foo: last password change in the future
+duplicate shadow password entry
+delete line 'Debian-exim:!:12977:0:99999:7:::'? No
+pwck: no changes
diff --git a/tests/cktools/pwck/30_pwck_NIS_entries/pwck.test b/tests/cktools/pwck/30_pwck_NIS_entries/pwck.test
new file mode 100755
index 0000000..733fa94
--- /dev/null
+++ b/tests/cktools/pwck/30_pwck_NIS_entries/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck ignores NIS lines silently"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check user database (pwck -r)..."
+pwck -r >tmp/pwck.out && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.out
+echo "======================================================================="
+echo -n "Check the report..."
+diff -au data/pwck.out tmp/pwck.out
+echo "report OK."
+rm -f tmp/pwck.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config.txt b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/group b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/gshadow b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/passwd b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/passwd
new file mode 100644
index 0000000..fbeb96c
--- /dev/null
+++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/tmp:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/tmp:/bin/sh
+uucp:x:10:10:uucp:/tmp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/tmp:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/tmp:/bin/sh
+irc:x:39:39:ircd:/tmp:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/tmp:/bin/sh
+nobody:x:65534:65534:nobody:/tmp:/bin/sh
+Debian-exim:x:102:102::/tmp:/bin/false
+foo:pass:1000:1000::/home:/bin/sh
diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/shadow b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/data/pwck.out b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/data/pwck.out
new file mode 100644
index 0000000..5cedc7c
--- /dev/null
+++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/data/pwck.out
@@ -0,0 +1,2 @@
+user foo has an entry in /etc/shadow, but its password field in /etc/passwd is not set to 'x'
+pwck: no changes
diff --git a/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/pwck.test b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/pwck.test
new file mode 100755
index 0000000..4c5b1f5
--- /dev/null
+++ b/tests/cktools/pwck/31_pwck_shadow_entry_passwd_no_x/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck checks that the password is set to x if there is a shadow entry"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check user database (pwck -r)..."
+pwck -r >tmp/pwck.out && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.out
+echo "======================================================================="
+echo -n "Check the report..."
+diff -au data/pwck.out tmp/pwck.out
+echo "report OK."
+rm -f tmp/pwck.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cktools/pwck/32_pwck_quiet/config.txt b/tests/cktools/pwck/32_pwck_quiet/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/cktools/pwck/32_pwck_quiet/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/cktools/pwck/32_pwck_quiet/config/etc/group b/tests/cktools/pwck/32_pwck_quiet/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cktools/pwck/32_pwck_quiet/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cktools/pwck/32_pwck_quiet/config/etc/gshadow b/tests/cktools/pwck/32_pwck_quiet/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cktools/pwck/32_pwck_quiet/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cktools/pwck/32_pwck_quiet/config/etc/passwd b/tests/cktools/pwck/32_pwck_quiet/config/etc/passwd
new file mode 100644
index 0000000..4491abe
--- /dev/null
+++ b/tests/cktools/pwck/32_pwck_quiet/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+Debian-exim:x:103:102::/var/spool/exim4:/bin/false
+Debian-exim2:x:104:103::/var/spool/exim4:/bin/false
+Debian-exim3:x:102:103::/var/spool/exim4:/bin/false
diff --git a/tests/cktools/pwck/32_pwck_quiet/config/etc/shadow b/tests/cktools/pwck/32_pwck_quiet/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/cktools/pwck/32_pwck_quiet/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cktools/pwck/32_pwck_quiet/data/pwck.out b/tests/cktools/pwck/32_pwck_quiet/data/pwck.out
new file mode 100644
index 0000000..c9a8c2c
--- /dev/null
+++ b/tests/cktools/pwck/32_pwck_quiet/data/pwck.out
@@ -0,0 +1,9 @@
+duplicate password entry
+delete line 'Debian-exim:x:102:102::/var/spool/exim4:/bin/false'? No
+duplicate password entry
+delete line 'Debian-exim:x:103:102::/var/spool/exim4:/bin/false'? No
+no matching password file entry in /etc/shadow
+add user 'Debian-exim2' in /etc/shadow? No
+no matching password file entry in /etc/shadow
+add user 'Debian-exim3' in /etc/shadow? No
+pwck: no changes
diff --git a/tests/cktools/pwck/32_pwck_quiet/pwck.test b/tests/cktools/pwck/32_pwck_quiet/pwck.test
new file mode 100755
index 0000000..c8a8b8e
--- /dev/null
+++ b/tests/cktools/pwck/32_pwck_quiet/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get pwck usage (pwck -q -r)..."
+pwck -q -r >tmp/pwck.out && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.out
+echo "======================================================================="
+echo -n "Check the report..."
+diff -au data/pwck.out tmp/pwck.out
+echo "report OK."
+rm -f tmp/pwck.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cleanup.sh b/tests/cleanup.sh
new file mode 100755
index 0000000..26b1b27
--- /dev/null
+++ b/tests/cleanup.sh
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+for t in *
+do
+	if [ ! -d $t/data ]; then continue; fi
+	for i in passwd group shadow gshadow
+	do
+		if [ -f $t/data/$i ]
+		then
+			if cmp -s $t/config/etc/$i $t/data/$i
+			then
+				echo "# $t/data/$i identical to config"
+				svn rm "$t/data/$i"
+			fi
+		fi
+	done
+done
+
+for t in *
+do
+	cd $t
+	if [ ! -d data ]; then cd ..; continue; fi
+	for i in data/*
+	do
+		if [ ! -f $i ]; then continue; fi
+		if ! grep -q $i *.test
+		then
+			echo "# $t/$i not used"
+			svn rm "$i"
+		fi
+	done
+	cd ..
+done
diff --git a/tests/common/Makefile b/tests/common/Makefile
new file mode 100644
index 0000000..4ee04dd
--- /dev/null
+++ b/tests/common/Makefile
@@ -0,0 +1,14 @@
+all: \
+	fopen_failure.so \
+	link_failure.so \
+	open_RDONLY_failure.so \
+	open_RDWR_failure.so \
+	rename_failure.so \
+	rmdir_failure.so \
+	time_0.so \
+	time_past.so \
+	unlink_failure.so \
+	unlinkat_failure.so
+
+%.so: %.c
+	gcc -W -Wall -pedantic -g $< -shared -ldl -o $@
diff --git a/tests/common/compare_file.pl b/tests/common/compare_file.pl
new file mode 100755
index 0000000..eb498d3
--- /dev/null
+++ b/tests/common/compare_file.pl
@@ -0,0 +1,116 @@
+#!/usr/bin/perl
+
+open (TEMPLATE, $ARGV[0]) or die "Cannot open '".$ARGV[0]."': $!";
+my $template = join "", <TEMPLATE>;
+open (FILE, $ARGV[1]) or die "Cannot open '".$ARGV[1]."': $!";
+my $file = join "", <FILE>;
+
+my $today = int(time()/(24*3600));
+$template =~ s/\@TODAY\@/$today/g;
+
+my $tmp = $template;
+while ($tmp =~ m/^(.*?)([^\n]*):\@PASS_DES ([^:]*)\@:(.*)$/s) {
+	my $user = $2;
+	my $pass = $3;
+	$tmp = $4;
+	if ($file =~ m/^$user:/m) {
+		$file =~ s/^$user:([^:]*):(.*)$/$user:\@PASS_DES $pass\@:$2/m;
+		my $cryptpass = $1;
+		# Check the password
+		my $checkpass = qx|/usr/bin/openssl passwd -crypt -salt '$cryptpass' $pass 2>tmp/openssl.err|;
+		chomp $checkpass;
+
+		system "cat tmp/openssl.err"
+			if ($checkpass ne $cryptpass);
+		system "rm -f tmp/openssl.err";
+		die "Wrong password for $user: '$cryptpass'. Expected password: '$checkpass'\n"
+			if ($checkpass ne $cryptpass);
+	} else {
+		die "No user '$user' in ".$ARGV[1].".\n";
+	}
+}
+
+$tmp = $template;
+while ($tmp =~ m/^(.*?)([^\n]*):\@PASS_MD5 ([^:]*)\@:(.*)$/s) {
+	my $user = $2;
+	my $pass = $3;
+	$tmp = $4;
+	if ($file =~ m/^$user:/m) {
+		$file =~ s/^$user:([^:]*):(.*)$/$user:\@PASS_MD5 $pass\@:$2/m;
+		my $cryptpass = $1;
+		# Check the password
+		my $salt = $cryptpass;
+		$salt =~ s/^\$1\$//;
+		$salt =~ s/\$.*$//;
+		my $checkpass = qx|/usr/bin/openssl passwd -1 -salt '$salt' '$pass'|;
+		chomp $checkpass;
+
+		die "Wrong password for $user: '$cryptpass'. Expected password: '$checkpass'\n"
+			if ($checkpass ne $cryptpass);
+	} else {
+		die "No user '$user' in ".$ARGV[1].".\n";
+	}
+}
+
+$tmp = $template;
+while ($tmp =~ m/^(.*?)([^\n]*):\@PASS_SHA256 ([^:]*)\@:(.*)$/s) {
+	my $user = $2;
+	my $pass = $3;
+	$tmp = $4;
+	if ($file =~ m/^$user:/m) {
+		$file =~ s/^$user:([^:]*):(.*)$/$user:\@PASS_SHA256 $pass\@:$2/m;
+		my $cryptpass = $1;
+		# Check the password
+		my $salt = $cryptpass;
+		$salt =~ s/^\$5\$//;
+		my $rounds = "";
+		if ($salt =~ s/^rounds=([0-9]*)\$//) {
+			$rounds = "-R $1";
+		}
+
+		$salt =~ s/\$.*$//;
+		my $checkpass = qx!echo '$pass' | /usr/bin/mkpasswd -m sha-256 --salt '$salt' $rounds --stdin!;
+		chomp $checkpass;
+
+		die "Wrong password for $user: '$cryptpass'. Expected password: '$checkpass'\n"
+			if ($checkpass ne $cryptpass);
+	} else {
+		die "No user '$user' in ".$ARGV[1].".\n";
+	}
+}
+
+$tmp = $template;
+while ($tmp =~ m/^(.*?)([^\n]*):\@PASS_SHA512 ([^:]*)\@:(.*)$/s) {
+	my $user = $2;
+	my $pass = $3;
+	$tmp = $4;
+	if ($file =~ m/^$user:/m) {
+		$file =~ s/^$user:([^:]*):(.*)$/$user:\@PASS_SHA512 $pass\@:$2/m;
+		my $cryptpass = $1;
+		# Check the password
+		my $salt = $cryptpass;
+		$salt =~ s/^\$6\$//;
+		my $rounds = "";
+		if ($salt =~ s/^rounds=([0-9]*)\$//) {
+			$rounds = "-R $1";
+		}
+
+		$salt =~ s/\$.*$//;
+		my $checkpass = qx!echo '$pass' | /usr/bin/mkpasswd -m sha-512 --salt '$salt' $rounds --stdin!;
+		chomp $checkpass;
+
+		die "Wrong password for $user: '$cryptpass'. Expected password: '$checkpass'\n"
+			if ($checkpass ne $cryptpass);
+	} else {
+		die "No user '$user' in ".$ARGV[1].".\n";
+	}
+}
+
+
+exit 0 if ($file =~ m/^\Q$template\E$/s);
+
+print "Files differ.\n";
+
+system "diff", "-au", $ARGV[0], $ARGV[1];
+
+exit 1
diff --git a/tests/common/config.sh b/tests/common/config.sh
new file mode 100644
index 0000000..9b50485
--- /dev/null
+++ b/tests/common/config.sh
@@ -0,0 +1,121 @@
+# Generic functions to save, change, and restore configuration files
+
+set -e
+
+build_path=/root/build/shadow-4.1.5/
+
+# Save the configuration files in tmp.
+save_config ()
+{
+	[ ! -d tmp ] && mkdir tmp
+	find config -depth -path "*/.svn/*" -prune -o -type f -print | sed -e 's/config\///' |
+	while read file
+	do
+		mkdir -p "tmp/$(dirname "$file")"
+		[ -f "/$file" ] && cp -dp "/$file" "tmp/$file" || true
+	done
+}
+
+# Copy the config files from config to the system
+change_config ()
+{
+	find config -depth -path "*/.svn/*" -prune -o -type f -print | sed -e 's/config\///' |
+	while read file
+	do
+		cp -f "config/$file" "/$file"
+	done
+}
+
+# Restored the config files in the system.
+# The config files must be saved before with save_config ().
+restore_config ()
+{
+	find config -depth -path "*/.svn/*" -prune -o -type f -print | sed -e 's/config\///' |
+	while read file
+	do
+		if [ -f "tmp/$file" ]; then
+			cp -dp "tmp/$file" "/$file"
+			rm "tmp/$file"
+		else
+			rm -f "/$file"
+		fi
+		d="$(dirname "tmp/$file")"
+		while [ -n "$d" ] && [ "$d" != "." ]
+		do
+			rmdir "$d" 2>/dev/null || true
+			d="$(dirname "$d")"
+		done
+	done
+
+	rmdir tmp 2>/dev/null || true
+}
+
+prepare_chroot ()
+{
+	mkdir tmp/root
+	cp -rfdp config_chroot/* tmp/root/
+	find tmp/root/ -name .svn -type d -print0 | xargs -0 rm -rf
+
+	lists=/root/tests/common/config_chroot.list
+	[ -f config_chroot.list ] && lists="$lists config_chroot.list"
+	cat $lists | grep -v "#" | while read f
+	do
+		# Create parent directory if needed
+		d=$(dirname tmp/root/$f)
+		[ -d $d ] || mkdir -p $d
+		# Create hard link
+		ln $f tmp/root/$f
+	done
+
+	# Copy existing gcda
+	mkdir -p tmp/root$build_path/lib
+	mkdir -p tmp/root$build_path/libmisc
+	mkdir -p tmp/root$build_path/src
+	find "$build_path" -name "*.gcda" | while read f
+	do
+		ln $f tmp/root/$f
+	done
+}
+
+clean_chroot ()
+{
+	# Remove copied files
+	lists=/root/tests/common/config_chroot.list
+	[ -f config_chroot.list ] && lists="$lists config_chroot.list"
+	cat $lists | grep -v "#" | while read f
+	do
+		rm -f tmp/root/$f
+		# Remove parent directory if empty
+		d=$(dirname tmp/root/$f)
+		rmdir -p --ignore-fail-on-non-empty $d
+	done
+
+	find "$build_path" -name "*.gcda" | while read f
+	do
+		rm -f tmp/root/$f
+	done
+	find tmp/root -name "*.gcda" | while read f
+	do
+		g=${f#tmp/root}
+		mv "$f" "$g"
+	done
+	rmdir tmp/root$build_path/lib
+	rmdir tmp/root$build_path/libmisc
+	rmdir tmp/root$build_path/src
+	rmdir tmp/root$build_path
+	rmdir tmp/root/root/build
+	rmdir tmp/root/root
+
+	find config_chroot -type f | while read f
+	do
+		f=${f#config_chroot/}
+		rm -f tmp/root/$f
+	done
+
+	find config_chroot -depth -type d | while read d
+	do
+		d=${d#config_chroot}
+		[ -d "tmp/root$d" ] && rmdir tmp/root$d
+	done
+}
+
diff --git a/tests/common/config_chroot-i386.list b/tests/common/config_chroot-i386.list
new file mode 100644
index 0000000..ba7bf8a
--- /dev/null
+++ b/tests/common/config_chroot-i386.list
@@ -0,0 +1,25 @@
+/lib/i386-linux-gnu/ld-2.13.so
+/lib/i386-linux-gnu/ld-linux.so.2
+/lib/ld-linux.so.2
+/lib/i386-linux-gnu/libcrypt-2.13.so
+/lib/i386-linux-gnu/libcrypt.so.1
+/lib/i386-linux-gnu/libc-2.13.so
+/lib/i386-linux-gnu/libc.so.6
+/lib/i386-linux-gnu/libdl-2.13.so
+/lib/i386-linux-gnu/libdl.so.2
+/lib/i386-linux-gnu/libnsl-2.13.so
+/lib/i386-linux-gnu/libnsl.so.1
+/lib/i386-linux-gnu/libnss_compat-2.13.so
+/lib/i386-linux-gnu/libnss_compat.so.2
+/lib/i386-linux-gnu/libpamc.so.0
+/lib/i386-linux-gnu/libpamc.so.0.82.1
+/lib/i386-linux-gnu/libpam_misc.so.0
+/lib/i386-linux-gnu/libpam_misc.so.0.82.0
+/lib/i386-linux-gnu/libpam.so.0
+/lib/i386-linux-gnu/libpam.so.0.83.0
+/lib/i386-linux-gnu/libselinux.so.1
+/lib/i386-linux-gnu/security/pam_deny.so
+/lib/i386-linux-gnu/security/pam_permit.so
+/lib/i386-linux-gnu/security/pam_rootok.so
+/lib/i386-linux-gnu/security/pam_shells.so
+/lib/i386-linux-gnu/security/pam_unix.so
diff --git a/tests/common/config_chroot-powerpc.list b/tests/common/config_chroot-powerpc.list
new file mode 100644
index 0000000..e6c344e
--- /dev/null
+++ b/tests/common/config_chroot-powerpc.list
@@ -0,0 +1,25 @@
+/lib/powerpc-linux-gnu/ld-2.13.so
+/lib/powerpc-linux-gnu/ld.so.1
+/lib/ld.so.1
+/lib/powerpc-linux-gnu/libcrypt-2.13.so
+/lib/powerpc-linux-gnu/libcrypt.so.1
+/lib/powerpc-linux-gnu/libc-2.13.so
+/lib/powerpc-linux-gnu/libc.so.6
+/lib/powerpc-linux-gnu/libdl-2.13.so
+/lib/powerpc-linux-gnu/libdl.so.2
+/lib/powerpc-linux-gnu/libnsl-2.13.so
+/lib/powerpc-linux-gnu/libnsl.so.1
+/lib/powerpc-linux-gnu/libnss_compat-2.13.so
+/lib/powerpc-linux-gnu/libnss_compat.so.2
+/lib/powerpc-linux-gnu/libpamc.so.0
+/lib/powerpc-linux-gnu/libpamc.so.0.82.1
+/lib/powerpc-linux-gnu/libpam_misc.so.0
+/lib/powerpc-linux-gnu/libpam_misc.so.0.82.0
+/lib/powerpc-linux-gnu/libpam.so.0
+/lib/powerpc-linux-gnu/libpam.so.0.83.0
+/lib/powerpc-linux-gnu/libselinux.so.1
+/lib/powerpc-linux-gnu/security/pam_deny.so
+/lib/powerpc-linux-gnu/security/pam_permit.so
+/lib/powerpc-linux-gnu/security/pam_rootok.so
+/lib/powerpc-linux-gnu/security/pam_shells.so
+/lib/powerpc-linux-gnu/security/pam_unix.so
diff --git a/tests/common/fopen_failure.c b/tests/common/fopen_failure.c
new file mode 100644
index 0000000..750cd66
--- /dev/null
+++ b/tests/common/fopen_failure.c
@@ -0,0 +1,46 @@
+/* 
+ * gcc fopen_failure.c -o fopen_failure.so -shared -ldl 
+ * LD_PRELOAD=./fopen_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+
+
+typedef FILE * (*fopen_type) (const char *path, const char *mode);
+static fopen_type next_fopen;
+
+static const char *failure_path = NULL;
+
+FILE *fopen64 (const char *path, const char *mode)
+{
+printf ("fopen64(%s, %s)\n", path, mode);
+	if (NULL == next_fopen)
+	{
+		next_fopen = dlsym (RTLD_NEXT, "fopen64");
+		assert (NULL != next_fopen);
+	}
+	if (NULL == failure_path) {
+		failure_path = getenv ("FAILURE_PATH");
+		if (NULL == failure_path) {
+			fputs ("No FAILURE_PATH defined\n", stderr);
+		}
+	}
+
+	if (   (NULL != path)
+	    && (NULL != failure_path)
+	    && (strcmp (path, failure_path) == 0))
+	{
+		fprintf (stderr, "fopen64 FAILURE %s %s ...\n", path, mode);
+		errno = EIO;
+		return NULL;
+	}
+
+	return next_fopen (path, mode);
+}
+
diff --git a/tests/common/link_failure.c b/tests/common/link_failure.c
new file mode 100644
index 0000000..8cf460a
--- /dev/null
+++ b/tests/common/link_failure.c
@@ -0,0 +1,51 @@
+/* 
+ * gcc link_failure.c -o link_failure.so -shared -ldl 
+ * LD_PRELOAD=./link_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+
+typedef int (*link_type) (const char *oldpath, const char *newpath);
+static link_type next_link;
+
+static const char *failure_path = NULL;
+
+int link (const char *oldpath, const char *newpath)
+{
+	if (NULL == next_link)
+	{
+		next_link = dlsym (RTLD_NEXT, "link");
+		assert (NULL != next_link);
+	}
+	if (NULL == failure_path) {
+		failure_path = getenv ("FAILURE_PATH");
+		if (NULL == failure_path) {
+			fputs ("No FAILURE_PATH defined\n", stderr);
+		}
+	}
+
+	if (   (NULL != newpath)
+	    && (NULL != failure_path)
+	    && (strcmp (newpath, failure_path) == 0))
+	{
+		fprintf (stderr, "link FAILURE %s %s\n", oldpath, newpath);
+		errno = EIO;
+		return -1;
+	}
+
+	return next_link (oldpath, newpath);
+}
+
diff --git a/tests/common/log.sh b/tests/common/log.sh
new file mode 100644
index 0000000..4887970
--- /dev/null
+++ b/tests/common/log.sh
@@ -0,0 +1,46 @@
+# Helpers to log messages / status
+
+log_start ()
+{
+	test="$1"
+	rationale="$2"
+	cat << EOF
+
+###############################################################################
+#
+# Test: $test
+#
+###############################################################################
+#
+# Rationale: $rationale
+#
+###############################################################################
+EOF
+}
+
+log_end ()
+{
+	test="$1"
+	cat << EOF
+###############################################################################
+#
+# End of test $test
+#
+###############################################################################
+
+EOF
+}
+
+log_status ()
+{
+	test="$1"
+	status="$2"
+	cat << EOF
+###############################################################################
+#
+# Status of test $test: $status
+#
+###############################################################################
+EOF
+}
+
diff --git a/tests/common/open_RDONLY_failure.c b/tests/common/open_RDONLY_failure.c
new file mode 100644
index 0000000..e14859f
--- /dev/null
+++ b/tests/common/open_RDONLY_failure.c
@@ -0,0 +1,51 @@
+/* 
+ * gcc open_RDONLY_failure.c -o open_RDONLY_failure.so -shared -ldl 
+ * LD_PRELOAD=./open_RDONLY_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+
+
+typedef int (*open_type) (const char *pathname, int flag, ...);
+static open_type next_open64;
+
+static const char *failure_path = NULL;
+
+int open64 (const char *pathname, int flag, ...)
+{
+	if (NULL == next_open64)
+	{
+		next_open64 = dlsym (RTLD_NEXT, "open64");
+		assert (NULL != next_open64);
+	}
+	if (NULL == failure_path) {
+		failure_path = getenv ("FAILURE_PATH");
+		if (NULL == failure_path) {
+			fputs ("No FAILURE_PATH defined\n", stderr);
+		}
+	}
+
+	if (   (NULL != pathname)
+	    && ((flag & O_ACCMODE) == O_RDONLY)
+	    && (NULL != failure_path)
+	    && (strcmp (pathname, failure_path) == 0))
+	{
+		fprintf (stderr, "open FAILURE %s %x ...\n", pathname, flag&O_ACCMODE);
+		errno = EIO;
+		return -1;
+	}
+
+	return next_open64 (pathname, flag);
+}
+
diff --git a/tests/common/open_RDWR_failure.c b/tests/common/open_RDWR_failure.c
new file mode 100644
index 0000000..5bf1069
--- /dev/null
+++ b/tests/common/open_RDWR_failure.c
@@ -0,0 +1,51 @@
+/* 
+ * gcc open_RDWR_failure.c -o open_RDWR_failure.so -shared -ldl 
+ * LD_PRELOAD=./open_RDWR_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+
+
+typedef int (*open_type) (const char *pathname, int flag, ...);
+static open_type next_open64;
+
+static const char *failure_path = NULL;
+
+int open64 (const char *pathname, int flag, ...)
+{
+	if (NULL == next_open64)
+	{
+		next_open64 = dlsym (RTLD_NEXT, "open64");
+		assert (NULL != next_open64);
+	}
+	if (NULL == failure_path) {
+		failure_path = getenv ("FAILURE_PATH");
+		if (NULL == failure_path) {
+			fputs ("No FAILURE_PATH defined\n", stderr);
+		}
+	}
+
+	if (   (NULL != pathname)
+	    && ((flag & O_ACCMODE) == O_RDWR)
+	    && (NULL != failure_path)
+	    && (strcmp (pathname, failure_path) == 0))
+	{
+		fprintf (stderr, "open FAILURE %s %x ...\n", pathname, flag&O_ACCMODE);
+		errno = EIO;
+		return -1;
+	}
+
+	return next_open64 (pathname, flag);
+}
+
diff --git a/tests/common/rename_failure.c b/tests/common/rename_failure.c
new file mode 100644
index 0000000..dd02fe5
--- /dev/null
+++ b/tests/common/rename_failure.c
@@ -0,0 +1,50 @@
+/* 
+ * gcc rename_failure.c -o rename_failure.so -shared -ldl 
+ * LD_PRELOAD=./rename_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+
+
+typedef int (*rename_type) (const char *old, const char *new);
+static rename_type next_rename;
+
+static const char *failure_path = NULL;
+
+int rename (const char *old, const char *new)
+{
+	if (NULL == next_rename)
+	{
+		next_rename = dlsym (RTLD_NEXT, "rename");
+		assert (NULL != next_rename);
+	}
+	if (NULL == failure_path) {
+		failure_path = getenv ("FAILURE_PATH");
+		if (NULL == failure_path) {
+			fputs ("No FAILURE_PATH defined\n", stderr);
+		}
+	}
+
+	if (   (NULL != new)
+	    && (NULL != failure_path)
+	    && (strcmp (new, failure_path) == 0))
+	{
+		fprintf (stderr, "rename FAILURE %s %s\n", old, new);
+		errno = EIO;
+		return -1;
+	}
+
+	return next_rename (old, new);
+}
+
diff --git a/tests/common/rmdir_failure.c b/tests/common/rmdir_failure.c
new file mode 100644
index 0000000..9d775b1
--- /dev/null
+++ b/tests/common/rmdir_failure.c
@@ -0,0 +1,51 @@
+/* 
+ * gcc rmdir_failure.c -o rmdir_failure.so -shared -ldl 
+ * LD_PRELOAD=./rmdir_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+
+typedef int (*rmdir_type) (const char *path);
+static rmdir_type next_rmdir;
+
+static const char *failure_path = NULL;
+
+int rmdir (const char *path)
+{
+	if (NULL == next_rmdir)
+	{
+		next_rmdir = dlsym (RTLD_NEXT, "rmdir");
+		assert (NULL != next_rmdir);
+	}
+	if (NULL == failure_path) {
+		failure_path = getenv ("FAILURE_PATH");
+		if (NULL == failure_path) {
+			fputs ("No FAILURE_PATH defined\n", stderr);
+		}
+	}
+
+	if (   (NULL != path)
+	    && (NULL != failure_path)
+	    && (strcmp (path, failure_path) == 0))
+	{
+		fprintf (stderr, "rmdir FAILURE %s\n", path);
+		errno = EBUSY;
+		return -1;
+	}
+
+	return next_rmdir (path);
+}
+
diff --git a/tests/common/time_0.c b/tests/common/time_0.c
new file mode 100644
index 0000000..6937361
--- /dev/null
+++ b/tests/common/time_0.c
@@ -0,0 +1,16 @@
+/* 
+ * gcc time_0.c -o time_0.so -shared
+ * LD_PRELOAD=./time_0.so ./test
+ */
+
+#include <stdio.h>
+#include <time.h>
+
+
+time_t time (time_t *t)
+{
+	fprintf (stderr, "time 0\n");
+
+	return (time_t)0;
+}
+
diff --git a/tests/common/time_past.c b/tests/common/time_past.c
new file mode 100644
index 0000000..d0eb741
--- /dev/null
+++ b/tests/common/time_past.c
@@ -0,0 +1,52 @@
+/* 
+ * gcc time_past.c -o time_past.so -shared -ldl 
+ * LD_PRELOAD=./time_past.so PAST_DAYS=2 ./test
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+
+
+typedef time_t (*time_type) (time_t *t);
+static time_type next_time;
+
+static int time_past = 0;
+static char *past = NULL;
+
+time_t time (time_t *t)
+{
+	time_t res;
+
+	if (NULL == next_time)
+	{
+		next_time = dlsym (RTLD_NEXT, "time");
+		assert (NULL != next_time);
+	}
+	if (NULL == past) {
+		const char *past = getenv ("PAST_DAYS");
+		if (NULL == past) {
+			fputs ("No PAST_DAYS defined\n", stderr);
+		}
+		time_past = atoi (past);
+	}
+
+	res = next_time (t);
+	res -= 24*60*60*time_past;
+
+	if (NULL != t) {
+		*t = res;
+	}
+
+	return res;
+}
+
diff --git a/tests/common/unlink_failure.c b/tests/common/unlink_failure.c
new file mode 100644
index 0000000..2281c8a
--- /dev/null
+++ b/tests/common/unlink_failure.c
@@ -0,0 +1,51 @@
+/* 
+ * gcc unlink_failure.c -o unlink_failure.so -shared -ldl 
+ * LD_PRELOAD=./unlink_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+
+typedef int (*unlink_type) (const char *path);
+static unlink_type next_unlink;
+
+static const char *failure_path = NULL;
+
+int unlink (const char *path)
+{
+	if (NULL == next_unlink)
+	{
+		next_unlink = dlsym (RTLD_NEXT, "unlink");
+		assert (NULL != next_unlink);
+	}
+	if (NULL == failure_path) {
+		failure_path = getenv ("FAILURE_PATH");
+		if (NULL == failure_path) {
+			fputs ("No FAILURE_PATH defined\n", stderr);
+		}
+	}
+
+	if (   (NULL != path)
+	    && (NULL != failure_path)
+	    && (strcmp (path, failure_path) == 0))
+	{
+		fprintf (stderr, "unlink FAILURE %s\n", path);
+		errno = EBUSY;
+		return -1;
+	}
+
+	return next_unlink (path);
+}
+
diff --git a/tests/common/unlinkat_failure.c b/tests/common/unlinkat_failure.c
new file mode 100644
index 0000000..5b8bf95
--- /dev/null
+++ b/tests/common/unlinkat_failure.c
@@ -0,0 +1,62 @@
+/* 
+ * gcc unlinkat_failure.c -o unlinkat_failure.so -shared -ldl 
+ * LD_PRELOAD=./unlinkat_failure.so FAILURE_PATH=/etc/shadow ./test /etc/shadow
+ */
+
+#define _GNU_SOURCE
+#include <dlfcn.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <stdarg.h>
+#include <fcntl.h>
+#include <string.h>
+#include <errno.h>
+#include <assert.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+
+typedef int (*unlinkat_type) (int dirfd, const char *pathname, int flags);
+static unlinkat_type next_unlinkat;
+
+static const char *failure_path = NULL;
+static dev_t failure_dev = -1;
+static ino_t failure_ino = -1;
+
+int unlinkat (int dirfd, const char *pathname, int flags)
+{
+	if (NULL == next_unlinkat)
+	{
+		next_unlinkat = dlsym (RTLD_NEXT, "unlinkat");
+		assert (NULL != next_unlinkat);
+	}
+	if (NULL == failure_path) {
+		struct stat sb;
+		failure_path = getenv ("FAILURE_PATH");
+		if (NULL == failure_path) {
+			fputs ("No FAILURE_PATH defined\n", stderr);
+		}
+		if (lstat (failure_path, &sb) != 0) {
+			fputs ("Can't lstat FAILURE_PATH\n", stderr);
+		}
+		failure_dev = sb.st_dev;
+		failure_ino = sb.st_ino;
+	}
+
+	if (   (NULL != pathname)
+	    && (NULL != failure_path)) {
+		struct stat sb;
+		if (   (fstatat (dirfd, pathname, &sb, flags) == 0)
+		    && (sb.st_dev == failure_dev)
+		    && (sb.st_ino == failure_ino)) {
+			fprintf (stderr, "unlinkat FAILURE %s\n", failure_path);
+			errno = EBUSY;
+			return -1;
+		}
+	}
+
+	return next_unlinkat (dirfd, pathname, flags);
+}
+
diff --git a/tests/convtools/01/data/1/group b/tests/convtools/01/data/1/group
new file mode 100644
index 0000000..a34689a
--- /dev/null
+++ b/tests/convtools/01/data/1/group
@@ -0,0 +1,42 @@
+root:*:0:
+daemon:*:1:
+bin:*:2:
+sys:*:3:
+adm:*:4:
+tty:*:5:
+disk:*:6:
+lp:*:7:
+mail:*:8:
+news:*:9:
+uucp:*:10:
+man:*:12:
+proxy:*:13:
+kmem:*:15:
+dialout:*:20:
+fax:*:21:
+voice:*:22:
+cdrom:*:24:
+floppy:*:25:
+tape:*:26:
+sudo:*:27:
+audio:*:29:
+dip:*:30:
+www-data:*:33:
+backup:*:34:
+operator:*:37:
+list:*:38:
+irc:*:39:
+src:*:40:
+gnats:*:41:
+shadow:*:42:
+utmp:*:43:
+video:*:44:
+sasl:*:45:
+plugdev:*:46:
+staff:*:50:
+games:*:60:
+users:*:100:
+nogroup:*:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/convtools/01/data/1/passwd b/tests/convtools/01/data/1/passwd
new file mode 100644
index 0000000..a9a08c8
--- /dev/null
+++ b/tests/convtools/01/data/1/passwd
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:!:102:102::/var/spool/exim4:/bin/false
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/convtools/01/data/2/group b/tests/convtools/01/data/2/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/convtools/01/data/2/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/convtools/01/data/2/gshadow b/tests/convtools/01/data/2/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/convtools/01/data/2/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/convtools/01/data/2/passwd b/tests/convtools/01/data/2/passwd
new file mode 100644
index 0000000..e8242fe
--- /dev/null
+++ b/tests/convtools/01/data/2/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite:x:424243:424243::/home:/bin/bash
diff --git a/tests/convtools/01/data/2/shadow b/tests/convtools/01/data/2/shadow
new file mode 100644
index 0000000..6689e4f
--- /dev/null
+++ b/tests/convtools/01/data/2/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+testsuite::12992:0:99999:7:::
diff --git a/tests/convtools/01/run b/tests/convtools/01/run
new file mode 100755
index 0000000..81ceef1
--- /dev/null
+++ b/tests/convtools/01/run
@@ -0,0 +1,117 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test that su can be used to switch to root and to a normal account
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save()
+{
+	[ ! -d tmp ] && mkdir tmp
+	for i in passwd group shadow gshadow
+	do
+		[ -f /etc/$i  ] && cp -dp /etc/$i  tmp/$i
+		[ -f /etc/$i- ] && cp -dp /etc/$i- tmp/$i-
+	done
+	DATE=$(date '+%s')
+	DATE=$(( DATE/3600/24 ))
+	WARN=$( egrep "^PASS_WARN_AGE" /etc/login.defs | { read var val ; echo $val; } )
+	saveifs=$IFS
+	IFS=":"
+	cat data/2/shadow |
+		while read f1 f2 f3 f4 f5 f6 f7 f8 fres
+		do
+			echo "$f1:$f2:$DATE:$f4:$f5:$WARN:::"
+		done > tmp/shadow.2
+	IFS=$saveifs
+}
+
+restore()
+{
+	for i in passwd group shadow gshadow
+	do
+		[ -f tmp/$i  ] && cp -dp tmp/$i  /etc/$i  && rm tmp/$i
+		[ -f tmp/$i- ] && cp -dp tmp/$i- /etc/$i- && rm tmp/$i-
+	done
+	rm tmp/shadow.2
+	rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'restore' 0
+
+for i in passwd group shadow gshadow
+do
+	rm -f /etc/$i
+done
+for i in passwd group
+do
+	cp -f data/1/$i /etc/
+done
+
+echo -n "pwconv "
+pwconv
+echo -n "checking..."
+diff -au /etc/passwd  data/2/passwd
+diff -au /etc/shadow  tmp/shadow.2
+diff -au /etc/group   data/1/group
+perms=$(stat -c "%a %u %G" /etc/shadow)
+if [ "$perms" != "440 0 shadow" ]
+then
+	echo "Wrong mode or owners on /etc/shadow."
+	exit 1
+fi
+if [ -f /etc/gshadow ]
+then
+	echo "/etc/gshadow should not exist."
+	exit 1
+fi
+echo "OK"
+
+echo -n "grpconv "
+grpconv
+echo -n "checking..."
+diff -au /etc/passwd  data/2/passwd
+diff -au /etc/shadow  tmp/shadow.2
+diff -au /etc/group   data/2/group
+diff -au /etc/gshadow data/2/gshadow
+echo "OK"
+
+echo -n "pwunconv "
+pwunconv
+echo -n "checking..."
+diff -au /etc/passwd  data/1/passwd
+if [ -f /etc/shadow ]
+then
+	echo "/etc/shadow should not exist. "
+	exit 1
+fi
+diff -au /etc/group   data/2/group
+diff -au /etc/gshadow data/2/gshadow
+echo "OK"
+
+echo -n "grpunconv "
+grpunconv
+echo -n "checking..."
+diff -au /etc/passwd  data/1/passwd
+if [ -f /etc/shadow ]
+then
+	echo "/etc/shadow should not exist. "
+	exit 1
+fi
+diff -au /etc/group   data/1/group
+if [ -f /etc/gshadow ]
+then
+	echo "/etc/gshadow should not exist. "
+	exit 1
+fi
+echo "OK"
+
diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/config.txt b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config.txt
new file mode 100644
index 0000000..8529433
--- /dev/null
+++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config.txt
@@ -0,0 +1,2 @@
+user foo, in group users
+group bar in gshadow, not group
diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/group b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/gshadow b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/passwd b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/shadow b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/data/gshadow b/tests/convtools/02_grpconv_remove_gshadow_only_entries/data/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/convtools/02_grpconv_remove_gshadow_only_entries/grpconv.test b/tests/convtools/02_grpconv_remove_gshadow_only_entries/grpconv.test
new file mode 100755
index 0000000..8092d3a
--- /dev/null
+++ b/tests/convtools/02_grpconv_remove_gshadow_only_entries/grpconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv removes the gshadow only entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Convert the group files (grpconv)..."
+grpconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/03_grpconv_copy_passwd/config.txt b/tests/convtools/03_grpconv_copy_passwd/config.txt
new file mode 100644
index 0000000..e904dbe
--- /dev/null
+++ b/tests/convtools/03_grpconv_copy_passwd/config.txt
@@ -0,0 +1,2 @@
+group foo with a password in /etc/group
+group foo not in gshadow
diff --git a/tests/convtools/03_grpconv_copy_passwd/config/etc/group b/tests/convtools/03_grpconv_copy_passwd/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/03_grpconv_copy_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/03_grpconv_copy_passwd/config/etc/gshadow b/tests/convtools/03_grpconv_copy_passwd/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/03_grpconv_copy_passwd/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/03_grpconv_copy_passwd/config/etc/passwd b/tests/convtools/03_grpconv_copy_passwd/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/03_grpconv_copy_passwd/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/03_grpconv_copy_passwd/config/etc/shadow b/tests/convtools/03_grpconv_copy_passwd/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/03_grpconv_copy_passwd/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/03_grpconv_copy_passwd/data/group b/tests/convtools/03_grpconv_copy_passwd/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/convtools/03_grpconv_copy_passwd/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/convtools/03_grpconv_copy_passwd/data/gshadow b/tests/convtools/03_grpconv_copy_passwd/data/gshadow
new file mode 100644
index 0000000..fed75fc
--- /dev/null
+++ b/tests/convtools/03_grpconv_copy_passwd/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:$1$foogroupPassword::
diff --git a/tests/convtools/03_grpconv_copy_passwd/grpconv.test b/tests/convtools/03_grpconv_copy_passwd/grpconv.test
new file mode 100755
index 0000000..2cf4989
--- /dev/null
+++ b/tests/convtools/03_grpconv_copy_passwd/grpconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv copies the password from group to gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Convert the group files (grpconv)..."
+grpconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/04_grpconv_no_password/config.txt b/tests/convtools/04_grpconv_no_password/config.txt
new file mode 100644
index 0000000..71f8a48
--- /dev/null
+++ b/tests/convtools/04_grpconv_no_password/config.txt
@@ -0,0 +1,2 @@
+group foo with an empty password in group
+group foo not in gshadow
diff --git a/tests/convtools/04_grpconv_no_password/config/etc/group b/tests/convtools/04_grpconv_no_password/config/etc/group
new file mode 100644
index 0000000..52ece62
--- /dev/null
+++ b/tests/convtools/04_grpconv_no_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo::1000:
diff --git a/tests/convtools/04_grpconv_no_password/config/etc/gshadow b/tests/convtools/04_grpconv_no_password/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/04_grpconv_no_password/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/04_grpconv_no_password/config/etc/passwd b/tests/convtools/04_grpconv_no_password/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/04_grpconv_no_password/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/04_grpconv_no_password/config/etc/shadow b/tests/convtools/04_grpconv_no_password/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/04_grpconv_no_password/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/04_grpconv_no_password/data/group b/tests/convtools/04_grpconv_no_password/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/convtools/04_grpconv_no_password/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/convtools/04_grpconv_no_password/data/gshadow b/tests/convtools/04_grpconv_no_password/data/gshadow
new file mode 100644
index 0000000..5c62cfd
--- /dev/null
+++ b/tests/convtools/04_grpconv_no_password/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:::
diff --git a/tests/convtools/04_grpconv_no_password/grpconv.test b/tests/convtools/04_grpconv_no_password/grpconv.test
new file mode 100755
index 0000000..da0fb07
--- /dev/null
+++ b/tests/convtools/04_grpconv_no_password/grpconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv moves an empty password from group to gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Convert the group files (grpconv)..."
+grpconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config.txt b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config.txt
new file mode 100644
index 0000000..891174b
--- /dev/null
+++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config.txt
@@ -0,0 +1,3 @@
+group foo in group with a password
+group foo in gshadow without password
+group foo member of users in group, not in gshadow
diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/group b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/gshadow b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/passwd b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/shadow b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/group b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/gshadow b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/gshadow
new file mode 100644
index 0000000..fed75fc
--- /dev/null
+++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:$1$foogroupPassword::
diff --git a/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/grpconv.test b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/grpconv.test
new file mode 100755
index 0000000..2d9f9f3
--- /dev/null
+++ b/tests/convtools/05_grpconv_copy_passwd_existing_gshadow/grpconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv copies the password and membership from group to gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Convert the group files (grpconv)..."
+grpconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/06_grpconv_error_group_locked/config.txt b/tests/convtools/06_grpconv_error_group_locked/config.txt
new file mode 100644
index 0000000..f055b05
--- /dev/null
+++ b/tests/convtools/06_grpconv_error_group_locked/config.txt
@@ -0,0 +1 @@
+group foo with a password, not in gshadow
diff --git a/tests/convtools/06_grpconv_error_group_locked/config/etc/group b/tests/convtools/06_grpconv_error_group_locked/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/06_grpconv_error_group_locked/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/06_grpconv_error_group_locked/config/etc/gshadow b/tests/convtools/06_grpconv_error_group_locked/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/06_grpconv_error_group_locked/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/06_grpconv_error_group_locked/config/etc/passwd b/tests/convtools/06_grpconv_error_group_locked/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/06_grpconv_error_group_locked/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/06_grpconv_error_group_locked/config/etc/shadow b/tests/convtools/06_grpconv_error_group_locked/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/06_grpconv_error_group_locked/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/06_grpconv_error_group_locked/data/grpconv.err b/tests/convtools/06_grpconv_error_group_locked/data/grpconv.err
new file mode 100644
index 0000000..4a63d73
--- /dev/null
+++ b/tests/convtools/06_grpconv_error_group_locked/data/grpconv.err
@@ -0,0 +1,2 @@
+grpconv: lock /etc/group.lock already used by PID <PID>
+grpconv: cannot lock /etc/group; try again later.
diff --git a/tests/convtools/06_grpconv_error_group_locked/grpconv.test b/tests/convtools/06_grpconv_error_group_locked/grpconv.test
new file mode 100755
index 0000000..0ed4ead
--- /dev/null
+++ b/tests/convtools/06_grpconv_error_group_locked/grpconv.test
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv tests if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+echo -n $$ > /etc/group.lock
+echo "done"
+
+echo -n "Convert the group files (grpconv)..."
+grpconv 2>tmp/grpconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Delete lock file for /etc/group..."
+rm -f /etc/group.lock
+echo "done"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/grpconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+sed -i -e "s/$$/<PID>/" tmp/grpconv.err
+diff -au data/grpconv.err tmp/grpconv.err
+echo "error message OK."
+rm -f tmp/grpconv.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/config.txt b/tests/convtools/07_grpconv_error_gshadow_locked/config.txt
new file mode 100644
index 0000000..f055b05
--- /dev/null
+++ b/tests/convtools/07_grpconv_error_gshadow_locked/config.txt
@@ -0,0 +1 @@
+group foo with a password, not in gshadow
diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/group b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/gshadow b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/passwd b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/shadow b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/07_grpconv_error_gshadow_locked/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/data/grpconv.err b/tests/convtools/07_grpconv_error_gshadow_locked/data/grpconv.err
new file mode 100644
index 0000000..527ecae
--- /dev/null
+++ b/tests/convtools/07_grpconv_error_gshadow_locked/data/grpconv.err
@@ -0,0 +1,2 @@
+grpconv: existing lock file /etc/gshadow.lock without a PID
+grpconv: cannot lock /etc/gshadow; try again later.
diff --git a/tests/convtools/07_grpconv_error_gshadow_locked/grpconv.test b/tests/convtools/07_grpconv_error_gshadow_locked/grpconv.test
new file mode 100755
index 0000000..52e03c9
--- /dev/null
+++ b/tests/convtools/07_grpconv_error_gshadow_locked/grpconv.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv tests if gshadow is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Convert the group files (grpconv)..."
+grpconv 2>tmp/grpconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Delete lock file for /etc/gshadow..."
+rm -f /etc/gshadow.lock
+echo "done"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/grpconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpconv.err tmp/grpconv.err
+echo "error message OK."
+rm -f tmp/grpconv.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/config.txt b/tests/convtools/08_grpunconv_no_gshadow_file/config.txt
new file mode 100644
index 0000000..48ac937
--- /dev/null
+++ b/tests/convtools/08_grpunconv_no_gshadow_file/config.txt
@@ -0,0 +1 @@
+user foo, in group users
diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/group b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/gshadow b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/passwd b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/shadow b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/convtools/08_grpunconv_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/convtools/08_grpunconv_no_gshadow_file/grpunconv.test b/tests/convtools/08_grpunconv_no_gshadow_file/grpunconv.test
new file mode 100755
index 0000000..0be3ce8
--- /dev/null
+++ b/tests/convtools/08_grpunconv_no_gshadow_file/grpunconv.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpunconv exits successfully when the gshadow file does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the gshadow file..."
+rm -f /etc/gshadow
+echo "done"
+
+echo -n "Convert the group files (grpunconv)..."
+grpunconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/09_grpunconv_error_group_locked/config.txt b/tests/convtools/09_grpunconv_error_group_locked/config.txt
new file mode 100644
index 0000000..f055b05
--- /dev/null
+++ b/tests/convtools/09_grpunconv_error_group_locked/config.txt
@@ -0,0 +1 @@
+group foo with a password, not in gshadow
diff --git a/tests/convtools/09_grpunconv_error_group_locked/config/etc/group b/tests/convtools/09_grpunconv_error_group_locked/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/09_grpunconv_error_group_locked/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/09_grpunconv_error_group_locked/config/etc/gshadow b/tests/convtools/09_grpunconv_error_group_locked/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/09_grpunconv_error_group_locked/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/09_grpunconv_error_group_locked/config/etc/passwd b/tests/convtools/09_grpunconv_error_group_locked/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/09_grpunconv_error_group_locked/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/09_grpunconv_error_group_locked/config/etc/shadow b/tests/convtools/09_grpunconv_error_group_locked/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/09_grpunconv_error_group_locked/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/09_grpunconv_error_group_locked/data/grpunconv.err b/tests/convtools/09_grpunconv_error_group_locked/data/grpunconv.err
new file mode 100644
index 0000000..ddfae6f
--- /dev/null
+++ b/tests/convtools/09_grpunconv_error_group_locked/data/grpunconv.err
@@ -0,0 +1,2 @@
+grpunconv: existing lock file /etc/group.lock without a PID
+grpunconv: cannot lock /etc/group; try again later.
diff --git a/tests/convtools/09_grpunconv_error_group_locked/grpunconv.test b/tests/convtools/09_grpunconv_error_group_locked/grpunconv.test
new file mode 100755
index 0000000..7503fe8
--- /dev/null
+++ b/tests/convtools/09_grpunconv_error_group_locked/grpunconv.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpunconv checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Convert the group files (grpunconv)..."
+grpunconv 2>tmp/grpunconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Delete lock file for /etc/group..."
+rm -f /etc/group.lock
+echo "done"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/grpunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpunconv.err tmp/grpunconv.err
+echo "error message OK."
+rm -f tmp/grpunconv.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/config.txt b/tests/convtools/10_grpunconv_error_gshadow_locked/config.txt
new file mode 100644
index 0000000..f055b05
--- /dev/null
+++ b/tests/convtools/10_grpunconv_error_gshadow_locked/config.txt
@@ -0,0 +1 @@
+group foo with a password, not in gshadow
diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/group b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/gshadow b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/passwd b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/shadow b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/10_grpunconv_error_gshadow_locked/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/data/grpunconv.err b/tests/convtools/10_grpunconv_error_gshadow_locked/data/grpunconv.err
new file mode 100644
index 0000000..5547097
--- /dev/null
+++ b/tests/convtools/10_grpunconv_error_gshadow_locked/data/grpunconv.err
@@ -0,0 +1,2 @@
+grpunconv: existing lock file /etc/gshadow.lock without a PID
+grpunconv: cannot lock /etc/gshadow; try again later.
diff --git a/tests/convtools/10_grpunconv_error_gshadow_locked/grpunconv.test b/tests/convtools/10_grpunconv_error_gshadow_locked/grpunconv.test
new file mode 100755
index 0000000..7b7490c
--- /dev/null
+++ b/tests/convtools/10_grpunconv_error_gshadow_locked/grpunconv.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpunconv checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Convert the group files (grpunconv)..."
+grpunconv 2>tmp/grpunconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Delete lock file for /etc/gshadow..."
+rm -f /etc/gshadow.lock
+echo "done"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/grpunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpunconv.err tmp/grpunconv.err
+echo "error message OK."
+rm -f tmp/grpunconv.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/11_pwconv_error_passwd_locked/config.txt b/tests/convtools/11_pwconv_error_passwd_locked/config.txt
new file mode 100644
index 0000000..eca9223
--- /dev/null
+++ b/tests/convtools/11_pwconv_error_passwd_locked/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+group foo with a password, not in gshadow
diff --git a/tests/convtools/11_pwconv_error_passwd_locked/config/etc/group b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/11_pwconv_error_passwd_locked/config/etc/gshadow b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/11_pwconv_error_passwd_locked/config/etc/passwd b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/11_pwconv_error_passwd_locked/config/etc/shadow b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/11_pwconv_error_passwd_locked/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/11_pwconv_error_passwd_locked/data/pwconv.err b/tests/convtools/11_pwconv_error_passwd_locked/data/pwconv.err
new file mode 100644
index 0000000..bf83d74
--- /dev/null
+++ b/tests/convtools/11_pwconv_error_passwd_locked/data/pwconv.err
@@ -0,0 +1,2 @@
+pwconv: existing lock file /etc/passwd.lock without a PID
+pwconv: cannot lock /etc/passwd; try again later.
diff --git a/tests/convtools/11_pwconv_error_passwd_locked/pwconv.test b/tests/convtools/11_pwconv_error_passwd_locked/pwconv.test
new file mode 100755
index 0000000..4d292cb
--- /dev/null
+++ b/tests/convtools/11_pwconv_error_passwd_locked/pwconv.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwconv tests if the passwd file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Convert the passwd files (pwconv)..."
+pwconv 2>tmp/pwconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Delete lock file for /etc/passwd..."
+rm -f /etc/passwd.lock
+echo "done"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/pwconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwconv.err tmp/pwconv.err
+echo "error message OK."
+rm -f tmp/pwconv.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/12_pwconv_error_shadow_locked/config.txt b/tests/convtools/12_pwconv_error_shadow_locked/config.txt
new file mode 100644
index 0000000..eca9223
--- /dev/null
+++ b/tests/convtools/12_pwconv_error_shadow_locked/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+group foo with a password, not in gshadow
diff --git a/tests/convtools/12_pwconv_error_shadow_locked/config/etc/group b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/12_pwconv_error_shadow_locked/config/etc/gshadow b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/12_pwconv_error_shadow_locked/config/etc/passwd b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/12_pwconv_error_shadow_locked/config/etc/shadow b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/12_pwconv_error_shadow_locked/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/12_pwconv_error_shadow_locked/data/pwconv.err b/tests/convtools/12_pwconv_error_shadow_locked/data/pwconv.err
new file mode 100644
index 0000000..3ac9048
--- /dev/null
+++ b/tests/convtools/12_pwconv_error_shadow_locked/data/pwconv.err
@@ -0,0 +1,2 @@
+pwconv: existing lock file /etc/shadow.lock without a PID
+pwconv: cannot lock /etc/shadow; try again later.
diff --git a/tests/convtools/12_pwconv_error_shadow_locked/pwconv.test b/tests/convtools/12_pwconv_error_shadow_locked/pwconv.test
new file mode 100755
index 0000000..03bcf6b
--- /dev/null
+++ b/tests/convtools/12_pwconv_error_shadow_locked/pwconv.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwconv tests if the shadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Convert the shadow files (pwconv)..."
+pwconv 2>tmp/pwconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Delete lock file for /etc/shadow..."
+rm -f /etc/shadow.lock
+echo "done"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/pwconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwconv.err tmp/pwconv.err
+echo "error message OK."
+rm -f tmp/pwconv.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/config.txt b/tests/convtools/13_pwunconv_error_passwd_locked/config.txt
new file mode 100644
index 0000000..eca9223
--- /dev/null
+++ b/tests/convtools/13_pwunconv_error_passwd_locked/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+group foo with a password, not in gshadow
diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/group b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/gshadow b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/passwd b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/shadow b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/13_pwunconv_error_passwd_locked/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/data/pwunconv.err b/tests/convtools/13_pwunconv_error_passwd_locked/data/pwunconv.err
new file mode 100644
index 0000000..40d2244
--- /dev/null
+++ b/tests/convtools/13_pwunconv_error_passwd_locked/data/pwunconv.err
@@ -0,0 +1,2 @@
+pwunconv: existing lock file /etc/passwd.lock without a PID
+pwunconv: cannot lock /etc/passwd; try again later.
diff --git a/tests/convtools/13_pwunconv_error_passwd_locked/pwunconv.test b/tests/convtools/13_pwunconv_error_passwd_locked/pwunconv.test
new file mode 100755
index 0000000..bfd7ed3
--- /dev/null
+++ b/tests/convtools/13_pwunconv_error_passwd_locked/pwunconv.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwunconv tests if the passwd file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Convert the passwd files (pwunconv)..."
+pwunconv 2>tmp/pwunconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Delete lock file for /etc/passwd..."
+rm -f /etc/passwd.lock
+echo "done"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/pwunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwunconv.err tmp/pwunconv.err
+echo "error message OK."
+rm -f tmp/pwunconv.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/config.txt b/tests/convtools/14_pwunconv_error_shadow_locked/config.txt
new file mode 100644
index 0000000..eca9223
--- /dev/null
+++ b/tests/convtools/14_pwunconv_error_shadow_locked/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+group foo with a password, not in gshadow
diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/group b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/gshadow b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/passwd b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/shadow b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/14_pwunconv_error_shadow_locked/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/data/pwunconv.err b/tests/convtools/14_pwunconv_error_shadow_locked/data/pwunconv.err
new file mode 100644
index 0000000..20de665
--- /dev/null
+++ b/tests/convtools/14_pwunconv_error_shadow_locked/data/pwunconv.err
@@ -0,0 +1,2 @@
+pwunconv: existing lock file /etc/shadow.lock without a PID
+pwunconv: cannot lock /etc/shadow; try again later.
diff --git a/tests/convtools/14_pwunconv_error_shadow_locked/pwunconv.test b/tests/convtools/14_pwunconv_error_shadow_locked/pwunconv.test
new file mode 100755
index 0000000..79e6c4e
--- /dev/null
+++ b/tests/convtools/14_pwunconv_error_shadow_locked/pwunconv.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwunconv tests if the shadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Convert the shadow files (pwunconv)..."
+pwunconv 2>tmp/pwunconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Delete lock file for /etc/shadow..."
+rm -f /etc/shadow.lock
+echo "done"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/pwunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwunconv.err tmp/pwunconv.err
+echo "error message OK."
+rm -f tmp/pwunconv.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/config.txt b/tests/convtools/15_pwconv_remove_shadow_only_entries/config.txt
new file mode 100644
index 0000000..9f8a836
--- /dev/null
+++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/config.txt
@@ -0,0 +1,2 @@
+user foo, in group users
+group bar is gshadow, not group
diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/group b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/gshadow b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/passwd b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/shadow b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/shadow
new file mode 100644
index 0000000..5f73f33
--- /dev/null
+++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/data/shadow b/tests/convtools/15_pwconv_remove_shadow_only_entries/data/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/convtools/15_pwconv_remove_shadow_only_entries/pwconv.test b/tests/convtools/15_pwconv_remove_shadow_only_entries/pwconv.test
new file mode 100755
index 0000000..11abe4b
--- /dev/null
+++ b/tests/convtools/15_pwconv_remove_shadow_only_entries/pwconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwconv removes the shadow only entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Convert the passwd files (pwconv)..."
+pwconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/16_pwconv_copy_passwd/config.txt b/tests/convtools/16_pwconv_copy_passwd/config.txt
new file mode 100644
index 0000000..a6d9ecd
--- /dev/null
+++ b/tests/convtools/16_pwconv_copy_passwd/config.txt
@@ -0,0 +1 @@
+user foo with a password, not in shadow
diff --git a/tests/convtools/16_pwconv_copy_passwd/config/etc/group b/tests/convtools/16_pwconv_copy_passwd/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/16_pwconv_copy_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/16_pwconv_copy_passwd/config/etc/gshadow b/tests/convtools/16_pwconv_copy_passwd/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/16_pwconv_copy_passwd/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/16_pwconv_copy_passwd/config/etc/passwd b/tests/convtools/16_pwconv_copy_passwd/config/etc/passwd
new file mode 100644
index 0000000..2a53add
--- /dev/null
+++ b/tests/convtools/16_pwconv_copy_passwd/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:$1$foogroupPassword:1000:1000:::/bin/false
diff --git a/tests/convtools/16_pwconv_copy_passwd/config/etc/shadow b/tests/convtools/16_pwconv_copy_passwd/config/etc/shadow
new file mode 100644
index 0000000..498ef86
--- /dev/null
+++ b/tests/convtools/16_pwconv_copy_passwd/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:*:12977:0:99999:7:::
diff --git a/tests/convtools/16_pwconv_copy_passwd/data/passwd b/tests/convtools/16_pwconv_copy_passwd/data/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/convtools/16_pwconv_copy_passwd/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/convtools/16_pwconv_copy_passwd/data/shadow b/tests/convtools/16_pwconv_copy_passwd/data/shadow
new file mode 100644
index 0000000..54d97a4
--- /dev/null
+++ b/tests/convtools/16_pwconv_copy_passwd/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$foogroupPassword:@TODAY@:0:99999:7:::
diff --git a/tests/convtools/16_pwconv_copy_passwd/pwconv.test b/tests/convtools/16_pwconv_copy_passwd/pwconv.test
new file mode 100755
index 0000000..d25ceb2
--- /dev/null
+++ b/tests/convtools/16_pwconv_copy_passwd/pwconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwconv removes the shadow only entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Convert the passwd files (pwconv)..."
+pwconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/17_pwunconv_no_shadow_file/config.txt b/tests/convtools/17_pwunconv_no_shadow_file/config.txt
new file mode 100644
index 0000000..4d66ec7
--- /dev/null
+++ b/tests/convtools/17_pwunconv_no_shadow_file/config.txt
@@ -0,0 +1,6 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
+group bar is gshadow, not group
diff --git a/tests/convtools/17_pwunconv_no_shadow_file/config/etc/group b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/convtools/17_pwunconv_no_shadow_file/config/etc/gshadow b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/convtools/17_pwunconv_no_shadow_file/config/etc/passwd b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/convtools/17_pwunconv_no_shadow_file/config/etc/shadow b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/convtools/17_pwunconv_no_shadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/convtools/17_pwunconv_no_shadow_file/pwunconv.test b/tests/convtools/17_pwunconv_no_shadow_file/pwunconv.test
new file mode 100755
index 0000000..afcd2d7
--- /dev/null
+++ b/tests/convtools/17_pwunconv_no_shadow_file/pwunconv.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwunconv exits successfully when the shadow file does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the shadow file..."
+rm -f /etc/shadow
+echo "done"
+
+echo -n "Convert the passwd files (pwunconv)..."
+pwunconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/config.txt b/tests/convtools/18_pwunconv_user_not_in_shadow/config.txt
new file mode 100644
index 0000000..a6d9ecd
--- /dev/null
+++ b/tests/convtools/18_pwunconv_user_not_in_shadow/config.txt
@@ -0,0 +1 @@
+user foo with a password, not in shadow
diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/group b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/gshadow b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/passwd b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/shadow b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/18_pwunconv_user_not_in_shadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/data/passwd b/tests/convtools/18_pwunconv_user_not_in_shadow/data/passwd
new file mode 100644
index 0000000..28f6d45
--- /dev/null
+++ b/tests/convtools/18_pwunconv_user_not_in_shadow/data/passwd
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:!:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/convtools/18_pwunconv_user_not_in_shadow/pwunconv.test b/tests/convtools/18_pwunconv_user_not_in_shadow/pwunconv.test
new file mode 100755
index 0000000..44c5e5d
--- /dev/null
+++ b/tests/convtools/18_pwunconv_user_not_in_shadow/pwunconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwunconv does not fail when a user is not in the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Unconvert the shadow file (pwunconv)..."
+pwunconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/19_pwconv_NIS/config.txt b/tests/convtools/19_pwconv_NIS/config.txt
new file mode 100644
index 0000000..a6d9ecd
--- /dev/null
+++ b/tests/convtools/19_pwconv_NIS/config.txt
@@ -0,0 +1 @@
+user foo with a password, not in shadow
diff --git a/tests/convtools/19_pwconv_NIS/config/etc/group b/tests/convtools/19_pwconv_NIS/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/19_pwconv_NIS/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/19_pwconv_NIS/config/etc/gshadow b/tests/convtools/19_pwconv_NIS/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/19_pwconv_NIS/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/19_pwconv_NIS/config/etc/passwd b/tests/convtools/19_pwconv_NIS/config/etc/passwd
new file mode 100644
index 0000000..8be0d7b
--- /dev/null
+++ b/tests/convtools/19_pwconv_NIS/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:!:102:102::/var/spool/exim4:/bin/false
+foo:$1$foogroupPassword:1000:1000:::/bin/false
++::::::::
+-bar::::::::
diff --git a/tests/convtools/19_pwconv_NIS/config/etc/shadow b/tests/convtools/19_pwconv_NIS/config/etc/shadow
new file mode 100644
index 0000000..498ef86
--- /dev/null
+++ b/tests/convtools/19_pwconv_NIS/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:*:12977:0:99999:7:::
diff --git a/tests/convtools/19_pwconv_NIS/data/passwd b/tests/convtools/19_pwconv_NIS/data/passwd
new file mode 100644
index 0000000..f474274
--- /dev/null
+++ b/tests/convtools/19_pwconv_NIS/data/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
++::::::::
+-bar::::::::
diff --git a/tests/convtools/19_pwconv_NIS/data/shadow b/tests/convtools/19_pwconv_NIS/data/shadow
new file mode 100644
index 0000000..68bbd02
--- /dev/null
+++ b/tests/convtools/19_pwconv_NIS/data/shadow
@@ -0,0 +1,20 @@
+root:x:@TODAY@:0:99999:7:::
+daemon:x:@TODAY@:0:99999:7:::
+bin:x:@TODAY@:0:99999:7:::
+sys:x:@TODAY@:0:99999:7:::
+sync:x:@TODAY@:0:99999:7:::
+games:x:@TODAY@:0:99999:7:::
+man:x:@TODAY@:0:99999:7:::
+lp:x:@TODAY@:0:99999:7:::
+mail:x:@TODAY@:0:99999:7:::
+news:x:@TODAY@:0:99999:7:::
+uucp:x:@TODAY@:0:99999:7:::
+proxy:x:@TODAY@:0:99999:7:::
+www-data:x:@TODAY@:0:99999:7:::
+backup:x:@TODAY@:0:99999:7:::
+list:x:@TODAY@:0:99999:7:::
+irc:x:@TODAY@:0:99999:7:::
+gnats:x:@TODAY@:0:99999:7:::
+nobody:x:@TODAY@:0:99999:7:::
+Debian-exim:!:@TODAY@:0:99999:7:::
+foo:$1$foogroupPassword:@TODAY@:0:99999:7:::
diff --git a/tests/convtools/19_pwconv_NIS/pwconv.test b/tests/convtools/19_pwconv_NIS/pwconv.test
new file mode 100755
index 0000000..62bd4db
--- /dev/null
+++ b/tests/convtools/19_pwconv_NIS/pwconv.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwconv removes the shadow only entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Convert the passwd files (pwconv)..."
+pwconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/20_pwunconv_usage_option/config.txt b/tests/convtools/20_pwunconv_usage_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/convtools/20_pwunconv_usage_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/convtools/20_pwunconv_usage_option/config/etc/group b/tests/convtools/20_pwunconv_usage_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/convtools/20_pwunconv_usage_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/convtools/20_pwunconv_usage_option/config/etc/gshadow b/tests/convtools/20_pwunconv_usage_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/20_pwunconv_usage_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/20_pwunconv_usage_option/config/etc/passwd b/tests/convtools/20_pwunconv_usage_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/20_pwunconv_usage_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/20_pwunconv_usage_option/config/etc/shadow b/tests/convtools/20_pwunconv_usage_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/20_pwunconv_usage_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/20_pwunconv_usage_option/data/usage.out b/tests/convtools/20_pwunconv_usage_option/data/usage.out
new file mode 100644
index 0000000..30fff4d
--- /dev/null
+++ b/tests/convtools/20_pwunconv_usage_option/data/usage.out
@@ -0,0 +1,7 @@
+pwunconv: invalid option -- 'Z'
+Usage: pwunconv [options]
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/convtools/20_pwunconv_usage_option/pwunconv.test b/tests/convtools/20_pwunconv_usage_option/pwunconv.test
new file mode 100755
index 0000000..fa2a9d7
--- /dev/null
+++ b/tests/convtools/20_pwunconv_usage_option/pwunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwunconv displays its usage message in case there isn't the right number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get pwunconv usage (pwunconv -Z)..."
+pwunconv -Z 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/config.txt b/tests/convtools/21_pwunconv_keep_passwd_password/config.txt
new file mode 100644
index 0000000..cda229c
--- /dev/null
+++ b/tests/convtools/21_pwunconv_keep_passwd_password/config.txt
@@ -0,0 +1 @@
+user foo with a password in passwd (and shadow)
diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/group b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/gshadow b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/passwd b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/passwd
new file mode 100644
index 0000000..b58a62b
--- /dev/null
+++ b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:foopass:1000:1000:::/bin/false
diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/shadow b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/shadow
new file mode 100644
index 0000000..7e164e0
--- /dev/null
+++ b/tests/convtools/21_pwunconv_keep_passwd_password/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:fooshadowpasswd:12977:0:99999:7:::
diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/data/passwd b/tests/convtools/21_pwunconv_keep_passwd_password/data/passwd
new file mode 100644
index 0000000..56eb83b
--- /dev/null
+++ b/tests/convtools/21_pwunconv_keep_passwd_password/data/passwd
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:!:102:102::/var/spool/exim4:/bin/false
+foo:foopass:1000:1000:::/bin/false
diff --git a/tests/convtools/21_pwunconv_keep_passwd_password/pwunconv.test b/tests/convtools/21_pwunconv_keep_passwd_password/pwunconv.test
new file mode 100755
index 0000000..c795f1f
--- /dev/null
+++ b/tests/convtools/21_pwunconv_keep_passwd_password/pwunconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwunconv keeps the password from /etc/passwd (if not 'x'"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Unconvert the shadow file (pwunconv)..."
+pwunconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/22_grpunconv_usage_option/config.txt b/tests/convtools/22_grpunconv_usage_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/convtools/22_grpunconv_usage_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/convtools/22_grpunconv_usage_option/config/etc/group b/tests/convtools/22_grpunconv_usage_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/convtools/22_grpunconv_usage_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/convtools/22_grpunconv_usage_option/config/etc/gshadow b/tests/convtools/22_grpunconv_usage_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/22_grpunconv_usage_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/22_grpunconv_usage_option/config/etc/passwd b/tests/convtools/22_grpunconv_usage_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/22_grpunconv_usage_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/22_grpunconv_usage_option/config/etc/shadow b/tests/convtools/22_grpunconv_usage_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/22_grpunconv_usage_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/22_grpunconv_usage_option/data/usage.out b/tests/convtools/22_grpunconv_usage_option/data/usage.out
new file mode 100644
index 0000000..7528279
--- /dev/null
+++ b/tests/convtools/22_grpunconv_usage_option/data/usage.out
@@ -0,0 +1,7 @@
+grpunconv: invalid option -- 'Z'
+Usage: grpunconv [options]
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/convtools/22_grpunconv_usage_option/grpunconv.test b/tests/convtools/22_grpunconv_usage_option/grpunconv.test
new file mode 100755
index 0000000..5c3bc82
--- /dev/null
+++ b/tests/convtools/22_grpunconv_usage_option/grpunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpunconv displays its usage message in case there isn't the right number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get grpunconv usage (grpunconv -Z)..."
+grpunconv -Z 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/23_grpunconv_keep_group_password/config.txt b/tests/convtools/23_grpunconv_keep_group_password/config.txt
new file mode 100644
index 0000000..cda229c
--- /dev/null
+++ b/tests/convtools/23_grpunconv_keep_group_password/config.txt
@@ -0,0 +1 @@
+user foo with a password in passwd (and shadow)
diff --git a/tests/convtools/23_grpunconv_keep_group_password/config/etc/group b/tests/convtools/23_grpunconv_keep_group_password/config/etc/group
new file mode 100644
index 0000000..8339bd3
--- /dev/null
+++ b/tests/convtools/23_grpunconv_keep_group_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/23_grpunconv_keep_group_password/config/etc/gshadow b/tests/convtools/23_grpunconv_keep_group_password/config/etc/gshadow
new file mode 100644
index 0000000..51a7bdb
--- /dev/null
+++ b/tests/convtools/23_grpunconv_keep_group_password/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:fooshadowpass::
diff --git a/tests/convtools/23_grpunconv_keep_group_password/config/etc/passwd b/tests/convtools/23_grpunconv_keep_group_password/config/etc/passwd
new file mode 100644
index 0000000..b58a62b
--- /dev/null
+++ b/tests/convtools/23_grpunconv_keep_group_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:foopass:1000:1000:::/bin/false
diff --git a/tests/convtools/23_grpunconv_keep_group_password/config/etc/shadow b/tests/convtools/23_grpunconv_keep_group_password/config/etc/shadow
new file mode 100644
index 0000000..7e164e0
--- /dev/null
+++ b/tests/convtools/23_grpunconv_keep_group_password/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:fooshadowpasswd:12977:0:99999:7:::
diff --git a/tests/convtools/23_grpunconv_keep_group_password/data/group b/tests/convtools/23_grpunconv_keep_group_password/data/group
new file mode 100644
index 0000000..2a9e59e
--- /dev/null
+++ b/tests/convtools/23_grpunconv_keep_group_password/data/group
@@ -0,0 +1,42 @@
+root:*:0:
+daemon:*:1:
+bin:*:2:
+sys:*:3:
+adm:*:4:
+tty:*:5:
+disk:*:6:
+lp:*:7:
+mail:*:8:
+news:*:9:
+uucp:*:10:
+man:*:12:
+proxy:*:13:
+kmem:*:15:
+dialout:*:20:
+fax:*:21:
+voice:*:22:
+cdrom:*:24:
+floppy:*:25:
+tape:*:26:
+sudo:*:27:
+audio:*:29:
+dip:*:30:
+www-data:*:33:
+backup:*:34:
+operator:*:37:
+list:*:38:
+irc:*:39:
+src:*:40:
+gnats:*:41:
+shadow:*:42:
+utmp:*:43:
+video:*:44:
+sasl:*:45:
+plugdev:*:46:
+staff:*:50:
+games:*:60:
+users:*:100:foo
+nogroup:*:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:$1$foogroupPassword:1000:
diff --git a/tests/convtools/23_grpunconv_keep_group_password/grpunconv.test b/tests/convtools/23_grpunconv_keep_group_password/grpunconv.test
new file mode 100755
index 0000000..e3e0127
--- /dev/null
+++ b/tests/convtools/23_grpunconv_keep_group_password/grpunconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpunconv keeps the password from /etc/group (if not 'x'"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Unconvert the shadow file (grpunconv)..."
+grpunconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/config.txt b/tests/convtools/24_grpunconv_no_gshadow_entry/config.txt
new file mode 100644
index 0000000..48ac937
--- /dev/null
+++ b/tests/convtools/24_grpunconv_no_gshadow_entry/config.txt
@@ -0,0 +1 @@
+user foo, in group users
diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/group b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/gshadow b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..671ebfe
--- /dev/null
+++ b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/passwd b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/shadow b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/convtools/24_grpunconv_no_gshadow_entry/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/data/group b/tests/convtools/24_grpunconv_no_gshadow_entry/data/group
new file mode 100644
index 0000000..6111866
--- /dev/null
+++ b/tests/convtools/24_grpunconv_no_gshadow_entry/data/group
@@ -0,0 +1,42 @@
+root:*:0:
+daemon:*:1:
+bin:*:2:
+sys:*:3:
+adm:*:4:
+tty:*:5:
+disk:*:6:
+lp:*:7:
+mail:x:8:
+news:*:9:
+uucp:*:10:
+man:*:12:
+proxy:*:13:
+kmem:*:15:
+dialout:*:20:
+fax:*:21:
+voice:*:22:
+cdrom:*:24:
+floppy:*:25:
+tape:*:26:
+sudo:*:27:
+audio:*:29:
+dip:*:30:
+www-data:*:33:
+backup:*:34:
+operator:*:37:
+list:*:38:
+irc:*:39:
+src:*:40:
+gnats:*:41:
+shadow:*:42:
+utmp:x:43:
+video:*:44:
+sasl:*:45:
+plugdev:*:46:
+staff:*:50:
+games:*:60:
+users:*:100:foo
+nogroup:*:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:*:1000:
diff --git a/tests/convtools/24_grpunconv_no_gshadow_entry/grpunconv.test b/tests/convtools/24_grpunconv_no_gshadow_entry/grpunconv.test
new file mode 100755
index 0000000..716d97a
--- /dev/null
+++ b/tests/convtools/24_grpunconv_no_gshadow_entry/grpunconv.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpunconv succeeds even if some entries are no in gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Convert the group files (grpunconv)..."
+grpunconv
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/25_pwconv_usage_option/config.txt b/tests/convtools/25_pwconv_usage_option/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/25_pwconv_usage_option/config.txt
diff --git a/tests/convtools/25_pwconv_usage_option/config/etc/group b/tests/convtools/25_pwconv_usage_option/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/25_pwconv_usage_option/config/etc/group
diff --git a/tests/convtools/25_pwconv_usage_option/config/etc/gshadow b/tests/convtools/25_pwconv_usage_option/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/25_pwconv_usage_option/config/etc/gshadow
diff --git a/tests/convtools/25_pwconv_usage_option/config/etc/passwd b/tests/convtools/25_pwconv_usage_option/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/25_pwconv_usage_option/config/etc/passwd
diff --git a/tests/convtools/25_pwconv_usage_option/config/etc/shadow b/tests/convtools/25_pwconv_usage_option/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/25_pwconv_usage_option/config/etc/shadow
diff --git a/tests/convtools/25_pwconv_usage_option/data/usage.out b/tests/convtools/25_pwconv_usage_option/data/usage.out
new file mode 100644
index 0000000..8ecc6af
--- /dev/null
+++ b/tests/convtools/25_pwconv_usage_option/data/usage.out
@@ -0,0 +1,7 @@
+pwconv: invalid option -- 'Z'
+Usage: pwconv [options]
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/convtools/25_pwconv_usage_option/pwconv.test b/tests/convtools/25_pwconv_usage_option/pwconv.test
new file mode 100755
index 0000000..7e6ccaf
--- /dev/null
+++ b/tests/convtools/25_pwconv_usage_option/pwconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwconv displays its usage message in case there isn't the right number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get pwconv usage (pwconv -Z)..."
+pwconv -Z 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/26_grpconv_usage_option/config.txt b/tests/convtools/26_grpconv_usage_option/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/26_grpconv_usage_option/config.txt
diff --git a/tests/convtools/26_grpconv_usage_option/config/etc/group b/tests/convtools/26_grpconv_usage_option/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/26_grpconv_usage_option/config/etc/group
diff --git a/tests/convtools/26_grpconv_usage_option/config/etc/gshadow b/tests/convtools/26_grpconv_usage_option/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/26_grpconv_usage_option/config/etc/gshadow
diff --git a/tests/convtools/26_grpconv_usage_option/config/etc/passwd b/tests/convtools/26_grpconv_usage_option/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/26_grpconv_usage_option/config/etc/passwd
diff --git a/tests/convtools/26_grpconv_usage_option/config/etc/shadow b/tests/convtools/26_grpconv_usage_option/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/26_grpconv_usage_option/config/etc/shadow
diff --git a/tests/convtools/26_grpconv_usage_option/data/usage.out b/tests/convtools/26_grpconv_usage_option/data/usage.out
new file mode 100644
index 0000000..5da31b4
--- /dev/null
+++ b/tests/convtools/26_grpconv_usage_option/data/usage.out
@@ -0,0 +1,7 @@
+grpconv: invalid option -- 'Z'
+Usage: grpconv [options]
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/convtools/26_grpconv_usage_option/grpconv.test b/tests/convtools/26_grpconv_usage_option/grpconv.test
new file mode 100755
index 0000000..18c033c
--- /dev/null
+++ b/tests/convtools/26_grpconv_usage_option/grpconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv displays its usage message in case there isn't the right number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get grpconv usage (grpconv -Z)..."
+grpconv -Z 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/27_pwunconv_usage/config.txt b/tests/convtools/27_pwunconv_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/convtools/27_pwunconv_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/convtools/27_pwunconv_usage/config/etc/group b/tests/convtools/27_pwunconv_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/convtools/27_pwunconv_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/convtools/27_pwunconv_usage/config/etc/gshadow b/tests/convtools/27_pwunconv_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/27_pwunconv_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/27_pwunconv_usage/config/etc/passwd b/tests/convtools/27_pwunconv_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/27_pwunconv_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/27_pwunconv_usage/config/etc/shadow b/tests/convtools/27_pwunconv_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/27_pwunconv_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/27_pwunconv_usage/data/usage.out b/tests/convtools/27_pwunconv_usage/data/usage.out
new file mode 100644
index 0000000..71f04d9
--- /dev/null
+++ b/tests/convtools/27_pwunconv_usage/data/usage.out
@@ -0,0 +1,6 @@
+Usage: pwunconv [options]
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/convtools/27_pwunconv_usage/pwunconv.test b/tests/convtools/27_pwunconv_usage/pwunconv.test
new file mode 100755
index 0000000..4103eca
--- /dev/null
+++ b/tests/convtools/27_pwunconv_usage/pwunconv.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwunconv can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get pwunconv usage (pwunconv -Z)..."
+pwunconv -h >tmp/usage.out
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/config.txt b/tests/convtools/28_pwunconv_usage_extra_arg/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/convtools/28_pwunconv_usage_extra_arg/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/group b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/gshadow b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/passwd b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/shadow b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/28_pwunconv_usage_extra_arg/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/data/usage.out b/tests/convtools/28_pwunconv_usage_extra_arg/data/usage.out
new file mode 100644
index 0000000..71f04d9
--- /dev/null
+++ b/tests/convtools/28_pwunconv_usage_extra_arg/data/usage.out
@@ -0,0 +1,6 @@
+Usage: pwunconv [options]
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/convtools/28_pwunconv_usage_extra_arg/pwunconv.test b/tests/convtools/28_pwunconv_usage_extra_arg/pwunconv.test
new file mode 100755
index 0000000..d9a3808
--- /dev/null
+++ b/tests/convtools/28_pwunconv_usage_extra_arg/pwunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwunconv displays its usage message in case there isn't the right number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call pwunconv with an argument (pwunconv foo)..."
+pwunconv foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/29_grpconv_usage/config.txt b/tests/convtools/29_grpconv_usage/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/29_grpconv_usage/config.txt
diff --git a/tests/convtools/29_grpconv_usage/config/etc/group b/tests/convtools/29_grpconv_usage/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/29_grpconv_usage/config/etc/group
diff --git a/tests/convtools/29_grpconv_usage/config/etc/gshadow b/tests/convtools/29_grpconv_usage/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/29_grpconv_usage/config/etc/gshadow
diff --git a/tests/convtools/29_grpconv_usage/config/etc/passwd b/tests/convtools/29_grpconv_usage/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/29_grpconv_usage/config/etc/passwd
diff --git a/tests/convtools/29_grpconv_usage/config/etc/shadow b/tests/convtools/29_grpconv_usage/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/29_grpconv_usage/config/etc/shadow
diff --git a/tests/convtools/29_grpconv_usage/data/usage.out b/tests/convtools/29_grpconv_usage/data/usage.out
new file mode 100644
index 0000000..80f0fd5
--- /dev/null
+++ b/tests/convtools/29_grpconv_usage/data/usage.out
@@ -0,0 +1,6 @@
+Usage: grpconv [options]
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/convtools/29_grpconv_usage/grpconv.test b/tests/convtools/29_grpconv_usage/grpconv.test
new file mode 100755
index 0000000..a6fbd9e
--- /dev/null
+++ b/tests/convtools/29_grpconv_usage/grpconv.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get grpconv usage (grpconv -Z)..."
+grpconv -h >tmp/usage.out
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/30_grpconv_usage_extra_arg/config.txt b/tests/convtools/30_grpconv_usage_extra_arg/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/30_grpconv_usage_extra_arg/config.txt
diff --git a/tests/convtools/30_grpconv_usage_extra_arg/config/etc/group b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/group
diff --git a/tests/convtools/30_grpconv_usage_extra_arg/config/etc/gshadow b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/gshadow
diff --git a/tests/convtools/30_grpconv_usage_extra_arg/config/etc/passwd b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/passwd
diff --git a/tests/convtools/30_grpconv_usage_extra_arg/config/etc/shadow b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/30_grpconv_usage_extra_arg/config/etc/shadow
diff --git a/tests/convtools/30_grpconv_usage_extra_arg/data/usage.out b/tests/convtools/30_grpconv_usage_extra_arg/data/usage.out
new file mode 100644
index 0000000..80f0fd5
--- /dev/null
+++ b/tests/convtools/30_grpconv_usage_extra_arg/data/usage.out
@@ -0,0 +1,6 @@
+Usage: grpconv [options]
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/convtools/30_grpconv_usage_extra_arg/grpconv.test b/tests/convtools/30_grpconv_usage_extra_arg/grpconv.test
new file mode 100755
index 0000000..a321a05
--- /dev/null
+++ b/tests/convtools/30_grpconv_usage_extra_arg/grpconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpconv displays its usage message in case there isn't the right number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call grpconv with an extra argument (grpconv foo)..."
+grpconv foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/31_pwconv_usage/config.txt b/tests/convtools/31_pwconv_usage/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/31_pwconv_usage/config.txt
diff --git a/tests/convtools/31_pwconv_usage/config/etc/group b/tests/convtools/31_pwconv_usage/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/31_pwconv_usage/config/etc/group
diff --git a/tests/convtools/31_pwconv_usage/config/etc/gshadow b/tests/convtools/31_pwconv_usage/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/31_pwconv_usage/config/etc/gshadow
diff --git a/tests/convtools/31_pwconv_usage/config/etc/passwd b/tests/convtools/31_pwconv_usage/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/31_pwconv_usage/config/etc/passwd
diff --git a/tests/convtools/31_pwconv_usage/config/etc/shadow b/tests/convtools/31_pwconv_usage/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/31_pwconv_usage/config/etc/shadow
diff --git a/tests/convtools/31_pwconv_usage/data/usage.out b/tests/convtools/31_pwconv_usage/data/usage.out
new file mode 100644
index 0000000..61b53c5
--- /dev/null
+++ b/tests/convtools/31_pwconv_usage/data/usage.out
@@ -0,0 +1,6 @@
+Usage: pwconv [options]
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/convtools/31_pwconv_usage/pwconv.test b/tests/convtools/31_pwconv_usage/pwconv.test
new file mode 100755
index 0000000..dd86723
--- /dev/null
+++ b/tests/convtools/31_pwconv_usage/pwconv.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwconv can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get pwconv usage (pwconv -Z)..."
+pwconv -h >tmp/usage.out
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/32_pwconv_usage_extra_arg/config.txt b/tests/convtools/32_pwconv_usage_extra_arg/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/32_pwconv_usage_extra_arg/config.txt
diff --git a/tests/convtools/32_pwconv_usage_extra_arg/config/etc/group b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/group
diff --git a/tests/convtools/32_pwconv_usage_extra_arg/config/etc/gshadow b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/gshadow
diff --git a/tests/convtools/32_pwconv_usage_extra_arg/config/etc/passwd b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/passwd
diff --git a/tests/convtools/32_pwconv_usage_extra_arg/config/etc/shadow b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/convtools/32_pwconv_usage_extra_arg/config/etc/shadow
diff --git a/tests/convtools/32_pwconv_usage_extra_arg/data/usage.out b/tests/convtools/32_pwconv_usage_extra_arg/data/usage.out
new file mode 100644
index 0000000..61b53c5
--- /dev/null
+++ b/tests/convtools/32_pwconv_usage_extra_arg/data/usage.out
@@ -0,0 +1,6 @@
+Usage: pwconv [options]
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/convtools/32_pwconv_usage_extra_arg/pwconv.test b/tests/convtools/32_pwconv_usage_extra_arg/pwconv.test
new file mode 100755
index 0000000..1ae4ffe
--- /dev/null
+++ b/tests/convtools/32_pwconv_usage_extra_arg/pwconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "pwconv displays its usage message in case there isn't the right number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call pwconv with an extra argument (pwconv foo)..."
+pwconv foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/33_grpunconv_usage/config.txt b/tests/convtools/33_grpunconv_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/convtools/33_grpunconv_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/convtools/33_grpunconv_usage/config/etc/group b/tests/convtools/33_grpunconv_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/convtools/33_grpunconv_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/convtools/33_grpunconv_usage/config/etc/gshadow b/tests/convtools/33_grpunconv_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/33_grpunconv_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/33_grpunconv_usage/config/etc/passwd b/tests/convtools/33_grpunconv_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/33_grpunconv_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/33_grpunconv_usage/config/etc/shadow b/tests/convtools/33_grpunconv_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/33_grpunconv_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/33_grpunconv_usage/data/usage.out b/tests/convtools/33_grpunconv_usage/data/usage.out
new file mode 100644
index 0000000..274b58d
--- /dev/null
+++ b/tests/convtools/33_grpunconv_usage/data/usage.out
@@ -0,0 +1,6 @@
+Usage: grpunconv [options]
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/convtools/33_grpunconv_usage/grpunconv.test b/tests/convtools/33_grpunconv_usage/grpunconv.test
new file mode 100755
index 0000000..d6f6539
--- /dev/null
+++ b/tests/convtools/33_grpunconv_usage/grpunconv.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpunconv can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get grpunconv usage (grpunconv -Z)..."
+grpunconv -h >tmp/usage.out
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/config.txt b/tests/convtools/34_grpunconv_usage_extra_arg/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/convtools/34_grpunconv_usage_extra_arg/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/group b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/gshadow b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/passwd b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/shadow b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/convtools/34_grpunconv_usage_extra_arg/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/data/usage.out b/tests/convtools/34_grpunconv_usage_extra_arg/data/usage.out
new file mode 100644
index 0000000..274b58d
--- /dev/null
+++ b/tests/convtools/34_grpunconv_usage_extra_arg/data/usage.out
@@ -0,0 +1,6 @@
+Usage: grpunconv [options]
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/convtools/34_grpunconv_usage_extra_arg/grpunconv.test b/tests/convtools/34_grpunconv_usage_extra_arg/grpunconv.test
new file mode 100755
index 0000000..12a0d21
--- /dev/null
+++ b/tests/convtools/34_grpunconv_usage_extra_arg/grpunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "grpunconv displays its usage message in case there isn't the right number of arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call grpunconv with an extra argument (grpunconv foo)..."
+grpunconv foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/coverage.sh b/tests/coverage.sh
new file mode 100755
index 0000000..6deae84
--- /dev/null
+++ b/tests/coverage.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+# This script builds the code coverage of the testsuite.
+# The shadow utils must have been compiled with -fprofile-arcs -ftest-coverage
+
+cd ../build/shadow-4.1.3.1/
+rm -rf ../coverage
+mkdir ../coverage
+lcov --directory . --capture --output-file=lcov.data
+
+genhtml --frames --output-directory ../coverage/ --show-details lcov.data
diff --git a/tests/cptools/01/data/group b/tests/cptools/01/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/cptools/01/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/cptools/01/data/group.new b/tests/cptools/01/data/group.new
new file mode 100644
index 0000000..db5f134
--- /dev/null
+++ b/tests/cptools/01/data/group.new
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test:x:10000:
diff --git a/tests/cptools/01/data/gshadow b/tests/cptools/01/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/cptools/01/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/cptools/01/data/gshadow.new b/tests/cptools/01/data/gshadow.new
new file mode 100644
index 0000000..3c9bae9
--- /dev/null
+++ b/tests/cptools/01/data/gshadow.new
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test:x::
diff --git a/tests/cptools/01/data/passwd b/tests/cptools/01/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/cptools/01/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/cptools/01/data/passwd.new b/tests/cptools/01/data/passwd.new
new file mode 100644
index 0000000..148b794
--- /dev/null
+++ b/tests/cptools/01/data/passwd.new
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test:x:10002:10002::/tmp:/bin/false
diff --git a/tests/cptools/01/data/shadow b/tests/cptools/01/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/cptools/01/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/cptools/01/data/shadow.new b/tests/cptools/01/data/shadow.new
new file mode 100644
index 0000000..c6e351e
--- /dev/null
+++ b/tests/cptools/01/data/shadow.new
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test:!:10:0:99999:7:::
diff --git a/tests/cptools/01/run1 b/tests/cptools/01/run1
new file mode 100755
index 0000000..26fc044
--- /dev/null
+++ b/tests/cptools/01/run1
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test that useradd can add an user and userdel removes it.
+
+save()
+{
+	[ ! -d tmp ] && mkdir tmp
+	for i in passwd group shadow gshadow
+	do
+		[ -f /etc/$i  ] && cp /etc/$i  tmp/$i
+	done
+
+	true
+}
+
+restore()
+{
+	for i in passwd group shadow gshadow
+	do
+		[ -f tmp/$i  ] && cp tmp/$i  /etc/$i  && rm tmp/$i
+	done
+	rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'restore' 0
+
+for i in passwd group shadow gshadow
+do
+	cp data/$i /etc
+done
+
+lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ")
+lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ")
+lines_group=$(wc -l /etc/group | cut -f1 -d" ")
+lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ")
+
+echo -n "Copy passwd.new "
+cppw data/passwd.new
+echo "OK"
+
+echo -n "test if the password file was copied"
+diff -au /etc/passwd data/passwd.new
+echo "  OK"
+
+echo -n "check that the other files were not modified"
+diff -au /etc/group data/group
+diff -au /etc/gshadow data/gshadow
+diff -au /etc/shadow data/shadow
+echo "  OK"
diff --git a/tests/cptools/01/run2 b/tests/cptools/01/run2
new file mode 100755
index 0000000..c42238e
--- /dev/null
+++ b/tests/cptools/01/run2
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test that useradd can add an user and userdel removes it.
+
+save()
+{
+	[ ! -d tmp ] && mkdir tmp
+	for i in passwd group shadow gshadow
+	do
+		[ -f /etc/$i  ] && cp /etc/$i  tmp/$i
+	done
+
+	true
+}
+
+restore()
+{
+	for i in passwd group shadow gshadow
+	do
+		[ -f tmp/$i  ] && cp tmp/$i  /etc/$i  && rm tmp/$i
+	done
+	rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'restore' 0
+
+for i in passwd group shadow gshadow
+do
+	cp data/$i /etc
+done
+
+lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ")
+lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ")
+lines_group=$(wc -l /etc/group | cut -f1 -d" ")
+lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ")
+
+echo -n "Copy group.new "
+cpgr data/group.new
+echo "OK"
+
+echo -n "test if the password file was copied"
+diff -au /etc/group data/group.new
+echo "  OK"
+
+echo -n "check that the other files were not modified"
+diff -au /etc/gshadow data/gshadow
+diff -au /etc/passwd data/passwd
+diff -au /etc/shadow data/shadow
+echo "  OK"
diff --git a/tests/cptools/01/run3 b/tests/cptools/01/run3
new file mode 100755
index 0000000..d213e47
--- /dev/null
+++ b/tests/cptools/01/run3
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test that useradd can add an user and userdel removes it.
+
+save()
+{
+	[ ! -d tmp ] && mkdir tmp
+	for i in passwd group shadow gshadow
+	do
+		[ -f /etc/$i  ] && cp /etc/$i  tmp/$i
+	done
+
+	true
+}
+
+restore()
+{
+	for i in passwd group shadow gshadow
+	do
+		[ -f tmp/$i  ] && cp tmp/$i  /etc/$i  && rm tmp/$i
+	done
+	rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'restore' 0
+
+for i in passwd group shadow gshadow
+do
+	cp data/$i /etc
+done
+
+lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ")
+lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ")
+lines_group=$(wc -l /etc/group | cut -f1 -d" ")
+lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ")
+
+echo -n "Copy shadow.new "
+cppw -s data/shadow.new
+echo "OK"
+
+echo -n "test if the password file was copied"
+diff -au /etc/shadow data/shadow.new
+echo "  OK"
+
+echo -n "check that the other files were not modified"
+diff -au /etc/group data/group
+diff -au /etc/gshadow data/gshadow
+diff -au /etc/passwd data/passwd
+echo "  OK"
diff --git a/tests/cptools/01/run4 b/tests/cptools/01/run4
new file mode 100755
index 0000000..7cc3fb8
--- /dev/null
+++ b/tests/cptools/01/run4
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# Rational:
+# Test that useradd can add an user and userdel removes it.
+
+save()
+{
+	[ ! -d tmp ] && mkdir tmp
+	for i in passwd group shadow gshadow
+	do
+		[ -f /etc/$i  ] && cp /etc/$i  tmp/$i
+	done
+
+	true
+}
+
+restore()
+{
+	for i in passwd group shadow gshadow
+	do
+		[ -f tmp/$i  ] && cp tmp/$i  /etc/$i  && rm tmp/$i
+	done
+	rmdir tmp
+}
+
+save
+
+# restore the files on exit
+trap 'restore' 0
+
+for i in passwd group shadow gshadow
+do
+	cp data/$i /etc
+done
+
+lines_passwd=$(wc -l /etc/passwd | cut -f1 -d" ")
+lines_shadow=$(wc -l /etc/shadow | cut -f1 -d" ")
+lines_group=$(wc -l /etc/group | cut -f1 -d" ")
+lines_gshadow=$(wc -l /etc/gshadow | cut -f1 -d" ")
+
+echo -n "Copy gshadow.new "
+cpgr -s data/gshadow.new
+echo "OK"
+
+echo -n "test if the password file was copied"
+diff -au /etc/gshadow data/gshadow.new
+echo "  OK"
+
+echo -n "check that the other files were not modified"
+diff -au /etc/group data/group
+diff -au /etc/passwd data/passwd
+diff -au /etc/shadow data/shadow
+echo "  OK"
diff --git a/tests/cptools/02_cppw_usage/config.txt b/tests/cptools/02_cppw_usage/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/02_cppw_usage/config.txt
diff --git a/tests/cptools/02_cppw_usage/config/etc/group b/tests/cptools/02_cppw_usage/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/02_cppw_usage/config/etc/group
diff --git a/tests/cptools/02_cppw_usage/config/etc/gshadow b/tests/cptools/02_cppw_usage/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/02_cppw_usage/config/etc/gshadow
diff --git a/tests/cptools/02_cppw_usage/config/etc/passwd b/tests/cptools/02_cppw_usage/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/02_cppw_usage/config/etc/passwd
diff --git a/tests/cptools/02_cppw_usage/config/etc/shadow b/tests/cptools/02_cppw_usage/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/02_cppw_usage/config/etc/shadow
diff --git a/tests/cptools/02_cppw_usage/cppw.test b/tests/cptools/02_cppw_usage/cppw.test
new file mode 100755
index 0000000..ef3b77f
--- /dev/null
+++ b/tests/cptools/02_cppw_usage/cppw.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw can displays its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get cppw usage (cppw -h)..."
+cppw -h >tmp/usage.out
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/02_cppw_usage/data/usage.out b/tests/cptools/02_cppw_usage/data/usage.out
new file mode 100644
index 0000000..9efb2a7
--- /dev/null
+++ b/tests/cptools/02_cppw_usage/data/usage.out
@@ -0,0 +1,3 @@
+Usage:
+`cppw <file>' copys over /etc/passwd   `cppw -s <file>' copys over /etc/shadow
+`cpgr <file>' copys over /etc/group    `cpgr -s <file>' copys over /etc/gshadow
diff --git a/tests/cptools/03_cppw_usage_invalid_option/config.txt b/tests/cptools/03_cppw_usage_invalid_option/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/03_cppw_usage_invalid_option/config.txt
diff --git a/tests/cptools/03_cppw_usage_invalid_option/config/etc/group b/tests/cptools/03_cppw_usage_invalid_option/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/03_cppw_usage_invalid_option/config/etc/group
diff --git a/tests/cptools/03_cppw_usage_invalid_option/config/etc/gshadow b/tests/cptools/03_cppw_usage_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/03_cppw_usage_invalid_option/config/etc/gshadow
diff --git a/tests/cptools/03_cppw_usage_invalid_option/config/etc/passwd b/tests/cptools/03_cppw_usage_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/03_cppw_usage_invalid_option/config/etc/passwd
diff --git a/tests/cptools/03_cppw_usage_invalid_option/config/etc/shadow b/tests/cptools/03_cppw_usage_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/03_cppw_usage_invalid_option/config/etc/shadow
diff --git a/tests/cptools/03_cppw_usage_invalid_option/cppw.test b/tests/cptools/03_cppw_usage_invalid_option/cppw.test
new file mode 100755
index 0000000..c6d41e9
--- /dev/null
+++ b/tests/cptools/03_cppw_usage_invalid_option/cppw.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw reports usage of invalid option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use wrong cppw option (cppw -Z)..."
+/usr/sbin/cppw -Z 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/03_cppw_usage_invalid_option/data/usage.out b/tests/cptools/03_cppw_usage_invalid_option/data/usage.out
new file mode 100644
index 0000000..633ff23
--- /dev/null
+++ b/tests/cptools/03_cppw_usage_invalid_option/data/usage.out
@@ -0,0 +1,4 @@
+/usr/sbin/cppw: invalid option -- 'Z'
+Usage:
+`cppw <file>' copys over /etc/passwd   `cppw -s <file>' copys over /etc/shadow
+`cpgr <file>' copys over /etc/group    `cpgr -s <file>' copys over /etc/gshadow
diff --git a/tests/cptools/04_cppw_no_file_argument/config.txt b/tests/cptools/04_cppw_no_file_argument/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/04_cppw_no_file_argument/config.txt
diff --git a/tests/cptools/04_cppw_no_file_argument/config/etc/group b/tests/cptools/04_cppw_no_file_argument/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/04_cppw_no_file_argument/config/etc/group
diff --git a/tests/cptools/04_cppw_no_file_argument/config/etc/gshadow b/tests/cptools/04_cppw_no_file_argument/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/04_cppw_no_file_argument/config/etc/gshadow
diff --git a/tests/cptools/04_cppw_no_file_argument/config/etc/passwd b/tests/cptools/04_cppw_no_file_argument/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/04_cppw_no_file_argument/config/etc/passwd
diff --git a/tests/cptools/04_cppw_no_file_argument/config/etc/shadow b/tests/cptools/04_cppw_no_file_argument/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/04_cppw_no_file_argument/config/etc/shadow
diff --git a/tests/cptools/04_cppw_no_file_argument/cppw.test b/tests/cptools/04_cppw_no_file_argument/cppw.test
new file mode 100755
index 0000000..7ccef73
--- /dev/null
+++ b/tests/cptools/04_cppw_no_file_argument/cppw.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw reports an error if no files are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use cppw without a file argument (cppw)..."
+cppw 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/04_cppw_no_file_argument/data/usage.out b/tests/cptools/04_cppw_no_file_argument/data/usage.out
new file mode 100644
index 0000000..808df39
--- /dev/null
+++ b/tests/cptools/04_cppw_no_file_argument/data/usage.out
@@ -0,0 +1,2 @@
+cppw: wrong number of arguments, -h for usage
+cppw: no changes
diff --git a/tests/cptools/05_cppw_2_files/config.txt b/tests/cptools/05_cppw_2_files/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/05_cppw_2_files/config.txt
diff --git a/tests/cptools/05_cppw_2_files/config/etc/group b/tests/cptools/05_cppw_2_files/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/cptools/05_cppw_2_files/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/cptools/05_cppw_2_files/config/etc/gshadow b/tests/cptools/05_cppw_2_files/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/cptools/05_cppw_2_files/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/cptools/05_cppw_2_files/config/etc/passwd b/tests/cptools/05_cppw_2_files/config/etc/passwd
new file mode 100644
index 0000000..ae3eda3
--- /dev/null
+++ b/tests/cptools/05_cppw_2_files/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/sh
+myuser2:x:424243:424242::/home:/bin/sh
diff --git a/tests/cptools/05_cppw_2_files/config/etc/shadow b/tests/cptools/05_cppw_2_files/config/etc/shadow
new file mode 100644
index 0000000..f004fa2
--- /dev/null
+++ b/tests/cptools/05_cppw_2_files/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/cptools/05_cppw_2_files/cppw.test b/tests/cptools/05_cppw_2_files/cppw.test
new file mode 100755
index 0000000..49ca1d5
--- /dev/null
+++ b/tests/cptools/05_cppw_2_files/cppw.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw reports an error if 2 files are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use cppw with 2 files (cppw data/passwd data/passwd)..."
+cppw data/passwd data/passwd 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/05_cppw_2_files/data/passwd b/tests/cptools/05_cppw_2_files/data/passwd
new file mode 100644
index 0000000..e8e3c39
--- /dev/null
+++ b/tests/cptools/05_cppw_2_files/data/passwd
@@ -0,0 +1,17 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
diff --git a/tests/cptools/05_cppw_2_files/data/usage.out b/tests/cptools/05_cppw_2_files/data/usage.out
new file mode 100644
index 0000000..808df39
--- /dev/null
+++ b/tests/cptools/05_cppw_2_files/data/usage.out
@@ -0,0 +1,2 @@
+cppw: wrong number of arguments, -h for usage
+cppw: no changes
diff --git a/tests/cptools/06_cppw_no_file/config.txt b/tests/cptools/06_cppw_no_file/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/06_cppw_no_file/config.txt
diff --git a/tests/cptools/06_cppw_no_file/config/etc/group b/tests/cptools/06_cppw_no_file/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/06_cppw_no_file/config/etc/group
diff --git a/tests/cptools/06_cppw_no_file/config/etc/gshadow b/tests/cptools/06_cppw_no_file/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/06_cppw_no_file/config/etc/gshadow
diff --git a/tests/cptools/06_cppw_no_file/config/etc/passwd b/tests/cptools/06_cppw_no_file/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/06_cppw_no_file/config/etc/passwd
diff --git a/tests/cptools/06_cppw_no_file/config/etc/shadow b/tests/cptools/06_cppw_no_file/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/06_cppw_no_file/config/etc/shadow
diff --git a/tests/cptools/06_cppw_no_file/cppw.test b/tests/cptools/06_cppw_no_file/cppw.test
new file mode 100755
index 0000000..67a35a9
--- /dev/null
+++ b/tests/cptools/06_cppw_no_file/cppw.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw reports an error if no files are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use cppw with a nonexistant file (cppw data/passwd)..."
+cppw data/passwd 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/06_cppw_no_file/data/usage.out b/tests/cptools/06_cppw_no_file/data/usage.out
new file mode 100644
index 0000000..133dea3
--- /dev/null
+++ b/tests/cptools/06_cppw_no_file/data/usage.out
@@ -0,0 +1,2 @@
+cppw: data/passwd: No such file or directory
+cppw: /etc/passwd is unchanged
diff --git a/tests/cptools/07_cppw_locked_passwd/config.txt b/tests/cptools/07_cppw_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/07_cppw_locked_passwd/config.txt
diff --git a/tests/cptools/07_cppw_locked_passwd/config/etc/group b/tests/cptools/07_cppw_locked_passwd/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/07_cppw_locked_passwd/config/etc/group
diff --git a/tests/cptools/07_cppw_locked_passwd/config/etc/gshadow b/tests/cptools/07_cppw_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/07_cppw_locked_passwd/config/etc/gshadow
diff --git a/tests/cptools/07_cppw_locked_passwd/config/etc/passwd b/tests/cptools/07_cppw_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/07_cppw_locked_passwd/config/etc/passwd
diff --git a/tests/cptools/07_cppw_locked_passwd/config/etc/shadow b/tests/cptools/07_cppw_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/07_cppw_locked_passwd/config/etc/shadow
diff --git a/tests/cptools/07_cppw_locked_passwd/cppw.test b/tests/cptools/07_cppw_locked_passwd/cppw.test
new file mode 100755
index 0000000..366618e
--- /dev/null
+++ b/tests/cptools/07_cppw_locked_passwd/cppw.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw checks if the password file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Use cppw (cppw data/passwd)..."
+cppw data/passwd 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/07_cppw_locked_passwd/data/passwd b/tests/cptools/07_cppw_locked_passwd/data/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/07_cppw_locked_passwd/data/passwd
diff --git a/tests/cptools/07_cppw_locked_passwd/data/usage.out b/tests/cptools/07_cppw_locked_passwd/data/usage.out
new file mode 100644
index 0000000..c99e46a
--- /dev/null
+++ b/tests/cptools/07_cppw_locked_passwd/data/usage.out
@@ -0,0 +1,3 @@
+cppw: existing lock file /etc/passwd.lock without a PID
+cppw: Couldn't lock file
+cppw: /etc/passwd is unchanged
diff --git a/tests/cptools/08_cppw-p/config.txt b/tests/cptools/08_cppw-p/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/08_cppw-p/config.txt
diff --git a/tests/cptools/08_cppw-p/config/etc/group b/tests/cptools/08_cppw-p/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/08_cppw-p/config/etc/group
diff --git a/tests/cptools/08_cppw-p/config/etc/gshadow b/tests/cptools/08_cppw-p/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/08_cppw-p/config/etc/gshadow
diff --git a/tests/cptools/08_cppw-p/config/etc/passwd b/tests/cptools/08_cppw-p/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/08_cppw-p/config/etc/passwd
diff --git a/tests/cptools/08_cppw-p/config/etc/shadow b/tests/cptools/08_cppw-p/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/08_cppw-p/config/etc/shadow
diff --git a/tests/cptools/08_cppw-p/cppw.test b/tests/cptools/08_cppw-p/cppw.test
new file mode 100755
index 0000000..d4ee864
--- /dev/null
+++ b/tests/cptools/08_cppw-p/cppw.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw -p option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use cppw -p (cppw -p data/passwd)..."
+cppw -p data/passwd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/08_cppw-p/data/passwd b/tests/cptools/08_cppw-p/data/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/08_cppw-p/data/passwd
diff --git a/tests/cptools/09_cppw-g/config.txt b/tests/cptools/09_cppw-g/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/09_cppw-g/config.txt
diff --git a/tests/cptools/09_cppw-g/config/etc/group b/tests/cptools/09_cppw-g/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cptools/09_cppw-g/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cptools/09_cppw-g/config/etc/gshadow b/tests/cptools/09_cppw-g/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cptools/09_cppw-g/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cptools/09_cppw-g/config/etc/passwd b/tests/cptools/09_cppw-g/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/cptools/09_cppw-g/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/cptools/09_cppw-g/config/etc/shadow b/tests/cptools/09_cppw-g/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cptools/09_cppw-g/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cptools/09_cppw-g/cppw.test b/tests/cptools/09_cppw-g/cppw.test
new file mode 100755
index 0000000..7ac6d16
--- /dev/null
+++ b/tests/cptools/09_cppw-g/cppw.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw can copy the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use cppw -g (cppw -g data/group)..."
+cppw -g data/group
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/09_cppw-g/data/group b/tests/cptools/09_cppw-g/data/group
new file mode 100644
index 0000000..11b5c11
--- /dev/null
+++ b/tests/cptools/09_cppw-g/data/group
@@ -0,0 +1,39 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
diff --git a/tests/cptools/10_cppw-g-s/config.txt b/tests/cptools/10_cppw-g-s/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/10_cppw-g-s/config.txt
diff --git a/tests/cptools/10_cppw-g-s/config/etc/group b/tests/cptools/10_cppw-g-s/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cptools/10_cppw-g-s/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cptools/10_cppw-g-s/config/etc/gshadow b/tests/cptools/10_cppw-g-s/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cptools/10_cppw-g-s/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cptools/10_cppw-g-s/config/etc/passwd b/tests/cptools/10_cppw-g-s/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/cptools/10_cppw-g-s/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/cptools/10_cppw-g-s/config/etc/shadow b/tests/cptools/10_cppw-g-s/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cptools/10_cppw-g-s/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cptools/10_cppw-g-s/cppw.test b/tests/cptools/10_cppw-g-s/cppw.test
new file mode 100755
index 0000000..602c34a
--- /dev/null
+++ b/tests/cptools/10_cppw-g-s/cppw.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw can copy the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use cppw -g -s (cppw -g -s data/gshadow)..."
+cppw -g -s data/gshadow
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/10_cppw-g-s/data/gshadow b/tests/cptools/10_cppw-g-s/data/gshadow
new file mode 100644
index 0000000..93fc055
--- /dev/null
+++ b/tests/cptools/10_cppw-g-s/data/gshadow
@@ -0,0 +1,39 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
diff --git a/tests/cptools/11_cppw-p-s/config.txt b/tests/cptools/11_cppw-p-s/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/11_cppw-p-s/config.txt
diff --git a/tests/cptools/11_cppw-p-s/config/etc/group b/tests/cptools/11_cppw-p-s/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/cptools/11_cppw-p-s/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/cptools/11_cppw-p-s/config/etc/gshadow b/tests/cptools/11_cppw-p-s/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/cptools/11_cppw-p-s/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/cptools/11_cppw-p-s/config/etc/passwd b/tests/cptools/11_cppw-p-s/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/cptools/11_cppw-p-s/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/cptools/11_cppw-p-s/config/etc/shadow b/tests/cptools/11_cppw-p-s/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/cptools/11_cppw-p-s/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cptools/11_cppw-p-s/cppw.test b/tests/cptools/11_cppw-p-s/cppw.test
new file mode 100755
index 0000000..3c68f05
--- /dev/null
+++ b/tests/cptools/11_cppw-p-s/cppw.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw can copy the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use cppw -p -s (cppw -p -s data/shadow)..."
+cppw -p -s data/shadow
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/11_cppw-p-s/data/shadow b/tests/cptools/11_cppw-p-s/data/shadow
new file mode 100644
index 0000000..6214423
--- /dev/null
+++ b/tests/cptools/11_cppw-p-s/data/shadow
@@ -0,0 +1,16 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/cptools/12_cppw-s_no_shadow_file/config.txt b/tests/cptools/12_cppw-s_no_shadow_file/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/12_cppw-s_no_shadow_file/config.txt
diff --git a/tests/cptools/12_cppw-s_no_shadow_file/config/etc/group b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/group
diff --git a/tests/cptools/12_cppw-s_no_shadow_file/config/etc/gshadow b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/gshadow
diff --git a/tests/cptools/12_cppw-s_no_shadow_file/config/etc/passwd b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/passwd
diff --git a/tests/cptools/12_cppw-s_no_shadow_file/config/etc/shadow b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/12_cppw-s_no_shadow_file/config/etc/shadow
diff --git a/tests/cptools/12_cppw-s_no_shadow_file/cppw.test b/tests/cptools/12_cppw-s_no_shadow_file/cppw.test
new file mode 100755
index 0000000..a0c2095
--- /dev/null
+++ b/tests/cptools/12_cppw-s_no_shadow_file/cppw.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "cppw can copy a shadow file even if there were no shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "done"
+
+echo -n "Use cppw (cppw -s data/shadow)..."
+cppw -s data/shadow 2>tmp/cppw.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/cppw.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/cppw.err tmp/cppw.err
+echo "usage message OK."
+rm -f tmp/cppw.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/cptools/12_cppw-s_no_shadow_file/data/cppw.err b/tests/cptools/12_cppw-s_no_shadow_file/data/cppw.err
new file mode 100644
index 0000000..0c7d649
--- /dev/null
+++ b/tests/cptools/12_cppw-s_no_shadow_file/data/cppw.err
@@ -0,0 +1,2 @@
+cppw: /etc/shadow: No such file or directory
+cppw: /etc/shadow is unchanged
diff --git a/tests/cptools/12_cppw-s_no_shadow_file/data/shadow b/tests/cptools/12_cppw-s_no_shadow_file/data/shadow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/cptools/12_cppw-s_no_shadow_file/data/shadow
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd.test b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd.test
new file mode 100755
index 0000000..d583517
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 01_chpasswd/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 01_chpasswd/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 01_chpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/group b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/gshadow b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/passwd b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/shadow b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/shadow
new file mode 100644
index 0000000..7607cc6
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/group b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/gshadow b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/login.defs b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/login.defs
new file mode 100644
index 0000000..98106ea
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+MD5_CRYPT_ENAB	yes
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/passwd b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/shadow b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_DES-MD5_CRYPT_ENAB/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/01_chpasswd.test b/tests/crypt/login.defs_DES/01_chpasswd.test
new file mode 100755
index 0000000..d583517
--- /dev/null
+++ b/tests/crypt/login.defs_DES/01_chpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 01_chpasswd/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 01_chpasswd/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 01_chpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/01_chpasswd/group b/tests/crypt/login.defs_DES/01_chpasswd/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/01_chpasswd/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/01_chpasswd/gshadow b/tests/crypt/login.defs_DES/01_chpasswd/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES/01_chpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/01_chpasswd/passwd b/tests/crypt/login.defs_DES/01_chpasswd/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/01_chpasswd/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/01_chpasswd/shadow b/tests/crypt/login.defs_DES/01_chpasswd/shadow
new file mode 100644
index 0000000..7607cc6
--- /dev/null
+++ b/tests/crypt/login.defs_DES/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5.test b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5.test
new file mode 100755
index 0000000..2ae3f3b
--- /dev/null
+++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd --crypt-method MD5
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 02_chpasswd--crypt-method-MD5/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 02_chpasswd--crypt-method-MD5/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 02_chpasswd--crypt-method-MD5/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chpasswd--crypt-method-MD5/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/group b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/gshadow b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd.new b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd.new
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/passwd.new
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/shadow b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/shadow
new file mode 100644
index 0000000..658661b
--- /dev/null
+++ b/tests/crypt/login.defs_DES/02_chpasswd--crypt-method-MD5/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES.test b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES.test
new file mode 100755
index 0000000..9848828
--- /dev/null
+++ b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd --crypt-method DES
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 03_chpasswd--crypt-method-DES/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 03_chpasswd--crypt-method-DES/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 03_chpasswd--crypt-method-DES/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 03_chpasswd--crypt-method-DES/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/group b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/gshadow b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/passwd b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/shadow b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/shadow
new file mode 100644
index 0000000..7607cc6
--- /dev/null
+++ b/tests/crypt/login.defs_DES/03_chpasswd--crypt-method-DES/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE.test b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE.test
new file mode 100755
index 0000000..4c4f18a
--- /dev/null
+++ b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd --crypt-method NONE
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 04_chpasswd--crypt-method-NONE/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 04_chpasswd--crypt-method-NONE/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 04_chpasswd--crypt-method-NONE/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 04_chpasswd--crypt-method-NONE/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/group b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/gshadow b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/passwd b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/shadow b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/shadow
new file mode 100644
index 0000000..d2bde3b
--- /dev/null
+++ b/tests/crypt/login.defs_DES/04_chpasswd--crypt-method-NONE/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:test:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/05_chpasswd-e.test b/tests/crypt/login.defs_DES/05_chpasswd-e.test
new file mode 100755
index 0000000..fdac6ae
--- /dev/null
+++ b/tests/crypt/login.defs_DES/05_chpasswd-e.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 05_chpasswd-e/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 05_chpasswd-e/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 05_chpasswd-e/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 05_chpasswd-e/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/05_chpasswd-e/group b/tests/crypt/login.defs_DES/05_chpasswd-e/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/05_chpasswd-e/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/05_chpasswd-e/gshadow b/tests/crypt/login.defs_DES/05_chpasswd-e/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES/05_chpasswd-e/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/05_chpasswd-e/passwd b/tests/crypt/login.defs_DES/05_chpasswd-e/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/05_chpasswd-e/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/05_chpasswd-e/shadow b/tests/crypt/login.defs_DES/05_chpasswd-e/shadow
new file mode 100644
index 0000000..d2bde3b
--- /dev/null
+++ b/tests/crypt/login.defs_DES/05_chpasswd-e/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:test:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/06_chpasswd-m.test b/tests/crypt/login.defs_DES/06_chpasswd-m.test
new file mode 100755
index 0000000..3428d89
--- /dev/null
+++ b/tests/crypt/login.defs_DES/06_chpasswd-m.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd -m
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 06_chpasswd-m/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 06_chpasswd-m/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 06_chpasswd-m/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 06_chpasswd-m/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/06_chpasswd-m/group b/tests/crypt/login.defs_DES/06_chpasswd-m/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/06_chpasswd-m/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/06_chpasswd-m/gshadow b/tests/crypt/login.defs_DES/06_chpasswd-m/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES/06_chpasswd-m/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/06_chpasswd-m/passwd b/tests/crypt/login.defs_DES/06_chpasswd-m/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/06_chpasswd-m/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/06_chpasswd-m/shadow b/tests/crypt/login.defs_DES/06_chpasswd-m/shadow
new file mode 100644
index 0000000..658661b
--- /dev/null
+++ b/tests/crypt/login.defs_DES/06_chpasswd-m/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/07_chgpasswd.test b/tests/crypt/login.defs_DES/07_chgpasswd.test
new file mode 100755
index 0000000..5b7a073
--- /dev/null
+++ b/tests/crypt/login.defs_DES/07_chgpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group's password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's password..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 07_chgpasswd/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 07_chgpasswd/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 07_chgpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 07_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/07_chgpasswd/group b/tests/crypt/login.defs_DES/07_chgpasswd/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/07_chgpasswd/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/07_chgpasswd/gshadow b/tests/crypt/login.defs_DES/07_chgpasswd/gshadow
new file mode 100644
index 0000000..53dba5e
--- /dev/null
+++ b/tests/crypt/login.defs_DES/07_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_DES test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/07_chgpasswd/passwd b/tests/crypt/login.defs_DES/07_chgpasswd/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/07_chgpasswd/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/07_chgpasswd/shadow b/tests/crypt/login.defs_DES/07_chgpasswd/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_DES/07_chgpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5.test b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5.test
new file mode 100755
index 0000000..405e8b2
--- /dev/null
+++ b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group's password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's password..."
+echo nogroup:test | chgpasswd --crypt-method MD5
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 08_chgpasswd--crypt-method-MD5/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 08_chgpasswd--crypt-method-MD5/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 08_chgpasswd--crypt-method-MD5/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 08_chgpasswd--crypt-method-MD5/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/group b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/gshadow b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/gshadow
new file mode 100644
index 0000000..a709bcb
--- /dev/null
+++ b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_MD5 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/passwd b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/shadow b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES.test b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES.test
new file mode 100755
index 0000000..1553e00
--- /dev/null
+++ b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group's password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's password..."
+echo nogroup:test | chgpasswd --crypt-method DES
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 09_chgpasswd--crypt-method-DES/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 09_chgpasswd--crypt-method-DES/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 09_chgpasswd--crypt-method-DES/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 09_chgpasswd--crypt-method-DES/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/group b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/gshadow b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/gshadow
new file mode 100644
index 0000000..53dba5e
--- /dev/null
+++ b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_DES test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/passwd b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/shadow b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_DES/09_chgpasswd--crypt-method-DES/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE.test b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE.test
new file mode 100755
index 0000000..a010de2
--- /dev/null
+++ b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group's password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's password..."
+echo nogroup:test | chgpasswd --crypt-method NONE
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 10_chgpasswd--crypt-method-NONE/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 10_chgpasswd--crypt-method-NONE/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 10_chgpasswd--crypt-method-NONE/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 10_chgpasswd--crypt-method-NONE/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/group b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/gshadow b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/gshadow
new file mode 100644
index 0000000..a8f0af9
--- /dev/null
+++ b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:test::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/passwd b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/shadow b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/11_chgpasswd-e.test b/tests/crypt/login.defs_DES/11_chgpasswd-e.test
new file mode 100755
index 0000000..6b801c1
--- /dev/null
+++ b/tests/crypt/login.defs_DES/11_chgpasswd-e.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nogroup:test | chgpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 11_chgpasswd-e/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 11_chgpasswd-e/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 11_chgpasswd-e/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 11_chgpasswd-e/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/11_chgpasswd-e/group b/tests/crypt/login.defs_DES/11_chgpasswd-e/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/11_chgpasswd-e/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/11_chgpasswd-e/gshadow b/tests/crypt/login.defs_DES/11_chgpasswd-e/gshadow
new file mode 100644
index 0000000..a8f0af9
--- /dev/null
+++ b/tests/crypt/login.defs_DES/11_chgpasswd-e/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:test::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/11_chgpasswd-e/passwd b/tests/crypt/login.defs_DES/11_chgpasswd-e/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/11_chgpasswd-e/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/11_chgpasswd-e/shadow b/tests/crypt/login.defs_DES/11_chgpasswd-e/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_DES/11_chgpasswd-e/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/12_chgpasswd-m.test b/tests/crypt/login.defs_DES/12_chgpasswd-m.test
new file mode 100755
index 0000000..f271cb0
--- /dev/null
+++ b/tests/crypt/login.defs_DES/12_chgpasswd-m.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nogroup:test | chgpasswd -m
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 12_chgpasswd-m/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 12_chgpasswd-m/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 12_chgpasswd-m/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 12_chgpasswd-m/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_DES/12_chgpasswd-m/group b/tests/crypt/login.defs_DES/12_chgpasswd-m/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/12_chgpasswd-m/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/12_chgpasswd-m/gshadow b/tests/crypt/login.defs_DES/12_chgpasswd-m/gshadow
new file mode 100644
index 0000000..a709bcb
--- /dev/null
+++ b/tests/crypt/login.defs_DES/12_chgpasswd-m/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_MD5 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/12_chgpasswd-m/passwd b/tests/crypt/login.defs_DES/12_chgpasswd-m/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/12_chgpasswd-m/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/12_chgpasswd-m/shadow b/tests/crypt/login.defs_DES/12_chgpasswd-m/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_DES/12_chgpasswd-m/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_DES/config/etc/group b/tests/crypt/login.defs_DES/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_DES/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_DES/config/etc/gshadow b/tests/crypt/login.defs_DES/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_DES/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_DES/config/etc/login.defs b/tests/crypt/login.defs_DES/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/crypt/login.defs_DES/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_DES/config/etc/passwd b/tests/crypt/login.defs_DES/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_DES/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_DES/config/etc/shadow b/tests/crypt/login.defs_DES/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_DES/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_MD5/01_chpasswd.test b/tests/crypt/login.defs_MD5/01_chpasswd.test
new file mode 100755
index 0000000..d583517
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/01_chpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 01_chpasswd/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 01_chpasswd/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 01_chpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_MD5/01_chpasswd/group b/tests/crypt/login.defs_MD5/01_chpasswd/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/01_chpasswd/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_MD5/01_chpasswd/gshadow b/tests/crypt/login.defs_MD5/01_chpasswd/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/01_chpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_MD5/01_chpasswd/passwd b/tests/crypt/login.defs_MD5/01_chpasswd/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/01_chpasswd/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_MD5/01_chpasswd/shadow b/tests/crypt/login.defs_MD5/01_chpasswd/shadow
new file mode 100644
index 0000000..658661b
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_MD5/02_chgpasswd.test b/tests/crypt/login.defs_MD5/02_chgpasswd.test
new file mode 100755
index 0000000..c102e89
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/02_chgpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "echo nogroup:test | chgpasswd..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 02_chgpasswd/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 02_chgpasswd/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 02_chgpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_MD5/02_chgpasswd/group b/tests/crypt/login.defs_MD5/02_chgpasswd/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/02_chgpasswd/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_MD5/02_chgpasswd/gshadow b/tests/crypt/login.defs_MD5/02_chgpasswd/gshadow
new file mode 100644
index 0000000..a709bcb
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/02_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_MD5 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_MD5/02_chgpasswd/passwd b/tests/crypt/login.defs_MD5/02_chgpasswd/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/02_chgpasswd/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_MD5/02_chgpasswd/shadow b/tests/crypt/login.defs_MD5/02_chgpasswd/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/02_chgpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_MD5/config/etc/group b/tests/crypt/login.defs_MD5/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_MD5/config/etc/gshadow b/tests/crypt/login.defs_MD5/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_MD5/config/etc/login.defs b/tests/crypt/login.defs_MD5/config/etc/login.defs
new file mode 100644
index 0000000..c035580
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD MD5
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_MD5/config/etc/passwd b/tests/crypt/login.defs_MD5/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_MD5/config/etc/shadow b/tests/crypt/login.defs_MD5/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_MD5/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd.test b/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd.test
new file mode 100755
index 0000000..28ee58f
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd/shadow b/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd/shadow
new file mode 100644
index 0000000..658661b
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd.test b/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd.test
new file mode 100755
index 0000000..a38a669
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "echo nogroup:test | chgpasswd..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd/gshadow b/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd/gshadow
new file mode 100644
index 0000000..a709bcb
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_MD5 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/group b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/gshadow b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/login.defs b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/login.defs
new file mode 100644
index 0000000..c214714
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+MD5_CRYPT_ENAB	yes
+#ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/passwd b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/shadow b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_MD5_CRYPT_ENAB/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA256-round-max/01_chpasswd.test b/tests/crypt/login.defs_SHA256-round-max/01_chpasswd.test
new file mode 100755
index 0000000..3c04e67
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/01_chpasswd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the number of rounds..."
+grep -q '^nobody:\$5\$rounds=7000\$' /etc/shadow || {
+	grep "^nobody:" /etc/shadow
+	exit 1
+}
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA256-round-max/01_chpasswd/shadow b/tests/crypt/login.defs_SHA256-round-max/01_chpasswd/shadow
new file mode 100644
index 0000000..e16a7b0
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd.test b/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd.test
new file mode 100755
index 0000000..51adcbe
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "echo nogroup:test | chgpasswd..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the number of rounds..."
+grep -q '^nogroup:\$5\$rounds=7000\$' /etc/gshadow || {
+	grep "^nogroup:" /etc/gshadow
+	exit 1
+}
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd/gshadow b/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd/gshadow
new file mode 100644
index 0000000..f235584
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/02_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA256 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA256-round-max/config/etc/group b/tests/crypt/login.defs_SHA256-round-max/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_SHA256-round-max/config/etc/gshadow b/tests/crypt/login.defs_SHA256-round-max/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA256-round-max/config/etc/login.defs b/tests/crypt/login.defs_SHA256-round-max/config/etc/login.defs
new file mode 100644
index 0000000..656950a
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD SHA256
+#SHA_CRYPT_MIN_ROUNDS 2000
+SHA_CRYPT_MAX_ROUNDS 7000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_SHA256-round-max/config/etc/passwd b/tests/crypt/login.defs_SHA256-round-max/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_SHA256-round-max/config/etc/shadow b/tests/crypt/login.defs_SHA256-round-max/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-max/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd.test b/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd.test
new file mode 100755
index 0000000..ba6d6f2
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd.test
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change an user's password with chpasswd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change user nobody's password (echo nobody:test | chpasswd)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the number of rounds..."
+rounds1=$(sed -n 's/^nobody:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow)
+echo -n "($rounds1)..."
+if [ "$rounds1" -lt 3000 ] || [ "$rounds1" -gt 10000 ]; then
+	echo "Wrong rounds: $rounds1"
+	grep "^nobody:" /etc/shadow
+	exit 1
+fi
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+echo ""
+echo "Make sure the number of rounds is not constant"
+
+echo -n "  Change user nobody's password (echo nobody:test | chpasswd)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+rounds2=$(sed -n 's/^nobody:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow)
+if [ "$rounds1" = "$rounds2" ]; then
+	echo "The number of rounds did not change."
+	echo "It may not be a error, please re-run this test."
+	exit 1
+fi
+echo -n "($rounds2)..."
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd/shadow b/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd/shadow
new file mode 100644
index 0000000..e16a7b0
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd.test b/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd.test
new file mode 100755
index 0000000..f730d51
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd.test
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group's password with chgpasswd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group nogroup's password (echo nogroup:test | chgpasswd)..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the number of rounds..."
+rounds1=$(sed -n 's/^nogroup:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/gshadow)
+echo -n "($rounds1)..."
+if [ "$rounds1" -lt 3000 ] || [ "$rounds1" -gt 10000 ]; then
+	echo "Wrong rounds: $rounds1"
+	grep "^nogroup:" /etc/gshadow
+	exit 1
+fi
+echo "OK"
+
+echo ""
+echo "Make sure the number of rounds is not constant"
+
+echo -n "  Change group nogroup's password (echo nogroup:test | chgpasswd)..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+rounds2=$(sed -n 's/^nogroup:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/gshadow)
+if [ "$rounds1" = "$rounds2" ]; then
+	echo "The number of rounds did not change."
+	echo "It may not be a error, please re-run this test."
+	exit 1
+fi
+echo -n "($rounds2)..."
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd/gshadow b/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd/gshadow
new file mode 100644
index 0000000..f235584
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/02_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA256 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/config/etc/group b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/config/etc/gshadow b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/config/etc/login.defs b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/login.defs
new file mode 100644
index 0000000..639fb92
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD SHA256
+SHA_CRYPT_MIN_ROUNDS 3000
+SHA_CRYPT_MAX_ROUNDS 10000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/config/etc/passwd b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_SHA256-round-min-max/config/etc/shadow b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min-max/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA256-round-min/01_chpasswd.test b/tests/crypt/login.defs_SHA256-round-min/01_chpasswd.test
new file mode 100755
index 0000000..8a445e7
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/01_chpasswd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the number of rounds..."
+grep -q '^nobody:\$5\$rounds=2000\$' /etc/shadow || {
+	grep "^nobody:" /etc/shadow
+	exit 1
+}
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA256-round-min/01_chpasswd/shadow b/tests/crypt/login.defs_SHA256-round-min/01_chpasswd/shadow
new file mode 100644
index 0000000..e16a7b0
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd.test b/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd.test
new file mode 100755
index 0000000..bbbac5b
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Changea group password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "echo nogroup:test | chgpasswd..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the number of rounds..."
+grep -q '^nogroup:\$5\$rounds=2000\$' /etc/gshadow || {
+	grep "^nogroup:" /etc/gshadow
+	exit 1
+}
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd/gshadow b/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd/gshadow
new file mode 100644
index 0000000..f235584
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/02_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA256 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA256-round-min/config/etc/group b/tests/crypt/login.defs_SHA256-round-min/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_SHA256-round-min/config/etc/gshadow b/tests/crypt/login.defs_SHA256-round-min/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA256-round-min/config/etc/login.defs b/tests/crypt/login.defs_SHA256-round-min/config/etc/login.defs
new file mode 100644
index 0000000..b8087b2
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD SHA256
+SHA_CRYPT_MIN_ROUNDS 2000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_SHA256-round-min/config/etc/passwd b/tests/crypt/login.defs_SHA256-round-min/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_SHA256-round-min/config/etc/shadow b/tests/crypt/login.defs_SHA256-round-min/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256-round-min/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA256/01_chpasswd.test b/tests/crypt/login.defs_SHA256/01_chpasswd.test
new file mode 100755
index 0000000..28ee58f
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/01_chpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA256/01_chpasswd/shadow b/tests/crypt/login.defs_SHA256/01_chpasswd/shadow
new file mode 100644
index 0000000..e16a7b0
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA256/02_chgpasswd.test b/tests/crypt/login.defs_SHA256/02_chgpasswd.test
new file mode 100755
index 0000000..a38a669
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/02_chgpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "echo nogroup:test | chgpasswd..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA256/02_chgpasswd/gshadow b/tests/crypt/login.defs_SHA256/02_chgpasswd/gshadow
new file mode 100644
index 0000000..f235584
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/02_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA256 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA256/config/etc/group b/tests/crypt/login.defs_SHA256/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_SHA256/config/etc/gshadow b/tests/crypt/login.defs_SHA256/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA256/config/etc/login.defs b/tests/crypt/login.defs_SHA256/config/etc/login.defs
new file mode 100644
index 0000000..8001001
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD SHA256
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_SHA256/config/etc/passwd b/tests/crypt/login.defs_SHA256/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_SHA256/config/etc/shadow b/tests/crypt/login.defs_SHA256/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_SHA256/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA512/01_chpasswd.test b/tests/crypt/login.defs_SHA512/01_chpasswd.test
new file mode 100755
index 0000000..28ee58f
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/01_chpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA512/01_chpasswd/shadow b/tests/crypt/login.defs_SHA512/01_chpasswd/shadow
new file mode 100644
index 0000000..5822203
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_SHA512/02_chgpasswd.test b/tests/crypt/login.defs_SHA512/02_chgpasswd.test
new file mode 100755
index 0000000..b7ac288
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/02_chgpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group's password with chgpasswd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "echo nogroup:test | chgpasswd..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_SHA512/02_chgpasswd/gshadow b/tests/crypt/login.defs_SHA512/02_chgpasswd/gshadow
new file mode 100644
index 0000000..5c8c33a
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/02_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA512 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA512/config/etc/group b/tests/crypt/login.defs_SHA512/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_SHA512/config/etc/gshadow b/tests/crypt/login.defs_SHA512/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_SHA512/config/etc/login.defs b/tests/crypt/login.defs_SHA512/config/etc/login.defs
new file mode 100644
index 0000000..76369b6
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD SHA512
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_SHA512/config/etc/passwd b/tests/crypt/login.defs_SHA512/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_SHA512/config/etc/shadow b/tests/crypt/login.defs_SHA512/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_SHA512/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_none/01_chpasswd.test b/tests/crypt/login.defs_none/01_chpasswd.test
new file mode 100755
index 0000000..28ee58f
--- /dev/null
+++ b/tests/crypt/login.defs_none/01_chpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+echo nobody:test | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_chpasswd/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_none/01_chpasswd/shadow b/tests/crypt/login.defs_none/01_chpasswd/shadow
new file mode 100644
index 0000000..7607cc6
--- /dev/null
+++ b/tests/crypt/login.defs_none/01_chpasswd/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/crypt/login.defs_none/02_chgpasswd.test b/tests/crypt/login.defs_none/02_chgpasswd.test
new file mode 100755
index 0000000..b7ac288
--- /dev/null
+++ b/tests/crypt/login.defs_none/02_chgpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change a group's password with chgpasswd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "echo nogroup:test | chgpasswd..."
+echo nogroup:test | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_chgpasswd/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/crypt/login.defs_none/02_chgpasswd/gshadow b/tests/crypt/login.defs_none/02_chgpasswd/gshadow
new file mode 100644
index 0000000..53dba5e
--- /dev/null
+++ b/tests/crypt/login.defs_none/02_chgpasswd/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_DES test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_none/config/etc/group b/tests/crypt/login.defs_none/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/crypt/login.defs_none/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/crypt/login.defs_none/config/etc/gshadow b/tests/crypt/login.defs_none/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/crypt/login.defs_none/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/crypt/login.defs_none/config/etc/login.defs b/tests/crypt/login.defs_none/config/etc/login.defs
new file mode 100644
index 0000000..f1f0a57
--- /dev/null
+++ b/tests/crypt/login.defs_none/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+#ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/crypt/login.defs_none/config/etc/passwd b/tests/crypt/login.defs_none/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/crypt/login.defs_none/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/crypt/login.defs_none/config/etc/shadow b/tests/crypt/login.defs_none/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/crypt/login.defs_none/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/debian/01/data/login_files b/tests/debian/01/data/login_files
new file mode 100644
index 0000000..04f4974
--- /dev/null
+++ b/tests/debian/01/data/login_files
@@ -0,0 +1,296 @@
+/.
+/bin
+/bin/login
+/bin/su
+/etc
+/etc/login.defs
+/etc/pam.d
+/etc/pam.d/login
+/etc/pam.d/su
+/etc/securetty
+/usr
+/usr/bin
+/usr/bin/faillog
+/usr/bin/lastlog
+/usr/bin/newgrp
+/usr/bin/sg
+/usr/sbin
+/usr/sbin/nologin
+/usr/share
+/usr/share/doc
+/usr/share/doc/login
+/usr/share/doc/login/NEWS.Debian.gz
+/usr/share/doc/login/NEWS.gz
+/usr/share/doc/login/README
+/usr/share/doc/login/TODO.gz
+/usr/share/doc/login/changelog.Debian.gz
+/usr/share/doc/login/changelog.gz
+/usr/share/doc/login/copyright
+/usr/share/lintian
+/usr/share/lintian/overrides
+/usr/share/lintian/overrides/login
+/usr/share/locale
+/usr/share/locale/bs
+/usr/share/locale/bs/LC_MESSAGES
+/usr/share/locale/bs/LC_MESSAGES/shadow.mo
+/usr/share/locale/ca
+/usr/share/locale/ca/LC_MESSAGES
+/usr/share/locale/ca/LC_MESSAGES/shadow.mo
+/usr/share/locale/cs
+/usr/share/locale/cs/LC_MESSAGES
+/usr/share/locale/cs/LC_MESSAGES/shadow.mo
+/usr/share/locale/da
+/usr/share/locale/da/LC_MESSAGES
+/usr/share/locale/da/LC_MESSAGES/shadow.mo
+/usr/share/locale/de
+/usr/share/locale/de/LC_MESSAGES
+/usr/share/locale/de/LC_MESSAGES/shadow.mo
+/usr/share/locale/dz
+/usr/share/locale/dz/LC_MESSAGES
+/usr/share/locale/dz/LC_MESSAGES/shadow.mo
+/usr/share/locale/el
+/usr/share/locale/el/LC_MESSAGES
+/usr/share/locale/el/LC_MESSAGES/shadow.mo
+/usr/share/locale/es
+/usr/share/locale/es/LC_MESSAGES
+/usr/share/locale/es/LC_MESSAGES/shadow.mo
+/usr/share/locale/eu
+/usr/share/locale/eu/LC_MESSAGES
+/usr/share/locale/eu/LC_MESSAGES/shadow.mo
+/usr/share/locale/fi
+/usr/share/locale/fi/LC_MESSAGES
+/usr/share/locale/fi/LC_MESSAGES/shadow.mo
+/usr/share/locale/fr
+/usr/share/locale/fr/LC_MESSAGES
+/usr/share/locale/fr/LC_MESSAGES/shadow.mo
+/usr/share/locale/gl
+/usr/share/locale/gl/LC_MESSAGES
+/usr/share/locale/gl/LC_MESSAGES/shadow.mo
+/usr/share/locale/he
+/usr/share/locale/he/LC_MESSAGES
+/usr/share/locale/he/LC_MESSAGES/shadow.mo
+/usr/share/locale/hu
+/usr/share/locale/hu/LC_MESSAGES
+/usr/share/locale/hu/LC_MESSAGES/shadow.mo
+/usr/share/locale/id
+/usr/share/locale/id/LC_MESSAGES
+/usr/share/locale/id/LC_MESSAGES/shadow.mo
+/usr/share/locale/it
+/usr/share/locale/it/LC_MESSAGES
+/usr/share/locale/it/LC_MESSAGES/shadow.mo
+/usr/share/locale/ja
+/usr/share/locale/ja/LC_MESSAGES
+/usr/share/locale/ja/LC_MESSAGES/shadow.mo
+/usr/share/locale/kk
+/usr/share/locale/kk/LC_MESSAGES
+/usr/share/locale/kk/LC_MESSAGES/shadow.mo
+/usr/share/locale/km
+/usr/share/locale/km/LC_MESSAGES
+/usr/share/locale/km/LC_MESSAGES/shadow.mo
+/usr/share/locale/ko
+/usr/share/locale/ko/LC_MESSAGES
+/usr/share/locale/ko/LC_MESSAGES/shadow.mo
+/usr/share/locale/nb
+/usr/share/locale/nb/LC_MESSAGES
+/usr/share/locale/nb/LC_MESSAGES/shadow.mo
+/usr/share/locale/ne
+/usr/share/locale/ne/LC_MESSAGES
+/usr/share/locale/ne/LC_MESSAGES/shadow.mo
+/usr/share/locale/nl
+/usr/share/locale/nl/LC_MESSAGES
+/usr/share/locale/nl/LC_MESSAGES/shadow.mo
+/usr/share/locale/nn
+/usr/share/locale/nn/LC_MESSAGES
+/usr/share/locale/nn/LC_MESSAGES/shadow.mo
+/usr/share/locale/pl
+/usr/share/locale/pl/LC_MESSAGES
+/usr/share/locale/pl/LC_MESSAGES/shadow.mo
+/usr/share/locale/pt
+/usr/share/locale/pt/LC_MESSAGES
+/usr/share/locale/pt/LC_MESSAGES/shadow.mo
+/usr/share/locale/pt_BR
+/usr/share/locale/pt_BR/LC_MESSAGES
+/usr/share/locale/pt_BR/LC_MESSAGES/shadow.mo
+/usr/share/locale/ro
+/usr/share/locale/ro/LC_MESSAGES
+/usr/share/locale/ro/LC_MESSAGES/shadow.mo
+/usr/share/locale/ru
+/usr/share/locale/ru/LC_MESSAGES
+/usr/share/locale/ru/LC_MESSAGES/shadow.mo
+/usr/share/locale/sk
+/usr/share/locale/sk/LC_MESSAGES
+/usr/share/locale/sk/LC_MESSAGES/shadow.mo
+/usr/share/locale/sq
+/usr/share/locale/sq/LC_MESSAGES
+/usr/share/locale/sq/LC_MESSAGES/shadow.mo
+/usr/share/locale/sv
+/usr/share/locale/sv/LC_MESSAGES
+/usr/share/locale/sv/LC_MESSAGES/shadow.mo
+/usr/share/locale/tl
+/usr/share/locale/tl/LC_MESSAGES
+/usr/share/locale/tl/LC_MESSAGES/shadow.mo
+/usr/share/locale/tr
+/usr/share/locale/tr/LC_MESSAGES
+/usr/share/locale/tr/LC_MESSAGES/shadow.mo
+/usr/share/locale/uk
+/usr/share/locale/uk/LC_MESSAGES
+/usr/share/locale/uk/LC_MESSAGES/shadow.mo
+/usr/share/locale/vi
+/usr/share/locale/vi/LC_MESSAGES
+/usr/share/locale/vi/LC_MESSAGES/shadow.mo
+/usr/share/locale/zh_CN
+/usr/share/locale/zh_CN/LC_MESSAGES
+/usr/share/locale/zh_CN/LC_MESSAGES/shadow.mo
+/usr/share/locale/zh_TW
+/usr/share/locale/zh_TW/LC_MESSAGES
+/usr/share/locale/zh_TW/LC_MESSAGES/shadow.mo
+/usr/share/man
+/usr/share/man/cs
+/usr/share/man/cs/man1
+/usr/share/man/cs/man1/su.1.gz
+/usr/share/man/cs/man5
+/usr/share/man/cs/man5/faillog.5.gz
+/usr/share/man/cs/man8
+/usr/share/man/cs/man8/faillog.8.gz
+/usr/share/man/cs/man8/lastlog.8.gz
+/usr/share/man/cs/man8/nologin.8.gz
+/usr/share/man/da
+/usr/share/man/da/man1
+/usr/share/man/da/man1/newgrp.1.gz
+/usr/share/man/da/man1/sg.1.gz
+/usr/share/man/da/man8
+/usr/share/man/da/man8/nologin.8.gz
+/usr/share/man/de
+/usr/share/man/de/man1
+/usr/share/man/de/man1/login.1.gz
+/usr/share/man/de/man1/newgrp.1.gz
+/usr/share/man/de/man1/sg.1.gz
+/usr/share/man/de/man1/su.1.gz
+/usr/share/man/de/man5
+/usr/share/man/de/man5/faillog.5.gz
+/usr/share/man/de/man5/login.defs.5.gz
+/usr/share/man/de/man8
+/usr/share/man/de/man8/faillog.8.gz
+/usr/share/man/de/man8/lastlog.8.gz
+/usr/share/man/de/man8/nologin.8.gz
+/usr/share/man/fi
+/usr/share/man/fi/man1
+/usr/share/man/fi/man1/su.1.gz
+/usr/share/man/fr
+/usr/share/man/fr/man1
+/usr/share/man/fr/man1/login.1.gz
+/usr/share/man/fr/man1/newgrp.1.gz
+/usr/share/man/fr/man1/sg.1.gz
+/usr/share/man/fr/man1/su.1.gz
+/usr/share/man/fr/man5
+/usr/share/man/fr/man5/faillog.5.gz
+/usr/share/man/fr/man5/login.defs.5.gz
+/usr/share/man/fr/man8
+/usr/share/man/fr/man8/faillog.8.gz
+/usr/share/man/fr/man8/lastlog.8.gz
+/usr/share/man/fr/man8/nologin.8.gz
+/usr/share/man/hu
+/usr/share/man/hu/man1
+/usr/share/man/hu/man1/login.1.gz
+/usr/share/man/hu/man1/newgrp.1.gz
+/usr/share/man/hu/man1/sg.1.gz
+/usr/share/man/hu/man1/su.1.gz
+/usr/share/man/hu/man8
+/usr/share/man/hu/man8/lastlog.8.gz
+/usr/share/man/id
+/usr/share/man/id/man1
+/usr/share/man/id/man1/login.1.gz
+/usr/share/man/it
+/usr/share/man/it/man1
+/usr/share/man/it/man1/login.1.gz
+/usr/share/man/it/man1/newgrp.1.gz
+/usr/share/man/it/man1/sg.1.gz
+/usr/share/man/it/man1/su.1.gz
+/usr/share/man/it/man5
+/usr/share/man/it/man5/faillog.5.gz
+/usr/share/man/it/man5/login.defs.5.gz
+/usr/share/man/it/man8
+/usr/share/man/it/man8/faillog.8.gz
+/usr/share/man/it/man8/lastlog.8.gz
+/usr/share/man/it/man8/nologin.8.gz
+/usr/share/man/ja
+/usr/share/man/ja/man1
+/usr/share/man/ja/man1/login.1.gz
+/usr/share/man/ja/man1/newgrp.1.gz
+/usr/share/man/ja/man1/sg.1.gz
+/usr/share/man/ja/man1/su.1.gz
+/usr/share/man/ja/man5
+/usr/share/man/ja/man5/faillog.5.gz
+/usr/share/man/ja/man5/login.defs.5.gz
+/usr/share/man/ja/man8
+/usr/share/man/ja/man8/faillog.8.gz
+/usr/share/man/ja/man8/lastlog.8.gz
+/usr/share/man/ko
+/usr/share/man/ko/man1
+/usr/share/man/ko/man1/login.1.gz
+/usr/share/man/ko/man1/su.1.gz
+/usr/share/man/man1
+/usr/share/man/man1/login.1.gz
+/usr/share/man/man1/newgrp.1.gz
+/usr/share/man/man1/sg.1.gz
+/usr/share/man/man1/su.1.gz
+/usr/share/man/man5
+/usr/share/man/man5/faillog.5.gz
+/usr/share/man/man5/login.defs.5.gz
+/usr/share/man/man8
+/usr/share/man/man8/faillog.8.gz
+/usr/share/man/man8/lastlog.8.gz
+/usr/share/man/man8/nologin.8.gz
+/usr/share/man/pl
+/usr/share/man/pl/man1
+/usr/share/man/pl/man1/newgrp.1.gz
+/usr/share/man/pl/man1/sg.1.gz
+/usr/share/man/pl/man5
+/usr/share/man/pl/man5/faillog.5.gz
+/usr/share/man/pl/man8
+/usr/share/man/pl/man8/faillog.8.gz
+/usr/share/man/pl/man8/lastlog.8.gz
+/usr/share/man/ru
+/usr/share/man/ru/man1
+/usr/share/man/ru/man1/login.1.gz
+/usr/share/man/ru/man1/newgrp.1.gz
+/usr/share/man/ru/man1/sg.1.gz
+/usr/share/man/ru/man1/su.1.gz
+/usr/share/man/ru/man5
+/usr/share/man/ru/man5/faillog.5.gz
+/usr/share/man/ru/man5/login.defs.5.gz
+/usr/share/man/ru/man8
+/usr/share/man/ru/man8/faillog.8.gz
+/usr/share/man/ru/man8/lastlog.8.gz
+/usr/share/man/ru/man8/nologin.8.gz
+/usr/share/man/sv
+/usr/share/man/sv/man1
+/usr/share/man/sv/man1/newgrp.1.gz
+/usr/share/man/sv/man1/sg.1.gz
+/usr/share/man/sv/man5
+/usr/share/man/sv/man5/faillog.5.gz
+/usr/share/man/sv/man8
+/usr/share/man/sv/man8/faillog.8.gz
+/usr/share/man/sv/man8/lastlog.8.gz
+/usr/share/man/sv/man8/nologin.8.gz
+/usr/share/man/tr
+/usr/share/man/tr/man1
+/usr/share/man/tr/man1/login.1.gz
+/usr/share/man/tr/man1/su.1.gz
+/usr/share/man/zh_CN
+/usr/share/man/zh_CN/man1
+/usr/share/man/zh_CN/man1/login.1.gz
+/usr/share/man/zh_CN/man1/newgrp.1.gz
+/usr/share/man/zh_CN/man1/sg.1.gz
+/usr/share/man/zh_CN/man1/su.1.gz
+/usr/share/man/zh_CN/man5
+/usr/share/man/zh_CN/man5/faillog.5.gz
+/usr/share/man/zh_CN/man5/login.defs.5.gz
+/usr/share/man/zh_CN/man8
+/usr/share/man/zh_CN/man8/faillog.8.gz
+/usr/share/man/zh_CN/man8/lastlog.8.gz
+/usr/share/man/zh_CN/man8/nologin.8.gz
+/usr/share/man/zh_TW
+/usr/share/man/zh_TW/man1
+/usr/share/man/zh_TW/man1/newgrp.1.gz
+/usr/share/man/zh_TW/man1/su.1.gz
diff --git a/tests/debian/01/data/passwd_files b/tests/debian/01/data/passwd_files
new file mode 100644
index 0000000..78380f4
--- /dev/null
+++ b/tests/debian/01/data/passwd_files
@@ -0,0 +1,400 @@
+/.
+/etc
+/etc/cron.daily
+/etc/cron.daily/passwd
+/etc/default
+/etc/default/useradd
+/etc/pam.d
+/etc/pam.d/chfn
+/etc/pam.d/chpasswd
+/etc/pam.d/chsh
+/etc/pam.d/groupmems
+/etc/pam.d/newusers
+/etc/pam.d/passwd
+/sbin
+/sbin/shadowconfig
+/usr
+/usr/bin
+/usr/bin/chage
+/usr/bin/chfn
+/usr/bin/chsh
+/usr/bin/expiry
+/usr/bin/gpasswd
+/usr/bin/passwd
+/usr/sbin
+/usr/sbin/chgpasswd
+/usr/sbin/chpasswd
+/usr/sbin/cpgr
+/usr/sbin/cppw
+/usr/sbin/groupadd
+/usr/sbin/groupdel
+/usr/sbin/groupmems
+/usr/sbin/groupmod
+/usr/sbin/grpck
+/usr/sbin/grpconv
+/usr/sbin/grpunconv
+/usr/sbin/newusers
+/usr/sbin/pwck
+/usr/sbin/pwconv
+/usr/sbin/pwunconv
+/usr/sbin/useradd
+/usr/sbin/userdel
+/usr/sbin/usermod
+/usr/sbin/vigr
+/usr/sbin/vipw
+/usr/share
+/usr/share/doc
+/usr/share/doc/passwd
+/usr/share/doc/passwd/NEWS.Debian.gz
+/usr/share/doc/passwd/NEWS.gz
+/usr/share/doc/passwd/README
+/usr/share/doc/passwd/README.Debian
+/usr/share/doc/passwd/TODO.gz
+/usr/share/doc/passwd/changelog.Debian.gz
+/usr/share/doc/passwd/changelog.gz
+/usr/share/doc/passwd/copyright
+/usr/share/doc/passwd/examples
+/usr/share/doc/passwd/examples/passwd.expire.cron
+/usr/share/lintian
+/usr/share/lintian/overrides
+/usr/share/lintian/overrides/passwd
+/usr/share/man
+/usr/share/man/cs
+/usr/share/man/cs/man1
+/usr/share/man/cs/man1/expiry.1.gz
+/usr/share/man/cs/man1/gpasswd.1.gz
+/usr/share/man/cs/man5
+/usr/share/man/cs/man5/gshadow.5.gz
+/usr/share/man/cs/man5/passwd.5.gz
+/usr/share/man/cs/man5/shadow.5.gz
+/usr/share/man/cs/man8
+/usr/share/man/cs/man8/groupadd.8.gz
+/usr/share/man/cs/man8/groupdel.8.gz
+/usr/share/man/cs/man8/groupmod.8.gz
+/usr/share/man/cs/man8/grpck.8.gz
+/usr/share/man/cs/man8/vipw.8.gz
+/usr/share/man/da
+/usr/share/man/da/man1
+/usr/share/man/da/man1/chfn.1.gz
+/usr/share/man/da/man5
+/usr/share/man/da/man5/gshadow.5.gz
+/usr/share/man/da/man8
+/usr/share/man/da/man8/groupdel.8.gz
+/usr/share/man/da/man8/vigr.8.gz
+/usr/share/man/da/man8/vipw.8.gz
+/usr/share/man/de
+/usr/share/man/de/man1
+/usr/share/man/de/man1/chage.1.gz
+/usr/share/man/de/man1/chfn.1.gz
+/usr/share/man/de/man1/chsh.1.gz
+/usr/share/man/de/man1/expiry.1.gz
+/usr/share/man/de/man1/gpasswd.1.gz
+/usr/share/man/de/man1/passwd.1.gz
+/usr/share/man/de/man5
+/usr/share/man/de/man5/gshadow.5.gz
+/usr/share/man/de/man5/passwd.5.gz
+/usr/share/man/de/man5/shadow.5.gz
+/usr/share/man/de/man8
+/usr/share/man/de/man8/chpasswd.8.gz
+/usr/share/man/de/man8/groupadd.8.gz
+/usr/share/man/de/man8/groupdel.8.gz
+/usr/share/man/de/man8/groupmems.8.gz
+/usr/share/man/de/man8/groupmod.8.gz
+/usr/share/man/de/man8/grpck.8.gz
+/usr/share/man/de/man8/grpconv.8.gz
+/usr/share/man/de/man8/grpunconv.8.gz
+/usr/share/man/de/man8/newusers.8.gz
+/usr/share/man/de/man8/pwck.8.gz
+/usr/share/man/de/man8/pwconv.8.gz
+/usr/share/man/de/man8/pwunconv.8.gz
+/usr/share/man/de/man8/useradd.8.gz
+/usr/share/man/de/man8/userdel.8.gz
+/usr/share/man/de/man8/usermod.8.gz
+/usr/share/man/de/man8/vigr.8.gz
+/usr/share/man/de/man8/vipw.8.gz
+/usr/share/man/fi
+/usr/share/man/fi/man1
+/usr/share/man/fi/man1/chfn.1.gz
+/usr/share/man/fi/man1/chsh.1.gz
+/usr/share/man/fr
+/usr/share/man/fr/man1
+/usr/share/man/fr/man1/chage.1.gz
+/usr/share/man/fr/man1/chfn.1.gz
+/usr/share/man/fr/man1/chsh.1.gz
+/usr/share/man/fr/man1/expiry.1.gz
+/usr/share/man/fr/man1/gpasswd.1.gz
+/usr/share/man/fr/man1/passwd.1.gz
+/usr/share/man/fr/man5
+/usr/share/man/fr/man5/gshadow.5.gz
+/usr/share/man/fr/man5/passwd.5.gz
+/usr/share/man/fr/man5/shadow.5.gz
+/usr/share/man/fr/man5/subgid.5.gz
+/usr/share/man/fr/man5/subuid.5.gz
+/usr/share/man/fr/man8
+/usr/share/man/fr/man8/chpasswd.8.gz
+/usr/share/man/fr/man8/groupadd.8.gz
+/usr/share/man/fr/man8/groupdel.8.gz
+/usr/share/man/fr/man8/groupmems.8.gz
+/usr/share/man/fr/man8/groupmod.8.gz
+/usr/share/man/fr/man8/grpck.8.gz
+/usr/share/man/fr/man8/grpconv.8.gz
+/usr/share/man/fr/man8/grpunconv.8.gz
+/usr/share/man/fr/man8/newusers.8.gz
+/usr/share/man/fr/man8/pwck.8.gz
+/usr/share/man/fr/man8/pwconv.8.gz
+/usr/share/man/fr/man8/pwunconv.8.gz
+/usr/share/man/fr/man8/shadowconfig.8.gz
+/usr/share/man/fr/man8/useradd.8.gz
+/usr/share/man/fr/man8/userdel.8.gz
+/usr/share/man/fr/man8/usermod.8.gz
+/usr/share/man/fr/man8/vigr.8.gz
+/usr/share/man/fr/man8/vipw.8.gz
+/usr/share/man/hu
+/usr/share/man/hu/man1
+/usr/share/man/hu/man1/chsh.1.gz
+/usr/share/man/hu/man1/gpasswd.1.gz
+/usr/share/man/hu/man1/passwd.1.gz
+/usr/share/man/hu/man5
+/usr/share/man/hu/man5/passwd.5.gz
+/usr/share/man/id
+/usr/share/man/id/man1
+/usr/share/man/id/man1/chsh.1.gz
+/usr/share/man/id/man8
+/usr/share/man/id/man8/useradd.8.gz
+/usr/share/man/it
+/usr/share/man/it/man1
+/usr/share/man/it/man1/chage.1.gz
+/usr/share/man/it/man1/chfn.1.gz
+/usr/share/man/it/man1/chsh.1.gz
+/usr/share/man/it/man1/expiry.1.gz
+/usr/share/man/it/man1/gpasswd.1.gz
+/usr/share/man/it/man1/passwd.1.gz
+/usr/share/man/it/man5
+/usr/share/man/it/man5/gshadow.5.gz
+/usr/share/man/it/man5/passwd.5.gz
+/usr/share/man/it/man5/shadow.5.gz
+/usr/share/man/it/man8
+/usr/share/man/it/man8/chpasswd.8.gz
+/usr/share/man/it/man8/groupadd.8.gz
+/usr/share/man/it/man8/groupdel.8.gz
+/usr/share/man/it/man8/groupmems.8.gz
+/usr/share/man/it/man8/groupmod.8.gz
+/usr/share/man/it/man8/grpck.8.gz
+/usr/share/man/it/man8/grpconv.8.gz
+/usr/share/man/it/man8/grpunconv.8.gz
+/usr/share/man/it/man8/newusers.8.gz
+/usr/share/man/it/man8/pwck.8.gz
+/usr/share/man/it/man8/pwconv.8.gz
+/usr/share/man/it/man8/pwunconv.8.gz
+/usr/share/man/it/man8/useradd.8.gz
+/usr/share/man/it/man8/userdel.8.gz
+/usr/share/man/it/man8/usermod.8.gz
+/usr/share/man/it/man8/vigr.8.gz
+/usr/share/man/it/man8/vipw.8.gz
+/usr/share/man/ja
+/usr/share/man/ja/man1
+/usr/share/man/ja/man1/chage.1.gz
+/usr/share/man/ja/man1/chfn.1.gz
+/usr/share/man/ja/man1/chsh.1.gz
+/usr/share/man/ja/man1/expiry.1.gz
+/usr/share/man/ja/man1/gpasswd.1.gz
+/usr/share/man/ja/man1/passwd.1.gz
+/usr/share/man/ja/man5
+/usr/share/man/ja/man5/passwd.5.gz
+/usr/share/man/ja/man5/shadow.5.gz
+/usr/share/man/ja/man8
+/usr/share/man/ja/man8/chpasswd.8.gz
+/usr/share/man/ja/man8/groupadd.8.gz
+/usr/share/man/ja/man8/groupdel.8.gz
+/usr/share/man/ja/man8/groupmod.8.gz
+/usr/share/man/ja/man8/grpck.8.gz
+/usr/share/man/ja/man8/grpconv.8.gz
+/usr/share/man/ja/man8/grpunconv.8.gz
+/usr/share/man/ja/man8/newusers.8.gz
+/usr/share/man/ja/man8/pwck.8.gz
+/usr/share/man/ja/man8/pwconv.8.gz
+/usr/share/man/ja/man8/pwunconv.8.gz
+/usr/share/man/ja/man8/shadowconfig.8.gz
+/usr/share/man/ja/man8/useradd.8.gz
+/usr/share/man/ja/man8/userdel.8.gz
+/usr/share/man/ja/man8/usermod.8.gz
+/usr/share/man/ja/man8/vigr.8.gz
+/usr/share/man/ja/man8/vipw.8.gz
+/usr/share/man/ko
+/usr/share/man/ko/man1
+/usr/share/man/ko/man1/chfn.1.gz
+/usr/share/man/ko/man1/chsh.1.gz
+/usr/share/man/ko/man5
+/usr/share/man/ko/man5/passwd.5.gz
+/usr/share/man/ko/man8
+/usr/share/man/ko/man8/vigr.8.gz
+/usr/share/man/ko/man8/vipw.8.gz
+/usr/share/man/man1
+/usr/share/man/man1/chage.1.gz
+/usr/share/man/man1/chfn.1.gz
+/usr/share/man/man1/chsh.1.gz
+/usr/share/man/man1/expiry.1.gz
+/usr/share/man/man1/gpasswd.1.gz
+/usr/share/man/man1/passwd.1.gz
+/usr/share/man/man5
+/usr/share/man/man5/gshadow.5.gz
+/usr/share/man/man5/passwd.5.gz
+/usr/share/man/man5/shadow.5.gz
+/usr/share/man/man5/subgid.5.gz
+/usr/share/man/man5/subuid.5.gz
+/usr/share/man/man8
+/usr/share/man/man8/chgpasswd.8.gz
+/usr/share/man/man8/chpasswd.8.gz
+/usr/share/man/man8/cpgr.8.gz
+/usr/share/man/man8/cppw.8.gz
+/usr/share/man/man8/groupadd.8.gz
+/usr/share/man/man8/groupdel.8.gz
+/usr/share/man/man8/groupmems.8.gz
+/usr/share/man/man8/groupmod.8.gz
+/usr/share/man/man8/grpck.8.gz
+/usr/share/man/man8/grpconv.8.gz
+/usr/share/man/man8/grpunconv.8.gz
+/usr/share/man/man8/newusers.8.gz
+/usr/share/man/man8/pwck.8.gz
+/usr/share/man/man8/pwconv.8.gz
+/usr/share/man/man8/pwunconv.8.gz
+/usr/share/man/man8/shadowconfig.8.gz
+/usr/share/man/man8/useradd.8.gz
+/usr/share/man/man8/userdel.8.gz
+/usr/share/man/man8/usermod.8.gz
+/usr/share/man/man8/vigr.8.gz
+/usr/share/man/man8/vipw.8.gz
+/usr/share/man/pl
+/usr/share/man/pl/man1
+/usr/share/man/pl/man1/chage.1.gz
+/usr/share/man/pl/man1/chsh.1.gz
+/usr/share/man/pl/man1/expiry.1.gz
+/usr/share/man/pl/man8
+/usr/share/man/pl/man8/groupadd.8.gz
+/usr/share/man/pl/man8/groupdel.8.gz
+/usr/share/man/pl/man8/groupmems.8.gz
+/usr/share/man/pl/man8/groupmod.8.gz
+/usr/share/man/pl/man8/grpck.8.gz
+/usr/share/man/pl/man8/shadowconfig.8.gz
+/usr/share/man/pl/man8/userdel.8.gz
+/usr/share/man/pl/man8/usermod.8.gz
+/usr/share/man/pl/man8/vigr.8.gz
+/usr/share/man/pl/man8/vipw.8.gz
+/usr/share/man/pt_BR
+/usr/share/man/pt_BR/man1
+/usr/share/man/pt_BR/man1/gpasswd.1.gz
+/usr/share/man/pt_BR/man5
+/usr/share/man/pt_BR/man5/passwd.5.gz
+/usr/share/man/pt_BR/man5/shadow.5.gz
+/usr/share/man/pt_BR/man8
+/usr/share/man/pt_BR/man8/groupadd.8.gz
+/usr/share/man/pt_BR/man8/groupdel.8.gz
+/usr/share/man/pt_BR/man8/groupmod.8.gz
+/usr/share/man/ru
+/usr/share/man/ru/man1
+/usr/share/man/ru/man1/chage.1.gz
+/usr/share/man/ru/man1/chfn.1.gz
+/usr/share/man/ru/man1/chsh.1.gz
+/usr/share/man/ru/man1/expiry.1.gz
+/usr/share/man/ru/man1/gpasswd.1.gz
+/usr/share/man/ru/man1/passwd.1.gz
+/usr/share/man/ru/man5
+/usr/share/man/ru/man5/gshadow.5.gz
+/usr/share/man/ru/man5/passwd.5.gz
+/usr/share/man/ru/man5/shadow.5.gz
+/usr/share/man/ru/man8
+/usr/share/man/ru/man8/chpasswd.8.gz
+/usr/share/man/ru/man8/groupadd.8.gz
+/usr/share/man/ru/man8/groupdel.8.gz
+/usr/share/man/ru/man8/groupmems.8.gz
+/usr/share/man/ru/man8/groupmod.8.gz
+/usr/share/man/ru/man8/grpck.8.gz
+/usr/share/man/ru/man8/grpconv.8.gz
+/usr/share/man/ru/man8/grpunconv.8.gz
+/usr/share/man/ru/man8/newusers.8.gz
+/usr/share/man/ru/man8/pwck.8.gz
+/usr/share/man/ru/man8/pwconv.8.gz
+/usr/share/man/ru/man8/pwunconv.8.gz
+/usr/share/man/ru/man8/useradd.8.gz
+/usr/share/man/ru/man8/userdel.8.gz
+/usr/share/man/ru/man8/usermod.8.gz
+/usr/share/man/ru/man8/vigr.8.gz
+/usr/share/man/ru/man8/vipw.8.gz
+/usr/share/man/sv
+/usr/share/man/sv/man1
+/usr/share/man/sv/man1/chage.1.gz
+/usr/share/man/sv/man1/chsh.1.gz
+/usr/share/man/sv/man1/expiry.1.gz
+/usr/share/man/sv/man1/passwd.1.gz
+/usr/share/man/sv/man5
+/usr/share/man/sv/man5/gshadow.5.gz
+/usr/share/man/sv/man5/passwd.5.gz
+/usr/share/man/sv/man8
+/usr/share/man/sv/man8/groupadd.8.gz
+/usr/share/man/sv/man8/groupdel.8.gz
+/usr/share/man/sv/man8/groupmems.8.gz
+/usr/share/man/sv/man8/groupmod.8.gz
+/usr/share/man/sv/man8/grpck.8.gz
+/usr/share/man/sv/man8/pwck.8.gz
+/usr/share/man/sv/man8/userdel.8.gz
+/usr/share/man/sv/man8/vigr.8.gz
+/usr/share/man/sv/man8/vipw.8.gz
+/usr/share/man/tr
+/usr/share/man/tr/man1
+/usr/share/man/tr/man1/chage.1.gz
+/usr/share/man/tr/man1/chfn.1.gz
+/usr/share/man/tr/man1/passwd.1.gz
+/usr/share/man/tr/man5
+/usr/share/man/tr/man5/passwd.5.gz
+/usr/share/man/tr/man5/shadow.5.gz
+/usr/share/man/tr/man8
+/usr/share/man/tr/man8/groupadd.8.gz
+/usr/share/man/tr/man8/groupdel.8.gz
+/usr/share/man/tr/man8/groupmod.8.gz
+/usr/share/man/tr/man8/useradd.8.gz
+/usr/share/man/tr/man8/userdel.8.gz
+/usr/share/man/tr/man8/usermod.8.gz
+/usr/share/man/zh_CN
+/usr/share/man/zh_CN/man1
+/usr/share/man/zh_CN/man1/chage.1.gz
+/usr/share/man/zh_CN/man1/chfn.1.gz
+/usr/share/man/zh_CN/man1/chsh.1.gz
+/usr/share/man/zh_CN/man1/expiry.1.gz
+/usr/share/man/zh_CN/man1/gpasswd.1.gz
+/usr/share/man/zh_CN/man1/passwd.1.gz
+/usr/share/man/zh_CN/man5
+/usr/share/man/zh_CN/man5/gshadow.5.gz
+/usr/share/man/zh_CN/man5/passwd.5.gz
+/usr/share/man/zh_CN/man5/shadow.5.gz
+/usr/share/man/zh_CN/man8
+/usr/share/man/zh_CN/man8/chpasswd.8.gz
+/usr/share/man/zh_CN/man8/groupadd.8.gz
+/usr/share/man/zh_CN/man8/groupdel.8.gz
+/usr/share/man/zh_CN/man8/groupmems.8.gz
+/usr/share/man/zh_CN/man8/groupmod.8.gz
+/usr/share/man/zh_CN/man8/grpck.8.gz
+/usr/share/man/zh_CN/man8/grpconv.8.gz
+/usr/share/man/zh_CN/man8/grpunconv.8.gz
+/usr/share/man/zh_CN/man8/newusers.8.gz
+/usr/share/man/zh_CN/man8/pwck.8.gz
+/usr/share/man/zh_CN/man8/pwconv.8.gz
+/usr/share/man/zh_CN/man8/pwunconv.8.gz
+/usr/share/man/zh_CN/man8/useradd.8.gz
+/usr/share/man/zh_CN/man8/userdel.8.gz
+/usr/share/man/zh_CN/man8/usermod.8.gz
+/usr/share/man/zh_CN/man8/vigr.8.gz
+/usr/share/man/zh_CN/man8/vipw.8.gz
+/usr/share/man/zh_TW
+/usr/share/man/zh_TW/man1
+/usr/share/man/zh_TW/man1/chfn.1.gz
+/usr/share/man/zh_TW/man1/chsh.1.gz
+/usr/share/man/zh_TW/man5
+/usr/share/man/zh_TW/man5/passwd.5.gz
+/usr/share/man/zh_TW/man8
+/usr/share/man/zh_TW/man8/chpasswd.8.gz
+/usr/share/man/zh_TW/man8/groupadd.8.gz
+/usr/share/man/zh_TW/man8/groupdel.8.gz
+/usr/share/man/zh_TW/man8/groupmod.8.gz
+/usr/share/man/zh_TW/man8/useradd.8.gz
+/usr/share/man/zh_TW/man8/userdel.8.gz
+/usr/share/man/zh_TW/man8/usermod.8.gz
diff --git a/tests/debian/01/run b/tests/debian/01/run
new file mode 100755
index 0000000..6db7cf0
--- /dev/null
+++ b/tests/debian/01/run
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+# The goal of this test is to check the distributed files (as debdiff)
+
+save()
+{
+	[ ! -d tmp ] && mkdir tmp
+}
+
+restore()
+{
+	rm tmp/login_files tmp/passwd_files
+	rmdir tmp
+}
+
+save
+
+trap 'restore' 0
+
+dpkg -L login | sort > tmp/login_files
+dpkg -L passwd | sort > tmp/passwd_files
+
+echo -n "Checking the login files..."
+diff -u data/login_files tmp/login_files
+echo "OK"
+echo -n "Checking the passwd files..."
+diff -u data/passwd_files tmp/passwd_files
+echo OK
+
diff --git a/tests/debian/02/run b/tests/debian/02/run
new file mode 100755
index 0000000..a305c37
--- /dev/null
+++ b/tests/debian/02/run
@@ -0,0 +1,28 @@
+#!/bin/sh
+
+# This test check if passwd or login provide files also distributed by
+# another package.
+# The goal is to detect new package for the Replaces or Conflicts fields,
+# or to tighten these relationships.
+#
+# It supposes that we will at least Replaces/Conflicts on the i386
+# architecture.
+
+wget -c http://ftp2.fr.debian.org/debian/dists/unstable/Contents-i386.gz
+
+for pkg in login passwd
+    do
+    dpkg -L $pkg | sed -e 's/^\///' |
+    {
+        while read file
+        do
+            [ -f "/$file" ] && echo "^$file	"
+        done
+    } > files
+
+    echo "List of files that the $pkg package currently replaces:"
+    zgrep -E -f files Contents-i386.gz | grep -Ev " admin/(login|passwd)$"
+done
+
+rm -f files Contents-i386.gz
+
diff --git a/tests/expiry/01_expiry_-c_no_expiry/config/etc/group b/tests/expiry/01_expiry_-c_no_expiry/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/01_expiry_-c_no_expiry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/01_expiry_-c_no_expiry/config/etc/gshadow b/tests/expiry/01_expiry_-c_no_expiry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/01_expiry_-c_no_expiry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/01_expiry_-c_no_expiry/config/etc/passwd b/tests/expiry/01_expiry_-c_no_expiry/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/01_expiry_-c_no_expiry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/01_expiry_-c_no_expiry/config/etc/shadow b/tests/expiry/01_expiry_-c_no_expiry/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/expiry/01_expiry_-c_no_expiry/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/01_expiry_-c_no_expiry/expiry.exp b/tests/expiry/01_expiry_-c_no_expiry/expiry.exp
new file mode 100755
index 0000000..a24b624
--- /dev/null
+++ b/tests/expiry/01_expiry_-c_no_expiry/expiry.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "expiry -c\r"
+expect "# "
+send "echo \$?\r"
+expect "0"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/expiry/01_expiry_-c_no_expiry/expiry.test b/tests/expiry/01_expiry_-c_no_expiry/expiry.test
new file mode 100755
index 0000000..68d6532
--- /dev/null
+++ b/tests/expiry/01_expiry_-c_no_expiry/expiry.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry can verify that a password is not expired"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./expiry.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/02_expiry_-c_expired/config/etc/group b/tests/expiry/02_expiry_-c_expired/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/02_expiry_-c_expired/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/02_expiry_-c_expired/config/etc/gshadow b/tests/expiry/02_expiry_-c_expired/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/02_expiry_-c_expired/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/02_expiry_-c_expired/config/etc/passwd b/tests/expiry/02_expiry_-c_expired/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/02_expiry_-c_expired/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/02_expiry_-c_expired/config/etc/shadow b/tests/expiry/02_expiry_-c_expired/config/etc/shadow
new file mode 100644
index 0000000..33d60bf
--- /dev/null
+++ b/tests/expiry/02_expiry_-c_expired/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/02_expiry_-c_expired/expiry.exp b/tests/expiry/02_expiry_-c_expired/expiry.exp
new file mode 100755
index 0000000..a2dd1ba
--- /dev/null
+++ b/tests/expiry/02_expiry_-c_expired/expiry.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "expiry -c\r"
+expect "# "
+send "echo \$?\r"
+expect "1"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/expiry/02_expiry_-c_expired/expiry.test b/tests/expiry/02_expiry_-c_expired/expiry.test
new file mode 100755
index 0000000..68d6532
--- /dev/null
+++ b/tests/expiry/02_expiry_-c_expired/expiry.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry can verify that a password is not expired"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./expiry.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/03_expiry_-f_expired/config/etc/group b/tests/expiry/03_expiry_-f_expired/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/03_expiry_-f_expired/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/03_expiry_-f_expired/config/etc/gshadow b/tests/expiry/03_expiry_-f_expired/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/03_expiry_-f_expired/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/03_expiry_-f_expired/config/etc/pam.d/common-password b/tests/expiry/03_expiry_-f_expired/config/etc/pam.d/common-password
new file mode 100644
index 0000000..cb8c7b7
--- /dev/null
+++ b/tests/expiry/03_expiry_-f_expired/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords.  Without this option,
+# the default is Unix crypt.  Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/expiry/03_expiry_-f_expired/config/etc/passwd b/tests/expiry/03_expiry_-f_expired/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/03_expiry_-f_expired/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/03_expiry_-f_expired/config/etc/shadow b/tests/expiry/03_expiry_-f_expired/config/etc/shadow
new file mode 100644
index 0000000..33d60bf
--- /dev/null
+++ b/tests/expiry/03_expiry_-f_expired/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/03_expiry_-f_expired/data/shadow b/tests/expiry/03_expiry_-f_expired/data/shadow
new file mode 100644
index 0000000..83da315
--- /dev/null
+++ b/tests/expiry/03_expiry_-f_expired/data/shadow
@@ -0,0 +1,20 @@
+root:@PASS_SHA512 password@:@TODAY@:0:1:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/03_expiry_-f_expired/expiry.exp b/tests/expiry/03_expiry_-f_expired/expiry.exp
new file mode 100755
index 0000000..5f1b960
--- /dev/null
+++ b/tests/expiry/03_expiry_-f_expired/expiry.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "expiry -f\r"
+expect "Your password has expired.  Choose a new password."
+expect "Enter new UNIX password: "
+send "password\r"
+expect "Retype new UNIX password: "
+send "password\r"
+expect "passwd: password updated successfully"
+expect "# "
+send "echo \$?\r"
+expect "0"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/expiry/03_expiry_-f_expired/expiry.test b/tests/expiry/03_expiry_-f_expired/expiry.test
new file mode 100755
index 0000000..252afb1
--- /dev/null
+++ b/tests/expiry/03_expiry_-f_expired/expiry.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry can verify that a password is not expired"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./expiry.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/04_expiry_no_options/config/etc/group b/tests/expiry/04_expiry_no_options/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/04_expiry_no_options/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/04_expiry_no_options/config/etc/gshadow b/tests/expiry/04_expiry_no_options/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/04_expiry_no_options/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/04_expiry_no_options/config/etc/passwd b/tests/expiry/04_expiry_no_options/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/04_expiry_no_options/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/04_expiry_no_options/config/etc/shadow b/tests/expiry/04_expiry_no_options/config/etc/shadow
new file mode 100644
index 0000000..33d60bf
--- /dev/null
+++ b/tests/expiry/04_expiry_no_options/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/04_expiry_no_options/data/usage.out b/tests/expiry/04_expiry_no_options/data/usage.out
new file mode 100644
index 0000000..ab67c87
--- /dev/null
+++ b/tests/expiry/04_expiry_no_options/data/usage.out
@@ -0,0 +1,8 @@
+Usage: expiry [options]
+
+Options:
+  -c, --check                   check the user's password expiration
+  -f, --force                   force password change if the user's password
+                                is expired
+  -h, --help                    display this help message and exit
+
diff --git a/tests/expiry/04_expiry_no_options/expiry.test b/tests/expiry/04_expiry_no_options/expiry.test
new file mode 100755
index 0000000..02c6cbb
--- /dev/null
+++ b/tests/expiry/04_expiry_no_options/expiry.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry provides an Usage message if no options are given"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call expiry without any option (expiry)..."
+expiry 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "expiry reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/group b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/gshadow b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/passwd b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/shadow b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/expiry/05_expiry_-c_no_shadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/expiry.exp b/tests/expiry/05_expiry_-c_no_shadow_file/expiry.exp
new file mode 100755
index 0000000..a24b624
--- /dev/null
+++ b/tests/expiry/05_expiry_-c_no_shadow_file/expiry.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "expiry -c\r"
+expect "# "
+send "echo \$?\r"
+expect "0"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/expiry/05_expiry_-c_no_shadow_file/expiry.test b/tests/expiry/05_expiry_-c_no_shadow_file/expiry.test
new file mode 100755
index 0000000..0251edd
--- /dev/null
+++ b/tests/expiry/05_expiry_-c_no_shadow_file/expiry.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry can verify that a password is not expired"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+./expiry.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check that there are no shadow files..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/group b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/gshadow b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/passwd b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/shadow b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..3789b9f
--- /dev/null
+++ b/tests/expiry/06_expiry_-c_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.exp b/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.exp
new file mode 100755
index 0000000..a24b624
--- /dev/null
+++ b/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "expiry -c\r"
+expect "# "
+send "echo \$?\r"
+expect "0"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.test b/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.test
new file mode 100755
index 0000000..68d6532
--- /dev/null
+++ b/tests/expiry/06_expiry_-c_no_shadow_entry/expiry.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry can verify that a password is not expired"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./expiry.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/07_expiry_-c_expired_account/config/etc/group b/tests/expiry/07_expiry_-c_expired_account/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/07_expiry_-c_expired_account/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/07_expiry_-c_expired_account/config/etc/gshadow b/tests/expiry/07_expiry_-c_expired_account/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/07_expiry_-c_expired_account/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/07_expiry_-c_expired_account/config/etc/passwd b/tests/expiry/07_expiry_-c_expired_account/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/07_expiry_-c_expired_account/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/07_expiry_-c_expired_account/config/etc/shadow b/tests/expiry/07_expiry_-c_expired_account/config/etc/shadow
new file mode 100644
index 0000000..319082d
--- /dev/null
+++ b/tests/expiry/07_expiry_-c_expired_account/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7::13000:
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/07_expiry_-c_expired_account/expiry.exp b/tests/expiry/07_expiry_-c_expired_account/expiry.exp
new file mode 100755
index 0000000..1f69e79
--- /dev/null
+++ b/tests/expiry/07_expiry_-c_expired_account/expiry.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "expiry -c\r"
+expect "# "
+send "echo \$?\r"
+expect "3"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/expiry/07_expiry_-c_expired_account/expiry.test b/tests/expiry/07_expiry_-c_expired_account/expiry.test
new file mode 100755
index 0000000..68d6532
--- /dev/null
+++ b/tests/expiry/07_expiry_-c_expired_account/expiry.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry can verify that a password is not expired"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./expiry.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/group b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/gshadow b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/passwd b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/shadow b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/shadow
new file mode 100644
index 0000000..65489e7
--- /dev/null
+++ b/tests/expiry/08_expiry_-c_expired_max+inact/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:10:7:10::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/expiry.exp b/tests/expiry/08_expiry_-c_expired_max+inact/expiry.exp
new file mode 100755
index 0000000..9ad091f
--- /dev/null
+++ b/tests/expiry/08_expiry_-c_expired_max+inact/expiry.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "expiry -c\r"
+expect "# "
+send "echo \$?\r"
+expect "2"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/expiry/08_expiry_-c_expired_max+inact/expiry.test b/tests/expiry/08_expiry_-c_expired_max+inact/expiry.test
new file mode 100755
index 0000000..68d6532
--- /dev/null
+++ b/tests/expiry/08_expiry_-c_expired_max+inact/expiry.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry can verify that a password is not expired"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./expiry.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/group b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/gshadow b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/passwd b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/shadow b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/shadow
new file mode 100644
index 0000000..bf371c0
--- /dev/null
+++ b/tests/expiry/09_expiry_-c_expired_not_inactive/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:9000:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.exp b/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.exp
new file mode 100755
index 0000000..a24b624
--- /dev/null
+++ b/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "expiry -c\r"
+expect "# "
+send "echo \$?\r"
+expect "0"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.test b/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.test
new file mode 100755
index 0000000..68d6532
--- /dev/null
+++ b/tests/expiry/09_expiry_-c_expired_not_inactive/expiry.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "expiry can verify that a password is not expired"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./expiry.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/10_expiry_bad_option/config/etc/group b/tests/expiry/10_expiry_bad_option/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/10_expiry_bad_option/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/10_expiry_bad_option/config/etc/gshadow b/tests/expiry/10_expiry_bad_option/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/10_expiry_bad_option/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/10_expiry_bad_option/config/etc/passwd b/tests/expiry/10_expiry_bad_option/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/10_expiry_bad_option/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/10_expiry_bad_option/config/etc/shadow b/tests/expiry/10_expiry_bad_option/config/etc/shadow
new file mode 100644
index 0000000..33d60bf
--- /dev/null
+++ b/tests/expiry/10_expiry_bad_option/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/10_expiry_bad_option/data/usage.out b/tests/expiry/10_expiry_bad_option/data/usage.out
new file mode 100644
index 0000000..c2d9716
--- /dev/null
+++ b/tests/expiry/10_expiry_bad_option/data/usage.out
@@ -0,0 +1,9 @@
+expiry: invalid option -- 'Z'
+Usage: expiry [options]
+
+Options:
+  -c, --check                   check the user's password expiration
+  -f, --force                   force password change if the user's password
+                                is expired
+  -h, --help                    display this help message and exit
+
diff --git a/tests/expiry/10_expiry_bad_option/expiry.test b/tests/expiry/10_expiry_bad_option/expiry.test
new file mode 100755
index 0000000..bcbbb60
--- /dev/null
+++ b/tests/expiry/10_expiry_bad_option/expiry.test
@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+log_start "$0" "expiry provides an Usage message if an invalid option is given"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call expiry with an invalid option (expiry -Z)..."
+expiry -Z 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "expiry reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/11_expiry_usage/config/etc/group b/tests/expiry/11_expiry_usage/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/11_expiry_usage/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/11_expiry_usage/config/etc/gshadow b/tests/expiry/11_expiry_usage/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/11_expiry_usage/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/11_expiry_usage/config/etc/passwd b/tests/expiry/11_expiry_usage/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/11_expiry_usage/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/11_expiry_usage/config/etc/shadow b/tests/expiry/11_expiry_usage/config/etc/shadow
new file mode 100644
index 0000000..33d60bf
--- /dev/null
+++ b/tests/expiry/11_expiry_usage/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/11_expiry_usage/data/usage.out b/tests/expiry/11_expiry_usage/data/usage.out
new file mode 100644
index 0000000..ab67c87
--- /dev/null
+++ b/tests/expiry/11_expiry_usage/data/usage.out
@@ -0,0 +1,8 @@
+Usage: expiry [options]
+
+Options:
+  -c, --check                   check the user's password expiration
+  -f, --force                   force password change if the user's password
+                                is expired
+  -h, --help                    display this help message and exit
+
diff --git a/tests/expiry/11_expiry_usage/expiry.test b/tests/expiry/11_expiry_usage/expiry.test
new file mode 100755
index 0000000..8aa7aaf
--- /dev/null
+++ b/tests/expiry/11_expiry_usage/expiry.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+log_start "$0" "expiry can displayits usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get expiry usage message (expiry --help)..."
+expiry --help >tmp/usage.out
+echo "OK"
+
+echo "expiry reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/12_expiry_extra_arg/config/etc/group b/tests/expiry/12_expiry_extra_arg/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/12_expiry_extra_arg/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/12_expiry_extra_arg/config/etc/gshadow b/tests/expiry/12_expiry_extra_arg/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/12_expiry_extra_arg/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/12_expiry_extra_arg/config/etc/passwd b/tests/expiry/12_expiry_extra_arg/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/12_expiry_extra_arg/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/12_expiry_extra_arg/config/etc/shadow b/tests/expiry/12_expiry_extra_arg/config/etc/shadow
new file mode 100644
index 0000000..33d60bf
--- /dev/null
+++ b/tests/expiry/12_expiry_extra_arg/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/12_expiry_extra_arg/data/usage.out b/tests/expiry/12_expiry_extra_arg/data/usage.out
new file mode 100644
index 0000000..f250f48
--- /dev/null
+++ b/tests/expiry/12_expiry_extra_arg/data/usage.out
@@ -0,0 +1,9 @@
+expiry: unexpected argument: foo
+Usage: expiry [options]
+
+Options:
+  -c, --check                   check the user's password expiration
+  -f, --force                   force password change if the user's password
+                                is expired
+  -h, --help                    display this help message and exit
+
diff --git a/tests/expiry/12_expiry_extra_arg/expiry.test b/tests/expiry/12_expiry_extra_arg/expiry.test
new file mode 100755
index 0000000..ea6fa08
--- /dev/null
+++ b/tests/expiry/12_expiry_extra_arg/expiry.test
@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+log_start "$0" "expiry check that no argument remain onthecommand line"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call expiry with an extra argument (expiry -f foo)..."
+expiry -f foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "expiry reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/expiry/13_expiry_usage-c-f/config/etc/group b/tests/expiry/13_expiry_usage-c-f/config/etc/group
new file mode 100644
index 0000000..d1e687c
--- /dev/null
+++ b/tests/expiry/13_expiry_usage-c-f/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x
diff --git a/tests/expiry/13_expiry_usage-c-f/config/etc/gshadow b/tests/expiry/13_expiry_usage-c-f/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/expiry/13_expiry_usage-c-f/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/expiry/13_expiry_usage-c-f/config/etc/passwd b/tests/expiry/13_expiry_usage-c-f/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/expiry/13_expiry_usage-c-f/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/expiry/13_expiry_usage-c-f/config/etc/shadow b/tests/expiry/13_expiry_usage-c-f/config/etc/shadow
new file mode 100644
index 0000000..33d60bf
--- /dev/null
+++ b/tests/expiry/13_expiry_usage-c-f/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:1:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/expiry/13_expiry_usage-c-f/data/usage.out b/tests/expiry/13_expiry_usage-c-f/data/usage.out
new file mode 100644
index 0000000..d0305e3
--- /dev/null
+++ b/tests/expiry/13_expiry_usage-c-f/data/usage.out
@@ -0,0 +1,9 @@
+expiry: options -c and -f conflict
+Usage: expiry [options]
+
+Options:
+  -c, --check                   check the user's password expiration
+  -f, --force                   force password change if the user's password
+                                is expired
+  -h, --help                    display this help message and exit
+
diff --git a/tests/expiry/13_expiry_usage-c-f/expiry.test b/tests/expiry/13_expiry_usage-c-f/expiry.test
new file mode 100755
index 0000000..8a6a14a
--- /dev/null
+++ b/tests/expiry/13_expiry_usage-c-f/expiry.test
@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+log_start "$0" "expiry check that the -c and -f flags are not used at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call expiry with the -c and -f flags (expiry -f -c)..."
+expiry -f -c 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "expiry reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/chage.test b/tests/failures/chage/01_chage_openRW_passwd_failure/chage.test
new file mode 100755
index 0000000..9ae1ff7
--- /dev/null
+++ b/tests/failures/chage/01_chage_openRW_passwd_failure/chage.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chage report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0
+
+change_config
+
+echo -n "Remove setgid flag on chage..."
+chmod g-s /usr/bin/chage
+echo "OK"
+
+echo -n "Change bin's shell (chage -I 12 bin)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd chage -I 12 bin 2>tmp/chage.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Restore setgid flag on chage..."
+chmod g+s /usr/bin/chage
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/chage.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chage.err tmp/chage.err
+echo "error message OK."
+rm -f tmp/chage.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config.txt b/tests/failures/chage/01_chage_openRW_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/group b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/gshadow b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/login.defs b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/passwd b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/shadow b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chage/01_chage_openRW_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chage/01_chage_openRW_passwd_failure/data/chage.err b/tests/failures/chage/01_chage_openRW_passwd_failure/data/chage.err
new file mode 100644
index 0000000..bdfd8e2
--- /dev/null
+++ b/tests/failures/chage/01_chage_openRW_passwd_failure/data/chage.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+chage: cannot open /etc/passwd
diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/chage.test b/tests/failures/chage/02_chage_openRO_passwd_failure/chage.test
new file mode 100755
index 0000000..23df6c6
--- /dev/null
+++ b/tests/failures/chage/02_chage_openRO_passwd_failure/chage.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chage report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0
+
+change_config
+
+echo -n "Remove setgid flag on chage..."
+chmod g-s /usr/bin/chage
+echo "OK"
+
+echo -n "Change bin's shell (chage -l bin)..."
+LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/passwd chage -l bin 2>tmp/chage.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Restore setgid flag on chage..."
+chmod g+s /usr/bin/chage
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/chage.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chage.err tmp/chage.err
+echo "error message OK."
+rm -f tmp/chage.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config.txt b/tests/failures/chage/02_chage_openRO_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/group b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/gshadow b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/login.defs b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/passwd b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/shadow b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chage/02_chage_openRO_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chage/02_chage_openRO_passwd_failure/data/chage.err b/tests/failures/chage/02_chage_openRO_passwd_failure/data/chage.err
new file mode 100644
index 0000000..38f6955
--- /dev/null
+++ b/tests/failures/chage/02_chage_openRO_passwd_failure/data/chage.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 0 ...
+chage: cannot open /etc/passwd
diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/chage.test b/tests/failures/chage/03_chage_openRW_shadow_failure/chage.test
new file mode 100755
index 0000000..1469b78
--- /dev/null
+++ b/tests/failures/chage/03_chage_openRW_shadow_failure/chage.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chage report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0
+
+change_config
+
+echo -n "Remove setgid flag on chage..."
+chmod g-s /usr/bin/chage
+echo "OK"
+
+echo -n "Change bin's shell (chage -I 12 bin)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow chage -I 12 bin 2>tmp/chage.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Restore setgid flag on chage..."
+chmod g+s /usr/bin/chage
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/chage.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chage.err tmp/chage.err
+echo "error message OK."
+rm -f tmp/chage.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config.txt b/tests/failures/chage/03_chage_openRW_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/group b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/gshadow b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/login.defs b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/passwd b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/shadow b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chage/03_chage_openRW_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chage/03_chage_openRW_shadow_failure/data/chage.err b/tests/failures/chage/03_chage_openRW_shadow_failure/data/chage.err
new file mode 100644
index 0000000..a814928
--- /dev/null
+++ b/tests/failures/chage/03_chage_openRW_shadow_failure/data/chage.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 2 ...
+chage: cannot open /etc/shadow
diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/chage.test b/tests/failures/chage/04_chage_openRO_shadow_failure/chage.test
new file mode 100755
index 0000000..55a0a94
--- /dev/null
+++ b/tests/failures/chage/04_chage_openRO_shadow_failure/chage.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chage report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0
+
+change_config
+
+echo -n "Remove setgid flag on chage..."
+chmod g-s /usr/bin/chage
+echo "OK"
+
+echo -n "Change bin's shell (chage -l bin)..."
+LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/shadow chage -l bin 2>tmp/chage.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Restore setgid flag on chage..."
+chmod g+s /usr/bin/chage
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/chage.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chage.err tmp/chage.err
+echo "error message OK."
+rm -f tmp/chage.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config.txt b/tests/failures/chage/04_chage_openRO_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/group b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/gshadow b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/login.defs b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/passwd b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/shadow b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chage/04_chage_openRO_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chage/04_chage_openRO_shadow_failure/data/chage.err b/tests/failures/chage/04_chage_openRO_shadow_failure/data/chage.err
new file mode 100644
index 0000000..38aeca7
--- /dev/null
+++ b/tests/failures/chage/04_chage_openRO_shadow_failure/data/chage.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 0 ...
+chage: cannot open /etc/shadow
diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/chage.test b/tests/failures/chage/05_chage_rename_shadow_failure/chage.test
new file mode 100755
index 0000000..e5e406a
--- /dev/null
+++ b/tests/failures/chage/05_chage_rename_shadow_failure/chage.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chage report failures to write the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0
+
+change_config
+
+echo -n "Remove setgid flag on chage..."
+chmod g-s /usr/bin/chage
+echo "OK"
+
+echo -n "Change bin's inactivity period (chage -I 12 bin)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow chage -I 12 bin 2>tmp/chage.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Restore setgid flag on chage..."
+chmod g+s /usr/bin/chage
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/chage.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chage.err tmp/chage.err
+echo "error message OK."
+rm -f tmp/chage.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config.txt b/tests/failures/chage/05_chage_rename_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chage/05_chage_rename_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/group b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/gshadow b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/login.defs b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/passwd b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/shadow b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chage/05_chage_rename_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chage/05_chage_rename_shadow_failure/data/chage.err b/tests/failures/chage/05_chage_rename_shadow_failure/data/chage.err
new file mode 100644
index 0000000..963f430
--- /dev/null
+++ b/tests/failures/chage/05_chage_rename_shadow_failure/data/chage.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/shadow+ /etc/shadow
+chage: failure while writing changes to /etc/shadow
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/chage.test b/tests/failures/chage/06_chage_rename_passwd_failure/chage.test
new file mode 100755
index 0000000..bd27260
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/chage.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chage report failures to write the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; chmod g+s /usr/bin/chage' 0
+
+change_config
+
+echo -n "Remove setgid flag on chage..."
+chmod g-s /usr/bin/chage
+echo "OK"
+
+echo -n "Change bin's inactivity period (chage -I 12 bin)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd chage -I 12 bin 2>tmp/chage.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Restore setgid flag on chage..."
+chmod g+s /usr/bin/chage
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chage reported:"
+echo "======================================================================="
+cat tmp/chage.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chage.err tmp/chage.err
+echo "error message OK."
+rm -f tmp/chage.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config.txt b/tests/failures/chage/06_chage_rename_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/group b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/gshadow b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/login.defs b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/passwd b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/shadow b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..88faec2
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/data/chage.err b/tests/failures/chage/06_chage_rename_passwd_failure/data/chage.err
new file mode 100644
index 0000000..188d7dd
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/data/chage.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+chage: failure while writing changes to /etc/passwd
diff --git a/tests/failures/chage/06_chage_rename_passwd_failure/data/shadow b/tests/failures/chage/06_chage_rename_passwd_failure/data/shadow
new file mode 100644
index 0000000..d32d937
--- /dev/null
+++ b/tests/failures/chage/06_chage_rename_passwd_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bin:*:::::12::
diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/chgpasswd.test b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/chgpasswd.test
new file mode 100755
index 0000000..e0cedc9
--- /dev/null
+++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/chgpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chgpasswd -e)..."
+echo 'nogroup:test
+lp:test2' | LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config.txt b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/group b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/gshadow b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/login.defs b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/passwd b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/shadow b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/data/chgpasswd.err b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/data/chgpasswd.err
new file mode 100644
index 0000000..572aa4a
--- /dev/null
+++ b/tests/failures/chgpasswd/01_chgpasswd-e_open_group_failure/data/chgpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+chgpasswd: cannot open /etc/group
diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/chgpasswd.test b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/chgpasswd.test
new file mode 100755
index 0000000..784ed0a
--- /dev/null
+++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/chgpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chgpasswd -e)..."
+echo 'nogroup:test
+lp:test2' | LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config.txt b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/group b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/gshadow b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/login.defs b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/passwd b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/shadow b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/data/chgpasswd.err b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/data/chgpasswd.err
new file mode 100644
index 0000000..9db820b
--- /dev/null
+++ b/tests/failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/data/chgpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+chgpasswd: cannot open /etc/gshadow
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/chgpasswd.test b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/chgpasswd.test
new file mode 100755
index 0000000..7e8894a
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/chgpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd reports failure to write /etc/group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chgpasswd -e)..."
+echo 'nogroup:test
+lp:test2' | LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config.txt b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/group b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/group
new file mode 100644
index 0000000..aa30237
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:foo:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/gshadow b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..1b92e48
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/login.defs b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/passwd b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/shadow b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/shadow
new file mode 100644
index 0000000..5ef6dfe
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/chgpasswd.err b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/chgpasswd.err
new file mode 100644
index 0000000..0fb48ad
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/chgpasswd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+chgpasswd: failure while writing changes to /etc/group
diff --git a/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/gshadow b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/gshadow
new file mode 100644
index 0000000..03d3b45
--- /dev/null
+++ b/tests/failures/chgpasswd/03_chgpasswd-e_rename_group_failure/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:test2::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/chgpasswd.test b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/chgpasswd.test
new file mode 100755
index 0000000..135f912
--- /dev/null
+++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/chgpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd reports failure to write /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chgpasswd -e)..."
+echo 'nogroup:test
+lp:test2' | LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config.txt b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/group b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/gshadow b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/login.defs b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/passwd b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..ae5682b
--- /dev/null
+++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:foo:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/shadow b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5ef6dfe
--- /dev/null
+++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/data/chgpasswd.err b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/data/chgpasswd.err
new file mode 100644
index 0000000..187a8eb
--- /dev/null
+++ b/tests/failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/data/chgpasswd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+chgpasswd: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/chpasswd.test b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/chpasswd.test
new file mode 100755
index 0000000..e161ecf
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/chpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd chpasswd -e 2>tmp/chpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config.txt b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/group b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/gshadow b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/login.defs b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/passwd b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/shadow b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/data/chpasswd.err b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/data/chpasswd.err
new file mode 100644
index 0000000..e9e6282
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/data/chpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+chpasswd: cannot open /etc/passwd
diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/chpasswd.test b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/chpasswd.test
new file mode 100755
index 0000000..90060b9
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/chpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow chpasswd -e 2>tmp/chpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config.txt b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/group b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/gshadow b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/login.defs b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/passwd b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/shadow b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/data/chpasswd.err b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/data/chpasswd.err
new file mode 100644
index 0000000..11554c1
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/data/chpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 2 ...
+chpasswd: cannot open /etc/shadow
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/chpasswd.test b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/chpasswd.test
new file mode 100755
index 0000000..6bd8f60
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/chpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd reports failure to write /etc/passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd chpasswd -e 2>tmp/chpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config.txt b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/group b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/gshadow b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/login.defs b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/passwd b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..ae5682b
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:foo:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/shadow b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..5ef6dfe
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/chpasswd.err b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/chpasswd.err
new file mode 100644
index 0000000..0d71e50
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/chpasswd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+chpasswd: failure while writing changes to /etc/passwd
diff --git a/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/shadow b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/shadow
new file mode 100644
index 0000000..08fa354
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:test2:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/chpasswd.test b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/chpasswd.test
new file mode 100755
index 0000000..53fc373
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/chpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd reports failure to write /etc/shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow chpasswd -e 2>tmp/chpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config.txt b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/group b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/gshadow b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/login.defs b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/passwd b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..ae5682b
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:foo:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/shadow b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5ef6dfe
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/data/chpasswd.err b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/data/chpasswd.err
new file mode 100644
index 0000000..dbe7aea
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/data/chpasswd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/shadow+ /etc/shadow
+chpasswd: failure while writing changes to /etc/shadow
diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/chpasswd.test b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/chpasswd.test
new file mode 100755
index 0000000..049ebb9
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd disables aging when time is not set"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | LD_PRELOAD=../../../common/time_0.so chpasswd -e 2>/dev/null
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config.txt b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/group b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/gshadow b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/passwd b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/shadow b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/data/shadow b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/data/shadow
new file mode 100644
index 0000000..f7aa7c0
--- /dev/null
+++ b/tests/failures/chpasswd-PAM/05_chpasswd-e_time_0/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:test2::0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:test::0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/chsh.test b/tests/failures/chsh/01_chsh_open_passwd_failure/chsh.test
new file mode 100755
index 0000000..3e0e4a1
--- /dev/null
+++ b/tests/failures/chsh/01_chsh_open_passwd_failure/chsh.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chsh report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change bin's shell (chsh -s /bin/sh bin)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd chsh -s /bin/sh bin 2>tmp/chsh.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/chsh.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chsh.err tmp/chsh.err
+echo "error message OK."
+rm -f tmp/chsh.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config.txt b/tests/failures/chsh/01_chsh_open_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/group b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/gshadow b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/login.defs b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/passwd b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/shadow b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chsh/01_chsh_open_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chsh/01_chsh_open_passwd_failure/data/chsh.err b/tests/failures/chsh/01_chsh_open_passwd_failure/data/chsh.err
new file mode 100644
index 0000000..0bf9b92
--- /dev/null
+++ b/tests/failures/chsh/01_chsh_open_passwd_failure/data/chsh.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+chsh: cannot open /etc/passwd
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/chsh.test b/tests/failures/chsh/02_chsh_rename_passwd_failure/chsh.test
new file mode 100755
index 0000000..e2c5ecd
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/chsh.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chsh report failures to write the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change bin's shell (chsh -s /bin/sh bin)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd chsh -s /bin/sh bin 2>tmp/chsh.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chsh reported:"
+echo "======================================================================="
+cat tmp/chsh.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chsh.err tmp/chsh.err
+echo "error message OK."
+rm -f tmp/chsh.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config.txt b/tests/failures/chsh/02_chsh_rename_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/group b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/gshadow b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/login.defs b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/passwd b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/shadow b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/data/chsh.err b/tests/failures/chsh/02_chsh_rename_passwd_failure/data/chsh.err
new file mode 100644
index 0000000..958bf31
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/data/chsh.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+chsh: failure while writing changes to /etc/passwd
diff --git a/tests/failures/chsh/02_chsh_rename_passwd_failure/data/shadow b/tests/failures/chsh/02_chsh_rename_passwd_failure/data/shadow
new file mode 100644
index 0000000..b678d83
--- /dev/null
+++ b/tests/failures/chsh/02_chsh_rename_passwd_failure/data/shadow
@@ -0,0 +1,20 @@
+root:*:@TODAY@:0:99999:7:::
+daemon:*:@TODAY@:0:99999:7:::
+bin:*:@TODAY@:0:99999:7:::
+sys:*:@TODAY@:0:99999:7:::
+sync:*:@TODAY@:0:99999:7:::
+games:*:@TODAY@:0:99999:7:::
+man:*:@TODAY@:0:99999:7:::
+lp:*:@TODAY@:0:99999:7:::
+mail:*:@TODAY@:0:99999:7:::
+news:*:@TODAY@:0:99999:7:::
+uucp:*:@TODAY@:0:99999:7:::
+proxy:*:@TODAY@:0:99999:7:::
+www-data:*:@TODAY@:0:99999:7:::
+backup:*:@TODAY@:0:99999:7:::
+list:*:@TODAY@:0:99999:7:::
+irc:*:@TODAY@:0:99999:7:::
+gnats:*:@TODAY@:0:99999:7:::
+nobody:*:@TODAY@:0:99999:7:::
+Debian-exim:*:@TODAY@:0:99999:7:::
+foo:abc:@TODAY@:0:99999:7:::
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config.txt b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/group b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/gshadow b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/login.defs b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/passwd b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/shadow b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/cppw.test b/tests/failures/cppw/01_cppw_open_passwd_in_failure/cppw.test
new file mode 100755
index 0000000..57aa57b
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/cppw.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "cppw report failures when it cannot open the input passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Copy data/passwd (cppw data/passwd)..."
+LD_PRELOAD=../../../common/fopen_failure.so FAILURE_PATH=data/passwd /usr/sbin/cppw data/passwd 2>tmp/cppw.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/cppw.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/cppw.err tmp/cppw.err
+echo "error message OK."
+rm -f tmp/cppw.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/cppw.err b/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/cppw.err
new file mode 100644
index 0000000..3816592
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/cppw.err
@@ -0,0 +1,3 @@
+fopen64 FAILURE data/passwd r ...
+cppw: data/passwd: Input/output error
+cppw: /etc/passwd is unchanged
diff --git a/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/passwd b/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/passwd
new file mode 100644
index 0000000..e8e3c39
--- /dev/null
+++ b/tests/failures/cppw/01_cppw_open_passwd_in_failure/data/passwd
@@ -0,0 +1,17 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config.txt b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/group b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/gshadow b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/login.defs b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/passwd b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/shadow b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/cppw.test b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/cppw.test
new file mode 100755
index 0000000..5ae4ef0
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/cppw.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "cppw report failures when it cannot open the input passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Copy data/passwd (cppw data/passwd)..."
+LD_PRELOAD=../../../common/fopen_failure.so FAILURE_PATH=/etc/passwd.new cppw data/passwd 2>tmp/cppw.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/cppw.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/cppw.err tmp/cppw.err
+echo "error message OK."
+rm -f tmp/cppw.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/cppw.err b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/cppw.err
new file mode 100644
index 0000000..78606fd
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/cppw.err
@@ -0,0 +1,3 @@
+fopen64 FAILURE /etc/passwd.new w ...
+cppw: Couldn't make copy: Input/output error
+cppw: /etc/passwd is unchanged
diff --git a/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/passwd b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/passwd
new file mode 100644
index 0000000..e8e3c39
--- /dev/null
+++ b/tests/failures/cppw/02_cppw_open_passwd_backup_failure/data/passwd
@@ -0,0 +1,17 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config.txt b/tests/failures/cppw/03_cppw_rename_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/group b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/gshadow b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/login.defs b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/passwd b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/shadow b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/cppw.test b/tests/failures/cppw/03_cppw_rename_passwd_failure/cppw.test
new file mode 100755
index 0000000..2e809a7
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/cppw.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "cppw report failures to write the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Copy data/passwd (cppw data/passwd)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd cppw data/passwd 2>tmp/cppw.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "cppw reported:"
+echo "======================================================================="
+cat tmp/cppw.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/cppw.err tmp/cppw.err
+echo "error message OK."
+rm -f tmp/cppw.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/data/cppw.err b/tests/failures/cppw/03_cppw_rename_passwd_failure/data/cppw.err
new file mode 100644
index 0000000..7e27e3e
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/data/cppw.err
@@ -0,0 +1,3 @@
+rename FAILURE /etc/passwd.new /etc/passwd
+cppw: can't copy /etc/passwd.new: Input/output error)
+cppw: /etc/passwd is unchanged
diff --git a/tests/failures/cppw/03_cppw_rename_passwd_failure/data/passwd b/tests/failures/cppw/03_cppw_rename_passwd_failure/data/passwd
new file mode 100644
index 0000000..e8e3c39
--- /dev/null
+++ b/tests/failures/cppw/03_cppw_rename_passwd_failure/data/passwd
@@ -0,0 +1,17 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config.txt b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/group b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/gshadow b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/login.defs b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/passwd b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/shadow b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/data/gpasswd.err b/tests/failures/gpasswd/01_gpasswd_group_open_failure/data/gpasswd.err
new file mode 100644
index 0000000..b159e54
--- /dev/null
+++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+gpasswd: cannot open /etc/group
diff --git a/tests/failures/gpasswd/01_gpasswd_group_open_failure/gpasswd.test b/tests/failures/gpasswd/01_gpasswd_group_open_failure/gpasswd.test
new file mode 100755
index 0000000..a338a97
--- /dev/null
+++ b/tests/failures/gpasswd/01_gpasswd_group_open_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -M root foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group gpasswd -M root foo 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config.txt b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/group b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/gshadow b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/login.defs b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/passwd b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/shadow b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/data/gpasswd.err b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/data/gpasswd.err
new file mode 100644
index 0000000..7d0a31a
--- /dev/null
+++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+gpasswd: cannot open /etc/gshadow
diff --git a/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/gpasswd.test b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/gpasswd.test
new file mode 100755
index 0000000..253afcf
--- /dev/null
+++ b/tests/failures/gpasswd/02_gpasswd_gshadow_open_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -M root foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow gpasswd -M root foo 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config.txt b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/group b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/gshadow b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/login.defs b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/passwd b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/shadow b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/data/gpasswd.err b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/data/gpasswd.err
new file mode 100644
index 0000000..b159e54
--- /dev/null
+++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+gpasswd: cannot open /etc/group
diff --git a/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/gpasswd.test b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/gpasswd.test
new file mode 100755
index 0000000..2b2e663
--- /dev/null
+++ b/tests/failures/gpasswd/03_gpasswd-a_group_open_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -a root foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group gpasswd -a root foo 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config.txt b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/group b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/gshadow b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/login.defs b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/passwd b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/shadow b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/data/gpasswd.err b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/data/gpasswd.err
new file mode 100644
index 0000000..b159e54
--- /dev/null
+++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+gpasswd: cannot open /etc/group
diff --git a/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/gpasswd.test b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/gpasswd.test
new file mode 100755
index 0000000..b52772e
--- /dev/null
+++ b/tests/failures/gpasswd/04_gpasswd-d_group_open_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -d foo users)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group gpasswd -d foo users 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config.txt b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/group b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/gshadow b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/login.defs b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/passwd b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/shadow b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/data/gpasswd.err b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/data/gpasswd.err
new file mode 100644
index 0000000..b159e54
--- /dev/null
+++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+gpasswd: cannot open /etc/group
diff --git a/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/gpasswd.test b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/gpasswd.test
new file mode 100755
index 0000000..2c34af4
--- /dev/null
+++ b/tests/failures/gpasswd/05_gpasswd-r_group_open_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -r foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group gpasswd -r foo 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config.txt b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/group b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/gshadow b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/login.defs b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/passwd b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/shadow b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/data/gpasswd.err b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/data/gpasswd.err
new file mode 100644
index 0000000..7d0a31a
--- /dev/null
+++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+gpasswd: cannot open /etc/gshadow
diff --git a/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/gpasswd.test b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/gpasswd.test
new file mode 100755
index 0000000..47c08e9
--- /dev/null
+++ b/tests/failures/gpasswd/06_gpasswd-R_gshadow_open_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -R foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow gpasswd -R foo 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config.txt b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/group b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/gshadow b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/login.defs b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/passwd b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/shadow b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/data/gpasswd.err b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/data/gpasswd.err
new file mode 100644
index 0000000..7d0a31a
--- /dev/null
+++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+gpasswd: cannot open /etc/gshadow
diff --git a/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/gpasswd.test b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/gpasswd.test
new file mode 100755
index 0000000..84e92c1
--- /dev/null
+++ b/tests/failures/gpasswd/07_gpasswd-A_gshadow_open_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -A root foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow gpasswd -A root foo 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config.txt b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/group b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/gshadow b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/login.defs b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/passwd b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/shadow b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/data/gpasswd.err b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/data/gpasswd.err
new file mode 100644
index 0000000..448b6b3
--- /dev/null
+++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 0 ...
+gpasswd: cannot open /etc/group
diff --git a/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/gpasswd.test b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/gpasswd.test
new file mode 100755
index 0000000..c4fc2a8
--- /dev/null
+++ b/tests/failures/gpasswd/08_gpasswd_group_openRO_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -M root foo)..."
+LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/group gpasswd -M root foo 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config.txt b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/group b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/gshadow b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/login.defs b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/passwd b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/shadow b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/data/gpasswd.err b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/data/gpasswd.err
new file mode 100644
index 0000000..b407c77
--- /dev/null
+++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 0 ...
+gpasswd: cannot open /etc/gshadow
diff --git a/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/gpasswd.test b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/gpasswd.test
new file mode 100755
index 0000000..3093af9
--- /dev/null
+++ b/tests/failures/gpasswd/09_gpasswd_gshadow_openRO_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -M root foo)..."
+LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/gshadow gpasswd -M root foo 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config.txt b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/group b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/gshadow b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/login.defs b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/passwd b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/shadow b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/data/gpasswd.err b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/data/gpasswd.err
new file mode 100644
index 0000000..ad9669b
--- /dev/null
+++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+gpasswd: failure while writing changes to /etc/group
diff --git a/tests/failures/gpasswd/10_gpasswd_group_rename_failure/gpasswd.test b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/gpasswd.test
new file mode 100755
index 0000000..7b654ad
--- /dev/null
+++ b/tests/failures/gpasswd/10_gpasswd_group_rename_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot commit the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -a root foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group gpasswd -a root foo 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config.txt b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/group b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/gshadow b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/login.defs b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/passwd b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/shadow b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/gpasswd.err b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/gpasswd.err
new file mode 100644
index 0000000..75f3e72
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/gpasswd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+gpasswd: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/group b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/group
new file mode 100644
index 0000000..f7ef7ea
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:root
diff --git a/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/gpasswd.test b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/gpasswd.test
new file mode 100755
index 0000000..a7658f5
--- /dev/null
+++ b/tests/failures/gpasswd/11_gpasswd_gshadow_rename_failure/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd report failures when it cannot commit the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (gpasswd -a root foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow gpasswd -a root foo 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config.txt b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/group b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/gshadow b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/login.defs b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/passwd b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/shadow b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/group b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/group
new file mode 100644
index 0000000..6307e25
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:103:
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/groupadd.err b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/groupadd.err
new file mode 100644
index 0000000..add9af0
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/data/groupadd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+groupadd: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/groupadd.test b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/groupadd.test
new file mode 100755
index 0000000..9114782
--- /dev/null
+++ b/tests/failures/groupadd/01_groupadd_gshadow_rename_failure/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd report failures to save a new gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow groupadd foo 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config.txt b/tests/failures/groupadd/02_groupadd_group_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/default/useradd b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/group b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/gshadow b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/login.defs b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/passwd b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/shadow b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/data/groupadd.err b/tests/failures/groupadd/02_groupadd_group_rename_failure/data/groupadd.err
new file mode 100644
index 0000000..62e2205
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/data/groupadd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+groupadd: failure while writing changes to /etc/group
diff --git a/tests/failures/groupadd/02_groupadd_group_rename_failure/groupadd.test b/tests/failures/groupadd/02_groupadd_group_rename_failure/groupadd.test
new file mode 100755
index 0000000..6cfac74
--- /dev/null
+++ b/tests/failures/groupadd/02_groupadd_group_rename_failure/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd report failures to save a new group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group groupadd foo 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config.txt b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/default/useradd b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/group b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/gshadow b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/login.defs b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/passwd b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/shadow b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/data/groupadd.err b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/data/groupadd.err
new file mode 100644
index 0000000..820b124
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/data/groupadd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+groupadd: cannot open /etc/gshadow
diff --git a/tests/failures/groupadd/03_groupadd_gshadow_open_failure/groupadd.test b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/groupadd.test
new file mode 100755
index 0000000..c00a1e3
--- /dev/null
+++ b/tests/failures/groupadd/03_groupadd_gshadow_open_failure/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow groupadd foo 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config.txt b/tests/failures/groupadd/04_groupadd_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/default/useradd b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/group b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/gshadow b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/login.defs b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/passwd b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/shadow b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/data/groupadd.err b/tests/failures/groupadd/04_groupadd_group_open_failure/data/groupadd.err
new file mode 100644
index 0000000..ec69296
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/data/groupadd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+groupadd: cannot open /etc/group
diff --git a/tests/failures/groupadd/04_groupadd_group_open_failure/groupadd.test b/tests/failures/groupadd/04_groupadd_group_open_failure/groupadd.test
new file mode 100755
index 0000000..a07a86a
--- /dev/null
+++ b/tests/failures/groupadd/04_groupadd_group_open_failure/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group groupadd foo 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config.txt b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/group b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..c8c759e
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1002:
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/gshadow b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/login.defs b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/passwd b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/shadow b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/group b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/groupdel.err b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/groupdel.err
new file mode 100644
index 0000000..569464f
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/data/groupdel.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+groupdel: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/groupdel.test b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/groupdel.test
new file mode 100755
index 0000000..5e4d8ad
--- /dev/null
+++ b/tests/failures/groupdel/01_groupdel_gshadow_rename_failure/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel report failures to save a new gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove group foo (groupdel foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow groupdel foo 2>tmp/groupdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config.txt b/tests/failures/groupdel/02_groupdel_group_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/default/useradd b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/group b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/group
new file mode 100644
index 0000000..c8c759e
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1002:
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/gshadow b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/login.defs b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/passwd b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/shadow b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/data/groupdel.err b/tests/failures/groupdel/02_groupdel_group_rename_failure/data/groupdel.err
new file mode 100644
index 0000000..b68ca55
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/data/groupdel.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+groupdel: failure while writing changes to /etc/group
diff --git a/tests/failures/groupdel/02_groupdel_group_rename_failure/groupdel.test b/tests/failures/groupdel/02_groupdel_group_rename_failure/groupdel.test
new file mode 100755
index 0000000..0be68eb
--- /dev/null
+++ b/tests/failures/groupdel/02_groupdel_group_rename_failure/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel report failures to save a new group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove group foo (groupdel foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group groupdel foo 2>tmp/groupdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config.txt b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/default/useradd b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/group b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..c8c759e
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1002:
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/gshadow b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/login.defs b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/passwd b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/shadow b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/data/groupdel.err b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/data/groupdel.err
new file mode 100644
index 0000000..448878e
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/data/groupdel.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+groupdel: cannot open /etc/gshadow
diff --git a/tests/failures/groupdel/03_groupdel_gshadow_open_failure/groupdel.test b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/groupdel.test
new file mode 100755
index 0000000..664ce9f
--- /dev/null
+++ b/tests/failures/groupdel/03_groupdel_gshadow_open_failure/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove group foo (groupdel foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow groupdel foo 2>tmp/groupdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config.txt b/tests/failures/groupdel/04_groupdel_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/default/useradd b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/group b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/group
new file mode 100644
index 0000000..c8c759e
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1002:
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/gshadow b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/login.defs b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/passwd b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/shadow b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/data/groupdel.err b/tests/failures/groupdel/04_groupdel_group_open_failure/data/groupdel.err
new file mode 100644
index 0000000..212e9a1
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/data/groupdel.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+groupdel: cannot open /etc/group
diff --git a/tests/failures/groupdel/04_groupdel_group_open_failure/groupdel.test b/tests/failures/groupdel/04_groupdel_group_open_failure/groupdel.test
new file mode 100755
index 0000000..8a05da7
--- /dev/null
+++ b/tests/failures/groupdel/04_groupdel_group_open_failure/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove group foo (groupdel foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group groupdel foo 2>tmp/groupdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/config.txt b/tests/failures/groupmems/01_groupmems_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmems/01_groupmems_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/group b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/gshadow b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/passwd b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/shadow b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupmems/01_groupmems_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/data/groupmems.err b/tests/failures/groupmems/01_groupmems_group_open_failure/data/groupmems.err
new file mode 100644
index 0000000..1d13747
--- /dev/null
+++ b/tests/failures/groupmems/01_groupmems_group_open_failure/data/groupmems.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+groupmems: cannot open /etc/group
diff --git a/tests/failures/groupmems/01_groupmems_group_open_failure/groupmems.test b/tests/failures/groupmems/01_groupmems_group_open_failure/groupmems.test
new file mode 100755
index 0000000..7b772cf
--- /dev/null
+++ b/tests/failures/groupmems/01_groupmems_group_open_failure/groupmems.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group 1001 (groupmems -g 1001 -a nobody)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group groupmems -g 1001 -a nobody 2>tmp/groupmems.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupmems reported:"
+echo "======================================================================="
+cat tmp/groupmems.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmems.err tmp/groupmems.err
+echo "error message OK."
+rm -f tmp/groupmems.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config.txt b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/group b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/gshadow b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/passwd b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/shadow b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/data/groupmems.err b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/data/groupmems.err
new file mode 100644
index 0000000..3e01ee1
--- /dev/null
+++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/data/groupmems.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+groupmems: cannot open /etc/gshadow
diff --git a/tests/failures/groupmems/02_groupmems_gshadow_open_failure/groupmems.test b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/groupmems.test
new file mode 100755
index 0000000..8be4d6e
--- /dev/null
+++ b/tests/failures/groupmems/02_groupmems_gshadow_open_failure/groupmems.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group 1001 (groupmems -g 1001 -a nobody)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow groupmems -g 1001 -a nobody 2>tmp/groupmems.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupmems reported:"
+echo "======================================================================="
+cat tmp/groupmems.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmems.err tmp/groupmems.err
+echo "error message OK."
+rm -f tmp/groupmems.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config.txt b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/group b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/gshadow b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/login.defs b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/passwd b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/shadow b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/group b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/group
new file mode 100644
index 0000000..75815b9
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/groupmod.err b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/groupmod.err
new file mode 100644
index 0000000..652104e
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/data/groupmod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+groupmod: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/groupmod.test b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/groupmod.test
new file mode 100755
index 0000000..4b19ee8
--- /dev/null
+++ b/tests/failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the name of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar (groupmod -n bar foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow groupmod -n bar foo 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config.txt b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/default/useradd b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/group b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/gshadow b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/login.defs b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/passwd b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/shadow b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/group b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/group
new file mode 100644
index 0000000..b51c3ad
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1001:
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/groupmod.err b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/groupmod.err
new file mode 100644
index 0000000..ee51312
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/data/groupmod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+groupmod: failure while writing changes to /etc/passwd
diff --git a/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/groupmod.test b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/groupmod.test
new file mode 100755
index 0000000..7b38a60
--- /dev/null
+++ b/tests/failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod changes the primary group of users when it changes the GID of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config.txt b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/default/useradd b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/group b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/gshadow b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/login.defs b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/passwd b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/shadow b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/data/groupmod.err b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/data/groupmod.err
new file mode 100644
index 0000000..505d2d4
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/data/groupmod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+groupmod: failure while writing changes to /etc/group
diff --git a/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/groupmod.test b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/groupmod.test
new file mode 100755
index 0000000..966ec7c
--- /dev/null
+++ b/tests/failures/groupmod/03_groupmod_change_group_name_group_rename_failure/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the name of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar (groupmod -n bar foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group groupmod -n bar foo 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config.txt b/tests/failures/groupmod/04_groupmod_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/default/useradd b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/group b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/gshadow b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/login.defs b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/passwd b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/shadow b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/data/groupmod.err b/tests/failures/groupmod/04_groupmod_group_open_failure/data/groupmod.err
new file mode 100644
index 0000000..f892b68
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/data/groupmod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+groupmod: cannot open /etc/group
diff --git a/tests/failures/groupmod/04_groupmod_group_open_failure/groupmod.test b/tests/failures/groupmod/04_groupmod_group_open_failure/groupmod.test
new file mode 100755
index 0000000..ec94d5e
--- /dev/null
+++ b/tests/failures/groupmod/04_groupmod_group_open_failure/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (groupmod -g 1001 foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config.txt b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/default/useradd b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/group b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/gshadow b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/login.defs b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/passwd b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/shadow b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/data/groupmod.err b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/data/groupmod.err
new file mode 100644
index 0000000..0aca92f
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/data/groupmod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+groupmod: cannot open /etc/gshadow
diff --git a/tests/failures/groupmod/05_groupmod_gshadow_open_failure/groupmod.test b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/groupmod.test
new file mode 100755
index 0000000..acf3248
--- /dev/null
+++ b/tests/failures/groupmod/05_groupmod_gshadow_open_failure/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (groupmod -n bar foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow groupmod -n bar foo 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config.txt b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/default/useradd b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/group b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/gshadow b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/login.defs b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/passwd b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/shadow b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/data/group b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/data/group
new file mode 100644
index 0000000..b51c3ad
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1001:
diff --git a/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/groupmod.test b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/groupmod.test
new file mode 100755
index 0000000..c4d41de
--- /dev/null
+++ b/tests/failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod does not need to open gshadow to change a gid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (groupmod -g 1001 foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow groupmod -g 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config.txt b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/default/useradd b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/group b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/gshadow b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/login.defs b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/passwd b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/passwd
new file mode 100644
index 0000000..e396cfd
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+baz:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/shadow b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/shadow
new file mode 100644
index 0000000..8f6ebbd
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/data/groupmod.err b/tests/failures/groupmod/07_groupmod_passwd_open_failure/data/groupmod.err
new file mode 100644
index 0000000..f8a82d0
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/data/groupmod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+groupmod: cannot open /etc/passwd
diff --git a/tests/failures/groupmod/07_groupmod_passwd_open_failure/groupmod.test b/tests/failures/groupmod/07_groupmod_passwd_open_failure/groupmod.test
new file mode 100755
index 0000000..2bcc782
--- /dev/null
+++ b/tests/failures/groupmod/07_groupmod_passwd_open_failure/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo (groupmod -g 1001 foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config.txt b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/default/useradd b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/group b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/gshadow b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/login.defs b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/passwd b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/passwd
new file mode 100644
index 0000000..e396cfd
--- /dev/null
+++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+baz:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/shadow b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/shadow
new file mode 100644
index 0000000..8f6ebbd
--- /dev/null
+++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/groupmod.test b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/groupmod.test
new file mode 100755
index 0000000..b801985
--- /dev/null
+++ b/tests/failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod does not open the passwd file if not needed"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo with same gid (groupmod -g 1000 foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd groupmod -g 1000 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config.txt b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/default/useradd b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/group b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/gshadow b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/login.defs b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/passwd b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/passwd
new file mode 100644
index 0000000..e396cfd
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+baz:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/shadow b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/shadow
new file mode 100644
index 0000000..8f6ebbd
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/group b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/group
new file mode 100644
index 0000000..75815b9
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/gshadow b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/gshadow
new file mode 100644
index 0000000..e814af0
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/groupmod.test b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/groupmod.test
new file mode 100755
index 0000000..7480cf2
--- /dev/null
+++ b/tests/failures/groupmod/09_groupmod_-n_no_passwd_open_failure/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod does not open the passwd file if not needed"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change group foo to bar (groupmod -n bar foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd groupmod -n bar foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config.txt b/tests/failures/grpck/01_grpck_system_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/default/useradd b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/group b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/gshadow b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/login.defs b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/passwd b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/shadow b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/data/grpck.err b/tests/failures/grpck/01_grpck_system_group_open_failure/data/grpck.err
new file mode 100644
index 0000000..378a519
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/data/grpck.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+grpck: cannot open /etc/group
diff --git a/tests/failures/grpck/01_grpck_system_group_open_failure/grpck.test b/tests/failures/grpck/01_grpck_system_group_open_failure/grpck.test
new file mode 100755
index 0000000..288099e
--- /dev/null
+++ b/tests/failures/grpck/01_grpck_system_group_open_failure/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check groups (grpck)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group grpck 2>tmp/grpck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.err tmp/grpck.err
+echo "error message OK."
+rm -f tmp/grpck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config.txt b/tests/failures/grpck/02_grpck_group_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/default/useradd b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/group b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/gshadow b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/login.defs b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/passwd b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/config/etc/shadow b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/data/grpck.err b/tests/failures/grpck/02_grpck_group_open_failure/data/grpck.err
new file mode 100644
index 0000000..c51c8a3
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/data/grpck.err
@@ -0,0 +1,2 @@
+open FAILURE data/group 2 ...
+grpck: cannot open data/group
diff --git a/tests/failures/grpck/02_grpck_group_open_failure/grpck.test b/tests/failures/grpck/02_grpck_group_open_failure/grpck.test
new file mode 100755
index 0000000..41fe2a2
--- /dev/null
+++ b/tests/failures/grpck/02_grpck_group_open_failure/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check groups (grpck data/group)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=data/group grpck data/group 2>tmp/grpck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.err tmp/grpck.err
+echo "error message OK."
+rm -f tmp/grpck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config.txt b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/default/useradd b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/group b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/gshadow b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/login.defs b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/passwd b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/shadow b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/data/grpck.err b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/data/grpck.err
new file mode 100644
index 0000000..d15a190
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/data/grpck.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+grpck: cannot open /etc/gshadow
diff --git a/tests/failures/grpck/03_grpck_system_gshadow_open_failure/grpck.test b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/grpck.test
new file mode 100755
index 0000000..1016fc5
--- /dev/null
+++ b/tests/failures/grpck/03_grpck_system_gshadow_open_failure/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck report failures when it cannot open the system gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check system groups (grpck)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow grpck 2>tmp/grpck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.err tmp/grpck.err
+echo "error message OK."
+rm -f tmp/grpck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config.txt b/tests/failures/grpck/04_grpck_gshadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/default/useradd b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/group b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/gshadow b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/login.defs b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/passwd b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/shadow b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/data/group b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/data/grpck.err b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/grpck.err
new file mode 100644
index 0000000..61aff8a
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/grpck.err
@@ -0,0 +1,2 @@
+open FAILURE data/gshadow 2 ...
+grpck: cannot open data/gshadow
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/data/gshadow b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpck/04_grpck_gshadow_open_failure/grpck.test b/tests/failures/grpck/04_grpck_gshadow_open_failure/grpck.test
new file mode 100755
index 0000000..2510878
--- /dev/null
+++ b/tests/failures/grpck/04_grpck_gshadow_open_failure/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck report failures when it cannot open the local gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check local groups (grpck data/group data/gshadow)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=data/gshadow grpck data/group data/gshadow 2>tmp/grpck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.err tmp/grpck.err
+echo "error message OK."
+rm -f tmp/grpck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config.txt b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/default/useradd b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/group b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/gshadow b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/login.defs b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/passwd b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/shadow b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/data/grpck.err b/tests/failures/grpck/05_grpck_sort_group_rename_failure/data/grpck.err
new file mode 100644
index 0000000..5eecbfd
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/data/grpck.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+grpck: failure while writing changes to /etc/group
diff --git a/tests/failures/grpck/05_grpck_sort_group_rename_failure/grpck.test b/tests/failures/grpck/05_grpck_sort_group_rename_failure/grpck.test
new file mode 100755
index 0000000..40f3ebc
--- /dev/null
+++ b/tests/failures/grpck/05_grpck_sort_group_rename_failure/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck reports failure to write /etc/group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort group (grpck -s)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group grpck -s 2>tmp/grpck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.err tmp/grpck.err
+echo "error message OK."
+rm -f tmp/grpck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config.txt b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/group b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/gshadow b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/login.defs b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/passwd b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/shadow b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/group b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/group
new file mode 100644
index 0000000..a9a2e4c
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
+nogroup:x:65534:
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/grpck.err b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/grpck.err
new file mode 100644
index 0000000..275d87f
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/data/grpck.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+grpck: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/grpck.test b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/grpck.test
new file mode 100755
index 0000000..18f6979
--- /dev/null
+++ b/tests/failures/grpck/06_grpck_sort_gshadow_rename_failure/grpck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpck reports failure to write /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort group (grpck -s)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow grpck -s 2>tmp/grpck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "grpck reported:"
+echo "======================================================================="
+cat tmp/grpck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpck.err tmp/grpck.err
+echo "error message OK."
+rm -f tmp/grpck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config.txt b/tests/failures/grpconv/01_grpconv_open_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/group b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/gshadow b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/login.defs b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/passwd b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/shadow b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpconv/01_grpconv_open_group_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/data/grpconv.err b/tests/failures/grpconv/01_grpconv_open_group_failure/data/grpconv.err
new file mode 100644
index 0000000..e02074e
--- /dev/null
+++ b/tests/failures/grpconv/01_grpconv_open_group_failure/data/grpconv.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+grpconv: cannot open /etc/group
diff --git a/tests/failures/grpconv/01_grpconv_open_group_failure/grpconv.test b/tests/failures/grpconv/01_grpconv_open_group_failure/grpconv.test
new file mode 100755
index 0000000..3398314
--- /dev/null
+++ b/tests/failures/grpconv/01_grpconv_open_group_failure/grpconv.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpconv report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the shadow file..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Disable shadow passwords (grpconv)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group grpconv 2>tmp/grpconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/grpconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpconv.err tmp/grpconv.err
+echo "error message OK."
+rm -f tmp/grpconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config.txt b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/group b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/gshadow b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/login.defs b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/passwd b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/shadow b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/data/grpconv.err b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/data/grpconv.err
new file mode 100644
index 0000000..101f3d5
--- /dev/null
+++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/data/grpconv.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+grpconv: cannot open /etc/gshadow
diff --git a/tests/failures/grpconv/02_grpconv_open_gshadow_failure/grpconv.test b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/grpconv.test
new file mode 100755
index 0000000..77d4161
--- /dev/null
+++ b/tests/failures/grpconv/02_grpconv_open_gshadow_failure/grpconv.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpconv report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the gshadow file..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "Enable gshadow passwords (grpconv)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow grpconv 2>tmp/grpconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/grpconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpconv.err tmp/grpconv.err
+echo "error message OK."
+rm -f tmp/grpconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config.txt b/tests/failures/grpconv/03_grpconv_rename_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/group b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/group
new file mode 100644
index 0000000..5d68f69
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:*:0:
+daemon:*:1:
+bin:*:2:
+sys:*:3:
+adm:*:4:
+tty:*:5:
+disk:*:6:
+lp:*:7:
+mail:*:8:
+news:*:9:
+uucp:*:10:
+man:*:12:
+proxy:*:13:
+kmem:*:15:
+dialout:*:20:
+fax:*:21:
+voice:*:22:
+cdrom:*:24:
+floppy:*:25:
+tape:*:26:
+sudo:*:27:
+audio:*:29:
+dip:*:30:
+www-data:*:33:
+backup:*:34:
+operator:*:37:
+list:*:38:
+irc:*:39:
+src:*:40:
+gnats:*:41:
+shadow:*:42:
+utmp:*:43:
+video:*:44:
+sasl:*:45:
+plugdev:*:46:
+staff:*:50:
+games:*:60:
+users:*:100:
+nogroup:*:65534:
+crontab:*:101:
+Debian-exim:*:102:
+foo:abc:1000:
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/gshadow b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/login.defs b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/passwd b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/shadow b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/data/grpconv.err b/tests/failures/grpconv/03_grpconv_rename_group_failure/data/grpconv.err
new file mode 100644
index 0000000..c1a1171
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/data/grpconv.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+grpconv: failure while writing changes to /etc/group
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/data/gshadow b/tests/failures/grpconv/03_grpconv_rename_group_failure/data/gshadow
new file mode 100644
index 0000000..372fb9b
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:*::
+Debian-exim:*::
+foo:abc::
diff --git a/tests/failures/grpconv/03_grpconv_rename_group_failure/grpconv.test b/tests/failures/grpconv/03_grpconv_rename_group_failure/grpconv.test
new file mode 100755
index 0000000..2d22d15
--- /dev/null
+++ b/tests/failures/grpconv/03_grpconv_rename_group_failure/grpconv.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpconv report failures to write the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the gshadow file..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "Enable gshadow passwords (grpconv)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group grpconv 2>tmp/grpconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/grpconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpconv.err tmp/grpconv.err
+echo "error message OK."
+rm -f tmp/grpconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config.txt b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/group b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/gshadow b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/login.defs b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/passwd b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/shadow b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/data/grpconv.err b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/data/grpconv.err
new file mode 100644
index 0000000..f4eee43
--- /dev/null
+++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/data/grpconv.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+grpconv: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/grpconv.test b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/grpconv.test
new file mode 100755
index 0000000..0537ca4
--- /dev/null
+++ b/tests/failures/grpconv/04_grpconv_rename_gshadow_failure/grpconv.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpconv report failures to write the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the gshadow file..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "Enable gshadow passwords (grpconv)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow grpconv 2>tmp/grpconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "grpconv reported:"
+echo "======================================================================="
+cat tmp/grpconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpconv.err tmp/grpconv.err
+echo "error message OK."
+rm -f tmp/grpconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config.txt b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/group b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/gshadow b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/login.defs b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/passwd b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/shadow b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/data/grpunconv.err b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/data/grpunconv.err
new file mode 100644
index 0000000..33ea6f3
--- /dev/null
+++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/data/grpunconv.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+grpunconv: failure while writing changes to /etc/group
diff --git a/tests/failures/grpunconv/01_grpunconv_group_rename_failure/grpunconv.test b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/grpunconv.test
new file mode 100755
index 0000000..8b4e014
--- /dev/null
+++ b/tests/failures/grpunconv/01_grpunconv_group_rename_failure/grpunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpunconv reports failure to write /etc/group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable shadow passwords (grpunconv)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group grpunconv 2>tmp/grpunconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/grpunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpunconv.err tmp/grpunconv.err
+echo "error message OK."
+rm -f tmp/grpunconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config.txt b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/group b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/gshadow b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/login.defs b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/passwd b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/shadow b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/data/grpunconv.err b/tests/failures/grpunconv/02_grpunconv_open_group_failure/data/grpunconv.err
new file mode 100644
index 0000000..fd1f2de
--- /dev/null
+++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/data/grpunconv.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+grpunconv: cannot open /etc/group
diff --git a/tests/failures/grpunconv/02_grpunconv_open_group_failure/grpunconv.test b/tests/failures/grpunconv/02_grpunconv_open_group_failure/grpunconv.test
new file mode 100755
index 0000000..014788e
--- /dev/null
+++ b/tests/failures/grpunconv/02_grpunconv_open_group_failure/grpunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpunconv report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable shadow passwords (grpunconv)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group grpunconv 2>tmp/grpunconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/grpunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpunconv.err tmp/grpunconv.err
+echo "error message OK."
+rm -f tmp/grpunconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config.txt b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/group b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/gshadow b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/login.defs b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/passwd b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/shadow b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/data/grpunconv.err b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/data/grpunconv.err
new file mode 100644
index 0000000..cb80cfd
--- /dev/null
+++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/data/grpunconv.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 0 ...
+grpunconv: cannot open /etc/gshadow
diff --git a/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/grpunconv.test b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/grpunconv.test
new file mode 100755
index 0000000..4516e06
--- /dev/null
+++ b/tests/failures/grpunconv/03_grpunconv_open_gshadow_failure/grpunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpunconv report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable gshadow passwords (grpunconv)..."
+LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/gshadow grpunconv 2>tmp/grpunconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/grpunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpunconv.err tmp/grpunconv.err
+echo "error message OK."
+rm -f tmp/grpunconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config.txt b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/group b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/gshadow b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/login.defs b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/passwd b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/shadow b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/group b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/group
new file mode 100644
index 0000000..54d3da4
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/group
@@ -0,0 +1,42 @@
+root:*:0:
+daemon:*:1:
+bin:*:2:
+sys:*:3:
+adm:*:4:
+tty:*:5:
+disk:*:6:
+lp:*:7:
+mail:*:8:
+news:*:9:
+uucp:*:10:
+man:*:12:
+proxy:*:13:
+kmem:*:15:
+dialout:*:20:
+fax:*:21:
+voice:*:22:
+cdrom:*:24:
+floppy:*:25:
+tape:*:26:
+sudo:*:27:
+audio:*:29:
+dip:*:30:
+www-data:*:33:
+backup:*:34:
+operator:*:37:
+list:*:38:
+irc:*:39:
+src:*:40:
+gnats:*:41:
+shadow:*:42:
+utmp:*:43:
+video:*:44:
+sasl:*:45:
+plugdev:*:46:
+staff:*:50:
+games:*:60:
+users:*:100:
+nogroup:*:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:*:1000:
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/grpunconv.err b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/grpunconv.err
new file mode 100644
index 0000000..84fa124
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/data/grpunconv.err
@@ -0,0 +1,2 @@
+unlink FAILURE /etc/gshadow
+grpunconv: cannot delete /etc/gshadow
diff --git a/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/grpunconv.test b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/grpunconv.test
new file mode 100755
index 0000000..4102719
--- /dev/null
+++ b/tests/failures/grpunconv/04_grpunconv_unlink_gshadow_failure/grpunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "grpunconv report failures when it cannot remove the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable shadow passwords (grpunconv)..."
+LD_PRELOAD=../../../common/unlink_failure.so FAILURE_PATH=/etc/gshadow grpunconv 2>tmp/grpunconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "grpunconv reported:"
+echo "======================================================================="
+cat tmp/grpunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/grpunconv.err tmp/grpunconv.err
+echo "error message OK."
+rm -f tmp/grpunconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config.txt b/tests/failures/newusers/01_newusers_open_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/default/useradd b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/group b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/gshadow b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/login.defs b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/passwd b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/shadow b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.err b/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.err
new file mode 100644
index 0000000..b9a24a2
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+newusers: cannot open /etc/passwd
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.list b/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/01_newusers_open_passwd_failure/newusers.test b/tests/failures/newusers/01_newusers_open_passwd_failure/newusers.test
new file mode 100755
index 0000000..25462a8
--- /dev/null
+++ b/tests/failures/newusers/01_newusers_open_passwd_failure/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (newusers foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config.txt b/tests/failures/newusers/02_newusers_open_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/default/useradd b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/group b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/gshadow b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/login.defs b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/passwd b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/shadow b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.err b/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.err
new file mode 100644
index 0000000..f46f22d
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 2 ...
+newusers: cannot open /etc/shadow
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.list b/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/02_newusers_open_shadow_failure/newusers.test b/tests/failures/newusers/02_newusers_open_shadow_failure/newusers.test
new file mode 100755
index 0000000..b7fc584
--- /dev/null
+++ b/tests/failures/newusers/02_newusers_open_shadow_failure/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (newusers foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config.txt b/tests/failures/newusers/03_newusers_open_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/default/useradd b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/group b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/gshadow b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/login.defs b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/passwd b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/config/etc/shadow b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.err b/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.err
new file mode 100644
index 0000000..3ec4f2f
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+newusers: cannot open /etc/group
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.list b/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/03_newusers_open_group_failure/newusers.test b/tests/failures/newusers/03_newusers_open_group_failure/newusers.test
new file mode 100755
index 0000000..95e075d
--- /dev/null
+++ b/tests/failures/newusers/03_newusers_open_group_failure/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (newusers foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config.txt b/tests/failures/newusers/04_newusers_open_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/default/useradd b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/group b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/gshadow b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/login.defs b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/passwd b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/shadow b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.err b/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.err
new file mode 100644
index 0000000..e2a9ca0
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+newusers: cannot open /etc/gshadow
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.list b/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/04_newusers_open_gshadow_failure/newusers.test b/tests/failures/newusers/04_newusers_open_gshadow_failure/newusers.test
new file mode 100755
index 0000000..6383079
--- /dev/null
+++ b/tests/failures/newusers/04_newusers_open_gshadow_failure/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (newusers foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config.txt b/tests/failures/newusers/05_newusers_rename_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/default/useradd b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/group b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/gshadow b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/login.defs b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/passwd b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/shadow b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.err b/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.err
new file mode 100644
index 0000000..160bad7
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+newusers: failure while writing changes to /etc/passwd
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.list b/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/05_newusers_rename_passwd_failure/newusers.test b/tests/failures/newusers/05_newusers_rename_passwd_failure/newusers.test
new file mode 100755
index 0000000..3fc3097
--- /dev/null
+++ b/tests/failures/newusers/05_newusers_rename_passwd_failure/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures to write the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo (newusers data/newusers.list)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config.txt b/tests/failures/newusers/06_newusers_rename_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/group b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/gshadow b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/login.defs b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/passwd b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..03a7177
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/shadow b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.err b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.err
new file mode 100644
index 0000000..593b9ae
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/shadow+ /etc/shadow
+newusers: failure while writing changes to /etc/shadow
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.list b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/data/passwd b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/passwd
new file mode 100644
index 0000000..ce8e3c3
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1001:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/06_newusers_rename_shadow_failure/newusers.test b/tests/failures/newusers/06_newusers_rename_shadow_failure/newusers.test
new file mode 100755
index 0000000..aad005f
--- /dev/null
+++ b/tests/failures/newusers/06_newusers_rename_shadow_failure/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures to write the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo (newusers data/newusers.list)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config.txt b/tests/failures/newusers/07_newusers_rename_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/group b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/gshadow b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/login.defs b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/passwd b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/passwd
new file mode 100644
index 0000000..03a7177
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/shadow b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.err b/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.err
new file mode 100644
index 0000000..2ac5e86
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+newusers: failure while writing changes to /etc/group
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.list b/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/data/passwd b/tests/failures/newusers/07_newusers_rename_group_failure/data/passwd
new file mode 100644
index 0000000..ce8e3c3
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1001:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/data/shadow b/tests/failures/newusers/07_newusers_rename_group_failure/data/shadow
new file mode 100644
index 0000000..602bef5
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:::
diff --git a/tests/failures/newusers/07_newusers_rename_group_failure/newusers.test b/tests/failures/newusers/07_newusers_rename_group_failure/newusers.test
new file mode 100755
index 0000000..20a8771
--- /dev/null
+++ b/tests/failures/newusers/07_newusers_rename_group_failure/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures to write the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo (newusers data/newusers.list)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config.txt b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/group b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/gshadow b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/login.defs b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/passwd b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..03a7177
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/shadow b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/group b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/group
new file mode 100644
index 0000000..e65d5b0
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.err b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.err
new file mode 100644
index 0000000..ca0738a
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+newusers: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.list b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/passwd b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/passwd
new file mode 100644
index 0000000..ce8e3c3
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1001:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/shadow b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/shadow
new file mode 100644
index 0000000..602bef5
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:::
diff --git a/tests/failures/newusers/08_newusers_rename_gshadow_failure/newusers.test b/tests/failures/newusers/08_newusers_rename_gshadow_failure/newusers.test
new file mode 100755
index 0000000..8a8560f
--- /dev/null
+++ b/tests/failures/newusers/08_newusers_rename_gshadow_failure/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures to write the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo (newusers data/newusers.list)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config.txt b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/group b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/gshadow b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/login.defs b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/passwd b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/passwd
new file mode 100644
index 0000000..03a7177
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/passwd
@@ -0,0 +1,19 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/shadow b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/group b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/group
new file mode 100644
index 0000000..e65d5b0
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/gshadow b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.err b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.err
new file mode 100644
index 0000000..70bfcb5
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.err
@@ -0,0 +1,4 @@
+rename FAILURE /etc/nshadow /etc/shadow
+newusers: (user foo) pam_chauthtok() failed, error:
+Authentication token manipulation error
+newusers: (line 1, user foo) password not changed
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.list b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/passwd b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/passwd
new file mode 100644
index 0000000..ce8e3c3
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/data/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1001:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/newusers.test b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/newusers.test
new file mode 100755
index 0000000..3ce542e
--- /dev/null
+++ b/tests/failures/newusers/09_newusers_rename_shadow_failure_PAM/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers report failures to write the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo (newusers data/newusers.list)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/newusers/10_newusers_time_0/config.txt b/tests/failures/newusers/10_newusers_time_0/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/default/useradd b/tests/failures/newusers/10_newusers_time_0/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/group b/tests/failures/newusers/10_newusers_time_0/config/etc/group
new file mode 100644
index 0000000..beb7c87
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/gshadow b/tests/failures/newusers/10_newusers_time_0/config/etc/gshadow
new file mode 100644
index 0000000..55b8e95
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/pam.d/common-password b/tests/failures/newusers/10_newusers_time_0/config/etc/pam.d/common-password
new file mode 100644
index 0000000..cb8c7b7
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords.  Without this option,
+# the default is Unix crypt.  Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/passwd b/tests/failures/newusers/10_newusers_time_0/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/newusers/10_newusers_time_0/config/etc/shadow b/tests/failures/newusers/10_newusers_time_0/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/newusers/10_newusers_time_0/data/group b/tests/failures/newusers/10_newusers_time_0/data/group
new file mode 100644
index 0000000..dcabb32
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/failures/newusers/10_newusers_time_0/data/gshadow b/tests/failures/newusers/10_newusers_time_0/data/gshadow
new file mode 100644
index 0000000..dc9f7f6
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/failures/newusers/10_newusers_time_0/data/newusers.list b/tests/failures/newusers/10_newusers_time_0/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/10_newusers_time_0/data/passwd b/tests/failures/newusers/10_newusers_time_0/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/newusers/10_newusers_time_0/data/shadow b/tests/failures/newusers/10_newusers_time_0/data/shadow
new file mode 100644
index 0000000..37df8e5
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA512 fooPass@::0:99999:7:::
diff --git a/tests/failures/newusers/10_newusers_time_0/newusers.test b/tests/failures/newusers/10_newusers_time_0/newusers.test
new file mode 100755
index 0000000..27d5ce9
--- /dev/null
+++ b/tests/failures/newusers/10_newusers_time_0/newusers.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "newusers disables aging when time is not set"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo (newusers data/newusers.list)..."
+LD_PRELOAD=../../../common/time_0.so newusers data/newusers.list 2>/dev/null
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/config.txt b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/group b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/gshadow b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/passwd b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/shadow b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/data/pwck.err b/tests/failures/pwck/01_pwck_system_passwd_open_failure/data/pwck.err
new file mode 100644
index 0000000..9839b9e
--- /dev/null
+++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/data/pwck.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+pwck: cannot open /etc/passwd
diff --git a/tests/failures/pwck/01_pwck_system_passwd_open_failure/pwck.test b/tests/failures/pwck/01_pwck_system_passwd_open_failure/pwck.test
new file mode 100755
index 0000000..f28c481
--- /dev/null
+++ b/tests/failures/pwck/01_pwck_system_passwd_open_failure/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check user db (pwck)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd pwck 2>tmp/pwck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/config.txt b/tests/failures/pwck/02_pwck_passwd_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwck/02_pwck_passwd_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/group b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/gshadow b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/passwd b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/shadow b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/pwck/02_pwck_passwd_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/data/pwck.err b/tests/failures/pwck/02_pwck_passwd_open_failure/data/pwck.err
new file mode 100644
index 0000000..7ffd649
--- /dev/null
+++ b/tests/failures/pwck/02_pwck_passwd_open_failure/data/pwck.err
@@ -0,0 +1,2 @@
+open FAILURE data/passwd 2 ...
+pwck: cannot open data/passwd
diff --git a/tests/failures/pwck/02_pwck_passwd_open_failure/pwck.test b/tests/failures/pwck/02_pwck_passwd_open_failure/pwck.test
new file mode 100755
index 0000000..e9dcc9b
--- /dev/null
+++ b/tests/failures/pwck/02_pwck_passwd_open_failure/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check users (pwck data/passwd)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=data/passwd pwck data/passwd 2>tmp/pwck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/config.txt b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/group b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/gshadow b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/passwd b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/shadow b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/data/pwck.err b/tests/failures/pwck/03_pwck_system_shadow_open_failure/data/pwck.err
new file mode 100644
index 0000000..ee7dde0
--- /dev/null
+++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/data/pwck.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 2 ...
+pwck: cannot open /etc/shadow
diff --git a/tests/failures/pwck/03_pwck_system_shadow_open_failure/pwck.test b/tests/failures/pwck/03_pwck_system_shadow_open_failure/pwck.test
new file mode 100755
index 0000000..5033612
--- /dev/null
+++ b/tests/failures/pwck/03_pwck_system_shadow_open_failure/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck report failures when it cannot open the system shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check system groups (pwck)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow pwck 2>tmp/pwck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/config.txt b/tests/failures/pwck/04_pwck_shadow_open_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwck/04_pwck_shadow_open_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/group b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/gshadow b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/passwd b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/shadow b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/pwck/04_pwck_shadow_open_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/data/passwd b/tests/failures/pwck/04_pwck_shadow_open_failure/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/pwck/04_pwck_shadow_open_failure/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/data/pwck.err b/tests/failures/pwck/04_pwck_shadow_open_failure/data/pwck.err
new file mode 100644
index 0000000..bac9260
--- /dev/null
+++ b/tests/failures/pwck/04_pwck_shadow_open_failure/data/pwck.err
@@ -0,0 +1,2 @@
+open FAILURE data/shadow 2 ...
+pwck: cannot open data/shadow
diff --git a/tests/failures/pwck/04_pwck_shadow_open_failure/pwck.test b/tests/failures/pwck/04_pwck_shadow_open_failure/pwck.test
new file mode 100755
index 0000000..ef2b899
--- /dev/null
+++ b/tests/failures/pwck/04_pwck_shadow_open_failure/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck report failures when it cannot open the local shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Check local groups (pwck data/group data/shadow)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=data/shadow pwck data/passwd data/shadow 2>tmp/pwck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config.txt b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/group b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/gshadow b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/passwd b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/shadow b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/data/pwck.err b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/data/pwck.err
new file mode 100644
index 0000000..3b474db
--- /dev/null
+++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/data/pwck.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+pwck: failure while writing changes to /etc/passwd
diff --git a/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/pwck.test b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/pwck.test
new file mode 100755
index 0000000..b02853e
--- /dev/null
+++ b/tests/failures/pwck/05_pwck_sort_system_passwd_rename_failure/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck reports failure to write /etc/passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort passwd (pwck -s)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd pwck -s 2>tmp/pwck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config.txt b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/group b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/gshadow b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/passwd b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/shadow b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/passwd b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/passwd
new file mode 100644
index 0000000..2be1ed6
--- /dev/null
+++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/pwck.err b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/pwck.err
new file mode 100644
index 0000000..3d6e8cb
--- /dev/null
+++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/data/pwck.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/shadow+ /etc/shadow
+pwck: failure while writing changes to /etc/shadow
diff --git a/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/pwck.test b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/pwck.test
new file mode 100755
index 0000000..0b780e4
--- /dev/null
+++ b/tests/failures/pwck/06_pwck_sort_system_shadow_rename_failure/pwck.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck reports failure to write /etc/shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Sort group (pwck -s)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow pwck -s 2>tmp/pwck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config.txt b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/group b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/gshadow b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/passwd b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/shadow b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/passwd b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/pwck.err b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/pwck.err
new file mode 100644
index 0000000..c66b0e3
--- /dev/null
+++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/data/pwck.err
@@ -0,0 +1,2 @@
+rename FAILURE tmp/passwd+ tmp/passwd
+pwck: failure while writing changes to tmp/passwd
diff --git a/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/pwck.test b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/pwck.test
new file mode 100755
index 0000000..721734e
--- /dev/null
+++ b/tests/failures/pwck/07_pwck_sort_passwd_rename_failure/pwck.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck reports failure to write a passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+cp data/passwd tmp/
+
+echo -n "Sort passwd (pwck -s tmp/passwd)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=tmp/passwd pwck -s tmp/passwd 2>tmp/pwck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+diff -au data/passwd tmp/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+rm -f tmp/passwd tmp/passwd+ tmp/passwd-
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config.txt b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/group b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/gshadow b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/passwd b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/shadow b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd.out b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd.out
new file mode 100644
index 0000000..2be1ed6
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/passwd.out
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/pwck.err b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/pwck.err
new file mode 100644
index 0000000..4b1415b
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/pwck.err
@@ -0,0 +1,2 @@
+rename FAILURE tmp/shadow+ tmp/shadow
+pwck: failure while writing changes to tmp/shadow
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/shadow b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/pwck.test b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/pwck.test
new file mode 100755
index 0000000..435aa53
--- /dev/null
+++ b/tests/failures/pwck/08_pwck_sort_shadow_rename_failure/pwck.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwck reports failure to write a shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+cp data/passwd data/shadow tmp/
+
+echo -n "Sort group (pwck -s tmp/passwd tmp/shadow)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=tmp/shadow pwck -s tmp/passwd tmp/shadow 2>tmp/pwck.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "5"
+echo "OK"
+
+echo "pwck reported:"
+echo "======================================================================="
+cat tmp/pwck.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwck.err tmp/pwck.err
+echo "error message OK."
+rm -f tmp/pwck.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+diff -au data/passwd.out tmp/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+diff -au data/shadow tmp/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+rm -f tmp/passwd tmp/passwd- tmp/shadow tmp/shadow+ tmp/shadow-
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config.txt b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config.txt
new file mode 100644
index 0000000..01189bd
--- /dev/null
+++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config.txt
@@ -0,0 +1,2 @@
+user foo
+group foo with typo in group
diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/group b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/gshadow b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/passwd b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/passwd
new file mode 100644
index 0000000..3030f9e
--- /dev/null
+++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/passwd
@@ -0,0 +1,12 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+foo:x:1000:1000::/home:/bin/sh
+bar:x:1001:1000::/home:/bin/sh
diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/shadow b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/shadow
new file mode 100644
index 0000000..d3c0775
--- /dev/null
+++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/config/etc/shadow
@@ -0,0 +1,11 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/data/shadow b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/data/shadow
new file mode 100644
index 0000000..053ac3f
--- /dev/null
+++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/data/shadow
@@ -0,0 +1,12 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bar:x::0:99999:7:::
diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.exp b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.exp
new file mode 100755
index 0000000..02e6798
--- /dev/null
+++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "LD_PRELOAD=../../../common/time_0.so pwck\r"
+expect "no matching password file entry in /etc/shadow"
+expect "add user 'bar' in /etc/shadow? "
+send "yes\r"
+expect "pwck: the files have been updated"
+expect "# "
+send "echo \$?\r"
+expect "2"
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.test b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.test
new file mode 100755
index 0000000..e473196
--- /dev/null
+++ b/tests/failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "If time is 0, pwck creates shadow entry with no last password change date"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./pwck.exp
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config.txt b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/group b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/gshadow b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/login.defs b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/passwd b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/shadow b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/data/pwconv.err b/tests/failures/pwconv/01_pwconv_open_passwd_failure/data/pwconv.err
new file mode 100644
index 0000000..d26864f
--- /dev/null
+++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/data/pwconv.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+pwconv: cannot open /etc/passwd
diff --git a/tests/failures/pwconv/01_pwconv_open_passwd_failure/pwconv.test b/tests/failures/pwconv/01_pwconv_open_passwd_failure/pwconv.test
new file mode 100755
index 0000000..cb14e0b
--- /dev/null
+++ b/tests/failures/pwconv/01_pwconv_open_passwd_failure/pwconv.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwconv report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the shadow file..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Enable shadow passwords (pwconv)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd pwconv 2>tmp/pwconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/pwconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwconv.err tmp/pwconv.err
+echo "error message OK."
+rm -f tmp/pwconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config.txt b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/group b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/gshadow b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/login.defs b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/passwd b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/shadow b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/data/pwconv.err b/tests/failures/pwconv/02_pwconv_open_shadow_failure/data/pwconv.err
new file mode 100644
index 0000000..7727450
--- /dev/null
+++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/data/pwconv.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 2 ...
+pwconv: cannot open /etc/shadow
diff --git a/tests/failures/pwconv/02_pwconv_open_shadow_failure/pwconv.test b/tests/failures/pwconv/02_pwconv_open_shadow_failure/pwconv.test
new file mode 100755
index 0000000..031a72c
--- /dev/null
+++ b/tests/failures/pwconv/02_pwconv_open_shadow_failure/pwconv.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwconv report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the shadow file..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Enable shadow passwords (pwconv)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow pwconv 2>tmp/pwconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/pwconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwconv.err tmp/pwconv.err
+echo "error message OK."
+rm -f tmp/pwconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config.txt b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/group b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/gshadow b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/login.defs b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/passwd b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/shadow b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/pwconv.err b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/pwconv.err
new file mode 100644
index 0000000..b8177df
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/pwconv.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+pwconv: failure while writing changes to /etc/passwd
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/shadow b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/shadow
new file mode 100644
index 0000000..b678d83
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/data/shadow
@@ -0,0 +1,20 @@
+root:*:@TODAY@:0:99999:7:::
+daemon:*:@TODAY@:0:99999:7:::
+bin:*:@TODAY@:0:99999:7:::
+sys:*:@TODAY@:0:99999:7:::
+sync:*:@TODAY@:0:99999:7:::
+games:*:@TODAY@:0:99999:7:::
+man:*:@TODAY@:0:99999:7:::
+lp:*:@TODAY@:0:99999:7:::
+mail:*:@TODAY@:0:99999:7:::
+news:*:@TODAY@:0:99999:7:::
+uucp:*:@TODAY@:0:99999:7:::
+proxy:*:@TODAY@:0:99999:7:::
+www-data:*:@TODAY@:0:99999:7:::
+backup:*:@TODAY@:0:99999:7:::
+list:*:@TODAY@:0:99999:7:::
+irc:*:@TODAY@:0:99999:7:::
+gnats:*:@TODAY@:0:99999:7:::
+nobody:*:@TODAY@:0:99999:7:::
+Debian-exim:*:@TODAY@:0:99999:7:::
+foo:abc:@TODAY@:0:99999:7:::
diff --git a/tests/failures/pwconv/03_pwconv_rename_passwd_failure/pwconv.test b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/pwconv.test
new file mode 100755
index 0000000..44f2307
--- /dev/null
+++ b/tests/failures/pwconv/03_pwconv_rename_passwd_failure/pwconv.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwconv report failures to write the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the shadow file..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Enable shadow passwords (pwconv)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd pwconv 2>tmp/pwconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/pwconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwconv.err tmp/pwconv.err
+echo "error message OK."
+rm -f tmp/pwconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config.txt b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/group b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/gshadow b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/login.defs b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/passwd b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/shadow b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/data/pwconv.err b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/data/pwconv.err
new file mode 100644
index 0000000..cf5ddf3
--- /dev/null
+++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/data/pwconv.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/shadow+ /etc/shadow
+pwconv: failure while writing changes to /etc/shadow
diff --git a/tests/failures/pwconv/04_pwconv_rename_shadow_failure/pwconv.test b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/pwconv.test
new file mode 100755
index 0000000..589ed3e
--- /dev/null
+++ b/tests/failures/pwconv/04_pwconv_rename_shadow_failure/pwconv.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwconv report failures to write the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the shadow file..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Enable shadow passwords (pwconv)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow pwconv 2>tmp/pwconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwconv reported:"
+echo "======================================================================="
+cat tmp/pwconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwconv.err tmp/pwconv.err
+echo "error message OK."
+rm -f tmp/pwconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwconv/05_pwconv_time_0/config.txt b/tests/failures/pwconv/05_pwconv_time_0/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/failures/pwconv/05_pwconv_time_0/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/failures/pwconv/05_pwconv_time_0/config/etc/group b/tests/failures/pwconv/05_pwconv_time_0/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/failures/pwconv/05_pwconv_time_0/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwconv/05_pwconv_time_0/config/etc/gshadow b/tests/failures/pwconv/05_pwconv_time_0/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/failures/pwconv/05_pwconv_time_0/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwconv/05_pwconv_time_0/config/etc/passwd b/tests/failures/pwconv/05_pwconv_time_0/config/etc/passwd
new file mode 100644
index 0000000..8656be4
--- /dev/null
+++ b/tests/failures/pwconv/05_pwconv_time_0/config/etc/passwd
@@ -0,0 +1,20 @@
+root:*:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:*:102:102::/var/spool/exim4:/bin/false
+foo:abc:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwconv/05_pwconv_time_0/config/etc/shadow b/tests/failures/pwconv/05_pwconv_time_0/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwconv/05_pwconv_time_0/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwconv/05_pwconv_time_0/data/passwd b/tests/failures/pwconv/05_pwconv_time_0/data/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/pwconv/05_pwconv_time_0/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwconv/05_pwconv_time_0/data/shadow b/tests/failures/pwconv/05_pwconv_time_0/data/shadow
new file mode 100644
index 0000000..a3b7cff
--- /dev/null
+++ b/tests/failures/pwconv/05_pwconv_time_0/data/shadow
@@ -0,0 +1,20 @@
+root:*::0:99999:7:::
+daemon:*::0:99999:7:::
+bin:*::0:99999:7:::
+sys:*::0:99999:7:::
+sync:*::0:99999:7:::
+games:*::0:99999:7:::
+man:*::0:99999:7:::
+lp:*::0:99999:7:::
+mail:*::0:99999:7:::
+news:*::0:99999:7:::
+uucp:*::0:99999:7:::
+proxy:*::0:99999:7:::
+www-data:*::0:99999:7:::
+backup:*::0:99999:7:::
+list:*::0:99999:7:::
+irc:*::0:99999:7:::
+gnats:*::0:99999:7:::
+nobody:*::0:99999:7:::
+Debian-exim:*::0:99999:7:::
+foo:abc::0:99999:7:::
diff --git a/tests/failures/pwconv/05_pwconv_time_0/pwconv.test b/tests/failures/pwconv/05_pwconv_time_0/pwconv.test
new file mode 100755
index 0000000..5c9a650
--- /dev/null
+++ b/tests/failures/pwconv/05_pwconv_time_0/pwconv.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwconv disables aging when time is not set"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Convert to shadow (pwconv)..."
+LD_PRELOAD=../../../common/time_0.so pwconv 2>/dev/null
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config.txt b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/group b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/gshadow b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/login.defs b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/passwd b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/shadow b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/data/pwunconv.err b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/data/pwunconv.err
new file mode 100644
index 0000000..a1368c9
--- /dev/null
+++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/data/pwunconv.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+pwunconv: failure while writing changes to /etc/passwd
diff --git a/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/pwunconv.test b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/pwunconv.test
new file mode 100755
index 0000000..3f1d312
--- /dev/null
+++ b/tests/failures/pwunconv/01_pwunconv_passwd_rename_failure/pwunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwunconv reports failure to write /etc/passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable shadow passwords (pwunconv)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd pwunconv 2>tmp/pwunconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/pwunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwunconv.err tmp/pwunconv.err
+echo "error message OK."
+rm -f tmp/pwunconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config.txt b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/group b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/gshadow b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/login.defs b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/passwd b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/shadow b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/data/pwunconv.err b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/data/pwunconv.err
new file mode 100644
index 0000000..44cd4fa
--- /dev/null
+++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/data/pwunconv.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+pwunconv: cannot open /etc/passwd
diff --git a/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/pwunconv.test b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/pwunconv.test
new file mode 100755
index 0000000..8212cf2
--- /dev/null
+++ b/tests/failures/pwunconv/02_pwunconv_open_passwd_failure/pwunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwunconv report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable shadow passwords (pwunconv)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd pwunconv 2>tmp/pwunconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/pwunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwunconv.err tmp/pwunconv.err
+echo "error message OK."
+rm -f tmp/pwunconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config.txt b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/group b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/gshadow b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/login.defs b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/passwd b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/shadow b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/data/pwunconv.err b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/data/pwunconv.err
new file mode 100644
index 0000000..a61ba35
--- /dev/null
+++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/data/pwunconv.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 0 ...
+pwunconv: cannot open /etc/shadow
diff --git a/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/pwunconv.test b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/pwunconv.test
new file mode 100755
index 0000000..0c8f79f
--- /dev/null
+++ b/tests/failures/pwunconv/03_pwunconv_open_shadow_failure/pwunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwunconv report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable shadow passwords (pwunconv)..."
+LD_PRELOAD=../../../common/open_RDONLY_failure.so FAILURE_PATH=/etc/shadow pwunconv 2>tmp/pwunconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/pwunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwunconv.err tmp/pwunconv.err
+echo "error message OK."
+rm -f tmp/pwunconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config.txt b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/group b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/gshadow b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/login.defs b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/passwd b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/shadow b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/passwd b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/passwd
new file mode 100644
index 0000000..3416c55
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/passwd
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:0:0:root:/root:/bin/bash
+daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+bin:*:2:2:bin:/bin:/bin/sh
+sys:*:3:3:sys:/dev:/bin/sh
+sync:*:4:65534:sync:/bin:/bin/sync
+games:*:5:60:games:/usr/games:/bin/sh
+man:*:6:12:man:/var/cache/man:/bin/sh
+lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+mail:*:8:8:mail:/var/mail:/bin/sh
+news:*:9:9:news:/var/spool/news:/bin/sh
+uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:*:13:13:proxy:/bin:/bin/sh
+www-data:*:33:33:www-data:/var/www:/bin/sh
+backup:*:34:34:backup:/var/backups:/bin/sh
+list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:!:102:102::/var/spool/exim4:/bin/false
+foo:!:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/pwunconv.err b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/pwunconv.err
new file mode 100644
index 0000000..a8ecf49
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/data/pwunconv.err
@@ -0,0 +1,2 @@
+unlink FAILURE /etc/shadow
+pwunconv: cannot delete /etc/shadow
diff --git a/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/pwunconv.test b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/pwunconv.test
new file mode 100755
index 0000000..045719f
--- /dev/null
+++ b/tests/failures/pwunconv/04_pwunconv_unlink_shadow_failure/pwunconv.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "pwunconv report failures when it cannot remove the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable shadow passwords (pwunconv)..."
+LD_PRELOAD=../../../common/unlink_failure.so FAILURE_PATH=/etc/shadow pwunconv 2>tmp/pwunconv.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "pwunconv reported:"
+echo "======================================================================="
+cat tmp/pwunconv.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/pwunconv.err tmp/pwunconv.err
+echo "error message OK."
+rm -f tmp/pwunconv.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config.txt b/tests/failures/useradd/01_useradd_open_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/default/useradd b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/group b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/gshadow b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/login.defs b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/passwd b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/shadow b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/data/useradd.err b/tests/failures/useradd/01_useradd_open_passwd_failure/data/useradd.err
new file mode 100644
index 0000000..0a3ce8c
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/data/useradd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+useradd: cannot open /etc/passwd
diff --git a/tests/failures/useradd/01_useradd_open_passwd_failure/useradd.test b/tests/failures/useradd/01_useradd_open_passwd_failure/useradd.test
new file mode 100755
index 0000000..930d565
--- /dev/null
+++ b/tests/failures/useradd/01_useradd_open_passwd_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (useradd foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config.txt b/tests/failures/useradd/02_useradd_open_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/default/useradd b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/group b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/gshadow b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/login.defs b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/passwd b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/shadow b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/data/useradd.err b/tests/failures/useradd/02_useradd_open_shadow_failure/data/useradd.err
new file mode 100644
index 0000000..8d691d1
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/data/useradd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 2 ...
+useradd: cannot open /etc/shadow
diff --git a/tests/failures/useradd/02_useradd_open_shadow_failure/useradd.test b/tests/failures/useradd/02_useradd_open_shadow_failure/useradd.test
new file mode 100755
index 0000000..0c3d7fc
--- /dev/null
+++ b/tests/failures/useradd/02_useradd_open_shadow_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (useradd foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config.txt b/tests/failures/useradd/03_useradd_open_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/default/useradd b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/group b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/gshadow b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/login.defs b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/passwd b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/config/etc/shadow b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/data/useradd.err b/tests/failures/useradd/03_useradd_open_group_failure/data/useradd.err
new file mode 100644
index 0000000..59a33be
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/data/useradd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+useradd: cannot open /etc/group
diff --git a/tests/failures/useradd/03_useradd_open_group_failure/useradd.test b/tests/failures/useradd/03_useradd_open_group_failure/useradd.test
new file mode 100755
index 0000000..b99d914
--- /dev/null
+++ b/tests/failures/useradd/03_useradd_open_group_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (useradd foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config.txt b/tests/failures/useradd/04_useradd_open_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/default/useradd b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/group b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/gshadow b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/login.defs b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/passwd b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/shadow b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/data/useradd.err b/tests/failures/useradd/04_useradd_open_gshadow_failure/data/useradd.err
new file mode 100644
index 0000000..3e64279
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/data/useradd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+useradd: cannot open /etc/gshadow
diff --git a/tests/failures/useradd/04_useradd_open_gshadow_failure/useradd.test b/tests/failures/useradd/04_useradd_open_gshadow_failure/useradd.test
new file mode 100755
index 0000000..5ab5eac
--- /dev/null
+++ b/tests/failures/useradd/04_useradd_open_gshadow_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (useradd foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config.txt b/tests/failures/useradd/05_useradd_rename_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/default/useradd b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/group b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/gshadow b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/login.defs b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/passwd b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/shadow b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/data/useradd.err b/tests/failures/useradd/05_useradd_rename_passwd_failure/data/useradd.err
new file mode 100644
index 0000000..6d25d1d
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/data/useradd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+useradd: failure while writing changes to /etc/passwd
diff --git a/tests/failures/useradd/05_useradd_rename_passwd_failure/useradd.test b/tests/failures/useradd/05_useradd_rename_passwd_failure/useradd.test
new file mode 100755
index 0000000..2428ed0
--- /dev/null
+++ b/tests/failures/useradd/05_useradd_rename_passwd_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports failure to write /etc/passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (useradd foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config.txt b/tests/failures/useradd/06_useradd_rename_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/default/useradd b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/group b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/gshadow b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/login.defs b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/passwd b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/shadow b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/data/passwd b/tests/failures/useradd/06_useradd_rename_shadow_failure/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/data/useradd.err b/tests/failures/useradd/06_useradd_rename_shadow_failure/data/useradd.err
new file mode 100644
index 0000000..49e06ab
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/data/useradd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/shadow+ /etc/shadow
+useradd: failure while writing changes to /etc/shadow
diff --git a/tests/failures/useradd/06_useradd_rename_shadow_failure/useradd.test b/tests/failures/useradd/06_useradd_rename_shadow_failure/useradd.test
new file mode 100755
index 0000000..50ec15f
--- /dev/null
+++ b/tests/failures/useradd/06_useradd_rename_shadow_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports failure to write /etc/shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (useradd foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config.txt b/tests/failures/useradd/07_useradd_rename_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/default/useradd b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/group b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/gshadow b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/login.defs b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/passwd b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/shadow b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/data/passwd b/tests/failures/useradd/07_useradd_rename_group_failure/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/data/shadow b/tests/failures/useradd/07_useradd_rename_group_failure/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/data/useradd.err b/tests/failures/useradd/07_useradd_rename_group_failure/data/useradd.err
new file mode 100644
index 0000000..75a035e
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/data/useradd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+useradd: failure while writing changes to /etc/group
diff --git a/tests/failures/useradd/07_useradd_rename_group_failure/useradd.test b/tests/failures/useradd/07_useradd_rename_group_failure/useradd.test
new file mode 100755
index 0000000..ed64725
--- /dev/null
+++ b/tests/failures/useradd/07_useradd_rename_group_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports failure to write /etc/group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (useradd foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config.txt b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/default/useradd b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/group b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/gshadow b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/login.defs b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/passwd b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/shadow b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/group b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/passwd b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/shadow b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/useradd.err b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/useradd.err
new file mode 100644
index 0000000..a355259
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/data/useradd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+useradd: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/useradd/08_useradd_rename_gshadow_failure/useradd.test b/tests/failures/useradd/08_useradd_rename_gshadow_failure/useradd.test
new file mode 100755
index 0000000..11f7f68
--- /dev/null
+++ b/tests/failures/useradd/08_useradd_rename_gshadow_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports failure to write /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (useradd foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config.txt b/tests/failures/useradd/09_useradd_rename_defaults_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/default/useradd b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/group b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/gshadow b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/login.defs b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/passwd b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/shadow b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/data/useradd.err b/tests/failures/useradd/09_useradd_rename_defaults_failure/data/useradd.err
new file mode 100644
index 0000000..956521a
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/data/useradd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/default/nuaddXXXXXX /etc/default/useradd
+useradd: rename: /etc/default/nuaddXXXXXX: Input/output error
diff --git a/tests/failures/useradd/09_useradd_rename_defaults_failure/useradd.test b/tests/failures/useradd/09_useradd_rename_defaults_failure/useradd.test
new file mode 100755
index 0000000..f845652
--- /dev/null
+++ b/tests/failures/useradd/09_useradd_rename_defaults_failure/useradd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports failure to write /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set default value (useradd -D -g 10)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/default/useradd useradd -D -g 10 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+sed -e 's/nuadd....../nuaddXXXXXX/' -i tmp/useradd.err
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config.txt b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/default/useradd b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/group b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/gshadow b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/login.defs b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/passwd b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/shadow b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/data/useradd.err b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/data/useradd.err
new file mode 100644
index 0000000..7ec53ac
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/data/useradd.err
@@ -0,0 +1,2 @@
+link FAILURE /etc/default/useradd /etc/default/useradd-
+useradd: Cannot create backup file (/etc/default/useradd-): Input/output error
diff --git a/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/useradd.test b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/useradd.test
new file mode 100755
index 0000000..241f727
--- /dev/null
+++ b/tests/failures/useradd/10_useradd_rename_defaults_backup_failure/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports failure to create backup /etc/default/useradd-"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set default value (useradd -D -g 10)..."
+LD_PRELOAD=../../../common/link_failure.so FAILURE_PATH=/etc/default/useradd- useradd -D -g 10 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/11_useradd_time_0/config.txt b/tests/failures/useradd/11_useradd_time_0/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/default/useradd b/tests/failures/useradd/11_useradd_time_0/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/group b/tests/failures/useradd/11_useradd_time_0/config/etc/group
new file mode 100644
index 0000000..beb7c87
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/gshadow b/tests/failures/useradd/11_useradd_time_0/config/etc/gshadow
new file mode 100644
index 0000000..55b8e95
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/pam.d/common-password b/tests/failures/useradd/11_useradd_time_0/config/etc/pam.d/common-password
new file mode 100644
index 0000000..cb8c7b7
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords.  Without this option,
+# the default is Unix crypt.  Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/passwd b/tests/failures/useradd/11_useradd_time_0/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/11_useradd_time_0/config/etc/shadow b/tests/failures/useradd/11_useradd_time_0/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/11_useradd_time_0/data/group b/tests/failures/useradd/11_useradd_time_0/data/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/useradd/11_useradd_time_0/data/gshadow b/tests/failures/useradd/11_useradd_time_0/data/gshadow
new file mode 100644
index 0000000..ed9618e
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/useradd/11_useradd_time_0/data/newusers.list b/tests/failures/useradd/11_useradd_time_0/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/failures/useradd/11_useradd_time_0/data/passwd b/tests/failures/useradd/11_useradd_time_0/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/failures/useradd/11_useradd_time_0/data/shadow b/tests/failures/useradd/11_useradd_time_0/data/shadow
new file mode 100644
index 0000000..d295f85
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!::0:99999:7:12:13849:
diff --git a/tests/failures/useradd/11_useradd_time_0/useradd.test b/tests/failures/useradd/11_useradd_time_0/useradd.test
new file mode 100755
index 0000000..1c61138
--- /dev/null
+++ b/tests/failures/useradd/11_useradd_time_0/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd disables aging when time is not set"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo (useradd foo)..."
+LD_PRELOAD=../../../common/time_0.so useradd foo 2>/dev/null
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config.txt b/tests/failures/useradd/12_useradd_open_subuid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/default/useradd b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/group b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/gshadow b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/login.defs b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/passwd b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/shadow b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subgid b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subgid
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subuid b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/config/etc/subuid
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/data/useradd.err b/tests/failures/useradd/12_useradd_open_subuid_failure/data/useradd.err
new file mode 100644
index 0000000..6d84972
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/data/useradd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/subuid 2 ...
+useradd: cannot open /etc/subuid
diff --git a/tests/failures/useradd/12_useradd_open_subuid_failure/useradd.test b/tests/failures/useradd/12_useradd_open_subuid_failure/useradd.test
new file mode 100755
index 0000000..0263300
--- /dev/null
+++ b/tests/failures/useradd/12_useradd_open_subuid_failure/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd report failures when it cannot open the /etc/subuid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (useradd foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subuid useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config.txt b/tests/failures/useradd/13_useradd_open_subgid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/default/useradd b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/group b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/gshadow b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/login.defs b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/passwd b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/shadow b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subgid b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subgid
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subuid b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/config/etc/subuid
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/data/useradd.err b/tests/failures/useradd/13_useradd_open_subgid_failure/data/useradd.err
new file mode 100644
index 0000000..594f4d6
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/data/useradd.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/subgid 2 ...
+useradd: cannot open /etc/subgid
diff --git a/tests/failures/useradd/13_useradd_open_subgid_failure/useradd.test b/tests/failures/useradd/13_useradd_open_subgid_failure/useradd.test
new file mode 100755
index 0000000..eff1bc9
--- /dev/null
+++ b/tests/failures/useradd/13_useradd_open_subgid_failure/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd report failures when it cannot open the /etc/subgid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo (useradd foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subgid useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config.txt b/tests/failures/useradd/14_username_rename_subuid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/default/useradd b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/group b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/gshadow b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/login.defs b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/passwd b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/shadow b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subgid b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subgid
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subuid b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/config/etc/subuid
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/data/group b/tests/failures/useradd/14_username_rename_subuid_failure/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/data/gshadow b/tests/failures/useradd/14_username_rename_subuid_failure/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/data/passwd b/tests/failures/useradd/14_username_rename_subuid_failure/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/data/shadow b/tests/failures/useradd/14_username_rename_subuid_failure/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/data/useradd.err b/tests/failures/useradd/14_username_rename_subuid_failure/data/useradd.err
new file mode 100644
index 0000000..1798df6
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/data/useradd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/subuid+ /etc/subuid
+useradd: failure while writing changes to /etc/subuid
diff --git a/tests/failures/useradd/14_username_rename_subuid_failure/useradd.test b/tests/failures/useradd/14_username_rename_subuid_failure/useradd.test
new file mode 100755
index 0000000..5b007b9
--- /dev/null
+++ b/tests/failures/useradd/14_username_rename_subuid_failure/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports failure to write /etc/subuid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (useradd foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subuid useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config.txt b/tests/failures/useradd/15_username_rename_subgid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/default/useradd b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/group b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/gshadow b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/login.defs b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/passwd b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/shadow b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subgid b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subgid
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subuid b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/config/etc/subuid
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/group b/tests/failures/useradd/15_username_rename_subgid_failure/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/gshadow b/tests/failures/useradd/15_username_rename_subgid_failure/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/passwd b/tests/failures/useradd/15_username_rename_subgid_failure/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/shadow b/tests/failures/useradd/15_username_rename_subgid_failure/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/subuid b/tests/failures/useradd/15_username_rename_subgid_failure/data/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/data/useradd.err b/tests/failures/useradd/15_username_rename_subgid_failure/data/useradd.err
new file mode 100644
index 0000000..0d1b654
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/data/useradd.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/subgid+ /etc/subgid
+useradd: failure while writing changes to /etc/subgid
diff --git a/tests/failures/useradd/15_username_rename_subgid_failure/useradd.test b/tests/failures/useradd/15_username_rename_subgid_failure/useradd.test
new file mode 100755
index 0000000..db47258
--- /dev/null
+++ b/tests/failures/useradd/15_username_rename_subgid_failure/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports failure to write /etc/subgid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (useradd foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subgid useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config.txt b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/group b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/gshadow b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/login.defs b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/passwd b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/shadow b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/group b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/passwd b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/shadow b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/userdel.err b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/userdel.err
new file mode 100644
index 0000000..e84c8f8
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/data/userdel.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+userdel: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/userdel/01_userdel_gshadow_rename_failure/userdel.test b/tests/failures/userdel/01_userdel_gshadow_rename_failure/userdel.test
new file mode 100755
index 0000000..3b7c17c
--- /dev/null
+++ b/tests/failures/userdel/01_userdel_gshadow_rename_failure/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel reports failure to write /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow userdel foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config.txt b/tests/failures/userdel/02_userdel_group_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/default/useradd b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/group b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/gshadow b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/login.defs b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/passwd b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/shadow b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/data/passwd b/tests/failures/userdel/02_userdel_group_rename_failure/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/data/shadow b/tests/failures/userdel/02_userdel_group_rename_failure/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/data/userdel.err b/tests/failures/userdel/02_userdel_group_rename_failure/data/userdel.err
new file mode 100644
index 0000000..21962cd
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/data/userdel.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+userdel: failure while writing changes to /etc/group
diff --git a/tests/failures/userdel/02_userdel_group_rename_failure/userdel.test b/tests/failures/userdel/02_userdel_group_rename_failure/userdel.test
new file mode 100755
index 0000000..da9b693
--- /dev/null
+++ b/tests/failures/userdel/02_userdel_group_rename_failure/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel reports failure to write /etc/group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group userdel foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config.txt b/tests/failures/userdel/03_userdel_shadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/default/useradd b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/group b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/gshadow b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/login.defs b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/passwd b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/shadow b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/data/passwd b/tests/failures/userdel/03_userdel_shadow_rename_failure/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/data/userdel.err b/tests/failures/userdel/03_userdel_shadow_rename_failure/data/userdel.err
new file mode 100644
index 0000000..a241b55
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/data/userdel.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/shadow+ /etc/shadow
+userdel: failure while writing changes to /etc/shadow
diff --git a/tests/failures/userdel/03_userdel_shadow_rename_failure/userdel.test b/tests/failures/userdel/03_userdel_shadow_rename_failure/userdel.test
new file mode 100755
index 0000000..6ad2516
--- /dev/null
+++ b/tests/failures/userdel/03_userdel_shadow_rename_failure/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel reports failure to write /etc/shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow userdel foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config.txt b/tests/failures/userdel/04_userdel_passwd_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/default/useradd b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/group b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/gshadow b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/login.defs b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/passwd b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/shadow b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/data/userdel.err b/tests/failures/userdel/04_userdel_passwd_rename_failure/data/userdel.err
new file mode 100644
index 0000000..7058c90
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/data/userdel.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+userdel: failure while writing changes to /etc/passwd
diff --git a/tests/failures/userdel/04_userdel_passwd_rename_failure/userdel.test b/tests/failures/userdel/04_userdel_passwd_rename_failure/userdel.test
new file mode 100755
index 0000000..945bf5b
--- /dev/null
+++ b/tests/failures/userdel/04_userdel_passwd_rename_failure/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel reports failure to write /etc/passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd userdel foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config.txt b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/default/useradd b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/group b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/gshadow b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/login.defs b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/passwd b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/shadow b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/var/mail/foo b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/var/mail/foo
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/config/var/mail/foo
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/group b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/gshadow b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/passwd b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/shadow b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/userdel.err b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/userdel.err
new file mode 100644
index 0000000..0ed73cf
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/data/userdel.err
@@ -0,0 +1,3 @@
+unlink FAILURE /var/mail/foo
+userdel: warning: can't remove /var/mail/foo: Device or resource busy
+userdel: foo home directory (/home/foo) not found
diff --git a/tests/failures/userdel/05_userdel_failure_remove_mailbox/userdel.test b/tests/failures/userdel/05_userdel_failure_remove_mailbox/userdel.test
new file mode 100755
index 0000000..cd0b356
--- /dev/null
+++ b/tests/failures/userdel/05_userdel_failure_remove_mailbox/userdel.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel -r reports failure to remove the mailbox"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Changing ownership of /var/mail/foo..."
+chown foo:mail /var/mail/foo
+echo "OK"
+
+echo -n "delete user foo with its mail spool (userdel -r foo)..."
+LD_PRELOAD=../../../common/unlink_failure.so FAILURE_PATH=/var/mail/foo userdel -r foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+ 
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config.txt b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/default/useradd b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/group b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/gshadow b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/login.defs b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/passwd b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/shadow b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/group b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/gshadow b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/passwd b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/shadow b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/userdel.err b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/userdel.err
new file mode 100644
index 0000000..d46d879
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/data/userdel.err
@@ -0,0 +1,3 @@
+userdel: foo mail spool (/var/mail/foo) not found
+unlink FAILURE /home/foo/bar/baz
+userdel: error removing directory /home/foo
diff --git a/tests/failures/userdel/06_userdel_failure_remove_file_homedir/userdel.test b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/userdel.test
new file mode 100755
index 0000000..d41d189
--- /dev/null
+++ b/tests/failures/userdel/06_userdel_failure_remove_file_homedir/userdel.test
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel -r reports failure to remove a file in the home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an home directory for foo..."
+mkdir /home/foo
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo' 0
+mkdir /home/foo/bar
+touch /home/foo/bar/baz
+chown -R foo:foo /home/foo
+echo "OK"
+
+echo -n "delete user foo with its mail spool (userdel -r foo)..."
+LD_PRELOAD=../../../common/unlink_failure.so FAILURE_PATH=/home/foo/bar/baz userdel -r foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+ 
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+rm -rf /home/foo
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config.txt b/tests/failures/userdel/07_userdel_failure_remove_homedir/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/default/useradd b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/group b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/gshadow b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/login.defs b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/passwd b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/shadow b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/data/group b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/data/gshadow b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/data/passwd b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/data/shadow b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/data/userdel.err b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/userdel.err
new file mode 100644
index 0000000..f874083
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/data/userdel.err
@@ -0,0 +1,3 @@
+userdel: foo mail spool (/var/mail/foo) not found
+rmdir FAILURE /home/foo
+userdel: error removing directory /home/foo
diff --git a/tests/failures/userdel/07_userdel_failure_remove_homedir/userdel.test b/tests/failures/userdel/07_userdel_failure_remove_homedir/userdel.test
new file mode 100755
index 0000000..deca402
--- /dev/null
+++ b/tests/failures/userdel/07_userdel_failure_remove_homedir/userdel.test
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel -r reports failure to remove the home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an home directory for foo..."
+mkdir /home/foo
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo' 0
+mkdir /home/foo/bar
+touch /home/foo/bar/baz
+chown -R foo:foo /home/foo
+echo "OK"
+
+echo -n "delete user foo with its mail spool (userdel -r foo)..."
+LD_PRELOAD=../../../common/rmdir_failure.so FAILURE_PATH=/home/foo userdel -r foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+ 
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+rm -rf /home/foo
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config.txt b/tests/failures/userdel/08_userdel_open_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/default/useradd b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/group b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/gshadow b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/login.defs b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/passwd b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..c41f98b
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:foo:/home/foo:/bin/sh
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/shadow b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/data/userdel.err b/tests/failures/userdel/08_userdel_open_passwd_failure/data/userdel.err
new file mode 100644
index 0000000..5329f8a
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/data/userdel.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+userdel: cannot open /etc/passwd
diff --git a/tests/failures/userdel/08_userdel_open_passwd_failure/userdel.test b/tests/failures/userdel/08_userdel_open_passwd_failure/userdel.test
new file mode 100755
index 0000000..dfa5bc6
--- /dev/null
+++ b/tests/failures/userdel/08_userdel_open_passwd_failure/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd userdel foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config.txt b/tests/failures/userdel/09_userdel_open_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/default/useradd b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/group b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/gshadow b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/login.defs b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/passwd b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..c41f98b
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:foo:/home/foo:/bin/sh
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/shadow b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/data/userdel.err b/tests/failures/userdel/09_userdel_open_shadow_failure/data/userdel.err
new file mode 100644
index 0000000..b15cf95
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/data/userdel.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 2 ...
+userdel: cannot open /etc/shadow
diff --git a/tests/failures/userdel/09_userdel_open_shadow_failure/userdel.test b/tests/failures/userdel/09_userdel_open_shadow_failure/userdel.test
new file mode 100755
index 0000000..434cf32
--- /dev/null
+++ b/tests/failures/userdel/09_userdel_open_shadow_failure/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow userdel foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config.txt b/tests/failures/userdel/10_userdel_open_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/default/useradd b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/group b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/gshadow b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/login.defs b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/passwd b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/passwd
new file mode 100644
index 0000000..c41f98b
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:foo:/home/foo:/bin/sh
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/config/etc/shadow b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/data/userdel.err b/tests/failures/userdel/10_userdel_open_group_failure/data/userdel.err
new file mode 100644
index 0000000..e671f64
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/data/userdel.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+userdel: cannot open /etc/group
diff --git a/tests/failures/userdel/10_userdel_open_group_failure/userdel.test b/tests/failures/userdel/10_userdel_open_group_failure/userdel.test
new file mode 100755
index 0000000..2e3ad62
--- /dev/null
+++ b/tests/failures/userdel/10_userdel_open_group_failure/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group userdel foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config.txt b/tests/failures/userdel/11_userdel_open_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/default/useradd b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/group b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/gshadow b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/login.defs b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/passwd b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..c41f98b
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:foo:/home/foo:/bin/sh
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/shadow b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/data/userdel.err b/tests/failures/userdel/11_userdel_open_gshadow_failure/data/userdel.err
new file mode 100644
index 0000000..e24e7f4
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/data/userdel.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+userdel: cannot open /etc/gshadow
diff --git a/tests/failures/userdel/11_userdel_open_gshadow_failure/userdel.test b/tests/failures/userdel/11_userdel_open_gshadow_failure/userdel.test
new file mode 100755
index 0000000..4a75f66
--- /dev/null
+++ b/tests/failures/userdel/11_userdel_open_gshadow_failure/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow userdel foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config.txt b/tests/failures/userdel/12_userdel_open_subuid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/default/useradd b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/group b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/gshadow b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/login.defs b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/passwd b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/shadow b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subgid b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subgid
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subuid b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/config/etc/subuid
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/data/userdel.err b/tests/failures/userdel/12_userdel_open_subuid_failure/data/userdel.err
new file mode 100644
index 0000000..cd0d1c4
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/data/userdel.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/subuid 2 ...
+userdel: cannot open /etc/subuid
diff --git a/tests/failures/userdel/12_userdel_open_subuid_failure/userdel.test b/tests/failures/userdel/12_userdel_open_subuid_failure/userdel.test
new file mode 100755
index 0000000..844f04f
--- /dev/null
+++ b/tests/failures/userdel/12_userdel_open_subuid_failure/userdel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel report failures when it cannot open the /etc/subuid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subuid userdel foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config.txt b/tests/failures/userdel/13_userdel_open_subgid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/default/useradd b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/group b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/gshadow b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/login.defs b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/passwd b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/shadow b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subgid b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subgid
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subuid b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/config/etc/subuid
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/data/userdel.err b/tests/failures/userdel/13_userdel_open_subgid_failure/data/userdel.err
new file mode 100644
index 0000000..bcc53e2
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/data/userdel.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/subgid 2 ...
+userdel: cannot open /etc/subgid
diff --git a/tests/failures/userdel/13_userdel_open_subgid_failure/userdel.test b/tests/failures/userdel/13_userdel_open_subgid_failure/userdel.test
new file mode 100755
index 0000000..2a67bcb
--- /dev/null
+++ b/tests/failures/userdel/13_userdel_open_subgid_failure/userdel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel report failures when it cannot open the /etc/subgid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subgid userdel foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config.txt b/tests/failures/userdel/14_userdel_rename_subuid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/default/useradd b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/group b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/gshadow b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/login.defs b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/passwd b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/passwd
new file mode 100644
index 0000000..ae6ebfe
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/shadow b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subgid b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subuid b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/config/etc/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/data/group b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/data/gshadow b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/data/passwd b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/data/shadow b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/data/userdel.err b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/userdel.err
new file mode 100644
index 0000000..ae0d56e
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/data/userdel.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/subuid+ /etc/subuid
+userdel: failure while writing changes to /etc/subuid
diff --git a/tests/failures/userdel/14_userdel_rename_subuid_failure/usedel.test b/tests/failures/userdel/14_userdel_rename_subuid_failure/usedel.test
new file mode 100755
index 0000000..a6e7d43
--- /dev/null
+++ b/tests/failures/userdel/14_userdel_rename_subuid_failure/usedel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel reports failure to write /etc/subuid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subuid userdel foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config.txt b/tests/failures/userdel/15_userdel_rename_subgid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/default/useradd b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/group b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/gshadow b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/login.defs b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/passwd b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/passwd
new file mode 100644
index 0000000..ae6ebfe
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/shadow b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subgid b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subuid b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subuid
new file mode 100644
index 0000000..a0bb603
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+root:200000:10000
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/group b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/gshadow b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/passwd b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/shadow b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/subuid b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/subuid
new file mode 100644
index 0000000..83a5781
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/subuid
@@ -0,0 +1 @@
+root:200000:10000
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/data/userdel.err b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/userdel.err
new file mode 100644
index 0000000..35e206c
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/data/userdel.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/subgid+ /etc/subgid
+userdel: failure while writing changes to /etc/subgid
diff --git a/tests/failures/userdel/15_userdel_rename_subgid_failure/usedel.test b/tests/failures/userdel/15_userdel_rename_subgid_failure/usedel.test
new file mode 100755
index 0000000..5312e8b
--- /dev/null
+++ b/tests/failures/userdel/15_userdel_rename_subgid_failure/usedel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel reports failure to write /etc/subgid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subgid userdel foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config.txt b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/default/useradd b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/group b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/gshadow b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/login.defs b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/passwd b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/shadow b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/group b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/group
new file mode 100644
index 0000000..41fb326
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:bar
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/passwd b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/passwd
new file mode 100644
index 0000000..656230a
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/shadow b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/shadow
new file mode 100644
index 0000000..2fc3f9c
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/usermod.err b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/usermod.err
new file mode 100644
index 0000000..449003a
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/data/usermod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/gshadow+ /etc/gshadow
+usermod: failure while writing changes to /etc/gshadow
diff --git a/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/usermod.test b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/usermod.test
new file mode 100755
index 0000000..e7d1c2d
--- /dev/null
+++ b/tests/failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod reports failure to write /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar (groupmod -n bar foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow usermod -l bar foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config.txt b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/default/useradd b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/group b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/gshadow b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/login.defs b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/passwd b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/shadow b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/data/usermod.err b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/data/usermod.err
new file mode 100644
index 0000000..a5fd4c3
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/data/usermod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+usermod: failure while writing changes to /etc/passwd
diff --git a/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/usermod.test b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/usermod.test
new file mode 100755
index 0000000..119d76a
--- /dev/null
+++ b/tests/failures/usermod/02_usermod_change_uid_passwd_rename_failure/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod reports failure to write /etc/passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change UID of foo to 1001 (usermod -u 1001 foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/passwd usermod -u 1001 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config.txt b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/default/useradd b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/group b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/gshadow b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/login.defs b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/passwd b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/shadow b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/passwd b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/passwd
new file mode 100644
index 0000000..656230a
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/shadow b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/shadow
new file mode 100644
index 0000000..2fc3f9c
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/usermod.err b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/usermod.err
new file mode 100644
index 0000000..69a5e8b
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/data/usermod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/group+ /etc/group
+usermod: failure while writing changes to /etc/group
diff --git a/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/usermod.test b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/usermod.test
new file mode 100755
index 0000000..c5d69bb
--- /dev/null
+++ b/tests/failures/usermod/03_usermod_change_user_name_group_rename_failure/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod reports failure to write /etc/group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename user foo to bar (usermod -l bar foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/group usermod -l bar foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config.txt b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/default/useradd b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/group b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/gshadow b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/login.defs b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/passwd b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/shadow b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/passwd b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/passwd
new file mode 100644
index 0000000..656230a
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/shadow b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/shadow
new file mode 100644
index 0000000..2fc3f9c
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/usermod.test b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/usermod.test
new file mode 100755
index 0000000..2e64fd3
--- /dev/null
+++ b/tests/failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not try to rewrite gshadow if not changed"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar (groupmod -n bar foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/gshadow usermod -l bar foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config.txt b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/default/useradd b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/group b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/group
new file mode 100644
index 0000000..2a5b8a4
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/gshadow b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/gshadow
new file mode 100644
index 0000000..ed34100
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/login.defs b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/passwd b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/shadow b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/passwd b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/passwd
new file mode 100644
index 0000000..09a6642
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000:::/bin/false
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/usermod.err b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/usermod.err
new file mode 100644
index 0000000..43c186a
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/data/usermod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/shadow+ /etc/shadow
+usermod: failure while writing changes to /etc/shadow
diff --git a/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/usermod.test b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/usermod.test
new file mode 100755
index 0000000..df94b43
--- /dev/null
+++ b/tests/failures/usermod/05_usermod_change_uid_shadow_rename_failure/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod reports failure to write /etc/shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change name of foo to bar (usermod -l bar foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/shadow usermod -l bar foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config.txt b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/default/useradd b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/group b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/gshadow b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/login.defs b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/passwd b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/shadow b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/data/usermod.err b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/data/usermod.err
new file mode 100644
index 0000000..e060976
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/data/usermod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/passwd 2 ...
+usermod: cannot open /etc/passwd
diff --git a/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/usermod.test b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/usermod.test
new file mode 100755
index 0000000..5e069f6
--- /dev/null
+++ b/tests/failures/usermod/06_usermod_change_user_name_open_passwd_failure/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod report failures when it cannot open the passwd file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change user foo (usermod -l bar foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/passwd usermod -l bar foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config.txt b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/default/useradd b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/group b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/gshadow b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/login.defs b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/passwd b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/shadow b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/data/usermod.err b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/data/usermod.err
new file mode 100644
index 0000000..40e3a5b
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/data/usermod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/shadow 2 ...
+usermod: cannot open /etc/shadow
diff --git a/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/usermod.test b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/usermod.test
new file mode 100755
index 0000000..c5ac414
--- /dev/null
+++ b/tests/failures/usermod/07_usermod_change_user_name_open_shadow_failure/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod report failures when it cannot open the shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change user foo (usermod -l bar foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/shadow usermod -l bar foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config.txt b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/default/useradd b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/group b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/gshadow b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/login.defs b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/passwd b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/shadow b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/data/usermod.err b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/data/usermod.err
new file mode 100644
index 0000000..5329b28
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/data/usermod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/group 2 ...
+usermod: cannot open /etc/group
diff --git a/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/usermod.test b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/usermod.test
new file mode 100755
index 0000000..fbca278
--- /dev/null
+++ b/tests/failures/usermod/08_usermod_change_user_name_open_group_failure/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod report failures when it cannot open the group file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change user foo (usermod -l bar foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/group usermod -l bar foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config.txt b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/default/useradd b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/group b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/gshadow b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/login.defs b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/passwd b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/shadow b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/data/usermod.err b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/data/usermod.err
new file mode 100644
index 0000000..e398343
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/data/usermod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/gshadow 2 ...
+usermod: cannot open /etc/gshadow
diff --git a/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/usermod.test b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/usermod.test
new file mode 100755
index 0000000..6e7ba24
--- /dev/null
+++ b/tests/failures/usermod/09_usermod_change_user_name_open_gshadow_failure/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod report failures when it cannot open the gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change user foo (usermod -l bar foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/gshadow usermod -l bar foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config.txt b/tests/failures/usermod/10_usermod_-p_time_0/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config/etc/default/useradd b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config/etc/group b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config/etc/gshadow b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config/etc/passwd b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/config/etc/shadow b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/data/passwd b/tests/failures/usermod/10_usermod_-p_time_0/data/passwd
new file mode 100644
index 0000000..d9798a6
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:foopass:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/data/shadow b/tests/failures/usermod/10_usermod_-p_time_0/data/shadow
new file mode 100644
index 0000000..13fca93
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:foopass::0:99999:7:::
diff --git a/tests/failures/usermod/10_usermod_-p_time_0/usermod.test b/tests/failures/usermod/10_usermod_-p_time_0/usermod.test
new file mode 100755
index 0000000..f54c918
--- /dev/null
+++ b/tests/failures/usermod/10_usermod_-p_time_0/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod disables aging when time is not set"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's password (usermod -p foopass foo)..."
+LD_PRELOAD=../../../common/time_0.so usermod -p foopass foo 2>/dev/null
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config.txt b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/default/useradd b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/group b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/gshadow b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/passwd b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/shadow b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/data/shadow b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/data/shadow
new file mode 100644
index 0000000..6faa0c5
--- /dev/null
+++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblahblah::0:99999:7:12::
diff --git a/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/usermod.test b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/usermod.test
new file mode 100755
index 0000000..56e9c83
--- /dev/null
+++ b/tests/failures/usermod/11_usermod-f_no_shadow_entry_time_0/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod disables aging when time is not set"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's password (usermod -f 12 foo)..."
+LD_PRELOAD=../../../common/time_0.so usermod -f 12 foo 2>/dev/null
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config.txt b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/default/useradd b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/group b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/gshadow b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/login.defs b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/passwd b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/shadow b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/data/usermod.err b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/data/usermod.err
new file mode 100644
index 0000000..a5fd4c3
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/data/usermod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/passwd+ /etc/passwd
+usermod: failure while writing changes to /etc/passwd
diff --git a/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/usermod.test b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/usermod.test
new file mode 100755
index 0000000..d7c95b7
--- /dev/null
+++ b/tests/failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/usermod.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod reports failure to unlock /etc/passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change UID of foo to 1001 (usermod -u 1001 foo)..."
+LD_PRELOAD=../../../common/unlink_failure.so FAILURE_PATH=/etc/passwd.lock usermod -u 1001 foo 2>tmp/usermod.err
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config.txt b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/default/useradd b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/group b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/gshadow b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/login.defs b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/passwd b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/shadow b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subgid b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subgid
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subuid b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/config/etc/subuid
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/data/usermod.err b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/data/usermod.err
new file mode 100644
index 0000000..a83d4bf
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/data/usermod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/subuid 2 ...
+usermod: cannot open /etc/subuid
diff --git a/tests/failures/usermod/13_usermod_-v_open_subuid_failure/usermod.test b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/usermod.test
new file mode 100755
index 0000000..fdff7e1
--- /dev/null
+++ b/tests/failures/usermod/13_usermod_-v_open_subuid_failure/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod report failures when it cannot open the /etc/subuid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add range for user foo (usermod -v 100000-100000 foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subuid usermod -v 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config.txt b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/default/useradd b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/group b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/gshadow b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/login.defs b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/passwd b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/shadow b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subgid b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subgid
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subuid b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/config/etc/subuid
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/data/usermod.err b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/data/usermod.err
new file mode 100644
index 0000000..a83d4bf
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/data/usermod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/subuid 2 ...
+usermod: cannot open /etc/subuid
diff --git a/tests/failures/usermod/14_usermod_-V_open_subuid_failure/usermod.test b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/usermod.test
new file mode 100755
index 0000000..47ff348
--- /dev/null
+++ b/tests/failures/usermod/14_usermod_-V_open_subuid_failure/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod report failures when it cannot open the /etc/subuid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add range for user foo (usermod -V 100000-100000 foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subuid usermod -V 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config.txt b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/default/useradd b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/group b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/gshadow b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/login.defs b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/passwd b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/shadow b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subgid b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subgid
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subuid b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/config/etc/subuid
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/data/usermod.err b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/data/usermod.err
new file mode 100644
index 0000000..7cb1df5
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/data/usermod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/subgid 2 ...
+usermod: cannot open /etc/subgid
diff --git a/tests/failures/usermod/15_usermod_-w_open_subgid_failure/usermod.test b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/usermod.test
new file mode 100755
index 0000000..3469d93
--- /dev/null
+++ b/tests/failures/usermod/15_usermod_-w_open_subgid_failure/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod report failures when it cannot open the /etc/subgid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add range for user foo (usermod -w 100000-100000 foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subgid usermod -w 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config.txt b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/default/useradd b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/group b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/gshadow b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/login.defs b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/passwd b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/shadow b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subgid b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subgid
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subuid b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/config/etc/subuid
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/data/usermod.err b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/data/usermod.err
new file mode 100644
index 0000000..7cb1df5
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/data/usermod.err
@@ -0,0 +1,2 @@
+open FAILURE /etc/subgid 2 ...
+usermod: cannot open /etc/subgid
diff --git a/tests/failures/usermod/16_usermod_-W_open_subgid_failure/usermod.test b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/usermod.test
new file mode 100755
index 0000000..a03c2c5
--- /dev/null
+++ b/tests/failures/usermod/16_usermod_-W_open_subgid_failure/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod report failures when it cannot open the /etc/subgid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add range for user foo (usermod -W 100000-100000 foo)..."
+LD_PRELOAD=../../../common/open_RDWR_failure.so FAILURE_PATH=/etc/subgid usermod -W 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config.txt b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/default/useradd b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/group b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/gshadow b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/login.defs b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/passwd b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/passwd
new file mode 100644
index 0000000..ae6ebfe
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/shadow b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subgid b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subgid
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subuid b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/config/etc/subuid
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/data/usermod.err b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/data/usermod.err
new file mode 100644
index 0000000..d498ae9
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/data/usermod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/subuid+ /etc/subuid
+usermod: failure while writing changes to /etc/subuid
diff --git a/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/usermod.test b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/usermod.test
new file mode 100755
index 0000000..0e39b61
--- /dev/null
+++ b/tests/failures/usermod/17_usermod_-v_rename_subuid_failure/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod reports failure to write /etc/subuid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add subordinate uid for user foo (usermod -v 100000-100000 foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subuid usermod -v 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config.txt b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/default/useradd b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/group b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/gshadow b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/login.defs b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/passwd b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/passwd
new file mode 100644
index 0000000..ae6ebfe
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/shadow b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subgid b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subgid
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subuid b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/config/etc/subuid
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/data/usermod.err b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/data/usermod.err
new file mode 100644
index 0000000..ee968b8
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/data/usermod.err
@@ -0,0 +1,2 @@
+rename FAILURE /etc/subgid+ /etc/subgid
+usermod: failure while writing changes to /etc/subgid
diff --git a/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/usermod.test b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/usermod.test
new file mode 100755
index 0000000..c14e5c1
--- /dev/null
+++ b/tests/failures/usermod/18_usermod_-w_rename_subgid_failure/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod reports failure to write /etc/subgid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add subordinate uid for user foo (usermod -w 100000-100000 foo)..."
+LD_PRELOAD=../../../common/rename_failure.so FAILURE_PATH=/etc/subgid usermod -w 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/chgpasswd.test b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/chgpasswd.test
new file mode 100755
index 0000000..c62fc54
--- /dev/null
+++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/chgpasswd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd fails if a group does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's, disk's, and foooo's password..."
+echo 'nogroup:test
+disk:test2
+foooo:test3' | chgpasswd 2>tmp/chgpasswd.err && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/group b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/gshadow b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/login.defs b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/passwd b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/shadow b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/data/chgpasswd.err b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/data/chgpasswd.err
new file mode 100644
index 0000000..38413df
--- /dev/null
+++ b/tests/grouptools/chgpasswd/01_chgpasswd_invalid_group/data/chgpasswd.err
@@ -0,0 +1,2 @@
+chgpasswd: line 3: group 'foooo' does not exist
+chgpasswd: error detected, changes ignored
diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/chgpasswd.test b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/chgpasswd.test
new file mode 100755
index 0000000..4029ad7
--- /dev/null
+++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can change mulitple groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's and disk's password..."
+echo 'nogroup:test
+disk:test2' | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/group b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/gshadow b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/login.defs b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/passwd b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/shadow b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/data/gshadow b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/data/gshadow
new file mode 100644
index 0000000..10d3a52
--- /dev/null
+++ b/tests/grouptools/chgpasswd/02_chgpasswd_multiple_groups/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:@PASS_DES test2@::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_DES test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/chgpasswd.test b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/chgpasswd.test
new file mode 100755
index 0000000..96900fb
--- /dev/null
+++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/chgpasswd.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd changes the pasword in group if gshadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/gshadow..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "Change nogroup's and disk's password..."
+echo 'nogroup:test
+disk:test2' | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check that gshadow does not exist..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/group b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/gshadow b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/login.defs b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/passwd b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/shadow b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/data/group b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/data/group
new file mode 100644
index 0000000..7f5e536
--- /dev/null
+++ b/tests/grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:@PASS_DES test2@:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:@PASS_DES test@:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/chgpasswd.test b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/chgpasswd.test
new file mode 100755
index 0000000..8def840
--- /dev/null
+++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd changes the group entry if there are no entries in gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's and disk's password..."
+echo 'nogroup:test
+disk:test2' | chgpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/group b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/gshadow b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..54dc57e
--- /dev/null
+++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/gshadow
@@ -0,0 +1,40 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/login.defs b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/passwd b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/shadow b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/group b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/gshadow b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/gshadow
new file mode 100644
index 0000000..544e0d1
--- /dev/null
+++ b/tests/grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:@PASS_DES test2@::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
+nogroup:@PASS_DES test@::
diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/chgpasswd.test b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/chgpasswd.test
new file mode 100755
index 0000000..53ffbf2
--- /dev/null
+++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/chgpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd fails if no password are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's password..."
+echo 'nogroup:test
+disk' | chgpasswd 2>tmp/chgpasswd.err && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/group b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/gshadow b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/login.defs b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/passwd b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/shadow b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/data/chgpasswd.err b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/data/chgpasswd.err
new file mode 100644
index 0000000..86c0803
--- /dev/null
+++ b/tests/grouptools/chgpasswd/05_chgpasswd_error_no_password/data/chgpasswd.err
@@ -0,0 +1,2 @@
+chgpasswd: line 2: missing new password
+chgpasswd: error detected, changes ignored
diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/chgpasswd.test b/tests/grouptools/chgpasswd/06_chgpasswd_usage/chgpasswd.test
new file mode 100755
index 0000000..1075f0f
--- /dev/null
+++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/chgpasswd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get chgpasswd usage (chgpasswd -h)..."
+chgpasswd -h >tmp/usage.out
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config.txt b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/default/useradd b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/group b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/gshadow b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/passwd b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/shadow b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/06_chgpasswd_usage/data/usage.out b/tests/grouptools/chgpasswd/06_chgpasswd_usage/data/usage.out
new file mode 100644
index 0000000..46b49c3
--- /dev/null
+++ b/tests/grouptools/chgpasswd/06_chgpasswd_usage/data/usage.out
@@ -0,0 +1,12 @@
+Usage: chgpasswd [options]
+
+Options:
+  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -e, --encrypted               supplied passwords are encrypted
+  -h, --help                    display this help message and exit
+  -m, --md5                     encrypt the clear text password using
+                                the MD5 algorithm
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/chgpasswd.test b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/chgpasswd.test
new file mode 100755
index 0000000..56de5cb
--- /dev/null
+++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/chgpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd displays its usage message in case on non recognized option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get chgpasswd usage (chgpasswd --foo)..."
+chgpasswd --foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config.txt b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/default/useradd b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/group b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/gshadow b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/passwd b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/shadow b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/data/usage.out b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/data/usage.out
new file mode 100644
index 0000000..e96d97c
--- /dev/null
+++ b/tests/grouptools/chgpasswd/07_chgpasswd_usage_bad_option/data/usage.out
@@ -0,0 +1,13 @@
+chgpasswd: unrecognized option '--foo'
+Usage: chgpasswd [options]
+
+Options:
+  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -e, --encrypted               supplied passwords are encrypted
+  -h, --help                    display this help message and exit
+  -m, --md5                     encrypt the clear text password using
+                                the MD5 algorithm
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/chgpasswd.test b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/chgpasswd.test
new file mode 100755
index 0000000..f6b96d5
--- /dev/null
+++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/chgpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks that -e and -m are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password are encrypted and must use md5 (chgpasswd -m -e)..."
+echo 'nobody:test' | chgpasswd -m -e 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config.txt b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/default/useradd b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/group b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/gshadow b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/passwd b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/shadow b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/data/usage.out b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/data/usage.out
new file mode 100644
index 0000000..d3a57b6
--- /dev/null
+++ b/tests/grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/data/usage.out
@@ -0,0 +1,13 @@
+chgpasswd: the -c, -e, and -m flags are exclusive
+Usage: chgpasswd [options]
+
+Options:
+  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -e, --encrypted               supplied passwords are encrypted
+  -h, --help                    display this help message and exit
+  -m, --md5                     encrypt the clear text password using
+                                the MD5 algorithm
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/chgpasswd.test b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/chgpasswd.test
new file mode 100755
index 0000000..9da58d6
--- /dev/null
+++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/chgpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks that -e and -c are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password are encrypted and must use another method (chgpasswd -c SHA512 -e)..."
+echo 'nobody:test' | chgpasswd -c SHA512 -e 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config.txt b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/default/useradd b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/group b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/gshadow b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/passwd b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/shadow b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/data/usage.out b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/data/usage.out
new file mode 100644
index 0000000..d3a57b6
--- /dev/null
+++ b/tests/grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/data/usage.out
@@ -0,0 +1,13 @@
+chgpasswd: the -c, -e, and -m flags are exclusive
+Usage: chgpasswd [options]
+
+Options:
+  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -e, --encrypted               supplied passwords are encrypted
+  -h, --help                    display this help message and exit
+  -m, --md5                     encrypt the clear text password using
+                                the MD5 algorithm
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/chgpasswd.test b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/chgpasswd.test
new file mode 100755
index 0000000..e83338f
--- /dev/null
+++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/chgpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks that -c and -m are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password must use md5 and another method (chgpasswd -m -c SHA256)..."
+echo 'nobody:test' | chgpasswd -m -c SHA256 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config.txt b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/default/useradd b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/group b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/gshadow b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/passwd b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/shadow b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/data/usage.out b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/data/usage.out
new file mode 100644
index 0000000..d3a57b6
--- /dev/null
+++ b/tests/grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/data/usage.out
@@ -0,0 +1,13 @@
+chgpasswd: the -c, -e, and -m flags are exclusive
+Usage: chgpasswd [options]
+
+Options:
+  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -e, --encrypted               supplied passwords are encrypted
+  -h, --help                    display this help message and exit
+  -m, --md5                     encrypt the clear text password using
+                                the MD5 algorithm
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/chgpasswd.test b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/chgpasswd.test
new file mode 100755
index 0000000..293e932
--- /dev/null
+++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/chgpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks that -c is provided if -s is used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password must use md5 and another method (chgpasswd --sha-rounds 12)..."
+echo 'nobody:test' | chgpasswd --sha-rounds 12 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config.txt b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/default/useradd b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/group b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/gshadow b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/passwd b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/shadow b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/data/usage.out b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/data/usage.out
new file mode 100644
index 0000000..4bd98d4
--- /dev/null
+++ b/tests/grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/data/usage.out
@@ -0,0 +1,13 @@
+chgpasswd: -s flag is only allowed with the -c flag
+Usage: chgpasswd [options]
+
+Options:
+  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -e, --encrypted               supplied passwords are encrypted
+  -h, --help                    display this help message and exit
+  -m, --md5                     encrypt the clear text password using
+                                the MD5 algorithm
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/chgpasswd.test b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/chgpasswd.test
new file mode 100755
index 0000000..ebfcde6
--- /dev/null
+++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/chgpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks the -s argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password must use md5 and another method (chgpasswd --sha-rounds 12foo -c SHA512)..."
+echo 'nobody:test' | chgpasswd --sha-rounds 12foo -c SHA512 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config.txt b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/default/useradd b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/group b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/gshadow b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/passwd b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/shadow b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/data/usage.out b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/data/usage.out
new file mode 100644
index 0000000..690a502
--- /dev/null
+++ b/tests/grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/data/usage.out
@@ -0,0 +1,13 @@
+chgpasswd: invalid numeric argument '12foo'
+Usage: chgpasswd [options]
+
+Options:
+  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -e, --encrypted               supplied passwords are encrypted
+  -h, --help                    display this help message and exit
+  -m, --md5                     encrypt the clear text password using
+                                the MD5 algorithm
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/chgpasswd.test b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/chgpasswd.test
new file mode 100755
index 0000000..8cff29b
--- /dev/null
+++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/chgpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks the -c argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password must use md5 and another method (chgpasswd --crypt-method SHA513)..."
+echo 'nobody:test' | chgpasswd --crypt-method SHA513 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config.txt b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/default/useradd b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/group b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/gshadow b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/passwd b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/shadow b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/data/usage.out b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/data/usage.out
new file mode 100644
index 0000000..a103cd5
--- /dev/null
+++ b/tests/grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/data/usage.out
@@ -0,0 +1,13 @@
+chgpasswd: unsupported crypt method: SHA513
+Usage: chgpasswd [options]
+
+Options:
+  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -e, --encrypted               supplied passwords are encrypted
+  -h, --help                    display this help message and exit
+  -m, --md5                     encrypt the clear text password using
+                                the MD5 algorithm
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/chgpasswd.test b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/chgpasswd.test
new file mode 100755
index 0000000..c622581
--- /dev/null
+++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use encrypted password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd -e)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/group b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/gshadow b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/passwd b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/shadow b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/data/gshadow b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/data/gshadow
new file mode 100644
index 0000000..71489d5
--- /dev/null
+++ b/tests/grouptools/chgpasswd/14_chgpasswd_password_encrypted/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:test2::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:test::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/chgpasswd.test b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/chgpasswd.test
new file mode 100755
index 0000000..964d193
--- /dev/null
+++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create md5 passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --md5)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --md5
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/group b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/gshadow b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/passwd b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/shadow b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/data/gshadow b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/data/gshadow
new file mode 100644
index 0000000..eea258e
--- /dev/null
+++ b/tests/grouptools/chgpasswd/15_chgpasswd_password_md5/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_MD5 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_MD5 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/chgpasswd.test b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/chgpasswd.test
new file mode 100755
index 0000000..98cf6d0
--- /dev/null
+++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use encrypted passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd -c NONE)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd -c NONE
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/group b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/gshadow b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/passwd b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/shadow b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/data/gshadow b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/data/gshadow
new file mode 100644
index 0000000..71489d5
--- /dev/null
+++ b/tests/grouptools/chgpasswd/16_chgpasswd_password_NONE/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:test2::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:test::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/chgpasswd.test b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/chgpasswd.test
new file mode 100755
index 0000000..920589b
--- /dev/null
+++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create MD5 passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --crypt-method MD5)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --crypt-method MD5
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/group b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/gshadow b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/passwd b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/shadow b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/data/gshadow b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/data/gshadow
new file mode 100644
index 0000000..eea258e
--- /dev/null
+++ b/tests/grouptools/chgpasswd/17_chgpasswd_password_MD5/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_MD5 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_MD5 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/chgpasswd.test b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/chgpasswd.test
new file mode 100755
index 0000000..bf504af
--- /dev/null
+++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create DES passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --crypt-method DES)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --crypt-method DES
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/group b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/gshadow b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/passwd b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/shadow b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/data/gshadow b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/data/gshadow
new file mode 100644
index 0000000..dcf1749
--- /dev/null
+++ b/tests/grouptools/chgpasswd/18_chgpasswd_password_DES/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_DES test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_DES test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/chgpasswd.test b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/chgpasswd.test
new file mode 100755
index 0000000..07770c4
--- /dev/null
+++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create SHA256 passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA256)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --crypt-method SHA256
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/group b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/gshadow b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/passwd b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/shadow b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/data/gshadow b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/data/gshadow
new file mode 100644
index 0000000..e22ddf5
--- /dev/null
+++ b/tests/grouptools/chgpasswd/19_chgpasswd_password_SHA256/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_SHA256 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA256 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/chgpasswd.test b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/chgpasswd.test
new file mode 100755
index 0000000..e269270
--- /dev/null
+++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/chgpasswd.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create SHA256 passwords and use at least 1000 rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA256 -s 900)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --crypt-method SHA256 -s 900
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+grep nogroup /etc/gshadow | grep -q ':\$5\$rounds=1000\$'
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/group b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/gshadow b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/passwd b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/shadow b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/data/gshadow b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/data/gshadow
new file mode 100644
index 0000000..e22ddf5
--- /dev/null
+++ b/tests/grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_SHA256 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA256 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/chgpasswd.test b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/chgpasswd.test
new file mode 100755
index 0000000..7d33204
--- /dev/null
+++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/chgpasswd.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create SHA256 passwords and use the requested number of rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA256 -s 9000)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --crypt-method SHA256 -s 9000
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+grep nogroup /etc/gshadow | grep -q ':\$5\$rounds=9000\$'
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/group b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/gshadow b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/passwd b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/shadow b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/data/gshadow b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/data/gshadow
new file mode 100644
index 0000000..e22ddf5
--- /dev/null
+++ b/tests/grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_SHA256 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA256 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/chgpasswd.test b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/chgpasswd.test
new file mode 100755
index 0000000..1a560dc
--- /dev/null
+++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create SHA512 passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA512)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --crypt-method SHA512
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/group b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/gshadow b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/passwd b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/shadow b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/data/gshadow b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/data/gshadow
new file mode 100644
index 0000000..f4f8034
--- /dev/null
+++ b/tests/grouptools/chgpasswd/22_chgpasswd_password_SHA512/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_SHA512 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA512 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/chgpasswd.test b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/chgpasswd.test
new file mode 100755
index 0000000..5af55f8
--- /dev/null
+++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/chgpasswd.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create SHA512 passwords and use at least 1000 rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA512 -s 900)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --crypt-method SHA512 -s 900
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+grep nogroup /etc/gshadow | grep -q ':\$6\$rounds=1000\$'
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/group b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/gshadow b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/passwd b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/shadow b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/data/gshadow b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/data/gshadow
new file mode 100644
index 0000000..f4f8034
--- /dev/null
+++ b/tests/grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_SHA512 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA512 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/chgpasswd.test b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/chgpasswd.test
new file mode 100755
index 0000000..2e85531
--- /dev/null
+++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/chgpasswd.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd can use create SHA512 passwords and use the requested number of rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup and lp's password (chgpasswd --crypt-method SHA512 -s 9000)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd --crypt-method SHA512 -s 9000
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+grep nogroup /etc/gshadow | grep -q ':\$6\$rounds=9000\$'
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/group b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/gshadow b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/passwd b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/shadow b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/data/gshadow b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/data/gshadow
new file mode 100644
index 0000000..f4f8034
--- /dev/null
+++ b/tests/grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:@PASS_SHA512 test2@::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:@PASS_SHA512 test@::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/chgpasswd.test b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/chgpasswd.test
new file mode 100755
index 0000000..17f6f95
--- /dev/null
+++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/chgpasswd.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd changes the group file if gshadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/gshadow..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "Change nogroup's and lp's password..."
+echo 'nogroup:test
+lp:test2' | chgpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check that gshadow does not exist..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/group b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..d5d9eb7
--- /dev/null
+++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:foo:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:bar:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/gshadow b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/passwd b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/shadow b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/data/group b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/data/group
new file mode 100644
index 0000000..575c221
--- /dev/null
+++ b/tests/grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:test2:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:test:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/chgpasswd.test b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/chgpasswd.test
new file mode 100755
index 0000000..17f6f95
--- /dev/null
+++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/chgpasswd.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd changes the group file if gshadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/gshadow..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "Change nogroup's and lp's password..."
+echo 'nogroup:test
+lp:test2' | chgpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check that gshadow does not exist..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/group b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/gshadow b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/passwd b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/shadow b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/data/group b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/data/group
new file mode 100644
index 0000000..575c221
--- /dev/null
+++ b/tests/grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:test2:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:test:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/chgpasswd.test b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/chgpasswd.test
new file mode 100755
index 0000000..1d9af4b
--- /dev/null
+++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/chgpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd changes the group entry if there are no gshadow entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nogroup's and lp's password..."
+echo 'nogroup:test
+lp:test2' | chgpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/group b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/gshadow b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..aecd9b9
--- /dev/null
+++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/gshadow
@@ -0,0 +1,40 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/passwd b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/shadow b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/shadow
new file mode 100644
index 0000000..f4f74a5
--- /dev/null
+++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/config/etc/shadow
@@ -0,0 +1,18 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/group b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/gshadow b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/gshadow
new file mode 100644
index 0000000..3652f6f
--- /dev/null
+++ b/tests/grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:test::
+crontab:x::
+Debian-exim:x::
+lp:test2::
diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/chgpasswd.test b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/chgpasswd.test
new file mode 100755
index 0000000..c0be3c9
--- /dev/null
+++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/chgpasswd.test
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Change passwords (chgpasswd -e)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config.txt b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config.txt
diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/default/useradd b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/group b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/gshadow b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/passwd b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/shadow b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/data/chgpasswd.err b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/data/chgpasswd.err
new file mode 100644
index 0000000..5c91d93
--- /dev/null
+++ b/tests/grouptools/chgpasswd/30_chgpasswd_locked_group/data/chgpasswd.err
@@ -0,0 +1,2 @@
+chgpasswd: existing lock file /etc/group.lock without a PID
+chgpasswd: cannot lock /etc/group; try again later.
diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/chgpasswd.test b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/chgpasswd.test
new file mode 100755
index 0000000..368e4b8
--- /dev/null
+++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/chgpasswd.test
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Change passwords (chgpasswd -e)..."
+echo 'nogroup:test
+lp:test2' | chgpasswd -e 2>tmp/chgpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config.txt b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config.txt
diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/default/useradd b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/group b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/gshadow b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/passwd b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/shadow b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/data/chgpasswd.err b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/data/chgpasswd.err
new file mode 100644
index 0000000..dcef785
--- /dev/null
+++ b/tests/grouptools/chgpasswd/31_chgpasswd_locked_gshadow/data/chgpasswd.err
@@ -0,0 +1,2 @@
+chgpasswd: existing lock file /etc/gshadow.lock without a PID
+chgpasswd: cannot lock /etc/gshadow; try again later.
diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/chgpasswd.test b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/chgpasswd.test
new file mode 100755
index 0000000..1dede9e
--- /dev/null
+++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/chgpasswd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chgpasswd checks that users exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chgpasswd)..."
+echo 'nogroup:test
+bar:bar2
+lp:test2' | chgpasswd 2>tmp/chgpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chgpasswd reported:"
+echo "======================================================================="
+cat tmp/chgpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chgpasswd.err tmp/chgpasswd.err
+echo "error message OK."
+rm -f tmp/chgpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config.txt b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config.txt
diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/default/useradd b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/group b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/gshadow b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/passwd b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/shadow b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/data/chgpasswd.err b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/data/chgpasswd.err
new file mode 100644
index 0000000..bf4249e
--- /dev/null
+++ b/tests/grouptools/chgpasswd/32_chgpasswd_invalid_group/data/chgpasswd.err
@@ -0,0 +1,2 @@
+chgpasswd: line 2: group 'bar' does not exist
+chgpasswd: error detected, changes ignored
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/01_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/gpasswd.test
new file mode 100755
index 0000000..3084f76
--- /dev/null
+++ b/tests/grouptools/gpasswd/01_gpasswd_change_member_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (1 -> 0 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..."
+gpasswd -M "" users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/group
new file mode 100644
index 0000000..1838a36
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/gshadow
new file mode 100644
index 0000000..689ea4c
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo,bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/02_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/gpasswd.test
new file mode 100755
index 0000000..75a8abe
--- /dev/null
+++ b/tests/grouptools/gpasswd/02_gpasswd_change_member_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 0 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..."
+gpasswd -M "" users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/03_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/gpasswd.test
new file mode 100755
index 0000000..08ee996
--- /dev/null
+++ b/tests/grouptools/gpasswd/03_gpasswd_change_member_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (0 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/group
new file mode 100644
index 0000000..8b3971e
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/gshadow
new file mode 100644
index 0000000..5054bf7
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/04_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/gpasswd.test
new file mode 100755
index 0000000..f9879d9
--- /dev/null
+++ b/tests/grouptools/gpasswd/04_gpasswd_change_member_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (1 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/group
new file mode 100644
index 0000000..1838a36
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/gshadow
new file mode 100644
index 0000000..689ea4c
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo,bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/05_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/gpasswd.test
new file mode 100755
index 0000000..965a4d6
--- /dev/null
+++ b/tests/grouptools/gpasswd/05_gpasswd_change_member_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config.txt b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/default/useradd b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/group b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/group
new file mode 100644
index 0000000..1838a36
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/gshadow b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/gshadow
new file mode 100644
index 0000000..689ea4c
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo,bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/passwd b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/shadow b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/group b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/group
new file mode 100644
index 0000000..aa85a13
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root,daemon
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/gshadow b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/gshadow
new file mode 100644
index 0000000..1e2ca45
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::root,daemon
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/06_gpasswd_change_member_list/gpasswd.test b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/gpasswd.test
new file mode 100755
index 0000000..dfbd793
--- /dev/null
+++ b/tests/grouptools/gpasswd/06_gpasswd_change_member_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 2 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to root,daemon (gpasswd -M root,daemon users)..."
+gpasswd -M root,daemon users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..afcbd74
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:x::
diff --git a/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..3084f76
--- /dev/null
+++ b/tests/grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (1 -> 0 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..."
+gpasswd -M "" users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..bbe0311
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:*:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..9abbd26
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:*::
diff --git a/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..75a8abe
--- /dev/null
+++ b/tests/grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 0 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..."
+gpasswd -M "" users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..0404aba
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:*:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..cda0d0a
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:*::foo
diff --git a/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..08ee996
--- /dev/null
+++ b/tests/grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (0 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..e2d8b14
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:password:100:bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..86fa988
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:password::foo
diff --git a/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..f9879d9
--- /dev/null
+++ b/tests/grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (1 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..bbe0311
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:*:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..cda0d0a
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:*::foo
diff --git a/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..965a4d6
--- /dev/null
+++ b/tests/grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..bbe0311
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:*:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/group b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/group
new file mode 100644
index 0000000..aa85a13
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root,daemon
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..692d0f7
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:*::root,daemon
diff --git a/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..dfbd793
--- /dev/null
+++ b/tests/grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 2 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to root,daemon (gpasswd -M root,daemon users)..."
+gpasswd -M root,daemon users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..b1450c9
--- /dev/null
+++ b/tests/grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (1 -> 0 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..."
+gpasswd -M "" users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..1838a36
--- /dev/null
+++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..689ea4c
--- /dev/null
+++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo,bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..bd95302
--- /dev/null
+++ b/tests/grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 0 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "set the list of members to \"\" (gpasswd -M \"\" users)..."
+gpasswd -M "" users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..e6e6ab0
--- /dev/null
+++ b/tests/grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (0 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..8b3971e
--- /dev/null
+++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5054bf7
--- /dev/null
+++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..e5b40b4
--- /dev/null
+++ b/tests/grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (1 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..1838a36
--- /dev/null
+++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..689ea4c
--- /dev/null
+++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo,bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..8b92888
--- /dev/null
+++ b/tests/grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 1 group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove the gshadow file..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "set the list of members to foo (gpasswd -M foo users)..."
+gpasswd -M foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..1838a36
--- /dev/null
+++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..689ea4c
--- /dev/null
+++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo,bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/data/group b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/data/group
new file mode 100644
index 0000000..aa85a13
--- /dev/null
+++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root,daemon
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..2b2b2ac
--- /dev/null
+++ b/tests/grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members (2 -> 2 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "set the list of members to root,daemon (gpasswd -M root,daemon users)..."
+gpasswd -M root,daemon users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config.txt b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/group b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/gshadow b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/login.defs b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/login.defs
new file mode 100644
index 0000000..91c4b42
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+# ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/passwd b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/shadow b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/data/gshadow b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/data/gshadow
new file mode 100644
index 0000000..6b880f5
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:@PASS_DES usersPAS@::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.exp b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.exp
new file mode 100755
index 0000000..c6e20fd
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.exp
@@ -0,0 +1,70 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+	puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+	exit 1
+}
+
+set run_user    [lindex $argv 0]
+set group       [lindex $argv 1]
+set g_password  [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt"		;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r"			;# restore the prompt for the logs
+send "whoami\r"			;# Verify we are really testsuite
+
+expect {
+	timeout {
+		puts "\ntimeout...FAIL"
+		exit 1
+	}
+	"$run_user"
+}
+
+expect "$user_prompt"			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "gpasswd $group\r"		;# Change the password
+expect "New Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+
+send_user "\n# password '$g_password' sent\n\n"
+
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+
+send_user "# expect prompt '$user_prompt'"
+
+expect {
+	# Wait for the new prompt
+	"$user_prompt" {
+		send "exit\r"
+		expect "$ "
+		puts "\nPASS"
+		exit 0
+	}
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.test b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.test
new file mode 100755
index 0000000..5d316e2
--- /dev/null
+++ b/tests/grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp root users usersPAS '# '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config.txt b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/login.defs b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/login.defs
new file mode 100644
index 0000000..91c4b42
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+# ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..4bce8b4
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:@PASS_DES usersPAS@::foo
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.exp b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.exp
new file mode 100755
index 0000000..c6e20fd
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.exp
@@ -0,0 +1,70 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+	puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+	exit 1
+}
+
+set run_user    [lindex $argv 0]
+set group       [lindex $argv 1]
+set g_password  [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt"		;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r"			;# restore the prompt for the logs
+send "whoami\r"			;# Verify we are really testsuite
+
+expect {
+	timeout {
+		puts "\ntimeout...FAIL"
+		exit 1
+	}
+	"$run_user"
+}
+
+expect "$user_prompt"			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "gpasswd $group\r"		;# Change the password
+expect "New Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+
+send_user "\n# password '$g_password' sent\n\n"
+
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+
+send_user "# expect prompt '$user_prompt'"
+
+expect {
+	# Wait for the new prompt
+	"$user_prompt" {
+		send "exit\r"
+		expect "$ "
+		puts "\nPASS"
+		exit 0
+	}
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..5d316e2
--- /dev/null
+++ b/tests/grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp root users usersPAS '# '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/login.defs b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/login.defs
new file mode 100644
index 0000000..91c4b42
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+# ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/data/group b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/data/group
new file mode 100644
index 0000000..76ead96
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:@PASS_DES usersPAS@:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.exp b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.exp
new file mode 100755
index 0000000..c6e20fd
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.exp
@@ -0,0 +1,70 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+	puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+	exit 1
+}
+
+set run_user    [lindex $argv 0]
+set group       [lindex $argv 1]
+set g_password  [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt"		;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r"			;# restore the prompt for the logs
+send "whoami\r"			;# Verify we are really testsuite
+
+expect {
+	timeout {
+		puts "\ntimeout...FAIL"
+		exit 1
+	}
+	"$run_user"
+}
+
+expect "$user_prompt"			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "gpasswd $group\r"		;# Change the password
+expect "New Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+
+send_user "\n# password '$g_password' sent\n\n"
+
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+
+send_user "# expect prompt '$user_prompt'"
+
+expect {
+	# Wait for the new prompt
+	"$user_prompt" {
+		send "exit\r"
+		expect "$ "
+		puts "\nPASS"
+		exit 0
+	}
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..9f90aaf
--- /dev/null
+++ b/tests/grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+./gpasswd.exp root users usersPAS '# '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config.txt b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config.txt
new file mode 100644
index 0000000..2fb7c37
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config.txt
@@ -0,0 +1 @@
+myuser exist and is an admin of group users
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/group b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/gshadow b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/gshadow
new file mode 100644
index 0000000..aef7f5b
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:myuser:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/login.defs b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/login.defs
new file mode 100644
index 0000000..91c4b42
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+# ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/passwd b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/passwd
new file mode 100644
index 0000000..86d7855
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+myuser:x:1001:1000:::/bin/bash
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/shadow b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/shadow
new file mode 100644
index 0000000..f2f5bb2
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+myuser::12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/data/gshadow b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/data/gshadow
new file mode 100644
index 0000000..048d86a
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:@PASS_DES usersPAS@:myuser:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.exp b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.exp
new file mode 100755
index 0000000..c6e20fd
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.exp
@@ -0,0 +1,70 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+	puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+	exit 1
+}
+
+set run_user    [lindex $argv 0]
+set group       [lindex $argv 1]
+set g_password  [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt"		;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r"			;# restore the prompt for the logs
+send "whoami\r"			;# Verify we are really testsuite
+
+expect {
+	timeout {
+		puts "\ntimeout...FAIL"
+		exit 1
+	}
+	"$run_user"
+}
+
+expect "$user_prompt"			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "gpasswd $group\r"		;# Change the password
+expect "New Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+
+send_user "\n# password '$g_password' sent\n\n"
+
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+
+send_user "# expect prompt '$user_prompt'"
+
+expect {
+	# Wait for the new prompt
+	"$user_prompt" {
+		send "exit\r"
+		expect "$ "
+		puts "\nPASS"
+		exit 0
+	}
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.test b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.test
new file mode 100755
index 0000000..9ae0cd8
--- /dev/null
+++ b/tests/grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp myuser users usersPAS '$ '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config.txt b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config.txt
new file mode 100644
index 0000000..2fb7c37
--- /dev/null
+++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config.txt
@@ -0,0 +1 @@
+myuser exist and is an admin of group users
diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/group b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/gshadow b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/passwd b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/passwd
new file mode 100644
index 0000000..86d7855
--- /dev/null
+++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+myuser:x:1001:1000:::/bin/bash
diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/shadow b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/shadow
new file mode 100644
index 0000000..f2f5bb2
--- /dev/null
+++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+myuser::12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.exp b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.exp
new file mode 100755
index 0000000..1c7ca5b
--- /dev/null
+++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.exp
@@ -0,0 +1,60 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+	puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+	exit 1
+}
+
+set run_user    [lindex $argv 0]
+set group       [lindex $argv 1]
+set g_password  [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt"		;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r"			;# restore the prompt for the logs
+send "whoami\r"			;# Verify we are really testsuite
+
+expect {
+	timeout {
+		puts "\ntimeout...FAIL"
+		exit 1
+	}
+	"$run_user"
+}
+
+expect "$user_prompt"			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "gpasswd $group\r"		;# Change the password
+expect "gpasswd: Permission denied."	;# Not an admin
+
+send_user "\n"
+send_user "# expect prompt '$user_prompt'\n"
+
+expect {
+	# Wait for the new prompt
+	"$user_prompt" {
+		send "exit\r"
+		expect "$ "
+		puts "\nPASS"
+		exit 0
+	}
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.test b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.test
new file mode 100755
index 0000000..d75576e
--- /dev/null
+++ b/tests/grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp myuser users usersPAS '$ '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config.txt
new file mode 100644
index 0000000..2fb7c37
--- /dev/null
+++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config.txt
@@ -0,0 +1 @@
+myuser exist and is an admin of group users
diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..86d7855
--- /dev/null
+++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+myuser:x:1001:1000:::/bin/bash
diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..f2f5bb2
--- /dev/null
+++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+myuser::12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.exp b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.exp
new file mode 100755
index 0000000..7b16acb
--- /dev/null
+++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.exp
@@ -0,0 +1,59 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+	puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+	exit 1
+}
+
+set run_user    [lindex $argv 0]
+set group       [lindex $argv 1]
+set g_password  [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt"		;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r"			;# restore the prompt for the logs
+send "whoami\r"			;# Verify we are really testsuite
+
+expect {
+	timeout {
+		puts "\ntimeout...FAIL"
+		exit 1
+	}
+	"$run_user"
+}
+
+expect "$user_prompt"			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "gpasswd $group\r"		;# Change the password
+expect "gpasswd: Permission denied."	;# Not an admin
+
+send_user "# expect prompt '$user_prompt'\n"
+
+expect {
+	# Wait for the new prompt
+	"$user_prompt" {
+		send "exit\r"
+		expect "$ "
+		puts "\nPASS"
+		exit 0
+	}
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..c61fa9b
--- /dev/null
+++ b/tests/grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+./gpasswd.exp myuser users usersPAS '$ '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config.txt b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/default/useradd b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/group b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/gshadow b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/passwd b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/shadow b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/group b/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/gshadow b/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/gshadow
new file mode 100644
index 0000000..ef584f0
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/25_gpasswd_remove_password/gpasswd.test b/tests/grouptools/gpasswd/25_gpasswd_remove_password/gpasswd.test
new file mode 100755
index 0000000..f942690
--- /dev/null
+++ b/tests/grouptools/gpasswd/25_gpasswd_remove_password/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove the password of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the pasword of group users (gpasswd -r users)..."
+gpasswd -r users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config.txt b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/group b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..10880c6
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:::foo
diff --git a/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..f942690
--- /dev/null
+++ b/tests/grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove the password of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the pasword of group users (gpasswd -r users)..."
+gpasswd -r users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/data/group b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/data/group
new file mode 100644
index 0000000..cc8c43e
--- /dev/null
+++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users::100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..7658654
--- /dev/null
+++ b/tests/grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove the password of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Remove the pasword of group users (gpasswd -r users)..."
+gpasswd -r users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config.txt b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/default/useradd b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/group b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/gshadow b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/passwd b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/shadow b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/group b/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/gshadow b/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/gshadow
new file mode 100644
index 0000000..ef7c9e5
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:!::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/28_gpasswd_lock_password/gpasswd.test b/tests/grouptools/gpasswd/28_gpasswd_lock_password/gpasswd.test
new file mode 100755
index 0000000..20e41f7
--- /dev/null
+++ b/tests/grouptools/gpasswd/28_gpasswd_lock_password/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can lock the password of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Lock the pasword of group users (gpasswd -R users)..."
+gpasswd -R users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config.txt b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/group b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..761abe1
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:!::foo
diff --git a/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..20e41f7
--- /dev/null
+++ b/tests/grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can lock the password of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Lock the pasword of group users (gpasswd -R users)..."
+gpasswd -R users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/data/group b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/data/group
new file mode 100644
index 0000000..cc423f5
--- /dev/null
+++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:!:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..7d9b49a
--- /dev/null
+++ b/tests/grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can lock the password of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Lock the pasword of group users (gpasswd -R users)..."
+gpasswd -R users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config.txt b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/default/useradd b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/group b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/gshadow b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/passwd b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/shadow b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/group b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/group
new file mode 100644
index 0000000..1b4936a
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/gshadow b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/gshadow
new file mode 100644
index 0000000..f590939
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/gpasswd.test b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/gpasswd.test
new file mode 100755
index 0000000..81b50c9
--- /dev/null
+++ b/tests/grouptools/gpasswd/31_gpasswd_add_user_to_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can add an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo to group bin (gpasswd -a foo bin)..."
+gpasswd -a foo bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config.txt b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..a3846bc
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/group b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/group
new file mode 100644
index 0000000..1b4936a
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..33b3bb4
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bin:x::foo
diff --git a/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..81b50c9
--- /dev/null
+++ b/tests/grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can add an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo to group bin (gpasswd -a foo bin)..."
+gpasswd -a foo bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/data/group b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/data/group
new file mode 100644
index 0000000..1b4936a
--- /dev/null
+++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..b257fe8
--- /dev/null
+++ b/tests/grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can add an user to a group (no gshadow file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Add user foo to group bin (gpasswd -a foo bin)..."
+gpasswd -a foo bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config.txt b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/default/useradd b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/group b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/gshadow b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/passwd b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/shadow b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/group b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/gshadow b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/gpasswd.test b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/gpasswd.test
new file mode 100755
index 0000000..fef6ba0
--- /dev/null
+++ b/tests/grouptools/gpasswd/34_gpasswd_remove_user_from_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config.txt b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/default/useradd b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/group b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/group
new file mode 100644
index 0000000..b7bf0a4
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/gshadow b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/gshadow
new file mode 100644
index 0000000..71ef67c
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo,root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/passwd b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/shadow b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/group b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/group
new file mode 100644
index 0000000..85a95f2
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/gshadow b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/gshadow
new file mode 100644
index 0000000..f704a9d
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/gpasswd.test b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/gpasswd.test
new file mode 100755
index 0000000..0a34349
--- /dev/null
+++ b/tests/grouptools/gpasswd/35_gpasswd_remove_user_from_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group (don't touch other usrs/groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config.txt b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/default/useradd b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/group b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/group
new file mode 100644
index 0000000..2cfa18e
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:bin,foo,root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/gshadow b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/gshadow
new file mode 100644
index 0000000..7207bd2
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:bin,foo,root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/passwd b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/shadow b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/group b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/group
new file mode 100644
index 0000000..38d5cf2
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:bin,root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/gshadow b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/gshadow
new file mode 100644
index 0000000..83e5365
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:bin,root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/gpasswd.test b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/gpasswd.test
new file mode 100755
index 0000000..e279235
--- /dev/null
+++ b/tests/grouptools/gpasswd/36_gpasswd_remove_user_from_group/gpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+# TODO: maybe this is wrong
+log_start "$0" "gpasswd can remove an user to a group (don't touch administrative users)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config.txt b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/group b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..afcbd74
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:x::
diff --git a/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..fef6ba0
--- /dev/null
+++ b/tests/grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config.txt b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..db1fe5b
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:password:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/group b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..1c18211
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:password::
diff --git a/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..fef6ba0
--- /dev/null
+++ b/tests/grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config.txt b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..b7bf0a4
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..bc29364
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::foo
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/group b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/group
new file mode 100644
index 0000000..85a95f2
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..3e0af1e
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:x::root
diff --git a/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..0a34349
--- /dev/null
+++ b/tests/grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group (don't touch other usrs/groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/data/group b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..20985d5
--- /dev/null
+++ b/tests/grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..db1fe5b
--- /dev/null
+++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:password:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..9ae9eeb
--- /dev/null
+++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/data/group b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/data/group
new file mode 100644
index 0000000..ff80f13
--- /dev/null
+++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:password:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..20985d5
--- /dev/null
+++ b/tests/grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..b7bf0a4
--- /dev/null
+++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..bc29364
--- /dev/null
+++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::foo
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/data/group b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/data/group
new file mode 100644
index 0000000..85a95f2
--- /dev/null
+++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..6ec2ebc
--- /dev/null
+++ b/tests/grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group (don't touch other usrs/groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config.txt b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/default/useradd b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/group b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/gshadow b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/passwd b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/shadow b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/data/gpasswd.err b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/data/gpasswd.err
new file mode 100644
index 0000000..dec0fe7
--- /dev/null
+++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/data/gpasswd.err
@@ -0,0 +1,2 @@
+gpasswd: existing lock file /etc/group.lock without a PID
+gpasswd: cannot lock /etc/group; try again later.
diff --git a/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/gpasswd.test b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/gpasswd.test
new file mode 100755
index 0000000..55cd038
--- /dev/null
+++ b/tests/grouptools/gpasswd/43_gpasswd_-r_locked_group/gpasswd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd -r checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Remove the password of group users (gpasswd -r users)..."
+gpasswd -r users 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config.txt b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/default/useradd b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/group b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/gshadow b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/passwd b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/shadow b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/data/gpasswd.err b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/data/gpasswd.err
new file mode 100644
index 0000000..4c5a872
--- /dev/null
+++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/data/gpasswd.err
@@ -0,0 +1,2 @@
+gpasswd: existing lock file /etc/gshadow.lock without a PID
+gpasswd: cannot lock /etc/gshadow; try again later.
diff --git a/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/gpasswd.test b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/gpasswd.test
new file mode 100755
index 0000000..0c7a649
--- /dev/null
+++ b/tests/grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/gpasswd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd -r checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Remove the password of group users (gpasswd -r users)..."
+gpasswd -r users 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config.txt b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/default/useradd b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/group b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/gshadow b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/passwd b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/shadow b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/data/gpasswd.err b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/data/gpasswd.err
new file mode 100644
index 0000000..1cba130
--- /dev/null
+++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/data/gpasswd.err
@@ -0,0 +1 @@
+gpasswd: group 'usersss' does not exist in /etc/group
diff --git a/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/gpasswd.test b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/gpasswd.test
new file mode 100755
index 0000000..b9ec058
--- /dev/null
+++ b/tests/grouptools/gpasswd/45_gpasswd_-r_unknown_group/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd -r fails if the group does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove the password of unknown group usersss (gpasswd -r usersss)..."
+gpasswd -r usersss 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"  # E_BAD_ARG
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config.txt b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/default/useradd b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/group b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/gshadow b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/passwd b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/shadow b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/data/gpasswd.err b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/data/gpasswd.err
new file mode 100644
index 0000000..1ae3559
--- /dev/null
+++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/data/gpasswd.err
@@ -0,0 +1 @@
+gpasswd: user 'foooo' does not exist
diff --git a/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/gpasswd.test b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/gpasswd.test
new file mode 100755
index 0000000..0c7175b
--- /dev/null
+++ b/tests/grouptools/gpasswd/46_gpasswd_-a_unknown_user/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd -a fails if the user does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foooo to group users (gpasswd -a foooo users)..."
+gpasswd -a foooo users 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3" # E_BAD_ARG
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config.txt b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/default/useradd b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/group b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/gshadow b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/passwd b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/shadow b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/data/gpasswd.err b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/data/gpasswd.err
new file mode 100644
index 0000000..1ae3559
--- /dev/null
+++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/data/gpasswd.err
@@ -0,0 +1 @@
+gpasswd: user 'foooo' does not exist
diff --git a/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/gpasswd.test b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/gpasswd.test
new file mode 100755
index 0000000..bb3ab61
--- /dev/null
+++ b/tests/grouptools/gpasswd/47_gpasswd_-M_unknown_user/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd -M fails if an user does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set members of users to root,foooo,bin (gpasswd -M root,foooo,bin users)..."
+gpasswd -M root,foooo,bin users 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3" # E_BAD_ARG
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/gshadow
new file mode 100644
index 0000000..6f73977
--- /dev/null
+++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/data/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/gpasswd.test
new file mode 100755
index 0000000..4cc3100
--- /dev/null
+++ b/tests/grouptools/gpasswd/48_gpasswd_change_admin_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of admins (1 -> 0 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to \"\" (gpasswd -A \"\" users)..."
+gpasswd -A "" users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/gshadow
new file mode 100644
index 0000000..37489ea
--- /dev/null
+++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo,bin:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/gpasswd.test
new file mode 100755
index 0000000..6ed3642
--- /dev/null
+++ b/tests/grouptools/gpasswd/49_gpasswd_change_admin_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of admins (2 -> 0 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to \"\" (gpasswd -A \"\" users)..."
+gpasswd -A "" users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/data/gshadow
new file mode 100644
index 0000000..6f73977
--- /dev/null
+++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/gpasswd.test
new file mode 100755
index 0000000..ca37b35
--- /dev/null
+++ b/tests/grouptools/gpasswd/50_gpasswd_change_admin_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of admins (0 -> 1 groups)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -A foo users)..."
+gpasswd -A foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/group
new file mode 100644
index 0000000..38c2da7
--- /dev/null
+++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/gshadow
new file mode 100644
index 0000000..f74646e
--- /dev/null
+++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:bin:root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/data/gshadow
new file mode 100644
index 0000000..59e5042
--- /dev/null
+++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/gpasswd.test
new file mode 100755
index 0000000..2d64aaa
--- /dev/null
+++ b/tests/grouptools/gpasswd/51_gpasswd_change_admin_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of admins (1 -> 1 users)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -A foo users)..."
+gpasswd -A foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/group
new file mode 100644
index 0000000..38c2da7
--- /dev/null
+++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/gshadow
new file mode 100644
index 0000000..77f563e
--- /dev/null
+++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo,bin:root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/data/gshadow
new file mode 100644
index 0000000..59e5042
--- /dev/null
+++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/gpasswd.test
new file mode 100755
index 0000000..2701d17
--- /dev/null
+++ b/tests/grouptools/gpasswd/52_gpasswd_change_admin_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of admins (2 -> 1 users)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -A foo users)..."
+gpasswd -A foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config.txt b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/default/useradd b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/group b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/group
new file mode 100644
index 0000000..38c2da7
--- /dev/null
+++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/gshadow b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/gshadow
new file mode 100644
index 0000000..77f563e
--- /dev/null
+++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo,bin:root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/passwd b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/shadow b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/data/gshadow b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/data/gshadow
new file mode 100644
index 0000000..651998f
--- /dev/null
+++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:daemon,foo:root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/gpasswd.test b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/gpasswd.test
new file mode 100755
index 0000000..5964aa9
--- /dev/null
+++ b/tests/grouptools/gpasswd/53_gpasswd_change_admin_list/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of admins (2 -> 2 users)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to foo (gpasswd -A daemon,foo users)..."
+gpasswd -A daemon,foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config.txt b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/default/useradd b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/group b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/group
new file mode 100644
index 0000000..e3aaaf8
--- /dev/null
+++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/gshadow b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/gshadow
new file mode 100644
index 0000000..8c7367f
--- /dev/null
+++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/passwd b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/shadow b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/data/gshadow b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/data/gshadow
new file mode 100644
index 0000000..77a3300
--- /dev/null
+++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+users:x:foo:
diff --git a/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/gpasswd.test b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/gpasswd.test
new file mode 100755
index 0000000..bbd88af
--- /dev/null
+++ b/tests/grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can set the list of admins if there is no shadow group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set the admin list of users to foo (gpasswd -A foo users)..."
+gpasswd -A foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config.txt b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/default/useradd b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/group b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/gshadow b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/passwd b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/shadow b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/data/gpasswd.err b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/data/gpasswd.err
new file mode 100644
index 0000000..55bd0cc
--- /dev/null
+++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/data/gpasswd.err
@@ -0,0 +1 @@
+gpasswd: shadow group passwords required for -A
diff --git a/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/gpasswd.test b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/gpasswd.test
new file mode 100755
index 0000000..6074c46
--- /dev/null
+++ b/tests/grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/gpasswd.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd -A checks if the gshadow file exists"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Set the lists of admins to foo (gpasswd -A foo users)..."
+gpasswd -A foo users 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "17" # E_GSHADOW_NOTFOUND
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config.txt b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/default/useradd b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/group b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/group
new file mode 100644
index 0000000..1b4936a
--- /dev/null
+++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/gshadow b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/gshadow
new file mode 100644
index 0000000..f590939
--- /dev/null
+++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/passwd b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/shadow b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/gpasswd.test b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/gpasswd.test
new file mode 100755
index 0000000..488c921
--- /dev/null
+++ b/tests/grouptools/gpasswd/56_gpasswd_add_user_to_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can add an user to a group (already member)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo to group bin (gpasswd -a foo bin)..."
+gpasswd -a foo bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config.txt b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/default/useradd b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/group b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/gshadow b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/gshadow
new file mode 100644
index 0000000..ea4d4ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/passwd b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/shadow b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/data/gpasswd.err b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/data/gpasswd.err
new file mode 100644
index 0000000..e6582d4
--- /dev/null
+++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/data/gpasswd.err
@@ -0,0 +1 @@
+gpasswd: user 'foo' is not a member of 'users'
diff --git a/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/gpasswd.test b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/gpasswd.test
new file mode 100755
index 0000000..80b24c7
--- /dev/null
+++ b/tests/grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group (not in the group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3" # E_BAD_ARG
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config.txt b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/default/useradd b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/group b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/gshadow b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/gshadow
new file mode 100644
index 0000000..ea4d4ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/passwd b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/shadow b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/data/group b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/gpasswd.test b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/gpasswd.test
new file mode 100755
index 0000000..3bc2038
--- /dev/null
+++ b/tests/grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group (not in the group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config.txt b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/default/useradd b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/group b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/gshadow b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/passwd b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/shadow b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/data/gshadow b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/gpasswd.test b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/gpasswd.test
new file mode 100755
index 0000000..5d49520
--- /dev/null
+++ b/tests/grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can remove an user to a group (not in the group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user foo to group bin (gpasswd -d foo users)..."
+gpasswd -d foo users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config.txt b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config.txt
new file mode 100644
index 0000000..ffddf4e
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user useruseruseruseruseruseruseruser, 32 chars
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/default/useradd b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/group b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/group
new file mode 100644
index 0000000..bee1474
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+useruseruseruseruseruseruseruser:x:1000:
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/gshadow b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/gshadow
new file mode 100644
index 0000000..a8d50cc
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+useruseruseruseruseruseruseruser:*::
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/passwd b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/passwd
new file mode 100644
index 0000000..aff85eb
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+useruseruseruseruseruseruseruser:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/shadow b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/shadow
new file mode 100644
index 0000000..ae1c044
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+useruseruseruseruseruseruseruser:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/group b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/group
new file mode 100644
index 0000000..7835fe7
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:useruseruseruseruseruseruseruser
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+useruseruseruseruseruseruseruser:x:1000:
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/gshadow b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/gshadow
new file mode 100644
index 0000000..f8e3924
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::useruseruseruseruseruseruseruser
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+useruseruseruseruseruseruseruser:*::
diff --git a/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/gpasswd.test b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/gpasswd.test
new file mode 100755
index 0000000..594b8c3
--- /dev/null
+++ b/tests/grouptools/gpasswd/60_gpasswd_add_long_user_to_group/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can add an user with 32 characters to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user useruseruseruseruseruseruseruser to group bin (gpasswd -a useruseruseruseruseruseruseruser bin)..."
+gpasswd -a useruseruseruseruseruseruseruser bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/config.txt b/tests/grouptools/gpasswd/61_gpasswd_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/61_gpasswd_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/group b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/gshadow b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/passwd b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/shadow b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/gpasswd/61_gpasswd_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/data/usage.out b/tests/grouptools/gpasswd/61_gpasswd_usage/data/usage.out
new file mode 100644
index 0000000..d1c98d7
--- /dev/null
+++ b/tests/grouptools/gpasswd/61_gpasswd_usage/data/usage.out
@@ -0,0 +1,13 @@
+Usage: gpasswd [option] GROUP
+
+Options:
+  -a, --add USER                add USER to GROUP
+  -d, --delete USER             remove USER from GROUP
+  -h, --help                    display this help message and exit
+  -Q, --root CHROOT_DIR         directory to chroot into
+  -r, --remove-password         remove the GROUP's password
+  -R, --restrict                restrict access to GROUP to its members
+  -M, --members USER,...        set the list of members of GROUP
+  -A, --administrators ADMIN,...
+                                set the list of administrators for GROUP
+Except for the -A and -M options, the options cannot be combined.
diff --git a/tests/grouptools/gpasswd/61_gpasswd_usage/gpasswd.test b/tests/grouptools/gpasswd/61_gpasswd_usage/gpasswd.test
new file mode 100755
index 0000000..50732c6
--- /dev/null
+++ b/tests/grouptools/gpasswd/61_gpasswd_usage/gpasswd.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get gpasswd usage (gpasswd -h)..."
+gpasswd -h >tmp/usage.out
+
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config.txt b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/default/useradd b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/group b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/gshadow b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/passwd b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/shadow b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/data/gpasswd.err b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/data/gpasswd.err
new file mode 100644
index 0000000..1ae3559
--- /dev/null
+++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/data/gpasswd.err
@@ -0,0 +1 @@
+gpasswd: user 'foooo' does not exist
diff --git a/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test
new file mode 100755
index 0000000..2be948c
--- /dev/null
+++ b/tests/grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd -A fails if an user does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set admins of users to root,foooo,bin (gpasswd -A root,foooo,bin users)..."
+gpasswd -A root,foooo,bin users 2>tmp/gpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3" # E_BAD_ARG
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/gpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/gpasswd.err tmp/gpasswd.err
+echo "error message OK."
+rm -f tmp/gpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config.txt b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/group b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/gshadow b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/passwd b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/shadow b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/data/usage.out b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/data/usage.out
new file mode 100644
index 0000000..587d234
--- /dev/null
+++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/data/usage.out
@@ -0,0 +1,14 @@
+gpasswd: invalid option -- 'Z'
+Usage: gpasswd [option] GROUP
+
+Options:
+  -a, --add USER                add USER to GROUP
+  -d, --delete USER             remove USER from GROUP
+  -h, --help                    display this help message and exit
+  -Q, --root CHROOT_DIR         directory to chroot into
+  -r, --remove-password         remove the GROUP's password
+  -R, --restrict                restrict access to GROUP to its members
+  -M, --members USER,...        set the list of members of GROUP
+  -A, --administrators ADMIN,...
+                                set the list of administrators for GROUP
+Except for the -A and -M options, the options cannot be combined.
diff --git a/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test
new file mode 100755
index 0000000..aca4873
--- /dev/null
+++ b/tests/grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd displays its usage message in case of bad option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use gpasswd invalid option (gpasswd -Z)..."
+gpasswd -Z 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config.txt b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/group b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/gshadow b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/passwd b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/shadow b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/data/usage.out b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/data/usage.out
new file mode 100644
index 0000000..d1c98d7
--- /dev/null
+++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/data/usage.out
@@ -0,0 +1,13 @@
+Usage: gpasswd [option] GROUP
+
+Options:
+  -a, --add USER                add USER to GROUP
+  -d, --delete USER             remove USER from GROUP
+  -h, --help                    display this help message and exit
+  -Q, --root CHROOT_DIR         directory to chroot into
+  -r, --remove-password         remove the GROUP's password
+  -R, --restrict                restrict access to GROUP to its members
+  -M, --members USER,...        set the list of members of GROUP
+  -A, --administrators ADMIN,...
+                                set the list of administrators for GROUP
+Except for the -A and -M options, the options cannot be combined.
diff --git a/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test
new file mode 100755
index 0000000..009f5a3
--- /dev/null
+++ b/tests/grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd displays its usage message in case of multiple exclusive options"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use gpasswd option (gpasswd -a root -d root users)..."
+gpasswd -a root -d root users 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config.txt b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/group b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/gshadow b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/passwd b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/shadow b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/data/usage.out b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/data/usage.out
new file mode 100644
index 0000000..d1c98d7
--- /dev/null
+++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/data/usage.out
@@ -0,0 +1,13 @@
+Usage: gpasswd [option] GROUP
+
+Options:
+  -a, --add USER                add USER to GROUP
+  -d, --delete USER             remove USER from GROUP
+  -h, --help                    display this help message and exit
+  -Q, --root CHROOT_DIR         directory to chroot into
+  -r, --remove-password         remove the GROUP's password
+  -R, --restrict                restrict access to GROUP to its members
+  -M, --members USER,...        set the list of members of GROUP
+  -A, --administrators ADMIN,...
+                                set the list of administrators for GROUP
+Except for the -A and -M options, the options cannot be combined.
diff --git a/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test
new file mode 100755
index 0000000..871c264
--- /dev/null
+++ b/tests/grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd displays its usage message in case the group is not specified"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use gpasswd option (gpasswd -a root)..."
+gpasswd -a root 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config.txt b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/group b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/gshadow b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/passwd b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/shadow b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/data/usage.out b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/data/usage.out
new file mode 100644
index 0000000..d1c98d7
--- /dev/null
+++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/data/usage.out
@@ -0,0 +1,13 @@
+Usage: gpasswd [option] GROUP
+
+Options:
+  -a, --add USER                add USER to GROUP
+  -d, --delete USER             remove USER from GROUP
+  -h, --help                    display this help message and exit
+  -Q, --root CHROOT_DIR         directory to chroot into
+  -r, --remove-password         remove the GROUP's password
+  -R, --restrict                restrict access to GROUP to its members
+  -M, --members USER,...        set the list of members of GROUP
+  -A, --administrators ADMIN,...
+                                set the list of administrators for GROUP
+Except for the -A and -M options, the options cannot be combined.
diff --git a/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test
new file mode 100755
index 0000000..67827b6
--- /dev/null
+++ b/tests/grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd displays its usage message in case multiple groups are specified"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use gpasswd option (gpasswd -a root root users)..."
+gpasswd -a root root users 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "gpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config.txt b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config.txt
new file mode 100644
index 0000000..2fb7c37
--- /dev/null
+++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config.txt
@@ -0,0 +1 @@
+myuser exist and is an admin of group users
diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/group b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/gshadow b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/passwd b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/passwd
new file mode 100644
index 0000000..86d7855
--- /dev/null
+++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+myuser:x:1001:1000:::/bin/bash
diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/shadow b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/shadow
new file mode 100644
index 0000000..f2f5bb2
--- /dev/null
+++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+myuser::12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.exp b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.exp
new file mode 100755
index 0000000..11ca9ab
--- /dev/null
+++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.exp
@@ -0,0 +1,59 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+	puts "usage: gpasswd.exp <run_user> <group> <user_prompt>"
+	exit 1
+}
+
+set run_user    [lindex $argv 0]
+set group       [lindex $argv 1]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt"		;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r"			;# restore the prompt for the logs
+send "whoami\r"			;# Verify we are really testsuite
+
+expect {
+	timeout {
+		puts "\ntimeout...FAIL"
+		exit 1
+	}
+	"$run_user"
+}
+
+expect "$user_prompt"			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's admins to 'root'\n"
+send_user "# and expect a permission denied"
+send "\r"			;# restore the prompt for the logs
+send "gpasswd -A root $group\r"		;# Change the password
+expect "gpasswd: Permission denied."	;# Not an admin
+
+send_user "\n"
+send_user "# expect prompt '$user_prompt'\n"
+
+expect {
+	# Wait for the new prompt
+	"$user_prompt" {
+		send "exit\r"
+		expect "$ "
+		puts "\nPASS"
+		exit 0
+	}
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test
new file mode 100755
index 0000000..95d557d
--- /dev/null
+++ b/tests/grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp myuser users '$ '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config.txt b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config.txt
new file mode 100644
index 0000000..2fb7c37
--- /dev/null
+++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config.txt
@@ -0,0 +1 @@
+myuser exist and is an admin of group users
diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/group b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/gshadow b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/passwd b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/passwd
new file mode 100644
index 0000000..86d7855
--- /dev/null
+++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+myuser:x:1001:1000:::/bin/bash
diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/shadow b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/shadow
new file mode 100644
index 0000000..f2f5bb2
--- /dev/null
+++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+myuser::12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.exp b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.exp
new file mode 100755
index 0000000..2b31498
--- /dev/null
+++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.exp
@@ -0,0 +1,60 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+	puts "usage: gpasswd.exp <run_user> <group> <user_prompt>"
+	exit 1
+}
+
+set run_user    [lindex $argv 0]
+set group       [lindex $argv 1]
+set g_password  [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt"		;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r"			;# restore the prompt for the logs
+send "whoami\r"			;# Verify we are really testsuite
+
+expect {
+	timeout {
+		puts "\ntimeout...FAIL"
+		exit 1
+	}
+	"$run_user"
+}
+
+expect "$user_prompt"			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's members to root\n"
+send_user "# and expect a permission denied"
+send "\r"			;# restore the prompt for the logs
+send "gpasswd -M root $group\r"		;# Change the password
+expect "gpasswd: Permission denied."	;# Not an admin
+
+send_user "\n"
+send_user "# expect prompt '$user_prompt'\n"
+
+expect {
+	# Wait for the new prompt
+	"$user_prompt" {
+		send "exit\r"
+		expect "$ "
+		puts "\nPASS"
+		exit 0
+	}
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test
new file mode 100755
index 0000000..95d557d
--- /dev/null
+++ b/tests/grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp myuser users '$ '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config.txt b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config.txt
new file mode 100644
index 0000000..2fb7c37
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config.txt
@@ -0,0 +1 @@
+myuser exist and is an admin of group users
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/group b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/gshadow b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/gshadow
new file mode 100644
index 0000000..aef7f5b
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:myuser:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/login.defs b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/login.defs
new file mode 100644
index 0000000..91c4b42
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+# ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/passwd b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/passwd
new file mode 100644
index 0000000..86d7855
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+myuser:x:1001:1000:::/bin/bash
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/shadow b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/shadow
new file mode 100644
index 0000000..f2f5bb2
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+myuser::12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/data/gshadow b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/data/gshadow
new file mode 100644
index 0000000..048d86a
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:@PASS_DES usersPAS@:myuser:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.exp b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.exp
new file mode 100755
index 0000000..b207719
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.exp
@@ -0,0 +1,87 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+	puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+	exit 1
+}
+
+set run_user    [lindex $argv 0]
+set group       [lindex $argv 1]
+set g_password  [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt"		;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r"			;# restore the prompt for the logs
+send "whoami\r"			;# Verify we are really testsuite
+
+expect {
+	timeout {
+		puts "\ntimeout...FAIL"
+		exit 1
+	}
+	"$run_user"
+}
+
+expect "$user_prompt"			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "gpasswd $group\r"		;# Change the password
+expect "New Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "wrong $g_password\r"		;# Send the password
+
+send_user "\n# wrong password 'wrong $g_password' sent\n\n"
+
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+
+
+send_user "# expect failure an retry"
+expect "They don't match; try again"
+
+expect "New Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+
+send_user "\n# password '$g_password' sent\n\n"
+
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+
+send_user "# expect prompt '$user_prompt'"
+
+expect {
+	# Wait for the new prompt
+	"$user_prompt" {
+		send "exit\r"
+		expect "$ "
+		puts "\nPASS"
+		exit 0
+	}
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test
new file mode 100755
index 0000000..9ae0cd8
--- /dev/null
+++ b/tests/grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp myuser users usersPAS '$ '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config.txt b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config.txt
new file mode 100644
index 0000000..2fb7c37
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config.txt
@@ -0,0 +1 @@
+myuser exist and is an admin of group users
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/group b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/gshadow b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/gshadow
new file mode 100644
index 0000000..aef7f5b
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:myuser:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/login.defs b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/login.defs
new file mode 100644
index 0000000..cff57e2
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		4
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/passwd b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/passwd
new file mode 100644
index 0000000..86d7855
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+myuser:x:1001:1000:::/bin/bash
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/shadow b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/shadow
new file mode 100644
index 0000000..f2f5bb2
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+myuser::12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/data/gshadow b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/data/gshadow
new file mode 100644
index 0000000..048d86a
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:@PASS_DES usersPAS@:myuser:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.exp b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.exp
new file mode 100755
index 0000000..b8ac4e9
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.exp
@@ -0,0 +1,96 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+	puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+	exit 1
+}
+
+set run_user    [lindex $argv 0]
+set group       [lindex $argv 1]
+set g_password  [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt"		;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r"			;# restore the prompt for the logs
+send "whoami\r"			;# Verify we are really testsuite
+
+expect {
+	timeout {
+		puts "\ntimeout...FAIL"
+		exit 1
+	}
+	"$run_user"
+}
+
+expect "$user_prompt"			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "gpasswd $group\r"		;# Change the password
+expect "New Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "wrong $g_password\r"		;# Send the password
+send_user "\n# wrong password 'wrong $g_password' sent\n\n"
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+send_user "# expect failure 1 and retry"
+expect "They don't match; try again"
+
+expect "New Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "wrong $g_password\r"		;# Send the password
+send_user "\n# wrong password 'wrong $g_password' sent\n\n"
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+send_user "# expect failure 2 and retry"
+expect "They don't match; try again"
+
+expect "New Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+
+send_user "\n# password '$g_password' sent for the last try\n\n"
+
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+
+send_user "# expect prompt '$user_prompt'"
+
+expect {
+	# Wait for the new prompt
+	"$user_prompt" {
+		send "exit\r"
+		expect "$ "
+		puts "\nPASS"
+		exit 0
+	}
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test
new file mode 100755
index 0000000..9ae0cd8
--- /dev/null
+++ b/tests/grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp myuser users usersPAS '$ '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config.txt b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config.txt
new file mode 100644
index 0000000..2fb7c37
--- /dev/null
+++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config.txt
@@ -0,0 +1 @@
+myuser exist and is an admin of group users
diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/group b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/gshadow b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/gshadow
new file mode 100644
index 0000000..aef7f5b
--- /dev/null
+++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:myuser:
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/login.defs b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/login.defs
new file mode 100644
index 0000000..cff57e2
--- /dev/null
+++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		4
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/passwd b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/passwd
new file mode 100644
index 0000000..86d7855
--- /dev/null
+++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+myuser:x:1001:1000:::/bin/bash
diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/shadow b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/shadow
new file mode 100644
index 0000000..f2f5bb2
--- /dev/null
+++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+myuser::12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.exp b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.exp
new file mode 100755
index 0000000..8b85ba9
--- /dev/null
+++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.exp
@@ -0,0 +1,96 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 4} {
+	puts "usage: gpasswd.exp <run_user> <group> <g_password> <user_prompt>"
+	exit 1
+}
+
+set run_user    [lindex $argv 0]
+set group       [lindex $argv 1]
+set g_password  [lindex $argv 2]
+set user_prompt [lindex $argv 3]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to user '$run_user'\n"
+send_user "# and expect a '$user_prompt' prompt\n"
+spawn /bin/su $run_user
+
+expect "$user_prompt"		;# Wait for the prompt
+
+send_user "\n# make sure we are now '$run_user'"
+send_user "\n# whoami should return '$run_user'"
+send "\r"			;# restore the prompt for the logs
+send "whoami\r"			;# Verify we are really testsuite
+
+expect {
+	timeout {
+		puts "\ntimeout...FAIL"
+		exit 1
+	}
+	"$run_user"
+}
+
+expect "$user_prompt"			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now change '$group' 's password to '$g_password'\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "gpasswd $group\r"		;# Change the password
+expect "New Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "wrong $g_password\r"		;# Send the password
+send_user "\n# wrong password 'wrong $g_password' sent\n\n"
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+send_user "# expect failure 1 and retry"
+expect "They don't match; try again"
+
+expect "New Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "wrong $g_password\r"		;# Send the password
+send_user "\n# wrong password 'wrong $g_password' sent\n\n"
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+send_user "# expect failure 2 and retry"
+expect "They don't match; try again"
+
+expect "New Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "wrong $g_password\r"		;# Send the password
+send_user "\n# wrong password 'wrong $g_password' sent\n\n"
+send_user "Expect a new password prompt\n"
+expect "Re-enter new password: "		;# Wait for the Password: prompt
+# Wait a little bit more (gpasswd is not ready to receive the password)
+sleep 0.1
+send "$g_password\r"		;# Send the password
+send_user "# expect failure 3 and retry"
+expect "gpasswd: Try again later"
+
+send_user "# expect prompt '$user_prompt'"
+
+expect {
+	# Wait for the new prompt
+	"$user_prompt" {
+		send "exit\r"
+		expect "$ "
+		puts "\nPASS"
+		exit 0
+	}
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test
new file mode 100755
index 0000000..d75576e
--- /dev/null
+++ b/tests/grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can be used by root to change one group's passwd"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./gpasswd.exp myuser users usersPAS '$ '
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/config.txt b/tests/grouptools/gpasswd/72_gpasswd-M-A/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/group b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/group
new file mode 100644
index 0000000..1838a36
--- /dev/null
+++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,bin
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/gshadow b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/gshadow
new file mode 100644
index 0000000..689ea4c
--- /dev/null
+++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo,bin
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/passwd b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/shadow b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/data/group b/tests/grouptools/gpasswd/72_gpasswd-M-A/data/group
new file mode 100644
index 0000000..aa85a13
--- /dev/null
+++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root,daemon
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/data/gshadow b/tests/grouptools/gpasswd/72_gpasswd-M-A/data/gshadow
new file mode 100644
index 0000000..de77657
--- /dev/null
+++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:root,bin:root,daemon
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test b/tests/grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test
new file mode 100755
index 0000000..1a77cee
--- /dev/null
+++ b/tests/grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "gpasswd can change the list of members and admins"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "set the list of members to root,daemon (gpasswd -M root,daemon -A root,bin users)..."
+gpasswd -M root,daemon -A root,bin users
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config.txt b/tests/grouptools/groupadd/01_groupadd_add_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/default/useradd b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/group b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/gshadow b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/login.defs b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/passwd b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/shadow b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/data/group b/tests/grouptools/groupadd/01_groupadd_add_group/data/group
new file mode 100644
index 0000000..6307e25
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:103:
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/data/gshadow b/tests/grouptools/groupadd/01_groupadd_add_group/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/grouptools/groupadd/01_groupadd_add_group/groupadd.test b/tests/grouptools/groupadd/01_groupadd_add_group/groupadd.test
new file mode 100755
index 0000000..c48da8e
--- /dev/null
+++ b/tests/grouptools/groupadd/01_groupadd_add_group/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can add a group (GID_MIN set to 100 in /etc/login.defs)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd foo)..."
+groupadd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config.txt b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/default/useradd b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/group b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/gshadow b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/login.defs b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/login.defs
new file mode 100644
index 0000000..68b7f5d
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/passwd b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/shadow b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/group b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/gshadow b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test
new file mode 100755
index 0000000..05c1038
--- /dev/null
+++ b/tests/grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can add a group (GID_MIN set to 1000 in /etc/login.defs)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd foo)..."
+groupadd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config.txt b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/default/useradd b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/group b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/gshadow b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/login.defs b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/passwd b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/shadow b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/group b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/group
new file mode 100644
index 0000000..f3d8204
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:2000:
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/gshadow b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/groupadd.test b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/groupadd.test
new file mode 100755
index 0000000..bad185a
--- /dev/null
+++ b/tests/grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can add a group, respect -K GID_MIN"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd -K GID_MIN=2000 foo)..."
+groupadd -K GID_MIN=2000 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config.txt b/tests/grouptools/groupadd/04_groupadd_set_password/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/default/useradd b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/group b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/gshadow b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/login.defs b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/passwd b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/shadow b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/data/group b/tests/grouptools/groupadd/04_groupadd_set_password/data/group
new file mode 100644
index 0000000..6307e25
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:103:
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/data/gshadow b/tests/grouptools/groupadd/04_groupadd_set_password/data/gshadow
new file mode 100644
index 0000000..57a72a7
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:password::
diff --git a/tests/grouptools/groupadd/04_groupadd_set_password/groupadd.test b/tests/grouptools/groupadd/04_groupadd_set_password/groupadd.test
new file mode 100755
index 0000000..01ce95e
--- /dev/null
+++ b/tests/grouptools/groupadd/04_groupadd_set_password/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can add a group and set the password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo with a password (groupadd -p password foo)..."
+groupadd -p password foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config.txt b/tests/grouptools/groupadd/05_groupadd_set_GID/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/default/useradd b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/group b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/gshadow b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/login.defs b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/passwd b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/shadow b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/data/group b/tests/grouptools/groupadd/05_groupadd_set_GID/data/group
new file mode 100644
index 0000000..3bd92e7
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1500:
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/data/gshadow b/tests/grouptools/groupadd/05_groupadd_set_GID/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/grouptools/groupadd/05_groupadd_set_GID/groupadd.test b/tests/grouptools/groupadd/05_groupadd_set_GID/groupadd.test
new file mode 100755
index 0000000..306767b
--- /dev/null
+++ b/tests/grouptools/groupadd/05_groupadd_set_GID/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can add a group and set the GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo with GID 1500 (groupadd -p 1500 foo)..."
+groupadd -g 1500 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config.txt b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/default/useradd b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/group b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/group
new file mode 100644
index 0000000..6307e25
--- /dev/null
+++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:103:
diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/gshadow b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/login.defs b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/passwd b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/shadow b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/groupadd.test b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/groupadd.test
new file mode 100755
index 0000000..25546eb
--- /dev/null
+++ b/tests/grouptools/groupadd/06_groupadd_-f_add_existing_group/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd -f exits with succes if the user already exists"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd -f foo)..."
+groupadd -f foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config.txt b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/default/useradd b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/group b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/group
new file mode 100644
index 0000000..5c3fef9
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1003:
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/gshadow b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/login.defs b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/passwd b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/shadow b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/group b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/group
new file mode 100644
index 0000000..66c892a
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1003:
+bar:x:1004:
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/gshadow b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/gshadow
new file mode 100644
index 0000000..e718821
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:!::
diff --git a/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/groupadd.test b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/groupadd.test
new file mode 100755
index 0000000..3f3f32f
--- /dev/null
+++ b/tests/grouptools/groupadd/07_groupadd_-f_add_existing_GID/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd -f uses another GID if an user already exists with this GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group bar, GID 1003 (groupadd -g 1003 -f bar)..."
+groupadd -g 1003 -f bar
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config.txt b/tests/grouptools/groupadd/08_groupadd_locked_group/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/default/useradd b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/group b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/gshadow b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/passwd b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/shadow b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/08_groupadd_locked_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/data/groupadd.err b/tests/grouptools/groupadd/08_groupadd_locked_group/data/groupadd.err
new file mode 100644
index 0000000..33604e5
--- /dev/null
+++ b/tests/grouptools/groupadd/08_groupadd_locked_group/data/groupadd.err
@@ -0,0 +1,2 @@
+groupadd: existing lock file /etc/group.lock without a PID
+groupadd: cannot lock /etc/group; try again later.
diff --git a/tests/grouptools/groupadd/08_groupadd_locked_group/groupadd.test b/tests/grouptools/groupadd/08_groupadd_locked_group/groupadd.test
new file mode 100755
index 0000000..aa3250e
--- /dev/null
+++ b/tests/grouptools/groupadd/08_groupadd_locked_group/groupadd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Add group foo (groupadd foo)..."
+groupadd foo 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config.txt b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/default/useradd b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/group b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/gshadow b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/passwd b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/shadow b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/data/groupadd.err b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/data/groupadd.err
new file mode 100644
index 0000000..c64e0a9
--- /dev/null
+++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/data/groupadd.err
@@ -0,0 +1,2 @@
+groupadd: existing lock file /etc/gshadow.lock without a PID
+groupadd: cannot lock /etc/gshadow; try again later.
diff --git a/tests/grouptools/groupadd/09_groupadd_locked_gshadow/groupadd.test b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/groupadd.test
new file mode 100755
index 0000000..ac6645c
--- /dev/null
+++ b/tests/grouptools/groupadd/09_groupadd_locked_gshadow/groupadd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Add group foo (groupadd foo)..."
+groupadd foo 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config.txt b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/default/useradd b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/group b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/group
new file mode 100644
index 0000000..5c3fef9
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1003:
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/gshadow b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/login.defs b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/passwd b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/shadow b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/group b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/group
new file mode 100644
index 0000000..64cb8f1
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1003:
+bar:x:1003:
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/gshadow b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/gshadow
new file mode 100644
index 0000000..e718821
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:!::
diff --git a/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/groupadd.test b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/groupadd.test
new file mode 100755
index 0000000..3597a31
--- /dev/null
+++ b/tests/grouptools/groupadd/10_groupadd_-o_add_existing_GID/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd -o accepts to add a group with an already used GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group bar, GID 1003 (groupadd -g 1003 -o bar)..."
+groupadd -g 1003 -o bar
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config.txt b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/default/useradd b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/group b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/gshadow b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/passwd b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/shadow b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/data/groupadd.err b/tests/grouptools/groupadd/11_groupadd_invalid_GID/data/groupadd.err
new file mode 100644
index 0000000..1b0872b
--- /dev/null
+++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: invalid group ID '1002a'
diff --git a/tests/grouptools/groupadd/11_groupadd_invalid_GID/groupadd.test b/tests/grouptools/groupadd/11_groupadd_invalid_GID/groupadd.test
new file mode 100755
index 0000000..9a1d542
--- /dev/null
+++ b/tests/grouptools/groupadd/11_groupadd_invalid_GID/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the given GID is a valid numeric ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo, GID 1002a (groupadd -g 1002a foo)..."
+groupadd -g 1002a foo 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config.txt b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/default/useradd b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/group b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/gshadow b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/passwd b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/shadow b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/data/groupadd.err b/tests/grouptools/groupadd/12_groupadd_negativ_GID/data/groupadd.err
new file mode 100644
index 0000000..26012b6
--- /dev/null
+++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: invalid group ID '-1002'
diff --git a/tests/grouptools/groupadd/12_groupadd_negativ_GID/groupadd.test b/tests/grouptools/groupadd/12_groupadd_negativ_GID/groupadd.test
new file mode 100755
index 0000000..b46434c
--- /dev/null
+++ b/tests/grouptools/groupadd/12_groupadd_negativ_GID/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the given GID is a valid numeric ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo, GID -1002 (groupadd -g -1002 foo)..."
+groupadd -g -1002 foo 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config.txt b/tests/grouptools/groupadd/13_groupadd_invalid_name/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/default/useradd b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/group b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/gshadow b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/passwd b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/shadow b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/data/groupadd.err b/tests/grouptools/groupadd/13_groupadd_invalid_name/data/groupadd.err
new file mode 100644
index 0000000..e7ca762
--- /dev/null
+++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: 'foo:bar' is not a valid group name
diff --git a/tests/grouptools/groupadd/13_groupadd_invalid_name/groupadd.test b/tests/grouptools/groupadd/13_groupadd_invalid_name/groupadd.test
new file mode 100755
index 0000000..fab3011
--- /dev/null
+++ b/tests/grouptools/groupadd/13_groupadd_invalid_name/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the given name is valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo:bar (groupadd foo:bar)..."
+groupadd foo:bar 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config.txt b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/default/useradd b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/group b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/gshadow b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/passwd b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/shadow b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/data/groupadd.err b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/data/groupadd.err
new file mode 100644
index 0000000..f2685c5
--- /dev/null
+++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/data/groupadd.err
@@ -0,0 +1 @@
+configuration error - unknown item 'FOO' (notify administrator)
diff --git a/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/groupadd.test b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/groupadd.test
new file mode 100755
index 0000000..7e28a7f
--- /dev/null
+++ b/tests/grouptools/groupadd/14_groupadd_invalid_-K_option/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the option provided with -K is valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group -K FOO=100 foo (groupadd -K FOO=100 foo)..."
+groupadd -K FOO=100 foo 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config.txt b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/default/useradd b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/group b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/gshadow b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/passwd b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/shadow b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/data/groupadd.err b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/data/groupadd.err
new file mode 100644
index 0000000..8661719
--- /dev/null
+++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: -K requires KEY=VALUE
diff --git a/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/groupadd.test b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/groupadd.test
new file mode 100755
index 0000000..affd681
--- /dev/null
+++ b/tests/grouptools/groupadd/15_groupadd_invalid_-K_no_=/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the option provided with -K has a value"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group -K GID_MAX foo (groupadd -K GID_MAX foo)..."
+groupadd -K GID_MAX foo 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config.txt b/tests/grouptools/groupadd/16_groupadd_existing_group/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/default/useradd b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/group b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/group
new file mode 100644
index 0000000..6307e25
--- /dev/null
+++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:103:
diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/gshadow b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/passwd b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/shadow b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/16_groupadd_existing_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/data/groupadd.err b/tests/grouptools/groupadd/16_groupadd_existing_group/data/groupadd.err
new file mode 100644
index 0000000..be5ec5f
--- /dev/null
+++ b/tests/grouptools/groupadd/16_groupadd_existing_group/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: group 'foo' already exists
diff --git a/tests/grouptools/groupadd/16_groupadd_existing_group/groupadd.test b/tests/grouptools/groupadd/16_groupadd_existing_group/groupadd.test
new file mode 100755
index 0000000..7136dfa
--- /dev/null
+++ b/tests/grouptools/groupadd/16_groupadd_existing_group/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the group already exists"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd foo)..."
+groupadd foo 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "9"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config.txt b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/default/useradd b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/group b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/gshadow b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/login.defs b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/login.defs
new file mode 100644
index 0000000..8d56b7f
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/login.defs
@@ -0,0 +1,316 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+SYS_GID_MIN		  500
+GID_MIN			 1000
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/passwd b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/shadow b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/group b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/group
new file mode 100644
index 0000000..b5b6ce2
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/gshadow b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/grouptools/groupadd/17_groupadd_add_systemgroup/groupadd.test b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/groupadd.test
new file mode 100755
index 0000000..1d5c9a8
--- /dev/null
+++ b/tests/grouptools/groupadd/17_groupadd_add_systemgroup/groupadd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can add a system group (GID_MIN set to 1000, and SYS_GID_MIN set to 500 in /etc/login.defs)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add system group foo (groupadd --system foo)..."
+groupadd --system foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config.txt b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/default/useradd b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/group b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/group
new file mode 100644
index 0000000..15f4c27
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:1000:
+foo2:x:1001:
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/gshadow b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/login.defs b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/login.defs
new file mode 100644
index 0000000..227549c
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			 1001
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/passwd b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/shadow b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/data/groupadd.err b/tests/grouptools/groupadd/18_groupadd_no_more_GID/data/groupadd.err
new file mode 100644
index 0000000..b3fd5c1
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: Can't get unique GID (no more available GIDs)
diff --git a/tests/grouptools/groupadd/18_groupadd_no_more_GID/groupadd.test b/tests/grouptools/groupadd/18_groupadd_no_more_GID/groupadd.test
new file mode 100755
index 0000000..d4aeec4
--- /dev/null
+++ b/tests/grouptools/groupadd/18_groupadd_no_more_GID/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the a GID is still available (GID_MIN=1000, GID_MAX=1001)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo (groupadd foo)..."
+groupadd foo 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config.txt b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/default/useradd b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/group b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/group
new file mode 100644
index 0000000..db0f483
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:300:
+foo2:x:301:
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/gshadow b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/login.defs b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/login.defs
new file mode 100644
index 0000000..756e743
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+SYS_GID_MIN		  300
+SYS_GID_MAX		  301
+GID_MIN			 1000
+GID_MAX			 1001
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/passwd b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/shadow b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/data/groupadd.err b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/data/groupadd.err
new file mode 100644
index 0000000..2809cdd
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: Can't get unique system GID (no more available GIDs)
diff --git a/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/groupadd.test b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/groupadd.test
new file mode 100755
index 0000000..728cdbc
--- /dev/null
+++ b/tests/grouptools/groupadd/19_groupadd_-r_no_more_system_GID/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the a GID is still available (GID_MIN=300, GID_MAX=301)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add system group foo (groupadd -r foo)..."
+groupadd -r foo 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config.txt b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/default/useradd b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/group b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/gshadow b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/passwd b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/shadow b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/data/groupadd.err b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/data/groupadd.err
new file mode 100644
index 0000000..2ab5ee7
--- /dev/null
+++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: GID '1000' already exists
diff --git a/tests/grouptools/groupadd/20_groupadd_add_existing_GID/groupadd.test b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/groupadd.test
new file mode 100755
index 0000000..c65be1b
--- /dev/null
+++ b/tests/grouptools/groupadd/20_groupadd_add_existing_GID/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the given GID is already used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group bar, GID 1000 (groupadd -g 1000 bar)..."
+groupadd -g 1000 bar 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config.txt b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/default/useradd b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/group b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/gshadow b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/passwd b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/shadow b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/data/groupadd.err b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/data/groupadd.err
new file mode 100644
index 0000000..686e195
--- /dev/null
+++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/data/groupadd.err
@@ -0,0 +1 @@
+groupadd: invalid group ID '4294967295'
diff --git a/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/groupadd.test b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/groupadd.test
new file mode 100755
index 0000000..ce73d7f
--- /dev/null
+++ b/tests/grouptools/groupadd/21_groupadd_invalid_GID_4294967295/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd checks if the given GID is a valid numeric ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo, GID 4294967295 (groupadd -g 4294967295 foo)..."
+groupadd -g 4294967295 foo 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config.txt b/tests/grouptools/groupadd/22_groupadd_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/22_groupadd_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config/etc/default/useradd b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config/etc/group b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config/etc/gshadow b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config/etc/passwd b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/22_groupadd_usage/config/etc/shadow b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/22_groupadd_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/22_groupadd_usage/data/usage.out b/tests/grouptools/groupadd/22_groupadd_usage/data/usage.out
new file mode 100644
index 0000000..bb5b556
--- /dev/null
+++ b/tests/grouptools/groupadd/22_groupadd_usage/data/usage.out
@@ -0,0 +1,14 @@
+Usage: groupadd [options] GROUP
+
+Options:
+  -f, --force                   exit successfully if the group already exists,
+                                and cancel -g if the GID is already used
+  -g, --gid GID                 use GID for the new group
+  -h, --help                    display this help message and exit
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -o, --non-unique              allow to create groups with duplicate
+                                (non-unique) GID
+  -p, --password PASSWORD       use this encrypted password for the new group
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/grouptools/groupadd/22_groupadd_usage/groupadd.test b/tests/grouptools/groupadd/22_groupadd_usage/groupadd.test
new file mode 100755
index 0000000..e273408
--- /dev/null
+++ b/tests/grouptools/groupadd/22_groupadd_usage/groupadd.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get groupadd usage (groupadd -h)..."
+groupadd -h >tmp/usage.out
+
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config.txt b/tests/grouptools/groupadd/23_groupadd_no_groups/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/default/useradd b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/group b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/gshadow b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/passwd b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/shadow b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/23_groupadd_no_groups/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/data/groupadd.err b/tests/grouptools/groupadd/23_groupadd_no_groups/data/groupadd.err
new file mode 100644
index 0000000..bb5b556
--- /dev/null
+++ b/tests/grouptools/groupadd/23_groupadd_no_groups/data/groupadd.err
@@ -0,0 +1,14 @@
+Usage: groupadd [options] GROUP
+
+Options:
+  -f, --force                   exit successfully if the group already exists,
+                                and cancel -g if the GID is already used
+  -g, --gid GID                 use GID for the new group
+  -h, --help                    display this help message and exit
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -o, --non-unique              allow to create groups with duplicate
+                                (non-unique) GID
+  -p, --password PASSWORD       use this encrypted password for the new group
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/grouptools/groupadd/23_groupadd_no_groups/groupadd.test b/tests/grouptools/groupadd/23_groupadd_no_groups/groupadd.test
new file mode 100755
index 0000000..bb38d63
--- /dev/null
+++ b/tests/grouptools/groupadd/23_groupadd_no_groups/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd requires the group to create"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo, GID 4294967295 (groupadd -g 4294967295 foo)..."
+groupadd 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config.txt b/tests/grouptools/groupadd/24_groupadd_2_groups/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/default/useradd b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/group b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/gshadow b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/passwd b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/shadow b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/24_groupadd_2_groups/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/data/groupadd.err b/tests/grouptools/groupadd/24_groupadd_2_groups/data/groupadd.err
new file mode 100644
index 0000000..bb5b556
--- /dev/null
+++ b/tests/grouptools/groupadd/24_groupadd_2_groups/data/groupadd.err
@@ -0,0 +1,14 @@
+Usage: groupadd [options] GROUP
+
+Options:
+  -f, --force                   exit successfully if the group already exists,
+                                and cancel -g if the GID is already used
+  -g, --gid GID                 use GID for the new group
+  -h, --help                    display this help message and exit
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -o, --non-unique              allow to create groups with duplicate
+                                (non-unique) GID
+  -p, --password PASSWORD       use this encrypted password for the new group
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/grouptools/groupadd/24_groupadd_2_groups/groupadd.test b/tests/grouptools/groupadd/24_groupadd_2_groups/groupadd.test
new file mode 100755
index 0000000..0f12ae2
--- /dev/null
+++ b/tests/grouptools/groupadd/24_groupadd_2_groups/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can only create a single group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo, GID 4294967295 (groupadd -g 4294967295 foo)..."
+groupadd group1 group2 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config.txt b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/default/useradd b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/group b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/gshadow b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/login.defs b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/passwd b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/shadow b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/data/group b/tests/grouptools/groupadd/25_groupadd_no_gshadow/data/group
new file mode 100644
index 0000000..6307e25
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:103:
diff --git a/tests/grouptools/groupadd/25_groupadd_no_gshadow/groupadd.test b/tests/grouptools/groupadd/25_groupadd_no_gshadow/groupadd.test
new file mode 100755
index 0000000..87f80fb
--- /dev/null
+++ b/tests/grouptools/groupadd/25_groupadd_no_gshadow/groupadd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd can add a group without /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove gshadow..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "Add group foo (groupadd foo)..."
+groupadd foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config.txt b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/default/useradd b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/group b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/gshadow b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/passwd b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/shadow b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/data/groupadd.err b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/data/groupadd.err
new file mode 100644
index 0000000..bb5b556
--- /dev/null
+++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/data/groupadd.err
@@ -0,0 +1,14 @@
+Usage: groupadd [options] GROUP
+
+Options:
+  -f, --force                   exit successfully if the group already exists,
+                                and cancel -g if the GID is already used
+  -g, --gid GID                 use GID for the new group
+  -h, --help                    display this help message and exit
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -o, --non-unique              allow to create groups with duplicate
+                                (non-unique) GID
+  -p, --password PASSWORD       use this encrypted password for the new group
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/grouptools/groupadd/26_groupadd_-o_without_-g/groupadd.test b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/groupadd.test
new file mode 100755
index 0000000..826a47a
--- /dev/null
+++ b/tests/grouptools/groupadd/26_groupadd_-o_without_-g/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd -o require -g"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add group foo, GID 4294967295 (groupadd -g 4294967295 foo)..."
+groupadd -o group1 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/config.txt b/tests/grouptools/groupadd/27_groupadd_invalid_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/group b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/gshadow b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/passwd b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/shadow b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/data/groupadd.err b/tests/grouptools/groupadd/27_groupadd_invalid_option/data/groupadd.err
new file mode 100644
index 0000000..d3cae91
--- /dev/null
+++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/data/groupadd.err
@@ -0,0 +1,15 @@
+groupadd: unrecognized option '--zzinvalid'
+Usage: groupadd [options] GROUP
+
+Options:
+  -f, --force                   exit successfully if the group already exists,
+                                and cancel -g if the GID is already used
+  -g, --gid GID                 use GID for the new group
+  -h, --help                    display this help message and exit
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -o, --non-unique              allow to create groups with duplicate
+                                (non-unique) GID
+  -p, --password PASSWORD       use this encrypted password for the new group
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/grouptools/groupadd/27_groupadd_invalid_option/groupadd.test b/tests/grouptools/groupadd/27_groupadd_invalid_option/groupadd.test
new file mode 100755
index 0000000..c8c0e9b
--- /dev/null
+++ b/tests/grouptools/groupadd/27_groupadd_invalid_option/groupadd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupadd provide usage when called with an invalid option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call groupadd with invalid options (groupadd --zzinvalid foo)..."
+groupadd --zzinvalid foo 2>tmp/groupadd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupadd reported:"
+echo "======================================================================="
+cat tmp/groupadd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupadd.err tmp/groupadd.err
+echo "error message OK."
+rm -f tmp/groupadd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config.txt b/tests/grouptools/groupdel/01_groupdel_delete_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/default/useradd b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/group b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/gshadow b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/login.defs b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/passwd b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/shadow b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/data/group b/tests/grouptools/groupdel/01_groupdel_delete_group/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/data/gshadow b/tests/grouptools/groupdel/01_groupdel_delete_group/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupdel/01_groupdel_delete_group/groupdel.test b/tests/grouptools/groupdel/01_groupdel_delete_group/groupdel.test
new file mode 100755
index 0000000..b590f9d
--- /dev/null
+++ b/tests/grouptools/groupdel/01_groupdel_delete_group/groupdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel can delete a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config.txt b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/group b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/data/group b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/groupdel.test b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/groupdel.test
new file mode 100755
index 0000000..0ab4f19
--- /dev/null
+++ b/tests/grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/groupdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel can delete a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config.txt b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/default/useradd b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/group b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/login.defs b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/passwd b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/shadow b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/data/group b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/groupdel.test b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/groupdel.test
new file mode 100755
index 0000000..b0c0793
--- /dev/null
+++ b/tests/grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/groupdel.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel can delete a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "Remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config.txt b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/default/useradd b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/group b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/gshadow b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/login.defs b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/passwd b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/passwd
new file mode 100644
index 0000000..69768f8
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/shadow b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/shadow
new file mode 100644
index 0000000..518993c
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:*:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/data/groupdel.err b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/data/groupdel.err
new file mode 100644
index 0000000..f33297a
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/data/groupdel.err
@@ -0,0 +1 @@
+groupdel: cannot remove the primary group of user 'bar'
diff --git a/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/groupdel.test b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/groupdel.test
new file mode 100755
index 0000000..cab95ca
--- /dev/null
+++ b/tests/grouptools/groupdel/04_groupdel_delete_group_error_busy_group/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel doesn't delete a group used as a primary group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo 2>tmp/groupdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "8"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config.txt b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/default/useradd b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/group b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/group
new file mode 100644
index 0000000..3196692
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:1000:
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/gshadow b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/gshadow
new file mode 100644
index 0000000..3a02ae8
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/login.defs b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/passwd b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/passwd
new file mode 100644
index 0000000..69768f8
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/shadow b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/shadow
new file mode 100644
index 0000000..518993c
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:*:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/data/groupdel.err b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/data/groupdel.err
new file mode 100644
index 0000000..21d6add
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/data/groupdel.err
@@ -0,0 +1 @@
+groupdel: group 'foo' does not exist
diff --git a/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/groupdel.test b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/groupdel.test
new file mode 100755
index 0000000..76b6bfa
--- /dev/null
+++ b/tests/grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel fails if the group is not valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo 2>tmp/groupdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config.txt b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/default/useradd b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/group b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/gshadow b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/login.defs b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/passwd b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/shadow b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/data/groupdel.err b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/data/groupdel.err
new file mode 100644
index 0000000..ed52317
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/data/groupdel.err
@@ -0,0 +1,2 @@
+groupdel: existing lock file /etc/group.lock without a PID
+groupdel: cannot lock /etc/group; try again later.
diff --git a/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/groupdel.test b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/groupdel.test
new file mode 100755
index 0000000..d2f54c9
--- /dev/null
+++ b/tests/grouptools/groupdel/06_groupdel_delete_group_error_locked_group/groupdel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo 2>tmp/groupdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config.txt b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/default/useradd b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/group b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/gshadow b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/login.defs b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/passwd b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/shadow b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/data/groupdel.err b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/data/groupdel.err
new file mode 100644
index 0000000..66f2eaf
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/data/groupdel.err
@@ -0,0 +1,2 @@
+groupdel: existing lock file /etc/gshadow.lock without a PID
+groupdel: cannot lock /etc/gshadow; try again later.
diff --git a/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/groupdel.test b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/groupdel.test
new file mode 100755
index 0000000..ea7a4cc
--- /dev/null
+++ b/tests/grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/groupdel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo 2>tmp/groupdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config.txt b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/default/useradd b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/group b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/group
new file mode 100644
index 0000000..3196692
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:1000:
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/gshadow b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/gshadow
new file mode 100644
index 0000000..3a02ae8
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/login.defs b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/passwd b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/passwd
new file mode 100644
index 0000000..69768f8
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/shadow b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/shadow
new file mode 100644
index 0000000..518993c
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:*:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/data/groupdel.err b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/data/groupdel.err
new file mode 100644
index 0000000..e1d7f41
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/data/groupdel.err
@@ -0,0 +1,6 @@
+Usage: groupdel [options] GROUP
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/groupdel.test b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/groupdel.test
new file mode 100755
index 0000000..2cdc0d5
--- /dev/null
+++ b/tests/grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel checks if a group is provided in parameter"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete a group (groupdel)..."
+groupdel 2>tmp/groupdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config.txt b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/default/useradd b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/group b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/group
new file mode 100644
index 0000000..3196692
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:1000:
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/gshadow b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/gshadow
new file mode 100644
index 0000000..3a02ae8
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/login.defs b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/passwd b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/passwd
new file mode 100644
index 0000000..69768f8
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/shadow b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/shadow
new file mode 100644
index 0000000..518993c
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:*:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/data/groupdel.err b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/data/groupdel.err
new file mode 100644
index 0000000..e1d7f41
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/data/groupdel.err
@@ -0,0 +1,6 @@
+Usage: groupdel [options] GROUP
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/groupdel.test b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/groupdel.test
new file mode 100755
index 0000000..d833deb
--- /dev/null
+++ b/tests/grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel does not delete two groups at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete two groups (groupdel foo bar)..."
+groupdel foo bar 2>tmp/groupdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config.txt b/tests/grouptools/groupdel/10_groupdel_usage/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/default/useradd b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/group b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/gshadow b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/login.defs b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/passwd b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/passwd
new file mode 100644
index 0000000..69768f8
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/config/etc/shadow b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/shadow
new file mode 100644
index 0000000..518993c
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:*:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/data/usage.out b/tests/grouptools/groupdel/10_groupdel_usage/data/usage.out
new file mode 100644
index 0000000..e1d7f41
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/data/usage.out
@@ -0,0 +1,6 @@
+Usage: groupdel [options] GROUP
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/grouptools/groupdel/10_groupdel_usage/groupdel.test b/tests/grouptools/groupdel/10_groupdel_usage/groupdel.test
new file mode 100755
index 0000000..4a696a1
--- /dev/null
+++ b/tests/grouptools/groupdel/10_groupdel_usage/groupdel.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get groupdel usage message (groupdel --help)..."
+groupdel --help >tmp/usage.out
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usage.out tmp/usage.out
+echo "error message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config.txt b/tests/grouptools/groupdel/11_groupdel_invalid_option/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/default/useradd b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/group b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/gshadow b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/login.defs b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/passwd b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..69768f8
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/shadow b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..518993c
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:*:12977:0:99999:7:::
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/data/groupdel.err b/tests/grouptools/groupdel/11_groupdel_invalid_option/data/groupdel.err
new file mode 100644
index 0000000..7502ba5
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/data/groupdel.err
@@ -0,0 +1,7 @@
+groupdel: invalid option -- 'Z'
+Usage: groupdel [options] GROUP
+
+Options:
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/grouptools/groupdel/11_groupdel_invalid_option/groupdel.test b/tests/grouptools/groupdel/11_groupdel_invalid_option/groupdel.test
new file mode 100755
index 0000000..8072a4f
--- /dev/null
+++ b/tests/grouptools/groupdel/11_groupdel_invalid_option/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupdel displays its usage message when called with an invalid option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call groupdel with an invalid option (groupdel -Z foo)..."
+groupdel -Z foo 2>tmp/groupdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/config.txt b/tests/grouptools/groupmems/01_groupmems_root_add_user/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/group b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/group
new file mode 100644
index 0000000..4f7c184
--- /dev/null
+++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:
diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/gshadow b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/gshadow
new file mode 100644
index 0000000..283ca8c
--- /dev/null
+++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::
diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/passwd b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/shadow b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/data/group b/tests/grouptools/groupmems/01_groupmems_root_add_user/data/group
new file mode 100644
index 0000000..62aeba4
--- /dev/null
+++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:utest1
diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/data/gshadow b/tests/grouptools/groupmems/01_groupmems_root_add_user/data/gshadow
new file mode 100644
index 0000000..563a8ba
--- /dev/null
+++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::utest1
diff --git a/tests/grouptools/groupmems/01_groupmems_root_add_user/groupmems.test b/tests/grouptools/groupmems/01_groupmems_root_add_user/groupmems.test
new file mode 100755
index 0000000..74c7420
--- /dev/null
+++ b/tests/grouptools/groupmems/01_groupmems_root_add_user/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can add an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user utest1 to group gtest1..."
+groupmems -a utest1 -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/config.txt b/tests/grouptools/groupmems/02_groupmems_root_del_user/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/group b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/group
new file mode 100644
index 0000000..62aeba4
--- /dev/null
+++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:utest1
diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/gshadow b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/gshadow
new file mode 100644
index 0000000..563a8ba
--- /dev/null
+++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::utest1
diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/passwd b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/shadow b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/data/group b/tests/grouptools/groupmems/02_groupmems_root_del_user/data/group
new file mode 100644
index 0000000..4f7c184
--- /dev/null
+++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:
diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/data/gshadow b/tests/grouptools/groupmems/02_groupmems_root_del_user/data/gshadow
new file mode 100644
index 0000000..283ca8c
--- /dev/null
+++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::
diff --git a/tests/grouptools/groupmems/02_groupmems_root_del_user/groupmems.test b/tests/grouptools/groupmems/02_groupmems_root_del_user/groupmems.test
new file mode 100755
index 0000000..fca4fdb
--- /dev/null
+++ b/tests/grouptools/groupmems/02_groupmems_root_del_user/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can remove an user from a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user utest1 from group gtest1..."
+groupmems -d utest1 -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config.txt b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/group b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/group
new file mode 100644
index 0000000..62aeba4
--- /dev/null
+++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:utest1
diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/gshadow b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/gshadow
new file mode 100644
index 0000000..a559a9a
--- /dev/null
+++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*:utest1:
diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/passwd b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/shadow b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/group b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/group
new file mode 100644
index 0000000..4f7c184
--- /dev/null
+++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:
diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/gshadow b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/gshadow
new file mode 100644
index 0000000..283ca8c
--- /dev/null
+++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::
diff --git a/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/groupmems.test b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/groupmems.test
new file mode 100755
index 0000000..6e5de89
--- /dev/null
+++ b/tests/grouptools/groupmems/03_groupmems_root_del_user_admin/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can remove an user from a group (only admin in gshadow)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user utest1 from group gtest1..."
+groupmems -d utest1 -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config.txt b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/group b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/group
new file mode 100644
index 0000000..62aeba4
--- /dev/null
+++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:utest1
diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/gshadow b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/gshadow
new file mode 100644
index 0000000..793955f
--- /dev/null
+++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*:utest1:utest1
diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/passwd b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/shadow b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/group b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/group
new file mode 100644
index 0000000..4f7c184
--- /dev/null
+++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:
diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/gshadow b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/gshadow
new file mode 100644
index 0000000..283ca8c
--- /dev/null
+++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::
diff --git a/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/groupmems.test b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/groupmems.test
new file mode 100755
index 0000000..e4d9d07
--- /dev/null
+++ b/tests/grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can remove an user from a group (both from the admins and members in gshadow)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user utest1 from group gtest1..."
+groupmems -d utest1 -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config.txt b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/group
new file mode 100644
index 0000000..fbc5ea6
--- /dev/null
+++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:sasl
diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/gshadow
new file mode 100644
index 0000000..63f3a76
--- /dev/null
+++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::sasl
diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/group b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/group
new file mode 100644
index 0000000..f4d05d0
--- /dev/null
+++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:sasl,utest1
diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/gshadow
new file mode 100644
index 0000000..567fc66
--- /dev/null
+++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::sasl,utest1
diff --git a/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/groupmems.test
new file mode 100755
index 0000000..3fbfac2
--- /dev/null
+++ b/tests/grouptools/groupmems/05_groupmems_root_add_user_with_other_users/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can add an user to a group with multipleusers (even admins according to gshadow)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user utest1 to group gtest1..."
+groupmems -a utest1 -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/group
new file mode 100644
index 0000000..ce188f9
--- /dev/null
+++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:sasl,tape
diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/gshadow
new file mode 100644
index 0000000..27eb919
--- /dev/null
+++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*:tape:sasl,tape
diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/group
new file mode 100644
index 0000000..6080f7c
--- /dev/null
+++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:sasl,tape,utest1
diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/gshadow
new file mode 100644
index 0000000..e6f9902
--- /dev/null
+++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*:tape:sasl,tape,utest1
diff --git a/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/groupmems.test
new file mode 100755
index 0000000..74c7420
--- /dev/null
+++ b/tests/grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can add an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user utest1 to group gtest1..."
+groupmems -a utest1 -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config.txt b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/group
new file mode 100644
index 0000000..f1b2832
--- /dev/null
+++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:utest1,sasl
diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/gshadow
new file mode 100644
index 0000000..567fc66
--- /dev/null
+++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::sasl,utest1
diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/group b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/group
new file mode 100644
index 0000000..fbc5ea6
--- /dev/null
+++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:sasl
diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/gshadow
new file mode 100644
index 0000000..63f3a76
--- /dev/null
+++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::sasl
diff --git a/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/groupmems.test
new file mode 100755
index 0000000..8c1576b
--- /dev/null
+++ b/tests/grouptools/groupmems/07_groupmems_root_del_user_with_other_users/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can remove an user from a group with multiple users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user utest1 from group gtest1..."
+groupmems -d utest1 -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/group
new file mode 100644
index 0000000..9c4e2c0
--- /dev/null
+++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:tape,utest1,sasl,staff
diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/gshadow
new file mode 100644
index 0000000..b5e0c75
--- /dev/null
+++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*:tape:sasl,utest1,staff
diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/group
new file mode 100644
index 0000000..2e57cf6
--- /dev/null
+++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:tape,sasl,staff
diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/gshadow
new file mode 100644
index 0000000..411f209
--- /dev/null
+++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*:tape:sasl,staff
diff --git a/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/groupmems.test
new file mode 100755
index 0000000..d340e3d
--- /dev/null
+++ b/tests/grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can remove an user from a group with multiple users (even admins according to gshadow)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove user utest1 from group gtest1..."
+groupmems -d utest1 -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/config.txt b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/group b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/group
new file mode 100644
index 0000000..62aeba4
--- /dev/null
+++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:utest1
diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/gshadow b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/gshadow
new file mode 100644
index 0000000..563a8ba
--- /dev/null
+++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::utest1
diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/passwd b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/shadow b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/group b/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/group
new file mode 100644
index 0000000..4f7c184
--- /dev/null
+++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:
diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/gshadow b/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/gshadow
new file mode 100644
index 0000000..283ca8c
--- /dev/null
+++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::
diff --git a/tests/grouptools/groupmems/09_groupmems_root_purge_user/groupmems.test b/tests/grouptools/groupmems/09_groupmems_root_purge_user/groupmems.test
new file mode 100755
index 0000000..c8cf32d
--- /dev/null
+++ b/tests/grouptools/groupmems/09_groupmems_root_purge_user/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can purge all users from a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Purge group gtest1..."
+groupmems -p -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config.txt b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/group
new file mode 100644
index 0000000..8d6f75b
--- /dev/null
+++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:utest1,dip,plugdev
diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/gshadow
new file mode 100644
index 0000000..ea0fc85
--- /dev/null
+++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::utest1,plugdev,tape
diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/group b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/group
new file mode 100644
index 0000000..4f7c184
--- /dev/null
+++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:
diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/gshadow
new file mode 100644
index 0000000..283ca8c
--- /dev/null
+++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::
diff --git a/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/groupmems.test
new file mode 100755
index 0000000..be32ef8
--- /dev/null
+++ b/tests/grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can purge all users from a group (mutliple users)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Purge group gtest1..."
+groupmems -p -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config.txt
new file mode 100644
index 0000000..d222d91
--- /dev/null
+++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config.txt
@@ -0,0 +1,2 @@
+user utest1
+group gtest1
diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/group
new file mode 100644
index 0000000..8d6f75b
--- /dev/null
+++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:utest1,dip,plugdev
diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/gshadow
new file mode 100644
index 0000000..3677f64
--- /dev/null
+++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*:plugdev,daemon,backup:utest1,plugdev,tape
diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/passwd
new file mode 100644
index 0000000..a07e498
--- /dev/null
+++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/shadow
new file mode 100644
index 0000000..976b4f9
--- /dev/null
+++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/group
new file mode 100644
index 0000000..4f7c184
--- /dev/null
+++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+gtest1:x:1001:
diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/gshadow
new file mode 100644
index 0000000..283ca8c
--- /dev/null
+++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+gtest1:*::
diff --git a/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/groupmems.test
new file mode 100755
index 0000000..623fd20
--- /dev/null
+++ b/tests/grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by root) can purge all users from a group (mulitple users and admins)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Purge group gtest1..."
+groupmems -p -g gtest1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/config.txt b/tests/grouptools/groupmems/12_groupmems_user_add_user/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/group b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/gshadow b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/passwd b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/shadow b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/data/group b/tests/grouptools/groupmems/12_groupmems_user_add_user/data/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/data/gshadow b/tests/grouptools/groupmems/12_groupmems_user_add_user/data/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/groupmems.test b/tests/grouptools/groupmems/12_groupmems_user_add_user/groupmems.test
new file mode 100755
index 0000000..fc9360b
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can add an user to a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/12_groupmems_user_add_user/run_groupmems.exp b/tests/grouptools/groupmems/12_groupmems_user_add_user/run_groupmems.exp
new file mode 100755
index 0000000..40552a8
--- /dev/null
+++ b/tests/grouptools/groupmems/12_groupmems_user_add_user/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/config.txt b/tests/grouptools/groupmems/13_groupmems_user_del_user/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/group b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/gshadow b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/passwd b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/shadow b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/data/group b/tests/grouptools/groupmems/13_groupmems_user_del_user/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/data/gshadow b/tests/grouptools/groupmems/13_groupmems_user_del_user/data/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/groupmems.test b/tests/grouptools/groupmems/13_groupmems_user_del_user/groupmems.test
new file mode 100755
index 0000000..6edd279
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can remove an user from a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/13_groupmems_user_del_user/run_groupmems.exp b/tests/grouptools/groupmems/13_groupmems_user_del_user/run_groupmems.exp
new file mode 100755
index 0000000..4a4053a
--- /dev/null
+++ b/tests/grouptools/groupmems/13_groupmems_user_del_user/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config.txt b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/group b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/gshadow b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/gshadow
new file mode 100644
index 0000000..7bc44c5
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:utest1:
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/passwd b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/shadow b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/group b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/gshadow b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/groupmems.test b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/groupmems.test
new file mode 100755
index 0000000..38d0dcd
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can remove an user from a group (only member according to gshadow)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/run_groupmems.exp b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/run_groupmems.exp
new file mode 100755
index 0000000..4a4053a
--- /dev/null
+++ b/tests/grouptools/groupmems/14_groupmems_user_del_user_admin/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config.txt b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/group b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/gshadow b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/gshadow
new file mode 100644
index 0000000..c824f7b
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:utest1:utest1
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/passwd b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/shadow b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/group b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/gshadow b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/groupmems.test b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/groupmems.test
new file mode 100755
index 0000000..9377a02
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can remove an user from a group (both gshadow members and admins)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/run_groupmems.exp b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/run_groupmems.exp
new file mode 100755
index 0000000..4a4053a
--- /dev/null
+++ b/tests/grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config.txt b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/group
new file mode 100644
index 0000000..f1718b3
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/gshadow
new file mode 100644
index 0000000..e4953ce
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::sasl
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/group b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/group
new file mode 100644
index 0000000..b79c5b0
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl,utest1
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/gshadow
new file mode 100644
index 0000000..b5681f7
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::sasl,utest1
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/groupmems.test
new file mode 100755
index 0000000..39acbdb
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can add an user to a group with multiple users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/run_groupmems.exp b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/run_groupmems.exp
new file mode 100755
index 0000000..40552a8
--- /dev/null
+++ b/tests/grouptools/groupmems/16_groupmems_user_add_user_with_other_users/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/group
new file mode 100644
index 0000000..d28c3ef
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl,tape
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/gshadow
new file mode 100644
index 0000000..a8221cb
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:tape:sasl,tape
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/group
new file mode 100644
index 0000000..9ab6baf
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl,tape,utest1
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/gshadow
new file mode 100644
index 0000000..599f28b
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:tape:sasl,tape,utest1
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/groupmems.test
new file mode 100755
index 0000000..c4073de
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can add an user to a group with muyltiple users (even gshadow admins)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/run_groupmems.exp b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/run_groupmems.exp
new file mode 100755
index 0000000..40552a8
--- /dev/null
+++ b/tests/grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config.txt b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/group
new file mode 100644
index 0000000..dfa09d4
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,sasl
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/gshadow
new file mode 100644
index 0000000..b5681f7
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::sasl,utest1
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/group b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/group
new file mode 100644
index 0000000..f1718b3
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/gshadow
new file mode 100644
index 0000000..e4953ce
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::sasl
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/groupmems.test
new file mode 100755
index 0000000..9bd46b6
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) can remove an user from a group with multiple users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/run_groupmems.exp b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/run_groupmems.exp
new file mode 100755
index 0000000..4a4053a
--- /dev/null
+++ b/tests/grouptools/groupmems/18_groupmems_user_del_user_with_other_users/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/group
new file mode 100644
index 0000000..5ebdeca
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:tape,utest1,sasl,staff
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/gshadow
new file mode 100644
index 0000000..934d2af
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:tape:sasl,utest1,staff
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/group
new file mode 100644
index 0000000..406d078
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:tape,sasl,staff
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/gshadow
new file mode 100644
index 0000000..8fe2213
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:tape:sasl,staff
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/groupmems.test
new file mode 100755
index 0000000..68ebb2f
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) can remove an user from a group with multiple users (even gshadow admins)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/run_groupmems.exp b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/run_groupmems.exp
new file mode 100755
index 0000000..4a4053a
--- /dev/null
+++ b/tests/grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/config.txt b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/group b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/gshadow b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/passwd b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/shadow b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/group b/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/gshadow b/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/groupmems.test b/tests/grouptools/groupmems/20_groupmems_user_purge_user/groupmems.test
new file mode 100755
index 0000000..2398841
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) can purge users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/20_groupmems_user_purge_user/run_groupmems.exp b/tests/grouptools/groupmems/20_groupmems_user_purge_user/run_groupmems.exp
new file mode 100755
index 0000000..0bd4b82
--- /dev/null
+++ b/tests/grouptools/groupmems/20_groupmems_user_purge_user/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config.txt b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/group b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/group
new file mode 100644
index 0000000..d0009e5
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,dip,plugdev
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/gshadow b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/gshadow
new file mode 100644
index 0000000..dfce137
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,plugdev,tape
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/passwd b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/shadow b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/group b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/gshadow b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/groupmems.test b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/groupmems.test
new file mode 100755
index 0000000..e63fc92
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) can purge users when multiple users were already in the group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/run_groupmems.exp b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/run_groupmems.exp
new file mode 100755
index 0000000..0bd4b82
--- /dev/null
+++ b/tests/grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config.txt b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/group b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/group
new file mode 100644
index 0000000..d0009e5
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,dip,plugdev
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/gshadow b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/gshadow
new file mode 100644
index 0000000..2f63428
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:plugdev,daemon,backup:utest1,plugdev,tape
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/passwd b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/shadow b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/group b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/gshadow b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/groupmems.test b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/groupmems.test
new file mode 100755
index 0000000..bbcd7d6
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) can purge users when multiple users were already in the group (even gshadow admins)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/run_groupmems.exp b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/run_groupmems.exp
new file mode 100755
index 0000000..0bd4b82
--- /dev/null
+++ b/tests/grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config.txt b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/group b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/group
new file mode 100644
index 0000000..0b80d30
--- /dev/null
+++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/gshadow b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/gshadow
new file mode 100644
index 0000000..750ecea
--- /dev/null
+++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/passwd b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/shadow b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/groupmems.test b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/groupmems.test
new file mode 100755
index 0000000..f287ade
--- /dev/null
+++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) fails for users not in the groups group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/run_groupmems.exp b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/run_groupmems.exp
new file mode 100755
index 0000000..5b5c780
--- /dev/null
+++ b/tests/grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/run_groupmems.exp
@@ -0,0 +1,41 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r"		;#
+expect "groupmems: Permission denied"
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "126\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config.txt b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/group b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/group
new file mode 100644
index 0000000..230ff8e
--- /dev/null
+++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
+gmyuser:x:424243:
diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/gshadow b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/gshadow
new file mode 100644
index 0000000..cd86429
--- /dev/null
+++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
+gmyuser:x::
diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/passwd b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/shadow b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/groupmems.test b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/groupmems.test
new file mode 100755
index 0000000..3a78eff
--- /dev/null
+++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems fails if a regular user tries to change (-a) another group with -g"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/run_groupmems.exp b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/run_groupmems.exp
new file mode 100755
index 0000000..fa6fa36
--- /dev/null
+++ b/tests/grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1 -g gmyuser\r"		;#
+expect "groupmems: only root can use the -g/--group option"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "3\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config.txt b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/group b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/group
new file mode 100644
index 0000000..230ff8e
--- /dev/null
+++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
+gmyuser:x:424243:
diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/gshadow b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/gshadow
new file mode 100644
index 0000000..cd86429
--- /dev/null
+++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
+gmyuser:x::
diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/passwd b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/passwd
new file mode 100644
index 0000000..9e07aa1
--- /dev/null
+++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424243::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/shadow b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/groupmems.test b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/groupmems.test
new file mode 100755
index 0000000..2a65f7b
--- /dev/null
+++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems fails if the name of the user's primary group differ from the user's name"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/run_groupmems.exp b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/run_groupmems.exp
new file mode 100755
index 0000000..6ecad00
--- /dev/null
+++ b/tests/grouptools/groupmems/25_groupmems_user_add_user-not_user_group/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424243(gmyuser) groups=424243(gmyuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424243(gmyuser) groups=424243(gmyuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r"		;#
+expect "groupmems: your groupname does not match your username"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "5\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config.txt b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/group b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/gshadow b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/passwd b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/shadow b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/groupmems.test b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/groupmems.test
new file mode 100755
index 0000000..d2b3383
--- /dev/null
+++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems fails if the user is already a member of the group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/run_groupmems.exp b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/run_groupmems.exp
new file mode 100755
index 0000000..4187218
--- /dev/null
+++ b/tests/grouptools/groupmems/26_groupmems_user_add_user-already_member/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: user 'utest1' is already a member of 'myuser'"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "7\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config.txt b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/group b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/gshadow b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/passwd b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/shadow b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/groupmems.test b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/groupmems.test
new file mode 100755
index 0000000..1a5666a
--- /dev/null
+++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems fails if the user is already a member of the group (even if it is not according to gshadow)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/run_groupmems.exp b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/run_groupmems.exp
new file mode 100755
index 0000000..4187218
--- /dev/null
+++ b/tests/grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: user 'utest1' is already a member of 'myuser'"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "7\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config.txt b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/group b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/gshadow b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/passwd b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/shadow b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/data/group b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/data/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/groupmems.test b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/groupmems.test
new file mode 100755
index 0000000..23b224a
--- /dev/null
+++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems adds the user if it does not exist in group (but exists in gshadow)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/run_groupmems.exp b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/run_groupmems.exp
new file mode 100755
index 0000000..259d82a
--- /dev/null
+++ b/tests/grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/run_groupmems.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config.txt b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/group b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/gshadow b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/passwd b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/shadow b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/groupmems.test b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/groupmems.test
new file mode 100755
index 0000000..201bb9a
--- /dev/null
+++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems fails when the user to be added does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/run_groupmems.exp b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/run_groupmems.exp
new file mode 100755
index 0000000..aea1ddc
--- /dev/null
+++ b/tests/grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest2\r"		;#
+expect "groupmems: user 'utest2' does not exist"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "8\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config.txt b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/group b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..9ceded0
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl,root,bin
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..46c2778
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/group b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/group
new file mode 100644
index 0000000..6249a8a
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl,root,bin,utest1
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/gshadow b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/gshadow
new file mode 100644
index 0000000..3748fc5
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::sasl,root,bin,utest1
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/groupmems.test b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/groupmems.test
new file mode 100755
index 0000000..783876a
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can add an user to a group, and creates the gshadow entry if it did not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/run_groupmems.exp b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/run_groupmems.exp
new file mode 100755
index 0000000..40552a8
--- /dev/null
+++ b/tests/grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config.txt b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/group b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..9ceded0
--- /dev/null
+++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl,root,bin
diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..46c2778
--- /dev/null
+++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/data/group b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/data/group
new file mode 100644
index 0000000..6249a8a
--- /dev/null
+++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:sasl,root,bin,utest1
diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/groupmems.test b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/groupmems.test
new file mode 100755
index 0000000..31983b6
--- /dev/null
+++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/groupmems.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can add an user to a group, even if the gshadow file does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "Remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/run_groupmems.exp b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/run_groupmems.exp
new file mode 100755
index 0000000..40552a8
--- /dev/null
+++ b/tests/grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config.txt b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/group b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/group
new file mode 100644
index 0000000..248e7b7
--- /dev/null
+++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:bin,daemon
diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/gshadow b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/gshadow
new file mode 100644
index 0000000..d2f4c7b
--- /dev/null
+++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:bin,daemon:
diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/passwd b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/shadow b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/groupmems.test b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/groupmems.test
new file mode 100755
index 0000000..243d830
--- /dev/null
+++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems -d fails if the user is not a member of the group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/run_groupmems.exp b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/run_groupmems.exp
new file mode 100755
index 0000000..a1bd34b
--- /dev/null
+++ b/tests/grouptools/groupmems/32_groupmems_user_del_user-not_member/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: user 'utest1' is not a member of 'myuser'"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "6\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config.txt b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/group b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/group
new file mode 100644
index 0000000..2ef69bb
--- /dev/null
+++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:daemon,utest1,bin
diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/gshadow b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..eefaca8
--- /dev/null
+++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:daemon:bin
diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/passwd b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/shadow b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/data/group b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/data/group
new file mode 100644
index 0000000..d1fae98
--- /dev/null
+++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:daemon,bin
diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/groupmems.test b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/groupmems.test
new file mode 100755
index 0000000..b42c8f7
--- /dev/null
+++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems removes the user if it exists in group (but does not exist in gshadow)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/run_groupmems.exp b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/run_groupmems.exp
new file mode 100755
index 0000000..1b3dd1c
--- /dev/null
+++ b/tests/grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/run_groupmems.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config.txt b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/group b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/group
new file mode 100644
index 0000000..0a4716b
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,utest2
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/gshadow b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/gshadow
new file mode 100644
index 0000000..0a1cb18
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:utest2:utest1
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/passwd b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/shadow b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/group b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/gshadow b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/groupmems.test b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/groupmems.test
new file mode 100755
index 0000000..da1ebc5
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems accepts to remove the user if this user does not (no more) exist)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/run_groupmems.exp b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/run_groupmems.exp
new file mode 100755
index 0000000..d37095b
--- /dev/null
+++ b/tests/grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/run_groupmems.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest2\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config.txt b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/group b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..0f4bff9
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:daemon,utest1,utest2,bin
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..46c2778
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/group b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/group
new file mode 100644
index 0000000..497eed7
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:daemon,utest2,bin
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/gshadow b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/gshadow
new file mode 100644
index 0000000..487ecb3
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::daemon,utest2,bin
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/groupmems.test b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/groupmems.test
new file mode 100755
index 0000000..43f2e5d
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems -d will copy the group entry to gshadow if there were no entries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/run_groupmems.exp b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/run_groupmems.exp
new file mode 100755
index 0000000..4a4053a
--- /dev/null
+++ b/tests/grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config.txt b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/group b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/data/group b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/groupmems.test b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/groupmems.test
new file mode 100755
index 0000000..22a83e5
--- /dev/null
+++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/groupmems.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can remove an user from a group if there are no gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "Remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/run_groupmems.exp b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/run_groupmems.exp
new file mode 100755
index 0000000..4a4053a
--- /dev/null
+++ b/tests/grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config.txt b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/group b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/gshadow b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/gshadow
new file mode 100644
index 0000000..288d6c3
--- /dev/null
+++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::<
diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/passwd b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/shadow b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/data/gshadow b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/data/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/groupmems.test b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/groupmems.test
new file mode 100755
index 0000000..d97b904
--- /dev/null
+++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) can purge users even if the group is empty"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/run_groupmems.exp b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/run_groupmems.exp
new file mode 100755
index 0000000..0bd4b82
--- /dev/null
+++ b/tests/grouptools/groupmems/37_groupmems_user_purge_user-empty_group/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config.txt b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/group b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..46c2778
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/group b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/gshadow b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/groupmems.test b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/groupmems.test
new file mode 100755
index 0000000..f9d58f6
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) can purge users even if there are no gshadow group (and a gshadow group is created)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/run_groupmems.exp b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/run_groupmems.exp
new file mode 100755
index 0000000..0bd4b82
--- /dev/null
+++ b/tests/grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config.txt b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/group b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/data/group b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/data/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/groupmems.test b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/groupmems.test
new file mode 100755
index 0000000..e6e8e9c
--- /dev/null
+++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/groupmems.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called from a regular user) can purge users, even if there are no gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "Remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/run_groupmems.exp b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/run_groupmems.exp
new file mode 100755
index 0000000..0bd4b82
--- /dev/null
+++ b/tests/grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/run_groupmems.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config.txt b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/group b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/group
new file mode 100644
index 0000000..230ff8e
--- /dev/null
+++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
+gmyuser:x:424243:
diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/gshadow b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/gshadow
new file mode 100644
index 0000000..cd86429
--- /dev/null
+++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
+gmyuser:x::
diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/passwd b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/shadow b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/groupmems.test b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/groupmems.test
new file mode 100755
index 0000000..a2976d1
--- /dev/null
+++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems fails if a regular user tries to change (-d) another group with -g"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/run_groupmems.exp b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/run_groupmems.exp
new file mode 100755
index 0000000..c471c2c
--- /dev/null
+++ b/tests/grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1 -g gmyuser\r"		;#
+expect "groupmems: only root can use the -g/--group option"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "3\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config.txt b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/group b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/group
new file mode 100644
index 0000000..230ff8e
--- /dev/null
+++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
+gmyuser:x:424243:
diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/gshadow b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/gshadow
new file mode 100644
index 0000000..cd86429
--- /dev/null
+++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
+gmyuser:x::
diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/passwd b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/shadow b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/groupmems.test b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/groupmems.test
new file mode 100755
index 0000000..f70f12a
--- /dev/null
+++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems fails if a regular user tries to change (-p) another group with -g"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/run_groupmems.exp b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/run_groupmems.exp
new file mode 100755
index 0000000..5e263a3
--- /dev/null
+++ b/tests/grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p -g gmyuser\r"		;#
+expect "groupmems: only root can use the -g/--group option"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "3\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/config.txt b/tests/grouptools/groupmems/42_groupmems_user_list_users/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/group b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/group
new file mode 100644
index 0000000..bd6da4e
--- /dev/null
+++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/gshadow b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/gshadow
new file mode 100644
index 0000000..02b9401
--- /dev/null
+++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon
diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/passwd b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/shadow b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/groupmems.test b/tests/grouptools/groupmems/42_groupmems_user_list_users/groupmems.test
new file mode 100755
index 0000000..cb6bff4
--- /dev/null
+++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can list the users of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/42_groupmems_user_list_users/run_groupmems.exp b/tests/grouptools/groupmems/42_groupmems_user_list_users/run_groupmems.exp
new file mode 100755
index 0000000..2b9b217
--- /dev/null
+++ b/tests/grouptools/groupmems/42_groupmems_user_list_users/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -l\r"		;#
+expect -re "\nutest1  bin  daemon \r"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config.txt b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/group b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/group
new file mode 100644
index 0000000..bd6da4e
--- /dev/null
+++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/gshadow b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/gshadow
new file mode 100644
index 0000000..74f0e82
--- /dev/null
+++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x:nouser,root:
diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/passwd b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/shadow b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/groupmems.test b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/groupmems.test
new file mode 100755
index 0000000..9d2388b
--- /dev/null
+++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can list the users of a group, and gshadow is not taken into account"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/run_groupmems.exp b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/run_groupmems.exp
new file mode 100755
index 0000000..2b9b217
--- /dev/null
+++ b/tests/grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -l\r"		;#
+expect -re "\nutest1  bin  daemon \r"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config.txt b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/group b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/group
new file mode 100644
index 0000000..287981e
--- /dev/null
+++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
+gtest1:x:424242:utest1,bin,utmp
diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/gshadow b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/gshadow
new file mode 100644
index 0000000..f9ba86a
--- /dev/null
+++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon
+gtest1:*::
diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/passwd b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/shadow b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/groupmems.test b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/groupmems.test
new file mode 100755
index 0000000..33e4fc4
--- /dev/null
+++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can list the users of another group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/run_groupmems.exp b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/run_groupmems.exp
new file mode 100755
index 0000000..8bba8ba
--- /dev/null
+++ b/tests/grouptools/groupmems/44_groupmems_user_list_users-another_group/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -l -g gtest1\r"		;#
+expect -re "\nutest1  bin  utmp \r"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config.txt b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/group b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/group
new file mode 100644
index 0000000..bd6da4e
--- /dev/null
+++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/gshadow b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/gshadow
new file mode 100644
index 0000000..02b9401
--- /dev/null
+++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon
diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/passwd b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/shadow b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/groupmems.test b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/groupmems.test
new file mode 100755
index 0000000..58f09cd
--- /dev/null
+++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/groupmems.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can list the users of a group, even if group is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/run_groupmems.exp b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/run_groupmems.exp
new file mode 100755
index 0000000..2b9b217
--- /dev/null
+++ b/tests/grouptools/groupmems/45_groupmems_user_list_users-group_locked/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -l\r"		;#
+expect -re "\nutest1  bin  daemon \r"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config.txt b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/group b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/group
new file mode 100644
index 0000000..bd6da4e
--- /dev/null
+++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/gshadow b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/gshadow
new file mode 100644
index 0000000..02b9401
--- /dev/null
+++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon
diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/passwd b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/shadow b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/groupmems.test b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/groupmems.test
new file mode 100755
index 0000000..a01a10e
--- /dev/null
+++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/groupmems.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) can list the users of a group, even if gshadow is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/run_groupmems.exp b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/run_groupmems.exp
new file mode 100755
index 0000000..2b9b217
--- /dev/null
+++ b/tests/grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -l\r"		;#
+expect -re "\nutest1  bin  daemon \r"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config.txt b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/group b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/gshadow b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/passwd b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/shadow b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/groupmems.test b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/groupmems.test
new file mode 100755
index 0000000..302b689
--- /dev/null
+++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/groupmems.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (-a) fails if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/run_groupmems.exp b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/run_groupmems.exp
new file mode 100755
index 0000000..0b10b00
--- /dev/null
+++ b/tests/grouptools/groupmems/47_groupmems_user_add_user-group_locked/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: cannot lock /etc/group; try again later."
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "2\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config.txt b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/group b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/group
new file mode 100644
index 0000000..7505b93
--- /dev/null
+++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:
diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/gshadow b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/gshadow
new file mode 100644
index 0000000..9945adc
--- /dev/null
+++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::
diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/passwd b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/shadow b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/groupmems.test b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/groupmems.test
new file mode 100755
index 0000000..38ac7a2
--- /dev/null
+++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/groupmems.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (-a) fails if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/run_groupmems.exp b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/run_groupmems.exp
new file mode 100755
index 0000000..123c573
--- /dev/null
+++ b/tests/grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: cannot lock /etc/gshadow; try again later."
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "2\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config.txt b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/group b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/gshadow b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/passwd b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/shadow b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/groupmems.test b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/groupmems.test
new file mode 100755
index 0000000..cfb8699
--- /dev/null
+++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/groupmems.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (-d) fails if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/run_groupmems.exp b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/run_groupmems.exp
new file mode 100755
index 0000000..267548c
--- /dev/null
+++ b/tests/grouptools/groupmems/49_groupmems_user_del_user-group_locked/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: cannot lock /etc/group; try again later."
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "2\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config.txt b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/group b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/gshadow b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/passwd b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/shadow b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/groupmems.test b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/groupmems.test
new file mode 100755
index 0000000..c2b5626
--- /dev/null
+++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/groupmems.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (-d) fails if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/run_groupmems.exp b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/run_groupmems.exp
new file mode 100755
index 0000000..b32825a
--- /dev/null
+++ b/tests/grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -d utest1\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: cannot lock /etc/gshadow; try again later."
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "2\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config.txt b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/group b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/gshadow b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/passwd b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/shadow b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/groupmems.test b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/groupmems.test
new file mode 100755
index 0000000..75272b3
--- /dev/null
+++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/groupmems.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (-p) fails if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/run_groupmems.exp b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/run_groupmems.exp
new file mode 100755
index 0000000..b7b7bb5
--- /dev/null
+++ b/tests/grouptools/groupmems/51_groupmems_user_purge_user-group_locked/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: cannot lock /etc/group; try again later."
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "2\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config.txt b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/group b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/group
new file mode 100644
index 0000000..7a0e295
--- /dev/null
+++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1
diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/gshadow b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/gshadow
new file mode 100644
index 0000000..c908c39
--- /dev/null
+++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1
diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/passwd b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/shadow b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/groupmems.test b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/groupmems.test
new file mode 100755
index 0000000..ecff63f
--- /dev/null
+++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/groupmems.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (-p) fails if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/run_groupmems.exp b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/run_groupmems.exp
new file mode 100755
index 0000000..56bb187
--- /dev/null
+++ b/tests/grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/run_groupmems.exp
@@ -0,0 +1,50 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -p\r"		;#
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (it is not ready to receive the password)
+sleep 0.1
+
+send "myuserF00barbaz\r"		;# Send the password
+
+send_user "\n# password 'myuserF00barbaz' sent\n\n"
+
+expect "groupmems: cannot lock /etc/gshadow; try again later."
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "2\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/53_groupmems_usage/config.txt b/tests/grouptools/groupmems/53_groupmems_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupmems/53_groupmems_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupmems/53_groupmems_usage/config/etc/group b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupmems/53_groupmems_usage/config/etc/gshadow b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupmems/53_groupmems_usage/config/etc/passwd b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmems/53_groupmems_usage/config/etc/shadow b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmems/53_groupmems_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/53_groupmems_usage/data/usage.out b/tests/grouptools/groupmems/53_groupmems_usage/data/usage.out
new file mode 100644
index 0000000..584313c
--- /dev/null
+++ b/tests/grouptools/groupmems/53_groupmems_usage/data/usage.out
@@ -0,0 +1,13 @@
+Usage: groupmems [options] [action]
+
+Options:
+  -g, --group groupname         change groupname instead of the user's group
+                                (root only)
+  -R, --root CHROOT_DIR         directory to chroot into
+
+Actions:
+  -a, --add username            add username to the members of the group
+  -d, --delete username         remove username from the members of the group
+  -h, --help                    display this help message and exit
+  -p, --purge                   purge all members from the group
+  -l, --list                    list the members of the group
diff --git a/tests/grouptools/groupmems/53_groupmems_usage/groupmems.test b/tests/grouptools/groupmems/53_groupmems_usage/groupmems.test
new file mode 100755
index 0000000..7b3784a
--- /dev/null
+++ b/tests/grouptools/groupmems/53_groupmems_usage/groupmems.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get groupmems usage (groupmems -h)..."
+groupmems -h >tmp/usage.out
+
+echo "OK"
+
+echo "groupmems reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config.txt b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/group b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/gshadow b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/login.defs b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/passwd b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/shadow b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/data/groupmems.err b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/data/groupmems.err
new file mode 100644
index 0000000..a6ac1f6
--- /dev/null
+++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/data/groupmems.err
@@ -0,0 +1,14 @@
+groupmems: invalid option -- 'Z'
+Usage: groupmems [options] [action]
+
+Options:
+  -g, --group groupname         change groupname instead of the user's group
+                                (root only)
+  -R, --root CHROOT_DIR         directory to chroot into
+
+Actions:
+  -a, --add username            add username to the members of the group
+  -d, --delete username         remove username from the members of the group
+  -h, --help                    display this help message and exit
+  -p, --purge                   purge all members from the group
+  -l, --list                    list the members of the group
diff --git a/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/groupmems.test b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/groupmems.test
new file mode 100755
index 0000000..d0e1fa7
--- /dev/null
+++ b/tests/grouptools/groupmems/54_groupmems_usage_invalid_option/groupmems.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems reports usage when called with an invalid option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call groupmems with an invalid option (groupmems -Z bar -g 1000 foo)..."
+groupmems -Z bar -g 1000 -a foo 2>tmp/groupmems.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "groupmems reported:"
+echo "======================================================================="
+cat tmp/groupmems.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmems.err tmp/groupmems.err
+echo "error message OK."
+rm -f tmp/groupmems.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config.txt b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/group b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/gshadow b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/login.defs b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/passwd b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/shadow b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/data/groupmems.err b/tests/grouptools/groupmems/55_groupmems_usage-a-d/data/groupmems.err
new file mode 100644
index 0000000..584313c
--- /dev/null
+++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/data/groupmems.err
@@ -0,0 +1,13 @@
+Usage: groupmems [options] [action]
+
+Options:
+  -g, --group groupname         change groupname instead of the user's group
+                                (root only)
+  -R, --root CHROOT_DIR         directory to chroot into
+
+Actions:
+  -a, --add username            add username to the members of the group
+  -d, --delete username         remove username from the members of the group
+  -h, --help                    display this help message and exit
+  -p, --purge                   purge all members from the group
+  -l, --list                    list the members of the group
diff --git a/tests/grouptools/groupmems/55_groupmems_usage-a-d/groupmems.test b/tests/grouptools/groupmems/55_groupmems_usage-a-d/groupmems.test
new file mode 100755
index 0000000..679361f
--- /dev/null
+++ b/tests/grouptools/groupmems/55_groupmems_usage-a-d/groupmems.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems reports usage if the -a and -d options are used atthe same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call groupmems with the -a and -d options (groupmems -a root -d nobody -g foo)..."
+groupmems -a root -d nobody -g foo 2>tmp/groupmems.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "groupmems reported:"
+echo "======================================================================="
+cat tmp/groupmems.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmems.err tmp/groupmems.err
+echo "error message OK."
+rm -f tmp/groupmems.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config.txt b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/group b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/gshadow b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/login.defs b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/passwd b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/shadow b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/data/groupmems.err b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/data/groupmems.err
new file mode 100644
index 0000000..584313c
--- /dev/null
+++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/data/groupmems.err
@@ -0,0 +1,13 @@
+Usage: groupmems [options] [action]
+
+Options:
+  -g, --group groupname         change groupname instead of the user's group
+                                (root only)
+  -R, --root CHROOT_DIR         directory to chroot into
+
+Actions:
+  -a, --add username            add username to the members of the group
+  -d, --delete username         remove username from the members of the group
+  -h, --help                    display this help message and exit
+  -p, --purge                   purge all members from the group
+  -l, --list                    list the members of the group
diff --git a/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/groupmems.test b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/groupmems.test
new file mode 100755
index 0000000..bdd0632
--- /dev/null
+++ b/tests/grouptools/groupmems/56_groupmems_usage_extra_arg/groupmems.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems reports usage if extra arguments are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call groupmems with an extra argument (groupmems -a root -g foo foo)..."
+groupmems -a root -g foo foo 2>tmp/groupmems.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "groupmems reported:"
+echo "======================================================================="
+cat tmp/groupmems.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmems.err tmp/groupmems.err
+echo "error message OK."
+rm -f tmp/groupmems.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config.txt b/tests/grouptools/groupmems/57_groupmems_authentication/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/group b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/group
new file mode 100644
index 0000000..287981e
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
+gtest1:x:424242:utest1,bin,utmp
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/gshadow b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/gshadow
new file mode 100644
index 0000000..f9ba86a
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon
+gtest1:*::
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-account b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-account
new file mode 100644
index 0000000..316b173
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-account
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-account - authorization settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authorization modules that define
+# the central access policy for use on the system.  The default is to
+# only deny service to users whose accounts are expired in /etc/shadow.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+#
+
+# here are the per-package modules (the "Primary" block)
+account	[success=1 new_authtok_reqd=done default=ignore]	pam_unix.so 
+# here's the fallback if no module succeeds
+account	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+account	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-auth b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-auth
new file mode 100644
index 0000000..5facfa2
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/common-auth
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-auth - authentication settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authentication modules that define
+# the central authentication scheme for use on the system
+# (e.g., /etc/shadow, LDAP, Kerberos, etc.).  The default is to use the
+# traditional Unix authentication mechanisms.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+auth	[success=1 default=ignore]	pam_unix.so nullok_secure
+# here's the fallback if no module succeeds
+auth	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+auth	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/groupmems b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/groupmems
new file mode 100644
index 0000000..2b65f34
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/pam.d/groupmems
@@ -0,0 +1,8 @@
+# The PAM configuration file for the Shadow 'groupmod' service
+#
+
+# This allows root to modify groups without being prompted for a password
+auth		sufficient	pam_rootok.so
+
+@include common-auth
+@include common-account
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/passwd b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/shadow b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/data/group b/tests/grouptools/groupmems/57_groupmems_authentication/data/group
new file mode 100644
index 0000000..7214940
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/data/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon,nobody
+gtest1:x:424242:utest1,bin,utmp
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/data/gshadow b/tests/grouptools/groupmems/57_groupmems_authentication/data/gshadow
new file mode 100644
index 0000000..b79987c
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/data/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon,nobody
+gtest1:*::
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/groupmems.test b/tests/grouptools/groupmems/57_groupmems_authentication/groupmems.test
new file mode 100755
index 0000000..4abad1b
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) authenticate the caller"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/57_groupmems_authentication/run_groupmems.exp b/tests/grouptools/groupmems/57_groupmems_authentication/run_groupmems.exp
new file mode 100755
index 0000000..1cb9847
--- /dev/null
+++ b/tests/grouptools/groupmems/57_groupmems_authentication/run_groupmems.exp
@@ -0,0 +1,43 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a nobody\r"
+expect "Password: "
+send "myuserF00barbaz\r"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "0\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config.txt b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/group b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/group
new file mode 100644
index 0000000..287981e
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
+gtest1:x:424242:utest1,bin,utmp
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/gshadow b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/gshadow
new file mode 100644
index 0000000..f9ba86a
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon
+gtest1:*::
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-account b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-account
new file mode 100644
index 0000000..316b173
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-account
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-account - authorization settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authorization modules that define
+# the central access policy for use on the system.  The default is to
+# only deny service to users whose accounts are expired in /etc/shadow.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+#
+
+# here are the per-package modules (the "Primary" block)
+account	[success=1 new_authtok_reqd=done default=ignore]	pam_unix.so 
+# here's the fallback if no module succeeds
+account	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+account	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-auth b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-auth
new file mode 100644
index 0000000..5facfa2
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/common-auth
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-auth - authentication settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authentication modules that define
+# the central authentication scheme for use on the system
+# (e.g., /etc/shadow, LDAP, Kerberos, etc.).  The default is to use the
+# traditional Unix authentication mechanisms.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+auth	[success=1 default=ignore]	pam_unix.so nullok_secure
+# here's the fallback if no module succeeds
+auth	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+auth	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/groupmems b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/groupmems
new file mode 100644
index 0000000..2b65f34
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/pam.d/groupmems
@@ -0,0 +1,8 @@
+# The PAM configuration file for the Shadow 'groupmod' service
+#
+
+# This allows root to modify groups without being prompted for a password
+auth		sufficient	pam_rootok.so
+
+@include common-auth
+@include common-account
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/passwd b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/shadow b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/groupmems.test b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/groupmems.test
new file mode 100755
index 0000000..bf741c9
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) authenticates the caller"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/58_groupmems_authentication_failure1/run_groupmems.exp b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/run_groupmems.exp
new file mode 100755
index 0000000..1a14059
--- /dev/null
+++ b/tests/grouptools/groupmems/58_groupmems_authentication_failure1/run_groupmems.exp
@@ -0,0 +1,44 @@
+#!/usr/bin/expect
+
+set timeout 3
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a nobody\r"
+expect "Password: "
+send "!myuserF00barbaz\r"
+expect -re "groupmems: PAM: Authentication failure\r"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "1\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config.txt b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/group b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/group
new file mode 100644
index 0000000..287981e
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
+gtest1:x:424242:utest1,bin,utmp
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/gshadow b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/gshadow
new file mode 100644
index 0000000..f9ba86a
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon
+gtest1:*::
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-account b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-account
new file mode 100644
index 0000000..c175a14
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-account
@@ -0,0 +1 @@
+account	requisite			pam_deny.so
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-auth b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-auth
new file mode 100644
index 0000000..5facfa2
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/common-auth
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-auth - authentication settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authentication modules that define
+# the central authentication scheme for use on the system
+# (e.g., /etc/shadow, LDAP, Kerberos, etc.).  The default is to use the
+# traditional Unix authentication mechanisms.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+auth	[success=1 default=ignore]	pam_unix.so nullok_secure
+# here's the fallback if no module succeeds
+auth	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+auth	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/groupmems b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/groupmems
new file mode 100644
index 0000000..2b65f34
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/pam.d/groupmems
@@ -0,0 +1,8 @@
+# The PAM configuration file for the Shadow 'groupmod' service
+#
+
+# This allows root to modify groups without being prompted for a password
+auth		sufficient	pam_rootok.so
+
+@include common-auth
+@include common-account
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/passwd b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/shadow b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/groupmems.test b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/groupmems.test
new file mode 100755
index 0000000..bf741c9
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/groupmems.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) authenticates the caller"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/59_groupmems_authentication_failure2/run_groupmems.exp b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/run_groupmems.exp
new file mode 100755
index 0000000..80ad09d
--- /dev/null
+++ b/tests/grouptools/groupmems/59_groupmems_authentication_failure2/run_groupmems.exp
@@ -0,0 +1,44 @@
+#!/usr/bin/expect
+
+set timeout 3
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a nobody\r"
+expect "Password: "
+send "myuserF00barbaz\r"
+expect -re "groupmems: PAM: Authentication failure\r"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "1\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config.txt b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config.txt
new file mode 100644
index 0000000..fa7bf43
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config.txt
@@ -0,0 +1 @@
+user myuser, in group groups
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/group b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/group
new file mode 100644
index 0000000..287981e
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+groupmems:x:99:myuser
+utest1:x:1000:
+myuser:x:424242:utest1,bin,daemon
+gtest1:x:424242:utest1,bin,utmp
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/gshadow b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/gshadow
new file mode 100644
index 0000000..f9ba86a
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+groupmems:*::myuser
+utest1:*::
+myuser:x::utest1,bin,daemon
+gtest1:*::
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/groupmems b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/groupmems
new file mode 100644
index 0000000..9152969
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/groupmems
@@ -0,0 +1 @@
+This file will be removed
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/other b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/other
new file mode 100644
index 0000000..9152969
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/pam.d/other
@@ -0,0 +1 @@
+This file will be removed
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/passwd b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/passwd
new file mode 100644
index 0000000..df9b7a0
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+utest1:x:1000:1000::/tmp:/bin/sh
+myuser:x:424242:424242::/home:/bin/bash
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/shadow b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/shadow
new file mode 100644
index 0000000..65079bb
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+utest1:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/groupmems.test b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/groupmems.test
new file mode 100755
index 0000000..fb5129d
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/groupmems.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmems (called by a regular user) authenticates the caller"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove PAM configuration (/etc/pam.d/other /etc/pam.d/groupmems)..."
+rm -f /etc/pam.d/other /etc/pam.d/groupmems
+echo "OK"
+
+echo -n "myuser will call groupmems..."
+./run_groupmems.exp
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmems/60_groupmems_authentication_failure3/run_groupmems.exp b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/run_groupmems.exp
new file mode 100755
index 0000000..0c4c479
--- /dev/null
+++ b/tests/grouptools/groupmems/60_groupmems_authentication_failure3/run_groupmems.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect
+
+set timeout 3
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 0} {
+	puts "usage: run_groupmems.exp"
+	exit 1
+}
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the 'myuser' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su myuser
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'myuser'"
+send_user "\n# id should return 'uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser),99(groupmems)"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now add user utest1 to the myuser group\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "/usr/sbin/groupmems -a nobody\r"
+expect -re "groupmems: PAM: Critical error . immediate abort"
+
+expect "$ "			;# Wait for the prompt
+send "echo $?\r"
+expect "1\r"
+expect "$ "			;# Wait for the prompt
+close
+
+puts "\nPASS"
+exit 0
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config.txt b/tests/grouptools/groupmod/01_groupmod_change_gid/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/default/useradd b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/group b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/gshadow b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/login.defs b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/passwd b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/shadow b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/data/group b/tests/grouptools/groupmod/01_groupmod_change_gid/data/group
new file mode 100644
index 0000000..b51c3ad
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1001:
diff --git a/tests/grouptools/groupmod/01_groupmod_change_gid/groupmod.test b/tests/grouptools/groupmod/01_groupmod_change_gid/groupmod.test
new file mode 100755
index 0000000..5c32e0b
--- /dev/null
+++ b/tests/grouptools/groupmod/01_groupmod_change_gid/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the GID of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+groupmod -g 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config.txt b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/default/useradd b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/group b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/gshadow b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/login.defs b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/passwd b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/shadow b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/group b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/group
new file mode 100644
index 0000000..b51c3ad
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1001:
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/passwd b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/passwd
new file mode 100644
index 0000000..9fd396a
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1001:::/bin/false
diff --git a/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/groupmod.test b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/groupmod.test
new file mode 100755
index 0000000..f92fc52
--- /dev/null
+++ b/tests/grouptools/groupmod/02_groupmod_change_gid_change_primary_group/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod changes the primary group of users when it changes the GID of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+groupmod -g 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config.txt b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/group b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/data/group b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/data/group
new file mode 100644
index 0000000..b51c3ad
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1001:
diff --git a/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/groupmod.test b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/groupmod.test
new file mode 100755
index 0000000..4b327c5
--- /dev/null
+++ b/tests/grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the GID of a group (no gshadow group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+groupmod -g 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config.txt b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/default/useradd b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/group b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/login.defs b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/data/group b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/data/group
new file mode 100644
index 0000000..b51c3ad
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1001:
diff --git a/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/groupmod.test b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/groupmod.test
new file mode 100755
index 0000000..6ba1e5e
--- /dev/null
+++ b/tests/grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/groupmod.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the GID of a group (no gshadow file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+groupmod -g 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config.txt b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config.txt
new file mode 100644
index 0000000..872618a
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config.txt
@@ -0,0 +1,2 @@
+group foo, GID 1000
+group bar, GID 1001
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/default/useradd b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/group b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/group
new file mode 100644
index 0000000..e65d5b0
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/gshadow b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/login.defs b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/passwd b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/shadow b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/data/group b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/data/group
new file mode 100644
index 0000000..2c24807
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1001:
+bar:x:1001:
diff --git a/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/groupmod.test b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/groupmod.test
new file mode 100755
index 0000000..51f92a7
--- /dev/null
+++ b/tests/grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the GID of a group to an already used GID, with -o"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 -o foo)..."
+groupmod -g 1001 -o foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config.txt b/tests/grouptools/groupmod/06_groupmod_change_group_name/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/default/useradd b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/group b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/gshadow b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/login.defs b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/passwd b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/shadow b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/data/group b/tests/grouptools/groupmod/06_groupmod_change_group_name/data/group
new file mode 100644
index 0000000..75815b9
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/data/gshadow b/tests/grouptools/groupmod/06_groupmod_change_group_name/data/gshadow
new file mode 100644
index 0000000..e814af0
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/grouptools/groupmod/06_groupmod_change_group_name/groupmod.test b/tests/grouptools/groupmod/06_groupmod_change_group_name/groupmod.test
new file mode 100755
index 0000000..cb567a8
--- /dev/null
+++ b/tests/grouptools/groupmod/06_groupmod_change_group_name/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the name of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar (groupmod -n bar foo)..."
+groupmod -n bar foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config.txt b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/group b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/data/group b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/data/group
new file mode 100644
index 0000000..75815b9
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/groupmod.test b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/groupmod.test
new file mode 100755
index 0000000..65391ba
--- /dev/null
+++ b/tests/grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the name of a group (no gshadow group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar (groupmod -n bar foo)..."
+groupmod -n bar foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config.txt b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/default/useradd b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/group b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/login.defs b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/data/group b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/data/group
new file mode 100644
index 0000000..75815b9
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/groupmod.test b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/groupmod.test
new file mode 100755
index 0000000..dee0d5b
--- /dev/null
+++ b/tests/grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/groupmod.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the name of a group (no gshadow file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Rename group foo to bar (groupmod -n bar foo)..."
+groupmod -n bar foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config.txt b/tests/grouptools/groupmod/09_groupmod_set_password/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/default/useradd b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/group b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/gshadow b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/login.defs b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/passwd b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/shadow b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/data/gshadow b/tests/grouptools/groupmod/09_groupmod_set_password/data/gshadow
new file mode 100644
index 0000000..601bd46
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:foopassw::
diff --git a/tests/grouptools/groupmod/09_groupmod_set_password/groupmod.test b/tests/grouptools/groupmod/09_groupmod_set_password/groupmod.test
new file mode 100755
index 0000000..dd2b400
--- /dev/null
+++ b/tests/grouptools/groupmod/09_groupmod_set_password/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can set the password of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of foo to 1001 (groupmod -p foopassw foo)..."
+groupmod -p foopassw foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config.txt b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/group b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/data/gshadow b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/data/gshadow
new file mode 100644
index 0000000..601bd46
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:foopassw::
diff --git a/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/groupmod.test b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/groupmod.test
new file mode 100755
index 0000000..01a7d46
--- /dev/null
+++ b/tests/grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can set the password of a group (no gshadow group)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of foo to 1001 (groupmod -p foopassw foo)..."
+groupmod -p foopassw foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config.txt b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/default/useradd b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/group b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..7c2b4e8
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:oldpass:1000:
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/gshadow b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/login.defs b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/passwd b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/shadow b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/data/group b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/data/group
new file mode 100644
index 0000000..fafb2ea
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:foopassw:1000:
diff --git a/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/groupmod.test b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/groupmod.test
new file mode 100755
index 0000000..44597ad
--- /dev/null
+++ b/tests/grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/groupmod.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can set the password of a group (no gshadow file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "Remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Change GID of foo to 1001 (groupmod -p foopassw foo)..."
+groupmod -p foopassw foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config.txt b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/default/useradd b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/group b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/gshadow b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/login.defs b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/passwd b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/shadow b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/data/groupmod.err b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/data/groupmod.err
new file mode 100644
index 0000000..35720f8
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/data/groupmod.err
@@ -0,0 +1 @@
+groupmod: group 'bar' does not exist
diff --git a/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/groupmod.test b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/groupmod.test
new file mode 100755
index 0000000..4c7f477
--- /dev/null
+++ b/tests/grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the group exists"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of bar to 1001 (groupmod -g 1001 bar)..."
+groupmod -g 1001 bar 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config.txt b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config.txt
new file mode 100644
index 0000000..872618a
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config.txt
@@ -0,0 +1,2 @@
+group foo, GID 1000
+group bar, GID 1001
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/default/useradd b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/group b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/group
new file mode 100644
index 0000000..e65d5b0
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/gshadow b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/login.defs b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/passwd b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/shadow b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/data/groupmod.err b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/data/groupmod.err
new file mode 100644
index 0000000..796f655
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/data/groupmod.err
@@ -0,0 +1 @@
+groupmod: GID '1001' already exists
diff --git a/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/groupmod.test b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/groupmod.test
new file mode 100755
index 0000000..9ce5bfe
--- /dev/null
+++ b/tests/grouptools/groupmod/13_groupmod_change_gid_error_used_GID/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the new GID is used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config.txt b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config.txt
new file mode 100644
index 0000000..872618a
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config.txt
@@ -0,0 +1,2 @@
+group foo, GID 1000
+group bar, GID 1001
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/default/useradd b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/group b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/group
new file mode 100644
index 0000000..e65d5b0
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/gshadow b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/login.defs b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/passwd b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/shadow b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/data/groupmod.err b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/data/groupmod.err
new file mode 100644
index 0000000..97ea6f6
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/data/groupmod.err
@@ -0,0 +1 @@
+groupmod: group 'bar' already exists
diff --git a/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/groupmod.test b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/groupmod.test
new file mode 100755
index 0000000..1245a9d
--- /dev/null
+++ b/tests/grouptools/groupmod/14_groupmod_change_group_name_error_used_name/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the new group name is used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar (groupmod --new-name bar foo)..."
+groupmod --new-name bar foo 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "9"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config.txt b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config.txt
new file mode 100644
index 0000000..872618a
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config.txt
@@ -0,0 +1,2 @@
+group foo, GID 1000
+group bar, GID 1001
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/default/useradd b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/group b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/group
new file mode 100644
index 0000000..e65d5b0
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/gshadow b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/login.defs b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/passwd b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/shadow b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/data/groupmod.err b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/data/groupmod.err
new file mode 100644
index 0000000..1a0e537
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/data/groupmod.err
@@ -0,0 +1 @@
+groupmod: invalid group name 'to:to'
diff --git a/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/groupmod.test b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/groupmod.test
new file mode 100755
index 0000000..f326d1d
--- /dev/null
+++ b/tests/grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the new group name is used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to to:to (groupmod --new-name to:to foo)..."
+groupmod --new-name to:to foo 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config.txt b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/default/useradd b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/group b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/gshadow b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/login.defs b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/passwd b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/shadow b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/groupmod.test b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/groupmod.test
new file mode 100755
index 0000000..f9a3519
--- /dev/null
+++ b/tests/grouptools/groupmod/16_groupmod_change_group_name_no_changes/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can rename a group to its name"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to foo (groupmod -n foo foo)..."
+groupmod -n foo foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config.txt b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/default/useradd b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/group b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/gshadow b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/login.defs b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/passwd b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/shadow b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/data/groupmod.err b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/data/groupmod.err
new file mode 100644
index 0000000..e399ec7
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/data/groupmod.err
@@ -0,0 +1,2 @@
+groupmod: existing lock file /etc/group.lock without a PID
+groupmod: cannot lock /etc/group; try again later.
diff --git a/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/groupmod.test b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/groupmod.test
new file mode 100755
index 0000000..21a0a1b
--- /dev/null
+++ b/tests/grouptools/groupmod/17_groupmod_change_gid_error_locked_group/groupmod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config.txt b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/default/useradd b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/group b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/gshadow b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/login.defs b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/passwd b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/shadow b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/data/group b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/data/group
new file mode 100644
index 0000000..b51c3ad
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1001:
diff --git a/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/groupmod.test b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/groupmod.test
new file mode 100755
index 0000000..60b4c4f
--- /dev/null
+++ b/tests/grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/groupmod.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the gshadow file is locked only if gshadow is changed"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+groupmod -g 1001 foo
+echo "OK"
+
+echo -n "Delete lock file for /etc/gshadow..."
+rm -f /etc/gshadow.lock
+echo "done"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config.txt b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/default/useradd b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/group b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/gshadow b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/login.defs b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/passwd b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/shadow b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/data/groupmod.err b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/data/groupmod.err
new file mode 100644
index 0000000..c8745ef
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/data/groupmod.err
@@ -0,0 +1 @@
+groupmod: invalid group ID '1001a'
diff --git a/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/groupmod.test b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/groupmod.test
new file mode 100755
index 0000000..d3ae0a1
--- /dev/null
+++ b/tests/grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the specified GID is valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of bar to 1001a (groupmod -g 1001a bar)..."
+groupmod -g 1001a bar 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config.txt b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/default/useradd b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/group b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/gshadow b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/login.defs b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/passwd b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/shadow b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/data/groupmod.err b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/data/groupmod.err
new file mode 100644
index 0000000..824372f
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/data/groupmod.err
@@ -0,0 +1 @@
+groupmod: invalid group ID '-1001'
diff --git a/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/groupmod.test b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/groupmod.test
new file mode 100755
index 0000000..cc583b9
--- /dev/null
+++ b/tests/grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the specified GID is valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of bar to -1001 (groupmod -g -1001 bar)..."
+groupmod -g -1001 bar 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config.txt b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/default/useradd b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/group b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/gshadow b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/login.defs b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/passwd b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/shadow b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/data/groupmod.err b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/data/groupmod.err
new file mode 100644
index 0000000..c9b28d7
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/data/groupmod.err
@@ -0,0 +1,11 @@
+Usage: groupmod [options] GROUP
+
+Options:
+  -g, --gid GID                 change the group ID to GID
+  -h, --help                    display this help message and exit
+  -n, --new-name NEW_GROUP      change the name to NEW_GROUP
+  -o, --non-unique              allow to use a duplicate (non-unique) GID
+  -p, --password PASSWORD       change the password to this (encrypted)
+                                PASSWORD
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/groupmod.test b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/groupmod.test
new file mode 100755
index 0000000..bcfbb64
--- /dev/null
+++ b/tests/grouptools/groupmod/21_groupmod_change_gid_error_no_group/groupmod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks a group parameter was given"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Change GID to 1001 (groupmod -g 1001)..."
+groupmod -g 1001 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/group b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/gshadow b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/login.defs b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/passwd b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/shadow b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/group b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/group
new file mode 100644
index 0000000..4b6a079
--- /dev/null
+++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo2:x:1001:
diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/gshadow b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/gshadow
new file mode 100644
index 0000000..08d25a2
--- /dev/null
+++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo2:*::
diff --git a/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/groupmod.test b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/groupmod.test
new file mode 100755
index 0000000..612ac24
--- /dev/null
+++ b/tests/grouptools/groupmod/22_groupmod_change_gid_and_group_name/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the GID of a group and the group's name"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID and name of foo to 1001/foo2 (groupmod -g 1001 -n foo2 foo)..."
+groupmod -g 1001 -n foo2 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/group b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/gshadow b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/login.defs b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/passwd b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/shadow b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/group b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/group
new file mode 100644
index 0000000..e898b8d
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo3:x:1001:
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/gshadow b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/gshadow
new file mode 100644
index 0000000..3c65dec
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo3:toto::
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/passwd b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/passwd
new file mode 100644
index 0000000..9fd396a
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1001:::/bin/false
diff --git a/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/groupmod.test b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/groupmod.test
new file mode 100755
index 0000000..5f1c0f8
--- /dev/null
+++ b/tests/grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the GID, the name, and the password of a group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID, name and password of foo (groupmod -n foo3 -g 1001 -p toto foo)..."
+groupmod -n foo3 -g 1001 -p toto foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/group b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/gshadow b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/login.defs b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/passwd b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/shadow b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/data/groupmod.err b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/data/groupmod.err
new file mode 100644
index 0000000..3b3400f
--- /dev/null
+++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/data/groupmod.err
@@ -0,0 +1,2 @@
+groupmod: existing lock file /etc/gshadow.lock without a PID
+groupmod: cannot lock /etc/gshadow; try again later.
diff --git a/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/groupmod.test b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/groupmod.test
new file mode 100755
index 0000000..a07c6a1
--- /dev/null
+++ b/tests/grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/groupmod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Change GID and name of foo to 1001 (groupmod -g 1001 -n bar foo)..."
+groupmod -g 1001 -n bar foo 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/group b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/gshadow b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/login.defs b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/passwd b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/shadow b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/data/groupmod.err b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/data/groupmod.err
new file mode 100644
index 0000000..5d391a0
--- /dev/null
+++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/data/groupmod.err
@@ -0,0 +1,2 @@
+groupmod: existing lock file /etc/passwd.lock without a PID
+groupmod: cannot lock /etc/passwd; try again later.
diff --git a/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/groupmod.test b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/groupmod.test
new file mode 100755
index 0000000..b56d14c
--- /dev/null
+++ b/tests/grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/groupmod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the passwd file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Change GID of foo to 1001 (groupmod -g 1001 foo)..."
+groupmod -g 1001 foo 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/group b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/gshadow b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/login.defs b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/passwd b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/shadow b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/group b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/group
new file mode 100644
index 0000000..75815b9
--- /dev/null
+++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/gshadow b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/gshadow
new file mode 100644
index 0000000..e814af0
--- /dev/null
+++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/groupmod.test b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/groupmod.test
new file mode 100755
index 0000000..d0831fd
--- /dev/null
+++ b/tests/grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/groupmod.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the passwd file is locked only if passwd is changed"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Change name of foo to bar (groupmod -n bar foo)..."
+groupmod -n bar foo
+echo "OK"
+
+echo -n "Delete lock file for /etc/gshadow..."
+rm -f /etc/passwd.lock
+echo "done"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config.txt b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/default/useradd b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/group b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/gshadow b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/login.defs b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/passwd b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/shadow b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/data/groupmod.err b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/data/groupmod.err
new file mode 100644
index 0000000..70d741a
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/data/groupmod.err
@@ -0,0 +1 @@
+groupmod: invalid group ID '4294967295'
diff --git a/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/groupmod.test b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/groupmod.test
new file mode 100755
index 0000000..6dc895f
--- /dev/null
+++ b/tests/grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod checks if the specified GID is valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change GID of bar to 4294967295 (groupmod -g 4294967295 bar)..."
+groupmod -g 4294967295 bar 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config.txt b/tests/grouptools/groupmod/28_groupmod_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupmod/28_groupmod_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config/etc/default/useradd b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config/etc/group b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config/etc/gshadow b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config/etc/passwd b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/28_groupmod_usage/config/etc/shadow b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/28_groupmod_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/28_groupmod_usage/data/usage.out b/tests/grouptools/groupmod/28_groupmod_usage/data/usage.out
new file mode 100644
index 0000000..c9b28d7
--- /dev/null
+++ b/tests/grouptools/groupmod/28_groupmod_usage/data/usage.out
@@ -0,0 +1,11 @@
+Usage: groupmod [options] GROUP
+
+Options:
+  -g, --gid GID                 change the group ID to GID
+  -h, --help                    display this help message and exit
+  -n, --new-name NEW_GROUP      change the name to NEW_GROUP
+  -o, --non-unique              allow to use a duplicate (non-unique) GID
+  -p, --password PASSWORD       change the password to this (encrypted)
+                                PASSWORD
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/grouptools/groupmod/28_groupmod_usage/groupmod.test b/tests/grouptools/groupmod/28_groupmod_usage/groupmod.test
new file mode 100755
index 0000000..29fe545
--- /dev/null
+++ b/tests/grouptools/groupmod/28_groupmod_usage/groupmod.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get groupmod usage (groupmod -h)..."
+groupmod -h >tmp/usage.out
+
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config.txt b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/default/useradd b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/group b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/gshadow b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/login.defs b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/passwd b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/shadow b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/group b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/group
new file mode 100644
index 0000000..75815b9
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/gshadow b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/gshadow
new file mode 100644
index 0000000..e814af0
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/groupmod.test b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/groupmod.test
new file mode 100755
index 0000000..f899420
--- /dev/null
+++ b/tests/grouptools/groupmod/29_groupmod_-g_same_gid_new_name/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can change the name of a group and keep the same gid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar and keep the same gid (groupmod -n bar -g 1000 foo)..."
+groupmod -n bar -g 1000 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config.txt b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/default/useradd b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/group b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/gshadow b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/login.defs b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/passwd b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/shadow b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/groupmod.test b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/groupmod.test
new file mode 100755
index 0000000..976476c
--- /dev/null
+++ b/tests/grouptools/groupmod/30_groupmod_-g_same_gid_same_name/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can keep the name and gid for a group and does not complain"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename group foo to bar and keep the same gid (groupmod -n foo -g 1000 foo)..."
+groupmod -n foo -g 1000 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config.txt b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/default/useradd b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/group b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/gshadow b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/login.defs b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/passwd b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/shadow b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/31_groupmod_-g_same_gid/groupmod.test b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/groupmod.test
new file mode 100755
index 0000000..95262ef
--- /dev/null
+++ b/tests/grouptools/groupmod/31_groupmod_-g_same_gid/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod keeps the same gid and does not complain if there are no other changes"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Keep the same gid and no other changes (groupmod -g 1000 foo)..."
+groupmod -g 1000 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config.txt b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/default/useradd b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/group b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/gshadow b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/passwd b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/shadow b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/data/groupmod.err b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/data/groupmod.err
new file mode 100644
index 0000000..c9b28d7
--- /dev/null
+++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/data/groupmod.err
@@ -0,0 +1,11 @@
+Usage: groupmod [options] GROUP
+
+Options:
+  -g, --gid GID                 change the group ID to GID
+  -h, --help                    display this help message and exit
+  -n, --new-name NEW_GROUP      change the name to NEW_GROUP
+  -o, --non-unique              allow to use a duplicate (non-unique) GID
+  -p, --password PASSWORD       change the password to this (encrypted)
+                                PASSWORD
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/grouptools/groupmod/32_groupmod_-o_without_-g/groupmod.test b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/groupmod.test
new file mode 100755
index 0000000..13d13ee
--- /dev/null
+++ b/tests/grouptools/groupmod/32_groupmod_-o_without_-g/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod -o requires -g"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "groupmod -o -n bar foo..."
+groupmod -o -n bar foo 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config.txt b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/default/useradd b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/group b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/gshadow b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/login.defs b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/passwd b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/shadow b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/data/group b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/data/group
new file mode 100644
index 0000000..fafb2ea
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:foopassw:1000:
diff --git a/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/groupmod.test b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/groupmod.test
new file mode 100755
index 0000000..44597ad
--- /dev/null
+++ b/tests/grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/groupmod.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can set the password of a group (no gshadow file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "Remove the gshadow file"
+rm -f /etc/gshadow
+
+echo -n "Change GID of foo to 1001 (groupmod -p foopassw foo)..."
+groupmod -p foopassw foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config.txt b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/default/useradd b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/group b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/group
new file mode 100644
index 0000000..7c2b4e8
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:oldpass:1000:
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/gshadow b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/login.defs b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/passwd b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/shadow b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/group b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/group
new file mode 100644
index 0000000..fafb2ea
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:foopassw:1000:
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/gshadow b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/gshadow
new file mode 100644
index 0000000..601bd46
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:foopassw::
diff --git a/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/groupmod.test b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/groupmod.test
new file mode 100755
index 0000000..a765f4d
--- /dev/null
+++ b/tests/grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can set the password of a group (no gshadow file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change password of foo (groupmod -p foopassw foo)..."
+groupmod -p foopassw foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config.txt b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/group b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..7c2b4e8
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:oldpass:1000:
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/data/group b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/data/group
new file mode 100644
index 0000000..fafb2ea
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:foopassw:1000:
diff --git a/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/groupmod.test b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/groupmod.test
new file mode 100755
index 0000000..1e2303c
--- /dev/null
+++ b/tests/grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can set the password of a group (no gshadow file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change password of foo (groupmod -p foopassw foo)..."
+groupmod -p foopassw foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config.txt b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/default/useradd b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/group b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/gshadow b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/login.defs b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/passwd b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/shadow b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/data/gshadow b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/data/gshadow
new file mode 100644
index 0000000..601bd46
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:foopassw::
diff --git a/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/groupmod.test b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/groupmod.test
new file mode 100755
index 0000000..c2a0b6b
--- /dev/null
+++ b/tests/grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/groupmod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod can set the password of a group (no gshadow file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change password of foo (groupmod -p foopassw foo)..."
+groupmod -p foopassw foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config.txt b/tests/grouptools/groupmod/37_groupmod_invalid_option/config.txt
new file mode 100644
index 0000000..e9e4bbe
--- /dev/null
+++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config.txt
@@ -0,0 +1 @@
+group foo, GID 1000
diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/group b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/gshadow b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/login.defs b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/passwd b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/shadow b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/data/groupmod.err b/tests/grouptools/groupmod/37_groupmod_invalid_option/data/groupmod.err
new file mode 100644
index 0000000..6bec2e0
--- /dev/null
+++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/data/groupmod.err
@@ -0,0 +1,12 @@
+groupmod: invalid option -- 'Z'
+Usage: groupmod [options] GROUP
+
+Options:
+  -g, --gid GID                 change the group ID to GID
+  -h, --help                    display this help message and exit
+  -n, --new-name NEW_GROUP      change the name to NEW_GROUP
+  -o, --non-unique              allow to use a duplicate (non-unique) GID
+  -p, --password PASSWORD       change the password to this (encrypted)
+                                PASSWORD
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/grouptools/groupmod/37_groupmod_invalid_option/groupmod.test b/tests/grouptools/groupmod/37_groupmod_invalid_option/groupmod.test
new file mode 100755
index 0000000..23c394f
--- /dev/null
+++ b/tests/grouptools/groupmod/37_groupmod_invalid_option/groupmod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "groupmod reports usage when called with an invalid option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call groupmod with an invalid option (groupmod -Z bar -g 1000 foo)..."
+groupmod -Z bar -g 1000 foo 2>tmp/groupmod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "groupmod reported:"
+echo "======================================================================="
+cat tmp/groupmod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupmod.err tmp/groupmod.err
+echo "error message OK."
+rm -f tmp/groupmod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/01_faillog_no_faillog/config.txt b/tests/log/faillog/01_faillog_no_faillog/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/01_faillog_no_faillog/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/01_faillog_no_faillog/config/etc/group b/tests/log/faillog/01_faillog_no_faillog/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/01_faillog_no_faillog/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/01_faillog_no_faillog/config/etc/gshadow b/tests/log/faillog/01_faillog_no_faillog/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/01_faillog_no_faillog/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/01_faillog_no_faillog/config/etc/passwd b/tests/log/faillog/01_faillog_no_faillog/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/log/faillog/01_faillog_no_faillog/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/log/faillog/01_faillog_no_faillog/config/etc/shadow b/tests/log/faillog/01_faillog_no_faillog/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/log/faillog/01_faillog_no_faillog/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/01_faillog_no_faillog/data/faillog.err b/tests/log/faillog/01_faillog_no_faillog/data/faillog.err
new file mode 100644
index 0000000..501b7cd
--- /dev/null
+++ b/tests/log/faillog/01_faillog_no_faillog/data/faillog.err
@@ -0,0 +1 @@
+faillog: Cannot open /var/log/faillog: No such file or directory
diff --git a/tests/log/faillog/01_faillog_no_faillog/faillog.test b/tests/log/faillog/01_faillog_no_faillog/faillog.test
new file mode 100755
index 0000000..716bbf1
--- /dev/null
+++ b/tests/log/faillog/01_faillog_no_faillog/faillog.test
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog detects missing /var/log/faillog and does not create it"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; touch /var/log/faillog' 0
+
+change_config
+
+echo -n "Remove /var/log/faillog (it will not be restored)..."
+rm -f /var/log/faillog
+echo "OK"
+
+echo -n "Execute faillog (faillog)..."
+faillog 2>tmp/faillog.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/faillog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/faillog.err tmp/faillog.err
+echo "usage message OK."
+rm -f tmp/faillog.err
+
+echo -n "Check that the /var/log/faillog file was not created"...
+test ! -f /var/log/faillog
+echo "OK"
+
+touch /var/log/faillog
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/02_faillog_usage/config.txt b/tests/log/faillog/02_faillog_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/faillog/02_faillog_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/faillog/02_faillog_usage/config/etc/group b/tests/log/faillog/02_faillog_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/faillog/02_faillog_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/faillog/02_faillog_usage/config/etc/gshadow b/tests/log/faillog/02_faillog_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/faillog/02_faillog_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/faillog/02_faillog_usage/config/etc/passwd b/tests/log/faillog/02_faillog_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/faillog/02_faillog_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/faillog/02_faillog_usage/config/etc/shadow b/tests/log/faillog/02_faillog_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/faillog/02_faillog_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/02_faillog_usage/data/usage.out b/tests/log/faillog/02_faillog_usage/data/usage.out
new file mode 100644
index 0000000..d5d2839
--- /dev/null
+++ b/tests/log/faillog/02_faillog_usage/data/usage.out
@@ -0,0 +1,14 @@
+Usage: faillog [options]
+
+Options:
+  -a, --all                     display faillog records for all users
+  -h, --help                    display this help message and exit
+  -l, --lock-secs SEC           after failed login lock account for SEC seconds
+  -m, --maximum MAX             set maximum failed login counters to MAX
+  -r, --reset                   reset the counters of login failures
+  -R, --root CHROOT_DIR         directory to chroot into
+  -t, --time DAYS               display faillog records more recent than DAYS
+  -u, --user LOGIN/RANGE        display faillog record or maintains failure
+                                counters and limits (if used with -r, -m,
+                                or -l) only for the specified LOGIN(s)
+
diff --git a/tests/log/faillog/02_faillog_usage/faillog.test b/tests/log/faillog/02_faillog_usage/faillog.test
new file mode 100755
index 0000000..b9a0b9c
--- /dev/null
+++ b/tests/log/faillog/02_faillog_usage/faillog.test
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get faillog usage (faillog -h)..."
+faillog -h >tmp/usage.out
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/03_faillog_format/config.txt b/tests/log/faillog/03_faillog_format/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/03_faillog_format/config/etc/group b/tests/log/faillog/03_faillog_format/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/03_faillog_format/config/etc/gshadow b/tests/log/faillog/03_faillog_format/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/03_faillog_format/config/etc/pam.d/login b/tests/log/faillog/03_faillog_format/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/03_faillog_format/config/etc/passwd b/tests/log/faillog/03_faillog_format/config/etc/passwd
new file mode 100644
index 0000000..ae6ebfe
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
diff --git a/tests/log/faillog/03_faillog_format/config/etc/shadow b/tests/log/faillog/03_faillog_format/config/etc/shadow
new file mode 100644
index 0000000..3b8a1ed
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:pass:12977:0:99999:7:::
diff --git a/tests/log/faillog/03_faillog_format/data/faillog.out b/tests/log/faillog/03_faillog_format/data/faillog.out
new file mode 100644
index 0000000..5855881
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/data/faillog.out
@@ -0,0 +1,2 @@
+Login       Failures Maximum Latest                   On
+
diff --git a/tests/log/faillog/03_faillog_format/data/lastlog.out b/tests/log/faillog/03_faillog_format/data/lastlog.out
new file mode 100644
index 0000000..280e1ab
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/data/lastlog.out
@@ -0,0 +1,20 @@
+Username         Port     From             Latest
+root                                       **Never logged in**
+daemon                                     **Never logged in**
+bin                                        **Never logged in**
+sys                                        **Never logged in**
+sync                                       **Never logged in**
+games                                      **Never logged in**
+man                                        **Never logged in**
+lp                                         **Never logged in**
+mail                                       **Never logged in**
+news                                       **Never logged in**
+uucp                                       **Never logged in**
+proxy                                      **Never logged in**
+www-data                                   **Never logged in**
+backup                                     **Never logged in**
+list                                       **Never logged in**
+irc                                        **Never logged in**
+gnats                                      **Never logged in**
+nobody                                     **Never logged in**
+Debian-exim                                **Never logged in**
diff --git a/tests/log/faillog/03_faillog_format/faillog.test b/tests/log/faillog/03_faillog_format/faillog.test
new file mode 100755
index 0000000..489776e
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+cp data/faillog.out tmp/faillog.out1
+cp data/faillog.out tmp/faillog.out2
+TTY=$(ls /dev/pts | sort -n|tail -1)
+TTY=$((TTY+1))
+
+DATE=$(LC_ALL=C date +"%D %H:%M:%S %z")
+# pam_tally do not report the line of failure ?
+printf "%-9s   %5d    %5d   %s  %s\n" foo 1 0 "$DATE" "">> tmp/faillog.out1
+
+echo -n "Trigger a connection as foo..."
+./login.exp
+echo "OK"
+
+DATE=$(LC_ALL=C date +"%D %H:%M:%S %z")
+# pam_tally do not report the line of failure ?
+printf "%-9s   %5d    %5d   %s  %s\n" foo 1 0 "$DATE" "">> tmp/faillog.out2
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the faillog message..."
+diff -au tmp/faillog.out tmp/faillog.out1 || diff -au tmp/faillog.out tmp/faillog.out2
+echo "faillog message OK."
+rm -f tmp/faillog.out tmp/faillog.out1 tmp/faillog.out2
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/03_faillog_format/login.exp b/tests/log/faillog/03_faillog_format/login.exp
new file mode 100755
index 0000000..bb91e57
--- /dev/null
+++ b/tests/log/faillog/03_faillog_format/login.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login foo\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/04_faillog_mulitple/config.txt b/tests/log/faillog/04_faillog_mulitple/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/04_faillog_mulitple/config/etc/group b/tests/log/faillog/04_faillog_mulitple/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/04_faillog_mulitple/config/etc/gshadow b/tests/log/faillog/04_faillog_mulitple/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/04_faillog_mulitple/config/etc/pam.d/login b/tests/log/faillog/04_faillog_mulitple/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/04_faillog_mulitple/config/etc/passwd b/tests/log/faillog/04_faillog_mulitple/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/04_faillog_mulitple/config/etc/shadow b/tests/log/faillog/04_faillog_mulitple/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/04_faillog_mulitple/data/faillog.list b/tests/log/faillog/04_faillog_mulitple/data/faillog.list
new file mode 100644
index 0000000..cb1d37b
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1        0  
+foo             1        0  
+baz             1        0  
diff --git a/tests/log/faillog/04_faillog_mulitple/faillog.test b/tests/log/faillog/04_faillog_mulitple/faillog.test
new file mode 100755
index 0000000..2184ee8
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/faillog.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/04_faillog_mulitple/login.exp b/tests/log/faillog/04_faillog_mulitple/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/04_faillog_mulitple/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/05_faillog-u_ID/config.txt b/tests/log/faillog/05_faillog-u_ID/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/05_faillog-u_ID/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/05_faillog-u_ID/config/etc/group b/tests/log/faillog/05_faillog-u_ID/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/05_faillog-u_ID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/05_faillog-u_ID/config/etc/gshadow b/tests/log/faillog/05_faillog-u_ID/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/05_faillog-u_ID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/05_faillog-u_ID/config/etc/passwd b/tests/log/faillog/05_faillog-u_ID/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/05_faillog-u_ID/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/05_faillog-u_ID/config/etc/shadow b/tests/log/faillog/05_faillog-u_ID/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/05_faillog-u_ID/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/05_faillog-u_ID/data/faillog.list b/tests/log/faillog/05_faillog-u_ID/data/faillog.list
new file mode 100644
index 0000000..3a1241d
--- /dev/null
+++ b/tests/log/faillog/05_faillog-u_ID/data/faillog.list
@@ -0,0 +1,3 @@
+Login       Failures Maximum
+
+bar             0        0  
diff --git a/tests/log/faillog/05_faillog-u_ID/faillog.test b/tests/log/faillog/05_faillog-u_ID/faillog.test
new file mode 100755
index 0000000..42382d0
--- /dev/null
+++ b/tests/log/faillog/05_faillog-u_ID/faillog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u 1001..."
+faillog -u 1001> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/06_faillog-u_name/config.txt b/tests/log/faillog/06_faillog-u_name/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/06_faillog-u_name/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/06_faillog-u_name/config/etc/group b/tests/log/faillog/06_faillog-u_name/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/06_faillog-u_name/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/06_faillog-u_name/config/etc/gshadow b/tests/log/faillog/06_faillog-u_name/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/06_faillog-u_name/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/06_faillog-u_name/config/etc/passwd b/tests/log/faillog/06_faillog-u_name/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/06_faillog-u_name/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/06_faillog-u_name/config/etc/shadow b/tests/log/faillog/06_faillog-u_name/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/06_faillog-u_name/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/06_faillog-u_name/data/faillog.list b/tests/log/faillog/06_faillog-u_name/data/faillog.list
new file mode 100644
index 0000000..a635b62
--- /dev/null
+++ b/tests/log/faillog/06_faillog-u_name/data/faillog.list
@@ -0,0 +1,3 @@
+Login
+
+baz
diff --git a/tests/log/faillog/06_faillog-u_name/faillog.test b/tests/log/faillog/06_faillog-u_name/faillog.test
new file mode 100755
index 0000000..1061e20
--- /dev/null
+++ b/tests/log/faillog/06_faillog-u_name/faillog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u baz..."
+faillog -u baz> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/faillog.out | cut -d" " -f1 > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/config.txt b/tests/log/faillog/07_faillog-u_ID_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/07_faillog-u_ID_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/group b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/gshadow b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/passwd b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/shadow b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/07_faillog-u_ID_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/data/faillog.list b/tests/log/faillog/07_faillog-u_ID_invalid/data/faillog.list
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/log/faillog/07_faillog-u_ID_invalid/data/faillog.list
diff --git a/tests/log/faillog/07_faillog-u_ID_invalid/faillog.test b/tests/log/faillog/07_faillog-u_ID_invalid/faillog.test
new file mode 100755
index 0000000..7f8bd7b
--- /dev/null
+++ b/tests/log/faillog/07_faillog-u_ID_invalid/faillog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u 1003..."
+faillog -u 1003> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+diff -au data/faillog.list tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/08_faillog-u_name_invalid/config.txt b/tests/log/faillog/08_faillog-u_name_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/08_faillog-u_name_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/08_faillog-u_name_invalid/config/etc/group b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/08_faillog-u_name_invalid/config/etc/gshadow b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/08_faillog-u_name_invalid/config/etc/passwd b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/08_faillog-u_name_invalid/config/etc/shadow b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/08_faillog-u_name_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/08_faillog-u_name_invalid/data/faillog.err b/tests/log/faillog/08_faillog-u_name_invalid/data/faillog.err
new file mode 100644
index 0000000..402e2c6
--- /dev/null
+++ b/tests/log/faillog/08_faillog-u_name_invalid/data/faillog.err
@@ -0,0 +1 @@
+faillog: Unknown user or range: me
diff --git a/tests/log/faillog/08_faillog-u_name_invalid/faillog.test b/tests/log/faillog/08_faillog-u_name_invalid/faillog.test
new file mode 100755
index 0000000..8b2348c
--- /dev/null
+++ b/tests/log/faillog/08_faillog-u_name_invalid/faillog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u me..."
+faillog -u me 2>tmp/faillog.err && exit 1 || {
+	status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/faillog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/faillog.err tmp/faillog.err
+echo "message OK."
+rm -f tmp/faillog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/09_faillog-u_range/config.txt b/tests/log/faillog/09_faillog-u_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/09_faillog-u_range/config/etc/group b/tests/log/faillog/09_faillog-u_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/09_faillog-u_range/config/etc/gshadow b/tests/log/faillog/09_faillog-u_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/09_faillog-u_range/config/etc/pam.d/login b/tests/log/faillog/09_faillog-u_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/09_faillog-u_range/config/etc/passwd b/tests/log/faillog/09_faillog-u_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/09_faillog-u_range/config/etc/shadow b/tests/log/faillog/09_faillog-u_range/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/09_faillog-u_range/data/faillog.list b/tests/log/faillog/09_faillog-u_range/data/faillog.list
new file mode 100644
index 0000000..c4984b9
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/data/faillog.list
@@ -0,0 +1,4 @@
+Login       Failures Maximum
+
+irc             1        0  
+foo             1        0  
diff --git a/tests/log/faillog/09_faillog-u_range/faillog.test b/tests/log/faillog/09_faillog-u_range/faillog.test
new file mode 100755
index 0000000..53ef9f6
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/faillog.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+
+echo -n "Trigger a connection as irc..."
+./login.exp irc
+echo "OK"
+
+echo -n "faillog -u 38-1001..."
+faillog -u 38-1001> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/09_faillog-u_range/login.exp b/tests/log/faillog/09_faillog-u_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/09_faillog-u_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/10_faillog-u_open_range/config.txt b/tests/log/faillog/10_faillog-u_open_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/10_faillog-u_open_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/10_faillog-u_open_range/config/etc/group b/tests/log/faillog/10_faillog-u_open_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/10_faillog-u_open_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/10_faillog-u_open_range/config/etc/gshadow b/tests/log/faillog/10_faillog-u_open_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/10_faillog-u_open_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/10_faillog-u_open_range/config/etc/passwd b/tests/log/faillog/10_faillog-u_open_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/10_faillog-u_open_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/10_faillog-u_open_range/config/etc/shadow b/tests/log/faillog/10_faillog-u_open_range/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/10_faillog-u_open_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/10_faillog-u_open_range/data/faillog.list b/tests/log/faillog/10_faillog-u_open_range/data/faillog.list
new file mode 100644
index 0000000..a6afb8c
--- /dev/null
+++ b/tests/log/faillog/10_faillog-u_open_range/data/faillog.list
@@ -0,0 +1,22 @@
+Login       Failures Maximum
+
+root            0        0  
+daemon          0        0  
+bin             0        0  
+bar             0        0  
+sys             0        0  
+sync            0        0  
+games           0        0  
+man             0        0  
+lp              0        0  
+mail            0        0  
+news            0        0  
+uucp            0        0  
+proxy           0        0  
+www-data        0        0  
+backup          0        0  
+list            0        0  
+irc             0        0  
+gnats           0        0  
+Debian-exim       0        0
+foo             0        0  
diff --git a/tests/log/faillog/10_faillog-u_open_range/faillog.test b/tests/log/faillog/10_faillog-u_open_range/faillog.test
new file mode 100755
index 0000000..9587bb9
--- /dev/null
+++ b/tests/log/faillog/10_faillog-u_open_range/faillog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog supports open ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u -1001..."
+faillog -a -u -1001> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/11_faillog-u_range_open/config.txt b/tests/log/faillog/11_faillog-u_range_open/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/11_faillog-u_range_open/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/11_faillog-u_range_open/config/etc/group b/tests/log/faillog/11_faillog-u_range_open/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/11_faillog-u_range_open/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/11_faillog-u_range_open/config/etc/gshadow b/tests/log/faillog/11_faillog-u_range_open/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/11_faillog-u_range_open/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/11_faillog-u_range_open/config/etc/passwd b/tests/log/faillog/11_faillog-u_range_open/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/11_faillog-u_range_open/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/11_faillog-u_range_open/config/etc/shadow b/tests/log/faillog/11_faillog-u_range_open/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/11_faillog-u_range_open/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/11_faillog-u_range_open/data/faillog.list b/tests/log/faillog/11_faillog-u_range_open/data/faillog.list
new file mode 100644
index 0000000..555ada5
--- /dev/null
+++ b/tests/log/faillog/11_faillog-u_range_open/data/faillog.list
@@ -0,0 +1,10 @@
+Login       Failures Maximum
+
+bar             0        0  
+list            0        0  
+irc             0        0  
+gnats           0        0  
+nobody          0        0  
+Debian-exim       0        0
+foo             0        0  
+baz             0        0  
diff --git a/tests/log/faillog/11_faillog-u_range_open/faillog.test b/tests/log/faillog/11_faillog-u_range_open/faillog.test
new file mode 100755
index 0000000..30c7728
--- /dev/null
+++ b/tests/log/faillog/11_faillog-u_range_open/faillog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog supports open ranges (2)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u 38-..."
+faillog -a -u 38-> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/config.txt b/tests/log/faillog/12_faillog-u_range_invalid1/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/12_faillog-u_range_invalid1/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/group b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/gshadow b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/passwd b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/shadow b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/12_faillog-u_range_invalid1/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/data/faillog.err b/tests/log/faillog/12_faillog-u_range_invalid1/data/faillog.err
new file mode 100644
index 0000000..56b4173
--- /dev/null
+++ b/tests/log/faillog/12_faillog-u_range_invalid1/data/faillog.err
@@ -0,0 +1 @@
+faillog: Unknown user or range: foo-bar
diff --git a/tests/log/faillog/12_faillog-u_range_invalid1/faillog.test b/tests/log/faillog/12_faillog-u_range_invalid1/faillog.test
new file mode 100755
index 0000000..9a73394
--- /dev/null
+++ b/tests/log/faillog/12_faillog-u_range_invalid1/faillog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u foo-bar..."
+faillog -u foo-bar 2>tmp/faillog.err && exit 1 || {
+	status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/faillog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/faillog.err tmp/faillog.err
+echo "message OK."
+rm -f tmp/faillog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/config.txt b/tests/log/faillog/13_faillog-u_range_invalid2/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/13_faillog-u_range_invalid2/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/group b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/gshadow b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/passwd b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/shadow b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/13_faillog-u_range_invalid2/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/data/faillog.err b/tests/log/faillog/13_faillog-u_range_invalid2/data/faillog.err
new file mode 100644
index 0000000..e9f6720
--- /dev/null
+++ b/tests/log/faillog/13_faillog-u_range_invalid2/data/faillog.err
@@ -0,0 +1 @@
+faillog: Unknown user or range: foo-
diff --git a/tests/log/faillog/13_faillog-u_range_invalid2/faillog.test b/tests/log/faillog/13_faillog-u_range_invalid2/faillog.test
new file mode 100755
index 0000000..14f7170
--- /dev/null
+++ b/tests/log/faillog/13_faillog-u_range_invalid2/faillog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u foo-..."
+faillog -u foo- 2>tmp/faillog.err && exit 1 || {
+	status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/faillog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/faillog.err tmp/faillog.err
+echo "message OK."
+rm -f tmp/faillog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/config.txt b/tests/log/faillog/14_faillog-u_range_invalid3/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/14_faillog-u_range_invalid3/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/group b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/gshadow b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/passwd b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/shadow b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/14_faillog-u_range_invalid3/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/data/faillog.err b/tests/log/faillog/14_faillog-u_range_invalid3/data/faillog.err
new file mode 100644
index 0000000..33c3b8c
--- /dev/null
+++ b/tests/log/faillog/14_faillog-u_range_invalid3/data/faillog.err
@@ -0,0 +1 @@
+faillog: Unknown user or range: -foo
diff --git a/tests/log/faillog/14_faillog-u_range_invalid3/faillog.test b/tests/log/faillog/14_faillog-u_range_invalid3/faillog.test
new file mode 100755
index 0000000..fdd0027
--- /dev/null
+++ b/tests/log/faillog/14_faillog-u_range_invalid3/faillog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -u -foo..."
+faillog -u -foo 2>tmp/faillog.err && exit 1 || {
+	status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/faillog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/faillog.err tmp/faillog.err
+echo "message OK."
+rm -f tmp/faillog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/15_faillog_bad_option/config.txt b/tests/log/faillog/15_faillog_bad_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/faillog/15_faillog_bad_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/faillog/15_faillog_bad_option/config/etc/group b/tests/log/faillog/15_faillog_bad_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/faillog/15_faillog_bad_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/faillog/15_faillog_bad_option/config/etc/gshadow b/tests/log/faillog/15_faillog_bad_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/faillog/15_faillog_bad_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/faillog/15_faillog_bad_option/config/etc/passwd b/tests/log/faillog/15_faillog_bad_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/faillog/15_faillog_bad_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/faillog/15_faillog_bad_option/config/etc/shadow b/tests/log/faillog/15_faillog_bad_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/faillog/15_faillog_bad_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/15_faillog_bad_option/data/usage.out b/tests/log/faillog/15_faillog_bad_option/data/usage.out
new file mode 100644
index 0000000..0644274
--- /dev/null
+++ b/tests/log/faillog/15_faillog_bad_option/data/usage.out
@@ -0,0 +1,15 @@
+faillog: invalid option -- 'Z'
+Usage: faillog [options]
+
+Options:
+  -a, --all                     display faillog records for all users
+  -h, --help                    display this help message and exit
+  -l, --lock-secs SEC           after failed login lock account for SEC seconds
+  -m, --maximum MAX             set maximum failed login counters to MAX
+  -r, --reset                   reset the counters of login failures
+  -R, --root CHROOT_DIR         directory to chroot into
+  -t, --time DAYS               display faillog records more recent than DAYS
+  -u, --user LOGIN/RANGE        display faillog record or maintains failure
+                                counters and limits (if used with -r, -m,
+                                or -l) only for the specified LOGIN(s)
+
diff --git a/tests/log/faillog/15_faillog_bad_option/faillog.test b/tests/log/faillog/15_faillog_bad_option/faillog.test
new file mode 100755
index 0000000..3e566cd
--- /dev/null
+++ b/tests/log/faillog/15_faillog_bad_option/faillog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get faillog usage (faillog -Z)..."
+faillog -Z 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/16_faillog_extra_arg/config.txt b/tests/log/faillog/16_faillog_extra_arg/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/faillog/16_faillog_extra_arg/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/faillog/16_faillog_extra_arg/config/etc/group b/tests/log/faillog/16_faillog_extra_arg/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/faillog/16_faillog_extra_arg/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/faillog/16_faillog_extra_arg/config/etc/gshadow b/tests/log/faillog/16_faillog_extra_arg/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/faillog/16_faillog_extra_arg/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/faillog/16_faillog_extra_arg/config/etc/passwd b/tests/log/faillog/16_faillog_extra_arg/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/faillog/16_faillog_extra_arg/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/faillog/16_faillog_extra_arg/config/etc/shadow b/tests/log/faillog/16_faillog_extra_arg/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/faillog/16_faillog_extra_arg/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/16_faillog_extra_arg/data/usage.out b/tests/log/faillog/16_faillog_extra_arg/data/usage.out
new file mode 100644
index 0000000..1ec1fa2
--- /dev/null
+++ b/tests/log/faillog/16_faillog_extra_arg/data/usage.out
@@ -0,0 +1,15 @@
+faillog: unexpected argument: foo
+Usage: faillog [options]
+
+Options:
+  -a, --all                     display faillog records for all users
+  -h, --help                    display this help message and exit
+  -l, --lock-secs SEC           after failed login lock account for SEC seconds
+  -m, --maximum MAX             set maximum failed login counters to MAX
+  -r, --reset                   reset the counters of login failures
+  -R, --root CHROOT_DIR         directory to chroot into
+  -t, --time DAYS               display faillog records more recent than DAYS
+  -u, --user LOGIN/RANGE        display faillog record or maintains failure
+                                counters and limits (if used with -r, -m,
+                                or -l) only for the specified LOGIN(s)
+
diff --git a/tests/log/faillog/16_faillog_extra_arg/faillog.test b/tests/log/faillog/16_faillog_extra_arg/faillog.test
new file mode 100755
index 0000000..09770ca
--- /dev/null
+++ b/tests/log/faillog/16_faillog_extra_arg/faillog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog checks if there are extra arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get faillog usage (faillog foo)..."
+faillog foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/17_faillog-t/config.txt b/tests/log/faillog/17_faillog-t/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/17_faillog-t/config/etc/group b/tests/log/faillog/17_faillog-t/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/17_faillog-t/config/etc/gshadow b/tests/log/faillog/17_faillog-t/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/17_faillog-t/config/etc/pam.d/login b/tests/log/faillog/17_faillog-t/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/17_faillog-t/config/etc/passwd b/tests/log/faillog/17_faillog-t/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/17_faillog-t/config/etc/shadow b/tests/log/faillog/17_faillog-t/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/17_faillog-t/data/faillog.list b/tests/log/faillog/17_faillog-t/data/faillog.list
new file mode 100644
index 0000000..f5d3d8c
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/data/faillog.list
@@ -0,0 +1,4 @@
+Login       Failures Maximum
+
+bar             1        0  
+foo             1        0  
diff --git a/tests/log/faillog/17_faillog-t/faillog.test b/tests/log/faillog/17_faillog-t/faillog.test
new file mode 100755
index 0000000..217a63b
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/faillog.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+LD_PRELOAD=../../../common/time_past.so PAST_DAYS=2 ./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+LD_PRELOAD=../../../common/time_past.so PAST_DAYS=4 ./login.exp baz
+echo "OK"
+
+echo -n "faillog..."
+faillog -t 3 > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/17_faillog-t/login.exp b/tests/log/faillog/17_faillog-t/login.exp
new file mode 100755
index 0000000..66de74b
--- /dev/null
+++ b/tests/log/faillog/17_faillog-t/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login -p $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/18_faillog-t_invalid/config.txt b/tests/log/faillog/18_faillog-t_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/18_faillog-t_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/18_faillog-t_invalid/config/etc/group b/tests/log/faillog/18_faillog-t_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/18_faillog-t_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/18_faillog-t_invalid/config/etc/gshadow b/tests/log/faillog/18_faillog-t_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/18_faillog-t_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/18_faillog-t_invalid/config/etc/passwd b/tests/log/faillog/18_faillog-t_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/18_faillog-t_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/18_faillog-t_invalid/config/etc/shadow b/tests/log/faillog/18_faillog-t_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/18_faillog-t_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/18_faillog-t_invalid/data/faillog.err b/tests/log/faillog/18_faillog-t_invalid/data/faillog.err
new file mode 100644
index 0000000..009c0f6
--- /dev/null
+++ b/tests/log/faillog/18_faillog-t_invalid/data/faillog.err
@@ -0,0 +1 @@
+faillog: invalid numeric argument 'bad'
diff --git a/tests/log/faillog/18_faillog-t_invalid/faillog.test b/tests/log/faillog/18_faillog-t_invalid/faillog.test
new file mode 100755
index 0000000..0405bca
--- /dev/null
+++ b/tests/log/faillog/18_faillog-t_invalid/faillog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -t bad..."
+faillog -t bad 2>tmp/faillog.err && exit 1 || {
+	status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/faillog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/faillog.err tmp/faillog.err
+echo "message OK."
+rm -f tmp/faillog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config.txt b/tests/log/faillog/19_faillog_multiple_same_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config/etc/group b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config/etc/gshadow b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config/etc/pam.d/login b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config/etc/passwd b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/config/etc/shadow b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/data/faillog.list b/tests/log/faillog/19_faillog_multiple_same_user/data/faillog.list
new file mode 100644
index 0000000..935d843
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             2        0  
+foo             1        0  
+baz             1        0  
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/faillog.test b/tests/log/faillog/19_faillog_multiple_same_user/faillog.test
new file mode 100755
index 0000000..21a6fff
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/faillog.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/19_faillog_multiple_same_user/login.exp b/tests/log/faillog/19_faillog_multiple_same_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/19_faillog_multiple_same_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/20_faillog-r-u/config.txt b/tests/log/faillog/20_faillog-r-u/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/20_faillog-r-u/config/etc/group b/tests/log/faillog/20_faillog-r-u/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/20_faillog-r-u/config/etc/gshadow b/tests/log/faillog/20_faillog-r-u/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/20_faillog-r-u/config/etc/pam.d/login b/tests/log/faillog/20_faillog-r-u/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/20_faillog-r-u/config/etc/passwd b/tests/log/faillog/20_faillog-r-u/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/20_faillog-r-u/config/etc/shadow b/tests/log/faillog/20_faillog-r-u/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/20_faillog-r-u/data/faillog.list b/tests/log/faillog/20_faillog-r-u/data/faillog.list
new file mode 100644
index 0000000..12c3f70
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1        0  
+foo             1        0  
+baz             0        0  
diff --git a/tests/log/faillog/20_faillog-r-u/faillog.test b/tests/log/faillog/20_faillog-r-u/faillog.test
new file mode 100755
index 0000000..4aa3d90
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/faillog.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -r -u baz)..."
+faillog -r -u baz
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/20_faillog-r-u/login.exp b/tests/log/faillog/20_faillog-r-u/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/20_faillog-r-u/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/21_faillog-r-u_range/config.txt b/tests/log/faillog/21_faillog-r-u_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/21_faillog-r-u_range/config/etc/group b/tests/log/faillog/21_faillog-r-u_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/21_faillog-r-u_range/config/etc/gshadow b/tests/log/faillog/21_faillog-r-u_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/21_faillog-r-u_range/config/etc/pam.d/login b/tests/log/faillog/21_faillog-r-u_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/21_faillog-r-u_range/config/etc/passwd b/tests/log/faillog/21_faillog-r-u_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/21_faillog-r-u_range/config/etc/shadow b/tests/log/faillog/21_faillog-r-u_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/21_faillog-r-u_range/data/faillog.list b/tests/log/faillog/21_faillog-r-u_range/data/faillog.list
new file mode 100644
index 0000000..fd0df36
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             0        0  
+foo             0        0  
+baz             1        0  
diff --git a/tests/log/faillog/21_faillog-r-u_range/faillog.test b/tests/log/faillog/21_faillog-r-u_range/faillog.test
new file mode 100755
index 0000000..1b89358
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/faillog.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset users (faillog -r -u 1000-1001)..."
+faillog -r -u 1000-1001
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/21_faillog-r-u_range/login.exp b/tests/log/faillog/21_faillog-r-u_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/21_faillog-r-u_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/22_faillog_removed_user/config.txt b/tests/log/faillog/22_faillog_removed_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/22_faillog_removed_user/config/etc/group b/tests/log/faillog/22_faillog_removed_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/22_faillog_removed_user/config/etc/gshadow b/tests/log/faillog/22_faillog_removed_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/22_faillog_removed_user/config/etc/pam.d/login b/tests/log/faillog/22_faillog_removed_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/22_faillog_removed_user/config/etc/passwd b/tests/log/faillog/22_faillog_removed_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/22_faillog_removed_user/config/etc/shadow b/tests/log/faillog/22_faillog_removed_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/22_faillog_removed_user/data/faillog.list b/tests/log/faillog/22_faillog_removed_user/data/faillog.list
new file mode 100644
index 0000000..09f68d0
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/data/faillog.list
@@ -0,0 +1,4 @@
+Login       Failures Maximum
+
+foo             1        0  
+baz             1        0  
diff --git a/tests/log/faillog/22_faillog_removed_user/faillog.test b/tests/log/faillog/22_faillog_removed_user/faillog.test
new file mode 100755
index 0000000..d72ee5b
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove user bar from passwd and shadow..."
+sed -e '/^bar:/d' -i /etc/passwd
+sed -e '/^bar:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/22_faillog_removed_user/login.exp b/tests/log/faillog/22_faillog_removed_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/22_faillog_removed_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/23_faillog-a_removed_user/config.txt b/tests/log/faillog/23_faillog-a_removed_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/23_faillog-a_removed_user/config/etc/group b/tests/log/faillog/23_faillog-a_removed_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/23_faillog-a_removed_user/config/etc/gshadow b/tests/log/faillog/23_faillog-a_removed_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/23_faillog-a_removed_user/config/etc/pam.d/login b/tests/log/faillog/23_faillog-a_removed_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/23_faillog-a_removed_user/config/etc/passwd b/tests/log/faillog/23_faillog-a_removed_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/23_faillog-a_removed_user/config/etc/shadow b/tests/log/faillog/23_faillog-a_removed_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/23_faillog-a_removed_user/data/faillog.list b/tests/log/faillog/23_faillog-a_removed_user/data/faillog.list
new file mode 100644
index 0000000..1eb072b
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/data/faillog.list
@@ -0,0 +1,23 @@
+Login       Failures Maximum
+
+root            0        0  
+daemon          0        0  
+bin             0        0  
+sys             0        0  
+sync            0        0  
+games           0        0  
+man             0        0  
+lp              0        0  
+mail            0        0  
+news            0        0  
+uucp            0        0  
+proxy           0        0  
+www-data        0        0  
+backup          0        0  
+list            0        0  
+irc             0        0  
+gnats           0        0  
+nobody          0        0  
+Debian-exim       0        0
+foo             1        0  
+baz             1        0  
diff --git a/tests/log/faillog/23_faillog-a_removed_user/faillog.test b/tests/log/faillog/23_faillog-a_removed_user/faillog.test
new file mode 100755
index 0000000..c440672
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove user bar from passwd and shadow..."
+sed -e '/^bar:/d' -i /etc/passwd
+sed -e '/^bar:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "faillog..."
+faillog -a> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/23_faillog-a_removed_user/login.exp b/tests/log/faillog/23_faillog-a_removed_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/23_faillog-a_removed_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/24_faillog-u_removed_user/config.txt b/tests/log/faillog/24_faillog-u_removed_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/24_faillog-u_removed_user/config/etc/group b/tests/log/faillog/24_faillog-u_removed_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/24_faillog-u_removed_user/config/etc/gshadow b/tests/log/faillog/24_faillog-u_removed_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/24_faillog-u_removed_user/config/etc/pam.d/login b/tests/log/faillog/24_faillog-u_removed_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/24_faillog-u_removed_user/config/etc/passwd b/tests/log/faillog/24_faillog-u_removed_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/24_faillog-u_removed_user/config/etc/shadow b/tests/log/faillog/24_faillog-u_removed_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/24_faillog-u_removed_user/data/faillog.list b/tests/log/faillog/24_faillog-u_removed_user/data/faillog.list
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/data/faillog.list
diff --git a/tests/log/faillog/24_faillog-u_removed_user/faillog.test b/tests/log/faillog/24_faillog-u_removed_user/faillog.test
new file mode 100755
index 0000000..d1fff47
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove user bar from passwd and shadow..."
+sed -e '/^bar:/d' -i /etc/passwd
+sed -e '/^bar:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "faillog -a -u 1001..."
+faillog -a -u 1001> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/24_faillog-u_removed_user/login.exp b/tests/log/faillog/24_faillog-u_removed_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/24_faillog-u_removed_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config.txt b/tests/log/faillog/25_faillog-r-u_removed_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/group b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/gshadow b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/pam.d/login b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/passwd b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/shadow b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/data/faillog.list b/tests/log/faillog/25_faillog-r-u_removed_user/data/faillog.list
new file mode 100644
index 0000000..1ad3edf
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/data/faillog.list
@@ -0,0 +1,24 @@
+Login       Failures Maximum
+
+root            0        0  
+daemon          0        0  
+bin             0        0  
+bar             0        0  
+sys             0        0  
+sync            0        0  
+games           0        0  
+man             0        0  
+lp              0        0  
+mail            0        0  
+news            0        0  
+uucp            0        0  
+proxy           0        0  
+www-data        0        0  
+backup          0        0  
+list            0        0  
+irc             0        0  
+gnats           0        0  
+nobody          0        0  
+Debian-exim       0        0
+foo             0        0  
+baz             0        0  
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/faillog.test b/tests/log/faillog/25_faillog-r-u_removed_user/faillog.test
new file mode 100755
index 0000000..f48435a
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/faillog.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+
+echo -n "Remove user bar from passwd and shadow..."
+cp -a /etc/passwd /etc/shadow tmp/
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "faillog -r -u 1000..."
+faillog -r -u 1000
+echo "OK."
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc
+echo "OK"
+
+echo -n "faillog..."
+faillog -a> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/25_faillog-r-u_removed_user/login.exp b/tests/log/faillog/25_faillog-r-u_removed_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/25_faillog-r-u_removed_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config.txt b/tests/log/faillog/26_faillog-r-u_range_removed_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/group b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/gshadow b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/pam.d/login b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/passwd b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/shadow b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/data/faillog.list b/tests/log/faillog/26_faillog-r-u_range_removed_user/data/faillog.list
new file mode 100644
index 0000000..0f9aacf
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/data/faillog.list
@@ -0,0 +1,24 @@
+Login       Failures Maximum
+
+root            0        0  
+daemon          0        0  
+bin             0        0  
+bar             0        0  
+sys             0        0  
+sync            0        0  
+games           0        0  
+man             0        0  
+lp              0        0  
+mail            0        0  
+news            0        0  
+uucp            0        0  
+proxy           0        0  
+www-data        0        0  
+backup          0        0  
+list            0        0  
+irc             0        0  
+gnats           0        0  
+nobody          0        0  
+Debian-exim       0        0
+foo             1        0  
+baz             0        0  
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/faillog.test b/tests/log/faillog/26_faillog-r-u_range_removed_user/faillog.test
new file mode 100755
index 0000000..5c140b9
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/faillog.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+
+echo -n "Remove user bar from passwd and shadow..."
+cp -a /etc/passwd /etc/shadow tmp/
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "faillog -r -u 40-2000..."
+faillog -r -u 40-2000
+echo "OK."
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc
+echo "OK"
+
+echo -n "faillog..."
+faillog -a> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/26_faillog-r-u_range_removed_user/login.exp b/tests/log/faillog/26_faillog-r-u_range_removed_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/26_faillog-r-u_range_removed_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config.txt b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/group b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/gshadow b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/pam.d/login b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/passwd b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/shadow b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/data/faillog.list b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/data/faillog.list
new file mode 100644
index 0000000..1ad3edf
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/data/faillog.list
@@ -0,0 +1,24 @@
+Login       Failures Maximum
+
+root            0        0  
+daemon          0        0  
+bin             0        0  
+bar             0        0  
+sys             0        0  
+sync            0        0  
+games           0        0  
+man             0        0  
+lp              0        0  
+mail            0        0  
+news            0        0  
+uucp            0        0  
+proxy           0        0  
+www-data        0        0  
+backup          0        0  
+list            0        0  
+irc             0        0  
+gnats           0        0  
+nobody          0        0  
+Debian-exim       0        0
+foo             0        0  
+baz             0        0  
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/faillog.test b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/faillog.test
new file mode 100755
index 0000000..ecf1f97
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/faillog.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp bar
+echo "OK"
+
+echo -n "Remove user bar from passwd and shadow..."
+cp -a /etc/passwd /etc/shadow tmp/
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+sed -e '/^bar:/d' -i /etc/passwd
+sed -e '/^bar:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "faillog -r -u 40-2000..."
+faillog -a -r -u 40-2000
+echo "OK."
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc
+echo "OK"
+
+echo -n "faillog..."
+faillog -a> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/27_faillog-r-a-u_range_removed_user/login.exp b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/27_faillog-r-a-u_range_removed_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config.txt b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/group b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/gshadow b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/pam.d/login b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/passwd b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/shadow b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/data/faillog.list b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/data/faillog.list
new file mode 100644
index 0000000..3544ec4
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/data/faillog.list
@@ -0,0 +1,24 @@
+Login       Failures Maximum
+
+root            0        0  
+daemon          0        0  
+bin             0        0  
+bar             1        0  
+sys             0        0  
+sync            0        0  
+games           0        0  
+man             0        0  
+lp              0        0  
+mail            0        0  
+news            0        0  
+uucp            0        0  
+proxy           0        0  
+www-data        0        0  
+backup          0        0  
+list            0        0  
+irc             0        0  
+gnats           0        0  
+nobody          0        0  
+Debian-exim       0        0
+foo             0        0  
+baz             0        0  
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/faillog.test b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/faillog.test
new file mode 100755
index 0000000..5790ad9
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/faillog.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp bar
+echo "OK"
+
+echo -n "Remove user bar from passwd and shadow..."
+cp -a /etc/passwd /etc/shadow tmp/
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+sed -e '/^bar:/d' -i /etc/passwd
+sed -e '/^bar:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "faillog -r -u -1000..."
+faillog -a -r -u -1000
+echo "OK."
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc
+echo "OK"
+
+echo -n "faillog..."
+faillog -a> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/login.exp b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/28_faillog-r-a-u_open_range_removed_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config.txt b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/group b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/gshadow b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/pam.d/login b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/passwd b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/shadow b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/data/faillog.list b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/data/faillog.list
new file mode 100644
index 0000000..0f9aacf
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/data/faillog.list
@@ -0,0 +1,24 @@
+Login       Failures Maximum
+
+root            0        0  
+daemon          0        0  
+bin             0        0  
+bar             0        0  
+sys             0        0  
+sync            0        0  
+games           0        0  
+man             0        0  
+lp              0        0  
+mail            0        0  
+news            0        0  
+uucp            0        0  
+proxy           0        0  
+www-data        0        0  
+backup          0        0  
+list            0        0  
+irc             0        0  
+gnats           0        0  
+nobody          0        0  
+Debian-exim       0        0
+foo             1        0  
+baz             0        0  
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/faillog.test b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/faillog.test
new file mode 100755
index 0000000..9579ca6
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/faillog.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp bar
+echo "OK"
+
+echo -n "Remove user bar from passwd and shadow..."
+cp -a /etc/passwd /etc/shadow tmp/
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+sed -e '/^bar:/d' -i /etc/passwd
+sed -e '/^bar:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "faillog -r -u 1001-..."
+faillog -a -r -u 1001-
+echo "OK."
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc
+echo "OK"
+
+echo -n "faillog..."
+faillog -a> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/login.exp b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/29_faillog-r-a-u_range_open_removed_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/30_faillog-r/config.txt b/tests/log/faillog/30_faillog-r/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/30_faillog-r/config/etc/group b/tests/log/faillog/30_faillog-r/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/30_faillog-r/config/etc/gshadow b/tests/log/faillog/30_faillog-r/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/30_faillog-r/config/etc/pam.d/login b/tests/log/faillog/30_faillog-r/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/30_faillog-r/config/etc/passwd b/tests/log/faillog/30_faillog-r/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/30_faillog-r/config/etc/shadow b/tests/log/faillog/30_faillog-r/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/30_faillog-r/data/faillog.list b/tests/log/faillog/30_faillog-r/data/faillog.list
new file mode 100644
index 0000000..d96a936
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             0        0  
+foo             0        0  
+baz             0        0  
diff --git a/tests/log/faillog/30_faillog-r/faillog.test b/tests/log/faillog/30_faillog-r/faillog.test
new file mode 100755
index 0000000..cfb441f
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/faillog.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -r)..."
+faillog -r
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/30_faillog-r/login.exp b/tests/log/faillog/30_faillog-r/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/30_faillog-r/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config.txt b/tests/log/faillog/31_faillog-r-u_open_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config/etc/group b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config/etc/gshadow b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config/etc/pam.d/login b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config/etc/passwd b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/config/etc/shadow b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/data/faillog.list b/tests/log/faillog/31_faillog-r-u_open_range/data/faillog.list
new file mode 100644
index 0000000..fd0df36
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             0        0  
+foo             0        0  
+baz             1        0  
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/faillog.test b/tests/log/faillog/31_faillog-r-u_open_range/faillog.test
new file mode 100755
index 0000000..9eb7beb
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/faillog.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset users count (faillog -r -u -1001)..."
+faillog -r -u -1001
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/31_faillog-r-u_open_range/login.exp b/tests/log/faillog/31_faillog-r-u_open_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/31_faillog-r-u_open_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/32_faillog-l/config.txt b/tests/log/faillog/32_faillog-l/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/32_faillog-l/config/etc/group b/tests/log/faillog/32_faillog-l/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/32_faillog-l/config/etc/gshadow b/tests/log/faillog/32_faillog-l/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/32_faillog-l/config/etc/pam.d/login b/tests/log/faillog/32_faillog-l/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/32_faillog-l/config/etc/passwd b/tests/log/faillog/32_faillog-l/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/32_faillog-l/config/etc/shadow b/tests/log/faillog/32_faillog-l/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/32_faillog-l/data/faillog.list b/tests/log/faillog/32_faillog-l/data/faillog.list
new file mode 100644
index 0000000..cb1d37b
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1        0  
+foo             1        0  
+baz             1        0  
diff --git a/tests/log/faillog/32_faillog-l/faillog.test b/tests/log/faillog/32_faillog-l/faillog.test
new file mode 100755
index 0000000..1e6360e
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/faillog.test
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -l 10)..."
+faillog -l 10
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "There should between 6 and 8 secondes remaining for baz..."
+grep "^baz .* \[[678]s left\]$" tmp/faillog.out
+echo "OK"
+echo "The lock is displayed as 10s for foo..."
+grep "^foo .* \[10s lock\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/32_faillog-l/login.exp b/tests/log/faillog/32_faillog-l/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/32_faillog-l/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/33_faillog-l-u_user/config.txt b/tests/log/faillog/33_faillog-l-u_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/33_faillog-l-u_user/config/etc/group b/tests/log/faillog/33_faillog-l-u_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/33_faillog-l-u_user/config/etc/gshadow b/tests/log/faillog/33_faillog-l-u_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/33_faillog-l-u_user/config/etc/pam.d/login b/tests/log/faillog/33_faillog-l-u_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/33_faillog-l-u_user/config/etc/passwd b/tests/log/faillog/33_faillog-l-u_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/33_faillog-l-u_user/config/etc/shadow b/tests/log/faillog/33_faillog-l-u_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/33_faillog-l-u_user/data/faillog.list b/tests/log/faillog/33_faillog-l-u_user/data/faillog.list
new file mode 100644
index 0000000..817ff45
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/data/faillog.list
@@ -0,0 +1 @@
+foo             1        0  
diff --git a/tests/log/faillog/33_faillog-l-u_user/faillog.test b/tests/log/faillog/33_faillog-l-u_user/faillog.test
new file mode 100755
index 0000000..f9ccf53
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/faillog.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -l 10 -u foo)..."
+faillog -l 10 -u foo
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+grep "left\|lock" tmp/faillog.out | cut -c-28 > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "The lock is displayed as 10s for foo..."
+grep "^foo .* \[10s lock\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/33_faillog-l-u_user/login.exp b/tests/log/faillog/33_faillog-l-u_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/33_faillog-l-u_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/34_faillog-l-u_range/config.txt b/tests/log/faillog/34_faillog-l-u_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/34_faillog-l-u_range/config/etc/group b/tests/log/faillog/34_faillog-l-u_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/34_faillog-l-u_range/config/etc/gshadow b/tests/log/faillog/34_faillog-l-u_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/34_faillog-l-u_range/config/etc/pam.d/login b/tests/log/faillog/34_faillog-l-u_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/34_faillog-l-u_range/config/etc/passwd b/tests/log/faillog/34_faillog-l-u_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/34_faillog-l-u_range/config/etc/shadow b/tests/log/faillog/34_faillog-l-u_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/34_faillog-l-u_range/data/faillog.list b/tests/log/faillog/34_faillog-l-u_range/data/faillog.list
new file mode 100644
index 0000000..cb1d37b
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1        0  
+foo             1        0  
+baz             1        0  
diff --git a/tests/log/faillog/34_faillog-l-u_range/faillog.test b/tests/log/faillog/34_faillog-l-u_range/faillog.test
new file mode 100755
index 0000000..980b95e
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/faillog.test
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -l 10 -u 1000-1001)..."
+faillog -l 10 -u 1000-1001
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "There should be between 3 and 5 secondes remaining for bar..."
+grep "^bar .* \[[345]s left\]$" tmp/faillog.out
+echo "OK"
+echo "The lock is displayed as 10s for foo..."
+grep "^foo .* \[10s lock\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/34_faillog-l-u_range/login.exp b/tests/log/faillog/34_faillog-l-u_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/34_faillog-l-u_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config.txt b/tests/log/faillog/35_faillog-l-u_open_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config/etc/group b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config/etc/gshadow b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config/etc/pam.d/login b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config/etc/passwd b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/config/etc/shadow b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/data/faillog.list b/tests/log/faillog/35_faillog-l-u_open_range/data/faillog.list
new file mode 100644
index 0000000..cb1d37b
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1        0  
+foo             1        0  
+baz             1        0  
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/faillog.test b/tests/log/faillog/35_faillog-l-u_open_range/faillog.test
new file mode 100755
index 0000000..3cc9655
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/faillog.test
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -l 10 -u -1001)..."
+faillog -l 10 -u -1001
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "There should be between 2 and 5 secondes remaining for bar..."
+grep "^bar .* \[[2345]s left\]$" tmp/faillog.out
+echo "OK"
+echo "The lock is displayed as 10s for foo..."
+grep "^foo .* \[10s lock\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/35_faillog-l-u_open_range/login.exp b/tests/log/faillog/35_faillog-l-u_open_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/35_faillog-l-u_open_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config.txt b/tests/log/faillog/36_faillog-l-u_range_open/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config/etc/group b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config/etc/gshadow b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config/etc/pam.d/login b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config/etc/passwd b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/config/etc/shadow b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/data/faillog.list b/tests/log/faillog/36_faillog-l-u_range_open/data/faillog.list
new file mode 100644
index 0000000..cb1d37b
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1        0  
+foo             1        0  
+baz             1        0  
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/faillog.test b/tests/log/faillog/36_faillog-l-u_range_open/faillog.test
new file mode 100755
index 0000000..caf0742
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/faillog.test
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -l 10 -u 1000-1001)..."
+faillog -l 10 -u 1001-
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "There should be 6 or 7 secondes remaining for baz..."
+grep "^baz .* \[[67]s left\]$" tmp/faillog.out
+echo "OK"
+echo "There should be 3 or 4 secondes remaining for bar..."
+grep "^bar .* \[[34]s left\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/36_faillog-l-u_range_open/login.exp b/tests/log/faillog/36_faillog-l-u_range_open/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/36_faillog-l-u_range_open/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config.txt b/tests/log/faillog/37_faillog-l-a-u_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config/etc/group b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config/etc/gshadow b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config/etc/pam.d/login b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config/etc/passwd b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/config/etc/shadow b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/data/faillog.list b/tests/log/faillog/37_faillog-l-a-u_user/data/faillog.list
new file mode 100644
index 0000000..817ff45
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/data/faillog.list
@@ -0,0 +1 @@
+foo             1        0  
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/faillog.test b/tests/log/faillog/37_faillog-l-a-u_user/faillog.test
new file mode 100755
index 0000000..9128abc
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/faillog.test
@@ -0,0 +1,70 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove user foo from passwd and shadow..."
+cp /etc/passwd /etc/shadow tmp/
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "reset old foo (faillog -l 10 -u 1000)..."
+faillog -l 10 -a -u 1000
+echo "OK"
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc/
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+grep "left\|lock" tmp/faillog.out | cut -c-28 > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "The lock is displayed as 10s for foo..."
+grep "^foo .* \[10s lock\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/37_faillog-l-a-u_user/login.exp b/tests/log/faillog/37_faillog-l-a-u_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/37_faillog-l-a-u_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config.txt b/tests/log/faillog/38_faillog-l-a-u_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config/etc/group b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config/etc/gshadow b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config/etc/pam.d/login b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config/etc/passwd b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/config/etc/shadow b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/data/faillog.list b/tests/log/faillog/38_faillog-l-a-u_range/data/faillog.list
new file mode 100644
index 0000000..cb1d37b
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1        0  
+foo             1        0  
+baz             1        0  
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/faillog.test b/tests/log/faillog/38_faillog-l-a-u_range/faillog.test
new file mode 100755
index 0000000..a585e17
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/faillog.test
@@ -0,0 +1,73 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 1
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove users foo, bar, baz from passwd and shadow..."
+cp /etc/passwd /etc/shadow tmp/
+sed -e '/^(foo|bar|baz):/d' -i /etc/passwd
+sed -e '/^(foo|bar|baz):/d' -i /etc/shadow
+echo "OK"
+
+echo -n "reset baz (faillog -l 10 -a -u 1000-1001)..."
+faillog -l 10 -a -u 1000-1001
+echo "OK"
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc/
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "There should be between 2 and 4 secondes remaining for bar..."
+grep "^bar .* \[[2-4]s left\]$" tmp/faillog.out
+echo "OK"
+echo "The lock is displayed as 10s for foo..."
+grep "^foo .* \[10s lock\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/38_faillog-l-a-u_range/login.exp b/tests/log/faillog/38_faillog-l-a-u_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/38_faillog-l-a-u_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config.txt b/tests/log/faillog/39_faillog-l-a-u_open_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/group b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/gshadow b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/pam.d/login b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/passwd b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/shadow b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/data/faillog.list b/tests/log/faillog/39_faillog-l-a-u_open_range/data/faillog.list
new file mode 100644
index 0000000..cb1d37b
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1        0  
+foo             1        0  
+baz             1        0  
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/faillog.test b/tests/log/faillog/39_faillog-l-a-u_open_range/faillog.test
new file mode 100755
index 0000000..b81b396
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/faillog.test
@@ -0,0 +1,73 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 1
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove users foo, bar, baz from passwd and shadow..."
+cp /etc/passwd /etc/shadow tmp/
+sed -e '/^(foo|bar|baz):/d' -i /etc/passwd
+sed -e '/^(foo|bar|baz):/d' -i /etc/shadow
+echo "OK"
+
+echo -n "reset baz (faillog -l 10 -a -u -1001)..."
+faillog -l 10 -a -u -1001
+echo "OK"
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc/
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "There should be between 2 and 4 secondes remaining for bar..."
+grep "^bar .* \[[234]s left\]$" tmp/faillog.out
+echo "OK"
+echo "The lock is displayed as 10s for foo..."
+grep "^foo .* \[10s lock\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/39_faillog-l-a-u_open_range/login.exp b/tests/log/faillog/39_faillog-l-a-u_open_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/39_faillog-l-a-u_open_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config.txt b/tests/log/faillog/40_faillog-l-a-u_range_open/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/group b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/gshadow b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/pam.d/login b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/passwd b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/shadow b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/data/faillog.list b/tests/log/faillog/40_faillog-l-a-u_range_open/data/faillog.list
new file mode 100644
index 0000000..cb1d37b
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1        0  
+foo             1        0  
+baz             1        0  
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/faillog.test b/tests/log/faillog/40_faillog-l-a-u_range_open/faillog.test
new file mode 100755
index 0000000..3f25fc5
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/faillog.test
@@ -0,0 +1,73 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 1
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove users foo, bar, baz from passwd and shadow..."
+cp /etc/passwd /etc/shadow tmp/
+sed -e '/^(foo|bar|baz):/d' -i /etc/passwd
+sed -e '/^(foo|bar|baz):/d' -i /etc/shadow
+echo "OK"
+
+echo -n "reset baz (faillog -a -l 10 -u 1001-)..."
+faillog -a -l 10 -u 1001-
+echo "OK"
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc/
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "There should be between 6 and 8 secondes remaining for baz..."
+grep "^baz .* \[[6-8]s left\]$" tmp/faillog.out
+echo "OK"
+echo "There should be between 2 and 4 secondes remaining for bar..."
+grep "^bar .* \[[2-4]s left\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/40_faillog-l-a-u_range_open/login.exp b/tests/log/faillog/40_faillog-l-a-u_range_open/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/40_faillog-l-a-u_range_open/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/41_faillog-l_invalid/config.txt b/tests/log/faillog/41_faillog-l_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/41_faillog-l_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/41_faillog-l_invalid/config/etc/group b/tests/log/faillog/41_faillog-l_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/41_faillog-l_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/41_faillog-l_invalid/config/etc/gshadow b/tests/log/faillog/41_faillog-l_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/41_faillog-l_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/41_faillog-l_invalid/config/etc/passwd b/tests/log/faillog/41_faillog-l_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/41_faillog-l_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/41_faillog-l_invalid/config/etc/shadow b/tests/log/faillog/41_faillog-l_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/41_faillog-l_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/41_faillog-l_invalid/data/faillog.err b/tests/log/faillog/41_faillog-l_invalid/data/faillog.err
new file mode 100644
index 0000000..009c0f6
--- /dev/null
+++ b/tests/log/faillog/41_faillog-l_invalid/data/faillog.err
@@ -0,0 +1 @@
+faillog: invalid numeric argument 'bad'
diff --git a/tests/log/faillog/41_faillog-l_invalid/faillog.test b/tests/log/faillog/41_faillog-l_invalid/faillog.test
new file mode 100755
index 0000000..3907eee
--- /dev/null
+++ b/tests/log/faillog/41_faillog-l_invalid/faillog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -l bad..."
+faillog -l bad 2>tmp/faillog.err && exit 1 || {
+	status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/faillog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/faillog.err tmp/faillog.err
+echo "message OK."
+rm -f tmp/faillog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/42_faillog-m/config.txt b/tests/log/faillog/42_faillog-m/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/42_faillog-m/config/etc/group b/tests/log/faillog/42_faillog-m/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/42_faillog-m/config/etc/gshadow b/tests/log/faillog/42_faillog-m/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/42_faillog-m/config/etc/pam.d/login b/tests/log/faillog/42_faillog-m/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/42_faillog-m/config/etc/passwd b/tests/log/faillog/42_faillog-m/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/42_faillog-m/config/etc/shadow b/tests/log/faillog/42_faillog-m/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/42_faillog-m/data/faillog.list b/tests/log/faillog/42_faillog-m/data/faillog.list
new file mode 100644
index 0000000..29b7516
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1       10  
+foo             1       10  
+baz             1       10  
diff --git a/tests/log/faillog/42_faillog-m/faillog.test b/tests/log/faillog/42_faillog-m/faillog.test
new file mode 100755
index 0000000..867d41c
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -m 10)..."
+faillog -m 10
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/42_faillog-m/login.exp b/tests/log/faillog/42_faillog-m/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/42_faillog-m/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/43_faillog-m-u_user/config.txt b/tests/log/faillog/43_faillog-m-u_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/43_faillog-m-u_user/config/etc/group b/tests/log/faillog/43_faillog-m-u_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/43_faillog-m-u_user/config/etc/gshadow b/tests/log/faillog/43_faillog-m-u_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/43_faillog-m-u_user/config/etc/pam.d/login b/tests/log/faillog/43_faillog-m-u_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/43_faillog-m-u_user/config/etc/passwd b/tests/log/faillog/43_faillog-m-u_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/43_faillog-m-u_user/config/etc/shadow b/tests/log/faillog/43_faillog-m-u_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/43_faillog-m-u_user/data/faillog.list b/tests/log/faillog/43_faillog-m-u_user/data/faillog.list
new file mode 100644
index 0000000..5ec2414
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1        0  
+foo             1       10  
+baz             1        0  
diff --git a/tests/log/faillog/43_faillog-m-u_user/faillog.test b/tests/log/faillog/43_faillog-m-u_user/faillog.test
new file mode 100755
index 0000000..d86c6ea
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -m 10 -u foo)..."
+faillog -m 10 -u foo
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/43_faillog-m-u_user/login.exp b/tests/log/faillog/43_faillog-m-u_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/43_faillog-m-u_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/44_faillog-m-u_range/config.txt b/tests/log/faillog/44_faillog-m-u_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/44_faillog-m-u_range/config/etc/group b/tests/log/faillog/44_faillog-m-u_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/44_faillog-m-u_range/config/etc/gshadow b/tests/log/faillog/44_faillog-m-u_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/44_faillog-m-u_range/config/etc/pam.d/login b/tests/log/faillog/44_faillog-m-u_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/44_faillog-m-u_range/config/etc/passwd b/tests/log/faillog/44_faillog-m-u_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/44_faillog-m-u_range/config/etc/shadow b/tests/log/faillog/44_faillog-m-u_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/44_faillog-m-u_range/data/faillog.list b/tests/log/faillog/44_faillog-m-u_range/data/faillog.list
new file mode 100644
index 0000000..9af27b0
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1       10  
+foo             1       10  
+baz             1        0  
diff --git a/tests/log/faillog/44_faillog-m-u_range/faillog.test b/tests/log/faillog/44_faillog-m-u_range/faillog.test
new file mode 100755
index 0000000..f410ac3
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -m 10 -u 1000-1001)..."
+faillog -m 10 -u 1000-1001
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/44_faillog-m-u_range/login.exp b/tests/log/faillog/44_faillog-m-u_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/44_faillog-m-u_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config.txt b/tests/log/faillog/45_faillog-m-u_open_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config/etc/group b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config/etc/gshadow b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config/etc/pam.d/login b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config/etc/passwd b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/config/etc/shadow b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/data/faillog.list b/tests/log/faillog/45_faillog-m-u_open_range/data/faillog.list
new file mode 100644
index 0000000..9af27b0
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1       10  
+foo             1       10  
+baz             1        0  
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/faillog.test b/tests/log/faillog/45_faillog-m-u_open_range/faillog.test
new file mode 100755
index 0000000..77d9202
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog can set the maximum number of fail logins for a range of users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -m 10 -u -1001)..."
+faillog -m 10 -u -1001
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/45_faillog-m-u_open_range/login.exp b/tests/log/faillog/45_faillog-m-u_open_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/45_faillog-m-u_open_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config.txt b/tests/log/faillog/46_faillog-m-u_range_open/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config/etc/group b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config/etc/gshadow b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config/etc/pam.d/login b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config/etc/passwd b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/config/etc/shadow b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/data/faillog.list b/tests/log/faillog/46_faillog-m-u_range_open/data/faillog.list
new file mode 100644
index 0000000..ea0845d
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1       10  
+foo             1        0  
+baz             1       10  
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/faillog.test b/tests/log/faillog/46_faillog-m-u_range_open/faillog.test
new file mode 100755
index 0000000..0bed617
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog can set the maximum number of fail logins for a range of users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "reset baz (faillog -m 10 -u 1000-1001)..."
+faillog -m 10 -u 1001-
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/46_faillog-m-u_range_open/login.exp b/tests/log/faillog/46_faillog-m-u_range_open/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/46_faillog-m-u_range_open/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config.txt b/tests/log/faillog/47_faillog-m-a-u_user/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config/etc/group b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config/etc/gshadow b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config/etc/pam.d/login b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config/etc/passwd b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/config/etc/shadow b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/data/faillog.list b/tests/log/faillog/47_faillog-m-a-u_user/data/faillog.list
new file mode 100644
index 0000000..5ec2414
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1        0  
+foo             1       10  
+baz             1        0  
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/faillog.test b/tests/log/faillog/47_faillog-m-a-u_user/faillog.test
new file mode 100755
index 0000000..64d7f6c
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/faillog.test
@@ -0,0 +1,67 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog can set the maximum number an removed user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 2
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove user foo from passwd and shadow..."
+cp /etc/passwd /etc/shadow tmp/
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+echo "OK"
+
+echo -n "reset old foo (faillog -m 10 -a -u 1000)..."
+faillog -m 10 -a -u 1000
+echo "OK"
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc/
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/47_faillog-m-a-u_user/login.exp b/tests/log/faillog/47_faillog-m-a-u_user/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/47_faillog-m-a-u_user/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config.txt b/tests/log/faillog/48_faillog-m-a-u_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config/etc/group b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config/etc/gshadow b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config/etc/pam.d/login b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config/etc/passwd b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/config/etc/shadow b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/data/faillog.list b/tests/log/faillog/48_faillog-m-a-u_range/data/faillog.list
new file mode 100644
index 0000000..9af27b0
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1       10  
+foo             1       10  
+baz             1        0  
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/faillog.test b/tests/log/faillog/48_faillog-m-a-u_range/faillog.test
new file mode 100755
index 0000000..cd35f27
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/faillog.test
@@ -0,0 +1,67 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 1
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove users foo, bar, baz from passwd and shadow..."
+cp /etc/passwd /etc/shadow tmp/
+sed -e '/^(foo|bar|baz):/d' -i /etc/passwd
+sed -e '/^(foo|bar|baz):/d' -i /etc/shadow
+echo "OK"
+
+echo -n "reset baz (faillog -m 10 -a -u 1000-1001)..."
+faillog -m 10 -a -u 1000-1001
+echo "OK"
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc/
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/48_faillog-m-a-u_range/login.exp b/tests/log/faillog/48_faillog-m-a-u_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/48_faillog-m-a-u_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config.txt b/tests/log/faillog/49_faillog-m-a-u_open_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/group b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/gshadow b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/pam.d/login b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/passwd b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/shadow b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/data/faillog.list b/tests/log/faillog/49_faillog-m-a-u_open_range/data/faillog.list
new file mode 100644
index 0000000..9af27b0
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1       10  
+foo             1       10  
+baz             1        0  
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/faillog.test b/tests/log/faillog/49_faillog-m-a-u_open_range/faillog.test
new file mode 100755
index 0000000..8b865b3
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/faillog.test
@@ -0,0 +1,67 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 1
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove users foo, bar, baz from passwd and shadow..."
+cp /etc/passwd /etc/shadow tmp/
+sed -e '/^(foo|bar|baz):/d' -i /etc/passwd
+sed -e '/^(foo|bar|baz):/d' -i /etc/shadow
+echo "OK"
+
+echo -n "reset baz (faillog -m 10 -a -u -1001)..."
+faillog -m 10 -a -u -1001
+echo "OK"
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc/
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/49_faillog-m-a-u_open_range/login.exp b/tests/log/faillog/49_faillog-m-a-u_open_range/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/49_faillog-m-a-u_open_range/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config.txt b/tests/log/faillog/50_faillog-m-a-u_range_open/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/group b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/gshadow b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/pam.d/login b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/passwd b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/shadow b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/data/faillog.list b/tests/log/faillog/50_faillog-m-a-u_range_open/data/faillog.list
new file mode 100644
index 0000000..ea0845d
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/data/faillog.list
@@ -0,0 +1,5 @@
+Login       Failures Maximum
+
+bar             1       10  
+foo             1        0  
+baz             1       10  
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/faillog.test b/tests/log/faillog/50_faillog-m-a-u_range_open/faillog.test
new file mode 100755
index 0000000..c315f7c
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/faillog.test
@@ -0,0 +1,67 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+sleep 1
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "Remove users foo, bar, baz from passwd and shadow..."
+cp /etc/passwd /etc/shadow tmp/
+sed -e '/^(foo|bar|baz):/d' -i /etc/passwd
+sed -e '/^(foo|bar|baz):/d' -i /etc/shadow
+echo "OK"
+
+echo -n "reset baz (faillog -m 10 -a -u 1001-)..."
+faillog -m 10 -a -u 1001-
+echo "OK"
+
+echo -n "Restore user foo..."
+mv tmp/passwd tmp/shadow /etc/
+echo "OK"
+
+echo -n "faillog..."
+faillog > tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/50_faillog-m-a-u_range_open/login.exp b/tests/log/faillog/50_faillog-m-a-u_range_open/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/50_faillog-m-a-u_range_open/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/51_faillog-m_invalid/config.txt b/tests/log/faillog/51_faillog-m_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/51_faillog-m_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/51_faillog-m_invalid/config/etc/group b/tests/log/faillog/51_faillog-m_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/51_faillog-m_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/51_faillog-m_invalid/config/etc/gshadow b/tests/log/faillog/51_faillog-m_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/51_faillog-m_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/51_faillog-m_invalid/config/etc/passwd b/tests/log/faillog/51_faillog-m_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/51_faillog-m_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/51_faillog-m_invalid/config/etc/shadow b/tests/log/faillog/51_faillog-m_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/faillog/51_faillog-m_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/51_faillog-m_invalid/data/faillog.err b/tests/log/faillog/51_faillog-m_invalid/data/faillog.err
new file mode 100644
index 0000000..009c0f6
--- /dev/null
+++ b/tests/log/faillog/51_faillog-m_invalid/data/faillog.err
@@ -0,0 +1 @@
+faillog: invalid numeric argument 'bad'
diff --git a/tests/log/faillog/51_faillog-m_invalid/faillog.test b/tests/log/faillog/51_faillog-m_invalid/faillog.test
new file mode 100755
index 0000000..9e49dbc
--- /dev/null
+++ b/tests/log/faillog/51_faillog-m_invalid/faillog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "faillog -m bad..."
+faillog -m bad 2>tmp/faillog.err && exit 1 || {
+	status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/faillog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/faillog.err tmp/faillog.err
+echo "message OK."
+rm -f tmp/faillog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/config.txt b/tests/log/faillog/52_faillog-t-l_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/faillog/52_faillog-t-l_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/group b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/gshadow b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/passwd b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/shadow b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/faillog/52_faillog-t-l_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/data/usage.out b/tests/log/faillog/52_faillog-t-l_exclusive/data/usage.out
new file mode 100644
index 0000000..d5d2839
--- /dev/null
+++ b/tests/log/faillog/52_faillog-t-l_exclusive/data/usage.out
@@ -0,0 +1,14 @@
+Usage: faillog [options]
+
+Options:
+  -a, --all                     display faillog records for all users
+  -h, --help                    display this help message and exit
+  -l, --lock-secs SEC           after failed login lock account for SEC seconds
+  -m, --maximum MAX             set maximum failed login counters to MAX
+  -r, --reset                   reset the counters of login failures
+  -R, --root CHROOT_DIR         directory to chroot into
+  -t, --time DAYS               display faillog records more recent than DAYS
+  -u, --user LOGIN/RANGE        display faillog record or maintains failure
+                                counters and limits (if used with -r, -m,
+                                or -l) only for the specified LOGIN(s)
+
diff --git a/tests/log/faillog/52_faillog-t-l_exclusive/faillog.test b/tests/log/faillog/52_faillog-t-l_exclusive/faillog.test
new file mode 100755
index 0000000..fee2889
--- /dev/null
+++ b/tests/log/faillog/52_faillog-t-l_exclusive/faillog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog does not accept -l and -t atthe same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Bad faillog usage (faillog -t 10 -l 10)..."
+faillog -t 10 -l 10 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/config.txt b/tests/log/faillog/53_faillog-t-m_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/faillog/53_faillog-t-m_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/group b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/gshadow b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/passwd b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/shadow b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/faillog/53_faillog-t-m_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/data/usage.out b/tests/log/faillog/53_faillog-t-m_exclusive/data/usage.out
new file mode 100644
index 0000000..d5d2839
--- /dev/null
+++ b/tests/log/faillog/53_faillog-t-m_exclusive/data/usage.out
@@ -0,0 +1,14 @@
+Usage: faillog [options]
+
+Options:
+  -a, --all                     display faillog records for all users
+  -h, --help                    display this help message and exit
+  -l, --lock-secs SEC           after failed login lock account for SEC seconds
+  -m, --maximum MAX             set maximum failed login counters to MAX
+  -r, --reset                   reset the counters of login failures
+  -R, --root CHROOT_DIR         directory to chroot into
+  -t, --time DAYS               display faillog records more recent than DAYS
+  -u, --user LOGIN/RANGE        display faillog record or maintains failure
+                                counters and limits (if used with -r, -m,
+                                or -l) only for the specified LOGIN(s)
+
diff --git a/tests/log/faillog/53_faillog-t-m_exclusive/faillog.test b/tests/log/faillog/53_faillog-t-m_exclusive/faillog.test
new file mode 100755
index 0000000..0844392
--- /dev/null
+++ b/tests/log/faillog/53_faillog-t-m_exclusive/faillog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog does not accept -m and -t atthe same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Bad faillog usage (faillog -t 1 -m 1)..."
+faillog -t 1 -m 1 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/config.txt b/tests/log/faillog/54_faillog-t-r_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/faillog/54_faillog-t-r_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/group b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/gshadow b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/passwd b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/shadow b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/faillog/54_faillog-t-r_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/data/usage.out b/tests/log/faillog/54_faillog-t-r_exclusive/data/usage.out
new file mode 100644
index 0000000..d5d2839
--- /dev/null
+++ b/tests/log/faillog/54_faillog-t-r_exclusive/data/usage.out
@@ -0,0 +1,14 @@
+Usage: faillog [options]
+
+Options:
+  -a, --all                     display faillog records for all users
+  -h, --help                    display this help message and exit
+  -l, --lock-secs SEC           after failed login lock account for SEC seconds
+  -m, --maximum MAX             set maximum failed login counters to MAX
+  -r, --reset                   reset the counters of login failures
+  -R, --root CHROOT_DIR         directory to chroot into
+  -t, --time DAYS               display faillog records more recent than DAYS
+  -u, --user LOGIN/RANGE        display faillog record or maintains failure
+                                counters and limits (if used with -r, -m,
+                                or -l) only for the specified LOGIN(s)
+
diff --git a/tests/log/faillog/54_faillog-t-r_exclusive/faillog.test b/tests/log/faillog/54_faillog-t-r_exclusive/faillog.test
new file mode 100755
index 0000000..72cf6c7
--- /dev/null
+++ b/tests/log/faillog/54_faillog-t-r_exclusive/faillog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "faillog does not accept -r and -t atthe same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Bad faillog usage (faillog -t -r)..."
+faillog -t 1 -r 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "faillog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/55_faillog_no_changes/config.txt b/tests/log/faillog/55_faillog_no_changes/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/55_faillog_no_changes/config/etc/group b/tests/log/faillog/55_faillog_no_changes/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/55_faillog_no_changes/config/etc/gshadow b/tests/log/faillog/55_faillog_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/55_faillog_no_changes/config/etc/pam.d/login b/tests/log/faillog/55_faillog_no_changes/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/55_faillog_no_changes/config/etc/passwd b/tests/log/faillog/55_faillog_no_changes/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/55_faillog_no_changes/config/etc/shadow b/tests/log/faillog/55_faillog_no_changes/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/55_faillog_no_changes/data/faillog.stat b/tests/log/faillog/55_faillog_no_changes/data/faillog.stat
new file mode 100644
index 0000000..fb96c4d
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/data/faillog.stat
@@ -0,0 +1 @@
+0 root:root `/var/log/faillog'
diff --git a/tests/log/faillog/55_faillog_no_changes/faillog.test b/tests/log/faillog/55_faillog_no_changes/faillog.test
new file mode 100755
index 0000000..6be6fb7
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/faillog.test
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "reset baz (faillog -l 0 -m 0 -u baz)..."
+faillog -l 0 -m 0 -u baz
+echo "OK"
+
+echo -n "Check permissions and size of the faillog..."
+stat --printf "%s %U:%G %N\n" /var/log/faillog | sort > tmp/faillog.stat
+diff -rauN data/faillog.stat tmp/faillog.stat
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/55_faillog_no_changes/login.exp b/tests/log/faillog/55_faillog_no_changes/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/55_faillog_no_changes/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config.txt b/tests/log/faillog/56_faillog-l-m_empty_file/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/56_faillog-l-m_empty_file/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/group b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/gshadow b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/pam.d/login b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/passwd b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/shadow b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/56_faillog-l-m_empty_file/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/data/faillog.stat b/tests/log/faillog/56_faillog-l-m_empty_file/data/faillog.stat
new file mode 100644
index 0000000..66b0df0
--- /dev/null
+++ b/tests/log/faillog/56_faillog-l-m_empty_file/data/faillog.stat
@@ -0,0 +1 @@
+24072 root:root `/var/log/faillog'
diff --git a/tests/log/faillog/56_faillog-l-m_empty_file/faillog.test b/tests/log/faillog/56_faillog-l-m_empty_file/faillog.test
new file mode 100755
index 0000000..bb0ef15
--- /dev/null
+++ b/tests/log/faillog/56_faillog-l-m_empty_file/faillog.test
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "reset baz (faillog -l 0 -m 0 -u baz)..."
+faillog -a -l 1 -m 1 -u 1000-1002
+echo "OK"
+
+echo -n "Check size of the faillog..."
+stat --printf "%s %U:%G %N\n" /var/log/faillog | sort > tmp/faillog.stat
+diff -rauN data/faillog.stat tmp/faillog.stat
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/57_faillog-r_empty_file/config.txt b/tests/log/faillog/57_faillog-r_empty_file/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/57_faillog-r_empty_file/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/57_faillog-r_empty_file/config/etc/group b/tests/log/faillog/57_faillog-r_empty_file/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/57_faillog-r_empty_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/57_faillog-r_empty_file/config/etc/gshadow b/tests/log/faillog/57_faillog-r_empty_file/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/57_faillog-r_empty_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/57_faillog-r_empty_file/config/etc/pam.d/login b/tests/log/faillog/57_faillog-r_empty_file/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/57_faillog-r_empty_file/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/57_faillog-r_empty_file/config/etc/passwd b/tests/log/faillog/57_faillog-r_empty_file/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/57_faillog-r_empty_file/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/57_faillog-r_empty_file/config/etc/shadow b/tests/log/faillog/57_faillog-r_empty_file/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/57_faillog-r_empty_file/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/57_faillog-r_empty_file/data/faillog.stat b/tests/log/faillog/57_faillog-r_empty_file/data/faillog.stat
new file mode 100644
index 0000000..fb96c4d
--- /dev/null
+++ b/tests/log/faillog/57_faillog-r_empty_file/data/faillog.stat
@@ -0,0 +1 @@
+0 root:root `/var/log/faillog'
diff --git a/tests/log/faillog/57_faillog-r_empty_file/faillog.test b/tests/log/faillog/57_faillog-r_empty_file/faillog.test
new file mode 100755
index 0000000..f52f470
--- /dev/null
+++ b/tests/log/faillog/57_faillog-r_empty_file/faillog.test
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "reset baz (faillog -l 0 -m 0 -u baz)..."
+faillog -a -r -u 1000-1002
+echo "OK"
+
+echo -n "Check size of the faillog..."
+stat --printf "%s %U:%G %N\n" /var/log/faillog | sort > tmp/faillog.stat
+diff -rauN data/faillog.stat tmp/faillog.stat
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config.txt b/tests/log/faillog/58_faillog-l_no_failcount/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config/etc/group b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config/etc/gshadow b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config/etc/pam.d/login b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config/etc/passwd b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/config/etc/shadow b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/shadow
new file mode 100644
index 0000000..52721ac
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:a:12977:0:99999:7:::
+baz:b:12977:0:99999:7:::
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/data/faillog.list b/tests/log/faillog/58_faillog-l_no_failcount/data/faillog.list
new file mode 100644
index 0000000..405c169
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/data/faillog.list
@@ -0,0 +1,3 @@
+Login       Failures Maximum
+
+foo             0        0  
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/faillog.test b/tests/log/faillog/58_faillog-l_no_failcount/faillog.test
new file mode 100755
index 0000000..41e951f
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/faillog.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports the locktime even if timeout is not passwed when there are no failures"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "set locktime for foo (faillog -l 10 -u foo)..."
+faillog -l 10 -u foo
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+
+echo -n "Reset failure counter for foo..."
+faillog -r -u foo
+echo "OK"
+
+echo -n "faillog..."
+faillog -u foo> tmp/faillog.out
+echo "OK."
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Check the list of users with failures..."
+cut -c-28 tmp/faillog.out > tmp/faillog.list
+diff -au data/faillog.list tmp/faillog.list
+echo "OK"
+echo "The lock is displayed as 10s for foo..."
+grep "^foo .* \[10s lock\]$" tmp/faillog.out
+echo "OK."
+
+rm -f tmp/faillog.out tmp/faillog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/faillog/58_faillog-l_no_failcount/login.exp b/tests/log/faillog/58_faillog-l_no_failcount/login.exp
new file mode 100755
index 0000000..5df0903
--- /dev/null
+++ b/tests/log/faillog/58_faillog-l_no_failcount/login.exp
@@ -0,0 +1,26 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login $user\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/config.txt b/tests/log/lastlog/01_lastlog_no_lastlog/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/01_lastlog_no_lastlog/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/group b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/gshadow b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/passwd b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/shadow b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/log/lastlog/01_lastlog_no_lastlog/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/data/lastlog.err b/tests/log/lastlog/01_lastlog_no_lastlog/data/lastlog.err
new file mode 100644
index 0000000..935fdb5
--- /dev/null
+++ b/tests/log/lastlog/01_lastlog_no_lastlog/data/lastlog.err
@@ -0,0 +1 @@
+/var/log/lastlog: No such file or directory
diff --git a/tests/log/lastlog/01_lastlog_no_lastlog/lastlog.test b/tests/log/lastlog/01_lastlog_no_lastlog/lastlog.test
new file mode 100755
index 0000000..d903f88
--- /dev/null
+++ b/tests/log/lastlog/01_lastlog_no_lastlog/lastlog.test
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "lastlog detects missing /var/log/lastlog and does not create it"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; touch /var/log/lastlog' 0
+
+change_config
+
+echo -n "Remove /var/log/lastlog (it will not be restored)..."
+rm -f /var/log/lastlog
+echo "OK"
+
+echo -n "Execute lastlog (lastlog)..."
+lastlog 2>tmp/lastlog.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/lastlog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/lastlog.err tmp/lastlog.err
+echo "usage message OK."
+rm -f tmp/lastlog.err
+
+echo -n "Check that the /var/log/lastlog file was not created"...
+test ! -f /var/log/lastlog
+echo "OK"
+
+touch /var/log/lastlog
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/02_lastlog_usage/config.txt b/tests/log/lastlog/02_lastlog_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/lastlog/02_lastlog_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/lastlog/02_lastlog_usage/config/etc/group b/tests/log/lastlog/02_lastlog_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/lastlog/02_lastlog_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/lastlog/02_lastlog_usage/config/etc/gshadow b/tests/log/lastlog/02_lastlog_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/lastlog/02_lastlog_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/lastlog/02_lastlog_usage/config/etc/passwd b/tests/log/lastlog/02_lastlog_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/lastlog/02_lastlog_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/lastlog/02_lastlog_usage/config/etc/shadow b/tests/log/lastlog/02_lastlog_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/lastlog/02_lastlog_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/02_lastlog_usage/data/usage.out b/tests/log/lastlog/02_lastlog_usage/data/usage.out
new file mode 100644
index 0000000..410197e
--- /dev/null
+++ b/tests/log/lastlog/02_lastlog_usage/data/usage.out
@@ -0,0 +1,9 @@
+Usage: lastlog [options]
+
+Options:
+  -b, --before DAYS             print only lastlog records older than DAYS
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+  -t, --time DAYS               print only lastlog records more recent than DAYS
+  -u, --user LOGIN              print lastlog record of the specified LOGIN
+
diff --git a/tests/log/lastlog/02_lastlog_usage/lastlog.test b/tests/log/lastlog/02_lastlog_usage/lastlog.test
new file mode 100755
index 0000000..344a104
--- /dev/null
+++ b/tests/log/lastlog/02_lastlog_usage/lastlog.test
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "lastlog can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get lastlog usage (lastlog -h)..."
+lastlog -h >tmp/usage.out
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/03_lastlog_format/config.txt b/tests/log/lastlog/03_lastlog_format/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/03_lastlog_format/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/03_lastlog_format/config/etc/group b/tests/log/lastlog/03_lastlog_format/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/03_lastlog_format/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/03_lastlog_format/config/etc/gshadow b/tests/log/lastlog/03_lastlog_format/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/03_lastlog_format/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/03_lastlog_format/config/etc/passwd b/tests/log/lastlog/03_lastlog_format/config/etc/passwd
new file mode 100644
index 0000000..ae6ebfe
--- /dev/null
+++ b/tests/log/lastlog/03_lastlog_format/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
diff --git a/tests/log/lastlog/03_lastlog_format/config/etc/shadow b/tests/log/lastlog/03_lastlog_format/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/log/lastlog/03_lastlog_format/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/03_lastlog_format/data/lastlog.out b/tests/log/lastlog/03_lastlog_format/data/lastlog.out
new file mode 100644
index 0000000..280e1ab
--- /dev/null
+++ b/tests/log/lastlog/03_lastlog_format/data/lastlog.out
@@ -0,0 +1,20 @@
+Username         Port     From             Latest
+root                                       **Never logged in**
+daemon                                     **Never logged in**
+bin                                        **Never logged in**
+sys                                        **Never logged in**
+sync                                       **Never logged in**
+games                                      **Never logged in**
+man                                        **Never logged in**
+lp                                         **Never logged in**
+mail                                       **Never logged in**
+news                                       **Never logged in**
+uucp                                       **Never logged in**
+proxy                                      **Never logged in**
+www-data                                   **Never logged in**
+backup                                     **Never logged in**
+list                                       **Never logged in**
+irc                                        **Never logged in**
+gnats                                      **Never logged in**
+nobody                                     **Never logged in**
+Debian-exim                                **Never logged in**
diff --git a/tests/log/lastlog/03_lastlog_format/lastlog.test b/tests/log/lastlog/03_lastlog_format/lastlog.test
new file mode 100755
index 0000000..b59c19b
--- /dev/null
+++ b/tests/log/lastlog/03_lastlog_format/lastlog.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+cp data/lastlog.out tmp/lastlog.out1
+cp data/lastlog.out tmp/lastlog.out2
+TTY=0
+while true
+do
+	[ ! -e /dev/pts/$TTY ] && break
+	TTY=$((TTY+1))
+done
+	
+
+DATE=$(LC_ALL=C date +"%a %b %e %H:%M:%S %z %Y")
+printf "%-16s %-8.8s %-16.16s %s\n" foo "pts/$TTY" "" "$DATE" >> tmp/lastlog.out1
+
+echo -n "Trigger a connection as foo..."
+./login.exp
+echo "OK"
+
+DATE=$(LC_ALL=C date +"%a %b %e %H:%M:%S %z %Y")
+printf "%-16s %-8.8s %-16.16s %s\n" foo "pts/$TTY" "" "$DATE" >> tmp/lastlog.out2
+
+echo -n "lastlog..."
+lastlog > tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the lastlog message..."
+diff -au tmp/lastlog.out tmp/lastlog.out1 || diff -au tmp/lastlog.out tmp/lastlog.out2
+echo "lastlog message OK."
+rm -f tmp/lastlog.out tmp/lastlog.out1 tmp/lastlog.out2
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/03_lastlog_format/login.exp b/tests/log/lastlog/03_lastlog_format/login.exp
new file mode 100755
index 0000000..c8866d9
--- /dev/null
+++ b/tests/log/lastlog/03_lastlog_format/login.exp
@@ -0,0 +1,13 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login -f foo\r"
+expect "$ "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/lastlog/04_lastlog_mulitple/config.txt b/tests/log/lastlog/04_lastlog_mulitple/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/04_lastlog_mulitple/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/04_lastlog_mulitple/config/etc/group b/tests/log/lastlog/04_lastlog_mulitple/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/04_lastlog_mulitple/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/04_lastlog_mulitple/config/etc/gshadow b/tests/log/lastlog/04_lastlog_mulitple/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/04_lastlog_mulitple/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/04_lastlog_mulitple/config/etc/passwd b/tests/log/lastlog/04_lastlog_mulitple/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/04_lastlog_mulitple/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/04_lastlog_mulitple/config/etc/shadow b/tests/log/lastlog/04_lastlog_mulitple/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/04_lastlog_mulitple/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/04_lastlog_mulitple/data/lastlog.list b/tests/log/lastlog/04_lastlog_mulitple/data/lastlog.list
new file mode 100644
index 0000000..ae27a13
--- /dev/null
+++ b/tests/log/lastlog/04_lastlog_mulitple/data/lastlog.list
@@ -0,0 +1,4 @@
+Username
+bar
+foo
+baz
diff --git a/tests/log/lastlog/04_lastlog_mulitple/lastlog.test b/tests/log/lastlog/04_lastlog_mulitple/lastlog.test
new file mode 100755
index 0000000..630c7f5
--- /dev/null
+++ b/tests/log/lastlog/04_lastlog_mulitple/lastlog.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+./login.exp baz
+echo "OK"
+
+echo -n "lastlog..."
+lastlog > tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | grep -v "Never logged in" | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/04_lastlog_mulitple/login.exp b/tests/log/lastlog/04_lastlog_mulitple/login.exp
new file mode 100755
index 0000000..664f919
--- /dev/null
+++ b/tests/log/lastlog/04_lastlog_mulitple/login.exp
@@ -0,0 +1,19 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login -f $user\r"
+expect "$ "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/lastlog/05_lastlog-u_ID/config.txt b/tests/log/lastlog/05_lastlog-u_ID/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/05_lastlog-u_ID/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/05_lastlog-u_ID/config/etc/group b/tests/log/lastlog/05_lastlog-u_ID/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/05_lastlog-u_ID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/05_lastlog-u_ID/config/etc/gshadow b/tests/log/lastlog/05_lastlog-u_ID/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/05_lastlog-u_ID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/05_lastlog-u_ID/config/etc/passwd b/tests/log/lastlog/05_lastlog-u_ID/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/05_lastlog-u_ID/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/05_lastlog-u_ID/config/etc/shadow b/tests/log/lastlog/05_lastlog-u_ID/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/05_lastlog-u_ID/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/05_lastlog-u_ID/data/lastlog.list b/tests/log/lastlog/05_lastlog-u_ID/data/lastlog.list
new file mode 100644
index 0000000..aa542b8
--- /dev/null
+++ b/tests/log/lastlog/05_lastlog-u_ID/data/lastlog.list
@@ -0,0 +1,2 @@
+Username
+bar
diff --git a/tests/log/lastlog/05_lastlog-u_ID/lastlog.test b/tests/log/lastlog/05_lastlog-u_ID/lastlog.test
new file mode 100755
index 0000000..b1de502
--- /dev/null
+++ b/tests/log/lastlog/05_lastlog-u_ID/lastlog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u 1001..."
+lastlog -u 1001> tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/06_lastlog-u_name/config.txt b/tests/log/lastlog/06_lastlog-u_name/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/06_lastlog-u_name/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/06_lastlog-u_name/config/etc/group b/tests/log/lastlog/06_lastlog-u_name/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/06_lastlog-u_name/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/06_lastlog-u_name/config/etc/gshadow b/tests/log/lastlog/06_lastlog-u_name/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/06_lastlog-u_name/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/06_lastlog-u_name/config/etc/passwd b/tests/log/lastlog/06_lastlog-u_name/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/06_lastlog-u_name/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/06_lastlog-u_name/config/etc/shadow b/tests/log/lastlog/06_lastlog-u_name/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/06_lastlog-u_name/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/06_lastlog-u_name/data/lastlog.list b/tests/log/lastlog/06_lastlog-u_name/data/lastlog.list
new file mode 100644
index 0000000..f886a83
--- /dev/null
+++ b/tests/log/lastlog/06_lastlog-u_name/data/lastlog.list
@@ -0,0 +1,2 @@
+Username
+baz
diff --git a/tests/log/lastlog/06_lastlog-u_name/lastlog.test b/tests/log/lastlog/06_lastlog-u_name/lastlog.test
new file mode 100755
index 0000000..b17312a
--- /dev/null
+++ b/tests/log/lastlog/06_lastlog-u_name/lastlog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u baz..."
+lastlog -u baz> tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/config.txt b/tests/log/lastlog/07_lastlog-u_ID_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/group b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/gshadow b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/passwd b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/shadow b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/data/lastlog.list b/tests/log/lastlog/07_lastlog-u_ID_invalid/data/lastlog.list
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/data/lastlog.list
diff --git a/tests/log/lastlog/07_lastlog-u_ID_invalid/lastlog.test b/tests/log/lastlog/07_lastlog-u_ID_invalid/lastlog.test
new file mode 100755
index 0000000..36d1a2a
--- /dev/null
+++ b/tests/log/lastlog/07_lastlog-u_ID_invalid/lastlog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u 1003..."
+lastlog -u 1003> tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+diff -au data/lastlog.list tmp/lastlog.out
+echo "OK."
+
+rm -f tmp/lastlog.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/config.txt b/tests/log/lastlog/08_lastlog-u_name_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/08_lastlog-u_name_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/group b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/gshadow b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/passwd b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/shadow b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/08_lastlog-u_name_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/data/lastlog.err b/tests/log/lastlog/08_lastlog-u_name_invalid/data/lastlog.err
new file mode 100644
index 0000000..c604c0e
--- /dev/null
+++ b/tests/log/lastlog/08_lastlog-u_name_invalid/data/lastlog.err
@@ -0,0 +1 @@
+lastlog: Unknown user or range: me
diff --git a/tests/log/lastlog/08_lastlog-u_name_invalid/lastlog.test b/tests/log/lastlog/08_lastlog-u_name_invalid/lastlog.test
new file mode 100755
index 0000000..66fdad0
--- /dev/null
+++ b/tests/log/lastlog/08_lastlog-u_name_invalid/lastlog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u me..."
+lastlog -u me 2>tmp/lastlog.err && exit 1 || {
+	status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/lastlog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/lastlog.err tmp/lastlog.err
+echo "message OK."
+rm -f tmp/lastlog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/09_lastlog-u_range/config.txt b/tests/log/lastlog/09_lastlog-u_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/09_lastlog-u_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/09_lastlog-u_range/config/etc/group b/tests/log/lastlog/09_lastlog-u_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/09_lastlog-u_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/09_lastlog-u_range/config/etc/gshadow b/tests/log/lastlog/09_lastlog-u_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/09_lastlog-u_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/09_lastlog-u_range/config/etc/passwd b/tests/log/lastlog/09_lastlog-u_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/09_lastlog-u_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/09_lastlog-u_range/config/etc/shadow b/tests/log/lastlog/09_lastlog-u_range/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/09_lastlog-u_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/09_lastlog-u_range/data/lastlog.list b/tests/log/lastlog/09_lastlog-u_range/data/lastlog.list
new file mode 100644
index 0000000..0d06c77
--- /dev/null
+++ b/tests/log/lastlog/09_lastlog-u_range/data/lastlog.list
@@ -0,0 +1,7 @@
+Username
+bar
+list
+irc
+gnats
+Debian-exim
+foo
diff --git a/tests/log/lastlog/09_lastlog-u_range/lastlog.test b/tests/log/lastlog/09_lastlog-u_range/lastlog.test
new file mode 100755
index 0000000..232d088
--- /dev/null
+++ b/tests/log/lastlog/09_lastlog-u_range/lastlog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u 38-1001..."
+lastlog -u 38-1001> tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/10_lastlog-u_open_range/config.txt b/tests/log/lastlog/10_lastlog-u_open_range/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/10_lastlog-u_open_range/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/10_lastlog-u_open_range/config/etc/group b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/10_lastlog-u_open_range/config/etc/gshadow b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/10_lastlog-u_open_range/config/etc/passwd b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/10_lastlog-u_open_range/config/etc/shadow b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/10_lastlog-u_open_range/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/10_lastlog-u_open_range/data/lastlog.list b/tests/log/lastlog/10_lastlog-u_open_range/data/lastlog.list
new file mode 100644
index 0000000..692874a
--- /dev/null
+++ b/tests/log/lastlog/10_lastlog-u_open_range/data/lastlog.list
@@ -0,0 +1,21 @@
+Username
+root
+daemon
+bin
+bar
+sys
+sync
+games
+man
+lp
+mail
+news
+uucp
+proxy
+www-data
+backup
+list
+irc
+gnats
+Debian-exim
+foo
diff --git a/tests/log/lastlog/10_lastlog-u_open_range/lastlog.test b/tests/log/lastlog/10_lastlog-u_open_range/lastlog.test
new file mode 100755
index 0000000..5bc3d6b
--- /dev/null
+++ b/tests/log/lastlog/10_lastlog-u_open_range/lastlog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "lastlog supports open ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u -1001..."
+lastlog -u -1001> tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/11_lastlog-u_range_open/config.txt b/tests/log/lastlog/11_lastlog-u_range_open/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/11_lastlog-u_range_open/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/11_lastlog-u_range_open/config/etc/group b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/11_lastlog-u_range_open/config/etc/gshadow b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/11_lastlog-u_range_open/config/etc/passwd b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/11_lastlog-u_range_open/config/etc/shadow b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/11_lastlog-u_range_open/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/11_lastlog-u_range_open/data/lastlog.list b/tests/log/lastlog/11_lastlog-u_range_open/data/lastlog.list
new file mode 100644
index 0000000..4ad4379
--- /dev/null
+++ b/tests/log/lastlog/11_lastlog-u_range_open/data/lastlog.list
@@ -0,0 +1,9 @@
+Username
+bar
+list
+irc
+gnats
+nobody
+Debian-exim
+foo
+baz
diff --git a/tests/log/lastlog/11_lastlog-u_range_open/lastlog.test b/tests/log/lastlog/11_lastlog-u_range_open/lastlog.test
new file mode 100755
index 0000000..ab36308
--- /dev/null
+++ b/tests/log/lastlog/11_lastlog-u_range_open/lastlog.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "lastlog supports open ranges (2)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u 38-..."
+lastlog -u 38-> tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/config.txt b/tests/log/lastlog/12_lastlog-u_range_invalid1/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/group b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/gshadow b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/passwd b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/shadow b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/data/lastlog.err b/tests/log/lastlog/12_lastlog-u_range_invalid1/data/lastlog.err
new file mode 100644
index 0000000..1341607
--- /dev/null
+++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/data/lastlog.err
@@ -0,0 +1 @@
+lastlog: Unknown user or range: foo-bar
diff --git a/tests/log/lastlog/12_lastlog-u_range_invalid1/lastlog.test b/tests/log/lastlog/12_lastlog-u_range_invalid1/lastlog.test
new file mode 100755
index 0000000..85879b2
--- /dev/null
+++ b/tests/log/lastlog/12_lastlog-u_range_invalid1/lastlog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u foo-bar..."
+lastlog -u foo-bar 2>tmp/lastlog.err && exit 1 || {
+	status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/lastlog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/lastlog.err tmp/lastlog.err
+echo "message OK."
+rm -f tmp/lastlog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/config.txt b/tests/log/lastlog/13_lastlog-u_range_invalid2/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/group b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/gshadow b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/passwd b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/shadow b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/data/lastlog.err b/tests/log/lastlog/13_lastlog-u_range_invalid2/data/lastlog.err
new file mode 100644
index 0000000..cff222b
--- /dev/null
+++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/data/lastlog.err
@@ -0,0 +1 @@
+lastlog: Unknown user or range: foo-
diff --git a/tests/log/lastlog/13_lastlog-u_range_invalid2/lastlog.test b/tests/log/lastlog/13_lastlog-u_range_invalid2/lastlog.test
new file mode 100755
index 0000000..6d6d09b
--- /dev/null
+++ b/tests/log/lastlog/13_lastlog-u_range_invalid2/lastlog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u foo-..."
+lastlog -u foo- 2>tmp/lastlog.err && exit 1 || {
+	status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/lastlog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/lastlog.err tmp/lastlog.err
+echo "message OK."
+rm -f tmp/lastlog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/config.txt b/tests/log/lastlog/14_lastlog-u_range_invalid3/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/group b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/gshadow b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/passwd b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/shadow b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/data/lastlog.err b/tests/log/lastlog/14_lastlog-u_range_invalid3/data/lastlog.err
new file mode 100644
index 0000000..999f9a2
--- /dev/null
+++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/data/lastlog.err
@@ -0,0 +1 @@
+lastlog: Unknown user or range: -foo
diff --git a/tests/log/lastlog/14_lastlog-u_range_invalid3/lastlog.test b/tests/log/lastlog/14_lastlog-u_range_invalid3/lastlog.test
new file mode 100755
index 0000000..6cd61ef
--- /dev/null
+++ b/tests/log/lastlog/14_lastlog-u_range_invalid3/lastlog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -u -foo..."
+lastlog -u -foo 2>tmp/lastlog.err && exit 1 || {
+	status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/lastlog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/lastlog.err tmp/lastlog.err
+echo "message OK."
+rm -f tmp/lastlog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/15_lastlog_bad_option/config.txt b/tests/log/lastlog/15_lastlog_bad_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/lastlog/15_lastlog_bad_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/lastlog/15_lastlog_bad_option/config/etc/group b/tests/log/lastlog/15_lastlog_bad_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/lastlog/15_lastlog_bad_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/lastlog/15_lastlog_bad_option/config/etc/gshadow b/tests/log/lastlog/15_lastlog_bad_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/lastlog/15_lastlog_bad_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/lastlog/15_lastlog_bad_option/config/etc/passwd b/tests/log/lastlog/15_lastlog_bad_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/lastlog/15_lastlog_bad_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/lastlog/15_lastlog_bad_option/config/etc/shadow b/tests/log/lastlog/15_lastlog_bad_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/lastlog/15_lastlog_bad_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/15_lastlog_bad_option/data/usage.out b/tests/log/lastlog/15_lastlog_bad_option/data/usage.out
new file mode 100644
index 0000000..fe1385a
--- /dev/null
+++ b/tests/log/lastlog/15_lastlog_bad_option/data/usage.out
@@ -0,0 +1,10 @@
+lastlog: invalid option -- 'Z'
+Usage: lastlog [options]
+
+Options:
+  -b, --before DAYS             print only lastlog records older than DAYS
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+  -t, --time DAYS               print only lastlog records more recent than DAYS
+  -u, --user LOGIN              print lastlog record of the specified LOGIN
+
diff --git a/tests/log/lastlog/15_lastlog_bad_option/lastlog.test b/tests/log/lastlog/15_lastlog_bad_option/lastlog.test
new file mode 100755
index 0000000..9e56fe2
--- /dev/null
+++ b/tests/log/lastlog/15_lastlog_bad_option/lastlog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "lastlog can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get lastlog usage (lastlog -Z)..."
+lastlog -Z 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/16_lastlog_extra_arg/config.txt b/tests/log/lastlog/16_lastlog_extra_arg/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/log/lastlog/16_lastlog_extra_arg/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/log/lastlog/16_lastlog_extra_arg/config/etc/group b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/log/lastlog/16_lastlog_extra_arg/config/etc/gshadow b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/log/lastlog/16_lastlog_extra_arg/config/etc/passwd b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/log/lastlog/16_lastlog_extra_arg/config/etc/shadow b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/log/lastlog/16_lastlog_extra_arg/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/16_lastlog_extra_arg/data/usage.out b/tests/log/lastlog/16_lastlog_extra_arg/data/usage.out
new file mode 100644
index 0000000..ab3455b
--- /dev/null
+++ b/tests/log/lastlog/16_lastlog_extra_arg/data/usage.out
@@ -0,0 +1,10 @@
+lastlog: unexpected argument: foo
+Usage: lastlog [options]
+
+Options:
+  -b, --before DAYS             print only lastlog records older than DAYS
+  -h, --help                    display this help message and exit
+  -R, --root CHROOT_DIR         directory to chroot into
+  -t, --time DAYS               print only lastlog records more recent than DAYS
+  -u, --user LOGIN              print lastlog record of the specified LOGIN
+
diff --git a/tests/log/lastlog/16_lastlog_extra_arg/lastlog.test b/tests/log/lastlog/16_lastlog_extra_arg/lastlog.test
new file mode 100755
index 0000000..387c292
--- /dev/null
+++ b/tests/log/lastlog/16_lastlog_extra_arg/lastlog.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "lastlog checks if there are extra arguments"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get lastlog usage (lastlog foo)..."
+lastlog foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/17_lastlog-t/config.txt b/tests/log/lastlog/17_lastlog-t/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/17_lastlog-t/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/17_lastlog-t/config/etc/group b/tests/log/lastlog/17_lastlog-t/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/17_lastlog-t/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/17_lastlog-t/config/etc/gshadow b/tests/log/lastlog/17_lastlog-t/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/17_lastlog-t/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/17_lastlog-t/config/etc/passwd b/tests/log/lastlog/17_lastlog-t/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/17_lastlog-t/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/17_lastlog-t/config/etc/shadow b/tests/log/lastlog/17_lastlog-t/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/17_lastlog-t/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/17_lastlog-t/data/lastlog.list b/tests/log/lastlog/17_lastlog-t/data/lastlog.list
new file mode 100644
index 0000000..f81812d
--- /dev/null
+++ b/tests/log/lastlog/17_lastlog-t/data/lastlog.list
@@ -0,0 +1,3 @@
+Username
+bar
+foo
diff --git a/tests/log/lastlog/17_lastlog-t/lastlog.test b/tests/log/lastlog/17_lastlog-t/lastlog.test
new file mode 100755
index 0000000..a000cae
--- /dev/null
+++ b/tests/log/lastlog/17_lastlog-t/lastlog.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+LD_PRELOAD=../../../common/time_past.so PAST_DAYS=2 ./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+LD_PRELOAD=../../../common/time_past.so PAST_DAYS=4 ./login.exp baz
+echo "OK"
+
+echo -n "lastlog..."
+lastlog -t 3 > tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/17_lastlog-t/login.exp b/tests/log/lastlog/17_lastlog-t/login.exp
new file mode 100755
index 0000000..a005233
--- /dev/null
+++ b/tests/log/lastlog/17_lastlog-t/login.exp
@@ -0,0 +1,19 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login -p -f $user\r"
+expect "$ "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/lastlog/18_lastlog-b/config.txt b/tests/log/lastlog/18_lastlog-b/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/18_lastlog-b/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/18_lastlog-b/config/etc/group b/tests/log/lastlog/18_lastlog-b/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/18_lastlog-b/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/18_lastlog-b/config/etc/gshadow b/tests/log/lastlog/18_lastlog-b/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/18_lastlog-b/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/18_lastlog-b/config/etc/passwd b/tests/log/lastlog/18_lastlog-b/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/18_lastlog-b/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/18_lastlog-b/config/etc/shadow b/tests/log/lastlog/18_lastlog-b/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/18_lastlog-b/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/18_lastlog-b/data/lastlog.list b/tests/log/lastlog/18_lastlog-b/data/lastlog.list
new file mode 100644
index 0000000..219b8da
--- /dev/null
+++ b/tests/log/lastlog/18_lastlog-b/data/lastlog.list
@@ -0,0 +1,21 @@
+Username
+root
+daemon
+bin
+sys
+sync
+games
+man
+lp
+mail
+news
+uucp
+proxy
+www-data
+backup
+list
+irc
+gnats
+nobody
+Debian-exim
+baz
diff --git a/tests/log/lastlog/18_lastlog-b/lastlog.test b/tests/log/lastlog/18_lastlog-b/lastlog.test
new file mode 100755
index 0000000..17349a3
--- /dev/null
+++ b/tests/log/lastlog/18_lastlog-b/lastlog.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports all entry from /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+LD_PRELOAD=../../../common/time_past.so PAST_DAYS=2 ./login.exp foo
+echo "OK"
+echo -n "Trigger a connection as bar..."
+./login.exp bar
+echo "OK"
+echo -n "Trigger a connection as baz..."
+LD_PRELOAD=../../../common/time_past.so PAST_DAYS=4 ./login.exp baz
+echo "OK"
+
+echo -n "lastlog..."
+lastlog -b 3 > tmp/lastlog.out
+echo "OK."
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Check the list of logged in users..."
+cat tmp/lastlog.out | cut -d" " -f1 > tmp/lastlog.list
+diff -au data/lastlog.list tmp/lastlog.list
+echo "OK."
+
+rm -f tmp/lastlog.out tmp/lastlog.list
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/18_lastlog-b/login.exp b/tests/log/lastlog/18_lastlog-b/login.exp
new file mode 100755
index 0000000..a005233
--- /dev/null
+++ b/tests/log/lastlog/18_lastlog-b/login.exp
@@ -0,0 +1,19 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+        set user     [lindex $argv 0]
+} else {
+        set user     "foo"
+}
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login -p -f $user\r"
+expect "$ "
+
+send "exit\r"
+exit 0
diff --git a/tests/log/lastlog/19_lastlog-t_invalid/config.txt b/tests/log/lastlog/19_lastlog-t_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/19_lastlog-t_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/19_lastlog-t_invalid/config/etc/group b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/19_lastlog-t_invalid/config/etc/gshadow b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/19_lastlog-t_invalid/config/etc/passwd b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/19_lastlog-t_invalid/config/etc/shadow b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/19_lastlog-t_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/19_lastlog-t_invalid/data/lastlog.err b/tests/log/lastlog/19_lastlog-t_invalid/data/lastlog.err
new file mode 100644
index 0000000..8197db7
--- /dev/null
+++ b/tests/log/lastlog/19_lastlog-t_invalid/data/lastlog.err
@@ -0,0 +1 @@
+lastlog: invalid numeric argument '-2'
diff --git a/tests/log/lastlog/19_lastlog-t_invalid/lastlog.test b/tests/log/lastlog/19_lastlog-t_invalid/lastlog.test
new file mode 100755
index 0000000..50f71b5
--- /dev/null
+++ b/tests/log/lastlog/19_lastlog-t_invalid/lastlog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -t -2..."
+lastlog -t -2 2>tmp/lastlog.err && exit 1 || {
+	status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/lastlog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/lastlog.err tmp/lastlog.err
+echo "message OK."
+rm -f tmp/lastlog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/log/lastlog/20_lastlog-b_invalid/config.txt b/tests/log/lastlog/20_lastlog-b_invalid/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/log/lastlog/20_lastlog-b_invalid/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/log/lastlog/20_lastlog-b_invalid/config/etc/group b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/log/lastlog/20_lastlog-b_invalid/config/etc/gshadow b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/log/lastlog/20_lastlog-b_invalid/config/etc/passwd b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/passwd
new file mode 100644
index 0000000..9d34d3a
--- /dev/null
+++ b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+bar:x:1001:1001::/home/bar:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+baz:x:1002:1002::/home/baz:/bin/sh
diff --git a/tests/log/lastlog/20_lastlog-b_invalid/config/etc/shadow b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/shadow
new file mode 100644
index 0000000..972f2cd
--- /dev/null
+++ b/tests/log/lastlog/20_lastlog-b_invalid/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+baz:!:12977:0:99999:7:::
diff --git a/tests/log/lastlog/20_lastlog-b_invalid/data/lastlog.err b/tests/log/lastlog/20_lastlog-b_invalid/data/lastlog.err
new file mode 100644
index 0000000..34429d4
--- /dev/null
+++ b/tests/log/lastlog/20_lastlog-b_invalid/data/lastlog.err
@@ -0,0 +1 @@
+lastlog: invalid numeric argument '2a'
diff --git a/tests/log/lastlog/20_lastlog-b_invalid/lastlog.test b/tests/log/lastlog/20_lastlog-b_invalid/lastlog.test
new file mode 100755
index 0000000..af96813
--- /dev/null
+++ b/tests/log/lastlog/20_lastlog-b_invalid/lastlog.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "reports invalid -b argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+> /var/log/lastlog
+echo "OK"
+
+echo -n "lastlog -t 2a..."
+lastlog -b 2a 2>tmp/lastlog.err && exit 1 || {
+	status=$?
+}
+echo "OK."
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "lastlog reported:"
+echo "======================================================================="
+cat tmp/lastlog.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/lastlog.err tmp/lastlog.err
+echo "message OK."
+rm -f tmp/lastlog.err
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/login/01_login_prompt/config.txt b/tests/login/01_login_prompt/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/login/01_login_prompt/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/login/01_login_prompt/config/etc/group b/tests/login/01_login_prompt/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/login/01_login_prompt/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/login/01_login_prompt/config/etc/gshadow b/tests/login/01_login_prompt/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/login/01_login_prompt/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/login/01_login_prompt/config/etc/login.defs b/tests/login/01_login_prompt/config/etc/login.defs
new file mode 100644
index 0000000..8605f43
--- /dev/null
+++ b/tests/login/01_login_prompt/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+#ENV_SUPATH	/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+#ENV_PATH	/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/login/01_login_prompt/config/etc/passwd b/tests/login/01_login_prompt/config/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/login/01_login_prompt/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/login/01_login_prompt/config/etc/shadow b/tests/login/01_login_prompt/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/login/01_login_prompt/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/login/01_login_prompt/login.exp b/tests/login/01_login_prompt/login.exp
new file mode 100755
index 0000000..05323aa
--- /dev/null
+++ b/tests/login/01_login_prompt/login.exp
@@ -0,0 +1,23 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login\r"
+expect " login: "
+send "myuser\r"
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "$ "
+
+send "# expect uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+send "id\r"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+send "exit\r"
+
+exit 0
diff --git a/tests/login/01_login_prompt/login.test b/tests/login/01_login_prompt/login.test
new file mode 100755
index 0000000..5ef6e92
--- /dev/null
+++ b/tests/login/01_login_prompt/login.test
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+testname=$(basename $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "try regular login with user prompt"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./login.exp
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/login/02_login_user/config.txt b/tests/login/02_login_user/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/login/02_login_user/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/login/02_login_user/config/etc/group b/tests/login/02_login_user/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/login/02_login_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/login/02_login_user/config/etc/gshadow b/tests/login/02_login_user/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/login/02_login_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/login/02_login_user/config/etc/login.defs b/tests/login/02_login_user/config/etc/login.defs
new file mode 100644
index 0000000..8605f43
--- /dev/null
+++ b/tests/login/02_login_user/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+#ENV_SUPATH	/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+#ENV_PATH	/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/login/02_login_user/config/etc/passwd b/tests/login/02_login_user/config/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/login/02_login_user/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/login/02_login_user/config/etc/shadow b/tests/login/02_login_user/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/login/02_login_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/login/02_login_user/login.exp b/tests/login/02_login_user/login.exp
new file mode 100755
index 0000000..c8b9b34
--- /dev/null
+++ b/tests/login/02_login_user/login.exp
@@ -0,0 +1,20 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login myuser\r"
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "$ "
+
+send "id\r"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+send "exit\r"
+
+exit 0
+
diff --git a/tests/login/02_login_user/login.test b/tests/login/02_login_user/login.test
new file mode 100755
index 0000000..5ef6e92
--- /dev/null
+++ b/tests/login/02_login_user/login.test
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+testname=$(basename $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "try regular login with user prompt"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./login.exp
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/login/03_login_check_tty/config.txt b/tests/login/03_login_check_tty/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/login/03_login_check_tty/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/login/03_login_check_tty/config/etc/group b/tests/login/03_login_check_tty/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/login/03_login_check_tty/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/login/03_login_check_tty/config/etc/gshadow b/tests/login/03_login_check_tty/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/login/03_login_check_tty/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/login/03_login_check_tty/config/etc/login.defs b/tests/login/03_login_check_tty/config/etc/login.defs
new file mode 100644
index 0000000..8605f43
--- /dev/null
+++ b/tests/login/03_login_check_tty/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+#ENV_SUPATH	/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+#ENV_PATH	/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/login/03_login_check_tty/config/etc/passwd b/tests/login/03_login_check_tty/config/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/login/03_login_check_tty/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/login/03_login_check_tty/config/etc/shadow b/tests/login/03_login_check_tty/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/login/03_login_check_tty/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/login/03_login_check_tty/login.exp b/tests/login/03_login_check_tty/login.exp
new file mode 100755
index 0000000..cb51124
--- /dev/null
+++ b/tests/login/03_login_check_tty/login.exp
@@ -0,0 +1,22 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login myuser\r"
+expect "Password: "
+send "myuserF00barbaz\r"
+expect "$ "
+
+send "# expecting c--x-wx--T 88 424242/myuser 5/tty\r"
+expect "$ "
+send "stat -c '%A %t %u/%U %g/%G' `tty`\r"
+expect "crw------- 88 424242/myuser 5/tty\r"
+expect "$ "
+send "exit\r"
+
+exit 0
+
diff --git a/tests/login/03_login_check_tty/login.test b/tests/login/03_login_check_tty/login.test
new file mode 100755
index 0000000..5ef6e92
--- /dev/null
+++ b/tests/login/03_login_check_tty/login.test
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+testname=$(basename $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "try regular login with user prompt"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./login.exp
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/01_create_user/config.txt b/tests/newusers/01_create_user/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/01_create_user/config.txt
diff --git a/tests/newusers/01_create_user/config/etc/group b/tests/newusers/01_create_user/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/01_create_user/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/01_create_user/config/etc/gshadow b/tests/newusers/01_create_user/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/01_create_user/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/01_create_user/config/etc/pam.d/common-password b/tests/newusers/01_create_user/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/01_create_user/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/01_create_user/config/etc/pam.d/newusers b/tests/newusers/01_create_user/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/01_create_user/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/01_create_user/config/etc/passwd b/tests/newusers/01_create_user/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/01_create_user/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/01_create_user/config/etc/shadow b/tests/newusers/01_create_user/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/01_create_user/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/01_create_user/data/group b/tests/newusers/01_create_user/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/01_create_user/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/01_create_user/data/gshadow b/tests/newusers/01_create_user/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/01_create_user/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/01_create_user/data/newusers.list b/tests/newusers/01_create_user/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/01_create_user/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/01_create_user/data/passwd b/tests/newusers/01_create_user/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/01_create_user/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/01_create_user/data/shadow b/tests/newusers/01_create_user/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/newusers/01_create_user/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/01_create_user/newusers.test b/tests/newusers/01_create_user/newusers.test
new file mode 100755
index 0000000..049dd17
--- /dev/null
+++ b/tests/newusers/01_create_user/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/02_update_password/config.txt b/tests/newusers/02_update_password/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/02_update_password/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/02_update_password/config/etc/group b/tests/newusers/02_update_password/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/02_update_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/02_update_password/config/etc/gshadow b/tests/newusers/02_update_password/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/02_update_password/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/02_update_password/config/etc/pam.d/common-password b/tests/newusers/02_update_password/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/02_update_password/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/02_update_password/config/etc/pam.d/newusers b/tests/newusers/02_update_password/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/02_update_password/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/02_update_password/config/etc/passwd b/tests/newusers/02_update_password/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/02_update_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/02_update_password/config/etc/shadow b/tests/newusers/02_update_password/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/02_update_password/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/02_update_password/data/newusers.list b/tests/newusers/02_update_password/data/newusers.list
new file mode 100644
index 0000000..cc3b9ad
--- /dev/null
+++ b/tests/newusers/02_update_password/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/02_update_password/data/shadow b/tests/newusers/02_update_password/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/02_update_password/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/02_update_password/newusers.test b/tests/newusers/02_update_password/newusers.test
new file mode 100755
index 0000000..17d08e2
--- /dev/null
+++ b/tests/newusers/02_update_password/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the password of an existing user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/03_no_update_pid/config.txt b/tests/newusers/03_no_update_pid/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/03_no_update_pid/config/etc/group b/tests/newusers/03_no_update_pid/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/03_no_update_pid/config/etc/gshadow b/tests/newusers/03_no_update_pid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/03_no_update_pid/config/etc/pam.d/common-password b/tests/newusers/03_no_update_pid/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/03_no_update_pid/config/etc/pam.d/newusers b/tests/newusers/03_no_update_pid/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/03_no_update_pid/config/etc/passwd b/tests/newusers/03_no_update_pid/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/03_no_update_pid/config/etc/shadow b/tests/newusers/03_no_update_pid/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/03_no_update_pid/data/newusers.list b/tests/newusers/03_no_update_pid/data/newusers.list
new file mode 100644
index 0000000..e3128e7
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:4242::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/03_no_update_pid/data/shadow b/tests/newusers/03_no_update_pid/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/03_no_update_pid/newusers.test b/tests/newusers/03_no_update_pid/newusers.test
new file mode 100755
index 0000000..5e59924
--- /dev/null
+++ b/tests/newusers/03_no_update_pid/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers does not change the pid of an existing user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/04_no_update_gid/config.txt b/tests/newusers/04_no_update_gid/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/04_no_update_gid/config/etc/group b/tests/newusers/04_no_update_gid/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/04_no_update_gid/config/etc/gshadow b/tests/newusers/04_no_update_gid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/04_no_update_gid/config/etc/pam.d/common-password b/tests/newusers/04_no_update_gid/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/04_no_update_gid/config/etc/pam.d/newusers b/tests/newusers/04_no_update_gid/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/04_no_update_gid/config/etc/passwd b/tests/newusers/04_no_update_gid/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/04_no_update_gid/config/etc/shadow b/tests/newusers/04_no_update_gid/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/04_no_update_gid/data/newusers.list b/tests/newusers/04_no_update_gid/data/newusers.list
new file mode 100644
index 0000000..2610f3c
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:4242:4242:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/04_no_update_gid/data/shadow b/tests/newusers/04_no_update_gid/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/04_no_update_gid/newusers.test b/tests/newusers/04_no_update_gid/newusers.test
new file mode 100755
index 0000000..c1dabfa
--- /dev/null
+++ b/tests/newusers/04_no_update_gid/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers does not change the gid of an existing user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/05_create_user_pid/config.txt b/tests/newusers/05_create_user_pid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/config.txt
diff --git a/tests/newusers/05_create_user_pid/config/etc/group b/tests/newusers/05_create_user_pid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/05_create_user_pid/config/etc/gshadow b/tests/newusers/05_create_user_pid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/05_create_user_pid/config/etc/pam.d/common-password b/tests/newusers/05_create_user_pid/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/05_create_user_pid/config/etc/pam.d/newusers b/tests/newusers/05_create_user_pid/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/05_create_user_pid/config/etc/passwd b/tests/newusers/05_create_user_pid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/05_create_user_pid/config/etc/shadow b/tests/newusers/05_create_user_pid/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/05_create_user_pid/data/group b/tests/newusers/05_create_user_pid/data/group
new file mode 100644
index 0000000..96574a5
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:4242:
diff --git a/tests/newusers/05_create_user_pid/data/gshadow b/tests/newusers/05_create_user_pid/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/05_create_user_pid/data/newusers.list b/tests/newusers/05_create_user_pid/data/newusers.list
new file mode 100644
index 0000000..f374b1b
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:4242::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/05_create_user_pid/data/passwd b/tests/newusers/05_create_user_pid/data/passwd
new file mode 100644
index 0000000..a45d9a7
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:4242:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/05_create_user_pid/data/shadow b/tests/newusers/05_create_user_pid/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/05_create_user_pid/newusers.test b/tests/newusers/05_create_user_pid/newusers.test
new file mode 100755
index 0000000..d2aa56a
--- /dev/null
+++ b/tests/newusers/05_create_user_pid/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with a given pid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/06_create_user_gid/config.txt b/tests/newusers/06_create_user_gid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/config.txt
diff --git a/tests/newusers/06_create_user_gid/config/etc/group b/tests/newusers/06_create_user_gid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/06_create_user_gid/config/etc/gshadow b/tests/newusers/06_create_user_gid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/06_create_user_gid/config/etc/pam.d/common-password b/tests/newusers/06_create_user_gid/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/06_create_user_gid/config/etc/pam.d/newusers b/tests/newusers/06_create_user_gid/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/06_create_user_gid/config/etc/passwd b/tests/newusers/06_create_user_gid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/06_create_user_gid/config/etc/shadow b/tests/newusers/06_create_user_gid/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/06_create_user_gid/data/group b/tests/newusers/06_create_user_gid/data/group
new file mode 100644
index 0000000..96574a5
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:4242:
diff --git a/tests/newusers/06_create_user_gid/data/gshadow b/tests/newusers/06_create_user_gid/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/06_create_user_gid/data/newusers.list b/tests/newusers/06_create_user_gid/data/newusers.list
new file mode 100644
index 0000000..50e7505
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::4242:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/06_create_user_gid/data/passwd b/tests/newusers/06_create_user_gid/data/passwd
new file mode 100644
index 0000000..8ed5455
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:4242:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/06_create_user_gid/data/shadow b/tests/newusers/06_create_user_gid/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/06_create_user_gid/newusers.test b/tests/newusers/06_create_user_gid/newusers.test
new file mode 100755
index 0000000..57cb0d5
--- /dev/null
+++ b/tests/newusers/06_create_user_gid/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with a given gid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/07_create_user_pid_gid/config.txt b/tests/newusers/07_create_user_pid_gid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/config.txt
diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/group b/tests/newusers/07_create_user_pid_gid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/gshadow b/tests/newusers/07_create_user_pid_gid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/common-password b/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/newusers b/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/passwd b/tests/newusers/07_create_user_pid_gid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/07_create_user_pid_gid/config/etc/shadow b/tests/newusers/07_create_user_pid_gid/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/07_create_user_pid_gid/data/group b/tests/newusers/07_create_user_pid_gid/data/group
new file mode 100644
index 0000000..96574a5
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:4242:
diff --git a/tests/newusers/07_create_user_pid_gid/data/gshadow b/tests/newusers/07_create_user_pid_gid/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/07_create_user_pid_gid/data/newusers.list b/tests/newusers/07_create_user_pid_gid/data/newusers.list
new file mode 100644
index 0000000..1701c92
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:4242:4242:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/07_create_user_pid_gid/data/passwd b/tests/newusers/07_create_user_pid_gid/data/passwd
new file mode 100644
index 0000000..a45d9a7
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:4242:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/07_create_user_pid_gid/data/shadow b/tests/newusers/07_create_user_pid_gid/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/07_create_user_pid_gid/newusers.test b/tests/newusers/07_create_user_pid_gid/newusers.test
new file mode 100755
index 0000000..e9b0914
--- /dev/null
+++ b/tests/newusers/07_create_user_pid_gid/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with given pid and gid (both identical)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/08_create_user_pid_other-gid/config.txt b/tests/newusers/08_create_user_pid_other-gid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/config.txt
diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/group b/tests/newusers/08_create_user_pid_other-gid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/gshadow b/tests/newusers/08_create_user_pid_other-gid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/common-password b/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/newusers b/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/passwd b/tests/newusers/08_create_user_pid_other-gid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/08_create_user_pid_other-gid/config/etc/shadow b/tests/newusers/08_create_user_pid_other-gid/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/08_create_user_pid_other-gid/data/group b/tests/newusers/08_create_user_pid_other-gid/data/group
new file mode 100644
index 0000000..b2d9984
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:4243:
diff --git a/tests/newusers/08_create_user_pid_other-gid/data/gshadow b/tests/newusers/08_create_user_pid_other-gid/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/08_create_user_pid_other-gid/data/newusers.list b/tests/newusers/08_create_user_pid_other-gid/data/newusers.list
new file mode 100644
index 0000000..a71043d
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:4242:4243:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/08_create_user_pid_other-gid/data/passwd b/tests/newusers/08_create_user_pid_other-gid/data/passwd
new file mode 100644
index 0000000..fdefa6c
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:4243:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/08_create_user_pid_other-gid/data/shadow b/tests/newusers/08_create_user_pid_other-gid/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/08_create_user_pid_other-gid/newusers.test b/tests/newusers/08_create_user_pid_other-gid/newusers.test
new file mode 100755
index 0000000..66573df
--- /dev/null
+++ b/tests/newusers/08_create_user_pid_other-gid/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with given pid and gid (with different id)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config.txt b/tests/newusers/09_create_user_pid-as-user-bar/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/config.txt
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/group b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/group
new file mode 100644
index 0000000..7c6bf3a
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1042:
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/gshadow b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/gshadow
new file mode 100644
index 0000000..0586f95
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:x::
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/common-password b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/newusers b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/passwd b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/passwd
new file mode 100644
index 0000000..26d70f2
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1042:1042::/:/bin/false
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/config/etc/shadow b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/shadow
new file mode 100644
index 0000000..aa523bd
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/data/group b/tests/newusers/09_create_user_pid-as-user-bar/data/group
new file mode 100644
index 0000000..90da8d7
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1042:
+foo:x:1043:
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/data/gshadow b/tests/newusers/09_create_user_pid-as-user-bar/data/gshadow
new file mode 100644
index 0000000..d11bb83
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:x::
+foo:*::
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/data/newusers.list b/tests/newusers/09_create_user_pid-as-user-bar/data/newusers.list
new file mode 100644
index 0000000..5685534
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:bar::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/data/passwd b/tests/newusers/09_create_user_pid-as-user-bar/data/passwd
new file mode 100644
index 0000000..5f9155b
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1042:1042::/:/bin/false
+foo:x:1042:1043:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/data/shadow b/tests/newusers/09_create_user_pid-as-user-bar/data/shadow
new file mode 100644
index 0000000..28046f8
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/data/shadow
@@ -0,0 +1,21 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/09_create_user_pid-as-user-bar/newusers.test b/tests/newusers/09_create_user_pid-as-user-bar/newusers.test
new file mode 100755
index 0000000..93deeb2
--- /dev/null
+++ b/tests/newusers/09_create_user_pid-as-user-bar/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with the pid of a named user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config.txt b/tests/newusers/10_create_user_gid-as-group-bar/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/config.txt
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/group b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/group
new file mode 100644
index 0000000..4e6b697
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1043:
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/gshadow b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/gshadow
new file mode 100644
index 0000000..0586f95
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:x::
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/common-password b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/newusers b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/passwd b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/passwd
new file mode 100644
index 0000000..901ce16
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1042:1043::/:/bin/false
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/config/etc/shadow b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/shadow
new file mode 100644
index 0000000..aa523bd
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/data/newusers.list b/tests/newusers/10_create_user_gid-as-group-bar/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/data/passwd b/tests/newusers/10_create_user_gid-as-group-bar/data/passwd
new file mode 100644
index 0000000..e474273
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1042:1043::/:/bin/false
+foo:x:1043:1043:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/data/shadow b/tests/newusers/10_create_user_gid-as-group-bar/data/shadow
new file mode 100644
index 0000000..28046f8
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/data/shadow
@@ -0,0 +1,21 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/10_create_user_gid-as-group-bar/newusers.test b/tests/newusers/10_create_user_gid-as-group-bar/newusers.test
new file mode 100755
index 0000000..ba852a4
--- /dev/null
+++ b/tests/newusers/10_create_user_gid-as-group-bar/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with the gid of a named group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/11_update_gecos/config.txt b/tests/newusers/11_update_gecos/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/11_update_gecos/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/11_update_gecos/config/etc/group b/tests/newusers/11_update_gecos/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/11_update_gecos/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/11_update_gecos/config/etc/gshadow b/tests/newusers/11_update_gecos/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/11_update_gecos/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/11_update_gecos/config/etc/pam.d/common-password b/tests/newusers/11_update_gecos/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/11_update_gecos/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/11_update_gecos/config/etc/pam.d/newusers b/tests/newusers/11_update_gecos/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/11_update_gecos/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/11_update_gecos/config/etc/passwd b/tests/newusers/11_update_gecos/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/11_update_gecos/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/11_update_gecos/config/etc/shadow b/tests/newusers/11_update_gecos/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/11_update_gecos/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/11_update_gecos/data/newusers.list b/tests/newusers/11_update_gecos/data/newusers.list
new file mode 100644
index 0000000..d4ac60c
--- /dev/null
+++ b/tests/newusers/11_update_gecos/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field - updated::/bin/sh
diff --git a/tests/newusers/11_update_gecos/data/passwd b/tests/newusers/11_update_gecos/data/passwd
new file mode 100644
index 0000000..c84bc61
--- /dev/null
+++ b/tests/newusers/11_update_gecos/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field - updated::/bin/sh
diff --git a/tests/newusers/11_update_gecos/data/shadow b/tests/newusers/11_update_gecos/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/11_update_gecos/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/11_update_gecos/newusers.test b/tests/newusers/11_update_gecos/newusers.test
new file mode 100755
index 0000000..fb57724
--- /dev/null
+++ b/tests/newusers/11_update_gecos/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the gecos of an existing user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/12_update_shell/config.txt b/tests/newusers/12_update_shell/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/12_update_shell/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/12_update_shell/config/etc/group b/tests/newusers/12_update_shell/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/12_update_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/12_update_shell/config/etc/gshadow b/tests/newusers/12_update_shell/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/12_update_shell/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/12_update_shell/config/etc/pam.d/common-password b/tests/newusers/12_update_shell/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/12_update_shell/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/12_update_shell/config/etc/pam.d/newusers b/tests/newusers/12_update_shell/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/12_update_shell/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/12_update_shell/config/etc/passwd b/tests/newusers/12_update_shell/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/12_update_shell/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/12_update_shell/config/etc/shadow b/tests/newusers/12_update_shell/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/12_update_shell/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/12_update_shell/data/newusers.list b/tests/newusers/12_update_shell/data/newusers.list
new file mode 100644
index 0000000..55add69
--- /dev/null
+++ b/tests/newusers/12_update_shell/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field::/bin/bash
diff --git a/tests/newusers/12_update_shell/data/passwd b/tests/newusers/12_update_shell/data/passwd
new file mode 100644
index 0000000..8fc494c
--- /dev/null
+++ b/tests/newusers/12_update_shell/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/bash
diff --git a/tests/newusers/12_update_shell/data/shadow b/tests/newusers/12_update_shell/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/12_update_shell/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/12_update_shell/newusers.test b/tests/newusers/12_update_shell/newusers.test
new file mode 100755
index 0000000..aca2591
--- /dev/null
+++ b/tests/newusers/12_update_shell/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the shell of an existing user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/13_create_user_new-home/config.txt b/tests/newusers/13_create_user_new-home/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/config.txt
diff --git a/tests/newusers/13_create_user_new-home/config/etc/group b/tests/newusers/13_create_user_new-home/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/13_create_user_new-home/config/etc/gshadow b/tests/newusers/13_create_user_new-home/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/13_create_user_new-home/config/etc/pam.d/common-password b/tests/newusers/13_create_user_new-home/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/13_create_user_new-home/config/etc/pam.d/newusers b/tests/newusers/13_create_user_new-home/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/13_create_user_new-home/config/etc/passwd b/tests/newusers/13_create_user_new-home/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/13_create_user_new-home/config/etc/shadow b/tests/newusers/13_create_user_new-home/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/13_create_user_new-home/data/group b/tests/newusers/13_create_user_new-home/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/13_create_user_new-home/data/gshadow b/tests/newusers/13_create_user_new-home/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/13_create_user_new-home/data/home_ls-a b/tests/newusers/13_create_user_new-home/data/home_ls-a
new file mode 100644
index 0000000..81b7cb2
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/data/home_ls-a
@@ -0,0 +1,2 @@
+drwxr-xr-x foo:foo `/tmp/test-newusers/.'
+drwxrwxrwt root:root `/tmp/test-newusers/..'
diff --git a/tests/newusers/13_create_user_new-home/data/newusers.list b/tests/newusers/13_create_user_new-home/data/newusers.list
new file mode 100644
index 0000000..d2dacfd
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field:/tmp/test-newusers:/bin/sh
diff --git a/tests/newusers/13_create_user_new-home/data/passwd b/tests/newusers/13_create_user_new-home/data/passwd
new file mode 100644
index 0000000..a6c525b
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field:/tmp/test-newusers:/bin/sh
diff --git a/tests/newusers/13_create_user_new-home/data/shadow b/tests/newusers/13_create_user_new-home/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/13_create_user_new-home/newusers.test b/tests/newusers/13_create_user_new-home/newusers.test
new file mode 100755
index 0000000..3a693c1
--- /dev/null
+++ b/tests/newusers/13_create_user_new-home/newusers.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers creates the user's home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Home directory does not exist yet..."
+test ! -d /tmp/test-newusers
+echo "OK"
+
+trap 'log_status "$0" "FAILURE"; rm -rf /tmp/test-newusers; restore_config' 0
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+echo -n "Home directory was created..."
+test -d /tmp/test-newusers
+echo "OK"
+
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %U:%G %N\n" /tmp/test-newusers/* /tmp/test-newusers/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+
+echo -n "Removing home directory..."
+rm -rf /tmp/test-newusers
+echo "OK"
+
+# cleanup
+rm -f tmp/home_ls-a
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/14_create_user_existing-home/config.txt b/tests/newusers/14_create_user_existing-home/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/config.txt
diff --git a/tests/newusers/14_create_user_existing-home/config/etc/group b/tests/newusers/14_create_user_existing-home/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/14_create_user_existing-home/config/etc/gshadow b/tests/newusers/14_create_user_existing-home/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/14_create_user_existing-home/config/etc/pam.d/common-password b/tests/newusers/14_create_user_existing-home/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/14_create_user_existing-home/config/etc/pam.d/newusers b/tests/newusers/14_create_user_existing-home/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/14_create_user_existing-home/config/etc/passwd b/tests/newusers/14_create_user_existing-home/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/14_create_user_existing-home/config/etc/shadow b/tests/newusers/14_create_user_existing-home/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/14_create_user_existing-home/data/group b/tests/newusers/14_create_user_existing-home/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/14_create_user_existing-home/data/gshadow b/tests/newusers/14_create_user_existing-home/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/14_create_user_existing-home/data/home_ls-a b/tests/newusers/14_create_user_existing-home/data/home_ls-a
new file mode 100644
index 0000000..50cd7c4
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/data/home_ls-a
@@ -0,0 +1,2 @@
+drwxr-xr-x root:root `/tmp/test-newusers/.'
+drwxrwxrwt root:root `/tmp/test-newusers/..'
diff --git a/tests/newusers/14_create_user_existing-home/data/newusers.list b/tests/newusers/14_create_user_existing-home/data/newusers.list
new file mode 100644
index 0000000..d2dacfd
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field:/tmp/test-newusers:/bin/sh
diff --git a/tests/newusers/14_create_user_existing-home/data/passwd b/tests/newusers/14_create_user_existing-home/data/passwd
new file mode 100644
index 0000000..a6c525b
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field:/tmp/test-newusers:/bin/sh
diff --git a/tests/newusers/14_create_user_existing-home/data/shadow b/tests/newusers/14_create_user_existing-home/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/14_create_user_existing-home/newusers.test b/tests/newusers/14_create_user_existing-home/newusers.test
new file mode 100755
index 0000000..1410aa2
--- /dev/null
+++ b/tests/newusers/14_create_user_existing-home/newusers.test
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with an existing home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Home directory does not exist yet..."
+test ! -d /tmp/test-newusers
+echo "OK"
+
+mkdir /tmp/test-newusers
+
+trap 'log_status "$0" "FAILURE"; rm -rf /tmp/test-newusers; restore_config' 0
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+echo -n "Home directory was created..."
+test -d /tmp/test-newusers
+echo "OK"
+
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %U:%G %N\n" /tmp/test-newusers/* /tmp/test-newusers/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+
+echo -n "Removing home directory..."
+rm -rf /tmp/test-newusers
+echo "OK"
+
+# cleanup
+rm -f tmp/home_ls-a
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/15_update_new-home/config.txt b/tests/newusers/15_update_new-home/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/15_update_new-home/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/15_update_new-home/config/etc/group b/tests/newusers/15_update_new-home/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/15_update_new-home/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/15_update_new-home/config/etc/gshadow b/tests/newusers/15_update_new-home/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/15_update_new-home/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/15_update_new-home/config/etc/pam.d/common-password b/tests/newusers/15_update_new-home/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/15_update_new-home/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/15_update_new-home/config/etc/pam.d/newusers b/tests/newusers/15_update_new-home/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/15_update_new-home/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/15_update_new-home/config/etc/passwd b/tests/newusers/15_update_new-home/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/15_update_new-home/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/15_update_new-home/config/etc/shadow b/tests/newusers/15_update_new-home/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/15_update_new-home/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/15_update_new-home/data/home_ls-a b/tests/newusers/15_update_new-home/data/home_ls-a
new file mode 100644
index 0000000..81b7cb2
--- /dev/null
+++ b/tests/newusers/15_update_new-home/data/home_ls-a
@@ -0,0 +1,2 @@
+drwxr-xr-x foo:foo `/tmp/test-newusers/.'
+drwxrwxrwt root:root `/tmp/test-newusers/..'
diff --git a/tests/newusers/15_update_new-home/data/newusers.list b/tests/newusers/15_update_new-home/data/newusers.list
new file mode 100644
index 0000000..b2025de
--- /dev/null
+++ b/tests/newusers/15_update_new-home/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field:/tmp/test-newusers:/bin/bash
diff --git a/tests/newusers/15_update_new-home/data/passwd b/tests/newusers/15_update_new-home/data/passwd
new file mode 100644
index 0000000..1db48b7
--- /dev/null
+++ b/tests/newusers/15_update_new-home/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field:/tmp/test-newusers:/bin/bash
diff --git a/tests/newusers/15_update_new-home/data/shadow b/tests/newusers/15_update_new-home/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/15_update_new-home/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/15_update_new-home/newusers.test b/tests/newusers/15_update_new-home/newusers.test
new file mode 100755
index 0000000..bc20ecf
--- /dev/null
+++ b/tests/newusers/15_update_new-home/newusers.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+# TODO: check what happens to the old home
+log_start "$0" "newusers can update the home directory of an user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Home directory does not exist yet..."
+test ! -d /tmp/test-newusers
+echo "OK"
+
+trap 'log_status "$0" "FAILURE"; rm -rf /tmp/test-newusers; restore_config' 0
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+echo -n "Home directory was created..."
+test -d /tmp/test-newusers
+echo "OK"
+
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %U:%G %N\n" /tmp/test-newusers/* /tmp/test-newusers/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+
+echo -n "Removing home directory..."
+rm -rf /tmp/test-newusers
+echo "OK"
+
+# cleanup
+rm -f tmp/home_ls-a
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/16_update_existing-home/config.txt b/tests/newusers/16_update_existing-home/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/16_update_existing-home/config/etc/group b/tests/newusers/16_update_existing-home/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/16_update_existing-home/config/etc/gshadow b/tests/newusers/16_update_existing-home/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/16_update_existing-home/config/etc/pam.d/common-password b/tests/newusers/16_update_existing-home/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/16_update_existing-home/config/etc/pam.d/newusers b/tests/newusers/16_update_existing-home/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/16_update_existing-home/config/etc/passwd b/tests/newusers/16_update_existing-home/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/16_update_existing-home/config/etc/shadow b/tests/newusers/16_update_existing-home/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/16_update_existing-home/data/home_ls-a b/tests/newusers/16_update_existing-home/data/home_ls-a
new file mode 100644
index 0000000..50cd7c4
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/data/home_ls-a
@@ -0,0 +1,2 @@
+drwxr-xr-x root:root `/tmp/test-newusers/.'
+drwxrwxrwt root:root `/tmp/test-newusers/..'
diff --git a/tests/newusers/16_update_existing-home/data/newusers.list b/tests/newusers/16_update_existing-home/data/newusers.list
new file mode 100644
index 0000000..b2025de
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field:/tmp/test-newusers:/bin/bash
diff --git a/tests/newusers/16_update_existing-home/data/passwd b/tests/newusers/16_update_existing-home/data/passwd
new file mode 100644
index 0000000..1db48b7
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field:/tmp/test-newusers:/bin/bash
diff --git a/tests/newusers/16_update_existing-home/data/shadow b/tests/newusers/16_update_existing-home/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/16_update_existing-home/newusers.test b/tests/newusers/16_update_existing-home/newusers.test
new file mode 100755
index 0000000..1d901fa
--- /dev/null
+++ b/tests/newusers/16_update_existing-home/newusers.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the home directory of an user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Home directory does not exist yet..."
+test ! -d /tmp/test-newusers
+echo "OK"
+
+mkdir /tmp/test-newusers
+trap 'log_status "$0" "FAILURE"; rm -rf /tmp/test-newusers; restore_config' 0
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+echo -n "Home directory was created..."
+test -d /tmp/test-newusers
+echo "OK"
+
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %U:%G %N\n" /tmp/test-newusers/* /tmp/test-newusers/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+
+echo -n "Removing home directory..."
+rm -rf /tmp/test-newusers
+echo "OK"
+
+# cleanup
+rm -f tmp/home_ls-a
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/17_create_user_pid-already-used/config.txt b/tests/newusers/17_create_user_pid-already-used/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/config.txt
diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/group b/tests/newusers/17_create_user_pid-already-used/config/etc/group
new file mode 100644
index 0000000..7c6bf3a
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1042:
diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/gshadow b/tests/newusers/17_create_user_pid-already-used/config/etc/gshadow
new file mode 100644
index 0000000..0586f95
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:x::
diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/common-password b/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/newusers b/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/passwd b/tests/newusers/17_create_user_pid-already-used/config/etc/passwd
new file mode 100644
index 0000000..26d70f2
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1042:1042::/:/bin/false
diff --git a/tests/newusers/17_create_user_pid-already-used/config/etc/shadow b/tests/newusers/17_create_user_pid-already-used/config/etc/shadow
new file mode 100644
index 0000000..aa523bd
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/newusers/17_create_user_pid-already-used/data/group b/tests/newusers/17_create_user_pid-already-used/data/group
new file mode 100644
index 0000000..90da8d7
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1042:
+foo:x:1043:
diff --git a/tests/newusers/17_create_user_pid-already-used/data/gshadow b/tests/newusers/17_create_user_pid-already-used/data/gshadow
new file mode 100644
index 0000000..d11bb83
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:x::
+foo:*::
diff --git a/tests/newusers/17_create_user_pid-already-used/data/newusers.list b/tests/newusers/17_create_user_pid-already-used/data/newusers.list
new file mode 100644
index 0000000..f1c75fe
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:1042::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/17_create_user_pid-already-used/data/passwd b/tests/newusers/17_create_user_pid-already-used/data/passwd
new file mode 100644
index 0000000..5f9155b
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1042:1042::/:/bin/false
+foo:x:1042:1043:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/17_create_user_pid-already-used/data/shadow b/tests/newusers/17_create_user_pid-already-used/data/shadow
new file mode 100644
index 0000000..28046f8
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/data/shadow
@@ -0,0 +1,21 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/17_create_user_pid-already-used/newusers.test b/tests/newusers/17_create_user_pid-already-used/newusers.test
new file mode 100755
index 0000000..8546a9b
--- /dev/null
+++ b/tests/newusers/17_create_user_pid-already-used/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with a pid already used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/18_create_user_gid-already-used/config.txt b/tests/newusers/18_create_user_gid-already-used/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/config.txt
diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/group b/tests/newusers/18_create_user_gid-already-used/config/etc/group
new file mode 100644
index 0000000..4e6b697
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1043:
diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/gshadow b/tests/newusers/18_create_user_gid-already-used/config/etc/gshadow
new file mode 100644
index 0000000..0586f95
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:x::
diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/common-password b/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/newusers b/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/passwd b/tests/newusers/18_create_user_gid-already-used/config/etc/passwd
new file mode 100644
index 0000000..901ce16
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1042:1043::/:/bin/false
diff --git a/tests/newusers/18_create_user_gid-already-used/config/etc/shadow b/tests/newusers/18_create_user_gid-already-used/config/etc/shadow
new file mode 100644
index 0000000..aa523bd
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/newusers/18_create_user_gid-already-used/data/newusers.list b/tests/newusers/18_create_user_gid-already-used/data/newusers.list
new file mode 100644
index 0000000..1714418
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::1043:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/18_create_user_gid-already-used/data/passwd b/tests/newusers/18_create_user_gid-already-used/data/passwd
new file mode 100644
index 0000000..e474273
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1042:1043::/:/bin/false
+foo:x:1043:1043:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/18_create_user_gid-already-used/data/shadow b/tests/newusers/18_create_user_gid-already-used/data/shadow
new file mode 100644
index 0000000..28046f8
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/data/shadow
@@ -0,0 +1,21 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/18_create_user_gid-already-used/newusers.test b/tests/newusers/18_create_user_gid-already-used/newusers.test
new file mode 100755
index 0000000..7b15be8
--- /dev/null
+++ b/tests/newusers/18_create_user_gid-already-used/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user with a gid already used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/19_update_keep-old-home/config.txt b/tests/newusers/19_update_keep-old-home/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/19_update_keep-old-home/config/etc/group b/tests/newusers/19_update_keep-old-home/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/19_update_keep-old-home/config/etc/gshadow b/tests/newusers/19_update_keep-old-home/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/19_update_keep-old-home/config/etc/pam.d/common-password b/tests/newusers/19_update_keep-old-home/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/19_update_keep-old-home/config/etc/pam.d/newusers b/tests/newusers/19_update_keep-old-home/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/19_update_keep-old-home/config/etc/passwd b/tests/newusers/19_update_keep-old-home/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/19_update_keep-old-home/config/etc/shadow b/tests/newusers/19_update_keep-old-home/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/19_update_keep-old-home/data/home_ls-a b/tests/newusers/19_update_keep-old-home/data/home_ls-a
new file mode 100644
index 0000000..85833ad
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/data/home_ls-a
@@ -0,0 +1,2 @@
+drwxr-xr-x foo:foo `/tmp/test-newusers2/.'
+drwxrwxrwt root:root `/tmp/test-newusers2/..'
diff --git a/tests/newusers/19_update_keep-old-home/data/home_ls-a.old b/tests/newusers/19_update_keep-old-home/data/home_ls-a.old
new file mode 100644
index 0000000..c8d0412
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/data/home_ls-a.old
@@ -0,0 +1,3 @@
+-rw-r--r-- root:root `/tmp/test-newusers/foo'
+drwxr-xr-x root:root `/tmp/test-newusers/.'
+drwxrwxrwt root:root `/tmp/test-newusers/..'
diff --git a/tests/newusers/19_update_keep-old-home/data/newusers.list b/tests/newusers/19_update_keep-old-home/data/newusers.list
new file mode 100644
index 0000000..7864ffe
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field:/tmp/test-newusers2:/bin/bash
diff --git a/tests/newusers/19_update_keep-old-home/data/passwd b/tests/newusers/19_update_keep-old-home/data/passwd
new file mode 100644
index 0000000..23cd129
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field:/tmp/test-newusers2:/bin/bash
diff --git a/tests/newusers/19_update_keep-old-home/data/shadow b/tests/newusers/19_update_keep-old-home/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/19_update_keep-old-home/newusers.test b/tests/newusers/19_update_keep-old-home/newusers.test
new file mode 100755
index 0000000..74eea45
--- /dev/null
+++ b/tests/newusers/19_update_keep-old-home/newusers.test
@@ -0,0 +1,69 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+# I don't know if it's really a feature
+log_start "$0" "newusers keeps the old home when changing the home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Home directory does not exist yet..."
+test ! -d /tmp/test-newusers
+echo "OK"
+
+mkdir /tmp/test-newusers
+echo foo > /tmp/test-newusers/foo
+trap 'log_status "$0" "FAILURE"; rm -rf /tmp/test-newusers; restore_config' 0
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+echo -n "Home directory was created..."
+test -d /tmp/test-newusers2
+echo "OK"
+echo -n "Old home directory is still there..."
+test -d /tmp/test-newusers
+echo "OK"
+
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %U:%G %N\n" /tmp/test-newusers/* /tmp/test-newusers/.* 2>/dev/null | sort > tmp/home_ls-a.old
+diff -rauN data/home_ls-a.old tmp/home_ls-a.old
+echo "OK"
+echo -n "Check content of /tmp/test-newusers2..."
+stat --printf "%A %U:%G %N\n" /tmp/test-newusers2/* /tmp/test-newusers2/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+
+echo -n "Removing home directories..."
+rm -rf /tmp/test-newusers /tmp/test-newusers2
+echo "OK"
+
+# cleanup
+rm -f tmp/home_ls-a tmp/home_ls-a.old
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/20_multiple_users/config.txt b/tests/newusers/20_multiple_users/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/20_multiple_users/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/20_multiple_users/config/etc/group b/tests/newusers/20_multiple_users/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/20_multiple_users/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/20_multiple_users/config/etc/gshadow b/tests/newusers/20_multiple_users/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/20_multiple_users/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/20_multiple_users/config/etc/pam.d/common-password b/tests/newusers/20_multiple_users/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/20_multiple_users/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/20_multiple_users/config/etc/pam.d/newusers b/tests/newusers/20_multiple_users/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/20_multiple_users/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/20_multiple_users/config/etc/passwd b/tests/newusers/20_multiple_users/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/20_multiple_users/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/20_multiple_users/config/etc/shadow b/tests/newusers/20_multiple_users/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/20_multiple_users/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/20_multiple_users/data/group b/tests/newusers/20_multiple_users/data/group
new file mode 100644
index 0000000..ee3ddc0
--- /dev/null
+++ b/tests/newusers/20_multiple_users/data/group
@@ -0,0 +1,58 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
+foo1:x:1000:
+foo1a:x:1001:
+foo2:x:2000:
+foo3:x:2001:
+foo4:x:3000:
+foo5:x:3005:
+foo6:x:3002:
+foo7:x:61000:
+foo8:x:3003:
+foo9:x:3006:
+foo10:x:3004:
+foo11:x:63000:
+foo12:x:3007:
+foo13:x:3008:
+foo14:x:59000:
+foo15:x:59001:
diff --git a/tests/newusers/20_multiple_users/data/gshadow b/tests/newusers/20_multiple_users/data/gshadow
new file mode 100644
index 0000000..37b6caa
--- /dev/null
+++ b/tests/newusers/20_multiple_users/data/gshadow
@@ -0,0 +1,57 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
+foo1a:*::
+foo2:*::
+foo3:*::
+foo4:*::
+foo5:*::
+foo6:*::
+foo7:*::
+foo8:*::
+foo9:*::
+foo10:*::
+foo11:*::
+foo12:*::
+foo13:*::
+foo14:*::
+foo15:*::
diff --git a/tests/newusers/20_multiple_users/data/newusers.list b/tests/newusers/20_multiple_users/data/newusers.list
new file mode 100644
index 0000000..68d54c2
--- /dev/null
+++ b/tests/newusers/20_multiple_users/data/newusers.list
@@ -0,0 +1,17 @@
+foo1:foo1Pass:::User Foo - Gecos Field::/bin/sh
+foo1a:foo1aPas:foo1::User Foo - Gecos Field::/bin/sh
+foo1b:foo1bPas::foo1a:User Foo - Gecos Field::/bin/sh
+foo2:foo2Pass:2000:2000:User Foo - Gecos Field::/bin/sh
+foo3:foo3Pass:::User Foo - Gecos Field::/bin/sh
+foo4:foo4Pass:3000::User Foo - Gecos Field::/bin/sh
+foo5:foo5Pass::3005:User Foo - Gecos Field::/bin/sh
+foo6:foo6Pass:::User Foo - Gecos Field::/bin/sh
+foo7:foo7Pass:61000:61000:User Foo - Gecos Field::/bin/sh
+foo8:foo8Pass:::User Foo - Gecos Field::/bin/sh
+foo9:foo9Pass:62000::User Foo - Gecos Field::/bin/sh
+foo10:foo10Pas:::User Foo - Gecos Field::/bin/sh
+foo11:foo11Pas::63000:User Foo - Gecos Field::/bin/sh
+foo12:foo12Pas:::User Foo - Gecos Field::/bin/sh
+foo13:foo13Pas:::User Foo - Gecos Field::/bin/sh
+foo14:foo14Pas:59000::User Foo - Gecos Field::/bin/sh
+foo15:foo15Pas:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/20_multiple_users/data/passwd b/tests/newusers/20_multiple_users/data/passwd
new file mode 100644
index 0000000..1dde7d5
--- /dev/null
+++ b/tests/newusers/20_multiple_users/data/passwd
@@ -0,0 +1,37 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
+foo1:x:1000:1000:User Foo - Gecos Field::/bin/sh
+foo1a:x:1000:1001:User Foo - Gecos Field::/bin/sh
+foo1b:x:1001:1001:User Foo - Gecos Field::/bin/sh
+foo2:x:2000:2000:User Foo - Gecos Field::/bin/sh
+foo3:x:2001:2001:User Foo - Gecos Field::/bin/sh
+foo4:x:3000:3000:User Foo - Gecos Field::/bin/sh
+foo5:x:3001:3005:User Foo - Gecos Field::/bin/sh
+foo6:x:3002:3002:User Foo - Gecos Field::/bin/sh
+foo7:x:61000:61000:User Foo - Gecos Field::/bin/sh
+foo8:x:3003:3003:User Foo - Gecos Field::/bin/sh
+foo9:x:62000:3006:User Foo - Gecos Field::/bin/sh
+foo10:x:3004:3004:User Foo - Gecos Field::/bin/sh
+foo11:x:3005:63000:User Foo - Gecos Field::/bin/sh
+foo12:x:3006:3007:User Foo - Gecos Field::/bin/sh
+foo13:x:3007:3008:User Foo - Gecos Field::/bin/sh
+foo14:x:59000:59000:User Foo - Gecos Field::/bin/sh
+foo15:x:59001:59001:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/20_multiple_users/data/shadow b/tests/newusers/20_multiple_users/data/shadow
new file mode 100644
index 0000000..f77568e
--- /dev/null
+++ b/tests/newusers/20_multiple_users/data/shadow
@@ -0,0 +1,37 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
+foo1:@PASS_DES foo1Pass@:@TODAY@:0:99999:7:::
+foo1a:@PASS_DES foo1aPas@:@TODAY@:0:99999:7:::
+foo1b:@PASS_DES foo1bPas@:@TODAY@:0:99999:7:::
+foo2:@PASS_DES foo2Pass@:@TODAY@:0:99999:7:::
+foo3:@PASS_DES foo3Pass@:@TODAY@:0:99999:7:::
+foo4:@PASS_DES foo4Pass@:@TODAY@:0:99999:7:::
+foo5:@PASS_DES foo5Pass@:@TODAY@:0:99999:7:::
+foo6:@PASS_DES foo6Pass@:@TODAY@:0:99999:7:::
+foo7:@PASS_DES foo7Pass@:@TODAY@:0:99999:7:::
+foo8:@PASS_DES foo8Pass@:@TODAY@:0:99999:7:::
+foo9:@PASS_DES foo9Pass@:@TODAY@:0:99999:7:::
+foo10:@PASS_DES foo10Pas@:@TODAY@:0:99999:7:::
+foo11:@PASS_DES foo11Pas@:@TODAY@:0:99999:7:::
+foo12:@PASS_DES foo12Pas@:@TODAY@:0:99999:7:::
+foo13:@PASS_DES foo13Pas@:@TODAY@:0:99999:7:::
+foo14:@PASS_DES foo14Pas@:@TODAY@:0:99999:7:::
+foo15:@PASS_DES foo15Pas@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/20_multiple_users/newusers.test b/tests/newusers/20_multiple_users/newusers.test
new file mode 100755
index 0000000..8868f63
--- /dev/null
+++ b/tests/newusers/20_multiple_users/newusers.test
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can add multiple users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+cp /etc/shadow /tmp
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/21_create_user_UID_MAX/config.txt b/tests/newusers/21_create_user_UID_MAX/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/config.txt
diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/group b/tests/newusers/21_create_user_UID_MAX/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/gshadow b/tests/newusers/21_create_user_UID_MAX/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/common-password b/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/newusers b/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/passwd b/tests/newusers/21_create_user_UID_MAX/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/21_create_user_UID_MAX/config/etc/shadow b/tests/newusers/21_create_user_UID_MAX/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/21_create_user_UID_MAX/data/group b/tests/newusers/21_create_user_UID_MAX/data/group
new file mode 100644
index 0000000..f1809d9
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:60000:
+foo2:x:1000:
diff --git a/tests/newusers/21_create_user_UID_MAX/data/gshadow b/tests/newusers/21_create_user_UID_MAX/data/gshadow
new file mode 100644
index 0000000..5e2c5d3
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
+foo2:*::
diff --git a/tests/newusers/21_create_user_UID_MAX/data/newusers.list b/tests/newusers/21_create_user_UID_MAX/data/newusers.list
new file mode 100644
index 0000000..30e9ec4
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/data/newusers.list
@@ -0,0 +1,2 @@
+foo1:foo1Pass:60000::User Foo - Gecos Field::/bin/sh
+foo2:foo2Pass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/21_create_user_UID_MAX/data/passwd b/tests/newusers/21_create_user_UID_MAX/data/passwd
new file mode 100644
index 0000000..0af03d5
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:60000:60000:User Foo - Gecos Field::/bin/sh
+foo2:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/21_create_user_UID_MAX/data/shadow b/tests/newusers/21_create_user_UID_MAX/data/shadow
new file mode 100644
index 0000000..e33ca21
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/data/shadow
@@ -0,0 +1,21 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:@PASS_DES foo1Pass@:@TODAY@:0:99999:7:::
+foo2:@PASS_DES foo2Pass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/21_create_user_UID_MAX/newusers.test b/tests/newusers/21_create_user_UID_MAX/newusers.test
new file mode 100755
index 0000000..bb0e4cf
--- /dev/null
+++ b/tests/newusers/21_create_user_UID_MAX/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers reuses a lower UID when UID_MAX is used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/22_create_user_GID_MAX/config.txt b/tests/newusers/22_create_user_GID_MAX/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/config.txt
diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/group b/tests/newusers/22_create_user_GID_MAX/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/gshadow b/tests/newusers/22_create_user_GID_MAX/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/common-password b/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/newusers b/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/passwd b/tests/newusers/22_create_user_GID_MAX/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/22_create_user_GID_MAX/config/etc/shadow b/tests/newusers/22_create_user_GID_MAX/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/22_create_user_GID_MAX/data/group b/tests/newusers/22_create_user_GID_MAX/data/group
new file mode 100644
index 0000000..f1809d9
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:60000:
+foo2:x:1000:
diff --git a/tests/newusers/22_create_user_GID_MAX/data/gshadow b/tests/newusers/22_create_user_GID_MAX/data/gshadow
new file mode 100644
index 0000000..5e2c5d3
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
+foo2:*::
diff --git a/tests/newusers/22_create_user_GID_MAX/data/newusers.list b/tests/newusers/22_create_user_GID_MAX/data/newusers.list
new file mode 100644
index 0000000..08a2eff
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/data/newusers.list
@@ -0,0 +1,2 @@
+foo1:foo1Pass::60000:User Foo - Gecos Field::/bin/sh
+foo2:foo2Pass:60000::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/22_create_user_GID_MAX/data/passwd b/tests/newusers/22_create_user_GID_MAX/data/passwd
new file mode 100644
index 0000000..7f7ec76
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:60000:User Foo - Gecos Field::/bin/sh
+foo2:x:60000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/22_create_user_GID_MAX/data/shadow b/tests/newusers/22_create_user_GID_MAX/data/shadow
new file mode 100644
index 0000000..e33ca21
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/data/shadow
@@ -0,0 +1,21 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:@PASS_DES foo1Pass@:@TODAY@:0:99999:7:::
+foo2:@PASS_DES foo2Pass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/22_create_user_GID_MAX/newusers.test b/tests/newusers/22_create_user_GID_MAX/newusers.test
new file mode 100755
index 0000000..e07b081
--- /dev/null
+++ b/tests/newusers/22_create_user_GID_MAX/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers reuses a lower GID when GID_MAX is used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/23_create_user_error_negativ_UID/config.txt b/tests/newusers/23_create_user_error_negativ_UID/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/23_create_user_error_negativ_UID/config.txt
diff --git a/tests/newusers/23_create_user_error_negativ_UID/config/etc/group b/tests/newusers/23_create_user_error_negativ_UID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/23_create_user_error_negativ_UID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/23_create_user_error_negativ_UID/config/etc/gshadow b/tests/newusers/23_create_user_error_negativ_UID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/23_create_user_error_negativ_UID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/23_create_user_error_negativ_UID/config/etc/passwd b/tests/newusers/23_create_user_error_negativ_UID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/23_create_user_error_negativ_UID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/23_create_user_error_negativ_UID/config/etc/shadow b/tests/newusers/23_create_user_error_negativ_UID/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/23_create_user_error_negativ_UID/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/23_create_user_error_negativ_UID/data/newusers.err b/tests/newusers/23_create_user_error_negativ_UID/data/newusers.err
new file mode 100644
index 0000000..d19a181
--- /dev/null
+++ b/tests/newusers/23_create_user_error_negativ_UID/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: user '-1' does not exist
+newusers: line 1: can't create user
+newusers: error detected, changes ignored
diff --git a/tests/newusers/23_create_user_error_negativ_UID/data/newusers.list b/tests/newusers/23_create_user_error_negativ_UID/data/newusers.list
new file mode 100644
index 0000000..16f7a03
--- /dev/null
+++ b/tests/newusers/23_create_user_error_negativ_UID/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:-1::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/23_create_user_error_negativ_UID/newusers.test b/tests/newusers/23_create_user_error_negativ_UID/newusers.test
new file mode 100755
index 0000000..6970422
--- /dev/null
+++ b/tests/newusers/23_create_user_error_negativ_UID/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails with negativ UID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/24_create_user_error_invalid_UID/config.txt b/tests/newusers/24_create_user_error_invalid_UID/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/24_create_user_error_invalid_UID/config.txt
diff --git a/tests/newusers/24_create_user_error_invalid_UID/config/etc/group b/tests/newusers/24_create_user_error_invalid_UID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/24_create_user_error_invalid_UID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/24_create_user_error_invalid_UID/config/etc/gshadow b/tests/newusers/24_create_user_error_invalid_UID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/24_create_user_error_invalid_UID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/24_create_user_error_invalid_UID/config/etc/passwd b/tests/newusers/24_create_user_error_invalid_UID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/24_create_user_error_invalid_UID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/24_create_user_error_invalid_UID/config/etc/shadow b/tests/newusers/24_create_user_error_invalid_UID/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/24_create_user_error_invalid_UID/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/24_create_user_error_invalid_UID/data/newusers.err b/tests/newusers/24_create_user_error_invalid_UID/data/newusers.err
new file mode 100644
index 0000000..d31a570
--- /dev/null
+++ b/tests/newusers/24_create_user_error_invalid_UID/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: invalid user ID '1foo'
+newusers: line 1: can't create user
+newusers: error detected, changes ignored
diff --git a/tests/newusers/24_create_user_error_invalid_UID/data/newusers.list b/tests/newusers/24_create_user_error_invalid_UID/data/newusers.list
new file mode 100644
index 0000000..11bf6b7
--- /dev/null
+++ b/tests/newusers/24_create_user_error_invalid_UID/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:1foo::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/24_create_user_error_invalid_UID/newusers.test b/tests/newusers/24_create_user_error_invalid_UID/newusers.test
new file mode 100755
index 0000000..33d4c8b
--- /dev/null
+++ b/tests/newusers/24_create_user_error_invalid_UID/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails with invalid UID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config.txt b/tests/newusers/25_create_user_error_no_remaining_UID/config.txt
new file mode 100644
index 0000000..63f3a93
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/config.txt
@@ -0,0 +1,2 @@
+UID_MIN			 1000
+UID_MAX			 1001
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/group b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/gshadow b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/login.defs b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/login.defs
new file mode 100644
index 0000000..d404e72
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			 1001
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/passwd b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/shadow b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.err b/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.err
new file mode 100644
index 0000000..e12137f
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: Can't get unique UID (no more available UIDs)
+newusers: line 3: can't create user
+newusers: error detected, changes ignored
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.list b/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.list
new file mode 100644
index 0000000..8d89304
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/data/newusers.list
@@ -0,0 +1,3 @@
+foo1:foo1Pass:::User Foo - Gecos Field::/bin/sh
+foo2:foo2Pass:::User Foo - Gecos Field::/bin/sh
+foo3:foo3Pass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/25_create_user_error_no_remaining_UID/newusers.test b/tests/newusers/25_create_user_error_no_remaining_UID/newusers.test
new file mode 100755
index 0000000..6412388
--- /dev/null
+++ b/tests/newusers/25_create_user_error_no_remaining_UID/newusers.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails when there are no more available UIDs"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+echo "newusers returned status '$status'"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config.txt b/tests/newusers/26_create_user_error_no_remaining_GID/config.txt
new file mode 100644
index 0000000..06fe808
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/config.txt
@@ -0,0 +1,4 @@
+UID_MIN			 1000
+UID_MAX			 1002
+GID_MIN			 1000
+GID_MAX			 1001
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/group b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/gshadow b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/login.defs b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/login.defs
new file mode 100644
index 0000000..67a0296
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			 1002
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			 1001
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/passwd b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/shadow b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.err b/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.err
new file mode 100644
index 0000000..1c50637
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: Can't get unique GID (no more available GIDs)
+newusers: line 3: can't create group
+newusers: error detected, changes ignored
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.list b/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.list
new file mode 100644
index 0000000..8d89304
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/data/newusers.list
@@ -0,0 +1,3 @@
+foo1:foo1Pass:::User Foo - Gecos Field::/bin/sh
+foo2:foo2Pass:::User Foo - Gecos Field::/bin/sh
+foo3:foo3Pass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/26_create_user_error_no_remaining_GID/newusers.test b/tests/newusers/26_create_user_error_no_remaining_GID/newusers.test
new file mode 100755
index 0000000..f4c9683
--- /dev/null
+++ b/tests/newusers/26_create_user_error_no_remaining_GID/newusers.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails when there are no more available GIDs"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+echo "newusers returned status '$status'"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/27_create_user_error_invalid_username/config.txt b/tests/newusers/27_create_user_error_invalid_username/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/27_create_user_error_invalid_username/config.txt
diff --git a/tests/newusers/27_create_user_error_invalid_username/config/etc/group b/tests/newusers/27_create_user_error_invalid_username/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/27_create_user_error_invalid_username/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/27_create_user_error_invalid_username/config/etc/gshadow b/tests/newusers/27_create_user_error_invalid_username/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/27_create_user_error_invalid_username/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/27_create_user_error_invalid_username/config/etc/passwd b/tests/newusers/27_create_user_error_invalid_username/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/27_create_user_error_invalid_username/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/27_create_user_error_invalid_username/config/etc/shadow b/tests/newusers/27_create_user_error_invalid_username/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/27_create_user_error_invalid_username/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/27_create_user_error_invalid_username/data/newusers.err b/tests/newusers/27_create_user_error_invalid_username/data/newusers.err
new file mode 100644
index 0000000..1781a93
--- /dev/null
+++ b/tests/newusers/27_create_user_error_invalid_username/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: invalid group name 'f o o'
+newusers: line 1: can't create group
+newusers: error detected, changes ignored
diff --git a/tests/newusers/27_create_user_error_invalid_username/data/newusers.list b/tests/newusers/27_create_user_error_invalid_username/data/newusers.list
new file mode 100644
index 0000000..9b2d68b
--- /dev/null
+++ b/tests/newusers/27_create_user_error_invalid_username/data/newusers.list
@@ -0,0 +1 @@
+f o o:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/27_create_user_error_invalid_username/newusers.test b/tests/newusers/27_create_user_error_invalid_username/newusers.test
new file mode 100755
index 0000000..7ba2780
--- /dev/null
+++ b/tests/newusers/27_create_user_error_invalid_username/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails if the username is invalid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/28_create_user_error_invalid_groupname/config.txt b/tests/newusers/28_create_user_error_invalid_groupname/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/28_create_user_error_invalid_groupname/config.txt
diff --git a/tests/newusers/28_create_user_error_invalid_groupname/config/etc/group b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/28_create_user_error_invalid_groupname/config/etc/gshadow b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/28_create_user_error_invalid_groupname/config/etc/passwd b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/28_create_user_error_invalid_groupname/config/etc/shadow b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/28_create_user_error_invalid_groupname/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.err b/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.err
new file mode 100644
index 0000000..1781a93
--- /dev/null
+++ b/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: invalid group name 'f o o'
+newusers: line 1: can't create group
+newusers: error detected, changes ignored
diff --git a/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.list b/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.list
new file mode 100644
index 0000000..f57cf94
--- /dev/null
+++ b/tests/newusers/28_create_user_error_invalid_groupname/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::f o o:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/28_create_user_error_invalid_groupname/newusers.test b/tests/newusers/28_create_user_error_invalid_groupname/newusers.test
new file mode 100755
index 0000000..6503bf1
--- /dev/null
+++ b/tests/newusers/28_create_user_error_invalid_groupname/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails if the groupname is invalid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config.txt b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config.txt
diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/group b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/gshadow b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/passwd b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/shadow b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.err b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.err
new file mode 100644
index 0000000..420b076
--- /dev/null
+++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: invalid user name 'f o o'
+newusers: line 1: can't create user
+newusers: error detected, changes ignored
diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.list b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.list
new file mode 100644
index 0000000..6f74caf
--- /dev/null
+++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/data/newusers.list
@@ -0,0 +1 @@
+f o o:fooPass::foo:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/29_create_user_error_invalid_username_valid_groupname/newusers.test b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/newusers.test
new file mode 100755
index 0000000..9131db7
--- /dev/null
+++ b/tests/newusers/29_create_user_error_invalid_username_valid_groupname/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails if the username is invalid (even if groupname is valid)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/30_create_user_different_groupname/config.txt b/tests/newusers/30_create_user_different_groupname/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/config.txt
diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/group b/tests/newusers/30_create_user_different_groupname/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/gshadow b/tests/newusers/30_create_user_different_groupname/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/common-password b/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/newusers b/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/passwd b/tests/newusers/30_create_user_different_groupname/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/30_create_user_different_groupname/config/etc/shadow b/tests/newusers/30_create_user_different_groupname/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/30_create_user_different_groupname/data/group b/tests/newusers/30_create_user_different_groupname/data/group
new file mode 100644
index 0000000..75815b9
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:1000:
diff --git a/tests/newusers/30_create_user_different_groupname/data/gshadow b/tests/newusers/30_create_user_different_groupname/data/gshadow
new file mode 100644
index 0000000..e814af0
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/newusers/30_create_user_different_groupname/data/newusers.list b/tests/newusers/30_create_user_different_groupname/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/30_create_user_different_groupname/data/passwd b/tests/newusers/30_create_user_different_groupname/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/30_create_user_different_groupname/data/shadow b/tests/newusers/30_create_user_different_groupname/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/30_create_user_different_groupname/newusers.test b/tests/newusers/30_create_user_different_groupname/newusers.test
new file mode 100755
index 0000000..c5fd4bb
--- /dev/null
+++ b/tests/newusers/30_create_user_different_groupname/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user and new group with different names"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/31_create_user_error_invalid_GID/config.txt b/tests/newusers/31_create_user_error_invalid_GID/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/31_create_user_error_invalid_GID/config.txt
diff --git a/tests/newusers/31_create_user_error_invalid_GID/config/etc/group b/tests/newusers/31_create_user_error_invalid_GID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/31_create_user_error_invalid_GID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/31_create_user_error_invalid_GID/config/etc/gshadow b/tests/newusers/31_create_user_error_invalid_GID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/31_create_user_error_invalid_GID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/31_create_user_error_invalid_GID/config/etc/passwd b/tests/newusers/31_create_user_error_invalid_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/31_create_user_error_invalid_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/31_create_user_error_invalid_GID/config/etc/shadow b/tests/newusers/31_create_user_error_invalid_GID/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/31_create_user_error_invalid_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/31_create_user_error_invalid_GID/data/newusers.err b/tests/newusers/31_create_user_error_invalid_GID/data/newusers.err
new file mode 100644
index 0000000..8a425df
--- /dev/null
+++ b/tests/newusers/31_create_user_error_invalid_GID/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: invalid group ID '1foo'
+newusers: line 1: can't create group
+newusers: error detected, changes ignored
diff --git a/tests/newusers/31_create_user_error_invalid_GID/data/newusers.list b/tests/newusers/31_create_user_error_invalid_GID/data/newusers.list
new file mode 100644
index 0000000..09a2d0b
--- /dev/null
+++ b/tests/newusers/31_create_user_error_invalid_GID/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::1foo:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/31_create_user_error_invalid_GID/newusers.test b/tests/newusers/31_create_user_error_invalid_GID/newusers.test
new file mode 100755
index 0000000..01e701e
--- /dev/null
+++ b/tests/newusers/31_create_user_error_invalid_GID/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails with invalid GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/config.txt b/tests/newusers/32_create_user_error_gshadow_group_exists/config.txt
new file mode 100644
index 0000000..9f0f610
--- /dev/null
+++ b/tests/newusers/32_create_user_error_gshadow_group_exists/config.txt
@@ -0,0 +1 @@
+group bar exist in gshadow, not in group
diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/group b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/gshadow b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/gshadow
new file mode 100644
index 0000000..e814af0
--- /dev/null
+++ b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/passwd b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/shadow b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/32_create_user_error_gshadow_group_exists/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.err b/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.err
new file mode 100644
index 0000000..4d8ae70
--- /dev/null
+++ b/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: group 'bar' is a shadow group, but does not exist in /etc/group
+newusers: line 1: can't create group
+newusers: error detected, changes ignored
diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.list b/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.list
new file mode 100644
index 0000000..f9d747c
--- /dev/null
+++ b/tests/newusers/32_create_user_error_gshadow_group_exists/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass::bar:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/32_create_user_error_gshadow_group_exists/newusers.test b/tests/newusers/32_create_user_error_gshadow_group_exists/newusers.test
new file mode 100755
index 0000000..40749e3
--- /dev/null
+++ b/tests/newusers/32_create_user_error_gshadow_group_exists/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails if a user references a group which exist in gshadow and not in group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/33_update_password_no_shadow_password/config.txt b/tests/newusers/33_update_password_no_shadow_password/config.txt
new file mode 100644
index 0000000..02cfc9a
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/config.txt
@@ -0,0 +1,2 @@
+User foo exists, with password fooPass
+no user foo in /etc/shadow
diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/group b/tests/newusers/33_update_password_no_shadow_password/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/gshadow b/tests/newusers/33_update_password_no_shadow_password/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/common-password b/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/newusers b/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/passwd b/tests/newusers/33_update_password_no_shadow_password/config/etc/passwd
new file mode 100644
index 0000000..90bf0ab
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:eKzSSVkXDoVUM:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/33_update_password_no_shadow_password/config/etc/shadow b/tests/newusers/33_update_password_no_shadow_password/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/33_update_password_no_shadow_password/data/newusers.list b/tests/newusers/33_update_password_no_shadow_password/data/newusers.list
new file mode 100644
index 0000000..cc3b9ad
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/33_update_password_no_shadow_password/data/passwd b/tests/newusers/33_update_password_no_shadow_password/data/passwd
new file mode 100644
index 0000000..33b4c02
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:@PASS_DES fooPass2@:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/33_update_password_no_shadow_password/newusers.test b/tests/newusers/33_update_password_no_shadow_password/newusers.test
new file mode 100755
index 0000000..38189f7
--- /dev/null
+++ b/tests/newusers/33_update_password_no_shadow_password/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the password of a user which does not exist in shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/34_update_password_no_shadow/config.txt b/tests/newusers/34_update_password_no_shadow/config.txt
new file mode 100644
index 0000000..557c421
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/config.txt
@@ -0,0 +1,2 @@
+User foo exists, with password fooPass
+/etc/shadow will be destroyed
diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/group b/tests/newusers/34_update_password_no_shadow/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/gshadow b/tests/newusers/34_update_password_no_shadow/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/common-password b/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/newusers b/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/passwd b/tests/newusers/34_update_password_no_shadow/config/etc/passwd
new file mode 100644
index 0000000..90bf0ab
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:eKzSSVkXDoVUM:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/34_update_password_no_shadow/config/etc/shadow b/tests/newusers/34_update_password_no_shadow/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/34_update_password_no_shadow/data/newusers.list b/tests/newusers/34_update_password_no_shadow/data/newusers.list
new file mode 100644
index 0000000..cc3b9ad
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/34_update_password_no_shadow/data/passwd b/tests/newusers/34_update_password_no_shadow/data/passwd
new file mode 100644
index 0000000..33b4c02
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:@PASS_DES fooPass2@:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/34_update_password_no_shadow/newusers.test b/tests/newusers/34_update_password_no_shadow/newusers.test
new file mode 100755
index 0000000..1a9979e
--- /dev/null
+++ b/tests/newusers/34_update_password_no_shadow/newusers.test
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the password of an existing user, when there is no shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+rm -f /etc/shadow /etc/gshadow
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+test ! -f /etc/shadow
+echo "OK" 
+echo -n "Check the gshadow file..." 
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/35_read_from_stdin/config.txt b/tests/newusers/35_read_from_stdin/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/config.txt
diff --git a/tests/newusers/35_read_from_stdin/config/etc/group b/tests/newusers/35_read_from_stdin/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/35_read_from_stdin/config/etc/gshadow b/tests/newusers/35_read_from_stdin/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/35_read_from_stdin/config/etc/pam.d/common-password b/tests/newusers/35_read_from_stdin/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/35_read_from_stdin/config/etc/pam.d/newusers b/tests/newusers/35_read_from_stdin/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/35_read_from_stdin/config/etc/passwd b/tests/newusers/35_read_from_stdin/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/35_read_from_stdin/config/etc/shadow b/tests/newusers/35_read_from_stdin/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/35_read_from_stdin/data/group b/tests/newusers/35_read_from_stdin/data/group
new file mode 100644
index 0000000..15f4c27
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:1000:
+foo2:x:1001:
diff --git a/tests/newusers/35_read_from_stdin/data/gshadow b/tests/newusers/35_read_from_stdin/data/gshadow
new file mode 100644
index 0000000..5e2c5d3
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
+foo2:*::
diff --git a/tests/newusers/35_read_from_stdin/data/newusers.list b/tests/newusers/35_read_from_stdin/data/newusers.list
new file mode 100644
index 0000000..b51078f
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/data/newusers.list
@@ -0,0 +1,2 @@
+foo1:foo1Pass:::User foo1 - Gecos Field::/bin/sh
+foo2:foo2Pass:::User foo2 - Gecos Field::/bin/sh
diff --git a/tests/newusers/35_read_from_stdin/data/passwd b/tests/newusers/35_read_from_stdin/data/passwd
new file mode 100644
index 0000000..0c6350e
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:User foo1 - Gecos Field::/bin/sh
+foo2:x:1001:1001:User foo2 - Gecos Field::/bin/sh
diff --git a/tests/newusers/35_read_from_stdin/data/shadow b/tests/newusers/35_read_from_stdin/data/shadow
new file mode 100644
index 0000000..e33ca21
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/data/shadow
@@ -0,0 +1,21 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:@PASS_DES foo1Pass@:@TODAY@:0:99999:7:::
+foo2:@PASS_DES foo2Pass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/35_read_from_stdin/newusers.test b/tests/newusers/35_read_from_stdin/newusers.test
new file mode 100755
index 0000000..a135564
--- /dev/null
+++ b/tests/newusers/35_read_from_stdin/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can read the list from stdin"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+cat data/newusers.list | newusers
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/36_create_user_encrypted/config.txt b/tests/newusers/36_create_user_encrypted/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/config.txt
diff --git a/tests/newusers/36_create_user_encrypted/config/etc/group b/tests/newusers/36_create_user_encrypted/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/36_create_user_encrypted/config/etc/gshadow b/tests/newusers/36_create_user_encrypted/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/36_create_user_encrypted/config/etc/passwd b/tests/newusers/36_create_user_encrypted/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/36_create_user_encrypted/config/etc/shadow b/tests/newusers/36_create_user_encrypted/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/36_create_user_encrypted/data/group b/tests/newusers/36_create_user_encrypted/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/36_create_user_encrypted/data/gshadow b/tests/newusers/36_create_user_encrypted/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/36_create_user_encrypted/data/newusers.list b/tests/newusers/36_create_user_encrypted/data/newusers.list
new file mode 100644
index 0000000..4b43ba5
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/data/newusers.list
@@ -0,0 +1 @@
+foo:fo9LtdQDLJ8Fs:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/36_create_user_encrypted/data/passwd b/tests/newusers/36_create_user_encrypted/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/36_create_user_encrypted/data/shadow b/tests/newusers/36_create_user_encrypted/data/shadow
new file mode 100644
index 0000000..1d221a8
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:fo9LtdQDLJ8Fs:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/36_create_user_encrypted/newusers.test b/tests/newusers/36_create_user_encrypted/newusers.test
new file mode 100755
index 0000000..ab0a264
--- /dev/null
+++ b/tests/newusers/36_create_user_encrypted/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can create a new user, and provide an already encrypted password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers -c NONE data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config.txt b/tests/newusers/37_create_user_encrypt_MD5-PAM/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config.txt
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/group b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/gshadow b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/common-password b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/common-password
new file mode 100644
index 0000000..07f3f1d
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/newusers b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/passwd b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/shadow b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/data/group b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/data/gshadow b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/data/newusers.list b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/data/passwd b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/data/shadow b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/shadow
new file mode 100644
index 0000000..cff74f8
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_MD5 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/37_create_user_encrypt_MD5-PAM/newusers.test b/tests/newusers/37_create_user_encrypt_MD5-PAM/newusers.test
new file mode 100755
index 0000000..f916194
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5-PAM/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can encrypt the passwords with the MD5 algorithm"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/37_create_user_encrypt_MD5/config.txt b/tests/newusers/37_create_user_encrypt_MD5/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/config.txt
diff --git a/tests/newusers/37_create_user_encrypt_MD5/config/etc/group b/tests/newusers/37_create_user_encrypt_MD5/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/37_create_user_encrypt_MD5/config/etc/gshadow b/tests/newusers/37_create_user_encrypt_MD5/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/37_create_user_encrypt_MD5/config/etc/passwd b/tests/newusers/37_create_user_encrypt_MD5/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/37_create_user_encrypt_MD5/config/etc/shadow b/tests/newusers/37_create_user_encrypt_MD5/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/37_create_user_encrypt_MD5/data/group b/tests/newusers/37_create_user_encrypt_MD5/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/37_create_user_encrypt_MD5/data/gshadow b/tests/newusers/37_create_user_encrypt_MD5/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/37_create_user_encrypt_MD5/data/newusers.list b/tests/newusers/37_create_user_encrypt_MD5/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/37_create_user_encrypt_MD5/data/passwd b/tests/newusers/37_create_user_encrypt_MD5/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/37_create_user_encrypt_MD5/data/shadow b/tests/newusers/37_create_user_encrypt_MD5/data/shadow
new file mode 100644
index 0000000..cff74f8
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_MD5 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/37_create_user_encrypt_MD5/newusers.test b/tests/newusers/37_create_user_encrypt_MD5/newusers.test
new file mode 100755
index 0000000..e497ca9
--- /dev/null
+++ b/tests/newusers/37_create_user_encrypt_MD5/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can encrypt the passwords with the MD5 algorithm"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers -c MD5 data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/config.txt b/tests/newusers/38_update_password_no_shadow_encrypted/config.txt
new file mode 100644
index 0000000..b24760e
--- /dev/null
+++ b/tests/newusers/38_update_password_no_shadow_encrypted/config.txt
@@ -0,0 +1,2 @@
+User foo exists, with password fooPass
+shadow and gshadow will be removed.
diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/group b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/gshadow b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/passwd b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/passwd
new file mode 100644
index 0000000..90bf0ab
--- /dev/null
+++ b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:eKzSSVkXDoVUM:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/shadow b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/38_update_password_no_shadow_encrypted/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/data/newusers.list b/tests/newusers/38_update_password_no_shadow_encrypted/data/newusers.list
new file mode 100644
index 0000000..d70655e
--- /dev/null
+++ b/tests/newusers/38_update_password_no_shadow_encrypted/data/newusers.list
@@ -0,0 +1 @@
+foo:fozvMZd6F6hFU:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/data/passwd b/tests/newusers/38_update_password_no_shadow_encrypted/data/passwd
new file mode 100644
index 0000000..a8e6425
--- /dev/null
+++ b/tests/newusers/38_update_password_no_shadow_encrypted/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:fozvMZd6F6hFU:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/38_update_password_no_shadow_encrypted/newusers.test b/tests/newusers/38_update_password_no_shadow_encrypted/newusers.test
new file mode 100755
index 0000000..ba0b660
--- /dev/null
+++ b/tests/newusers/38_update_password_no_shadow_encrypted/newusers.test
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the password of an existing user in the passwd file, with a pre-encrypted password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+rm -f /etc/shadow /etc/gshadow
+
+newusers -c NONE data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+test ! -f /etc/shadow
+echo "OK" 
+echo -n "Check the gshadow file..." 
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/config.txt b/tests/newusers/39_update_password_no_shadow_password_encrypted/config.txt
new file mode 100644
index 0000000..f21646b
--- /dev/null
+++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/config.txt
@@ -0,0 +1,2 @@
+User foo exists, with password fooPass
+No user foo in shadow
diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/group b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/gshadow b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/passwd b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/passwd
new file mode 100644
index 0000000..90bf0ab
--- /dev/null
+++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:eKzSSVkXDoVUM:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/shadow b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/data/newusers.list b/tests/newusers/39_update_password_no_shadow_password_encrypted/data/newusers.list
new file mode 100644
index 0000000..d70655e
--- /dev/null
+++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/data/newusers.list
@@ -0,0 +1 @@
+foo:fozvMZd6F6hFU:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/data/passwd b/tests/newusers/39_update_password_no_shadow_password_encrypted/data/passwd
new file mode 100644
index 0000000..a8e6425
--- /dev/null
+++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:fozvMZd6F6hFU:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/39_update_password_no_shadow_password_encrypted/newusers.test b/tests/newusers/39_update_password_no_shadow_password_encrypted/newusers.test
new file mode 100755
index 0000000..1daf41f
--- /dev/null
+++ b/tests/newusers/39_update_password_no_shadow_password_encrypted/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the password of an existing user with a pre-encrypted password, when this user has no shadow entry"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers -c NONE data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/40_update_password_encrypted/config.txt b/tests/newusers/40_update_password_encrypted/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/40_update_password_encrypted/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/40_update_password_encrypted/config/etc/group b/tests/newusers/40_update_password_encrypted/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/40_update_password_encrypted/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/40_update_password_encrypted/config/etc/gshadow b/tests/newusers/40_update_password_encrypted/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/40_update_password_encrypted/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/40_update_password_encrypted/config/etc/passwd b/tests/newusers/40_update_password_encrypted/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/40_update_password_encrypted/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/40_update_password_encrypted/config/etc/shadow b/tests/newusers/40_update_password_encrypted/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/40_update_password_encrypted/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/40_update_password_encrypted/data/newusers.list b/tests/newusers/40_update_password_encrypted/data/newusers.list
new file mode 100644
index 0000000..cc3b9ad
--- /dev/null
+++ b/tests/newusers/40_update_password_encrypted/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/40_update_password_encrypted/data/shadow b/tests/newusers/40_update_password_encrypted/data/shadow
new file mode 100644
index 0000000..b466143
--- /dev/null
+++ b/tests/newusers/40_update_password_encrypted/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:fooPass2:13906:0:99999:7:::
diff --git a/tests/newusers/40_update_password_encrypted/newusers.test b/tests/newusers/40_update_password_encrypted/newusers.test
new file mode 100755
index 0000000..bb6be18
--- /dev/null
+++ b/tests/newusers/40_update_password_encrypted/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the password of an existing user with a pre-encrypted password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers -c NONE data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config.txt b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config.txt
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/group b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/gshadow b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/common-password b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/common-password
new file mode 100644
index 0000000..ab27f3e
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure sha256
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/newusers b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/passwd b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/shadow b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/group b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/gshadow b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/newusers.list b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/passwd b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/shadow b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/shadow
new file mode 100644
index 0000000..b07274f
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/41_create_user_encrypt_SHA256-PAM/newusers.test b/tests/newusers/41_create_user_encrypt_SHA256-PAM/newusers.test
new file mode 100755
index 0000000..284bb3e
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256-PAM/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can encrypt the passwords with the SHA256 algorithm"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/config.txt b/tests/newusers/41_create_user_encrypt_SHA256/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/config.txt
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/config/etc/group b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/config/etc/gshadow b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/config/etc/passwd b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/config/etc/shadow b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/data/group b/tests/newusers/41_create_user_encrypt_SHA256/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/data/gshadow b/tests/newusers/41_create_user_encrypt_SHA256/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/data/newusers.list b/tests/newusers/41_create_user_encrypt_SHA256/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/data/passwd b/tests/newusers/41_create_user_encrypt_SHA256/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/data/shadow b/tests/newusers/41_create_user_encrypt_SHA256/data/shadow
new file mode 100644
index 0000000..b07274f
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/41_create_user_encrypt_SHA256/newusers.test b/tests/newusers/41_create_user_encrypt_SHA256/newusers.test
new file mode 100755
index 0000000..ba0828d
--- /dev/null
+++ b/tests/newusers/41_create_user_encrypt_SHA256/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can encrypt the passwords with the SHA256 algorithm"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers -c SHA256 data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config.txt b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config.txt
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/group b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/gshadow b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/common-password b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/common-password
new file mode 100644
index 0000000..cc251ad
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/newusers b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/passwd b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/shadow b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/group b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/gshadow b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/newusers.list b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/passwd b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/shadow b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/shadow
new file mode 100644
index 0000000..1f9ef64
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA512 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/42_create_user_encrypt_SHA512-PAM/newusers.test b/tests/newusers/42_create_user_encrypt_SHA512-PAM/newusers.test
new file mode 100755
index 0000000..796dbcc
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512-PAM/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can encrypt the passwords with the SHA512 algorithm"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/config.txt b/tests/newusers/42_create_user_encrypt_SHA512/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/config.txt
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/config/etc/group b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/config/etc/gshadow b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/config/etc/passwd b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/config/etc/shadow b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/data/group b/tests/newusers/42_create_user_encrypt_SHA512/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/data/gshadow b/tests/newusers/42_create_user_encrypt_SHA512/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/data/newusers.list b/tests/newusers/42_create_user_encrypt_SHA512/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/data/passwd b/tests/newusers/42_create_user_encrypt_SHA512/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/data/shadow b/tests/newusers/42_create_user_encrypt_SHA512/data/shadow
new file mode 100644
index 0000000..1f9ef64
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA512 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/42_create_user_encrypt_SHA512/newusers.test b/tests/newusers/42_create_user_encrypt_SHA512/newusers.test
new file mode 100755
index 0000000..9036b9b
--- /dev/null
+++ b/tests/newusers/42_create_user_encrypt_SHA512/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can encrypt the passwords with the SHA512 algorithm"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers -c SHA512 data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config.txt b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config.txt
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/group b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/gshadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/common-password b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/common-password
new file mode 100644
index 0000000..a15d7a6
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure sha256 rounds=3000
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/newusers b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/passwd b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/shadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/group b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/gshadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/newusers.list b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/passwd b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/shadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/shadow
new file mode 100644
index 0000000..b07274f
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/newusers.test b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/newusers.test
new file mode 100755
index 0000000..6260beb
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/newusers.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can encrypt the passwords with the SHA256 algorithm and a specified number of rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "newusers -c SHA256 -s 3000 data/newusers.list"
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK"
+echo -n "Check the number of rounds..."
+rounds=$(sed -n 's/^foo:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow)
+echo -n "($rounds)..."
+if [ ! "$rounds" = 3000 ]; then
+	echo "Wrong number of rounds"
+	grep "^foo:" /etc/shadow
+	exit 1
+fi
+echo "OK"
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config.txt b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config.txt
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/group b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/gshadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/passwd b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/shadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/group b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/gshadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/newusers.list b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/passwd b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/shadow b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/shadow
new file mode 100644
index 0000000..b07274f
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/newusers.test b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/newusers.test
new file mode 100755
index 0000000..26f87f2
--- /dev/null
+++ b/tests/newusers/43_create_user_encrypt_SHA256_rounds_3000/newusers.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can encrypt the passwords with the SHA256 algorithm and a specified number of rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "newusers -c SHA256 -s 3000 data/newusers.list"
+newusers -c SHA256 -s 3000 data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK"
+echo -n "Check the number of rounds..."
+rounds=$(sed -n 's/^foo:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow)
+echo -n "($rounds)..."
+if [ ! "$rounds" = 3000 ]; then
+	echo "Wrong number of rounds"
+	grep "^foo:" /etc/shadow
+	exit 1
+fi
+echo "OK"
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config.txt b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config.txt
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/group b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/gshadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/common-password b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/common-password
new file mode 100644
index 0000000..7bdd3a2
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure sha256 rounds=300
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/newusers b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/passwd b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/shadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/group b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/gshadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/newusers.list b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/passwd b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/shadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/shadow
new file mode 100644
index 0000000..b07274f
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/newusers.test b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/newusers.test
new file mode 100755
index 0000000..e2c2c99
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/newusers.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers: the minimum number of rounds for SHA256 is 1000"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "newusers data/newusers.list"
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK"
+echo -n "Check the number of rounds..."
+rounds=$(sed -n 's/^foo:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow)
+echo -n "($rounds)..."
+if [ ! "$rounds" = 1000 ] && [ ! "$rounds" = "" ]; then
+	echo "Wrong number of rounds"
+	grep "^foo:" /etc/shadow
+	exit 1
+fi
+echo "OK"
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config.txt b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config.txt
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/group b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/gshadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/passwd b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/shadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/group b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/gshadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/newusers.list b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/passwd b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/shadow b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/shadow
new file mode 100644
index 0000000..b07274f
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA256 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/newusers.test b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/newusers.test
new file mode 100755
index 0000000..bea0ad8
--- /dev/null
+++ b/tests/newusers/44_create_user_encrypt_SHA256_rounds_300/newusers.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers: the minimum number of rounds for SHA256 is 1000"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "newusers -c SHA256 -s 300 data/newusers.list"
+newusers -c SHA256 -s 300 data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK"
+echo -n "Check the number of rounds..."
+rounds=$(sed -n 's/^foo:\$5\$rounds=\([0-9]*\)\$.*$/\1/p' /etc/shadow)
+echo -n "($rounds)..."
+if [ ! "$rounds" = 1000 ]; then
+	echo "Wrong number of rounds"
+	grep "^foo:" /etc/shadow
+	exit 1
+fi
+echo "OK"
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/config.txt b/tests/newusers/45_create_user_encrypt_rounds_3000/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/45_create_user_encrypt_rounds_3000/config.txt
diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/group b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/gshadow b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/passwd b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/shadow b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/45_create_user_encrypt_rounds_3000/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.err b/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.err
new file mode 100644
index 0000000..4b285af
--- /dev/null
+++ b/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.err
@@ -0,0 +1,8 @@
+newusers: -s flag is only allowed with the -c flag
+Usage: newusers [options] [input]
+
+  -c, --crypt-method            the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -r, --system                  create system accounts
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.list b/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/45_create_user_encrypt_rounds_3000/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/45_create_user_encrypt_rounds_3000/newusers.test b/tests/newusers/45_create_user_encrypt_rounds_3000/newusers.test
new file mode 100755
index 0000000..acc9648
--- /dev/null
+++ b/tests/newusers/45_create_user_encrypt_rounds_3000/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers: the number of rounds cannot be specified without a -c method"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "newusers -s 3000 data/newusers.list ..."
+newusers -s 3000 data/newusers.list 2> tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK"
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config.txt b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config.txt
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/group b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/gshadow b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/passwd b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/shadow b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/group b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/gshadow b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/newusers.list b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/passwd b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/shadow b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/shadow
new file mode 100644
index 0000000..cff74f8
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_MD5 fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/newusers.test b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/newusers.test
new file mode 100755
index 0000000..2a5bfb8
--- /dev/null
+++ b/tests/newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/newusers.test
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers ignore the number of rounds with the MD5 method"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "newusers -c MD5 -s 3000 data/newusers.list"
+newusers -c MD5 -s 3000 data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK"
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/47_create_user_error_UID_4294967295/config.txt b/tests/newusers/47_create_user_error_UID_4294967295/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/47_create_user_error_UID_4294967295/config.txt
diff --git a/tests/newusers/47_create_user_error_UID_4294967295/config/etc/group b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/47_create_user_error_UID_4294967295/config/etc/gshadow b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/47_create_user_error_UID_4294967295/config/etc/passwd b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/47_create_user_error_UID_4294967295/config/etc/shadow b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/47_create_user_error_UID_4294967295/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.err b/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.err
new file mode 100644
index 0000000..3fa2568
--- /dev/null
+++ b/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: invalid user ID '4294967295'
+newusers: line 1: can't create user
+newusers: error detected, changes ignored
diff --git a/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.list b/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.list
new file mode 100644
index 0000000..db2d9a9
--- /dev/null
+++ b/tests/newusers/47_create_user_error_UID_4294967295/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:4294967295::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/47_create_user_error_UID_4294967295/newusers.test b/tests/newusers/47_create_user_error_UID_4294967295/newusers.test
new file mode 100755
index 0000000..33d4c8b
--- /dev/null
+++ b/tests/newusers/47_create_user_error_UID_4294967295/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails with invalid UID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/48_create_user_error_GID_4294967295/config.txt b/tests/newusers/48_create_user_error_GID_4294967295/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/48_create_user_error_GID_4294967295/config.txt
diff --git a/tests/newusers/48_create_user_error_GID_4294967295/config/etc/group b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/48_create_user_error_GID_4294967295/config/etc/gshadow b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/48_create_user_error_GID_4294967295/config/etc/passwd b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/48_create_user_error_GID_4294967295/config/etc/shadow b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/48_create_user_error_GID_4294967295/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.err b/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.err
new file mode 100644
index 0000000..72803c5
--- /dev/null
+++ b/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.err
@@ -0,0 +1,3 @@
+newusers: invalid group ID '4294967295'
+newusers: line 1: can't create group
+newusers: error detected, changes ignored
diff --git a/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.list b/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.list
new file mode 100644
index 0000000..734a204
--- /dev/null
+++ b/tests/newusers/48_create_user_error_GID_4294967295/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:2147483648:4294967295:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/48_create_user_error_GID_4294967295/newusers.test b/tests/newusers/48_create_user_error_GID_4294967295/newusers.test
new file mode 100755
index 0000000..33d4c8b
--- /dev/null
+++ b/tests/newusers/48_create_user_error_GID_4294967295/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers fails with invalid UID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Creating the users..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "error message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/49_multiple_system_users/config.txt b/tests/newusers/49_multiple_system_users/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/49_multiple_system_users/config/etc/group b/tests/newusers/49_multiple_system_users/config/etc/group
new file mode 100644
index 0000000..35fb1e9
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
+fooo:x:997:
diff --git a/tests/newusers/49_multiple_system_users/config/etc/gshadow b/tests/newusers/49_multiple_system_users/config/etc/gshadow
new file mode 100644
index 0000000..72f456f
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
+fooo:x::
diff --git a/tests/newusers/49_multiple_system_users/config/etc/pam.d/common-password b/tests/newusers/49_multiple_system_users/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/49_multiple_system_users/config/etc/pam.d/newusers b/tests/newusers/49_multiple_system_users/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/49_multiple_system_users/config/etc/passwd b/tests/newusers/49_multiple_system_users/config/etc/passwd
new file mode 100644
index 0000000..a4907a1
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:998:998::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
+fooo:x:997:997:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/49_multiple_system_users/config/etc/shadow b/tests/newusers/49_multiple_system_users/config/etc/shadow
new file mode 100644
index 0000000..4fee3da
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/config/etc/shadow
@@ -0,0 +1,21 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
+fooo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/49_multiple_system_users/data/group b/tests/newusers/49_multiple_system_users/data/group
new file mode 100644
index 0000000..d9abdaa
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/data/group
@@ -0,0 +1,59 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
+fooo:x:997:
+foo1:x:996:
+foo1a:x:999:
+foo2:x:2000:
+foo3:x:994:
+foo4:x:998:
+foo5:x:3005:
+foo6:x:992:
+foo7:x:61000:
+foo8:x:991:
+foo9:x:995:
+foo10:x:990:
+foo11:x:63000:
+foo12:x:988:
+foo13:x:987:
+foo14:x:993:
+foo15:x:986:
diff --git a/tests/newusers/49_multiple_system_users/data/gshadow b/tests/newusers/49_multiple_system_users/data/gshadow
new file mode 100644
index 0000000..51dc764
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/data/gshadow
@@ -0,0 +1,59 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
+fooo:x::
+foo1:*::
+foo1a:*::
+foo2:*::
+foo3:*::
+foo4:*::
+foo5:*::
+foo6:*::
+foo7:*::
+foo8:*::
+foo9:*::
+foo10:*::
+foo11:*::
+foo12:*::
+foo13:*::
+foo14:*::
+foo15:*::
diff --git a/tests/newusers/49_multiple_system_users/data/newusers.list b/tests/newusers/49_multiple_system_users/data/newusers.list
new file mode 100644
index 0000000..68d54c2
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/data/newusers.list
@@ -0,0 +1,17 @@
+foo1:foo1Pass:::User Foo - Gecos Field::/bin/sh
+foo1a:foo1aPas:foo1::User Foo - Gecos Field::/bin/sh
+foo1b:foo1bPas::foo1a:User Foo - Gecos Field::/bin/sh
+foo2:foo2Pass:2000:2000:User Foo - Gecos Field::/bin/sh
+foo3:foo3Pass:::User Foo - Gecos Field::/bin/sh
+foo4:foo4Pass:3000::User Foo - Gecos Field::/bin/sh
+foo5:foo5Pass::3005:User Foo - Gecos Field::/bin/sh
+foo6:foo6Pass:::User Foo - Gecos Field::/bin/sh
+foo7:foo7Pass:61000:61000:User Foo - Gecos Field::/bin/sh
+foo8:foo8Pass:::User Foo - Gecos Field::/bin/sh
+foo9:foo9Pass:62000::User Foo - Gecos Field::/bin/sh
+foo10:foo10Pas:::User Foo - Gecos Field::/bin/sh
+foo11:foo11Pas::63000:User Foo - Gecos Field::/bin/sh
+foo12:foo12Pas:::User Foo - Gecos Field::/bin/sh
+foo13:foo13Pas:::User Foo - Gecos Field::/bin/sh
+foo14:foo14Pas:59000::User Foo - Gecos Field::/bin/sh
+foo15:foo15Pas:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/49_multiple_system_users/data/passwd b/tests/newusers/49_multiple_system_users/data/passwd
new file mode 100644
index 0000000..fb8a075
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/data/passwd
@@ -0,0 +1,38 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:998:998::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
+fooo:x:997:997:User Foo - Gecos Field::/bin/sh
+foo1:x:996:996:User Foo - Gecos Field::/bin/sh
+foo1a:x:996:999:User Foo - Gecos Field::/bin/sh
+foo1b:x:995:999:User Foo - Gecos Field::/bin/sh
+foo2:x:2000:2000:User Foo - Gecos Field::/bin/sh
+foo3:x:994:994:User Foo - Gecos Field::/bin/sh
+foo4:x:3000:998:User Foo - Gecos Field::/bin/sh
+foo5:x:993:3005:User Foo - Gecos Field::/bin/sh
+foo6:x:992:992:User Foo - Gecos Field::/bin/sh
+foo7:x:61000:61000:User Foo - Gecos Field::/bin/sh
+foo8:x:991:991:User Foo - Gecos Field::/bin/sh
+foo9:x:62000:995:User Foo - Gecos Field::/bin/sh
+foo10:x:990:990:User Foo - Gecos Field::/bin/sh
+foo11:x:989:63000:User Foo - Gecos Field::/bin/sh
+foo12:x:988:988:User Foo - Gecos Field::/bin/sh
+foo13:x:987:987:User Foo - Gecos Field::/bin/sh
+foo14:x:59000:993:User Foo - Gecos Field::/bin/sh
+foo15:x:986:986:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/49_multiple_system_users/data/shadow b/tests/newusers/49_multiple_system_users/data/shadow
new file mode 100644
index 0000000..bd434e3
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/data/shadow
@@ -0,0 +1,38 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
+fooo:eKzSSVkXDoVUM:13906:0:99999:7:::
+foo1:@PASS_DES foo1Pass@:@TODAY@:0:99999:7:::
+foo1a:@PASS_DES foo1aPas@:@TODAY@:0:99999:7:::
+foo1b:@PASS_DES foo1bPas@:@TODAY@:0:99999:7:::
+foo2:@PASS_DES foo2Pass@:@TODAY@:0:99999:7:::
+foo3:@PASS_DES foo3Pass@:@TODAY@:0:99999:7:::
+foo4:@PASS_DES foo4Pass@:@TODAY@:0:99999:7:::
+foo5:@PASS_DES foo5Pass@:@TODAY@:0:99999:7:::
+foo6:@PASS_DES foo6Pass@:@TODAY@:0:99999:7:::
+foo7:@PASS_DES foo7Pass@:@TODAY@:0:99999:7:::
+foo8:@PASS_DES foo8Pass@:@TODAY@:0:99999:7:::
+foo9:@PASS_DES foo9Pass@:@TODAY@:0:99999:7:::
+foo10:@PASS_DES foo10Pas@:@TODAY@:0:99999:7:::
+foo11:@PASS_DES foo11Pas@:@TODAY@:0:99999:7:::
+foo12:@PASS_DES foo12Pas@:@TODAY@:0:99999:7:::
+foo13:@PASS_DES foo13Pas@:@TODAY@:0:99999:7:::
+foo14:@PASS_DES foo14Pas@:@TODAY@:0:99999:7:::
+foo15:@PASS_DES foo15Pas@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/49_multiple_system_users/newusers.test b/tests/newusers/49_multiple_system_users/newusers.test
new file mode 100755
index 0000000..f9075d2
--- /dev/null
+++ b/tests/newusers/49_multiple_system_users/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can add multiple system users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers --system data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/50_usage/config.txt b/tests/newusers/50_usage/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/50_usage/config.txt
diff --git a/tests/newusers/50_usage/config/etc/group b/tests/newusers/50_usage/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/50_usage/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/50_usage/config/etc/gshadow b/tests/newusers/50_usage/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/50_usage/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/50_usage/config/etc/passwd b/tests/newusers/50_usage/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/50_usage/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/50_usage/config/etc/shadow b/tests/newusers/50_usage/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/50_usage/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/50_usage/data/usage.out b/tests/newusers/50_usage/data/usage.out
new file mode 100644
index 0000000..82fa641
--- /dev/null
+++ b/tests/newusers/50_usage/data/usage.out
@@ -0,0 +1,7 @@
+Usage: newusers [options]
+
+Options:
+  -h, --help                    display this help message and exit
+  -r, --system                  create system accounts
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/newusers/50_usage/newusers.test b/tests/newusers/50_usage/newusers.test
new file mode 100755
index 0000000..3dca38a
--- /dev/null
+++ b/tests/newusers/50_usage/newusers.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get newusers usage (newusers -h)..."
+newusers -h >tmp/usage.out
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/51_usage_invalid_option/config.txt b/tests/newusers/51_usage_invalid_option/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/51_usage_invalid_option/config.txt
diff --git a/tests/newusers/51_usage_invalid_option/config/etc/group b/tests/newusers/51_usage_invalid_option/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/51_usage_invalid_option/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/51_usage_invalid_option/config/etc/gshadow b/tests/newusers/51_usage_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/51_usage_invalid_option/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/51_usage_invalid_option/config/etc/passwd b/tests/newusers/51_usage_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/51_usage_invalid_option/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/51_usage_invalid_option/config/etc/shadow b/tests/newusers/51_usage_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/51_usage_invalid_option/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/51_usage_invalid_option/data/usage.out b/tests/newusers/51_usage_invalid_option/data/usage.out
new file mode 100644
index 0000000..e111c34
--- /dev/null
+++ b/tests/newusers/51_usage_invalid_option/data/usage.out
@@ -0,0 +1,8 @@
+newusers: invalid option -- 'Z'
+Usage: newusers [options]
+
+Options:
+  -h, --help                    display this help message and exit
+  -r, --system                  create system accounts
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/newusers/51_usage_invalid_option/newusers.test b/tests/newusers/51_usage_invalid_option/newusers.test
new file mode 100755
index 0000000..77dc821
--- /dev/null
+++ b/tests/newusers/51_usage_invalid_option/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers displays its usage message in case of bad usage"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call newusers with an invalid option (newusers -Z)..."
+newusers -Z bin 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/52_usage_2_input_files/config.txt b/tests/newusers/52_usage_2_input_files/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/52_usage_2_input_files/config.txt
diff --git a/tests/newusers/52_usage_2_input_files/config/etc/group b/tests/newusers/52_usage_2_input_files/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/52_usage_2_input_files/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/52_usage_2_input_files/config/etc/gshadow b/tests/newusers/52_usage_2_input_files/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/52_usage_2_input_files/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/52_usage_2_input_files/config/etc/passwd b/tests/newusers/52_usage_2_input_files/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/52_usage_2_input_files/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/52_usage_2_input_files/config/etc/shadow b/tests/newusers/52_usage_2_input_files/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/52_usage_2_input_files/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/52_usage_2_input_files/data/usage.out b/tests/newusers/52_usage_2_input_files/data/usage.out
new file mode 100644
index 0000000..82fa641
--- /dev/null
+++ b/tests/newusers/52_usage_2_input_files/data/usage.out
@@ -0,0 +1,7 @@
+Usage: newusers [options]
+
+Options:
+  -h, --help                    display this help message and exit
+  -r, --system                  create system accounts
+  -R, --root CHROOT_DIR         directory to chroot into
+
diff --git a/tests/newusers/52_usage_2_input_files/newusers.test b/tests/newusers/52_usage_2_input_files/newusers.test
new file mode 100755
index 0000000..255f1c4
--- /dev/null
+++ b/tests/newusers/52_usage_2_input_files/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers displays its usage message in case of bad usage"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call newusers with 2 input files (newusers list1 list2)..."
+newusers list1 list2 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/53_locked_passwd/config.txt b/tests/newusers/53_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/53_locked_passwd/config.txt
diff --git a/tests/newusers/53_locked_passwd/config/etc/group b/tests/newusers/53_locked_passwd/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/53_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/53_locked_passwd/config/etc/gshadow b/tests/newusers/53_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/53_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/53_locked_passwd/config/etc/passwd b/tests/newusers/53_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/53_locked_passwd/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/53_locked_passwd/config/etc/shadow b/tests/newusers/53_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/53_locked_passwd/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/53_locked_passwd/data/newusers.list b/tests/newusers/53_locked_passwd/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/53_locked_passwd/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/53_locked_passwd/data/usage.out b/tests/newusers/53_locked_passwd/data/usage.out
new file mode 100644
index 0000000..7a0563f
--- /dev/null
+++ b/tests/newusers/53_locked_passwd/data/usage.out
@@ -0,0 +1,2 @@
+newusers: existing lock file /etc/passwd.lock without a PID
+newusers: cannot lock /etc/passwd; try again later.
diff --git a/tests/newusers/53_locked_passwd/newusers.test b/tests/newusers/53_locked_passwd/newusers.test
new file mode 100755
index 0000000..790582e
--- /dev/null
+++ b/tests/newusers/53_locked_passwd/newusers.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers warns when passwd is already locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Create user foo (newusers foo)..."
+newusers data/newusers.list 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/54_locked_shadow/config.txt b/tests/newusers/54_locked_shadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/54_locked_shadow/config.txt
diff --git a/tests/newusers/54_locked_shadow/config/etc/group b/tests/newusers/54_locked_shadow/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/54_locked_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/54_locked_shadow/config/etc/gshadow b/tests/newusers/54_locked_shadow/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/54_locked_shadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/54_locked_shadow/config/etc/passwd b/tests/newusers/54_locked_shadow/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/54_locked_shadow/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/54_locked_shadow/config/etc/shadow b/tests/newusers/54_locked_shadow/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/54_locked_shadow/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/54_locked_shadow/data/newusers.list b/tests/newusers/54_locked_shadow/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/54_locked_shadow/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/54_locked_shadow/data/usage.out b/tests/newusers/54_locked_shadow/data/usage.out
new file mode 100644
index 0000000..309a750
--- /dev/null
+++ b/tests/newusers/54_locked_shadow/data/usage.out
@@ -0,0 +1,2 @@
+newusers: existing lock file /etc/shadow.lock without a PID
+newusers: cannot lock /etc/shadow; try again later.
diff --git a/tests/newusers/54_locked_shadow/newusers.test b/tests/newusers/54_locked_shadow/newusers.test
new file mode 100755
index 0000000..c8b5038
--- /dev/null
+++ b/tests/newusers/54_locked_shadow/newusers.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers warns when shadow is already locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Create user foo (newusers foo)..."
+newusers data/newusers.list 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+rm -f /etc/shadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/55_locked_group/config.txt b/tests/newusers/55_locked_group/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/55_locked_group/config.txt
diff --git a/tests/newusers/55_locked_group/config/etc/group b/tests/newusers/55_locked_group/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/55_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/55_locked_group/config/etc/gshadow b/tests/newusers/55_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/55_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/55_locked_group/config/etc/passwd b/tests/newusers/55_locked_group/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/55_locked_group/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/55_locked_group/config/etc/shadow b/tests/newusers/55_locked_group/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/55_locked_group/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/55_locked_group/data/newusers.list b/tests/newusers/55_locked_group/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/55_locked_group/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/55_locked_group/data/usage.out b/tests/newusers/55_locked_group/data/usage.out
new file mode 100644
index 0000000..ad33b0c
--- /dev/null
+++ b/tests/newusers/55_locked_group/data/usage.out
@@ -0,0 +1,2 @@
+newusers: existing lock file /etc/group.lock without a PID
+newusers: cannot lock /etc/group; try again later.
diff --git a/tests/newusers/55_locked_group/newusers.test b/tests/newusers/55_locked_group/newusers.test
new file mode 100755
index 0000000..cae0458
--- /dev/null
+++ b/tests/newusers/55_locked_group/newusers.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers warns when group is already locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Create user foo (newusers foo)..."
+newusers data/newusers.list 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/56_locked_gshadow/config.txt b/tests/newusers/56_locked_gshadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/56_locked_gshadow/config.txt
diff --git a/tests/newusers/56_locked_gshadow/config/etc/group b/tests/newusers/56_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/56_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/56_locked_gshadow/config/etc/gshadow b/tests/newusers/56_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/56_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/56_locked_gshadow/config/etc/passwd b/tests/newusers/56_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/56_locked_gshadow/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/56_locked_gshadow/config/etc/shadow b/tests/newusers/56_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/56_locked_gshadow/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/56_locked_gshadow/data/newusers.list b/tests/newusers/56_locked_gshadow/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/newusers/56_locked_gshadow/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/56_locked_gshadow/data/usage.out b/tests/newusers/56_locked_gshadow/data/usage.out
new file mode 100644
index 0000000..1d874cf
--- /dev/null
+++ b/tests/newusers/56_locked_gshadow/data/usage.out
@@ -0,0 +1,2 @@
+newusers: existing lock file /etc/gshadow.lock without a PID
+newusers: cannot lock /etc/gshadow; try again later.
diff --git a/tests/newusers/56_locked_gshadow/newusers.test b/tests/newusers/56_locked_gshadow/newusers.test
new file mode 100755
index 0000000..a317867
--- /dev/null
+++ b/tests/newusers/56_locked_gshadow/newusers.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers warns when gshadow is already locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Create user foo (newusers foo)..."
+newusers data/newusers.list 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/57_missing_input_file/config.txt b/tests/newusers/57_missing_input_file/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/57_missing_input_file/config.txt
diff --git a/tests/newusers/57_missing_input_file/config/etc/group b/tests/newusers/57_missing_input_file/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/57_missing_input_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/57_missing_input_file/config/etc/gshadow b/tests/newusers/57_missing_input_file/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/57_missing_input_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/57_missing_input_file/config/etc/passwd b/tests/newusers/57_missing_input_file/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/57_missing_input_file/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/57_missing_input_file/config/etc/shadow b/tests/newusers/57_missing_input_file/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/57_missing_input_file/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/57_missing_input_file/data/usage.out b/tests/newusers/57_missing_input_file/data/usage.out
new file mode 100644
index 0000000..6b55e2a
--- /dev/null
+++ b/tests/newusers/57_missing_input_file/data/usage.out
@@ -0,0 +1 @@
+newusers: data/newusers.list: No such file or directory
diff --git a/tests/newusers/57_missing_input_file/newusers.test b/tests/newusers/57_missing_input_file/newusers.test
new file mode 100755
index 0000000..7e74f73
--- /dev/null
+++ b/tests/newusers/57_missing_input_file/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers warns when the input file cann be read"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call newusers with missing input file (newusers data/newusers.list)..."
+newusers data/newusers.list 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/58_invalid_input_file/config.txt b/tests/newusers/58_invalid_input_file/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/newusers/58_invalid_input_file/config.txt
diff --git a/tests/newusers/58_invalid_input_file/config/etc/group b/tests/newusers/58_invalid_input_file/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/newusers/58_invalid_input_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/newusers/58_invalid_input_file/config/etc/gshadow b/tests/newusers/58_invalid_input_file/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/newusers/58_invalid_input_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/newusers/58_invalid_input_file/config/etc/passwd b/tests/newusers/58_invalid_input_file/config/etc/passwd
new file mode 100644
index 0000000..5d27e12
--- /dev/null
+++ b/tests/newusers/58_invalid_input_file/config/etc/passwd
@@ -0,0 +1,26 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser1:x:424242:424242::/home:/bin/bash
+myuser2:x:424243:424242::/home:/bin/bash
+myuser3:x:424244:424242::/home:/bin/bash
+myuser4:x:424245:424242::/home:/bin/bash
+myuser5:x:424246:424242::/home:/bin/bash
+myuser6:x:424247:424242::/home:/bin/bash
+myuser7:x:424248:424242::/home:/bin/bash
diff --git a/tests/newusers/58_invalid_input_file/config/etc/shadow b/tests/newusers/58_invalid_input_file/config/etc/shadow
new file mode 100644
index 0000000..da4c2bc
--- /dev/null
+++ b/tests/newusers/58_invalid_input_file/config/etc/shadow
@@ -0,0 +1,26 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser1:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
+myuser2:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12992:1:99996:5:::
+myuser3:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::0:
+myuser4:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7::1:
+myuser5:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:0::
+myuser6:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
+myuser7:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:1::
diff --git a/tests/newusers/58_invalid_input_file/data/newusers.err b/tests/newusers/58_invalid_input_file/data/newusers.err
new file mode 100644
index 0000000..fe15bdc
--- /dev/null
+++ b/tests/newusers/58_invalid_input_file/data/newusers.err
@@ -0,0 +1,2 @@
+newusers: line 1: invalid line
+newusers: error detected, changes ignored
diff --git a/tests/newusers/58_invalid_input_file/data/newusers.list b/tests/newusers/58_invalid_input_file/data/newusers.list
new file mode 100644
index 0000000..56266fd
--- /dev/null
+++ b/tests/newusers/58_invalid_input_file/data/newusers.list
@@ -0,0 +1 @@
+foo:foo:Pass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/58_invalid_input_file/newusers.test b/tests/newusers/58_invalid_input_file/newusers.test
new file mode 100755
index 0000000..b4f7889
--- /dev/null
+++ b/tests/newusers/58_invalid_input_file/newusers.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers warns when the input is invalid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call newusers with invalid input (newusers data/newusers.list)..."
+newusers data/newusers.list 2>tmp/newusers.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "newusers reported:"
+echo "======================================================================="
+cat tmp/newusers.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/newusers.err tmp/newusers.err
+echo "usage message OK."
+rm -f tmp/newusers.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/59_no_gshadow_file/config.txt b/tests/newusers/59_no_gshadow_file/config.txt
new file mode 100644
index 0000000..557c421
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/config.txt
@@ -0,0 +1,2 @@
+User foo exists, with password fooPass
+/etc/shadow will be destroyed
diff --git a/tests/newusers/59_no_gshadow_file/config/etc/group b/tests/newusers/59_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/newusers/59_no_gshadow_file/config/etc/gshadow b/tests/newusers/59_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/59_no_gshadow_file/config/etc/pam.d/common-password b/tests/newusers/59_no_gshadow_file/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/59_no_gshadow_file/config/etc/pam.d/newusers b/tests/newusers/59_no_gshadow_file/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/59_no_gshadow_file/config/etc/passwd b/tests/newusers/59_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/newusers/59_no_gshadow_file/config/etc/shadow b/tests/newusers/59_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/newusers/59_no_gshadow_file/data/group b/tests/newusers/59_no_gshadow_file/data/group
new file mode 100644
index 0000000..a0ff22a
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:*:1000:
diff --git a/tests/newusers/59_no_gshadow_file/data/newusers.list b/tests/newusers/59_no_gshadow_file/data/newusers.list
new file mode 100644
index 0000000..cc3b9ad
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/59_no_gshadow_file/data/passwd b/tests/newusers/59_no_gshadow_file/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/59_no_gshadow_file/data/shadow b/tests/newusers/59_no_gshadow_file/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/59_no_gshadow_file/newusers.test b/tests/newusers/59_no_gshadow_file/newusers.test
new file mode 100755
index 0000000..bf18186
--- /dev/null
+++ b/tests/newusers/59_no_gshadow_file/newusers.test
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the password of an existing user, when there is no gshadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+rm -f /etc/gshadow
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/60_update_no_gecos/config.txt b/tests/newusers/60_update_no_gecos/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/60_update_no_gecos/config/etc/group b/tests/newusers/60_update_no_gecos/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/60_update_no_gecos/config/etc/gshadow b/tests/newusers/60_update_no_gecos/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/60_update_no_gecos/config/etc/pam.d/common-password b/tests/newusers/60_update_no_gecos/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/60_update_no_gecos/config/etc/pam.d/newusers b/tests/newusers/60_update_no_gecos/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/60_update_no_gecos/config/etc/passwd b/tests/newusers/60_update_no_gecos/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/60_update_no_gecos/config/etc/shadow b/tests/newusers/60_update_no_gecos/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/60_update_no_gecos/data/newusers.list b/tests/newusers/60_update_no_gecos/data/newusers.list
new file mode 100644
index 0000000..6233663
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::::/bin/bash
diff --git a/tests/newusers/60_update_no_gecos/data/passwd b/tests/newusers/60_update_no_gecos/data/passwd
new file mode 100644
index 0000000..8fc494c
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/bash
diff --git a/tests/newusers/60_update_no_gecos/data/shadow b/tests/newusers/60_update_no_gecos/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/60_update_no_gecos/newusers.test b/tests/newusers/60_update_no_gecos/newusers.test
new file mode 100755
index 0000000..fb57724
--- /dev/null
+++ b/tests/newusers/60_update_no_gecos/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the gecos of an existing user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/newusers/61_update_no_shell/config.txt b/tests/newusers/61_update_no_shell/config.txt
new file mode 100644
index 0000000..ea4c3ad
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/config.txt
@@ -0,0 +1 @@
+User foo exists, with password fooPass
diff --git a/tests/newusers/61_update_no_shell/config/etc/group b/tests/newusers/61_update_no_shell/config/etc/group
new file mode 100644
index 0000000..555c889
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:65535:foo
diff --git a/tests/newusers/61_update_no_shell/config/etc/gshadow b/tests/newusers/61_update_no_shell/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/newusers/61_update_no_shell/config/etc/pam.d/common-password b/tests/newusers/61_update_no_shell/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/newusers/61_update_no_shell/config/etc/pam.d/newusers b/tests/newusers/61_update_no_shell/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/newusers/61_update_no_shell/config/etc/passwd b/tests/newusers/61_update_no_shell/config/etc/passwd
new file mode 100644
index 0000000..9de3b24
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field::/bin/sh
diff --git a/tests/newusers/61_update_no_shell/config/etc/shadow b/tests/newusers/61_update_no_shell/config/etc/shadow
new file mode 100644
index 0000000..1368876
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:eKzSSVkXDoVUM:13906:0:99999:7:::
diff --git a/tests/newusers/61_update_no_shell/data/newusers.list b/tests/newusers/61_update_no_shell/data/newusers.list
new file mode 100644
index 0000000..75e0582
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass2:::User Foo - Gecos Field - updated::
diff --git a/tests/newusers/61_update_no_shell/data/passwd b/tests/newusers/61_update_no_shell/data/passwd
new file mode 100644
index 0000000..c84bc61
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:65535:65535:User Foo - Gecos Field - updated::/bin/sh
diff --git a/tests/newusers/61_update_no_shell/data/shadow b/tests/newusers/61_update_no_shell/data/shadow
new file mode 100644
index 0000000..c7f1556
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass2@:@TODAY@:0:99999:7:::
diff --git a/tests/newusers/61_update_no_shell/newusers.test b/tests/newusers/61_update_no_shell/newusers.test
new file mode 100755
index 0000000..fb57724
--- /dev/null
+++ b/tests/newusers/61_update_no_shell/newusers.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers can update the gecos of an existing user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/01_passwd_-S_root_locked_account/config/etc/group b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/01_passwd_-S_root_locked_account/config/etc/gshadow b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/01_passwd_-S_root_locked_account/config/etc/passwd b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/01_passwd_-S_root_locked_account/config/etc/shadow b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/shadow
new file mode 100644
index 0000000..3112803
--- /dev/null
+++ b/tests/passwd/01_passwd_-S_root_locked_account/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12978:0:99999:7:::
diff --git a/tests/passwd/01_passwd_-S_root_locked_account/data/passwd.out b/tests/passwd/01_passwd_-S_root_locked_account/data/passwd.out
new file mode 100644
index 0000000..86a73e1
--- /dev/null
+++ b/tests/passwd/01_passwd_-S_root_locked_account/data/passwd.out
@@ -0,0 +1 @@
+foo L 07/14/2005 0 99999 7 -1
diff --git a/tests/passwd/01_passwd_-S_root_locked_account/passwd.test b/tests/passwd/01_passwd_-S_root_locked_account/passwd.test
new file mode 100755
index 0000000..0641638
--- /dev/null
+++ b/tests/passwd/01_passwd_-S_root_locked_account/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd can report the status of an account to root"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Request password information for user foo (passwd -S foo)..."
+passwd -S foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/02_passwd_-S_root_valid_account/config/etc/group b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/02_passwd_-S_root_valid_account/config/etc/gshadow b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/02_passwd_-S_root_valid_account/config/etc/passwd b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/02_passwd_-S_root_valid_account/config/etc/shadow b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/02_passwd_-S_root_valid_account/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/02_passwd_-S_root_valid_account/data/passwd.out b/tests/passwd/02_passwd_-S_root_valid_account/data/passwd.out
new file mode 100644
index 0000000..55af5a7
--- /dev/null
+++ b/tests/passwd/02_passwd_-S_root_valid_account/data/passwd.out
@@ -0,0 +1 @@
+foo P 07/13/2005 0 99999 7 -1
diff --git a/tests/passwd/02_passwd_-S_root_valid_account/passwd.test b/tests/passwd/02_passwd_-S_root_valid_account/passwd.test
new file mode 100755
index 0000000..0641638
--- /dev/null
+++ b/tests/passwd/02_passwd_-S_root_valid_account/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd can report the status of an account to root"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Request password information for user foo (passwd -S foo)..."
+passwd -S foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/03_passwd_-S_root_empty_password/config/etc/group b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/03_passwd_-S_root_empty_password/config/etc/gshadow b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/03_passwd_-S_root_empty_password/config/etc/passwd b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/03_passwd_-S_root_empty_password/config/etc/shadow b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/shadow
new file mode 100644
index 0000000..9b3b67f
--- /dev/null
+++ b/tests/passwd/03_passwd_-S_root_empty_password/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo::12988:0:99998:8:::
diff --git a/tests/passwd/03_passwd_-S_root_empty_password/data/passwd.out b/tests/passwd/03_passwd_-S_root_empty_password/data/passwd.out
new file mode 100644
index 0000000..c64fb61
--- /dev/null
+++ b/tests/passwd/03_passwd_-S_root_empty_password/data/passwd.out
@@ -0,0 +1 @@
+foo NP 07/24/2005 0 99998 8 -1
diff --git a/tests/passwd/03_passwd_-S_root_empty_password/passwd.test b/tests/passwd/03_passwd_-S_root_empty_password/passwd.test
new file mode 100755
index 0000000..0641638
--- /dev/null
+++ b/tests/passwd/03_passwd_-S_root_empty_password/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd can report the status of an account to root"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Request password information for user foo (passwd -S foo)..."
+passwd -S foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/group b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/gshadow b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/passwd b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/shadow b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/data/passwd.out b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/data/passwd.out
new file mode 100644
index 0000000..e86159d
--- /dev/null
+++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/data/passwd.out
@@ -0,0 +1 @@
+foo P
diff --git a/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/passwd.test b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/passwd.test
new file mode 100755
index 0000000..e084d34
--- /dev/null
+++ b/tests/passwd/04_passwd_-S_root_valid_account_no_shadow_file/passwd.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd can report the status of an account to root"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Request password information for user foo (passwd -S foo)..."
+passwd -S foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check that /etc/shadow does not exist..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/group b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/gshadow b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/passwd b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..dfb11c8
--- /dev/null
+++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:!:1000:1000:::/bin/false
diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/shadow b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/data/passwd.out b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/data/passwd.out
new file mode 100644
index 0000000..9ba8956
--- /dev/null
+++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/data/passwd.out
@@ -0,0 +1 @@
+foo L
diff --git a/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/passwd.test b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/passwd.test
new file mode 100755
index 0000000..0641638
--- /dev/null
+++ b/tests/passwd/05_passwd_-S_root_valid_account_no_shadow_entry/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd can report the status of an account to root"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Request password information for user foo (passwd -S foo)..."
+passwd -S foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/06_passwd_-l_root_lock_account/config/etc/group b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/06_passwd_-l_root_lock_account/config/etc/gshadow b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/06_passwd_-l_root_lock_account/config/etc/passwd b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/06_passwd_-l_root_lock_account/config/etc/shadow b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/06_passwd_-l_root_lock_account/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/06_passwd_-l_root_lock_account/data/passwd.out b/tests/passwd/06_passwd_-l_root_lock_account/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/06_passwd_-l_root_lock_account/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/06_passwd_-l_root_lock_account/data/shadow b/tests/passwd/06_passwd_-l_root_lock_account/data/shadow
new file mode 100644
index 0000000..79c859a
--- /dev/null
+++ b/tests/passwd/06_passwd_-l_root_lock_account/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/06_passwd_-l_root_lock_account/passwd.test b/tests/passwd/06_passwd_-l_root_lock_account/passwd.test
new file mode 100755
index 0000000..3fabb12
--- /dev/null
+++ b/tests/passwd/06_passwd_-l_root_lock_account/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can lock a password with passwd -l"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Lock foo's password (passwd -l foo)..."
+passwd -l foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/group b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/gshadow b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/passwd b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..440df65
--- /dev/null
+++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:1000:1000:::/bin/false
diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/shadow b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..3ca4f73
--- /dev/null
+++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:!$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:1000:1000:::/bin/false
diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd.out b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/passwd.test b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/passwd.test
new file mode 100755
index 0000000..099c380
--- /dev/null
+++ b/tests/passwd/07_passwd_-l_root_lock_account_no_shadow_entry/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd can lock a password in /etc/passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Lock foo's password (passwd -l foo)..."
+passwd -l foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/group b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/gshadow b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/passwd b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/shadow b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/shadow
new file mode 100644
index 0000000..79c859a
--- /dev/null
+++ b/tests/passwd/08_passwd_-u_root_unlock_account/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/data/passwd.out b/tests/passwd/08_passwd_-u_root_unlock_account/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/08_passwd_-u_root_unlock_account/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/data/shadow b/tests/passwd/08_passwd_-u_root_unlock_account/data/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/08_passwd_-u_root_unlock_account/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/08_passwd_-u_root_unlock_account/passwd.test b/tests/passwd/08_passwd_-u_root_unlock_account/passwd.test
new file mode 100755
index 0000000..b5ac0d8
--- /dev/null
+++ b/tests/passwd/08_passwd_-u_root_unlock_account/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can unlock a password with passwd -u"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "unlock foo's password (passwd -u foo)..."
+passwd -u foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/group b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/gshadow b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/passwd b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/shadow b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/data/passwd.err b/tests/passwd/09_passwd_-u_root_unlock_to_empty/data/passwd.err
new file mode 100644
index 0000000..2987d41
--- /dev/null
+++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/data/passwd.err
@@ -0,0 +1,2 @@
+passwd: unlocking the password would result in a passwordless account.
+You should set a password with usermod -p to unlock the password of this account.
diff --git a/tests/passwd/09_passwd_-u_root_unlock_to_empty/passwd.test b/tests/passwd/09_passwd_-u_root_unlock_to_empty/passwd.test
new file mode 100755
index 0000000..a61e23d
--- /dev/null
+++ b/tests/passwd/09_passwd_-u_root_unlock_to_empty/passwd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd -u cannot create a passwordless account"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Unlock foo's pasword (passwd -u foo)..."
+passwd -u foo 2> tmp/passwd.err && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.err
+echo "======================================================================="
+echo -n "Check the error message..."
+diff -au data/passwd.err tmp/passwd.err
+echo "error message OK."
+rm -f tmp/passwd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/10_passwd_-d_root/config/etc/group b/tests/passwd/10_passwd_-d_root/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/10_passwd_-d_root/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/10_passwd_-d_root/config/etc/gshadow b/tests/passwd/10_passwd_-d_root/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/10_passwd_-d_root/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/10_passwd_-d_root/config/etc/passwd b/tests/passwd/10_passwd_-d_root/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/10_passwd_-d_root/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/10_passwd_-d_root/config/etc/shadow b/tests/passwd/10_passwd_-d_root/config/etc/shadow
new file mode 100644
index 0000000..79c859a
--- /dev/null
+++ b/tests/passwd/10_passwd_-d_root/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/10_passwd_-d_root/data/passwd.out b/tests/passwd/10_passwd_-d_root/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/10_passwd_-d_root/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/10_passwd_-d_root/data/shadow b/tests/passwd/10_passwd_-d_root/data/shadow
new file mode 100644
index 0000000..85ef660
--- /dev/null
+++ b/tests/passwd/10_passwd_-d_root/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo::12977:0:99999:7:::
diff --git a/tests/passwd/10_passwd_-d_root/passwd.test b/tests/passwd/10_passwd_-d_root/passwd.test
new file mode 100755
index 0000000..e1ac5f2
--- /dev/null
+++ b/tests/passwd/10_passwd_-d_root/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can delete a password with passwd -d"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete foo's password (passwd -d foo)..."
+passwd -d foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/11_passwd_--mindays_root/config/etc/group b/tests/passwd/11_passwd_--mindays_root/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/11_passwd_--mindays_root/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/11_passwd_--mindays_root/config/etc/gshadow b/tests/passwd/11_passwd_--mindays_root/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/11_passwd_--mindays_root/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/11_passwd_--mindays_root/config/etc/passwd b/tests/passwd/11_passwd_--mindays_root/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/11_passwd_--mindays_root/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/11_passwd_--mindays_root/config/etc/shadow b/tests/passwd/11_passwd_--mindays_root/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/11_passwd_--mindays_root/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/11_passwd_--mindays_root/data/passwd.out b/tests/passwd/11_passwd_--mindays_root/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/11_passwd_--mindays_root/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/11_passwd_--mindays_root/data/shadow b/tests/passwd/11_passwd_--mindays_root/data/shadow
new file mode 100644
index 0000000..f424ad6
--- /dev/null
+++ b/tests/passwd/11_passwd_--mindays_root/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:10:99999:7:::
diff --git a/tests/passwd/11_passwd_--mindays_root/passwd.test b/tests/passwd/11_passwd_--mindays_root/passwd.test
new file mode 100755
index 0000000..409396f
--- /dev/null
+++ b/tests/passwd/11_passwd_--mindays_root/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can use passwd --mindays"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the min number of days for foo's password (passwd --mindays 10 foo)..."
+passwd --mindays 10 foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/12_passwd_--maxdays_root/config/etc/group b/tests/passwd/12_passwd_--maxdays_root/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/12_passwd_--maxdays_root/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/12_passwd_--maxdays_root/config/etc/gshadow b/tests/passwd/12_passwd_--maxdays_root/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/12_passwd_--maxdays_root/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/12_passwd_--maxdays_root/config/etc/passwd b/tests/passwd/12_passwd_--maxdays_root/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/12_passwd_--maxdays_root/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/12_passwd_--maxdays_root/config/etc/shadow b/tests/passwd/12_passwd_--maxdays_root/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/12_passwd_--maxdays_root/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/12_passwd_--maxdays_root/data/passwd.out b/tests/passwd/12_passwd_--maxdays_root/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/12_passwd_--maxdays_root/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/12_passwd_--maxdays_root/data/shadow b/tests/passwd/12_passwd_--maxdays_root/data/shadow
new file mode 100644
index 0000000..82f40b6
--- /dev/null
+++ b/tests/passwd/12_passwd_--maxdays_root/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:10:7:::
diff --git a/tests/passwd/12_passwd_--maxdays_root/passwd.test b/tests/passwd/12_passwd_--maxdays_root/passwd.test
new file mode 100755
index 0000000..a895e3e
--- /dev/null
+++ b/tests/passwd/12_passwd_--maxdays_root/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can use passwd --maxdays"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the max number of days for foo's password (passwd --maxdays 10 foo)..."
+passwd --maxdays 10 foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/13_passwd_--warndays_root/config/etc/group b/tests/passwd/13_passwd_--warndays_root/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/13_passwd_--warndays_root/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/13_passwd_--warndays_root/config/etc/gshadow b/tests/passwd/13_passwd_--warndays_root/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/13_passwd_--warndays_root/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/13_passwd_--warndays_root/config/etc/passwd b/tests/passwd/13_passwd_--warndays_root/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/13_passwd_--warndays_root/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/13_passwd_--warndays_root/config/etc/shadow b/tests/passwd/13_passwd_--warndays_root/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/13_passwd_--warndays_root/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/13_passwd_--warndays_root/data/passwd.out b/tests/passwd/13_passwd_--warndays_root/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/13_passwd_--warndays_root/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/13_passwd_--warndays_root/data/shadow b/tests/passwd/13_passwd_--warndays_root/data/shadow
new file mode 100644
index 0000000..a62edfa
--- /dev/null
+++ b/tests/passwd/13_passwd_--warndays_root/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:10:::
diff --git a/tests/passwd/13_passwd_--warndays_root/passwd.test b/tests/passwd/13_passwd_--warndays_root/passwd.test
new file mode 100755
index 0000000..18a8b87
--- /dev/null
+++ b/tests/passwd/13_passwd_--warndays_root/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can use passwd --warndays"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the number of warning days for foo's password (passwd --warndays 10 foo)..."
+passwd --warndays 10 foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/14_passwd_--inactive_root/config/etc/group b/tests/passwd/14_passwd_--inactive_root/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/14_passwd_--inactive_root/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/14_passwd_--inactive_root/config/etc/gshadow b/tests/passwd/14_passwd_--inactive_root/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/14_passwd_--inactive_root/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/14_passwd_--inactive_root/config/etc/passwd b/tests/passwd/14_passwd_--inactive_root/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/14_passwd_--inactive_root/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/14_passwd_--inactive_root/config/etc/shadow b/tests/passwd/14_passwd_--inactive_root/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/14_passwd_--inactive_root/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/14_passwd_--inactive_root/data/passwd.out b/tests/passwd/14_passwd_--inactive_root/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/14_passwd_--inactive_root/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/14_passwd_--inactive_root/data/shadow b/tests/passwd/14_passwd_--inactive_root/data/shadow
new file mode 100644
index 0000000..52dc304
--- /dev/null
+++ b/tests/passwd/14_passwd_--inactive_root/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:10::
diff --git a/tests/passwd/14_passwd_--inactive_root/passwd.test b/tests/passwd/14_passwd_--inactive_root/passwd.test
new file mode 100755
index 0000000..52dbab0
--- /dev/null
+++ b/tests/passwd/14_passwd_--inactive_root/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can use passwd --inactive"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the number of inactive days for foo's password (passwd --inactive 10 foo)..."
+passwd --inactive 10 foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/15_passwd_--expire_root/config/etc/group b/tests/passwd/15_passwd_--expire_root/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/15_passwd_--expire_root/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/15_passwd_--expire_root/config/etc/gshadow b/tests/passwd/15_passwd_--expire_root/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/15_passwd_--expire_root/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/15_passwd_--expire_root/config/etc/passwd b/tests/passwd/15_passwd_--expire_root/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/15_passwd_--expire_root/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/15_passwd_--expire_root/config/etc/shadow b/tests/passwd/15_passwd_--expire_root/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/15_passwd_--expire_root/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/15_passwd_--expire_root/data/passwd.out b/tests/passwd/15_passwd_--expire_root/data/passwd.out
new file mode 100644
index 0000000..55ce2cc
--- /dev/null
+++ b/tests/passwd/15_passwd_--expire_root/data/passwd.out
@@ -0,0 +1 @@
+passwd: password expiry information changed.
diff --git a/tests/passwd/15_passwd_--expire_root/data/shadow b/tests/passwd/15_passwd_--expire_root/data/shadow
new file mode 100644
index 0000000..4cd6096
--- /dev/null
+++ b/tests/passwd/15_passwd_--expire_root/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:0:0:99999:7:::
diff --git a/tests/passwd/15_passwd_--expire_root/passwd.test b/tests/passwd/15_passwd_--expire_root/passwd.test
new file mode 100755
index 0000000..f2ab71d
--- /dev/null
+++ b/tests/passwd/15_passwd_--expire_root/passwd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can use passwd --expire"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set foo's password as expired (passwd --expire foo)..."
+passwd --expire foo > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/16_passwd_-S-a_root/config/etc/group b/tests/passwd/16_passwd_-S-a_root/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/16_passwd_-S-a_root/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/16_passwd_-S-a_root/config/etc/gshadow b/tests/passwd/16_passwd_-S-a_root/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/16_passwd_-S-a_root/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/16_passwd_-S-a_root/config/etc/passwd b/tests/passwd/16_passwd_-S-a_root/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/16_passwd_-S-a_root/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/16_passwd_-S-a_root/config/etc/shadow b/tests/passwd/16_passwd_-S-a_root/config/etc/shadow
new file mode 100644
index 0000000..3112803
--- /dev/null
+++ b/tests/passwd/16_passwd_-S-a_root/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12978:0:99999:7:::
diff --git a/tests/passwd/16_passwd_-S-a_root/data/passwd.out b/tests/passwd/16_passwd_-S-a_root/data/passwd.out
new file mode 100644
index 0000000..5a1b479
--- /dev/null
+++ b/tests/passwd/16_passwd_-S-a_root/data/passwd.out
@@ -0,0 +1,20 @@
+root P 07/27/2005 0 99999 7 -1
+daemon L 07/13/2005 0 99999 7 -1
+bin L 07/13/2005 0 99999 7 -1
+sys L 07/13/2005 0 99999 7 -1
+sync L 07/13/2005 0 99999 7 -1
+games L 07/13/2005 0 99999 7 -1
+man L 07/13/2005 0 99999 7 -1
+lp L 07/13/2005 0 99999 7 -1
+mail L 07/13/2005 0 99999 7 -1
+news L 07/13/2005 0 99999 7 -1
+uucp L 07/13/2005 0 99999 7 -1
+proxy L 07/13/2005 0 99999 7 -1
+www-data L 07/13/2005 0 99999 7 -1
+backup L 07/13/2005 0 99999 7 -1
+list L 07/13/2005 0 99999 7 -1
+irc L 07/13/2005 0 99999 7 -1
+gnats L 07/13/2005 0 99999 7 -1
+nobody L 07/13/2005 0 99999 7 -1
+Debian-exim L 07/13/2005 0 99999 7 -1
+foo L 07/14/2005 0 99999 7 -1
diff --git a/tests/passwd/16_passwd_-S-a_root/passwd.test b/tests/passwd/16_passwd_-S-a_root/passwd.test
new file mode 100755
index 0000000..1b64c53
--- /dev/null
+++ b/tests/passwd/16_passwd_-S-a_root/passwd.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd can report the status of an account to root"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+echo -n "passwd -S -a..."
+passwd -S -a > tmp/passwd.out
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.out
+echo "======================================================================="
+echo -n "Check the message..."
+diff -au data/passwd.out tmp/passwd.out
+echo "message OK."
+rm -f tmp/passwd.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/17_passwd_root_change_password/config/etc/group b/tests/passwd/17_passwd_root_change_password/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/17_passwd_root_change_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/17_passwd_root_change_password/config/etc/gshadow b/tests/passwd/17_passwd_root_change_password/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/17_passwd_root_change_password/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/17_passwd_root_change_password/config/etc/pam.d/common-password b/tests/passwd/17_passwd_root_change_password/config/etc/pam.d/common-password
new file mode 100644
index 0000000..38bce56
--- /dev/null
+++ b/tests/passwd/17_passwd_root_change_password/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords.  Without this option,
+# the default is Unix crypt.  Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/passwd/17_passwd_root_change_password/config/etc/passwd b/tests/passwd/17_passwd_root_change_password/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/17_passwd_root_change_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/17_passwd_root_change_password/config/etc/shadow b/tests/passwd/17_passwd_root_change_password/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/17_passwd_root_change_password/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/17_passwd_root_change_password/data/shadow b/tests/passwd/17_passwd_root_change_password/data/shadow
new file mode 100644
index 0000000..6731888
--- /dev/null
+++ b/tests/passwd/17_passwd_root_change_password/data/shadow
@@ -0,0 +1,20 @@
+root:@PASS_MD5 rootpassword@:@TODAY@:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/17_passwd_root_change_password/passwd.exp b/tests/passwd/17_passwd_root_change_password/passwd.exp
new file mode 100755
index 0000000..2696ffb
--- /dev/null
+++ b/tests/passwd/17_passwd_root_change_password/passwd.exp
@@ -0,0 +1,22 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "passwd\r"
+expect "Enter new UNIX password: "
+send "rootpassword\r"
+expect "Retype new UNIX password: "
+send "rootpassword\r"
+expect "passwd: password updated successfully"
+expect "# "
+send "echo \$?\r"
+expect "0"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/passwd/17_passwd_root_change_password/passwd.test b/tests/passwd/17_passwd_root_change_password/passwd.test
new file mode 100755
index 0000000..e181273
--- /dev/null
+++ b/tests/passwd/17_passwd_root_change_password/passwd.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can change her password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./passwd.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/18_passwd_root_change_password_user/config/etc/group b/tests/passwd/18_passwd_root_change_password_user/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/18_passwd_root_change_password_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/18_passwd_root_change_password_user/config/etc/gshadow b/tests/passwd/18_passwd_root_change_password_user/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/18_passwd_root_change_password_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/18_passwd_root_change_password_user/config/etc/pam.d/common-password b/tests/passwd/18_passwd_root_change_password_user/config/etc/pam.d/common-password
new file mode 100644
index 0000000..442182a
--- /dev/null
+++ b/tests/passwd/18_passwd_root_change_password_user/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords.  Without this option,
+# the default is Unix crypt.  Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/passwd/18_passwd_root_change_password_user/config/etc/passwd b/tests/passwd/18_passwd_root_change_password_user/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/passwd/18_passwd_root_change_password_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/passwd/18_passwd_root_change_password_user/config/etc/shadow b/tests/passwd/18_passwd_root_change_password_user/config/etc/shadow
new file mode 100644
index 0000000..dced560
--- /dev/null
+++ b/tests/passwd/18_passwd_root_change_password_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$qFkVP1JD$QKhVFDs906AgiPjnyRPPk0:12977:0:99999:7:::
diff --git a/tests/passwd/18_passwd_root_change_password_user/data/shadow b/tests/passwd/18_passwd_root_change_password_user/data/shadow
new file mode 100644
index 0000000..30ac54d
--- /dev/null
+++ b/tests/passwd/18_passwd_root_change_password_user/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES foopassword@:@TODAY@:0:99999:7:::
diff --git a/tests/passwd/18_passwd_root_change_password_user/passwd.exp b/tests/passwd/18_passwd_root_change_password_user/passwd.exp
new file mode 100755
index 0000000..5150c6a
--- /dev/null
+++ b/tests/passwd/18_passwd_root_change_password_user/passwd.exp
@@ -0,0 +1,22 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+
+send "passwd foo\r"
+expect "Enter new UNIX password: "
+send "foopassword\r"
+expect "Retype new UNIX password: "
+send "foopassword\r"
+expect "passwd: password updated successfully"
+expect "# "
+send "echo \$?\r"
+expect "0"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/passwd/18_passwd_root_change_password_user/passwd.test b/tests/passwd/18_passwd_root_change_password_user/passwd.test
new file mode 100755
index 0000000..e181273
--- /dev/null
+++ b/tests/passwd/18_passwd_root_change_password_user/passwd.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can change her password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./passwd.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/19_passwd_user_change_password/config/etc/group b/tests/passwd/19_passwd_user_change_password/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/19_passwd_user_change_password/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/19_passwd_user_change_password/config/etc/gshadow b/tests/passwd/19_passwd_user_change_password/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/19_passwd_user_change_password/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/19_passwd_user_change_password/config/etc/pam.d/common-password b/tests/passwd/19_passwd_user_change_password/config/etc/pam.d/common-password
new file mode 100644
index 0000000..a0d4283
--- /dev/null
+++ b/tests/passwd/19_passwd_user_change_password/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords.  Without this option,
+# the default is Unix crypt.  Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure sha256
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/passwd/19_passwd_user_change_password/config/etc/passwd b/tests/passwd/19_passwd_user_change_password/config/etc/passwd
new file mode 100644
index 0000000..82223ff
--- /dev/null
+++ b/tests/passwd/19_passwd_user_change_password/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/bash
diff --git a/tests/passwd/19_passwd_user_change_password/config/etc/shadow b/tests/passwd/19_passwd_user_change_password/config/etc/shadow
new file mode 100644
index 0000000..18a7168
--- /dev/null
+++ b/tests/passwd/19_passwd_user_change_password/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$hU4j2cnt$tRiti0uCvqiQN9u6iMHBq.:12977:0:99999:7:::
diff --git a/tests/passwd/19_passwd_user_change_password/data/shadow b/tests/passwd/19_passwd_user_change_password/data/shadow
new file mode 100644
index 0000000..a638637
--- /dev/null
+++ b/tests/passwd/19_passwd_user_change_password/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA256 password-foo@:@TODAY@:0:99999:7:::
diff --git a/tests/passwd/19_passwd_user_change_password/passwd.exp b/tests/passwd/19_passwd_user_change_password/passwd.exp
new file mode 100755
index 0000000..6a3f1b6
--- /dev/null
+++ b/tests/passwd/19_passwd_user_change_password/passwd.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+send "su -l foo\r"
+expect "$ "
+send "id\r"
+expect "uid=1000(foo) gid=1000(foo) groups=1000(foo)"
+
+send "passwd\r"
+expect "Changing password for foo."
+expect "(current) UNIX password: "
+send "foopassword\r"
+expect "Enter new UNIX password: "
+send "password-foo\r"
+expect "Retype new UNIX password: "
+send "password-foo\r"
+expect "passwd: password updated successfully"
+expect "$ "
+send "echo \$?\r"
+expect "0"
+expect "$ "
+send "exit\r"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/passwd/19_passwd_user_change_password/passwd.test b/tests/passwd/19_passwd_user_change_password/passwd.test
new file mode 100755
index 0000000..e181273
--- /dev/null
+++ b/tests/passwd/19_passwd_user_change_password/passwd.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can change her password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./passwd.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/20_passwd_user_change_password_same_user/config/etc/group b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/passwd/20_passwd_user_change_password_same_user/config/etc/gshadow b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/passwd/20_passwd_user_change_password_same_user/config/etc/pam.d/common-password b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/pam.d/common-password
new file mode 100644
index 0000000..cb8c7b7
--- /dev/null
+++ b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords.  Without this option,
+# the default is Unix crypt.  Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/passwd/20_passwd_user_change_password_same_user/config/etc/passwd b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/passwd
new file mode 100644
index 0000000..82223ff
--- /dev/null
+++ b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/bash
diff --git a/tests/passwd/20_passwd_user_change_password_same_user/config/etc/shadow b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/shadow
new file mode 100644
index 0000000..18a7168
--- /dev/null
+++ b/tests/passwd/20_passwd_user_change_password_same_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$hU4j2cnt$tRiti0uCvqiQN9u6iMHBq.:12977:0:99999:7:::
diff --git a/tests/passwd/20_passwd_user_change_password_same_user/data/shadow b/tests/passwd/20_passwd_user_change_password_same_user/data/shadow
new file mode 100644
index 0000000..542ae82
--- /dev/null
+++ b/tests/passwd/20_passwd_user_change_password_same_user/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_SHA512 password-foo@:@TODAY@:0:99999:7:::
diff --git a/tests/passwd/20_passwd_user_change_password_same_user/passwd.exp b/tests/passwd/20_passwd_user_change_password_same_user/passwd.exp
new file mode 100755
index 0000000..70d4b80
--- /dev/null
+++ b/tests/passwd/20_passwd_user_change_password_same_user/passwd.exp
@@ -0,0 +1,31 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/sh
+send "if \[ \$(id -u) -eq 0 \]; then PS1='# '; else PS1='$ '; fi\r"
+expect "# "
+send "su -l foo\r"
+expect "$ "
+send "id\r"
+expect "uid=1000(foo) gid=1000(foo) groups=1000(foo)"
+
+send "passwd foo\r"
+expect "Changing password for foo."
+expect "(current) UNIX password: "
+send "foopassword\r"
+expect "Enter new UNIX password: "
+send "password-foo\r"
+expect "Retype new UNIX password: "
+send "password-foo\r"
+expect "passwd: password updated successfully"
+expect "$ "
+send "echo \$?\r"
+expect "0"
+expect "$ "
+send "exit\r"
+expect "# "
+send "exit\r"
+puts "OK\n"
+exit 0
diff --git a/tests/passwd/20_passwd_user_change_password_same_user/passwd.test b/tests/passwd/20_passwd_user_change_password_same_user/passwd.test
new file mode 100755
index 0000000..e181273
--- /dev/null
+++ b/tests/passwd/20_passwd_user_change_password_same_user/passwd.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can change her password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./passwd.exp
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/21_passwd_user_change_password_other_user/config/etc/group b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/group
new file mode 100644
index 0000000..fb4f67e
--- /dev/null
+++ b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo1:x:1001:
diff --git a/tests/passwd/21_passwd_user_change_password_other_user/config/etc/gshadow b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/gshadow
new file mode 100644
index 0000000..3e73b5a
--- /dev/null
+++ b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo1:*::
diff --git a/tests/passwd/21_passwd_user_change_password_other_user/config/etc/passwd b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/passwd
new file mode 100644
index 0000000..54cce8e
--- /dev/null
+++ b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/bash
+foo1:x:1001:1001:::/bin/bash
diff --git a/tests/passwd/21_passwd_user_change_password_other_user/config/etc/shadow b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/shadow
new file mode 100644
index 0000000..4f88f0c
--- /dev/null
+++ b/tests/passwd/21_passwd_user_change_password_other_user/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$hU4j2cnt$tRiti0uCvqiQN9u6iMHBq.:12977:0:99999:7:::
+foo1:$1$hU4j2cnt$tRiti0uCvqiQN9u6iMHBq.:12977:0:99999:7:::
diff --git a/tests/passwd/21_passwd_user_change_password_other_user/data/passwd.err b/tests/passwd/21_passwd_user_change_password_other_user/data/passwd.err
new file mode 100644
index 0000000..5b45f51
--- /dev/null
+++ b/tests/passwd/21_passwd_user_change_password_other_user/data/passwd.err
@@ -0,0 +1 @@
+passwd: You may not view or modify password information for foo1.
diff --git a/tests/passwd/21_passwd_user_change_password_other_user/passwd.test b/tests/passwd/21_passwd_user_change_password_other_user/passwd.test
new file mode 100755
index 0000000..bcb0a10
--- /dev/null
+++ b/tests/passwd/21_passwd_user_change_password_other_user/passwd.test
@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "root can change her password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+su -l foo -c "passwd foo1" 2>tmp/passwd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/passwd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/passwd.err tmp/passwd.err
+echo "error message OK."
+rm -f tmp/passwd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/passwd/22_passwd_usage/config.txt b/tests/passwd/22_passwd_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/passwd/22_passwd_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/passwd/22_passwd_usage/config/etc/group b/tests/passwd/22_passwd_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/passwd/22_passwd_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/passwd/22_passwd_usage/config/etc/gshadow b/tests/passwd/22_passwd_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/passwd/22_passwd_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/passwd/22_passwd_usage/config/etc/passwd b/tests/passwd/22_passwd_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/passwd/22_passwd_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/passwd/22_passwd_usage/config/etc/shadow b/tests/passwd/22_passwd_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/passwd/22_passwd_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/passwd/22_passwd_usage/data/usage.out b/tests/passwd/22_passwd_usage/data/usage.out
new file mode 100644
index 0000000..21552fe
--- /dev/null
+++ b/tests/passwd/22_passwd_usage/data/usage.out
@@ -0,0 +1,22 @@
+Usage: passwd [options] [LOGIN]
+
+Options:
+  -a, --all                     report password status on all accounts
+  -d, --delete                  delete the password for the named account
+  -e, --expire                  force expire the password for the named account
+  -h, --help                    display this help message and exit
+  -k, --keep-tokens             change password only if expired
+  -i, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -l, --lock                    lock the password of the named account
+  -n, --mindays MIN_DAYS        set minimum number of days before password
+                                change to MIN_DAYS
+  -q, --quiet                   quiet mode
+  -r, --repository REPOSITORY   change password in REPOSITORY repository
+  -R, --root CHROOT_DIR         directory to chroot into
+  -S, --status                  report password status on the named account
+  -u, --unlock                  unlock the password of the named account
+  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS
+  -x, --maxdays MAX_DAYS        set maximum number of days before password
+                                change to MAX_DAYS
+
diff --git a/tests/passwd/22_passwd_usage/passwd.test b/tests/passwd/22_passwd_usage/passwd.test
new file mode 100755
index 0000000..077ec90
--- /dev/null
+++ b/tests/passwd/22_passwd_usage/passwd.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "passwd can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get passwd usage (passwd -h)..."
+passwd -h >tmp/usage.out
+
+echo "passwd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/run_all b/tests/run_all
new file mode 100755
index 0000000..c5517d5
--- /dev/null
+++ b/tests/run_all
@@ -0,0 +1,1305 @@
+#!/bin/sh
+
+set -e
+
+export LC_ALL=C
+unset LANG
+unset LANGUAGE
+. common/config.sh
+
+USE_PAM="yes"
+FAILURE_TESTS="yes"
+
+succeded=0
+failed=0
+failed_tests=""
+
+run_test()
+{
+	[ -f RUN_TEST.STOP ] && exit 1
+
+	if $1 > $1.log
+	then
+		succeded=$((succeded+1))
+		echo -n "+"
+	else
+		failed=$((failed+1))
+		failed_tests="$failed_tests $1"
+		echo -n "-"
+	fi
+	cat $1.log >> testsuite.log
+	[ -f /etc/passwd.lock ] && echo $1 /etc/passwd.lock || true
+	[ -f /etc/group.lock ] && echo $1 /etc/group.lock || true
+	[ -f /etc/shadow.lock ] && echo $1 /etc/shadow.lock || true
+	[ -f /etc/gshadow.lock ] && echo $1 /etc/gshadow.lock || true
+	if [ "$(stat -c"%G" /etc/shadow)" != "shadow" ]
+	then
+		echo $1
+		ls -l /etc/shadow
+		chgrp shadow /etc/shadow
+	fi
+	if [ -d /nonexistent ]
+	then
+		echo $1 /nonexistent
+		rmdir /nonexistent
+	fi
+}
+
+echo "+: test passed"
+echo "-: test failed"
+
+# Empty the complete log.
+> testsuite.log
+
+find ${build_path} -name "*.gcda" -delete
+run_test ./su/01/su_root.test
+run_test ./su/01/su_user.test
+find ${build_path} -name "*.gcda" -exec chmod a+rw {} \;
+run_test ./su/02/env_FOO-options_--login
+run_test ./su/02/env_FOO-options_--login_bash
+run_test ./su/02/env_FOO-options_--preserve-environment
+run_test ./su/02/env_FOO-options_--preserve-environment_bash
+run_test ./su/02/env_FOO-options_-
+run_test ./su/02/env_FOO-options_-_bash
+run_test ./su/02/env_FOO-options_-l-m
+run_test ./su/02/env_FOO-options_-l-m_bash
+run_test ./su/02/env_FOO-options_-l
+run_test ./su/02/env_FOO-options_-l_bash
+run_test ./su/02/env_FOO-options_-m_bash
+run_test ./su/02/env_FOO-options_-m
+run_test ./su/02/env_FOO-options_-p
+run_test ./su/02/env_FOO-options_-p_bash
+run_test ./su/02/env_FOO-options__bash
+run_test ./su/02/env_FOO-options_
+run_test ./su/02/env_FOO-options_-p-
+run_test ./su/02/env_FOO-options_-p-_bash
+run_test ./su/02/env_special-options_-l-p
+run_test ./su/02/env_special-options_-l
+run_test ./su/02/env_special-options_-l-p_bash
+run_test ./su/02/env_special-options_-l_bash
+run_test ./su/02/env_special-options_-p
+run_test ./su/02/env_special-options_-p_bash
+run_test ./su/02/env_special-options_
+run_test ./su/02/env_special-options__bash
+run_test ./su/02/env_special_root-options_-l-p
+run_test ./su/02/env_special_root-options_-l-p_bash
+run_test ./su/02/env_special_root-options_-l
+run_test ./su/02/env_special_root-options_-l_bash
+run_test ./su/02/env_special_root-options_-p
+run_test ./su/02/env_special_root-options_-p_bash
+run_test ./su/02/env_special_root-options_
+run_test ./su/02/env_special_root-options__bash
+run_test ./su/03/su_run_command01.test
+run_test ./su/03/su_run_command02.test
+run_test ./su/03/su_run_command03.test
+run_test ./su/03/su_run_command04.test
+run_test ./su/03/su_run_command05.test
+run_test ./su/03/su_run_command06.test
+run_test ./su/03/su_run_command07.test
+run_test ./su/03/su_run_command08.test
+run_test ./su/03/su_run_command09.test
+run_test ./su/03/su_run_command10.test
+run_test ./su/03/su_run_command11.test
+run_test ./su/03/su_run_command12.test
+run_test ./su/03/su_run_command13.test
+run_test ./su/03/su_run_command14.test
+run_test ./su/03/su_run_command15.test
+run_test ./su/03/su_run_command16.test
+run_test ./su/03/su_run_command17.test
+run_test ./su/04/su_wrong_user.test
+run_test ./su/04/su_user_wrong_passwd.test
+run_test ./su/04/su_user_wrong_passwd_syslog.test
+run_test ./su/05/su_user_wrong_passwd_syslog.test
+run_test ./su/06/su_user_syslog.test
+run_test ./su/07/su_user_syslog.test
+run_test ./su/08/env_special-options_
+run_test ./su/08/env_special_root-options_
+run_test ./su/09/env_special-options_
+run_test ./su/09/env_special_root-options_
+run_test ./su/10_su_sulog_success/su.test
+run_test ./su/11_su_sulog_failure/su.test
+run_test ./su/12_su_child_failure/su.test
+run_test ./su/13_su_child_success/su.test
+run_test ./chage/01/run
+find ${build_path} -name "*.gcda" -exec chmod a+rw {} \;
+run_test ./chage/02/run
+run_test ./chage/03_chsh_usage/chage.test
+run_test ./chage/04_chsh_usage_invalid_option/chage.test
+run_test ./chage/05_chsh_usage_2_users/chage.test
+run_test ./chage/06_chsh_usage_no_users/chage.test
+run_test ./chage/07_chsh_usage-l_exclusive/chage.test
+run_test ./chage/08_chsh_usage_invalid_date/chage.test
+run_test ./chage/09_chsh_usage_invalid_numeric_arg/chage.test
+run_test ./chage/10_chsh-l/chage.test
+run_test ./chage/11_chsh_usage_invalid_user/chage.test
+run_test ./chage/12_chsh_usage-l_invalid_user2/chage.test
+run_test ./chage/13_chsh_locked_passwd/chage.test
+run_test ./chage/14_chsh_locked_shadow/chage.test
+run_test ./chage/15_chage-I_no_shadow_entry/chage.test
+run_test ./chage/16_chage-m_no_shadow_entry/chage.test
+run_test ./chage/17_chage-M_no_shadow_entry/chage.test
+run_test ./chage/18_chage-d_no_shadow_entry/chage.test
+run_test ./chage/19_chage-W_no_shadow_entry/chage.test
+run_test ./chage/20_chage-E_no_shadow_entry/chage.test
+run_test ./chage/21_chage_no_shadow_file/chage.test
+run_test ./chage/22_chage_myuser-l/chage.test
+run_test ./chage/23_chage_myuser-I/chage.test
+run_test ./chage/24_chage_myuser-l_other/chage.test
+run_test ./chage/25_chage_interractive/chage.test
+run_test ./chage/26_chage_interractive_date_0/chage.test
+run_test ./chage/27_chage_interractive_date_-1/chage.test
+run_test ./chage/28_chage_interractive_date_EPOCH/chage.test
+run_test ./chage/29_chage_interractive_date_pre-EPOCH/chage.test
+run_test ./chage/30_chage_interractive_date_pre-EPOCH2/chage.test
+run_test ./chage/31_chage_interractive_date_invalid/chage.test
+run_test ./chage/32_chage_interractive_date_invalid2/chage.test
+run_test ./chage/33_chage_interractive-W_invalid1/chage.test
+run_test ./chage/34_chage_interractive-W_invalid2/chage.test
+run_test ./chage/35_chage_interractive-W-1/chage.test
+run_test ./chage/36_chage_interractive-I_invalid1/chage.test
+run_test ./chage/37_chage_interractive-I_invalid2/chage.test
+run_test ./chage/38_chage_interractive-I-1/chage.test
+run_test ./chage/39_chage_interractive-d-1/chage.test
+run_test ./chsh/01/run
+run_test ./chsh/02_chsh_usage/chsh.test
+run_test ./chsh/03_chsh_usage_invalid_option/chsh.test
+run_test ./chsh/04_chsh_usage_2_users/chsh.test
+run_test ./chsh/05_chsh_myuser_restricted_shell/chsh.test
+run_test ./chsh/06_chsh_myuser_non_restricted_shell/chsh.test
+run_test ./chsh/07_chsh_usage_invalid_user/chsh.test
+run_test ./chsh/08_chsh_myuser_to_restricted_shell/chsh.test
+run_test ./chsh/09_chsh_myuser_to_missing_shell/chsh.test
+run_test ./chsh/10_chsh_myuser_to_non_executable_shell/chsh.test
+run_test ./chsh/11_chsh_auth_failure/chsh.test
+run_test ./chsh/12_chsh_warning_missing_shell/chsh.test
+run_test ./chsh/13_chsh_warning_non_executable/chsh.test
+run_test ./chsh/14_chsh_locked_passwd/chsh.test
+run_test ./chsh/15_chsh_PAM_error/chsh.test
+run_test ./chroot/chage/01_chage--root/chage.test
+run_test ./chroot/chgpasswd/01_chgpasswd--root/chgpasswd.test
+run_test ./chroot/chpasswd/01_chpasswd--root_nopam/chpasswd.test
+run_test ./chroot/chpasswd/02_chpasswd--root_pam/chpasswd.test
+run_test ./chroot/chsh/01_chsh--root/chsh.test
+run_test ./chroot/gpasswd/01_gpasswd--root/gpasswd.test
+run_test ./chroot/groupadd/01_groupadd--root/groupadd.test
+run_test ./chroot/groupdel/01_groupdel--root/groupdel.test
+run_test ./chroot/groupmod/01_groupmod--root/groupmod.test
+run_test ./chroot/grpck/01_grpck--root/grpck.test
+run_test ./chroot/grpconv/01_grpconv--root/grpconv.test
+run_test ./chroot/grpunconv/01_grpunconv--root/grpunconv.test
+run_test ./chroot/lastlog/01_lastlog--root/lastlog.test
+run_test ./chroot/login/01_login_sublogin/login.test
+run_test ./chroot/pwck/01_pwck--root/pwck.test
+run_test ./chroot/pwconv/01_pwconv--root/pwconv.test
+run_test ./chroot/pwunconv/01_pwunconv--root/pwunconv.test
+run_test ./chroot/useradd/01_useradd--root/useradd.test
+run_test ./chroot/useradd/02_useradd--root_login.defs/useradd.test
+run_test ./chroot/useradd/03_useradd--root_useradd.default/useradd.test
+run_test ./chroot/useradd/04_useradd--root_useradd-D/useradd.test
+run_test ./chroot/useradd/05_useradd--root_useradd-D-e-g/useradd.test
+run_test ./chroot/userdel/01_userdel--root/userdel.test
+run_test ./chroot/usermod/01_usermod--root/usermod.test
+run_test ./convtools/01/run
+run_test ./convtools/02_grpconv_remove_gshadow_only_entries/grpconv.test
+run_test ./convtools/03_grpconv_copy_passwd/grpconv.test
+run_test ./convtools/04_grpconv_no_password/grpconv.test
+run_test ./convtools/05_grpconv_copy_passwd_existing_gshadow/grpconv.test
+run_test ./convtools/06_grpconv_error_group_locked/grpconv.test
+run_test ./convtools/07_grpconv_error_gshadow_locked/grpconv.test
+run_test ./convtools/08_grpunconv_no_gshadow_file/grpunconv.test
+run_test ./convtools/09_grpunconv_error_group_locked/grpunconv.test
+run_test ./convtools/10_grpunconv_error_gshadow_locked/grpunconv.test
+run_test ./convtools/11_pwconv_error_passwd_locked/pwconv.test
+run_test ./convtools/12_pwconv_error_shadow_locked/pwconv.test
+run_test ./convtools/13_pwunconv_error_passwd_locked/pwunconv.test
+run_test ./convtools/14_pwunconv_error_shadow_locked/pwunconv.test
+run_test ./convtools/15_pwconv_remove_shadow_only_entries/pwconv.test
+run_test ./convtools/16_pwconv_copy_passwd/pwconv.test
+run_test ./convtools/17_pwunconv_no_shadow_file/pwunconv.test
+run_test ./convtools/18_pwunconv_user_not_in_shadow/pwunconv.test
+run_test ./convtools/19_pwconv_NIS/pwconv.test
+run_test ./convtools/20_pwunconv_usage_option/pwunconv.test
+run_test ./convtools/21_pwunconv_keep_passwd_password/pwunconv.test
+run_test ./convtools/22_grpunconv_usage_option/grpunconv.test
+run_test ./convtools/23_grpunconv_keep_group_password/grpunconv.test
+run_test ./convtools/24_grpunconv_no_gshadow_entry/grpunconv.test
+run_test ./convtools/25_pwconv_usage_option/pwconv.test
+run_test ./convtools/26_grpconv_usage_option/grpconv.test
+run_test ./convtools/27_pwunconv_usage/pwunconv.test
+run_test ./convtools/28_pwunconv_usage_extra_arg/pwunconv.test
+run_test ./convtools/29_grpconv_usage/grpconv.test
+run_test ./convtools/30_grpconv_usage_extra_arg/grpconv.test
+run_test ./convtools/31_pwconv_usage/pwconv.test
+run_test ./convtools/32_pwconv_usage_extra_arg/pwconv.test
+run_test ./convtools/33_grpunconv_usage/grpunconv.test
+run_test ./convtools/34_grpunconv_usage_extra_arg/grpunconv.test
+run_test ./cptools/02_cppw_usage/cppw.test
+run_test ./cptools/03_cppw_usage_invalid_option/cppw.test
+run_test ./cptools/04_cppw_no_file_argument/cppw.test
+run_test ./cptools/05_cppw_2_files/cppw.test
+run_test ./cptools/06_cppw_no_file/cppw.test
+run_test ./cptools/07_cppw_locked_passwd/cppw.test
+run_test ./cptools/08_cppw-p/cppw.test
+run_test ./cptools/09_cppw-g/cppw.test
+run_test ./cptools/10_cppw-g-s/cppw.test
+run_test ./cptools/11_cppw-p-s/cppw.test
+run_test ./cptools/12_cppw-s_no_shadow_file/cppw.test
+run_test ./debian/01/run
+run_test ./grouptools/chgpasswd/01_chgpasswd_invalid_group/chgpasswd.test
+run_test ./grouptools/chgpasswd/02_chgpasswd_multiple_groups/chgpasswd.test
+run_test ./grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/chgpasswd.test
+run_test ./grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/chgpasswd.test
+run_test ./grouptools/chgpasswd/05_chgpasswd_error_no_password/chgpasswd.test
+run_test ./grouptools/chgpasswd/06_chgpasswd_usage/chgpasswd.test
+run_test ./grouptools/chgpasswd/07_chgpasswd_usage_bad_option/chgpasswd.test
+run_test ./grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/chgpasswd.test
+run_test ./grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/chgpasswd.test
+run_test ./grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/chgpasswd.test
+run_test ./grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/chgpasswd.test
+run_test ./grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/chgpasswd.test
+run_test ./grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/chgpasswd.test
+run_test ./grouptools/chgpasswd/14_chgpasswd_password_encrypted/chgpasswd.test
+run_test ./grouptools/chgpasswd/15_chgpasswd_password_md5/chgpasswd.test
+run_test ./grouptools/chgpasswd/16_chgpasswd_password_NONE/chgpasswd.test
+run_test ./grouptools/chgpasswd/17_chgpasswd_password_MD5/chgpasswd.test
+run_test ./grouptools/chgpasswd/18_chgpasswd_password_DES/chgpasswd.test
+run_test ./grouptools/chgpasswd/19_chgpasswd_password_SHA256/chgpasswd.test
+run_test ./grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/chgpasswd.test
+run_test ./grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/chgpasswd.test
+run_test ./grouptools/chgpasswd/22_chgpasswd_password_SHA512/chgpasswd.test
+run_test ./grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/chgpasswd.test
+run_test ./grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/chgpasswd.test
+run_test ./grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/chgpasswd.test
+run_test ./grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/chgpasswd.test
+run_test ./grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/chgpasswd.test
+run_test ./grouptools/chgpasswd/30_chgpasswd_locked_group/chgpasswd.test
+run_test ./grouptools/chgpasswd/31_chgpasswd_locked_gshadow/chgpasswd.test
+run_test ./grouptools/chgpasswd/32_chgpasswd_invalid_group/chgpasswd.test
+run_test ./grouptools/gpasswd/01_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/02_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/03_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/04_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/05_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/06_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.test
+run_test ./grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.test
+run_test ./grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.test
+run_test ./grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/25_gpasswd_remove_password/gpasswd.test
+run_test ./grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/28_gpasswd_lock_password/gpasswd.test
+run_test ./grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/31_gpasswd_add_user_to_group/gpasswd.test
+run_test ./grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/34_gpasswd_remove_user_from_group/gpasswd.test
+run_test ./grouptools/gpasswd/35_gpasswd_remove_user_from_group/gpasswd.test
+run_test ./grouptools/gpasswd/36_gpasswd_remove_user_from_group/gpasswd.test
+run_test ./grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/43_gpasswd_-r_locked_group/gpasswd.test
+run_test ./grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/gpasswd.test
+run_test ./grouptools/gpasswd/45_gpasswd_-r_unknown_group/gpasswd.test
+run_test ./grouptools/gpasswd/46_gpasswd_-a_unknown_user/gpasswd.test
+run_test ./grouptools/gpasswd/47_gpasswd_-M_unknown_user/gpasswd.test
+run_test ./grouptools/gpasswd/48_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/49_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/50_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/51_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/52_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/53_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/56_gpasswd_add_user_to_group/gpasswd.test
+run_test ./grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/gpasswd.test
+run_test ./grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/gpasswd.test
+run_test ./grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/gpasswd.test
+run_test ./grouptools/gpasswd/60_gpasswd_add_long_user_to_group/gpasswd.test
+run_test ./grouptools/gpasswd/61_gpasswd_usage/gpasswd.test
+run_test ./grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test
+run_test ./grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test
+run_test ./grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test
+run_test ./grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test
+run_test ./grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test
+run_test ./grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test
+run_test ./grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test
+run_test ./grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test
+run_test ./grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test
+run_test ./grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test
+run_test ./grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test
+run_test ./grouptools/groupadd/01_groupadd_add_group/groupadd.test
+run_test ./grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test
+run_test ./grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/groupadd.test
+run_test ./grouptools/groupadd/04_groupadd_set_password/groupadd.test
+run_test ./grouptools/groupadd/05_groupadd_set_GID/groupadd.test
+run_test ./grouptools/groupadd/06_groupadd_-f_add_existing_group/groupadd.test
+run_test ./grouptools/groupadd/07_groupadd_-f_add_existing_GID/groupadd.test
+run_test ./grouptools/groupadd/08_groupadd_locked_group/groupadd.test
+run_test ./grouptools/groupadd/09_groupadd_locked_gshadow/groupadd.test
+run_test ./grouptools/groupadd/10_groupadd_-o_add_existing_GID/groupadd.test
+run_test ./grouptools/groupadd/11_groupadd_invalid_GID/groupadd.test
+run_test ./grouptools/groupadd/12_groupadd_negativ_GID/groupadd.test
+run_test ./grouptools/groupadd/13_groupadd_invalid_name/groupadd.test
+run_test ./grouptools/groupadd/14_groupadd_invalid_-K_option/groupadd.test
+run_test ./grouptools/groupadd/15_groupadd_invalid_-K_no_=/groupadd.test
+run_test ./grouptools/groupadd/16_groupadd_existing_group/groupadd.test
+run_test ./grouptools/groupadd/17_groupadd_add_systemgroup/groupadd.test
+run_test ./grouptools/groupadd/18_groupadd_no_more_GID/groupadd.test
+run_test ./grouptools/groupadd/19_groupadd_-r_no_more_system_GID/groupadd.test
+run_test ./grouptools/groupadd/20_groupadd_add_existing_GID/groupadd.test
+run_test ./grouptools/groupadd/21_groupadd_invalid_GID_4294967295/groupadd.test
+run_test ./grouptools/groupadd/22_groupadd_usage/groupadd.test
+run_test ./grouptools/groupadd/23_groupadd_no_groups/groupadd.test
+run_test ./grouptools/groupadd/24_groupadd_2_groups/groupadd.test
+run_test ./grouptools/groupadd/25_groupadd_no_gshadow/groupadd.test
+run_test ./grouptools/groupadd/26_groupadd_-o_without_-g/groupadd.test
+run_test ./grouptools/groupadd/27_groupadd_invalid_option/groupadd.test
+run_test ./grouptools/groupdel/01_groupdel_delete_group/groupdel.test
+run_test ./grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/groupdel.test
+run_test ./grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/groupdel.test
+run_test ./grouptools/groupdel/04_groupdel_delete_group_error_busy_group/groupdel.test
+run_test ./grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/groupdel.test
+run_test ./grouptools/groupdel/06_groupdel_delete_group_error_locked_group/groupdel.test
+run_test ./grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/groupdel.test
+run_test ./grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/groupdel.test
+run_test ./grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/groupdel.test
+run_test ./grouptools/groupdel/10_groupdel_usage/groupdel.test
+run_test ./grouptools/groupdel/11_groupdel_invalid_option/groupdel.test
+run_test ./grouptools/groupmems/01_groupmems_root_add_user/groupmems.test
+run_test ./grouptools/groupmems/02_groupmems_root_del_user/groupmems.test
+run_test ./grouptools/groupmems/03_groupmems_root_del_user_admin/groupmems.test
+run_test ./grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/groupmems.test
+run_test ./grouptools/groupmems/05_groupmems_root_add_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/07_groupmems_root_del_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/09_groupmems_root_purge_user/groupmems.test
+run_test ./grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/12_groupmems_user_add_user/groupmems.test
+run_test ./grouptools/groupmems/13_groupmems_user_del_user/groupmems.test
+run_test ./grouptools/groupmems/14_groupmems_user_del_user_admin/groupmems.test
+run_test ./grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/groupmems.test
+run_test ./grouptools/groupmems/16_groupmems_user_add_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/18_groupmems_user_del_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/20_groupmems_user_purge_user/groupmems.test
+run_test ./grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/groupmems.test
+run_test ./grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/groupmems.test
+run_test ./grouptools/groupmems/25_groupmems_user_add_user-not_user_group/groupmems.test
+run_test ./grouptools/groupmems/26_groupmems_user_add_user-already_member/groupmems.test
+run_test ./grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/groupmems.test
+run_test ./grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/groupmems.test
+run_test ./grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/groupmems.test
+run_test ./grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/groupmems.test
+run_test ./grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/groupmems.test
+run_test ./grouptools/groupmems/32_groupmems_user_del_user-not_member/groupmems.test
+run_test ./grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/groupmems.test
+run_test ./grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/groupmems.test
+run_test ./grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/groupmems.test
+run_test ./grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/groupmems.test
+run_test ./grouptools/groupmems/37_groupmems_user_purge_user-empty_group/groupmems.test
+run_test ./grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/groupmems.test
+run_test ./grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/groupmems.test
+run_test ./grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/groupmems.test
+run_test ./grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/groupmems.test
+run_test ./grouptools/groupmems/42_groupmems_user_list_users/groupmems.test
+run_test ./grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/groupmems.test
+run_test ./grouptools/groupmems/44_groupmems_user_list_users-another_group/groupmems.test
+run_test ./grouptools/groupmems/45_groupmems_user_list_users-group_locked/groupmems.test
+run_test ./grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/groupmems.test
+run_test ./grouptools/groupmems/47_groupmems_user_add_user-group_locked/groupmems.test
+run_test ./grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/groupmems.test
+run_test ./grouptools/groupmems/49_groupmems_user_del_user-group_locked/groupmems.test
+run_test ./grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/groupmems.test
+run_test ./grouptools/groupmems/51_groupmems_user_purge_user-group_locked/groupmems.test
+run_test ./grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/groupmems.test
+run_test ./grouptools/groupmems/53_groupmems_usage/groupmems.test
+run_test ./grouptools/groupmems/54_groupmems_usage_invalid_option/groupmems.test
+run_test ./grouptools/groupmems/55_groupmems_usage-a-d/groupmems.test
+run_test ./grouptools/groupmems/56_groupmems_usage_extra_arg/groupmems.test
+run_test ./grouptools/groupmems/57_groupmems_authentication/groupmems.test
+run_test ./grouptools/groupmems/58_groupmems_authentication_failure1/groupmems.test
+run_test ./grouptools/groupmems/59_groupmems_authentication_failure2/groupmems.test
+run_test ./grouptools/groupmems/60_groupmems_authentication_failure3/groupmems.test
+run_test ./grouptools/groupmod/01_groupmod_change_gid/groupmod.test
+run_test ./grouptools/groupmod/02_groupmod_change_gid_change_primary_group/groupmod.test
+run_test ./grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/groupmod.test
+run_test ./grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/groupmod.test
+run_test ./grouptools/groupmod/06_groupmod_change_group_name/groupmod.test
+run_test ./grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/groupmod.test
+run_test ./grouptools/groupmod/09_groupmod_set_password/groupmod.test
+run_test ./grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/groupmod.test
+run_test ./grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/groupmod.test
+run_test ./grouptools/groupmod/13_groupmod_change_gid_error_used_GID/groupmod.test
+run_test ./grouptools/groupmod/14_groupmod_change_group_name_error_used_name/groupmod.test
+run_test ./grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/groupmod.test
+run_test ./grouptools/groupmod/16_groupmod_change_group_name_no_changes/groupmod.test
+run_test ./grouptools/groupmod/17_groupmod_change_gid_error_locked_group/groupmod.test
+run_test ./grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/groupmod.test
+run_test ./grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/groupmod.test
+run_test ./grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/groupmod.test
+run_test ./grouptools/groupmod/21_groupmod_change_gid_error_no_group/groupmod.test
+run_test ./grouptools/groupmod/22_groupmod_change_gid_and_group_name/groupmod.test
+run_test ./grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/groupmod.test
+run_test ./grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/groupmod.test
+run_test ./grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/groupmod.test
+run_test ./grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/groupmod.test
+run_test ./grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/groupmod.test
+run_test ./grouptools/groupmod/28_groupmod_usage/groupmod.test
+run_test ./grouptools/groupmod/29_groupmod_-g_same_gid_new_name/groupmod.test
+run_test ./grouptools/groupmod/30_groupmod_-g_same_gid_same_name/groupmod.test
+run_test ./grouptools/groupmod/31_groupmod_-g_same_gid/groupmod.test
+run_test ./grouptools/groupmod/32_groupmod_-o_without_-g/groupmod.test
+run_test ./grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/groupmod.test
+run_test ./grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/groupmod.test
+run_test ./grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/37_groupmod_invalid_option/groupmod.test
+run_test ./log/faillog/01_faillog_no_faillog/faillog.test
+run_test ./log/faillog/02_faillog_usage/faillog.test
+run_test ./log/faillog/03_faillog_format/faillog.test
+run_test ./log/faillog/04_faillog_mulitple/faillog.test
+run_test ./log/faillog/05_faillog-u_ID/faillog.test
+run_test ./log/faillog/06_faillog-u_name/faillog.test
+run_test ./log/faillog/07_faillog-u_ID_invalid/faillog.test
+run_test ./log/faillog/08_faillog-u_name_invalid/faillog.test
+run_test ./log/faillog/09_faillog-u_range/faillog.test
+run_test ./log/faillog/10_faillog-u_open_range/faillog.test
+run_test ./log/faillog/11_faillog-u_range_open/faillog.test
+run_test ./log/faillog/12_faillog-u_range_invalid1/faillog.test
+run_test ./log/faillog/13_faillog-u_range_invalid2/faillog.test
+run_test ./log/faillog/14_faillog-u_range_invalid3/faillog.test
+run_test ./log/faillog/15_faillog_bad_option/faillog.test
+run_test ./log/faillog/16_faillog_extra_arg/faillog.test
+run_test ./log/faillog/17_faillog-t/faillog.test
+run_test ./log/faillog/18_faillog-t_invalid/faillog.test
+run_test ./log/faillog/19_faillog_multiple_same_user/faillog.test
+run_test ./log/faillog/20_faillog-r-u/faillog.test
+run_test ./log/faillog/21_faillog-r-u_range/faillog.test
+run_test ./log/faillog/22_faillog_removed_user/faillog.test
+run_test ./log/faillog/23_faillog-a_removed_user/faillog.test
+run_test ./log/faillog/24_faillog-u_removed_user/faillog.test
+run_test ./log/faillog/25_faillog-r-u_removed_user/faillog.test
+run_test ./log/faillog/26_faillog-r-u_range_removed_user/faillog.test
+run_test ./log/faillog/27_faillog-r-a-u_range_removed_user/faillog.test
+run_test ./log/faillog/28_faillog-r-a-u_open_range_removed_user/faillog.test
+run_test ./log/faillog/29_faillog-r-a-u_range_open_removed_user/faillog.test
+run_test ./log/faillog/30_faillog-r/faillog.test
+run_test ./log/faillog/31_faillog-r-u_open_range/faillog.test
+run_test ./log/faillog/32_faillog-l/faillog.test
+run_test ./log/faillog/33_faillog-l-u_user/faillog.test
+run_test ./log/faillog/34_faillog-l-u_range/faillog.test
+run_test ./log/faillog/35_faillog-l-u_open_range/faillog.test
+run_test ./log/faillog/36_faillog-l-u_range_open/faillog.test
+run_test ./log/faillog/37_faillog-l-a-u_user/faillog.test
+run_test ./log/faillog/38_faillog-l-a-u_range/faillog.test
+run_test ./log/faillog/39_faillog-l-a-u_open_range/faillog.test
+run_test ./log/faillog/40_faillog-l-a-u_range_open/faillog.test
+run_test ./log/faillog/41_faillog-l_invalid/faillog.test
+run_test ./log/faillog/42_faillog-m/faillog.test
+run_test ./log/faillog/43_faillog-m-u_user/faillog.test
+run_test ./log/faillog/44_faillog-m-u_range/faillog.test
+run_test ./log/faillog/45_faillog-m-u_open_range/faillog.test
+run_test ./log/faillog/46_faillog-m-u_range_open/faillog.test
+run_test ./log/faillog/47_faillog-m-a-u_user/faillog.test
+run_test ./log/faillog/48_faillog-m-a-u_range/faillog.test
+run_test ./log/faillog/49_faillog-m-a-u_open_range/faillog.test
+run_test ./log/faillog/50_faillog-m-a-u_range_open/faillog.test
+run_test ./log/faillog/51_faillog-m_invalid/faillog.test
+run_test ./log/faillog/52_faillog-t-l_exclusive/faillog.test
+run_test ./log/faillog/53_faillog-t-m_exclusive/faillog.test
+run_test ./log/faillog/54_faillog-t-r_exclusive/faillog.test
+run_test ./log/faillog/55_faillog_no_changes/faillog.test
+run_test ./log/faillog/56_faillog-l-m_empty_file/faillog.test
+run_test ./log/faillog/57_faillog-r_empty_file/faillog.test
+run_test ./log/faillog/58_faillog-l_no_failcount/faillog.test
+run_test ./log/lastlog/01_lastlog_no_lastlog/lastlog.test
+run_test ./log/lastlog/02_lastlog_usage/lastlog.test
+run_test ./log/lastlog/03_lastlog_format/lastlog.test
+run_test ./log/lastlog/04_lastlog_mulitple/lastlog.test
+run_test ./log/lastlog/05_lastlog-u_ID/lastlog.test
+run_test ./log/lastlog/06_lastlog-u_name/lastlog.test
+run_test ./log/lastlog/07_lastlog-u_ID_invalid/lastlog.test
+run_test ./log/lastlog/08_lastlog-u_name_invalid/lastlog.test
+run_test ./log/lastlog/09_lastlog-u_range/lastlog.test
+run_test ./log/lastlog/10_lastlog-u_open_range/lastlog.test
+run_test ./log/lastlog/11_lastlog-u_range_open/lastlog.test
+run_test ./log/lastlog/12_lastlog-u_range_invalid1/lastlog.test
+run_test ./log/lastlog/13_lastlog-u_range_invalid2/lastlog.test
+run_test ./log/lastlog/14_lastlog-u_range_invalid3/lastlog.test
+run_test ./log/lastlog/15_lastlog_bad_option/lastlog.test
+run_test ./log/lastlog/16_lastlog_extra_arg/lastlog.test
+run_test ./log/lastlog/17_lastlog-t/lastlog.test
+run_test ./log/lastlog/18_lastlog-b/lastlog.test
+run_test ./log/lastlog/19_lastlog-t_invalid/lastlog.test
+run_test ./log/lastlog/20_lastlog-b_invalid/lastlog.test
+run_test ./usertools/01/01_useradd_add_user.test
+run_test ./usertools/01/01_userdel_delete_user.test
+run_test ./usertools/01/02_useradd_recreate_deleted_user.test
+run_test ./usertools/01/03_useradd_additional_options.test
+run_test ./usertools/01/04_useradd_add_user_with_existing_UID_fail.test
+run_test ./usertools/01/04_useradd_add_user_with_existing_UID_with_-o.test
+run_test ./usertools/01/04_useradd_specified_UID.test
+run_test ./usertools/01/04_useradd_specified_UID_and_GID.test
+run_test ./usertools/01/04_userdel_delete_user_with_non_unique_UID.test
+run_test ./usertools/01/05_useradd_invalid_numeric_primary_group.test
+run_test ./usertools/01/06_useradd_invalid_named_primary_group.test
+run_test ./usertools/01/07_useradd_numerical_primary_group.test
+run_test ./usertools/01/08_useradd_named_primary_group.test
+run_test ./usertools/01/09_usermod_change_user_info.test
+run_test ./usertools/01/10_usermod_rename_user.test
+run_test ./usertools/01/10_usermod_rename_user_in_group.test
+run_test ./usertools/01/11_usermod_change_password.test
+run_test ./usertools/01/11_usermod_lock_password.test
+run_test ./usertools/01/11_usermod_unlock_empty_password.test
+run_test ./usertools/01/11_usermod_unlock_password.test
+run_test ./usertools/01/12_usermod_change_gid_name.test
+run_test ./usertools/01/12_usermod_change_gid_number.test
+run_test ./usertools/01/13_useradd_negative_UID.test
+run_test ./usertools/01/14_useradd_out_of_range_UID.test
+run_test ./usertools/01/15_useradd_specified_large_UID.test
+run_test ./usertools/01/16_useradd_add_user_to_multiple_groups.test
+run_test ./usertools/01/16_useradd_add_user_to_one_group.test
+run_test ./usertools/01/17_useradd_create_homedir.test
+run_test ./usertools/01/18_userdel_remove_homedir.test
+run_test ./usertools/01/19_userdel_delete_user_in_group.test
+run_test ./usertools/01/20_usermod_change_homedir.test
+run_test ./usertools/01/21_usermod_change_and_move_homedir.test
+run_test ./usertools/01/22_usermod_new_groups.test
+run_test ./usertools/01/23_usermod_add_groups.test
+run_test ./usertools/01/24_usermod_new_groups_remove_old_groups.test
+run_test ./usertools/01/25_useradd_specified_large_UID2.test
+run_test ./usertools/01/26_useradd_UID_-1.test
+run_test ./usertools/02/useradd_default_default_values.test
+run_test ./usertools/02/useradd_get_default_values.test
+run_test ./usertools/02/useradd_change_default_INACTIVE.test
+run_test ./usertools/02/useradd_change_default_SHELL.test
+run_test ./usertools/02/useradd_change_default_EXPIRE.test
+run_test ./usertools/02/useradd_change_default_GROUP.test
+run_test ./usertools/02/useradd_change_default_HOME.test
+run_test ./usertools/02/useradd_change_defaults.test
+run_test ./usertools/03/useradd_change_defaults.test
+run_test ./usertools/04/01_useradd_add_user.test
+run_test ./usertools/05_userdel_del_from_group_members/userdel.test
+run_test ./usertools/06_userdel_del_from_gshadow_members/userdel.test
+run_test ./usertools/07_userdel_del_from_gshadow_admins/userdel.test
+run_test ./usertools/08_userdel_del_from_group_and_gshadow/userdel.test
+run_test ./usertools/09_userdel_del_homedir/userdel.test
+run_test ./usertools/10_userdel_del_homedir_wrong_owner/userdel.test
+run_test ./usertools/11_usermod_move_homedir/usermod.test
+run_test ./usertools/12_usermod_move_homedir_dev_null/usermod.test
+run_test ./usertools/13_usermod_move_homedir_file/usermod.test
+run_test ./usertools/14_usermod_move_homedir_other_device/usermod.test
+run_test ./usertools/15_usermod_change_supplementary_groups/usermod.test
+run_test ./usertools/16_usermod_remove_supplementary_groups/usermod.test
+run_test ./usertools/17_usermod_change_supplementary_groups_numerical/usermod.test
+run_test ./usertools/18_usermod_change_supplementary_groups-unknown_group/usermod.test
+run_test ./usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/usermod.test
+run_test ./usertools/20_usermod_rename_user_in_member_lists/usermod.test
+run_test ./usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/usermod.test
+run_test ./usertools/22_usermod-a_existing_supplementary_group/usermod.test
+run_test ./usertools/23_usermod-a_existing_supplementary_group+rename/usermod.test
+run_test ./usertools/24_usermod_locked_passwd/usermod.test
+run_test ./usertools/25_usermod-G_locked_group/usermod.test
+run_test ./usertools/26_usermod_locked_shadow/usermod.test
+run_test ./usertools/27_usermod-G_locked_gshadow/usermod.test
+run_test ./usertools/28_usermod-c_locked_group/usermod.test
+run_test ./usertools/29_usermod-c_locked_gshadow/usermod.test
+run_test ./usertools/30_usermod-l_locked_group/usermod.test
+run_test ./usertools/31_usermod-l_locked_gshadow/usermod.test
+run_test ./usertools/32_usermod-u_new_UID/usermod.test
+run_test ./usertools/33_usermod-u_existing_UID/usermod.test
+run_test ./usertools/34_usermod-u-o_existing_UID/usermod.test
+run_test ./usertools/35_usermod-u_invalid_UID/usermod.test
+run_test ./usertools/36_usermod_change_uid+move_homedir_other_device/usermod.test
+run_test ./usertools/37_Debian_Bug_470745/usermod.test
+run_test ./usertools/38_usermod_invalid_user/usermod.test
+run_test ./usertools/39_usermod_-c_invalid_comment/usermod.test
+run_test ./usertools/40_usermod_-d_invalid_homedir/usermod.test
+run_test ./usertools/41_usermod_-d_invalid_shell/usermod.test
+run_test ./usertools/42_usermod_-g_invalid_group_name/usermod.test
+run_test ./usertools/43_usermod_-g_invalid_group_ID/usermod.test
+run_test ./usertools/44_usermod-l_existing_username/usermod.test
+run_test ./usertools/45_usermod-l_existing_username_passwd/usermod.test
+run_test ./usertools/46_usermod-l_existing_username_shadow/usermod.test
+run_test ./usertools/47_usermod-l_no_shadow_file/usermod.test
+run_test ./usertools/48_userdel_keep_group_if_primary_other_user/userdel.test
+run_test ./usertools/49_userdel_delete_users_group/userdel.test
+run_test ./usertools/50_userdel_delete_users_group_no_gshadow_group/userdel.test
+run_test ./usertools/51_userdel_delete_users_group_no_gshadow_file/userdel.test
+run_test ./usertools/52_userdel_delete_user_no_shadow_entry/userdel.test
+run_test ./usertools/53_userdel_delete_user_no_shadow_file/userdel.test
+run_test ./usertools/54_usermod-u_invalid_UID_4294967295/usermod.test
+run_test ./usertools/55_userdel_busy_user/userdel.test
+run_test ./usertools/56_userdel_locked_passwd/userdel.test
+run_test ./usertools/57_userdel_locked_group/userdel.test
+run_test ./usertools/58_userdel_locked_shadow/userdel.test
+run_test ./usertools/59_userdel_locked_gshadow/userdel.test
+run_test ./usertools/60_userdel_invalid_user/userdel.test
+run_test ./usertools/61_userdel_del_homedir_with_symlinks/userdel.test
+if [ "$USE_PAM" = "yes" ]; then
+	run_test ./usertools/chpasswd-PAM/01_chpasswd_invalid_user/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/02_chpasswd_multiple_users/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/05_chpasswd_error_no_password/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/14_chpasswd_password_encrypted/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/15_chpasswd_password_md5/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/16_chpasswd_password_NONE/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/17_chpasswd_password_MD5/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/18_chpasswd_password_DES/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/19_chpasswd_password_SHA256/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/22_chpasswd_password_SHA512/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/30_chpasswd_locked_passwd/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/31_chpasswd_locked_shadow/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/32_chpasswd_invalid_user/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/chpasswd.test
+else
+	run_test ./usertools/chpasswd/01_chpasswd_invalid_user/chpasswd.test
+	run_test ./usertools/chpasswd/02_chpasswd_multiple_users/chpasswd.test
+	run_test ./usertools/chpasswd/03_chpasswd_no_shadow_file/chpasswd.test
+	run_test ./usertools/chpasswd/04_chpasswd_no_shadow_entry/chpasswd.test
+	run_test ./usertools/chpasswd/05_chpasswd_error_no_password/chpasswd.test
+fi
+run_test ./usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test
+run_test ./usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test
+run_test ./usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test
+run_test ./usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test
+run_test ./usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test
+run_test ./usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test
+run_test ./usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test
+run_test ./usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test
+run_test ./usertools/useradd/01_useradd_usage/useradd.test
+run_test ./usertools/useradd/02_useradd_usage_invalid_option/useradd.test
+run_test ./usertools/useradd/03_useradd_usage_no_users/useradd.test
+run_test ./usertools/useradd/04_useradd_usage_2_users/useradd.test
+run_test ./usertools/useradd/05_useradd_usage-b_invalid1/useradd.test
+run_test ./usertools/useradd/06_useradd_usage-b_invalid2/useradd.test
+run_test ./usertools/useradd/07_useradd_usage-b_invalid3/useradd.test
+run_test ./usertools/useradd/08_useradd_usage-c_invalid1/useradd.test
+run_test ./usertools/useradd/09_useradd_usage-c_invalid2/useradd.test
+run_test ./usertools/useradd/10_useradd_usage-d_invalid1/useradd.test
+run_test ./usertools/useradd/11_useradd_usage-d_invalid2/useradd.test
+run_test ./usertools/useradd/12_useradd_usage-d_invalid3/useradd.test
+run_test ./usertools/useradd/13_useradd_usage-e_invalid1/useradd.test
+run_test ./usertools/useradd/14_useradd_usage-e_invalid2/useradd.test
+run_test ./usertools/useradd/15_useradd_usage-e_no_shadow_file/useradd.test
+run_test ./usertools/useradd/16_useradd_usage-f_invalid1/useradd.test
+run_test ./usertools/useradd/17_useradd_usage-f_invalid2/useradd.test
+run_test ./usertools/useradd/18_useradd_usage-f_no_shadow_file/useradd.test
+run_test ./usertools/useradd/19_useradd_usage-K_invalid1/useradd.test
+run_test ./usertools/useradd/20_useradd_usage-O_invalid2/useradd.test
+run_test ./usertools/useradd/21_useradd_usage-p_invalid1/useradd.test
+run_test ./usertools/useradd/22_useradd_usage-p_invalid2/useradd.test
+run_test ./usertools/useradd/23_useradd_usage-s_invalid1/useradd.test
+run_test ./usertools/useradd/24_useradd_usage-s_invalid2/useradd.test
+run_test ./usertools/useradd/25_useradd_usage-s_invalid3/useradd.test
+run_test ./usertools/useradd/26_useradd_usage-o_without-u/useradd.test
+run_test ./usertools/useradd/27_useradd_usage-k_without-m/useradd.test
+run_test ./usertools/useradd/28_useradd_usage-U_with-g/useradd.test
+run_test ./usertools/useradd/29_useradd_usage-U_with-N/useradd.test
+run_test ./usertools/useradd/30_useradd_usage-m_with-M/useradd.test
+run_test ./usertools/useradd/31_useradd_usage_user_with-D/useradd.test
+run_test ./usertools/useradd/32_useradd_usage-D_with_other/useradd.test
+run_test ./usertools/useradd/33_useradd_usage_invalid_username/useradd.test
+run_test ./usertools/useradd/35_useradd_default_GROUP_name/useradd.test
+run_test ./usertools/useradd/34_useradd_default_GROUP_GID/useradd.test
+run_test ./usertools/useradd/36_useradd_default_GROUP_invalid_GID/useradd.test
+run_test ./usertools/useradd/37_useradd_default_GROUP_invalid_name/useradd.test
+run_test ./usertools/useradd/38_useradd_default_INACTIVE/useradd.test
+run_test ./usertools/useradd/39_useradd_default_INACTIVE_invalid1/useradd.test
+run_test ./usertools/useradd/40_useradd_default_INACTIVE_invalid2/useradd.test
+run_test ./usertools/useradd/41_useradd_default_default_SKEL/useradd.test
+run_test ./usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/useradd.test
+run_test ./usertools/useradd/43_useradd_default_no_final_eol/useradd.test
+run_test ./usertools/useradd/44_useradd_default_no_file/useradd.test
+run_test ./usertools/useradd/45_useradd-G_UID_name/useradd.test
+run_test ./usertools/useradd/46_useradd-G_UID_duplicate/useradd.test
+run_test ./usertools/useradd/47_useradd-G_UID_name_duplicate/useradd.test
+run_test ./usertools/useradd/48_useradd-G_name_duplicate/useradd.test
+run_test ./usertools/useradd/49_useradd-G_invalid_group/useradd.test
+run_test ./usertools/useradd/50_useradd-r/useradd.test
+run_test ./usertools/useradd/51_useradd_already_exist/useradd.test
+run_test ./usertools/useradd/52_useradd-U_group_already_exist/useradd.test
+run_test ./usertools/useradd/53_useradd-G_empty/useradd.test
+run_test ./usertools/useradd/54_useradd_no_shadow_file/useradd.test
+run_test ./usertools/useradd/55_useradd_no_gshadow_file/useradd.test
+run_test ./usertools/useradd/56_useradd_gshadow_entry_without_group_entry/useradd.test
+run_test ./usertools/useradd/57_useradd_usage-D_not_first_option/useradd.test
+run_test ./usertools/useradd/58_useradd-e_empty/useradd.test
+run_test ./usertools/useradd/59_useradd-e-1-f-1/useradd.test
+run_test ./usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/useradd.test
+run_test ./usertools/useradd/61_useradd-K/useradd.test
+run_test ./usertools/useradd/62_useradd-p/useradd.test
+run_test ./usertools/useradd/63_useradd-s/useradd.test
+run_test ./usertools/useradd/64_useradd_locked_passwd/useradd.test
+run_test ./usertools/useradd/65_useradd_locked_group/useradd.test
+run_test ./usertools/useradd/66_useradd_locked_shadow/useradd.test
+run_test ./usertools/useradd/67_useradd_locked_gshadow/useradd.test
+run_test ./usertools/useradd/68_useradd-s_empty/useradd.test
+run_test ./usertools/userdel/01_userdel_usage/userdel.test
+run_test ./usertools/userdel/02_userdel_usage_invalid_option/userdel.test
+run_test ./usertools/userdel/03_userdel_usage_no_users/userdel.test
+run_test ./usertools/userdel/04_userdel_usage_2_users/userdel.test
+run_test ./usertools/userdel/05_userdel_no_USERGROUPS_ENAB/userdel.test
+run_test ./usertools/userdel/06_userdel_no_usergroup/userdel.test
+run_test ./usertools/userdel/07_userdel_usergroup_not_primary/userdel.test
+run_test ./usertools/userdel/08_userdel_usergroup_with_other_members/userdel.test
+run_test ./usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/userdel.test
+run_test ./usertools/userdel/10_userdel_del_homedir_symlink/userdel.test
+run_test ./usertools/usermod/01_usermod-p_no_shadow_file/usermod.test
+run_test ./usertools/usermod/02_usermod-p_no_shadow_entry/usermod.test
+run_test ./usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/usermod.test
+run_test ./usertools/usermod/04_usermod_lock_already_locked_password1/usermod.test
+run_test ./usertools/usermod/05_usermod_lock_already_locked_password2/usermod.test
+run_test ./usertools/usermod/06_usermod_lock_already_locked_password3/usermod.test
+run_test ./usertools/usermod/07_usermod_unlock_already_unlocked_password1/usermod.test
+run_test ./usertools/usermod/08_usermod_unlock_already_unlocked_password2/usermod.test
+run_test ./usertools/usermod/09_usermod_unlock_already_unlocked_password3/usermod.test
+run_test ./usertools/usermod/10_usermod_usage/usermod.test
+run_test ./usertools/usermod/11_usermod_usage_bad_option/usermod.test
+run_test ./usertools/usermod/12_usermod_usage_bad-f/usermod.test
+run_test ./usertools/usermod/13_usermod_usage_bad-f_negativ/usermod.test
+run_test ./usertools/usermod/14_usermod_usage_no_options/usermod.test
+run_test ./usertools/usermod/15_usermod_usage_no_user/usermod.test
+run_test ./usertools/usermod/16_usermod_usage_-e_no_shadow_file/usermod.test
+run_test ./usertools/usermod/17_usermod_usage_-f_no_shadow_file/usermod.test
+run_test ./usertools/usermod/18_usermod_usage-L-p_exclusive/usermod.test
+run_test ./usertools/usermod/19_usermod_usage-L-U_exclusive/usermod.test
+run_test ./usertools/usermod/20_usermod_usage-p-U_exclusive/usermod.test
+run_test ./usertools/usermod/21_usermod_rename_user_no_gshadow_file/usermod.test
+run_test ./usertools/usermod/22_usermod_usage_rename_invalid_username/usermod.test
+run_test ./usertools/usermod/23_usermod-e_date/usermod.test
+run_test ./usertools/usermod/24_usermod-e_date/usermod.test
+run_test ./usertools/usermod/25_usermod-e_empty_arg/usermod.test
+run_test ./usertools/usermod/26_usermod-e-1/usermod.test
+run_test ./usertools/usermod/27_usermod-e_invalid1/usermod.test
+run_test ./usertools/usermod/28_usermod-e_invalid2/usermod.test
+run_test ./usertools/usermod/29_usermod_no_changes/usermod.test
+run_test ./usertools/usermod/30_usermod_usage-a_without-G/usermod.test
+run_test ./usertools/usermod/31_usermod_usage-o_without-u/usermod.test
+run_test ./usertools/usermod/32_usermod_usage-m_without-d/usermod.test
+run_test ./usertools/usermod/33_usermod_change_shell/usermod.test
+run_test ./usertools/usermod/34_usermod-e_date_no_shadow_entry/usermod.test
+run_test ./usertools/usermod/35_usermod-f_no_shadow_entry/usermod.test
+run_test ./usertools/usermod/36_usermod_move_homedir_existing_dir/usermod.test
+run_test ./usertools/usermod/37_usermod_move_nonexistent_homedir/usermod.test
+run_test ./usertools/usermod/38_usermod-u_lastlog_not_created/usermod.test
+run_test ./usertools/usermod/39_usermod-u_copy_lastlog_entry/usermod.test
+run_test ./usertools/usermod/40_usermod-u_reset_new_lastlog_entry/usermod.test
+run_test ./usertools/usermod/41_usermod-u_faillog_not_created/usermod.test
+run_test ./usertools/usermod/42_usermod-u_copy_faillog_entry/usermod.test
+run_test ./usertools/usermod/43_usermod-u_reset_new_faillog_entry/usermod.test
+run_test ./usertools/usermod/44_usermod-l_move_mailbox/usermod.test
+run_test ./usertools/usermod/45_usermod-u_change_mailbox_owner/usermod.test
+run_test ./usertools/usermod/46_usermod-u_checks_mailbox_owner/usermod.test
+run_test ./usertools/usermod/47_usermod-u_default_maildir/usermod.test
+run_test ./usertools/usermod/48_usermod-u_MAIL_FILE/usermod.test
+run_test ./usertools/usermod/49_usermod_change_gid+move_homedir_other_device/usermod.test
+run_test ./usertools/usermod/50_usermod_change_uid+move_homedir/usermod.test
+run_test ./usertools/usermod/51_usermod_change_gid+move_homedir/usermod.test
+run_test ./usertools/usermod/52_usermod_move_homedir_symlink/usermod.test
+run_test ./cptools/01/run1
+run_test ./cptools/01/run2
+run_test ./cptools/01/run3
+run_test ./cptools/01/run4
+run_test ./cktools/01/run1
+run_test ./cktools/01/run2
+run_test ./cktools/02_pwck_sort/pwck.test
+run_test ./cktools/03_grpck_sort/grpck.test
+run_test ./cktools/04_pwck_sort_missing_shadow_user/pwck.test
+run_test ./cktools/05_grpck_sort_missing_shadow_group/grpck.test
+run_test ./cktools/06_pwck_sort_NIS_server/pwck.test
+run_test ./cktools/07_pwck_sort_NIS_client/pwck.test
+run_test ./cktools/grpck/04_grpck_missing_field_group_delete/grpck.test
+run_test ./cktools/grpck/05_grpck_missing_field_group_keep/grpck.test
+run_test ./cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.test
+run_test ./cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.test
+run_test ./cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.test
+run_test ./cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.test
+run_test ./cktools/grpck/10_grpck_missing_field_group_local/grpck.test
+run_test ./cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.test
+run_test ./cktools/grpck/12_grpck_unknown_user_group/grpck.test
+run_test ./cktools/grpck/13_grpck_unknown_user_gshadow/grpck.test
+run_test ./cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.test
+run_test ./cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.test
+run_test ./cktools/grpck/16_grpck_duplicate_entry_group/grpck.test
+run_test ./cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.test
+run_test ./cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.test
+run_test ./cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.test
+run_test ./cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.test
+run_test ./cktools/grpck/21_grpck_invalid_group_name/grpck.test
+run_test ./cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.test
+run_test ./cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.test
+run_test ./cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.test
+run_test ./cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.test
+run_test ./cktools/grpck/26_grpck_no_gshadow_file/grpck.test
+run_test ./cktools/grpck/27_grpck_sort_no_gshadow_file/grpck.test
+run_test ./cktools/grpck/28_grpck_usage/grpck.test
+run_test ./cktools/grpck/29_grpck_sort_readonly/grpck.test
+run_test ./cktools/grpck/30_grpck_3_files/grpck.test
+run_test ./cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.test
+run_test ./cktools/grpck/32_grpck_sort_nis/grpck.test
+run_test ./cktools/grpck/33_grpck_locked_group/grpck.test
+run_test ./cktools/grpck/34_grpck_locked_gshadow/grpck.test
+run_test ./cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.test
+run_test ./cktools/grpck/36_grpck_password_group_gshadow/grpck.test
+run_test ./cktools/grpck/37_grpck_invalid_option/grpck.test
+run_test ./cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.test
+run_test ./cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.test
+run_test ./cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.test
+run_test ./cktools/pwck/07_pwck_missing_field_shadow_add/pwck.test
+run_test ./cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.test
+run_test ./cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.test
+run_test ./cktools/pwck/10_pwck_missing_field_passwd_local/pwck.test
+run_test ./cktools/pwck/11_pwck_missing_field_shadow_local/pwck.test
+run_test ./cktools/pwck/12_pwck_unknown_user_group_ID/pwck.test
+run_test ./cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.test
+run_test ./cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.test
+run_test ./cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.test
+run_test ./cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.test
+run_test ./cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.test
+run_test ./cktools/pwck/18_pwck_invalid_user_name/pwck.test
+run_test ./cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.test
+run_test ./cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.test
+run_test ./cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.test
+run_test ./cktools/pwck/22_pwck_usage/pwck.test
+run_test ./cktools/pwck/23_pwck_locked_passwd/pwck.test
+run_test ./cktools/pwck/24_pwck_locked_shadow/pwck.test
+run_test ./cktools/pwck/25_pwck_usage_invalid_option/pwck.test
+run_test ./cktools/pwck/26_pwck_usage-s-r/pwck.test
+run_test ./cktools/pwck/27_pwck_usage_3_files/pwck.test
+run_test ./cktools/pwck/28_pwck_no_shadow_file/pwck.test
+run_test ./cktools/pwck/29_pwck_password_change_in_future/pwck.test
+run_test ./cktools/pwck/30_pwck_NIS_entries/pwck.test
+run_test ./cktools/pwck/31_pwck_shadow_entry_passwd_no_x/pwck.test
+run_test ./cktools/pwck/32_pwck_quiet/pwck.test
+if [ "$USE_PAM" != "yes" ]; then
+	run_test ./crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd.test
+	run_test ./crypt/login.defs_DES/01_chpasswd.test
+	run_test ./crypt/login.defs_DES/02_chpasswd--crypt-method-MD5.test
+	run_test ./crypt/login.defs_DES/03_chpasswd--crypt-method-DES.test
+	run_test ./crypt/login.defs_DES/04_chpasswd--crypt-method-NONE.test
+	run_test ./crypt/login.defs_DES/05_chpasswd-e.test
+	run_test ./crypt/login.defs_DES/06_chpasswd-m.test
+fi
+run_test ./crypt/login.defs_DES/07_chgpasswd.test
+run_test ./crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5.test
+run_test ./crypt/login.defs_DES/09_chgpasswd--crypt-method-DES.test
+run_test ./crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE.test
+run_test ./crypt/login.defs_DES/11_chgpasswd-e.test
+run_test ./crypt/login.defs_DES/12_chgpasswd-m.test
+if [ "$USE_PAM" != "yes" ]; then
+	run_test ./crypt/login.defs_MD5/01_chpasswd.test
+	run_test ./crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd.test
+fi
+run_test ./crypt/login.defs_MD5/02_chgpasswd.test
+run_test ./crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd.test
+if [ "$USE_PAM" != "yes" ]; then
+	run_test ./crypt/login.defs_SHA256-round-max/01_chpasswd.test
+	run_test ./crypt/login.defs_SHA256-round-min-max/01_chpasswd.test
+	run_test ./crypt/login.defs_SHA256-round-min/01_chpasswd.test
+	run_test ./crypt/login.defs_SHA256/01_chpasswd.test
+	run_test ./crypt/login.defs_SHA512/01_chpasswd.test
+	run_test ./crypt/login.defs_none/01_chpasswd.test
+fi
+run_test ./crypt/login.defs_SHA256-round-max/02_chgpasswd.test
+run_test ./crypt/login.defs_SHA256-round-min-max/02_chgpasswd.test
+run_test ./crypt/login.defs_SHA256-round-min/02_chgpasswd.test
+run_test ./crypt/login.defs_SHA256/02_chgpasswd.test
+run_test ./crypt/login.defs_SHA512/02_chgpasswd.test
+run_test ./crypt/login.defs_none/02_chgpasswd.test
+run_test ./newusers/01_create_user/newusers.test
+run_test ./newusers/02_update_password/newusers.test
+run_test ./newusers/03_no_update_pid/newusers.test
+run_test ./newusers/04_no_update_gid/newusers.test
+run_test ./newusers/05_create_user_pid/newusers.test
+run_test ./newusers/06_create_user_gid/newusers.test
+run_test ./newusers/07_create_user_pid_gid/newusers.test
+run_test ./newusers/08_create_user_pid_other-gid/newusers.test
+run_test ./newusers/09_create_user_pid-as-user-bar/newusers.test
+run_test ./newusers/10_create_user_gid-as-group-bar/newusers.test
+run_test ./newusers/11_update_gecos/newusers.test
+run_test ./newusers/12_update_shell/newusers.test
+run_test ./newusers/13_create_user_new-home/newusers.test
+run_test ./newusers/14_create_user_existing-home/newusers.test
+run_test ./newusers/15_update_new-home/newusers.test
+run_test ./newusers/16_update_existing-home/newusers.test
+run_test ./newusers/17_create_user_pid-already-used/newusers.test
+run_test ./newusers/18_create_user_gid-already-used/newusers.test
+run_test ./newusers/19_update_keep-old-home/newusers.test
+run_test ./newusers/20_multiple_users/newusers.test
+run_test ./newusers/21_create_user_UID_MAX/newusers.test
+run_test ./newusers/22_create_user_GID_MAX/newusers.test
+run_test ./newusers/23_create_user_error_negativ_UID/newusers.test
+run_test ./newusers/24_create_user_error_invalid_UID/newusers.test
+run_test ./newusers/25_create_user_error_no_remaining_UID/newusers.test
+run_test ./newusers/26_create_user_error_no_remaining_GID/newusers.test
+run_test ./newusers/27_create_user_error_invalid_username/newusers.test
+run_test ./newusers/28_create_user_error_invalid_groupname/newusers.test
+run_test ./newusers/29_create_user_error_invalid_username_valid_groupname/newusers.test
+run_test ./newusers/30_create_user_different_groupname/newusers.test
+run_test ./newusers/31_create_user_error_invalid_GID/newusers.test
+run_test ./newusers/32_create_user_error_gshadow_group_exists/newusers.test
+run_test ./newusers/33_update_password_no_shadow_password/newusers.test
+run_test ./newusers/34_update_password_no_shadow/newusers.test
+run_test ./newusers/35_read_from_stdin/newusers.test
+if [ "$USE_PAM" != "yes" ]; then
+	run_test ./newusers/36_create_user_encrypted/newusers.test
+	run_test ./newusers/37_create_user_encrypt_MD5/newusers.test
+	run_test ./newusers/38_update_password_no_shadow_encrypted/newusers.test
+	run_test ./newusers/39_update_password_no_shadow_password_encrypted/newusers.test
+	run_test ./newusers/40_update_password_encrypted/newusers.test
+	run_test ./newusers/41_create_user_encrypt_SHA256/newusers.test
+	run_test ./newusers/42_create_user_encrypt_SHA512/newusers.test
+	run_test ./newusers/43_create_user_encrypt_SHA256_rounds_3000/newusers.test
+	run_test ./newusers/44_create_user_encrypt_SHA256_rounds_300/newusers.test
+	run_test ./newusers/45_create_user_encrypt_rounds_3000/newusers.test
+	run_test ./newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/newusers.test
+else
+
+	run_test ./newusers/37_create_user_encrypt_MD5-PAM/newusers.test
+
+
+
+	run_test ./newusers/41_create_user_encrypt_SHA256-PAM/newusers.test
+	run_test ./newusers/42_create_user_encrypt_SHA512-PAM/newusers.test
+	run_test ./newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/newusers.test
+	run_test ./newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/newusers.test
+
+
+fi
+run_test ./newusers/47_create_user_error_UID_4294967295/newusers.test
+run_test ./newusers/48_create_user_error_GID_4294967295/newusers.test
+run_test ./newusers/49_multiple_system_users/newusers.test
+run_test ./newusers/50_usage/newusers.test
+run_test ./newusers/51_usage_invalid_option/newusers.test
+run_test ./newusers/52_usage_2_input_files/newusers.test
+run_test ./newusers/53_locked_passwd/newusers.test
+run_test ./newusers/54_locked_shadow/newusers.test
+run_test ./newusers/55_locked_group/newusers.test
+run_test ./newusers/56_locked_gshadow/newusers.test
+run_test ./newusers/57_missing_input_file/newusers.test
+run_test ./newusers/58_invalid_input_file/newusers.test
+run_test ./newusers/59_no_gshadow_file/newusers.test
+run_test ./newusers/60_update_no_gecos/newusers.test
+run_test ./newusers/61_update_no_shell/newusers.test
+run_test ./split_groups/01_useradd_split_group/useradd.test
+run_test ./split_groups/02_useradd_no_split_group/useradd.test
+run_test ./split_groups/03_useradd_split_group_already_split/useradd.test
+run_test ./split_groups/04_useradd_split_group_already_full/useradd.test
+run_test ./split_groups/05_useradd_split_group_already_split_passwd_differ/useradd.test
+run_test ./split_groups/06_useradd_split_group_already_split_GID_differ/useradd.test
+run_test ./split_groups/07_useradd_split_group_already_split_user_in_both_lines/useradd.test
+run_test ./split_groups/08_useradd_no_split_group_already_split/useradd.test
+run_test ./split_groups/09_groupdel_split_group_already_split/groupdel.test
+run_test ./split_groups/10_groupdel_no_split_group_already_split/groupdel.test
+if [ "$FAILURE_TESTS" = "yes" ]; then
+run_test ./failures/chage/01_chage_openRW_passwd_failure/chage.test
+run_test ./failures/chage/02_chage_openRO_passwd_failure/chage.test
+run_test ./failures/chage/03_chage_openRW_shadow_failure/chage.test
+run_test ./failures/chage/04_chage_openRO_shadow_failure/chage.test
+run_test ./failures/chage/05_chage_rename_shadow_failure/chage.test
+run_test ./failures/chage/06_chage_rename_passwd_failure/chage.test
+run_test ./failures/chgpasswd/01_chgpasswd-e_open_group_failure/chgpasswd.test
+run_test ./failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/chgpasswd.test
+run_test ./failures/chgpasswd/03_chgpasswd-e_rename_group_failure/chgpasswd.test
+run_test ./failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/chgpasswd.test
+if [ "$USE_PAM" = "yes" ]; then
+	run_test ./failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/chpasswd.test
+	run_test ./failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/chpasswd.test
+	run_test ./failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/chpasswd.test
+	run_test ./failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/chpasswd.test
+	run_test ./failures/chpasswd-PAM/05_chpasswd-e_time_0/chpasswd.test
+fi
+run_test ./failures/chsh/01_chsh_open_passwd_failure/chsh.test
+run_test ./failures/chsh/02_chsh_rename_passwd_failure/chsh.test
+run_test ./failures/cppw/01_cppw_open_passwd_in_failure/cppw.test
+run_test ./failures/cppw/02_cppw_open_passwd_backup_failure/cppw.test
+run_test ./failures/cppw/03_cppw_rename_passwd_failure/cppw.test
+run_test ./failures/gpasswd/01_gpasswd_group_open_failure/gpasswd.test
+run_test ./failures/gpasswd/02_gpasswd_gshadow_open_failure/gpasswd.test
+run_test ./failures/gpasswd/03_gpasswd-a_group_open_failure/gpasswd.test
+run_test ./failures/gpasswd/04_gpasswd-d_group_open_failure/gpasswd.test
+run_test ./failures/gpasswd/05_gpasswd-r_group_open_failure/gpasswd.test
+run_test ./failures/gpasswd/06_gpasswd-R_gshadow_open_failure/gpasswd.test
+run_test ./failures/gpasswd/07_gpasswd-A_gshadow_open_failure/gpasswd.test
+run_test ./failures/gpasswd/08_gpasswd_group_openRO_failure/gpasswd.test
+run_test ./failures/gpasswd/09_gpasswd_gshadow_openRO_failure/gpasswd.test
+run_test ./failures/gpasswd/10_gpasswd_group_rename_failure/gpasswd.test
+run_test ./failures/gpasswd/11_gpasswd_gshadow_rename_failure/gpasswd.test
+run_test ./failures/groupadd/01_groupadd_gshadow_rename_failure/groupadd.test
+run_test ./failures/groupadd/02_groupadd_group_rename_failure/groupadd.test
+run_test ./failures/groupadd/03_groupadd_gshadow_open_failure/groupadd.test
+run_test ./failures/groupadd/04_groupadd_group_open_failure/groupadd.test
+run_test ./failures/groupdel/01_groupdel_gshadow_rename_failure/groupdel.test
+run_test ./failures/groupdel/02_groupdel_group_rename_failure/groupdel.test
+run_test ./failures/groupdel/03_groupdel_gshadow_open_failure/groupdel.test
+run_test ./failures/groupdel/04_groupdel_group_open_failure/groupdel.test
+run_test ./failures/groupmems/01_groupmems_group_open_failure/groupmems.test
+run_test ./failures/groupmems/02_groupmems_gshadow_open_failure/groupmems.test
+run_test ./failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/groupmod.test
+run_test ./failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/groupmod.test
+run_test ./failures/groupmod/03_groupmod_change_group_name_group_rename_failure/groupmod.test
+run_test ./failures/groupmod/04_groupmod_group_open_failure/groupmod.test
+run_test ./failures/groupmod/05_groupmod_gshadow_open_failure/groupmod.test
+run_test ./failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/groupmod.test
+run_test ./failures/groupmod/07_groupmod_passwd_open_failure/groupmod.test
+run_test ./failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/groupmod.test
+run_test ./failures/groupmod/09_groupmod_-n_no_passwd_open_failure/groupmod.test
+run_test ./failures/grpck/01_grpck_system_group_open_failure/grpck.test
+run_test ./failures/grpck/02_grpck_group_open_failure/grpck.test
+run_test ./failures/grpck/03_grpck_system_gshadow_open_failure/grpck.test
+run_test ./failures/grpck/04_grpck_gshadow_open_failure/grpck.test
+run_test ./failures/grpck/05_grpck_sort_group_rename_failure/grpck.test
+run_test ./failures/grpck/06_grpck_sort_gshadow_rename_failure/grpck.test
+run_test ./failures/grpconv/01_grpconv_open_group_failure/grpconv.test
+run_test ./failures/grpconv/02_grpconv_open_gshadow_failure/grpconv.test
+run_test ./failures/grpconv/03_grpconv_rename_group_failure/grpconv.test
+run_test ./failures/grpconv/04_grpconv_rename_gshadow_failure/grpconv.test
+run_test ./failures/grpunconv/01_grpunconv_group_rename_failure/grpunconv.test
+run_test ./failures/grpunconv/02_grpunconv_open_group_failure/grpunconv.test
+run_test ./failures/grpunconv/03_grpunconv_open_gshadow_failure/grpunconv.test
+run_test ./failures/grpunconv/04_grpunconv_unlink_gshadow_failure/grpunconv.test
+run_test ./failures/newusers/01_newusers_open_passwd_failure/newusers.test
+run_test ./failures/newusers/02_newusers_open_shadow_failure/newusers.test
+run_test ./failures/newusers/03_newusers_open_group_failure/newusers.test
+run_test ./failures/newusers/04_newusers_open_gshadow_failure/newusers.test
+run_test ./failures/newusers/05_newusers_rename_passwd_failure/newusers.test
+run_test ./failures/newusers/06_newusers_rename_shadow_failure/newusers.test
+run_test ./failures/newusers/07_newusers_rename_group_failure/newusers.test
+run_test ./failures/newusers/08_newusers_rename_gshadow_failure/newusers.test
+run_test ./failures/newusers/09_newusers_rename_shadow_failure_PAM/newusers.test
+run_test ./failures/newusers/10_newusers_time_0/newusers.test
+run_test ./failures/pwck/01_pwck_system_passwd_open_failure/pwck.test
+run_test ./failures/pwck/02_pwck_passwd_open_failure/pwck.test
+run_test ./failures/pwck/03_pwck_system_shadow_open_failure/pwck.test
+run_test ./failures/pwck/04_pwck_shadow_open_failure/pwck.test
+run_test ./failures/pwck/05_pwck_sort_system_passwd_rename_failure/pwck.test
+run_test ./failures/pwck/06_pwck_sort_system_shadow_rename_failure/pwck.test
+run_test ./failures/pwck/07_pwck_sort_passwd_rename_failure/pwck.test
+run_test ./failures/pwck/08_pwck_sort_shadow_rename_failure/pwck.test
+run_test ./failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.test
+run_test ./failures/pwconv/01_pwconv_open_passwd_failure/pwconv.test
+run_test ./failures/pwconv/02_pwconv_open_shadow_failure/pwconv.test
+run_test ./failures/pwconv/03_pwconv_rename_passwd_failure/pwconv.test
+run_test ./failures/pwconv/04_pwconv_rename_shadow_failure/pwconv.test
+run_test ./failures/pwconv/05_pwconv_time_0/pwconv.test
+run_test ./failures/pwunconv/01_pwunconv_passwd_rename_failure/pwunconv.test
+run_test ./failures/pwunconv/02_pwunconv_open_passwd_failure/pwunconv.test
+run_test ./failures/pwunconv/03_pwunconv_open_shadow_failure/pwunconv.test
+run_test ./failures/pwunconv/04_pwunconv_unlink_shadow_failure/pwunconv.test
+run_test ./failures/useradd/01_useradd_open_passwd_failure/useradd.test
+run_test ./failures/useradd/02_useradd_open_shadow_failure/useradd.test
+run_test ./failures/useradd/03_useradd_open_group_failure/useradd.test
+run_test ./failures/useradd/04_useradd_open_gshadow_failure/useradd.test
+run_test ./failures/useradd/05_useradd_rename_passwd_failure/useradd.test
+run_test ./failures/useradd/06_useradd_rename_shadow_failure/useradd.test
+run_test ./failures/useradd/07_useradd_rename_group_failure/useradd.test
+run_test ./failures/useradd/08_useradd_rename_gshadow_failure/useradd.test
+run_test ./failures/useradd/09_useradd_rename_defaults_failure/useradd.test
+run_test ./failures/useradd/10_useradd_rename_defaults_backup_failure/useradd.test
+run_test ./failures/useradd/11_useradd_time_0/useradd.test
+run_test ./failures/useradd/12_useradd_open_subuid_failure/useradd.test
+run_test ./failures/useradd/13_useradd_open_subgid_failure/useradd.test
+run_test ./failures/useradd/14_username_rename_subuid_failure/useradd.test
+run_test ./failures/useradd/15_username_rename_subgid_failure/useradd.test
+run_test ./failures/userdel/01_userdel_gshadow_rename_failure/userdel.test
+run_test ./failures/userdel/02_userdel_group_rename_failure/userdel.test
+run_test ./failures/userdel/03_userdel_shadow_rename_failure/userdel.test
+run_test ./failures/userdel/04_userdel_passwd_rename_failure/userdel.test
+run_test ./failures/userdel/05_userdel_failure_remove_mailbox/userdel.test
+run_test ./failures/userdel/06_userdel_failure_remove_file_homedir/userdel.test
+run_test ./failures/userdel/07_userdel_failure_remove_homedir/userdel.test
+run_test ./failures/userdel/08_userdel_open_passwd_failure/userdel.test
+run_test ./failures/userdel/09_userdel_open_shadow_failure/userdel.test
+run_test ./failures/userdel/10_userdel_open_group_failure/userdel.test
+run_test ./failures/userdel/11_userdel_open_gshadow_failure/userdel.test
+run_test ./failures/userdel/12_userdel_open_subuid_failure/userdel.test
+run_test ./failures/userdel/13_userdel_open_subgid_failure/userdel.test
+run_test ./failures/userdel/14_userdel_rename_subuid_failure/usedel.test
+run_test ./failures/userdel/15_userdel_rename_subgid_failure/usedel.test
+run_test ./failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/usermod.test
+run_test ./failures/usermod/02_usermod_change_uid_passwd_rename_failure/usermod.test
+run_test ./failures/usermod/03_usermod_change_user_name_group_rename_failure/usermod.test
+run_test ./failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/usermod.test
+run_test ./failures/usermod/05_usermod_change_uid_shadow_rename_failure/usermod.test
+run_test ./failures/usermod/06_usermod_change_user_name_open_passwd_failure/usermod.test
+run_test ./failures/usermod/07_usermod_change_user_name_open_shadow_failure/usermod.test
+run_test ./failures/usermod/08_usermod_change_user_name_open_group_failure/usermod.test
+run_test ./failures/usermod/09_usermod_change_user_name_open_gshadow_failure/usermod.test
+run_test ./failures/usermod/10_usermod_-p_time_0/usermod.test
+run_test ./failures/usermod/11_usermod-f_no_shadow_entry_time_0/usermod.test
+#run_test ./failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/usermod.test
+run_test ./failures/usermod/13_usermod_-v_open_subuid_failure/usermod.test
+run_test ./failures/usermod/14_usermod_-V_open_subuid_failure/usermod.test
+run_test ./failures/usermod/15_usermod_-w_open_subgid_failure/usermod.test
+run_test ./failures/usermod/16_usermod_-W_open_subgid_failure/usermod.test
+run_test ./failures/usermod/17_usermod_-v_rename_subuid_failure/usermod.test
+run_test ./failures/usermod/18_usermod_-w_rename_subgid_failure/usermod.test
+fi
+run_test ./expiry/01_expiry_-c_no_expiry/expiry.test
+run_test ./expiry/02_expiry_-c_expired/expiry.test
+run_test ./expiry/03_expiry_-f_expired/expiry.test
+run_test ./expiry/04_expiry_no_options/expiry.test
+run_test ./expiry/05_expiry_-c_no_shadow_file/expiry.test
+run_test ./expiry/06_expiry_-c_no_shadow_entry/expiry.test
+run_test ./expiry/07_expiry_-c_expired_account/expiry.test
+run_test ./expiry/08_expiry_-c_expired_max+inact/expiry.test
+run_test ./expiry/09_expiry_-c_expired_not_inactive/expiry.test
+run_test ./expiry/10_expiry_bad_option/expiry.test
+run_test ./expiry/11_expiry_usage/expiry.test
+run_test ./expiry/12_expiry_extra_arg/expiry.test
+run_test ./expiry/13_expiry_usage-c-f/expiry.test
+run_test ./passwd/01_passwd_-S_root_locked_account/passwd.test
+run_test ./passwd/02_passwd_-S_root_valid_account/passwd.test
+run_test ./passwd/03_passwd_-S_root_empty_password/passwd.test
+run_test ./passwd/04_passwd_-S_root_valid_account_no_shadow_file/passwd.test
+run_test ./passwd/05_passwd_-S_root_valid_account_no_shadow_entry/passwd.test
+run_test ./passwd/06_passwd_-l_root_lock_account/passwd.test
+run_test ./passwd/07_passwd_-l_root_lock_account_no_shadow_entry/passwd.test
+run_test ./passwd/08_passwd_-u_root_unlock_account/passwd.test
+run_test ./passwd/09_passwd_-u_root_unlock_to_empty/passwd.test
+run_test ./passwd/10_passwd_-d_root/passwd.test
+run_test ./passwd/11_passwd_--mindays_root/passwd.test
+run_test ./passwd/12_passwd_--maxdays_root/passwd.test
+run_test ./passwd/13_passwd_--warndays_root/passwd.test
+run_test ./passwd/14_passwd_--inactive_root/passwd.test
+run_test ./passwd/15_passwd_--expire_root/passwd.test
+run_test ./passwd/16_passwd_-S-a_root/passwd.test
+run_test ./passwd/17_passwd_root_change_password/passwd.test
+run_test ./passwd/18_passwd_root_change_password_user/passwd.test
+run_test ./passwd/19_passwd_user_change_password/passwd.test
+run_test ./passwd/20_passwd_user_change_password_same_user/passwd.test
+run_test ./passwd/21_passwd_user_change_password_other_user/passwd.test
+run_test ./passwd/22_passwd_usage/passwd.test
+run_test ./login/01_login_prompt/login.test
+run_test ./login/02_login_user/login.test
+run_test ./login/03_login_check_tty/login.test
+find ${build_path} -name "*.gcda" -exec chmod a+rw {} \;
+run_test ./subids/01_useradd_no_subids/useradd.test
+run_test ./subids/02_useradd_with_subids/useradd.test
+run_test ./subids/03_useradd_no_subgid/useradd.test
+run_test ./subids/04_useradd_no_subuid/useradd.test
+run_test ./subids/05_useradd_fill_gap_start/useradd.test
+run_test ./subids/06_useradd_fill_gap_middle/useradd.test
+run_test ./subids/07_useradd_fill_gap_end/useradd.test
+run_test ./subids/08_useradd_no_more_subuids_start/useradd.test
+run_test ./subids/09_useradd_no_more_subgids_start/useradd.test
+run_test ./subids/10_useradd_no_more_subuids_end/useradd.test
+run_test ./subids/11_useradd_no_more_subgids_end/useradd.test
+run_test ./subids/12_useradd_invalid_subuid_configuration1/useradd.test
+run_test ./subids/13_useradd_invalid_subuid_configuration2/useradd.test
+run_test ./subids/14_useradd_invalid_subuid_configuration3/useradd.test
+run_test ./subids/15_useradd_invalid_subgid_configuration1/useradd.test
+run_test ./subids/16_useradd_invalid_subgid_configuration2/useradd.test
+run_test ./subids/17_useradd_invalid_subgid_configuration3/useradd.test
+run_test ./subids/18_useradd_min=max/useradd.test
+run_test ./subids/19_useradd_locked_subuid/useradd.test
+run_test ./subids/20_useradd_locked_subgid/useradd.test
+run_test ./subids/21_usermod_create_subuid_range/usermod.test
+run_test ./subids/22_usermod_create_subgid_range/usermod.test
+run_test ./subids/23_usermod_create_subids_ranges/usermod.test
+run_test ./subids/24_usermod_create_subids_overlapping_ranges/usermod.test
+run_test ./subids/25_usermod_add_range/usermod.test
+run_test ./subids/26_usermod_add_overlapping_ranges/usermod.test
+run_test ./subids/27_usermod_remove_range_all/usermod.test
+run_test ./subids/28_usermod_remove_range_partial_begin/usermod.test
+run_test ./subids/29_usermod_remove_range_partial_middle/usermod.test
+run_test ./subids/30_usermod_remove_range_partial_end/usermod.test
+run_test ./subids/31_usermod_remove_outside_range/usermod.test
+run_test ./subids/32_usermod_remove_overlapping_range_begin/usermod.test
+run_test ./subids/33_usermod_remove_overlapping_range_end/usermod.test
+run_test ./subids/34_usermod_remove_overlapping_range_all/usermod.test
+run_test ./subids/35_usermod_remove_only_user_ranges/usermod.test
+run_test ./subids/36_usermod_remove_with_comment/usermod.test
+run_test ./subids/37_usermod_-v_invalid_range/usermod.test
+run_test ./subids/38_usermod_-V_invalid_range/usermod.test
+run_test ./subids/39_usermod_-w_invalid_range/usermod.test
+run_test ./subids/40_usermod_-W_invalid_range/usermod.test
+run_test ./subids/41_usermod_locked_subuid/usermod.test
+run_test ./subids/42_usermod_locked_subgid/usermod.test
+run_test ./subids/43_usermod_-w_no_subgid/usermod.test
+run_test ./subids/44_usermod_-W_no_subgid/usermod.test
+run_test ./subids/45_usermod_-v_no_subgid/usermod.test
+run_test ./subids/46_usermod_-V_no_subgid/usermod.test
+run_test ./subids/47_usermod_-v_invalid_range2/usermod.test
+run_test ./subids/48_usermod_-v_invalid_range3/usermod.test
+run_test ./subids/49_usermod_-v_invalid_range4/usermod.test
+run_test ./subids/50_usermod_-v_invalid_range5/usermod.test
+run_test ./subids/51_usermod_-v_invalid_range6/usermod.test
+run_test ./subids/52_usermod_-v_invalid_range7/usermod.test
+run_test ./subids/53_userdel_one_subuid_range/userdel.test
+run_test ./subids/54_userdel_one_subgid_range/userdel.test
+run_test ./subids/55_userdel_no_subuid/userdel.test
+run_test ./subids/56_userdel_no_subgid/userdel.test
+run_test ./subids/57_userdel_multiple_ranges/userdel.test
+run_test ./subids/58_newusers_with_subids/newusers.test
+run_test ./subids/59_newusers_no_subuid/newusers.test
+run_test ./subids/60_newusers_no_subgid/newusers.test
+run_test ./subids/61_newusers_user_alread_has_subgids/newusers.test
+run_test ./subids/62_newusers_user_alread_has_subuids/newusers.test
+run_test ./subids/63_useradd_fill_gap4/useradd.test
+run_test ./subids/64_useradd_fill_gap5/useradd.test
+run_test ./subids/65_useradd_fill_gap6/useradd.test
+run_test ./subids/66_subordinate_range_cmp/useradd.test
+run_test ./subids/67_invalid_subuid_file1/useradd.test
+run_test ./subids/68_invalid_subuid_file2/useradd.test
+run_test ./subids/69_invalid_subuid_file3/useradd.test
+run_test ./subids/70_invalid_subuid_file4/useradd.test
+
+echo
+echo "$succeded test(s) passed"
+echo "$failed test(s) failed"
+echo "log written in 'testsuite.log'"
+if [ "$failed" != "0" ]
+then
+	echo "the following tests failed:"
+	echo $failed_tests
+fi
+
diff --git a/tests/run_all.coverage b/tests/run_all.coverage
new file mode 100755
index 0000000..a49be43
--- /dev/null
+++ b/tests/run_all.coverage
@@ -0,0 +1,1324 @@
+#!/bin/sh
+
+set -e
+
+export LC_ALL=C
+unset LANG
+unset LANGUAGE
+. common/config.sh
+
+USE_PAM="yes"
+FAILURE_TESTS="yes"
+
+succeded=0
+failed=0
+failed_tests=""
+
+run_test()
+{
+	find $build_path -name "*.gcda" -delete
+	find $build_path -name "*.gcno" | while read f
+	do
+		g=${f%gcno}gcda
+		touch $g
+		chmod a+rw $g
+	done
+
+	if $1 > $1.log
+	then
+		succeded=$((succeded+1))
+		echo -n "+"
+	else
+		failed=$((failed+1))
+		failed_tests="$failed_tests $1"
+		echo -n "-"
+	fi
+	cat $1.log >> testsuite.log
+	[ -f /etc/passwd.lock ] && echo $1 /etc/passwd.lock || true
+	[ -f /etc/group.lock ] && echo $1 /etc/group.lock || true
+	[ -f /etc/shadow.lock ] && echo $1 /etc/shadow.lock || true
+	[ -f /etc/gshadow.lock ] && echo $1 /etc/gshadow.lock || true
+	if [ "$(stat -c"%G" /etc/shadow)" != "shadow" ]
+	then
+		echo $1
+		ls -l /etc/shadow
+		chgrp shadow /etc/shadow
+	fi
+	if [ -d /nonexistent ]
+	then
+		echo $1 /nonexistent
+		rmdir /nonexistent
+	fi
+
+	find $build_path -name "*.gcda" -size 0 -delete
+	if echo $1 | grep -v -q debian
+	then
+		TESTNAME=$(echo $1| sed -e 's/^\.\///' -e 's/[.\/=-]/_/g')
+		lcov -q -c -d $build_path -o app_test.info -t $TESTNAME
+		lcov -q -a app_total.info -a app_test.info -o app_total.info
+		rm -f app_test.info
+	fi
+}
+
+echo "+: test passed"
+echo "-: test failed"
+
+# Empty the complete log.
+> testsuite.log
+
+lcov -q -c -i -d $build_path -o app_base.info
+lcov -q -a app_base.info -o app_total.info
+rm -f app_base.info
+
+run_test ./su/01/su_root.test
+run_test ./su/01/su_user.test
+run_test ./su/02/env_FOO-options_--login
+run_test ./su/02/env_FOO-options_--login_bash
+run_test ./su/02/env_FOO-options_--preserve-environment
+run_test ./su/02/env_FOO-options_--preserve-environment_bash
+run_test ./su/02/env_FOO-options_-
+run_test ./su/02/env_FOO-options_-_bash
+run_test ./su/02/env_FOO-options_-l-m
+run_test ./su/02/env_FOO-options_-l-m_bash
+run_test ./su/02/env_FOO-options_-l
+run_test ./su/02/env_FOO-options_-l_bash
+run_test ./su/02/env_FOO-options_-m_bash
+run_test ./su/02/env_FOO-options_-m
+run_test ./su/02/env_FOO-options_-p
+run_test ./su/02/env_FOO-options_-p_bash
+run_test ./su/02/env_FOO-options__bash
+run_test ./su/02/env_FOO-options_
+run_test ./su/02/env_FOO-options_-p-
+run_test ./su/02/env_FOO-options_-p-_bash
+run_test ./su/02/env_special-options_-l-p
+run_test ./su/02/env_special-options_-l
+run_test ./su/02/env_special-options_-l-p_bash
+run_test ./su/02/env_special-options_-l_bash
+run_test ./su/02/env_special-options_-p
+run_test ./su/02/env_special-options_-p_bash
+run_test ./su/02/env_special-options_
+run_test ./su/02/env_special-options__bash
+run_test ./su/02/env_special_root-options_-l-p
+run_test ./su/02/env_special_root-options_-l-p_bash
+run_test ./su/02/env_special_root-options_-l
+run_test ./su/02/env_special_root-options_-l_bash
+run_test ./su/02/env_special_root-options_-p
+run_test ./su/02/env_special_root-options_-p_bash
+run_test ./su/02/env_special_root-options_
+run_test ./su/02/env_special_root-options__bash
+run_test ./su/03/su_run_command01.test
+run_test ./su/03/su_run_command02.test
+run_test ./su/03/su_run_command03.test
+run_test ./su/03/su_run_command04.test
+run_test ./su/03/su_run_command05.test
+run_test ./su/03/su_run_command06.test
+run_test ./su/03/su_run_command07.test
+run_test ./su/03/su_run_command08.test
+run_test ./su/03/su_run_command09.test
+run_test ./su/03/su_run_command10.test
+run_test ./su/03/su_run_command11.test
+run_test ./su/03/su_run_command12.test
+run_test ./su/03/su_run_command13.test
+run_test ./su/03/su_run_command14.test
+run_test ./su/03/su_run_command15.test
+run_test ./su/03/su_run_command16.test
+run_test ./su/03/su_run_command17.test
+run_test ./su/04/su_wrong_user.test
+run_test ./su/04/su_user_wrong_passwd.test
+run_test ./su/04/su_user_wrong_passwd_syslog.test
+run_test ./su/05/su_user_wrong_passwd_syslog.test
+run_test ./su/06/su_user_syslog.test
+run_test ./su/07/su_user_syslog.test
+run_test ./su/08/env_special-options_
+run_test ./su/08/env_special_root-options_
+run_test ./su/09/env_special-options_
+run_test ./su/09/env_special_root-options_
+run_test ./su/10_su_sulog_success/su.test
+run_test ./su/11_su_sulog_failure/su.test
+run_test ./su/12_su_child_failure/su.test
+run_test ./su/13_su_child_success/su.test
+run_test ./chage/01/run
+run_test ./chage/02/run
+run_test ./chage/03_chsh_usage/chage.test
+run_test ./chage/04_chsh_usage_invalid_option/chage.test
+run_test ./chage/05_chsh_usage_2_users/chage.test
+run_test ./chage/06_chsh_usage_no_users/chage.test
+run_test ./chage/07_chsh_usage-l_exclusive/chage.test
+run_test ./chage/08_chsh_usage_invalid_date/chage.test
+run_test ./chage/09_chsh_usage_invalid_numeric_arg/chage.test
+run_test ./chage/10_chsh-l/chage.test
+run_test ./chage/11_chsh_usage_invalid_user/chage.test
+run_test ./chage/12_chsh_usage-l_invalid_user2/chage.test
+run_test ./chage/13_chsh_locked_passwd/chage.test
+run_test ./chage/14_chsh_locked_shadow/chage.test
+run_test ./chage/15_chage-I_no_shadow_entry/chage.test
+run_test ./chage/16_chage-m_no_shadow_entry/chage.test
+run_test ./chage/17_chage-M_no_shadow_entry/chage.test
+run_test ./chage/18_chage-d_no_shadow_entry/chage.test
+run_test ./chage/19_chage-W_no_shadow_entry/chage.test
+run_test ./chage/20_chage-E_no_shadow_entry/chage.test
+run_test ./chage/21_chage_no_shadow_file/chage.test
+run_test ./chage/22_chage_myuser-l/chage.test
+run_test ./chage/23_chage_myuser-I/chage.test
+run_test ./chage/24_chage_myuser-l_other/chage.test
+run_test ./chage/25_chage_interractive/chage.test
+run_test ./chage/26_chage_interractive_date_0/chage.test
+run_test ./chage/27_chage_interractive_date_-1/chage.test
+run_test ./chage/28_chage_interractive_date_EPOCH/chage.test
+run_test ./chage/29_chage_interractive_date_pre-EPOCH/chage.test
+run_test ./chage/30_chage_interractive_date_pre-EPOCH2/chage.test
+run_test ./chage/31_chage_interractive_date_invalid/chage.test
+run_test ./chage/32_chage_interractive_date_invalid2/chage.test
+run_test ./chage/33_chage_interractive-W_invalid1/chage.test
+run_test ./chage/34_chage_interractive-W_invalid2/chage.test
+run_test ./chage/35_chage_interractive-W-1/chage.test
+run_test ./chage/36_chage_interractive-I_invalid1/chage.test
+run_test ./chage/37_chage_interractive-I_invalid2/chage.test
+run_test ./chage/38_chage_interractive-I-1/chage.test
+run_test ./chage/39_chage_interractive-d-1/chage.test
+run_test ./chsh/01/run
+run_test ./chsh/02_chsh_usage/chsh.test
+run_test ./chsh/03_chsh_usage_invalid_option/chsh.test
+run_test ./chsh/04_chsh_usage_2_users/chsh.test
+run_test ./chsh/05_chsh_myuser_restricted_shell/chsh.test
+run_test ./chsh/06_chsh_myuser_non_restricted_shell/chsh.test
+run_test ./chsh/07_chsh_usage_invalid_user/chsh.test
+run_test ./chsh/08_chsh_myuser_to_restricted_shell/chsh.test
+run_test ./chsh/09_chsh_myuser_to_missing_shell/chsh.test
+run_test ./chsh/10_chsh_myuser_to_non_executable_shell/chsh.test
+run_test ./chsh/11_chsh_auth_failure/chsh.test
+run_test ./chsh/12_chsh_warning_missing_shell/chsh.test
+run_test ./chsh/13_chsh_warning_non_executable/chsh.test
+run_test ./chsh/14_chsh_locked_passwd/chsh.test
+run_test ./chsh/15_chsh_PAM_error/chsh.test
+run_test ./chroot/chage/01_chage--root/chage.test
+run_test ./chroot/chgpasswd/01_chgpasswd--root/chgpasswd.test
+run_test ./chroot/chpasswd/01_chpasswd--root_nopam/chpasswd.test
+run_test ./chroot/chpasswd/02_chpasswd--root_pam/chpasswd.test
+run_test ./chroot/chsh/01_chsh--root/chsh.test
+run_test ./chroot/gpasswd/01_gpasswd--root/gpasswd.test
+run_test ./chroot/groupadd/01_groupadd--root/groupadd.test
+run_test ./chroot/groupdel/01_groupdel--root/groupdel.test
+run_test ./chroot/groupmod/01_groupmod--root/groupmod.test
+run_test ./chroot/grpck/01_grpck--root/grpck.test
+run_test ./chroot/grpconv/01_grpconv--root/grpconv.test
+run_test ./chroot/grpunconv/01_grpunconv--root/grpunconv.test
+run_test ./chroot/lastlog/01_lastlog--root/lastlog.test
+run_test ./chroot/login/01_login_sublogin/login.test
+run_test ./chroot/pwck/01_pwck--root/pwck.test
+run_test ./chroot/pwconv/01_pwconv--root/pwconv.test
+run_test ./chroot/pwunconv/01_pwunconv--root/pwunconv.test
+run_test ./chroot/useradd/01_useradd--root/useradd.test
+run_test ./chroot/useradd/02_useradd--root_login.defs/useradd.test
+run_test ./chroot/useradd/03_useradd--root_useradd.default/useradd.test
+run_test ./chroot/useradd/04_useradd--root_useradd-D/useradd.test
+run_test ./chroot/useradd/05_useradd--root_useradd-D-e-g/useradd.test
+run_test ./chroot/userdel/01_userdel--root/userdel.test
+run_test ./chroot/usermod/01_usermod--root/usermod.test
+run_test ./convtools/01/run
+run_test ./convtools/02_grpconv_remove_gshadow_only_entries/grpconv.test
+run_test ./convtools/03_grpconv_copy_passwd/grpconv.test
+run_test ./convtools/04_grpconv_no_password/grpconv.test
+run_test ./convtools/05_grpconv_copy_passwd_existing_gshadow/grpconv.test
+run_test ./convtools/06_grpconv_error_group_locked/grpconv.test
+run_test ./convtools/07_grpconv_error_gshadow_locked/grpconv.test
+run_test ./convtools/08_grpunconv_no_gshadow_file/grpunconv.test
+run_test ./convtools/09_grpunconv_error_group_locked/grpunconv.test
+run_test ./convtools/10_grpunconv_error_gshadow_locked/grpunconv.test
+run_test ./convtools/11_pwconv_error_passwd_locked/pwconv.test
+run_test ./convtools/12_pwconv_error_shadow_locked/pwconv.test
+run_test ./convtools/13_pwunconv_error_passwd_locked/pwunconv.test
+run_test ./convtools/14_pwunconv_error_shadow_locked/pwunconv.test
+run_test ./convtools/15_pwconv_remove_shadow_only_entries/pwconv.test
+run_test ./convtools/16_pwconv_copy_passwd/pwconv.test
+run_test ./convtools/17_pwunconv_no_shadow_file/pwunconv.test
+run_test ./convtools/18_pwunconv_user_not_in_shadow/pwunconv.test
+run_test ./convtools/19_pwconv_NIS/pwconv.test
+run_test ./convtools/20_pwunconv_usage_option/pwunconv.test
+run_test ./convtools/21_pwunconv_keep_passwd_password/pwunconv.test
+run_test ./convtools/22_grpunconv_usage_option/grpunconv.test
+run_test ./convtools/23_grpunconv_keep_group_password/grpunconv.test
+run_test ./convtools/24_grpunconv_no_gshadow_entry/grpunconv.test
+run_test ./convtools/25_pwconv_usage_option/pwconv.test
+run_test ./convtools/26_grpconv_usage_option/grpconv.test
+run_test ./convtools/27_pwunconv_usage/pwunconv.test
+run_test ./convtools/28_pwunconv_usage_extra_arg/pwunconv.test
+run_test ./convtools/29_grpconv_usage/grpconv.test
+run_test ./convtools/30_grpconv_usage_extra_arg/grpconv.test
+run_test ./convtools/31_pwconv_usage/pwconv.test
+run_test ./convtools/32_pwconv_usage_extra_arg/pwconv.test
+run_test ./convtools/33_grpunconv_usage/grpunconv.test
+run_test ./convtools/34_grpunconv_usage_extra_arg/grpunconv.test
+run_test ./cptools/02_cppw_usage/cppw.test
+run_test ./cptools/03_cppw_usage_invalid_option/cppw.test
+run_test ./cptools/04_cppw_no_file_argument/cppw.test
+run_test ./cptools/05_cppw_2_files/cppw.test
+run_test ./cptools/06_cppw_no_file/cppw.test
+run_test ./cptools/07_cppw_locked_passwd/cppw.test
+run_test ./cptools/08_cppw-p/cppw.test
+run_test ./cptools/09_cppw-g/cppw.test
+run_test ./cptools/10_cppw-g-s/cppw.test
+run_test ./cptools/11_cppw-p-s/cppw.test
+run_test ./cptools/12_cppw-s_no_shadow_file/cppw.test
+run_test ./debian/01/run
+run_test ./grouptools/chgpasswd/01_chgpasswd_invalid_group/chgpasswd.test
+run_test ./grouptools/chgpasswd/02_chgpasswd_multiple_groups/chgpasswd.test
+run_test ./grouptools/chgpasswd/03_chgpasswd_no_gshadow_file/chgpasswd.test
+run_test ./grouptools/chgpasswd/04_chgpasswd_no_gshadow_entry/chgpasswd.test
+run_test ./grouptools/chgpasswd/05_chgpasswd_error_no_password/chgpasswd.test
+run_test ./grouptools/chgpasswd/06_chgpasswd_usage/chgpasswd.test
+run_test ./grouptools/chgpasswd/07_chgpasswd_usage_bad_option/chgpasswd.test
+run_test ./grouptools/chgpasswd/08_chgpasswd_usage-e-m_exclusive/chgpasswd.test
+run_test ./grouptools/chgpasswd/09_chgpasswd_usage-e-c_exclusive/chgpasswd.test
+run_test ./grouptools/chgpasswd/10_chgpasswd_usage-m-c_exclusive/chgpasswd.test
+run_test ./grouptools/chgpasswd/11_chgpasswd_usage-s_without-c/chgpasswd.test
+run_test ./grouptools/chgpasswd/12_chgpasswd_usage-s_invalid/chgpasswd.test
+run_test ./grouptools/chgpasswd/13_chgpasswd_usage-c_invalid/chgpasswd.test
+run_test ./grouptools/chgpasswd/14_chgpasswd_password_encrypted/chgpasswd.test
+run_test ./grouptools/chgpasswd/15_chgpasswd_password_md5/chgpasswd.test
+run_test ./grouptools/chgpasswd/16_chgpasswd_password_NONE/chgpasswd.test
+run_test ./grouptools/chgpasswd/17_chgpasswd_password_MD5/chgpasswd.test
+run_test ./grouptools/chgpasswd/18_chgpasswd_password_DES/chgpasswd.test
+run_test ./grouptools/chgpasswd/19_chgpasswd_password_SHA256/chgpasswd.test
+run_test ./grouptools/chgpasswd/20_chgpasswd_password_SHA256_rounds_900/chgpasswd.test
+run_test ./grouptools/chgpasswd/21_chgpasswd_password_SHA256_rounds_9000/chgpasswd.test
+run_test ./grouptools/chgpasswd/22_chgpasswd_password_SHA512/chgpasswd.test
+run_test ./grouptools/chgpasswd/23_chgpasswd_password_SHA512_rounds_900/chgpasswd.test
+run_test ./grouptools/chgpasswd/24_chgpasswd_password_SHA512_rounds_9000/chgpasswd.test
+run_test ./grouptools/chgpasswd/25_chgpasswd-e_no_gshadow_file/chgpasswd.test
+run_test ./grouptools/chgpasswd/26_chgpasswd_no_gshadow_file_invalid_group/chgpasswd.test
+run_test ./grouptools/chgpasswd/29_chgpasswd-e_no_gshadow_entry/chgpasswd.test
+run_test ./grouptools/chgpasswd/30_chgpasswd_locked_group/chgpasswd.test
+run_test ./grouptools/chgpasswd/31_chgpasswd_locked_gshadow/chgpasswd.test
+run_test ./grouptools/chgpasswd/32_chgpasswd_invalid_group/chgpasswd.test
+run_test ./grouptools/gpasswd/01_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/02_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/03_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/04_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/05_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/06_gpasswd_change_member_list/gpasswd.test
+run_test ./grouptools/gpasswd/07_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/08_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/09_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/10_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/11_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/12_gpasswd_change_member_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/13_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/14_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/15_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/16_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/17_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/18_gpasswd_change_member_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/19_gpasswd_change_passwd-root/gpasswd.test
+run_test ./grouptools/gpasswd/20_gpasswd_change_passwd-root-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/21_gpasswd_change_passwd-root-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/22_gpasswd_change_passwd-myuser/gpasswd.test
+run_test ./grouptools/gpasswd/23_gpasswd_change_passwd-myuser-denied/gpasswd.test
+run_test ./grouptools/gpasswd/24_gpasswd_change_passwd-myuser-denied-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/25_gpasswd_remove_password/gpasswd.test
+run_test ./grouptools/gpasswd/26_gpasswd_remove_password-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/27_gpasswd_remove_password-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/28_gpasswd_lock_password/gpasswd.test
+run_test ./grouptools/gpasswd/29_gpasswd_lock_password-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/30_gpasswd_lock_password-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/31_gpasswd_add_user_to_group/gpasswd.test
+run_test ./grouptools/gpasswd/32_gpasswd_add_user_to_group-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/33_gpasswd_add_user_to_group-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/34_gpasswd_remove_user_from_group/gpasswd.test
+run_test ./grouptools/gpasswd/35_gpasswd_remove_user_from_group/gpasswd.test
+run_test ./grouptools/gpasswd/36_gpasswd_remove_user_from_group/gpasswd.test
+run_test ./grouptools/gpasswd/37_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/38_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/39_gpasswd_remove_user_from_group-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/40_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/41_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/42_gpasswd_remove_user_from_group-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/43_gpasswd_-r_locked_group/gpasswd.test
+run_test ./grouptools/gpasswd/44_gpasswd_-r_locked_gshadow/gpasswd.test
+run_test ./grouptools/gpasswd/45_gpasswd_-r_unknown_group/gpasswd.test
+run_test ./grouptools/gpasswd/46_gpasswd_-a_unknown_user/gpasswd.test
+run_test ./grouptools/gpasswd/47_gpasswd_-M_unknown_user/gpasswd.test
+run_test ./grouptools/gpasswd/48_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/49_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/50_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/51_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/52_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/53_gpasswd_change_admin_list/gpasswd.test
+run_test ./grouptools/gpasswd/54_gpasswd_change_admin_list-no_shadow_group/gpasswd.test
+run_test ./grouptools/gpasswd/55_gpasswd_change_admin_list-no_gshadow_file/gpasswd.test
+run_test ./grouptools/gpasswd/56_gpasswd_add_user_to_group/gpasswd.test
+run_test ./grouptools/gpasswd/57_gpasswd_remove_user_from_group-not_member/gpasswd.test
+run_test ./grouptools/gpasswd/58_gpasswd_remove_user_from_group-not_gshadow_member/gpasswd.test
+run_test ./grouptools/gpasswd/59_gpasswd_remove_user_from_group-not_group_member/gpasswd.test
+run_test ./grouptools/gpasswd/60_gpasswd_add_long_user_to_group/gpasswd.test
+run_test ./grouptools/gpasswd/61_gpasswd_usage/gpasswd.test
+run_test ./grouptools/gpasswd/62_gpasswd_-A_unknown_user/gpasswd.test
+run_test ./grouptools/gpasswd/63_gpasswd_usage_bad_option/gpasswd.test
+run_test ./grouptools/gpasswd/64_gpasswd_usage-a-d/gpasswd.test
+run_test ./grouptools/gpasswd/65_gpasswd_usage_no_groups/gpasswd.test
+run_test ./grouptools/gpasswd/66_gpasswd_usage_2_groups/gpasswd.test
+run_test ./grouptools/gpasswd/67_gpasswd-A_myuser/gpasswd.test
+run_test ./grouptools/gpasswd/68_gpasswd-M_myuser/gpasswd.test
+run_test ./grouptools/gpasswd/69_gpasswd_change_passwd_2_tries/gpasswd.test
+run_test ./grouptools/gpasswd/70_gpasswd_change_passwd_3_tries/gpasswd.test
+run_test ./grouptools/gpasswd/71_gpasswd_change_passwd_4_tries/gpasswd.test
+run_test ./grouptools/gpasswd/72_gpasswd-M-A/gpasswd.test
+run_test ./grouptools/groupadd/01_groupadd_add_group/groupadd.test
+run_test ./grouptools/groupadd/02_groupadd_add_group_GID_MIN/groupadd.test
+run_test ./grouptools/groupadd/03_groupadd_add_group_-K_GID_MIN/groupadd.test
+run_test ./grouptools/groupadd/04_groupadd_set_password/groupadd.test
+run_test ./grouptools/groupadd/05_groupadd_set_GID/groupadd.test
+run_test ./grouptools/groupadd/06_groupadd_-f_add_existing_group/groupadd.test
+run_test ./grouptools/groupadd/07_groupadd_-f_add_existing_GID/groupadd.test
+run_test ./grouptools/groupadd/08_groupadd_locked_group/groupadd.test
+run_test ./grouptools/groupadd/09_groupadd_locked_gshadow/groupadd.test
+run_test ./grouptools/groupadd/10_groupadd_-o_add_existing_GID/groupadd.test
+run_test ./grouptools/groupadd/11_groupadd_invalid_GID/groupadd.test
+run_test ./grouptools/groupadd/12_groupadd_negativ_GID/groupadd.test
+run_test ./grouptools/groupadd/13_groupadd_invalid_name/groupadd.test
+run_test ./grouptools/groupadd/14_groupadd_invalid_-K_option/groupadd.test
+run_test ./grouptools/groupadd/15_groupadd_invalid_-K_no_=/groupadd.test
+run_test ./grouptools/groupadd/16_groupadd_existing_group/groupadd.test
+run_test ./grouptools/groupadd/17_groupadd_add_systemgroup/groupadd.test
+run_test ./grouptools/groupadd/18_groupadd_no_more_GID/groupadd.test
+run_test ./grouptools/groupadd/19_groupadd_-r_no_more_system_GID/groupadd.test
+run_test ./grouptools/groupadd/20_groupadd_add_existing_GID/groupadd.test
+run_test ./grouptools/groupadd/21_groupadd_invalid_GID_4294967295/groupadd.test
+run_test ./grouptools/groupadd/22_groupadd_usage/groupadd.test
+run_test ./grouptools/groupadd/23_groupadd_no_groups/groupadd.test
+run_test ./grouptools/groupadd/24_groupadd_2_groups/groupadd.test
+run_test ./grouptools/groupadd/25_groupadd_no_gshadow/groupadd.test
+run_test ./grouptools/groupadd/26_groupadd_-o_without_-g/groupadd.test
+run_test ./grouptools/groupadd/27_groupadd_invalid_option/groupadd.test
+run_test ./grouptools/groupdel/01_groupdel_delete_group/groupdel.test
+run_test ./grouptools/groupdel/02_groupdel_delete_group_no_gshadow_group/groupdel.test
+run_test ./grouptools/groupdel/03_groupdel_delete_group_no_gshadow_file/groupdel.test
+run_test ./grouptools/groupdel/04_groupdel_delete_group_error_busy_group/groupdel.test
+run_test ./grouptools/groupdel/05_groupdel_delete_group_error_unknown_group/groupdel.test
+run_test ./grouptools/groupdel/06_groupdel_delete_group_error_locked_group/groupdel.test
+run_test ./grouptools/groupdel/07_groupdel_delete_group_error_locked_gshadow/groupdel.test
+run_test ./grouptools/groupdel/08_groupdel_delete_group_error_no_group_parameter/groupdel.test
+run_test ./grouptools/groupdel/09_groupdel_delete_group_error_two_group_parameter/groupdel.test
+run_test ./grouptools/groupdel/10_groupdel_usage/groupdel.test
+run_test ./grouptools/groupdel/11_groupdel_invalid_option/groupdel.test
+run_test ./grouptools/groupmems/01_groupmems_root_add_user/groupmems.test
+run_test ./grouptools/groupmems/02_groupmems_root_del_user/groupmems.test
+run_test ./grouptools/groupmems/03_groupmems_root_del_user_admin/groupmems.test
+run_test ./grouptools/groupmems/04_groupmems_root_del_user_admin_and_user/groupmems.test
+run_test ./grouptools/groupmems/05_groupmems_root_add_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/06_groupmems_root_add_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/07_groupmems_root_del_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/08_groupmems_root_del_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/09_groupmems_root_purge_user/groupmems.test
+run_test ./grouptools/groupmems/10_groupmems_root_purge_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/11_groupmems_root_purge_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/12_groupmems_user_add_user/groupmems.test
+run_test ./grouptools/groupmems/13_groupmems_user_del_user/groupmems.test
+run_test ./grouptools/groupmems/14_groupmems_user_del_user_admin/groupmems.test
+run_test ./grouptools/groupmems/15_groupmems_user_del_user_admin_and_user/groupmems.test
+run_test ./grouptools/groupmems/16_groupmems_user_add_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/17_groupmems_user_add_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/18_groupmems_user_del_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/19_groupmems_user_del_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/20_groupmems_user_purge_user/groupmems.test
+run_test ./grouptools/groupmems/21_groupmems_user_purge_user_with_other_users/groupmems.test
+run_test ./grouptools/groupmems/22_groupmems_user_purge_user_with_other_users_admin/groupmems.test
+run_test ./grouptools/groupmems/23_groupmems_user_add_user-not_in_groups/groupmems.test
+run_test ./grouptools/groupmems/24_groupmems_user_add_user-not_primary_group/groupmems.test
+run_test ./grouptools/groupmems/25_groupmems_user_add_user-not_user_group/groupmems.test
+run_test ./grouptools/groupmems/26_groupmems_user_add_user-already_member/groupmems.test
+run_test ./grouptools/groupmems/27_groupmems_user_add_user-already_member_in_group/groupmems.test
+run_test ./grouptools/groupmems/28_groupmems_user_add_user-already_member_in_gshadow/groupmems.test
+run_test ./grouptools/groupmems/29_groupmems_user_add_user-user_does_not_exist/groupmems.test
+run_test ./grouptools/groupmems/30_groupmems_user_add_user-no_gshadow_group/groupmems.test
+run_test ./grouptools/groupmems/31_groupmems_user_add_user-no_gshadow_file/groupmems.test
+run_test ./grouptools/groupmems/32_groupmems_user_del_user-not_member/groupmems.test
+run_test ./grouptools/groupmems/33_groupmems_user_del_user-not_member_in_gshadow/groupmems.test
+run_test ./grouptools/groupmems/34_groupmems_user_del_user-user_does_not_exist/groupmems.test
+run_test ./grouptools/groupmems/35_groupmems_user_del_user-no_gshadow_group/groupmems.test
+run_test ./grouptools/groupmems/36_groupmems_user_del_user-no_gshadow_file/groupmems.test
+run_test ./grouptools/groupmems/37_groupmems_user_purge_user-empty_group/groupmems.test
+run_test ./grouptools/groupmems/38_groupmems_user_purge_user-no_gshadow_group/groupmems.test
+run_test ./grouptools/groupmems/39_groupmems_user_purge_user-no_gshadow_file/groupmems.test
+run_test ./grouptools/groupmems/40_groupmems_user_del_user-not_primary_group/groupmems.test
+run_test ./grouptools/groupmems/41_groupmems_user_purge_user-not_primary_group/groupmems.test
+run_test ./grouptools/groupmems/42_groupmems_user_list_users/groupmems.test
+run_test ./grouptools/groupmems/43_groupmems_user_list_users-gshadow_ignored/groupmems.test
+run_test ./grouptools/groupmems/44_groupmems_user_list_users-another_group/groupmems.test
+run_test ./grouptools/groupmems/45_groupmems_user_list_users-group_locked/groupmems.test
+run_test ./grouptools/groupmems/46_groupmems_user_list_users-gshadow_locked/groupmems.test
+run_test ./grouptools/groupmems/47_groupmems_user_add_user-group_locked/groupmems.test
+run_test ./grouptools/groupmems/48_groupmems_user_add_user-gshadow_locked/groupmems.test
+run_test ./grouptools/groupmems/49_groupmems_user_del_user-group_locked/groupmems.test
+run_test ./grouptools/groupmems/50_groupmems_user_del_user-gshadow_locked/groupmems.test
+run_test ./grouptools/groupmems/51_groupmems_user_purge_user-group_locked/groupmems.test
+run_test ./grouptools/groupmems/52_groupmems_user_purge_user-gshadow_locked/groupmems.test
+run_test ./grouptools/groupmems/53_groupmems_usage/groupmems.test
+run_test ./grouptools/groupmems/54_groupmems_usage_invalid_option/groupmems.test
+run_test ./grouptools/groupmems/55_groupmems_usage-a-d/groupmems.test
+run_test ./grouptools/groupmems/56_groupmems_usage_extra_arg/groupmems.test
+run_test ./grouptools/groupmems/57_groupmems_authentication/groupmems.test
+run_test ./grouptools/groupmems/58_groupmems_authentication_failure1/groupmems.test
+run_test ./grouptools/groupmems/59_groupmems_authentication_failure2/groupmems.test
+run_test ./grouptools/groupmems/60_groupmems_authentication_failure3/groupmems.test
+run_test ./grouptools/groupmod/01_groupmod_change_gid/groupmod.test
+run_test ./grouptools/groupmod/02_groupmod_change_gid_change_primary_group/groupmod.test
+run_test ./grouptools/groupmod/03_groupmod_change_gid_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/04_groupmod_change_gid_no_gshadow_file/groupmod.test
+run_test ./grouptools/groupmod/05_groupmod_change_gid_-o_override_used_GID/groupmod.test
+run_test ./grouptools/groupmod/06_groupmod_change_group_name/groupmod.test
+run_test ./grouptools/groupmod/07_groupmod_change_group_name_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/08_groupmod_change_group_name_no_gshadow_file/groupmod.test
+run_test ./grouptools/groupmod/09_groupmod_set_password/groupmod.test
+run_test ./grouptools/groupmod/10_groupmod_set_password_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/11_groupmod_set_password_no_gshadow_file/groupmod.test
+run_test ./grouptools/groupmod/12_groupmod_change_gid_error_unknown_group/groupmod.test
+run_test ./grouptools/groupmod/13_groupmod_change_gid_error_used_GID/groupmod.test
+run_test ./grouptools/groupmod/14_groupmod_change_group_name_error_used_name/groupmod.test
+run_test ./grouptools/groupmod/15_groupmod_change_group_name_error_invalid_name/groupmod.test
+run_test ./grouptools/groupmod/16_groupmod_change_group_name_no_changes/groupmod.test
+run_test ./grouptools/groupmod/17_groupmod_change_gid_error_locked_group/groupmod.test
+run_test ./grouptools/groupmod/18_groupmod_change_gid_no_error_locked_gshadow/groupmod.test
+run_test ./grouptools/groupmod/19_groupmod_change_gid_error_invalid_GID/groupmod.test
+run_test ./grouptools/groupmod/20_groupmod_change_gid_error_negativ_GID/groupmod.test
+run_test ./grouptools/groupmod/21_groupmod_change_gid_error_no_group/groupmod.test
+run_test ./grouptools/groupmod/22_groupmod_change_gid_and_group_name/groupmod.test
+run_test ./grouptools/groupmod/23_groupmod_change_gid_and_group_name_and_password/groupmod.test
+run_test ./grouptools/groupmod/24_groupmod_change_gid_and_name_error_locked_gshadow/groupmod.test
+run_test ./grouptools/groupmod/25_groupmod_change_gid_change_primary_group_error_locked_passwd/groupmod.test
+run_test ./grouptools/groupmod/26_groupmod_change_group_name_no_error_locked_passwd/groupmod.test
+run_test ./grouptools/groupmod/27_groupmod_change_gid_error_GID_4294967295/groupmod.test
+run_test ./grouptools/groupmod/28_groupmod_usage/groupmod.test
+run_test ./grouptools/groupmod/29_groupmod_-g_same_gid_new_name/groupmod.test
+run_test ./grouptools/groupmod/30_groupmod_-g_same_gid_same_name/groupmod.test
+run_test ./grouptools/groupmod/31_groupmod_-g_same_gid/groupmod.test
+run_test ./grouptools/groupmod/32_groupmod_-o_without_-g/groupmod.test
+run_test ./grouptools/groupmod/33_groupmod_set_password_no_gshadow_file_with_group_pwd_x/groupmod.test
+run_test ./grouptools/groupmod/34_groupmod_set_password_group_without_shadow_pwd/groupmod.test
+run_test ./grouptools/groupmod/35_groupmod_set_password_group_without_shadow_pwd_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/36_groupmod_set_password_group_with_shadow_pwd_no_gshadow_group/groupmod.test
+run_test ./grouptools/groupmod/37_groupmod_invalid_option/groupmod.test
+run_test ./log/faillog/01_faillog_no_faillog/faillog.test
+run_test ./log/faillog/02_faillog_usage/faillog.test
+run_test ./log/faillog/03_faillog_format/faillog.test
+run_test ./log/faillog/04_faillog_mulitple/faillog.test
+run_test ./log/faillog/05_faillog-u_ID/faillog.test
+run_test ./log/faillog/06_faillog-u_name/faillog.test
+run_test ./log/faillog/07_faillog-u_ID_invalid/faillog.test
+run_test ./log/faillog/08_faillog-u_name_invalid/faillog.test
+run_test ./log/faillog/09_faillog-u_range/faillog.test
+run_test ./log/faillog/10_faillog-u_open_range/faillog.test
+run_test ./log/faillog/11_faillog-u_range_open/faillog.test
+run_test ./log/faillog/12_faillog-u_range_invalid1/faillog.test
+run_test ./log/faillog/13_faillog-u_range_invalid2/faillog.test
+run_test ./log/faillog/14_faillog-u_range_invalid3/faillog.test
+run_test ./log/faillog/15_faillog_bad_option/faillog.test
+run_test ./log/faillog/16_faillog_extra_arg/faillog.test
+run_test ./log/faillog/17_faillog-t/faillog.test
+run_test ./log/faillog/18_faillog-t_invalid/faillog.test
+run_test ./log/faillog/19_faillog_multiple_same_user/faillog.test
+run_test ./log/faillog/20_faillog-r-u/faillog.test
+run_test ./log/faillog/21_faillog-r-u_range/faillog.test
+run_test ./log/faillog/22_faillog_removed_user/faillog.test
+run_test ./log/faillog/23_faillog-a_removed_user/faillog.test
+run_test ./log/faillog/24_faillog-u_removed_user/faillog.test
+run_test ./log/faillog/25_faillog-r-u_removed_user/faillog.test
+run_test ./log/faillog/26_faillog-r-u_range_removed_user/faillog.test
+run_test ./log/faillog/27_faillog-r-a-u_range_removed_user/faillog.test
+run_test ./log/faillog/28_faillog-r-a-u_open_range_removed_user/faillog.test
+run_test ./log/faillog/29_faillog-r-a-u_range_open_removed_user/faillog.test
+run_test ./log/faillog/30_faillog-r/faillog.test
+run_test ./log/faillog/31_faillog-r-u_open_range/faillog.test
+run_test ./log/faillog/32_faillog-l/faillog.test
+run_test ./log/faillog/33_faillog-l-u_user/faillog.test
+run_test ./log/faillog/34_faillog-l-u_range/faillog.test
+run_test ./log/faillog/35_faillog-l-u_open_range/faillog.test
+run_test ./log/faillog/36_faillog-l-u_range_open/faillog.test
+run_test ./log/faillog/37_faillog-l-a-u_user/faillog.test
+run_test ./log/faillog/38_faillog-l-a-u_range/faillog.test
+run_test ./log/faillog/39_faillog-l-a-u_open_range/faillog.test
+run_test ./log/faillog/40_faillog-l-a-u_range_open/faillog.test
+run_test ./log/faillog/41_faillog-l_invalid/faillog.test
+run_test ./log/faillog/42_faillog-m/faillog.test
+run_test ./log/faillog/43_faillog-m-u_user/faillog.test
+run_test ./log/faillog/44_faillog-m-u_range/faillog.test
+run_test ./log/faillog/45_faillog-m-u_open_range/faillog.test
+run_test ./log/faillog/46_faillog-m-u_range_open/faillog.test
+run_test ./log/faillog/47_faillog-m-a-u_user/faillog.test
+run_test ./log/faillog/48_faillog-m-a-u_range/faillog.test
+run_test ./log/faillog/49_faillog-m-a-u_open_range/faillog.test
+run_test ./log/faillog/50_faillog-m-a-u_range_open/faillog.test
+run_test ./log/faillog/51_faillog-m_invalid/faillog.test
+run_test ./log/faillog/52_faillog-t-l_exclusive/faillog.test
+run_test ./log/faillog/53_faillog-t-m_exclusive/faillog.test
+run_test ./log/faillog/54_faillog-t-r_exclusive/faillog.test
+run_test ./log/faillog/55_faillog_no_changes/faillog.test
+run_test ./log/faillog/56_faillog-l-m_empty_file/faillog.test
+run_test ./log/faillog/57_faillog-r_empty_file/faillog.test
+run_test ./log/faillog/58_faillog-l_no_failcount/faillog.test
+run_test ./log/lastlog/01_lastlog_no_lastlog/lastlog.test
+run_test ./log/lastlog/02_lastlog_usage/lastlog.test
+run_test ./log/lastlog/03_lastlog_format/lastlog.test
+run_test ./log/lastlog/04_lastlog_mulitple/lastlog.test
+run_test ./log/lastlog/05_lastlog-u_ID/lastlog.test
+run_test ./log/lastlog/06_lastlog-u_name/lastlog.test
+run_test ./log/lastlog/07_lastlog-u_ID_invalid/lastlog.test
+run_test ./log/lastlog/08_lastlog-u_name_invalid/lastlog.test
+run_test ./log/lastlog/09_lastlog-u_range/lastlog.test
+run_test ./log/lastlog/10_lastlog-u_open_range/lastlog.test
+run_test ./log/lastlog/11_lastlog-u_range_open/lastlog.test
+run_test ./log/lastlog/12_lastlog-u_range_invalid1/lastlog.test
+run_test ./log/lastlog/13_lastlog-u_range_invalid2/lastlog.test
+run_test ./log/lastlog/14_lastlog-u_range_invalid3/lastlog.test
+run_test ./log/lastlog/15_lastlog_bad_option/lastlog.test
+run_test ./log/lastlog/16_lastlog_extra_arg/lastlog.test
+run_test ./log/lastlog/17_lastlog-t/lastlog.test
+run_test ./log/lastlog/18_lastlog-b/lastlog.test
+run_test ./log/lastlog/19_lastlog-t_invalid/lastlog.test
+run_test ./log/lastlog/20_lastlog-b_invalid/lastlog.test
+run_test ./usertools/01/01_useradd_add_user.test
+run_test ./usertools/01/01_userdel_delete_user.test
+run_test ./usertools/01/02_useradd_recreate_deleted_user.test
+run_test ./usertools/01/03_useradd_additional_options.test
+run_test ./usertools/01/04_useradd_add_user_with_existing_UID_fail.test
+run_test ./usertools/01/04_useradd_add_user_with_existing_UID_with_-o.test
+run_test ./usertools/01/04_useradd_specified_UID.test
+run_test ./usertools/01/04_useradd_specified_UID_and_GID.test
+run_test ./usertools/01/04_userdel_delete_user_with_non_unique_UID.test
+run_test ./usertools/01/05_useradd_invalid_numeric_primary_group.test
+run_test ./usertools/01/06_useradd_invalid_named_primary_group.test
+run_test ./usertools/01/07_useradd_numerical_primary_group.test
+run_test ./usertools/01/08_useradd_named_primary_group.test
+run_test ./usertools/01/09_usermod_change_user_info.test
+run_test ./usertools/01/10_usermod_rename_user.test
+run_test ./usertools/01/10_usermod_rename_user_in_group.test
+run_test ./usertools/01/11_usermod_change_password.test
+run_test ./usertools/01/11_usermod_lock_password.test
+run_test ./usertools/01/11_usermod_unlock_empty_password.test
+run_test ./usertools/01/11_usermod_unlock_password.test
+run_test ./usertools/01/12_usermod_change_gid_name.test
+run_test ./usertools/01/12_usermod_change_gid_number.test
+run_test ./usertools/01/13_useradd_negative_UID.test
+run_test ./usertools/01/14_useradd_out_of_range_UID.test
+run_test ./usertools/01/15_useradd_specified_large_UID.test
+run_test ./usertools/01/16_useradd_add_user_to_multiple_groups.test
+run_test ./usertools/01/16_useradd_add_user_to_one_group.test
+run_test ./usertools/01/17_useradd_create_homedir.test
+run_test ./usertools/01/18_userdel_remove_homedir.test
+run_test ./usertools/01/19_userdel_delete_user_in_group.test
+run_test ./usertools/01/20_usermod_change_homedir.test
+run_test ./usertools/01/21_usermod_change_and_move_homedir.test
+run_test ./usertools/01/22_usermod_new_groups.test
+run_test ./usertools/01/23_usermod_add_groups.test
+run_test ./usertools/01/24_usermod_new_groups_remove_old_groups.test
+run_test ./usertools/01/25_useradd_specified_large_UID2.test
+run_test ./usertools/01/26_useradd_UID_-1.test
+run_test ./usertools/02/useradd_default_default_values.test
+run_test ./usertools/02/useradd_get_default_values.test
+run_test ./usertools/02/useradd_change_default_INACTIVE.test
+run_test ./usertools/02/useradd_change_default_SHELL.test
+run_test ./usertools/02/useradd_change_default_EXPIRE.test
+run_test ./usertools/02/useradd_change_default_GROUP.test
+run_test ./usertools/02/useradd_change_default_HOME.test
+run_test ./usertools/02/useradd_change_defaults.test
+run_test ./usertools/03/useradd_change_defaults.test
+run_test ./usertools/04/01_useradd_add_user.test
+run_test ./usertools/05_userdel_del_from_group_members/userdel.test
+run_test ./usertools/06_userdel_del_from_gshadow_members/userdel.test
+run_test ./usertools/07_userdel_del_from_gshadow_admins/userdel.test
+run_test ./usertools/08_userdel_del_from_group_and_gshadow/userdel.test
+run_test ./usertools/09_userdel_del_homedir/userdel.test
+run_test ./usertools/10_userdel_del_homedir_wrong_owner/userdel.test
+run_test ./usertools/11_usermod_move_homedir/usermod.test
+run_test ./usertools/12_usermod_move_homedir_dev_null/usermod.test
+run_test ./usertools/13_usermod_move_homedir_file/usermod.test
+run_test ./usertools/14_usermod_move_homedir_other_device/usermod.test
+run_test ./usertools/15_usermod_change_supplementary_groups/usermod.test
+run_test ./usertools/16_usermod_remove_supplementary_groups/usermod.test
+run_test ./usertools/17_usermod_change_supplementary_groups_numerical/usermod.test
+run_test ./usertools/18_usermod_change_supplementary_groups-unknown_group/usermod.test
+run_test ./usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/usermod.test
+run_test ./usertools/20_usermod_rename_user_in_member_lists/usermod.test
+run_test ./usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/usermod.test
+run_test ./usertools/22_usermod-a_existing_supplementary_group/usermod.test
+run_test ./usertools/23_usermod-a_existing_supplementary_group+rename/usermod.test
+run_test ./usertools/24_usermod_locked_passwd/usermod.test
+run_test ./usertools/25_usermod-G_locked_group/usermod.test
+run_test ./usertools/26_usermod_locked_shadow/usermod.test
+run_test ./usertools/27_usermod-G_locked_gshadow/usermod.test
+run_test ./usertools/28_usermod-c_locked_group/usermod.test
+run_test ./usertools/29_usermod-c_locked_gshadow/usermod.test
+run_test ./usertools/30_usermod-l_locked_group/usermod.test
+run_test ./usertools/31_usermod-l_locked_gshadow/usermod.test
+run_test ./usertools/32_usermod-u_new_UID/usermod.test
+run_test ./usertools/33_usermod-u_existing_UID/usermod.test
+run_test ./usertools/34_usermod-u-o_existing_UID/usermod.test
+run_test ./usertools/35_usermod-u_invalid_UID/usermod.test
+run_test ./usertools/36_usermod_change_uid+move_homedir_other_device/usermod.test
+run_test ./usertools/37_Debian_Bug_470745/usermod.test
+run_test ./usertools/38_usermod_invalid_user/usermod.test
+run_test ./usertools/39_usermod_-c_invalid_comment/usermod.test
+run_test ./usertools/40_usermod_-d_invalid_homedir/usermod.test
+run_test ./usertools/41_usermod_-d_invalid_shell/usermod.test
+run_test ./usertools/42_usermod_-g_invalid_group_name/usermod.test
+run_test ./usertools/43_usermod_-g_invalid_group_ID/usermod.test
+run_test ./usertools/44_usermod-l_existing_username/usermod.test
+run_test ./usertools/45_usermod-l_existing_username_passwd/usermod.test
+run_test ./usertools/46_usermod-l_existing_username_shadow/usermod.test
+run_test ./usertools/47_usermod-l_no_shadow_file/usermod.test
+run_test ./usertools/48_userdel_keep_group_if_primary_other_user/userdel.test
+run_test ./usertools/49_userdel_delete_users_group/userdel.test
+run_test ./usertools/50_userdel_delete_users_group_no_gshadow_group/userdel.test
+run_test ./usertools/51_userdel_delete_users_group_no_gshadow_file/userdel.test
+run_test ./usertools/52_userdel_delete_user_no_shadow_entry/userdel.test
+run_test ./usertools/53_userdel_delete_user_no_shadow_file/userdel.test
+run_test ./usertools/54_usermod-u_invalid_UID_4294967295/usermod.test
+run_test ./usertools/55_userdel_busy_user/userdel.test
+run_test ./usertools/56_userdel_locked_passwd/userdel.test
+run_test ./usertools/57_userdel_locked_group/userdel.test
+run_test ./usertools/58_userdel_locked_shadow/userdel.test
+run_test ./usertools/59_userdel_locked_gshadow/userdel.test
+run_test ./usertools/60_userdel_invalid_user/userdel.test
+run_test ./usertools/61_userdel_del_homedir_with_symlinks/userdel.test
+if [ "$USE_PAM" = "yes" ]; then
+	run_test ./usertools/chpasswd-PAM/01_chpasswd_invalid_user/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/02_chpasswd_multiple_users/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/05_chpasswd_error_no_password/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/14_chpasswd_password_encrypted/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/15_chpasswd_password_md5/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/16_chpasswd_password_NONE/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/17_chpasswd_password_MD5/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/18_chpasswd_password_DES/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/19_chpasswd_password_SHA256/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/22_chpasswd_password_SHA512/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/30_chpasswd_locked_passwd/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/31_chpasswd_locked_shadow/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/32_chpasswd_invalid_user/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/chpasswd.test
+	run_test ./usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/chpasswd.test
+else
+	run_test ./usertools/chpasswd/01_chpasswd_invalid_user/chpasswd.test
+	run_test ./usertools/chpasswd/02_chpasswd_multiple_users/chpasswd.test
+	run_test ./usertools/chpasswd/03_chpasswd_no_shadow_file/chpasswd.test
+	run_test ./usertools/chpasswd/04_chpasswd_no_shadow_entry/chpasswd.test
+	run_test ./usertools/chpasswd/05_chpasswd_error_no_password/chpasswd.test
+fi
+run_test ./usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test
+run_test ./usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test
+run_test ./usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test
+run_test ./usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test
+run_test ./usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test
+run_test ./usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test
+run_test ./usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test
+run_test ./usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test
+run_test ./usertools/useradd/01_useradd_usage/useradd.test
+run_test ./usertools/useradd/02_useradd_usage_invalid_option/useradd.test
+run_test ./usertools/useradd/03_useradd_usage_no_users/useradd.test
+run_test ./usertools/useradd/04_useradd_usage_2_users/useradd.test
+run_test ./usertools/useradd/05_useradd_usage-b_invalid1/useradd.test
+run_test ./usertools/useradd/06_useradd_usage-b_invalid2/useradd.test
+run_test ./usertools/useradd/07_useradd_usage-b_invalid3/useradd.test
+run_test ./usertools/useradd/08_useradd_usage-c_invalid1/useradd.test
+run_test ./usertools/useradd/09_useradd_usage-c_invalid2/useradd.test
+run_test ./usertools/useradd/10_useradd_usage-d_invalid1/useradd.test
+run_test ./usertools/useradd/11_useradd_usage-d_invalid2/useradd.test
+run_test ./usertools/useradd/12_useradd_usage-d_invalid3/useradd.test
+run_test ./usertools/useradd/13_useradd_usage-e_invalid1/useradd.test
+run_test ./usertools/useradd/14_useradd_usage-e_invalid2/useradd.test
+run_test ./usertools/useradd/15_useradd_usage-e_no_shadow_file/useradd.test
+run_test ./usertools/useradd/16_useradd_usage-f_invalid1/useradd.test
+run_test ./usertools/useradd/17_useradd_usage-f_invalid2/useradd.test
+run_test ./usertools/useradd/18_useradd_usage-f_no_shadow_file/useradd.test
+run_test ./usertools/useradd/19_useradd_usage-K_invalid1/useradd.test
+run_test ./usertools/useradd/20_useradd_usage-O_invalid2/useradd.test
+run_test ./usertools/useradd/21_useradd_usage-p_invalid1/useradd.test
+run_test ./usertools/useradd/22_useradd_usage-p_invalid2/useradd.test
+run_test ./usertools/useradd/23_useradd_usage-s_invalid1/useradd.test
+run_test ./usertools/useradd/24_useradd_usage-s_invalid2/useradd.test
+run_test ./usertools/useradd/25_useradd_usage-s_invalid3/useradd.test
+run_test ./usertools/useradd/26_useradd_usage-o_without-u/useradd.test
+run_test ./usertools/useradd/27_useradd_usage-k_without-m/useradd.test
+run_test ./usertools/useradd/28_useradd_usage-U_with-g/useradd.test
+run_test ./usertools/useradd/29_useradd_usage-U_with-N/useradd.test
+run_test ./usertools/useradd/30_useradd_usage-m_with-M/useradd.test
+run_test ./usertools/useradd/31_useradd_usage_user_with-D/useradd.test
+run_test ./usertools/useradd/32_useradd_usage-D_with_other/useradd.test
+run_test ./usertools/useradd/33_useradd_usage_invalid_username/useradd.test
+run_test ./usertools/useradd/35_useradd_default_GROUP_name/useradd.test
+run_test ./usertools/useradd/34_useradd_default_GROUP_GID/useradd.test
+run_test ./usertools/useradd/36_useradd_default_GROUP_invalid_GID/useradd.test
+run_test ./usertools/useradd/37_useradd_default_GROUP_invalid_name/useradd.test
+run_test ./usertools/useradd/38_useradd_default_INACTIVE/useradd.test
+run_test ./usertools/useradd/39_useradd_default_INACTIVE_invalid1/useradd.test
+run_test ./usertools/useradd/40_useradd_default_INACTIVE_invalid2/useradd.test
+run_test ./usertools/useradd/41_useradd_default_default_SKEL/useradd.test
+run_test ./usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/useradd.test
+run_test ./usertools/useradd/43_useradd_default_no_final_eol/useradd.test
+run_test ./usertools/useradd/44_useradd_default_no_file/useradd.test
+run_test ./usertools/useradd/45_useradd-G_UID_name/useradd.test
+run_test ./usertools/useradd/46_useradd-G_UID_duplicate/useradd.test
+run_test ./usertools/useradd/47_useradd-G_UID_name_duplicate/useradd.test
+run_test ./usertools/useradd/48_useradd-G_name_duplicate/useradd.test
+run_test ./usertools/useradd/49_useradd-G_invalid_group/useradd.test
+run_test ./usertools/useradd/50_useradd-r/useradd.test
+run_test ./usertools/useradd/51_useradd_already_exist/useradd.test
+run_test ./usertools/useradd/52_useradd-U_group_already_exist/useradd.test
+run_test ./usertools/useradd/53_useradd-G_empty/useradd.test
+run_test ./usertools/useradd/54_useradd_no_shadow_file/useradd.test
+run_test ./usertools/useradd/55_useradd_no_gshadow_file/useradd.test
+run_test ./usertools/useradd/56_useradd_gshadow_entry_without_group_entry/useradd.test
+run_test ./usertools/useradd/57_useradd_usage-D_not_first_option/useradd.test
+run_test ./usertools/useradd/58_useradd-e_empty/useradd.test
+run_test ./usertools/useradd/59_useradd-e-1-f-1/useradd.test
+run_test ./usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/useradd.test
+run_test ./usertools/useradd/61_useradd-K/useradd.test
+run_test ./usertools/useradd/62_useradd-p/useradd.test
+run_test ./usertools/useradd/63_useradd-s/useradd.test
+run_test ./usertools/useradd/64_useradd_locked_passwd/useradd.test
+run_test ./usertools/useradd/65_useradd_locked_group/useradd.test
+run_test ./usertools/useradd/66_useradd_locked_shadow/useradd.test
+run_test ./usertools/useradd/67_useradd_locked_gshadow/useradd.test
+run_test ./usertools/useradd/68_useradd-s_empty/useradd.test
+run_test ./usertools/userdel/01_userdel_usage/userdel.test
+run_test ./usertools/userdel/02_userdel_usage_invalid_option/userdel.test
+run_test ./usertools/userdel/03_userdel_usage_no_users/userdel.test
+run_test ./usertools/userdel/04_userdel_usage_2_users/userdel.test
+run_test ./usertools/userdel/05_userdel_no_USERGROUPS_ENAB/userdel.test
+run_test ./usertools/userdel/06_userdel_no_usergroup/userdel.test
+run_test ./usertools/userdel/07_userdel_usergroup_not_primary/userdel.test
+run_test ./usertools/userdel/08_userdel_usergroup_with_other_members/userdel.test
+run_test ./usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/userdel.test
+run_test ./usertools/userdel/10_userdel_del_homedir_symlink/userdel.test
+run_test ./usertools/usermod/01_usermod-p_no_shadow_file/usermod.test
+run_test ./usertools/usermod/02_usermod-p_no_shadow_entry/usermod.test
+run_test ./usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/usermod.test
+run_test ./usertools/usermod/04_usermod_lock_already_locked_password1/usermod.test
+run_test ./usertools/usermod/05_usermod_lock_already_locked_password2/usermod.test
+run_test ./usertools/usermod/06_usermod_lock_already_locked_password3/usermod.test
+run_test ./usertools/usermod/07_usermod_unlock_already_unlocked_password1/usermod.test
+run_test ./usertools/usermod/08_usermod_unlock_already_unlocked_password2/usermod.test
+run_test ./usertools/usermod/09_usermod_unlock_already_unlocked_password3/usermod.test
+run_test ./usertools/usermod/10_usermod_usage/usermod.test
+run_test ./usertools/usermod/11_usermod_usage_bad_option/usermod.test
+run_test ./usertools/usermod/12_usermod_usage_bad-f/usermod.test
+run_test ./usertools/usermod/13_usermod_usage_bad-f_negativ/usermod.test
+run_test ./usertools/usermod/14_usermod_usage_no_options/usermod.test
+run_test ./usertools/usermod/15_usermod_usage_no_user/usermod.test
+run_test ./usertools/usermod/16_usermod_usage_-e_no_shadow_file/usermod.test
+run_test ./usertools/usermod/17_usermod_usage_-f_no_shadow_file/usermod.test
+run_test ./usertools/usermod/18_usermod_usage-L-p_exclusive/usermod.test
+run_test ./usertools/usermod/19_usermod_usage-L-U_exclusive/usermod.test
+run_test ./usertools/usermod/20_usermod_usage-p-U_exclusive/usermod.test
+run_test ./usertools/usermod/21_usermod_rename_user_no_gshadow_file/usermod.test
+run_test ./usertools/usermod/22_usermod_usage_rename_invalid_username/usermod.test
+run_test ./usertools/usermod/23_usermod-e_date/usermod.test
+run_test ./usertools/usermod/24_usermod-e_date/usermod.test
+run_test ./usertools/usermod/25_usermod-e_empty_arg/usermod.test
+run_test ./usertools/usermod/26_usermod-e-1/usermod.test
+run_test ./usertools/usermod/27_usermod-e_invalid1/usermod.test
+run_test ./usertools/usermod/28_usermod-e_invalid2/usermod.test
+run_test ./usertools/usermod/29_usermod_no_changes/usermod.test
+run_test ./usertools/usermod/30_usermod_usage-a_without-G/usermod.test
+run_test ./usertools/usermod/31_usermod_usage-o_without-u/usermod.test
+run_test ./usertools/usermod/32_usermod_usage-m_without-d/usermod.test
+run_test ./usertools/usermod/33_usermod_change_shell/usermod.test
+run_test ./usertools/usermod/34_usermod-e_date_no_shadow_entry/usermod.test
+run_test ./usertools/usermod/35_usermod-f_no_shadow_entry/usermod.test
+run_test ./usertools/usermod/36_usermod_move_homedir_existing_dir/usermod.test
+run_test ./usertools/usermod/37_usermod_move_nonexistent_homedir/usermod.test
+run_test ./usertools/usermod/38_usermod-u_lastlog_not_created/usermod.test
+run_test ./usertools/usermod/39_usermod-u_copy_lastlog_entry/usermod.test
+run_test ./usertools/usermod/40_usermod-u_reset_new_lastlog_entry/usermod.test
+run_test ./usertools/usermod/41_usermod-u_faillog_not_created/usermod.test
+run_test ./usertools/usermod/42_usermod-u_copy_faillog_entry/usermod.test
+run_test ./usertools/usermod/43_usermod-u_reset_new_faillog_entry/usermod.test
+run_test ./usertools/usermod/44_usermod-l_move_mailbox/usermod.test
+run_test ./usertools/usermod/45_usermod-u_change_mailbox_owner/usermod.test
+run_test ./usertools/usermod/46_usermod-u_checks_mailbox_owner/usermod.test
+run_test ./usertools/usermod/47_usermod-u_default_maildir/usermod.test
+run_test ./usertools/usermod/48_usermod-u_MAIL_FILE/usermod.test
+run_test ./usertools/usermod/49_usermod_change_gid+move_homedir_other_device/usermod.test
+run_test ./usertools/usermod/50_usermod_change_uid+move_homedir/usermod.test
+run_test ./usertools/usermod/51_usermod_change_gid+move_homedir/usermod.test
+run_test ./usertools/usermod/52_usermod_move_homedir_symlink/usermod.test
+run_test ./cptools/01/run1
+run_test ./cptools/01/run2
+run_test ./cptools/01/run3
+run_test ./cptools/01/run4
+run_test ./cktools/01/run1
+run_test ./cktools/01/run2
+run_test ./cktools/02_pwck_sort/pwck.test
+run_test ./cktools/03_grpck_sort/grpck.test
+run_test ./cktools/04_pwck_sort_missing_shadow_user/pwck.test
+run_test ./cktools/05_grpck_sort_missing_shadow_group/grpck.test
+run_test ./cktools/06_pwck_sort_NIS_server/pwck.test
+run_test ./cktools/07_pwck_sort_NIS_client/pwck.test
+run_test ./cktools/grpck/04_grpck_missing_field_group_delete/grpck.test
+run_test ./cktools/grpck/05_grpck_missing_field_group_keep/grpck.test
+run_test ./cktools/grpck/06_grpck_missing_field_group_no_changes/grpck.test
+run_test ./cktools/grpck/07_grpck_missing_field_gshadow_add/grpck.test
+run_test ./cktools/grpck/08_grpck_missing_field_gshadow_delete/grpck.test
+run_test ./cktools/grpck/09_grpck_missing_field_gshadow_no_changes/grpck.test
+run_test ./cktools/grpck/10_grpck_missing_field_group_local/grpck.test
+run_test ./cktools/grpck/11_grpck_missing_field_gshadow_local/grpck.test
+run_test ./cktools/grpck/12_grpck_unknown_user_group/grpck.test
+run_test ./cktools/grpck/13_grpck_unknown_user_gshadow/grpck.test
+run_test ./cktools/grpck/14_grpck_unknown_user_adm_gshadow/grpck.test
+run_test ./cktools/grpck/15_grpck_unknown_user_duplicate_group/grpck.test
+run_test ./cktools/grpck/16_grpck_duplicate_entry_group/grpck.test
+run_test ./cktools/grpck/17_grpck_duplicate_entry_gshadow/grpck.test
+run_test ./cktools/grpck/18_grpck_duplicate_entry_group_no_changes/grpck.test
+run_test ./cktools/grpck/19_grpck_duplicate_entry_gshadow_no_changes/grpck.test
+run_test ./cktools/grpck/20_grpck_duplicate_entry_gshadow_delete_second/grpck.test
+run_test ./cktools/grpck/21_grpck_invalid_group_name/grpck.test
+run_test ./cktools/grpck/22_grpck_invalid_group_ID_-1/grpck.test
+run_test ./cktools/grpck/23_grpck_invalid_group_ID_4294967295/grpck.test
+run_test ./cktools/grpck/24_grpck_invalid_group_ID_4294967296/grpck.test
+run_test ./cktools/grpck/25_grpck_unknown_user_group_no_changes/grpck.test
+run_test ./cktools/grpck/26_grpck_no_gshadow_file/grpck.test
+run_test ./cktools/grpck/27_grpck_sort_no_gshadow_file/grpck.test
+run_test ./cktools/grpck/28_grpck_usage/grpck.test
+run_test ./cktools/grpck/29_grpck_sort_readonly/grpck.test
+run_test ./cktools/grpck/30_grpck_3_files/grpck.test
+run_test ./cktools/grpck/31_grpck_missing_field_group_local_no_gshadow/grpck.test
+run_test ./cktools/grpck/32_grpck_sort_nis/grpck.test
+run_test ./cktools/grpck/33_grpck_locked_group/grpck.test
+run_test ./cktools/grpck/34_grpck_locked_gshadow/grpck.test
+run_test ./cktools/grpck/35_grpck_duplicate_entry_group_NIS/grpck.test
+run_test ./cktools/grpck/36_grpck_password_group_gshadow/grpck.test
+run_test ./cktools/grpck/37_grpck_invalid_option/grpck.test
+run_test ./cktools/pwck/04_pwck_missing_field_passwd_delete/pwck.test
+run_test ./cktools/pwck/05_pwck_missing_field_passwd_keep/pwck.test
+run_test ./cktools/pwck/06_pwck_missing_field_passwd_no_changes/pwck.test
+run_test ./cktools/pwck/07_pwck_missing_field_shadow_add/pwck.test
+run_test ./cktools/pwck/08_pwck_missing_field_shadow_delete/pwck.test
+run_test ./cktools/pwck/09_pwck_missing_field_shadow_no_changes/pwck.test
+run_test ./cktools/pwck/10_pwck_missing_field_passwd_local/pwck.test
+run_test ./cktools/pwck/11_pwck_missing_field_shadow_local/pwck.test
+run_test ./cktools/pwck/12_pwck_unknown_user_group_ID/pwck.test
+run_test ./cktools/pwck/13_pwck_duplicate_entry_passwd/pwck.test
+run_test ./cktools/pwck/14_pwck_duplicate_entry_shadow/pwck.test
+run_test ./cktools/pwck/15_pwck_duplicate_entry_passwd_no_changes/pwck.test
+run_test ./cktools/pwck/16_pwck_duplicate_entry_shadow_no_changes/pwck.test
+run_test ./cktools/pwck/17_pwck_duplicate_entry_passwd_delete_second/pwck.test
+run_test ./cktools/pwck/18_pwck_invalid_user_name/pwck.test
+run_test ./cktools/pwck/19_pwck_invalid_user_ID_-1/pwck.test
+run_test ./cktools/pwck/20_pwck_invalid_user_ID_4294967295/pwck.test
+run_test ./cktools/pwck/21_pwck_invalid_user_ID_4294967296/pwck.test
+run_test ./cktools/pwck/22_pwck_usage/pwck.test
+run_test ./cktools/pwck/23_pwck_locked_passwd/pwck.test
+run_test ./cktools/pwck/24_pwck_locked_shadow/pwck.test
+run_test ./cktools/pwck/25_pwck_usage_invalid_option/pwck.test
+run_test ./cktools/pwck/26_pwck_usage-s-r/pwck.test
+run_test ./cktools/pwck/27_pwck_usage_3_files/pwck.test
+run_test ./cktools/pwck/28_pwck_no_shadow_file/pwck.test
+run_test ./cktools/pwck/29_pwck_password_change_in_future/pwck.test
+run_test ./cktools/pwck/30_pwck_NIS_entries/pwck.test
+run_test ./cktools/pwck/31_pwck_shadow_entry_passwd_no_x/pwck.test
+run_test ./cktools/pwck/32_pwck_quiet/pwck.test
+if [ "$USE_PAM" != "yes" ]; then
+	run_test ./crypt/login.defs_DES-MD5_CRYPT_ENAB/01_chpasswd.test
+	run_test ./crypt/login.defs_DES/01_chpasswd.test
+	run_test ./crypt/login.defs_DES/02_chpasswd--crypt-method-MD5.test
+	run_test ./crypt/login.defs_DES/03_chpasswd--crypt-method-DES.test
+	run_test ./crypt/login.defs_DES/04_chpasswd--crypt-method-NONE.test
+	run_test ./crypt/login.defs_DES/05_chpasswd-e.test
+	run_test ./crypt/login.defs_DES/06_chpasswd-m.test
+fi
+run_test ./crypt/login.defs_DES/07_chgpasswd.test
+run_test ./crypt/login.defs_DES/08_chgpasswd--crypt-method-MD5.test
+run_test ./crypt/login.defs_DES/09_chgpasswd--crypt-method-DES.test
+run_test ./crypt/login.defs_DES/10_chgpasswd--crypt-method-NONE.test
+run_test ./crypt/login.defs_DES/11_chgpasswd-e.test
+run_test ./crypt/login.defs_DES/12_chgpasswd-m.test
+if [ "$USE_PAM" != "yes" ]; then
+	run_test ./crypt/login.defs_MD5/01_chpasswd.test
+	run_test ./crypt/login.defs_MD5_CRYPT_ENAB/01_chpasswd.test
+fi
+run_test ./crypt/login.defs_MD5/02_chgpasswd.test
+run_test ./crypt/login.defs_MD5_CRYPT_ENAB/02_chgpasswd.test
+if [ "$USE_PAM" != "yes" ]; then
+	run_test ./crypt/login.defs_SHA256-round-max/01_chpasswd.test
+	run_test ./crypt/login.defs_SHA256-round-min-max/01_chpasswd.test
+	run_test ./crypt/login.defs_SHA256-round-min/01_chpasswd.test
+	run_test ./crypt/login.defs_SHA256/01_chpasswd.test
+	run_test ./crypt/login.defs_SHA512/01_chpasswd.test
+	run_test ./crypt/login.defs_none/01_chpasswd.test
+fi
+run_test ./crypt/login.defs_SHA256-round-max/02_chgpasswd.test
+run_test ./crypt/login.defs_SHA256-round-min-max/02_chgpasswd.test
+run_test ./crypt/login.defs_SHA256-round-min/02_chgpasswd.test
+run_test ./crypt/login.defs_SHA256/02_chgpasswd.test
+run_test ./crypt/login.defs_SHA512/02_chgpasswd.test
+run_test ./crypt/login.defs_none/02_chgpasswd.test
+run_test ./newusers/01_create_user/newusers.test
+run_test ./newusers/02_update_password/newusers.test
+run_test ./newusers/03_no_update_pid/newusers.test
+run_test ./newusers/04_no_update_gid/newusers.test
+run_test ./newusers/05_create_user_pid/newusers.test
+run_test ./newusers/06_create_user_gid/newusers.test
+run_test ./newusers/07_create_user_pid_gid/newusers.test
+run_test ./newusers/08_create_user_pid_other-gid/newusers.test
+run_test ./newusers/09_create_user_pid-as-user-bar/newusers.test
+run_test ./newusers/10_create_user_gid-as-group-bar/newusers.test
+run_test ./newusers/11_update_gecos/newusers.test
+run_test ./newusers/12_update_shell/newusers.test
+run_test ./newusers/13_create_user_new-home/newusers.test
+run_test ./newusers/14_create_user_existing-home/newusers.test
+run_test ./newusers/15_update_new-home/newusers.test
+run_test ./newusers/16_update_existing-home/newusers.test
+run_test ./newusers/17_create_user_pid-already-used/newusers.test
+run_test ./newusers/18_create_user_gid-already-used/newusers.test
+run_test ./newusers/19_update_keep-old-home/newusers.test
+run_test ./newusers/20_multiple_users/newusers.test
+run_test ./newusers/21_create_user_UID_MAX/newusers.test
+run_test ./newusers/22_create_user_GID_MAX/newusers.test
+run_test ./newusers/23_create_user_error_negativ_UID/newusers.test
+run_test ./newusers/24_create_user_error_invalid_UID/newusers.test
+run_test ./newusers/25_create_user_error_no_remaining_UID/newusers.test
+run_test ./newusers/26_create_user_error_no_remaining_GID/newusers.test
+run_test ./newusers/27_create_user_error_invalid_username/newusers.test
+run_test ./newusers/28_create_user_error_invalid_groupname/newusers.test
+run_test ./newusers/29_create_user_error_invalid_username_valid_groupname/newusers.test
+run_test ./newusers/30_create_user_different_groupname/newusers.test
+run_test ./newusers/31_create_user_error_invalid_GID/newusers.test
+run_test ./newusers/32_create_user_error_gshadow_group_exists/newusers.test
+run_test ./newusers/33_update_password_no_shadow_password/newusers.test
+run_test ./newusers/34_update_password_no_shadow/newusers.test
+run_test ./newusers/35_read_from_stdin/newusers.test
+if [ "$USE_PAM" != "yes" ]; then
+	run_test ./newusers/36_create_user_encrypted/newusers.test
+	run_test ./newusers/37_create_user_encrypt_MD5/newusers.test
+	run_test ./newusers/38_update_password_no_shadow_encrypted/newusers.test
+	run_test ./newusers/39_update_password_no_shadow_password_encrypted/newusers.test
+	run_test ./newusers/40_update_password_encrypted/newusers.test
+	run_test ./newusers/41_create_user_encrypt_SHA256/newusers.test
+	run_test ./newusers/42_create_user_encrypt_SHA512/newusers.test
+	run_test ./newusers/43_create_user_encrypt_SHA256_rounds_3000/newusers.test
+	run_test ./newusers/44_create_user_encrypt_SHA256_rounds_300/newusers.test
+	run_test ./newusers/45_create_user_encrypt_rounds_3000/newusers.test
+	run_test ./newusers/46_create_user_encrypt_MD5_ignore_rounds_3000/newusers.test
+else
+
+	run_test ./newusers/37_create_user_encrypt_MD5-PAM/newusers.test
+
+
+
+	run_test ./newusers/41_create_user_encrypt_SHA256-PAM/newusers.test
+	run_test ./newusers/42_create_user_encrypt_SHA512-PAM/newusers.test
+	run_test ./newusers/43_create_user_encrypt_SHA256_rounds_3000-PAM/newusers.test
+	run_test ./newusers/44_create_user_encrypt_SHA256_rounds_300-PAM/newusers.test
+
+
+fi
+run_test ./newusers/47_create_user_error_UID_4294967295/newusers.test
+run_test ./newusers/48_create_user_error_GID_4294967295/newusers.test
+run_test ./newusers/49_multiple_system_users/newusers.test
+run_test ./newusers/50_usage/newusers.test
+run_test ./newusers/51_usage_invalid_option/newusers.test
+run_test ./newusers/52_usage_2_input_files/newusers.test
+run_test ./newusers/53_locked_passwd/newusers.test
+run_test ./newusers/54_locked_shadow/newusers.test
+run_test ./newusers/55_locked_group/newusers.test
+run_test ./newusers/56_locked_gshadow/newusers.test
+run_test ./newusers/57_missing_input_file/newusers.test
+run_test ./newusers/58_invalid_input_file/newusers.test
+run_test ./newusers/59_no_gshadow_file/newusers.test
+run_test ./newusers/60_update_no_gecos/newusers.test
+run_test ./newusers/61_update_no_shell/newusers.test
+run_test ./split_groups/01_useradd_split_group/useradd.test
+run_test ./split_groups/02_useradd_no_split_group/useradd.test
+run_test ./split_groups/03_useradd_split_group_already_split/useradd.test
+run_test ./split_groups/04_useradd_split_group_already_full/useradd.test
+run_test ./split_groups/05_useradd_split_group_already_split_passwd_differ/useradd.test
+run_test ./split_groups/06_useradd_split_group_already_split_GID_differ/useradd.test
+run_test ./split_groups/07_useradd_split_group_already_split_user_in_both_lines/useradd.test
+run_test ./split_groups/08_useradd_no_split_group_already_split/useradd.test
+run_test ./split_groups/09_groupdel_split_group_already_split/groupdel.test
+run_test ./split_groups/10_groupdel_no_split_group_already_split/groupdel.test
+if [ "$FAILURE_TESTS" = "yes" ]; then
+run_test ./failures/chage/01_chage_openRW_passwd_failure/chage.test
+run_test ./failures/chage/02_chage_openRO_passwd_failure/chage.test
+run_test ./failures/chage/03_chage_openRW_shadow_failure/chage.test
+run_test ./failures/chage/04_chage_openRO_shadow_failure/chage.test
+run_test ./failures/chage/05_chage_rename_shadow_failure/chage.test
+run_test ./failures/chage/06_chage_rename_passwd_failure/chage.test
+run_test ./failures/chgpasswd/01_chgpasswd-e_open_group_failure/chgpasswd.test
+run_test ./failures/chgpasswd/02_chgpasswd-e_open_gshadow_failure/chgpasswd.test
+run_test ./failures/chgpasswd/03_chgpasswd-e_rename_group_failure/chgpasswd.test
+run_test ./failures/chgpasswd/04_chgpasswd-e_rename_gshadow_failure/chgpasswd.test
+if [ "$USE_PAM" = "yes" ]; then
+	run_test ./failures/chpasswd-PAM/01_chpasswd-e_open_passwd_failure/chpasswd.test
+	run_test ./failures/chpasswd-PAM/02_chpasswd-e_open_shadow_failure/chpasswd.test
+	run_test ./failures/chpasswd-PAM/03_chpasswd-e_rename_passwd_failure/chpasswd.test
+	run_test ./failures/chpasswd-PAM/04_chpasswd-e_rename_shadow_failure/chpasswd.test
+	run_test ./failures/chpasswd-PAM/05_chpasswd-e_time_0/chpasswd.test
+fi
+run_test ./failures/chsh/01_chsh_open_passwd_failure/chsh.test
+run_test ./failures/chsh/02_chsh_rename_passwd_failure/chsh.test
+run_test ./failures/cppw/01_cppw_open_passwd_in_failure/cppw.test
+run_test ./failures/cppw/02_cppw_open_passwd_backup_failure/cppw.test
+run_test ./failures/cppw/03_cppw_rename_passwd_failure/cppw.test
+run_test ./failures/gpasswd/01_gpasswd_group_open_failure/gpasswd.test
+run_test ./failures/gpasswd/02_gpasswd_gshadow_open_failure/gpasswd.test
+run_test ./failures/gpasswd/03_gpasswd-a_group_open_failure/gpasswd.test
+run_test ./failures/gpasswd/04_gpasswd-d_group_open_failure/gpasswd.test
+run_test ./failures/gpasswd/05_gpasswd-r_group_open_failure/gpasswd.test
+run_test ./failures/gpasswd/06_gpasswd-R_gshadow_open_failure/gpasswd.test
+run_test ./failures/gpasswd/07_gpasswd-A_gshadow_open_failure/gpasswd.test
+run_test ./failures/gpasswd/08_gpasswd_group_openRO_failure/gpasswd.test
+run_test ./failures/gpasswd/09_gpasswd_gshadow_openRO_failure/gpasswd.test
+run_test ./failures/gpasswd/10_gpasswd_group_rename_failure/gpasswd.test
+run_test ./failures/gpasswd/11_gpasswd_gshadow_rename_failure/gpasswd.test
+run_test ./failures/groupadd/01_groupadd_gshadow_rename_failure/groupadd.test
+run_test ./failures/groupadd/02_groupadd_group_rename_failure/groupadd.test
+run_test ./failures/groupadd/03_groupadd_gshadow_open_failure/groupadd.test
+run_test ./failures/groupadd/04_groupadd_group_open_failure/groupadd.test
+run_test ./failures/groupdel/01_groupdel_gshadow_rename_failure/groupdel.test
+run_test ./failures/groupdel/02_groupdel_group_rename_failure/groupdel.test
+run_test ./failures/groupdel/03_groupdel_gshadow_open_failure/groupdel.test
+run_test ./failures/groupdel/04_groupdel_group_open_failure/groupdel.test
+run_test ./failures/groupmems/01_groupmems_group_open_failure/groupmems.test
+run_test ./failures/groupmems/02_groupmems_gshadow_open_failure/groupmems.test
+run_test ./failures/groupmod/01_groupmod_change_group_name_gshadow_rename_failure/groupmod.test
+run_test ./failures/groupmod/02_groupmod_change_gid_change_primary_group_passwd_rename_failure/groupmod.test
+run_test ./failures/groupmod/03_groupmod_change_group_name_group_rename_failure/groupmod.test
+run_test ./failures/groupmod/04_groupmod_group_open_failure/groupmod.test
+run_test ./failures/groupmod/05_groupmod_gshadow_open_failure/groupmod.test
+run_test ./failures/groupmod/06_groupmod_-g_no_gshadow_open_failure/groupmod.test
+run_test ./failures/groupmod/07_groupmod_passwd_open_failure/groupmod.test
+run_test ./failures/groupmod/08_groupmod_-g_same_gid_no_passwd_open_failure/groupmod.test
+run_test ./failures/groupmod/09_groupmod_-n_no_passwd_open_failure/groupmod.test
+run_test ./failures/grpck/01_grpck_system_group_open_failure/grpck.test
+run_test ./failures/grpck/02_grpck_group_open_failure/grpck.test
+run_test ./failures/grpck/03_grpck_system_gshadow_open_failure/grpck.test
+run_test ./failures/grpck/04_grpck_gshadow_open_failure/grpck.test
+run_test ./failures/grpck/05_grpck_sort_group_rename_failure/grpck.test
+run_test ./failures/grpck/06_grpck_sort_gshadow_rename_failure/grpck.test
+run_test ./failures/grpconv/01_grpconv_open_group_failure/grpconv.test
+run_test ./failures/grpconv/02_grpconv_open_gshadow_failure/grpconv.test
+run_test ./failures/grpconv/03_grpconv_rename_group_failure/grpconv.test
+run_test ./failures/grpconv/04_grpconv_rename_gshadow_failure/grpconv.test
+run_test ./failures/grpunconv/01_grpunconv_group_rename_failure/grpunconv.test
+run_test ./failures/grpunconv/02_grpunconv_open_group_failure/grpunconv.test
+run_test ./failures/grpunconv/03_grpunconv_open_gshadow_failure/grpunconv.test
+run_test ./failures/grpunconv/04_grpunconv_unlink_gshadow_failure/grpunconv.test
+run_test ./failures/newusers/01_newusers_open_passwd_failure/newusers.test
+run_test ./failures/newusers/02_newusers_open_shadow_failure/newusers.test
+run_test ./failures/newusers/03_newusers_open_group_failure/newusers.test
+run_test ./failures/newusers/04_newusers_open_gshadow_failure/newusers.test
+run_test ./failures/newusers/05_newusers_rename_passwd_failure/newusers.test
+run_test ./failures/newusers/06_newusers_rename_shadow_failure/newusers.test
+run_test ./failures/newusers/07_newusers_rename_group_failure/newusers.test
+run_test ./failures/newusers/08_newusers_rename_gshadow_failure/newusers.test
+run_test ./failures/newusers/09_newusers_rename_shadow_failure_PAM/newusers.test
+run_test ./failures/newusers/10_newusers_time_0/newusers.test
+run_test ./failures/pwck/01_pwck_system_passwd_open_failure/pwck.test
+run_test ./failures/pwck/02_pwck_passwd_open_failure/pwck.test
+run_test ./failures/pwck/03_pwck_system_shadow_open_failure/pwck.test
+run_test ./failures/pwck/04_pwck_shadow_open_failure/pwck.test
+run_test ./failures/pwck/05_pwck_sort_system_passwd_rename_failure/pwck.test
+run_test ./failures/pwck/06_pwck_sort_system_shadow_rename_failure/pwck.test
+run_test ./failures/pwck/07_pwck_sort_passwd_rename_failure/pwck.test
+run_test ./failures/pwck/08_pwck_sort_shadow_rename_failure/pwck.test
+run_test ./failures/pwck/09_pwck_create_shadow_entry_time_0/pwck.test
+run_test ./failures/pwconv/01_pwconv_open_passwd_failure/pwconv.test
+run_test ./failures/pwconv/02_pwconv_open_shadow_failure/pwconv.test
+run_test ./failures/pwconv/03_pwconv_rename_passwd_failure/pwconv.test
+run_test ./failures/pwconv/04_pwconv_rename_shadow_failure/pwconv.test
+run_test ./failures/pwconv/05_pwconv_time_0/pwconv.test
+run_test ./failures/pwunconv/01_pwunconv_passwd_rename_failure/pwunconv.test
+run_test ./failures/pwunconv/02_pwunconv_open_passwd_failure/pwunconv.test
+run_test ./failures/pwunconv/03_pwunconv_open_shadow_failure/pwunconv.test
+run_test ./failures/pwunconv/04_pwunconv_unlink_shadow_failure/pwunconv.test
+run_test ./failures/useradd/01_useradd_open_passwd_failure/useradd.test
+run_test ./failures/useradd/02_useradd_open_shadow_failure/useradd.test
+run_test ./failures/useradd/03_useradd_open_group_failure/useradd.test
+run_test ./failures/useradd/04_useradd_open_gshadow_failure/useradd.test
+run_test ./failures/useradd/05_useradd_rename_passwd_failure/useradd.test
+run_test ./failures/useradd/06_useradd_rename_shadow_failure/useradd.test
+run_test ./failures/useradd/07_useradd_rename_group_failure/useradd.test
+run_test ./failures/useradd/08_useradd_rename_gshadow_failure/useradd.test
+run_test ./failures/useradd/09_useradd_rename_defaults_failure/useradd.test
+run_test ./failures/useradd/10_useradd_rename_defaults_backup_failure/useradd.test
+run_test ./failures/useradd/11_useradd_time_0/useradd.test
+run_test ./failures/useradd/12_useradd_open_subuid_failure/useradd.test
+run_test ./failures/useradd/13_useradd_open_subgid_failure/useradd.test
+run_test ./failures/useradd/14_username_rename_subuid_failure/useradd.test
+run_test ./failures/useradd/15_username_rename_subgid_failure/useradd.test
+run_test ./failures/userdel/01_userdel_gshadow_rename_failure/userdel.test
+run_test ./failures/userdel/02_userdel_group_rename_failure/userdel.test
+run_test ./failures/userdel/03_userdel_shadow_rename_failure/userdel.test
+run_test ./failures/userdel/04_userdel_passwd_rename_failure/userdel.test
+run_test ./failures/userdel/05_userdel_failure_remove_mailbox/userdel.test
+run_test ./failures/userdel/06_userdel_failure_remove_file_homedir/userdel.test
+run_test ./failures/userdel/07_userdel_failure_remove_homedir/userdel.test
+run_test ./failures/userdel/08_userdel_open_passwd_failure/userdel.test
+run_test ./failures/userdel/09_userdel_open_shadow_failure/userdel.test
+run_test ./failures/userdel/10_userdel_open_group_failure/userdel.test
+run_test ./failures/userdel/11_userdel_open_gshadow_failure/userdel.test
+run_test ./failures/userdel/12_userdel_open_subuid_failure/userdel.test
+run_test ./failures/userdel/13_userdel_open_subgid_failure/userdel.test
+run_test ./failures/userdel/14_userdel_rename_subuid_failure/usedel.test
+run_test ./failures/userdel/15_userdel_rename_subgid_failure/usedel.test
+run_test ./failures/usermod/01_usermod_change_user_name_gshadow_rename_failure/usermod.test
+run_test ./failures/usermod/02_usermod_change_uid_passwd_rename_failure/usermod.test
+run_test ./failures/usermod/03_usermod_change_user_name_group_rename_failure/usermod.test
+run_test ./failures/usermod/04_usermod_change_user_name_gshadow_rename_no_failure/usermod.test
+run_test ./failures/usermod/05_usermod_change_uid_shadow_rename_failure/usermod.test
+run_test ./failures/usermod/06_usermod_change_user_name_open_passwd_failure/usermod.test
+run_test ./failures/usermod/07_usermod_change_user_name_open_shadow_failure/usermod.test
+run_test ./failures/usermod/08_usermod_change_user_name_open_group_failure/usermod.test
+run_test ./failures/usermod/09_usermod_change_user_name_open_gshadow_failure/usermod.test
+run_test ./failures/usermod/10_usermod_-p_time_0/usermod.test
+run_test ./failures/usermod/11_usermod-f_no_shadow_entry_time_0/usermod.test
+#run_test ./failures/usermod/12_usermod_change_uid_passwd_unlock_passwd_failure/usermod.test
+run_test ./failures/usermod/13_usermod_-v_open_subuid_failure/usermod.test
+run_test ./failures/usermod/14_usermod_-V_open_subuid_failure/usermod.test
+run_test ./failures/usermod/15_usermod_-w_open_subgid_failure/usermod.test
+run_test ./failures/usermod/16_usermod_-W_open_subgid_failure/usermod.test
+run_test ./failures/usermod/17_usermod_-v_rename_subuid_failure/usermod.test
+run_test ./failures/usermod/18_usermod_-w_rename_subgid_failure/usermod.test
+fi
+run_test ./expiry/01_expiry_-c_no_expiry/expiry.test
+run_test ./expiry/02_expiry_-c_expired/expiry.test
+run_test ./expiry/03_expiry_-f_expired/expiry.test
+run_test ./expiry/04_expiry_no_options/expiry.test
+run_test ./expiry/05_expiry_-c_no_shadow_file/expiry.test
+run_test ./expiry/06_expiry_-c_no_shadow_entry/expiry.test
+run_test ./expiry/07_expiry_-c_expired_account/expiry.test
+run_test ./expiry/08_expiry_-c_expired_max+inact/expiry.test
+run_test ./expiry/09_expiry_-c_expired_not_inactive/expiry.test
+run_test ./expiry/10_expiry_bad_option/expiry.test
+run_test ./expiry/11_expiry_usage/expiry.test
+run_test ./expiry/12_expiry_extra_arg/expiry.test
+run_test ./expiry/13_expiry_usage-c-f/expiry.test
+run_test ./passwd/01_passwd_-S_root_locked_account/passwd.test
+run_test ./passwd/02_passwd_-S_root_valid_account/passwd.test
+run_test ./passwd/03_passwd_-S_root_empty_password/passwd.test
+run_test ./passwd/04_passwd_-S_root_valid_account_no_shadow_file/passwd.test
+run_test ./passwd/05_passwd_-S_root_valid_account_no_shadow_entry/passwd.test
+run_test ./passwd/06_passwd_-l_root_lock_account/passwd.test
+run_test ./passwd/07_passwd_-l_root_lock_account_no_shadow_entry/passwd.test
+run_test ./passwd/08_passwd_-u_root_unlock_account/passwd.test
+run_test ./passwd/09_passwd_-u_root_unlock_to_empty/passwd.test
+run_test ./passwd/10_passwd_-d_root/passwd.test
+run_test ./passwd/11_passwd_--mindays_root/passwd.test
+run_test ./passwd/12_passwd_--maxdays_root/passwd.test
+run_test ./passwd/13_passwd_--warndays_root/passwd.test
+run_test ./passwd/14_passwd_--inactive_root/passwd.test
+run_test ./passwd/15_passwd_--expire_root/passwd.test
+run_test ./passwd/16_passwd_-S-a_root/passwd.test
+run_test ./passwd/17_passwd_root_change_password/passwd.test
+run_test ./passwd/18_passwd_root_change_password_user/passwd.test
+run_test ./passwd/19_passwd_user_change_password/passwd.test
+run_test ./passwd/20_passwd_user_change_password_same_user/passwd.test
+run_test ./passwd/21_passwd_user_change_password_other_user/passwd.test
+run_test ./passwd/22_passwd_usage/passwd.test
+run_test ./login/01_login_prompt/login.test
+run_test ./login/02_login_user/login.test
+run_test ./login/03_login_check_tty/login.test
+run_test ./subids/01_useradd_no_subids/useradd.test
+run_test ./subids/02_useradd_with_subids/useradd.test
+run_test ./subids/03_useradd_no_subgid/useradd.test
+run_test ./subids/04_useradd_no_subuid/useradd.test
+run_test ./subids/05_useradd_fill_gap_start/useradd.test
+run_test ./subids/06_useradd_fill_gap_middle/useradd.test
+run_test ./subids/07_useradd_fill_gap_end/useradd.test
+run_test ./subids/08_useradd_no_more_subuids_start/useradd.test
+run_test ./subids/09_useradd_no_more_subgids_start/useradd.test
+run_test ./subids/10_useradd_no_more_subuids_end/useradd.test
+run_test ./subids/11_useradd_no_more_subgids_end/useradd.test
+run_test ./subids/12_useradd_invalid_subuid_configuration1/useradd.test
+run_test ./subids/13_useradd_invalid_subuid_configuration2/useradd.test
+run_test ./subids/14_useradd_invalid_subuid_configuration3/useradd.test
+run_test ./subids/15_useradd_invalid_subgid_configuration1/useradd.test
+run_test ./subids/16_useradd_invalid_subgid_configuration2/useradd.test
+run_test ./subids/17_useradd_invalid_subgid_configuration3/useradd.test
+run_test ./subids/18_useradd_min=max/useradd.test
+run_test ./subids/19_useradd_locked_subuid/useradd.test
+run_test ./subids/20_useradd_locked_subgid/useradd.test
+run_test ./subids/21_usermod_create_subuid_range/usermod.test
+run_test ./subids/22_usermod_create_subgid_range/usermod.test
+run_test ./subids/23_usermod_create_subids_ranges/usermod.test
+run_test ./subids/24_usermod_create_subids_overlapping_ranges/usermod.test
+run_test ./subids/25_usermod_add_range/usermod.test
+run_test ./subids/26_usermod_add_overlapping_ranges/usermod.test
+run_test ./subids/27_usermod_remove_range_all/usermod.test
+run_test ./subids/28_usermod_remove_range_partial_begin/usermod.test
+run_test ./subids/29_usermod_remove_range_partial_middle/usermod.test
+run_test ./subids/30_usermod_remove_range_partial_end/usermod.test
+run_test ./subids/31_usermod_remove_outside_range/usermod.test
+run_test ./subids/32_usermod_remove_overlapping_range_begin/usermod.test
+run_test ./subids/33_usermod_remove_overlapping_range_end/usermod.test
+run_test ./subids/34_usermod_remove_overlapping_range_all/usermod.test
+run_test ./subids/35_usermod_remove_only_user_ranges/usermod.test
+run_test ./subids/36_usermod_remove_with_comment/usermod.test
+run_test ./subids/37_usermod_-v_invalid_range/usermod.test
+run_test ./subids/38_usermod_-V_invalid_range/usermod.test
+run_test ./subids/39_usermod_-w_invalid_range/usermod.test
+run_test ./subids/40_usermod_-W_invalid_range/usermod.test
+run_test ./subids/41_usermod_locked_subuid/usermod.test
+run_test ./subids/42_usermod_locked_subgid/usermod.test
+run_test ./subids/43_usermod_-w_no_subgid/usermod.test
+run_test ./subids/44_usermod_-W_no_subgid/usermod.test
+run_test ./subids/45_usermod_-v_no_subgid/usermod.test
+run_test ./subids/46_usermod_-V_no_subgid/usermod.test
+run_test ./subids/47_usermod_-v_invalid_range2/usermod.test
+run_test ./subids/48_usermod_-v_invalid_range3/usermod.test
+run_test ./subids/49_usermod_-v_invalid_range4/usermod.test
+run_test ./subids/50_usermod_-v_invalid_range5/usermod.test
+run_test ./subids/51_usermod_-v_invalid_range6/usermod.test
+run_test ./subids/52_usermod_-v_invalid_range7/usermod.test
+run_test ./subids/53_userdel_one_subuid_range/userdel.test
+run_test ./subids/54_userdel_one_subgid_range/userdel.test
+run_test ./subids/55_userdel_no_subuid/userdel.test
+run_test ./subids/56_userdel_no_subgid/userdel.test
+run_test ./subids/57_userdel_multiple_ranges/userdel.test
+run_test ./subids/58_newusers_with_subids/newusers.test
+run_test ./subids/59_newusers_no_subuid/newusers.test
+run_test ./subids/60_newusers_no_subgid/newusers.test
+run_test ./subids/61_newusers_user_alread_has_subgids/newusers.test
+run_test ./subids/62_newusers_user_alread_has_subuids/newusers.test
+run_test ./subids/63_useradd_fill_gap4/useradd.test
+run_test ./subids/64_useradd_fill_gap5/useradd.test
+run_test ./subids/65_useradd_fill_gap6/useradd.test
+run_test ./subids/66_subordinate_range_cmp/useradd.test
+run_test ./subids/67_invalid_subuid_file1/useradd.test
+run_test ./subids/68_invalid_subuid_file2/useradd.test
+run_test ./subids/69_invalid_subuid_file3/useradd.test
+run_test ./subids/70_invalid_subuid_file4/useradd.test
+
+echo
+
+genhtml --quiet --frames --output-directory coverage.test --show-details app_total.info
+
+echo
+echo "$succeded test(s) passed"
+echo "$failed test(s) failed"
+echo "log written in 'testsuite.log'"
+if [ "$failed" != "0" ]
+then
+	echo "the following tests failed:"
+	echo $failed_tests
+fi
+
diff --git a/tests/split_groups/01_useradd_split_group/config.txt b/tests/split_groups/01_useradd_split_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/01_useradd_split_group/config/etc/default/useradd b/tests/split_groups/01_useradd_split_group/config/etc/default/useradd
new file mode 100644
index 0000000..64dec7d
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/home
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=-1
+#
+# The default expire date
+EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=no
diff --git a/tests/split_groups/01_useradd_split_group/config/etc/group b/tests/split_groups/01_useradd_split_group/config/etc/group
new file mode 100644
index 0000000..af7aa3b
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo1:x:1000:
+foo2:x:1001:
diff --git a/tests/split_groups/01_useradd_split_group/config/etc/gshadow b/tests/split_groups/01_useradd_split_group/config/etc/gshadow
new file mode 100644
index 0000000..cfa80d5
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2
+foo1:*::
+foo2:*::
diff --git a/tests/split_groups/01_useradd_split_group/config/etc/login.defs b/tests/split_groups/01_useradd_split_group/config/etc/login.defs
new file mode 100644
index 0000000..b3b37df
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+MAX_MEMBERS_PER_GROUP	2
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/01_useradd_split_group/config/etc/passwd b/tests/split_groups/01_useradd_split_group/config/etc/passwd
new file mode 100644
index 0000000..708e6ef
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/split_groups/01_useradd_split_group/config/etc/shadow b/tests/split_groups/01_useradd_split_group/config/etc/shadow
new file mode 100644
index 0000000..f13ec56
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/split_groups/01_useradd_split_group/data/group b/tests/split_groups/01_useradd_split_group/data/group
new file mode 100644
index 0000000..f7d6d12
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/data/group
@@ -0,0 +1,46 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/01_useradd_split_group/data/gshadow b/tests/split_groups/01_useradd_split_group/data/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/data/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/01_useradd_split_group/data/passwd b/tests/split_groups/01_useradd_split_group/data/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/data/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/01_useradd_split_group/data/shadow b/tests/split_groups/01_useradd_split_group/data/shadow
new file mode 100644
index 0000000..cb7911b
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/data/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:@TODAY@:0:99999:7:::
diff --git a/tests/split_groups/01_useradd_split_group/useradd.test b/tests/split_groups/01_useradd_split_group/useradd.test
new file mode 100755
index 0000000..402aad9
--- /dev/null
+++ b/tests/split_groups/01_useradd_split_group/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user to a group with a full line"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo3, in group foo (useradd -G foo foo3)..."
+useradd -G foo foo3
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/02_useradd_no_split_group/config.txt b/tests/split_groups/02_useradd_no_split_group/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/default/useradd b/tests/split_groups/02_useradd_no_split_group/config/etc/default/useradd
new file mode 100644
index 0000000..64dec7d
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/home
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=-1
+#
+# The default expire date
+EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=no
diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/group b/tests/split_groups/02_useradd_no_split_group/config/etc/group
new file mode 100644
index 0000000..af7aa3b
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo1:x:1000:
+foo2:x:1001:
diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/gshadow b/tests/split_groups/02_useradd_no_split_group/config/etc/gshadow
new file mode 100644
index 0000000..cfa80d5
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2
+foo1:*::
+foo2:*::
diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/login.defs b/tests/split_groups/02_useradd_no_split_group/config/etc/login.defs
new file mode 100644
index 0000000..46b2876
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+MAX_MEMBERS_PER_GROUP	0
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/passwd b/tests/split_groups/02_useradd_no_split_group/config/etc/passwd
new file mode 100644
index 0000000..708e6ef
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/split_groups/02_useradd_no_split_group/config/etc/shadow b/tests/split_groups/02_useradd_no_split_group/config/etc/shadow
new file mode 100644
index 0000000..f13ec56
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/split_groups/02_useradd_no_split_group/data/group b/tests/split_groups/02_useradd_no_split_group/data/group
new file mode 100644
index 0000000..355db7e
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/data/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2,foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/02_useradd_no_split_group/data/gshadow b/tests/split_groups/02_useradd_no_split_group/data/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/data/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/02_useradd_no_split_group/data/passwd b/tests/split_groups/02_useradd_no_split_group/data/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/data/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/02_useradd_no_split_group/data/shadow b/tests/split_groups/02_useradd_no_split_group/data/shadow
new file mode 100644
index 0000000..cb7911b
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/data/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:@TODAY@:0:99999:7:::
diff --git a/tests/split_groups/02_useradd_no_split_group/useradd.test b/tests/split_groups/02_useradd_no_split_group/useradd.test
new file mode 100755
index 0000000..402aad9
--- /dev/null
+++ b/tests/split_groups/02_useradd_no_split_group/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user to a group with a full line"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo3, in group foo (useradd -G foo foo3)..."
+useradd -G foo foo3
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/03_useradd_split_group_already_split/config.txt b/tests/split_groups/03_useradd_split_group_already_split/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/default/useradd b/tests/split_groups/03_useradd_split_group_already_split/config/etc/default/useradd
new file mode 100644
index 0000000..64dec7d
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/home
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=-1
+#
+# The default expire date
+EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=no
diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/group b/tests/split_groups/03_useradd_split_group_already_split/config/etc/group
new file mode 100644
index 0000000..f7d6d12
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/group
@@ -0,0 +1,46 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/gshadow b/tests/split_groups/03_useradd_split_group_already_split/config/etc/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/login.defs b/tests/split_groups/03_useradd_split_group_already_split/config/etc/login.defs
new file mode 100644
index 0000000..b3b37df
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+MAX_MEMBERS_PER_GROUP	2
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/passwd b/tests/split_groups/03_useradd_split_group_already_split/config/etc/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/03_useradd_split_group_already_split/config/etc/shadow b/tests/split_groups/03_useradd_split_group_already_split/config/etc/shadow
new file mode 100644
index 0000000..81582a0
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
diff --git a/tests/split_groups/03_useradd_split_group_already_split/data/group b/tests/split_groups/03_useradd_split_group_already_split/data/group
new file mode 100644
index 0000000..3c1c18b
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/data/group
@@ -0,0 +1,47 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3,foo4
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
+foo4:x:1003:
diff --git a/tests/split_groups/03_useradd_split_group_already_split/data/gshadow b/tests/split_groups/03_useradd_split_group_already_split/data/gshadow
new file mode 100644
index 0000000..ca307ab
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/data/gshadow
@@ -0,0 +1,46 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3,foo4
+foo1:*::
+foo2:*::
+foo3:!::
+foo4:!::
diff --git a/tests/split_groups/03_useradd_split_group_already_split/data/passwd b/tests/split_groups/03_useradd_split_group_already_split/data/passwd
new file mode 100644
index 0000000..f60db36
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/data/passwd
@@ -0,0 +1,23 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
+foo4:x:1003:1003::/home/foo4:/bin/sh
diff --git a/tests/split_groups/03_useradd_split_group_already_split/data/shadow b/tests/split_groups/03_useradd_split_group_already_split/data/shadow
new file mode 100644
index 0000000..3ee0375
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/data/shadow
@@ -0,0 +1,23 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
+foo4:!:@TODAY@:0:99999:7:::
diff --git a/tests/split_groups/03_useradd_split_group_already_split/useradd.test b/tests/split_groups/03_useradd_split_group_already_split/useradd.test
new file mode 100755
index 0000000..5c8fbad
--- /dev/null
+++ b/tests/split_groups/03_useradd_split_group_already_split/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user to a group already split"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo4, in group foo (useradd -G foo foo4)..."
+useradd -G foo foo4
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/04_useradd_split_group_already_full/config.txt b/tests/split_groups/04_useradd_split_group_already_full/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/default/useradd b/tests/split_groups/04_useradd_split_group_already_full/config/etc/default/useradd
new file mode 100644
index 0000000..64dec7d
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/home
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=-1
+#
+# The default expire date
+EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=no
diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/group b/tests/split_groups/04_useradd_split_group_already_full/config/etc/group
new file mode 100644
index 0000000..355db7e
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2,foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/gshadow b/tests/split_groups/04_useradd_split_group_already_full/config/etc/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/login.defs b/tests/split_groups/04_useradd_split_group_already_full/config/etc/login.defs
new file mode 100644
index 0000000..b3b37df
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+MAX_MEMBERS_PER_GROUP	2
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/passwd b/tests/split_groups/04_useradd_split_group_already_full/config/etc/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/04_useradd_split_group_already_full/config/etc/shadow b/tests/split_groups/04_useradd_split_group_already_full/config/etc/shadow
new file mode 100644
index 0000000..81582a0
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
diff --git a/tests/split_groups/04_useradd_split_group_already_full/data/group b/tests/split_groups/04_useradd_split_group_already_full/data/group
new file mode 100644
index 0000000..3c1c18b
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/data/group
@@ -0,0 +1,47 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3,foo4
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
+foo4:x:1003:
diff --git a/tests/split_groups/04_useradd_split_group_already_full/data/gshadow b/tests/split_groups/04_useradd_split_group_already_full/data/gshadow
new file mode 100644
index 0000000..ca307ab
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/data/gshadow
@@ -0,0 +1,46 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3,foo4
+foo1:*::
+foo2:*::
+foo3:!::
+foo4:!::
diff --git a/tests/split_groups/04_useradd_split_group_already_full/data/passwd b/tests/split_groups/04_useradd_split_group_already_full/data/passwd
new file mode 100644
index 0000000..f60db36
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/data/passwd
@@ -0,0 +1,23 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
+foo4:x:1003:1003::/home/foo4:/bin/sh
diff --git a/tests/split_groups/04_useradd_split_group_already_full/data/shadow b/tests/split_groups/04_useradd_split_group_already_full/data/shadow
new file mode 100644
index 0000000..3ee0375
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/data/shadow
@@ -0,0 +1,23 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
+foo4:!:@TODAY@:0:99999:7:::
diff --git a/tests/split_groups/04_useradd_split_group_already_full/useradd.test b/tests/split_groups/04_useradd_split_group_already_full/useradd.test
new file mode 100755
index 0000000..f4aab68
--- /dev/null
+++ b/tests/split_groups/04_useradd_split_group_already_full/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user to a group with already more user than allowed"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo4, in group foo (useradd -G foo foo4)..."
+useradd -G foo foo4
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config.txt b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/group b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/group
new file mode 100644
index 0000000..bdc8297
--- /dev/null
+++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/group
@@ -0,0 +1,46 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:pass1:999:foo1,foo2
+foo:pass2:999:foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/gshadow b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/login.defs b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/login.defs
new file mode 100644
index 0000000..b3b37df
--- /dev/null
+++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+MAX_MEMBERS_PER_GROUP	2
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/passwd b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/shadow b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/shadow
new file mode 100644
index 0000000..81582a0
--- /dev/null
+++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/data/useradd.err b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/data/useradd.err
new file mode 100644
index 0000000..050950f
--- /dev/null
+++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/data/useradd.err
@@ -0,0 +1,2 @@
+Multiple entries named 'foo' in /etc/group. Please fix this with pwck or grpck.
+useradd: failed to prepare the new /etc/group entry 'foo'
diff --git a/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/useradd.test b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/useradd.test
new file mode 100755
index 0000000..165e47d
--- /dev/null
+++ b/tests/split_groups/05_useradd_split_group_already_split_passwd_differ/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user to a group already split, with different group passwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo4, in group foo (useradd -G foo foo4)..."
+useradd -G foo foo4 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config.txt b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/group b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/group
new file mode 100644
index 0000000..792c688
--- /dev/null
+++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/group
@@ -0,0 +1,46 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:pass:998:foo1,foo2
+foo:pass:999:foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/gshadow b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/login.defs b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/login.defs
new file mode 100644
index 0000000..b3b37df
--- /dev/null
+++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+MAX_MEMBERS_PER_GROUP	2
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/passwd b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/shadow b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/shadow
new file mode 100644
index 0000000..81582a0
--- /dev/null
+++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/data/useradd.err b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/data/useradd.err
new file mode 100644
index 0000000..050950f
--- /dev/null
+++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/data/useradd.err
@@ -0,0 +1,2 @@
+Multiple entries named 'foo' in /etc/group. Please fix this with pwck or grpck.
+useradd: failed to prepare the new /etc/group entry 'foo'
diff --git a/tests/split_groups/06_useradd_split_group_already_split_GID_differ/useradd.test b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/useradd.test
new file mode 100755
index 0000000..970d10c
--- /dev/null
+++ b/tests/split_groups/06_useradd_split_group_already_split_GID_differ/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user to a group already split, with different GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo4, in group foo (useradd -G foo foo4)..."
+useradd -G foo foo4 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config.txt b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/default/useradd b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/default/useradd
new file mode 100644
index 0000000..64dec7d
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/home
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=-1
+#
+# The default expire date
+EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=no
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/group b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/group
new file mode 100644
index 0000000..c4ea1f0
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/group
@@ -0,0 +1,46 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3,foo1
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/gshadow b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/login.defs b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/login.defs
new file mode 100644
index 0000000..b3b37df
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+MAX_MEMBERS_PER_GROUP	2
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/passwd b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/shadow b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/shadow
new file mode 100644
index 0000000..81582a0
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/group b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/group
new file mode 100644
index 0000000..3c1c18b
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/group
@@ -0,0 +1,47 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3,foo4
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
+foo4:x:1003:
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/gshadow b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/gshadow
new file mode 100644
index 0000000..ca307ab
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/gshadow
@@ -0,0 +1,46 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3,foo4
+foo1:*::
+foo2:*::
+foo3:!::
+foo4:!::
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/passwd b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/passwd
new file mode 100644
index 0000000..f60db36
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/passwd
@@ -0,0 +1,23 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
+foo4:x:1003:1003::/home/foo4:/bin/sh
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/shadow b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/shadow
new file mode 100644
index 0000000..3ee0375
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/data/shadow
@@ -0,0 +1,23 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
+foo4:!:@TODAY@:0:99999:7:::
diff --git a/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/useradd.test b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/useradd.test
new file mode 100755
index 0000000..5c8fbad
--- /dev/null
+++ b/tests/split_groups/07_useradd_split_group_already_split_user_in_both_lines/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user to a group already split"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo4, in group foo (useradd -G foo foo4)..."
+useradd -G foo foo4
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config.txt b/tests/split_groups/08_useradd_no_split_group_already_split/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/08_useradd_no_split_group_already_split/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/group b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/group
new file mode 100644
index 0000000..f7d6d12
--- /dev/null
+++ b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/group
@@ -0,0 +1,46 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/gshadow b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/login.defs b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/login.defs
new file mode 100644
index 0000000..46b2876
--- /dev/null
+++ b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+MAX_MEMBERS_PER_GROUP	0
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/passwd b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/shadow b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/shadow
new file mode 100644
index 0000000..81582a0
--- /dev/null
+++ b/tests/split_groups/08_useradd_no_split_group_already_split/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/data/useradd.err b/tests/split_groups/08_useradd_no_split_group_already_split/data/useradd.err
new file mode 100644
index 0000000..050950f
--- /dev/null
+++ b/tests/split_groups/08_useradd_no_split_group_already_split/data/useradd.err
@@ -0,0 +1,2 @@
+Multiple entries named 'foo' in /etc/group. Please fix this with pwck or grpck.
+useradd: failed to prepare the new /etc/group entry 'foo'
diff --git a/tests/split_groups/08_useradd_no_split_group_already_split/useradd.test b/tests/split_groups/08_useradd_no_split_group_already_split/useradd.test
new file mode 100755
index 0000000..055dec9
--- /dev/null
+++ b/tests/split_groups/08_useradd_no_split_group_already_split/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user to a group already split, with MAX_MEMBERS_PER_GROUP set to 0"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo4, in group foo (useradd -G foo foo4)..."
+useradd -G foo foo4 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config.txt b/tests/split_groups/09_groupdel_split_group_already_split/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config/etc/group b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/group
new file mode 100644
index 0000000..f7d6d12
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/group
@@ -0,0 +1,46 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config/etc/gshadow b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config/etc/login.defs b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/login.defs
new file mode 100644
index 0000000..b3b37df
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+MAX_MEMBERS_PER_GROUP	2
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config/etc/passwd b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/config/etc/shadow b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/shadow
new file mode 100644
index 0000000..81582a0
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/data/group b/tests/split_groups/09_groupdel_split_group_already_split/data/group
new file mode 100644
index 0000000..7053f0e
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/data/gshadow b/tests/split_groups/09_groupdel_split_group_already_split/data/gshadow
new file mode 100644
index 0000000..f2ee7ec
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/09_groupdel_split_group_already_split/groupdel.test b/tests/split_groups/09_groupdel_split_group_already_split/groupdel.test
new file mode 100755
index 0000000..0789a2e
--- /dev/null
+++ b/tests/split_groups/09_groupdel_split_group_already_split/groupdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Delete a split group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config.txt b/tests/split_groups/10_groupdel_no_split_group_already_split/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/group b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/group
new file mode 100644
index 0000000..f7d6d12
--- /dev/null
+++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/group
@@ -0,0 +1,46 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:foo1,foo2
+foo:x:999:foo3
+foo1:x:1000:
+foo2:x:1001:
+foo3:x:1002:
diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/gshadow b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/gshadow
new file mode 100644
index 0000000..39460af
--- /dev/null
+++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo1,foo2,foo3
+foo1:*::
+foo2:*::
+foo3:!::
diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/login.defs b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/login.defs
new file mode 100644
index 0000000..46b2876
--- /dev/null
+++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/login.defs
@@ -0,0 +1,317 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+MAX_MEMBERS_PER_GROUP	0
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/passwd b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/passwd
new file mode 100644
index 0000000..6a6f62f
--- /dev/null
+++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo1:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
+foo3:x:1002:1002::/home/foo3:/bin/sh
diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/shadow b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/shadow
new file mode 100644
index 0000000..81582a0
--- /dev/null
+++ b/tests/split_groups/10_groupdel_no_split_group_already_split/config/etc/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo1:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+foo3:!:13946:0:99999:7:::
diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/data/groupdel.err b/tests/split_groups/10_groupdel_no_split_group_already_split/data/groupdel.err
new file mode 100644
index 0000000..7bd0741
--- /dev/null
+++ b/tests/split_groups/10_groupdel_no_split_group_already_split/data/groupdel.err
@@ -0,0 +1,2 @@
+Multiple entries named 'foo' in /etc/group. Please fix this with pwck or grpck.
+groupdel: cannot remove entry 'foo' from /etc/group
diff --git a/tests/split_groups/10_groupdel_no_split_group_already_split/groupdel.test b/tests/split_groups/10_groupdel_no_split_group_already_split/groupdel.test
new file mode 100755
index 0000000..b1086b6
--- /dev/null
+++ b/tests/split_groups/10_groupdel_no_split_group_already_split/groupdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Delete a split group, with MAX_MEMBERS_PER_GROUP set to 0"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete group foo (groupdel foo)..."
+groupdel foo 2>tmp/groupdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "groupdel reported:"
+echo "======================================================================="
+cat tmp/groupdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/groupdel.err tmp/groupdel.err
+echo "error message OK."
+rm -f tmp/groupdel.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/01/config.txt b/tests/su/01/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/01/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/01/config/etc/group b/tests/su/01/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/01/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/01/config/etc/gshadow b/tests/su/01/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/01/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/01/config/etc/passwd b/tests/su/01/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/01/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/01/config/etc/shadow b/tests/su/01/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/01/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/01/run_su.exp b/tests/su/01/run_su.exp
new file mode 100755
index 0000000..2610363
--- /dev/null
+++ b/tests/su/01/run_su.exp
@@ -0,0 +1,73 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+	puts "usage: run_su.exp <user> <password> <prompt>"
+	exit 1
+}
+
+set user     [lindex $argv 0]
+set password [lindex $argv 1]
+set prompt   [lindex $argv 2]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the passwordless 'testsuite' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su testsuite
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'testsuite'"
+send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect {
+	timeout {
+		puts "\ntimeout...FAIL"
+		exit 1
+	}
+	"uid=424243(testsuite) gid=424243 groups=424243"
+}
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now switch to user '$user'\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "su $user\r"		;# Switch to the user
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (su is not ready to receive the password)
+sleep 0.1
+
+send "$password\r"		;# Send the password
+
+send_user "\n# password '$password' sent\n\n"
+send_user "# expect prompt '$prompt'"
+
+expect {
+	# Wait for the new prompt
+	"$prompt" {
+		send_user "\n\n# make sure we are '$user'\n"
+		send_user "# id should return '($user).*($user).*($user)"
+		send "\r"	;# restore the prompt for the logs
+		send "id\r"	;# Verify the id
+
+		expect {
+			-re "\\($user\\).*\\($user\\).*\\($user\\)" {
+				expect "$prompt"
+				send "exit\r"
+				expect "$ "
+				puts "\nPASS"
+				exit 0
+			}
+		}
+	}
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/su/01/su_root.test b/tests/su/01/su_root.test
new file mode 100755
index 0000000..1bc2268
--- /dev/null
+++ b/tests/su/01/su_root.test
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to root"
+
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su.exp root rootF00barbaz '# '
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/01/su_user.test b/tests/su/01/su_user.test
new file mode 100755
index 0000000..7fd1f57
--- /dev/null
+++ b/tests/su/01/su_user.test
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to a non-root user"
+
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su.exp myuser myuserF00barbaz '$ '
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/02/config.txt b/tests/su/02/config.txt
new file mode 100644
index 0000000..70dfcd2
--- /dev/null
+++ b/tests/su/02/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+# /etc/profile is empty to avoid interferences.
diff --git a/tests/su/02/config/etc/group b/tests/su/02/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/02/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/02/config/etc/gshadow b/tests/su/02/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/02/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/02/config/etc/passwd b/tests/su/02/config/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/su/02/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/02/config/etc/profile b/tests/su/02/config/etc/profile
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/02/config/etc/profile
diff --git a/tests/su/02/config/etc/shadow b/tests/su/02/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/02/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/02/env_FOO-options_ b/tests/su/02/env_FOO-options_
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_- b/tests/su/02/env_FOO-options_-
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_--login b/tests/su/02/env_FOO-options_--login
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_--login
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_--login.exp b/tests/su/02/env_FOO-options_--login.exp
new file mode 100755
index 0000000..8cd7679
--- /dev/null
+++ b/tests/su/02/env_FOO-options_--login.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# su --login, make a login shell
+#
+#=============================================================================
+send "/bin/su --login $command myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be empty"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options_--login_bash b/tests/su/02/env_FOO-options_--login_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_--login_bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_--preserve-environment b/tests/su/02/env_FOO-options_--preserve-environment
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_--preserve-environment
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_--preserve-environment.exp b/tests/su/02/env_FOO-options_--preserve-environment.exp
new file mode 100755
index 0000000..88932bb
--- /dev/null
+++ b/tests/su/02/env_FOO-options_--preserve-environment.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# su --preserve-environment, as for regular su, environment is preserved
+#
+#=============================================================================
+send "/bin/su $command -m myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be 'bar'"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"bar\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options_--preserve-environment_bash b/tests/su/02/env_FOO-options_--preserve-environment_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_--preserve-environment_bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-.exp b/tests/su/02/env_FOO-options_-.exp
new file mode 100755
index 0000000..6ba3e00
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# su -, make a login shell
+#
+#=============================================================================
+send "/bin/su - $command myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be empty"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options_-_bash b/tests/su/02/env_FOO-options_-_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-_bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-l b/tests/su/02/env_FOO-options_-l
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-l
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-l-m b/tests/su/02/env_FOO-options_-l-m
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-l-m
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-l-m.exp b/tests/su/02/env_FOO-options_-l-m.exp
new file mode 100755
index 0000000..8b187a6
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-l-m.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# su -l -m, make a login shell, but preserve environment
+#
+#=============================================================================
+send "/bin/su -l -m $command myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be 'bar'"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"bar\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options_-l-m_bash b/tests/su/02/env_FOO-options_-l-m_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-l-m_bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-l.exp b/tests/su/02/env_FOO-options_-l.exp
new file mode 100755
index 0000000..a23f8c4
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-l.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# su -l, make a login shell
+#
+#=============================================================================
+send "/bin/su - $command myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be empty"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options_-l_bash b/tests/su/02/env_FOO-options_-l_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-l_bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-m b/tests/su/02/env_FOO-options_-m
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-m
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-m.exp b/tests/su/02/env_FOO-options_-m.exp
new file mode 100755
index 0000000..061aacb
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-m.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# su -m, as for regular su, environment is preserved
+#
+#=============================================================================
+send "/bin/su $command -m myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be 'bar'"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"bar\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options_-m_bash b/tests/su/02/env_FOO-options_-m_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-m_bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-p b/tests/su/02/env_FOO-options_-p
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-p
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-p- b/tests/su/02/env_FOO-options_-p-
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-p-
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-p-.exp b/tests/su/02/env_FOO-options_-p-.exp
new file mode 100755
index 0000000..fc84896
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-p-.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# su -p -, make a login shell, but preserve environment
+#
+#=============================================================================
+send "/bin/su -p $command - myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be 'bar'"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"bar\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options_-p-_bash b/tests/su/02/env_FOO-options_-p-_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-p-_bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_-p.exp b/tests/su/02/env_FOO-options_-p.exp
new file mode 100755
index 0000000..061aacb
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-p.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# su -m, as for regular su, environment is preserved
+#
+#=============================================================================
+send "/bin/su $command -m myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be 'bar'"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"bar\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options_-p_bash b/tests/su/02/env_FOO-options_-p_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options_-p_bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_FOO-options_.exp b/tests/su/02/env_FOO-options_.exp
new file mode 100755
index 0000000..ff87b2e
--- /dev/null
+++ b/tests/su/02/env_FOO-options_.exp
@@ -0,0 +1,48 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export FOO=bar\r"
+expect "# "
+
+#=============================================================================
+#
+# Regular su, preserve environment
+#
+#=============================================================================
+send "/bin/su myuser $command\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# FOO should be 'bar'"
+send "\r"
+expect "$ "
+
+send "echo \"FOO=\\\"\$FOO\\\"\"\r"
+expect "FOO=\"bar\"\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_FOO-options__bash b/tests/su/02/env_FOO-options__bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_FOO-options__bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_special-options_ b/tests/su/02/env_special-options_
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special-options_
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_special-options_-l b/tests/su/02/env_special-options_-l
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special-options_-l
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_special-options_-l-p b/tests/su/02/env_special-options_-l-p
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special-options_-l-p
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_special-options_-l-p.exp b/tests/su/02/env_special-options_-l-p.exp
new file mode 100755
index 0000000..15c10b6
--- /dev/null
+++ b/tests/su/02/env_special-options_-l-p.exp
@@ -0,0 +1,55 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "# "
+
+#=============================================================================
+#
+# su -m -l, make a login shell, but preserve environment
+# However, PATH is not preserved, but set to what it would be with login
+#
+#=============================================================================
+send "/bin/su -p $command -l myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# Even with -p, PATH is reset"
+send "\r"
+expect "$ "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games\"\r"
+expect "$ "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/root'root'root'/bin/bash'\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_special-options_-l-p_bash b/tests/su/02/env_special-options_-l-p_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special-options_-l-p_bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_special-options_-l.exp b/tests/su/02/env_special-options_-l.exp
new file mode 100755
index 0000000..75df5dc
--- /dev/null
+++ b/tests/su/02/env_special-options_-l.exp
@@ -0,0 +1,54 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "# "
+
+#=============================================================================
+#
+# su -l, make a login shell
+#
+#=============================================================================
+send "/bin/su - $command myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# PATH should be '/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games'"
+send "\r"
+expect "$ "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games\"\r"
+expect "$ "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/home/'myuser'myuser'/bin/sh'\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_special-options_-l_bash b/tests/su/02/env_special-options_-l_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special-options_-l_bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_special-options_-p b/tests/su/02/env_special-options_-p
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special-options_-p
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_special-options_-p.exp b/tests/su/02/env_special-options_-p.exp
new file mode 100755
index 0000000..3a7143c
--- /dev/null
+++ b/tests/su/02/env_special-options_-p.exp
@@ -0,0 +1,56 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect -re "PATH=\"(.*)\"\r" {set PATH $expect_out(1,string)}
+send_user "PATH='$PATH'"
+expect "# "
+
+#=============================================================================
+#
+# su -m, as for regular su, environment is preserved
+#
+#=============================================================================
+send "/bin/su $command -m myuser\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# Even with -p, PATH is reset"
+send "\r"
+expect "$ "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games\"\r"
+expect "$ "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/root'root'root'/bin/bash'\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_special-options_-p_bash b/tests/su/02/env_special-options_-p_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special-options_-p_bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_special-options_.exp b/tests/su/02/env_special-options_.exp
new file mode 100755
index 0000000..63d70e1
--- /dev/null
+++ b/tests/su/02/env_special-options_.exp
@@ -0,0 +1,55 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "# "
+
+#=============================================================================
+#
+# Regular su, preserve environment
+# However, PATH is reset
+#
+#=============================================================================
+send "/bin/su myuser $command\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# PATH should be '/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games'"
+send "\r"
+expect "$ "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games\"\r"
+expect "$ "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/home/'myuser'myuser'/bin/sh'\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_special-options__bash b/tests/su/02/env_special-options__bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special-options__bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_special_root-options_ b/tests/su/02/env_special_root-options_
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special_root-options_
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_special_root-options_-l b/tests/su/02/env_special_root-options_-l
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-l
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_special_root-options_-l-p b/tests/su/02/env_special_root-options_-l-p
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-l-p
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_special_root-options_-l-p.exp b/tests/su/02/env_special_root-options_-l-p.exp
new file mode 100755
index 0000000..8ddae3d
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-l-p.exp
@@ -0,0 +1,57 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "# "
+
+#=============================================================================
+#
+# su -l -p root, make a login shell, but preserve environment
+# However, PATH is not preserved, but set to what it would be with login
+# for root
+#
+#=============================================================================
+send "/bin/su -p $command - root\r"
+expect "# "
+
+send "id\n"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send_user "\n# Even with -p, PATH is reset"
+send "\r"
+expect "# "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\r"
+expect "# "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/root'root'root'/bin/bash'\r"
+expect "# "
+
+send "exit\r"
+expect "# "
+
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_special_root-options_-l-p_bash b/tests/su/02/env_special_root-options_-l-p_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-l-p_bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_special_root-options_-l.exp b/tests/su/02/env_special_root-options_-l.exp
new file mode 100755
index 0000000..6a58849
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-l.exp
@@ -0,0 +1,54 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "# "
+
+#=============================================================================
+#
+# su -l root, make a login shell
+#
+#=============================================================================
+send "/bin/su $command -l root\r"
+expect "# "
+
+send "id\n"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send_user "\n# PATH should be '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'"
+send "\r"
+expect "# "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\r"
+expect "# "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/root'root'root'/bin/bash'\r"
+expect "# "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_special_root-options_-l_bash b/tests/su/02/env_special_root-options_-l_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-l_bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_special_root-options_-p b/tests/su/02/env_special_root-options_-p
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-p
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_special_root-options_-p.exp b/tests/su/02/env_special_root-options_-p.exp
new file mode 100755
index 0000000..453c02c
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-p.exp
@@ -0,0 +1,56 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect -re "PATH=\"(.*)\"\r" {set PATH $expect_out(1,string)}
+send_user "PATH='$PATH'"
+expect "# "
+
+#=============================================================================
+#
+# su -p root, as for regular su, environment is preserved
+#
+#=============================================================================
+send "/bin/su $command -m\r"
+expect "# "
+
+send "id\n"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send_user "\n# Even with -p, PATH is reset"
+send "\r"
+expect "# "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\r"
+expect "# "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/root'root'root'/bin/bash'\r"
+expect "# "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_special_root-options_-p_bash b/tests/su/02/env_special_root-options_-p_bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special_root-options_-p_bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/env_special_root-options_.exp b/tests/su/02/env_special_root-options_.exp
new file mode 100755
index 0000000..0b86452
--- /dev/null
+++ b/tests/su/02/env_special_root-options_.exp
@@ -0,0 +1,55 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "# "
+
+#=============================================================================
+#
+# Regular su to root, preserve environment
+# However, PATH is reset
+#
+#=============================================================================
+send "/bin/su $command\r"
+expect "# "
+
+send "id\n"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send_user "\n# PATH should be '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'"
+send "\r"
+expect "# "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\r"
+expect "# "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/root'root'root'/bin/bash'\r"
+expect "# "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/02/env_special_root-options__bash b/tests/su/02/env_special_root-options__bash
new file mode 120000
index 0000000..11a6d1a
--- /dev/null
+++ b/tests/su/02/env_special_root-options__bash
@@ -0,0 +1 @@
+run_env_test.sh
\ No newline at end of file
diff --git a/tests/su/02/run_env_test.sh b/tests/su/02/run_env_test.sh
new file mode 100755
index 0000000..525d619
--- /dev/null
+++ b/tests/su/02/run_env_test.sh
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+testname=$(basename $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+command=""
+
+case  "$testname" in
+	*_bash)
+		log_start "$0" "propagation of environment variable FOO in command bash: $testname"
+		testname=$(echo "$testname" | sed -s 's/_bash$//')
+		command="-c bash"
+		echo testname: $testname
+		;;
+	*)
+		log_start "$0" "propagation of environment variable FOO: $test"
+		;;
+esac
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+"./$testname.exp" "$command"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/config/etc/group b/tests/su/03/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/03/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/03/config/etc/gshadow b/tests/su/03/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/03/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/03/config/etc/passwd b/tests/su/03/config/etc/passwd
new file mode 100644
index 0000000..eabf509
--- /dev/null
+++ b/tests/su/03/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:
+testsuite::424242:424242::/home/:
diff --git a/tests/su/03/config/etc/shadow b/tests/su/03/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/03/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/03/data/ls.out b/tests/su/03/data/ls.out
new file mode 100644
index 0000000..ee19d5d
--- /dev/null
+++ b/tests/su/03/data/ls.out
@@ -0,0 +1 @@
+etc
diff --git a/tests/su/03/su_run_command01.test b/tests/su/03/su_run_command01.test
new file mode 100755
index 0000000..776d43f
--- /dev/null
+++ b/tests/su/03/su_run_command01.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands: su myuser -c 'ls config'"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su myuser -c 'ls config'> tmp/out 2> tmp/err"
+/bin/su myuser -c 'ls config'> tmp/out 2> tmp/err
+
+echo "su reported:"
+echo "=== stdout ==="
+cat tmp/out
+echo "=== stderr ==="
+cat tmp/err
+echo "=============="
+
+echo -n "Checking tmp/out..."
+diff -au data/ls.out tmp/out
+rm -f tmp/out
+echo "OK"
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command02.test b/tests/su/03/su_run_command02.test
new file mode 100755
index 0000000..ff0c434
--- /dev/null
+++ b/tests/su/03/su_run_command02.test
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands: su -- myuser -c 'ls config'"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -- myuser -c 'ls config'> tmp/out 2> tmp/err"
+/bin/su -- myuser -c 'ls config'> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+diff -au data/ls.out tmp/out
+rm -f tmp/out
+echo "OK"
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command03.test b/tests/su/03/su_run_command03.test
new file mode 100755
index 0000000..2abde6a
--- /dev/null
+++ b/tests/su/03/su_run_command03.test
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands: su myuser -- -c 'ls config'"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su myuser -- -c 'ls config'> tmp/out 2> tmp/err"
+/bin/su myuser -- -c 'ls config'> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+diff -au data/ls.out tmp/out
+rm -f tmp/out
+echo "OK"
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command04.test b/tests/su/03/su_run_command04.test
new file mode 100755
index 0000000..c2a09c2
--- /dev/null
+++ b/tests/su/03/su_run_command04.test
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands: su -c 'ls config' myuser"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -c 'ls config' myuser> tmp/out 2> tmp/err"
+/bin/su -c 'ls config' myuser> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+diff -au data/ls.out tmp/out
+rm -f tmp/out
+echo "OK"
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command05.test b/tests/su/03/su_run_command05.test
new file mode 100755
index 0000000..f7d278b
--- /dev/null
+++ b/tests/su/03/su_run_command05.test
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands: su -c 'ls config' -- myuser"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -c 'ls config' -- myuser> tmp/out 2> tmp/err"
+/bin/su -c 'ls config' -- myuser> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+diff -au data/ls.out tmp/out
+rm -f tmp/out
+echo "OK"
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command06.test b/tests/su/03/su_run_command06.test
new file mode 100755
index 0000000..146af83
--- /dev/null
+++ b/tests/su/03/su_run_command06.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su myuser -c pwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su myuser -c pwd> tmp/out 2> tmp/err"
+/bin/su myuser -c pwd> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+	*/su/03)
+		echo "OK"
+		;;
+	*)
+		echo "FAIL"
+		echo "working directory: '$(cat tmp/out)' instead of '.../su/03'"
+		rm -f tmp/out
+		false
+		;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command07.test b/tests/su/03/su_run_command07.test
new file mode 100755
index 0000000..9f08c2a
--- /dev/null
+++ b/tests/su/03/su_run_command07.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su - myuser -c pwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su - myuser -c pwd> tmp/out 2> tmp/err"
+/bin/su - myuser -c pwd> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+	/home)
+		echo "OK"
+		;;
+	*)
+		echo "FAIL"
+		echo "working directory: '$(cat tmp/out)' instead of '/home'"
+		rm -f tmp/out
+		false
+		;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command08.test b/tests/su/03/su_run_command08.test
new file mode 100755
index 0000000..51b8bab
--- /dev/null
+++ b/tests/su/03/su_run_command08.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su - -- myuser -c pwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su - -- myuser -c pwd> tmp/out 2> tmp/err"
+/bin/su - -- myuser -c pwd> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+	/home)
+		echo "OK"
+		;;
+	*)
+		echo "FAIL"
+		echo "working directory: '$(cat tmp/out)' instead of '/home'"
+		rm -f tmp/out
+		false
+		;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command09.test b/tests/su/03/su_run_command09.test
new file mode 100755
index 0000000..d24df2c
--- /dev/null
+++ b/tests/su/03/su_run_command09.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su - myuser -- -c pwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su - myuser -- -c pwd> tmp/out 2> tmp/err"
+/bin/su - myuser -- -c pwd> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+	/home)
+		echo "OK"
+		;;
+	*)
+		echo "FAIL"
+		echo "working directory: '$(cat tmp/out)' instead of '/home'"
+		rm -f tmp/out
+		false
+		;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command10.test b/tests/su/03/su_run_command10.test
new file mode 100755
index 0000000..c74f79f
--- /dev/null
+++ b/tests/su/03/su_run_command10.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su -l myuser -c pwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -l myuser -c pwd> tmp/out 2> tmp/err"
+/bin/su -l myuser -c pwd> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+	/home)
+		echo "OK"
+		;;
+	*)
+		echo "FAIL"
+		echo "working directory: '$(cat tmp/out)' instead of '/home'"
+		rm -f tmp/out
+		false
+		;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command11.test b/tests/su/03/su_run_command11.test
new file mode 100755
index 0000000..8a6311b
--- /dev/null
+++ b/tests/su/03/su_run_command11.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su --login -- myuser -c pwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su --login -- myuser -c pwd> tmp/out 2> tmp/err"
+/bin/su --login -- myuser -c pwd> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+	/home)
+		echo "OK"
+		;;
+	*)
+		echo "FAIL"
+		echo "working directory: '$(cat tmp/out)' instead of '/home'"
+		rm -f tmp/out
+		false
+		;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command12.test b/tests/su/03/su_run_command12.test
new file mode 100755
index 0000000..6ac4f20
--- /dev/null
+++ b/tests/su/03/su_run_command12.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su -l myuser -- -c pwd"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -l myuser -- -c pwd> tmp/out 2> tmp/err"
+/bin/su -l myuser -- -c pwd> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+	/home)
+		echo "OK"
+		;;
+	*)
+		echo "FAIL"
+		echo "working directory: '$(cat tmp/out)' instead of '/home'"
+		rm -f tmp/out
+		false
+		;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command13.test b/tests/su/03/su_run_command13.test
new file mode 100755
index 0000000..c52dd93
--- /dev/null
+++ b/tests/su/03/su_run_command13.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su -p -c pwd -- - myuser"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -p -c pwd -- - myuser> tmp/out 2> tmp/err"
+/bin/su -p -c pwd -- - myuser> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+	*/su/03)
+		echo "OK"
+		;;
+	*)
+		echo "FAIL"
+		echo "working directory: '$(cat tmp/out)' instead of '.../su/03'"
+		rm -f tmp/out
+		false
+		;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || {
+	echo "FAIL"
+	echo "tmp/err is not empty:"
+	cat tmp/err
+	false
+}
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command14.test b/tests/su/03/su_run_command14.test
new file mode 100755
index 0000000..82f2927
--- /dev/null
+++ b/tests/su/03/su_run_command14.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su -p -c pwd - myuser"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -p -c pwd - myuser> tmp/out 2> tmp/err"
+/bin/su -p -c pwd - myuser> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+	*/su/03)
+		echo "OK"
+		;;
+	*)
+		echo "FAIL"
+		echo "working directory: '$(cat tmp/out)' instead of '.../su/03'"
+		rm -f tmp/out
+		false
+		;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command15.test b/tests/su/03/su_run_command15.test
new file mode 100755
index 0000000..7e34e48
--- /dev/null
+++ b/tests/su/03/su_run_command15.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su -c pwd -p - myuser"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -c pwd -p - myuser> tmp/out 2> tmp/err"
+/bin/su -c pwd -p - myuser> tmp/out 2> tmp/err
+
+echo "su reported:"
+echo "=== stdout ==="
+cat tmp/out
+echo "=== stderr ==="
+cat tmp/err
+echo "=============="
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+	*/su/03)
+		echo "OK"
+		;;
+	*)
+		echo "FAIL"
+		echo "working directory: '$(cat tmp/out)' instead of '.../su/03'"
+		rm -f tmp/out
+		false
+		;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command16.test b/tests/su/03/su_run_command16.test
new file mode 100755
index 0000000..4fbe1af
--- /dev/null
+++ b/tests/su/03/su_run_command16.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su -c pwd - -p myuser"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -c pwd - -p myuser> tmp/out 2> tmp/err"
+/bin/su -c pwd - -p myuser> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+	*/su/03)
+		echo "OK"
+		;;
+	*)
+		echo "FAIL"
+		echo "working directory: '$(cat tmp/out)' instead of '.../su/03'"
+		rm -f tmp/out
+		false
+		;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/03/su_run_command17.test b/tests/su/03/su_run_command17.test
new file mode 100755
index 0000000..c1f15c5
--- /dev/null
+++ b/tests/su/03/su_run_command17.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "Running commands (check working directory): su -c pwd - myuser -p"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su -c pwd - myuser -p> tmp/out 2> tmp/err"
+/bin/su -c pwd - myuser -p> tmp/out 2> tmp/err
+
+echo -n "Checking tmp/out..."
+case "$(cat tmp/out)" in
+	*/su/03)
+		echo "OK"
+		;;
+	*)
+		echo "FAIL"
+		echo "working directory: '$(cat tmp/out)' instead of '.../su/03'"
+		rm -f tmp/out
+		false
+		;;
+esac
+rm -f tmp/out
+
+echo -n "Checking tmp/err..."
+[ "$(wc -c tmp/err)" = "0 tmp/err" ] || false
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/04/config.txt b/tests/su/04/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/04/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/04/config/etc/group b/tests/su/04/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/04/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/04/config/etc/gshadow b/tests/su/04/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/04/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/04/config/etc/login.defs b/tests/su/04/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/su/04/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/04/config/etc/passwd b/tests/su/04/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/04/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/04/config/etc/shadow b/tests/su/04/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/04/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/04/config/var/log/auth.log b/tests/su/04/config/var/log/auth.log
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/04/config/var/log/auth.log
diff --git a/tests/su/04/data/wrong_user.err b/tests/su/04/data/wrong_user.err
new file mode 100644
index 0000000..774438e
--- /dev/null
+++ b/tests/su/04/data/wrong_user.err
@@ -0,0 +1 @@
+No passwd entry for user 'myuser2'
diff --git a/tests/su/04/run_su_failed.exp b/tests/su/04/run_su_failed.exp
new file mode 100755
index 0000000..3ef2443
--- /dev/null
+++ b/tests/su/04/run_su_failed.exp
@@ -0,0 +1,58 @@
+#!/usr/bin/expect
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+	puts "usage: run_su.exp <user> <password> <prompt>"
+	exit 1
+}
+
+set user     [lindex $argv 0]
+set password [lindex $argv 1]
+set prompt   [lindex $argv 2]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the passwordless 'testsuite' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su testsuite
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'testsuite'"
+send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424243(testsuite) gid=424243 groups=424243\r"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now switch to user '$user'\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "su $user\r"		;# Switch to the user
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (su is not ready to receive the password)
+sleep 0.1
+
+send "$password\r"		;# Send the password
+
+send_user "\n# password '$password' sent\n\n"
+send_user "# expect failure"
+
+expect "su: Authentication failure\r"
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n# make sure we are still 'testsuite'"
+send "\r"			;# restore the prompt for the logs
+expect "$ "			;# Wait for the prompt
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424243(testsuite) gid=424243 groups=424243\r"
+expect "$ "			;# Wait for the prompt
+send "exit\r"
+puts "\nPASS"
+exit 0
diff --git a/tests/su/04/su_user_wrong_passwd.test b/tests/su/04/su_user_wrong_passwd.test
new file mode 100755
index 0000000..757f0f1
--- /dev/null
+++ b/tests/su/04/su_user_wrong_passwd.test
@@ -0,0 +1,24 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to a non-root user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su_failed.exp myuser myuserF00barbaz_wrongpass '$ '
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/04/su_user_wrong_passwd_syslog.test b/tests/su/04/su_user_wrong_passwd_syslog.test
new file mode 100755
index 0000000..6c6a55d
--- /dev/null
+++ b/tests/su/04/su_user_wrong_passwd_syslog.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to a non-root user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su_failed.exp myuser myuserF00barbaz_wrongpass '$ '
+
+echo
+
+echo -n "Syncing disks..."
+sync
+echo "OK"
+echo "auth.log contains:"
+echo "======================================================================="
+cat /var/log/auth.log
+echo "======================================================================="
+echo -n "Looking for 'FAILED su for myuser by testsuite' in /var/log/auth.log..."
+grep -q "FAILED su for myuser by testsuite" /var/log/auth.log
+echo "OK"
+echo -n "Looking for '- pts/[0-9]+ testsuite:myuser' in /var/log/auth.log..."
+grep -q -E "\- /dev/pts/[0-9]+ testsuite:myuser" /var/log/auth.log
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/04/su_wrong_user.test b/tests/su/04/su_wrong_user.test
new file mode 100755
index 0000000..96b4dc3
--- /dev/null
+++ b/tests/su/04/su_wrong_user.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+
+log_start "$0" "su with a wrong user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo "/bin/su myuser2 -c pwd> tmp/out 2> tmp/err"
+/bin/su myuser2 -c pwd> tmp/out 2> tmp/err || {
+	status=$?
+}
+
+echo -n "Checking status=1..."
+test "$status" = "1"
+echo OK
+
+echo -n "Checking tmp/out..."
+[ "$(wc -c tmp/out)" = "0 tmp/out" ] || {
+	echo "FAIL"
+	echo "tmp/out is not empty:"
+	cat tmp/out
+	false
+}
+rm -f tmp/out
+echo "OK"
+
+echo -n "Checking tmp/err..."
+diff -au data/wrong_user.err tmp/err 
+rm -f tmp/err
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/05/config.txt b/tests/su/05/config.txt
new file mode 100644
index 0000000..e70e04e
--- /dev/null
+++ b/tests/su/05/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+#
+# Same config as 04, with SYSLOG_SU_ENAB set to "no"
diff --git a/tests/su/05/config/etc/group b/tests/su/05/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/05/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/05/config/etc/gshadow b/tests/su/05/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/05/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/05/config/etc/login.defs b/tests/su/05/config/etc/login.defs
new file mode 100644
index 0000000..9194c83
--- /dev/null
+++ b/tests/su/05/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		no
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/05/config/etc/passwd b/tests/su/05/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/05/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/05/config/etc/shadow b/tests/su/05/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/05/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/05/config/var/log/auth.log b/tests/su/05/config/var/log/auth.log
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/05/config/var/log/auth.log
diff --git a/tests/su/05/run_su_failed.exp b/tests/su/05/run_su_failed.exp
new file mode 100755
index 0000000..3ef2443
--- /dev/null
+++ b/tests/su/05/run_su_failed.exp
@@ -0,0 +1,58 @@
+#!/usr/bin/expect
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+	puts "usage: run_su.exp <user> <password> <prompt>"
+	exit 1
+}
+
+set user     [lindex $argv 0]
+set password [lindex $argv 1]
+set prompt   [lindex $argv 2]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the passwordless 'testsuite' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su testsuite
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'testsuite'"
+send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424243(testsuite) gid=424243 groups=424243\r"
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now switch to user '$user'\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "su $user\r"		;# Switch to the user
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (su is not ready to receive the password)
+sleep 0.1
+
+send "$password\r"		;# Send the password
+
+send_user "\n# password '$password' sent\n\n"
+send_user "# expect failure"
+
+expect "su: Authentication failure\r"
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n# make sure we are still 'testsuite'"
+send "\r"			;# restore the prompt for the logs
+expect "$ "			;# Wait for the prompt
+send "id\r"			;# Verify we are really testsuite
+
+expect "uid=424243(testsuite) gid=424243 groups=424243\r"
+expect "$ "			;# Wait for the prompt
+send "exit\r"
+puts "\nPASS"
+exit 0
diff --git a/tests/su/05/su_user_wrong_passwd_syslog.test b/tests/su/05/su_user_wrong_passwd_syslog.test
new file mode 100755
index 0000000..339e6ff
--- /dev/null
+++ b/tests/su/05/su_user_wrong_passwd_syslog.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to a non-root user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su_failed.exp myuser myuserF00barbaz_wrongpass '$ '
+
+echo
+
+echo -n "Syncing disks..."
+sync
+echo "OK"
+echo "auth.log contains:"
+echo "======================================================================="
+cat /var/log/auth.log
+echo "======================================================================="
+echo -n "Looking for 'FAILED su for myuser by testsuite' in /var/log/auth.log..."
+grep -q "FAILED su for myuser by testsuite" /var/log/auth.log
+echo "OK"
+echo -n "'- pts/[0-9]+ testsuite:myuser' should not be logged in /var/log/auth.log..."
+grep -v -q -E "\- pts/[0-9]+ testsuite:myuser" /var/log/auth.log
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/06/config.txt b/tests/su/06/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/06/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/06/config/etc/group b/tests/su/06/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/06/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/06/config/etc/gshadow b/tests/su/06/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/06/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/06/config/etc/login.defs b/tests/su/06/config/etc/login.defs
new file mode 100644
index 0000000..84fb3cc
--- /dev/null
+++ b/tests/su/06/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/06/config/etc/passwd b/tests/su/06/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/06/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/06/config/etc/shadow b/tests/su/06/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/06/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/06/config/var/log/auth.log b/tests/su/06/config/var/log/auth.log
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/06/config/var/log/auth.log
diff --git a/tests/su/06/run_su.exp b/tests/su/06/run_su.exp
new file mode 100755
index 0000000..2610363
--- /dev/null
+++ b/tests/su/06/run_su.exp
@@ -0,0 +1,73 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+	puts "usage: run_su.exp <user> <password> <prompt>"
+	exit 1
+}
+
+set user     [lindex $argv 0]
+set password [lindex $argv 1]
+set prompt   [lindex $argv 2]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the passwordless 'testsuite' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su testsuite
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'testsuite'"
+send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect {
+	timeout {
+		puts "\ntimeout...FAIL"
+		exit 1
+	}
+	"uid=424243(testsuite) gid=424243 groups=424243"
+}
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now switch to user '$user'\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "su $user\r"		;# Switch to the user
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (su is not ready to receive the password)
+sleep 0.1
+
+send "$password\r"		;# Send the password
+
+send_user "\n# password '$password' sent\n\n"
+send_user "# expect prompt '$prompt'"
+
+expect {
+	# Wait for the new prompt
+	"$prompt" {
+		send_user "\n\n# make sure we are '$user'\n"
+		send_user "# id should return '($user).*($user).*($user)"
+		send "\r"	;# restore the prompt for the logs
+		send "id\r"	;# Verify the id
+
+		expect {
+			-re "\\($user\\).*\\($user\\).*\\($user\\)" {
+				expect "$prompt"
+				send "exit\r"
+				expect "$ "
+				puts "\nPASS"
+				exit 0
+			}
+		}
+	}
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/su/06/su_user_syslog.test b/tests/su/06/su_user_syslog.test
new file mode 100755
index 0000000..50ca92e
--- /dev/null
+++ b/tests/su/06/su_user_syslog.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to a non-root user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su.exp myuser myuserF00barbaz '$ '
+
+echo
+echo -n "Syncing disks..."
+sync
+echo "OK"
+echo "auth.log contains:"
+echo "======================================================================="
+cat /var/log/auth.log
+echo "======================================================================="
+echo -n "Looking for 'Successful su for myuser by testsuite' in /var/log/auth.log..."
+grep -q "Successful su for myuser by testsuite" /var/log/auth.log
+echo "OK"
+echo -n "Looking for '+ pts/[0-9]+ tstsuite:myuser' in /var/log/auth.log..."
+grep -q -E "\+ /dev/pts/[0-9]+ testsuite:myuser" /var/log/auth.log
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/07/config.txt b/tests/su/07/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/07/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/07/config/etc/group b/tests/su/07/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/07/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/07/config/etc/gshadow b/tests/su/07/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/07/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/07/config/etc/login.defs b/tests/su/07/config/etc/login.defs
new file mode 100644
index 0000000..9194c83
--- /dev/null
+++ b/tests/su/07/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		no
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/07/config/etc/passwd b/tests/su/07/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/07/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/07/config/etc/shadow b/tests/su/07/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/07/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/07/config/var/log/auth.log b/tests/su/07/config/var/log/auth.log
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/07/config/var/log/auth.log
diff --git a/tests/su/07/run_su.exp b/tests/su/07/run_su.exp
new file mode 100755
index 0000000..2610363
--- /dev/null
+++ b/tests/su/07/run_su.exp
@@ -0,0 +1,73 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+	puts "usage: run_su.exp <user> <password> <prompt>"
+	exit 1
+}
+
+set user     [lindex $argv 0]
+set password [lindex $argv 1]
+set prompt   [lindex $argv 2]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the passwordless 'testsuite' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su testsuite
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'testsuite'"
+send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect {
+	timeout {
+		puts "\ntimeout...FAIL"
+		exit 1
+	}
+	"uid=424243(testsuite) gid=424243 groups=424243"
+}
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now switch to user '$user'\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "su $user\r"		;# Switch to the user
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (su is not ready to receive the password)
+sleep 0.1
+
+send "$password\r"		;# Send the password
+
+send_user "\n# password '$password' sent\n\n"
+send_user "# expect prompt '$prompt'"
+
+expect {
+	# Wait for the new prompt
+	"$prompt" {
+		send_user "\n\n# make sure we are '$user'\n"
+		send_user "# id should return '($user).*($user).*($user)"
+		send "\r"	;# restore the prompt for the logs
+		send "id\r"	;# Verify the id
+
+		expect {
+			-re "\\($user\\).*\\($user\\).*\\($user\\)" {
+				expect "$prompt"
+				send "exit\r"
+				expect "$ "
+				puts "\nPASS"
+				exit 0
+			}
+		}
+	}
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/su/07/su_user_syslog.test b/tests/su/07/su_user_syslog.test
new file mode 100755
index 0000000..3c84121
--- /dev/null
+++ b/tests/su/07/su_user_syslog.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to a non-root user"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su.exp myuser myuserF00barbaz '$ '
+
+echo
+echo -n "Syncing disks..."
+sync
+echo "OK"
+echo "auth.log contains:"
+echo "======================================================================="
+cat /var/log/auth.log
+echo "======================================================================="
+echo -n "Looking for 'Successful su for myuser by testsuite' in /var/log/auth.log..."
+grep -q "Successful su for myuser by testsuite" /var/log/auth.log
+echo "OK"
+echo -n "Looking for '+ pts/[0-9]+ tstsuite:myuser' in /var/log/auth.log..."
+grep -v -q -E "\+ pts/[0-9]+ testsuite:myuser" /var/log/auth.log
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/08/config.txt b/tests/su/08/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/08/config.txt
diff --git a/tests/su/08/config/etc/group b/tests/su/08/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/08/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/08/config/etc/gshadow b/tests/su/08/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/08/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/08/config/etc/login.defs b/tests/su/08/config/etc/login.defs
new file mode 100644
index 0000000..76d8ddb
--- /dev/null
+++ b/tests/su/08/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/08/config/etc/passwd b/tests/su/08/config/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/su/08/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/08/config/etc/shadow b/tests/su/08/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/08/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/08/env_special-options_ b/tests/su/08/env_special-options_
new file mode 120000
index 0000000..6371937
--- /dev/null
+++ b/tests/su/08/env_special-options_
@@ -0,0 +1 @@
+../02/env_special-options_
\ No newline at end of file
diff --git a/tests/su/08/env_special-options_.exp b/tests/su/08/env_special-options_.exp
new file mode 120000
index 0000000..29a97c5
--- /dev/null
+++ b/tests/su/08/env_special-options_.exp
@@ -0,0 +1 @@
+../02/env_special-options_.exp
\ No newline at end of file
diff --git a/tests/su/08/env_special_root-options_ b/tests/su/08/env_special_root-options_
new file mode 120000
index 0000000..0494b21
--- /dev/null
+++ b/tests/su/08/env_special_root-options_
@@ -0,0 +1 @@
+../02/env_special_root-options_
\ No newline at end of file
diff --git a/tests/su/08/env_special_root-options_.exp b/tests/su/08/env_special_root-options_.exp
new file mode 120000
index 0000000..c306c0a
--- /dev/null
+++ b/tests/su/08/env_special_root-options_.exp
@@ -0,0 +1 @@
+../02/env_special_root-options_.exp
\ No newline at end of file
diff --git a/tests/su/09/config.txt b/tests/su/09/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/09/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/09/config/etc/group b/tests/su/09/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/09/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/09/config/etc/gshadow b/tests/su/09/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/09/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/09/config/etc/login.defs b/tests/su/09/config/etc/login.defs
new file mode 100644
index 0000000..8605f43
--- /dev/null
+++ b/tests/su/09/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+#ENV_SUPATH	/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+#ENV_PATH	/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/09/config/etc/passwd b/tests/su/09/config/etc/passwd
new file mode 100644
index 0000000..9bdeb8c
--- /dev/null
+++ b/tests/su/09/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home/:/bin/sh
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/09/config/etc/shadow b/tests/su/09/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/09/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/09/env_special-options_ b/tests/su/09/env_special-options_
new file mode 120000
index 0000000..6371937
--- /dev/null
+++ b/tests/su/09/env_special-options_
@@ -0,0 +1 @@
+../02/env_special-options_
\ No newline at end of file
diff --git a/tests/su/09/env_special-options_.exp b/tests/su/09/env_special-options_.exp
new file mode 100755
index 0000000..66f13fd
--- /dev/null
+++ b/tests/su/09/env_special-options_.exp
@@ -0,0 +1,55 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "# "
+
+#=============================================================================
+#
+# Regular su, preserve environment
+# However, PATH is reset
+#
+#=============================================================================
+send "/bin/su myuser $command\r"
+expect "$ "
+
+send "id\n"
+expect "uid=424242(myuser) gid=424242(myuser) groups=424242(myuser)\r"
+expect "$ "
+
+send_user "\n# PATH should be '/bin:/usr/bin'"
+send "\r"
+expect "$ "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/bin:/usr/bin\"\r"
+expect "$ "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/home/'myuser'myuser'/bin/sh'\r"
+expect "$ "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/09/env_special_root-options_ b/tests/su/09/env_special_root-options_
new file mode 120000
index 0000000..0494b21
--- /dev/null
+++ b/tests/su/09/env_special_root-options_
@@ -0,0 +1 @@
+../02/env_special_root-options_
\ No newline at end of file
diff --git a/tests/su/09/env_special_root-options_.exp b/tests/su/09/env_special_root-options_.exp
new file mode 100755
index 0000000..a9cc1d8
--- /dev/null
+++ b/tests/su/09/env_special_root-options_.exp
@@ -0,0 +1,55 @@
+#!/usr/bin/expect
+
+if {$argc == 1} {
+	set command     [lindex $argv 0]
+} else {
+	set command     ""
+}
+
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "id\r"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send "export PATH=bar:\$PATH\r"
+expect "# "
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "# "
+
+#=============================================================================
+#
+# Regular su to root, preserve environment
+# However, PATH is reset
+#
+#=============================================================================
+send "/bin/su $command\r"
+expect "# "
+
+send "id\n"
+expect "uid=0(root) gid=0(root) groups=0(root)\r"
+expect "# "
+
+send_user "\n# PATH should be '/sbin:/bin:/usr/sbin:/usr/bin'"
+send "\r"
+expect "# "
+
+send "echo \"PATH=\\\"\$PATH\\\"\"\r"
+expect "PATH=\"/sbin:/bin:/usr/sbin:/usr/bin\"\r"
+expect "# "
+
+send "echo \"'\$HOME'\$USER'\$LOGNAME'\$SHELL'\"\r"
+expect "'/root'root'root'/bin/bash'\r"
+expect "# "
+
+send "exit\r"
+expect "# "
+
+puts "\nPASS"
+exit 0
+
diff --git a/tests/su/10_su_sulog_success/config.txt b/tests/su/10_su_sulog_success/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/10_su_sulog_success/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/10_su_sulog_success/config/etc/group b/tests/su/10_su_sulog_success/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/10_su_sulog_success/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/10_su_sulog_success/config/etc/gshadow b/tests/su/10_su_sulog_success/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/10_su_sulog_success/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/10_su_sulog_success/config/etc/login.defs b/tests/su/10_su_sulog_success/config/etc/login.defs
new file mode 100644
index 0000000..01f6718
--- /dev/null
+++ b/tests/su/10_su_sulog_success/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		no
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/10_su_sulog_success/config/etc/passwd b/tests/su/10_su_sulog_success/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/10_su_sulog_success/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/10_su_sulog_success/config/etc/shadow b/tests/su/10_su_sulog_success/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/10_su_sulog_success/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/10_su_sulog_success/config/var/log/sulog b/tests/su/10_su_sulog_success/config/var/log/sulog
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/10_su_sulog_success/config/var/log/sulog
diff --git a/tests/su/10_su_sulog_success/data/sulog b/tests/su/10_su_sulog_success/data/sulog
new file mode 100644
index 0000000..cba81e9
--- /dev/null
+++ b/tests/su/10_su_sulog_success/data/sulog
@@ -0,0 +1 @@
+2 /var/log/sulog
diff --git a/tests/su/10_su_sulog_success/run_su.exp b/tests/su/10_su_sulog_success/run_su.exp
new file mode 100755
index 0000000..2610363
--- /dev/null
+++ b/tests/su/10_su_sulog_success/run_su.exp
@@ -0,0 +1,73 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+	puts "usage: run_su.exp <user> <password> <prompt>"
+	exit 1
+}
+
+set user     [lindex $argv 0]
+set password [lindex $argv 1]
+set prompt   [lindex $argv 2]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the passwordless 'testsuite' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su testsuite
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'testsuite'"
+send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect {
+	timeout {
+		puts "\ntimeout...FAIL"
+		exit 1
+	}
+	"uid=424243(testsuite) gid=424243 groups=424243"
+}
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now switch to user '$user'\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "su $user\r"		;# Switch to the user
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (su is not ready to receive the password)
+sleep 0.1
+
+send "$password\r"		;# Send the password
+
+send_user "\n# password '$password' sent\n\n"
+send_user "# expect prompt '$prompt'"
+
+expect {
+	# Wait for the new prompt
+	"$prompt" {
+		send_user "\n\n# make sure we are '$user'\n"
+		send_user "# id should return '($user).*($user).*($user)"
+		send "\r"	;# restore the prompt for the logs
+		send "id\r"	;# Verify the id
+
+		expect {
+			-re "\\($user\\).*\\($user\\).*\\($user\\)" {
+				expect "$prompt"
+				send "exit\r"
+				expect "$ "
+				puts "\nPASS"
+				exit 0
+			}
+		}
+	}
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/su/10_su_sulog_success/su.test b/tests/su/10_su_sulog_success/su.test
new file mode 100755
index 0000000..79beb18
--- /dev/null
+++ b/tests/su/10_su_sulog_success/su.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to a non-root user"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su.exp myuser myuserF00barbaz '$ '
+
+echo -n "Check /var/log/sulog..."
+wc -l /var/log/sulog > tmp/sulog
+d=$(date +"SU %m/%d %H:%M")
+cat /var/log/sulog | \
+    egrep -v "$d \+ /dev/pts/[0-9]* root-testsuite" | \
+    egrep -v "$d \+ /dev/pts/[0-9]* testsuite-myuser" \
+        >> tmp/sulog || true
+diff -auN tmp/sulog data/sulog
+echo "OK"
+rm -f tmp/sulog
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/11_su_sulog_failure/config.txt b/tests/su/11_su_sulog_failure/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/11_su_sulog_failure/config/etc/group b/tests/su/11_su_sulog_failure/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/11_su_sulog_failure/config/etc/gshadow b/tests/su/11_su_sulog_failure/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/11_su_sulog_failure/config/etc/login.defs b/tests/su/11_su_sulog_failure/config/etc/login.defs
new file mode 100644
index 0000000..01f6718
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		no
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/11_su_sulog_failure/config/etc/passwd b/tests/su/11_su_sulog_failure/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/11_su_sulog_failure/config/etc/shadow b/tests/su/11_su_sulog_failure/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/11_su_sulog_failure/config/var/log/sulog b/tests/su/11_su_sulog_failure/config/var/log/sulog
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/config/var/log/sulog
diff --git a/tests/su/11_su_sulog_failure/data/sulog b/tests/su/11_su_sulog_failure/data/sulog
new file mode 100644
index 0000000..cba81e9
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/data/sulog
@@ -0,0 +1 @@
+2 /var/log/sulog
diff --git a/tests/su/11_su_sulog_failure/run_su.exp b/tests/su/11_su_sulog_failure/run_su.exp
new file mode 100755
index 0000000..57bb98f
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/run_su.exp
@@ -0,0 +1,67 @@
+#!/usr/bin/expect
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+if {$argc != 3} {
+	puts "usage: run_su.exp <user> <password> <prompt>"
+	exit 1
+}
+
+set user     [lindex $argv 0]
+set password [lindex $argv 1]
+set prompt   [lindex $argv 2]
+
+# First, switch to the testsuite user
+# (otherwise, no password will be asked)
+send_user "# switch to the passwordless 'testsuite' user\n"
+send_user "# and expect a '$ ' prompt\n"
+spawn /bin/su testsuite
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n# make sure we are now 'testsuite'"
+send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'"
+send "\r"			;# restore the prompt for the logs
+send "id\r"			;# Verify we are really testsuite
+
+expect {
+	timeout {
+		puts "\ntimeout...FAIL"
+		exit 1
+	}
+	"uid=424243(testsuite) gid=424243 groups=424243"
+}
+
+expect "$ "			;# Wait for the prompt
+
+send_user "\n\n"
+send_user "# now switch to user '$user'\n"
+send_user "# and expect a password prompt"
+send "\r"			;# restore the prompt for the logs
+send "su $user\r"		;# Switch to the user
+expect "Password: "		;# Wait for the Password: prompt
+# Wait a little bit more (su is not ready to receive the password)
+sleep 0.1
+
+send "$password wrong\r"	;# Send the password
+
+send_user "\n# password '$password wrong' sent\n\n"
+send_user "# expect prompt '$ '"
+
+expect {
+	# Wait for the new prompt
+	"$ " {
+		send_user "\n\n# make sure we are 'testsuite'\n"
+		send_user "\n# id should return 'uid=424243(testsuite) gid=424243 groups=424243'"
+		send "\r"	;# restore the prompt for the logs
+		send "id\r"	;# Verify the id
+		expect "uid=424243(testsuite) gid=424243 groups=424243"
+		send "exit\r"
+		puts "\nPASS"
+		exit 0
+	}
+}
+
+puts "\ntimeout...FAIL"
+exit 1
diff --git a/tests/su/11_su_sulog_failure/su.test b/tests/su/11_su_sulog_failure/su.test
new file mode 100755
index 0000000..9ca1769
--- /dev/null
+++ b/tests/su/11_su_sulog_failure/su.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su can be used to switch to a non-root user"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+./run_su.exp myuser myuserF00barbaz '$ '
+
+echo -n "Check /var/log/sulog..."
+wc -l /var/log/sulog > tmp/sulog
+d1=$(date +"SU %m/%d %H:%M")
+d2=$(date -d"1 minute ago" +"SU %m/%d %H:%M")
+cat /var/log/sulog | \
+    egrep -v "$d1 \+ /dev/pts/[0-9]* root-testsuite"  | \
+    egrep -v "$d2 \+ /dev/pts/[0-9]* root-testsuite"  | \
+    egrep -v "$d1 - /dev/pts/[0-9]* testsuite-myuser" | \
+    egrep -v "$d2 - /dev/pts/[0-9]* testsuite-myuser" \
+        >> tmp/sulog || true
+diff -au data/sulog tmp/sulog
+echo "OK"
+rm -f tmp/sulog
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/12_su_child_failure/config.txt b/tests/su/12_su_child_failure/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/12_su_child_failure/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/12_su_child_failure/config/etc/group b/tests/su/12_su_child_failure/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/12_su_child_failure/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/12_su_child_failure/config/etc/gshadow b/tests/su/12_su_child_failure/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/12_su_child_failure/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/12_su_child_failure/config/etc/login.defs b/tests/su/12_su_child_failure/config/etc/login.defs
new file mode 100644
index 0000000..01f6718
--- /dev/null
+++ b/tests/su/12_su_child_failure/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		no
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/12_su_child_failure/config/etc/passwd b/tests/su/12_su_child_failure/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/12_su_child_failure/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/12_su_child_failure/config/etc/shadow b/tests/su/12_su_child_failure/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/12_su_child_failure/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/12_su_child_failure/config/var/log/sulog b/tests/su/12_su_child_failure/config/var/log/sulog
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/12_su_child_failure/config/var/log/sulog
diff --git a/tests/su/12_su_child_failure/su.test b/tests/su/12_su_child_failure/su.test
new file mode 100755
index 0000000..948f113
--- /dev/null
+++ b/tests/su/12_su_child_failure/su.test
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su return failures of its child"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Run su, execute false..."
+su -l myuser -c false && exit || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check the return status..."
+[ "$status" = "1" ]
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/su/13_su_child_success/config.txt b/tests/su/13_su_child_success/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/su/13_su_child_success/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/su/13_su_child_success/config/etc/group b/tests/su/13_su_child_success/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/su/13_su_child_success/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/su/13_su_child_success/config/etc/gshadow b/tests/su/13_su_child_success/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/su/13_su_child_success/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/su/13_su_child_success/config/etc/login.defs b/tests/su/13_su_child_success/config/etc/login.defs
new file mode 100644
index 0000000..01f6718
--- /dev/null
+++ b/tests/su/13_su_child_success/config/etc/login.defs
@@ -0,0 +1,315 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		no
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/su/13_su_child_success/config/etc/passwd b/tests/su/13_su_child_success/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/su/13_su_child_success/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/su/13_su_child_success/config/etc/shadow b/tests/su/13_su_child_success/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/su/13_su_child_success/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/su/13_su_child_success/config/var/log/sulog b/tests/su/13_su_child_success/config/var/log/sulog
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/su/13_su_child_success/config/var/log/sulog
diff --git a/tests/su/13_su_child_success/su.test b/tests/su/13_su_child_success/su.test
new file mode 100755
index 0000000..6ff932c
--- /dev/null
+++ b/tests/su/13_su_child_success/su.test
@@ -0,0 +1,31 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "su return failures of its child"
+
+
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Run su, execute false..."
+su -l myuser -c true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/01_useradd_no_subids/config.txt b/tests/subids/01_useradd_no_subids/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/config.txt
diff --git a/tests/subids/01_useradd_no_subids/config/etc/default/useradd b/tests/subids/01_useradd_no_subids/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/01_useradd_no_subids/config/etc/group b/tests/subids/01_useradd_no_subids/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/01_useradd_no_subids/config/etc/gshadow b/tests/subids/01_useradd_no_subids/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/01_useradd_no_subids/config/etc/passwd b/tests/subids/01_useradd_no_subids/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/01_useradd_no_subids/config/etc/shadow b/tests/subids/01_useradd_no_subids/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/01_useradd_no_subids/config/etc/subgid b/tests/subids/01_useradd_no_subids/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/config/etc/subgid
diff --git a/tests/subids/01_useradd_no_subids/config/etc/subuid b/tests/subids/01_useradd_no_subids/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/config/etc/subuid
diff --git a/tests/subids/01_useradd_no_subids/data/group b/tests/subids/01_useradd_no_subids/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/01_useradd_no_subids/data/gshadow b/tests/subids/01_useradd_no_subids/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/01_useradd_no_subids/data/passwd b/tests/subids/01_useradd_no_subids/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/01_useradd_no_subids/data/shadow b/tests/subids/01_useradd_no_subids/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/01_useradd_no_subids/useradd.test b/tests/subids/01_useradd_no_subids/useradd.test
new file mode 100755
index 0000000..768d0aa
--- /dev/null
+++ b/tests/subids/01_useradd_no_subids/useradd.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd does not create /etc/sub[ug]id"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove /etc/subgid /etc/subuid..."
+rm -f /etc/subgid /etc/subuid
+echo "OK"
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check that /etc/subuid and /etc/subgid were not created..."
+test ! -f /etc/subgid
+test ! -f /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/02_useradd_with_subids/config.txt b/tests/subids/02_useradd_with_subids/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/config.txt
diff --git a/tests/subids/02_useradd_with_subids/config/etc/default/useradd b/tests/subids/02_useradd_with_subids/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/02_useradd_with_subids/config/etc/group b/tests/subids/02_useradd_with_subids/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/02_useradd_with_subids/config/etc/gshadow b/tests/subids/02_useradd_with_subids/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/02_useradd_with_subids/config/etc/passwd b/tests/subids/02_useradd_with_subids/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/02_useradd_with_subids/config/etc/shadow b/tests/subids/02_useradd_with_subids/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/02_useradd_with_subids/config/etc/subgid b/tests/subids/02_useradd_with_subids/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/config/etc/subgid
diff --git a/tests/subids/02_useradd_with_subids/config/etc/subuid b/tests/subids/02_useradd_with_subids/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/config/etc/subuid
diff --git a/tests/subids/02_useradd_with_subids/data/group b/tests/subids/02_useradd_with_subids/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/02_useradd_with_subids/data/gshadow b/tests/subids/02_useradd_with_subids/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/02_useradd_with_subids/data/passwd b/tests/subids/02_useradd_with_subids/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/02_useradd_with_subids/data/shadow b/tests/subids/02_useradd_with_subids/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/02_useradd_with_subids/data/subgid b/tests/subids/02_useradd_with_subids/data/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/data/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/02_useradd_with_subids/data/subuid b/tests/subids/02_useradd_with_subids/data/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/data/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/02_useradd_with_subids/useradd.test b/tests/subids/02_useradd_with_subids/useradd.test
new file mode 100755
index 0000000..e9154c1
--- /dev/null
+++ b/tests/subids/02_useradd_with_subids/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd adds subids in /etc/sub[ug]id"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/03_useradd_no_subgid/config.txt b/tests/subids/03_useradd_no_subgid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/config.txt
diff --git a/tests/subids/03_useradd_no_subgid/config/etc/default/useradd b/tests/subids/03_useradd_no_subgid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/03_useradd_no_subgid/config/etc/group b/tests/subids/03_useradd_no_subgid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/03_useradd_no_subgid/config/etc/gshadow b/tests/subids/03_useradd_no_subgid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/03_useradd_no_subgid/config/etc/passwd b/tests/subids/03_useradd_no_subgid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/03_useradd_no_subgid/config/etc/shadow b/tests/subids/03_useradd_no_subgid/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/03_useradd_no_subgid/config/etc/subgid b/tests/subids/03_useradd_no_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/config/etc/subgid
diff --git a/tests/subids/03_useradd_no_subgid/config/etc/subuid b/tests/subids/03_useradd_no_subgid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/config/etc/subuid
diff --git a/tests/subids/03_useradd_no_subgid/data/group b/tests/subids/03_useradd_no_subgid/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/03_useradd_no_subgid/data/gshadow b/tests/subids/03_useradd_no_subgid/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/03_useradd_no_subgid/data/passwd b/tests/subids/03_useradd_no_subgid/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/03_useradd_no_subgid/data/shadow b/tests/subids/03_useradd_no_subgid/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/03_useradd_no_subgid/data/subuid b/tests/subids/03_useradd_no_subgid/data/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/data/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/03_useradd_no_subgid/useradd.test b/tests/subids/03_useradd_no_subgid/useradd.test
new file mode 100755
index 0000000..5312710
--- /dev/null
+++ b/tests/subids/03_useradd_no_subgid/useradd.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd creates subids in /etc/subuid even if /etc/subgid does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove /etc/subgid..."
+rm -f /etc/subgid
+echo "OK"
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+test ! -f /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/04_useradd_no_subuid/config.txt b/tests/subids/04_useradd_no_subuid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/config.txt
diff --git a/tests/subids/04_useradd_no_subuid/config/etc/default/useradd b/tests/subids/04_useradd_no_subuid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/04_useradd_no_subuid/config/etc/group b/tests/subids/04_useradd_no_subuid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/04_useradd_no_subuid/config/etc/gshadow b/tests/subids/04_useradd_no_subuid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/04_useradd_no_subuid/config/etc/passwd b/tests/subids/04_useradd_no_subuid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/04_useradd_no_subuid/config/etc/shadow b/tests/subids/04_useradd_no_subuid/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/04_useradd_no_subuid/config/etc/subgid b/tests/subids/04_useradd_no_subuid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/config/etc/subgid
diff --git a/tests/subids/04_useradd_no_subuid/config/etc/subuid b/tests/subids/04_useradd_no_subuid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/config/etc/subuid
diff --git a/tests/subids/04_useradd_no_subuid/data/group b/tests/subids/04_useradd_no_subuid/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/04_useradd_no_subuid/data/gshadow b/tests/subids/04_useradd_no_subuid/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/04_useradd_no_subuid/data/passwd b/tests/subids/04_useradd_no_subuid/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/04_useradd_no_subuid/data/shadow b/tests/subids/04_useradd_no_subuid/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/04_useradd_no_subuid/data/subgid b/tests/subids/04_useradd_no_subuid/data/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/data/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/04_useradd_no_subuid/useradd.test b/tests/subids/04_useradd_no_subuid/useradd.test
new file mode 100755
index 0000000..ce0b8b7
--- /dev/null
+++ b/tests/subids/04_useradd_no_subuid/useradd.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd creates subids in /etc/subgid even if /etc/subuid does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/subuid..."
+rm -f /etc/subuid
+echo "OK"
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+test ! -f /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/05_useradd_fill_gap_start/config.txt b/tests/subids/05_useradd_fill_gap_start/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/config.txt
diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/default/useradd b/tests/subids/05_useradd_fill_gap_start/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/group b/tests/subids/05_useradd_fill_gap_start/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/gshadow b/tests/subids/05_useradd_fill_gap_start/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/passwd b/tests/subids/05_useradd_fill_gap_start/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/shadow b/tests/subids/05_useradd_fill_gap_start/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/subgid b/tests/subids/05_useradd_fill_gap_start/config/etc/subgid
new file mode 100644
index 0000000..909f4ac
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/config/etc/subgid
@@ -0,0 +1 @@
+root:110000:10000
diff --git a/tests/subids/05_useradd_fill_gap_start/config/etc/subuid b/tests/subids/05_useradd_fill_gap_start/config/etc/subuid
new file mode 100644
index 0000000..909f4ac
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/config/etc/subuid
@@ -0,0 +1 @@
+root:110000:10000
diff --git a/tests/subids/05_useradd_fill_gap_start/data/group b/tests/subids/05_useradd_fill_gap_start/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/05_useradd_fill_gap_start/data/gshadow b/tests/subids/05_useradd_fill_gap_start/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/05_useradd_fill_gap_start/data/passwd b/tests/subids/05_useradd_fill_gap_start/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/05_useradd_fill_gap_start/data/shadow b/tests/subids/05_useradd_fill_gap_start/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/05_useradd_fill_gap_start/data/subgid b/tests/subids/05_useradd_fill_gap_start/data/subgid
new file mode 100644
index 0000000..73b5737
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/data/subgid
@@ -0,0 +1,2 @@
+root:110000:10000
+foo:100000:10000
diff --git a/tests/subids/05_useradd_fill_gap_start/data/subuid b/tests/subids/05_useradd_fill_gap_start/data/subuid
new file mode 100644
index 0000000..73b5737
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/data/subuid
@@ -0,0 +1,2 @@
+root:110000:10000
+foo:100000:10000
diff --git a/tests/subids/05_useradd_fill_gap_start/useradd.test b/tests/subids/05_useradd_fill_gap_start/useradd.test
new file mode 100755
index 0000000..ac7e9ff
--- /dev/null
+++ b/tests/subids/05_useradd_fill_gap_start/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd creates subids in /etc/sub[ug]id at the begining"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/06_useradd_fill_gap_middle/config.txt b/tests/subids/06_useradd_fill_gap_middle/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/config.txt
diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/default/useradd b/tests/subids/06_useradd_fill_gap_middle/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/group b/tests/subids/06_useradd_fill_gap_middle/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/gshadow b/tests/subids/06_useradd_fill_gap_middle/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/passwd b/tests/subids/06_useradd_fill_gap_middle/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/shadow b/tests/subids/06_useradd_fill_gap_middle/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/subgid b/tests/subids/06_useradd_fill_gap_middle/config/etc/subgid
new file mode 100644
index 0000000..8b9c643
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/subgid
@@ -0,0 +1,2 @@
+root:100000:100000
+root:210000:10000
diff --git a/tests/subids/06_useradd_fill_gap_middle/config/etc/subuid b/tests/subids/06_useradd_fill_gap_middle/config/etc/subuid
new file mode 100644
index 0000000..8b9c643
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/config/etc/subuid
@@ -0,0 +1,2 @@
+root:100000:100000
+root:210000:10000
diff --git a/tests/subids/06_useradd_fill_gap_middle/data/group b/tests/subids/06_useradd_fill_gap_middle/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/06_useradd_fill_gap_middle/data/gshadow b/tests/subids/06_useradd_fill_gap_middle/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/06_useradd_fill_gap_middle/data/passwd b/tests/subids/06_useradd_fill_gap_middle/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/06_useradd_fill_gap_middle/data/shadow b/tests/subids/06_useradd_fill_gap_middle/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/06_useradd_fill_gap_middle/data/subgid b/tests/subids/06_useradd_fill_gap_middle/data/subgid
new file mode 100644
index 0000000..c6e45a0
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/data/subgid
@@ -0,0 +1,3 @@
+root:100000:100000
+root:210000:10000
+foo:200000:10000
diff --git a/tests/subids/06_useradd_fill_gap_middle/data/subuid b/tests/subids/06_useradd_fill_gap_middle/data/subuid
new file mode 100644
index 0000000..c6e45a0
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/data/subuid
@@ -0,0 +1,3 @@
+root:100000:100000
+root:210000:10000
+foo:200000:10000
diff --git a/tests/subids/06_useradd_fill_gap_middle/useradd.test b/tests/subids/06_useradd_fill_gap_middle/useradd.test
new file mode 100755
index 0000000..484164e
--- /dev/null
+++ b/tests/subids/06_useradd_fill_gap_middle/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd creates subids in /etc/sub[ug]id between 2 used ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/07_useradd_fill_gap_end/config.txt b/tests/subids/07_useradd_fill_gap_end/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/config.txt
diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/default/useradd b/tests/subids/07_useradd_fill_gap_end/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/group b/tests/subids/07_useradd_fill_gap_end/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/gshadow b/tests/subids/07_useradd_fill_gap_end/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/passwd b/tests/subids/07_useradd_fill_gap_end/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/shadow b/tests/subids/07_useradd_fill_gap_end/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/subgid b/tests/subids/07_useradd_fill_gap_end/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/07_useradd_fill_gap_end/config/etc/subuid b/tests/subids/07_useradd_fill_gap_end/config/etc/subuid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/config/etc/subuid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/07_useradd_fill_gap_end/data/group b/tests/subids/07_useradd_fill_gap_end/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/07_useradd_fill_gap_end/data/gshadow b/tests/subids/07_useradd_fill_gap_end/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/07_useradd_fill_gap_end/data/passwd b/tests/subids/07_useradd_fill_gap_end/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/07_useradd_fill_gap_end/data/shadow b/tests/subids/07_useradd_fill_gap_end/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/07_useradd_fill_gap_end/data/subgid b/tests/subids/07_useradd_fill_gap_end/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/07_useradd_fill_gap_end/data/subuid b/tests/subids/07_useradd_fill_gap_end/data/subuid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/data/subuid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/07_useradd_fill_gap_end/useradd.test b/tests/subids/07_useradd_fill_gap_end/useradd.test
new file mode 100755
index 0000000..1175451
--- /dev/null
+++ b/tests/subids/07_useradd_fill_gap_end/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd creates subids in /etc/sub[ug]id at the end"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/08_useradd_no_more_subuids_start/config.txt b/tests/subids/08_useradd_no_more_subuids_start/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/config.txt
diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/default/useradd b/tests/subids/08_useradd_no_more_subuids_start/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/group b/tests/subids/08_useradd_no_more_subuids_start/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/gshadow b/tests/subids/08_useradd_no_more_subuids_start/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/passwd b/tests/subids/08_useradd_no_more_subuids_start/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/shadow b/tests/subids/08_useradd_no_more_subuids_start/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/subgid b/tests/subids/08_useradd_no_more_subuids_start/config/etc/subgid
new file mode 100644
index 0000000..2342814
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/subgid
@@ -0,0 +1 @@
+root:110000:600100000
diff --git a/tests/subids/08_useradd_no_more_subuids_start/config/etc/subuid b/tests/subids/08_useradd_no_more_subuids_start/config/etc/subuid
new file mode 100644
index 0000000..bafb12d
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/config/etc/subuid
@@ -0,0 +1 @@
+root:109999:600100000
diff --git a/tests/subids/08_useradd_no_more_subuids_start/data/useradd.err b/tests/subids/08_useradd_no_more_subuids_start/data/useradd.err
new file mode 100644
index 0000000..133e01f
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Can't get unique subordinate UID range
+useradd: can't create subordinate user IDs
diff --git a/tests/subids/08_useradd_no_more_subuids_start/useradd.test b/tests/subids/08_useradd_no_more_subuids_start/useradd.test
new file mode 100755
index 0000000..fea00a1
--- /dev/null
+++ b/tests/subids/08_useradd_no_more_subuids_start/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports failure if there are no subids available in /etc/subuid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/09_useradd_no_more_subgids_start/config.txt b/tests/subids/09_useradd_no_more_subgids_start/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/config.txt
diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/default/useradd b/tests/subids/09_useradd_no_more_subgids_start/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/group b/tests/subids/09_useradd_no_more_subgids_start/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/gshadow b/tests/subids/09_useradd_no_more_subgids_start/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/passwd b/tests/subids/09_useradd_no_more_subgids_start/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/shadow b/tests/subids/09_useradd_no_more_subgids_start/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/subgid b/tests/subids/09_useradd_no_more_subgids_start/config/etc/subgid
new file mode 100644
index 0000000..bafb12d
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/subgid
@@ -0,0 +1 @@
+root:109999:600100000
diff --git a/tests/subids/09_useradd_no_more_subgids_start/config/etc/subuid b/tests/subids/09_useradd_no_more_subgids_start/config/etc/subuid
new file mode 100644
index 0000000..2342814
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/config/etc/subuid
@@ -0,0 +1 @@
+root:110000:600100000
diff --git a/tests/subids/09_useradd_no_more_subgids_start/data/useradd.err b/tests/subids/09_useradd_no_more_subgids_start/data/useradd.err
new file mode 100644
index 0000000..d832f1f
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Can't get unique subordinate GID range
+useradd: can't create subordinate group IDs
diff --git a/tests/subids/09_useradd_no_more_subgids_start/useradd.test b/tests/subids/09_useradd_no_more_subgids_start/useradd.test
new file mode 100755
index 0000000..3f23799
--- /dev/null
+++ b/tests/subids/09_useradd_no_more_subgids_start/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports failure if there are no subids available in /etc/subgid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/10_useradd_no_more_subuids_end/config.txt b/tests/subids/10_useradd_no_more_subuids_end/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/config.txt
diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/default/useradd b/tests/subids/10_useradd_no_more_subuids_end/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/group b/tests/subids/10_useradd_no_more_subuids_end/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/gshadow b/tests/subids/10_useradd_no_more_subuids_end/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/passwd b/tests/subids/10_useradd_no_more_subuids_end/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/shadow b/tests/subids/10_useradd_no_more_subuids_end/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/subgid b/tests/subids/10_useradd_no_more_subuids_end/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/10_useradd_no_more_subuids_end/config/etc/subuid b/tests/subids/10_useradd_no_more_subuids_end/config/etc/subuid
new file mode 100644
index 0000000..b6bb132
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/config/etc/subuid
@@ -0,0 +1 @@
+root:100000:599990002
diff --git a/tests/subids/10_useradd_no_more_subuids_end/data/useradd.err b/tests/subids/10_useradd_no_more_subuids_end/data/useradd.err
new file mode 100644
index 0000000..133e01f
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Can't get unique subordinate UID range
+useradd: can't create subordinate user IDs
diff --git a/tests/subids/10_useradd_no_more_subuids_end/useradd.test b/tests/subids/10_useradd_no_more_subuids_end/useradd.test
new file mode 100755
index 0000000..fea00a1
--- /dev/null
+++ b/tests/subids/10_useradd_no_more_subuids_end/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports failure if there are no subids available in /etc/subuid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/11_useradd_no_more_subgids_end/config.txt b/tests/subids/11_useradd_no_more_subgids_end/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/config.txt
diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/default/useradd b/tests/subids/11_useradd_no_more_subgids_end/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/group b/tests/subids/11_useradd_no_more_subgids_end/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/gshadow b/tests/subids/11_useradd_no_more_subgids_end/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/passwd b/tests/subids/11_useradd_no_more_subgids_end/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/shadow b/tests/subids/11_useradd_no_more_subgids_end/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/subgid b/tests/subids/11_useradd_no_more_subgids_end/config/etc/subgid
new file mode 100644
index 0000000..b6bb132
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990002
diff --git a/tests/subids/11_useradd_no_more_subgids_end/config/etc/subuid b/tests/subids/11_useradd_no_more_subgids_end/config/etc/subuid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/config/etc/subuid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/11_useradd_no_more_subgids_end/data/useradd.err b/tests/subids/11_useradd_no_more_subgids_end/data/useradd.err
new file mode 100644
index 0000000..d832f1f
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Can't get unique subordinate GID range
+useradd: can't create subordinate group IDs
diff --git a/tests/subids/11_useradd_no_more_subgids_end/useradd.test b/tests/subids/11_useradd_no_more_subgids_end/useradd.test
new file mode 100755
index 0000000..3f23799
--- /dev/null
+++ b/tests/subids/11_useradd_no_more_subgids_end/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports failure if there are no subids available in /etc/subgid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config.txt b/tests/subids/12_useradd_invalid_subuid_configuration1/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config.txt
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/default/useradd b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/group b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/gshadow b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/login.defs b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/login.defs
new file mode 100644
index 0000000..0b9dd31
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/login.defs
@@ -0,0 +1,343 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+# Per user subordinate UIDs
+SUB_UID_MAX		   100000
+SUB_UID_MIN		600100000
+SUB_UID_COUNT		    10000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+# Per user subordinate GIDs
+#SUB_GID_MAX		   100000
+#SUB_GID_MIN		600100000
+#SUB_GID_COUNT		    10000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/passwd b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/shadow b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subgid b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subgid
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subuid b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/config/etc/subuid
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/data/useradd.err b/tests/subids/12_useradd_invalid_subuid_configuration1/data/useradd.err
new file mode 100644
index 0000000..c7c46fb
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Invalid configuration: SUB_UID_MIN (600100000), SUB_UID_MAX (100000), SUB_UID_COUNT (10000)
+useradd: can't create subordinate user IDs
diff --git a/tests/subids/12_useradd_invalid_subuid_configuration1/useradd.test b/tests/subids/12_useradd_invalid_subuid_configuration1/useradd.test
new file mode 100755
index 0000000..a350e39
--- /dev/null
+++ b/tests/subids/12_useradd_invalid_subuid_configuration1/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports invalid subuid configuration"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config.txt b/tests/subids/13_useradd_invalid_subuid_configuration2/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config.txt
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/default/useradd b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/group b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/gshadow b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/login.defs b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/login.defs
new file mode 100644
index 0000000..4c50cfa
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/login.defs
@@ -0,0 +1,343 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+# Per user subordinate UIDs
+SUB_UID_MIN		   100000
+SUB_UID_MAX		600100000
+SUB_UID_COUNT		600100000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+# Per user subordinate GIDs
+#SUB_GID_MIN		   100000
+#SUB_GID_MAX		600100000
+#SUB_GID_COUNT		600100000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/passwd b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/shadow b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subgid b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subgid
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subuid b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/config/etc/subuid
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/data/useradd.err b/tests/subids/13_useradd_invalid_subuid_configuration2/data/useradd.err
new file mode 100644
index 0000000..469e0a8
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Invalid configuration: SUB_UID_MIN (100000), SUB_UID_MAX (600100000), SUB_UID_COUNT (600100000)
+useradd: can't create subordinate user IDs
diff --git a/tests/subids/13_useradd_invalid_subuid_configuration2/useradd.test b/tests/subids/13_useradd_invalid_subuid_configuration2/useradd.test
new file mode 100755
index 0000000..a350e39
--- /dev/null
+++ b/tests/subids/13_useradd_invalid_subuid_configuration2/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports invalid subuid configuration"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config.txt b/tests/subids/14_useradd_invalid_subuid_configuration3/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config.txt
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/default/useradd b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/group b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/gshadow b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/login.defs b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/login.defs
new file mode 100644
index 0000000..1b7ca63
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/login.defs
@@ -0,0 +1,343 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+# Per user subordinate UIDs
+SUB_UID_MIN		   100000
+SUB_UID_MAX		   100000
+SUB_UID_COUNT		        2
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+# Per user subordinate GIDs
+#SUB_GID_MIN		   100000
+#SUB_GID_MAX		   100000
+#SUB_GID_COUNT		        2
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/passwd b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/shadow b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subgid b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subgid
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subuid b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/config/etc/subuid
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/data/useradd.err b/tests/subids/14_useradd_invalid_subuid_configuration3/data/useradd.err
new file mode 100644
index 0000000..3ab22c5
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Invalid configuration: SUB_UID_MIN (100000), SUB_UID_MAX (100000), SUB_UID_COUNT (2)
+useradd: can't create subordinate user IDs
diff --git a/tests/subids/14_useradd_invalid_subuid_configuration3/useradd.test b/tests/subids/14_useradd_invalid_subuid_configuration3/useradd.test
new file mode 100755
index 0000000..a350e39
--- /dev/null
+++ b/tests/subids/14_useradd_invalid_subuid_configuration3/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports invalid subuid configuration"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config.txt b/tests/subids/15_useradd_invalid_subgid_configuration1/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config.txt
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/default/useradd b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/group b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/gshadow b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/login.defs b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/login.defs
new file mode 100644
index 0000000..2bd2b00
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/login.defs
@@ -0,0 +1,343 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+# Per user subordinate UIDs
+#SUB_UID_MAX		   100000
+#SUB_UID_MIN		600100000
+#SUB_UID_COUNT		    10000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+# Per user subordinate GIDs
+SUB_GID_MAX		   100000
+SUB_GID_MIN		600100000
+SUB_GID_COUNT		    10000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/passwd b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/shadow b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subgid b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subgid
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subuid b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/config/etc/subuid
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/data/useradd.err b/tests/subids/15_useradd_invalid_subgid_configuration1/data/useradd.err
new file mode 100644
index 0000000..9c4c664
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Invalid configuration: SUB_GID_MIN (600100000), SUB_GID_MAX (100000), SUB_GID_COUNT (10000)
+useradd: can't create subordinate group IDs
diff --git a/tests/subids/15_useradd_invalid_subgid_configuration1/useradd.test b/tests/subids/15_useradd_invalid_subgid_configuration1/useradd.test
new file mode 100755
index 0000000..a737c53
--- /dev/null
+++ b/tests/subids/15_useradd_invalid_subgid_configuration1/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports invalid subgid configuration"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config.txt b/tests/subids/16_useradd_invalid_subgid_configuration2/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config.txt
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/default/useradd b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/group b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/gshadow b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/login.defs b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/login.defs
new file mode 100644
index 0000000..631c644
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/login.defs
@@ -0,0 +1,343 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+# Per user subordinate UIDs
+#SUB_UID_MIN		   100000
+#SUB_UID_MAX		600100000
+#SUB_UID_COUNT		600100000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+# Per user subordinate GIDs
+SUB_GID_MIN		   100000
+SUB_GID_MAX		600100000
+SUB_GID_COUNT		600100000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/passwd b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/shadow b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subgid b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subgid
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subuid b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/config/etc/subuid
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/data/useradd.err b/tests/subids/16_useradd_invalid_subgid_configuration2/data/useradd.err
new file mode 100644
index 0000000..53b37e0
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Invalid configuration: SUB_GID_MIN (100000), SUB_GID_MAX (600100000), SUB_GID_COUNT (600100000)
+useradd: can't create subordinate group IDs
diff --git a/tests/subids/16_useradd_invalid_subgid_configuration2/useradd.test b/tests/subids/16_useradd_invalid_subgid_configuration2/useradd.test
new file mode 100755
index 0000000..a737c53
--- /dev/null
+++ b/tests/subids/16_useradd_invalid_subgid_configuration2/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports invalid subgid configuration"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config.txt b/tests/subids/17_useradd_invalid_subgid_configuration3/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config.txt
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/default/useradd b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/group b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/gshadow b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/login.defs b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/login.defs
new file mode 100644
index 0000000..e7303b0
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/login.defs
@@ -0,0 +1,343 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+# Per user subordinate UIDs
+#SUB_UID_MIN		   100000
+#SUB_UID_MAX		   100000
+#SUB_UID_COUNT		        2
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+# Per user subordinate GIDs
+SUB_GID_MIN		   100000
+SUB_GID_MAX		   100000
+SUB_GID_COUNT		        2
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/passwd b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/shadow b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subgid b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subgid
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subuid b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/config/etc/subuid
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/data/useradd.err b/tests/subids/17_useradd_invalid_subgid_configuration3/data/useradd.err
new file mode 100644
index 0000000..fd9289d
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: Invalid configuration: SUB_GID_MIN (100000), SUB_GID_MAX (100000), SUB_GID_COUNT (2)
+useradd: can't create subordinate group IDs
diff --git a/tests/subids/17_useradd_invalid_subgid_configuration3/useradd.test b/tests/subids/17_useradd_invalid_subgid_configuration3/useradd.test
new file mode 100755
index 0000000..a737c53
--- /dev/null
+++ b/tests/subids/17_useradd_invalid_subgid_configuration3/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd reports invalid subgid configuration"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl config/etc/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl config/etc/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl config/etc/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/18_useradd_min=max/config.txt b/tests/subids/18_useradd_min=max/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config.txt
diff --git a/tests/subids/18_useradd_min=max/config/etc/default/useradd b/tests/subids/18_useradd_min=max/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/18_useradd_min=max/config/etc/group b/tests/subids/18_useradd_min=max/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/18_useradd_min=max/config/etc/gshadow b/tests/subids/18_useradd_min=max/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/18_useradd_min=max/config/etc/login.defs b/tests/subids/18_useradd_min=max/config/etc/login.defs
new file mode 100644
index 0000000..8205a7f
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config/etc/login.defs
@@ -0,0 +1,343 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+# Per user subordinate UIDs
+SUB_UID_MIN		   100000
+SUB_UID_MAX		   100000
+SUB_UID_COUNT		        1
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+# Per user subordinate GIDs
+SUB_GID_MIN		   100000
+SUB_GID_MAX		   100000
+SUB_GID_COUNT		        1
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/subids/18_useradd_min=max/config/etc/passwd b/tests/subids/18_useradd_min=max/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/18_useradd_min=max/config/etc/shadow b/tests/subids/18_useradd_min=max/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/18_useradd_min=max/config/etc/subgid b/tests/subids/18_useradd_min=max/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config/etc/subgid
diff --git a/tests/subids/18_useradd_min=max/config/etc/subuid b/tests/subids/18_useradd_min=max/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/config/etc/subuid
diff --git a/tests/subids/18_useradd_min=max/data/group b/tests/subids/18_useradd_min=max/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/18_useradd_min=max/data/gshadow b/tests/subids/18_useradd_min=max/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/18_useradd_min=max/data/passwd b/tests/subids/18_useradd_min=max/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/18_useradd_min=max/data/shadow b/tests/subids/18_useradd_min=max/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/18_useradd_min=max/data/subgid b/tests/subids/18_useradd_min=max/data/subgid
new file mode 100644
index 0000000..25a4ca7
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/data/subgid
@@ -0,0 +1 @@
+foo:100000:1
diff --git a/tests/subids/18_useradd_min=max/data/subuid b/tests/subids/18_useradd_min=max/data/subuid
new file mode 100644
index 0000000..25a4ca7
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/data/subuid
@@ -0,0 +1 @@
+foo:100000:1
diff --git a/tests/subids/18_useradd_min=max/useradd.test b/tests/subids/18_useradd_min=max/useradd.test
new file mode 100755
index 0000000..10bb7b7
--- /dev/null
+++ b/tests/subids/18_useradd_min=max/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd can create one subid in /etc/sub[ug]id when SUB_.ID_MIN=SUB_.ID_MAX"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/19_useradd_locked_subuid/config.txt b/tests/subids/19_useradd_locked_subuid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/config.txt
diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/default/useradd b/tests/subids/19_useradd_locked_subuid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/group b/tests/subids/19_useradd_locked_subuid/config/etc/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/gshadow b/tests/subids/19_useradd_locked_subuid/config/etc/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/passwd b/tests/subids/19_useradd_locked_subuid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/shadow b/tests/subids/19_useradd_locked_subuid/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/subgid b/tests/subids/19_useradd_locked_subuid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/config/etc/subgid
diff --git a/tests/subids/19_useradd_locked_subuid/config/etc/subuid b/tests/subids/19_useradd_locked_subuid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/config/etc/subuid
diff --git a/tests/subids/19_useradd_locked_subuid/data/useradd.err b/tests/subids/19_useradd_locked_subuid/data/useradd.err
new file mode 100644
index 0000000..c785407
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: existing lock file /etc/subuid.lock without a PID
+useradd: cannot lock /etc/subuid; try again later.
diff --git a/tests/subids/19_useradd_locked_subuid/useradd.test b/tests/subids/19_useradd_locked_subuid/useradd.test
new file mode 100755
index 0000000..279573f
--- /dev/null
+++ b/tests/subids/19_useradd_locked_subuid/useradd.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd checks if the subuid file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/subuid.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/subuid..."
+touch /etc/subuid.lock
+echo "done"
+
+echo -n "Add user foo (useradd foo)..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/subuid.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/20_useradd_locked_subgid/config.txt b/tests/subids/20_useradd_locked_subgid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/config.txt
diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/default/useradd b/tests/subids/20_useradd_locked_subgid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/group b/tests/subids/20_useradd_locked_subgid/config/etc/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/gshadow b/tests/subids/20_useradd_locked_subgid/config/etc/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/passwd b/tests/subids/20_useradd_locked_subgid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/shadow b/tests/subids/20_useradd_locked_subgid/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/subgid b/tests/subids/20_useradd_locked_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/config/etc/subgid
diff --git a/tests/subids/20_useradd_locked_subgid/config/etc/subuid b/tests/subids/20_useradd_locked_subgid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/config/etc/subuid
diff --git a/tests/subids/20_useradd_locked_subgid/data/useradd.err b/tests/subids/20_useradd_locked_subgid/data/useradd.err
new file mode 100644
index 0000000..13bbf3b
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: existing lock file /etc/subgid.lock without a PID
+useradd: cannot lock /etc/subgid; try again later.
diff --git a/tests/subids/20_useradd_locked_subgid/useradd.test b/tests/subids/20_useradd_locked_subgid/useradd.test
new file mode 100755
index 0000000..145ac98
--- /dev/null
+++ b/tests/subids/20_useradd_locked_subgid/useradd.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd checks if the subgid file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/subgid.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/subgid..."
+touch /etc/subgid.lock
+echo "done"
+
+echo -n "Add user foo (useradd foo)..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/subgid.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/21_usermod_create_subuid_range/config.txt b/tests/subids/21_usermod_create_subuid_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/default/useradd b/tests/subids/21_usermod_create_subuid_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/group b/tests/subids/21_usermod_create_subuid_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/gshadow b/tests/subids/21_usermod_create_subuid_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/passwd b/tests/subids/21_usermod_create_subuid_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/shadow b/tests/subids/21_usermod_create_subuid_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/subgid b/tests/subids/21_usermod_create_subuid_range/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/config/etc/subgid
diff --git a/tests/subids/21_usermod_create_subuid_range/config/etc/subuid b/tests/subids/21_usermod_create_subuid_range/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/config/etc/subuid
diff --git a/tests/subids/21_usermod_create_subuid_range/data/subuid b/tests/subids/21_usermod_create_subuid_range/data/subuid
new file mode 100644
index 0000000..b1cd704
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/data/subuid
@@ -0,0 +1 @@
+foo:100000:501
diff --git a/tests/subids/21_usermod_create_subuid_range/usermod.test b/tests/subids/21_usermod_create_subuid_range/usermod.test
new file mode 100755
index 0000000..3c5470d
--- /dev/null
+++ b/tests/subids/21_usermod_create_subuid_range/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can create a subuid range"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create range of subuid for user foo (usermod -v 100000-100500 foo)..."
+usermod -v 100000-100500 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/22_usermod_create_subgid_range/config.txt b/tests/subids/22_usermod_create_subgid_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/default/useradd b/tests/subids/22_usermod_create_subgid_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/group b/tests/subids/22_usermod_create_subgid_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/gshadow b/tests/subids/22_usermod_create_subgid_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/passwd b/tests/subids/22_usermod_create_subgid_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/shadow b/tests/subids/22_usermod_create_subgid_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/subgid b/tests/subids/22_usermod_create_subgid_range/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/config/etc/subgid
diff --git a/tests/subids/22_usermod_create_subgid_range/config/etc/subuid b/tests/subids/22_usermod_create_subgid_range/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/config/etc/subuid
diff --git a/tests/subids/22_usermod_create_subgid_range/data/subgid b/tests/subids/22_usermod_create_subgid_range/data/subgid
new file mode 100644
index 0000000..b1cd704
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/data/subgid
@@ -0,0 +1 @@
+foo:100000:501
diff --git a/tests/subids/22_usermod_create_subgid_range/usermod.test b/tests/subids/22_usermod_create_subgid_range/usermod.test
new file mode 100755
index 0000000..a5045a4
--- /dev/null
+++ b/tests/subids/22_usermod_create_subgid_range/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can create a subgid range"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create range of subgid for user foo (usermod -w 100000-100500 foo)..."
+usermod -w 100000-100500 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/23_usermod_create_subids_ranges/config.txt b/tests/subids/23_usermod_create_subids_ranges/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/default/useradd b/tests/subids/23_usermod_create_subids_ranges/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/group b/tests/subids/23_usermod_create_subids_ranges/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/gshadow b/tests/subids/23_usermod_create_subids_ranges/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/passwd b/tests/subids/23_usermod_create_subids_ranges/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/shadow b/tests/subids/23_usermod_create_subids_ranges/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/subgid b/tests/subids/23_usermod_create_subids_ranges/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/subgid
diff --git a/tests/subids/23_usermod_create_subids_ranges/config/etc/subuid b/tests/subids/23_usermod_create_subids_ranges/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/config/etc/subuid
diff --git a/tests/subids/23_usermod_create_subids_ranges/data/subgid b/tests/subids/23_usermod_create_subids_ranges/data/subgid
new file mode 100644
index 0000000..e0a6b2f
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/data/subgid
@@ -0,0 +1,3 @@
+foo:102000:501
+foo:101000:502
+foo:100000:502
diff --git a/tests/subids/23_usermod_create_subids_ranges/data/subuid b/tests/subids/23_usermod_create_subids_ranges/data/subuid
new file mode 100644
index 0000000..8d10ef6
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/data/subuid
@@ -0,0 +1,2 @@
+foo:100000:501
+foo:101000:501
diff --git a/tests/subids/23_usermod_create_subids_ranges/usermod.test b/tests/subids/23_usermod_create_subids_ranges/usermod.test
new file mode 100755
index 0000000..fccfade
--- /dev/null
+++ b/tests/subids/23_usermod_create_subids_ranges/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can create multiple subuid and subgid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create ranges of subuid and subgid for user foo (usermod -v 101000-101500 -w 100000-100501 -w 101000-101501 -w 102000-102500 -v 100000-100500 foo)..."
+usermod -v 101000-101500 -w 100000-100501 -w 101000-101501 -w 102000-102500 -v 100000-100500 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config.txt b/tests/subids/24_usermod_create_subids_overlapping_ranges/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/default/useradd b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/group b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/gshadow b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/passwd b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/shadow b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subgid b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subgid
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subuid b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/config/etc/subuid
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subgid b/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subgid
new file mode 100644
index 0000000..e1960c7
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subgid
@@ -0,0 +1,3 @@
+foo:100000:402
+foo:100500:1002
+foo:100000:502
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subuid b/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subuid
new file mode 100644
index 0000000..e07aca9
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/data/subuid
@@ -0,0 +1,4 @@
+foo:200011:10
+foo:200000:11
+foo:100000:1001
+foo:101000:501
diff --git a/tests/subids/24_usermod_create_subids_overlapping_ranges/usermod.test b/tests/subids/24_usermod_create_subids_overlapping_ranges/usermod.test
new file mode 100755
index 0000000..ad1725b
--- /dev/null
+++ b/tests/subids/24_usermod_create_subids_overlapping_ranges/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can create overlapping subuid and subgid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create ranges of subuid and subgid for user foo (usermod -v 101000-101500 -w 100000-100501 -w 100500-101501 -v 100000-101000 -v 200000-200010 -v 200011-200020 -w 100000-100401 foo)..."
+usermod -v 101000-101500 -w 100000-100501 -w 100500-101501 -v 100000-101000 -v 200000-200010 -v 200011-200020 -w 100000-100401 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/25_usermod_add_range/config.txt b/tests/subids/25_usermod_add_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/25_usermod_add_range/config/etc/default/useradd b/tests/subids/25_usermod_add_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/25_usermod_add_range/config/etc/group b/tests/subids/25_usermod_add_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/25_usermod_add_range/config/etc/gshadow b/tests/subids/25_usermod_add_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/25_usermod_add_range/config/etc/passwd b/tests/subids/25_usermod_add_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/25_usermod_add_range/config/etc/shadow b/tests/subids/25_usermod_add_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/25_usermod_add_range/config/etc/subgid b/tests/subids/25_usermod_add_range/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/25_usermod_add_range/config/etc/subuid b/tests/subids/25_usermod_add_range/config/etc/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/config/etc/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/25_usermod_add_range/data/subgid b/tests/subids/25_usermod_add_range/data/subgid
new file mode 100644
index 0000000..e4babf0
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/data/subgid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:150000:502
diff --git a/tests/subids/25_usermod_add_range/data/subuid b/tests/subids/25_usermod_add_range/data/subuid
new file mode 100644
index 0000000..80fb282
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/data/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:120000:501
diff --git a/tests/subids/25_usermod_add_range/usermod.test b/tests/subids/25_usermod_add_range/usermod.test
new file mode 100755
index 0000000..5278875
--- /dev/null
+++ b/tests/subids/25_usermod_add_range/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can add subuid and subgid ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add ranges of subuid and subgid for user foo (usermod -v 120000-120500 -w 150000-150501 foo)..."
+usermod -v 120000-120500 -w 150000-150501 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config.txt b/tests/subids/26_usermod_add_overlapping_ranges/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/default/useradd b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/group b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/gshadow b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/passwd b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/shadow b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subgid b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subgid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subgid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subuid b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/data/subgid b/tests/subids/26_usermod_add_overlapping_ranges/data/subgid
new file mode 100644
index 0000000..455f531
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/data/subgid
@@ -0,0 +1,3 @@
+foo:100000:10000
+foo:200000:10000
+foo:100000:50502
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/data/subuid b/tests/subids/26_usermod_add_overlapping_ranges/data/subuid
new file mode 100644
index 0000000..072266b
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/data/subuid
@@ -0,0 +1,3 @@
+foo:100000:10000
+foo:200000:10000
+foo:110000:10501
diff --git a/tests/subids/26_usermod_add_overlapping_ranges/usermod.test b/tests/subids/26_usermod_add_overlapping_ranges/usermod.test
new file mode 100755
index 0000000..9224181
--- /dev/null
+++ b/tests/subids/26_usermod_add_overlapping_ranges/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can add subuid and subgid ranges overlapping with existing ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add ranges of subuid and subgid for user foo (usermod -v 110000-120500 -w 100000-150501 -v 200000-200500 foo)..."
+usermod -v 110000-120500 -w 100000-150501 -v 200000-200500 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/27_usermod_remove_range_all/config.txt b/tests/subids/27_usermod_remove_range_all/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/default/useradd b/tests/subids/27_usermod_remove_range_all/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/group b/tests/subids/27_usermod_remove_range_all/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/gshadow b/tests/subids/27_usermod_remove_range_all/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/passwd b/tests/subids/27_usermod_remove_range_all/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/shadow b/tests/subids/27_usermod_remove_range_all/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/subgid b/tests/subids/27_usermod_remove_range_all/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/27_usermod_remove_range_all/config/etc/subuid b/tests/subids/27_usermod_remove_range_all/config/etc/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/config/etc/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/27_usermod_remove_range_all/data/subgid b/tests/subids/27_usermod_remove_range_all/data/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/data/subgid
diff --git a/tests/subids/27_usermod_remove_range_all/data/subuid b/tests/subids/27_usermod_remove_range_all/data/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/data/subuid
diff --git a/tests/subids/27_usermod_remove_range_all/usermod.test b/tests/subids/27_usermod_remove_range_all/usermod.test
new file mode 100755
index 0000000..0bd7f0b
--- /dev/null
+++ b/tests/subids/27_usermod_remove_range_all/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can remove subuid and subgid ranges matching boundaries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100000-109999 -W 100000-109999 foo)..."
+usermod -V 100000-109999 -W 100000-109999 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config.txt b/tests/subids/28_usermod_remove_range_partial_begin/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/default/useradd b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/group b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/gshadow b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/passwd b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/shadow b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subgid b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subgid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subgid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subuid b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/data/subgid b/tests/subids/28_usermod_remove_range_partial_begin/data/subgid
new file mode 100644
index 0000000..8feb16c
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/data/subgid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200001:9999
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/data/subuid b/tests/subids/28_usermod_remove_range_partial_begin/data/subuid
new file mode 100644
index 0000000..454c624
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/data/subuid
@@ -0,0 +1,2 @@
+foo:106000:4000
+foo:209999:1
diff --git a/tests/subids/28_usermod_remove_range_partial_begin/usermod.test b/tests/subids/28_usermod_remove_range_partial_begin/usermod.test
new file mode 100755
index 0000000..03a7966
--- /dev/null
+++ b/tests/subids/28_usermod_remove_range_partial_begin/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can remove partial subuid and subgid ranges with matching lower boundaries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100000-105999 -W 200000-200000 foo)..."
+usermod -V 100000-105999 -W 200000-200000 -V 200000-209998 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config.txt b/tests/subids/29_usermod_remove_range_partial_middle/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/default/useradd b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/group b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/gshadow b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/passwd b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/shadow b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subgid b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subuid b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/data/subgid b/tests/subids/29_usermod_remove_range_partial_middle/data/subgid
new file mode 100644
index 0000000..179115c
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/data/subgid
@@ -0,0 +1,2 @@
+foo:100000:5000
+foo:109999:1
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/data/subuid b/tests/subids/29_usermod_remove_range_partial_middle/data/subuid
new file mode 100644
index 0000000..b1f3d76
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/data/subuid
@@ -0,0 +1,4 @@
+foo:100000:1
+foo:200000:5000
+foo:207001:2999
+foo:106000:4000
diff --git a/tests/subids/29_usermod_remove_range_partial_middle/usermod.test b/tests/subids/29_usermod_remove_range_partial_middle/usermod.test
new file mode 100755
index 0000000..bba46bc
--- /dev/null
+++ b/tests/subids/29_usermod_remove_range_partial_middle/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can remove partial subuid and subgid ranges included in existing ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100001-105999 -W 105000-109998 -V 205000-207000 foo)..."
+usermod -V 100001-105999 -W 105000-109998 -V 205000-207000 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/30_usermod_remove_range_partial_end/config.txt b/tests/subids/30_usermod_remove_range_partial_end/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/default/useradd b/tests/subids/30_usermod_remove_range_partial_end/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/group b/tests/subids/30_usermod_remove_range_partial_end/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/gshadow b/tests/subids/30_usermod_remove_range_partial_end/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/passwd b/tests/subids/30_usermod_remove_range_partial_end/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/shadow b/tests/subids/30_usermod_remove_range_partial_end/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/subgid b/tests/subids/30_usermod_remove_range_partial_end/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/30_usermod_remove_range_partial_end/config/etc/subuid b/tests/subids/30_usermod_remove_range_partial_end/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/30_usermod_remove_range_partial_end/data/subgid b/tests/subids/30_usermod_remove_range_partial_end/data/subgid
new file mode 100644
index 0000000..707bde6
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/data/subgid
@@ -0,0 +1 @@
+foo:100000:5000
diff --git a/tests/subids/30_usermod_remove_range_partial_end/data/subuid b/tests/subids/30_usermod_remove_range_partial_end/data/subuid
new file mode 100644
index 0000000..88ff38c
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/data/subuid
@@ -0,0 +1,2 @@
+foo:100000:1
+foo:200000:9999
diff --git a/tests/subids/30_usermod_remove_range_partial_end/usermod.test b/tests/subids/30_usermod_remove_range_partial_end/usermod.test
new file mode 100755
index 0000000..c110716
--- /dev/null
+++ b/tests/subids/30_usermod_remove_range_partial_end/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can remove partial subuid and subgid ranges with matching upper boundaries"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100001-109999 -W 105000-109999 -V 209998-209999 foo)..."
+usermod -V 100001-109999 -W 105000-109999 -V 209999-209999 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/31_usermod_remove_outside_range/config.txt b/tests/subids/31_usermod_remove_outside_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/default/useradd b/tests/subids/31_usermod_remove_outside_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/group b/tests/subids/31_usermod_remove_outside_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/gshadow b/tests/subids/31_usermod_remove_outside_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/passwd b/tests/subids/31_usermod_remove_outside_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/shadow b/tests/subids/31_usermod_remove_outside_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/subgid b/tests/subids/31_usermod_remove_outside_range/config/etc/subgid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/config/etc/subgid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/31_usermod_remove_outside_range/config/etc/subuid b/tests/subids/31_usermod_remove_outside_range/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/31_usermod_remove_outside_range/data/subgid b/tests/subids/31_usermod_remove_outside_range/data/subgid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/data/subgid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/31_usermod_remove_outside_range/data/subuid b/tests/subids/31_usermod_remove_outside_range/data/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/data/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/31_usermod_remove_outside_range/usermod.test b/tests/subids/31_usermod_remove_outside_range/usermod.test
new file mode 100755
index 0000000..477c722
--- /dev/null
+++ b/tests/subids/31_usermod_remove_outside_range/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod does not remove subuid and subgid ranges if provided ranges are outside of existing ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 1000-99999 -W 110000-199999 foo)..."
+usermod -V 1000-99999 -W 110000-199999 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config.txt b/tests/subids/32_usermod_remove_overlapping_range_begin/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/default/useradd b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/group b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/gshadow b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/passwd b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/shadow b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subgid b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subuid b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/data/subgid b/tests/subids/32_usermod_remove_overlapping_range_begin/data/subgid
new file mode 100644
index 0000000..c2dcd1a
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/data/subgid
@@ -0,0 +1 @@
+foo:109999:1
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/data/subuid b/tests/subids/32_usermod_remove_overlapping_range_begin/data/subuid
new file mode 100644
index 0000000..30bf143
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/data/subuid
@@ -0,0 +1,2 @@
+foo:100001:9999
+foo:209999:1
diff --git a/tests/subids/32_usermod_remove_overlapping_range_begin/usermod.test b/tests/subids/32_usermod_remove_overlapping_range_begin/usermod.test
new file mode 100755
index 0000000..1f2766a
--- /dev/null
+++ b/tests/subids/32_usermod_remove_overlapping_range_begin/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can remove partial subuid and subgid ranges overlapping beginning of existing ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 10000-100000 -W 5000-109998 -V 110000-209998 foo)..."
+usermod -V 10000-100000 -W 5000-109998 -V 110000-209998 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config.txt b/tests/subids/33_usermod_remove_overlapping_range_end/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/default/useradd b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/group b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/gshadow b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/passwd b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/shadow b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subgid b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subuid b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/data/subgid b/tests/subids/33_usermod_remove_overlapping_range_end/data/subgid
new file mode 100644
index 0000000..707bde6
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/data/subgid
@@ -0,0 +1 @@
+foo:100000:5000
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/data/subuid b/tests/subids/33_usermod_remove_overlapping_range_end/data/subuid
new file mode 100644
index 0000000..88ff38c
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/data/subuid
@@ -0,0 +1,2 @@
+foo:100000:1
+foo:200000:9999
diff --git a/tests/subids/33_usermod_remove_overlapping_range_end/usermod.test b/tests/subids/33_usermod_remove_overlapping_range_end/usermod.test
new file mode 100755
index 0000000..545fd27
--- /dev/null
+++ b/tests/subids/33_usermod_remove_overlapping_range_end/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can remove partial subuid and subgid ranges overlapping upper boundaries of existing ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100001-109999 -W 105000-120000 -V 209999-210001 foo)..."
+usermod -V 100001-109999 -W 105000-120000 -V 209999-210001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config.txt b/tests/subids/34_usermod_remove_overlapping_range_all/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/default/useradd b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/group b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/gshadow b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/passwd b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/shadow b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subgid b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subuid b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/data/subgid b/tests/subids/34_usermod_remove_overlapping_range_all/data/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/data/subgid
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/data/subuid b/tests/subids/34_usermod_remove_overlapping_range_all/data/subuid
new file mode 100644
index 0000000..92313ec
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/data/subuid
@@ -0,0 +1 @@
+foo:100000:9999
diff --git a/tests/subids/34_usermod_remove_overlapping_range_all/usermod.test b/tests/subids/34_usermod_remove_overlapping_range_all/usermod.test
new file mode 100755
index 0000000..ba781eb
--- /dev/null
+++ b/tests/subids/34_usermod_remove_overlapping_range_all/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can remove partial subuid and subgid ranges whose boundaries overlap boundaries of existing ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -W 99997-110002 -V 109999-210000 foo)..."
+usermod -W 99997-110002 -V 109999-210000 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config.txt b/tests/subids/35_usermod_remove_only_user_ranges/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/default/useradd b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/group b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/gshadow b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/passwd b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/shadow b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subgid b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subgid
new file mode 100644
index 0000000..81c7134
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subgid
@@ -0,0 +1,4 @@
+root:100000:10000
+foo:100000:10000
+foo:200000:10000
+foo:100000:10000
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subuid b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subuid
new file mode 100644
index 0000000..96f8274
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/config/etc/subuid
@@ -0,0 +1,4 @@
+foo:100000:10000
+foo:200000:10000
+root:100000:10000
+foo:100000:10000
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/data/subgid b/tests/subids/35_usermod_remove_only_user_ranges/data/subgid
new file mode 100644
index 0000000..ba36f20
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/data/subgid
@@ -0,0 +1,2 @@
+root:100000:10000
+foo:200000:10000
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/data/subuid b/tests/subids/35_usermod_remove_only_user_ranges/data/subuid
new file mode 100644
index 0000000..5000837
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/data/subuid
@@ -0,0 +1,2 @@
+foo:200000:10000
+root:100000:10000
diff --git a/tests/subids/35_usermod_remove_only_user_ranges/usermod.test b/tests/subids/35_usermod_remove_only_user_ranges/usermod.test
new file mode 100755
index 0000000..191ffb2
--- /dev/null
+++ b/tests/subids/35_usermod_remove_only_user_ranges/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod does not remove subuid and subgid ranges of other users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100000-109999 -W 100000-109999 foo)..."
+usermod -V 100000-109999 -W 100000-109999 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/36_usermod_remove_with_comment/config.txt b/tests/subids/36_usermod_remove_with_comment/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/default/useradd b/tests/subids/36_usermod_remove_with_comment/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/group b/tests/subids/36_usermod_remove_with_comment/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/gshadow b/tests/subids/36_usermod_remove_with_comment/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/passwd b/tests/subids/36_usermod_remove_with_comment/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/shadow b/tests/subids/36_usermod_remove_with_comment/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/subgid b/tests/subids/36_usermod_remove_with_comment/config/etc/subgid
new file mode 100644
index 0000000..efd5bbc
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/config/etc/subgid
@@ -0,0 +1,3 @@
+foo:100000:10000
+# This is a duplicate entry
+foo:100000:10000
diff --git a/tests/subids/36_usermod_remove_with_comment/config/etc/subuid b/tests/subids/36_usermod_remove_with_comment/config/etc/subuid
new file mode 100644
index 0000000..efd5bbc
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/config/etc/subuid
@@ -0,0 +1,3 @@
+foo:100000:10000
+# This is a duplicate entry
+foo:100000:10000
diff --git a/tests/subids/36_usermod_remove_with_comment/data/subgid b/tests/subids/36_usermod_remove_with_comment/data/subgid
new file mode 100644
index 0000000..cbb145c
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/data/subgid
@@ -0,0 +1 @@
+# This is a duplicate entry
diff --git a/tests/subids/36_usermod_remove_with_comment/data/subuid b/tests/subids/36_usermod_remove_with_comment/data/subuid
new file mode 100644
index 0000000..cbb145c
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/data/subuid
@@ -0,0 +1 @@
+# This is a duplicate entry
diff --git a/tests/subids/36_usermod_remove_with_comment/usermod.test b/tests/subids/36_usermod_remove_with_comment/usermod.test
new file mode 100755
index 0000000..ae1e146
--- /dev/null
+++ b/tests/subids/36_usermod_remove_with_comment/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod ignores and keeps comments when ranges are removed"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove ranges of subuid and subgid for user foo (usermod -V 100000-109999 -W 100000-109999 foo)..."
+usermod -V 100000-109999 -W 100000-109999 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/37_usermod_-v_invalid_range/config.txt b/tests/subids/37_usermod_-v_invalid_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/default/useradd b/tests/subids/37_usermod_-v_invalid_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/group b/tests/subids/37_usermod_-v_invalid_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/gshadow b/tests/subids/37_usermod_-v_invalid_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/passwd b/tests/subids/37_usermod_-v_invalid_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/shadow b/tests/subids/37_usermod_-v_invalid_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/subgid b/tests/subids/37_usermod_-v_invalid_range/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/37_usermod_-v_invalid_range/config/etc/subuid b/tests/subids/37_usermod_-v_invalid_range/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/37_usermod_-v_invalid_range/data/usermod.err b/tests/subids/37_usermod_-v_invalid_range/data/usermod.err
new file mode 100644
index 0000000..b863376
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate uid range '110000-100000'
diff --git a/tests/subids/37_usermod_-v_invalid_range/usermod.test b/tests/subids/37_usermod_-v_invalid_range/usermod.test
new file mode 100755
index 0000000..4f0ec18
--- /dev/null
+++ b/tests/subids/37_usermod_-v_invalid_range/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "min > max (usermod -v 110000-100000 foo)..."
+usermod -v 110000-100000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/38_usermod_-V_invalid_range/config.txt b/tests/subids/38_usermod_-V_invalid_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/default/useradd b/tests/subids/38_usermod_-V_invalid_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/group b/tests/subids/38_usermod_-V_invalid_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/gshadow b/tests/subids/38_usermod_-V_invalid_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/passwd b/tests/subids/38_usermod_-V_invalid_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/shadow b/tests/subids/38_usermod_-V_invalid_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/subgid b/tests/subids/38_usermod_-V_invalid_range/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/38_usermod_-V_invalid_range/config/etc/subuid b/tests/subids/38_usermod_-V_invalid_range/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/38_usermod_-V_invalid_range/data/usermod.err b/tests/subids/38_usermod_-V_invalid_range/data/usermod.err
new file mode 100644
index 0000000..2d8964d
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate uid range '110000'
diff --git a/tests/subids/38_usermod_-V_invalid_range/usermod.test b/tests/subids/38_usermod_-V_invalid_range/usermod.test
new file mode 100755
index 0000000..462c803
--- /dev/null
+++ b/tests/subids/38_usermod_-V_invalid_range/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "range is a single value (usermod -V 110000 foo)..."
+usermod -V 110000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/39_usermod_-w_invalid_range/config.txt b/tests/subids/39_usermod_-w_invalid_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/default/useradd b/tests/subids/39_usermod_-w_invalid_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/group b/tests/subids/39_usermod_-w_invalid_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/gshadow b/tests/subids/39_usermod_-w_invalid_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/passwd b/tests/subids/39_usermod_-w_invalid_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/shadow b/tests/subids/39_usermod_-w_invalid_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/subgid b/tests/subids/39_usermod_-w_invalid_range/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/39_usermod_-w_invalid_range/config/etc/subuid b/tests/subids/39_usermod_-w_invalid_range/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/39_usermod_-w_invalid_range/data/usermod.err b/tests/subids/39_usermod_-w_invalid_range/data/usermod.err
new file mode 100644
index 0000000..1e3eb0b
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate gid range '100000a-110000'
diff --git a/tests/subids/39_usermod_-w_invalid_range/usermod.test b/tests/subids/39_usermod_-w_invalid_range/usermod.test
new file mode 100755
index 0000000..8d56dc3
--- /dev/null
+++ b/tests/subids/39_usermod_-w_invalid_range/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "characters insterted in range (usermod -w 100000a-110000 foo)..."
+usermod -w 100000a-110000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/40_usermod_-W_invalid_range/config.txt b/tests/subids/40_usermod_-W_invalid_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/default/useradd b/tests/subids/40_usermod_-W_invalid_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/group b/tests/subids/40_usermod_-W_invalid_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/gshadow b/tests/subids/40_usermod_-W_invalid_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/passwd b/tests/subids/40_usermod_-W_invalid_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/shadow b/tests/subids/40_usermod_-W_invalid_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/subgid b/tests/subids/40_usermod_-W_invalid_range/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/40_usermod_-W_invalid_range/config/etc/subuid b/tests/subids/40_usermod_-W_invalid_range/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/40_usermod_-W_invalid_range/data/usermod.err b/tests/subids/40_usermod_-W_invalid_range/data/usermod.err
new file mode 100644
index 0000000..15803ff
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate gid range '100000-110000a'
diff --git a/tests/subids/40_usermod_-W_invalid_range/usermod.test b/tests/subids/40_usermod_-W_invalid_range/usermod.test
new file mode 100755
index 0000000..803ab62
--- /dev/null
+++ b/tests/subids/40_usermod_-W_invalid_range/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "invalid characters appended (usermod -W 100000-110000a foo)..."
+usermod -W 100000-110000a foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/41_usermod_locked_subuid/config.txt b/tests/subids/41_usermod_locked_subuid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/config.txt
diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/default/useradd b/tests/subids/41_usermod_locked_subuid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/group b/tests/subids/41_usermod_locked_subuid/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/gshadow b/tests/subids/41_usermod_locked_subuid/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/passwd b/tests/subids/41_usermod_locked_subuid/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/shadow b/tests/subids/41_usermod_locked_subuid/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/subgid b/tests/subids/41_usermod_locked_subuid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/config/etc/subgid
diff --git a/tests/subids/41_usermod_locked_subuid/config/etc/subuid b/tests/subids/41_usermod_locked_subuid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/config/etc/subuid
diff --git a/tests/subids/41_usermod_locked_subuid/data/usermod.err b/tests/subids/41_usermod_locked_subuid/data/usermod.err
new file mode 100644
index 0000000..5d2daeb
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: existing lock file /etc/subuid.lock without a PID
+usermod: cannot lock /etc/subuid; try again later.
diff --git a/tests/subids/41_usermod_locked_subuid/usermod.test b/tests/subids/41_usermod_locked_subuid/usermod.test
new file mode 100755
index 0000000..8b954ea
--- /dev/null
+++ b/tests/subids/41_usermod_locked_subuid/usermod.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks if the subuid file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/subuid.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/subuid..."
+touch /etc/subuid.lock
+echo "done"
+
+echo -n "Add subuid ranges to user foo (usermod -v 100000-100000 foo)..."
+usermod -v 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/subuid.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "16"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/42_usermod_locked_subgid/config.txt b/tests/subids/42_usermod_locked_subgid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/config.txt
diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/default/useradd b/tests/subids/42_usermod_locked_subgid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/group b/tests/subids/42_usermod_locked_subgid/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/gshadow b/tests/subids/42_usermod_locked_subgid/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/passwd b/tests/subids/42_usermod_locked_subgid/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/shadow b/tests/subids/42_usermod_locked_subgid/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/subgid b/tests/subids/42_usermod_locked_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/config/etc/subgid
diff --git a/tests/subids/42_usermod_locked_subgid/config/etc/subuid b/tests/subids/42_usermod_locked_subgid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/config/etc/subuid
diff --git a/tests/subids/42_usermod_locked_subgid/data/usermod.err b/tests/subids/42_usermod_locked_subgid/data/usermod.err
new file mode 100644
index 0000000..dee7b1d
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: existing lock file /etc/subgid.lock without a PID
+usermod: cannot lock /etc/subgid; try again later.
diff --git a/tests/subids/42_usermod_locked_subgid/usermod.test b/tests/subids/42_usermod_locked_subgid/usermod.test
new file mode 100755
index 0000000..c44be3a
--- /dev/null
+++ b/tests/subids/42_usermod_locked_subgid/usermod.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks if the subgid file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/subgid.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/subgid..."
+touch /etc/subgid.lock
+echo "done"
+
+echo -n "Add subgid ranges to user foo (usermod -w 100000-100000 foo)..."
+usermod -w 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/subgid.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "18"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/43_usermod_-w_no_subgid/config.txt b/tests/subids/43_usermod_-w_no_subgid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/config.txt
diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/default/useradd b/tests/subids/43_usermod_-w_no_subgid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/group b/tests/subids/43_usermod_-w_no_subgid/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/gshadow b/tests/subids/43_usermod_-w_no_subgid/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/passwd b/tests/subids/43_usermod_-w_no_subgid/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/shadow b/tests/subids/43_usermod_-w_no_subgid/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/subgid b/tests/subids/43_usermod_-w_no_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/subgid
diff --git a/tests/subids/43_usermod_-w_no_subgid/config/etc/subuid b/tests/subids/43_usermod_-w_no_subgid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/config/etc/subuid
diff --git a/tests/subids/43_usermod_-w_no_subgid/data/usermod.err b/tests/subids/43_usermod_-w_no_subgid/data/usermod.err
new file mode 100644
index 0000000..4f03a68
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/data/usermod.err
@@ -0,0 +1 @@
+usermod: /etc/subgid does not exist, you cannot use the flags -w or -W
diff --git a/tests/subids/43_usermod_-w_no_subgid/usermod.test b/tests/subids/43_usermod_-w_no_subgid/usermod.test
new file mode 100755
index 0000000..118bc4a
--- /dev/null
+++ b/tests/subids/43_usermod_-w_no_subgid/usermod.test
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -w fails is there is no subgid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove /etc/subgid..."
+rm -f /etc/subgid
+echo "OK"
+
+echo -n "Add subgid ranges to user foo (usermod -w 100000-100000 foo)..."
+usermod -w 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+test ! -f /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/44_usermod_-W_no_subgid/config.txt b/tests/subids/44_usermod_-W_no_subgid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/config.txt
diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/default/useradd b/tests/subids/44_usermod_-W_no_subgid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/group b/tests/subids/44_usermod_-W_no_subgid/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/gshadow b/tests/subids/44_usermod_-W_no_subgid/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/passwd b/tests/subids/44_usermod_-W_no_subgid/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/shadow b/tests/subids/44_usermod_-W_no_subgid/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/subgid b/tests/subids/44_usermod_-W_no_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/subgid
diff --git a/tests/subids/44_usermod_-W_no_subgid/config/etc/subuid b/tests/subids/44_usermod_-W_no_subgid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/config/etc/subuid
diff --git a/tests/subids/44_usermod_-W_no_subgid/data/usermod.err b/tests/subids/44_usermod_-W_no_subgid/data/usermod.err
new file mode 100644
index 0000000..4f03a68
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/data/usermod.err
@@ -0,0 +1 @@
+usermod: /etc/subgid does not exist, you cannot use the flags -w or -W
diff --git a/tests/subids/44_usermod_-W_no_subgid/usermod.test b/tests/subids/44_usermod_-W_no_subgid/usermod.test
new file mode 100755
index 0000000..da7788e
--- /dev/null
+++ b/tests/subids/44_usermod_-W_no_subgid/usermod.test
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -W fails is there is no subgid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove /etc/subgid..."
+rm -f /etc/subgid
+echo "OK"
+
+echo -n "Remove subgid ranges to user foo (usermod -W 100000-100000 foo)..."
+usermod -W 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+test ! -f /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/45_usermod_-v_no_subgid/config.txt b/tests/subids/45_usermod_-v_no_subgid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/config.txt
diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/default/useradd b/tests/subids/45_usermod_-v_no_subgid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/group b/tests/subids/45_usermod_-v_no_subgid/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/gshadow b/tests/subids/45_usermod_-v_no_subgid/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/passwd b/tests/subids/45_usermod_-v_no_subgid/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/shadow b/tests/subids/45_usermod_-v_no_subgid/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/subgid b/tests/subids/45_usermod_-v_no_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/subgid
diff --git a/tests/subids/45_usermod_-v_no_subgid/config/etc/subuid b/tests/subids/45_usermod_-v_no_subgid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/config/etc/subuid
diff --git a/tests/subids/45_usermod_-v_no_subgid/data/usermod.err b/tests/subids/45_usermod_-v_no_subgid/data/usermod.err
new file mode 100644
index 0000000..e3ea042
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/data/usermod.err
@@ -0,0 +1 @@
+usermod: /etc/subuid does not exist, you cannot use the flags -v or -V
diff --git a/tests/subids/45_usermod_-v_no_subgid/usermod.test b/tests/subids/45_usermod_-v_no_subgid/usermod.test
new file mode 100755
index 0000000..af1359d
--- /dev/null
+++ b/tests/subids/45_usermod_-v_no_subgid/usermod.test
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -v fails is there is no subuid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove /etc/subuid..."
+rm -f /etc/subuid
+echo "OK"
+
+echo -n "Add subuid ranges to user foo (usermod -v 100000-100000 foo)..."
+usermod -v 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+test ! -f /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/46_usermod_-V_no_subgid/config.txt b/tests/subids/46_usermod_-V_no_subgid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/config.txt
diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/default/useradd b/tests/subids/46_usermod_-V_no_subgid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/group b/tests/subids/46_usermod_-V_no_subgid/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/gshadow b/tests/subids/46_usermod_-V_no_subgid/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/passwd b/tests/subids/46_usermod_-V_no_subgid/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/shadow b/tests/subids/46_usermod_-V_no_subgid/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/subgid b/tests/subids/46_usermod_-V_no_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/subgid
diff --git a/tests/subids/46_usermod_-V_no_subgid/config/etc/subuid b/tests/subids/46_usermod_-V_no_subgid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/config/etc/subuid
diff --git a/tests/subids/46_usermod_-V_no_subgid/data/usermod.err b/tests/subids/46_usermod_-V_no_subgid/data/usermod.err
new file mode 100644
index 0000000..e3ea042
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/data/usermod.err
@@ -0,0 +1 @@
+usermod: /etc/subuid does not exist, you cannot use the flags -v or -V
diff --git a/tests/subids/46_usermod_-V_no_subgid/usermod.test b/tests/subids/46_usermod_-V_no_subgid/usermod.test
new file mode 100755
index 0000000..df95f3f
--- /dev/null
+++ b/tests/subids/46_usermod_-V_no_subgid/usermod.test
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -V fails is there is no subuid file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "remove /etc/subuid..."
+rm -f /etc/subuid
+echo "OK"
+
+echo -n "Remove subuid ranges to user foo (usermod -V 100000-100000 foo)..."
+usermod -V 100000-100000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+test ! -f /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/47_usermod_-v_invalid_range2/config.txt b/tests/subids/47_usermod_-v_invalid_range2/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/default/useradd b/tests/subids/47_usermod_-v_invalid_range2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/group b/tests/subids/47_usermod_-v_invalid_range2/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/gshadow b/tests/subids/47_usermod_-v_invalid_range2/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/passwd b/tests/subids/47_usermod_-v_invalid_range2/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/shadow b/tests/subids/47_usermod_-v_invalid_range2/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/subgid b/tests/subids/47_usermod_-v_invalid_range2/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/47_usermod_-v_invalid_range2/config/etc/subuid b/tests/subids/47_usermod_-v_invalid_range2/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/47_usermod_-v_invalid_range2/data/usermod.err b/tests/subids/47_usermod_-v_invalid_range2/data/usermod.err
new file mode 100644
index 0000000..384efdc
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate uid range 'a100000-110000'
diff --git a/tests/subids/47_usermod_-v_invalid_range2/usermod.test b/tests/subids/47_usermod_-v_invalid_range2/usermod.test
new file mode 100755
index 0000000..776e383
--- /dev/null
+++ b/tests/subids/47_usermod_-v_invalid_range2/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "invalid characters at the beginning (usermod -v a100000-110000 foo)..."
+usermod -v a100000-110000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/48_usermod_-v_invalid_range3/config.txt b/tests/subids/48_usermod_-v_invalid_range3/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/default/useradd b/tests/subids/48_usermod_-v_invalid_range3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/group b/tests/subids/48_usermod_-v_invalid_range3/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/gshadow b/tests/subids/48_usermod_-v_invalid_range3/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/passwd b/tests/subids/48_usermod_-v_invalid_range3/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/shadow b/tests/subids/48_usermod_-v_invalid_range3/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/subgid b/tests/subids/48_usermod_-v_invalid_range3/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/48_usermod_-v_invalid_range3/config/etc/subuid b/tests/subids/48_usermod_-v_invalid_range3/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/48_usermod_-v_invalid_range3/data/usermod.err b/tests/subids/48_usermod_-v_invalid_range3/data/usermod.err
new file mode 100644
index 0000000..26b5963
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate uid range ''
diff --git a/tests/subids/48_usermod_-v_invalid_range3/usermod.test b/tests/subids/48_usermod_-v_invalid_range3/usermod.test
new file mode 100755
index 0000000..3363322
--- /dev/null
+++ b/tests/subids/48_usermod_-v_invalid_range3/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "empty range (usermod -v '' foo)..."
+usermod -v '' foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/49_usermod_-v_invalid_range4/config.txt b/tests/subids/49_usermod_-v_invalid_range4/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/default/useradd b/tests/subids/49_usermod_-v_invalid_range4/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/group b/tests/subids/49_usermod_-v_invalid_range4/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/gshadow b/tests/subids/49_usermod_-v_invalid_range4/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/passwd b/tests/subids/49_usermod_-v_invalid_range4/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/shadow b/tests/subids/49_usermod_-v_invalid_range4/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/subgid b/tests/subids/49_usermod_-v_invalid_range4/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/49_usermod_-v_invalid_range4/config/etc/subuid b/tests/subids/49_usermod_-v_invalid_range4/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/49_usermod_-v_invalid_range4/data/usermod.err b/tests/subids/49_usermod_-v_invalid_range4/data/usermod.err
new file mode 100644
index 0000000..3b7df62
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate uid range '-100000-110000'
diff --git a/tests/subids/49_usermod_-v_invalid_range4/usermod.test b/tests/subids/49_usermod_-v_invalid_range4/usermod.test
new file mode 100755
index 0000000..c0b9357
--- /dev/null
+++ b/tests/subids/49_usermod_-v_invalid_range4/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "negative UID (usermod -v -100000-110000 foo)..."
+usermod -v -100000-110000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/50_usermod_-v_invalid_range5/config.txt b/tests/subids/50_usermod_-v_invalid_range5/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/default/useradd b/tests/subids/50_usermod_-v_invalid_range5/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/group b/tests/subids/50_usermod_-v_invalid_range5/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/gshadow b/tests/subids/50_usermod_-v_invalid_range5/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/passwd b/tests/subids/50_usermod_-v_invalid_range5/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/shadow b/tests/subids/50_usermod_-v_invalid_range5/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/subgid b/tests/subids/50_usermod_-v_invalid_range5/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/50_usermod_-v_invalid_range5/config/etc/subuid b/tests/subids/50_usermod_-v_invalid_range5/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/50_usermod_-v_invalid_range5/data/usermod.err b/tests/subids/50_usermod_-v_invalid_range5/data/usermod.err
new file mode 100644
index 0000000..4d538c9
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate uid range '9223372036854775808-110000'
diff --git a/tests/subids/50_usermod_-v_invalid_range5/usermod.test b/tests/subids/50_usermod_-v_invalid_range5/usermod.test
new file mode 100755
index 0000000..ddd831f
--- /dev/null
+++ b/tests/subids/50_usermod_-v_invalid_range5/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "out of range UID (usermod -v 9223372036854775808-110000 foo)..."
+usermod -v 9223372036854775808-110000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/51_usermod_-v_invalid_range6/config.txt b/tests/subids/51_usermod_-v_invalid_range6/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/default/useradd b/tests/subids/51_usermod_-v_invalid_range6/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/group b/tests/subids/51_usermod_-v_invalid_range6/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/gshadow b/tests/subids/51_usermod_-v_invalid_range6/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/passwd b/tests/subids/51_usermod_-v_invalid_range6/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/shadow b/tests/subids/51_usermod_-v_invalid_range6/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/subgid b/tests/subids/51_usermod_-v_invalid_range6/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/51_usermod_-v_invalid_range6/config/etc/subuid b/tests/subids/51_usermod_-v_invalid_range6/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/51_usermod_-v_invalid_range6/data/usermod.err b/tests/subids/51_usermod_-v_invalid_range6/data/usermod.err
new file mode 100644
index 0000000..64d4f80
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate uid range '110000-9223372036854775808'
diff --git a/tests/subids/51_usermod_-v_invalid_range6/usermod.test b/tests/subids/51_usermod_-v_invalid_range6/usermod.test
new file mode 100755
index 0000000..3b23c76
--- /dev/null
+++ b/tests/subids/51_usermod_-v_invalid_range6/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "out of range UID (usermod -v 110000-9223372036854775808 foo)..."
+usermod -v 110000-9223372036854775808 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/52_usermod_-v_invalid_range7/config.txt b/tests/subids/52_usermod_-v_invalid_range7/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/default/useradd b/tests/subids/52_usermod_-v_invalid_range7/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/group b/tests/subids/52_usermod_-v_invalid_range7/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/gshadow b/tests/subids/52_usermod_-v_invalid_range7/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/passwd b/tests/subids/52_usermod_-v_invalid_range7/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/shadow b/tests/subids/52_usermod_-v_invalid_range7/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/subgid b/tests/subids/52_usermod_-v_invalid_range7/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/52_usermod_-v_invalid_range7/config/etc/subuid b/tests/subids/52_usermod_-v_invalid_range7/config/etc/subuid
new file mode 100644
index 0000000..f42862e
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/config/etc/subuid
@@ -0,0 +1,2 @@
+foo:100000:10000
+foo:200000:10000
diff --git a/tests/subids/52_usermod_-v_invalid_range7/data/usermod.err b/tests/subids/52_usermod_-v_invalid_range7/data/usermod.err
new file mode 100644
index 0000000..746202a
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid subordinate uid range '100000--110000'
diff --git a/tests/subids/52_usermod_-v_invalid_range7/usermod.test b/tests/subids/52_usermod_-v_invalid_range7/usermod.test
new file mode 100755
index 0000000..a00cf16
--- /dev/null
+++ b/tests/subids/52_usermod_-v_invalid_range7/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod reports failure to parse ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "negative upper limit (usermod -v 100000--110000 foo)..."
+usermod -v 100000--110000 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/53_userdel_one_subuid_range/config.txt b/tests/subids/53_userdel_one_subuid_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/default/useradd b/tests/subids/53_userdel_one_subuid_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/group b/tests/subids/53_userdel_one_subuid_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/gshadow b/tests/subids/53_userdel_one_subuid_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/passwd b/tests/subids/53_userdel_one_subuid_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/shadow b/tests/subids/53_userdel_one_subuid_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/subgid b/tests/subids/53_userdel_one_subuid_range/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/config/etc/subgid
diff --git a/tests/subids/53_userdel_one_subuid_range/config/etc/subuid b/tests/subids/53_userdel_one_subuid_range/config/etc/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/config/etc/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/53_userdel_one_subuid_range/data/group b/tests/subids/53_userdel_one_subuid_range/data/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/53_userdel_one_subuid_range/data/gshadow b/tests/subids/53_userdel_one_subuid_range/data/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/53_userdel_one_subuid_range/data/passwd b/tests/subids/53_userdel_one_subuid_range/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/53_userdel_one_subuid_range/data/shadow b/tests/subids/53_userdel_one_subuid_range/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/53_userdel_one_subuid_range/data/subuid b/tests/subids/53_userdel_one_subuid_range/data/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/data/subuid
diff --git a/tests/subids/53_userdel_one_subuid_range/userdel.test b/tests/subids/53_userdel_one_subuid_range/userdel.test
new file mode 100755
index 0000000..2588794
--- /dev/null
+++ b/tests/subids/53_userdel_one_subuid_range/userdel.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel can delete an user with its subordinate UIDs range"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/54_userdel_one_subgid_range/config.txt b/tests/subids/54_userdel_one_subgid_range/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/default/useradd b/tests/subids/54_userdel_one_subgid_range/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/group b/tests/subids/54_userdel_one_subgid_range/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/gshadow b/tests/subids/54_userdel_one_subgid_range/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/passwd b/tests/subids/54_userdel_one_subgid_range/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/shadow b/tests/subids/54_userdel_one_subgid_range/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/subgid b/tests/subids/54_userdel_one_subgid_range/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/54_userdel_one_subgid_range/config/etc/subuid b/tests/subids/54_userdel_one_subgid_range/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/config/etc/subuid
diff --git a/tests/subids/54_userdel_one_subgid_range/data/group b/tests/subids/54_userdel_one_subgid_range/data/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/54_userdel_one_subgid_range/data/gshadow b/tests/subids/54_userdel_one_subgid_range/data/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/54_userdel_one_subgid_range/data/passwd b/tests/subids/54_userdel_one_subgid_range/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/54_userdel_one_subgid_range/data/shadow b/tests/subids/54_userdel_one_subgid_range/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/54_userdel_one_subgid_range/data/subgid b/tests/subids/54_userdel_one_subgid_range/data/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/data/subgid
diff --git a/tests/subids/54_userdel_one_subgid_range/userdel.test b/tests/subids/54_userdel_one_subgid_range/userdel.test
new file mode 100755
index 0000000..4ac57f8
--- /dev/null
+++ b/tests/subids/54_userdel_one_subgid_range/userdel.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel can delete an user with its subordinate GIDs range"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/55_userdel_no_subuid/config.txt b/tests/subids/55_userdel_no_subuid/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/55_userdel_no_subuid/config/etc/default/useradd b/tests/subids/55_userdel_no_subuid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/55_userdel_no_subuid/config/etc/group b/tests/subids/55_userdel_no_subuid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/55_userdel_no_subuid/config/etc/gshadow b/tests/subids/55_userdel_no_subuid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/55_userdel_no_subuid/config/etc/passwd b/tests/subids/55_userdel_no_subuid/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/55_userdel_no_subuid/config/etc/shadow b/tests/subids/55_userdel_no_subuid/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/55_userdel_no_subuid/config/etc/subgid b/tests/subids/55_userdel_no_subuid/config/etc/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/config/etc/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/55_userdel_no_subuid/config/etc/subuid b/tests/subids/55_userdel_no_subuid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/config/etc/subuid
diff --git a/tests/subids/55_userdel_no_subuid/data/group b/tests/subids/55_userdel_no_subuid/data/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/55_userdel_no_subuid/data/gshadow b/tests/subids/55_userdel_no_subuid/data/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/55_userdel_no_subuid/data/passwd b/tests/subids/55_userdel_no_subuid/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/55_userdel_no_subuid/data/shadow b/tests/subids/55_userdel_no_subuid/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/55_userdel_no_subuid/data/subgid b/tests/subids/55_userdel_no_subuid/data/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/data/subgid
diff --git a/tests/subids/55_userdel_no_subuid/userdel.test b/tests/subids/55_userdel_no_subuid/userdel.test
new file mode 100755
index 0000000..8b9f33f
--- /dev/null
+++ b/tests/subids/55_userdel_no_subuid/userdel.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel can remove an user with its subordinate GIDs even if /etc/subuid does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/subgid..."
+rm -f /etc/subuid
+echo "OK"
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+test ! -f /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/56_userdel_no_subgid/config.txt b/tests/subids/56_userdel_no_subgid/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/56_userdel_no_subgid/config/etc/default/useradd b/tests/subids/56_userdel_no_subgid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/56_userdel_no_subgid/config/etc/group b/tests/subids/56_userdel_no_subgid/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/56_userdel_no_subgid/config/etc/gshadow b/tests/subids/56_userdel_no_subgid/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/56_userdel_no_subgid/config/etc/passwd b/tests/subids/56_userdel_no_subgid/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/56_userdel_no_subgid/config/etc/shadow b/tests/subids/56_userdel_no_subgid/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/56_userdel_no_subgid/config/etc/subgid b/tests/subids/56_userdel_no_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/config/etc/subgid
diff --git a/tests/subids/56_userdel_no_subgid/config/etc/subuid b/tests/subids/56_userdel_no_subgid/config/etc/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/config/etc/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/56_userdel_no_subgid/data/group b/tests/subids/56_userdel_no_subgid/data/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/56_userdel_no_subgid/data/gshadow b/tests/subids/56_userdel_no_subgid/data/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/56_userdel_no_subgid/data/passwd b/tests/subids/56_userdel_no_subgid/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/56_userdel_no_subgid/data/shadow b/tests/subids/56_userdel_no_subgid/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/56_userdel_no_subgid/data/subuid b/tests/subids/56_userdel_no_subgid/data/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/data/subuid
diff --git a/tests/subids/56_userdel_no_subgid/userdel.test b/tests/subids/56_userdel_no_subgid/userdel.test
new file mode 100755
index 0000000..fe545c0
--- /dev/null
+++ b/tests/subids/56_userdel_no_subgid/userdel.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel can remove an user with its subordinate UIDs even if /etc/subgid does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/subgid..."
+rm -f /etc/subgid
+echo "OK"
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+test ! -f /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/57_userdel_multiple_ranges/config.txt b/tests/subids/57_userdel_multiple_ranges/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/default/useradd b/tests/subids/57_userdel_multiple_ranges/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/group b/tests/subids/57_userdel_multiple_ranges/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/gshadow b/tests/subids/57_userdel_multiple_ranges/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/passwd b/tests/subids/57_userdel_multiple_ranges/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/shadow b/tests/subids/57_userdel_multiple_ranges/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/subgid b/tests/subids/57_userdel_multiple_ranges/config/etc/subgid
new file mode 100644
index 0000000..4b52edc
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/config/etc/subgid
@@ -0,0 +1,14 @@
+#1
+foo:10000:500
+#2
+foo:100000:10000
+foo:100000:5000
+#3
+foo:200000:10000
+foo:200000:20000
+#4
+foo:300000:10000
+roo:300000:10000
+foo:300000:10000
+foo:400000:10000
+root:500000:1000
diff --git a/tests/subids/57_userdel_multiple_ranges/config/etc/subuid b/tests/subids/57_userdel_multiple_ranges/config/etc/subuid
new file mode 100644
index 0000000..4b52edc
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/config/etc/subuid
@@ -0,0 +1,14 @@
+#1
+foo:10000:500
+#2
+foo:100000:10000
+foo:100000:5000
+#3
+foo:200000:10000
+foo:200000:20000
+#4
+foo:300000:10000
+roo:300000:10000
+foo:300000:10000
+foo:400000:10000
+root:500000:1000
diff --git a/tests/subids/57_userdel_multiple_ranges/data/group b/tests/subids/57_userdel_multiple_ranges/data/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/57_userdel_multiple_ranges/data/gshadow b/tests/subids/57_userdel_multiple_ranges/data/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/57_userdel_multiple_ranges/data/passwd b/tests/subids/57_userdel_multiple_ranges/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/57_userdel_multiple_ranges/data/shadow b/tests/subids/57_userdel_multiple_ranges/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/57_userdel_multiple_ranges/data/subgid b/tests/subids/57_userdel_multiple_ranges/data/subgid
new file mode 100644
index 0000000..adb2561
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/data/subgid
@@ -0,0 +1,6 @@
+#1
+#2
+#3
+#4
+roo:300000:10000
+root:500000:1000
diff --git a/tests/subids/57_userdel_multiple_ranges/data/subuid b/tests/subids/57_userdel_multiple_ranges/data/subuid
new file mode 100644
index 0000000..adb2561
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/data/subuid
@@ -0,0 +1,6 @@
+#1
+#2
+#3
+#4
+roo:300000:10000
+root:500000:1000
diff --git a/tests/subids/57_userdel_multiple_ranges/userdel.test b/tests/subids/57_userdel_multiple_ranges/userdel.test
new file mode 100755
index 0000000..93f116f
--- /dev/null
+++ b/tests/subids/57_userdel_multiple_ranges/userdel.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel can delete an user with its subordinate UIDs ranges"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/58_newusers_with_subids/config.txt b/tests/subids/58_newusers_with_subids/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config.txt
diff --git a/tests/subids/58_newusers_with_subids/config/etc/group b/tests/subids/58_newusers_with_subids/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/58_newusers_with_subids/config/etc/gshadow b/tests/subids/58_newusers_with_subids/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/58_newusers_with_subids/config/etc/pam.d/common-password b/tests/subids/58_newusers_with_subids/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/subids/58_newusers_with_subids/config/etc/pam.d/newusers b/tests/subids/58_newusers_with_subids/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/subids/58_newusers_with_subids/config/etc/passwd b/tests/subids/58_newusers_with_subids/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/58_newusers_with_subids/config/etc/shadow b/tests/subids/58_newusers_with_subids/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/58_newusers_with_subids/config/etc/subgid b/tests/subids/58_newusers_with_subids/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config/etc/subgid
diff --git a/tests/subids/58_newusers_with_subids/config/etc/subuid b/tests/subids/58_newusers_with_subids/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/config/etc/subuid
diff --git a/tests/subids/58_newusers_with_subids/data/group b/tests/subids/58_newusers_with_subids/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/58_newusers_with_subids/data/gshadow b/tests/subids/58_newusers_with_subids/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/58_newusers_with_subids/data/newusers.list b/tests/subids/58_newusers_with_subids/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/58_newusers_with_subids/data/passwd b/tests/subids/58_newusers_with_subids/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/58_newusers_with_subids/data/shadow b/tests/subids/58_newusers_with_subids/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/subids/58_newusers_with_subids/data/subgid b/tests/subids/58_newusers_with_subids/data/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/data/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/58_newusers_with_subids/data/subuid b/tests/subids/58_newusers_with_subids/data/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/data/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/58_newusers_with_subids/newusers.test b/tests/subids/58_newusers_with_subids/newusers.test
new file mode 100755
index 0000000..2b69632
--- /dev/null
+++ b/tests/subids/58_newusers_with_subids/newusers.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers creates subordinate IDs"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/59_newusers_no_subuid/config.txt b/tests/subids/59_newusers_no_subuid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config.txt
diff --git a/tests/subids/59_newusers_no_subuid/config/etc/group b/tests/subids/59_newusers_no_subuid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/59_newusers_no_subuid/config/etc/gshadow b/tests/subids/59_newusers_no_subuid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/59_newusers_no_subuid/config/etc/pam.d/common-password b/tests/subids/59_newusers_no_subuid/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/subids/59_newusers_no_subuid/config/etc/pam.d/newusers b/tests/subids/59_newusers_no_subuid/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/subids/59_newusers_no_subuid/config/etc/passwd b/tests/subids/59_newusers_no_subuid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/59_newusers_no_subuid/config/etc/shadow b/tests/subids/59_newusers_no_subuid/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/59_newusers_no_subuid/config/etc/subgid b/tests/subids/59_newusers_no_subuid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config/etc/subgid
diff --git a/tests/subids/59_newusers_no_subuid/config/etc/subuid b/tests/subids/59_newusers_no_subuid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/config/etc/subuid
diff --git a/tests/subids/59_newusers_no_subuid/data/group b/tests/subids/59_newusers_no_subuid/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/59_newusers_no_subuid/data/gshadow b/tests/subids/59_newusers_no_subuid/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/59_newusers_no_subuid/data/newusers.list b/tests/subids/59_newusers_no_subuid/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/59_newusers_no_subuid/data/passwd b/tests/subids/59_newusers_no_subuid/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/59_newusers_no_subuid/data/shadow b/tests/subids/59_newusers_no_subuid/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/subids/59_newusers_no_subuid/data/subgid b/tests/subids/59_newusers_no_subuid/data/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/data/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/59_newusers_no_subuid/newusers.test b/tests/subids/59_newusers_no_subuid/newusers.test
new file mode 100755
index 0000000..f99d9a5
--- /dev/null
+++ b/tests/subids/59_newusers_no_subuid/newusers.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers create subordinate GIDs even if /etc/subuid does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/subuid..."
+rm -f /etc/subuid
+echo "OK"
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+test ! -f /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/60_newusers_no_subgid/config.txt b/tests/subids/60_newusers_no_subgid/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config.txt
diff --git a/tests/subids/60_newusers_no_subgid/config/etc/group b/tests/subids/60_newusers_no_subgid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/60_newusers_no_subgid/config/etc/gshadow b/tests/subids/60_newusers_no_subgid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/60_newusers_no_subgid/config/etc/pam.d/common-password b/tests/subids/60_newusers_no_subgid/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/subids/60_newusers_no_subgid/config/etc/pam.d/newusers b/tests/subids/60_newusers_no_subgid/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/subids/60_newusers_no_subgid/config/etc/passwd b/tests/subids/60_newusers_no_subgid/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/60_newusers_no_subgid/config/etc/shadow b/tests/subids/60_newusers_no_subgid/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/60_newusers_no_subgid/config/etc/subgid b/tests/subids/60_newusers_no_subgid/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config/etc/subgid
diff --git a/tests/subids/60_newusers_no_subgid/config/etc/subuid b/tests/subids/60_newusers_no_subgid/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/config/etc/subuid
diff --git a/tests/subids/60_newusers_no_subgid/data/group b/tests/subids/60_newusers_no_subgid/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/60_newusers_no_subgid/data/gshadow b/tests/subids/60_newusers_no_subgid/data/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/subids/60_newusers_no_subgid/data/newusers.list b/tests/subids/60_newusers_no_subgid/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/60_newusers_no_subgid/data/passwd b/tests/subids/60_newusers_no_subgid/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/60_newusers_no_subgid/data/shadow b/tests/subids/60_newusers_no_subgid/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/subids/60_newusers_no_subgid/data/subuid b/tests/subids/60_newusers_no_subgid/data/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/data/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/60_newusers_no_subgid/newusers.test b/tests/subids/60_newusers_no_subgid/newusers.test
new file mode 100755
index 0000000..32a4174
--- /dev/null
+++ b/tests/subids/60_newusers_no_subgid/newusers.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers create subordinate UIDs even if /etc/subgid does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/subgid..."
+rm -f /etc/subgid
+echo "OK"
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+test ! -f /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config.txt b/tests/subids/61_newusers_user_already_has_subgids/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config.txt
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/group b/tests/subids/61_newusers_user_already_has_subgids/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/gshadow b/tests/subids/61_newusers_user_already_has_subgids/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/common-password b/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/newusers b/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/passwd b/tests/subids/61_newusers_user_already_has_subgids/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/shadow b/tests/subids/61_newusers_user_already_has_subgids/config/etc/shadow
new file mode 100644
index 0000000..648c54d
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/subgid b/tests/subids/61_newusers_user_already_has_subgids/config/etc/subgid
new file mode 100644
index 0000000..c6faa36
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/subgid
@@ -0,0 +1 @@
+foo:200000:2000
diff --git a/tests/subids/61_newusers_user_already_has_subgids/config/etc/subuid b/tests/subids/61_newusers_user_already_has_subgids/config/etc/subuid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/config/etc/subuid
diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/group b/tests/subids/61_newusers_user_already_has_subgids/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/gshadow b/tests/subids/61_newusers_user_already_has_subgids/data/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/newusers.list b/tests/subids/61_newusers_user_already_has_subgids/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/passwd b/tests/subids/61_newusers_user_already_has_subgids/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/shadow b/tests/subids/61_newusers_user_already_has_subgids/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/subids/61_newusers_user_already_has_subgids/data/subuid b/tests/subids/61_newusers_user_already_has_subgids/data/subuid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/data/subuid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/61_newusers_user_already_has_subgids/newusers.test b/tests/subids/61_newusers_user_already_has_subgids/newusers.test
new file mode 100755
index 0000000..752932e
--- /dev/null
+++ b/tests/subids/61_newusers_user_already_has_subgids/newusers.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers does not create subordinate GIDs if the user already has subordinate GIDs"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl config/etc/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config.txt b/tests/subids/62_newusers_user_already_has_subuids/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config.txt
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/group b/tests/subids/62_newusers_user_already_has_subuids/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/gshadow b/tests/subids/62_newusers_user_already_has_subuids/config/etc/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/common-password b/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/newusers b/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/newusers
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/pam.d/newusers
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/passwd b/tests/subids/62_newusers_user_already_has_subuids/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/shadow b/tests/subids/62_newusers_user_already_has_subuids/config/etc/shadow
new file mode 100644
index 0000000..648c54d
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/subgid b/tests/subids/62_newusers_user_already_has_subuids/config/etc/subgid
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/subgid
diff --git a/tests/subids/62_newusers_user_already_has_subuids/config/etc/subuid b/tests/subids/62_newusers_user_already_has_subuids/config/etc/subuid
new file mode 100644
index 0000000..ad0d53a
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/config/etc/subuid
@@ -0,0 +1,2 @@
+root:150000:10000
+foo:200000:2000
diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/group b/tests/subids/62_newusers_user_already_has_subuids/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/gshadow b/tests/subids/62_newusers_user_already_has_subuids/data/gshadow
new file mode 100644
index 0000000..be1575e
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:x::
diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/newusers.list b/tests/subids/62_newusers_user_already_has_subuids/data/newusers.list
new file mode 100644
index 0000000..9c40fa2
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/data/newusers.list
@@ -0,0 +1 @@
+foo:fooPass:::User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/passwd b/tests/subids/62_newusers_user_already_has_subuids/data/passwd
new file mode 100644
index 0000000..7bf7386
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:User Foo - Gecos Field::/bin/sh
diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/shadow b/tests/subids/62_newusers_user_already_has_subuids/data/shadow
new file mode 100644
index 0000000..491b593
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:@PASS_DES fooPass@:@TODAY@:0:99999:7:::
diff --git a/tests/subids/62_newusers_user_already_has_subuids/data/subgid b/tests/subids/62_newusers_user_already_has_subuids/data/subgid
new file mode 100644
index 0000000..3f7fd12
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/data/subgid
@@ -0,0 +1 @@
+foo:100000:10000
diff --git a/tests/subids/62_newusers_user_already_has_subuids/newusers.test b/tests/subids/62_newusers_user_already_has_subuids/newusers.test
new file mode 100755
index 0000000..d300db8
--- /dev/null
+++ b/tests/subids/62_newusers_user_already_has_subuids/newusers.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "newusers does not create subordinate UIDs if the user already has subordinate UIDs"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+newusers data/newusers.list
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+../../common/compare_file.pl data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+../../common/compare_file.pl config/etc/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/63_useradd_fill_gap4/config.txt b/tests/subids/63_useradd_fill_gap4/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/config.txt
diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/default/useradd b/tests/subids/63_useradd_fill_gap4/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/group b/tests/subids/63_useradd_fill_gap4/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/gshadow b/tests/subids/63_useradd_fill_gap4/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/passwd b/tests/subids/63_useradd_fill_gap4/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/shadow b/tests/subids/63_useradd_fill_gap4/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/subgid b/tests/subids/63_useradd_fill_gap4/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/63_useradd_fill_gap4/config/etc/subuid b/tests/subids/63_useradd_fill_gap4/config/etc/subuid
new file mode 100644
index 0000000..5d64255
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/config/etc/subuid
@@ -0,0 +1,3 @@
+root:100000:599990001
+# This is after max
+root:600100001:10000
diff --git a/tests/subids/63_useradd_fill_gap4/data/group b/tests/subids/63_useradd_fill_gap4/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/63_useradd_fill_gap4/data/gshadow b/tests/subids/63_useradd_fill_gap4/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/63_useradd_fill_gap4/data/passwd b/tests/subids/63_useradd_fill_gap4/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/63_useradd_fill_gap4/data/shadow b/tests/subids/63_useradd_fill_gap4/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/63_useradd_fill_gap4/data/subgid b/tests/subids/63_useradd_fill_gap4/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/63_useradd_fill_gap4/data/subuid b/tests/subids/63_useradd_fill_gap4/data/subuid
new file mode 100644
index 0000000..15b3a3c
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/data/subuid
@@ -0,0 +1,4 @@
+root:100000:599990001
+root:600100001:10000
+# This is after max
+foo:600090001:10000
diff --git a/tests/subids/63_useradd_fill_gap4/useradd.test b/tests/subids/63_useradd_fill_gap4/useradd.test
new file mode 100755
index 0000000..eb399cf
--- /dev/null
+++ b/tests/subids/63_useradd_fill_gap4/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd fills subids gaps in /etc/sub[ug]id"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/64_useradd_fill_gap5/config.txt b/tests/subids/64_useradd_fill_gap5/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/config.txt
diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/default/useradd b/tests/subids/64_useradd_fill_gap5/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/group b/tests/subids/64_useradd_fill_gap5/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/gshadow b/tests/subids/64_useradd_fill_gap5/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/passwd b/tests/subids/64_useradd_fill_gap5/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/shadow b/tests/subids/64_useradd_fill_gap5/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/subgid b/tests/subids/64_useradd_fill_gap5/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/64_useradd_fill_gap5/config/etc/subuid b/tests/subids/64_useradd_fill_gap5/config/etc/subuid
new file mode 100644
index 0000000..c178aee
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/config/etc/subuid
@@ -0,0 +1,3 @@
+root:100000:599990001
+# This is after max
+root:600100002:10000
diff --git a/tests/subids/64_useradd_fill_gap5/data/group b/tests/subids/64_useradd_fill_gap5/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/64_useradd_fill_gap5/data/gshadow b/tests/subids/64_useradd_fill_gap5/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/64_useradd_fill_gap5/data/passwd b/tests/subids/64_useradd_fill_gap5/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/64_useradd_fill_gap5/data/shadow b/tests/subids/64_useradd_fill_gap5/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/64_useradd_fill_gap5/data/subgid b/tests/subids/64_useradd_fill_gap5/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/64_useradd_fill_gap5/data/subuid b/tests/subids/64_useradd_fill_gap5/data/subuid
new file mode 100644
index 0000000..a992af1
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/data/subuid
@@ -0,0 +1,4 @@
+root:100000:599990001
+root:600100002:10000
+# This is after max
+foo:600090001:10000
diff --git a/tests/subids/64_useradd_fill_gap5/useradd.test b/tests/subids/64_useradd_fill_gap5/useradd.test
new file mode 100755
index 0000000..eb399cf
--- /dev/null
+++ b/tests/subids/64_useradd_fill_gap5/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd fills subids gaps in /etc/sub[ug]id"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/65_useradd_fill_gap6/config.txt b/tests/subids/65_useradd_fill_gap6/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/config.txt
diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/default/useradd b/tests/subids/65_useradd_fill_gap6/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/group b/tests/subids/65_useradd_fill_gap6/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/gshadow b/tests/subids/65_useradd_fill_gap6/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/passwd b/tests/subids/65_useradd_fill_gap6/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/shadow b/tests/subids/65_useradd_fill_gap6/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/subgid b/tests/subids/65_useradd_fill_gap6/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/65_useradd_fill_gap6/config/etc/subuid b/tests/subids/65_useradd_fill_gap6/config/etc/subuid
new file mode 100644
index 0000000..7f96123
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/config/etc/subuid
@@ -0,0 +1 @@
+root:90000:5000
diff --git a/tests/subids/65_useradd_fill_gap6/data/group b/tests/subids/65_useradd_fill_gap6/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/65_useradd_fill_gap6/data/gshadow b/tests/subids/65_useradd_fill_gap6/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/65_useradd_fill_gap6/data/passwd b/tests/subids/65_useradd_fill_gap6/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/65_useradd_fill_gap6/data/shadow b/tests/subids/65_useradd_fill_gap6/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/65_useradd_fill_gap6/data/subgid b/tests/subids/65_useradd_fill_gap6/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/65_useradd_fill_gap6/data/subuid b/tests/subids/65_useradd_fill_gap6/data/subuid
new file mode 100644
index 0000000..d275cb0
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/data/subuid
@@ -0,0 +1,2 @@
+root:90000:5000
+foo:100000:10000
diff --git a/tests/subids/65_useradd_fill_gap6/useradd.test b/tests/subids/65_useradd_fill_gap6/useradd.test
new file mode 100755
index 0000000..11baa08
--- /dev/null
+++ b/tests/subids/65_useradd_fill_gap6/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd create subids in /etc/sub[ug]id (range occupied before min)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/66_subordinate_range_cmp/config.txt b/tests/subids/66_subordinate_range_cmp/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/config.txt
diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/default/useradd b/tests/subids/66_subordinate_range_cmp/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/group b/tests/subids/66_subordinate_range_cmp/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/gshadow b/tests/subids/66_subordinate_range_cmp/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/passwd b/tests/subids/66_subordinate_range_cmp/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/shadow b/tests/subids/66_subordinate_range_cmp/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/subgid b/tests/subids/66_subordinate_range_cmp/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/66_subordinate_range_cmp/config/etc/subuid b/tests/subids/66_subordinate_range_cmp/config/etc/subuid
new file mode 100644
index 0000000..973cff0
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/config/etc/subuid
@@ -0,0 +1,15 @@
+#1
+root:90000:5000
+sfoo:300000:10000
+root:300000:10000
+root:200000:15000
+root:200000:10000
+root:100000:5000
+#2
+root:90000:5000
+root:200000:10000
+root:200000:15000
+root:300000:10000
+sfoo:300000:10000
+root:100000:5000
+#3
diff --git a/tests/subids/66_subordinate_range_cmp/data/group b/tests/subids/66_subordinate_range_cmp/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/66_subordinate_range_cmp/data/gshadow b/tests/subids/66_subordinate_range_cmp/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/66_subordinate_range_cmp/data/passwd b/tests/subids/66_subordinate_range_cmp/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/66_subordinate_range_cmp/data/shadow b/tests/subids/66_subordinate_range_cmp/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/66_subordinate_range_cmp/data/subgid b/tests/subids/66_subordinate_range_cmp/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/66_subordinate_range_cmp/data/subuid b/tests/subids/66_subordinate_range_cmp/data/subuid
new file mode 100644
index 0000000..1bd0022
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/data/subuid
@@ -0,0 +1,16 @@
+root:90000:5000
+root:90000:5000
+root:100000:5000
+root:100000:5000
+root:200000:10000
+root:200000:10000
+root:200000:15000
+root:200000:15000
+root:300000:10000
+root:300000:10000
+sfoo:300000:10000
+sfoo:300000:10000
+#3
+#2
+#1
+foo:105000:10000
diff --git a/tests/subids/66_subordinate_range_cmp/useradd.test b/tests/subids/66_subordinate_range_cmp/useradd.test
new file mode 100755
index 0000000..966db07
--- /dev/null
+++ b/tests/subids/66_subordinate_range_cmp/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "test the sort algorithm for subordinate IDs"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/67_invalid_subuid_file1/config.txt b/tests/subids/67_invalid_subuid_file1/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/config.txt
diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/default/useradd b/tests/subids/67_invalid_subuid_file1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/group b/tests/subids/67_invalid_subuid_file1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/gshadow b/tests/subids/67_invalid_subuid_file1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/passwd b/tests/subids/67_invalid_subuid_file1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/shadow b/tests/subids/67_invalid_subuid_file1/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/subgid b/tests/subids/67_invalid_subuid_file1/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/67_invalid_subuid_file1/config/etc/subuid b/tests/subids/67_invalid_subuid_file1/config/etc/subuid
new file mode 100644
index 0000000..5ebb946
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/config/etc/subuid
@@ -0,0 +1,2 @@
+root::5000
+root:200000:10000
diff --git a/tests/subids/67_invalid_subuid_file1/data/group b/tests/subids/67_invalid_subuid_file1/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/67_invalid_subuid_file1/data/gshadow b/tests/subids/67_invalid_subuid_file1/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/67_invalid_subuid_file1/data/passwd b/tests/subids/67_invalid_subuid_file1/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/67_invalid_subuid_file1/data/shadow b/tests/subids/67_invalid_subuid_file1/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/67_invalid_subuid_file1/data/subgid b/tests/subids/67_invalid_subuid_file1/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/67_invalid_subuid_file1/data/subuid b/tests/subids/67_invalid_subuid_file1/data/subuid
new file mode 100644
index 0000000..492cd04
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/data/subuid
@@ -0,0 +1,3 @@
+root:200000:10000
+root::5000
+foo:100000:10000
diff --git a/tests/subids/67_invalid_subuid_file1/useradd.test b/tests/subids/67_invalid_subuid_file1/useradd.test
new file mode 100755
index 0000000..acdd793
--- /dev/null
+++ b/tests/subids/67_invalid_subuid_file1/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd ignores invalid lines in /etc/subuid (no numerical subordinate user ID)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/68_invalid_subuid_file2/config.txt b/tests/subids/68_invalid_subuid_file2/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/config.txt
diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/default/useradd b/tests/subids/68_invalid_subuid_file2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/group b/tests/subids/68_invalid_subuid_file2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/gshadow b/tests/subids/68_invalid_subuid_file2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/passwd b/tests/subids/68_invalid_subuid_file2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/shadow b/tests/subids/68_invalid_subuid_file2/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/subgid b/tests/subids/68_invalid_subuid_file2/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/68_invalid_subuid_file2/config/etc/subuid b/tests/subids/68_invalid_subuid_file2/config/etc/subuid
new file mode 100644
index 0000000..154481d
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/config/etc/subuid
@@ -0,0 +1,2 @@
+root:100000:
+root:200000:10000
diff --git a/tests/subids/68_invalid_subuid_file2/data/group b/tests/subids/68_invalid_subuid_file2/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/68_invalid_subuid_file2/data/gshadow b/tests/subids/68_invalid_subuid_file2/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/68_invalid_subuid_file2/data/passwd b/tests/subids/68_invalid_subuid_file2/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/68_invalid_subuid_file2/data/shadow b/tests/subids/68_invalid_subuid_file2/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/68_invalid_subuid_file2/data/subgid b/tests/subids/68_invalid_subuid_file2/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/68_invalid_subuid_file2/data/subuid b/tests/subids/68_invalid_subuid_file2/data/subuid
new file mode 100644
index 0000000..162f05c
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/data/subuid
@@ -0,0 +1,3 @@
+root:200000:10000
+root:100000:
+foo:100000:10000
diff --git a/tests/subids/68_invalid_subuid_file2/useradd.test b/tests/subids/68_invalid_subuid_file2/useradd.test
new file mode 100755
index 0000000..fa67277
--- /dev/null
+++ b/tests/subids/68_invalid_subuid_file2/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd ignores invalid lines in /etc/subuid (no numerical subordinate user ID count)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/69_invalid_subuid_file3/config.txt b/tests/subids/69_invalid_subuid_file3/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/config.txt
diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/default/useradd b/tests/subids/69_invalid_subuid_file3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/group b/tests/subids/69_invalid_subuid_file3/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/gshadow b/tests/subids/69_invalid_subuid_file3/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/passwd b/tests/subids/69_invalid_subuid_file3/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/shadow b/tests/subids/69_invalid_subuid_file3/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/subgid b/tests/subids/69_invalid_subuid_file3/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/69_invalid_subuid_file3/config/etc/subuid b/tests/subids/69_invalid_subuid_file3/config/etc/subuid
new file mode 100644
index 0000000..86fd00d
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/config/etc/subuid
@@ -0,0 +1,2 @@
+:100000:10000
+root:200000:10000
diff --git a/tests/subids/69_invalid_subuid_file3/data/group b/tests/subids/69_invalid_subuid_file3/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/69_invalid_subuid_file3/data/gshadow b/tests/subids/69_invalid_subuid_file3/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/69_invalid_subuid_file3/data/passwd b/tests/subids/69_invalid_subuid_file3/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/69_invalid_subuid_file3/data/shadow b/tests/subids/69_invalid_subuid_file3/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/69_invalid_subuid_file3/data/subgid b/tests/subids/69_invalid_subuid_file3/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/69_invalid_subuid_file3/data/subuid b/tests/subids/69_invalid_subuid_file3/data/subuid
new file mode 100644
index 0000000..7faccee
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/data/subuid
@@ -0,0 +1,3 @@
+root:200000:10000
+:100000:10000
+foo:100000:10000
diff --git a/tests/subids/69_invalid_subuid_file3/useradd.test b/tests/subids/69_invalid_subuid_file3/useradd.test
new file mode 100755
index 0000000..89bc4cb
--- /dev/null
+++ b/tests/subids/69_invalid_subuid_file3/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd ignores invalid lines in /etc/subuid (no login name)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/subids/70_invalid_subuid_file4/config.txt b/tests/subids/70_invalid_subuid_file4/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/config.txt
diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/default/useradd b/tests/subids/70_invalid_subuid_file4/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/group b/tests/subids/70_invalid_subuid_file4/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/gshadow b/tests/subids/70_invalid_subuid_file4/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/passwd b/tests/subids/70_invalid_subuid_file4/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/shadow b/tests/subids/70_invalid_subuid_file4/config/etc/shadow
new file mode 100644
index 0000000..031ce88
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/config/etc/shadow
@@ -0,0 +1,19 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/subgid b/tests/subids/70_invalid_subuid_file4/config/etc/subgid
new file mode 100644
index 0000000..5b6b0aa
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/config/etc/subgid
@@ -0,0 +1 @@
+root:100000:599990001
diff --git a/tests/subids/70_invalid_subuid_file4/config/etc/subuid b/tests/subids/70_invalid_subuid_file4/config/etc/subuid
new file mode 100644
index 0000000..c8f2b70
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/config/etc/subuid
@@ -0,0 +1,5 @@
+root:-1:10000
+root:100000:-1
+root:100000a:10000
+root:100000:10000a
+root:200000:10000
diff --git a/tests/subids/70_invalid_subuid_file4/data/group b/tests/subids/70_invalid_subuid_file4/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/subids/70_invalid_subuid_file4/data/gshadow b/tests/subids/70_invalid_subuid_file4/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/subids/70_invalid_subuid_file4/data/passwd b/tests/subids/70_invalid_subuid_file4/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/subids/70_invalid_subuid_file4/data/shadow b/tests/subids/70_invalid_subuid_file4/data/shadow
new file mode 100644
index 0000000..8899857
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/data/shadow
@@ -0,0 +1,20 @@
+root::12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/subids/70_invalid_subuid_file4/data/subgid b/tests/subids/70_invalid_subuid_file4/data/subgid
new file mode 100644
index 0000000..dde59ae
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/data/subgid
@@ -0,0 +1,2 @@
+root:100000:599990001
+foo:600090001:10000
diff --git a/tests/subids/70_invalid_subuid_file4/data/subuid b/tests/subids/70_invalid_subuid_file4/data/subuid
new file mode 100644
index 0000000..d162a80
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/data/subuid
@@ -0,0 +1,6 @@
+root:200000:10000
+root:100000:10000a
+root:100000a:10000
+root:100000:-1
+root:-1:10000
+foo:100000:10000
diff --git a/tests/subids/70_invalid_subuid_file4/useradd.test b/tests/subids/70_invalid_subuid_file4/useradd.test
new file mode 100755
index 0000000..a20e0e9
--- /dev/null
+++ b/tests/subids/70_invalid_subuid_file4/useradd.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd ignores invalid lines in /etc/subuid (invalid numerical values)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Add user foo..."
+useradd foo
+echo "OK"
+
+echo -n "Check the passwd file..." 
+../../common/compare_file.pl data/passwd /etc/passwd 
+echo "OK" 
+echo -n "Check the group file..." 
+../../common/compare_file.pl data/group /etc/group 
+echo "OK" 
+echo -n "Check the shadow file..." 
+../../common/compare_file.pl data/shadow /etc/shadow 
+echo "OK" 
+echo -n "Check the gshadow file..." 
+../../common/compare_file.pl data/gshadow /etc/gshadow 
+echo "OK"
+echo -n "Check the /etc/subgid file..."
+diff -au data/subgid /etc/subgid
+echo "OK"
+echo -n "Check the /etc/subuid file..."
+diff -au data/subuid /etc/subuid
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/01_useradd_add_user.test b/tests/usertools/01/01_useradd_add_user.test
new file mode 100755
index 0000000..dfd0366
--- /dev/null
+++ b/tests/usertools/01/01_useradd_add_user.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 01_useradd_add_user/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 01_useradd_add_user/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_useradd_add_user/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 01_useradd_add_user/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/01_useradd_add_user/group b/tests/usertools/01/01_useradd_add_user/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/01_useradd_add_user/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/01_useradd_add_user/gshadow b/tests/usertools/01/01_useradd_add_user/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/01_useradd_add_user/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/01_useradd_add_user/passwd b/tests/usertools/01/01_useradd_add_user/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/01_useradd_add_user/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/01_useradd_add_user/shadow b/tests/usertools/01/01_useradd_add_user/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/01_useradd_add_user/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/01_userdel_delete_user.test b/tests/usertools/01/01_userdel_delete_user.test
new file mode 100755
index 0000000..132e16a
--- /dev/null
+++ b/tests/usertools/01/01_userdel_delete_user.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Delete user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Delete user test1 (userdel test1)..."
+userdel test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/02_useradd_recreate_deleted_user.test b/tests/usertools/01/02_useradd_recreate_deleted_user.test
new file mode 100755
index 0000000..44721f5
--- /dev/null
+++ b/tests/usertools/01/02_useradd_recreate_deleted_user.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Delete user test1 (userdel test1)..."
+userdel test1
+echo "OK"
+echo -n "Create user test2 (useradd test1)..."
+useradd test2
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 02_useradd_recreate_deleted_user/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 02_useradd_recreate_deleted_user/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 02_useradd_recreate_deleted_user/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 02_useradd_recreate_deleted_user/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test2 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/02_useradd_recreate_deleted_user/group b/tests/usertools/01/02_useradd_recreate_deleted_user/group
new file mode 100644
index 0000000..3b8e510
--- /dev/null
+++ b/tests/usertools/01/02_useradd_recreate_deleted_user/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test2:x:1000:
diff --git a/tests/usertools/01/02_useradd_recreate_deleted_user/gshadow b/tests/usertools/01/02_useradd_recreate_deleted_user/gshadow
new file mode 100644
index 0000000..73d0298
--- /dev/null
+++ b/tests/usertools/01/02_useradd_recreate_deleted_user/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test2:!::
diff --git a/tests/usertools/01/02_useradd_recreate_deleted_user/passwd b/tests/usertools/01/02_useradd_recreate_deleted_user/passwd
new file mode 100644
index 0000000..0a8cf88
--- /dev/null
+++ b/tests/usertools/01/02_useradd_recreate_deleted_user/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test2:x:1000:1000::/home/test2:/bin/sh
diff --git a/tests/usertools/01/02_useradd_recreate_deleted_user/shadow b/tests/usertools/01/02_useradd_recreate_deleted_user/shadow
new file mode 100644
index 0000000..1ca61d8
--- /dev/null
+++ b/tests/usertools/01/02_useradd_recreate_deleted_user/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test2:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/03_useradd_additional_options.test b/tests/usertools/01/03_useradd_additional_options.test
new file mode 100755
index 0000000..5808e45
--- /dev/null
+++ b/tests/usertools/01/03_useradd_additional_options.test
@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd options --comment, --expiredate, --shell, --inactive, --home-dir"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test3 with options)..."
+useradd --comment "comment test3" \
+	--expiredate "2006-02-04" \
+	--shell "/bin/bash" \
+	--inactive "12" \
+	--home-dir "/nonexistenthomedir" \
+	test3
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 03_useradd_additional_options/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 03_useradd_additional_options/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 03_useradd_additional_options/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 03_useradd_additional_options/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir /home/test3..."
+test ! -d /home/test3
+echo "OK"
+echo -n "no homedir /nonexistenthomedir..."
+test ! -d /nonexistenthomedir
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/03_useradd_additional_options/group b/tests/usertools/01/03_useradd_additional_options/group
new file mode 100644
index 0000000..a0c1381
--- /dev/null
+++ b/tests/usertools/01/03_useradd_additional_options/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test3:x:1000:
diff --git a/tests/usertools/01/03_useradd_additional_options/gshadow b/tests/usertools/01/03_useradd_additional_options/gshadow
new file mode 100644
index 0000000..88e4ab1
--- /dev/null
+++ b/tests/usertools/01/03_useradd_additional_options/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test3:!::
diff --git a/tests/usertools/01/03_useradd_additional_options/passwd b/tests/usertools/01/03_useradd_additional_options/passwd
new file mode 100644
index 0000000..725da57
--- /dev/null
+++ b/tests/usertools/01/03_useradd_additional_options/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test3:x:1000:1000:comment test3:/nonexistenthomedir:/bin/bash
diff --git a/tests/usertools/01/03_useradd_additional_options/shadow b/tests/usertools/01/03_useradd_additional_options/shadow
new file mode 100644
index 0000000..77fbfbc
--- /dev/null
+++ b/tests/usertools/01/03_useradd_additional_options/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test3:!:@TODAY@:0:99999:7:12:13183:
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail.test b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail.test
new file mode 100755
index 0000000..7332451
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with an existing ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -u 4242 test1)..."
+useradd -u 4242 test1
+echo "OK"
+echo -n "Create user test2 with the same ID (useradd -u 4242 test2)..."
+useradd -u 4242 test2 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+echo "All right, useradd returned error $status."
+echo -n "Check returned status..."
+test "$status" = "4"
+echo "OK"
+
+echo "useradd displayed:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au 04_useradd_add_user_with_existing_UID_fail/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_fail/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_fail/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_fail/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_fail/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/group b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/group
new file mode 100644
index 0000000..6c7895c
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:4242:
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/gshadow b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/passwd b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/passwd
new file mode 100644
index 0000000..4b6c808
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:4242:4242::/home/test1:/bin/sh
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/shadow b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/useradd.err b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/useradd.err
new file mode 100644
index 0000000..23e5962
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_fail/useradd.err
@@ -0,0 +1 @@
+useradd: UID 4242 is not unique
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o.test b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o.test
new file mode 100755
index 0000000..b630c67
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a specified existing ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -u 4242 test1)..."
+useradd -u 4242 test1
+echo "OK"
+echo -n "Create user test2 with the same ID (useradd -u 4242 -o test2)..."
+useradd -u 4242 -o test2
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_with_-o/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_with_-o/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_with_-o/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 04_useradd_add_user_with_existing_UID_with_-o/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir /home/test1..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+echo -n "no homedir /home/test2..."
+test -d /home/test2 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/group b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/group
new file mode 100644
index 0000000..a951b25
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:4242:
+test2:x:4243:
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/gshadow b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/gshadow
new file mode 100644
index 0000000..11e7389
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
+test2:!::
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/passwd b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/passwd
new file mode 100644
index 0000000..58c50dd
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:4242:4242::/home/test1:/bin/sh
+test2:x:4242:4243::/home/test2:/bin/sh
diff --git a/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/shadow b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/shadow
new file mode 100644
index 0000000..4c40f47
--- /dev/null
+++ b/tests/usertools/01/04_useradd_add_user_with_existing_UID_with_-o/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
+test2:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/04_useradd_specified_UID.test b/tests/usertools/01/04_useradd_specified_UID.test
new file mode 100755
index 0000000..240899b
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a specified ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -u 4242 test1)..."
+useradd -u 4242 test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 04_useradd_specified_UID/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 04_useradd_specified_UID/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 04_useradd_specified_UID/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 04_useradd_specified_UID/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/04_useradd_specified_UID/group b/tests/usertools/01/04_useradd_specified_UID/group
new file mode 100644
index 0000000..6c7895c
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:4242:
diff --git a/tests/usertools/01/04_useradd_specified_UID/gshadow b/tests/usertools/01/04_useradd_specified_UID/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/04_useradd_specified_UID/passwd b/tests/usertools/01/04_useradd_specified_UID/passwd
new file mode 100644
index 0000000..4b6c808
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:4242:4242::/home/test1:/bin/sh
diff --git a/tests/usertools/01/04_useradd_specified_UID/shadow b/tests/usertools/01/04_useradd_specified_UID/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/04_useradd_specified_UID_and_GID.test b/tests/usertools/01/04_useradd_specified_UID_and_GID.test
new file mode 100755
index 0000000..1e11971
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID_and_GID.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a specified existing UID and GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -u 4242 test1)..."
+useradd -u 4242 test1
+echo "OK"
+echo -n "Create user test2 with the same ID (useradd -u 4242 -g 4242 -o test2)..."
+useradd -u 4242 -g 4242 -o test2
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 04_useradd_specified_UID_and_GID/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 04_useradd_specified_UID_and_GID/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 04_useradd_specified_UID_and_GID/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 04_useradd_specified_UID_and_GID/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir /home/test1..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+echo -n "no homedir /home/test2..."
+test -d /home/test2 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/04_useradd_specified_UID_and_GID/group b/tests/usertools/01/04_useradd_specified_UID_and_GID/group
new file mode 100644
index 0000000..6c7895c
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID_and_GID/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:4242:
diff --git a/tests/usertools/01/04_useradd_specified_UID_and_GID/gshadow b/tests/usertools/01/04_useradd_specified_UID_and_GID/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID_and_GID/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/04_useradd_specified_UID_and_GID/passwd b/tests/usertools/01/04_useradd_specified_UID_and_GID/passwd
new file mode 100644
index 0000000..2603e1e
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID_and_GID/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:4242:4242::/home/test1:/bin/sh
+test2:x:4242:4242::/home/test2:/bin/sh
diff --git a/tests/usertools/01/04_useradd_specified_UID_and_GID/shadow b/tests/usertools/01/04_useradd_specified_UID_and_GID/shadow
new file mode 100644
index 0000000..4c40f47
--- /dev/null
+++ b/tests/usertools/01/04_useradd_specified_UID_and_GID/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
+test2:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID.test b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID.test
new file mode 100755
index 0000000..de2a189
--- /dev/null
+++ b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID.test
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Remove an user with a duplicate ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -u 4242 test1)..."
+useradd -u 4242 test1
+echo "OK"
+echo -n "Create user test2 with the same ID (useradd -u 4242 -o test2)..."
+useradd -u 4242 -o test2
+echo "OK"
+echo -n "Delete user test2 (userdel test2)..."
+userdel test2
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 04_userdel_delete_user_with_non_unique_UID/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 04_userdel_delete_user_with_non_unique_UID/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 04_userdel_delete_user_with_non_unique_UID/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 04_userdel_delete_user_with_non_unique_UID/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir /home/test1..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+echo -n "no homedir /home/test2..."
+test -d /home/test2 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/group b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/group
new file mode 100644
index 0000000..6c7895c
--- /dev/null
+++ b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:4242:
diff --git a/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/gshadow b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/passwd b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/passwd
new file mode 100644
index 0000000..4b6c808
--- /dev/null
+++ b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:4242:4242::/home/test1:/bin/sh
diff --git a/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/shadow b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/04_userdel_delete_user_with_non_unique_UID/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/05_useradd_invalid_numeric_primary_group.test b/tests/usertools/01/05_useradd_invalid_numeric_primary_group.test
new file mode 100755
index 0000000..04b4bd0
--- /dev/null
+++ b/tests/usertools/01/05_useradd_invalid_numeric_primary_group.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a specified unexisting GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -g 4242 test1)..."
+useradd -g 4242 test1 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+echo "OK"
+echo "All right, useradd returned error $status."
+echo -n "Check returned status..."
+test "$status" = "6"
+echo "OK"
+
+echo "useradd displayed:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au 05_useradd_invalid_numeric_primary_group/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/05_useradd_invalid_numeric_primary_group/useradd.err b/tests/usertools/01/05_useradd_invalid_numeric_primary_group/useradd.err
new file mode 100644
index 0000000..eb2629d
--- /dev/null
+++ b/tests/usertools/01/05_useradd_invalid_numeric_primary_group/useradd.err
@@ -0,0 +1 @@
+useradd: group '4242' does not exist
diff --git a/tests/usertools/01/06_useradd_invalid_named_primary_group.test b/tests/usertools/01/06_useradd_invalid_named_primary_group.test
new file mode 100755
index 0000000..ea02d5f
--- /dev/null
+++ b/tests/usertools/01/06_useradd_invalid_named_primary_group.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a specified unexisting GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1 -g nekral)..."
+useradd test1 -g nekral 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+echo "OK"
+echo "All right, useradd returned error $status."
+echo -n "Check returned status..."
+test "$status" = "6"
+echo "OK"
+
+echo "useradd displayed:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au 06_useradd_invalid_named_primary_group/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/06_useradd_invalid_named_primary_group/useradd.err b/tests/usertools/01/06_useradd_invalid_named_primary_group/useradd.err
new file mode 100644
index 0000000..2b201fe
--- /dev/null
+++ b/tests/usertools/01/06_useradd_invalid_named_primary_group/useradd.err
@@ -0,0 +1 @@
+useradd: group 'nekral' does not exist
diff --git a/tests/usertools/01/07_useradd_numerical_primary_group.test b/tests/usertools/01/07_useradd_numerical_primary_group.test
new file mode 100755
index 0000000..1f1f14c
--- /dev/null
+++ b/tests/usertools/01/07_useradd_numerical_primary_group.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a numerical GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -g 1 test1)..."
+useradd -g 1 test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 07_useradd_numerical_primary_group/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 07_useradd_numerical_primary_group/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 07_useradd_numerical_primary_group/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 07_useradd_numerical_primary_group/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/07_useradd_numerical_primary_group/group b/tests/usertools/01/07_useradd_numerical_primary_group/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/01/07_useradd_numerical_primary_group/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/01/07_useradd_numerical_primary_group/gshadow b/tests/usertools/01/07_useradd_numerical_primary_group/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/01/07_useradd_numerical_primary_group/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/01/07_useradd_numerical_primary_group/passwd b/tests/usertools/01/07_useradd_numerical_primary_group/passwd
new file mode 100644
index 0000000..902efbe
--- /dev/null
+++ b/tests/usertools/01/07_useradd_numerical_primary_group/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1::/home/test1:/bin/sh
diff --git a/tests/usertools/01/07_useradd_numerical_primary_group/shadow b/tests/usertools/01/07_useradd_numerical_primary_group/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/07_useradd_numerical_primary_group/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/08_useradd_named_primary_group.test b/tests/usertools/01/08_useradd_named_primary_group.test
new file mode 100755
index 0000000..d18acdf
--- /dev/null
+++ b/tests/usertools/01/08_useradd_named_primary_group.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a named GID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1 -g nogroup)..."
+useradd test1 -g nogroup
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 08_useradd_named_primary_group/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 08_useradd_named_primary_group/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 08_useradd_named_primary_group/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 08_useradd_named_primary_group/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/08_useradd_named_primary_group/group b/tests/usertools/01/08_useradd_named_primary_group/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/01/08_useradd_named_primary_group/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/01/08_useradd_named_primary_group/gshadow b/tests/usertools/01/08_useradd_named_primary_group/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/01/08_useradd_named_primary_group/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/01/08_useradd_named_primary_group/passwd b/tests/usertools/01/08_useradd_named_primary_group/passwd
new file mode 100644
index 0000000..42ef2e2
--- /dev/null
+++ b/tests/usertools/01/08_useradd_named_primary_group/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:65534::/home/test1:/bin/sh
diff --git a/tests/usertools/01/08_useradd_named_primary_group/shadow b/tests/usertools/01/08_useradd_named_primary_group/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/08_useradd_named_primary_group/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/09_usermod_change_user_info.test b/tests/usertools/01/09_usermod_change_user_info.test
new file mode 100755
index 0000000..75d00b2
--- /dev/null
+++ b/tests/usertools/01/09_usermod_change_user_info.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Change user information with usermod"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Change user test1..."
+usermod -g 1 --comment "comment" -e 2000-09-01 -f 17 -s /bin/bash -d /tmp test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 09_usermod_change_user_info/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 09_usermod_change_user_info/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 09_usermod_change_user_info/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 09_usermod_change_user_info/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/09_usermod_change_user_info/group b/tests/usertools/01/09_usermod_change_user_info/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/09_usermod_change_user_info/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/09_usermod_change_user_info/gshadow b/tests/usertools/01/09_usermod_change_user_info/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/09_usermod_change_user_info/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/09_usermod_change_user_info/passwd b/tests/usertools/01/09_usermod_change_user_info/passwd
new file mode 100644
index 0000000..60c8e45
--- /dev/null
+++ b/tests/usertools/01/09_usermod_change_user_info/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1:comment:/tmp:/bin/bash
diff --git a/tests/usertools/01/09_usermod_change_user_info/shadow b/tests/usertools/01/09_usermod_change_user_info/shadow
new file mode 100644
index 0000000..cf6bc25
--- /dev/null
+++ b/tests/usertools/01/09_usermod_change_user_info/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:17:11201:
diff --git a/tests/usertools/01/10_usermod_rename_user.test b/tests/usertools/01/10_usermod_rename_user.test
new file mode 100755
index 0000000..202e9b6
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Rename user test1 to test2 (usermod -l test2 test1)..."
+usermod -l test2 test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 10_usermod_rename_user/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 10_usermod_rename_user/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 10_usermod_rename_user/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 10_usermod_rename_user/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir (/home/test1)..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+echo -n "no homedir (/home/test2)..."
+test -d /home/test2 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/10_usermod_rename_user/group b/tests/usertools/01/10_usermod_rename_user/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/10_usermod_rename_user/gshadow b/tests/usertools/01/10_usermod_rename_user/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/10_usermod_rename_user/passwd b/tests/usertools/01/10_usermod_rename_user/passwd
new file mode 100644
index 0000000..0d1ab51
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test2:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/10_usermod_rename_user/shadow b/tests/usertools/01/10_usermod_rename_user/shadow
new file mode 100644
index 0000000..1ca61d8
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test2:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/10_usermod_rename_user_in_group.test b/tests/usertools/01/10_usermod_rename_user_in_group.test
new file mode 100755
index 0000000..374acab
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user_in_group.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 also in group daemon (useradd test1 -G daemon)..."
+useradd test1 -G daemon
+echo "OK"
+echo -n "Rename user test1 to test2 (usermod -l test2 test1)..."
+usermod -l test2 test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 10_usermod_rename_user_in_group/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 10_usermod_rename_user_in_group/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 10_usermod_rename_user_in_group/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 10_usermod_rename_user_in_group/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir (/home/test1)..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+echo -n "no homedir (/home/test2)..."
+test -d /home/test2 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/10_usermod_rename_user_in_group/group b/tests/usertools/01/10_usermod_rename_user_in_group/group
new file mode 100644
index 0000000..271a2c3
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user_in_group/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:test2
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/10_usermod_rename_user_in_group/gshadow b/tests/usertools/01/10_usermod_rename_user_in_group/gshadow
new file mode 100644
index 0000000..879d206
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user_in_group/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::test2
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/10_usermod_rename_user_in_group/passwd b/tests/usertools/01/10_usermod_rename_user_in_group/passwd
new file mode 100644
index 0000000..0d1ab51
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user_in_group/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test2:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/10_usermod_rename_user_in_group/shadow b/tests/usertools/01/10_usermod_rename_user_in_group/shadow
new file mode 100644
index 0000000..1ca61d8
--- /dev/null
+++ b/tests/usertools/01/10_usermod_rename_user_in_group/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test2:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/11_usermod_change_password.test b/tests/usertools/01/11_usermod_change_password.test
new file mode 100755
index 0000000..a6e7ace
--- /dev/null
+++ b/tests/usertools/01/11_usermod_change_password.test
@@ -0,0 +1,46 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Change user's password..."
+usermod -p '$1$12345678$0jEt1CYOyE.5NxWFMZyZy1' test1
+# (test1F00barbaz)
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 11_usermod_change_password/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 11_usermod_change_password/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 11_usermod_change_password/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 11_usermod_change_password/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/11_usermod_change_password/group b/tests/usertools/01/11_usermod_change_password/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/11_usermod_change_password/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/11_usermod_change_password/gshadow b/tests/usertools/01/11_usermod_change_password/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/11_usermod_change_password/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/11_usermod_change_password/passwd b/tests/usertools/01/11_usermod_change_password/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/11_usermod_change_password/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/11_usermod_change_password/shadow b/tests/usertools/01/11_usermod_change_password/shadow
new file mode 100644
index 0000000..72025a2
--- /dev/null
+++ b/tests/usertools/01/11_usermod_change_password/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:$1$12345678$0jEt1CYOyE.5NxWFMZyZy1:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/11_usermod_lock_password.test b/tests/usertools/01/11_usermod_lock_password.test
new file mode 100755
index 0000000..f5e6a9f
--- /dev/null
+++ b/tests/usertools/01/11_usermod_lock_password.test
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Change user's password..."
+usermod -p '$1$12345678$0jEt1CYOyE.5NxWFMZyZy1' test1
+# (test1F00barbaz)
+echo "OK"
+echo -n "Lock user's password..."
+usermod -L test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 11_usermod_lock_password/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 11_usermod_lock_password/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 11_usermod_lock_password/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 11_usermod_lock_password/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/11_usermod_lock_password/group b/tests/usertools/01/11_usermod_lock_password/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/11_usermod_lock_password/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/11_usermod_lock_password/gshadow b/tests/usertools/01/11_usermod_lock_password/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/11_usermod_lock_password/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/11_usermod_lock_password/passwd b/tests/usertools/01/11_usermod_lock_password/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/11_usermod_lock_password/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/11_usermod_lock_password/shadow b/tests/usertools/01/11_usermod_lock_password/shadow
new file mode 100644
index 0000000..5a236b7
--- /dev/null
+++ b/tests/usertools/01/11_usermod_lock_password/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!$1$12345678$0jEt1CYOyE.5NxWFMZyZy1:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/11_usermod_unlock_empty_password.test b/tests/usertools/01/11_usermod_unlock_empty_password.test
new file mode 100755
index 0000000..d12dfd8
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_empty_password.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Unlock user's password..."
+usermod -U test1 2>tmp/err
+echo "OK"
+
+echo "usermod displayed:"
+echo "======================================================================="
+cat tmp/err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au 11_usermod_unlock_empty_password/usermod.err tmp/err
+echo "error message OK."
+rm -f tmp/err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 11_usermod_unlock_empty_password/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 11_usermod_unlock_empty_password/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 11_usermod_unlock_empty_password/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 11_usermod_unlock_empty_password/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/11_usermod_unlock_empty_password/group b/tests/usertools/01/11_usermod_unlock_empty_password/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_empty_password/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/11_usermod_unlock_empty_password/gshadow b/tests/usertools/01/11_usermod_unlock_empty_password/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_empty_password/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/11_usermod_unlock_empty_password/passwd b/tests/usertools/01/11_usermod_unlock_empty_password/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_empty_password/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/11_usermod_unlock_empty_password/shadow b/tests/usertools/01/11_usermod_unlock_empty_password/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_empty_password/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/11_usermod_unlock_empty_password/usermod.err b/tests/usertools/01/11_usermod_unlock_empty_password/usermod.err
new file mode 100644
index 0000000..2564dbf
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_empty_password/usermod.err
@@ -0,0 +1,2 @@
+usermod: unlocking the user's password would result in a passwordless account.
+You should set a password with usermod -p to unlock this user's password.
diff --git a/tests/usertools/01/11_usermod_unlock_password.test b/tests/usertools/01/11_usermod_unlock_password.test
new file mode 100755
index 0000000..905b2c0
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_password.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Change user's password..."
+usermod -p '$1$12345678$0jEt1CYOyE.5NxWFMZyZy1' test1
+# (test1F00barbaz)
+echo "OK"
+echo -n "Lock user's password..."
+usermod -L test1
+echo "OK"
+echo -n "Unlock user's password..."
+usermod -U test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 11_usermod_unlock_password/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 11_usermod_unlock_password/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 11_usermod_unlock_password/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 11_usermod_unlock_password/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/11_usermod_unlock_password/group b/tests/usertools/01/11_usermod_unlock_password/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_password/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/11_usermod_unlock_password/gshadow b/tests/usertools/01/11_usermod_unlock_password/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_password/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/11_usermod_unlock_password/passwd b/tests/usertools/01/11_usermod_unlock_password/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_password/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/11_usermod_unlock_password/shadow b/tests/usertools/01/11_usermod_unlock_password/shadow
new file mode 100644
index 0000000..72025a2
--- /dev/null
+++ b/tests/usertools/01/11_usermod_unlock_password/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:$1$12345678$0jEt1CYOyE.5NxWFMZyZy1:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/12_usermod_change_gid_name.test b/tests/usertools/01/12_usermod_change_gid_name.test
new file mode 100755
index 0000000..8148149
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_name.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Change user's group..."
+usermod -g daemon test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 12_usermod_change_gid_name/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 12_usermod_change_gid_name/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 12_usermod_change_gid_name/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 12_usermod_change_gid_name/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/12_usermod_change_gid_name/group b/tests/usertools/01/12_usermod_change_gid_name/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_name/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/12_usermod_change_gid_name/gshadow b/tests/usertools/01/12_usermod_change_gid_name/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_name/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/12_usermod_change_gid_name/passwd b/tests/usertools/01/12_usermod_change_gid_name/passwd
new file mode 100644
index 0000000..902efbe
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_name/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1::/home/test1:/bin/sh
diff --git a/tests/usertools/01/12_usermod_change_gid_name/shadow b/tests/usertools/01/12_usermod_change_gid_name/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_name/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/12_usermod_change_gid_number.test b/tests/usertools/01/12_usermod_change_gid_number.test
new file mode 100755
index 0000000..e4172a8
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_number.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Change user's group..."
+usermod -g 1 test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 12_usermod_change_gid_number/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 12_usermod_change_gid_number/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 12_usermod_change_gid_number/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 12_usermod_change_gid_number/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/12_usermod_change_gid_number/group b/tests/usertools/01/12_usermod_change_gid_number/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_number/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/12_usermod_change_gid_number/gshadow b/tests/usertools/01/12_usermod_change_gid_number/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_number/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/12_usermod_change_gid_number/passwd b/tests/usertools/01/12_usermod_change_gid_number/passwd
new file mode 100644
index 0000000..902efbe
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_number/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1::/home/test1:/bin/sh
diff --git a/tests/usertools/01/12_usermod_change_gid_number/shadow b/tests/usertools/01/12_usermod_change_gid_number/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/12_usermod_change_gid_number/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/13_useradd_negative_UID.test b/tests/usertools/01/13_useradd_negative_UID.test
new file mode 100755
index 0000000..f049a91
--- /dev/null
+++ b/tests/usertools/01/13_useradd_negative_UID.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 with a negative UID (useradd -u -1 test1)..."
+msg=$(useradd -u -1 test1 2>&1) && exit 1 || {
+	status=$?
+}
+echo "OK"
+echo "useradd returned status $status,"
+echo "and displayed \"$msg\""
+echo -n "The returned status should be 3..."
+test "$status" = "3"
+echo "OK"
+echo -n "Test the error message (should be \"useradd: invalid user ID '-1'\")..."
+test "$msg" = "useradd: invalid user ID '-1'"
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 13_useradd_negative_UID/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 13_useradd_negative_UID/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 13_useradd_negative_UID/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 13_useradd_negative_UID/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/13_useradd_negative_UID/group b/tests/usertools/01/13_useradd_negative_UID/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/01/13_useradd_negative_UID/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/01/13_useradd_negative_UID/gshadow b/tests/usertools/01/13_useradd_negative_UID/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/01/13_useradd_negative_UID/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/01/13_useradd_negative_UID/passwd b/tests/usertools/01/13_useradd_negative_UID/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/01/13_useradd_negative_UID/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/01/13_useradd_negative_UID/shadow b/tests/usertools/01/13_useradd_negative_UID/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/01/13_useradd_negative_UID/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/01/14_useradd_out_of_range_UID.test b/tests/usertools/01/14_useradd_out_of_range_UID.test
new file mode 100755
index 0000000..88cac26
--- /dev/null
+++ b/tests/usertools/01/14_useradd_out_of_range_UID.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 with UID 4294967296 (useradd -u 4294967296 test1)..."
+msg=$(useradd -u 4294967296 test1 2>&1) && exit 1 || {
+	status=$?
+}
+echo "OK"
+echo "useradd returned status $status,"
+echo "and displayed \"$msg\""
+echo -n "The returned status should be 3..."
+test "$status" = "3"
+echo "OK"
+echo -n "Test the error message (should be \"useradd: invalid user ID '4294967296'\")..."
+test "$msg" = "useradd: invalid user ID '4294967296'"
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 14_useradd_out_of_range_UID/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 14_useradd_out_of_range_UID/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 14_useradd_out_of_range_UID/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 14_useradd_out_of_range_UID/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/14_useradd_out_of_range_UID/group b/tests/usertools/01/14_useradd_out_of_range_UID/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/01/14_useradd_out_of_range_UID/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/01/14_useradd_out_of_range_UID/gshadow b/tests/usertools/01/14_useradd_out_of_range_UID/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/01/14_useradd_out_of_range_UID/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/01/14_useradd_out_of_range_UID/passwd b/tests/usertools/01/14_useradd_out_of_range_UID/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/01/14_useradd_out_of_range_UID/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/01/14_useradd_out_of_range_UID/shadow b/tests/usertools/01/14_useradd_out_of_range_UID/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/01/14_useradd_out_of_range_UID/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/01/15_useradd_specified_large_UID.test b/tests/usertools/01/15_useradd_specified_large_UID.test
new file mode 100755
index 0000000..69fd5db
--- /dev/null
+++ b/tests/usertools/01/15_useradd_specified_large_UID.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a specified ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -u 2147483647 test1)..."
+useradd -u 2147483647 test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 15_useradd_specified_large_UID/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 15_useradd_specified_large_UID/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 15_useradd_specified_large_UID/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 15_useradd_specified_large_UID/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/15_useradd_specified_large_UID/group b/tests/usertools/01/15_useradd_specified_large_UID/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/15_useradd_specified_large_UID/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/15_useradd_specified_large_UID/gshadow b/tests/usertools/01/15_useradd_specified_large_UID/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/15_useradd_specified_large_UID/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/15_useradd_specified_large_UID/passwd b/tests/usertools/01/15_useradd_specified_large_UID/passwd
new file mode 100644
index 0000000..116c1c7
--- /dev/null
+++ b/tests/usertools/01/15_useradd_specified_large_UID/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:2147483647:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/15_useradd_specified_large_UID/shadow b/tests/usertools/01/15_useradd_specified_large_UID/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/15_useradd_specified_large_UID/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/16_useradd_add_user_to_multiple_groups.test b/tests/usertools/01/16_useradd_add_user_to_multiple_groups.test
new file mode 100755
index 0000000..3e0323e
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_multiple_groups.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1, and add it to group src (useradd test1 -g src)..."
+useradd test1 -g nogroup -G src,daemon,bin
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 16_useradd_add_user_to_multiple_groups/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 16_useradd_add_user_to_multiple_groups/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 16_useradd_add_user_to_multiple_groups/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 16_useradd_add_user_to_multiple_groups/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/16_useradd_add_user_to_multiple_groups/group b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/group
new file mode 100644
index 0000000..04d5635
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:test1
+bin:x:2:test1
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:test1
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/01/16_useradd_add_user_to_multiple_groups/gshadow b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/gshadow
new file mode 100644
index 0000000..1605ab6
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::test1
+bin:*::test1
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::test1
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/01/16_useradd_add_user_to_multiple_groups/passwd b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/passwd
new file mode 100644
index 0000000..42ef2e2
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:65534::/home/test1:/bin/sh
diff --git a/tests/usertools/01/16_useradd_add_user_to_multiple_groups/shadow b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_multiple_groups/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/16_useradd_add_user_to_one_group.test b/tests/usertools/01/16_useradd_add_user_to_one_group.test
new file mode 100755
index 0000000..38c0020
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_one_group.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1, and add it to group src (useradd test1 -g src)..."
+useradd test1 -G src
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 16_useradd_add_user_to_one_group/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 16_useradd_add_user_to_one_group/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 16_useradd_add_user_to_one_group/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 16_useradd_add_user_to_one_group/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/16_useradd_add_user_to_one_group/group b/tests/usertools/01/16_useradd_add_user_to_one_group/group
new file mode 100644
index 0000000..1c6668e
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_one_group/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:test1
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/16_useradd_add_user_to_one_group/gshadow b/tests/usertools/01/16_useradd_add_user_to_one_group/gshadow
new file mode 100644
index 0000000..680a5dc
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_one_group/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::test1
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/16_useradd_add_user_to_one_group/passwd b/tests/usertools/01/16_useradd_add_user_to_one_group/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_one_group/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/16_useradd_add_user_to_one_group/shadow b/tests/usertools/01/16_useradd_add_user_to_one_group/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/16_useradd_add_user_to_one_group/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/17_useradd_create_homedir.test b/tests/usertools/01/17_useradd_create_homedir.test
new file mode 100755
index 0000000..cf27140
--- /dev/null
+++ b/tests/usertools/01/17_useradd_create_homedir.test
@@ -0,0 +1,46 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 with homedir (useradd --create-home test1)..."
+useradd --create-home test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 01_useradd_add_user/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 01_useradd_add_user/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_useradd_add_user/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 01_useradd_add_user/gshadow /etc/gshadow
+echo "OK"
+echo -n "homedir created..."
+test -d /home/test1
+echo "OK"
+echo -n "Check if skeleton files were added..."
+diff -rauN /etc/skel /home/test1
+echo "OK"
+rm -rf /home/test1
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/17_useradd_create_homedir/group b/tests/usertools/01/17_useradd_create_homedir/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/17_useradd_create_homedir/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/17_useradd_create_homedir/gshadow b/tests/usertools/01/17_useradd_create_homedir/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/17_useradd_create_homedir/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/17_useradd_create_homedir/passwd b/tests/usertools/01/17_useradd_create_homedir/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/17_useradd_create_homedir/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/17_useradd_create_homedir/shadow b/tests/usertools/01/17_useradd_create_homedir/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/17_useradd_create_homedir/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/18_userdel_remove_homedir.test b/tests/usertools/01/18_userdel_remove_homedir.test
new file mode 100755
index 0000000..085381d
--- /dev/null
+++ b/tests/usertools/01/18_userdel_remove_homedir.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 with homedir (useradd --create-home test1)..."
+useradd --create-home test1
+echo "OK"
+echo -n "Delete user test1 with homedir (userdel --remove test1)..."
+userdel --remove test1 2>tmp/userdel.err
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check the userdel message..."
+diff -au 18_userdel_remove_homedir/userdel.err tmp/userdel.err
+echo "userdel message OK."
+rm -f tmp/userdel.err
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "homedir removed..."
+test ! -d /home/test1
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/18_userdel_remove_homedir/group b/tests/usertools/01/18_userdel_remove_homedir/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/18_userdel_remove_homedir/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/18_userdel_remove_homedir/gshadow b/tests/usertools/01/18_userdel_remove_homedir/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/18_userdel_remove_homedir/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/18_userdel_remove_homedir/passwd b/tests/usertools/01/18_userdel_remove_homedir/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/18_userdel_remove_homedir/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/18_userdel_remove_homedir/shadow b/tests/usertools/01/18_userdel_remove_homedir/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/18_userdel_remove_homedir/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/18_userdel_remove_homedir/userdel.err b/tests/usertools/01/18_userdel_remove_homedir/userdel.err
new file mode 100644
index 0000000..0b2f1ff
--- /dev/null
+++ b/tests/usertools/01/18_userdel_remove_homedir/userdel.err
@@ -0,0 +1 @@
+userdel: test1 mail spool (/var/mail/test1) not found
diff --git a/tests/usertools/01/19_userdel_delete_user_in_group.test b/tests/usertools/01/19_userdel_delete_user_in_group.test
new file mode 100755
index 0000000..7787899
--- /dev/null
+++ b/tests/usertools/01/19_userdel_delete_user_in_group.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Delete user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 and add it to groups daemon and bin (useradd test1 -G daemon,bin)..."
+useradd test1 -G daemon,bin
+echo "OK"
+echo -n "Delete user test1 (userdel test1)..."
+userdel test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/20_usermod_change_homedir.test b/tests/usertools/01/20_usermod_change_homedir.test
new file mode 100755
index 0000000..6ef6e8f
--- /dev/null
+++ b/tests/usertools/01/20_usermod_change_homedir.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Delete user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 and its homedir (useradd test1 -m)..."
+useradd test1 -m
+echo "OK"
+echo -n "Change the user's homedir (usermod --home /home/test1.new test1)..."
+usermod --home /home/test1.new test1
+echo "OK"
+echo -n "Test if the new homedir was not created..."
+test ! -d /home/test1.new
+echo "OK"
+echo -n "test if the old homedir was kept..."
+test -d /home/test1
+echo "OK"
+echo -n "Delete user test1 (userdel test1)..."
+userdel test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "old homedir kept (/home/test1)..."
+test -d /home/test1
+echo "OK"
+echo -n "no homedir (/home/test1.new)..."
+test ! -d /home/test1.new
+echo "OK"
+rm -rf /home/test1
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/21_usermod_change_and_move_homedir.test b/tests/usertools/01/21_usermod_change_and_move_homedir.test
new file mode 100755
index 0000000..0f26920
--- /dev/null
+++ b/tests/usertools/01/21_usermod_change_and_move_homedir.test
@@ -0,0 +1,67 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Delete user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 and its homedir (useradd test1 -m)..."
+useradd test1 -m
+echo "OK"
+echo -n "Change the user's homedir (usermod -m --home /home/test1.new test1)..."
+usermod -m --home /home/test1.new test1
+echo "OK"
+echo -n "Test if the new homedir exists..."
+test -d /home/test1.new
+echo "OK"
+echo -n "test if the old homedir was removed..."
+test ! -d /home/test1
+echo "OK"
+echo -n "Delete user test1 (userdel test1)..."
+userdel test1 --remove 2>tmp/userdel.err
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check the userdel message..."
+diff -au 18_userdel_remove_homedir/userdel.err tmp/userdel.err
+echo "userdel message OK."
+rm -f tmp/userdel.err
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir (/home/test1)..."
+test ! -d /home/test1
+echo "OK"
+echo -n "no homedir (/home/test1.new)..."
+test ! -d /home/test1.new
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/22_usermod_new_groups.test b/tests/usertools/01/22_usermod_new_groups.test
new file mode 100755
index 0000000..2cbdfa2
--- /dev/null
+++ b/tests/usertools/01/22_usermod_new_groups.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+echo -n "Add test1 to groups nogroup, daemon, and src..."
+usermod -G nogroup,daemon,src test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 22_usermod_new_groups/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 22_usermod_new_groups/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 22_usermod_new_groups/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 22_usermod_new_groups/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/22_usermod_new_groups/group b/tests/usertools/01/22_usermod_new_groups/group
new file mode 100644
index 0000000..e529520
--- /dev/null
+++ b/tests/usertools/01/22_usermod_new_groups/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:test1
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:test1
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:test1
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/22_usermod_new_groups/gshadow b/tests/usertools/01/22_usermod_new_groups/gshadow
new file mode 100644
index 0000000..87749e3
--- /dev/null
+++ b/tests/usertools/01/22_usermod_new_groups/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::test1
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::test1
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::test1
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/22_usermod_new_groups/passwd b/tests/usertools/01/22_usermod_new_groups/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/22_usermod_new_groups/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/22_usermod_new_groups/shadow b/tests/usertools/01/22_usermod_new_groups/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/22_usermod_new_groups/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/23_usermod_add_groups.test b/tests/usertools/01/23_usermod_add_groups.test
new file mode 100755
index 0000000..754bdd4
--- /dev/null
+++ b/tests/usertools/01/23_usermod_add_groups.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 and add it to group bin (useradd test1 -G bin)..."
+useradd test1 -G bin
+echo "OK"
+echo -n "Add test1 to the additional groups nogroup, daemon, and src..."
+usermod -a -G nogroup,daemon,src test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 23_usermod_add_groups/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 23_usermod_add_groups/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 23_usermod_add_groups/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 23_usermod_add_groups/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/23_usermod_add_groups/group b/tests/usertools/01/23_usermod_add_groups/group
new file mode 100644
index 0000000..09243dd
--- /dev/null
+++ b/tests/usertools/01/23_usermod_add_groups/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:test1
+bin:x:2:test1
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:test1
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:test1
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/23_usermod_add_groups/gshadow b/tests/usertools/01/23_usermod_add_groups/gshadow
new file mode 100644
index 0000000..a572a19
--- /dev/null
+++ b/tests/usertools/01/23_usermod_add_groups/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::test1
+bin:*::test1
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::test1
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::test1
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/23_usermod_add_groups/passwd b/tests/usertools/01/23_usermod_add_groups/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/23_usermod_add_groups/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/23_usermod_add_groups/shadow b/tests/usertools/01/23_usermod_add_groups/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/23_usermod_add_groups/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/24_usermod_new_groups_remove_old_groups.test b/tests/usertools/01/24_usermod_new_groups_remove_old_groups.test
new file mode 100755
index 0000000..6b217c6
--- /dev/null
+++ b/tests/usertools/01/24_usermod_new_groups_remove_old_groups.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 and add it to group bin (useradd test1 -G bin)..."
+useradd test1 -G bin
+echo "OK"
+echo -n "Change the groups of test1 to nogroup, daemon, and src..."
+usermod -G nogroup,daemon,src test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 24_usermod_new_groups_remove_old_groups/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 24_usermod_new_groups_remove_old_groups/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 24_usermod_new_groups_remove_old_groups/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 24_usermod_new_groups_remove_old_groups/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/24_usermod_new_groups_remove_old_groups/group b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/group
new file mode 100644
index 0000000..e529520
--- /dev/null
+++ b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:test1
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:test1
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:test1
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/24_usermod_new_groups_remove_old_groups/gshadow b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/gshadow
new file mode 100644
index 0000000..87749e3
--- /dev/null
+++ b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::test1
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::test1
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::test1
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/24_usermod_new_groups_remove_old_groups/passwd b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/passwd
new file mode 100644
index 0000000..0b4b0fa
--- /dev/null
+++ b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/24_usermod_new_groups_remove_old_groups/shadow b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/24_usermod_new_groups_remove_old_groups/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/25_useradd_specified_large_UID2.test b/tests/usertools/01/25_useradd_specified_large_UID2.test
new file mode 100755
index 0000000..ed4858c
--- /dev/null
+++ b/tests/usertools/01/25_useradd_specified_large_UID2.test
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user with a specified ID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd -u 4294967294 test1)..."
+useradd -u 4294967294 test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 25_useradd_specified_large_UID2/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 25_useradd_specified_large_UID2/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 25_useradd_specified_large_UID2/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 25_useradd_specified_large_UID2/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/25_useradd_specified_large_UID2/group b/tests/usertools/01/25_useradd_specified_large_UID2/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/01/25_useradd_specified_large_UID2/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/01/25_useradd_specified_large_UID2/gshadow b/tests/usertools/01/25_useradd_specified_large_UID2/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/01/25_useradd_specified_large_UID2/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/01/25_useradd_specified_large_UID2/passwd b/tests/usertools/01/25_useradd_specified_large_UID2/passwd
new file mode 100644
index 0000000..cef4912
--- /dev/null
+++ b/tests/usertools/01/25_useradd_specified_large_UID2/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:4294967294:1000::/home/test1:/bin/sh
diff --git a/tests/usertools/01/25_useradd_specified_large_UID2/shadow b/tests/usertools/01/25_useradd_specified_large_UID2/shadow
new file mode 100644
index 0000000..5920e12
--- /dev/null
+++ b/tests/usertools/01/25_useradd_specified_large_UID2/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/01/26_useradd_UID_-1.test b/tests/usertools/01/26_useradd_UID_-1.test
new file mode 100755
index 0000000..18bedb5
--- /dev/null
+++ b/tests/usertools/01/26_useradd_UID_-1.test
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 with UID 4294967295 (useradd -u 4294967295 test1)..."
+msg=$(useradd -u 4294967295 test1 2>&1) && exit 1 || {
+	status=$?
+}
+echo "OK"
+echo "useradd returned status $status,"
+echo "and displayed \"$msg\""
+echo -n "The returned status should be 3..."
+test "$status" = "3"
+echo "OK"
+echo -n "Test the error message (should be \"useradd: invalid user ID '4294967295'\")..."
+test "$msg" = "useradd: invalid user ID '4294967295'"
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 26_useradd_UID_-1/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 26_useradd_UID_-1/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 26_useradd_UID_-1/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 26_useradd_UID_-1/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/01/26_useradd_UID_-1/group b/tests/usertools/01/26_useradd_UID_-1/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/01/26_useradd_UID_-1/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/01/26_useradd_UID_-1/gshadow b/tests/usertools/01/26_useradd_UID_-1/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/01/26_useradd_UID_-1/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/01/26_useradd_UID_-1/passwd b/tests/usertools/01/26_useradd_UID_-1/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/01/26_useradd_UID_-1/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/01/26_useradd_UID_-1/shadow b/tests/usertools/01/26_useradd_UID_-1/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/01/26_useradd_UID_-1/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/01/config/etc/default/useradd b/tests/usertools/01/config/etc/default/useradd
new file mode 100644
index 0000000..64dec7d
--- /dev/null
+++ b/tests/usertools/01/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/home
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=-1
+#
+# The default expire date
+EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/01/config/etc/group b/tests/usertools/01/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/01/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/01/config/etc/gshadow b/tests/usertools/01/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/01/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/01/config/etc/passwd b/tests/usertools/01/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/01/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/01/config/etc/shadow b/tests/usertools/01/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/01/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/02/config.txt b/tests/usertools/02/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/usertools/02/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/usertools/02/config/etc/default/useradd b/tests/usertools/02/config/etc/default/useradd
new file mode 100644
index 0000000..a834fef
--- /dev/null
+++ b/tests/usertools/02/config/etc/default/useradd
@@ -0,0 +1,37 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
diff --git a/tests/usertools/02/config/etc/group b/tests/usertools/02/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/usertools/02/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/usertools/02/config/etc/gshadow b/tests/usertools/02/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/usertools/02/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/usertools/02/config/etc/passwd b/tests/usertools/02/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/usertools/02/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/usertools/02/config/etc/shadow b/tests/usertools/02/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/usertools/02/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/usertools/02/data/useradd-D.out b/tests/usertools/02/data/useradd-D.out
new file mode 100644
index 0000000..a3f48f3
--- /dev/null
+++ b/tests/usertools/02/data/useradd-D.out
@@ -0,0 +1,7 @@
+GROUP=100
+HOME=/home
+INACTIVE=-1
+EXPIRE=
+SHELL=/bin/sh
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/02/data/useradd-D_default_values.out b/tests/usertools/02/data/useradd-D_default_values.out
new file mode 100644
index 0000000..1eb58e2
--- /dev/null
+++ b/tests/usertools/02/data/useradd-D_default_values.out
@@ -0,0 +1,7 @@
+GROUP=100
+HOME=/home
+INACTIVE=-1
+EXPIRE=
+SHELL=
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/02/useradd_change_default_EXPIRE.test b/tests/usertools/02/useradd_change_default_EXPIRE.test
new file mode 100755
index 0000000..6901603
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_EXPIRE.test
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: get default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change default shell (useradd -D --expiredate 1979-11-24)..."
+useradd -D --expiredate 1979-11-24
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au useradd_change_default_EXPIRE/useradd.default /etc/default/useradd
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/02/useradd_change_default_EXPIRE/useradd.default b/tests/usertools/02/useradd_change_default_EXPIRE/useradd.default
new file mode 100644
index 0000000..aa3cd2b
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_EXPIRE/useradd.default
@@ -0,0 +1,43 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
+GROUP=100
+HOME=/home
+INACTIVE=-1
+EXPIRE=1979-11-24
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/02/useradd_change_default_GROUP.test b/tests/usertools/02/useradd_change_default_GROUP.test
new file mode 100755
index 0000000..07ea62b
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_GROUP.test
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: get default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change default shell (useradd -D --gid nogroup)..."
+useradd -D --gid nogroup
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au useradd_change_default_GROUP/useradd.default /etc/default/useradd
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/02/useradd_change_default_GROUP/useradd.default b/tests/usertools/02/useradd_change_default_GROUP/useradd.default
new file mode 100644
index 0000000..c26a28b
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_GROUP/useradd.default
@@ -0,0 +1,43 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
+GROUP=65534
+HOME=/home
+INACTIVE=-1
+EXPIRE=
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/02/useradd_change_default_HOME.test b/tests/usertools/02/useradd_change_default_HOME.test
new file mode 100755
index 0000000..8d8357c
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_HOME.test
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: get default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change default shell (useradd -D --base-dir /tmp)..."
+useradd -D --base-dir /tmp
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au useradd_change_default_HOME/useradd.default /etc/default/useradd
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/02/useradd_change_default_HOME/useradd.default b/tests/usertools/02/useradd_change_default_HOME/useradd.default
new file mode 100644
index 0000000..75953c6
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_HOME/useradd.default
@@ -0,0 +1,43 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
+GROUP=100
+HOME=/tmp
+INACTIVE=-1
+EXPIRE=
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/02/useradd_change_default_INACTIVE.test b/tests/usertools/02/useradd_change_default_INACTIVE.test
new file mode 100755
index 0000000..7257439
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_INACTIVE.test
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: get default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change default shell (useradd -D --inactive 10)..."
+useradd -D --inactive 10
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au useradd_change_default_INACTIVE/useradd.default /etc/default/useradd
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/02/useradd_change_default_INACTIVE/useradd.default b/tests/usertools/02/useradd_change_default_INACTIVE/useradd.default
new file mode 100644
index 0000000..fc2f084
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_INACTIVE/useradd.default
@@ -0,0 +1,43 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
+GROUP=100
+HOME=/home
+INACTIVE=10
+EXPIRE=
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/02/useradd_change_default_SHELL.test b/tests/usertools/02/useradd_change_default_SHELL.test
new file mode 100755
index 0000000..d6c22dc
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_SHELL.test
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: get default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change default shell (useradd -D --shell /bin/foobar)..."
+useradd -D --shell /bin/foobar
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au useradd_change_default_SHELL/useradd.default /etc/default/useradd
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/02/useradd_change_default_SHELL/useradd.default b/tests/usertools/02/useradd_change_default_SHELL/useradd.default
new file mode 100644
index 0000000..421f1a0
--- /dev/null
+++ b/tests/usertools/02/useradd_change_default_SHELL/useradd.default
@@ -0,0 +1,43 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
+GROUP=100
+HOME=/home
+INACTIVE=-1
+EXPIRE=
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/02/useradd_change_defaults.test b/tests/usertools/02/useradd_change_defaults.test
new file mode 100755
index 0000000..665a995
--- /dev/null
+++ b/tests/usertools/02/useradd_change_defaults.test
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: set all default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change useradd defaults..."
+useradd -D -b /var/tmp -e 1979-11-24 -f 12 -g 1 -s /usr/bin/foobar
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au useradd_change_defaults/useradd.default /etc/default/useradd
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/02/useradd_change_defaults/useradd.default b/tests/usertools/02/useradd_change_defaults/useradd.default
new file mode 100644
index 0000000..9edb781
--- /dev/null
+++ b/tests/usertools/02/useradd_change_defaults/useradd.default
@@ -0,0 +1,43 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/usr/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+# GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+# HOME=/home
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+# INACTIVE=-1
+#
+# The default expire date
+# EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
+
+GROUP=1
+HOME=/var/tmp
+INACTIVE=12
+EXPIRE=1979-11-24
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/02/useradd_default_default_values.test b/tests/usertools/02/useradd_default_default_values.test
new file mode 100755
index 0000000..4c6cf0e
--- /dev/null
+++ b/tests/usertools/02/useradd_default_default_values.test
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: get default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/default/useradd..."
+rm -f /etc/default/useradd
+echo "OK"
+
+echo -n "Get default values: 'useradd -D > tmp/out'..."
+useradd -D > tmp/out
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au data/useradd-D_default_values.out tmp/out
+echo "OK"
+
+rm -f tmp/out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/02/useradd_get_default_values.test b/tests/usertools/02/useradd_get_default_values.test
new file mode 100755
index 0000000..a18fb04
--- /dev/null
+++ b/tests/usertools/02/useradd_get_default_values.test
@@ -0,0 +1,32 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: get default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get default values: 'useradd -D > tmp/out'..."
+useradd -D > tmp/out
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au data/useradd-D.out tmp/out
+echo "OK"
+
+rm -f tmp/out
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/03/config.txt b/tests/usertools/03/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/usertools/03/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/usertools/03/config/etc/default/useradd b/tests/usertools/03/config/etc/default/useradd
new file mode 100644
index 0000000..f34b3ff
--- /dev/null
+++ b/tests/usertools/03/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+# SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=100
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/home
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=-1
+#
+# The default expire date
+EXPIRE=
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/03/config/etc/group b/tests/usertools/03/config/etc/group
new file mode 100644
index 0000000..245cc9c
--- /dev/null
+++ b/tests/usertools/03/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+myuser:x:424242:
diff --git a/tests/usertools/03/config/etc/gshadow b/tests/usertools/03/config/etc/gshadow
new file mode 100644
index 0000000..25bd55b
--- /dev/null
+++ b/tests/usertools/03/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+myuser:x::
diff --git a/tests/usertools/03/config/etc/passwd b/tests/usertools/03/config/etc/passwd
new file mode 100644
index 0000000..6eefe5a
--- /dev/null
+++ b/tests/usertools/03/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+myuser:x:424242:424242::/home:/bin/bash
+testsuite::424243:424243::/home:/bin/bash
diff --git a/tests/usertools/03/config/etc/shadow b/tests/usertools/03/config/etc/shadow
new file mode 100644
index 0000000..038d5cf
--- /dev/null
+++ b/tests/usertools/03/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+myuser:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12991:0:99999:7:::
diff --git a/tests/usertools/03/useradd_change_defaults.test b/tests/usertools/03/useradd_change_defaults.test
new file mode 100755
index 0000000..665a995
--- /dev/null
+++ b/tests/usertools/03/useradd_change_defaults.test
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "useradd -D: set all default values"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change useradd defaults..."
+useradd -D -b /var/tmp -e 1979-11-24 -f 12 -g 1 -s /usr/bin/foobar
+echo "OK"
+
+echo -n "Check the default values..."
+diff -au useradd_change_defaults/useradd.default /etc/default/useradd
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/03/useradd_change_defaults/useradd.default b/tests/usertools/03/useradd_change_defaults/useradd.default
new file mode 100644
index 0000000..7ef8db6
--- /dev/null
+++ b/tests/usertools/03/useradd_change_defaults/useradd.default
@@ -0,0 +1,37 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+# SHELL=/bin/sh
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=1
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/var/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=1979-11-24
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=yes
+SHELL=/usr/bin/foobar
diff --git a/tests/usertools/04/01_useradd_add_user.test b/tests/usertools/04/01_useradd_add_user.test
new file mode 100755
index 0000000..47aea8a
--- /dev/null
+++ b/tests/usertools/04/01_useradd_add_user.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "Add a new user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+useradd test1
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl 01_useradd_add_user/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl 01_useradd_add_user/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl 01_useradd_add_user/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl 01_useradd_add_user/gshadow /etc/gshadow
+echo "OK"
+echo -n "no homedir (/home/test1)..."
+test -d /home/test1 && exit 1 || true
+echo "OK"
+echo -n "no homedir (/tmp/test1)..."
+test -d /tmp/test1 && exit 1 || true
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/04/01_useradd_add_user/group b/tests/usertools/04/01_useradd_add_user/group
new file mode 100644
index 0000000..ff31912
--- /dev/null
+++ b/tests/usertools/04/01_useradd_add_user/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+test1:x:1000:
diff --git a/tests/usertools/04/01_useradd_add_user/gshadow b/tests/usertools/04/01_useradd_add_user/gshadow
new file mode 100644
index 0000000..90e8eac
--- /dev/null
+++ b/tests/usertools/04/01_useradd_add_user/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test1:!::
diff --git a/tests/usertools/04/01_useradd_add_user/passwd b/tests/usertools/04/01_useradd_add_user/passwd
new file mode 100644
index 0000000..725e58b
--- /dev/null
+++ b/tests/usertools/04/01_useradd_add_user/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+test1:x:1000:1000::/tmp/test1:/bin/foobar
diff --git a/tests/usertools/04/01_useradd_add_user/shadow b/tests/usertools/04/01_useradd_add_user/shadow
new file mode 100644
index 0000000..116140f
--- /dev/null
+++ b/tests/usertools/04/01_useradd_add_user/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+test1:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/04/config.txt b/tests/usertools/04/config.txt
new file mode 100644
index 0000000..aecff4a
--- /dev/null
+++ b/tests/usertools/04/config.txt
@@ -0,0 +1,3 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
diff --git a/tests/usertools/04/config/etc/default/useradd b/tests/usertools/04/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/04/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/04/config/etc/group b/tests/usertools/04/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/04/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/04/config/etc/gshadow b/tests/usertools/04/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/04/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/04/config/etc/passwd b/tests/usertools/04/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/04/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/04/config/etc/shadow b/tests/usertools/04/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/04/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/05_userdel_del_from_group_members/config.txt b/tests/usertools/05_userdel_del_from_group_members/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/05_userdel_del_from_group_members/config/etc/default/useradd b/tests/usertools/05_userdel_del_from_group_members/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/05_userdel_del_from_group_members/config/etc/group b/tests/usertools/05_userdel_del_from_group_members/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/05_userdel_del_from_group_members/config/etc/gshadow b/tests/usertools/05_userdel_del_from_group_members/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/05_userdel_del_from_group_members/config/etc/passwd b/tests/usertools/05_userdel_del_from_group_members/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/usertools/05_userdel_del_from_group_members/config/etc/shadow b/tests/usertools/05_userdel_del_from_group_members/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/05_userdel_del_from_group_members/data/group b/tests/usertools/05_userdel_del_from_group_members/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/05_userdel_del_from_group_members/data/gshadow b/tests/usertools/05_userdel_del_from_group_members/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/05_userdel_del_from_group_members/data/passwd b/tests/usertools/05_userdel_del_from_group_members/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/05_userdel_del_from_group_members/data/shadow b/tests/usertools/05_userdel_del_from_group_members/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/05_userdel_del_from_group_members/userdel.test b/tests/usertools/05_userdel_del_from_group_members/userdel.test
new file mode 100755
index 0000000..89e749b
--- /dev/null
+++ b/tests/usertools/05_userdel_del_from_group_members/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel removes the user from the member lists of /etc/group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user test1 (useradd test1)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config.txt b/tests/usertools/06_userdel_del_from_gshadow_members/config.txt
new file mode 100644
index 0000000..73de400
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/gshadow only
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/default/useradd b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/group b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/group
new file mode 100644
index 0000000..0bf8d5d
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root,foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/gshadow b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/gshadow
new file mode 100644
index 0000000..ad90310
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/passwd b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/shadow b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/data/group b/tests/usertools/06_userdel_del_from_gshadow_members/data/group
new file mode 100644
index 0000000..838b9b9
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/data/gshadow b/tests/usertools/06_userdel_del_from_gshadow_members/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/data/passwd b/tests/usertools/06_userdel_del_from_gshadow_members/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/data/shadow b/tests/usertools/06_userdel_del_from_gshadow_members/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/06_userdel_del_from_gshadow_members/userdel.test b/tests/usertools/06_userdel_del_from_gshadow_members/userdel.test
new file mode 100755
index 0000000..dd502f3
--- /dev/null
+++ b/tests/usertools/06_userdel_del_from_gshadow_members/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel removes the user from the member lists of /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config.txt b/tests/usertools/07_userdel_del_from_gshadow_admins/config.txt
new file mode 100644
index 0000000..56313e3
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config.txt
@@ -0,0 +1,2 @@
+user foo, admin of group users according to /etc/gshadow
+user foo in group users according to /etc/group
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/default/useradd b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/group b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/group
new file mode 100644
index 0000000..f60e18c
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/gshadow b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/gshadow
new file mode 100644
index 0000000..59e5042
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo:root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/passwd b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/shadow b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/data/group b/tests/usertools/07_userdel_del_from_gshadow_admins/data/group
new file mode 100644
index 0000000..838b9b9
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/data/gshadow b/tests/usertools/07_userdel_del_from_gshadow_admins/data/gshadow
new file mode 100644
index 0000000..0f3592a
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/data/passwd b/tests/usertools/07_userdel_del_from_gshadow_admins/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/data/shadow b/tests/usertools/07_userdel_del_from_gshadow_admins/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/07_userdel_del_from_gshadow_admins/userdel.test b/tests/usertools/07_userdel_del_from_gshadow_admins/userdel.test
new file mode 100755
index 0000000..b14aeb2
--- /dev/null
+++ b/tests/usertools/07_userdel_del_from_gshadow_admins/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel removes the user from the admins lists of /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config.txt b/tests/usertools/08_userdel_del_from_group_and_gshadow/config.txt
new file mode 100644
index 0000000..d339d5a
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config.txt
@@ -0,0 +1,4 @@
+user foo, in group users and mail according to /etc/group
+user foo, in group disk and audio according to /etc/gshadow
+foo member and admin of group users according to /etc/gshadow
+root in group users
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/default/useradd b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/group b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/group
new file mode 100644
index 0000000..bb62de1
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:foo
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo,root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/gshadow b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..7556fcf
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::foo
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::foo
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:foo,root:root,foo
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/passwd b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/passwd
new file mode 100644
index 0000000..dc7bf84
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/shadow b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/data/group b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/group
new file mode 100644
index 0000000..838b9b9
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:root
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/data/gshadow b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/gshadow
new file mode 100644
index 0000000..f8384c9
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*:root:root
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/data/passwd b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/data/shadow b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/08_userdel_del_from_group_and_gshadow/userdel.test b/tests/usertools/08_userdel_del_from_group_and_gshadow/userdel.test
new file mode 100755
index 0000000..db13fb4
--- /dev/null
+++ b/tests/usertools/08_userdel_del_from_group_and_gshadow/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel removes the user from lists in /etc/group and /etc/gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/09_userdel_del_homedir/config.txt b/tests/usertools/09_userdel_del_homedir/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/09_userdel_del_homedir/config/etc/default/useradd b/tests/usertools/09_userdel_del_homedir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/09_userdel_del_homedir/config/etc/group b/tests/usertools/09_userdel_del_homedir/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/09_userdel_del_homedir/config/etc/gshadow b/tests/usertools/09_userdel_del_homedir/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/09_userdel_del_homedir/config/etc/passwd b/tests/usertools/09_userdel_del_homedir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/09_userdel_del_homedir/config/etc/shadow b/tests/usertools/09_userdel_del_homedir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/09_userdel_del_homedir/data/group b/tests/usertools/09_userdel_del_homedir/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/09_userdel_del_homedir/data/gshadow b/tests/usertools/09_userdel_del_homedir/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/09_userdel_del_homedir/data/passwd b/tests/usertools/09_userdel_del_homedir/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/09_userdel_del_homedir/data/shadow b/tests/usertools/09_userdel_del_homedir/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/09_userdel_del_homedir/userdel.test b/tests/usertools/09_userdel_del_homedir/userdel.test
new file mode 100755
index 0000000..5d2a7aa
--- /dev/null
+++ b/tests/usertools/09_userdel_del_homedir/userdel.test
@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel can delete the user's home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+mkdir /home/foo
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo' 0
+echo toto > /home/foo/toto
+touch /var/mail/foo
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /var/mail/foo /home/foo' 0
+chown -R foo:foo /var/mail/foo /home/foo
+
+echo -n "Delete user foo (userdel -r foo)..."
+userdel -r foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was removed..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check the user's mail spool was removed..."
+test ! -f /var/mail/foo
+echo "OK"
+
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config.txt b/tests/usertools/10_userdel_del_homedir_wrong_owner/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/default/useradd b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/group b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/gshadow b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/passwd b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/shadow b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/data/group b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/data/gshadow b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/data/passwd b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/data/shadow b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/data/userdel.err b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/userdel.err
new file mode 100644
index 0000000..ca8e8ab
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/data/userdel.err
@@ -0,0 +1 @@
+userdel: /home/foo not owned by foo, not removing
diff --git a/tests/usertools/10_userdel_del_homedir_wrong_owner/userdel.test b/tests/usertools/10_userdel_del_homedir_wrong_owner/userdel.test
new file mode 100755
index 0000000..37b1674
--- /dev/null
+++ b/tests/usertools/10_userdel_del_homedir_wrong_owner/userdel.test
@@ -0,0 +1,69 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel does not delete the user's home directory if it is not owned by the user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /var/mail/foo /home/foo' 0
+
+change_config
+
+mkdir /home/foo
+echo toto > /home/foo/toto
+touch /var/mail/foo
+chown -R foo:foo /var/mail/foo
+chown -R root:root /home/foo
+
+echo -n "Delete user foo (userdel -r foo)..."
+userdel -r foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo "The user should have been removed."
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was not removed..."
+test -d /home/foo
+echo "OK"
+echo -n "Check the user's mail spool was removed..."
+test ! -f /var/mail/foo
+echo "OK"
+rm -rf /home/foo
+
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/11_usermod_move_homedir/config.txt b/tests/usertools/11_usermod_move_homedir/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/11_usermod_move_homedir/config/etc/default/useradd b/tests/usertools/11_usermod_move_homedir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/11_usermod_move_homedir/config/etc/group b/tests/usertools/11_usermod_move_homedir/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/11_usermod_move_homedir/config/etc/gshadow b/tests/usertools/11_usermod_move_homedir/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/11_usermod_move_homedir/config/etc/passwd b/tests/usertools/11_usermod_move_homedir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/11_usermod_move_homedir/config/etc/shadow b/tests/usertools/11_usermod_move_homedir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/11_usermod_move_homedir/data/home_ls-a b/tests/usertools/11_usermod_move_homedir/data/home_ls-a
new file mode 100644
index 0000000..89bbbd9
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/data/home_ls-a
@@ -0,0 +1,3 @@
+-rw-r--r-- foo:foo `/home/foo2/toto'
+drwxr-xr-x foo:foo `/home/foo2/.'
+drwxr-xr-x root:root `/home/foo2/..'
diff --git a/tests/usertools/11_usermod_move_homedir/data/passwd b/tests/usertools/11_usermod_move_homedir/data/passwd
new file mode 100644
index 0000000..bc9a6f0
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo2:/bin/false
diff --git a/tests/usertools/11_usermod_move_homedir/usermod.test b/tests/usertools/11_usermod_move_homedir/usermod.test
new file mode 100755
index 0000000..b0ebf5c
--- /dev/null
+++ b/tests/usertools/11_usermod_move_homedir/usermod.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can move the user's home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2' 0
+
+change_config
+
+mkdir /home/foo
+echo toto > /home/foo/toto
+chown -R foo:foo /home/foo
+
+echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..."
+usermod -m -d /home/foo2 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was removed..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check the user's home directory was moved..."
+test -d /home/foo2
+echo "OK"
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %U:%G %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+rm -f tmp/home_ls-a
+
+echo -n "Remove the new home directory..."
+rm -rf /home/foo2
+echo "done"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config.txt b/tests/usertools/12_usermod_move_homedir_dev_null/config.txt
new file mode 100644
index 0000000..75f05ab
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/config.txt
@@ -0,0 +1 @@
+user foo's home directory is /dev/null
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/default/useradd b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/group b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/gshadow b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/passwd b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/passwd
new file mode 100644
index 0000000..b1fd322
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/dev/null:/bin/false
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/shadow b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/data/passwd b/tests/usertools/12_usermod_move_homedir_dev_null/data/passwd
new file mode 100644
index 0000000..bc9a6f0
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo2:/bin/false
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/data/usermod.err b/tests/usertools/12_usermod_move_homedir_dev_null/data/usermod.err
new file mode 100644
index 0000000..f02fc5a
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/data/usermod.err
@@ -0,0 +1 @@
+usermod: The previous home directory (/dev/null) was not a directory. It is not removed and no home directories are created.
diff --git a/tests/usertools/12_usermod_move_homedir_dev_null/usermod.test b/tests/usertools/12_usermod_move_homedir_dev_null/usermod.test
new file mode 100755
index 0000000..c0ce1c1
--- /dev/null
+++ b/tests/usertools/12_usermod_move_homedir_dev_null/usermod.test
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+# TBC: should usermod create the home directory?
+log_start "$0" "usermod does not move non-directory (/dev/null)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..."
+usermod -m -d /home/foo2 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Make sure /dev/null was not removed..."
+test -c /dev/null
+echo "OK"
+echo -n "Make sure the user's home directory was not removed..."
+test ! -e /home/foo2
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/13_usermod_move_homedir_file/config.txt b/tests/usertools/13_usermod_move_homedir_file/config.txt
new file mode 100644
index 0000000..5e41c31
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/config.txt
@@ -0,0 +1 @@
+user foo's home directory is /home/foo, which will be created by usermod.test as a regular file.
diff --git a/tests/usertools/13_usermod_move_homedir_file/config/etc/default/useradd b/tests/usertools/13_usermod_move_homedir_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/13_usermod_move_homedir_file/config/etc/group b/tests/usertools/13_usermod_move_homedir_file/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/13_usermod_move_homedir_file/config/etc/gshadow b/tests/usertools/13_usermod_move_homedir_file/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/13_usermod_move_homedir_file/config/etc/passwd b/tests/usertools/13_usermod_move_homedir_file/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/13_usermod_move_homedir_file/config/etc/shadow b/tests/usertools/13_usermod_move_homedir_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/13_usermod_move_homedir_file/data/passwd b/tests/usertools/13_usermod_move_homedir_file/data/passwd
new file mode 100644
index 0000000..bc9a6f0
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo2:/bin/false
diff --git a/tests/usertools/13_usermod_move_homedir_file/data/usermod.err b/tests/usertools/13_usermod_move_homedir_file/data/usermod.err
new file mode 100644
index 0000000..d271507
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/data/usermod.err
@@ -0,0 +1 @@
+usermod: The previous home directory (/home/foo) was not a directory. It is not removed and no home directories are created.
diff --git a/tests/usertools/13_usermod_move_homedir_file/usermod.test b/tests/usertools/13_usermod_move_homedir_file/usermod.test
new file mode 100755
index 0000000..2df56e0
--- /dev/null
+++ b/tests/usertools/13_usermod_move_homedir_file/usermod.test
@@ -0,0 +1,67 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+# TBC: should usermod create the home directory?
+log_start "$0" "usermod does not move non-directory (regular file)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /home/foo' 0
+
+change_config
+
+touch /home/foo
+
+echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..."
+usermod -m -d /home/foo2 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check /home/foo was not removed..."
+test -f /home/foo
+echo "OK"
+echo -n "Check the user's home directory was not created..."
+test ! -e /home/foo2
+echo "OK"
+
+rm -f /home/foo
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config.txt b/tests/usertools/14_usermod_move_homedir_other_device/config.txt
new file mode 100644
index 0000000..3d43135
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/config.txt
@@ -0,0 +1,5 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config/etc/default/useradd b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config/etc/group b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config/etc/gshadow b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config/etc/passwd b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/config/etc/shadow b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/data/home_ls-a b/tests/usertools/14_usermod_move_homedir_other_device/data/home_ls-a
new file mode 100644
index 0000000..f7abeaa
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/data/home_ls-a
@@ -0,0 +1,7 @@
+-rw-r--r-- foo:foo `/tmp/home/foo2/.tata'
+-rw-r--r-- foo:foo `/tmp/home/foo2/toto'
+crw-r--r-- foo:foo `/tmp/home/foo2/null'
+drwxr-xr-x foo:foo `/tmp/home/foo2/.'
+drwxr-xr-x foo:foo `/tmp/home/foo2/titi'
+drwxr-xr-x root:root `/tmp/home/foo2/..'
+lrwxrwxrwx foo:foo `/tmp/home/foo2/tutu' -> `/tmp/home/foo2/toto'
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/data/passwd b/tests/usertools/14_usermod_move_homedir_other_device/data/passwd
new file mode 100644
index 0000000..86c29de
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/home/foo2:/bin/false
diff --git a/tests/usertools/14_usermod_move_homedir_other_device/usermod.test b/tests/usertools/14_usermod_move_homedir_other_device/usermod.test
new file mode 100755
index 0000000..e595ed3
--- /dev/null
+++ b/tests/usertools/14_usermod_move_homedir_other_device/usermod.test
@@ -0,0 +1,68 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod keeps links or devices when it moves the user's home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2; umount /tmp/home; rmdir /tmp/home' 0
+
+change_config
+
+mkdir /home/foo
+mkdir /home/foo/titi
+echo toto > /home/foo/toto
+ln /home/foo/toto /home/foo/.tata
+ln -s /home/foo/toto /home/foo/tutu
+mknod /home/foo/null c 1 3
+chown -R foo:foo /home/foo
+
+mkdir /tmp/home
+mount --bind /home /tmp/home
+
+echo -n "Change the user's home directory (usermod -m -d /tmp/home/foo2 foo)..."
+usermod -m -d /tmp/home/foo2 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was removed..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check the user's home directory was moved..."
+test -d /home/foo2
+echo "OK"
+echo -n "Check content of /tmp/home/foo2/..."
+stat --printf "%A %U:%G %N\n" /tmp/home/foo2/* /tmp/home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+rm -f tmp/home_ls-a
+
+echo -n "Remove the new home directory..."
+rm -rf /tmp/home/foo2
+echo "done"
+
+umount /tmp/home
+rmdir /tmp/home
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config.txt b/tests/usertools/15_usermod_change_supplementary_groups/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config/etc/default/useradd b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config/etc/group b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config/etc/gshadow b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config/etc/passwd b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/config/etc/shadow b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/data/group b/tests/usertools/15_usermod_change_supplementary_groups/data/group
new file mode 100644
index 0000000..6de5fa5
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:foo
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/data/gshadow b/tests/usertools/15_usermod_change_supplementary_groups/data/gshadow
new file mode 100644
index 0000000..8df27c9
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo
+bin:*::foo
+sys:*::root
+adm:*::root
+tty:*::
+disk:*:foo:
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:
+voice:*::
+cdrom:*:foo:
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/15_usermod_change_supplementary_groups/usermod.test b/tests/usertools/15_usermod_change_supplementary_groups/usermod.test
new file mode 100755
index 0000000..74d3ab7
--- /dev/null
+++ b/tests/usertools/15_usermod_change_supplementary_groups/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can change the list of supplementary groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's list of supplementary groups (usermod -G bin,daemon foo)..."
+usermod -G bin,daemon foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config.txt b/tests/usertools/16_usermod_remove_supplementary_groups/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/default/useradd b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/group b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/gshadow b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/passwd b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/shadow b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/data/group b/tests/usertools/16_usermod_remove_supplementary_groups/data/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/data/gshadow b/tests/usertools/16_usermod_remove_supplementary_groups/data/gshadow
new file mode 100644
index 0000000..c152e93
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*:foo:
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:
+voice:*::
+cdrom:*:foo:
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/16_usermod_remove_supplementary_groups/usermod.test b/tests/usertools/16_usermod_remove_supplementary_groups/usermod.test
new file mode 100755
index 0000000..6965190
--- /dev/null
+++ b/tests/usertools/16_usermod_remove_supplementary_groups/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can clear the list of supplementary groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's list of supplementary groups (usermod -G \"\" foo)..."
+usermod -G "" foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config.txt b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/default/useradd b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/group b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/gshadow b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/passwd b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/shadow b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/group b/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/group
new file mode 100644
index 0000000..09dc6c1
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:root,foo
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:foo
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/gshadow b/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/gshadow
new file mode 100644
index 0000000..f111ae2
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::root,foo
+adm:*::root
+tty:*::
+disk:*:foo:
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::foo
+kmem:*::
+dialout:*::
+fax:*:foo:
+voice:*::
+cdrom:*:foo:
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/17_usermod_change_supplementary_groups_numerical/usermod.test b/tests/usertools/17_usermod_change_supplementary_groups_numerical/usermod.test
new file mode 100755
index 0000000..ecd3a5f
--- /dev/null
+++ b/tests/usertools/17_usermod_change_supplementary_groups_numerical/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can change the list of supplementary groups, with numerical groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's list of supplementary groups (usermod -G 13,bin,3 foo)..."
+usermod -G 13,bin,3 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config.txt b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/default/useradd b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/group b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/gshadow b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/passwd b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/shadow b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/data/usermod.err b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/data/usermod.err
new file mode 100644
index 0000000..6cf0f1f
--- /dev/null
+++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/data/usermod.err
@@ -0,0 +1 @@
+usermod: group 'damon' does not exist
diff --git a/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/usermod.test b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/usermod.test
new file mode 100755
index 0000000..002bc53
--- /dev/null
+++ b/tests/usertools/18_usermod_change_supplementary_groups-unknown_group/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod fails if asked to add an user to an unknown named group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's list of supplementary groups (usermod -G bin,damon foo)..."
+usermod -G bin,damon foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config.txt b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/default/useradd b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/group b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/gshadow b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/passwd b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/shadow b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/data/usermod.err b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/data/usermod.err
new file mode 100644
index 0000000..5702177
--- /dev/null
+++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/data/usermod.err
@@ -0,0 +1 @@
+usermod: group '4242' does not exist
diff --git a/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/usermod.test b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/usermod.test
new file mode 100755
index 0000000..1915240
--- /dev/null
+++ b/tests/usertools/19_usermod_change_supplementary_groups-unknown_numerical_group/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod fails if asked to add an user to an unknown numerical group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's list of supplementary groups (usermod -G bin,4242,daemon foo)..."
+usermod -G bin,4242,daemon foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config.txt b/tests/usertools/20_usermod_rename_user_in_member_lists/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/default/useradd b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/group b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/gshadow b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/passwd b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/shadow b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/data/group b/tests/usertools/20_usermod_rename_user_in_member_lists/data/group
new file mode 100644
index 0000000..730e4dd
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo2
+tty:x:5:
+disk:x:6:
+lp:x:7:root,foo2
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo2
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo2
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo2
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/data/gshadow b/tests/usertools/20_usermod_rename_user_in_member_lists/data/gshadow
new file mode 100644
index 0000000..af81c09
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo2
+tty:*::foo2
+disk:*:foo2:
+lp:*::root,foo2
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo2:foo2
+voice:*::
+cdrom:*:foo2:foo2
+floppy:*::foo2
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/data/passwd b/tests/usertools/20_usermod_rename_user_in_member_lists/data/passwd
new file mode 100644
index 0000000..f9b7829
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/data/shadow b/tests/usertools/20_usermod_rename_user_in_member_lists/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/20_usermod_rename_user_in_member_lists/usermod.test b/tests/usertools/20_usermod_rename_user_in_member_lists/usermod.test
new file mode 100755
index 0000000..8e0a2cd
--- /dev/null
+++ b/tests/usertools/20_usermod_rename_user_in_member_lists/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod rename the user in the lists of members, when an user is renamed with -l"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename user foo (usermod -l foo2 foo)..."
+usermod -l foo2 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config.txt b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/default/useradd b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/group b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/gshadow b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/passwd b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/shadow b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/group b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/group
new file mode 100644
index 0000000..99e54fa
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo2
+bin:x:2:foo2
+sys:x:3:root
+adm:x:4:root,foo2
+tty:x:5:
+disk:x:6:
+lp:x:7:root,foo2
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo2
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo2
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo2
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/gshadow b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/gshadow
new file mode 100644
index 0000000..6ce4903
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo2
+bin:*::foo2
+sys:*::root
+adm:*::root,foo2
+tty:*::foo2
+disk:*:foo2:
+lp:*::root,foo2
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo2:foo2
+voice:*::
+cdrom:*:foo2:foo2
+floppy:*::foo2
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/passwd b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/passwd
new file mode 100644
index 0000000..f9b7829
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/shadow b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/usermod.test b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/usermod.test
new file mode 100755
index 0000000..409b3ac
--- /dev/null
+++ b/tests/usertools/21_usermod_rename_user_in_member_lists-and-add_supplementary_groups/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod rename the user in the lists of members and uses the right username when adding the user to supplementary groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename the user and change the user's list of supplementary groups (usermod -l foo2 -a -G bin,daemon foo)..."
+usermod -l foo2 -a -G bin,daemon foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config.txt b/tests/usertools/22_usermod-a_existing_supplementary_group/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/default/useradd b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/group b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/gshadow b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/passwd b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/shadow b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/data/group b/tests/usertools/22_usermod-a_existing_supplementary_group/data/group
new file mode 100644
index 0000000..84c8697
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo
+bin:x:2:foo
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/data/gshadow b/tests/usertools/22_usermod-a_existing_supplementary_group/data/gshadow
new file mode 100644
index 0000000..d0a61a3
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo
+bin:*::foo
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/22_usermod-a_existing_supplementary_group/usermod.test b/tests/usertools/22_usermod-a_existing_supplementary_group/usermod.test
new file mode 100755
index 0000000..e83a3e0
--- /dev/null
+++ b/tests/usertools/22_usermod-a_existing_supplementary_group/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod does not fail when requested to add the user to a group it is already a member"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's list of supplementary groups (usermod -a -G bin,daemon,floppy foo)..."
+usermod -a -G bin,daemon,floppy foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config.txt b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/default/useradd b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/group b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/gshadow b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/passwd b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/shadow b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/group b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/group
new file mode 100644
index 0000000..99e54fa
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:foo2
+bin:x:2:foo2
+sys:x:3:root
+adm:x:4:root,foo2
+tty:x:5:
+disk:x:6:
+lp:x:7:root,foo2
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo2
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo2
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo2
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/gshadow b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/gshadow
new file mode 100644
index 0000000..6ce4903
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::foo2
+bin:*::foo2
+sys:*::root
+adm:*::root,foo2
+tty:*::foo2
+disk:*:foo2:
+lp:*::root,foo2
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo2:foo2
+voice:*::
+cdrom:*:foo2:foo2
+floppy:*::foo2
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/passwd b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/passwd
new file mode 100644
index 0000000..f9b7829
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/shadow b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/23_usermod-a_existing_supplementary_group+rename/usermod.test b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/usermod.test
new file mode 100755
index 0000000..a2b74ae
--- /dev/null
+++ b/tests/usertools/23_usermod-a_existing_supplementary_group+rename/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod renames the user when requested to add an user to a group it is already a member and to rename this user"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename the user and change the its list of supplementary groups (usermod -l foo2 -a -G bin,daemon,floppy foo)..."
+usermod -l foo2 -a -G bin,daemon,floppy foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/24_usermod_locked_passwd/config.txt b/tests/usertools/24_usermod_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/24_usermod_locked_passwd/config.txt
diff --git a/tests/usertools/24_usermod_locked_passwd/config/etc/default/useradd b/tests/usertools/24_usermod_locked_passwd/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/24_usermod_locked_passwd/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/24_usermod_locked_passwd/config/etc/group b/tests/usertools/24_usermod_locked_passwd/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/24_usermod_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/24_usermod_locked_passwd/config/etc/gshadow b/tests/usertools/24_usermod_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/24_usermod_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/24_usermod_locked_passwd/config/etc/passwd b/tests/usertools/24_usermod_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/24_usermod_locked_passwd/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/24_usermod_locked_passwd/config/etc/shadow b/tests/usertools/24_usermod_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/24_usermod_locked_passwd/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/24_usermod_locked_passwd/data/usermod.err b/tests/usertools/24_usermod_locked_passwd/data/usermod.err
new file mode 100644
index 0000000..b1d59ec
--- /dev/null
+++ b/tests/usertools/24_usermod_locked_passwd/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: existing lock file /etc/passwd.lock without a PID
+usermod: cannot lock /etc/passwd; try again later.
diff --git a/tests/usertools/24_usermod_locked_passwd/usermod.test b/tests/usertools/24_usermod_locked_passwd/usermod.test
new file mode 100755
index 0000000..6348998
--- /dev/null
+++ b/tests/usertools/24_usermod_locked_passwd/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -G checks if the passwd file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Change the user's list of supplementary groups (usermod -G bin foo)..."
+usermod -G bin foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/25_usermod-G_locked_group/config.txt b/tests/usertools/25_usermod-G_locked_group/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/25_usermod-G_locked_group/config.txt
diff --git a/tests/usertools/25_usermod-G_locked_group/config/etc/default/useradd b/tests/usertools/25_usermod-G_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/25_usermod-G_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/25_usermod-G_locked_group/config/etc/group b/tests/usertools/25_usermod-G_locked_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/25_usermod-G_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/25_usermod-G_locked_group/config/etc/gshadow b/tests/usertools/25_usermod-G_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/25_usermod-G_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/25_usermod-G_locked_group/config/etc/passwd b/tests/usertools/25_usermod-G_locked_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/25_usermod-G_locked_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/25_usermod-G_locked_group/config/etc/shadow b/tests/usertools/25_usermod-G_locked_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/25_usermod-G_locked_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/25_usermod-G_locked_group/data/usermod.err b/tests/usertools/25_usermod-G_locked_group/data/usermod.err
new file mode 100644
index 0000000..4b1d8f9
--- /dev/null
+++ b/tests/usertools/25_usermod-G_locked_group/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: existing lock file /etc/group.lock without a PID
+usermod: cannot lock /etc/group; try again later.
diff --git a/tests/usertools/25_usermod-G_locked_group/usermod.test b/tests/usertools/25_usermod-G_locked_group/usermod.test
new file mode 100755
index 0000000..a29cfaa
--- /dev/null
+++ b/tests/usertools/25_usermod-G_locked_group/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -G checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Change the user's list of supplementary groups (usermod -G bin foo)..."
+usermod -G bin foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/26_usermod_locked_shadow/config.txt b/tests/usertools/26_usermod_locked_shadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/26_usermod_locked_shadow/config.txt
diff --git a/tests/usertools/26_usermod_locked_shadow/config/etc/default/useradd b/tests/usertools/26_usermod_locked_shadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/26_usermod_locked_shadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/26_usermod_locked_shadow/config/etc/group b/tests/usertools/26_usermod_locked_shadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/26_usermod_locked_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/26_usermod_locked_shadow/config/etc/gshadow b/tests/usertools/26_usermod_locked_shadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/26_usermod_locked_shadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/26_usermod_locked_shadow/config/etc/passwd b/tests/usertools/26_usermod_locked_shadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/26_usermod_locked_shadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/26_usermod_locked_shadow/config/etc/shadow b/tests/usertools/26_usermod_locked_shadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/26_usermod_locked_shadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/26_usermod_locked_shadow/data/usermod.err b/tests/usertools/26_usermod_locked_shadow/data/usermod.err
new file mode 100644
index 0000000..f490717
--- /dev/null
+++ b/tests/usertools/26_usermod_locked_shadow/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: existing lock file /etc/shadow.lock without a PID
+usermod: cannot lock /etc/shadow; try again later.
diff --git a/tests/usertools/26_usermod_locked_shadow/usermod.test b/tests/usertools/26_usermod_locked_shadow/usermod.test
new file mode 100755
index 0000000..b35c69b
--- /dev/null
+++ b/tests/usertools/26_usermod_locked_shadow/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -G checks if the shadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Change the user's list of supplementary groups (usermod -G bin foo)..."
+usermod -G bin foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/shadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config.txt b/tests/usertools/27_usermod-G_locked_gshadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/27_usermod-G_locked_gshadow/config.txt
diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config/etc/default/useradd b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config/etc/group b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config/etc/gshadow b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config/etc/passwd b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/27_usermod-G_locked_gshadow/config/etc/shadow b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/27_usermod-G_locked_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/27_usermod-G_locked_gshadow/data/usermod.err b/tests/usertools/27_usermod-G_locked_gshadow/data/usermod.err
new file mode 100644
index 0000000..d065cee
--- /dev/null
+++ b/tests/usertools/27_usermod-G_locked_gshadow/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: existing lock file /etc/gshadow.lock without a PID
+usermod: cannot lock /etc/gshadow; try again later.
diff --git a/tests/usertools/27_usermod-G_locked_gshadow/usermod.test b/tests/usertools/27_usermod-G_locked_gshadow/usermod.test
new file mode 100755
index 0000000..6709fbc
--- /dev/null
+++ b/tests/usertools/27_usermod-G_locked_gshadow/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -G checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Change the user's list of supplementary groups (usermod -G bin foo)..."
+usermod -G bin foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/28_usermod-c_locked_group/config.txt b/tests/usertools/28_usermod-c_locked_group/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/28_usermod-c_locked_group/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/28_usermod-c_locked_group/config/etc/default/useradd b/tests/usertools/28_usermod-c_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/28_usermod-c_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/28_usermod-c_locked_group/config/etc/group b/tests/usertools/28_usermod-c_locked_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/28_usermod-c_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/28_usermod-c_locked_group/config/etc/gshadow b/tests/usertools/28_usermod-c_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/28_usermod-c_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/28_usermod-c_locked_group/config/etc/passwd b/tests/usertools/28_usermod-c_locked_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/28_usermod-c_locked_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/28_usermod-c_locked_group/config/etc/shadow b/tests/usertools/28_usermod-c_locked_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/28_usermod-c_locked_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/28_usermod-c_locked_group/data/passwd b/tests/usertools/28_usermod-c_locked_group/data/passwd
new file mode 100644
index 0000000..c7bb997
--- /dev/null
+++ b/tests/usertools/28_usermod-c_locked_group/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:new comment:/home/foo:/bin/false
diff --git a/tests/usertools/28_usermod-c_locked_group/usermod.test b/tests/usertools/28_usermod-c_locked_group/usermod.test
new file mode 100755
index 0000000..6275a9a
--- /dev/null
+++ b/tests/usertools/28_usermod-c_locked_group/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -c does not check if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Change the user's comment (usermod -c \"new coment\" foo)..."
+usermod -c "new comment" foo
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config.txt b/tests/usertools/29_usermod-c_locked_gshadow/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/29_usermod-c_locked_gshadow/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config/etc/default/useradd b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config/etc/group b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config/etc/gshadow b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config/etc/passwd b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/29_usermod-c_locked_gshadow/config/etc/shadow b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/29_usermod-c_locked_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/29_usermod-c_locked_gshadow/data/passwd b/tests/usertools/29_usermod-c_locked_gshadow/data/passwd
new file mode 100644
index 0000000..c7bb997
--- /dev/null
+++ b/tests/usertools/29_usermod-c_locked_gshadow/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:new comment:/home/foo:/bin/false
diff --git a/tests/usertools/29_usermod-c_locked_gshadow/usermod.test b/tests/usertools/29_usermod-c_locked_gshadow/usermod.test
new file mode 100755
index 0000000..f7a14c9
--- /dev/null
+++ b/tests/usertools/29_usermod-c_locked_gshadow/usermod.test
@@ -0,0 +1,45 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -c does not check if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Change the user's comment (usermod -c \"new coment\" foo)..."
+usermod -c "new comment" foo
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/30_usermod-l_locked_group/config.txt b/tests/usertools/30_usermod-l_locked_group/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/30_usermod-l_locked_group/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/30_usermod-l_locked_group/config/etc/default/useradd b/tests/usertools/30_usermod-l_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/30_usermod-l_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/30_usermod-l_locked_group/config/etc/group b/tests/usertools/30_usermod-l_locked_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/30_usermod-l_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/30_usermod-l_locked_group/config/etc/gshadow b/tests/usertools/30_usermod-l_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/30_usermod-l_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/30_usermod-l_locked_group/config/etc/passwd b/tests/usertools/30_usermod-l_locked_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/30_usermod-l_locked_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/30_usermod-l_locked_group/config/etc/shadow b/tests/usertools/30_usermod-l_locked_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/30_usermod-l_locked_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/30_usermod-l_locked_group/data/usermod.err b/tests/usertools/30_usermod-l_locked_group/data/usermod.err
new file mode 100644
index 0000000..4b1d8f9
--- /dev/null
+++ b/tests/usertools/30_usermod-l_locked_group/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: existing lock file /etc/group.lock without a PID
+usermod: cannot lock /etc/group; try again later.
diff --git a/tests/usertools/30_usermod-l_locked_group/usermod.test b/tests/usertools/30_usermod-l_locked_group/usermod.test
new file mode 100755
index 0000000..8b3799c
--- /dev/null
+++ b/tests/usertools/30_usermod-l_locked_group/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -l fails if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Change the user's list of supplementary groups (usermod -l foo2 foo)..."
+usermod -l foo2 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config.txt b/tests/usertools/31_usermod-l_locked_gshadow/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/31_usermod-l_locked_gshadow/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config/etc/default/useradd b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config/etc/group b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config/etc/gshadow b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config/etc/passwd b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/31_usermod-l_locked_gshadow/config/etc/shadow b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/31_usermod-l_locked_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/31_usermod-l_locked_gshadow/data/usermod.err b/tests/usertools/31_usermod-l_locked_gshadow/data/usermod.err
new file mode 100644
index 0000000..d065cee
--- /dev/null
+++ b/tests/usertools/31_usermod-l_locked_gshadow/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: existing lock file /etc/gshadow.lock without a PID
+usermod: cannot lock /etc/gshadow; try again later.
diff --git a/tests/usertools/31_usermod-l_locked_gshadow/usermod.test b/tests/usertools/31_usermod-l_locked_gshadow/usermod.test
new file mode 100755
index 0000000..1e18287
--- /dev/null
+++ b/tests/usertools/31_usermod-l_locked_gshadow/usermod.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod -l fails if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Change the user's list of supplementary groups (usermod -l foo2 foo)..."
+usermod -l foo2 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/32_usermod-u_new_UID/config.txt b/tests/usertools/32_usermod-u_new_UID/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/32_usermod-u_new_UID/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/32_usermod-u_new_UID/config/etc/default/useradd b/tests/usertools/32_usermod-u_new_UID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/32_usermod-u_new_UID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/32_usermod-u_new_UID/config/etc/group b/tests/usertools/32_usermod-u_new_UID/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/32_usermod-u_new_UID/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/32_usermod-u_new_UID/config/etc/gshadow b/tests/usertools/32_usermod-u_new_UID/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/32_usermod-u_new_UID/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/32_usermod-u_new_UID/config/etc/passwd b/tests/usertools/32_usermod-u_new_UID/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/32_usermod-u_new_UID/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/32_usermod-u_new_UID/config/etc/shadow b/tests/usertools/32_usermod-u_new_UID/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/32_usermod-u_new_UID/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/32_usermod-u_new_UID/data/passwd b/tests/usertools/32_usermod-u_new_UID/data/passwd
new file mode 100644
index 0000000..174e4f6
--- /dev/null
+++ b/tests/usertools/32_usermod-u_new_UID/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/false
diff --git a/tests/usertools/32_usermod-u_new_UID/usermod.test b/tests/usertools/32_usermod-u_new_UID/usermod.test
new file mode 100755
index 0000000..ca04c6f
--- /dev/null
+++ b/tests/usertools/32_usermod-u_new_UID/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can change the user's UID"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/33_usermod-u_existing_UID/config.txt b/tests/usertools/33_usermod-u_existing_UID/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/33_usermod-u_existing_UID/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/33_usermod-u_existing_UID/config/etc/default/useradd b/tests/usertools/33_usermod-u_existing_UID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/33_usermod-u_existing_UID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/33_usermod-u_existing_UID/config/etc/group b/tests/usertools/33_usermod-u_existing_UID/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/33_usermod-u_existing_UID/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/33_usermod-u_existing_UID/config/etc/gshadow b/tests/usertools/33_usermod-u_existing_UID/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/33_usermod-u_existing_UID/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/33_usermod-u_existing_UID/config/etc/passwd b/tests/usertools/33_usermod-u_existing_UID/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/33_usermod-u_existing_UID/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/33_usermod-u_existing_UID/config/etc/shadow b/tests/usertools/33_usermod-u_existing_UID/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/33_usermod-u_existing_UID/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/33_usermod-u_existing_UID/data/usermod.err b/tests/usertools/33_usermod-u_existing_UID/data/usermod.err
new file mode 100644
index 0000000..dd2fa8a
--- /dev/null
+++ b/tests/usertools/33_usermod-u_existing_UID/data/usermod.err
@@ -0,0 +1 @@
+usermod: UID '1001' already exists
diff --git a/tests/usertools/33_usermod-u_existing_UID/usermod.test b/tests/usertools/33_usermod-u_existing_UID/usermod.test
new file mode 100755
index 0000000..10c1e28
--- /dev/null
+++ b/tests/usertools/33_usermod-u_existing_UID/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod tests if the new user's UID is already used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's UID (usermod -u 1001 foo)..."
+usermod -u 1001 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "4"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config.txt b/tests/usertools/34_usermod-u-o_existing_UID/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/34_usermod-u-o_existing_UID/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config/etc/default/useradd b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config/etc/group b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config/etc/gshadow b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config/etc/passwd b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/34_usermod-u-o_existing_UID/config/etc/shadow b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/34_usermod-u-o_existing_UID/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/34_usermod-u-o_existing_UID/data/passwd b/tests/usertools/34_usermod-u-o_existing_UID/data/passwd
new file mode 100644
index 0000000..28bc739
--- /dev/null
+++ b/tests/usertools/34_usermod-u-o_existing_UID/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1001:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/34_usermod-u-o_existing_UID/usermod.test b/tests/usertools/34_usermod-u-o_existing_UID/usermod.test
new file mode 100755
index 0000000..5ea5210
--- /dev/null
+++ b/tests/usertools/34_usermod-u-o_existing_UID/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can change the user's UID to an existing UID (with -o)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's UID (usermod -o -u 1001 foo)..."
+usermod -o -u 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/35_usermod-u_invalid_UID/config.txt b/tests/usertools/35_usermod-u_invalid_UID/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/35_usermod-u_invalid_UID/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/35_usermod-u_invalid_UID/config/etc/default/useradd b/tests/usertools/35_usermod-u_invalid_UID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/35_usermod-u_invalid_UID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/35_usermod-u_invalid_UID/config/etc/group b/tests/usertools/35_usermod-u_invalid_UID/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/35_usermod-u_invalid_UID/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/35_usermod-u_invalid_UID/config/etc/gshadow b/tests/usertools/35_usermod-u_invalid_UID/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/35_usermod-u_invalid_UID/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/35_usermod-u_invalid_UID/config/etc/passwd b/tests/usertools/35_usermod-u_invalid_UID/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/35_usermod-u_invalid_UID/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/35_usermod-u_invalid_UID/config/etc/shadow b/tests/usertools/35_usermod-u_invalid_UID/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/35_usermod-u_invalid_UID/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/35_usermod-u_invalid_UID/data/usermod.err b/tests/usertools/35_usermod-u_invalid_UID/data/usermod.err
new file mode 100644
index 0000000..2d5c5e9
--- /dev/null
+++ b/tests/usertools/35_usermod-u_invalid_UID/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid user ID '100a1'
diff --git a/tests/usertools/35_usermod-u_invalid_UID/usermod.test b/tests/usertools/35_usermod-u_invalid_UID/usermod.test
new file mode 100755
index 0000000..43f0daf
--- /dev/null
+++ b/tests/usertools/35_usermod-u_invalid_UID/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks if the uid is valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's UID (usermod -u 100a1 foo)..."
+usermod -u 100a1 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config.txt b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config.txt
new file mode 100644
index 0000000..b337f3f
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000, home directory: /home/foo
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/default/useradd b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/group b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/gshadow b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/passwd b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/shadow b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/home_ls-a b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/home_ls-a
new file mode 100644
index 0000000..24c9573
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/home_ls-a
@@ -0,0 +1,7 @@
+-rw-r--r-- 1001:1000 `/home/foo2/.tata'
+-rw-r--r-- 1001:1000 `/home/foo2/toto'
+crw-r--r-- 1001:1000 `/home/foo2/null'
+drwxr-xr-x 0:0 `/home/foo2/..'
+drwxr-xr-x 1001:1000 `/home/foo2/.'
+drwxr-xr-x 1001:1000 `/home/foo2/titi'
+lrwxrwxrwx 1001:1000 `/home/foo2/tutu' -> `/tmp/home/foo2/toto'
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/passwd b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/passwd
new file mode 100644
index 0000000..9327c6d
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1001:1000::/tmp/home/foo2:/bin/false
diff --git a/tests/usertools/36_usermod_change_uid+move_homedir_other_device/usermod.test b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/usermod.test
new file mode 100755
index 0000000..6a8d708
--- /dev/null
+++ b/tests/usertools/36_usermod_change_uid+move_homedir_other_device/usermod.test
@@ -0,0 +1,69 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod can move the user's home directory, over a new device and changes the owner of the user's file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2; umount /tmp/home; rmdir /tmp/home' 0
+
+change_config
+
+mkdir /home/foo
+mkdir /home/foo/titi
+echo toto > /home/foo/toto
+ln /home/foo/toto /home/foo/.tata
+ln -s /home/foo/toto /home/foo/tutu
+mknod /home/foo/null c 1 3
+chown -R foo:foo /home/foo
+stat --printf "%A %u:%g %N\n" /home/foo/* /home/foo/.* 2>/dev/null | sort
+
+mkdir /tmp/home
+mount --bind /home /tmp/home
+
+echo -n "Change the user's home directory (usermod -m -d /tmp/home/foo2 -u 1001 foo ..."
+usermod -m -d /tmp/home/foo2 -u 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was removed..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check the user's home directory was moved..."
+test -d /home/foo2
+echo "OK"
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %u:%g %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+rm -f tmp/home_ls-a
+
+echo -n "Remove the new home directory..."
+rm -rf /home/foo2
+echo "done"
+
+umount /tmp/home
+rmdir /tmp/home
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/37_Debian_Bug_470745/config.txt b/tests/usertools/37_Debian_Bug_470745/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/37_Debian_Bug_470745/config/etc/default/useradd b/tests/usertools/37_Debian_Bug_470745/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/37_Debian_Bug_470745/config/etc/group b/tests/usertools/37_Debian_Bug_470745/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/37_Debian_Bug_470745/config/etc/gshadow b/tests/usertools/37_Debian_Bug_470745/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/37_Debian_Bug_470745/config/etc/passwd b/tests/usertools/37_Debian_Bug_470745/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/37_Debian_Bug_470745/config/etc/shadow b/tests/usertools/37_Debian_Bug_470745/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/37_Debian_Bug_470745/data/group b/tests/usertools/37_Debian_Bug_470745/data/group
new file mode 100644
index 0000000..ad32c02
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/data/group
@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
+tr:x:1002:
+rtr:x:1003:
diff --git a/tests/usertools/37_Debian_Bug_470745/data/gshadow b/tests/usertools/37_Debian_Bug_470745/data/gshadow
new file mode 100644
index 0000000..01b3553
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/data/gshadow
@@ -0,0 +1,45 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
+tr:!::
+tr:!::
diff --git a/tests/usertools/37_Debian_Bug_470745/data/passwd b/tests/usertools/37_Debian_Bug_470745/data/passwd
new file mode 100644
index 0000000..0e31259
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/data/passwd
@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
+tr:x:1002:1002::/tmp/tr:/bin/foobar
diff --git a/tests/usertools/37_Debian_Bug_470745/data/shadow b/tests/usertools/37_Debian_Bug_470745/data/shadow
new file mode 100644
index 0000000..ccbe580
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/data/shadow
@@ -0,0 +1,22 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
+tr:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/37_Debian_Bug_470745/data/usermod.err b/tests/usertools/37_Debian_Bug_470745/data/usermod.err
new file mode 100644
index 0000000..46df292
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/data/usermod.err
@@ -0,0 +1,2 @@
+Multiple entries named 'tr' in /etc/gshadow. Please fix this with pwck or grpck.
+usermod: failed to prepare the new /etc/gshadow entry 'tr'
diff --git a/tests/usertools/37_Debian_Bug_470745/usermod.test b/tests/usertools/37_Debian_Bug_470745/usermod.test
new file mode 100755
index 0000000..8aa75ba
--- /dev/null
+++ b/tests/usertools/37_Debian_Bug_470745/usermod.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod tests if the new user's UID is already used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo add group tr
+groupadd tr
+echo add group rtr
+groupadd rtr
+echo add user tr to group tr
+useradd -g tr tr
+echo rename group rtr to tr in /etc/gshadow
+perl -pi -e 's/rtr/tr/g' /etc/gshadow
+echo add user tr to the member list of tr
+usermod -G tr tr 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/38_usermod_invalid_user/config.txt b/tests/usertools/38_usermod_invalid_user/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/38_usermod_invalid_user/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/38_usermod_invalid_user/config/etc/default/useradd b/tests/usertools/38_usermod_invalid_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/38_usermod_invalid_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/38_usermod_invalid_user/config/etc/group b/tests/usertools/38_usermod_invalid_user/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/38_usermod_invalid_user/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/38_usermod_invalid_user/config/etc/gshadow b/tests/usertools/38_usermod_invalid_user/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/38_usermod_invalid_user/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/38_usermod_invalid_user/config/etc/passwd b/tests/usertools/38_usermod_invalid_user/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/38_usermod_invalid_user/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/38_usermod_invalid_user/config/etc/shadow b/tests/usertools/38_usermod_invalid_user/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/38_usermod_invalid_user/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/38_usermod_invalid_user/data/usermod.err b/tests/usertools/38_usermod_invalid_user/data/usermod.err
new file mode 100644
index 0000000..83a9183
--- /dev/null
+++ b/tests/usertools/38_usermod_invalid_user/data/usermod.err
@@ -0,0 +1 @@
+usermod: user 'fooinvalid' does not exist
diff --git a/tests/usertools/38_usermod_invalid_user/usermod.test b/tests/usertools/38_usermod_invalid_user/usermod.test
new file mode 100755
index 0000000..e88034d
--- /dev/null
+++ b/tests/usertools/38_usermod_invalid_user/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks if the user is valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change an invalid user (usermod -u 100 fooinvalid)..."
+usermod -u 100 fooinvalid 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config.txt b/tests/usertools/39_usermod_-c_invalid_comment/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/39_usermod_-c_invalid_comment/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config/etc/default/useradd b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config/etc/group b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config/etc/gshadow b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config/etc/passwd b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/39_usermod_-c_invalid_comment/config/etc/shadow b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/39_usermod_-c_invalid_comment/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/39_usermod_-c_invalid_comment/data/usermod.err b/tests/usertools/39_usermod_-c_invalid_comment/data/usermod.err
new file mode 100644
index 0000000..2cdfa7a
--- /dev/null
+++ b/tests/usertools/39_usermod_-c_invalid_comment/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid field 'com:ment'
diff --git a/tests/usertools/39_usermod_-c_invalid_comment/usermod.test b/tests/usertools/39_usermod_-c_invalid_comment/usermod.test
new file mode 100755
index 0000000..5a240ed
--- /dev/null
+++ b/tests/usertools/39_usermod_-c_invalid_comment/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks validity of -c argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change to and invalid comment (usermod -c 'com:ment' foo)..."
+usermod -c 'com:ment' foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config.txt b/tests/usertools/40_usermod_-d_invalid_homedir/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/40_usermod_-d_invalid_homedir/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/default/useradd b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/group b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/gshadow b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/passwd b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/shadow b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/40_usermod_-d_invalid_homedir/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/data/usermod.err b/tests/usertools/40_usermod_-d_invalid_homedir/data/usermod.err
new file mode 100644
index 0000000..0b376d6
--- /dev/null
+++ b/tests/usertools/40_usermod_-d_invalid_homedir/data/usermod.err
@@ -0,0 +1,2 @@
+usermod: invalid field 'home
+directory'
diff --git a/tests/usertools/40_usermod_-d_invalid_homedir/usermod.test b/tests/usertools/40_usermod_-d_invalid_homedir/usermod.test
new file mode 100755
index 0000000..c510489
--- /dev/null
+++ b/tests/usertools/40_usermod_-d_invalid_homedir/usermod.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks validity of -d argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change to and invalid homedir (usermod -d 'home
+directory' foo)..."
+usermod -d 'home
+directory' foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config.txt b/tests/usertools/41_usermod_-d_invalid_shell/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/41_usermod_-d_invalid_shell/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config/etc/default/useradd b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config/etc/group b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config/etc/gshadow b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config/etc/passwd b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/41_usermod_-d_invalid_shell/config/etc/shadow b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/41_usermod_-d_invalid_shell/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/41_usermod_-d_invalid_shell/data/usermod.err b/tests/usertools/41_usermod_-d_invalid_shell/data/usermod.err
new file mode 100644
index 0000000..b105c0e
--- /dev/null
+++ b/tests/usertools/41_usermod_-d_invalid_shell/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid field 'sh:ell'
diff --git a/tests/usertools/41_usermod_-d_invalid_shell/usermod.test b/tests/usertools/41_usermod_-d_invalid_shell/usermod.test
new file mode 100755
index 0000000..44ce22b
--- /dev/null
+++ b/tests/usertools/41_usermod_-d_invalid_shell/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks validity of -s argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change to and invalid shell (usermod -s 'sh:ell' foo)..."
+usermod -s 'sh:ell' foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config.txt b/tests/usertools/42_usermod_-g_invalid_group_name/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/42_usermod_-g_invalid_group_name/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/default/useradd b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/group b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/gshadow b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/passwd b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/shadow b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/42_usermod_-g_invalid_group_name/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/data/usermod.err b/tests/usertools/42_usermod_-g_invalid_group_name/data/usermod.err
new file mode 100644
index 0000000..dbd9dc7
--- /dev/null
+++ b/tests/usertools/42_usermod_-g_invalid_group_name/data/usermod.err
@@ -0,0 +1 @@
+usermod: group 'fooinvalid' does not exist
diff --git a/tests/usertools/42_usermod_-g_invalid_group_name/usermod.test b/tests/usertools/42_usermod_-g_invalid_group_name/usermod.test
new file mode 100755
index 0000000..22fd107
--- /dev/null
+++ b/tests/usertools/42_usermod_-g_invalid_group_name/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks existence of the specified primary group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change to and invalid shell (usermod -g 'fooinvalid' foo)..."
+usermod -g 'fooinvalid' foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config.txt b/tests/usertools/43_usermod_-g_invalid_group_ID/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/default/useradd b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/group b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/gshadow b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/passwd b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/shadow b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/43_usermod_-g_invalid_group_ID/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/data/usermod.err b/tests/usertools/43_usermod_-g_invalid_group_ID/data/usermod.err
new file mode 100644
index 0000000..82d3de6
--- /dev/null
+++ b/tests/usertools/43_usermod_-g_invalid_group_ID/data/usermod.err
@@ -0,0 +1 @@
+usermod: group '12345' does not exist
diff --git a/tests/usertools/43_usermod_-g_invalid_group_ID/usermod.test b/tests/usertools/43_usermod_-g_invalid_group_ID/usermod.test
new file mode 100755
index 0000000..5d60cef
--- /dev/null
+++ b/tests/usertools/43_usermod_-g_invalid_group_ID/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks existence of the specified primary group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change to and invalid shell (usermod -g 12345 foo)..."
+usermod -g 12345 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/44_usermod-l_existing_username/config.txt b/tests/usertools/44_usermod-l_existing_username/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/44_usermod-l_existing_username/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/44_usermod-l_existing_username/config/etc/default/useradd b/tests/usertools/44_usermod-l_existing_username/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/44_usermod-l_existing_username/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/44_usermod-l_existing_username/config/etc/group b/tests/usertools/44_usermod-l_existing_username/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/44_usermod-l_existing_username/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/44_usermod-l_existing_username/config/etc/gshadow b/tests/usertools/44_usermod-l_existing_username/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/44_usermod-l_existing_username/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/44_usermod-l_existing_username/config/etc/passwd b/tests/usertools/44_usermod-l_existing_username/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/44_usermod-l_existing_username/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/44_usermod-l_existing_username/config/etc/shadow b/tests/usertools/44_usermod-l_existing_username/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/44_usermod-l_existing_username/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/44_usermod-l_existing_username/data/usermod.err b/tests/usertools/44_usermod-l_existing_username/data/usermod.err
new file mode 100644
index 0000000..895463e
--- /dev/null
+++ b/tests/usertools/44_usermod-l_existing_username/data/usermod.err
@@ -0,0 +1 @@
+usermod: user 'foo2' already exists
diff --git a/tests/usertools/44_usermod-l_existing_username/usermod.test b/tests/usertools/44_usermod-l_existing_username/usermod.test
new file mode 100755
index 0000000..f3cbf15
--- /dev/null
+++ b/tests/usertools/44_usermod-l_existing_username/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod tests if the new username is already used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's name (usermod -l foo2 foo)..."
+usermod -l foo2 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "9"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config.txt b/tests/usertools/45_usermod-l_existing_username_passwd/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/45_usermod-l_existing_username_passwd/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/default/useradd b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/group b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/gshadow b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/passwd b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/shadow b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/shadow
new file mode 100644
index 0000000..7d2cc65
--- /dev/null
+++ b/tests/usertools/45_usermod-l_existing_username_passwd/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo3:!:12977:0:99999:7:::
diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/data/usermod.err b/tests/usertools/45_usermod-l_existing_username_passwd/data/usermod.err
new file mode 100644
index 0000000..895463e
--- /dev/null
+++ b/tests/usertools/45_usermod-l_existing_username_passwd/data/usermod.err
@@ -0,0 +1 @@
+usermod: user 'foo2' already exists
diff --git a/tests/usertools/45_usermod-l_existing_username_passwd/usermod.test b/tests/usertools/45_usermod-l_existing_username_passwd/usermod.test
new file mode 100755
index 0000000..f3cbf15
--- /dev/null
+++ b/tests/usertools/45_usermod-l_existing_username_passwd/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod tests if the new username is already used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's name (usermod -l foo2 foo)..."
+usermod -l foo2 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "9"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config.txt b/tests/usertools/46_usermod-l_existing_username_shadow/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/46_usermod-l_existing_username_shadow/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/default/useradd b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/group b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/gshadow b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/passwd b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/passwd
new file mode 100644
index 0000000..92eddca
--- /dev/null
+++ b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo3:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/shadow b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/46_usermod-l_existing_username_shadow/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/data/usermod.err b/tests/usertools/46_usermod-l_existing_username_shadow/data/usermod.err
new file mode 100644
index 0000000..16ef5fc
--- /dev/null
+++ b/tests/usertools/46_usermod-l_existing_username_shadow/data/usermod.err
@@ -0,0 +1 @@
+usermod: user 'foo2' already exists in /etc/shadow
diff --git a/tests/usertools/46_usermod-l_existing_username_shadow/usermod.test b/tests/usertools/46_usermod-l_existing_username_shadow/usermod.test
new file mode 100755
index 0000000..f3cbf15
--- /dev/null
+++ b/tests/usertools/46_usermod-l_existing_username_shadow/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod tests if the new username is already used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's name (usermod -l foo2 foo)..."
+usermod -l foo2 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "9"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config.txt b/tests/usertools/47_usermod-l_no_shadow_file/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config/etc/default/useradd b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config/etc/group b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config/etc/gshadow b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config/etc/passwd b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/config/etc/shadow b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/data/group b/tests/usertools/47_usermod-l_no_shadow_file/data/group
new file mode 100644
index 0000000..730e4dd
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo2
+tty:x:5:
+disk:x:6:
+lp:x:7:root,foo2
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo2
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo2
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo2
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/data/gshadow b/tests/usertools/47_usermod-l_no_shadow_file/data/gshadow
new file mode 100644
index 0000000..af81c09
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo2
+tty:*::foo2
+disk:*:foo2:
+lp:*::root,foo2
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo2:foo2
+voice:*::
+cdrom:*:foo2:foo2
+floppy:*::foo2
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/data/passwd b/tests/usertools/47_usermod-l_no_shadow_file/data/passwd
new file mode 100644
index 0000000..f542fb0
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/47_usermod-l_no_shadow_file/usermod.test b/tests/usertools/47_usermod-l_no_shadow_file/usermod.test
new file mode 100755
index 0000000..46bdc57
--- /dev/null
+++ b/tests/usertools/47_usermod-l_no_shadow_file/usermod.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod does not require a shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "done"
+
+echo -n "Change the user's name (usermod -l foo2 foo)..."
+usermod -l foo2 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config.txt b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/default/useradd b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/group b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/gshadow b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/passwd b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/passwd
new file mode 100644
index 0000000..9ae1f6f
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1000:::/bin/false
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/shadow b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/group b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/passwd b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/passwd
new file mode 100644
index 0000000..6b6522f
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1000:::/bin/false
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/shadow b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/userdel.err b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/userdel.err
new file mode 100644
index 0000000..157a8fc
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/data/userdel.err
@@ -0,0 +1 @@
+userdel: group foo is the primary group of another user and is not removed.
diff --git a/tests/usertools/48_userdel_keep_group_if_primary_other_user/userdel.test b/tests/usertools/48_userdel_keep_group_if_primary_other_user/userdel.test
new file mode 100755
index 0000000..750780e
--- /dev/null
+++ b/tests/usertools/48_userdel_keep_group_if_primary_other_user/userdel.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel does not remove the user's group if it is still used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user test1 (userdel foo)..."
+userdel foo 2>tmp/userdel.err
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/49_userdel_delete_users_group/config.txt b/tests/usertools/49_userdel_delete_users_group/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/49_userdel_delete_users_group/config/etc/default/useradd b/tests/usertools/49_userdel_delete_users_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/49_userdel_delete_users_group/config/etc/group b/tests/usertools/49_userdel_delete_users_group/config/etc/group
new file mode 100644
index 0000000..ac82d7f
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/49_userdel_delete_users_group/config/etc/gshadow b/tests/usertools/49_userdel_delete_users_group/config/etc/gshadow
new file mode 100644
index 0000000..a526819
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/49_userdel_delete_users_group/config/etc/passwd b/tests/usertools/49_userdel_delete_users_group/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/49_userdel_delete_users_group/config/etc/shadow b/tests/usertools/49_userdel_delete_users_group/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/49_userdel_delete_users_group/data/group b/tests/usertools/49_userdel_delete_users_group/data/group
new file mode 100644
index 0000000..4b6a079
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo2:x:1001:
diff --git a/tests/usertools/49_userdel_delete_users_group/data/gshadow b/tests/usertools/49_userdel_delete_users_group/data/gshadow
new file mode 100644
index 0000000..08d25a2
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo2:*::
diff --git a/tests/usertools/49_userdel_delete_users_group/data/passwd b/tests/usertools/49_userdel_delete_users_group/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/49_userdel_delete_users_group/data/shadow b/tests/usertools/49_userdel_delete_users_group/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/49_userdel_delete_users_group/userdel.test b/tests/usertools/49_userdel_delete_users_group/userdel.test
new file mode 100755
index 0000000..90e7afc
--- /dev/null
+++ b/tests/usertools/49_userdel_delete_users_group/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel does not remove the user's group if it is still used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user test1 (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config.txt b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/default/useradd b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/group b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/group
new file mode 100644
index 0000000..ac82d7f
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/gshadow b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/gshadow
new file mode 100644
index 0000000..9fdfaa0
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo3:*::
+foo2:*::
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/passwd b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/shadow b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/group b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/group
new file mode 100644
index 0000000..4b6a079
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo2:x:1001:
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/passwd b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/shadow b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/userdel.test b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/userdel.test
new file mode 100755
index 0000000..4293f27
--- /dev/null
+++ b/tests/usertools/50_userdel_delete_users_group_no_gshadow_group/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel remove the user's group even if it does not exist in gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user test1 (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config.txt b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/default/useradd b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/group b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..ac82d7f
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/gshadow b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..9fdfaa0
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo3:*::
+foo2:*::
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/passwd b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/shadow b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/group b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/group
new file mode 100644
index 0000000..4b6a079
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo2:x:1001:
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/passwd b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/shadow b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/userdel.test b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/userdel.test
new file mode 100755
index 0000000..72cd32f
--- /dev/null
+++ b/tests/usertools/51_userdel_delete_users_group_no_gshadow_file/userdel.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel remove the user's group even if it does not exist in gshadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete /etc/gshadow..."
+rm -f /etc/gshadow
+echo "done"
+
+echo -n "Delete user test1 (userdel foo)..."
+userdel foo
+echo "OK"
+
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config.txt b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/default/useradd b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/group b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..ac82d7f
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/gshadow b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..a526819
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/passwd b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/shadow b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..2c64068
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo3:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/group b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/group
new file mode 100644
index 0000000..4b6a079
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo2:x:1001:
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/gshadow b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/gshadow
new file mode 100644
index 0000000..08d25a2
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo2:*::
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/passwd b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/52_userdel_delete_user_no_shadow_entry/userdel.test b/tests/usertools/52_userdel_delete_user_no_shadow_entry/userdel.test
new file mode 100755
index 0000000..244adc9
--- /dev/null
+++ b/tests/usertools/52_userdel_delete_user_no_shadow_entry/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel accepts when the user has no shadow entry"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config.txt b/tests/usertools/53_userdel_delete_user_no_shadow_file/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/default/useradd b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/group b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..ac82d7f
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/gshadow b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..a526819
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/passwd b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/shadow b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..2c64068
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo3:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/data/group b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/group
new file mode 100644
index 0000000..4b6a079
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo2:x:1001:
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/data/gshadow b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/gshadow
new file mode 100644
index 0000000..08d25a2
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo2:*::
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/data/passwd b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/53_userdel_delete_user_no_shadow_file/userdel.test b/tests/usertools/53_userdel_delete_user_no_shadow_file/userdel.test
new file mode 100755
index 0000000..26bc485
--- /dev/null
+++ b/tests/usertools/53_userdel_delete_user_no_shadow_file/userdel.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel accepts when the user is not is shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Delete user test1 (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config.txt b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config.txt
new file mode 100644
index 0000000..93534c3
--- /dev/null
+++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config.txt
@@ -0,0 +1 @@
+user foo exists.
diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/default/useradd b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/group b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/group
new file mode 100644
index 0000000..feb1bca
--- /dev/null
+++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/gshadow b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/gshadow
new file mode 100644
index 0000000..5f131b1
--- /dev/null
+++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/passwd b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/passwd
new file mode 100644
index 0000000..6d87df1
--- /dev/null
+++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+foo2:x:1001:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/shadow b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/data/usermod.err b/tests/usertools/54_usermod-u_invalid_UID_4294967295/data/usermod.err
new file mode 100644
index 0000000..862ad44
--- /dev/null
+++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid user ID '4294967295'
diff --git a/tests/usertools/54_usermod-u_invalid_UID_4294967295/usermod.test b/tests/usertools/54_usermod-u_invalid_UID_4294967295/usermod.test
new file mode 100755
index 0000000..0872846
--- /dev/null
+++ b/tests/usertools/54_usermod-u_invalid_UID_4294967295/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "usermod checks if the uid is valid"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's UID (usermod -u 4294967295 foo)..."
+usermod -u 4294967295 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "error message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/55_userdel_busy_user/config.txt b/tests/usertools/55_userdel_busy_user/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/55_userdel_busy_user/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/55_userdel_busy_user/config/etc/default/useradd b/tests/usertools/55_userdel_busy_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/55_userdel_busy_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/55_userdel_busy_user/config/etc/group b/tests/usertools/55_userdel_busy_user/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/55_userdel_busy_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/55_userdel_busy_user/config/etc/gshadow b/tests/usertools/55_userdel_busy_user/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/55_userdel_busy_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/55_userdel_busy_user/config/etc/passwd b/tests/usertools/55_userdel_busy_user/config/etc/passwd
new file mode 100644
index 0000000..82223ff
--- /dev/null
+++ b/tests/usertools/55_userdel_busy_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/bash
diff --git a/tests/usertools/55_userdel_busy_user/config/etc/shadow b/tests/usertools/55_userdel_busy_user/config/etc/shadow
new file mode 100644
index 0000000..23ff0c0
--- /dev/null
+++ b/tests/usertools/55_userdel_busy_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12977:0:99999:7:::
diff --git a/tests/usertools/55_userdel_busy_user/data/userdel.err b/tests/usertools/55_userdel_busy_user/data/userdel.err
new file mode 100644
index 0000000..860d096
--- /dev/null
+++ b/tests/usertools/55_userdel_busy_user/data/userdel.err
@@ -0,0 +1 @@
+userdel: user foo is currently used by process <PID>
diff --git a/tests/usertools/55_userdel_busy_user/userdel.test b/tests/usertools/55_userdel_busy_user/userdel.test
new file mode 100755
index 0000000..45d6e3f
--- /dev/null
+++ b/tests/usertools/55_userdel_busy_user/userdel.test
@@ -0,0 +1,68 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel accepts when the user is not is shadow"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; kill $pid' 0
+
+change_config
+
+echo -n "Create a process for foo (su -l foo -c \"sleep 10\")..."
+su -l foo -c "sleep 10" 2>/dev/null &
+echo "OK"
+
+# Make sure su was started.
+sleep 1
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo 2>tmp/userdel.err && exit 1 || {
+	ps=$(echo $! $?)
+	pid=$(echo $ps | cut -f1 -d' ')
+	status=$(echo $ps | cut -f2 -d' ')
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "8"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+sed -i -e "s/ [0-9]*$/ <PID>/" tmp/userdel.err
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+
+kill $pid || true
+wait || true
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/56_userdel_locked_passwd/config.txt b/tests/usertools/56_userdel_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/56_userdel_locked_passwd/config.txt
diff --git a/tests/usertools/56_userdel_locked_passwd/config/etc/default/useradd b/tests/usertools/56_userdel_locked_passwd/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/56_userdel_locked_passwd/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/56_userdel_locked_passwd/config/etc/group b/tests/usertools/56_userdel_locked_passwd/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/56_userdel_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/56_userdel_locked_passwd/config/etc/gshadow b/tests/usertools/56_userdel_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/56_userdel_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/56_userdel_locked_passwd/config/etc/passwd b/tests/usertools/56_userdel_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/56_userdel_locked_passwd/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/56_userdel_locked_passwd/config/etc/shadow b/tests/usertools/56_userdel_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/56_userdel_locked_passwd/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/56_userdel_locked_passwd/data/userdel.err b/tests/usertools/56_userdel_locked_passwd/data/userdel.err
new file mode 100644
index 0000000..183acb4
--- /dev/null
+++ b/tests/usertools/56_userdel_locked_passwd/data/userdel.err
@@ -0,0 +1,2 @@
+userdel: existing lock file /etc/passwd.lock without a PID
+userdel: cannot lock /etc/passwd; try again later.
diff --git a/tests/usertools/56_userdel_locked_passwd/userdel.test b/tests/usertools/56_userdel_locked_passwd/userdel.test
new file mode 100755
index 0000000..af186a9
--- /dev/null
+++ b/tests/usertools/56_userdel_locked_passwd/userdel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel checks if the passwd file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/57_userdel_locked_group/config.txt b/tests/usertools/57_userdel_locked_group/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/57_userdel_locked_group/config.txt
diff --git a/tests/usertools/57_userdel_locked_group/config/etc/default/useradd b/tests/usertools/57_userdel_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/57_userdel_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/57_userdel_locked_group/config/etc/group b/tests/usertools/57_userdel_locked_group/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/57_userdel_locked_group/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/57_userdel_locked_group/config/etc/gshadow b/tests/usertools/57_userdel_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/57_userdel_locked_group/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/57_userdel_locked_group/config/etc/passwd b/tests/usertools/57_userdel_locked_group/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/57_userdel_locked_group/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/57_userdel_locked_group/config/etc/shadow b/tests/usertools/57_userdel_locked_group/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/57_userdel_locked_group/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/57_userdel_locked_group/data/userdel.err b/tests/usertools/57_userdel_locked_group/data/userdel.err
new file mode 100644
index 0000000..1e947b2
--- /dev/null
+++ b/tests/usertools/57_userdel_locked_group/data/userdel.err
@@ -0,0 +1,2 @@
+userdel: existing lock file /etc/group.lock without a PID
+userdel: cannot lock /etc/group; try again later.
diff --git a/tests/usertools/57_userdel_locked_group/userdel.test b/tests/usertools/57_userdel_locked_group/userdel.test
new file mode 100755
index 0000000..01e8c8c
--- /dev/null
+++ b/tests/usertools/57_userdel_locked_group/userdel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/58_userdel_locked_shadow/config.txt b/tests/usertools/58_userdel_locked_shadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/58_userdel_locked_shadow/config.txt
diff --git a/tests/usertools/58_userdel_locked_shadow/config/etc/default/useradd b/tests/usertools/58_userdel_locked_shadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/58_userdel_locked_shadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/58_userdel_locked_shadow/config/etc/group b/tests/usertools/58_userdel_locked_shadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/58_userdel_locked_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/58_userdel_locked_shadow/config/etc/gshadow b/tests/usertools/58_userdel_locked_shadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/58_userdel_locked_shadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/58_userdel_locked_shadow/config/etc/passwd b/tests/usertools/58_userdel_locked_shadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/58_userdel_locked_shadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/58_userdel_locked_shadow/config/etc/shadow b/tests/usertools/58_userdel_locked_shadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/58_userdel_locked_shadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/58_userdel_locked_shadow/data/userdel.err b/tests/usertools/58_userdel_locked_shadow/data/userdel.err
new file mode 100644
index 0000000..324b9ec
--- /dev/null
+++ b/tests/usertools/58_userdel_locked_shadow/data/userdel.err
@@ -0,0 +1,2 @@
+userdel: existing lock file /etc/shadow.lock without a PID
+userdel: cannot lock /etc/shadow; try again later.
diff --git a/tests/usertools/58_userdel_locked_shadow/userdel.test b/tests/usertools/58_userdel_locked_shadow/userdel.test
new file mode 100755
index 0000000..54acf61
--- /dev/null
+++ b/tests/usertools/58_userdel_locked_shadow/userdel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel checks if the shadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/shadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/59_userdel_locked_gshadow/config.txt b/tests/usertools/59_userdel_locked_gshadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/59_userdel_locked_gshadow/config.txt
diff --git a/tests/usertools/59_userdel_locked_gshadow/config/etc/default/useradd b/tests/usertools/59_userdel_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/59_userdel_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/59_userdel_locked_gshadow/config/etc/group b/tests/usertools/59_userdel_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/59_userdel_locked_gshadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/59_userdel_locked_gshadow/config/etc/gshadow b/tests/usertools/59_userdel_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/59_userdel_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/59_userdel_locked_gshadow/config/etc/passwd b/tests/usertools/59_userdel_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/59_userdel_locked_gshadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/59_userdel_locked_gshadow/config/etc/shadow b/tests/usertools/59_userdel_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/59_userdel_locked_gshadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/59_userdel_locked_gshadow/data/userdel.err b/tests/usertools/59_userdel_locked_gshadow/data/userdel.err
new file mode 100644
index 0000000..7a56771
--- /dev/null
+++ b/tests/usertools/59_userdel_locked_gshadow/data/userdel.err
@@ -0,0 +1,2 @@
+userdel: existing lock file /etc/gshadow.lock without a PID
+userdel: cannot lock /etc/gshadow; try again later.
diff --git a/tests/usertools/59_userdel_locked_gshadow/userdel.test b/tests/usertools/59_userdel_locked_gshadow/userdel.test
new file mode 100755
index 0000000..97993b9
--- /dev/null
+++ b/tests/usertools/59_userdel_locked_gshadow/userdel.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/60_userdel_invalid_user/config.txt b/tests/usertools/60_userdel_invalid_user/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/60_userdel_invalid_user/config.txt
diff --git a/tests/usertools/60_userdel_invalid_user/config/etc/default/useradd b/tests/usertools/60_userdel_invalid_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/60_userdel_invalid_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/60_userdel_invalid_user/config/etc/group b/tests/usertools/60_userdel_invalid_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/60_userdel_invalid_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/60_userdel_invalid_user/config/etc/gshadow b/tests/usertools/60_userdel_invalid_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/60_userdel_invalid_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/60_userdel_invalid_user/config/etc/passwd b/tests/usertools/60_userdel_invalid_user/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/60_userdel_invalid_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/60_userdel_invalid_user/config/etc/shadow b/tests/usertools/60_userdel_invalid_user/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/60_userdel_invalid_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/60_userdel_invalid_user/data/userdel.err b/tests/usertools/60_userdel_invalid_user/data/userdel.err
new file mode 100644
index 0000000..97598b9
--- /dev/null
+++ b/tests/usertools/60_userdel_invalid_user/data/userdel.err
@@ -0,0 +1 @@
+userdel: user 'fooo' does not exist
diff --git a/tests/usertools/60_userdel_invalid_user/userdel.test b/tests/usertools/60_userdel_invalid_user/userdel.test
new file mode 100755
index 0000000..b070736
--- /dev/null
+++ b/tests/usertools/60_userdel_invalid_user/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel checks if the user exists"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user fooo (userdel fooo)..."
+userdel fooo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config.txt b/tests/usertools/61_userdel_del_homedir_with_symlinks/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/default/useradd b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/group b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/gshadow b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/passwd b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/shadow b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/data/group b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/data/gshadow b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/data/passwd b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/data/shadow b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/data/userdel.err b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/userdel.err
new file mode 100644
index 0000000..5d7b44f
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/data/userdel.err
@@ -0,0 +1 @@
+userdel: foo mail spool (/var/mail/foo) not found
diff --git a/tests/usertools/61_userdel_del_homedir_with_symlinks/userdel.test b/tests/usertools/61_userdel_del_homedir_with_symlinks/userdel.test
new file mode 100755
index 0000000..a123ccb
--- /dev/null
+++ b/tests/usertools/61_userdel_del_homedir_with_symlinks/userdel.test
@@ -0,0 +1,70 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../common/config.sh
+. ../../common/log.sh
+
+log_start "$0" "userdel delete links, but not the pointed file/directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+mkdir /home/foo
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo' 0
+mkdir /home/bar
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/bar' 0
+touch /home/baz
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/bar /home/baz' 0
+echo toto > /home/foo/toto
+ln -s /home/bar /home/foo/bar
+ln -s /home/baz /home/foo/baz
+chown -R foo:foo /home/foo /home/bar /home/baz
+
+echo -n "Delete user foo (userdel -r foo)..."
+userdel -r foo 2>tmp/userdel.err
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check the userdel message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "userdel message OK."
+rm -f tmp/userdel.err
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was removed..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check that directory pointed from a foo's link is not removed..."
+test -d /home/bar
+echo "OK"
+echo -n "Check that file pointed from a foo's link is not removed..."
+test -f /home/baz
+echo "OK"
+rm -rf /home/bar /home/baz
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/chpasswd.test b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/chpasswd.test
new file mode 100755
index 0000000..519d0a2
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/chpasswd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd fails if an user does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody, lp, and foooo's password..."
+echo 'nobody:test
+lp:test2
+foooo:test3' | chpasswd 2>tmp/chpasswd.err && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/group b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/gshadow b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/common-password
new file mode 100644
index 0000000..07f3f1d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/passwd b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/shadow b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/chpasswd.err b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/chpasswd.err
new file mode 100644
index 0000000..8a3011f
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/chpasswd.err
@@ -0,0 +1,3 @@
+chpasswd: (user foooo) pam_chauthtok() failed, error:
+Authentication token manipulation error
+chpasswd: (line 3, user foooo) password not changed
diff --git a/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/shadow b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/shadow
new file mode 100644
index 0000000..cb54856
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/01_chpasswd_invalid_user/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_MD5 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/chpasswd.test b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/chpasswd.test
new file mode 100755
index 0000000..c036205
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can change the password of multiple users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/group b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/gshadow b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/passwd b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/shadow b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/data/shadow b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/data/shadow
new file mode 100644
index 0000000..d69c00c
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/02_chpasswd_multiple_users/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_DES test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/chpasswd.test b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/chpasswd.test
new file mode 100755
index 0000000..fb915a1
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/chpasswd.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd file if shadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check that shadow does not exist..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/group b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/gshadow b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/common-password
new file mode 100644
index 0000000..07f3f1d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/passwd b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..bd03706
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:bar:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:foo:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/shadow b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/data/passwd b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/data/passwd
new file mode 100644
index 0000000..36fa602
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/03_chpasswd_no_shadow_file/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:@PASS_MD5 test2@:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:@PASS_MD5 test@:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/chpasswd.test b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/chpasswd.test
new file mode 100755
index 0000000..2660213
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/chpasswd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd entry if there are no shadow entries"
+# FIXME: The PAM and !PAM versions differs:
+# PAM will create a shadow entry if the shadow file exists
+# !PAM will update the passwd entry and leave the shadow file untouched
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/group b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/gshadow b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..54dc57e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,40 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/passwd b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/shadow b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..f4f74a5
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,18 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/data/shadow b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..090d61a
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/04_chpasswd_no_shadow_entry/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+lp:@PASS_DES test2@:@TODAY@::::::
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/chpasswd.test b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/chpasswd.test
new file mode 100755
index 0000000..5760ca5
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/chpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd fails if no password are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp' | chpasswd 2>tmp/chpasswd.err && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/group b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/gshadow b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/common-password
new file mode 100644
index 0000000..07f3f1d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/passwd b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/shadow b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/chpasswd.err b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/chpasswd.err
new file mode 100644
index 0000000..a02b7d6
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/chpasswd.err
@@ -0,0 +1 @@
+chpasswd: line 2: missing new password
diff --git a/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/shadow b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/shadow
new file mode 100644
index 0000000..658661b
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/05_chpasswd_error_no_password/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test
new file mode 100755
index 0000000..fda6230
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/chpasswd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get chpasswd usage (chpasswd -h)..."
+chpasswd -h >tmp/usage.out
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config.txt b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/group b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/gshadow b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/passwd b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/shadow b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/06_chpasswd_usage/data/usage.out b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/data/usage.out
new file mode 100644
index 0000000..59c8b35
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/06_chpasswd_usage/data/usage.out
@@ -0,0 +1,12 @@
+Usage: chpasswd [options]
+
+Options:
+  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -e, --encrypted               supplied passwords are encrypted
+  -h, --help                    display this help message and exit
+  -m, --md5                     encrypt the clear text password using
+                                the MD5 algorithm
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test
new file mode 100755
index 0000000..f75e674
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/chpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd displays its usage message in case on non recognized option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get chpasswd usage (chpasswd --foo)..."
+chpasswd --foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config.txt b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/group b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/gshadow b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/passwd b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/shadow b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/data/usage.out b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/data/usage.out
new file mode 100644
index 0000000..4e26b6d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/07_chpasswd_usage_bad_option/data/usage.out
@@ -0,0 +1,13 @@
+chpasswd: unrecognized option '--foo'
+Usage: chpasswd [options]
+
+Options:
+  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -e, --encrypted               supplied passwords are encrypted
+  -h, --help                    display this help message and exit
+  -m, --md5                     encrypt the clear text password using
+                                the MD5 algorithm
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test
new file mode 100755
index 0000000..ecfbb20
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/chpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks that -e and -m are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password are encrypted and must use md5 (chpasswd -m -e)..."
+echo 'nobody:test' | chpasswd -m -e 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config.txt b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/group b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/gshadow b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/passwd b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/shadow b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/data/usage.out b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/data/usage.out
new file mode 100644
index 0000000..799c8dd
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/08_chpasswd_usage-e-m_exclusive/data/usage.out
@@ -0,0 +1,13 @@
+chpasswd: the -c, -e, and -m flags are exclusive
+Usage: chpasswd [options]
+
+Options:
+  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -e, --encrypted               supplied passwords are encrypted
+  -h, --help                    display this help message and exit
+  -m, --md5                     encrypt the clear text password using
+                                the MD5 algorithm
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test
new file mode 100755
index 0000000..ab5deec
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/chpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks that -e and -c are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password are encrypted and must use another method (chpasswd -c SHA512 -e)..."
+echo 'nobody:test' | chpasswd -c SHA512 -e 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config.txt b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/group b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/gshadow b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/passwd b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/shadow b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/data/usage.out b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/data/usage.out
new file mode 100644
index 0000000..799c8dd
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/09_chpasswd_usage-e-c_exclusive/data/usage.out
@@ -0,0 +1,13 @@
+chpasswd: the -c, -e, and -m flags are exclusive
+Usage: chpasswd [options]
+
+Options:
+  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -e, --encrypted               supplied passwords are encrypted
+  -h, --help                    display this help message and exit
+  -m, --md5                     encrypt the clear text password using
+                                the MD5 algorithm
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test
new file mode 100755
index 0000000..fe2bbd7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/chpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks that -c and -m are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password must use md5 and another method (chpasswd -m -c SHA256)..."
+echo 'nobody:test' | chpasswd -m -c SHA256 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config.txt b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/group b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/gshadow b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/passwd b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/shadow b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/data/usage.out b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/data/usage.out
new file mode 100644
index 0000000..799c8dd
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/10_chpasswd_usage-m-c_exclusive/data/usage.out
@@ -0,0 +1,13 @@
+chpasswd: the -c, -e, and -m flags are exclusive
+Usage: chpasswd [options]
+
+Options:
+  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -e, --encrypted               supplied passwords are encrypted
+  -h, --help                    display this help message and exit
+  -m, --md5                     encrypt the clear text password using
+                                the MD5 algorithm
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test
new file mode 100755
index 0000000..29982fc
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/chpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks that -c is provided if -s is used"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password must use md5 and another method (chpasswd --sha-rounds 12)..."
+echo 'nobody:test' | chpasswd --sha-rounds 12 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config.txt b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/group b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/gshadow b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/passwd b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/shadow b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/data/usage.out b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/data/usage.out
new file mode 100644
index 0000000..ab133e2
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/11_chpasswd_usage-s_without-c/data/usage.out
@@ -0,0 +1,13 @@
+chpasswd: -s flag is only allowed with the -c flag
+Usage: chpasswd [options]
+
+Options:
+  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -e, --encrypted               supplied passwords are encrypted
+  -h, --help                    display this help message and exit
+  -m, --md5                     encrypt the clear text password using
+                                the MD5 algorithm
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test
new file mode 100755
index 0000000..1b478f9
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/chpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks the -s argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password must use md5 and another method (chpasswd --sha-rounds 12foo -c SHA512)..."
+echo 'nobody:test' | chpasswd --sha-rounds 12foo -c SHA512 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config.txt b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/group b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/gshadow b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/passwd b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/shadow b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/data/usage.out b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/data/usage.out
new file mode 100644
index 0000000..bcfcf6d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/12_chpasswd_usage-s_invalid/data/usage.out
@@ -0,0 +1,13 @@
+chpasswd: invalid numeric argument '12foo'
+Usage: chpasswd [options]
+
+Options:
+  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -e, --encrypted               supplied passwords are encrypted
+  -h, --help                    display this help message and exit
+  -m, --md5                     encrypt the clear text password using
+                                the MD5 algorithm
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test
new file mode 100755
index 0000000..a2f653c
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/chpasswd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks the -c argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Password must use md5 and another method (chpasswd --crypt-method SHA513)..."
+echo 'nobody:test' | chpasswd --crypt-method SHA513 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config.txt b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/group b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/gshadow b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/passwd b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/shadow b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/data/usage.out b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/data/usage.out
new file mode 100644
index 0000000..2c9e5aa
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/13_chpasswd_usage-c_invalid/data/usage.out
@@ -0,0 +1,13 @@
+chpasswd: unsupported crypt method: SHA513
+Usage: chpasswd [options]
+
+Options:
+  -c, --crypt-method METHOD     the crypt method (one of NONE DES MD5 SHA256 SHA512)
+  -e, --encrypted               supplied passwords are encrypted
+  -h, --help                    display this help message and exit
+  -m, --md5                     encrypt the clear text password using
+                                the MD5 algorithm
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --sha-rounds              number of SHA rounds for the SHA*
+                                crypt algorithms
+
diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/chpasswd.test b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/chpasswd.test
new file mode 100755
index 0000000..3591462
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use encrypted password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | chpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/group b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/gshadow b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/passwd b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/shadow b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/data/shadow b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/data/shadow
new file mode 100644
index 0000000..269ee68
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/14_chpasswd_password_encrypted/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:test2:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:test:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/chpasswd.test b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/chpasswd.test
new file mode 100755
index 0000000..534fb6f
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create md5 passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --md5)..."
+echo 'nobody:test
+lp:test2' | chpasswd --md5
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/group b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/gshadow b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/passwd b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/shadow b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/data/shadow b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/data/shadow
new file mode 100644
index 0000000..cb54856
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/15_chpasswd_password_md5/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_MD5 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/chpasswd.test b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/chpasswd.test
new file mode 100755
index 0000000..e7c1b4e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use encrypted passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd -c NONE)..."
+echo 'nobody:test
+lp:test2' | chpasswd -c NONE
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/group b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/gshadow b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/passwd b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/shadow b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/data/shadow b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/data/shadow
new file mode 100644
index 0000000..269ee68
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/16_chpasswd_password_NONE/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:test2:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:test:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/chpasswd.test b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/chpasswd.test
new file mode 100755
index 0000000..f7da2c6
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create MD5 passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --crypt-method MD5)..."
+echo 'nobody:test
+lp:test2' | chpasswd --crypt-method MD5
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/group b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/gshadow b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/passwd b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/shadow b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/data/shadow b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/data/shadow
new file mode 100644
index 0000000..cb54856
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/17_chpasswd_password_MD5/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_MD5 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_MD5 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/chpasswd.test b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/chpasswd.test
new file mode 100755
index 0000000..750b82f
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create DES passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --crypt-method DES)..."
+echo 'nobody:test
+lp:test2' | chpasswd --crypt-method DES
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/group b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/gshadow b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/passwd b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/shadow b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/data/shadow b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/data/shadow
new file mode 100644
index 0000000..d69c00c
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/18_chpasswd_password_DES/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_DES test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/chpasswd.test b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/chpasswd.test
new file mode 100755
index 0000000..56c67bf
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create SHA256 passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA256)..."
+echo 'nobody:test
+lp:test2' | chpasswd --crypt-method SHA256
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/group b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/gshadow b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/passwd b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/shadow b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/data/shadow b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/data/shadow
new file mode 100644
index 0000000..2705a06
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/19_chpasswd_password_SHA256/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA256 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/chpasswd.test b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/chpasswd.test
new file mode 100755
index 0000000..9a0b0d7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/chpasswd.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create SHA256 passwords and use at least 1000 rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA256 -s 900)..."
+echo 'nobody:test
+lp:test2' | chpasswd --crypt-method SHA256 -s 900
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+grep nobody /etc/shadow | grep -q ':\$5\$rounds=1000\$'
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/group b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/gshadow b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/passwd b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/shadow b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/data/shadow b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/data/shadow
new file mode 100644
index 0000000..2705a06
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/20_chpasswd_password_SHA256_rounds_900/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA256 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/chpasswd.test b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/chpasswd.test
new file mode 100755
index 0000000..6f5f586
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/chpasswd.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create SHA256 passwords and use the requested number of rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA256 -s 9000)..."
+echo 'nobody:test
+lp:test2' | chpasswd --crypt-method SHA256 -s 9000
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+grep nobody /etc/shadow | grep -q ':\$5\$rounds=9000\$'
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/group b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/gshadow b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/passwd b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/shadow b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/data/shadow b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/data/shadow
new file mode 100644
index 0000000..2705a06
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/21_chpasswd_password_SHA256_rounds_9000/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA256 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA256 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/chpasswd.test b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/chpasswd.test
new file mode 100755
index 0000000..856665f
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create SHA512 passwords"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA512)..."
+echo 'nobody:test
+lp:test2' | chpasswd --crypt-method SHA512
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/group b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/gshadow b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/passwd b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/shadow b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/data/shadow b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/data/shadow
new file mode 100644
index 0000000..83bc0c9
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/22_chpasswd_password_SHA512/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA512 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/chpasswd.test b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/chpasswd.test
new file mode 100755
index 0000000..4382ab5
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/chpasswd.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create SHA512 passwords and use at least 1000 rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA512 -s 900)..."
+echo 'nobody:test
+lp:test2' | chpasswd --crypt-method SHA512 -s 900
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+grep nobody /etc/shadow | grep -q ':\$6\$rounds=1000\$'
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/group b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/gshadow b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/passwd b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/shadow b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/data/shadow b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/data/shadow
new file mode 100644
index 0000000..83bc0c9
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/23_chpasswd_password_SHA512_rounds_900/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA512 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/chpasswd.test b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/chpasswd.test
new file mode 100755
index 0000000..f42c7be
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/chpasswd.test
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use create SHA512 passwords and use the requested number of rounds"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd --crypt-method SHA512 -s 9000)..."
+echo 'nobody:test
+lp:test2' | chpasswd --crypt-method SHA512 -s 9000
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+grep nobody /etc/shadow | grep -q ':\$6\$rounds=9000\$'
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/group b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/gshadow b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/passwd b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/shadow b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/data/shadow b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/data/shadow
new file mode 100644
index 0000000..83bc0c9
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/24_chpasswd_password_SHA512_rounds_9000/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA512 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/chpasswd.test b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/chpasswd.test
new file mode 100755
index 0000000..ce881e8
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/chpasswd.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd file if shadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check that shadow does not exist..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/group b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/gshadow b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/common-password
new file mode 100644
index 0000000..07f3f1d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/passwd b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/shadow b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/data/passwd b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/data/passwd
new file mode 100644
index 0000000..0489957
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/25_chpasswd-e_no_shadow_file/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:test2:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:test:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/chpasswd.test b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/chpasswd.test
new file mode 100755
index 0000000..7aa511e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/chpasswd.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd file if shadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd 2>tmp/chpasswd.err && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check that shadow does not exist..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/group b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/gshadow b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/common-password
new file mode 100644
index 0000000..07f3f1d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/passwd b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/shadow b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/data/chpasswd.err b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/data/chpasswd.err
new file mode 100644
index 0000000..498b5c8
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/26_chpasswd_no_shadow_file_invalid_passwd/data/chpasswd.err
@@ -0,0 +1,6 @@
+chpasswd: (user nobody) pam_chauthtok() failed, error:
+Authentication token manipulation error
+chpasswd: (line 1, user nobody) password not changed
+chpasswd: (user lp) pam_chauthtok() failed, error:
+Authentication token manipulation error
+chpasswd: (line 2, user lp) password not changed
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/chpasswd.test b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/chpasswd.test
new file mode 100755
index 0000000..0578c1f
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/chpasswd.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd file if shadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd 2>tmp/chpasswd.err && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check that shadow does not exist..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/group b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/gshadow b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/common-password
new file mode 100644
index 0000000..07f3f1d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/passwd b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/passwd
new file mode 100644
index 0000000..0d29119
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:foo:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/shadow b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/chpasswd.err b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/chpasswd.err
new file mode 100644
index 0000000..1381d0e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/chpasswd.err
@@ -0,0 +1,3 @@
+chpasswd: (user lp) pam_chauthtok() failed, error:
+Authentication token manipulation error
+chpasswd: (line 2, user lp) password not changed
diff --git a/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/passwd b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/passwd
new file mode 100644
index 0000000..9a44671
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/27_chpasswd_no_shadow_file_1st_invalid_passwd_entry/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:@PASS_MD5 test@:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/chpasswd.test b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/chpasswd.test
new file mode 100755
index 0000000..0578c1f
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/chpasswd.test
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd file if shadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd 2>tmp/chpasswd.err && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check that shadow does not exist..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/group b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/gshadow b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/common-password
new file mode 100644
index 0000000..07f3f1d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure md5
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/passwd b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/passwd
new file mode 100644
index 0000000..6ba390f
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:bar:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/shadow b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/chpasswd.err b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/chpasswd.err
new file mode 100644
index 0000000..9eb11ca
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/chpasswd.err
@@ -0,0 +1,3 @@
+chpasswd: (user nobody) pam_chauthtok() failed, error:
+Authentication token manipulation error
+chpasswd: (line 1, user nobody) password not changed
diff --git a/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/passwd b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/passwd
new file mode 100644
index 0000000..978ea44
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/28_chpasswd_no_shadow_file_2nd_invalid_passwd_entry/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:@PASS_MD5 test2@:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/chpasswd.test b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/chpasswd.test
new file mode 100755
index 0000000..c341285
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/chpasswd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd entry if there are no shadow entries"
+# FIXME: The PAM and !PAM versions differs:
+# PAM will create a shadow entry if the shadow file exists
+# !PAM will update the passwd entry and leave the shadow file untouched
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/group b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/gshadow b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..54dc57e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,40 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/passwd b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/shadow b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..f4f74a5
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,18 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/passwd b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/shadow b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..fcb19db
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/29_chpasswd-e_no_shadow_entry/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:test:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+lp:test2:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/chpasswd.test b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/chpasswd.test
new file mode 100755
index 0000000..a18f912
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/chpasswd.test
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks if the passwd file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Change passwords (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | chpasswd -e 2>tmp/chpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config.txt b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config.txt
diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/group b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/gshadow b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/passwd b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/shadow b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/data/chpasswd.err b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/data/chpasswd.err
new file mode 100644
index 0000000..468b8b6
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/30_chpasswd_locked_passwd/data/chpasswd.err
@@ -0,0 +1,2 @@
+chpasswd: existing lock file /etc/passwd.lock without a PID
+chpasswd: cannot lock /etc/passwd; try again later.
diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/chpasswd.test b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/chpasswd.test
new file mode 100755
index 0000000..3686758
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/chpasswd.test
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks if the shadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Change passwords (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | chpasswd -e 2>tmp/chpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/shadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config.txt b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config.txt
diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/group b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/gshadow b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/passwd b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/shadow b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/data/chpasswd.err b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/data/chpasswd.err
new file mode 100644
index 0000000..507310f
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/31_chpasswd_locked_shadow/data/chpasswd.err
@@ -0,0 +1,2 @@
+chpasswd: existing lock file /etc/shadow.lock without a PID
+chpasswd: cannot lock /etc/shadow; try again later.
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/chpasswd.test b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/chpasswd.test
new file mode 100755
index 0000000..05bf394
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/chpasswd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks that users exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chpasswd)..."
+echo 'nobody:test
+bar:bar2
+lp:test2' | chpasswd 2>tmp/chpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config.txt b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config.txt
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/group b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/gshadow b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/passwd b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/shadow b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/chpasswd.err b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/chpasswd.err
new file mode 100644
index 0000000..245a3b2
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/chpasswd.err
@@ -0,0 +1,3 @@
+chpasswd: (user bar) pam_chauthtok() failed, error:
+Authentication token manipulation error
+chpasswd: (line 2, user bar) password not changed
diff --git a/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/shadow b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/shadow
new file mode 100644
index 0000000..958f25b
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/32_chpasswd_invalid_user/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_SHA512 test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_SHA512 test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/chpasswd.test b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/chpasswd.test
new file mode 100755
index 0000000..05c6a31
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/chpasswd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd checks that users exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change passwords (chpasswd -e)..."
+echo 'nobody:test
+bar:bar2
+lp:test2' | chpasswd -e 2>tmp/chpasswd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config.txt b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config.txt
diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/default/useradd b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/group b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/gshadow b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/passwd b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/shadow b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/data/chpasswd.err b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/data/chpasswd.err
new file mode 100644
index 0000000..7182e70
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/33_chpasswd-e_invalid_user/data/chpasswd.err
@@ -0,0 +1,2 @@
+chpasswd: line 2: user 'bar' does not exist
+chpasswd: error detected, changes ignored
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/chpasswd.test b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/chpasswd.test
new file mode 100755
index 0000000..5e3bc03
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can use encrypted password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password (chpasswd -e)..."
+echo 'nobody:test
+lp:test2' | chpasswd -e
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/group b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/gshadow b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/chpasswd b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/chpasswd
new file mode 100644
index 0000000..552045e
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#
+# The PAM configuration file for the Shadow `chpasswd' service
+#
+
+@include common-password
+
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/common-password b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/common-password
new file mode 100644
index 0000000..06c59a7
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/pam.d/common-password
@@ -0,0 +1,33 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "md5" option enables MD5 passwords.  Without this option, the
+# default is Unix crypt.
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/passwd b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/passwd
new file mode 100644
index 0000000..5648ba0
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:oldpass:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/shadow b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/passwd b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/passwd
new file mode 100644
index 0000000..1ed98b3
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:test2:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/shadow b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/shadow
new file mode 100644
index 0000000..269ee68
--- /dev/null
+++ b/tests/usertools/chpasswd-PAM/34_chpasswd-e_password_shadow_and_passwd/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:test2:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:test:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/chpasswd.test b/tests/usertools/chpasswd/01_chpasswd_invalid_user/chpasswd.test
new file mode 100755
index 0000000..f1d09e9
--- /dev/null
+++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/chpasswd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd fails if an user does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody, lp, and foooo's password..."
+echo 'nobody:test
+lp:test2
+foooo:test3' | chpasswd 2>tmp/chpasswd.err && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/group b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/gshadow b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/login.defs b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/passwd b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/shadow b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd/01_chpasswd_invalid_user/data/chpasswd.err b/tests/usertools/chpasswd/01_chpasswd_invalid_user/data/chpasswd.err
new file mode 100644
index 0000000..3478c55
--- /dev/null
+++ b/tests/usertools/chpasswd/01_chpasswd_invalid_user/data/chpasswd.err
@@ -0,0 +1,2 @@
+chpasswd: line 3: user 'foooo' does not exist
+chpasswd: error detected, changes ignored
diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/chpasswd.test b/tests/usertools/chpasswd/02_chpasswd_multiple_users/chpasswd.test
new file mode 100755
index 0000000..c036205
--- /dev/null
+++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/chpasswd.test
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd can change the password of multiple users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/group b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/gshadow b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/login.defs b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/passwd b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/shadow b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd/02_chpasswd_multiple_users/data/shadow b/tests/usertools/chpasswd/02_chpasswd_multiple_users/data/shadow
new file mode 100644
index 0000000..d69c00c
--- /dev/null
+++ b/tests/usertools/chpasswd/02_chpasswd_multiple_users/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:@PASS_DES test2@:@TODAY@:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/chpasswd.test b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/chpasswd.test
new file mode 100755
index 0000000..fb915a1
--- /dev/null
+++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/chpasswd.test
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd file if shadow does not exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check that shadow does not exist..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/group b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/gshadow b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/login.defs b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/passwd b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/shadow b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/data/passwd b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/data/passwd
new file mode 100644
index 0000000..a9a8b92
--- /dev/null
+++ b/tests/usertools/chpasswd/03_chpasswd_no_shadow_file/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:@PASS_DES test2@:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:@PASS_DES test@:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/chpasswd.test b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/chpasswd.test
new file mode 100755
index 0000000..d97d8b5
--- /dev/null
+++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/chpasswd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd changes the passwd entry if there are no shadow entries"
+# FIXME: The PAM and !PAM versions differs:
+# PAM will create a shadow entry if the shadow file exists
+# !PAM will update the passwd entry and leave the shadow file untouched
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp:test2' | chpasswd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/group b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/gshadow b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..54dc57e
--- /dev/null
+++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,40 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/login.defs b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/passwd b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/shadow b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..f4f74a5
--- /dev/null
+++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,18 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/passwd b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..e7f6c7b
--- /dev/null
+++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:@PASS_DES test2@:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/shadow b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..8e10590
--- /dev/null
+++ b/tests/usertools/chpasswd/04_chpasswd_no_shadow_entry/data/shadow
@@ -0,0 +1,18 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:@PASS_DES test@:@TODAY@:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/chpasswd.test b/tests/usertools/chpasswd/05_chpasswd_error_no_password/chpasswd.test
new file mode 100755
index 0000000..005b7ba
--- /dev/null
+++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/chpasswd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "chpasswd fails if no password are provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change nobody's and lp's password..."
+echo 'nobody:test
+lp' | chpasswd 2>tmp/chpasswd.err && exit 1 || {
+        status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "chpasswd reported:"
+echo "======================================================================="
+cat tmp/chpasswd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/chpasswd.err tmp/chpasswd.err
+echo "error message OK."
+rm -f tmp/chpasswd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/group b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/gshadow b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/login.defs b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/login.defs
new file mode 100644
index 0000000..dff071c
--- /dev/null
+++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/login.defs
@@ -0,0 +1,318 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK usage is discouraged because it catches only some classes of user
+# entries to system, in fact only those made through login(1), while setting
+# umask in shell rc file will catch also logins through su, cron, ssh etc.
+#
+# At the same time, using shell rc to set umask won't catch entries which use
+# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
+# user and alike.
+#
+# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
+# as the solution which catches all these cases on PAM-enabled systems.
+# 
+# This avoids the confusion created by having the umask set
+# in two different places -- in login.defs and shell rc files (i.e.
+# /etc/profile).
+#
+# For discussion, see #314539 and #248150 as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+# 022 is the "historical" value in Debian for UMASK when it was used
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# This enables userdel to remove user groups if no members exist.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, thus in Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is used by chpasswd, gpasswd and newusers.
+#
+#MD5_CRYPT_ENAB	no
+ENCRYPT_METHOD DES
+#SHA_CRYPT_MIN_ROUNDS 5000
+#SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/passwd b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/shadow b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/chpasswd/05_chpasswd_error_no_password/data/chpasswd.err b/tests/usertools/chpasswd/05_chpasswd_error_no_password/data/chpasswd.err
new file mode 100644
index 0000000..afeef27
--- /dev/null
+++ b/tests/usertools/chpasswd/05_chpasswd_error_no_password/data/chpasswd.err
@@ -0,0 +1,2 @@
+chpasswd: line 2: missing new password
+chpasswd: error detected, changes ignored
diff --git a/tests/usertools/useradd/01_useradd_usage/config.txt b/tests/usertools/useradd/01_useradd_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/01_useradd_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/01_useradd_usage/config/etc/default/useradd b/tests/usertools/useradd/01_useradd_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/01_useradd_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/01_useradd_usage/config/etc/group b/tests/usertools/useradd/01_useradd_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/01_useradd_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/01_useradd_usage/config/etc/gshadow b/tests/usertools/useradd/01_useradd_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/01_useradd_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/01_useradd_usage/config/etc/passwd b/tests/usertools/useradd/01_useradd_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/01_useradd_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/01_useradd_usage/config/etc/shadow b/tests/usertools/useradd/01_useradd_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/01_useradd_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/01_useradd_usage/data/usage.out b/tests/usertools/useradd/01_useradd_usage/data/usage.out
new file mode 100644
index 0000000..b77a98a
--- /dev/null
+++ b/tests/usertools/useradd/01_useradd_usage/data/usage.out
@@ -0,0 +1,35 @@
+Usage: useradd [options] LOGIN
+       useradd -D
+       useradd -D [options]
+
+Options:
+  -b, --base-dir BASE_DIR       base directory for the home directory of the
+                                new account
+  -c, --comment COMMENT         GECOS field of the new account
+  -d, --home-dir HOME_DIR       home directory of the new account
+  -D, --defaults                print or change default useradd configuration
+  -e, --expiredate EXPIRE_DATE  expiration date of the new account
+  -f, --inactive INACTIVE       password inactivity period of the new account
+  -g, --gid GROUP               name or ID of the primary group of the new
+                                account
+  -G, --groups GROUPS           list of supplementary groups of the new
+                                account
+  -h, --help                    display this help message and exit
+  -k, --skel SKEL_DIR           use this alternative skeleton directory
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -l, --no-log-init             do not add the user to the lastlog and
+                                faillog databases
+  -m, --create-home             create the user's home directory
+  -M, --no-create-home          do not create the user's home directory
+  -N, --no-user-group           do not create a group with the same name as
+                                the user
+  -o, --non-unique              allow to create users with duplicate
+                                (non-unique) UID
+  -p, --password PASSWORD       encrypted password of the new account
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             login shell of the new account
+  -u, --uid UID                 user ID of the new account
+  -U, --user-group              create a group with the same name as the user
+  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/01_useradd_usage/useradd.test b/tests/usertools/useradd/01_useradd_usage/useradd.test
new file mode 100755
index 0000000..a7fe046
--- /dev/null
+++ b/tests/usertools/useradd/01_useradd_usage/useradd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get useradd usage (useradd -h)..."
+useradd -h >tmp/usage.out
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config.txt b/tests/usertools/useradd/02_useradd_usage_invalid_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/default/useradd b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/group b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/gshadow b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/passwd b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/shadow b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/data/usage.out b/tests/usertools/useradd/02_useradd_usage_invalid_option/data/usage.out
new file mode 100644
index 0000000..2efa134
--- /dev/null
+++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/data/usage.out
@@ -0,0 +1,36 @@
+useradd: unrecognized option '--foo'
+Usage: useradd [options] LOGIN
+       useradd -D
+       useradd -D [options]
+
+Options:
+  -b, --base-dir BASE_DIR       base directory for the home directory of the
+                                new account
+  -c, --comment COMMENT         GECOS field of the new account
+  -d, --home-dir HOME_DIR       home directory of the new account
+  -D, --defaults                print or change default useradd configuration
+  -e, --expiredate EXPIRE_DATE  expiration date of the new account
+  -f, --inactive INACTIVE       password inactivity period of the new account
+  -g, --gid GROUP               name or ID of the primary group of the new
+                                account
+  -G, --groups GROUPS           list of supplementary groups of the new
+                                account
+  -h, --help                    display this help message and exit
+  -k, --skel SKEL_DIR           use this alternative skeleton directory
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -l, --no-log-init             do not add the user to the lastlog and
+                                faillog databases
+  -m, --create-home             create the user's home directory
+  -M, --no-create-home          do not create the user's home directory
+  -N, --no-user-group           do not create a group with the same name as
+                                the user
+  -o, --non-unique              allow to create users with duplicate
+                                (non-unique) UID
+  -p, --password PASSWORD       encrypted password of the new account
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             login shell of the new account
+  -u, --uid UID                 user ID of the new account
+  -U, --user-group              create a group with the same name as the user
+  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/02_useradd_usage_invalid_option/useradd.test b/tests/usertools/useradd/02_useradd_usage_invalid_option/useradd.test
new file mode 100755
index 0000000..6711b26
--- /dev/null
+++ b/tests/usertools/useradd/02_useradd_usage_invalid_option/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd displays its usage message when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid option (useradd --foo)..."
+useradd --foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config.txt b/tests/usertools/useradd/03_useradd_usage_no_users/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/03_useradd_usage_no_users/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/default/useradd b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/group b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/gshadow b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/passwd b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/shadow b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/03_useradd_usage_no_users/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/data/usage.out b/tests/usertools/useradd/03_useradd_usage_no_users/data/usage.out
new file mode 100644
index 0000000..b77a98a
--- /dev/null
+++ b/tests/usertools/useradd/03_useradd_usage_no_users/data/usage.out
@@ -0,0 +1,35 @@
+Usage: useradd [options] LOGIN
+       useradd -D
+       useradd -D [options]
+
+Options:
+  -b, --base-dir BASE_DIR       base directory for the home directory of the
+                                new account
+  -c, --comment COMMENT         GECOS field of the new account
+  -d, --home-dir HOME_DIR       home directory of the new account
+  -D, --defaults                print or change default useradd configuration
+  -e, --expiredate EXPIRE_DATE  expiration date of the new account
+  -f, --inactive INACTIVE       password inactivity period of the new account
+  -g, --gid GROUP               name or ID of the primary group of the new
+                                account
+  -G, --groups GROUPS           list of supplementary groups of the new
+                                account
+  -h, --help                    display this help message and exit
+  -k, --skel SKEL_DIR           use this alternative skeleton directory
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -l, --no-log-init             do not add the user to the lastlog and
+                                faillog databases
+  -m, --create-home             create the user's home directory
+  -M, --no-create-home          do not create the user's home directory
+  -N, --no-user-group           do not create a group with the same name as
+                                the user
+  -o, --non-unique              allow to create users with duplicate
+                                (non-unique) UID
+  -p, --password PASSWORD       encrypted password of the new account
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             login shell of the new account
+  -u, --uid UID                 user ID of the new account
+  -U, --user-group              create a group with the same name as the user
+  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/03_useradd_usage_no_users/useradd.test b/tests/usertools/useradd/03_useradd_usage_no_users/useradd.test
new file mode 100755
index 0000000..fe178eb
--- /dev/null
+++ b/tests/usertools/useradd/03_useradd_usage_no_users/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd displays its usage message when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd without an user (useradd -f 12)..."
+useradd -f 12 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config.txt b/tests/usertools/useradd/04_useradd_usage_2_users/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/04_useradd_usage_2_users/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/default/useradd b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/group b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/gshadow b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/passwd b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/shadow b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/04_useradd_usage_2_users/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/data/usage.out b/tests/usertools/useradd/04_useradd_usage_2_users/data/usage.out
new file mode 100644
index 0000000..b77a98a
--- /dev/null
+++ b/tests/usertools/useradd/04_useradd_usage_2_users/data/usage.out
@@ -0,0 +1,35 @@
+Usage: useradd [options] LOGIN
+       useradd -D
+       useradd -D [options]
+
+Options:
+  -b, --base-dir BASE_DIR       base directory for the home directory of the
+                                new account
+  -c, --comment COMMENT         GECOS field of the new account
+  -d, --home-dir HOME_DIR       home directory of the new account
+  -D, --defaults                print or change default useradd configuration
+  -e, --expiredate EXPIRE_DATE  expiration date of the new account
+  -f, --inactive INACTIVE       password inactivity period of the new account
+  -g, --gid GROUP               name or ID of the primary group of the new
+                                account
+  -G, --groups GROUPS           list of supplementary groups of the new
+                                account
+  -h, --help                    display this help message and exit
+  -k, --skel SKEL_DIR           use this alternative skeleton directory
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -l, --no-log-init             do not add the user to the lastlog and
+                                faillog databases
+  -m, --create-home             create the user's home directory
+  -M, --no-create-home          do not create the user's home directory
+  -N, --no-user-group           do not create a group with the same name as
+                                the user
+  -o, --non-unique              allow to create users with duplicate
+                                (non-unique) UID
+  -p, --password PASSWORD       encrypted password of the new account
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             login shell of the new account
+  -u, --uid UID                 user ID of the new account
+  -U, --user-group              create a group with the same name as the user
+  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/04_useradd_usage_2_users/useradd.test b/tests/usertools/useradd/04_useradd_usage_2_users/useradd.test
new file mode 100755
index 0000000..c51e8bc
--- /dev/null
+++ b/tests/usertools/useradd/04_useradd_usage_2_users/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd displays its usage message when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with 2 users (useradd -f 12 bin nobody)..."
+useradd -f 12 bin nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config.txt b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/default/useradd b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/group b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/gshadow b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/passwd b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/shadow b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/data/usage.out b/tests/usertools/useradd/05_useradd_usage-b_invalid1/data/usage.out
new file mode 100644
index 0000000..6f4cd08
--- /dev/null
+++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid base directory '/home/no:body'
diff --git a/tests/usertools/useradd/05_useradd_usage-b_invalid1/useradd.test b/tests/usertools/useradd/05_useradd_usage-b_invalid1/useradd.test
new file mode 100755
index 0000000..a880dde
--- /dev/null
+++ b/tests/usertools/useradd/05_useradd_usage-b_invalid1/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -b '/home/no:body' nobody)..."
+useradd -b '/home/no:body' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config.txt b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/default/useradd b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/group b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/gshadow b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/passwd b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/shadow b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/data/usage.out b/tests/usertools/useradd/06_useradd_usage-b_invalid2/data/usage.out
new file mode 100644
index 0000000..22a5df8
--- /dev/null
+++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/data/usage.out
@@ -0,0 +1,2 @@
+useradd: invalid base directory '/home/no
+body'
diff --git a/tests/usertools/useradd/06_useradd_usage-b_invalid2/useradd.test b/tests/usertools/useradd/06_useradd_usage-b_invalid2/useradd.test
new file mode 100755
index 0000000..37f27c0
--- /dev/null
+++ b/tests/usertools/useradd/06_useradd_usage-b_invalid2/useradd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -b '/home/no
+body' nobody)..."
+useradd -b '/home/no
+body' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config.txt b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/default/useradd b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/group b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/gshadow b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/passwd b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/shadow b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/data/usage.out b/tests/usertools/useradd/07_useradd_usage-b_invalid3/data/usage.out
new file mode 100644
index 0000000..de930e6
--- /dev/null
+++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid base directory 'home/nobody'
diff --git a/tests/usertools/useradd/07_useradd_usage-b_invalid3/useradd.test b/tests/usertools/useradd/07_useradd_usage-b_invalid3/useradd.test
new file mode 100755
index 0000000..a0ff227
--- /dev/null
+++ b/tests/usertools/useradd/07_useradd_usage-b_invalid3/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -b 'home/nobody' nobody)..."
+useradd -b 'home/nobody' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config.txt b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/default/useradd b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/group b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/gshadow b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/passwd b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/shadow b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/data/usage.out b/tests/usertools/useradd/08_useradd_usage-c_invalid1/data/usage.out
new file mode 100644
index 0000000..ec0e2ab
--- /dev/null
+++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid comment 'comm:ent'
diff --git a/tests/usertools/useradd/08_useradd_usage-c_invalid1/useradd.test b/tests/usertools/useradd/08_useradd_usage-c_invalid1/useradd.test
new file mode 100755
index 0000000..6cd2262
--- /dev/null
+++ b/tests/usertools/useradd/08_useradd_usage-c_invalid1/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -c 'comm:ent' nobody)..."
+useradd -c 'comm:ent' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config.txt b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/default/useradd b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/group b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/gshadow b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/passwd b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/shadow b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/data/usage.out b/tests/usertools/useradd/09_useradd_usage-c_invalid2/data/usage.out
new file mode 100644
index 0000000..30daaab
--- /dev/null
+++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/data/usage.out
@@ -0,0 +1,2 @@
+useradd: invalid comment 'comm
+ent'
diff --git a/tests/usertools/useradd/09_useradd_usage-c_invalid2/useradd.test b/tests/usertools/useradd/09_useradd_usage-c_invalid2/useradd.test
new file mode 100755
index 0000000..98f6420
--- /dev/null
+++ b/tests/usertools/useradd/09_useradd_usage-c_invalid2/useradd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -c 'comm
+ent' nobody)..."
+useradd -c 'comm
+ent' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config.txt b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/default/useradd b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/group b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/gshadow b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/passwd b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/shadow b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/data/usage.out b/tests/usertools/useradd/10_useradd_usage-d_invalid1/data/usage.out
new file mode 100644
index 0000000..34b6e40
--- /dev/null
+++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid home directory '/home/no:body'
diff --git a/tests/usertools/useradd/10_useradd_usage-d_invalid1/useradd.test b/tests/usertools/useradd/10_useradd_usage-d_invalid1/useradd.test
new file mode 100755
index 0000000..3f3b81e
--- /dev/null
+++ b/tests/usertools/useradd/10_useradd_usage-d_invalid1/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -d '/home/no:body' nobody)..."
+useradd -d '/home/no:body' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config.txt b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/default/useradd b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/group b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/gshadow b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/passwd b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/shadow b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/data/usage.out b/tests/usertools/useradd/11_useradd_usage-d_invalid2/data/usage.out
new file mode 100644
index 0000000..0ac0eed
--- /dev/null
+++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/data/usage.out
@@ -0,0 +1,2 @@
+useradd: invalid home directory '/home/no
+body'
diff --git a/tests/usertools/useradd/11_useradd_usage-d_invalid2/useradd.test b/tests/usertools/useradd/11_useradd_usage-d_invalid2/useradd.test
new file mode 100755
index 0000000..12569b5
--- /dev/null
+++ b/tests/usertools/useradd/11_useradd_usage-d_invalid2/useradd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -d '/home/no
+body' nobody)..."
+useradd -d '/home/no
+body' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config.txt b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/default/useradd b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/group b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/gshadow b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/passwd b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/shadow b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/data/usage.out b/tests/usertools/useradd/12_useradd_usage-d_invalid3/data/usage.out
new file mode 100644
index 0000000..722cb57
--- /dev/null
+++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid home directory 'home/nobody'
diff --git a/tests/usertools/useradd/12_useradd_usage-d_invalid3/useradd.test b/tests/usertools/useradd/12_useradd_usage-d_invalid3/useradd.test
new file mode 100755
index 0000000..3b624c1
--- /dev/null
+++ b/tests/usertools/useradd/12_useradd_usage-d_invalid3/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -d 'home/nobody' nobody)..."
+useradd -d 'home/nobody' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config.txt b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/default/useradd b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/group b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/gshadow b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/passwd b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/shadow b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/data/usage.out b/tests/usertools/useradd/13_useradd_usage-e_invalid1/data/usage.out
new file mode 100644
index 0000000..02f2e40
--- /dev/null
+++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid date '2011-09-09-11'
diff --git a/tests/usertools/useradd/13_useradd_usage-e_invalid1/useradd.test b/tests/usertools/useradd/13_useradd_usage-e_invalid1/useradd.test
new file mode 100755
index 0000000..15acb22
--- /dev/null
+++ b/tests/usertools/useradd/13_useradd_usage-e_invalid1/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -e '2011-09-09-11' nobody)..."
+useradd -e '2011-09-09-11' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config.txt b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/default/useradd b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/group b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/gshadow b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/passwd b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/shadow b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/data/usage.out b/tests/usertools/useradd/14_useradd_usage-e_invalid2/data/usage.out
new file mode 100644
index 0000000..c0d25cb
--- /dev/null
+++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid date '1900-09-11'
diff --git a/tests/usertools/useradd/14_useradd_usage-e_invalid2/useradd.test b/tests/usertools/useradd/14_useradd_usage-e_invalid2/useradd.test
new file mode 100755
index 0000000..c5642f0
--- /dev/null
+++ b/tests/usertools/useradd/14_useradd_usage-e_invalid2/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -e '1900-09-11' nobody)..."
+useradd -e '1900-09-11' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config.txt b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/default/useradd b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/group b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/gshadow b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/passwd b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/shadow b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/data/usage.out b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/data/usage.out
new file mode 100644
index 0000000..f148d91
--- /dev/null
+++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/data/usage.out
@@ -0,0 +1 @@
+useradd: shadow passwords required for -e
diff --git a/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/useradd.test b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/useradd.test
new file mode 100755
index 0000000..255a799
--- /dev/null
+++ b/tests/usertools/useradd/15_useradd_usage-e_no_shadow_file/useradd.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Call useradd with the -e option (useradd -e '2011-09-11' nobody)..."
+useradd -e '2011-09-11' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config.txt b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/default/useradd b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/group b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/gshadow b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/passwd b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/shadow b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/data/usage.out b/tests/usertools/useradd/16_useradd_usage-f_invalid1/data/usage.out
new file mode 100644
index 0000000..40d8d93
--- /dev/null
+++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid numeric argument '2011f'
diff --git a/tests/usertools/useradd/16_useradd_usage-f_invalid1/useradd.test b/tests/usertools/useradd/16_useradd_usage-f_invalid1/useradd.test
new file mode 100755
index 0000000..ad948d5
--- /dev/null
+++ b/tests/usertools/useradd/16_useradd_usage-f_invalid1/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -f '2011f' nobody)..."
+useradd -f '2011f' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config.txt b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/default/useradd b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/group b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/gshadow b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/passwd b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/shadow b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/data/usage.out b/tests/usertools/useradd/17_useradd_usage-f_invalid2/data/usage.out
new file mode 100644
index 0000000..add36d3
--- /dev/null
+++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid numeric argument '-2'
diff --git a/tests/usertools/useradd/17_useradd_usage-f_invalid2/useradd.test b/tests/usertools/useradd/17_useradd_usage-f_invalid2/useradd.test
new file mode 100755
index 0000000..2f5a385
--- /dev/null
+++ b/tests/usertools/useradd/17_useradd_usage-f_invalid2/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -f '-2' nobody)..."
+useradd -f '-2' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config.txt b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/default/useradd b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/group b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/gshadow b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/passwd b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/shadow b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/data/usage.out b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/data/usage.out
new file mode 100644
index 0000000..f5095a5
--- /dev/null
+++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/data/usage.out
@@ -0,0 +1 @@
+useradd: shadow passwords required for -f
diff --git a/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/useradd.test b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/useradd.test
new file mode 100755
index 0000000..aa5b54e
--- /dev/null
+++ b/tests/usertools/useradd/18_useradd_usage-f_no_shadow_file/useradd.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Call useradd with the -f option (useradd -f '12' nobody)..."
+useradd -f '12' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config.txt b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/default/useradd b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/group b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/gshadow b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/passwd b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/shadow b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/data/usage.out b/tests/usertools/useradd/19_useradd_usage-K_invalid1/data/usage.out
new file mode 100644
index 0000000..9eaa315
--- /dev/null
+++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/data/usage.out
@@ -0,0 +1 @@
+useradd: -K requires KEY=VALUE
diff --git a/tests/usertools/useradd/19_useradd_usage-K_invalid1/useradd.test b/tests/usertools/useradd/19_useradd_usage-K_invalid1/useradd.test
new file mode 100755
index 0000000..bef12a6
--- /dev/null
+++ b/tests/usertools/useradd/19_useradd_usage-K_invalid1/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -K 'VALUE' nobody)..."
+useradd -K 'VALUE' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config.txt b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/default/useradd b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/group b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/gshadow b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/passwd b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/shadow b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/data/usage.out b/tests/usertools/useradd/20_useradd_usage-O_invalid2/data/usage.out
new file mode 100644
index 0000000..cb3b31a
--- /dev/null
+++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/data/usage.out
@@ -0,0 +1 @@
+configuration error - unknown item 'KEY' (notify administrator)
diff --git a/tests/usertools/useradd/20_useradd_usage-O_invalid2/useradd.test b/tests/usertools/useradd/20_useradd_usage-O_invalid2/useradd.test
new file mode 100755
index 0000000..883eac5
--- /dev/null
+++ b/tests/usertools/useradd/20_useradd_usage-O_invalid2/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -O 'KEY=VALUE' nobody)..."
+useradd -O 'KEY=VALUE' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config.txt b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/default/useradd b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/group b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/gshadow b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/passwd b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/shadow b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/data/usage.out b/tests/usertools/useradd/21_useradd_usage-p_invalid1/data/usage.out
new file mode 100644
index 0000000..6e06315
--- /dev/null
+++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid field 'no:body'
diff --git a/tests/usertools/useradd/21_useradd_usage-p_invalid1/useradd.test b/tests/usertools/useradd/21_useradd_usage-p_invalid1/useradd.test
new file mode 100755
index 0000000..86e99ff
--- /dev/null
+++ b/tests/usertools/useradd/21_useradd_usage-p_invalid1/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -p 'no:body' nobody)..."
+useradd -p 'no:body' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config.txt b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/default/useradd b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/group b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/gshadow b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/passwd b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/shadow b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/data/usage.out b/tests/usertools/useradd/22_useradd_usage-p_invalid2/data/usage.out
new file mode 100644
index 0000000..19f477e
--- /dev/null
+++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/data/usage.out
@@ -0,0 +1,2 @@
+useradd: invalid field 'no
+body'
diff --git a/tests/usertools/useradd/22_useradd_usage-p_invalid2/useradd.test b/tests/usertools/useradd/22_useradd_usage-p_invalid2/useradd.test
new file mode 100755
index 0000000..9888c75
--- /dev/null
+++ b/tests/usertools/useradd/22_useradd_usage-p_invalid2/useradd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -p 'no
+body' nobody)..."
+useradd -p 'no
+body' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config.txt b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/default/useradd b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/group b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/gshadow b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/passwd b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/shadow b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/data/usage.out b/tests/usertools/useradd/23_useradd_usage-s_invalid1/data/usage.out
new file mode 100644
index 0000000..2b9b157
--- /dev/null
+++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid shell '/home/no:body'
diff --git a/tests/usertools/useradd/23_useradd_usage-s_invalid1/useradd.test b/tests/usertools/useradd/23_useradd_usage-s_invalid1/useradd.test
new file mode 100755
index 0000000..9864e42
--- /dev/null
+++ b/tests/usertools/useradd/23_useradd_usage-s_invalid1/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -s '/home/no:body' nobody)..."
+useradd -s '/home/no:body' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config.txt b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/default/useradd b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/group b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/gshadow b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/passwd b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/shadow b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/data/usage.out b/tests/usertools/useradd/24_useradd_usage-s_invalid2/data/usage.out
new file mode 100644
index 0000000..e2891b2
--- /dev/null
+++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/data/usage.out
@@ -0,0 +1,2 @@
+useradd: invalid shell '/home/no
+body'
diff --git a/tests/usertools/useradd/24_useradd_usage-s_invalid2/useradd.test b/tests/usertools/useradd/24_useradd_usage-s_invalid2/useradd.test
new file mode 100755
index 0000000..4704ed5
--- /dev/null
+++ b/tests/usertools/useradd/24_useradd_usage-s_invalid2/useradd.test
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -s '/home/no
+body' nobody)..."
+useradd -s '/home/no
+body' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config.txt b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/default/useradd b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/group b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/gshadow b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/passwd b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/shadow b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/data/usage.out b/tests/usertools/useradd/25_useradd_usage-s_invalid3/data/usage.out
new file mode 100644
index 0000000..9fb467e
--- /dev/null
+++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid shell 'home/nobody'
diff --git a/tests/usertools/useradd/25_useradd_usage-s_invalid3/useradd.test b/tests/usertools/useradd/25_useradd_usage-s_invalid3/useradd.test
new file mode 100755
index 0000000..ea1ada3
--- /dev/null
+++ b/tests/usertools/useradd/25_useradd_usage-s_invalid3/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid argument (useradd -s 'home/nobody' nobody)..."
+useradd -s 'home/nobody' nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config.txt b/tests/usertools/useradd/26_useradd_usage-o_without-u/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/default/useradd b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/group b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/gshadow b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/passwd b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/shadow b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/data/usage.out b/tests/usertools/useradd/26_useradd_usage-o_without-u/data/usage.out
new file mode 100644
index 0000000..f0e24c5
--- /dev/null
+++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/data/usage.out
@@ -0,0 +1,36 @@
+useradd: -o flag is only allowed with the -u flag
+Usage: useradd [options] LOGIN
+       useradd -D
+       useradd -D [options]
+
+Options:
+  -b, --base-dir BASE_DIR       base directory for the home directory of the
+                                new account
+  -c, --comment COMMENT         GECOS field of the new account
+  -d, --home-dir HOME_DIR       home directory of the new account
+  -D, --defaults                print or change default useradd configuration
+  -e, --expiredate EXPIRE_DATE  expiration date of the new account
+  -f, --inactive INACTIVE       password inactivity period of the new account
+  -g, --gid GROUP               name or ID of the primary group of the new
+                                account
+  -G, --groups GROUPS           list of supplementary groups of the new
+                                account
+  -h, --help                    display this help message and exit
+  -k, --skel SKEL_DIR           use this alternative skeleton directory
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -l, --no-log-init             do not add the user to the lastlog and
+                                faillog databases
+  -m, --create-home             create the user's home directory
+  -M, --no-create-home          do not create the user's home directory
+  -N, --no-user-group           do not create a group with the same name as
+                                the user
+  -o, --non-unique              allow to create users with duplicate
+                                (non-unique) UID
+  -p, --password PASSWORD       encrypted password of the new account
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             login shell of the new account
+  -u, --uid UID                 user ID of the new account
+  -U, --user-group              create a group with the same name as the user
+  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/26_useradd_usage-o_without-u/useradd.test b/tests/usertools/useradd/26_useradd_usage-o_without-u/useradd.test
new file mode 100755
index 0000000..36498ce
--- /dev/null
+++ b/tests/usertools/useradd/26_useradd_usage-o_without-u/useradd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd rejects -o without -u"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Allow duplicate UID without UID (useradd -o foo)..."
+useradd -o foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config.txt b/tests/usertools/useradd/27_useradd_usage-k_without-m/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/default/useradd b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/group b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/gshadow b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/passwd b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/shadow b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/data/usage.out b/tests/usertools/useradd/27_useradd_usage-k_without-m/data/usage.out
new file mode 100644
index 0000000..e27e5b6
--- /dev/null
+++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/data/usage.out
@@ -0,0 +1,36 @@
+useradd: -k flag is only allowed with the -m flag
+Usage: useradd [options] LOGIN
+       useradd -D
+       useradd -D [options]
+
+Options:
+  -b, --base-dir BASE_DIR       base directory for the home directory of the
+                                new account
+  -c, --comment COMMENT         GECOS field of the new account
+  -d, --home-dir HOME_DIR       home directory of the new account
+  -D, --defaults                print or change default useradd configuration
+  -e, --expiredate EXPIRE_DATE  expiration date of the new account
+  -f, --inactive INACTIVE       password inactivity period of the new account
+  -g, --gid GROUP               name or ID of the primary group of the new
+                                account
+  -G, --groups GROUPS           list of supplementary groups of the new
+                                account
+  -h, --help                    display this help message and exit
+  -k, --skel SKEL_DIR           use this alternative skeleton directory
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -l, --no-log-init             do not add the user to the lastlog and
+                                faillog databases
+  -m, --create-home             create the user's home directory
+  -M, --no-create-home          do not create the user's home directory
+  -N, --no-user-group           do not create a group with the same name as
+                                the user
+  -o, --non-unique              allow to create users with duplicate
+                                (non-unique) UID
+  -p, --password PASSWORD       encrypted password of the new account
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             login shell of the new account
+  -u, --uid UID                 user ID of the new account
+  -U, --user-group              create a group with the same name as the user
+  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/27_useradd_usage-k_without-m/useradd.test b/tests/usertools/useradd/27_useradd_usage-k_without-m/useradd.test
new file mode 100755
index 0000000..c64af4a
--- /dev/null
+++ b/tests/usertools/useradd/27_useradd_usage-k_without-m/useradd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd rejects -k without -m"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Copy skeleton without creating home dir (useradd -k foo)..."
+useradd -k foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config.txt b/tests/usertools/useradd/28_useradd_usage-U_with-g/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/default/useradd b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/group b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/gshadow b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/passwd b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/shadow b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/data/usage.out b/tests/usertools/useradd/28_useradd_usage-U_with-g/data/usage.out
new file mode 100644
index 0000000..3b030c3
--- /dev/null
+++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/data/usage.out
@@ -0,0 +1,36 @@
+useradd: options -U and -g conflict
+Usage: useradd [options] LOGIN
+       useradd -D
+       useradd -D [options]
+
+Options:
+  -b, --base-dir BASE_DIR       base directory for the home directory of the
+                                new account
+  -c, --comment COMMENT         GECOS field of the new account
+  -d, --home-dir HOME_DIR       home directory of the new account
+  -D, --defaults                print or change default useradd configuration
+  -e, --expiredate EXPIRE_DATE  expiration date of the new account
+  -f, --inactive INACTIVE       password inactivity period of the new account
+  -g, --gid GROUP               name or ID of the primary group of the new
+                                account
+  -G, --groups GROUPS           list of supplementary groups of the new
+                                account
+  -h, --help                    display this help message and exit
+  -k, --skel SKEL_DIR           use this alternative skeleton directory
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -l, --no-log-init             do not add the user to the lastlog and
+                                faillog databases
+  -m, --create-home             create the user's home directory
+  -M, --no-create-home          do not create the user's home directory
+  -N, --no-user-group           do not create a group with the same name as
+                                the user
+  -o, --non-unique              allow to create users with duplicate
+                                (non-unique) UID
+  -p, --password PASSWORD       encrypted password of the new account
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             login shell of the new account
+  -u, --uid UID                 user ID of the new account
+  -U, --user-group              create a group with the same name as the user
+  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/28_useradd_usage-U_with-g/useradd.test b/tests/usertools/useradd/28_useradd_usage-U_with-g/useradd.test
new file mode 100755
index 0000000..2a7b381
--- /dev/null
+++ b/tests/usertools/useradd/28_useradd_usage-U_with-g/useradd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd rejects -U with -g"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Usergroup and fixed group (useradd -U -g 100 foo)..."
+useradd -U -g 100 foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config.txt b/tests/usertools/useradd/29_useradd_usage-U_with-N/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/default/useradd b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/group b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/gshadow b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/passwd b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/shadow b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/data/usage.out b/tests/usertools/useradd/29_useradd_usage-U_with-N/data/usage.out
new file mode 100644
index 0000000..7a7bc5d
--- /dev/null
+++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/data/usage.out
@@ -0,0 +1,36 @@
+useradd: options -U and -N conflict
+Usage: useradd [options] LOGIN
+       useradd -D
+       useradd -D [options]
+
+Options:
+  -b, --base-dir BASE_DIR       base directory for the home directory of the
+                                new account
+  -c, --comment COMMENT         GECOS field of the new account
+  -d, --home-dir HOME_DIR       home directory of the new account
+  -D, --defaults                print or change default useradd configuration
+  -e, --expiredate EXPIRE_DATE  expiration date of the new account
+  -f, --inactive INACTIVE       password inactivity period of the new account
+  -g, --gid GROUP               name or ID of the primary group of the new
+                                account
+  -G, --groups GROUPS           list of supplementary groups of the new
+                                account
+  -h, --help                    display this help message and exit
+  -k, --skel SKEL_DIR           use this alternative skeleton directory
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -l, --no-log-init             do not add the user to the lastlog and
+                                faillog databases
+  -m, --create-home             create the user's home directory
+  -M, --no-create-home          do not create the user's home directory
+  -N, --no-user-group           do not create a group with the same name as
+                                the user
+  -o, --non-unique              allow to create users with duplicate
+                                (non-unique) UID
+  -p, --password PASSWORD       encrypted password of the new account
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             login shell of the new account
+  -u, --uid UID                 user ID of the new account
+  -U, --user-group              create a group with the same name as the user
+  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/29_useradd_usage-U_with-N/useradd.test b/tests/usertools/useradd/29_useradd_usage-U_with-N/useradd.test
new file mode 100755
index 0000000..57eabd3
--- /dev/null
+++ b/tests/usertools/useradd/29_useradd_usage-U_with-N/useradd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd rejects -U with -N"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Usergroup and no usergroup (useradd -U -N foo)..."
+useradd -U -N foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config.txt b/tests/usertools/useradd/30_useradd_usage-m_with-M/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/default/useradd b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/group b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/gshadow b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/passwd b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/shadow b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/data/usage.out b/tests/usertools/useradd/30_useradd_usage-m_with-M/data/usage.out
new file mode 100644
index 0000000..37a90dc
--- /dev/null
+++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/data/usage.out
@@ -0,0 +1,36 @@
+useradd: options -m and -M conflict
+Usage: useradd [options] LOGIN
+       useradd -D
+       useradd -D [options]
+
+Options:
+  -b, --base-dir BASE_DIR       base directory for the home directory of the
+                                new account
+  -c, --comment COMMENT         GECOS field of the new account
+  -d, --home-dir HOME_DIR       home directory of the new account
+  -D, --defaults                print or change default useradd configuration
+  -e, --expiredate EXPIRE_DATE  expiration date of the new account
+  -f, --inactive INACTIVE       password inactivity period of the new account
+  -g, --gid GROUP               name or ID of the primary group of the new
+                                account
+  -G, --groups GROUPS           list of supplementary groups of the new
+                                account
+  -h, --help                    display this help message and exit
+  -k, --skel SKEL_DIR           use this alternative skeleton directory
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -l, --no-log-init             do not add the user to the lastlog and
+                                faillog databases
+  -m, --create-home             create the user's home directory
+  -M, --no-create-home          do not create the user's home directory
+  -N, --no-user-group           do not create a group with the same name as
+                                the user
+  -o, --non-unique              allow to create users with duplicate
+                                (non-unique) UID
+  -p, --password PASSWORD       encrypted password of the new account
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             login shell of the new account
+  -u, --uid UID                 user ID of the new account
+  -U, --user-group              create a group with the same name as the user
+  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/30_useradd_usage-m_with-M/useradd.test b/tests/usertools/useradd/30_useradd_usage-m_with-M/useradd.test
new file mode 100755
index 0000000..80d7a5a
--- /dev/null
+++ b/tests/usertools/useradd/30_useradd_usage-m_with-M/useradd.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd rejects -m with -M"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create and do not create home directory (useradd -M -m foo)..."
+useradd -M -m foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config.txt b/tests/usertools/useradd/31_useradd_usage_user_with-D/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/default/useradd b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/group b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/gshadow b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/passwd b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/shadow b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/data/usage.out b/tests/usertools/useradd/31_useradd_usage_user_with-D/data/usage.out
new file mode 100644
index 0000000..b77a98a
--- /dev/null
+++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/data/usage.out
@@ -0,0 +1,35 @@
+Usage: useradd [options] LOGIN
+       useradd -D
+       useradd -D [options]
+
+Options:
+  -b, --base-dir BASE_DIR       base directory for the home directory of the
+                                new account
+  -c, --comment COMMENT         GECOS field of the new account
+  -d, --home-dir HOME_DIR       home directory of the new account
+  -D, --defaults                print or change default useradd configuration
+  -e, --expiredate EXPIRE_DATE  expiration date of the new account
+  -f, --inactive INACTIVE       password inactivity period of the new account
+  -g, --gid GROUP               name or ID of the primary group of the new
+                                account
+  -G, --groups GROUPS           list of supplementary groups of the new
+                                account
+  -h, --help                    display this help message and exit
+  -k, --skel SKEL_DIR           use this alternative skeleton directory
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -l, --no-log-init             do not add the user to the lastlog and
+                                faillog databases
+  -m, --create-home             create the user's home directory
+  -M, --no-create-home          do not create the user's home directory
+  -N, --no-user-group           do not create a group with the same name as
+                                the user
+  -o, --non-unique              allow to create users with duplicate
+                                (non-unique) UID
+  -p, --password PASSWORD       encrypted password of the new account
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             login shell of the new account
+  -u, --uid UID                 user ID of the new account
+  -U, --user-group              create a group with the same name as the user
+  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/31_useradd_usage_user_with-D/useradd.test b/tests/usertools/useradd/31_useradd_usage_user_with-D/useradd.test
new file mode 100755
index 0000000..b66842b
--- /dev/null
+++ b/tests/usertools/useradd/31_useradd_usage_user_with-D/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd displays its usage message when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set defaulkt with useradd and specify an user (useradd -D nobody)..."
+useradd -D nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config.txt b/tests/usertools/useradd/32_useradd_usage-D_with_other/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/default/useradd b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/group b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/gshadow b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/passwd b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/shadow b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/data/usage.out b/tests/usertools/useradd/32_useradd_usage-D_with_other/data/usage.out
new file mode 100644
index 0000000..b77a98a
--- /dev/null
+++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/data/usage.out
@@ -0,0 +1,35 @@
+Usage: useradd [options] LOGIN
+       useradd -D
+       useradd -D [options]
+
+Options:
+  -b, --base-dir BASE_DIR       base directory for the home directory of the
+                                new account
+  -c, --comment COMMENT         GECOS field of the new account
+  -d, --home-dir HOME_DIR       home directory of the new account
+  -D, --defaults                print or change default useradd configuration
+  -e, --expiredate EXPIRE_DATE  expiration date of the new account
+  -f, --inactive INACTIVE       password inactivity period of the new account
+  -g, --gid GROUP               name or ID of the primary group of the new
+                                account
+  -G, --groups GROUPS           list of supplementary groups of the new
+                                account
+  -h, --help                    display this help message and exit
+  -k, --skel SKEL_DIR           use this alternative skeleton directory
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -l, --no-log-init             do not add the user to the lastlog and
+                                faillog databases
+  -m, --create-home             create the user's home directory
+  -M, --no-create-home          do not create the user's home directory
+  -N, --no-user-group           do not create a group with the same name as
+                                the user
+  -o, --non-unique              allow to create users with duplicate
+                                (non-unique) UID
+  -p, --password PASSWORD       encrypted password of the new account
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             login shell of the new account
+  -u, --uid UID                 user ID of the new account
+  -U, --user-group              create a group with the same name as the user
+  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/32_useradd_usage-D_with_other/useradd.test b/tests/usertools/useradd/32_useradd_usage-D_with_other/useradd.test
new file mode 100755
index 0000000..c3aacfb
--- /dev/null
+++ b/tests/usertools/useradd/32_useradd_usage-D_with_other/useradd.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd rejects -m with -M"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+for opt in "-u 1010" "-G nogroup" "-d /home/foo" "-c comment" "-m"
+do
+	echo -n "Call useradd -D with option $opt (useradd -D $opt)..."
+	useradd -D $opt 2>tmp/usage.out && exit 1 || {
+		status=$?
+	}
+
+	echo "OK"
+
+	echo -n "Check returned status ($status)..."
+	test "$status" = "2"
+	echo "OK"
+
+	echo "useradd reported:"
+	echo "======================================================================="
+	cat tmp/usage.out
+	echo "======================================================================="
+	echo -n "Check the usage message..."
+	diff -au data/usage.out tmp/usage.out
+	echo "usage message OK."
+	rm -f tmp/usage.out
+done
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config.txt b/tests/usertools/useradd/33_useradd_usage_invalid_username/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/default/useradd b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/group b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/gshadow b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/passwd b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/shadow b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/data/usage.out b/tests/usertools/useradd/33_useradd_usage_invalid_username/data/usage.out
new file mode 100644
index 0000000..c1c58fa
--- /dev/null
+++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/data/usage.out
@@ -0,0 +1 @@
+useradd: invalid user name 'user:name'
diff --git a/tests/usertools/useradd/33_useradd_usage_invalid_username/useradd.test b/tests/usertools/useradd/33_useradd_usage_invalid_username/useradd.test
new file mode 100755
index 0000000..8024f7d
--- /dev/null
+++ b/tests/usertools/useradd/33_useradd_usage_invalid_username/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd checks the username validity"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an invalid username (useradd user:name)..."
+useradd user:name 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config.txt b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/default/useradd b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/group b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/gshadow b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/passwd b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/shadow b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/passwd b/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/passwd
new file mode 100644
index 0000000..540cc99
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:10::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/shadow b/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/34_useradd_default_GROUP_GID/useradd.test b/tests/usertools/useradd/34_useradd_default_GROUP_GID/useradd.test
new file mode 100755
index 0000000..df98f82
--- /dev/null
+++ b/tests/usertools/useradd/34_useradd_default_GROUP_GID/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the GROUP default value"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo, without usergroup (useradd -N foo)..."
+useradd -N foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config.txt b/tests/usertools/useradd/35_useradd_default_GROUP_name/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/default/useradd b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/default/useradd
new file mode 100644
index 0000000..487e328
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=nogroup
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/group b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/gshadow b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/passwd b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/shadow b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/data/passwd b/tests/usertools/useradd/35_useradd_default_GROUP_name/data/passwd
new file mode 100644
index 0000000..4e481a1
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:65534::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/data/shadow b/tests/usertools/useradd/35_useradd_default_GROUP_name/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/35_useradd_default_GROUP_name/useradd.test b/tests/usertools/useradd/35_useradd_default_GROUP_name/useradd.test
new file mode 100755
index 0000000..df98f82
--- /dev/null
+++ b/tests/usertools/useradd/35_useradd_default_GROUP_name/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the GROUP default value"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo, without usergroup (useradd -N foo)..."
+useradd -N foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config.txt b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/default/useradd b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/default/useradd
new file mode 100644
index 0000000..4da665d
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=3000
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/group b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/gshadow b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/passwd b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/shadow b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/passwd b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/passwd
new file mode 100644
index 0000000..db82966
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:100::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/shadow b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/usage.out b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/usage.out
new file mode 100644
index 0000000..6e4920f
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/data/usage.out
@@ -0,0 +1,2 @@
+useradd: group '3000' does not exist
+useradd: the GROUP= configuration in /etc/default/useradd will be ignored
diff --git a/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/useradd.test b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/useradd.test
new file mode 100755
index 0000000..c030cd2
--- /dev/null
+++ b/tests/usertools/useradd/36_useradd_default_GROUP_invalid_GID/useradd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the GROUP default value"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo, without usergroup (useradd -N foo)..."
+useradd -N foo 2>tmp/usage.out
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config.txt b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/default/useradd b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/default/useradd
new file mode 100644
index 0000000..3d298ac
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=invalidgroup
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/group b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/gshadow b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/passwd b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/shadow b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/passwd b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/passwd
new file mode 100644
index 0000000..db82966
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:100::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/shadow b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/usage.out b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/usage.out
new file mode 100644
index 0000000..06f5b8c
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/data/usage.out
@@ -0,0 +1,2 @@
+useradd: group 'invalidgroup' does not exist
+useradd: the GROUP= configuration in /etc/default/useradd will be ignored
diff --git a/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/useradd.test b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/useradd.test
new file mode 100755
index 0000000..c030cd2
--- /dev/null
+++ b/tests/usertools/useradd/37_useradd_default_GROUP_invalid_name/useradd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the GROUP default value"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo, without usergroup (useradd -N foo)..."
+useradd -N foo 2>tmp/usage.out
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config.txt b/tests/usertools/useradd/38_useradd_default_INACTIVE/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/default/useradd b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/default/useradd
new file mode 100644
index 0000000..095cf3d
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=42
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/group b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/gshadow b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/passwd b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/shadow b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/data/passwd b/tests/usertools/useradd/38_useradd_default_INACTIVE/data/passwd
new file mode 100644
index 0000000..540cc99
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:10::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/data/shadow b/tests/usertools/useradd/38_useradd_default_INACTIVE/data/shadow
new file mode 100644
index 0000000..b8db0a7
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:42:13849:
diff --git a/tests/usertools/useradd/38_useradd_default_INACTIVE/useradd.test b/tests/usertools/useradd/38_useradd_default_INACTIVE/useradd.test
new file mode 100755
index 0000000..dbee2ad
--- /dev/null
+++ b/tests/usertools/useradd/38_useradd_default_INACTIVE/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the INACT default value"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo, without usergroup (useradd -N foo)..."
+useradd -N foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config.txt b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/default/useradd b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..e7513e4
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=1a
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/group b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/gshadow b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/passwd b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/shadow b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/passwd b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/passwd
new file mode 100644
index 0000000..540cc99
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:10::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/shadow b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/shadow
new file mode 100644
index 0000000..39849f5
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7::13849:
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/usage.out b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/usage.out
new file mode 100644
index 0000000..d27941e
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/data/usage.out
@@ -0,0 +1,2 @@
+useradd: invalid numeric argument '1a'
+useradd: the INACTIVE= configuration in /etc/default/useradd will be ignored
diff --git a/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/useradd.test b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/useradd.test
new file mode 100755
index 0000000..c030cd2
--- /dev/null
+++ b/tests/usertools/useradd/39_useradd_default_INACTIVE_invalid1/useradd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the GROUP default value"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo, without usergroup (useradd -N foo)..."
+useradd -N foo 2>tmp/usage.out
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config.txt b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/default/useradd b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..b3f265e
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=-2
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/group b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/gshadow b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/passwd b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/shadow b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/passwd b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/passwd
new file mode 100644
index 0000000..540cc99
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:10::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/shadow b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/shadow
new file mode 100644
index 0000000..39849f5
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7::13849:
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/usage.out b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/usage.out
new file mode 100644
index 0000000..d301073
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/data/usage.out
@@ -0,0 +1,2 @@
+useradd: invalid numeric argument '-2'
+useradd: the INACTIVE= configuration in /etc/default/useradd will be ignored
diff --git a/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/useradd.test b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/useradd.test
new file mode 100755
index 0000000..c030cd2
--- /dev/null
+++ b/tests/usertools/useradd/40_useradd_default_INACTIVE_invalid2/useradd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the GROUP default value"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo, without usergroup (useradd -N foo)..."
+useradd -N foo 2>tmp/usage.out
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config.txt b/tests/usertools/useradd/41_useradd_default_default_SKEL/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/default/useradd b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/default/useradd
new file mode 100644
index 0000000..3fca45b
--- /dev/null
+++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=42
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+SKEL=
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/group b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/gshadow b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/passwd b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/shadow b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/data/defaults b/tests/usertools/useradd/41_useradd_default_default_SKEL/data/defaults
new file mode 100644
index 0000000..90cfe79
--- /dev/null
+++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/data/defaults
@@ -0,0 +1,7 @@
+GROUP=10
+HOME=/tmp
+INACTIVE=42
+EXPIRE=2007-12-02
+SHELL=/bin/foobar
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/useradd/41_useradd_default_default_SKEL/useradd.test b/tests/usertools/useradd/41_useradd_default_default_SKEL/useradd.test
new file mode 100755
index 0000000..0ca12b6
--- /dev/null
+++ b/tests/usertools/useradd/41_useradd_default_default_SKEL/useradd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the defautl SKEL value is SKEL is set to empty"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get default value (useradd -D)..."
+useradd -D >tmp/defaults
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/defaults
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/defaults tmp/defaults
+echo "usage message OK."
+rm -f tmp/defaults
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config.txt b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/default/useradd b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/default/useradd
new file mode 100644
index 0000000..bbb85b4
--- /dev/null
+++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=42
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=
diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/group b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/gshadow b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/passwd b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/shadow b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/data/defaults b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/data/defaults
new file mode 100644
index 0000000..90cfe79
--- /dev/null
+++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/data/defaults
@@ -0,0 +1,7 @@
+GROUP=10
+HOME=/tmp
+INACTIVE=42
+EXPIRE=2007-12-02
+SHELL=/bin/foobar
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/useradd.test b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/useradd.test
new file mode 100755
index 0000000..0ca12b6
--- /dev/null
+++ b/tests/usertools/useradd/42_useradd_default_default_CREATE_MAIL_SPOOL/useradd.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses the defautl SKEL value is SKEL is set to empty"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get default value (useradd -D)..."
+useradd -D >tmp/defaults
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/defaults
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/defaults tmp/defaults
+echo "usage message OK."
+rm -f tmp/defaults
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config.txt b/tests/usertools/useradd/43_useradd_default_no_final_eol/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/default/useradd b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/default/useradd
new file mode 100644
index 0000000..b85eaf3
--- /dev/null
+++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/default/useradd
@@ -0,0 +1,37 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=42
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=
+# 
\ No newline at end of file
diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/group b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/gshadow b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/passwd b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/shadow b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/data/useradd b/tests/usertools/useradd/43_useradd_default_no_final_eol/data/useradd
new file mode 100644
index 0000000..15084f0
--- /dev/null
+++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/data/useradd
@@ -0,0 +1,38 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/toto
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=42
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=no
+# 
+SKEL=/etc/skel
diff --git a/tests/usertools/useradd/43_useradd_default_no_final_eol/useradd.test b/tests/usertools/useradd/43_useradd_default_no_final_eol/useradd.test
new file mode 100755
index 0000000..110e3ae
--- /dev/null
+++ b/tests/usertools/useradd/43_useradd_default_no_final_eol/useradd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd accepts a line with no eol at eof"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set a default value (useradd -D -b /toto)..."
+useradd -D -b /toto
+echo "OK"
+
+echo -n "Check the default file..."
+diff -Nau data/useradd /etc/default/useradd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config.txt b/tests/usertools/useradd/44_useradd_default_no_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/44_useradd_default_no_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config/etc/default/useradd b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/default/useradd
new file mode 100644
index 0000000..b85eaf3
--- /dev/null
+++ b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/default/useradd
@@ -0,0 +1,37 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=42
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=
+#
+# Defines whether the mail spool should be created while
+# creating the account
+CREATE_MAIL_SPOOL=
+# 
\ No newline at end of file
diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config/etc/group b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config/etc/gshadow b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config/etc/passwd b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/44_useradd_default_no_file/config/etc/shadow b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/44_useradd_default_no_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/44_useradd_default_no_file/data/useradd b/tests/usertools/useradd/44_useradd_default_no_file/data/useradd
new file mode 100644
index 0000000..796e8dd
--- /dev/null
+++ b/tests/usertools/useradd/44_useradd_default_no_file/data/useradd
@@ -0,0 +1,8 @@
+# useradd defaults file
+GROUP=100
+HOME=/toto
+INACTIVE=-1
+EXPIRE=
+SHELL=
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=no
diff --git a/tests/usertools/useradd/44_useradd_default_no_file/useradd.test b/tests/usertools/useradd/44_useradd_default_no_file/useradd.test
new file mode 100755
index 0000000..0bc2804
--- /dev/null
+++ b/tests/usertools/useradd/44_useradd_default_no_file/useradd.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd can create a defaults file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete the defaults file..."
+rm -f /etc/default/useradd
+echo "OK"
+
+echo -n "Set a default value (useradd -D -b /toto)..."
+useradd -D -b /toto
+echo "OK"
+
+echo -n "Check the default file..."
+diff -Nau data/useradd /etc/default/useradd
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config.txt b/tests/usertools/useradd/45_useradd-G_UID_name/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/default/useradd b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/group b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/gshadow b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/passwd b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/shadow b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/data/group b/tests/usertools/useradd/45_useradd-G_UID_name/data/group
new file mode 100644
index 0000000..c9c71f8
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:foo
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:foo
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:foo
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/data/gshadow b/tests/usertools/useradd/45_useradd-G_UID_name/data/gshadow
new file mode 100644
index 0000000..ec19c4a
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::
+adm:*::foo
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::foo
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::foo
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/data/passwd b/tests/usertools/useradd/45_useradd-G_UID_name/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/data/shadow b/tests/usertools/useradd/45_useradd-G_UID_name/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/45_useradd-G_UID_name/useradd.test b/tests/usertools/useradd/45_useradd-G_UID_name/useradd.test
new file mode 100755
index 0000000..480c4a3
--- /dev/null
+++ b/tests/usertools/useradd/45_useradd-G_UID_name/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd adds the user to specified groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom foo)..."
+useradd -G bin,adm,12,cdrom foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config.txt b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/default/useradd b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/group b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/gshadow b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/passwd b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/shadow b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/group b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/group
new file mode 100644
index 0000000..c9c71f8
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:foo
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:foo
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:foo
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/gshadow b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/gshadow
new file mode 100644
index 0000000..ec19c4a
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::
+adm:*::foo
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::foo
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::foo
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/passwd b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/shadow b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/46_useradd-G_UID_duplicate/useradd.test b/tests/usertools/useradd/46_useradd-G_UID_duplicate/useradd.test
new file mode 100755
index 0000000..1de8138
--- /dev/null
+++ b/tests/usertools/useradd/46_useradd-G_UID_duplicate/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd adds the user to specified groups (once)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom,12 foo)..."
+useradd -G bin,adm,12,cdrom,12 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config.txt b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/default/useradd b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/group b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/gshadow b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/passwd b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/shadow b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/group b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/group
new file mode 100644
index 0000000..c9c71f8
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:foo
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:foo
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:foo
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/gshadow b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/gshadow
new file mode 100644
index 0000000..ec19c4a
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::
+adm:*::foo
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::foo
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::foo
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/passwd b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/shadow b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/useradd.test b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/useradd.test
new file mode 100755
index 0000000..cb7bed8
--- /dev/null
+++ b/tests/usertools/useradd/47_useradd-G_UID_name_duplicate/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd adds the user to specified groups (once)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom,man foo)..."
+useradd -G bin,adm,12,cdrom,man foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config.txt b/tests/usertools/useradd/48_useradd-G_name_duplicate/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/default/useradd b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/group b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/gshadow b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/passwd b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/shadow b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/data/group b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/group
new file mode 100644
index 0000000..c9c71f8
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:foo
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:foo
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:foo
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/data/gshadow b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/gshadow
new file mode 100644
index 0000000..ec19c4a
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::
+adm:*::foo
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::foo
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::foo
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/data/passwd b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/data/shadow b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/48_useradd-G_name_duplicate/useradd.test b/tests/usertools/useradd/48_useradd-G_name_duplicate/useradd.test
new file mode 100755
index 0000000..44f63c1
--- /dev/null
+++ b/tests/usertools/useradd/48_useradd-G_name_duplicate/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd adds the user to specified groups (once)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom,adm foo)..."
+useradd -G bin,adm,12,cdrom,adm foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config.txt b/tests/usertools/useradd/49_useradd-G_invalid_group/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/default/useradd b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/group b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/gshadow b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/passwd b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/shadow b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/49_useradd-G_invalid_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/data/usage.out b/tests/usertools/useradd/49_useradd-G_invalid_group/data/usage.out
new file mode 100644
index 0000000..23ea5dd
--- /dev/null
+++ b/tests/usertools/useradd/49_useradd-G_invalid_group/data/usage.out
@@ -0,0 +1 @@
+useradd: group 'cdromm' does not exist
diff --git a/tests/usertools/useradd/49_useradd-G_invalid_group/useradd.test b/tests/usertools/useradd/49_useradd-G_invalid_group/useradd.test
new file mode 100755
index 0000000..5d16073
--- /dev/null
+++ b/tests/usertools/useradd/49_useradd-G_invalid_group/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd check the validity of groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo in groups with an invalid group (useradd -G bin,adm,12,cdromm,adm foo)..."
+useradd -G bin,adm,12,cdromm,adm foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "6"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/50_useradd-r/config.txt b/tests/usertools/useradd/50_useradd-r/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/50_useradd-r/config/etc/default/useradd b/tests/usertools/useradd/50_useradd-r/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/50_useradd-r/config/etc/group b/tests/usertools/useradd/50_useradd-r/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/50_useradd-r/config/etc/gshadow b/tests/usertools/useradd/50_useradd-r/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/50_useradd-r/config/etc/passwd b/tests/usertools/useradd/50_useradd-r/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/50_useradd-r/config/etc/shadow b/tests/usertools/useradd/50_useradd-r/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/50_useradd-r/data/group b/tests/usertools/useradd/50_useradd-r/data/group
new file mode 100644
index 0000000..b5b6ce2
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:999:
diff --git a/tests/usertools/useradd/50_useradd-r/data/gshadow b/tests/usertools/useradd/50_useradd-r/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/50_useradd-r/data/passwd b/tests/usertools/useradd/50_useradd-r/data/passwd
new file mode 100644
index 0000000..640a0cc
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:101:999::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/50_useradd-r/data/shadow b/tests/usertools/useradd/50_useradd-r/data/shadow
new file mode 100644
index 0000000..823c4c0
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@::::::
diff --git a/tests/usertools/useradd/50_useradd-r/useradd.test b/tests/usertools/useradd/50_useradd-r/useradd.test
new file mode 100755
index 0000000..0eacc6a
--- /dev/null
+++ b/tests/usertools/useradd/50_useradd-r/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd can create system users"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create system user foo (useradd -r foo)..."
+useradd -r foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/51_useradd_already_exist/config.txt b/tests/usertools/useradd/51_useradd_already_exist/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/51_useradd_already_exist/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/51_useradd_already_exist/config/etc/default/useradd b/tests/usertools/useradd/51_useradd_already_exist/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/51_useradd_already_exist/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/51_useradd_already_exist/config/etc/group b/tests/usertools/useradd/51_useradd_already_exist/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/51_useradd_already_exist/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/51_useradd_already_exist/config/etc/gshadow b/tests/usertools/useradd/51_useradd_already_exist/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/51_useradd_already_exist/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/51_useradd_already_exist/config/etc/passwd b/tests/usertools/useradd/51_useradd_already_exist/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/useradd/51_useradd_already_exist/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/useradd/51_useradd_already_exist/config/etc/shadow b/tests/usertools/useradd/51_useradd_already_exist/config/etc/shadow
new file mode 100644
index 0000000..498ef86
--- /dev/null
+++ b/tests/usertools/useradd/51_useradd_already_exist/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:*:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/51_useradd_already_exist/data/usage.out b/tests/usertools/useradd/51_useradd_already_exist/data/usage.out
new file mode 100644
index 0000000..5d12530
--- /dev/null
+++ b/tests/usertools/useradd/51_useradd_already_exist/data/usage.out
@@ -0,0 +1 @@
+useradd: user 'foo' already exists
diff --git a/tests/usertools/useradd/51_useradd_already_exist/useradd.test b/tests/usertools/useradd/51_useradd_already_exist/useradd.test
new file mode 100755
index 0000000..539e718
--- /dev/null
+++ b/tests/usertools/useradd/51_useradd_already_exist/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd checks ifthe requested new user already exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with an existing user (useradd foo)..."
+useradd foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "9"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config.txt b/tests/usertools/useradd/52_useradd-U_group_already_exist/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/default/useradd b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/group b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/gshadow b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/passwd b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/shadow b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/data/usage.out b/tests/usertools/useradd/52_useradd-U_group_already_exist/data/usage.out
new file mode 100644
index 0000000..c000a60
--- /dev/null
+++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/data/usage.out
@@ -0,0 +1 @@
+useradd: group foo exists - if you want to add this user to that group, use -g.
diff --git a/tests/usertools/useradd/52_useradd-U_group_already_exist/useradd.test b/tests/usertools/useradd/52_useradd-U_group_already_exist/useradd.test
new file mode 100755
index 0000000..7fe651d
--- /dev/null
+++ b/tests/usertools/useradd/52_useradd-U_group_already_exist/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd -U checks if a group with the same name already exist"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd -U with an existing group (useradd -U foo)..."
+useradd -U foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "9"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/53_useradd-G_empty/config.txt b/tests/usertools/useradd/53_useradd-G_empty/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/53_useradd-G_empty/config/etc/default/useradd b/tests/usertools/useradd/53_useradd-G_empty/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/53_useradd-G_empty/config/etc/group b/tests/usertools/useradd/53_useradd-G_empty/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/53_useradd-G_empty/config/etc/gshadow b/tests/usertools/useradd/53_useradd-G_empty/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/53_useradd-G_empty/config/etc/passwd b/tests/usertools/useradd/53_useradd-G_empty/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/53_useradd-G_empty/config/etc/shadow b/tests/usertools/useradd/53_useradd-G_empty/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/53_useradd-G_empty/data/group b/tests/usertools/useradd/53_useradd-G_empty/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/53_useradd-G_empty/data/gshadow b/tests/usertools/useradd/53_useradd-G_empty/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/53_useradd-G_empty/data/passwd b/tests/usertools/useradd/53_useradd-G_empty/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/53_useradd-G_empty/data/shadow b/tests/usertools/useradd/53_useradd-G_empty/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/53_useradd-G_empty/useradd.test b/tests/usertools/useradd/53_useradd-G_empty/useradd.test
new file mode 100755
index 0000000..8eac65e
--- /dev/null
+++ b/tests/usertools/useradd/53_useradd-G_empty/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd accepts empty list of groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo with empty group list (useradd -G "" foo)..."
+useradd -G "" foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config.txt b/tests/usertools/useradd/54_useradd_no_shadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/default/useradd b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/group b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/gshadow b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/passwd b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/shadow b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/data/group b/tests/usertools/useradd/54_useradd_no_shadow_file/data/group
new file mode 100644
index 0000000..c9c71f8
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:foo
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:foo
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:foo
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/data/gshadow b/tests/usertools/useradd/54_useradd_no_shadow_file/data/gshadow
new file mode 100644
index 0000000..ec19c4a
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::
+adm:*::foo
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::foo
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::foo
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/data/passwd b/tests/usertools/useradd/54_useradd_no_shadow_file/data/passwd
new file mode 100644
index 0000000..e2c466a
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:!:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/54_useradd_no_shadow_file/useradd.test b/tests/usertools/useradd/54_useradd_no_shadow_file/useradd.test
new file mode 100755
index 0000000..c7ab56b
--- /dev/null
+++ b/tests/usertools/useradd/54_useradd_no_shadow_file/useradd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd adds the user even if /etc/shadow is missing"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom foo)..."
+useradd -G bin,adm,12,cdrom foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config.txt b/tests/usertools/useradd/55_useradd_no_gshadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/default/useradd b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/group b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/gshadow b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/passwd b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/shadow b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/data/group b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/group
new file mode 100644
index 0000000..eb2e1b5
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:foo
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:foo
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:foo
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:!:1000:
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/data/passwd b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/data/shadow b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/55_useradd_no_gshadow_file/useradd.test b/tests/usertools/useradd/55_useradd_no_gshadow_file/useradd.test
new file mode 100755
index 0000000..b5519b9
--- /dev/null
+++ b/tests/usertools/useradd/55_useradd_no_gshadow_file/useradd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd adds the user and groups even if /etc/gshadow is missing"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete /etc/gshadow..."
+rm -f /etc/gshadow
+echo "OK"
+
+echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom foo)..."
+useradd -G bin,adm,12,cdrom foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config.txt b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/default/useradd b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/group b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/gshadow b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/gshadow
new file mode 100644
index 0000000..3c9bae9
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test:x::
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/passwd b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/shadow b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/group b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/group
new file mode 100644
index 0000000..c9c71f8
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:foo
+sys:x:3:
+adm:x:4:foo
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:foo
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:foo
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/gshadow b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/gshadow
new file mode 100644
index 0000000..fd939a3
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::foo
+sys:*::
+adm:*::foo
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::foo
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::foo
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+test:x::
+foo:!::
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/passwd b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/shadow b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/useradd.test b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/useradd.test
new file mode 100755
index 0000000..c8a6666
--- /dev/null
+++ b/tests/usertools/useradd/56_useradd_gshadow_entry_without_group_entry/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd adds the user and groups even if /etc/gshadow is missing"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo in groups (useradd -G bin,adm,12,cdrom foo)..."
+useradd -G bin,adm,12,cdrom foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config.txt b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/default/useradd b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/group b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/gshadow b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/passwd b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/shadow b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/data/usage.out b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/data/usage.out
new file mode 100644
index 0000000..b77a98a
--- /dev/null
+++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/data/usage.out
@@ -0,0 +1,35 @@
+Usage: useradd [options] LOGIN
+       useradd -D
+       useradd -D [options]
+
+Options:
+  -b, --base-dir BASE_DIR       base directory for the home directory of the
+                                new account
+  -c, --comment COMMENT         GECOS field of the new account
+  -d, --home-dir HOME_DIR       home directory of the new account
+  -D, --defaults                print or change default useradd configuration
+  -e, --expiredate EXPIRE_DATE  expiration date of the new account
+  -f, --inactive INACTIVE       password inactivity period of the new account
+  -g, --gid GROUP               name or ID of the primary group of the new
+                                account
+  -G, --groups GROUPS           list of supplementary groups of the new
+                                account
+  -h, --help                    display this help message and exit
+  -k, --skel SKEL_DIR           use this alternative skeleton directory
+  -K, --key KEY=VALUE           override /etc/login.defs defaults
+  -l, --no-log-init             do not add the user to the lastlog and
+                                faillog databases
+  -m, --create-home             create the user's home directory
+  -M, --no-create-home          do not create the user's home directory
+  -N, --no-user-group           do not create a group with the same name as
+                                the user
+  -o, --non-unique              allow to create users with duplicate
+                                (non-unique) UID
+  -p, --password PASSWORD       encrypted password of the new account
+  -r, --system                  create a system account
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             login shell of the new account
+  -u, --uid UID                 user ID of the new account
+  -U, --user-group              create a group with the same name as the user
+  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping
+
diff --git a/tests/usertools/useradd/57_useradd_usage-D_not_first_option/useradd.test b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/useradd.test
new file mode 100755
index 0000000..97e011d
--- /dev/null
+++ b/tests/usertools/useradd/57_useradd_usage-D_not_first_option/useradd.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd reports an error when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call useradd with -D as second option (useradd -f 12 -D)..."
+useradd -f 12 -D 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/58_useradd-e_empty/config.txt b/tests/usertools/useradd/58_useradd-e_empty/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/58_useradd-e_empty/config/etc/default/useradd b/tests/usertools/useradd/58_useradd-e_empty/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/58_useradd-e_empty/config/etc/group b/tests/usertools/useradd/58_useradd-e_empty/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/58_useradd-e_empty/config/etc/gshadow b/tests/usertools/useradd/58_useradd-e_empty/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/58_useradd-e_empty/config/etc/passwd b/tests/usertools/useradd/58_useradd-e_empty/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/58_useradd-e_empty/config/etc/shadow b/tests/usertools/useradd/58_useradd-e_empty/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/58_useradd-e_empty/data/group b/tests/usertools/useradd/58_useradd-e_empty/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/58_useradd-e_empty/data/gshadow b/tests/usertools/useradd/58_useradd-e_empty/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/58_useradd-e_empty/data/passwd b/tests/usertools/useradd/58_useradd-e_empty/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/58_useradd-e_empty/data/shadow b/tests/usertools/useradd/58_useradd-e_empty/data/shadow
new file mode 100644
index 0000000..949c978
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12::
diff --git a/tests/usertools/useradd/58_useradd-e_empty/useradd.test b/tests/usertools/useradd/58_useradd-e_empty/useradd.test
new file mode 100755
index 0000000..ab90d67
--- /dev/null
+++ b/tests/usertools/useradd/58_useradd-e_empty/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd accepts empty list of groups"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo without expiry (useradd -e "" foo)..."
+useradd -e "" foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config.txt b/tests/usertools/useradd/59_useradd-e-1-f-1/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/default/useradd b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/group b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/gshadow b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/passwd b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/shadow b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/data/group b/tests/usertools/useradd/59_useradd-e-1-f-1/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/data/gshadow b/tests/usertools/useradd/59_useradd-e-1-f-1/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/data/passwd b/tests/usertools/useradd/59_useradd-e-1-f-1/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/data/shadow b/tests/usertools/useradd/59_useradd-e-1-f-1/data/shadow
new file mode 100644
index 0000000..602bef5
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/useradd/59_useradd-e-1-f-1/useradd.test b/tests/usertools/useradd/59_useradd-e-1-f-1/useradd.test
new file mode 100755
index 0000000..ff5233c
--- /dev/null
+++ b/tests/usertools/useradd/59_useradd-e-1-f-1/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd accepts -1 as expiry and inactivity"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo without expiry (useradd -e -1 -f -1 foo)..."
+useradd -e -1 -f -1 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config.txt b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/default/useradd b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/group b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/gshadow b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/passwd b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/shadow b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/group b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/gshadow b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/passwd b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/passwd
new file mode 100644
index 0000000..e2c466a
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:!:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/useradd.test b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/useradd.test
new file mode 100755
index 0000000..0170ef8
--- /dev/null
+++ b/tests/usertools/useradd/60_useradd-e-1-f-1_no_shadow_file/useradd.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd accepts -1 as expiry and inactivity"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete /etc/shadow..."
+rm -f /etc/shadow
+echo "OK"
+
+echo -n "Create user foo without expiry (useradd -e -1 -f -1 foo)..."
+useradd -e -1 -f -1 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/61_useradd-K/config.txt b/tests/usertools/useradd/61_useradd-K/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/61_useradd-K/config/etc/default/useradd b/tests/usertools/useradd/61_useradd-K/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/61_useradd-K/config/etc/group b/tests/usertools/useradd/61_useradd-K/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/61_useradd-K/config/etc/gshadow b/tests/usertools/useradd/61_useradd-K/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/61_useradd-K/config/etc/passwd b/tests/usertools/useradd/61_useradd-K/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/61_useradd-K/config/etc/shadow b/tests/usertools/useradd/61_useradd-K/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/61_useradd-K/data/group b/tests/usertools/useradd/61_useradd-K/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/61_useradd-K/data/gshadow b/tests/usertools/useradd/61_useradd-K/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/61_useradd-K/data/passwd b/tests/usertools/useradd/61_useradd-K/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/61_useradd-K/data/shadow b/tests/usertools/useradd/61_useradd-K/data/shadow
new file mode 100644
index 0000000..bfd9ffa
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:42:7:12:13849:
diff --git a/tests/usertools/useradd/61_useradd-K/useradd.test b/tests/usertools/useradd/61_useradd-K/useradd.test
new file mode 100755
index 0000000..3a8ee29
--- /dev/null
+++ b/tests/usertools/useradd/61_useradd-K/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd uses -K options"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo and set option with -K (useradd -K PASS_MAX_DAYS=42 foo)..."
+useradd -K PASS_MAX_DAYS=42 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/62_useradd-p/config.txt b/tests/usertools/useradd/62_useradd-p/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/62_useradd-p/config/etc/default/useradd b/tests/usertools/useradd/62_useradd-p/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/62_useradd-p/config/etc/group b/tests/usertools/useradd/62_useradd-p/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/62_useradd-p/config/etc/gshadow b/tests/usertools/useradd/62_useradd-p/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/62_useradd-p/config/etc/passwd b/tests/usertools/useradd/62_useradd-p/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/62_useradd-p/config/etc/shadow b/tests/usertools/useradd/62_useradd-p/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/62_useradd-p/data/group b/tests/usertools/useradd/62_useradd-p/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/62_useradd-p/data/gshadow b/tests/usertools/useradd/62_useradd-p/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/62_useradd-p/data/passwd b/tests/usertools/useradd/62_useradd-p/data/passwd
new file mode 100644
index 0000000..ed91b35
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:/bin/foobar
diff --git a/tests/usertools/useradd/62_useradd-p/data/shadow b/tests/usertools/useradd/62_useradd-p/data/shadow
new file mode 100644
index 0000000..4abac0c
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:fooPass:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/62_useradd-p/useradd.test b/tests/usertools/useradd/62_useradd-p/useradd.test
new file mode 100755
index 0000000..655f871
--- /dev/null
+++ b/tests/usertools/useradd/62_useradd-p/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "The -p option can set the password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo and set password (useradd -p fooPass foo)..."
+useradd -p fooPass foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/63_useradd-s/config.txt b/tests/usertools/useradd/63_useradd-s/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/63_useradd-s/config/etc/default/useradd b/tests/usertools/useradd/63_useradd-s/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/63_useradd-s/config/etc/group b/tests/usertools/useradd/63_useradd-s/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/63_useradd-s/config/etc/gshadow b/tests/usertools/useradd/63_useradd-s/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/63_useradd-s/config/etc/passwd b/tests/usertools/useradd/63_useradd-s/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/63_useradd-s/config/etc/shadow b/tests/usertools/useradd/63_useradd-s/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/63_useradd-s/data/group b/tests/usertools/useradd/63_useradd-s/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/63_useradd-s/data/gshadow b/tests/usertools/useradd/63_useradd-s/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/63_useradd-s/data/passwd b/tests/usertools/useradd/63_useradd-s/data/passwd
new file mode 100644
index 0000000..5c7dfc4
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:*/bin/dash
diff --git a/tests/usertools/useradd/63_useradd-s/data/shadow b/tests/usertools/useradd/63_useradd-s/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/63_useradd-s/useradd.test b/tests/usertools/useradd/63_useradd-s/useradd.test
new file mode 100755
index 0000000..99e783b
--- /dev/null
+++ b/tests/usertools/useradd/63_useradd-s/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "The -s option can change the default shell"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo and set shell (useradd -s \"*/bin/dash\" foo)..."
+useradd -s "*/bin/dash" foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config.txt b/tests/usertools/useradd/64_useradd_locked_passwd/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/useradd/64_useradd_locked_passwd/config.txt
diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/default/useradd b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/group b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/gshadow b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/passwd b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/shadow b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/64_useradd_locked_passwd/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/data/useradd.err b/tests/usertools/useradd/64_useradd_locked_passwd/data/useradd.err
new file mode 100644
index 0000000..c4b6ed3
--- /dev/null
+++ b/tests/usertools/useradd/64_useradd_locked_passwd/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: existing lock file /etc/passwd.lock without a PID
+useradd: cannot lock /etc/passwd; try again later.
diff --git a/tests/usertools/useradd/64_useradd_locked_passwd/useradd.test b/tests/usertools/useradd/64_useradd_locked_passwd/useradd.test
new file mode 100755
index 0000000..8dde325
--- /dev/null
+++ b/tests/usertools/useradd/64_useradd_locked_passwd/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd -G checks if the passwd file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/passwd.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/passwd..."
+touch /etc/passwd.lock
+echo "done"
+
+echo -n "Add user foo (useradd foo)..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/passwd.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/65_useradd_locked_group/config.txt b/tests/usertools/useradd/65_useradd_locked_group/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/useradd/65_useradd_locked_group/config.txt
diff --git a/tests/usertools/useradd/65_useradd_locked_group/config/etc/default/useradd b/tests/usertools/useradd/65_useradd_locked_group/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/65_useradd_locked_group/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/65_useradd_locked_group/config/etc/group b/tests/usertools/useradd/65_useradd_locked_group/config/etc/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/usertools/useradd/65_useradd_locked_group/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/65_useradd_locked_group/config/etc/gshadow b/tests/usertools/useradd/65_useradd_locked_group/config/etc/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/usertools/useradd/65_useradd_locked_group/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/65_useradd_locked_group/config/etc/passwd b/tests/usertools/useradd/65_useradd_locked_group/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/65_useradd_locked_group/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/65_useradd_locked_group/config/etc/shadow b/tests/usertools/useradd/65_useradd_locked_group/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/65_useradd_locked_group/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/65_useradd_locked_group/data/useradd.err b/tests/usertools/useradd/65_useradd_locked_group/data/useradd.err
new file mode 100644
index 0000000..b36210f
--- /dev/null
+++ b/tests/usertools/useradd/65_useradd_locked_group/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: existing lock file /etc/group.lock without a PID
+useradd: cannot lock /etc/group; try again later.
diff --git a/tests/usertools/useradd/65_useradd_locked_group/useradd.test b/tests/usertools/useradd/65_useradd_locked_group/useradd.test
new file mode 100755
index 0000000..e6583ba
--- /dev/null
+++ b/tests/usertools/useradd/65_useradd_locked_group/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd -G checks if the group file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/group.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/group..."
+touch /etc/group.lock
+echo "done"
+
+echo -n "Add user foo (useradd foo)..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/group.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config.txt b/tests/usertools/useradd/66_useradd_locked_shadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/useradd/66_useradd_locked_shadow/config.txt
diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/default/useradd b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/group b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/gshadow b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/passwd b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/shadow b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/66_useradd_locked_shadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/data/useradd.err b/tests/usertools/useradd/66_useradd_locked_shadow/data/useradd.err
new file mode 100644
index 0000000..a29346a
--- /dev/null
+++ b/tests/usertools/useradd/66_useradd_locked_shadow/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: existing lock file /etc/shadow.lock without a PID
+useradd: cannot lock /etc/shadow; try again later.
diff --git a/tests/usertools/useradd/66_useradd_locked_shadow/useradd.test b/tests/usertools/useradd/66_useradd_locked_shadow/useradd.test
new file mode 100755
index 0000000..24ef14f
--- /dev/null
+++ b/tests/usertools/useradd/66_useradd_locked_shadow/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd -G checks if the shadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/shadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/shadow..."
+touch /etc/shadow.lock
+echo "done"
+
+echo -n "Add user foo (useradd foo)..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/shadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "1"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config.txt b/tests/usertools/useradd/67_useradd_locked_gshadow/config.txt
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config.txt
diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/default/useradd b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/group b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/group
new file mode 100644
index 0000000..66f04f6
--- /dev/null
+++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/gshadow b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..19f1325
--- /dev/null
+++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/passwd b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/shadow b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/67_useradd_locked_gshadow/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/data/useradd.err b/tests/usertools/useradd/67_useradd_locked_gshadow/data/useradd.err
new file mode 100644
index 0000000..9155bfd
--- /dev/null
+++ b/tests/usertools/useradd/67_useradd_locked_gshadow/data/useradd.err
@@ -0,0 +1,2 @@
+useradd: existing lock file /etc/gshadow.lock without a PID
+useradd: cannot lock /etc/gshadow; try again later.
diff --git a/tests/usertools/useradd/67_useradd_locked_gshadow/useradd.test b/tests/usertools/useradd/67_useradd_locked_gshadow/useradd.test
new file mode 100755
index 0000000..71f7dc0
--- /dev/null
+++ b/tests/usertools/useradd/67_useradd_locked_gshadow/useradd.test
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "useradd -G checks if the gshadow file is locked"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /etc/gshadow.lock' 0
+
+change_config
+
+echo -n "Create lock file for /etc/gshadow..."
+touch /etc/gshadow.lock
+echo "done"
+
+echo -n "Add user foo (useradd foo)..."
+useradd foo 2>tmp/useradd.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+rm -f /etc/gshadow.lock
+
+echo -n "Check returned status ($status)..."
+test "$status" = "10"
+echo "OK"
+
+echo "useradd reported:"
+echo "======================================================================="
+cat tmp/useradd.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/useradd.err tmp/useradd.err
+echo "error message OK."
+rm -f tmp/useradd.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/useradd/68_useradd-s_empty/config.txt b/tests/usertools/useradd/68_useradd-s_empty/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/useradd/68_useradd-s_empty/config/etc/default/useradd b/tests/usertools/useradd/68_useradd-s_empty/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/useradd/68_useradd-s_empty/config/etc/group b/tests/usertools/useradd/68_useradd-s_empty/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/useradd/68_useradd-s_empty/config/etc/gshadow b/tests/usertools/useradd/68_useradd-s_empty/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/useradd/68_useradd-s_empty/config/etc/passwd b/tests/usertools/useradd/68_useradd-s_empty/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/useradd/68_useradd-s_empty/config/etc/shadow b/tests/usertools/useradd/68_useradd-s_empty/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/useradd/68_useradd-s_empty/data/group b/tests/usertools/useradd/68_useradd-s_empty/data/group
new file mode 100644
index 0000000..fecba0c
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/useradd/68_useradd-s_empty/data/gshadow b/tests/usertools/useradd/68_useradd-s_empty/data/gshadow
new file mode 100644
index 0000000..bfc0675
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/data/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:!::
diff --git a/tests/usertools/useradd/68_useradd-s_empty/data/passwd b/tests/usertools/useradd/68_useradd-s_empty/data/passwd
new file mode 100644
index 0000000..8a4ebe5
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/tmp/foo:
diff --git a/tests/usertools/useradd/68_useradd-s_empty/data/shadow b/tests/usertools/useradd/68_useradd-s_empty/data/shadow
new file mode 100644
index 0000000..0aee0c5
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:@TODAY@:0:99999:7:12:13849:
diff --git a/tests/usertools/useradd/68_useradd-s_empty/useradd.test b/tests/usertools/useradd/68_useradd-s_empty/useradd.test
new file mode 100755
index 0000000..448000c
--- /dev/null
+++ b/tests/usertools/useradd/68_useradd-s_empty/useradd.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "The -s option can set an empty shell"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create user foo and set empty shell (useradd -s \"\" foo)..."
+useradd -s "" foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/01_userdel_usage/config.txt b/tests/usertools/userdel/01_userdel_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/userdel/01_userdel_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/userdel/01_userdel_usage/config/etc/default/useradd b/tests/usertools/userdel/01_userdel_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/01_userdel_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/01_userdel_usage/config/etc/group b/tests/usertools/userdel/01_userdel_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/userdel/01_userdel_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/userdel/01_userdel_usage/config/etc/gshadow b/tests/usertools/userdel/01_userdel_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/userdel/01_userdel_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/userdel/01_userdel_usage/config/etc/passwd b/tests/usertools/userdel/01_userdel_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/userdel/01_userdel_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/userdel/01_userdel_usage/config/etc/shadow b/tests/usertools/userdel/01_userdel_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/userdel/01_userdel_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/01_userdel_usage/data/usage.out b/tests/usertools/userdel/01_userdel_usage/data/usage.out
new file mode 100644
index 0000000..955c793
--- /dev/null
+++ b/tests/usertools/userdel/01_userdel_usage/data/usage.out
@@ -0,0 +1,10 @@
+Usage: userdel [options] LOGIN
+
+Options:
+  -f, --force                   force removal of files,
+                                even if not owned by user
+  -h, --help                    display this help message and exit
+  -r, --remove                  remove home directory and mail spool
+  -R, --root CHROOT_DIR         directory to chroot into
+  -Z, --selinux-user            remove any SELinux user mapping for the user
+
diff --git a/tests/usertools/userdel/01_userdel_usage/userdel.test b/tests/usertools/userdel/01_userdel_usage/userdel.test
new file mode 100755
index 0000000..6d2b9e8
--- /dev/null
+++ b/tests/usertools/userdel/01_userdel_usage/userdel.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get userdel usage (userdel -h)..."
+userdel -h >tmp/usage.out
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config.txt b/tests/usertools/userdel/02_userdel_usage_invalid_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/default/useradd b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/group b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/gshadow b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/passwd b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/shadow b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/data/usage.out b/tests/usertools/userdel/02_userdel_usage_invalid_option/data/usage.out
new file mode 100644
index 0000000..a0dcbf8
--- /dev/null
+++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/data/usage.out
@@ -0,0 +1,11 @@
+userdel: unrecognized option '--foo'
+Usage: userdel [options] LOGIN
+
+Options:
+  -f, --force                   force removal of files,
+                                even if not owned by user
+  -h, --help                    display this help message and exit
+  -r, --remove                  remove home directory and mail spool
+  -R, --root CHROOT_DIR         directory to chroot into
+  -Z, --selinux-user            remove any SELinux user mapping for the user
+
diff --git a/tests/usertools/userdel/02_userdel_usage_invalid_option/userdel.test b/tests/usertools/userdel/02_userdel_usage_invalid_option/userdel.test
new file mode 100755
index 0000000..7d134f0
--- /dev/null
+++ b/tests/usertools/userdel/02_userdel_usage_invalid_option/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel displays its usage message when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call userdel with an invalid option (userdel --foo)..."
+userdel --foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config.txt b/tests/usertools/userdel/03_userdel_usage_no_users/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/userdel/03_userdel_usage_no_users/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/default/useradd b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/group b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/gshadow b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/passwd b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/shadow b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/userdel/03_userdel_usage_no_users/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/data/usage.out b/tests/usertools/userdel/03_userdel_usage_no_users/data/usage.out
new file mode 100644
index 0000000..955c793
--- /dev/null
+++ b/tests/usertools/userdel/03_userdel_usage_no_users/data/usage.out
@@ -0,0 +1,10 @@
+Usage: userdel [options] LOGIN
+
+Options:
+  -f, --force                   force removal of files,
+                                even if not owned by user
+  -h, --help                    display this help message and exit
+  -r, --remove                  remove home directory and mail spool
+  -R, --root CHROOT_DIR         directory to chroot into
+  -Z, --selinux-user            remove any SELinux user mapping for the user
+
diff --git a/tests/usertools/userdel/03_userdel_usage_no_users/userdel.test b/tests/usertools/userdel/03_userdel_usage_no_users/userdel.test
new file mode 100755
index 0000000..9bf3685
--- /dev/null
+++ b/tests/usertools/userdel/03_userdel_usage_no_users/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel displays its usage message when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call userdel without an user (userdel -f)..."
+userdel -f 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config.txt b/tests/usertools/userdel/04_userdel_usage_2_users/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/userdel/04_userdel_usage_2_users/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/default/useradd b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/group b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/gshadow b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/passwd b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/shadow b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/userdel/04_userdel_usage_2_users/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/data/usage.out b/tests/usertools/userdel/04_userdel_usage_2_users/data/usage.out
new file mode 100644
index 0000000..955c793
--- /dev/null
+++ b/tests/usertools/userdel/04_userdel_usage_2_users/data/usage.out
@@ -0,0 +1,10 @@
+Usage: userdel [options] LOGIN
+
+Options:
+  -f, --force                   force removal of files,
+                                even if not owned by user
+  -h, --help                    display this help message and exit
+  -r, --remove                  remove home directory and mail spool
+  -R, --root CHROOT_DIR         directory to chroot into
+  -Z, --selinux-user            remove any SELinux user mapping for the user
+
diff --git a/tests/usertools/userdel/04_userdel_usage_2_users/userdel.test b/tests/usertools/userdel/04_userdel_usage_2_users/userdel.test
new file mode 100755
index 0000000..6788240
--- /dev/null
+++ b/tests/usertools/userdel/04_userdel_usage_2_users/userdel.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel displays its usage message when called incorrectly"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Call userdel with 2 users (userdel -f bin nobody)..."
+userdel -f bin nobody 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config.txt b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/default/useradd b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/group b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/group
new file mode 100644
index 0000000..ac82d7f
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/gshadow b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/gshadow
new file mode 100644
index 0000000..a526819
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/login.defs b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/login.defs
new file mode 100644
index 0000000..7f41dc8
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB no
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/passwd b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/shadow b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/group b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/group
new file mode 100644
index 0000000..c60d727
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/gshadow b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/gshadow
new file mode 100644
index 0000000..a526819
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/passwd b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/shadow b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/userdel.test b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/userdel.test
new file mode 100755
index 0000000..83e801f
--- /dev/null
+++ b/tests/usertools/userdel/05_userdel_no_USERGROUPS_ENAB/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel does not remove the user's group if USERGROUPS_ENAB is disabled"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config.txt b/tests/usertools/userdel/06_userdel_no_usergroup/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/default/useradd b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/group b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/group
new file mode 100644
index 0000000..d5d74e2
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/gshadow b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/gshadow
new file mode 100644
index 0000000..5e2c5d3
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
+foo2:*::
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/login.defs b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/passwd b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/shadow b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/data/group b/tests/usertools/userdel/06_userdel_no_usergroup/data/group
new file mode 100644
index 0000000..15f4c27
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo1:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/data/gshadow b/tests/usertools/userdel/06_userdel_no_usergroup/data/gshadow
new file mode 100644
index 0000000..5e2c5d3
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo1:*::
+foo2:*::
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/data/passwd b/tests/usertools/userdel/06_userdel_no_usergroup/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/data/shadow b/tests/usertools/userdel/06_userdel_no_usergroup/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/06_userdel_no_usergroup/userdel.test b/tests/usertools/userdel/06_userdel_no_usergroup/userdel.test
new file mode 100755
index 0000000..f0907c6
--- /dev/null
+++ b/tests/usertools/userdel/06_userdel_no_usergroup/userdel.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel does not remove the user's group if it has a different name"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config.txt b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/default/useradd b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/group b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/group
new file mode 100644
index 0000000..c39e02c
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1002:
+foo1:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/gshadow b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/gshadow
new file mode 100644
index 0000000..75ecdfe
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo1:*::
+foo2:*::
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/login.defs b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/passwd b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/shadow b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/group b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/group
new file mode 100644
index 0000000..3aa5282
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/group
@@ -0,0 +1,44 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1002:
+foo1:x:1000:
+foo2:x:1001:
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/gshadow b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/gshadow
new file mode 100644
index 0000000..75ecdfe
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/gshadow
@@ -0,0 +1,44 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo1:*::
+foo2:*::
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/passwd b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/shadow b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/userdel.out b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/userdel.out
new file mode 100644
index 0000000..0ccbef6
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/data/userdel.out
@@ -0,0 +1 @@
+userdel: group foo not removed because it is not the primary group of user foo.
diff --git a/tests/usertools/userdel/07_userdel_usergroup_not_primary/userdel.test b/tests/usertools/userdel/07_userdel_usergroup_not_primary/userdel.test
new file mode 100755
index 0000000..9ff44d4
--- /dev/null
+++ b/tests/usertools/userdel/07_userdel_usergroup_not_primary/userdel.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel does not remove the user's group if it has a different name"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo 2>tmp/userdel.out
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/userdel.out tmp/userdel.out
+echo "usage message OK."
+rm -f tmp/userdel.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config.txt b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/default/useradd b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/group b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/group
new file mode 100644
index 0000000..ff15b82
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo2
+foo2:x:1001:
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/gshadow b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/gshadow
new file mode 100644
index 0000000..50ca6ce
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo2
+foo2:*::
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/login.defs b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/passwd b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/shadow b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/group b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/group
new file mode 100644
index 0000000..5e4034b
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo2
+foo2:x:1001:
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/gshadow b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/gshadow
new file mode 100644
index 0000000..50ca6ce
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::foo2
+foo2:*::
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/passwd b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/shadow b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/userdel.out b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/userdel.out
new file mode 100644
index 0000000..2dc27c8
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/data/userdel.out
@@ -0,0 +1 @@
+userdel: group foo not removed because it has other members.
diff --git a/tests/usertools/userdel/08_userdel_usergroup_with_other_members/userdel.test b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/userdel.test
new file mode 100755
index 0000000..69fc339
--- /dev/null
+++ b/tests/usertools/userdel/08_userdel_usergroup_with_other_members/userdel.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel does not remove the user's group if is has other members"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo 2>tmp/userdel.out
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/userdel.out tmp/userdel.out
+echo "usage message OK."
+rm -f tmp/userdel.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config.txt b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config.txt
new file mode 100644
index 0000000..1b0360b
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config.txt
@@ -0,0 +1 @@
+user foo, in group users according to /etc/group only
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/default/useradd b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/group b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/group
new file mode 100644
index 0000000..ff15b82
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo2
+foo2:x:1001:
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/gshadow b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/gshadow
new file mode 100644
index 0000000..a526819
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/login.defs b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/login.defs
new file mode 100644
index 0000000..b148ad2
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/passwd b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/passwd
new file mode 100644
index 0000000..9958fca
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:::/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/shadow b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/shadow
new file mode 100644
index 0000000..eaf0278
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/group b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/group
new file mode 100644
index 0000000..5e4034b
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:foo2
+foo2:x:1001:
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/gshadow b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/gshadow
new file mode 100644
index 0000000..a526819
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+foo2:*::
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/passwd b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/passwd
new file mode 100644
index 0000000..8846932
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1001:1001:::/bin/false
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/shadow b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/userdel.out b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/userdel.out
new file mode 100644
index 0000000..2dc27c8
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/data/userdel.out
@@ -0,0 +1 @@
+userdel: group foo not removed because it has other members.
diff --git a/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/userdel.test b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/userdel.test
new file mode 100755
index 0000000..2387401
--- /dev/null
+++ b/tests/usertools/userdel/09_userdel_usergroup_no_other_members_in_gshadow/userdel.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel does not remove the user's group from gshadow if there were no additional members in gshadow but there were in group"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Delete user foo (userdel foo)..."
+userdel foo 2>tmp/userdel.out
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/userdel.out tmp/userdel.out
+echo "usage message OK."
+rm -f tmp/userdel.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config.txt b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/default/useradd b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/group b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/gshadow b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/passwd b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/shadow b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/group b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/gshadow b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/passwd b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/shadow b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/userdel.err b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/userdel.err
new file mode 100644
index 0000000..893b416
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/data/userdel.err
@@ -0,0 +1 @@
+userdel: /home/foo is a symbolic link, not removing
diff --git a/tests/usertools/userdel/10_userdel_del_homedir_symlink/userdel.test b/tests/usertools/userdel/10_userdel_del_homedir_symlink/userdel.test
new file mode 100755
index 0000000..eb9c6fe
--- /dev/null
+++ b/tests/usertools/userdel/10_userdel_del_homedir_symlink/userdel.test
@@ -0,0 +1,72 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "userdel does not delete the user's home directory as symlink"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /var/mail/foo /home/foo /home/foo2' 0
+
+change_config
+
+mkdir /home/foo2
+touch /home/foo2/file
+chown -R foo:foo /home/foo2
+ln -s foo2 /home/foo
+touch /var/mail/foo
+chown --no-dereference foo:foo /var/mail/foo /home/foo
+
+echo -n "Delete user foo (userdel -r foo)..."
+userdel -r foo 2>tmp/userdel.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "userdel reported:"
+echo "======================================================================="
+cat tmp/userdel.err
+echo "======================================================================="
+echo -n "Check that there were a failure message..."
+diff -au data/userdel.err tmp/userdel.err
+echo "error message OK."
+rm -f tmp/userdel.err
+
+echo "The user should have been removed."
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl data/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was not removed..."
+test -L /home/foo
+test -d /home/foo2
+test -f /home/foo2/file
+echo "OK"
+echo -n "Check the user's mail spool was removed..."
+test ! -f /var/mail/foo
+echo "OK"
+rm -rf /home/foo /home/foo2
+
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config.txt b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/default/useradd b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/group b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/gshadow b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/passwd b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/shadow b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/data/passwd b/tests/usertools/usermod/01_usermod-p_no_shadow_file/data/passwd
new file mode 100644
index 0000000..d9798a6
--- /dev/null
+++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:foopass:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/01_usermod-p_no_shadow_file/usermod.test b/tests/usertools/usermod/01_usermod-p_no_shadow_file/usermod.test
new file mode 100755
index 0000000..e272fc8
--- /dev/null
+++ b/tests/usertools/usermod/01_usermod-p_no_shadow_file/usermod.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not require a shadow file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "done"
+
+echo -n "Change the user's password (usermod -p foopass foo)..."
+usermod -p foopass foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config.txt b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/default/useradd b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/group b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/gshadow b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/passwd b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/shadow b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/data/passwd b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/data/passwd
new file mode 100644
index 0000000..d9798a6
--- /dev/null
+++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:foopass:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/02_usermod-p_no_shadow_entry/usermod.test b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/usermod.test
new file mode 100755
index 0000000..a5231c5
--- /dev/null
+++ b/tests/usertools/usermod/02_usermod-p_no_shadow_entry/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not require a shadow entry"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's password (usermod -p foopass foo)..."
+usermod -p foopass foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config.txt b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/default/useradd b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/group b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/gshadow b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/passwd b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/shadow b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/data/shadow b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/data/shadow
new file mode 100644
index 0000000..0c6770f
--- /dev/null
+++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:foopass:@TODAY@:0:99999:7:::
diff --git a/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/usermod.test b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/usermod.test
new file mode 100755
index 0000000..3cdfabc
--- /dev/null
+++ b/tests/usertools/usermod/03_usermod-p_no_shadow_entry_but_shadow_enabled/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not require a shadow entry"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's password (usermod -p foopass foo)..."
+usermod -p foopass foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config.txt b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/default/useradd b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/group b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/gshadow b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/passwd b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/shadow b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/shadow
new file mode 100644
index 0000000..151547d
--- /dev/null
+++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!oldpass:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/04_usermod_lock_already_locked_password1/usermod.test b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/usermod.test
new file mode 100755
index 0000000..9f4907f
--- /dev/null
+++ b/tests/usertools/usermod/04_usermod_lock_already_locked_password1/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not fail to lock an already locked password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Lock foo's password (usermod -L foo)..."
+usermod -L foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config.txt b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/default/useradd b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/group b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/gshadow b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/passwd b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/passwd
new file mode 100644
index 0000000..9abcbc4
--- /dev/null
+++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:!blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/shadow b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/shadow
new file mode 100644
index 0000000..6e9fa8e
--- /dev/null
+++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/data/shadow b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/data/shadow
new file mode 100644
index 0000000..18b71a2
--- /dev/null
+++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!blahblahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/05_usermod_lock_already_locked_password2/usermod.test b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/usermod.test
new file mode 100755
index 0000000..bd8e338
--- /dev/null
+++ b/tests/usertools/usermod/05_usermod_lock_already_locked_password2/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not fail to lock an already locked password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Lock foo's password (usermod -L foo)..."
+usermod -L foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config.txt b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/default/useradd b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/group b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/gshadow b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/passwd b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/passwd
new file mode 100644
index 0000000..9abcbc4
--- /dev/null
+++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:!blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/shadow b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/06_usermod_lock_already_locked_password3/usermod.test b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/usermod.test
new file mode 100755
index 0000000..9f4907f
--- /dev/null
+++ b/tests/usertools/usermod/06_usermod_lock_already_locked_password3/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not fail to lock an already locked password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Lock foo's password (usermod -L foo)..."
+usermod -L foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config.txt b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/default/useradd b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/group b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/gshadow b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/passwd b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/shadow b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/shadow
new file mode 100644
index 0000000..6e9fa8e
--- /dev/null
+++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/usermod.test b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/usermod.test
new file mode 100755
index 0000000..68c6d4c
--- /dev/null
+++ b/tests/usertools/usermod/07_usermod_unlock_already_unlocked_password1/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not fail to unlock an already unlocked password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Unlock foo's password (usermod -U foo)..."
+usermod -U foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config.txt b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/default/useradd b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/group b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/gshadow b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/passwd b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/shadow b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/shadow
new file mode 100644
index 0000000..3d01e1a
--- /dev/null
+++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!unusedblahblahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/data/shadow b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/data/shadow
new file mode 100644
index 0000000..646a9a5
--- /dev/null
+++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:unusedblahblahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/usermod.test b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/usermod.test
new file mode 100755
index 0000000..a845677
--- /dev/null
+++ b/tests/usertools/usermod/08_usermod_unlock_already_unlocked_password2/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not fail to unlock an already unlocked password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Unlock foo's password (usermod -U foo)..."
+usermod -U foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config.txt b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/default/useradd b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/group b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/gshadow b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/passwd b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/passwd
new file mode 100644
index 0000000..06b331b
--- /dev/null
+++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:blahblahblah:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/shadow b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/usermod.test b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/usermod.test
new file mode 100755
index 0000000..68c6d4c
--- /dev/null
+++ b/tests/usertools/usermod/09_usermod_unlock_already_unlocked_password3/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not fail to unlock an already unlocked password"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Unlock foo's password (usermod -U foo)..."
+usermod -U foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/10_usermod_usage/config.txt b/tests/usertools/usermod/10_usermod_usage/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/10_usermod_usage/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/10_usermod_usage/config/etc/default/useradd b/tests/usertools/usermod/10_usermod_usage/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/10_usermod_usage/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/10_usermod_usage/config/etc/group b/tests/usertools/usermod/10_usermod_usage/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/10_usermod_usage/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/10_usermod_usage/config/etc/gshadow b/tests/usertools/usermod/10_usermod_usage/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/10_usermod_usage/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/10_usermod_usage/config/etc/passwd b/tests/usertools/usermod/10_usermod_usage/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/usermod/10_usermod_usage/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/usermod/10_usermod_usage/config/etc/shadow b/tests/usertools/usermod/10_usermod_usage/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/10_usermod_usage/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/10_usermod_usage/data/usage.out b/tests/usertools/usermod/10_usermod_usage/data/usage.out
new file mode 100644
index 0000000..6e12e63
--- /dev/null
+++ b/tests/usertools/usermod/10_usermod_usage/data/usage.out
@@ -0,0 +1,30 @@
+Usage: usermod [options] LOGIN
+
+Options:
+  -c, --comment COMMENT         new value of the GECOS field
+  -d, --home HOME_DIR           new home directory for the user account
+  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -f, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -g, --gid GROUP               force use GROUP as new primary group
+  -G, --groups GROUPS           new list of supplementary GROUPS
+  -a, --append                  append the user to the supplemental GROUPS
+                                mentioned by the -G option without removing
+                                him/her from other groups
+  -h, --help                    display this help message and exit
+  -l, --login NEW_LOGIN         new value of the login name
+  -L, --lock                    lock the user account
+  -m, --move-home               move contents of the home directory to the
+                                new location (use only with -d)
+  -o, --non-unique              allow using duplicate (non-unique) UID
+  -p, --password PASSWORD       use encrypted password for the new password
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             new login shell for the user account
+  -u, --uid UID                 new UID for the user account
+  -U, --unlock                  unlock the user account
+  -v, --add-subuids FIRST-LAST  add range of subordinate uids
+  -V, --del-subuids FIRST-LAST  remove range of subordinate uids
+  -w, --add-subgids FIRST-LAST  add range of subordinate gids
+  -W, --del-subgids FIRST-LAST  remove range of subordinate gids
+  -Z, --selinux-user SEUSER     new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/10_usermod_usage/usermod.test b/tests/usertools/usermod/10_usermod_usage/usermod.test
new file mode 100755
index 0000000..2f96442
--- /dev/null
+++ b/tests/usertools/usermod/10_usermod_usage/usermod.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can display its usage message"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get usermod usage (usermod -h)..."
+usermod -h >tmp/usage.out
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config.txt b/tests/usertools/usermod/11_usermod_usage_bad_option/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/default/useradd b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/group b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/gshadow b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/passwd b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/shadow b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/11_usermod_usage_bad_option/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/data/usage.out b/tests/usertools/usermod/11_usermod_usage_bad_option/data/usage.out
new file mode 100644
index 0000000..e228571
--- /dev/null
+++ b/tests/usertools/usermod/11_usermod_usage_bad_option/data/usage.out
@@ -0,0 +1,31 @@
+usermod: unrecognized option '--foo'
+Usage: usermod [options] LOGIN
+
+Options:
+  -c, --comment COMMENT         new value of the GECOS field
+  -d, --home HOME_DIR           new home directory for the user account
+  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -f, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -g, --gid GROUP               force use GROUP as new primary group
+  -G, --groups GROUPS           new list of supplementary GROUPS
+  -a, --append                  append the user to the supplemental GROUPS
+                                mentioned by the -G option without removing
+                                him/her from other groups
+  -h, --help                    display this help message and exit
+  -l, --login NEW_LOGIN         new value of the login name
+  -L, --lock                    lock the user account
+  -m, --move-home               move contents of the home directory to the
+                                new location (use only with -d)
+  -o, --non-unique              allow using duplicate (non-unique) UID
+  -p, --password PASSWORD       use encrypted password for the new password
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             new login shell for the user account
+  -u, --uid UID                 new UID for the user account
+  -U, --unlock                  unlock the user account
+  -v, --add-subuids FIRST-LAST  add range of subordinate uids
+  -V, --del-subuids FIRST-LAST  remove range of subordinate uids
+  -w, --add-subgids FIRST-LAST  add range of subordinate gids
+  -W, --del-subgids FIRST-LAST  remove range of subordinate gids
+  -Z, --selinux-user SEUSER     new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/11_usermod_usage_bad_option/usermod.test b/tests/usertools/usermod/11_usermod_usage_bad_option/usermod.test
new file mode 100755
index 0000000..a5ebf49
--- /dev/null
+++ b/tests/usertools/usermod/11_usermod_usage_bad_option/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod displays its usage message in case on non recognized option"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Get usermod usage (usermod --foo)..."
+usermod --foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config.txt b/tests/usertools/usermod/12_usermod_usage_bad-f/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/default/useradd b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/group b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/gshadow b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/passwd b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/shadow b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/12_usermod_usage_bad-f/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/data/usermod.err b/tests/usertools/usermod/12_usermod_usage_bad-f/data/usermod.err
new file mode 100644
index 0000000..e5438f4
--- /dev/null
+++ b/tests/usertools/usermod/12_usermod_usage_bad-f/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid numeric argument 'bar'
diff --git a/tests/usertools/usermod/12_usermod_usage_bad-f/usermod.test b/tests/usertools/usermod/12_usermod_usage_bad-f/usermod.test
new file mode 100755
index 0000000..68a6563
--- /dev/null
+++ b/tests/usertools/usermod/12_usermod_usage_bad-f/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks that the number of inactive days is a number"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Use -f without a number (usermod -f bar foo)..."
+usermod -f bar foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "usage message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config.txt b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/default/useradd b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/group b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/gshadow b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/passwd b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/passwd
new file mode 100644
index 0000000..43fc135
--- /dev/null
+++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/passwd
@@ -0,0 +1,19 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/shadow b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/data/usermod.err b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/data/usermod.err
new file mode 100644
index 0000000..4e80b68
--- /dev/null
+++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid numeric argument '-2'
diff --git a/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/usermod.test b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/usermod.test
new file mode 100755
index 0000000..b7655a3
--- /dev/null
+++ b/tests/usertools/usermod/13_usermod_usage_bad-f_negativ/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod displays its usage message in case when -f receive a wrong number"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Set number of inactive days to -2 (usermod -f -2)..."
+usermod -f -2 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "usage message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config.txt b/tests/usertools/usermod/14_usermod_usage_no_options/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/14_usermod_usage_no_options/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/default/useradd b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/group b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/gshadow b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/passwd b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/shadow b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/14_usermod_usage_no_options/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/data/usage.out b/tests/usertools/usermod/14_usermod_usage_no_options/data/usage.out
new file mode 100644
index 0000000..f2a56d7
--- /dev/null
+++ b/tests/usertools/usermod/14_usermod_usage_no_options/data/usage.out
@@ -0,0 +1,31 @@
+usermod: no options
+Usage: usermod [options] LOGIN
+
+Options:
+  -c, --comment COMMENT         new value of the GECOS field
+  -d, --home HOME_DIR           new home directory for the user account
+  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -f, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -g, --gid GROUP               force use GROUP as new primary group
+  -G, --groups GROUPS           new list of supplementary GROUPS
+  -a, --append                  append the user to the supplemental GROUPS
+                                mentioned by the -G option without removing
+                                him/her from other groups
+  -h, --help                    display this help message and exit
+  -l, --login NEW_LOGIN         new value of the login name
+  -L, --lock                    lock the user account
+  -m, --move-home               move contents of the home directory to the
+                                new location (use only with -d)
+  -o, --non-unique              allow using duplicate (non-unique) UID
+  -p, --password PASSWORD       use encrypted password for the new password
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             new login shell for the user account
+  -u, --uid UID                 new UID for the user account
+  -U, --unlock                  unlock the user account
+  -v, --add-subuids FIRST-LAST  add range of subordinate uids
+  -V, --del-subuids FIRST-LAST  remove range of subordinate uids
+  -w, --add-subgids FIRST-LAST  add range of subordinate gids
+  -W, --del-subgids FIRST-LAST  remove range of subordinate gids
+  -Z, --selinux-user SEUSER     new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/14_usermod_usage_no_options/usermod.test b/tests/usertools/usermod/14_usermod_usage_no_options/usermod.test
new file mode 100755
index 0000000..caa9de7
--- /dev/null
+++ b/tests/usertools/usermod/14_usermod_usage_no_options/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks that there is actually something to change"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change user foo (usermod foo)..."
+usermod foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config.txt b/tests/usertools/usermod/15_usermod_usage_no_user/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/15_usermod_usage_no_user/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/default/useradd b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/group b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/gshadow b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/passwd b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/shadow b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/15_usermod_usage_no_user/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/data/usage.out b/tests/usertools/usermod/15_usermod_usage_no_user/data/usage.out
new file mode 100644
index 0000000..6e12e63
--- /dev/null
+++ b/tests/usertools/usermod/15_usermod_usage_no_user/data/usage.out
@@ -0,0 +1,30 @@
+Usage: usermod [options] LOGIN
+
+Options:
+  -c, --comment COMMENT         new value of the GECOS field
+  -d, --home HOME_DIR           new home directory for the user account
+  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -f, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -g, --gid GROUP               force use GROUP as new primary group
+  -G, --groups GROUPS           new list of supplementary GROUPS
+  -a, --append                  append the user to the supplemental GROUPS
+                                mentioned by the -G option without removing
+                                him/her from other groups
+  -h, --help                    display this help message and exit
+  -l, --login NEW_LOGIN         new value of the login name
+  -L, --lock                    lock the user account
+  -m, --move-home               move contents of the home directory to the
+                                new location (use only with -d)
+  -o, --non-unique              allow using duplicate (non-unique) UID
+  -p, --password PASSWORD       use encrypted password for the new password
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             new login shell for the user account
+  -u, --uid UID                 new UID for the user account
+  -U, --unlock                  unlock the user account
+  -v, --add-subuids FIRST-LAST  add range of subordinate uids
+  -V, --del-subuids FIRST-LAST  remove range of subordinate uids
+  -w, --add-subgids FIRST-LAST  add range of subordinate gids
+  -W, --del-subgids FIRST-LAST  remove range of subordinate gids
+  -Z, --selinux-user SEUSER     new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/15_usermod_usage_no_user/usermod.test b/tests/usertools/usermod/15_usermod_usage_no_user/usermod.test
new file mode 100755
index 0000000..98e8c09
--- /dev/null
+++ b/tests/usertools/usermod/15_usermod_usage_no_user/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks that the user to be changed is provided"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change a user name (usermod -l bar)..."
+usermod -l bar 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config.txt b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/default/useradd b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/group b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/gshadow b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/passwd b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/shadow b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/data/usage.out b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/data/usage.out
new file mode 100644
index 0000000..4068a75
--- /dev/null
+++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/data/usage.out
@@ -0,0 +1 @@
+usermod: shadow passwords required for -e and -f
diff --git a/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/usermod.test b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/usermod.test
new file mode 100755
index 0000000..1cf05f5
--- /dev/null
+++ b/tests/usertools/usermod/16_usermod_usage_-e_no_shadow_file/usermod.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks that the shadow file exist for option -e"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "done"
+
+echo -n "Change expire date (usermod -e 10 foo)..."
+usermod -e 10 foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config.txt b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/default/useradd b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/group b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/gshadow b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/passwd b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/shadow b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/data/usage.out b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/data/usage.out
new file mode 100644
index 0000000..4068a75
--- /dev/null
+++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/data/usage.out
@@ -0,0 +1 @@
+usermod: shadow passwords required for -e and -f
diff --git a/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/usermod.test b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/usermod.test
new file mode 100755
index 0000000..f62a292
--- /dev/null
+++ b/tests/usertools/usermod/17_usermod_usage_-f_no_shadow_file/usermod.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks that the shadow file exist for option -f"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/shadow..."
+rm -f /etc/shadow
+echo "done"
+
+echo -n "Change number of inactive days (usermod -f 10 foo)..."
+usermod -f 10 foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+test ! -f /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config.txt b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/default/useradd b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/group b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/gshadow b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/passwd b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/shadow b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/data/usage.out b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/data/usage.out
new file mode 100644
index 0000000..97b98e8
--- /dev/null
+++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/data/usage.out
@@ -0,0 +1,31 @@
+usermod: the -L, -p, and -U flags are exclusive
+Usage: usermod [options] LOGIN
+
+Options:
+  -c, --comment COMMENT         new value of the GECOS field
+  -d, --home HOME_DIR           new home directory for the user account
+  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -f, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -g, --gid GROUP               force use GROUP as new primary group
+  -G, --groups GROUPS           new list of supplementary GROUPS
+  -a, --append                  append the user to the supplemental GROUPS
+                                mentioned by the -G option without removing
+                                him/her from other groups
+  -h, --help                    display this help message and exit
+  -l, --login NEW_LOGIN         new value of the login name
+  -L, --lock                    lock the user account
+  -m, --move-home               move contents of the home directory to the
+                                new location (use only with -d)
+  -o, --non-unique              allow using duplicate (non-unique) UID
+  -p, --password PASSWORD       use encrypted password for the new password
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             new login shell for the user account
+  -u, --uid UID                 new UID for the user account
+  -U, --unlock                  unlock the user account
+  -v, --add-subuids FIRST-LAST  add range of subordinate uids
+  -V, --del-subuids FIRST-LAST  remove range of subordinate uids
+  -w, --add-subgids FIRST-LAST  add range of subordinate gids
+  -W, --del-subgids FIRST-LAST  remove range of subordinate gids
+  -Z, --selinux-user SEUSER     new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/usermod.test b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/usermod.test
new file mode 100755
index 0000000..3886f26
--- /dev/null
+++ b/tests/usertools/usermod/18_usermod_usage-L-p_exclusive/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks that -L and -p are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change an lock password (usermod -L -p newpass foo)..."
+usermod -L -p newpass foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config.txt b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/default/useradd b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/group b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/gshadow b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/passwd b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/shadow b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/data/usage.out b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/data/usage.out
new file mode 100644
index 0000000..97b98e8
--- /dev/null
+++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/data/usage.out
@@ -0,0 +1,31 @@
+usermod: the -L, -p, and -U flags are exclusive
+Usage: usermod [options] LOGIN
+
+Options:
+  -c, --comment COMMENT         new value of the GECOS field
+  -d, --home HOME_DIR           new home directory for the user account
+  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -f, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -g, --gid GROUP               force use GROUP as new primary group
+  -G, --groups GROUPS           new list of supplementary GROUPS
+  -a, --append                  append the user to the supplemental GROUPS
+                                mentioned by the -G option without removing
+                                him/her from other groups
+  -h, --help                    display this help message and exit
+  -l, --login NEW_LOGIN         new value of the login name
+  -L, --lock                    lock the user account
+  -m, --move-home               move contents of the home directory to the
+                                new location (use only with -d)
+  -o, --non-unique              allow using duplicate (non-unique) UID
+  -p, --password PASSWORD       use encrypted password for the new password
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             new login shell for the user account
+  -u, --uid UID                 new UID for the user account
+  -U, --unlock                  unlock the user account
+  -v, --add-subuids FIRST-LAST  add range of subordinate uids
+  -V, --del-subuids FIRST-LAST  remove range of subordinate uids
+  -w, --add-subgids FIRST-LAST  add range of subordinate gids
+  -W, --del-subgids FIRST-LAST  remove range of subordinate gids
+  -Z, --selinux-user SEUSER     new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/usermod.test b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/usermod.test
new file mode 100755
index 0000000..5ab2270
--- /dev/null
+++ b/tests/usertools/usermod/19_usermod_usage-L-U_exclusive/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks that -L and -U are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Lock an unlock password (usermod -L -U foo)..."
+usermod -L -U foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config.txt b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/default/useradd b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/group b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/gshadow b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/passwd b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/shadow b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/data/usage.out b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/data/usage.out
new file mode 100644
index 0000000..97b98e8
--- /dev/null
+++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/data/usage.out
@@ -0,0 +1,31 @@
+usermod: the -L, -p, and -U flags are exclusive
+Usage: usermod [options] LOGIN
+
+Options:
+  -c, --comment COMMENT         new value of the GECOS field
+  -d, --home HOME_DIR           new home directory for the user account
+  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -f, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -g, --gid GROUP               force use GROUP as new primary group
+  -G, --groups GROUPS           new list of supplementary GROUPS
+  -a, --append                  append the user to the supplemental GROUPS
+                                mentioned by the -G option without removing
+                                him/her from other groups
+  -h, --help                    display this help message and exit
+  -l, --login NEW_LOGIN         new value of the login name
+  -L, --lock                    lock the user account
+  -m, --move-home               move contents of the home directory to the
+                                new location (use only with -d)
+  -o, --non-unique              allow using duplicate (non-unique) UID
+  -p, --password PASSWORD       use encrypted password for the new password
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             new login shell for the user account
+  -u, --uid UID                 new UID for the user account
+  -U, --unlock                  unlock the user account
+  -v, --add-subuids FIRST-LAST  add range of subordinate uids
+  -V, --del-subuids FIRST-LAST  remove range of subordinate uids
+  -w, --add-subgids FIRST-LAST  add range of subordinate gids
+  -W, --del-subgids FIRST-LAST  remove range of subordinate gids
+  -Z, --selinux-user SEUSER     new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/usermod.test b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/usermod.test
new file mode 100755
index 0000000..0dc1ea4
--- /dev/null
+++ b/tests/usertools/usermod/20_usermod_usage-p-U_exclusive/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks that -U and -p are not provided at the same time"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change an unlock password (usermod -U -p newpass foo)..."
+usermod -U -p newpass foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config.txt b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config.txt
new file mode 100644
index 0000000..f21fb08
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config.txt
@@ -0,0 +1,6 @@
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/default/useradd b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/group b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/gshadow b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/passwd b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/shadow b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/group b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/group
new file mode 100644
index 0000000..730e4dd
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo2
+tty:x:5:
+disk:x:6:
+lp:x:7:root,foo2
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo2
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo2
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo2
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/passwd b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/passwd
new file mode 100644
index 0000000..f9b7829
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo2:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/shadow b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/shadow
new file mode 100644
index 0000000..60a11cf
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo2:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/usermod.test b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/usermod.test
new file mode 100755
index 0000000..5ad5bf9
--- /dev/null
+++ b/tests/usertools/usermod/21_usermod_rename_user_no_gshadow_file/usermod.test
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod rename the user in the lists of members, when an user is renamed with -l"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Remove /etc/gshadow..."
+rm -f /etc/gshadow
+echo "done"
+
+echo -n "Rename user foo (usermod -l foo2 foo)..."
+usermod -l foo2 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+test ! -f /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config.txt b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/default/useradd b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/group b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/gshadow b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/passwd b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/shadow b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/data/usage.out b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/data/usage.out
new file mode 100644
index 0000000..5a96e57
--- /dev/null
+++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/data/usage.out
@@ -0,0 +1 @@
+usermod: invalid user name '2:bar'
diff --git a/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/usermod.test b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/usermod.test
new file mode 100755
index 0000000..66ff45a
--- /dev/null
+++ b/tests/usertools/usermod/22_usermod_usage_rename_invalid_username/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks the validity of a new username"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Rename with invalid username (usermod -l 2bar foo)..."
+usermod -l 2:bar foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/23_usermod-e_date/config.txt b/tests/usertools/usermod/23_usermod-e_date/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/23_usermod-e_date/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/23_usermod-e_date/config/etc/default/useradd b/tests/usertools/usermod/23_usermod-e_date/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/23_usermod-e_date/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/23_usermod-e_date/config/etc/group b/tests/usertools/usermod/23_usermod-e_date/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/23_usermod-e_date/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/23_usermod-e_date/config/etc/gshadow b/tests/usertools/usermod/23_usermod-e_date/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/23_usermod-e_date/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/23_usermod-e_date/config/etc/passwd b/tests/usertools/usermod/23_usermod-e_date/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/23_usermod-e_date/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/23_usermod-e_date/config/etc/shadow b/tests/usertools/usermod/23_usermod-e_date/config/etc/shadow
new file mode 100644
index 0000000..e678938
--- /dev/null
+++ b/tests/usertools/usermod/23_usermod-e_date/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/23_usermod-e_date/data/shadow b/tests/usertools/usermod/23_usermod-e_date/data/shadow
new file mode 100644
index 0000000..af98956
--- /dev/null
+++ b/tests/usertools/usermod/23_usermod-e_date/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7::15320:
diff --git a/tests/usertools/usermod/23_usermod-e_date/usermod.test b/tests/usertools/usermod/23_usermod-e_date/usermod.test
new file mode 100755
index 0000000..5ab527f
--- /dev/null
+++ b/tests/usertools/usermod/23_usermod-e_date/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can set the expiry date"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's expiry date (usermod -e 2011-12-12 foo)..."
+usermod -e 2011-12-12 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/24_usermod-e_date/config.txt b/tests/usertools/usermod/24_usermod-e_date/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/24_usermod-e_date/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/24_usermod-e_date/config/etc/default/useradd b/tests/usertools/usermod/24_usermod-e_date/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/24_usermod-e_date/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/24_usermod-e_date/config/etc/group b/tests/usertools/usermod/24_usermod-e_date/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/24_usermod-e_date/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/24_usermod-e_date/config/etc/gshadow b/tests/usertools/usermod/24_usermod-e_date/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/24_usermod-e_date/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/24_usermod-e_date/config/etc/passwd b/tests/usertools/usermod/24_usermod-e_date/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/24_usermod-e_date/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/24_usermod-e_date/config/etc/shadow b/tests/usertools/usermod/24_usermod-e_date/config/etc/shadow
new file mode 100644
index 0000000..ae79ac5
--- /dev/null
+++ b/tests/usertools/usermod/24_usermod-e_date/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7::42:
diff --git a/tests/usertools/usermod/24_usermod-e_date/data/shadow b/tests/usertools/usermod/24_usermod-e_date/data/shadow
new file mode 100644
index 0000000..a1923b5
--- /dev/null
+++ b/tests/usertools/usermod/24_usermod-e_date/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7::42424:
diff --git a/tests/usertools/usermod/24_usermod-e_date/usermod.test b/tests/usertools/usermod/24_usermod-e_date/usermod.test
new file mode 100755
index 0000000..a2ae15a
--- /dev/null
+++ b/tests/usertools/usermod/24_usermod-e_date/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can set the expiry date (number of days)"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's expiry date (usermod -e 42424 foo)..."
+usermod -e 42424 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config.txt b/tests/usertools/usermod/25_usermod-e_empty_arg/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/default/useradd b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/group b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/gshadow b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/passwd b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/shadow b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/shadow
new file mode 100644
index 0000000..b21ccf8
--- /dev/null
+++ b/tests/usertools/usermod/25_usermod-e_empty_arg/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7::2:
diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/data/shadow b/tests/usertools/usermod/25_usermod-e_empty_arg/data/shadow
new file mode 100644
index 0000000..e678938
--- /dev/null
+++ b/tests/usertools/usermod/25_usermod-e_empty_arg/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/25_usermod-e_empty_arg/usermod.test b/tests/usertools/usermod/25_usermod-e_empty_arg/usermod.test
new file mode 100755
index 0000000..997d51a
--- /dev/null
+++ b/tests/usertools/usermod/25_usermod-e_empty_arg/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can disable the expiry date"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable the user's expiry date (usermod -e '' foo)..."
+usermod -e '' foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/26_usermod-e-1/config.txt b/tests/usertools/usermod/26_usermod-e-1/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/26_usermod-e-1/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/26_usermod-e-1/config/etc/default/useradd b/tests/usertools/usermod/26_usermod-e-1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/26_usermod-e-1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/26_usermod-e-1/config/etc/group b/tests/usertools/usermod/26_usermod-e-1/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/26_usermod-e-1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/26_usermod-e-1/config/etc/gshadow b/tests/usertools/usermod/26_usermod-e-1/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/26_usermod-e-1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/26_usermod-e-1/config/etc/passwd b/tests/usertools/usermod/26_usermod-e-1/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/26_usermod-e-1/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/26_usermod-e-1/config/etc/shadow b/tests/usertools/usermod/26_usermod-e-1/config/etc/shadow
new file mode 100644
index 0000000..b21ccf8
--- /dev/null
+++ b/tests/usertools/usermod/26_usermod-e-1/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7::2:
diff --git a/tests/usertools/usermod/26_usermod-e-1/data/shadow b/tests/usertools/usermod/26_usermod-e-1/data/shadow
new file mode 100644
index 0000000..e678938
--- /dev/null
+++ b/tests/usertools/usermod/26_usermod-e-1/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/26_usermod-e-1/usermod.test b/tests/usertools/usermod/26_usermod-e-1/usermod.test
new file mode 100755
index 0000000..c15ddc6
--- /dev/null
+++ b/tests/usertools/usermod/26_usermod-e-1/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can disable the expiry date"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable the user's expiry date (usermod -e -1 foo)..."
+usermod -e -1 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config.txt b/tests/usertools/usermod/27_usermod-e_invalid1/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/27_usermod-e_invalid1/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/default/useradd b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/group b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/gshadow b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/passwd b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/shadow b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/shadow
new file mode 100644
index 0000000..b21ccf8
--- /dev/null
+++ b/tests/usertools/usermod/27_usermod-e_invalid1/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7::2:
diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/data/usermod.err b/tests/usertools/usermod/27_usermod-e_invalid1/data/usermod.err
new file mode 100644
index 0000000..3de424e
--- /dev/null
+++ b/tests/usertools/usermod/27_usermod-e_invalid1/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid date '-2'
diff --git a/tests/usertools/usermod/27_usermod-e_invalid1/usermod.test b/tests/usertools/usermod/27_usermod-e_invalid1/usermod.test
new file mode 100755
index 0000000..c564197
--- /dev/null
+++ b/tests/usertools/usermod/27_usermod-e_invalid1/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks the validity of the expiry argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable the user's expiry date (usermod -e -2 foo)..."
+usermod -e -2 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "usage message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config.txt b/tests/usertools/usermod/28_usermod-e_invalid2/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/28_usermod-e_invalid2/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/default/useradd b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/group b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/gshadow b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/passwd b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/shadow b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/shadow
new file mode 100644
index 0000000..b21ccf8
--- /dev/null
+++ b/tests/usertools/usermod/28_usermod-e_invalid2/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7::2:
diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/data/usermod.err b/tests/usertools/usermod/28_usermod-e_invalid2/data/usermod.err
new file mode 100644
index 0000000..43494b0
--- /dev/null
+++ b/tests/usertools/usermod/28_usermod-e_invalid2/data/usermod.err
@@ -0,0 +1 @@
+usermod: invalid date 'bar'
diff --git a/tests/usertools/usermod/28_usermod-e_invalid2/usermod.test b/tests/usertools/usermod/28_usermod-e_invalid2/usermod.test
new file mode 100755
index 0000000..fa761b2
--- /dev/null
+++ b/tests/usertools/usermod/28_usermod-e_invalid2/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks the validity of the expiry argument"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Disable the user's expiry date (usermod -e bar foo)..."
+usermod -e bar foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "3"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "usage message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/29_usermod_no_changes/config.txt b/tests/usertools/usermod/29_usermod_no_changes/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/29_usermod_no_changes/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/29_usermod_no_changes/config/etc/default/useradd b/tests/usertools/usermod/29_usermod_no_changes/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/29_usermod_no_changes/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/29_usermod_no_changes/config/etc/group b/tests/usertools/usermod/29_usermod_no_changes/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/29_usermod_no_changes/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/29_usermod_no_changes/config/etc/gshadow b/tests/usertools/usermod/29_usermod_no_changes/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/29_usermod_no_changes/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/29_usermod_no_changes/config/etc/passwd b/tests/usertools/usermod/29_usermod_no_changes/config/etc/passwd
new file mode 100644
index 0000000..7c90a9b
--- /dev/null
+++ b/tests/usertools/usermod/29_usermod_no_changes/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000:GeCoS:/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/29_usermod_no_changes/config/etc/shadow b/tests/usertools/usermod/29_usermod_no_changes/config/etc/shadow
new file mode 100644
index 0000000..0a24422
--- /dev/null
+++ b/tests/usertools/usermod/29_usermod_no_changes/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:oldpass:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/29_usermod_no_changes/data/usermod.err b/tests/usertools/usermod/29_usermod_no_changes/data/usermod.err
new file mode 100644
index 0000000..ea8edd6
--- /dev/null
+++ b/tests/usertools/usermod/29_usermod_no_changes/data/usermod.err
@@ -0,0 +1 @@
+usermod: no changes
diff --git a/tests/usertools/usermod/29_usermod_no_changes/usermod.test b/tests/usertools/usermod/29_usermod_no_changes/usermod.test
new file mode 100755
index 0000000..5d70329
--- /dev/null
+++ b/tests/usertools/usermod/29_usermod_no_changes/usermod.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod detects when no real changes are requested"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Perform non changes (usermod -l foo -c GeCoS -e -1 -f -1 -u 1000 -d /nonexistent -s /bin/sh foo)..."
+usermod -l foo -c GeCoS -e -1 -f -1 -u 1000 -d /nonexistent -s /bin/sh foo 2>tmp/usermod.err
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "usage message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config.txt b/tests/usertools/usermod/30_usermod_usage-a_without-G/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/default/useradd b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/group b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/gshadow b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/passwd b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/shadow b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/data/usage.out b/tests/usertools/usermod/30_usermod_usage-a_without-G/data/usage.out
new file mode 100644
index 0000000..27dcca7
--- /dev/null
+++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/data/usage.out
@@ -0,0 +1,31 @@
+usermod: -a flag is only allowed with the -G flag
+Usage: usermod [options] LOGIN
+
+Options:
+  -c, --comment COMMENT         new value of the GECOS field
+  -d, --home HOME_DIR           new home directory for the user account
+  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -f, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -g, --gid GROUP               force use GROUP as new primary group
+  -G, --groups GROUPS           new list of supplementary GROUPS
+  -a, --append                  append the user to the supplemental GROUPS
+                                mentioned by the -G option without removing
+                                him/her from other groups
+  -h, --help                    display this help message and exit
+  -l, --login NEW_LOGIN         new value of the login name
+  -L, --lock                    lock the user account
+  -m, --move-home               move contents of the home directory to the
+                                new location (use only with -d)
+  -o, --non-unique              allow using duplicate (non-unique) UID
+  -p, --password PASSWORD       use encrypted password for the new password
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             new login shell for the user account
+  -u, --uid UID                 new UID for the user account
+  -U, --unlock                  unlock the user account
+  -v, --add-subuids FIRST-LAST  add range of subordinate uids
+  -V, --del-subuids FIRST-LAST  remove range of subordinate uids
+  -w, --add-subgids FIRST-LAST  add range of subordinate gids
+  -W, --del-subgids FIRST-LAST  remove range of subordinate gids
+  -Z, --selinux-user SEUSER     new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/30_usermod_usage-a_without-G/usermod.test b/tests/usertools/usermod/30_usermod_usage-a_without-G/usermod.test
new file mode 100755
index 0000000..6e30cfd
--- /dev/null
+++ b/tests/usertools/usermod/30_usermod_usage-a_without-G/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod rejects -a without -G"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Append groups without groups (usermod -a foo)..."
+usermod -a foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config.txt b/tests/usertools/usermod/31_usermod_usage-o_without-u/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/default/useradd b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/group b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/gshadow b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/passwd b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/shadow b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/data/usage.out b/tests/usertools/usermod/31_usermod_usage-o_without-u/data/usage.out
new file mode 100644
index 0000000..d3a108f
--- /dev/null
+++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/data/usage.out
@@ -0,0 +1,31 @@
+usermod: -o flag is only allowed with the -u flag
+Usage: usermod [options] LOGIN
+
+Options:
+  -c, --comment COMMENT         new value of the GECOS field
+  -d, --home HOME_DIR           new home directory for the user account
+  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -f, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -g, --gid GROUP               force use GROUP as new primary group
+  -G, --groups GROUPS           new list of supplementary GROUPS
+  -a, --append                  append the user to the supplemental GROUPS
+                                mentioned by the -G option without removing
+                                him/her from other groups
+  -h, --help                    display this help message and exit
+  -l, --login NEW_LOGIN         new value of the login name
+  -L, --lock                    lock the user account
+  -m, --move-home               move contents of the home directory to the
+                                new location (use only with -d)
+  -o, --non-unique              allow using duplicate (non-unique) UID
+  -p, --password PASSWORD       use encrypted password for the new password
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             new login shell for the user account
+  -u, --uid UID                 new UID for the user account
+  -U, --unlock                  unlock the user account
+  -v, --add-subuids FIRST-LAST  add range of subordinate uids
+  -V, --del-subuids FIRST-LAST  remove range of subordinate uids
+  -w, --add-subgids FIRST-LAST  add range of subordinate gids
+  -W, --del-subgids FIRST-LAST  remove range of subordinate gids
+  -Z, --selinux-user SEUSER     new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/31_usermod_usage-o_without-u/usermod.test b/tests/usertools/usermod/31_usermod_usage-o_without-u/usermod.test
new file mode 100755
index 0000000..bf57aa7
--- /dev/null
+++ b/tests/usertools/usermod/31_usermod_usage-o_without-u/usermod.test
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod rejects -o without -u"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Append groups without groups (usermod -o foo)..."
+usermod -o foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config.txt b/tests/usertools/usermod/32_usermod_usage-m_without-d/config.txt
new file mode 100644
index 0000000..31f5635
--- /dev/null
+++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config.txt
@@ -0,0 +1,10 @@
+# no testsuite password
+# root password: rootF00barbaz
+# myuser password: myuserF00barbaz
+
+user foo, in group users (only in /etc/group)
+user foo, in group tty (only in /etc/gshadow)
+user foo, in group floppy
+user foo, admin of group disk
+user foo, admin and member of group fax
+user foo, admin and member of group cdrom (only in /etc/gshadow)
diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/default/useradd b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/group b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/group
new file mode 100644
index 0000000..1012390
--- /dev/null
+++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/group
@@ -0,0 +1,41 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/gshadow b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/gshadow
new file mode 100644
index 0000000..ae42486
--- /dev/null
+++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/gshadow
@@ -0,0 +1,41 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/passwd b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/passwd
new file mode 100644
index 0000000..dbb06b8
--- /dev/null
+++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/nonexistent:/bin/sh
diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/shadow b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/data/usage.out b/tests/usertools/usermod/32_usermod_usage-m_without-d/data/usage.out
new file mode 100644
index 0000000..0dbcdef
--- /dev/null
+++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/data/usage.out
@@ -0,0 +1,31 @@
+usermod: -m flag is only allowed with the -d flag
+Usage: usermod [options] LOGIN
+
+Options:
+  -c, --comment COMMENT         new value of the GECOS field
+  -d, --home HOME_DIR           new home directory for the user account
+  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
+  -f, --inactive INACTIVE       set password inactive after expiration
+                                to INACTIVE
+  -g, --gid GROUP               force use GROUP as new primary group
+  -G, --groups GROUPS           new list of supplementary GROUPS
+  -a, --append                  append the user to the supplemental GROUPS
+                                mentioned by the -G option without removing
+                                him/her from other groups
+  -h, --help                    display this help message and exit
+  -l, --login NEW_LOGIN         new value of the login name
+  -L, --lock                    lock the user account
+  -m, --move-home               move contents of the home directory to the
+                                new location (use only with -d)
+  -o, --non-unique              allow using duplicate (non-unique) UID
+  -p, --password PASSWORD       use encrypted password for the new password
+  -R, --root CHROOT_DIR         directory to chroot into
+  -s, --shell SHELL             new login shell for the user account
+  -u, --uid UID                 new UID for the user account
+  -U, --unlock                  unlock the user account
+  -v, --add-subuids FIRST-LAST  add range of subordinate uids
+  -V, --del-subuids FIRST-LAST  remove range of subordinate uids
+  -w, --add-subgids FIRST-LAST  add range of subordinate gids
+  -W, --del-subgids FIRST-LAST  remove range of subordinate gids
+  -Z, --selinux-user SEUSER     new SELinux user mapping for the user account
+
diff --git a/tests/usertools/usermod/32_usermod_usage-m_without-d/usermod.test b/tests/usertools/usermod/32_usermod_usage-m_without-d/usermod.test
new file mode 100755
index 0000000..407dc32
--- /dev/null
+++ b/tests/usertools/usermod/32_usermod_usage-m_without-d/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod rejects -m without -d"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Move home without new home (usermod -m foo)..."
+usermod -m foo 2>tmp/usage.out && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "2"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usage.out
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usage.out tmp/usage.out
+echo "usage message OK."
+rm -f tmp/usage.out
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/33_usermod_change_shell/config.txt b/tests/usertools/usermod/33_usermod_change_shell/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/33_usermod_change_shell/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/33_usermod_change_shell/config/etc/default/useradd b/tests/usertools/usermod/33_usermod_change_shell/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/33_usermod_change_shell/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/33_usermod_change_shell/config/etc/group b/tests/usertools/usermod/33_usermod_change_shell/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/33_usermod_change_shell/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/33_usermod_change_shell/config/etc/gshadow b/tests/usertools/usermod/33_usermod_change_shell/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/33_usermod_change_shell/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/33_usermod_change_shell/config/etc/passwd b/tests/usertools/usermod/33_usermod_change_shell/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/33_usermod_change_shell/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/33_usermod_change_shell/config/etc/shadow b/tests/usertools/usermod/33_usermod_change_shell/config/etc/shadow
new file mode 100644
index 0000000..e678938
--- /dev/null
+++ b/tests/usertools/usermod/33_usermod_change_shell/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:blahblah:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/33_usermod_change_shell/data/passwd b/tests/usertools/usermod/33_usermod_change_shell/data/passwd
new file mode 100644
index 0000000..57c4cf3
--- /dev/null
+++ b/tests/usertools/usermod/33_usermod_change_shell/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/bash
diff --git a/tests/usertools/usermod/33_usermod_change_shell/usermod.test b/tests/usertools/usermod/33_usermod_change_shell/usermod.test
new file mode 100755
index 0000000..81145df
--- /dev/null
+++ b/tests/usertools/usermod/33_usermod_change_shell/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can change the shell"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's shell (usermod -s /bin/bash foo)..."
+usermod -s /bin/bash foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config.txt b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/default/useradd b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/group b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/gshadow b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/passwd b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..0175ffc
--- /dev/null
+++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:oldpass:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/shadow b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/data/shadow b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..64ee844
--- /dev/null
+++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:oldpass:@TODAY@:0:99999:7::15320:
diff --git a/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/usermod.test b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/usermod.test
new file mode 100755
index 0000000..fa2e567
--- /dev/null
+++ b/tests/usertools/usermod/34_usermod-e_date_no_shadow_entry/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod create a shadow entry to set the expiry date"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's expiry date (usermod -e 2011-12-12 foo)..."
+usermod -e 2011-12-12 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config.txt b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config.txt
new file mode 100644
index 0000000..a2ff911
--- /dev/null
+++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config.txt
@@ -0,0 +1,2 @@
+user foo exists, UID 1000
+user foo2 exists, UID 1001
diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/default/useradd b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/group b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/gshadow b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/passwd b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/passwd
new file mode 100644
index 0000000..0175ffc
--- /dev/null
+++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:oldpass:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/shadow b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/shadow
new file mode 100644
index 0000000..5f50d18
--- /dev/null
+++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/config/etc/shadow
@@ -0,0 +1,19 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/data/shadow b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/data/shadow
new file mode 100644
index 0000000..43a9175
--- /dev/null
+++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:oldpass:@TODAY@:0:99999:7:42::
diff --git a/tests/usertools/usermod/35_usermod-f_no_shadow_entry/usermod.test b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/usermod.test
new file mode 100755
index 0000000..0c1d293
--- /dev/null
+++ b/tests/usertools/usermod/35_usermod-f_no_shadow_entry/usermod.test
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod create a shadow entry to set the number of inactive days"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Change the user's number of inactive days (usermod -f 42 foo)..."
+usermod -f 42 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl config/etc/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config.txt b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/default/useradd b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/group b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/gshadow b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/passwd b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/shadow b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a
new file mode 100644
index 0000000..62a6381
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a
@@ -0,0 +1,3 @@
+-rw-r--r-- foo:foo `/home/foo/toto'
+drwxr-xr-x foo:foo `/home/foo/.'
+drwxr-xr-x root:root `/home/foo/..'
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a2 b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a2
new file mode 100644
index 0000000..e69e95d
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/home_ls-a2
@@ -0,0 +1,2 @@
+drwxr-xr-x root:root `/home/foo2/.'
+drwxr-xr-x root:root `/home/foo2/..'
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/passwd b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/passwd
new file mode 100644
index 0000000..bc9a6f0
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo2:/bin/false
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/usermod.err b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/usermod.err
new file mode 100644
index 0000000..64b72d1
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/data/usermod.err
@@ -0,0 +1 @@
+usermod: directory /home/foo2 exists
diff --git a/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/usermod.test b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/usermod.test
new file mode 100755
index 0000000..0821c02
--- /dev/null
+++ b/tests/usertools/usermod/36_usermod_move_homedir_existing_dir/usermod.test
@@ -0,0 +1,84 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can move the user's home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2' 0
+
+change_config
+
+mkdir /home/foo
+echo toto > /home/foo/toto
+chown -R foo:foo /home/foo
+
+echo -n "Create /home/foo2"...
+mkdir /home/foo2
+echo "OK"
+
+echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..."
+usermod -m -d /home/foo2 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "usage message OK."
+rm -f tmp/usermod.err
+
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was not removed..."
+test -d /home/foo
+echo "OK"
+echo -n "Check the user's home directory was not moved..."
+test -d /home/foo2
+echo "OK"
+echo -n "Check content of /home/foo/..."
+stat --printf "%A %U:%G %N\n" /home/foo/* /home/foo/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+rm -f tmp/home_ls-a
+echo -n "Check content of /home/foo2/..."
+stat --printf "%A %U:%G %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a2
+diff -rauN data/home_ls-a2 tmp/home_ls-a2
+echo "OK"
+rm -f tmp/home_ls-a2
+
+echo -n "Remove the home directories..."
+rm -rf /home/foo /home/foo2
+echo "done"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config.txt b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/default/useradd b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/group b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/gshadow b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/passwd b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/shadow b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/data/passwd b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/data/passwd
new file mode 100644
index 0000000..bc9a6f0
--- /dev/null
+++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo2:/bin/false
diff --git a/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/usermod.test b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/usermod.test
new file mode 100755
index 0000000..3b3ba6f
--- /dev/null
+++ b/tests/usertools/usermod/37_usermod_move_nonexistent_homedir/usermod.test
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can move the user's home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2' 0
+
+change_config
+
+# Do not create the user's /home/foo home directory
+
+echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..."
+usermod -m -d /home/foo2 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the old user's home directory was not created..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check the new user's home directory was not created..."
+test ! -d /home/foo2
+echo "OK"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config.txt b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/default/useradd b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/group b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/gshadow b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/passwd b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/shadow b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/data/passwd b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/data/passwd
new file mode 100644
index 0000000..174e4f6
--- /dev/null
+++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/38_usermod-u_lastlog_not_created/usermod.test b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/usermod.test
new file mode 100755
index 0000000..b232d9e
--- /dev/null
+++ b/tests/usertools/usermod/38_usermod-u_lastlog_not_created/usermod.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not create /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; touch /var/log/lastlog' 0
+
+change_config
+
+echo -n "Remove /var/log/lastlog (it will not be restored)..."
+rm -f /var/log/lastlog
+echo "OK"
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that the /var/log/lastlog file was not created"...
+test ! -f /var/log/lastlog
+echo "OK"
+
+touch /var/log/lastlog
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config.txt b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/default/useradd b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/group b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/gshadow b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/passwd b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/passwd
new file mode 100644
index 0000000..ae6ebfe
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/shadow b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/data/passwd b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/data/passwd
new file mode 100644
index 0000000..137b91d
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/sh
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/login.exp b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/login.exp
new file mode 100755
index 0000000..c8866d9
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/login.exp
@@ -0,0 +1,13 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login -f foo\r"
+expect "$ "
+
+send "exit\r"
+exit 0
diff --git a/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/usermod.test b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/usermod.test
new file mode 100755
index 0000000..8b4f43f
--- /dev/null
+++ b/tests/usertools/usermod/39_usermod-u_copy_lastlog_entry/usermod.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not create /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+touch /var/log/lastlog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp
+echo "OK"
+
+lastlog > tmp/lastlog.out
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+lastlog > tmp/lastlog.out2
+
+echo "lastlog:"
+echo "======================================================================="
+cat tmp/lastlog.out2
+echo "======================================================================="
+
+echo -n "Check the lastlog message..."
+diff -au tmp/lastlog.out tmp/lastlog.out2
+echo "lastlog message OK."
+rm -f tmp/lastlog.out tmp/lastlog.out2
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config.txt b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/default/useradd b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/group b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/group
new file mode 100644
index 0000000..6470be5
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:10000:
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/gshadow b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/gshadow
new file mode 100644
index 0000000..e982c7c
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/passwd b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/passwd
new file mode 100644
index 0000000..5173c28
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+bar:x:10000:10000::/home/bar:/bin/sh
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/shadow b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/shadow
new file mode 100644
index 0000000..5f73f33
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/group b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/group
new file mode 100644
index 0000000..d972111
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:10000:
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/passwd b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/passwd
new file mode 100644
index 0000000..1cfb31f
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:10000::/home/bar:/bin/sh
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/shadow b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/shadow
new file mode 100644
index 0000000..2fc3f9c
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/login.exp b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/login.exp
new file mode 100755
index 0000000..c8866d9
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/login.exp
@@ -0,0 +1,13 @@
+#!/usr/bin/expect
+
+set timeout 2
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login -f foo\r"
+expect "$ "
+
+send "exit\r"
+exit 0
diff --git a/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/usermod.test b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/usermod.test
new file mode 100755
index 0000000..5efc96f
--- /dev/null
+++ b/tests/usertools/usermod/40_usermod-u_reset_new_lastlog_entry/usermod.test
@@ -0,0 +1,74 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not create /var/log/lastlog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/lastlog (it will not be restored)..."
+touch /var/log/lastlog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp
+echo "OK"
+
+lastlog > tmp/lastlog.out
+
+echo "lastlog :"
+echo "======================================================================="
+cat tmp/lastlog.out
+echo "======================================================================="
+
+echo -n "Manually delete the user foo (to keep the lastlog entry)..."
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+sed -e '/^foo:/d' -i /etc/group
+sed -e '/^foo:/d' -i /etc/gshadow
+echo "OK"
+
+echo -n "Change the user's UID to reuse foo's (usermod -u 1000 bar)..."
+usermod -u 1000 bar
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+lastlog > tmp/lastlog.out2
+
+echo "lastlog:"
+echo "======================================================================="
+cat tmp/lastlog.out2
+echo "======================================================================="
+
+echo -n "Check the lastlog message..."
+sed -e '/^foo /d' -i tmp/lastlog.out
+diff -au tmp/lastlog.out tmp/lastlog.out2
+echo "lastlog message OK."
+rm -f tmp/lastlog.out tmp/lastlog.out2
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config.txt b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/default/useradd b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/group b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/gshadow b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/passwd b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/shadow b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/data/passwd b/tests/usertools/usermod/41_usermod-u_faillog_not_created/data/passwd
new file mode 100644
index 0000000..174e4f6
--- /dev/null
+++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/41_usermod-u_faillog_not_created/usermod.test b/tests/usertools/usermod/41_usermod-u_faillog_not_created/usermod.test
new file mode 100755
index 0000000..2122a87
--- /dev/null
+++ b/tests/usertools/usermod/41_usermod-u_faillog_not_created/usermod.test
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not create /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; touch /var/log/faillog' 0
+
+change_config
+
+echo -n "Remove /var/log/faillog (it will not be restored)..."
+rm -f /var/log/faillog
+echo "OK"
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that the /var/log/faillog file was not created"...
+test ! -f /var/log/faillog
+echo "OK"
+
+touch /var/log/faillog
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config.txt b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/default/useradd b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/group b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/group
new file mode 100644
index 0000000..b6fae89
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root,foo
+tty:x:5:
+disk:x:6:
+lp:x:7:foo,root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:foo
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:foo
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/gshadow b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/gshadow
new file mode 100644
index 0000000..1f2ba8d
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root,foo
+tty:*::foo
+disk:*:foo:
+lp:*::foo,root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*:foo:foo
+voice:*::
+cdrom:*:foo:foo
+floppy:*::foo
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/pam.d/login b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/passwd b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/passwd
new file mode 100644
index 0000000..ae6ebfe
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/shadow b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/shadow
new file mode 100644
index 0000000..9b99f4d
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:$1$yQnIAZWV$gDAMB2IkqaONgrQiRdo4y.:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/data/passwd b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/data/passwd
new file mode 100644
index 0000000..137b91d
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/sh
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/login.exp b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/login.exp
new file mode 100755
index 0000000..bb91e57
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/login.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login foo\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/usermod.test b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/usermod.test
new file mode 100755
index 0000000..769e5dc
--- /dev/null
+++ b/tests/usertools/usermod/42_usermod-u_copy_faillog_entry/usermod.test
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not create /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+> /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp
+echo "OK"
+
+faillog > tmp/faillog.out
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+faillog > tmp/faillog.out2
+
+echo "faillog:"
+echo "======================================================================="
+cat tmp/faillog.out2
+echo "======================================================================="
+
+echo -n "Check the faillog message..."
+diff -au tmp/faillog.out tmp/faillog.out2
+echo "faillog message OK."
+rm -f tmp/faillog.out tmp/faillog.out2
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config.txt b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/default/useradd b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/group b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/group
new file mode 100644
index 0000000..6470be5
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:10000:
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/gshadow b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/gshadow
new file mode 100644
index 0000000..e982c7c
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+bar:*::
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/pam.d/login b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/pam.d/login
new file mode 100644
index 0000000..54f888d
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/pam.d/login
@@ -0,0 +1,111 @@
+#
+# The PAM configuration file for the Shadow `login' service
+#
+
+# Enforce a minimal delay in case of failure (in microseconds).
+# (Replaces the `FAIL_DELAY' setting from login.defs)
+# Note that other modules may require another minimal delay. (for example,
+# to disable any delay, you should add the nodelay option to pam_unix)
+auth       optional   pam_faildelay.so  delay=3000000
+
+# Outputs an issue file prior to each login prompt (Replaces the
+# ISSUE_FILE option from login.defs). Uncomment for use
+# auth       required   pam_issue.so issue=/etc/issue
+
+# Disallows root logins except on tty's listed in /etc/securetty
+# (Replaces the `CONSOLE' setting from login.defs)
+#
+# With the default control of this module:
+#   [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die]
+# root will not be prompted for a password on insecure lines.
+# if an invalid username is entered, a password is prompted (but login
+# will eventually be rejected)
+#
+# You can change it to a "requisite" module if you think root may mis-type
+# her login and should not be prompted for a password in that case. But
+# this will leave the system as vulnerable to user enumeration attacks.
+#
+# You can change it to a "required" module if you think it permits to
+# guess valid user names of your system (invalid user names are considered
+# as possibly being root on insecure lines), but root passwords may be
+# communicated over insecure lines.
+auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
+
+# Disallows other than root logins when /etc/nologin exists
+# (Replaces the `NOLOGINS_FILE' option from login.defs)
+auth       requisite  pam_nologin.so
+
+# Added to support faillog
+auth     required       pam_tally.so per_user
+
+
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+# locale variables are also kept into /etc/default/locale in etch
+# reading this file *in addition to /etc/environment* does not hurt
+session       required   pam_env.so readenv=1 envfile=/etc/default/locale
+
+# Standard Un*x authentication.
+@include common-auth
+
+# This allows certain extra groups to be granted to a user
+# based on things like time of day, tty, service, and user.
+# Please edit /etc/security/group.conf to fit your needs
+# (Replaces the `CONSOLE_GROUPS' option in login.defs)
+auth       optional   pam_group.so
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on logins.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# Uncomment and edit /etc/security/access.conf if you need to
+# set access limits.
+# (Replaces /etc/login.access file)
+# account  required       pam_access.so
+
+# Sets up user limits according to /etc/security/limits.conf
+# (Replaces the use of /etc/limits in old login)
+session    required   pam_limits.so
+
+# Prints the last login info upon succesful login
+# (Replaces the `LASTLOG_ENAB' option from login.defs)
+session    optional   pam_lastlog.so
+
+# Prints the motd upon succesful login
+# (Replaces the `MOTD_FILE' option in login.defs)
+session    optional   pam_motd.so
+
+# Prints the status of the user's mailbox upon succesful login
+# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). 
+#
+# This also defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+session    optional   pam_mail.so standard
+
+# Standard Un*x account and session
+@include common-account
+@include common-session
+@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.
+session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
+# When the module is present, "required" would be sufficient (When SELinux
+# is disabled, this returns success.)
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/passwd b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/passwd
new file mode 100644
index 0000000..5173c28
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/sh
+bar:x:10000:10000::/home/bar:/bin/sh
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/shadow b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/shadow
new file mode 100644
index 0000000..5f73f33
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/group b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/group
new file mode 100644
index 0000000..d972111
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+bar:x:10000:
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/passwd b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/passwd
new file mode 100644
index 0000000..1cfb31f
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:10000::/home/bar:/bin/sh
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/shadow b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/shadow
new file mode 100644
index 0000000..2fc3f9c
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/login.exp b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/login.exp
new file mode 100755
index 0000000..bb91e57
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/login.exp
@@ -0,0 +1,17 @@
+#!/usr/bin/expect
+
+set timeout 5
+expect_after default {puts "\nFAIL"; exit 1}
+
+spawn /bin/bash
+expect "# "
+
+send "login foo\r"
+expect "Password: "
+sleep 0.1
+send "badpass\r"
+send_user "\n# password 'badpass' sent\n\n"
+expect "login: "
+
+send "exit\r"
+exit 0
diff --git a/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/usermod.test b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/usermod.test
new file mode 100755
index 0000000..ee262b6
--- /dev/null
+++ b/tests/usertools/usermod/43_usermod-u_reset_new_faillog_entry/usermod.test
@@ -0,0 +1,75 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod does not create /var/log/faillog"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config' 0
+
+change_config
+
+echo -n "Create an empty /var/log/faillog (it will not be restored)..."
+touch /var/log/faillog
+echo "OK"
+
+echo -n "Trigger a connection as foo..."
+./login.exp
+echo "OK"
+
+faillog > tmp/faillog.out
+
+echo "faillog :"
+echo "======================================================================="
+cat tmp/faillog.out
+echo "======================================================================="
+rm -f tmp/faillog.out
+
+echo -n "Manually delete the user foo (to keep the faillog entry)..."
+sed -e '/^foo:/d' -i /etc/passwd
+sed -e '/^foo:/d' -i /etc/shadow
+sed -e '/^foo:/d' -i /etc/group
+sed -e '/^foo:/d' -i /etc/gshadow
+echo "OK"
+
+echo -n "Change the user's UID to reuse foo's (usermod -u 1000 bar)..."
+usermod -u 1000 bar
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl data/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+
+faillog > tmp/faillog.out2
+
+echo "faillog:"
+echo "======================================================================="
+cat tmp/faillog.out2
+echo "======================================================================="
+
+echo -n "Check the faillog message..."
+c=$(cat tmp/faillog.out2 | wc -c)
+test $c = "0"
+echo "empty faillog OK."
+rm -f tmp/faillog.out2
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config.txt b/tests/usertools/usermod/44_usermod-l_move_mailbox/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/default/useradd b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/group b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/gshadow b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/passwd b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/shadow b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/data/mailbox.perms b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/mailbox.perms
new file mode 100644
index 0000000..92d36ea
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/mailbox.perms
@@ -0,0 +1 @@
+7 -rw-r--r-- bar:mail `/var/mail/bar'
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/data/passwd b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/passwd
new file mode 100644
index 0000000..656230a
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+bar:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/data/shadow b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/shadow
new file mode 100644
index 0000000..2fc3f9c
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/data/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/test b/tests/usertools/usermod/44_usermod-l_move_mailbox/test
new file mode 100644
index 0000000..fbcf12d
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/test
@@ -0,0 +1 @@
+toto
diff --git a/tests/usertools/usermod/44_usermod-l_move_mailbox/usermod.test b/tests/usertools/usermod/44_usermod-l_move_mailbox/usermod.test
new file mode 100755
index 0000000..dfd0ef9
--- /dev/null
+++ b/tests/usertools/usermod/44_usermod-l_move_mailbox/usermod.test
@@ -0,0 +1,57 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod move the mailbox if it exists"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /var/mail/foo /var/mail/bar' 0
+
+change_config
+
+echo -n "Create foo mailbox /var/mail/foo ..."
+echo foobar > /var/mail/foo
+chown foo:mail /var/mail/foo
+echo "OK"
+
+echo -n "Change the user's name (usermod -l bar foo)..."
+usermod -l bar foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl data/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that the new mailbox was created..."
+test -f /var/mail/bar
+echo "OK"
+echo -n "Check that the old mailbox was removed..."
+test ! -f /var/mail/foo
+echo "OK"
+echo -n "Check permissions of the mailbox..."
+stat --printf "%s %A %U:%G %N\n" /var/mail/bar | sort > tmp/mailbox.perms
+diff -rauN data/mailbox.perms tmp/mailbox.perms
+echo "OK"
+rm -f tmp/mailbox.perms
+
+rm -f /var/mail/bar
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config.txt b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/default/useradd b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/group b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/gshadow b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/passwd b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/shadow b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/mailbox.perms b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/mailbox.perms
new file mode 100644
index 0000000..52233be
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/mailbox.perms
@@ -0,0 +1 @@
+-rw-r--r-- foo:mail `/var/mail/foo'
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/passwd b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/passwd
new file mode 100644
index 0000000..174e4f6
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/usermod.test b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/usermod.test
new file mode 100755
index 0000000..3fb509b
--- /dev/null
+++ b/tests/usertools/usermod/45_usermod-u_change_mailbox_owner/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod changes the mailbox ownership"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /var/mail/foo' 0
+
+change_config
+
+echo -n "Create foo mailbox /var/mail/foo ..."
+touch /var/mail/foo
+chown foo:mail /var/mail/foo
+echo "OK"
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that the mailbox was moved..."
+test -f /var/mail/foo
+echo "OK"
+echo -n "Check permissions of the mailbox..."
+stat --printf "%A %U:%G %N\n" /var/mail/foo | sort > tmp/mailbox.perms
+diff -rauN data/mailbox.perms tmp/mailbox.perms
+echo "OK"
+rm -f tmp/mailbox.perms
+
+rm -f /var/mail/foo
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config.txt b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/default/useradd b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/group b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/group
new file mode 100644
index 0000000..7fca720
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/gshadow b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/gshadow
new file mode 100644
index 0000000..f735fda
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/passwd b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/passwd
new file mode 100644
index 0000000..6082b5f
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
+bar:x:1001:1001::/home/bar:/bin/false
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/shadow b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/shadow
new file mode 100644
index 0000000..5f73f33
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/config/etc/shadow
@@ -0,0 +1,21 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
+bar:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/mailbox.perms b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/mailbox.perms
new file mode 100644
index 0000000..2c8f112
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/mailbox.perms
@@ -0,0 +1 @@
+7 -rw-r--r-- bar:mail `/var/mail/foo'
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/passwd b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/passwd
new file mode 100644
index 0000000..138adcc
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/passwd
@@ -0,0 +1,21 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/false
+bar:x:1001:1001::/home/bar:/bin/false
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/usermod.err b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/usermod.err
new file mode 100644
index 0000000..8f67460
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/data/usermod.err
@@ -0,0 +1 @@
+usermod: warning: /var/mail/foo not owned by foo
diff --git a/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/usermod.test b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/usermod.test
new file mode 100755
index 0000000..ab57a79
--- /dev/null
+++ b/tests/usertools/usermod/46_usermod-u_checks_mailbox_owner/usermod.test
@@ -0,0 +1,63 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod checks the mailbox ownership"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /var/mail/foo' 0
+
+change_config
+
+echo -n "Create foo mailbox /var/mail/foo ..."
+echo foobar> /var/mail/foo
+chown bar:mail /var/mail/foo
+echo "OK"
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo 2>tmp/usermod.err
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "usage message OK."
+rm -f tmp/usermod.err
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that the mailbox was moved..."
+test -f /var/mail/foo
+echo "OK"
+echo -n "Check permissions of the mailbox..."
+stat --printf "%s %A %U:%G %N\n" /var/mail/foo | sort > tmp/mailbox.perms
+diff -rauN data/mailbox.perms tmp/mailbox.perms
+echo "OK"
+rm -f tmp/mailbox.perms
+
+rm -f /var/mail/foo
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config.txt b/tests/usertools/usermod/47_usermod-u_default_maildir/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/default/useradd b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/group b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/gshadow b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/login.defs b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/login.defs
new file mode 100644
index 0000000..901481e
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+#MAIL_DIR        /var/mail
+#MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/passwd b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/shadow b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/data/mailbox.perms b/tests/usertools/usermod/47_usermod-u_default_maildir/data/mailbox.perms
new file mode 100644
index 0000000..52233be
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/data/mailbox.perms
@@ -0,0 +1 @@
+-rw-r--r-- foo:mail `/var/mail/foo'
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/data/passwd b/tests/usertools/usermod/47_usermod-u_default_maildir/data/passwd
new file mode 100644
index 0000000..174e4f6
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/47_usermod-u_default_maildir/usermod.test b/tests/usertools/usermod/47_usermod-u_default_maildir/usermod.test
new file mode 100755
index 0000000..3fb509b
--- /dev/null
+++ b/tests/usertools/usermod/47_usermod-u_default_maildir/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod changes the mailbox ownership"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /var/mail/foo' 0
+
+change_config
+
+echo -n "Create foo mailbox /var/mail/foo ..."
+touch /var/mail/foo
+chown foo:mail /var/mail/foo
+echo "OK"
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that the mailbox was moved..."
+test -f /var/mail/foo
+echo "OK"
+echo -n "Check permissions of the mailbox..."
+stat --printf "%A %U:%G %N\n" /var/mail/foo | sort > tmp/mailbox.perms
+diff -rauN data/mailbox.perms tmp/mailbox.perms
+echo "OK"
+rm -f tmp/mailbox.perms
+
+rm -f /var/mail/foo
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config.txt b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config.txt
new file mode 100644
index 0000000..1a78b6c
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/default/useradd b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/group b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/group
new file mode 100644
index 0000000..a11bebe
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:root
+adm:x:4:root
+tty:x:5:
+disk:x:6:
+lp:x:7:root
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/gshadow b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/gshadow
new file mode 100644
index 0000000..272c4de
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::root
+adm:*::root
+tty:*::
+disk:*::
+lp:*::root
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/login.defs b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/login.defs
new file mode 100644
index 0000000..35665e0
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/login.defs
@@ -0,0 +1,335 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+# REQUIRED for useradd/userdel/usermod
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define MAIL_DIR and MAIL_FILE,
+#   MAIL_DIR takes precedence.
+#
+#   Essentially:
+#      - MAIL_DIR defines the location of users mail spool files
+#        (for mbox use) by appending the username to MAIL_DIR as defined
+#        below.
+#      - MAIL_FILE defines the location of the users mail spool files as the
+#        fully-qualified filename obtained by prepending the user home
+#        directory before $MAIL_FILE
+#
+# NOTE: This is no more used for setting up users MAIL environment variable
+#       which is, starting from shadow 4.0.12-1 in Debian, entirely the
+#       job of the pam_mail PAM modules
+#       See default PAM configuration files provided for
+#       login, su, etc.
+#
+# This is a temporary situation: setting these variables will soon
+# move to /etc/default/useradd and the variables will then be
+# no more supported
+#MAIL_DIR        /var/mail
+MAIL_FILE      .mail
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+# This option conflicts with the pam_tally PAM module.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# WARNING: Unknown usernames may become world readable. 
+# See #290803 and #298773 for details about how this could become a security
+# concern
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ENV_PATH	PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# In Debian /usr/bin/bsd-write or similar programs are setgid tty
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal
+
+# Users can still allow other people to write them by issuing 
+# the "mesg y" command.
+
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# 
+# UMASK is the default umask value for pam_umask and is used by
+# useradd and newusers to set the mode of the new home directories.
+# 022 is the "historical" value in Debian for UMASK
+# 027, or even 077, could be considered better for privacy
+# There is no One True Answer here : each sysadmin must make up his/her
+# mind.
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+#SYS_UID_MIN		  100
+#SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+#SYS_GID_MIN		  100
+#SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad. This will most likely be
+# overriden by PAM, since the default pam_unix module has it's own built
+# in of 3 retries. However, this is a safe fallback in case you are using
+# an authentication module that does not enforce PAM_MAXTRIES.
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# If set to yes, userdel will remove the user's group if it contains no
+# more members, and useradd will create by default a group with the name
+# of the user.
+#
+# Other former uses of this variable such as setting the umask when
+# user==primary group are not used in PAM environments, such as Debian
+#
+USERGROUPS_ENAB yes
+
+#
+# Instead of the real user shell, the program specified by this parameter
+# will be launched, although its visible name (argv[0]) will be the shell's.
+# The program may do whatever it wants (logging, additional authentification,
+# banner, ...) before running the actual shell.
+#
+# FAKE_SHELL /bin/fakeshell
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+# This variable is used by login and su.
+#
+#CONSOLE	/etc/consoles
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# This variable is used by login and su.
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: It is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+#ENCRYPT_METHOD DES
+
+#
+# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+################# OBSOLETED BY PAM ##############
+#						#
+# These options are now handled by PAM. Please	#
+# edit the appropriate file in /etc/pam.d/ to	#
+# enable the equivelants of them.
+#
+###############
+
+#MOTD_FILE
+#DIALUPS_CHECK_ENAB
+#LASTLOG_ENAB
+#MAIL_CHECK_ENAB
+#OBSCURE_CHECKS_ENAB
+#PORTTIME_CHECKS_ENAB
+#SU_WHEEL_ONLY
+#CRACKLIB_DICTPATH
+#PASS_CHANGE_TRIES
+#PASS_ALWAYS_WARN
+#ENVIRON_FILE
+#NOLOGINS_FILE
+#ISSUE_FILE
+#PASS_MIN_LEN
+#PASS_MAX_LEN
+#ULIMIT
+#ENV_HZ
+#CHFN_AUTH
+#CHSH_AUTH
+#FAIL_DELAY
+
+################# OBSOLETED #######################
+#						  #
+# These options are no more handled by shadow.    #
+#                                                 #
+# Shadow utilities will display a warning if they #
+# still appear.                                   #
+#                                                 #
+###################################################
+
+# CLOSE_SESSIONS
+# LOGIN_STRING
+# NO_PASSWORD_CONSOLE
+# QMAIL_DIR
+
+
+
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/passwd b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/shadow b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/mailbox.perms b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/mailbox.perms
new file mode 100644
index 0000000..9e78a91
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/mailbox.perms
@@ -0,0 +1 @@
+-rw-r--r-- UNKNOWN:mail `/var/mail/foo'
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/passwd b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/passwd
new file mode 100644
index 0000000..174e4f6
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:4242:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/48_usermod-u_MAIL_FILE/usermod.test b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/usermod.test
new file mode 100755
index 0000000..3fb509b
--- /dev/null
+++ b/tests/usertools/usermod/48_usermod-u_MAIL_FILE/usermod.test
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod changes the mailbox ownership"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -f /var/mail/foo' 0
+
+change_config
+
+echo -n "Create foo mailbox /var/mail/foo ..."
+touch /var/mail/foo
+chown foo:mail /var/mail/foo
+echo "OK"
+
+echo -n "Change the user's UID (usermod -u 4242 foo)..."
+usermod -u 4242 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that the mailbox was moved..."
+test -f /var/mail/foo
+echo "OK"
+echo -n "Check permissions of the mailbox..."
+stat --printf "%A %U:%G %N\n" /var/mail/foo | sort > tmp/mailbox.perms
+diff -rauN data/mailbox.perms tmp/mailbox.perms
+echo "OK"
+rm -f tmp/mailbox.perms
+
+rm -f /var/mail/foo
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config.txt b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config.txt
new file mode 100644
index 0000000..b337f3f
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config.txt
@@ -0,0 +1 @@
+user foo exists, UID 1000, home directory: /home/foo
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/default/useradd b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/group b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/group
new file mode 100644
index 0000000..65ffe60
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/gshadow b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/passwd b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/shadow b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/home_ls-a b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/home_ls-a
new file mode 100644
index 0000000..654c2be
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/home_ls-a
@@ -0,0 +1,12 @@
+-rw-r--r-- 0:1001 `/home/foo2/uroot'
+-rw-r--r-- 1000:0 `/home/foo2/groot'
+-rw-r--r-- 1000:1001 `/home/foo2/.tata'
+-rw-r--r-- 1000:1001 `/home/foo2/.tyty'
+-rw-r--r-- 1000:1001 `/home/foo2/profile2'
+-rw-r--r-- 1000:1001 `/home/foo2/toto'
+-rw-r--r-- 1000:1001 `/home/foo2/tyty'
+crw-r--r-- 1000:1001 `/home/foo2/null'
+drwxr-xr-x 0:0 `/home/foo2/..'
+drwxr-xr-x 1000:1001 `/home/foo2/.'
+drwxr-xr-x 1000:1001 `/home/foo2/titi'
+lrwxrwxrwx 1000:1001 `/home/foo2/tutu' -> `/tmp/home/foo2/toto'
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/passwd b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/passwd
new file mode 100644
index 0000000..b966e61
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1001::/tmp/home/foo2:/bin/false
diff --git a/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/usermod.test b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/usermod.test
new file mode 100755
index 0000000..9a42e8d
--- /dev/null
+++ b/tests/usertools/usermod/49_usermod_change_gid+move_homedir_other_device/usermod.test
@@ -0,0 +1,87 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can move the user's home directory, over a new device and changes the owner of the user's file"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2; umount /tmp/home; rmdir /tmp/home' 0
+
+change_config
+
+mkdir /home/foo
+mkdir /home/foo/titi
+echo toto > /home/foo/toto
+echo tyty > /home/foo/tyty
+ln /home/foo/toto /home/foo/.tata
+ln /home/foo/tyty /home/foo/.tyty
+ln -s /home/foo/toto /home/foo/tutu
+mknod /home/foo/null c 1 3
+ln /etc/profile /home/foo/profile2
+echo root > /home/foo/uroot
+echo root > /home/foo/groot
+chown -R foo:foo /home/foo
+chown root /home/foo/uroot
+chgrp root /home/foo/groot
+stat --printf "%A %u:%g %N\n" /home/foo/* /home/foo/.* 2>/dev/null | sort
+
+mkdir /tmp/home
+mount --bind /home /tmp/home
+
+echo -n "Change the user's home directory (usermod -m -d /tmp/home/foo2 -g 1001 foo ..."
+usermod -m -d /tmp/home/foo2 -g 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was removed..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check the user's home directory was moved..."
+test -d /home/foo2
+echo "OK"
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %u:%g %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+echo -n "Check that hardlink to another homedir file remains a hardlink..."
+dev_ino=$(stat --printf "%d-%i" /home/foo2/toto)
+dev_ino2=$(stat --printf "%d-%i" /home/foo2/.tata)
+test "$dev_ino" = "$dev_ino2"
+echo "OK"
+echo -n "Check hardlink to outside the homedir..."
+dev_ino=$(stat --printf "%d-%i" /etc/profile)
+dev_ino2=$(stat --printf "%d-%i" /home/foo2/profile2)
+echo "$dev_ino" != "$dev_ino2"
+#test "$dev_ino" = "$dev_ino2"
+echo "NOT IMPLEMENTED"
+rm -f tmp/home_ls-a
+
+echo -n "Remove the new home directory..."
+rm -rf /home/foo2
+echo "done"
+
+umount /tmp/home
+rmdir /tmp/home
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config.txt b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/default/useradd b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/group b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/gshadow b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/passwd b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/shadow b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/home_ls-a b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/home_ls-a
new file mode 100644
index 0000000..161c30f
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/home_ls-a
@@ -0,0 +1,5 @@
+-rw-r--r-- foo:foo `/home/foo2/toto'
+-rw-r--r-- foo:root `/home/foo2/groot'
+-rw-r--r-- root:foo `/home/foo2/uroot'
+drwxr-xr-x foo:foo `/home/foo2/.'
+drwxr-xr-x root:root `/home/foo2/..'
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/passwd b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/passwd
new file mode 100644
index 0000000..6074624
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1001:1000::/home/foo2:/bin/false
diff --git a/tests/usertools/usermod/50_usermod_change_uid+move_homedir/usermod.test b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/usermod.test
new file mode 100755
index 0000000..6ac347c
--- /dev/null
+++ b/tests/usertools/usermod/50_usermod_change_uid+move_homedir/usermod.test
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can move the user's home directory"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2' 0
+
+change_config
+
+mkdir /home/foo
+echo toto > /home/foo/toto
+echo root > /home/foo/uroot
+echo root > /home/foo/groot
+chown -R foo:foo /home/foo
+chown root /home/foo/uroot
+chgrp root /home/foo/groot
+
+echo -n "Change the user's home directory (usermod -m -d /home/foo2 -u 1001 foo)..."
+usermod -m -d /home/foo2 -u 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was removed..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check the user's home directory was moved..."
+test -d /home/foo2
+echo "OK"
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %U:%G %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+rm -f tmp/home_ls-a
+
+echo -n "Remove the new home directory..."
+rm -rf /home/foo2
+echo "done"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config.txt b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/default/useradd b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/group b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/group
new file mode 100644
index 0000000..65ffe60
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/group
@@ -0,0 +1,43 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
+bar:x:1001:
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/gshadow b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/gshadow
new file mode 100644
index 0000000..d8aa8ad
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/gshadow
@@ -0,0 +1,43 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
+bar:*::
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/passwd b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/shadow b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/home_ls-a b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/home_ls-a
new file mode 100644
index 0000000..74d7ab0
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/home_ls-a
@@ -0,0 +1,3 @@
+-rw-r--r-- foo:bar `/home/foo2/toto'
+drwxr-xr-x foo:bar `/home/foo2/.'
+drwxr-xr-x root:root `/home/foo2/..'
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/passwd b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/passwd
new file mode 100644
index 0000000..676b112
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1001::/home/foo2:/bin/false
diff --git a/tests/usertools/usermod/51_usermod_change_gid+move_homedir/usermod.test b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/usermod.test
new file mode 100755
index 0000000..6bc87f3
--- /dev/null
+++ b/tests/usertools/usermod/51_usermod_change_gid+move_homedir/usermod.test
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can move the user's home directory and change the group permissions"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2' 0
+
+change_config
+
+mkdir /home/foo
+echo toto > /home/foo/toto
+chown -R foo:foo /home/foo
+
+echo -n "Change the user's home directory (usermod -m -d /home/foo2 -g 1001 foo)..."
+usermod -m -d /home/foo2 -g 1001 foo
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check the user's home directory was removed..."
+test ! -d /home/foo
+echo "OK"
+echo -n "Check the user's home directory was moved..."
+test -d /home/foo2
+echo "OK"
+echo -n "Check content of /tmp/test-newusers..."
+stat --printf "%A %U:%G %N\n" /home/foo2/* /home/foo2/.* 2>/dev/null | sort > tmp/home_ls-a
+diff -rauN data/home_ls-a tmp/home_ls-a
+echo "OK"
+rm -f tmp/home_ls-a
+
+echo -n "Remove the new home directory..."
+rm -rf /home/foo2
+echo "done"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config.txt b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config.txt
new file mode 100644
index 0000000..4b5baab
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config.txt
@@ -0,0 +1 @@
+user foo exists
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/default/useradd b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/default/useradd
new file mode 100644
index 0000000..31c44ab
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/default/useradd
@@ -0,0 +1,36 @@
+# Default values for useradd(8)
+#
+# The SHELL variable specifies the default login shell on your
+# system.
+# Similar to DHSELL in adduser. However, we use "sh" here because
+# useradd is a low level utility and should be as general
+# as possible
+SHELL=/bin/foobar
+#
+# The default group for users
+# 100=users on Debian systems
+# Same as USERS_GID in adduser
+# This argument is used when the -n flag is specified.
+# The default behavior (when -n and -g are not specified) is to create a
+# primary user group with the same name as the user being added to the
+# system.
+GROUP=10
+#
+# The default home directory. Same as DHOME for adduser
+HOME=/tmp
+#
+# The number of days after a password expires until the account 
+# is permanently disabled
+INACTIVE=12
+#
+# The default expire date
+EXPIRE=2007-12-02
+#
+# The SKEL variable specifies the directory containing "skeletal" user
+# files; in other words, files such as a sample .profile that will be
+# copied to the new user's home directory when it is created.
+# SKEL=/etc/skel
+#
+# Defines whether the mail spool should be created while
+# creating the account
+# CREATE_MAIL_SPOOL=yes
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/group b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/group
new file mode 100644
index 0000000..5051825
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/group
@@ -0,0 +1,42 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:
+mail:x:8:
+news:x:9:
+uucp:x:10:
+man:x:12:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+sasl:x:45:
+plugdev:x:46:
+staff:x:50:
+games:x:60:
+users:x:100:foo
+nogroup:x:65534:
+crontab:x:101:
+Debian-exim:x:102:
+foo:x:1000:
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/gshadow b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/gshadow
new file mode 100644
index 0000000..5042e58
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/gshadow
@@ -0,0 +1,42 @@
+root:*::
+daemon:*::
+bin:*::
+sys:*::
+adm:*::
+tty:*::
+disk:*::
+lp:*::
+mail:*::
+news:*::
+uucp:*::
+man:*::
+proxy:*::
+kmem:*::
+dialout:*::
+fax:*::
+voice:*::
+cdrom:*::
+floppy:*::
+tape:*::
+sudo:*::
+audio:*::
+dip:*::
+www-data:*::
+backup:*::
+operator:*::
+list:*::
+irc:*::
+src:*::
+gnats:*::
+shadow:*::
+utmp:*::
+video:*::
+sasl:*::
+plugdev:*::
+staff:*::
+games:*::
+users:*::
+nogroup:*::
+crontab:x::
+Debian-exim:x::
+foo:*::
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/passwd b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/passwd
new file mode 100644
index 0000000..bf52df0
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo:/bin/false
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/shadow b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/shadow
new file mode 100644
index 0000000..2baad3b
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/config/etc/shadow
@@ -0,0 +1,20 @@
+root:$1$NBLBLIXb$WUgojj1bNuxWEADQGt1m9.:12991:0:99999:7:::
+daemon:*:12977:0:99999:7:::
+bin:*:12977:0:99999:7:::
+sys:*:12977:0:99999:7:::
+sync:*:12977:0:99999:7:::
+games:*:12977:0:99999:7:::
+man:*:12977:0:99999:7:::
+lp:*:12977:0:99999:7:::
+mail:*:12977:0:99999:7:::
+news:*:12977:0:99999:7:::
+uucp:*:12977:0:99999:7:::
+proxy:*:12977:0:99999:7:::
+www-data:*:12977:0:99999:7:::
+backup:*:12977:0:99999:7:::
+list:*:12977:0:99999:7:::
+irc:*:12977:0:99999:7:::
+gnats:*:12977:0:99999:7:::
+nobody:*:12977:0:99999:7:::
+Debian-exim:!:12977:0:99999:7:::
+foo:!:12977:0:99999:7:::
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a
new file mode 100644
index 0000000..62a6381
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a
@@ -0,0 +1,3 @@
+-rw-r--r-- foo:foo `/home/foo/toto'
+drwxr-xr-x foo:foo `/home/foo/.'
+drwxr-xr-x root:root `/home/foo/..'
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a2 b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a2
new file mode 100644
index 0000000..e69e95d
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/home_ls-a2
@@ -0,0 +1,2 @@
+drwxr-xr-x root:root `/home/foo2/.'
+drwxr-xr-x root:root `/home/foo2/..'
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/passwd b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/passwd
new file mode 100644
index 0000000..9da880b
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/passwd
@@ -0,0 +1,20 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+Debian-exim:x:102:102::/var/spool/exim4:/bin/false
+foo:x:1000:1000::/home/foo3:/bin/false
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/usermod.err b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/usermod.err
new file mode 100644
index 0000000..c8f9de2
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/data/usermod.err
@@ -0,0 +1 @@
+usermod: directory /home/foo could not be moved
diff --git a/tests/usertools/usermod/52_usermod_move_homedir_symlink/usermod.test b/tests/usertools/usermod/52_usermod_move_homedir_symlink/usermod.test
new file mode 100755
index 0000000..8bd0fd0
--- /dev/null
+++ b/tests/usertools/usermod/52_usermod_move_homedir_symlink/usermod.test
@@ -0,0 +1,75 @@
+#!/bin/sh
+
+set -e
+
+cd $(dirname $0)
+
+. ../../../common/config.sh
+. ../../../common/log.sh
+
+log_start "$0" "usermod can't move the user's home directory when it's a symlink"
+
+save_config
+
+# restore the files on exit
+trap 'log_status "$0" "FAILURE"; restore_config; rm -rf /home/foo /home/foo2/file /home/foo2' 0
+
+change_config
+
+mkdir /home/foo2
+echo toto > /home/foo2/file
+ln -s foo2 /home/foo
+chown -R foo:foo /home/foo /home/foo2
+
+echo -n "Change the user's home directory (usermod -m -d /home/foo2 foo)..."
+usermod -m -d /home/foo3 foo 2>tmp/usermod.err && exit 1 || {
+	status=$?
+}
+echo "OK"
+
+echo -n "Check returned status ($status)..."
+test "$status" = "12"
+echo "OK"
+
+echo "usermod reported:"
+echo "======================================================================="
+cat tmp/usermod.err
+echo "======================================================================="
+echo -n "Check the usage message..."
+diff -au data/usermod.err tmp/usermod.err
+echo "usage message OK."
+rm -f tmp/usermod.err
+
+echo "OK"
+
+echo -n "Check the passwd file..."
+../../../common/compare_file.pl data/passwd /etc/passwd
+echo "OK"
+echo -n "Check the group file..."
+../../../common/compare_file.pl config/etc/group /etc/group
+echo "OK"
+echo -n "Check the shadow file..."
+../../../common/compare_file.pl config/etc/shadow /etc/shadow
+echo "OK"
+echo -n "Check the gshadow file..."
+../../../common/compare_file.pl config/etc/gshadow /etc/gshadow
+echo "OK"
+echo -n "Check that /home/foo is still a symlink..."
+test -L /home/foo
+echo "OK"
+echo -n "Check that /home/foo2 was not removed..."
+test -d /home/foo2
+test -f /home/foo2/file
+echo "OK"
+echo -n "Check that /home/foo3 was not created..."
+test ! -f /home/foo3
+echo "OK"
+
+echo -n "Remove the home directories..."
+rm -rf /home/foo /home/foo2
+echo "done"
+
+log_status "$0" "SUCCESS"
+restore_config
+trap '' 0
+